From 0a509561bb0dd1ed7adfc41d90fdce78966ec8e0 Mon Sep 17 00:00:00 2001 From: Isaac Connor Date: Tue, 13 Nov 2018 20:53:14 -0500 Subject: [PATCH 001/922] allow libavresample-dev --- distros/ubuntu1604/control | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/distros/ubuntu1604/control b/distros/ubuntu1604/control index 68bc1757f..475214f10 100644 --- a/distros/ubuntu1604/control +++ b/distros/ubuntu1604/control @@ -10,7 +10,7 @@ Build-Depends: debhelper (>= 9), dh-systemd, python-sphinx | python3-sphinx, apa ,libavcodec-dev (>= 6:10~) ,libavformat-dev (>= 6:10~) ,libavutil-dev (>= 6:10~) - ,libswresample-dev + ,libswresample-dev | libavresample-dev ,libswscale-dev (>= 6:10~) ,ffmpeg | libav-tools ,net-tools From 7671f59d2fdb6d29c7e9690e145a19632b625a44 Mon Sep 17 00:00:00 2001 From: Isaac Connor Date: Tue, 9 Apr 2019 12:27:40 -0400 Subject: [PATCH 002/922] Add error counting on decoding --- src/zm_ffmpeg_camera.cpp | 6 ++++++ 1 file changed, 6 insertions(+) diff --git a/src/zm_ffmpeg_camera.cpp b/src/zm_ffmpeg_camera.cpp index 152f426f2..dc2a32475 100644 --- a/src/zm_ffmpeg_camera.cpp +++ b/src/zm_ffmpeg_camera.cpp @@ -947,9 +947,15 @@ int FfmpegCamera::CaptureAndRecord( Image &image, timeval recording, char* event if ( ret < 0 ) { av_strerror(ret, errbuf, AV_ERROR_MAX_STRING_SIZE); Warning("Unable to receive frame %d: %s, continuing", frameCount, errbuf); + error_count += 1; + if ( error_count > 100 ) { + Error("Error count over 100, going to close and re-open stream"); + return -1; + } zm_av_packet_unref(&packet); continue; } + if ( error_count > 0 ) error_count --; #if HAVE_AVUTIL_HWCONTEXT_H } From 293ec20824f4f7734208041167a7aa7cea2a3d37 Mon Sep 17 00:00:00 2001 From: Isaac Connor Date: Mon, 15 Apr 2019 17:54:17 -0400 Subject: [PATCH 003/922] Must unlock mutex before destructor as we do some logging in the mutex destructor when we destroy it while locked. --- src/zm_logger.cpp | 1 + 1 file changed, 1 insertion(+) diff --git a/src/zm_logger.cpp b/src/zm_logger.cpp index 229e16aa4..2089fecc3 100644 --- a/src/zm_logger.cpp +++ b/src/zm_logger.cpp @@ -572,6 +572,7 @@ void Logger::logPrint( bool hex, const char * const filepath, const int line, co free(filecopy); if ( level <= FATAL ) { + log_mutex.unlock(); logTerm(); zmDbClose(); if ( level <= PANIC ) From 98a9c68b8bf8802c9301839370d18ec818b5afff Mon Sep 17 00:00:00 2001 From: Isaac Connor Date: Mon, 15 Apr 2019 17:54:30 -0400 Subject: [PATCH 004/922] spacing and code documentation --- src/zm_monitor.cpp | 19 +++++++++++-------- 1 file changed, 11 insertions(+), 8 deletions(-) diff --git a/src/zm_monitor.cpp b/src/zm_monitor.cpp index 7d7a09d94..5240393c3 100644 --- a/src/zm_monitor.cpp +++ b/src/zm_monitor.cpp @@ -1544,6 +1544,7 @@ bool Monitor::Analyse() { } // end if false or config.overlap_timed_events } // end if ! event } // end if ( (!signal_change && signal) && (function == RECORD || function == MOCORD) ) { + if ( score ) { if ( state == IDLE || state == TAPE || state == PREALARM ) { if ( (!pre_event_count) || (Event::PreAlarmCount() >= alarm_frame_count) ) { @@ -1592,15 +1593,16 @@ bool Monitor::Analyse() { } event = new Event(this, *(image_buffer[pre_index].timestamp), cause, noteSetMap); - } + } // end if analysis_fps && pre_event_count + shared_data->last_event = event->Id(); // lets construct alarm cause. It will contain cause + names of zones alarmed - std::string alarm_cause=""; - for ( int i=0; i < n_zones; i++) { - if (zones[i]->Alarmed()) { + std::string alarm_cause = ""; + for ( int i=0; i < n_zones; i++ ) { + if ( zones[i]->Alarmed() ) { alarm_cause += std::string(zones[i]->Label()); - if (i < n_zones-1) { - alarm_cause +=","; + if ( i < n_zones-1 ) { + alarm_cause += ","; } } } @@ -1641,7 +1643,7 @@ bool Monitor::Analyse() { shared_data->state = state = ALARM; } last_alarm_count = image_count; - } else { + } else { // not score if ( state == ALARM ) { Info("%s: %03d - Gone into alert state", name, image_count); shared_data->state = state = ALERT; @@ -1670,7 +1672,8 @@ bool Monitor::Analyse() { } if ( Event::PreAlarmCount() ) Event::EmptyPreAlarmFrames(); - } + } // end if score or not + if ( state != IDLE ) { if ( state == PREALARM || state == ALARM ) { if ( config.create_analysis_images ) { From 2ff1e7ed6d3fc5495ab370c20fcf73bd25873005 Mon Sep 17 00:00:00 2001 From: Isaac Connor Date: Tue, 16 Apr 2019 11:30:18 -0400 Subject: [PATCH 005/922] Fix crash when reporting an event longer than section length when event was just closed so event is null. --- src/zm_monitor.cpp | 28 +++++++++++++++------------- 1 file changed, 15 insertions(+), 13 deletions(-) diff --git a/src/zm_monitor.cpp b/src/zm_monitor.cpp index 5240393c3..204284cd5 100644 --- a/src/zm_monitor.cpp +++ b/src/zm_monitor.cpp @@ -1715,20 +1715,22 @@ bool Monitor::Analyse() { else event->AddFrame(snap_image, *timestamp, score); } - if ( event && noteSetMap.size() > 0 ) - event->updateNotes(noteSetMap); + if ( event ) { + if ( noteSetMap.size() > 0 ) + event->updateNotes(noteSetMap); - if ( section_length - && ( ( timestamp->tv_sec - video_store_data->recording.tv_sec ) >= section_length ) - && ! (image_count % fps_report_interval) - ) { - Warning("%s: %03d - event %" PRIu64 ", has exceeded desired section length. %d - %d = %d >= %d", - name, image_count, event->Id(), - timestamp->tv_sec, video_store_data->recording.tv_sec, - timestamp->tv_sec - video_store_data->recording.tv_sec, - section_length - ); - } + if ( section_length + && ( ( timestamp->tv_sec - video_store_data->recording.tv_sec ) >= section_length ) + && ! (image_count % fps_report_interval) + ) { + Warning("%s: %03d - event %" PRIu64 ", has exceeded desired section length. %d - %d = %d >= %d", + name, image_count, event->Id(), + timestamp->tv_sec, video_store_data->recording.tv_sec, + timestamp->tv_sec - video_store_data->recording.tv_sec, + section_length + ); + } + } // end if event } else if ( state == ALERT ) { event->AddFrame(snap_image, *timestamp); From 22adb243ec1d679fb85d55cbcf7cb1a48a61b1ed Mon Sep 17 00:00:00 2001 From: Isaac Connor Date: Tue, 16 Apr 2019 11:30:18 -0400 Subject: [PATCH 006/922] Fix crash when reporting an event longer than section length when event was just closed so event is null. --- src/zm_monitor.cpp | 28 +++++++++++++++------------- 1 file changed, 15 insertions(+), 13 deletions(-) diff --git a/src/zm_monitor.cpp b/src/zm_monitor.cpp index 7d7a09d94..09aaeeb87 100644 --- a/src/zm_monitor.cpp +++ b/src/zm_monitor.cpp @@ -1712,20 +1712,22 @@ bool Monitor::Analyse() { else event->AddFrame(snap_image, *timestamp, score); } - if ( event && noteSetMap.size() > 0 ) - event->updateNotes(noteSetMap); + if ( event ) { + if ( noteSetMap.size() > 0 ) + event->updateNotes(noteSetMap); - if ( section_length - && ( ( timestamp->tv_sec - video_store_data->recording.tv_sec ) >= section_length ) - && ! (image_count % fps_report_interval) - ) { - Warning("%s: %03d - event %" PRIu64 ", has exceeded desired section length. %d - %d = %d >= %d", - name, image_count, event->Id(), - timestamp->tv_sec, video_store_data->recording.tv_sec, - timestamp->tv_sec - video_store_data->recording.tv_sec, - section_length - ); - } + if ( section_length + && ( ( timestamp->tv_sec - video_store_data->recording.tv_sec ) >= section_length ) + && ! (image_count % fps_report_interval) + ) { + Warning("%s: %03d - event %" PRIu64 ", has exceeded desired section length. %d - %d = %d >= %d", + name, image_count, event->Id(), + timestamp->tv_sec, video_store_data->recording.tv_sec, + timestamp->tv_sec - video_store_data->recording.tv_sec, + section_length + ); + } + } // end if event } else if ( state == ALERT ) { event->AddFrame(snap_image, *timestamp); From 70ed4a46469c97fdce46a911ae4a006f3aa8f565 Mon Sep 17 00:00:00 2001 From: Isaac Connor Date: Mon, 15 Apr 2019 17:54:17 -0400 Subject: [PATCH 007/922] Must unlock mutex before destructor as we do some logging in the mutex destructor when we destroy it while locked. --- src/zm_logger.cpp | 1 + 1 file changed, 1 insertion(+) diff --git a/src/zm_logger.cpp b/src/zm_logger.cpp index 229e16aa4..2089fecc3 100644 --- a/src/zm_logger.cpp +++ b/src/zm_logger.cpp @@ -572,6 +572,7 @@ void Logger::logPrint( bool hex, const char * const filepath, const int line, co free(filecopy); if ( level <= FATAL ) { + log_mutex.unlock(); logTerm(); zmDbClose(); if ( level <= PANIC ) From 5b68ddcc9a5713064de9567b87e22280952b3a29 Mon Sep 17 00:00:00 2001 From: Isaac Connor Date: Wed, 17 Apr 2019 09:55:34 -0400 Subject: [PATCH 008/922] add a note deprecating getDiskPercent --- web/api/app/Controller/HostController.php | 1 + 1 file changed, 1 insertion(+) diff --git a/web/api/app/Controller/HostController.php b/web/api/app/Controller/HostController.php index 05b2ed3fa..2980902c3 100644 --- a/web/api/app/Controller/HostController.php +++ b/web/api/app/Controller/HostController.php @@ -95,6 +95,7 @@ class HostController extends AppController { // If $mid is set, only return disk usage for that monitor // Else, return an array of total disk usage, and per-monitor // usage. + // This function is deprecated. Use the Storage object or monitor object instead function getDiskPercent($mid = null) { $this->loadModel('Config'); $this->loadModel('Monitor'); From 6923382485133b63e3c0d1d44b4f71dcf3e380e4 Mon Sep 17 00:00:00 2001 From: Pliable Pixels Date: Wed, 17 Apr 2019 13:33:38 -0400 Subject: [PATCH 009/922] Alarm cause fix (#2580) * move alarm cause code to when the alarm flag is set * formatting * added temp info log * char* not string in log --- src/zm_monitor.cpp | 26 ++++++++++++++------------ 1 file changed, 14 insertions(+), 12 deletions(-) diff --git a/src/zm_monitor.cpp b/src/zm_monitor.cpp index 09aaeeb87..ab3cd13d3 100644 --- a/src/zm_monitor.cpp +++ b/src/zm_monitor.cpp @@ -1550,6 +1550,19 @@ bool Monitor::Analyse() { Info("%s: %03d - Gone into alarm state PreAlarmCount: %u > AlarmFrameCount:%u", name, image_count, Event::PreAlarmCount(), alarm_frame_count); shared_data->state = state = ALARM; + // lets construct alarm cause. It will contain cause + names of zones alarmed + std::string alarm_cause=""; + for ( int i=0; i < n_zones; i++) { + if (zones[i]->Alarmed()) { + alarm_cause += std::string(zones[i]->Label()); + if (i < n_zones-1) { + alarm_cause +=","; + } + } + } + alarm_cause = cause+" "+alarm_cause; + strncpy(shared_data->alarm_cause,alarm_cause.c_str(), sizeof(shared_data->alarm_cause)-1); + Info ("Recorded alarm cause as: %s", alarm_cause.c_str()); if ( signal_change || (function != MOCORD && state != ALERT) ) { int pre_index; int pre_event_images = pre_event_count; @@ -1594,18 +1607,7 @@ bool Monitor::Analyse() { event = new Event(this, *(image_buffer[pre_index].timestamp), cause, noteSetMap); } shared_data->last_event = event->Id(); - // lets construct alarm cause. It will contain cause + names of zones alarmed - std::string alarm_cause=""; - for ( int i=0; i < n_zones; i++) { - if (zones[i]->Alarmed()) { - alarm_cause += std::string(zones[i]->Label()); - if (i < n_zones-1) { - alarm_cause +=","; - } - } - } - alarm_cause = cause+" "+alarm_cause; - strncpy(shared_data->alarm_cause,alarm_cause.c_str(), sizeof(shared_data->alarm_cause)-1); + //set up video store data snprintf(video_store_data->event_file, sizeof(video_store_data->event_file), "%s", event->getEventFile()); video_store_data->recording = event->StartTime(); From eb76cd87bbe959e6e8f334bd749f55a17fd06c67 Mon Sep 17 00:00:00 2001 From: Isaac Connor Date: Wed, 17 Apr 2019 13:53:11 -0400 Subject: [PATCH 010/922] Revert "Alarm cause fix (#2580)" (#2581) This reverts commit 6923382485133b63e3c0d1d44b4f71dcf3e380e4. --- src/zm_monitor.cpp | 26 ++++++++++++-------------- 1 file changed, 12 insertions(+), 14 deletions(-) diff --git a/src/zm_monitor.cpp b/src/zm_monitor.cpp index ab3cd13d3..09aaeeb87 100644 --- a/src/zm_monitor.cpp +++ b/src/zm_monitor.cpp @@ -1550,19 +1550,6 @@ bool Monitor::Analyse() { Info("%s: %03d - Gone into alarm state PreAlarmCount: %u > AlarmFrameCount:%u", name, image_count, Event::PreAlarmCount(), alarm_frame_count); shared_data->state = state = ALARM; - // lets construct alarm cause. It will contain cause + names of zones alarmed - std::string alarm_cause=""; - for ( int i=0; i < n_zones; i++) { - if (zones[i]->Alarmed()) { - alarm_cause += std::string(zones[i]->Label()); - if (i < n_zones-1) { - alarm_cause +=","; - } - } - } - alarm_cause = cause+" "+alarm_cause; - strncpy(shared_data->alarm_cause,alarm_cause.c_str(), sizeof(shared_data->alarm_cause)-1); - Info ("Recorded alarm cause as: %s", alarm_cause.c_str()); if ( signal_change || (function != MOCORD && state != ALERT) ) { int pre_index; int pre_event_images = pre_event_count; @@ -1607,7 +1594,18 @@ bool Monitor::Analyse() { event = new Event(this, *(image_buffer[pre_index].timestamp), cause, noteSetMap); } shared_data->last_event = event->Id(); - + // lets construct alarm cause. It will contain cause + names of zones alarmed + std::string alarm_cause=""; + for ( int i=0; i < n_zones; i++) { + if (zones[i]->Alarmed()) { + alarm_cause += std::string(zones[i]->Label()); + if (i < n_zones-1) { + alarm_cause +=","; + } + } + } + alarm_cause = cause+" "+alarm_cause; + strncpy(shared_data->alarm_cause,alarm_cause.c_str(), sizeof(shared_data->alarm_cause)-1); //set up video store data snprintf(video_store_data->event_file, sizeof(video_store_data->event_file), "%s", event->getEventFile()); video_store_data->recording = event->StartTime(); From 41cadf3a007e38f9dfaea4c9ac39df6a6445eed9 Mon Sep 17 00:00:00 2001 From: Alex Fornuto Date: Thu, 18 Apr 2019 18:51:06 -0500 Subject: [PATCH 011/922] Update Debian Instructions When downloading the repository GPG key, `wget` does not require `sudo`. The root permissions required are provided by `sudo` after the pipe. --- docs/installationguide/debian.rst | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/docs/installationguide/debian.rst b/docs/installationguide/debian.rst index 9f26411e0..a6a27aa19 100644 --- a/docs/installationguide/debian.rst +++ b/docs/installationguide/debian.rst @@ -65,7 +65,7 @@ Because ZoneMinder's package repository provides a secure connection through HTT Finally, download the GPG key for ZoneMinder's repository: :: - sudo wget -O - https://zmrepo.zoneminder.com/debian/archive-keyring.gpg | sudo apt-key add - + wget -O - https://zmrepo.zoneminder.com/debian/archive-keyring.gpg | sudo apt-key add - **Step 5:** Install ZoneMinder From 8195c4e395642655198b87aa1703b09b398e580f Mon Sep 17 00:00:00 2001 From: =?UTF-8?q?Javier=20Gonz=C3=A1lez=20Calleja?= Date: Sat, 20 Apr 2019 17:19:27 +0200 Subject: [PATCH 012/922] Fixing video export view (#2585) --- web/skins/classic/views/video.php | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/web/skins/classic/views/video.php b/web/skins/classic/views/video.php index aab9278d6..ca4c46f4b 100644 --- a/web/skins/classic/views/video.php +++ b/web/skins/classic/views/video.php @@ -46,7 +46,7 @@ if ( isset($_REQUEST['scale']) ) else $scale = reScale(SCALE_BASE, $event['DefaultScale'], ZM_WEB_DEFAULT_SCALE); -$Event = new Event($event['Id']); +$Event = new ZM\Event($event['Id']); $eventPath = $Event->Path(); $videoFormats = array(); From 0d4651c2d60a18b73cddf5826a3f44b81fe8552b Mon Sep 17 00:00:00 2001 From: Steve Root Date: Tue, 23 Apr 2019 15:58:28 +0100 Subject: [PATCH 013/922] Update url to donate page (#2586) --- docs/userguide/introduction.rst | 2 +- web/lang/ba_ba.php | 2 +- web/lang/big5_big5.php | 2 +- web/lang/cn_zh.php | 2 +- web/lang/cs_cz.php | 2 +- web/lang/de_de.php | 2 +- web/lang/dk_dk.php | 2 +- web/lang/en_gb.php | 2 +- web/lang/es_ar.php | 2 +- web/lang/es_es.php | 2 +- web/lang/et_ee.php | 2 +- web/lang/fr_fr.php | 2 +- web/lang/he_il.php | 2 +- web/lang/hu_hu.php | 2 +- web/lang/it_it.php | 2 +- web/lang/ja_jp.php | 2 +- web/lang/nl_nl.php | 2 +- web/lang/pl_pl.php | 2 +- web/lang/pt_br.php | 2 +- web/lang/ro_ro.php | 2 +- web/lang/se_se.php | 2 +- 21 files changed, 21 insertions(+), 21 deletions(-) diff --git a/docs/userguide/introduction.rst b/docs/userguide/introduction.rst index 2d9985eb1..a6573a24d 100644 --- a/docs/userguide/introduction.rst +++ b/docs/userguide/introduction.rst @@ -11,4 +11,4 @@ A fast video interface core, a user-friendly and comprehensive PHP based web int The core of ZoneMinder is the capture and analysis of images and a highly configurable set of parameters that eliminate false positives whilst ensuring minimum loss of footage. For example, you can define a set of 'zones' for each camera of varying sensitivity and functionality. This eliminates zones that you don't wish to track or define areas that will alarm if various thresholds are exceeded in conjunction with other zones. -ZoneMinder is free under GPL License, but if you do find it useful, then please feel free to visit http://www.zoneminder.com/donate.html and help us fund our future improvements. +ZoneMinder is free under GPL License, but if you do find it useful, then please feel free to visit https://zoneminder.com/donate/ and help us fund our future improvements. diff --git a/web/lang/ba_ba.php b/web/lang/ba_ba.php index 02ad8e5f3..96a3ca4d1 100644 --- a/web/lang/ba_ba.php +++ b/web/lang/ba_ba.php @@ -294,7 +294,7 @@ $SLANG = array( 'Display' => 'Prikaz', 'Displaying' => 'Prikazujem', 'DonateAlready' => 'Ne, već sam napravio donaciju.', - 'DonateEnticement' => 'You\'ve been running ZoneMinder for a while now and hopefully are finding it a useful addition to your home or workplace security. Although ZoneMinder is, and will remain, free and open source, it costs money to develop and support. If you would like to help support future development and new features then please consider donating. Donating is, of course, optional but very much appreciated and you can donate as much or as little as you like.

If you would like to donate please select the option below or go to http://www.zoneminder.com/donate.html in your browser.

Thank you for using ZoneMinder and don\'t forget to visit the forums on ZoneMinder.com for support or suggestions about how to make your ZoneMinder experience even better.', + 'DonateEnticement' => 'You\'ve been running ZoneMinder for a while now and hopefully are finding it a useful addition to your home or workplace security. Although ZoneMinder is, and will remain, free and open source, it costs money to develop and support. If you would like to help support future development and new features then please consider donating. Donating is, of course, optional but very much appreciated and you can donate as much or as little as you like.

If you would like to donate please select the option below or go to https://zoneminder.com/donate/ in your browser.

Thank you for using ZoneMinder and don\'t forget to visit the forums on ZoneMinder.com for support or suggestions about how to make your ZoneMinder experience even better.', 'Donate' => 'Molimo donirajte', 'DonateRemindDay' => 'Ne još, podsjetime za 1 dan', 'DonateRemindHour' => 'Ne još, podsjetime za 1 sat', diff --git a/web/lang/big5_big5.php b/web/lang/big5_big5.php index 518cbe57c..922140698 100644 --- a/web/lang/big5_big5.php +++ b/web/lang/big5_big5.php @@ -293,7 +293,7 @@ $SLANG = array( 'DoNativeMotionDetection'=> 'Do Native Motion Detection', 'Donate' => 'Please Donate', 'DonateAlready' => 'No, I\'ve already donated', - 'DonateEnticement' => 'You\'ve been running ZoneMinder for a while now and hopefully are finding it a useful addition to your home or workplace security. Although ZoneMinder is, and will remain, free and open source, it costs money to develop and support. If you would like to help support future development and new features then please consider donating. Donating is, of course, optional but very much appreciated and you can donate as much or as little as you like.

If you would like to donate please select the option below or go to http://www.zoneminder.com/donate.html in your browser.

Thank you for using ZoneMinder and don\'t forget to visit the forums on ZoneMinder.com for support or suggestions about how to make your ZoneMinder experience even better.', + 'DonateEnticement' => 'You\'ve been running ZoneMinder for a while now and hopefully are finding it a useful addition to your home or workplace security. Although ZoneMinder is, and will remain, free and open source, it costs money to develop and support. If you would like to help support future development and new features then please consider donating. Donating is, of course, optional but very much appreciated and you can donate as much or as little as you like.

If you would like to donate please select the option below or go to https://zoneminder.com/donate/ in your browser.

Thank you for using ZoneMinder and don\'t forget to visit the forums on ZoneMinder.com for support or suggestions about how to make your ZoneMinder experience even better.', 'DonateRemindDay' => 'Not yet, remind again in 1 day', 'DonateRemindHour' => 'Not yet, remind again in 1 hour', 'DonateRemindMonth' => 'Not yet, remind again in 1 month', diff --git a/web/lang/cn_zh.php b/web/lang/cn_zh.php index 8e2bfa8f9..0a751023e 100644 --- a/web/lang/cn_zh.php +++ b/web/lang/cn_zh.php @@ -289,7 +289,7 @@ $SLANG = array( 'DoNativeMotionDetection'=> 'Do Native Motion Detection', 'Donate' => '请捐款', 'DonateAlready' => '不,我已经捐赠过了', - 'DonateEnticement' => '迄今,您已经运行ZoneMinder有一阵子了,希望它能够有助于增强您家或者办公区域的安全。尽管ZoneMinder是,并将保持免费和开源,该项目依然在研发和支持中投入了资金和精力。如果您愿意支持今后的开发和新功能,那么请考虑为该项目捐款。捐款不是必须的,任何数量的捐赠,我们都很感谢。

如果您愿意捐款,请选择下列选项,或者访问 http://www.zoneminder.com/donate.html 捐赠主页。

感谢您使用ZoneMinder,并且不要忘记访问访问ZoneMinder.com的论坛以获得支持或建议,这可以提升您的ZoneMinder的体验。', + 'DonateEnticement' => '迄今,您已经运行ZoneMinder有一阵子了,希望它能够有助于增强您家或者办公区域的安全。尽管ZoneMinder是,并将保持免费和开源,该项目依然在研发和支持中投入了资金和精力。如果您愿意支持今后的开发和新功能,那么请考虑为该项目捐款。捐款不是必须的,任何数量的捐赠,我们都很感谢。

如果您愿意捐款,请选择下列选项,或者访问 https://zoneminder.com/donate/ 捐赠主页。

感谢您使用ZoneMinder,并且不要忘记访问访问ZoneMinder.com的论坛以获得支持或建议,这可以提升您的ZoneMinder的体验。', 'DonateRemindDay' => '现在不,1天内再次提醒我', 'DonateRemindHour' => '现在不,1小时内再次提醒我', 'DonateRemindMonth' => '现在不,1个月内再次提醒我', diff --git a/web/lang/cs_cz.php b/web/lang/cs_cz.php index 8e76b20ba..c6340ae76 100644 --- a/web/lang/cs_cz.php +++ b/web/lang/cs_cz.php @@ -289,7 +289,7 @@ $SLANG = array( 'DoNativeMotionDetection'=> 'Do Native Motion Detection', 'Donate' => 'Prosím podpořte', 'DonateAlready' => 'Ne, už jsem podpořil', - 'DonateEnticement' => 'Již nějakou dobu používáte software ZoneMinder k ochraně svého majetku a předpokládám, že jej shledáváte užitečným. Přestože je ZoneMinder, znovu připomínám, zdarma a volně šířený software, stojí jeho vývoj a podpora nějaké peníze. Pokud byste chtěl/a podpořit budoucí vývoj a nové možnosti softwaru, prosím zvažte darování finanční pomoci. Darování je, samozřejmě, dobrovolné, ale zato velmi ceněné můžete přispět jakou částkou chcete.

Pokud máte zájem podpořit náš tým, prosím, vyberte níže uvedenou možnost, nebo navštivte http://www.zoneminder.com/donate.html.

Děkuji Vám že jste si vybral/a software ZoneMinder a nezapomeňte navštívit fórum na ZoneMinder.com pro podporu a návrhy jak udělat ZoneMinder ještě lepším než je dnes.', + 'DonateEnticement' => 'Již nějakou dobu používáte software ZoneMinder k ochraně svého majetku a předpokládám, že jej shledáváte užitečným. Přestože je ZoneMinder, znovu připomínám, zdarma a volně šířený software, stojí jeho vývoj a podpora nějaké peníze. Pokud byste chtěl/a podpořit budoucí vývoj a nové možnosti softwaru, prosím zvažte darování finanční pomoci. Darování je, samozřejmě, dobrovolné, ale zato velmi ceněné můžete přispět jakou částkou chcete.

Pokud máte zájem podpořit náš tým, prosím, vyberte níže uvedenou možnost, nebo navštivte https://zoneminder.com/donate/.

Děkuji Vám že jste si vybral/a software ZoneMinder a nezapomeňte navštívit fórum na ZoneMinder.com pro podporu a návrhy jak udělat ZoneMinder ještě lepším než je dnes.', 'DonateRemindDay' => 'Nyní ne, připomenout za 1 den', 'DonateRemindHour' => 'Nyní ne, připomenout za hodinu', 'DonateRemindMonth' => 'Nyní ne, připomenout za měsíc', diff --git a/web/lang/de_de.php b/web/lang/de_de.php index 37ea4d81c..e8bb8218a 100644 --- a/web/lang/de_de.php +++ b/web/lang/de_de.php @@ -291,7 +291,7 @@ $SLANG = array( 'DoNativeMotionDetection'=> 'Do Native Motion Detection', 'Donate' => 'Bitte spenden Sie.', 'DonateAlready' => 'Nein, ich habe schon gespendet', - 'DonateEnticement' => 'Sie benutzen ZoneMinder nun schon eine Weile und es ist hoffentlich eine nützliche Applikation zur Verbesserung Ihrer Heim- oder Arbeitssicherheit. Obwohl ZoneMinder eine freie Open-Source-Software ist und bleiben wird, entstehen Kosten bei der Entwicklung und dem Support.

Falls Sie ZoneMinder für Weiterentwicklung in der Zukunft unterstützen möchten, denken Sie bitte über eine Spende für das Projekt unter der Webadresse http://www.zoneminder.com/donate.html oder über nachfolgend stehende Option nach. Spenden sind, wie der Name schon sagt, immer freiwillig. Dem Projekt helfen kleine genauso wie größere Spenden sehr weiter und ein herzlicher Dank ist jedem Spender sicher.

Vielen Dank dafür, dass sie ZoneMinder benutzen. Vergessen Sie nicht die Foren unter ZoneMinder.com, um Support zu erhalten und Ihre Erfahrung mit ZoneMinder zu verbessern!', + 'DonateEnticement' => 'Sie benutzen ZoneMinder nun schon eine Weile und es ist hoffentlich eine nützliche Applikation zur Verbesserung Ihrer Heim- oder Arbeitssicherheit. Obwohl ZoneMinder eine freie Open-Source-Software ist und bleiben wird, entstehen Kosten bei der Entwicklung und dem Support.

Falls Sie ZoneMinder für Weiterentwicklung in der Zukunft unterstützen möchten, denken Sie bitte über eine Spende für das Projekt unter der Webadresse https://zoneminder.com/donate/ oder über nachfolgend stehende Option nach. Spenden sind, wie der Name schon sagt, immer freiwillig. Dem Projekt helfen kleine genauso wie größere Spenden sehr weiter und ein herzlicher Dank ist jedem Spender sicher.

Vielen Dank dafür, dass sie ZoneMinder benutzen. Vergessen Sie nicht die Foren unter ZoneMinder.com, um Support zu erhalten und Ihre Erfahrung mit ZoneMinder zu verbessern!', 'DonateRemindDay' => 'Noch nicht, erinnere mich in einem Tag noch mal.', 'DonateRemindHour' => 'Noch nicht, erinnere mich in einer Stunde noch mal.', 'DonateRemindMonth' => 'Noch nicht, erinnere mich in einem Monat noch mal.', diff --git a/web/lang/dk_dk.php b/web/lang/dk_dk.php index 26533a7fb..045b5345e 100644 --- a/web/lang/dk_dk.php +++ b/web/lang/dk_dk.php @@ -290,7 +290,7 @@ $SLANG = array( 'DoNativeMotionDetection'=> 'Do Native Motion Detection', 'Donate' => 'Venligst Donér', 'DonateAlready' => 'Nej, jeg har allerede doneret', - 'DonateEnticement' => 'You\'ve been running ZoneMinder for a while now and hopefully are finding it a useful addition to your home or workplace security. Although ZoneMinder is, and will remain, free and open source, it costs money to develop and support. If you would like to help support future development and new features then please consider donating. Donating is, of course, optional but very much appreciated and you can donate as much or as little as you like.

If you would like to donate please select the option below or go to http://www.zoneminder.com/donate.html in your browser.

Thank you for using ZoneMinder and don\'t forget to visit the forums on ZoneMinder.com for support or suggestions about how to make your ZoneMinder experience even better.', + 'DonateEnticement' => 'You\'ve been running ZoneMinder for a while now and hopefully are finding it a useful addition to your home or workplace security. Although ZoneMinder is, and will remain, free and open source, it costs money to develop and support. If you would like to help support future development and new features then please consider donating. Donating is, of course, optional but very much appreciated and you can donate as much or as little as you like.

If you would like to donate please select the option below or go to https://zoneminder.com/donate/ in your browser.

Thank you for using ZoneMinder and don\'t forget to visit the forums on ZoneMinder.com for support or suggestions about how to make your ZoneMinder experience even better.', 'DonateRemindDay' => 'Ikke endnu, påmind igen on 1 dag', 'DonateRemindHour' => 'Ikke endnu, påmind igen on 1 time', 'DonateRemindMonth' => 'Ikke endnu, påmind igen on 1 måned', diff --git a/web/lang/en_gb.php b/web/lang/en_gb.php index 4eb493630..945d26bea 100644 --- a/web/lang/en_gb.php +++ b/web/lang/en_gb.php @@ -296,7 +296,7 @@ $SLANG = array( 'Display' => 'Display', 'Displaying' => 'Displaying', 'DonateAlready' => 'No, I\'ve already donated', - 'DonateEnticement' => 'You\'ve been running ZoneMinder for a while now and hopefully are finding it a useful addition to your home or workplace security. Although ZoneMinder is, and will remain, free and open source, it costs money to develop and support. If you would like to help support future development and new features then please consider donating. Donating is, of course, optional but very much appreciated and you can donate as much or as little as you like.

If you would like to donate please select the option below or go to http://www.zoneminder.com/donate.html in your browser.

Thank you for using ZoneMinder and don\'t forget to visit the forums on ZoneMinder.com for support or suggestions about how to make your ZoneMinder experience even better.', + 'DonateEnticement' => 'You\'ve been running ZoneMinder for a while now and hopefully are finding it a useful addition to your home or workplace security. Although ZoneMinder is, and will remain, free and open source, it costs money to develop and support. If you would like to help support future development and new features then please consider donating. Donating is, of course, optional but very much appreciated and you can donate as much or as little as you like.

If you would like to donate please select the option below or go to https://zoneminder.com/donate/ in your browser.

Thank you for using ZoneMinder and don\'t forget to visit the forums on ZoneMinder.com for support or suggestions about how to make your ZoneMinder experience even better.', 'Donate' => 'Please Donate', 'DonateRemindDay' => 'Not yet, remind again in 1 day', 'DonateRemindHour' => 'Not yet, remind again in 1 hour', diff --git a/web/lang/es_ar.php b/web/lang/es_ar.php index 114002620..a8da807be 100644 --- a/web/lang/es_ar.php +++ b/web/lang/es_ar.php @@ -240,7 +240,7 @@ $SLANG = array( 'DoNativeMotionDetection'=> 'Do Native Motion Detection', 'Donate' => 'Please Donate', 'DonateAlready' => 'No, I\'ve already donated', - 'DonateEnticement' => 'You\'ve been running ZoneMinder for a while now and hopefully are finding it a useful addition to your home or workplace security. Although ZoneMinder is, and will remain, free and open source, it costs money to develop and support. If you would like to help support future development and new features then please consider donating. Donating is, of course, optional but very much appreciated and you can donate as much or as little as you like.

If you would like to donate please select the option below or go to http://www.zoneminder.com/donate.html in your browser.

Thank you for using ZoneMinder and don\'t forget to visit the forums on ZoneMinder.com for support or suggestions about how to make your ZoneMinder experience even better.', + 'DonateEnticement' => 'You\'ve been running ZoneMinder for a while now and hopefully are finding it a useful addition to your home or workplace security. Although ZoneMinder is, and will remain, free and open source, it costs money to develop and support. If you would like to help support future development and new features then please consider donating. Donating is, of course, optional but very much appreciated and you can donate as much or as little as you like.

If you would like to donate please select the option below or go to https://zoneminder.com/donate/ in your browser.

Thank you for using ZoneMinder and don\'t forget to visit the forums on ZoneMinder.com for support or suggestions about how to make your ZoneMinder experience even better.', 'DonateRemindDay' => 'Not yet, remind again in 1 day', 'DonateRemindHour' => 'Not yet, remind again in 1 hour', 'DonateRemindMonth' => 'Not yet, remind again in 1 month', diff --git a/web/lang/es_es.php b/web/lang/es_es.php index 767b58d97..f97ea0ff1 100644 --- a/web/lang/es_es.php +++ b/web/lang/es_es.php @@ -289,7 +289,7 @@ $SLANG = array( 'DoNativeMotionDetection'=> 'Do Native Motion Detection', // Added - 2015-04-18 'Donate' => 'Por favor, done', 'DonateAlready' => 'No, ya he donado', - 'DonateEnticement' => 'Ha estado ejecutando ZoneMinder por un tiempo y con suerte le resultará un útil complemento para su seguridad en hogar y trabajo. Aunque ZoneMinder es, y será, libre y de código abierto, cuesta dinero desarrollarlo y mantenerlo. Si quiere ayudar a mantener un futuro desarrollo y nuevas funciones entonces considere hacer un donativo por favor. Donar es, por supuesto, opcional pero muy apreciado y puede donar tanto como desee sin importar la cantidad.

Si desea hacer una donación por favor seleccione la opción de debajo o vaya a http://www.zoneminder.com/donate.html en su navegador.

Muchas gracias por usar ZoneMinder y no se olvide de vistar los foros en ZoneMinder.com para obtener soporte o hacer sugerencias sobre cómo mejorar su experiencia con ZoneMinder aún más.', + 'DonateEnticement' => 'Ha estado ejecutando ZoneMinder por un tiempo y con suerte le resultará un útil complemento para su seguridad en hogar y trabajo. Aunque ZoneMinder es, y será, libre y de código abierto, cuesta dinero desarrollarlo y mantenerlo. Si quiere ayudar a mantener un futuro desarrollo y nuevas funciones entonces considere hacer un donativo por favor. Donar es, por supuesto, opcional pero muy apreciado y puede donar tanto como desee sin importar la cantidad.

Si desea hacer una donación por favor seleccione la opción de debajo o vaya a https://zoneminder.com/donate/ en su navegador.

Muchas gracias por usar ZoneMinder y no se olvide de vistar los foros en ZoneMinder.com para obtener soporte o hacer sugerencias sobre cómo mejorar su experiencia con ZoneMinder aún más.', 'DonateRemindDay' => 'Aún no, recordarme de nuevo en 1 día', 'DonateRemindHour' => 'Aún no, recordarme de nuevo en 1 hora', 'DonateRemindMonth' => 'Aún no, recordarme de nuevo en 1 mes', diff --git a/web/lang/et_ee.php b/web/lang/et_ee.php index 19d6e777b..99a277144 100644 --- a/web/lang/et_ee.php +++ b/web/lang/et_ee.php @@ -296,7 +296,7 @@ $SLANG = array( 'DoNativeMotionDetection'=> 'Do Native Motion Detection', // Added - 2015-04-18 'Donate' => 'Palun Anneta', 'DonateAlready' => 'EI, Ma olen juba annetanud', - 'DonateEnticement' => 'Sa oled juba kasutanud ZoneMinderit juba mõnda aega. Nüüd kus sa oled leidnud, et see on kasulik lisa sinu kodule või sinu töökohale. Kuigi ZoneMinder on, jääb alatiseks, vabaks ja avatud lähtekoodiks, siiski selle arendamiseks kulub aega ja raha. Kui sa soovid meid aidata, siis toeta meid tuleviku arendusteks ja uute lisade loomiseks. Palun mõelge annetuse peale. Donating is, of course, optional but very much appreciated and you can donate as much or as little as you like.

If you would like to donate please select the option below or go to http://www.zoneminder.com/donate.html in your browser.

Thank you for using ZoneMinder and don\'t forget to visit the forums on ZoneMinder.com for support or suggestions about how to make your ZoneMinder experience even better.', + 'DonateEnticement' => 'Sa oled juba kasutanud ZoneMinderit juba mõnda aega. Nüüd kus sa oled leidnud, et see on kasulik lisa sinu kodule või sinu töökohale. Kuigi ZoneMinder on, jääb alatiseks, vabaks ja avatud lähtekoodiks, siiski selle arendamiseks kulub aega ja raha. Kui sa soovid meid aidata, siis toeta meid tuleviku arendusteks ja uute lisade loomiseks. Palun mõelge annetuse peale. Donating is, of course, optional but very much appreciated and you can donate as much or as little as you like.

If you would like to donate please select the option below or go to https://zoneminder.com/donate/ in your browser.

Thank you for using ZoneMinder and don\'t forget to visit the forums on ZoneMinder.com for support or suggestions about how to make your ZoneMinder experience even better.', 'DonateRemindDay' => 'Ei veel, tuleta meelde ühe päeva pärast', 'DonateRemindHour' => 'Ei veel, tuleta meelde ühe tunni pärast', 'DonateRemindMonth' => 'Ei veel, tuleta meelde ühe kuu pärast', diff --git a/web/lang/fr_fr.php b/web/lang/fr_fr.php index 03ffc70ba..f379b04cd 100644 --- a/web/lang/fr_fr.php +++ b/web/lang/fr_fr.php @@ -295,7 +295,7 @@ $SLANG = array( 'DoNativeMotionDetection'=> 'Réaliser détection native', 'Donate' => 'Veuillez faire un don', 'DonateAlready' => 'Non, j\'ai déjà donné', - 'DonateEnticement' => 'Vous utilisez ZoneMinder depuis quelque temps et nous espérons que vous trouvez cette solution utile. Bien que ZoneMinder est, et restera, une solution libre et ouverte (open source), son développement et son maintien nécessitent des moyens financiers. Si vous voulez aider au développement et à l\'ajout de fonctionnalités, veuillez considérer la possibilité d\'effectuer un don. Les dons sont bien sûr optionnels mais grandement appréciés et vous pouvez donner le montant que vous désirez.

Si vous voulez effectuer un don, veuillez sélectionner l\'option ci-dessous ou veuillez vous rendre sur http://www.zoneminder.com/donate.html à l\'aide de votre navigateur internet.

Merci d\'utiliser ZoneMinder et n\'oubliez pas de visiter les forums sur ZoneMinder.com pour le support ou des suggestions pour rendre votre expérience de ZoneMinder encore meilleure.', + 'DonateEnticement' => 'Vous utilisez ZoneMinder depuis quelque temps et nous espérons que vous trouvez cette solution utile. Bien que ZoneMinder est, et restera, une solution libre et ouverte (open source), son développement et son maintien nécessitent des moyens financiers. Si vous voulez aider au développement et à l\'ajout de fonctionnalités, veuillez considérer la possibilité d\'effectuer un don. Les dons sont bien sûr optionnels mais grandement appréciés et vous pouvez donner le montant que vous désirez.

Si vous voulez effectuer un don, veuillez sélectionner l\'option ci-dessous ou veuillez vous rendre sur https://zoneminder.com/donate/ à l\'aide de votre navigateur internet.

Merci d\'utiliser ZoneMinder et n\'oubliez pas de visiter les forums sur ZoneMinder.com pour le support ou des suggestions pour rendre votre expérience de ZoneMinder encore meilleure.', 'DonateRemindDay' => 'Pas encore, me rappeler dans 1 jour', 'DonateRemindHour' => 'Pas encore, me rappeler dans 1 heure', 'DonateRemindMonth' => 'Pas encore, me rappeler dans 1 mois', diff --git a/web/lang/he_il.php b/web/lang/he_il.php index 26e8bcea6..b3e03c225 100644 --- a/web/lang/he_il.php +++ b/web/lang/he_il.php @@ -289,7 +289,7 @@ $SLANG = array( 'DoNativeMotionDetection'=> 'Do Native Motion Detection', 'Donate' => 'úøåí áá÷ùä', 'DonateAlready' => 'ìà, úøîúé ëáø', - 'DonateEnticement' => 'You\'ve been running ZoneMinder for a while now and hopefully are finding it a useful addition to your home or workplace security. Although ZoneMinder is, and will remain, free and open source, it costs money to develop and support. If you would like to help support future development and new features then please consider donating. Donating is, of course, optional but very much appreciated and you can donate as much or as little as you like.

If you would like to donate please select the option below or go to http://www.zoneminder.com/donate.html in your browser.

Thank you for using ZoneMinder and don\'t forget to visit the forums on ZoneMinder.com for support or suggestions about how to make your ZoneMinder experience even better.', + 'DonateEnticement' => 'You\'ve been running ZoneMinder for a while now and hopefully are finding it a useful addition to your home or workplace security. Although ZoneMinder is, and will remain, free and open source, it costs money to develop and support. If you would like to help support future development and new features then please consider donating. Donating is, of course, optional but very much appreciated and you can donate as much or as little as you like.

If you would like to donate please select the option below or go to https://zoneminder.com/donate/ in your browser.

Thank you for using ZoneMinder and don\'t forget to visit the forums on ZoneMinder.com for support or suggestions about how to make your ZoneMinder experience even better.', 'DonateRemindDay' => 'òãééï ìà, äæëø ìà áòåã éåí àçã', 'DonateRemindHour' => 'òãééï ìà, äæëø ìé áòåã ùòä àçú', 'DonateRemindMonth' => 'òãééï ìà, äæëø ìé áòåã çåãù àçã', diff --git a/web/lang/hu_hu.php b/web/lang/hu_hu.php index 15cf72aab..7ef51dab3 100644 --- a/web/lang/hu_hu.php +++ b/web/lang/hu_hu.php @@ -332,7 +332,7 @@ $SLANG = array( 'DoNativeMotionDetection'=> 'Do Native Motion Detection', // Added - 2015-04-18 'Donate' => 'Kérem támogasson', 'DonateAlready' => 'Nem, én már támogattam', - 'DonateEnticement' => 'Ön már jó ideje használja a ZoneMindert, és reméljük hasznos eszköznek tartja háza vagy munkahelye biztonságában. Bár a ZoneMinder egy szabad, nyílt forráskódú termék és az is marad, a fejlesztése pénzbe kerül. Ha van lehetősége támogatni a jövőbeni fejlesztéseket és az új funkciókat kérem, tegye meg. A támogatás teljesen önkéntes, de nagyon megbecsült és mértéke is tetszőleges.

Ha támogatni szertne, kérem, válasszon az alábbi lehetőségekből vagy látogassa meg a http://www.zoneminder.com/donate.html oldalt.

Köszönjük, hogy használja a ZoneMinder-t és ne felejtse el meglátogatni a fórumokat a ZoneMinder.com oldalon támogatásért és ötletekért, hogy a jövőben is még jobban ki tudja használni a ZoneMinder lehetőségeit.', + 'DonateEnticement' => 'Ön már jó ideje használja a ZoneMindert, és reméljük hasznos eszköznek tartja háza vagy munkahelye biztonságában. Bár a ZoneMinder egy szabad, nyílt forráskódú termék és az is marad, a fejlesztése pénzbe kerül. Ha van lehetősége támogatni a jövőbeni fejlesztéseket és az új funkciókat kérem, tegye meg. A támogatás teljesen önkéntes, de nagyon megbecsült és mértéke is tetszőleges.

Ha támogatni szertne, kérem, válasszon az alábbi lehetőségekből vagy látogassa meg a https://zoneminder.com/donate/ oldalt.

Köszönjük, hogy használja a ZoneMinder-t és ne felejtse el meglátogatni a fórumokat a ZoneMinder.com oldalon támogatásért és ötletekért, hogy a jövőben is még jobban ki tudja használni a ZoneMinder lehetőségeit.', 'DonateRemindDay' => 'Nem most, figyelmeztessen egy nap múlva', 'DonateRemindHour' => 'Nem most, figyelmeztessen egy óra múlva', 'DonateRemindMonth' => 'Nem most, figyelmeztessen egy hónap múlva', diff --git a/web/lang/it_it.php b/web/lang/it_it.php index 9049b3c2f..cf2dbab8d 100644 --- a/web/lang/it_it.php +++ b/web/lang/it_it.php @@ -294,7 +294,7 @@ $SLANG = array( 'DoNativeMotionDetection'=> 'Do Native Motion Detection', 'Donate' => 'Donate,per favore', 'DonateAlready' => 'No, ho gia donato... ', - 'DonateEnticement' => 'Stai usando ZoneMinder da un po\' di tempo e spero che tu lo stia trovando utile per la sicurezza di casa tua o del tuo posto di lavoro..Anche se ZoneMinder e\' distribuito liberamente come software libero,costa soldi sia svilupparlo che supportarlo. Se preferisci che questo software continui ad avere supporto e sviluppo in futuro allora considera l\idea di fare una piccola donazione. Donare e\' ovviamente opzionale, ma apprezzato e puoi donare quanto vuoi,quel poco o tanto che tu desideri.

Se hai voglia per cortesia seleziona l\'opzione sotto o punta il tuo browser a http://www.zoneminder.com/donate.html .

Grazie per usare ZoneMinder e non dimenticare di visitare il forum in ZoneMinder.com se cerchi supporto o hai suggerimenti riguardo a come rendere migliore Zoneminder.', + 'DonateEnticement' => 'Stai usando ZoneMinder da un po\' di tempo e spero che tu lo stia trovando utile per la sicurezza di casa tua o del tuo posto di lavoro..Anche se ZoneMinder e\' distribuito liberamente come software libero,costa soldi sia svilupparlo che supportarlo. Se preferisci che questo software continui ad avere supporto e sviluppo in futuro allora considera l\idea di fare una piccola donazione. Donare e\' ovviamente opzionale, ma apprezzato e puoi donare quanto vuoi,quel poco o tanto che tu desideri.

Se hai voglia per cortesia seleziona l\'opzione sotto o punta il tuo browser a https://zoneminder.com/donate/ .

Grazie per usare ZoneMinder e non dimenticare di visitare il forum in ZoneMinder.com se cerchi supporto o hai suggerimenti riguardo a come rendere migliore Zoneminder.', 'DonateRemindDay' => 'Non ancora, ricordamelo ancora tra 1 giorno', 'DonateRemindHour' => 'Non ancora, ricordamelo ancora tra 1 ora', 'DonateRemindMonth' => 'Non ancora, ricordamelo ancora tra 1 mese', diff --git a/web/lang/ja_jp.php b/web/lang/ja_jp.php index b34c9f3f0..55b13ae0a 100644 --- a/web/lang/ja_jp.php +++ b/web/lang/ja_jp.php @@ -290,7 +290,7 @@ $SLANG = array( 'DoNativeMotionDetection'=> 'Do Native Motion Detection', 'Donate' => 'Please Donate', 'DonateAlready' => 'No, I\'ve already donated', - 'DonateEnticement' => 'You\'ve been running ZoneMinder for a while now and hopefully are finding it a useful addition to your home or workplace security. Although ZoneMinder is, and will remain, free and open source, it costs money to develop and support. If you would like to help support future development and new features then please consider donating. Donating is, of course, optional but very much appreciated and you can donate as much or as little as you like.

If you would like to donate please select the option below or go to http://www.zoneminder.com/donate.html in your browser.

Thank you for using ZoneMinder and don\'t forget to visit the forums on ZoneMinder.com for support or suggestions about how to make your ZoneMinder experience even better.', + 'DonateEnticement' => 'You\'ve been running ZoneMinder for a while now and hopefully are finding it a useful addition to your home or workplace security. Although ZoneMinder is, and will remain, free and open source, it costs money to develop and support. If you would like to help support future development and new features then please consider donating. Donating is, of course, optional but very much appreciated and you can donate as much or as little as you like.

If you would like to donate please select the option below or go to https://zoneminder.com/donate/ in your browser.

Thank you for using ZoneMinder and don\'t forget to visit the forums on ZoneMinder.com for support or suggestions about how to make your ZoneMinder experience even better.', 'DonateRemindDay' => 'Not yet, remind again in 1 day', 'DonateRemindHour' => 'Not yet, remind again in 1 hour', 'DonateRemindMonth' => 'Not yet, remind again in 1 month', diff --git a/web/lang/nl_nl.php b/web/lang/nl_nl.php index a2003b1c3..be741a6ac 100644 --- a/web/lang/nl_nl.php +++ b/web/lang/nl_nl.php @@ -290,7 +290,7 @@ $SLANG = array( 'DoNativeMotionDetection'=> 'Do Native Motion Detection', // Added - 2015-04-18 'Donate' => 'Geef a.u.b. een donatie', 'DonateAlready' => 'Nee, ik heb al gedoneerd', - 'DonateEnticement' => 'U gebruikt ZoneMinder nu voor een geruime tijd, hopelijk vindt u het een nuttige toevoeging voor uw huis- of werkplekbeveiliging. Natuurlijk is en blijft ZoneMinder gratis en open source software, maar het kost geld om te ontwikkelen, ondersteunen, en te onderhouden. Wij vragen u dan ook om er over na te denken een donatie te doen om zo de ontwikkeling van ZoneMinder te ondersteunen. Natuurlijk bent u hier vrij in, en elke donatie hoe klein dan ook wordt erg gewaardeerd.

Als u wilt doneren geef dat hieronder dan aan of ga naar http://www.zoneminder.com/donate.html in uw browser.

Bedankt voor het gebruiken van ZoneMinder en vergeet niet om ons forum op ZoneMinder.com te bezoeken voor ondersteuning of suggesties waarmee uw ZoneMinder beleving nog beter wordt.', + 'DonateEnticement' => 'U gebruikt ZoneMinder nu voor een geruime tijd, hopelijk vindt u het een nuttige toevoeging voor uw huis- of werkplekbeveiliging. Natuurlijk is en blijft ZoneMinder gratis en open source software, maar het kost geld om te ontwikkelen, ondersteunen, en te onderhouden. Wij vragen u dan ook om er over na te denken een donatie te doen om zo de ontwikkeling van ZoneMinder te ondersteunen. Natuurlijk bent u hier vrij in, en elke donatie hoe klein dan ook wordt erg gewaardeerd.

Als u wilt doneren geef dat hieronder dan aan of ga naar https://zoneminder.com/donate/ in uw browser.

Bedankt voor het gebruiken van ZoneMinder en vergeet niet om ons forum op ZoneMinder.com te bezoeken voor ondersteuning of suggesties waarmee uw ZoneMinder beleving nog beter wordt.', 'DonateRemindDay' => 'Nu niet, herinner mij over 1 dag hieraan', 'DonateRemindHour' => 'Nu niet, herinner mij over een uur hieraan', 'DonateRemindMonth' => 'Nu niet, herinner mij over een maand hieraan', diff --git a/web/lang/pl_pl.php b/web/lang/pl_pl.php index d41242317..0b36af11b 100644 --- a/web/lang/pl_pl.php +++ b/web/lang/pl_pl.php @@ -304,7 +304,7 @@ $SLANG = array( 'DoNativeMotionDetection'=> 'Do Native Motion Detection', 'Donate' => 'Please Donate', 'DonateAlready' => 'No, I\'ve already donated', - 'DonateEnticement' => 'You\'ve been running ZoneMinder for a while now and hopefully are finding it a useful addition to your home or workplace security. Although ZoneMinder is, and will remain, free and open source, it costs money to develop and support. If you would like to help support future development and new features then please consider donating. Donating is, of course, optional but very much appreciated and you can donate as much or as little as you like.

If you would like to donate please select the option below or go to http://www.zoneminder.com/donate.html in your browser.

Thank you for using ZoneMinder and don\'t forget to visit the forums on ZoneMinder.com for support or suggestions about how to make your ZoneMinder experience even better.', + 'DonateEnticement' => 'You\'ve been running ZoneMinder for a while now and hopefully are finding it a useful addition to your home or workplace security. Although ZoneMinder is, and will remain, free and open source, it costs money to develop and support. If you would like to help support future development and new features then please consider donating. Donating is, of course, optional but very much appreciated and you can donate as much or as little as you like.

If you would like to donate please select the option below or go to https://zoneminder.com/donate/ in your browser.

Thank you for using ZoneMinder and don\'t forget to visit the forums on ZoneMinder.com for support or suggestions about how to make your ZoneMinder experience even better.', 'DonateRemindDay' => 'Not yet, remind again in 1 day', 'DonateRemindHour' => 'Not yet, remind again in 1 hour', 'DonateRemindMonth' => 'Not yet, remind again in 1 month', diff --git a/web/lang/pt_br.php b/web/lang/pt_br.php index 3d5a2cf83..80ded9e3d 100644 --- a/web/lang/pt_br.php +++ b/web/lang/pt_br.php @@ -229,7 +229,7 @@ $SLANG = array( 'DoNativeMotionDetection'=> 'Do Native Motion Detection', 'Donate' => 'Please Donate', 'DonateAlready' => 'No, I\'ve already donated', - 'DonateEnticement' => 'You\'ve been running ZoneMinder for a while now and hopefully are finding it a useful addition to your home or workplace security. Although ZoneMinder is, and will remain, free and open source, it costs money to develop and support. If you would like to help support future development and new features then please consider donating. Donating is, of course, optional but very much appreciated and you can donate as much or as little as you like.

If you would like to donate please select the option below or go to http://www.zoneminder.com/donate.html in your browser.

Thank you for using ZoneMinder and don\'t forget to visit the forums on ZoneMinder.com for support or suggestions about how to make your ZoneMinder experience even better.', + 'DonateEnticement' => 'You\'ve been running ZoneMinder for a while now and hopefully are finding it a useful addition to your home or workplace security. Although ZoneMinder is, and will remain, free and open source, it costs money to develop and support. If you would like to help support future development and new features then please consider donating. Donating is, of course, optional but very much appreciated and you can donate as much or as little as you like.

If you would like to donate please select the option below or go to https://zoneminder.com/donate/ in your browser.

Thank you for using ZoneMinder and don\'t forget to visit the forums on ZoneMinder.com for support or suggestions about how to make your ZoneMinder experience even better.', 'DonateRemindDay' => 'Not yet, remind again in 1 day', 'DonateRemindHour' => 'Not yet, remind again in 1 hour', 'DonateRemindMonth' => 'Not yet, remind again in 1 month', diff --git a/web/lang/ro_ro.php b/web/lang/ro_ro.php index 97e07b836..20b2bf647 100644 --- a/web/lang/ro_ro.php +++ b/web/lang/ro_ro.php @@ -260,7 +260,7 @@ $SLANG = array( 'DoNativeMotionDetection'=> 'Do Native Motion Detection', 'Donate' => 'Please Donate', 'DonateAlready' => 'No, I\'ve already donated', - 'DonateEnticement' => 'You\'ve been running ZoneMinder for a while now and hopefully are finding it a useful addition to your home or workplace security. Although ZoneMinder is, and will remain, free and open source, it costs money to develop and support. If you would like to help support future development and new features then please consider donating. Donating is, of course, optional but very much appreciated and you can donate as much or as little as you like.

If you would like to donate please select the option below or go to http://www.zoneminder.com/donate.html in your browser.

Thank you for using ZoneMinder and don\'t forget to visit the forums on ZoneMinder.com for support or suggestions about how to make your ZoneMinder experience even better.', + 'DonateEnticement' => 'You\'ve been running ZoneMinder for a while now and hopefully are finding it a useful addition to your home or workplace security. Although ZoneMinder is, and will remain, free and open source, it costs money to develop and support. If you would like to help support future development and new features then please consider donating. Donating is, of course, optional but very much appreciated and you can donate as much or as little as you like.

If you would like to donate please select the option below or go to https://zoneminder.com/donate/ in your browser.

Thank you for using ZoneMinder and don\'t forget to visit the forums on ZoneMinder.com for support or suggestions about how to make your ZoneMinder experience even better.', 'DonateRemindDay' => 'Not yet, remind again in 1 day', 'DonateRemindHour' => 'Not yet, remind again in 1 hour', 'DonateRemindMonth' => 'Not yet, remind again in 1 month', diff --git a/web/lang/se_se.php b/web/lang/se_se.php index 4245ae974..53dd25178 100644 --- a/web/lang/se_se.php +++ b/web/lang/se_se.php @@ -290,7 +290,7 @@ $SLANG = array( 'DoNativeMotionDetection'=> 'Do Native Motion Detection', 'Donate' => 'Var vänlig och donera', 'DonateAlready' => 'Nej, Jag har redan donerat', - 'DonateEnticement' => 'Du har kört ZoneMinder ett tag nu och förhoppningsvis har du sett att det fungerar bra hemma eller på ditt företag. Även om ZoneMinder är, och kommer att vara, fri programvara och öppen kallkod, så kostar det pengar att utveckla och underhålla. Om du vill hjälpa till med framtida utveckling och nya funktioner så var vanlig och bidrag med en slant. Bidragen är naturligtvis en option men mycket uppskattade och du kan bidra med precis hur mycket du vill.

Om du vill ge ett bidrag väljer du nedan eller surfar till http://www.zoneminder.com/donate.html.

Tack för att du använder ZoneMinder, glöm inte att besöka forumen på ZoneMinder.com för support och förslag om hur du får din ZoneMinder att fungera lite bättre.', + 'DonateEnticement' => 'Du har kört ZoneMinder ett tag nu och förhoppningsvis har du sett att det fungerar bra hemma eller på ditt företag. Även om ZoneMinder är, och kommer att vara, fri programvara och öppen kallkod, så kostar det pengar att utveckla och underhålla. Om du vill hjälpa till med framtida utveckling och nya funktioner så var vanlig och bidrag med en slant. Bidragen är naturligtvis en option men mycket uppskattade och du kan bidra med precis hur mycket du vill.

Om du vill ge ett bidrag väljer du nedan eller surfar till https://zoneminder.com/donate/.

Tack för att du använder ZoneMinder, glöm inte att besöka forumen på ZoneMinder.com för support och förslag om hur du får din ZoneMinder att fungera lite bättre.', 'DonateRemindDay' => 'Inte än, påminn om 1 dag', 'DonateRemindHour' => 'Inte än, påminn om en 1 timme', 'DonateRemindMonth' => 'Inte än, påminn om 1 månad', From 3c56b32b08b10becbdf2b7767ca72303bea491fb Mon Sep 17 00:00:00 2001 From: Isaac Connor Date: Wed, 24 Apr 2019 10:38:08 -0400 Subject: [PATCH 014/922] Use GREATEST function prevent negative values in event counts --- db/triggers.sql | 64 ++++----- db/zm_update-1.33.7.sql | 283 ++++++++++++++++++++++++++++++++++++++++ version | 2 +- 3 files changed, 317 insertions(+), 32 deletions(-) create mode 100644 db/zm_update-1.33.7.sql diff --git a/db/triggers.sql b/db/triggers.sql index 2f13be435..fb7a32b67 100644 --- a/db/triggers.sql +++ b/db/triggers.sql @@ -5,7 +5,7 @@ CREATE TRIGGER Events_Hour_delete_trigger BEFORE DELETE ON Events_Hour FOR EACH ROW BEGIN UPDATE Monitors SET HourEvents = COALESCE(HourEvents,1)-1, - HourEventDiskSpace=COALESCE(HourEventDiskSpace,0)-COALESCE(OLD.DiskSpace,0) + HourEventDiskSpace=GREATEST(COALESCE(HourEventDiskSpace,0)-COALESCE(OLD.DiskSpace,0),0) WHERE Id=OLD.MonitorId; END; // @@ -20,23 +20,21 @@ FOR EACH ROW set diff = COALESCE(NEW.DiskSpace,0) - COALESCE(OLD.DiskSpace,0); IF ( diff ) THEN IF ( NEW.MonitorID != OLD.MonitorID ) THEN - UPDATE Monitors SET HourEventDiskSpace=COALESCE(HourEventDiskSpace,0)-COALESCE(OLD.DiskSpace,0) WHERE Monitors.Id=OLD.MonitorId; - UPDATE Monitors SET HourEventDiskSpace=COALESCE(HourEventDiskSpace,0)-COALESCE(NEW.DiskSpace,0) WHERE Monitors.Id=NEW.MonitorId; + UPDATE Monitors SET HourEventDiskSpace=GREATEST(COALESCE(HourEventDiskSpace,0)-COALESCE(OLD.DiskSpace,0),0) WHERE Monitors.Id=OLD.MonitorId; + UPDATE Monitors SET HourEventDiskSpace=COALESCE(HourEventDiskSpace,0)+COALESCE(NEW.DiskSpace,0) WHERE Monitors.Id=NEW.MonitorId; ELSE UPDATE Monitors SET HourEventDiskSpace=COALESCE(HourEventDiskSpace,0)+diff WHERE Monitors.Id=NEW.MonitorId; END IF; END IF; END; // -DELIMITER ; -delimiter // DROP TRIGGER IF EXISTS Events_Day_delete_trigger// CREATE TRIGGER Events_Day_delete_trigger BEFORE DELETE ON Events_Day FOR EACH ROW BEGIN UPDATE Monitors SET - DayEvents = COALESCE(DayEvents,1)-1, - DayEventDiskSpace=COALESCE(DayEventDiskSpace,0)-COALESCE(OLD.DiskSpace,0) + DayEvents = GREATEST(COALESCE(DayEvents,1)-1,0), + DayEventDiskSpace=GREATEST(COALESCE(DayEventDiskSpace,0)-COALESCE(OLD.DiskSpace,0),0) WHERE Id=OLD.MonitorId; END; // @@ -50,10 +48,10 @@ FOR EACH ROW set diff = COALESCE(NEW.DiskSpace,0) - COALESCE(OLD.DiskSpace,0); IF ( diff ) THEN IF ( NEW.MonitorID != OLD.MonitorID ) THEN - UPDATE Monitors SET DayEventDiskSpace=COALESCE(DayEventDiskSpace,0)-COALESCE(OLD.DiskSpace,0) WHERE Monitors.Id=OLD.MonitorId; + UPDATE Monitors SET DayEventDiskSpace=GREATEST(COALESCE(DayEventDiskSpace,0)-COALESCE(OLD.DiskSpace,0),0) WHERE Monitors.Id=OLD.MonitorId; UPDATE Monitors SET DayEventDiskSpace=COALESCE(DayEventDiskSpace,0)+COALESCE(NEW.DiskSpace,0) WHERE Monitors.Id=NEW.MonitorId; ELSE - UPDATE Monitors SET DayEventDiskSpace=COALESCE(DayEventDiskSpace,0)+diff WHERE Monitors.Id=NEW.MonitorId; + UPDATE Monitors SET DayEventDiskSpace=GREATEST(COALESCE(DayEventDiskSpace,0)+diff,0) WHERE Monitors.Id=NEW.MonitorId; END IF; END IF; END; @@ -65,7 +63,7 @@ CREATE TRIGGER Events_Week_delete_trigger BEFORE DELETE ON Events_Week FOR EACH ROW BEGIN UPDATE Monitors SET WeekEvents = COALESCE(WeekEvents,1)-1, - WeekEventDiskSpace=COALESCE(WeekEventDiskSpace,0)-COALESCE(OLD.DiskSpace,0) + WeekEventDiskSpace=GREATEST(COALESCE(WeekEventDiskSpace,0)-COALESCE(OLD.DiskSpace,0),0) WHERE Id=OLD.MonitorId; END; // @@ -79,10 +77,10 @@ FOR EACH ROW set diff = COALESCE(NEW.DiskSpace,0) - COALESCE(OLD.DiskSpace,0); IF ( diff ) THEN IF ( NEW.MonitorID != OLD.MonitorID ) THEN - UPDATE Monitors SET WeekEventDiskSpace=COALESCE(WeekEventDiskSpace,0)-COALESCE(OLD.DiskSpace,0) WHERE Monitors.Id=OLD.MonitorId; + UPDATE Monitors SET WeekEventDiskSpace=GREATEST(COALESCE(WeekEventDiskSpace,0)-COALESCE(OLD.DiskSpace,0),0) WHERE Monitors.Id=OLD.MonitorId; UPDATE Monitors SET WeekEventDiskSpace=COALESCE(WeekEventDiskSpace,0)+COALESCE(NEW.DiskSpace,0) WHERE Monitors.Id=NEW.MonitorId; ELSE - UPDATE Monitors SET WeekEventDiskSpace=COALESCE(WeekEventDiskSpace,0)+diff WHERE Monitors.Id=NEW.MonitorId; + UPDATE Monitors SET WeekEventDiskSpace=GREATEST(COALESCE(WeekEventDiskSpace,0)+diff,0) WHERE Monitors.Id=NEW.MonitorId; END IF; END IF; END; @@ -93,7 +91,7 @@ CREATE TRIGGER Events_Month_delete_trigger BEFORE DELETE ON Events_Month FOR EACH ROW BEGIN UPDATE Monitors SET MonthEvents = COALESCE(MonthEvents,1)-1, - MonthEventDiskSpace=COALESCE(MonthEventDiskSpace,0)-COALESCE(OLD.DiskSpace,0) + MonthEventDiskSpace=GREATEST(COALESCE(MonthEventDiskSpace,0)-COALESCE(OLD.DiskSpace,0),0) WHERE Id=OLD.MonitorId; END; // @@ -107,10 +105,10 @@ FOR EACH ROW set diff = COALESCE(NEW.DiskSpace,0) - COALESCE(OLD.DiskSpace,0); IF ( diff ) THEN IF ( NEW.MonitorID != OLD.MonitorID ) THEN - UPDATE Monitors SET MonthEventDiskSpace=COALESCE(MonthEventDiskSpace,0)-COALESCE(OLD.DiskSpace) WHERE Monitors.Id=OLD.MonitorId; + UPDATE Monitors SET MonthEventDiskSpace=GREATEST(COALESCE(MonthEventDiskSpace,0)-COALESCE(OLD.DiskSpace),0) WHERE Monitors.Id=OLD.MonitorId; UPDATE Monitors SET MonthEventDiskSpace=COALESCE(MonthEventDiskSpace,0)+COALESCE(NEW.DiskSpace) WHERE Monitors.Id=NEW.MonitorId; ELSE - UPDATE Monitors SET MonthEventDiskSpace=COALESCE(MonthEventDiskSpace,0)+diff WHERE Monitors.Id=NEW.MonitorId; + UPDATE Monitors SET MonthEventDiskSpace=GREATEST(COALESCE(MonthEventDiskSpace,0)+diff,0) WHERE Monitors.Id=NEW.MonitorId; END IF; END IF; END; @@ -128,14 +126,14 @@ BEGIN set diff = COALESCE(NEW.DiskSpace,0) - COALESCE(OLD.DiskSpace,0); IF ( NEW.StorageId = OLD.StorageID ) THEN IF ( diff ) THEN - UPDATE Storage SET DiskSpace = COALESCE(DiskSpace,0) + diff WHERE Id = OLD.StorageId; + UPDATE Storage SET DiskSpace = GREATEST(COALESCE(DiskSpace,0) + diff,0) WHERE Id = OLD.StorageId; END IF; ELSE IF ( NEW.DiskSpace ) THEN UPDATE Storage SET DiskSpace = COALESCE(DiskSpace,0) + NEW.DiskSpace WHERE Id = NEW.StorageId; END IF; IF ( OLD.DiskSpace ) THEN - UPDATE Storage SET DiskSpace = COALESCE(DiskSpace,0) - OLD.DiskSpace WHERE Id = OLD.StorageId; + UPDATE Storage SET DiskSpace = GREATEST(COALESCE(DiskSpace,0) - OLD.DiskSpace,0) WHERE Id = OLD.StorageId; END IF; END IF; @@ -150,12 +148,16 @@ BEGIN UPDATE Monitors SET ArchivedEvents = COALESCE(ArchivedEvents,0)+1, ArchivedEventDiskSpace = COALESCE(ArchivedEventDiskSpace,0) + COALESCE(NEW.DiskSpace,0) WHERE Id=NEW.MonitorId; ELSEIF ( OLD.Archived ) THEN DELETE FROM Events_Archived WHERE EventId=OLD.Id; - UPDATE Monitors SET ArchivedEvents = COALESCE(ArchivedEvents,0)-1, ArchivedEventDiskSpace = COALESCE(ArchivedEventDiskSpace,0) - COALESCE(OLD.DiskSpace,0) WHERE Id=OLD.MonitorId; + UPDATE Monitors + SET + ArchivedEvents = GREATEST(COALESCE(ArchivedEvents,0)-1,0), + ArchivedEventDiskSpace = GREATEST(COALESCE(ArchivedEventDiskSpace,0) - COALESCE(OLD.DiskSpace,0),0) + WHERE Id=OLD.MonitorId; ELSE IF ( OLD.DiskSpace != NEW.DiskSpace ) THEN UPDATE Events_Archived SET DiskSpace=NEW.DiskSpace WHERE EventId=NEW.Id; UPDATE Monitors SET - ArchivedEventDiskSpace = COALESCE(ArchivedEventDiskSpace,0) - COALESCE(OLD.DiskSpace,0) + COALESCE(NEW.DiskSpace,0) + ArchivedEventDiskSpace = GREATEST(COALESCE(ArchivedEventDiskSpace,0) - COALESCE(OLD.DiskSpace,0) + COALESCE(NEW.DiskSpace,0),0) WHERE Id=OLD.MonitorId; END IF; END IF; @@ -164,18 +166,18 @@ BEGIN END IF; IF ( diff ) THEN - UPDATE Monitors SET TotalEventDiskSpace = COALESCE(TotalEventDiskSpace,0) - COALESCE(OLD.DiskSpace,0) + COALESCE(NEW.DiskSpace,0) WHERE Id=OLD.MonitorId; + UPDATE Monitors + SET + TotalEventDiskSpace = GREATEST(COALESCE(TotalEventDiskSpace,0) - COALESCE(OLD.DiskSpace,0) + COALESCE(NEW.DiskSpace,0),0) + WHERE Id=OLD.MonitorId; END IF; END; // -delimiter ; +DROP TRIGGER IF EXISTS event_insert_trigger// -DROP TRIGGER IF EXISTS event_insert_trigger; - -delimiter // /* The assumption is that when an Event is inserted, it has no size yet, so don't bother updating the DiskSpace, just the count. * The DiskSpace will get update in the Event Update Trigger */ @@ -203,7 +205,7 @@ CREATE TRIGGER event_delete_trigger BEFORE DELETE ON Events FOR EACH ROW BEGIN IF ( OLD.DiskSpace ) THEN - UPDATE Storage SET DiskSpace = COALESCE(DiskSpace,0) - CAST(OLD.DiskSpace AS SIGNED) WHERE Id = OLD.StorageId; + UPDATE Storage SET DiskSpace = GREATEST(COALESCE(DiskSpace,0) - COALESCE(OLD.DiskSpace,0),0) WHERE Id = OLD.StorageId; END IF; DELETE FROM Events_Hour WHERE EventId=OLD.Id; DELETE FROM Events_Day WHERE EventId=OLD.Id; @@ -212,15 +214,15 @@ BEGIN IF ( OLD.Archived ) THEN DELETE FROM Events_Archived WHERE EventId=OLD.Id; UPDATE Monitors SET - ArchivedEvents = COALESCE(ArchivedEvents,1) - 1, - ArchivedEventDiskSpace = COALESCE(ArchivedEventDiskSpace,0) - COALESCE(OLD.DiskSpace,0), - TotalEvents = COALESCE(TotalEvents,1) - 1, - TotalEventDiskSpace = COALESCE(TotalEventDiskSpace,0) - COALESCE(OLD.DiskSpace,0) + ArchivedEvents = GREATEST(COALESCE(ArchivedEvents,1) - 1,0), + ArchivedEventDiskSpace = GREATEST(COALESCE(ArchivedEventDiskSpace,0) - COALESCE(OLD.DiskSpace,0),0), + TotalEvents = GREATEST(COALESCE(TotalEvents,1) - 1,0), + TotalEventDiskSpace = GREATEST(COALESCE(TotalEventDiskSpace,0) - COALESCE(OLD.DiskSpace,0),0) WHERE Id=OLD.MonitorId; ELSE UPDATE Monitors SET - TotalEvents = COALESCE(TotalEvents,1)-1, - TotalEventDiskSpace=COALESCE(TotalEventDiskSpace,0)-COALESCE(OLD.DiskSpace,0) + TotalEvents = GREATEST(COALESCE(TotalEvents,1)-1,0), + TotalEventDiskSpace=GREATEST(COALESCE(TotalEventDiskSpace,0)-COALESCE(OLD.DiskSpace,0),0) WHERE Id=OLD.MonitorId; END IF; END; diff --git a/db/zm_update-1.33.7.sql b/db/zm_update-1.33.7.sql new file mode 100644 index 000000000..b29fe0e88 --- /dev/null +++ b/db/zm_update-1.33.7.sql @@ -0,0 +1,283 @@ + +delimiter // +DROP TRIGGER IF EXISTS Events_Hour_delete_trigger// +CREATE TRIGGER Events_Hour_delete_trigger BEFORE DELETE ON Events_Hour +FOR EACH ROW BEGIN + UPDATE Monitors SET + HourEvents = COALESCE(HourEvents,1)-1, + HourEventDiskSpace=GREATEST(COALESCE(HourEventDiskSpace,0)-COALESCE(OLD.DiskSpace,0),0) + WHERE Id=OLD.MonitorId; +END; +// + +DROP TRIGGER IF EXISTS Events_Hour_update_trigger// + +CREATE TRIGGER Events_Hour_update_trigger AFTER UPDATE ON Events_Hour +FOR EACH ROW + BEGIN + declare diff BIGINT default 0; + + set diff = COALESCE(NEW.DiskSpace,0) - COALESCE(OLD.DiskSpace,0); + IF ( diff ) THEN + IF ( NEW.MonitorID != OLD.MonitorID ) THEN + UPDATE Monitors SET HourEventDiskSpace=GREATEST(COALESCE(HourEventDiskSpace,0)-COALESCE(OLD.DiskSpace,0),0) WHERE Monitors.Id=OLD.MonitorId; + UPDATE Monitors SET HourEventDiskSpace=COALESCE(HourEventDiskSpace,0)+COALESCE(NEW.DiskSpace,0) WHERE Monitors.Id=NEW.MonitorId; + ELSE + UPDATE Monitors SET HourEventDiskSpace=COALESCE(HourEventDiskSpace,0)+diff WHERE Monitors.Id=NEW.MonitorId; + END IF; + END IF; + END; +// + +DROP TRIGGER IF EXISTS Events_Day_delete_trigger// +CREATE TRIGGER Events_Day_delete_trigger BEFORE DELETE ON Events_Day +FOR EACH ROW BEGIN + UPDATE Monitors SET + DayEvents = GREATEST(COALESCE(DayEvents,1)-1,0), + DayEventDiskSpace=GREATEST(COALESCE(DayEventDiskSpace,0)-COALESCE(OLD.DiskSpace,0),0) + WHERE Id=OLD.MonitorId; +END; +// + +DROP TRIGGER IF EXISTS Events_Day_update_trigger; +CREATE TRIGGER Events_Day_update_trigger AFTER UPDATE ON Events_Day +FOR EACH ROW + BEGIN + declare diff BIGINT default 0; + + set diff = COALESCE(NEW.DiskSpace,0) - COALESCE(OLD.DiskSpace,0); + IF ( diff ) THEN + IF ( NEW.MonitorID != OLD.MonitorID ) THEN + UPDATE Monitors SET DayEventDiskSpace=GREATEST(COALESCE(DayEventDiskSpace,0)-COALESCE(OLD.DiskSpace,0),0) WHERE Monitors.Id=OLD.MonitorId; + UPDATE Monitors SET DayEventDiskSpace=COALESCE(DayEventDiskSpace,0)+COALESCE(NEW.DiskSpace,0) WHERE Monitors.Id=NEW.MonitorId; + ELSE + UPDATE Monitors SET DayEventDiskSpace=GREATEST(COALESCE(DayEventDiskSpace,0)+diff,0) WHERE Monitors.Id=NEW.MonitorId; + END IF; + END IF; + END; + // + + +DROP TRIGGER IF EXISTS Events_Week_delete_trigger// +CREATE TRIGGER Events_Week_delete_trigger BEFORE DELETE ON Events_Week +FOR EACH ROW BEGIN + UPDATE Monitors SET + WeekEvents = COALESCE(WeekEvents,1)-1, + WeekEventDiskSpace=GREATEST(COALESCE(WeekEventDiskSpace,0)-COALESCE(OLD.DiskSpace,0),0) + WHERE Id=OLD.MonitorId; +END; +// + +DROP TRIGGER IF EXISTS Events_Week_update_trigger; +CREATE TRIGGER Events_Week_update_trigger AFTER UPDATE ON Events_Week +FOR EACH ROW + BEGIN + declare diff BIGINT default 0; + + set diff = COALESCE(NEW.DiskSpace,0) - COALESCE(OLD.DiskSpace,0); + IF ( diff ) THEN + IF ( NEW.MonitorID != OLD.MonitorID ) THEN + UPDATE Monitors SET WeekEventDiskSpace=GREATEST(COALESCE(WeekEventDiskSpace,0)-COALESCE(OLD.DiskSpace,0),0) WHERE Monitors.Id=OLD.MonitorId; + UPDATE Monitors SET WeekEventDiskSpace=COALESCE(WeekEventDiskSpace,0)+COALESCE(NEW.DiskSpace,0) WHERE Monitors.Id=NEW.MonitorId; + ELSE + UPDATE Monitors SET WeekEventDiskSpace=GREATEST(COALESCE(WeekEventDiskSpace,0)+diff,0) WHERE Monitors.Id=NEW.MonitorId; + END IF; + END IF; + END; + // + +DROP TRIGGER IF EXISTS Events_Month_delete_trigger// +CREATE TRIGGER Events_Month_delete_trigger BEFORE DELETE ON Events_Month +FOR EACH ROW BEGIN + UPDATE Monitors SET + MonthEvents = COALESCE(MonthEvents,1)-1, + MonthEventDiskSpace=GREATEST(COALESCE(MonthEventDiskSpace,0)-COALESCE(OLD.DiskSpace,0),0) + WHERE Id=OLD.MonitorId; +END; +// + +DROP TRIGGER IF EXISTS Events_Month_update_trigger; +CREATE TRIGGER Events_Month_update_trigger AFTER UPDATE ON Events_Month +FOR EACH ROW + BEGIN + declare diff BIGINT default 0; + + set diff = COALESCE(NEW.DiskSpace,0) - COALESCE(OLD.DiskSpace,0); + IF ( diff ) THEN + IF ( NEW.MonitorID != OLD.MonitorID ) THEN + UPDATE Monitors SET MonthEventDiskSpace=GREATEST(COALESCE(MonthEventDiskSpace,0)-COALESCE(OLD.DiskSpace),0) WHERE Monitors.Id=OLD.MonitorId; + UPDATE Monitors SET MonthEventDiskSpace=COALESCE(MonthEventDiskSpace,0)+COALESCE(NEW.DiskSpace) WHERE Monitors.Id=NEW.MonitorId; + ELSE + UPDATE Monitors SET MonthEventDiskSpace=GREATEST(COALESCE(MonthEventDiskSpace,0)+diff,0) WHERE Monitors.Id=NEW.MonitorId; + END IF; + END IF; + END; + // + +drop procedure if exists update_storage_stats// + +drop trigger if exists event_update_trigger// + +CREATE TRIGGER event_update_trigger AFTER UPDATE ON Events +FOR EACH ROW +BEGIN + declare diff BIGINT default 0; + + set diff = COALESCE(NEW.DiskSpace,0) - COALESCE(OLD.DiskSpace,0); + IF ( NEW.StorageId = OLD.StorageID ) THEN + IF ( diff ) THEN + UPDATE Storage SET DiskSpace = GREATEST(COALESCE(DiskSpace,0) + diff,0) WHERE Id = OLD.StorageId; + END IF; + ELSE + IF ( NEW.DiskSpace ) THEN + UPDATE Storage SET DiskSpace = COALESCE(DiskSpace,0) + NEW.DiskSpace WHERE Id = NEW.StorageId; + END IF; + IF ( OLD.DiskSpace ) THEN + UPDATE Storage SET DiskSpace = GREATEST(COALESCE(DiskSpace,0) - OLD.DiskSpace,0) WHERE Id = OLD.StorageId; + END IF; + END IF; + + UPDATE Events_Hour SET DiskSpace=NEW.DiskSpace WHERE EventId=NEW.Id; + UPDATE Events_Day SET DiskSpace=NEW.DiskSpace WHERE EventId=NEW.Id; + UPDATE Events_Week SET DiskSpace=NEW.DiskSpace WHERE EventId=NEW.Id; + UPDATE Events_Month SET DiskSpace=NEW.DiskSpace WHERE EventId=NEW.Id; + + IF ( NEW.Archived != OLD.Archived ) THEN + IF ( NEW.Archived ) THEN + INSERT INTO Events_Archived (EventId,MonitorId,DiskSpace) VALUES (NEW.Id,NEW.MonitorId,NEW.DiskSpace); + UPDATE Monitors SET ArchivedEvents = COALESCE(ArchivedEvents,0)+1, ArchivedEventDiskSpace = COALESCE(ArchivedEventDiskSpace,0) + COALESCE(NEW.DiskSpace,0) WHERE Id=NEW.MonitorId; + ELSEIF ( OLD.Archived ) THEN + DELETE FROM Events_Archived WHERE EventId=OLD.Id; + UPDATE Monitors + SET + ArchivedEvents = GREATEST(COALESCE(ArchivedEvents,0)-1,0), + ArchivedEventDiskSpace = GREATEST(COALESCE(ArchivedEventDiskSpace,0) - COALESCE(OLD.DiskSpace,0),0) + WHERE Id=OLD.MonitorId; + ELSE + IF ( OLD.DiskSpace != NEW.DiskSpace ) THEN + UPDATE Events_Archived SET DiskSpace=NEW.DiskSpace WHERE EventId=NEW.Id; + UPDATE Monitors SET + ArchivedEventDiskSpace = GREATEST(COALESCE(ArchivedEventDiskSpace,0) - COALESCE(OLD.DiskSpace,0) + COALESCE(NEW.DiskSpace,0),0) + WHERE Id=OLD.MonitorId; + END IF; + END IF; + ELSEIF ( NEW.Archived AND diff ) THEN + UPDATE Events_Archived SET DiskSpace=NEW.DiskSpace WHERE EventId=NEW.Id; + END IF; + + IF ( diff ) THEN + UPDATE Monitors + SET + TotalEventDiskSpace = GREATEST(COALESCE(TotalEventDiskSpace,0) - COALESCE(OLD.DiskSpace,0) + COALESCE(NEW.DiskSpace,0),0) + WHERE Id=OLD.MonitorId; + END IF; + +END; + +// + +DROP TRIGGER IF EXISTS event_insert_trigger// + +/* The assumption is that when an Event is inserted, it has no size yet, so don't bother updating the DiskSpace, just the count. + * The DiskSpace will get update in the Event Update Trigger + */ +CREATE TRIGGER event_insert_trigger AFTER INSERT ON Events +FOR EACH ROW + BEGIN + + INSERT INTO Events_Hour (EventId,MonitorId,StartTime,DiskSpace) VALUES (NEW.Id,NEW.MonitorId,NEW.StartTime,0); + INSERT INTO Events_Day (EventId,MonitorId,StartTime,DiskSpace) VALUES (NEW.Id,NEW.MonitorId,NEW.StartTime,0); + INSERT INTO Events_Week (EventId,MonitorId,StartTime,DiskSpace) VALUES (NEW.Id,NEW.MonitorId,NEW.StartTime,0); + INSERT INTO Events_Month (EventId,MonitorId,StartTime,DiskSpace) VALUES (NEW.Id,NEW.MonitorId,NEW.StartTime,0); + UPDATE Monitors SET + HourEvents = COALESCE(HourEvents,0)+1, + DayEvents = COALESCE(DayEvents,0)+1, + WeekEvents = COALESCE(WeekEvents,0)+1, + MonthEvents = COALESCE(MonthEvents,0)+1, + TotalEvents = COALESCE(TotalEvents,0)+1 + WHERE Id=NEW.MonitorId; +END; +// + +DROP TRIGGER IF EXISTS event_delete_trigger// + +CREATE TRIGGER event_delete_trigger BEFORE DELETE ON Events +FOR EACH ROW +BEGIN + IF ( OLD.DiskSpace ) THEN + UPDATE Storage SET DiskSpace = GREATEST(COALESCE(DiskSpace,0) - COALESCE(OLD.DiskSpace,0),0) WHERE Id = OLD.StorageId; + END IF; + DELETE FROM Events_Hour WHERE EventId=OLD.Id; + DELETE FROM Events_Day WHERE EventId=OLD.Id; + DELETE FROM Events_Week WHERE EventId=OLD.Id; + DELETE FROM Events_Month WHERE EventId=OLD.Id; + IF ( OLD.Archived ) THEN + DELETE FROM Events_Archived WHERE EventId=OLD.Id; + UPDATE Monitors SET + ArchivedEvents = GREATEST(COALESCE(ArchivedEvents,1) - 1,0), + ArchivedEventDiskSpace = GREATEST(COALESCE(ArchivedEventDiskSpace,0) - COALESCE(OLD.DiskSpace,0),0), + TotalEvents = GREATEST(COALESCE(TotalEvents,1) - 1,0), + TotalEventDiskSpace = GREATEST(COALESCE(TotalEventDiskSpace,0) - COALESCE(OLD.DiskSpace,0),0) + WHERE Id=OLD.MonitorId; + ELSE + UPDATE Monitors SET + TotalEvents = GREATEST(COALESCE(TotalEvents,1)-1,0), + TotalEventDiskSpace=GREATEST(COALESCE(TotalEventDiskSpace,0)-COALESCE(OLD.DiskSpace,0),0) + WHERE Id=OLD.MonitorId; + END IF; +END; + +// + +DROP TRIGGER IF EXISTS Zone_Insert_Trigger// +CREATE TRIGGER Zone_Insert_Trigger AFTER INSERT ON Zones +FOR EACH ROW + BEGIN + UPDATE Monitors SET ZoneCount=(SELECT COUNT(*) FROM Zones WHERE MonitorId=NEW.MonitorId) WHERE Id=NEW.MonitorID; + END +// +DROP TRIGGER IF EXISTS Zone_Delete_Trigger// +CREATE TRIGGER Zone_Delete_Trigger AFTER DELETE ON Zones +FOR EACH ROW + BEGIN + UPDATE Monitors SET ZoneCount=(SELECT COUNT(*) FROM Zones WHERE MonitorId=OLD.MonitorId) WHERE Id=OLD.MonitorID; + END +// + +DELIMITER ; + +REPLACE INTO Events_Hour SELECT Id,MonitorId,StartTime,DiskSpace FROM Events WHERE StartTime > DATE_SUB(NOW(), INTERVAL 1 hour); +REPLACE INTO Events_Day SELECT Id,MonitorId,StartTime,DiskSpace FROM Events WHERE StartTime > DATE_SUB(NOW(), INTERVAL 1 day); +REPLACE INTO Events_Week SELECT Id,MonitorId,StartTime,DiskSpace FROM Events WHERE StartTime > DATE_SUB(NOW(), INTERVAL 1 week); +REPLACE INTO Events_Month SELECT Id,MonitorId,StartTime,DiskSpace FROM Events WHERE StartTime > DATE_SUB(NOW(), INTERVAL 1 month); +REPLACE INTO Events_Archived SELECT Id,MonitorId,DiskSpace FROM Events WHERE Archived=1; + +UPDATE Monitors INNER JOIN ( + SELECT MonitorId, + COUNT(Id) AS TotalEvents, + SUM(DiskSpace) AS TotalEventDiskSpace, + SUM(IF(Archived,1,0)) AS ArchivedEvents, + SUM(IF(Archived,DiskSpace,0)) AS ArchivedEventDiskSpace, + SUM(IF(StartTime > DATE_SUB(NOW(), INTERVAL 1 hour),1,0)) AS HourEvents, + SUM(IF(StartTime > DATE_SUB(NOW(), INTERVAL 1 hour),DiskSpace,0)) AS HourEventDiskSpace, + SUM(IF(StartTime > DATE_SUB(NOW(), INTERVAL 1 day),1,0)) AS DayEvents, + SUM(IF(StartTime > DATE_SUB(NOW(), INTERVAL 1 day),DiskSpace,0)) AS DayEventDiskSpace, + SUM(IF(StartTime > DATE_SUB(NOW(), INTERVAL 1 week),1,0)) AS WeekEvents, + SUM(IF(StartTime > DATE_SUB(NOW(), INTERVAL 1 week),DiskSpace,0)) AS WeekEventDiskSpace, + SUM(IF(StartTime > DATE_SUB(NOW(), INTERVAL 1 month),1,0)) AS MonthEvents, + SUM(IF(StartTime > DATE_SUB(NOW(), INTERVAL 1 month),DiskSpace,0)) AS MonthEventDiskSpace + FROM Events GROUP BY MonitorId + ) AS E ON E.MonitorId=Monitors.Id SET + Monitors.TotalEvents = E.TotalEvents, + Monitors.TotalEventDiskSpace = E.TotalEventDiskSpace, + Monitors.ArchivedEvents = E.ArchivedEvents, + Monitors.ArchivedEventDiskSpace = E.ArchivedEventDiskSpace, + Monitors.HourEvents = E.HourEvents, + Monitors.HourEventDiskSpace = E.HourEventDiskSpace, + Monitors.DayEvents = E.DayEvents, + Monitors.DayEventDiskSpace = E.DayEventDiskSpace, + Monitors.WeekEvents = E.WeekEvents, + Monitors.WeekEventDiskSpace = E.WeekEventDiskSpace, + Monitors.MonthEvents = E.MonthEvents, + Monitors.MonthEventDiskSpace = E.MonthEventDiskSpace; + diff --git a/version b/version index 170749774..1304b01de 100644 --- a/version +++ b/version @@ -1 +1 @@ -1.33.6 +1.33.7 From ea7c38ceff7b1231c416cd45f96657c979020c98 Mon Sep 17 00:00:00 2001 From: Pliable Pixels Date: Wed, 24 Apr 2019 13:55:57 -0400 Subject: [PATCH 015/922] Alarm cause fix (#2582) * move alarm cause code to when the alarm flag is set * formatting * added temp info log * char* not string in log * merged alarm clause into info message about alarm * add a comma only if there are more active zones * JB tweak to slightly optimize leading comma processing --- src/zm_monitor.cpp | 27 +++++++++++++-------------- 1 file changed, 13 insertions(+), 14 deletions(-) diff --git a/src/zm_monitor.cpp b/src/zm_monitor.cpp index 09aaeeb87..2987d08f2 100644 --- a/src/zm_monitor.cpp +++ b/src/zm_monitor.cpp @@ -1547,9 +1547,19 @@ bool Monitor::Analyse() { if ( score ) { if ( state == IDLE || state == TAPE || state == PREALARM ) { if ( (!pre_event_count) || (Event::PreAlarmCount() >= alarm_frame_count) ) { - Info("%s: %03d - Gone into alarm state PreAlarmCount: %u > AlarmFrameCount:%u", - name, image_count, Event::PreAlarmCount(), alarm_frame_count); shared_data->state = state = ALARM; + // lets construct alarm cause. It will contain cause + names of zones alarmed + std::string alarm_cause=""; + for ( int i=0; i < n_zones; i++) { + if (zones[i]->Alarmed()) { + alarm_cause = alarm_cause+ ","+ std::string(zones[i]->Label()); + } + } + if (!alarm_cause.empty()) alarm_cause[0]=' '; + alarm_cause = cause+alarm_cause; + strncpy(shared_data->alarm_cause,alarm_cause.c_str(), sizeof(shared_data->alarm_cause)-1); + Info("%s: %03d - Gone into alarm state PreAlarmCount: %u > AlarmFrameCount:%u Cause:%s", + name, image_count, Event::PreAlarmCount(), alarm_frame_count, shared_data->alarm_cause); if ( signal_change || (function != MOCORD && state != ALERT) ) { int pre_index; int pre_event_images = pre_event_count; @@ -1594,18 +1604,7 @@ bool Monitor::Analyse() { event = new Event(this, *(image_buffer[pre_index].timestamp), cause, noteSetMap); } shared_data->last_event = event->Id(); - // lets construct alarm cause. It will contain cause + names of zones alarmed - std::string alarm_cause=""; - for ( int i=0; i < n_zones; i++) { - if (zones[i]->Alarmed()) { - alarm_cause += std::string(zones[i]->Label()); - if (i < n_zones-1) { - alarm_cause +=","; - } - } - } - alarm_cause = cause+" "+alarm_cause; - strncpy(shared_data->alarm_cause,alarm_cause.c_str(), sizeof(shared_data->alarm_cause)-1); + //set up video store data snprintf(video_store_data->event_file, sizeof(video_store_data->event_file), "%s", event->getEventFile()); video_store_data->recording = event->StartTime(); From 18285e1b94a2b3ce5eeb515ff26dd588c358c5a3 Mon Sep 17 00:00:00 2001 From: Isaac Connor Date: Thu, 25 Apr 2019 18:45:43 -0400 Subject: [PATCH 016/922] fix using in_frame->nb_samples instead of out_frame->nb_samples in resample fifo. --- src/zm_videostore.cpp | 8 ++++---- 1 file changed, 4 insertions(+), 4 deletions(-) diff --git a/src/zm_videostore.cpp b/src/zm_videostore.cpp index a8f3e3041..0d3e22b4e 100644 --- a/src/zm_videostore.cpp +++ b/src/zm_videostore.cpp @@ -1005,7 +1005,7 @@ int VideoStore::writeAudioFramePacket(AVPacket *ipkt) { zm_dump_frame(in_frame, "In frame from decode"); - if ( ! resample_audio() ) { + if ( !resample_audio() ) { //av_frame_unref(in_frame); return 0; } @@ -1172,7 +1172,7 @@ int VideoStore::writeAudioFramePacket(AVPacket *ipkt) { } // end int VideoStore::writeAudioFramePacket(AVPacket *ipkt) int VideoStore::resample_audio() { - // Resample the in into the audioSampleBuffer until we process the whole + // Resample the in_frame into the audioSampleBuffer until we process the whole // decoded data. Note: pts does not survive resampling or converting #if defined(HAVE_LIBSWRESAMPLE) || defined(HAVE_LIBAVRESAMPLE) #if defined(HAVE_LIBSWRESAMPLE) @@ -1192,8 +1192,8 @@ int VideoStore::resample_audio() { } /** Store the new samples in the FIFO buffer. */ ret = av_audio_fifo_write(fifo, (void **)out_frame->data, out_frame->nb_samples); - if ( ret < in_frame->nb_samples ) { - Error("Could not write data to FIFO on %d written", ret); + if ( ret < out_frame->nb_samples ) { + Error("Could not write data to FIFO on %d written, expecting %d", ret, out_frame->nb_samples); return 0; } From 6a250d61e3dacd889021b7c3e164eed4119d029a Mon Sep 17 00:00:00 2001 From: Isaac Connor Date: Fri, 26 Apr 2019 10:25:32 -0400 Subject: [PATCH 017/922] cache_bust logger.js and overlay.js --- web/skins/classic/includes/functions.php | 4 ++-- 1 file changed, 2 insertions(+), 2 deletions(-) diff --git a/web/skins/classic/includes/functions.php b/web/skins/classic/includes/functions.php index fa57411cd..2d71b2397 100644 --- a/web/skins/classic/includes/functions.php +++ b/web/skins/classic/includes/functions.php @@ -173,12 +173,12 @@ echo output_link_if_exists( array( - + - + Date: Fri, 26 Apr 2019 10:26:16 -0400 Subject: [PATCH 018/922] dsiable form submit on enter on the monitor view --- web/skins/classic/views/js/monitor.js | 13 +++++++++++-- 1 file changed, 11 insertions(+), 2 deletions(-) diff --git a/web/skins/classic/views/js/monitor.js b/web/skins/classic/views/js/monitor.js index e0ca4f1d4..483f1b23b 100644 --- a/web/skins/classic/views/js/monitor.js +++ b/web/skins/classic/views/js/monitor.js @@ -64,6 +64,15 @@ function initPage() { return false; }; }); -} -window.addEventListener( 'DOMContentLoaded', initPage ); + // Disable form submit on enter + $j('#contentForm').on('keyup keypress', function(e) { + var keyCode = e.keyCode || e.which; + if (keyCode === 13) { + e.preventDefault(); + return false; + } + }); +} // end function initPage() + +window.addEventListener('DOMContentLoaded', initPage); From a0dbb70af6d04f2cd824975de32ad6987dc17b57 Mon Sep 17 00:00:00 2001 From: Isaac Connor Date: Fri, 26 Apr 2019 10:40:11 -0400 Subject: [PATCH 019/922] filter the form submit on enter to only affect input elements, not textareas --- web/skins/classic/views/js/monitor.js | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/web/skins/classic/views/js/monitor.js b/web/skins/classic/views/js/monitor.js index 483f1b23b..ff57b774f 100644 --- a/web/skins/classic/views/js/monitor.js +++ b/web/skins/classic/views/js/monitor.js @@ -66,7 +66,7 @@ function initPage() { }); // Disable form submit on enter - $j('#contentForm').on('keyup keypress', function(e) { + $j('#contentForm input').on('keyup keypress', function(e) { var keyCode = e.keyCode || e.which; if (keyCode === 13) { e.preventDefault(); From 28269eccc34a0d49911dfa82fe9ccad903cf8e36 Mon Sep 17 00:00:00 2001 From: Isaac Connor Date: Sun, 28 Apr 2019 12:05:32 -0400 Subject: [PATCH 020/922] Fix Remote RTSP Method on newer ffmpeg --- src/zm_remote_camera_rtsp.cpp | 27 ++++- src/zm_remote_camera_rtsp.h | 3 +- src/zm_rtp_ctrl.cpp | 156 ++++++++++--------------- src/zm_rtp_ctrl.h | 39 +++---- src/zm_rtp_source.cpp | 160 +++++++++---------------- src/zm_rtsp.cpp | 213 ++++++++++++++++------------------ src/zm_sdp.cpp | 197 +++++++++++++++---------------- 7 files changed, 350 insertions(+), 445 deletions(-) diff --git a/src/zm_remote_camera_rtsp.cpp b/src/zm_remote_camera_rtsp.cpp index 7e2143203..1f94f4849 100644 --- a/src/zm_remote_camera_rtsp.cpp +++ b/src/zm_remote_camera_rtsp.cpp @@ -28,7 +28,22 @@ #include #include -RemoteCameraRtsp::RemoteCameraRtsp( unsigned int p_monitor_id, const std::string &p_method, const std::string &p_host, const std::string &p_port, const std::string &p_path, int p_width, int p_height, bool p_rtsp_describe, int p_colours, int p_brightness, int p_contrast, int p_hue, int p_colour, bool p_capture, bool p_record_audio ) : +RemoteCameraRtsp::RemoteCameraRtsp( + unsigned int p_monitor_id, + const std::string &p_method, + const std::string &p_host, + const std::string &p_port, + const std::string &p_path, + int p_width, + int p_height, + bool p_rtsp_describe, + int p_colours, + int p_brightness, + int p_contrast, + int p_hue, + int p_colour, + bool p_capture, + bool p_record_audio ) : RemoteCamera( p_monitor_id, "rtsp", p_host, p_port, p_path, p_width, p_height, p_colours, p_brightness, p_contrast, p_hue, p_colour, p_capture, p_record_audio ), rtsp_describe( p_rtsp_describe ), rtspThread( 0 ) @@ -63,13 +78,13 @@ RemoteCameraRtsp::RemoteCameraRtsp( unsigned int p_monitor_id, const std::string mConvertContext = NULL; #endif /* Has to be located inside the constructor so other components such as zma will receive correct colours and subpixel order */ - if(colours == ZM_COLOUR_RGB32) { + if ( colours == ZM_COLOUR_RGB32 ) { subpixelorder = ZM_SUBPIX_ORDER_RGBA; imagePixFormat = AV_PIX_FMT_RGBA; - } else if(colours == ZM_COLOUR_RGB24) { + } else if ( colours == ZM_COLOUR_RGB24 ) { subpixelorder = ZM_SUBPIX_ORDER_RGB; imagePixFormat = AV_PIX_FMT_RGB24; - } else if(colours == ZM_COLOUR_GRAY8) { + } else if ( colours == ZM_COLOUR_GRAY8 ) { subpixelorder = ZM_SUBPIX_ORDER_NONE; imagePixFormat = AV_PIX_FMT_GRAY8; } else { @@ -169,7 +184,7 @@ int RemoteCameraRtsp::PrimeCapture() { } else { Debug(2, "Have another video stream." ); } - } + } else #if (LIBAVCODEC_VERSION_CHECK(52, 64, 0, 64, 0) || LIBAVUTIL_VERSION_CHECK(50, 14, 0, 14, 0)) if ( mFormatContext->streams[i]->codec->codec_type == AVMEDIA_TYPE_AUDIO ) #else @@ -181,6 +196,8 @@ int RemoteCameraRtsp::PrimeCapture() { } else { Debug(2, "Have another audio stream." ); } + } else { + Debug(1, "Have unknown codec type in stream %d : %d", i, mFormatContext->streams[i]->codec->codec_type); } } // end foreach stream diff --git a/src/zm_remote_camera_rtsp.h b/src/zm_remote_camera_rtsp.h index b3e392a77..5fa5a0778 100644 --- a/src/zm_remote_camera_rtsp.h +++ b/src/zm_remote_camera_rtsp.h @@ -34,8 +34,7 @@ // accessed over a network connection using rtsp protocol // (Real Time Streaming Protocol) // -class RemoteCameraRtsp : public RemoteCamera -{ +class RemoteCameraRtsp : public RemoteCamera { protected: struct sockaddr_in rtsp_sa; struct sockaddr_in rtcp_sa; diff --git a/src/zm_rtp_ctrl.cpp b/src/zm_rtp_ctrl.cpp index b586c979f..bc6725c5d 100644 --- a/src/zm_rtp_ctrl.cpp +++ b/src/zm_rtp_ctrl.cpp @@ -28,12 +28,12 @@ #include -RtpCtrlThread::RtpCtrlThread( RtspThread &rtspThread, RtpSource &rtpSource ) : mRtspThread( rtspThread ), mRtpSource( rtpSource ), mStop( false ) +RtpCtrlThread::RtpCtrlThread( RtspThread &rtspThread, RtpSource &rtpSource ) + : mRtspThread( rtspThread ), mRtpSource( rtpSource ), mStop( false ) { } -int RtpCtrlThread::recvPacket( const unsigned char *packet, ssize_t packetLen ) -{ +int RtpCtrlThread::recvPacket( const unsigned char *packet, ssize_t packetLen ) { const RtcpPacket *rtcpPacket; rtcpPacket = (RtcpPacket *)packet; @@ -48,33 +48,24 @@ int RtpCtrlThread::recvPacket( const unsigned char *packet, ssize_t packetLen ) int pt = rtcpPacket->header.pt; int len = ntohs(rtcpPacket->header.lenN); - Debug( 5, "RTCP Ver: %d", ver ); - Debug( 5, "RTCP Count: %d", count ); - Debug( 5, "RTCP Pt: %d", pt ); - Debug( 5, "RTCP len: %d", len ); + Debug( 5, "RTCP Ver: %d Count: %d Pt: %d len: %d", ver, count, pt, len); - switch( pt ) - { + switch( pt ) { case RTCP_SR : { uint32_t ssrc = ntohl(rtcpPacket->body.sr.ssrcN); Debug( 5, "RTCP Got SR (%x)", ssrc ); - if ( mRtpSource.getSsrc() ) - { - if ( ssrc != mRtpSource.getSsrc() ) - { + if ( mRtpSource.getSsrc() ) { + if ( ssrc != mRtpSource.getSsrc() ) { Warning( "Discarding packet for unrecognised ssrc %x", ssrc ); return( -1 ); } - } - else if ( ssrc ) - { + } else if ( ssrc ) { mRtpSource.setSsrc( ssrc ); } - if ( len > 1 ) - { + if ( len > 1 ) { //printf( "NTPts:%d.%d, RTPts:%d\n", $ntptsmsb, $ntptslsb, $rtpts ); uint16_t ntptsmsb = ntohl(rtcpPacket->body.sr.ntpSecN); uint16_t ntptslsb = ntohl(rtcpPacket->body.sr.ntpFracN); @@ -89,25 +80,21 @@ int RtpCtrlThread::recvPacket( const unsigned char *packet, ssize_t packetLen ) case RTCP_SDES : { ssize_t contentLen = packetLen - sizeof(rtcpPacket->header); - while ( contentLen ) - { + while ( contentLen ) { Debug( 5, "RTCP CL: %zd", contentLen ); uint32_t ssrc = ntohl(rtcpPacket->body.sdes.srcN); Debug( 5, "RTCP Got SDES (%x), %d items", ssrc, count ); - if ( mRtpSource.getSsrc() && (ssrc != mRtpSource.getSsrc()) ) - { + if ( mRtpSource.getSsrc() && (ssrc != mRtpSource.getSsrc()) ) { Warning( "Discarding packet for unrecognised ssrc %x", ssrc ); return( -1 ); } unsigned char *sdesPtr = (unsigned char *)&rtcpPacket->body.sdes.item; - for ( int i = 0; i < count; i++ ) - { + for ( int i = 0; i < count; i++ ) { RtcpSdesItem *item = (RtcpSdesItem *)sdesPtr; Debug( 5, "RTCP Item length %d", item->len ); - switch( item->type ) - { + switch( item->type ) { case RTCP_SDES_CNAME : { std::string cname( item->data, item->len ); @@ -123,50 +110,39 @@ int RtpCtrlThread::recvPacket( const unsigned char *packet, ssize_t packetLen ) case RTCP_SDES_NOTE : case RTCP_SDES_PRIV : default : - { Error( "Received unexpected SDES item type %d, ignoring", item->type ); - return( -1 ); - } + return -1; } int paddedLen = 4+2+item->len+1; // Add null byte paddedLen = (((paddedLen-1)/4)+1)*4; // Round to nearest multiple of 4 - Debug( 5, "RTCP PL:%d", paddedLen ); + Debug(5, "RTCP PL:%d", paddedLen); sdesPtr += paddedLen; contentLen = ( paddedLen <= contentLen ) ? ( contentLen - paddedLen ) : 0; } - } + } // end whiel contentLen break; } case RTCP_BYE : - { - Debug( 5, "RTCP Got BYE" ); + Debug(5, "RTCP Got BYE"); mStop = true; break; - } case RTCP_APP : - { // Ignoring as per RFC 3550 - Debug( 5, "Received RTCP_APP packet, ignoring."); + Debug(5, "Received RTCP_APP packet, ignoring."); break; - } case RTCP_RR : - { - Error( "Received RTCP_RR packet." ); - return( -1 ); - } + Error("Received RTCP_RR packet."); + return -1; default : - { // Ignore unknown packet types. Some cameras do this by design. - Debug( 5, "Received unexpected packet type %d, ignoring", pt ); + Debug(5, "Received unexpected packet type %d, ignoring", pt); break; - } } consumed = sizeof(uint32_t)*(len+1); - return( consumed ); + return consumed; } -int RtpCtrlThread::generateRr( const unsigned char *packet, ssize_t packetLen ) -{ +int RtpCtrlThread::generateRr( const unsigned char *packet, ssize_t packetLen ) { RtcpPacket *rtcpPacket = (RtcpPacket *)packet; int byteLen = sizeof(rtcpPacket->header)+sizeof(rtcpPacket->body.rr)+sizeof(rtcpPacket->body.rr.rr[0]); @@ -180,11 +156,13 @@ int RtpCtrlThread::generateRr( const unsigned char *packet, ssize_t packetLen ) mRtpSource.updateRtcpStats(); - Debug( 5, "Ssrc = %d", mRtspThread.getSsrc()+1 ); - Debug( 5, "Ssrc_1 = %d", mRtpSource.getSsrc() ); - Debug( 5, "Last Seq = %d", mRtpSource.getMaxSeq() ); - Debug( 5, "Jitter = %d", mRtpSource.getJitter() ); - Debug( 5, "Last SR = %d", mRtpSource.getLastSrTimestamp() ); + Debug(5, "Ssrc = %d Ssrc_1 = %d Last Seq = %d Jitter = %d Last SR = %d", + mRtspThread.getSsrc()+1, + mRtpSource.getSsrc(), + mRtpSource.getMaxSeq(), + mRtpSource.getJitter(), + mRtpSource.getLastSrTimestamp() + ); rtcpPacket->body.rr.ssrcN = htonl(mRtspThread.getSsrc()+1); rtcpPacket->body.rr.rr[0].ssrcN = htonl(mRtpSource.getSsrc()); @@ -195,11 +173,10 @@ int RtpCtrlThread::generateRr( const unsigned char *packet, ssize_t packetLen ) rtcpPacket->body.rr.rr[0].lsrN = htonl(mRtpSource.getLastSrTimestamp()); rtcpPacket->body.rr.rr[0].dlsrN = 0; - return( wordLen*sizeof(uint32_t) ); -} + return wordLen*sizeof(uint32_t); +} // end RtpCtrlThread::generateRr -int RtpCtrlThread::generateSdes( const unsigned char *packet, ssize_t packetLen ) -{ +int RtpCtrlThread::generateSdes( const unsigned char *packet, ssize_t packetLen ) { RtcpPacket *rtcpPacket = (RtcpPacket *)packet; const std::string &cname = mRtpSource.getCname(); @@ -218,11 +195,10 @@ int RtpCtrlThread::generateSdes( const unsigned char *packet, ssize_t packetLen rtcpPacket->body.sdes.item[0].len = cname.size(); memcpy( rtcpPacket->body.sdes.item[0].data, cname.data(), cname.size() ); - return( wordLen*sizeof(uint32_t) ); -} + return wordLen*sizeof(uint32_t); +} // end RtpCtrlThread::generateSdes -int RtpCtrlThread::generateBye( const unsigned char *packet, ssize_t packetLen ) -{ +int RtpCtrlThread::generateBye( const unsigned char *packet, ssize_t packetLen ) { RtcpPacket *rtcpPacket = (RtcpPacket *)packet; int byteLen = sizeof(rtcpPacket->header)+sizeof(rtcpPacket->body.bye)+sizeof(rtcpPacket->body.bye.srcN[0]); @@ -236,11 +212,10 @@ int RtpCtrlThread::generateBye( const unsigned char *packet, ssize_t packetLen ) rtcpPacket->body.bye.srcN[0] = htonl(mRtpSource.getSsrc()); - return( wordLen*sizeof(uint32_t) ); -} + return wordLen*sizeof(uint32_t); +} // end RtpCtrolThread::generateBye -int RtpCtrlThread::recvPackets( unsigned char *buffer, ssize_t nBytes ) -{ +int RtpCtrlThread::recvPackets( unsigned char *buffer, ssize_t nBytes ) { unsigned char *bufferPtr = buffer; // u_int32 len; /* length of compound RTCP packet in words */ @@ -259,33 +234,28 @@ int RtpCtrlThread::recvPackets( unsigned char *buffer, ssize_t nBytes ) // /* something wrong with packet format */ // } - while ( nBytes > 0 ) - { + while ( nBytes > 0 ) { int consumed = recvPacket( bufferPtr, nBytes ); if ( consumed <= 0 ) break; bufferPtr += consumed; nBytes -= consumed; } - return( nBytes ); + return nBytes; } -int RtpCtrlThread::run() -{ +int RtpCtrlThread::run() { Debug( 2, "Starting control thread %x on port %d", mRtpSource.getSsrc(), mRtpSource.getLocalCtrlPort() ); SockAddrInet localAddr, remoteAddr; bool sendReports; UdpInetSocket rtpCtrlServer; - if ( mRtpSource.getLocalHost() != "" ) - { + if ( mRtpSource.getLocalHost() != "" ) { if ( !rtpCtrlServer.bind( mRtpSource.getLocalHost().c_str(), mRtpSource.getLocalCtrlPort() ) ) Fatal( "Failed to bind RTCP server" ); sendReports = false; Debug( 3, "Bound to %s:%d", mRtpSource.getLocalHost().c_str(), mRtpSource.getLocalCtrlPort() ); - } - else - { + } else { if ( !rtpCtrlServer.bind( mRtspThread.getAddressFamily() == AF_INET6 ? "::" : "0.0.0.0", mRtpSource.getLocalCtrlPort() ) ) Fatal( "Failed to bind RTCP server" ); Debug( 3, "Bound to %s:%d", mRtpSource.getLocalHost().c_str(), mRtpSource.getLocalCtrlPort() ); @@ -309,17 +279,17 @@ int RtpCtrlThread::run() time_t now = time(NULL); Select::CommsList readable = select.getReadable(); - if ( readable.size() == 0 ) - { + if ( readable.size() == 0 ) { if ( ! timeout ) { // With this code here, we will send an SDES and RR packet every 10 seconds ssize_t nBytes; unsigned char *bufferPtr = buffer; bufferPtr += generateRr( bufferPtr, sizeof(buffer)-(bufferPtr-buffer) ); bufferPtr += generateSdes( bufferPtr, sizeof(buffer)-(bufferPtr-buffer) ); - Debug( 3, "Preventing timeout by sending %zd bytes on sd %d. Time since last receive: %d", bufferPtr-buffer, rtpCtrlServer.getWriteDesc(), ( now-last_receive) ); - if ( (nBytes = rtpCtrlServer.send( buffer, bufferPtr-buffer )) < 0 ) - Error( "Unable to send: %s", strerror( errno ) ); + Debug( 3, "Preventing timeout by sending %zd bytes on sd %d. Time since last receive: %d", + bufferPtr-buffer, rtpCtrlServer.getWriteDesc(), ( now-last_receive) ); + if ( (nBytes = rtpCtrlServer.send(buffer, bufferPtr-buffer)) < 0 ) + Error("Unable to send: %s", strerror(errno)); timeout = true; continue; } else { @@ -332,25 +302,21 @@ int RtpCtrlThread::run() timeout = false; last_receive = time(NULL); } - for ( Select::CommsList::iterator iter = readable.begin(); iter != readable.end(); ++iter ) - { - if ( UdpInetSocket *socket = dynamic_cast(*iter) ) - { + for ( Select::CommsList::iterator iter = readable.begin(); iter != readable.end(); ++iter ) { + if ( UdpInetSocket *socket = dynamic_cast(*iter) ) { ssize_t nBytes = socket->recv( buffer, sizeof(buffer) ); Debug( 4, "Read %zd bytes on sd %d", nBytes, socket->getReadDesc() ); - if ( nBytes ) - { + if ( nBytes ) { recvPackets( buffer, nBytes ); - if ( sendReports ) - { + if ( sendReports ) { unsigned char *bufferPtr = buffer; bufferPtr += generateRr( bufferPtr, sizeof(buffer)-(bufferPtr-buffer) ); bufferPtr += generateSdes( bufferPtr, sizeof(buffer)-(bufferPtr-buffer) ); - Debug( 3, "Sending %zd bytes on sd %d", bufferPtr-buffer, rtpCtrlServer.getWriteDesc() ); + Debug(3, "Sending %zd bytes on sd %d", bufferPtr-buffer, rtpCtrlServer.getWriteDesc()); if ( (nBytes = rtpCtrlServer.send( buffer, bufferPtr-buffer )) < 0 ) - Error( "Unable to send: %s", strerror( errno ) ); + Error("Unable to send: %s", strerror(errno)); //Debug( 4, "Sent %d bytes on sd %d", nBytes, rtpCtrlServer.getWriteDesc() ); } } else { @@ -358,16 +324,14 @@ int RtpCtrlThread::run() mStop = true; break; } - } - else - { - Panic( "Barfed" ); - } - } + } else { + Panic("Barfed"); + } // end if socket + } // end foeach comms iterator } rtpCtrlServer.close(); mRtspThread.stop(); - return( 0 ); + return 0; } #endif // HAVE_LIBAVFORMAT diff --git a/src/zm_rtp_ctrl.h b/src/zm_rtp_ctrl.h index 6d8f3024c..9e5306f92 100644 --- a/src/zm_rtp_ctrl.h +++ b/src/zm_rtp_ctrl.h @@ -34,13 +34,11 @@ class RtspThread; class RtpSource; -class RtpCtrlThread : public Thread -{ +class RtpCtrlThread : public Thread { friend class RtspThread; private: - typedef enum - { + typedef enum { RTCP_SR = 200, RTCP_RR = 201, RTCP_SDES = 202, @@ -48,8 +46,7 @@ private: RTCP_APP = 204 } RtcpType; - typedef enum - { + typedef enum { RTCP_SDES_END = 0, RTCP_SDES_CNAME = 1, RTCP_SDES_NAME = 2, @@ -61,8 +58,7 @@ private: RTCP_SDES_PRIV = 8 } RtcpSdesType; - struct RtcpCommonHeader - { + struct RtcpCommonHeader { uint8_t count:5; // varies by packet type uint8_t p:1; // padding flag uint8_t version:2; // protocol version @@ -71,8 +67,7 @@ private: }; // Reception report block - struct RtcpRr - { + struct RtcpRr { uint32_t ssrcN; // data source being reported int32_t lost:24; // cumul. no. pkts lost (signed!) uint32_t fraction:8; // fraction lost since last SR/RR @@ -83,22 +78,18 @@ private: }; // SDES item - struct RtcpSdesItem - { + struct RtcpSdesItem { uint8_t type; // type of item (rtcp_sdes_type_t) uint8_t len; // length of item (in octets) char data[]; // text, not null-terminated }; // RTCP packet - struct RtcpPacket - { + struct RtcpPacket { RtcpCommonHeader header; // common header - union - { + union { // Sender Report (SR) - struct Sr - { + struct Sr { uint32_t ssrcN; // sender generating this report, network order uint32_t ntpSecN; // NTP timestamp, network order uint32_t ntpFracN; @@ -109,22 +100,19 @@ private: } sr; // Reception Report (RR) - struct Rr - { + struct Rr { uint32_t ssrcN; // receiver generating this report RtcpRr rr[]; // variable-length list } rr; // source description (SDES) - struct Sdes - { + struct Sdes { uint32_t srcN; // first SSRC/CSRC RtcpSdesItem item[]; // list of SDES items } sdes; // BYE - struct - { + struct { uint32_t srcN[]; // list of sources // can't express trailing text for reason (what does this mean? it's not even english!) } bye; @@ -148,8 +136,7 @@ private: public: RtpCtrlThread( RtspThread &rtspThread, RtpSource &rtpSource ); - void stop() - { + void stop() { mStop = true; } }; diff --git a/src/zm_rtp_source.cpp b/src/zm_rtp_source.cpp index 0cd838902..02e8ed0c5 100644 --- a/src/zm_rtp_source.cpp +++ b/src/zm_rtp_source.cpp @@ -26,7 +26,17 @@ #if HAVE_LIBAVCODEC -RtpSource::RtpSource( int id, const std::string &localHost, int localPortBase, const std::string &remoteHost, int remotePortBase, uint32_t ssrc, uint16_t seq, uint32_t rtpClock, uint32_t rtpTime, _AVCODECID codecId ) : +RtpSource::RtpSource( + int id, + const std::string &localHost, + int localPortBase, + const std::string &remoteHost, + int remotePortBase, + uint32_t ssrc, + uint16_t seq, + uint32_t rtpClock, + uint32_t rtpTime, + _AVCODECID codecId ) : mId( id ), mSsrc( ssrc ), mLocalHost( localHost ), @@ -65,13 +75,12 @@ RtpSource::RtpSource( int id, const std::string &localHost, int localPortBase, c mLastSrTimeNtp = tvZero(); mLastSrTimeRtp = 0; - if(mCodecId != AV_CODEC_ID_H264 && mCodecId != AV_CODEC_ID_MPEG4) - Warning( "The device is using a codec that may not be supported. Do not be surprised if things don't work." ); + if ( mCodecId != AV_CODEC_ID_H264 && mCodecId != AV_CODEC_ID_MPEG4 ) + Warning("The device is using a codec (%d) that may not be supported. Do not be surprised if things don't work.", mCodecId); } -void RtpSource::init( uint16_t seq ) -{ - Debug( 3, "Initialising sequence" ); +void RtpSource::init( uint16_t seq ) { + Debug(3, "Initialising sequence"); mBaseSeq = seq; mMaxSeq = seq; mBadSeq = RTP_SEQ_MOD + 1; // so seq == mBadSeq is false @@ -84,77 +93,58 @@ void RtpSource::init( uint16_t seq ) mTransit = 0; } -bool RtpSource::updateSeq( uint16_t seq ) -{ +bool RtpSource::updateSeq( uint16_t seq ) { uint16_t uDelta = seq - mMaxSeq; // Source is not valid until MIN_SEQUENTIAL packets with // sequential sequence numbers have been received. Debug( 5, "Seq: %d", seq ); - if ( mProbation) - { + if ( mProbation) { // packet is in sequence - if ( seq == mMaxSeq + 1) - { + if ( seq == mMaxSeq + 1) { Debug( 3, "Sequence in probation %d, in sequence", mProbation ); mProbation--; mMaxSeq = seq; - if ( mProbation == 0 ) - { + if ( mProbation == 0 ) { init( seq ); mReceivedPackets++; return( true ); } - } - else - { + } else { Warning( "Sequence in probation %d, out of sequence", mProbation ); mProbation = MIN_SEQUENTIAL - 1; mMaxSeq = seq; return( false ); } return( true ); - } - else if ( uDelta < MAX_DROPOUT ) - { - if ( uDelta == 1 ) - { + } else if ( uDelta < MAX_DROPOUT ) { + if ( uDelta == 1 ) { Debug( 4, "Packet in sequence, gap %d", uDelta ); - } - else - { + } else { Warning( "Packet in sequence, gap %d", uDelta ); } // in order, with permissible gap - if ( seq < mMaxSeq ) - { + if ( seq < mMaxSeq ) { // Sequence number wrapped - count another 64K cycle. mCycles += RTP_SEQ_MOD; } mMaxSeq = seq; - } - else if ( uDelta <= RTP_SEQ_MOD - MAX_MISORDER ) - { + } else if ( uDelta <= RTP_SEQ_MOD - MAX_MISORDER ) { Warning( "Packet out of sequence, gap %d", uDelta ); // the sequence number made a very large jump - if ( seq == mBadSeq ) - { + if ( seq == mBadSeq ) { Debug( 3, "Restarting sequence" ); // Two sequential packets -- assume that the other side // restarted without telling us so just re-sync // (i.e., pretend this was the first packet). init( seq ); - } - else - { + } else { mBadSeq = (seq + 1) & (RTP_SEQ_MOD-1); return( false ); } - } - else - { + } else { Warning( "Packet duplicate or reordered, gap %d", uDelta ); // duplicate or reordered packet return( false ); @@ -163,10 +153,8 @@ bool RtpSource::updateSeq( uint16_t seq ) return( uDelta==1?true:false ); } -void RtpSource::updateJitter( const RtpDataHeader *header ) -{ - if ( mRtpFactor > 0 ) - { +void RtpSource::updateJitter( const RtpDataHeader *header ) { + if ( mRtpFactor > 0 ) { Debug( 5, "Delta rtp = %.6f", tvDiffSec( mBaseTimeReal ) ); uint32_t localTimeRtp = mBaseTimeRtp + uint32_t( tvDiffSec( mBaseTimeReal ) * mRtpFactor ); Debug( 5, "Local RTP time = %x", localTimeRtp ); @@ -174,8 +162,7 @@ void RtpSource::updateJitter( const RtpDataHeader *header ) uint32_t packetTransit = localTimeRtp - ntohl(header->timestampN); Debug( 5, "Packet transit RTP time = %x", packetTransit ); - if ( mTransit > 0 ) - { + if ( mTransit > 0 ) { // Jitter int d = packetTransit - mTransit; Debug( 5, "Jitter D = %d", d ); @@ -185,28 +172,22 @@ void RtpSource::updateJitter( const RtpDataHeader *header ) mJitter += d - ((mJitter + 8) >> 4); } mTransit = packetTransit; - } - else - { + } else { mJitter = 0; } Debug( 5, "RTP Jitter: %d", mJitter ); } -void RtpSource::updateRtcpData( uint32_t ntpTimeSecs, uint32_t ntpTimeFrac, uint32_t rtpTime ) -{ +void RtpSource::updateRtcpData( uint32_t ntpTimeSecs, uint32_t ntpTimeFrac, uint32_t rtpTime ) { struct timeval ntpTime = tvMake( ntpTimeSecs, suseconds_t((USEC_PER_SEC*(ntpTimeFrac>>16))/(1<<16)) ); Debug( 5, "ntpTime: %ld.%06ld, rtpTime: %x", ntpTime.tv_sec, ntpTime.tv_usec, rtpTime ); - if ( mBaseTimeNtp.tv_sec == 0 ) - { + if ( mBaseTimeNtp.tv_sec == 0 ) { mBaseTimeReal = tvNow(); mBaseTimeNtp = ntpTime; mBaseTimeRtp = rtpTime; - } - else if ( !mRtpClock ) - { + } else if ( !mRtpClock ) { Debug( 5, "lastSrNtpTime: %ld.%06ld, rtpTime: %x", mLastSrTimeNtp.tv_sec, mLastSrTimeNtp.tv_usec, rtpTime ); Debug( 5, "ntpTime: %ld.%06ld, rtpTime: %x", ntpTime.tv_sec, ntpTime.tv_usec, rtpTime ); @@ -227,8 +208,7 @@ void RtpSource::updateRtcpData( uint32_t ntpTimeSecs, uint32_t ntpTimeFrac, uint mLastSrTimeRtp = rtpTime; } -void RtpSource::updateRtcpStats() -{ +void RtpSource::updateRtcpStats() { uint32_t extendedMax = mCycles + mMaxSeq; mExpectedPackets = extendedMax - mBaseSeq + 1; @@ -255,8 +235,7 @@ void RtpSource::updateRtcpStats() Debug( 5, "Lost fraction = %d", mLostFraction ); } -bool RtpSource::handlePacket( const unsigned char *packet, size_t packetLen ) -{ +bool RtpSource::handlePacket( const unsigned char *packet, size_t packetLen ) { const RtpDataHeader *rtpHeader; rtpHeader = (RtpDataHeader *)packet; int rtpHeaderSize = 12 + rtpHeader->cc * 4; @@ -269,39 +248,29 @@ bool RtpSource::handlePacket( const unsigned char *packet, size_t packetLen ) // that there is no marker bit by changing the number of bits in the payload type field. bool thisM = rtpHeader->m || h264FragmentEnd; - if ( updateSeq( ntohs(rtpHeader->seqN) ) ) - { + if ( updateSeq( ntohs(rtpHeader->seqN) ) ) { Hexdump( 4, packet+rtpHeaderSize, 16 ); - if ( mFrameGood ) - { + if ( mFrameGood ) { int extraHeader = 0; - if( mCodecId == AV_CODEC_ID_H264 ) - { + if ( mCodecId == AV_CODEC_ID_H264 ) { int nalType = (packet[rtpHeaderSize] & 0x1f); Debug( 3, "Have H264 frame: nal type is %d", nalType ); - switch (nalType) - { + switch (nalType) { case 24: // STAP-A - { extraHeader = 2; break; - } case 25: // STAP-B case 26: // MTAP-16 case 27: // MTAP-24 - { extraHeader = 3; break; - } // FU-A and FU-B case 28: case 29: - { // Is this NAL the first NAL in fragmentation sequence - if ( packet[rtpHeaderSize+1] & 0x80 ) - { + if ( packet[rtpHeaderSize+1] & 0x80 ) { // Now we will form new header of frame mFrame.append( "\x0\x0\x1\x0", 4 ); // Reconstruct NAL header from FU headers @@ -311,17 +280,14 @@ bool RtpSource::handlePacket( const unsigned char *packet, size_t packetLen ) extraHeader = 2; break; - } default: - { Debug(3, "Unhandled nalType %d", nalType ); - } } // Append NAL frame start code if ( !mFrame.size() ) mFrame.append( "\x0\x0\x1", 3 ); - } + } // end if H264 mFrame.append( packet+rtpHeaderSize+extraHeader, packetLen-rtpHeaderSize-extraHeader ); } else { Debug( 3, "NOT H264 frame: type is %d", mCodecId ); @@ -329,16 +295,13 @@ bool RtpSource::handlePacket( const unsigned char *packet, size_t packetLen ) Hexdump( 4, mFrame.head(), 16 ); - if ( thisM ) - { - if ( mFrameGood ) - { + if ( thisM ) { + if ( mFrameGood ) { Debug( 3, "Got new frame %d, %d bytes", mFrameCount, mFrame.size() ); mFrameProcessed.setValueImmediate( false ); mFrameReady.updateValueSignal( true ); - if ( !mFrameProcessed.getValueImmediate() ) - { + if ( !mFrameProcessed.getValueImmediate() ) { // What is the point of this for loop? Is it just me, or will it call getUpdatedValue once or twice? Could it not be better written as // if ( ! mFrameProcessed.getUpdatedValue( 1 ) && mFrameProcessed.getUpdatedValue( 1 ) ) return false; @@ -347,45 +310,34 @@ bool RtpSource::handlePacket( const unsigned char *packet, size_t packetLen ) return( false ); } mFrameCount++; - } - else - { + } else { Warning( "Discarding incomplete frame %d, %d bytes", mFrameCount, mFrame.size() ); } mFrame.clear(); } - } - else - { - if ( mFrame.size() ) - { + } else { + if ( mFrame.size() ) { Warning( "Discarding partial frame %d, %d bytes", mFrameCount, mFrame.size() ); - } - else - { + } else { Warning( "Discarding frame %d", mFrameCount ); } mFrameGood = false; mFrame.clear(); } - if ( thisM ) - { + if ( thisM ) { mFrameGood = true; prevM = true; - } - else + } else prevM = false; updateJitter( rtpHeader ); - return( true ); + return true; } -bool RtpSource::getFrame( Buffer &buffer ) -{ +bool RtpSource::getFrame( Buffer &buffer ) { Debug( 3, "Getting frame" ); - if ( !mFrameReady.getValueImmediate() ) - { + if ( !mFrameReady.getValueImmediate() ) { // Allow for a couple of spurious returns for ( int count = 0; !mFrameReady.getUpdatedValue( 1 ); count++ ) if ( count > 1 ) @@ -395,7 +347,7 @@ bool RtpSource::getFrame( Buffer &buffer ) mFrameReady.setValueImmediate( false ); mFrameProcessed.updateValueSignal( true ); Debug( 4, "Copied %d bytes", buffer.size() ); - return( true ); + return true; } #endif // HAVE_LIBAVCODEC diff --git a/src/zm_rtsp.cpp b/src/zm_rtsp.cpp index 703328e2e..5e2858e4f 100644 --- a/src/zm_rtsp.cpp +++ b/src/zm_rtsp.cpp @@ -46,53 +46,54 @@ bool RtspThread::sendCommand( std::string message ) { message += stringtf( "CSeq: %d\r\n\r\n", ++mSeq ); Debug( 2, "Sending RTSP message: %s", message.c_str() ); if ( mMethod == RTP_RTSP_HTTP ) { - message = base64Encode( message ); - Debug( 2, "Sending encoded RTSP message: %s", message.c_str() ); - if ( mRtspSocket2.send( message.c_str(), message.size() ) != (int)message.length() ) { - Error( "Unable to send message '%s': %s", message.c_str(), strerror(errno) ); - return( false ); + message = base64Encode(message); + Debug(2, "Sending encoded RTSP message: %s", message.c_str()); + if ( mRtspSocket2.send(message.c_str(), message.size()) != (int)message.length() ) { + Error("Unable to send message '%s': %s", message.c_str(), strerror(errno)); + return false; } } else { - if ( mRtspSocket.send( message.c_str(), message.size() ) != (int)message.length() ) { - Error( "Unable to send message '%s': %s", message.c_str(), strerror(errno) ); - return( false ); + if ( mRtspSocket.send(message.c_str(), message.size()) != (int)message.length() ) { + Error("Unable to send message '%s': %s", message.c_str(), strerror(errno)); + return false; } } - return( true ); + return true; } bool RtspThread::recvResponse( std::string &response ) { if ( mRtspSocket.recv( response ) < 0 ) - Error( "Recv failed; %s", strerror(errno) ); - Debug( 2, "Received RTSP response: %s (%zd bytes)", response.c_str(), response.size() ); + Error("Recv failed; %s", strerror(errno)); + Debug(2, "Received RTSP response: %s (%zd bytes)", response.c_str(), response.size()); float respVer = 0; respCode = -1; char respText[ZM_NETWORK_BUFSIZ]; - if ( sscanf( response.c_str(), "RTSP/%f %3d %[^\r\n]\r\n", &respVer, &respCode, respText ) != 3 ) { + if ( sscanf(response.c_str(), "RTSP/%f %3d %[^\r\n]\r\n", &respVer, &respCode, respText) != 3 ) { if ( isalnum(response[0]) ) { - Error( "Response parse failure in '%s'", response.c_str() ); + Error("Response parse failure in '%s'", response.c_str()); } else { - Error( "Response parse failure, %zd bytes follow", response.size() ); + Error("Response parse failure, %zd bytes follow", response.size()); if ( response.size() ) Hexdump( Logger::ERROR, response.data(), min(response.size(),16) ); } - return( false ); + return false; } - if ( respCode == 401) { + if ( respCode == 401 ) { Debug( 2, "Got 401 access denied response code, check WWW-Authenticate header and retry"); mAuthenticator->checkAuthResponse(response); mNeedAuth = true; - return( false ); + return false; } else if ( respCode != 200 ) { - Error( "Unexpected response code %d, text is '%s'", respCode, respText ); - return( false ); + Error("Unexpected response code %d, text is '%s'", respCode, respText); + return false; } - return( true ); -} + return true; +} // end RtspThread::recResponse int RtspThread::requestPorts() { if ( !smMinDataPort ) { char sql[ZM_SQL_SML_BUFSIZ]; + //FIXME Why not load specifically by Id? This will get ineffeicient with a lot of monitors strncpy( sql, "select Id from Monitors where Function != 'None' and Type = 'Remote' and Protocol = 'rtsp' and Method = 'rtpUni' order by Id asc", sizeof(sql) ); if ( mysql_query( &dbconn, sql ) ) { Error( "Can't run query: %s", mysql_error( &dbconn ) ); @@ -107,7 +108,7 @@ int RtspThread::requestPorts() { int nMonitors = mysql_num_rows( result ); int position = 0; if ( nMonitors ) { - for( int i = 0; MYSQL_ROW dbrow = mysql_fetch_row( result ); i++ ) { + for ( int i = 0; MYSQL_ROW dbrow = mysql_fetch_row(result); i++ ) { int id = atoi(dbrow[0]); if ( mId == id ) { position = i; @@ -126,22 +127,30 @@ int RtspThread::requestPorts() { Debug( 2, "Assigned RTP port range is %d-%d", smMinDataPort, smMaxDataPort ); } for ( int i = smMinDataPort; i <= smMaxDataPort; i++ ) { - PortSet::const_iterator iter = smAssignedPorts.find( i ); + PortSet::const_iterator iter = smAssignedPorts.find(i); if ( iter == smAssignedPorts.end() ) { - smAssignedPorts.insert( i ); - return( i ); + smAssignedPorts.insert(i); + return i; } } - Panic( "Can assign RTP port, no ports left in pool" ); - return( -1 ); + Panic("Can assign RTP port, no ports left in pool"); + return -1; } void RtspThread::releasePorts( int port ) { if ( port > 0 ) - smAssignedPorts.erase( port ); + smAssignedPorts.erase(port); } -RtspThread::RtspThread( int id, RtspMethod method, const std::string &protocol, const std::string &host, const std::string &port, const std::string &path, const std::string &auth, bool rtsp_describe) : +RtspThread::RtspThread( + int id, + RtspMethod method, + const std::string &protocol, + const std::string &host, + const std::string &port, + const std::string &path, + const std::string &auth, + bool rtsp_describe) : mId( id ), mMethod( method ), mProtocol( protocol ), @@ -168,10 +177,10 @@ RtspThread::RtspThread( int id, RtspMethod method, const std::string &protocol, mSsrc = rand(); - Debug( 2, "RTSP Local SSRC is %x", mSsrc ); + Debug(2, "RTSP Local SSRC is %x", mSsrc); if ( mMethod == RTP_RTSP_HTTP ) - mHttpSession = stringtf( "%d", rand() ); + mHttpSession = stringtf("%d", rand()); mNeedAuth = false; StringVector parts = split(auth,":"); @@ -216,8 +225,8 @@ int RtspThread::run() { bool authTried = false; if ( mMethod == RTP_RTSP_HTTP ) { - if ( !mRtspSocket2.connect( mHost.c_str(), mPort.c_str() ) ) - Fatal( "Unable to connect auxiliary RTSP/HTTP socket" ); + if ( !mRtspSocket2.connect(mHost.c_str(), mPort.c_str()) ) + Fatal("Unable to connect auxiliary RTSP/HTTP socket"); //Select select( 0.25 ); //select.addReader( &mRtspSocket2 ); //while ( select.wait() ) @@ -240,15 +249,15 @@ int RtspThread::run() { message += "\r\n"; Debug( 2, "Sending HTTP message: %s", message.c_str() ); if ( mRtspSocket.send( message.c_str(), message.size() ) != (int)message.length() ) { - Error( "Unable to send message '%s': %s", message.c_str(), strerror(errno) ); - return( -1 ); + Error("Unable to send message '%s': %s", message.c_str(), strerror(errno)); + return -1; } if ( mRtspSocket.recv( response ) < 0 ) { - Error( "Recv failed; %s", strerror(errno) ); - return( -1 ); + Error("Recv failed; %s", strerror(errno)); + return -1; } - Debug( 2, "Received HTTP response: %s (%zd bytes)", response.c_str(), response.size() ); + Debug(2, "Received HTTP response: %s (%zd bytes)", response.c_str(), response.size()); float respVer = 0; respCode = -1; if ( sscanf( response.c_str(), "HTTP/%f %3d %[^\r\n]\r\n", &respVer, &respCode, respText ) != 3 ) { @@ -259,25 +268,25 @@ int RtspThread::run() { if ( response.size() ) Hexdump( Logger::ERROR, response.data(), min(response.size(),16) ); } - return( -1 ); + return -1; } // If Server requests authentication, check WWW-Authenticate header and fill required fields // for requested authentication method - if (respCode == 401 && !authTried) { + if ( respCode == 401 && !authTried ) { mNeedAuth = true; mAuthenticator->checkAuthResponse(response); Debug(2, "Processed 401 response"); mRtspSocket.close(); - if ( !mRtspSocket.connect( mHost.c_str(), mPort.c_str() ) ) - Fatal( "Unable to reconnect RTSP socket" ); + if ( !mRtspSocket.connect(mHost.c_str(), mPort.c_str()) ) + Fatal("Unable to reconnect RTSP socket"); Debug(2, "connection should be reopened now"); } } while (respCode == 401 && !authTried); if ( respCode != 200 ) { - Error( "Unexpected response code %d, text is '%s'", respCode, respText ); - return( -1 ); + Error("Unexpected response code %d, text is '%s'", respCode, respText); + return -1; } message = "POST "+mPath+" HTTP/1.0\r\n"; @@ -300,25 +309,25 @@ int RtspThread::run() { // Request supported RTSP commands by the server message = "OPTIONS "+mUrl+" RTSP/1.0\r\n"; if ( !sendCommand( message ) ) - return( -1 ); + return -1; // A negative return here may indicate auth failure, but we will have setup the auth mechanisms so we need to retry. - if ( !recvResponse( response ) ) { + if ( !recvResponse(response) ) { if ( mNeedAuth ) { Debug( 2, "Resending OPTIONS due to possible auth requirement" ); - if ( !sendCommand( message ) ) - return( -1 ); - if ( !recvResponse( response ) ) - return( -1 ); + if ( !sendCommand(message) ) + return -1; + if ( !recvResponse(response) ) + return -1; } else { - return( -1 ); + return -1; } } // end if failed response maybe due to auth char publicLine[256] = ""; - StringVector lines = split( response, "\r\n" ); + StringVector lines = split(response, "\r\n"); for ( size_t i = 0; i < lines.size(); i++ ) - sscanf( lines[i].c_str(), "Public: %[^\r\n]\r\n", publicLine ); + sscanf(lines[i].c_str(), "Public: %[^\r\n]\r\n", publicLine); // Check if the server supports the GET_PARAMETER command // If yes, it is likely that the server will request this command as a keepalive message @@ -331,44 +340,45 @@ int RtspThread::run() { do { if (mNeedAuth) authTried = true; - sendCommand( message ); - sleep( 1 ); - res = recvResponse( response ); - if (!res && respCode==401) + sendCommand(message); + // FIXME WHy sleep 1? + sleep(1); + res = recvResponse(response); + if ( !res && respCode==401 ) mNeedAuth = true; } while (!res && respCode==401 && !authTried); const std::string endOfHeaders = "\r\n\r\n"; - size_t sdpStart = response.find( endOfHeaders ); - if( sdpStart == std::string::npos ) - return( -1 ); + size_t sdpStart = response.find(endOfHeaders); + if ( sdpStart == std::string::npos ) + return -1; if ( mRtspDescribe ) { - std::string DescHeader = response.substr( 0,sdpStart ); - Debug( 1, "Processing DESCRIBE response header '%s'", DescHeader.c_str() ); + std::string DescHeader = response.substr(0, sdpStart); + Debug(1, "Processing DESCRIBE response header '%s'", DescHeader.c_str()); - lines = split( DescHeader, "\r\n" ); + lines = split(DescHeader, "\r\n"); for ( size_t i = 0; i < lines.size(); i++ ) { - // If the device sends us a url value for Content-Base in the response header, we should use that instead - if ( ( lines[i].size() > 13 ) && ( lines[i].substr( 0, 13 ) == "Content-Base:" ) ) { - mUrl = trimSpaces( lines[i].substr( 13 ) ); - Info("Received new Content-Base in DESCRIBE response header. Updated device Url to: '%s'", mUrl.c_str() ); - break; - } + // If the device sends us a url value for Content-Base in the response header, we should use that instead + if ( ( lines[i].size() > 13 ) && ( lines[i].substr( 0, 13 ) == "Content-Base:" ) ) { + mUrl = trimSpaces( lines[i].substr( 13 ) ); + Info("Received new Content-Base in DESCRIBE response header. Updated device Url to: '%s'", mUrl.c_str() ); + break; } - } + } // end foreach line + } // end if mRtspDescribe sdpStart += endOfHeaders.length(); - std::string sdp = response.substr( sdpStart ); - Debug( 1, "Processing SDP '%s'", sdp.c_str() ); + std::string sdp = response.substr(sdpStart); + Debug(1, "Processing SDP '%s'", sdp.c_str()); try { mSessDesc = new SessionDescriptor( mUrl, sdp ); mFormatContext = mSessDesc->generateFormatContext(); } catch( const Exception &e ) { Error( e.getMessage().c_str() ); - return( -1 ); + return -1; } #if 0 @@ -672,51 +682,36 @@ Debug(5, "sendkeepalive %d, timeout %d, now: %d last: %d since: %d", sendKeepali Hexdump( 4, (char *)buffer, 16 ); rtpDataThread.recvPacket( buffer+4, len ); Debug( 4, "Received" ); - } - else if ( channel == remoteChannels[1] ) - { + } else if ( channel == remoteChannels[1] ) { // len = ntohs( *((unsigned short *)(buffer+2)) ); // Debug( 4, "Got %d bytes on control channel %d", nBytes, channel ); Debug( 4, "Got %d bytes on control channel %d, packet length is %d", buffer.size(), channel, len ); Hexdump( 4, (char *)buffer, 16 ); rtpCtrlThread.recvPackets( buffer+4, len ); - } - else - { + } else { Error( "Unexpected channel selector %d in RTSP interleaved data", buffer[1] ); buffer.clear(); break; } buffer.consume( len+4 ); nBytes -= len+4; - } - else - { - if ( keepaliveResponse.compare( 0, keepaliveResponse.size(), (char *)buffer, keepaliveResponse.size() ) == 0 ) - { + } else { + if ( keepaliveResponse.compare( 0, keepaliveResponse.size(), (char *)buffer, keepaliveResponse.size() ) == 0 ) { Debug( 4, "Got keepalive response '%s'", (char *)buffer ); //buffer.consume( keepaliveResponse.size() ); - if ( char *charPtr = (char *)memchr( (char *)buffer, '$', buffer.size() ) ) - { + if ( char *charPtr = (char *)memchr( (char *)buffer, '$', buffer.size() ) ) { int discardBytes = charPtr-(char *)buffer; buffer -= discardBytes; - } - else - { + } else { buffer.clear(); } - } - else - { - if ( char *charPtr = (char *)memchr( (char *)buffer, '$', buffer.size() ) ) - { + } else { + if ( char *charPtr = (char *)memchr( (char *)buffer, '$', buffer.size() ) ) { int discardBytes = charPtr-(char *)buffer; Warning( "Unexpected format RTSP interleaved data, resyncing by %d bytes", discardBytes ); Hexdump( -1, (char *)buffer, discardBytes ); buffer -= discardBytes; - } - else - { + } else { Warning( "Unexpected format RTSP interleaved data, dumping %d bytes", buffer.size() ); Hexdump( -1, (char *)buffer, 32 ); buffer.clear(); @@ -764,16 +759,14 @@ Debug(5, "sendkeepalive %d, timeout %d, now: %d last: %d since: %d", sendKeepali rtpDataThread.start(); rtpCtrlThread.start(); - while( !mStop ) - { + while ( !mStop ) { // Send a keepalive message if the server supports this feature and we are close to the timeout expiration - if ( sendKeepalive && (timeout > 0) && ((time(NULL)-lastKeepalive) > (timeout-5)) ) - { + if ( sendKeepalive && (timeout > 0) && ((time(NULL)-lastKeepalive) > (timeout-5)) ) { if ( !sendCommand( message ) ) - return( -1 ); + return -1; lastKeepalive = time(NULL); } - usleep( 100000 ); + usleep(100000); } #if 0 message = "PAUSE "+mUrl+" RTSP/1.0\r\nSession: "+session+"\r\n"; @@ -783,10 +776,10 @@ Debug(5, "sendkeepalive %d, timeout %d, now: %d last: %d since: %d", sendKeepali return( -1 ); #endif message = "TEARDOWN "+mUrl+" RTSP/1.0\r\nSession: "+session+"\r\n"; - if ( !sendCommand( message ) ) - return( -1 ); - if ( !recvResponse( response ) ) - return( -1 ); + if ( !sendCommand(message) ) + return -1; + if ( !recvResponse(response) ) + return -1; rtpDataThread.stop(); rtpCtrlThread.stop(); @@ -801,13 +794,11 @@ Debug(5, "sendkeepalive %d, timeout %d, now: %d last: %d since: %d", sendKeepali break; } default: - { - Panic( "Got unexpected method %d", mMethod ); + Panic("Got unexpected method %d", mMethod); break; - } } - return( 0 ); + return 0; } #endif // HAVE_LIBAVFORMAT diff --git a/src/zm_sdp.cpp b/src/zm_sdp.cpp index af293d64a..c7bf1b578 100644 --- a/src/zm_sdp.cpp +++ b/src/zm_sdp.cpp @@ -26,17 +26,17 @@ #if (LIBAVCODEC_VERSION_CHECK(52, 64, 0, 64, 0) || LIBAVUTIL_VERSION_CHECK(50, 14, 0, 14, 0)) SessionDescriptor::StaticPayloadDesc SessionDescriptor::smStaticPayloads[] = { { 0, "PCMU", AVMEDIA_TYPE_AUDIO, AV_CODEC_ID_PCM_MULAW, 8000, 1 }, - { 3, "GSM", AVMEDIA_TYPE_AUDIO, AV_CODEC_ID_NONE, 8000, 1 }, + { 3, "GSM", AVMEDIA_TYPE_AUDIO, AV_CODEC_ID_NONE, 8000, 1 }, { 4, "G723", AVMEDIA_TYPE_AUDIO, AV_CODEC_ID_NONE, 8000, 1 }, { 5, "DVI4", AVMEDIA_TYPE_AUDIO, AV_CODEC_ID_NONE, 8000, 1 }, { 6, "DVI4", AVMEDIA_TYPE_AUDIO, AV_CODEC_ID_NONE, 16000, 1 }, - { 7, "LPC", AVMEDIA_TYPE_AUDIO, AV_CODEC_ID_NONE, 8000, 1 }, + { 7, "LPC", AVMEDIA_TYPE_AUDIO, AV_CODEC_ID_NONE, 8000, 1 }, { 8, "PCMA", AVMEDIA_TYPE_AUDIO, AV_CODEC_ID_PCM_ALAW, 8000, 1 }, { 9, "G722", AVMEDIA_TYPE_AUDIO, AV_CODEC_ID_NONE, 8000, 1 }, { 10, "L16", AVMEDIA_TYPE_AUDIO, AV_CODEC_ID_PCM_S16BE, 44100, 2 }, { 11, "L16", AVMEDIA_TYPE_AUDIO, AV_CODEC_ID_PCM_S16BE, 44100, 1 }, { 12, "QCELP", AVMEDIA_TYPE_AUDIO, AV_CODEC_ID_QCELP, 8000, 1 }, - { 13, "CN", AVMEDIA_TYPE_AUDIO, AV_CODEC_ID_NONE, 8000, 1 }, + { 13, "CN", AVMEDIA_TYPE_AUDIO, AV_CODEC_ID_NONE, 8000, 1 }, { 14, "MPA", AVMEDIA_TYPE_AUDIO, AV_CODEC_ID_MP2, -1, -1 }, { 14, "MPA", AVMEDIA_TYPE_AUDIO, AV_CODEC_ID_MP3, -1, -1 }, { 15, "G728", AVMEDIA_TYPE_AUDIO, AV_CODEC_ID_NONE, 8000, 1 }, @@ -45,36 +45,36 @@ SessionDescriptor::StaticPayloadDesc SessionDescriptor::smStaticPayloads[] = { { 18, "G729", AVMEDIA_TYPE_AUDIO, AV_CODEC_ID_NONE, 8000, 1 }, { 25, "CelB", AVMEDIA_TYPE_VIDEO, AV_CODEC_ID_NONE, 90000, -1 }, { 26, "JPEG", AVMEDIA_TYPE_VIDEO, AV_CODEC_ID_MJPEG, 90000, -1 }, - { 28, "nv", AVMEDIA_TYPE_VIDEO, AV_CODEC_ID_NONE, 90000, -1 }, + { 28, "nv", AVMEDIA_TYPE_VIDEO, AV_CODEC_ID_NONE, 90000, -1 }, { 31, "H261", AVMEDIA_TYPE_VIDEO, AV_CODEC_ID_H261, 90000, -1 }, { 32, "MPV", AVMEDIA_TYPE_VIDEO, AV_CODEC_ID_MPEG1VIDEO, 90000, -1 }, { 32, "MPV", AVMEDIA_TYPE_VIDEO, AV_CODEC_ID_MPEG2VIDEO, 90000, -1 }, { 33, "MP2T", AVMEDIA_TYPE_DATA, AV_CODEC_ID_MPEG2TS, 90000, -1 }, { 34, "H263", AVMEDIA_TYPE_VIDEO, AV_CODEC_ID_H263, 90000, -1 }, - { -1, "", AVMEDIA_TYPE_UNKNOWN, AV_CODEC_ID_NONE, -1, -1 } + { -1, "", AVMEDIA_TYPE_UNKNOWN, AV_CODEC_ID_NONE, -1, -1 } }; SessionDescriptor::DynamicPayloadDesc SessionDescriptor::smDynamicPayloads[] = { - { "MP4V-ES", AVMEDIA_TYPE_VIDEO, AV_CODEC_ID_MPEG4 }, - { "mpeg4-generic", AVMEDIA_TYPE_AUDIO, AV_CODEC_ID_AAC }, - { "H264", AVMEDIA_TYPE_VIDEO, AV_CODEC_ID_H264 }, - { "AMR", AVMEDIA_TYPE_AUDIO, AV_CODEC_ID_AMR_NB }, + { "MP4V-ES", AVMEDIA_TYPE_VIDEO, AV_CODEC_ID_MPEG4 }, + { "mpeg4-generic", AVMEDIA_TYPE_AUDIO, AV_CODEC_ID_AAC }, + { "H264", AVMEDIA_TYPE_VIDEO, AV_CODEC_ID_H264 }, + { "AMR", AVMEDIA_TYPE_AUDIO, AV_CODEC_ID_AMR_NB }, { "vnd.onvif.metadata", AVMEDIA_TYPE_DATA, AV_CODEC_ID_NONE } }; #else SessionDescriptor::StaticPayloadDesc SessionDescriptor::smStaticPayloads[] = { { 0, "PCMU", CODEC_TYPE_AUDIO, CODEC_ID_PCM_MULAW, 8001, 1 }, - { 3, "GSM", CODEC_TYPE_AUDIO, CODEC_ID_NONE, 8000, 1 }, + { 3, "GSM", CODEC_TYPE_AUDIO, CODEC_ID_NONE, 8000, 1 }, { 4, "G723", CODEC_TYPE_AUDIO, CODEC_ID_NONE, 8000, 1 }, { 5, "DVI4", CODEC_TYPE_AUDIO, CODEC_ID_NONE, 8000, 1 }, { 6, "DVI4", CODEC_TYPE_AUDIO, CODEC_ID_NONE, 16000, 1 }, - { 7, "LPC", CODEC_TYPE_AUDIO, CODEC_ID_NONE, 8000, 1 }, + { 7, "LPC", CODEC_TYPE_AUDIO, CODEC_ID_NONE, 8000, 1 }, { 8, "PCMA", CODEC_TYPE_AUDIO, CODEC_ID_PCM_ALAW, 8000, 1 }, { 9, "G722", CODEC_TYPE_AUDIO, CODEC_ID_NONE, 8000, 1 }, { 10, "L16", CODEC_TYPE_AUDIO, CODEC_ID_PCM_S16BE, 44100, 2 }, { 11, "L16", CODEC_TYPE_AUDIO, CODEC_ID_PCM_S16BE, 44100, 1 }, { 12, "QCELP", CODEC_TYPE_AUDIO, CODEC_ID_QCELP, 8000, 1 }, - { 13, "CN", CODEC_TYPE_AUDIO, CODEC_ID_NONE, 8000, 1 }, + { 13, "CN", CODEC_TYPE_AUDIO, CODEC_ID_NONE, 8000, 1 }, { 14, "MPA", CODEC_TYPE_AUDIO, CODEC_ID_MP2, -1, -1 }, { 14, "MPA", CODEC_TYPE_AUDIO, CODEC_ID_MP3, -1, -1 }, { 15, "G728", CODEC_TYPE_AUDIO, CODEC_ID_NONE, 8000, 1 }, @@ -83,7 +83,7 @@ SessionDescriptor::StaticPayloadDesc SessionDescriptor::smStaticPayloads[] = { { 18, "G729", CODEC_TYPE_AUDIO, CODEC_ID_NONE, 8000, 1 }, { 25, "CelB", CODEC_TYPE_VIDEO, CODEC_ID_NONE, 90000, -1 }, { 26, "JPEG", CODEC_TYPE_VIDEO, CODEC_ID_MJPEG, 90000, -1 }, - { 28, "nv", CODEC_TYPE_VIDEO, CODEC_ID_NONE, 90000, -1 }, + { 28, "nv", CODEC_TYPE_VIDEO, CODEC_ID_NONE, 90000, -1 }, { 31, "H261", CODEC_TYPE_VIDEO, CODEC_ID_H261, 90000, -1 }, { 32, "MPV", CODEC_TYPE_VIDEO, CODEC_ID_MPEG1VIDEO, 90000, -1 }, { 32, "MPV", CODEC_TYPE_VIDEO, CODEC_ID_MPEG2VIDEO, 90000, -1 }, @@ -105,7 +105,7 @@ SessionDescriptor::ConnInfo::ConnInfo( const std::string &connInfo ) : mTtl( 16 ), mNoAddresses( 0 ) { - StringVector tokens = split( connInfo, " " ); + StringVector tokens = split(connInfo, " "); if ( tokens.size() < 3 ) throw Exception( "Unable to parse SDP connection info from '"+connInfo+"'" ); mNetworkType = tokens[0]; @@ -136,7 +136,12 @@ SessionDescriptor::BandInfo::BandInfo( const std::string &bandInfo ) : mValue = atoi(tokens[1].c_str()); } -SessionDescriptor::MediaDescriptor::MediaDescriptor( const std::string &type, int port, int numPorts, const std::string &transport, int payloadType ) : +SessionDescriptor::MediaDescriptor::MediaDescriptor( + const std::string &type, + int port, + int numPorts, + const std::string &transport, + int payloadType ) : mType( type ), mPort( port ), mNumPorts( numPorts ), @@ -164,14 +169,13 @@ SessionDescriptor::SessionDescriptor( const std::string &url, const std::string if ( line.empty() ) break; - Debug( 3, "Processing SDP line '%s'", line.c_str() ); + Debug(3, "Processing SDP line '%s'", line.c_str()); const char sdpType = line[0]; if ( line[1] != '=' ) - throw Exception( "Invalid SDP format at '"+line+"'" ); + throw Exception("Invalid SDP format at '"+line+"'"); - line.erase( 0, 2 ); - switch( sdpType ) - { + line.erase(0, 2); + switch( sdpType ) { case 'v' : mVersion = line; break; @@ -204,19 +208,13 @@ SessionDescriptor::SessionDescriptor( const std::string &url, const std::string mAttributes.push_back( line ); StringVector tokens = split( line, ":", 2 ); std::string attrName = tokens[0]; - if ( currMedia ) - { - if ( attrName == "control" ) - { + if ( currMedia ) { + if ( attrName == "control" ) { if ( tokens.size() < 2 ) throw Exception( "Unable to parse SDP control attribute '"+line+"' for media '"+currMedia->getType()+"'" ); currMedia->setControlUrl( tokens[1] ); - } - else if ( attrName == "range" ) - { - } - else if ( attrName == "rtpmap" ) - { + } else if ( attrName == "range" ) { + } else if ( attrName == "rtpmap" ) { // a=rtpmap:96 MP4V-ES/90000 if ( tokens.size() < 2 ) throw Exception( "Unable to parse SDP rtpmap attribute '"+line+"' for media '"+currMedia->getType()+"'" ); @@ -226,53 +224,46 @@ SessionDescriptor::SessionDescriptor( const std::string &url, const std::string throw Exception( stringtf( "Payload type mismatch, expected %d, got %d in '%s'", currMedia->getPayloadType(), payloadType, line.c_str() ) ); std::string payloadDesc = attrTokens[1]; //currMedia->setPayloadType( payloadType ); - if ( attrTokens.size() > 1 ) - { + if ( attrTokens.size() > 1 ) { StringVector payloadTokens = split( attrTokens[1], "/" ); std::string payloadDesc = payloadTokens[0]; int payloadClock = atoi(payloadTokens[1].c_str()); currMedia->setPayloadDesc( payloadDesc ); currMedia->setClock( payloadClock ); } - } - else if ( attrName == "framesize" ) - { + } else if ( attrName == "framesize" ) { // a=framesize:96 320-240 if ( tokens.size() < 2 ) - throw Exception( "Unable to parse SDP framesize attribute '"+line+"' for media '"+currMedia->getType()+"'" ); - StringVector attrTokens = split( tokens[1], " " ); + throw Exception("Unable to parse SDP framesize attribute '"+line+"' for media '"+currMedia->getType()+"'"); + StringVector attrTokens = split(tokens[1], " "); int payloadType = atoi(attrTokens[0].c_str()); if ( payloadType != currMedia->getPayloadType() ) - throw Exception( stringtf( "Payload type mismatch, expected %d, got %d in '%s'", currMedia->getPayloadType(), payloadType, line.c_str() ) ); + throw Exception( stringtf("Payload type mismatch, expected %d, got %d in '%s'", + currMedia->getPayloadType(), payloadType, line.c_str())); //currMedia->setPayloadType( payloadType ); - StringVector sizeTokens = split( attrTokens[1], "-" ); + StringVector sizeTokens = split(attrTokens[1], "-"); int width = atoi(sizeTokens[0].c_str()); int height = atoi(sizeTokens[1].c_str()); - currMedia->setFrameSize( width, height ); - } - else if ( attrName == "framerate" ) - { + currMedia->setFrameSize(width, height); + } else if ( attrName == "framerate" ) { // a=framerate:5.0 if ( tokens.size() < 2 ) - throw Exception( "Unable to parse SDP framerate attribute '"+line+"' for media '"+currMedia->getType()+"'" ); + throw Exception("Unable to parse SDP framerate attribute '"+line+"' for media '"+currMedia->getType()+"'"); double frameRate = atof(tokens[1].c_str()); - currMedia->setFrameRate( frameRate ); - } - else if ( attrName == "fmtp" ) - { + currMedia->setFrameRate(frameRate); + } else if ( attrName == "fmtp" ) { // a=fmtp:96 profile-level-id=247; config=000001B0F7000001B509000001000000012008D48D8803250F042D14440F if ( tokens.size() < 2 ) - throw Exception( "Unable to parse SDP fmtp attribute '"+line+"' for media '"+currMedia->getType()+"'" ); - StringVector attrTokens = split( tokens[1], " ", 2 ); + throw Exception("Unable to parse SDP fmtp attribute '"+line+"' for media '"+currMedia->getType()+"'"); + StringVector attrTokens = split(tokens[1], " ", 2); int payloadType = atoi(attrTokens[0].c_str()); if ( payloadType != currMedia->getPayloadType() ) - throw Exception( stringtf( "Payload type mismatch, expected %d, got %d in '%s'", currMedia->getPayloadType(), payloadType, line.c_str() ) ); + throw Exception(stringtf("Payload type mismatch, expected %d, got %d in '%s'", + currMedia->getPayloadType(), payloadType, line.c_str())); //currMedia->setPayloadType( payloadType ); - if ( attrTokens.size() > 1 ) - { + if ( attrTokens.size() > 1 ) { StringVector attr2Tokens = split( attrTokens[1], "; " ); - for ( unsigned int i = 0; i < attr2Tokens.size(); i++ ) - { + for ( unsigned int i = 0; i < attr2Tokens.size(); i++ ) { StringVector attr3Tokens = split( attr2Tokens[i], "=" ); //Info( "Name = %s, Value = %s", attr3Tokens[0].c_str(), attr3Tokens[1].c_str() ); if ( attr3Tokens[0] == "profile-level-id" ) { @@ -292,40 +283,39 @@ SessionDescriptor::SessionDescriptor( const std::string &url, const std::string } else if ( attrName == "mpeg4-esid" ) { // a=mpeg4-esid:201 } else { - Debug( 3, "Ignoring SDP attribute '%s' for media '%s'", line.c_str(), currMedia->getType().c_str() ) + Debug(3, "Ignoring SDP attribute '%s' for media '%s'", line.c_str(), currMedia->getType().c_str()); } } else { - Debug( 3, "Ignoring general SDP attribute '%s'", line.c_str() ); + Debug(3, "Ignoring general SDP attribute '%s'", line.c_str()); } break; } case 'm' : { - StringVector tokens = split( line, " " ); + StringVector tokens = split(line, " "); if ( tokens.size() < 4 ) - throw Exception( "Can't parse SDP media description '"+line+"'" ); + throw Exception("Can't parse SDP media description '"+line+"'"); std::string mediaType = tokens[0]; if ( mediaType != "audio" && mediaType != "video" && mediaType != "application" ) - throw Exception( "Unsupported media type '"+mediaType+"' in SDP media attribute '"+line+"'" ); - StringVector portTokens = split( tokens[1], "/" ); + throw Exception("Unsupported media type '"+mediaType+"' in SDP media attribute '"+line+"'"); + StringVector portTokens = split(tokens[1], "/"); int mediaPort = atoi(portTokens[0].c_str()); int mediaNumPorts = 1; if ( portTokens.size() > 1 ) mediaNumPorts = atoi(portTokens[1].c_str()); std::string mediaTransport = tokens[2]; if ( mediaTransport != "RTP/AVP" ) - throw Exception( "Unsupported media transport '"+mediaTransport+"' in SDP media attribute '"+line+"'" ); + throw Exception("Unsupported media transport '"+mediaTransport+"' in SDP media attribute '"+line+"'"); int payloadType = atoi(tokens[3].c_str()); - currMedia = new MediaDescriptor( mediaType, mediaPort, mediaNumPorts, mediaTransport, payloadType ); - mMediaList.push_back( currMedia ); + currMedia = new MediaDescriptor(mediaType, mediaPort, mediaNumPorts, mediaTransport, payloadType); + mMediaList.push_back(currMedia); break; } - } - } + } // end switch + } // end foreach line } -SessionDescriptor::~SessionDescriptor() -{ +SessionDescriptor::~SessionDescriptor() { if ( mConnInfo ) delete mConnInfo; if ( mBandInfo ) @@ -334,8 +324,7 @@ SessionDescriptor::~SessionDescriptor() delete mMediaList[i]; } -AVFormatContext *SessionDescriptor::generateFormatContext() const -{ +AVFormatContext *SessionDescriptor::generateFormatContext() const { AVFormatContext *formatContext = avformat_alloc_context(); #if (LIBAVFORMAT_VERSION_CHECK(58, 12, 0, 0, 100)) @@ -353,35 +342,40 @@ AVFormatContext *SessionDescriptor::generateFormatContext() const for ( unsigned int i = 0; i < mMediaList.size(); i++ ) { const MediaDescriptor *mediaDesc = mMediaList[i]; #if !LIBAVFORMAT_VERSION_CHECK(53, 10, 0, 17, 0) - AVStream *stream = av_new_stream( formatContext, i ); + AVStream *stream = av_new_stream(formatContext, i); #else - AVStream *stream = avformat_new_stream( formatContext, NULL ); + AVStream *stream = avformat_new_stream(formatContext, NULL); stream->id = i; #endif #if LIBAVCODEC_VERSION_CHECK(57, 64, 0, 64, 0) AVCodecContext *codec_context = avcodec_alloc_context3(NULL); avcodec_parameters_to_context(codec_context, stream->codecpar); + stream->codec = codec_context; #else AVCodecContext *codec_context = stream->codec; #endif - Debug( 1, "Looking for codec for %s payload type %d / %s", mediaDesc->getType().c_str(), mediaDesc->getPayloadType(), mediaDesc->getPayloadDesc().c_str() ); + std::string type = mediaDesc->getType(); + Debug(1, "Looking for codec for %s payload type %d / %s", + type.c_str(), mediaDesc->getPayloadType(), mediaDesc->getPayloadDesc().c_str()); #if (LIBAVCODEC_VERSION_CHECK(52, 64, 0, 64, 0) || LIBAVUTIL_VERSION_CHECK(50, 14, 0, 14, 0)) - if ( mediaDesc->getType() == "video" ) + if ( type == "video" ) codec_context->codec_type = AVMEDIA_TYPE_VIDEO; - else if ( mediaDesc->getType() == "audio" ) + else if ( type == "audio" ) codec_context->codec_type = AVMEDIA_TYPE_AUDIO; - else if ( mediaDesc->getType() == "application" ) + else if ( type == "application" ) codec_context->codec_type = AVMEDIA_TYPE_DATA; #else - if ( mediaDesc->getType() == "video" ) + if ( type == "video" ) codec_context->codec_type = CODEC_TYPE_VIDEO; - else if ( mediaDesc->getType() == "audio" ) + else if ( type == "audio" ) codec_context->codec_type = CODEC_TYPE_AUDIO; - else if ( mediaDesc->getType() == "application" ) + else if ( type == "application" ) codec_context->codec_type = CODEC_TYPE_DATA; #endif + else + Warning("Unknown media_type %s", type.c_str()); #if LIBAVCODEC_VERSION_CHECK(55, 50, 3, 60, 103) std::string codec_name; @@ -392,9 +386,9 @@ AVFormatContext *SessionDescriptor::generateFormatContext() const if ( smStaticPayloads[i].payloadType == mediaDesc->getPayloadType() ) { Debug( 1, "Got static payload type %d, %s", smStaticPayloads[i].payloadType, smStaticPayloads[i].payloadName ); #if LIBAVCODEC_VERSION_CHECK(55, 50, 3, 60, 103) - codec_name = std::string( smStaticPayloads[i].payloadName ); + codec_name = std::string(smStaticPayloads[i].payloadName); #else - strncpy( codec_context->codec_name, smStaticPayloads[i].payloadName, sizeof(codec_context->codec_name) );; + strncpy(codec_context->codec_name, smStaticPayloads[i].payloadName, sizeof(codec_context->codec_name)); #endif codec_context->codec_type = smStaticPayloads[i].codecType; codec_context->codec_id = smStaticPayloads[i].codecId; @@ -406,11 +400,11 @@ AVFormatContext *SessionDescriptor::generateFormatContext() const // Look in dynamic table for ( unsigned int i = 0; i < (sizeof(smDynamicPayloads)/sizeof(*smDynamicPayloads)); i++ ) { if ( smDynamicPayloads[i].payloadName == mediaDesc->getPayloadDesc() ) { - Debug( 1, "Got dynamic payload type %d, %s", mediaDesc->getPayloadType(), smDynamicPayloads[i].payloadName ); + Debug(1, "Got dynamic payload type %d, %s", mediaDesc->getPayloadType(), smDynamicPayloads[i].payloadName); #if LIBAVCODEC_VERSION_CHECK(55, 50, 3, 60, 103) - codec_name = std::string( smStaticPayloads[i].payloadName ); + codec_name = std::string(smStaticPayloads[i].payloadName); #else - strncpy( codec_context->codec_name, smDynamicPayloads[i].payloadName, sizeof(codec_context->codec_name) );; + strncpy(codec_context->codec_name, smDynamicPayloads[i].payloadName, sizeof(codec_context->codec_name)); #endif codec_context->codec_type = smDynamicPayloads[i].codecType; codec_context->codec_id = smDynamicPayloads[i].codecId; @@ -418,7 +412,7 @@ AVFormatContext *SessionDescriptor::generateFormatContext() const break; } } - } + } /// end if static or dynamic #if LIBAVCODEC_VERSION_CHECK(55, 50, 3, 60, 103) if ( codec_name.empty() ) @@ -426,7 +420,8 @@ AVFormatContext *SessionDescriptor::generateFormatContext() const if ( !stream->codec->codec_name[0] ) #endif { - Warning( "Can't find payload details for %s payload type %d, name %s", mediaDesc->getType().c_str(), mediaDesc->getPayloadType(), mediaDesc->getPayloadDesc().c_str() ); + Warning( "Can't find payload details for %s payload type %d, name %s", + mediaDesc->getType().c_str(), mediaDesc->getPayloadType(), mediaDesc->getPayloadDesc().c_str() ); //return( 0 ); } if ( mediaDesc->getWidth() ) @@ -449,11 +444,11 @@ AVFormatContext *SessionDescriptor::generateFormatContext() const while (*value && *value != ',' && (dst - base64packet) < (long)(sizeof(base64packet)) - 1) { - *dst++ = *value++; + *dst++ = *value++; } *dst++ = '\0'; - if (*value == ',') + if ( *value == ',' ) value++; packet_size= av_base64_decode(decoded_packet, (const char *)base64packet, (int)sizeof(decoded_packet)); @@ -468,23 +463,23 @@ AVFormatContext *SessionDescriptor::generateFormatContext() const FF_INPUT_BUFFER_PADDING_SIZE #endif ); - if(dest) { - if(codec_context->extradata_size) { - // av_realloc? + if ( dest ) { + if ( codec_context->extradata_size ) { + // av_realloc? memcpy(dest, codec_context->extradata, codec_context->extradata_size); - av_free(codec_context->extradata); - } + av_free(codec_context->extradata); + } - memcpy(dest+codec_context->extradata_size, start_sequence, sizeof(start_sequence)); - memcpy(dest+codec_context->extradata_size+sizeof(start_sequence), decoded_packet, packet_size); - memset(dest+codec_context->extradata_size+sizeof(start_sequence)+ - packet_size, 0, + memcpy(dest+codec_context->extradata_size, start_sequence, sizeof(start_sequence)); + memcpy(dest+codec_context->extradata_size+sizeof(start_sequence), decoded_packet, packet_size); + memset(dest+codec_context->extradata_size+sizeof(start_sequence)+ + packet_size, 0, #if LIBAVCODEC_VERSION_CHECK(57, 0, 0, 0, 0) - AV_INPUT_BUFFER_PADDING_SIZE + AV_INPUT_BUFFER_PADDING_SIZE #else - FF_INPUT_BUFFER_PADDING_SIZE + FF_INPUT_BUFFER_PADDING_SIZE #endif -); + ); codec_context->extradata= dest; codec_context->extradata_size+= sizeof(start_sequence)+packet_size; @@ -497,7 +492,7 @@ AVFormatContext *SessionDescriptor::generateFormatContext() const } } - return( formatContext ); + return formatContext; } #endif // HAVE_LIBAVFORMAT From 940338ea126f4f763a2ff99bdd9cc0a21c444776 Mon Sep 17 00:00:00 2001 From: Isaac Connor Date: Mon, 29 Apr 2019 12:51:02 -0400 Subject: [PATCH 021/922] namespace escape Error calls --- web/index.php | 4 ++-- 1 file changed, 2 insertions(+), 2 deletions(-) diff --git a/web/index.php b/web/index.php index df190a700..a4f6160d4 100644 --- a/web/index.php +++ b/web/index.php @@ -93,7 +93,7 @@ if ( isset($_GET['skin']) ) { $skins = array_map('basename', glob('skins/*', GLOB_ONLYDIR)); if ( ! in_array($skin, $skins) ) { - Error("Invalid skin '$skin' setting to " . $skins[0]); + ZM\Error("Invalid skin '$skin' setting to " . $skins[0]); $skin = $skins[0]; } @@ -109,7 +109,7 @@ if ( isset($_GET['css']) ) { $css_skins = array_map('basename', glob('skins/'.$skin.'/css/*',GLOB_ONLYDIR)); if ( !in_array($css, $css_skins) ) { - Error("Invalid skin css '$css' setting to " . $css_skins[0]); + ZM\Error("Invalid skin css '$css' setting to " . $css_skins[0]); $css = $css_skins[0]; } From b3fb934fb506d0dc491f9bc01e1d7b427011f830 Mon Sep 17 00:00:00 2001 From: Isaac Connor Date: Mon, 29 Apr 2019 14:16:55 -0400 Subject: [PATCH 022/922] add namespace to Logging calls --- web/includes/actions/monitor.php | 7 +++++-- 1 file changed, 5 insertions(+), 2 deletions(-) diff --git a/web/includes/actions/monitor.php b/web/includes/actions/monitor.php index cfb89a892..f97441fd9 100644 --- a/web/includes/actions/monitor.php +++ b/web/includes/actions/monitor.php @@ -68,6 +68,9 @@ if ( $action == 'monitor' ) { $columns = getTableColumns('Monitors'); $changes = getFormChanges($monitor, $_REQUEST['newMonitor'], $types, $columns); +ZM\Logger::Debug("Columns:". print_r($columns,true)); +ZM\Logger::Debug("Changes:". print_r($changes,true)); +ZM\Logger::Debug("newMonitor:". print_r($_REQUEST['newMonitor'],true)); if ( count($changes) ) { if ( $mid ) { @@ -88,12 +91,12 @@ if ( $action == 'monitor' ) { $NewStorage = new ZM\Storage($_REQUEST['newMonitor']['StorageId']); if ( !file_exists($NewStorage->Path().'/'.$mid) ) { if ( !mkdir($NewStorage->Path().'/'.$mid, 0755) ) { - Error('Unable to mkdir ' . $NewStorage->Path().'/'.$mid); + ZM\Error('Unable to mkdir ' . $NewStorage->Path().'/'.$mid); } } $saferNewName = basename($_REQUEST['newMonitor']['Name']); if ( !symlink($NewStorage->Path().'/'.$mid, $NewStorage->Path().'/'.$saferNewName) ) { - Warning('Unable to symlink ' . $NewStorage->Path().'/'.$mid . ' to ' . $NewStorage->Path().'/'.$saferNewName); + ZM\Warning('Unable to symlink ' . $NewStorage->Path().'/'.$mid . ' to ' . $NewStorage->Path().'/'.$saferNewName); } } if ( isset($changes['Width']) || isset($changes['Height']) ) { From 76dd4113417c6b6a828aaf837683380da3584622 Mon Sep 17 00:00:00 2001 From: redaco <50115235+redaco@users.noreply.github.com> Date: Mon, 29 Apr 2019 21:56:55 +0200 Subject: [PATCH 023/922] Netcat ONVIF: Added support for "profile token" (#2589) --- .../lib/ZoneMinder/Control/Netcat.pm | 33 +++++++++++-------- 1 file changed, 19 insertions(+), 14 deletions(-) diff --git a/scripts/ZoneMinder/lib/ZoneMinder/Control/Netcat.pm b/scripts/ZoneMinder/lib/ZoneMinder/Control/Netcat.pm index efffd2d19..977662ceb 100644 --- a/scripts/ZoneMinder/lib/ZoneMinder/Control/Netcat.pm +++ b/scripts/ZoneMinder/lib/ZoneMinder/Control/Netcat.pm @@ -36,6 +36,8 @@ our @ISA = qw(ZoneMinder::Control); our %CamParams = (); +our $profileToken; + # ========================================================================== # # Netcat IP Control Protocol @@ -79,6 +81,9 @@ sub open { $self->loadMonitor(); + $profileToken = $self->{Monitor}->{ControlDevice}; + if ($profileToken eq '') { $profileToken = '000'; } + use LWP::UserAgent; $self->{ua} = LWP::UserAgent->new; $self->{ua}->agent('ZoneMinder Control Agent/'.ZoneMinder::Base::ZM_VERSION); @@ -160,7 +165,7 @@ sub autoStop { if ( $autostop ) { Debug('Auto Stop'); my $cmd = 'onvif/PTZ'; - my $msg = '000truefalse'; + my $msg = '' . $profileToken . 'truefalse'; my $content_type = 'application/soap+xml; charset=utf-8; action="http://www.onvif.org/ver20/ptz/wsdl/ContinuousMove"'; usleep($autostop); $self->sendCmd($cmd, $msg, $content_type); @@ -182,7 +187,7 @@ sub moveConUp { Debug('Move Up'); my $self = shift; my $cmd = 'onvif/PTZ'; - my $msg ='000'; + my $msg ='' . $profileToken . ''; my $content_type = 'application/soap+xml; charset=utf-8; action="http://www.onvif.org/ver20/ptz/wsdl/ContinuousMove"'; $self->sendCmd($cmd, $msg, $content_type); $self->autoStop($self->{Monitor}->{AutoStopTimeout}); @@ -193,7 +198,7 @@ sub moveConDown { Debug('Move Down'); my $self = shift; my $cmd = 'onvif/PTZ'; - my $msg ='000'; + my $msg ='' . $profileToken . ''; my $content_type = 'application/soap+xml; charset=utf-8; action="http://www.onvif.org/ver20/ptz/wsdl/ContinuousMove"'; $self->sendCmd($cmd, $msg, $content_type); $self->autoStop($self->{Monitor}->{AutoStopTimeout}); @@ -204,7 +209,7 @@ sub moveConLeft { Debug('Move Left'); my $self = shift; my $cmd = 'onvif/PTZ'; - my $msg ='000'; + my $msg ='' . $profileToken . ''; my $content_type = 'application/soap+xml; charset=utf-8; action="http://www.onvif.org/ver20/ptz/wsdl/ContinuousMove"'; $self->sendCmd($cmd, $msg, $content_type); $self->autoStop($self->{Monitor}->{AutoStopTimeout}); @@ -215,7 +220,7 @@ sub moveConRight { Debug('Move Right'); my $self = shift; my $cmd = 'onvif/PTZ'; - my $msg ='000'; + my $msg ='' . $profileToken . ''; my $content_type = 'application/soap+xml; charset=utf-8; action="http://www.onvif.org/ver20/ptz/wsdl/ContinuousMove"'; $self->sendCmd($cmd, $msg, $content_type); $self->autoStop($self->{Monitor}->{AutoStopTimeout}); @@ -226,7 +231,7 @@ sub zoomConTele { Debug('Zoom Tele'); my $self = shift; my $cmd = 'onvif/PTZ'; - my $msg ='000'; + my $msg ='' . $profileToken . ''; my $content_type = 'application/soap+xml; charset=utf-8; action="http://www.onvif.org/ver20/ptz/wsdl/ContinuousMove"'; $self->sendCmd($cmd, $msg, $content_type); $self->autoStop($self->{Monitor}->{AutoStopTimeout}); @@ -237,7 +242,7 @@ sub zoomConWide { Debug('Zoom Wide'); my $self = shift; my $cmd = 'onvif/PTZ'; - my $msg ='000'; + my $msg ='' . $profileToken . ''; my $content_type = 'application/soap+xml; charset=utf-8; action="http://www.onvif.org/ver20/ptz/wsdl/ContinuousMove"'; $self->sendCmd($cmd, $msg, $content_type); $self->autoStop($self->{Monitor}->{AutoStopTimeout}); @@ -249,7 +254,7 @@ sub moveConUpRight { Debug('Move Diagonally Up Right'); my $self = shift; my $cmd = 'onvif/PTZ'; - my $msg ='000'; + my $msg ='' . $profileToken . ''; my $content_type = 'application/soap+xml; charset=utf-8; action="http://www.onvif.org/ver20/ptz/wsdl/ContinuousMove"'; $self->sendCmd($cmd, $msg, $content_type); $self->autoStop($self->{Monitor}->{AutoStopTimeout}); @@ -261,7 +266,7 @@ sub moveConDownRight { Debug('Move Diagonally Down Right'); my $self = shift; my $cmd = 'onvif/PTZ'; - my $msg ='000'; + my $msg ='' . $profileToken . ''; my $content_type = 'application/soap+xml; charset=utf-8; action="http://www.onvif.org/ver20/ptz/wsdl/ContinuousMove"'; $self->sendCmd($cmd, $msg, $content_type); $self->autoStop($self->{Monitor}->{AutoStopTimeout}); @@ -273,7 +278,7 @@ sub moveConUpLeft { Debug('Move Diagonally Up Left'); my $self = shift; my $cmd = 'onvif/PTZ'; - my $msg ='000'; + my $msg ='' . $profileToken . ''; my $content_type = 'application/soap+xml; charset=utf-8; action="http://www.onvif.org/ver20/ptz/wsdl/ContinuousMove"'; $self->sendCmd($cmd, $msg, $content_type); $self->autoStop($self->{Monitor}->{AutoStopTimeout}); @@ -285,7 +290,7 @@ sub moveConDownLeft { Debug('Move Diagonally Down Left'); my $self = shift; my $cmd = 'onvif/PTZ'; - my $msg ='000'; + my $msg ='' . $profileToken . ''; my $content_type = 'application/soap+xml; charset=utf-8; action="http://www.onvif.org/ver20/ptz/wsdl/ContinuousMove"'; $self->sendCmd($cmd, $msg, $content_type); $self->autoStop($self->{Monitor}->{AutoStopTimeout}); @@ -296,7 +301,7 @@ sub moveStop { Debug('Move Stop'); my $self = shift; my $cmd = 'onvif/PTZ'; - my $msg ='000truefalse'; + my $msg ='' . $profileToken . 'truefalse'; my $content_type = 'application/soap+xml; charset=utf-8; action="http://www.onvif.org/ver20/ptz/wsdl/ContinuousMove"'; $self->sendCmd($cmd, $msg, $content_type); } @@ -308,7 +313,7 @@ sub presetSet { my $preset = $self->getParam($params, 'preset'); Debug("Set Preset $preset"); my $cmd = 'onvif/PTZ'; - my $msg ='000'.$preset.''; + my $msg ='' . $profileToken . ''.$preset.''; my $content_type = 'application/soap+xml; charset=utf-8; action="http://www.onvif.org/ver20/ptz/wsdl/SetPreset"'; $self->sendCmd($cmd, $msg, $content_type); } @@ -320,7 +325,7 @@ sub presetGoto { my $preset = $self->getParam($params, 'preset'); Debug("Goto Preset $preset"); my $cmd = 'onvif/PTZ'; - my $msg ='000'.$preset.''; + my $msg ='' . $profileToken . ''.$preset.''; my $content_type = 'application/soap+xml; charset=utf-8; action="http://www.onvif.org/ver20/ptz/wsdl/GotoPreset"'; $self->sendCmd( $cmd, $msg, $content_type ); } From dfa997a989a125703ffb72d5fef3e4f585e54d73 Mon Sep 17 00:00:00 2001 From: cnighswonger Date: Mon, 18 Mar 2019 13:28:00 -0400 Subject: [PATCH 024/922] Add camera relative iris control methods This set of methods invoke realtive iris size in the direction indicated by the portion of their name. They accept no arguments. NOTE: This only just does work. The Dahua API specifies "multiples" as the input. We pass in a 1 for that as it does not seem to matter what number (0-8) is provided, the camera iris behaves the same. --- .../lib/ZoneMinder/Control/Dahua.pm | 27 +++++++++++++++++++ 1 file changed, 27 insertions(+) diff --git a/scripts/ZoneMinder/lib/ZoneMinder/Control/Dahua.pm b/scripts/ZoneMinder/lib/ZoneMinder/Control/Dahua.pm index e55a6da1c..23245a2ea 100644 --- a/scripts/ZoneMinder/lib/ZoneMinder/Control/Dahua.pm +++ b/scripts/ZoneMinder/lib/ZoneMinder/Control/Dahua.pm @@ -381,6 +381,22 @@ sub focusRelFar Debug("focusRelFar response: " . $response); } +sub irisRelOpen +{ + my $self = shift; + + my $response = $self->_sendPtzCommand("start", "IrisLarge", 0, 1, 0, 0); + Debug("irisRelOpen response: " . $response); +} + +sub irisRelClose +{ + my $self = shift; + + my $response = $self->_sendPtzCommand("start", "IrisSmall", 0, 1, 0, 0); + Debug("irisRelClose response: " . $response); +} + sub moveStop { my $self = shift; @@ -592,6 +608,17 @@ Foundation, Inc., 51 Franklin Street, Fifth Floor, Boston, MA 02110-1301 USA. We pass in a 1 for that as it does not seem to matter what number (0-8) is provided, the camera focus behaves the same. +=head2 irisRel + + This set of methods invoke realtive iris size in the direction indicated by + the portion of their name. They accept no arguments. + + NOTE: + + This only just does work. The Dahua API specifies "multiples" as the input. + We pass in a 1 for that as it does not seem to matter what number (0-8) is + provided, the camera iris behaves the same. + =head2 moveStop This method attempts to stop the camera. The problem is that if continuous From ff738a99ba2383528471203aec14b23216be4bf5 Mon Sep 17 00:00:00 2001 From: cnighswonger Date: Mon, 29 Apr 2019 16:06:41 -0400 Subject: [PATCH 025/922] Enabling relative iris methods --- db/zm_create.sql.in | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/db/zm_create.sql.in b/db/zm_create.sql.in index c197d09ab..5ed80c7ed 100644 --- a/db/zm_create.sql.in +++ b/db/zm_create.sql.in @@ -789,7 +789,7 @@ INSERT INTO `Controls` VALUES (NULL,'IOS Camera','Ffmpeg','IPCAMIOS',0,0,0,0,0,0 INSERT INTO `Controls` VALUES (NULL,'Dericam P2','Ffmpeg','DericamP2',0,1,1,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,1,10,0,1,1,1,0,0,0,1,1,0,0,0,0,1,1,45,0,0,1,0,0,0,0,1,1,45,0,0,0,0); INSERT INTO `Controls` VALUES (NULL,'Trendnet','Remote','Trendnet',1,1,1,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,1,1,1,0,1,0,1,0,0,0,0,0,0,0,0,0,1,0,0,0,0,0,0,0,0,0,0,0); INSERT INTO `Controls` VALUES (NULL,'PSIA','Remote','PSIA',0,0,0,0,1,0,0,1,0,0,0,0,0,0,0,100,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,1,20,0,1,1,1,0,0,1,0,1,0,0,0,0,1,-100,100,0,0,1,0,0,0,0,1,-100,100,0,0,0,0); -INSERT INTO `Controls` VALUES (NULL,'Dahua','Remote','Dahua',0,0,0,0,1,0,0,1,0,0,0,0,0,0,0,8,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,1,20,0,1,1,1,0,0,1,0,1,0,0,0,0,1,1,8,0,0,1,0,0,0,0,1,1,8,0,0,0,0); +NSERT INTO `Controls` VALUES (NULL,'Dahua','Ffmpeg','Dahua',0,0,1,1,1,1,0,0,1,0,0,0,0,0,0,0,0,1,0,0,1,0,0,0,0,0,0,0,0,1,0,0,1,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,1,20,1,1,1,1,0,0,1,0,1,0,0,0,0,0,0,0,0,0,1,0,0,0,0,0,0,0,0,0,0,0); INSERT INTO `Controls` VALUES (NULL,'FOSCAMR2C','Libvlc','FOSCAMR2C',1,1,1,0,0,0,0,0,0,NULL,NULL,NULL,NULL,0,NULL,NULL,0,0,0,0,0,NULL,NULL,NULL,NULL,0,NULL,NULL,0,0,0,0,0,NULL,NULL,NULL,NULL,0,NULL,NULL,0,0,0,0,0,NULL,NULL,NULL,NULL,0,NULL,NULL,0,0,0,0,0,NULL,NULL,NULL,NULL,0,NULL,NULL,1,12,0,1,1,1,0,0,0,1,1,NULL,NULL,NULL,NULL,1,0,4,0,NULL,1,NULL,NULL,NULL,NULL,1,0,4,0,NULL,0,0); INSERT INTO `Controls` VALUES (NULL,'Amcrest HTTP API','Ffmpeg','Amcrest_HTTP',0,0,1,0,1,0,0,0,1,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,1,5,0,0,1,0,0,0,0,1,1,0,0,0,0,0,0,0,0,0,1,0,0,0,0,0,0,0,0,0,0,5); From 16697565bf6fe20748c1215cee539706e176a502 Mon Sep 17 00:00:00 2001 From: =?UTF-8?q?R=C3=A9mi=20Da=20Costa?= Date: Tue, 30 Apr 2019 07:48:47 +0200 Subject: [PATCH 026/922] Netcat ONVIF: adding ONVIF authentication --- .../lib/ZoneMinder/Control/Netcat.pm | 86 +++++++++++++------ 1 file changed, 62 insertions(+), 24 deletions(-) diff --git a/scripts/ZoneMinder/lib/ZoneMinder/Control/Netcat.pm b/scripts/ZoneMinder/lib/ZoneMinder/Control/Netcat.pm index 977662ceb..2d9573299 100644 --- a/scripts/ZoneMinder/lib/ZoneMinder/Control/Netcat.pm +++ b/scripts/ZoneMinder/lib/ZoneMinder/Control/Netcat.pm @@ -28,6 +28,9 @@ package ZoneMinder::Control::Netcat; use 5.006; use strict; use warnings; +use MIME::Base64; +use Digest::SHA; +use DateTime; require ZoneMinder::Base; require ZoneMinder::Control; @@ -36,7 +39,7 @@ our @ISA = qw(ZoneMinder::Control); our %CamParams = (); -our $profileToken; +our ($profileToken, $address, $port, %identity); # ========================================================================== # @@ -52,7 +55,6 @@ our $profileToken; # # # Possible future improvements (for anyone to improve upon): -# - Onvif authentication # - Build the SOAP commands at runtime rather than use templates # - Implement previously mentioned advanced features # @@ -60,9 +62,10 @@ our $profileToken; # more dependencies to ZoneMinder is always a concern. # # On ControlAddress use the format : -# ADDRESS:PORT +# [USERNAME:PASSWORD@]ADDRESS:PORT # eg : 10.1.2.1:8899 # 10.0.100.1:8899 +# username:password@10.0.100.1:8899 # # Use port 8899 for the Netcat camera # @@ -84,6 +87,8 @@ sub open { $profileToken = $self->{Monitor}->{ControlDevice}; if ($profileToken eq '') { $profileToken = '000'; } + parseControlAddress($self->{Monitor}->{ControlAddress}); + use LWP::UserAgent; $self->{ua} = LWP::UserAgent->new; $self->{ua}->agent('ZoneMinder Control Agent/'.ZoneMinder::Base::ZM_VERSION); @@ -91,6 +96,39 @@ sub open { $self->{state} = 'open'; } +sub parseControlAddress +{ + my $controlAddress = shift; + my ($usernamepassword, $addressport) = split /@/, $controlAddress; + if ( !defined $addressport ) { + # If value of "Control address" does not consist of two parts, then only address is given + $addressport = $usernamepassword; + } else { + my ($username , $password) = split /:/, $usernamepassword; + %identity = (username => "$username", password => "$password"); + } + ($address, $port) = split /:/, $addressport; +} + +sub digestBase64 +{ + my ($nonce, $date, $password) = @_; + my $shaGenerator = Digest::SHA->new(1); + $shaGenerator->add($nonce . $date . $password); + return encode_base64($shaGenerator->digest, ""); +} + +sub authentificationHeader +{ + my ($username, $password) = @_; + my $nonce; + $nonce .= chr(int(rand(254))) for (0 .. 20); + my $nonceBase64 = encode_base64($nonce, ""); + my $currentDate = DateTime->now()->iso8601().'Z'; + + return '' . $username . '' . digestBase64($nonce, $currentDate, $password) . '' . $nonceBase64 . '' . $currentDate . ''; +} + sub printMsg { my $self = shift; my $msg = shift; @@ -108,10 +146,10 @@ sub sendCmd { printMsg($cmd, 'Tx'); - my $server_endpoint = 'http://'.$self->{Monitor}->{ControlAddress}.'/'.$cmd; + my $server_endpoint = 'http://' . $address . ':' . $port . "/$cmd"; my $req = HTTP::Request->new(POST => $server_endpoint); $req->header('content-type' => $content_type); - $req->header('Host' => $self->{Monitor}->{ControlAddress}); + $req->header('Host' => $address . ':' . $port); $req->header('content-length' => length($msg)); $req->header('accept-encoding' => 'gzip, deflate'); $req->header('connection' => 'Close'); @@ -130,10 +168,10 @@ sub sendCmd { sub getCamParams { my $self = shift; my $msg = '000'; - my $server_endpoint = 'http://'.$self->{Monitor}->{ControlAddress}.'/onvif/imaging'; + my $server_endpoint = 'http://' . $address . ':' . $port . '/onvif/imaging'; my $req = HTTP::Request->new(POST => $server_endpoint); $req->header('content-type' => 'application/soap+xml; charset=utf-8; action="http://www.onvif.org/ver20/imaging/wsdl/GetImagingSettings"'); - $req->header('Host' => $self->{Monitor}->{ControlAddress}); + $req->header('Host' => $address . ':' . $port); $req->header('content-length' => length($msg)); $req->header('accept-encoding' => 'gzip, deflate'); $req->header('connection' => 'Close'); @@ -165,7 +203,7 @@ sub autoStop { if ( $autostop ) { Debug('Auto Stop'); my $cmd = 'onvif/PTZ'; - my $msg = '' . $profileToken . 'truefalse'; + my $msg = '' . ((%identity) ? authentificationHeader($identity{username}, $identity{password}) : '') . '' . $profileToken . 'truefalse'; my $content_type = 'application/soap+xml; charset=utf-8; action="http://www.onvif.org/ver20/ptz/wsdl/ContinuousMove"'; usleep($autostop); $self->sendCmd($cmd, $msg, $content_type); @@ -177,7 +215,7 @@ sub reset { Debug('Camera Reset'); my $self = shift; my $cmd = ''; - my $msg = ''; + my $msg = '' . ((%identity) ? authentificationHeader($identity{username}, $identity{password}) : '') . ''; my $content_type = 'application/soap+xml; charset=utf-8; action="http://www.onvif.org/ver10/device/wsdl/SystemReboot"'; $self->sendCmd($cmd, $msg, $content_type); } @@ -187,7 +225,7 @@ sub moveConUp { Debug('Move Up'); my $self = shift; my $cmd = 'onvif/PTZ'; - my $msg ='' . $profileToken . ''; + my $msg ='' . ((%identity) ? authentificationHeader($identity{username}, $identity{password}) : '') . '' . $profileToken . ''; my $content_type = 'application/soap+xml; charset=utf-8; action="http://www.onvif.org/ver20/ptz/wsdl/ContinuousMove"'; $self->sendCmd($cmd, $msg, $content_type); $self->autoStop($self->{Monitor}->{AutoStopTimeout}); @@ -209,7 +247,7 @@ sub moveConLeft { Debug('Move Left'); my $self = shift; my $cmd = 'onvif/PTZ'; - my $msg ='' . $profileToken . ''; + my $msg ='' . ((%identity) ? authentificationHeader($identity{username}, $identity{password}) : '') . '' . $profileToken . ''; my $content_type = 'application/soap+xml; charset=utf-8; action="http://www.onvif.org/ver20/ptz/wsdl/ContinuousMove"'; $self->sendCmd($cmd, $msg, $content_type); $self->autoStop($self->{Monitor}->{AutoStopTimeout}); @@ -220,7 +258,7 @@ sub moveConRight { Debug('Move Right'); my $self = shift; my $cmd = 'onvif/PTZ'; - my $msg ='' . $profileToken . ''; + my $msg ='' . ((%identity) ? authentificationHeader($identity{username}, $identity{password}) : '') . '' . $profileToken . ''; my $content_type = 'application/soap+xml; charset=utf-8; action="http://www.onvif.org/ver20/ptz/wsdl/ContinuousMove"'; $self->sendCmd($cmd, $msg, $content_type); $self->autoStop($self->{Monitor}->{AutoStopTimeout}); @@ -231,7 +269,7 @@ sub zoomConTele { Debug('Zoom Tele'); my $self = shift; my $cmd = 'onvif/PTZ'; - my $msg ='' . $profileToken . ''; + my $msg ='' . ((%identity) ? authentificationHeader($identity{username}, $identity{password}) : '') . '' . $profileToken . ''; my $content_type = 'application/soap+xml; charset=utf-8; action="http://www.onvif.org/ver20/ptz/wsdl/ContinuousMove"'; $self->sendCmd($cmd, $msg, $content_type); $self->autoStop($self->{Monitor}->{AutoStopTimeout}); @@ -242,7 +280,7 @@ sub zoomConWide { Debug('Zoom Wide'); my $self = shift; my $cmd = 'onvif/PTZ'; - my $msg ='' . $profileToken . ''; + my $msg ='' . ((%identity) ? authentificationHeader($identity{username}, $identity{password}) : '') . '' . $profileToken . ''; my $content_type = 'application/soap+xml; charset=utf-8; action="http://www.onvif.org/ver20/ptz/wsdl/ContinuousMove"'; $self->sendCmd($cmd, $msg, $content_type); $self->autoStop($self->{Monitor}->{AutoStopTimeout}); @@ -254,7 +292,7 @@ sub moveConUpRight { Debug('Move Diagonally Up Right'); my $self = shift; my $cmd = 'onvif/PTZ'; - my $msg ='' . $profileToken . ''; + my $msg ='' . ((%identity) ? authentificationHeader($identity{username}, $identity{password}) : '') . '' . $profileToken . ''; my $content_type = 'application/soap+xml; charset=utf-8; action="http://www.onvif.org/ver20/ptz/wsdl/ContinuousMove"'; $self->sendCmd($cmd, $msg, $content_type); $self->autoStop($self->{Monitor}->{AutoStopTimeout}); @@ -266,7 +304,7 @@ sub moveConDownRight { Debug('Move Diagonally Down Right'); my $self = shift; my $cmd = 'onvif/PTZ'; - my $msg ='' . $profileToken . ''; + my $msg ='' . ((%identity) ? authentificationHeader($identity{username}, $identity{password}) : '') . '' . $profileToken . ''; my $content_type = 'application/soap+xml; charset=utf-8; action="http://www.onvif.org/ver20/ptz/wsdl/ContinuousMove"'; $self->sendCmd($cmd, $msg, $content_type); $self->autoStop($self->{Monitor}->{AutoStopTimeout}); @@ -290,7 +328,7 @@ sub moveConDownLeft { Debug('Move Diagonally Down Left'); my $self = shift; my $cmd = 'onvif/PTZ'; - my $msg ='' . $profileToken . ''; + my $msg ='' . ((%identity) ? authentificationHeader($identity{username}, $identity{password}) : '') . '' . $profileToken . ''; my $content_type = 'application/soap+xml; charset=utf-8; action="http://www.onvif.org/ver20/ptz/wsdl/ContinuousMove"'; $self->sendCmd($cmd, $msg, $content_type); $self->autoStop($self->{Monitor}->{AutoStopTimeout}); @@ -301,7 +339,7 @@ sub moveStop { Debug('Move Stop'); my $self = shift; my $cmd = 'onvif/PTZ'; - my $msg ='' . $profileToken . 'truefalse'; + my $msg ='' . ((%identity) ? authentificationHeader($identity{username}, $identity{password}) : '') . '' . $profileToken . 'truefalse'; my $content_type = 'application/soap+xml; charset=utf-8; action="http://www.onvif.org/ver20/ptz/wsdl/ContinuousMove"'; $self->sendCmd($cmd, $msg, $content_type); } @@ -313,7 +351,7 @@ sub presetSet { my $preset = $self->getParam($params, 'preset'); Debug("Set Preset $preset"); my $cmd = 'onvif/PTZ'; - my $msg ='' . $profileToken . ''.$preset.''; + my $msg ='' . ((%identity) ? authentificationHeader($identity{username}, $identity{password}) : '') . '' . $profileToken . ''.$preset.''; my $content_type = 'application/soap+xml; charset=utf-8; action="http://www.onvif.org/ver20/ptz/wsdl/SetPreset"'; $self->sendCmd($cmd, $msg, $content_type); } @@ -325,7 +363,7 @@ sub presetGoto { my $preset = $self->getParam($params, 'preset'); Debug("Goto Preset $preset"); my $cmd = 'onvif/PTZ'; - my $msg ='' . $profileToken . ''.$preset.''; + my $msg ='' . ((%identity) ? authentificationHeader($identity{username}, $identity{password}) : '') . '' . $profileToken . ''.$preset.''; my $content_type = 'application/soap+xml; charset=utf-8; action="http://www.onvif.org/ver20/ptz/wsdl/GotoPreset"'; $self->sendCmd( $cmd, $msg, $content_type ); } @@ -367,7 +405,7 @@ sub irisAbsOpen { $CamParams{Brightness} = $max if ($CamParams{Brightness} > $max); my $cmd = 'onvif/imaging'; - my $msg ='000'.$CamParams{Brightness}.'true'; + my $msg ='' . ((%identity) ? authentificationHeader($identity{username}, $identity{password}) : '') . '000'.$CamParams{Brightness}.'true'; my $content_type = 'application/soap+xml; charset=utf-8; action="http://www.onvif.org/ver20/imaging/wsdl/SetImagingSettings"'; $self->sendCmd( $cmd, $msg, $content_type ); } @@ -386,7 +424,7 @@ sub irisAbsClose $CamParams{Brightness} = $min if ($CamParams{Brightness} < $min); my $cmd = 'onvif/imaging'; - my $msg ='000'.$CamParams{Brightness}.'true'; + my $msg ='' . ((%identity) ? authentificationHeader($identity{username}, $identity{password}) : '') . '000'.$CamParams{Brightness}.'true'; my $content_type = 'application/soap+xml; charset=utf-8; action="http://www.onvif.org/ver20/imaging/wsdl/SetImagingSettings"'; $self->sendCmd( $cmd, $msg, $content_type ); } @@ -404,7 +442,7 @@ sub whiteAbsIn { $CamParams{Contrast} = $max if ($CamParams{Contrast} > $max); my $cmd = 'onvif/imaging'; - my $msg ='000'.$CamParams{Contrast}.'true'; + my $msg ='' . ((%identity) ? authentificationHeader($identity{username}, $identity{password}) : '') . '000'.$CamParams{Contrast}.'true'; my $content_type = 'application/soap+xml; charset=utf-8; action="http://www.onvif.org/ver20/imaging/wsdl/SetImagingSettings"'; } @@ -421,7 +459,7 @@ sub whiteAbsOut { $CamParams{Contrast} = $min if ($CamParams{Contrast} < $min); my $cmd = 'onvif/imaging'; - my $msg ='000'.$CamParams{Contrast}.'true'; + my $msg ='' . ((%identity) ? authentificationHeader($identity{username}, $identity{password}) : '') . '000'.$CamParams{Contrast}.'true'; my $content_type = 'application/soap+xml; charset=utf-8; action="http://www.onvif.org/ver20/imaging/wsdl/SetImagingSettings"'; } From 27344df373d835a46c5a64b08b12e71172aee4f8 Mon Sep 17 00:00:00 2001 From: Andrew Bauer Date: Tue, 30 Apr 2019 07:15:00 -0500 Subject: [PATCH 027/922] fix typo --- db/zm_create.sql.in | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/db/zm_create.sql.in b/db/zm_create.sql.in index 5ed80c7ed..787854091 100644 --- a/db/zm_create.sql.in +++ b/db/zm_create.sql.in @@ -789,7 +789,7 @@ INSERT INTO `Controls` VALUES (NULL,'IOS Camera','Ffmpeg','IPCAMIOS',0,0,0,0,0,0 INSERT INTO `Controls` VALUES (NULL,'Dericam P2','Ffmpeg','DericamP2',0,1,1,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,1,10,0,1,1,1,0,0,0,1,1,0,0,0,0,1,1,45,0,0,1,0,0,0,0,1,1,45,0,0,0,0); INSERT INTO `Controls` VALUES (NULL,'Trendnet','Remote','Trendnet',1,1,1,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,1,1,1,0,1,0,1,0,0,0,0,0,0,0,0,0,1,0,0,0,0,0,0,0,0,0,0,0); INSERT INTO `Controls` VALUES (NULL,'PSIA','Remote','PSIA',0,0,0,0,1,0,0,1,0,0,0,0,0,0,0,100,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,1,20,0,1,1,1,0,0,1,0,1,0,0,0,0,1,-100,100,0,0,1,0,0,0,0,1,-100,100,0,0,0,0); -NSERT INTO `Controls` VALUES (NULL,'Dahua','Ffmpeg','Dahua',0,0,1,1,1,1,0,0,1,0,0,0,0,0,0,0,0,1,0,0,1,0,0,0,0,0,0,0,0,1,0,0,1,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,1,20,1,1,1,1,0,0,1,0,1,0,0,0,0,0,0,0,0,0,1,0,0,0,0,0,0,0,0,0,0,0); +INSERT INTO `Controls` VALUES (NULL,'Dahua','Ffmpeg','Dahua',0,0,1,1,1,1,0,0,1,0,0,0,0,0,0,0,0,1,0,0,1,0,0,0,0,0,0,0,0,1,0,0,1,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,1,20,1,1,1,1,0,0,1,0,1,0,0,0,0,0,0,0,0,0,1,0,0,0,0,0,0,0,0,0,0,0); INSERT INTO `Controls` VALUES (NULL,'FOSCAMR2C','Libvlc','FOSCAMR2C',1,1,1,0,0,0,0,0,0,NULL,NULL,NULL,NULL,0,NULL,NULL,0,0,0,0,0,NULL,NULL,NULL,NULL,0,NULL,NULL,0,0,0,0,0,NULL,NULL,NULL,NULL,0,NULL,NULL,0,0,0,0,0,NULL,NULL,NULL,NULL,0,NULL,NULL,0,0,0,0,0,NULL,NULL,NULL,NULL,0,NULL,NULL,1,12,0,1,1,1,0,0,0,1,1,NULL,NULL,NULL,NULL,1,0,4,0,NULL,1,NULL,NULL,NULL,NULL,1,0,4,0,NULL,0,0); INSERT INTO `Controls` VALUES (NULL,'Amcrest HTTP API','Ffmpeg','Amcrest_HTTP',0,0,1,0,1,0,0,0,1,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,1,5,0,0,1,0,0,0,0,1,1,0,0,0,0,0,0,0,0,0,1,0,0,0,0,0,0,0,0,0,0,5); From 75b4f4f2b3f02aeaf8d50a189d94513e2b7600c6 Mon Sep 17 00:00:00 2001 From: Isaac Connor Date: Tue, 30 Apr 2019 17:29:18 -0400 Subject: [PATCH 028/922] Add a few missing GREATESTs in the triggers. --- db/triggers.sql | 6 +- db/zm_update-1.33.8.sql | 283 ++++++++++++++++++++++++++++++++++++++++ version | 2 +- 3 files changed, 287 insertions(+), 4 deletions(-) create mode 100644 db/zm_update-1.33.8.sql diff --git a/db/triggers.sql b/db/triggers.sql index fb7a32b67..87c8465b4 100644 --- a/db/triggers.sql +++ b/db/triggers.sql @@ -4,7 +4,7 @@ DROP TRIGGER IF EXISTS Events_Hour_delete_trigger// CREATE TRIGGER Events_Hour_delete_trigger BEFORE DELETE ON Events_Hour FOR EACH ROW BEGIN UPDATE Monitors SET - HourEvents = COALESCE(HourEvents,1)-1, + HourEvents = GREATEST(COALESCE(HourEvents,1)-1,0), HourEventDiskSpace=GREATEST(COALESCE(HourEventDiskSpace,0)-COALESCE(OLD.DiskSpace,0),0) WHERE Id=OLD.MonitorId; END; @@ -62,7 +62,7 @@ DROP TRIGGER IF EXISTS Events_Week_delete_trigger// CREATE TRIGGER Events_Week_delete_trigger BEFORE DELETE ON Events_Week FOR EACH ROW BEGIN UPDATE Monitors SET - WeekEvents = COALESCE(WeekEvents,1)-1, + WeekEvents = GREATEST(COALESCE(WeekEvents,1)-1,0), WeekEventDiskSpace=GREATEST(COALESCE(WeekEventDiskSpace,0)-COALESCE(OLD.DiskSpace,0),0) WHERE Id=OLD.MonitorId; END; @@ -90,7 +90,7 @@ DROP TRIGGER IF EXISTS Events_Month_delete_trigger// CREATE TRIGGER Events_Month_delete_trigger BEFORE DELETE ON Events_Month FOR EACH ROW BEGIN UPDATE Monitors SET - MonthEvents = COALESCE(MonthEvents,1)-1, + MonthEvents = GREATEST(COALESCE(MonthEvents,1)-1,0), MonthEventDiskSpace=GREATEST(COALESCE(MonthEventDiskSpace,0)-COALESCE(OLD.DiskSpace,0),0) WHERE Id=OLD.MonitorId; END; diff --git a/db/zm_update-1.33.8.sql b/db/zm_update-1.33.8.sql new file mode 100644 index 000000000..a3fed9629 --- /dev/null +++ b/db/zm_update-1.33.8.sql @@ -0,0 +1,283 @@ + +delimiter // +DROP TRIGGER IF EXISTS Events_Hour_delete_trigger// +CREATE TRIGGER Events_Hour_delete_trigger BEFORE DELETE ON Events_Hour +FOR EACH ROW BEGIN + UPDATE Monitors SET + HourEvents = GREATEST(COALESCE(HourEvents,1)-1,0), + HourEventDiskSpace=GREATEST(COALESCE(HourEventDiskSpace,0)-COALESCE(OLD.DiskSpace,0),0) + WHERE Id=OLD.MonitorId; +END; +// + +DROP TRIGGER IF EXISTS Events_Hour_update_trigger// + +CREATE TRIGGER Events_Hour_update_trigger AFTER UPDATE ON Events_Hour +FOR EACH ROW + BEGIN + declare diff BIGINT default 0; + + set diff = COALESCE(NEW.DiskSpace,0) - COALESCE(OLD.DiskSpace,0); + IF ( diff ) THEN + IF ( NEW.MonitorID != OLD.MonitorID ) THEN + UPDATE Monitors SET HourEventDiskSpace=GREATEST(COALESCE(HourEventDiskSpace,0)-COALESCE(OLD.DiskSpace,0),0) WHERE Monitors.Id=OLD.MonitorId; + UPDATE Monitors SET HourEventDiskSpace=COALESCE(HourEventDiskSpace,0)+COALESCE(NEW.DiskSpace,0) WHERE Monitors.Id=NEW.MonitorId; + ELSE + UPDATE Monitors SET HourEventDiskSpace=COALESCE(HourEventDiskSpace,0)+diff WHERE Monitors.Id=NEW.MonitorId; + END IF; + END IF; + END; +// + +DROP TRIGGER IF EXISTS Events_Day_delete_trigger// +CREATE TRIGGER Events_Day_delete_trigger BEFORE DELETE ON Events_Day +FOR EACH ROW BEGIN + UPDATE Monitors SET + DayEvents = GREATEST(COALESCE(DayEvents,1)-1,0), + DayEventDiskSpace=GREATEST(COALESCE(DayEventDiskSpace,0)-COALESCE(OLD.DiskSpace,0),0) + WHERE Id=OLD.MonitorId; +END; +// + +DROP TRIGGER IF EXISTS Events_Day_update_trigger; +CREATE TRIGGER Events_Day_update_trigger AFTER UPDATE ON Events_Day +FOR EACH ROW + BEGIN + declare diff BIGINT default 0; + + set diff = COALESCE(NEW.DiskSpace,0) - COALESCE(OLD.DiskSpace,0); + IF ( diff ) THEN + IF ( NEW.MonitorID != OLD.MonitorID ) THEN + UPDATE Monitors SET DayEventDiskSpace=GREATEST(COALESCE(DayEventDiskSpace,0)-COALESCE(OLD.DiskSpace,0),0) WHERE Monitors.Id=OLD.MonitorId; + UPDATE Monitors SET DayEventDiskSpace=COALESCE(DayEventDiskSpace,0)+COALESCE(NEW.DiskSpace,0) WHERE Monitors.Id=NEW.MonitorId; + ELSE + UPDATE Monitors SET DayEventDiskSpace=GREATEST(COALESCE(DayEventDiskSpace,0)+diff,0) WHERE Monitors.Id=NEW.MonitorId; + END IF; + END IF; + END; + // + + +DROP TRIGGER IF EXISTS Events_Week_delete_trigger// +CREATE TRIGGER Events_Week_delete_trigger BEFORE DELETE ON Events_Week +FOR EACH ROW BEGIN + UPDATE Monitors SET + WeekEvents = GREATEST(COALESCE(WeekEvents,1)-1,0), + WeekEventDiskSpace=GREATEST(COALESCE(WeekEventDiskSpace,0)-COALESCE(OLD.DiskSpace,0),0) + WHERE Id=OLD.MonitorId; +END; +// + +DROP TRIGGER IF EXISTS Events_Week_update_trigger; +CREATE TRIGGER Events_Week_update_trigger AFTER UPDATE ON Events_Week +FOR EACH ROW + BEGIN + declare diff BIGINT default 0; + + set diff = COALESCE(NEW.DiskSpace,0) - COALESCE(OLD.DiskSpace,0); + IF ( diff ) THEN + IF ( NEW.MonitorID != OLD.MonitorID ) THEN + UPDATE Monitors SET WeekEventDiskSpace=GREATEST(COALESCE(WeekEventDiskSpace,0)-COALESCE(OLD.DiskSpace,0),0) WHERE Monitors.Id=OLD.MonitorId; + UPDATE Monitors SET WeekEventDiskSpace=COALESCE(WeekEventDiskSpace,0)+COALESCE(NEW.DiskSpace,0) WHERE Monitors.Id=NEW.MonitorId; + ELSE + UPDATE Monitors SET WeekEventDiskSpace=GREATEST(COALESCE(WeekEventDiskSpace,0)+diff,0) WHERE Monitors.Id=NEW.MonitorId; + END IF; + END IF; + END; + // + +DROP TRIGGER IF EXISTS Events_Month_delete_trigger// +CREATE TRIGGER Events_Month_delete_trigger BEFORE DELETE ON Events_Month +FOR EACH ROW BEGIN + UPDATE Monitors SET + MonthEvents = GREATEST(COALESCE(MonthEvents,1)-1,0), + MonthEventDiskSpace=GREATEST(COALESCE(MonthEventDiskSpace,0)-COALESCE(OLD.DiskSpace,0),0) + WHERE Id=OLD.MonitorId; +END; +// + +DROP TRIGGER IF EXISTS Events_Month_update_trigger; +CREATE TRIGGER Events_Month_update_trigger AFTER UPDATE ON Events_Month +FOR EACH ROW + BEGIN + declare diff BIGINT default 0; + + set diff = COALESCE(NEW.DiskSpace,0) - COALESCE(OLD.DiskSpace,0); + IF ( diff ) THEN + IF ( NEW.MonitorID != OLD.MonitorID ) THEN + UPDATE Monitors SET MonthEventDiskSpace=GREATEST(COALESCE(MonthEventDiskSpace,0)-COALESCE(OLD.DiskSpace),0) WHERE Monitors.Id=OLD.MonitorId; + UPDATE Monitors SET MonthEventDiskSpace=COALESCE(MonthEventDiskSpace,0)+COALESCE(NEW.DiskSpace) WHERE Monitors.Id=NEW.MonitorId; + ELSE + UPDATE Monitors SET MonthEventDiskSpace=GREATEST(COALESCE(MonthEventDiskSpace,0)+diff,0) WHERE Monitors.Id=NEW.MonitorId; + END IF; + END IF; + END; + // + +drop procedure if exists update_storage_stats// + +drop trigger if exists event_update_trigger// + +CREATE TRIGGER event_update_trigger AFTER UPDATE ON Events +FOR EACH ROW +BEGIN + declare diff BIGINT default 0; + + set diff = COALESCE(NEW.DiskSpace,0) - COALESCE(OLD.DiskSpace,0); + IF ( NEW.StorageId = OLD.StorageID ) THEN + IF ( diff ) THEN + UPDATE Storage SET DiskSpace = GREATEST(COALESCE(DiskSpace,0) + diff,0) WHERE Id = OLD.StorageId; + END IF; + ELSE + IF ( NEW.DiskSpace ) THEN + UPDATE Storage SET DiskSpace = COALESCE(DiskSpace,0) + NEW.DiskSpace WHERE Id = NEW.StorageId; + END IF; + IF ( OLD.DiskSpace ) THEN + UPDATE Storage SET DiskSpace = GREATEST(COALESCE(DiskSpace,0) - OLD.DiskSpace,0) WHERE Id = OLD.StorageId; + END IF; + END IF; + + UPDATE Events_Hour SET DiskSpace=NEW.DiskSpace WHERE EventId=NEW.Id; + UPDATE Events_Day SET DiskSpace=NEW.DiskSpace WHERE EventId=NEW.Id; + UPDATE Events_Week SET DiskSpace=NEW.DiskSpace WHERE EventId=NEW.Id; + UPDATE Events_Month SET DiskSpace=NEW.DiskSpace WHERE EventId=NEW.Id; + + IF ( NEW.Archived != OLD.Archived ) THEN + IF ( NEW.Archived ) THEN + INSERT INTO Events_Archived (EventId,MonitorId,DiskSpace) VALUES (NEW.Id,NEW.MonitorId,NEW.DiskSpace); + UPDATE Monitors SET ArchivedEvents = COALESCE(ArchivedEvents,0)+1, ArchivedEventDiskSpace = COALESCE(ArchivedEventDiskSpace,0) + COALESCE(NEW.DiskSpace,0) WHERE Id=NEW.MonitorId; + ELSEIF ( OLD.Archived ) THEN + DELETE FROM Events_Archived WHERE EventId=OLD.Id; + UPDATE Monitors + SET + ArchivedEvents = GREATEST(COALESCE(ArchivedEvents,0)-1,0), + ArchivedEventDiskSpace = GREATEST(COALESCE(ArchivedEventDiskSpace,0) - COALESCE(OLD.DiskSpace,0),0) + WHERE Id=OLD.MonitorId; + ELSE + IF ( OLD.DiskSpace != NEW.DiskSpace ) THEN + UPDATE Events_Archived SET DiskSpace=NEW.DiskSpace WHERE EventId=NEW.Id; + UPDATE Monitors SET + ArchivedEventDiskSpace = GREATEST(COALESCE(ArchivedEventDiskSpace,0) - COALESCE(OLD.DiskSpace,0) + COALESCE(NEW.DiskSpace,0),0) + WHERE Id=OLD.MonitorId; + END IF; + END IF; + ELSEIF ( NEW.Archived AND diff ) THEN + UPDATE Events_Archived SET DiskSpace=NEW.DiskSpace WHERE EventId=NEW.Id; + END IF; + + IF ( diff ) THEN + UPDATE Monitors + SET + TotalEventDiskSpace = GREATEST(COALESCE(TotalEventDiskSpace,0) - COALESCE(OLD.DiskSpace,0) + COALESCE(NEW.DiskSpace,0),0) + WHERE Id=OLD.MonitorId; + END IF; + +END; + +// + +DROP TRIGGER IF EXISTS event_insert_trigger// + +/* The assumption is that when an Event is inserted, it has no size yet, so don't bother updating the DiskSpace, just the count. + * The DiskSpace will get update in the Event Update Trigger + */ +CREATE TRIGGER event_insert_trigger AFTER INSERT ON Events +FOR EACH ROW + BEGIN + + INSERT INTO Events_Hour (EventId,MonitorId,StartTime,DiskSpace) VALUES (NEW.Id,NEW.MonitorId,NEW.StartTime,0); + INSERT INTO Events_Day (EventId,MonitorId,StartTime,DiskSpace) VALUES (NEW.Id,NEW.MonitorId,NEW.StartTime,0); + INSERT INTO Events_Week (EventId,MonitorId,StartTime,DiskSpace) VALUES (NEW.Id,NEW.MonitorId,NEW.StartTime,0); + INSERT INTO Events_Month (EventId,MonitorId,StartTime,DiskSpace) VALUES (NEW.Id,NEW.MonitorId,NEW.StartTime,0); + UPDATE Monitors SET + HourEvents = COALESCE(HourEvents,0)+1, + DayEvents = COALESCE(DayEvents,0)+1, + WeekEvents = COALESCE(WeekEvents,0)+1, + MonthEvents = COALESCE(MonthEvents,0)+1, + TotalEvents = COALESCE(TotalEvents,0)+1 + WHERE Id=NEW.MonitorId; +END; +// + +DROP TRIGGER IF EXISTS event_delete_trigger// + +CREATE TRIGGER event_delete_trigger BEFORE DELETE ON Events +FOR EACH ROW +BEGIN + IF ( OLD.DiskSpace ) THEN + UPDATE Storage SET DiskSpace = GREATEST(COALESCE(DiskSpace,0) - COALESCE(OLD.DiskSpace,0),0) WHERE Id = OLD.StorageId; + END IF; + DELETE FROM Events_Hour WHERE EventId=OLD.Id; + DELETE FROM Events_Day WHERE EventId=OLD.Id; + DELETE FROM Events_Week WHERE EventId=OLD.Id; + DELETE FROM Events_Month WHERE EventId=OLD.Id; + IF ( OLD.Archived ) THEN + DELETE FROM Events_Archived WHERE EventId=OLD.Id; + UPDATE Monitors SET + ArchivedEvents = GREATEST(COALESCE(ArchivedEvents,1) - 1,0), + ArchivedEventDiskSpace = GREATEST(COALESCE(ArchivedEventDiskSpace,0) - COALESCE(OLD.DiskSpace,0),0), + TotalEvents = GREATEST(COALESCE(TotalEvents,1) - 1,0), + TotalEventDiskSpace = GREATEST(COALESCE(TotalEventDiskSpace,0) - COALESCE(OLD.DiskSpace,0),0) + WHERE Id=OLD.MonitorId; + ELSE + UPDATE Monitors SET + TotalEvents = GREATEST(COALESCE(TotalEvents,1)-1,0), + TotalEventDiskSpace=GREATEST(COALESCE(TotalEventDiskSpace,0)-COALESCE(OLD.DiskSpace,0),0) + WHERE Id=OLD.MonitorId; + END IF; +END; + +// + +DROP TRIGGER IF EXISTS Zone_Insert_Trigger// +CREATE TRIGGER Zone_Insert_Trigger AFTER INSERT ON Zones +FOR EACH ROW + BEGIN + UPDATE Monitors SET ZoneCount=(SELECT COUNT(*) FROM Zones WHERE MonitorId=NEW.MonitorId) WHERE Id=NEW.MonitorID; + END +// +DROP TRIGGER IF EXISTS Zone_Delete_Trigger// +CREATE TRIGGER Zone_Delete_Trigger AFTER DELETE ON Zones +FOR EACH ROW + BEGIN + UPDATE Monitors SET ZoneCount=(SELECT COUNT(*) FROM Zones WHERE MonitorId=OLD.MonitorId) WHERE Id=OLD.MonitorID; + END +// + +DELIMITER ; + +REPLACE INTO Events_Hour SELECT Id,MonitorId,StartTime,DiskSpace FROM Events WHERE StartTime > DATE_SUB(NOW(), INTERVAL 1 hour); +REPLACE INTO Events_Day SELECT Id,MonitorId,StartTime,DiskSpace FROM Events WHERE StartTime > DATE_SUB(NOW(), INTERVAL 1 day); +REPLACE INTO Events_Week SELECT Id,MonitorId,StartTime,DiskSpace FROM Events WHERE StartTime > DATE_SUB(NOW(), INTERVAL 1 week); +REPLACE INTO Events_Month SELECT Id,MonitorId,StartTime,DiskSpace FROM Events WHERE StartTime > DATE_SUB(NOW(), INTERVAL 1 month); +REPLACE INTO Events_Archived SELECT Id,MonitorId,DiskSpace FROM Events WHERE Archived=1; + +UPDATE Monitors INNER JOIN ( + SELECT MonitorId, + COUNT(Id) AS TotalEvents, + SUM(DiskSpace) AS TotalEventDiskSpace, + SUM(IF(Archived,1,0)) AS ArchivedEvents, + SUM(IF(Archived,DiskSpace,0)) AS ArchivedEventDiskSpace, + SUM(IF(StartTime > DATE_SUB(NOW(), INTERVAL 1 hour),1,0)) AS HourEvents, + SUM(IF(StartTime > DATE_SUB(NOW(), INTERVAL 1 hour),DiskSpace,0)) AS HourEventDiskSpace, + SUM(IF(StartTime > DATE_SUB(NOW(), INTERVAL 1 day),1,0)) AS DayEvents, + SUM(IF(StartTime > DATE_SUB(NOW(), INTERVAL 1 day),DiskSpace,0)) AS DayEventDiskSpace, + SUM(IF(StartTime > DATE_SUB(NOW(), INTERVAL 1 week),1,0)) AS WeekEvents, + SUM(IF(StartTime > DATE_SUB(NOW(), INTERVAL 1 week),DiskSpace,0)) AS WeekEventDiskSpace, + SUM(IF(StartTime > DATE_SUB(NOW(), INTERVAL 1 month),1,0)) AS MonthEvents, + SUM(IF(StartTime > DATE_SUB(NOW(), INTERVAL 1 month),DiskSpace,0)) AS MonthEventDiskSpace + FROM Events GROUP BY MonitorId + ) AS E ON E.MonitorId=Monitors.Id SET + Monitors.TotalEvents = E.TotalEvents, + Monitors.TotalEventDiskSpace = E.TotalEventDiskSpace, + Monitors.ArchivedEvents = E.ArchivedEvents, + Monitors.ArchivedEventDiskSpace = E.ArchivedEventDiskSpace, + Monitors.HourEvents = E.HourEvents, + Monitors.HourEventDiskSpace = E.HourEventDiskSpace, + Monitors.DayEvents = E.DayEvents, + Monitors.DayEventDiskSpace = E.DayEventDiskSpace, + Monitors.WeekEvents = E.WeekEvents, + Monitors.WeekEventDiskSpace = E.WeekEventDiskSpace, + Monitors.MonthEvents = E.MonthEvents, + Monitors.MonthEventDiskSpace = E.MonthEventDiskSpace; + diff --git a/version b/version index 1304b01de..692c2e30d 100644 --- a/version +++ b/version @@ -1 +1 @@ -1.33.7 +1.33.8 From ed02ef39f182aca60d152c3722dc0136b3fade1c Mon Sep 17 00:00:00 2001 From: Andrew Bauer Date: Tue, 30 Apr 2019 18:11:38 -0500 Subject: [PATCH 029/922] bump rpm specfile --- distros/redhat/zoneminder.spec | 5 ++++- 1 file changed, 4 insertions(+), 1 deletion(-) diff --git a/distros/redhat/zoneminder.spec b/distros/redhat/zoneminder.spec index 440b05acc..8e542f658 100644 --- a/distros/redhat/zoneminder.spec +++ b/distros/redhat/zoneminder.spec @@ -23,7 +23,7 @@ %global _hardened_build 1 Name: zoneminder -Version: 1.33.6 +Version: 1.33.8 Release: 1%{?dist} Summary: A camera monitoring and analysis tool Group: System Environment/Daemons @@ -410,6 +410,9 @@ EOF %dir %attr(755,nginx,nginx) %{_localstatedir}/spool/zoneminder-upload %changelog +* Tue Apr 30 2019 Andrew Bauer - 1.33.8-1 +- Bump to 1.33.8 Development + * Sun Apr 07 2019 Andrew Bauer - 1.33.6-1 - Bump to 1.33.6 Development From a5de45419f5b723a4f947705af1afe9f1ed3ada2 Mon Sep 17 00:00:00 2001 From: Pliable Pixels Date: Wed, 1 May 2019 13:08:52 -0400 Subject: [PATCH 030/922] added sha1 and bcrypt submodules --- .gitmodules | 6 ++++++ CMakeLists.txt | 1 + third_party/bcrypt | 1 + third_party/sha1 | 1 + 4 files changed, 9 insertions(+) create mode 160000 third_party/bcrypt create mode 160000 third_party/sha1 diff --git a/.gitmodules b/.gitmodules index eb0e282a2..473f65c73 100644 --- a/.gitmodules +++ b/.gitmodules @@ -5,3 +5,9 @@ [submodule "web/api/app/Plugin/CakePHP-Enum-Behavior"] path = web/api/app/Plugin/CakePHP-Enum-Behavior url = https://github.com/ZoneMinder/CakePHP-Enum-Behavior.git +[submodule "third_party/bcrypt"] + path = third_party/bcrypt + url = https://github.com/trusch/libbcrypt +[submodule "third_party/sha1"] + path = third_party/sha1 + url = https://github.com/vog/sha1 diff --git a/CMakeLists.txt b/CMakeLists.txt index 9646ffc3e..5d8506cc0 100644 --- a/CMakeLists.txt +++ b/CMakeLists.txt @@ -870,6 +870,7 @@ include(Pod2Man) ADD_MANPAGE_TARGET() # Process subdirectories +add_subdirectory(third_party/bcrypt) add_subdirectory(src) add_subdirectory(scripts) add_subdirectory(db) diff --git a/third_party/bcrypt b/third_party/bcrypt new file mode 160000 index 000000000..180cd3372 --- /dev/null +++ b/third_party/bcrypt @@ -0,0 +1 @@ +Subproject commit 180cd3372609b2539fe9c916f15c8ef8a2aef5f2 diff --git a/third_party/sha1 b/third_party/sha1 new file mode 160000 index 000000000..68a099035 --- /dev/null +++ b/third_party/sha1 @@ -0,0 +1 @@ +Subproject commit 68a0990352c04de43c494e8381264c27ed0b8e7e From c4b1bc19e01011722a91accc3a17725d1e9a3811 Mon Sep 17 00:00:00 2001 From: Pliable Pixels Date: Wed, 1 May 2019 13:15:07 -0400 Subject: [PATCH 031/922] added bcrypt and sha to src build process --- src/CMakeLists.txt | 11 +++++++++-- 1 file changed, 9 insertions(+), 2 deletions(-) diff --git a/src/CMakeLists.txt b/src/CMakeLists.txt index e7e3157eb..0aad53020 100644 --- a/src/CMakeLists.txt +++ b/src/CMakeLists.txt @@ -6,6 +6,10 @@ configure_file(zm_config.h.in "${CMAKE_CURRENT_BINARY_DIR}/zm_config.h" @ONLY) # Group together all the source files that are used by all the binaries (zmc, zma, zmu, zms etc) set(ZM_BIN_SRC_FILES zm_box.cpp zm_buffer.cpp zm_camera.cpp zm_comms.cpp zm_config.cpp zm_coord.cpp zm_curl_camera.cpp zm.cpp zm_db.cpp zm_logger.cpp zm_event.cpp zm_frame.cpp zm_eventstream.cpp zm_exception.cpp zm_file_camera.cpp zm_ffmpeg_input.cpp zm_ffmpeg_camera.cpp zm_group.cpp zm_image.cpp zm_jpeg.cpp zm_libvlc_camera.cpp zm_local_camera.cpp zm_monitor.cpp zm_monitorstream.cpp zm_ffmpeg.cpp zm_mpeg.cpp zm_packet.cpp zm_packetqueue.cpp zm_poly.cpp zm_regexp.cpp zm_remote_camera.cpp zm_remote_camera_http.cpp zm_remote_camera_nvsocket.cpp zm_remote_camera_rtsp.cpp zm_rtp.cpp zm_rtp_ctrl.cpp zm_rtp_data.cpp zm_rtp_source.cpp zm_rtsp.cpp zm_rtsp_auth.cpp zm_sdp.cpp zm_signal.cpp zm_stream.cpp zm_swscale.cpp zm_thread.cpp zm_time.cpp zm_timer.cpp zm_user.cpp zm_utils.cpp zm_video.cpp zm_videostore.cpp zm_zone.cpp zm_storage.cpp) + +# includes and linkages to 3rd party libraries/src +set (ZM_BIN_THIRDPARTY_SRC_FILES ../third_party/sha1/sha1.cpp) + # A fix for cmake recompiling the source files for every target. add_library(zm STATIC ${ZM_BIN_SRC_FILES}) @@ -14,10 +18,13 @@ add_executable(zma zma.cpp) add_executable(zmu zmu.cpp) add_executable(zms zms.cpp) +#include_directories(../third_party/sha1 ../third_party/bcrypt/include/bcrypt) +link_directories(../third_party/bcrypt) + target_link_libraries(zmc zm ${ZM_EXTRA_LIBS} ${ZM_BIN_LIBS}) target_link_libraries(zma zm ${ZM_EXTRA_LIBS} ${ZM_BIN_LIBS}) -target_link_libraries(zmu zm ${ZM_EXTRA_LIBS} ${ZM_BIN_LIBS}) -target_link_libraries(zms zm ${ZM_EXTRA_LIBS} ${ZM_BIN_LIBS}) +target_link_libraries(zmu zm ${ZM_EXTRA_LIBS} ${ZM_BIN_LIBS} bcrypt) +target_link_libraries(zms zm ${ZM_EXTRA_LIBS} ${ZM_BIN_LIBS} bcrypt) # Generate man files for the binaries destined for the bin folder FOREACH(CBINARY zma zmc zmu) From 1ba1bf0c45891ac0f7b68716b77e1b5811b19f40 Mon Sep 17 00:00:00 2001 From: Pliable Pixels Date: Wed, 1 May 2019 13:18:51 -0400 Subject: [PATCH 032/922] added test sha1 and bcrypt code to validate working --- src/zm_user.cpp | 12 ++++++++++++ 1 file changed, 12 insertions(+) diff --git a/src/zm_user.cpp b/src/zm_user.cpp index 46ee2cdf1..a710188cc 100644 --- a/src/zm_user.cpp +++ b/src/zm_user.cpp @@ -26,6 +26,8 @@ #include #include #include +#include "BCrypt.hpp" +#include "sha1.hpp" #include "zm_utils.h" @@ -95,6 +97,16 @@ User *zmLoadUser( const char *username, const char *password ) { // According to docs, size of safer_whatever must be 2*length+1 due to unicode conversions + null terminator. mysql_real_escape_string(&dbconn, safer_username, username, username_length ); + BCrypt bcrypt; + std::string ptest = "test"; + std::string hash = bcrypt.generateHash(ptest); + Info ("ZM_USER TEST: BCRYPT WORKED AND PRODUCED %s", hash.c_str()); + + SHA1 sha1_checksum; + sha1_checksum.update (ptest); + hash = sha1_checksum.final(); + Info ("ZM_USER TEST: SHA1 WORKED AND PRODUCED %s", hash.c_str()); + if ( password ) { int password_length = strlen(password); char *safer_password = new char[(password_length * 2) + 1]; From 887912e7adfe16af3a47a0a50140eb972e0a5b40 Mon Sep 17 00:00:00 2001 From: Pliable Pixels Date: Wed, 1 May 2019 13:22:24 -0400 Subject: [PATCH 033/922] bcrypt auth migration in PHP land --- web/includes/auth.php | 91 ++++++++++++++++++++++++++++++++++++------- 1 file changed, 77 insertions(+), 14 deletions(-) diff --git a/web/includes/auth.php b/web/includes/auth.php index 6b061f7fc..ef1871164 100644 --- a/web/includes/auth.php +++ b/web/includes/auth.php @@ -20,16 +20,39 @@ // require_once('session.php'); +// this function migrates mysql hashing to bcrypt, if you are using PHP >= 5.5 +// will be called after successful login, only if mysql hashing is detected +function migrateHash($user, $pass) { + if (function_exists('password_hash')) { + ZM\Info ("Migrating $user to bcrypt scheme"); + // let it generate its own salt, and ensure bcrypt as PASSWORD_DEFAULT may change later + // we can modify this later to support argon2 etc as switch to its own password signature detection + $bcrypt_hash = password_hash($pass, PASSWORD_BCRYPT); + //ZM\Info ("hased bcrypt $pass is $bcrypt_hash"); + $update_password_sql = 'UPDATE Users SET Password=\''.$bcrypt_hash.'\' WHERE Username=\''.$user.'\''; + ZM\Info ($update_password_sql); + dbQuery($update_password_sql); + } + else { + // Not really an error, so an info + // there is also a compat library https://github.com/ircmaxell/password_compat + // not sure if its worth it. Do a lot of people really use PHP < 5.5? + ZM\Info ('Cannot migrate password scheme to bcrypt, as you are using PHP < 5.5'); + return; + } + +} + +// core function used to login a user to PHP. Is also used for cake sessions for the API function userLogin($username='', $password='', $passwordHashed=false) { global $user; - if ( !$username and isset($_REQUEST['username']) ) $username = $_REQUEST['username']; if ( !$password and isset($_REQUEST['password']) ) $password = $_REQUEST['password']; // if true, a popup will display after login - // PP - lets validate reCaptcha if it exists + // lets validate reCaptcha if it exists if ( defined('ZM_OPT_USE_GOOG_RECAPTCHA') && defined('ZM_OPT_GOOG_RECAPTCHA_SECRETKEY') && defined('ZM_OPT_GOOG_RECAPTCHA_SITEKEY') @@ -64,28 +87,68 @@ function userLogin($username='', $password='', $passwordHashed=false) { } // end if success==false } // end if using reCaptcha - $sql = 'SELECT * FROM Users WHERE Enabled=1'; - $sql_values = NULL; - if ( ZM_AUTH_TYPE == 'builtin' ) { - if ( $passwordHashed ) { - $sql .= ' AND Username=? AND Password=?'; - } else { - $sql .= ' AND Username=? AND Password=password(?)'; + // coming here means we need to authenticate the user + // if captcha existed, it was passed + + $sql = 'SELECT * FROM Users WHERE Enabled=1 AND Username = ?'; + $sql_values = array($username); + + // First retrieve the stored password + // and move password hashing to application space + + $saved_user_details = dbFetchOne ($sql, NULL, $sql_values); + $password_correct = false; + $password_type = NULL; + + if ($saved_user_details) { + $saved_password = $saved_user_details['Password']; + if ($saved_password[0] == '*') { + // We assume we don't need to support mysql < 4.1 + // Starting MY SQL 4.1, mysql concats a '*' in front of its password hash + // https://blog.pythian.com/hashing-algorithm-in-mysql-password-2/ + ZM\Logger::Debug ('Saved password is using MYSQL password function'); + $input_password_hash ='*'.strtoupper(sha1(sha1($password, true))); + $password_correct = ($saved_password == $input_password_hash); + $password_type = 'mysql'; + + } + else { + // bcrypt can have multiple signatures + if (preg_match('/^\$2[ayb]\$.+$/', $saved_password)) { + + ZM\Logger::Debug ('bcrypt signature found, assumed bcrypt password'); + $password_type='bcrypt'; + $password_correct = password_verify($password, $saved_password); + } + else { + // we really should nag the user not to use plain + ZM\Warning ('assuming plain text password as signature is not known. Please do not use plain, it is very insecure'); + $password_type = 'plain'; + $password_correct = ($saved_password == $password); + } + } - $sql_values = array($username, $password); } else { - $sql .= ' AND Username=?'; - $sql_values = array($username); + ZM\Error ("Could not retrieve user $username details"); + $_SESSION['loginFailed'] = true; + unset($user); + return; } + $close_session = 0; if ( !is_session_started() ) { session_start(); $close_session = 1; } $_SESSION['remoteAddr'] = $_SERVER['REMOTE_ADDR']; // To help prevent session hijacking - if ( $dbUser = dbFetchOne($sql, NULL, $sql_values) ) { + + if ($password_correct) { ZM\Info("Login successful for user \"$username\""); - $user = $dbUser; + $user = $saved_user_details; + if ($password_type == 'mysql') { + ZM\Info ('Migrating password, if possible for future logins'); + migrateHash($username, $password); + } unset($_SESSION['loginFailed']); if ( ZM_AUTH_TYPE == 'builtin' ) { $_SESSION['passwordHash'] = $user['Password']; From ddb7752226766eb8298f91bef928c59fc620f761 Mon Sep 17 00:00:00 2001 From: Pliable Pixels Date: Wed, 1 May 2019 13:24:50 -0400 Subject: [PATCH 034/922] added include path --- src/CMakeLists.txt | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/src/CMakeLists.txt b/src/CMakeLists.txt index 0aad53020..a56cb36ba 100644 --- a/src/CMakeLists.txt +++ b/src/CMakeLists.txt @@ -18,7 +18,7 @@ add_executable(zma zma.cpp) add_executable(zmu zmu.cpp) add_executable(zms zms.cpp) -#include_directories(../third_party/sha1 ../third_party/bcrypt/include/bcrypt) +include_directories(../third_party/sha1 ../third_party/bcrypt/include/bcrypt) link_directories(../third_party/bcrypt) target_link_libraries(zmc zm ${ZM_EXTRA_LIBS} ${ZM_BIN_LIBS}) From dd63fe86cedfbad6d6763905a18db1a120d0efd6 Mon Sep 17 00:00:00 2001 From: Pliable Pixels Date: Wed, 1 May 2019 13:28:39 -0400 Subject: [PATCH 035/922] add sha source --- src/CMakeLists.txt | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/src/CMakeLists.txt b/src/CMakeLists.txt index a56cb36ba..ecd42b874 100644 --- a/src/CMakeLists.txt +++ b/src/CMakeLists.txt @@ -11,7 +11,7 @@ set(ZM_BIN_SRC_FILES zm_box.cpp zm_buffer.cpp zm_camera.cpp zm_comms.cpp zm_conf set (ZM_BIN_THIRDPARTY_SRC_FILES ../third_party/sha1/sha1.cpp) # A fix for cmake recompiling the source files for every target. -add_library(zm STATIC ${ZM_BIN_SRC_FILES}) +add_library(zm STATIC ${ZM_BIN_SRC_FILES} ${ZM_BIN_THIRDPARTY_SRC_FILES}) add_executable(zmc zmc.cpp) add_executable(zma zma.cpp) From 07be830f94dbd63ac3cfd368cec8b8b899be005b Mon Sep 17 00:00:00 2001 From: Pliable Pixels Date: Wed, 1 May 2019 13:35:18 -0400 Subject: [PATCH 036/922] added bcrypt to others --- src/CMakeLists.txt | 4 ++-- 1 file changed, 2 insertions(+), 2 deletions(-) diff --git a/src/CMakeLists.txt b/src/CMakeLists.txt index ecd42b874..3abfa5266 100644 --- a/src/CMakeLists.txt +++ b/src/CMakeLists.txt @@ -21,8 +21,8 @@ add_executable(zms zms.cpp) include_directories(../third_party/sha1 ../third_party/bcrypt/include/bcrypt) link_directories(../third_party/bcrypt) -target_link_libraries(zmc zm ${ZM_EXTRA_LIBS} ${ZM_BIN_LIBS}) -target_link_libraries(zma zm ${ZM_EXTRA_LIBS} ${ZM_BIN_LIBS}) +target_link_libraries(zmc zm ${ZM_EXTRA_LIBS} ${ZM_BIN_LIBS} bcrypt) +target_link_libraries(zma zm ${ZM_EXTRA_LIBS} ${ZM_BIN_LIBS} brycpt) target_link_libraries(zmu zm ${ZM_EXTRA_LIBS} ${ZM_BIN_LIBS} bcrypt) target_link_libraries(zms zm ${ZM_EXTRA_LIBS} ${ZM_BIN_LIBS} bcrypt) From 8bbddadc12e6226b3ddfc0928873d01f46a6ee8d Mon Sep 17 00:00:00 2001 From: Pliable Pixels Date: Wed, 1 May 2019 13:43:41 -0400 Subject: [PATCH 037/922] put link_dir ahead of add_executable --- src/CMakeLists.txt | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/src/CMakeLists.txt b/src/CMakeLists.txt index 3abfa5266..8b73ae3cc 100644 --- a/src/CMakeLists.txt +++ b/src/CMakeLists.txt @@ -7,6 +7,7 @@ configure_file(zm_config.h.in "${CMAKE_CURRENT_BINARY_DIR}/zm_config.h" @ONLY) set(ZM_BIN_SRC_FILES zm_box.cpp zm_buffer.cpp zm_camera.cpp zm_comms.cpp zm_config.cpp zm_coord.cpp zm_curl_camera.cpp zm.cpp zm_db.cpp zm_logger.cpp zm_event.cpp zm_frame.cpp zm_eventstream.cpp zm_exception.cpp zm_file_camera.cpp zm_ffmpeg_input.cpp zm_ffmpeg_camera.cpp zm_group.cpp zm_image.cpp zm_jpeg.cpp zm_libvlc_camera.cpp zm_local_camera.cpp zm_monitor.cpp zm_monitorstream.cpp zm_ffmpeg.cpp zm_mpeg.cpp zm_packet.cpp zm_packetqueue.cpp zm_poly.cpp zm_regexp.cpp zm_remote_camera.cpp zm_remote_camera_http.cpp zm_remote_camera_nvsocket.cpp zm_remote_camera_rtsp.cpp zm_rtp.cpp zm_rtp_ctrl.cpp zm_rtp_data.cpp zm_rtp_source.cpp zm_rtsp.cpp zm_rtsp_auth.cpp zm_sdp.cpp zm_signal.cpp zm_stream.cpp zm_swscale.cpp zm_thread.cpp zm_time.cpp zm_timer.cpp zm_user.cpp zm_utils.cpp zm_video.cpp zm_videostore.cpp zm_zone.cpp zm_storage.cpp) +link_directories(../third_party/bcrypt) # includes and linkages to 3rd party libraries/src set (ZM_BIN_THIRDPARTY_SRC_FILES ../third_party/sha1/sha1.cpp) @@ -19,7 +20,6 @@ add_executable(zmu zmu.cpp) add_executable(zms zms.cpp) include_directories(../third_party/sha1 ../third_party/bcrypt/include/bcrypt) -link_directories(../third_party/bcrypt) target_link_libraries(zmc zm ${ZM_EXTRA_LIBS} ${ZM_BIN_LIBS} bcrypt) target_link_libraries(zma zm ${ZM_EXTRA_LIBS} ${ZM_BIN_LIBS} brycpt) From ca24b504d42a44e1effad5e0493ff5cbea30987a Mon Sep 17 00:00:00 2001 From: Pliable Pixels Date: Wed, 1 May 2019 13:46:54 -0400 Subject: [PATCH 038/922] fixed typo --- src/CMakeLists.txt | 6 +++--- 1 file changed, 3 insertions(+), 3 deletions(-) diff --git a/src/CMakeLists.txt b/src/CMakeLists.txt index 8b73ae3cc..bba97d661 100644 --- a/src/CMakeLists.txt +++ b/src/CMakeLists.txt @@ -7,12 +7,12 @@ configure_file(zm_config.h.in "${CMAKE_CURRENT_BINARY_DIR}/zm_config.h" @ONLY) set(ZM_BIN_SRC_FILES zm_box.cpp zm_buffer.cpp zm_camera.cpp zm_comms.cpp zm_config.cpp zm_coord.cpp zm_curl_camera.cpp zm.cpp zm_db.cpp zm_logger.cpp zm_event.cpp zm_frame.cpp zm_eventstream.cpp zm_exception.cpp zm_file_camera.cpp zm_ffmpeg_input.cpp zm_ffmpeg_camera.cpp zm_group.cpp zm_image.cpp zm_jpeg.cpp zm_libvlc_camera.cpp zm_local_camera.cpp zm_monitor.cpp zm_monitorstream.cpp zm_ffmpeg.cpp zm_mpeg.cpp zm_packet.cpp zm_packetqueue.cpp zm_poly.cpp zm_regexp.cpp zm_remote_camera.cpp zm_remote_camera_http.cpp zm_remote_camera_nvsocket.cpp zm_remote_camera_rtsp.cpp zm_rtp.cpp zm_rtp_ctrl.cpp zm_rtp_data.cpp zm_rtp_source.cpp zm_rtsp.cpp zm_rtsp_auth.cpp zm_sdp.cpp zm_signal.cpp zm_stream.cpp zm_swscale.cpp zm_thread.cpp zm_time.cpp zm_timer.cpp zm_user.cpp zm_utils.cpp zm_video.cpp zm_videostore.cpp zm_zone.cpp zm_storage.cpp) -link_directories(../third_party/bcrypt) # includes and linkages to 3rd party libraries/src set (ZM_BIN_THIRDPARTY_SRC_FILES ../third_party/sha1/sha1.cpp) # A fix for cmake recompiling the source files for every target. add_library(zm STATIC ${ZM_BIN_SRC_FILES} ${ZM_BIN_THIRDPARTY_SRC_FILES}) +link_directories(../third_party/bcrypt) add_executable(zmc zmc.cpp) add_executable(zma zma.cpp) @@ -21,8 +21,8 @@ add_executable(zms zms.cpp) include_directories(../third_party/sha1 ../third_party/bcrypt/include/bcrypt) -target_link_libraries(zmc zm ${ZM_EXTRA_LIBS} ${ZM_BIN_LIBS} bcrypt) -target_link_libraries(zma zm ${ZM_EXTRA_LIBS} ${ZM_BIN_LIBS} brycpt) +target_link_libraries(zmc zm ${ZM_EXTRA_LIBS} ${ZM_BIN_LIBS}) +target_link_libraries(zma zm ${ZM_EXTRA_LIBS} ${ZM_BIN_LIBS}) target_link_libraries(zmu zm ${ZM_EXTRA_LIBS} ${ZM_BIN_LIBS} bcrypt) target_link_libraries(zms zm ${ZM_EXTRA_LIBS} ${ZM_BIN_LIBS} bcrypt) From c663246f0a003e3f000a6615996fea5cb248c412 Mon Sep 17 00:00:00 2001 From: Pliable Pixels Date: Wed, 1 May 2019 14:22:10 -0400 Subject: [PATCH 039/922] try add_library instead --- CMakeLists.txt | 2 +- src/CMakeLists.txt | 5 ++++- 2 files changed, 5 insertions(+), 2 deletions(-) diff --git a/CMakeLists.txt b/CMakeLists.txt index 5d8506cc0..d2e01a7e8 100644 --- a/CMakeLists.txt +++ b/CMakeLists.txt @@ -870,7 +870,7 @@ include(Pod2Man) ADD_MANPAGE_TARGET() # Process subdirectories -add_subdirectory(third_party/bcrypt) +#add_subdirectory(third_party/bcrypt) add_subdirectory(src) add_subdirectory(scripts) add_subdirectory(db) diff --git a/src/CMakeLists.txt b/src/CMakeLists.txt index bba97d661..c64fd9778 100644 --- a/src/CMakeLists.txt +++ b/src/CMakeLists.txt @@ -9,10 +9,13 @@ set(ZM_BIN_SRC_FILES zm_box.cpp zm_buffer.cpp zm_camera.cpp zm_comms.cpp zm_conf # includes and linkages to 3rd party libraries/src set (ZM_BIN_THIRDPARTY_SRC_FILES ../third_party/sha1/sha1.cpp) +add_library(bcrypt GLOBAL SHARED IMPORTED) +set_target_properties( bcrypt PROPERTIES IMPORTED_LOCATION ../third_party/bcrypt/libbcrypt.so ) + # A fix for cmake recompiling the source files for every target. add_library(zm STATIC ${ZM_BIN_SRC_FILES} ${ZM_BIN_THIRDPARTY_SRC_FILES}) -link_directories(../third_party/bcrypt) +#link_directories(../third_party/bcrypt) add_executable(zmc zmc.cpp) add_executable(zma zma.cpp) From 65a57feedbc3d5a7b31c6c332feaeb7c5f18152f Mon Sep 17 00:00:00 2001 From: Pliable Pixels Date: Wed, 1 May 2019 14:30:00 -0400 Subject: [PATCH 040/922] absolute path --- CMakeLists.txt | 2 +- src/CMakeLists.txt | 2 +- 2 files changed, 2 insertions(+), 2 deletions(-) diff --git a/CMakeLists.txt b/CMakeLists.txt index d2e01a7e8..5d8506cc0 100644 --- a/CMakeLists.txt +++ b/CMakeLists.txt @@ -870,7 +870,7 @@ include(Pod2Man) ADD_MANPAGE_TARGET() # Process subdirectories -#add_subdirectory(third_party/bcrypt) +add_subdirectory(third_party/bcrypt) add_subdirectory(src) add_subdirectory(scripts) add_subdirectory(db) diff --git a/src/CMakeLists.txt b/src/CMakeLists.txt index c64fd9778..41403d9ab 100644 --- a/src/CMakeLists.txt +++ b/src/CMakeLists.txt @@ -15,7 +15,7 @@ set_target_properties( bcrypt PROPERTIES IMPORTED_LOCATION ../third_party/bcrypt # A fix for cmake recompiling the source files for every target. add_library(zm STATIC ${ZM_BIN_SRC_FILES} ${ZM_BIN_THIRDPARTY_SRC_FILES}) -#link_directories(../third_party/bcrypt) +link_directories(/home/pp/source/pp_ZoneMinder.git/third_party/bcrypt) add_executable(zmc zmc.cpp) add_executable(zma zma.cpp) From 45b78141243c986179b65d00aee369db5b0c241d Mon Sep 17 00:00:00 2001 From: Pliable Pixels Date: Wed, 1 May 2019 14:33:36 -0400 Subject: [PATCH 041/922] absolute path --- src/CMakeLists.txt | 2 -- 1 file changed, 2 deletions(-) diff --git a/src/CMakeLists.txt b/src/CMakeLists.txt index 41403d9ab..c45faf232 100644 --- a/src/CMakeLists.txt +++ b/src/CMakeLists.txt @@ -9,8 +9,6 @@ set(ZM_BIN_SRC_FILES zm_box.cpp zm_buffer.cpp zm_camera.cpp zm_comms.cpp zm_conf # includes and linkages to 3rd party libraries/src set (ZM_BIN_THIRDPARTY_SRC_FILES ../third_party/sha1/sha1.cpp) -add_library(bcrypt GLOBAL SHARED IMPORTED) -set_target_properties( bcrypt PROPERTIES IMPORTED_LOCATION ../third_party/bcrypt/libbcrypt.so ) # A fix for cmake recompiling the source files for every target. From 8b1565c41d1211e25852e2f1caa85d19432e714e Mon Sep 17 00:00:00 2001 From: Isaac Connor Date: Thu, 2 May 2019 10:52:19 -0400 Subject: [PATCH 042/922] Change pid path to /run/zm/zm.pid instead of /var/run/zm/zm.pid. systemd now complains about the use of a legacy directory, so this quiets that. --- distros/ubuntu1604/zoneminder.service | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/distros/ubuntu1604/zoneminder.service b/distros/ubuntu1604/zoneminder.service index ac719b733..cb2d6791e 100644 --- a/distros/ubuntu1604/zoneminder.service +++ b/distros/ubuntu1604/zoneminder.service @@ -13,7 +13,7 @@ Type=forking ExecStart=/usr/bin/zmpkg.pl start ExecReload=/usr/bin/zmpkg.pl restart ExecStop=/usr/bin/zmpkg.pl stop -PIDFile=/var/run/zm/zm.pid +PIDFile=/run/zm/zm.pid Restart=always RestartSec=10 Environment=TZ=:/etc/localtime From d252a8ba306a47f8b8d35d6d35905971a8e7ad1b Mon Sep 17 00:00:00 2001 From: Pliable Pixels Date: Thu, 2 May 2019 10:52:21 -0400 Subject: [PATCH 043/922] build bcrypt as static --- CMakeLists.txt | 6 ++++++ 1 file changed, 6 insertions(+) diff --git a/CMakeLists.txt b/CMakeLists.txt index 5d8506cc0..0973f8726 100644 --- a/CMakeLists.txt +++ b/CMakeLists.txt @@ -870,7 +870,13 @@ include(Pod2Man) ADD_MANPAGE_TARGET() # Process subdirectories + +# build a bcrypt static library +set(BUILD_SHARED_LIBS_SAVED "${BUILD_SHARED_LIBS}") +set(BUILD_SHARED_LIBS OFF) add_subdirectory(third_party/bcrypt) +set(BUILD_SHARED_LIBS "${BUILD_SHARED_LIBS_SAVED}") + add_subdirectory(src) add_subdirectory(scripts) add_subdirectory(db) From 8733f89b297da43414e62ec3c52d3f0b76b76198 Mon Sep 17 00:00:00 2001 From: Andrew Bauer Date: Thu, 2 May 2019 20:09:15 -0500 Subject: [PATCH 044/922] eol f27 support --- .travis.yml | 1 - 1 file changed, 1 deletion(-) diff --git a/.travis.yml b/.travis.yml index 6c41f1123..80541eaab 100644 --- a/.travis.yml +++ b/.travis.yml @@ -33,7 +33,6 @@ install: env: - SMPFLAGS=-j4 OS=el DIST=7 - - SMPFLAGS=-j4 OS=fedora DIST=27 DOCKER_REPO=knnniggett/packpack - SMPFLAGS=-j4 OS=fedora DIST=28 DOCKER_REPO=knnniggett/packpack - SMPFLAGS=-j4 OS=fedora DIST=29 DOCKER_REPO=knnniggett/packpack - SMPFLAGS=-j4 OS=ubuntu DIST=trusty From fee95c23166231d8607fb1ce534adaa618554bce Mon Sep 17 00:00:00 2001 From: Isaac Connor Date: Fri, 3 May 2019 09:04:31 -0400 Subject: [PATCH 045/922] ifdef HAVE_ZLIB_H around code that uses Image->Zip --- src/zm_monitorstream.cpp | 8 ++++++++ src/zm_monitorstream.h | 2 ++ 2 files changed, 10 insertions(+) diff --git a/src/zm_monitorstream.cpp b/src/zm_monitorstream.cpp index 0b2811656..124994a48 100644 --- a/src/zm_monitorstream.cpp +++ b/src/zm_monitorstream.cpp @@ -394,10 +394,15 @@ bool MonitorStream::sendFrame(Image *image, struct timeval *timestamp) { img_buffer_size = send_image->Size(); break; case STREAM_ZIP : +#if HAVE_ZLIB_H fputs("Content-Type: image/x-rgbz\r\n",stdout); unsigned long zip_buffer_size; send_image->Zip(img_buffer, &zip_buffer_size); img_buffer_size = zip_buffer_size; +#else + Error("zlib is required for zipped images. Falling back to raw image"); + type = STREAM_RAW; +#endif // HAVE_ZLIB_H break; default : Error("Unexpected frame type %d", type); @@ -794,6 +799,8 @@ void MonitorStream::SingleImageRaw( int scale ) { fwrite( snap_image->Buffer(), snap_image->Size(), 1, stdout ); } + +#ifdef HAVE_ZLIB_H void MonitorStream::SingleImageZip( int scale ) { unsigned long img_buffer_size = 0; static Bytef img_buffer[ZM_MAX_IMAGE_SIZE]; @@ -816,3 +823,4 @@ void MonitorStream::SingleImageZip( int scale ) { fprintf( stdout, "Content-Type: image/x-rgbz\r\n\r\n" ); fwrite( img_buffer, img_buffer_size, 1, stdout ); } +#endif // HAVE_ZLIB_H diff --git a/src/zm_monitorstream.h b/src/zm_monitorstream.h index f3351d3b7..e120331af 100644 --- a/src/zm_monitorstream.h +++ b/src/zm_monitorstream.h @@ -55,7 +55,9 @@ class MonitorStream : public StreamBase { void processCommand( const CmdMsg *msg ); void SingleImage( int scale=100 ); void SingleImageRaw( int scale=100 ); +#ifdef HAVE_ZLIB_H void SingleImageZip( int scale=100 ); +#endif public: MonitorStream() : From f6b6daafab5cc78c6cef46a20ed4d639ba5ec9f9 Mon Sep 17 00:00:00 2001 From: Isaac Connor Date: Fri, 3 May 2019 09:41:29 -0400 Subject: [PATCH 046/922] close and reopen event when we hit section_length --- src/zm_monitor.cpp | 2 ++ 1 file changed, 2 insertions(+) diff --git a/src/zm_monitor.cpp b/src/zm_monitor.cpp index 2987d08f2..53efd1485 100644 --- a/src/zm_monitor.cpp +++ b/src/zm_monitor.cpp @@ -1725,6 +1725,8 @@ bool Monitor::Analyse() { timestamp->tv_sec - video_store_data->recording.tv_sec, section_length ); + closeEvent(); + event = new Event(this, *timestamp, cause, noteSetMap); } } // end if event From 74bd8126321d8f985d21fc4f8c5049a46145f26b Mon Sep 17 00:00:00 2001 From: Andrew Bauer Date: Fri, 3 May 2019 09:07:19 -0500 Subject: [PATCH 047/922] rpm packaging - buildrequire zlib-devel --- distros/redhat/zoneminder.spec | 1 + 1 file changed, 1 insertion(+) diff --git a/distros/redhat/zoneminder.spec b/distros/redhat/zoneminder.spec index 8e542f658..f22b518f9 100644 --- a/distros/redhat/zoneminder.spec +++ b/distros/redhat/zoneminder.spec @@ -73,6 +73,7 @@ BuildRequires: libcurl-devel BuildRequires: libv4l-devel BuildRequires: desktop-file-utils BuildRequires: gzip +BuildRequires: zlib-devel # ZoneMinder looks for and records the location of the ffmpeg binary during build BuildRequires: ffmpeg From 72325d12b72b37a861d0f951900a629b1a0effb2 Mon Sep 17 00:00:00 2001 From: Pliable Pixels Date: Fri, 3 May 2019 11:40:35 -0400 Subject: [PATCH 048/922] move to wrapper --- .gitmodules | 3 -- src/CMakeLists.txt | 2 +- src/zm_crypt.cpp | 74 ++++++++++++++++++++++++++++++++++++++++++++++ src/zm_crypt.h | 29 ++++++++++++++++++ src/zm_user.cpp | 49 ++++++++++++------------------ 5 files changed, 123 insertions(+), 34 deletions(-) create mode 100644 src/zm_crypt.cpp create mode 100644 src/zm_crypt.h diff --git a/.gitmodules b/.gitmodules index 473f65c73..978afe56a 100644 --- a/.gitmodules +++ b/.gitmodules @@ -5,9 +5,6 @@ [submodule "web/api/app/Plugin/CakePHP-Enum-Behavior"] path = web/api/app/Plugin/CakePHP-Enum-Behavior url = https://github.com/ZoneMinder/CakePHP-Enum-Behavior.git -[submodule "third_party/bcrypt"] - path = third_party/bcrypt - url = https://github.com/trusch/libbcrypt [submodule "third_party/sha1"] path = third_party/sha1 url = https://github.com/vog/sha1 diff --git a/src/CMakeLists.txt b/src/CMakeLists.txt index c45faf232..4a55ce095 100644 --- a/src/CMakeLists.txt +++ b/src/CMakeLists.txt @@ -4,7 +4,7 @@ configure_file(zm_config.h.in "${CMAKE_CURRENT_BINARY_DIR}/zm_config.h" @ONLY) # Group together all the source files that are used by all the binaries (zmc, zma, zmu, zms etc) -set(ZM_BIN_SRC_FILES zm_box.cpp zm_buffer.cpp zm_camera.cpp zm_comms.cpp zm_config.cpp zm_coord.cpp zm_curl_camera.cpp zm.cpp zm_db.cpp zm_logger.cpp zm_event.cpp zm_frame.cpp zm_eventstream.cpp zm_exception.cpp zm_file_camera.cpp zm_ffmpeg_input.cpp zm_ffmpeg_camera.cpp zm_group.cpp zm_image.cpp zm_jpeg.cpp zm_libvlc_camera.cpp zm_local_camera.cpp zm_monitor.cpp zm_monitorstream.cpp zm_ffmpeg.cpp zm_mpeg.cpp zm_packet.cpp zm_packetqueue.cpp zm_poly.cpp zm_regexp.cpp zm_remote_camera.cpp zm_remote_camera_http.cpp zm_remote_camera_nvsocket.cpp zm_remote_camera_rtsp.cpp zm_rtp.cpp zm_rtp_ctrl.cpp zm_rtp_data.cpp zm_rtp_source.cpp zm_rtsp.cpp zm_rtsp_auth.cpp zm_sdp.cpp zm_signal.cpp zm_stream.cpp zm_swscale.cpp zm_thread.cpp zm_time.cpp zm_timer.cpp zm_user.cpp zm_utils.cpp zm_video.cpp zm_videostore.cpp zm_zone.cpp zm_storage.cpp) +set(ZM_BIN_SRC_FILES zm_box.cpp zm_buffer.cpp zm_camera.cpp zm_comms.cpp zm_config.cpp zm_coord.cpp zm_curl_camera.cpp zm.cpp zm_db.cpp zm_logger.cpp zm_event.cpp zm_frame.cpp zm_eventstream.cpp zm_exception.cpp zm_file_camera.cpp zm_ffmpeg_input.cpp zm_ffmpeg_camera.cpp zm_group.cpp zm_image.cpp zm_jpeg.cpp zm_libvlc_camera.cpp zm_local_camera.cpp zm_monitor.cpp zm_monitorstream.cpp zm_ffmpeg.cpp zm_mpeg.cpp zm_packet.cpp zm_packetqueue.cpp zm_poly.cpp zm_regexp.cpp zm_remote_camera.cpp zm_remote_camera_http.cpp zm_remote_camera_nvsocket.cpp zm_remote_camera_rtsp.cpp zm_rtp.cpp zm_rtp_ctrl.cpp zm_rtp_data.cpp zm_rtp_source.cpp zm_rtsp.cpp zm_rtsp_auth.cpp zm_sdp.cpp zm_signal.cpp zm_stream.cpp zm_swscale.cpp zm_thread.cpp zm_time.cpp zm_timer.cpp zm_user.cpp zm_utils.cpp zm_video.cpp zm_videostore.cpp zm_zone.cpp zm_storage.cpp zm_crypt.cpp) # includes and linkages to 3rd party libraries/src diff --git a/src/zm_crypt.cpp b/src/zm_crypt.cpp new file mode 100644 index 000000000..9a8cee0ad --- /dev/null +++ b/src/zm_crypt.cpp @@ -0,0 +1,74 @@ +#include "zm.h" +# include "zm_crypt.h" +#include + + + +//https://stackoverflow.com/a/46403026/1361529 +char char2int(char input) { + if (input >= '0' && input <= '9') + return input - '0'; + else if (input >= 'A' && input <= 'F') + return input - 'A' + 10; + else if (input >= 'a' && input <= 'f') + return input - 'a' + 10; + else + return input; // this really should not happen + +} +std::string hex2str(std::string &hex) { + std::string out; + out.resize(hex.size() / 2 + hex.size() % 2); + std::string::iterator it = hex.begin(); + std::string::iterator out_it = out.begin(); + if (hex.size() % 2 != 0) { + *out_it++ = char(char2int(*it++)); + } + + for (; it < hex.end() - 1; it++) { + *out_it++ = char2int(*it++) << 4 | char2int(*it); + }; + + return out; +} + + +bool verifyPassword(const char *input_password, const char *db_password_hash) { + bool password_correct = false; + if (strlen(db_password_hash ) < 4) { + // actually, shoud be more, but this is min. for next code + Error ("DB Password is too short or invalid to check"); + return false; + } + if (db_password_hash[0] == '*') { + // MYSQL PASSWORD + Info ("%s is an MD5 encoded password", db_password_hash); + SHA1 checksum; + + // next few lines do '*'+SHA1(raw(SHA1(password))) + // which is MYSQL >=4.1 PASSWORD algorithm + checksum.update(input_password); + std::string interim_hash = checksum.final(); + std::string binary_hash = hex2str(interim_hash); // get interim hash + checksum.update(binary_hash); + interim_hash = checksum.final(); + std::string final_hash = "*" + interim_hash; + std::transform(final_hash.begin(), final_hash.end(), final_hash.begin(), ::toupper); + + Info ("Computed password_hash:%s, stored password_hash:%s", final_hash.c_str(), db_password_hash); + password_correct = (std::string(db_password_hash) == final_hash); + } + else if ((db_password_hash[0] == '$') && (db_password_hash[1]== '2') + &&(db_password_hash[3] == '$')) { + // BCRYPT + Info ("%s is a Bcrypt password", db_password_hash); + BCrypt bcrypt; + std::string input_hash = bcrypt.generateHash(std::string(input_password)); + password_correct = bcrypt.validatePassword(std::string(input_password), std::string(db_password_hash)); + } + else { + // plain + password_correct = (strcmp(input_password, db_password_hash) == 0); + } + return password_correct; +} \ No newline at end of file diff --git a/src/zm_crypt.h b/src/zm_crypt.h new file mode 100644 index 000000000..b893f7940 --- /dev/null +++ b/src/zm_crypt.h @@ -0,0 +1,29 @@ +// +// ZoneMinder General Utility Functions, $Date$, $Revision$ +// Copyright (C) 2001-2008 Philip Coombes +// +// This program is free software; you can redistribute it and/or +// modify it under the terms of the GNU General Public License +// as published by the Free Software Foundation; either version 2 +// of the License, or (at your option) any later version. +// +// This program is distributed in the hope that it will be useful, +// but WITHOUT ANY WARRANTY; without even the implied warranty of +// MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the +// GNU General Public License for more details. +// +// You should have received a copy of the GNU General Public License +// along with this program; if not, write to the Free Software +// Foundation, Inc., 51 Franklin Street, Fifth Floor, Boston, MA 02110-1301 USA. +// + +#ifndef ZM_CRYPT_H +#define ZM_CRYPT_H + +#include +#include "BCrypt.hpp" +#include "sha1.hpp" + +bool verifyPassword( const char *input_password, const char *db_password_hash); + +#endif // ZM_CRYPT_H \ No newline at end of file diff --git a/src/zm_user.cpp b/src/zm_user.cpp index a710188cc..d6194b802 100644 --- a/src/zm_user.cpp +++ b/src/zm_user.cpp @@ -26,10 +26,10 @@ #include #include #include -#include "BCrypt.hpp" -#include "sha1.hpp" + #include "zm_utils.h" +#include "zm_crypt.h" User::User() { id = 0; @@ -97,34 +97,15 @@ User *zmLoadUser( const char *username, const char *password ) { // According to docs, size of safer_whatever must be 2*length+1 due to unicode conversions + null terminator. mysql_real_escape_string(&dbconn, safer_username, username, username_length ); - BCrypt bcrypt; - std::string ptest = "test"; - std::string hash = bcrypt.generateHash(ptest); - Info ("ZM_USER TEST: BCRYPT WORKED AND PRODUCED %s", hash.c_str()); - SHA1 sha1_checksum; - sha1_checksum.update (ptest); - hash = sha1_checksum.final(); - Info ("ZM_USER TEST: SHA1 WORKED AND PRODUCED %s", hash.c_str()); + snprintf(sql, sizeof(sql), + "SELECT Id, Username, Password, Enabled, Stream+0, Events+0, Control+0, Monitors+0, System+0, MonitorIds" + " FROM Users where Username = '%s' and Enabled = 1", safer_username ); - if ( password ) { - int password_length = strlen(password); - char *safer_password = new char[(password_length * 2) + 1]; - mysql_real_escape_string(&dbconn, safer_password, password, password_length); - snprintf(sql, sizeof(sql), - "SELECT Id, Username, Password, Enabled, Stream+0, Events+0, Control+0, Monitors+0, System+0, MonitorIds" - " FROM Users WHERE Username = '%s' AND Password = password('%s') AND Enabled = 1", - safer_username, safer_password ); - delete safer_password; - } else { - snprintf(sql, sizeof(sql), - "SELECT Id, Username, Password, Enabled, Stream+0, Events+0, Control+0, Monitors+0, System+0, MonitorIds" - " FROM Users where Username = '%s' and Enabled = 1", safer_username ); - } if ( mysql_query(&dbconn, sql) ) { Error("Can't run query: %s", mysql_error(&dbconn)); - exit(mysql_errno(&dbconn)); + exit(mysql_errno(&dbconn)); } MYSQL_RES *result = mysql_store_result(&dbconn); @@ -143,12 +124,20 @@ User *zmLoadUser( const char *username, const char *password ) { MYSQL_ROW dbrow = mysql_fetch_row(result); User *user = new User(dbrow); - Info("Authenticated user '%s'", user->getUsername()); + Info ("Retrieved password for user:%s as %s", user->getUsername(), user->getPassword()); - mysql_free_result(result); - delete safer_username; - - return user; + if (verifyPassword(password, user->getPassword())) { + Info("Authenticated user '%s'", user->getUsername()); + mysql_free_result(result); + delete safer_username; + return user; + } + else { + Warning("Unable to authenticate user %s", username); + mysql_free_result(result); + return NULL; + } + } // Function to validate an authentication string From 18c5b2da2aec6b04c61112bfeef807e14c67feef Mon Sep 17 00:00:00 2001 From: Pliable Pixels Date: Fri, 3 May 2019 11:43:38 -0400 Subject: [PATCH 049/922] move to fork --- .gitmodules | 3 +++ third_party/bcrypt | 2 +- 2 files changed, 4 insertions(+), 1 deletion(-) diff --git a/.gitmodules b/.gitmodules index 978afe56a..c4cc3d6d1 100644 --- a/.gitmodules +++ b/.gitmodules @@ -8,3 +8,6 @@ [submodule "third_party/sha1"] path = third_party/sha1 url = https://github.com/vog/sha1 +[submodule "third_party/bcrypt"] + path = third_party/bcrypt + url = https://github.com/pliablepixels/libbcrypt diff --git a/third_party/bcrypt b/third_party/bcrypt index 180cd3372..be171cd75 160000 --- a/third_party/bcrypt +++ b/third_party/bcrypt @@ -1 +1 @@ -Subproject commit 180cd3372609b2539fe9c916f15c8ef8a2aef5f2 +Subproject commit be171cd75dd65e06315a67c7dcdb8e1bbc1dabd4 From ca2e7ea97c953b11cbd8261227d7b598ef05640f Mon Sep 17 00:00:00 2001 From: Pliable Pixels Date: Fri, 3 May 2019 12:01:13 -0400 Subject: [PATCH 050/922] logs tweak --- src/zm_crypt.cpp | 9 +++++---- src/zm_crypt.h | 2 +- src/zm_user.cpp | 5 ++--- 3 files changed, 8 insertions(+), 8 deletions(-) diff --git a/src/zm_crypt.cpp b/src/zm_crypt.cpp index 9a8cee0ad..19fa6dd9d 100644 --- a/src/zm_crypt.cpp +++ b/src/zm_crypt.cpp @@ -33,7 +33,7 @@ std::string hex2str(std::string &hex) { } -bool verifyPassword(const char *input_password, const char *db_password_hash) { +bool verifyPassword(const char *username, const char *input_password, const char *db_password_hash) { bool password_correct = false; if (strlen(db_password_hash ) < 4) { // actually, shoud be more, but this is min. for next code @@ -42,7 +42,7 @@ bool verifyPassword(const char *input_password, const char *db_password_hash) { } if (db_password_hash[0] == '*') { // MYSQL PASSWORD - Info ("%s is an MD5 encoded password", db_password_hash); + Info ("%s is using an MD5 encoded password", username); SHA1 checksum; // next few lines do '*'+SHA1(raw(SHA1(password))) @@ -55,19 +55,20 @@ bool verifyPassword(const char *input_password, const char *db_password_hash) { std::string final_hash = "*" + interim_hash; std::transform(final_hash.begin(), final_hash.end(), final_hash.begin(), ::toupper); - Info ("Computed password_hash:%s, stored password_hash:%s", final_hash.c_str(), db_password_hash); + Debug (5, "Computed password_hash:%s, stored password_hash:%s", final_hash.c_str(), db_password_hash); password_correct = (std::string(db_password_hash) == final_hash); } else if ((db_password_hash[0] == '$') && (db_password_hash[1]== '2') &&(db_password_hash[3] == '$')) { // BCRYPT - Info ("%s is a Bcrypt password", db_password_hash); + Info ("%s is using a bcrypt encoded password", username); BCrypt bcrypt; std::string input_hash = bcrypt.generateHash(std::string(input_password)); password_correct = bcrypt.validatePassword(std::string(input_password), std::string(db_password_hash)); } else { // plain + Warning ("%s is using a plain text password, please do not use plain text", username); password_correct = (strcmp(input_password, db_password_hash) == 0); } return password_correct; diff --git a/src/zm_crypt.h b/src/zm_crypt.h index b893f7940..ad4aa06da 100644 --- a/src/zm_crypt.h +++ b/src/zm_crypt.h @@ -24,6 +24,6 @@ #include "BCrypt.hpp" #include "sha1.hpp" -bool verifyPassword( const char *input_password, const char *db_password_hash); +bool verifyPassword( const char *username, const char *input_password, const char *db_password_hash); #endif // ZM_CRYPT_H \ No newline at end of file diff --git a/src/zm_user.cpp b/src/zm_user.cpp index d6194b802..8766a2e8f 100644 --- a/src/zm_user.cpp +++ b/src/zm_user.cpp @@ -124,9 +124,8 @@ User *zmLoadUser( const char *username, const char *password ) { MYSQL_ROW dbrow = mysql_fetch_row(result); User *user = new User(dbrow); - Info ("Retrieved password for user:%s as %s", user->getUsername(), user->getPassword()); - - if (verifyPassword(password, user->getPassword())) { + + if (verifyPassword(username, password, user->getPassword())) { Info("Authenticated user '%s'", user->getUsername()); mysql_free_result(result); delete safer_username; From aec8311debef43c2af0945c544018908d9834585 Mon Sep 17 00:00:00 2001 From: Isaac Connor Date: Fri, 3 May 2019 13:48:05 -0400 Subject: [PATCH 051/922] implement sorting incoming packets in the packetqueue --- src/zm_ffmpeg.cpp | 24 ++++++++++++++ src/zm_ffmpeg.h | 1 + src/zm_packetqueue.cpp | 74 ++++++++++++++++++++++++++++++++++++------ 3 files changed, 89 insertions(+), 10 deletions(-) diff --git a/src/zm_ffmpeg.cpp b/src/zm_ffmpeg.cpp index d49210cbf..98509f92f 100644 --- a/src/zm_ffmpeg.cpp +++ b/src/zm_ffmpeg.cpp @@ -571,3 +571,27 @@ void dumpPacket(AVStream *stream, AVPacket *pkt, const char *text) { pkt->duration); Debug(2, "%s:%d:%s: %s", __FILE__, __LINE__, text, b); } + +void dumpPacket(AVPacket *pkt, const char *text) { + char b[10240]; + + snprintf(b, sizeof(b), + " pts: %" PRId64 ", dts: %" PRId64 + ", size: %d, stream_index: %d, flags: %04x, keyframe(%d) pos: %" PRId64 + ", duration: %" +#if LIBAVCODEC_VERSION_CHECK(57, 64, 0, 64, 0) + PRId64 +#else + "d" +#endif + "\n", + pkt->pts, + pkt->dts, + pkt->size, + pkt->stream_index, + pkt->flags, + pkt->flags & AV_PKT_FLAG_KEY, + pkt->pos, + pkt->duration); + Debug(2, "%s:%d:%s: %s", __FILE__, __LINE__, text, b); +} diff --git a/src/zm_ffmpeg.h b/src/zm_ffmpeg.h index 37a239509..7c4414db0 100644 --- a/src/zm_ffmpeg.h +++ b/src/zm_ffmpeg.h @@ -333,4 +333,5 @@ bool is_audio_context(AVCodec *); int zm_receive_frame( AVCodecContext *context, AVFrame *frame, AVPacket &packet ); void dumpPacket(AVStream *, AVPacket *,const char *text=""); +void dumpPacket(AVPacket *,const char *text=""); #endif // ZM_FFMPEG_H diff --git a/src/zm_packetqueue.cpp b/src/zm_packetqueue.cpp index 485ef8ffa..b5e53499a 100644 --- a/src/zm_packetqueue.cpp +++ b/src/zm_packetqueue.cpp @@ -35,19 +35,73 @@ zm_packetqueue::~zm_packetqueue() { } bool zm_packetqueue::queuePacket(ZMPacket* zm_packet) { - pktQueue.push_back(zm_packet); - packet_counts[zm_packet->packet.stream_index] += 1; - return true; -} + + if ( + ( zm_packet->packet.dts == AV_NOPTS_VALUE ) + || + ( packet_counts[zm_packet->packet.stream_index] <= 0 ) + ) { + Debug(2,"Inserting packet with dts %" PRId64 " because queue is empty or invalid dts", zm_packet->packet.dts); + // No dts value, can't so much with it + pktQueue.push_back(zm_packet); + packet_counts[zm_packet->packet.stream_index] += 1; + return true; + } + + std::list::reverse_iterator it = pktQueue.rbegin(); + + // Scan through the queue looking for a packet for our stream with a dts <= ours. + while ( it != pktQueue.rend() ) { + AVPacket *av_packet = &((*it)->packet); + + Debug(2, "Looking at packet with stream index (%d) with dts %" PRId64, + av_packet->stream_index, av_packet->dts); + if ( + ( av_packet->stream_index == zm_packet->packet.stream_index ) + && + ( av_packet->dts != AV_NOPTS_VALUE ) + && + ( av_packet->dts <= zm_packet->packet.dts) + ) { + Debug(2, "break packet with stream index (%d) with dts %" PRId64, + (*it)->packet.stream_index, (*it)->packet.dts); + break; + } + it++; + } // end while not the end of the queue + + if ( it != pktQueue.rend() ) { + Debug(2, "Found packet with stream index (%d) with dts %" PRId64, + (*it)->packet.stream_index, (*it)->packet.dts); + //it --; + //Debug(2, "Found packet with stream index (%d) with dts %" PRId64, + //(*it)->packet.stream_index, (*it)->packet.dts); + if ( it == pktQueue.rbegin() ) { + Debug(2,"Inserting packet with dts %" PRId64 " at end", zm_packet->packet.dts); + // No dts value, can't so much with it + pktQueue.push_back(zm_packet); + packet_counts[zm_packet->packet.stream_index] += 1; + return true; + } + // Convert to a forward iterator so that we can insert at end + std::list::iterator f_it = it.base(); + + Debug(2, "Insert packet with stream index (%d) with dts %" PRId64 " for dts %" PRId64, + (*f_it)->packet.stream_index, (*f_it)->packet.dts, zm_packet->packet.dts); + + pktQueue.insert(f_it, zm_packet); + + packet_counts[zm_packet->packet.stream_index] += 1; + return true; + } + Warning("Unable to insert packet for stream %d with dts %" PRId64 " into queue.", + zm_packet->packet.stream_index, zm_packet->packet.dts); + return false; +} // end bool zm_packetqueue::queuePacket(ZMPacket* zm_packet) bool zm_packetqueue::queuePacket(AVPacket* av_packet) { - ZMPacket *zm_packet = new ZMPacket(av_packet); - - pktQueue.push_back(zm_packet); - packet_counts[zm_packet->packet.stream_index] += 1; - - return true; + return queuePacket(zm_packet); } ZMPacket* zm_packetqueue::popPacket( ) { From c91da4a7f5b71b3f9a60d3dcb305a4dbfc37a49c Mon Sep 17 00:00:00 2001 From: Isaac Connor Date: Fri, 3 May 2019 14:58:29 -0400 Subject: [PATCH 052/922] if no packet found, still append to end --- src/zm_packetqueue.cpp | 6 ++++-- 1 file changed, 4 insertions(+), 2 deletions(-) diff --git a/src/zm_packetqueue.cpp b/src/zm_packetqueue.cpp index b5e53499a..c1fcc3db9 100644 --- a/src/zm_packetqueue.cpp +++ b/src/zm_packetqueue.cpp @@ -94,9 +94,11 @@ bool zm_packetqueue::queuePacket(ZMPacket* zm_packet) { packet_counts[zm_packet->packet.stream_index] += 1; return true; } - Warning("Unable to insert packet for stream %d with dts %" PRId64 " into queue.", + Debug(1,"Unable to insert packet for stream %d with dts %" PRId64 " into queue.", zm_packet->packet.stream_index, zm_packet->packet.dts); - return false; + pktQueue.push_back(zm_packet); + packet_counts[zm_packet->packet.stream_index] += 1; + return true; } // end bool zm_packetqueue::queuePacket(ZMPacket* zm_packet) bool zm_packetqueue::queuePacket(AVPacket* av_packet) { From 1e08b333b4705ff69ba8604fa6294048bad913f0 Mon Sep 17 00:00:00 2001 From: Isaac Connor Date: Fri, 3 May 2019 14:59:09 -0400 Subject: [PATCH 053/922] choose cur_dts instead of 0 for dts --- src/zm_videostore.cpp | 6 ++++-- 1 file changed, 4 insertions(+), 2 deletions(-) diff --git a/src/zm_videostore.cpp b/src/zm_videostore.cpp index a8f3e3041..29a30a88e 100644 --- a/src/zm_videostore.cpp +++ b/src/zm_videostore.cpp @@ -911,7 +911,8 @@ int VideoStore::writeVideoFramePacket(AVPacket *ipkt) { video_last_pts = ipkt->pts; } else { Debug(3, "opkt.pts = undef"); - opkt.pts = 0; + opkt.pts = AV_NOPTS_VALUE; +// can't set 0, it will get rejected //AV_NOPTS_VALUE; } // Just because the in stream wraps, doesn't mean the out needs to. @@ -943,7 +944,8 @@ int VideoStore::writeVideoFramePacket(AVPacket *ipkt) { } } else { Debug(3, "opkt.dts = undef"); - opkt.dts = 0; + opkt.dts = video_out_stream->cur_dts; + //opkt.dts = 0; } # if 0 From 7603e94e90eb68bdd4d60511f6b064eeb3820247 Mon Sep 17 00:00:00 2001 From: Pliable Pixels Date: Fri, 3 May 2019 16:57:43 -0400 Subject: [PATCH 054/922] added lib-ssl/dev for JWT signing --- distros/debian/control | 2 ++ 1 file changed, 2 insertions(+) diff --git a/distros/debian/control b/distros/debian/control index 4c23ab367..2b46f44e1 100644 --- a/distros/debian/control +++ b/distros/debian/control @@ -26,6 +26,7 @@ Build-Depends: debhelper (>= 9), cmake , libdata-dump-perl, libclass-std-fast-perl, libsoap-wsdl-perl, libio-socket-multicast-perl, libdigest-sha-perl , libsys-cpu-perl, libsys-meminfo-perl , libdata-uuid-perl + , libssl-dev Standards-Version: 3.9.4 Package: zoneminder @@ -51,6 +52,7 @@ Depends: ${shlibs:Depends}, ${misc:Depends}, ${perl:Depends} , zip , libvlccore5 | libvlccore7 | libvlccore8, libvlc5 , libpolkit-gobject-1-0, php5-gd + , libssl Recommends: mysql-server | mariadb-server Description: Video camera security and surveillance solution ZoneMinder is intended for use in single or multi-camera video security From d952fe7117c6c557c0fc200e4e4a0e23822067dc Mon Sep 17 00:00:00 2001 From: Pliable Pixels Date: Sat, 4 May 2019 11:52:53 -0400 Subject: [PATCH 055/922] Moved to openSSL SHA1, initial JWT plugin --- .gitmodules | 6 ++--- src/CMakeLists.txt | 9 +++---- src/zm_crypt.cpp | 60 ++++++++++++++++----------------------------- src/zm_crypt.h | 5 +++- third_party/jwt-cpp | 1 + 5 files changed, 33 insertions(+), 48 deletions(-) create mode 160000 third_party/jwt-cpp diff --git a/.gitmodules b/.gitmodules index c4cc3d6d1..f5bcf359d 100644 --- a/.gitmodules +++ b/.gitmodules @@ -5,9 +5,9 @@ [submodule "web/api/app/Plugin/CakePHP-Enum-Behavior"] path = web/api/app/Plugin/CakePHP-Enum-Behavior url = https://github.com/ZoneMinder/CakePHP-Enum-Behavior.git -[submodule "third_party/sha1"] - path = third_party/sha1 - url = https://github.com/vog/sha1 [submodule "third_party/bcrypt"] path = third_party/bcrypt url = https://github.com/pliablepixels/libbcrypt +[submodule "third_party/jwt-cpp"] + path = third_party/jwt-cpp + url = https://github.com/Thalhammer/jwt-cpp diff --git a/src/CMakeLists.txt b/src/CMakeLists.txt index 4a55ce095..efdb5224d 100644 --- a/src/CMakeLists.txt +++ b/src/CMakeLists.txt @@ -7,12 +7,9 @@ configure_file(zm_config.h.in "${CMAKE_CURRENT_BINARY_DIR}/zm_config.h" @ONLY) set(ZM_BIN_SRC_FILES zm_box.cpp zm_buffer.cpp zm_camera.cpp zm_comms.cpp zm_config.cpp zm_coord.cpp zm_curl_camera.cpp zm.cpp zm_db.cpp zm_logger.cpp zm_event.cpp zm_frame.cpp zm_eventstream.cpp zm_exception.cpp zm_file_camera.cpp zm_ffmpeg_input.cpp zm_ffmpeg_camera.cpp zm_group.cpp zm_image.cpp zm_jpeg.cpp zm_libvlc_camera.cpp zm_local_camera.cpp zm_monitor.cpp zm_monitorstream.cpp zm_ffmpeg.cpp zm_mpeg.cpp zm_packet.cpp zm_packetqueue.cpp zm_poly.cpp zm_regexp.cpp zm_remote_camera.cpp zm_remote_camera_http.cpp zm_remote_camera_nvsocket.cpp zm_remote_camera_rtsp.cpp zm_rtp.cpp zm_rtp_ctrl.cpp zm_rtp_data.cpp zm_rtp_source.cpp zm_rtsp.cpp zm_rtsp_auth.cpp zm_sdp.cpp zm_signal.cpp zm_stream.cpp zm_swscale.cpp zm_thread.cpp zm_time.cpp zm_timer.cpp zm_user.cpp zm_utils.cpp zm_video.cpp zm_videostore.cpp zm_zone.cpp zm_storage.cpp zm_crypt.cpp) -# includes and linkages to 3rd party libraries/src -set (ZM_BIN_THIRDPARTY_SRC_FILES ../third_party/sha1/sha1.cpp) - # A fix for cmake recompiling the source files for every target. -add_library(zm STATIC ${ZM_BIN_SRC_FILES} ${ZM_BIN_THIRDPARTY_SRC_FILES}) +add_library(zm STATIC ${ZM_BIN_SRC_FILES}) link_directories(/home/pp/source/pp_ZoneMinder.git/third_party/bcrypt) add_executable(zmc zmc.cpp) @@ -20,7 +17,9 @@ add_executable(zma zma.cpp) add_executable(zmu zmu.cpp) add_executable(zms zms.cpp) -include_directories(../third_party/sha1 ../third_party/bcrypt/include/bcrypt) +# JWT is a header only library. +include_directories(../third_party/bcrypt/include/bcrypt) +include_directories(../third_party/jwt-cpp/include/jwt-cpp) target_link_libraries(zmc zm ${ZM_EXTRA_LIBS} ${ZM_BIN_LIBS}) target_link_libraries(zma zm ${ZM_EXTRA_LIBS} ${ZM_BIN_LIBS}) diff --git a/src/zm_crypt.cpp b/src/zm_crypt.cpp index 19fa6dd9d..cf707aff0 100644 --- a/src/zm_crypt.cpp +++ b/src/zm_crypt.cpp @@ -4,37 +4,22 @@ -//https://stackoverflow.com/a/46403026/1361529 -char char2int(char input) { - if (input >= '0' && input <= '9') - return input - '0'; - else if (input >= 'A' && input <= 'F') - return input - 'A' + 10; - else if (input >= 'a' && input <= 'f') - return input - 'a' + 10; - else - return input; // this really should not happen + +std::string createToken() { + std::string token = jwt::create() + .set_issuer("auth0") + //.set_expires_at(jwt::date(expiresAt)) + //.set_issued_at(jwt::date(tp)) + //.set_issued_at(jwt::date(std::chrono::system_clock::now())) + //.set_expires_at(jwt::date(std::chrono::system_clock::now()+std::chrono::seconds{EXPIRY})) + .sign(jwt::algorithm::hs256{"secret"}); + return token; } -std::string hex2str(std::string &hex) { - std::string out; - out.resize(hex.size() / 2 + hex.size() % 2); - std::string::iterator it = hex.begin(); - std::string::iterator out_it = out.begin(); - if (hex.size() % 2 != 0) { - *out_it++ = char(char2int(*it++)); - } - - for (; it < hex.end() - 1; it++) { - *out_it++ = char2int(*it++) << 4 | char2int(*it); - }; - - return out; -} - bool verifyPassword(const char *username, const char *input_password, const char *db_password_hash) { bool password_correct = false; + Info ("JWT created as %s",createToken().c_str()); if (strlen(db_password_hash ) < 4) { // actually, shoud be more, but this is min. for next code Error ("DB Password is too short or invalid to check"); @@ -43,20 +28,17 @@ bool verifyPassword(const char *username, const char *input_password, const char if (db_password_hash[0] == '*') { // MYSQL PASSWORD Info ("%s is using an MD5 encoded password", username); - SHA1 checksum; + unsigned char digest_interim[SHA_DIGEST_LENGTH]; + unsigned char digest_final[SHA_DIGEST_LENGTH]; + SHA1((unsigned char*)&input_password, strlen((const char *) input_password), (unsigned char*)&digest_interim); + SHA1((unsigned char*)&digest_interim, strlen((const char *)digest_interim), (unsigned char*)&digest_final); + char final_hash[SHA_DIGEST_LENGTH * 2 +2]; + for(int i = 0; i < SHA_DIGEST_LENGTH; i++) + sprintf(&final_hash[i*2], "%02X", (unsigned int)digest_final[i]); - // next few lines do '*'+SHA1(raw(SHA1(password))) - // which is MYSQL >=4.1 PASSWORD algorithm - checksum.update(input_password); - std::string interim_hash = checksum.final(); - std::string binary_hash = hex2str(interim_hash); // get interim hash - checksum.update(binary_hash); - interim_hash = checksum.final(); - std::string final_hash = "*" + interim_hash; - std::transform(final_hash.begin(), final_hash.end(), final_hash.begin(), ::toupper); - - Debug (5, "Computed password_hash:%s, stored password_hash:%s", final_hash.c_str(), db_password_hash); - password_correct = (std::string(db_password_hash) == final_hash); + Info ("Computed password_hash:%s, stored password_hash:%s", final_hash, db_password_hash); + Debug (5, "Computed password_hash:%s, stored password_hash:%s", final_hash, db_password_hash); + password_correct = (strcmp(db_password_hash, final_hash)==0); } else if ((db_password_hash[0] == '$') && (db_password_hash[1]== '2') &&(db_password_hash[3] == '$')) { diff --git a/src/zm_crypt.h b/src/zm_crypt.h index ad4aa06da..a1e8945e4 100644 --- a/src/zm_crypt.h +++ b/src/zm_crypt.h @@ -20,10 +20,13 @@ #ifndef ZM_CRYPT_H #define ZM_CRYPT_H + #include +#include #include "BCrypt.hpp" -#include "sha1.hpp" +#include "jwt.h" bool verifyPassword( const char *username, const char *input_password, const char *db_password_hash); +std::string createToken(); #endif // ZM_CRYPT_H \ No newline at end of file diff --git a/third_party/jwt-cpp b/third_party/jwt-cpp new file mode 160000 index 000000000..dd0337e64 --- /dev/null +++ b/third_party/jwt-cpp @@ -0,0 +1 @@ +Subproject commit dd0337e64c19b5c6290b30429a9eedafadcae4b7 From 4c51747171eb54ee359c03476c377f68c8c4c610 Mon Sep 17 00:00:00 2001 From: Pliable Pixels Date: Sat, 4 May 2019 11:57:30 -0400 Subject: [PATCH 056/922] removed vog --- third_party/sha1 | 1 - 1 file changed, 1 deletion(-) delete mode 160000 third_party/sha1 diff --git a/third_party/sha1 b/third_party/sha1 deleted file mode 160000 index 68a099035..000000000 --- a/third_party/sha1 +++ /dev/null @@ -1 +0,0 @@ -Subproject commit 68a0990352c04de43c494e8381264c27ed0b8e7e From 983e050fd7e4370d68cbbed061c6438803ec2c94 Mon Sep 17 00:00:00 2001 From: Pliable Pixels Date: Sat, 4 May 2019 15:20:31 -0400 Subject: [PATCH 057/922] fixed SHA1 algo --- src/zm_crypt.cpp | 20 +++++++++++++++++--- 1 file changed, 17 insertions(+), 3 deletions(-) diff --git a/src/zm_crypt.cpp b/src/zm_crypt.cpp index cf707aff0..266105c65 100644 --- a/src/zm_crypt.cpp +++ b/src/zm_crypt.cpp @@ -28,13 +28,27 @@ bool verifyPassword(const char *username, const char *input_password, const char if (db_password_hash[0] == '*') { // MYSQL PASSWORD Info ("%s is using an MD5 encoded password", username); + + SHA_CTX ctx1, ctx2; unsigned char digest_interim[SHA_DIGEST_LENGTH]; unsigned char digest_final[SHA_DIGEST_LENGTH]; - SHA1((unsigned char*)&input_password, strlen((const char *) input_password), (unsigned char*)&digest_interim); - SHA1((unsigned char*)&digest_interim, strlen((const char *)digest_interim), (unsigned char*)&digest_final); + + //get first iteration + SHA1_Init(&ctx1); + SHA1_Update(&ctx1, input_password, strlen(input_password)); + SHA1_Final(digest_interim, &ctx1); + + //2nd iteration + SHA1_Init(&ctx2); + SHA1_Update(&ctx2, digest_interim,SHA_DIGEST_LENGTH); + SHA1_Final (digest_final, &ctx2) + char final_hash[SHA_DIGEST_LENGTH * 2 +2]; + final_hash[0]='*'; + //convert to hex for(int i = 0; i < SHA_DIGEST_LENGTH; i++) - sprintf(&final_hash[i*2], "%02X", (unsigned int)digest_final[i]); + sprintf(&final_hash[i*2]+1, "%02X", (unsigned int)digest_final[i]); + final_hash[SHA_DIGEST_LENGTH *2 + 1]=0; Info ("Computed password_hash:%s, stored password_hash:%s", final_hash, db_password_hash); Debug (5, "Computed password_hash:%s, stored password_hash:%s", final_hash, db_password_hash); From 4c8d20db64f97b8a2ca86ea49529390c887383eb Mon Sep 17 00:00:00 2001 From: Pliable Pixels Date: Sat, 4 May 2019 15:27:00 -0400 Subject: [PATCH 058/922] typo --- src/zm_crypt.cpp | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/src/zm_crypt.cpp b/src/zm_crypt.cpp index 266105c65..6c6f4c7c1 100644 --- a/src/zm_crypt.cpp +++ b/src/zm_crypt.cpp @@ -41,7 +41,7 @@ bool verifyPassword(const char *username, const char *input_password, const char //2nd iteration SHA1_Init(&ctx2); SHA1_Update(&ctx2, digest_interim,SHA_DIGEST_LENGTH); - SHA1_Final (digest_final, &ctx2) + SHA1_Final (digest_final, &ctx2); char final_hash[SHA_DIGEST_LENGTH * 2 +2]; final_hash[0]='*'; From 725c3c50ed6238410994d48988659b3a28bcc22a Mon Sep 17 00:00:00 2001 From: Pliable Pixels Date: Sun, 5 May 2019 07:08:25 -0400 Subject: [PATCH 059/922] use php-jwt, use proper way to add PHP modules, via composer --- web/composer.json | 5 + web/composer.lock | 64 +++ web/includes/auth.php | 17 + web/vendor/autoload.php | 7 + web/vendor/composer/ClassLoader.php | 445 ++++++++++++++++++ web/vendor/composer/LICENSE | 21 + web/vendor/composer/autoload_classmap.php | 9 + web/vendor/composer/autoload_namespaces.php | 9 + web/vendor/composer/autoload_psr4.php | 10 + web/vendor/composer/autoload_real.php | 52 ++ web/vendor/composer/autoload_static.php | 31 ++ web/vendor/composer/installed.json | 50 ++ web/vendor/firebase/php-jwt/LICENSE | 30 ++ web/vendor/firebase/php-jwt/README.md | 200 ++++++++ web/vendor/firebase/php-jwt/composer.json | 29 ++ .../php-jwt/src/BeforeValidException.php | 7 + .../firebase/php-jwt/src/ExpiredException.php | 7 + web/vendor/firebase/php-jwt/src/JWT.php | 379 +++++++++++++++ .../php-jwt/src/SignatureInvalidException.php | 7 + 19 files changed, 1379 insertions(+) create mode 100644 web/composer.json create mode 100644 web/composer.lock create mode 100644 web/vendor/autoload.php create mode 100644 web/vendor/composer/ClassLoader.php create mode 100644 web/vendor/composer/LICENSE create mode 100644 web/vendor/composer/autoload_classmap.php create mode 100644 web/vendor/composer/autoload_namespaces.php create mode 100644 web/vendor/composer/autoload_psr4.php create mode 100644 web/vendor/composer/autoload_real.php create mode 100644 web/vendor/composer/autoload_static.php create mode 100644 web/vendor/composer/installed.json create mode 100644 web/vendor/firebase/php-jwt/LICENSE create mode 100644 web/vendor/firebase/php-jwt/README.md create mode 100644 web/vendor/firebase/php-jwt/composer.json create mode 100644 web/vendor/firebase/php-jwt/src/BeforeValidException.php create mode 100644 web/vendor/firebase/php-jwt/src/ExpiredException.php create mode 100644 web/vendor/firebase/php-jwt/src/JWT.php create mode 100644 web/vendor/firebase/php-jwt/src/SignatureInvalidException.php diff --git a/web/composer.json b/web/composer.json new file mode 100644 index 000000000..cc22311b1 --- /dev/null +++ b/web/composer.json @@ -0,0 +1,5 @@ +{ + "require": { + "firebase/php-jwt": "^5.0" + } +} diff --git a/web/composer.lock b/web/composer.lock new file mode 100644 index 000000000..b0b368b4f --- /dev/null +++ b/web/composer.lock @@ -0,0 +1,64 @@ +{ + "_readme": [ + "This file locks the dependencies of your project to a known state", + "Read more about it at https://getcomposer.org/doc/01-basic-usage.md#installing-dependencies", + "This file is @generated automatically" + ], + "content-hash": "7f97fc9c4d2beaf06d019ba50f7efcbc", + "packages": [ + { + "name": "firebase/php-jwt", + "version": "v5.0.0", + "source": { + "type": "git", + "url": "https://github.com/firebase/php-jwt.git", + "reference": "9984a4d3a32ae7673d6971ea00bae9d0a1abba0e" + }, + "dist": { + "type": "zip", + "url": "https://api.github.com/repos/firebase/php-jwt/zipball/9984a4d3a32ae7673d6971ea00bae9d0a1abba0e", + "reference": "9984a4d3a32ae7673d6971ea00bae9d0a1abba0e", + "shasum": "" + }, + "require": { + "php": ">=5.3.0" + }, + "require-dev": { + "phpunit/phpunit": " 4.8.35" + }, + "type": "library", + "autoload": { + "psr-4": { + "Firebase\\JWT\\": "src" + } + }, + "notification-url": "https://packagist.org/downloads/", + "license": [ + "BSD-3-Clause" + ], + "authors": [ + { + "name": "Neuman Vong", + "email": "neuman+pear@twilio.com", + "role": "Developer" + }, + { + "name": "Anant Narayanan", + "email": "anant@php.net", + "role": "Developer" + } + ], + "description": "A simple library to encode and decode JSON Web Tokens (JWT) in PHP. Should conform to the current spec.", + "homepage": "https://github.com/firebase/php-jwt", + "time": "2017-06-27T22:17:23+00:00" + } + ], + "packages-dev": [], + "aliases": [], + "minimum-stability": "stable", + "stability-flags": [], + "prefer-stable": false, + "prefer-lowest": false, + "platform": [], + "platform-dev": [] +} diff --git a/web/includes/auth.php b/web/includes/auth.php index ef1871164..52391d435 100644 --- a/web/includes/auth.php +++ b/web/includes/auth.php @@ -19,6 +19,9 @@ // // require_once('session.php'); +require_once ('../vendor/autoload.php'); + +use \Firebase\JWT\JWT; // this function migrates mysql hashing to bcrypt, if you are using PHP >= 5.5 // will be called after successful login, only if mysql hashing is detected @@ -45,7 +48,21 @@ function migrateHash($user, $pass) { // core function used to login a user to PHP. Is also used for cake sessions for the API function userLogin($username='', $password='', $passwordHashed=false) { + global $user; + + $key = "example_key"; + $token = array( + "iss" => "http://example.org", + "aud" => "http://example.com", + "iat" => 1356999524, + "nbf" => 1357000000 + ); + $jwt = JWT::encode($token, $key); + + ZM\Info ("JWT token is $jwt"); + + if ( !$username and isset($_REQUEST['username']) ) $username = $_REQUEST['username']; if ( !$password and isset($_REQUEST['password']) ) diff --git a/web/vendor/autoload.php b/web/vendor/autoload.php new file mode 100644 index 000000000..034205792 --- /dev/null +++ b/web/vendor/autoload.php @@ -0,0 +1,7 @@ + + * Jordi Boggiano + * + * For the full copyright and license information, please view the LICENSE + * file that was distributed with this source code. + */ + +namespace Composer\Autoload; + +/** + * ClassLoader implements a PSR-0, PSR-4 and classmap class loader. + * + * $loader = new \Composer\Autoload\ClassLoader(); + * + * // register classes with namespaces + * $loader->add('Symfony\Component', __DIR__.'/component'); + * $loader->add('Symfony', __DIR__.'/framework'); + * + * // activate the autoloader + * $loader->register(); + * + * // to enable searching the include path (eg. for PEAR packages) + * $loader->setUseIncludePath(true); + * + * In this example, if you try to use a class in the Symfony\Component + * namespace or one of its children (Symfony\Component\Console for instance), + * the autoloader will first look for the class under the component/ + * directory, and it will then fallback to the framework/ directory if not + * found before giving up. + * + * This class is loosely based on the Symfony UniversalClassLoader. + * + * @author Fabien Potencier + * @author Jordi Boggiano + * @see http://www.php-fig.org/psr/psr-0/ + * @see http://www.php-fig.org/psr/psr-4/ + */ +class ClassLoader +{ + // PSR-4 + private $prefixLengthsPsr4 = array(); + private $prefixDirsPsr4 = array(); + private $fallbackDirsPsr4 = array(); + + // PSR-0 + private $prefixesPsr0 = array(); + private $fallbackDirsPsr0 = array(); + + private $useIncludePath = false; + private $classMap = array(); + private $classMapAuthoritative = false; + private $missingClasses = array(); + private $apcuPrefix; + + public function getPrefixes() + { + if (!empty($this->prefixesPsr0)) { + return call_user_func_array('array_merge', $this->prefixesPsr0); + } + + return array(); + } + + public function getPrefixesPsr4() + { + return $this->prefixDirsPsr4; + } + + public function getFallbackDirs() + { + return $this->fallbackDirsPsr0; + } + + public function getFallbackDirsPsr4() + { + return $this->fallbackDirsPsr4; + } + + public function getClassMap() + { + return $this->classMap; + } + + /** + * @param array $classMap Class to filename map + */ + public function addClassMap(array $classMap) + { + if ($this->classMap) { + $this->classMap = array_merge($this->classMap, $classMap); + } else { + $this->classMap = $classMap; + } + } + + /** + * Registers a set of PSR-0 directories for a given prefix, either + * appending or prepending to the ones previously set for this prefix. + * + * @param string $prefix The prefix + * @param array|string $paths The PSR-0 root directories + * @param bool $prepend Whether to prepend the directories + */ + public function add($prefix, $paths, $prepend = false) + { + if (!$prefix) { + if ($prepend) { + $this->fallbackDirsPsr0 = array_merge( + (array) $paths, + $this->fallbackDirsPsr0 + ); + } else { + $this->fallbackDirsPsr0 = array_merge( + $this->fallbackDirsPsr0, + (array) $paths + ); + } + + return; + } + + $first = $prefix[0]; + if (!isset($this->prefixesPsr0[$first][$prefix])) { + $this->prefixesPsr0[$first][$prefix] = (array) $paths; + + return; + } + if ($prepend) { + $this->prefixesPsr0[$first][$prefix] = array_merge( + (array) $paths, + $this->prefixesPsr0[$first][$prefix] + ); + } else { + $this->prefixesPsr0[$first][$prefix] = array_merge( + $this->prefixesPsr0[$first][$prefix], + (array) $paths + ); + } + } + + /** + * Registers a set of PSR-4 directories for a given namespace, either + * appending or prepending to the ones previously set for this namespace. + * + * @param string $prefix The prefix/namespace, with trailing '\\' + * @param array|string $paths The PSR-4 base directories + * @param bool $prepend Whether to prepend the directories + * + * @throws \InvalidArgumentException + */ + public function addPsr4($prefix, $paths, $prepend = false) + { + if (!$prefix) { + // Register directories for the root namespace. + if ($prepend) { + $this->fallbackDirsPsr4 = array_merge( + (array) $paths, + $this->fallbackDirsPsr4 + ); + } else { + $this->fallbackDirsPsr4 = array_merge( + $this->fallbackDirsPsr4, + (array) $paths + ); + } + } elseif (!isset($this->prefixDirsPsr4[$prefix])) { + // Register directories for a new namespace. + $length = strlen($prefix); + if ('\\' !== $prefix[$length - 1]) { + throw new \InvalidArgumentException("A non-empty PSR-4 prefix must end with a namespace separator."); + } + $this->prefixLengthsPsr4[$prefix[0]][$prefix] = $length; + $this->prefixDirsPsr4[$prefix] = (array) $paths; + } elseif ($prepend) { + // Prepend directories for an already registered namespace. + $this->prefixDirsPsr4[$prefix] = array_merge( + (array) $paths, + $this->prefixDirsPsr4[$prefix] + ); + } else { + // Append directories for an already registered namespace. + $this->prefixDirsPsr4[$prefix] = array_merge( + $this->prefixDirsPsr4[$prefix], + (array) $paths + ); + } + } + + /** + * Registers a set of PSR-0 directories for a given prefix, + * replacing any others previously set for this prefix. + * + * @param string $prefix The prefix + * @param array|string $paths The PSR-0 base directories + */ + public function set($prefix, $paths) + { + if (!$prefix) { + $this->fallbackDirsPsr0 = (array) $paths; + } else { + $this->prefixesPsr0[$prefix[0]][$prefix] = (array) $paths; + } + } + + /** + * Registers a set of PSR-4 directories for a given namespace, + * replacing any others previously set for this namespace. + * + * @param string $prefix The prefix/namespace, with trailing '\\' + * @param array|string $paths The PSR-4 base directories + * + * @throws \InvalidArgumentException + */ + public function setPsr4($prefix, $paths) + { + if (!$prefix) { + $this->fallbackDirsPsr4 = (array) $paths; + } else { + $length = strlen($prefix); + if ('\\' !== $prefix[$length - 1]) { + throw new \InvalidArgumentException("A non-empty PSR-4 prefix must end with a namespace separator."); + } + $this->prefixLengthsPsr4[$prefix[0]][$prefix] = $length; + $this->prefixDirsPsr4[$prefix] = (array) $paths; + } + } + + /** + * Turns on searching the include path for class files. + * + * @param bool $useIncludePath + */ + public function setUseIncludePath($useIncludePath) + { + $this->useIncludePath = $useIncludePath; + } + + /** + * Can be used to check if the autoloader uses the include path to check + * for classes. + * + * @return bool + */ + public function getUseIncludePath() + { + return $this->useIncludePath; + } + + /** + * Turns off searching the prefix and fallback directories for classes + * that have not been registered with the class map. + * + * @param bool $classMapAuthoritative + */ + public function setClassMapAuthoritative($classMapAuthoritative) + { + $this->classMapAuthoritative = $classMapAuthoritative; + } + + /** + * Should class lookup fail if not found in the current class map? + * + * @return bool + */ + public function isClassMapAuthoritative() + { + return $this->classMapAuthoritative; + } + + /** + * APCu prefix to use to cache found/not-found classes, if the extension is enabled. + * + * @param string|null $apcuPrefix + */ + public function setApcuPrefix($apcuPrefix) + { + $this->apcuPrefix = function_exists('apcu_fetch') && filter_var(ini_get('apc.enabled'), FILTER_VALIDATE_BOOLEAN) ? $apcuPrefix : null; + } + + /** + * The APCu prefix in use, or null if APCu caching is not enabled. + * + * @return string|null + */ + public function getApcuPrefix() + { + return $this->apcuPrefix; + } + + /** + * Registers this instance as an autoloader. + * + * @param bool $prepend Whether to prepend the autoloader or not + */ + public function register($prepend = false) + { + spl_autoload_register(array($this, 'loadClass'), true, $prepend); + } + + /** + * Unregisters this instance as an autoloader. + */ + public function unregister() + { + spl_autoload_unregister(array($this, 'loadClass')); + } + + /** + * Loads the given class or interface. + * + * @param string $class The name of the class + * @return bool|null True if loaded, null otherwise + */ + public function loadClass($class) + { + if ($file = $this->findFile($class)) { + includeFile($file); + + return true; + } + } + + /** + * Finds the path to the file where the class is defined. + * + * @param string $class The name of the class + * + * @return string|false The path if found, false otherwise + */ + public function findFile($class) + { + // class map lookup + if (isset($this->classMap[$class])) { + return $this->classMap[$class]; + } + if ($this->classMapAuthoritative || isset($this->missingClasses[$class])) { + return false; + } + if (null !== $this->apcuPrefix) { + $file = apcu_fetch($this->apcuPrefix.$class, $hit); + if ($hit) { + return $file; + } + } + + $file = $this->findFileWithExtension($class, '.php'); + + // Search for Hack files if we are running on HHVM + if (false === $file && defined('HHVM_VERSION')) { + $file = $this->findFileWithExtension($class, '.hh'); + } + + if (null !== $this->apcuPrefix) { + apcu_add($this->apcuPrefix.$class, $file); + } + + if (false === $file) { + // Remember that this class does not exist. + $this->missingClasses[$class] = true; + } + + return $file; + } + + private function findFileWithExtension($class, $ext) + { + // PSR-4 lookup + $logicalPathPsr4 = strtr($class, '\\', DIRECTORY_SEPARATOR) . $ext; + + $first = $class[0]; + if (isset($this->prefixLengthsPsr4[$first])) { + $subPath = $class; + while (false !== $lastPos = strrpos($subPath, '\\')) { + $subPath = substr($subPath, 0, $lastPos); + $search = $subPath . '\\'; + if (isset($this->prefixDirsPsr4[$search])) { + $pathEnd = DIRECTORY_SEPARATOR . substr($logicalPathPsr4, $lastPos + 1); + foreach ($this->prefixDirsPsr4[$search] as $dir) { + if (file_exists($file = $dir . $pathEnd)) { + return $file; + } + } + } + } + } + + // PSR-4 fallback dirs + foreach ($this->fallbackDirsPsr4 as $dir) { + if (file_exists($file = $dir . DIRECTORY_SEPARATOR . $logicalPathPsr4)) { + return $file; + } + } + + // PSR-0 lookup + if (false !== $pos = strrpos($class, '\\')) { + // namespaced class name + $logicalPathPsr0 = substr($logicalPathPsr4, 0, $pos + 1) + . strtr(substr($logicalPathPsr4, $pos + 1), '_', DIRECTORY_SEPARATOR); + } else { + // PEAR-like class name + $logicalPathPsr0 = strtr($class, '_', DIRECTORY_SEPARATOR) . $ext; + } + + if (isset($this->prefixesPsr0[$first])) { + foreach ($this->prefixesPsr0[$first] as $prefix => $dirs) { + if (0 === strpos($class, $prefix)) { + foreach ($dirs as $dir) { + if (file_exists($file = $dir . DIRECTORY_SEPARATOR . $logicalPathPsr0)) { + return $file; + } + } + } + } + } + + // PSR-0 fallback dirs + foreach ($this->fallbackDirsPsr0 as $dir) { + if (file_exists($file = $dir . DIRECTORY_SEPARATOR . $logicalPathPsr0)) { + return $file; + } + } + + // PSR-0 include paths. + if ($this->useIncludePath && $file = stream_resolve_include_path($logicalPathPsr0)) { + return $file; + } + + return false; + } +} + +/** + * Scope isolated include. + * + * Prevents access to $this/self from included files. + */ +function includeFile($file) +{ + include $file; +} diff --git a/web/vendor/composer/LICENSE b/web/vendor/composer/LICENSE new file mode 100644 index 000000000..f27399a04 --- /dev/null +++ b/web/vendor/composer/LICENSE @@ -0,0 +1,21 @@ + +Copyright (c) Nils Adermann, Jordi Boggiano + +Permission is hereby granted, free of charge, to any person obtaining a copy +of this software and associated documentation files (the "Software"), to deal +in the Software without restriction, including without limitation the rights +to use, copy, modify, merge, publish, distribute, sublicense, and/or sell +copies of the Software, and to permit persons to whom the Software is furnished +to do so, subject to the following conditions: + +The above copyright notice and this permission notice shall be included in all +copies or substantial portions of the Software. + +THE SOFTWARE IS PROVIDED "AS IS", WITHOUT WARRANTY OF ANY KIND, EXPRESS OR +IMPLIED, INCLUDING BUT NOT LIMITED TO THE WARRANTIES OF MERCHANTABILITY, +FITNESS FOR A PARTICULAR PURPOSE AND NONINFRINGEMENT. IN NO EVENT SHALL THE +AUTHORS OR COPYRIGHT HOLDERS BE LIABLE FOR ANY CLAIM, DAMAGES OR OTHER +LIABILITY, WHETHER IN AN ACTION OF CONTRACT, TORT OR OTHERWISE, ARISING FROM, +OUT OF OR IN CONNECTION WITH THE SOFTWARE OR THE USE OR OTHER DEALINGS IN +THE SOFTWARE. + diff --git a/web/vendor/composer/autoload_classmap.php b/web/vendor/composer/autoload_classmap.php new file mode 100644 index 000000000..7a91153b0 --- /dev/null +++ b/web/vendor/composer/autoload_classmap.php @@ -0,0 +1,9 @@ + array($vendorDir . '/firebase/php-jwt/src'), +); diff --git a/web/vendor/composer/autoload_real.php b/web/vendor/composer/autoload_real.php new file mode 100644 index 000000000..accbcefb3 --- /dev/null +++ b/web/vendor/composer/autoload_real.php @@ -0,0 +1,52 @@ += 50600 && !defined('HHVM_VERSION') && (!function_exists('zend_loader_file_encoded') || !zend_loader_file_encoded()); + if ($useStaticLoader) { + require_once __DIR__ . '/autoload_static.php'; + + call_user_func(\Composer\Autoload\ComposerStaticInit254e25e69fe049d603f41f5fd853ef2b::getInitializer($loader)); + } else { + $map = require __DIR__ . '/autoload_namespaces.php'; + foreach ($map as $namespace => $path) { + $loader->set($namespace, $path); + } + + $map = require __DIR__ . '/autoload_psr4.php'; + foreach ($map as $namespace => $path) { + $loader->setPsr4($namespace, $path); + } + + $classMap = require __DIR__ . '/autoload_classmap.php'; + if ($classMap) { + $loader->addClassMap($classMap); + } + } + + $loader->register(true); + + return $loader; + } +} diff --git a/web/vendor/composer/autoload_static.php b/web/vendor/composer/autoload_static.php new file mode 100644 index 000000000..2709f5803 --- /dev/null +++ b/web/vendor/composer/autoload_static.php @@ -0,0 +1,31 @@ + + array ( + 'Firebase\\JWT\\' => 13, + ), + ); + + public static $prefixDirsPsr4 = array ( + 'Firebase\\JWT\\' => + array ( + 0 => __DIR__ . '/..' . '/firebase/php-jwt/src', + ), + ); + + public static function getInitializer(ClassLoader $loader) + { + return \Closure::bind(function () use ($loader) { + $loader->prefixLengthsPsr4 = ComposerStaticInit254e25e69fe049d603f41f5fd853ef2b::$prefixLengthsPsr4; + $loader->prefixDirsPsr4 = ComposerStaticInit254e25e69fe049d603f41f5fd853ef2b::$prefixDirsPsr4; + + }, null, ClassLoader::class); + } +} diff --git a/web/vendor/composer/installed.json b/web/vendor/composer/installed.json new file mode 100644 index 000000000..5b2924c21 --- /dev/null +++ b/web/vendor/composer/installed.json @@ -0,0 +1,50 @@ +[ + { + "name": "firebase/php-jwt", + "version": "v5.0.0", + "version_normalized": "5.0.0.0", + "source": { + "type": "git", + "url": "https://github.com/firebase/php-jwt.git", + "reference": "9984a4d3a32ae7673d6971ea00bae9d0a1abba0e" + }, + "dist": { + "type": "zip", + "url": "https://api.github.com/repos/firebase/php-jwt/zipball/9984a4d3a32ae7673d6971ea00bae9d0a1abba0e", + "reference": "9984a4d3a32ae7673d6971ea00bae9d0a1abba0e", + "shasum": "" + }, + "require": { + "php": ">=5.3.0" + }, + "require-dev": { + "phpunit/phpunit": " 4.8.35" + }, + "time": "2017-06-27T22:17:23+00:00", + "type": "library", + "installation-source": "dist", + "autoload": { + "psr-4": { + "Firebase\\JWT\\": "src" + } + }, + "notification-url": "https://packagist.org/downloads/", + "license": [ + "BSD-3-Clause" + ], + "authors": [ + { + "name": "Neuman Vong", + "email": "neuman+pear@twilio.com", + "role": "Developer" + }, + { + "name": "Anant Narayanan", + "email": "anant@php.net", + "role": "Developer" + } + ], + "description": "A simple library to encode and decode JSON Web Tokens (JWT) in PHP. Should conform to the current spec.", + "homepage": "https://github.com/firebase/php-jwt" + } +] diff --git a/web/vendor/firebase/php-jwt/LICENSE b/web/vendor/firebase/php-jwt/LICENSE new file mode 100644 index 000000000..cb0c49b33 --- /dev/null +++ b/web/vendor/firebase/php-jwt/LICENSE @@ -0,0 +1,30 @@ +Copyright (c) 2011, Neuman Vong + +All rights reserved. + +Redistribution and use in source and binary forms, with or without +modification, are permitted provided that the following conditions are met: + + * Redistributions of source code must retain the above copyright + notice, this list of conditions and the following disclaimer. + + * Redistributions in binary form must reproduce the above + copyright notice, this list of conditions and the following + disclaimer in the documentation and/or other materials provided + with the distribution. + + * Neither the name of Neuman Vong nor the names of other + contributors may be used to endorse or promote products derived + from this software without specific prior written permission. + +THIS SOFTWARE IS PROVIDED BY THE COPYRIGHT HOLDERS AND CONTRIBUTORS +"AS IS" AND ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT +LIMITED TO, THE IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR +A PARTICULAR PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL THE COPYRIGHT +OWNER OR CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL, +SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT NOT +LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES; LOSS OF USE, +DATA, OR PROFITS; OR BUSINESS INTERRUPTION) HOWEVER CAUSED AND ON ANY +THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT LIABILITY, OR TORT +(INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY OUT OF THE USE +OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF SUCH DAMAGE. diff --git a/web/vendor/firebase/php-jwt/README.md b/web/vendor/firebase/php-jwt/README.md new file mode 100644 index 000000000..b1a7a3a20 --- /dev/null +++ b/web/vendor/firebase/php-jwt/README.md @@ -0,0 +1,200 @@ +[![Build Status](https://travis-ci.org/firebase/php-jwt.png?branch=master)](https://travis-ci.org/firebase/php-jwt) +[![Latest Stable Version](https://poser.pugx.org/firebase/php-jwt/v/stable)](https://packagist.org/packages/firebase/php-jwt) +[![Total Downloads](https://poser.pugx.org/firebase/php-jwt/downloads)](https://packagist.org/packages/firebase/php-jwt) +[![License](https://poser.pugx.org/firebase/php-jwt/license)](https://packagist.org/packages/firebase/php-jwt) + +PHP-JWT +======= +A simple library to encode and decode JSON Web Tokens (JWT) in PHP, conforming to [RFC 7519](https://tools.ietf.org/html/rfc7519). + +Installation +------------ + +Use composer to manage your dependencies and download PHP-JWT: + +```bash +composer require firebase/php-jwt +``` + +Example +------- +```php + "http://example.org", + "aud" => "http://example.com", + "iat" => 1356999524, + "nbf" => 1357000000 +); + +/** + * IMPORTANT: + * You must specify supported algorithms for your application. See + * https://tools.ietf.org/html/draft-ietf-jose-json-web-algorithms-40 + * for a list of spec-compliant algorithms. + */ +$jwt = JWT::encode($token, $key); +$decoded = JWT::decode($jwt, $key, array('HS256')); + +print_r($decoded); + +/* + NOTE: This will now be an object instead of an associative array. To get + an associative array, you will need to cast it as such: +*/ + +$decoded_array = (array) $decoded; + +/** + * You can add a leeway to account for when there is a clock skew times between + * the signing and verifying servers. It is recommended that this leeway should + * not be bigger than a few minutes. + * + * Source: http://self-issued.info/docs/draft-ietf-oauth-json-web-token.html#nbfDef + */ +JWT::$leeway = 60; // $leeway in seconds +$decoded = JWT::decode($jwt, $key, array('HS256')); + +?> +``` +Example with RS256 (openssl) +---------------------------- +```php + "example.org", + "aud" => "example.com", + "iat" => 1356999524, + "nbf" => 1357000000 +); + +$jwt = JWT::encode($token, $privateKey, 'RS256'); +echo "Encode:\n" . print_r($jwt, true) . "\n"; + +$decoded = JWT::decode($jwt, $publicKey, array('RS256')); + +/* + NOTE: This will now be an object instead of an associative array. To get + an associative array, you will need to cast it as such: +*/ + +$decoded_array = (array) $decoded; +echo "Decode:\n" . print_r($decoded_array, true) . "\n"; +?> +``` + +Changelog +--------- + +#### 5.0.0 / 2017-06-26 +- Support RS384 and RS512. + See [#117](https://github.com/firebase/php-jwt/pull/117). Thanks [@joostfaassen](https://github.com/joostfaassen)! +- Add an example for RS256 openssl. + See [#125](https://github.com/firebase/php-jwt/pull/125). Thanks [@akeeman](https://github.com/akeeman)! +- Detect invalid Base64 encoding in signature. + See [#162](https://github.com/firebase/php-jwt/pull/162). Thanks [@psignoret](https://github.com/psignoret)! +- Update `JWT::verify` to handle OpenSSL errors. + See [#159](https://github.com/firebase/php-jwt/pull/159). Thanks [@bshaffer](https://github.com/bshaffer)! +- Add `array` type hinting to `decode` method + See [#101](https://github.com/firebase/php-jwt/pull/101). Thanks [@hywak](https://github.com/hywak)! +- Add all JSON error types. + See [#110](https://github.com/firebase/php-jwt/pull/110). Thanks [@gbalduzzi](https://github.com/gbalduzzi)! +- Bugfix 'kid' not in given key list. + See [#129](https://github.com/firebase/php-jwt/pull/129). Thanks [@stampycode](https://github.com/stampycode)! +- Miscellaneous cleanup, documentation and test fixes. + See [#107](https://github.com/firebase/php-jwt/pull/107), [#115](https://github.com/firebase/php-jwt/pull/115), + [#160](https://github.com/firebase/php-jwt/pull/160), [#161](https://github.com/firebase/php-jwt/pull/161), and + [#165](https://github.com/firebase/php-jwt/pull/165). Thanks [@akeeman](https://github.com/akeeman), + [@chinedufn](https://github.com/chinedufn), and [@bshaffer](https://github.com/bshaffer)! + +#### 4.0.0 / 2016-07-17 +- Add support for late static binding. See [#88](https://github.com/firebase/php-jwt/pull/88) for details. Thanks to [@chappy84](https://github.com/chappy84)! +- Use static `$timestamp` instead of `time()` to improve unit testing. See [#93](https://github.com/firebase/php-jwt/pull/93) for details. Thanks to [@josephmcdermott](https://github.com/josephmcdermott)! +- Fixes to exceptions classes. See [#81](https://github.com/firebase/php-jwt/pull/81) for details. Thanks to [@Maks3w](https://github.com/Maks3w)! +- Fixes to PHPDoc. See [#76](https://github.com/firebase/php-jwt/pull/76) for details. Thanks to [@akeeman](https://github.com/akeeman)! + +#### 3.0.0 / 2015-07-22 +- Minimum PHP version updated from `5.2.0` to `5.3.0`. +- Add `\Firebase\JWT` namespace. See +[#59](https://github.com/firebase/php-jwt/pull/59) for details. Thanks to +[@Dashron](https://github.com/Dashron)! +- Require a non-empty key to decode and verify a JWT. See +[#60](https://github.com/firebase/php-jwt/pull/60) for details. Thanks to +[@sjones608](https://github.com/sjones608)! +- Cleaner documentation blocks in the code. See +[#62](https://github.com/firebase/php-jwt/pull/62) for details. Thanks to +[@johanderuijter](https://github.com/johanderuijter)! + +#### 2.2.0 / 2015-06-22 +- Add support for adding custom, optional JWT headers to `JWT::encode()`. See +[#53](https://github.com/firebase/php-jwt/pull/53/files) for details. Thanks to +[@mcocaro](https://github.com/mcocaro)! + +#### 2.1.0 / 2015-05-20 +- Add support for adding a leeway to `JWT:decode()` that accounts for clock skew +between signing and verifying entities. Thanks to [@lcabral](https://github.com/lcabral)! +- Add support for passing an object implementing the `ArrayAccess` interface for +`$keys` argument in `JWT::decode()`. Thanks to [@aztech-dev](https://github.com/aztech-dev)! + +#### 2.0.0 / 2015-04-01 +- **Note**: It is strongly recommended that you update to > v2.0.0 to address + known security vulnerabilities in prior versions when both symmetric and + asymmetric keys are used together. +- Update signature for `JWT::decode(...)` to require an array of supported + algorithms to use when verifying token signatures. + + +Tests +----- +Run the tests using phpunit: + +```bash +$ pear install PHPUnit +$ phpunit --configuration phpunit.xml.dist +PHPUnit 3.7.10 by Sebastian Bergmann. +..... +Time: 0 seconds, Memory: 2.50Mb +OK (5 tests, 5 assertions) +``` + +New Lines in private keys +----- + +If your private key contains `\n` characters, be sure to wrap it in double quotes `""` +and not single quotes `''` in order to properly interpret the escaped characters. + +License +------- +[3-Clause BSD](http://opensource.org/licenses/BSD-3-Clause). diff --git a/web/vendor/firebase/php-jwt/composer.json b/web/vendor/firebase/php-jwt/composer.json new file mode 100644 index 000000000..b76ffd191 --- /dev/null +++ b/web/vendor/firebase/php-jwt/composer.json @@ -0,0 +1,29 @@ +{ + "name": "firebase/php-jwt", + "description": "A simple library to encode and decode JSON Web Tokens (JWT) in PHP. Should conform to the current spec.", + "homepage": "https://github.com/firebase/php-jwt", + "authors": [ + { + "name": "Neuman Vong", + "email": "neuman+pear@twilio.com", + "role": "Developer" + }, + { + "name": "Anant Narayanan", + "email": "anant@php.net", + "role": "Developer" + } + ], + "license": "BSD-3-Clause", + "require": { + "php": ">=5.3.0" + }, + "autoload": { + "psr-4": { + "Firebase\\JWT\\": "src" + } + }, + "require-dev": { + "phpunit/phpunit": " 4.8.35" + } +} diff --git a/web/vendor/firebase/php-jwt/src/BeforeValidException.php b/web/vendor/firebase/php-jwt/src/BeforeValidException.php new file mode 100644 index 000000000..a6ee2f7c6 --- /dev/null +++ b/web/vendor/firebase/php-jwt/src/BeforeValidException.php @@ -0,0 +1,7 @@ + + * @author Anant Narayanan + * @license http://opensource.org/licenses/BSD-3-Clause 3-clause BSD + * @link https://github.com/firebase/php-jwt + */ +class JWT +{ + + /** + * When checking nbf, iat or expiration times, + * we want to provide some extra leeway time to + * account for clock skew. + */ + public static $leeway = 0; + + /** + * Allow the current timestamp to be specified. + * Useful for fixing a value within unit testing. + * + * Will default to PHP time() value if null. + */ + public static $timestamp = null; + + public static $supported_algs = array( + 'HS256' => array('hash_hmac', 'SHA256'), + 'HS512' => array('hash_hmac', 'SHA512'), + 'HS384' => array('hash_hmac', 'SHA384'), + 'RS256' => array('openssl', 'SHA256'), + 'RS384' => array('openssl', 'SHA384'), + 'RS512' => array('openssl', 'SHA512'), + ); + + /** + * Decodes a JWT string into a PHP object. + * + * @param string $jwt The JWT + * @param string|array $key The key, or map of keys. + * If the algorithm used is asymmetric, this is the public key + * @param array $allowed_algs List of supported verification algorithms + * Supported algorithms are 'HS256', 'HS384', 'HS512' and 'RS256' + * + * @return object The JWT's payload as a PHP object + * + * @throws UnexpectedValueException Provided JWT was invalid + * @throws SignatureInvalidException Provided JWT was invalid because the signature verification failed + * @throws BeforeValidException Provided JWT is trying to be used before it's eligible as defined by 'nbf' + * @throws BeforeValidException Provided JWT is trying to be used before it's been created as defined by 'iat' + * @throws ExpiredException Provided JWT has since expired, as defined by the 'exp' claim + * + * @uses jsonDecode + * @uses urlsafeB64Decode + */ + public static function decode($jwt, $key, array $allowed_algs = array()) + { + $timestamp = is_null(static::$timestamp) ? time() : static::$timestamp; + + if (empty($key)) { + throw new InvalidArgumentException('Key may not be empty'); + } + $tks = explode('.', $jwt); + if (count($tks) != 3) { + throw new UnexpectedValueException('Wrong number of segments'); + } + list($headb64, $bodyb64, $cryptob64) = $tks; + if (null === ($header = static::jsonDecode(static::urlsafeB64Decode($headb64)))) { + throw new UnexpectedValueException('Invalid header encoding'); + } + if (null === $payload = static::jsonDecode(static::urlsafeB64Decode($bodyb64))) { + throw new UnexpectedValueException('Invalid claims encoding'); + } + if (false === ($sig = static::urlsafeB64Decode($cryptob64))) { + throw new UnexpectedValueException('Invalid signature encoding'); + } + if (empty($header->alg)) { + throw new UnexpectedValueException('Empty algorithm'); + } + if (empty(static::$supported_algs[$header->alg])) { + throw new UnexpectedValueException('Algorithm not supported'); + } + if (!in_array($header->alg, $allowed_algs)) { + throw new UnexpectedValueException('Algorithm not allowed'); + } + if (is_array($key) || $key instanceof \ArrayAccess) { + if (isset($header->kid)) { + if (!isset($key[$header->kid])) { + throw new UnexpectedValueException('"kid" invalid, unable to lookup correct key'); + } + $key = $key[$header->kid]; + } else { + throw new UnexpectedValueException('"kid" empty, unable to lookup correct key'); + } + } + + // Check the signature + if (!static::verify("$headb64.$bodyb64", $sig, $key, $header->alg)) { + throw new SignatureInvalidException('Signature verification failed'); + } + + // Check if the nbf if it is defined. This is the time that the + // token can actually be used. If it's not yet that time, abort. + if (isset($payload->nbf) && $payload->nbf > ($timestamp + static::$leeway)) { + throw new BeforeValidException( + 'Cannot handle token prior to ' . date(DateTime::ISO8601, $payload->nbf) + ); + } + + // Check that this token has been created before 'now'. This prevents + // using tokens that have been created for later use (and haven't + // correctly used the nbf claim). + if (isset($payload->iat) && $payload->iat > ($timestamp + static::$leeway)) { + throw new BeforeValidException( + 'Cannot handle token prior to ' . date(DateTime::ISO8601, $payload->iat) + ); + } + + // Check if this token has expired. + if (isset($payload->exp) && ($timestamp - static::$leeway) >= $payload->exp) { + throw new ExpiredException('Expired token'); + } + + return $payload; + } + + /** + * Converts and signs a PHP object or array into a JWT string. + * + * @param object|array $payload PHP object or array + * @param string $key The secret key. + * If the algorithm used is asymmetric, this is the private key + * @param string $alg The signing algorithm. + * Supported algorithms are 'HS256', 'HS384', 'HS512' and 'RS256' + * @param mixed $keyId + * @param array $head An array with header elements to attach + * + * @return string A signed JWT + * + * @uses jsonEncode + * @uses urlsafeB64Encode + */ + public static function encode($payload, $key, $alg = 'HS256', $keyId = null, $head = null) + { + $header = array('typ' => 'JWT', 'alg' => $alg); + if ($keyId !== null) { + $header['kid'] = $keyId; + } + if ( isset($head) && is_array($head) ) { + $header = array_merge($head, $header); + } + $segments = array(); + $segments[] = static::urlsafeB64Encode(static::jsonEncode($header)); + $segments[] = static::urlsafeB64Encode(static::jsonEncode($payload)); + $signing_input = implode('.', $segments); + + $signature = static::sign($signing_input, $key, $alg); + $segments[] = static::urlsafeB64Encode($signature); + + return implode('.', $segments); + } + + /** + * Sign a string with a given key and algorithm. + * + * @param string $msg The message to sign + * @param string|resource $key The secret key + * @param string $alg The signing algorithm. + * Supported algorithms are 'HS256', 'HS384', 'HS512' and 'RS256' + * + * @return string An encrypted message + * + * @throws DomainException Unsupported algorithm was specified + */ + public static function sign($msg, $key, $alg = 'HS256') + { + if (empty(static::$supported_algs[$alg])) { + throw new DomainException('Algorithm not supported'); + } + list($function, $algorithm) = static::$supported_algs[$alg]; + switch($function) { + case 'hash_hmac': + return hash_hmac($algorithm, $msg, $key, true); + case 'openssl': + $signature = ''; + $success = openssl_sign($msg, $signature, $key, $algorithm); + if (!$success) { + throw new DomainException("OpenSSL unable to sign data"); + } else { + return $signature; + } + } + } + + /** + * Verify a signature with the message, key and method. Not all methods + * are symmetric, so we must have a separate verify and sign method. + * + * @param string $msg The original message (header and body) + * @param string $signature The original signature + * @param string|resource $key For HS*, a string key works. for RS*, must be a resource of an openssl public key + * @param string $alg The algorithm + * + * @return bool + * + * @throws DomainException Invalid Algorithm or OpenSSL failure + */ + private static function verify($msg, $signature, $key, $alg) + { + if (empty(static::$supported_algs[$alg])) { + throw new DomainException('Algorithm not supported'); + } + + list($function, $algorithm) = static::$supported_algs[$alg]; + switch($function) { + case 'openssl': + $success = openssl_verify($msg, $signature, $key, $algorithm); + if ($success === 1) { + return true; + } elseif ($success === 0) { + return false; + } + // returns 1 on success, 0 on failure, -1 on error. + throw new DomainException( + 'OpenSSL error: ' . openssl_error_string() + ); + case 'hash_hmac': + default: + $hash = hash_hmac($algorithm, $msg, $key, true); + if (function_exists('hash_equals')) { + return hash_equals($signature, $hash); + } + $len = min(static::safeStrlen($signature), static::safeStrlen($hash)); + + $status = 0; + for ($i = 0; $i < $len; $i++) { + $status |= (ord($signature[$i]) ^ ord($hash[$i])); + } + $status |= (static::safeStrlen($signature) ^ static::safeStrlen($hash)); + + return ($status === 0); + } + } + + /** + * Decode a JSON string into a PHP object. + * + * @param string $input JSON string + * + * @return object Object representation of JSON string + * + * @throws DomainException Provided string was invalid JSON + */ + public static function jsonDecode($input) + { + if (version_compare(PHP_VERSION, '5.4.0', '>=') && !(defined('JSON_C_VERSION') && PHP_INT_SIZE > 4)) { + /** In PHP >=5.4.0, json_decode() accepts an options parameter, that allows you + * to specify that large ints (like Steam Transaction IDs) should be treated as + * strings, rather than the PHP default behaviour of converting them to floats. + */ + $obj = json_decode($input, false, 512, JSON_BIGINT_AS_STRING); + } else { + /** Not all servers will support that, however, so for older versions we must + * manually detect large ints in the JSON string and quote them (thus converting + *them to strings) before decoding, hence the preg_replace() call. + */ + $max_int_length = strlen((string) PHP_INT_MAX) - 1; + $json_without_bigints = preg_replace('/:\s*(-?\d{'.$max_int_length.',})/', ': "$1"', $input); + $obj = json_decode($json_without_bigints); + } + + if (function_exists('json_last_error') && $errno = json_last_error()) { + static::handleJsonError($errno); + } elseif ($obj === null && $input !== 'null') { + throw new DomainException('Null result with non-null input'); + } + return $obj; + } + + /** + * Encode a PHP object into a JSON string. + * + * @param object|array $input A PHP object or array + * + * @return string JSON representation of the PHP object or array + * + * @throws DomainException Provided object could not be encoded to valid JSON + */ + public static function jsonEncode($input) + { + $json = json_encode($input); + if (function_exists('json_last_error') && $errno = json_last_error()) { + static::handleJsonError($errno); + } elseif ($json === 'null' && $input !== null) { + throw new DomainException('Null result with non-null input'); + } + return $json; + } + + /** + * Decode a string with URL-safe Base64. + * + * @param string $input A Base64 encoded string + * + * @return string A decoded string + */ + public static function urlsafeB64Decode($input) + { + $remainder = strlen($input) % 4; + if ($remainder) { + $padlen = 4 - $remainder; + $input .= str_repeat('=', $padlen); + } + return base64_decode(strtr($input, '-_', '+/')); + } + + /** + * Encode a string with URL-safe Base64. + * + * @param string $input The string you want encoded + * + * @return string The base64 encode of what you passed in + */ + public static function urlsafeB64Encode($input) + { + return str_replace('=', '', strtr(base64_encode($input), '+/', '-_')); + } + + /** + * Helper method to create a JSON error. + * + * @param int $errno An error number from json_last_error() + * + * @return void + */ + private static function handleJsonError($errno) + { + $messages = array( + JSON_ERROR_DEPTH => 'Maximum stack depth exceeded', + JSON_ERROR_STATE_MISMATCH => 'Invalid or malformed JSON', + JSON_ERROR_CTRL_CHAR => 'Unexpected control character found', + JSON_ERROR_SYNTAX => 'Syntax error, malformed JSON', + JSON_ERROR_UTF8 => 'Malformed UTF-8 characters' //PHP >= 5.3.3 + ); + throw new DomainException( + isset($messages[$errno]) + ? $messages[$errno] + : 'Unknown JSON error: ' . $errno + ); + } + + /** + * Get the number of bytes in cryptographic strings. + * + * @param string + * + * @return int + */ + private static function safeStrlen($str) + { + if (function_exists('mb_strlen')) { + return mb_strlen($str, '8bit'); + } + return strlen($str); + } +} diff --git a/web/vendor/firebase/php-jwt/src/SignatureInvalidException.php b/web/vendor/firebase/php-jwt/src/SignatureInvalidException.php new file mode 100644 index 000000000..27332b21b --- /dev/null +++ b/web/vendor/firebase/php-jwt/src/SignatureInvalidException.php @@ -0,0 +1,7 @@ + Date: Sun, 5 May 2019 07:50:52 -0400 Subject: [PATCH 060/922] fixed module path --- web/.gitignore | 2 +- web/includes/auth.php | 2 +- 2 files changed, 2 insertions(+), 2 deletions(-) diff --git a/web/.gitignore b/web/.gitignore index 90d971d4b..354e5470b 100644 --- a/web/.gitignore +++ b/web/.gitignore @@ -4,8 +4,8 @@ /app/tmp /lib/Cake/Console/Templates/skel/tmp/ /plugins -/vendors /build +/vendors /dist /tags /app/webroot/events diff --git a/web/includes/auth.php b/web/includes/auth.php index 52391d435..7c8c24527 100644 --- a/web/includes/auth.php +++ b/web/includes/auth.php @@ -19,7 +19,7 @@ // // require_once('session.php'); -require_once ('../vendor/autoload.php'); +require_once(__DIR__.'/../vendor/autoload.php'); use \Firebase\JWT\JWT; From a55a11dad1249d6db7a0cfb578e5752cf6bb9186 Mon Sep 17 00:00:00 2001 From: Pliable Pixels Date: Sun, 5 May 2019 11:24:55 -0400 Subject: [PATCH 061/922] first attempt to fix cast error --- .gitmodules | 3 --- web/includes/auth.php | 33 ++++++++++++++++++++++----------- 2 files changed, 22 insertions(+), 14 deletions(-) diff --git a/.gitmodules b/.gitmodules index f5bcf359d..2ec483d25 100644 --- a/.gitmodules +++ b/.gitmodules @@ -8,6 +8,3 @@ [submodule "third_party/bcrypt"] path = third_party/bcrypt url = https://github.com/pliablepixels/libbcrypt -[submodule "third_party/jwt-cpp"] - path = third_party/jwt-cpp - url = https://github.com/Thalhammer/jwt-cpp diff --git a/web/includes/auth.php b/web/includes/auth.php index 7c8c24527..3f575d4c2 100644 --- a/web/includes/auth.php +++ b/web/includes/auth.php @@ -51,16 +51,7 @@ function userLogin($username='', $password='', $passwordHashed=false) { global $user; - $key = "example_key"; - $token = array( - "iss" => "http://example.org", - "aud" => "http://example.com", - "iat" => 1356999524, - "nbf" => 1357000000 - ); - $jwt = JWT::encode($token, $key); - - ZM\Info ("JWT token is $jwt"); + if ( !$username and isset($_REQUEST['username']) ) @@ -233,8 +224,28 @@ function getAuthUser($auth) { function generateAuthHash($useRemoteAddr, $force=false) { if ( ZM_OPT_USE_AUTH and ZM_AUTH_RELAY == 'hashed' and isset($_SESSION['username']) and $_SESSION['passwordHash'] ) { - # regenerate a hash at half the liftetime of a hash, an hour is 3600 so half is 1800 $time = time(); + $key = ZM_AUTH_HASH_SECRET; + $issuedAt = time(); + $expireAt = $issuedAt + ZM_AUTH_HASH_TTL * 3600; + + + $token = array( + "iss" => "ZoneMinder", + "iat" => $issuedAt, + "exp" => $expireAt + + ); + + if ($useRemoteAddr) { + $token['remote_addr'] = $_SESSION['remoteAddr']; + } + + + $jwt = JWT::encode($token, $key); + + ZM\Info ("JWT token is $jwt"); + $mintime = $time - ( ZM_AUTH_HASH_TTL * 1800 ); if ( $force or ( !isset($_SESSION['AuthHash'.$_SESSION['remoteAddr']]) ) or ( $_SESSION['AuthHashGeneratedAt'] < $mintime ) ) { From e9d3dd1987cc8c658607508df9b681183cdcfbd7 Mon Sep 17 00:00:00 2001 From: Pliable Pixels Date: Sun, 5 May 2019 11:26:01 -0400 Subject: [PATCH 062/922] own fork --- third_party/jwt-cpp | 1 - 1 file changed, 1 deletion(-) delete mode 160000 third_party/jwt-cpp diff --git a/third_party/jwt-cpp b/third_party/jwt-cpp deleted file mode 160000 index dd0337e64..000000000 --- a/third_party/jwt-cpp +++ /dev/null @@ -1 +0,0 @@ -Subproject commit dd0337e64c19b5c6290b30429a9eedafadcae4b7 From 31c7cc31a28197795f0c8bcbd202de5bf2364e95 Mon Sep 17 00:00:00 2001 From: Pliable Pixels Date: Sun, 5 May 2019 11:26:20 -0400 Subject: [PATCH 063/922] own fork --- .gitmodules | 3 +++ third_party/jwt-cpp | 1 + 2 files changed, 4 insertions(+) create mode 160000 third_party/jwt-cpp diff --git a/.gitmodules b/.gitmodules index 2ec483d25..0bbfbb368 100644 --- a/.gitmodules +++ b/.gitmodules @@ -8,3 +8,6 @@ [submodule "third_party/bcrypt"] path = third_party/bcrypt url = https://github.com/pliablepixels/libbcrypt +[submodule "third_party/jwt-cpp"] + path = third_party/jwt-cpp + url = https://github.com/pliablepixels/jwt-cpp diff --git a/third_party/jwt-cpp b/third_party/jwt-cpp new file mode 160000 index 000000000..3dbc5a092 --- /dev/null +++ b/third_party/jwt-cpp @@ -0,0 +1 @@ +Subproject commit 3dbc5a0929aa3e53a47cbffac546f3d7877c41b5 From 37040f33a824f6075c32ca4834ae500e250cc76e Mon Sep 17 00:00:00 2001 From: Pliable Pixels Date: Sun, 5 May 2019 12:49:33 -0400 Subject: [PATCH 064/922] add composer vendor directory --- web/CMakeLists.txt | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/web/CMakeLists.txt b/web/CMakeLists.txt index 50e5f9998..b3d097739 100644 --- a/web/CMakeLists.txt +++ b/web/CMakeLists.txt @@ -9,7 +9,7 @@ add_subdirectory(tools/mootools) configure_file(includes/config.php.in "${CMAKE_CURRENT_BINARY_DIR}/includes/config.php" @ONLY) # Install the web files -install(DIRECTORY api ajax css fonts graphics includes js lang skins tools views DESTINATION "${ZM_WEBDIR}" PATTERN "*.in" EXCLUDE PATTERN "*Make*" EXCLUDE PATTERN "*cmake*" EXCLUDE) +install(DIRECTORY vendor api ajax css fonts graphics includes js lang skins tools views DESTINATION "${ZM_WEBDIR}" PATTERN "*.in" EXCLUDE PATTERN "*Make*" EXCLUDE PATTERN "*cmake*" EXCLUDE) install(FILES index.php robots.txt DESTINATION "${ZM_WEBDIR}") install(FILES "${CMAKE_CURRENT_BINARY_DIR}/includes/config.php" DESTINATION "${ZM_WEBDIR}/includes") From ca3f65deef7f7664cef0af55c4e874dcd8b3e51f Mon Sep 17 00:00:00 2001 From: Pliable Pixels Date: Sun, 5 May 2019 14:32:09 -0400 Subject: [PATCH 065/922] go back to jwt-cpp as PR merged --- .gitmodules | 3 --- third_party/jwt-cpp | 1 - web/includes/auth.php | 3 ++- 3 files changed, 2 insertions(+), 5 deletions(-) delete mode 160000 third_party/jwt-cpp diff --git a/.gitmodules b/.gitmodules index 0bbfbb368..2ec483d25 100644 --- a/.gitmodules +++ b/.gitmodules @@ -8,6 +8,3 @@ [submodule "third_party/bcrypt"] path = third_party/bcrypt url = https://github.com/pliablepixels/libbcrypt -[submodule "third_party/jwt-cpp"] - path = third_party/jwt-cpp - url = https://github.com/pliablepixels/jwt-cpp diff --git a/third_party/jwt-cpp b/third_party/jwt-cpp deleted file mode 160000 index 3dbc5a092..000000000 --- a/third_party/jwt-cpp +++ /dev/null @@ -1 +0,0 @@ -Subproject commit 3dbc5a0929aa3e53a47cbffac546f3d7877c41b5 diff --git a/web/includes/auth.php b/web/includes/auth.php index 3f575d4c2..b6340bcfc 100644 --- a/web/includes/auth.php +++ b/web/includes/auth.php @@ -233,7 +233,8 @@ function generateAuthHash($useRemoteAddr, $force=false) { $token = array( "iss" => "ZoneMinder", "iat" => $issuedAt, - "exp" => $expireAt + "exp" => $expireAt, + "user" => $_SESSION['username'] ); From 37f915ec0f912aca5a5fd2945ad4e5d1a11954d2 Mon Sep 17 00:00:00 2001 From: Pliable Pixels Date: Sun, 5 May 2019 14:32:54 -0400 Subject: [PATCH 066/922] moved to jwt-cpp after PR merge --- .gitmodules | 3 +++ third_party/jwt-cpp | 1 + 2 files changed, 4 insertions(+) create mode 160000 third_party/jwt-cpp diff --git a/.gitmodules b/.gitmodules index 2ec483d25..f5bcf359d 100644 --- a/.gitmodules +++ b/.gitmodules @@ -8,3 +8,6 @@ [submodule "third_party/bcrypt"] path = third_party/bcrypt url = https://github.com/pliablepixels/libbcrypt +[submodule "third_party/jwt-cpp"] + path = third_party/jwt-cpp + url = https://github.com/Thalhammer/jwt-cpp diff --git a/third_party/jwt-cpp b/third_party/jwt-cpp new file mode 160000 index 000000000..bfca4f6a8 --- /dev/null +++ b/third_party/jwt-cpp @@ -0,0 +1 @@ +Subproject commit bfca4f6a87bfd9d9a259939d0524169827a3a862 From f0e5a435cfab40d17a9edaec4a16e92a40824a49 Mon Sep 17 00:00:00 2001 From: Isaac Connor Date: Mon, 6 May 2019 10:04:53 -0400 Subject: [PATCH 067/922] spacing and quotes, but the main change is using aud_print instead of Info --- scripts/zmaudit.pl.in | 64 +++++++++++++++++++++---------------------- 1 file changed, 32 insertions(+), 32 deletions(-) diff --git a/scripts/zmaudit.pl.in b/scripts/zmaudit.pl.in index 41c8b0e75..d704e169b 100644 --- a/scripts/zmaudit.pl.in +++ b/scripts/zmaudit.pl.in @@ -488,21 +488,21 @@ MAIN: while( $loop ) { my $monitor_links; foreach my $link ( glob('*') ) { - next if ( !-l $link ); - next if ( -e $link ); + next if !-l $link; + next if -e $link; - aud_print( "Filesystem monitor link '$link' does not point to valid monitor directory" ); + aud_print("Filesystem monitor link '$link' does not point to valid monitor directory"); if ( confirm() ) { ( $link ) = ( $link =~ /^(.*)$/ ); # De-taint my $command = qq`rm "$link"`; - executeShellCommand( $command ); + executeShellCommand($command); $cleaned = 1; } - } + } # end foreach monitor link } # end foreach Storage Area if ( $cleaned ) { - Debug("Events were deleted, starting again."); + Debug('Events were deleted, starting again.'); redo MAIN; } @@ -559,8 +559,8 @@ EVENT: while ( my ( $db_event, $age ) = each( %$db_events ) ) { Warning("Event $$Event{Id} is Archived. Taking no further action on it."); next; } - if ( ! $Event->StartTime() ) { - Info("Event $$Event{Id} has no start time."); + if ( !$Event->StartTime() ) { + aud_print("Event $$Event{Id} has no start time."); if ( confirm() ) { $Event->delete(); $cleaned = 1; @@ -569,7 +569,7 @@ EVENT: while ( my ( $db_event, $age ) = each( %$db_events ) ) { } if ( ! $Event->EndTime() ) { if ( $age > $Config{ZM_AUDIT_MIN_AGE} ) { - Info("Event $$Event{Id} has no end time and is $age seconds old. deleting it."); + aud_print("Event $$Event{Id} has no end time and is $age seconds old. Deleting it."); if ( confirm() ) { $Event->delete(); $cleaned = 1; @@ -578,7 +578,7 @@ EVENT: while ( my ( $db_event, $age ) = each( %$db_events ) ) { } } if ( $Event->check_for_in_filesystem() ) { - Debug("Database event $$Event{Id} apparently exists at " . $Event->Path() ); + Debug("Database event $$Event{Id} apparently exists at " . $Event->Path()); } else { if ( $age > $Config{ZM_AUDIT_MIN_AGE} ) { aud_print("Database event '$db_monitor/$db_event' does not exist at " . $Event->Path().' in filesystem, deleting'); @@ -587,14 +587,14 @@ EVENT: while ( my ( $db_event, $age ) = each( %$db_events ) ) { $cleaned = 1; } } else { - aud_print( "Database event '".$Event->Path()." monitor:$db_monitor event:$db_event' does not exist in filesystem but too young to delete age: $age > MIN $Config{ZM_AUDIT_MIN_AGE}.\n" ); + aud_print("Database event '".$Event->Path()." monitor:$db_monitor event:$db_event' does not exist in filesystem but too young to delete age: $age > MIN $Config{ZM_AUDIT_MIN_AGE}."); } } # end if exists in filesystem } else { Debug("Found fs event for id $db_event, $age seconds old at " . $$fs_events{$db_event}->Path()); my $Event = ZoneMinder::Event->find_one( Id=>$db_event ); if ( $Event and ! $Event->check_for_in_filesystem() ) { - Warning("Not found at " . $Event->Path() . ' was found at ' . $$fs_events{$db_event}->Path() ); + Warning('Not found at ' . $Event->Path() . ' was found at ' . $$fs_events{$db_event}->Path()); Warning($Event->to_string()); Warning($$fs_events{$db_event}->to_string()); $$Event{Scheme} = '' if ! defined $$Event{Scheme}; @@ -622,7 +622,7 @@ EVENT: while ( my ( $db_event, $age ) = each( %$db_events ) ) { } # foreach db_event } # end foreach db_monitor if ( $cleaned ) { - Debug("Have done some cleaning, restarting."); + Debug('Have done some cleaning, restarting.'); redo MAIN; } @@ -904,25 +904,25 @@ FROM Frames WHERE EventId=?'; Monitors.MonthEvents = E.MonthEvents, Monitors.MonthEventDiskSpace = E.MonthEventDiskSpace `; - my $eventcounts_hour_sth = $dbh->prepare_cached( $eventcounts_hour_sql ); - my $eventcounts_day_sth = $dbh->prepare_cached( $eventcounts_day_sql ); - my $eventcounts_week_sth = $dbh->prepare_cached( $eventcounts_week_sql ); - my $eventcounts_month_sth = $dbh->prepare_cached( $eventcounts_month_sql ); - $eventcounts_hour_sth->execute( ) or Error( "Can't execute: ".$eventcounts_sth->errstr() ); - $eventcounts_day_sth->execute( ) or Error( "Can't execute: ".$eventcounts_sth->errstr() ); - $eventcounts_week_sth->execute( ) or Error( "Can't execute: ".$eventcounts_sth->errstr() ); - $eventcounts_month_sth->execute( ) or Error( "Can't execute: ".$eventcounts_sth->errstr() ); - sleep( $Config{ZM_AUDIT_CHECK_INTERVAL} ) if $continuous; + my $eventcounts_hour_sth = $dbh->prepare_cached($eventcounts_hour_sql); + my $eventcounts_day_sth = $dbh->prepare_cached($eventcounts_day_sql); + my $eventcounts_week_sth = $dbh->prepare_cached($eventcounts_week_sql); + my $eventcounts_month_sth = $dbh->prepare_cached($eventcounts_month_sql); + $eventcounts_hour_sth->execute() or Error("Can't execute: ".$eventcounts_sth->errstr()); + $eventcounts_day_sth->execute() or Error("Can't execute: ".$eventcounts_sth->errstr()); + $eventcounts_week_sth->execute() or Error("Can't execute: ".$eventcounts_sth->errstr()); + $eventcounts_month_sth->execute() or Error("Can't execute: ".$eventcounts_sth->errstr()); + sleep($Config{ZM_AUDIT_CHECK_INTERVAL}) if $continuous; }; Term(); sub aud_print { my $string = shift; - if ( ! $continuous ) { - print( $string ); + if ( !$continuous ) { + print($string); } else { - Info( $string ); + Info($string); } } @@ -932,13 +932,13 @@ sub confirm { my $yesno = 0; if ( $report ) { - print( "\n" ); + print("\n"); } elsif ( $interactive ) { - print( ", $prompt Y/n/q: " ); + print(", $prompt Y/n/q: "); my $char = <>; - chomp( $char ); + chomp($char); if ( $char eq 'q' ) { - exit( 0 ); + exit(0); } if ( !$char ) { $char = 'y'; @@ -946,13 +946,13 @@ sub confirm { $yesno = ( $char =~ /[yY]/ ); } else { if ( !$continuous ) { - print( ", $action\n" ); + print(", $action\n"); } else { - Info( $action ); + Info($action); } $yesno = 1; } - return( $yesno ); + return $yesno; } sub deleteSwapImage { From 1ca5eee53addfb071737167fe6b18bfe8983ee44 Mon Sep 17 00:00:00 2001 From: Isaac Connor Date: Mon, 6 May 2019 10:45:40 -0400 Subject: [PATCH 068/922] spacing --- web/skins/classic/views/options.php | 14 +++++++------- 1 file changed, 7 insertions(+), 7 deletions(-) diff --git a/web/skins/classic/views/options.php b/web/skins/classic/views/options.php index 389d49fe3..06948eafb 100644 --- a/web/skins/classic/views/options.php +++ b/web/skins/classic/views/options.php @@ -353,18 +353,18 @@ foreach ( array_map('basename', glob('skins/'.$current_skin.'/css/*',GLOB_ONLYDI checked="checked"/> 3 ) { + $options = explode('|', $value['Hint']); + if ( count($options) > 3 ) { ?> checked="checked"/> + checked="checked"/> Date: Mon, 6 May 2019 10:49:18 -0400 Subject: [PATCH 069/922] spacing --- web/includes/Storage.php | 20 ++++++++++---------- 1 file changed, 10 insertions(+), 10 deletions(-) diff --git a/web/includes/Storage.php b/web/includes/Storage.php index 67264f298..b3caa3ffa 100644 --- a/web/includes/Storage.php +++ b/web/includes/Storage.php @@ -44,7 +44,7 @@ class Storage { } public function Path() { - if ( isset( $this->{'Path'} ) and ( $this->{'Path'} != '' ) ) { + if ( isset($this->{'Path'}) and ( $this->{'Path'} != '' ) ) { return $this->{'Path'}; } else if ( ! isset($this->{'Id'}) ) { $path = ZM_DIR_EVENTS; @@ -58,7 +58,7 @@ class Storage { return $this->{'Name'}; } public function Name() { - if ( isset( $this->{'Name'} ) and ( $this->{'Name'} != '' ) ) { + if ( isset($this->{'Name'}) and ( $this->{'Name'} != '' ) ) { return $this->{'Name'}; } else if ( ! isset($this->{'Id'}) ) { return 'Default'; @@ -73,7 +73,7 @@ class Storage { if ( array_key_exists($fn, $this) ) return $this->{$fn}; - if ( array_key_exists( $fn, $this->defaults ) ) + if ( array_key_exists($fn, $this->defaults) ) return $this->defaults{$fn}; $backTrace = debug_backtrace(); @@ -96,7 +96,7 @@ class Storage { $results = Storage::find($parameters, $options); if ( count($results) > 1 ) { - Error("Storage Returned more than 1"); + Error('Storage Returned more than 1'); return $results[0]; } else if ( count($results) ) { return $results[0]; @@ -116,7 +116,7 @@ class Storage { $fields[] = $field.' IS NULL'; } else if ( is_array($value) ) { $func = function(){return '?';}; - $fields[] = $field.' IN ('.implode(',', array_map($func, $value)). ')'; + $fields[] = $field.' IN ('.implode(',', array_map($func, $value)).')'; $values += $value; } else { @@ -165,11 +165,11 @@ class Storage { $total = $this->disk_total_space(); if ( ! $total ) { - Error('disk_total_space returned false for ' . $path ); + Error('disk_total_space returned false for ' . $path); return 0; } $used = $this->disk_used_space(); - $usage = round( ($used / $total) * 100); + $usage = round(($used / $total) * 100); //Logger::Debug("Used $usage = round( ( $used / $total ) * 100 )"); return $usage; } @@ -208,7 +208,7 @@ class Storage { public function event_disk_space() { # This isn't a function like this in php, so we have to add up the space used in each event. if ( (! array_key_exists('DiskSpace', $this)) or (!$this->{'DiskSpace'}) ) { - $used = dbFetchOne('SELECT SUM(DiskSpace) AS DiskSpace FROM Events WHERE StorageId=? AND DiskSpace IS NOT NULL', 'DiskSpace', array($this->Id()) ); + $used = dbFetchOne('SELECT SUM(DiskSpace) AS DiskSpace FROM Events WHERE StorageId=? AND DiskSpace IS NOT NULL', 'DiskSpace', array($this->Id())); foreach ( Event::find(array('StorageId'=>$this->Id(), 'DiskSpace'=>null)) as $Event ) { $Event->Storage($this); // Prevent further db hit @@ -221,7 +221,7 @@ class Storage { public function Server() { if ( ! array_key_exists('Server',$this) ) { - $this->{'Server'}= new Server( $this->{'ServerId'} ); + $this->{'Server'}= new Server($this->{'ServerId'}); } return $this->{'Server'}; } @@ -239,5 +239,5 @@ class Storage { } return json_encode($json); } -} +} // end class Storage ?> From 9ef912f2ba6eb44cbb24fc20888a3c3cefa95903 Mon Sep 17 00:00:00 2001 From: Isaac Connor Date: Mon, 6 May 2019 10:50:12 -0400 Subject: [PATCH 070/922] add missing new event status info --- src/zm_monitor.cpp | 5 +++++ 1 file changed, 5 insertions(+) diff --git a/src/zm_monitor.cpp b/src/zm_monitor.cpp index 53efd1485..f58d59783 100644 --- a/src/zm_monitor.cpp +++ b/src/zm_monitor.cpp @@ -1727,6 +1727,11 @@ bool Monitor::Analyse() { ); closeEvent(); event = new Event(this, *timestamp, cause, noteSetMap); + shared_data->last_event = event->Id(); + //set up video store data + snprintf(video_store_data->event_file, sizeof(video_store_data->event_file), "%s", event->getEventFile()); + video_store_data->recording = event->StartTime(); + } } // end if event From faaec9e1d6742f747a5e327c7e79ab29b47cc2ac Mon Sep 17 00:00:00 2001 From: Chris Date: Mon, 6 May 2019 12:14:03 -0400 Subject: [PATCH 071/922] Another attempt to fix SQL Control values (#2600) --- db/zm_create.sql.in | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/db/zm_create.sql.in b/db/zm_create.sql.in index 787854091..a5f5cb70c 100644 --- a/db/zm_create.sql.in +++ b/db/zm_create.sql.in @@ -789,7 +789,7 @@ INSERT INTO `Controls` VALUES (NULL,'IOS Camera','Ffmpeg','IPCAMIOS',0,0,0,0,0,0 INSERT INTO `Controls` VALUES (NULL,'Dericam P2','Ffmpeg','DericamP2',0,1,1,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,1,10,0,1,1,1,0,0,0,1,1,0,0,0,0,1,1,45,0,0,1,0,0,0,0,1,1,45,0,0,0,0); INSERT INTO `Controls` VALUES (NULL,'Trendnet','Remote','Trendnet',1,1,1,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,1,1,1,0,1,0,1,0,0,0,0,0,0,0,0,0,1,0,0,0,0,0,0,0,0,0,0,0); INSERT INTO `Controls` VALUES (NULL,'PSIA','Remote','PSIA',0,0,0,0,1,0,0,1,0,0,0,0,0,0,0,100,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,1,20,0,1,1,1,0,0,1,0,1,0,0,0,0,1,-100,100,0,0,1,0,0,0,0,1,-100,100,0,0,0,0); -INSERT INTO `Controls` VALUES (NULL,'Dahua','Ffmpeg','Dahua',0,0,1,1,1,1,0,0,1,0,0,0,0,0,0,0,0,1,0,0,1,0,0,0,0,0,0,0,0,1,0,0,1,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,1,20,1,1,1,1,0,0,1,0,1,0,0,0,0,0,0,0,0,0,1,0,0,0,0,0,0,0,0,0,0,0); +INSERT INTO `Controls` VALUES (NULL,'Dahua','Ffmpeg','Dahua',0,0,1,1,1,0,0,1,0,0,0,0,0,0,0,0,1,0,0,1,0,0,0,0,0,0,0,0,1,0,0,1,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,1,20,1,1,1,1,0,0,1,0,1,0,0,0,0,0,0,0,0,0,1,0,0,0,0,0,0,0,0,0,0,0); INSERT INTO `Controls` VALUES (NULL,'FOSCAMR2C','Libvlc','FOSCAMR2C',1,1,1,0,0,0,0,0,0,NULL,NULL,NULL,NULL,0,NULL,NULL,0,0,0,0,0,NULL,NULL,NULL,NULL,0,NULL,NULL,0,0,0,0,0,NULL,NULL,NULL,NULL,0,NULL,NULL,0,0,0,0,0,NULL,NULL,NULL,NULL,0,NULL,NULL,0,0,0,0,0,NULL,NULL,NULL,NULL,0,NULL,NULL,1,12,0,1,1,1,0,0,0,1,1,NULL,NULL,NULL,NULL,1,0,4,0,NULL,1,NULL,NULL,NULL,NULL,1,0,4,0,NULL,0,0); INSERT INTO `Controls` VALUES (NULL,'Amcrest HTTP API','Ffmpeg','Amcrest_HTTP',0,0,1,0,1,0,0,0,1,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,1,5,0,0,1,0,0,0,0,1,1,0,0,0,0,0,0,0,0,0,1,0,0,0,0,0,0,0,0,0,0,5); From 3a7b49560af03aaae460b7d8df445b22ddadb419 Mon Sep 17 00:00:00 2001 From: Isaac Connor Date: Mon, 6 May 2019 12:16:06 -0400 Subject: [PATCH 072/922] spacing --- src/zm_monitor.cpp | 18 +++++++++--------- 1 file changed, 9 insertions(+), 9 deletions(-) diff --git a/src/zm_monitor.cpp b/src/zm_monitor.cpp index d587eebc5..55ef699f0 100644 --- a/src/zm_monitor.cpp +++ b/src/zm_monitor.cpp @@ -780,17 +780,17 @@ int Monitor::GetImage( int index, int scale ) { Snapshot *snap = &image_buffer[index]; Image *snap_image = snap->image; - alarm_image.Assign( *snap_image ); + alarm_image.Assign(*snap_image); //write_image.Assign( *snap_image ); if ( scale != ZM_SCALE_BASE ) { - alarm_image.Scale( scale ); + alarm_image.Scale(scale); } if ( !config.timestamp_on_capture ) { - TimestampImage( &alarm_image, snap->timestamp ); + TimestampImage(&alarm_image, snap->timestamp); } image = &alarm_image; } else { @@ -798,12 +798,12 @@ int Monitor::GetImage( int index, int scale ) { } static char filename[PATH_MAX]; - snprintf( filename, sizeof(filename), "Monitor%d.jpg", id ); - image->WriteJpeg( filename ); + snprintf(filename, sizeof(filename), "Monitor%d.jpg", id); + image->WriteJpeg(filename); } else { - Error( "Unable to generate image, no images in buffer" ); + Error("Unable to generate image, no images in buffer"); } - return( 0 ); + return 0; } struct timeval Monitor::GetTimestamp( int index ) const { @@ -814,11 +814,11 @@ struct timeval Monitor::GetTimestamp( int index ) const { if ( index != image_buffer_count ) { Snapshot *snap = &image_buffer[index]; - return( *(snap->timestamp) ); + return *(snap->timestamp); } else { static struct timeval null_tv = { 0, 0 }; - return( null_tv ); + return null_tv; } } From 0bbc58297138856b9015f03b1d49e04ab5b14ba3 Mon Sep 17 00:00:00 2001 From: Pliable Pixels Date: Tue, 7 May 2019 15:03:13 -0400 Subject: [PATCH 073/922] New token= query for JWT --- web/api/app/Controller/AppController.php | 18 +++++++++++++----- 1 file changed, 13 insertions(+), 5 deletions(-) diff --git a/web/api/app/Controller/AppController.php b/web/api/app/Controller/AppController.php index 51575f055..840a14f58 100644 --- a/web/api/app/Controller/AppController.php +++ b/web/api/app/Controller/AppController.php @@ -73,19 +73,27 @@ class AppController extends Controller { $mUser = $this->request->query('user') ? $this->request->query('user') : $this->request->data('user'); $mPassword = $this->request->query('pass') ? $this->request->query('pass') : $this->request->data('pass'); - $mAuth = $this->request->query('auth') ? $this->request->query('auth') : $this->request->data('auth'); + $mToken = $this->request->query('token') ? $this->request->query('token') : $this->request->data('token'); if ( $mUser and $mPassword ) { - $user = userLogin($mUser, $mPassword); + $user = userLogin($mUser, $mPassword, true); if ( !$user ) { throw new UnauthorizedException(__('User not found or incorrect password')); return; } - } else if ( $mAuth ) { - $user = getAuthUser($mAuth); + } else if ( $mToken ) { + $ret = validateToken($mToken); + $user = $ret[0]; + $retstatus = $ret[1]; if ( !$user ) { - throw new UnauthorizedException(__('Invalid Auth Key')); + throw new UnauthorizedException(__($retstatus)); return; + } else if ( $mAuth ) { + $user = getAuthUser($mAuth); + if ( !$user ) { + throw new UnauthorizedException(__('Invalid Auth Key')); + return; + } } } // We need to reject methods that are not authenticated From d36c1f5d3ce9b55713d0600354d81296c988e5af Mon Sep 17 00:00:00 2001 From: Pliable Pixels Date: Tue, 7 May 2019 15:04:12 -0400 Subject: [PATCH 074/922] Add JWT token creation, move old code to a different function for future deprecation, simplified code for ZM_XX parameter reading --- web/api/app/Controller/HostController.php | 97 +++++++++++++++-------- 1 file changed, 63 insertions(+), 34 deletions(-) diff --git a/web/api/app/Controller/HostController.php b/web/api/app/Controller/HostController.php index 05b2ed3fa..d2a9cb203 100644 --- a/web/api/app/Controller/HostController.php +++ b/web/api/app/Controller/HostController.php @@ -31,17 +31,22 @@ class HostController extends AppController { } function login() { - $cred = $this->_getCredentials(); + $cred_depr = $this->_getCredentialsDeprecated(); $ver = $this->_getVersion(); $this->set(array( - 'credentials' => $cred[0], - 'append_password'=>$cred[1], + 'token'=>$cred[0], + 'token_expires'=>$cred[1] * 3600, // takes AUTH_HASH_TTL || 2 hrs as the default + 'credentials'=>$cred_depr[0], + 'append_password'=>$cred_depr[1], 'version' => $ver[0], 'apiversion' => $ver[1], - '_serialize' => array('credentials', - 'append_password', + '_serialize' => array( + 'token', + 'token_expires', 'version', + 'credentials', + 'append_password', 'apiversion' ))); } // end function login() @@ -56,41 +61,65 @@ class HostController extends AppController { )); } // end function logout() - - private function _getCredentials() { + + private function _getCredentialsDeprecated() { $credentials = ''; $appendPassword = 0; - $this->loadModel('Config'); - $isZmAuth = $this->Config->find('first',array('conditions' => array('Config.' . $this->Config->primaryKey => 'ZM_OPT_USE_AUTH')))['Config']['Value']; - - if ( $isZmAuth ) { - // In future, we may want to completely move to AUTH_HASH_LOGINS and return &auth= for all cases - require_once __DIR__ .'/../../../includes/auth.php'; # in the event we directly call getCredentials.json - - $zmAuthRelay = $this->Config->find('first',array('conditions' => array('Config.' . $this->Config->primaryKey => 'ZM_AUTH_RELAY')))['Config']['Value']; - if ( $zmAuthRelay == 'hashed' ) { - $zmAuthHashIps = $this->Config->find('first',array('conditions' => array('Config.' . $this->Config->primaryKey => 'ZM_AUTH_HASH_IPS')))['Config']['Value']; - // make sure auth is regenerated each time we call this API - $credentials = 'auth='.generateAuthHash($zmAuthHashIps,true); - } else { - // user will need to append the store password here + if (ZM_OPT_USE_AUTH) { + require_once __DIR__ .'/../../../includes/auth.php'; + if (ZM_AUTH_RELAY=='hashed') { + $credentials = 'auth='.generateAuthHash(ZM_AUTH_HASH_IPS,true); + } + else { $credentials = 'user='.$this->Session->read('Username').'&pass='; $appendPassword = 1; } + return array($credentials, $appendPassword); } - return array($credentials, $appendPassword); - } // end function _getCredentials - - function getCredentials() { - // ignore debug warnings from other functions - $this->view='Json'; - $val = $this->_getCredentials(); - $this->set(array( - 'credentials'=> $val[0], - 'append_password'=>$val[1], - '_serialize' => array('credentials', 'append_password') - ) ); } + + private function _getCredentials() { + $credentials = ''; + $this->loadModel('Config'); + + $isZmAuth = ZM_OPT_USE_AUTH; + $jwt = ''; + $ttl = ''; + + if ( $isZmAuth ) { + require_once __DIR__ .'/../../../includes/auth.php'; + require_once __DIR__.'/../../../vendor/autoload.php'; + $zmAuthRelay = ZM_AUTH_RELAY; + $zmAuthHashIps = NULL; + if ( $zmAuthRelay == 'hashed' ) { + $zmAuthHashIps = ZM_AUTH_HASH_IPS; + } + + $key = ZM_AUTH_HASH_SECRET; + if ($zmAuthHashIps) { + $key = $key . $_SERVER['REMOTE_ADDR']; + } + $issuedAt = time(); + $ttl = ZM_AUTH_HASH_TTL || 2; + + // print ("relay=".$zmAuthRelay." haship=".$zmAuthHashIps." remote ip=".$_SERVER['REMOTE_ADDR']); + + $expireAt = $issuedAt + $ttl * 3600; + $expireAt = $issuedAt + 30; // TEST REMOVE + + $token = array( + "iss" => "ZoneMinder", + "iat" => $issuedAt, + "exp" => $expireAt, + "user" => $_SESSION['username'] + ); + + //use \Firebase\JWT\JWT; + $jwt = \Firebase\JWT\JWT::encode($token, $key, 'HS256'); + + } + return array($jwt, $ttl); + } // end function _getCredentials // If $mid is set, only return disk usage for that monitor // Else, return an array of total disk usage, and per-monitor @@ -169,7 +198,7 @@ class HostController extends AppController { private function _getVersion() { $version = Configure::read('ZM_VERSION'); - $apiversion = '1.0'; + $apiversion = '2.0'; return array($version, $apiversion); } From e8f79f32549aef1cd4a1c4fbcb81ad008df67944 Mon Sep 17 00:00:00 2001 From: Pliable Pixels Date: Tue, 7 May 2019 15:04:51 -0400 Subject: [PATCH 075/922] JWT integration, validate JWT token via validateToken --- web/includes/auth.php | 83 +++++++++++++++++++++++++++++-------------- 1 file changed, 56 insertions(+), 27 deletions(-) diff --git a/web/includes/auth.php b/web/includes/auth.php index b6340bcfc..07e4be65f 100644 --- a/web/includes/auth.php +++ b/web/includes/auth.php @@ -46,14 +46,12 @@ function migrateHash($user, $pass) { } + // core function used to login a user to PHP. Is also used for cake sessions for the API -function userLogin($username='', $password='', $passwordHashed=false) { +function userLogin($username='', $password='', $passwordHashed=false, $apiLogin = false) { global $user; - - - if ( !$username and isset($_REQUEST['username']) ) $username = $_REQUEST['username']; if ( !$password and isset($_REQUEST['password']) ) @@ -61,7 +59,9 @@ function userLogin($username='', $password='', $passwordHashed=false) { // if true, a popup will display after login // lets validate reCaptcha if it exists - if ( defined('ZM_OPT_USE_GOOG_RECAPTCHA') + // this only applies if it userLogin was not called from API layer + if (!$apiLogin + && defined('ZM_OPT_USE_GOOG_RECAPTCHA') && defined('ZM_OPT_GOOG_RECAPTCHA_SECRETKEY') && defined('ZM_OPT_GOOG_RECAPTCHA_SITEKEY') && ZM_OPT_USE_GOOG_RECAPTCHA @@ -76,7 +76,7 @@ function userLogin($username='', $password='', $passwordHashed=false) { ); $res = do_post_request($url, http_build_query($fields)); $responseData = json_decode($res,true); - // PP - credit: https://github.com/google/recaptcha/blob/master/src/ReCaptcha/Response.php + // credit: https://github.com/google/recaptcha/blob/master/src/ReCaptcha/Response.php // if recaptcha resulted in error, we might have to deny login if ( isset($responseData['success']) && $responseData['success'] == false ) { // PP - before we deny auth, let's make sure the error was not 'invalid secret' @@ -140,7 +140,7 @@ function userLogin($username='', $password='', $passwordHashed=false) { ZM\Error ("Could not retrieve user $username details"); $_SESSION['loginFailed'] = true; unset($user); - return; + return false; } $close_session = 0; @@ -184,6 +184,53 @@ function userLogout() { zm_session_clear(); } + +function validateToken ($token) { + global $user; + $key = ZM_AUTH_HASH_SECRET; + if (ZM_AUTH_HASH_IPS) $key .= $_SERVER['REMOTE_ADDR']; + try { + $decoded_token = JWT::decode($token, $key, array('HS256')); + } catch (Exception $e) { + ZM\Error("Unable to authenticate user. error decoding JWT token:".$e->getMessage()); + + return array(false, $e->getMessage()); + } + + // convert from stdclass to array + $jwt_payload = json_decode(json_encode($decoded_token), true); + $username = $jwt_payload['user']; + $sql = 'SELECT * FROM Users WHERE Enabled=1 AND Username = ?'; + $sql_values = array($username); + + $saved_user_details = dbFetchOne ($sql, NULL, $sql_values); + + if ($saved_user_details) { + $user = $saved_user_details; + return array($user, "OK"); + } else { + ZM\Error ("Could not retrieve user $username details"); + $_SESSION['loginFailed'] = true; + unset($user); + return array(false, "No such user/credentials"); + } + + + // We are NOT checking against session username for now... + /* + // at this stage, token is valid, but lets validate user with session user + ZM\Info ("JWT user is ".$jwt['user']); + if ($jwt['user'] != $_SESSION['username']) { + ZM\Error ("Unable to authenticate user. Token doesn't belong to current user"); + return false; + } else { + ZM\Info ("Token validated for user:".$_SESSION['username']); + return $user; + } + */ + +} + function getAuthUser($auth) { if ( ZM_OPT_USE_AUTH && ZM_AUTH_RELAY == 'hashed' && !empty($auth) ) { $remoteAddr = ''; @@ -222,31 +269,13 @@ function getAuthUser($auth) { return false; } // end getAuthUser($auth) + + function generateAuthHash($useRemoteAddr, $force=false) { if ( ZM_OPT_USE_AUTH and ZM_AUTH_RELAY == 'hashed' and isset($_SESSION['username']) and $_SESSION['passwordHash'] ) { $time = time(); - $key = ZM_AUTH_HASH_SECRET; - $issuedAt = time(); - $expireAt = $issuedAt + ZM_AUTH_HASH_TTL * 3600; - $token = array( - "iss" => "ZoneMinder", - "iat" => $issuedAt, - "exp" => $expireAt, - "user" => $_SESSION['username'] - - ); - - if ($useRemoteAddr) { - $token['remote_addr'] = $_SESSION['remoteAddr']; - } - - - $jwt = JWT::encode($token, $key); - - ZM\Info ("JWT token is $jwt"); - $mintime = $time - ( ZM_AUTH_HASH_TTL * 1800 ); if ( $force or ( !isset($_SESSION['AuthHash'.$_SESSION['remoteAddr']]) ) or ( $_SESSION['AuthHashGeneratedAt'] < $mintime ) ) { From b293592e4c1655b9a5f1a79bd201a9ea33a75468 Mon Sep 17 00:00:00 2001 From: Pliable Pixels Date: Wed, 8 May 2019 10:55:32 -0400 Subject: [PATCH 076/922] added token validation to zms/zmu/zmuser --- src/zm_user.cpp | 64 +++++++++++++++++++++++ src/zm_user.h | 1 + src/zms.cpp | 13 ++++- src/zmu.cpp | 12 ++++- web/api/app/Controller/HostController.php | 2 +- web/includes/auth.php | 14 ----- 6 files changed, 87 insertions(+), 19 deletions(-) diff --git a/src/zm_user.cpp b/src/zm_user.cpp index 8766a2e8f..c0f622b15 100644 --- a/src/zm_user.cpp +++ b/src/zm_user.cpp @@ -139,6 +139,70 @@ User *zmLoadUser( const char *username, const char *password ) { } +User *zmLoadTokenUser (std::string jwt_token_str, bool use_remote_addr ) { + std::string key = config.auth_hash_secret; + std::string remote_addr = ""; + if (use_remote_addr) { + remote_addr = std::string(getenv( "REMOTE_ADDR" )); + if ( remote_addr == "" ) { + Warning( "Can't determine remote address, using null" ); + remote_addr = ""; + } + key += remote_addr; + } + + + Info ("Inside zmLoadTokenUser, formed key=%s", key.c_str()); + + auto decoded = jwt::decode(jwt_token_str); + + auto verifier = jwt::verify() + .allow_algorithm(jwt::algorithm::hs256{ key }) + .with_issuer("ZoneMinder"); + try { + verifier.verify(decoded); + } + catch (const Exception &e) { + Error( "Unable to verify token: %s", e.getMessage().c_str() ); + return 0; + } + // token is valid and not expired + if (decoded.has_payload_claim("user")) { + + // We only need to check if user is enabled in DB and pass on + // correct access permissions + std::string username = decoded.get_payload_claim("user").as_string(); + Info ("Got %s as user claim from token", username.c_str()); + char sql[ZM_SQL_MED_BUFSIZ] = ""; + snprintf(sql, sizeof(sql), + "SELECT Id, Username, Enabled, Stream+0, Events+0, Control+0, Monitors+0, System+0, MonitorIds" + " FROM Users where Username = '%s' and Enabled = 1", username.c_str() ); + + MYSQL_RES *result = mysql_store_result(&dbconn); + if ( !result ) { + Error("Can't use query result: %s", mysql_error(&dbconn)); + exit(mysql_errno(&dbconn)); + } + int n_users = mysql_num_rows(result); + + if ( n_users != 1 ) { + mysql_free_result(result); + Warning("Unable to authenticate user %s", username); + return NULL; + } + + MYSQL_ROW dbrow = mysql_fetch_row(result); + User *user = new User(dbrow); + Info ("Authenticated user '%s' via token", username.c_str()); + return user; + + } + else { + Error ("User not found in claim"); + return 0; + } +} + // Function to validate an authentication string User *zmLoadAuthUser( const char *auth, bool use_remote_addr ) { #if HAVE_DECL_MD5 || HAVE_DECL_GNUTLS_FINGERPRINT diff --git a/src/zm_user.h b/src/zm_user.h index 00c61185b..04842b318 100644 --- a/src/zm_user.h +++ b/src/zm_user.h @@ -77,6 +77,7 @@ public: User *zmLoadUser( const char *username, const char *password=0 ); User *zmLoadAuthUser( const char *auth, bool use_remote_addr ); +User *zmLoadTokenUser( std::string jwt, bool use_remote_addr); bool checkUser ( const char *username); bool checkPass (const char *password); diff --git a/src/zms.cpp b/src/zms.cpp index 0a3712938..0d4a22f45 100644 --- a/src/zms.cpp +++ b/src/zms.cpp @@ -70,6 +70,7 @@ int main( int argc, const char *argv[] ) { std::string username; std::string password; char auth[64] = ""; + std::string jwt_token_str = ""; unsigned int connkey = 0; unsigned int playback_buffer = 0; @@ -158,6 +159,10 @@ int main( int argc, const char *argv[] ) { playback_buffer = atoi(value); } else if ( !strcmp( name, "auth" ) ) { strncpy( auth, value, sizeof(auth)-1 ); + } else if ( !strcmp( name, "token" ) ) { + jwt_token_str = value; + Info("ZMS: JWT token found: %s", jwt_token_str.c_str()); + } else if ( !strcmp( name, "user" ) ) { username = UriDecode( value ); } else if ( !strcmp( name, "pass" ) ) { @@ -181,11 +186,15 @@ int main( int argc, const char *argv[] ) { if ( config.opt_use_auth ) { User *user = 0; - if ( strcmp(config.auth_relay, "none") == 0 ) { + if (jwt_token_str != "") { + user = zmLoadTokenUser(jwt_token_str, config.auth_hash_ips); + + } + else if ( strcmp(config.auth_relay, "none") == 0 ) { if ( checkUser(username.c_str()) ) { user = zmLoadUser(username.c_str()); } else { - Error("") + Error("Bad username"); } } else { diff --git a/src/zmu.cpp b/src/zmu.cpp index 2ad1471d5..4750e40e0 100644 --- a/src/zmu.cpp +++ b/src/zmu.cpp @@ -138,6 +138,7 @@ void Usage(int status=-1) { " -U, --username : When running in authenticated mode the username and\n" " -P, --password : password combination of the given user\n" " -A, --auth : Pass authentication hash string instead of user details\n" + " -T, --token : Pass JWT token string instead of user details\n" "", stderr ); exit(status); @@ -263,6 +264,7 @@ int main(int argc, char *argv[]) { char *username = 0; char *password = 0; char *auth = 0; + std::string jwt_token_str = ""; #if ZM_HAS_V4L #if ZM_HAS_V4L2 int v4lVersion = 2; @@ -378,6 +380,9 @@ int main(int argc, char *argv[]) { case 'A': auth = optarg; break; + case 'T': + jwt_token_str = std::string(optarg); + break; #if ZM_HAS_V4L case 'V': v4lVersion = (atoi(optarg)==1)?1:2; @@ -438,10 +443,13 @@ int main(int argc, char *argv[]) { user = zmLoadUser(username); } else { - if ( !(username && password) && !auth ) { - Error("Username and password or auth string must be supplied"); + if ( !(username && password) && !auth && (jwt_token_str=="")) { + Error("Username and password or auth/token string must be supplied"); exit_zmu(-1); } + if (jwt_token_str != "") { + user = zmLoadTokenUser(jwt_token_str, false); + } if ( auth ) { user = zmLoadAuthUser(auth, false); } diff --git a/web/api/app/Controller/HostController.php b/web/api/app/Controller/HostController.php index d2a9cb203..0a24b5e85 100644 --- a/web/api/app/Controller/HostController.php +++ b/web/api/app/Controller/HostController.php @@ -105,7 +105,7 @@ class HostController extends AppController { // print ("relay=".$zmAuthRelay." haship=".$zmAuthHashIps." remote ip=".$_SERVER['REMOTE_ADDR']); $expireAt = $issuedAt + $ttl * 3600; - $expireAt = $issuedAt + 30; // TEST REMOVE + $expireAt = $issuedAt + 60; // TEST REMOVE $token = array( "iss" => "ZoneMinder", diff --git a/web/includes/auth.php b/web/includes/auth.php index 07e4be65f..1e6f9c3a7 100644 --- a/web/includes/auth.php +++ b/web/includes/auth.php @@ -215,20 +215,6 @@ function validateToken ($token) { return array(false, "No such user/credentials"); } - - // We are NOT checking against session username for now... - /* - // at this stage, token is valid, but lets validate user with session user - ZM\Info ("JWT user is ".$jwt['user']); - if ($jwt['user'] != $_SESSION['username']) { - ZM\Error ("Unable to authenticate user. Token doesn't belong to current user"); - return false; - } else { - ZM\Info ("Token validated for user:".$_SESSION['username']); - return $user; - } - */ - } function getAuthUser($auth) { From bb18c305abe2375a700ea4bcbb2d54ed42baf7ba Mon Sep 17 00:00:00 2001 From: Pliable Pixels Date: Wed, 8 May 2019 11:08:27 -0400 Subject: [PATCH 077/922] add token to command line for zmu --- src/zmu.cpp | 3 ++- 1 file changed, 2 insertions(+), 1 deletion(-) diff --git a/src/zmu.cpp b/src/zmu.cpp index 4750e40e0..07f9ae8aa 100644 --- a/src/zmu.cpp +++ b/src/zmu.cpp @@ -243,6 +243,7 @@ int main(int argc, char *argv[]) { {"username", 1, 0, 'U'}, {"password", 1, 0, 'P'}, {"auth", 1, 0, 'A'}, + {"token", 1, 0, 'T'}, {"version", 1, 0, 'V'}, {"help", 0, 0, 'h'}, {"list", 0, 0, 'l'}, @@ -275,7 +276,7 @@ int main(int argc, char *argv[]) { while (1) { int option_index = 0; - int c = getopt_long(argc, argv, "d:m:vsEDLurwei::S:t::fz::ancqhlB::C::H::O::U:P:A:V:", long_options, &option_index); + int c = getopt_long(argc, argv, "d:m:vsEDLurwei::S:t::fz::ancqhlB::C::H::O::U:P:A:V:T:", long_options, &option_index); if ( c == -1 ) { break; } From 3a67217972d73d2ddcfe5a222604cdbd04b084ff Mon Sep 17 00:00:00 2001 From: Pliable Pixels Date: Wed, 8 May 2019 11:29:34 -0400 Subject: [PATCH 078/922] move decode inside try/catch --- src/zm_user.cpp | 86 +++++++++++++++++++++++++------------------------ 1 file changed, 44 insertions(+), 42 deletions(-) diff --git a/src/zm_user.cpp b/src/zm_user.cpp index c0f622b15..907ca6536 100644 --- a/src/zm_user.cpp +++ b/src/zm_user.cpp @@ -150,57 +150,59 @@ User *zmLoadTokenUser (std::string jwt_token_str, bool use_remote_addr ) { } key += remote_addr; } - Info ("Inside zmLoadTokenUser, formed key=%s", key.c_str()); - auto decoded = jwt::decode(jwt_token_str); - - auto verifier = jwt::verify() - .allow_algorithm(jwt::algorithm::hs256{ key }) - .with_issuer("ZoneMinder"); try { + + auto decoded = jwt::decode(jwt_token_str); + auto verifier = jwt::verify() + .allow_algorithm(jwt::algorithm::hs256{ key }) + .with_issuer("ZoneMinder"); + verifier.verify(decoded); - } + + // token is valid and not expired + if (decoded.has_payload_claim("user")) { + + // We only need to check if user is enabled in DB and pass on + // correct access permissions + std::string username = decoded.get_payload_claim("user").as_string(); + Info ("Got %s as user claim from token", username.c_str()); + char sql[ZM_SQL_MED_BUFSIZ] = ""; + snprintf(sql, sizeof(sql), + "SELECT Id, Username, Enabled, Stream+0, Events+0, Control+0, Monitors+0, System+0, MonitorIds" + " FROM Users where Username = '%s' and Enabled = 1", username.c_str() ); + + MYSQL_RES *result = mysql_store_result(&dbconn); + if ( !result ) { + Error("Can't use query result: %s", mysql_error(&dbconn)); + exit(mysql_errno(&dbconn)); + } + int n_users = mysql_num_rows(result); + + if ( n_users != 1 ) { + mysql_free_result(result); + Warning("Unable to authenticate user %s", username); + return NULL; + } + + MYSQL_ROW dbrow = mysql_fetch_row(result); + User *user = new User(dbrow); + Info ("Authenticated user '%s' via token", username.c_str()); + return user; + + } + else { + Error ("User not found in claim"); + return 0; + } + + } catch (const Exception &e) { Error( "Unable to verify token: %s", e.getMessage().c_str() ); return 0; } - // token is valid and not expired - if (decoded.has_payload_claim("user")) { - - // We only need to check if user is enabled in DB and pass on - // correct access permissions - std::string username = decoded.get_payload_claim("user").as_string(); - Info ("Got %s as user claim from token", username.c_str()); - char sql[ZM_SQL_MED_BUFSIZ] = ""; - snprintf(sql, sizeof(sql), - "SELECT Id, Username, Enabled, Stream+0, Events+0, Control+0, Monitors+0, System+0, MonitorIds" - " FROM Users where Username = '%s' and Enabled = 1", username.c_str() ); - - MYSQL_RES *result = mysql_store_result(&dbconn); - if ( !result ) { - Error("Can't use query result: %s", mysql_error(&dbconn)); - exit(mysql_errno(&dbconn)); - } - int n_users = mysql_num_rows(result); - - if ( n_users != 1 ) { - mysql_free_result(result); - Warning("Unable to authenticate user %s", username); - return NULL; - } - - MYSQL_ROW dbrow = mysql_fetch_row(result); - User *user = new User(dbrow); - Info ("Authenticated user '%s' via token", username.c_str()); - return user; - - } - else { - Error ("User not found in claim"); - return 0; - } } // Function to validate an authentication string From 04c3bebef92f96f7d58629e037a3f90c5134280e Mon Sep 17 00:00:00 2001 From: Pliable Pixels Date: Wed, 8 May 2019 11:44:15 -0400 Subject: [PATCH 079/922] exception handling for try/catch --- src/zm_user.cpp | 9 +++++++-- 1 file changed, 7 insertions(+), 2 deletions(-) diff --git a/src/zm_user.cpp b/src/zm_user.cpp index 907ca6536..e79332cb3 100644 --- a/src/zm_user.cpp +++ b/src/zm_user.cpp @@ -199,10 +199,15 @@ User *zmLoadTokenUser (std::string jwt_token_str, bool use_remote_addr ) { } } - catch (const Exception &e) { - Error( "Unable to verify token: %s", e.getMessage().c_str() ); + catch (const std::exception &e) { + Error("Unable to verify token: %s", e.what()); return 0; } + catch (...) { + Error ("unknown exception"); + + } + return 0; } // Function to validate an authentication string From 3c6d0131ffd232d5349a3395387690c40e8dd03a Mon Sep 17 00:00:00 2001 From: Pliable Pixels Date: Wed, 8 May 2019 12:06:37 -0400 Subject: [PATCH 080/922] fix db read, forgot to exec query --- src/zm_user.cpp | 7 ++++++- 1 file changed, 6 insertions(+), 1 deletion(-) diff --git a/src/zm_user.cpp b/src/zm_user.cpp index e79332cb3..0c8201fd2 100644 --- a/src/zm_user.cpp +++ b/src/zm_user.cpp @@ -172,7 +172,12 @@ User *zmLoadTokenUser (std::string jwt_token_str, bool use_remote_addr ) { char sql[ZM_SQL_MED_BUFSIZ] = ""; snprintf(sql, sizeof(sql), "SELECT Id, Username, Enabled, Stream+0, Events+0, Control+0, Monitors+0, System+0, MonitorIds" - " FROM Users where Username = '%s' and Enabled = 1", username.c_str() ); + " FROM Users WHERE Username = '%s' and Enabled = 1", username.c_str() ); + + if ( mysql_query(&dbconn, sql) ) { + Error("Can't run query: %s", mysql_error(&dbconn)); + exit(mysql_errno(&dbconn)); + } MYSQL_RES *result = mysql_store_result(&dbconn); if ( !result ) { From 27e6e46f849974c363145285851732f049a8f8f9 Mon Sep 17 00:00:00 2001 From: Pliable Pixels Date: Wed, 8 May 2019 12:11:32 -0400 Subject: [PATCH 081/922] remove allowing auth_hash_ip for token --- src/zms.cpp | 3 ++- web/api/app/Controller/HostController.php | 21 ++++++++++++--------- 2 files changed, 14 insertions(+), 10 deletions(-) diff --git a/src/zms.cpp b/src/zms.cpp index 0d4a22f45..8442b6a65 100644 --- a/src/zms.cpp +++ b/src/zms.cpp @@ -187,7 +187,8 @@ int main( int argc, const char *argv[] ) { User *user = 0; if (jwt_token_str != "") { - user = zmLoadTokenUser(jwt_token_str, config.auth_hash_ips); + //user = zmLoadTokenUser(jwt_token_str, config.auth_hash_ips); + user = zmLoadTokenUser(jwt_token_str, false); } else if ( strcmp(config.auth_relay, "none") == 0 ) { diff --git a/web/api/app/Controller/HostController.php b/web/api/app/Controller/HostController.php index 0a24b5e85..c867be605 100644 --- a/web/api/app/Controller/HostController.php +++ b/web/api/app/Controller/HostController.php @@ -82,23 +82,26 @@ class HostController extends AppController { $credentials = ''; $this->loadModel('Config'); - $isZmAuth = ZM_OPT_USE_AUTH; $jwt = ''; $ttl = ''; - if ( $isZmAuth ) { + if ( ZM_OPT_USE_AUTH ) { require_once __DIR__ .'/../../../includes/auth.php'; require_once __DIR__.'/../../../vendor/autoload.php'; - $zmAuthRelay = ZM_AUTH_RELAY; - $zmAuthHashIps = NULL; - if ( $zmAuthRelay == 'hashed' ) { - $zmAuthHashIps = ZM_AUTH_HASH_IPS; - } + $key = ZM_AUTH_HASH_SECRET; - if ($zmAuthHashIps) { + + /* we won't support AUTH_HASH_IPS in token mode + reasons: + a) counter-intuitive for mobile consumers + b) zmu will never be able to to validate via a token if we sign + it after appending REMOTE_ADDR + + if (ZM_AUTH_HASH_IPS) { $key = $key . $_SERVER['REMOTE_ADDR']; - } + }*/ + $issuedAt = time(); $ttl = ZM_AUTH_HASH_TTL || 2; From bc050fe330026c9b66c88babd0f3417c850311cb Mon Sep 17 00:00:00 2001 From: Pliable Pixels Date: Wed, 8 May 2019 13:38:42 -0400 Subject: [PATCH 082/922] support refresh tokens as well for increased security --- src/zm_user.cpp | 14 ++++++ web/api/app/Controller/AppController.php | 17 +++++-- web/api/app/Controller/HostController.php | 56 ++++++++++++++--------- web/includes/auth.php | 13 +++++- 4 files changed, 75 insertions(+), 25 deletions(-) diff --git a/src/zm_user.cpp b/src/zm_user.cpp index 0c8201fd2..eac3a4b0f 100644 --- a/src/zm_user.cpp +++ b/src/zm_user.cpp @@ -163,6 +163,19 @@ User *zmLoadTokenUser (std::string jwt_token_str, bool use_remote_addr ) { verifier.verify(decoded); // token is valid and not expired + + if (decoded.has_payload_claim("type")) { + std::string type = decoded.get_payload_claim("type").as_string(); + if (type != "access") { + Error ("Only access tokens are allowed. Please do not use refresh tokens"); + return 0; + } + } + else { + // something is wrong. All ZM tokens have type + Error ("Missing token type. This should not happen"); + return 0; + } if (decoded.has_payload_claim("user")) { // We only need to check if user is enabled in DB and pass on @@ -195,6 +208,7 @@ User *zmLoadTokenUser (std::string jwt_token_str, bool use_remote_addr ) { MYSQL_ROW dbrow = mysql_fetch_row(result); User *user = new User(dbrow); Info ("Authenticated user '%s' via token", username.c_str()); + mysql_free_result(result); return user; } diff --git a/web/api/app/Controller/AppController.php b/web/api/app/Controller/AppController.php index 840a14f58..23bd528b5 100644 --- a/web/api/app/Controller/AppController.php +++ b/web/api/app/Controller/AppController.php @@ -82,19 +82,30 @@ class AppController extends Controller { return; } } else if ( $mToken ) { - $ret = validateToken($mToken); + // if you pass a token to login, we should only allow + // refresh tokens to regenerate new access and refresh tokens + if ( !strcasecmp($this->params->action, 'login') ) { + $only_allow_token_type='refresh'; + } else { + // for any other methods, don't allow refresh tokens + // they are supposed to be infrequently used for security + // purposes + $only_allow_token_type='access'; + + } + $ret = validateToken($mToken, $only_allow_token_type); $user = $ret[0]; $retstatus = $ret[1]; if ( !$user ) { throw new UnauthorizedException(__($retstatus)); return; - } else if ( $mAuth ) { + } + } else if ( $mAuth ) { $user = getAuthUser($mAuth); if ( !$user ) { throw new UnauthorizedException(__('Invalid Auth Key')); return; } - } } // We need to reject methods that are not authenticated // besides login and logout diff --git a/web/api/app/Controller/HostController.php b/web/api/app/Controller/HostController.php index c867be605..747403dc3 100644 --- a/web/api/app/Controller/HostController.php +++ b/web/api/app/Controller/HostController.php @@ -35,15 +35,19 @@ class HostController extends AppController { $cred_depr = $this->_getCredentialsDeprecated(); $ver = $this->_getVersion(); $this->set(array( - 'token'=>$cred[0], - 'token_expires'=>$cred[1] * 3600, // takes AUTH_HASH_TTL || 2 hrs as the default + 'access_token'=>$cred[0], + 'access_token_expires'=>$cred[1], + 'refresh_token'=>$cred[2], + 'refresh_token_expires'=>$cred[3], 'credentials'=>$cred_depr[0], 'append_password'=>$cred_depr[1], 'version' => $ver[0], 'apiversion' => $ver[1], '_serialize' => array( - 'token', - 'token_expires', + 'access_token', + 'access_token_expires', + 'refresh_token', + 'refresh_token_expires', 'version', 'credentials', 'append_password', @@ -82,9 +86,6 @@ class HostController extends AppController { $credentials = ''; $this->loadModel('Config'); - $jwt = ''; - $ttl = ''; - if ( ZM_OPT_USE_AUTH ) { require_once __DIR__ .'/../../../includes/auth.php'; require_once __DIR__.'/../../../vendor/autoload.php'; @@ -102,27 +103,40 @@ class HostController extends AppController { $key = $key . $_SERVER['REMOTE_ADDR']; }*/ - $issuedAt = time(); - $ttl = ZM_AUTH_HASH_TTL || 2; + $access_issued_at = time(); + $access_ttl = (ZM_AUTH_HASH_TTL || 2) * 3600; - // print ("relay=".$zmAuthRelay." haship=".$zmAuthHashIps." remote ip=".$_SERVER['REMOTE_ADDR']); - - $expireAt = $issuedAt + $ttl * 3600; - $expireAt = $issuedAt + 60; // TEST REMOVE + // by default access token will expire in 2 hrs + // you can change it by changing the value of ZM_AUTH_HASH_TLL + $access_expire_at = $access_issued_at + $access_ttl; + $access_expire_at = $access_issued_at + 60; // TEST, REMOVE - $token = array( + $access_token = array( "iss" => "ZoneMinder", - "iat" => $issuedAt, - "exp" => $expireAt, - "user" => $_SESSION['username'] + "iat" => $access_issued_at, + "exp" => $access_expire_at, + "user" => $_SESSION['username'], + "type" => "access" ); - //use \Firebase\JWT\JWT; - $jwt = \Firebase\JWT\JWT::encode($token, $key, 'HS256'); + $jwt_access_token = \Firebase\JWT\JWT::encode($access_token, $key, 'HS256'); + + $refresh_issued_at = time(); + $refresh_ttl = 24 * 3600; // 1 day + + $refresh_expire_at = $refresh_issued_at + $refresh_ttl; + $refresh_token = array( + "iss" => "ZoneMinder", + "iat" => $refresh_issued_at, + "exp" => $refresh_expire_at, + "user" => $_SESSION['username'], + "type" => "refresh" + ); + $jwt_refresh_token = \Firebase\JWT\JWT::encode($refresh_token, $key, 'HS256'); } - return array($jwt, $ttl); - } // end function _getCredentials + return array($jwt_access_token, $access_ttl, $jwt_refresh_token, $refresh_ttl); + } // If $mid is set, only return disk usage for that monitor // Else, return an array of total disk usage, and per-monitor diff --git a/web/includes/auth.php b/web/includes/auth.php index 1e6f9c3a7..03e0fe0c6 100644 --- a/web/includes/auth.php +++ b/web/includes/auth.php @@ -185,7 +185,8 @@ function userLogout() { } -function validateToken ($token) { +function validateToken ($token, $allowed_token_type='access') { + global $user; $key = ZM_AUTH_HASH_SECRET; if (ZM_AUTH_HASH_IPS) $key .= $_SERVER['REMOTE_ADDR']; @@ -199,6 +200,16 @@ function validateToken ($token) { // convert from stdclass to array $jwt_payload = json_decode(json_encode($decoded_token), true); + + $type = $jwt_payload['type']; + if ($type != $allowed_token_type) { + if ($allowed_token_type == 'access') { + // give a hint that the user is not doing it right + ZM\Error ('Please do not use refresh tokens for this operation'); + } + return array (false, "Incorrect token type"); + } + $username = $jwt_payload['user']; $sql = 'SELECT * FROM Users WHERE Enabled=1 AND Username = ?'; $sql_values = array($username); From f9730bb46b1a5ee3a31d849b3c057335aafbe58f Mon Sep 17 00:00:00 2001 From: Pliable Pixels Date: Wed, 8 May 2019 14:07:48 -0400 Subject: [PATCH 083/922] remove auth_hash_ip --- web/includes/auth.php | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/web/includes/auth.php b/web/includes/auth.php index 03e0fe0c6..c446d0024 100644 --- a/web/includes/auth.php +++ b/web/includes/auth.php @@ -189,7 +189,7 @@ function validateToken ($token, $allowed_token_type='access') { global $user; $key = ZM_AUTH_HASH_SECRET; - if (ZM_AUTH_HASH_IPS) $key .= $_SERVER['REMOTE_ADDR']; + //if (ZM_AUTH_HASH_IPS) $key .= $_SERVER['REMOTE_ADDR']; try { $decoded_token = JWT::decode($token, $key, array('HS256')); } catch (Exception $e) { From 0bc96dfe83b0ef0f51d97d0b44236a11caf8a2ec Mon Sep 17 00:00:00 2001 From: Pliable Pixels Date: Wed, 8 May 2019 14:26:16 -0400 Subject: [PATCH 084/922] Error out if used did not create an AUTH_HASH_SECRET --- web/api/app/Controller/HostController.php | 4 +++- 1 file changed, 3 insertions(+), 1 deletion(-) diff --git a/web/api/app/Controller/HostController.php b/web/api/app/Controller/HostController.php index 747403dc3..91e0093a1 100644 --- a/web/api/app/Controller/HostController.php +++ b/web/api/app/Controller/HostController.php @@ -90,8 +90,10 @@ class HostController extends AppController { require_once __DIR__ .'/../../../includes/auth.php'; require_once __DIR__.'/../../../vendor/autoload.php'; - $key = ZM_AUTH_HASH_SECRET; + if (!$key) { + throw new ForbiddenException(__('Please create a valid AUTH_HASH_SECRET in ZoneMinder')); + } /* we won't support AUTH_HASH_IPS in token mode reasons: From c41a2d067cb641f217efb2e22ae225998eddf8ba Mon Sep 17 00:00:00 2001 From: Pliable Pixels Date: Wed, 8 May 2019 14:29:44 -0400 Subject: [PATCH 085/922] fixed type conversion --- src/zm_user.cpp | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/src/zm_user.cpp b/src/zm_user.cpp index eac3a4b0f..06ec3f76a 100644 --- a/src/zm_user.cpp +++ b/src/zm_user.cpp @@ -201,7 +201,7 @@ User *zmLoadTokenUser (std::string jwt_token_str, bool use_remote_addr ) { if ( n_users != 1 ) { mysql_free_result(result); - Warning("Unable to authenticate user %s", username); + Warning("Unable to authenticate user %s", username.c_str()); return NULL; } From 1770ebea23594d95ad31abfd9396466c6ae7fc25 Mon Sep 17 00:00:00 2001 From: Pliable Pixels Date: Wed, 8 May 2019 15:26:51 -0400 Subject: [PATCH 086/922] make sure refresh token login doesn't generate another refresh token --- web/api/app/Controller/HostController.php | 100 +++++++++++++++------- 1 file changed, 67 insertions(+), 33 deletions(-) diff --git a/web/api/app/Controller/HostController.php b/web/api/app/Controller/HostController.php index 91e0093a1..55fedd281 100644 --- a/web/api/app/Controller/HostController.php +++ b/web/api/app/Controller/HostController.php @@ -31,28 +31,57 @@ class HostController extends AppController { } function login() { - $cred = $this->_getCredentials(); $cred_depr = $this->_getCredentialsDeprecated(); $ver = $this->_getVersion(); - $this->set(array( - 'access_token'=>$cred[0], - 'access_token_expires'=>$cred[1], - 'refresh_token'=>$cred[2], - 'refresh_token_expires'=>$cred[3], - 'credentials'=>$cred_depr[0], - 'append_password'=>$cred_depr[1], - 'version' => $ver[0], - 'apiversion' => $ver[1], - '_serialize' => array( - 'access_token', - 'access_token_expires', - 'refresh_token', - 'refresh_token_expires', - 'version', - 'credentials', - 'append_password', - 'apiversion' - ))); + + $mUser = $this->request->query('user') ? $this->request->query('user') : $this->request->data('user'); + $mPassword = $this->request->query('pass') ? $this->request->query('pass') : $this->request->data('pass'); + $mToken = $this->request->query('token') ? $this->request->query('token') : $this->request->data('token'); + + if ($mUser && $mPassword) { + $cred = $this->_getCredentials(true); + // if you authenticated via user/pass then generate new refresh + $this->set(array( + 'access_token'=>$cred[0], + 'access_token_expires'=>$cred[1], + 'refresh_token'=>$cred[2], + 'refresh_token_expires'=>$cred[3], + 'credentials'=>$cred_depr[0], + 'append_password'=>$cred_depr[1], + 'version' => $ver[0], + 'apiversion' => $ver[1], + '_serialize' => array( + 'access_token', + 'access_token_expires', + 'refresh_token', + 'refresh_token_expires', + 'version', + 'credentials', + 'append_password', + 'apiversion' + ))); + } + else { + $cred = $this->_getCredentials(false); + $this->set(array( + 'access_token'=>$cred[0], + 'access_token_expires'=>$cred[1], + 'credentials'=>$cred_depr[0], + 'append_password'=>$cred_depr[1], + 'version' => $ver[0], + 'apiversion' => $ver[1], + '_serialize' => array( + 'access_token', + 'access_token_expires', + 'version', + 'credentials', + 'append_password', + 'apiversion' + ))); + + } + + } // end function login() // clears out session @@ -82,7 +111,7 @@ class HostController extends AppController { } } - private function _getCredentials() { + private function _getCredentials($generate_refresh_token=false) { $credentials = ''; $this->loadModel('Config'); @@ -123,19 +152,24 @@ class HostController extends AppController { $jwt_access_token = \Firebase\JWT\JWT::encode($access_token, $key, 'HS256'); - $refresh_issued_at = time(); - $refresh_ttl = 24 * 3600; // 1 day - - $refresh_expire_at = $refresh_issued_at + $refresh_ttl; - $refresh_token = array( - "iss" => "ZoneMinder", - "iat" => $refresh_issued_at, - "exp" => $refresh_expire_at, - "user" => $_SESSION['username'], - "type" => "refresh" - ); - $jwt_refresh_token = \Firebase\JWT\JWT::encode($refresh_token, $key, 'HS256'); + $jwt_refresh_token = ""; + $refresh_ttl = 0; + if ($generate_refresh_token) { + $refresh_issued_at = time(); + $refresh_ttl = 24 * 3600; // 1 day + + $refresh_expire_at = $refresh_issued_at + $refresh_ttl; + $refresh_token = array( + "iss" => "ZoneMinder", + "iat" => $refresh_issued_at, + "exp" => $refresh_expire_at, + "user" => $_SESSION['username'], + "type" => "refresh" + ); + $jwt_refresh_token = \Firebase\JWT\JWT::encode($refresh_token, $key, 'HS256'); + } + } return array($jwt_access_token, $access_ttl, $jwt_refresh_token, $refresh_ttl); } From 2212244882ef6dca0acf51f0149fcaf6fd251857 Mon Sep 17 00:00:00 2001 From: Pliable Pixels Date: Wed, 8 May 2019 15:47:38 -0400 Subject: [PATCH 087/922] fix absolute path --- src/CMakeLists.txt | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/src/CMakeLists.txt b/src/CMakeLists.txt index efdb5224d..3ea9d9647 100644 --- a/src/CMakeLists.txt +++ b/src/CMakeLists.txt @@ -10,7 +10,7 @@ set(ZM_BIN_SRC_FILES zm_box.cpp zm_buffer.cpp zm_camera.cpp zm_comms.cpp zm_conf # A fix for cmake recompiling the source files for every target. add_library(zm STATIC ${ZM_BIN_SRC_FILES}) -link_directories(/home/pp/source/pp_ZoneMinder.git/third_party/bcrypt) +link_directories(../third_party/bcrypt) add_executable(zmc zmc.cpp) add_executable(zma zma.cpp) From 4ab0c35962926e7149eccdc6bc415b048d5ef223 Mon Sep 17 00:00:00 2001 From: Pliable Pixels Date: Wed, 8 May 2019 16:45:28 -0400 Subject: [PATCH 088/922] move JWT/Bcrypt inside zm_crypt --- src/zm_crypt.cpp | 56 ++++++++++++++++++++++------ src/zm_crypt.h | 5 +-- src/zm_user.cpp | 95 +++++++++++++++--------------------------------- 3 files changed, 76 insertions(+), 80 deletions(-) diff --git a/src/zm_crypt.cpp b/src/zm_crypt.cpp index 6c6f4c7c1..3a3f66aeb 100644 --- a/src/zm_crypt.cpp +++ b/src/zm_crypt.cpp @@ -1,25 +1,59 @@ #include "zm.h" # include "zm_crypt.h" +#include "BCrypt.hpp" +#include "jwt.h" #include +// returns username if valid, "" if not +std::string verifyToken(std::string jwt_token_str, std::string key) { + std::string username = ""; + try { + // is it decodable? + auto decoded = jwt::decode(jwt_token_str); + auto verifier = jwt::verify() + .allow_algorithm(jwt::algorithm::hs256{ key }) + .with_issuer("ZoneMinder"); + + // signature verified? + verifier.verify(decoded); + // make sure it has fields we need + if (decoded.has_payload_claim("type")) { + std::string type = decoded.get_payload_claim("type").as_string(); + if (type != "access") { + Error ("Only access tokens are allowed. Please do not use refresh tokens"); + return ""; + } + } + else { + // something is wrong. All ZM tokens have type + Error ("Missing token type. This should not happen"); + return ""; + } + if (decoded.has_payload_claim("user")) { + username = decoded.get_payload_claim("user").as_string(); + Info ("Got %s as user claim from token", username.c_str()); + } + else { + Error ("User not found in claim"); + return ""; + } + } // try + catch (const std::exception &e) { + Error("Unable to verify token: %s", e.what()); + return ""; + } + catch (...) { + Error ("unknown exception"); + return ""; - -std::string createToken() { - std::string token = jwt::create() - .set_issuer("auth0") - //.set_expires_at(jwt::date(expiresAt)) - //.set_issued_at(jwt::date(tp)) - //.set_issued_at(jwt::date(std::chrono::system_clock::now())) - //.set_expires_at(jwt::date(std::chrono::system_clock::now()+std::chrono::seconds{EXPIRY})) - .sign(jwt::algorithm::hs256{"secret"}); - return token; + } + return username; } bool verifyPassword(const char *username, const char *input_password, const char *db_password_hash) { bool password_correct = false; - Info ("JWT created as %s",createToken().c_str()); if (strlen(db_password_hash ) < 4) { // actually, shoud be more, but this is min. for next code Error ("DB Password is too short or invalid to check"); diff --git a/src/zm_crypt.h b/src/zm_crypt.h index a1e8945e4..8fb50cf00 100644 --- a/src/zm_crypt.h +++ b/src/zm_crypt.h @@ -23,10 +23,9 @@ #include #include -#include "BCrypt.hpp" -#include "jwt.h" + bool verifyPassword( const char *username, const char *input_password, const char *db_password_hash); -std::string createToken(); +std::string verifyToken(std::string token, std::string key); #endif // ZM_CRYPT_H \ No newline at end of file diff --git a/src/zm_user.cpp b/src/zm_user.cpp index 06ec3f76a..7ac934d2a 100644 --- a/src/zm_user.cpp +++ b/src/zm_user.cpp @@ -142,6 +142,7 @@ User *zmLoadUser( const char *username, const char *password ) { User *zmLoadTokenUser (std::string jwt_token_str, bool use_remote_addr ) { std::string key = config.auth_hash_secret; std::string remote_addr = ""; + if (use_remote_addr) { remote_addr = std::string(getenv( "REMOTE_ADDR" )); if ( remote_addr == "" ) { @@ -153,82 +154,44 @@ User *zmLoadTokenUser (std::string jwt_token_str, bool use_remote_addr ) { Info ("Inside zmLoadTokenUser, formed key=%s", key.c_str()); - try { + std::string username = verifyToken(jwt_token_str, key); + if (username != "") { + char sql[ZM_SQL_MED_BUFSIZ] = ""; + snprintf(sql, sizeof(sql), + "SELECT Id, Username, Enabled, Stream+0, Events+0, Control+0, Monitors+0, System+0, MonitorIds" + " FROM Users WHERE Username = '%s' and Enabled = 1", username.c_str() ); - auto decoded = jwt::decode(jwt_token_str); - auto verifier = jwt::verify() - .allow_algorithm(jwt::algorithm::hs256{ key }) - .with_issuer("ZoneMinder"); - - verifier.verify(decoded); - - // token is valid and not expired - - if (decoded.has_payload_claim("type")) { - std::string type = decoded.get_payload_claim("type").as_string(); - if (type != "access") { - Error ("Only access tokens are allowed. Please do not use refresh tokens"); - return 0; - } + if ( mysql_query(&dbconn, sql) ) { + Error("Can't run query: %s", mysql_error(&dbconn)); + exit(mysql_errno(&dbconn)); } - else { - // something is wrong. All ZM tokens have type - Error ("Missing token type. This should not happen"); - return 0; + + MYSQL_RES *result = mysql_store_result(&dbconn); + if ( !result ) { + Error("Can't use query result: %s", mysql_error(&dbconn)); + exit(mysql_errno(&dbconn)); } - if (decoded.has_payload_claim("user")) { + int n_users = mysql_num_rows(result); - // We only need to check if user is enabled in DB and pass on - // correct access permissions - std::string username = decoded.get_payload_claim("user").as_string(); - Info ("Got %s as user claim from token", username.c_str()); - char sql[ZM_SQL_MED_BUFSIZ] = ""; - snprintf(sql, sizeof(sql), - "SELECT Id, Username, Enabled, Stream+0, Events+0, Control+0, Monitors+0, System+0, MonitorIds" - " FROM Users WHERE Username = '%s' and Enabled = 1", username.c_str() ); - - if ( mysql_query(&dbconn, sql) ) { - Error("Can't run query: %s", mysql_error(&dbconn)); - exit(mysql_errno(&dbconn)); - } - - MYSQL_RES *result = mysql_store_result(&dbconn); - if ( !result ) { - Error("Can't use query result: %s", mysql_error(&dbconn)); - exit(mysql_errno(&dbconn)); - } - int n_users = mysql_num_rows(result); - - if ( n_users != 1 ) { - mysql_free_result(result); - Warning("Unable to authenticate user %s", username.c_str()); - return NULL; - } - - MYSQL_ROW dbrow = mysql_fetch_row(result); - User *user = new User(dbrow); - Info ("Authenticated user '%s' via token", username.c_str()); + if ( n_users != 1 ) { mysql_free_result(result); - return user; - - } - else { - Error ("User not found in claim"); - return 0; + Warning("Unable to authenticate user %s", username.c_str()); + return NULL; } - } - catch (const std::exception &e) { - Error("Unable to verify token: %s", e.what()); - return 0; - } - catch (...) { - Error ("unknown exception"); + MYSQL_ROW dbrow = mysql_fetch_row(result); + User *user = new User(dbrow); + Info ("Authenticated user '%s' via token", username.c_str()); + mysql_free_result(result); + return user; } - return 0; + else { + return NULL; + } + } - + // Function to validate an authentication string User *zmLoadAuthUser( const char *auth, bool use_remote_addr ) { #if HAVE_DECL_MD5 || HAVE_DECL_GNUTLS_FINGERPRINT From 0bb5ff934e7e5c96884368510ce15ac71f038cb0 Mon Sep 17 00:00:00 2001 From: Pliable Pixels Date: Wed, 8 May 2019 19:17:31 -0400 Subject: [PATCH 089/922] move sha headers out --- src/zm_crypt.cpp | 1 + 1 file changed, 1 insertion(+) diff --git a/src/zm_crypt.cpp b/src/zm_crypt.cpp index 3a3f66aeb..6d9af1460 100644 --- a/src/zm_crypt.cpp +++ b/src/zm_crypt.cpp @@ -3,6 +3,7 @@ #include "BCrypt.hpp" #include "jwt.h" #include +#include // returns username if valid, "" if not From 8461852e2777cec3fe494b89c60dd3bf41870bd9 Mon Sep 17 00:00:00 2001 From: Pliable Pixels Date: Wed, 8 May 2019 19:32:58 -0400 Subject: [PATCH 090/922] move out sha header --- src/zm_crypt.h | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/src/zm_crypt.h b/src/zm_crypt.h index 8fb50cf00..fd3bd7e85 100644 --- a/src/zm_crypt.h +++ b/src/zm_crypt.h @@ -22,7 +22,7 @@ #include -#include + bool verifyPassword( const char *username, const char *input_password, const char *db_password_hash); From 1498027f12677368e7daf0be664e07b8b33d5aab Mon Sep 17 00:00:00 2001 From: Isaac Connor Date: Wed, 8 May 2019 22:45:04 -0400 Subject: [PATCH 091/922] Add option to attach the objdetect image in emails --- scripts/zmfilter.pl.in | 71 ++++++++++++++++++++++++------------------ 1 file changed, 41 insertions(+), 30 deletions(-) diff --git a/scripts/zmfilter.pl.in b/scripts/zmfilter.pl.in index 3f7e720c3..9a290ccd8 100644 --- a/scripts/zmfilter.pl.in +++ b/scripts/zmfilter.pl.in @@ -546,7 +546,7 @@ sub uploadArchFile { } if ( $archError ) { - return( 0 ); + return 0; } else { if ( $Config{ZM_UPLOAD_PROTOCOL} eq 'ftp' ) { Info('Uploading to '.$Config{ZM_UPLOAD_HOST}.' using FTP'); @@ -680,47 +680,58 @@ sub substituteTags { if ( $first_alarm_frame ) { $text =~ s/%EPI1%/$url?view=frame&mid=$Event->{MonitorId}&eid=$Event->{Id}&fid=$first_alarm_frame->{FrameId}/g; $text =~ s/%EPIM%/$url?view=frame&mid=$Event->{MonitorId}&eid=$Event->{Id}&fid=$max_alarm_frame->{FrameId}/g; - if ( $attachments_ref && $text =~ s/%EI1%//g ) { - my $path = generateImage($Event, $first_alarm_frame); - if ( -e $path ) { - push @$attachments_ref, { type=>'image/jpeg', path=>$path }; + if ( $attachments_ref ) { + if ( $text =~ s/%EI1%//g ) { + my $path = generateImage($Event, $first_alarm_frame); + if ( -e $path ) { + push @$attachments_ref, { type=>'image/jpeg', path=>$path }; + } } - } - if ( $attachments_ref && ( $text =~ s/%EIM%//g ) ) { - # Don't attach the same image twice - if ( !@$attachments_ref + if ( $text =~ s/%EIM%//g ) { + # Don't attach the same image twice + if ( !@$attachments_ref || ( $first_alarm_frame->{FrameId} != $max_alarm_frame->{FrameId} ) - ) { - my $path = generateImage($Event, $max_alarm_frame); + ) { + my $path = generateImage($Event, $max_alarm_frame); + if ( -e $path ) { + push @$attachments_ref, { type=>'image/jpeg', path=>$path }; + } else { + Warning("No image for EIM"); + } + } + } + if ( $text =~ s/%EI1A%//g ) { + my $path = generateImage($Event, $first_alarm_frame, 'analyse'); if ( -e $path ) { push @$attachments_ref, { type=>'image/jpeg', path=>$path }; } else { - Warning("No image for EIM"); + Warning("No image for EI1A"); } } - } - if ( $attachments_ref && $text =~ s/%EI1A%//g ) { - my $path = generateImage($Event, $first_alarm_frame, 'analyse'); - if ( -e $path ) { - push @$attachments_ref, { type=>'image/jpeg', path=>$path }; - } else { - Warning("No image for EI1A"); - } - } - if ( $attachments_ref && $text =~ s/%EIMA%//g ) { - # Don't attach the same image twice - if ( !@$attachments_ref + if ( $text =~ s/%EIMA%//g ) { + # Don't attach the same image twice + if ( !@$attachments_ref || ($first_alarm_frame->{FrameId} != $max_alarm_frame->{FrameId}) - ) { - my $path = generateImage($Event, $max_alarm_frame, 'analyse'); + ) { + my $path = generateImage($Event, $max_alarm_frame, 'analyse'); + if ( -e $path ) { + push @$attachments_ref, { type=>'image/jpeg', path=>$path }; + } else { + Warning('No image for EIMA'); + } + } + } + if ( $text =~ s/%EIMOD%//g ) { + my $path = $Event->Path().'/objdetect.jpg'; if ( -e $path ) { push @$attachments_ref, { type=>'image/jpeg', path=>$path }; } else { - Warning('No image for EIMA'); + Warning('No image for EIMOD at ' . $path); } } - } + + } # end if attachments_ref } # end if $first_alarm_frame if ( $attachments_ref ) { @@ -732,7 +743,7 @@ sub substituteTags { if ( !$format ) { return undef; } - push( @$attachments_ref, { type=>"video/$format", path=>$path } ); + push @$attachments_ref, { type=>"video/$format", path=>$path }; } } if ( $text =~ s/%EVM%//g ) { @@ -806,7 +817,7 @@ sub sendEmail { $ssmtp_location = qx('which ssmtp'); } if ( !$ssmtp_location ) { - Debug('Unable to find ssmtp, trying MIME::Lite->send'); + Warning('Unable to find ssmtp, trying MIME::Lite->send'); MIME::Lite->send('smtp', $Config{ZM_EMAIL_HOST}, Timeout=>60); $mail->send(); } else { From 95b448abdde69f1513347ef39eb604a133910c87 Mon Sep 17 00:00:00 2001 From: Pliable Pixels Date: Fri, 10 May 2019 11:25:55 -0400 Subject: [PATCH 092/922] handle case when supplied password is hashed, fix wrong params in AppController --- web/api/app/Controller/AppController.php | 3 ++- web/includes/auth.php | 3 ++- 2 files changed, 4 insertions(+), 2 deletions(-) diff --git a/web/api/app/Controller/AppController.php b/web/api/app/Controller/AppController.php index 23bd528b5..1264dc25c 100644 --- a/web/api/app/Controller/AppController.php +++ b/web/api/app/Controller/AppController.php @@ -76,7 +76,8 @@ class AppController extends Controller { $mToken = $this->request->query('token') ? $this->request->query('token') : $this->request->data('token'); if ( $mUser and $mPassword ) { - $user = userLogin($mUser, $mPassword, true); + // log (user, pass, nothashed, api based login so skip recaptcha) + $user = userLogin($mUser, $mPassword, false, true); if ( !$user ) { throw new UnauthorizedException(__('User not found or incorrect password')); return; diff --git a/web/includes/auth.php b/web/includes/auth.php index c446d0024..6a076ec5d 100644 --- a/web/includes/auth.php +++ b/web/includes/auth.php @@ -126,7 +126,7 @@ function userLogin($username='', $password='', $passwordHashed=false, $apiLogin ZM\Logger::Debug ('bcrypt signature found, assumed bcrypt password'); $password_type='bcrypt'; - $password_correct = password_verify($password, $saved_password); + $password_correct = $passwordHashed? ($password == $saved_password) : password_verify($password, $saved_password); } else { // we really should nag the user not to use plain @@ -346,6 +346,7 @@ if ( ZM_OPT_USE_AUTH ) { $_SESSION['remoteAddr'] = $_SERVER['REMOTE_ADDR']; // To help prevent session hijacking if ( ZM_AUTH_HASH_LOGINS && empty($user) && !empty($_REQUEST['auth']) ) { + if ( $authUser = getAuthUser($_REQUEST['auth']) ) { userLogin($authUser['Username'], $authUser['Password'], true); } From d3a680aaa36e30e3970b0a3fc0c8c32933319854 Mon Sep 17 00:00:00 2001 From: Isaac Connor Date: Fri, 10 May 2019 12:31:10 -0400 Subject: [PATCH 093/922] Set out_frame duration when resampling. Better error message if failed to write to fifo --- src/zm_videostore.cpp | 6 +++++- 1 file changed, 5 insertions(+), 1 deletion(-) diff --git a/src/zm_videostore.cpp b/src/zm_videostore.cpp index 0d3e22b4e..f8a04ff1c 100644 --- a/src/zm_videostore.cpp +++ b/src/zm_videostore.cpp @@ -1181,6 +1181,9 @@ int VideoStore::resample_audio() { ret = swr_convert_frame(resample_ctx, out_frame, in_frame); zm_dump_frame(out_frame, "Out frame after convert"); + // resampling doesn't change the duration, or set it. + out_frame->duration = in_frame->duration; + if ( ret < 0 ) { Error("Could not resample frame (error '%s')", av_make_error_string(ret).c_str()); @@ -1193,7 +1196,8 @@ int VideoStore::resample_audio() { /** Store the new samples in the FIFO buffer. */ ret = av_audio_fifo_write(fifo, (void **)out_frame->data, out_frame->nb_samples); if ( ret < out_frame->nb_samples ) { - Error("Could not write data to FIFO on %d written, expecting %d", ret, out_frame->nb_samples); + Error("Could not write data to FIFO. %d written, expecting %d. Reason %s", + ret, out_frame->nb_samples, av_make_error_string(ret).c_str()); return 0; } From 67c20aa976e529d5f00ca8ac7903e04af064983a Mon Sep 17 00:00:00 2001 From: Isaac Connor Date: Fri, 10 May 2019 12:58:54 -0400 Subject: [PATCH 094/922] fix frame->duration to frame->pkt_duration --- src/zm_videostore.cpp | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/src/zm_videostore.cpp b/src/zm_videostore.cpp index f8a04ff1c..978dfd328 100644 --- a/src/zm_videostore.cpp +++ b/src/zm_videostore.cpp @@ -1182,7 +1182,7 @@ int VideoStore::resample_audio() { zm_dump_frame(out_frame, "Out frame after convert"); // resampling doesn't change the duration, or set it. - out_frame->duration = in_frame->duration; + out_frame->pkt_duration = in_frame->pkt_duration; if ( ret < 0 ) { Error("Could not resample frame (error '%s')", From d9f7e93df3a17842f351a39a005e4c52efc356e4 Mon Sep 17 00:00:00 2001 From: Isaac Connor Date: Fri, 10 May 2019 14:27:51 -0400 Subject: [PATCH 095/922] Fix typo gegress to degrees. Fixes #2601 --- scripts/ZoneMinder/lib/ZoneMinder/Control/Amcrest_HTTP.pm | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/scripts/ZoneMinder/lib/ZoneMinder/Control/Amcrest_HTTP.pm b/scripts/ZoneMinder/lib/ZoneMinder/Control/Amcrest_HTTP.pm index 7a89f353e..e95f86cba 100644 --- a/scripts/ZoneMinder/lib/ZoneMinder/Control/Amcrest_HTTP.pm +++ b/scripts/ZoneMinder/lib/ZoneMinder/Control/Amcrest_HTTP.pm @@ -189,7 +189,7 @@ sub moveAbs ## Up, Down, Left, Right, etc. ??? Doesn't make sense here... my $tilt_degrees = shift || 0; my $speed = shift || 1; Debug( "Move ABS" ); - $self->sendCmd( 'cgi-bin/ptz.cgi?action=start&code=PositionABS&channel=0&arg1='.$pan_degress.'&arg2='.$tilt_degrees.'&arg3=0&arg4='.$speed ); + $self->sendCmd( 'cgi-bin/ptz.cgi?action=start&code=PositionABS&channel=0&arg1='.$pan_degrees.'&arg2='.$tilt_degrees.'&arg3=0&arg4='.$speed ); } sub moveConUp From e6b7af4583647f4a392dee8279acba4b6dcbcd82 Mon Sep 17 00:00:00 2001 From: Pliable Pixels Date: Fri, 10 May 2019 15:11:35 -0400 Subject: [PATCH 096/922] initial baby step for api tab --- scripts/ZoneMinder/lib/ZoneMinder/ConfigData.pm.in | 2 +- web/lang/en_gb.php | 1 + web/skins/classic/views/options.php | 1 + 3 files changed, 3 insertions(+), 1 deletion(-) diff --git a/scripts/ZoneMinder/lib/ZoneMinder/ConfigData.pm.in b/scripts/ZoneMinder/lib/ZoneMinder/ConfigData.pm.in index c6ec697f1..0e52cbe0c 100644 --- a/scripts/ZoneMinder/lib/ZoneMinder/ConfigData.pm.in +++ b/scripts/ZoneMinder/lib/ZoneMinder/ConfigData.pm.in @@ -394,7 +394,7 @@ our @options = ( if you are exposing your ZM instance on the Internet. `, type => $types{boolean}, - category => 'system', + category => 'API', }, { name => 'ZM_OPT_USE_EVENTNOTIFICATION', diff --git a/web/lang/en_gb.php b/web/lang/en_gb.php index 945d26bea..09f3c09a9 100644 --- a/web/lang/en_gb.php +++ b/web/lang/en_gb.php @@ -104,6 +104,7 @@ $SLANG = array( 'All' => 'All', 'AnalysisFPS' => 'Analysis FPS', 'AnalysisUpdateDelay' => 'Analysis Update Delay', + 'API' => 'API', 'Apply' => 'Apply', 'ApplyingStateChange' => 'Applying State Change', 'ArchArchived' => 'Archived Only', diff --git a/web/skins/classic/views/options.php b/web/skins/classic/views/options.php index f7440d92e..561964a85 100644 --- a/web/skins/classic/views/options.php +++ b/web/skins/classic/views/options.php @@ -29,6 +29,7 @@ $tabs = array(); $tabs['skins'] = translate('Display'); $tabs['system'] = translate('System'); $tabs['config'] = translate('Config'); +$tabs['config'] = translate('API'); $tabs['servers'] = translate('Servers'); $tabs['storage'] = translate('Storage'); $tabs['web'] = translate('Web'); From ae14be916c5a282ce23f8f67f81aa559382e86c2 Mon Sep 17 00:00:00 2001 From: Pliable Pixels Date: Sat, 11 May 2019 13:39:40 -0400 Subject: [PATCH 097/922] initial plumbing to introduce token expiry and API bans per user --- db/zm_create.sql.in | 4 +++- src/zm_crypt.cpp | 23 ++++++++++++++------ src/zm_crypt.h | 2 +- src/zm_user.cpp | 16 ++++++++++++-- version | 2 +- web/includes/auth.php | 24 +++++++++++++++++++++ web/lang/en_gb.php | 1 + web/skins/classic/views/options.php | 33 +++++++++++++++++++++++++++-- 8 files changed, 91 insertions(+), 14 deletions(-) diff --git a/db/zm_create.sql.in b/db/zm_create.sql.in index 787854091..e0af53f1f 100644 --- a/db/zm_create.sql.in +++ b/db/zm_create.sql.in @@ -245,7 +245,7 @@ DROP TABLE IF EXISTS `Events_Week`; CREATE TABLE `Events_Week` ( `EventId` BIGINT unsigned NOT NULL, `MonitorId` int(10) unsigned NOT NULL, - `StartTime` datetime default NULL, + `StartTime` datetime default NULL,M `DiskSpace` bigint default NULL, PRIMARY KEY (`EventId`), KEY `Events_Week_MonitorId_idx` (`MonitorId`), @@ -640,6 +640,8 @@ CREATE TABLE `Users` ( `System` enum('None','View','Edit') NOT NULL default 'None', `MaxBandwidth` varchar(16), `MonitorIds` text, + `TokenMinExpiry` BIGINT UNSIGNED NOT NULL DEFAULT 0, + `APIEnabled` tinyint(3) UNSIGNED NOT NULL default 1, PRIMARY KEY (`Id`), UNIQUE KEY `UC_Username` (`Username`) ) ENGINE=@ZM_MYSQL_ENGINE@; diff --git a/src/zm_crypt.cpp b/src/zm_crypt.cpp index 6d9af1460..845582137 100644 --- a/src/zm_crypt.cpp +++ b/src/zm_crypt.cpp @@ -7,8 +7,9 @@ // returns username if valid, "" if not -std::string verifyToken(std::string jwt_token_str, std::string key) { +std::pair verifyToken(std::string jwt_token_str, std::string key) { std::string username = ""; + int token_issued_at = 0; try { // is it decodable? auto decoded = jwt::decode(jwt_token_str); @@ -24,13 +25,13 @@ std::string verifyToken(std::string jwt_token_str, std::string key) { std::string type = decoded.get_payload_claim("type").as_string(); if (type != "access") { Error ("Only access tokens are allowed. Please do not use refresh tokens"); - return ""; + return std::make_pair("",0); } } else { // something is wrong. All ZM tokens have type Error ("Missing token type. This should not happen"); - return ""; + return std::make_pair("",0); } if (decoded.has_payload_claim("user")) { username = decoded.get_payload_claim("user").as_string(); @@ -38,19 +39,27 @@ std::string verifyToken(std::string jwt_token_str, std::string key) { } else { Error ("User not found in claim"); - return ""; + return std::make_pair("",0); + } + + if (decoded.has_payload_claim("iat")) { + token_issued_at = (unsigned int) (decoded.get_payload_claim("iat").as_int()); + } + else { + Error ("IAT not found in claim. This should not happen"); + return std::make_pair("",0); } } // try catch (const std::exception &e) { Error("Unable to verify token: %s", e.what()); - return ""; + return std::make_pair("",0); } catch (...) { Error ("unknown exception"); - return ""; + return std::make_pair("",0); } - return username; + return std::make_pair(username,token_issued_at); } bool verifyPassword(const char *username, const char *input_password, const char *db_password_hash) { diff --git a/src/zm_crypt.h b/src/zm_crypt.h index fd3bd7e85..340abc36c 100644 --- a/src/zm_crypt.h +++ b/src/zm_crypt.h @@ -27,5 +27,5 @@ bool verifyPassword( const char *username, const char *input_password, const char *db_password_hash); -std::string verifyToken(std::string token, std::string key); +std::pair verifyToken(std::string token, std::string key); #endif // ZM_CRYPT_H \ No newline at end of file diff --git a/src/zm_user.cpp b/src/zm_user.cpp index 7ac934d2a..b8009c221 100644 --- a/src/zm_user.cpp +++ b/src/zm_user.cpp @@ -154,7 +154,10 @@ User *zmLoadTokenUser (std::string jwt_token_str, bool use_remote_addr ) { Info ("Inside zmLoadTokenUser, formed key=%s", key.c_str()); - std::string username = verifyToken(jwt_token_str, key); + std::pair ans = verifyToken(jwt_token_str, key); + std::string username = ans.first; + unsigned int iat = ans.second; + if (username != "") { char sql[ZM_SQL_MED_BUFSIZ] = ""; snprintf(sql, sizeof(sql), @@ -175,12 +178,21 @@ User *zmLoadTokenUser (std::string jwt_token_str, bool use_remote_addr ) { if ( n_users != 1 ) { mysql_free_result(result); - Warning("Unable to authenticate user %s", username.c_str()); + Error("Unable to authenticate user %s", username.c_str()); return NULL; } MYSQL_ROW dbrow = mysql_fetch_row(result); User *user = new User(dbrow); + unsigned int stored_iat = strtoul(dbrow[14], NULL,0 ); + + if (stored_iat > iat ) { // admin revoked tokens + mysql_free_result(result); + Error("Token was revoked for %s", username.c_str()); + return NULL; + } + + Info ("Got stored expiry time of %u",stored_iat); Info ("Authenticated user '%s' via token", username.c_str()); mysql_free_result(result); return user; diff --git a/version b/version index 692c2e30d..c64ec5337 100644 --- a/version +++ b/version @@ -1 +1 @@ -1.33.8 +1.33.9 diff --git a/web/includes/auth.php b/web/includes/auth.php index 6a076ec5d..559b478ce 100644 --- a/web/includes/auth.php +++ b/web/includes/auth.php @@ -109,6 +109,19 @@ function userLogin($username='', $password='', $passwordHashed=false, $apiLogin $password_type = NULL; if ($saved_user_details) { + + // if the API layer asked us to login, make sure the user + // has API enabled (admin may have banned API for this user) + + if ($apiLogin) { + if ($saved_user_details['APIEnabled'] != 1) { + ZM\Error ("API disabled for: $username"); + $_SESSION['loginFailed'] = true; + unset($user); + return false; + } + } + $saved_password = $saved_user_details['Password']; if ($saved_password[0] == '*') { // We assume we don't need to support mysql < 4.1 @@ -217,6 +230,17 @@ function validateToken ($token, $allowed_token_type='access') { $saved_user_details = dbFetchOne ($sql, NULL, $sql_values); if ($saved_user_details) { + + $issuedAt = $jwt_payload['iat']; + $minIssuedAt = $saved_user_details['TokenMinExpiry']; + + if ($issuedAt < $minIssuedAt) { + ZM\Error ("Token revoked for $username. Please generate a new token"); + $_SESSION['loginFailed'] = true; + unset($user); + return array(false, "Token revoked. Please re-generate"); + } + $user = $saved_user_details; return array($user, "OK"); } else { diff --git a/web/lang/en_gb.php b/web/lang/en_gb.php index 09f3c09a9..e81f7fe6f 100644 --- a/web/lang/en_gb.php +++ b/web/lang/en_gb.php @@ -421,6 +421,7 @@ $SLANG = array( 'Images' => 'Images', 'Include' => 'Include', 'In' => 'In', + 'InvalidateTokens' => 'Invalidate all generated tokens', 'Inverted' => 'Inverted', 'Iris' => 'Iris', 'KeyString' => 'Key String', diff --git a/web/skins/classic/views/options.php b/web/skins/classic/views/options.php index 561964a85..90d9a5b02 100644 --- a/web/skins/classic/views/options.php +++ b/web/skins/classic/views/options.php @@ -29,7 +29,7 @@ $tabs = array(); $tabs['skins'] = translate('Display'); $tabs['system'] = translate('System'); $tabs['config'] = translate('Config'); -$tabs['config'] = translate('API'); +$tabs['API'] = translate('API'); $tabs['servers'] = translate('Servers'); $tabs['storage'] = translate('Storage'); $tabs['web'] = translate('Web'); @@ -134,7 +134,8 @@ foreach ( array_map('basename', glob('skins/'.$current_skin.'/css/*',GLOB_ONLYDI -
@@ -424,6 +425,32 @@ foreach ( array_map('basename', glob('skins/'.$current_skin.'/css/*',GLOB_ONLYDI + + + + HELLO BABY! + + >
+
+ + + + + +
@@ -432,6 +459,8 @@ foreach ( array_map('basename', glob('skins/'.$current_skin.'/css/*',GLOB_ONLYDI } ?> + + From 91b6d0103cd032c1721f2d24b66a1f4e8d661ed1 Mon Sep 17 00:00:00 2001 From: Pliable Pixels Date: Sat, 11 May 2019 13:41:19 -0400 Subject: [PATCH 098/922] remove M typo --- db/zm_create.sql.in | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/db/zm_create.sql.in b/db/zm_create.sql.in index e0af53f1f..653e95cc6 100644 --- a/db/zm_create.sql.in +++ b/db/zm_create.sql.in @@ -245,7 +245,7 @@ DROP TABLE IF EXISTS `Events_Week`; CREATE TABLE `Events_Week` ( `EventId` BIGINT unsigned NOT NULL, `MonitorId` int(10) unsigned NOT NULL, - `StartTime` datetime default NULL,M + `StartTime` datetime default NULL, `DiskSpace` bigint default NULL, PRIMARY KEY (`EventId`), KEY `Events_Week_MonitorId_idx` (`MonitorId`), From 2ee466f5e445944c8934e760081c79ca6f29de43 Mon Sep 17 00:00:00 2001 From: Pliable Pixels Date: Sat, 11 May 2019 14:08:49 -0400 Subject: [PATCH 099/922] display user table in api --- web/skins/classic/views/options.php | 48 ++++++++++++++++++++++++----- 1 file changed, 40 insertions(+), 8 deletions(-) diff --git a/web/skins/classic/views/options.php b/web/skins/classic/views/options.php index 90d9a5b02..3c0bd809e 100644 --- a/web/skins/classic/views/options.php +++ b/web/skins/classic/views/options.php @@ -430,25 +430,57 @@ foreach ( array_map('basename', glob('skins/'.$current_skin.'/css/*',GLOB_ONLYDI if ($tab == 'API') { ?> - HELLO BABY! +
- >
+ >

+
+ + + + + + + + + + + + + + + + + + + + + + + +
+
From 88d50ec9cac7f18fdd9f4affcaf7be5e779d5c72 Mon Sep 17 00:00:00 2001 From: Pliable Pixels Date: Sat, 11 May 2019 15:47:57 -0400 Subject: [PATCH 100/922] added revoke all tokens code, removed test code --- web/api/app/Controller/HostController.php | 2 +- web/skins/classic/views/options.php | 2 ++ 2 files changed, 3 insertions(+), 1 deletion(-) diff --git a/web/api/app/Controller/HostController.php b/web/api/app/Controller/HostController.php index 55fedd281..7b8c7c0ff 100644 --- a/web/api/app/Controller/HostController.php +++ b/web/api/app/Controller/HostController.php @@ -140,7 +140,7 @@ class HostController extends AppController { // by default access token will expire in 2 hrs // you can change it by changing the value of ZM_AUTH_HASH_TLL $access_expire_at = $access_issued_at + $access_ttl; - $access_expire_at = $access_issued_at + 60; // TEST, REMOVE + //$access_expire_at = $access_issued_at + 60; // TEST, REMOVE $access_token = array( "iss" => "ZoneMinder", diff --git a/web/skins/classic/views/options.php b/web/skins/classic/views/options.php index 3c0bd809e..e9245f10e 100644 --- a/web/skins/classic/views/options.php +++ b/web/skins/classic/views/options.php @@ -439,6 +439,8 @@ foreach ( array_map('basename', glob('skins/'.$current_skin.'/css/*',GLOB_ONLYDI Date: Sat, 11 May 2019 15:58:07 -0400 Subject: [PATCH 101/922] use strtoul for conversion --- src/zm_crypt.cpp | 6 +++++- 1 file changed, 5 insertions(+), 1 deletion(-) diff --git a/src/zm_crypt.cpp b/src/zm_crypt.cpp index 845582137..fe0b2b418 100644 --- a/src/zm_crypt.cpp +++ b/src/zm_crypt.cpp @@ -43,7 +43,11 @@ std::pair verifyToken(std::string jwt_token_str, std } if (decoded.has_payload_claim("iat")) { - token_issued_at = (unsigned int) (decoded.get_payload_claim("iat").as_int()); + + + std::string iat_str = decoded.get_payload_claim("iat").as_string(); + Info ("Got IAT token=%s", iat_str); + token_issued_at = strtoul(iat_str, NULL,0 ); } else { Error ("IAT not found in claim. This should not happen"); From 053e57af62c79953f6a0c0f913a529d6fc54d088 Mon Sep 17 00:00:00 2001 From: Pliable Pixels Date: Sat, 11 May 2019 16:01:05 -0400 Subject: [PATCH 102/922] use strtoul for conversion --- src/zm_crypt.cpp | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/src/zm_crypt.cpp b/src/zm_crypt.cpp index fe0b2b418..5ef2433d4 100644 --- a/src/zm_crypt.cpp +++ b/src/zm_crypt.cpp @@ -47,7 +47,7 @@ std::pair verifyToken(std::string jwt_token_str, std std::string iat_str = decoded.get_payload_claim("iat").as_string(); Info ("Got IAT token=%s", iat_str); - token_issued_at = strtoul(iat_str, NULL,0 ); + token_issued_at = strtoul(iat_str.c_str(), NULL,0 ); } else { Error ("IAT not found in claim. This should not happen"); From 3e66be27a80215ca72a00945ac01644cdc1f99e5 Mon Sep 17 00:00:00 2001 From: Pliable Pixels Date: Sat, 11 May 2019 16:09:42 -0400 Subject: [PATCH 103/922] use strtoul for conversion --- src/zm_crypt.cpp | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/src/zm_crypt.cpp b/src/zm_crypt.cpp index 5ef2433d4..72fba3294 100644 --- a/src/zm_crypt.cpp +++ b/src/zm_crypt.cpp @@ -46,7 +46,7 @@ std::pair verifyToken(std::string jwt_token_str, std std::string iat_str = decoded.get_payload_claim("iat").as_string(); - Info ("Got IAT token=%s", iat_str); + Info ("Got IAT token=%s", iat_str.c_str()); token_issued_at = strtoul(iat_str.c_str(), NULL,0 ); } else { From 6ab31dfe4b8b42a84bf4ecdcf8b100fa24002436 Mon Sep 17 00:00:00 2001 From: Pliable Pixels Date: Sun, 12 May 2019 05:03:16 -0400 Subject: [PATCH 104/922] more fixes --- src/zm_crypt.cpp | 10 ++++------ 1 file changed, 4 insertions(+), 6 deletions(-) diff --git a/src/zm_crypt.cpp b/src/zm_crypt.cpp index 72fba3294..e9877ffd3 100644 --- a/src/zm_crypt.cpp +++ b/src/zm_crypt.cpp @@ -9,7 +9,7 @@ // returns username if valid, "" if not std::pair verifyToken(std::string jwt_token_str, std::string key) { std::string username = ""; - int token_issued_at = 0; + unsigned int token_issued_at = 0; try { // is it decodable? auto decoded = jwt::decode(jwt_token_str); @@ -43,11 +43,9 @@ std::pair verifyToken(std::string jwt_token_str, std } if (decoded.has_payload_claim("iat")) { - - - std::string iat_str = decoded.get_payload_claim("iat").as_string(); - Info ("Got IAT token=%s", iat_str.c_str()); - token_issued_at = strtoul(iat_str.c_str(), NULL,0 ); + token_issued_at = (unsigned int) (decoded.get_payload_claim("iat").as_int()); + Info ("Got IAT token=%u", iat); + } else { Error ("IAT not found in claim. This should not happen"); From 1f22c38453ff6d0c1c12a08fedbc72ea9d27a733 Mon Sep 17 00:00:00 2001 From: Pliable Pixels Date: Sun, 12 May 2019 05:10:20 -0400 Subject: [PATCH 105/922] more fixes --- src/zm_crypt.cpp | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/src/zm_crypt.cpp b/src/zm_crypt.cpp index e9877ffd3..c37ab25bc 100644 --- a/src/zm_crypt.cpp +++ b/src/zm_crypt.cpp @@ -44,7 +44,7 @@ std::pair verifyToken(std::string jwt_token_str, std if (decoded.has_payload_claim("iat")) { token_issued_at = (unsigned int) (decoded.get_payload_claim("iat").as_int()); - Info ("Got IAT token=%u", iat); + Info ("Got IAT token=%u", token_issued_at); } else { From 225893fcd63e27f6e4246dae079937176f0b931a Mon Sep 17 00:00:00 2001 From: Pliable Pixels Date: Sun, 12 May 2019 05:50:19 -0400 Subject: [PATCH 106/922] add mintokenexpiry to DB seek --- src/zm_user.cpp | 5 +++-- web/api/app/Controller/AppController.php | 2 +- 2 files changed, 4 insertions(+), 3 deletions(-) diff --git a/src/zm_user.cpp b/src/zm_user.cpp index b8009c221..f37233553 100644 --- a/src/zm_user.cpp +++ b/src/zm_user.cpp @@ -161,7 +161,7 @@ User *zmLoadTokenUser (std::string jwt_token_str, bool use_remote_addr ) { if (username != "") { char sql[ZM_SQL_MED_BUFSIZ] = ""; snprintf(sql, sizeof(sql), - "SELECT Id, Username, Enabled, Stream+0, Events+0, Control+0, Monitors+0, System+0, MonitorIds" + "SELECT Id, Username, Enabled, Stream+0, Events+0, Control+0, Monitors+0, System+0, MonitorIds, MinTokenExpiry" " FROM Users WHERE Username = '%s' and Enabled = 1", username.c_str() ); if ( mysql_query(&dbconn, sql) ) { @@ -184,7 +184,8 @@ User *zmLoadTokenUser (std::string jwt_token_str, bool use_remote_addr ) { MYSQL_ROW dbrow = mysql_fetch_row(result); User *user = new User(dbrow); - unsigned int stored_iat = strtoul(dbrow[14], NULL,0 ); + Info ("DB 9=%s", dbrow[9]); + unsigned int stored_iat = strtoul(dbrow[9], NULL,0 ); if (stored_iat > iat ) { // admin revoked tokens mysql_free_result(result); diff --git a/web/api/app/Controller/AppController.php b/web/api/app/Controller/AppController.php index 1264dc25c..65585ff61 100644 --- a/web/api/app/Controller/AppController.php +++ b/web/api/app/Controller/AppController.php @@ -79,7 +79,7 @@ class AppController extends Controller { // log (user, pass, nothashed, api based login so skip recaptcha) $user = userLogin($mUser, $mPassword, false, true); if ( !$user ) { - throw new UnauthorizedException(__('User not found or incorrect password')); + throw new UnauthorizedException(__('Incorrect credentials or API disabled')); return; } } else if ( $mToken ) { From 849995876794cc13bd2cfa37d9b52d30d29c22f9 Mon Sep 17 00:00:00 2001 From: Pliable Pixels Date: Sun, 12 May 2019 05:57:17 -0400 Subject: [PATCH 107/922] typo --- src/zm_user.cpp | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/src/zm_user.cpp b/src/zm_user.cpp index f37233553..84536c16e 100644 --- a/src/zm_user.cpp +++ b/src/zm_user.cpp @@ -161,7 +161,7 @@ User *zmLoadTokenUser (std::string jwt_token_str, bool use_remote_addr ) { if (username != "") { char sql[ZM_SQL_MED_BUFSIZ] = ""; snprintf(sql, sizeof(sql), - "SELECT Id, Username, Enabled, Stream+0, Events+0, Control+0, Monitors+0, System+0, MonitorIds, MinTokenExpiry" + "SELECT Id, Username, Enabled, Stream+0, Events+0, Control+0, Monitors+0, System+0, MonitorIds, TokenMinExpiry" " FROM Users WHERE Username = '%s' and Enabled = 1", username.c_str() ); if ( mysql_query(&dbconn, sql) ) { From aada171440022296d2e660d99b0bc69d50a3726d Mon Sep 17 00:00:00 2001 From: Isaac Connor Date: Sun, 12 May 2019 09:35:48 -0400 Subject: [PATCH 108/922] clean up some logic in Analyse --- src/zm_monitor.cpp | 198 +++++++++++++++++++++++---------------------- 1 file changed, 100 insertions(+), 98 deletions(-) diff --git a/src/zm_monitor.cpp b/src/zm_monitor.cpp index d587eebc5..835dc4222 100644 --- a/src/zm_monitor.cpp +++ b/src/zm_monitor.cpp @@ -1432,118 +1432,120 @@ bool Monitor::Analyse() { shared_data->active = signal; } // end if signal change - if ( (!signal_change && signal) && n_linked_monitors > 0 ) { - bool first_link = true; - Event::StringSet noteSet; - for ( int i = 0; i < n_linked_monitors; i++ ) { - // TODO: Shouldn't we try to connect? - if ( linked_monitors[i]->isConnected() ) { - if ( linked_monitors[i]->hasAlarmed() ) { - if ( !event ) { - if ( first_link ) { - if ( cause.length() ) - cause += ", "; - cause += LINKED_CAUSE; - first_link = false; + if ( (!signal_change) && signal) { + if ( n_linked_monitors > 0 ) { + bool first_link = true; + Event::StringSet noteSet; + for ( int i = 0; i < n_linked_monitors; i++ ) { + // TODO: Shouldn't we try to connect? + if ( linked_monitors[i]->isConnected() ) { + if ( linked_monitors[i]->hasAlarmed() ) { + if ( !event ) { + if ( first_link ) { + if ( cause.length() ) + cause += ", "; + cause += LINKED_CAUSE; + first_link = false; + } } - } - noteSet.insert(linked_monitors[i]->Name()); - score += 50; - } - } else { - linked_monitors[i]->connect(); - } - } - if ( noteSet.size() > 0 ) - noteSetMap[LINKED_CAUSE] = noteSet; - } - - //TODO: What happens is the event closes and sets recording to false then recording to true again so quickly that our capture daemon never picks it up. Maybe need a refresh flag? - if ( (!signal_change && signal) && (function == RECORD || function == MOCORD) ) { - if ( event ) { - Debug(3, "Have signal and recording with open event at (%d.%d)", timestamp->tv_sec, timestamp->tv_usec); - - if ( section_length - && ( ( timestamp->tv_sec - video_store_data->recording.tv_sec ) >= section_length ) - && ( ! ( timestamp->tv_sec % section_length ) ) - ) { - Info("%s: %03d - Closing event %" PRIu64 ", section end forced %d - %d = %d >= %d", - name, image_count, event->Id(), - timestamp->tv_sec, video_store_data->recording.tv_sec, - timestamp->tv_sec - video_store_data->recording.tv_sec, - section_length - ); - closeEvent(); - } // end if section_length - } // end if event - - if ( ! event ) { - - // Create event - event = new Event(this, *timestamp, "Continuous", noteSetMap, videoRecording); - shared_data->last_event = event->Id(); - //set up video store data - snprintf(video_store_data->event_file, sizeof(video_store_data->event_file), "%s", event->getEventFile()); - video_store_data->recording = event->StartTime(); - - Info("%s: %03d - Opening new event %" PRIu64 ", section start", name, image_count, event->Id()); - - /* To prevent cancelling out an existing alert\prealarm\alarm state */ - if ( state == IDLE ) { - shared_data->state = state = TAPE; - } - - //if ( config.overlap_timed_events ) - if ( false ) { - int pre_index; - int pre_event_images = pre_event_count; - - if ( analysis_fps ) { - // If analysis fps is set, - // compute the index for pre event images in the dedicated buffer - pre_index = pre_event_buffer_count ? image_count%pre_event_buffer_count : 0; - - // Seek forward the next filled slot in to the buffer (oldest data) - // from the current position - while ( pre_event_images && !pre_event_buffer[pre_index].timestamp->tv_sec ) { - pre_index = (pre_index + 1)%pre_event_buffer_count; - // Slot is empty, removing image from counter - pre_event_images--; + noteSet.insert(linked_monitors[i]->Name()); + score += 50; } } else { - // If analysis fps is not set (analysis performed at capturing framerate), - // compute the index for pre event images in the capturing buffer - pre_index = ((index + image_buffer_count) - pre_event_count)%image_buffer_count; + linked_monitors[i]->connect(); + } + } // end foreach linked_monit + if ( noteSet.size() > 0 ) + noteSetMap[LINKED_CAUSE] = noteSet; + } // end if linked_monitors - // Seek forward the next filled slot in to the buffer (oldest data) - // from the current position - while ( pre_event_images && !image_buffer[pre_index].timestamp->tv_sec ) { - pre_index = (pre_index + 1)%image_buffer_count; - // Slot is empty, removing image from counter - pre_event_images--; - } + //TODO: What happens is the event closes and sets recording to false then recording to true again so quickly that our capture daemon never picks it up. Maybe need a refresh flag? + if ( function == RECORD || function == MOCORD ) { + if ( event ) { + Debug(3, "Have signal and recording with open event at (%d.%d)", timestamp->tv_sec, timestamp->tv_usec); + + if ( section_length + && ( ( timestamp->tv_sec - video_store_data->recording.tv_sec ) >= section_length ) + && ( ! ( timestamp->tv_sec % section_length ) ) + ) { + Info("%s: %03d - Closing event %" PRIu64 ", section end forced %d - %d = %d >= %d", + name, image_count, event->Id(), + timestamp->tv_sec, video_store_data->recording.tv_sec, + timestamp->tv_sec - video_store_data->recording.tv_sec, + section_length + ); + closeEvent(); + } // end if section_length + } // end if event + + if ( ! event ) { + + // Create event + event = new Event(this, *timestamp, "Continuous", noteSetMap, videoRecording); + shared_data->last_event = event->Id(); + //set up video store data + snprintf(video_store_data->event_file, sizeof(video_store_data->event_file), "%s", event->getEventFile()); + video_store_data->recording = event->StartTime(); + + Info("%s: %03d - Opening new event %" PRIu64 ", section start", name, image_count, event->Id()); + + /* To prevent cancelling out an existing alert\prealarm\alarm state */ + if ( state == IDLE ) { + shared_data->state = state = TAPE; } - if ( pre_event_images ) { + //if ( config.overlap_timed_events ) + if ( false ) { + int pre_index; + int pre_event_images = pre_event_count; + if ( analysis_fps ) { - for ( int i = 0; i < pre_event_images; i++ ) { - timestamps[i] = pre_event_buffer[pre_index].timestamp; - images[i] = pre_event_buffer[pre_index].image; + // If analysis fps is set, + // compute the index for pre event images in the dedicated buffer + pre_index = pre_event_buffer_count ? image_count%pre_event_buffer_count : 0; + + // Seek forward the next filled slot in to the buffer (oldest data) + // from the current position + while ( pre_event_images && !pre_event_buffer[pre_index].timestamp->tv_sec ) { pre_index = (pre_index + 1)%pre_event_buffer_count; + // Slot is empty, removing image from counter + pre_event_images--; } } else { - for ( int i = 0; i < pre_event_images; i++ ) { - timestamps[i] = image_buffer[pre_index].timestamp; - images[i] = image_buffer[pre_index].image; + // If analysis fps is not set (analysis performed at capturing framerate), + // compute the index for pre event images in the capturing buffer + pre_index = ((index + image_buffer_count) - pre_event_count)%image_buffer_count; + + // Seek forward the next filled slot in to the buffer (oldest data) + // from the current position + while ( pre_event_images && !image_buffer[pre_index].timestamp->tv_sec ) { pre_index = (pre_index + 1)%image_buffer_count; + // Slot is empty, removing image from counter + pre_event_images--; } } - event->AddFrames( pre_event_images, images, timestamps ); - } - } // end if false or config.overlap_timed_events - } // end if ! event - } // end if ( (!signal_change && signal) && (function == RECORD || function == MOCORD) ) { + if ( pre_event_images ) { + if ( analysis_fps ) { + for ( int i = 0; i < pre_event_images; i++ ) { + timestamps[i] = pre_event_buffer[pre_index].timestamp; + images[i] = pre_event_buffer[pre_index].image; + pre_index = (pre_index + 1)%pre_event_buffer_count; + } + } else { + for ( int i = 0; i < pre_event_images; i++ ) { + timestamps[i] = image_buffer[pre_index].timestamp; + images[i] = image_buffer[pre_index].image; + pre_index = (pre_index + 1)%image_buffer_count; + } + } + + event->AddFrames( pre_event_images, images, timestamps ); + } + } // end if false or config.overlap_timed_events + } // end if ! event + } // end if function == RECORD || function == MOCORD) + } // end if !signal_change && signal if ( score ) { if ( state == IDLE || state == TAPE || state == PREALARM ) { From 453bc2afd8e401217b2b3231345ce2b70bd78d16 Mon Sep 17 00:00:00 2001 From: Isaac Connor Date: Sun, 12 May 2019 09:36:26 -0400 Subject: [PATCH 109/922] more frame dumping in resample --- src/zm_videostore.cpp | 8 ++++---- 1 file changed, 4 insertions(+), 4 deletions(-) diff --git a/src/zm_videostore.cpp b/src/zm_videostore.cpp index 6d7fba13e..01e5b7e6c 100644 --- a/src/zm_videostore.cpp +++ b/src/zm_videostore.cpp @@ -1011,9 +1011,9 @@ int VideoStore::writeAudioFramePacket(AVPacket *ipkt) { //av_frame_unref(in_frame); return 0; } - zm_dump_frame(out_frame, "Out frame after resample"); out_frame->pts = in_frame->pts; + zm_dump_frame(out_frame, "Out frame after resample"); // out_frame pts is in the input pkt pts... needs to be adjusted before sending to the encoder if ( out_frame->pts != AV_NOPTS_VALUE ) { if ( !audio_first_pts ) { @@ -1022,6 +1022,7 @@ int VideoStore::writeAudioFramePacket(AVPacket *ipkt) { out_frame->pts = 0; } else { out_frame->pts = out_frame->pts - audio_first_pts; + zm_dump_frame(out_frame, "Out frame after pts adjustment"); } // } else { @@ -1042,14 +1043,12 @@ int VideoStore::writeAudioFramePacket(AVPacket *ipkt) { if ( (ret = avcodec_receive_packet(audio_out_ctx, &opkt)) < 0 ) { if ( AVERROR(EAGAIN) == ret ) { // The codec may need more samples than it has, perfectly valid - Debug(3, "Could not recieve packet (error '%s')", - av_make_error_string(ret).c_str()); + Debug(2, "Codec not ready to give us a packet"); } else { Error("Could not recieve packet (error %d = '%s')", ret, av_make_error_string(ret).c_str()); } zm_av_packet_unref(&opkt); - // av_frame_unref( out_frame ); return 0; } #else @@ -1067,6 +1066,7 @@ int VideoStore::writeAudioFramePacket(AVPacket *ipkt) { return 0; } #endif + dumpPacket(audio_out_stream, &opkt, "raw opkt"); opkt.duration = av_rescale_q(opkt.duration, audio_in_stream->time_base, audio_out_stream->time_base); From a9d601e5aecaebeda97a30f21f86cb4798294502 Mon Sep 17 00:00:00 2001 From: Pliable Pixels Date: Sun, 12 May 2019 10:56:17 -0400 Subject: [PATCH 110/922] add ability to revoke tokens and enable/disable APIs per user --- web/includes/actions/options.php | 1 + web/lang/en_gb.php | 1 + web/skins/classic/views/options.php | 115 ++++++++++++++++------------ 3 files changed, 68 insertions(+), 49 deletions(-) diff --git a/web/includes/actions/options.php b/web/includes/actions/options.php index 0c80bacf0..2f98b4a95 100644 --- a/web/includes/actions/options.php +++ b/web/includes/actions/options.php @@ -75,6 +75,7 @@ if ( $action == 'delete' ) { case 'config' : $restartWarning = true; break; + case 'API': case 'web' : case 'tools' : break; diff --git a/web/lang/en_gb.php b/web/lang/en_gb.php index e81f7fe6f..b5fa70168 100644 --- a/web/lang/en_gb.php +++ b/web/lang/en_gb.php @@ -660,6 +660,7 @@ $SLANG = array( 'RestrictedMonitors' => 'Restricted Monitors', 'ReturnDelay' => 'Return Delay', 'ReturnLocation' => 'Return Location', + 'RevokeAllTokens' => 'Revoke All Tokens' 'Rewind' => 'Rewind', 'RotateLeft' => 'Rotate Left', 'RotateRight' => 'Rotate Right', diff --git a/web/skins/classic/views/options.php b/web/skins/classic/views/options.php index e9245f10e..c4a630ade 100644 --- a/web/skins/classic/views/options.php +++ b/web/skins/classic/views/options.php @@ -430,60 +430,77 @@ foreach ( array_map('basename', glob('skins/'.$current_skin.'/css/*',GLOB_ONLYDI if ($tab == 'API') { ?> - -
- >

-
- - - - -
- - - - - - - - - - - - - - - - - - - - - - + + +
+ + "; + dbQuery('UPDATE Users SET TokenMinExpiry=? WHERE Id=?', array($minTime, $markUid)); + } + foreach( $_REQUEST["apiUids"] as $markUid ) { + dbQuery('UPDATE Users SET APIEnabled=1 WHERE Id=?', array($markUid)); + // echo "UPDATE Users SET APIEnabled=1"." WHERE Id=".$markUid."
"; + } + echo "Updated."; + } + + if(array_key_exists('revokeAllTokens',$_POST)){ + revokeAllTokens(); + } + + if(array_key_exists('updateSelected',$_POST)){ + updateSelected(); + } + ?> + + +

+ + + +
+ + + + + + + + + + + + + + +
/>
+
From 22c5d46c65b2b94bf25f977f1e0319cfe0462ad0 Mon Sep 17 00:00:00 2001 From: Isaac Connor Date: Sun, 12 May 2019 12:14:03 -0400 Subject: [PATCH 111/922] rescale audio packet duration and pts before feeding to codec after resample --- src/zm_videostore.cpp | 41 +++++++++++++++++++++++++++++++++++------ 1 file changed, 35 insertions(+), 6 deletions(-) diff --git a/src/zm_videostore.cpp b/src/zm_videostore.cpp index 978dfd328..2130db03b 100644 --- a/src/zm_videostore.cpp +++ b/src/zm_videostore.cpp @@ -1011,7 +1011,6 @@ int VideoStore::writeAudioFramePacket(AVPacket *ipkt) { } zm_dump_frame(out_frame, "Out frame after resample"); - out_frame->pts = in_frame->pts; // out_frame pts is in the input pkt pts... needs to be adjusted before sending to the encoder if ( out_frame->pts != AV_NOPTS_VALUE ) { if ( !audio_first_pts ) { @@ -1065,6 +1064,8 @@ int VideoStore::writeAudioFramePacket(AVPacket *ipkt) { return 0; } #endif +#if 0 + // These should be set by encoder. They may not directly relate to ipkt due to buffering in codec. opkt.duration = av_rescale_q(opkt.duration, audio_in_stream->time_base, audio_out_stream->time_base); @@ -1074,6 +1075,7 @@ int VideoStore::writeAudioFramePacket(AVPacket *ipkt) { opkt.dts = av_rescale_q(opkt.dts, audio_in_stream->time_base, audio_out_stream->time_base); +#endif dumpPacket(audio_out_stream, &opkt, "raw opkt"); } else { @@ -1179,16 +1181,32 @@ int VideoStore::resample_audio() { Debug(2, "Converting %d to %d samples using swresample", in_frame->nb_samples, out_frame->nb_samples); ret = swr_convert_frame(resample_ctx, out_frame, in_frame); - zm_dump_frame(out_frame, "Out frame after convert"); - - // resampling doesn't change the duration, or set it. - out_frame->pkt_duration = in_frame->pkt_duration; - if ( ret < 0 ) { Error("Could not resample frame (error '%s')", av_make_error_string(ret).c_str()); return 0; } + zm_dump_frame(out_frame, "Out frame after convert"); + + +#if 0 + // out_frame pts is in the input pkt pts... needs to be adjusted before sending to the encoder + if ( out_frame->pts != AV_NOPTS_VALUE ) { + if ( !audio_first_pts ) { + audio_first_pts = out_frame->pts; + Debug(1, "No audio_first_pts setting to %" PRId64, audio_first_pts); + out_frame->pts = 0; + } else { + out_frame->pts = out_frame->pts - audio_first_pts; + } + // + } else { + // sending AV_NOPTS_VALUE doesn't really work but we seem to get it in ffmpeg 2.8 + out_frame->pts = audio_next_pts; + } + audio_next_pts = out_frame->pts + out_frame->nb_samples; +#endif + if ((ret = av_audio_fifo_realloc(fifo, av_audio_fifo_size(fifo) + out_frame->nb_samples)) < 0) { Error("Could not reallocate FIFO"); return 0; @@ -1214,6 +1232,17 @@ int VideoStore::resample_audio() { return 0; } out_frame->nb_samples = frame_size; + // resampling changes the duration because the timebase is 1/samples + if ( in_frame->pts != AV_NOPTS_VALUE ) { + out_frame->pkt_duration = av_rescale_q( + in_frame->pkt_duration, + audio_in_stream->time_base, + audio_out_stream->time_base); + out_frame->pts = av_rescale_q( + in_frame->pts, + audio_in_stream->time_base, + audio_out_stream->time_base); + } #else #if defined(HAVE_LIBAVRESAMPLE) ret = avresample_convert(resample_ctx, NULL, 0, 0, in_frame->data, From c1891e35b9c23eb5b73480af36c180dd1609ed5c Mon Sep 17 00:00:00 2001 From: Pliable Pixels Date: Sun, 12 May 2019 12:15:08 -0400 Subject: [PATCH 112/922] moved API enable back to system --- .../lib/ZoneMinder/ConfigData.pm.in | 2 +- web/skins/classic/views/options.php | 160 +++++++++--------- 2 files changed, 83 insertions(+), 79 deletions(-) diff --git a/scripts/ZoneMinder/lib/ZoneMinder/ConfigData.pm.in b/scripts/ZoneMinder/lib/ZoneMinder/ConfigData.pm.in index 0e52cbe0c..c6ec697f1 100644 --- a/scripts/ZoneMinder/lib/ZoneMinder/ConfigData.pm.in +++ b/scripts/ZoneMinder/lib/ZoneMinder/ConfigData.pm.in @@ -394,7 +394,7 @@ our @options = ( if you are exposing your ZM instance on the Internet. `, type => $types{boolean}, - category => 'API', + category => 'system', }, { name => 'ZM_OPT_USE_EVENTNOTIFICATION', diff --git a/web/skins/classic/views/options.php b/web/skins/classic/views/options.php index c4a630ade..18b608155 100644 --- a/web/skins/classic/views/options.php +++ b/web/skins/classic/views/options.php @@ -311,8 +311,88 @@ foreach ( array_map('basename', glob('skins/'.$current_skin.'/css/*',GLOB_ONLYDI
-APIs are disabled. To enable, please turn on OPT_USE_API in Options->System
"; + } + else { + ?> + +
+
+ + "; + dbQuery('UPDATE Users SET TokenMinExpiry=? WHERE Id=?', array($minTime, $markUid)); + } + foreach( $_REQUEST["apiUids"] as $markUid ) { + dbQuery('UPDATE Users SET APIEnabled=1 WHERE Id=?', array($markUid)); + // echo "UPDATE Users SET APIEnabled=1"." WHERE Id=".$markUid."
"; + } + echo "Updated."; + } + + if(array_key_exists('revokeAllTokens',$_POST)){ + revokeAllTokens(); + } + + if(array_key_exists('updateSelected',$_POST)){ + updateSelected(); + } + ?> + + +

+ + + + + + + + + + + + + + + + + + + + +
/>
+
+ + + - - - - -
-
- - "; - dbQuery('UPDATE Users SET TokenMinExpiry=? WHERE Id=?', array($minTime, $markUid)); - } - foreach( $_REQUEST["apiUids"] as $markUid ) { - dbQuery('UPDATE Users SET APIEnabled=1 WHERE Id=?', array($markUid)); - // echo "UPDATE Users SET APIEnabled=1"." WHERE Id=".$markUid."
"; - } - echo "Updated."; - } - - if(array_key_exists('revokeAllTokens',$_POST)){ - revokeAllTokens(); - } - - if(array_key_exists('updateSelected',$_POST)){ - updateSelected(); - } - ?> - - -

- - - - - - - - - - - - - - - - - - - - -
/>
-
- - -
From 9998c2610112470bfddd9214631442c73f89ab6f Mon Sep 17 00:00:00 2001 From: Pliable Pixels Date: Sun, 12 May 2019 12:21:49 -0400 Subject: [PATCH 113/922] comma --- web/lang/en_gb.php | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/web/lang/en_gb.php b/web/lang/en_gb.php index b5fa70168..e0ee8f39f 100644 --- a/web/lang/en_gb.php +++ b/web/lang/en_gb.php @@ -660,7 +660,7 @@ $SLANG = array( 'RestrictedMonitors' => 'Restricted Monitors', 'ReturnDelay' => 'Return Delay', 'ReturnLocation' => 'Return Location', - 'RevokeAllTokens' => 'Revoke All Tokens' + 'RevokeAllTokens' => 'Revoke All Tokens', 'Rewind' => 'Rewind', 'RotateLeft' => 'Rotate Left', 'RotateRight' => 'Rotate Right', From 91dd6630b59f962f6062402b191c165c5e2c6029 Mon Sep 17 00:00:00 2001 From: Pliable Pixels Date: Sun, 12 May 2019 12:34:55 -0400 Subject: [PATCH 114/922] enable API options only if API enabled --- web/skins/classic/views/options.php | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/web/skins/classic/views/options.php b/web/skins/classic/views/options.php index 18b608155..465da0a02 100644 --- a/web/skins/classic/views/options.php +++ b/web/skins/classic/views/options.php @@ -316,7 +316,7 @@ foreach ( array_map('basename', glob('skins/'.$current_skin.'/css/*',GLOB_ONLYDI } else if ($tab == 'API') { $apiEnabled = dbFetchOne("SELECT Value FROM Config WHERE Name='ZM_OPT_USE_API'"); - if (!$apiEnabled) { + if ($apiEnabled['Value']!='1') { echo "
APIs are disabled. To enable, please turn on OPT_USE_API in Options->System
"; } else { From d7dbaf52d410bb76bbdfb6a07e701ef9cab7db4d Mon Sep 17 00:00:00 2001 From: Pliable Pixels Date: Sun, 12 May 2019 13:01:29 -0400 Subject: [PATCH 115/922] move user creation to bcrypt --- web/includes/actions/user.php | 29 +++++++++++++++++++++++++---- 1 file changed, 25 insertions(+), 4 deletions(-) diff --git a/web/includes/actions/user.php b/web/includes/actions/user.php index af569627f..bacf68698 100644 --- a/web/includes/actions/user.php +++ b/web/includes/actions/user.php @@ -28,8 +28,18 @@ if ( $action == 'user' ) { $types = array(); $changes = getFormChanges($dbUser, $_REQUEST['newUser'], $types); - if ( $_REQUEST['newUser']['Password'] ) - $changes['Password'] = 'Password = password('.dbEscape($_REQUEST['newUser']['Password']).')'; + if (function_exists ('password_hash')) { + $pass_hash = '"'.password_hash($pass, PASSWORD_BCRYPT).'"'; + } else { + $pass_hash = ' PASSWORD('.dbEscape($_REQUEST['newUser']['Password']).') '; + ZM\Info ('Cannot use bcrypt as you are using PHP < 5.5'); + } + + if ( $_REQUEST['newUser']['Password'] ) { + $changes['Password'] = 'Password = '.$pass_hash; + ZM\Info ("PASS CMD=".$changes['Password']); + } + else unset($changes['Password']); @@ -53,8 +63,19 @@ if ( $action == 'user' ) { $types = array(); $changes = getFormChanges($dbUser, $_REQUEST['newUser'], $types); - if ( !empty($_REQUEST['newUser']['Password']) ) - $changes['Password'] = 'Password = password('.dbEscape($_REQUEST['newUser']['Password']).')'; + if (function_exists ('password_hash')) { + $pass_hash = '"'.password_hash($pass, PASSWORD_BCRYPT).'"'; + } else { + $pass_hash = ' PASSWORD('.dbEscape($_REQUEST['newUser']['Password']).') '; + ZM\Info ('Cannot use bcrypt as you are using PHP < 5.5'); + } + + + if ( !empty($_REQUEST['newUser']['Password']) ) { + ZM\Info ("PASS CMD=".$changes['Password']); + $changes['Password'] = 'Password = '.$pass_hash; + } + else unset($changes['Password']); if ( count($changes) ) { From adb01c4d0e33fa17715371c390f276a3af5c3bc7 Mon Sep 17 00:00:00 2001 From: Pliable Pixels Date: Sun, 12 May 2019 13:57:25 -0400 Subject: [PATCH 116/922] added password_compat for PHP >=5.3 <5.5 --- web/composer.json | 3 +- web/composer.lock | 46 ++- web/includes/actions/user.php | 2 +- web/includes/auth.php | 6 +- web/skins/classic/views/options.php | 4 +- web/vendor/composer/ClassLoader.php | 4 +- web/vendor/composer/LICENSE | 69 +++- web/vendor/composer/autoload_files.php | 10 + web/vendor/composer/autoload_real.php | 18 + web/vendor/composer/autoload_static.php | 4 + web/vendor/composer/installed.json | 44 +++ .../ircmaxell/password-compat/LICENSE.md | 7 + .../ircmaxell/password-compat/composer.json | 20 ++ .../password-compat/lib/password.php | 314 ++++++++++++++++++ .../password-compat/version-test.php | 6 + 15 files changed, 528 insertions(+), 29 deletions(-) create mode 100644 web/vendor/composer/autoload_files.php create mode 100644 web/vendor/ircmaxell/password-compat/LICENSE.md create mode 100644 web/vendor/ircmaxell/password-compat/composer.json create mode 100644 web/vendor/ircmaxell/password-compat/lib/password.php create mode 100644 web/vendor/ircmaxell/password-compat/version-test.php diff --git a/web/composer.json b/web/composer.json index cc22311b1..968d1d4cb 100644 --- a/web/composer.json +++ b/web/composer.json @@ -1,5 +1,6 @@ { "require": { - "firebase/php-jwt": "^5.0" + "firebase/php-jwt": "^5.0", + "ircmaxell/password-compat": "^1.0" } } diff --git a/web/composer.lock b/web/composer.lock index b0b368b4f..b260d2e5a 100644 --- a/web/composer.lock +++ b/web/composer.lock @@ -1,10 +1,10 @@ { "_readme": [ "This file locks the dependencies of your project to a known state", - "Read more about it at https://getcomposer.org/doc/01-basic-usage.md#installing-dependencies", + "Read more about it at https://getcomposer.org/doc/01-basic-usage.md#composer-lock-the-lock-file", "This file is @generated automatically" ], - "content-hash": "7f97fc9c4d2beaf06d019ba50f7efcbc", + "content-hash": "5759823f1f047089a354efaa25903378", "packages": [ { "name": "firebase/php-jwt", @@ -51,6 +51,48 @@ "description": "A simple library to encode and decode JSON Web Tokens (JWT) in PHP. Should conform to the current spec.", "homepage": "https://github.com/firebase/php-jwt", "time": "2017-06-27T22:17:23+00:00" + }, + { + "name": "ircmaxell/password-compat", + "version": "v1.0.4", + "source": { + "type": "git", + "url": "https://github.com/ircmaxell/password_compat.git", + "reference": "5c5cde8822a69545767f7c7f3058cb15ff84614c" + }, + "dist": { + "type": "zip", + "url": "https://api.github.com/repos/ircmaxell/password_compat/zipball/5c5cde8822a69545767f7c7f3058cb15ff84614c", + "reference": "5c5cde8822a69545767f7c7f3058cb15ff84614c", + "shasum": "" + }, + "require-dev": { + "phpunit/phpunit": "4.*" + }, + "type": "library", + "autoload": { + "files": [ + "lib/password.php" + ] + }, + "notification-url": "https://packagist.org/downloads/", + "license": [ + "MIT" + ], + "authors": [ + { + "name": "Anthony Ferrara", + "email": "ircmaxell@php.net", + "homepage": "http://blog.ircmaxell.com" + } + ], + "description": "A compatibility library for the proposed simplified password hashing algorithm: https://wiki.php.net/rfc/password_hash", + "homepage": "https://github.com/ircmaxell/password_compat", + "keywords": [ + "hashing", + "password" + ], + "time": "2014-11-20T16:49:30+00:00" } ], "packages-dev": [], diff --git a/web/includes/actions/user.php b/web/includes/actions/user.php index bacf68698..2b520cd10 100644 --- a/web/includes/actions/user.php +++ b/web/includes/actions/user.php @@ -67,7 +67,7 @@ if ( $action == 'user' ) { $pass_hash = '"'.password_hash($pass, PASSWORD_BCRYPT).'"'; } else { $pass_hash = ' PASSWORD('.dbEscape($_REQUEST['newUser']['Password']).') '; - ZM\Info ('Cannot use bcrypt as you are using PHP < 5.5'); + ZM\Info ('Cannot use bcrypt as you are using PHP < 5.3'); } diff --git a/web/includes/auth.php b/web/includes/auth.php index 559b478ce..643feb952 100644 --- a/web/includes/auth.php +++ b/web/includes/auth.php @@ -37,10 +37,8 @@ function migrateHash($user, $pass) { dbQuery($update_password_sql); } else { - // Not really an error, so an info - // there is also a compat library https://github.com/ircmaxell/password_compat - // not sure if its worth it. Do a lot of people really use PHP < 5.5? - ZM\Info ('Cannot migrate password scheme to bcrypt, as you are using PHP < 5.5'); + + ZM\Info ('Cannot migrate password scheme to bcrypt, as you are using PHP < 5.3'); return; } diff --git a/web/skins/classic/views/options.php b/web/skins/classic/views/options.php index 465da0a02..d7b264834 100644 --- a/web/skins/classic/views/options.php +++ b/web/skins/classic/views/options.php @@ -314,7 +314,7 @@ foreach ( array_map('basename', glob('skins/'.$current_skin.'/css/*',GLOB_ONLYDI APIs are disabled. To enable, please turn on OPT_USE_API in Options->System"; @@ -377,7 +377,7 @@ foreach ( array_map('basename', glob('skins/'.$current_skin.'/css/*',GLOB_ONLYDI foreach( dbFetchAll($sql) as $row ) { ?> - + /> diff --git a/web/vendor/composer/ClassLoader.php b/web/vendor/composer/ClassLoader.php index fce8549f0..dc02dfb11 100644 --- a/web/vendor/composer/ClassLoader.php +++ b/web/vendor/composer/ClassLoader.php @@ -279,7 +279,7 @@ class ClassLoader */ public function setApcuPrefix($apcuPrefix) { - $this->apcuPrefix = function_exists('apcu_fetch') && filter_var(ini_get('apc.enabled'), FILTER_VALIDATE_BOOLEAN) ? $apcuPrefix : null; + $this->apcuPrefix = function_exists('apcu_fetch') && ini_get('apc.enabled') ? $apcuPrefix : null; } /** @@ -377,7 +377,7 @@ class ClassLoader $subPath = $class; while (false !== $lastPos = strrpos($subPath, '\\')) { $subPath = substr($subPath, 0, $lastPos); - $search = $subPath . '\\'; + $search = $subPath.'\\'; if (isset($this->prefixDirsPsr4[$search])) { $pathEnd = DIRECTORY_SEPARATOR . substr($logicalPathPsr4, $lastPos + 1); foreach ($this->prefixDirsPsr4[$search] as $dir) { diff --git a/web/vendor/composer/LICENSE b/web/vendor/composer/LICENSE index f27399a04..f0157a6ed 100644 --- a/web/vendor/composer/LICENSE +++ b/web/vendor/composer/LICENSE @@ -1,21 +1,56 @@ +Format: http://www.debian.org/doc/packaging-manuals/copyright-format/1.0/ +Upstream-Name: Composer +Upstream-Contact: Jordi Boggiano +Source: https://github.com/composer/composer -Copyright (c) Nils Adermann, Jordi Boggiano +Files: * +Copyright: 2016, Nils Adermann + 2016, Jordi Boggiano +License: Expat -Permission is hereby granted, free of charge, to any person obtaining a copy -of this software and associated documentation files (the "Software"), to deal -in the Software without restriction, including without limitation the rights -to use, copy, modify, merge, publish, distribute, sublicense, and/or sell -copies of the Software, and to permit persons to whom the Software is furnished -to do so, subject to the following conditions: +Files: src/Composer/Util/TlsHelper.php +Copyright: 2016, Nils Adermann + 2016, Jordi Boggiano + 2013, Evan Coury +License: Expat and BSD-2-Clause -The above copyright notice and this permission notice shall be included in all -copies or substantial portions of the Software. - -THE SOFTWARE IS PROVIDED "AS IS", WITHOUT WARRANTY OF ANY KIND, EXPRESS OR -IMPLIED, INCLUDING BUT NOT LIMITED TO THE WARRANTIES OF MERCHANTABILITY, -FITNESS FOR A PARTICULAR PURPOSE AND NONINFRINGEMENT. IN NO EVENT SHALL THE -AUTHORS OR COPYRIGHT HOLDERS BE LIABLE FOR ANY CLAIM, DAMAGES OR OTHER -LIABILITY, WHETHER IN AN ACTION OF CONTRACT, TORT OR OTHERWISE, ARISING FROM, -OUT OF OR IN CONNECTION WITH THE SOFTWARE OR THE USE OR OTHER DEALINGS IN -THE SOFTWARE. +License: BSD-2-Clause + Redistribution and use in source and binary forms, with or without modification, + are permitted provided that the following conditions are met: + . + * Redistributions of source code must retain the above copyright notice, + this list of conditions and the following disclaimer. + . + * Redistributions in binary form must reproduce the above copyright notice, + this list of conditions and the following disclaimer in the documentation + and/or other materials provided with the distribution. + . + THIS SOFTWARE IS PROVIDED BY THE COPYRIGHT HOLDERS AND CONTRIBUTORS "AS IS" AND + ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE IMPLIED + WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE ARE + DISCLAIMED. IN NO EVENT SHALL THE COPYRIGHT OWNER OR CONTRIBUTORS BE LIABLE FOR + ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES + (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES; + LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) HOWEVER CAUSED AND ON + ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT LIABILITY, OR TORT + (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY OUT OF THE USE OF THIS + SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF SUCH DAMAGE. +License: Expat + Permission is hereby granted, free of charge, to any person obtaining a copy + of this software and associated documentation files (the "Software"), to deal + in the Software without restriction, including without limitation the rights + to use, copy, modify, merge, publish, distribute, sublicense, and/or sell + copies of the Software, and to permit persons to whom the Software is furnished + to do so, subject to the following conditions: + . + The above copyright notice and this permission notice shall be included in all + copies or substantial portions of the Software. + . + THE SOFTWARE IS PROVIDED "AS IS", WITHOUT WARRANTY OF ANY KIND, EXPRESS OR + IMPLIED, INCLUDING BUT NOT LIMITED TO THE WARRANTIES OF MERCHANTABILITY, + FITNESS FOR A PARTICULAR PURPOSE AND NONINFRINGEMENT. IN NO EVENT SHALL THE + AUTHORS OR COPYRIGHT HOLDERS BE LIABLE FOR ANY CLAIM, DAMAGES OR OTHER + LIABILITY, WHETHER IN AN ACTION OF CONTRACT, TORT OR OTHERWISE, ARISING FROM, + OUT OF OR IN CONNECTION WITH THE SOFTWARE OR THE USE OR OTHER DEALINGS IN + THE SOFTWARE. diff --git a/web/vendor/composer/autoload_files.php b/web/vendor/composer/autoload_files.php new file mode 100644 index 000000000..eb2e8068e --- /dev/null +++ b/web/vendor/composer/autoload_files.php @@ -0,0 +1,10 @@ + $vendorDir . '/ircmaxell/password-compat/lib/password.php', +); diff --git a/web/vendor/composer/autoload_real.php b/web/vendor/composer/autoload_real.php index accbcefb3..6d63dc4f7 100644 --- a/web/vendor/composer/autoload_real.php +++ b/web/vendor/composer/autoload_real.php @@ -47,6 +47,24 @@ class ComposerAutoloaderInit254e25e69fe049d603f41f5fd853ef2b $loader->register(true); + if ($useStaticLoader) { + $includeFiles = Composer\Autoload\ComposerStaticInit254e25e69fe049d603f41f5fd853ef2b::$files; + } else { + $includeFiles = require __DIR__ . '/autoload_files.php'; + } + foreach ($includeFiles as $fileIdentifier => $file) { + composerRequire254e25e69fe049d603f41f5fd853ef2b($fileIdentifier, $file); + } + return $loader; } } + +function composerRequire254e25e69fe049d603f41f5fd853ef2b($fileIdentifier, $file) +{ + if (empty($GLOBALS['__composer_autoload_files'][$fileIdentifier])) { + require $file; + + $GLOBALS['__composer_autoload_files'][$fileIdentifier] = true; + } +} diff --git a/web/vendor/composer/autoload_static.php b/web/vendor/composer/autoload_static.php index 2709f5803..980a5a0d7 100644 --- a/web/vendor/composer/autoload_static.php +++ b/web/vendor/composer/autoload_static.php @@ -6,6 +6,10 @@ namespace Composer\Autoload; class ComposerStaticInit254e25e69fe049d603f41f5fd853ef2b { + public static $files = array ( + 'e40631d46120a9c38ea139981f8dab26' => __DIR__ . '/..' . '/ircmaxell/password-compat/lib/password.php', + ); + public static $prefixLengthsPsr4 = array ( 'F' => array ( diff --git a/web/vendor/composer/installed.json b/web/vendor/composer/installed.json index 5b2924c21..0e2ed23cf 100644 --- a/web/vendor/composer/installed.json +++ b/web/vendor/composer/installed.json @@ -46,5 +46,49 @@ ], "description": "A simple library to encode and decode JSON Web Tokens (JWT) in PHP. Should conform to the current spec.", "homepage": "https://github.com/firebase/php-jwt" + }, + { + "name": "ircmaxell/password-compat", + "version": "v1.0.4", + "version_normalized": "1.0.4.0", + "source": { + "type": "git", + "url": "https://github.com/ircmaxell/password_compat.git", + "reference": "5c5cde8822a69545767f7c7f3058cb15ff84614c" + }, + "dist": { + "type": "zip", + "url": "https://api.github.com/repos/ircmaxell/password_compat/zipball/5c5cde8822a69545767f7c7f3058cb15ff84614c", + "reference": "5c5cde8822a69545767f7c7f3058cb15ff84614c", + "shasum": "" + }, + "require-dev": { + "phpunit/phpunit": "4.*" + }, + "time": "2014-11-20T16:49:30+00:00", + "type": "library", + "installation-source": "dist", + "autoload": { + "files": [ + "lib/password.php" + ] + }, + "notification-url": "https://packagist.org/downloads/", + "license": [ + "MIT" + ], + "authors": [ + { + "name": "Anthony Ferrara", + "email": "ircmaxell@php.net", + "homepage": "http://blog.ircmaxell.com" + } + ], + "description": "A compatibility library for the proposed simplified password hashing algorithm: https://wiki.php.net/rfc/password_hash", + "homepage": "https://github.com/ircmaxell/password_compat", + "keywords": [ + "hashing", + "password" + ] } ] diff --git a/web/vendor/ircmaxell/password-compat/LICENSE.md b/web/vendor/ircmaxell/password-compat/LICENSE.md new file mode 100644 index 000000000..1efc565fc --- /dev/null +++ b/web/vendor/ircmaxell/password-compat/LICENSE.md @@ -0,0 +1,7 @@ +Copyright (c) 2012 Anthony Ferrara + +Permission is hereby granted, free of charge, to any person obtaining a copy of this software and associated documentation files (the "Software"), to deal in the Software without restriction, including without limitation the rights to use, copy, modify, merge, publish, distribute, sublicense, and/or sell copies of the Software, and to permit persons to whom the Software is furnished to do so, subject to the following conditions: + +The above copyright notice and this permission notice shall be included in all copies or substantial portions of the Software. + +THE SOFTWARE IS PROVIDED "AS IS", WITHOUT WARRANTY OF ANY KIND, EXPRESS OR IMPLIED, INCLUDING BUT NOT LIMITED TO THE WARRANTIES OF MERCHANTABILITY, FITNESS FOR A PARTICULAR PURPOSE AND NONINFRINGEMENT. IN NO EVENT SHALL THE AUTHORS OR COPYRIGHT HOLDERS BE LIABLE FOR ANY CLAIM, DAMAGES OR OTHER LIABILITY, WHETHER IN AN ACTION OF CONTRACT, TORT OR OTHERWISE, ARISING FROM, OUT OF OR IN CONNECTION WITH THE SOFTWARE OR THE USE OR OTHER DEALINGS IN THE SOFTWARE. \ No newline at end of file diff --git a/web/vendor/ircmaxell/password-compat/composer.json b/web/vendor/ircmaxell/password-compat/composer.json new file mode 100644 index 000000000..822fd1ffb --- /dev/null +++ b/web/vendor/ircmaxell/password-compat/composer.json @@ -0,0 +1,20 @@ +{ + "name": "ircmaxell/password-compat", + "description": "A compatibility library for the proposed simplified password hashing algorithm: https://wiki.php.net/rfc/password_hash", + "keywords": ["password", "hashing"], + "homepage": "https://github.com/ircmaxell/password_compat", + "license": "MIT", + "authors": [ + { + "name": "Anthony Ferrara", + "email": "ircmaxell@php.net", + "homepage": "http://blog.ircmaxell.com" + } + ], + "require-dev": { + "phpunit/phpunit": "4.*" + }, + "autoload": { + "files": ["lib/password.php"] + } +} diff --git a/web/vendor/ircmaxell/password-compat/lib/password.php b/web/vendor/ircmaxell/password-compat/lib/password.php new file mode 100644 index 000000000..cc6896c1d --- /dev/null +++ b/web/vendor/ircmaxell/password-compat/lib/password.php @@ -0,0 +1,314 @@ + + * @license http://www.opensource.org/licenses/mit-license.html MIT License + * @copyright 2012 The Authors + */ + +namespace { + + if (!defined('PASSWORD_BCRYPT')) { + /** + * PHPUnit Process isolation caches constants, but not function declarations. + * So we need to check if the constants are defined separately from + * the functions to enable supporting process isolation in userland + * code. + */ + define('PASSWORD_BCRYPT', 1); + define('PASSWORD_DEFAULT', PASSWORD_BCRYPT); + define('PASSWORD_BCRYPT_DEFAULT_COST', 10); + } + + if (!function_exists('password_hash')) { + + /** + * Hash the password using the specified algorithm + * + * @param string $password The password to hash + * @param int $algo The algorithm to use (Defined by PASSWORD_* constants) + * @param array $options The options for the algorithm to use + * + * @return string|false The hashed password, or false on error. + */ + function password_hash($password, $algo, array $options = array()) { + if (!function_exists('crypt')) { + trigger_error("Crypt must be loaded for password_hash to function", E_USER_WARNING); + return null; + } + if (is_null($password) || is_int($password)) { + $password = (string) $password; + } + if (!is_string($password)) { + trigger_error("password_hash(): Password must be a string", E_USER_WARNING); + return null; + } + if (!is_int($algo)) { + trigger_error("password_hash() expects parameter 2 to be long, " . gettype($algo) . " given", E_USER_WARNING); + return null; + } + $resultLength = 0; + switch ($algo) { + case PASSWORD_BCRYPT: + $cost = PASSWORD_BCRYPT_DEFAULT_COST; + if (isset($options['cost'])) { + $cost = $options['cost']; + if ($cost < 4 || $cost > 31) { + trigger_error(sprintf("password_hash(): Invalid bcrypt cost parameter specified: %d", $cost), E_USER_WARNING); + return null; + } + } + // The length of salt to generate + $raw_salt_len = 16; + // The length required in the final serialization + $required_salt_len = 22; + $hash_format = sprintf("$2y$%02d$", $cost); + // The expected length of the final crypt() output + $resultLength = 60; + break; + default: + trigger_error(sprintf("password_hash(): Unknown password hashing algorithm: %s", $algo), E_USER_WARNING); + return null; + } + $salt_requires_encoding = false; + if (isset($options['salt'])) { + switch (gettype($options['salt'])) { + case 'NULL': + case 'boolean': + case 'integer': + case 'double': + case 'string': + $salt = (string) $options['salt']; + break; + case 'object': + if (method_exists($options['salt'], '__tostring')) { + $salt = (string) $options['salt']; + break; + } + case 'array': + case 'resource': + default: + trigger_error('password_hash(): Non-string salt parameter supplied', E_USER_WARNING); + return null; + } + if (PasswordCompat\binary\_strlen($salt) < $required_salt_len) { + trigger_error(sprintf("password_hash(): Provided salt is too short: %d expecting %d", PasswordCompat\binary\_strlen($salt), $required_salt_len), E_USER_WARNING); + return null; + } elseif (0 == preg_match('#^[a-zA-Z0-9./]+$#D', $salt)) { + $salt_requires_encoding = true; + } + } else { + $buffer = ''; + $buffer_valid = false; + if (function_exists('mcrypt_create_iv') && !defined('PHALANGER')) { + $buffer = mcrypt_create_iv($raw_salt_len, MCRYPT_DEV_URANDOM); + if ($buffer) { + $buffer_valid = true; + } + } + if (!$buffer_valid && function_exists('openssl_random_pseudo_bytes')) { + $buffer = openssl_random_pseudo_bytes($raw_salt_len); + if ($buffer) { + $buffer_valid = true; + } + } + if (!$buffer_valid && @is_readable('/dev/urandom')) { + $f = fopen('/dev/urandom', 'r'); + $read = PasswordCompat\binary\_strlen($buffer); + while ($read < $raw_salt_len) { + $buffer .= fread($f, $raw_salt_len - $read); + $read = PasswordCompat\binary\_strlen($buffer); + } + fclose($f); + if ($read >= $raw_salt_len) { + $buffer_valid = true; + } + } + if (!$buffer_valid || PasswordCompat\binary\_strlen($buffer) < $raw_salt_len) { + $bl = PasswordCompat\binary\_strlen($buffer); + for ($i = 0; $i < $raw_salt_len; $i++) { + if ($i < $bl) { + $buffer[$i] = $buffer[$i] ^ chr(mt_rand(0, 255)); + } else { + $buffer .= chr(mt_rand(0, 255)); + } + } + } + $salt = $buffer; + $salt_requires_encoding = true; + } + if ($salt_requires_encoding) { + // encode string with the Base64 variant used by crypt + $base64_digits = + 'ABCDEFGHIJKLMNOPQRSTUVWXYZabcdefghijklmnopqrstuvwxyz0123456789+/'; + $bcrypt64_digits = + './ABCDEFGHIJKLMNOPQRSTUVWXYZabcdefghijklmnopqrstuvwxyz0123456789'; + + $base64_string = base64_encode($salt); + $salt = strtr(rtrim($base64_string, '='), $base64_digits, $bcrypt64_digits); + } + $salt = PasswordCompat\binary\_substr($salt, 0, $required_salt_len); + + $hash = $hash_format . $salt; + + $ret = crypt($password, $hash); + + if (!is_string($ret) || PasswordCompat\binary\_strlen($ret) != $resultLength) { + return false; + } + + return $ret; + } + + /** + * Get information about the password hash. Returns an array of the information + * that was used to generate the password hash. + * + * array( + * 'algo' => 1, + * 'algoName' => 'bcrypt', + * 'options' => array( + * 'cost' => PASSWORD_BCRYPT_DEFAULT_COST, + * ), + * ) + * + * @param string $hash The password hash to extract info from + * + * @return array The array of information about the hash. + */ + function password_get_info($hash) { + $return = array( + 'algo' => 0, + 'algoName' => 'unknown', + 'options' => array(), + ); + if (PasswordCompat\binary\_substr($hash, 0, 4) == '$2y$' && PasswordCompat\binary\_strlen($hash) == 60) { + $return['algo'] = PASSWORD_BCRYPT; + $return['algoName'] = 'bcrypt'; + list($cost) = sscanf($hash, "$2y$%d$"); + $return['options']['cost'] = $cost; + } + return $return; + } + + /** + * Determine if the password hash needs to be rehashed according to the options provided + * + * If the answer is true, after validating the password using password_verify, rehash it. + * + * @param string $hash The hash to test + * @param int $algo The algorithm used for new password hashes + * @param array $options The options array passed to password_hash + * + * @return boolean True if the password needs to be rehashed. + */ + function password_needs_rehash($hash, $algo, array $options = array()) { + $info = password_get_info($hash); + if ($info['algo'] != $algo) { + return true; + } + switch ($algo) { + case PASSWORD_BCRYPT: + $cost = isset($options['cost']) ? $options['cost'] : PASSWORD_BCRYPT_DEFAULT_COST; + if ($cost != $info['options']['cost']) { + return true; + } + break; + } + return false; + } + + /** + * Verify a password against a hash using a timing attack resistant approach + * + * @param string $password The password to verify + * @param string $hash The hash to verify against + * + * @return boolean If the password matches the hash + */ + function password_verify($password, $hash) { + if (!function_exists('crypt')) { + trigger_error("Crypt must be loaded for password_verify to function", E_USER_WARNING); + return false; + } + $ret = crypt($password, $hash); + if (!is_string($ret) || PasswordCompat\binary\_strlen($ret) != PasswordCompat\binary\_strlen($hash) || PasswordCompat\binary\_strlen($ret) <= 13) { + return false; + } + + $status = 0; + for ($i = 0; $i < PasswordCompat\binary\_strlen($ret); $i++) { + $status |= (ord($ret[$i]) ^ ord($hash[$i])); + } + + return $status === 0; + } + } + +} + +namespace PasswordCompat\binary { + + if (!function_exists('PasswordCompat\\binary\\_strlen')) { + + /** + * Count the number of bytes in a string + * + * We cannot simply use strlen() for this, because it might be overwritten by the mbstring extension. + * In this case, strlen() will count the number of *characters* based on the internal encoding. A + * sequence of bytes might be regarded as a single multibyte character. + * + * @param string $binary_string The input string + * + * @internal + * @return int The number of bytes + */ + function _strlen($binary_string) { + if (function_exists('mb_strlen')) { + return mb_strlen($binary_string, '8bit'); + } + return strlen($binary_string); + } + + /** + * Get a substring based on byte limits + * + * @see _strlen() + * + * @param string $binary_string The input string + * @param int $start + * @param int $length + * + * @internal + * @return string The substring + */ + function _substr($binary_string, $start, $length) { + if (function_exists('mb_substr')) { + return mb_substr($binary_string, $start, $length, '8bit'); + } + return substr($binary_string, $start, $length); + } + + /** + * Check if current PHP version is compatible with the library + * + * @return boolean the check result + */ + function check() { + static $pass = NULL; + + if (is_null($pass)) { + if (function_exists('crypt')) { + $hash = '$2y$04$usesomesillystringfore7hnbRJHxXVLeakoG8K30oukPsA.ztMG'; + $test = crypt("password", $hash); + $pass = $test == $hash; + } else { + $pass = false; + } + } + return $pass; + } + + } +} \ No newline at end of file diff --git a/web/vendor/ircmaxell/password-compat/version-test.php b/web/vendor/ircmaxell/password-compat/version-test.php new file mode 100644 index 000000000..96f60ca8d --- /dev/null +++ b/web/vendor/ircmaxell/password-compat/version-test.php @@ -0,0 +1,6 @@ + Date: Sun, 12 May 2019 14:48:23 -0400 Subject: [PATCH 117/922] add Password back so User object indexes don't change --- src/zm_user.cpp | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/src/zm_user.cpp b/src/zm_user.cpp index 84536c16e..e91f0c067 100644 --- a/src/zm_user.cpp +++ b/src/zm_user.cpp @@ -161,7 +161,7 @@ User *zmLoadTokenUser (std::string jwt_token_str, bool use_remote_addr ) { if (username != "") { char sql[ZM_SQL_MED_BUFSIZ] = ""; snprintf(sql, sizeof(sql), - "SELECT Id, Username, Enabled, Stream+0, Events+0, Control+0, Monitors+0, System+0, MonitorIds, TokenMinExpiry" + "SELECT Id, Username, Password, Enabled, Stream+0, Events+0, Control+0, Monitors+0, System+0, MonitorIds, TokenMinExpiry" " FROM Users WHERE Username = '%s' and Enabled = 1", username.c_str() ); if ( mysql_query(&dbconn, sql) ) { From cc0d23ce4ef64300efebd7a8b38fcddc33c24a68 Mon Sep 17 00:00:00 2001 From: Pliable Pixels Date: Sun, 12 May 2019 15:01:49 -0400 Subject: [PATCH 118/922] move token index after adding password --- src/zm_user.cpp | 3 +-- 1 file changed, 1 insertion(+), 2 deletions(-) diff --git a/src/zm_user.cpp b/src/zm_user.cpp index e91f0c067..68b52e08c 100644 --- a/src/zm_user.cpp +++ b/src/zm_user.cpp @@ -184,8 +184,7 @@ User *zmLoadTokenUser (std::string jwt_token_str, bool use_remote_addr ) { MYSQL_ROW dbrow = mysql_fetch_row(result); User *user = new User(dbrow); - Info ("DB 9=%s", dbrow[9]); - unsigned int stored_iat = strtoul(dbrow[9], NULL,0 ); + unsigned int stored_iat = strtoul(dbrow[10], NULL,0 ); if (stored_iat > iat ) { // admin revoked tokens mysql_free_result(result); From 21710b6e49697bcd8dc5e5117822e4f09f55ea8a Mon Sep 17 00:00:00 2001 From: Pliable Pixels Date: Sun, 12 May 2019 15:45:39 -0400 Subject: [PATCH 119/922] demote logs --- src/zm_crypt.cpp | 10 +++++----- src/zm_user.cpp | 4 ++-- src/zms.cpp | 2 +- web/skins/classic/views/options.php | 2 +- 4 files changed, 9 insertions(+), 9 deletions(-) diff --git a/src/zm_crypt.cpp b/src/zm_crypt.cpp index c37ab25bc..0235e5c13 100644 --- a/src/zm_crypt.cpp +++ b/src/zm_crypt.cpp @@ -35,7 +35,7 @@ std::pair verifyToken(std::string jwt_token_str, std } if (decoded.has_payload_claim("user")) { username = decoded.get_payload_claim("user").as_string(); - Info ("Got %s as user claim from token", username.c_str()); + Debug (1, "Got %s as user claim from token", username.c_str()); } else { Error ("User not found in claim"); @@ -44,7 +44,7 @@ std::pair verifyToken(std::string jwt_token_str, std if (decoded.has_payload_claim("iat")) { token_issued_at = (unsigned int) (decoded.get_payload_claim("iat").as_int()); - Info ("Got IAT token=%u", token_issued_at); + Debug (1,"Got IAT token=%u", token_issued_at); } else { @@ -73,7 +73,7 @@ bool verifyPassword(const char *username, const char *input_password, const char } if (db_password_hash[0] == '*') { // MYSQL PASSWORD - Info ("%s is using an MD5 encoded password", username); + Debug (1,"%s is using an MD5 encoded password", username); SHA_CTX ctx1, ctx2; unsigned char digest_interim[SHA_DIGEST_LENGTH]; @@ -96,14 +96,14 @@ bool verifyPassword(const char *username, const char *input_password, const char sprintf(&final_hash[i*2]+1, "%02X", (unsigned int)digest_final[i]); final_hash[SHA_DIGEST_LENGTH *2 + 1]=0; - Info ("Computed password_hash:%s, stored password_hash:%s", final_hash, db_password_hash); + Debug (1,"Computed password_hash:%s, stored password_hash:%s", final_hash, db_password_hash); Debug (5, "Computed password_hash:%s, stored password_hash:%s", final_hash, db_password_hash); password_correct = (strcmp(db_password_hash, final_hash)==0); } else if ((db_password_hash[0] == '$') && (db_password_hash[1]== '2') &&(db_password_hash[3] == '$')) { // BCRYPT - Info ("%s is using a bcrypt encoded password", username); + Debug (1,"%s is using a bcrypt encoded password", username); BCrypt bcrypt; std::string input_hash = bcrypt.generateHash(std::string(input_password)); password_correct = bcrypt.validatePassword(std::string(input_password), std::string(db_password_hash)); diff --git a/src/zm_user.cpp b/src/zm_user.cpp index 68b52e08c..35f25f7c9 100644 --- a/src/zm_user.cpp +++ b/src/zm_user.cpp @@ -152,7 +152,7 @@ User *zmLoadTokenUser (std::string jwt_token_str, bool use_remote_addr ) { key += remote_addr; } - Info ("Inside zmLoadTokenUser, formed key=%s", key.c_str()); + Debug (1,"Inside zmLoadTokenUser, formed key=%s", key.c_str()); std::pair ans = verifyToken(jwt_token_str, key); std::string username = ans.first; @@ -192,7 +192,7 @@ User *zmLoadTokenUser (std::string jwt_token_str, bool use_remote_addr ) { return NULL; } - Info ("Got stored expiry time of %u",stored_iat); + Debug (1,"Got stored expiry time of %u",stored_iat); Info ("Authenticated user '%s' via token", username.c_str()); mysql_free_result(result); return user; diff --git a/src/zms.cpp b/src/zms.cpp index 8442b6a65..64c1103db 100644 --- a/src/zms.cpp +++ b/src/zms.cpp @@ -161,7 +161,7 @@ int main( int argc, const char *argv[] ) { strncpy( auth, value, sizeof(auth)-1 ); } else if ( !strcmp( name, "token" ) ) { jwt_token_str = value; - Info("ZMS: JWT token found: %s", jwt_token_str.c_str()); + Debug(1,"ZMS: JWT token found: %s", jwt_token_str.c_str()); } else if ( !strcmp( name, "user" ) ) { username = UriDecode( value ); diff --git a/web/skins/classic/views/options.php b/web/skins/classic/views/options.php index d7b264834..c0b437855 100644 --- a/web/skins/classic/views/options.php +++ b/web/skins/classic/views/options.php @@ -345,7 +345,7 @@ foreach ( array_map('basename', glob('skins/'.$current_skin.'/css/*',GLOB_ONLYDI dbQuery('UPDATE Users SET APIEnabled=1 WHERE Id=?', array($markUid)); // echo "UPDATE Users SET APIEnabled=1"." WHERE Id=".$markUid."
"; } - echo "Updated."; + echo "Updated"; } if(array_key_exists('revokeAllTokens',$_POST)){ From 881d531fe960d35c33889128b3d258197269c626 Mon Sep 17 00:00:00 2001 From: Pliable Pixels Date: Sun, 12 May 2019 18:19:19 -0400 Subject: [PATCH 120/922] make old API auth optional, on by default --- .../lib/ZoneMinder/ConfigData.pm.in | 11 +++ web/api/app/Controller/HostController.php | 78 +++++++++---------- 2 files changed, 48 insertions(+), 41 deletions(-) diff --git a/scripts/ZoneMinder/lib/ZoneMinder/ConfigData.pm.in b/scripts/ZoneMinder/lib/ZoneMinder/ConfigData.pm.in index c6ec697f1..ef456f085 100644 --- a/scripts/ZoneMinder/lib/ZoneMinder/ConfigData.pm.in +++ b/scripts/ZoneMinder/lib/ZoneMinder/ConfigData.pm.in @@ -396,6 +396,17 @@ our @options = ( type => $types{boolean}, category => 'system', }, + { + name => 'ZM_OPT_USE_LEGACY_API_AUTH', + default => 'yes', + description => 'Enable legacy API authentication', + help => q` + Starting version 1.34.0, ZoneMinder uses a more secure + Authentication mechanism using JWT tokens. Older versions used a less secure MD5 based auth hash. It is recommended you turn this off after you are sure you don't need it. If you are using a 3rd party app that relies on the older API auth mechanisms, you will have to update that app if you turn this off. Note that zmNinja 1.3.057 onwards supports the new token system + `, + type => $types{boolean}, + category => 'system', + }, { name => 'ZM_OPT_USE_EVENTNOTIFICATION', default => 'no', diff --git a/web/api/app/Controller/HostController.php b/web/api/app/Controller/HostController.php index 7b8c7c0ff..a296ef2bc 100644 --- a/web/api/app/Controller/HostController.php +++ b/web/api/app/Controller/HostController.php @@ -31,56 +31,52 @@ class HostController extends AppController { } function login() { - $cred_depr = $this->_getCredentialsDeprecated(); - $ver = $this->_getVersion(); - + $mUser = $this->request->query('user') ? $this->request->query('user') : $this->request->data('user'); $mPassword = $this->request->query('pass') ? $this->request->query('pass') : $this->request->data('pass'); $mToken = $this->request->query('token') ? $this->request->query('token') : $this->request->data('token'); + $ver = $this->_getVersion(); + $cred = []; + $cred_depr = []; + if ($mUser && $mPassword) { - $cred = $this->_getCredentials(true); - // if you authenticated via user/pass then generate new refresh - $this->set(array( - 'access_token'=>$cred[0], - 'access_token_expires'=>$cred[1], - 'refresh_token'=>$cred[2], - 'refresh_token_expires'=>$cred[3], - 'credentials'=>$cred_depr[0], - 'append_password'=>$cred_depr[1], - 'version' => $ver[0], - 'apiversion' => $ver[1], - '_serialize' => array( - 'access_token', - 'access_token_expires', - 'refresh_token', - 'refresh_token_expires', - 'version', - 'credentials', - 'append_password', - 'apiversion' - ))); + $cred = $this->_getCredentials(true); // generate refresh } else { - $cred = $this->_getCredentials(false); - $this->set(array( - 'access_token'=>$cred[0], - 'access_token_expires'=>$cred[1], - 'credentials'=>$cred_depr[0], - 'append_password'=>$cred_depr[1], - 'version' => $ver[0], - 'apiversion' => $ver[1], - '_serialize' => array( - 'access_token', - 'access_token_expires', - 'version', - 'credentials', - 'append_password', - 'apiversion' - ))); - + $cred = $this->_getCredentials(false); // don't generate refresh } + $login_array = array ( + 'access_token'=>$cred[0], + 'access_token_expires'=>$cred[1], + 'version' => $ver[0], + 'apiversion' => $ver[1] + ); + + $login_serialize_list = array ( + 'access_token', + 'access_token_expires', + 'version', + 'apiversion' + ); + + if ($mUser && mPassword) { + $login_array['refresh_token'] = $cred[2]; + $login_array['refresh_token_expires'] = $cred[3]; + array_push ($login_serialize_list, 'refresh_token', 'refresh_token_expires'); + } + + if (ZM_OPT_USE_LEGACY_API_AUTH) { + $cred_depr = $this->_getCredentialsDeprecated(); + $login_array ['credentials']=$cred_depr[0]; + $login_array ['append_password']=$cred_depr[1]; + array_push ($login_serialize_list, 'credentials', 'append_password'); + } + + $this->set($login_array, + '_serialize' => $login_serialize_list); + } // end function login() From ec279ccc9af525ea0c5d1d023db68520965fa519 Mon Sep 17 00:00:00 2001 From: Pliable Pixels Date: Sun, 12 May 2019 18:51:07 -0400 Subject: [PATCH 121/922] make old API auth mechanism optional --- web/api/app/Controller/HostController.php | 36 +++++++++++++++++------ 1 file changed, 27 insertions(+), 9 deletions(-) diff --git a/web/api/app/Controller/HostController.php b/web/api/app/Controller/HostController.php index a296ef2bc..b5629aca4 100644 --- a/web/api/app/Controller/HostController.php +++ b/web/api/app/Controller/HostController.php @@ -36,6 +36,11 @@ class HostController extends AppController { $mPassword = $this->request->query('pass') ? $this->request->query('pass') : $this->request->data('pass'); $mToken = $this->request->query('token') ? $this->request->query('token') : $this->request->data('token'); + + if ( !($mUser && $mPassword) && !$mToken ) { + throw new UnauthorizedException(__('No identity provided')); + } + $ver = $this->_getVersion(); $cred = []; $cred_depr = []; @@ -47,21 +52,28 @@ class HostController extends AppController { $cred = $this->_getCredentials(false); // don't generate refresh } + $this->set(array( + 'credentials' => $cred[0], + 'append_password'=>$cred[1], + 'version' => $ver[0], + 'apiversion' => $ver[1], + '_serialize' => array('credentials', + 'append_password', + 'version', + 'apiversion' + ))); + $login_array = array ( 'access_token'=>$cred[0], - 'access_token_expires'=>$cred[1], - 'version' => $ver[0], - 'apiversion' => $ver[1] + 'access_token_expires'=>$cred[1] ); $login_serialize_list = array ( 'access_token', - 'access_token_expires', - 'version', - 'apiversion' + 'access_token_expires' ); - if ($mUser && mPassword) { + if ($mUser && $mPassword) { $login_array['refresh_token'] = $cred[2]; $login_array['refresh_token_expires'] = $cred[3]; array_push ($login_serialize_list, 'refresh_token', 'refresh_token_expires'); @@ -74,8 +86,14 @@ class HostController extends AppController { array_push ($login_serialize_list, 'credentials', 'append_password'); } - $this->set($login_array, - '_serialize' => $login_serialize_list); + + $login_array['version'] = $ver[0]; + $login_array['apiversion'] = $ver[1]; + array_push ($login_serialize_list, 'version', 'apiversion'); + + $login_array["_serialize"] = $login_serialize_list; + + $this->set($login_array); } // end function login() From 41ae745b176e132da5ca3b649f6e372e69af34f5 Mon Sep 17 00:00:00 2001 From: Pliable Pixels Date: Sun, 12 May 2019 18:53:51 -0400 Subject: [PATCH 122/922] removed stale code --- web/api/app/Controller/HostController.php | 11 ----------- 1 file changed, 11 deletions(-) diff --git a/web/api/app/Controller/HostController.php b/web/api/app/Controller/HostController.php index b5629aca4..9ff4e7c76 100644 --- a/web/api/app/Controller/HostController.php +++ b/web/api/app/Controller/HostController.php @@ -52,17 +52,6 @@ class HostController extends AppController { $cred = $this->_getCredentials(false); // don't generate refresh } - $this->set(array( - 'credentials' => $cred[0], - 'append_password'=>$cred[1], - 'version' => $ver[0], - 'apiversion' => $ver[1], - '_serialize' => array('credentials', - 'append_password', - 'version', - 'apiversion' - ))); - $login_array = array ( 'access_token'=>$cred[0], 'access_token_expires'=>$cred[1] From 74d9f4f1aaae736132296083effedcb734996309 Mon Sep 17 00:00:00 2001 From: Jonathan Meredith <35303639+jimender2@users.noreply.github.com> Date: Mon, 13 May 2019 07:58:18 -0400 Subject: [PATCH 123/922] Spelling and grammar fixes in help (#2603) * Edit Help array to make it match others below. This should not affect the results * Misc. grammer and spelling fixes along with removing some duplicated words. This should not affect compilation. * More grammer and spelling errors * Replace Javascript with ZoneMinder because it did not make sense there. * More spelling and grammar edits --- .../lib/ZoneMinder/ConfigData.pm.in | 83 ++++++++++--------- web/lang/en_gb.php | 42 +++++----- web/skins/classic/views/monitor.php | 24 +++--- 3 files changed, 75 insertions(+), 74 deletions(-) diff --git a/scripts/ZoneMinder/lib/ZoneMinder/ConfigData.pm.in b/scripts/ZoneMinder/lib/ZoneMinder/ConfigData.pm.in index c6ec697f1..4d96f11db 100644 --- a/scripts/ZoneMinder/lib/ZoneMinder/ConfigData.pm.in +++ b/scripts/ZoneMinder/lib/ZoneMinder/ConfigData.pm.in @@ -197,8 +197,8 @@ our @options = ( name => 'ZM_BANDWIDTH_DEFAULT', default => 'high', description => 'Default setting for bandwidth profile used by web interface', - help => q`The classic skin for ZoneMinder has different - profiles to use for low medium or high bandwidth connections. + help => q`The classic skin for ZoneMinder has different + profiles to use for low, medium, or high bandwidth connections. `, type => $types{string}, category => 'system', @@ -547,7 +547,7 @@ our @options = ( higher quality setting than the ordinary file setting. If set to a lower value then it is ignored. Thus leaving it at the default of 0 effectively means to use the regular file quality - setting for all saved images. This is to prevent acccidentally + setting for all saved images. This is to prevent accidentally saving important images at a worse quality setting. `, type => $types{integer}, @@ -671,7 +671,7 @@ our @options = ( Internet Explorer that don't natively support this format. If you use this browser it is highly recommended to install this from the [cambozola project site](http://www.charliemouse.com/code/cambozola/). - However, if it is not installed still images at a lower refresh rate can + However, if it is not installed still images at a lower refresh rate can still be viewed. `, type => $types{boolean}, @@ -926,10 +926,10 @@ our @options = ( help => q` Due to browsers only wanting to open 6 connections, if you have more than 6 monitors, you can have trouble viewing more than 6. This setting - specified the beginning of a port range that will be used to contact ZM + specified the beginning of a port range that will be used to contact ZM on. Each monitor will use this value plus the Monitor Id to stream - content. So a value of 2000 here will cause a stream for Monitor 1 to - hit port 2001. Please ensure that you configure apache appropriately + content. So a value of 2000 here will cause a stream for Monitor 1 to + hit port 2001. Please ensure that you configure apache appropriately to respond on these ports.`, type => $types{integer}, category => 'network', @@ -1065,12 +1065,12 @@ our @options = ( default => '0', description => 'Save logging output to the system log', help => q` - ZoneMinder logging is now more more integrated between + ZoneMinder logging is now more integrated between components and allows you to specify the destination for logging output and the individual levels for each. This option lets you control the level of logging output that goes to the system log. ZoneMinder binaries have always logged to the - system log but now scripts and web logging is also included. To + system log but script and web logging is now included. To preserve the previous behaviour you should ensure this value is set to Info or Warning. This option controls the maximum level of logging that will be written, so Info includes Warnings and @@ -1092,7 +1092,7 @@ our @options = ( default => '-5', description => 'Save logging output to component files', help => q` - ZoneMinder logging is now more more integrated between + ZoneMinder logging is now more integrated between components and allows you to specify the destination for logging output and the individual levels for each. This option lets you control the level of logging output that goes to @@ -1122,7 +1122,7 @@ our @options = ( default => '-5', description => 'Save logging output to the weblog', help => q` - ZoneMinder logging is now more more integrated between + ZoneMinder logging is now more integrated between components and allows you to specify the destination for logging output and the individual levels for each. This option lets you control the level of logging output from the web @@ -1149,7 +1149,7 @@ our @options = ( default => '0', description => 'Save logging output to the database', help => q` - ZoneMinder logging is now more more integrated between + ZoneMinder logging is now more integrated between components and allows you to specify the destination for logging output and the individual levels for each. This option lets you control the level of logging output that is written to @@ -1204,7 +1204,7 @@ our @options = ( help => q` When enabled (default is on), this option will log FFMPEG messages. FFMPEG messages can be useful when debugging streaming issues. However, - depending on your distro and FFMPEG version, this may also result in + depending on your distro and FFMPEG version, this may also result in more logs than you'd typically like to see. If all your streams are working well, you may choose to turn this off. `, @@ -1219,7 +1219,7 @@ our @options = ( ZoneMinder components usually support debug logging available to help with diagnosing problems. Binary components have several levels of debug whereas more other components have only - one. Normally this is disabled to minimise performance + one. Normally this is disabled to minimize performance penalties and avoid filling logs too quickly. This option lets you switch on other options that allow you to configure additional debug information to be output. Components will pick @@ -1480,8 +1480,8 @@ our @options = ( default => 'ZoneMinder', description => 'The title displayed wherever the site references itself.', help => q` - If you want the site to identify as something other than ZoneMinder, change this here. - It can be used to more accurately identify this installation from others. + If you want the site to identify as something other than ZoneMinder, change this here. + It can be used to more accurately identify this installation from others. `, type => $types{string}, category => 'web', @@ -1504,8 +1504,8 @@ our @options = ( default => 'http://zoneminder.com', description => 'The url used in the home/logo area of the navigation bar.', help => q` - By default this takes you to the zoneminder.com website, - but perhaps you would prefer it to take you somewhere else. + By default this takes you to the zoneminder.com website, + but perhaps you would prefer it to take you somewhere else. `, type => $types{string}, category => 'web', @@ -1515,7 +1515,7 @@ our @options = ( default => 'ZoneMinder', description => 'The content of the home button.', help => q` - You may wish to set this to empty if you are using css to put a background image on it. + You may wish to set this to empty if you are using css to put a background image on it. `, type => $types{string}, category => 'web', @@ -1538,7 +1538,8 @@ our @options = ( name => 'ZM_WEB_EVENT_DISK_SPACE', default => 'no', description => 'Whether to show disk space used by each event.', - help => q`Adds another column to the listing of events + help => q` + Adds another column to the listing of events showing the disk space used by the event. This will impart a small overhead as it will call du on the event directory. In practice this overhead is fairly small but may be noticeable on IO-constrained @@ -1555,7 +1556,7 @@ our @options = ( Traditionally the main ZoneMinder web console window has resized itself to shrink to a size small enough to list only the monitors that are actually present. This is intended to - make the window more unobtrusize but may not be to everyones + make the window more unobtrusize but may not be to everyone's tastes, especially if opened in a tab in browsers which support this kind if layout. Switch this option off to have the console window size left to the users preference @@ -2105,7 +2106,7 @@ our @options = ( a remote ftp server. This option indicates that ftp transfers should be done in passive mode. This uses a single connection for all ftp activity and, whilst slower than active transfers, - is more robust and likely to work from behind filewalls. This + is more robust and likely to work from behind firewalls. This option is ignored for SFTP transfers. `, requires => [ { name => 'ZM_OPT_UPLOAD', value => 'yes' } ], @@ -2631,7 +2632,7 @@ our @options = ( help => q` As event images are captured they are stored to the filesystem with a numerical index. By default this index has three digits - so the numbers start 001, 002 etc. This works works for most + so the numbers start 001, 002 etc. This works for most scenarios as events with more than 999 frames are rarely captured. However if you have extremely long events and use external applications then you may wish to increase this to @@ -2728,7 +2729,7 @@ our @options = ( it to the ZoneMinder development team. This data will be used to determine things like who and where our customers are, how big their systems are, the underlying hardware and operating system, etc. - This is being done for the sole purpoase of creating a better + This is being done for the sole purpose of creating a better product for our target audience. This script is intended to be completely transparent to the end user, and can be disabled from the web console under Options. For more details on what information @@ -2752,7 +2753,7 @@ our @options = ( { name => 'ZM_TELEMETRY_LAST_UPLOAD', default => '', - description => 'When the last ZoneMinder telemetry upload ocurred', + description => 'When the last ZoneMinder telemetry upload occurred', help => '', type => $types{integer}, readonly => 1, @@ -2810,7 +2811,7 @@ our @options = ( default => 'javascript', description => 'What method windows should use to refresh themselves', help => q` - Many windows in Javascript need to refresh themselves to keep + Many windows in ZoneMinder need to refresh themselves to keep their information current. This option determines what method they should use to do this. Choosing 'javascript' means that each window will have a short JavaScript statement in with a @@ -2944,7 +2945,7 @@ our @options = ( some indication of the type of content. However this is not a standard part of HTML. The official method is to use OBJECT tags which are able to give more information allowing the - correct media viewers etc to be loaded. However these are less + correct media viewers etc. to be loaded. However these are less widely supported and content may be specifically tailored to a particular platform or player. This option controls whether media content is enclosed in EMBED tags only or whether, where @@ -2968,7 +2969,7 @@ our @options = ( browsers. When this condition occurs, ZoneMinder will write a warning to the log file. To get around this, one can install a browser plugin or extension to ignore X-Frame headers, and then the page will - display properly. Once the plugin or extenstion has ben installed, + display properly. Once the plugin or extension has ben installed, the end user may choose to turn this warning off. `, type => $types{boolean}, @@ -3082,7 +3083,7 @@ our @options = ( description => 'How often (in seconds) the event listing is refreshed in the watch window', help => q` The monitor window is actually made from several frames. The - lower framme contains a listing of the last few events for easy + lower frame contains a listing of the last few events for easy access. This option determines how often this is refreshed. `, type => $types{integer}, @@ -3212,12 +3213,12 @@ our @options = ( { name => 'ZM_WEB_H_SCALE_THUMBS', default => 'no', - description => 'Scale thumbnails in events, bandwidth versus cpu in rescaling', + description => 'Scale thumbnails in events, bandwidth versus CPU in rescaling', help => q` If unset, this option sends the whole image to the browser which resizes it in the window. If set the image is scaled down on the server before sending a reduced size image to the - browser to conserve bandwidth at the cost of cpu on the server. + browser to conserve bandwidth at the cost of CPU on the server. Note that ZM can only perform the resizing if the appropriate PHP graphics functionality is installed. This is usually available in the php-gd package. @@ -3251,7 +3252,7 @@ our @options = ( help => q` When viewing events an event navigation panel and progress bar is shown below the event itself. This allows you to jump to - specific points in the event, but can can also dynamically + specific points in the event, but can also dynamically update to display the current progress of the event replay itself. This progress is calculated from the actual event duration and is not directly linked to the replay itself, so on @@ -3355,7 +3356,7 @@ our @options = ( description => 'How often (in seconds) the event listing is refreshed in the watch window', help => q` The monitor window is actually made from several frames. The - lower framme contains a listing of the last few events for easy + lower frame contains a listing of the last few events for easy access. This option determines how often this is refreshed. `, type => $types{integer}, @@ -3485,12 +3486,12 @@ our @options = ( { name => 'ZM_WEB_M_SCALE_THUMBS', default => 'yes', - description => 'Scale thumbnails in events, bandwidth versus cpu in rescaling', + description => 'Scale thumbnails in events, bandwidth versus CPU in rescaling', help => q` If unset, this option sends the whole image to the browser which resizes it in the window. If set the image is scaled down on the server before sending a reduced size image to the - browser to conserve bandwidth at the cost of cpu on the server. + browser to conserve bandwidth at the cost of CPU on the server. Note that ZM can only perform the resizing if the appropriate PHP graphics functionality is installed. This is usually available in the php-gd package. @@ -3524,7 +3525,7 @@ our @options = ( help => q` When viewing events an event navigation panel and progress bar is shown below the event itself. This allows you to jump to - specific points in the event, but can can also dynamically + specific points in the event, but can also dynamically update to display the current progress of the event replay itself. This progress is calculated from the actual event duration and is not directly linked to the replay itself, so on @@ -3628,7 +3629,7 @@ our @options = ( description => 'How often (in seconds) the event listing is refreshed in the watch window', help => q` The monitor window is actually made from several frames. The - lower framme contains a listing of the last few events for easy + lower frame contains a listing of the last few events for easy access. This option determines how often this is refreshed. `, type => $types{integer}, @@ -3757,12 +3758,12 @@ our @options = ( { name => 'ZM_WEB_L_SCALE_THUMBS', default => 'yes', - description => 'Scale thumbnails in events, bandwidth versus cpu in rescaling', + description => 'Scale thumbnails in events, bandwidth versus CPU in rescaling', help => q` If unset, this option sends the whole image to the browser which resizes it in the window. If set the image is scaled down on the server before sending a reduced size image to the - browser to conserve bandwidth at the cost of cpu on the server. + browser to conserve bandwidth at the cost of CPU on the server. Note that ZM can only perform the resizing if the appropriate PHP graphics functionality is installed. This is usually available in the php-gd package. @@ -3796,7 +3797,7 @@ our @options = ( help => q` When viewing events an event navigation panel and progress bar is shown below the event itself. This allows you to jump to - specific points in the event, but can can also dynamically + specific points in the event, but can also dynamically update to display the current progress of the event replay itself. This progress is calculated from the actual event duration and is not directly linked to the replay itself, so on @@ -3988,7 +3989,7 @@ saveConfigToDB(); The ZoneMinder:ConfigData module contains the master definition of the ZoneMinder configuration options as well as helper methods. This module is -intended for specialist confguration management and would not normally be +intended for specialist configuration management and would not normally be used by end users. The configuration held in this module, which was previously in zmconfig.pl, diff --git a/web/lang/en_gb.php b/web/lang/en_gb.php index 945d26bea..72d6de8ab 100644 --- a/web/lang/en_gb.php +++ b/web/lang/en_gb.php @@ -32,7 +32,7 @@ // a formatting string. If the dynamic element is a number you will usually need to use a variable // replacement also as described below. // c) Variable replacements are used in conjunction with complex replacements and involve the generation -// of a singular or plural noun depending on the number passed into the zmVlang function. See the +// of a singular or plural noun depending on the number passed into the zmVlang function. See the // the zmVlang section below for a further description of this. // d) Optional strings which can be used to replace the prompts and/or help text for the Options section // of the web interface. These are not listed below as they are quite large and held in the database @@ -40,7 +40,7 @@ // quite easily from the Config table in the database if necessary. // 3. The tokens listed below are not used to build up phrases or sentences from single words. Therefore // you can safely assume that a single word token will only be used in that context. -// 4. In new language files, or if you are changing only a few words or phrases it makes sense from a +// 4. In new language files, or if you are changing only a few words or phrases it makes sense from a // maintenance point of view to include the original language file and override the old definitions rather // than copy all the language tokens across. To do this change the line below to whatever your base language // is and uncomment it. @@ -57,10 +57,10 @@ // If you do need to change your locale, be aware that the format of this function // is subtlely different in versions of PHP before and after 4.3.0, see // http://uk2.php.net/manual/en/function.setlocale.php for details. -// Also be aware that changing the whole locale may affect some floating point or decimal +// Also be aware that changing the whole locale may affect some floating point or decimal // arithmetic in the database, if this is the case change only the individual locale areas // that don't affect this rather than all at once. See the examples below. -// Finally, depending on your setup, PHP may not enjoy have multiple locales in a shared +// Finally, depending on your setup, PHP may not enjoy have multiple locales in a shared // threaded environment, if you get funny errors it may be this. // // Examples @@ -768,7 +768,7 @@ $SLANG = array( 'Update' => 'Update', 'Upload' => 'Upload', 'Updated' => 'Updated', - 'UsedPlugins' => 'Used Plugins', + 'UsedPlugins' => 'Used Plugins', 'UseFilterExprsPost' => ' filter expressions', // This is used at the end of the phrase 'use N filter expressions' 'UseFilterExprsPre' => 'Use ', // This is used at the beginning of the phrase 'use N filter expressions' 'UseFilter' => 'Use Filter', @@ -847,7 +847,7 @@ $CLANG = array( 'VersionMismatch' => 'Version mismatch, system is version %1$s, database is %2$s.', ); -// The next section allows you to describe a series of word ending and counts used to +// The next section allows you to describe a series of word ending and counts used to // generate the correctly conjugated forms of words depending on a count that is associated // with that word. // This intended to allow phrases such a '0 potatoes', '1 potato', '2 potatoes' etc to @@ -888,7 +888,7 @@ $VLANG = array( // with variable counts. This is used to conjugate the Vlang arrays above with a number passed // in to generate the correct noun form. // -// In languages such as English this is fairly simple +// In languages such as English this is fairly simple // Note this still has to be used with printf etc to get the right formatting function zmVlang( $langVarArray, $count ) { @@ -906,9 +906,9 @@ function zmVlang( $langVarArray, $count ) // This is an version that could be used in the Russian example above // The rules are that the first word form is used if the count ends in // 0, 5-9 or 11-19. The second form is used then the count ends in 1 -// (not including 11 as above) and the third form is used when the +// (not including 11 as above) and the third form is used when the // count ends in 2-4, again excluding any values ending in 12-14. -// +// // function zmVlang( $langVarArray, $count ) // { // $secondlastdigit = substr( $count, -2, 1 ); @@ -916,7 +916,7 @@ function zmVlang( $langVarArray, $count ) // // or // // $secondlastdigit = ($count/10)%10; // // $lastdigit = $count%10; -// +// // // Get rid of the special cases first, the teens // if ( $secondlastdigit == 1 && $lastdigit != 0 ) // { @@ -950,7 +950,7 @@ function zmVlang( $langVarArray, $count ) // die( 'Error, unable to correlate variable language string' ); // } -// This is an example of how the function is used in the code which you can uncomment and +// This is an example of how the function is used in the code which you can uncomment and // use to test your custom function. //$monitors = array(); //$monitors[] = 1; // Choose any number @@ -967,17 +967,17 @@ $OLANG = array( "\"reorder_queue_size=nnn\" Set number of packets to buffer for handling of reordered packets~~~~". "\"loglevel=debug\" Set verbosity of FFmpeg (quiet, panic, fatal, error, warning, info, verbose, debug)" ), - 'OPTIONS_RTSPTrans' => array( + 'OPTIONS_RTSPTrans' => array( 'Help' => "This sets the RTSP Transport Protocol for FFmpeg.~~ ". - "TCP - Use TCP (interleaving within the RTSP control channel) as transport protocol.~~". - "UDP - Use UDP as transport protocol. Higher resolution cameras have experienced some 'smearing' while using UDP, if so try TCP~~". - "UDP Multicast - Use UDP Multicast as transport protocol~~". - "HTTP - Use HTTP tunneling as transport protocol, which is useful for passing proxies.~~" + "TCP - Use TCP (interleaving within the RTSP control channel) as transport protocol.~~". + "UDP - Use UDP as transport protocol. Higher resolution cameras have experienced some 'smearing' while using UDP, if so try TCP~~". + "UDP Multicast - Use UDP Multicast as transport protocol~~". + "HTTP - Use HTTP tunneling as transport protocol, which is useful for passing proxies.~~" ), 'OPTIONS_LIBVLC' => array( 'Help' => "Parameters in this field are passed on to libVLC. Multiple parameters can be separated by ,~~ ". "Examples (do not enter quotes)~~~~". - "\"--rtp-client-port=nnn\" Set local port to use for rtp data~~~~". + "\"--rtp-client-port=nnn\" Set local port to use for rtp data~~~~". "\"--verbose=2\" Set verbosity of libVLC" ), 'OPTIONS_EXIF' => array( @@ -986,7 +986,7 @@ $OLANG = array( 'OPTIONS_RTSPDESCRIBE' => array( 'Help' => "Sometimes, during the initial RTSP handshake, the camera will send an updated media URL. ". "Enable this option to tell ZoneMinder to use this URL. Disable this option to ignore the ". - "value from the camera and use the value as entered in the monitor configuration~~~~". + "value from the camera and use the value as entered in the monitor configuration~~~~". "Generally this should be enabled. However, there are cases where the camera can get its". "own URL incorrect, such as when the camera is streaming through a firewall"), 'OPTIONS_MAXFPS' => array( @@ -994,12 +994,12 @@ $OLANG = array( "Failure to adhere to these limitations will cause a delay in live video, irregular frame skipping, ". "and missed events~~". "For streaming IP cameras, do not use this field to reduce the frame rate. Set the frame rate in the". - " camera, instead. You can, however, use a value that is slightly higher than the frame rate in the camera. ". - "In this case, this helps keep the cpu from being overtaxed in the event of a network problem.~~". + " camera, instead. You can, however, use a value that is slightly higher than the frame rate in the camera. ". + "In this case, this helps keep the cpu from being overtaxed in the event of a network problem.~~". "Some, mostly older, IP cameras support snapshot mode. In this case ZoneMinder is actively polling the camera ". "for new images. In this case, it is safe to use the field." ), - + // 'LANG_DEFAULT' => array( // 'Prompt' => "This is a new prompt for this option", // 'Help' => "This is some new help for this option which will be displayed in the popup window when the ? is clicked" diff --git a/web/skins/classic/views/monitor.php b/web/skins/classic/views/monitor.php index a0d6c7e91..d6d7780b7 100644 --- a/web/skins/classic/views/monitor.php +++ b/web/skins/classic/views/monitor.php @@ -39,7 +39,7 @@ if ( ! empty($_REQUEST['mid']) ) { $monitor = new ZM\Monitor( $_REQUEST['mid'] ); if ( $monitor and ZM_OPT_X10 ) $x10Monitor = dbFetchOne('SELECT * FROM TriggersX10 WHERE MonitorId = ?', NULL, array($_REQUEST['mid'])); -} +} if ( ! $monitor ) { $nextId = getTableAutoInc('Monitors'); @@ -132,9 +132,9 @@ if ( ! $monitor ) { if ( ZM_OPT_X10 && empty($x10Monitor) ) { $x10Monitor = array( - 'Activation' => '', - 'AlarmInput' => '', - 'AlarmOutput' => '', + 'Activation' => '', + 'AlarmInput' => '', + 'AlarmOutput' => '', ); } @@ -166,7 +166,7 @@ if ( $monitor->AlarmMaxFPS() == '0.00' ) if ( !empty($_REQUEST['preset']) ) { $preset = dbFetchOne( 'SELECT Type, Device, Channel, Format, Protocol, Method, Host, Port, Path, Width, Height, Palette, MaxFPS, Controllable, ControlId, ControlDevice, ControlAddress, DefaultRate, DefaultScale FROM MonitorPresets WHERE Id = ?', NULL, array($_REQUEST['preset']) ); foreach ( $preset as $name=>$value ) { - # Does isset handle NULL's? I don't think this code is correct. + # Does isset handle NULL's? I don't think this code is correct. if ( isset($value) ) { $monitor->$name = $value; } @@ -176,7 +176,7 @@ if ( !empty($_REQUEST['probe']) ) { $probe = json_decode(base64_decode($_REQUEST['probe'])); foreach ( $probe as $name=>$value ) { if ( isset($value) ) { - # Does isset handle NULL's? I don't think this code is correct. + # Does isset handle NULL's? I don't think this code is correct. $monitor->$name = urldecode($value); } } @@ -683,7 +683,7 @@ switch ( $tab ) { ?> -'None','auto'=>'Auto'); foreach ( ZM\Server::find(NULL, array('order'=>'lower(Name)')) as $Server ) { $servers[$Server->Id()] = $Server->Name(); @@ -763,7 +763,7 @@ echo htmlOptions(ZM\Group::get_dropdown_options( ), $monitor->GroupIds() ); - + Type() == 'NVSocket' ) { include('_monitor_source_nvsocket.php'); } else if ( $monitor->Type() == 'Remote' ) { @@ -894,10 +894,10 @@ if ( $monitor->Type() != 'NVSocket' && $monitor->Type() != 'WebSite' ) { () () - + Orientation() );?> Type() == 'Local' ) { ?> @@ -920,7 +920,7 @@ if ( $monitor->Type() == 'Local' ) { ?> - 'Disabled', ); From 7f704263d8a8fd420c3f3886198f7ae0db60e284 Mon Sep 17 00:00:00 2001 From: Isaac Connor Date: Mon, 13 May 2019 10:30:41 -0400 Subject: [PATCH 124/922] If running a custom run state, show the state instead of Running. Also select the running state in the state change popup. --- web/skins/classic/includes/functions.php | 13 ++++++++++--- web/skins/classic/views/state.php | 4 +++- 2 files changed, 13 insertions(+), 4 deletions(-) diff --git a/web/skins/classic/includes/functions.php b/web/skins/classic/includes/functions.php index 2d71b2397..40bf18b30 100644 --- a/web/skins/classic/includes/functions.php +++ b/web/skins/classic/includes/functions.php @@ -233,7 +233,12 @@ function getNavBarHTML($reload = null) { ob_start(); if ( $running == null ) $running = daemonCheck(); - $status = $running?translate('Running'):translate('Stopped'); + if ( $running ) { + $state = dbFetchOne('SELECT Name FROM States WHERE isActive=1', 'Name'); + if ( $state == 'default' ) + $state = ''; + } + $status = $running ? ($state ? $state : translate('Running')) : translate('Stopped'); ?>
@@ -244,7 +249,9 @@ function getNavBarHTML($reload = null) { -
+
+ +
diff --git a/web/skins/classic/views/state.php b/web/skins/classic/views/state.php index dead5ebf5..12180000d 100644 --- a/web/skins/classic/views/state.php +++ b/web/skins/classic/views/state.php @@ -54,7 +54,9 @@ if ( $running ) { $states = dbFetchAll('SELECT * FROM States'); foreach ( $states as $state ) { ?> - + From 87e407aa906ae2e4d913d4f442abb6d747b1a425 Mon Sep 17 00:00:00 2001 From: Pliable Pixels Date: Mon, 13 May 2019 10:31:09 -0400 Subject: [PATCH 125/922] forgot to checkin update file --- db/zm_update-1.33.9.sql | 3 +++ distros/debian/control | 4 ++-- scripts/zmupdate.pl.in | 15 +++++++++++++++ 3 files changed, 20 insertions(+), 2 deletions(-) create mode 100644 db/zm_update-1.33.9.sql diff --git a/db/zm_update-1.33.9.sql b/db/zm_update-1.33.9.sql new file mode 100644 index 000000000..2b298b8b9 --- /dev/null +++ b/db/zm_update-1.33.9.sql @@ -0,0 +1,3 @@ +ALTER TABLE `Users` +ADD COLUMN `TokenMinExpiry` BIGINT UNSIGNED NOT NULL DEFAULT 0 AFTER `MonitorIds`, +ADD COLUMN `APIEnabled` tinyint(3) UNSIGNED NOT NULL default 1 AFTER `TokenMinExpiry`; diff --git a/distros/debian/control b/distros/debian/control index 2b46f44e1..dd5a405cd 100644 --- a/distros/debian/control +++ b/distros/debian/control @@ -26,7 +26,7 @@ Build-Depends: debhelper (>= 9), cmake , libdata-dump-perl, libclass-std-fast-perl, libsoap-wsdl-perl, libio-socket-multicast-perl, libdigest-sha-perl , libsys-cpu-perl, libsys-meminfo-perl , libdata-uuid-perl - , libssl-dev + , libssl-dev,libdigest-bcrypt-perl Standards-Version: 3.9.4 Package: zoneminder @@ -52,7 +52,7 @@ Depends: ${shlibs:Depends}, ${misc:Depends}, ${perl:Depends} , zip , libvlccore5 | libvlccore7 | libvlccore8, libvlc5 , libpolkit-gobject-1-0, php5-gd - , libssl + , libssl,libdigest-bcrypt-perl Recommends: mysql-server | mariadb-server Description: Video camera security and surveillance solution ZoneMinder is intended for use in single or multi-camera video security diff --git a/scripts/zmupdate.pl.in b/scripts/zmupdate.pl.in index bb9dddac4..136856d64 100644 --- a/scripts/zmupdate.pl.in +++ b/scripts/zmupdate.pl.in @@ -312,6 +312,7 @@ if ( $migrateEvents ) { if ( $freshen ) { print( "\nFreshening configuration in database\n" ); migratePaths(); + migratePasswords(); ZoneMinder::Config::loadConfigFromDB(); ZoneMinder::Config::saveConfigToDB(); } @@ -999,6 +1000,20 @@ sub patchDB { } +sub migratePasswords { + + print ("****** MIGRATION"); + my $sql = "select * from Users"; + my $sth = $dbh->prepare_cached( $sql ) or die( "Can't prepare '$sql': ".$dbh->errstr() ); + my $res = $sth->execute() or die( "Can't execute: ".$sth->errstr() ); + while( my $user = $sth->fetchrow_hashref() ) { + my $scheme = substr $user->{Password}, 0, 1; + if ($scheme eq "*") { + print ("*********** HOLY GODZILLA ".$user->{Username}. " uses PASSWORD"); + } + } +} + sub migratePaths { my $customConfigFile = '@ZM_CONFIG_SUBDIR@/zmcustom.conf'; From e9f843f29707f2f3c8f5c3792357d05e3ff64612 Mon Sep 17 00:00:00 2001 From: Pliable Pixels Date: Mon, 13 May 2019 14:29:24 -0400 Subject: [PATCH 126/922] bulk overlay hash mysql encoded passwords --- distros/debian/control | 6 ++++-- scripts/zmupdate.pl.in | 17 +++++++++++++---- web/includes/auth.php | 31 +++++++++++++++++++++---------- 3 files changed, 38 insertions(+), 16 deletions(-) diff --git a/distros/debian/control b/distros/debian/control index dd5a405cd..59afe46a8 100644 --- a/distros/debian/control +++ b/distros/debian/control @@ -26,7 +26,7 @@ Build-Depends: debhelper (>= 9), cmake , libdata-dump-perl, libclass-std-fast-perl, libsoap-wsdl-perl, libio-socket-multicast-perl, libdigest-sha-perl , libsys-cpu-perl, libsys-meminfo-perl , libdata-uuid-perl - , libssl-dev,libdigest-bcrypt-perl + , libdigest-bcrypt-perl, libdata-entropy-perl Standards-Version: 3.9.4 Package: zoneminder @@ -52,7 +52,9 @@ Depends: ${shlibs:Depends}, ${misc:Depends}, ${perl:Depends} , zip , libvlccore5 | libvlccore7 | libvlccore8, libvlc5 , libpolkit-gobject-1-0, php5-gd - , libssl,libdigest-bcrypt-perl + , libssl + ,libdigest-bcrypt-perl, libdata-entropy-perl + Recommends: mysql-server | mariadb-server Description: Video camera security and surveillance solution ZoneMinder is intended for use in single or multi-camera video security diff --git a/scripts/zmupdate.pl.in b/scripts/zmupdate.pl.in index 136856d64..8c620443b 100644 --- a/scripts/zmupdate.pl.in +++ b/scripts/zmupdate.pl.in @@ -51,6 +51,8 @@ configuring upgrades etc, including on the fly upgrades. use strict; use bytes; use version; +use Digest; +use Data::Entropy::Algorithms qw(rand_bits); # ========================================================================== # @@ -1001,15 +1003,22 @@ sub patchDB { } sub migratePasswords { - - print ("****** MIGRATION"); + print ("Migratings passwords, if any...\n"); my $sql = "select * from Users"; my $sth = $dbh->prepare_cached( $sql ) or die( "Can't prepare '$sql': ".$dbh->errstr() ); my $res = $sth->execute() or die( "Can't execute: ".$sth->errstr() ); while( my $user = $sth->fetchrow_hashref() ) { - my $scheme = substr $user->{Password}, 0, 1; + my $scheme = substr($user->{Password}, 0, 1); if ($scheme eq "*") { - print ("*********** HOLY GODZILLA ".$user->{Username}. " uses PASSWORD"); + print ("-->".$user->{Username}. " password will be migrated\n"); + my $bcrypt = Digest->new('Bcrypt', cost=>10, salt=>rand_bits(16*8)); + my $settings = $bcrypt->settings(); + my $pass_hash = $bcrypt->add($user->{Password})->bcrypt_b64digest; + #print ("--- New pass overlay ----".$pass_hash); + my $new_pass_hash = "-ZM-".$settings.$pass_hash; + $sql = "UPDATE Users SET PASSWORD=? WHERE Username=?"; + my $sth = $dbh->prepare_cached( $sql ) or die( "Can't prepare '$sql': ".$dbh->errstr() ); + my $res = $sth->execute($new_pass_hash, $user->{Username}) or die( "Can't execute: ".$sth->errstr() ); } } } diff --git a/web/includes/auth.php b/web/includes/auth.php index 643feb952..581fba1be 100644 --- a/web/includes/auth.php +++ b/web/includes/auth.php @@ -131,20 +131,31 @@ function userLogin($username='', $password='', $passwordHashed=false, $apiLogin $password_type = 'mysql'; } - else { - // bcrypt can have multiple signatures - if (preg_match('/^\$2[ayb]\$.+$/', $saved_password)) { + elseif (preg_match('/^\$2[ayb]\$.+$/', $saved_password)) { + ZM\Logger::Debug('bcrypt signature found, assumed bcrypt password'); + $password_type='bcrypt'; + $password_correct = $passwordHashed? ($password == $saved_password) : password_verify($password, $saved_password); + } + // zmupdate.pl adds a '-ZM-' prefix to overlay encrypted passwords + // this is done so that we don't spend cycles doing two bcrypt password_verify calls + // for every wrong password entered. This will only be invoked for passwords zmupdate.pl has + // overlay hashed + elseif (substr($saved_password, 0,4) == '-ZM-') { + ZM\Logger::Debug("Detected bcrypt overlay hashing for $username"); + ZM\Info("Detected bcrypt overlay hashing for $username"); + $bcrypt_hash = substr ($saved_password, 4); + $mysql_encoded_password ='*'.strtoupper(sha1(sha1($password, true))); + ZM\Logger::Debug("Comparing password $mysql_encoded_password to bcrypt hash: $bcrypt_hash"); + ZM\Info("Comparing password $mysql_encoded_password to bcrypt hash: $bcrypt_hash"); + $password_correct = password_verify($mysql_encoded_password, $bcrypt_hash); + $password_type = "mysql"; // so we can migrate later down - ZM\Logger::Debug ('bcrypt signature found, assumed bcrypt password'); - $password_type='bcrypt'; - $password_correct = $passwordHashed? ($password == $saved_password) : password_verify($password, $saved_password); - } - else { + } + else { // we really should nag the user not to use plain ZM\Warning ('assuming plain text password as signature is not known. Please do not use plain, it is very insecure'); $password_type = 'plain'; $password_correct = ($saved_password == $password); - } } } else { @@ -165,7 +176,7 @@ function userLogin($username='', $password='', $passwordHashed=false, $apiLogin ZM\Info("Login successful for user \"$username\""); $user = $saved_user_details; if ($password_type == 'mysql') { - ZM\Info ('Migrating password, if possible for future logins'); + ZM\Info('Migrating password, if possible for future logins'); migrateHash($username, $password); } unset($_SESSION['loginFailed']); From 4a2ac470eedd2c4479f2d9c49686c9d6baceafe8 Mon Sep 17 00:00:00 2001 From: Pliable Pixels Date: Mon, 13 May 2019 14:32:48 -0400 Subject: [PATCH 127/922] add back ssl_dev, got deleted --- distros/debian/control | 1 + 1 file changed, 1 insertion(+) diff --git a/distros/debian/control b/distros/debian/control index 59afe46a8..87873f294 100644 --- a/distros/debian/control +++ b/distros/debian/control @@ -26,6 +26,7 @@ Build-Depends: debhelper (>= 9), cmake , libdata-dump-perl, libclass-std-fast-perl, libsoap-wsdl-perl, libio-socket-multicast-perl, libdigest-sha-perl , libsys-cpu-perl, libsys-meminfo-perl , libdata-uuid-perl + , libssl-dev , libdigest-bcrypt-perl, libdata-entropy-perl Standards-Version: 3.9.4 From 4027a5adf8528a48987b495e81f58e3f4d799a2a Mon Sep 17 00:00:00 2001 From: Pliable Pixels Date: Mon, 13 May 2019 14:48:26 -0400 Subject: [PATCH 128/922] fix update script --- db/zm_update-1.33.9.sql | 30 +++++++++++++++++++++++++++--- 1 file changed, 27 insertions(+), 3 deletions(-) diff --git a/db/zm_update-1.33.9.sql b/db/zm_update-1.33.9.sql index 2b298b8b9..e0d289ba4 100644 --- a/db/zm_update-1.33.9.sql +++ b/db/zm_update-1.33.9.sql @@ -1,3 +1,27 @@ -ALTER TABLE `Users` -ADD COLUMN `TokenMinExpiry` BIGINT UNSIGNED NOT NULL DEFAULT 0 AFTER `MonitorIds`, -ADD COLUMN `APIEnabled` tinyint(3) UNSIGNED NOT NULL default 1 AFTER `TokenMinExpiry`; +-- +-- Add per user API enable/disable and ability to set a minimum issued time for tokens +-- + +SET @s = (SELECT IF( + (SELECT COUNT(*) FROM INFORMATION_SCHEMA.COLUMNS WHERE table_schema = DATABASE() + AND table_name = 'Users' + AND column_name = 'TokenMinExpiry' + ) > 0, +"SELECT 'Column TokenMinExpiry already exists in Users'", +"ALTER TABLE Users ADD `TokenMinExpiry` BIGINT UNSIGNED NOT NULL DEFAULT 0 AFTER `MonitorIds`" +)); + +PREPARE stmt FROM @s; +EXECUTE stmt; + +SET @s = (SELECT IF( + (SELECT COUNT(*) FROM INFORMATION_SCHEMA.COLUMNS WHERE table_schema = DATABASE() + AND table_name = 'Users' + AND column_name = 'APIEnabled' + ) > 0, +"SELECT 'Column APIEnabled already exists in Users'", +"ALTER TABLE Users ADD `APIEnabled` tinyint(3) UNSIGNED NOT NULL default 1 AFTER `TokenMinExpiry`" +)); + +PREPARE stmt FROM @s; +EXECUTE stmt; From 95460a945ab7e5c63dc0551bdd6230a3026ceb9e Mon Sep 17 00:00:00 2001 From: Pliable Pixels Date: Tue, 14 May 2019 19:22:49 -0400 Subject: [PATCH 129/922] added token support to index.php --- web/includes/auth.php | 8 ++++++++ 1 file changed, 8 insertions(+) diff --git a/web/includes/auth.php b/web/includes/auth.php index 581fba1be..33d2b3fb6 100644 --- a/web/includes/auth.php +++ b/web/includes/auth.php @@ -386,6 +386,14 @@ if ( ZM_OPT_USE_AUTH ) { } else if ( isset($_REQUEST['username']) and isset($_REQUEST['password']) ) { userLogin($_REQUEST['username'], $_REQUEST['password'], false); } + + if ( ZM_AUTH_HASH_LOGINS && empty($user) && !empty($_REQUEST['token']) ) { + + $ret = validateToken($_REQUEST['token'], 'access'); + $user = $ret[0]; + } + + if ( !empty($user) ) { // generate it once here, while session is open. Value will be cached in session and return when called later on generateAuthHash(ZM_AUTH_HASH_IPS); From a07da01f0ca57b505d442e86bcf8847433195b86 Mon Sep 17 00:00:00 2001 From: Pliable Pixels Date: Wed, 15 May 2019 13:57:51 -0400 Subject: [PATCH 130/922] reworked API document for new changes in 2.0 --- docs/api.rst | 318 +++++++++++++++++++++++++++++++++++++++------------ 1 file changed, 244 insertions(+), 74 deletions(-) diff --git a/docs/api.rst b/docs/api.rst index 2f90b7fdf..d60847d92 100644 --- a/docs/api.rst +++ b/docs/api.rst @@ -1,10 +1,12 @@ + API ==== -This document will provide an overview of ZoneMinder's API. This is work in progress. +This document will provide an overview of ZoneMinder's API. Overview ^^^^^^^^ + In an effort to further 'open up' ZoneMinder, an API was needed. This will allow quick integration with and development of ZoneMinder. @@ -12,87 +14,175 @@ The API is built in CakePHP and lives under the ``/api`` directory. It provides a RESTful service and supports CRUD (create, retrieve, update, delete) functions for Monitors, Events, Frames, Zones and Config. -Streaming Interface -^^^^^^^^^^^^^^^^^^^ -Developers working on their application often ask if there is an "API" to receive live streams, or recorded event streams. -It is possible to stream both live and recorded streams. This isn't strictly an "API" per-se (that is, it is not integrated -into the Cake PHP based API layer discussed here) and also why we've used the term "Interface" instead of an "API". +API evolution +^^^^^^^^^^^^^^^ -Live Streams -~~~~~~~~~~~~~~ -What you need to know is that if you want to display "live streams", ZoneMinder sends you streaming JPEG images (MJPEG) -which can easily be rendered in a browser using an ``img src`` tag. +The ZoneMinder API has evolved over time. Broadly speaking the iterations were as follows: -For example: +* Prior to version 1.29, there really was no API layer. Users had to use the same URLs that the web console used to 'mimic' operations, or use an XML skin +* Starting version 1.29, a v1.0 CakePHP based API was released which continues to evolve over time. From a security perspective, it still tied into ZM auth and required client cookies for many operations. Primarily, two authentication modes were offered: + * You use cookies to maintain session state (`ZM_SESS_ID`) + * You use an authentication hash to validate yourself, which included encoding personal information and time stamps which at times caused timing validation issues, especially for mobile consumers +* Starting version 1.34, ZoneMinder has introduced a new "token" based system which is based JWT. We have given it a '2.0' version ID. These tokens don't encode any personal data and can be statelessly passed around per request. It introduces concepts like access tokens, refresh tokens and per user level API revocation to manage security better. The internal components of ZoneMinder all support this new scheme now and if you are using the APIs we strongly recommend you migrate to 1.34 and use this new token system (as a side note, 1.34 also moves from MYSQL PASSWORD to Bcrypt for passwords, which is also a good reason why you should migate). +* Note that as of 1.34, both versions of API access will work (tokens and the older auth hash mechanism). -:: +.. NOTE:: + For the rest of the document, we will specifically highlight v2.0 only features. If you don't see a special mention, assume it applies for both API versions. - - -will display a live feed from monitor id 1, scaled down by 50% in quality and resized to 640x480px. - -* This assumes ``/zm/cgi-bin`` is your CGI_BIN path. Change it to what is correct in your system -* The "auth" token you see above is required if you use ZoneMinder authentication. To understand how to get the auth token, please read the "Login, Logout & API security" section below. -* The "connkey" parameter is essentially a random number which uniquely identifies a stream. If you don't specify a connkey, ZM will generate its own. It is recommended to generate a connkey because you can then use it to "control" the stream (pause/resume etc.) -* Instead of dealing with the "auth" token, you can also use ``&user=username&pass=password`` where "username" and "password" are your ZoneMinder username and password respectively. Note that this is not recommended because you are transmitting them in a URL and even if you use HTTPS, they may show up in web server logs. - - -PTZ on live streams -------------------- -PTZ commands are pretty cryptic in ZoneMinder. This is not meant to be an exhaustive guide, but just something to whet your appetite: - - -Lets assume you have a monitor, with ID=6. Let's further assume you want to pan it left. - -You'd need to send a: -``POST`` command to ``https://yourserver/zm/index.php`` with the following data payload in the command (NOT in the URL) - -``view=request&request=control&id=6&control=moveConLeft&xge=30&yge=30`` - -Obviously, if you are using authentication, you need to be logged in for this to work. - -Like I said, at this stage, this is only meant to get you started. Explore the ZoneMinder code and use "Inspect source" as you use PTZ commands in the ZoneMinder source code. -`control_functions.php `__ is a great place to start. - - -Pre-recorded (past event) streams -~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~ - -Similar to live playback, if you have chosen to store events in JPEG mode, you can play it back using: - -:: - - - - -* This assumes ``/zm/cgi-bin`` is your CGI_BIN path. Change it to what is correct in your system -* This will playback event 293820, starting from frame 1 as an MJPEG stream -* Like before, you can add more parameters like ``scale`` etc. -* auth and connkey have the same meaning as before, and yes, you can replace auth by ``&user=usename&pass=password`` as before and the same security concerns cited above apply. - -If instead, you have chosen to use the MP4 (Video) storage mode for events, you can directly play back the saved video file: - -:: - - - -* This will play back the video recording for event 294690 - -What other parameters are supported? -~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~ -The best way to answer this question is to play with ZoneMinder console. Open a browser, play back live or recorded feed, and do an "Inspect Source" to see what parameters -are generated. Change and observe. Enabling API -^^^^^^^^^^^^ -A default ZoneMinder installs with APIs enabled. You can explictly enable/disable the APIs -via the Options->System menu by enabling/disabling ``OPT_USE_API``. Note that if you intend -to use APIs with 3rd party apps, such as zmNinja or others that use APIs, you should also -enable ``AUTH_HASH_LOGINS``. +^^^^^^^^^^^^^ -Login, Logout & API Security -^^^^^^^^^^^^^^^^^^^^^^^^^^^^^ +ZoneMinder comes with APIs enabled. To check if APIs are enabled, visit ``Options->System``. If ``OPT_USE_API`` is enabled, your APIs are active. +For v2.0 APIs, you have an additional option right below it - ``OPT_USE_LEGACY_API_AUTH`` which is enabled by default. When enabled, the `login.json` API (discussed later) will return both the old style (``auth=``) and new style (``token=``) credentials. The reason this is enabled by default is because any existing apps that use the API would break if they were not updated to use v2.0. (Note that zmNinja 1.3.057 and beyond will support tokens) + +Enabling secret key +^^^^^^^^^^^^^^^^^^^ + +* It is important that you create a "Secret Key". This needs to be a set of hard to guess characters, that only you know. ZoneMinder does not create a key for you. It is your responsibility to create it. If you haven't created one already, please do so by going to ``Options->Systems`` and populating ``AUTH_HASH_SECRET``. Don't forget to save. +* If you plan on using V2.0 token based security, **it is mandatory to populate this secret key**, as it is used to sign the token. If you don't, token authentication will fail. V1.0 did not mandate this requirement. + + +Getting API key +^^^^^^^^^^^^^^^^^^^^^^^ + +To get API key: + +:: + + curl -XPOST [-c cookies.txt] -d "user=yourusername&pass=yourpassword" https://yourserver/zm/api/host/login.json + + +The ``[-c cookies.txt]`` is optional, and will be explained in the next section. + +This returns a payload like this for API v1.0: + +:: + + { + "credentials": "auth=05f3a50e8f7063", + "append_password": 0, + "version": "1.33.9", + "apiversion": "1.0" + } + +Or for API 2.0: + +:: + + { + "access_token": "eyJ0eXAiOiJKHE", + "access_token_expires": 3600, + "refresh_token": "eyJ0eXAiOimPs", + "refresh_token_expires": 86400, + "credentials": "auth=05f3a50e8f7063", # only if OPT_USE_LEGACY_API_AUTH is enabled + "append_password": 0, # only if OPT_USE_LEGACY_API_AUTH is enabled + "version": "1.33.9", + "apiversion": "2.0" + } + +Using these keys with subsequent requests +^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^ + +Once you have the keys (a.k.a credentials (v1.0, v2.0) or token (v2.0)) you should now supply that credential to subsequent API calls like this: + +:: + + # RECOMMENDED: v2.0 token based + curl -XPOST https://yourserver/zm/api/monitors.json&token= + # or + + # v1.0 or 2.0 based API access (will only work if AUTH_HASH_LOGINS is enabled) + curl -XPOST -d "auth=" https://yourserver/zm/api/monitors.json + # or + curl -XGET https://yourserver/zm/api/monitors.json&auth= + # or, if you specified -c cookies.txt in the original login request + curl -b cookies.txt -XGET https://yourserver/zm/api/monitors.json + + +.. NOTE:: + ZoneMinder's API layer allows API keys to be encoded either as a querty parameter or as a data payload. If you don't pass keys, you could use cookies (not recommended as a general approach) + + +Key lifetime (v1.0) +^^^^^^^^^^^^^^^^^^^^^ + +If you are using the old ``auth_hash`` mechanism present in v1.0, then the credentials will time out based on PHP session timeout. This is often confusing and sometime causes additional issues due to the fact that the old method also includes timestamps in its hash. + +Key lifetime (v2.0) +^^^^^^^^^^^^^^^^^^^^^^ + +In version 2.0, it is very easy to know when a key will expire. You can find that out from the ``access_token_expires`` and ``refresh_token_exipres`` values (in seconds). You should refresh the keys before the timeout occurs, or you will not be able to use the APIs. + +Understanding access/refresh tokens (v2.0) +^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^ + +If you are using V2.0, then you need to know how to use these tokens effectively: + +* Access tokens are short lived. ZoneMinder issues access tokens that live for 3600 seconds (1 hour). +* Access tokens should be used for all subsequent API accesses. +* Refresh tokens should ONLY be used to generate new access tokens. For example, if an access token lives for 1 hour, before the hour completes, invoke the ``login.json`` API above with the refresh token to get a new access token. ZoneMinder issues refresh tokens that live for 24 hours. +* To generate a new refresh token before 24 hours are up, you will need to pass your user login and password to ``login.json`` + +**To Summarize:** + +* Pass your ``username`` and ``password`` to ``login.json`` only once in 24 hours to renew your tokens +* Pass your "refresh token" to ``login.json`` once an hour to renew your ``access token`` +* Use your ``access token`` for all API invocations. + +In fact, V2.0 will reject your request (if it is not to ``login.json``) if it comes with a refresh token instead of an access token to discourage usage of this token when it should not be used. + +This minimizes the amount of sensitive data that is sent over the wire and the lifetime durations are made so that if they get compromised, you can regenerate or invalidate them (more on this later) + +Understanding key security +^^^^^^^^^^^^^^^^^^^^^^^^^^^^ + +* Version 1.0 uses an MD5 hash to generate the credentials. The hash is computed over your secret key (if avaiable), username, password and some time parameters (along with remote IP if enabled). This is not a secure/recommended hashing mechanism. If your auth hash is compromised, an attacker will be able to use your hash till it expires. To avoid this, you could disable the user in ZoneMinder. + +* Version 2.0 uses a different approach. The hash is a simple base64 encoded form of "claims", but signed with your secret key. Consider for example, the following access key: + +:: + + eyJ0eXAiOiJKV1QiLCJhbGciOiJIUzI1NiJ9.eyJpc3MiOiJab25lTWluZGVyIiwiaWF0IjoxNTU3OTQwNzUyLCJleHAiOjE1NTc5NDQzNTIsInVzZXIiOiJhZG1pbiIsInR5cGUiOiJhY2Nlc3MifQ.-5VOcpw3cFHiSTN5zfGDSrrPyVya1M8_2Anh5u6eNlI + +If you were to use any `JWT token verifier `__ it can easily decode that token and will show: + +:: + + { + "iss": "ZoneMinder", + "iat": 1557940752, + "exp": 1557944352, + "user": "admin", + "type": "access" + } + Invalid Signature + + +Don't be surprised. JWT tokens are not meant to be encrypted. It is just an assertion of a claim. It states that the issuer of this token was ZoneMinder, +It was issued at (iat) Wednesday, 2019-05-15 17:19:12 UTC and will expire on (exp) Wednesday, 2019-05-15 18:19:12 UTC. This token claims to be owned by an admin and is an access token. If your token were to be stolen, this information is available to the person who stole it. Note that there are no sensitive details like passwords in this claim. + +However, that person will **not** have your secret key as part of this token and therefore, will NOT be able to create a new JWT token to get, say, a refresh token. They will however, be able to use your access token to access resources just like the auth hash above, till the access token expires (1hr). To revoke this token, you don't need to disable the user. Go to ``Options->API`` and tap on "Revoke All Access Tokens". This will invalidate the token immediately (this option will invalidate all tokens for all users, and new ones will need to be generated). + +Over time, we will provide you with more fine grained access to these options. + +**Summarizing good practices:** + +* Use HTTPS, not HTTP +* If possible, use free services like `LetsEncrypt `__ instead of self-signed certificates (sometimes this is not possible) +* Keep your tokens as private as possible, and use them as recommended above +* If you believe your tokens are compromised, revoke them, but also check if your attacker has compromised more than you think (example, they may also have your username/password or access to your system via other exploits, in which case they can regenerate as many tokens/credentials as they want). + + + +.. NOTE:: + Subsequent sections don't explicitly callout the key addition to APIs. We assume that you will append the correct keys as per our explanation above. + + + +Logout APIs +^^^^^^^^^^^^^^ The APIs tie into ZoneMinder's existing security model. This means if you have OPT_AUTH enabled, you need to log into ZoneMinder using the same browser you plan to use the APIs from. If you are developing an app that relies on the API, you need @@ -585,6 +675,86 @@ Returns: This only works if you have a multiserver setup in place. If you don't it will return an empty array. +Streaming Interface +^^^^^^^^^^^^^^^^^^^ +Developers working on their application often ask if there is an "API" to receive live streams, or recorded event streams. +It is possible to stream both live and recorded streams. This isn't strictly an "API" per-se (that is, it is not integrated +into the Cake PHP based API layer discussed here) and also why we've used the term "Interface" instead of an "API". + +Live Streams +~~~~~~~~~~~~~~ +What you need to know is that if you want to display "live streams", ZoneMinder sends you streaming JPEG images (MJPEG) +which can easily be rendered in a browser using an ``img src`` tag. + +For example: + +:: + + + #or + + + +will display a live feed from monitor id 1, scaled down by 50% in quality and resized to 640x480px. + +* This assumes ``/zm/cgi-bin`` is your CGI_BIN path. Change it to what is correct in your system +* The "auth" token you see above is required if you use ZoneMinder authentication. To understand how to get the auth token, please read the "Login, Logout & API security" section below. +* The "connkey" parameter is essentially a random number which uniquely identifies a stream. If you don't specify a connkey, ZM will generate its own. It is recommended to generate a connkey because you can then use it to "control" the stream (pause/resume etc.) +* Instead of dealing with the "auth" token, you can also use ``&user=username&pass=password`` where "username" and "password" are your ZoneMinder username and password respectively. Note that this is not recommended because you are transmitting them in a URL and even if you use HTTPS, they may show up in web server logs. + + +PTZ on live streams +------------------- +PTZ commands are pretty cryptic in ZoneMinder. This is not meant to be an exhaustive guide, but just something to whet your appetite: + + +Lets assume you have a monitor, with ID=6. Let's further assume you want to pan it left. + +You'd need to send a: +``POST`` command to ``https://yourserver/zm/index.php`` with the following data payload in the command (NOT in the URL) + +``view=request&request=control&id=6&control=moveConLeft&xge=30&yge=30`` + +Obviously, if you are using authentication, you need to be logged in for this to work. + +Like I said, at this stage, this is only meant to get you started. Explore the ZoneMinder code and use "Inspect source" as you use PTZ commands in the ZoneMinder source code. +`control_functions.php `__ is a great place to start. + + +Pre-recorded (past event) streams +~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~ + +Similar to live playback, if you have chosen to store events in JPEG mode, you can play it back using: + +:: + + + #or + + + +* This assumes ``/zm/cgi-bin`` is your CGI_BIN path. Change it to what is correct in your system +* This will playback event 293820, starting from frame 1 as an MJPEG stream +* Like before, you can add more parameters like ``scale`` etc. +* auth and connkey have the same meaning as before, and yes, you can replace auth by ``&user=usename&pass=password`` as before and the same security concerns cited above apply. + +If instead, you have chosen to use the MP4 (Video) storage mode for events, you can directly play back the saved video file: + +:: + + + #or + + +* This will play back the video recording for event 294690 + +What other parameters are supported? +~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~ +The best way to answer this question is to play with ZoneMinder console. Open a browser, play back live or recorded feed, and do an "Inspect Source" to see what parameters +are generated. Change and observe. + + + Further Reading ^^^^^^^^^^^^^^^^ As described earlier, treat this document as an "introduction" to the important parts of the API and streaming interfaces. From 1855ee441a9e32a8fd2b843cc34a3f0c9f13534f Mon Sep 17 00:00:00 2001 From: Isaac Connor Date: Wed, 15 May 2019 19:35:19 -0400 Subject: [PATCH 131/922] Fix #2609 invalid value horz instead of hori in orientations enumeration --- web/skins/classic/views/monitor.php | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/web/skins/classic/views/monitor.php b/web/skins/classic/views/monitor.php index d6d7780b7..301851629 100644 --- a/web/skins/classic/views/monitor.php +++ b/web/skins/classic/views/monitor.php @@ -389,7 +389,7 @@ $orientations = array( '90' => translate('RotateRight'), '180' => translate('Inverted'), '270' => translate('RotateLeft'), - 'horz' => translate('FlippedHori'), + 'hori' => translate('FlippedHori'), 'vert' => translate('FlippedVert') ); From 0e72080c4a016cb667846760f2fd86125f03daf5 Mon Sep 17 00:00:00 2001 From: Pliable Pixels Date: Thu, 16 May 2019 09:37:11 -0400 Subject: [PATCH 132/922] Migrate from libdigest to crypt-eks-blowfish due to notice --- distros/debian/control | 4 ++-- scripts/zmupdate.pl.in | 11 +++++------ 2 files changed, 7 insertions(+), 8 deletions(-) diff --git a/distros/debian/control b/distros/debian/control index 87873f294..3296b88c3 100644 --- a/distros/debian/control +++ b/distros/debian/control @@ -27,7 +27,7 @@ Build-Depends: debhelper (>= 9), cmake , libsys-cpu-perl, libsys-meminfo-perl , libdata-uuid-perl , libssl-dev - , libdigest-bcrypt-perl, libdata-entropy-perl + , libcrypt-eksblowfish-perl, libdata-entropy-perl Standards-Version: 3.9.4 Package: zoneminder @@ -54,7 +54,7 @@ Depends: ${shlibs:Depends}, ${misc:Depends}, ${perl:Depends} , libvlccore5 | libvlccore7 | libvlccore8, libvlc5 , libpolkit-gobject-1-0, php5-gd , libssl - ,libdigest-bcrypt-perl, libdata-entropy-perl + ,libcrypt-eksblowfish-perl, libdata-entropy-perl Recommends: mysql-server | mariadb-server Description: Video camera security and surveillance solution diff --git a/scripts/zmupdate.pl.in b/scripts/zmupdate.pl.in index 8c620443b..8dbc4d14f 100644 --- a/scripts/zmupdate.pl.in +++ b/scripts/zmupdate.pl.in @@ -51,7 +51,7 @@ configuring upgrades etc, including on the fly upgrades. use strict; use bytes; use version; -use Digest; +use Crypt::Eksblowfish::Bcrypt; use Data::Entropy::Algorithms qw(rand_bits); # ========================================================================== @@ -1011,11 +1011,10 @@ sub migratePasswords { my $scheme = substr($user->{Password}, 0, 1); if ($scheme eq "*") { print ("-->".$user->{Username}. " password will be migrated\n"); - my $bcrypt = Digest->new('Bcrypt', cost=>10, salt=>rand_bits(16*8)); - my $settings = $bcrypt->settings(); - my $pass_hash = $bcrypt->add($user->{Password})->bcrypt_b64digest; - #print ("--- New pass overlay ----".$pass_hash); - my $new_pass_hash = "-ZM-".$settings.$pass_hash; + my $salt = Crypt::Eksblowfish::Bcrypt::en_base64(rand_bits(16*8)); + my $settings = '$2a$10$'.$salt; + my $pass_hash = Crypt::Eksblowfish::Bcrypt::bcrypt($user->{Password},$settings); + my $new_pass_hash = "-ZM-".$pass_hash; $sql = "UPDATE Users SET PASSWORD=? WHERE Username=?"; my $sth = $dbh->prepare_cached( $sql ) or die( "Can't prepare '$sql': ".$dbh->errstr() ); my $res = $sth->execute($new_pass_hash, $user->{Username}) or die( "Can't execute: ".$sth->errstr() ); From 4f44db8cbf4d6d292c9c55088fee6ec4455e8cc5 Mon Sep 17 00:00:00 2001 From: Isaac Connor Date: Thu, 16 May 2019 15:35:19 -0400 Subject: [PATCH 133/922] ifdef HAVE_ZLIB_H around code that uses Image->Zip (#2597) --- src/zm_monitorstream.cpp | 8 ++++++++ src/zm_monitorstream.h | 2 ++ 2 files changed, 10 insertions(+) diff --git a/src/zm_monitorstream.cpp b/src/zm_monitorstream.cpp index 0b2811656..124994a48 100644 --- a/src/zm_monitorstream.cpp +++ b/src/zm_monitorstream.cpp @@ -394,10 +394,15 @@ bool MonitorStream::sendFrame(Image *image, struct timeval *timestamp) { img_buffer_size = send_image->Size(); break; case STREAM_ZIP : +#if HAVE_ZLIB_H fputs("Content-Type: image/x-rgbz\r\n",stdout); unsigned long zip_buffer_size; send_image->Zip(img_buffer, &zip_buffer_size); img_buffer_size = zip_buffer_size; +#else + Error("zlib is required for zipped images. Falling back to raw image"); + type = STREAM_RAW; +#endif // HAVE_ZLIB_H break; default : Error("Unexpected frame type %d", type); @@ -794,6 +799,8 @@ void MonitorStream::SingleImageRaw( int scale ) { fwrite( snap_image->Buffer(), snap_image->Size(), 1, stdout ); } + +#ifdef HAVE_ZLIB_H void MonitorStream::SingleImageZip( int scale ) { unsigned long img_buffer_size = 0; static Bytef img_buffer[ZM_MAX_IMAGE_SIZE]; @@ -816,3 +823,4 @@ void MonitorStream::SingleImageZip( int scale ) { fprintf( stdout, "Content-Type: image/x-rgbz\r\n\r\n" ); fwrite( img_buffer, img_buffer_size, 1, stdout ); } +#endif // HAVE_ZLIB_H diff --git a/src/zm_monitorstream.h b/src/zm_monitorstream.h index f3351d3b7..e120331af 100644 --- a/src/zm_monitorstream.h +++ b/src/zm_monitorstream.h @@ -55,7 +55,9 @@ class MonitorStream : public StreamBase { void processCommand( const CmdMsg *msg ); void SingleImage( int scale=100 ); void SingleImageRaw( int scale=100 ); +#ifdef HAVE_ZLIB_H void SingleImageZip( int scale=100 ); +#endif public: MonitorStream() : From eb005e8b9c33e6bdba8b1796393eebf3ea3fdaad Mon Sep 17 00:00:00 2001 From: Mitch Capper Date: Thu, 16 May 2019 12:37:03 -0700 Subject: [PATCH 134/922] FIFO support for zoneminder zone debugging (#2594) Adds fifo options for diagnostic images for much lower impact diagnostics mode. Diagnostic images are only written when there is a client listening for them (otherwise they are skipped). Also added a json stream for the detection data so you can see in real time the pixels or blobs detected for the motion. This allows for easy real time stream of both delta and reference images (as video streams) along with the detection numbers. --- .../lib/ZoneMinder/ConfigData.pm.in | 10 +- src/CMakeLists.txt | 2 +- src/zm_fifo.cpp | 247 ++++++++++++++++++ src/zm_fifo.h | 61 +++++ src/zm_image.cpp | 57 +++- src/zm_image.h | 3 + src/zm_jpeg.cpp | 7 + src/zm_jpeg.h | 2 + src/zm_monitor.cpp | 13 +- src/zm_zone.cpp | 27 +- src/zma.cpp | 2 + src/zms.cpp | 10 +- 12 files changed, 419 insertions(+), 22 deletions(-) create mode 100644 src/zm_fifo.cpp create mode 100644 src/zm_fifo.h diff --git a/scripts/ZoneMinder/lib/ZoneMinder/ConfigData.pm.in b/scripts/ZoneMinder/lib/ZoneMinder/ConfigData.pm.in index 4d96f11db..495e53d29 100644 --- a/scripts/ZoneMinder/lib/ZoneMinder/ConfigData.pm.in +++ b/scripts/ZoneMinder/lib/ZoneMinder/ConfigData.pm.in @@ -3945,7 +3945,15 @@ our @options = ( help => q`This will affect how long a session will be valid for since the last request. Keeping this short helps prevent session hijacking. Keeping it long allows you to stay logged in longer without refreshing the view.`, type => $types{integer}, category => 'system', - } + }, + { + name => 'ZM_RECORD_DIAG_IMAGES_FIFO', + default => 'no', + description => ' Recording intermediate alarm diagnostic use fifo instead of files (faster)', + help => 'This tries to lessen the load of recording diag images by sending them to a memory FIFO pipe instead of creating each file.', + type => $types{boolean}, + category => 'logging', + }, ); our %options_hash = map { ( $_->{name}, $_ ) } @options; diff --git a/src/CMakeLists.txt b/src/CMakeLists.txt index e7e3157eb..e27c36d6a 100644 --- a/src/CMakeLists.txt +++ b/src/CMakeLists.txt @@ -4,7 +4,7 @@ configure_file(zm_config.h.in "${CMAKE_CURRENT_BINARY_DIR}/zm_config.h" @ONLY) # Group together all the source files that are used by all the binaries (zmc, zma, zmu, zms etc) -set(ZM_BIN_SRC_FILES zm_box.cpp zm_buffer.cpp zm_camera.cpp zm_comms.cpp zm_config.cpp zm_coord.cpp zm_curl_camera.cpp zm.cpp zm_db.cpp zm_logger.cpp zm_event.cpp zm_frame.cpp zm_eventstream.cpp zm_exception.cpp zm_file_camera.cpp zm_ffmpeg_input.cpp zm_ffmpeg_camera.cpp zm_group.cpp zm_image.cpp zm_jpeg.cpp zm_libvlc_camera.cpp zm_local_camera.cpp zm_monitor.cpp zm_monitorstream.cpp zm_ffmpeg.cpp zm_mpeg.cpp zm_packet.cpp zm_packetqueue.cpp zm_poly.cpp zm_regexp.cpp zm_remote_camera.cpp zm_remote_camera_http.cpp zm_remote_camera_nvsocket.cpp zm_remote_camera_rtsp.cpp zm_rtp.cpp zm_rtp_ctrl.cpp zm_rtp_data.cpp zm_rtp_source.cpp zm_rtsp.cpp zm_rtsp_auth.cpp zm_sdp.cpp zm_signal.cpp zm_stream.cpp zm_swscale.cpp zm_thread.cpp zm_time.cpp zm_timer.cpp zm_user.cpp zm_utils.cpp zm_video.cpp zm_videostore.cpp zm_zone.cpp zm_storage.cpp) +set(ZM_BIN_SRC_FILES zm_box.cpp zm_buffer.cpp zm_camera.cpp zm_comms.cpp zm_config.cpp zm_coord.cpp zm_curl_camera.cpp zm.cpp zm_db.cpp zm_logger.cpp zm_event.cpp zm_frame.cpp zm_eventstream.cpp zm_exception.cpp zm_file_camera.cpp zm_ffmpeg_input.cpp zm_ffmpeg_camera.cpp zm_group.cpp zm_image.cpp zm_jpeg.cpp zm_libvlc_camera.cpp zm_local_camera.cpp zm_monitor.cpp zm_monitorstream.cpp zm_ffmpeg.cpp zm_mpeg.cpp zm_packet.cpp zm_packetqueue.cpp zm_poly.cpp zm_regexp.cpp zm_remote_camera.cpp zm_remote_camera_http.cpp zm_remote_camera_nvsocket.cpp zm_remote_camera_rtsp.cpp zm_rtp.cpp zm_rtp_ctrl.cpp zm_rtp_data.cpp zm_rtp_source.cpp zm_rtsp.cpp zm_rtsp_auth.cpp zm_sdp.cpp zm_signal.cpp zm_stream.cpp zm_swscale.cpp zm_thread.cpp zm_time.cpp zm_timer.cpp zm_user.cpp zm_utils.cpp zm_video.cpp zm_videostore.cpp zm_zone.cpp zm_fifo.cpp zm_storage.cpp) # A fix for cmake recompiling the source files for every target. add_library(zm STATIC ${ZM_BIN_SRC_FILES}) diff --git a/src/zm_fifo.cpp b/src/zm_fifo.cpp new file mode 100644 index 000000000..538b696fa --- /dev/null +++ b/src/zm_fifo.cpp @@ -0,0 +1,247 @@ +#include +#include +#include +#include +#include +#include + +#include "zm.h" +#include "zm_db.h" +#include "zm_time.h" +#include "zm_mpeg.h" +#include "zm_signal.h" +#include "zm_monitor.h" +#include "zm_fifo.h" +#define RAW_BUFFER 512 +static bool zm_fifodbg_inited = false; +FILE *zm_fifodbg_log_fd = 0; +char zm_fifodbg_log[PATH_MAX] = ""; + +static bool zmFifoDbgOpen(){ + if (zm_fifodbg_log_fd) + fclose(zm_fifodbg_log_fd); + zm_fifodbg_log_fd = NULL; + signal(SIGPIPE, SIG_IGN); + FifoStream::fifo_create_if_missing(zm_fifodbg_log); + int fd = open(zm_fifodbg_log,O_WRONLY|O_NONBLOCK|O_TRUNC); + if (fd < 0) + return ( false ); + int res = flock(fd,LOCK_EX | LOCK_NB); + if (res < 0) + { + close(fd); + return ( false ); + } + zm_fifodbg_log_fd = fdopen(fd,"wb"); + if (zm_fifodbg_log_fd == NULL) + { + close(fd); + return ( false ); + } + return ( true ); +} +int zmFifoDbgInit(Monitor *monitor){ + zm_fifodbg_inited = true; + snprintf( zm_fifodbg_log, sizeof(zm_fifodbg_log), "%s/%d/dbgpipe.log", monitor->getStorage()->Path(), monitor->Id() ); + zmFifoDbgOpen(); + return 1; +} +void zmFifoDbgOutput( int hex, const char * const file, const int line, const int level, const char *fstring, ... ){ + char dbg_string[8192]; + va_list arg_ptr; + if (! zm_fifodbg_inited) + return; + if (! zm_fifodbg_log_fd && ! zmFifoDbgOpen()) + return; + + char *dbg_ptr = dbg_string; + va_start( arg_ptr, fstring ); + if ( hex ) + { + unsigned char *data = va_arg( arg_ptr, unsigned char * ); + int len = va_arg( arg_ptr, int ); + int i; + dbg_ptr += snprintf( dbg_ptr, sizeof(dbg_string)-(dbg_ptr-dbg_string), "%d:", len ); + for ( i = 0; i < len; i++ ) + { + dbg_ptr += snprintf( dbg_ptr, sizeof(dbg_string)-(dbg_ptr-dbg_string), " %02x", data[i] ); + } + } + else + { + dbg_ptr += vsnprintf( dbg_ptr, sizeof(dbg_string)-(dbg_ptr-dbg_string), fstring, arg_ptr ); + } + va_end(arg_ptr); + strncpy( dbg_ptr++, "\n", 1); + int res = fwrite( dbg_string, dbg_ptr-dbg_string, 1, zm_fifodbg_log_fd ); + if (res != 1){ + fclose(zm_fifodbg_log_fd); + zm_fifodbg_log_fd = NULL; + } + else + { + fflush(zm_fifodbg_log_fd); + } +} +bool FifoStream::sendRAWFrames(){ + static unsigned char buffer[RAW_BUFFER]; + int fd = open(stream_path,O_RDONLY); + if (fd < 0) + { + Error( "Can't open %s: %s", stream_path, strerror(errno)); + return( false ); + } + while( (bytes_read = read(fd,buffer,RAW_BUFFER)) ) + { + if (bytes_read == 0) + continue; + if (bytes_read < 0) + { + Error( "Problem during reading: %s", strerror(errno)); + close(fd); + return( false ); + } + if ( fwrite( buffer, bytes_read, 1, stdout ) != 1){ + Error( "Problem during writing: %s", strerror(errno)); + close(fd); + return( false ); + } + fflush( stdout ); + } + close(fd); + return ( true ); +} + +void FifoStream::file_create_if_missing(const char * path, bool is_fifo,bool delete_fake_fifo){ + static struct stat st; + if(stat(path,&st) == 0){ + + if (! is_fifo || S_ISFIFO(st.st_mode) || ! delete_fake_fifo) + return; + Debug(5, "Supposed to be a fifo pipe but isn't, unlinking: %s", path); + unlink(path); + } + int fd; + if (! is_fifo){ + Debug(5, "Creating non fifo file as requested: %s", path); + fd = open(path,O_CREAT|O_WRONLY,S_IRUSR|S_IWUSR); + close(fd); + return; + } + Debug(5, "Making fifo file of: %s", path); + mkfifo(path,S_IRUSR|S_IWUSR); +} +void FifoStream::fifo_create_if_missing(const char * path, bool delete_fake_fifo){ + file_create_if_missing(path,true,delete_fake_fifo); +} +bool FifoStream::sendMJEGFrames(){ + static unsigned char buffer[ZM_MAX_IMAGE_SIZE]; + int fd = open(stream_path,O_RDONLY); + if (fd < 0) + { + Error( "Can't open %s: %s", stream_path, strerror(errno)); + return( false ); + } + total_read = 0; + while( (bytes_read = read(fd,buffer+total_read,ZM_MAX_IMAGE_SIZE-total_read)) ) + { + if (bytes_read < 0) + { + Error( "Problem during reading: %s", strerror(errno)); + close(fd); + return( false ); + } + total_read+=bytes_read; + } + close(fd); + if (total_read == 0) + return( true ); + if (frame_count%frame_mod != 0) + return (true ); + if (fprintf( stdout, "--ZoneMinderFrame\r\n" ) < 0 ) + { + Error( "Problem during writing: %s", strerror(errno)); + return( false ); + } + + fprintf( stdout, "Content-Type: image/jpeg\r\n" ); + fprintf( stdout, "Content-Length: %d\r\n\r\n", total_read ); + if ( fwrite( buffer, total_read, 1, stdout ) != 1){ + Error( "Problem during reading: %s", strerror(errno)); + return( false ); + } + fprintf( stdout, "\r\n\r\n" ); + fflush( stdout); + last_frame_sent = TV_2_FLOAT( now ); + frame_count++; + return( true ); +} + +void FifoStream::setStreamStart( const char * path ){ + stream_path = strdup(path); +} +void FifoStream::setStreamStart( int monitor_id, const char * format ){ + char diag_path[PATH_MAX]; + const char * filename; + Monitor * monitor = Monitor::Load(monitor_id, false, Monitor::QUERY); + + if (! strcmp(format,"reference") ) + { + stream_type = MJPEG; + filename = "diagpipe-r.jpg"; + } + else if (! strcmp(format,"delta")) + { + filename = "diagpipe-d.jpg"; + stream_type = MJPEG; + } + else + { + stream_type = RAW; + filename = "dbgpipe.log"; + } + + snprintf( diag_path, sizeof(diag_path), "%s/%d/%s", monitor->getStorage()->Path(), monitor->Id(), filename ); + setStreamStart(diag_path); +} +void FifoStream::runStream(){ + if (stream_type == MJPEG) + fprintf( stdout, "Content-Type: multipart/x-mixed-replace;boundary=ZoneMinderFrame\r\n\r\n" ); + else + fprintf( stdout, "Content-Type: text/html\r\n\r\n" ); + + char lock_file[PATH_MAX]; + strcpy(lock_file,stream_path); + strcat(lock_file,".rlock"); + file_create_if_missing(lock_file,false); + int fd_lock = open(lock_file,O_RDONLY); + if (fd_lock < 0) + { + Error( "Can't open %s: %s", lock_file, strerror(errno)); + return; + } + int res = flock(fd_lock,LOCK_EX | LOCK_NB); + if (res < 0) + { + Error( "Flocking problem on %s: - %s", lock_file, strerror(errno) ); + close(fd_lock); + return; + } + + while( !zm_terminate ) + { + gettimeofday( &now, NULL ); + checkCommandQueue(); + if (stream_type == MJPEG) + { + if (! sendMJEGFrames()) + zm_terminate = true; + } + else + { + if (! sendRAWFrames()) + zm_terminate = true; + } + } + close(fd_lock); +} diff --git a/src/zm_fifo.h b/src/zm_fifo.h new file mode 100644 index 000000000..8d1b1ae8c --- /dev/null +++ b/src/zm_fifo.h @@ -0,0 +1,61 @@ +#ifndef ZM_FIFO_H +#define ZM_FIFO_H + +#include +#include +#include +#include +#include +#include +#include +#include +#include + +#include "zm.h" +#include "zm_image.h" +#include "zm_monitor.h" +#include "zm_stream.h" + + +#define zmFifoDbgPrintf(level,params...) {\ + zmFifoDbgOutput( 0, __FILE__, __LINE__, level, ##params );\ + } + +#ifndef ZM_DBG_OFF +#define FifoDebug(level,params...) zmFifoDbgPrintf(level,##params) +#else +#define FifoDebug(level,params...) +#endif +void zmFifoDbgOutput( int hex, const char * const file, const int line, const int level, const char *fstring, ... ) __attribute__ ((format(printf, 5, 6))); +int zmFifoDbgInit(Monitor * monitor); + +class FifoStream : public StreamBase +{ + +private: + char * stream_path; + int fd; + int total_read; + int bytes_read; + unsigned int frame_count; + static void file_create_if_missing(const char * path, bool is_fifo, bool delete_fake_fifo=true); + +protected: + typedef enum { MJPEG, RAW } StreamType; + StreamType stream_type; + bool sendMJEGFrames( ); + bool sendRAWFrames( ); + void processCommand( const CmdMsg *msg ) {}; + +public: + FifoStream(){ + + + } + static void fifo_create_if_missing(const char * path,bool delete_fake_fifo=true); + void setStreamStart( const char * path ); + void setStreamStart( int monitor_id, const char * format ); + + void runStream(); +}; +#endif diff --git a/src/zm_image.cpp b/src/zm_image.cpp index e58e40342..12c3da86e 100644 --- a/src/zm_image.cpp +++ b/src/zm_image.cpp @@ -24,6 +24,7 @@ #include "zm_rgb.h" #include "zm_ffmpeg.h" +#include #include #include @@ -957,7 +958,7 @@ cinfo->out_color_space = JCS_RGB; return( true ); } -// Multiple calling formats to permit inclusion (or not) of both quality_override and timestamp (exif), with suitable defaults. +// Multiple calling formats to permit inclusion (or not) of non blocking, quality_override and timestamp (exif), with suitable defaults. // Note quality=zero means default bool Image::WriteJpeg(const char *filename, int quality_override) const { @@ -966,33 +967,71 @@ bool Image::WriteJpeg(const char *filename, int quality_override) const { bool Image::WriteJpeg(const char *filename) const { return Image::WriteJpeg(filename, 0, (timeval){0,0}); } +bool Image::WriteJpeg(const char *filename, bool on_blocking_abort) const { + return Image::WriteJpeg(filename, 0, (timeval){0,0}, on_blocking_abort); +} bool Image::WriteJpeg(const char *filename, struct timeval timestamp) const { return Image::WriteJpeg(filename, 0, timestamp); } bool Image::WriteJpeg(const char *filename, int quality_override, struct timeval timestamp) const { + return Image::WriteJpeg(filename, quality_override, timestamp, false); +} +bool Image::WriteJpeg(const char *filename, int quality_override, struct timeval timestamp, bool on_blocking_abort) const { if ( config.colour_jpeg_files && colours == ZM_COLOUR_GRAY8 ) { Image temp_image(*this); temp_image.Colourise(ZM_COLOUR_RGB24, ZM_SUBPIX_ORDER_RGB); - return temp_image.WriteJpeg(filename, quality_override, timestamp); + return temp_image.WriteJpeg(filename, quality_override, timestamp, on_blocking_abort); } int quality = quality_override?quality_override:config.jpeg_file_quality; struct jpeg_compress_struct *cinfo = writejpg_ccinfo[quality]; + FILE *outfile =NULL; + static int raw_fd = 0; + bool need_create_comp = false; + raw_fd = 0; if ( !cinfo ) { cinfo = writejpg_ccinfo[quality] = new jpeg_compress_struct; cinfo->err = jpeg_std_error( &jpg_err.pub ); - jpg_err.pub.error_exit = zm_jpeg_error_exit; - jpg_err.pub.emit_message = zm_jpeg_emit_message; jpeg_create_compress( cinfo ); + need_create_comp=true; + } + if (! on_blocking_abort) { + jpg_err.pub.error_exit = zm_jpeg_error_exit; + jpg_err.pub.emit_message = zm_jpeg_emit_message; + } else { + jpg_err.pub.error_exit = zm_jpeg_error_silent; + jpg_err.pub.emit_message = zm_jpeg_emit_silence; + if (setjmp( jpg_err.setjmp_buffer ) ) { + jpeg_abort_compress( cinfo ); + Debug( 5, "Aborted a write mid-stream and %s and %d", (outfile == NULL) ? "closing file" : "file not opened", raw_fd ); + if (raw_fd) + close(raw_fd); + if (outfile) + fclose( outfile ); + return ( false ); + } + } + if (need_create_comp) + jpeg_create_compress( cinfo ); + + if (! on_blocking_abort) { + if ( (outfile = fopen(filename, "wb")) == NULL ) { + Error( "Can't open %s for writing: %s", filename, strerror(errno) ); + return false; + } + } else { + raw_fd = open(filename,O_WRONLY|O_NONBLOCK|O_CREAT|O_TRUNC,S_IRUSR|S_IWUSR|S_IRGRP|S_IROTH); + if (raw_fd < 0) + return ( false ); + outfile = fdopen(raw_fd,"wb"); + if (outfile == NULL) { + close(raw_fd); + return( false ); + } } - FILE *outfile; - if ( (outfile = fopen(filename, "wb")) == NULL ) { - Error("Can't open %s: %s", filename, strerror(errno)); - return false; - } jpeg_stdio_dest( cinfo, outfile ); cinfo->image_width = width; /* image width and height, in pixels */ diff --git a/src/zm_image.h b/src/zm_image.h index 7133d0e35..d90d7c358 100644 --- a/src/zm_image.h +++ b/src/zm_image.h @@ -218,9 +218,12 @@ public: bool ReadJpeg( const char *filename, unsigned int p_colours, unsigned int p_subpixelorder); bool WriteJpeg ( const char *filename) const; + bool WriteJpeg ( const char *filename, bool on_blocking_abort) const; bool WriteJpeg ( const char *filename, int quality_override ) const; bool WriteJpeg ( const char *filename, struct timeval timestamp ) const; bool WriteJpeg ( const char *filename, int quality_override, struct timeval timestamp ) const; + bool WriteJpeg ( const char *filename, int quality_override, struct timeval timestamp, bool on_blocking_abort ) const; + bool DecodeJpeg( const JOCTET *inbuffer, int inbuffer_size, unsigned int p_colours, unsigned int p_subpixelorder); bool EncodeJpeg( JOCTET *outbuffer, int *outbuffer_size, int quality_override=0 ) const; diff --git a/src/zm_jpeg.cpp b/src/zm_jpeg.cpp index cddf086c5..8e8899227 100644 --- a/src/zm_jpeg.cpp +++ b/src/zm_jpeg.cpp @@ -30,6 +30,13 @@ extern "C" static int jpeg_err_count = 0; +void zm_jpeg_error_silent( j_common_ptr cinfo ){ + zm_error_ptr zmerr = (zm_error_ptr)cinfo->err; + longjmp( zmerr->setjmp_buffer, 1 ); +} +void zm_jpeg_emit_silence( j_common_ptr cinfo, int msg_level ){ +} + void zm_jpeg_error_exit( j_common_ptr cinfo ) { static char buffer[JMSG_LENGTH_MAX]; diff --git a/src/zm_jpeg.h b/src/zm_jpeg.h index d0348dd3e..f0b4a355c 100644 --- a/src/zm_jpeg.h +++ b/src/zm_jpeg.h @@ -38,6 +38,8 @@ struct zm_error_mgr typedef struct zm_error_mgr *zm_error_ptr; +void zm_jpeg_error_silent( j_common_ptr cinfo ); +void zm_jpeg_emit_silence( j_common_ptr cinfo, int msg_level ); void zm_jpeg_error_exit( j_common_ptr cinfo ); void zm_jpeg_emit_message( j_common_ptr cinfo, int msg_level ); diff --git a/src/zm_monitor.cpp b/src/zm_monitor.cpp index 2987d08f2..99416b658 100644 --- a/src/zm_monitor.cpp +++ b/src/zm_monitor.cpp @@ -44,6 +44,7 @@ #if HAVE_LIBAVFORMAT #include "zm_ffmpeg_camera.h" #endif // HAVE_LIBAVFORMAT +#include "zm_fifo.h" #if HAVE_LIBVLC #include "zm_libvlc_camera.h" #endif // HAVE_LIBVLC @@ -517,8 +518,12 @@ Monitor::Monitor( ReloadLinkedMonitors(p_linked_monitors); if ( config.record_diag_images ) { - diag_path_r = stringtf("%s/%d/diag-r.jpg", storage->Path(), id); - diag_path_d = stringtf("%s/%d/diag-d.jpg", storage->Path(), id); + diag_path_r = stringtf(config.record_diag_images_fifo ? "%s/%d/diagpipe-r.jpg" : "%s/%d/diag-r.jpg", storage->Path(), id); + diag_path_d = stringtf(config.record_diag_images_fifo ? "%s/%d/diagpipe-d.jpg" : "%s/%d/diag-d.jpg", storage->Path(), id); + if (config.record_diag_images_fifo){ + FifoStream::fifo_create_if_missing(diag_path_r.c_str()); + FifoStream::fifo_create_if_missing(diag_path_d.c_str()); + } } } // end if purpose == ANALYSIS @@ -2614,8 +2619,8 @@ unsigned int Monitor::DetectMotion(const Image &comp_image, Event::StringSet &zo ref_image.Delta(comp_image, &delta_image); if ( config.record_diag_images ) { - ref_image.WriteJpeg(diag_path_r.c_str()); - delta_image.WriteJpeg(diag_path_d.c_str()); + ref_image.WriteJpeg(diag_path_r.c_str(), config.record_diag_images_fifo); + delta_image.WriteJpeg(diag_path_d.c_str(), config.record_diag_images_fifo); } // Blank out all exclusion zones diff --git a/src/zm_zone.cpp b/src/zm_zone.cpp index 6d4ae15e3..de2f8003d 100644 --- a/src/zm_zone.cpp +++ b/src/zm_zone.cpp @@ -24,6 +24,7 @@ #include "zm_zone.h" #include "zm_image.h" #include "zm_monitor.h" +#include "zm_fifo.h" void Zone::Setup( @@ -112,8 +113,10 @@ void Zone::Setup( } if ( config.record_diag_images ) { - snprintf(diag_path, sizeof(diag_path), "%s/diag-%d-poly.jpg", monitor->getStorage()->Path(), id); - pg_image->WriteJpeg(diag_path); + snprintf(diag_path, sizeof(diag_path), config.record_diag_images_fifo ? "%s/diagpipe-%d-poly.jpg" : "%s/diag-%d-poly.jpg", monitor->getStorage()->Path(), id); + if (config.record_diag_images_fifo) + FifoStream::fifo_create_if_missing(diag_path); + pg_image->WriteJpeg(diag_path, config.record_diag_images_fifo); } else { diag_path[0] = 0; } @@ -232,7 +235,7 @@ bool Zone::CheckAlarms(const Image *delta_image) { std_alarmedpixels(diff_image, pg_image, &alarm_pixels, &pixel_diff_count); if ( config.record_diag_images ) - diff_image->WriteJpeg(diag_path); + diff_image->WriteJpeg(diag_path, config.record_diag_images_fifo); if ( pixel_diff_count && alarm_pixels ) pixel_diff = pixel_diff_count/alarm_pixels; @@ -240,6 +243,10 @@ bool Zone::CheckAlarms(const Image *delta_image) { Debug(5, "Got %d alarmed pixels, need %d -> %d, avg pixel diff %d", alarm_pixels, min_alarm_pixels, max_alarm_pixels, pixel_diff); + if (config.record_diag_images_fifo) + FifoDebug( 5, "{\"zone\":%d,\"type\":\"ALRM\",\"pixels\":%d,\"avg_diff\":%d}", id,alarm_pixels, pixel_diff ); + + if ( alarm_pixels ) { if ( min_alarm_pixels && (alarm_pixels < (unsigned int)min_alarm_pixels) ) { /* Not enough pixels alarmed */ @@ -316,11 +323,14 @@ bool Zone::CheckAlarms(const Image *delta_image) { } if ( config.record_diag_images ) - diff_image->WriteJpeg(diag_path); + diff_image->WriteJpeg(diag_path, config.record_diag_images_fifo); Debug(5, "Got %d filtered pixels, need %d -> %d", alarm_filter_pixels, min_filter_pixels, max_filter_pixels); + if (config.record_diag_images_fifo) + FifoDebug( 5, "{\"zone\":%d,\"type\":\"FILT\",\"pixels\":%d}", id, alarm_filter_pixels ); + if ( alarm_filter_pixels ) { if ( min_filter_pixels && (alarm_filter_pixels < min_filter_pixels) ) { /* Not enough pixels alarmed */ @@ -542,7 +552,7 @@ bool Zone::CheckAlarms(const Image *delta_image) { } } if ( config.record_diag_images ) - diff_image->WriteJpeg(diag_path); + diff_image->WriteJpeg(diag_path, config.record_diag_images_fifo); if ( !alarm_blobs ) { return false; @@ -551,6 +561,9 @@ bool Zone::CheckAlarms(const Image *delta_image) { Debug(5, "Got %d raw blob pixels, %d raw blobs, need %d -> %d, %d -> %d", alarm_blob_pixels, alarm_blobs, min_blob_pixels, max_blob_pixels, min_blobs, max_blobs); + if (config.record_diag_images_fifo) + FifoDebug( 5, "{\"zone\":%d,\"type\":\"RBLB\",\"pixels\":%d,\"blobs\":%d}", id, alarm_blob_pixels, alarm_blobs ); + // Now eliminate blobs under the threshold for ( int i = 1; i < WHITE; i++ ) { BlobStats *bs = &blob_stats[i]; @@ -587,10 +600,12 @@ bool Zone::CheckAlarms(const Image *delta_image) { } // end if bs_count } // end for i < WHITE if ( config.record_diag_images ) - diff_image->WriteJpeg(diag_path); + diff_image->WriteJpeg(diag_path, config.record_diag_images_fifo); Debug(5, "Got %d blob pixels, %d blobs, need %d -> %d, %d -> %d", alarm_blob_pixels, alarm_blobs, min_blob_pixels, max_blob_pixels, min_blobs, max_blobs); + if (config.record_diag_images_fifo) + FifoDebug( 5, "{\"zone\":%d,\"type\":\"FBLB\",\"pixels\":%d,\"blobs\":%d}", id, alarm_blob_pixels, alarm_blobs ); if ( alarm_blobs ) { if ( min_blobs && (alarm_blobs < min_blobs) ) { diff --git a/src/zma.cpp b/src/zma.cpp index 33dedbe54..a0cb048bf 100644 --- a/src/zma.cpp +++ b/src/zma.cpp @@ -56,6 +56,7 @@ behind. #include "zm_db.h" #include "zm_signal.h" #include "zm_monitor.h" +#include "zm_fifo.h" void Usage() { fprintf(stderr, "zma -m \n"); @@ -129,6 +130,7 @@ int main( int argc, char *argv[] ) { hwcaps_detect(); Monitor *monitor = Monitor::Load(id, true, Monitor::ANALYSIS); + zmFifoDbgInit( monitor ); if ( monitor ) { Info("In mode %d/%d, warming up", monitor->GetFunction(), monitor->Enabled()); diff --git a/src/zms.cpp b/src/zms.cpp index 0a3712938..6042dbef3 100644 --- a/src/zms.cpp +++ b/src/zms.cpp @@ -28,6 +28,7 @@ #include "zm_monitor.h" #include "zm_monitorstream.h" #include "zm_eventstream.h" +#include "zm_fifo.h" bool ValidateAccess( User *user, int mon_id ) { bool allowed = true; @@ -54,7 +55,7 @@ int main( int argc, const char *argv[] ) { srand( getpid() * time( 0 ) ); - enum { ZMS_UNKNOWN, ZMS_MONITOR, ZMS_EVENT } source = ZMS_UNKNOWN; + enum { ZMS_UNKNOWN, ZMS_MONITOR, ZMS_EVENT, ZMS_FIFO } source = ZMS_UNKNOWN; enum { ZMS_JPEG, ZMS_MPEG, ZMS_RAW, ZMS_ZIP, ZMS_SINGLE } mode = ZMS_JPEG; char format[32] = ""; int monitor_id = 0; @@ -110,6 +111,8 @@ int main( int argc, const char *argv[] ) { value = (char *)""; if ( !strcmp(name, "source") ) { source = !strcmp(value, "event")?ZMS_EVENT:ZMS_MONITOR; + if (! strcmp( value,"fifo") ) + source = ZMS_FIFO; } else if ( !strcmp(name, "mode") ) { mode = !strcmp(value, "jpeg")?ZMS_JPEG:ZMS_MPEG; mode = !strcmp(value, "raw")?ZMS_RAW:mode; @@ -274,6 +277,11 @@ int main( int argc, const char *argv[] ) { #endif // HAVE_LIBAVCODEC } stream.runStream(); + } else if (source == ZMS_FIFO ) { + FifoStream stream; + stream.setStreamMaxFPS( maxfps ); + stream.setStreamStart( monitor_id, format ); + stream.runStream(); } else if ( source == ZMS_EVENT ) { if ( ! event_id ) { Fatal( "Can't view an event without specifying an event_id." ); From 96f578f1bde6330e15dc8b5a497477956945452c Mon Sep 17 00:00:00 2001 From: Isaac Connor Date: Thu, 16 May 2019 15:37:37 -0400 Subject: [PATCH 135/922] If running a custom run state, show the state instead of Running. Also select the running state in the state change popup. (#2604) --- web/skins/classic/includes/functions.php | 13 ++++++++++--- web/skins/classic/views/state.php | 4 +++- 2 files changed, 13 insertions(+), 4 deletions(-) diff --git a/web/skins/classic/includes/functions.php b/web/skins/classic/includes/functions.php index 2d71b2397..40bf18b30 100644 --- a/web/skins/classic/includes/functions.php +++ b/web/skins/classic/includes/functions.php @@ -233,7 +233,12 @@ function getNavBarHTML($reload = null) { ob_start(); if ( $running == null ) $running = daemonCheck(); - $status = $running?translate('Running'):translate('Stopped'); + if ( $running ) { + $state = dbFetchOne('SELECT Name FROM States WHERE isActive=1', 'Name'); + if ( $state == 'default' ) + $state = ''; + } + $status = $running ? ($state ? $state : translate('Running')) : translate('Stopped'); ?>
@@ -244,7 +249,9 @@ function getNavBarHTML($reload = null) { -
+
+ +
diff --git a/web/skins/classic/views/state.php b/web/skins/classic/views/state.php index dead5ebf5..12180000d 100644 --- a/web/skins/classic/views/state.php +++ b/web/skins/classic/views/state.php @@ -54,7 +54,9 @@ if ( $running ) { $states = dbFetchAll('SELECT * FROM States'); foreach ( $states as $state ) { ?> - + From 06eb9a3bb2d61349b131856b755e773fb9a1de54 Mon Sep 17 00:00:00 2001 From: Pliable Pixels Date: Thu, 16 May 2019 16:15:16 -0400 Subject: [PATCH 136/922] merge typo --- src/CMakeLists.txt | 1 - 1 file changed, 1 deletion(-) diff --git a/src/CMakeLists.txt b/src/CMakeLists.txt index ba1894a6c..3628a4944 100644 --- a/src/CMakeLists.txt +++ b/src/CMakeLists.txt @@ -4,7 +4,6 @@ configure_file(zm_config.h.in "${CMAKE_CURRENT_BINARY_DIR}/zm_config.h" @ONLY) # Group together all the source files that are used by all the binaries (zmc, zma, zmu, zms etc) -<<<<<<< HEAD set(ZM_BIN_SRC_FILES zm_box.cpp zm_buffer.cpp zm_camera.cpp zm_comms.cpp zm_config.cpp zm_coord.cpp zm_curl_camera.cpp zm.cpp zm_db.cpp zm_logger.cpp zm_event.cpp zm_frame.cpp zm_eventstream.cpp zm_exception.cpp zm_file_camera.cpp zm_ffmpeg_input.cpp zm_ffmpeg_camera.cpp zm_group.cpp zm_image.cpp zm_jpeg.cpp zm_libvlc_camera.cpp zm_local_camera.cpp zm_monitor.cpp zm_monitorstream.cpp zm_ffmpeg.cpp zm_mpeg.cpp zm_packet.cpp zm_packetqueue.cpp zm_poly.cpp zm_regexp.cpp zm_remote_camera.cpp zm_remote_camera_http.cpp zm_remote_camera_nvsocket.cpp zm_remote_camera_rtsp.cpp zm_rtp.cpp zm_rtp_ctrl.cpp zm_rtp_data.cpp zm_rtp_source.cpp zm_rtsp.cpp zm_rtsp_auth.cpp zm_sdp.cpp zm_signal.cpp zm_stream.cpp zm_swscale.cpp zm_thread.cpp zm_time.cpp zm_timer.cpp zm_user.cpp zm_utils.cpp zm_video.cpp zm_videostore.cpp zm_zone.cpp zm_storage.cpp zm_fifo.cpp zm_crypt.cpp) From 17e0b4ac4b12a57cfa0e458c63210e5fb3126ce8 Mon Sep 17 00:00:00 2001 From: Isaac Connor Date: Fri, 17 May 2019 08:34:19 -0400 Subject: [PATCH 137/922] test for error code from db creation and if there is an error, die with an error code. --- distros/debian/postinst | 4 ++++ distros/ubuntu1204/zoneminder.postinst | 4 ++++ distros/ubuntu1604/zoneminder.postinst | 4 ++++ 3 files changed, 12 insertions(+) diff --git a/distros/debian/postinst b/distros/debian/postinst index 3cd3fd277..36472436a 100644 --- a/distros/debian/postinst +++ b/distros/debian/postinst @@ -31,6 +31,10 @@ if [ "$1" = "configure" ]; then # test if database if already present... if ! $(echo quit | mysql --defaults-file=/etc/mysql/debian.cnf zm > /dev/null 2> /dev/null) ; then cat /usr/share/zoneminder/db/zm_create.sql | mysql --defaults-file=/etc/mysql/debian.cnf + if [ $? -ne 0 ]; then + echo "Error creating db." + exit 1; + fi # This creates the user. echo "grant lock tables, alter,select,insert,update,delete,create,index on ${ZM_DB_NAME}.* to '${ZM_DB_USER}'@localhost identified by \"${ZM_DB_PASS}\";" | mysql --defaults-file=/etc/mysql/debian.cnf mysql else diff --git a/distros/ubuntu1204/zoneminder.postinst b/distros/ubuntu1204/zoneminder.postinst index ef715375b..603786ff6 100644 --- a/distros/ubuntu1204/zoneminder.postinst +++ b/distros/ubuntu1204/zoneminder.postinst @@ -34,6 +34,10 @@ if [ "$1" = "configure" ]; then # test if database if already present... if ! $(echo quit | mysql --defaults-file=/etc/mysql/debian.cnf zm > /dev/null 2> /dev/null) ; then cat /usr/share/zoneminder/db/zm_create.sql | mysql --defaults-file=/etc/mysql/debian.cnf + if [ $? -ne 0 ]; then + echo "Error creating db." + exit 1; + fi # This creates the user. echo "grant lock tables, alter,drop,select,insert,update,delete,create,index,alter routine,create routine, trigger,execute on ${ZM_DB_NAME}.* to '${ZM_DB_USER}'@localhost identified by \"${ZM_DB_PASS}\";" | mysql --defaults-file=/etc/mysql/debian.cnf mysql else diff --git a/distros/ubuntu1604/zoneminder.postinst b/distros/ubuntu1604/zoneminder.postinst index ffde50283..d3983950b 100644 --- a/distros/ubuntu1604/zoneminder.postinst +++ b/distros/ubuntu1604/zoneminder.postinst @@ -56,6 +56,10 @@ if [ "$1" = "configure" ]; then if ! $(echo quit | mysql --defaults-file=/etc/mysql/debian.cnf zm > /dev/null 2> /dev/null) ; then echo "Creating zm db" cat /usr/share/zoneminder/db/zm_create.sql | mysql --defaults-file=/etc/mysql/debian.cnf + if [ $? -ne 0 ]; then + echo "Error creating db." + exit 1; + fi # This creates the user. echo "grant lock tables,alter,drop,select,insert,update,delete,create,index,alter routine,create routine, trigger,execute on ${ZM_DB_NAME}.* to '${ZM_DB_USER}'@localhost identified by \"${ZM_DB_PASS}\";" | mysql --defaults-file=/etc/mysql/debian.cnf mysql else From 923f798e69f3fe31eb4e5c964ff774594a319309 Mon Sep 17 00:00:00 2001 From: Pliable Pixels Date: Fri, 17 May 2019 09:32:23 -0400 Subject: [PATCH 138/922] css classess for text that disappear --- web/lang/en_gb.php | 1 + web/skins/classic/css/base/skin.css | 43 +++++++++++++++++++++++++++++ web/skins/classic/views/options.php | 7 ++--- 3 files changed, 47 insertions(+), 4 deletions(-) diff --git a/web/lang/en_gb.php b/web/lang/en_gb.php index 9dfa2860c..1fdd112e0 100644 --- a/web/lang/en_gb.php +++ b/web/lang/en_gb.php @@ -102,6 +102,7 @@ $SLANG = array( 'AlarmRGBUnset' => 'You must set an alarm RGB colour', 'Alert' => 'Alert', 'All' => 'All', + 'AllTokensRevoked' => 'All Tokens Revoked', 'AnalysisFPS' => 'Analysis FPS', 'AnalysisUpdateDelay' => 'Analysis Update Delay', 'API' => 'API', diff --git a/web/skins/classic/css/base/skin.css b/web/skins/classic/css/base/skin.css index 069952d40..99692bff6 100644 --- a/web/skins/classic/css/base/skin.css +++ b/web/skins/classic/css/base/skin.css @@ -350,10 +350,53 @@ fieldset > legend { .alert, .warnText, .warning, .disabledText { color: #ffa801; } + + .alarm, .errorText, .error { color: #ff3f34; } +.timedErrorBox { + color:white; + background:#e74c3c; + border-radius:5px; + padding:5px; + -moz-animation: inAndOut 5s ease-in forwards; + -webkit-animation: inAndOut 5s ease-in forwards; + animation: inAndOut 5s ease-in forwards; +} + +/* + the timed classed auto disappear after 5s +*/ +.timedWarningBox { + color:white; + background:#e67e22; + border-radius:5px; + padding:5px; + -moz-animation: inAndOut 5s ease-in forwards; + -webkit-animation: inAndOut 5s ease-in forwards; + animation: inAndOut 5s ease-in forwards; +} + +.timedSuccessBox { + color:white; + background:#27ae60; + border-radius:5px; + padding:5px; + -moz-animation: inAndOut 5s ease-in forwards; + -webkit-animation: inAndOut 5s ease-in forwards; + animation: inAndOut 5s ease-in forwards; +} + +@keyframes inAndOut { + 0% {opacity:0;} + 10% {opacity:1;} + 90% {opacity:1;} + 100% {opacity:0;} +} + + .fakelink { color: #7f7fb2; cursor: pointer; diff --git a/web/skins/classic/views/options.php b/web/skins/classic/views/options.php index c0b437855..fa6a1fe61 100644 --- a/web/skins/classic/views/options.php +++ b/web/skins/classic/views/options.php @@ -330,7 +330,7 @@ foreach ( array_map('basename', glob('skins/'.$current_skin.'/css/*',GLOB_ONLYDI { $minTokenTime = time(); dbQuery ('UPDATE Users SET TokenMinExpiry=?', array ($minTokenTime)); - echo "All Tokens Revoked"; + echo "translate('AllTokensRevoked')"; } function updateSelected() @@ -338,14 +338,13 @@ foreach ( array_map('basename', glob('skins/'.$current_skin.'/css/*',GLOB_ONLYDI dbQuery("UPDATE Users SET APIEnabled=0"); foreach( $_REQUEST["tokenUids"] as $markUid ) { $minTime = time(); - // echo "UPDATE Users SET TokenMinExpiry=".$minTime." WHERE Id=".$markUid."
"; dbQuery('UPDATE Users SET TokenMinExpiry=? WHERE Id=?', array($minTime, $markUid)); } foreach( $_REQUEST["apiUids"] as $markUid ) { dbQuery('UPDATE Users SET APIEnabled=1 WHERE Id=?', array($markUid)); - // echo "UPDATE Users SET APIEnabled=1"." WHERE Id=".$markUid."
"; + } - echo "Updated"; + echo "translate('Updated'); } if(array_key_exists('revokeAllTokens',$_POST)){ From a4eff3e8e098acf995969f3359939bca00b368e1 Mon Sep 17 00:00:00 2001 From: Pliable Pixels Date: Fri, 17 May 2019 09:44:22 -0400 Subject: [PATCH 139/922] fixed html typo --- web/skins/classic/views/options.php | 4 ++-- 1 file changed, 2 insertions(+), 2 deletions(-) diff --git a/web/skins/classic/views/options.php b/web/skins/classic/views/options.php index fa6a1fe61..b0ac2af1b 100644 --- a/web/skins/classic/views/options.php +++ b/web/skins/classic/views/options.php @@ -330,7 +330,7 @@ foreach ( array_map('basename', glob('skins/'.$current_skin.'/css/*',GLOB_ONLYDI { $minTokenTime = time(); dbQuery ('UPDATE Users SET TokenMinExpiry=?', array ($minTokenTime)); - echo "translate('AllTokensRevoked')"; + echo "".translate('AllTokensRevoked').""; } function updateSelected() @@ -344,7 +344,7 @@ foreach ( array_map('basename', glob('skins/'.$current_skin.'/css/*',GLOB_ONLYDI dbQuery('UPDATE Users SET APIEnabled=1 WHERE Id=?', array($markUid)); } - echo "translate('Updated'); + echo "".translate('Updated').""; } if(array_key_exists('revokeAllTokens',$_POST)){ From e9ff1f46f1c2acba092bfb26d1e4a2d3f6c55f7c Mon Sep 17 00:00:00 2001 From: Isaac Connor Date: Fri, 17 May 2019 11:13:45 -0400 Subject: [PATCH 140/922] Add missing deps to ubuntu versions of control --- distros/ubuntu1204/control | 7 ++++++- distros/ubuntu1604/control | 5 +++++ 2 files changed, 11 insertions(+), 1 deletion(-) diff --git a/distros/ubuntu1204/control b/distros/ubuntu1204/control index f1756c5e8..779140a00 100644 --- a/distros/ubuntu1204/control +++ b/distros/ubuntu1204/control @@ -23,6 +23,8 @@ Build-Depends: debhelper (>= 9), python-sphinx | python3-sphinx, apache2-dev, dh ,libsys-mmap-perl [!hurd-any] ,libwww-perl ,libdata-uuid-perl + ,libssl-dev + ,libcrypt-eksblowfish-perl, libdata-entropy-perl # Unbundled (dh_linktree): ,libjs-jquery ,libjs-mootools @@ -64,7 +66,10 @@ Depends: ${shlibs:Depends}, ${misc:Depends}, ${perl:Depends} ,rsyslog | system-log-daemon ,zip ,libdata-dump-perl, libclass-std-fast-perl, libsoap-wsdl-perl, libio-socket-multicast-perl, libdigest-sha-perl - , libsys-cpu-perl, libsys-meminfo-perl + ,libsys-cpu-perl, libsys-meminfo-perl + ,libssl + ,libcrypt-eksblowfish-perl, libdata-entropy-perl + Recommends: ${misc:Recommends} ,libapache2-mod-php5 | php5-fpm ,mysql-server | virtual-mysql-server diff --git a/distros/ubuntu1604/control b/distros/ubuntu1604/control index 415f54c9f..6accba9d8 100644 --- a/distros/ubuntu1604/control +++ b/distros/ubuntu1604/control @@ -30,6 +30,8 @@ Build-Depends: debhelper (>= 9), dh-systemd, python-sphinx | python3-sphinx, apa ,libsys-mmap-perl [!hurd-any] ,libwww-perl ,libdata-uuid-perl + ,libssl-dev + ,libcrypt-eksblowfish-perl, libdata-entropy-perl # Unbundled (dh_linktree): ,libjs-jquery ,libjs-mootools @@ -76,6 +78,9 @@ Depends: ${shlibs:Depends}, ${misc:Depends}, ${perl:Depends} ,rsyslog | system-log-daemon ,zip ,libpcre3 + ,libssl + ,libcrypt-eksblowfish-perl, libdata-entropy-perl + Recommends: ${misc:Recommends} ,libapache2-mod-php5 | libapache2-mod-php | php5-fpm | php-fpm ,mysql-server | mariadb-server | virtual-mysql-server From e2dd11fdd4f42a0431f58f33c30396c9c53c08fa Mon Sep 17 00:00:00 2001 From: Pliable Pixels Date: Fri, 17 May 2019 11:21:07 -0400 Subject: [PATCH 141/922] added deps to ubuntu control files --- distros/ubuntu1204/control | 10 ++++++++-- distros/ubuntu1604/control | 4 ++++ 2 files changed, 12 insertions(+), 2 deletions(-) diff --git a/distros/ubuntu1204/control b/distros/ubuntu1204/control index f1756c5e8..fdf9c186e 100644 --- a/distros/ubuntu1204/control +++ b/distros/ubuntu1204/control @@ -23,6 +23,8 @@ Build-Depends: debhelper (>= 9), python-sphinx | python3-sphinx, apache2-dev, dh ,libsys-mmap-perl [!hurd-any] ,libwww-perl ,libdata-uuid-perl + ,libssl-dev + ,libcrypt-eksblowfish-perl, libdata-entropy-perl # Unbundled (dh_linktree): ,libjs-jquery ,libjs-mootools @@ -63,8 +65,12 @@ Depends: ${shlibs:Depends}, ${misc:Depends}, ${perl:Depends} ,policykit-1 ,rsyslog | system-log-daemon ,zip - ,libdata-dump-perl, libclass-std-fast-perl, libsoap-wsdl-perl, libio-socket-multicast-perl, libdigest-sha-perl - , libsys-cpu-perl, libsys-meminfo-perl + ,libdata-dump-perl, libclass-std-fast-perl, libsoap-wsdl-perl + ,libio-socket-multicast-perl, libdigest-sha-perl + ,libsys-cpu-perl, libsys-meminfo-perl + ,libssl + ,libcrypt-eksblowfish-perl, libdata-entropy-perl + Recommends: ${misc:Recommends} ,libapache2-mod-php5 | php5-fpm ,mysql-server | virtual-mysql-server diff --git a/distros/ubuntu1604/control b/distros/ubuntu1604/control index 415f54c9f..bfabd3ad3 100644 --- a/distros/ubuntu1604/control +++ b/distros/ubuntu1604/control @@ -30,6 +30,8 @@ Build-Depends: debhelper (>= 9), dh-systemd, python-sphinx | python3-sphinx, apa ,libsys-mmap-perl [!hurd-any] ,libwww-perl ,libdata-uuid-perl + ,libssl-dev + ,libcrypt-eksblowfish-perl, libdata-entropy-perl # Unbundled (dh_linktree): ,libjs-jquery ,libjs-mootools @@ -76,6 +78,8 @@ Depends: ${shlibs:Depends}, ${misc:Depends}, ${perl:Depends} ,rsyslog | system-log-daemon ,zip ,libpcre3 + ,libssl + ,libcrypt-eksblowfish-perl, libdata-entropy-perl Recommends: ${misc:Recommends} ,libapache2-mod-php5 | libapache2-mod-php | php5-fpm | php-fpm ,mysql-server | mariadb-server | virtual-mysql-server From 682d95470d73e6154c25971839122d457dab5577 Mon Sep 17 00:00:00 2001 From: Pliable Pixels Date: Fri, 17 May 2019 11:47:20 -0400 Subject: [PATCH 142/922] spaces --- distros/ubuntu1204/control | 6 ++++-- distros/ubuntu1604/control | 6 ++++-- 2 files changed, 8 insertions(+), 4 deletions(-) diff --git a/distros/ubuntu1204/control b/distros/ubuntu1204/control index fdf9c186e..d80cbc67a 100644 --- a/distros/ubuntu1204/control +++ b/distros/ubuntu1204/control @@ -24,7 +24,8 @@ Build-Depends: debhelper (>= 9), python-sphinx | python3-sphinx, apache2-dev, dh ,libwww-perl ,libdata-uuid-perl ,libssl-dev - ,libcrypt-eksblowfish-perl, libdata-entropy-perl + ,libcrypt-eksblowfish-perl + ,libdata-entropy-perl # Unbundled (dh_linktree): ,libjs-jquery ,libjs-mootools @@ -69,7 +70,8 @@ Depends: ${shlibs:Depends}, ${misc:Depends}, ${perl:Depends} ,libio-socket-multicast-perl, libdigest-sha-perl ,libsys-cpu-perl, libsys-meminfo-perl ,libssl - ,libcrypt-eksblowfish-perl, libdata-entropy-perl + ,libcrypt-eksblowfish-perl + ,libdata-entropy-perl Recommends: ${misc:Recommends} ,libapache2-mod-php5 | php5-fpm diff --git a/distros/ubuntu1604/control b/distros/ubuntu1604/control index bfabd3ad3..d07104100 100644 --- a/distros/ubuntu1604/control +++ b/distros/ubuntu1604/control @@ -31,7 +31,8 @@ Build-Depends: debhelper (>= 9), dh-systemd, python-sphinx | python3-sphinx, apa ,libwww-perl ,libdata-uuid-perl ,libssl-dev - ,libcrypt-eksblowfish-perl, libdata-entropy-perl + ,libcrypt-eksblowfish-perl + ,libdata-entropy-perl # Unbundled (dh_linktree): ,libjs-jquery ,libjs-mootools @@ -79,7 +80,8 @@ Depends: ${shlibs:Depends}, ${misc:Depends}, ${perl:Depends} ,zip ,libpcre3 ,libssl - ,libcrypt-eksblowfish-perl, libdata-entropy-perl + ,libcrypt-eksblowfish-perl + ,libdata-entropy-perl Recommends: ${misc:Recommends} ,libapache2-mod-php5 | libapache2-mod-php | php5-fpm | php-fpm ,mysql-server | mariadb-server | virtual-mysql-server From 304192472d74bfb2c280a7e340d2f0a07290b21a Mon Sep 17 00:00:00 2001 From: Pliable Pixels Date: Fri, 17 May 2019 12:02:24 -0400 Subject: [PATCH 143/922] removed extra line --- distros/ubuntu1204/control | 1 - 1 file changed, 1 deletion(-) diff --git a/distros/ubuntu1204/control b/distros/ubuntu1204/control index d80cbc67a..1dc8a2b38 100644 --- a/distros/ubuntu1204/control +++ b/distros/ubuntu1204/control @@ -72,7 +72,6 @@ Depends: ${shlibs:Depends}, ${misc:Depends}, ${perl:Depends} ,libssl ,libcrypt-eksblowfish-perl ,libdata-entropy-perl - Recommends: ${misc:Recommends} ,libapache2-mod-php5 | php5-fpm ,mysql-server | virtual-mysql-server From 8e1037458ae675579c6e0b7efc6b0b1c9611530e Mon Sep 17 00:00:00 2001 From: Pliable Pixels Date: Sat, 18 May 2019 11:23:16 -0400 Subject: [PATCH 144/922] when regenerating using refresh tokens, username needs to be derived from the refresh token, as no session would exist --- web/api/app/Controller/HostController.php | 19 +++++++++++++++---- web/includes/auth.php | 4 ++-- 2 files changed, 17 insertions(+), 6 deletions(-) diff --git a/web/api/app/Controller/HostController.php b/web/api/app/Controller/HostController.php index 9ff4e7c76..d6827c491 100644 --- a/web/api/app/Controller/HostController.php +++ b/web/api/app/Controller/HostController.php @@ -49,7 +49,7 @@ class HostController extends AppController { $cred = $this->_getCredentials(true); // generate refresh } else { - $cred = $this->_getCredentials(false); // don't generate refresh + $cred = $this->_getCredentials(false, $mToken); // don't generate refresh } $login_array = array ( @@ -114,7 +114,7 @@ class HostController extends AppController { } } - private function _getCredentials($generate_refresh_token=false) { + private function _getCredentials($generate_refresh_token=false, $mToken='') { $credentials = ''; $this->loadModel('Config'); @@ -127,6 +127,17 @@ class HostController extends AppController { throw new ForbiddenException(__('Please create a valid AUTH_HASH_SECRET in ZoneMinder')); } + if ($mToken) { + // If we have a token, we need to derive username from there + $ret = validateToken($mToken, 'refresh'); + $mUser = $ret[0]['Username']; + + } else { + $mUser = $_SESSION['username']; + } + + ZM\Info("Creating token for \"$mUser\""); + /* we won't support AUTH_HASH_IPS in token mode reasons: a) counter-intuitive for mobile consumers @@ -149,7 +160,7 @@ class HostController extends AppController { "iss" => "ZoneMinder", "iat" => $access_issued_at, "exp" => $access_expire_at, - "user" => $_SESSION['username'], + "user" => $mUser, "type" => "access" ); @@ -167,7 +178,7 @@ class HostController extends AppController { "iss" => "ZoneMinder", "iat" => $refresh_issued_at, "exp" => $refresh_expire_at, - "user" => $_SESSION['username'], + "user" => $mUser, "type" => "refresh" ); $jwt_refresh_token = \Firebase\JWT\JWT::encode($refresh_token, $key, 'HS256'); diff --git a/web/includes/auth.php b/web/includes/auth.php index 33d2b3fb6..3b823004c 100644 --- a/web/includes/auth.php +++ b/web/includes/auth.php @@ -244,7 +244,7 @@ function validateToken ($token, $allowed_token_type='access') { $minIssuedAt = $saved_user_details['TokenMinExpiry']; if ($issuedAt < $minIssuedAt) { - ZM\Error ("Token revoked for $username. Please generate a new token"); + ZM\Error ("Token revoked for \"$username\". Please generate a new token"); $_SESSION['loginFailed'] = true; unset($user); return array(false, "Token revoked. Please re-generate"); @@ -253,7 +253,7 @@ function validateToken ($token, $allowed_token_type='access') { $user = $saved_user_details; return array($user, "OK"); } else { - ZM\Error ("Could not retrieve user $username details"); + ZM\Error ("Could not retrieve user \"$username\" details"); $_SESSION['loginFailed'] = true; unset($user); return array(false, "No such user/credentials"); From 33db7e1e35944668f3a5b9db9b424d6f4fd2967a Mon Sep 17 00:00:00 2001 From: Pliable Pixels Date: Sat, 18 May 2019 13:47:31 -0400 Subject: [PATCH 145/922] add libssl1.0.0 for ubuntu 16/12 --- distros/ubuntu1204/control | 2 +- distros/ubuntu1604/control | 2 +- 2 files changed, 2 insertions(+), 2 deletions(-) diff --git a/distros/ubuntu1204/control b/distros/ubuntu1204/control index 1dc8a2b38..9e54e2aa3 100644 --- a/distros/ubuntu1204/control +++ b/distros/ubuntu1204/control @@ -69,7 +69,7 @@ Depends: ${shlibs:Depends}, ${misc:Depends}, ${perl:Depends} ,libdata-dump-perl, libclass-std-fast-perl, libsoap-wsdl-perl ,libio-socket-multicast-perl, libdigest-sha-perl ,libsys-cpu-perl, libsys-meminfo-perl - ,libssl + ,libssl | libssl1.0.0 ,libcrypt-eksblowfish-perl ,libdata-entropy-perl Recommends: ${misc:Recommends} diff --git a/distros/ubuntu1604/control b/distros/ubuntu1604/control index d07104100..30451f7e1 100644 --- a/distros/ubuntu1604/control +++ b/distros/ubuntu1604/control @@ -79,7 +79,7 @@ Depends: ${shlibs:Depends}, ${misc:Depends}, ${perl:Depends} ,rsyslog | system-log-daemon ,zip ,libpcre3 - ,libssl + ,libssl | libssl1.0.0 ,libcrypt-eksblowfish-perl ,libdata-entropy-perl Recommends: ${misc:Recommends} From 036d47545f6b22fb1c0139ff55f97080fd3d039f Mon Sep 17 00:00:00 2001 From: Pliable Pixels Date: Sat, 18 May 2019 19:35:13 -0400 Subject: [PATCH 146/922] small API fixes --- docs/api.rst | 4 ++-- 1 file changed, 2 insertions(+), 2 deletions(-) diff --git a/docs/api.rst b/docs/api.rst index d60847d92..2b96bb397 100644 --- a/docs/api.rst +++ b/docs/api.rst @@ -85,7 +85,7 @@ Or for API 2.0: Using these keys with subsequent requests ^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^ -Once you have the keys (a.k.a credentials (v1.0, v2.0) or token (v2.0)) you should now supply that credential to subsequent API calls like this: +Once you have the keys (a.k.a credentials (v1.0, v2.0) or token (v2.0)) you should now supply that key to subsequent API calls like this: :: @@ -108,7 +108,7 @@ Once you have the keys (a.k.a credentials (v1.0, v2.0) or token (v2.0)) you shou Key lifetime (v1.0) ^^^^^^^^^^^^^^^^^^^^^ -If you are using the old ``auth_hash`` mechanism present in v1.0, then the credentials will time out based on PHP session timeout. This is often confusing and sometime causes additional issues due to the fact that the old method also includes timestamps in its hash. +If you are using the old credentials mechanism present in v1.0, then the credentials will time out based on PHP session timeout (if you are using cookies), or the value of ``AUTH_HASH_TTL`` which defaults to 2 hours. Note that there is no way to look at the hash and decipher how much time is remaining. So it is your responsibility to record the time you got the hash and assume it was generated at the time you got it and re-login before that time expires. Key lifetime (v2.0) ^^^^^^^^^^^^^^^^^^^^^^ From ddd02ec10df4b91905d8785262cf3897104b72ce Mon Sep 17 00:00:00 2001 From: Pliable Pixels Date: Sun, 19 May 2019 07:29:27 -0400 Subject: [PATCH 147/922] clean up of API, remove redundant sections --- docs/api.rst | 162 ++++++++++++++++----------------------------------- 1 file changed, 49 insertions(+), 113 deletions(-) diff --git a/docs/api.rst b/docs/api.rst index 2b96bb397..177678977 100644 --- a/docs/api.rst +++ b/docs/api.rst @@ -40,14 +40,14 @@ For v2.0 APIs, you have an additional option right below it - ``OPT_USE_LEGACY_A Enabling secret key ^^^^^^^^^^^^^^^^^^^ -* It is important that you create a "Secret Key". This needs to be a set of hard to guess characters, that only you know. ZoneMinder does not create a key for you. It is your responsibility to create it. If you haven't created one already, please do so by going to ``Options->Systems`` and populating ``AUTH_HASH_SECRET``. Don't forget to save. +* It is **important** that you create a "Secret Key". This needs to be a set of hard to guess characters, that only you know. ZoneMinder does not create a key for you. It is your responsibility to create it. If you haven't created one already, please do so by going to ``Options->Systems`` and populating ``AUTH_HASH_SECRET``. Don't forget to save. * If you plan on using V2.0 token based security, **it is mandatory to populate this secret key**, as it is used to sign the token. If you don't, token authentication will fail. V1.0 did not mandate this requirement. -Getting API key +Getting an API key ^^^^^^^^^^^^^^^^^^^^^^^ -To get API key: +To get an API key: :: @@ -91,29 +91,34 @@ Once you have the keys (a.k.a credentials (v1.0, v2.0) or token (v2.0)) you shou # RECOMMENDED: v2.0 token based curl -XPOST https://yourserver/zm/api/monitors.json&token= - # or + + # or # v1.0 or 2.0 based API access (will only work if AUTH_HASH_LOGINS is enabled) curl -XPOST -d "auth=" https://yourserver/zm/api/monitors.json + # or + curl -XGET https://yourserver/zm/api/monitors.json&auth= + # or, if you specified -c cookies.txt in the original login request + curl -b cookies.txt -XGET https://yourserver/zm/api/monitors.json .. NOTE:: - ZoneMinder's API layer allows API keys to be encoded either as a querty parameter or as a data payload. If you don't pass keys, you could use cookies (not recommended as a general approach) + ZoneMinder's API layer allows API keys to be encoded either as a query parameter or as a data payload. If you don't pass keys, you could use cookies (not recommended as a general approach) Key lifetime (v1.0) ^^^^^^^^^^^^^^^^^^^^^ -If you are using the old credentials mechanism present in v1.0, then the credentials will time out based on PHP session timeout (if you are using cookies), or the value of ``AUTH_HASH_TTL`` which defaults to 2 hours. Note that there is no way to look at the hash and decipher how much time is remaining. So it is your responsibility to record the time you got the hash and assume it was generated at the time you got it and re-login before that time expires. +If you are using the old credentials mechanism present in v1.0, then the credentials will time out based on PHP session timeout (if you are using cookies), or the value of ``AUTH_HASH_TTL`` (if you are using ``auth=`` and have enabled ``AUTH_HASH_LOGINS``) which defaults to 2 hours. Note that there is no way to look at the hash and decipher how much time is remaining. So it is your responsibility to record the time you got the hash and assume it was generated at the time you got it and re-login before that time expires. Key lifetime (v2.0) ^^^^^^^^^^^^^^^^^^^^^^ -In version 2.0, it is very easy to know when a key will expire. You can find that out from the ``access_token_expires`` and ``refresh_token_exipres`` values (in seconds). You should refresh the keys before the timeout occurs, or you will not be able to use the APIs. +In version 2.0, it is easy to know when a key will expire before you use it. You can find that out from the ``access_token_expires`` and ``refresh_token_exipres`` values (in seconds) after you decode the JWT key (there are JWT decode libraries for every language you want). You should refresh the keys before the timeout occurs, or you will not be able to use the APIs. Understanding access/refresh tokens (v2.0) ^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^ @@ -128,7 +133,7 @@ If you are using V2.0, then you need to know how to use these tokens effectively **To Summarize:** * Pass your ``username`` and ``password`` to ``login.json`` only once in 24 hours to renew your tokens -* Pass your "refresh token" to ``login.json`` once an hour to renew your ``access token`` +* Pass your "refresh token" to ``login.json`` once in two hours (or whatever you have set the value of ``AUTH_HASH_TTL`` to) to renew your ``access token`` * Use your ``access token`` for all API invocations. In fact, V2.0 will reject your request (if it is not to ``login.json``) if it comes with a refresh token instead of an access token to discourage usage of this token when it should not be used. @@ -138,7 +143,7 @@ This minimizes the amount of sensitive data that is sent over the wire and the l Understanding key security ^^^^^^^^^^^^^^^^^^^^^^^^^^^^ -* Version 1.0 uses an MD5 hash to generate the credentials. The hash is computed over your secret key (if avaiable), username, password and some time parameters (along with remote IP if enabled). This is not a secure/recommended hashing mechanism. If your auth hash is compromised, an attacker will be able to use your hash till it expires. To avoid this, you could disable the user in ZoneMinder. +* Version 1.0 uses an MD5 hash to generate the credentials. The hash is computed over your secret key (if available), username, password and some time parameters (along with remote IP if enabled). This is not a secure/recommended hashing mechanism. If your auth hash is compromised, an attacker will be able to use your hash till it expires. To avoid this, you could disable the user in ZoneMinder. Furthermore, enabling remote IP (``AUTH_HASH_REMOTE_IP``) requires that you issue future requests from the same IP that generated the tokens. While this may be considered an additional layer for security, this can cause issues with mobile devices. * Version 2.0 uses a different approach. The hash is a simple base64 encoded form of "claims", but signed with your secret key. Consider for example, the following access key: @@ -160,10 +165,10 @@ If you were to use any `JWT token verifier `__ it can easily dec Invalid Signature -Don't be surprised. JWT tokens are not meant to be encrypted. It is just an assertion of a claim. It states that the issuer of this token was ZoneMinder, +Don't be surprised. JWT tokens, by default, are `not meant to be encrypted `__. It is just an assertion of a claim. It states that the issuer of this token was ZoneMinder, It was issued at (iat) Wednesday, 2019-05-15 17:19:12 UTC and will expire on (exp) Wednesday, 2019-05-15 18:19:12 UTC. This token claims to be owned by an admin and is an access token. If your token were to be stolen, this information is available to the person who stole it. Note that there are no sensitive details like passwords in this claim. -However, that person will **not** have your secret key as part of this token and therefore, will NOT be able to create a new JWT token to get, say, a refresh token. They will however, be able to use your access token to access resources just like the auth hash above, till the access token expires (1hr). To revoke this token, you don't need to disable the user. Go to ``Options->API`` and tap on "Revoke All Access Tokens". This will invalidate the token immediately (this option will invalidate all tokens for all users, and new ones will need to be generated). +However, that person will **not** have your secret key as part of this token and therefore, will NOT be able to create a new JWT token to get, say, a refresh token. They will however, be able to use your access token to access resources just like the auth hash above, till the access token expires (2 hrs). To revoke this token, you don't need to disable the user. Go to ``Options->API`` and tap on "Revoke All Access Tokens". This will invalidate the token immediately (this option will invalidate all tokens for all users, and new ones will need to be generated). Over time, we will provide you with more fine grained access to these options. @@ -175,105 +180,12 @@ Over time, we will provide you with more fine grained access to these options. * If you believe your tokens are compromised, revoke them, but also check if your attacker has compromised more than you think (example, they may also have your username/password or access to your system via other exploits, in which case they can regenerate as many tokens/credentials as they want). - .. NOTE:: Subsequent sections don't explicitly callout the key addition to APIs. We assume that you will append the correct keys as per our explanation above. - -Logout APIs -^^^^^^^^^^^^^^ -The APIs tie into ZoneMinder's existing security model. This means if you have -OPT_AUTH enabled, you need to log into ZoneMinder using the same browser you plan to -use the APIs from. If you are developing an app that relies on the API, you need -to do a POST login from the app into ZoneMinder before you can access the API. - -Then, you need to re-use the authentication information of the login (returned as cookie states) -with subsequent APIs for the authentication information to flow through to the APIs. - -This means if you plan to use cuRL to experiment with these APIs, you first need to login: - -**Login process for ZoneMinder v1.32.0 and above** - -:: - - curl -XPOST -d "user=XXXX&pass=YYYY" -c cookies.txt http://yourzmip/zm/api/host/login.json - -Staring ZM 1.32.0, you also have a `logout` API that basically clears your session. It looks like this: - -:: - - curl -b cookies.txt http://yourzmip/zm/api/host/logout.json - - -**Login process for older versions of ZoneMinder** - -:: - - curl -d "username=XXXX&password=YYYY&action=login&view=console" -c cookies.txt http://yourzmip/zm/index.php - -The equivalent logout process for older versions of ZoneMinder is: - -:: - - curl -XPOST -d "username=XXXX&password=YYYY&action=logout&view=console" -b cookies.txt http://yourzmip/zm/index.php - -replacing *XXXX* and *YYYY* with your username and password, respectively. - -Please make sure you do this in a directory where you have write permissions, otherwise cookies.txt will not be created -and the command will silently fail. - - -What the "-c cookies.txt" does is store a cookie state reflecting that you have logged into ZM. You now need -to apply that cookie state to all subsequent APIs. You do that by using a '-b cookies.txt' to subsequent APIs if you are -using CuRL like so: - -:: - - curl -b cookies.txt http://yourzmip/zm/api/monitors.json - -This would return a list of monitors and pass on the authentication information to the ZM API layer. - -A deeper dive into the login process -^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^ - -As you might have seen above, there are two ways to login, one that uses the `login.json` API and the other that logs in using the ZM portal. If you are running ZoneMinder 1.32.0 and above, it is *strongly* recommended you use the `login.json` approach. The "old" approach will still work but is not as powerful as the API based login. Here are the reasons why: - - * The "old" approach basically uses the same login webpage (`index.php`) that a user would log into when viewing the ZM console. This is not really using an API and more importantly, if you have additional components like reCAPTCHA enabled, this will not work. Using the API approach is much cleaner and will work irrespective of reCAPTCHA - - * The new login API returns important information that you can use to stream videos as well, right after login. Consider for example, a typical response to the login API (`/login.json`): - -:: - - { - "credentials": "auth=f5b9cf48693fe8552503c8ABCD5", - "append_password": 0, - "version": "1.31.44", - "apiversion": "1.0" - } - -In this example I have `OPT_AUTH` enabled in ZoneMinder and it returns my credential key. You can then use this key to stream images like so: - -:: - - - -Where `authval` is the credentials returned to start streaming videos. - -The `append_password` field will contain 1 when it is necessary for you to append your ZM password. This is the case when you set `AUTH_RELAY` in ZM options to "plain", for example. In that case, the `credentials` field may contain something like `&user=admin&pass=` and you have to add your password to that string. - - -.. NOTE:: It is recommended you invoke the `login` API once every 60 minutes to make sure the session stays alive. The same is true if you use the old login method too. - - - -Examples (please read security notice above) -^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^ - -Please remember, if you are using authentication, please add a ``-b cookies.txt`` to each of the commands below if you are using -CuRL. If you are not using CuRL and writing your own app, you need to make sure you pass on cookies to subsequent requests -in your app. - +Examples +^^^^^^^^^ (In all examples, replace 'server' with IP or hostname & port where ZoneMinder is running) @@ -500,6 +412,15 @@ This returns number of events per monitor that were recorded in the last day whe +Return sorted events +^^^^^^^^^^^^^^^^^^^^^^ + +This returns a list of events within a time range and also sorts it by descending order + +:: + + curl -XGET "http://server/zm/api/events/index/StartTime%20>=:2015-05-15%2018:43:56/EndTime%20<=:208:43:56.json?sort=StartTime&direction=desc" + Configuration Apis ^^^^^^^^^^^^^^^^^^^ @@ -674,6 +595,9 @@ Returns: This only works if you have a multiserver setup in place. If you don't it will return an empty array. +Other APIs +^^^^^^^^^^ +This is not a complete list. ZM supports more parameters/APIs. A good way to dive in is to look at the `API code `__ directly. Streaming Interface ^^^^^^^^^^^^^^^^^^^ @@ -690,9 +614,13 @@ For example: :: + + + # or + - #or - + + will display a live feed from monitor id 1, scaled down by 50% in quality and resized to 640x480px. @@ -728,10 +656,13 @@ Similar to live playback, if you have chosen to store events in JPEG mode, you c :: - - #or + # or + + + + * This assumes ``/zm/cgi-bin`` is your CGI_BIN path. Change it to what is correct in your system * This will playback event 293820, starting from frame 1 as an MJPEG stream @@ -741,12 +672,16 @@ Similar to live playback, if you have chosen to store events in JPEG mode, you c If instead, you have chosen to use the MP4 (Video) storage mode for events, you can directly play back the saved video file: :: + - - #or -* This will play back the video recording for event 294690 + # or + + + + +This above will play back the video recording for event 294690 What other parameters are supported? ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~ @@ -757,6 +692,7 @@ are generated. Change and observe. Further Reading ^^^^^^^^^^^^^^^^ + As described earlier, treat this document as an "introduction" to the important parts of the API and streaming interfaces. There are several details that haven't yet been documented. Till they are, here are some resources: From bdbbab0d3e516aa90ceab0ffdcc18a1a9f9eb0df Mon Sep 17 00:00:00 2001 From: Isaac Connor Date: Tue, 21 May 2019 17:15:08 -0400 Subject: [PATCH 148/922] Handle no results from get_ProbeMatch() --- scripts/ZoneMinder/lib/ZoneMinder/ONVIF.pm.in | 10 ++++++---- 1 file changed, 6 insertions(+), 4 deletions(-) diff --git a/scripts/ZoneMinder/lib/ZoneMinder/ONVIF.pm.in b/scripts/ZoneMinder/lib/ZoneMinder/ONVIF.pm.in index 9ce556beb..056801d9c 100644 --- a/scripts/ZoneMinder/lib/ZoneMinder/ONVIF.pm.in +++ b/scripts/ZoneMinder/lib/ZoneMinder/ONVIF.pm.in @@ -112,21 +112,23 @@ sub interpret_messages { my @results; foreach my $response ( @responses ) { - if($verbose) { + if ( $verbose ) { print "Received message:\n" . $response . "\n"; } my $result = deserialize_message($svc_discover, $response); - if(not $result) { + if ( not $result ) { print "Error deserializing message. No message returned from deserializer.\n" if $verbose; next; } my $xaddr; - foreach my $l_xaddr (split ' ', $result->get_ProbeMatch()->get_XAddrs()) { + my $probe_match = $result->get_ProbeMatch(); + next if ! $probe_match; + foreach my $l_xaddr (split ' ', $probe_match->get_XAddrs()) { # find IPv4 address print "l_xaddr = $l_xaddr\n" if $verbose; - if($l_xaddr =~ m|//[0-9]+\.[0-9]+\.[0-9]+\.[0-9]+[:/]|) { + if ( $l_xaddr =~ m|//[0-9]+\.[0-9]+\.[0-9]+\.[0-9]+[:/]| ) { $xaddr = $l_xaddr; last; } else { From 6dd1bbe895b47025dddc877e8e9179f3da01056b Mon Sep 17 00:00:00 2001 From: Pliable Pixels Date: Thu, 23 May 2019 13:52:54 -0400 Subject: [PATCH 149/922] moved to ZM fork for bcrypt --- .gitmodules | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/.gitmodules b/.gitmodules index f5bcf359d..b64d78997 100644 --- a/.gitmodules +++ b/.gitmodules @@ -7,7 +7,7 @@ url = https://github.com/ZoneMinder/CakePHP-Enum-Behavior.git [submodule "third_party/bcrypt"] path = third_party/bcrypt - url = https://github.com/pliablepixels/libbcrypt + url = https://github.com/ZoneMinder/libbcrypt [submodule "third_party/jwt-cpp"] path = third_party/jwt-cpp url = https://github.com/Thalhammer/jwt-cpp From bc9116dd94a99d445dae8a95d66495022cb57b1f Mon Sep 17 00:00:00 2001 From: Isaac Connor Date: Thu, 23 May 2019 14:27:17 -0400 Subject: [PATCH 150/922] whitespace and google code style --- web/includes/auth.php | 103 ++++++++++++++++++------------------------ 1 file changed, 45 insertions(+), 58 deletions(-) diff --git a/web/includes/auth.php b/web/includes/auth.php index 3b823004c..a3d3e35de 100644 --- a/web/includes/auth.php +++ b/web/includes/auth.php @@ -26,25 +26,21 @@ use \Firebase\JWT\JWT; // this function migrates mysql hashing to bcrypt, if you are using PHP >= 5.5 // will be called after successful login, only if mysql hashing is detected function migrateHash($user, $pass) { - if (function_exists('password_hash')) { - ZM\Info ("Migrating $user to bcrypt scheme"); + if ( function_exists('password_hash') ) { + ZM\Info("Migrating $user to bcrypt scheme"); // let it generate its own salt, and ensure bcrypt as PASSWORD_DEFAULT may change later // we can modify this later to support argon2 etc as switch to its own password signature detection $bcrypt_hash = password_hash($pass, PASSWORD_BCRYPT); //ZM\Info ("hased bcrypt $pass is $bcrypt_hash"); $update_password_sql = 'UPDATE Users SET Password=\''.$bcrypt_hash.'\' WHERE Username=\''.$user.'\''; - ZM\Info ($update_password_sql); + ZM\Info($update_password_sql); dbQuery($update_password_sql); - } - else { - - ZM\Info ('Cannot migrate password scheme to bcrypt, as you are using PHP < 5.3'); + } else { + ZM\Info('Cannot migrate password scheme to bcrypt, as you are using PHP < 5.3'); return; } - } - // core function used to login a user to PHP. Is also used for cake sessions for the API function userLogin($username='', $password='', $passwordHashed=false, $apiLogin = false) { @@ -58,7 +54,7 @@ function userLogin($username='', $password='', $passwordHashed=false, $apiLogin // if true, a popup will display after login // lets validate reCaptcha if it exists // this only applies if it userLogin was not called from API layer - if (!$apiLogin + if ( !$apiLogin && defined('ZM_OPT_USE_GOOG_RECAPTCHA') && defined('ZM_OPT_GOOG_RECAPTCHA_SECRETKEY') && defined('ZM_OPT_GOOG_RECAPTCHA_SITEKEY') @@ -73,17 +69,17 @@ function userLogin($username='', $password='', $passwordHashed=false, $apiLogin 'remoteip' => $_SERVER['REMOTE_ADDR'] ); $res = do_post_request($url, http_build_query($fields)); - $responseData = json_decode($res,true); + $responseData = json_decode($res, true); // credit: https://github.com/google/recaptcha/blob/master/src/ReCaptcha/Response.php // if recaptcha resulted in error, we might have to deny login - if ( isset($responseData['success']) && $responseData['success'] == false ) { + if ( isset($responseData['success']) && ($responseData['success'] == false) ) { // PP - before we deny auth, let's make sure the error was not 'invalid secret' // because that means the user did not configure the secret key correctly // in this case, we prefer to let him login in and display a message to correct // the key. Unfortunately, there is no way to check for invalid site key in code // as it produces the same error as when you don't answer a recaptcha if ( isset($responseData['error-codes']) && is_array($responseData['error-codes']) ) { - if ( !in_array('invalid-input-secret',$responseData['error-codes']) ) { + if ( !in_array('invalid-input-secret', $responseData['error-codes']) ) { Error('reCaptcha authentication failed'); return null; } else { @@ -102,18 +98,18 @@ function userLogin($username='', $password='', $passwordHashed=false, $apiLogin // First retrieve the stored password // and move password hashing to application space - $saved_user_details = dbFetchOne ($sql, NULL, $sql_values); + $saved_user_details = dbFetchOne($sql, NULL, $sql_values); $password_correct = false; $password_type = NULL; - if ($saved_user_details) { + if ( $saved_user_details ) { // if the API layer asked us to login, make sure the user // has API enabled (admin may have banned API for this user) - if ($apiLogin) { - if ($saved_user_details['APIEnabled'] != 1) { - ZM\Error ("API disabled for: $username"); + if ( $apiLogin ) { + if ( $saved_user_details['APIEnabled'] != 1 ) { + ZM\Error("API disabled for: $username"); $_SESSION['loginFailed'] = true; unset($user); return false; @@ -121,45 +117,39 @@ function userLogin($username='', $password='', $passwordHashed=false, $apiLogin } $saved_password = $saved_user_details['Password']; - if ($saved_password[0] == '*') { + if ( $saved_password[0] == '*' ) { // We assume we don't need to support mysql < 4.1 // Starting MY SQL 4.1, mysql concats a '*' in front of its password hash // https://blog.pythian.com/hashing-algorithm-in-mysql-password-2/ - ZM\Logger::Debug ('Saved password is using MYSQL password function'); - $input_password_hash ='*'.strtoupper(sha1(sha1($password, true))); + ZM\Logger::Debug('Saved password is using MYSQL password function'); + $input_password_hash = '*'.strtoupper(sha1(sha1($password, true))); $password_correct = ($saved_password == $input_password_hash); $password_type = 'mysql'; - } - elseif (preg_match('/^\$2[ayb]\$.+$/', $saved_password)) { + } else if ( preg_match('/^\$2[ayb]\$.+$/', $saved_password) ) { ZM\Logger::Debug('bcrypt signature found, assumed bcrypt password'); - $password_type='bcrypt'; - $password_correct = $passwordHashed? ($password == $saved_password) : password_verify($password, $saved_password); + $password_type = 'bcrypt'; + $password_correct = $passwordHashed ? ($password == $saved_password) : password_verify($password, $saved_password); } // zmupdate.pl adds a '-ZM-' prefix to overlay encrypted passwords // this is done so that we don't spend cycles doing two bcrypt password_verify calls // for every wrong password entered. This will only be invoked for passwords zmupdate.pl has // overlay hashed - elseif (substr($saved_password, 0,4) == '-ZM-') { + else if ( substr($saved_password, 0,4) == '-ZM-' ) { ZM\Logger::Debug("Detected bcrypt overlay hashing for $username"); - ZM\Info("Detected bcrypt overlay hashing for $username"); - $bcrypt_hash = substr ($saved_password, 4); - $mysql_encoded_password ='*'.strtoupper(sha1(sha1($password, true))); + $bcrypt_hash = substr($saved_password, 4); + $mysql_encoded_password = '*'.strtoupper(sha1(sha1($password, true))); ZM\Logger::Debug("Comparing password $mysql_encoded_password to bcrypt hash: $bcrypt_hash"); - ZM\Info("Comparing password $mysql_encoded_password to bcrypt hash: $bcrypt_hash"); $password_correct = password_verify($mysql_encoded_password, $bcrypt_hash); - $password_type = "mysql"; // so we can migrate later down - - } - else { - // we really should nag the user not to use plain - ZM\Warning ('assuming plain text password as signature is not known. Please do not use plain, it is very insecure'); - $password_type = 'plain'; - $password_correct = ($saved_password == $password); - + $password_type = 'mysql'; // so we can migrate later down + } else { + // we really should nag the user not to use plain + ZM\Warning ('assuming plain text password as signature is not known. Please do not use plain, it is very insecure'); + $password_type = 'plain'; + $password_correct = ($saved_password == $password); } } else { - ZM\Error ("Could not retrieve user $username details"); + ZM\Error("Could not retrieve user $username details"); $_SESSION['loginFailed'] = true; unset($user); return false; @@ -172,10 +162,10 @@ function userLogin($username='', $password='', $passwordHashed=false, $apiLogin } $_SESSION['remoteAddr'] = $_SERVER['REMOTE_ADDR']; // To help prevent session hijacking - if ($password_correct) { + if ( $password_correct ) { ZM\Info("Login successful for user \"$username\""); $user = $saved_user_details; - if ($password_type == 'mysql') { + if ( $password_type == 'mysql' ) { ZM\Info('Migrating password, if possible for future logins'); migrateHash($username, $password); } @@ -224,42 +214,41 @@ function validateToken ($token, $allowed_token_type='access') { $jwt_payload = json_decode(json_encode($decoded_token), true); $type = $jwt_payload['type']; - if ($type != $allowed_token_type) { - if ($allowed_token_type == 'access') { + if ( $type != $allowed_token_type ) { + if ( $allowed_token_type == 'access' ) { // give a hint that the user is not doing it right - ZM\Error ('Please do not use refresh tokens for this operation'); + ZM\Error('Please do not use refresh tokens for this operation'); } - return array (false, "Incorrect token type"); + return array (false, 'Incorrect token type'); } $username = $jwt_payload['user']; $sql = 'SELECT * FROM Users WHERE Enabled=1 AND Username = ?'; $sql_values = array($username); - $saved_user_details = dbFetchOne ($sql, NULL, $sql_values); + $saved_user_details = dbFetchOne($sql, NULL, $sql_values); - if ($saved_user_details) { + if ( $saved_user_details ) { $issuedAt = $jwt_payload['iat']; $minIssuedAt = $saved_user_details['TokenMinExpiry']; - if ($issuedAt < $minIssuedAt) { - ZM\Error ("Token revoked for \"$username\". Please generate a new token"); + if ( $issuedAt < $minIssuedAt ) { + ZM\Error("Token revoked for $username. Please generate a new token"); $_SESSION['loginFailed'] = true; unset($user); - return array(false, "Token revoked. Please re-generate"); + return array(false, 'Token revoked. Please re-generate'); } $user = $saved_user_details; - return array($user, "OK"); + return array($user, 'OK'); } else { - ZM\Error ("Could not retrieve user \"$username\" details"); + ZM\Error("Could not retrieve user $username details"); $_SESSION['loginFailed'] = true; unset($user); - return array(false, "No such user/credentials"); + return array(false, 'No such user/credentials'); } - -} +} // end function validateToken($token, $allowed_token_type='access') function getAuthUser($auth) { if ( ZM_OPT_USE_AUTH && ZM_AUTH_RELAY == 'hashed' && !empty($auth) ) { @@ -299,8 +288,6 @@ function getAuthUser($auth) { return false; } // end getAuthUser($auth) - - function generateAuthHash($useRemoteAddr, $force=false) { if ( ZM_OPT_USE_AUTH and ZM_AUTH_RELAY == 'hashed' and isset($_SESSION['username']) and $_SESSION['passwordHash'] ) { $time = time(); From d5120f7506f6236ae4c97c4430f073652a196481 Mon Sep 17 00:00:00 2001 From: Isaac Connor Date: Thu, 23 May 2019 14:30:45 -0400 Subject: [PATCH 151/922] regenerate auth hash if doing password migration --- web/includes/auth.php | 2 ++ 1 file changed, 2 insertions(+) diff --git a/web/includes/auth.php b/web/includes/auth.php index a3d3e35de..7b8ce062d 100644 --- a/web/includes/auth.php +++ b/web/includes/auth.php @@ -35,6 +35,8 @@ function migrateHash($user, $pass) { $update_password_sql = 'UPDATE Users SET Password=\''.$bcrypt_hash.'\' WHERE Username=\''.$user.'\''; ZM\Info($update_password_sql); dbQuery($update_password_sql); + # Since password field has changed, existing auth_hash is no longer valid + generateAuthHash(ZM_AUTH_HASH_IPS, true); } else { ZM\Info('Cannot migrate password scheme to bcrypt, as you are using PHP < 5.3'); return; From 57708c016c96b330ce952a67d4e2a4f732d71ecb Mon Sep 17 00:00:00 2001 From: Pliable Pixels Date: Thu, 23 May 2019 14:59:21 -0400 Subject: [PATCH 152/922] dont need AUTH HASH LOGIN to be on --- web/includes/auth.php | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/web/includes/auth.php b/web/includes/auth.php index 7b8ce062d..367ccee74 100644 --- a/web/includes/auth.php +++ b/web/includes/auth.php @@ -376,7 +376,7 @@ if ( ZM_OPT_USE_AUTH ) { userLogin($_REQUEST['username'], $_REQUEST['password'], false); } - if ( ZM_AUTH_HASH_LOGINS && empty($user) && !empty($_REQUEST['token']) ) { + if (empty($user) && !empty($_REQUEST['token']) ) { $ret = validateToken($_REQUEST['token'], 'access'); $user = $ret[0]; From 883688a72d5dd66e5b581308cbcbd7a2f2e3f94a Mon Sep 17 00:00:00 2001 From: Isaac Connor Date: Thu, 23 May 2019 15:15:37 -0400 Subject: [PATCH 153/922] Add auth hash verification to the user logged in already case --- web/includes/auth.php | 13 +++++++++---- 1 file changed, 9 insertions(+), 4 deletions(-) diff --git a/web/includes/auth.php b/web/includes/auth.php index 7b8ce062d..dab570a19 100644 --- a/web/includes/auth.php +++ b/web/includes/auth.php @@ -356,9 +356,15 @@ if ( ZM_OPT_USE_AUTH ) { } if ( isset($_SESSION['username']) ) { - # Need to refresh permissions and validate that the user still exists - $sql = 'SELECT * FROM Users WHERE Enabled=1 AND Username=?'; - $user = dbFetchOne($sql, NULL, array($_SESSION['username'])); + if ( ZM_AUTH_HASH_LOGINS ) { + # Extra validation, if logged in, then the auth hash will be set in the session, so we can validate it. + # This prevent session modification to switch users + $user = getAuthUser($_SESSION['AuthHash'.$_SESSION['remoteAddr']); + } else { + # Need to refresh permissions and validate that the user still exists + $sql = 'SELECT * FROM Users WHERE Enabled=1 AND Username=?'; + $user = dbFetchOne($sql, NULL, array($_SESSION['username'])); + } } if ( ZM_AUTH_RELAY == 'plain' ) { @@ -368,7 +374,6 @@ if ( ZM_OPT_USE_AUTH ) { $_SESSION['remoteAddr'] = $_SERVER['REMOTE_ADDR']; // To help prevent session hijacking if ( ZM_AUTH_HASH_LOGINS && empty($user) && !empty($_REQUEST['auth']) ) { - if ( $authUser = getAuthUser($_REQUEST['auth']) ) { userLogin($authUser['Username'], $authUser['Password'], true); } From 3be0b774bdbc1b08e0420d27baaa67588b083df5 Mon Sep 17 00:00:00 2001 From: Isaac Connor Date: Thu, 23 May 2019 16:26:21 -0400 Subject: [PATCH 154/922] better error logging --- scripts/zmfilter.pl.in | 11 ++++++++--- 1 file changed, 8 insertions(+), 3 deletions(-) diff --git a/scripts/zmfilter.pl.in b/scripts/zmfilter.pl.in index 9a290ccd8..82e2bfdbb 100644 --- a/scripts/zmfilter.pl.in +++ b/scripts/zmfilter.pl.in @@ -685,6 +685,8 @@ sub substituteTags { my $path = generateImage($Event, $first_alarm_frame); if ( -e $path ) { push @$attachments_ref, { type=>'image/jpeg', path=>$path }; + } else { + Warning("Path to first image does not exist at $path"); } } @@ -697,18 +699,20 @@ sub substituteTags { if ( -e $path ) { push @$attachments_ref, { type=>'image/jpeg', path=>$path }; } else { - Warning("No image for EIM"); + Warning("No image for EIM at $path"); } } } + if ( $text =~ s/%EI1A%//g ) { my $path = generateImage($Event, $first_alarm_frame, 'analyse'); if ( -e $path ) { push @$attachments_ref, { type=>'image/jpeg', path=>$path }; } else { - Warning("No image for EI1A"); + Warning("No image for EI1A at $path"); } } + if ( $text =~ s/%EIMA%//g ) { # Don't attach the same image twice if ( !@$attachments_ref @@ -718,10 +722,11 @@ sub substituteTags { if ( -e $path ) { push @$attachments_ref, { type=>'image/jpeg', path=>$path }; } else { - Warning('No image for EIMA'); + Warning("No image for EIMA at $path"); } } } + if ( $text =~ s/%EIMOD%//g ) { my $path = $Event->Path().'/objdetect.jpg'; if ( -e $path ) { From aa1264f4d2f68f9676e1f35d618074977980ca77 Mon Sep 17 00:00:00 2001 From: Isaac Connor Date: Thu, 23 May 2019 16:26:40 -0400 Subject: [PATCH 155/922] fix missing ] --- web/includes/auth.php | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/web/includes/auth.php b/web/includes/auth.php index 0a0028896..4adfe2112 100644 --- a/web/includes/auth.php +++ b/web/includes/auth.php @@ -359,7 +359,7 @@ if ( ZM_OPT_USE_AUTH ) { if ( ZM_AUTH_HASH_LOGINS ) { # Extra validation, if logged in, then the auth hash will be set in the session, so we can validate it. # This prevent session modification to switch users - $user = getAuthUser($_SESSION['AuthHash'.$_SESSION['remoteAddr']); + $user = getAuthUser($_SESSION['AuthHash'.$_SESSION['remoteAddr']]); } else { # Need to refresh permissions and validate that the user still exists $sql = 'SELECT * FROM Users WHERE Enabled=1 AND Username=?'; From 2fc7b3cf4d69e25fa68d190dd6b052d7fef94077 Mon Sep 17 00:00:00 2001 From: Isaac Connor Date: Fri, 24 May 2019 09:31:48 -0400 Subject: [PATCH 156/922] Don't allow deleting of in-progress recording --- web/includes/Event.php | 29 +++++++++++++++++++++++++++++ web/skins/classic/views/event.php | 6 +++--- 2 files changed, 32 insertions(+), 3 deletions(-) diff --git a/web/includes/Event.php b/web/includes/Event.php index ba4f04e8c..07460a7ec 100644 --- a/web/includes/Event.php +++ b/web/includes/Event.php @@ -664,6 +664,35 @@ class Event { return 0; } # end public function file_size() + public function can_delete() { + if ( $this->Archived() ) { + Logger::Debug("Am archived, can't delete"); + return false; + } + if ( !$this->EndTime() ) { + Logger::Debug("No EndTime can't delete"); + return false; + } + if ( !canEdit('Events') ) { + Logger::Debug("No permission to edit events, can't delete"); + return false; + } + Logger::Debug("Can delete: archived: " . $this->Archived() . " endtime: " . $this->EndTime() ); + + return true; + } + + public function cant_delete_reason() { + if ( $this->Archived() ) { + return 'You cannot delete an archived event. Unarchive it first.'; + } else if ( ! $this->EndTime() ) { + return 'You cannot delete an event while it is being recorded. Wait for it to finish.'; + } else if ( ! canEdit('Events') ) { + return 'You do not have rights to edit Events.'; + } + return 'Unknown reason'; + } + } # end class ?> diff --git a/web/skins/classic/views/event.php b/web/skins/classic/views/event.php index 7feed10df..b09f88acc 100644 --- a/web/skins/classic/views/event.php +++ b/web/skins/classic/views/event.php @@ -132,8 +132,8 @@ if ( ! $Event->Id() ) { Cause()) ?> StartTime() ) ) ?> Length().'s' ?> - ">Frames() ?>/AlarmFrames() ?> - ">TotScore() ?>/AvgScore() ?>/MaxScore() ?> + Frames() ?>/AlarmFrames() ?> + TotScore() ?>/AvgScore() ?>/MaxScore() ?> DiskSpace(null)) . ' on ' . $Event->Storage()->Name() ?>
@@ -146,7 +146,7 @@ if ( ! $Event->Id() ) { -
+
Archived == 1 ? ' class="hidden"' : '' ?>>
Archived == 0 ? ' class="hidden"' : '' ?>>
From 4e51379087258ceb2328ce6960e3ad58edf0cb35 Mon Sep 17 00:00:00 2001 From: Isaac Connor Date: Fri, 24 May 2019 10:00:15 -0400 Subject: [PATCH 157/922] spacing --- web/ajax/status.php | 10 +++++----- 1 file changed, 5 insertions(+), 5 deletions(-) diff --git a/web/ajax/status.php b/web/ajax/status.php index f95f16c8c..804d8e278 100644 --- a/web/ajax/status.php +++ b/web/ajax/status.php @@ -193,7 +193,7 @@ function collectData() { $entitySpec = &$statusData[strtolower(validJsStr($_REQUEST['entity']))]; #print_r( $entitySpec ); if ( !canView( $entitySpec['permission'] ) ) - ajaxError( 'Unrecognised action or insufficient permissions' ); + ajaxError('Unrecognised action or insufficient permissions'); if ( !empty($entitySpec['func']) ) { $data = eval( 'return( '.$entitySpec['func']." );" ); @@ -398,9 +398,9 @@ function getNearEvents() { global $user, $sortColumn, $sortOrder; $eventId = $_REQUEST['id']; - $event = dbFetchOne( 'SELECT * FROM Events WHERE Id=?', NULL, array( $eventId ) ); + $event = dbFetchOne('SELECT * FROM Events WHERE Id=?', NULL, array($eventId)); - parseFilter( $_REQUEST['filter'] ); + parseFilter($_REQUEST['filter']); parseSort(); if ( $user['MonitorIds'] ) @@ -419,8 +419,8 @@ function getNearEvents() { $sql .= ', E.Id DESC'; } $sql .= ' LIMIT 1'; - $result = dbQuery( $sql ); - $prevEvent = dbFetchNext( $result ); + $result = dbQuery($sql); + $prevEvent = dbFetchNext($result); $sql = "SELECT E.Id AS Id, E.StartTime AS StartTime FROM Events AS E INNER JOIN Monitors AS M ON E.MonitorId = M.Id WHERE $sortColumn ".($sortOrder=='asc'?'>=':'<=')." '".$event[$_REQUEST['sort_field']]."'".$_REQUEST['filter']['sql'].$midSql.' AND E.Id>'.$event['Id'] . " ORDER BY $sortColumn $sortOrder"; if ( $sortColumn != 'E.Id' ) { From c02eb2cd46f2a47ca3b3d81e09ef530cb83fb918 Mon Sep 17 00:00:00 2001 From: Isaac Connor Date: Fri, 24 May 2019 10:00:51 -0400 Subject: [PATCH 158/922] spacing --- web/ajax/stream.php | 16 ++++++++-------- 1 file changed, 8 insertions(+), 8 deletions(-) diff --git a/web/ajax/stream.php b/web/ajax/stream.php index 8d5348ca8..f37012e54 100644 --- a/web/ajax/stream.php +++ b/web/ajax/stream.php @@ -35,11 +35,11 @@ if ( sem_acquire($semaphore,1) !== false ) { $msg = pack( 'lcn', MSG_CMD, $_REQUEST['command'], $_REQUEST['rate']+32768 ); break; case CMD_ZOOMIN : - ZM\Logger::Debug( 'Zooming to '.$_REQUEST['x'].",".$_REQUEST['y'] ); + ZM\Logger::Debug( 'Zooming to '.$_REQUEST['x'].','.$_REQUEST['y'] ); $msg = pack( 'lcnn', MSG_CMD, $_REQUEST['command'], $_REQUEST['x'], $_REQUEST['y'] ); break; case CMD_PAN : - ZM\Logger::Debug( 'Panning to '.$_REQUEST['x'].",".$_REQUEST['y'] ); + ZM\Logger::Debug( 'Panning to '.$_REQUEST['x'].','.$_REQUEST['y'] ); $msg = pack( 'lcnn', MSG_CMD, $_REQUEST['command'], $_REQUEST['x'], $_REQUEST['y'] ); break; case CMD_SCALE : @@ -131,7 +131,7 @@ if ( sem_acquire($semaphore,1) !== false ) { $data['auth'] = generateAuthHash(ZM_AUTH_HASH_IPS); } } - ajaxResponse( array( 'status'=>$data ) ); + ajaxResponse(array('status'=>$data)); break; case MSG_DATA_EVENT : if ( version_compare( phpversion(), '5.6.0', '<') ) { @@ -158,16 +158,16 @@ if ( sem_acquire($semaphore,1) !== false ) { sem_release($semaphore); } else { ZM\Logger::Debug("Couldn't get semaphore"); - ajaxResponse( array() ); + ajaxResponse(array()); } ajaxError('Unrecognised action or insufficient permissions in ajax/stream'); function ajaxCleanup() { global $socket, $localSocketFile; - if ( !empty( $socket ) ) - @socket_close( $socket ); - if ( !empty( $localSocketFile ) ) - @unlink( $localSocketFile ); + if ( !empty($socket) ) + @socket_close($socket); + if ( !empty($localSocketFile) ) + @unlink($localSocketFile); } ?> From db9ba7eeabef3c8ced51716dce89909bd5fba58b Mon Sep 17 00:00:00 2001 From: Isaac Connor Date: Fri, 24 May 2019 10:02:15 -0400 Subject: [PATCH 159/922] Add StartDateTime and EndDateTime as Sort options. Fixes #2614 --- web/includes/functions.php | 6 ++++++ 1 file changed, 6 insertions(+) diff --git a/web/includes/functions.php b/web/includes/functions.php index 6b9231019..141dbfea6 100644 --- a/web/includes/functions.php +++ b/web/includes/functions.php @@ -1050,9 +1050,15 @@ function parseSort( $saveToSession=false, $querySep='&' ) { case 'StartTime' : $sortColumn = 'E.StartTime'; break; + case 'StartDateTime' : + $sortColumn = 'E.StartTime'; + break; case 'EndTime' : $sortColumn = 'E.EndTime'; break; + case 'EndDateTime' : + $sortColumn = 'E.EndTime'; + break; case 'Length' : $sortColumn = 'E.Length'; break; From 0a8b7c24dbb39fd9be5bd1e6b4a24b7db55dac7a Mon Sep 17 00:00:00 2001 From: Isaac Connor Date: Fri, 24 May 2019 10:52:31 -0400 Subject: [PATCH 160/922] don't check for alarmed zones to record stats for unless we are alarmed --- src/zm_monitor.cpp | 53 +++++++++++++++++++++++----------------------- 1 file changed, 27 insertions(+), 26 deletions(-) diff --git a/src/zm_monitor.cpp b/src/zm_monitor.cpp index b1a79ac4b..a33ed81e3 100644 --- a/src/zm_monitor.cpp +++ b/src/zm_monitor.cpp @@ -1483,7 +1483,7 @@ bool Monitor::Analyse() { } // end if section_length } // end if event - if ( ! event ) { + if ( !event ) { // Create event event = new Event(this, *timestamp, "Continuous", noteSetMap, videoRecording); @@ -1557,16 +1557,16 @@ bool Monitor::Analyse() { if ( (!pre_event_count) || (Event::PreAlarmCount() >= alarm_frame_count) ) { shared_data->state = state = ALARM; // lets construct alarm cause. It will contain cause + names of zones alarmed - std::string alarm_cause=""; - for ( int i=0; i < n_zones; i++) { - if (zones[i]->Alarmed()) { - alarm_cause = alarm_cause+ ","+ std::string(zones[i]->Label()); + std::string alarm_cause = ""; + for ( int i=0; i < n_zones; i++ ) { + if ( zones[i]->Alarmed() ) { + alarm_cause = alarm_cause + "," + std::string(zones[i]->Label()); } - } - if (!alarm_cause.empty()) alarm_cause[0]=' '; - alarm_cause = cause+alarm_cause; - strncpy(shared_data->alarm_cause,alarm_cause.c_str(), sizeof(shared_data->alarm_cause)-1); - Info("%s: %03d - Gone into alarm state PreAlarmCount: %u > AlarmFrameCount:%u Cause:%s", + } + if ( !alarm_cause.empty() ) alarm_cause[0] = ' '; + alarm_cause = cause + alarm_cause; + strncpy(shared_data->alarm_cause,alarm_cause.c_str(), sizeof(shared_data->alarm_cause)-1); + Info("%s: %03d - Gone into alarm state PreAlarmCount: %u > AlarmFrameCount:%u Cause:%s", name, image_count, Event::PreAlarmCount(), alarm_frame_count, shared_data->alarm_cause); if ( signal_change || (function != MOCORD && state != ALERT) ) { int pre_index; @@ -1633,7 +1633,7 @@ bool Monitor::Analyse() { pre_index = (pre_index + 1)%image_buffer_count; } } - event->AddFrames( pre_event_images, images, timestamps ); + event->AddFrames(pre_event_images, images, timestamps); } if ( alarm_frame_count ) { event->SavePreAlarmFrames(); @@ -1683,17 +1683,16 @@ bool Monitor::Analyse() { if ( state == PREALARM || state == ALARM ) { if ( config.create_analysis_images ) { bool got_anal_image = false; - alarm_image.Assign( *snap_image ); - for( int i = 0; i < n_zones; i++ ) { + alarm_image.Assign(*snap_image); + for ( int i = 0; i < n_zones; i++ ) { if ( zones[i]->Alarmed() ) { if ( zones[i]->AlarmImage() ) { alarm_image.Overlay(*(zones[i]->AlarmImage())); got_anal_image = true; } - if ( config.record_event_stats && state == ALARM ) { + if ( config.record_event_stats && (state == ALARM) ) zones[i]->RecordStats(event); - } - } + } // end if zone is alarmed } // end foreach zone if ( got_anal_image ) { @@ -1708,18 +1707,20 @@ bool Monitor::Analyse() { event->AddFrame(snap_image, *timestamp, score); } } else { - for ( int i = 0; i < n_zones; i++ ) { - if ( zones[i]->Alarmed() ) { - if ( config.record_event_stats && state == ALARM ) { - zones[i]->RecordStats(event); - } - } - } - if ( state == PREALARM ) + // Not doing alarm frame storage + if ( state == PREALARM ) { Event::AddPreAlarmFrame(snap_image, *timestamp, score); - else + } else { event->AddFrame(snap_image, *timestamp, score); - } + if ( config.record_event_stats ) { + for ( int i = 0; i < n_zones; i++ ) { + if ( zones[i]->Alarmed() ) + zones[i]->RecordStats(event); + } + } // end if config.record_event_stats + } + } // end if config.create_analysis_images + if ( event ) { if ( noteSetMap.size() > 0 ) event->updateNotes(noteSetMap); From 3dd5caebcae3626b77b0b61dc8958a21a012341b Mon Sep 17 00:00:00 2001 From: Isaac Connor Date: Fri, 24 May 2019 11:49:27 -0400 Subject: [PATCH 161/922] fix quotes and stop merging lines of options help. Change MaxFPS help to advise against setting a value --- web/lang/en_gb.php | 67 +++++++++++++++++++++++++++------------------- 1 file changed, 39 insertions(+), 28 deletions(-) diff --git a/web/lang/en_gb.php b/web/lang/en_gb.php index cb5037045..e84f0c0b4 100644 --- a/web/lang/en_gb.php +++ b/web/lang/en_gb.php @@ -966,43 +966,54 @@ function zmVlang( $langVarArray, $count ) // So for example, to override the help text for ZM_LANG_DEFAULT do $OLANG = array( 'OPTIONS_FFMPEG' => array( - 'Help' => "Parameters in this field are passed on to FFmpeg. Multiple parameters can be separated by ,~~ ". - "Examples (do not enter quotes)~~~~". - "\"allowed_media_types=video\" Set datatype to request fromcam (audio, video, data)~~~~". - "\"reorder_queue_size=nnn\" Set number of packets to buffer for handling of reordered packets~~~~". - "\"loglevel=debug\" Set verbosity of FFmpeg (quiet, panic, fatal, error, warning, info, verbose, debug)" + 'Help' => ' + Parameters in this field are passed on to FFmpeg. Multiple parameters can be separated by ,~~ + Examples (do not enter quotes)~~~~ + "allowed_media_types=video" Set datatype to request fromcam (audio, video, data)~~~~ + "reorder_queue_size=nnn" Set number of packets to buffer for handling of reordered packets~~~~ + "loglevel=debug" Set verbosity of FFmpeg (quiet, panic, fatal, error, warning, info, verbose, debug) + ' ), 'OPTIONS_RTSPTrans' => array( - 'Help' => "This sets the RTSP Transport Protocol for FFmpeg.~~ ". - "TCP - Use TCP (interleaving within the RTSP control channel) as transport protocol.~~". - "UDP - Use UDP as transport protocol. Higher resolution cameras have experienced some 'smearing' while using UDP, if so try TCP~~". - "UDP Multicast - Use UDP Multicast as transport protocol~~". - "HTTP - Use HTTP tunneling as transport protocol, which is useful for passing proxies.~~" + 'Help' => ' + This sets the RTSP Transport Protocol for FFmpeg.~~ + TCP - Use TCP (interleaving within the RTSP control channel) as transport protocol.~~ + UDP - Use UDP as transport protocol. Higher resolution cameras have experienced some \'smearing\' while using UDP, if so try TCP~~ + UDP Multicast - Use UDP Multicast as transport protocol~~ + HTTP - Use HTTP tunneling as transport protocol, which is useful for passing proxies.~~ + ' ), 'OPTIONS_LIBVLC' => array( - 'Help' => "Parameters in this field are passed on to libVLC. Multiple parameters can be separated by ,~~ ". - "Examples (do not enter quotes)~~~~". - "\"--rtp-client-port=nnn\" Set local port to use for rtp data~~~~". - "\"--verbose=2\" Set verbosity of libVLC" + 'Help' => ' + Parameters in this field are passed on to libVLC. Multiple parameters can be separated by ,~~ + Examples (do not enter quotes)~~~~ + "--rtp-client-port=nnn" Set local port to use for rtp data~~~~ + "--verbose=2" Set verbosity of libVLC + ' ), 'OPTIONS_EXIF' => array( - 'Help' => "Enable this option to embed EXIF data into each jpeg frame." + 'Help' => 'Enable this option to embed EXIF data into each jpeg frame.' ), 'OPTIONS_RTSPDESCRIBE' => array( - 'Help' => "Sometimes, during the initial RTSP handshake, the camera will send an updated media URL. ". - "Enable this option to tell ZoneMinder to use this URL. Disable this option to ignore the ". - "value from the camera and use the value as entered in the monitor configuration~~~~". - "Generally this should be enabled. However, there are cases where the camera can get its". - "own URL incorrect, such as when the camera is streaming through a firewall"), + 'Help' => ' + Sometimes, during the initial RTSP handshake, the camera will send an updated media URL. + Enable this option to tell ZoneMinder to use this URL. Disable this option to ignore the + value from the camera and use the value as entered in the monitor configuration~~~~ + Generally this should be enabled. However, there are cases where the camera can get its + own URL incorrect, such as when the camera is streaming through a firewall + ' + ), 'OPTIONS_MAXFPS' => array( - 'Help' => "This field has certain limitations when used for non-local devices.~~ ". - "Failure to adhere to these limitations will cause a delay in live video, irregular frame skipping, ". - "and missed events~~". - "For streaming IP cameras, do not use this field to reduce the frame rate. Set the frame rate in the". - " camera, instead. You can, however, use a value that is slightly higher than the frame rate in the camera. ". - "In this case, this helps keep the cpu from being overtaxed in the event of a network problem.~~". - "Some, mostly older, IP cameras support snapshot mode. In this case ZoneMinder is actively polling the camera ". - "for new images. In this case, it is safe to use the field." + 'Help' => ' + This field has certain limitations when used for non-local devices.~~ + Failure to adhere to these limitations will cause a delay in live video, irregular frame skipping, + and missed events~~ + For streaming IP cameras, do not use this field to reduce the frame rate. Set the frame rate in the + camera, instead. In the past it was advised to set a value higher than the frame rate of the camera + but this is no longer needed or a good idea. + Some, mostly older, IP cameras support snapshot mode. In this case ZoneMinder is actively polling the camera + for new images. In this case, it is safe to use the field. + ' ), // 'LANG_DEFAULT' => array( From b6747e9b1f53dc8e57f3e963238a43261faad066 Mon Sep 17 00:00:00 2001 From: Isaac Connor Date: Fri, 24 May 2019 11:49:59 -0400 Subject: [PATCH 162/922] spacing --- web/skins/classic/views/monitor.php | 17 +++++++---------- 1 file changed, 7 insertions(+), 10 deletions(-) diff --git a/web/skins/classic/views/monitor.php b/web/skins/classic/views/monitor.php index 8f86cfc04..9ba688e2e 100644 --- a/web/skins/classic/views/monitor.php +++ b/web/skins/classic/views/monitor.php @@ -552,14 +552,14 @@ echo ' Triggers() ) { - foreach( explode( ',', $monitor->Triggers() ) as $newTrigger ) { + foreach( explode(',', $monitor->Triggers()) as $newTrigger ) { ?> Type()!= 'Local') ) { +if ( ZM_HAS_V4L && ($tab != 'source' || $monitor->Type() != 'Local') ) { ?> @@ -701,10 +701,10 @@ switch ( $tab ) { echo htmlSelect( 'newMonitor[StorageId]', $storage_areas, $monitor->StorageId() ); ?> - Type() ); ?> + Type()); ?> +  () - + Type() == 'Local' ) { -  () +  () Exif() ) { ?> checked="checked"/> Type() == 'Local' ) {
- From 2eebdb094c58d199f066ac67fe63924187a45877 Mon Sep 17 00:00:00 2001 From: Isaac Connor Date: Fri, 24 May 2019 11:54:14 -0400 Subject: [PATCH 163/922] move chosen setup to initPage --- web/skins/classic/views/js/monitor.js | 1 + 1 file changed, 1 insertion(+) diff --git a/web/skins/classic/views/js/monitor.js b/web/skins/classic/views/js/monitor.js index ff57b774f..ec8017143 100644 --- a/web/skins/classic/views/js/monitor.js +++ b/web/skins/classic/views/js/monitor.js @@ -73,6 +73,7 @@ function initPage() { return false; } }); + $j('.chosen').chosen(); } // end function initPage() window.addEventListener('DOMContentLoaded', initPage); From e2d56597bf33f6fea9bd533c2a859c1d8c7a49f9 Mon Sep 17 00:00:00 2001 From: Isaac Connor Date: Fri, 24 May 2019 12:40:02 -0400 Subject: [PATCH 164/922] Don't use an onlick inline js to show the caution text --- web/skins/classic/views/js/monitor.js | 25 ++++++++++++++++++++++++- web/skins/classic/views/monitor.php | 10 ++++++++-- 2 files changed, 32 insertions(+), 3 deletions(-) diff --git a/web/skins/classic/views/js/monitor.js b/web/skins/classic/views/js/monitor.js index ec8017143..7456c8c1b 100644 --- a/web/skins/classic/views/js/monitor.js +++ b/web/skins/classic/views/js/monitor.js @@ -68,12 +68,35 @@ function initPage() { // Disable form submit on enter $j('#contentForm input').on('keyup keypress', function(e) { var keyCode = e.keyCode || e.which; - if (keyCode === 13) { + if ( keyCode == 13 ) { e.preventDefault(); return false; } }); + + document.querySelectorAll('input[name="newMonitor[MaxFPS]"]').forEach(function(el) { + el.oninput = el.onclick = function(e) { + if ( e.target.value ) { + console.log('showing'); + $j('#newMonitor\\[MaxFPS\\]').show(); + } else { + $j('#newMonitor\\[MaxFPS\\]').hide(); + } + }; + }); + document.querySelectorAll('input[name="newMonitor[AlarmMaxFPS]"]').forEach(function(el) { + el.oninput = el.onclick = function(e) { + if ( e.target.value ) { + console.log('showing'); + $j('#newMonitor\\[AlarmMaxFPS\\]').show(); + } else { + $j('#newMonitor\\[AlarmMaxFPS\\]').hide(); + } + }; + }); + $j('.chosen').chosen(); + } // end function initPage() window.addEventListener('DOMContentLoaded', initPage); diff --git a/web/skins/classic/views/monitor.php b/web/skins/classic/views/monitor.php index 9ba688e2e..c70893778 100644 --- a/web/skins/classic/views/monitor.php +++ b/web/skins/classic/views/monitor.php @@ -745,11 +745,17 @@ echo htmlOptions(ZM\Group::get_dropdown_options( ), $monitor->GroupIds() ); ?>  () - + + + CAUTION: See the help text +  () - + + + CAUTION: See the help text + Date: Fri, 24 May 2019 13:45:48 -0400 Subject: [PATCH 165/922] Fix superfast playback after replay --- src/zm_eventstream.cpp | 10 ++++++---- 1 file changed, 6 insertions(+), 4 deletions(-) diff --git a/src/zm_eventstream.cpp b/src/zm_eventstream.cpp index e69185858..a2dd02ac0 100644 --- a/src/zm_eventstream.cpp +++ b/src/zm_eventstream.cpp @@ -800,7 +800,7 @@ void EventStream::runStream() { // commands may set send_frame to true while ( checkCommandQueue() && !zm_terminate ) { // The idea is to loop here processing all commands before proceeding. - Debug(1, "Have command queue"); + Debug(1, "Have command queue"); } Debug(1, "Done command queue"); @@ -903,16 +903,18 @@ Debug(3,"cur_frame_id (%d-1) mod frame_mod(%d)",curr_frame_id, frame_mod); if ( !paused ) { // +/- 1? What if we are skipping frames? curr_frame_id += (replay_rate>0) ? frame_mod : -1*frame_mod; + // sending the frame may have taken some time, so reload now + gettimeofday(&now, NULL); + uint64_t now_usec = (now.tv_sec * 1000000 + now.tv_usec); if ( (mode == MODE_SINGLE) && ((unsigned int)curr_frame_id == event_data->frame_count) ) { Debug(2, "Have mode==MODE_SINGLE and at end of event, looping back to start"); curr_frame_id = 1; + // Have to reset start_usec to now when replaying + start_usec = now_usec; } frame_data = &event_data->frames[curr_frame_id-1]; - // sending the frame may have taken some time, so reload now - gettimeofday(&now, NULL); - uint64_t now_usec = (now.tv_sec * 1000000 + now.tv_usec); // frame_data->delta is the time since last frame as a float in seconds // but what if we are skipping frames? We need the distance from the last frame sent // Also, what about reverse? needs to be absolute value From 34370e0060476eb565112c1c42f2e749a28d70b0 Mon Sep 17 00:00:00 2001 From: Isaac Connor Date: Fri, 24 May 2019 13:47:07 -0400 Subject: [PATCH 166/922] test for error code from db creation and if there is an error, die with an error code. (#2611) --- distros/debian/postinst | 4 ++++ distros/ubuntu1204/zoneminder.postinst | 4 ++++ distros/ubuntu1604/zoneminder.postinst | 4 ++++ 3 files changed, 12 insertions(+) diff --git a/distros/debian/postinst b/distros/debian/postinst index 3cd3fd277..36472436a 100644 --- a/distros/debian/postinst +++ b/distros/debian/postinst @@ -31,6 +31,10 @@ if [ "$1" = "configure" ]; then # test if database if already present... if ! $(echo quit | mysql --defaults-file=/etc/mysql/debian.cnf zm > /dev/null 2> /dev/null) ; then cat /usr/share/zoneminder/db/zm_create.sql | mysql --defaults-file=/etc/mysql/debian.cnf + if [ $? -ne 0 ]; then + echo "Error creating db." + exit 1; + fi # This creates the user. echo "grant lock tables, alter,select,insert,update,delete,create,index on ${ZM_DB_NAME}.* to '${ZM_DB_USER}'@localhost identified by \"${ZM_DB_PASS}\";" | mysql --defaults-file=/etc/mysql/debian.cnf mysql else diff --git a/distros/ubuntu1204/zoneminder.postinst b/distros/ubuntu1204/zoneminder.postinst index ef715375b..603786ff6 100644 --- a/distros/ubuntu1204/zoneminder.postinst +++ b/distros/ubuntu1204/zoneminder.postinst @@ -34,6 +34,10 @@ if [ "$1" = "configure" ]; then # test if database if already present... if ! $(echo quit | mysql --defaults-file=/etc/mysql/debian.cnf zm > /dev/null 2> /dev/null) ; then cat /usr/share/zoneminder/db/zm_create.sql | mysql --defaults-file=/etc/mysql/debian.cnf + if [ $? -ne 0 ]; then + echo "Error creating db." + exit 1; + fi # This creates the user. echo "grant lock tables, alter,drop,select,insert,update,delete,create,index,alter routine,create routine, trigger,execute on ${ZM_DB_NAME}.* to '${ZM_DB_USER}'@localhost identified by \"${ZM_DB_PASS}\";" | mysql --defaults-file=/etc/mysql/debian.cnf mysql else diff --git a/distros/ubuntu1604/zoneminder.postinst b/distros/ubuntu1604/zoneminder.postinst index ffde50283..d3983950b 100644 --- a/distros/ubuntu1604/zoneminder.postinst +++ b/distros/ubuntu1604/zoneminder.postinst @@ -56,6 +56,10 @@ if [ "$1" = "configure" ]; then if ! $(echo quit | mysql --defaults-file=/etc/mysql/debian.cnf zm > /dev/null 2> /dev/null) ; then echo "Creating zm db" cat /usr/share/zoneminder/db/zm_create.sql | mysql --defaults-file=/etc/mysql/debian.cnf + if [ $? -ne 0 ]; then + echo "Error creating db." + exit 1; + fi # This creates the user. echo "grant lock tables,alter,drop,select,insert,update,delete,create,index,alter routine,create routine, trigger,execute on ${ZM_DB_NAME}.* to '${ZM_DB_USER}'@localhost identified by \"${ZM_DB_PASS}\";" | mysql --defaults-file=/etc/mysql/debian.cnf mysql else From fc27393a96ac4ae3e622c0a664df9d7dbe5d25fb Mon Sep 17 00:00:00 2001 From: Pliable Pixels Date: Fri, 24 May 2019 13:48:40 -0400 Subject: [PATCH 167/922] Replace MySQL Password() with bcrypt, allow for alternate JWT tokens (#2598) * added sha1 and bcrypt submodules * added bcrypt and sha to src build process * added test sha1 and bcrypt code to validate working * bcrypt auth migration in PHP land * added include path * add sha source * added bcrypt to others * put link_dir ahead of add_executable * fixed typo * try add_library instead * absolute path * absolute path * build bcrypt as static * move to wrapper * move to fork * logs tweak * added lib-ssl/dev for JWT signing * Moved to openSSL SHA1, initial JWT plugin * removed vog * fixed SHA1 algo * typo * use php-jwt, use proper way to add PHP modules, via composer * fixed module path * first attempt to fix cast error * own fork * own fork * add composer vendor directory * go back to jwt-cpp as PR merged * moved to jwt-cpp after PR merge * New token= query for JWT * Add JWT token creation, move old code to a different function for future deprecation, simplified code for ZM_XX parameter reading * JWT integration, validate JWT token via validateToken * added token validation to zms/zmu/zmuser * add token to command line for zmu * move decode inside try/catch * exception handling for try/catch * fix db read, forgot to exec query * remove allowing auth_hash_ip for token * support refresh tokens as well for increased security * remove auth_hash_ip * Error out if used did not create an AUTH_HASH_SECRET * fixed type conversion * make sure refresh token login doesn't generate another refresh token * fix absolute path * move JWT/Bcrypt inside zm_crypt * move sha headers out * move out sha header * handle case when supplied password is hashed, fix wrong params in AppController * initial baby step for api tab * initial plumbing to introduce token expiry and API bans per user * remove M typo * display user table in api * added revoke all tokens code, removed test code * use strtoul for conversion * use strtoul for conversion * use strtoul for conversion * more fixes * more fixes * add mintokenexpiry to DB seek * typo * add ability to revoke tokens and enable/disable APIs per user * moved API enable back to system * comma * enable API options only if API enabled * move user creation to bcrypt * added password_compat for PHP >=5.3 <5.5 * add Password back so User object indexes don't change * move token index after adding password * demote logs * make old API auth optional, on by default * make old API auth mechanism optional * removed stale code * forgot to checkin update file * bulk overlay hash mysql encoded passwords * add back ssl_dev, got deleted * fix update script * added token support to index.php * reworked API document for new changes in 2.0 * Migrate from libdigest to crypt-eks-blowfish due to notice * merge typo * css classess for text that disappear * fixed html typo * added deps to ubuntu control files * spaces * removed extra line * when regenerating using refresh tokens, username needs to be derived from the refresh token, as no session would exist * add libssl1.0.0 for ubuntu 16/12 * small API fixes * clean up of API, remove redundant sections * moved to ZM fork for bcrypt * whitespace and google code style * regenerate auth hash if doing password migration * dont need AUTH HASH LOGIN to be on * Add auth hash verification to the user logged in already case * fix missing ] * reject requests if per user API disabled --- .gitmodules | 6 + CMakeLists.txt | 7 + db/zm_create.sql.in | 2 + db/zm_update-1.33.9.sql | 27 ++ distros/debian/control | 5 + distros/ubuntu1204/control | 11 +- distros/ubuntu1604/control | 6 + docs/api.rst | 366 +++++++++----- .../lib/ZoneMinder/ConfigData.pm.in | 11 + scripts/zmupdate.pl.in | 23 + src/CMakeLists.txt | 12 +- src/zm_crypt.cpp | 117 +++++ src/zm_crypt.h | 31 ++ src/zm_user.cpp | 107 ++++- src/zm_user.h | 1 + src/zms.cpp | 14 +- src/zmu.cpp | 15 +- third_party/bcrypt | 1 + third_party/jwt-cpp | 1 + version | 2 +- web/.gitignore | 2 +- web/CMakeLists.txt | 2 +- web/api/app/Controller/AppController.php | 43 +- web/api/app/Controller/HostController.php | 174 +++++-- web/composer.json | 6 + web/composer.lock | 106 +++++ web/includes/actions/options.php | 1 + web/includes/actions/user.php | 29 +- web/includes/auth.php | 229 ++++++++- web/lang/en_gb.php | 4 + web/skins/classic/css/base/skin.css | 43 ++ web/skins/classic/views/options.php | 90 +++- web/vendor/autoload.php | 7 + web/vendor/composer/ClassLoader.php | 445 ++++++++++++++++++ web/vendor/composer/LICENSE | 56 +++ web/vendor/composer/autoload_classmap.php | 9 + web/vendor/composer/autoload_files.php | 10 + web/vendor/composer/autoload_namespaces.php | 9 + web/vendor/composer/autoload_psr4.php | 10 + web/vendor/composer/autoload_real.php | 70 +++ web/vendor/composer/autoload_static.php | 35 ++ web/vendor/composer/installed.json | 94 ++++ web/vendor/firebase/php-jwt/LICENSE | 30 ++ web/vendor/firebase/php-jwt/README.md | 200 ++++++++ web/vendor/firebase/php-jwt/composer.json | 29 ++ .../php-jwt/src/BeforeValidException.php | 7 + .../firebase/php-jwt/src/ExpiredException.php | 7 + web/vendor/firebase/php-jwt/src/JWT.php | 379 +++++++++++++++ .../php-jwt/src/SignatureInvalidException.php | 7 + .../ircmaxell/password-compat/LICENSE.md | 7 + .../ircmaxell/password-compat/composer.json | 20 + .../password-compat/lib/password.php | 314 ++++++++++++ .../password-compat/version-test.php | 6 + 53 files changed, 3000 insertions(+), 245 deletions(-) create mode 100644 db/zm_update-1.33.9.sql create mode 100644 src/zm_crypt.cpp create mode 100644 src/zm_crypt.h create mode 160000 third_party/bcrypt create mode 160000 third_party/jwt-cpp create mode 100644 web/composer.json create mode 100644 web/composer.lock create mode 100644 web/vendor/autoload.php create mode 100644 web/vendor/composer/ClassLoader.php create mode 100644 web/vendor/composer/LICENSE create mode 100644 web/vendor/composer/autoload_classmap.php create mode 100644 web/vendor/composer/autoload_files.php create mode 100644 web/vendor/composer/autoload_namespaces.php create mode 100644 web/vendor/composer/autoload_psr4.php create mode 100644 web/vendor/composer/autoload_real.php create mode 100644 web/vendor/composer/autoload_static.php create mode 100644 web/vendor/composer/installed.json create mode 100644 web/vendor/firebase/php-jwt/LICENSE create mode 100644 web/vendor/firebase/php-jwt/README.md create mode 100644 web/vendor/firebase/php-jwt/composer.json create mode 100644 web/vendor/firebase/php-jwt/src/BeforeValidException.php create mode 100644 web/vendor/firebase/php-jwt/src/ExpiredException.php create mode 100644 web/vendor/firebase/php-jwt/src/JWT.php create mode 100644 web/vendor/firebase/php-jwt/src/SignatureInvalidException.php create mode 100644 web/vendor/ircmaxell/password-compat/LICENSE.md create mode 100644 web/vendor/ircmaxell/password-compat/composer.json create mode 100644 web/vendor/ircmaxell/password-compat/lib/password.php create mode 100644 web/vendor/ircmaxell/password-compat/version-test.php diff --git a/.gitmodules b/.gitmodules index eb0e282a2..b64d78997 100644 --- a/.gitmodules +++ b/.gitmodules @@ -5,3 +5,9 @@ [submodule "web/api/app/Plugin/CakePHP-Enum-Behavior"] path = web/api/app/Plugin/CakePHP-Enum-Behavior url = https://github.com/ZoneMinder/CakePHP-Enum-Behavior.git +[submodule "third_party/bcrypt"] + path = third_party/bcrypt + url = https://github.com/ZoneMinder/libbcrypt +[submodule "third_party/jwt-cpp"] + path = third_party/jwt-cpp + url = https://github.com/Thalhammer/jwt-cpp diff --git a/CMakeLists.txt b/CMakeLists.txt index 9646ffc3e..0973f8726 100644 --- a/CMakeLists.txt +++ b/CMakeLists.txt @@ -870,6 +870,13 @@ include(Pod2Man) ADD_MANPAGE_TARGET() # Process subdirectories + +# build a bcrypt static library +set(BUILD_SHARED_LIBS_SAVED "${BUILD_SHARED_LIBS}") +set(BUILD_SHARED_LIBS OFF) +add_subdirectory(third_party/bcrypt) +set(BUILD_SHARED_LIBS "${BUILD_SHARED_LIBS_SAVED}") + add_subdirectory(src) add_subdirectory(scripts) add_subdirectory(db) diff --git a/db/zm_create.sql.in b/db/zm_create.sql.in index a5f5cb70c..557745ab9 100644 --- a/db/zm_create.sql.in +++ b/db/zm_create.sql.in @@ -640,6 +640,8 @@ CREATE TABLE `Users` ( `System` enum('None','View','Edit') NOT NULL default 'None', `MaxBandwidth` varchar(16), `MonitorIds` text, + `TokenMinExpiry` BIGINT UNSIGNED NOT NULL DEFAULT 0, + `APIEnabled` tinyint(3) UNSIGNED NOT NULL default 1, PRIMARY KEY (`Id`), UNIQUE KEY `UC_Username` (`Username`) ) ENGINE=@ZM_MYSQL_ENGINE@; diff --git a/db/zm_update-1.33.9.sql b/db/zm_update-1.33.9.sql new file mode 100644 index 000000000..e0d289ba4 --- /dev/null +++ b/db/zm_update-1.33.9.sql @@ -0,0 +1,27 @@ +-- +-- Add per user API enable/disable and ability to set a minimum issued time for tokens +-- + +SET @s = (SELECT IF( + (SELECT COUNT(*) FROM INFORMATION_SCHEMA.COLUMNS WHERE table_schema = DATABASE() + AND table_name = 'Users' + AND column_name = 'TokenMinExpiry' + ) > 0, +"SELECT 'Column TokenMinExpiry already exists in Users'", +"ALTER TABLE Users ADD `TokenMinExpiry` BIGINT UNSIGNED NOT NULL DEFAULT 0 AFTER `MonitorIds`" +)); + +PREPARE stmt FROM @s; +EXECUTE stmt; + +SET @s = (SELECT IF( + (SELECT COUNT(*) FROM INFORMATION_SCHEMA.COLUMNS WHERE table_schema = DATABASE() + AND table_name = 'Users' + AND column_name = 'APIEnabled' + ) > 0, +"SELECT 'Column APIEnabled already exists in Users'", +"ALTER TABLE Users ADD `APIEnabled` tinyint(3) UNSIGNED NOT NULL default 1 AFTER `TokenMinExpiry`" +)); + +PREPARE stmt FROM @s; +EXECUTE stmt; diff --git a/distros/debian/control b/distros/debian/control index 4c23ab367..3296b88c3 100644 --- a/distros/debian/control +++ b/distros/debian/control @@ -26,6 +26,8 @@ Build-Depends: debhelper (>= 9), cmake , libdata-dump-perl, libclass-std-fast-perl, libsoap-wsdl-perl, libio-socket-multicast-perl, libdigest-sha-perl , libsys-cpu-perl, libsys-meminfo-perl , libdata-uuid-perl + , libssl-dev + , libcrypt-eksblowfish-perl, libdata-entropy-perl Standards-Version: 3.9.4 Package: zoneminder @@ -51,6 +53,9 @@ Depends: ${shlibs:Depends}, ${misc:Depends}, ${perl:Depends} , zip , libvlccore5 | libvlccore7 | libvlccore8, libvlc5 , libpolkit-gobject-1-0, php5-gd + , libssl + ,libcrypt-eksblowfish-perl, libdata-entropy-perl + Recommends: mysql-server | mariadb-server Description: Video camera security and surveillance solution ZoneMinder is intended for use in single or multi-camera video security diff --git a/distros/ubuntu1204/control b/distros/ubuntu1204/control index f1756c5e8..9e54e2aa3 100644 --- a/distros/ubuntu1204/control +++ b/distros/ubuntu1204/control @@ -23,6 +23,9 @@ Build-Depends: debhelper (>= 9), python-sphinx | python3-sphinx, apache2-dev, dh ,libsys-mmap-perl [!hurd-any] ,libwww-perl ,libdata-uuid-perl + ,libssl-dev + ,libcrypt-eksblowfish-perl + ,libdata-entropy-perl # Unbundled (dh_linktree): ,libjs-jquery ,libjs-mootools @@ -63,8 +66,12 @@ Depends: ${shlibs:Depends}, ${misc:Depends}, ${perl:Depends} ,policykit-1 ,rsyslog | system-log-daemon ,zip - ,libdata-dump-perl, libclass-std-fast-perl, libsoap-wsdl-perl, libio-socket-multicast-perl, libdigest-sha-perl - , libsys-cpu-perl, libsys-meminfo-perl + ,libdata-dump-perl, libclass-std-fast-perl, libsoap-wsdl-perl + ,libio-socket-multicast-perl, libdigest-sha-perl + ,libsys-cpu-perl, libsys-meminfo-perl + ,libssl | libssl1.0.0 + ,libcrypt-eksblowfish-perl + ,libdata-entropy-perl Recommends: ${misc:Recommends} ,libapache2-mod-php5 | php5-fpm ,mysql-server | virtual-mysql-server diff --git a/distros/ubuntu1604/control b/distros/ubuntu1604/control index 415f54c9f..30451f7e1 100644 --- a/distros/ubuntu1604/control +++ b/distros/ubuntu1604/control @@ -30,6 +30,9 @@ Build-Depends: debhelper (>= 9), dh-systemd, python-sphinx | python3-sphinx, apa ,libsys-mmap-perl [!hurd-any] ,libwww-perl ,libdata-uuid-perl + ,libssl-dev + ,libcrypt-eksblowfish-perl + ,libdata-entropy-perl # Unbundled (dh_linktree): ,libjs-jquery ,libjs-mootools @@ -76,6 +79,9 @@ Depends: ${shlibs:Depends}, ${misc:Depends}, ${perl:Depends} ,rsyslog | system-log-daemon ,zip ,libpcre3 + ,libssl | libssl1.0.0 + ,libcrypt-eksblowfish-perl + ,libdata-entropy-perl Recommends: ${misc:Recommends} ,libapache2-mod-php5 | libapache2-mod-php | php5-fpm | php-fpm ,mysql-server | mariadb-server | virtual-mysql-server diff --git a/docs/api.rst b/docs/api.rst index 2f90b7fdf..177678977 100644 --- a/docs/api.rst +++ b/docs/api.rst @@ -1,10 +1,12 @@ + API ==== -This document will provide an overview of ZoneMinder's API. This is work in progress. +This document will provide an overview of ZoneMinder's API. Overview ^^^^^^^^ + In an effort to further 'open up' ZoneMinder, an API was needed. This will allow quick integration with and development of ZoneMinder. @@ -12,178 +14,178 @@ The API is built in CakePHP and lives under the ``/api`` directory. It provides a RESTful service and supports CRUD (create, retrieve, update, delete) functions for Monitors, Events, Frames, Zones and Config. -Streaming Interface -^^^^^^^^^^^^^^^^^^^ -Developers working on their application often ask if there is an "API" to receive live streams, or recorded event streams. -It is possible to stream both live and recorded streams. This isn't strictly an "API" per-se (that is, it is not integrated -into the Cake PHP based API layer discussed here) and also why we've used the term "Interface" instead of an "API". +API evolution +^^^^^^^^^^^^^^^ -Live Streams -~~~~~~~~~~~~~~ -What you need to know is that if you want to display "live streams", ZoneMinder sends you streaming JPEG images (MJPEG) -which can easily be rendered in a browser using an ``img src`` tag. +The ZoneMinder API has evolved over time. Broadly speaking the iterations were as follows: -For example: +* Prior to version 1.29, there really was no API layer. Users had to use the same URLs that the web console used to 'mimic' operations, or use an XML skin +* Starting version 1.29, a v1.0 CakePHP based API was released which continues to evolve over time. From a security perspective, it still tied into ZM auth and required client cookies for many operations. Primarily, two authentication modes were offered: + * You use cookies to maintain session state (`ZM_SESS_ID`) + * You use an authentication hash to validate yourself, which included encoding personal information and time stamps which at times caused timing validation issues, especially for mobile consumers +* Starting version 1.34, ZoneMinder has introduced a new "token" based system which is based JWT. We have given it a '2.0' version ID. These tokens don't encode any personal data and can be statelessly passed around per request. It introduces concepts like access tokens, refresh tokens and per user level API revocation to manage security better. The internal components of ZoneMinder all support this new scheme now and if you are using the APIs we strongly recommend you migrate to 1.34 and use this new token system (as a side note, 1.34 also moves from MYSQL PASSWORD to Bcrypt for passwords, which is also a good reason why you should migate). +* Note that as of 1.34, both versions of API access will work (tokens and the older auth hash mechanism). -:: +.. NOTE:: + For the rest of the document, we will specifically highlight v2.0 only features. If you don't see a special mention, assume it applies for both API versions. - - -will display a live feed from monitor id 1, scaled down by 50% in quality and resized to 640x480px. - -* This assumes ``/zm/cgi-bin`` is your CGI_BIN path. Change it to what is correct in your system -* The "auth" token you see above is required if you use ZoneMinder authentication. To understand how to get the auth token, please read the "Login, Logout & API security" section below. -* The "connkey" parameter is essentially a random number which uniquely identifies a stream. If you don't specify a connkey, ZM will generate its own. It is recommended to generate a connkey because you can then use it to "control" the stream (pause/resume etc.) -* Instead of dealing with the "auth" token, you can also use ``&user=username&pass=password`` where "username" and "password" are your ZoneMinder username and password respectively. Note that this is not recommended because you are transmitting them in a URL and even if you use HTTPS, they may show up in web server logs. - - -PTZ on live streams -------------------- -PTZ commands are pretty cryptic in ZoneMinder. This is not meant to be an exhaustive guide, but just something to whet your appetite: - - -Lets assume you have a monitor, with ID=6. Let's further assume you want to pan it left. - -You'd need to send a: -``POST`` command to ``https://yourserver/zm/index.php`` with the following data payload in the command (NOT in the URL) - -``view=request&request=control&id=6&control=moveConLeft&xge=30&yge=30`` - -Obviously, if you are using authentication, you need to be logged in for this to work. - -Like I said, at this stage, this is only meant to get you started. Explore the ZoneMinder code and use "Inspect source" as you use PTZ commands in the ZoneMinder source code. -`control_functions.php `__ is a great place to start. - - -Pre-recorded (past event) streams -~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~ - -Similar to live playback, if you have chosen to store events in JPEG mode, you can play it back using: - -:: - - - - -* This assumes ``/zm/cgi-bin`` is your CGI_BIN path. Change it to what is correct in your system -* This will playback event 293820, starting from frame 1 as an MJPEG stream -* Like before, you can add more parameters like ``scale`` etc. -* auth and connkey have the same meaning as before, and yes, you can replace auth by ``&user=usename&pass=password`` as before and the same security concerns cited above apply. - -If instead, you have chosen to use the MP4 (Video) storage mode for events, you can directly play back the saved video file: - -:: - - - -* This will play back the video recording for event 294690 - -What other parameters are supported? -~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~ -The best way to answer this question is to play with ZoneMinder console. Open a browser, play back live or recorded feed, and do an "Inspect Source" to see what parameters -are generated. Change and observe. Enabling API -^^^^^^^^^^^^ -A default ZoneMinder installs with APIs enabled. You can explictly enable/disable the APIs -via the Options->System menu by enabling/disabling ``OPT_USE_API``. Note that if you intend -to use APIs with 3rd party apps, such as zmNinja or others that use APIs, you should also -enable ``AUTH_HASH_LOGINS``. +^^^^^^^^^^^^^ -Login, Logout & API Security -^^^^^^^^^^^^^^^^^^^^^^^^^^^^^ -The APIs tie into ZoneMinder's existing security model. This means if you have -OPT_AUTH enabled, you need to log into ZoneMinder using the same browser you plan to -use the APIs from. If you are developing an app that relies on the API, you need -to do a POST login from the app into ZoneMinder before you can access the API. +ZoneMinder comes with APIs enabled. To check if APIs are enabled, visit ``Options->System``. If ``OPT_USE_API`` is enabled, your APIs are active. +For v2.0 APIs, you have an additional option right below it - ``OPT_USE_LEGACY_API_AUTH`` which is enabled by default. When enabled, the `login.json` API (discussed later) will return both the old style (``auth=``) and new style (``token=``) credentials. The reason this is enabled by default is because any existing apps that use the API would break if they were not updated to use v2.0. (Note that zmNinja 1.3.057 and beyond will support tokens) -Then, you need to re-use the authentication information of the login (returned as cookie states) -with subsequent APIs for the authentication information to flow through to the APIs. +Enabling secret key +^^^^^^^^^^^^^^^^^^^ -This means if you plan to use cuRL to experiment with these APIs, you first need to login: +* It is **important** that you create a "Secret Key". This needs to be a set of hard to guess characters, that only you know. ZoneMinder does not create a key for you. It is your responsibility to create it. If you haven't created one already, please do so by going to ``Options->Systems`` and populating ``AUTH_HASH_SECRET``. Don't forget to save. +* If you plan on using V2.0 token based security, **it is mandatory to populate this secret key**, as it is used to sign the token. If you don't, token authentication will fail. V1.0 did not mandate this requirement. -**Login process for ZoneMinder v1.32.0 and above** + +Getting an API key +^^^^^^^^^^^^^^^^^^^^^^^ + +To get an API key: :: - curl -XPOST -d "user=XXXX&pass=YYYY" -c cookies.txt http://yourzmip/zm/api/host/login.json + curl -XPOST [-c cookies.txt] -d "user=yourusername&pass=yourpassword" https://yourserver/zm/api/host/login.json -Staring ZM 1.32.0, you also have a `logout` API that basically clears your session. It looks like this: + +The ``[-c cookies.txt]`` is optional, and will be explained in the next section. + +This returns a payload like this for API v1.0: :: - curl -b cookies.txt http://yourzmip/zm/api/host/logout.json + { + "credentials": "auth=05f3a50e8f7063", + "append_password": 0, + "version": "1.33.9", + "apiversion": "1.0" + } - -**Login process for older versions of ZoneMinder** +Or for API 2.0: :: - curl -d "username=XXXX&password=YYYY&action=login&view=console" -c cookies.txt http://yourzmip/zm/index.php + { + "access_token": "eyJ0eXAiOiJKHE", + "access_token_expires": 3600, + "refresh_token": "eyJ0eXAiOimPs", + "refresh_token_expires": 86400, + "credentials": "auth=05f3a50e8f7063", # only if OPT_USE_LEGACY_API_AUTH is enabled + "append_password": 0, # only if OPT_USE_LEGACY_API_AUTH is enabled + "version": "1.33.9", + "apiversion": "2.0" + } -The equivalent logout process for older versions of ZoneMinder is: +Using these keys with subsequent requests +^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^ + +Once you have the keys (a.k.a credentials (v1.0, v2.0) or token (v2.0)) you should now supply that key to subsequent API calls like this: :: - curl -XPOST -d "username=XXXX&password=YYYY&action=logout&view=console" -b cookies.txt http://yourzmip/zm/index.php + # RECOMMENDED: v2.0 token based + curl -XPOST https://yourserver/zm/api/monitors.json&token= -replacing *XXXX* and *YYYY* with your username and password, respectively. + # or -Please make sure you do this in a directory where you have write permissions, otherwise cookies.txt will not be created -and the command will silently fail. + # v1.0 or 2.0 based API access (will only work if AUTH_HASH_LOGINS is enabled) + curl -XPOST -d "auth=" https://yourserver/zm/api/monitors.json + + # or + + curl -XGET https://yourserver/zm/api/monitors.json&auth= + + # or, if you specified -c cookies.txt in the original login request + + curl -b cookies.txt -XGET https://yourserver/zm/api/monitors.json -What the "-c cookies.txt" does is store a cookie state reflecting that you have logged into ZM. You now need -to apply that cookie state to all subsequent APIs. You do that by using a '-b cookies.txt' to subsequent APIs if you are -using CuRL like so: +.. NOTE:: + ZoneMinder's API layer allows API keys to be encoded either as a query parameter or as a data payload. If you don't pass keys, you could use cookies (not recommended as a general approach) + + +Key lifetime (v1.0) +^^^^^^^^^^^^^^^^^^^^^ + +If you are using the old credentials mechanism present in v1.0, then the credentials will time out based on PHP session timeout (if you are using cookies), or the value of ``AUTH_HASH_TTL`` (if you are using ``auth=`` and have enabled ``AUTH_HASH_LOGINS``) which defaults to 2 hours. Note that there is no way to look at the hash and decipher how much time is remaining. So it is your responsibility to record the time you got the hash and assume it was generated at the time you got it and re-login before that time expires. + +Key lifetime (v2.0) +^^^^^^^^^^^^^^^^^^^^^^ + +In version 2.0, it is easy to know when a key will expire before you use it. You can find that out from the ``access_token_expires`` and ``refresh_token_exipres`` values (in seconds) after you decode the JWT key (there are JWT decode libraries for every language you want). You should refresh the keys before the timeout occurs, or you will not be able to use the APIs. + +Understanding access/refresh tokens (v2.0) +^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^ + +If you are using V2.0, then you need to know how to use these tokens effectively: + +* Access tokens are short lived. ZoneMinder issues access tokens that live for 3600 seconds (1 hour). +* Access tokens should be used for all subsequent API accesses. +* Refresh tokens should ONLY be used to generate new access tokens. For example, if an access token lives for 1 hour, before the hour completes, invoke the ``login.json`` API above with the refresh token to get a new access token. ZoneMinder issues refresh tokens that live for 24 hours. +* To generate a new refresh token before 24 hours are up, you will need to pass your user login and password to ``login.json`` + +**To Summarize:** + +* Pass your ``username`` and ``password`` to ``login.json`` only once in 24 hours to renew your tokens +* Pass your "refresh token" to ``login.json`` once in two hours (or whatever you have set the value of ``AUTH_HASH_TTL`` to) to renew your ``access token`` +* Use your ``access token`` for all API invocations. + +In fact, V2.0 will reject your request (if it is not to ``login.json``) if it comes with a refresh token instead of an access token to discourage usage of this token when it should not be used. + +This minimizes the amount of sensitive data that is sent over the wire and the lifetime durations are made so that if they get compromised, you can regenerate or invalidate them (more on this later) + +Understanding key security +^^^^^^^^^^^^^^^^^^^^^^^^^^^^ + +* Version 1.0 uses an MD5 hash to generate the credentials. The hash is computed over your secret key (if available), username, password and some time parameters (along with remote IP if enabled). This is not a secure/recommended hashing mechanism. If your auth hash is compromised, an attacker will be able to use your hash till it expires. To avoid this, you could disable the user in ZoneMinder. Furthermore, enabling remote IP (``AUTH_HASH_REMOTE_IP``) requires that you issue future requests from the same IP that generated the tokens. While this may be considered an additional layer for security, this can cause issues with mobile devices. + +* Version 2.0 uses a different approach. The hash is a simple base64 encoded form of "claims", but signed with your secret key. Consider for example, the following access key: :: - curl -b cookies.txt http://yourzmip/zm/api/monitors.json + eyJ0eXAiOiJKV1QiLCJhbGciOiJIUzI1NiJ9.eyJpc3MiOiJab25lTWluZGVyIiwiaWF0IjoxNTU3OTQwNzUyLCJleHAiOjE1NTc5NDQzNTIsInVzZXIiOiJhZG1pbiIsInR5cGUiOiJhY2Nlc3MifQ.-5VOcpw3cFHiSTN5zfGDSrrPyVya1M8_2Anh5u6eNlI -This would return a list of monitors and pass on the authentication information to the ZM API layer. - -A deeper dive into the login process -^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^ - -As you might have seen above, there are two ways to login, one that uses the `login.json` API and the other that logs in using the ZM portal. If you are running ZoneMinder 1.32.0 and above, it is *strongly* recommended you use the `login.json` approach. The "old" approach will still work but is not as powerful as the API based login. Here are the reasons why: - - * The "old" approach basically uses the same login webpage (`index.php`) that a user would log into when viewing the ZM console. This is not really using an API and more importantly, if you have additional components like reCAPTCHA enabled, this will not work. Using the API approach is much cleaner and will work irrespective of reCAPTCHA - - * The new login API returns important information that you can use to stream videos as well, right after login. Consider for example, a typical response to the login API (`/login.json`): +If you were to use any `JWT token verifier `__ it can easily decode that token and will show: :: - { - "credentials": "auth=f5b9cf48693fe8552503c8ABCD5", - "append_password": 0, - "version": "1.31.44", - "apiversion": "1.0" - } - -In this example I have `OPT_AUTH` enabled in ZoneMinder and it returns my credential key. You can then use this key to stream images like so: - -:: - - - -Where `authval` is the credentials returned to start streaming videos. - -The `append_password` field will contain 1 when it is necessary for you to append your ZM password. This is the case when you set `AUTH_RELAY` in ZM options to "plain", for example. In that case, the `credentials` field may contain something like `&user=admin&pass=` and you have to add your password to that string. + { + "iss": "ZoneMinder", + "iat": 1557940752, + "exp": 1557944352, + "user": "admin", + "type": "access" + } + Invalid Signature -.. NOTE:: It is recommended you invoke the `login` API once every 60 minutes to make sure the session stays alive. The same is true if you use the old login method too. +Don't be surprised. JWT tokens, by default, are `not meant to be encrypted `__. It is just an assertion of a claim. It states that the issuer of this token was ZoneMinder, +It was issued at (iat) Wednesday, 2019-05-15 17:19:12 UTC and will expire on (exp) Wednesday, 2019-05-15 18:19:12 UTC. This token claims to be owned by an admin and is an access token. If your token were to be stolen, this information is available to the person who stole it. Note that there are no sensitive details like passwords in this claim. + +However, that person will **not** have your secret key as part of this token and therefore, will NOT be able to create a new JWT token to get, say, a refresh token. They will however, be able to use your access token to access resources just like the auth hash above, till the access token expires (2 hrs). To revoke this token, you don't need to disable the user. Go to ``Options->API`` and tap on "Revoke All Access Tokens". This will invalidate the token immediately (this option will invalidate all tokens for all users, and new ones will need to be generated). + +Over time, we will provide you with more fine grained access to these options. + +**Summarizing good practices:** + +* Use HTTPS, not HTTP +* If possible, use free services like `LetsEncrypt `__ instead of self-signed certificates (sometimes this is not possible) +* Keep your tokens as private as possible, and use them as recommended above +* If you believe your tokens are compromised, revoke them, but also check if your attacker has compromised more than you think (example, they may also have your username/password or access to your system via other exploits, in which case they can regenerate as many tokens/credentials as they want). +.. NOTE:: + Subsequent sections don't explicitly callout the key addition to APIs. We assume that you will append the correct keys as per our explanation above. -Examples (please read security notice above) -^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^ - -Please remember, if you are using authentication, please add a ``-b cookies.txt`` to each of the commands below if you are using -CuRL. If you are not using CuRL and writing your own app, you need to make sure you pass on cookies to subsequent requests -in your app. +Examples +^^^^^^^^^ (In all examples, replace 'server' with IP or hostname & port where ZoneMinder is running) @@ -410,6 +412,15 @@ This returns number of events per monitor that were recorded in the last day whe +Return sorted events +^^^^^^^^^^^^^^^^^^^^^^ + +This returns a list of events within a time range and also sorts it by descending order + +:: + + curl -XGET "http://server/zm/api/events/index/StartTime%20>=:2015-05-15%2018:43:56/EndTime%20<=:208:43:56.json?sort=StartTime&direction=desc" + Configuration Apis ^^^^^^^^^^^^^^^^^^^ @@ -584,9 +595,104 @@ Returns: This only works if you have a multiserver setup in place. If you don't it will return an empty array. +Other APIs +^^^^^^^^^^ +This is not a complete list. ZM supports more parameters/APIs. A good way to dive in is to look at the `API code `__ directly. + +Streaming Interface +^^^^^^^^^^^^^^^^^^^ +Developers working on their application often ask if there is an "API" to receive live streams, or recorded event streams. +It is possible to stream both live and recorded streams. This isn't strictly an "API" per-se (that is, it is not integrated +into the Cake PHP based API layer discussed here) and also why we've used the term "Interface" instead of an "API". + +Live Streams +~~~~~~~~~~~~~~ +What you need to know is that if you want to display "live streams", ZoneMinder sends you streaming JPEG images (MJPEG) +which can easily be rendered in a browser using an ``img src`` tag. + +For example: + +:: + + + + # or + + + + + + +will display a live feed from monitor id 1, scaled down by 50% in quality and resized to 640x480px. + +* This assumes ``/zm/cgi-bin`` is your CGI_BIN path. Change it to what is correct in your system +* The "auth" token you see above is required if you use ZoneMinder authentication. To understand how to get the auth token, please read the "Login, Logout & API security" section below. +* The "connkey" parameter is essentially a random number which uniquely identifies a stream. If you don't specify a connkey, ZM will generate its own. It is recommended to generate a connkey because you can then use it to "control" the stream (pause/resume etc.) +* Instead of dealing with the "auth" token, you can also use ``&user=username&pass=password`` where "username" and "password" are your ZoneMinder username and password respectively. Note that this is not recommended because you are transmitting them in a URL and even if you use HTTPS, they may show up in web server logs. + + +PTZ on live streams +------------------- +PTZ commands are pretty cryptic in ZoneMinder. This is not meant to be an exhaustive guide, but just something to whet your appetite: + + +Lets assume you have a monitor, with ID=6. Let's further assume you want to pan it left. + +You'd need to send a: +``POST`` command to ``https://yourserver/zm/index.php`` with the following data payload in the command (NOT in the URL) + +``view=request&request=control&id=6&control=moveConLeft&xge=30&yge=30`` + +Obviously, if you are using authentication, you need to be logged in for this to work. + +Like I said, at this stage, this is only meant to get you started. Explore the ZoneMinder code and use "Inspect source" as you use PTZ commands in the ZoneMinder source code. +`control_functions.php `__ is a great place to start. + + +Pre-recorded (past event) streams +~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~ + +Similar to live playback, if you have chosen to store events in JPEG mode, you can play it back using: + +:: + + + + # or + + + + + +* This assumes ``/zm/cgi-bin`` is your CGI_BIN path. Change it to what is correct in your system +* This will playback event 293820, starting from frame 1 as an MJPEG stream +* Like before, you can add more parameters like ``scale`` etc. +* auth and connkey have the same meaning as before, and yes, you can replace auth by ``&user=usename&pass=password`` as before and the same security concerns cited above apply. + +If instead, you have chosen to use the MP4 (Video) storage mode for events, you can directly play back the saved video file: + +:: + + + + + # or + + + + +This above will play back the video recording for event 294690 + +What other parameters are supported? +~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~ +The best way to answer this question is to play with ZoneMinder console. Open a browser, play back live or recorded feed, and do an "Inspect Source" to see what parameters +are generated. Change and observe. + + Further Reading ^^^^^^^^^^^^^^^^ + As described earlier, treat this document as an "introduction" to the important parts of the API and streaming interfaces. There are several details that haven't yet been documented. Till they are, here are some resources: diff --git a/scripts/ZoneMinder/lib/ZoneMinder/ConfigData.pm.in b/scripts/ZoneMinder/lib/ZoneMinder/ConfigData.pm.in index 495e53d29..d133b3eaf 100644 --- a/scripts/ZoneMinder/lib/ZoneMinder/ConfigData.pm.in +++ b/scripts/ZoneMinder/lib/ZoneMinder/ConfigData.pm.in @@ -396,6 +396,17 @@ our @options = ( type => $types{boolean}, category => 'system', }, + { + name => 'ZM_OPT_USE_LEGACY_API_AUTH', + default => 'yes', + description => 'Enable legacy API authentication', + help => q` + Starting version 1.34.0, ZoneMinder uses a more secure + Authentication mechanism using JWT tokens. Older versions used a less secure MD5 based auth hash. It is recommended you turn this off after you are sure you don't need it. If you are using a 3rd party app that relies on the older API auth mechanisms, you will have to update that app if you turn this off. Note that zmNinja 1.3.057 onwards supports the new token system + `, + type => $types{boolean}, + category => 'system', + }, { name => 'ZM_OPT_USE_EVENTNOTIFICATION', default => 'no', diff --git a/scripts/zmupdate.pl.in b/scripts/zmupdate.pl.in index bb9dddac4..8dbc4d14f 100644 --- a/scripts/zmupdate.pl.in +++ b/scripts/zmupdate.pl.in @@ -51,6 +51,8 @@ configuring upgrades etc, including on the fly upgrades. use strict; use bytes; use version; +use Crypt::Eksblowfish::Bcrypt; +use Data::Entropy::Algorithms qw(rand_bits); # ========================================================================== # @@ -312,6 +314,7 @@ if ( $migrateEvents ) { if ( $freshen ) { print( "\nFreshening configuration in database\n" ); migratePaths(); + migratePasswords(); ZoneMinder::Config::loadConfigFromDB(); ZoneMinder::Config::saveConfigToDB(); } @@ -999,6 +1002,26 @@ sub patchDB { } +sub migratePasswords { + print ("Migratings passwords, if any...\n"); + my $sql = "select * from Users"; + my $sth = $dbh->prepare_cached( $sql ) or die( "Can't prepare '$sql': ".$dbh->errstr() ); + my $res = $sth->execute() or die( "Can't execute: ".$sth->errstr() ); + while( my $user = $sth->fetchrow_hashref() ) { + my $scheme = substr($user->{Password}, 0, 1); + if ($scheme eq "*") { + print ("-->".$user->{Username}. " password will be migrated\n"); + my $salt = Crypt::Eksblowfish::Bcrypt::en_base64(rand_bits(16*8)); + my $settings = '$2a$10$'.$salt; + my $pass_hash = Crypt::Eksblowfish::Bcrypt::bcrypt($user->{Password},$settings); + my $new_pass_hash = "-ZM-".$pass_hash; + $sql = "UPDATE Users SET PASSWORD=? WHERE Username=?"; + my $sth = $dbh->prepare_cached( $sql ) or die( "Can't prepare '$sql': ".$dbh->errstr() ); + my $res = $sth->execute($new_pass_hash, $user->{Username}) or die( "Can't execute: ".$sth->errstr() ); + } + } +} + sub migratePaths { my $customConfigFile = '@ZM_CONFIG_SUBDIR@/zmcustom.conf'; diff --git a/src/CMakeLists.txt b/src/CMakeLists.txt index e27c36d6a..3628a4944 100644 --- a/src/CMakeLists.txt +++ b/src/CMakeLists.txt @@ -4,20 +4,26 @@ configure_file(zm_config.h.in "${CMAKE_CURRENT_BINARY_DIR}/zm_config.h" @ONLY) # Group together all the source files that are used by all the binaries (zmc, zma, zmu, zms etc) -set(ZM_BIN_SRC_FILES zm_box.cpp zm_buffer.cpp zm_camera.cpp zm_comms.cpp zm_config.cpp zm_coord.cpp zm_curl_camera.cpp zm.cpp zm_db.cpp zm_logger.cpp zm_event.cpp zm_frame.cpp zm_eventstream.cpp zm_exception.cpp zm_file_camera.cpp zm_ffmpeg_input.cpp zm_ffmpeg_camera.cpp zm_group.cpp zm_image.cpp zm_jpeg.cpp zm_libvlc_camera.cpp zm_local_camera.cpp zm_monitor.cpp zm_monitorstream.cpp zm_ffmpeg.cpp zm_mpeg.cpp zm_packet.cpp zm_packetqueue.cpp zm_poly.cpp zm_regexp.cpp zm_remote_camera.cpp zm_remote_camera_http.cpp zm_remote_camera_nvsocket.cpp zm_remote_camera_rtsp.cpp zm_rtp.cpp zm_rtp_ctrl.cpp zm_rtp_data.cpp zm_rtp_source.cpp zm_rtsp.cpp zm_rtsp_auth.cpp zm_sdp.cpp zm_signal.cpp zm_stream.cpp zm_swscale.cpp zm_thread.cpp zm_time.cpp zm_timer.cpp zm_user.cpp zm_utils.cpp zm_video.cpp zm_videostore.cpp zm_zone.cpp zm_fifo.cpp zm_storage.cpp) +set(ZM_BIN_SRC_FILES zm_box.cpp zm_buffer.cpp zm_camera.cpp zm_comms.cpp zm_config.cpp zm_coord.cpp zm_curl_camera.cpp zm.cpp zm_db.cpp zm_logger.cpp zm_event.cpp zm_frame.cpp zm_eventstream.cpp zm_exception.cpp zm_file_camera.cpp zm_ffmpeg_input.cpp zm_ffmpeg_camera.cpp zm_group.cpp zm_image.cpp zm_jpeg.cpp zm_libvlc_camera.cpp zm_local_camera.cpp zm_monitor.cpp zm_monitorstream.cpp zm_ffmpeg.cpp zm_mpeg.cpp zm_packet.cpp zm_packetqueue.cpp zm_poly.cpp zm_regexp.cpp zm_remote_camera.cpp zm_remote_camera_http.cpp zm_remote_camera_nvsocket.cpp zm_remote_camera_rtsp.cpp zm_rtp.cpp zm_rtp_ctrl.cpp zm_rtp_data.cpp zm_rtp_source.cpp zm_rtsp.cpp zm_rtsp_auth.cpp zm_sdp.cpp zm_signal.cpp zm_stream.cpp zm_swscale.cpp zm_thread.cpp zm_time.cpp zm_timer.cpp zm_user.cpp zm_utils.cpp zm_video.cpp zm_videostore.cpp zm_zone.cpp zm_storage.cpp zm_fifo.cpp zm_crypt.cpp) + # A fix for cmake recompiling the source files for every target. add_library(zm STATIC ${ZM_BIN_SRC_FILES}) +link_directories(../third_party/bcrypt) add_executable(zmc zmc.cpp) add_executable(zma zma.cpp) add_executable(zmu zmu.cpp) add_executable(zms zms.cpp) +# JWT is a header only library. +include_directories(../third_party/bcrypt/include/bcrypt) +include_directories(../third_party/jwt-cpp/include/jwt-cpp) + target_link_libraries(zmc zm ${ZM_EXTRA_LIBS} ${ZM_BIN_LIBS}) target_link_libraries(zma zm ${ZM_EXTRA_LIBS} ${ZM_BIN_LIBS}) -target_link_libraries(zmu zm ${ZM_EXTRA_LIBS} ${ZM_BIN_LIBS}) -target_link_libraries(zms zm ${ZM_EXTRA_LIBS} ${ZM_BIN_LIBS}) +target_link_libraries(zmu zm ${ZM_EXTRA_LIBS} ${ZM_BIN_LIBS} bcrypt) +target_link_libraries(zms zm ${ZM_EXTRA_LIBS} ${ZM_BIN_LIBS} bcrypt) # Generate man files for the binaries destined for the bin folder FOREACH(CBINARY zma zmc zmu) diff --git a/src/zm_crypt.cpp b/src/zm_crypt.cpp new file mode 100644 index 000000000..0235e5c13 --- /dev/null +++ b/src/zm_crypt.cpp @@ -0,0 +1,117 @@ +#include "zm.h" +# include "zm_crypt.h" +#include "BCrypt.hpp" +#include "jwt.h" +#include +#include + + +// returns username if valid, "" if not +std::pair verifyToken(std::string jwt_token_str, std::string key) { + std::string username = ""; + unsigned int token_issued_at = 0; + try { + // is it decodable? + auto decoded = jwt::decode(jwt_token_str); + auto verifier = jwt::verify() + .allow_algorithm(jwt::algorithm::hs256{ key }) + .with_issuer("ZoneMinder"); + + // signature verified? + verifier.verify(decoded); + + // make sure it has fields we need + if (decoded.has_payload_claim("type")) { + std::string type = decoded.get_payload_claim("type").as_string(); + if (type != "access") { + Error ("Only access tokens are allowed. Please do not use refresh tokens"); + return std::make_pair("",0); + } + } + else { + // something is wrong. All ZM tokens have type + Error ("Missing token type. This should not happen"); + return std::make_pair("",0); + } + if (decoded.has_payload_claim("user")) { + username = decoded.get_payload_claim("user").as_string(); + Debug (1, "Got %s as user claim from token", username.c_str()); + } + else { + Error ("User not found in claim"); + return std::make_pair("",0); + } + + if (decoded.has_payload_claim("iat")) { + token_issued_at = (unsigned int) (decoded.get_payload_claim("iat").as_int()); + Debug (1,"Got IAT token=%u", token_issued_at); + + } + else { + Error ("IAT not found in claim. This should not happen"); + return std::make_pair("",0); + } + } // try + catch (const std::exception &e) { + Error("Unable to verify token: %s", e.what()); + return std::make_pair("",0); + } + catch (...) { + Error ("unknown exception"); + return std::make_pair("",0); + + } + return std::make_pair(username,token_issued_at); +} + +bool verifyPassword(const char *username, const char *input_password, const char *db_password_hash) { + bool password_correct = false; + if (strlen(db_password_hash ) < 4) { + // actually, shoud be more, but this is min. for next code + Error ("DB Password is too short or invalid to check"); + return false; + } + if (db_password_hash[0] == '*') { + // MYSQL PASSWORD + Debug (1,"%s is using an MD5 encoded password", username); + + SHA_CTX ctx1, ctx2; + unsigned char digest_interim[SHA_DIGEST_LENGTH]; + unsigned char digest_final[SHA_DIGEST_LENGTH]; + + //get first iteration + SHA1_Init(&ctx1); + SHA1_Update(&ctx1, input_password, strlen(input_password)); + SHA1_Final(digest_interim, &ctx1); + + //2nd iteration + SHA1_Init(&ctx2); + SHA1_Update(&ctx2, digest_interim,SHA_DIGEST_LENGTH); + SHA1_Final (digest_final, &ctx2); + + char final_hash[SHA_DIGEST_LENGTH * 2 +2]; + final_hash[0]='*'; + //convert to hex + for(int i = 0; i < SHA_DIGEST_LENGTH; i++) + sprintf(&final_hash[i*2]+1, "%02X", (unsigned int)digest_final[i]); + final_hash[SHA_DIGEST_LENGTH *2 + 1]=0; + + Debug (1,"Computed password_hash:%s, stored password_hash:%s", final_hash, db_password_hash); + Debug (5, "Computed password_hash:%s, stored password_hash:%s", final_hash, db_password_hash); + password_correct = (strcmp(db_password_hash, final_hash)==0); + } + else if ((db_password_hash[0] == '$') && (db_password_hash[1]== '2') + &&(db_password_hash[3] == '$')) { + // BCRYPT + Debug (1,"%s is using a bcrypt encoded password", username); + BCrypt bcrypt; + std::string input_hash = bcrypt.generateHash(std::string(input_password)); + password_correct = bcrypt.validatePassword(std::string(input_password), std::string(db_password_hash)); + } + else { + // plain + Warning ("%s is using a plain text password, please do not use plain text", username); + password_correct = (strcmp(input_password, db_password_hash) == 0); + } + return password_correct; +} \ No newline at end of file diff --git a/src/zm_crypt.h b/src/zm_crypt.h new file mode 100644 index 000000000..340abc36c --- /dev/null +++ b/src/zm_crypt.h @@ -0,0 +1,31 @@ +// +// ZoneMinder General Utility Functions, $Date$, $Revision$ +// Copyright (C) 2001-2008 Philip Coombes +// +// This program is free software; you can redistribute it and/or +// modify it under the terms of the GNU General Public License +// as published by the Free Software Foundation; either version 2 +// of the License, or (at your option) any later version. +// +// This program is distributed in the hope that it will be useful, +// but WITHOUT ANY WARRANTY; without even the implied warranty of +// MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the +// GNU General Public License for more details. +// +// You should have received a copy of the GNU General Public License +// along with this program; if not, write to the Free Software +// Foundation, Inc., 51 Franklin Street, Fifth Floor, Boston, MA 02110-1301 USA. +// + +#ifndef ZM_CRYPT_H +#define ZM_CRYPT_H + + +#include + + + +bool verifyPassword( const char *username, const char *input_password, const char *db_password_hash); + +std::pair verifyToken(std::string token, std::string key); +#endif // ZM_CRYPT_H \ No newline at end of file diff --git a/src/zm_user.cpp b/src/zm_user.cpp index 46ee2cdf1..35f25f7c9 100644 --- a/src/zm_user.cpp +++ b/src/zm_user.cpp @@ -27,7 +27,9 @@ #include #include + #include "zm_utils.h" +#include "zm_crypt.h" User::User() { id = 0; @@ -95,24 +97,15 @@ User *zmLoadUser( const char *username, const char *password ) { // According to docs, size of safer_whatever must be 2*length+1 due to unicode conversions + null terminator. mysql_real_escape_string(&dbconn, safer_username, username, username_length ); - if ( password ) { - int password_length = strlen(password); - char *safer_password = new char[(password_length * 2) + 1]; - mysql_real_escape_string(&dbconn, safer_password, password, password_length); - snprintf(sql, sizeof(sql), - "SELECT Id, Username, Password, Enabled, Stream+0, Events+0, Control+0, Monitors+0, System+0, MonitorIds" - " FROM Users WHERE Username = '%s' AND Password = password('%s') AND Enabled = 1", - safer_username, safer_password ); - delete safer_password; - } else { - snprintf(sql, sizeof(sql), - "SELECT Id, Username, Password, Enabled, Stream+0, Events+0, Control+0, Monitors+0, System+0, MonitorIds" - " FROM Users where Username = '%s' and Enabled = 1", safer_username ); - } + + snprintf(sql, sizeof(sql), + "SELECT Id, Username, Password, Enabled, Stream+0, Events+0, Control+0, Monitors+0, System+0, MonitorIds" + " FROM Users where Username = '%s' and Enabled = 1", safer_username ); + if ( mysql_query(&dbconn, sql) ) { Error("Can't run query: %s", mysql_error(&dbconn)); - exit(mysql_errno(&dbconn)); + exit(mysql_errno(&dbconn)); } MYSQL_RES *result = mysql_store_result(&dbconn); @@ -131,14 +124,86 @@ User *zmLoadUser( const char *username, const char *password ) { MYSQL_ROW dbrow = mysql_fetch_row(result); User *user = new User(dbrow); - Info("Authenticated user '%s'", user->getUsername()); - - mysql_free_result(result); - delete safer_username; - - return user; + + if (verifyPassword(username, password, user->getPassword())) { + Info("Authenticated user '%s'", user->getUsername()); + mysql_free_result(result); + delete safer_username; + return user; + } + else { + Warning("Unable to authenticate user %s", username); + mysql_free_result(result); + return NULL; + } + } +User *zmLoadTokenUser (std::string jwt_token_str, bool use_remote_addr ) { + std::string key = config.auth_hash_secret; + std::string remote_addr = ""; + + if (use_remote_addr) { + remote_addr = std::string(getenv( "REMOTE_ADDR" )); + if ( remote_addr == "" ) { + Warning( "Can't determine remote address, using null" ); + remote_addr = ""; + } + key += remote_addr; + } + + Debug (1,"Inside zmLoadTokenUser, formed key=%s", key.c_str()); + + std::pair ans = verifyToken(jwt_token_str, key); + std::string username = ans.first; + unsigned int iat = ans.second; + + if (username != "") { + char sql[ZM_SQL_MED_BUFSIZ] = ""; + snprintf(sql, sizeof(sql), + "SELECT Id, Username, Password, Enabled, Stream+0, Events+0, Control+0, Monitors+0, System+0, MonitorIds, TokenMinExpiry" + " FROM Users WHERE Username = '%s' and Enabled = 1", username.c_str() ); + + if ( mysql_query(&dbconn, sql) ) { + Error("Can't run query: %s", mysql_error(&dbconn)); + exit(mysql_errno(&dbconn)); + } + + MYSQL_RES *result = mysql_store_result(&dbconn); + if ( !result ) { + Error("Can't use query result: %s", mysql_error(&dbconn)); + exit(mysql_errno(&dbconn)); + } + int n_users = mysql_num_rows(result); + + if ( n_users != 1 ) { + mysql_free_result(result); + Error("Unable to authenticate user %s", username.c_str()); + return NULL; + } + + MYSQL_ROW dbrow = mysql_fetch_row(result); + User *user = new User(dbrow); + unsigned int stored_iat = strtoul(dbrow[10], NULL,0 ); + + if (stored_iat > iat ) { // admin revoked tokens + mysql_free_result(result); + Error("Token was revoked for %s", username.c_str()); + return NULL; + } + + Debug (1,"Got stored expiry time of %u",stored_iat); + Info ("Authenticated user '%s' via token", username.c_str()); + mysql_free_result(result); + return user; + + } + else { + return NULL; + } + +} + // Function to validate an authentication string User *zmLoadAuthUser( const char *auth, bool use_remote_addr ) { #if HAVE_DECL_MD5 || HAVE_DECL_GNUTLS_FINGERPRINT diff --git a/src/zm_user.h b/src/zm_user.h index 00c61185b..04842b318 100644 --- a/src/zm_user.h +++ b/src/zm_user.h @@ -77,6 +77,7 @@ public: User *zmLoadUser( const char *username, const char *password=0 ); User *zmLoadAuthUser( const char *auth, bool use_remote_addr ); +User *zmLoadTokenUser( std::string jwt, bool use_remote_addr); bool checkUser ( const char *username); bool checkPass (const char *password); diff --git a/src/zms.cpp b/src/zms.cpp index 6042dbef3..5e6e4c2d6 100644 --- a/src/zms.cpp +++ b/src/zms.cpp @@ -71,6 +71,7 @@ int main( int argc, const char *argv[] ) { std::string username; std::string password; char auth[64] = ""; + std::string jwt_token_str = ""; unsigned int connkey = 0; unsigned int playback_buffer = 0; @@ -161,6 +162,10 @@ int main( int argc, const char *argv[] ) { playback_buffer = atoi(value); } else if ( !strcmp( name, "auth" ) ) { strncpy( auth, value, sizeof(auth)-1 ); + } else if ( !strcmp( name, "token" ) ) { + jwt_token_str = value; + Debug(1,"ZMS: JWT token found: %s", jwt_token_str.c_str()); + } else if ( !strcmp( name, "user" ) ) { username = UriDecode( value ); } else if ( !strcmp( name, "pass" ) ) { @@ -184,11 +189,16 @@ int main( int argc, const char *argv[] ) { if ( config.opt_use_auth ) { User *user = 0; - if ( strcmp(config.auth_relay, "none") == 0 ) { + if (jwt_token_str != "") { + //user = zmLoadTokenUser(jwt_token_str, config.auth_hash_ips); + user = zmLoadTokenUser(jwt_token_str, false); + + } + else if ( strcmp(config.auth_relay, "none") == 0 ) { if ( checkUser(username.c_str()) ) { user = zmLoadUser(username.c_str()); } else { - Error("") + Error("Bad username"); } } else { diff --git a/src/zmu.cpp b/src/zmu.cpp index 2ad1471d5..07f9ae8aa 100644 --- a/src/zmu.cpp +++ b/src/zmu.cpp @@ -138,6 +138,7 @@ void Usage(int status=-1) { " -U, --username : When running in authenticated mode the username and\n" " -P, --password : password combination of the given user\n" " -A, --auth : Pass authentication hash string instead of user details\n" + " -T, --token : Pass JWT token string instead of user details\n" "", stderr ); exit(status); @@ -242,6 +243,7 @@ int main(int argc, char *argv[]) { {"username", 1, 0, 'U'}, {"password", 1, 0, 'P'}, {"auth", 1, 0, 'A'}, + {"token", 1, 0, 'T'}, {"version", 1, 0, 'V'}, {"help", 0, 0, 'h'}, {"list", 0, 0, 'l'}, @@ -263,6 +265,7 @@ int main(int argc, char *argv[]) { char *username = 0; char *password = 0; char *auth = 0; + std::string jwt_token_str = ""; #if ZM_HAS_V4L #if ZM_HAS_V4L2 int v4lVersion = 2; @@ -273,7 +276,7 @@ int main(int argc, char *argv[]) { while (1) { int option_index = 0; - int c = getopt_long(argc, argv, "d:m:vsEDLurwei::S:t::fz::ancqhlB::C::H::O::U:P:A:V:", long_options, &option_index); + int c = getopt_long(argc, argv, "d:m:vsEDLurwei::S:t::fz::ancqhlB::C::H::O::U:P:A:V:T:", long_options, &option_index); if ( c == -1 ) { break; } @@ -378,6 +381,9 @@ int main(int argc, char *argv[]) { case 'A': auth = optarg; break; + case 'T': + jwt_token_str = std::string(optarg); + break; #if ZM_HAS_V4L case 'V': v4lVersion = (atoi(optarg)==1)?1:2; @@ -438,10 +444,13 @@ int main(int argc, char *argv[]) { user = zmLoadUser(username); } else { - if ( !(username && password) && !auth ) { - Error("Username and password or auth string must be supplied"); + if ( !(username && password) && !auth && (jwt_token_str=="")) { + Error("Username and password or auth/token string must be supplied"); exit_zmu(-1); } + if (jwt_token_str != "") { + user = zmLoadTokenUser(jwt_token_str, false); + } if ( auth ) { user = zmLoadAuthUser(auth, false); } diff --git a/third_party/bcrypt b/third_party/bcrypt new file mode 160000 index 000000000..be171cd75 --- /dev/null +++ b/third_party/bcrypt @@ -0,0 +1 @@ +Subproject commit be171cd75dd65e06315a67c7dcdb8e1bbc1dabd4 diff --git a/third_party/jwt-cpp b/third_party/jwt-cpp new file mode 160000 index 000000000..bfca4f6a8 --- /dev/null +++ b/third_party/jwt-cpp @@ -0,0 +1 @@ +Subproject commit bfca4f6a87bfd9d9a259939d0524169827a3a862 diff --git a/version b/version index 692c2e30d..c64ec5337 100644 --- a/version +++ b/version @@ -1 +1 @@ -1.33.8 +1.33.9 diff --git a/web/.gitignore b/web/.gitignore index 90d971d4b..354e5470b 100644 --- a/web/.gitignore +++ b/web/.gitignore @@ -4,8 +4,8 @@ /app/tmp /lib/Cake/Console/Templates/skel/tmp/ /plugins -/vendors /build +/vendors /dist /tags /app/webroot/events diff --git a/web/CMakeLists.txt b/web/CMakeLists.txt index 50e5f9998..b3d097739 100644 --- a/web/CMakeLists.txt +++ b/web/CMakeLists.txt @@ -9,7 +9,7 @@ add_subdirectory(tools/mootools) configure_file(includes/config.php.in "${CMAKE_CURRENT_BINARY_DIR}/includes/config.php" @ONLY) # Install the web files -install(DIRECTORY api ajax css fonts graphics includes js lang skins tools views DESTINATION "${ZM_WEBDIR}" PATTERN "*.in" EXCLUDE PATTERN "*Make*" EXCLUDE PATTERN "*cmake*" EXCLUDE) +install(DIRECTORY vendor api ajax css fonts graphics includes js lang skins tools views DESTINATION "${ZM_WEBDIR}" PATTERN "*.in" EXCLUDE PATTERN "*Make*" EXCLUDE PATTERN "*cmake*" EXCLUDE) install(FILES index.php robots.txt DESTINATION "${ZM_WEBDIR}") install(FILES "${CMAKE_CURRENT_BINARY_DIR}/includes/config.php" DESTINATION "${ZM_WEBDIR}/includes") diff --git a/web/api/app/Controller/AppController.php b/web/api/app/Controller/AppController.php index 51575f055..eeda4b105 100644 --- a/web/api/app/Controller/AppController.php +++ b/web/api/app/Controller/AppController.php @@ -68,25 +68,46 @@ class AppController extends Controller { # For use throughout the app. If not logged in, this will be null. global $user; + if ( ZM_OPT_USE_AUTH ) { require_once __DIR__ .'/../../../includes/auth.php'; $mUser = $this->request->query('user') ? $this->request->query('user') : $this->request->data('user'); $mPassword = $this->request->query('pass') ? $this->request->query('pass') : $this->request->data('pass'); - $mAuth = $this->request->query('auth') ? $this->request->query('auth') : $this->request->data('auth'); + $mToken = $this->request->query('token') ? $this->request->query('token') : $this->request->data('token'); if ( $mUser and $mPassword ) { - $user = userLogin($mUser, $mPassword); + // log (user, pass, nothashed, api based login so skip recaptcha) + $user = userLogin($mUser, $mPassword, false, true); if ( !$user ) { - throw new UnauthorizedException(__('User not found or incorrect password')); + throw new UnauthorizedException(__('Incorrect credentials or API disabled')); return; } + } else if ( $mToken ) { + // if you pass a token to login, we should only allow + // refresh tokens to regenerate new access and refresh tokens + if ( !strcasecmp($this->params->action, 'login') ) { + $only_allow_token_type='refresh'; + } else { + // for any other methods, don't allow refresh tokens + // they are supposed to be infrequently used for security + // purposes + $only_allow_token_type='access'; + + } + $ret = validateToken($mToken, $only_allow_token_type, true); + $user = $ret[0]; + $retstatus = $ret[1]; + if ( !$user ) { + throw new UnauthorizedException(__($retstatus)); + return; + } } else if ( $mAuth ) { - $user = getAuthUser($mAuth); - if ( !$user ) { - throw new UnauthorizedException(__('Invalid Auth Key')); - return; - } + $user = getAuthUser($mAuth, true); + if ( !$user ) { + throw new UnauthorizedException(__('Invalid Auth Key')); + return; + } } // We need to reject methods that are not authenticated // besides login and logout @@ -100,6 +121,10 @@ class AppController extends Controller { } } # end if ! login or logout } # end if ZM_OPT_AUTH - + // make sure populated user object has APIs enabled + if ($user['APIEnabled'] == 0 ) { + throw new UnauthorizedException(__('API Disabled')); + return; + } } # end function beforeFilter() } diff --git a/web/api/app/Controller/HostController.php b/web/api/app/Controller/HostController.php index 05b2ed3fa..f0bae277e 100644 --- a/web/api/app/Controller/HostController.php +++ b/web/api/app/Controller/HostController.php @@ -31,19 +31,60 @@ class HostController extends AppController { } function login() { + + $mUser = $this->request->query('user') ? $this->request->query('user') : $this->request->data('user'); + $mPassword = $this->request->query('pass') ? $this->request->query('pass') : $this->request->data('pass'); + $mToken = $this->request->query('token') ? $this->request->query('token') : $this->request->data('token'); + + + if ( !($mUser && $mPassword) && !$mToken ) { + throw new UnauthorizedException(__('No identity provided')); + } - $cred = $this->_getCredentials(); $ver = $this->_getVersion(); - $this->set(array( - 'credentials' => $cred[0], - 'append_password'=>$cred[1], - 'version' => $ver[0], - 'apiversion' => $ver[1], - '_serialize' => array('credentials', - 'append_password', - 'version', - 'apiversion' - ))); + $cred = []; + $cred_depr = []; + + if ($mUser && $mPassword) { + $cred = $this->_getCredentials(true); // generate refresh + } + else { + $cred = $this->_getCredentials(false, $mToken); // don't generate refresh + } + + $login_array = array ( + 'access_token'=>$cred[0], + 'access_token_expires'=>$cred[1] + ); + + $login_serialize_list = array ( + 'access_token', + 'access_token_expires' + ); + + if ($mUser && $mPassword) { + $login_array['refresh_token'] = $cred[2]; + $login_array['refresh_token_expires'] = $cred[3]; + array_push ($login_serialize_list, 'refresh_token', 'refresh_token_expires'); + } + + if (ZM_OPT_USE_LEGACY_API_AUTH) { + $cred_depr = $this->_getCredentialsDeprecated(); + $login_array ['credentials']=$cred_depr[0]; + $login_array ['append_password']=$cred_depr[1]; + array_push ($login_serialize_list, 'credentials', 'append_password'); + } + + + $login_array['version'] = $ver[0]; + $login_array['apiversion'] = $ver[1]; + array_push ($login_serialize_list, 'version', 'apiversion'); + + $login_array["_serialize"] = $login_serialize_list; + + $this->set($login_array); + + } // end function login() // clears out session @@ -56,40 +97,95 @@ class HostController extends AppController { )); } // end function logout() - - private function _getCredentials() { + + private function _getCredentialsDeprecated() { $credentials = ''; $appendPassword = 0; - $this->loadModel('Config'); - $isZmAuth = $this->Config->find('first',array('conditions' => array('Config.' . $this->Config->primaryKey => 'ZM_OPT_USE_AUTH')))['Config']['Value']; - - if ( $isZmAuth ) { - // In future, we may want to completely move to AUTH_HASH_LOGINS and return &auth= for all cases - require_once __DIR__ .'/../../../includes/auth.php'; # in the event we directly call getCredentials.json - - $zmAuthRelay = $this->Config->find('first',array('conditions' => array('Config.' . $this->Config->primaryKey => 'ZM_AUTH_RELAY')))['Config']['Value']; - if ( $zmAuthRelay == 'hashed' ) { - $zmAuthHashIps = $this->Config->find('first',array('conditions' => array('Config.' . $this->Config->primaryKey => 'ZM_AUTH_HASH_IPS')))['Config']['Value']; - // make sure auth is regenerated each time we call this API - $credentials = 'auth='.generateAuthHash($zmAuthHashIps,true); - } else { - // user will need to append the store password here + if (ZM_OPT_USE_AUTH) { + require_once __DIR__ .'/../../../includes/auth.php'; + if (ZM_AUTH_RELAY=='hashed') { + $credentials = 'auth='.generateAuthHash(ZM_AUTH_HASH_IPS,true); + } + else { $credentials = 'user='.$this->Session->read('Username').'&pass='; $appendPassword = 1; } + return array($credentials, $appendPassword); } - return array($credentials, $appendPassword); - } // end function _getCredentials + } + + private function _getCredentials($generate_refresh_token=false, $mToken='') { + $credentials = ''; + $this->loadModel('Config'); - function getCredentials() { - // ignore debug warnings from other functions - $this->view='Json'; - $val = $this->_getCredentials(); - $this->set(array( - 'credentials'=> $val[0], - 'append_password'=>$val[1], - '_serialize' => array('credentials', 'append_password') - ) ); + if ( ZM_OPT_USE_AUTH ) { + require_once __DIR__ .'/../../../includes/auth.php'; + require_once __DIR__.'/../../../vendor/autoload.php'; + + $key = ZM_AUTH_HASH_SECRET; + if (!$key) { + throw new ForbiddenException(__('Please create a valid AUTH_HASH_SECRET in ZoneMinder')); + } + + if ($mToken) { + // If we have a token, we need to derive username from there + $ret = validateToken($mToken, 'refresh', true); + $mUser = $ret[0]['Username']; + + } else { + $mUser = $_SESSION['username']; + } + + ZM\Info("Creating token for \"$mUser\""); + + /* we won't support AUTH_HASH_IPS in token mode + reasons: + a) counter-intuitive for mobile consumers + b) zmu will never be able to to validate via a token if we sign + it after appending REMOTE_ADDR + + if (ZM_AUTH_HASH_IPS) { + $key = $key . $_SERVER['REMOTE_ADDR']; + }*/ + + $access_issued_at = time(); + $access_ttl = (ZM_AUTH_HASH_TTL || 2) * 3600; + + // by default access token will expire in 2 hrs + // you can change it by changing the value of ZM_AUTH_HASH_TLL + $access_expire_at = $access_issued_at + $access_ttl; + //$access_expire_at = $access_issued_at + 60; // TEST, REMOVE + + $access_token = array( + "iss" => "ZoneMinder", + "iat" => $access_issued_at, + "exp" => $access_expire_at, + "user" => $mUser, + "type" => "access" + ); + + $jwt_access_token = \Firebase\JWT\JWT::encode($access_token, $key, 'HS256'); + + $jwt_refresh_token = ""; + $refresh_ttl = 0; + + if ($generate_refresh_token) { + $refresh_issued_at = time(); + $refresh_ttl = 24 * 3600; // 1 day + + $refresh_expire_at = $refresh_issued_at + $refresh_ttl; + $refresh_token = array( + "iss" => "ZoneMinder", + "iat" => $refresh_issued_at, + "exp" => $refresh_expire_at, + "user" => $mUser, + "type" => "refresh" + ); + $jwt_refresh_token = \Firebase\JWT\JWT::encode($refresh_token, $key, 'HS256'); + } + + } + return array($jwt_access_token, $access_ttl, $jwt_refresh_token, $refresh_ttl); } // If $mid is set, only return disk usage for that monitor @@ -169,7 +265,7 @@ class HostController extends AppController { private function _getVersion() { $version = Configure::read('ZM_VERSION'); - $apiversion = '1.0'; + $apiversion = '2.0'; return array($version, $apiversion); } diff --git a/web/composer.json b/web/composer.json new file mode 100644 index 000000000..968d1d4cb --- /dev/null +++ b/web/composer.json @@ -0,0 +1,6 @@ +{ + "require": { + "firebase/php-jwt": "^5.0", + "ircmaxell/password-compat": "^1.0" + } +} diff --git a/web/composer.lock b/web/composer.lock new file mode 100644 index 000000000..b260d2e5a --- /dev/null +++ b/web/composer.lock @@ -0,0 +1,106 @@ +{ + "_readme": [ + "This file locks the dependencies of your project to a known state", + "Read more about it at https://getcomposer.org/doc/01-basic-usage.md#composer-lock-the-lock-file", + "This file is @generated automatically" + ], + "content-hash": "5759823f1f047089a354efaa25903378", + "packages": [ + { + "name": "firebase/php-jwt", + "version": "v5.0.0", + "source": { + "type": "git", + "url": "https://github.com/firebase/php-jwt.git", + "reference": "9984a4d3a32ae7673d6971ea00bae9d0a1abba0e" + }, + "dist": { + "type": "zip", + "url": "https://api.github.com/repos/firebase/php-jwt/zipball/9984a4d3a32ae7673d6971ea00bae9d0a1abba0e", + "reference": "9984a4d3a32ae7673d6971ea00bae9d0a1abba0e", + "shasum": "" + }, + "require": { + "php": ">=5.3.0" + }, + "require-dev": { + "phpunit/phpunit": " 4.8.35" + }, + "type": "library", + "autoload": { + "psr-4": { + "Firebase\\JWT\\": "src" + } + }, + "notification-url": "https://packagist.org/downloads/", + "license": [ + "BSD-3-Clause" + ], + "authors": [ + { + "name": "Neuman Vong", + "email": "neuman+pear@twilio.com", + "role": "Developer" + }, + { + "name": "Anant Narayanan", + "email": "anant@php.net", + "role": "Developer" + } + ], + "description": "A simple library to encode and decode JSON Web Tokens (JWT) in PHP. Should conform to the current spec.", + "homepage": "https://github.com/firebase/php-jwt", + "time": "2017-06-27T22:17:23+00:00" + }, + { + "name": "ircmaxell/password-compat", + "version": "v1.0.4", + "source": { + "type": "git", + "url": "https://github.com/ircmaxell/password_compat.git", + "reference": "5c5cde8822a69545767f7c7f3058cb15ff84614c" + }, + "dist": { + "type": "zip", + "url": "https://api.github.com/repos/ircmaxell/password_compat/zipball/5c5cde8822a69545767f7c7f3058cb15ff84614c", + "reference": "5c5cde8822a69545767f7c7f3058cb15ff84614c", + "shasum": "" + }, + "require-dev": { + "phpunit/phpunit": "4.*" + }, + "type": "library", + "autoload": { + "files": [ + "lib/password.php" + ] + }, + "notification-url": "https://packagist.org/downloads/", + "license": [ + "MIT" + ], + "authors": [ + { + "name": "Anthony Ferrara", + "email": "ircmaxell@php.net", + "homepage": "http://blog.ircmaxell.com" + } + ], + "description": "A compatibility library for the proposed simplified password hashing algorithm: https://wiki.php.net/rfc/password_hash", + "homepage": "https://github.com/ircmaxell/password_compat", + "keywords": [ + "hashing", + "password" + ], + "time": "2014-11-20T16:49:30+00:00" + } + ], + "packages-dev": [], + "aliases": [], + "minimum-stability": "stable", + "stability-flags": [], + "prefer-stable": false, + "prefer-lowest": false, + "platform": [], + "platform-dev": [] +} diff --git a/web/includes/actions/options.php b/web/includes/actions/options.php index 0c80bacf0..2f98b4a95 100644 --- a/web/includes/actions/options.php +++ b/web/includes/actions/options.php @@ -75,6 +75,7 @@ if ( $action == 'delete' ) { case 'config' : $restartWarning = true; break; + case 'API': case 'web' : case 'tools' : break; diff --git a/web/includes/actions/user.php b/web/includes/actions/user.php index af569627f..2b520cd10 100644 --- a/web/includes/actions/user.php +++ b/web/includes/actions/user.php @@ -28,8 +28,18 @@ if ( $action == 'user' ) { $types = array(); $changes = getFormChanges($dbUser, $_REQUEST['newUser'], $types); - if ( $_REQUEST['newUser']['Password'] ) - $changes['Password'] = 'Password = password('.dbEscape($_REQUEST['newUser']['Password']).')'; + if (function_exists ('password_hash')) { + $pass_hash = '"'.password_hash($pass, PASSWORD_BCRYPT).'"'; + } else { + $pass_hash = ' PASSWORD('.dbEscape($_REQUEST['newUser']['Password']).') '; + ZM\Info ('Cannot use bcrypt as you are using PHP < 5.5'); + } + + if ( $_REQUEST['newUser']['Password'] ) { + $changes['Password'] = 'Password = '.$pass_hash; + ZM\Info ("PASS CMD=".$changes['Password']); + } + else unset($changes['Password']); @@ -53,8 +63,19 @@ if ( $action == 'user' ) { $types = array(); $changes = getFormChanges($dbUser, $_REQUEST['newUser'], $types); - if ( !empty($_REQUEST['newUser']['Password']) ) - $changes['Password'] = 'Password = password('.dbEscape($_REQUEST['newUser']['Password']).')'; + if (function_exists ('password_hash')) { + $pass_hash = '"'.password_hash($pass, PASSWORD_BCRYPT).'"'; + } else { + $pass_hash = ' PASSWORD('.dbEscape($_REQUEST['newUser']['Password']).') '; + ZM\Info ('Cannot use bcrypt as you are using PHP < 5.3'); + } + + + if ( !empty($_REQUEST['newUser']['Password']) ) { + ZM\Info ("PASS CMD=".$changes['Password']); + $changes['Password'] = 'Password = '.$pass_hash; + } + else unset($changes['Password']); if ( count($changes) ) { diff --git a/web/includes/auth.php b/web/includes/auth.php index 6b061f7fc..12199d878 100644 --- a/web/includes/auth.php +++ b/web/includes/auth.php @@ -19,8 +19,33 @@ // // require_once('session.php'); +require_once(__DIR__.'/../vendor/autoload.php'); -function userLogin($username='', $password='', $passwordHashed=false) { +use \Firebase\JWT\JWT; + +// this function migrates mysql hashing to bcrypt, if you are using PHP >= 5.5 +// will be called after successful login, only if mysql hashing is detected +function migrateHash($user, $pass) { + if ( function_exists('password_hash') ) { + ZM\Info("Migrating $user to bcrypt scheme"); + // let it generate its own salt, and ensure bcrypt as PASSWORD_DEFAULT may change later + // we can modify this later to support argon2 etc as switch to its own password signature detection + $bcrypt_hash = password_hash($pass, PASSWORD_BCRYPT); + //ZM\Info ("hased bcrypt $pass is $bcrypt_hash"); + $update_password_sql = 'UPDATE Users SET Password=\''.$bcrypt_hash.'\' WHERE Username=\''.$user.'\''; + ZM\Info($update_password_sql); + dbQuery($update_password_sql); + # Since password field has changed, existing auth_hash is no longer valid + generateAuthHash(ZM_AUTH_HASH_IPS, true); + } else { + ZM\Info('Cannot migrate password scheme to bcrypt, as you are using PHP < 5.3'); + return; + } +} + +// core function used to login a user to PHP. Is also used for cake sessions for the API +function userLogin($username='', $password='', $passwordHashed=false, $from_api_layer = false) { + global $user; if ( !$username and isset($_REQUEST['username']) ) @@ -29,8 +54,10 @@ function userLogin($username='', $password='', $passwordHashed=false) { $password = $_REQUEST['password']; // if true, a popup will display after login - // PP - lets validate reCaptcha if it exists - if ( defined('ZM_OPT_USE_GOOG_RECAPTCHA') + // lets validate reCaptcha if it exists + // this only applies if it userLogin was not called from API layer + if ( !$from_api_layer + && defined('ZM_OPT_USE_GOOG_RECAPTCHA') && defined('ZM_OPT_GOOG_RECAPTCHA_SECRETKEY') && defined('ZM_OPT_GOOG_RECAPTCHA_SITEKEY') && ZM_OPT_USE_GOOG_RECAPTCHA @@ -44,17 +71,17 @@ function userLogin($username='', $password='', $passwordHashed=false) { 'remoteip' => $_SERVER['REMOTE_ADDR'] ); $res = do_post_request($url, http_build_query($fields)); - $responseData = json_decode($res,true); - // PP - credit: https://github.com/google/recaptcha/blob/master/src/ReCaptcha/Response.php + $responseData = json_decode($res, true); + // credit: https://github.com/google/recaptcha/blob/master/src/ReCaptcha/Response.php // if recaptcha resulted in error, we might have to deny login - if ( isset($responseData['success']) && $responseData['success'] == false ) { + if ( isset($responseData['success']) && ($responseData['success'] == false) ) { // PP - before we deny auth, let's make sure the error was not 'invalid secret' // because that means the user did not configure the secret key correctly // in this case, we prefer to let him login in and display a message to correct // the key. Unfortunately, there is no way to check for invalid site key in code // as it produces the same error as when you don't answer a recaptcha if ( isset($responseData['error-codes']) && is_array($responseData['error-codes']) ) { - if ( !in_array('invalid-input-secret',$responseData['error-codes']) ) { + if ( !in_array('invalid-input-secret', $responseData['error-codes']) ) { Error('reCaptcha authentication failed'); return null; } else { @@ -64,28 +91,86 @@ function userLogin($username='', $password='', $passwordHashed=false) { } // end if success==false } // end if using reCaptcha - $sql = 'SELECT * FROM Users WHERE Enabled=1'; - $sql_values = NULL; - if ( ZM_AUTH_TYPE == 'builtin' ) { - if ( $passwordHashed ) { - $sql .= ' AND Username=? AND Password=?'; - } else { - $sql .= ' AND Username=? AND Password=password(?)'; + // coming here means we need to authenticate the user + // if captcha existed, it was passed + + $sql = 'SELECT * FROM Users WHERE Enabled=1 AND Username = ?'; + $sql_values = array($username); + + // First retrieve the stored password + // and move password hashing to application space + + $saved_user_details = dbFetchOne($sql, NULL, $sql_values); + $password_correct = false; + $password_type = NULL; + + if ( $saved_user_details ) { + + // if the API layer asked us to login, make sure the user + // has API enabled (admin may have banned API for this user) + + if ( $from_api_layer ) { + if ( $saved_user_details['APIEnabled'] != 1 ) { + ZM\Error("API disabled for: $username"); + $_SESSION['loginFailed'] = true; + unset($user); + return false; + } + } + + $saved_password = $saved_user_details['Password']; + if ( $saved_password[0] == '*' ) { + // We assume we don't need to support mysql < 4.1 + // Starting MY SQL 4.1, mysql concats a '*' in front of its password hash + // https://blog.pythian.com/hashing-algorithm-in-mysql-password-2/ + ZM\Logger::Debug('Saved password is using MYSQL password function'); + $input_password_hash = '*'.strtoupper(sha1(sha1($password, true))); + $password_correct = ($saved_password == $input_password_hash); + $password_type = 'mysql'; + + } else if ( preg_match('/^\$2[ayb]\$.+$/', $saved_password) ) { + ZM\Logger::Debug('bcrypt signature found, assumed bcrypt password'); + $password_type = 'bcrypt'; + $password_correct = $passwordHashed ? ($password == $saved_password) : password_verify($password, $saved_password); + } + // zmupdate.pl adds a '-ZM-' prefix to overlay encrypted passwords + // this is done so that we don't spend cycles doing two bcrypt password_verify calls + // for every wrong password entered. This will only be invoked for passwords zmupdate.pl has + // overlay hashed + else if ( substr($saved_password, 0,4) == '-ZM-' ) { + ZM\Logger::Debug("Detected bcrypt overlay hashing for $username"); + $bcrypt_hash = substr($saved_password, 4); + $mysql_encoded_password = '*'.strtoupper(sha1(sha1($password, true))); + ZM\Logger::Debug("Comparing password $mysql_encoded_password to bcrypt hash: $bcrypt_hash"); + $password_correct = password_verify($mysql_encoded_password, $bcrypt_hash); + $password_type = 'mysql'; // so we can migrate later down + } else { + // we really should nag the user not to use plain + ZM\Warning ('assuming plain text password as signature is not known. Please do not use plain, it is very insecure'); + $password_type = 'plain'; + $password_correct = ($saved_password == $password); } - $sql_values = array($username, $password); } else { - $sql .= ' AND Username=?'; - $sql_values = array($username); + ZM\Error("Could not retrieve user $username details"); + $_SESSION['loginFailed'] = true; + unset($user); + return false; } + $close_session = 0; if ( !is_session_started() ) { session_start(); $close_session = 1; } $_SESSION['remoteAddr'] = $_SERVER['REMOTE_ADDR']; // To help prevent session hijacking - if ( $dbUser = dbFetchOne($sql, NULL, $sql_values) ) { + + if ( $password_correct ) { ZM\Info("Login successful for user \"$username\""); - $user = $dbUser; + $user = $saved_user_details; + if ( $password_type == 'mysql' ) { + ZM\Info('Migrating password, if possible for future logins'); + migrateHash($username, $password); + } unset($_SESSION['loginFailed']); if ( ZM_AUTH_TYPE == 'builtin' ) { $_SESSION['passwordHash'] = $user['Password']; @@ -113,7 +198,72 @@ function userLogout() { zm_session_clear(); } -function getAuthUser($auth) { + +function validateToken ($token, $allowed_token_type='access', $from_api_layer=false) { + + + global $user; + $key = ZM_AUTH_HASH_SECRET; + //if (ZM_AUTH_HASH_IPS) $key .= $_SERVER['REMOTE_ADDR']; + try { + $decoded_token = JWT::decode($token, $key, array('HS256')); + } catch (Exception $e) { + ZM\Error("Unable to authenticate user. error decoding JWT token:".$e->getMessage()); + + return array(false, $e->getMessage()); + } + + // convert from stdclass to array + $jwt_payload = json_decode(json_encode($decoded_token), true); + + $type = $jwt_payload['type']; + if ( $type != $allowed_token_type ) { + if ( $allowed_token_type == 'access' ) { + // give a hint that the user is not doing it right + ZM\Error('Please do not use refresh tokens for this operation'); + } + return array (false, 'Incorrect token type'); + } + + $username = $jwt_payload['user']; + $sql = 'SELECT * FROM Users WHERE Enabled=1 AND Username = ?'; + $sql_values = array($username); + + $saved_user_details = dbFetchOne($sql, NULL, $sql_values); + + if ( $saved_user_details ) { + + if ($from_api_layer && $saved_user_details['APIEnabled'] == 0) { + // if from_api_layer is true, an additional check will be done + // to make sure APIs are enabled for this user. This is a good place + // to do it, since we are doing a DB dip here. + ZM\Error ("API is disabled for \"$username\""); + unset($user); + return array(false, 'API is disabled for user'); + + } + + $issuedAt = $jwt_payload['iat']; + $minIssuedAt = $saved_user_details['TokenMinExpiry']; + + if ( $issuedAt < $minIssuedAt ) { + ZM\Error("Token revoked for $username. Please generate a new token"); + $_SESSION['loginFailed'] = true; + unset($user); + return array(false, 'Token revoked. Please re-generate'); + } + + $user = $saved_user_details; + return array($user, 'OK'); + } else { + ZM\Error("Could not retrieve user $username details"); + $_SESSION['loginFailed'] = true; + unset($user); + return array(false, 'No such user/credentials'); + } +} // end function validateToken($token, $allowed_token_type='access') + +function getAuthUser($auth, $from_api_layer = false) { if ( ZM_OPT_USE_AUTH && ZM_AUTH_RELAY == 'hashed' && !empty($auth) ) { $remoteAddr = ''; if ( ZM_AUTH_HASH_IPS ) { @@ -134,7 +284,8 @@ function getAuthUser($auth) { $sql = 'SELECT * FROM Users WHERE Enabled = 1'; } - foreach ( dbFetchAll($sql, NULL, $values) as $user ) { + foreach ( dbFetchAll($sql, NULL, $values) as $user ) + { $now = time(); for ( $i = 0; $i < ZM_AUTH_HASH_TTL; $i++, $now -= ZM_AUTH_HASH_TTL * 1800 ) { // Try for last two hours $time = localtime($now); @@ -142,7 +293,18 @@ function getAuthUser($auth) { $authHash = md5($authKey); if ( $auth == $authHash ) { - return $user; + if ($from_api_layer && $user['APIEnabled'] == 0) { + // if from_api_layer is true, an additional check will be done + // to make sure APIs are enabled for this user. This is a good place + // to do it, since we are doing a DB dip here. + ZM\Error ("API is disabled for \"".$user['Username']."\""); + unset($user); + return array(false, 'API is disabled for user'); + + } + else { + return $user; + } } } // end foreach hour } // end foreach user @@ -153,8 +315,9 @@ function getAuthUser($auth) { function generateAuthHash($useRemoteAddr, $force=false) { if ( ZM_OPT_USE_AUTH and ZM_AUTH_RELAY == 'hashed' and isset($_SESSION['username']) and $_SESSION['passwordHash'] ) { - # regenerate a hash at half the liftetime of a hash, an hour is 3600 so half is 1800 $time = time(); + + $mintime = $time - ( ZM_AUTH_HASH_TTL * 1800 ); if ( $force or ( !isset($_SESSION['AuthHash'.$_SESSION['remoteAddr']]) ) or ( $_SESSION['AuthHashGeneratedAt'] < $mintime ) ) { @@ -216,9 +379,15 @@ if ( ZM_OPT_USE_AUTH ) { } if ( isset($_SESSION['username']) ) { - # Need to refresh permissions and validate that the user still exists - $sql = 'SELECT * FROM Users WHERE Enabled=1 AND Username=?'; - $user = dbFetchOne($sql, NULL, array($_SESSION['username'])); + if ( ZM_AUTH_HASH_LOGINS ) { + # Extra validation, if logged in, then the auth hash will be set in the session, so we can validate it. + # This prevent session modification to switch users + $user = getAuthUser($_SESSION['AuthHash'.$_SESSION['remoteAddr']]); + } else { + # Need to refresh permissions and validate that the user still exists + $sql = 'SELECT * FROM Users WHERE Enabled=1 AND Username=?'; + $user = dbFetchOne($sql, NULL, array($_SESSION['username'])); + } } if ( ZM_AUTH_RELAY == 'plain' ) { @@ -234,6 +403,14 @@ if ( ZM_OPT_USE_AUTH ) { } else if ( isset($_REQUEST['username']) and isset($_REQUEST['password']) ) { userLogin($_REQUEST['username'], $_REQUEST['password'], false); } + + if (empty($user) && !empty($_REQUEST['token']) ) { + + $ret = validateToken($_REQUEST['token'], 'access'); + $user = $ret[0]; + } + + if ( !empty($user) ) { // generate it once here, while session is open. Value will be cached in session and return when called later on generateAuthHash(ZM_AUTH_HASH_IPS); diff --git a/web/lang/en_gb.php b/web/lang/en_gb.php index 72d6de8ab..1fdd112e0 100644 --- a/web/lang/en_gb.php +++ b/web/lang/en_gb.php @@ -102,8 +102,10 @@ $SLANG = array( 'AlarmRGBUnset' => 'You must set an alarm RGB colour', 'Alert' => 'Alert', 'All' => 'All', + 'AllTokensRevoked' => 'All Tokens Revoked', 'AnalysisFPS' => 'Analysis FPS', 'AnalysisUpdateDelay' => 'Analysis Update Delay', + 'API' => 'API', 'Apply' => 'Apply', 'ApplyingStateChange' => 'Applying State Change', 'ArchArchived' => 'Archived Only', @@ -420,6 +422,7 @@ $SLANG = array( 'Images' => 'Images', 'Include' => 'Include', 'In' => 'In', + 'InvalidateTokens' => 'Invalidate all generated tokens', 'Inverted' => 'Inverted', 'Iris' => 'Iris', 'KeyString' => 'Key String', @@ -658,6 +661,7 @@ $SLANG = array( 'RestrictedMonitors' => 'Restricted Monitors', 'ReturnDelay' => 'Return Delay', 'ReturnLocation' => 'Return Location', + 'RevokeAllTokens' => 'Revoke All Tokens', 'Rewind' => 'Rewind', 'RotateLeft' => 'Rotate Left', 'RotateRight' => 'Rotate Right', diff --git a/web/skins/classic/css/base/skin.css b/web/skins/classic/css/base/skin.css index 069952d40..99692bff6 100644 --- a/web/skins/classic/css/base/skin.css +++ b/web/skins/classic/css/base/skin.css @@ -350,10 +350,53 @@ fieldset > legend { .alert, .warnText, .warning, .disabledText { color: #ffa801; } + + .alarm, .errorText, .error { color: #ff3f34; } +.timedErrorBox { + color:white; + background:#e74c3c; + border-radius:5px; + padding:5px; + -moz-animation: inAndOut 5s ease-in forwards; + -webkit-animation: inAndOut 5s ease-in forwards; + animation: inAndOut 5s ease-in forwards; +} + +/* + the timed classed auto disappear after 5s +*/ +.timedWarningBox { + color:white; + background:#e67e22; + border-radius:5px; + padding:5px; + -moz-animation: inAndOut 5s ease-in forwards; + -webkit-animation: inAndOut 5s ease-in forwards; + animation: inAndOut 5s ease-in forwards; +} + +.timedSuccessBox { + color:white; + background:#27ae60; + border-radius:5px; + padding:5px; + -moz-animation: inAndOut 5s ease-in forwards; + -webkit-animation: inAndOut 5s ease-in forwards; + animation: inAndOut 5s ease-in forwards; +} + +@keyframes inAndOut { + 0% {opacity:0;} + 10% {opacity:1;} + 90% {opacity:1;} + 100% {opacity:0;} +} + + .fakelink { color: #7f7fb2; cursor: pointer; diff --git a/web/skins/classic/views/options.php b/web/skins/classic/views/options.php index f7440d92e..b0ac2af1b 100644 --- a/web/skins/classic/views/options.php +++ b/web/skins/classic/views/options.php @@ -29,6 +29,7 @@ $tabs = array(); $tabs['skins'] = translate('Display'); $tabs['system'] = translate('System'); $tabs['config'] = translate('Config'); +$tabs['API'] = translate('API'); $tabs['servers'] = translate('Servers'); $tabs['storage'] = translate('Storage'); $tabs['web'] = translate('Web'); @@ -133,7 +134,8 @@ foreach ( array_map('basename', glob('skins/'.$current_skin.'/css/*',GLOB_ONLYDI -
@@ -309,8 +311,87 @@ foreach ( array_map('basename', glob('skins/'.$current_skin.'/css/*',GLOB_ONLYDI
-APIs are disabled. To enable, please turn on OPT_USE_API in Options->System"; + } + else { + ?> + +
+
+ + ".translate('AllTokensRevoked').""; + } + + function updateSelected() + { + dbQuery("UPDATE Users SET APIEnabled=0"); + foreach( $_REQUEST["tokenUids"] as $markUid ) { + $minTime = time(); + dbQuery('UPDATE Users SET TokenMinExpiry=? WHERE Id=?', array($minTime, $markUid)); + } + foreach( $_REQUEST["apiUids"] as $markUid ) { + dbQuery('UPDATE Users SET APIEnabled=1 WHERE Id=?', array($markUid)); + + } + echo "".translate('Updated').""; + } + + if(array_key_exists('revokeAllTokens',$_POST)){ + revokeAllTokens(); + } + + if(array_key_exists('updateSelected',$_POST)){ + updateSelected(); + } + ?> + + +

+ + + + + + + + + + + + + + + + + + + + +
/>
+
+ + + +
@@ -431,6 +513,8 @@ foreach ( array_map('basename', glob('skins/'.$current_skin.'/css/*',GLOB_ONLYDI } ?> + + diff --git a/web/vendor/autoload.php b/web/vendor/autoload.php new file mode 100644 index 000000000..034205792 --- /dev/null +++ b/web/vendor/autoload.php @@ -0,0 +1,7 @@ + + * Jordi Boggiano + * + * For the full copyright and license information, please view the LICENSE + * file that was distributed with this source code. + */ + +namespace Composer\Autoload; + +/** + * ClassLoader implements a PSR-0, PSR-4 and classmap class loader. + * + * $loader = new \Composer\Autoload\ClassLoader(); + * + * // register classes with namespaces + * $loader->add('Symfony\Component', __DIR__.'/component'); + * $loader->add('Symfony', __DIR__.'/framework'); + * + * // activate the autoloader + * $loader->register(); + * + * // to enable searching the include path (eg. for PEAR packages) + * $loader->setUseIncludePath(true); + * + * In this example, if you try to use a class in the Symfony\Component + * namespace or one of its children (Symfony\Component\Console for instance), + * the autoloader will first look for the class under the component/ + * directory, and it will then fallback to the framework/ directory if not + * found before giving up. + * + * This class is loosely based on the Symfony UniversalClassLoader. + * + * @author Fabien Potencier + * @author Jordi Boggiano + * @see http://www.php-fig.org/psr/psr-0/ + * @see http://www.php-fig.org/psr/psr-4/ + */ +class ClassLoader +{ + // PSR-4 + private $prefixLengthsPsr4 = array(); + private $prefixDirsPsr4 = array(); + private $fallbackDirsPsr4 = array(); + + // PSR-0 + private $prefixesPsr0 = array(); + private $fallbackDirsPsr0 = array(); + + private $useIncludePath = false; + private $classMap = array(); + private $classMapAuthoritative = false; + private $missingClasses = array(); + private $apcuPrefix; + + public function getPrefixes() + { + if (!empty($this->prefixesPsr0)) { + return call_user_func_array('array_merge', $this->prefixesPsr0); + } + + return array(); + } + + public function getPrefixesPsr4() + { + return $this->prefixDirsPsr4; + } + + public function getFallbackDirs() + { + return $this->fallbackDirsPsr0; + } + + public function getFallbackDirsPsr4() + { + return $this->fallbackDirsPsr4; + } + + public function getClassMap() + { + return $this->classMap; + } + + /** + * @param array $classMap Class to filename map + */ + public function addClassMap(array $classMap) + { + if ($this->classMap) { + $this->classMap = array_merge($this->classMap, $classMap); + } else { + $this->classMap = $classMap; + } + } + + /** + * Registers a set of PSR-0 directories for a given prefix, either + * appending or prepending to the ones previously set for this prefix. + * + * @param string $prefix The prefix + * @param array|string $paths The PSR-0 root directories + * @param bool $prepend Whether to prepend the directories + */ + public function add($prefix, $paths, $prepend = false) + { + if (!$prefix) { + if ($prepend) { + $this->fallbackDirsPsr0 = array_merge( + (array) $paths, + $this->fallbackDirsPsr0 + ); + } else { + $this->fallbackDirsPsr0 = array_merge( + $this->fallbackDirsPsr0, + (array) $paths + ); + } + + return; + } + + $first = $prefix[0]; + if (!isset($this->prefixesPsr0[$first][$prefix])) { + $this->prefixesPsr0[$first][$prefix] = (array) $paths; + + return; + } + if ($prepend) { + $this->prefixesPsr0[$first][$prefix] = array_merge( + (array) $paths, + $this->prefixesPsr0[$first][$prefix] + ); + } else { + $this->prefixesPsr0[$first][$prefix] = array_merge( + $this->prefixesPsr0[$first][$prefix], + (array) $paths + ); + } + } + + /** + * Registers a set of PSR-4 directories for a given namespace, either + * appending or prepending to the ones previously set for this namespace. + * + * @param string $prefix The prefix/namespace, with trailing '\\' + * @param array|string $paths The PSR-4 base directories + * @param bool $prepend Whether to prepend the directories + * + * @throws \InvalidArgumentException + */ + public function addPsr4($prefix, $paths, $prepend = false) + { + if (!$prefix) { + // Register directories for the root namespace. + if ($prepend) { + $this->fallbackDirsPsr4 = array_merge( + (array) $paths, + $this->fallbackDirsPsr4 + ); + } else { + $this->fallbackDirsPsr4 = array_merge( + $this->fallbackDirsPsr4, + (array) $paths + ); + } + } elseif (!isset($this->prefixDirsPsr4[$prefix])) { + // Register directories for a new namespace. + $length = strlen($prefix); + if ('\\' !== $prefix[$length - 1]) { + throw new \InvalidArgumentException("A non-empty PSR-4 prefix must end with a namespace separator."); + } + $this->prefixLengthsPsr4[$prefix[0]][$prefix] = $length; + $this->prefixDirsPsr4[$prefix] = (array) $paths; + } elseif ($prepend) { + // Prepend directories for an already registered namespace. + $this->prefixDirsPsr4[$prefix] = array_merge( + (array) $paths, + $this->prefixDirsPsr4[$prefix] + ); + } else { + // Append directories for an already registered namespace. + $this->prefixDirsPsr4[$prefix] = array_merge( + $this->prefixDirsPsr4[$prefix], + (array) $paths + ); + } + } + + /** + * Registers a set of PSR-0 directories for a given prefix, + * replacing any others previously set for this prefix. + * + * @param string $prefix The prefix + * @param array|string $paths The PSR-0 base directories + */ + public function set($prefix, $paths) + { + if (!$prefix) { + $this->fallbackDirsPsr0 = (array) $paths; + } else { + $this->prefixesPsr0[$prefix[0]][$prefix] = (array) $paths; + } + } + + /** + * Registers a set of PSR-4 directories for a given namespace, + * replacing any others previously set for this namespace. + * + * @param string $prefix The prefix/namespace, with trailing '\\' + * @param array|string $paths The PSR-4 base directories + * + * @throws \InvalidArgumentException + */ + public function setPsr4($prefix, $paths) + { + if (!$prefix) { + $this->fallbackDirsPsr4 = (array) $paths; + } else { + $length = strlen($prefix); + if ('\\' !== $prefix[$length - 1]) { + throw new \InvalidArgumentException("A non-empty PSR-4 prefix must end with a namespace separator."); + } + $this->prefixLengthsPsr4[$prefix[0]][$prefix] = $length; + $this->prefixDirsPsr4[$prefix] = (array) $paths; + } + } + + /** + * Turns on searching the include path for class files. + * + * @param bool $useIncludePath + */ + public function setUseIncludePath($useIncludePath) + { + $this->useIncludePath = $useIncludePath; + } + + /** + * Can be used to check if the autoloader uses the include path to check + * for classes. + * + * @return bool + */ + public function getUseIncludePath() + { + return $this->useIncludePath; + } + + /** + * Turns off searching the prefix and fallback directories for classes + * that have not been registered with the class map. + * + * @param bool $classMapAuthoritative + */ + public function setClassMapAuthoritative($classMapAuthoritative) + { + $this->classMapAuthoritative = $classMapAuthoritative; + } + + /** + * Should class lookup fail if not found in the current class map? + * + * @return bool + */ + public function isClassMapAuthoritative() + { + return $this->classMapAuthoritative; + } + + /** + * APCu prefix to use to cache found/not-found classes, if the extension is enabled. + * + * @param string|null $apcuPrefix + */ + public function setApcuPrefix($apcuPrefix) + { + $this->apcuPrefix = function_exists('apcu_fetch') && ini_get('apc.enabled') ? $apcuPrefix : null; + } + + /** + * The APCu prefix in use, or null if APCu caching is not enabled. + * + * @return string|null + */ + public function getApcuPrefix() + { + return $this->apcuPrefix; + } + + /** + * Registers this instance as an autoloader. + * + * @param bool $prepend Whether to prepend the autoloader or not + */ + public function register($prepend = false) + { + spl_autoload_register(array($this, 'loadClass'), true, $prepend); + } + + /** + * Unregisters this instance as an autoloader. + */ + public function unregister() + { + spl_autoload_unregister(array($this, 'loadClass')); + } + + /** + * Loads the given class or interface. + * + * @param string $class The name of the class + * @return bool|null True if loaded, null otherwise + */ + public function loadClass($class) + { + if ($file = $this->findFile($class)) { + includeFile($file); + + return true; + } + } + + /** + * Finds the path to the file where the class is defined. + * + * @param string $class The name of the class + * + * @return string|false The path if found, false otherwise + */ + public function findFile($class) + { + // class map lookup + if (isset($this->classMap[$class])) { + return $this->classMap[$class]; + } + if ($this->classMapAuthoritative || isset($this->missingClasses[$class])) { + return false; + } + if (null !== $this->apcuPrefix) { + $file = apcu_fetch($this->apcuPrefix.$class, $hit); + if ($hit) { + return $file; + } + } + + $file = $this->findFileWithExtension($class, '.php'); + + // Search for Hack files if we are running on HHVM + if (false === $file && defined('HHVM_VERSION')) { + $file = $this->findFileWithExtension($class, '.hh'); + } + + if (null !== $this->apcuPrefix) { + apcu_add($this->apcuPrefix.$class, $file); + } + + if (false === $file) { + // Remember that this class does not exist. + $this->missingClasses[$class] = true; + } + + return $file; + } + + private function findFileWithExtension($class, $ext) + { + // PSR-4 lookup + $logicalPathPsr4 = strtr($class, '\\', DIRECTORY_SEPARATOR) . $ext; + + $first = $class[0]; + if (isset($this->prefixLengthsPsr4[$first])) { + $subPath = $class; + while (false !== $lastPos = strrpos($subPath, '\\')) { + $subPath = substr($subPath, 0, $lastPos); + $search = $subPath.'\\'; + if (isset($this->prefixDirsPsr4[$search])) { + $pathEnd = DIRECTORY_SEPARATOR . substr($logicalPathPsr4, $lastPos + 1); + foreach ($this->prefixDirsPsr4[$search] as $dir) { + if (file_exists($file = $dir . $pathEnd)) { + return $file; + } + } + } + } + } + + // PSR-4 fallback dirs + foreach ($this->fallbackDirsPsr4 as $dir) { + if (file_exists($file = $dir . DIRECTORY_SEPARATOR . $logicalPathPsr4)) { + return $file; + } + } + + // PSR-0 lookup + if (false !== $pos = strrpos($class, '\\')) { + // namespaced class name + $logicalPathPsr0 = substr($logicalPathPsr4, 0, $pos + 1) + . strtr(substr($logicalPathPsr4, $pos + 1), '_', DIRECTORY_SEPARATOR); + } else { + // PEAR-like class name + $logicalPathPsr0 = strtr($class, '_', DIRECTORY_SEPARATOR) . $ext; + } + + if (isset($this->prefixesPsr0[$first])) { + foreach ($this->prefixesPsr0[$first] as $prefix => $dirs) { + if (0 === strpos($class, $prefix)) { + foreach ($dirs as $dir) { + if (file_exists($file = $dir . DIRECTORY_SEPARATOR . $logicalPathPsr0)) { + return $file; + } + } + } + } + } + + // PSR-0 fallback dirs + foreach ($this->fallbackDirsPsr0 as $dir) { + if (file_exists($file = $dir . DIRECTORY_SEPARATOR . $logicalPathPsr0)) { + return $file; + } + } + + // PSR-0 include paths. + if ($this->useIncludePath && $file = stream_resolve_include_path($logicalPathPsr0)) { + return $file; + } + + return false; + } +} + +/** + * Scope isolated include. + * + * Prevents access to $this/self from included files. + */ +function includeFile($file) +{ + include $file; +} diff --git a/web/vendor/composer/LICENSE b/web/vendor/composer/LICENSE new file mode 100644 index 000000000..f0157a6ed --- /dev/null +++ b/web/vendor/composer/LICENSE @@ -0,0 +1,56 @@ +Format: http://www.debian.org/doc/packaging-manuals/copyright-format/1.0/ +Upstream-Name: Composer +Upstream-Contact: Jordi Boggiano +Source: https://github.com/composer/composer + +Files: * +Copyright: 2016, Nils Adermann + 2016, Jordi Boggiano +License: Expat + +Files: src/Composer/Util/TlsHelper.php +Copyright: 2016, Nils Adermann + 2016, Jordi Boggiano + 2013, Evan Coury +License: Expat and BSD-2-Clause + +License: BSD-2-Clause + Redistribution and use in source and binary forms, with or without modification, + are permitted provided that the following conditions are met: + . + * Redistributions of source code must retain the above copyright notice, + this list of conditions and the following disclaimer. + . + * Redistributions in binary form must reproduce the above copyright notice, + this list of conditions and the following disclaimer in the documentation + and/or other materials provided with the distribution. + . + THIS SOFTWARE IS PROVIDED BY THE COPYRIGHT HOLDERS AND CONTRIBUTORS "AS IS" AND + ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE IMPLIED + WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE ARE + DISCLAIMED. IN NO EVENT SHALL THE COPYRIGHT OWNER OR CONTRIBUTORS BE LIABLE FOR + ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES + (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES; + LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) HOWEVER CAUSED AND ON + ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT LIABILITY, OR TORT + (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY OUT OF THE USE OF THIS + SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF SUCH DAMAGE. + +License: Expat + Permission is hereby granted, free of charge, to any person obtaining a copy + of this software and associated documentation files (the "Software"), to deal + in the Software without restriction, including without limitation the rights + to use, copy, modify, merge, publish, distribute, sublicense, and/or sell + copies of the Software, and to permit persons to whom the Software is furnished + to do so, subject to the following conditions: + . + The above copyright notice and this permission notice shall be included in all + copies or substantial portions of the Software. + . + THE SOFTWARE IS PROVIDED "AS IS", WITHOUT WARRANTY OF ANY KIND, EXPRESS OR + IMPLIED, INCLUDING BUT NOT LIMITED TO THE WARRANTIES OF MERCHANTABILITY, + FITNESS FOR A PARTICULAR PURPOSE AND NONINFRINGEMENT. IN NO EVENT SHALL THE + AUTHORS OR COPYRIGHT HOLDERS BE LIABLE FOR ANY CLAIM, DAMAGES OR OTHER + LIABILITY, WHETHER IN AN ACTION OF CONTRACT, TORT OR OTHERWISE, ARISING FROM, + OUT OF OR IN CONNECTION WITH THE SOFTWARE OR THE USE OR OTHER DEALINGS IN + THE SOFTWARE. diff --git a/web/vendor/composer/autoload_classmap.php b/web/vendor/composer/autoload_classmap.php new file mode 100644 index 000000000..7a91153b0 --- /dev/null +++ b/web/vendor/composer/autoload_classmap.php @@ -0,0 +1,9 @@ + $vendorDir . '/ircmaxell/password-compat/lib/password.php', +); diff --git a/web/vendor/composer/autoload_namespaces.php b/web/vendor/composer/autoload_namespaces.php new file mode 100644 index 000000000..b7fc0125d --- /dev/null +++ b/web/vendor/composer/autoload_namespaces.php @@ -0,0 +1,9 @@ + array($vendorDir . '/firebase/php-jwt/src'), +); diff --git a/web/vendor/composer/autoload_real.php b/web/vendor/composer/autoload_real.php new file mode 100644 index 000000000..6d63dc4f7 --- /dev/null +++ b/web/vendor/composer/autoload_real.php @@ -0,0 +1,70 @@ += 50600 && !defined('HHVM_VERSION') && (!function_exists('zend_loader_file_encoded') || !zend_loader_file_encoded()); + if ($useStaticLoader) { + require_once __DIR__ . '/autoload_static.php'; + + call_user_func(\Composer\Autoload\ComposerStaticInit254e25e69fe049d603f41f5fd853ef2b::getInitializer($loader)); + } else { + $map = require __DIR__ . '/autoload_namespaces.php'; + foreach ($map as $namespace => $path) { + $loader->set($namespace, $path); + } + + $map = require __DIR__ . '/autoload_psr4.php'; + foreach ($map as $namespace => $path) { + $loader->setPsr4($namespace, $path); + } + + $classMap = require __DIR__ . '/autoload_classmap.php'; + if ($classMap) { + $loader->addClassMap($classMap); + } + } + + $loader->register(true); + + if ($useStaticLoader) { + $includeFiles = Composer\Autoload\ComposerStaticInit254e25e69fe049d603f41f5fd853ef2b::$files; + } else { + $includeFiles = require __DIR__ . '/autoload_files.php'; + } + foreach ($includeFiles as $fileIdentifier => $file) { + composerRequire254e25e69fe049d603f41f5fd853ef2b($fileIdentifier, $file); + } + + return $loader; + } +} + +function composerRequire254e25e69fe049d603f41f5fd853ef2b($fileIdentifier, $file) +{ + if (empty($GLOBALS['__composer_autoload_files'][$fileIdentifier])) { + require $file; + + $GLOBALS['__composer_autoload_files'][$fileIdentifier] = true; + } +} diff --git a/web/vendor/composer/autoload_static.php b/web/vendor/composer/autoload_static.php new file mode 100644 index 000000000..980a5a0d7 --- /dev/null +++ b/web/vendor/composer/autoload_static.php @@ -0,0 +1,35 @@ + __DIR__ . '/..' . '/ircmaxell/password-compat/lib/password.php', + ); + + public static $prefixLengthsPsr4 = array ( + 'F' => + array ( + 'Firebase\\JWT\\' => 13, + ), + ); + + public static $prefixDirsPsr4 = array ( + 'Firebase\\JWT\\' => + array ( + 0 => __DIR__ . '/..' . '/firebase/php-jwt/src', + ), + ); + + public static function getInitializer(ClassLoader $loader) + { + return \Closure::bind(function () use ($loader) { + $loader->prefixLengthsPsr4 = ComposerStaticInit254e25e69fe049d603f41f5fd853ef2b::$prefixLengthsPsr4; + $loader->prefixDirsPsr4 = ComposerStaticInit254e25e69fe049d603f41f5fd853ef2b::$prefixDirsPsr4; + + }, null, ClassLoader::class); + } +} diff --git a/web/vendor/composer/installed.json b/web/vendor/composer/installed.json new file mode 100644 index 000000000..0e2ed23cf --- /dev/null +++ b/web/vendor/composer/installed.json @@ -0,0 +1,94 @@ +[ + { + "name": "firebase/php-jwt", + "version": "v5.0.0", + "version_normalized": "5.0.0.0", + "source": { + "type": "git", + "url": "https://github.com/firebase/php-jwt.git", + "reference": "9984a4d3a32ae7673d6971ea00bae9d0a1abba0e" + }, + "dist": { + "type": "zip", + "url": "https://api.github.com/repos/firebase/php-jwt/zipball/9984a4d3a32ae7673d6971ea00bae9d0a1abba0e", + "reference": "9984a4d3a32ae7673d6971ea00bae9d0a1abba0e", + "shasum": "" + }, + "require": { + "php": ">=5.3.0" + }, + "require-dev": { + "phpunit/phpunit": " 4.8.35" + }, + "time": "2017-06-27T22:17:23+00:00", + "type": "library", + "installation-source": "dist", + "autoload": { + "psr-4": { + "Firebase\\JWT\\": "src" + } + }, + "notification-url": "https://packagist.org/downloads/", + "license": [ + "BSD-3-Clause" + ], + "authors": [ + { + "name": "Neuman Vong", + "email": "neuman+pear@twilio.com", + "role": "Developer" + }, + { + "name": "Anant Narayanan", + "email": "anant@php.net", + "role": "Developer" + } + ], + "description": "A simple library to encode and decode JSON Web Tokens (JWT) in PHP. Should conform to the current spec.", + "homepage": "https://github.com/firebase/php-jwt" + }, + { + "name": "ircmaxell/password-compat", + "version": "v1.0.4", + "version_normalized": "1.0.4.0", + "source": { + "type": "git", + "url": "https://github.com/ircmaxell/password_compat.git", + "reference": "5c5cde8822a69545767f7c7f3058cb15ff84614c" + }, + "dist": { + "type": "zip", + "url": "https://api.github.com/repos/ircmaxell/password_compat/zipball/5c5cde8822a69545767f7c7f3058cb15ff84614c", + "reference": "5c5cde8822a69545767f7c7f3058cb15ff84614c", + "shasum": "" + }, + "require-dev": { + "phpunit/phpunit": "4.*" + }, + "time": "2014-11-20T16:49:30+00:00", + "type": "library", + "installation-source": "dist", + "autoload": { + "files": [ + "lib/password.php" + ] + }, + "notification-url": "https://packagist.org/downloads/", + "license": [ + "MIT" + ], + "authors": [ + { + "name": "Anthony Ferrara", + "email": "ircmaxell@php.net", + "homepage": "http://blog.ircmaxell.com" + } + ], + "description": "A compatibility library for the proposed simplified password hashing algorithm: https://wiki.php.net/rfc/password_hash", + "homepage": "https://github.com/ircmaxell/password_compat", + "keywords": [ + "hashing", + "password" + ] + } +] diff --git a/web/vendor/firebase/php-jwt/LICENSE b/web/vendor/firebase/php-jwt/LICENSE new file mode 100644 index 000000000..cb0c49b33 --- /dev/null +++ b/web/vendor/firebase/php-jwt/LICENSE @@ -0,0 +1,30 @@ +Copyright (c) 2011, Neuman Vong + +All rights reserved. + +Redistribution and use in source and binary forms, with or without +modification, are permitted provided that the following conditions are met: + + * Redistributions of source code must retain the above copyright + notice, this list of conditions and the following disclaimer. + + * Redistributions in binary form must reproduce the above + copyright notice, this list of conditions and the following + disclaimer in the documentation and/or other materials provided + with the distribution. + + * Neither the name of Neuman Vong nor the names of other + contributors may be used to endorse or promote products derived + from this software without specific prior written permission. + +THIS SOFTWARE IS PROVIDED BY THE COPYRIGHT HOLDERS AND CONTRIBUTORS +"AS IS" AND ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT +LIMITED TO, THE IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR +A PARTICULAR PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL THE COPYRIGHT +OWNER OR CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL, +SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT NOT +LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES; LOSS OF USE, +DATA, OR PROFITS; OR BUSINESS INTERRUPTION) HOWEVER CAUSED AND ON ANY +THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT LIABILITY, OR TORT +(INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY OUT OF THE USE +OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF SUCH DAMAGE. diff --git a/web/vendor/firebase/php-jwt/README.md b/web/vendor/firebase/php-jwt/README.md new file mode 100644 index 000000000..b1a7a3a20 --- /dev/null +++ b/web/vendor/firebase/php-jwt/README.md @@ -0,0 +1,200 @@ +[![Build Status](https://travis-ci.org/firebase/php-jwt.png?branch=master)](https://travis-ci.org/firebase/php-jwt) +[![Latest Stable Version](https://poser.pugx.org/firebase/php-jwt/v/stable)](https://packagist.org/packages/firebase/php-jwt) +[![Total Downloads](https://poser.pugx.org/firebase/php-jwt/downloads)](https://packagist.org/packages/firebase/php-jwt) +[![License](https://poser.pugx.org/firebase/php-jwt/license)](https://packagist.org/packages/firebase/php-jwt) + +PHP-JWT +======= +A simple library to encode and decode JSON Web Tokens (JWT) in PHP, conforming to [RFC 7519](https://tools.ietf.org/html/rfc7519). + +Installation +------------ + +Use composer to manage your dependencies and download PHP-JWT: + +```bash +composer require firebase/php-jwt +``` + +Example +------- +```php + "http://example.org", + "aud" => "http://example.com", + "iat" => 1356999524, + "nbf" => 1357000000 +); + +/** + * IMPORTANT: + * You must specify supported algorithms for your application. See + * https://tools.ietf.org/html/draft-ietf-jose-json-web-algorithms-40 + * for a list of spec-compliant algorithms. + */ +$jwt = JWT::encode($token, $key); +$decoded = JWT::decode($jwt, $key, array('HS256')); + +print_r($decoded); + +/* + NOTE: This will now be an object instead of an associative array. To get + an associative array, you will need to cast it as such: +*/ + +$decoded_array = (array) $decoded; + +/** + * You can add a leeway to account for when there is a clock skew times between + * the signing and verifying servers. It is recommended that this leeway should + * not be bigger than a few minutes. + * + * Source: http://self-issued.info/docs/draft-ietf-oauth-json-web-token.html#nbfDef + */ +JWT::$leeway = 60; // $leeway in seconds +$decoded = JWT::decode($jwt, $key, array('HS256')); + +?> +``` +Example with RS256 (openssl) +---------------------------- +```php + "example.org", + "aud" => "example.com", + "iat" => 1356999524, + "nbf" => 1357000000 +); + +$jwt = JWT::encode($token, $privateKey, 'RS256'); +echo "Encode:\n" . print_r($jwt, true) . "\n"; + +$decoded = JWT::decode($jwt, $publicKey, array('RS256')); + +/* + NOTE: This will now be an object instead of an associative array. To get + an associative array, you will need to cast it as such: +*/ + +$decoded_array = (array) $decoded; +echo "Decode:\n" . print_r($decoded_array, true) . "\n"; +?> +``` + +Changelog +--------- + +#### 5.0.0 / 2017-06-26 +- Support RS384 and RS512. + See [#117](https://github.com/firebase/php-jwt/pull/117). Thanks [@joostfaassen](https://github.com/joostfaassen)! +- Add an example for RS256 openssl. + See [#125](https://github.com/firebase/php-jwt/pull/125). Thanks [@akeeman](https://github.com/akeeman)! +- Detect invalid Base64 encoding in signature. + See [#162](https://github.com/firebase/php-jwt/pull/162). Thanks [@psignoret](https://github.com/psignoret)! +- Update `JWT::verify` to handle OpenSSL errors. + See [#159](https://github.com/firebase/php-jwt/pull/159). Thanks [@bshaffer](https://github.com/bshaffer)! +- Add `array` type hinting to `decode` method + See [#101](https://github.com/firebase/php-jwt/pull/101). Thanks [@hywak](https://github.com/hywak)! +- Add all JSON error types. + See [#110](https://github.com/firebase/php-jwt/pull/110). Thanks [@gbalduzzi](https://github.com/gbalduzzi)! +- Bugfix 'kid' not in given key list. + See [#129](https://github.com/firebase/php-jwt/pull/129). Thanks [@stampycode](https://github.com/stampycode)! +- Miscellaneous cleanup, documentation and test fixes. + See [#107](https://github.com/firebase/php-jwt/pull/107), [#115](https://github.com/firebase/php-jwt/pull/115), + [#160](https://github.com/firebase/php-jwt/pull/160), [#161](https://github.com/firebase/php-jwt/pull/161), and + [#165](https://github.com/firebase/php-jwt/pull/165). Thanks [@akeeman](https://github.com/akeeman), + [@chinedufn](https://github.com/chinedufn), and [@bshaffer](https://github.com/bshaffer)! + +#### 4.0.0 / 2016-07-17 +- Add support for late static binding. See [#88](https://github.com/firebase/php-jwt/pull/88) for details. Thanks to [@chappy84](https://github.com/chappy84)! +- Use static `$timestamp` instead of `time()` to improve unit testing. See [#93](https://github.com/firebase/php-jwt/pull/93) for details. Thanks to [@josephmcdermott](https://github.com/josephmcdermott)! +- Fixes to exceptions classes. See [#81](https://github.com/firebase/php-jwt/pull/81) for details. Thanks to [@Maks3w](https://github.com/Maks3w)! +- Fixes to PHPDoc. See [#76](https://github.com/firebase/php-jwt/pull/76) for details. Thanks to [@akeeman](https://github.com/akeeman)! + +#### 3.0.0 / 2015-07-22 +- Minimum PHP version updated from `5.2.0` to `5.3.0`. +- Add `\Firebase\JWT` namespace. See +[#59](https://github.com/firebase/php-jwt/pull/59) for details. Thanks to +[@Dashron](https://github.com/Dashron)! +- Require a non-empty key to decode and verify a JWT. See +[#60](https://github.com/firebase/php-jwt/pull/60) for details. Thanks to +[@sjones608](https://github.com/sjones608)! +- Cleaner documentation blocks in the code. See +[#62](https://github.com/firebase/php-jwt/pull/62) for details. Thanks to +[@johanderuijter](https://github.com/johanderuijter)! + +#### 2.2.0 / 2015-06-22 +- Add support for adding custom, optional JWT headers to `JWT::encode()`. See +[#53](https://github.com/firebase/php-jwt/pull/53/files) for details. Thanks to +[@mcocaro](https://github.com/mcocaro)! + +#### 2.1.0 / 2015-05-20 +- Add support for adding a leeway to `JWT:decode()` that accounts for clock skew +between signing and verifying entities. Thanks to [@lcabral](https://github.com/lcabral)! +- Add support for passing an object implementing the `ArrayAccess` interface for +`$keys` argument in `JWT::decode()`. Thanks to [@aztech-dev](https://github.com/aztech-dev)! + +#### 2.0.0 / 2015-04-01 +- **Note**: It is strongly recommended that you update to > v2.0.0 to address + known security vulnerabilities in prior versions when both symmetric and + asymmetric keys are used together. +- Update signature for `JWT::decode(...)` to require an array of supported + algorithms to use when verifying token signatures. + + +Tests +----- +Run the tests using phpunit: + +```bash +$ pear install PHPUnit +$ phpunit --configuration phpunit.xml.dist +PHPUnit 3.7.10 by Sebastian Bergmann. +..... +Time: 0 seconds, Memory: 2.50Mb +OK (5 tests, 5 assertions) +``` + +New Lines in private keys +----- + +If your private key contains `\n` characters, be sure to wrap it in double quotes `""` +and not single quotes `''` in order to properly interpret the escaped characters. + +License +------- +[3-Clause BSD](http://opensource.org/licenses/BSD-3-Clause). diff --git a/web/vendor/firebase/php-jwt/composer.json b/web/vendor/firebase/php-jwt/composer.json new file mode 100644 index 000000000..b76ffd191 --- /dev/null +++ b/web/vendor/firebase/php-jwt/composer.json @@ -0,0 +1,29 @@ +{ + "name": "firebase/php-jwt", + "description": "A simple library to encode and decode JSON Web Tokens (JWT) in PHP. Should conform to the current spec.", + "homepage": "https://github.com/firebase/php-jwt", + "authors": [ + { + "name": "Neuman Vong", + "email": "neuman+pear@twilio.com", + "role": "Developer" + }, + { + "name": "Anant Narayanan", + "email": "anant@php.net", + "role": "Developer" + } + ], + "license": "BSD-3-Clause", + "require": { + "php": ">=5.3.0" + }, + "autoload": { + "psr-4": { + "Firebase\\JWT\\": "src" + } + }, + "require-dev": { + "phpunit/phpunit": " 4.8.35" + } +} diff --git a/web/vendor/firebase/php-jwt/src/BeforeValidException.php b/web/vendor/firebase/php-jwt/src/BeforeValidException.php new file mode 100644 index 000000000..a6ee2f7c6 --- /dev/null +++ b/web/vendor/firebase/php-jwt/src/BeforeValidException.php @@ -0,0 +1,7 @@ + + * @author Anant Narayanan + * @license http://opensource.org/licenses/BSD-3-Clause 3-clause BSD + * @link https://github.com/firebase/php-jwt + */ +class JWT +{ + + /** + * When checking nbf, iat or expiration times, + * we want to provide some extra leeway time to + * account for clock skew. + */ + public static $leeway = 0; + + /** + * Allow the current timestamp to be specified. + * Useful for fixing a value within unit testing. + * + * Will default to PHP time() value if null. + */ + public static $timestamp = null; + + public static $supported_algs = array( + 'HS256' => array('hash_hmac', 'SHA256'), + 'HS512' => array('hash_hmac', 'SHA512'), + 'HS384' => array('hash_hmac', 'SHA384'), + 'RS256' => array('openssl', 'SHA256'), + 'RS384' => array('openssl', 'SHA384'), + 'RS512' => array('openssl', 'SHA512'), + ); + + /** + * Decodes a JWT string into a PHP object. + * + * @param string $jwt The JWT + * @param string|array $key The key, or map of keys. + * If the algorithm used is asymmetric, this is the public key + * @param array $allowed_algs List of supported verification algorithms + * Supported algorithms are 'HS256', 'HS384', 'HS512' and 'RS256' + * + * @return object The JWT's payload as a PHP object + * + * @throws UnexpectedValueException Provided JWT was invalid + * @throws SignatureInvalidException Provided JWT was invalid because the signature verification failed + * @throws BeforeValidException Provided JWT is trying to be used before it's eligible as defined by 'nbf' + * @throws BeforeValidException Provided JWT is trying to be used before it's been created as defined by 'iat' + * @throws ExpiredException Provided JWT has since expired, as defined by the 'exp' claim + * + * @uses jsonDecode + * @uses urlsafeB64Decode + */ + public static function decode($jwt, $key, array $allowed_algs = array()) + { + $timestamp = is_null(static::$timestamp) ? time() : static::$timestamp; + + if (empty($key)) { + throw new InvalidArgumentException('Key may not be empty'); + } + $tks = explode('.', $jwt); + if (count($tks) != 3) { + throw new UnexpectedValueException('Wrong number of segments'); + } + list($headb64, $bodyb64, $cryptob64) = $tks; + if (null === ($header = static::jsonDecode(static::urlsafeB64Decode($headb64)))) { + throw new UnexpectedValueException('Invalid header encoding'); + } + if (null === $payload = static::jsonDecode(static::urlsafeB64Decode($bodyb64))) { + throw new UnexpectedValueException('Invalid claims encoding'); + } + if (false === ($sig = static::urlsafeB64Decode($cryptob64))) { + throw new UnexpectedValueException('Invalid signature encoding'); + } + if (empty($header->alg)) { + throw new UnexpectedValueException('Empty algorithm'); + } + if (empty(static::$supported_algs[$header->alg])) { + throw new UnexpectedValueException('Algorithm not supported'); + } + if (!in_array($header->alg, $allowed_algs)) { + throw new UnexpectedValueException('Algorithm not allowed'); + } + if (is_array($key) || $key instanceof \ArrayAccess) { + if (isset($header->kid)) { + if (!isset($key[$header->kid])) { + throw new UnexpectedValueException('"kid" invalid, unable to lookup correct key'); + } + $key = $key[$header->kid]; + } else { + throw new UnexpectedValueException('"kid" empty, unable to lookup correct key'); + } + } + + // Check the signature + if (!static::verify("$headb64.$bodyb64", $sig, $key, $header->alg)) { + throw new SignatureInvalidException('Signature verification failed'); + } + + // Check if the nbf if it is defined. This is the time that the + // token can actually be used. If it's not yet that time, abort. + if (isset($payload->nbf) && $payload->nbf > ($timestamp + static::$leeway)) { + throw new BeforeValidException( + 'Cannot handle token prior to ' . date(DateTime::ISO8601, $payload->nbf) + ); + } + + // Check that this token has been created before 'now'. This prevents + // using tokens that have been created for later use (and haven't + // correctly used the nbf claim). + if (isset($payload->iat) && $payload->iat > ($timestamp + static::$leeway)) { + throw new BeforeValidException( + 'Cannot handle token prior to ' . date(DateTime::ISO8601, $payload->iat) + ); + } + + // Check if this token has expired. + if (isset($payload->exp) && ($timestamp - static::$leeway) >= $payload->exp) { + throw new ExpiredException('Expired token'); + } + + return $payload; + } + + /** + * Converts and signs a PHP object or array into a JWT string. + * + * @param object|array $payload PHP object or array + * @param string $key The secret key. + * If the algorithm used is asymmetric, this is the private key + * @param string $alg The signing algorithm. + * Supported algorithms are 'HS256', 'HS384', 'HS512' and 'RS256' + * @param mixed $keyId + * @param array $head An array with header elements to attach + * + * @return string A signed JWT + * + * @uses jsonEncode + * @uses urlsafeB64Encode + */ + public static function encode($payload, $key, $alg = 'HS256', $keyId = null, $head = null) + { + $header = array('typ' => 'JWT', 'alg' => $alg); + if ($keyId !== null) { + $header['kid'] = $keyId; + } + if ( isset($head) && is_array($head) ) { + $header = array_merge($head, $header); + } + $segments = array(); + $segments[] = static::urlsafeB64Encode(static::jsonEncode($header)); + $segments[] = static::urlsafeB64Encode(static::jsonEncode($payload)); + $signing_input = implode('.', $segments); + + $signature = static::sign($signing_input, $key, $alg); + $segments[] = static::urlsafeB64Encode($signature); + + return implode('.', $segments); + } + + /** + * Sign a string with a given key and algorithm. + * + * @param string $msg The message to sign + * @param string|resource $key The secret key + * @param string $alg The signing algorithm. + * Supported algorithms are 'HS256', 'HS384', 'HS512' and 'RS256' + * + * @return string An encrypted message + * + * @throws DomainException Unsupported algorithm was specified + */ + public static function sign($msg, $key, $alg = 'HS256') + { + if (empty(static::$supported_algs[$alg])) { + throw new DomainException('Algorithm not supported'); + } + list($function, $algorithm) = static::$supported_algs[$alg]; + switch($function) { + case 'hash_hmac': + return hash_hmac($algorithm, $msg, $key, true); + case 'openssl': + $signature = ''; + $success = openssl_sign($msg, $signature, $key, $algorithm); + if (!$success) { + throw new DomainException("OpenSSL unable to sign data"); + } else { + return $signature; + } + } + } + + /** + * Verify a signature with the message, key and method. Not all methods + * are symmetric, so we must have a separate verify and sign method. + * + * @param string $msg The original message (header and body) + * @param string $signature The original signature + * @param string|resource $key For HS*, a string key works. for RS*, must be a resource of an openssl public key + * @param string $alg The algorithm + * + * @return bool + * + * @throws DomainException Invalid Algorithm or OpenSSL failure + */ + private static function verify($msg, $signature, $key, $alg) + { + if (empty(static::$supported_algs[$alg])) { + throw new DomainException('Algorithm not supported'); + } + + list($function, $algorithm) = static::$supported_algs[$alg]; + switch($function) { + case 'openssl': + $success = openssl_verify($msg, $signature, $key, $algorithm); + if ($success === 1) { + return true; + } elseif ($success === 0) { + return false; + } + // returns 1 on success, 0 on failure, -1 on error. + throw new DomainException( + 'OpenSSL error: ' . openssl_error_string() + ); + case 'hash_hmac': + default: + $hash = hash_hmac($algorithm, $msg, $key, true); + if (function_exists('hash_equals')) { + return hash_equals($signature, $hash); + } + $len = min(static::safeStrlen($signature), static::safeStrlen($hash)); + + $status = 0; + for ($i = 0; $i < $len; $i++) { + $status |= (ord($signature[$i]) ^ ord($hash[$i])); + } + $status |= (static::safeStrlen($signature) ^ static::safeStrlen($hash)); + + return ($status === 0); + } + } + + /** + * Decode a JSON string into a PHP object. + * + * @param string $input JSON string + * + * @return object Object representation of JSON string + * + * @throws DomainException Provided string was invalid JSON + */ + public static function jsonDecode($input) + { + if (version_compare(PHP_VERSION, '5.4.0', '>=') && !(defined('JSON_C_VERSION') && PHP_INT_SIZE > 4)) { + /** In PHP >=5.4.0, json_decode() accepts an options parameter, that allows you + * to specify that large ints (like Steam Transaction IDs) should be treated as + * strings, rather than the PHP default behaviour of converting them to floats. + */ + $obj = json_decode($input, false, 512, JSON_BIGINT_AS_STRING); + } else { + /** Not all servers will support that, however, so for older versions we must + * manually detect large ints in the JSON string and quote them (thus converting + *them to strings) before decoding, hence the preg_replace() call. + */ + $max_int_length = strlen((string) PHP_INT_MAX) - 1; + $json_without_bigints = preg_replace('/:\s*(-?\d{'.$max_int_length.',})/', ': "$1"', $input); + $obj = json_decode($json_without_bigints); + } + + if (function_exists('json_last_error') && $errno = json_last_error()) { + static::handleJsonError($errno); + } elseif ($obj === null && $input !== 'null') { + throw new DomainException('Null result with non-null input'); + } + return $obj; + } + + /** + * Encode a PHP object into a JSON string. + * + * @param object|array $input A PHP object or array + * + * @return string JSON representation of the PHP object or array + * + * @throws DomainException Provided object could not be encoded to valid JSON + */ + public static function jsonEncode($input) + { + $json = json_encode($input); + if (function_exists('json_last_error') && $errno = json_last_error()) { + static::handleJsonError($errno); + } elseif ($json === 'null' && $input !== null) { + throw new DomainException('Null result with non-null input'); + } + return $json; + } + + /** + * Decode a string with URL-safe Base64. + * + * @param string $input A Base64 encoded string + * + * @return string A decoded string + */ + public static function urlsafeB64Decode($input) + { + $remainder = strlen($input) % 4; + if ($remainder) { + $padlen = 4 - $remainder; + $input .= str_repeat('=', $padlen); + } + return base64_decode(strtr($input, '-_', '+/')); + } + + /** + * Encode a string with URL-safe Base64. + * + * @param string $input The string you want encoded + * + * @return string The base64 encode of what you passed in + */ + public static function urlsafeB64Encode($input) + { + return str_replace('=', '', strtr(base64_encode($input), '+/', '-_')); + } + + /** + * Helper method to create a JSON error. + * + * @param int $errno An error number from json_last_error() + * + * @return void + */ + private static function handleJsonError($errno) + { + $messages = array( + JSON_ERROR_DEPTH => 'Maximum stack depth exceeded', + JSON_ERROR_STATE_MISMATCH => 'Invalid or malformed JSON', + JSON_ERROR_CTRL_CHAR => 'Unexpected control character found', + JSON_ERROR_SYNTAX => 'Syntax error, malformed JSON', + JSON_ERROR_UTF8 => 'Malformed UTF-8 characters' //PHP >= 5.3.3 + ); + throw new DomainException( + isset($messages[$errno]) + ? $messages[$errno] + : 'Unknown JSON error: ' . $errno + ); + } + + /** + * Get the number of bytes in cryptographic strings. + * + * @param string + * + * @return int + */ + private static function safeStrlen($str) + { + if (function_exists('mb_strlen')) { + return mb_strlen($str, '8bit'); + } + return strlen($str); + } +} diff --git a/web/vendor/firebase/php-jwt/src/SignatureInvalidException.php b/web/vendor/firebase/php-jwt/src/SignatureInvalidException.php new file mode 100644 index 000000000..27332b21b --- /dev/null +++ b/web/vendor/firebase/php-jwt/src/SignatureInvalidException.php @@ -0,0 +1,7 @@ + + * @license http://www.opensource.org/licenses/mit-license.html MIT License + * @copyright 2012 The Authors + */ + +namespace { + + if (!defined('PASSWORD_BCRYPT')) { + /** + * PHPUnit Process isolation caches constants, but not function declarations. + * So we need to check if the constants are defined separately from + * the functions to enable supporting process isolation in userland + * code. + */ + define('PASSWORD_BCRYPT', 1); + define('PASSWORD_DEFAULT', PASSWORD_BCRYPT); + define('PASSWORD_BCRYPT_DEFAULT_COST', 10); + } + + if (!function_exists('password_hash')) { + + /** + * Hash the password using the specified algorithm + * + * @param string $password The password to hash + * @param int $algo The algorithm to use (Defined by PASSWORD_* constants) + * @param array $options The options for the algorithm to use + * + * @return string|false The hashed password, or false on error. + */ + function password_hash($password, $algo, array $options = array()) { + if (!function_exists('crypt')) { + trigger_error("Crypt must be loaded for password_hash to function", E_USER_WARNING); + return null; + } + if (is_null($password) || is_int($password)) { + $password = (string) $password; + } + if (!is_string($password)) { + trigger_error("password_hash(): Password must be a string", E_USER_WARNING); + return null; + } + if (!is_int($algo)) { + trigger_error("password_hash() expects parameter 2 to be long, " . gettype($algo) . " given", E_USER_WARNING); + return null; + } + $resultLength = 0; + switch ($algo) { + case PASSWORD_BCRYPT: + $cost = PASSWORD_BCRYPT_DEFAULT_COST; + if (isset($options['cost'])) { + $cost = $options['cost']; + if ($cost < 4 || $cost > 31) { + trigger_error(sprintf("password_hash(): Invalid bcrypt cost parameter specified: %d", $cost), E_USER_WARNING); + return null; + } + } + // The length of salt to generate + $raw_salt_len = 16; + // The length required in the final serialization + $required_salt_len = 22; + $hash_format = sprintf("$2y$%02d$", $cost); + // The expected length of the final crypt() output + $resultLength = 60; + break; + default: + trigger_error(sprintf("password_hash(): Unknown password hashing algorithm: %s", $algo), E_USER_WARNING); + return null; + } + $salt_requires_encoding = false; + if (isset($options['salt'])) { + switch (gettype($options['salt'])) { + case 'NULL': + case 'boolean': + case 'integer': + case 'double': + case 'string': + $salt = (string) $options['salt']; + break; + case 'object': + if (method_exists($options['salt'], '__tostring')) { + $salt = (string) $options['salt']; + break; + } + case 'array': + case 'resource': + default: + trigger_error('password_hash(): Non-string salt parameter supplied', E_USER_WARNING); + return null; + } + if (PasswordCompat\binary\_strlen($salt) < $required_salt_len) { + trigger_error(sprintf("password_hash(): Provided salt is too short: %d expecting %d", PasswordCompat\binary\_strlen($salt), $required_salt_len), E_USER_WARNING); + return null; + } elseif (0 == preg_match('#^[a-zA-Z0-9./]+$#D', $salt)) { + $salt_requires_encoding = true; + } + } else { + $buffer = ''; + $buffer_valid = false; + if (function_exists('mcrypt_create_iv') && !defined('PHALANGER')) { + $buffer = mcrypt_create_iv($raw_salt_len, MCRYPT_DEV_URANDOM); + if ($buffer) { + $buffer_valid = true; + } + } + if (!$buffer_valid && function_exists('openssl_random_pseudo_bytes')) { + $buffer = openssl_random_pseudo_bytes($raw_salt_len); + if ($buffer) { + $buffer_valid = true; + } + } + if (!$buffer_valid && @is_readable('/dev/urandom')) { + $f = fopen('/dev/urandom', 'r'); + $read = PasswordCompat\binary\_strlen($buffer); + while ($read < $raw_salt_len) { + $buffer .= fread($f, $raw_salt_len - $read); + $read = PasswordCompat\binary\_strlen($buffer); + } + fclose($f); + if ($read >= $raw_salt_len) { + $buffer_valid = true; + } + } + if (!$buffer_valid || PasswordCompat\binary\_strlen($buffer) < $raw_salt_len) { + $bl = PasswordCompat\binary\_strlen($buffer); + for ($i = 0; $i < $raw_salt_len; $i++) { + if ($i < $bl) { + $buffer[$i] = $buffer[$i] ^ chr(mt_rand(0, 255)); + } else { + $buffer .= chr(mt_rand(0, 255)); + } + } + } + $salt = $buffer; + $salt_requires_encoding = true; + } + if ($salt_requires_encoding) { + // encode string with the Base64 variant used by crypt + $base64_digits = + 'ABCDEFGHIJKLMNOPQRSTUVWXYZabcdefghijklmnopqrstuvwxyz0123456789+/'; + $bcrypt64_digits = + './ABCDEFGHIJKLMNOPQRSTUVWXYZabcdefghijklmnopqrstuvwxyz0123456789'; + + $base64_string = base64_encode($salt); + $salt = strtr(rtrim($base64_string, '='), $base64_digits, $bcrypt64_digits); + } + $salt = PasswordCompat\binary\_substr($salt, 0, $required_salt_len); + + $hash = $hash_format . $salt; + + $ret = crypt($password, $hash); + + if (!is_string($ret) || PasswordCompat\binary\_strlen($ret) != $resultLength) { + return false; + } + + return $ret; + } + + /** + * Get information about the password hash. Returns an array of the information + * that was used to generate the password hash. + * + * array( + * 'algo' => 1, + * 'algoName' => 'bcrypt', + * 'options' => array( + * 'cost' => PASSWORD_BCRYPT_DEFAULT_COST, + * ), + * ) + * + * @param string $hash The password hash to extract info from + * + * @return array The array of information about the hash. + */ + function password_get_info($hash) { + $return = array( + 'algo' => 0, + 'algoName' => 'unknown', + 'options' => array(), + ); + if (PasswordCompat\binary\_substr($hash, 0, 4) == '$2y$' && PasswordCompat\binary\_strlen($hash) == 60) { + $return['algo'] = PASSWORD_BCRYPT; + $return['algoName'] = 'bcrypt'; + list($cost) = sscanf($hash, "$2y$%d$"); + $return['options']['cost'] = $cost; + } + return $return; + } + + /** + * Determine if the password hash needs to be rehashed according to the options provided + * + * If the answer is true, after validating the password using password_verify, rehash it. + * + * @param string $hash The hash to test + * @param int $algo The algorithm used for new password hashes + * @param array $options The options array passed to password_hash + * + * @return boolean True if the password needs to be rehashed. + */ + function password_needs_rehash($hash, $algo, array $options = array()) { + $info = password_get_info($hash); + if ($info['algo'] != $algo) { + return true; + } + switch ($algo) { + case PASSWORD_BCRYPT: + $cost = isset($options['cost']) ? $options['cost'] : PASSWORD_BCRYPT_DEFAULT_COST; + if ($cost != $info['options']['cost']) { + return true; + } + break; + } + return false; + } + + /** + * Verify a password against a hash using a timing attack resistant approach + * + * @param string $password The password to verify + * @param string $hash The hash to verify against + * + * @return boolean If the password matches the hash + */ + function password_verify($password, $hash) { + if (!function_exists('crypt')) { + trigger_error("Crypt must be loaded for password_verify to function", E_USER_WARNING); + return false; + } + $ret = crypt($password, $hash); + if (!is_string($ret) || PasswordCompat\binary\_strlen($ret) != PasswordCompat\binary\_strlen($hash) || PasswordCompat\binary\_strlen($ret) <= 13) { + return false; + } + + $status = 0; + for ($i = 0; $i < PasswordCompat\binary\_strlen($ret); $i++) { + $status |= (ord($ret[$i]) ^ ord($hash[$i])); + } + + return $status === 0; + } + } + +} + +namespace PasswordCompat\binary { + + if (!function_exists('PasswordCompat\\binary\\_strlen')) { + + /** + * Count the number of bytes in a string + * + * We cannot simply use strlen() for this, because it might be overwritten by the mbstring extension. + * In this case, strlen() will count the number of *characters* based on the internal encoding. A + * sequence of bytes might be regarded as a single multibyte character. + * + * @param string $binary_string The input string + * + * @internal + * @return int The number of bytes + */ + function _strlen($binary_string) { + if (function_exists('mb_strlen')) { + return mb_strlen($binary_string, '8bit'); + } + return strlen($binary_string); + } + + /** + * Get a substring based on byte limits + * + * @see _strlen() + * + * @param string $binary_string The input string + * @param int $start + * @param int $length + * + * @internal + * @return string The substring + */ + function _substr($binary_string, $start, $length) { + if (function_exists('mb_substr')) { + return mb_substr($binary_string, $start, $length, '8bit'); + } + return substr($binary_string, $start, $length); + } + + /** + * Check if current PHP version is compatible with the library + * + * @return boolean the check result + */ + function check() { + static $pass = NULL; + + if (is_null($pass)) { + if (function_exists('crypt')) { + $hash = '$2y$04$usesomesillystringfore7hnbRJHxXVLeakoG8K30oukPsA.ztMG'; + $test = crypt("password", $hash); + $pass = $test == $hash; + } else { + $pass = false; + } + } + return $pass; + } + + } +} \ No newline at end of file diff --git a/web/vendor/ircmaxell/password-compat/version-test.php b/web/vendor/ircmaxell/password-compat/version-test.php new file mode 100644 index 000000000..96f60ca8d --- /dev/null +++ b/web/vendor/ircmaxell/password-compat/version-test.php @@ -0,0 +1,6 @@ + Date: Fri, 24 May 2019 13:53:24 -0400 Subject: [PATCH 168/922] Add shutdown capability (#2575) * Add Config for showing a system shutdown/restart option * Add a translation for Shutdown * add a shutdown power button to the navbar * but the shutdown icon in a navbar-txt * set width and height of shutdown window * Add instructions for enabling the web user to run shutdown * add the shutdown view and actions --- .../lib/ZoneMinder/ConfigData.pm.in | 12 ++++ web/includes/actions/shutdown.php | 44 ++++++++++++ web/lang/en_gb.php | 1 + web/skins/classic/includes/functions.php | 7 +- web/skins/classic/js/base.js | 1 + web/skins/classic/views/shutdown.php | 69 +++++++++++++++++++ 6 files changed, 132 insertions(+), 2 deletions(-) create mode 100644 web/includes/actions/shutdown.php create mode 100644 web/skins/classic/views/shutdown.php diff --git a/scripts/ZoneMinder/lib/ZoneMinder/ConfigData.pm.in b/scripts/ZoneMinder/lib/ZoneMinder/ConfigData.pm.in index d133b3eaf..c848441e8 100644 --- a/scripts/ZoneMinder/lib/ZoneMinder/ConfigData.pm.in +++ b/scripts/ZoneMinder/lib/ZoneMinder/ConfigData.pm.in @@ -473,6 +473,18 @@ our @options = ( type => $types{string}, category => 'system', }, + { + name => 'ZM_SYSTEM_SHUTDOWN', + default => 'true', + description => 'Allow Admin users to power off or restart the system from the ZoneMinder UI.', + help => 'The system will need to have sudo installed and the following added to /etc/sudoers~~ + ~~ + @ZM_WEB_USER@ ALL=NOPASSWD: /sbin/shutdown~~ + ~~ + to perform the shutdown or reboot', + type => $types{boolean}, + category => 'system', + }, { name => 'ZM_USE_DEEP_STORAGE', default => 'yes', diff --git a/web/includes/actions/shutdown.php b/web/includes/actions/shutdown.php new file mode 100644 index 000000000..f6d31b4f4 --- /dev/null +++ b/web/includes/actions/shutdown.php @@ -0,0 +1,44 @@ +&1", $output, $rc); + #exec('sudo -n /bin/systemctl poweroff -i 2>&1', $output, $rc); + ZM\Logger::Debug("Shutdown output $rc " . implode("\n",$output)); + #ZM\Logger::Debug("Shutdown output " . shell_exec('/bin/systemctl poweroff -i 2>&1')); + } else if ( $action == 'restart' ) { + $output = array(); + exec("sudo -n /sbin/shutdown -r $when 2>&1", $output); + #exec('sudo -n /bin/systemctl reboot -i 2>&1', $output); + ZM\Logger::Debug("Shutdown output " . implode("\n",$output)); + } else if ( $action == 'cancel' ) { + $output = array(); + exec('sudo /sbin/shutdown -c 2>&1', $output); + } +} # end if action +?> diff --git a/web/lang/en_gb.php b/web/lang/en_gb.php index 1fdd112e0..cb5037045 100644 --- a/web/lang/en_gb.php +++ b/web/lang/en_gb.php @@ -693,6 +693,7 @@ $SLANG = array( 'Settings' => 'Settings', 'ShowFilterWindow' => 'Show Filter Window', 'ShowTimeline' => 'Show Timeline', + 'Shutdown' => 'Shutdown', 'SignalCheckColour' => 'Signal Check Colour', 'SignalCheckPoints' => 'Signal Check Points', 'Size' => 'Size', diff --git a/web/skins/classic/includes/functions.php b/web/skins/classic/includes/functions.php index 40bf18b30..d0ce75abb 100644 --- a/web/skins/classic/includes/functions.php +++ b/web/skins/classic/includes/functions.php @@ -328,10 +328,13 @@ if (isset($_REQUEST['filter']['Query']['terms']['attr'])) {

account_circle

- - + +

+ power_settings_new' ) ?> +

+

diff --git a/web/skins/classic/js/base.js b/web/skins/classic/js/base.js index b0a28dc96..5d044f229 100644 --- a/web/skins/classic/js/base.js +++ b/web/skins/classic/js/base.js @@ -60,6 +60,7 @@ var popupSizes = { 'preset': {'width': 300, 'height': 220}, 'server': {'width': 600, 'height': 405}, 'settings': {'width': 220, 'height': 235}, + 'shutdown': {'width': 400, 'height': 400}, 'state': {'width': 400, 'height': 170}, 'stats': {'width': 840, 'height': 200}, 'storage': {'width': 600, 'height': 405}, diff --git a/web/skins/classic/views/shutdown.php b/web/skins/classic/views/shutdown.php new file mode 100644 index 000000000..5e032cd1c --- /dev/null +++ b/web/skins/classic/views/shutdown.php @@ -0,0 +1,69 @@ + + +
+ +
+
+ +'.implode('
', $output).'

'; + } + if ( isset($_POST['when']) and ($_POST['when'] != 'NOW') and ($action != 'cancel') ) { + echo '

You may cancel this shutdown by clicking '.translate('Cancel').'

'; + } +?> +

Warning

+ This command will either shutdown or restart all ZoneMinder Servers
+

+

+ + +

+
+ + + + + + +
+
+
+
+ + From 4b1284b8ad07a8ebc361b8182ef0778e2d50bea8 Mon Sep 17 00:00:00 2001 From: Isaac Connor Date: Fri, 24 May 2019 13:57:40 -0400 Subject: [PATCH 169/922] fix merge --- distros/ubuntu1604/control | 4 ---- 1 file changed, 4 deletions(-) diff --git a/distros/ubuntu1604/control b/distros/ubuntu1604/control index 2ff4b916a..dac96fb16 100644 --- a/distros/ubuntu1604/control +++ b/distros/ubuntu1604/control @@ -79,11 +79,7 @@ Depends: ${shlibs:Depends}, ${misc:Depends}, ${perl:Depends} ,rsyslog | system-log-daemon ,zip ,libpcre3 -<<<<<<< HEAD ,libssl | libssl1.0.0 | libssl1.1 -======= - ,libssl | libssl1.0.0 ->>>>>>> 34400419e8384ab7c130b47d46fe90d2337ee5c2 ,libcrypt-eksblowfish-perl ,libdata-entropy-perl Recommends: ${misc:Recommends} From 3b5b63d9cb93dc41a87087b75f2a3b929d4b0ed3 Mon Sep 17 00:00:00 2001 From: Isaac Connor Date: Fri, 24 May 2019 14:09:46 -0400 Subject: [PATCH 170/922] add libx264-155 to possible dependencies. Fixes #2596 --- distros/ubuntu1604/control | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/distros/ubuntu1604/control b/distros/ubuntu1604/control index dac96fb16..7926fc346 100644 --- a/distros/ubuntu1604/control +++ b/distros/ubuntu1604/control @@ -45,7 +45,7 @@ Package: zoneminder Architecture: any Depends: ${shlibs:Depends}, ${misc:Depends}, ${perl:Depends} ,javascript-common - ,libmp4v2-2, libx264-142|libx264-148|libx264-152 + ,libmp4v2-2, libx264-142|libx264-148|libx264-152|libx264-155 ,libswscale-ffmpeg3|libswscale4|libswscale3|libswscale5 ,libswresample2|libswresample3|libswresample24|libswresample-ffmpeg1 ,ffmpeg | libav-tools From 0c00752ab46e42194d6990fdd0571188231f0848 Mon Sep 17 00:00:00 2001 From: Isaac Connor Date: Fri, 24 May 2019 14:51:08 -0400 Subject: [PATCH 171/922] fix nextFid and prevFid when using bulk frames. Disable buttons instead of removing them entirely. --- web/skins/classic/views/frame.php | 20 +++++++++----------- 1 file changed, 9 insertions(+), 11 deletions(-) diff --git a/web/skins/classic/views/frame.php b/web/skins/classic/views/frame.php index 7aca36bc9..9abe1d338 100644 --- a/web/skins/classic/views/frame.php +++ b/web/skins/classic/views/frame.php @@ -44,8 +44,8 @@ $Frame = new ZM\Frame($frame); $maxFid = $Event->Frames(); $firstFid = 1; -$prevFid = $Frame->FrameId()-1; -$nextFid = $Frame->FrameId()+1; +$prevFid = dbFetchOne('SELECT MAX(FrameId) AS FrameId FROM Frames WHERE EventId = ? AND FrameId < ?', 'FrameId', array($eid, $fid) ); +$nextFid = dbFetchOne('SELECT MIN(FrameId) AS FrameId FROM Frames WHERE EventId = ? AND FrameId > ?', 'FrameId', array($eid, $fid) ); $lastFid = $maxFid; $alarmFrame = $Frame->Type() == 'Alarm'; @@ -108,16 +108,14 @@ xhtmlHeaders(__FILE__, translate('Frame').' - '.$Event->Id().' - '.$Frame->Frame

-

-FrameId() > 1 ) { ?> - - FrameId() < $maxFid ) { ?> - - - + $frame_url_base = '?view=frame&eid='.$Event->Id().'&scale='.$scale.'&show='.$show.'&fid='; +?> +

+ FrameId() > 1 ) ? 'href="'.$frame_url_base.$firstFid.'" class="btn-primary"' : 'class="btn-primary disabled"') ?>> + FrameId() > 1 ) ? 'href="'.$frame_url_base.$prevFid.'" class="btn-primary"' : 'class="btn-primary disabled"' ?>> + FrameId() < $maxFid ) ? 'href="'.$frame_url_base.$nextFid.'" class="btn-primary"' : 'class="btn-primary disabled"' ?>> + FrameId() < $maxFid ) ? 'href="'.$frame_url_base.$lastFid .'" class="btn-primary"' : 'class="btn-primary disabled"' ?>>

From d5b29923a4dc4d5e24848cb727ade86eb9a691b5 Mon Sep 17 00:00:00 2001 From: Isaac Connor Date: Fri, 24 May 2019 14:51:39 -0400 Subject: [PATCH 172/922] add a.disabled css style --- web/skins/classic/css/base/skin.css | 1 + 1 file changed, 1 insertion(+) diff --git a/web/skins/classic/css/base/skin.css b/web/skins/classic/css/base/skin.css index 99692bff6..1dfd6ea90 100644 --- a/web/skins/classic/css/base/skin.css +++ b/web/skins/classic/css/base/skin.css @@ -589,6 +589,7 @@ input[type=submit]:hover, button:disabled, input[type=button]:disabled, input[type=submit]:disabled, + a.disabled, .btn-primary:disabled { background-color: #aaaaaa; border-color: #bbbbbb; From 4765b9d936cc1d2048b778bd211b7227eb91d2bd Mon Sep 17 00:00:00 2001 From: Isaac Connor Date: Fri, 24 May 2019 14:52:04 -0400 Subject: [PATCH 173/922] Don't generate php errors when returned row doesn't have the specified column --- web/includes/database.php | 3 ++- 1 file changed, 2 insertions(+), 1 deletion(-) diff --git a/web/includes/database.php b/web/includes/database.php index b567f6c6d..f214af58b 100644 --- a/web/includes/database.php +++ b/web/includes/database.php @@ -172,10 +172,11 @@ function dbFetchOne( $sql, $col=false, $params=NULL ) { return false; } - if ( $result && $dbRow = $result->fetch(PDO::FETCH_ASSOC) ) { + if ( $result && ($dbRow = $result->fetch(PDO::FETCH_ASSOC)) ) { if ( $col ) { if ( ! array_key_exists($col, $dbRow) ) { ZM\Warning("$col does not exist in the returned row " . print_r($dbRow, true)); + return false; } return $dbRow[$col]; } From fad919adeceff7252d0d6b1bf5892c617e9ee7a6 Mon Sep 17 00:00:00 2001 From: Isaac Connor Date: Fri, 24 May 2019 14:59:33 -0400 Subject: [PATCH 174/922] Fix incorrect fix for dealing with bulk frames. prev and next fid should just be +/- 1, so that we show the actual capture frame as opposed to the non-existent db frame record. Fix is by specifying the EventId as well --- web/skins/classic/views/frame.php | 6 +++--- 1 file changed, 3 insertions(+), 3 deletions(-) diff --git a/web/skins/classic/views/frame.php b/web/skins/classic/views/frame.php index 9abe1d338..af412794b 100644 --- a/web/skins/classic/views/frame.php +++ b/web/skins/classic/views/frame.php @@ -35,7 +35,7 @@ $Monitor = $Event->Monitor(); if ( !empty($fid) ) { $sql = 'SELECT * FROM Frames WHERE EventId = ? AND FrameId = ?'; if ( !($frame = dbFetchOne( $sql, NULL, array($eid, $fid) )) ) - $frame = array( 'FrameId'=>$fid, 'Type'=>'Normal', 'Score'=>0 ); + $frame = array( 'EventId'=>$eid, 'FrameId'=>$fid, 'Type'=>'Normal', 'Score'=>0 ); } else { $frame = dbFetchOne('SELECT * FROM Frames WHERE EventId = ? AND Score = ?', NULL, array($eid, $Event->MaxScore())); } @@ -44,8 +44,8 @@ $Frame = new ZM\Frame($frame); $maxFid = $Event->Frames(); $firstFid = 1; -$prevFid = dbFetchOne('SELECT MAX(FrameId) AS FrameId FROM Frames WHERE EventId = ? AND FrameId < ?', 'FrameId', array($eid, $fid) ); -$nextFid = dbFetchOne('SELECT MIN(FrameId) AS FrameId FROM Frames WHERE EventId = ? AND FrameId > ?', 'FrameId', array($eid, $fid) ); +$prevFid = $fid-1; +$nextFid = $fid+1; $lastFid = $maxFid; $alarmFrame = $Frame->Type() == 'Alarm'; From 3c5d20a2e1dbc1c176c64b27e483ccec91989ee7 Mon Sep 17 00:00:00 2001 From: Isaac Connor Date: Fri, 24 May 2019 15:06:37 -0400 Subject: [PATCH 175/922] when an event view is scaled, adjust the frame popup window size accordingly --- web/skins/classic/views/frames.php | 22 ++++++++++++++++++++-- 1 file changed, 20 insertions(+), 2 deletions(-) diff --git a/web/skins/classic/views/frames.php b/web/skins/classic/views/frames.php index 3e146c958..78239b1b1 100644 --- a/web/skins/classic/views/frames.php +++ b/web/skins/classic/views/frames.php @@ -24,7 +24,17 @@ if ( !canView('Events') ) { } require_once('includes/Frame.php'); $Event = new ZM\Event($_REQUEST['eid']); +$Monitor = $Event->Monitor(); +if ( isset( $_REQUEST['scale'] ) ) { + $scale = validNum($_REQUEST['scale']); +} else if ( isset( $_COOKIE['zmWatchScale'.$Monitor->Id()] ) ) { + $scale = validNum($_COOKIE['zmWatchScale'.$Monitor->Id()]); +} else if ( isset( $_COOKIE['zmWatchScale'] ) ) { + $scale = validNum($_COOKIE['zmWatchScale']); +} else { + $scale = max( reScale( SCALE_BASE, $Monitor->DefaultScale(), ZM_WEB_DEFAULT_SCALE ), SCALE_BASE ); +} $sql = 'SELECT *, unix_timestamp( TimeStamp ) AS UnixTimeStamp FROM Frames WHERE EventID = ? ORDER BY FrameId'; $frames = dbFetchAll( $sql, NULL, array( $_REQUEST['eid'] ) ); @@ -62,12 +72,20 @@ xhtmlHeaders(__FILE__, translate('Frames').' - '.$Event->Id() ); - Id().'&fid='.$frame['FrameId'], 'zmImage', array( 'frame', $Event->Width(), $Event->Height() ), $frame['FrameId'] ) ?> + Id().'&fid='.$frame['FrameId'], 'zmImage', + array( + 'frame', + ($scale ? $Event->Width()*$scale/100 : $Event->Width()), + ($scale ? $Event->Height()*$scale/100 : $Event->Height()) + ), + $frame['FrameId']) + ?> From ac8197f2e5c9946195ab1110cc0a02696d977d49 Mon Sep 17 00:00:00 2001 From: Isaac Connor Date: Mon, 27 May 2019 11:25:49 -0400 Subject: [PATCH 176/922] fix eslint errors in monitor.js --- web/skins/classic/views/js/monitor.js | 29 +++++++++++++-------------- 1 file changed, 14 insertions(+), 15 deletions(-) diff --git a/web/skins/classic/views/js/monitor.js b/web/skins/classic/views/js/monitor.js index 7456c8c1b..bf5e4d900 100644 --- a/web/skins/classic/views/js/monitor.js +++ b/web/skins/classic/views/js/monitor.js @@ -76,27 +76,26 @@ function initPage() { document.querySelectorAll('input[name="newMonitor[MaxFPS]"]').forEach(function(el) { el.oninput = el.onclick = function(e) { - if ( e.target.value ) { - console.log('showing'); - $j('#newMonitor\\[MaxFPS\\]').show(); - } else { - $j('#newMonitor\\[MaxFPS\\]').hide(); - } - }; + if ( e.target.value ) { + console.log('showing'); + $j('#newMonitor\\[MaxFPS\\]').show(); + } else { + $j('#newMonitor\\[MaxFPS\\]').hide(); + } + }; }); document.querySelectorAll('input[name="newMonitor[AlarmMaxFPS]"]').forEach(function(el) { el.oninput = el.onclick = function(e) { - if ( e.target.value ) { - console.log('showing'); - $j('#newMonitor\\[AlarmMaxFPS\\]').show(); - } else { - $j('#newMonitor\\[AlarmMaxFPS\\]').hide(); - } - }; + if ( e.target.value ) { + console.log('showing'); + $j('#newMonitor\\[AlarmMaxFPS\\]').show(); + } else { + $j('#newMonitor\\[AlarmMaxFPS\\]').hide(); + } + }; }); $j('.chosen').chosen(); - } // end function initPage() window.addEventListener('DOMContentLoaded', initPage); From c4d76f03c92a7a7d034004d30ead741936f2a9a4 Mon Sep 17 00:00:00 2001 From: Isaac Connor Date: Mon, 27 May 2019 12:09:32 -0400 Subject: [PATCH 177/922] Introduce ZM_PATH_SHUTDOWN to cmake config --- CMakeLists.txt | 2 ++ distros/debian/rules | 7 ++++--- distros/ubuntu1204/rules | 1 + distros/ubuntu1604/rules | 1 + misc/CMakeLists.txt | 1 + web/includes/actions/shutdown.php | 6 +++--- 6 files changed, 12 insertions(+), 6 deletions(-) diff --git a/CMakeLists.txt b/CMakeLists.txt index 0973f8726..85e17fccc 100644 --- a/CMakeLists.txt +++ b/CMakeLists.txt @@ -166,6 +166,8 @@ set(ZM_DIR_SOUNDS "sounds" CACHE PATH "Location to look for optional sound files, default: sounds") set(ZM_PATH_ZMS "/cgi-bin/nph-zms" CACHE PATH "Web url to zms streaming server, default: /cgi-bin/nph-zms") +set(ZM_PATH_SHUTDOWN "/sbin/shutdown" CACHE PATH + "Path to shutdown binary, default: /sbin/shutdown") # Advanced set(ZM_PATH_MAP "/dev/shm" CACHE PATH diff --git a/distros/debian/rules b/distros/debian/rules index 6185838e0..bf11ee2de 100755 --- a/distros/debian/rules +++ b/distros/debian/rules @@ -21,10 +21,11 @@ override_dh_auto_configure: -DZM_CGIDIR=/usr/lib/zoneminder/cgi-bin \ -DZM_WEB_USER=www-data \ -DZM_WEB_GROUP=www-data \ - -DZM_CONFIG_SUBDIR="/etc/zm/conf.d" \ + -DZM_CONFIG_SUBDIR="/etc/zm/conf.d" \ -DZM_CONFIG_DIR="/etc/zm" \ - -DZM_DIR_EVENTS="/var/cache/zoneminder/events" \ - -DZM_PATH_ZMS="/zm/cgi-bin/nph-zms" + -DZM_DIR_EVENTS="/var/cache/zoneminder/events" \ + -DZM_PATH_SHUTDOWN="/sbin/shutdown" \ + -DZM_PATH_ZMS="/zm/cgi-bin/nph-zms" override_dh_auto_install: dh_auto_install --buildsystem=cmake diff --git a/distros/ubuntu1204/rules b/distros/ubuntu1204/rules index 20dd303f8..657697fcf 100755 --- a/distros/ubuntu1204/rules +++ b/distros/ubuntu1204/rules @@ -27,6 +27,7 @@ override_dh_auto_configure: -DZM_CGIDIR="/usr/lib/zoneminder/cgi-bin" \ -DZM_CACHEDIR="/var/cache/zoneminder/cache" \ -DZM_DIR_EVENTS="/var/cache/zoneminder/events" \ + -DZM_PATH_SHUTDOWN="/sbin/shutdown" \ -DZM_PATH_ZMS="/zm/cgi-bin/nph-zms" override_dh_clean: diff --git a/distros/ubuntu1604/rules b/distros/ubuntu1604/rules index 98b9ac0a2..c671a1b03 100755 --- a/distros/ubuntu1604/rules +++ b/distros/ubuntu1604/rules @@ -27,6 +27,7 @@ override_dh_auto_configure: -DZM_CGIDIR="/usr/lib/zoneminder/cgi-bin" \ -DZM_CACHEDIR="/var/cache/zoneminder/cache" \ -DZM_DIR_EVENTS="/var/cache/zoneminder/events" \ + -DZM_PATH_SHUTDOWN="/sbin/shutdown" \ -DZM_PATH_ZMS="/zm/cgi-bin/nph-zms" override_dh_clean: diff --git a/misc/CMakeLists.txt b/misc/CMakeLists.txt index 990b8ce06..f794241a8 100644 --- a/misc/CMakeLists.txt +++ b/misc/CMakeLists.txt @@ -10,6 +10,7 @@ configure_file(com.zoneminder.systemctl.rules.in "${CMAKE_CURRENT_BINARY_DIR}/co configure_file(zoneminder.service.in "${CMAKE_CURRENT_BINARY_DIR}/zoneminder.service" @ONLY) configure_file(zoneminder-tmpfiles.conf.in "${CMAKE_CURRENT_BINARY_DIR}/zoneminder-tmpfiles.conf" @ONLY) configure_file(zoneminder.desktop.in "${CMAKE_CURRENT_BINARY_DIR}/zoneminder.desktop" @ONLY) +configure_file(zm-sudo.in "${CMAKE_CURRENT_BINARY_DIR}/zm-sudo" @ONLY) # Do not install the misc files by default #install(FILES "${CMAKE_CURRENT_BINARY_DIR}/apache.conf" "${CMAKE_CURRENT_BINARY_DIR}/logrotate.conf" "${CMAKE_CURRENT_BINARY_DIR}/syslog.conf" DESTINATION "${CMAKE_INSTALL_DATADIR}/zoneminder/misc") diff --git a/web/includes/actions/shutdown.php b/web/includes/actions/shutdown.php index f6d31b4f4..4d7a4ee78 100644 --- a/web/includes/actions/shutdown.php +++ b/web/includes/actions/shutdown.php @@ -27,18 +27,18 @@ if ( $action ) { if ( $action == 'shutdown' ) { $output = array(); $rc = 0; - exec("sudo -n /sbin/shutdown -P $when 2>&1", $output, $rc); + exec('sudo -n '.ZM_PATH_SHUTDOWN." -P $when 2>&1", $output, $rc); #exec('sudo -n /bin/systemctl poweroff -i 2>&1', $output, $rc); ZM\Logger::Debug("Shutdown output $rc " . implode("\n",$output)); #ZM\Logger::Debug("Shutdown output " . shell_exec('/bin/systemctl poweroff -i 2>&1')); } else if ( $action == 'restart' ) { $output = array(); - exec("sudo -n /sbin/shutdown -r $when 2>&1", $output); + exec('sudo -n '.ZM_PATH_SHUTDOWN." -r $when 2>&1", $output); #exec('sudo -n /bin/systemctl reboot -i 2>&1', $output); ZM\Logger::Debug("Shutdown output " . implode("\n",$output)); } else if ( $action == 'cancel' ) { $output = array(); - exec('sudo /sbin/shutdown -c 2>&1', $output); + exec('sudo '.ZM_PATH_SHUTDOWN.' -c 2>&1', $output); } } # end if action ?> From 8b4fddadfbe556e71403ac1f5e0f6f19036265a5 Mon Sep 17 00:00:00 2001 From: Isaac Connor Date: Mon, 27 May 2019 12:29:29 -0400 Subject: [PATCH 178/922] out_frame->pts is calculated in resample_audio --- src/zm_videostore.cpp | 2 -- 1 file changed, 2 deletions(-) diff --git a/src/zm_videostore.cpp b/src/zm_videostore.cpp index 85f5282b9..ea2b314dc 100644 --- a/src/zm_videostore.cpp +++ b/src/zm_videostore.cpp @@ -945,7 +945,6 @@ int VideoStore::writeVideoFramePacket(AVPacket *ipkt) { } else { Debug(3, "opkt.dts = undef"); opkt.dts = video_out_stream->cur_dts; - //opkt.dts = 0; } # if 0 @@ -1012,7 +1011,6 @@ int VideoStore::writeAudioFramePacket(AVPacket *ipkt) { return 0; } - out_frame->pts = in_frame->pts; zm_dump_frame(out_frame, "Out frame after resample"); // out_frame pts is in the input pkt pts... needs to be adjusted before sending to the encoder if ( out_frame->pts != AV_NOPTS_VALUE ) { From 663f941963776a3f817f9842edcbf6873521fcf9 Mon Sep 17 00:00:00 2001 From: Isaac Connor Date: Mon, 27 May 2019 12:31:18 -0400 Subject: [PATCH 179/922] If we can't find a packet before ours in the queue, then stick it at the front of the queue, not the end. --- src/zm_packetqueue.cpp | 3 ++- 1 file changed, 2 insertions(+), 1 deletion(-) diff --git a/src/zm_packetqueue.cpp b/src/zm_packetqueue.cpp index c1fcc3db9..1188da8ff 100644 --- a/src/zm_packetqueue.cpp +++ b/src/zm_packetqueue.cpp @@ -96,7 +96,8 @@ bool zm_packetqueue::queuePacket(ZMPacket* zm_packet) { } Debug(1,"Unable to insert packet for stream %d with dts %" PRId64 " into queue.", zm_packet->packet.stream_index, zm_packet->packet.dts); - pktQueue.push_back(zm_packet); + // Must be before any packets in the queue. Stick it at the beginning + pktQueue.push(zm_packet); packet_counts[zm_packet->packet.stream_index] += 1; return true; } // end bool zm_packetqueue::queuePacket(ZMPacket* zm_packet) From 94f2c7656246445266991ce6614e0bdec2ddbf0c Mon Sep 17 00:00:00 2001 From: Isaac Connor Date: Mon, 27 May 2019 12:31:53 -0400 Subject: [PATCH 180/922] fix trailing whitespace --- distros/debian/rules | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/distros/debian/rules b/distros/debian/rules index bf11ee2de..13e36d461 100755 --- a/distros/debian/rules +++ b/distros/debian/rules @@ -25,7 +25,7 @@ override_dh_auto_configure: -DZM_CONFIG_DIR="/etc/zm" \ -DZM_DIR_EVENTS="/var/cache/zoneminder/events" \ -DZM_PATH_SHUTDOWN="/sbin/shutdown" \ - -DZM_PATH_ZMS="/zm/cgi-bin/nph-zms" + -DZM_PATH_ZMS="/zm/cgi-bin/nph-zms" override_dh_auto_install: dh_auto_install --buildsystem=cmake From c44967f770e04f5e7efab68c09ab488bf3433e82 Mon Sep 17 00:00:00 2001 From: Isaac Connor Date: Mon, 27 May 2019 12:47:38 -0400 Subject: [PATCH 181/922] fix push to push_front --- src/zm_packetqueue.cpp | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/src/zm_packetqueue.cpp b/src/zm_packetqueue.cpp index 1188da8ff..81fbb09c4 100644 --- a/src/zm_packetqueue.cpp +++ b/src/zm_packetqueue.cpp @@ -97,7 +97,7 @@ bool zm_packetqueue::queuePacket(ZMPacket* zm_packet) { Debug(1,"Unable to insert packet for stream %d with dts %" PRId64 " into queue.", zm_packet->packet.stream_index, zm_packet->packet.dts); // Must be before any packets in the queue. Stick it at the beginning - pktQueue.push(zm_packet); + pktQueue.push_front(zm_packet); packet_counts[zm_packet->packet.stream_index] += 1; return true; } // end bool zm_packetqueue::queuePacket(ZMPacket* zm_packet) From 3acbf1551d8199da87a73f54953fdc1ff3e35661 Mon Sep 17 00:00:00 2001 From: Isaac Connor Date: Mon, 27 May 2019 13:26:29 -0400 Subject: [PATCH 182/922] add zm-sudo.in --- misc/zm-sudo.in | 1 + 1 file changed, 1 insertion(+) create mode 100644 misc/zm-sudo.in diff --git a/misc/zm-sudo.in b/misc/zm-sudo.in new file mode 100644 index 000000000..c55a7b135 --- /dev/null +++ b/misc/zm-sudo.in @@ -0,0 +1 @@ +@WEB_USER@ ALL=NOPASSWD: @SBINDDIR@/shutdown From 049b70a624092743f0890ad4116e75ad445a6eb9 Mon Sep 17 00:00:00 2001 From: Isaac Connor Date: Mon, 27 May 2019 17:15:46 -0400 Subject: [PATCH 183/922] junk bad code in zm_eventstream that tried to figure out how long to sleep by considering the wall clock time since play start. No good as soon as we seek. --- src/zm_eventstream.cpp | 50 +++++++++++++++++------------------------- 1 file changed, 20 insertions(+), 30 deletions(-) diff --git a/src/zm_eventstream.cpp b/src/zm_eventstream.cpp index a2dd02ac0..5439b42e8 100644 --- a/src/zm_eventstream.cpp +++ b/src/zm_eventstream.cpp @@ -81,12 +81,15 @@ bool EventStream::loadInitialEventData( int monitor_id, time_t event_time ) { Debug(3, "Set curr_stream_time:%.2f, curr_frame_id:%d", curr_stream_time, curr_frame_id); break; } - } + } // end foreach frame Debug(3, "Skipping %ld frames", event_data->frame_count); + } else { + Warning("Requested an event time less than the start of the event. event_time %.2f < start_time %.2f", + event_time, event_data->start_time); } - } + } // end if have a start time return true; -} +} // bool EventStream::loadInitialEventData( int monitor_id, time_t event_time ) bool EventStream::loadInitialEventData( uint64_t init_event_id, unsigned int init_frame_id ) { loadEventData(init_event_id); @@ -237,13 +240,13 @@ bool EventStream::loadEventData(uint64_t event_id) { event_data->frames[i-1].timestamp = last_timestamp + ((i-last_id)*frame_delta); event_data->frames[i-1].offset = event_data->frames[i-1].timestamp - event_data->start_time; event_data->frames[i-1].in_db = false; - Debug(3,"Frame %d timestamp:(%f), offset(%f) delta(%f), in_db(%d)", - i, - event_data->frames[i-1].timestamp, - event_data->frames[i-1].offset, - event_data->frames[i-1].delta, - event_data->frames[i-1].in_db - ); + Debug(3,"Frame %d timestamp:(%f), offset(%f) delta(%f), in_db(%d)", + i, + event_data->frames[i-1].timestamp, + event_data->frames[i-1].offset, + event_data->frames[i-1].delta, + event_data->frames[i-1].in_db + ); } } event_data->frames[id-1].timestamp = event_data->start_time + delta; @@ -277,7 +280,7 @@ bool EventStream::loadEventData(uint64_t event_id) { snprintf(filepath, sizeof(filepath), "%s/%s", event_data->path, event_data->video_file); Debug(1, "Loading video file from %s", filepath); ffmpeg_input = new FFmpeg_Input(); - if ( 0 > ffmpeg_input->Open( filepath ) ) { + if ( 0 > ffmpeg_input->Open(filepath) ) { Warning("Unable to open ffmpeg_input %s/%s", event_data->path, event_data->video_file); delete ffmpeg_input; ffmpeg_input = NULL; @@ -290,7 +293,8 @@ bool EventStream::loadEventData(uint64_t event_id) { else curr_stream_time = event_data->frames[event_data->frame_count-1].timestamp; } - Debug(2, "Event:%" PRIu64 ", Frames:%ld, Duration: %.2f", event_data->event_id, event_data->frame_count, event_data->duration); + Debug(2, "Event:%" PRIu64 ", Frames:%ld, Duration: %.2f", + event_data->event_id, event_data->frame_count, event_data->duration); return true; } // bool EventStream::loadEventData( int event_id ) @@ -470,6 +474,7 @@ void EventStream::processCommand(const CmdMsg *msg) { break; case CMD_SEEK : { + // offset is in seconds int offset = ((unsigned char)msg->msg_data[1]<<24)|((unsigned char)msg->msg_data[2]<<16)|((unsigned char)msg->msg_data[3]<<8)|(unsigned char)msg->msg_data[4]; curr_frame_id = (int)(event_data->frame_count*offset/event_data->duration); Debug(1, "Got SEEK command, to %d (new cfid: %d)", offset, curr_frame_id); @@ -590,14 +595,13 @@ void EventStream::checkEventLoaded() { Image * EventStream::getImage( ) { static char filepath[PATH_MAX]; - Debug(2, "EventStream::getImage path(%s) frame(%d)", event_data->path, curr_frame_id); snprintf(filepath, sizeof(filepath), staticConfig.capture_file_format, event_data->path, curr_frame_id); - Debug(2, "EventStream::getImage path(%s) ", filepath, curr_frame_id); + Debug(2, "EventStream::getImage path(%s) from %s frame(%d) ", filepath, event_data->path, curr_frame_id); Image *image = new Image(filepath); return image; } -bool EventStream::sendFrame( int delta_us ) { +bool EventStream::sendFrame(int delta_us) { Debug(2, "Sending frame %d", curr_frame_id); static char filepath[PATH_MAX]; @@ -626,7 +630,6 @@ bool EventStream::sendFrame( int delta_us ) { #if HAVE_LIBAVCODEC if ( type == STREAM_MPEG ) { -Debug(2,"Streaming MPEG"); Image image(filepath); Image *send_image = prepareImage(&image); @@ -788,7 +791,6 @@ void EventStream::runStream() { updateFrameRate((double)event_data->frame_count/event_data->duration); gettimeofday(&start, NULL); uint64_t start_usec = start.tv_sec * 1000000 + start.tv_usec; - uint64_t last_frame_offset = 0; while ( !zm_terminate ) { gettimeofday(&now, NULL); @@ -923,21 +925,9 @@ Debug(3,"cur_frame_id (%d-1) mod frame_mod(%d)",curr_frame_id, frame_mod); // you can calculate the relationship between now and the start // or calc the relationship from the last frame. I think from the start is better as it self-corrects - if ( last_frame_offset ) { - // We assume that we are going forward and the next frame is in the future. - delta_us = frame_data->offset * 1000000 - (now_usec-start_usec); - // - (now_usec - start_usec); - Debug(2, "New delta_us now %" PRIu64 " - start %" PRIu64 " = %d offset %" PRId64 " - elapsed = %dusec", - now_usec, start_usec, now_usec-start_usec, frame_data->offset * 1000000, delta_us); - } else { - Debug(2, "No last frame_offset, no sleep"); - delta_us = 0; - } - last_frame_offset = frame_data->offset * 1000000; - if ( send_frame && type != STREAM_MPEG ) { if ( delta_us > 0 ) { - Debug( 3, "dUs: %d", delta_us ); + Debug(3, "dUs: %d", delta_us); usleep(delta_us); Debug(3, "Done sleeping: %d usec", delta_us); } From 7b06f585591e332d65c4947066205a2eb8e09136 Mon Sep 17 00:00:00 2001 From: Isaac Connor Date: Mon, 27 May 2019 17:16:23 -0400 Subject: [PATCH 184/922] Limit Connection error logs to every 10 minutes instead of every 10 seconds. Connection attempts still happen at 10 second intervals --- src/zmc.cpp | 28 +++++++++++++++++----------- 1 file changed, 17 insertions(+), 11 deletions(-) diff --git a/src/zmc.cpp b/src/zmc.cpp index 3620a67ca..bebc0bc7d 100644 --- a/src/zmc.cpp +++ b/src/zmc.cpp @@ -234,6 +234,8 @@ int main(int argc, char *argv[]) { int result = 0; + int prime_capture_log_count = 0; + while ( !zm_terminate ) { result = 0; static char sql[ZM_SQL_SML_BUFSIZ]; @@ -247,21 +249,19 @@ int main(int argc, char *argv[]) { if ( mysql_query(&dbconn, sql) ) { Error("Can't run query: %s", mysql_error(&dbconn)); } - } + } // end foreach monitor + // Outer primary loop, handles connection to camera if ( monitors[0]->PrimeCapture() < 0 ) { - Error("Failed to prime capture of initial monitor"); + if ( prime_capture_log_count % 60 ) { + Error("Failed to prime capture of initial monitor"); + } else { + Debug(1, "Failed to prime capture of initial monitor"); + } + prime_capture_log_count ++; sleep(10); continue; } - for ( int i = 0; i < n_monitors; i++ ) { - snprintf(sql, sizeof(sql), - "REPLACE INTO Monitor_Status (MonitorId, Status) VALUES ('%d','Connected')", - monitors[i]->Id()); - if ( mysql_query(&dbconn, sql) ) { - Error("Can't run query: %s", mysql_error(&dbconn)); - } - } int *capture_delays = new int[n_monitors]; int *alarm_capture_delays = new int[n_monitors]; @@ -271,7 +271,13 @@ int main(int argc, char *argv[]) { last_capture_times[i].tv_sec = last_capture_times[i].tv_usec = 0; capture_delays[i] = monitors[i]->GetCaptureDelay(); alarm_capture_delays[i] = monitors[i]->GetAlarmCaptureDelay(); - } + snprintf(sql, sizeof(sql), + "REPLACE INTO Monitor_Status (MonitorId, Status) VALUES ('%d','Connected')", + monitors[i]->Id()); + if ( mysql_query(&dbconn, sql) ) { + Error("Can't run query: %s", mysql_error(&dbconn)); + } + } // end foreach monitor struct timeval now; struct DeltaTimeval delta_time; From a244af49ad82cf9cf962d006742b2842d9373c23 Mon Sep 17 00:00:00 2001 From: Kirill Zhuykov Date: Tue, 28 May 2019 17:57:01 +0300 Subject: [PATCH 185/922] fix #2622 (#2623) --- db/zm_create.sql.in | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/db/zm_create.sql.in b/db/zm_create.sql.in index 557745ab9..510a65082 100644 --- a/db/zm_create.sql.in +++ b/db/zm_create.sql.in @@ -742,7 +742,7 @@ insert into Storage VALUES (NULL, '@ZM_DIR_EVENTS@', 'Default', 'local', NULL, N -- -- Create a default admin user. -- -insert into Users VALUES (NULL,'admin',password('admin'),'',1,'View','Edit','Edit','Edit','Edit','Edit','Edit','',''); +insert into Users VALUES (NULL,'admin',password('admin'),'',1,'View','Edit','Edit','Edit','Edit','Edit','Edit','','',0,1); -- -- Add a sample filter to purge the oldest 100 events when the disk is 95% full From df19e98f2865669b4fd7a416172d39c57060857c Mon Sep 17 00:00:00 2001 From: Isaac Connor Date: Tue, 28 May 2019 10:59:58 -0400 Subject: [PATCH 186/922] Add auto dput when interactive==no --- utils/do_debian_package.sh | 2 ++ 1 file changed, 2 insertions(+) diff --git a/utils/do_debian_package.sh b/utils/do_debian_package.sh index b8688d57c..0b9e18ee7 100755 --- a/utils/do_debian_package.sh +++ b/utils/do_debian_package.sh @@ -326,6 +326,8 @@ EOF if [[ "$REPLY" == [yY] ]]; then dput $PPA $SC fi; + else + dput $PPA $SC fi; fi; done; # foreach distro From bc0565858b18405a5815c775b860c99178d0faec Mon Sep 17 00:00:00 2001 From: Pliable Pixels Date: Tue, 28 May 2019 13:44:06 -0400 Subject: [PATCH 187/922] check for API disabled only when auth is on (#2624) --- web/api/app/Controller/AppController.php | 8 ++++---- 1 file changed, 4 insertions(+), 4 deletions(-) diff --git a/web/api/app/Controller/AppController.php b/web/api/app/Controller/AppController.php index eeda4b105..6b71ffb84 100644 --- a/web/api/app/Controller/AppController.php +++ b/web/api/app/Controller/AppController.php @@ -120,11 +120,11 @@ class AppController extends Controller { return; } } # end if ! login or logout + if ($user['APIEnabled'] == 0 ) { + throw new UnauthorizedException(__('API Disabled')); + return; + } } # end if ZM_OPT_AUTH // make sure populated user object has APIs enabled - if ($user['APIEnabled'] == 0 ) { - throw new UnauthorizedException(__('API Disabled')); - return; - } } # end function beforeFilter() } From 07d4310466e192eb452474899d92710a218f044b Mon Sep 17 00:00:00 2001 From: Isaac Connor Date: Wed, 29 May 2019 08:40:48 -0400 Subject: [PATCH 188/922] Can't cache-bust jquery-ui-theme.css as it loads sprites by relative path --- web/skins/classic/includes/functions.php | 32 +++++++++++++----------- 1 file changed, 17 insertions(+), 15 deletions(-) diff --git a/web/skins/classic/includes/functions.php b/web/skins/classic/includes/functions.php index d0ce75abb..7cc8283ac 100644 --- a/web/skins/classic/includes/functions.php +++ b/web/skins/classic/includes/functions.php @@ -19,34 +19,35 @@ // -function xhtmlHeaders( $file, $title ) { +function xhtmlHeaders($file, $title) { global $css; global $skin; global $view; # This idea is that we always include the classic css files, # and then any different skin only needs to contain things that are different. - $baseCssPhpFile = getSkinFile( 'css/base/skin.css.php' ); + $baseCssPhpFile = getSkinFile('css/base/skin.css.php'); - $skinCssPhpFile = getSkinFile( 'css/'.$css.'/skin.css.php' ); + $skinCssPhpFile = getSkinFile('css/'.$css.'/skin.css.php'); - $skinJsFile = getSkinFile( 'js/skin.js' ); - $skinJsPhpFile = getSkinFile( 'js/skin.js.php' ); - $cssJsFile = getSkinFile( 'js/'.$css.'.js' ); + $skinJsFile = getSkinFile('js/skin.js'); + $skinJsPhpFile = getSkinFile('js/skin.js.php'); + $cssJsFile = getSkinFile('js/'.$css.'.js'); - $basename = basename( $file, '.php' ); + $basename = basename($file, '.php'); - $viewCssPhpFile = getSkinFile( '/css/'.$css.'/views/'.$basename.'.css.php' ); - $viewJsFile = getSkinFile( 'views/js/'.$basename.'.js' ); - $viewJsPhpFile = getSkinFile( 'views/js/'.$basename.'.js.php' ); + $viewCssPhpFile = getSkinFile('/css/'.$css.'/views/'.$basename.'.css.php'); + $viewJsFile = getSkinFile('views/js/'.$basename.'.js'); + $viewJsPhpFile = getSkinFile('views/js/'.$basename.'.js.php'); - extract( $GLOBALS, EXTR_OVERWRITE ); - function output_link_if_exists( $files ) { + extract($GLOBALS, EXTR_OVERWRITE); + + function output_link_if_exists($files) { global $skin; $html = array(); foreach ( $files as $file ) { - if ( getSkinFile( $file ) ) { - $html[] = ''; + if ( getSkinFile($file) ) { + $html[] = ''; } } return implode("\n", $html); @@ -83,11 +84,12 @@ echo output_link_if_exists( array( 'css/'.$css.'/views/'.$basename.'.css', 'js/dateTimePicker/jquery-ui-timepicker-addon.css', 'js/jquery-ui-1.12.1/jquery-ui.structure.min.css', - 'js/jquery-ui-1.12.1/jquery-ui.theme.min.css', + #'js/jquery-ui-1.12.1/jquery-ui.theme.min.css', 'css/'.$css.'/jquery-ui-theme.css', ) ); ?> + Date: Wed, 29 May 2019 09:23:56 -0400 Subject: [PATCH 189/922] Fix +/- buttons on new line in filter not having onclick events bound --- web/skins/classic/views/js/filter.js | 5 +++++ 1 file changed, 5 insertions(+) diff --git a/web/skins/classic/views/js/filter.js b/web/skins/classic/views/js/filter.js index 8b6968668..49a882ee6 100644 --- a/web/skins/classic/views/js/filter.js +++ b/web/skins/classic/views/js/filter.js @@ -261,6 +261,11 @@ function addTerm( element ) { this[0].selected = 'selected'; }).chosen({width: '101%'}); newRow.find('input[type="text"]').val(''); + newRow[0].querySelectorAll("button[data-on-click-this]").forEach(function attachOnClick(el) { + var fnName = el.getAttribute("data-on-click-this"); + el.onclick = window[fnName].bind(el, el); + }); + var rows = $j(row).parent().children(); parseRows(rows); } From ee0c21d58768a0d5bfff5171637ddafec4ac8eaa Mon Sep 17 00:00:00 2001 From: Isaac Connor Date: Wed, 29 May 2019 10:28:25 -0400 Subject: [PATCH 190/922] Add API Enabled to User edit --- web/skins/classic/views/options.php | 2 ++ web/skins/classic/views/user.php | 9 ++++++++- 2 files changed, 10 insertions(+), 1 deletion(-) diff --git a/web/skins/classic/views/options.php b/web/skins/classic/views/options.php index ba63d01b7..ea400339a 100644 --- a/web/skins/classic/views/options.php +++ b/web/skins/classic/views/options.php @@ -156,6 +156,7 @@ foreach ( array_map('basename', glob('skins/'.$current_skin.'/css/*',GLOB_ONLYDI + @@ -191,6 +192,7 @@ foreach ( array_map('basename', glob('skins/'.$current_skin.'/css/*',GLOB_ONLYDI + disabled="disabled"/> + + + + + + From 8e0f828aa1b1257b81bcdde9165ec4a061d57565 Mon Sep 17 00:00:00 2001 From: Isaac Connor Date: Wed, 29 May 2019 10:28:42 -0400 Subject: [PATCH 191/922] Add APIEnabled to translations --- web/lang/en_gb.php | 5 +++-- 1 file changed, 3 insertions(+), 2 deletions(-) diff --git a/web/lang/en_gb.php b/web/lang/en_gb.php index e84f0c0b4..9912df4f8 100644 --- a/web/lang/en_gb.php +++ b/web/lang/en_gb.php @@ -102,10 +102,11 @@ $SLANG = array( 'AlarmRGBUnset' => 'You must set an alarm RGB colour', 'Alert' => 'Alert', 'All' => 'All', - 'AllTokensRevoked' => 'All Tokens Revoked', + 'AllTokensRevoked' => 'All Tokens Revoked', 'AnalysisFPS' => 'Analysis FPS', 'AnalysisUpdateDelay' => 'Analysis Update Delay', - 'API' => 'API', + 'API' => 'API', + 'APIEnabled' => 'API Enabled', 'Apply' => 'Apply', 'ApplyingStateChange' => 'Applying State Change', 'ArchArchived' => 'Archived Only', From 628760d5b9ad63ed7abefeab2d1ddd00beb4adee Mon Sep 17 00:00:00 2001 From: Isaac Connor Date: Wed, 29 May 2019 10:29:03 -0400 Subject: [PATCH 192/922] Spacing and braces cleanup from asker's code --- web/includes/actions/user.php | 12 +++++------- 1 file changed, 5 insertions(+), 7 deletions(-) diff --git a/web/includes/actions/user.php b/web/includes/actions/user.php index 2b520cd10..bb4f24fb8 100644 --- a/web/includes/actions/user.php +++ b/web/includes/actions/user.php @@ -32,16 +32,15 @@ if ( $action == 'user' ) { $pass_hash = '"'.password_hash($pass, PASSWORD_BCRYPT).'"'; } else { $pass_hash = ' PASSWORD('.dbEscape($_REQUEST['newUser']['Password']).') '; - ZM\Info ('Cannot use bcrypt as you are using PHP < 5.5'); + ZM\Info('Cannot use bcrypt as you are using PHP < 5.5'); } if ( $_REQUEST['newUser']['Password'] ) { $changes['Password'] = 'Password = '.$pass_hash; - ZM\Info ("PASS CMD=".$changes['Password']); - } - - else + ZM\Info('PASS CMD='.$changes['Password']); + } else { unset($changes['Password']); + } if ( count($changes) ) { if ( !empty($_REQUEST['uid']) ) { @@ -69,10 +68,9 @@ if ( $action == 'user' ) { $pass_hash = ' PASSWORD('.dbEscape($_REQUEST['newUser']['Password']).') '; ZM\Info ('Cannot use bcrypt as you are using PHP < 5.3'); } - if ( !empty($_REQUEST['newUser']['Password']) ) { - ZM\Info ("PASS CMD=".$changes['Password']); + ZM\Info('PASS CMD='.$changes['Password']); $changes['Password'] = 'Password = '.$pass_hash; } From ba96f0709c063053890a214a4000e06639e9efe4 Mon Sep 17 00:00:00 2001 From: Isaac Connor Date: Thu, 30 May 2019 09:58:54 -0400 Subject: [PATCH 193/922] fix saving user using password_hash --- web/includes/actions/user.php | 4 ++-- 1 file changed, 2 insertions(+), 2 deletions(-) diff --git a/web/includes/actions/user.php b/web/includes/actions/user.php index bb4f24fb8..988b40be1 100644 --- a/web/includes/actions/user.php +++ b/web/includes/actions/user.php @@ -28,8 +28,8 @@ if ( $action == 'user' ) { $types = array(); $changes = getFormChanges($dbUser, $_REQUEST['newUser'], $types); - if (function_exists ('password_hash')) { - $pass_hash = '"'.password_hash($pass, PASSWORD_BCRYPT).'"'; + if ( function_exists('password_hash') ) { + $pass_hash = '"'.password_hash($_REQUEST['newUser']['Password'], PASSWORD_BCRYPT).'"'; } else { $pass_hash = ' PASSWORD('.dbEscape($_REQUEST['newUser']['Password']).') '; ZM\Info('Cannot use bcrypt as you are using PHP < 5.5'); From 75ec4818a6a535ca352c0ff31e8a58ce9413d316 Mon Sep 17 00:00:00 2001 From: Isaac Connor Date: Fri, 31 May 2019 10:15:02 -0400 Subject: [PATCH 194/922] WHen saving a monitor, only start zmc and zma if appropriate --- web/includes/actions/monitor.php | 14 +++++++------- 1 file changed, 7 insertions(+), 7 deletions(-) diff --git a/web/includes/actions/monitor.php b/web/includes/actions/monitor.php index f97441fd9..6e0dc5405 100644 --- a/web/includes/actions/monitor.php +++ b/web/includes/actions/monitor.php @@ -202,16 +202,16 @@ ZM\Logger::Debug("newMonitor:". print_r($_REQUEST['newMonitor'],true)); if ( $restart ) { $new_monitor = new ZM\Monitor($mid); - //fixDevices(); - if ( $new_monitor->Type() != 'WebSite' ) { + if ( $new_monitor->Function() != 'None' and $new_monitor->Type() != 'WebSite' ) { $new_monitor->zmcControl('start'); - $new_monitor->zmaControl('start'); - } + if ( ($new_monitor->Function() == 'Modect' or $new_monitor->Function == 'Moocord') and $new_monitor->Enabled() ) + $new_monitor->zmaControl('start'); - if ( $new_monitor->Controllable() ) { - require_once('includes/control_functions.php'); - sendControlCommand($mid, 'quit'); + if ( $new_monitor->Controllable() ) { + require_once('includes/control_functions.php'); + sendControlCommand($mid, 'quit'); + } } // really should thump zmwatch and maybe zmtrigger too. //daemonControl( 'restart', 'zmwatch.pl' ); From b0869a0b130c1274baddff451d480ed0fc95d190 Mon Sep 17 00:00:00 2001 From: Isaac Connor Date: Fri, 31 May 2019 10:34:53 -0400 Subject: [PATCH 195/922] spaces and quotes --- web/includes/functions.php | 8 ++++---- 1 file changed, 4 insertions(+), 4 deletions(-) diff --git a/web/includes/functions.php b/web/includes/functions.php index 141dbfea6..29293afde 100644 --- a/web/includes/functions.php +++ b/web/includes/functions.php @@ -834,11 +834,11 @@ function daemonControl( $command, $daemon=false, $args=false ) { $string = escapeshellcmd( $string ); #$string .= ' 2>/dev/null >&- <&- >/dev/null'; ZM\Logger::Debug("daemonControl $string"); - exec( $string ); + exec($string); } function zmcControl($monitor, $mode=false) { - $Monitor = new ZM\Monitor( $monitor ); + $Monitor = new ZM\Monitor($monitor); return $Monitor->zmcControl($mode); } @@ -852,8 +852,8 @@ function initDaemonStatus() { if ( !isset($daemon_status) ) { if ( daemonCheck() ) { - $string = ZM_PATH_BIN."/zmdc.pl status"; - $daemon_status = shell_exec( $string ); + $string = ZM_PATH_BIN.'/zmdc.pl status'; + $daemon_status = shell_exec($string); } else { $daemon_status = ''; } From 274737d1b1d4388835cdab901e59ec651018140f Mon Sep 17 00:00:00 2001 From: Isaac Connor Date: Fri, 31 May 2019 10:35:18 -0400 Subject: [PATCH 196/922] Fix moocord to mocord. --- web/includes/actions/monitor.php | 12 ++++++------ 1 file changed, 6 insertions(+), 6 deletions(-) diff --git a/web/includes/actions/monitor.php b/web/includes/actions/monitor.php index 6e0dc5405..cfa5c8c62 100644 --- a/web/includes/actions/monitor.php +++ b/web/includes/actions/monitor.php @@ -20,7 +20,7 @@ // Monitor edit actions, monitor id derived, require edit permissions for that monitor if ( ! canEdit('Monitors') ) { - ZM\Warning("Monitor actions require Monitors Permissions"); + ZM\Warning('Monitor actions require Monitors Permissions'); return; } @@ -59,8 +59,8 @@ if ( $action == 'monitor' ) { if ( $_REQUEST['newMonitor']['ServerId'] == 'auto' ) { $_REQUEST['newMonitor']['ServerId'] = dbFetchOne( 'SELECT Id FROM Servers WHERE Status=\'Running\' ORDER BY FreeMem DESC, CpuLoad ASC LIMIT 1', 'Id'); - ZM\Logger::Debug('Auto selecting server: Got ' . $_REQUEST['newMonitor']['ServerId'] ); - if ( ( ! $_REQUEST['newMonitor'] ) and defined('ZM_SERVER_ID') ) { + ZM\Logger::Debug('Auto selecting server: Got ' . $_REQUEST['newMonitor']['ServerId']); + if ( ( !$_REQUEST['newMonitor'] ) and defined('ZM_SERVER_ID') ) { $_REQUEST['newMonitor']['ServerId'] = ZM_SERVER_ID; ZM\Logger::Debug('Auto selecting server to ' . ZM_SERVER_ID); } @@ -77,8 +77,8 @@ ZM\Logger::Debug("newMonitor:". print_r($_REQUEST['newMonitor'],true)); # If we change anything that changes the shared mem size, zma can complain. So let's stop first. if ( $monitor['Type'] != 'WebSite' ) { - zmaControl($monitor, 'stop'); - zmcControl($monitor, 'stop'); + $Monitor->zmaControl('stop'); + $Monitor->zmcControl('stop'); } dbQuery('UPDATE Monitors SET '.implode(', ', $changes).' WHERE Id=?', array($mid)); // Groups will be added below @@ -205,7 +205,7 @@ ZM\Logger::Debug("newMonitor:". print_r($_REQUEST['newMonitor'],true)); if ( $new_monitor->Function() != 'None' and $new_monitor->Type() != 'WebSite' ) { $new_monitor->zmcControl('start'); - if ( ($new_monitor->Function() == 'Modect' or $new_monitor->Function == 'Moocord') and $new_monitor->Enabled() ) + if ( ($new_monitor->Function() == 'Modect' or $new_monitor->Function == 'Mocord') and $new_monitor->Enabled() ) $new_monitor->zmaControl('start'); if ( $new_monitor->Controllable() ) { From eaa1939f6b95389ae378ea21a109e1390b4f1bba Mon Sep 17 00:00:00 2001 From: Isaac Connor Date: Fri, 31 May 2019 10:35:54 -0400 Subject: [PATCH 197/922] comment out debug lines --- web/includes/actions/monitor.php | 6 +++--- 1 file changed, 3 insertions(+), 3 deletions(-) diff --git a/web/includes/actions/monitor.php b/web/includes/actions/monitor.php index cfa5c8c62..9803bad59 100644 --- a/web/includes/actions/monitor.php +++ b/web/includes/actions/monitor.php @@ -68,9 +68,9 @@ if ( $action == 'monitor' ) { $columns = getTableColumns('Monitors'); $changes = getFormChanges($monitor, $_REQUEST['newMonitor'], $types, $columns); -ZM\Logger::Debug("Columns:". print_r($columns,true)); -ZM\Logger::Debug("Changes:". print_r($changes,true)); -ZM\Logger::Debug("newMonitor:". print_r($_REQUEST['newMonitor'],true)); +#ZM\Logger::Debug("Columns:". print_r($columns,true)); +#ZM\Logger::Debug("Changes:". print_r($changes,true)); +#ZM\Logger::Debug("newMonitor:". print_r($_REQUEST['newMonitor'],true)); if ( count($changes) ) { if ( $mid ) { From aefd735abb29b9d8e0400dd8a61da763d8fe5b69 Mon Sep 17 00:00:00 2001 From: Isaac Connor Date: Fri, 31 May 2019 11:00:30 -0400 Subject: [PATCH 198/922] quotes --- web/skins/classic/views/storage.php | 6 +++--- 1 file changed, 3 insertions(+), 3 deletions(-) diff --git a/web/skins/classic/views/storage.php b/web/skins/classic/views/storage.php index 93dd788b7..8cfd5cb88 100644 --- a/web/skins/classic/views/storage.php +++ b/web/skins/classic/views/storage.php @@ -18,7 +18,7 @@ // Foundation, Inc., 51 Franklin Street, Fifth Floor, Boston, MA 02110-1301 USA. // -if ( !canEdit( 'System' ) ) { +if ( !canEdit('System') ) { $view = 'error'; return; } @@ -55,12 +55,12 @@ foreach ( $servers as $S ) { } $focusWindow = true; -xhtmlHeaders(__FILE__, translate('Storage')." - ".$newStorage['Name'] ); +xhtmlHeaders(__FILE__, translate('Storage').' - '.$newStorage['Name']); ?>
From 7445f5588f4a2bf10d07651dd1e7b98734223c72 Mon Sep 17 00:00:00 2001 From: Isaac Connor Date: Fri, 31 May 2019 11:01:09 -0400 Subject: [PATCH 199/922] show storage when there are 4 areas. Used to only do it for < 4 --- web/skins/classic/includes/functions.php | 27 +++++++++++++++--------- 1 file changed, 17 insertions(+), 10 deletions(-) diff --git a/web/skins/classic/includes/functions.php b/web/skins/classic/includes/functions.php index 7cc8283ac..2debc045b 100644 --- a/web/skins/classic/includes/functions.php +++ b/web/skins/classic/includes/functions.php @@ -302,7 +302,7 @@ if ( ZM_OPT_X10 && canView('Devices') ) { ?> // if canview_reports ?>
- -

account_circle

- - + +

+ account_circle + +

+

@@ -349,7 +356,7 @@ if (isset($_REQUEST['filter']['Query']['terms']['attr'])) { } //end reload null. Runs on full page load if ( (!ZM_OPT_USE_AUTH) or $user ) { -if ($reload == 'reload') ob_start(); + if ($reload == 'reload') ob_start(); ?>

@@ -360,7 +367,7 @@ if ($reload == 'reload') ob_start();
  • trending_up :
    • -storage + storage '.$S->Name() . ': ' . $S->disk_usage_percent().'%' . ''; }; #$func = function($S){ return ''.$S->Name() . ': ' . $S->disk_usage_percent().'%' . ''; }; - if ( count($storage_areas) >= 4 ) + if ( count($storage_areas) > 4 ) $storage_areas = ZM\Storage::find( array('ServerId'=>null) ); - if ( count($storage_areas) < 4 ) + if ( count($storage_areas) <= 4 ) echo implode( ', ', array_map ( $func, $storage_areas ) ); echo ' ' . ZM_PATH_MAP .': '. getDiskPercent(ZM_PATH_MAP).'%'; ?> @@ -401,7 +408,7 @@ if ($reload == 'reload') ob_start();
From 1d132b59235286a19635096aca975e386a1c29fa Mon Sep 17 00:00:00 2001 From: Gleb Popov <6yearold@gmail.com> Date: Sun, 2 Jun 2019 00:43:29 +0400 Subject: [PATCH 200/922] When writing MP4 sample, save buffer.size() into a temporary variable before calling buffer.extract(). (#2628) --- src/zm_video.cpp | 7 ++++--- 1 file changed, 4 insertions(+), 3 deletions(-) diff --git a/src/zm_video.cpp b/src/zm_video.cpp index 07bedc683..309c507c0 100644 --- a/src/zm_video.cpp +++ b/src/zm_video.cpp @@ -101,7 +101,7 @@ X264MP4Writer::X264MP4Writer( Error("Failed init swscaleobj"); return; } - + swscaleobj.SetDefaults(zm_pf, codec_pf, width, height); /* Calculate the image sizes. We will need this for parameter checking */ @@ -458,11 +458,12 @@ int X264MP4Writer::x264encodeloop(bool bFlush) { /* Write the sample */ if ( !buffer.empty() ) { + unsigned int bufSize = buffer.size(); if ( !MP4WriteSample( mp4h, mp4vtid, - buffer.extract(buffer.size()), - buffer.size(), + buffer.extract(bufSize), + bufSize, duration, offset, prevKeyframe) ) { From 0699b210174d22c28879822ed16dc56cdc8b159f Mon Sep 17 00:00:00 2001 From: Isaac Connor Date: Mon, 3 Jun 2019 09:45:50 -0400 Subject: [PATCH 201/922] Remove libjson-any-perl as a dependency. Fixes #2630 --- distros/debian/control | 4 ++-- distros/ubuntu1204/control | 3 +-- distros/ubuntu1604/control | 3 +-- 3 files changed, 4 insertions(+), 6 deletions(-) diff --git a/distros/debian/control b/distros/debian/control index 3296b88c3..6bb59f206 100644 --- a/distros/debian/control +++ b/distros/debian/control @@ -21,7 +21,7 @@ Build-Depends: debhelper (>= 9), cmake , libphp-serialization-perl , libdate-manip-perl, libmime-lite-perl, libmime-tools-perl, libdbd-mysql-perl , libwww-perl, libarchive-tar-perl, libarchive-zip-perl, libdevice-serialport-perl - , libmodule-load-perl, libsys-mmap-perl, libjson-any-perl + , libmodule-load-perl, libsys-mmap-perl, libjson-maybexs-perl , libnet-sftp-foreign-perl, libio-pty-perl, libexpect-perl , libdata-dump-perl, libclass-std-fast-perl, libsoap-wsdl-perl, libio-socket-multicast-perl, libdigest-sha-perl , libsys-cpu-perl, libsys-meminfo-perl @@ -39,7 +39,7 @@ Depends: ${shlibs:Depends}, ${misc:Depends}, ${perl:Depends} , libphp-serialization-perl , libdate-manip-perl, libmime-lite-perl, libmime-tools-perl, libdbd-mysql-perl , libwww-perl, libarchive-tar-perl, libarchive-zip-perl, libdevice-serialport-perl - , libmodule-load-perl, libsys-mmap-perl, libjson-any-perl, libjson-maybexs-perl + , libmodule-load-perl, libsys-mmap-perl, libjson-maybexs-perl , libnet-sftp-foreign-perl, libio-pty-perl, libexpect-perl , libdata-dump-perl, libclass-std-fast-perl, libsoap-wsdl-perl, libio-socket-multicast-perl, libdigest-sha-perl , libsys-cpu-perl, libsys-meminfo-perl diff --git a/distros/ubuntu1204/control b/distros/ubuntu1204/control index 9e54e2aa3..cc6158334 100644 --- a/distros/ubuntu1204/control +++ b/distros/ubuntu1204/control @@ -52,7 +52,6 @@ Depends: ${shlibs:Depends}, ${misc:Depends}, ${perl:Depends} ,libdbd-mysql-perl ,libdevice-serialport-perl ,libimage-info-perl - ,libjson-any-perl ,libjson-maybexs-perl ,libsys-mmap-perl [!hurd-any] ,liburi-encode-perl @@ -98,7 +97,7 @@ Description: video camera security and surveillance solution # ,libdbd-mysql-perl # ,libdevice-serialport-perl # ,libimage-info-perl -# ,libjson-any-perl +# ,libjson-maybexs-perl # ,libsys-mmap-perl [!hurd-any] # ,liburi-encode-perl # ,libwww-perl diff --git a/distros/ubuntu1604/control b/distros/ubuntu1604/control index 7926fc346..68bc1757f 100644 --- a/distros/ubuntu1604/control +++ b/distros/ubuntu1604/control @@ -58,7 +58,6 @@ Depends: ${shlibs:Depends}, ${misc:Depends}, ${perl:Depends} ,libdbd-mysql-perl ,libdevice-serialport-perl ,libimage-info-perl - ,libjson-any-perl ,libjson-maybexs-perl ,libsys-mmap-perl [!hurd-any] ,liburi-encode-perl @@ -109,7 +108,7 @@ Description: video camera security and surveillance solution # ,libdbd-mysql-perl # ,libdevice-serialport-perl # ,libimage-info-perl -# ,libjson-any-perl +# ,libjson-maybexs-perl # ,libsys-mmap-perl [!hurd-any] # ,liburi-encode-perl # ,libwww-perl From 983da41c7a0be18ef833b54f213a71b4d1255b90 Mon Sep 17 00:00:00 2001 From: Isaac Connor Date: Mon, 3 Jun 2019 09:46:28 -0400 Subject: [PATCH 202/922] Reduce log level for filter execution from Info to Debug --- scripts/zmfilter.pl.in | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/scripts/zmfilter.pl.in b/scripts/zmfilter.pl.in index 82e2bfdbb..6540413b7 100644 --- a/scripts/zmfilter.pl.in +++ b/scripts/zmfilter.pl.in @@ -271,7 +271,7 @@ sub checkFilter { my $filter = shift; my @Events = $filter->Execute(); - Info( + Debug( join(' ', 'Checking filter', $filter->{Name}, join(', ', From a6f330385907d5258488ed3f0a8c657dba211f2e Mon Sep 17 00:00:00 2001 From: Tom Hodder Date: Tue, 4 Jun 2019 15:05:08 +0100 Subject: [PATCH 203/922] add options help to linked monitors option (#2633) * add options help to linked monitors option * fix typo and clarify instructions for new widget --- web/lang/en_gb.php | 11 +++++++++++ web/skins/classic/views/monitor.php | 2 +- 2 files changed, 12 insertions(+), 1 deletion(-) diff --git a/web/lang/en_gb.php b/web/lang/en_gb.php index 9912df4f8..4001c456e 100644 --- a/web/lang/en_gb.php +++ b/web/lang/en_gb.php @@ -1016,6 +1016,17 @@ $OLANG = array( for new images. In this case, it is safe to use the field. ' ), + 'OPTIONS_LINKED_MONITORS' => array( + 'Help' => ' + This field allows you to select other monitors on your system that act as + triggers for this monitor. So if you have a camera covering one aspect of + your property you can force all cameras to record while that camera + detects motion or other events. Click on ‘Select’ to choose linked monitors. + Be very careful not to create circular dependencies with this feature + because you will have infinitely persisting alarms which is almost + certainly not what you want! To unlink monitors you can ctrl-click. + ' + ), // 'LANG_DEFAULT' => array( // 'Prompt' => "This is a new prompt for this option", diff --git a/web/skins/classic/views/monitor.php b/web/skins/classic/views/monitor.php index c70893778..1430b93bf 100644 --- a/web/skins/classic/views/monitor.php +++ b/web/skins/classic/views/monitor.php @@ -716,7 +716,7 @@ switch ( $tab ) { if ( $monitor->Type != 'WebSite' ) { ?> - +  () V4LMultiBuffer() == 1 ? 'checked="checked"' : '' ) ?>/> + V4LMultiBuffer() == '1' ? 'checked="checked"' : '' ) ?>/> - V4LMultiBuffer() == 0 ? 'checked="checked"' : '' ) ?>/> + V4LMultiBuffer() == '0' ? 'checked="checked"' : '' ) ?>/> V4LMultiBuffer() ? 'checked="checked"' : '' ) ?>/> From b254e1e39269734bc082c6788ea3c2c7ebcc681e Mon Sep 17 00:00:00 2001 From: "fri.K" Date: Thu, 6 Jun 2019 18:58:33 +0200 Subject: [PATCH 215/922] For column name title field should be taken instead of array name (#2635) --- web/skins/classic/views/console.php | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/web/skins/classic/views/console.php b/web/skins/classic/views/console.php index 5353b3412..c4c99e166 100644 --- a/web/skins/classic/views/console.php +++ b/web/skins/classic/views/console.php @@ -214,7 +214,7 @@ ob_start(); '. $j .''; + echo ''. $eventCounts[$j]['title'] .''; } ?> From dfc60baf85067afb21714473d62f792154420264 Mon Sep 17 00:00:00 2001 From: Isaac Connor Date: Thu, 6 Jun 2019 13:40:00 -0400 Subject: [PATCH 216/922] fix eslint spacing --- web/skins/classic/views/js/log.js | 8 ++++---- 1 file changed, 4 insertions(+), 4 deletions(-) diff --git a/web/skins/classic/views/js/log.js b/web/skins/classic/views/js/log.js index 3130bef54..369462a9d 100644 --- a/web/skins/classic/views/js/log.js +++ b/web/skins/classic/views/js/log.js @@ -27,10 +27,10 @@ var options = {}; function escapeHtml(unsafe) { return unsafe - .replace(/&/g, "&") - .replace(//g, ">") - .replace(/"/g, """) + .replace(/&/g, "&") + .replace(//g, ">") + .replace(/"/g, """) .replace(/'/g, "'"); } From a16d29740cc704c63713b4b36fd48cfe13b0d50b Mon Sep 17 00:00:00 2001 From: Isaac Connor Date: Thu, 6 Jun 2019 13:49:01 -0400 Subject: [PATCH 217/922] Fix final frame of event having same id as the second last --- src/zm_event.cpp | 8 +++++--- 1 file changed, 5 insertions(+), 3 deletions(-) diff --git a/src/zm_event.cpp b/src/zm_event.cpp index 330f421eb..108aed5c6 100644 --- a/src/zm_event.cpp +++ b/src/zm_event.cpp @@ -87,7 +87,7 @@ Event::Event( char sql[ZM_SQL_MED_BUFSIZ]; struct tm *stime = localtime(&start_time.tv_sec); - snprintf( sql, sizeof(sql), "INSERT INTO Events ( MonitorId, StorageId, Name, StartTime, Width, Height, Cause, Notes, StateId, Orientation, Videoed, DefaultVideo, SaveJPEGs, Scheme ) values ( %d, %d, 'New Event', from_unixtime( %ld ), %d, %d, '%s', '%s', %d, %d, %d, '', %d, '%s' )", + snprintf(sql, sizeof(sql), "INSERT INTO Events ( MonitorId, StorageId, Name, StartTime, Width, Height, Cause, Notes, StateId, Orientation, Videoed, DefaultVideo, SaveJPEGs, Scheme ) values ( %d, %d, 'New Event', from_unixtime( %ld ), %d, %d, '%s', '%s', %d, %d, %d, '', %d, '%s' )", monitor->Id(), storage->Id(), start_time.tv_sec, @@ -247,6 +247,7 @@ Event::~Event() { Debug(2, "start_time:%d.%d end_time%d.%d", start_time.tv_sec, start_time.tv_usec, end_time.tv_sec, end_time.tv_usec); if ( frames > last_db_frame ) { + frames ++; Debug(1, "Adding closing frame %d to DB", frames); frame_data.push(new Frame(id, frames, NORMAL, end_time, delta_time, 0)); } @@ -484,7 +485,8 @@ void Event::AddFramesInternal( int n_frames, int start_frame, Image **images, st } int sql_len = strlen(sql); - snprintf(sql+sql_len, sizeof(sql)-sql_len, "( %" PRIu64 ", %d, from_unixtime(%ld), %s%ld.%02ld ), ", id, frames, timestamps[i]->tv_sec, delta_time.positive?"":"-", delta_time.sec, delta_time.fsec); + snprintf(sql+sql_len, sizeof(sql)-sql_len, "( %" PRIu64 ", %d, from_unixtime(%ld), %s%ld.%02ld ), ", + id, frames, timestamps[i]->tv_sec, delta_time.positive?"":"-", delta_time.sec, delta_time.fsec); frameCount++; } // end foreach frame @@ -493,7 +495,7 @@ void Event::AddFramesInternal( int n_frames, int start_frame, Image **images, st Debug(1, "Adding %d/%d frames to DB", frameCount, n_frames); *(sql+strlen(sql)-2) = '\0'; db_mutex.lock(); - if ( mysql_query( &dbconn, sql ) ) { + if ( mysql_query(&dbconn, sql) ) { Error("Can't insert frames: %s, sql was (%s)", mysql_error(&dbconn), sql); } db_mutex.unlock(); From 9b507734b2c74af2a6d22422261e8643e784ee2d Mon Sep 17 00:00:00 2001 From: Isaac Connor Date: Thu, 6 Jun 2019 13:49:24 -0400 Subject: [PATCH 218/922] spacing --- web/skins/classic/views/frames.php | 14 +++++++------- 1 file changed, 7 insertions(+), 7 deletions(-) diff --git a/web/skins/classic/views/frames.php b/web/skins/classic/views/frames.php index 78239b1b1..17ed9c2f2 100644 --- a/web/skins/classic/views/frames.php +++ b/web/skins/classic/views/frames.php @@ -33,14 +33,14 @@ if ( isset( $_REQUEST['scale'] ) ) { } else if ( isset( $_COOKIE['zmWatchScale'] ) ) { $scale = validNum($_COOKIE['zmWatchScale']); } else { - $scale = max( reScale( SCALE_BASE, $Monitor->DefaultScale(), ZM_WEB_DEFAULT_SCALE ), SCALE_BASE ); + $scale = max(reScale(SCALE_BASE, $Monitor->DefaultScale(), ZM_WEB_DEFAULT_SCALE), SCALE_BASE); } -$sql = 'SELECT *, unix_timestamp( TimeStamp ) AS UnixTimeStamp FROM Frames WHERE EventID = ? ORDER BY FrameId'; -$frames = dbFetchAll( $sql, NULL, array( $_REQUEST['eid'] ) ); +$sql = 'SELECT *, unix_timestamp(TimeStamp) AS UnixTimeStamp FROM Frames WHERE EventID = ? ORDER BY FrameId'; +$frames = dbFetchAll($sql, NULL, array($_REQUEST['eid'])); $focusWindow = true; -xhtmlHeaders(__FILE__, translate('Frames').' - '.$Event->Id() ); +xhtmlHeaders(__FILE__, translate('Frames').' - '.$Event->Id()); ?>
@@ -87,12 +87,12 @@ if ( count($frames) ) { $frame['FrameId']) ?> - + - Id().'&fid='.$frame['FrameId'], 'zmStats', 'stats', $frame['Score'] ) ?> + Id().'&fid='.$frame['FrameId'], 'zmStats', 'stats', $frame['Score']) ?> @@ -101,7 +101,7 @@ if ( count($frames) ) { } if ( ZM_WEB_LIST_THUMBS ) { ?> - Id().'&fid='.$frame['FrameId'], 'zmImage', array( 'image', $Event->Width(), $Event->Height() ), 'Id().'&fid='.$frame['FrameId'], 'zmImage', array('image', $Event->Width(), $Event->Height()), ' Date: Fri, 7 Jun 2019 14:07:23 -0400 Subject: [PATCH 219/922] spacing and quotes --- web/ajax/stream.php | 53 +++++++++++++++++++++++---------------------- 1 file changed, 27 insertions(+), 26 deletions(-) diff --git a/web/ajax/stream.php b/web/ajax/stream.php index f37012e54..910b18cb5 100644 --- a/web/ajax/stream.php +++ b/web/ajax/stream.php @@ -21,38 +21,38 @@ if ( sem_acquire($semaphore,1) !== false ) { } $localSocketFile = ZM_PATH_SOCKS.'/zms-'.sprintf('%06d',$_REQUEST['connkey']).'w.sock'; - if ( file_exists( $localSocketFile ) ) { + if ( file_exists($localSocketFile) ) { ZM\Warning("sock file $localSocketFile already exists?! Is someone else talking to zms?"); // They could be. We can maybe have concurrent requests from a browser. } - if ( !socket_bind( $socket, $localSocketFile ) ) { - ajaxError("socket_bind( $localSocketFile ) failed: ".socket_strerror(socket_last_error()) ); + if ( !socket_bind($socket, $localSocketFile) ) { + ajaxError("socket_bind( $localSocketFile ) failed: ".socket_strerror(socket_last_error())); } switch ( $_REQUEST['command'] ) { case CMD_VARPLAY : - ZM\Logger::Debug( 'Varplaying to '.$_REQUEST['rate'] ); - $msg = pack( 'lcn', MSG_CMD, $_REQUEST['command'], $_REQUEST['rate']+32768 ); + ZM\Logger::Debug('Varplaying to '.$_REQUEST['rate']); + $msg = pack('lcn', MSG_CMD, $_REQUEST['command'], $_REQUEST['rate']+32768); break; case CMD_ZOOMIN : - ZM\Logger::Debug( 'Zooming to '.$_REQUEST['x'].','.$_REQUEST['y'] ); - $msg = pack( 'lcnn', MSG_CMD, $_REQUEST['command'], $_REQUEST['x'], $_REQUEST['y'] ); + ZM\Logger::Debug('Zooming to '.$_REQUEST['x'].','.$_REQUEST['y']); + $msg = pack('lcnn', MSG_CMD, $_REQUEST['command'], $_REQUEST['x'], $_REQUEST['y']); break; case CMD_PAN : - ZM\Logger::Debug( 'Panning to '.$_REQUEST['x'].','.$_REQUEST['y'] ); - $msg = pack( 'lcnn', MSG_CMD, $_REQUEST['command'], $_REQUEST['x'], $_REQUEST['y'] ); + ZM\Logger::Debug('Panning to '.$_REQUEST['x'].','.$_REQUEST['y']); + $msg = pack('lcnn', MSG_CMD, $_REQUEST['command'], $_REQUEST['x'], $_REQUEST['y']); break; case CMD_SCALE : - ZM\Logger::Debug( 'Scaling to '.$_REQUEST['scale'] ); - $msg = pack( 'lcn', MSG_CMD, $_REQUEST['command'], $_REQUEST['scale'] ); + ZM\Logger::Debug('Scaling to '.$_REQUEST['scale']); + $msg = pack('lcn', MSG_CMD, $_REQUEST['command'], $_REQUEST['scale']); break; case CMD_SEEK : - ZM\Logger::Debug( 'Seeking to '.$_REQUEST['offset'] ); - $msg = pack( 'lcN', MSG_CMD, $_REQUEST['command'], $_REQUEST['offset'] ); + ZM\Logger::Debug('Seeking to '.$_REQUEST['offset']); + $msg = pack('lcN', MSG_CMD, $_REQUEST['command'], $_REQUEST['offset']); break; default : ZM\Logger::Debug('Sending command ' . $_REQUEST['command']); - $msg = pack( 'lc', MSG_CMD, $_REQUEST['command'] ); + $msg = pack('lc', MSG_CMD, $_REQUEST['command']); break; } @@ -60,7 +60,8 @@ if ( sem_acquire($semaphore,1) !== false ) { // Pi can take up to 3 seconds for zms to start up. $max_socket_tries = 1000; // FIXME This should not exceed web_ajax_timeout - while ( !file_exists($remSockFile) && $max_socket_tries-- ) { //sometimes we are too fast for our own good, if it hasn't been setup yet give it a second. + while ( !file_exists($remSockFile) && $max_socket_tries-- ) { + //sometimes we are too fast for our own good, if it hasn't been setup yet give it a second. // WHY? We will just send another one... // ANSWER: Because otherwise we get a log of errors logged @@ -71,27 +72,27 @@ if ( sem_acquire($semaphore,1) !== false ) { if ( !file_exists($remSockFile) ) { ajaxError("Socket $remSockFile does not exist. This file is created by zms, and since it does not exist, either zms did not run, or zms exited early. Please check your zms logs and ensure that CGI is enabled in apache and check that the PATH_ZMS is set correctly. Make sure that ZM is actually recording. If you are trying to view a live stream and the capture process (zmc) is not running then zms will exit. Please go to http://zoneminder.readthedocs.io/en/latest/faq.html#why-can-t-i-see-streamed-images-when-i-can-see-stills-in-the-zone-window-etc for more information."); } else { - if ( !@socket_sendto( $socket, $msg, strlen($msg), 0, $remSockFile ) ) { - ajaxError( "socket_sendto( $remSockFile ) failed: ".socket_strerror(socket_last_error()) ); + if ( !@socket_sendto($socket, $msg, strlen($msg), 0, $remSockFile) ) { + ajaxError("socket_sendto( $remSockFile ) failed: ".socket_strerror(socket_last_error())); } } - $rSockets = array( $socket ); + $rSockets = array($socket); $wSockets = NULL; $eSockets = NULL; $timeout = MSG_TIMEOUT - ( time() - $start_time ); - $numSockets = socket_select( $rSockets, $wSockets, $eSockets, intval($timeout/1000), ($timeout%1000)*1000 ); + $numSockets = socket_select($rSockets, $wSockets, $eSockets, intval($timeout/1000), ($timeout%1000)*1000); if ( $numSockets === false ) { - ZM\Error('socket_select failed: ' . socket_strerror(socket_last_error()) ); - ajaxError( 'socket_select failed: '.socket_strerror(socket_last_error()) ); + ZM\Error('socket_select failed: ' . socket_strerror(socket_last_error())); + ajaxError('socket_select failed: '.socket_strerror(socket_last_error())); } else if ( $numSockets < 0 ) { - ZM\Error( "Socket closed $remSockFile" ); - ajaxError( "Socket closed $remSockFile" ); + ZM\Error("Socket closed $remSockFile"); + ajaxError("Socket closed $remSockFile"); } else if ( $numSockets == 0 ) { - ZM\Error( "Timed out waiting for msg $remSockFile" ); + ZM\Error("Timed out waiting for msg $remSockFile"); socket_set_nonblock($socket); #ajaxError("Timed out waiting for msg $remSockFile"); } else if ( $numSockets > 0 ) { @@ -101,7 +102,7 @@ if ( sem_acquire($semaphore,1) !== false ) { } } - switch( $nbytes = @socket_recvfrom( $socket, $msg, MSG_DATA_SIZE, 0, $remSockFile ) ) { + switch( $nbytes = @socket_recvfrom($socket, $msg, MSG_DATA_SIZE, 0, $remSockFile) ) { case -1 : ajaxError("socket_recvfrom( $remSockFile ) failed: ".socket_strerror(socket_last_error())); break; @@ -157,7 +158,7 @@ if ( sem_acquire($semaphore,1) !== false ) { } sem_release($semaphore); } else { - ZM\Logger::Debug("Couldn't get semaphore"); + ZM\Logger::Debug('Couldn\'t get semaphore'); ajaxResponse(array()); } From 2e624522c7ea016b684d15c4496a84772d640149 Mon Sep 17 00:00:00 2001 From: Isaac Connor Date: Mon, 10 Jun 2019 09:43:56 -0400 Subject: [PATCH 220/922] fixes #2294 (#2637) --- scripts/zmfilter.pl.in | 4 ++-- 1 file changed, 2 insertions(+), 2 deletions(-) diff --git a/scripts/zmfilter.pl.in b/scripts/zmfilter.pl.in index 6540413b7..6527742c8 100644 --- a/scripts/zmfilter.pl.in +++ b/scripts/zmfilter.pl.in @@ -448,10 +448,10 @@ sub generateImage { } elsif ( -r $capture_image_path ) { $image_path = $capture_image_path; } elsif ( -r $video_path ) { - my $command ="ffmpeg -ss $$frame{Delta} -i '$video_path' -frames:v 1 '$capture_image_path'"; + my $command ="ffmpeg -nostdin -ss $$frame{Delta} -i '$video_path' -frames:v 1 '$capture_image_path'"; #$command = "ffmpeg -y -v 0 -i $video_path -vf 'select=gte(n\\,$$frame{FrameId}),setpts=PTS-STARTPTS' -vframes 1 -f image2 $capture_image_path"; my $output = qx($command); - chomp( $output ); + chomp($output); my $status = $? >> 8; if ( $status || logDebugging() ) { Debug("Output: $output"); From ebc9a77c9ddbba351130bb3ef1020742b8efaf4c Mon Sep 17 00:00:00 2001 From: Isaac Connor Date: Mon, 10 Jun 2019 12:57:57 -0400 Subject: [PATCH 221/922] When saving jpegs, do a db write on the first frame. Fix test for writing frame info to db. Because we increment frames, it is essentially 1-based. So the test needs to be ==1 instead of ! --- src/zm_event.cpp | 4 +++- 1 file changed, 3 insertions(+), 1 deletion(-) diff --git a/src/zm_event.cpp b/src/zm_event.cpp index 108aed5c6..dba7d1c52 100644 --- a/src/zm_event.cpp +++ b/src/zm_event.cpp @@ -543,6 +543,8 @@ void Event::AddFrame(Image *image, struct timeval timestamp, int score, Image *a bool write_to_db = false; if ( monitor->GetOptSaveJPEGs() & 1 ) { + if ( frames == 1 ) + write_to_db = true; // web ui might show this as thumbnail, so db needs to know about it. static char event_file[PATH_MAX]; snprintf(event_file, sizeof(event_file), staticConfig.capture_file_format, path, frames); Debug(1, "Writing capture frame %d to %s", frames, event_file); @@ -574,7 +576,7 @@ void Event::AddFrame(Image *image, struct timeval timestamp, int score, Image *a if ( score < 0 ) score = 0; - bool db_frame = ( frame_type != BULK ) || (!frames) || ((frames%config.bulk_frame_interval)==0) ; + bool db_frame = ( frame_type != BULK ) || (frames==1) || ((frames%config.bulk_frame_interval)==0) ; if ( db_frame ) { static char sql[ZM_SQL_MED_BUFSIZ]; From 50436c5ea13ba8a3413b95623d39676a1c71f446 Mon Sep 17 00:00:00 2001 From: Isaac Connor Date: Mon, 10 Jun 2019 13:59:01 -0400 Subject: [PATCH 222/922] Correct debug line listing how many frames are being written to db --- src/zm_event.cpp | 4 ++-- 1 file changed, 2 insertions(+), 2 deletions(-) diff --git a/src/zm_event.cpp b/src/zm_event.cpp index dba7d1c52..04d873446 100644 --- a/src/zm_event.cpp +++ b/src/zm_event.cpp @@ -583,14 +583,14 @@ void Event::AddFrame(Image *image, struct timeval timestamp, int score, Image *a frame_data.push(new Frame(id, frames, frame_type, timestamp, delta_time, score)); if ( write_to_db || ( frame_data.size() > 20 ) ) { WriteDbFrames(); - Debug(1, "Adding 20 frames to DB"); + Debug(1, "Adding %d frames to DB", frame_data.size()); last_db_frame = frames; } // We are writing a Bulk frame if ( frame_type == BULK ) { snprintf(sql, sizeof(sql), - "UPDATE Events SET Length = %s%ld.%02ld, Frames = %d, AlarmFrames = %d, TotScore = %d, AvgScore = %d, MaxScore = %d where Id = %" PRIu64, + "UPDATE Events SET Length = %s%ld.%02ld, Frames = %d, AlarmFrames = %d, TotScore = %d, AvgScore = %d, MaxScore = %d WHERE Id = %" PRIu64, ( delta_time.positive?"":"-" ), delta_time.sec, delta_time.fsec, frames, From ee80b086af98cda1bfa50280dd5f443c938b968d Mon Sep 17 00:00:00 2001 From: Isaac Connor Date: Mon, 10 Jun 2019 14:13:21 -0400 Subject: [PATCH 223/922] log the # of db entries being written before doing the writing so that we know the # being written --- src/zm_event.cpp | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/src/zm_event.cpp b/src/zm_event.cpp index 04d873446..037cfac50 100644 --- a/src/zm_event.cpp +++ b/src/zm_event.cpp @@ -582,8 +582,8 @@ void Event::AddFrame(Image *image, struct timeval timestamp, int score, Image *a frame_data.push(new Frame(id, frames, frame_type, timestamp, delta_time, score)); if ( write_to_db || ( frame_data.size() > 20 ) ) { - WriteDbFrames(); Debug(1, "Adding %d frames to DB", frame_data.size()); + WriteDbFrames(); last_db_frame = frames; } From 1749a7a4f964e0eae6f2f69b3d303d12b8e8a458 Mon Sep 17 00:00:00 2001 From: Isaac Connor Date: Mon, 10 Jun 2019 15:57:53 -0400 Subject: [PATCH 224/922] fix extra closing button tag in shutdown button. Add a newline after each Storage group to make the code easier to read --- web/skins/classic/includes/functions.php | 5 +++-- 1 file changed, 3 insertions(+), 2 deletions(-) diff --git a/web/skins/classic/includes/functions.php b/web/skins/classic/includes/functions.php index 2debc045b..fc62a504c 100644 --- a/web/skins/classic/includes/functions.php +++ b/web/skins/classic/includes/functions.php @@ -341,7 +341,7 @@ if ( canEdit('System') ) {

- power_settings_new' ) ?> + power_settings_new' ) ?>

@@ -394,7 +394,8 @@ if ( (!ZM_OPT_USE_AUTH) or $user ) { $title = human_filesize($S->disk_used_space()) . ' of ' . human_filesize($S->disk_total_space()). ( ( $S->disk_used_space() != $S->event_disk_space() ) ? ' ' .human_filesize($S->event_disk_space()) . ' used by events' : '' ); - return ''.$S->Name() . ': ' . $S->disk_usage_percent().'%' . ''; }; + return ''.$S->Name() . ': ' . $S->disk_usage_percent().'%' . ' +'; }; #$func = function($S){ return ''.$S->Name() . ': ' . $S->disk_usage_percent().'%' . ''; }; if ( count($storage_areas) > 4 ) $storage_areas = ZM\Storage::find( array('ServerId'=>null) ); From 265e49fe45bfba024c72199d301d084452ed6603 Mon Sep 17 00:00:00 2001 From: Isaac Connor Date: Mon, 10 Jun 2019 15:58:17 -0400 Subject: [PATCH 225/922] Add a newline after each filter group to make the code easier to read --- web/skins/classic/views/_monitor_filters.php | 24 +++++++++++++------- 1 file changed, 16 insertions(+), 8 deletions(-) diff --git a/web/skins/classic/views/_monitor_filters.php b/web/skins/classic/views/_monitor_filters.php index 3e149cfba..1d07e3d3a 100644 --- a/web/skins/classic/views/_monitor_filters.php +++ b/web/skins/classic/views/_monitor_filters.php @@ -63,7 +63,8 @@ if ( count($GroupsById) ) { $group_id = isset($_SESSION['Group']) ? $_SESSION['Group'] : null; $html .= ZM\Group::get_group_dropdown(); $groupSql = ZM\Group::get_group_sql($group_id); - $html .= ''; + $html .= ' +'; } $selected_monitor_ids = isset($_SESSION['MonitorId']) ? $_SESSION['MonitorId'] : array(); @@ -95,7 +96,8 @@ if ( ! empty($user['MonitorIds']) ) { $html .= ''; $html .= ''; -$html .= ''; +$html .= ' +'; $Functions = array(); foreach ( getEnumValues('Monitors', 'Function') as $optFunction ) { @@ -112,7 +114,8 @@ $html .= htmlSelect('Function[]', $Functions, 'data-placeholder'=>'All', ) ); -$html .= ''; +$html .= ' +'; if ( count($ServersById) > 1 ) { $html .= ''; @@ -125,7 +128,8 @@ if ( count($ServersById) > 1 ) { 'data-placeholder'=>'All', ) ); - $html .= ''; + $html .= ' +'; } # end if have Servers if ( count($StorageById) > 1 ) { @@ -138,7 +142,8 @@ if ( count($StorageById) > 1 ) { 'multiple'=>'multiple', 'data-placeholder'=>'All', ) ); - $html .= ''; + $html .= ' +'; } # end if have Storage Areas $html .= ''; @@ -156,11 +161,13 @@ $html .= htmlSelect( 'Status[]', $status_options, 'multiple'=>'multiple', 'data-placeholder'=>'All' ) ); - $html .= ''; +$html .= ' +'; $html .= ''; $html .= ''; - $html .= ''; + $html .= ' +'; $sql = 'SELECT *,S.Status AS Status, S.CaptureFPS AS CaptureFPS, S.AnalysisFPS AS AnalysisFPS, S.CaptureBandwidth AS CaptureBandwidth FROM Monitors AS M LEFT JOIN Monitor_Status AS S ON MonitorId=Id ' . @@ -243,7 +250,8 @@ $html .= htmlSelect( 'Status[]', $status_options, ) ); # Repurpose this variable to be the list of MonitorIds as a result of all the filtering $selected_monitor_ids = array_map(function($monitor_row){return $monitor_row['Id'];}, $displayMonitors); - $html .= ''; +$html .= ' +'; echo $html; ?>
From 1eadb814e24c7fb356543b95c399b41576da396a Mon Sep 17 00:00:00 2001 From: Isaac Connor Date: Mon, 10 Jun 2019 15:59:19 -0400 Subject: [PATCH 226/922] Fix use of onclick and onchange. Fix bulk frame lookup. Make scanning events more efficient --- web/skins/classic/views/js/montagereview.js | 117 ++++++++++----- .../classic/views/js/montagereview.js.php | 26 +++- web/skins/classic/views/montagereview.php | 138 +++++++++--------- 3 files changed, 171 insertions(+), 110 deletions(-) diff --git a/web/skins/classic/views/js/montagereview.js b/web/skins/classic/views/js/montagereview.js index f21b59baa..e3b07e5f3 100644 --- a/web/skins/classic/views/js/montagereview.js +++ b/web/skins/classic/views/js/montagereview.js @@ -45,51 +45,81 @@ function evaluateLoadTimes() { $('fps').innerHTML="Display refresh rate is " + (1000 / currentDisplayInterval).toFixed(1) + " per second, avgFrac=" + avgFrac.toFixed(3) + "."; } // end evaluateLoadTimes() -function getFrame( monId, time ) { +function getFrame(monId, time, last_Frame=null) { + if ( last_Frame ) { + if ( + (last_Frame.TimeStampSecs <= time) + && + (last_Frame.EndTimeStampSecs >= time) + ) { + return last_Frame; + } + } + + var events_for_monitor = events_by_monitor_id[monId]; + if ( ! events_for_monitor ) { + console.log("No events for monitor " + monId); + return; + } + var Frame = null; - for ( var event_id in events ) { + for ( var i = 0; i < events_for_monitor.length; i++ ) { + //for ( var event_id_idx in events_for_monitor ) { + var event_id = events_for_monitor[i]; // Search for the event matching this time. Would be more efficient if we had events indexed by monitor - Event = events[event_id]; - if ( Event.MonitorId != monId || Event.StartTimeSecs > time || Event.EndTimeSecs < time ) { + e = events[event_id]; + if ( !e ) { + console.log("No event found for " + event_id); + break; + } + if ( e.MonitorId != monId || e.StartTimeSecs > time || e.EndTimeSecs < time ) { + //console.log("Event not for " + time); continue; } - var duration = Event.EndTimeSecs - Event.StartTimeSecs; - if ( ! Event.FramesById ) { + if ( !e.FramesById ) { console.log("No FramesById for event " + event_id); return; } - var frame = parseInt((time - Event.StartTimeSecs)/(duration)*Object.keys(Event.FramesById).length)+1; - // Need to get frame by time, not some fun calc that assumes frames have the same mlength. - // Frames are not sorted. - for ( var frame_id in Event.FramesById ) { + var duration = e.EndTimeSecs - e.StartTimeSecs; + + // I think this is an estimate to jump near the desired frame. + var frame = parseInt((time - e.StartTimeSecs)/(duration)*Object.keys(e.FramesById).length)+1; + //console.log("frame_id for " + time + " is " + frame); + + // Need to get frame by time, not some fun calc that assumes frames have the same length. + // Frames are sorted in descreasing order (or not sorted). + // This is likely not efficient. Would be better to start at the last frame viewed, see if it is still relevant + // Then move forward or backwards as appropriate + + for ( var frame_id in e.FramesById ) { if ( 0 ) { if ( frame == 0 ) { - console.log("Found frame for time " + time ); + console.log("Found frame for time " + time); console.log(Frame); - Frame = Event.FramesById[frame_id]; + Frame = e.FramesById[frame_id]; break; } frame --; continue; } if ( - Event.FramesById[frame_id].TimeStampSecs == time + e.FramesById[frame_id].TimeStampSecs == time || ( - Event.FramesById[frame_id].TimeStampSecs < time + e.FramesById[frame_id].TimeStampSecs < time && ( - (!Event.FramesById[frame_id].NextTimeStampSecs) + (!e.FramesById[frame_id].NextTimeStampSecs) // only if event.EndTime is null || - (Event.FramesById[frame_id].NextTimeStampSecs > time) + (e.FramesById[frame_id].NextTimeStampSecs > time) ) ) ) { - Frame = Event.FramesById[frame_id]; + Frame = e.FramesById[frame_id]; break; } } // end foreach frame in the event. - if ( ! Frame ) { - console.log("Didn't find frame for " + time ); + if ( !Frame ) { + console.log("Didn't find frame for " + time); return null; } } // end foreach event @@ -97,11 +127,11 @@ function getFrame( monId, time ) { } // time is seconds since epoch -function getImageSource( monId, time ) { +function getImageSource(monId, time) { if ( liveMode == 1 ) { var new_url = monitorImageObject[monId].src.replace( /rand=\d+/i, - 'rand='+Math.floor((Math.random() * 1000000) ) + 'rand='+Math.floor(Math.random() * 1000000) ); if ( auth_hash ) { // update auth hash @@ -109,20 +139,31 @@ function getImageSource( monId, time ) { } return new_url; } + var frame_id; + var Frame = getFrame(monId, time); if ( Frame ) { // Adjust for bulk frames if ( Frame.NextFrameId ) { - var duration = Frame.NextTimeStampSecs - Frame.TimeStampSecs; - frame_id = Frame.FrameId + parseInt( (Frame.NextFrameId-Frame.FrameId) * ( time-Frame.TimeStampSecs )/duration ); - //console.log("Have NextFrame: duration: " + duration + " frame_id = " + frame_id + " from " + Frame.NextFrameId + ' - ' + Frame.FrameId + " time: " + (time-Frame.TimeStampSecs) ); - //} else { - //console.log("No NextFrame"); + var e = events[Frame.EventId]; + var NextFrame = e.FramesById[Frame.NextFrameId]; + if ( !NextFrame ) { + console.log("No next frame for " + Frame.NextFrameId); + } else if ( NextFrame.Type == 'Bulk' ) { + // There is time between this frame and a bulk frame + var duration = Frame.NextTimeStampSecs - Frame.TimeStampSecs; + frame_id = Frame.FrameId + parseInt( (NextFrame.FrameId-Frame.FrameId) * ( time-Frame.TimeStampSecs )/duration ); + //console.log("Have NextFrame: duration: " + duration + " frame_id = " + frame_id + " from " + NextFrame.FrameId + ' - ' + Frame.FrameId + " time: " + (time-Frame.TimeStampSecs) ); + } + + } else { + frame_id = Frame['Id']; + console.log("No NextFrame"); } Event = events[Frame.EventId]; var storage = Storage[Event.StorageId]; - if ( ! storage ) { + if ( !storage ) { // Storage[0] is guaranteed to exist as we make sure it is there in montagereview.js.php console.log("No storage area for id " + Event.StorageId); storage = Storage[0]; @@ -130,7 +171,7 @@ function getImageSource( monId, time ) { // monitorServerId may be 0, which gives us the default Server entry var server = storage.ServerId ? Servers[storage.ServerId] : Servers[monitorServerId[monId]]; return server.PathToIndex + - '?view=image&eid=' + Frame.EventId + '&fid='+Frame.FrameId + + '?view=image&eid=' + Frame.EventId + '&fid='+frame_id + "&width=" + monitorCanvasObj[monId].width + "&height=" + monitorCanvasObj[monId].height; } // end found Frame @@ -818,16 +859,16 @@ function showOneMonitor(monId) { // We know the monitor, need to determine the event based on current time var url; if ( liveMode != 0 ) { - url="?view=watch&mid=" + monId.toString(); - createPopup(url, 'zmWatch', 'watch', monitorWidth[monId], monitorHeight[monId] ); + url = '?view=watch&mid=' + monId.toString(); + createPopup(url, 'zmWatch', 'watch', monitorWidth[monId], monitorHeight[monId]); } else { var Frame = getFrame( monId, currentTimeSecs ); if ( Frame ) { - url="?view=event&eid=" + Frame.EventId + '&fid=' +Frame.FrameId; + url = '?view=event&eid=' + Frame.EventId + '&fid=' + Frame.FrameId; createPopup(url, 'zmEvent', 'event', monitorWidth[monId], monitorHeight[monId]); } else { - url="?view=watch&mid=" + monId.toString(); - createPopup(url, 'zmWatch', 'watch', monitorWidth[monId], monitorHeight[monId] ); + url = '?view=watch&mid=' + monId.toString(); + createPopup(url, 'zmWatch', 'watch', monitorWidth[monId], monitorHeight[monId]); } } // end if live/events } @@ -960,11 +1001,19 @@ function initPage() { maxDate: +0, constrainInput: false, onClose: function(newDate, oldData) { - if (newDate !== oldData.lastVal) { + if ( newDate !== oldData.lastVal ) { changeDateTime(); } } }); + $j('#scaleslider').bind('change', function() { setScale(this.value); }); + $j('#scaleslider').bind('input', function() { showScale(this.value); }); + $j('#speedslider').bind('change', function() { setSpeed(this.value); }); + $j('#speedslider').bind('input', function() { showSpeed(this.value); }); + + $j('#liveButton').bind('click', function() { setLive(1-liveMode); }); + $j('#fit').bind('click', function() { setFit(1-fitMode); }); + $j('#archive_status').bind('change', function() { console.log('submitting'); this.form.submit(); }); } window.addEventListener("resize", redrawScreen, {passive: true}); // Kick everything off diff --git a/web/skins/classic/views/js/montagereview.js.php b/web/skins/classic/views/js/montagereview.js.php index 7c529790b..4f7cad02a 100644 --- a/web/skins/classic/views/js/montagereview.js.php +++ b/web/skins/classic/views/js/montagereview.js.php @@ -55,23 +55,26 @@ if ( !$liveMode ) { if ( $result = dbQuery($framesSql) ) { $next_frame = null; - while( $frame = $result->fetch(PDO::FETCH_ASSOC) ) { + while ( $frame = $result->fetch(PDO::FETCH_ASSOC) ) { $event_id = $frame['EventId']; $event = &$EventsById[$event_id]; $frame['TimeStampSecs'] = $event['StartTimeSecs'] + $frame['Delta']; if ( !isset($event['FramesById']) ) { + // Please note that this is the last frame as we sort DESC $event['FramesById'] = array(); - $frame['NextTimeStampSecs'] = 0; + $frame['NextTimeStampSecs'] = $event['EndTime']; } else { $frame['NextTimeStampSecs'] = $next_frames[$frame['EventId']]['TimeStampSecs']; - $frame['NextFrameId'] = $next_frames[$frame['EventId']]['FrameId']; + $frame['NextFrameId'] = $next_frames[$frame['EventId']]['Id']; } - $event['FramesById'] += array( $frame['Id']=>$frame ); + $event['FramesById'] += array($frame['Id']=>$frame); $next_frames[$frame['EventId']] = $frame; } } + $events_by_monitor_id = array(); + echo "var events = {\n"; foreach ( $EventsById as $event_id=>$event ) { @@ -82,7 +85,7 @@ if ( !$liveMode ) { if ( !$minTimeSecs or $minTimeSecs > $StartTimeSecs ) $minTimeSecs = $StartTimeSecs; if ( !$maxTimeSecs or $maxTimeSecs < $EndTimeSecs ) $maxTimeSecs = $EndTimeSecs; - $event_json = json_encode($event, JSON_PRETTY_PRINT); + $event_json = json_encode($event, JSON_PRETTY_PRINT|JSON_NUMERIC_CHECK); echo " $event_id : $event_json,\n"; $index = $index + 1; @@ -91,8 +94,19 @@ if ( !$liveMode ) { $maxScore = $event['MaxScore']; $anyAlarms = true; } + if ( !isset($events_by_monitor_id[$event['MonitorId']]) ) + $events_by_monitor_id[$event['MonitorId']] = array(); + array_push($events_by_monitor_id[$event['MonitorId']], $event_id); + + } # end foreach Event + echo " }; + var events_by_monitor_id = { + \n"; + + foreach ( $events_by_monitor_id as $monitor_id=>$event_ids ) { + echo "$monitor_id : ".json_encode($event_ids, JSON_NUMERIC_CHECK) . "\n"; } -echo " };\n"; + echo " };\n"; // if there is no data set the min/max to the passed in values if ( $index == 0 ) { diff --git a/web/skins/classic/views/montagereview.php b/web/skins/classic/views/montagereview.php index 1d05d597e..29c32deaf 100644 --- a/web/skins/classic/views/montagereview.php +++ b/web/skins/classic/views/montagereview.php @@ -64,7 +64,7 @@ if ( isset($_REQUEST['filter']) ) { $filter = $_REQUEST['filter']; } else { - if (isset($_REQUEST['minTime']) && isset($_REQUEST['maxTime']) && count($displayMonitors) != 0) { + if ( isset($_REQUEST['minTime']) && isset($_REQUEST['maxTime']) && (count($displayMonitors) != 0) ) { $filter = array( 'Query' => array( 'terms' => array( @@ -77,10 +77,10 @@ if ( isset($_REQUEST['filter']) ) { $filter['Query']['terms'][] = (array('attr' => 'MonitorId', 'op' => 'IN', 'val' => implode(',',$selected_monitor_ids), 'cnj' => 'and')); } else if ( ( $group_id != 0 || isset($_SESSION['ServerFilter']) || isset($_SESSION['StorageFilter']) || isset($_SESSION['StatusFilter']) ) ) { # this should be redundant - for ($i=0; $i < count($displayMonitors); $i++) { - if ($i == '0') { + for ( $i = 0; $i < count($displayMonitors); $i++ ) { + if ( $i == '0' ) { $filter['Query']['terms'][] = array('attr' => 'MonitorId', 'op' => '=', 'val' => $displayMonitors[$i]['Id'], 'cnj' => 'and', 'obr' => '1'); - } else if ($i == (count($displayMonitors)-1)) { + } else if ( $i == (count($displayMonitors)-1) ) { $filter['Query']['terms'][] = array('attr' => 'MonitorId', 'op' => '=', 'val' => $displayMonitors[$i]['Id'], 'cnj' => 'or', 'cbr' => '1'); } else { $filter['Query']['terms'][] = array('attr' => 'MonitorId', 'op' => '=', 'val' => $displayMonitors[$i]['Id'], 'cnj' => 'or'); @@ -118,7 +118,7 @@ $eventsSql = 'SELECT // Note that the delta value seems more accurate than the time stamp for some reason. $framesSql = ' - SELECT Id, FrameId, EventId, TimeStamp, UNIX_TIMESTAMP(TimeStamp) AS TimeStampSecs, Score, Delta + SELECT Id, FrameId, EventId, TimeStamp, UNIX_TIMESTAMP(TimeStamp) AS TimeStampSecs, Score, Delta, Type FROM Frames WHERE EventId IN (SELECT E.Id FROM Events AS E WHERE 1>0 '; @@ -126,9 +126,9 @@ $framesSql = ' // This program only calls itself with the time range involved -- it does all monitors (the user can see, in the called group) all the time $monitor_ids_sql = ''; -if ( ! empty($user['MonitorIds']) ) { +if ( !empty($user['MonitorIds']) ) { $eventsSql .= ' AND E.MonitorId IN ('.$user['MonitorIds'].')'; - $framesSql .= ' AND E.MonitorId IN ('.$user['MonitorIds'].')'; + $framesSql .= ' AND E.MonitorId IN ('.$user['MonitorIds'].')'; } if ( count($selected_monitor_ids) ) { $monitor_ids_sql = ' IN (' . implode(',',$selected_monitor_ids).')'; @@ -173,7 +173,7 @@ if ( (strtotime($maxTime) - strtotime($minTime))/(365*24*3600) > 30 ) { } $fitMode = 1; -if (isset($_REQUEST['fit']) && $_REQUEST['fit']=='0' ) +if ( isset($_REQUEST['fit']) && ($_REQUEST['fit'] == '0') ) $fitMode = 0; if ( isset($_REQUEST['scale']) ) @@ -200,7 +200,7 @@ if ( isset($_REQUEST['current']) ) $defaultCurrentTime = validHtmlStr($_REQUEST['current']); $liveMode = 1; // default to live -if ( isset($_REQUEST['live']) && $_REQUEST['live']=='0' ) +if ( isset($_REQUEST['live']) && ($_REQUEST['live'] == '0') ) $liveMode = 0; $initialDisplayInterval = 1000; @@ -236,82 +236,80 @@ foreach( $displayMonitors as $row ) { // These are zoom ranges per visible monitor xhtmlHeaders(__FILE__, translate('MontageReview') ); +getBodyTopHTML(); ?> - -
+
- +
+ + + + +
+
+ + +
+
Id().' ' .$m->Name().'" width="' . $m->Width() * $defaultScale . '" height="' . $m->Height() * $defaultScale . '" id="Monitor' . $m->Id() . '" style="border:1px solid ' . $m->WebColour() . '" monitor_id="'.$m->Id().'">No Canvas Support!!'; + echo 'No Canvas Support!! +'; } ?>
From acb95709e6cd8fdb9e76b3d58bc6f546fc6b1447 Mon Sep 17 00:00:00 2001 From: Isaac Connor Date: Tue, 11 Jun 2019 10:19:42 -0400 Subject: [PATCH 227/922] Fix issues with too much audio in events by storing packets in the queue with their timestamps converted to AV_TIME_BASE_Q, so that we can sort video and audio packets together. --- src/zm_ffmpeg_camera.cpp | 49 +++++++++++++++++++++++++++++----------- src/zm_packet.cpp | 10 ++++++-- src/zm_packet.h | 4 ++-- src/zm_packetqueue.cpp | 22 +++++++++++------- src/zm_packetqueue.h | 4 ++-- src/zm_videostore.cpp | 46 +++++++++++++++++++++++-------------- 6 files changed, 91 insertions(+), 44 deletions(-) diff --git a/src/zm_ffmpeg_camera.cpp b/src/zm_ffmpeg_camera.cpp index dc2a32475..093648946 100644 --- a/src/zm_ffmpeg_camera.cpp +++ b/src/zm_ffmpeg_camera.cpp @@ -873,6 +873,7 @@ int FfmpegCamera::CaptureAndRecord( Image &image, timeval recording, char* event } } // end if recording or not + // Buffer video packets, since we are not recording. // All audio packets are keyframes, so only if it's a video keyframe if ( packet.stream_index == mVideoStreamId ) { @@ -885,17 +886,18 @@ int FfmpegCamera::CaptureAndRecord( Image &image, timeval recording, char* event } packetqueue->clearQueue(monitor->GetPreEventCount(), mVideoStreamId); - packetqueue->queuePacket(&packet); + + packetqueue->queuePacket(&packet, mFormatContext->streams[packet.stream_index]); } else if ( packetqueue->size() ) { // it's a keyframe or we already have something in the queue - packetqueue->queuePacket(&packet); + packetqueue->queuePacket(&packet, mFormatContext->streams[packet.stream_index]); } } else if ( packet.stream_index == mAudioStreamId ) { // The following lines should ensure that the queue always begins with a video keyframe //Debug(2, "Have audio packet, reocrd_audio is (%d) and packetqueue.size is (%d)", record_audio, packetqueue.size() ); if ( record_audio && packetqueue->size() ) { // if it's audio, and we are doing audio, and there is already something in the queue - packetqueue->queuePacket(&packet); + packetqueue->queuePacket(&packet, mFormatContext->streams[packet.stream_index]); } } // end if packet type @@ -904,9 +906,19 @@ int FfmpegCamera::CaptureAndRecord( Image &image, timeval recording, char* event if ( have_video_keyframe || keyframe ) { if ( videoStore ) { + AVPacket out_packet; + av_init_packet(&out_packet); + if ( zm_av_packet_ref( &out_packet, &packet ) < 0 ) { + Error("error refing packet"); + } + out_packet.pts = av_rescale_q(out_packet.pts, mFormatContext->streams[packet.stream_index]->time_base, AV_TIME_BASE_Q); + out_packet.dts = av_rescale_q(out_packet.dts, mFormatContext->streams[packet.stream_index]->time_base, AV_TIME_BASE_Q); + out_packet.duration = av_rescale_q(out_packet.duration, mFormatContext->streams[packet.stream_index]->time_base, AV_TIME_BASE_Q); + //Write the packet to our video store - int ret = videoStore->writeVideoFramePacket(&packet); + int ret = videoStore->writeVideoFramePacket(&out_packet); + zm_av_packet_unref(&out_packet); if ( ret < 0 ) { //Less than zero and we skipped a frame zm_av_packet_unref(&packet); return 0; @@ -1005,15 +1017,26 @@ int FfmpegCamera::CaptureAndRecord( Image &image, timeval recording, char* event if ( videoStore ) { if ( record_audio ) { if ( have_video_keyframe ) { - Debug(3, "Recording audio packet streamindex(%d) packetstreamindex(%d)", mAudioStreamId, packet.stream_index ); - //Write the packet to our video store - //FIXME no relevance of last key frame - int ret = videoStore->writeAudioFramePacket( &packet ); - if ( ret < 0 ) {//Less than zero and we skipped a frame - Warning("Failure to write audio packet."); - zm_av_packet_unref( &packet ); - return 0; - } + + AVPacket out_packet; + av_init_packet(&out_packet); + if ( zm_av_packet_ref( &out_packet, &packet ) < 0 ) { + Error("error refing packet"); + } + out_packet.pts = av_rescale_q(out_packet.pts, mFormatContext->streams[packet.stream_index]->time_base, AV_TIME_BASE_Q); + out_packet.dts = av_rescale_q(out_packet.dts, mFormatContext->streams[packet.stream_index]->time_base, AV_TIME_BASE_Q); + out_packet.duration = av_rescale_q(out_packet.duration, mFormatContext->streams[packet.stream_index]->time_base, AV_TIME_BASE_Q); + + Debug(3, "Recording audio packet streamindex(%d) packetstreamindex(%d)", mAudioStreamId, packet.stream_index); + //Write the packet to our video store + //FIXME no relevance of last key frame + int ret = videoStore->writeAudioFramePacket(&out_packet); + zm_av_packet_unref(&out_packet); + if ( ret < 0 ) {//Less than zero and we skipped a frame + Warning("Failure to write audio packet."); + zm_av_packet_unref( &packet ); + return 0; + } } else { Debug(3, "Not recording audio yet because we don't have a video keyframe yet"); } diff --git a/src/zm_packet.cpp b/src/zm_packet.cpp index a04282d26..a89a557d2 100644 --- a/src/zm_packet.cpp +++ b/src/zm_packet.cpp @@ -24,23 +24,29 @@ using namespace std; -ZMPacket::ZMPacket( AVPacket *p ) { +ZMPacket::ZMPacket( AVPacket *p, AVStream *stream ) { frame = NULL; image = NULL; av_init_packet( &packet ); if ( zm_av_packet_ref( &packet, p ) < 0 ) { Error("error refing packet"); } + packet.pts = av_rescale_q(packet.pts, stream->time_base, AV_TIME_BASE_Q); + packet.dts = av_rescale_q(packet.dts, stream->time_base, AV_TIME_BASE_Q); + packet.duration = av_rescale_q(packet.duration, stream->time_base, AV_TIME_BASE_Q); gettimeofday( ×tamp, NULL ); } -ZMPacket::ZMPacket( AVPacket *p, struct timeval *t ) { +ZMPacket::ZMPacket( AVPacket *p, AVStream *stream, struct timeval *t ) { frame = NULL; image = NULL; av_init_packet( &packet ); if ( zm_av_packet_ref( &packet, p ) < 0 ) { Error("error refing packet"); } + packet.pts = av_rescale_q(packet.pts, stream->time_base, AV_TIME_BASE_Q); + packet.dts = av_rescale_q(packet.pts, stream->time_base, AV_TIME_BASE_Q); + packet.duration = av_rescale_q(packet.pts, stream->time_base, AV_TIME_BASE_Q); timestamp = *t; } diff --git a/src/zm_packet.h b/src/zm_packet.h index bdb67cb57..608d1b1e9 100644 --- a/src/zm_packet.h +++ b/src/zm_packet.h @@ -38,8 +38,8 @@ class ZMPacket { struct timeval timestamp; public: AVPacket *av_packet() { return &packet; } - ZMPacket( AVPacket *packet, struct timeval *timestamp ); - explicit ZMPacket( AVPacket *packet ); + ZMPacket( AVPacket *packet, AVStream *stream, struct timeval *timestamp ); + explicit ZMPacket( AVPacket *packet, AVStream * ); ~ZMPacket(); }; diff --git a/src/zm_packetqueue.cpp b/src/zm_packetqueue.cpp index 81fbb09c4..1287c7bd5 100644 --- a/src/zm_packetqueue.cpp +++ b/src/zm_packetqueue.cpp @@ -57,8 +57,8 @@ bool zm_packetqueue::queuePacket(ZMPacket* zm_packet) { Debug(2, "Looking at packet with stream index (%d) with dts %" PRId64, av_packet->stream_index, av_packet->dts); if ( - ( av_packet->stream_index == zm_packet->packet.stream_index ) - && + //( av_packet->stream_index == zm_packet->packet.stream_index ) + //&& ( av_packet->dts != AV_NOPTS_VALUE ) && ( av_packet->dts <= zm_packet->packet.dts) @@ -77,7 +77,7 @@ bool zm_packetqueue::queuePacket(ZMPacket* zm_packet) { //Debug(2, "Found packet with stream index (%d) with dts %" PRId64, //(*it)->packet.stream_index, (*it)->packet.dts); if ( it == pktQueue.rbegin() ) { - Debug(2,"Inserting packet with dts %" PRId64 " at end", zm_packet->packet.dts); + Debug(2, "Inserting packet with dts %" PRId64 " at end", zm_packet->packet.dts); // No dts value, can't so much with it pktQueue.push_back(zm_packet); packet_counts[zm_packet->packet.stream_index] += 1; @@ -85,16 +85,22 @@ bool zm_packetqueue::queuePacket(ZMPacket* zm_packet) { } // Convert to a forward iterator so that we can insert at end std::list::iterator f_it = it.base(); - Debug(2, "Insert packet with stream index (%d) with dts %" PRId64 " for dts %" PRId64, (*f_it)->packet.stream_index, (*f_it)->packet.dts, zm_packet->packet.dts); + if ( f_it == pktQueue.end() ) { + Debug(2, "Pushing to end"); + pktQueue.push_back(zm_packet); + } else { + Debug(2, "Insert packet with stream index (%d) with dts %" PRId64 " for dts %" PRId64, + (*f_it)->packet.stream_index, (*f_it)->packet.dts, zm_packet->packet.dts); - pktQueue.insert(f_it, zm_packet); + pktQueue.insert(f_it, zm_packet); + } packet_counts[zm_packet->packet.stream_index] += 1; return true; } - Debug(1,"Unable to insert packet for stream %d with dts %" PRId64 " into queue.", + Debug(1,"Unable to find a spot for stream %d with dts %" PRId64 ". Sticking on front", zm_packet->packet.stream_index, zm_packet->packet.dts); // Must be before any packets in the queue. Stick it at the beginning pktQueue.push_front(zm_packet); @@ -102,8 +108,8 @@ bool zm_packetqueue::queuePacket(ZMPacket* zm_packet) { return true; } // end bool zm_packetqueue::queuePacket(ZMPacket* zm_packet) -bool zm_packetqueue::queuePacket(AVPacket* av_packet) { - ZMPacket *zm_packet = new ZMPacket(av_packet); +bool zm_packetqueue::queuePacket(AVPacket* av_packet, AVStream *stream) { + ZMPacket *zm_packet = new ZMPacket(av_packet, stream); return queuePacket(zm_packet); } diff --git a/src/zm_packetqueue.h b/src/zm_packetqueue.h index fa422a529..984243c38 100644 --- a/src/zm_packetqueue.h +++ b/src/zm_packetqueue.h @@ -33,9 +33,9 @@ class zm_packetqueue { public: zm_packetqueue(int max_stream_id); virtual ~zm_packetqueue(); - bool queuePacket(AVPacket* packet, struct timeval *timestamp); + bool queuePacket(AVPacket* packet, AVStream *stream, struct timeval *timestamp); bool queuePacket(ZMPacket* packet); - bool queuePacket(AVPacket* packet); + bool queuePacket(AVPacket* packet, AVStream *stream); ZMPacket * popPacket(); bool popVideoPacket(ZMPacket* packet); bool popAudioPacket(ZMPacket* packet); diff --git a/src/zm_videostore.cpp b/src/zm_videostore.cpp index ea2b314dc..3ad93fd69 100644 --- a/src/zm_videostore.cpp +++ b/src/zm_videostore.cpp @@ -860,22 +860,23 @@ int VideoStore::writeVideoFramePacket(AVPacket *ipkt) { if ( ipkt->duration != AV_NOPTS_VALUE ) { duration = av_rescale_q( ipkt->duration, - video_in_stream->time_base, + AV_TIME_BASE_Q, video_out_stream->time_base); Debug(1, "duration from ipkt: pts(%" PRId64 ") - last_pts(%" PRId64 ") = (%" PRId64 ") => (%" PRId64 ") (%d/%d) (%d/%d)", ipkt->pts, video_last_pts, ipkt->duration, duration, - video_in_stream->time_base.num, - video_in_stream->time_base.den, + 1, + AV_TIME_BASE, video_out_stream->time_base.num, video_out_stream->time_base.den ); } else { duration = av_rescale_q( ipkt->pts - video_last_pts, - video_in_stream->time_base, + AV_TIME_BASE_Q, + //video_in_stream->time_base, video_out_stream->time_base); Debug(1, "duration calc: pts(%" PRId64 ") - last_pts(%" PRId64 ") = (%" PRId64 ") => (%" PRId64 ")", ipkt->pts, @@ -885,7 +886,7 @@ int VideoStore::writeVideoFramePacket(AVPacket *ipkt) { ); if ( duration <= 0 ) { // Why are we setting the duration to 1? - duration = ipkt->duration ? ipkt->duration : av_rescale_q(1,video_in_stream->time_base, video_out_stream->time_base); + duration = ipkt->duration ? ipkt->duration : av_rescale_q(1, AV_TIME_BASE_Q, video_out_stream->time_base); } } opkt.duration = duration; @@ -902,7 +903,8 @@ int VideoStore::writeVideoFramePacket(AVPacket *ipkt) { } else { opkt.pts = av_rescale_q( ipkt->pts - video_first_pts, - video_in_stream->time_base, + AV_TIME_BASE_Q, + //video_in_stream->time_base, video_out_stream->time_base ); } @@ -929,7 +931,8 @@ int VideoStore::writeVideoFramePacket(AVPacket *ipkt) { } else { opkt.dts = av_rescale_q( ipkt->dts - video_first_dts, - video_in_stream->time_base, + AV_TIME_BASE_Q, + //video_in_stream->time_base, video_out_stream->time_base ); Debug(3, "opkt.dts = %" PRId64 " from ipkt->dts(%" PRId64 ") - first_pts(%" PRId64 ")", @@ -1027,6 +1030,7 @@ int VideoStore::writeAudioFramePacket(AVPacket *ipkt) { // sending AV_NOPTS_VALUE doesn't really work but we seem to get it in ffmpeg 2.8 out_frame->pts = audio_next_pts; } + // We need to keep track of this due to resampling audio_next_pts = out_frame->pts + out_frame->nb_samples; av_init_packet(&opkt); @@ -1087,7 +1091,8 @@ int VideoStore::writeAudioFramePacket(AVPacket *ipkt) { if ( ipkt->duration && (ipkt->duration != AV_NOPTS_VALUE) ) { opkt.duration = av_rescale_q( ipkt->duration, - audio_in_stream->time_base, + AV_TIME_BASE_Q, + //audio_in_stream->time_base, audio_out_stream->time_base); } // Scale the PTS of the outgoing packet to be the correct time base @@ -1099,7 +1104,8 @@ int VideoStore::writeAudioFramePacket(AVPacket *ipkt) { } else { opkt.pts = av_rescale_q( ipkt->pts - audio_first_pts, - audio_in_stream->time_base, + AV_TIME_BASE_Q, + //audio_in_stream->time_base, audio_out_stream->time_base); Debug(2, "audio opkt.pts = %" PRId64 " from ipkt->pts(%" PRId64 ") - first_pts(%" PRId64 ")", opkt.pts, ipkt->pts, audio_first_pts); @@ -1126,7 +1132,8 @@ int VideoStore::writeAudioFramePacket(AVPacket *ipkt) { } else { opkt.dts = av_rescale_q( ipkt->dts - audio_first_dts, - audio_in_stream->time_base, + AV_TIME_BASE_Q, + //audio_in_stream->time_base, audio_out_stream->time_base); Debug(2, "opkt.dts = %" PRId64 " from ipkt.dts(%" PRId64 ") - first_dts(%" PRId64 ")", opkt.dts, ipkt->dts, audio_first_dts); @@ -1176,6 +1183,7 @@ int VideoStore::writeAudioFramePacket(AVPacket *ipkt) { int VideoStore::resample_audio() { // Resample the in_frame into the audioSampleBuffer until we process the whole // decoded data. Note: pts does not survive resampling or converting + // if we ask for less samples than we input, convert_frame will buffer the remainder apparently #if defined(HAVE_LIBSWRESAMPLE) || defined(HAVE_LIBAVRESAMPLE) #if defined(HAVE_LIBSWRESAMPLE) Debug(2, "Converting %d to %d samples using swresample", @@ -1207,7 +1215,7 @@ int VideoStore::resample_audio() { audio_next_pts = out_frame->pts + out_frame->nb_samples; #endif - if ((ret = av_audio_fifo_realloc(fifo, av_audio_fifo_size(fifo) + out_frame->nb_samples)) < 0) { + if ( (ret = av_audio_fifo_realloc(fifo, av_audio_fifo_size(fifo) + out_frame->nb_samples)) < 0 ) { Error("Could not reallocate FIFO"); return 0; } @@ -1224,6 +1232,7 @@ int VideoStore::resample_audio() { // AAC requires 1024 samples per encode. Our input tends to be 160, so need to buffer them. if ( frame_size > av_audio_fifo_size(fifo) ) { + Debug(1, "Not enough samples in the fifo"); return 0; } @@ -1233,15 +1242,18 @@ int VideoStore::resample_audio() { } out_frame->nb_samples = frame_size; // resampling changes the duration because the timebase is 1/samples + out_frame->pkt_duration = out_frame->nb_samples; + // out_frame->sample_rate; if ( in_frame->pts != AV_NOPTS_VALUE ) { - out_frame->pkt_duration = av_rescale_q( - in_frame->pkt_duration, - audio_in_stream->time_base, - audio_out_stream->time_base); + //out_frame->pkt_duration = av_rescale_q( + //in_frame->pkt_duration, + //audio_in_stream->time_base, + //audio_out_stream->time_base); out_frame->pts = av_rescale_q( in_frame->pts, - audio_in_stream->time_base, - audio_out_stream->time_base); + AV_TIME_BASE_Q, + //audio_in_ctx->time_base, + audio_out_ctx->time_base); } #else #if defined(HAVE_LIBAVRESAMPLE) From 1241761683385418fddd96f43be911754abc1469 Mon Sep 17 00:00:00 2001 From: Isaac Connor Date: Tue, 11 Jun 2019 10:58:54 -0400 Subject: [PATCH 228/922] Add a title popup telling people about the zoomin/out/pan functions. Add ctrl-click to zoomout --- web/skins/classic/views/js/watch.js | 3 +++ web/skins/classic/views/watch.php | 10 +++++++++- 2 files changed, 12 insertions(+), 1 deletion(-) diff --git a/web/skins/classic/views/js/watch.js b/web/skins/classic/views/js/watch.js index a30a05fee..0f19a1802 100644 --- a/web/skins/classic/views/js/watch.js +++ b/web/skins/classic/views/js/watch.js @@ -686,6 +686,9 @@ function handleClick( event ) { if ( showMode == "events" || !imageControlMode ) { if ( event.shift ) { streamCmdPan( x, y ); + } else if ( event.event.ctrlKey ) { + console.log("Zooming out"); + streamCmdZoomOut(); } else { streamCmdZoomIn( x, y ); } diff --git a/web/skins/classic/views/watch.php b/web/skins/classic/views/watch.php index 902baaa1c..e73afbe49 100644 --- a/web/skins/classic/views/watch.php +++ b/web/skins/classic/views/watch.php @@ -78,7 +78,15 @@ if ( canView('Control') && $monitor->Type() == 'Local' ) {
-
$scale) ); ?>
+
+>$scale) ); ?>
+ + Type() != 'WebSite' ) { ?>
From 1928d1153fdc4a0e32b2a0a621de90e87fb78d2f Mon Sep 17 00:00:00 2001 From: Isaac Connor Date: Tue, 11 Jun 2019 13:32:15 -0400 Subject: [PATCH 229/922] spacing and quotes --- scripts/ZoneMinder/lib/ZoneMinder/Filter.pm | 91 ++++++++++----------- 1 file changed, 44 insertions(+), 47 deletions(-) diff --git a/scripts/ZoneMinder/lib/ZoneMinder/Filter.pm b/scripts/ZoneMinder/lib/ZoneMinder/Filter.pm index a057f55d9..8383e43b7 100644 --- a/scripts/ZoneMinder/lib/ZoneMinder/Filter.pm +++ b/scripts/ZoneMinder/lib/ZoneMinder/Filter.pm @@ -72,15 +72,15 @@ sub find { $sql .= ' WHERE ' . join(' AND ', @sql_filters ) if @sql_filters; $sql .= ' LIMIT ' . $sql_filters{limit} if $sql_filters{limit}; - my $sth = $ZoneMinder::Database::dbh->prepare_cached( $sql ) - or Fatal( "Can't prepare '$sql': ".$ZoneMinder::Database::dbh->errstr() ); - my $res = $sth->execute( @sql_values ) - or Fatal( "Can't execute '$sql': ".$sth->errstr() ); + my $sth = $ZoneMinder::Database::dbh->prepare_cached($sql) + or Fatal("Can't prepare '$sql': ".$ZoneMinder::Database::dbh->errstr()); + my $res = $sth->execute(@sql_values) + or Fatal("Can't execute '$sql': ".$sth->errstr()); my @results; while( my $db_filter = $sth->fetchrow_hashref() ) { - my $filter = new ZoneMinder::Filter( $$db_filter{Id}, $db_filter ); + my $filter = new ZoneMinder::Filter($$db_filter{Id}, $db_filter); push @results, $filter; } # end while $sth->finish(); @@ -98,7 +98,7 @@ sub Execute { my $sql = $self->Sql(undef); if ( $self->{HasDiskPercent} ) { - my $disk_percent = getDiskPercent( $$self{Storage} ? $$self{Storage}->Path() : () ); + my $disk_percent = getDiskPercent($$self{Storage} ? $$self{Storage}->Path() : ()); $sql =~ s/zmDiskPercent/$disk_percent/g; } if ( $self->{HasDiskBlocks} ) { @@ -111,16 +111,16 @@ sub Execute { } Debug("Filter::Execute SQL ($sql)"); - my $sth = $ZoneMinder::Database::dbh->prepare_cached( $sql ) - or Fatal( "Can't prepare '$sql': ".$ZoneMinder::Database::dbh->errstr() ); + my $sth = $ZoneMinder::Database::dbh->prepare_cached($sql) + or Fatal("Can't prepare '$sql': ".$ZoneMinder::Database::dbh->errstr()); my $res = $sth->execute(); if ( !$res ) { - Error( "Can't execute filter '$sql', ignoring: ".$sth->errstr() ); + Error("Can't execute filter '$sql', ignoring: ".$sth->errstr()); return; } my @results; - while( my $event = $sth->fetchrow_hashref() ) { + while ( my $event = $sth->fetchrow_hashref() ) { push @results, $event; } $sth->finish(); @@ -152,7 +152,7 @@ sub Sql { $self->{Sql} .= ' '.$term->{cnj}.' '; } if ( exists($term->{obr}) ) { - $self->{Sql} .= ' '.str_repeat( '(', $term->{obr} ).' '; + $self->{Sql} .= ' '.str_repeat('(', $term->{obr}).' '; } my $value = $term->{val}; my @value_list; @@ -216,17 +216,17 @@ sub Sql { if ( $temp_value eq 'ZM_SERVER_ID' ) { $value = "'$ZoneMinder::Config::Config{ZM_SERVER_ID}'"; # This gets used later, I forget for what - $$self{Server} = new ZoneMinder::Server( $ZoneMinder::Config::Config{ZM_SERVER_ID} ); + $$self{Server} = new ZoneMinder::Server($ZoneMinder::Config::Config{ZM_SERVER_ID}); } elsif ( $temp_value eq 'NULL' ) { $value = $temp_value; } else { $value = "'$temp_value'"; # This gets used later, I forget for what - $$self{Server} = new ZoneMinder::Server( $temp_value ); + $$self{Server} = new ZoneMinder::Server($temp_value); } } elsif ( $term->{attr} eq 'StorageId' ) { $value = "'$temp_value'"; - $$self{Storage} = new ZoneMinder::Storage( $temp_value ); + $$self{Storage} = new ZoneMinder::Storage($temp_value); } elsif ( $term->{attr} eq 'Name' || $term->{attr} eq 'Cause' || $term->{attr} eq 'Notes' @@ -236,10 +236,9 @@ sub Sql { if ( $temp_value eq 'NULL' ) { $value = $temp_value; } else { - $value = DateTimeToSQL( $temp_value ); + $value = DateTimeToSQL($temp_value); if ( !$value ) { - Error( "Error parsing date/time '$temp_value', " - ."skipping filter '$self->{Name}'\n" ); + Error("Error parsing date/time '$temp_value', skipping filter '$self->{Name}'"); return; } $value = "'$value'"; @@ -248,10 +247,9 @@ sub Sql { if ( $temp_value eq 'NULL' ) { $value = $temp_value; } else { - $value = DateTimeToSQL( $temp_value ); + $value = DateTimeToSQL($temp_value); if ( !$value ) { - Error( "Error parsing date/time '$temp_value', " - ."skipping filter '$self->{Name}'\n" ); + Error("Error parsing date/time '$temp_value', skipping filter '$self->{Name}'"); return; } $value = "to_days( '$value' )"; @@ -260,10 +258,9 @@ sub Sql { if ( $temp_value eq 'NULL' ) { $value = $temp_value; } else { - $value = DateTimeToSQL( $temp_value ); + $value = DateTimeToSQL($temp_value); if ( !$value ) { - Error( "Error parsing date/time '$temp_value', " - ."skipping filter '$self->{Name}'\n" ); + Error("Error parsing date/time '$temp_value', skipping filter '$self->{Name}'"); return; } $value = "extract( hour_second from '$value' )"; @@ -271,7 +268,7 @@ sub Sql { } else { $value = $temp_value; } - push( @value_list, $value ); + push @value_list, $value; } # end foreach temp_value } # end if has an attr if ( $term->{op} ) { @@ -290,15 +287,15 @@ sub Sql { } elsif ( $term->{op} eq 'IS NOT' ) { $self->{Sql} .= " IS NOT $value"; } elsif ( $term->{op} eq '=[]' ) { - $self->{Sql} .= " in (".join( ",", @value_list ).")"; + $self->{Sql} .= ' IN ('.join(',', @value_list).')'; } elsif ( $term->{op} eq '!~' ) { - $self->{Sql} .= " not in (".join( ",", @value_list ).")"; + $self->{Sql} .= ' NOT IN ('.join(',', @value_list).')'; } else { - $self->{Sql} .= ' '.$term->{op}." $value"; + $self->{Sql} .= ' '.$term->{op}.' '.$value; } } # end if has an operator if ( exists($term->{cbr}) ) { - $self->{Sql} .= ' '.str_repeat( ")", $term->{cbr} )." "; + $self->{Sql} .= ' '.str_repeat(')', $term->{cbr}).' '; } } # end foreach term } # end if terms @@ -320,22 +317,22 @@ sub Sql { # Don't do this, it prevents re-generation and concatenation. # If the file already exists, then the video won't be re-recreated if ( $self->{AutoVideo} ) { - push @auto_terms, "E.Videoed = 0"; + push @auto_terms, 'E.Videoed = 0'; } if ( $self->{AutoUpload} ) { - push @auto_terms, "E.Uploaded = 0"; + push @auto_terms, 'E.Uploaded = 0'; } if ( $self->{AutoEmail} ) { - push @auto_terms, "E.Emailed = 0"; + push @auto_terms, 'E.Emailed = 0'; } if ( $self->{AutoMessage} ) { - push @auto_terms, "E.Messaged = 0"; + push @auto_terms, 'E.Messaged = 0'; } if ( $self->{AutoExecute} ) { - push @auto_terms, "E.Executed = 0"; + push @auto_terms, 'E.Executed = 0'; } if ( @auto_terms ) { - $sql .= " and ( ".join( ' or ', @auto_terms )." )"; + $sql .= ' AND ( '.join(' or ', @auto_terms).' )'; } if ( !$filter_expr->{sort_field} ) { $filter_expr->{sort_field} = 'StartTime'; @@ -369,10 +366,10 @@ sub Sql { } else { $sort_column = 'E.StartTime'; } - my $sort_order = $filter_expr->{sort_asc}?'asc':'desc'; - $sql .= ' order by '.$sort_column." ".$sort_order; + my $sort_order = $filter_expr->{sort_asc} ? 'ASC' : 'DESC'; + $sql .= ' ORDER BY '.$sort_column." ".$sort_order; if ( $filter_expr->{limit} ) { - $sql .= " limit 0,".$filter_expr->{limit}; + $sql .= ' LIMIT 0,'.$filter_expr->{limit}; } $self->{Sql} = $sql; } # end if has Sql @@ -386,7 +383,7 @@ sub getDiskPercent { if ( $df =~ /\s(\d+)%/ms ) { $space = $1; } - return( $space ); + return $space; } sub getDiskBlocks { @@ -396,7 +393,7 @@ sub getDiskBlocks { if ( $df =~ /\s(\d+)\s+\d+\s+\d+%/ms ) { $space = $1; } - return( $space ); + return $space; } sub getLoad { @@ -405,9 +402,9 @@ sub getLoad { my $load = -1; if ( $uptime =~ /load average:\s+([\d.]+)/ms ) { $load = $1; - Info( "Load: $load" ); + Info("Load: $load"); } - return( $load ); + return $load; } # @@ -415,7 +412,7 @@ sub getLoad { # sub strtotime { my $dt_str = shift; - return( Date::Manip::UnixDate( $dt_str, '%s' ) ); + return Date::Manip::UnixDate($dt_str, '%s'); } # @@ -424,18 +421,18 @@ sub strtotime { sub str_repeat { my $string = shift; my $count = shift; - return( ${string}x${count} ); + return ${string}x${count}; } # Formats a date into MySQL format sub DateTimeToSQL { my $dt_str = shift; - my $dt_val = strtotime( $dt_str ); + my $dt_val = strtotime($dt_str); if ( !$dt_val ) { - Error( "Unable to parse date string '$dt_str'\n" ); - return( undef ); + Error("Unable to parse date string '$dt_str'"); + return undef; } - return( POSIX::strftime( "%Y-%m-%d %H:%M:%S", localtime( $dt_val ) ) ); + return POSIX::strftime('%Y-%m-%d %H:%M:%S', localtime($dt_val)); } 1; From 0a9ae1d4f9b35f53c1e7c52b80f3f0ccffc3c174 Mon Sep 17 00:00:00 2001 From: Isaac Connor Date: Tue, 11 Jun 2019 13:55:57 -0400 Subject: [PATCH 230/922] Include pixdesc.h to get av_get_pix_fmt_name(AVPixelFormat) --- src/zm_ffmpeg.cpp | 3 +++ src/zm_ffmpeg_camera.cpp | 1 + 2 files changed, 4 insertions(+) diff --git a/src/zm_ffmpeg.cpp b/src/zm_ffmpeg.cpp index 029492f90..139ab5838 100644 --- a/src/zm_ffmpeg.cpp +++ b/src/zm_ffmpeg.cpp @@ -21,6 +21,9 @@ #include "zm_ffmpeg.h" #include "zm_image.h" #include "zm_rgb.h" +extern "C" { +#include "libavutil/pixdesc.h" +} #if HAVE_LIBAVCODEC || HAVE_LIBAVUTIL || HAVE_LIBSWSCALE diff --git a/src/zm_ffmpeg_camera.cpp b/src/zm_ffmpeg_camera.cpp index 9cf2d93ef..31ce90f1e 100644 --- a/src/zm_ffmpeg_camera.cpp +++ b/src/zm_ffmpeg_camera.cpp @@ -29,6 +29,7 @@ extern "C" { #if HAVE_LIBAVUTIL_HWCONTEXT_H #include "libavutil/hwcontext.h" #endif +#include "libavutil/pixdesc.h" } #ifndef AV_ERROR_MAX_STRING_SIZE #define AV_ERROR_MAX_STRING_SIZE 64 From 1e7cf8c7cf4994a324a74352e44c6586e9c94b49 Mon Sep 17 00:00:00 2001 From: Isaac Connor Date: Tue, 11 Jun 2019 14:38:28 -0400 Subject: [PATCH 231/922] fix eslint, Fix video not resuming after setting speed to 0. --- web/skins/classic/views/js/montagereview.js | 164 +++++++++++--------- 1 file changed, 94 insertions(+), 70 deletions(-) diff --git a/web/skins/classic/views/js/montagereview.js b/web/skins/classic/views/js/montagereview.js index e3b07e5f3..f95268e5a 100644 --- a/web/skins/classic/views/js/montagereview.js +++ b/web/skins/classic/views/js/montagereview.js @@ -45,7 +45,7 @@ function evaluateLoadTimes() { $('fps').innerHTML="Display refresh rate is " + (1000 / currentDisplayInterval).toFixed(1) + " per second, avgFrac=" + avgFrac.toFixed(3) + "."; } // end evaluateLoadTimes() -function getFrame(monId, time, last_Frame=null) { +function getFrame(monId, time, last_Frame) { if ( last_Frame ) { if ( (last_Frame.TimeStampSecs <= time) @@ -57,7 +57,7 @@ function getFrame(monId, time, last_Frame=null) { } var events_for_monitor = events_by_monitor_id[monId]; - if ( ! events_for_monitor ) { + if ( !events_for_monitor ) { console.log("No events for monitor " + monId); return; } @@ -155,7 +155,6 @@ function getImageSource(monId, time) { frame_id = Frame.FrameId + parseInt( (NextFrame.FrameId-Frame.FrameId) * ( time-Frame.TimeStampSecs )/duration ); //console.log("Have NextFrame: duration: " + duration + " frame_id = " + frame_id + " from " + NextFrame.FrameId + ' - ' + Frame.FrameId + " time: " + (time-Frame.TimeStampSecs) ); } - } else { frame_id = Frame['Id']; console.log("No NextFrame"); @@ -234,6 +233,7 @@ function loadNoData( monId ) { console.log("No monId in loadNoData"); } } + function writeText( monId, text ) { if ( monId ) { var canvasCtx = monitorCanvasCtx[monId]; @@ -273,20 +273,26 @@ function timerFire() { if ( ( currentDisplayInterval != timerInterval ) || ( currentSpeed == 0 ) ) { // zero just turn off interrupts clearInterval(timerObj); - timerInterval=currentDisplayInterval; - if ( currentSpeed>0 || liveMode!=0 ) timerObj=setInterval(timerFire, timerInterval); // don't fire out of live mode if speed is zero + timerObj = null; + timerInterval = currentDisplayInterval; + console.log("Turn off nterrupts timerInterfave" + timerInterval); + } + + if ( (currentSpeed > 0 || liveMode != 0) && ! timerObj ) { + timerObj = setInterval(timerFire, timerInterval); // don't fire out of live mode if speed is zero } if ( liveMode ) { + console.log("liveMode"); outputUpdate(currentTimeSecs); // In live mode we basically do nothing but redisplay - } else if ( currentTimeSecs + playSecsperInterval >= maxTimeSecs ) { + } else if ( currentTimeSecs + playSecsPerInterval >= maxTimeSecs ) { // beyond the end just stop - console.log("Current time " + currentTimeSecs + " + " + playSecsperInterval + " >= " + maxTimeSecs + " so stopping"); + console.log("Current time " + currentTimeSecs + " + " + playSecsPerInterval + " >= " + maxTimeSecs + " so stopping"); setSpeed(0); outputUpdate(currentTimeSecs); } else { - //console.log("Current time " + currentTimeSecs + " + " + playSecsperInterval ); - outputUpdate(playSecsperInterval + currentTimeSecs); + //console.log("Current time " + currentTimeSecs + " + " + playSecsPerInterval); + outputUpdate(playSecsPerInterval + currentTimeSecs); } return; } @@ -308,10 +314,10 @@ function drawSliderOnGraph(val) { if ( numMonitors > 0 ) { // if we have no data to display don't do the slider itself - var sliderX = parseInt( (val - minTimeSecs) / rangeTimeSecs * cWidth - sliderWidth/2); // position left side of slider + var sliderX = parseInt((val - minTimeSecs) / rangeTimeSecs * cWidth - sliderWidth/2); // position left side of slider if ( sliderX < 0 ) sliderX = 0; - if ( sliderX+sliderWidth > cWidth ) { - sliderX=cWidth-sliderWidth-1; + if ( sliderX + sliderWidth > cWidth ) { + sliderX = cWidth-sliderWidth-1; } // If we have data already saved first restore it from LAST time @@ -337,20 +343,20 @@ function drawSliderOnGraph(val) { o.style.color = "red"; } else { o.innerHTML = secs2dbstr(val); - o.style.color="blue"; + o.style.color = "blue"; } - o.style.position="absolute"; + o.style.position = "absolute"; o.style.bottom = labbottom; o.style.font = labfont; // try to get length and then when we get too close to the right switch to the left var len = o.offsetWidth; var x; - if (sliderX > cWidth/2) { - x=sliderX - len - 10; + if ( sliderX > cWidth/2 ) { + x = sliderX - len - 10; } else { - x=sliderX + 10; + x = sliderX + 10; } - o.style.left=x.toString() + "px"; + o.style.left = x.toString() + "px"; } // This displays (or not) the left/right limits depending on how close the slider is. @@ -391,7 +397,7 @@ function drawSliderOnGraph(val) { } function drawGraph() { - var divWidth=$('timelinediv').clientWidth; + var divWidth = $('timelinediv').clientWidth; canvas.width = cWidth = divWidth; // Let it float and determine width (it should be sized a bit smaller percentage of window) cHeight = parseInt(window.innerHeight * 0.10); if ( cHeight < numMonitors * 20 ) { @@ -400,14 +406,14 @@ function drawGraph() { canvas.height = cHeight; - if ( Object.keys(events).length == 0 ) { - ctx.globalAlpha=1; - ctx.font= "40px Georgia"; - ctx.fillStyle="white"; - var t="No data found in range - choose differently"; - var l=ctx.measureText(t).width; + if ( events && ( Object.keys(events).length == 0 ) ) { + ctx.globalAlpha = 1; + ctx.font = "40px Georgia"; + ctx.fillStyle = "white"; + var t = "No data found in range - choose differently"; + var l = ctx.measureText(t).width; ctx.fillText(t, (cWidth - l)/2, cHeight-10); - underSlider=undefined; + underSlider = undefined; return; } var rowHeight = parseInt(cHeight / (numMonitors + 1) ); // Leave room for a scale of some sort @@ -441,14 +447,15 @@ function drawGraph() { } // end foreach frame } // end foreach Event - for (var i=0; i now ) { maxSecs = parseInt(now); } - maxStr="&maxTime=" + secs2inputstr(maxSecs); + maxStr = "&maxTime=" + secs2inputstr(maxSecs); $('maxTime').value = secs2inputstr(maxSecs); } if ( minSecs > 0 ) { $('minTime').value = secs2inputstr(minSecs); - minStr="&minTime=" + secs2inputstr(minSecs); + minStr = "&minTime=" + secs2inputstr(minSecs); } if ( maxSecs == 0 && minSecs == 0 ) { - minStr="&minTime=01/01/1950T12:00:00"; - maxStr="&maxTime=12/31/2035T12:00:00"; + minStr = "&minTime=01/01/1950T12:00:00"; + maxStr = "&maxTime=12/31/2035T12:00:00"; } var intervalStr="&displayinterval=" + currentDisplayInterval.toString(); if ( minSecs && maxSecs ) { if ( currentTimeSecs > minSecs && currentTimeSecs < maxSecs ) { // make sure time is in the new range - currentStr="¤t=" + secs2dbstr(currentTimeSecs); + currentStr = "¤t=" + secs2dbstr(currentTimeSecs); } } - var liveStr="&live=0"; + var liveStr = "&live=0"; if ( live == 1 ) { - liveStr="&live=1"; + liveStr = "&live=1"; } - var zoomStr=""; - for ( var i=0; i < numMonitors; i++ ) { + var zoomStr = ""; + for ( var i = 0; i < numMonitors; i++ ) { if ( monitorZoomScale[monitorPtr[i]] < 0.99 || monitorZoomScale[monitorPtr[i]] > 1.01 ) { // allow for some up/down changes and just treat as 1 of almost 1 zoomStr += "&z" + monitorPtr[i].toString() + "=" + monitorZoomScale[monitorPtr[i]].toFixed(2); } @@ -726,7 +736,7 @@ function click_panright() { clicknav(minTimeSecs, maxTimeSecs, 0); } function click_download() { - createPopup( '?view=download', 'zmDownload', 'download' ); + createPopup('?view=download', 'zmDownload', 'download'); } function click_all_events() { clicknav(0, 0, 0); @@ -745,7 +755,6 @@ function compSize(a, b) { // sort array by some size parameter - height seems t else return 1; } - function maxfit2(divW, divH) { var bestFitX=[]; // how we arranged the so-far best match var bestFitX2=[]; @@ -777,7 +786,7 @@ function maxfit2(divW, divH) { function doesItFit(x, y, w, h, d) { // does block (w,h) fit at position (x,y) relative to edge and other nodes already done (0..d) if (x+w>=divW) return 0; if (y+h>=divH) return 0; - for (var i=0; i<=d; i++) { + for ( var i=0; i <= d; i++ ) { if ( !( thisX[i]>x+w-1 || thisX2[i] < x || thisY[i] > y+h-1 || thisY2[i] < y ) ) return 0; } return 1; // it's OK @@ -862,7 +871,7 @@ function showOneMonitor(monId) { url = '?view=watch&mid=' + monId.toString(); createPopup(url, 'zmWatch', 'watch', monitorWidth[monId], monitorHeight[monId]); } else { - var Frame = getFrame( monId, currentTimeSecs ); + var Frame = getFrame(monId, currentTimeSecs); if ( Frame ) { url = '?view=event&eid=' + Frame.EventId + '&fid=' + Frame.FrameId; createPopup(url, 'zmEvent', 'event', monitorWidth[monId], monitorHeight[monId]); @@ -941,23 +950,24 @@ function initPage() { for ( var i = 0, len = monitorPtr.length; i < len; i += 1 ) { var monId = monitorPtr[i]; - if ( ! monId ) continue; - monitorCanvasObj[monId] = $('Monitor'+monId ); - if ( ! monitorCanvasObj[monId] ) { - alert("Couldn't find DOM element for Monitor"+monId + "monitorPtr.length="+len); + if ( !monId ) continue; + monitorCanvasObj[monId] = $('Monitor'+monId); + if ( !monitorCanvasObj[monId] ) { + alert("Couldn't find DOM element for Monitor" + monId + "monitorPtr.length=" + len); } else { monitorCanvasCtx[monId] = monitorCanvasObj[monId].getContext('2d'); var imageObject = monitorImageObject[monId] = new Image(); imageObject.monId = monId; imageObject.onload = function() { - imagedone(this, this.monId, true ); + imagedone(this, this.monId, true); }; imageObject.onerror = function() { - imagedone(this, this.monId, false ); + imagedone(this, this.monId, false); }; - loadImage2Monitor( monId, monitorImageURL[monId] ); + loadImage2Monitor(monId, monitorImageURL[monId]); } - } + } // end foreach monitor + if ( !liveMode ) { canvas = $("timeline"); @@ -1006,15 +1016,29 @@ function initPage() { } } }); - $j('#scaleslider').bind('change', function() { setScale(this.value); }); - $j('#scaleslider').bind('input', function() { showScale(this.value); }); - $j('#speedslider').bind('change', function() { setSpeed(this.value); }); - $j('#speedslider').bind('input', function() { showSpeed(this.value); }); + $j('#scaleslider').bind('change', function() { + setScale(this.value); + }); + $j('#scaleslider').bind('input', function() { + showScale(this.value); + }); + $j('#speedslider').bind('change', function() { + setSpeed(this.value); + }); + $j('#speedslider').bind('input', function() { + showSpeed(this.value); + }); - $j('#liveButton').bind('click', function() { setLive(1-liveMode); }); - $j('#fit').bind('click', function() { setFit(1-fitMode); }); - $j('#archive_status').bind('change', function() { console.log('submitting'); this.form.submit(); }); + $j('#liveButton').bind('click', function() { + setLive(1-liveMode); + }); + $j('#fit').bind('click', function() { + setFit(1-fitMode); + }); + $j('#archive_status').bind('change', function() { + this.form.submit(); + }); } window.addEventListener("resize", redrawScreen, {passive: true}); // Kick everything off -window.addEventListener( 'DOMContentLoaded', initPage ); +window.addEventListener('DOMContentLoaded', initPage); From ec7b373913f99b8eafad98dce303d04032cc437b Mon Sep 17 00:00:00 2001 From: Isaac Connor Date: Tue, 11 Jun 2019 14:38:51 -0400 Subject: [PATCH 232/922] fix structure of events_by_monitor_id --- web/skins/classic/views/js/montagereview.js.php | 11 +++-------- 1 file changed, 3 insertions(+), 8 deletions(-) diff --git a/web/skins/classic/views/js/montagereview.js.php b/web/skins/classic/views/js/montagereview.js.php index 4f7cad02a..4fc8ef511 100644 --- a/web/skins/classic/views/js/montagereview.js.php +++ b/web/skins/classic/views/js/montagereview.js.php @@ -46,7 +46,7 @@ if ( !$liveMode ) { $EventsById = array(); - while( $event = $result->fetch(PDO::FETCH_ASSOC) ) { + while ( $event = $result->fetch(PDO::FETCH_ASSOC) ) { $event_id = $event['Id']; $EventsById[$event_id] = $event; } @@ -99,14 +99,9 @@ if ( !$liveMode ) { array_push($events_by_monitor_id[$event['MonitorId']], $event_id); } # end foreach Event - echo " }; - var events_by_monitor_id = { - \n"; + echo ' }; - foreach ( $events_by_monitor_id as $monitor_id=>$event_ids ) { - echo "$monitor_id : ".json_encode($event_ids, JSON_NUMERIC_CHECK) . "\n"; - } - echo " };\n"; + var events_by_monitor_id = '.json_encode($events_by_monitor_id, JSON_NUMERIC_CHECK)."\n"; // if there is no data set the min/max to the passed in values if ( $index == 0 ) { From 30a210f68f18d98f894fdb511492abe972cb4487 Mon Sep 17 00:00:00 2001 From: Isaac Connor Date: Wed, 12 Jun 2019 10:05:08 -0400 Subject: [PATCH 233/922] also need to adjust dts of last packet when switching events --- src/zm_ffmpeg_camera.cpp | 11 ++++++++++- 1 file changed, 10 insertions(+), 1 deletion(-) diff --git a/src/zm_ffmpeg_camera.cpp b/src/zm_ffmpeg_camera.cpp index 093648946..201c0ff0e 100644 --- a/src/zm_ffmpeg_camera.cpp +++ b/src/zm_ffmpeg_camera.cpp @@ -776,10 +776,19 @@ int FfmpegCamera::CaptureAndRecord( Image &image, timeval recording, char* event // Also don't know how much it matters for audio. if ( packet.stream_index == mVideoStreamId ) { //Write the packet to our video store - int ret = videoStore->writeVideoFramePacket(&packet); + AVPacket out_packet; + av_init_packet(&out_packet); + if ( zm_av_packet_ref(&out_packet, &packet) < 0 ) { + Error("error refing packet"); + } + out_packet.pts = av_rescale_q(out_packet.pts, mFormatContext->streams[packet.stream_index]->time_base, AV_TIME_BASE_Q); + out_packet.dts = av_rescale_q(out_packet.dts, mFormatContext->streams[packet.stream_index]->time_base, AV_TIME_BASE_Q); + out_packet.duration = av_rescale_q(out_packet.duration, mFormatContext->streams[packet.stream_index]->time_base, AV_TIME_BASE_Q); + int ret = videoStore->writeVideoFramePacket(&out_packet); if ( ret < 0 ) { //Less than zero and we skipped a frame Warning("Error writing last packet to videostore."); } + zm_av_packet_unref(&out_packet); } // end if video delete videoStore; From 9a33e55efc3384421d4fd407762941b1275f115a Mon Sep 17 00:00:00 2001 From: Isaac Connor Date: Thu, 13 Jun 2019 11:53:26 -0400 Subject: [PATCH 234/922] Bump log level to warning if we are restarting any daemons. Daemons should NOT need to be restarted in a healthy system. --- scripts/zmwatch.pl.in | 6 +++--- 1 file changed, 3 insertions(+), 3 deletions(-) diff --git a/scripts/zmwatch.pl.in b/scripts/zmwatch.pl.in index e48b8d9d3..30d500ee7 100644 --- a/scripts/zmwatch.pl.in +++ b/scripts/zmwatch.pl.in @@ -104,7 +104,7 @@ while( 1 ) { if ( !$capture_time ) { my $startup_time = zmGetStartupTime($monitor); if ( ( $now - $startup_time ) > $Config{ZM_WATCH_MAX_DELAY} ) { - Info( + Warning( "Restarting capture daemon for $$monitor{Name}, no image since startup. ". "Startup time was $startup_time - now $now > $Config{ZM_WATCH_MAX_DELAY}" ); @@ -126,7 +126,7 @@ while( 1 ) { my $image_delay = $now-$capture_time; Debug("Monitor $monitor->{Id} last captured $image_delay seconds ago, max is $max_image_delay"); if ( $image_delay > $max_image_delay ) { - Info("Restarting capture daemon for " + Warning("Restarting capture daemon for " .$monitor->{Name}.", time since last capture $image_delay seconds ($now-$capture_time)" ); $restart = 1; @@ -173,7 +173,7 @@ while( 1 ) { my $image_delay = $now-$image_time; Debug("Monitor $monitor->{Id} last analysed $image_delay seconds ago, max is $max_image_delay"); if ( $image_delay > $max_image_delay ) { - Info("Analysis daemon for $$monitor{Id} $$monitor{Name} needs restarting," + Warning("Analysis daemon for $$monitor{Id} $$monitor{Name} needs restarting," ." time since last analysis $image_delay seconds ($now-$image_time)" ); $restart = 1; From b0735051468e8350df5abbf82fcd826296a94b8c Mon Sep 17 00:00:00 2001 From: Isaac Connor Date: Thu, 13 Jun 2019 15:47:58 -0400 Subject: [PATCH 235/922] If either pts or dts is AV_NOPTS_VALUE then set equal to the other --- src/zm_ffmpeg_camera.cpp | 8 +++++++- 1 file changed, 7 insertions(+), 1 deletion(-) diff --git a/src/zm_ffmpeg_camera.cpp b/src/zm_ffmpeg_camera.cpp index 201c0ff0e..edf338f6e 100644 --- a/src/zm_ffmpeg_camera.cpp +++ b/src/zm_ffmpeg_camera.cpp @@ -758,6 +758,11 @@ int FfmpegCamera::CaptureAndRecord( Image &image, timeval recording, char* event int keyframe = packet.flags & AV_PKT_FLAG_KEY; bytes += packet.size; dumpPacket(mFormatContext->streams[packet.stream_index], &packet, "Captured Packet"); + if ( packet.dts == AV_NOPTS_VALUE ) { + packet.dts = packet.pts; + } else if ( packet.pts == AV_NOPTS_VALUE ) { + packet.pts = packet.dts; + } // Video recording if ( recording.tv_sec ) { @@ -967,7 +972,8 @@ int FfmpegCamera::CaptureAndRecord( Image &image, timeval recording, char* event ret = avcodec_receive_frame(mVideoCodecContext, mRawFrame); if ( ret < 0 ) { av_strerror(ret, errbuf, AV_ERROR_MAX_STRING_SIZE); - Warning("Unable to receive frame %d: %s, continuing", frameCount, errbuf); + Warning("Unable to receive frame %d: %s, continuing. error count is %s", + frameCount, errbuf, error_count); error_count += 1; if ( error_count > 100 ) { Error("Error count over 100, going to close and re-open stream"); From 695bdfc1c682c64ef3de07301682b181ec64bb5b Mon Sep 17 00:00:00 2001 From: Isaac Connor Date: Thu, 13 Jun 2019 15:48:41 -0400 Subject: [PATCH 236/922] big ::Analyze logic cleanup. Also implement close continuous event before starting motion event in MOCORD --- src/zm_monitor.cpp | 115 ++++++++++++++------------------------------- 1 file changed, 36 insertions(+), 79 deletions(-) diff --git a/src/zm_monitor.cpp b/src/zm_monitor.cpp index a33ed81e3..b907f2395 100644 --- a/src/zm_monitor.cpp +++ b/src/zm_monitor.cpp @@ -1378,6 +1378,7 @@ bool Monitor::Analyse() { if ( trigger_data->trigger_state == TRIGGER_ON ) { score += trigger_data->trigger_score; if ( !event ) { + // How could it have a length already? if ( cause.length() ) cause += ", "; cause += trigger_data->trigger_cause; @@ -1405,40 +1406,41 @@ bool Monitor::Analyse() { cause += SIGNAL_CAUSE; } Event::StringSet noteSet; - noteSet.insert( signalText ); + noteSet.insert(signalText); noteSetMap[SIGNAL_CAUSE] = noteSet; shared_data->state = state = IDLE; shared_data->active = signal; ref_image = *snap_image; - } else if ( signal && Active() && (function == MODECT || function == MOCORD) ) { - Event::StringSet zoneSet; - if ( (!motion_frame_skip) || !(image_count % (motion_frame_skip+1) ) ) { - // Get new score. - int new_motion_score = DetectMotion(*snap_image, zoneSet); + } else if ( signal ) { + if ( Active() && (function == MODECT || function == MOCORD) ) { + // All is good, so add motion detection score. + Event::StringSet zoneSet; + if ( (!motion_frame_skip) || !(image_count % (motion_frame_skip+1) ) ) { + // Get new score. + int new_motion_score = DetectMotion(*snap_image, zoneSet); - Debug(3, - "After motion detection, last_motion_score(%d), new motion score(%d)", - last_motion_score, new_motion_score - ); - last_motion_score = new_motion_score; - } - if ( last_motion_score ) { - if ( !event ) { - score += last_motion_score; - if ( cause.length() ) - cause += ", "; - cause += MOTION_CAUSE; - } else { - score += last_motion_score; + Debug(3, + "After motion detection, last_motion_score(%d), new motion score(%d)", + last_motion_score, new_motion_score + ); + last_motion_score = new_motion_score; } - noteSetMap[MOTION_CAUSE] = zoneSet; - } // end if motion_score - shared_data->active = signal; - } // end if signal change + if ( last_motion_score ) { + score += last_motion_score; + if ( !event ) { + if ( cause.length() ) + cause += ", "; + cause += MOTION_CAUSE; + } + noteSetMap[MOTION_CAUSE] = zoneSet; + } // end if motion_score + //shared_data->active = signal; // unneccessary active gets set on signal change + } // end if active and doing motion detection - if ( (!signal_change) && signal) { + // Check to see if linked monitors are triggering. if ( n_linked_monitors > 0 ) { + // FIXME improve logic here bool first_link = true; Event::StringSet noteSet; for ( int i = 0; i < n_linked_monitors; i++ ) { @@ -1499,62 +1501,20 @@ bool Monitor::Analyse() { shared_data->state = state = TAPE; } - //if ( config.overlap_timed_events ) - if ( false ) { - int pre_index; - int pre_event_images = pre_event_count; - - if ( analysis_fps ) { - // If analysis fps is set, - // compute the index for pre event images in the dedicated buffer - pre_index = pre_event_buffer_count ? image_count%pre_event_buffer_count : 0; - - // Seek forward the next filled slot in to the buffer (oldest data) - // from the current position - while ( pre_event_images && !pre_event_buffer[pre_index].timestamp->tv_sec ) { - pre_index = (pre_index + 1)%pre_event_buffer_count; - // Slot is empty, removing image from counter - pre_event_images--; - } - } else { - // If analysis fps is not set (analysis performed at capturing framerate), - // compute the index for pre event images in the capturing buffer - pre_index = ((index + image_buffer_count) - pre_event_count)%image_buffer_count; - - // Seek forward the next filled slot in to the buffer (oldest data) - // from the current position - while ( pre_event_images && !image_buffer[pre_index].timestamp->tv_sec ) { - pre_index = (pre_index + 1)%image_buffer_count; - // Slot is empty, removing image from counter - pre_event_images--; - } - } - - if ( pre_event_images ) { - if ( analysis_fps ) { - for ( int i = 0; i < pre_event_images; i++ ) { - timestamps[i] = pre_event_buffer[pre_index].timestamp; - images[i] = pre_event_buffer[pre_index].image; - pre_index = (pre_index + 1)%pre_event_buffer_count; - } - } else { - for ( int i = 0; i < pre_event_images; i++ ) { - timestamps[i] = image_buffer[pre_index].timestamp; - images[i] = image_buffer[pre_index].image; - pre_index = (pre_index + 1)%image_buffer_count; - } - } - - event->AddFrames( pre_event_images, images, timestamps ); - } - } // end if false or config.overlap_timed_events } // end if ! event } // end if function == RECORD || function == MOCORD) } // end if !signal_change && signal if ( score ) { if ( state == IDLE || state == TAPE || state == PREALARM ) { + // This is so if we need more than 1 alarm frame before going into alarm, so it is basically if we have enough alarm frames if ( (!pre_event_count) || (Event::PreAlarmCount() >= alarm_frame_count) ) { + // If we should end then previous continuous event and start a new non-continuous event + if ( event && event->Frames() && !event->AlarmFrames() ) { + Info("%s: %03d - Closing event %" PRIu64 ", continuous end, alarm begins", + name, image_count, event->Id()); + closeEvent(); + } shared_data->state = state = ALARM; // lets construct alarm cause. It will contain cause + names of zones alarmed std::string alarm_cause = ""; @@ -1568,14 +1528,11 @@ bool Monitor::Analyse() { strncpy(shared_data->alarm_cause,alarm_cause.c_str(), sizeof(shared_data->alarm_cause)-1); Info("%s: %03d - Gone into alarm state PreAlarmCount: %u > AlarmFrameCount:%u Cause:%s", name, image_count, Event::PreAlarmCount(), alarm_frame_count, shared_data->alarm_cause); - if ( signal_change || (function != MOCORD && state != ALERT) ) { + + if ( !event ) { int pre_index; int pre_event_images = pre_event_count; - if ( event ) { - // Shouldn't be able to happen because - Error("Creating new event when one exists"); - } if ( analysis_fps && pre_event_count ) { // If analysis fps is set, // compute the index for pre event images in the dedicated buffer From c4dc5f34e4a081bf667dfe97a5e8ef1efe737431 Mon Sep 17 00:00:00 2001 From: Pliable Pixels Date: Sun, 16 Jun 2019 11:59:23 -0400 Subject: [PATCH 237/922] add event file system path to API (#2639) --- web/api/app/Controller/EventsController.php | 8 ++++++++ 1 file changed, 8 insertions(+) diff --git a/web/api/app/Controller/EventsController.php b/web/api/app/Controller/EventsController.php index 2f6cfd494..2eb5f7280 100644 --- a/web/api/app/Controller/EventsController.php +++ b/web/api/app/Controller/EventsController.php @@ -35,6 +35,7 @@ class EventsController extends AppController { $this->Event->recursive = -1; global $user; + require_once __DIR__ .'/../../../includes/Event.php'; $allowedMonitors = $user ? preg_split('@,@', $user['MonitorIds'], NULL, PREG_SPLIT_NO_EMPTY) : null; if ( $allowedMonitors ) { @@ -87,9 +88,13 @@ class EventsController extends AppController { $events = $this->Paginator->paginate('Event'); // For each event, get the frameID which has the largest score + // also add FS path + foreach ( $events as $key => $value ) { + $EventObj = new ZM\Event($value['Event']['Id']); $maxScoreFrameId = $this->getMaxScoreAlarmFrameId($value['Event']['Id']); $events[$key]['Event']['MaxScoreFrameId'] = $maxScoreFrameId; + $events[$key]['Event']['FileSystemPath'] = $EventObj->Path(); } $this->set(compact('events')); @@ -131,6 +136,9 @@ class EventsController extends AppController { $event['Event']['fileExists'] = $this->Event->fileExists($event['Event']); $event['Event']['fileSize'] = $this->Event->fileSize($event['Event']); + $EventObj = new ZM\Event($id); + $event['Event']['FileSystemPath'] = $EventObj->Path(); + # Also get the previous and next events for the same monitor $event_monitor_neighbors = $this->Event->find('neighbors', array( 'conditions'=>array('Event.MonitorId'=>$event['Event']['MonitorId']) From 98bf7800b0d9bc66dee872c7d2c727fa922b319e Mon Sep 17 00:00:00 2001 From: Pliable Pixels Date: Sun, 16 Jun 2019 11:59:48 -0400 Subject: [PATCH 238/922] remove a password log, corrected PHP version in log (#2627) * remove a password log, corrected PHP version in log * PHP version correction --- web/includes/actions/user.php | 3 +-- 1 file changed, 1 insertion(+), 2 deletions(-) diff --git a/web/includes/actions/user.php b/web/includes/actions/user.php index 988b40be1..a786f78d7 100644 --- a/web/includes/actions/user.php +++ b/web/includes/actions/user.php @@ -32,7 +32,7 @@ if ( $action == 'user' ) { $pass_hash = '"'.password_hash($_REQUEST['newUser']['Password'], PASSWORD_BCRYPT).'"'; } else { $pass_hash = ' PASSWORD('.dbEscape($_REQUEST['newUser']['Password']).') '; - ZM\Info('Cannot use bcrypt as you are using PHP < 5.5'); + ZM\Info('Cannot use bcrypt as you are using PHP < 5.3'); } if ( $_REQUEST['newUser']['Password'] ) { @@ -70,7 +70,6 @@ if ( $action == 'user' ) { } if ( !empty($_REQUEST['newUser']['Password']) ) { - ZM\Info('PASS CMD='.$changes['Password']); $changes['Password'] = 'Password = '.$pass_hash; } From 1336c03f97aa776362863830edefbf2e506a7477 Mon Sep 17 00:00:00 2001 From: Tom Hodder Date: Sun, 16 Jun 2019 17:02:00 +0100 Subject: [PATCH 239/922] WIP: Add pagination to frames.php in classic (#2618) * add pagination to the frames.php results * remove commented code, fix view all paging * removing debugging logging statements * default frames paging to on --- web/includes/functions.php | 20 ++++- web/skins/classic/views/frames.php | 123 +++++++++++++++++++++++++++-- 2 files changed, 134 insertions(+), 9 deletions(-) diff --git a/web/includes/functions.php b/web/includes/functions.php index 29293afde..e1016bb82 100644 --- a/web/includes/functions.php +++ b/web/includes/functions.php @@ -1077,13 +1077,28 @@ function parseSort( $saveToSession=false, $querySep='&' ) { case 'MaxScore' : $sortColumn = 'E.MaxScore'; break; + case 'FramesFrameId' : + $sortColumn = 'F.FrameId'; + break; + case 'FramesType' : + $sortColumn = 'F.Type'; + break; + case 'FramesTimeStamp' : + $sortColumn = 'F.TimeStamp'; + break; + case 'FramesDelta' : + $sortColumn = 'F.Delta'; + break; + case 'FramesScore' : + $sortColumn = 'F.Score'; + break; default: $sortColumn = 'E.StartTime'; break; } - $sortOrder = $_REQUEST['sort_asc']?'asc':'desc'; if ( !$_REQUEST['sort_asc'] ) $_REQUEST['sort_asc'] = 0; + $sortOrder = $_REQUEST['sort_asc']?'asc':'desc'; $sortQuery = $querySep.'sort_field='.validHtmlStr($_REQUEST['sort_field']).$querySep.'sort_asc='.validHtmlStr($_REQUEST['sort_asc']); if ( !isset($_REQUEST['limit']) ) $_REQUEST['limit'] = ''; @@ -1168,6 +1183,9 @@ function parseFilter(&$filter, $saveToSession=false, $querySep='&') { case 'StartDateTime': $filter['sql'] .= 'E.StartTime'; break; + case 'FramesEventId': + $filter['sql'] .= 'F.EventId'; + break; case 'StartDate': $filter['sql'] .= 'to_days( E.StartTime )'; break; diff --git a/web/skins/classic/views/frames.php b/web/skins/classic/views/frames.php index 17ed9c2f2..9a877ae3b 100644 --- a/web/skins/classic/views/frames.php +++ b/web/skins/classic/views/frames.php @@ -22,8 +22,44 @@ if ( !canView('Events') ) { $view = 'error'; return; } + require_once('includes/Frame.php'); -$Event = new ZM\Event($_REQUEST['eid']); + +$countSql = 'SELECT COUNT(*) AS FrameCount FROM Frames AS F WHERE 1 '; +$frameSql = 'SELECT *, unix_timestamp( TimeStamp ) AS UnixTimeStamp FROM Frames AS F WHERE 1 '; + +$eid = $_REQUEST['eid']; + +// override the sort_field handling in parseSort for frames +if ( empty($_REQUEST['sort_field']) ) + $_REQUEST['sort_field'] = 'FramesTimeStamp'; + +if ( !isset($_REQUEST['sort_asc']) ) + $_REQUEST['sort_asc'] = true; + +if( ! isset($_REQUEST['filter'])){ + // generate a dummy filter from the eid for pagination + $_REQUEST['filter'] = array('Query' => array( 'terms' => array( ) ) ); + $_REQUEST['filter'] = addFilterTerm( + $_REQUEST['filter'], + 0, + array( 'cnj' => 'and', 'attr' => 'FramesEventId', 'op' => '=', 'val' => $eid ) + ); +} + +parseSort(); +parseFilter($_REQUEST['filter']); +$filterQuery = $_REQUEST['filter']['query']; + + +if ( $_REQUEST['filter']['sql'] ) { + $countSql .= $_REQUEST['filter']['sql']; + $frameSql .= $_REQUEST['filter']['sql']; +} + +$frameSql .= " ORDER BY $sortColumn $sortOrder,Id $sortOrder"; + +$Event = new ZM\Event($eid); $Monitor = $Event->Monitor(); if ( isset( $_REQUEST['scale'] ) ) { @@ -35,8 +71,40 @@ if ( isset( $_REQUEST['scale'] ) ) { } else { $scale = max(reScale(SCALE_BASE, $Monitor->DefaultScale(), ZM_WEB_DEFAULT_SCALE), SCALE_BASE); } -$sql = 'SELECT *, unix_timestamp(TimeStamp) AS UnixTimeStamp FROM Frames WHERE EventID = ? ORDER BY FrameId'; -$frames = dbFetchAll($sql, NULL, array($_REQUEST['eid'])); + +$page = isset($_REQUEST['page']) ? validInt($_REQUEST['page']) : 1; +$limit = isset($_REQUEST['limit']) ? validInt($_REQUEST['limit']) : 0; + +$nEvents = dbFetchOne($countSql, 'FrameCount' ); + +if ( !empty($limit) && $nEvents > $limit ) { + $nEvents = $limit; +} + +$pages = (int)ceil($nEvents/ZM_WEB_EVENTS_PER_PAGE); + +if ( !empty($page) ) { + if ( $page < 0 ) + $page = 1; + else if ( $pages and ( $page > $pages ) ) + $page = $pages; + + $limitStart = (($page-1)*ZM_WEB_EVENTS_PER_PAGE); + if ( empty( $limit ) ) { + $limitAmount = ZM_WEB_EVENTS_PER_PAGE; + } else { + $limitLeft = $limit - $limitStart; + $limitAmount = ($limitLeft>ZM_WEB_EVENTS_PER_PAGE)?ZM_WEB_EVENTS_PER_PAGE:$limitLeft; + } + $frameSql .= " limit $limitStart, $limitAmount"; +} elseif ( !empty($limit) ) { + $frameSql .= ' limit 0, '.$limit; +} + +$maxShortcuts = 5; +$pagination = getPagination($pages, $page, $maxShortcuts, $sortQuery.'&eid='.$eid.$limitQuery.$filterQuery); + +$frames = dbFetchAll( $frameSql ); $focusWindow = true; @@ -47,18 +115,48 @@ xhtmlHeaders(__FILE__, translate('Frames').' - '.$Event->Id());
+ + + + + + + + - - - - - + + + + + @@ -122,6 +220,15 @@ if ( count($frames) ) { ?>
+ + +

+ +
From dc7707bbc19d2f7d37dff9dc99896968c6a44169 Mon Sep 17 00:00:00 2001 From: Isaac Connor Date: Tue, 18 Jun 2019 10:03:14 -0400 Subject: [PATCH 240/922] fix an oninput and use validHtmlStr on ServerNames storageName MonitorName etc in dropdowns --- web/skins/classic/views/filter.php | 16 ++++++++-------- 1 file changed, 8 insertions(+), 8 deletions(-) diff --git a/web/skins/classic/views/filter.php b/web/skins/classic/views/filter.php index da965b4e9..1eb4b71c3 100644 --- a/web/skins/classic/views/filter.php +++ b/web/skins/classic/views/filter.php @@ -137,19 +137,19 @@ for ( $i = 0; $i < 7; $i++ ) { $weekdays[$i] = strftime('%A', mktime(12, 0, 0, 1, $i+1, 2001)); } $states = array(); -foreach ( dbFetchAll('SELECT Id,Name FROM States ORDER BY lower(Name) ASC') as $state_row ) { - $states[$state_row['Id']] = $state_row['Name']; +foreach ( dbFetchAll('SELECT Id, Name FROM States ORDER BY lower(Name) ASC') as $state_row ) { + $states[$state_row['Id']] = validHtmlStr($state_row['Name']); } $servers = array(); $servers['ZM_SERVER_ID'] = 'Current Server'; $servers['NULL'] = 'No Server'; -foreach ( dbFetchAll('SELECT Id,Name FROM Servers ORDER BY lower(Name) ASC') as $server ) { - $servers[$server['Id']] = $server['Name']; +foreach ( dbFetchAll('SELECT Id, Name FROM Servers ORDER BY lower(Name) ASC') as $server ) { + $servers[$server['Id']] = validHtmlStr($server['Name']); } $monitors = array(); -foreach ( dbFetchAll('SELECT Id,Name FROM Monitors ORDER BY Name ASC') as $monitor ) { +foreach ( dbFetchAll('SELECT Id, Name FROM Monitors ORDER BY Name ASC') as $monitor ) { if ( visibleMonitor($monitor['Id']) ) { - $monitors[$monitor['Name']] = $monitor['Name']; + $monitors[$monitor['Name']] = validHtmlStr($monitor['Name']); } } @@ -188,7 +188,7 @@ if ( (null !== $filter->Concurrent()) and $filter->Concurrent() )

- +

@@ -247,7 +247,7 @@ for ( $i=0; $i < count($terms); $i++ ) { - + Date: Mon, 19 Aug 2019 11:12:47 -0400 Subject: [PATCH 444/922] fix typo --- src/zm_ffmpeg_camera.cpp | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/src/zm_ffmpeg_camera.cpp b/src/zm_ffmpeg_camera.cpp index d9736d6a3..686123ce3 100644 --- a/src/zm_ffmpeg_camera.cpp +++ b/src/zm_ffmpeg_camera.cpp @@ -482,7 +482,7 @@ int FfmpegCamera::OpenFfmpeg() { hw_pix_fmt = find_fmt_by_hw_type(type); #endif if ( hw_pix_fmt != AV_PIX_FMT_NONE ) { - Debug(1, "Selected gw_pix_fmt %d %s", + Debug(1, "Selected hw_pix_fmt %d %s", hw_pix_fmt, av_get_pix_fmt_name(hw_pix_fmt)); From 87e7ba0e5010567d83e69cc528ce1427f3300da8 Mon Sep 17 00:00:00 2001 From: Isaac Connor Date: Mon, 19 Aug 2019 11:38:56 -0400 Subject: [PATCH 445/922] have to add authhash to session on login --- web/includes/actions/login.php | 1 + 1 file changed, 1 insertion(+) diff --git a/web/includes/actions/login.php b/web/includes/actions/login.php index aa1034431..3820853b1 100644 --- a/web/includes/actions/login.php +++ b/web/includes/actions/login.php @@ -97,6 +97,7 @@ if ( ('login' == $action) && isset($_REQUEST['username']) && ( ZM_AUTH_TYPE == ' $_SESSION['password'] = $_REQUEST['password']; } zm_session_regenerate_id(); + generateAuthHash(ZM_AUTH_HASH_IPS); if ( $close_session ) session_write_close(); From b1132087b89073e44fc931ef3fa6e67f77ed46ff Mon Sep 17 00:00:00 2001 From: Isaac Connor Date: Mon, 19 Aug 2019 12:07:38 -0400 Subject: [PATCH 446/922] restore username&password login for all urls --- web/includes/actions/login.php | 11 ++--------- web/includes/auth.php | 16 ++++++++++++++++ web/index.php | 1 - 3 files changed, 18 insertions(+), 10 deletions(-) diff --git a/web/includes/actions/login.php b/web/includes/actions/login.php index 3820853b1..00c83d2b2 100644 --- a/web/includes/actions/login.php +++ b/web/includes/actions/login.php @@ -50,6 +50,7 @@ if ( ('login' == $action) && isset($_REQUEST['username']) && ( ZM_AUTH_TYPE == ' if ( isset($responseData['error-codes']) && is_array($responseData['error-codes']) ) { if ( !in_array('invalid-input-secret', $responseData['error-codes']) ) { Error('reCaptcha authentication failed'); + unset($user); // unset should be ok here because we aren't in a function return; } else { Error('Invalid recaptcha secret detected'); @@ -58,20 +59,12 @@ if ( ('login' == $action) && isset($_REQUEST['username']) && ( ZM_AUTH_TYPE == ' } // end if success==false } // end if using reCaptcha - // coming here means we need to authenticate the user // if captcha existed, it was passed - $username = $_REQUEST['username']; - $password = $_REQUEST['password']; - - $ret = validateUser($username, $password); - if ( !$ret[0] ) { - ZM\Error($ret[1]); + if ( ! $user ) { $_SESSION['loginFailed'] = true; - unset($user); // unset should be ok here because we aren't in a function return; } - $user = $ret[0]; $close_session = 0; if ( !is_session_started() ) { diff --git a/web/includes/auth.php b/web/includes/auth.php index 514a87ae0..c4c58d29e 100644 --- a/web/includes/auth.php +++ b/web/includes/auth.php @@ -256,15 +256,31 @@ if ( ZM_OPT_USE_AUTH ) { # This prevent session modification to switch users if ( isset($_SESSION['AuthHash'.$_SESSION['remoteAddr']]) ) $user = getAuthUser($_SESSION['AuthHash'.$_SESSION['remoteAddr']]); + else + ZM\Logger::Debug("No auth hash in session, there should have been"); + } else { # Need to refresh permissions and validate that the user still exists $sql = 'SELECT * FROM Users WHERE Enabled=1 AND Username=?'; $user = dbFetchOne($sql, NULL, array($_SESSION['username'])); } + } else { + ZM\Logger::Debug("No username in session"); } if ( ZM_AUTH_HASH_LOGINS && empty($user) && !empty($_REQUEST['auth']) ) { $user = getAuthUser($_REQUEST['auth']); + } else if ( + ! ( empty($_REQUEST['username']) or empty($_REQUEST['password']) or + (defined('ZM_OPT_USE_GOOG_RECAPTCHA') && ZM_OPT_USE_GOOG_RECAPTCHA ) + ) ) { + $ret = validateUser($_REQUEST['username'], $_REQUEST['password'); + if ( !$ret[0] ) { + ZM\Error($ret[1]); + unset($user); // unset should be ok here because we aren't in a function + return; + } + $user = $ret[0]; } if ( !empty($user) ) { diff --git a/web/index.php b/web/index.php index 9374e5f95..93d2c8ff3 100644 --- a/web/index.php +++ b/web/index.php @@ -77,7 +77,6 @@ if ( $_SERVER['REQUEST_METHOD'] == 'OPTIONS' ) { return; } - if ( isset($_GET['skin']) ) { $skin = $_GET['skin']; } else if ( isset($_COOKIE['zmSkin']) ) { From 3b58da860fd9addec8656fe90cfdb5a755d6407e Mon Sep 17 00:00:00 2001 From: Isaac Connor Date: Mon, 19 Aug 2019 12:08:41 -0400 Subject: [PATCH 447/922] fix --- web/includes/auth.php | 8 +++++--- 1 file changed, 5 insertions(+), 3 deletions(-) diff --git a/web/includes/auth.php b/web/includes/auth.php index c4c58d29e..4ada2afa2 100644 --- a/web/includes/auth.php +++ b/web/includes/auth.php @@ -271,10 +271,12 @@ if ( ZM_OPT_USE_AUTH ) { if ( ZM_AUTH_HASH_LOGINS && empty($user) && !empty($_REQUEST['auth']) ) { $user = getAuthUser($_REQUEST['auth']); } else if ( - ! ( empty($_REQUEST['username']) or empty($_REQUEST['password']) or - (defined('ZM_OPT_USE_GOOG_RECAPTCHA') && ZM_OPT_USE_GOOG_RECAPTCHA ) + ! ( + empty($_REQUEST['username']) or + empty($_REQUEST['password']) or + (defined('ZM_OPT_USE_GOOG_RECAPTCHA') && ZM_OPT_USE_GOOG_RECAPTCHA) ) ) { - $ret = validateUser($_REQUEST['username'], $_REQUEST['password'); + $ret = validateUser($_REQUEST['username'], $_REQUEST['password']); if ( !$ret[0] ) { ZM\Error($ret[1]); unset($user); // unset should be ok here because we aren't in a function From b344701dea91c250e607e47dab7a01d714b0a139 Mon Sep 17 00:00:00 2001 From: Isaac Connor Date: Mon, 19 Aug 2019 12:15:58 -0400 Subject: [PATCH 448/922] fixes --- web/includes/actions/login.php | 6 ++++-- web/includes/session.php | 3 ++- 2 files changed, 6 insertions(+), 3 deletions(-) diff --git a/web/includes/actions/login.php b/web/includes/actions/login.php index 00c83d2b2..7c494ff3c 100644 --- a/web/includes/actions/login.php +++ b/web/includes/actions/login.php @@ -61,7 +61,7 @@ if ( ('login' == $action) && isset($_REQUEST['username']) && ( ZM_AUTH_TYPE == ' // if captcha existed, it was passed - if ( ! $user ) { + if ( ! isset($user) ) { $_SESSION['loginFailed'] = true; return; } @@ -71,7 +71,9 @@ if ( ('login' == $action) && isset($_REQUEST['username']) && ( ZM_AUTH_TYPE == ' zm_session_start(); $close_session = 1; } - $_SESSION['remoteAddr'] = $_SERVER['REMOTE_ADDR']; // To help prevent session hijacking + + $username = $_REQUEST['username']; + $password = $_REQUEST['password']; ZM\Info("Login successful for user \"$username\""); $password_type = password_type($password); diff --git a/web/includes/session.php b/web/includes/session.php index 4832957fa..1e2601f08 100644 --- a/web/includes/session.php +++ b/web/includes/session.php @@ -20,6 +20,7 @@ function zm_session_start() { ZM\Logger::Debug('Setting cookie parameters to lifetime('.$currentCookieParams['lifetime'].') path('.$currentCookieParams['path'].') domain ('.$currentCookieParams['domain'].') secure('.$currentCookieParams['secure'].') httpOnly(1) name:'.session_name()); session_start(); + $_SESSION['remoteAddr'] = $_SERVER['REMOTE_ADDR']; // To help prevent session hijacking // Do not allow to use expired session ID if ( !empty($_SESSION['last_time']) && ($_SESSION['last_time'] < (time() - 180)) ) { ZM\Info('Destroying session due to timeout. '); @@ -67,8 +68,8 @@ function zm_session_clear() { setcookie(session_name(), '', time() - 31536000, $p['path'], $p['domain'], $p['secure'], $p['httponly']); } session_unset(); - session_write_close(); session_destroy(); + session_write_close(); session_start(); } // function zm_session_clear() ?> From 84492f29b16779dab53aa086470ca722ec4eaf19 Mon Sep 17 00:00:00 2001 From: Isaac Connor Date: Tue, 20 Aug 2019 09:46:53 -0400 Subject: [PATCH 449/922] Fix token auth sessions (#2676) * If token is present do token based auth and do not do anything with session * update HostController. Use config constants, don't use sessions * Remove Session from the components list * spacing * Remove Session from App Components list. * Move APIEnabled check to the api from auth.php * Rework auth. login using username and password only occurs on login action now. Including auth.php should not touch the session. auth_hash logins no longer touch the session. replace userLogin with a function called validateUser which matches the semantics of validateToken. * remove debugging * Add session storage if stateful query param is on, but only for LEGACY_API_AUTH * fix mUser to username, etc. * shuffle lines * use instead of session when generating auth hash. * Add docs regarding the use of cookies and stateful query param * Only open/close session if we are clearing a session var * Use zm_session_start instead of session_start * Should use zm_session_start instead of session_start * document that zm_session_start should be called previously to session_regenerate_id * Don't actually write out the session when generating auth hashes. Means they should never actually persist. * More backticking of SQL * add .. to fix #2686 * Use material icons for sort because they look nicer * fix typo * have to add authhash to session on login * restore username&password login for all urls * fix * fixes --- docs/api.rst | 10 +- src/zm_ffmpeg_camera.cpp | 2 +- web/api/app/Controller/AppController.php | 68 +++-- web/api/app/Controller/HostController.php | 197 ++++++------ web/includes/Group.php | 4 +- web/includes/actions/login.php | 85 +++++- web/includes/actions/logout.php | 1 + web/includes/auth.php | 351 +++++++--------------- web/includes/session.php | 8 +- web/index.php | 9 +- web/skins/classic/css/classic/skin.css | 4 +- web/skins/classic/views/console.php | 3 +- web/skins/classic/views/js/console.js | 8 +- 13 files changed, 350 insertions(+), 400 deletions(-) diff --git a/docs/api.rst b/docs/api.rst index 177678977..b7a83c223 100644 --- a/docs/api.rst +++ b/docs/api.rst @@ -24,7 +24,7 @@ The ZoneMinder API has evolved over time. Broadly speaking the iterations were a * You use cookies to maintain session state (`ZM_SESS_ID`) * You use an authentication hash to validate yourself, which included encoding personal information and time stamps which at times caused timing validation issues, especially for mobile consumers * Starting version 1.34, ZoneMinder has introduced a new "token" based system which is based JWT. We have given it a '2.0' version ID. These tokens don't encode any personal data and can be statelessly passed around per request. It introduces concepts like access tokens, refresh tokens and per user level API revocation to manage security better. The internal components of ZoneMinder all support this new scheme now and if you are using the APIs we strongly recommend you migrate to 1.34 and use this new token system (as a side note, 1.34 also moves from MYSQL PASSWORD to Bcrypt for passwords, which is also a good reason why you should migate). -* Note that as of 1.34, both versions of API access will work (tokens and the older auth hash mechanism). +* Note that as of 1.34, both versions of API access will work (tokens and the older auth hash mechanism), however we no longer use sessions by default. You will have to add a stateful=1 query parameter during login to tell ZM to set a COOKIE and store the required info in the session. This option is only available if OPT_USE_LEGACY_API_AUTH is set to ON. .. NOTE:: For the rest of the document, we will specifically highlight v2.0 only features. If you don't see a special mention, assume it applies for both API versions. @@ -51,10 +51,14 @@ To get an API key: :: - curl -XPOST [-c cookies.txt] -d "user=yourusername&pass=yourpassword" https://yourserver/zm/api/host/login.json + curl -XPOST -d "user=yourusername&pass=yourpassword" https://yourserver/zm/api/host/login.json -The ``[-c cookies.txt]`` is optional, and will be explained in the next section. +If you want to use a stateful connection, so you don't have to pass auth credentials with each query, you can use the following: + +:: + + curl -XPOST -c cookies.txt -d "user=yourusername&pass=yourpassword&stateful=1" https://yourserver/zm/api/host/login.json This returns a payload like this for API v1.0: diff --git a/src/zm_ffmpeg_camera.cpp b/src/zm_ffmpeg_camera.cpp index d9736d6a3..686123ce3 100644 --- a/src/zm_ffmpeg_camera.cpp +++ b/src/zm_ffmpeg_camera.cpp @@ -482,7 +482,7 @@ int FfmpegCamera::OpenFfmpeg() { hw_pix_fmt = find_fmt_by_hw_type(type); #endif if ( hw_pix_fmt != AV_PIX_FMT_NONE ) { - Debug(1, "Selected gw_pix_fmt %d %s", + Debug(1, "Selected hw_pix_fmt %d %s", hw_pix_fmt, av_get_pix_fmt_name(hw_pix_fmt)); diff --git a/web/api/app/Controller/AppController.php b/web/api/app/Controller/AppController.php index 6b71ffb84..b6ef078be 100644 --- a/web/api/app/Controller/AppController.php +++ b/web/api/app/Controller/AppController.php @@ -34,7 +34,6 @@ class AppController extends Controller { use CrudControllerTrait; public $components = [ - 'Session', // We are going to use SessionHelper to check PHP session vars 'RequestHandler', 'Crud.Crud' => [ 'actions' => [ @@ -67,48 +66,71 @@ class AppController extends Controller { # For use throughout the app. If not logged in, this will be null. global $user; - if ( ZM_OPT_USE_AUTH ) { + # This will auto-login if username=&password= are set, or auth= require_once __DIR__ .'/../../../includes/auth.php'; - $mUser = $this->request->query('user') ? $this->request->query('user') : $this->request->data('user'); - $mPassword = $this->request->query('pass') ? $this->request->query('pass') : $this->request->data('pass'); - $mToken = $this->request->query('token') ? $this->request->query('token') : $this->request->data('token'); - - if ( $mUser and $mPassword ) { - // log (user, pass, nothashed, api based login so skip recaptcha) - $user = userLogin($mUser, $mPassword, false, true); - if ( !$user ) { - throw new UnauthorizedException(__('Incorrect credentials or API disabled')); - return; + if ( ZM_OPT_USE_LEGACY_API_AUTH or !strcasecmp($this->params->action, 'login') ) { + # This is here because historically we allowed user=&pass= in the api. web-ui auth uses username=&password= + $username = $this->request->query('user') ? $this->request->query('user') : $this->request->data('user'); + $password = $this->request->query('pass') ? $this->request->query('pass') : $this->request->data('pass'); + if ( $username and $password ) { + $ret = validateUser($username, $password); + $user = $ret[0]; + $retstatus = $ret[1]; + if ( !$user ) { + throw new UnauthorizedException(__($retstatus)); + return; + } + ZM\Info("Login successful for user \"$username\""); } - } else if ( $mToken ) { + } + + if ( ZM_OPT_USE_LEGACY_API_AUTH ) { + require_once __DIR__ .'/../../../includes/session.php'; + $stateful = $this->request->query('stateful') ? $this->request->query('stateful') : $this->request->data('stateful'); + if ( $stateful ) { + + zm_session_start(); + $_SESSION['remoteAddr'] = $_SERVER['REMOTE_ADDR']; // To help prevent session hijacking + $_SESSION['username'] = $user['Username']; + if ( ZM_AUTH_RELAY == 'plain' ) { + // Need to save this in session, can't use the value in User because it is hashed + $_SESSION['password'] = $_REQUEST['password']; + } + session_write_close(); + } + } + + # NON LEGACY, token based access + $token = $this->request->query('token') ? $this->request->query('token') : $this->request->data('token'); + if ( $token ) { // if you pass a token to login, we should only allow // refresh tokens to regenerate new access and refresh tokens if ( !strcasecmp($this->params->action, 'login') ) { - $only_allow_token_type='refresh'; + $only_allow_token_type = 'refresh'; } else { // for any other methods, don't allow refresh tokens // they are supposed to be infrequently used for security // purposes - $only_allow_token_type='access'; - + $only_allow_token_type = 'access'; } - $ret = validateToken($mToken, $only_allow_token_type, true); + $ret = validateToken($token, $only_allow_token_type, true); $user = $ret[0]; $retstatus = $ret[1]; if ( !$user ) { throw new UnauthorizedException(__($retstatus)); return; } - } else if ( $mAuth ) { - $user = getAuthUser($mAuth, true); - if ( !$user ) { - throw new UnauthorizedException(__('Invalid Auth Key')); - return; - } + } # end if token + + if ( $user and ( $user['APIEnabled'] != 1 ) ) { + ZM\Error('API disabled for: '.$user['Username']); + throw new UnauthorizedException(__('API disabled for: '.$user['Username'])); + $user = null; } + // We need to reject methods that are not authenticated // besides login and logout if ( strcasecmp($this->params->action, 'logout') ) { diff --git a/web/api/app/Controller/HostController.php b/web/api/app/Controller/HostController.php index 490eee953..fd996bdb7 100644 --- a/web/api/app/Controller/HostController.php +++ b/web/api/app/Controller/HostController.php @@ -3,10 +3,10 @@ App::uses('AppController', 'Controller'); class HostController extends AppController { - public $components = array('RequestHandler', 'Session'); + public $components = array('RequestHandler'); public function daemonCheck($daemon=false, $args=false) { - $string = Configure::read('ZM_PATH_BIN').'/zmdc.pl check'; + $string = ZM_PATH_BIN.'/zmdc.pl check'; if ( $daemon ) { $string .= " $daemon"; if ( $args ) @@ -29,15 +29,14 @@ class HostController extends AppController { '_serialize' => array('load') )); } - + function login() { - - $mUser = $this->request->query('user') ? $this->request->query('user') : $this->request->data('user'); - $mPassword = $this->request->query('pass') ? $this->request->query('pass') : $this->request->data('pass'); - $mToken = $this->request->query('token') ? $this->request->query('token') : $this->request->data('token'); + $username = $this->request->query('user') ? $this->request->query('user') : $this->request->data('user'); + $password = $this->request->query('pass') ? $this->request->query('pass') : $this->request->data('pass'); + $token = $this->request->query('token') ? $this->request->query('token') : $this->request->data('token'); - if ( !($mUser && $mPassword) && !$mToken ) { + if ( !($username && $password) && !$token ) { throw new UnauthorizedException(__('No identity provided')); } @@ -45,46 +44,35 @@ class HostController extends AppController { $cred = []; $cred_depr = []; - if ($mUser && $mPassword) { - $cred = $this->_getCredentials(true); // generate refresh - } - else { - $cred = $this->_getCredentials(false, $mToken); // don't generate refresh + if ( $username && $password ) { + $cred = $this->_getCredentials(true, '', $username); // generate refresh + } else { + $cred = $this->_getCredentials(false, $token); // don't generate refresh } $login_array = array ( - 'access_token'=>$cred[0], - 'access_token_expires'=>$cred[1] + 'access_token' => $cred[0], + 'access_token_expires' => $cred[1] ); - $login_serialize_list = array ( - 'access_token', - 'access_token_expires' - ); - - if ($mUser && $mPassword) { + if ( $username && $password ) { $login_array['refresh_token'] = $cred[2]; $login_array['refresh_token_expires'] = $cred[3]; - array_push ($login_serialize_list, 'refresh_token', 'refresh_token_expires'); } - if (ZM_OPT_USE_LEGACY_API_AUTH) { + if ( ZM_OPT_USE_LEGACY_API_AUTH ) { $cred_depr = $this->_getCredentialsDeprecated(); - $login_array ['credentials']=$cred_depr[0]; - $login_array ['append_password']=$cred_depr[1]; - array_push ($login_serialize_list, 'credentials', 'append_password'); + $login_array['credentials'] = $cred_depr[0]; + $login_array['append_password'] = $cred_depr[1]; } - $login_array['version'] = $ver[0]; $login_array['apiversion'] = $ver[1]; - array_push ($login_serialize_list, 'version', 'apiversion'); - $login_array["_serialize"] = $login_serialize_list; + $login_array['_serialize'] = array_keys($login_array); $this->set($login_array); - } // end function login() // clears out session @@ -101,106 +89,95 @@ class HostController extends AppController { private function _getCredentialsDeprecated() { $credentials = ''; $appendPassword = 0; - if (ZM_OPT_USE_AUTH) { - require_once __DIR__ .'/../../../includes/auth.php'; - if (ZM_AUTH_RELAY=='hashed') { - $credentials = 'auth='.generateAuthHash(ZM_AUTH_HASH_IPS,true); - } - else { - $credentials = 'user='.$this->Session->read('Username').'&pass='; + if ( ZM_OPT_USE_AUTH ) { + require_once __DIR__ .'/../../../includes/auth.php'; + if ( ZM_AUTH_RELAY == 'hashed' ) { + $credentials = 'auth='.generateAuthHash(ZM_AUTH_HASH_IPS, true); + } else { + $credentials = 'user='.$_SESSION['Username'].'&pass='; $appendPassword = 1; } return array($credentials, $appendPassword); } } - - private function _getCredentials($generate_refresh_token=false, $mToken='') { - $credentials = ''; - $this->loadModel('Config'); - if ( ZM_OPT_USE_AUTH ) { - require_once __DIR__ .'/../../../includes/auth.php'; - require_once __DIR__.'/../../../vendor/autoload.php'; - - $key = ZM_AUTH_HASH_SECRET; - if (!$key) { - throw new ForbiddenException(__('Please create a valid AUTH_HASH_SECRET in ZoneMinder')); - } + private function _getCredentials($generate_refresh_token=false, $token='', $username='') { - if ($mToken) { - // If we have a token, we need to derive username from there - $ret = validateToken($mToken, 'refresh', true); - $mUser = $ret[0]['Username']; + if ( !ZM_OPT_USE_AUTH ) + return; - } else { - $mUser = $_SESSION['username']; - } + if ( !ZM_AUTH_HASH_SECRET ) + throw new ForbiddenException(__('Please create a valid AUTH_HASH_SECRET in ZoneMinder')); - ZM\Info("Creating token for \"$mUser\""); + require_once __DIR__ .'/../../../includes/auth.php'; + require_once __DIR__.'/../../../vendor/autoload.php'; - /* we won't support AUTH_HASH_IPS in token mode - reasons: - a) counter-intuitive for mobile consumers - b) zmu will never be able to to validate via a token if we sign - it after appending REMOTE_ADDR - - if (ZM_AUTH_HASH_IPS) { - $key = $key . $_SERVER['REMOTE_ADDR']; - }*/ + if ( $token ) { + // If we have a token, we need to derive username from there + $ret = validateToken($token, 'refresh', true); + $username = $ret[0]['Username']; + } - $access_issued_at = time(); - $access_ttl = (ZM_AUTH_HASH_TTL || 2) * 3600; + ZM\Info("Creating token for \"$username\""); - // by default access token will expire in 2 hrs - // you can change it by changing the value of ZM_AUTH_HASH_TLL - $access_expire_at = $access_issued_at + $access_ttl; - //$access_expire_at = $access_issued_at + 60; // TEST, REMOVE - - $access_token = array( - "iss" => "ZoneMinder", - "iat" => $access_issued_at, - "exp" => $access_expire_at, - "user" => $mUser, - "type" => "access" + /* we won't support AUTH_HASH_IPS in token mode + reasons: + a) counter-intuitive for mobile consumers + b) zmu will never be able to to validate via a token if we sign + it after appending REMOTE_ADDR + + if (ZM_AUTH_HASH_IPS) { + $key = $key . $_SERVER['REMOTE_ADDR']; + }*/ + + $access_issued_at = time(); + $access_ttl = (ZM_AUTH_HASH_TTL || 2) * 3600; + + // by default access token will expire in 2 hrs + // you can change it by changing the value of ZM_AUTH_HASH_TLL + $access_expire_at = $access_issued_at + $access_ttl; + //$access_expire_at = $access_issued_at + 60; // TEST, REMOVE + + $access_token = array( + 'iss' => 'ZoneMinder', + 'iat' => $access_issued_at, + 'exp' => $access_expire_at, + 'user' => $username, + 'type' => 'access' + ); + + $jwt_access_token = \Firebase\JWT\JWT::encode($access_token, ZM_AUTH_HASH_SECRET, 'HS256'); + + $jwt_refresh_token = ''; + $refresh_ttl = 0; + + if ( $generate_refresh_token ) { + $refresh_issued_at = time(); + $refresh_ttl = 24 * 3600; // 1 day + + $refresh_expire_at = $refresh_issued_at + $refresh_ttl; + $refresh_token = array( + 'iss' => 'ZoneMinder', + 'iat' => $refresh_issued_at, + 'exp' => $refresh_expire_at, + 'user' => $username, + 'type' => 'refresh' ); - - $jwt_access_token = \Firebase\JWT\JWT::encode($access_token, $key, 'HS256'); - - $jwt_refresh_token = ""; - $refresh_ttl = 0; - - if ($generate_refresh_token) { - $refresh_issued_at = time(); - $refresh_ttl = 24 * 3600; // 1 day - - $refresh_expire_at = $refresh_issued_at + $refresh_ttl; - $refresh_token = array( - "iss" => "ZoneMinder", - "iat" => $refresh_issued_at, - "exp" => $refresh_expire_at, - "user" => $mUser, - "type" => "refresh" - ); - $jwt_refresh_token = \Firebase\JWT\JWT::encode($refresh_token, $key, 'HS256'); - } - - } + $jwt_refresh_token = \Firebase\JWT\JWT::encode($refresh_token, ZM_AUTH_HASH_SECRET, 'HS256'); + } # end if generate_refresh_token return array($jwt_access_token, $access_ttl, $jwt_refresh_token, $refresh_ttl); - } + } # end function _getCredentials($generate_refresh_token=false, $token='') // If $mid is set, only return disk usage for that monitor // Else, return an array of total disk usage, and per-monitor // usage. // This function is deprecated. Use the Storage object or monitor object instead function getDiskPercent($mid = null) { - $this->loadModel('Config'); $this->loadModel('Monitor'); // If $mid is passed, see if it is valid - if ( $mid ) { - if ( !$this->Monitor->exists($mid) ) { - throw new NotFoundException(__('Invalid monitor')); - } + if ( $mid and !$this->Monitor->exists($mid) ) { + throw new NotFoundException(__('Invalid monitor')); } $zm_dir_events = ZM_DIR_EVENTS; @@ -228,8 +205,8 @@ class HostController extends AppController { $name = $value['Monitor']['Name']; $color = $value['Monitor']['WebColour']; - $space = shell_exec ("du -s0 $zm_dir_events/$id | awk '{print $1}'"); - if ($space == null) { + $space = shell_exec("du -s0 $zm_dir_events/$id | awk '{print $1}'"); + if ( $space == null ) { $space = 0; } $space = $space/1024/1024; @@ -265,7 +242,7 @@ class HostController extends AppController { } private function _getVersion() { - $version = Configure::read('ZM_VERSION'); + $version = ZM_VERSION; $apiversion = '2.0'; return array($version, $apiversion); } diff --git a/web/includes/Group.php b/web/includes/Group.php index a2ad252cd..3478f67f0 100644 --- a/web/includes/Group.php +++ b/web/includes/Group.php @@ -54,16 +54,16 @@ class Group extends ZM_Object { public static function get_group_dropdown( ) { - session_start(); $selected_group_id = 0; if ( isset($_REQUEST['groups']) ) { $selected_group_id = $group_id = $_SESSION['groups'] = $_REQUEST['groups']; } else if ( isset( $_SESSION['groups'] ) ) { $selected_group_id = $group_id = $_SESSION['groups']; } else if ( isset($_REQUEST['filtering']) ) { + zm_session_start(); unset($_SESSION['groups']); + session_write_close(); } - session_write_close(); return htmlSelect( 'Group[]', Group::get_dropdown_options(), isset($_SESSION['Group'])?$_SESSION['Group']:null, array( 'data-on-change' => 'submitThisForm', diff --git a/web/includes/actions/login.php b/web/includes/actions/login.php index 787bb34ca..7c494ff3c 100644 --- a/web/includes/actions/login.php +++ b/web/includes/actions/login.php @@ -21,14 +21,81 @@ if ( ('login' == $action) && isset($_REQUEST['username']) && ( ZM_AUTH_TYPE == 'remote' || isset($_REQUEST['password']) ) ) { - $refreshParent = true; - // User login is automatically performed in includes/auth.php So we don't need to perform a login here, - // just handle redirects. This is the action that comes from the login view, so the logical thing to - // do on successful auth is redirect to console, otherwise loop back to login. - if ( !$user ) { - $view = 'login'; - } else { - $view = 'postlogin'; + // if true, a popup will display after login + // lets validate reCaptcha if it exists + if ( + defined('ZM_OPT_USE_GOOG_RECAPTCHA') + && defined('ZM_OPT_GOOG_RECAPTCHA_SECRETKEY') + && defined('ZM_OPT_GOOG_RECAPTCHA_SITEKEY') + && ZM_OPT_USE_GOOG_RECAPTCHA + && ZM_OPT_GOOG_RECAPTCHA_SECRETKEY + && ZM_OPT_GOOG_RECAPTCHA_SITEKEY ) + { + $url = 'https://www.google.com/recaptcha/api/siteverify'; + $fields = array ( + 'secret' => ZM_OPT_GOOG_RECAPTCHA_SECRETKEY, + 'response' => $_REQUEST['g-recaptcha-response'], + 'remoteip' => $_SERVER['REMOTE_ADDR'] + ); + $res = do_post_request($url, http_build_query($fields)); + $responseData = json_decode($res, true); + // credit: https://github.com/google/recaptcha/blob/master/src/ReCaptcha/Response.php + // if recaptcha resulted in error, we might have to deny login + if ( isset($responseData['success']) && ($responseData['success'] == false) ) { + // PP - before we deny auth, let's make sure the error was not 'invalid secret' + // because that means the user did not configure the secret key correctly + // in this case, we prefer to let him login in and display a message to correct + // the key. Unfortunately, there is no way to check for invalid site key in code + // as it produces the same error as when you don't answer a recaptcha + if ( isset($responseData['error-codes']) && is_array($responseData['error-codes']) ) { + if ( !in_array('invalid-input-secret', $responseData['error-codes']) ) { + Error('reCaptcha authentication failed'); + unset($user); // unset should be ok here because we aren't in a function + return; + } else { + Error('Invalid recaptcha secret detected'); + } + } + } // end if success==false + } // end if using reCaptcha + + // if captcha existed, it was passed + + if ( ! isset($user) ) { + $_SESSION['loginFailed'] = true; + return; } -} + + $close_session = 0; + if ( !is_session_started() ) { + zm_session_start(); + $close_session = 1; + } + + $username = $_REQUEST['username']; + $password = $_REQUEST['password']; + + ZM\Info("Login successful for user \"$username\""); + $password_type = password_type($password); + + if ( $password_type == 'mysql' or $password_type == 'mysql+bcrypt' ) { + ZM\Info('Migrating password, if possible for future logins'); + migrateHash($username, $password); + } + unset($_SESSION['loginFailed']); + if ( ZM_AUTH_TYPE == 'builtin' ) { + $_SESSION['passwordHash'] = $user['Password']; + } + $_SESSION['username'] = $user['Username']; + if ( ZM_AUTH_RELAY == 'plain' ) { + // Need to save this in session, can't use the value in User because it is hashed + $_SESSION['password'] = $_REQUEST['password']; + } + zm_session_regenerate_id(); + generateAuthHash(ZM_AUTH_HASH_IPS); + if ( $close_session ) + session_write_close(); + + $view = 'postlogin'; +} # end if doing a login action ?> diff --git a/web/includes/actions/logout.php b/web/includes/actions/logout.php index 3b9a7b8d2..aecdb7683 100644 --- a/web/includes/actions/logout.php +++ b/web/includes/actions/logout.php @@ -24,5 +24,6 @@ if ( $action == 'logout' ) { $refreshParent = true; $view = 'none'; $closePopup = true; + ZM\Logger::Debug("User: " . print_r($user,true)); } ?> diff --git a/web/includes/auth.php b/web/includes/auth.php index 652ef3c98..4ada2afa2 100644 --- a/web/includes/auth.php +++ b/web/includes/auth.php @@ -20,9 +20,23 @@ // require_once('session.php'); require_once(__DIR__.'/../vendor/autoload.php'); - use \Firebase\JWT\JWT; +function password_type($password) { + if ( $password[0] == '*' ) { + return 'mysql'; + } else if ( preg_match('/^\$2[ayb]\$.+$/', $password) ) { + return 'bcrypt'; + } else if ( substr($password, 0,4) == '-ZM-' ) { + // zmupdate.pl adds a '-ZM-' prefix to overlay encrypted passwords + // this is done so that we don't spend cycles doing two bcrypt password_verify calls + // for every wrong password entered. This will only be invoked for passwords zmupdate.pl has + // overlay hashed + return 'mysql+bcrypt'; + } + return 'plain'; +} + // this function migrates mysql hashing to bcrypt, if you are using PHP >= 5.5 // will be called after successful login, only if mysql hashing is detected function migrateHash($user, $pass) { @@ -33,7 +47,6 @@ function migrateHash($user, $pass) { $bcrypt_hash = password_hash($pass, PASSWORD_BCRYPT); //ZM\Info ("hased bcrypt $pass is $bcrypt_hash"); $update_password_sql = 'UPDATE Users SET Password=\''.$bcrypt_hash.'\' WHERE Username=\''.$user.'\''; - ZM\Info($update_password_sql); dbQuery($update_password_sql); # Since password field has changed, existing auth_hash is no longer valid generateAuthHash(ZM_AUTH_HASH_IPS, true); @@ -43,172 +56,70 @@ function migrateHash($user, $pass) { } } -// core function used to login a user to PHP. Is also used for cake sessions for the API -function userLogin($username='', $password='', $passwordHashed=false, $from_api_layer = false) { - - global $user; +// core function used to load a User record by username and password +function validateUser($username='', $password='') { - if ( !$username and isset($_REQUEST['username']) ) - $username = $_REQUEST['username']; - if ( !$password and isset($_REQUEST['password']) ) - $password = $_REQUEST['password']; + $sql = 'SELECT * FROM Users WHERE Enabled=1 AND Username=?'; + // local user, shouldn't affect the global user + $user = dbFetchOne($sql, NULL, array($username)); - // if true, a popup will display after login - // lets validate reCaptcha if it exists - // this only applies if it userLogin was not called from API layer - if ( !$from_api_layer - && defined('ZM_OPT_USE_GOOG_RECAPTCHA') - && defined('ZM_OPT_GOOG_RECAPTCHA_SECRETKEY') - && defined('ZM_OPT_GOOG_RECAPTCHA_SITEKEY') - && ZM_OPT_USE_GOOG_RECAPTCHA - && ZM_OPT_GOOG_RECAPTCHA_SECRETKEY - && ZM_OPT_GOOG_RECAPTCHA_SITEKEY ) - { - $url = 'https://www.google.com/recaptcha/api/siteverify'; - $fields = array ( - 'secret' => ZM_OPT_GOOG_RECAPTCHA_SECRETKEY, - 'response' => $_REQUEST['g-recaptcha-response'], - 'remoteip' => $_SERVER['REMOTE_ADDR'] - ); - $res = do_post_request($url, http_build_query($fields)); - $responseData = json_decode($res, true); - // credit: https://github.com/google/recaptcha/blob/master/src/ReCaptcha/Response.php - // if recaptcha resulted in error, we might have to deny login - if ( isset($responseData['success']) && ($responseData['success'] == false) ) { - // PP - before we deny auth, let's make sure the error was not 'invalid secret' - // because that means the user did not configure the secret key correctly - // in this case, we prefer to let him login in and display a message to correct - // the key. Unfortunately, there is no way to check for invalid site key in code - // as it produces the same error as when you don't answer a recaptcha - if ( isset($responseData['error-codes']) && is_array($responseData['error-codes']) ) { - if ( !in_array('invalid-input-secret', $responseData['error-codes']) ) { - Error('reCaptcha authentication failed'); - return null; - } else { - Error('Invalid recaptcha secret detected'); - } - } - } // end if success==false - } // end if using reCaptcha + if ( ! $user ) { + return array(false, "Could not retrieve user $username details"); + } - // coming here means we need to authenticate the user - // if captcha existed, it was passed - - $sql = 'SELECT * FROM Users WHERE Enabled=1 AND Username = ?'; - $sql_values = array($username); - - // First retrieve the stored password - // and move password hashing to application space - - $saved_user_details = dbFetchOne($sql, NULL, $sql_values); - $password_correct = false; - $password_type = NULL; - - if ( $saved_user_details ) { - - // if the API layer asked us to login, make sure the user - // has API enabled (admin may have banned API for this user) - - if ( $from_api_layer ) { - if ( $saved_user_details['APIEnabled'] != 1 ) { - ZM\Error("API disabled for: $username"); - $_SESSION['loginFailed'] = true; - unset($user); - return false; - } - } - - $saved_password = $saved_user_details['Password']; - if ( $saved_password[0] == '*' ) { - // We assume we don't need to support mysql < 4.1 - // Starting MY SQL 4.1, mysql concats a '*' in front of its password hash - // https://blog.pythian.com/hashing-algorithm-in-mysql-password-2/ - ZM\Logger::Debug('Saved password is using MYSQL password function'); - $input_password_hash = '*'.strtoupper(sha1(sha1($password, true))); - $password_correct = ($saved_password == $input_password_hash); - $password_type = 'mysql'; - - } else if ( preg_match('/^\$2[ayb]\$.+$/', $saved_password) ) { - ZM\Logger::Debug('bcrypt signature found, assumed bcrypt password'); - $password_type = 'bcrypt'; - $password_correct = $passwordHashed ? ($password == $saved_password) : password_verify($password, $saved_password); - } + switch ( password_type($user['Password']) ) { + case 'mysql' : + // We assume we don't need to support mysql < 4.1 + // Starting MY SQL 4.1, mysql concats a '*' in front of its password hash + // https://blog.pythian.com/hashing-algorithm-in-mysql-password-2/ + ZM\Logger::Debug('Saved password is using MYSQL password function'); + $input_password_hash = '*'.strtoupper(sha1(sha1($password, true))); + $password_correct = ($user['Password'] == $input_password_hash); + break; + case 'bcrypt' : + ZM\Logger::Debug('bcrypt signature found, assumed bcrypt password'); + $password_correct = password_verify($password, $user['Password']); + break; + case 'mysql+bcrypt' : // zmupdate.pl adds a '-ZM-' prefix to overlay encrypted passwords // this is done so that we don't spend cycles doing two bcrypt password_verify calls // for every wrong password entered. This will only be invoked for passwords zmupdate.pl has // overlay hashed - else if ( substr($saved_password, 0,4) == '-ZM-' ) { - ZM\Logger::Debug("Detected bcrypt overlay hashing for $username"); - $bcrypt_hash = substr($saved_password, 4); - $mysql_encoded_password = '*'.strtoupper(sha1(sha1($password, true))); - ZM\Logger::Debug("Comparing password $mysql_encoded_password to bcrypt hash: $bcrypt_hash"); - $password_correct = password_verify($mysql_encoded_password, $bcrypt_hash); - $password_type = 'mysql'; // so we can migrate later down - } else { - // we really should nag the user not to use plain - ZM\Warning ('assuming plain text password as signature is not known. Please do not use plain, it is very insecure'); - $password_type = 'plain'; - $password_correct = ($saved_password == $password); - } - } else { - ZM\Error("Could not retrieve user $username details"); - $_SESSION['loginFailed'] = true; - unset($user); - return false; - } - - $close_session = 0; - if ( !is_session_started() ) { - session_start(); - $close_session = 1; - } - $_SESSION['remoteAddr'] = $_SERVER['REMOTE_ADDR']; // To help prevent session hijacking + ZM\Logger::Debug("Detected bcrypt overlay hashing for $username"); + $bcrypt_hash = substr($user['Password'], 4); + $mysql_encoded_password = '*'.strtoupper(sha1(sha1($password, true))); + ZM\Logger::Debug("Comparing password $mysql_encoded_password to bcrypt hash: $bcrypt_hash"); + $password_correct = password_verify($mysql_encoded_password, $bcrypt_hash); + break; + default: + // we really should nag the user not to use plain + ZM\Warning('assuming plain text password as signature is not known. Please do not use plain, it is very insecure'); + $password_correct = ($user['Password'] == $password); + } // switch password_type if ( $password_correct ) { - ZM\Info("Login successful for user \"$username\""); - $user = $saved_user_details; - if ( $password_type == 'mysql' ) { - ZM\Info('Migrating password, if possible for future logins'); - migrateHash($username, $password); - } - unset($_SESSION['loginFailed']); - if ( ZM_AUTH_TYPE == 'builtin' ) { - $_SESSION['passwordHash'] = $user['Password']; - } - $_SESSION['username'] = $user['Username']; - if ( ZM_AUTH_RELAY == 'plain' ) { - // Need to save this in session, can't use the value in User because it is hashed - $_SESSION['password'] = $_REQUEST['password']; - } - zm_session_regenerate_id(); - } else { - ZM\Warning("Login denied for user \"$username\""); - $_SESSION['loginFailed'] = true; - unset($user); + return array($user, 'OK'); } - if ( $close_session ) - session_write_close(); - return isset($user) ? $user: null; -} # end function userLogin + return array(false, "Login denied for user \"$username\""); +} # end function validateUser function userLogout() { global $user; ZM\Info('User "'.$user['Username'].'" logged out'); - unset($user); + $user = null;// unset only clears the local variable zm_session_clear(); } +function validateToken($token, $allowed_token_type='access') { -function validateToken ($token, $allowed_token_type='access', $from_api_layer=false) { global $user; $key = ZM_AUTH_HASH_SECRET; //if (ZM_AUTH_HASH_IPS) $key .= $_SERVER['REMOTE_ADDR']; try { - $decoded_token = JWT::decode($token, $key, array('HS256')); + $decoded_token = JWT::decode($token, $key, array('HS256')); } catch (Exception $e) { ZM\Error("Unable to authenticate user. error decoding JWT token:".$e->getMessage()); - return array(false, $e->getMessage()); } @@ -221,48 +132,33 @@ function validateToken ($token, $allowed_token_type='access', $from_api_layer=fa // give a hint that the user is not doing it right ZM\Error('Please do not use refresh tokens for this operation'); } - return array (false, 'Incorrect token type'); + return array(false, 'Incorrect token type'); } $username = $jwt_payload['user']; - $sql = 'SELECT * FROM Users WHERE Enabled=1 AND Username = ?'; - $sql_values = array($username); - - $saved_user_details = dbFetchOne($sql, NULL, $sql_values); + $sql = 'SELECT * FROM Users WHERE Enabled=1 AND Username=?'; + $saved_user_details = dbFetchOne($sql, NULL, array($username)); if ( $saved_user_details ) { - if ($from_api_layer && $saved_user_details['APIEnabled'] == 0) { - // if from_api_layer is true, an additional check will be done - // to make sure APIs are enabled for this user. This is a good place - // to do it, since we are doing a DB dip here. - ZM\Error ("API is disabled for \"$username\""); - unset($user); - return array(false, 'API is disabled for user'); - - } - $issuedAt = $jwt_payload['iat']; $minIssuedAt = $saved_user_details['TokenMinExpiry']; if ( $issuedAt < $minIssuedAt ) { ZM\Error("Token revoked for $username. Please generate a new token"); - $_SESSION['loginFailed'] = true; - unset($user); + $user = null;// unset only clears the local variable return array(false, 'Token revoked. Please re-generate'); } $user = $saved_user_details; return array($user, 'OK'); - } else { - ZM\Error("Could not retrieve user $username details"); - $_SESSION['loginFailed'] = true; - unset($user); - return array(false, 'No such user/credentials'); } + ZM\Error("Could not retrieve user $username details"); + $user = null;// unset only clears the local variable + return array(false, 'No such user/credentials'); } // end function validateToken($token, $allowed_token_type='access') -function getAuthUser($auth, $from_api_layer = false) { +function getAuthUser($auth) { if ( ZM_OPT_USE_AUTH && (ZM_AUTH_RELAY == 'hashed') && !empty($auth) ) { $remoteAddr = ''; if ( ZM_AUTH_HASH_IPS ) { @@ -291,19 +187,8 @@ function getAuthUser($auth, $from_api_layer = false) { $authHash = md5($authKey); if ( $auth == $authHash ) { - if ($from_api_layer && $user['APIEnabled'] == 0) { - // if from_api_layer is true, an additional check will be done - // to make sure APIs are enabled for this user. This is a good place - // to do it, since we are doing a DB dip here. - ZM\Error ("API is disabled for \"".$user['Username']."\""); - unset($user); - return array(false, 'API is disabled for user'); - - } - else { - return $user; - } - } + return $user; + } // en dif $auth == $authHash } // end foreach hour } // end foreach user } // end if using auth hash @@ -312,35 +197,28 @@ function getAuthUser($auth, $from_api_layer = false) { } // end getAuthUser($auth) function generateAuthHash($useRemoteAddr, $force=false) { - if ( ZM_OPT_USE_AUTH and (ZM_AUTH_RELAY == 'hashed') and isset($_SESSION['username']) and $_SESSION['passwordHash'] ) { + global $user; + if ( ZM_OPT_USE_AUTH and (ZM_AUTH_RELAY == 'hashed') and isset($user['Username']) and isset($user['Password']) ) { $time = time(); # We use 1800 so that we regenerate the hash at half the TTL $mintime = $time - ( ZM_AUTH_HASH_TTL * 1800 ); + # Appending the remoteAddr prevents us from using an auth hash generated for a different ip if ( $force or ( !isset($_SESSION['AuthHash'.$_SESSION['remoteAddr']]) ) or ( $_SESSION['AuthHashGeneratedAt'] < $mintime ) ) { # Don't both regenerating Auth Hash if an hour hasn't gone by yet $local_time = localtime(); $authKey = ''; if ( $useRemoteAddr ) { - $authKey = ZM_AUTH_HASH_SECRET.$_SESSION['username'].$_SESSION['passwordHash'].$_SESSION['remoteAddr'].$local_time[2].$local_time[3].$local_time[4].$local_time[5]; + $authKey = ZM_AUTH_HASH_SECRET.$user['Username'].$user['Password'].$_SESSION['remoteAddr'].$local_time[2].$local_time[3].$local_time[4].$local_time[5]; } else { - $authKey = ZM_AUTH_HASH_SECRET.$_SESSION['username'].$_SESSION['passwordHash'].$local_time[2].$local_time[3].$local_time[4].$local_time[5]; + $authKey = ZM_AUTH_HASH_SECRET.$user['Username'].$user['Password'].$local_time[2].$local_time[3].$local_time[4].$local_time[5]; } #ZM\Logger::Debug("Generated using hour:".$local_time[2] . ' mday:' . $local_time[3] . ' month:'.$local_time[4] . ' year: ' . $local_time[5] ); $auth = md5($authKey); - $close_session = 0; - if ( !is_session_started() ) { - session_start(); - $close_session = 1; - } $_SESSION['AuthHash'.$_SESSION['remoteAddr']] = $auth; $_SESSION['AuthHashGeneratedAt'] = $time; - if ( $close_session ) - session_write_close(); - #ZM\Logger::Debug("Generated new auth $auth at " . $_SESSION['AuthHashGeneratedAt']. " using $authKey" ); - #} else { - #ZM\Logger::Debug("Using cached auth " . $_SESSION['AuthHash'] ." beacuse generatedat:" . $_SESSION['AuthHashGeneratedAt'] . ' < now:'. $time . ' - ' . ZM_AUTH_HASH_TTL . ' * 1800 = '. $mintime); + # Because we don't write out the session, it shouldn't actually get written out to disk. However if it does, the GeneratedAt should protect us. } # end if AuthHash is not cached return $_SESSION['AuthHash'.$_SESSION['remoteAddr']]; } # end if using AUTH and AUTH_RELAY @@ -365,55 +243,54 @@ function canEdit($area, $mid=false) { return ( $user[$area] == 'Edit' && ( !$mid || visibleMonitor($mid) )); } -global $user; if ( ZM_OPT_USE_AUTH ) { - $close_session = 0; - if ( !is_session_started() ) { - zm_session_start(); - $close_session = 1; - } - - if ( isset($_SESSION['username']) ) { - if ( ZM_AUTH_HASH_LOGINS and (ZM_AUTH_RELAY == 'hashed') ) { - # Extra validation, if logged in, then the auth hash will be set in the session, so we can validate it. - # This prevent session modification to switch users - if ( isset($_SESSION['AuthHash'.$_SESSION['remoteAddr']]) ) - $user = getAuthUser($_SESSION['AuthHash'.$_SESSION['remoteAddr']]); - } else { - # Need to refresh permissions and validate that the user still exists - $sql = 'SELECT * FROM Users WHERE Enabled=1 AND Username=?'; - $user = dbFetchOne($sql, NULL, array($_SESSION['username'])); - } - } - - if ( ZM_AUTH_RELAY == 'plain' ) { - // Need to save this in session - $_SESSION['password'] = $user['Password']; - } - $_SESSION['remoteAddr'] = $_SERVER['REMOTE_ADDR']; // To help prevent session hijacking - - if ( ZM_AUTH_HASH_LOGINS && empty($user) && !empty($_REQUEST['auth']) ) { - if ( $authUser = getAuthUser($_REQUEST['auth']) ) { - userLogin($authUser['Username'], $authUser['Password'], true); - } - } else if ( isset($_REQUEST['username']) and isset($_REQUEST['password']) ) { - userLogin($_REQUEST['username'], $_REQUEST['password'], false); - # Because it might have migrated the password we need to update the hash - generateAuthHash(ZM_AUTH_HASH_IPS, true); - } - - if ( empty($user) && !empty($_REQUEST['token']) ) { + if ( !empty($_REQUEST['token']) ) { $ret = validateToken($_REQUEST['token'], 'access'); $user = $ret[0]; - } + } else { + // Non token based auth - if ( !empty($user) ) { - // generate it once here, while session is open. Value will be cached in session and return when called later on - generateAuthHash(ZM_AUTH_HASH_IPS); - } - if ( $close_session ) - session_write_close(); + if ( isset($_SESSION['username']) ) { + if ( ZM_AUTH_HASH_LOGINS and (ZM_AUTH_RELAY == 'hashed') ) { + # Extra validation, if logged in, then the auth hash will be set in the session, so we can validate it. + # This prevent session modification to switch users + if ( isset($_SESSION['AuthHash'.$_SESSION['remoteAddr']]) ) + $user = getAuthUser($_SESSION['AuthHash'.$_SESSION['remoteAddr']]); + else + ZM\Logger::Debug("No auth hash in session, there should have been"); + + } else { + # Need to refresh permissions and validate that the user still exists + $sql = 'SELECT * FROM Users WHERE Enabled=1 AND Username=?'; + $user = dbFetchOne($sql, NULL, array($_SESSION['username'])); + } + } else { + ZM\Logger::Debug("No username in session"); + } + + if ( ZM_AUTH_HASH_LOGINS && empty($user) && !empty($_REQUEST['auth']) ) { + $user = getAuthUser($_REQUEST['auth']); + } else if ( + ! ( + empty($_REQUEST['username']) or + empty($_REQUEST['password']) or + (defined('ZM_OPT_USE_GOOG_RECAPTCHA') && ZM_OPT_USE_GOOG_RECAPTCHA) + ) ) { + $ret = validateUser($_REQUEST['username'], $_REQUEST['password']); + if ( !$ret[0] ) { + ZM\Error($ret[1]); + unset($user); // unset should be ok here because we aren't in a function + return; + } + $user = $ret[0]; + } + + if ( !empty($user) ) { + // generate it once here, while session is open. Value will be cached in session and return when called later on + generateAuthHash(ZM_AUTH_HASH_IPS); + } + } # end if token based auth } else { $user = $defaultUser; -} +} # end if ZM_OPT_USE_AUTH ?> diff --git a/web/includes/session.php b/web/includes/session.php index 77ce43143..1e2601f08 100644 --- a/web/includes/session.php +++ b/web/includes/session.php @@ -8,7 +8,6 @@ function zm_session_start() { $currentCookieParams = session_get_cookie_params(); $currentCookieParams['lifetime'] = ZM_COOKIE_LIFETIME; - ZM\Logger::Debug('Setting cookie parameters to lifetime('.$currentCookieParams['lifetime'].') path('.$currentCookieParams['path'].') domain ('.$currentCookieParams['domain'].') secure('.$currentCookieParams['secure'].') httpOnly(1)'); session_set_cookie_params( $currentCookieParams['lifetime'], $currentCookieParams['path'], @@ -18,8 +17,10 @@ function zm_session_start() { ); ini_set('session.name', 'ZMSESSID'); + ZM\Logger::Debug('Setting cookie parameters to lifetime('.$currentCookieParams['lifetime'].') path('.$currentCookieParams['path'].') domain ('.$currentCookieParams['domain'].') secure('.$currentCookieParams['secure'].') httpOnly(1) name:'.session_name()); session_start(); + $_SESSION['remoteAddr'] = $_SERVER['REMOTE_ADDR']; // To help prevent session hijacking // Do not allow to use expired session ID if ( !empty($_SESSION['last_time']) && ($_SESSION['last_time'] < (time() - 180)) ) { ZM\Info('Destroying session due to timeout. '); @@ -28,7 +29,8 @@ function zm_session_start() { } } // function zm_session_start() -// My session regenerate id function +// session regenerate id function +// Assumes that zm_session_start has been called previously function zm_session_regenerate_id() { if ( session_status() != PHP_SESSION_ACTIVE ) { session_start(); @@ -67,5 +69,7 @@ function zm_session_clear() { } session_unset(); session_destroy(); + session_write_close(); + session_start(); } // function zm_session_clear() ?> diff --git a/web/index.php b/web/index.php index 11207f02a..93d2c8ff3 100644 --- a/web/index.php +++ b/web/index.php @@ -77,7 +77,6 @@ if ( $_SERVER['REQUEST_METHOD'] == 'OPTIONS' ) { return; } - if ( isset($_GET['skin']) ) { $skin = $_GET['skin']; } else if ( isset($_COOKIE['zmSkin']) ) { @@ -164,6 +163,7 @@ $action = null; $error_message = null; $redirect = null; $view = null; +$user = null; if ( isset($_REQUEST['view']) ) $view = detaintPath($_REQUEST['view']); @@ -175,18 +175,15 @@ $request = null; if ( isset($_REQUEST['request']) ) $request = detaintPath($_REQUEST['request']); -# User Login will be performed in auth.php require_once('includes/auth.php'); foreach ( getSkinIncludes('skin.php') as $includeFile ) { - #ZM\Logger::Debug("including $includeFile"); require_once $includeFile; } if ( isset($_REQUEST['action']) ) $action = detaintPath($_REQUEST['action']); - # The only variable we really need to set is action. The others are informal. isset($view) || $view = NULL; isset($request) || $request = NULL; @@ -207,7 +204,7 @@ if ( ( $view != 'frames' ) && ( $view != 'archive' ) ) { - require_once( 'includes/csrf/csrf-magic.php' ); + require_once('includes/csrf/csrf-magic.php'); #ZM\Logger::Debug("Calling csrf_check with the following values: \$request = \"$request\", \$view = \"$view\", \$action = \"$action\""); csrf_check(); } @@ -223,7 +220,7 @@ if ( $action ) { } # If I put this here, it protects all views and popups, but it has to go after actions.php because actions.php does the actual logging in. -if ( ZM_OPT_USE_AUTH and !isset($user) and ($view != 'login') ) { +if ( ZM_OPT_USE_AUTH and (!isset($user)) and ($view != 'login') and ($view != 'none') ) { /* AJAX check */ if ( !empty($_SERVER['HTTP_X_REQUESTED_WITH']) && strtolower($_SERVER['HTTP_X_REQUESTED_WITH']) == 'xmlhttprequest' ) { diff --git a/web/skins/classic/css/classic/skin.css b/web/skins/classic/css/classic/skin.css index b90412093..6f3ed4b97 100644 --- a/web/skins/classic/css/classic/skin.css +++ b/web/skins/classic/css/classic/skin.css @@ -324,14 +324,14 @@ th.table-th-sort span.table-th-sort-span { float: right; width: 12px; height: 12px; - background: url("/skins/classic/graphics/arrow-s-u.png") no-repeat 0 0; + background: url("../skins/classic/graphics/arrow-s-u.png") no-repeat 0 0; } th.table-th-sort-rev span.table-th-sort-span { float: right; width: 12px; height: 12px; - background: url("/skins/classic/graphics/arrow-s-d.png") no-repeat 0 0; + background: url("../skins/classic/graphics/arrow-s-d.png") no-repeat 0 0; } .table-tr-odd { diff --git a/web/skins/classic/views/console.php b/web/skins/classic/views/console.php index c4c99e166..b1cc51215 100644 --- a/web/skins/classic/views/console.php +++ b/web/skins/classic/views/console.php @@ -328,7 +328,8 @@ for( $monitor_i = 0; $monitor_i < count($displayMonitors); $monitor_i += 1 ) { ?> Date: Tue, 20 Aug 2019 10:03:44 -0400 Subject: [PATCH 450/922] Only parse the filter if it is valid. Remove unused filterQuery var --- web/skins/classic/views/montagereview.php | 5 +++-- 1 file changed, 3 insertions(+), 2 deletions(-) diff --git a/web/skins/classic/views/montagereview.php b/web/skins/classic/views/montagereview.php index 29c32deaf..4e216f380 100644 --- a/web/skins/classic/views/montagereview.php +++ b/web/skins/classic/views/montagereview.php @@ -88,12 +88,13 @@ if ( isset($_REQUEST['filter']) ) { } } } # end if REQUEST[Filter] +} +if ( count($filter) ) { parseFilter($filter); # This is to enable the download button - session_start(); + zm_session_start(); $_SESSION['montageReviewFilter'] = $filter; session_write_close(); - $filterQuery = $filter['query']; } // Note that this finds incomplete events as well, and any frame records written, but still cannot "see" to the end frame From 7ef26275bcb8b299956068da9679c40fc3e0430d Mon Sep 17 00:00:00 2001 From: Isaac Connor Date: Tue, 20 Aug 2019 10:28:19 -0400 Subject: [PATCH 451/922] use isset to get rid of warnings when eid is not in REQUEST --- web/includes/functions.php | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/web/includes/functions.php b/web/includes/functions.php index 2524ef65f..f4e2c8f37 100644 --- a/web/includes/functions.php +++ b/web/includes/functions.php @@ -1478,7 +1478,7 @@ function sortHeader( $field, $querySep='&' ) { 'sort_field='.$field, 'sort_asc='.($_REQUEST['sort_field'] == $field ? !$_REQUEST['sort_asc'] : 0), 'limit='.validInt($_REQUEST['limit']), - ($_REQUEST['eid'] ? 'eid='.$_REQUEST['eid'] : '' ), + (isset($_REQUEST['eid']) ? 'eid='.$_REQUEST['eid'] : '' ), )); } From 4a82ce83a7a3693aaded6b536d346d0212b8df70 Mon Sep 17 00:00:00 2001 From: Isaac Connor Date: Tue, 20 Aug 2019 11:13:38 -0400 Subject: [PATCH 452/922] quit a bit earlier when stream is broken. --- src/zm_eventstream.cpp | 4 +++- 1 file changed, 3 insertions(+), 1 deletion(-) diff --git a/src/zm_eventstream.cpp b/src/zm_eventstream.cpp index 6bbfbe5c2..2ca12972d 100644 --- a/src/zm_eventstream.cpp +++ b/src/zm_eventstream.cpp @@ -920,8 +920,10 @@ void EventStream::runStream() { } // end if streaming stepping or doing nothing if ( send_frame ) { - if ( !sendFrame(delta_us) ) + if ( !sendFrame(delta_us) ) { zm_terminate = true; + break; + } } curr_stream_time = frame_data->timestamp; From 01e988ffba6fc6de87543d10a93c962f0b54b953 Mon Sep 17 00:00:00 2001 From: Isaac Connor Date: Tue, 20 Aug 2019 14:09:47 -0400 Subject: [PATCH 453/922] remove some redundant debugs. Improve some messages --- src/zm_ffmpeg.cpp | 6 ++--- src/zm_ffmpeg_camera.cpp | 50 ++++++++++++---------------------------- src/zm_ffmpeg_camera.h | 6 ++--- 3 files changed, 20 insertions(+), 42 deletions(-) diff --git a/src/zm_ffmpeg.cpp b/src/zm_ffmpeg.cpp index 58d4db980..12e813905 100644 --- a/src/zm_ffmpeg.cpp +++ b/src/zm_ffmpeg.cpp @@ -480,9 +480,9 @@ bool is_audio_context( AVCodecContext *codec_context ) { int zm_receive_frame(AVCodecContext *context, AVFrame *frame, AVPacket &packet) { int ret; #if LIBAVCODEC_VERSION_CHECK(57, 64, 0, 64, 0) - if ( (ret = avcodec_send_packet(context, &packet)) < 0 ) { - Error( "Unable to send packet %s, continuing", - av_make_error_string(ret).c_str() ); + if ( (ret = avcodec_send_packet(context, &packet)) < 0 ) { + Error("Unable to send packet %s, continuing", + av_make_error_string(ret).c_str()); return ret; } diff --git a/src/zm_ffmpeg_camera.cpp b/src/zm_ffmpeg_camera.cpp index 686123ce3..a9cd445ed 100644 --- a/src/zm_ffmpeg_camera.cpp +++ b/src/zm_ffmpeg_camera.cpp @@ -137,8 +137,6 @@ FfmpegCamera::FfmpegCamera( Initialise(); } - hwaccel = false; - mFormatContext = NULL; mVideoStreamId = -1; mAudioStreamId = -1; @@ -362,16 +360,14 @@ int FfmpegCamera::OpenFfmpeg() { } av_dict_free(&opts); - Info("Stream open %s, parsing streams...", mPath.c_str()); - #if !LIBAVFORMAT_VERSION_CHECK(53, 6, 0, 6, 0) ret = av_find_stream_info(mFormatContext); #else ret = avformat_find_stream_info(mFormatContext, 0); #endif if ( ret < 0 ) { - Error("Unable to find stream info from %s due to: %s", mPath.c_str(), - av_make_error_string(ret).c_str()); + Error("Unable to find stream info from %s due to: %s", + mPath.c_str(), av_make_error_string(ret).c_str()); return -1; } @@ -397,8 +393,10 @@ int FfmpegCamera::OpenFfmpeg() { } } } // end foreach stream - if ( mVideoStreamId == -1 ) - Fatal("Unable to locate video stream in %s", mPath.c_str()); + if ( mVideoStreamId == -1 ) { + Error("Unable to locate video stream in %s", mPath.c_str()); + return -1; + } Debug(3, "Found video stream at index %d, audio stream at index %d", mVideoStreamId, mAudioStreamId); @@ -436,7 +434,6 @@ int FfmpegCamera::OpenFfmpeg() { } } - Debug(1, "Video Found decoder %s", mVideoCodec->name); zm_dump_stream_format(mFormatContext, mVideoStreamId, 0, 0); if ( hwaccel_name != "" ) { @@ -457,7 +454,7 @@ int FfmpegCamera::OpenFfmpeg() { } #if LIBAVUTIL_VERSION_CHECK(56, 22, 0, 14, 0) - // Get h_pix_fmt + // Get hw_pix_fmt for ( int i = 0;; i++ ) { const AVCodecHWConfig *config = avcodec_get_hw_config(mVideoCodec, i); if ( !config ) { @@ -483,22 +480,18 @@ int FfmpegCamera::OpenFfmpeg() { #endif if ( hw_pix_fmt != AV_PIX_FMT_NONE ) { Debug(1, "Selected hw_pix_fmt %d %s", - hw_pix_fmt, - av_get_pix_fmt_name(hw_pix_fmt)); + hw_pix_fmt, av_get_pix_fmt_name(hw_pix_fmt)); mVideoCodecContext->get_format = get_hw_format; - Debug(1, "Creating hwdevice for %s", - (hwaccel_device != "" ? hwaccel_device.c_str() : "")); ret = av_hwdevice_ctx_create(&hw_device_ctx, type, (hwaccel_device != "" ? hwaccel_device.c_str(): NULL), NULL, 0); if ( ret < 0 ) { - Error("Failed to create specified HW device."); + Error("Failed to create hwaccel device."); return -1; } - Debug(1, "Created hwdevice"); + Debug(1, "Created hwdevice for %s", hwaccel_device.c_str()); mVideoCodecContext->hw_device_ctx = av_buffer_ref(hw_device_ctx); - hwaccel = true; hwFrame = zm_av_frame_alloc(); } else { Debug(1, "Failed to setup hwaccel."); @@ -528,11 +521,7 @@ int FfmpegCamera::OpenFfmpeg() { } zm_dump_codec(mVideoCodecContext); - if ( mVideoCodecContext->hwaccel != NULL ) { - Debug(1, "HWACCEL in use"); - } else { - Debug(1, "HWACCEL not in use"); - } + Debug(1, hwFrame ? "HWACCEL in use" : "HWACCEL not in use"); if ( mAudioStreamId >= 0 ) { if ( (mAudioCodec = avcodec_find_decoder( @@ -593,21 +582,15 @@ int FfmpegCamera::OpenFfmpeg() { #if HAVE_LIBSWSCALE if ( !sws_isSupportedInput(mVideoCodecContext->pix_fmt) ) { - Error("swscale does not support the codec format: %c%c%c%c", - (mVideoCodecContext->pix_fmt)&0xff, - ((mVideoCodecContext->pix_fmt >> 8)&0xff), - ((mVideoCodecContext->pix_fmt >> 16)&0xff), - ((mVideoCodecContext->pix_fmt >> 24)&0xff) + Error("swscale does not support the codec format for input: %s", + av_get_pix_fmt_name(mVideoCodecContext->pix_fmt) ); return -1; } if ( !sws_isSupportedOutput(imagePixFormat) ) { - Error("swscale does not support the target format: %c%c%c%c", - (imagePixFormat)&0xff, - ((imagePixFormat>>8)&0xff), - ((imagePixFormat>>16)&0xff), - ((imagePixFormat>>24)&0xff) + Error("swscale does not support the target format: %s", + av_get_pix_fmt_name(imagePixFormat) ); return -1; } @@ -953,7 +936,6 @@ int FfmpegCamera::CaptureAndRecord( continue; } if ( error_count > 0 ) error_count--; - Debug(3, "Decoded video packet at frame %d", frameCount); zm_dump_video_frame(mRawFrame, "raw frame from decoder"); #if HAVE_LIBAVUTIL_HWCONTEXT_H #if LIBAVCODEC_VERSION_CHECK(57, 89, 0, 89, 0) @@ -983,8 +965,6 @@ int FfmpegCamera::CaptureAndRecord( } #endif #endif - - Debug(4, "Got frame %d", frameCount); if ( transfer_to_image(image, mFrame, input_frame) < 0 ) { Error("Failed to transfer from frame to image"); zm_av_packet_unref(&packet); diff --git a/src/zm_ffmpeg_camera.h b/src/zm_ffmpeg_camera.h index 0dbb95805..7a6439ee4 100644 --- a/src/zm_ffmpeg_camera.h +++ b/src/zm_ffmpeg_camera.h @@ -59,11 +59,9 @@ class FfmpegCamera : public Camera { _AVPIXELFORMAT imagePixFormat; AVFrame *input_frame; // Use to point to mRawFrame or hwFrame; - bool hwaccel; - AVFrame *hwFrame; + AVFrame *hwFrame; // Will also be used to indicate if hwaccel is in use #if HAVE_LIBAVUTIL_HWCONTEXT_H - DecodeContext decode; - AVBufferRef *hw_device_ctx = NULL; + AVBufferRef *hw_device_ctx = NULL; #endif // Used to store the incoming packet, it will get copied when queued. From 886a203bf16af8bf8fcbd175525a4070b6bd97de Mon Sep 17 00:00:00 2001 From: Isaac Connor Date: Wed, 21 Aug 2019 10:11:58 -0400 Subject: [PATCH 454/922] Support hwaccel for non-passthrough case as well --- src/zm_ffmpeg_camera.cpp | 33 +++++++++++++++++++++++++++++++-- 1 file changed, 31 insertions(+), 2 deletions(-) diff --git a/src/zm_ffmpeg_camera.cpp b/src/zm_ffmpeg_camera.cpp index a9cd445ed..f1031d054 100644 --- a/src/zm_ffmpeg_camera.cpp +++ b/src/zm_ffmpeg_camera.cpp @@ -269,9 +269,38 @@ int FfmpegCamera::Capture(Image &image) { } frameComplete = 1; - Debug(4, "Decoded video packet at frame %d", frameCount); + zm_dump_video_frame(mRawFrame, "raw frame from decoder"); - if ( transfer_to_image(image, mFrame, mRawFrame) < 0 ) { +#if HAVE_LIBAVUTIL_HWCONTEXT_H +#if LIBAVCODEC_VERSION_CHECK(57, 89, 0, 89, 0) + if ( + (hw_pix_fmt != AV_PIX_FMT_NONE) + && + (mRawFrame->format == hw_pix_fmt) + ) { + /* retrieve data from GPU to CPU */ + ret = av_hwframe_transfer_data(hwFrame, mRawFrame, 0); + if ( ret < 0 ) { + Error("Unable to transfer frame at frame %d: %s, continuing", + frameCount, av_make_error_string(ret).c_str()); + zm_av_packet_unref(&packet); + continue; + } + zm_dump_video_frame(hwFrame, "After hwtransfer"); + + hwFrame->pts = mRawFrame->pts; + input_frame = hwFrame; + } else { +#endif +#endif + input_frame = mRawFrame; +#if HAVE_LIBAVUTIL_HWCONTEXT_H +#if LIBAVCODEC_VERSION_CHECK(57, 89, 0, 89, 0) + } +#endif +#endif + + if ( transfer_to_image(image, mFrame, input_frame) < 0 ) { zm_av_packet_unref(&packet); return -1; } From 45aa5bd58c4f761b38419cc7bfb7c7eb71c3a107 Mon Sep 17 00:00:00 2001 From: Isaac Connor Date: Thu, 22 Aug 2019 08:28:42 -0400 Subject: [PATCH 455/922] Code style, spacing, quotes and documentation --- scripts/ZoneMinder/lib/ZoneMinder/Control.pm | 41 +++++++------------- 1 file changed, 13 insertions(+), 28 deletions(-) diff --git a/scripts/ZoneMinder/lib/ZoneMinder/Control.pm b/scripts/ZoneMinder/lib/ZoneMinder/Control.pm index bbc06a884..dabc7897e 100644 --- a/scripts/ZoneMinder/lib/ZoneMinder/Control.pm +++ b/scripts/ZoneMinder/lib/ZoneMinder/Control.pm @@ -77,7 +77,7 @@ sub getKey { sub open { my $self = shift; - Fatal( "No open method defined for protocol ".$self->{name} ); + Fatal('No open method defined for protocol '.$self->{name}); } sub close { @@ -89,8 +89,8 @@ sub close { sub loadMonitor { my $self = shift; if ( !$self->{Monitor} ) { - if ( !($self->{Monitor} = zmDbGetMonitor( $self->{id} )) ) { - Fatal( "Monitor id ".$self->{id}." not found or not controllable" ); + if ( !($self->{Monitor} = zmDbGetMonitor($self->{id})) ) { + Fatal('Monitor id '.$self->{id}.' not found or not controllable'); } if ( defined($self->{Monitor}->{AutoStopTimeout}) ) { # Convert to microseconds. @@ -106,11 +106,11 @@ sub getParam { my $default = shift; if ( defined($params->{$name}) ) { - return( $params->{$name} ); + return $params->{$name}; } elsif ( defined($default) ) { - return( $default ); + return $default; } - Fatal( "Missing mandatory parameter '$name'" ); + Fatal("Missing mandatory parameter '$name'"); } sub executeCommand { @@ -126,52 +126,37 @@ sub executeCommand { #{ #Fatal( "Unsupported command '$command'" ); #} - &{$self->{$command}}( $self, $params ); + &{$self->{$command}}($self, $params); } sub printMsg { my $self = shift; - Fatal( "No printMsg method defined for protocol ".$self->{name} ); + Fatal('No printMsg method defined for protocol '.$self->{name}); } 1; __END__ -# Below is stub documentation for your module. You'd better edit it! =head1 NAME -ZoneMinder::Database - Perl extension for blah blah blah +ZoneMinder::Control - Parent class defining Control API =head1 SYNOPSIS -use ZoneMinder::Database; -blah blah blah +use ZoneMinder::Control; + +This should be used as the parent class for packages implementing control +apis for various cameras. =head1 DESCRIPTION -Stub documentation for ZoneMinder, created by h2xs. It looks like the -author of the extension was negligent enough to leave the stub -unedited. -Blah blah blah. =head2 EXPORT None by default. - -=head1 SEE ALSO - -Mention other useful documentation such as the documentation of -related modules or operating system documentation (such as man pages -in UNIX), or any relevant external documentation such as RFCs or -standards. - -If you have a mailing list set up for your module, mention it here. - -If you have a web site set up for your module, mention it here. - =head1 AUTHOR Philip Coombes, Ephilip.coombes@zoneminder.comE From 7598654740f49e3320c2294648ca4c826c0b55b7 Mon Sep 17 00:00:00 2001 From: Isaac Connor Date: Fri, 23 Aug 2019 17:58:40 -0400 Subject: [PATCH 456/922] add auth hash to ajax streams, and use monitorUrl instead of thisUrl to talk to zms --- web/skins/classic/views/js/event.js | 13 ++++++++++--- web/skins/classic/views/js/event.js.php | 1 + 2 files changed, 11 insertions(+), 3 deletions(-) diff --git a/web/skins/classic/views/js/event.js b/web/skins/classic/views/js/event.js index 79893336f..94d47f20b 100644 --- a/web/skins/classic/views/js/event.js +++ b/web/skins/classic/views/js/event.js @@ -201,6 +201,8 @@ function changeReplayMode() { } var streamParms = "view=request&request=stream&connkey="+connKey; +if ( auth_hash ) + streamCmdParms += '&auth='+auth_hash; var streamCmdTimer = null; var streamStatus = null; @@ -268,7 +270,7 @@ function getCmdResponse( respObj, respText ) { } var streamReq = new Request.JSON( { - url: thisUrl, + url: monitorUrl, method: 'get', timeout: AJAX_TIMEOUT, link: 'chain', @@ -310,7 +312,8 @@ function playClicked( ) { vjsPlay(); //handles fast forward and rewind } } else { - streamReq.send( streamParms+"&command="+CMD_PLAY ); +console.log("sending"+streamParms+"&command="+CMD_PLAY); + streamReq.send(streamParms+"&command="+CMD_PLAY); streamPlay(); } } @@ -406,7 +409,7 @@ function streamFastRev( action ) { } }, 500); //500ms is a compromise between smooth reverse and realistic performance } else { - streamReq.send( streamParms+"&command="+CMD_FASTREV ); + streamReq.send(streamParms+"&command="+CMD_FASTREV); } } @@ -597,6 +600,8 @@ var eventReq = new Request.JSON( {url: thisUrl, method: 'get', timeout: AJAX_TIM function eventQuery( eventId ) { var eventParms = "view=request&request=status&entity=event&id="+eventId; + if ( auth_hash ) + eventParms += '&auth='+auth_hash; eventReq.send( eventParms ); } @@ -897,6 +902,8 @@ var actReq = new Request.JSON( {url: thisUrl, method: 'get', timeout: AJAX_TIMEO function actQuery( action, parms ) { var actParms = "view=request&request=event&id="+eventData.Id+"&action="+action; + if ( auth_hash ) + actParms += '&auth='+auth_hash; if ( parms != null ) { actParms += "&"+Object.toQueryString( parms ); } diff --git a/web/skins/classic/views/js/event.js.php b/web/skins/classic/views/js/event.js.php index 5df0be70d..c4d808bca 100644 --- a/web/skins/classic/views/js/event.js.php +++ b/web/skins/classic/views/js/event.js.php @@ -36,6 +36,7 @@ var eventData = { Frames: 'Frames() ?>', MonitorName: 'Name() ?>' }; +var monitorUrl = 'UrlToIndex(); ?>'; var filterQuery = ''; var sortQuery = ''; From e707bd8e72590032b7b34925679d030f4fde745b Mon Sep 17 00:00:00 2001 From: Isaac Connor Date: Fri, 23 Aug 2019 17:59:29 -0400 Subject: [PATCH 457/922] correct getting frame_id so we get images instead of nodata --- web/skins/classic/views/js/montagereview.js | 7 +++++-- 1 file changed, 5 insertions(+), 2 deletions(-) diff --git a/web/skins/classic/views/js/montagereview.js b/web/skins/classic/views/js/montagereview.js index f95268e5a..06f23170f 100644 --- a/web/skins/classic/views/js/montagereview.js +++ b/web/skins/classic/views/js/montagereview.js @@ -154,9 +154,12 @@ function getImageSource(monId, time) { var duration = Frame.NextTimeStampSecs - Frame.TimeStampSecs; frame_id = Frame.FrameId + parseInt( (NextFrame.FrameId-Frame.FrameId) * ( time-Frame.TimeStampSecs )/duration ); //console.log("Have NextFrame: duration: " + duration + " frame_id = " + frame_id + " from " + NextFrame.FrameId + ' - ' + Frame.FrameId + " time: " + (time-Frame.TimeStampSecs) ); - } + } else { + frame_id = Frame.FrameId; + } + } else { - frame_id = Frame['Id']; + frame_id = Frame.FrameId; console.log("No NextFrame"); } Event = events[Frame.EventId]; From 2fe94422573e0d616532c2a4e67069ddd3606fc1 Mon Sep 17 00:00:00 2001 From: Isaac Connor Date: Fri, 23 Aug 2019 18:17:26 -0400 Subject: [PATCH 458/922] Fix time_base conversion when flushing audio queue. Add more debugging. COrrect pkt_Duration when resampling audio --- src/zm_videostore.cpp | 5 ++++- 1 file changed, 4 insertions(+), 1 deletion(-) diff --git a/src/zm_videostore.cpp b/src/zm_videostore.cpp index 8ea93047d..d71e3af2a 100644 --- a/src/zm_videostore.cpp +++ b/src/zm_videostore.cpp @@ -512,7 +512,7 @@ VideoStore::~VideoStore() { pkt.dts -= audio_first_dts; pkt.dts = av_rescale_q( pkt.dts, - audio_in_ctx->time_base, + audio_in_stream->time_base, audio_out_stream->time_base); Debug(2, "pkt.dts = %" PRId64 " - first_dts(%" PRId64 ")", pkt.dts, audio_first_dts); @@ -1240,6 +1240,8 @@ int VideoStore::resample_audio() { av_make_error_string(ret).c_str()); return 0; } + zm_dump_frame(out_frame, "Out frame after resample"); + out_frame->pkt_duration = in_frame->pkt_duration; // resampling doesn't alter duration ret = av_audio_fifo_realloc(fifo, av_audio_fifo_size(fifo) + out_frame->nb_samples); if ( ret < 0 ) { @@ -1267,6 +1269,7 @@ int VideoStore::resample_audio() { return 0; } out_frame->nb_samples = frame_size; + zm_dump_frame(out_frame, "Out frame after fifo read"); // resampling changes the duration because the timebase is 1/samples // I think we should be dealing in codec timebases not stream if ( in_frame->pts != AV_NOPTS_VALUE ) { From 73ba699dc47935a4058547b0f173fbe87e4334fd Mon Sep 17 00:00:00 2001 From: Isaac Connor Date: Fri, 23 Aug 2019 18:17:45 -0400 Subject: [PATCH 459/922] Sort filter fields dropdown --- web/skins/classic/views/filter.php | 50 +++++++++++++++--------------- 1 file changed, 25 insertions(+), 25 deletions(-) diff --git a/web/skins/classic/views/filter.php b/web/skins/classic/views/filter.php index 0c078daf0..67eaf7fc2 100644 --- a/web/skins/classic/views/filter.php +++ b/web/skins/classic/views/filter.php @@ -68,38 +68,38 @@ if ( count($terms) ) { } $attrTypes = array( + 'AlarmFrames' => translate('AttrAlarmFrames'), + 'Archived' => translate('AttrArchiveStatus'), + 'AvgScore' => translate('AttrAvgScore'), + 'Cause' => translate('AttrCause'), + 'DiskBlocks' => translate('AttrDiskBlocks'), + 'DiskPercent' => translate('AttrDiskPercent'), + 'DiskSpace' => translate('AttrDiskSpace'), + 'EndDateTime' => translate('AttrEndDateTime'), + 'EndDate' => translate('AttrEndDate'), + 'EndTime' => translate('AttrEndTime'), + 'FilterServerId' => translate('AttrFilterServer'), + 'Frames' => translate('AttrFrames'), + 'EndWeekday' => translate('AttrEndWeekday'), + 'Id' => translate('AttrId'), + 'Length' => translate('AttrDuration'), + 'Name' => translate('AttrName'), + 'Notes' => translate('AttrNotes'), + 'MaxScore' => translate('AttrMaxScore'), 'MonitorId' => translate('AttrMonitorId'), 'MonitorName' => translate('AttrMonitorName'), - 'Id' => translate('AttrId'), - 'Name' => translate('AttrName'), - 'Cause' => translate('AttrCause'), - 'Notes' => translate('AttrNotes'), + 'MonitorServerId' => translate('AttrMonitorServer'), + 'SecondaryStorageId' => translate('AttrSecondaryStorageArea'), + 'ServerId' => translate('AttrMonitorServer'), 'StartDateTime' => translate('AttrStartDateTime'), 'StartDate' => translate('AttrStartDate'), 'StartTime' => translate('AttrStartTime'), 'StartWeekday' => translate('AttrStartWeekday'), - 'EndDateTime' => translate('AttrEndDateTime'), - 'EndDate' => translate('AttrEndDate'), - 'EndTime' => translate('AttrEndTime'), - 'EndWeekday' => translate('AttrEndWeekday'), - 'Length' => translate('AttrDuration'), - 'Frames' => translate('AttrFrames'), - 'AlarmFrames' => translate('AttrAlarmFrames'), - 'TotScore' => translate('AttrTotalScore'), - 'AvgScore' => translate('AttrAvgScore'), - 'MaxScore' => translate('AttrMaxScore'), - 'Archived' => translate('AttrArchiveStatus'), - 'DiskBlocks' => translate('AttrDiskBlocks'), - 'DiskPercent' => translate('AttrDiskPercent'), - 'DiskSpace' => translate('AttrDiskSpace'), - 'SystemLoad' => translate('AttrSystemLoad'), - 'StorageId' => translate('AttrStorageArea'), - 'SecondaryStorageId' => translate('AttrSecondaryStorageArea'), - 'ServerId' => translate('AttrMonitorServer'), - 'FilterServerId' => translate('AttrFilterServer'), - 'MonitorServerId' => translate('AttrMonitorServer'), - 'StorageServerId' => translate('AttrStorageServer'), 'StateId' => translate('AttrStateId'), + 'StorageId' => translate('AttrStorageArea'), + 'StorageServerId' => translate('AttrStorageServer'), + 'SystemLoad' => translate('AttrSystemLoad'), + 'TotScore' => translate('AttrTotalScore'), ); $opTypes = array( From 3e84597900f6c29831add102008912bd1034c994 Mon Sep 17 00:00:00 2001 From: Isaac Connor Date: Sun, 25 Aug 2019 11:36:23 -0400 Subject: [PATCH 460/922] Backtick escape table and column names for mysql8 --- scripts/zmpkg.pl.in | 28 ++++++++++++++-------------- 1 file changed, 14 insertions(+), 14 deletions(-) diff --git a/scripts/zmpkg.pl.in b/scripts/zmpkg.pl.in index 3f6e18fa1..bf6f79fbb 100644 --- a/scripts/zmpkg.pl.in +++ b/scripts/zmpkg.pl.in @@ -57,7 +57,7 @@ my $dbh = zmDbConnect(); Debug("Command: $command"); if ( $command and ( $command !~ /^(?:start|stop|restart|status|logrot|version)$/ ) ) { # Check to see if it's a valid run state - my $sql = 'SELECT * FROM States WHERE Name=?'; + my $sql = 'SELECT * FROM `States` WHERE `Name`=?'; my $sth = $dbh->prepare_cached($sql) or Fatal("Can't prepare '$sql': ".$dbh->errstr()); my $res = $sth->execute($command) @@ -98,7 +98,7 @@ my $retval = 0; if ( $command eq 'state' ) { Info("Updating DB: $state->{Name}"); - my $sql = 'SELECT * FROM Monitors' . ($Config{ZM_SERVER_ID} ? ' WHERE ServerId=?' : '' ) .' ORDER BY Id ASC'; + my $sql = 'SELECT * FROM `Monitors`' . ($Config{ZM_SERVER_ID} ? ' WHERE `ServerId`=?' : '' ) .' ORDER BY `Id` ASC'; my $sth = $dbh->prepare_cached($sql) or Fatal("Can't prepare '$sql': ".$dbh->errstr()); my $res = $sth->execute($Config{ZM_SERVER_ID} ? $Config{ZM_SERVER_ID}: ()) @@ -118,7 +118,7 @@ if ( $command eq 'state' ) { if ( $monitor->{Function} ne $monitor->{NewFunction} || $monitor->{Enabled} ne $monitor->{NewEnabled} ) { - my $sql = 'UPDATE Monitors SET Function=?, Enabled=? WHERE Id=?'; + my $sql = 'UPDATE `Monitors` SET `Function`=?, `Enabled`=? WHERE `Id`=?'; my $sth = $dbh->prepare_cached($sql) or Fatal("Can't prepare '$sql': ".$dbh->errstr()); my $res = $sth->execute($monitor->{NewFunction}, $monitor->{NewEnabled}, $monitor->{Id}) @@ -130,7 +130,7 @@ if ( $command eq 'state' ) { # PP - Now mark a specific state as active resetStates(); Info("Marking $store_state as Enabled"); - $sql = 'UPDATE States SET IsActive = 1 WHERE Name = ?'; + $sql = 'UPDATE `States` SET `IsActive` = 1 WHERE `Name` = ?'; $sth = $dbh->prepare_cached($sql) or Fatal("Can't prepare '$sql': ".$dbh->errstr()); $res = $sth->execute($store_state) @@ -197,11 +197,11 @@ if ( $command =~ /^(?:start|restart)$/ ) { require ZoneMinder::Server; Info("Multi-server configuration detected. Starting up services for server $Config{ZM_SERVER_ID}"); $Server = new ZoneMinder::Server($Config{ZM_SERVER_ID}); - $sql = 'SELECT * FROM Monitors WHERE ServerId=?'; + $sql = 'SELECT * FROM `Monitors` WHERE `ServerId`=?'; @values = ( $Config{ZM_SERVER_ID} ); } else { Info('Single server configuration detected. Starting up services.'); - $sql = 'SELECT * FROM Monitors'; + $sql = 'SELECT * FROM `Monitors`'; } { @@ -237,7 +237,7 @@ if ( $command =~ /^(?:start|restart)$/ ) { } { - my $sql = 'SELECT Id FROM Filters WHERE Background=1'; + my $sql = 'SELECT `Id` FROM `Filters` WHERE `Background`=1'; my $sth = $dbh->prepare_cached($sql) or Fatal("Can't prepare '$sql': ".$dbh->errstr()); my $res = $sth->execute() @@ -311,25 +311,25 @@ sub isActiveSanityCheck { $dbh = zmDbConnect() if ! $dbh; # PP - First, make sure default exists and there is only one - my $sql = q`SELECT Name FROM States WHERE Name='default'`; + my $sql = 'SELECT `Name` FROM `States` WHERE `Name`=?'; my $sth = $dbh->prepare_cached($sql) or Fatal("Can't prepare '$sql': ".$dbh->errstr()); - my $res = $sth->execute() + my $res = $sth->execute('default') or Fatal("Can't execute: ".$sth->errstr()); if ( $sth->rows != 1 ) { # PP - no row, or too many rows. Either case is an error Info('Fixing States table - either no default state or duplicate default states'); if ( $sth->rows ) { - $dbh->do(q`DELETE FROM States WHERE Name='default'`) or Fatal("Can't execute: ".$dbh->errstr()); + $dbh->do('DELETE FROM `States` WHERE `Name`=\'default\'') or Fatal("Can't execute: ".$dbh->errstr()); } - $dbh->do(q`INSERT INTO States (Name,Definition,IsActive) VALUES ('default','','1');`) + $dbh->do('INSERT INTO `States` (`Name`,`Definition`,`IsActive`) VALUES (\'default\',\'\',\'1\');') or Fatal("Can't execute: ".$dbh->errstr()); } $sth->finish(); # PP - Now make sure no two states have IsActive=1 - $sql = 'SELECT Name FROM States WHERE IsActive = 1'; + $sql = 'SELECT `Name` FROM `States` WHERE `IsActive`=1'; $sth = $dbh->prepare_cached($sql) or Fatal("Can't prepare '$sql': ".$dbh->errstr()); $res = $sth->execute() @@ -338,7 +338,7 @@ sub isActiveSanityCheck { if ( $sth->rows != 1 ) { Info('Fixing States table so only one run state is active'); resetStates(); - $dbh->do(q`UPDATE States SET IsActive=1 WHERE Name='default'`) + $dbh->do('UPDATE `States` SET `IsActive`=1 WHERE `Name`=\'default\'') or Fatal("Can't execute: ".$dbh->errstr()); } $sth->finish(); @@ -347,7 +347,7 @@ sub isActiveSanityCheck { # PP - zeroes out isActive for all states sub resetStates { $dbh = zmDbConnect() if ! $dbh; - $dbh->do('UPDATE States SET IsActive=0') + $dbh->do('UPDATE `States` SET `IsActive`=0') or Fatal("Can't execute: ".$dbh->errstr()); } From 5f5d5f691a8f238325b4816ad06e912cc44044e6 Mon Sep 17 00:00:00 2001 From: Isaac Connor Date: Sun, 25 Aug 2019 12:30:06 -0400 Subject: [PATCH 461/922] Add backticks for mysql 8 --- scripts/ZoneMinder/lib/ZoneMinder/Object.pm | 49 ++-- scripts/zmaudit.pl.in | 241 ++++++++++---------- scripts/zmfilter.pl.in | 48 ++-- scripts/zmupdate.pl.in | 8 +- 4 files changed, 170 insertions(+), 176 deletions(-) diff --git a/scripts/ZoneMinder/lib/ZoneMinder/Object.pm b/scripts/ZoneMinder/lib/ZoneMinder/Object.pm index a3f08a402..b1d3c3cde 100644 --- a/scripts/ZoneMinder/lib/ZoneMinder/Object.pm +++ b/scripts/ZoneMinder/lib/ZoneMinder/Object.pm @@ -95,27 +95,26 @@ sub new { sub load { my ( $self, $data ) = @_; my $type = ref $self; - if ( ! $data ) { + if ( !$data ) { no strict 'refs'; my $table = ${$type.'::table'}; if ( ! $table ) { - Error( 'NO table for type ' . $type ); + Error('No table for type '.$type); return; } # end if my $primary_key = ${$type.'::primary_key'}; - if ( ! $primary_key ) { - Error( 'NO primary_key for type ' . $type ); + if ( !$primary_key ) { + Error('No primary_key for type '.$type); return; } # end if if ( ! $$self{$primary_key} ) { my ( $caller, undef, $line ) = caller; - Error( (ref $self) . "::load called without $primary_key from $caller:$line"); + Error("$type ::load called without $primary_key from $caller:$line"); } else { -#$log->debug("Object::load Loading from db $type"); Debug("Loading $type from $table WHERE $primary_key = $$self{$primary_key}"); - $data = $ZoneMinder::Database::dbh->selectrow_hashref( "SELECT * FROM $table WHERE $primary_key=?", {}, $$self{$primary_key} ); - if ( ! $data ) { + $data = $ZoneMinder::Database::dbh->selectrow_hashref("SELECT * FROM `$table` WHERE `$primary_key`=?", {}, $$self{$primary_key}); + if ( !$data ) { if ( $ZoneMinder::Database::dbh->errstr ) { Error( "Failure to load Object record for $$self{$primary_key}: Reason: " . $ZoneMinder::Database::dbh->errstr ); } else { @@ -137,26 +136,26 @@ sub lock_and_load { no strict 'refs'; my $table = ${$type.'::table'}; if ( ! $table ) { - Error('NO table for type ' . $type); + Error('NO table for type '.$type); return; } # end if my $primary_key = ${$type.'::primary_key'}; - if ( ! $primary_key ) { - Error('NO primary_key for type ' . $type); + if ( !$primary_key ) { + Error('No primary_key for type ' . $type); return; } # end if - if ( ! $$self{$primary_key} ) { + if ( !$$self{$primary_key} ) { my ( $caller, undef, $line ) = caller; Error("$type ::lock_and_load called without $primary_key from $caller:$line"); return; } Debug("Lock and Load $type from $table WHERE $primary_key = $$self{$primary_key}"); - my $data = $ZoneMinder::Database::dbh->selectrow_hashref("SELECT * FROM $table WHERE $primary_key=? FOR UPDATE", {}, $$self{$primary_key}); + my $data = $ZoneMinder::Database::dbh->selectrow_hashref("SELECT * FROM `$table` WHERE `$primary_key`=? FOR UPDATE", {}, $$self{$primary_key}); if ( ! $data ) { if ( $ZoneMinder::Database::dbh->errstr ) { - Error("Failure to load Object record for $$self{$primary_key}: Reason: " . $ZoneMinder::Database::dbh->errstr); + Error("Failure to load Object record for $$self{$primary_key}: Reason: ".$ZoneMinder::Database::dbh->errstr); } else { Debug("No Results Lock and Loading $type from $table WHERE $primary_key = $$self{$primary_key}"); } # end if @@ -216,12 +215,12 @@ sub save { $log->debug("No serial") if $debug; # No serial columns defined, which means that we will do saving by delete/insert instead of insert/update if ( @identified_by ) { - my $where = join(' AND ', map { $$fields{$_}.'=?' } @identified_by ); + my $where = join(' AND ', map { '`'.$$fields{$_}.'`=?' } @identified_by ); if ( $debug ) { - $log->debug("DELETE FROM $table WHERE $where"); + $log->debug("DELETE FROM `$table` WHERE $where"); } # end if - if ( ! ( ( $_ = $local_dbh->prepare("DELETE FROM $table WHERE $where") ) and $_->execute( @$self{@identified_by} ) ) ) { + if ( ! ( ( $_ = $local_dbh->prepare("DELETE FROM `$table` WHERE $where") ) and $_->execute( @$self{@identified_by} ) ) ) { $where =~ s/\?/\%s/g; $log->error("Error deleting: DELETE FROM $table WHERE " . sprintf($where, map { defined $_ ? $_ : 'undef' } ( @$self{@identified_by}) ).'):' . $local_dbh->errstr); $local_dbh->rollback(); @@ -240,7 +239,7 @@ $log->debug("No serial") if $debug; next; } if ( ! $$self{$id} ) { - my $s = qq{SELECT `auto_increment` FROM INFORMATION_SCHEMA.TABLES WHERE table_name = '$table'}; + my $s = qq{SELECT `auto_increment` FROM INFORMATION_SCHEMA.TABLES WHERE `table_name` = '$table'}; ($$self{$id}) = ($sql{$$fields{$id}}) = $local_dbh->selectrow_array( $s ); #($$self{$id}) = ($sql{$$fields{$id}}) = $local_dbh->selectrow_array( q{SELECT nextval('} . $serial{$id} . q{')} ); @@ -252,7 +251,7 @@ $log->debug("No serial") if $debug; if ( $insert ) { my @keys = keys %sql; - my $command = "INSERT INTO $table (" . join(',', @keys ) . ') VALUES (' . join(',', map { '?' } @sql{@keys} ) . ')'; + my $command = "INSERT INTO `$table` (" . join(',', @keys ) . ') VALUES (' . join(',', map { '?' } @sql{@keys} ) . ')'; if ( ! ( ( $_ = $local_dbh->prepare($command) ) and $_->execute( @sql{@keys} ) ) ) { my $error = $local_dbh->errstr; $command =~ s/\?/\%s/g; @@ -267,7 +266,7 @@ $log->debug("No serial") if $debug; } # end if } else { my @keys = keys %sql; - my $command = "UPDATE $table SET " . join(',', map { $_ . ' = ?' } @keys ) . ' WHERE ' . join(' AND ', map { $_ . ' = ?' } @$fields{@identified_by} ); + my $command = "UPDATE `$table` SET " . join(',', map { '`'.$_ . '` = ?' } @keys ) . ' WHERE ' . join(' AND ', map { '`'.$_ . '` = ?' } @$fields{@identified_by} ); if ( ! ( $_ = $local_dbh->prepare($command) and $_->execute( @sql{@keys,@$fields{@identified_by}} ) ) ) { my $error = $local_dbh->errstr; $command =~ s/\?/\%s/g; @@ -293,12 +292,12 @@ $log->debug("No serial") if $debug; if ( $need_serial ) { if ( $serial ) { $log->debug("Getting auto_increments"); - my $s = qq{SELECT `auto_increment` FROM INFORMATION_SCHEMA.TABLES WHERE table_name = '$table'}; + my $s = qq{SELECT `auto_increment` FROM INFORMATION_SCHEMA.TABLES WHERE `table_name` = '$table'}; @$self{@identified_by} = @sql{@$fields{@identified_by}} = $local_dbh->selectrow_array( $s ); #@$self{@identified_by} = @sql{@$fields{@identified_by}} = $local_dbh->selectrow_array( q{SELECT nextval('} . $serial . q{')} ); if ( $local_dbh->errstr() ) { - $log->error("Error getting next id. " . $local_dbh->errstr() ); - $log->error("SQL statement execution $s returned ".join(',',@$self{@identified_by})); + $log->error("Error getting next id. " . $local_dbh->errstr() ."\n". + "SQL statement execution $s returned ".join(',',@$self{@identified_by})); } elsif ( $debug or DEBUG_ALL ) { $log->debug("SQL statement execution $s returned ".join(',',@$self{@identified_by})); } # end if @@ -306,7 +305,7 @@ $log->debug("No serial") if $debug; } # end if my @keys = keys %sql; - my $command = "INSERT INTO $table (" . join(',', @keys ) . ') VALUES (' . join(',', map { '?' } @sql{@keys} ) . ')'; + my $command = "INSERT INTO `$table` (" . join(',', map { '`'.$_.'`' } @keys ) . ') VALUES (' . join(',', map { '?' } @sql{@keys} ) . ')'; if ( ! ( $_ = $local_dbh->prepare($command) and $_->execute( @sql{@keys} ) ) ) { $command =~ s/\?/\%s/g; my $error = $local_dbh->errstr; @@ -325,7 +324,7 @@ $log->debug("No serial") if $debug; my %identified_by = map { $_, $_ } @identified_by; @keys = map { $identified_by{$_} ? () : $$fields{$_} } @keys; - my $command = "UPDATE $table SET " . join(',', map { $_ . ' = ?' } @keys ) . ' WHERE ' . join(' AND ', map { $$fields{$_} .'= ?' } @identified_by ); + my $command = "UPDATE `$table` SET " . join(',', map { '`'.$_ . '` = ?' } @keys ) . ' WHERE ' . join(' AND ', map { '`'.$$fields{$_} .'`= ?' } @identified_by ); if ( ! ( $_ = $local_dbh->prepare($command) and $_->execute( @sql{@keys}, @sql{@$fields{@identified_by}} ) ) ) { my $error = $local_dbh->errstr; $command =~ s/\?/\%s/g; diff --git a/scripts/zmaudit.pl.in b/scripts/zmaudit.pl.in index d704e169b..14ddcf11e 100644 --- a/scripts/zmaudit.pl.in +++ b/scripts/zmaudit.pl.in @@ -201,12 +201,12 @@ MAIN: while( $loop ) { my %Monitors; my $db_monitors; - my $monitorSelectSql = $monitor_id ? 'SELECT * FROM Monitors WHERE Id=?' : 'SELECT * FROM Monitors ORDER BY Id'; + my $monitorSelectSql = $monitor_id ? 'SELECT * FROM `Monitors` WHERE `Id`=?' : 'SELECT * FROM `Monitors` ORDER BY `Id`'; my $monitorSelectSth = $dbh->prepare_cached( $monitorSelectSql ) or Fatal( "Can't prepare '$monitorSelectSql': ".$dbh->errstr() ); - my $eventSelectSql = 'SELECT Id, (unix_timestamp() - unix_timestamp(StartTime)) AS Age - FROM Events WHERE MonitorId = ?'.(@Storage_Areas ? ' AND StorageId IN ('.join(',',map { '?'} @Storage_Areas).')' : '' ). ' ORDER BY Id'; + my $eventSelectSql = 'SELECT `Id`, (unix_timestamp() - unix_timestamp(`StartTime`)) AS Age + FROM `Events` WHERE `MonitorId` = ?'.(@Storage_Areas ? ' AND `StorageId` IN ('.join(',',map { '?'} @Storage_Areas).')' : '' ). ' ORDER BY `Id`'; my $eventSelectSth = $dbh->prepare_cached( $eventSelectSql ) or Fatal( "Can't prepare '$eventSelectSql': ".$dbh->errstr() ); @@ -373,8 +373,7 @@ MAIN: while( $loop ) { } aud_print("Deleting event directories with no event id information at $day_dir/$event_dir"); if ( confirm() ) { - my $command = "rm -rf $event_dir"; - executeShellCommand( $command ); + executeShellCommand("rm -rf $event_dir"); $cleaned = 1; } } # end if able to find id @@ -476,11 +475,10 @@ MAIN: while( $loop ) { } # end if ! in db events } # end foreach fs event } else { - aud_print( "Filesystem monitor '$monitor_id' in $$Storage{Path} does not exist in database" ); + aud_print("Filesystem monitor '$monitor_id' in $$Storage{Path} does not exist in database"); if ( confirm() ) { - my $command = "rm -rf $monitor_id"; - executeShellCommand( $command ); + executeShellCommand("rm -rf $monitor_id"); $cleaned = 1; } } @@ -494,8 +492,7 @@ MAIN: while( $loop ) { aud_print("Filesystem monitor link '$link' does not point to valid monitor directory"); if ( confirm() ) { ( $link ) = ( $link =~ /^(.*)$/ ); # De-taint - my $command = qq`rm "$link"`; - executeShellCommand($command); + executeShellCommand(qq`rm "$link"`); $cleaned = 1; } } # end foreach monitor link @@ -508,17 +505,17 @@ MAIN: while( $loop ) { $cleaned = 0; my $deleteMonitorSql = 'DELETE LOW_PRIORITY FROM Monitors WHERE Id = ?'; - my $deleteMonitorSth = $dbh->prepare_cached( $deleteMonitorSql ) - or Fatal( "Can't prepare '$deleteMonitorSql': ".$dbh->errstr() ); + my $deleteMonitorSth = $dbh->prepare_cached($deleteMonitorSql) + or Fatal("Can't prepare '$deleteMonitorSql': ".$dbh->errstr()); my $deleteEventSql = 'DELETE LOW_PRIORITY FROM Events WHERE Id = ?'; my $deleteEventSth = $dbh->prepare_cached( $deleteEventSql ) - or Fatal( "Can't prepare '$deleteEventSql': ".$dbh->errstr() ); + or Fatal("Can't prepare '$deleteEventSql': ".$dbh->errstr()); my $deleteFramesSql = 'DELETE LOW_PRIORITY FROM Frames WHERE EventId = ?'; my $deleteFramesSth = $dbh->prepare_cached( $deleteFramesSql ) - or Fatal( "Can't prepare '$deleteFramesSql': ".$dbh->errstr() ); + or Fatal("Can't prepare '$deleteFramesSql': ".$dbh->errstr()); my $deleteStatsSql = 'DELETE LOW_PRIORITY FROM Stats WHERE EventId = ?'; my $deleteStatsSth = $dbh->prepare_cached( $deleteStatsSql ) - or Fatal( "Can't prepare '$deleteStatsSql': ".$dbh->errstr() ); + or Fatal("Can't prepare '$deleteStatsSql': ".$dbh->errstr()); # Foreach database monitor and it's list of events. while ( my ( $db_monitor, $db_events ) = each(%$db_monitors) ) { @@ -631,21 +628,21 @@ if ( $level > 1 ) { # Shouldn't be possible anymore with FOREIGN KEYS in place $cleaned = 0; Debug("Checking for Orphaned Events"); - my $selectOrphanedEventsSql = 'SELECT Events.Id, Events.Name - FROM Events LEFT JOIN Monitors ON (Events.MonitorId = Monitors.Id) - WHERE isnull(Monitors.Id)'; + my $selectOrphanedEventsSql = 'SELECT `Events`.`Id`, `Events`.`Name` + FROM `Events` LEFT JOIN `Monitors` ON (`Events`.`MonitorId` = `Monitors`.`Id`) + WHERE isnull(`Monitors`.`Id`)'; my $selectOrphanedEventsSth = $dbh->prepare_cached( $selectOrphanedEventsSql ) - or Error( "Can't prepare '$selectOrphanedEventsSql': ".$dbh->errstr() ); + or Error("Can't prepare '$selectOrphanedEventsSql': ".$dbh->errstr()); $res = $selectOrphanedEventsSth->execute() - or Error( "Can't execute: ".$selectOrphanedEventsSth->errstr() ); + or Error("Can't execute: ".$selectOrphanedEventsSth->errstr()); while( my $event = $selectOrphanedEventsSth->fetchrow_hashref() ) { - aud_print( "Found orphaned event with no monitor '$event->{Id}'" ); + aud_print("Found orphaned event with no monitor '$event->{Id}'"); if ( confirm() ) { - if ( $res = $deleteEventSth->execute( $event->{Id} ) ) { + if ( $res = $deleteEventSth->execute($event->{Id}) ) { $cleaned = 1; } else { - Error( "Can't execute: ".$deleteEventSth->errstr() ); + Error("Can't execute: ".$deleteEventSth->errstr()); } } } @@ -655,42 +652,42 @@ if ( $level > 1 ) { # Remove empty events (with no frames) $cleaned = 0; Debug("Checking for Events with no Frames"); - my $selectEmptyEventsSql = 'SELECT E.Id AS Id, E.StartTime, F.EventId FROM Events as E LEFT JOIN Frames as F ON (E.Id = F.EventId) - WHERE isnull(F.EventId) AND now() - interval '.$Config{ZM_AUDIT_MIN_AGE}.' second > E.StartTime'; + my $selectEmptyEventsSql = 'SELECT `E`.`Id` AS `Id`, `E`.`StartTime`, `F`.`EventId` FROM `Events` AS E LEFT JOIN `Frames` AS F ON (`E`.`Id` = `F`.`EventId`) + WHERE isnull(`F`.`EventId`) AND now() - interval '.$Config{ZM_AUDIT_MIN_AGE}.' second > `E`.`StartTime`'; if ( my $selectEmptyEventsSth = $dbh->prepare_cached( $selectEmptyEventsSql ) ) { if ( $res = $selectEmptyEventsSth->execute() ) { while( my $event = $selectEmptyEventsSth->fetchrow_hashref() ) { - aud_print( "Found empty event with no frame records '$event->{Id}' at $$event{StartTime}" ); + aud_print("Found empty event with no frame records '$event->{Id}' at $$event{StartTime}"); if ( confirm() ) { - if ( $res = $deleteEventSth->execute( $event->{Id} ) ) { + if ( $res = $deleteEventSth->execute($event->{Id}) ) { $cleaned = 1; } else { - Error( "Can't execute: ".$deleteEventSth->errstr() ); + Error("Can't execute: ".$deleteEventSth->errstr()); } } } # end foreach row } else { - Error( "Can't execute: ".$selectEmptyEventsSth->errstr() ); + Error("Can't execute: ".$selectEmptyEventsSth->errstr()); } } else { - Error( "Can't prepare '$selectEmptyEventsSql': ".$dbh->errstr() ); + Error("Can't prepare '$selectEmptyEventsSql': ".$dbh->errstr()); } redo MAIN if $cleaned; # Remove orphaned frame records $cleaned = 0; - Debug("Checking for Orphaned Frames"); - my $selectOrphanedFramesSql = 'SELECT DISTINCT EventId FROM Frames - WHERE (SELECT COUNT(*) FROM Events WHERE Events.Id=EventId)=0'; + Debug('Checking for Orphaned Frames'); + my $selectOrphanedFramesSql = 'SELECT DISTINCT `EventId` FROM `Frames` + WHERE (SELECT COUNT(*) FROM `Events` WHERE `Events`.`Id`=`EventId`)=0'; my $selectOrphanedFramesSth = $dbh->prepare_cached( $selectOrphanedFramesSql ) - or Fatal( "Can't prepare '$selectOrphanedFramesSql': ".$dbh->errstr() ); + or Fatal("Can't prepare '$selectOrphanedFramesSql': ".$dbh->errstr()); $res = $selectOrphanedFramesSth->execute() - or Fatal( "Can't execute: ".$selectOrphanedFramesSth->errstr() ); + or Fatal("Can't execute: ".$selectOrphanedFramesSth->errstr()); while( my $frame = $selectOrphanedFramesSth->fetchrow_hashref() ) { - aud_print( "Found orphaned frame records for event '$frame->{EventId}'" ); + aud_print("Found orphaned frame records for event '$frame->{EventId}'"); if ( confirm() ) { - $res = $deleteFramesSth->execute( $frame->{EventId} ) - or Fatal( "Can't execute: ".$deleteFramesSth->errstr() ); + $res = $deleteFramesSth->execute($frame->{EventId}) + or Fatal("Can't execute: ".$deleteFramesSth->errstr()); $cleaned = 1; } } @@ -699,18 +696,18 @@ if ( $level > 1 ) { if ( $level > 1 ) { # Remove orphaned stats records $cleaned = 0; - Debug("Checking for Orphaned Stats"); - my $selectOrphanedStatsSql = 'SELECT DISTINCT EventId FROM Stats - WHERE EventId NOT IN (SELECT Id FROM Events)'; + Debug('Checking for Orphaned Stats'); + my $selectOrphanedStatsSql = 'SELECT DISTINCT `EventId` FROM `Stats` + WHERE `EventId` NOT IN (SELECT `Id` FROM `Events`)'; my $selectOrphanedStatsSth = $dbh->prepare_cached( $selectOrphanedStatsSql ) - or Fatal( "Can't prepare '$selectOrphanedStatsSql': ".$dbh->errstr() ); + or Fatal("Can't prepare '$selectOrphanedStatsSql': ".$dbh->errstr()); $res = $selectOrphanedStatsSth->execute() - or Fatal( "Can't execute: ".$selectOrphanedStatsSth->errstr() ); + or Fatal("Can't execute: ".$selectOrphanedStatsSth->errstr()); while( my $stat = $selectOrphanedStatsSth->fetchrow_hashref() ) { - aud_print( "Found orphaned statistic records for event '$stat->{EventId}'" ); + aud_print("Found orphaned statistic records for event '$stat->{EventId}'"); if ( confirm() ) { $res = $deleteStatsSth->execute( $stat->{EventId} ) - or Fatal( "Can't execute: ".$deleteStatsSth->errstr() ); + or Fatal("Can't execute: ".$deleteStatsSth->errstr()); $cleaned = 1; } } @@ -732,44 +729,44 @@ if ( $level > 1 ) { #WHERE isnull(E.Frames) or isnull(E.EndTime) #GROUP BY E.Id HAVING EndTime < (now() - interval ".$Config{ZM_AUDIT_MIN_AGE}.' second)' #; - 'SELECT *, unix_timestamp(StartTime) AS TimeStamp FROM Events WHERE EndTime IS NULL AND StartTime < (now() - interval '.$Config{ZM_AUDIT_MIN_AGE}.' second)'; + 'SELECT *, unix_timestamp(`StartTime`) AS `TimeStamp` FROM `Events` WHERE `EndTime` IS NULL AND `StartTime` < (now() - interval '.$Config{ZM_AUDIT_MIN_AGE}.' second)'; my $selectFrameDataSql = ' SELECT - max(TimeStamp) as EndTime, - unix_timestamp(max(TimeStamp)) AS EndTimeStamp, - max(FrameId) as Frames, - count(if(Score>0,1,NULL)) as AlarmFrames, - sum(Score) as TotScore, - max(Score) as MaxScore -FROM Frames WHERE EventId=?'; + max(`TimeStamp`) AS `EndTime`, + unix_timestamp(max(`TimeStamp`)) AS `EndTimeStamp`, + max(`FrameId`) AS `Frames`, + count(if(`Score`>0,1,NULL)) AS `AlarmFrames`, + sum(`Score`) AS `TotScore`, + max(`Score`) AS `MaxScore` +FROM `Frames` WHERE `EventId`=?'; my $selectFrameDataSth = $dbh->prepare_cached($selectFrameDataSql) or Fatal( "Can't prepare '$selectFrameDataSql': ".$dbh->errstr() ); my $selectUnclosedEventsSth = $dbh->prepare_cached( $selectUnclosedEventsSql ) - or Fatal( "Can't prepare '$selectUnclosedEventsSql': ".$dbh->errstr() ); + or Fatal("Can't prepare '$selectUnclosedEventsSql': ".$dbh->errstr()); my $updateUnclosedEventsSql = - "UPDATE low_priority Events - SET Name = ?, - EndTime = ?, - Length = ?, - Frames = ?, - AlarmFrames = ?, - TotScore = ?, - AvgScore = ?, - MaxScore = ?, - Notes = concat_ws( ' ', Notes, ? ) - WHERE Id = ?" + "UPDATE low_priority `Events` + SET `Name` = ?, + `EndTime` = ?, + `Length` = ?, + `Frames` = ?, + `AlarmFrames` = ?, + `TotScore` = ?, + `AvgScore` = ?, + `MaxScore` = ?, + `Notes` = concat_ws( ' ', `Notes`, ? ) + WHERE `Id` = ?" ; my $updateUnclosedEventsSth = $dbh->prepare_cached( $updateUnclosedEventsSql ) - or Fatal( "Can't prepare '$updateUnclosedEventsSql': ".$dbh->errstr() ); + or Fatal("Can't prepare '$updateUnclosedEventsSql': ".$dbh->errstr()); $res = $selectUnclosedEventsSth->execute() - or Fatal( "Can't execute: ".$selectUnclosedEventsSth->errstr() ); + or Fatal("Can't execute: ".$selectUnclosedEventsSth->errstr()); while( my $event = $selectUnclosedEventsSth->fetchrow_hashref() ) { - aud_print( "Found open event '$event->{Id}' on Monitor $event->{MonitorId} at $$event{StartTime}" ); - if ( confirm( 'close', 'closing' ) ) { + aud_print("Found open event '$event->{Id}' on Monitor $event->{MonitorId} at $$event{StartTime}"); + if ( confirm('close', 'closing') ) { if ( ! ( $res = $selectFrameDataSth->execute($event->{Id}) ) ) { - Error( "Can't execute: $selectFrameDataSql:".$selectFrameDataSth->errstr() ); + Error("Can't execute: $selectFrameDataSql:".$selectFrameDataSth->errstr()); next; } my $frame = $selectFrameDataSth->fetchrow_hashref(); @@ -802,7 +799,7 @@ FROM Frames WHERE EventId=?'; # Now delete any old image files if ( my @old_files = grep { -M > $max_image_age } <$image_path/*.{jpg,gif,wbmp}> ) { - aud_print( 'Deleting '.int(@old_files)." old images\n" ); + aud_print('Deleting '.int(@old_files)." old images\n"); my $untainted_old_files = join( ';', @old_files ); ( $untainted_old_files ) = ( $untainted_old_files =~ /^(.*)$/ ); unlink( split( /;/, $untainted_old_files ) ); @@ -816,21 +813,21 @@ FROM Frames WHERE EventId=?'; if ( $Config{ZM_LOG_DATABASE_LIMIT} ) { if ( $Config{ZM_LOG_DATABASE_LIMIT} =~ /^\d+$/ ) { # Number of rows - my $selectLogRowCountSql = 'SELECT count(*) AS Rows FROM Logs'; + my $selectLogRowCountSql = 'SELECT count(*) AS `Rows` FROM `Logs`'; my $selectLogRowCountSth = $dbh->prepare_cached( $selectLogRowCountSql ) - or Fatal( "Can't prepare '$selectLogRowCountSql': ".$dbh->errstr() ); + or Fatal("Can't prepare '$selectLogRowCountSql': ".$dbh->errstr()); $res = $selectLogRowCountSth->execute() - or Fatal( "Can't execute: ".$selectLogRowCountSth->errstr() ); + or Fatal("Can't execute: ".$selectLogRowCountSth->errstr()); my $row = $selectLogRowCountSth->fetchrow_hashref(); my $logRows = $row->{Rows}; if ( $logRows > $Config{ZM_LOG_DATABASE_LIMIT} ) { - my $deleteLogByRowsSql = 'DELETE low_priority FROM Logs ORDER BY TimeKey ASC LIMIT ?'; + my $deleteLogByRowsSql = 'DELETE low_priority FROM `Logs` ORDER BY `TimeKey` ASC LIMIT ?'; my $deleteLogByRowsSth = $dbh->prepare_cached( $deleteLogByRowsSql ) - or Fatal( "Can't prepare '$deleteLogByRowsSql': ".$dbh->errstr() ); + or Fatal("Can't prepare '$deleteLogByRowsSql': ".$dbh->errstr()); $res = $deleteLogByRowsSth->execute( $logRows - $Config{ZM_LOG_DATABASE_LIMIT} ) - or Fatal( "Can't execute: ".$deleteLogByRowsSth->errstr() ); + or Fatal("Can't execute: ".$deleteLogByRowsSth->errstr()); if ( $deleteLogByRowsSth->rows() ) { - aud_print( 'Deleted '.$deleteLogByRowsSth->rows() ." log table entries by count\n" ); + aud_print('Deleted '.$deleteLogByRowsSth->rows() ." log table entries by count\n"); } } } else { @@ -843,67 +840,67 @@ FROM Frames WHERE EventId=?'; my $deleted_rows; do { my $deleteLogByTimeSql = - 'DELETE FROM Logs - WHERE TimeKey < unix_timestamp(now() - interval '.$Config{ZM_LOG_DATABASE_LIMIT}.') LIMIT 10'; + 'DELETE FROM `Logs` + WHERE `TimeKey` < unix_timestamp(now() - interval '.$Config{ZM_LOG_DATABASE_LIMIT}.') LIMIT 10'; my $deleteLogByTimeSth = $dbh->prepare_cached( $deleteLogByTimeSql ) - or Fatal( "Can't prepare '$deleteLogByTimeSql': ".$dbh->errstr() ); + or Fatal("Can't prepare '$deleteLogByTimeSql': ".$dbh->errstr()); $res = $deleteLogByTimeSth->execute() - or Fatal( "Can't execute: ".$deleteLogByTimeSth->errstr() ); + or Fatal("Can't execute: ".$deleteLogByTimeSth->errstr()); $deleted_rows = $deleteLogByTimeSth->rows(); - aud_print( "Deleted $deleted_rows log table entries by time\n" ); + aud_print("Deleted $deleted_rows log table entries by time\n"); } while ( $deleted_rows ); } } # end if ZM_LOG_DATABASE_LIMIT $loop = $continuous; - my $eventcounts_sql = q` - UPDATE Monitors SET - TotalEvents=(SELECT COUNT(Id) FROM Events WHERE MonitorId=Monitors.Id), - TotalEventDiskSpace=(SELECT SUM(DiskSpace) FROM Events WHERE MonitorId=Monitors.Id AND DiskSpace IS NOT NULL), - ArchivedEvents=(SELECT COUNT(Id) FROM Events WHERE MonitorId=Monitors.Id AND Archived=1), - ArchivedEventDiskSpace=(SELECT SUM(DiskSpace) FROM Events WHERE MonitorId=Monitors.Id AND Archived=1 AND DiskSpace IS NOT NULL) - `; + my $eventcounts_sql = ' + UPDATE `Monitors` SET + `TotalEvents`=(SELECT COUNT(`Id`) FROM `Events` WHERE `MonitorId`=`Monitors.Id`), + `TotalEventDiskSpace`=(SELECT SUM(`DiskSpace`) FROM `Events` WHERE `MonitorId`=`Monitors`.`Id` AND `DiskSpace` IS NOT NULL), + `ArchivedEvents`=(SELECT COUNT(`Id`) FROM `Events` WHERE `MonitorId`=`Monitors`.`Id` AND `Archived`=1), + `ArchivedEventDiskSpace`=(SELECT SUM(`DiskSpace`) FROM `Events` WHERE `MonitorId`=`Monitors`.`Id` AND `Archived`=1 AND `DiskSpace` IS NOT NULL) + '; my $eventcounts_sth = $dbh->prepare_cached( $eventcounts_sql ); $eventcounts_sth->execute(); $eventcounts_sth->finish(); - my $eventcounts_hour_sql = q` - UPDATE Monitors INNER JOIN ( - SELECT MonitorId, COUNT(*) AS HourEvents, SUM(COALESCE(DiskSpace,0)) AS HourEventDiskSpace - FROM Events_Hour GROUP BY MonitorId - ) AS E ON E.MonitorId=Monitors.Id SET - Monitors.HourEvents = E.HourEvents, - Monitors.HourEventDiskSpace = E.HourEventDiskSpace - `; + my $eventcounts_hour_sql = ' + UPDATE `Monitors` INNER JOIN ( + SELECT `MonitorId`, COUNT(*) AS `HourEvents`, SUM(COALESCE(`DiskSpace`,0)) AS `HourEventDiskSpace` + FROM `Events_Hour` GROUP BY `MonitorId` + ) AS `E` ON `E`.`MonitorId`=`Monitors`.`Id` SET + `Monitors`.`HourEvents` = `E`.`HourEvents`, + `Monitors`.`HourEventDiskSpace` = `E`.`HourEventDiskSpace` + '; - my $eventcounts_day_sql = q` - UPDATE Monitors INNER JOIN ( - SELECT MonitorId, COUNT(*) AS DayEvents, SUM(COALESCE(DiskSpace,0)) AS DayEventDiskSpace - FROM Events_Day GROUP BY MonitorId - ) AS E ON E.MonitorId=Monitors.Id SET - Monitors.DayEvents = E.DayEvents, - Monitors.DayEventDiskSpace = E.DayEventDiskSpace - `; + my $eventcounts_day_sql = ' + UPDATE `Monitors` INNER JOIN ( + SELECT `MonitorId`, COUNT(*) AS `DayEvents`, SUM(COALESCE(`DiskSpace`,0)) AS `DayEventDiskSpace` + FROM `Events_Day` GROUP BY `MonitorId` + ) AS `E` ON `E`.`MonitorId`=`Monitors`.`Id` SET + `Monitors`.`DayEvents` = `E`.`DayEvents`, + `Monitors`.`DayEventDiskSpace` = `E`.`DayEventDiskSpace` + '; - my $eventcounts_week_sql = q` - UPDATE Monitors INNER JOIN ( - SELECT MonitorId, COUNT(*) AS WeekEvents, SUM(COALESCE(DiskSpace,0)) AS WeekEventDiskSpace - FROM Events_Week GROUP BY MonitorId - ) AS E ON E.MonitorId=Monitors.Id SET - Monitors.WeekEvents = E.WeekEvents, - Monitors.WeekEventDiskSpace = E.WeekEventDiskSpace - `; + my $eventcounts_week_sql = ' + UPDATE `Monitors` INNER JOIN ( + SELECT `MonitorId`, COUNT(*) AS `WeekEvents`, SUM(COALESCE(`DiskSpace`,0)) AS `WeekEventDiskSpace` + FROM `Events_Week` GROUP BY `MonitorId` + ) AS `E` ON `E`.`MonitorId`=`Monitors`.`Id` SET + `Monitors`.`WeekEvents` = `E`.`WeekEvents`, + `Monitors`.`WeekEventDiskSpace` = `E`.`WeekEventDiskSpace` + '; - my $eventcounts_month_sql = q` - UPDATE Monitors INNER JOIN ( - SELECT MonitorId, COUNT(*) AS MonthEvents, SUM(COALESCE(DiskSpace,0)) AS MonthEventDiskSpace - FROM Events_Month GROUP BY MonitorId - ) AS E ON E.MonitorId=Monitors.Id SET - Monitors.MonthEvents = E.MonthEvents, - Monitors.MonthEventDiskSpace = E.MonthEventDiskSpace - `; + my $eventcounts_month_sql = ' + UPDATE `Monitors` INNER JOIN ( + SELECT `MonitorId`, COUNT(*) AS `MonthEvents`, SUM(COALESCE(`DiskSpace`,0)) AS `MonthEventDiskSpace` + FROM `Events_Month` GROUP BY `MonitorId` + ) AS `E` ON `E`.`MonitorId`=`Monitors`.`Id` SET + `Monitors`.`MonthEvents` = `E`.`MonthEvents`, + `Monitors`.`MonthEventDiskSpace` = `E`.`MonthEventDiskSpace` + '; my $eventcounts_hour_sth = $dbh->prepare_cached($eventcounts_hour_sql); my $eventcounts_day_sth = $dbh->prepare_cached($eventcounts_day_sql); my $eventcounts_week_sth = $dbh->prepare_cached($eventcounts_week_sql); diff --git a/scripts/zmfilter.pl.in b/scripts/zmfilter.pl.in index 074cba1b5..3842905a5 100644 --- a/scripts/zmfilter.pl.in +++ b/scripts/zmfilter.pl.in @@ -221,27 +221,27 @@ sub getFilters { my @sql_values; my @filters; - my $sql = 'SELECT * FROM Filters WHERE'; + my $sql = 'SELECT * FROM `Filters` WHERE'; if ( $$sql_filters{Name} ) { - $sql .= ' Name = ? AND'; + $sql .= ' `Name` = ? AND'; push @sql_values, $$sql_filters{Name}; } elsif ( $$sql_filters{Id} ) { - $sql .= ' Id = ? AND'; + $sql .= ' `Id` = ? AND'; push @sql_values, $$sql_filters{Id}; } else { - $sql .= ' Background = 1 AND'; + $sql .= ' `Background` = 1 AND'; } - $sql .= '( AutoArchive = 1 - or AutoVideo = 1 - or AutoUpload = 1 - or AutoEmail = 1 - or AutoMessage = 1 - or AutoExecute = 1 - or AutoDelete = 1 - or UpdateDiskSpace = 1 - or AutoMove = 1 - or AutoCopy = 1 - ) ORDER BY Name'; + $sql .= '( `AutoArchive` = 1 + or `AutoVideo` = 1 + or `AutoUpload` = 1 + or `AutoEmail` = 1 + or `AutoMessage` = 1 + or `AutoExecute` = 1 + or `AutoDelete` = 1 + or `UpdateDiskSpace` = 1 + or `AutoMove` = 1 + or `AutoCopy` = 1 + ) ORDER BY `Name`'; my $sth = $dbh->prepare_cached($sql) or Fatal("Unable to prepare '$sql': ".$dbh->errstr()); my $res = $sth->execute(@sql_values) @@ -301,7 +301,7 @@ sub checkFilter { if ( $filter->{AutoArchive} ) { Info("Archiving event $Event->{Id}"); # Do it individually to avoid locking up the table for new events - my $sql = 'UPDATE Events SET Archived = 1 WHERE Id = ?'; + my $sql = 'UPDATE `Events` SET `Archived` = 1 WHERE `Id` = ?'; my $sth = $dbh->prepare_cached($sql) or Fatal("Unable to prepare '$sql': ".$dbh->errstr()); my $res = $sth->execute($Event->{Id}) @@ -434,7 +434,7 @@ sub generateVideo { } return 0; } else { - my $sql = 'UPDATE Events SET Videoed = 1 WHERE Id = ?'; + my $sql = 'UPDATE `Events` SET `Videoed` = 1 WHERE `Id` = ?'; my $sth = $dbh->prepare_cached($sql) or Fatal("Unable to prepare '$sql': ".$dbh->errstr()); my $res = $sth->execute($Event->{Id}) @@ -619,7 +619,7 @@ sub uploadArchFile { or Error("SFTP - Unable to upload '$archLocPath': ".$sftp->error); } unlink($archLocPath); - my $sql = 'UPDATE Events SET Uploaded = 1 WHERE Id = ?'; + my $sql = 'UPDATE `Events` SET `Uploaded` = 1 WHERE `Id` = ?'; my $sth = $dbh->prepare_cached($sql) or Fatal("Unable to prepare '$sql': ".$dbh->errstr()); my $res = $sth->execute($Event->{Id}) @@ -647,12 +647,10 @@ sub substituteTags { my $max_alarm_frame; my $max_alarm_score = 0; if ( $need_images ) { - my $sql = q`SELECT * FROM Frames - WHERE EventId = ? AND Type = 'Alarm' - ORDER BY FrameId`; + my $sql = 'SELECT * FROM `Frames` WHERE `EventId`=? AND `Type`=? ORDER BY `FrameId`'; my $sth = $dbh->prepare_cached($sql) or Fatal("Unable to prepare '$sql': ".$dbh->errstr()); - my $res = $sth->execute($Event->{Id}) + my $res = $sth->execute($Event->{Id},'Alarm') or Fatal("Unable to execute '$sql': ".$dbh->errstr()); my $rows = 0; while( my $frame = $sth->fetchrow_hashref() ) { @@ -879,7 +877,7 @@ sub sendEmail { } else { Info('Notification email sent'); } - my $sql = 'UPDATE Events SET Emailed = 1 WHERE Id = ?'; + my $sql = 'UPDATE `Events` SET `Emailed` = 1 WHERE `Id` = ?'; my $sth = $dbh->prepare_cached($sql) or Fatal("Unable to prepare '$sql': ".$dbh->errstr()); my $res = $sth->execute($Event->{Id}) @@ -984,7 +982,7 @@ sub sendMessage { } else { Info('Notification message sent'); } - my $sql = 'UPDATE Events SET Messaged = 1 WHERE Id = ?'; + my $sql = 'UPDATE `Events` SET `Messaged` = 1 WHERE `Id` = ?'; my $sth = $dbh->prepare_cached($sql) or Fatal("Unable to prepare '$sql': ".$dbh->errstr()); my $res = $sth->execute($Event->{Id}) @@ -1014,7 +1012,7 @@ sub executeCommand { Error("Command '$command' exited with status: $status"); return 0; } else { - my $sql = 'UPDATE Events SET Executed = 1 WHERE Id = ?'; + my $sql = 'UPDATE `Events` SET `Executed` = 1 WHERE `Id` = ?'; my $sth = $dbh->prepare_cached($sql) or Fatal("Unable to prepare '$sql': ".$dbh->errstr()); my $res = $sth->execute( $Event->{Id} ) diff --git a/scripts/zmupdate.pl.in b/scripts/zmupdate.pl.in index 8dbc4d14f..1f2cefa60 100644 --- a/scripts/zmupdate.pl.in +++ b/scripts/zmupdate.pl.in @@ -301,7 +301,7 @@ if ( $migrateEvents ) { $sth->finish(); print( "Updating configuration.\n" ); - $sql = "update Config set Value = ? where Name = 'ZM_USE_DEEP_STORAGE'"; + $sql = "UPDATE `Config` SET `Value` = ? WHERE `Name` = 'ZM_USE_DEEP_STORAGE'"; $sth = $dbh->prepare_cached( $sql ) or die( "Can't prepare '$sql': ".$dbh->errstr() ); $res = $sth->execute( 1 ) or die( "Can't execute: ".$sth->errstr() ); $sth->finish(); @@ -323,7 +323,7 @@ if ( $freshen ) { if ( $interactive ) { # Now check for MyISAM Tables my @MyISAM_Tables; - my $sql = "SELECT table_name FROM INFORMATION_SCHEMA.TABLES WHERE table_schema='zm' AND engine = 'MyISAM'"; + my $sql = "SELECT `table_name` FROM INFORMATION_SCHEMA.TABLES WHERE `table_schema`='zm' AND `engine` = 'MyISAM'"; my $sth = $dbh->prepare_cached( $sql ) or die( "Can't prepare '$sql': ".$dbh->errstr() ); my $res = $sth->execute() or die( "Can't execute: ".$sth->errstr() ); @@ -341,7 +341,7 @@ if ( $interactive ) { $dbh->do(q|SET sql_mode='traditional'|); # Elevate warnings to errors print "\nConverting MyISAM tables to InnoDB. Please wait.\n"; foreach (@MyISAM_Tables) { - my $sql = "ALTER TABLE $_ ENGINE = InnoDB"; + my $sql = "ALTER TABLE `$_` ENGINE = InnoDB"; my $sth = $dbh->prepare_cached( $sql ) or die( "Can't prepare '$sql': ".$dbh->errstr() ); my $res = $sth->execute() or die( "Can't execute: ".$sth->errstr() ); $sth->finish(); @@ -447,7 +447,7 @@ if ( $version ) { # Rename the event directories and create a new symlink for the names chdir( EVENT_PATH ); - my $sql = "select * from Monitors order by Id"; + my $sql = "SELECT * FROM `Monitors` ORDER BY `Id`"; my $sth = $dbh->prepare_cached( $sql ) or die( "Can't prepare '$sql': ".$dbh->errstr() ); my $res = $sth->execute() or die( "Can't execute: ".$sth->errstr() ); while( my $monitor = $sth->fetchrow_hashref() ) { From 7cab22b450ec1cc850e609364947ccc86e803aaf Mon Sep 17 00:00:00 2001 From: Isaac Connor Date: Mon, 26 Aug 2019 15:04:59 -0400 Subject: [PATCH 462/922] Use Event->SaveJPEGs instead of Monitor->SaveJPEGs --- web/views/image.php | 6 +++--- 1 file changed, 3 insertions(+), 3 deletions(-) diff --git a/web/views/image.php b/web/views/image.php index 5959982d8..6cf7062ed 100644 --- a/web/views/image.php +++ b/web/views/image.php @@ -100,7 +100,7 @@ if ( empty($_REQUEST['path']) ) { } } $Monitor = $Event->Monitor(); - if ( $Monitor->SaveJPEGs() & 1 ) { + if ( $Event->SaveJPEGs() & 1 ) { # If we store Frames as jpgs, then we don't store an alarmed snapshot $path = $Event->Path().'/'.sprintf('%0'.ZM_EVENT_IMAGE_DIGITS.'d', $Frame->FrameId()).'-'.$show.'.jpg'; } else { @@ -114,14 +114,14 @@ if ( empty($_REQUEST['path']) ) { ZM\Warning('No frame found for event ' . $_REQUEST['eid']); $Frame = new ZM\Frame(); $Frame->Delta(1); - if ( $Monitor->SaveJPEGs() & 1 ) { + if ( $Event->SaveJPEGs() & 1 ) { $Frame->FrameId(0); } else { $Frame->FrameId('snapshot'); } } $Monitor = $Event->Monitor(); - if ( $Monitor->SaveJPEGs() & 1 ) { + if ( $Event->SaveJPEGs() & 1 ) { # If we store Frames as jpgs, then we don't store a snapshot $path = $Event->Path().'/'.sprintf('%0'.ZM_EVENT_IMAGE_DIGITS.'d', $Frame->FrameId()).'-'.$show.'.jpg'; } else { From b26ed9bf622126ed449c580a212fd07240e6696b Mon Sep 17 00:00:00 2001 From: Isaac Connor Date: Mon, 26 Aug 2019 16:17:45 -0400 Subject: [PATCH 463/922] Yet more debugging. Also, move pts adjustment to before audio encoding --- src/zm_ffmpeg.h | 6 ++++-- src/zm_videostore.cpp | 45 ++++++++++++++++++++++++++----------------- 2 files changed, 31 insertions(+), 20 deletions(-) diff --git a/src/zm_ffmpeg.h b/src/zm_ffmpeg.h index 745754043..f6443f797 100644 --- a/src/zm_ffmpeg.h +++ b/src/zm_ffmpeg.h @@ -302,7 +302,7 @@ void zm_dump_codecpar(const AVCodecParameters *par); #if LIBAVCODEC_VERSION_CHECK(56, 8, 0, 60, 100) #define zm_dump_frame(frame, text) Debug(1, "%s: format %d %s sample_rate %" PRIu32 " nb_samples %d channels %d" \ " duration %" PRId64 \ - " layout %d pts %" PRId64,\ + " layout %d pts %" PRId64 " pkt_pts %" PRId64 " pkt_dts %" PRId64, \ text, \ frame->format, \ av_get_sample_fmt_name((AVSampleFormat)frame->format), \ @@ -311,7 +311,9 @@ void zm_dump_codecpar(const AVCodecParameters *par); frame->channels, \ frame->pkt_duration, \ frame->channel_layout, \ - frame->pts \ + frame->pts, \ + frame->pkt_pts, \ + frame->pkt_dts \ ); #else #define zm_dump_frame(frame, text) Debug(1, "%s: format %d %s sample_rate %" PRIu32 " nb_samples %d channels %d" \ diff --git a/src/zm_videostore.cpp b/src/zm_videostore.cpp index d71e3af2a..29bbb67e5 100644 --- a/src/zm_videostore.cpp +++ b/src/zm_videostore.cpp @@ -193,19 +193,6 @@ VideoStore::VideoStore( video_out_stream->r_frame_rate = video_in_stream->r_frame_rate; } #if LIBAVCODEC_VERSION_CHECK(56, 35, 0, 64, 0) -#if 0 - if ( video_out_ctx->codec_id == AV_CODEC_ID_H264 ) { - //video_out_ctx->level = 32;I// - video_out_ctx->bit_rate = 400*1024; - video_out_ctx->max_b_frames = 1; - if ( video_out_ctx->priv_data ) { - av_opt_set(video_out_ctx->priv_data, "crf", "1", AV_OPT_SEARCH_CHILDREN); - av_opt_set(video_out_ctx->priv_data, "preset", "ultrafast", 0); - } else { - Debug(2, "Not setting priv_data"); - } - } -#endif ret = avcodec_parameters_from_context(video_out_stream->codecpar, video_out_ctx); if ( ret < 0 ) { Error("Could not initialize video_out_ctx parameters"); @@ -790,9 +777,9 @@ bool VideoStore::setup_resampler() { } #if defined(HAVE_LIBSWRESAMPLE) - if (!(fifo = av_audio_fifo_alloc( + if ( !(fifo = av_audio_fifo_alloc( audio_out_ctx->sample_fmt, - audio_out_ctx->channels, 1))) { + audio_out_ctx->channels, 1)) ) { Error("Could not allocate FIFO"); return false; } @@ -1008,7 +995,6 @@ int VideoStore::writeVideoFramePacket(AVPacket *ipkt) { opkt.dts = video_out_stream->cur_dts; } -# if 1 if ( opkt.dts < video_out_stream->cur_dts ) { Debug(1, "Fixing non-monotonic dts/pts dts %" PRId64 " pts %" PRId64 " stream %" PRId64, opkt.dts, opkt.pts, video_out_stream->cur_dts); @@ -1017,7 +1003,6 @@ int VideoStore::writeVideoFramePacket(AVPacket *ipkt) { opkt.pts = opkt.dts; } } -#endif opkt.flags = ipkt->flags; opkt.pos = -1; @@ -1066,6 +1051,20 @@ int VideoStore::writeAudioFramePacket(AVPacket *ipkt) { } zm_dump_frame(in_frame, "In frame from decode"); + if ( in_frame->pts != AV_NOPTS_VALUE ) { + if ( !audio_first_pts ) { + audio_first_pts = in_frame->pts; + Debug(1, "No audio_first_pts setting to %" PRId64, audio_first_pts); + in_frame->pts = 0; + } else { + // out_frame_pts is in codec->timebase, audio_first_pts is in packet timebase. + in_frame->pts = in_frame->pts - audio_first_pts; + zm_dump_frame(in_frame, "in frame after pts adjustment"); + } + } else { + // sending AV_NOPTS_VALUE doesn't really work but we seem to get it in ffmpeg 2.8 + in_frame->pts = audio_next_pts; + } if ( !resample_audio() ) { //av_frame_unref(in_frame); @@ -1099,12 +1098,19 @@ int VideoStore::writeAudioFramePacket(AVPacket *ipkt) { } dumpPacket(audio_out_stream, &opkt, "raw opkt"); + Debug(1, "Duration before %d in %d/%d", opkt.duration, + audio_out_ctx->time_base.num, + audio_out_ctx->time_base.den); opkt.duration = av_rescale_q( opkt.duration, audio_out_ctx->time_base, audio_out_stream->time_base); + Debug(1, "Duration after %d in %d/%d", opkt.duration, + audio_out_stream->time_base.num, + audio_out_stream->time_base.den); // Scale the PTS of the outgoing packet to be the correct time base +#if 0 if ( ipkt->pts != AV_NOPTS_VALUE ) { if ( !audio_first_pts ) { opkt.pts = 0; @@ -1134,13 +1140,14 @@ int VideoStore::writeAudioFramePacket(AVPacket *ipkt) { audio_out_ctx->time_base, audio_out_stream->time_base); opkt.dts -= audio_first_dts; - Debug(2, "opkt.dts = %" PRId64 " from first_dts %" PRId64, + Debug(2, "audio opkt.dts = %" PRId64 " from first_dts %" PRId64, opkt.dts, audio_first_dts); } audio_last_dts = opkt.dts; } else { opkt.dts = AV_NOPTS_VALUE; } +#endif } else { Debug(2,"copying"); @@ -1261,6 +1268,8 @@ int VideoStore::resample_audio() { // AAC requires 1024 samples per encode. Our input tends to be something else, so need to buffer them. if ( frame_size > av_audio_fifo_size(fifo) ) { + Debug(1, "Not enough samples in fifo for AAC codec frame_size %d > fifo size %d", + frame_size, av_audio_fifo_size(fifo)); return 0; } From 82e8bde40626b9b91fe35d583993080169ab4b17 Mon Sep 17 00:00:00 2001 From: Isaac Connor Date: Mon, 26 Aug 2019 16:19:19 -0400 Subject: [PATCH 464/922] Fix SaveAs --- web/includes/actions/filter.php | 6 ++++++ 1 file changed, 6 insertions(+) diff --git a/web/includes/actions/filter.php b/web/includes/actions/filter.php index 2e1f282c7..34bd49422 100644 --- a/web/includes/actions/filter.php +++ b/web/includes/actions/filter.php @@ -102,6 +102,9 @@ if ( isset($_REQUEST['object']) and ( $_REQUEST['object'] == 'filter' ) ) { if ( $filter->Background() ) $filter->control('stop'); } else { + if ( $action == 'SaveAs' ) { + $filter->Id(null); + } # COuld be execute if ( 0 ) { dbQuery('INSERT INTO Filters SET'.$sql); @@ -109,6 +112,9 @@ if ( isset($_REQUEST['object']) and ( $_REQUEST['object'] == 'filter' ) ) { $filter = new ZM\Filter($_REQUEST['Id']); } $filter->save($changes); + + // We update the request id so that the newly saved filter is auto-selected + $_REQUEST['Id'] = $filter->Id(); } if ( $filter->Background() ) $filter->control('start'); From 7768d39eb94437b8450a281ff0308ff689232f48 Mon Sep 17 00:00:00 2001 From: Isaac Connor Date: Mon, 26 Aug 2019 16:19:44 -0400 Subject: [PATCH 465/922] Add auth to streamParms so that multi-server event viewing works --- web/skins/classic/views/js/event.js | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/web/skins/classic/views/js/event.js b/web/skins/classic/views/js/event.js index 94d47f20b..d762b53d9 100644 --- a/web/skins/classic/views/js/event.js +++ b/web/skins/classic/views/js/event.js @@ -202,7 +202,7 @@ function changeReplayMode() { var streamParms = "view=request&request=stream&connkey="+connKey; if ( auth_hash ) - streamCmdParms += '&auth='+auth_hash; + streamParms += '&auth='+auth_hash; var streamCmdTimer = null; var streamStatus = null; From 292b530f995c103657d83a6a59d1557f245d1bc4 Mon Sep 17 00:00:00 2001 From: Isaac Connor Date: Mon, 26 Aug 2019 16:20:23 -0400 Subject: [PATCH 466/922] Allow montage review maxdatetime to be less than minDateTime. This allows us to set it first so that the reload does kill us --- web/skins/classic/views/js/montagereview.js | 3 ++- 1 file changed, 2 insertions(+), 1 deletion(-) diff --git a/web/skins/classic/views/js/montagereview.js b/web/skins/classic/views/js/montagereview.js index 06f23170f..bc06deeba 100644 --- a/web/skins/classic/views/js/montagereview.js +++ b/web/skins/classic/views/js/montagereview.js @@ -1010,7 +1010,8 @@ function initPage() { $j('#maxTime').datetimepicker({ timeFormat: "HH:mm:ss", dateFormat: "yy-mm-dd", - minDate: $j('#minTime').val(), + //minDate: $j('#minTime').val(), +minDate: -7, maxDate: +0, constrainInput: false, onClose: function(newDate, oldData) { From 39620c01ff12ad1da1f065c716344d91c956caee Mon Sep 17 00:00:00 2001 From: Isaac Connor Date: Mon, 26 Aug 2019 16:37:32 -0400 Subject: [PATCH 467/922] Add rescaling of pkt pts/dts from audio_out_ctx to audio_out_stream --- src/zm_videostore.cpp | 9 +++++++++ 1 file changed, 9 insertions(+) diff --git a/src/zm_videostore.cpp b/src/zm_videostore.cpp index 29bbb67e5..0523b3e85 100644 --- a/src/zm_videostore.cpp +++ b/src/zm_videostore.cpp @@ -1147,6 +1147,15 @@ int VideoStore::writeAudioFramePacket(AVPacket *ipkt) { } else { opkt.dts = AV_NOPTS_VALUE; } +#else + opkt.pts = av_rescale_q( + opkt.pts, + audio_out_ctx->time_base, + audio_out_stream->time_base); + opkt.dts = av_rescale_q( + opkt.dts, + audio_out_ctx->time_base, + audio_out_stream->time_base); #endif } else { From 231c9c3902422ea190b4426ee15a9536dad4565a Mon Sep 17 00:00:00 2001 From: Isaac Connor Date: Mon, 26 Aug 2019 18:48:34 -0400 Subject: [PATCH 468/922] move executeFilter to Filter->execute. If no changes have been made, don't make a tempfilter. --- web/includes/Filter.php | 5 +++++ web/includes/actions/filter.php | 24 ++++++++++-------------- web/includes/functions.php | 7 ------- web/skins/classic/views/js/filter.js | 6 +++++- 4 files changed, 20 insertions(+), 22 deletions(-) diff --git a/web/includes/Filter.php b/web/includes/Filter.php index fbe877d7e..4024460f5 100644 --- a/web/includes/Filter.php +++ b/web/includes/Filter.php @@ -167,6 +167,11 @@ class Filter extends ZM_Object { } # end if local or remote } # end foreach erver } # end function control + public function execute() { + $command = ZM_PATH_BIN.'/zmfilter.pl --filter_id '.escapeshellarg($this->Id()); + $result = exec($command, $output, $status); + return $status; + } } # end class Filter diff --git a/web/includes/actions/filter.php b/web/includes/actions/filter.php index 2e1f282c7..a8435c504 100644 --- a/web/includes/actions/filter.php +++ b/web/includes/actions/filter.php @@ -50,14 +50,6 @@ if ( isset($_REQUEST['object']) and ( $_REQUEST['object'] == 'filter' ) ) { $_REQUEST['filter']['Query']['sort_field'] = validStr($_REQUEST['filter']['Query']['sort_field']); $_REQUEST['filter']['Query']['sort_asc'] = validStr($_REQUEST['filter']['Query']['sort_asc']); $_REQUEST['filter']['Query']['limit'] = validInt($_REQUEST['filter']['Query']['limit']); - if ( $action == 'execute' ) { - $_REQUEST['filter']['Name'] = '_TempFilter'.time(); - unset($_REQUEST['Id']); - #$tempFilterName = '_TempFilter'.time(); - #$sql .= ' Name = \''.$tempFilterName.'\''; - #} else { - #$sql .= ' Name = '.dbEscape($_REQUEST['filter']['Name']); - } $_REQUEST['filter']['AutoCopy'] = empty($_REQUEST['filter']['AutoCopy']) ? 0 : 1; $_REQUEST['filter']['AutoMove'] = empty($_REQUEST['filter']['AutoMove']) ? 0 : 1; @@ -102,11 +94,12 @@ if ( isset($_REQUEST['object']) and ( $_REQUEST['object'] == 'filter' ) ) { if ( $filter->Background() ) $filter->control('stop'); } else { - # COuld be execute - if ( 0 ) { - dbQuery('INSERT INTO Filters SET'.$sql); - $_REQUEST['Id'] = dbInsertId(); - $filter = new ZM\Filter($_REQUEST['Id']); + + if ( $action == 'execute' ) { + if ( count($changes) ) { + $filter->Name('_TempFilter'.time()); + $filter->Id(null); + } } $filter->save($changes); } @@ -114,7 +107,10 @@ if ( isset($_REQUEST['object']) and ( $_REQUEST['object'] == 'filter' ) ) { $filter->control('start'); if ( $action == 'execute' ) { - executeFilter($_REQUEST['Id']); + $filter->execute(); + if ( count($changes) ) + $filter->delete(); + $view = 'events'; } diff --git a/web/includes/functions.php b/web/includes/functions.php index f4e2c8f37..24a97e294 100644 --- a/web/includes/functions.php +++ b/web/includes/functions.php @@ -973,13 +973,6 @@ Logger::Debug("generating Video $command: result($result outptu:(".implode("\n", return( $status?"":rtrim($result) ); } -function executeFilter( $filter_id ) { - $command = ZM_PATH_BIN.'/zmfilter.pl --filter_id '.escapeshellarg($filter_id); - $result = exec($command, $output, $status); - dbQuery('DELETE FROM Filters WHERE Id=?', array($filter_id)); - return $status; -} - # This takes more than one scale amount, so it runs through each and alters dimension. # I can't imagine why you would want to do that. function reScale( $dimension, $dummy ) { diff --git a/web/skins/classic/views/js/filter.js b/web/skins/classic/views/js/filter.js index 99e8a9c03..cfc284ab2 100644 --- a/web/skins/classic/views/js/filter.js +++ b/web/skins/classic/views/js/filter.js @@ -30,13 +30,17 @@ function validateForm( form ) { function updateButtons(element) { var form = element.form; - + console.log(element); if ( element.type == 'checkbox' && element.checked ) { form.elements['executeButton'].disabled = false; } else { var canExecute = false; if ( form.elements['filter[AutoArchive]'] && form.elements['filter[AutoArchive]'].checked ) { canExecute = true; + } else if ( form.elements['filter[AutoCopy]'] && form.elements['filter[AutoCopy]'].checked ) { + canExecute = true; + } else if ( form.elements['filter[AutoMove]'] && form.elements['filter[AutoMove]'].checked ) { + canExecute = true; } else if ( form.elements['filter[AutoVideo]'] && form.elements['filter[AutoVideo]'].checked ) { canExecute = true; } else if ( form.elements['filter[AutoUpload]'] && form.elements['filter[AutoUpload]'].checked ) { From 1e91f5501ec789495922b7b5d4a8cdee4997de58 Mon Sep 17 00:00:00 2001 From: Isaac Connor Date: Mon, 26 Aug 2019 20:44:59 -0400 Subject: [PATCH 469/922] MOre debug, fix problems with S3 upload --- scripts/ZoneMinder/lib/ZoneMinder/Event.pm | 18 ++++++++++++------ 1 file changed, 12 insertions(+), 6 deletions(-) diff --git a/scripts/ZoneMinder/lib/ZoneMinder/Event.pm b/scripts/ZoneMinder/lib/ZoneMinder/Event.pm index 0b61cd25f..16507870f 100644 --- a/scripts/ZoneMinder/lib/ZoneMinder/Event.pm +++ b/scripts/ZoneMinder/lib/ZoneMinder/Event.pm @@ -547,6 +547,8 @@ sub CopyTo { return "New path ($NewPath) is empty."; } elsif ( ! -e $NewPath ) { return "New path $NewPath does not exist."; + } else { + Debug("$NewPath is good"); } $ZoneMinder::Database::dbh->begin_work(); @@ -562,8 +564,9 @@ sub CopyTo { return 'Old Storage path changed, Event has moved somewhere else.'; } - $NewPath .= $self->Relative_Path(); - $NewPath = ( $NewPath =~ /^(.*)$/ ); # De-taint + Debug("Relative Path: " . $self->RelativePath()); + $NewPath .= '/'.$self->RelativePath(); + ($NewPath) = ( $NewPath =~ /^(.*)$/ ); # De-taint if ( $NewPath eq $OldPath ) { $ZoneMinder::Database::dbh->commit(); return "New path and old path are the same! $NewPath"; @@ -590,10 +593,12 @@ sub CopyTo { die; } - my $event_path = $self->RelativePath(); - Debug("Making directory $event_path/"); - if ( ! $bucket->add_key($event_path.'/', '') ) { - die "Unable to add key for $event_path/"; + if ( 0 ) { # Not neccessary + my $event_path = $self->RelativePath(); + Debug("Making directory $event_path/"); + if ( ! $bucket->add_key($event_path.'/', '') ) { + Warning( "Unable to add key for $event_path/"); + } } my @files = glob("$OldPath/*"); @@ -618,6 +623,7 @@ sub CopyTo { die "Unable to add key for $filename"; } } else { + my $filename = $event_path.'/'.File::Basename::basename($file); if ( ! $bucket->add_key_filename($filename, $file) ) { die "Unable to add key for $filename"; } From cd883e23b88a2652aac6bbb64265391212780b29 Mon Sep 17 00:00:00 2001 From: Isaac Connor Date: Mon, 26 Aug 2019 20:45:20 -0400 Subject: [PATCH 470/922] Extend inputs to full width on storage popup --- web/skins/classic/css/base/views/storage.css | 4 +++- 1 file changed, 3 insertions(+), 1 deletion(-) diff --git a/web/skins/classic/css/base/views/storage.css b/web/skins/classic/css/base/views/storage.css index afb83e441..9a3c1bcdd 100644 --- a/web/skins/classic/css/base/views/storage.css +++ b/web/skins/classic/css/base/views/storage.css @@ -1,3 +1,5 @@ -input[type="url"] { +input[name="newStorage[Name]"], +input[name="newStorage[Path]"], +input[name="newStorage[Url]"] { width: 100%; } From c482fa7d5d8e3c5fd7af519a567f1fddcafac8da Mon Sep 17 00:00:00 2001 From: Isaac Connor Date: Mon, 26 Aug 2019 20:45:38 -0400 Subject: [PATCH 471/922] Fix executing filter --- web/includes/Filter.php | 3 ++- 1 file changed, 2 insertions(+), 1 deletion(-) diff --git a/web/includes/Filter.php b/web/includes/Filter.php index 4024460f5..3835b0ccb 100644 --- a/web/includes/Filter.php +++ b/web/includes/Filter.php @@ -168,8 +168,9 @@ class Filter extends ZM_Object { } # end foreach erver } # end function control public function execute() { - $command = ZM_PATH_BIN.'/zmfilter.pl --filter_id '.escapeshellarg($this->Id()); + $command = ZM_PATH_BIN.'/zmfilter.pl --filter_id='.escapeshellarg($this->Id()); $result = exec($command, $output, $status); + Logger::Debug("$command status:$status output:".implode("\n", $output)); return $status; } From 561fcfac7d02549dc5f9c7c5f7dd6bb8d8b479c4 Mon Sep 17 00:00:00 2001 From: Isaac Connor Date: Tue, 27 Aug 2019 10:01:01 -0400 Subject: [PATCH 472/922] Fix --- scripts/ZoneMinder/lib/ZoneMinder/Event.pm | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/scripts/ZoneMinder/lib/ZoneMinder/Event.pm b/scripts/ZoneMinder/lib/ZoneMinder/Event.pm index 16507870f..35c9190ff 100644 --- a/scripts/ZoneMinder/lib/ZoneMinder/Event.pm +++ b/scripts/ZoneMinder/lib/ZoneMinder/Event.pm @@ -593,8 +593,8 @@ sub CopyTo { die; } + my $event_path = $self->RelativePath(); if ( 0 ) { # Not neccessary - my $event_path = $self->RelativePath(); Debug("Making directory $event_path/"); if ( ! $bucket->add_key($event_path.'/', '') ) { Warning( "Unable to add key for $event_path/"); From b0b27a24aaa4b0b4844e3396f8ace84479ed4d1c Mon Sep 17 00:00:00 2001 From: Isaac Connor Date: Tue, 27 Aug 2019 13:11:38 -0400 Subject: [PATCH 473/922] Add errstr reporting on add_key_filename failure --- scripts/ZoneMinder/lib/ZoneMinder/Event.pm | 7 +++---- 1 file changed, 3 insertions(+), 4 deletions(-) diff --git a/scripts/ZoneMinder/lib/ZoneMinder/Event.pm b/scripts/ZoneMinder/lib/ZoneMinder/Event.pm index 35c9190ff..186668701 100644 --- a/scripts/ZoneMinder/lib/ZoneMinder/Event.pm +++ b/scripts/ZoneMinder/lib/ZoneMinder/Event.pm @@ -596,8 +596,8 @@ sub CopyTo { my $event_path = $self->RelativePath(); if ( 0 ) { # Not neccessary Debug("Making directory $event_path/"); - if ( ! $bucket->add_key($event_path.'/', '') ) { - Warning( "Unable to add key for $event_path/"); + if ( !$bucket->add_key($event_path.'/', '') ) { + Warning("Unable to add key for $event_path/"); } } @@ -625,11 +625,10 @@ sub CopyTo { } else { my $filename = $event_path.'/'.File::Basename::basename($file); if ( ! $bucket->add_key_filename($filename, $file) ) { - die "Unable to add key for $filename"; + die "Unable to add key for $filename " . $s3->err . ': '. $s3->errstr; } } - my $duration = tv_interval($starttime); Debug('PUT to S3 ' . Number::Bytes::Human::format_bytes($size) . " in $duration seconds = " . Number::Bytes::Human::format_bytes($duration?$size/$duration:$size) . '/sec'); } # end foreach file. From 547ee749e60c75c04ee46c63ed3ed13c3d0e01a9 Mon Sep 17 00:00:00 2001 From: Isaac Connor Date: Tue, 27 Aug 2019 13:52:25 -0400 Subject: [PATCH 474/922] Test for Storage existing when generating path --- scripts/ZoneMinder/lib/ZoneMinder/Event.pm | 6 +++++- 1 file changed, 5 insertions(+), 1 deletion(-) diff --git a/scripts/ZoneMinder/lib/ZoneMinder/Event.pm b/scripts/ZoneMinder/lib/ZoneMinder/Event.pm index 25cfebb5c..d99aaee04 100644 --- a/scripts/ZoneMinder/lib/ZoneMinder/Event.pm +++ b/scripts/ZoneMinder/lib/ZoneMinder/Event.pm @@ -133,7 +133,11 @@ sub Path { if ( ! $$event{Path} ) { my $Storage = $event->Storage(); - $$event{Path} = join('/', $Storage->Path(), $event->RelativePath()); + if ( $Storage->Id() ) { + $$event{Path} = join('/', $Storage->Path(), $event->RelativePath()); + } else { + Error("Storage area for $$event{StorageId} no longer exists in db."); + } } return $$event{Path}; } From 796b99cd5bbaec90fa510565921ce05af17a55f8 Mon Sep 17 00:00:00 2001 From: Isaac Connor Date: Tue, 27 Aug 2019 13:52:52 -0400 Subject: [PATCH 475/922] When no results from Object->load, clear the id in the object --- scripts/ZoneMinder/lib/ZoneMinder/Object.pm | 1 + 1 file changed, 1 insertion(+) diff --git a/scripts/ZoneMinder/lib/ZoneMinder/Object.pm b/scripts/ZoneMinder/lib/ZoneMinder/Object.pm index b1d3c3cde..569b3de9d 100644 --- a/scripts/ZoneMinder/lib/ZoneMinder/Object.pm +++ b/scripts/ZoneMinder/lib/ZoneMinder/Object.pm @@ -120,6 +120,7 @@ sub load { } else { Debug("No Results Loading $type from $table WHERE $primary_key = $$self{$primary_key}"); } # end if + delete $$self{$primary_key}; } # end if } # end if } # end if ! $data From bf404212032b033fe2a20e77813e0688ac0b17b1 Mon Sep 17 00:00:00 2001 From: Isaac Connor Date: Tue, 27 Aug 2019 13:54:19 -0400 Subject: [PATCH 476/922] Turn on debugging in Event --- scripts/ZoneMinder/lib/ZoneMinder/Event.pm | 3 ++- 1 file changed, 2 insertions(+), 1 deletion(-) diff --git a/scripts/ZoneMinder/lib/ZoneMinder/Event.pm b/scripts/ZoneMinder/lib/ZoneMinder/Event.pm index d99aaee04..231c6d443 100644 --- a/scripts/ZoneMinder/lib/ZoneMinder/Event.pm +++ b/scripts/ZoneMinder/lib/ZoneMinder/Event.pm @@ -56,7 +56,8 @@ use ZoneMinder::Config qw(:all); use ZoneMinder::Logger qw(:all); use ZoneMinder::Database qw(:all); -use vars qw/ $table $primary_key %fields $serial @identified_by %defaults/; +use vars qw/ $table $primary_key %fields $serial @identified_by %defaults $debug/; +$debug = 1; $table = 'Events'; @identified_by = ('Id'); $serial = $primary_key = 'Id'; From 35d3a7d4fa366a5e6030958bad9f9bd0aa876a92 Mon Sep 17 00:00:00 2001 From: Isaac Connor Date: Tue, 27 Aug 2019 15:17:18 -0400 Subject: [PATCH 477/922] introduce files, has_capture_jpegs and has_analyse_jpegs functions to use in zmaudit. Improve delete debugging output --- scripts/ZoneMinder/lib/ZoneMinder/Event.pm | 29 +++++++++++++++++++++- 1 file changed, 28 insertions(+), 1 deletion(-) diff --git a/scripts/ZoneMinder/lib/ZoneMinder/Event.pm b/scripts/ZoneMinder/lib/ZoneMinder/Event.pm index 8615cd8ae..7eeebf6db 100644 --- a/scripts/ZoneMinder/lib/ZoneMinder/Event.pm +++ b/scripts/ZoneMinder/lib/ZoneMinder/Event.pm @@ -370,7 +370,7 @@ sub delete { if ( $$event{Id} ) { # Need to have an event Id if we are to delete from the db. - Info("Deleting event $event->{Id} from Monitor $event->{MonitorId} StartTime:$event->{StartTime}"); + Info("Deleting event $event->{Id} from Monitor $event->{MonitorId} StartTime:$event->{StartTime} from ".$event->Path()); $ZoneMinder::Database::dbh->ping(); $ZoneMinder::Database::dbh->begin_work(); @@ -800,6 +800,33 @@ sub recover_timestamps { } } +sub files { + my $self = shift; + + if ( ! $$self{files} ) { + if ( ! opendir(DIR, $self->Path() ) ) { + Error("Can't open directory '$$self{Path}': $!"); + return; + } + @{$$self{files}} = readdir(DIR); + Debug('Have ' . @{$$self{files}} . " files in $$self{Path}"); + closedir(DIR); + } + return @{$$self{files}}; +} + +sub has_capture_jpegs { + @{$_[0]{capture_jpegs}} = grep(/^\d+\-capture\.jpg$/, $_[0]->files()); + Debug("have " . @{$_[0]{capture_jpegs}} . " capture jpegs"); + return @{$_[0]{capture_jpegs}} ? 1 : 0; +} + +sub has_analyse_jpegs { + @{$_[0]{analyse_jpegs}} = grep(/^\d+\-analyse\.jpg$/, $_[0]->files()); + Debug("have " . @{$_[0]{analyse_jpegs}} . " analyse jpegs"); + return @{$_[0]{analyse_jpegs}} ? 1 : 0; +} + 1; __END__ From da15d1b6d6f164ccc8c7fba11be474b1d4611fa4 Mon Sep 17 00:00:00 2001 From: Isaac Connor Date: Tue, 27 Aug 2019 15:18:28 -0400 Subject: [PATCH 478/922] add a check when saveJPEGs isn't set to determine whether jpegs exist and update saveJPEGs appropriately --- scripts/zmaudit.pl.in | 84 ++++++++++++++++++++++++++++++------------- 1 file changed, 59 insertions(+), 25 deletions(-) diff --git a/scripts/zmaudit.pl.in b/scripts/zmaudit.pl.in index 14ddcf11e..cfe6a8dbb 100644 --- a/scripts/zmaudit.pl.in +++ b/scripts/zmaudit.pl.in @@ -222,7 +222,7 @@ MAIN: while( $loop ) { while ( my $event = $eventSelectSth->fetchrow_hashref() ) { $db_events->{$event->{Id}} = $event->{Age}; } - Debug( 'Got '.int(keys(%$db_events))." events for monitor $monitor->{Id}" ); + Debug('Got '.int(keys(%$db_events))." events for monitor $monitor->{Id} using $eventSelectSql"); } # end while monitors my $fs_monitors; @@ -245,7 +245,7 @@ MAIN: while( $loop ) { next; } - Debug( "Found filesystem monitor '$monitor'" ); + Debug("Found filesystem monitor '$monitor'"); $fs_monitors->{$monitor} = {} if ! $fs_monitors->{$monitor}; my $fs_events = $fs_monitors->{$monitor}; @@ -256,19 +256,19 @@ MAIN: while( $loop ) { my @day_dirs = glob("$monitor_dir/[0-9][0-9]/[0-9][0-9]/[0-9][0-9]"); Debug(qq`Checking for Deep Events under $$Storage{Path} using glob("$monitor_dir/[0-9][0-9]/[0-9][0-9]/[0-9][0-9]") returned `. scalar @day_dirs . ' events'); foreach my $day_dir ( @day_dirs ) { - Debug( "Checking day dir $day_dir" ); + Debug("Checking day dir $day_dir"); ( $day_dir ) = ( $day_dir =~ /^(.*)$/ ); # De-taint if ( !chdir($day_dir) ) { Error("Can't chdir to '$$Storage{Path}/$day_dir': $!"); next; } - if ( ! opendir(DIR, '.') ) { + if ( !opendir(DIR, '.') ) { Error("Can't open directory '$$Storage{Path}/$day_dir': $!"); next; } my %event_ids_by_path; - my @event_links = sort { $b <=> $a } grep { -l $_ } readdir( DIR ); + my @event_links = sort { $b <=> $a } grep { -l $_ } readdir(DIR); Debug("Have " . @event_links . ' event links'); closedir(DIR); @@ -280,9 +280,9 @@ MAIN: while( $loop ) { Warning("Non-event link found $event_link in $day_dir, skipping"); next; } - Debug("Checking link $event_link"); #Event path is hour/minute/sec my $event_path = readlink($event_link); + Debug("Checking link $event_link points to: $event_path"); if ( !($event_path and -e $event_path) ) { aud_print("Event link $day_dir/$event_link does not point to valid target at $event_path"); @@ -294,15 +294,50 @@ MAIN: while( $loop ) { } else { $event_ids_by_path{$event_path} = $event_id; - Debug("Checking link $event_link points to $event_path "); - my $Event = $fs_events->{$event_id} = new ZoneMinder::Event(); - $$Event{Id} = $event_id; - $$Event{Path} = join('/', $Storage->Path(), $day_dir, $event_path); - $$Event{RelativePath} = join('/', $day_dir, $event_path); - $$Event{Scheme} = 'Deep'; - $Event->MonitorId( $monitor_dir ); - $Event->StorageId( $Storage->Id() ); - $Event->DiskSpace( undef ); + my $Event = $fs_events->{$event_id} = ZoneMinder::Event->find_one(Id=>$event_id); + if ( ! $Event ) { + $Event = $fs_events->{$event_id} = new ZoneMinder::Event(); + $$Event{Id} = $event_id; + $$Event{Path} = join('/', $Storage->Path(), $day_dir, $event_path); + $$Event{RelativePath} = join('/', $day_dir, $event_path); + $$Event{Scheme} = 'Deep'; + $Event->MonitorId( $monitor_dir ); + $Event->StorageId( $Storage->Id() ); + $Event->DiskSpace( undef ); + } else { + my $full_path = join('/', $Storage->Path(), $day_dir, $event_path); +# Check storage id + if ( !$Event->Storage()->Id() ) { + Info("Correcting StorageId for event $$Event{Id} from $$Event{StorageId} $$Event{Path} to $$Storage{Id} $full_path"); + $Event->save({ StorageId=>$Storage->Id() }); + $Event->Path(undef); + } else { + + if ( $Event->Path() ne $full_path ) { + if ( ! (-e $Event->Path()) ) { + if ( $Event->StorageId() != $Storage->Id() ) { + Info("Correcting Storge Id for event $$Event{Id} from $$Event{StorageId} $$Event{Path} to $$Storage{Id} $full_path"); + $Event->save({ StorageId=>$Storage->Id() }); + $Event->Path(undef); + } + } else { + Info("Not updating path to event due to it existing at both $$Event{Path} and $event_path"); + } + } # end if change of storage id + } # end if valid storage id + } # end if event found + + if ( ! $Event->SaveJPEGs() ) { + my $saveJPegs = ( $Event->has_capture_jpegs() ? 1 : 0 ) | ( $Event->has_analyse_jpegs() ? 2 : 0 ); + + if ( $Event->SaveJPEGs( + ( $Event->has_capture_jpegs() ? 1 : 0 ) | ( $Event->has_analyse_jpegs() ? 2 : 0 ) + ) ) { + Info("Updated Event $$Event{Id} SaveJPEGs to " . $Event->SaveJPEGs()); + $Event->save(); + } + } + } # event path exists } # end foreach event_link @@ -314,14 +349,11 @@ MAIN: while( $loop ) { ( $event_dir ) = ( $event_dir =~ /^(.*)$/ ); # De-taint my $event_id = undef; + my $Event = new ZoneMinder::Event(); + $$Event{Path} = join('/', $Storage->Path(), $day_dir, $event_dir); - if ( ! opendir(DIR, $event_dir) ) { - Error("Can't open directory '$$Storage{Path}/$day_dir': $!"); - next; - } - my @contents = readdir( DIR ); + my @contents = $Event->files(); Debug("Have " . @contents . " files in $day_dir/$event_dir"); - closedir(DIR); my @mp4_files = grep( /^\d+\-video.mp4$/, @contents); foreach my $mp4_file ( @mp4_files ) { @@ -332,25 +364,27 @@ MAIN: while( $loop ) { last; } } - + if ( ! $event_id ) { # Look for .id file my @hidden_files = grep( /^\.\d+$/, @contents); - Debug("Have " . @hidden_files . ' hidden files'); + Debug('Have ' . @hidden_files . ' hidden files'); if ( @hidden_files ) { ( $event_id ) = $hidden_files[0] =~ /^.(\d+)$/; } } if ( $event_id and ! $fs_events->{$event_id} ) { - my $Event = $fs_events->{$event_id} = new ZoneMinder::Event(); + $fs_events->{$event_id} = $Event; $$Event{Id} = $event_id; - $$Event{Path} = join('/', $Storage->Path(), $day_dir, $event_dir); $$Event{RelativePath} = join('/', $day_dir, $event_dir); $$Event{Scheme} = 'Deep'; $Event->MonitorId( $monitor_dir ); $Event->StorageId( $Storage->Id() ); $Event->DiskSpace( undef ); + $Event->SaveJPEGs( + ( $Event->has_capture_jpegs() ? 1 : 0 ) | ( $Event->has_analyse_jpegs() ? 2 : 0 ) + ); if ( ! $event_ids_by_path{$event_dir} ) { Warning("No event link found at ".$Event->LinkPath() ." for " . $Event->to_string()); } From d7d2c140a05549cae6e9f122ebafc3d7f32dd655 Mon Sep 17 00:00:00 2001 From: Isaac Connor Date: Tue, 27 Aug 2019 15:19:18 -0400 Subject: [PATCH 479/922] Use index to server hosting storage where event is saved to talk to zms --- web/skins/classic/views/js/event.js.php | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/web/skins/classic/views/js/event.js.php b/web/skins/classic/views/js/event.js.php index c4d808bca..3dae5abfe 100644 --- a/web/skins/classic/views/js/event.js.php +++ b/web/skins/classic/views/js/event.js.php @@ -36,7 +36,7 @@ var eventData = { Frames: 'Frames() ?>', MonitorName: 'Name() ?>' }; -var monitorUrl = 'UrlToIndex(); ?>'; +var monitorUrl = 'Storage()->Server()->UrlToIndex(); ?>'; var filterQuery = ''; var sortQuery = ''; From 41fb11d776f891ede026494e34ed807f0eece327 Mon Sep 17 00:00:00 2001 From: Isaac Connor Date: Tue, 27 Aug 2019 15:19:38 -0400 Subject: [PATCH 480/922] Fix Arched lacking () so not working --- web/skins/classic/views/event.php | 4 ++-- 1 file changed, 2 insertions(+), 2 deletions(-) diff --git a/web/skins/classic/views/event.php b/web/skins/classic/views/event.php index f0a6e343c..2607d18f8 100644 --- a/web/skins/classic/views/event.php +++ b/web/skins/classic/views/event.php @@ -152,8 +152,8 @@ if ( canEdit('Events') ) { ?>
-
Archived == 1 ? ' class="hidden"' : '' ?>>
-
Archived == 0 ? ' class="hidden"' : '' ?>>
+
Archived() == 1 ? ' class="hidden"' : '' ?>>
+
Archived() == 0 ? ' class="hidden"' : '' ?>>
From cdb8e056b64b096df6fb8e842d5b3fc79eb83a97 Mon Sep 17 00:00:00 2001 From: Isaac Connor Date: Tue, 27 Aug 2019 15:20:30 -0400 Subject: [PATCH 481/922] Turn off debug in Event --- scripts/ZoneMinder/lib/ZoneMinder/Event.pm | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/scripts/ZoneMinder/lib/ZoneMinder/Event.pm b/scripts/ZoneMinder/lib/ZoneMinder/Event.pm index 7eeebf6db..80929cac6 100644 --- a/scripts/ZoneMinder/lib/ZoneMinder/Event.pm +++ b/scripts/ZoneMinder/lib/ZoneMinder/Event.pm @@ -57,7 +57,7 @@ use ZoneMinder::Logger qw(:all); use ZoneMinder::Database qw(:all); use vars qw/ $table $primary_key %fields $serial @identified_by %defaults $debug/; -$debug = 1; +$debug = 0; $table = 'Events'; @identified_by = ('Id'); $serial = $primary_key = 'Id'; From dfb65d23bf4865c925bdcc8099a0317169f90ed8 Mon Sep 17 00:00:00 2001 From: Isaac Connor Date: Tue, 27 Aug 2019 16:48:42 -0400 Subject: [PATCH 482/922] Fix eslint warnings --- web/skins/classic/views/js/event.js | 24 +++++++++++---------- web/skins/classic/views/js/montagereview.js | 7 +++--- 2 files changed, 16 insertions(+), 15 deletions(-) diff --git a/web/skins/classic/views/js/event.js b/web/skins/classic/views/js/event.js index d762b53d9..ffd4df259 100644 --- a/web/skins/classic/views/js/event.js +++ b/web/skins/classic/views/js/event.js @@ -201,8 +201,9 @@ function changeReplayMode() { } var streamParms = "view=request&request=stream&connkey="+connKey; -if ( auth_hash ) - streamParms += '&auth='+auth_hash; +if ( auth_hash ) { + streamParms += '&auth='+auth_hash; +} var streamCmdTimer = null; var streamStatus = null; @@ -312,7 +313,6 @@ function playClicked( ) { vjsPlay(); //handles fast forward and rewind } } else { -console.log("sending"+streamParms+"&command="+CMD_PLAY); streamReq.send(streamParms+"&command="+CMD_PLAY); streamPlay(); } @@ -600,8 +600,9 @@ var eventReq = new Request.JSON( {url: thisUrl, method: 'get', timeout: AJAX_TIM function eventQuery( eventId ) { var eventParms = "view=request&request=status&entity=event&id="+eventId; - if ( auth_hash ) - eventParms += '&auth='+auth_hash; + if ( auth_hash ) { + eventParms += '&auth='+auth_hash; + } eventReq.send( eventParms ); } @@ -900,14 +901,15 @@ function getActResponse( respObj, respText ) { var actReq = new Request.JSON( {url: thisUrl, method: 'get', timeout: AJAX_TIMEOUT, link: 'cancel', onSuccess: getActResponse} ); -function actQuery( action, parms ) { +function actQuery(action, parms) { var actParms = "view=request&request=event&id="+eventData.Id+"&action="+action; - if ( auth_hash ) - actParms += '&auth='+auth_hash; - if ( parms != null ) { - actParms += "&"+Object.toQueryString( parms ); + if ( auth_hash ) { + actParms += '&auth='+auth_hash; } - actReq.send( actParms ); + if ( parms != null ) { + actParms += "&"+Object.toQueryString(parms); + } + actReq.send(actParms); } function deleteEvent() { diff --git a/web/skins/classic/views/js/montagereview.js b/web/skins/classic/views/js/montagereview.js index bc06deeba..b543770d7 100644 --- a/web/skins/classic/views/js/montagereview.js +++ b/web/skins/classic/views/js/montagereview.js @@ -155,9 +155,8 @@ function getImageSource(monId, time) { frame_id = Frame.FrameId + parseInt( (NextFrame.FrameId-Frame.FrameId) * ( time-Frame.TimeStampSecs )/duration ); //console.log("Have NextFrame: duration: " + duration + " frame_id = " + frame_id + " from " + NextFrame.FrameId + ' - ' + Frame.FrameId + " time: " + (time-Frame.TimeStampSecs) ); } else { - frame_id = Frame.FrameId; - } - + frame_id = Frame.FrameId; + } } else { frame_id = Frame.FrameId; console.log("No NextFrame"); @@ -1011,7 +1010,7 @@ function initPage() { timeFormat: "HH:mm:ss", dateFormat: "yy-mm-dd", //minDate: $j('#minTime').val(), -minDate: -7, + minDate: -7, maxDate: +0, constrainInput: false, onClose: function(newDate, oldData) { From 9b3fecd7a022154c0d34e1b86d824586c8c9fbed Mon Sep 17 00:00:00 2001 From: Paulius Gedrikas <16976577+PauliusGedrikas@users.noreply.github.com> Date: Tue, 27 Aug 2019 16:49:03 -0400 Subject: [PATCH 483/922] Fix iOS autocapitalizing username field on login (#2687) I propose removing the auto-capitalization from the username field for Safari under iOS by adding autocapitalize="none" to the username form field. Usernames rarely start with a capital letter, so I think this would be a usability improvement for users logging in through iPhones or iPads. Having to login to ZM under iOS, I've been frustrated at the need to always press on the Caps Lock key on the virtual keyboard to disable the capitalization of the first letter. This is because iOS auto capitalized non-password and non-email HTML form fields. ZM is also case sensitive, so "Admin" will not work if the main user is "admin". --- web/skins/classic/views/login.php | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/web/skins/classic/views/login.php b/web/skins/classic/views/login.php index 42a4090fc..3f31b3a84 100644 --- a/web/skins/classic/views/login.php +++ b/web/skins/classic/views/login.php @@ -19,7 +19,7 @@ xhtmlHeaders(__FILE__, translate('Login') );

account_circle

- + From 91ef4f593250b25c43391337c820f4cc5900b4a4 Mon Sep 17 00:00:00 2001 From: Isaac Connor Date: Wed, 28 Aug 2019 08:51:42 -0400 Subject: [PATCH 484/922] x264 encode works on arm now, so let people choose it --- web/skins/classic/views/monitor.php | 5 +---- 1 file changed, 1 insertion(+), 4 deletions(-) diff --git a/web/skins/classic/views/monitor.php b/web/skins/classic/views/monitor.php index 0ec52a5ac..943c1331c 100644 --- a/web/skins/classic/views/monitor.php +++ b/web/skins/classic/views/monitor.php @@ -950,10 +950,7 @@ if ( $monitor->Type() == 'Local' ) { 0 => 'Disabled', ); - if (stripos(php_uname('m'), 'arm') === false ) - $videowriteropts[1] = 'X264 Encode'; - else - $videowriteropts[1] = array('text'=>'X264 Encode - Not compatible on Arm','disabled'=>1); + $videowriteropts[1] = 'X264 Encode'; if ($monitor->Type() == 'Ffmpeg' ) $videowriteropts[2] = 'H264 Camera Passthrough'; From 403ece42ddf98b2aedcfd44afc1376c0e44cb476 Mon Sep 17 00:00:00 2001 From: Isaac Connor Date: Wed, 28 Aug 2019 09:03:45 -0400 Subject: [PATCH 485/922] fix backticks --- scripts/zmaudit.pl.in | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/scripts/zmaudit.pl.in b/scripts/zmaudit.pl.in index cfe6a8dbb..d751e073c 100644 --- a/scripts/zmaudit.pl.in +++ b/scripts/zmaudit.pl.in @@ -889,7 +889,7 @@ FROM `Frames` WHERE `EventId`=?'; my $eventcounts_sql = ' UPDATE `Monitors` SET - `TotalEvents`=(SELECT COUNT(`Id`) FROM `Events` WHERE `MonitorId`=`Monitors.Id`), + `TotalEvents`=(SELECT COUNT(`Id`) FROM `Events` WHERE `MonitorId`=`Monitors`.`Id`), `TotalEventDiskSpace`=(SELECT SUM(`DiskSpace`) FROM `Events` WHERE `MonitorId`=`Monitors`.`Id` AND `DiskSpace` IS NOT NULL), `ArchivedEvents`=(SELECT COUNT(`Id`) FROM `Events` WHERE `MonitorId`=`Monitors`.`Id` AND `Archived`=1), `ArchivedEventDiskSpace`=(SELECT SUM(`DiskSpace`) FROM `Events` WHERE `MonitorId`=`Monitors`.`Id` AND `Archived`=1 AND `DiskSpace` IS NOT NULL) From 320bf823c5f6bf83f3e53c8e87a81a0b5840319c Mon Sep 17 00:00:00 2001 From: Isaac Connor Date: Wed, 28 Aug 2019 09:18:33 -0400 Subject: [PATCH 486/922] Don't report errors when creating monitor symlink when it already exists --- web/includes/actions/monitor.php | 10 ++++++++-- 1 file changed, 8 insertions(+), 2 deletions(-) diff --git a/web/includes/actions/monitor.php b/web/includes/actions/monitor.php index 9803bad59..5062ad45e 100644 --- a/web/includes/actions/monitor.php +++ b/web/includes/actions/monitor.php @@ -83,6 +83,9 @@ if ( $action == 'monitor' ) { dbQuery('UPDATE Monitors SET '.implode(', ', $changes).' WHERE Id=?', array($mid)); // Groups will be added below if ( isset($changes['Name']) or isset($changes['StorageId']) ) { + // creating symlinks when symlink already exists reports errors, but is perfectly ok + error_reporting(0); + $OldStorage = new ZM\Storage($monitor['StorageId']); $saferOldName = basename($monitor['Name']); if ( file_exists($OldStorage->Path().'/'.$saferOldName) ) @@ -95,8 +98,11 @@ if ( $action == 'monitor' ) { } } $saferNewName = basename($_REQUEST['newMonitor']['Name']); - if ( !symlink($NewStorage->Path().'/'.$mid, $NewStorage->Path().'/'.$saferNewName) ) { - ZM\Warning('Unable to symlink ' . $NewStorage->Path().'/'.$mid . ' to ' . $NewStorage->Path().'/'.$saferNewName); + $link_path = $NewStorage->Path().'/'.$saferNewName; + if ( !symlink($NewStorage->Path().'/'.$mid, $link_path) ) { + if ( ! ( file_exists($link_path) and is_link($link_path) ) ) { + ZM\Warning('Unable to symlink ' . $NewStorage->Path().'/'.$mid . ' to ' . $NewStorage->Path().'/'.$saferNewName); + } } } if ( isset($changes['Width']) || isset($changes['Height']) ) { From c6dd3ffbec8665a79bc0892bd4e62e30a4910745 Mon Sep 17 00:00:00 2001 From: Isaac Connor Date: Wed, 28 Aug 2019 09:19:09 -0400 Subject: [PATCH 487/922] tabs to spaces --- web/skins/classic/views/events.php | 37 +++++++++++++++--------------- 1 file changed, 18 insertions(+), 19 deletions(-) diff --git a/web/skins/classic/views/events.php b/web/skins/classic/views/events.php index fc692169b..8f997f414 100644 --- a/web/skins/classic/views/events.php +++ b/web/skins/classic/views/events.php @@ -28,9 +28,9 @@ require_once('includes/Event.php'); $countSql = 'SELECT count(E.Id) AS EventCount FROM Monitors AS M INNER JOIN Events AS E ON (M.Id = E.MonitorId) WHERE'; $eventsSql = 'SELECT E.*,M.Name AS MonitorName,M.DefaultScale FROM Monitors AS M INNER JOIN Events AS E on (M.Id = E.MonitorId) WHERE'; if ( $user['MonitorIds'] ) { - $user_monitor_ids = ' M.Id in ('.$user['MonitorIds'].')'; - $countSql .= $user_monitor_ids; - $eventsSql .= $user_monitor_ids; + $user_monitor_ids = ' M.Id in ('.$user['MonitorIds'].')'; + $countSql .= $user_monitor_ids; + $eventsSql .= $user_monitor_ids; } else { $countSql .= ' 1'; $eventsSql .= ' 1'; @@ -194,22 +194,21 @@ while ( $event_row = dbFetchNext($results) ) { + Date: Thu, 29 Aug 2019 11:27:58 -0400 Subject: [PATCH 501/922] Turn off event dir creation on S3. It's not neccessary. Allow s3fs:// at the beginning of the S3 url --- scripts/ZoneMinder/lib/ZoneMinder/Event.pm | 10 +++++++--- 1 file changed, 7 insertions(+), 3 deletions(-) diff --git a/scripts/ZoneMinder/lib/ZoneMinder/Event.pm b/scripts/ZoneMinder/lib/ZoneMinder/Event.pm index a6010899c..fc421db17 100644 --- a/scripts/ZoneMinder/lib/ZoneMinder/Event.pm +++ b/scripts/ZoneMinder/lib/ZoneMinder/Event.pm @@ -426,7 +426,9 @@ sub delete_files { my $deleted = 0; if ( $$Storage{Type} and ( $$Storage{Type} eq 's3fs' ) ) { - my ( $aws_id, $aws_secret, $aws_host, $aws_bucket ) = ( $$Storage{Url} =~ /^\s*([^:]+):([^@]+)@([^\/]*)\/(.+)\s*$/ ); + my $url = $$Storage{Url}; + $url =~ s/^(s3|s3fs):\/\///ig; + my ( $aws_id, $aws_secret, $aws_host, $aws_bucket ) = ( $url =~ /^\s*([^:]+):([^@]+)@([^\/]*)\/(.+)\s*$/ ); Debug("S3 url parsed to id:$aws_id secret:$aws_secret host:$aws_host, bucket:$aws_bucket"); eval { require Net::Amazon::S3; @@ -584,7 +586,9 @@ sub CopyTo { if ( $$NewStorage{Type} eq 's3fs' ) { if ( $$NewStorage{Url} ) { - my ( $aws_id, $aws_secret, $aws_host, $aws_bucket ) = ( $$NewStorage{Url} =~ /^\s*([^:]+):([^@]+)@([^\/]*)\/(.+)\s*$/ ); + my $url = $$NewStorage{Url}; + $url =~ s/^(s3|s3fs):\/\///ig; + my ( $aws_id, $aws_secret, $aws_host, $aws_bucket ) = ( $url =~ /^\s*([^:]+):([^@]+)@([^\/]*)\/(.+)\s*$/ ); Debug("S3 url parsed to id:$aws_id secret:$aws_secret host:$aws_host, bucket:$aws_bucket"); if ( $aws_id and $aws_secret and $aws_host and $aws_bucket ) { eval { @@ -603,7 +607,7 @@ sub CopyTo { } my $event_path = $self->RelativePath(); - if ( 1 ) { # Not neccessary + if ( 0 ) { # Not neccessary Debug("Making directory $event_path/"); if ( !$bucket->add_key($event_path.'/', '') ) { Warning("Unable to add key for $event_path/ :". $s3->err . ': '. $s3->errstr()); From d1ac88d3018bb29221763effef489fca9f248690 Mon Sep 17 00:00:00 2001 From: Isaac Connor Date: Thu, 29 Aug 2019 17:55:39 -0400 Subject: [PATCH 502/922] Now you can have a subpath under the S3 bucket --- scripts/ZoneMinder/lib/ZoneMinder/Event.pm | 18 ++++++++++-------- 1 file changed, 10 insertions(+), 8 deletions(-) diff --git a/scripts/ZoneMinder/lib/ZoneMinder/Event.pm b/scripts/ZoneMinder/lib/ZoneMinder/Event.pm index fc421db17..c744d5e57 100644 --- a/scripts/ZoneMinder/lib/ZoneMinder/Event.pm +++ b/scripts/ZoneMinder/lib/ZoneMinder/Event.pm @@ -428,8 +428,8 @@ sub delete_files { if ( $$Storage{Type} and ( $$Storage{Type} eq 's3fs' ) ) { my $url = $$Storage{Url}; $url =~ s/^(s3|s3fs):\/\///ig; - my ( $aws_id, $aws_secret, $aws_host, $aws_bucket ) = ( $url =~ /^\s*([^:]+):([^@]+)@([^\/]*)\/(.+)\s*$/ ); - Debug("S3 url parsed to id:$aws_id secret:$aws_secret host:$aws_host, bucket:$aws_bucket"); + my ( $aws_id, $aws_secret, $aws_host, $aws_bucket, $subpath ) = ( $url =~ /^\s*([^:]+):([^@]+)@([^\/]*)\/([^\/]+)(\/.+)?\s*$/ ); + Debug("S3 url parsed to id:$aws_id secret:$aws_secret host:$aws_host, bucket:$aws_bucket, subpath:$subpath\n from $url"); eval { require Net::Amazon::S3; my $s3 = Net::Amazon::S3->new( { @@ -443,7 +443,7 @@ sub delete_files { Error("S3 bucket $bucket not found."); die; } - if ( $bucket->delete_key($event_path) ) { + if ( $bucket->delete_key($subpath.$event_path) ) { $deleted = 1; } else { Error('Failed to delete from S3:'.$s3->err . ': ' . $s3->errstr); @@ -554,8 +554,10 @@ sub CopyTo { return 'Event is already located at ' . $NewPath; } elsif ( !$NewPath ) { return "New path ($NewPath) is empty."; - } elsif ( ! -e $NewPath ) { - return "New path $NewPath does not exist."; + } elsif ( ($$NewStorage{Type} ne 's3fs' ) and ! -e $NewPath ) { + if ( ! mkdir($NewPath) ) { + return "New path $NewPath does not exist."; + } } else { Debug("$NewPath is good"); } @@ -588,8 +590,8 @@ sub CopyTo { if ( $$NewStorage{Url} ) { my $url = $$NewStorage{Url}; $url =~ s/^(s3|s3fs):\/\///ig; - my ( $aws_id, $aws_secret, $aws_host, $aws_bucket ) = ( $url =~ /^\s*([^:]+):([^@]+)@([^\/]*)\/(.+)\s*$/ ); - Debug("S3 url parsed to id:$aws_id secret:$aws_secret host:$aws_host, bucket:$aws_bucket"); + my ( $aws_id, $aws_secret, $aws_host, $aws_bucket, $subpath ) = ( $url =~ /^\s*([^:]+):([^@]+)@([^\/]*)\/([^\/]+)(\/.+)?\s*$/ ); + Debug("S3 url parsed to id:$aws_id secret:$aws_secret host:$aws_host, bucket:$aws_bucket, subpath:$subpath\n from $url"); if ( $aws_id and $aws_secret and $aws_host and $aws_bucket ) { eval { require Net::Amazon::S3; @@ -606,7 +608,7 @@ sub CopyTo { die; } - my $event_path = $self->RelativePath(); + my $event_path = $subpath.$self->RelativePath(); if ( 0 ) { # Not neccessary Debug("Making directory $event_path/"); if ( !$bucket->add_key($event_path.'/', '') ) { From b84d005d8fb8a2ce047225e400adecc542ecfd7d Mon Sep 17 00:00:00 2001 From: Isaac Connor Date: Tue, 3 Sep 2019 10:54:34 -0400 Subject: [PATCH 503/922] Load use from session when it exists --- web/api/app/Controller/AppController.php | 14 ++++++--- web/includes/auth.php | 40 ++++++++++++++---------- 2 files changed, 33 insertions(+), 21 deletions(-) diff --git a/web/api/app/Controller/AppController.php b/web/api/app/Controller/AppController.php index b6ef078be..889182b90 100644 --- a/web/api/app/Controller/AppController.php +++ b/web/api/app/Controller/AppController.php @@ -93,6 +93,7 @@ class AppController extends Controller { if ( $stateful ) { zm_session_start(); + $_SESSION['remoteAddr'] = $_SERVER['REMOTE_ADDR']; // To help prevent session hijacking $_SESSION['username'] = $user['Username']; if ( ZM_AUTH_RELAY == 'plain' ) { @@ -100,6 +101,14 @@ class AppController extends Controller { $_SESSION['password'] = $_REQUEST['password']; } session_write_close(); + } else if ( $_COOKIE['ZMSESSID'] ) { + # Have a cookie set, try to load user by session + if ( ! is_session_started() ) + zm_session_start(); + else + ZM\Logger::Debug(print_r($_SESSION,true)); + $user = userFromSession(); + session_write_close(); } } @@ -142,10 +151,7 @@ class AppController extends Controller { return; } } # end if ! login or logout - if ($user['APIEnabled'] == 0 ) { - throw new UnauthorizedException(__('API Disabled')); - return; - } + } # end if ZM_OPT_AUTH // make sure populated user object has APIs enabled } # end function beforeFilter() diff --git a/web/includes/auth.php b/web/includes/auth.php index 4ada2afa2..cb8863001 100644 --- a/web/includes/auth.php +++ b/web/includes/auth.php @@ -243,6 +243,28 @@ function canEdit($area, $mid=false) { return ( $user[$area] == 'Edit' && ( !$mid || visibleMonitor($mid) )); } +function userFromSession() { + $user = null; // Not global + if ( isset($_SESSION['username']) ) { + if ( ZM_AUTH_HASH_LOGINS and (ZM_AUTH_RELAY == 'hashed') ) { + # Extra validation, if logged in, then the auth hash will be set in the session, so we can validate it. + # This prevent session modification to switch users + if ( isset($_SESSION['AuthHash'.$_SESSION['remoteAddr']]) ) + $user = getAuthUser($_SESSION['AuthHash'.$_SESSION['remoteAddr']]); + else + ZM\Logger::Debug("No auth hash in session, there should have been"); + + } else { + # Need to refresh permissions and validate that the user still exists + $sql = 'SELECT * FROM Users WHERE Enabled=1 AND Username=?'; + $user = dbFetchOne($sql, NULL, array($_SESSION['username'])); + } + } else { + ZM\Logger::Debug('No username in session'); + } + return $user; +} + if ( ZM_OPT_USE_AUTH ) { if ( !empty($_REQUEST['token']) ) { $ret = validateToken($_REQUEST['token'], 'access'); @@ -250,23 +272,7 @@ if ( ZM_OPT_USE_AUTH ) { } else { // Non token based auth - if ( isset($_SESSION['username']) ) { - if ( ZM_AUTH_HASH_LOGINS and (ZM_AUTH_RELAY == 'hashed') ) { - # Extra validation, if logged in, then the auth hash will be set in the session, so we can validate it. - # This prevent session modification to switch users - if ( isset($_SESSION['AuthHash'.$_SESSION['remoteAddr']]) ) - $user = getAuthUser($_SESSION['AuthHash'.$_SESSION['remoteAddr']]); - else - ZM\Logger::Debug("No auth hash in session, there should have been"); - - } else { - # Need to refresh permissions and validate that the user still exists - $sql = 'SELECT * FROM Users WHERE Enabled=1 AND Username=?'; - $user = dbFetchOne($sql, NULL, array($_SESSION['username'])); - } - } else { - ZM\Logger::Debug("No username in session"); - } + $user = userFromSession(); if ( ZM_AUTH_HASH_LOGINS && empty($user) && !empty($_REQUEST['auth']) ) { $user = getAuthUser($_REQUEST['auth']); From 50aa0108e567d34d603ad3a60b8a91b0cde8cf0a Mon Sep 17 00:00:00 2001 From: Isaac Connor Date: Tue, 3 Sep 2019 11:33:02 -0400 Subject: [PATCH 504/922] Add authhash to session --- web/api/app/Controller/AppController.php | 6 +++--- 1 file changed, 3 insertions(+), 3 deletions(-) diff --git a/web/api/app/Controller/AppController.php b/web/api/app/Controller/AppController.php index 791f4ecac..737dedacf 100644 --- a/web/api/app/Controller/AppController.php +++ b/web/api/app/Controller/AppController.php @@ -91,7 +91,6 @@ class AppController extends Controller { require_once __DIR__ .'/../../../includes/session.php'; $stateful = $this->request->query('stateful') ? $this->request->query('stateful') : $this->request->data('stateful'); if ( $stateful ) { - zm_session_start(); $_SESSION['remoteAddr'] = $_SERVER['REMOTE_ADDR']; // To help prevent session hijacking $_SESSION['username'] = $user['Username']; @@ -99,13 +98,14 @@ class AppController extends Controller { // Need to save this in session, can't use the value in User because it is hashed $_SESSION['password'] = $_REQUEST['password']; } + generateAuthHash(ZM_AUTH_HASH_IPS); session_write_close(); } else if ( $_COOKIE['ZMSESSID'] and !$user ) { # Have a cookie set, try to load user by session if ( ! is_session_started() ) zm_session_start(); - else - ZM\Logger::Debug(print_r($_SESSION,true)); + + ZM\Logger::Debug(print_r($_SESSION, true)); $user = userFromSession(); session_write_close(); } From 92bc1791f597b4721d92c7243af36c21a3daf510 Mon Sep 17 00:00:00 2001 From: Isaac Connor Date: Tue, 3 Sep 2019 11:33:13 -0400 Subject: [PATCH 505/922] fix accidentally removed code --- web/includes/auth.php | 6 +++++- 1 file changed, 5 insertions(+), 1 deletion(-) diff --git a/web/includes/auth.php b/web/includes/auth.php index a45b98bd8..5b4d3c674 100644 --- a/web/includes/auth.php +++ b/web/includes/auth.php @@ -253,7 +253,11 @@ function userFromSession() { $user = getAuthUser($_SESSION['AuthHash'.$_SESSION['remoteAddr']]); else ZM\Logger::Debug("No auth hash in session, there should have been"); - + } else { + # Need to refresh permissions and validate that the user still exists + $sql = 'SELECT * FROM Users WHERE Enabled=1 AND Username=?'; + $user = dbFetchOne($sql, NULL, array($_SESSION['username'])); + } } else { ZM\Logger::Debug('No username in session'); } From 85e0a086b31267e64ba3260824c496d5f653737b Mon Sep 17 00:00:00 2001 From: Isaac Connor Date: Tue, 3 Sep 2019 11:55:37 -0400 Subject: [PATCH 506/922] fixes #2694 --- src/zm_image.cpp | 24 +++++++++++----------- src/zm_mem_utils.h | 50 +++++++++++++++++++++++----------------------- 2 files changed, 37 insertions(+), 37 deletions(-) diff --git a/src/zm_image.cpp b/src/zm_image.cpp index 5640af46b..f8ad1ab70 100644 --- a/src/zm_image.cpp +++ b/src/zm_image.cpp @@ -3237,7 +3237,7 @@ void neon32_armv7_fastblend(const uint8_t* col1, const uint8_t* col2, uint8_t* r __asm__ __volatile__ ( "mov r12, %4\n\t" "vdup.8 q12, r12\n\t" - "neon32_armv7_fastblend_iter:\n\t" + "neon32_armv7_fastblend_iter%=:\n\t" "vldm %0!, {q0,q1,q2,q3}\n\t" "vldm %1!, {q4,q5,q6,q7}\n\t" "pld [%0, #256]\n\t" @@ -3260,7 +3260,7 @@ void neon32_armv7_fastblend(const uint8_t* col1, const uint8_t* col2, uint8_t* r "vadd.i8 q7, q7, q3\n\t" "vstm %2!, {q4,q5,q6,q7}\n\t" "subs %3, %3, #64\n\t" - "bne neon32_armv7_fastblend_iter\n\t" + "bne neon32_armv7_fastblend_iter%=\n\t" : : "r" (col1), "r" (col2), "r" (result), "r" (count), "r" (divider) : "%r12", "%q0", "%q1", "%q2", "%q3", "%q4", "%q5", "%q6", "%q7", "%q8", "%q9", "%q10", "%q11", "%q12", "cc", "memory" @@ -3318,7 +3318,7 @@ __attribute__((noinline)) void neon64_armv8_fastblend(const uint8_t* col1, const __asm__ __volatile__ ( "mov x12, %4\n\t" "dup v28.16b, w12\n\t" - "neon64_armv8_fastblend_iter:\n\t" + "neon64_armv8_fastblend_iter%=:\n\t" "ldp q16, q17, [%0], #32\n\t" "ldp q18, q19, [%0], #32\n\t" "ldp q20, q21, [%1], #32\n\t" @@ -3344,7 +3344,7 @@ __attribute__((noinline)) void neon64_armv8_fastblend(const uint8_t* col1, const "stp q20, q21, [%2], #32\n\t" "stp q22, q23, [%2], #32\n\t" "subs %3, %3, #64\n\t" - "bne neon64_armv8_fastblend_iter\n\t" + "bne neon64_armv8_fastblend_iter%=\n\t" : : "r" (col1), "r" (col2), "r" (result), "r" (count), "r" (divider) : "%x12", "%v16", "%v17", "%v18", "%v19", "%v20", "%v21", "%v22", "%v23", "%v24", "%v25", "%v26", "%v27", "%v28", "cc", "memory" @@ -3702,7 +3702,7 @@ void neon32_armv7_delta8_gray8(const uint8_t* col1, const uint8_t* col2, uint8_t /* Q7(D14,D15) = col2+48 */ __asm__ __volatile__ ( - "neon32_armv7_delta8_gray8_iter:\n\t" + "neon32_armv7_delta8_gray8_iter%=:\n\t" "vldm %0!, {q0,q1,q2,q3}\n\t" "vldm %1!, {q4,q5,q6,q7}\n\t" "pld [%0, #512]\n\t" @@ -3713,7 +3713,7 @@ void neon32_armv7_delta8_gray8(const uint8_t* col1, const uint8_t* col2, uint8_t "vabd.u8 q3, q3, q7\n\t" "vstm %2!, {q0,q1,q2,q3}\n\t" "subs %3, %3, #64\n\t" - "bne neon32_armv7_delta8_gray8_iter\n\t" + "bne neon32_armv7_delta8_gray8_iter%=\n\t" : : "r" (col1), "r" (col2), "r" (result), "r" (count) : "%q0", "%q1", "%q2", "%q3", "%q4", "%q5", "%q6", "%q7", "cc", "memory" @@ -3737,7 +3737,7 @@ __attribute__((noinline)) void neon64_armv8_delta8_gray8(const uint8_t* col1, co /* V23 = col2+48 */ __asm__ __volatile__ ( - "neon64_armv8_delta8_gray8_iter:\n\t" + "neon64_armv8_delta8_gray8_iter%=:\n\t" "ldp q16, q17, [%0], #32\n\t" "ldp q18, q19, [%0], #32\n\t" "ldp q20, q21, [%1], #32\n\t" @@ -3751,7 +3751,7 @@ __attribute__((noinline)) void neon64_armv8_delta8_gray8(const uint8_t* col1, co "stp q16, q17, [%2], #32\n\t" "stp q18, q19, [%2], #32\n\t" "subs %3, %3, #64\n\t" - "bne neon64_armv8_delta8_gray8_iter\n\t" + "bne neon64_armv8_delta8_gray8_iter%=\n\t" : : "r" (col1), "r" (col2), "r" (result), "r" (count) : "%v16", "%v17", "%v18", "%v19", "%v20", "%v21", "%v22", "%v23", "cc", "memory" @@ -3781,7 +3781,7 @@ void neon32_armv7_delta8_rgb32(const uint8_t* col1, const uint8_t* col2, uint8_t __asm__ __volatile__ ( "mov r12, %4\n\t" "vdup.32 q8, r12\n\t" - "neon32_armv7_delta8_rgb32_iter:\n\t" + "neon32_armv7_delta8_rgb32_iter%=:\n\t" "vldm %0!, {q0,q1,q2,q3}\n\t" "vldm %1!, {q4,q5,q6,q7}\n\t" "pld [%0, #256]\n\t" @@ -3808,7 +3808,7 @@ void neon32_armv7_delta8_rgb32(const uint8_t* col1, const uint8_t* col2, uint8_t "vpadd.i8 d3, d6, d6\n\t" "vst4.32 {d0[0],d1[0],d2[0],d3[0]}, [%2]!\n\t" "subs %3, %3, #16\n\t" - "bne neon32_armv7_delta8_rgb32_iter\n\t" + "bne neon32_armv7_delta8_rgb32_iter%=\n\t" : : "r" (col1), "r" (col2), "r" (result), "r" (count), "r" (multiplier) : "%r12", "%q0", "%q1", "%q2", "%q3", "%q4", "%q5", "%q6", "%q7", "%q8", "cc", "memory" @@ -3835,7 +3835,7 @@ __attribute__((noinline)) void neon64_armv8_delta8_rgb32(const uint8_t* col1, co __asm__ __volatile__ ( "mov x12, %4\n\t" "dup v24.4s, w12\n\t" - "neon64_armv8_delta8_rgb32_iter:\n\t" + "neon64_armv8_delta8_rgb32_iter%=:\n\t" "ldp q16, q17, [%0], #32\n\t" "ldp q18, q19, [%0], #32\n\t" "ldp q20, q21, [%1], #32\n\t" @@ -3864,7 +3864,7 @@ __attribute__((noinline)) void neon64_armv8_delta8_rgb32(const uint8_t* col1, co "addp v19.16b, v19.16b, v19.16b\n\t" "st4 {v16.s, v17.s, v18.s, v19.s}[0], [%2], #16\n\t" "subs %3, %3, #16\n\t" - "bne neon64_armv8_delta8_rgb32_iter\n\t" + "bne neon64_armv8_delta8_rgb32_iter%=\n\t" : : "r" (col1), "r" (col2), "r" (result), "r" (count), "r" (multiplier) : "%x12", "%v16", "%v17", "%v18", "%v19", "%v20", "%v21", "%v22", "%v23", "%v24", "cc", "memory" diff --git a/src/zm_mem_utils.h b/src/zm_mem_utils.h index 50809016c..8d841d670 100644 --- a/src/zm_mem_utils.h +++ b/src/zm_mem_utils.h @@ -58,32 +58,32 @@ inline void zm_freealigned(void* ptr) { #endif } -inline char *mempbrk( register const char *s, const char *accept, size_t limit ) { +inline char *mempbrk(const char *s, const char *accept, size_t limit) { if ( limit == 0 || !s || !accept || !*accept ) return 0; - register unsigned int i,j; - size_t acc_len = strlen( accept ); + unsigned int i,j; + size_t acc_len = strlen(accept); for ( i = 0; i < limit; s++, i++ ) { for ( j = 0; j < acc_len; j++ ) { if ( *s == accept[j] ) { - return( (char *)s ); + return (char *)s; } } } - return( 0 ); + return 0; } -inline char *memstr( register const char *s, const char *n, size_t limit ) { +inline char *memstr(const char *s, const char *n, size_t limit) { if ( limit == 0 || !s || !n ) - return( 0 ); + return 0; if ( !*n ) - return( (char *)s ); + return (char *)s; - register unsigned int i,j,k; - size_t n_len = strlen( n ); + unsigned int i,j,k; + size_t n_len = strlen(n); for ( i = 0; i < limit; i++, s++ ) { if ( *s != *n ) @@ -92,23 +92,23 @@ inline char *memstr( register const char *s, const char *n, size_t limit ) { k = 1; while ( true ) { if ( k >= n_len ) - return( (char *)s ); + return (char *)s; if ( s[j++] != n[k++] ) break; } } - return( 0 ); + return 0; } -inline size_t memspn( register const char *s, const char *accept, size_t limit ) { +inline size_t memspn(const char *s, const char *accept, size_t limit) { if ( limit == 0 || !s || !accept || !*accept ) - return( 0 ); + return 0; - register unsigned int i,j; - size_t acc_len = strlen( accept ); + unsigned int i,j; + size_t acc_len = strlen(accept); for ( i = 0; i < limit; s++, i++ ) { - register bool found = false; + bool found = false; for ( j = 0; j < acc_len; j++ ) { if ( *s == accept[j] ) { found = true; @@ -116,30 +116,30 @@ inline size_t memspn( register const char *s, const char *accept, size_t limit ) } } if ( !found ) { - return( i ); + return i; } } - return( limit ); + return limit; } -inline size_t memcspn( register const char *s, const char *reject, size_t limit ) { +inline size_t memcspn(const char *s, const char *reject, size_t limit) { if ( limit == 0 || !s || !reject ) - return( 0 ); + return 0; if ( !*reject ) - return( limit ); + return limit; - register unsigned int i,j; + unsigned int i,j; size_t rej_len = strlen( reject ); for ( i = 0; i < limit; s++, i++ ) { for ( j = 0; j < rej_len; j++ ) { if ( *s == reject[j] ) { - return( i ); + return i; } } } - return( limit ); + return limit; } #endif // ZM_MEM_UTILS_H From 571082ff958f338bb314be7e290de8d9be2fa8bc Mon Sep 17 00:00:00 2001 From: Isaac Connor Date: Tue, 3 Sep 2019 12:55:31 -0400 Subject: [PATCH 507/922] StorageId clears Path --- scripts/zmaudit.pl.in | 4 ++-- 1 file changed, 2 insertions(+), 2 deletions(-) diff --git a/scripts/zmaudit.pl.in b/scripts/zmaudit.pl.in index d751e073c..839b69e0f 100644 --- a/scripts/zmaudit.pl.in +++ b/scripts/zmaudit.pl.in @@ -432,12 +432,12 @@ MAIN: while( $loop ) { } my $Event = $fs_events->{$event_id} = new ZoneMinder::Event(); $$Event{Id} = $event_id; - $$Event{Path} = join('/', $Storage->Path(), $event_dir ); - Debug("Have event $$Event{Id} at $$Event{Path}"); $$Event{Scheme} = 'Medium'; $$Event{RelativePath} = $event_dir; $Event->MonitorId( $monitor_dir ); $Event->StorageId( $Storage->Id() ); + $Event->Path(); + Debug("Have event $$Event{Id} at $$Event{Path}"); $Event->StartTime( POSIX::strftime('%Y-%m-%d %H:%M:%S', gmtime(time_of_youngest_file($Event->Path())) ) ); } # end foreach event } From 16f0ad4f5926d4fa7b0b9f74fcfb47b2af03cdfc Mon Sep 17 00:00:00 2001 From: Isaac Connor Date: Tue, 3 Sep 2019 12:55:45 -0400 Subject: [PATCH 508/922] Fix Monitorid => MonitorId --- web/skins/classic/views/events.php | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/web/skins/classic/views/events.php b/web/skins/classic/views/events.php index d0e3536e1..6636d36e0 100644 --- a/web/skins/classic/views/events.php +++ b/web/skins/classic/views/events.php @@ -192,7 +192,7 @@ while ( $event_row = dbFetchNext($results) ) { Archived()) echo ' class="archived"' ?>> - + '; } // end if ZM_WEB_LIST_THUMBS From 2993e526524b97d85a614c5fb4f36b75cd74d5f8 Mon Sep 17 00:00:00 2001 From: Isaac Connor Date: Wed, 4 Sep 2019 12:14:32 -0400 Subject: [PATCH 513/922] Fix auth timing out due to cookie timing out and getting deleted. --- web/includes/session.php | 10 +++++++++- 1 file changed, 9 insertions(+), 1 deletion(-) diff --git a/web/includes/session.php b/web/includes/session.php index 1e2601f08..8d4c28a68 100644 --- a/web/includes/session.php +++ b/web/includes/session.php @@ -21,11 +21,18 @@ function zm_session_start() { session_start(); $_SESSION['remoteAddr'] = $_SERVER['REMOTE_ADDR']; // To help prevent session hijacking + $now = time(); // Do not allow to use expired session ID - if ( !empty($_SESSION['last_time']) && ($_SESSION['last_time'] < (time() - 180)) ) { + if ( !empty($_SESSION['last_time']) && ($_SESSION['last_time'] < ($now - 180)) ) { ZM\Info('Destroying session due to timeout. '); session_destroy(); session_start(); + } else if ( !empty($_SESSION['generated_at']) ) { + ZM\Logger::Debug("Have generated_at: " . $_SESSION['generated_at']); + if ( $_SESSION['generated_at']<($now-(ZM_COOKIE_LIFETIME/2)) ) { + ZM\Logger::Debug("Regenerating session because generated_at " . $_SESSION['generated_at'] . ' < ' . $now . '-'.ZM_COOKIE_LIFETIME.'/2 = '.($now-ZM_COOKIE_LIFETIME/2)); + zm_session_regenerate_id(); + } } } // function zm_session_start() @@ -44,6 +51,7 @@ function zm_session_regenerate_id() { session_start(); session_regenerate_id(); unset($_SESSION['last_time']); + $_SESSION['generated_at'] = time(); } // function zm_session_regenerate_id() function is_session_started() { From 6b83a62fadf66e9738a6fb40444aacbda902f238 Mon Sep 17 00:00:00 2001 From: Isaac Connor Date: Wed, 4 Sep 2019 13:35:46 -0400 Subject: [PATCH 514/922] allow for StorageId to be 0 --- scripts/ZoneMinder/lib/ZoneMinder/Event.pm | 8 ++++---- 1 file changed, 4 insertions(+), 4 deletions(-) diff --git a/scripts/ZoneMinder/lib/ZoneMinder/Event.pm b/scripts/ZoneMinder/lib/ZoneMinder/Event.pm index c744d5e57..fc19eb7d9 100644 --- a/scripts/ZoneMinder/lib/ZoneMinder/Event.pm +++ b/scripts/ZoneMinder/lib/ZoneMinder/Event.pm @@ -134,7 +134,7 @@ sub Path { if ( ! $$event{Path} ) { my $Storage = $event->Storage(); - if ( $Storage->Id() ) { + if ( defined $Storage->Id() ) { $$event{Path} = join('/', $Storage->Path(), $event->RelativePath()); } else { Error("Storage area for $$event{StorageId} no longer exists in db."); @@ -473,7 +473,7 @@ sub StorageId { if ( @_ ) { $$event{StorageId} = shift; delete $$event{Storage}; - delete $$event{Path}; + $event->Path(undef); } return $$event{StorageId}; } @@ -483,7 +483,7 @@ sub Storage { $_[0]{Storage} = $_[1]; if ( $_[0]{Storage} ) { $_[0]{StorageId} = $_[0]{Storage}->Id(); - delete $_[0]{Path}; + $_[0]->Path(undef); } } if ( ! $_[0]{Storage} ) { @@ -543,7 +543,7 @@ sub CopyTo { my $OldStorage = $self->Storage(undef); my ( $OldPath ) = ( $self->Path() =~ /^(.*)$/ ); # De-taint if ( ! -e $OldPath ) { - return "Old path $OldPath does not exist."; + return "Src path $OldPath does not exist."; } # First determine if we can move it to the dest. # We do this before bothering to lock the event From 25198e0eb0f10da83afe2fec20b4a45aa2f527c6 Mon Sep 17 00:00:00 2001 From: Isaac Connor Date: Wed, 4 Sep 2019 17:53:59 -0400 Subject: [PATCH 515/922] move session_close to after auth so that whatever we do with the session in auth gets saved --- web/index.php | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/web/index.php b/web/index.php index 11d62ca55..f2fd0660e 100644 --- a/web/index.php +++ b/web/index.php @@ -143,7 +143,6 @@ if ( # Only one request can open the session file at a time, so let's close the session here to improve concurrency. # Any file/page that sets session variables must re-open it. -session_write_close(); require_once('includes/lang.php'); @@ -176,6 +175,7 @@ if ( isset($_REQUEST['request']) ) $request = detaintPath($_REQUEST['request']); require_once('includes/auth.php'); +session_write_close(); foreach ( getSkinIncludes('skin.php') as $includeFile ) { require_once $includeFile; From 6f59d63e08555350b40196674efe03d0bca6efd8 Mon Sep 17 00:00:00 2001 From: Isaac Connor Date: Thu, 5 Sep 2019 09:55:58 -0400 Subject: [PATCH 516/922] Add missing AutoCopy and AutoCopyTo in db creation --- db/zm_create.sql.in | 2 ++ 1 file changed, 2 insertions(+) diff --git a/db/zm_create.sql.in b/db/zm_create.sql.in index 8239af0d3..52bf01a1b 100644 --- a/db/zm_create.sql.in +++ b/db/zm_create.sql.in @@ -293,6 +293,8 @@ CREATE TABLE `Filters` ( `AutoDelete` tinyint(3) unsigned NOT NULL default '0', `AutoMove` tinyint(3) unsigned NOT NULL default '0', `AutoMoveTo` smallint(5) unsigned NOT NULL default 0, + `AutoCopy` tinyint(3) unsigned NOT NULL default '0', + `AutoCopyTo` smallint(5) unsigned NOT NULL default 0, `UpdateDiskSpace` tinyint(3) unsigned NOT NULL default '0', `Background` tinyint(1) unsigned NOT NULL default '0', `Concurrent` tinyint(1) unsigned NOT NULL default '0', From bce1a48b66b1125b370c3d73532bd4d60f2c6afb Mon Sep 17 00:00:00 2001 From: Isaac Connor Date: Thu, 5 Sep 2019 10:31:22 -0400 Subject: [PATCH 517/922] Fix another Monitorid. Fixes #2699 --- web/skins/classic/views/export.php | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/web/skins/classic/views/export.php b/web/skins/classic/views/export.php index 38c81d8f6..e3b73db69 100644 --- a/web/skins/classic/views/export.php +++ b/web/skins/classic/views/export.php @@ -144,7 +144,7 @@ while ( $event_row = dbFetchNext($results) ) { Archived() ? ' class="archived"' : '' ?>> - + @@ -375,7 +372,7 @@ foreach ( array_map('basename', glob('skins/'.$skin.'/css/*',GLOB_ONLYDIR)) as $ $configCat = array(); $configCats = array(); - $result = $dbConn->query('SELECT * FROM Config ORDER BY Id ASC'); + $result = $dbConn->query('SELECT * FROM `Config` ORDER BY `Id` ASC'); if ( !$result ) echo mysql_error(); while( $row = dbFetchNext($result) ) { @@ -388,9 +385,9 @@ foreach ( array_map('basename', glob('skins/'.$skin.'/css/*',GLOB_ONLYDIR)) as $ } if ( $tab == 'system' ) { - $configCats[$tab]['ZM_LANG_DEFAULT']['Hint'] = join( '|', getLanguages() ); - $configCats[$tab]['ZM_SKIN_DEFAULT']['Hint'] = join( '|', $skin_options ); - $configCats[$tab]['ZM_CSS_DEFAULT']['Hint'] = join( '|', array_map ( 'basename', glob('skins/'.ZM_SKIN_DEFAULT.'/css/*',GLOB_ONLYDIR) ) ); + $configCats[$tab]['ZM_LANG_DEFAULT']['Hint'] = join('|', getLanguages()); + $configCats[$tab]['ZM_SKIN_DEFAULT']['Hint'] = join('|', array_map('basename', glob('skins/*',GLOB_ONLYDIR))); + $configCats[$tab]['ZM_CSS_DEFAULT']['Hint'] = join('|', array_map ( 'basename', glob('skins/'.ZM_SKIN_DEFAULT.'/css/*',GLOB_ONLYDIR) )); $configCats[$tab]['ZM_BANDWIDTH_DEFAULT']['Hint'] = $bandwidth_options; } ?> @@ -485,7 +482,7 @@ foreach ( array_map('basename', glob('skins/'.$skin.'/css/*',GLOB_ONLYDIR)) as $ ?>
- +
Date: Tue, 17 Sep 2019 12:53:29 -0400 Subject: [PATCH 568/922] Use dts instead of pts for first values --- src/zm_videostore.cpp | 77 ++++++++----------------------------------- 1 file changed, 13 insertions(+), 64 deletions(-) diff --git a/src/zm_videostore.cpp b/src/zm_videostore.cpp index 36505cfc5..c3e19a193 100644 --- a/src/zm_videostore.cpp +++ b/src/zm_videostore.cpp @@ -887,27 +887,20 @@ int VideoStore::writeVideoFramePacket(AVPacket *ipkt) { opkt.size = ipkt->size; opkt.duration = ipkt->duration; - if ( ipkt->pts != AV_NOPTS_VALUE ) { - if ( (!video_first_pts) && (ipkt->pts >= 0) ) { - // This is the first packet. - Debug(2, "Starting video first_pts will become %" PRId64, ipkt->pts); - video_first_pts = ipkt->pts; - } - opkt.pts = ipkt->pts - video_first_pts; - } // Just because the in stream wraps, doesn't mean the out needs to. // Really, if we are limiting ourselves to 10min segments I can't imagine every wrapping in the out. // So need to handle in wrap, without causing out wrap. // The cameras that Icon has seem to do EOF instead of wrapping if ( ipkt->dts != AV_NOPTS_VALUE ) { -#if 0 if ( !video_first_dts ) { Debug(2, "Starting video first_dts will become %" PRId64, ipkt->dts); video_first_dts = ipkt->dts; } -#endif - opkt.dts = ipkt->dts - video_first_pts; + opkt.dts = ipkt->dts - video_first_dts; + } + if ( ipkt->pts != AV_NOPTS_VALUE ) { + opkt.pts = ipkt->pts - video_first_dts; } av_packet_rescale_ts(&opkt, video_in_stream->time_base, video_out_stream->time_base); @@ -928,22 +921,20 @@ int VideoStore::writeAudioFramePacket(AVPacket *ipkt) { } dumpPacket(audio_in_stream, ipkt, "input packet"); - if ( !audio_first_pts ) { - audio_first_pts = ipkt->pts; - audio_next_pts = audio_out_ctx->frame_size; - } if ( !audio_first_dts ) { audio_first_dts = ipkt->dts; + audio_next_pts = audio_out_ctx->frame_size; } // Need to adjust pts before feeding to decoder.... should really copy the pkt instead of modifying it - ipkt->pts -= audio_first_pts; - ipkt->dts -= audio_first_pts; + ipkt->pts -= audio_first_dts; + ipkt->dts -= audio_first_dts; dumpPacket(audio_in_stream, ipkt, "after pts adjustment"); if ( audio_out_codec ) { // I wonder if we can get multiple frames per packet? Probably - if ( ( ret = zm_send_packet_receive_frame(audio_in_ctx, in_frame, *ipkt) ) <= 0 ) { + ret = zm_send_packet_receive_frame(audio_in_ctx, in_frame, *ipkt); + if ( ret <= 0 ) { Debug(3, "Not ready to receive frame"); return 0; } @@ -989,54 +980,10 @@ int VideoStore::writeAudioFramePacket(AVPacket *ipkt) { opkt.size = ipkt->size; opkt.flags = ipkt->flags; -#if 0 - if ( ipkt->duration && (ipkt->duration != AV_NOPTS_VALUE) ) { - opkt.duration = av_rescale_q( - ipkt->duration, - audio_in_stream->time_base, - audio_out_stream->time_base); - } - // Scale the PTS of the outgoing packet to be the correct time base - if ( ipkt->pts != AV_NOPTS_VALUE ) { - if ( !audio_first_pts ) { - opkt.pts = 0; - audio_first_pts = ipkt->pts; - Debug(1, "No audio_first_pts"); - } else { - opkt.pts = av_rescale_q( - ipkt->pts - audio_first_pts, - audio_in_stream->time_base, - audio_out_stream->time_base); - Debug(2, "audio opkt.pts = %" PRId64 " from ipkt->pts(%" PRId64 ") - first_pts(%" PRId64 ")", - opkt.pts, ipkt->pts, audio_first_pts); - } - } else { - Debug(2, "opkt.pts = undef"); - opkt.pts = AV_NOPTS_VALUE; - } - - if ( ipkt->dts != AV_NOPTS_VALUE ) { - if ( !audio_first_dts ) { - opkt.dts = 0; - audio_first_dts = ipkt->dts; - } else { - opkt.dts = av_rescale_q( - ipkt->dts - audio_first_dts, - audio_in_stream->time_base, - audio_out_stream->time_base); - Debug(2, "opkt.dts = %" PRId64 " from ipkt.dts(%" PRId64 ") - first_dts(%" PRId64 ")", - opkt.dts, ipkt->dts, audio_first_dts); - } - audio_last_dts = ipkt->dts; - } else { - opkt.dts = AV_NOPTS_VALUE; - } -#else opkt.duration = ipkt->duration; opkt.pts = ipkt->pts; opkt.dts = ipkt->dts; av_packet_rescale_ts(&opkt, audio_in_stream->time_base, audio_out_stream->time_base); -#endif write_packet(&opkt, audio_out_stream); zm_av_packet_unref(&opkt); @@ -1050,11 +997,11 @@ int VideoStore::write_packet(AVPacket *pkt, AVStream *stream) { pkt->stream_index = stream->index; if ( pkt->dts < stream->cur_dts ) { - Warning("non increasing dts, fixing"); + Debug(1, "non increasing dts, fixing. our dts %" PRId64 " stream cur_dts %" PRId64, pkt->dts, stream->cur_dts); pkt->dts = stream->cur_dts; if ( (pkt->pts != AV_NOPTS_VALUE) && (pkt->dts > pkt->pts) ) { Debug(1, - "pkt.dts(%" PRId64 ") must be <= pkt.pts(%" PRId64 ")." + "pkt.dts %" PRId64 " must be <= pkt.pts %" PRId64 "." "Decompression must happen before presentation.", pkt->dts, pkt->pts); pkt->pts = pkt->dts; @@ -1065,6 +1012,8 @@ int VideoStore::write_packet(AVPacket *pkt, AVStream *stream) { "Decompression must happen before presentation.", pkt->dts, pkt->pts); pkt->dts = pkt->pts; + } else { + Debug(1, "Acceptable pts and dts. cur_dts = %" PRId64, stream->cur_dts); } dumpPacket(stream, pkt, "finished pkt"); From 17e00cec94cbc10f6aad9fe55efc3e06ac38e51c Mon Sep 17 00:00:00 2001 From: Isaac Connor Date: Tue, 17 Sep 2019 14:58:16 -0400 Subject: [PATCH 569/922] Fix setting rtsp_transport when rtsp --- src/zm_ffmpeg_camera.cpp | 13 ++++++------- 1 file changed, 6 insertions(+), 7 deletions(-) diff --git a/src/zm_ffmpeg_camera.cpp b/src/zm_ffmpeg_camera.cpp index 3a1d7bb70..cf55a75d4 100644 --- a/src/zm_ffmpeg_camera.cpp +++ b/src/zm_ffmpeg_camera.cpp @@ -333,10 +333,10 @@ int FfmpegCamera::OpenFfmpeg() { } // Set transport method as specified by method field, rtpUni is default - const std::string method = Method(); - std::string protocol = method.substr(0,4); + std::string protocol = mPath.substr(0, 4); string_toupper(protocol); if ( protocol == "RTSP" ) { + const std::string method = Method(); if ( method == "rtpMulti" ) { ret = av_dict_set(&opts, "rtsp_transport", "udp_multicast", 0); } else if ( method == "rtpRtsp" ) { @@ -348,13 +348,12 @@ int FfmpegCamera::OpenFfmpeg() { } else { Warning("Unknown method (%s)", method.c_str()); } - } + if ( ret < 0 ) { + Warning("Could not set rtsp_transport method '%s'", method.c_str()); + } + } // end if RTSP // #av_dict_set(&opts, "timeout", "10000000", 0); // in microseconds. - if ( ret < 0 ) { - Warning("Could not set rtsp_transport method '%s'", method.c_str()); - } - Debug(1, "Calling avformat_open_input for %s", mPath.c_str()); mFormatContext = avformat_alloc_context(); From 1407d849e8cb58134c4ab005fe10f41162dab817 Mon Sep 17 00:00:00 2001 From: Isaac Connor Date: Wed, 18 Sep 2019 11:10:25 -0400 Subject: [PATCH 570/922] deprecate getStreamSrc in functions.php. --- web/includes/functions.php | 85 ++++++++++++-------------------------- 1 file changed, 26 insertions(+), 59 deletions(-) diff --git a/web/includes/functions.php b/web/includes/functions.php index ff578eff7..7f5e32aaa 100644 --- a/web/includes/functions.php +++ b/web/includes/functions.php @@ -120,33 +120,6 @@ function CORSHeaders() { } } -function getStreamSrc( $args, $querySep='&' ) { - $streamSrc = ZM_BASE_URL.ZM_PATH_ZMS; - - if ( ZM_OPT_USE_AUTH ) { - if ( ZM_AUTH_RELAY == 'hashed' ) { - $args[] = 'auth='.generateAuthHash( ZM_AUTH_HASH_IPS ); - } elseif ( ZM_AUTH_RELAY == 'plain' ) { - $args[] = 'user='.$_SESSION['username']; - $args[] = 'pass='.$_SESSION['password']; - } elseif ( ZM_AUTH_RELAY == 'none' ) { - $args[] = 'user='.$_SESSION['username']; - } - } - if ( !in_array( 'mode=single', $args ) && !empty($GLOBALS['connkey']) ) { - $args[] = 'connkey='.$GLOBALS['connkey']; - } - if ( ZM_RAND_STREAM ) { - $args[] = 'rand='.time(); - } - - if ( count($args) ) { - $streamSrc .= '?'.join( $querySep, $args ); - } - - return( $streamSrc ); -} - function getMimeType( $file ) { if ( function_exists('mime_content_type') ) { return( mime_content_type( $file ) ); @@ -156,7 +129,7 @@ function getMimeType( $file ) { finfo_close($finfo); return( $mimeType ); } - return( trim( exec( 'file -bi '.escapeshellarg( $file ).' 2>/dev/null' ) ) ); + return trim(exec('file -bi '.escapeshellarg($file).' 2>/dev/null')); } function outputVideoStream( $id, $src, $width, $height, $format, $title='' ) { @@ -169,8 +142,8 @@ function getVideoStreamHTML( $id, $src, $width, $height, $format, $title='' ) { $height = validInt($height); $title = validHtmlStr($title); - if ( file_exists( $src ) ) { - $mimeType = getMimeType( $src ); + if ( file_exists($src) ) { + $mimeType = getMimeType($src); } else { switch( $format ) { case 'asf' : @@ -205,7 +178,6 @@ function getVideoStreamHTML( $id, $src, $width, $height, $format, $title='' ) { case 'video/x-ms-asf' : case 'video/x-msvideo' : case 'video/mp4' : - { if ( isWindows() ) { return ' '; } - } case 'video/quicktime' : - { return ' '; - } case 'application/x-shockwave-flash' : - { return ' '; - } } # end switch } # end if use object tags return '
- - - + + + - + - + - + - +
- - - + + + - + - + - + - - + + getStreamSrc( array( 'mode'=>'mpeg', 'format'=>'h264' ) ); +function getEventDefaultVideoPath($event) { + $Event = new ZM\Event($event); + return $Event->getStreamSrc(array('mode'=>'mpeg', 'format'=>'h264')); } function deletePath( $path ) { From f509b4c9d1dd1385d9cbfa257b1b67d8c572c877 Mon Sep 17 00:00:00 2001 From: Isaac Connor Date: Wed, 18 Sep 2019 11:10:40 -0400 Subject: [PATCH 571/922] spacing --- web/skins/classic/views/timeline.php | 8 ++++---- 1 file changed, 4 insertions(+), 4 deletions(-) diff --git a/web/skins/classic/views/timeline.php b/web/skins/classic/views/timeline.php index 8a55e607d..c5bdda4d8 100644 --- a/web/skins/classic/views/timeline.php +++ b/web/skins/classic/views/timeline.php @@ -132,7 +132,7 @@ $chart = array( $monitors = array(); $monitorsSql = 'SELECT * FROM Monitors ORDER BY Sequence ASC'; //srand( 97981 ); -foreach( dbFetchAll( $monitorsSql ) as $row ) { +foreach( dbFetchAll($monitorsSql) as $row ) { //if ( empty($row['WebColour']) ) //{ //$row['WebColour'] = sprintf( "#%02x%02x%02x", rand( 0, 255 ), rand( 0, 255), rand( 0, 255 ) ); @@ -312,9 +312,9 @@ $chart['data']['x']['density'] = $chart['data']['x']['range']/$chart['graph']['w $monEventSlots = array(); $monFrameSlots = array(); $monitorIds = array(); -$events_result = dbQuery( $eventsSql ); -if ( ! $events_result ) { - Fatal( "SQL-ERR"); +$events_result = dbQuery($eventsSql); +if ( !$events_result ) { + Fatal("SQL-ERR"); return; } From 0eb1fff5b55fd7fd15e0d889a101fd8baf8ad0e8 Mon Sep 17 00:00:00 2001 From: Isaac Connor Date: Wed, 18 Sep 2019 11:16:49 -0400 Subject: [PATCH 572/922] remove unused view=image-ffmpeg --- web/skins/classic/views/image-ffmpeg.php | 76 ------------------------ 1 file changed, 76 deletions(-) delete mode 100644 web/skins/classic/views/image-ffmpeg.php diff --git a/web/skins/classic/views/image-ffmpeg.php b/web/skins/classic/views/image-ffmpeg.php deleted file mode 100644 index 496b4c695..000000000 --- a/web/skins/classic/views/image-ffmpeg.php +++ /dev/null @@ -1,76 +0,0 @@ -$fid, 'Type'=>'Normal', 'Score'=>0 ); -} else { - $frame = dbFetchOne( 'SELECT * FROM Frames WHERE EventId = ? AND Score = ?', NULL, array( $eid, $event['MaxScore'] ) ); -} - -$maxFid = $event['Frames']; - -$firstFid = 1; -$prevFid = $frame['FrameId']-1; -$nextFid = $frame['FrameId']+1; -$lastFid = $maxFid; - -$alarmFrame = $frame['Type']=='Alarm'; - -if ( isset( $_REQUEST['scale'] ) ) - $scale = validInt($_REQUEST['scale']); -else - $scale = max( reScale( SCALE_BASE, $event['DefaultScale'], ZM_WEB_DEFAULT_SCALE ), SCALE_BASE ); - -$Transpose = ''; -if ( $event['VideoWriter'] == "2" ) { // PASSTHROUGH - $Rotation = $event['Orientation']; -// rotate right - if ( in_array($event['Orientation'],array("90"))) - $Transpose = 'transpose=1,'; -// rotate 180 // upside down cam - if ( in_array($event['Orientation'],array("180"))) - $Transpose = 'transpose=2,transpose=2,'; -// rotate left - if ( in_array($event['Orientation'],array("270"))) - $Transpose = 'transpose=2,'; -} -$focusWindow = true; -$Scale = 100/$scale; -$fid = $fid - 1; -#$command = 'ffmpeg -v 0 -i '.getEventDefaultVideoPath($event).' -vf "select=gte(selected_n\,'.$fid.'),setpts=PTS-STARTPTS" '.$Transpose.',scale=iw/'.$Scale.':-1" -frames:v 1 -f mjpeg -'; -$command = 'ffmpeg -v 0 -i '.getEventDefaultVideoPath($event).' -vf "select=gte(n\\,'.$fid.'),setpts=PTS-STARTPTS,'.$Transpose.'scale=iw/'.$Scale.':-1" -f image2 -'; -header('Content-Type: image/jpeg'); -system($command); -?> From b3b7ec660bd5e7734ce631011189493b6a84bd8a Mon Sep 17 00:00:00 2001 From: Isaac Connor Date: Wed, 18 Sep 2019 11:19:28 -0400 Subject: [PATCH 573/922] Add a test for the built-in layouts. Can't edit them. --- web/skins/classic/views/js/montage.js | 3 +-- 1 file changed, 1 insertion(+), 2 deletions(-) diff --git a/web/skins/classic/views/js/montage.js b/web/skins/classic/views/js/montage.js index 3052de99b..e217bcc89 100644 --- a/web/skins/classic/views/js/montage.js +++ b/web/skins/classic/views/js/montage.js @@ -399,9 +399,8 @@ function save_layout(button) { if ( !name ) name = form.elements['zmMontageLayout'].options[form.elements['zmMontageLayout'].selectedIndex].text; - console.log(name); - if ( name == 'Freeform' || name=='2 Wide' || name=='3 Wide' || name=='4 Wide' || name == '5 Wide' ) { + if ( name=='Freeform' || name=='2 Wide' || name=='3 Wide' || name=='4 Wide' || name=='5 Wide' ) { alert('You cannot edit the built in layouts. Please give the layout a new name.'); return; } From 9889311b0328e16036f1934bbb0b6114703a9078 Mon Sep 17 00:00:00 2001 From: Isaac Connor Date: Wed, 18 Sep 2019 11:40:55 -0400 Subject: [PATCH 574/922] Handle username=&password= as well in HostController::login --- web/api/app/Controller/HostController.php | 5 +++++ 1 file changed, 5 insertions(+) diff --git a/web/api/app/Controller/HostController.php b/web/api/app/Controller/HostController.php index fd996bdb7..300352949 100644 --- a/web/api/app/Controller/HostController.php +++ b/web/api/app/Controller/HostController.php @@ -33,7 +33,12 @@ class HostController extends AppController { function login() { $username = $this->request->query('user') ? $this->request->query('user') : $this->request->data('user'); + if ( !$username ) + $username = $this->request->query('username') ? $this->request->query('username') : $this->request->data('username'); $password = $this->request->query('pass') ? $this->request->query('pass') : $this->request->data('pass'); + if ( !$password ) + $password = $this->request->query('password') ? $this->request->query('password') : $this->request->data('password'); + $token = $this->request->query('token') ? $this->request->query('token') : $this->request->data('token'); if ( !($username && $password) && !$token ) { From 1bd70319a9f51de58804b08eea9d6c03b551109e Mon Sep 17 00:00:00 2001 From: Isaac Connor Date: Thu, 19 Sep 2019 10:48:25 -0400 Subject: [PATCH 575/922] Add a dimensions dropdown to ease entering monitor dimensions --- web/skins/classic/views/js/monitor.js | 73 +++++++++++++++++++-------- web/skins/classic/views/monitor.php | 40 +++++++++++++-- 2 files changed, 88 insertions(+), 25 deletions(-) diff --git a/web/skins/classic/views/js/monitor.js b/web/skins/classic/views/js/monitor.js index bf5e4d900..96c2061f9 100644 --- a/web/skins/classic/views/js/monitor.js +++ b/web/skins/classic/views/js/monitor.js @@ -1,29 +1,53 @@ -function updateMonitorDimensions( element ) { +function updateMonitorDimensions(element) { var form = element.form; - var widthFactor = parseInt( defaultAspectRatio.replace( /:.*$/, '' ) ); - var heightFactor = parseInt( defaultAspectRatio.replace( /^.*:/, '' ) ); + if ( element.type == 'number' ) { // either width or height + + var widthFactor = parseInt( defaultAspectRatio.replace( /:.*$/, '' ) ); + var heightFactor = parseInt( defaultAspectRatio.replace( /^.*:/, '' ) ); - if ( form.elements['preserveAspectRatio'].checked ) { var monitorWidth = parseInt(form.elements['newMonitor[Width]'].value); var monitorHeight = parseInt(form.elements['newMonitor[Height]'].value); - switch ( element.name ) { - case 'newMonitor[Width]': - if ( monitorWidth >= 0 ) { - form.elements['newMonitor[Height]'].value = Math.round((monitorWidth * heightFactor) / widthFactor); - } else { - form.elements['newMonitor[Height]'].value = ''; - } - break; - case 'newMonitor[Height]': - if ( monitorHeight >= 0 ) { - form.elements['newMonitor[Width]'].value = Math.round((monitorHeight * widthFactor) / heightFactor); - } else { - form.elements['newMonitor[Width]'].value = ''; - } - break; + + if ( form.elements['preserveAspectRatio'].checked ) { + switch ( element.name ) { + case 'newMonitor[Width]': + if ( monitorWidth >= 0 ) { + form.elements['newMonitor[Height]'].value = Math.round((monitorWidth * heightFactor) / widthFactor); + } else { + form.elements['newMonitor[Height]'].value = ''; + } + monitorHeight = parseInt(form.elements['newMonitor[Height]'].value); + break; + case 'newMonitor[Height]': + if ( monitorHeight >= 0 ) { + form.elements['newMonitor[Width]'].value = Math.round((monitorHeight * widthFactor) / heightFactor); + } else { + form.elements['newMonitor[Width]'].value = ''; + } + monitorWidth = parseInt(form.elements['newMonitor[Width]'].value); + break; + } + } + // If we find a matching option in the dropdown, select it or select custom + + var option = $j('select[name="dimensions_select"] option[value="'+monitorWidth+'x'+monitorHeight+'"]'); + if ( !option.size() ) { + $j('select[name="dimensions_select"]').val(''); + } else { + $j('select[name="dimensions_select"]').val(monitorWidth+'x'+monitorHeight); + } + } else { + // For some reason we get passed the first option instead of the select + element = form.elements['dimensions_select']; + + var value = element.options[element.selectedIndex].value; + if ( value != '' ) { // custom dimensions + var dimensions = value.split('x'); + form.elements['newMonitor[Width]'].value = dimensions[0]; + form.elements['newMonitor[Height]'].value = dimensions[1]; } } - return ( false ); + return false; } function loadLocations( element ) { @@ -94,6 +118,15 @@ function initPage() { } }; }); + document.querySelectorAll('input[name="newMonitor[Width]"]').forEach(function(el) { + el.oninput = window['updateMonitorDimensions'].bind(el, el); + }); + document.querySelectorAll('input[name="newMonitor[Height]"]').forEach(function(el) { + el.oninput = window['updateMonitorDimensions'].bind(el, el); + }); + document.querySelectorAll('select[name="dimensions_select"]').forEach(function(el) { + el.onchange = window['updateMonitorDimensions'].bind(el, el); + }); $j('.chosen').chosen(); } // end function initPage() diff --git a/web/skins/classic/views/monitor.php b/web/skins/classic/views/monitor.php index 943c1331c..8267d72a8 100644 --- a/web/skins/classic/views/monitor.php +++ b/web/skins/classic/views/monitor.php @@ -917,12 +917,42 @@ if ( $monitor->Type() != 'NVSocket' && $monitor->Type() != 'WebSite' ) { ?> - - - - + + + + + + + + + + + + Type() == 'Local' ) { ?> From d5ee73a9ee1e904389b015fd4ad6b364e08c4935 Mon Sep 17 00:00:00 2001 From: Isaac Connor Date: Thu, 19 Sep 2019 10:50:20 -0400 Subject: [PATCH 576/922] use CaptureResolution instead of CaptureDimensions because it is already in language --- web/skins/classic/views/monitor.php | 4 ++-- 1 file changed, 2 insertions(+), 2 deletions(-) diff --git a/web/skins/classic/views/monitor.php b/web/skins/classic/views/monitor.php index 8267d72a8..832e673ce 100644 --- a/web/skins/classic/views/monitor.php +++ b/web/skins/classic/views/monitor.php @@ -918,7 +918,7 @@ if ( $monitor->Type() != 'NVSocket' && $monitor->Type() != 'WebSite' ) { - + - + Date: Thu, 19 Sep 2019 14:55:17 -0400 Subject: [PATCH 577/922] Upgrade Control Object to extend ZM\Object. Add commands function from skin specific control functions --- web/includes/Control.php | 256 ++++++++---------- .../classic/includes/control_functions.php | 193 +++---------- 2 files changed, 155 insertions(+), 294 deletions(-) diff --git a/web/includes/Control.php b/web/includes/Control.php index 72e6c49a9..39c259092 100644 --- a/web/includes/Control.php +++ b/web/includes/Control.php @@ -2,10 +2,13 @@ namespace ZM; require_once('database.php'); +require_once('Object.php'); -class Control { +class Control extends ZM_Object { + protected static $table = 'Controls'; -private $defaults = array( + protected $defaults = array( + 'Id' => null, 'CanMove' => 0, 'CanMoveDiag' => 0, 'CanMoveMap' => 0, @@ -104,153 +107,118 @@ private $defaults = array( 'Protocol' => NULL ); - public function __construct( $IdOrRow = NULL ) { - if ( $IdOrRow ) { - $row = NULL; - if ( is_integer( $IdOrRow ) or is_numeric( $IdOrRow ) ) { - $row = dbFetchOne( 'SELECT * FROM Controls WHERE Id=?', NULL, array( $IdOrRow ) ); - if ( ! $row ) { - Error("Unable to load Control record for Id=" . $IdOrRow ); - } - } elseif ( is_array( $IdOrRow ) ) { - $row = $IdOrRow; - } else { - Error("Unknown argument passed to Control Constructor ($IdOrRow)"); - return; - } - - if ( $row ) { - foreach ($row as $k => $v) { - $this->{$k} = $v; - } - } else { - Error('No row for Control ' . $IdOrRow ); - } - } # end if isset($IdOrRow) - } // end function __construct - - public function __call($fn, array $args){ - if ( count($args) ) { - $this->{$fn} = $args[0]; - } - if ( array_key_exists($fn, $this) ) { - return $this->{$fn}; - #array_unshift($args, $this); - #call_user_func_array( $this->{$fn}, $args); - } else { - if ( array_key_exists($fn, $this->control_fields) ) { - return $this->control_fields{$fn}; - } else if ( array_key_exists( $fn, $this->defaults ) ) { - return $this->defaults{$fn}; - } else { - $backTrace = debug_backtrace(); - $file = $backTrace[1]['file']; - $line = $backTrace[1]['line']; - Warning( "Unknown function call Control->$fn from $file:$line" ); - } - } + public static function find( $parameters = array(), $options = array() ) { + return ZM_Object::_find(get_class(), $parameters, $options); } - public function set( $data ) { - foreach ($data as $k => $v) { - if ( is_array( $v ) ) { - # perhaps should turn into a comma-separated string - $this->{$k} = implode(',',$v); - } else if ( is_string( $v ) ) { - $this->{$k} = trim( $v ); - } else if ( is_integer( $v ) ) { - $this->{$k} = $v; - } else if ( is_bool( $v ) ) { - $this->{$k} = $v; + public static function find_one( $parameters = array(), $options = array() ) { + return ZM_Object::_find_one(get_class(), $parameters, $options); + } + + public function commands() { + $cmds = array(); + + $cmds['Wake'] = 'wake'; + $cmds['Sleep'] = 'sleep'; + $cmds['Reset'] = 'reset'; + $cmds['Reboot'] = 'reboot'; + + $cmds['PresetSet'] = 'presetSet'; + $cmds['PresetGoto'] = 'presetGoto'; + $cmds['PresetHome'] = 'presetHome'; + + if ( $this->CanZoom() ) { + if ( $this->CanZoomCon() ) + $cmds['ZoomRoot'] = 'zoomCon'; + elseif ( $this->CanZoomRel() ) + $cmds['ZoomRoot'] = 'zoomRel'; + elseif ( $this->CanZoomAbs() ) + $cmds['ZoomRoot'] = 'zoomAbs'; + $cmds['ZoomTele'] = $cmds['ZoomRoot'].'Tele'; + $cmds['ZoomWide'] = $cmds['ZoomRoot'].'Wide'; + $cmds['ZoomStop'] = 'zoomStop'; + $cmds['ZoomAuto'] = 'zoomAuto'; + $cmds['ZoomMan'] = 'zoomMan'; + } + + if ( $this->CanFocus() ) { + if ( $this->CanFocusCon() ) + $cmds['FocusRoot'] = 'focusCon'; + elseif ( $this->CanFocusRel() ) + $cmds['FocusRoot'] = 'focusRel'; + elseif ( $this->CanFocusAbs() ) + $cmds['FocusRoot'] = 'focusAbs'; + $cmds['FocusFar'] = $cmds['FocusRoot'].'Far'; + $cmds['FocusNear'] = $cmds['FocusRoot'].'Near'; + $cmds['FocusStop'] = 'focusStop'; + $cmds['FocusAuto'] = 'focusAuto'; + $cmds['FocusMan'] = 'focusMan'; + } + + if ( $this->CanIris() ) { + if ( $this->CanIrisCon() ) + $cmds['IrisRoot'] = 'irisCon'; + elseif ( $this->CanIrisRel() ) + $cmds['IrisRoot'] = 'irisRel'; + elseif ( $this->CanIrisAbs() ) + $cmds['IrisRoot'] = 'irisAbs'; + $cmds['IrisOpen'] = $cmds['IrisRoot'].'Open'; + $cmds['IrisClose'] = $cmds['IrisRoot'].'Close'; + $cmds['IrisStop'] = 'irisStop'; + $cmds['IrisAuto'] = 'irisAuto'; + $cmds['IrisMan'] = 'irisMan'; + } + + if ( $this->CanWhite() ) { + if ( $this->CanWhiteCon() ) + $cmds['WhiteRoot'] = 'whiteCon'; + elseif ( $this->CanWhiteRel() ) + $cmds['WhiteRoot'] = 'whiteRel'; + elseif ( $this->CanWhiteAbs() ) + $cmds['WhiteRoot'] = 'whiteAbs'; + $cmds['WhiteIn'] = $cmds['WhiteRoot'].'In'; + $cmds['WhiteOut'] = $cmds['WhiteRoot'].'Out'; + $cmds['WhiteAuto'] = 'whiteAuto'; + $cmds['WhiteMan'] = 'whiteMan'; + } + + if ( $this->CanGain() ) { + if ( $this->CanGainCon() ) + $cmds['GainRoot'] = 'gainCon'; + elseif ( $this->CanGainRel() ) + $cmds['GainRoot'] = 'gainRel'; + elseif ( $this->CanGainAbs() ) + $cmds['GainRoot'] = 'gainAbs'; + $cmds['GainUp'] = $cmds['GainRoot'].'Up'; + $cmds['GainDown'] = $cmds['GainRoot'].'Down'; + $cmds['GainAuto'] = 'gainAuto'; + $cmds['GainMan'] = 'gainMan'; + } + + if ( $this->CanMove() ) { + if ( $this->CanMoveCon() ) { + $cmds['MoveRoot'] = 'moveCon'; + $cmds['Center'] = 'moveStop'; + } elseif ( $this->CanMoveRel() ) { + $cmds['MoveRoot'] = 'moveRel'; + $cmds['Center'] = $cmds['PresetHome']; + } elseif ( $this->CanMoveAbs() ) { + $cmds['MoveRoot'] = 'moveAbs'; + $cmds['Center'] = $cmds['PresetHome']; } else { - Error( "Unknown type $k => $v of var " . gettype( $v ) ); - $this->{$k} = $v; + $cmds['MoveRoot'] = ''; } - } - } - public static function find( $parameters = null, $options = null ) { - $sql = 'SELECT * FROM Controls '; - $values = array(); - if ( $parameters ) { - $fields = array(); - $sql .= 'WHERE '; - foreach ( $parameters as $field => $value ) { - if ( $value == null ) { - $fields[] = $field.' IS NULL'; - } else if ( is_array( $value ) ) { - $func = function(){return '?';}; - $fields[] = $field.' IN ('.implode(',', array_map( $func, $value ) ). ')'; - $values += $value; - - } else { - $fields[] = $field.'=?'; - $values[] = $value; - } - } - $sql .= implode(' AND ', $fields ); + $cmds['MoveUp'] = $cmds['MoveRoot'].'Up'; + $cmds['MoveDown'] = $cmds['MoveRoot'].'Down'; + $cmds['MoveLeft'] = $cmds['MoveRoot'].'Left'; + $cmds['MoveRight'] = $cmds['MoveRoot'].'Right'; + $cmds['MoveUpLeft'] = $cmds['MoveRoot'].'UpLeft'; + $cmds['MoveUpRight'] = $cmds['MoveRoot'].'UpRight'; + $cmds['MoveDownLeft'] = $cmds['MoveRoot'].'DownLeft'; + $cmds['MoveDownRight'] = $cmds['MoveRoot'].'DownRight'; } - if ( $options ) { - if ( isset($options['order']) ) { - $sql .= ' ORDER BY ' . $options['order']; - } - if ( isset($options['limit']) ) { - if ( is_integer($options['limit']) or ctype_digit($options['limit']) ) { - $sql .= ' LIMIT ' . $options['limit']; - } else { - $backTrace = debug_backtrace(); - $file = $backTrace[1]['file']; - $line = $backTrace[1]['line']; - Error("Invalid value for limit(".$options['limit'].") passed to Control::find from $file:$line"); - return; - } - } - } - $controls = array(); - $result = dbQuery($sql, $values); - $results = $result->fetchALL(PDO::FETCH_CLASS | PDO::FETCH_PROPS_LATE, 'Control'); - foreach ( $results as $row => $obj ) { - $controls[] = $obj; - } - return $controls; - } - - public static function find_one( $parameters = array() ) { - $results = Control::find( $parameters, array('limit'=>1) ); - if ( ! sizeof($results) ) { - return; - } - return $results[0]; - } - - public function save( $new_values = null ) { - - if ( $new_values ) { - foreach ( $new_values as $k=>$v ) { - $this->{$k} = $v; - } - } - // Set default values - foreach ( $this->defaults as $k=>$v ) { - if ( ( ! array_key_exists( $k, $this ) ) or ( $this->{$k} == '' ) ) { - $this->{$k} = $v; - } - } - - $fields = array_keys( $this->defaults ); - - if ( array_key_exists( 'Id', $this ) ) { - $sql = 'UPDATE Controls SET '.implode(', ', array_map( function($field) {return $field.'=?';}, $fields ) ) . ' WHERE Id=?'; - $values = array_map( function($field){return $this->{$field};}, $fields ); - $values[] = $this->{'Id'}; - dbQuery( $sql, $values ); - } else { - $sql = 'INSERT INTO Controls SET '.implode(', ', array_map( function($field) {return $field.'=?';}, $fields ) ) . ''; - $values = array_map( function($field){return $this->{$field};}, $fields ); - dbQuery( $sql, $values ); - $this->{'Id'} = dbInsertId(); - } - } // end function save - + return $cmds; + } // end public function commands } // end class Control ?> diff --git a/web/skins/classic/includes/control_functions.php b/web/skins/classic/includes/control_functions.php index 2c3fbd73a..021990e47 100644 --- a/web/skins/classic/includes/control_functions.php +++ b/web/skins/classic/includes/control_functions.php @@ -18,123 +18,19 @@ // Foundation, Inc., 51 Franklin Street, Fifth Floor, Boston, MA 02110-1301 USA. // -function getControlCommands( $monitor ) { - $cmds = array(); - $cmds['Wake'] = 'wake'; - $cmds['Sleep'] = 'sleep'; - $cmds['Reset'] = 'reset'; - $cmds['Reboot'] = 'reboot'; - - $cmds['PresetSet'] = 'presetSet'; - $cmds['PresetGoto'] = 'presetGoto'; - $cmds['PresetHome'] = 'presetHome'; - - if ( $monitor->CanZoom() ) { - if ( $monitor->CanZoomCon() ) - $cmds['ZoomRoot'] = 'zoomCon'; - elseif ( $monitor->CanZoomRel() ) - $cmds['ZoomRoot'] = 'zoomRel'; - elseif ( $monitor->CanZoomAbs() ) - $cmds['ZoomRoot'] = 'zoomAbs'; - $cmds['ZoomTele'] = $cmds['ZoomRoot'].'Tele'; - $cmds['ZoomWide'] = $cmds['ZoomRoot'].'Wide'; - $cmds['ZoomStop'] = 'zoomStop'; - $cmds['ZoomAuto'] = 'zoomAuto'; - $cmds['ZoomMan'] = 'zoomMan'; - } - - if ( $monitor->CanFocus() ) { - if ( $monitor->CanFocusCon() ) - $cmds['FocusRoot'] = 'focusCon'; - elseif ( $monitor->CanFocusRel() ) - $cmds['FocusRoot'] = 'focusRel'; - elseif ( $monitor->CanFocusAbs() ) - $cmds['FocusRoot'] = 'focusAbs'; - $cmds['FocusFar'] = $cmds['FocusRoot'].'Far'; - $cmds['FocusNear'] = $cmds['FocusRoot'].'Near'; - $cmds['FocusStop'] = 'focusStop'; - $cmds['FocusAuto'] = 'focusAuto'; - $cmds['FocusMan'] = 'focusMan'; - } - - if ( $monitor->CanIris() ) { - if ( $monitor->CanIrisCon() ) - $cmds['IrisRoot'] = 'irisCon'; - elseif ( $monitor->CanIrisRel() ) - $cmds['IrisRoot'] = 'irisRel'; - elseif ( $monitor->CanIrisAbs() ) - $cmds['IrisRoot'] = 'irisAbs'; - $cmds['IrisOpen'] = $cmds['IrisRoot'].'Open'; - $cmds['IrisClose'] = $cmds['IrisRoot'].'Close'; - $cmds['IrisStop'] = 'irisStop'; - $cmds['IrisAuto'] = 'irisAuto'; - $cmds['IrisMan'] = 'irisMan'; - } - - if ( $monitor->CanWhite() ) { - if ( $monitor->CanWhiteCon() ) - $cmds['WhiteRoot'] = 'whiteCon'; - elseif ( $monitor->CanWhiteRel() ) - $cmds['WhiteRoot'] = 'whiteRel'; - elseif ( $monitor->CanWhiteAbs() ) - $cmds['WhiteRoot'] = 'whiteAbs'; - $cmds['WhiteIn'] = $cmds['WhiteRoot'].'In'; - $cmds['WhiteOut'] = $cmds['WhiteRoot'].'Out'; - $cmds['WhiteAuto'] = 'whiteAuto'; - $cmds['WhiteMan'] = 'whiteMan'; - } - - if ( $monitor->CanGain() ) { - if ( $monitor->CanGainCon() ) - $cmds['GainRoot'] = 'gainCon'; - elseif ( $monitor->CanGainRel() ) - $cmds['GainRoot'] = 'gainRel'; - elseif ( $monitor->CanGainAbs() ) - $cmds['GainRoot'] = 'gainAbs'; - $cmds['GainUp'] = $cmds['GainRoot'].'Up'; - $cmds['GainDown'] = $cmds['GainRoot'].'Down'; - $cmds['GainAuto'] = 'gainAuto'; - $cmds['GainMan'] = 'gainMan'; - } - - if ( $monitor->CanMove() ) { - if ( $monitor->CanMoveCon() ) { - $cmds['MoveRoot'] = 'moveCon'; - $cmds['Center'] = 'moveStop'; - } elseif ( $monitor->CanMoveRel() ) { - $cmds['MoveRoot'] = 'moveRel'; - $cmds['Center'] = $cmds['PresetHome']; - } elseif ( $monitor->CanMoveAbs() ) { - $cmds['MoveRoot'] = 'moveAbs'; - $cmds['Center'] = $cmds['PresetHome']; - } else { - $cmds['MoveRoot'] = ''; - } - - $cmds['MoveUp'] = $cmds['MoveRoot'].'Up'; - $cmds['MoveDown'] = $cmds['MoveRoot'].'Down'; - $cmds['MoveLeft'] = $cmds['MoveRoot'].'Left'; - $cmds['MoveRight'] = $cmds['MoveRoot'].'Right'; - $cmds['MoveUpLeft'] = $cmds['MoveRoot'].'UpLeft'; - $cmds['MoveUpRight'] = $cmds['MoveRoot'].'UpRight'; - $cmds['MoveDownLeft'] = $cmds['MoveRoot'].'DownLeft'; - $cmds['MoveDownRight'] = $cmds['MoveRoot'].'DownRight'; - } - return( $cmds ); -} - -function controlFocus( $monitor, $cmds ) { +function controlFocus($monitor, $cmds) { + $control = $monitor->Control(); ob_start(); ?>
- +
CanAutoFocus() ) { + if ( $control->CanAutoFocus() ) { ?> @@ -146,9 +42,8 @@ function controlFocus( $monitor, $cmds ) { return ob_get_clean(); } -function controlZoom( $monitor, $cmds ) { - global $SLANG; - +function controlZoom($monitor, $cmds) { + $control = $monitor->Control(); ob_start(); ?>
@@ -169,19 +64,18 @@ function controlZoom( $monitor, $cmds ) { return ob_get_clean(); } -function controlIris( $monitor, $cmds ) { - global $SLANG; - +function controlIris($monitor, $cmds) { + $control = $monitor->Control(); ob_start(); ?>
- +
CanAutoIris() ) { + if ( $console->CanAutoIris() ) { ?> @@ -193,15 +87,14 @@ function controlIris( $monitor, $cmds ) { return ob_get_clean(); } -function controlWhite( $monitor, $cmds ) { - global $SLANG; - +function controlWhite($monitor, $cmds) { + $control = $monitor->Control(); ob_start(); ?>
- +
Control(); ob_start(); ?>
CanPan(); - $hasTilt = $monitor->CanTilt(); - $hasDiag = $hasPan && $hasTilt && $monitor->CanMoveDiag(); + $hasPan = $control->CanPan(); + $hasTilt = $control->CanTilt(); + $hasDiag = $hasPan && $hasTilt && $control->CanMoveDiag(); ?> @@ -249,11 +141,10 @@ function controlPanTilt( $monitor, $cmds ) { return ob_get_clean(); } -function controlPresets( $monitor, $cmds ) { - global $SLANG; - +function controlPresets($monitor, $cmds) { + $control = $monitor->Control(); // MAX_PRESETS IS PER LINE - define( 'MAX_PRESETS', '12' ); + define('MAX_PRESETS', '12'); $sql = 'SELECT * FROM ControlPresets WHERE MonitorId = ?'; $labels = array(); @@ -261,7 +152,7 @@ function controlPresets( $monitor, $cmds ) { $labels[$row['Preset']] = $row['Label']; } - $presetBreak = (int)(($monitor->NumPresets()+1)/((int)(($monitor->NumPresets()-1)/MAX_PRESETS)+1)); + $presetBreak = (int)(($control->NumPresets()+1)/((int)(($control->NumPresets()-1)/MAX_PRESETS)+1)); ob_start(); ?> @@ -269,7 +160,7 @@ function controlPresets( $monitor, $cmds ) {
NumPresets(); $i++ ) { + for ( $i = 1; $i <= $control->NumPresets(); $i++ ) { ?>
HasHomePreset() ) { + if ( $control->HasHomePreset() ) { ?> CanSetPresets() ) { + if ( canEdit('Monitors') && $control->CanSetPresets() ) { ?> Control(); ob_start(); ?>
CanWake() ) { + if ( $control->CanWake() ) { ?> CanSleep() ) { + if ( $control->CanSleep() ) { ?> CanReset() ) { + if ( $control->CanReset() ) { ?> CanReboot() ) { + if ( $control->CanReboot() ) { ?> Control(); + ZM\Error("Control: " . print_r($control,true)); + $cmds = $control->commands(); + ZM\Error("Cmds: " . print_r($cmds, true)); ob_start(); ?>
CanFocus() ) + if ( $control->CanFocus() ) echo controlFocus($monitor, $cmds); - if ( $monitor->CanZoom() ) + if ( $control->CanZoom() ) echo controlZoom($monitor, $cmds); - if ( $monitor->CanIris() ) + if ( $control->CanIris() ) echo controlIris($monitor, $cmds); - if ( $monitor->CanWhite() ) + if ( $control->CanWhite() ) echo controlWhite($monitor, $cmds); - if ( $monitor->CanMove() ) { + if ( $control->CanMove() ) { ?>
CanWake() || $monitor->CanSleep() || $monitor->CanReset() ) + if ( $control->CanWake() || $control->CanSleep() || $control->CanReset() ) echo controlPower($monitor, $cmds); - if ( $monitor->HasPresets() ) + if ( $control->HasPresets() ) echo controlPresets($monitor, $cmds); ?>
From b41e998a3abe870be31b0ad651039660b937846d Mon Sep 17 00:00:00 2001 From: Isaac Connor Date: Thu, 19 Sep 2019 14:55:27 -0400 Subject: [PATCH 578/922] Remove Control stuff from Monitor --- web/includes/Monitor.php | 273 +++++++++++---------------------------- 1 file changed, 75 insertions(+), 198 deletions(-) diff --git a/web/includes/Monitor.php b/web/includes/Monitor.php index dfe5daa7d..43fede992 100644 --- a/web/includes/Monitor.php +++ b/web/includes/Monitor.php @@ -3,6 +3,8 @@ namespace ZM; require_once('database.php'); require_once('Server.php'); require_once('Object.php'); +require_once('Control.php'); +require_once('Storage.php'); class Monitor extends ZM_Object { protected static $table = 'Monitors'; @@ -13,10 +15,10 @@ protected $defaults = array( 'ServerId' => 0, 'StorageId' => 0, 'Type' => 'Ffmpeg', - 'Function' => 'None', - 'Enabled' => 1, - 'LinkedMonitors' => null, - 'Triggers' => null, + 'Function' => 'None', + 'Enabled' => array('type'=>'boolean','default'=>1), + 'LinkedMonitors' => array('type'=>'set', 'default'=>null), + 'Triggers' => array('type'=>'set','default'=>''), 'Device' => '', 'Channel' => 0, 'Format' => '0', @@ -45,8 +47,8 @@ protected $defaults = array( 'OutputCodec' => null, 'OutputContainer' => null, 'EncoderParameters' => null, - 'RecordAudio' => 0, - 'RTSPDescribe' => null, + 'RecordAudio' => array('type'=>'boolean', 'default'=>0), + 'RTSPDescribe' => array('type'=>'boolean','default'=>0), 'Brightness' => -1, 'Contrast' => -1, 'Hue' => -1, @@ -65,6 +67,7 @@ protected $defaults = array( 'SectionLength' => 600, 'MinSectionLength' => 10, 'FrameSkip' => 0, + 'MotionFrameSkip' => 0, 'AnalysisFPSLimit' => null, 'AnalysisUpdateDelay' => 0, 'MaxFPS' => null, @@ -72,12 +75,12 @@ protected $defaults = array( 'FPSReportInterval' => 100, 'RefBlendPerc' => 6, 'AlarmRefBlendPerc' => 6, - 'Controllable' => 0, + 'Controllable' => array('type'=>'boolean','default'=>0), 'ControlId' => null, 'ControlDevice' => null, 'ControlAddress' => null, 'AutoStopTimeout' => null, - 'TrackMotion' => 0, + 'TrackMotion' => array('type'=>'boolean','default'=>0), 'TrackDelay' => null, 'ReturnLocation' => -1, 'ReturnDelay' => null, @@ -86,23 +89,24 @@ protected $defaults = array( 'SignalCheckPoints' => 0, 'SignalCheckColour' => '#0000BE', 'WebColour' => 'red', - 'Exif' => 0, + 'Exif' => array('type'=>'boolean','default'=>0), 'Sequence' => null, - 'TotalEvents' => null, - 'TotalEventDiskSpace' => null, - 'HourEvents' => null, - 'HourEventDiskSpace' => null, - 'DayEvents' => null, - 'DayEventDiskSpace' => null, - 'WeekEvents' => null, - 'WeekEventDiskSpace' => null, - 'MonthEvents' => null, - 'MonthEventDiskSpace' => null, - 'ArchivedEvents' => null, - 'ArchivedEventDiskSpace' => null, + 'TotalEvents' => array('type'=>'integer', 'default'=>null, 'do_not_update'=>1), + 'TotalEventDiskSpace' => array('type'=>'integer', 'default'=>null, 'do_not_update'=>1), + 'HourEvents' => array('type'=>'integer', 'default'=>null, 'do_not_update'=>1), + 'HourEventDiskSpace' => array('type'=>'integer', 'default'=>null, 'do_not_update'=>1), + 'DayEvents' => array('type'=>'integer', 'default'=>null, 'do_not_update'=>1), + 'DayEventDiskSpace' => array('type'=>'integer', 'default'=>null, 'do_not_update'=>1), + 'WeekEvents' => array('type'=>'integer', 'default'=>null, 'do_not_update'=>1), + 'WeekEventDiskSpace' => array('type'=>'integer', 'default'=>null, 'do_not_update'=>1), + 'MonthEvents' => array('type'=>'integer', 'default'=>null, 'do_not_update'=>1), + 'MonthEventDiskSpace' => array('type'=>'integer', 'default'=>null, 'do_not_update'=>1), + 'ArchivedEvents' => array('type'=>'integer', 'default'=>null, 'do_not_update'=>1), + 'ArchivedEventDiskSpace' => array('type'=>'integer', 'default'=>null, 'do_not_update'=>1), 'ZoneCount' => 0, 'Refresh' => null, 'DefaultCodec' => 'auto', + 'GroupIds' => array('default'=>array(), 'do_not_update'=>1), ); private $status_fields = array( 'Status' => null, @@ -110,178 +114,44 @@ private $status_fields = array( 'CaptureFPS' => null, 'CaptureBandwidth' => null, ); -private $control_fields = array( - 'Name' => '', - 'Type' => 'Local', - 'Protocol' => NULL, - 'CanWake' => '0', - 'CanSleep' => '0', - 'CanReset' => '0', - 'CanReboot' => '0', - 'CanZoom' => '0', - 'CanAutoZoom' => '0', - 'CanZoomAbs' => '0', - 'CanZoomRel' => '0', - 'CanZoomCon' => '0', - 'MinZoomRange' => NULL, - 'MaxZoomRange' => NULL, - 'MinZoomStep' => NULL, - 'MaxZoomStep' => NULL, - 'HasZoomSpeed' => '0', - 'MinZoomSpeed' => NULL, - 'MaxZoomSpeed' => NULL, - 'CanFocus' => '0', - 'CanAutoFocus' => '0', - 'CanFocusAbs' => '0', - 'CanFocusRel' => '0', - 'CanFocusCon' => '0', - 'MinFocusRange' => NULL, - 'MaxFocusRange' => NULL, - 'MinFocusStep' => NULL, - 'MaxFocusStep' => NULL, - 'HasFocusSpeed' => '0', - 'MinFocusSpeed' => NULL, - 'MaxFocusSpeed' => NULL, - 'CanIris' => '0', - 'CanAutoIris' => '0', - 'CanIrisAbs' => '0', - 'CanIrisRel' => '0', - 'CanIrisCon' => '0', - 'MinIrisRange' => NULL, - 'MaxIrisRange' => NULL, - 'MinIrisStep' => NULL, - 'MaxIrisStep' => NULL, - 'HasIrisSpeed' => '0', - 'MinIrisSpeed' => NULL, - 'MaxIrisSpeed' => NULL, - 'CanGain' => '0', - 'CanAutoGain' => '0', - 'CanGainAbs' => '0', - 'CanGainRel' => '0', - 'CanGainCon' => '0', - 'MinGainRange' => NULL, - 'MaxGainRange' => NULL, - 'MinGainStep' => NULL, - 'MaxGainStep' => NULL, - 'HasGainSpeed' => '0', - 'MinGainSpeed' => NULL, - 'MaxGainSpeed' => NULL, - 'CanWhite' => '0', - 'CanAutoWhite' => '0', - 'CanWhiteAbs' => '0', - 'CanWhiteRel' => '0', - 'CanWhiteCon' => '0', - 'MinWhiteRange' => NULL, - 'MaxWhiteRange' => NULL, - 'MinWhiteStep' => NULL, - 'MaxWhiteStep' => NULL, - 'HasWhiteSpeed' => '0', - 'MinWhiteSpeed' => NULL, - 'MaxWhiteSpeed' => NULL, - 'HasPresets' => '0', - 'NumPresets' => '0', - 'HasHomePreset' => '0', - 'CanSetPresets' => '0', - 'CanMove' => '0', - 'CanMoveDiag' => '0', - 'CanMoveMap' => '0', - 'CanMoveAbs' => '0', - 'CanMoveRel' => '0', - 'CanMoveCon' => '0', - 'CanPan' => '0', - 'MinPanRange' => NULL, - 'MaxPanRange' => NULL, - 'MinPanStep' => NULL, - 'MaxPanStep' => NULL, - 'HasPanSpeed' => '0', - 'MinPanSpeed' => NULL, - 'MaxPanSpeed' => NULL, - 'HasTurboPan' => '0', - 'TurboPanSpeed' => NULL, - 'CanTilt' => '0', - 'MinTiltRange' => NULL, - 'MaxTiltRange' => NULL, - 'MinTiltStep' => NULL, - 'MaxTiltStep' => NULL, - 'HasTiltSpeed' => '0', - 'MinTiltSpeed' => NULL, - 'MaxTiltSpeed' => NULL, - 'HasTurboTilt' => '0', - 'TurboTiltSpeed' => NULL, - 'CanAutoScan' => '0', - 'NumScanPaths' => '0', -); - public function __construct( $IdOrRow = NULL ) { - if ( $IdOrRow ) { - $row = NULL; - if ( is_integer($IdOrRow) or is_numeric($IdOrRow) ) { - $row = dbFetchOne('SELECT * FROM Monitors WHERE Id=?', NULL, array($IdOrRow)); - if ( ! $row ) { - Error("Unable to load Monitor record for Id=" . $IdOrRow); - } - } elseif ( is_array($IdOrRow) ) { - $row = $IdOrRow; - } else { - Error("Unknown argument passed to Monitor Constructor ($IdOrRow)"); - return; - } - - if ( $row ) { - foreach ($row as $k => $v) { - $this->{$k} = $v; - } - if ( $this->{'Controllable'} ) { - $s = dbFetchOne('SELECT * FROM Controls WHERE Id=?', NULL, array($this->{'ControlId'}) ); - if ( $s ) { - foreach ($s as $k => $v) { - if ( $k == 'Id' ) { - continue; - # The reason for these is that the name overlaps Monitor fields. - } else if ( $k == 'Protocol' ) { - $this->{'ControlProtocol'} = $v; - } else if ( $k == 'Name' ) { - $this->{'ControlName'} = $v; - } else if ( $k == 'Type' ) { - $this->{'ControlType'} = $v; - } else { - $this->{$k} = $v; - } - } - } else { - Warning('No Controls found for monitor '.$this->{'Id'} . ' ' . $this->{'Name'}.' althrough it is marked as controllable'); - } - } - global $monitor_cache; - $monitor_cache[$row['Id']] = $this; - - } else { - Error('No row for Monitor ' . $IdOrRow); - } - } # end if isset($IdOrRow) - } // end function __construct + public function Control() { + if ( !array_key_exists('Control', $this) ) { + if ( $this->ControlId() ) + $this->{'Control'} = Control::find_one(array('Id'=>$this->{'ControlId'})); + else + Error("No ControlId"); + if ( !(array_key_exists('Control', $this) and $this->{'Control'} ) ) + $this->{'Control'} = new Control(); + } + return $this->{'Control'}; + } public function Server() { return new Server($this->{'ServerId'}); } + public function __call($fn, array $args){ if ( count($args) ) { - $this->{$fn} = $args[0]; + if ( is_array($this->defaults[$fn]) and $this->defaults[$fn]['type'] == 'set' ) { + $this->{$fn} = is_array($args[0]) ? implode(',',$args[0]) : $args[0]; + } else { + $this->{$fn} = $args[0]; + } } if ( array_key_exists($fn, $this) ) { return $this->{$fn}; - #array_unshift($args, $this); - #call_user_func_array( $this->{$fn}, $args); - } else if ( array_key_exists($fn, $this->control_fields) ) { - return $this->control_fields{$fn}; - } else if ( array_key_exists( $fn, $this->defaults ) ) { - return $this->defaults{$fn}; - } else if ( array_key_exists( $fn, $this->status_fields) ) { + } else if ( array_key_exists($fn, $this->defaults) ) { + if ( is_array($this->defaults[$fn]) ) { + return $this->defaults[$fn]['default']; + } + return $this->defaults[$fn]; + } else if ( array_key_exists($fn, $this->status_fields) ) { $sql = 'SELECT Status,CaptureFPS,AnalysisFPS,CaptureBandwidth FROM Monitor_Status WHERE MonitorId=?'; $row = dbFetchOne($sql, NULL, array($this->{'Id'})); if ( !$row ) { - Error("Unable to load Monitor record for Id=" . $this->{'Id'}); + Error('Unable to load Monitor record for Id='.$this->{'Id'}); } else { foreach ($row as $k => $v) { $this->{$k} = $v; @@ -292,7 +162,7 @@ private $control_fields = array( $backTrace = debug_backtrace(); $file = $backTrace[1]['file']; $line = $backTrace[1]['line']; - Warning( "Unknown function call Monitor->$fn from $file:$line" ); + Warning("Unknown function call Monitor->$fn from $file:$line"); } } @@ -370,8 +240,12 @@ private $control_fields = array( } function zmcControl( $mode=false ) { + if ( ! $this->{'Id'} ) { + Warning("Attempt to control a monitor with no Id"); + return; + } if ( (!defined('ZM_SERVER_ID')) or ( array_key_exists('ServerId', $this) and (ZM_SERVER_ID==$this->{'ServerId'}) ) ) { - if ( $this->{'Type'} == 'Local' ) { + if ( $this->Type() == 'Local' ) { $zmcArgs = '-d '.$this->{'Device'}; } else { $zmcArgs = '-m '.$this->{'Id'}; @@ -417,7 +291,12 @@ private $control_fields = array( } } // end function zmcControl - function zmaControl( $mode=false ) { + function zmaControl($mode=false) { + if ( ! $this->{'Id'} ) { + Warning("Attempt to control a monitor with no Id"); + return; + } + if ( (!defined('ZM_SERVER_ID')) or ( array_key_exists('ServerId', $this) and (ZM_SERVER_ID==$this->{'ServerId'}) ) ) { if ( $this->{'Function'} == 'None' || $this->{'Function'} == 'Monitor' || $mode == 'stop' ) { if ( ZM_OPT_CONTROL ) { @@ -427,16 +306,17 @@ private $control_fields = array( } else { if ( $mode == 'restart' ) { if ( ZM_OPT_CONTROL ) { - daemonControl( 'stop', 'zmtrack.pl', '-m '.$this->{'Id'} ); + daemonControl('stop', 'zmtrack.pl', '-m '.$this->{'Id'}); } - daemonControl( 'stop', 'zma', '-m '.$this->{'Id'} ); + daemonControl('stop', 'zma', '-m '.$this->{'Id'}); } - daemonControl( 'start', 'zma', '-m '.$this->{'Id'} ); - if ( ZM_OPT_CONTROL && $this->{'Controllable'} && $this->{'TrackMotion'} && ( $this->{'Function'} == 'Modect' || $this->{'Function'} == 'Mocord' ) ) { - daemonControl( 'start', 'zmtrack.pl', '-m '.$this->{'Id'} ); + daemonControl('start', 'zma', '-m '.$this->{'Id'}); + if ( ZM_OPT_CONTROL && $this->Controllable() && $this->TrackMotion() && + ( $this->{'Function'} == 'Modect' || $this->{'Function'} == 'Mocord' ) ) { + daemonControl('start', 'zmtrack.pl', '-m '.$this->{'Id'}); } if ( $mode == 'reload' ) { - daemonControl( 'reload', 'zma', '-m '.$this->{'Id'} ); + daemonControl('reload', 'zma', '-m '.$this->{'Id'}); } } } else if ( $this->ServerId() ) { @@ -465,13 +345,13 @@ private $control_fields = array( Error("Except $e thrown trying to restart zma"); } } else { - Error("Server not assigned to Monitor in a multi-server setup. Please assign a server to the Monitor."); + Error('Server not assigned to Monitor in a multi-server setup. Please assign a server to the Monitor.'); } // end if we are on the recording server } // end public function zmaControl - public function GroupIds( $new='') { + public function GroupIds( $new='' ) { if ( $new != '' ) { - if(!is_array($new)) { + if ( !is_array($new) ) { $this->{'GroupIds'} = array($new); } else { $this->{'GroupIds'} = $new; @@ -489,6 +369,7 @@ private $control_fields = array( } return $this->{'GroupIds'}; } + public function delete() { $this->zmaControl('stop'); $this->zmcControl('stop'); @@ -498,7 +379,7 @@ private $control_fields = array( // well time out before completing, in which case zmaudit will still tidy up if ( !ZM_OPT_FAST_DELETE ) { $markEids = dbFetchAll('SELECT Id FROM Events WHERE MonitorId=?', 'Id', array($this->{'Id'})); - foreach($markEids as $markEid) + foreach ($markEids as $markEid) deleteEvent($markEid); deletePath(ZM_DIR_EVENTS.'/'.basename($this->{'Name'})); @@ -508,20 +389,16 @@ private $control_fields = array( deletePath($Storage->Path().'/'.basename($this->{'Name'})); deletePath($Storage->Path().'/'.$this->{'Id'}); } - } // end if ZM_OPT_FAST_DELETE + } // end if !ZM_OPT_FAST_DELETE // This is the important stuff dbQuery('DELETE FROM Zones WHERE MonitorId = ?', array($this->{'Id'})); if ( ZM_OPT_X10 ) dbQuery('DELETE FROM TriggersX10 WHERE MonitorId=?', array($this->{'Id'})); dbQuery('DELETE FROM Monitors WHERE Id = ?', array($this->{'Id'})); - - // Deleting a Monitor does not affect the order, just creates a gap in the sequence. Who cares? - // fixSequences(); - } // end function delete - public function Storage( $new = null ) { + public function Storage($new = null) { if ( $new ) { $this->{'Storage'} = $new; } From 73a5a8c8c5943d71c44555fffd23b394c8aeba44 Mon Sep 17 00:00:00 2001 From: Isaac Connor Date: Thu, 19 Sep 2019 14:55:45 -0400 Subject: [PATCH 579/922] Improve changes/set/etc to handle more complex defaults --- web/includes/Object.php | 116 ++++++++++++++++++++++++++++++++-------- 1 file changed, 94 insertions(+), 22 deletions(-) diff --git a/web/includes/Object.php b/web/includes/Object.php index a60e42949..bc18476fd 100644 --- a/web/includes/Object.php +++ b/web/includes/Object.php @@ -33,21 +33,26 @@ class ZM_Object { } $cache[$row['Id']] = $this; } - } else { - # Set defaults - foreach ( $this->defaults as $k => $v ) $this->{$k} = $v; } # end if isset($IdOrRow) } # end function __construct public function __call($fn, array $args){ + $type = (array_key_exists($fn, $this->defaults) && is_array($this->defaults[$fn])) ? $this->defaults[$fn]['type'] : 'scalar'; if ( count($args) ) { - $this->{$fn} = $args[0]; + if ( $type == 'set' and is_array($args[0]) ) + $this->{$fn} = implode(',', $args[0]); + else + $this->{$fn} = $args[0]; } + if ( array_key_exists($fn, $this) ) { return $this->{$fn}; } else { if ( array_key_exists($fn, $this->defaults) ) { - return $this->defaults{$fn}; + if ( is_array($this->defaults[$fn]) ) { + return $this->defaults[$fn]['default']; + } + return $this->defaults[$fn]; } else { $backTrace = debug_backtrace(); Warning("Unknown function call Object->$fn from ".print_r($backTrace,true)); @@ -153,7 +158,10 @@ class ZM_Object { $this->{$k} = implode(',', $v); } else if ( is_string($v) ) { if ( $v == '' and array_key_exists($k, $this->defaults) ) { - $this->{$k} = $this->defaults[$k]; + if ( is_array($this->defaults[$k]) ) + $this->{$k} = $this->defaults[$k]['default']; + else + $this->{$k} = $this->defaults[$k]; } else { $this->{$k} = trim($v); } @@ -169,10 +177,29 @@ class ZM_Object { } } # end if method_exists } # end foreach $data as $k=>$v - } + } # end function set($data) - public function changes( $new_values ) { + /* types is an array of fields telling use that the input might be a checkbox so not present in the input, but therefore has a value + */ + public function changes($new_values, $defaults=null) { $changes = array(); + + if ( $defaults ) { + foreach ( $defaults as $field => $type ) { + if ( isset($new_values[$field]) ) { + # Will have already been handled above + continue; + } + + if ( $this->defaults[$field] ) { + if ( is_array($this->defaults[$field]) ) { + $new_values[$field] = $this->defaults[$field]['default']; + } else { + $new_values[$field] = $this->defaults[$field]; + } + } + } # end foreach default + } foreach ( $new_values as $field => $value ) { if ( method_exists($this, $field) ) { @@ -180,7 +207,7 @@ class ZM_Object { Logger::Debug("Checking method $field () ".print_r($old_value,true).' => ' . print_r($value,true)); if ( is_array($old_value) ) { $diff = array_recursive_diff($old_value, $value); - Logger::Debug("Checking method $field () diff is".print_r($diff,true)); + Logger::Debug("Checking method $field () diff isi ".print_r($diff,true)); if ( count($diff) ) { $changes[$field] = $value; } @@ -188,14 +215,41 @@ class ZM_Object { $changes[$field] = $value; } } else if ( array_key_exists($field, $this) ) { - Logger::Debug("Checking field $field => ".$this->{$field} . ' ?= ' .$value); - if ( $this->{$field} != $value ) { - $changes[$field] = $value; + $type = (array_key_exists($field, $this->defaults) && is_array($this->defaults[$field])) ? $this->defaults[$field]['type'] : 'scalar'; + Logger::Debug("Checking field $field => current ". + (is_array($this->{$field}) ? implode(',',$this->{$field}) : $this->{$field}) . ' ?= ' . + (is_array($value) ? implode(',', $value) : $value) + ); + if ( $type == 'set' ) { + $old_value = is_array($this->$field) ? $this->$field : explode(',', $this->$field); + $new_value = is_array($value) ? $value : explode(',', $value); + + $diff = array_recursive_diff($old_value, $new_value); + Logger::Debug("Checking value $field () diff isi ".print_r($diff,true)); + if ( count($diff) ) { + $changes[$field] = $new_value; + } + + # Input might be a command separated string, or an array + + } else { + if ( $this->{$field} != $value ) { + $changes[$field] = $value; + } } } else if ( array_key_exists($field, $this->defaults) ) { + if ( is_array($this->defaults[$field]) ) { + $default = $this->defaults[$field]['default']; + } else { + $default = $this->defaults[$field]; + } - Logger::Debug("Checking default $field => ".$this->defaults[$field] . ' ' .$value); - if ( $this->defaults[$field] != $value ) { + Logger::Debug("Checking default $field => ". + ( is_array($default) ? implode(',',$default) : $default). + ' ' . + ( is_array($value) ? implode(',', $value) : $value) + ); + if ( $default != $value ) { $changes[$field] = $value; } } @@ -210,7 +264,9 @@ class ZM_Object { #} else { #Logger::Debug("Checking default $field => $default_value not in new_values"); #} - } # end foreach default + } # end foreach newvalue + + return $changes; } # end public function changes @@ -219,23 +275,39 @@ class ZM_Object { $table = $class::$table; if ( $new_values ) { - Logger::Debug("New values" . print_r($new_values,true)); + //Logger::Debug("New values" . print_r($new_values, true)); $this->set($new_values); } + $fields = array_filter( + $this->defaults, + function($v) { + return !( + is_array($v) + and + isset($v['do_not_update']) + and + $v['do_not_update'] + ); + } + ); + $fields = array_keys($fields); + if ( $this->Id() ) { - $fields = array_keys($this->defaults); - $sql = 'UPDATE '.$table.' SET '.implode(', ', array_map(function($field) {return '`'.$field.'`=?';}, $fields )) . ' WHERE Id=?'; - $values = array_map(function($field){return $this->{$field};}, $fields); + $sql = 'UPDATE '.$table.' SET '.implode(', ', array_map(function($field) {return '`'.$field.'`=?';}, $fields)).' WHERE Id=?'; + $values = array_map(function($field){ return $this->{$field};}, $fields); $values[] = $this->{'Id'}; if ( dbQuery($sql, $values) ) return true; } else { - $fields = $this->defaults; unset($fields['Id']); - $sql = 'INSERT INTO '.$table.' ('.implode(', ', array_map(function($field) {return '`'.$field.'`';}, array_keys($fields))).') VALUES ('.implode(', ', array_map(function($field){return '?';}, array_values($fields))).')'; - $values = array_map(function($field){return $this->{$field};}, array_keys($fields)); + $sql = 'INSERT INTO '.$table. + ' ('.implode(', ', array_map(function($field) {return '`'.$field.'`';}, $fields)). + ') VALUES ('. + implode(', ', array_map(function($field){return '?';}, $fields)).')'; + + $values = array_map(function($field){return $this->$field();}, $fields); if ( dbQuery($sql, $values) ) { $this->{'Id'} = dbInsertId(); return true; From b9b52c964ef8299d4dc3e745bb1160ad3076db7a Mon Sep 17 00:00:00 2001 From: Isaac Connor Date: Thu, 19 Sep 2019 14:56:16 -0400 Subject: [PATCH 580/922] Upgrade monitor saving and viewing --- web/includes/actions/monitor.php | 169 +++++++++-------- web/skins/classic/views/js/monitor.js | 4 + web/skins/classic/views/js/monitor.js.php | 62 +++--- web/skins/classic/views/monitor.php | 221 ++++++++++------------ 4 files changed, 217 insertions(+), 239 deletions(-) diff --git a/web/includes/actions/monitor.php b/web/includes/actions/monitor.php index 21dc33b40..b35eba8dc 100644 --- a/web/includes/actions/monitor.php +++ b/web/includes/actions/monitor.php @@ -28,17 +28,26 @@ if ( $action == 'monitor' ) { $mid = 0; if ( !empty($_REQUEST['mid']) ) { $mid = validInt($_REQUEST['mid']); - #if ( ZM_OPT_X10 ) { - #$x10Monitor = dbFetchOne('SELECT * FROM TriggersX10 WHERE MonitorId=?', NULL, array($mid)); - #if ( !$x10Monitor ) - #$x10Monitor = array(); - #} - #} else { + if ( ZM_OPT_X10 ) { + $x10Monitor = dbFetchOne('SELECT * FROM TriggersX10 WHERE MonitorId=?', NULL, array($mid)); + if ( !$x10Monitor ) + $x10Monitor = array(); + } + if ( !canEdit('Monitors',$mid) ) { + ZM\Warning('You do not have permission to edit this monitor'); + return; + } + } else { #$monitor = array(); - #if ( ZM_OPT_X10 ) { - #$x10Monitor = array(); - #} + if ( ZM_OPT_X10 ) { + $x10Monitor = array(); + } + if ( $user['MonitorIds'] ) { + ZM\Warning('You are restricted to certain monitors so cannot add a new one.'); + return; + } } + $monitor = new ZM\Monitor($mid); // Define a field type for anything that's not simple text equivalent @@ -47,11 +56,12 @@ if ( $action == 'monitor' ) { 'Controllable' => 'toggle', 'TrackMotion' => 'toggle', 'Enabled' => 'toggle', - 'DoNativeMotDet' => 'toggle', 'Exif' => 'toggle', 'RTSPDescribe' => 'toggle', 'RecordAudio' => 'toggle', 'Method' => 'raw', + 'GroupIds' => 'array', + 'LinkedMonitors' => 'set' ); if ( $_REQUEST['newMonitor']['ServerId'] == 'auto' ) { @@ -64,9 +74,8 @@ if ( $action == 'monitor' ) { } } - $changes = $monitor->changes($_REQUEST['newMonitor']); -ZM\Logger::Debug("Changes:". print_r($changes,true)); -#ZM\Logger::Debug("newMonitor:". print_r($_REQUEST['newMonitor'],true)); + $changes = $monitor->changes($_REQUEST['newMonitor'], $types); + $restart = false; if ( count($changes) ) { if ( $mid ) { @@ -76,73 +85,75 @@ ZM\Logger::Debug("Changes:". print_r($changes,true)); $monitor->zmaControl('stop'); $monitor->zmcControl('stop'); } - $monitor->save($changes); + if ( $monitor->save($changes) ) { - // Groups will be added below - if ( isset($changes['Name']) or isset($changes['StorageId']) ) { - // creating symlinks when symlink already exists reports errors, but is perfectly ok - error_reporting(0); + // Groups will be added below + if ( isset($changes['Name']) or isset($changes['StorageId']) ) { + // creating symlinks when symlink already exists reports errors, but is perfectly ok + error_reporting(0); - $OldStorage = $monitor->StorageId(); - $saferOldName = basename($monitor->Name()); - if ( file_exists($OldStorage->Path().'/'.$saferOldName) ) - unlink($OldStorage->Path().'/'.$saferOldName); + $OldStorage = $monitor->StorageId(); + $saferOldName = basename($monitor->Name()); + if ( file_exists($OldStorage->Path().'/'.$saferOldName) ) + unlink($OldStorage->Path().'/'.$saferOldName); - $NewStorage = new ZM\Storage($_REQUEST['newMonitor']['StorageId']); - if ( !file_exists($NewStorage->Path().'/'.$mid) ) { - if ( !mkdir($NewStorage->Path().'/'.$mid, 0755) ) { - ZM\Error('Unable to mkdir ' . $NewStorage->Path().'/'.$mid); + $NewStorage = new ZM\Storage($_REQUEST['newMonitor']['StorageId']); + if ( !file_exists($NewStorage->Path().'/'.$mid) ) { + if ( !mkdir($NewStorage->Path().'/'.$mid, 0755) ) { + ZM\Error('Unable to mkdir ' . $NewStorage->Path().'/'.$mid); + } } - } - $saferNewName = basename($_REQUEST['newMonitor']['Name']); - $link_path = $NewStorage->Path().'/'.$saferNewName; - if ( !symlink($NewStorage->Path().'/'.$mid, $link_path) ) { - if ( ! ( file_exists($link_path) and is_link($link_path) ) ) { - ZM\Warning('Unable to symlink ' . $NewStorage->Path().'/'.$mid . ' to ' . $NewStorage->Path().'/'.$saferNewName); - } - } - } - if ( isset($changes['Width']) || isset($changes['Height']) ) { - $newW = $_REQUEST['newMonitor']['Width']; - $newH = $_REQUEST['newMonitor']['Height']; - $newA = $newW * $newH; - $oldW = $monitor['Width']; - $oldH = $monitor['Height']; - $oldA = $oldW * $oldH; - - $zones = dbFetchAll('SELECT * FROM Zones WHERE MonitorId=?', NULL, array($mid)); - foreach ( $zones as $zone ) { - $newZone = $zone; - $points = coordsToPoints($zone['Coords']); - for ( $i = 0; $i < count($points); $i++ ) { - $points[$i]['x'] = intval(($points[$i]['x']*($newW-1))/($oldW-1)); - $points[$i]['y'] = intval(($points[$i]['y']*($newH-1))/($oldH-1)); + $saferNewName = basename($_REQUEST['newMonitor']['Name']); + $link_path = $NewStorage->Path().'/'.$saferNewName; + if ( !symlink($NewStorage->Path().'/'.$mid, $link_path) ) { + if ( ! ( file_exists($link_path) and is_link($link_path) ) ) { + ZM\Warning('Unable to symlink ' . $NewStorage->Path().'/'.$mid . ' to ' . $NewStorage->Path().'/'.$saferNewName); + } } - $newZone['Coords'] = pointsToCoords($points); - $newZone['Area'] = intval(round(($zone['Area']*$newA)/$oldA)); - $newZone['MinAlarmPixels'] = intval(round(($newZone['MinAlarmPixels']*$newA)/$oldA)); - $newZone['MaxAlarmPixels'] = intval(round(($newZone['MaxAlarmPixels']*$newA)/$oldA)); - $newZone['MinFilterPixels'] = intval(round(($newZone['MinFilterPixels']*$newA)/$oldA)); - $newZone['MaxFilterPixels'] = intval(round(($newZone['MaxFilterPixels']*$newA)/$oldA)); - $newZone['MinBlobPixels'] = intval(round(($newZone['MinBlobPixels']*$newA)/$oldA)); - $newZone['MaxBlobPixels'] = intval(round(($newZone['MaxBlobPixels']*$newA)/$oldA)); + } // end if Name or Storage Area Change - $changes = getFormChanges($zone, $newZone, $types); + if ( isset($changes['Width']) || isset($changes['Height']) ) { + $newW = $_REQUEST['newMonitor']['Width']; + $newH = $_REQUEST['newMonitor']['Height']; + $newA = $newW * $newH; + $oldW = $monitor['Width']; + $oldH = $monitor['Height']; + $oldA = $oldW * $oldH; - if ( count($changes) ) { - dbQuery('UPDATE Zones SET '.implode(', ', $changes).' WHERE MonitorId=? AND Id=?', - array($mid, $zone['Id'])); - } - } // end foreach zone - } // end if width and height + $zones = dbFetchAll('SELECT * FROM Zones WHERE MonitorId=?', NULL, array($mid)); + foreach ( $zones as $zone ) { + $newZone = $zone; + $points = coordsToPoints($zone['Coords']); + for ( $i = 0; $i < count($points); $i++ ) { + $points[$i]['x'] = intval(($points[$i]['x']*($newW-1))/($oldW-1)); + $points[$i]['y'] = intval(($points[$i]['y']*($newH-1))/($oldH-1)); + } + $newZone['Coords'] = pointsToCoords($points); + $newZone['Area'] = intval(round(($zone['Area']*$newA)/$oldA)); + $newZone['MinAlarmPixels'] = intval(round(($newZone['MinAlarmPixels']*$newA)/$oldA)); + $newZone['MaxAlarmPixels'] = intval(round(($newZone['MaxAlarmPixels']*$newA)/$oldA)); + $newZone['MinFilterPixels'] = intval(round(($newZone['MinFilterPixels']*$newA)/$oldA)); + $newZone['MaxFilterPixels'] = intval(round(($newZone['MaxFilterPixels']*$newA)/$oldA)); + $newZone['MinBlobPixels'] = intval(round(($newZone['MinBlobPixels']*$newA)/$oldA)); + $newZone['MaxBlobPixels'] = intval(round(($newZone['MaxBlobPixels']*$newA)/$oldA)); + + $changes = getFormChanges($zone, $newZone, $types); + + if ( count($changes) ) { + dbQuery('UPDATE Zones SET '.implode(', ', $changes).' WHERE MonitorId=? AND Id=?', + array($mid, $zone['Id'])); + } + } // end foreach zone + } // end if width and height + } // end if successful save $restart = true; - } else if ( ! $user['MonitorIds'] ) { + } else { // new monitor // Can only create new monitors if we are not restricted to specific monitors # FIXME This is actually a race condition. Should lock the table. $maxSeq = dbFetchOne('SELECT MAX(Sequence) AS MaxSequence FROM Monitors', 'MaxSequence'); $changes['Sequence'] = $maxSeq+1; - if ( !$monitor->save($changes) ) { + if ( $monitor->save($changes) ) { $mid = $monitor->Id(); $zoneArea = $_REQUEST['newMonitor']['Width'] * $_REQUEST['newMonitor']['Height']; dbQuery("INSERT INTO Zones SET MonitorId = ?, Name = 'All', Type = 'Active', Units = 'Percent', NumCoords = 4, Coords = ?, Area=?, AlarmRGB = 0xff0000, CheckMethod = 'Blobs', MinPixelThreshold = 25, MinAlarmPixels=?, MaxAlarmPixels=?, FilterX = 3, FilterY = 3, MinFilterPixels=?, MaxFilterPixels=?, MinBlobPixels=?, MinBlobs = 1", array( $mid, sprintf( "%d,%d %d,%d %d,%d %d,%d", 0, 0, $_REQUEST['newMonitor']['Width']-1, 0, $_REQUEST['newMonitor']['Width']-1, $_REQUEST['newMonitor']['Height']-1, 0, $_REQUEST['newMonitor']['Height']-1 ), $zoneArea, intval(($zoneArea*3)/100), intval(($zoneArea*75)/100), intval(($zoneArea*3)/100), intval(($zoneArea*75)/100), intval(($zoneArea*2)/100) ) ); @@ -157,9 +168,6 @@ ZM\Logger::Debug("Changes:". print_r($changes,true)); $error_message = dbError($sql); return; } - } else { - ZM\Error('Users with Monitors restrictions cannot create new monitors.'); - return; } $restart = true; @@ -167,20 +175,15 @@ ZM\Logger::Debug("Changes:". print_r($changes,true)); ZM\Logger::Debug('No action due to no changes to Monitor'); } # end if count(changes) - if ( - ( !isset($_POST['newMonitor']['GroupIds']) ) - or - ( count($_POST['newMonitor']['GroupIds']) != count($monitor->GroupIds()) ) - or - array_diff($_POST['newMonitor']['GroupIds'], $monitor->GroupIds()) - ) { - if ( $monitor->Id() ) - dbQuery('DELETE FROM Groups_Monitors WHERE MonitorId=?', array($mid)); + if ( !$mid ) { + ZM\Error("We should have a mid by now. Something went wrong."); + return; + } - if ( isset($_POST['newMonitor']['GroupIds']) ) { - foreach ( $_POST['newMonitor']['GroupIds'] as $group_id ) { - dbQuery('INSERT INTO Groups_Monitors (GroupId,MonitorId) VALUES (?,?)', array($group_id, $mid)); - } + if ( isset($changes['GroupIds']) ) { + dbQuery('DELETE FROM Groups_Monitors WHERE MonitorId=?', array($mid)); + foreach ( $changes['GroupIds'] as $group_id ) { + dbQuery('INSERT INTO Groups_Monitors (GroupId, MonitorId) VALUES (?,?)', array($group_id, $mid)); } } // end if there has been a change of groups diff --git a/web/skins/classic/views/js/monitor.js b/web/skins/classic/views/js/monitor.js index 96c2061f9..e853c89fe 100644 --- a/web/skins/classic/views/js/monitor.js +++ b/web/skins/classic/views/js/monitor.js @@ -127,6 +127,10 @@ function initPage() { document.querySelectorAll('select[name="dimensions_select"]').forEach(function(el) { el.onchange = window['updateMonitorDimensions'].bind(el, el); }); + document.querySelectorAll('select[name="newMonitor[ControlId]"]').forEach(function(el) { + el.onchange = window['loadLocations'].bind(el, el); + }); + $j('.chosen').chosen(); } // end function initPage() diff --git a/web/skins/classic/views/js/monitor.js.php b/web/skins/classic/views/js/monitor.js.php index 6bb6f73ff..c0483d812 100644 --- a/web/skins/classic/views/js/monitor.js.php +++ b/web/skins/classic/views/js/monitor.js.php @@ -70,6 +70,11 @@ function validateForm( form ) { errors[errors.length] = ""; //if ( !form.elements['newMonitor[Path]'].value ) //errors[errors.length] = ""; + } else if ( form.elements['newMonitor[Type]'].value == 'Ffmpeg' ) { + if ( !form.elements['newMonitor[Path]'].value ) +//|| !form.elements['newMonitor[Path]'].value.match( /^\d+$/ ) ) // valid url + errors[errors.length] = ""; + } else if ( form.elements['newMonitor[Type]'].value == 'File' ) { if ( !form.elements['newMonitor[Path]'].value ) errors[errors.length] = ""; @@ -132,22 +137,13 @@ function validateForm( form ) { } if ( errors.length ) { - alert( errors.join( "\n" ) ); + alert(errors.join("\n")); return false; } return true; } -function updateLinkedMonitors( element ) { - var form = element.form; - var monitorIds = new Array(); - for ( var i = 0; i < element.options.length; i++ ) - if ( element.options[i].selected ) - monitorIds[monitorIds.length] = element.options[i].value; - form.elements['newMonitor[LinkedMonitors]'].value = monitorIds.join( ',' ); -} - -function updateMethods( element ) { +function updateMethods(element) { var form = element.form; var origMethod = form.elements['origMethod']; @@ -155,31 +151,27 @@ function updateMethods( element ) { methodSelector.options.length = 0; switch ( element.value ) { case 'http' : - { - $label ) { - ?> - methodSelector.options[methodSelector.options.length] = new Option( "", "" ); - if ( origMethod.value == "" ) - methodSelector.selectedIndex = methodSelector.options.length-1; - + $label ) { + ?> + methodSelector.options[methodSelector.options.length] = new Option("", ""); + if ( origMethod.value == "" ) + methodSelector.selectedIndex = methodSelector.options.length-1; + break; - } case 'rtsp' : - { - $label ) { - ?> - methodSelector.options[methodSelector.options.length] = new Option( "", "" ); - if ( origMethod.value == "" ) - methodSelector.selectedIndex = form.elements['newMonitor[Method]'].options.length-1; - - break; - } + $label ) { + ?> + methodSelector.options[methodSelector.options.length] = new Option( "", "" ); + if ( origMethod.value == "" ) + methodSelector.selectedIndex = form.elements['newMonitor[Method]'].options.length-1; + + break; } - return( true ); + return true; } diff --git a/web/skins/classic/views/monitor.php b/web/skins/classic/views/monitor.php index 832e673ce..e2ec46f17 100644 --- a/web/skins/classic/views/monitor.php +++ b/web/skins/classic/views/monitor.php @@ -35,12 +35,12 @@ if ( !$Server ) { } $monitor = null; -if ( ! empty($_REQUEST['mid']) ) { - $monitor = new ZM\Monitor( $_REQUEST['mid'] ); +if ( !empty($_REQUEST['mid']) ) { + $monitor = new ZM\Monitor($_REQUEST['mid']); if ( $monitor and ZM_OPT_X10 ) $x10Monitor = dbFetchOne('SELECT * FROM TriggersX10 WHERE MonitorId = ?', NULL, array($_REQUEST['mid'])); } -if ( ! $monitor ) { +if ( !$monitor ) { $nextId = getTableAutoInc('Monitors'); if ( isset($_REQUEST['dupId']) ) { @@ -49,86 +49,11 @@ if ( ! $monitor ) { if ( ZM_OPT_X10 ) $x10Monitor = dbFetchOne('SELECT * FROM TriggersX10 WHERE MonitorId = ?', NULL, array($_REQUEST['dupId'])); $clonedName = $monitor->Name(); - $monitor->Name(translate('Monitor').'-'.$nextId); $monitor->Id(0); } else { $monitor = new ZM\Monitor(); - $monitor->set( array( - 'Id' => 0, - 'Name' => translate('Monitor').'-'.$nextId, - 'Function' => 'Mocord', - 'Enabled' => true, - 'LinkedMonitors' => '', - 'Type' => 'Ffmpeg', - 'Device' => '/dev/video0', - 'Channel' => '0', - 'Format' => 0x000000ff, - 'Protocol' => '', - 'Method' => '', - 'Host' => '', - 'Path' => '', - 'Options' => '', - 'Port' => '80', - 'User' => '', - 'Pass' => '', - 'Colours' => 4, - 'Palette' => 0, - 'Width' => '', - 'Height' => '', - 'Orientation' => '0', - 'Deinterlacing' => 0, - 'RTSPDescribe' => 0, - 'SaveJPEGs' => '0', - 'VideoWriter' => '1', - 'EncoderParameters' => "# Lines beginning with # are a comment \n# For changing quality, use the crf option\n# 1 is best, 51 is worst quality\n#crf=23\n", - 'RecordAudio' => '0', - 'LabelFormat' => '%N - %d/%m/%y %H:%M:%S', - 'LabelX' => 0, - 'LabelY' => 0, - 'LabelSize' => 1, - 'ImageBufferCount' => 20, - 'WarmupCount' => 0, - 'PreEventCount' => 0, - 'PostEventCount' => 5, - 'StreamReplayBuffer' => 0, - 'AlarmFrameCount' => 1, - 'Controllable' => 0, - 'ControlId' => '', - 'ControlType' => 0, - 'ControlDevice' => '', - 'ControlAddress' => '', - 'AutoStopTimeout' => '', - 'TrackMotion' => 0, - 'TrackDelay' => '', - 'ReturnLocation' => -1, - 'ReturnDelay' => '', - 'SectionLength' => 600, - 'MinSectionLength' => 10, - 'FrameSkip' => 0, - 'MotionFrameSkip' => 0, - 'EventPrefix' => 'Event-', - 'AnalysisFPSLimit' => '', - 'AnalysisUpdateDelay' => 0, - 'MaxFPS' => null, - 'AlarmMaxFPS' => null, - 'FPSReportInterval' => 100, - 'RefBlendPerc' => 6, - 'AlarmRefBlendPerc' => 6, - 'DefaultRate' => '100', - 'DefaultScale' => '100', - 'DefaultCodec' => 'auto', - 'SignalCheckPoints' => '10', - 'SignalCheckColour' => '#0000c0', - 'WebColour' => 'red', - 'Exif' => '0', - 'Triggers' => '', - 'V4LMultiBuffer' => '', - 'V4LCapturesPerFrame' => 1, - 'ServerId' => 'auto', - 'StorageId' => '1', - 'Refresh' => '', - ) ); - } # end if $_REQUEST['dupID'] + } # end if $_REQUEST['dupID'] + $monitor->Name(translate('Monitor').'-'.$nextId); } # end if $_REQUEST['mid'] if ( ZM_OPT_X10 && empty($x10Monitor) ) { @@ -150,8 +75,6 @@ if ( isset($_REQUEST['newMonitor']) ) { if ( ZM_OPT_X10 ) $newX10Monitor = $_REQUEST['newX10Monitor']; } else { - # FIXME: Triggers in the db is a comma separated string. Needs to be an array. - #$monitor->Triggers()= explode( ',', isset($monitor->Triggers())?$monitor->Triggers:"" ); if ( ZM_OPT_X10 ) $newX10Monitor = $x10Monitor; } @@ -168,8 +91,9 @@ if ( !empty($_REQUEST['preset']) ) { $preset = dbFetchOne( 'SELECT Type, Device, Channel, Format, Protocol, Method, Host, Port, Path, Width, Height, Palette, MaxFPS, Controllable, ControlId, ControlDevice, ControlAddress, DefaultRate, DefaultScale FROM MonitorPresets WHERE Id = ?', NULL, array($_REQUEST['preset']) ); foreach ( $preset as $name=>$value ) { # Does isset handle NULL's? I don't think this code is correct. + # Icon: It does, but this means we can't set a null value. if ( isset($value) ) { - $monitor->$name = $value; + $monitor->$name($value); } } } # end if preset @@ -530,7 +454,6 @@ foreach ( $tabs as $name=>$value ) { - Name()) ?>"/> + GroupIds() as $group_id ) { echo ''; @@ -552,8 +476,8 @@ echo ' Triggers() ) { - foreach( explode(',', $monitor->Triggers()) as $newTrigger ) { + if ( '' !== $monitor->Triggers() ) { + foreach ( explode(',', $monitor->Triggers()) as $newTrigger ) { ?> -
- + + + + + - + + + + - - + + + + + + + + - + + + + + + Type != 'WebSite' ) { + if ( $monitor->Type() != 'WebSite' ) { ?> - - - - - + + + + + + + + + + + + + + + + + + + + + + + translate('None'), '0' => translate('Home'), - '1' => translate('Preset')." 1", + '1' => translate('Preset').' 1', ); ?> - - - + + + + + + + + + + + + Date: Thu, 19 Sep 2019 14:56:34 -0400 Subject: [PATCH 581/922] fix error printing --- web/includes/database.php | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/web/includes/database.php b/web/includes/database.php index 5ec54f163..e705163c1 100644 --- a/web/includes/database.php +++ b/web/includes/database.php @@ -135,7 +135,7 @@ function dbQuery($sql, $params=NULL) { } if ( ! $result->execute($params) ) { - ZM\Error("SQL: Error executing $sql: " . implode(',', $result->errorInfo())); + ZM\Error("SQL: Error executing $sql: " . print_r($result->errorInfo(), true)); return NULL; } } else { From 14e625b775f1f600a5d2277672621c53df6e6df5 Mon Sep 17 00:00:00 2001 From: Isaac Connor Date: Thu, 19 Sep 2019 14:56:55 -0400 Subject: [PATCH 582/922] Set width of dimensions --- web/skins/classic/css/base/views/monitor.css | 5 +++++ 1 file changed, 5 insertions(+) diff --git a/web/skins/classic/css/base/views/monitor.css b/web/skins/classic/css/base/views/monitor.css index aa9ce1c26..2998810cc 100644 --- a/web/skins/classic/css/base/views/monitor.css +++ b/web/skins/classic/css/base/views/monitor.css @@ -8,3 +8,8 @@ .SourcePath input { width: 100%; } + +input[name="newMonitor[Width]"], +input[name="newMonitor[Height]"] { + width: 80px; +} From 2da9edf0ff13af8e8c2de6704b6d30d1aed118ee Mon Sep 17 00:00:00 2001 From: Isaac Connor Date: Thu, 19 Sep 2019 14:57:17 -0400 Subject: [PATCH 583/922] add onchange to scale --- web/skins/classic/views/js/watch.js | 3 +++ web/skins/classic/views/watch.php | 30 +++++++++++++---------------- 2 files changed, 16 insertions(+), 17 deletions(-) diff --git a/web/skins/classic/views/js/watch.js b/web/skins/classic/views/js/watch.js index eceb994cc..76cf6c9a5 100644 --- a/web/skins/classic/views/js/watch.js +++ b/web/skins/classic/views/js/watch.js @@ -792,6 +792,9 @@ function initPage() { if ( window.history.length == 1 ) { $j('#closeControl').html(''); } + document.querySelectorAll('select[name="scale"]').forEach(function (el) { + el.onchange = window['changeScale']; + }); } else if ( monitorRefresh > 0 ) { setInterval(reloadWebSite, monitorRefresh*1000); } diff --git a/web/skins/classic/views/watch.php b/web/skins/classic/views/watch.php index 4d2fa93d5..82e16645d 100644 --- a/web/skins/classic/views/watch.php +++ b/web/skins/classic/views/watch.php @@ -25,7 +25,7 @@ if ( !canView('Stream') ) { return; } -if ( ! isset($_REQUEST['mid']) ) { +if ( !isset($_REQUEST['mid']) ) { $view = 'error'; return; } @@ -58,7 +58,7 @@ noCacheHeaders(); $popup = ((isset($_REQUEST['popup'])) && ($_REQUEST['popup'] == 1)); -xhtmlHeaders( __FILE__, $monitor->Name().' - '.translate('Feed') ); +xhtmlHeaders(__FILE__, $monitor->Name().' - '.translate('Feed')); ?>
@@ -69,11 +69,11 @@ xhtmlHeaders( __FILE__, $monitor->Name().' - '.translate('Feed') ); Type() == 'Local' ) { ?> -
Id(), 'zmSettings'.$monitor->Id(), 'settings', translate('Settings'), true, 'id="settingsLink"' ) ?>
+
Id(), 'zmSettings'.$monitor->Id(), 'settings', translate('Settings'), true, 'id="settingsLink"') ?>
-
:
+
:
@@ -89,25 +89,21 @@ if ( $streamMode == 'jpeg' ) { echo 'title="Click to zoom, shift click to pan, ctrl click to zoom out"'; } ?> ->$scale) ); ?> +>$scale)); ?> Type() != 'WebSite' ) { ?>
- - + +
-
- - + +
Type() != 'WebSite' ?>
- +
Date: Thu, 19 Sep 2019 14:57:21 -0400 Subject: [PATCH 584/922] add onchange to scale --- web/skins/classic/views/js/watch.js.php | 8 +++++--- 1 file changed, 5 insertions(+), 3 deletions(-) diff --git a/web/skins/classic/views/js/watch.js.php b/web/skins/classic/views/js/watch.js.php index 15a43a6ce..762223dab 100644 --- a/web/skins/classic/views/js/watch.js.php +++ b/web/skins/classic/views/js/watch.js.php @@ -63,11 +63,13 @@ var canStreamNative = ; var canPlayPauseAudio = Browser.ie; -CanMoveMap() ) { ?> +Control(); + if ( $control->CanMoveMap() ) { ?> var imageControlMode = "moveMap"; -CanMoveRel() ) { ?> +CanMoveRel() ) { ?> var imageControlMode = "movePseudoMap"; -CanMoveCon() ) { ?> +CanMoveCon() ) { ?> var imageControlMode = "moveConMap"; var imageControlMode = null; From 1539e34204dda17356d7eadacabc29b90ecec4ce Mon Sep 17 00:00:00 2001 From: Isaac Connor Date: Thu, 19 Sep 2019 14:57:28 -0400 Subject: [PATCH 585/922] spacing --- web/includes/functions.php | 18 +++++++++--------- 1 file changed, 9 insertions(+), 9 deletions(-) diff --git a/web/includes/functions.php b/web/includes/functions.php index 7f5e32aaa..2a5529c96 100644 --- a/web/includes/functions.php +++ b/web/includes/functions.php @@ -2226,27 +2226,27 @@ function requestVar( $name, $default='' ) { } // For numbers etc in javascript or tags etc -function validInt( $input ) { - return( preg_replace( '/\D/', '', $input ) ); +function validInt($input) { + return preg_replace('/\D/', '', $input); } function validNum( $input ) { - return( preg_replace( '/[^\d.-]/', '', $input ) ); + return preg_replace('/[^\d.-]/', '', $input); } // For general strings -function validStr( $input ) { - return( strip_tags( $input ) ); +function validStr($input) { + return strip_tags($input); } // For strings in javascript or tags etc, expected to be in quotes so further quotes escaped rather than converted -function validJsStr( $input ) { - return( strip_tags( addslashes( $input ) ) ); +function validJsStr($input) { + return strip_tags(addslashes($input)); } // For general text in pages outside of tags or quotes so quotes converted to entities -function validHtmlStr( $input ) { - return( htmlspecialchars( $input, ENT_QUOTES ) ); +function validHtmlStr($input) { + return htmlspecialchars($input, ENT_QUOTES); } function getStreamHTML($monitor, $options = array()) { From d4435368bc420564d395cb4980c3ad0d3f1c5e6e Mon Sep 17 00:00:00 2001 From: Isaac Connor Date: Thu, 19 Sep 2019 14:57:48 -0400 Subject: [PATCH 586/922] fix spacing between presets and home/set --- web/skins/classic/css/base/views/control.css | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/web/skins/classic/css/base/views/control.css b/web/skins/classic/css/base/views/control.css index 2c9faf455..396af71eb 100644 --- a/web/skins/classic/css/base/views/control.css +++ b/web/skins/classic/css/base/views/control.css @@ -141,7 +141,7 @@ margin: 5px auto; } -.ptzControls .presetControls { +.ptzControls .presetControls div { margin: 5px auto; } From 0a0bb1b3263d13644d60e2d5e4aa91b2ef8dcc8b Mon Sep 17 00:00:00 2001 From: Isaac Connor Date: Thu, 19 Sep 2019 16:24:05 -0400 Subject: [PATCH 587/922] Update Frame and Server Objects to use common methods --- web/includes/Filter.php | 1 + web/includes/Frame.php | 95 ++++------------------------- web/includes/Server.php | 130 ++++------------------------------------ 3 files changed, 25 insertions(+), 201 deletions(-) diff --git a/web/includes/Filter.php b/web/includes/Filter.php index 3835b0ccb..fa7c41bff 100644 --- a/web/includes/Filter.php +++ b/web/includes/Filter.php @@ -167,6 +167,7 @@ class Filter extends ZM_Object { } # end if local or remote } # end foreach erver } # end function control + public function execute() { $command = ZM_PATH_BIN.'/zmfilter.pl --filter_id='.escapeshellarg($this->Id()); $result = exec($command, $output, $status); diff --git a/web/includes/Frame.php b/web/includes/Frame.php index 470cc8ffc..f472a38e6 100644 --- a/web/includes/Frame.php +++ b/web/includes/Frame.php @@ -1,33 +1,19 @@ $v) { - $this->{$k} = $v; - } - } else { - Error("No row for Frame " . $IdOrRow ); - } - } # end if isset($IdOrRow) - } // end function __construct + public static function find( $parameters = array(), $options = array() ) { + return ZM_Object::_find(get_class(), $parameters, $options); + } + + public static function find_one( $parameters = array(), $options = array() ) { + return ZM_Object::_find_one(get_class(), $parameters, $options); + } public function Storage() { return $this->Event()->Storage(); @@ -36,66 +22,11 @@ class Frame { public function Event() { return new Event( $this->{'EventId'} ); } - public function __call( $fn, array $args){ - if ( count( $args ) ) { - $this->{$fn} = $args[0]; - } - if ( array_key_exists( $fn, $this ) ) { - return $this->{$fn}; - - $backTrace = debug_backtrace(); - $file = $backTrace[1]['file']; - $line = $backTrace[1]['line']; - Warning( "Unknown function call Frame->$fn from $file:$line" ); - } - } public function getImageSrc( $show='capture' ) { return '?view=image&fid='.$this->{'FrameId'}.'&eid='.$this->{'EventId'}.'&show='.$show; #return '?view=image&fid='.$this->{'Id'}.'&show='.$show.'&filename='.$this->Event()->MonitorId().'_'.$this->{'EventId'}.'_'.$this->{'FrameId'}.'.jpg'; } // end function getImageSrc - public static function find( $parameters = array(), $options = NULL ) { - $sql = 'SELECT * FROM Frames'; - $values = array(); - if ( sizeof($parameters) ) { - $sql .= ' WHERE ' . implode( ' AND ', array_map( - function($v){ return $v.'=?'; }, - array_keys( $parameters ) - ) ); - $values = array_values( $parameters ); - } - if ( $options ) { - if ( isset($options['order']) ) { - $sql .= ' ORDER BY ' . $options['order']; - } - if ( isset($options['limit']) ) { - if ( is_integer($options['limit']) or ctype_digit($options['limit']) ) { - $sql .= ' LIMIT ' . $options['limit']; - } else { - $backTrace = debug_backtrace(); - $file = $backTrace[1]['file']; - $line = $backTrace[1]['line']; - Error("Invalid value for limit(".$options['limit'].") passed to Frame::find from $file:$line"); - return array(); - } - } - } - - $results = dbFetchAll($sql, NULL, $values); - if ( $results ) { - return array_map( function($id){ return new Frame($id); }, $results ); - } - return array(); - } - - public static function find_one( $parameters = array(), $options = null ) { - $options['limit'] = 1; - $results = Frame::find($parameters, $options); - if ( ! sizeof($results) ) { - return; - } - return $results[0]; - } -} # end class +} # end class Frame ?> diff --git a/web/includes/Server.php b/web/includes/Server.php index 2f9d038a9..f4d2fa3cd 100644 --- a/web/includes/Server.php +++ b/web/includes/Server.php @@ -1,12 +1,13 @@ null, 'Name' => '', 'Protocol' => '', @@ -21,28 +22,12 @@ class Server { 'zmeventnotification' => 0, ); - public function __construct($IdOrRow = NULL) { - global $server_cache; - $row = NULL; - if ( $IdOrRow ) { - if ( is_integer($IdOrRow) or ctype_digit($IdOrRow) ) { - $row = dbFetchOne('SELECT * FROM Servers WHERE Id=?', NULL, array($IdOrRow)); - if ( !$row ) { - Error('Unable to load Server record for Id='.$IdOrRow); - } - } elseif ( is_array($IdOrRow) ) { - $row = $IdOrRow; - } - } # end if isset($IdOrRow) - if ( $row ) { - foreach ($row as $k => $v) { - $this->{$k} = $v; - } - $server_cache[$row['Id']] = $this; - } else { - # Set defaults - foreach ( $this->defaults as $k => $v ) $this->{$k} = $v; - } + public static function find( $parameters = array(), $options = array() ) { + return ZM_Object::_find(get_class(), $parameters, $options); + } + + public static function find_one( $parameters = array(), $options = array() ) { + return ZM_Object::_find_one(get_class(), $parameters, $options); } public function Hostname( $new = null ) { @@ -144,98 +129,5 @@ class Server { } return '/zm/api'; } - - public function __call($fn, array $args){ - if ( count($args) ) { - $this->{$fn} = $args[0]; - } - if ( array_key_exists($fn, $this) ) { - return $this->{$fn}; - } else { - if ( array_key_exists($fn, $this->defaults) ) { - return $this->defaults{$fn}; - } else { - $backTrace = debug_backtrace(); - $file = $backTrace[1]['file']; - $line = $backTrace[1]['line']; - Warning("Unknown function call Server->$fn from $file:$line"); - } - } - } - public static function find( $parameters = null, $options = null ) { - $filters = array(); - $sql = 'SELECT * FROM Servers '; - $values = array(); - - if ( $parameters ) { - $fields = array(); - $sql .= 'WHERE '; - foreach ( $parameters as $field => $value ) { - if ( $value == null ) { - $fields[] = $field.' IS NULL'; - } else if ( is_array( $value ) ) { - $func = function(){return '?';}; - $fields[] = $field.' IN ('.implode(',', array_map( $func, $value ) ). ')'; - $values += $value; - - } else { - $fields[] = $field.'=?'; - $values[] = $value; - } - } - $sql .= implode(' AND ', $fields ); - } - if ( $options ) { - if ( isset($options['order']) ) { - $sql .= ' ORDER BY ' . $options['order']; - } - if ( isset($options['limit']) ) { - if ( is_integer($options['limit']) or ctype_digit($options['limit']) ) { - $sql .= ' LIMIT ' . $options['limit']; - } else { - $backTrace = debug_backtrace(); - $file = $backTrace[1]['file']; - $line = $backTrace[1]['line']; - Error("Invalid value for limit(".$options['limit'].") passed to Server::find from $file:$line"); - return array(); - } - } - } - $results = dbFetchAll( $sql, NULL, $values ); - if ( $results ) { - return array_map(function($id){ return new Server($id); }, $results); - } - return array(); - } - - public static function find_one( $parameters = array() ) { - global $server_cache; - if ( - ( count($parameters) == 1 ) and - isset($parameters['Id']) and - isset($server_cache[$parameters['Id']]) ) { - return $server_cache[$parameters['Id']]; - } - $results = Server::find( $parameters, array('limit'=>1) ); - if ( ! sizeof($results) ) { - return; - } - return $results[0]; - } - - public function to_json() { - $json = array(); - foreach ($this->defaults as $key => $value) { - if ( is_callable(array($this, $key)) ) { - $json[$key] = $this->$key(); - } else if ( array_key_exists($key, $this) ) { - $json[$key] = $this->{$key}; - } else { - $json[$key] = $this->defaults{$key}; - } - } - return json_encode($json); - } - } # end class Server ?> From 09533c19af066ed5d77b460d5863238ef730e263 Mon Sep 17 00:00:00 2001 From: Isaac Connor Date: Fri, 20 Sep 2019 08:19:44 -0400 Subject: [PATCH 588/922] Fix %d to %s --- src/zmc.cpp | 4 ++-- 1 file changed, 2 insertions(+), 2 deletions(-) diff --git a/src/zmc.cpp b/src/zmc.cpp index 65a8d3e12..ad9dea406 100644 --- a/src/zmc.cpp +++ b/src/zmc.cpp @@ -249,7 +249,7 @@ int main(int argc, char *argv[]) { if ( mysql_query(&dbconn, sql) ) { Error("Can't run query: %s", mysql_error(&dbconn)); } - } // end foreach monitor + } // end foreach monitor // Outer primary loop, handles connection to camera if ( monitors[0]->PrimeCapture() < 0 ) { @@ -306,7 +306,7 @@ int main(int argc, char *argv[]) { if ( next_delays[i] <= min_delay || next_delays[i] <= 0 ) { if ( monitors[i]->PreCapture() < 0 ) { - Error("Failed to pre-capture monitor %d %d (%d/%d)", + Error("Failed to pre-capture monitor %d %s (%d/%d)", monitors[i]->Id(), monitors[i]->Name(), i+1, n_monitors); monitors[i]->Close(); result = -1; From ce37fce99c028e0be0d54aa62ee79a0cf5b4444e Mon Sep 17 00:00:00 2001 From: Isaac Connor Date: Fri, 20 Sep 2019 08:19:57 -0400 Subject: [PATCH 589/922] spacing --- src/zm_remote_camera_http.cpp | 6 +++--- 1 file changed, 3 insertions(+), 3 deletions(-) diff --git a/src/zm_remote_camera_http.cpp b/src/zm_remote_camera_http.cpp index 53ca71be2..96c3707ff 100644 --- a/src/zm_remote_camera_http.cpp +++ b/src/zm_remote_camera_http.cpp @@ -1068,12 +1068,12 @@ int RemoteCameraHttp::PreCapture() { } if ( mode == SINGLE_IMAGE ) { if ( SendRequest() < 0 ) { - Error( "Unable to send request" ); + Error("Unable to send request"); Disconnect(); - return( -1 ); + return -1; } } - return( 0 ); + return 0; } int RemoteCameraHttp::Capture( Image &image ) { From 308236b4ad0b41a0e68f34a68f483083f6a79c39 Mon Sep 17 00:00:00 2001 From: Isaac Connor Date: Fri, 20 Sep 2019 10:35:39 -0400 Subject: [PATCH 590/922] Fix sending ptz controls --- web/includes/control_functions.php | 201 +++++++++++++++-------------- 1 file changed, 103 insertions(+), 98 deletions(-) diff --git a/web/includes/control_functions.php b/web/includes/control_functions.php index 5573db5a5..38e2835ea 100644 --- a/web/includes/control_functions.php +++ b/web/includes/control_functions.php @@ -1,13 +1,14 @@ Control(); if ( isset($_REQUEST['xge']) || isset($_REQUEST['yge']) ) { $slow = 0.9; // Threshold for slow speed/timeouts $turbo = 0.9; // Threshold for turbo speed - if ( preg_match( '/^([a-z]+)([A-Z][a-z]+)([A-Za-z]+)+$/', $_REQUEST['control'], $matches ) ) { + if ( preg_match('/^([a-z]+)([A-Z][a-z]+)([A-Za-z]+)+$/', $_REQUEST['control'], $matches) ) { $command = $matches[1]; $mode = $matches[2]; $dirn = $matches[3]; @@ -16,22 +17,22 @@ function buildControlCommand( $monitor ) { case 'focus' : { $factor = $_REQUEST['yge']/100; - if ( $monitor->HasFocusSpeed() ) { - $speed = intval(round($monitor->MinFocusSpeed()+(($monitor->MaxFocusSpeed()-$monitor->MinFocusSpeed())*$factor))); + if ( $control->HasFocusSpeed() ) { + $speed = intval(round($control->MinFocusSpeed()+(($control->MaxFocusSpeed()-$control->MinFocusSpeed())*$factor))); $ctrlCommand .= ' --speed='.$speed; } switch( $mode ) { case 'Abs' : case 'Rel' : { - $step = intval(round($monitor->MinFocusStep()+(($monitor->MaxFocusStep()-$monitor->MinFocusStep())*$factor))); + $step = intval(round($control->MinFocusStep()+(($control->MaxFocusStep()-$control->MinFocusStep())*$factor))); $ctrlCommand .= ' --step='.$step; break; } case 'Con' : { - if ( $monitor->AutoStopTimeout() ) { - $slowSpeed = intval(round($monitor->MinFocusSpeed()+(($monitor->MaxFocusSpeed()-$monitor->MinFocusSpeed())*$slow))); + if ( $control->AutoStopTimeout() ) { + $slowSpeed = intval(round($control->MinFocusSpeed()+(($control->MaxFocusSpeed()-$control->MinFocusSpeed())*$slow))); if ( $speed < $slowSpeed ) { $ctrlCommand .= ' --autostop'; } @@ -43,19 +44,19 @@ function buildControlCommand( $monitor ) { } case 'zoom' : $factor = $_REQUEST['yge']/100; - if ( $monitor->HasZoomSpeed() ) { - $speed = intval(round($monitor->MinZoomSpeed()+(($monitor->MaxZoomSpeed()-$monitor->MinZoomSpeed())*$factor))); + if ( $control->HasZoomSpeed() ) { + $speed = intval(round($control->MinZoomSpeed()+(($control->MaxZoomSpeed()-$control->MinZoomSpeed())*$factor))); $ctrlCommand .= ' --speed='.$speed; } switch( $mode ) { case 'Abs' : case 'Rel' : - $step = intval(round($monitor->MinZoomStep()+(($monitor->MaxZoomStep()-$monitor->MinZoomStep())*$factor))); + $step = intval(round($control->MinZoomStep()+(($control->MaxZoomStep()-$control->MinZoomStep())*$factor))); $ctrlCommand .= ' --step='.$step; break; case 'Con' : - if ( $monitor->AutoStopTimeout() ) { - $slowSpeed = intval(round($monitor->MinZoomSpeed()+(($monitor->MaxZoomSpeed()-$monitor->MinZoomSpeed())*$slow))); + if ( $control->AutoStopTimeout() ) { + $slowSpeed = intval(round($control->MinZoomSpeed()+(($control->MaxZoomSpeed()-$control->MinZoomSpeed())*$slow))); if ( $speed < $slowSpeed ) { $ctrlCommand .= ' --autostop'; } @@ -65,42 +66,42 @@ function buildControlCommand( $monitor ) { break; case 'iris' : $factor = $_REQUEST['yge']/100; - if ( $monitor->HasIrisSpeed() ) { - $speed = intval(round($monitor->MinIrisSpeed()+(($monitor->MaxIrisSpeed()-$monitor->MinIrisSpeed())*$factor))); + if ( $control->HasIrisSpeed() ) { + $speed = intval(round($control->MinIrisSpeed()+(($control->MaxIrisSpeed()-$control->MinIrisSpeed())*$factor))); $ctrlCommand .= ' --speed='.$speed; } switch( $mode ) { case 'Abs' : case 'Rel' : - $step = intval(round($monitor->MinIrisStep()+(($monitor->MaxIrisStep()-$monitor->MinIrisStep())*$factor))); + $step = intval(round($control->MinIrisStep()+(($control->MaxIrisStep()-$control->MinIrisStep())*$factor))); $ctrlCommand .= ' --step='.$step; break; } break; case 'white' : $factor = $_REQUEST['yge']/100; - if ( $monitor->HasWhiteSpeed() ) { - $speed = intval(round($monitor->MinWhiteSpeed()+(($monitor->MaxWhiteSpeed()-$monitor->MinWhiteSpeed())*$factor))); + if ( $control->HasWhiteSpeed() ) { + $speed = intval(round($control->MinWhiteSpeed()+(($control->MaxWhiteSpeed()-$control->MinWhiteSpeed())*$factor))); $ctrlCommand .= ' --speed='.$speed; } switch( $mode ) { case 'Abs' : case 'Rel' : - $step = intval(round($monitor->MinWhiteStep()+(($monitor->MaxWhiteStep()-$monitor->MinWhiteStep())*$factor))); + $step = intval(round($control->MinWhiteStep()+(($control->MaxWhiteStep()-$control->MinWhiteStep())*$factor))); $ctrlCommand .= ' --step='.$step; break; } break; case 'gain' : $factor = $_REQUEST['yge']/100; - if ( $monitor->HasGainSpeed() ) { - $speed = intval(round($monitor->MinGainSpeed()+(($monitor->MaxGainSpeed()-$monitor->MinGainSpeed())*$factor))); + if ( $control->HasGainSpeed() ) { + $speed = intval(round($control->MinGainSpeed()+(($control->MaxGainSpeed()-$control->MinGainSpeed())*$factor))); $ctrlCommand .= ' --speed='.$speed; } switch( $mode ) { case 'Abs' : case 'Rel' : - $step = intval(round($monitor->MinGainStep()+(($monitor->MaxGainStep()-$monitor->MinGainStep())*$factor))); + $step = intval(round($control->MinGainStep()+(($control->MaxGainStep()-$control->MinGainStep())*$factor))); $ctrlCommand .= ' --step='.$step; break; } @@ -167,29 +168,29 @@ function buildControlCommand( $monitor ) { $dirn = $new_dirn; } - if ( $monitor->HasPanSpeed() && $xFactor ) { - if ( $monitor->HasTurboPan() ) { + if ( $control->HasPanSpeed() && $xFactor ) { + if ( $control->HasTurboPan() ) { if ( $xFactor >= $turbo ) { - $panSpeed = $monitor->TurboPanSpeed(); + $panSpeed = $control->TurboPanSpeed(); } else { $xFactor = $xFactor/$turbo; - $panSpeed = intval(round($monitor->MinPanSpeed()+(($monitor->MaxPanSpeed()-$monitor->MinPanSpeed())*$xFactor))); + $panSpeed = intval(round($control->MinPanSpeed()+(($control->MaxPanSpeed()-$control->MinPanSpeed())*$xFactor))); } } else { - $panSpeed = intval(round($monitor->MinPanSpeed()+(($monitor->MaxPanSpeed()-$monitor->MinPanSpeed())*$xFactor))); + $panSpeed = intval(round($control->MinPanSpeed()+(($control->MaxPanSpeed()-$control->MinPanSpeed())*$xFactor))); } $ctrlCommand .= ' --panspeed='.$panSpeed; } - if ( $monitor->HasTiltSpeed() && $yFactor ) { - if ( $monitor->HasTurboTilt() ) { + if ( $control->HasTiltSpeed() && $yFactor ) { + if ( $control->HasTurboTilt() ) { if ( $yFactor >= $turbo ) { - $tiltSpeed = $monitor->TurboTiltSpeed(); + $tiltSpeed = $control->TurboTiltSpeed(); } else { $yFactor = $yFactor/$turbo; - $tiltSpeed = intval(round($monitor->MinTiltSpeed()+(($monitor->MaxTiltSpeed()-$monitor->MinTiltSpeed())*$yFactor))); + $tiltSpeed = intval(round($control->MinTiltSpeed()+(($control->MaxTiltSpeed()-$control->MinTiltSpeed())*$yFactor))); } } else { - $tiltSpeed = intval(round($monitor->MinTiltSpeed()+(($monitor->MaxTiltSpeed()-$monitor->MinTiltSpeed())*$yFactor))); + $tiltSpeed = intval(round($control->MinTiltSpeed()+(($control->MaxTiltSpeed()-$control->MinTiltSpeed())*$yFactor))); } $ctrlCommand .= ' --tiltspeed='.$tiltSpeed; } @@ -197,18 +198,18 @@ function buildControlCommand( $monitor ) { case 'Rel' : case 'Abs' : if ( preg_match( '/(Left|Right)$/', $dirn ) ) { - $panStep = intval(round($monitor->MinPanStep()+(($monitor->MaxPanStep()-$monitor->MinPanStep())*$xFactor))); + $panStep = intval(round($control->MinPanStep()+(($control->MaxPanStep()-$control->MinPanStep())*$xFactor))); $ctrlCommand .= ' --panstep='.$panStep; } if ( preg_match( '/^(Up|Down)/', $dirn ) ) { - $tiltStep = intval(round($monitor->MinTiltStep()+(($monitor->MaxTiltStep()-$monitor->MinTiltStep())*$yFactor))); + $tiltStep = intval(round($control->MinTiltStep()+(($control->MaxTiltStep()-$control->MinTiltStep())*$yFactor))); $ctrlCommand .= ' --tiltstep='.$tiltStep; } break; case 'Con' : - if ( $monitor->AutoStopTimeout() ) { - $slowPanSpeed = intval(round($monitor->MinPanSpeed()+(($monitor->MaxPanSpeed()-$monitor->MinPanSpeed())*$slow))); - $slowTiltSpeed = intval(round($monitor->MinTiltSpeed()+(($monitor->MaxTiltSpeed()-$monitor->MinTiltSpeed())*$slow))); + if ( $control->AutoStopTimeout() ) { + $slowPanSpeed = intval(round($control->MinPanSpeed()+(($control->MaxPanSpeed()-$control->MinPanSpeed())*$slow))); + $slowTiltSpeed = intval(round($control->MinTiltSpeed()+(($control->MaxTiltSpeed()-$control->MinTiltSpeed())*$slow))); if ( (!isset($panSpeed) || ($panSpeed < $slowPanSpeed)) && (!isset($tiltSpeed) || ($tiltSpeed < $slowTiltSpeed)) ) { $ctrlCommand .= ' --autostop'; } @@ -319,36 +320,36 @@ function buildControlCommand( $monitor ) { $xFactor = abs($xFactor); $yFactor = abs($yFactor); - if ( $monitor->HasPanSpeed() && $xFactor ) { - if ( $monitor->HasTurboPan() ) { + if ( $control->HasPanSpeed() && $xFactor ) { + if ( $control->HasTurboPan() ) { if ( $xFactor >= $turbo ) { - $panSpeed = $monitor->TurboPanSpeed(); + $panSpeed = $control->TurboPanSpeed(); } else { $xFactor = $xFactor/$turbo; - $panSpeed = intval(round($monitor->MinPanSpeed()+(($monitor->MaxPanSpeed()-$monitor->MinPanSpeed())*$xFactor))); + $panSpeed = intval(round($control->MinPanSpeed()+(($control->MaxPanSpeed()-$control->MinPanSpeed())*$xFactor))); } } else { - $panSpeed = intval(round($monitor->MinPanSpeed()+(($monitor->MaxPanSpeed()-$monitor->MinPanSpeed())*$xFactor))); + $panSpeed = intval(round($control->MinPanSpeed()+(($control->MaxPanSpeed()-$control->MinPanSpeed())*$xFactor))); } } - if ( $monitor->HasTiltSpeed() && $yFactor ) { - if ( $monitor->HasTurboTilt() ) { + if ( $control->HasTiltSpeed() && $yFactor ) { + if ( $control->HasTurboTilt() ) { if ( $yFactor >= $turbo ) { - $tiltSpeed = $monitor->TurboTiltSpeed(); + $tiltSpeed = $control->TurboTiltSpeed(); } else { $yFactor = $yFactor/$turbo; - $tiltSpeed = intval(round($monitor->MinTiltSpeed()+(($monitor->MaxTiltSpeed()-$monitor->MinTiltSpeed())*$yFactor))); + $tiltSpeed = intval(round($control->MinTiltSpeed()+(($control->MaxTiltSpeed()-$control->MinTiltSpeed())*$yFactor))); } } else { - $tiltSpeed = intval(round($monitor->MinTiltSpeed()+(($monitor->MaxTiltSpeed()-$monitor->MinTiltSpeed())*$yFactor))); + $tiltSpeed = intval(round($control->MinTiltSpeed()+(($control->MaxTiltSpeed()-$control->MinTiltSpeed())*$yFactor))); } } if ( preg_match( '/(Left|Right)$/', $dirn ) ) { - $panStep = intval(round($monitor->MinPanStep()+(($monitor->MaxPanStep()-$monitor->MinPanStep())*$xFactor))); + $panStep = intval(round($control->MinPanStep()+(($control->MaxPanStep()-$control->MinPanStep())*$xFactor))); $ctrlCommand .= ' --panstep='.$panStep.' --panspeed='.$panSpeed; } if ( preg_match( '/^(Up|Down)/', $dirn ) ) { - $tiltStep = intval(round($monitor->MinTiltStep()+(($monitor->MaxTiltStep()-$monitor->MinTiltStep())*$yFactor))); + $tiltStep = intval(round($control->MinTiltStep()+(($control->MaxTiltStep()-$control->MinTiltStep())*$yFactor))); $ctrlCommand .= ' --tiltstep='.$tiltStep.' --tiltspeed='.$tiltSpeed; } } @@ -410,28 +411,28 @@ function buildControlCommand( $monitor ) { $xFactor = abs($xFactor); $yFactor = abs($yFactor); - if ( $monitor->HasPanSpeed() && $xFactor ) { - if ( $monitor->HasTurboPan() ) { + if ( $control->HasPanSpeed() && $xFactor ) { + if ( $control->HasTurboPan() ) { if ( $xFactor >= $turbo ) { - $panSpeed = $monitor->TurboPanSpeed(); + $panSpeed = $control->TurboPanSpeed(); } else { $xFactor = $xFactor/$turbo; - $panSpeed = intval(round($monitor->MinPanSpeed()+(($monitor->MaxPanSpeed()-$monitor->MinPanSpeed())*$xFactor))); + $panSpeed = intval(round($control->MinPanSpeed()+(($control->MaxPanSpeed()-$control->MinPanSpeed())*$xFactor))); } } else { - $panSpeed = intval(round($monitor->MinPanSpeed()+(($monitor->MaxPanSpeed()-$monitor->MinPanSpeed())*$xFactor))); + $panSpeed = intval(round($control->MinPanSpeed()+(($control->MaxPanSpeed()-$control->MinPanSpeed())*$xFactor))); } } - if ( $monitor->HasTiltSpeed() && $yFactor ) { - if ( $monitor->HasTurboTilt() ) { + if ( $control->HasTiltSpeed() && $yFactor ) { + if ( $control->HasTurboTilt() ) { if ( $yFactor >= $turbo ) { - $tiltSpeed = $monitor->TurboTiltSpeed(); + $tiltSpeed = $control->TurboTiltSpeed(); } else { $yFactor = $yFactor/$turbo; - $tiltSpeed = intval(round($monitor->MinTiltSpeed()+(($monitor->MaxTiltSpeed()-$monitor->MinTiltSpeed())*$yFactor))); + $tiltSpeed = intval(round($control->MinTiltSpeed()+(($control->MaxTiltSpeed()-$control->MinTiltSpeed())*$yFactor))); } } else { - $tiltSpeed = intval(round($monitor->MinTiltSpeed()+(($monitor->MaxTiltSpeed()-$monitor->MinTiltSpeed())*$yFactor))); + $tiltSpeed = intval(round($control->MinTiltSpeed()+(($control->MaxTiltSpeed()-$control->MinTiltSpeed())*$yFactor))); } } if ( preg_match( '/(Left|Right)$/', $dirn ) ) { @@ -440,9 +441,9 @@ function buildControlCommand( $monitor ) { if ( preg_match( '/^(Up|Down)/', $dirn ) ) { $ctrlCommand .= ' --tiltspeed='.$tiltSpeed; } - if ( $monitor->AutoStopTimeout() ) { - $slowPanSpeed = intval(round($monitor->MinPanSpeed()+(($monitor->MaxPanSpeed()-$monitor->MinPanSpeed())*$slow))); - $slowTiltSpeed = intval(round($monitor->MinTiltSpeed()+(($monitor->MaxTiltSpeed()-$monitor->MinTiltSpeed())*$slow))); + if ( $control->AutoStopTimeout() ) { + $slowPanSpeed = intval(round($control->MinPanSpeed()+(($control->MaxPanSpeed()-$control->MinPanSpeed())*$slow))); + $slowTiltSpeed = intval(round($control->MinTiltSpeed()+(($control->MaxTiltSpeed()-$control->MinTiltSpeed())*$slow))); if ( (!isset($panSpeed) || ($panSpeed < $slowPanSpeed)) && (!isset($tiltSpeed) || ($tiltSpeed < $slowTiltSpeed)) ) { $ctrlCommand .= ' --autostop'; } @@ -470,19 +471,19 @@ function buildControlCommand( $monitor ) { $factor = ($y+1)/$long_y; break; } - if ( $monitor->HasFocusSpeed() ) { - $speed = intval(round($monitor->MinFocusSpeed()+(($monitor->MaxFocusSpeed()-$monitor->MinFocusSpeed())*$factor))); + if ( $control->HasFocusSpeed() ) { + $speed = intval(round($control->MinFocusSpeed()+(($control->MaxFocusSpeed()-$control->MinFocusSpeed())*$factor))); $ctrlCommand .= ' --speed='.$speed; } switch( $mode ) { case 'Abs' : case 'Rel' : - $step = intval(round($monitor->MinFocusStep()+(($monitor->MaxFocusStep()-$monitor->MinFocusStep())*$factor))); + $step = intval(round($control->MinFocusStep()+(($control->MaxFocusStep()-$control->MinFocusStep())*$factor))); $ctrlCommand .= ' --step='.$step; break; case 'Con' : - if ( $monitor->AutoStopTimeout() ) { - $slowSpeed = intval(round($monitor->MinFocusSpeed()+(($monitor->MaxFocusSpeed()-$monitor->MinFocusSpeed())*$slow))); + if ( $control->AutoStopTimeout() ) { + $slowSpeed = intval(round($control->MinFocusSpeed()+(($control->MaxFocusSpeed()-$control->MinFocusSpeed())*$slow))); if ( $speed < $slowSpeed ) { $ctrlCommand .= ' --autostop'; } @@ -499,19 +500,19 @@ function buildControlCommand( $monitor ) { $factor = ($y+1)/$long_y; break; } - if ( $monitor->HasZoomSpeed() ) { - $speed = intval(round($monitor->MinZoomSpeed()+(($monitor->MaxZoomSpeed()-$monitor->MinZoomSpeed())*$factor))); + if ( $control->HasZoomSpeed() ) { + $speed = intval(round($control->MinZoomSpeed()+(($control->MaxZoomSpeed()-$control->MinZoomSpeed())*$factor))); $ctrlCommand .= ' --speed='.$speed; } switch( $mode ) { case 'Abs' : case 'Rel' : - $step = intval(round($monitor->MinZoomStep()+(($monitor->MaxZoomStep()-$monitor->MinZoomStep())*$factor))); + $step = intval(round($control->MinZoomStep()+(($control->MaxZoomStep()-$control->MinZoomStep())*$factor))); $ctrlCommand .= ' --step='.$step; break; case 'Con' : - if ( $monitor->AutoStopTimeout() ) { - $slowSpeed = intval(round($monitor->MinZoomSpeed()+(($monitor->MaxZoomSpeed()-$monitor->MinZoomSpeed())*$slow))); + if ( $control->AutoStopTimeout() ) { + $slowSpeed = intval(round($control->MinZoomSpeed()+(($control->MaxZoomSpeed()-$control->MinZoomSpeed())*$slow))); if ( $speed < $slowSpeed ) { $ctrlCommand .= ' --autostop'; } @@ -528,14 +529,14 @@ function buildControlCommand( $monitor ) { $factor = ($y+1)/$long_y; break; } - if ( $monitor->HasIrisSpeed() ) { - $speed = intval(round($monitor->MinIrisSpeed()+(($monitor->MaxIrisSpeed()-$monitor->MinIrisSpeed())*$factor))); + if ( $control->HasIrisSpeed() ) { + $speed = intval(round($control->MinIrisSpeed()+(($control->MaxIrisSpeed()-$control->MinIrisSpeed())*$factor))); $ctrlCommand .= ' --speed='.$speed; } switch( $mode ) { case 'Abs' : case 'Rel' : - $step = intval(round($monitor->MinIrisStep()+(($monitor->MaxIrisStep()-$monitor->MinIrisStep())*$factor))); + $step = intval(round($control->MinIrisStep()+(($control->MaxIrisStep()-$control->MinIrisStep())*$factor))); $ctrlCommand .= ' --step='.$step; break; } @@ -549,14 +550,14 @@ function buildControlCommand( $monitor ) { $factor = ($y+1)/$long_y; break; } - if ( $monitor->HasWhiteSpeed() ) { - $speed = intval(round($monitor->MinWhiteSpeed()+(($monitor->MaxWhiteSpeed()-$monitor->MinWhiteSpeed())*$factor))); + if ( $control->HasWhiteSpeed() ) { + $speed = intval(round($control->MinWhiteSpeed()+(($control->MaxWhiteSpeed()-$control->MinWhiteSpeed())*$factor))); $ctrlCommand .= ' --speed='.$speed; } switch( $mode ) { case 'Abs' : case 'Rel' : - $step = intval(round($monitor->MinWhiteStep()+(($monitor->MaxWhiteStep()-$monitor->MinWhiteStep())*$factor))); + $step = intval(round($control->MinWhiteStep()+(($control->MaxWhiteStep()-$control->MinWhiteStep())*$factor))); $ctrlCommand .= ' --step='.$step; break; } @@ -570,14 +571,14 @@ function buildControlCommand( $monitor ) { $factor = ($y+1)/$long_y; break; } - if ( $monitor->HasGainSpeed() ) { - $speed = intval(round($monitor->MinGainSpeed()+(($monitor->MaxGainSpeed()-$monitor->MinGainSpeed())*$factor))); + if ( $control->HasGainSpeed() ) { + $speed = intval(round($control->MinGainSpeed()+(($control->MaxGainSpeed()-$control->MinGainSpeed())*$factor))); $ctrlCommand .= ' --speed='.$speed; } switch( $mode ) { case 'Abs' : case 'Rel' : - $step = intval(round($monitor->MinGainStep()+(($monitor->MaxGainStep()-$monitor->MinGainStep())*$factor))); + $step = intval(round($control->MinGainStep()+(($control->MaxGainStep()-$control->MinGainStep())*$factor))); $ctrlCommand .= ' --step='.$step; break; } @@ -655,29 +656,29 @@ function buildControlCommand( $monitor ) { $dirn = $new_dirn; } - if ( $monitor->HasPanSpeed() && $xFactor ) { - if ( $monitor->HasTurboPan() ) { + if ( $control->HasPanSpeed() && $xFactor ) { + if ( $control->HasTurboPan() ) { if ( $xFactor >= $turbo ) { - $panSpeed = $monitor->TurboPanSpeed(); + $panSpeed = $control->TurboPanSpeed(); } else { $xFactor = $xFactor/$turbo; - $panSpeed = intval(round($monitor->MinPanSpeed()+(($monitor->MaxPanSpeed()-$monitor->MinPanSpeed())*$xFactor))); + $panSpeed = intval(round($control->MinPanSpeed()+(($control->MaxPanSpeed()-$control->MinPanSpeed())*$xFactor))); } } else { - $panSpeed = intval(round($monitor->MinPanSpeed()+(($monitor->MaxPanSpeed()-$monitor->MinPanSpeed())*$xFactor))); + $panSpeed = intval(round($control->MinPanSpeed()+(($control->MaxPanSpeed()-$control->MinPanSpeed())*$xFactor))); } $ctrlCommand .= ' --panspeed='.$panSpeed; } - if ( $monitor->HasTiltSpeed() && $yFactor ) { - if ( $monitor->HasTurboTilt() ) { + if ( $control->HasTiltSpeed() && $yFactor ) { + if ( $control->HasTurboTilt() ) { if ( $yFactor >= $turbo ) { - $tiltSpeed = $monitor->TurboTiltSpeed(); + $tiltSpeed = $control->TurboTiltSpeed(); } else { $yFactor = $yFactor/$turbo; - $tiltSpeed = intval(round($monitor->MinTiltSpeed()+(($monitor->MaxTiltSpeed()-$monitor->MinTiltSpeed())*$yFactor))); + $tiltSpeed = intval(round($control->MinTiltSpeed()+(($control->MaxTiltSpeed()-$control->MinTiltSpeed())*$yFactor))); } } else { - $tiltSpeed = intval(round($monitor->MinTiltSpeed()+(($monitor->MaxTiltSpeed()-$monitor->MinTiltSpeed())*$yFactor))); + $tiltSpeed = intval(round($control->MinTiltSpeed()+(($control->MaxTiltSpeed()-$control->MinTiltSpeed())*$yFactor))); } $ctrlCommand .= ' --tiltspeed='.$tiltSpeed; } @@ -685,18 +686,18 @@ function buildControlCommand( $monitor ) { case 'Rel' : case 'Abs' : if ( preg_match( '/(Left|Right)$/', $dirn ) ) { - $panStep = intval(round($monitor->MinPanStep()+(($monitor->MaxPanStep()-$monitor->MinPanStep())*$xFactor))); + $panStep = intval(round($control->MinPanStep()+(($control->MaxPanStep()-$control->MinPanStep())*$xFactor))); $ctrlCommand .= ' --panstep='.$panStep; } if ( preg_match( '/^(Up|Down)/', $dirn ) ) { - $tiltStep = intval(round($monitor->MinTiltStep()+(($monitor->MaxTiltStep()-$monitor->MinTiltStep())*$yFactor))); + $tiltStep = intval(round($control->MinTiltStep()+(($control->MaxTiltStep()-$control->MinTiltStep())*$yFactor))); $ctrlCommand .= ' --tiltstep='.$tiltStep; } break; case 'Con' : - if ( $monitor->AutoStopTimeout() ) { - $slowPanSpeed = intval(round($monitor->MinPanSpeed()+(($monitor->MaxPanSpeed()-$monitor->MinPanSpeed())*$slow))); - $slowTiltSpeed = intval(round($monitor->MinTiltSpeed()+(($monitor->MaxTiltSpeed()-$monitor->MinTiltSpeed())*$slow))); + if ( $control->AutoStopTimeout() ) { + $slowPanSpeed = intval(round($control->MinPanSpeed()+(($control->MaxPanSpeed()-$control->MinPanSpeed())*$slow))); + $slowTiltSpeed = intval(round($control->MinTiltSpeed()+(($control->MaxTiltSpeed()-$control->MinTiltSpeed())*$slow))); if ( (!isset($panSpeed) || ($panSpeed < $slowPanSpeed)) && (!isset($tiltSpeed) || ($tiltSpeed < $slowTiltSpeed)) ) { $ctrlCommand .= ' --autostop'; } @@ -716,12 +717,16 @@ function buildControlCommand( $monitor ) { if ( canEdit( 'Control' ) ) { $preset = validInt($_REQUEST['preset']); $newLabel = validJsStr($_REQUEST['newLabel']); - $row = dbFetchOne( 'SELECT * FROM ControlPresets WHERE MonitorId = ? AND Preset = ?', NULL, array( $monitor->Id(), $preset ) ); + $row = dbFetchOne( + 'SELECT * FROM `ControlPresets` WHERE `MonitorId` = ? AND `Preset`=?', + NULL, array($monitor->Id(), $preset)); if ( $newLabel != $row['Label'] ) { if ( $newLabel ) { - dbQuery( 'REPLACE INTO ControlPresets ( MonitorId, Preset, Label ) VALUES ( ?, ?, ? )', array( $monitor->Id(), $preset, $newLabel ) ); + dbQuery('REPLACE INTO `ControlPresets` (`MonitorId`, `Preset`, `Label`) VALUES ( ?, ?, ? )', + array($monitor->Id(), $preset, $newLabel)); } else { - dbQuery( 'DELETE FROM ControlPresets WHERE MonitorId = ? AND Preset = ?', array( $monitor->Id(), $preset ) ); + dbQuery('DELETE FROM `ControlPresets` WHERE `MonitorId`=? AND `Preset`=?', + array($monitor->Id(), $preset)); } } $ctrlCommand .= ' --preset='.$preset; From f0a8595e507d816ec387642b42eace70ccc4715f Mon Sep 17 00:00:00 2001 From: Isaac Connor Date: Fri, 20 Sep 2019 10:36:08 -0400 Subject: [PATCH 591/922] quiet warning caused by server_up being undef for false --- scripts/zmcontrol.pl.in | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/scripts/zmcontrol.pl.in b/scripts/zmcontrol.pl.in index 1ac21f0ea..ea6fa36b0 100644 --- a/scripts/zmcontrol.pl.in +++ b/scripts/zmcontrol.pl.in @@ -83,7 +83,7 @@ if ( $options{command} ) { my $tries = 10; my $server_up; while ( $tries and ! ( $server_up = connect(CLIENT, $saddr) ) ) { - Debug("Failed to connect to $server_up at $sock_file"); + Debug("Failed to connect to zmcontrol server at $sock_file"); runCommand("zmdc.pl start zmcontrol.pl --id=$id"); sleep 1; $tries -= 1; From 481f5b7eace19ef1c6e585409e969956ebf1f0c1 Mon Sep 17 00:00:00 2001 From: Isaac Connor Date: Fri, 20 Sep 2019 10:36:38 -0400 Subject: [PATCH 592/922] Update control ajax --- web/ajax/control.php | 91 ++++++++++++++++++++------------------------ 1 file changed, 41 insertions(+), 50 deletions(-) diff --git a/web/ajax/control.php b/web/ajax/control.php index ae7acac9e..8bdac53b8 100644 --- a/web/ajax/control.php +++ b/web/ajax/control.php @@ -1,65 +1,56 @@ Id().'.sock'; - if ( @socket_connect( $socket, $sock_file ) ) - { - $options = array(); - foreach ( explode( " ", $ctrlCommand ) as $option ) - { - if ( preg_match( '/--([^=]+)(?:=(.+))?/', $option, $matches ) ) - { - $options[$matches[1]] = !empty($matches[2])?$matches[2]:1; - } - } - $option_string = jsonEncode( $options ); - if ( !socket_write( $socket, $option_string ) ) - ajaxError( "socket_write() failed: ".socket_strerror(socket_last_error()) ); - ajaxResponse( 'Used socket' ); - //socket_close( $socket ); - } - else - { - $ctrlCommand .= " --id=".$monitor->Id(); + $socket = socket_create(AF_UNIX, SOCK_STREAM, 0); + if ( !$socket ) + ajaxError('socket_create() failed: '.socket_strerror(socket_last_error())); - // Can't connect so use script - $ctrlStatus = ''; - $ctrlOutput = array(); - exec( escapeshellcmd( $ctrlCommand ), $ctrlOutput, $ctrlStatus ); - if ( $ctrlStatus ) - ajaxError( $ctrlCommand.'=>'.join( ' // ', $ctrlOutput ) ); - ajaxResponse( 'Used script' ); - } - } - else - { - ajaxError( "No command received" ); + $sock_file = ZM_PATH_SOCKS.'/zmcontrol-'.$monitor->Id().'.sock'; + if ( @socket_connect($socket, $sock_file) ) { + $options = array(); + foreach ( explode(' ', $ctrlCommand) as $option ) { + if ( preg_match('/--([^=]+)(?:=(.+))?/', $option, $matches) ) { + $options[$matches[1]] = !empty($matches[2])?$matches[2]:1; + } } + $option_string = jsonEncode($options); + if ( !socket_write($socket, $option_string) ) + ajaxError("socket_write() failed: ".socket_strerror(socket_last_error())); + ajaxResponse('Used socket'); + //socket_close( $socket ); + } else { + $ctrlCommand .= ' --id='.$monitor->Id(); + + // Can't connect so use script + $ctrlStatus = ''; + $ctrlOutput = array(); + exec( escapeshellcmd( $ctrlCommand ), $ctrlOutput, $ctrlStatus ); + if ( $ctrlStatus ) + ajaxError($ctrlCommand.'=>'.join(' // ', $ctrlOutput)); + ajaxResponse('Used script'); + } } -ajaxError( 'Unrecognised action or insufficient permissions' ); +ajaxError('Unrecognised action or insufficient permissions'); -function ajaxCleanup() -{ - global $socket; - if ( !empty( $socket ) ) - @socket_close( $socket ); +function ajaxCleanup() { + global $socket; + if ( !empty( $socket ) ) + @socket_close($socket); } ?> From a8cbe7d10d22559dbf97dcc801ca00aa658df40d Mon Sep 17 00:00:00 2001 From: Isaac Connor Date: Fri, 20 Sep 2019 10:36:50 -0400 Subject: [PATCH 593/922] Turn off debug --- web/skins/classic/includes/control_functions.php | 4 ++-- 1 file changed, 2 insertions(+), 2 deletions(-) diff --git a/web/skins/classic/includes/control_functions.php b/web/skins/classic/includes/control_functions.php index 021990e47..bd963312c 100644 --- a/web/skins/classic/includes/control_functions.php +++ b/web/skins/classic/includes/control_functions.php @@ -226,9 +226,9 @@ function controlPower($monitor, $cmds) { function ptzControls($monitor) { $control = $monitor->Control(); - ZM\Error("Control: " . print_r($control,true)); + //ZM\Error("Control: " . print_r($control,true)); $cmds = $control->commands(); - ZM\Error("Cmds: " . print_r($cmds, true)); + //ZM\Error("Cmds: " . print_r($cmds, true)); ob_start(); ?>
From 0d19b0dc855ea245657ec85aad1b3e7e2842cdcc Mon Sep 17 00:00:00 2001 From: Isaac Connor Date: Fri, 20 Sep 2019 10:37:19 -0400 Subject: [PATCH 594/922] Use a subselect instead of inner join because the inner join won't return monitors that don't have a group --- web/skins/classic/views/control.php | 5 +++-- 1 file changed, 3 insertions(+), 2 deletions(-) diff --git a/web/skins/classic/views/control.php b/web/skins/classic/views/control.php index fc8923d82..f96adfe03 100644 --- a/web/skins/classic/views/control.php +++ b/web/skins/classic/views/control.php @@ -26,18 +26,19 @@ if ( !canView('Control') ) { $params = array(); $groupSql = ''; if ( !empty($_REQUEST['group']) ) { - $groupSql = ' AND gm.GroupId = :groupid'; + $groupSql = ' AND (m.Id IN (SELECT MonitorID FROM Groups_Monitors WHERE GroupId = :groupid))'; $params[':groupid'] = $_REQUEST['group']; } $mid = !empty($_REQUEST['mid']) ? validInt($_REQUEST['mid']) : 0; -$sql = "SELECT m.* FROM Monitors m INNER JOIN Groups_Monitors AS gm ON m.Id = gm.MonitorId WHERE m.Function != 'None' AND m.Controllable = 1$groupSql ORDER BY Sequence"; +$sql = "SELECT m.* FROM Monitors m WHERE m.Function != 'None' AND m.Controllable = 1$groupSql ORDER BY Sequence"; $mids = array(); foreach ( dbFetchAll($sql, false, $params) as $row ) { if ( !visibleMonitor($row['Id']) ) { continue; } + ZM\Logger::Debug(print_r($row,true)); if ( empty($mid) ) $mid = $row['Id']; $mids[$row['Id']] = $row['Name']; From 5d0b4942d63b9f2de48bff4674364f5c786bb844 Mon Sep 17 00:00:00 2001 From: Isaac Connor Date: Fri, 20 Sep 2019 10:37:48 -0400 Subject: [PATCH 595/922] remove debug --- web/skins/classic/views/control.php | 1 - 1 file changed, 1 deletion(-) diff --git a/web/skins/classic/views/control.php b/web/skins/classic/views/control.php index f96adfe03..f2fe01f3f 100644 --- a/web/skins/classic/views/control.php +++ b/web/skins/classic/views/control.php @@ -38,7 +38,6 @@ foreach ( dbFetchAll($sql, false, $params) as $row ) { if ( !visibleMonitor($row['Id']) ) { continue; } - ZM\Logger::Debug(print_r($row,true)); if ( empty($mid) ) $mid = $row['Id']; $mids[$row['Id']] = $row['Name']; From caf405c6788bd8c4b596c5ac741b6af7091992a1 Mon Sep 17 00:00:00 2001 From: Isaac Connor Date: Fri, 20 Sep 2019 10:39:53 -0400 Subject: [PATCH 596/922] Use my docker hub for buster --- .travis.yml | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/.travis.yml b/.travis.yml index e41dcb35f..3ec7f98b5 100644 --- a/.travis.yml +++ b/.travis.yml @@ -39,7 +39,7 @@ env: - SMPFLAGS=-j4 OS=ubuntu DIST=xenial - SMPFLAGS=-j4 OS=ubuntu DIST=bionic - SMPFLAGS=-j4 OS=ubuntu DIST=disco - - SMPFLAGS=-j4 OS=debian DIST=buster + - SMPFLAGS=-j4 OS=debian DIST=buster DOCKER_REPO=zmicon/packpack - SMPFLAGS=-j4 OS=debian DIST=stretch - SMPFLAGS=-j4 OS=ubuntu DIST=trusty ARCH=i386 - SMPFLAGS=-j4 OS=ubuntu DIST=xenial ARCH=i386 From 6c39fd133ddf292ac1851b53789de86f0341a664 Mon Sep 17 00:00:00 2001 From: Isaac Connor Date: Fri, 20 Sep 2019 10:44:38 -0400 Subject: [PATCH 597/922] fix eslint --- web/skins/classic/views/js/monitor.js | 7 ++++--- web/skins/classic/views/js/watch.js | 2 +- 2 files changed, 5 insertions(+), 4 deletions(-) diff --git a/web/skins/classic/views/js/monitor.js b/web/skins/classic/views/js/monitor.js index e853c89fe..9d1fc7d7b 100644 --- a/web/skins/classic/views/js/monitor.js +++ b/web/skins/classic/views/js/monitor.js @@ -1,9 +1,10 @@ function updateMonitorDimensions(element) { var form = element.form; - if ( element.type == 'number' ) { // either width or height + if ( element.type == 'number' ) { + // either width or height - var widthFactor = parseInt( defaultAspectRatio.replace( /:.*$/, '' ) ); - var heightFactor = parseInt( defaultAspectRatio.replace( /^.*:/, '' ) ); + var widthFactor = parseInt(defaultAspectRatio.replace(/:.*$/, '')); + var heightFactor = parseInt(defaultAspectRatio.replace(/^.*:/, '')); var monitorWidth = parseInt(form.elements['newMonitor[Width]'].value); var monitorHeight = parseInt(form.elements['newMonitor[Height]'].value); diff --git a/web/skins/classic/views/js/watch.js b/web/skins/classic/views/js/watch.js index 76cf6c9a5..fb77846c4 100644 --- a/web/skins/classic/views/js/watch.js +++ b/web/skins/classic/views/js/watch.js @@ -792,7 +792,7 @@ function initPage() { if ( window.history.length == 1 ) { $j('#closeControl').html(''); } - document.querySelectorAll('select[name="scale"]').forEach(function (el) { + document.querySelectorAll('select[name="scale"]').forEach(function(el) { el.onchange = window['changeScale']; }); } else if ( monitorRefresh > 0 ) { From cb194cc4d146e22e7a0f5f59e460e92d746f892b Mon Sep 17 00:00:00 2001 From: Isaac Connor Date: Fri, 20 Sep 2019 14:14:56 -0400 Subject: [PATCH 598/922] enable per commit builds for buster so I can test my docker image for it --- utils/packpack/startpackpack.sh | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/utils/packpack/startpackpack.sh b/utils/packpack/startpackpack.sh index ea1aa0e8b..835725baa 100755 --- a/utils/packpack/startpackpack.sh +++ b/utils/packpack/startpackpack.sh @@ -294,7 +294,7 @@ checksanity # We don't want to build packages for all supported distros after every commit # Only build all packages when executed via cron # See https://docs.travis-ci.com/user/cron-jobs/ -if [ "${TRAVIS_EVENT_TYPE}" == "cron" ] || [ "${TRAVIS}" != "true" ]; then +if [ "${TRAVIS_EVENT_TYPE}" == "cron" ] || [ "${TRAVIS}" != "true" ] || [ "${DIST}" == "buster" ] ; then commonprep # Steps common to Redhat distros From d7810bf9b380cddcf8be7af1a074ac450b1ed2e2 Mon Sep 17 00:00:00 2001 From: Isaac Connor Date: Fri, 20 Sep 2019 14:16:37 -0400 Subject: [PATCH 599/922] fix eslint --- web/skins/classic/views/js/montage.js | 3 ++- 1 file changed, 2 insertions(+), 1 deletion(-) diff --git a/web/skins/classic/views/js/montage.js b/web/skins/classic/views/js/montage.js index e217bcc89..0cf958e5e 100644 --- a/web/skins/classic/views/js/montage.js +++ b/web/skins/classic/views/js/montage.js @@ -397,8 +397,9 @@ function save_layout(button) { var form = button.form; var name = form.elements['Name'].value; - if ( !name ) + if ( !name ) { name = form.elements['zmMontageLayout'].options[form.elements['zmMontageLayout'].selectedIndex].text; + } if ( name=='Freeform' || name=='2 Wide' || name=='3 Wide' || name=='4 Wide' || name=='5 Wide' ) { alert('You cannot edit the built in layouts. Please give the layout a new name.'); From 6d16363f0749aa6db0449a755310bf5bfe98fa96 Mon Sep 17 00:00:00 2001 From: Isaac Connor Date: Sat, 21 Sep 2019 10:40:24 -0400 Subject: [PATCH 600/922] Restore monitor defaults --- web/includes/Monitor.php | 8 ++++---- 1 file changed, 4 insertions(+), 4 deletions(-) diff --git a/web/includes/Monitor.php b/web/includes/Monitor.php index 43fede992..84274c052 100644 --- a/web/includes/Monitor.php +++ b/web/includes/Monitor.php @@ -15,7 +15,7 @@ protected $defaults = array( 'ServerId' => 0, 'StorageId' => 0, 'Type' => 'Ffmpeg', - 'Function' => 'None', + 'Function' => 'Mocord', 'Enabled' => array('type'=>'boolean','default'=>1), 'LinkedMonitors' => array('type'=>'set', 'default'=>null), 'Triggers' => array('type'=>'set','default'=>''), @@ -46,7 +46,7 @@ protected $defaults = array( 'VideoWriter' => '0', 'OutputCodec' => null, 'OutputContainer' => null, - 'EncoderParameters' => null, + 'EncoderParameters' => "# Lines beginning with # are a comment \n# For changing quality, use the crf option\n# 1 is best, 51 is worst quality\n#crf=23\n", 'RecordAudio' => array('type'=>'boolean', 'default'=>0), 'RTSPDescribe' => array('type'=>'boolean','default'=>0), 'Brightness' => -1, @@ -54,7 +54,7 @@ protected $defaults = array( 'Hue' => -1, 'Colour' => -1, 'EventPrefix' => 'Event-', - 'LabelFormat' => null, + 'LabelFormat' => '%N - %d/%m/%y %H:%M:%S', 'LabelX' => 0, 'LabelY' => 0, 'LabelSize' => 1, @@ -120,7 +120,7 @@ private $status_fields = array( if ( $this->ControlId() ) $this->{'Control'} = Control::find_one(array('Id'=>$this->{'ControlId'})); else - Error("No ControlId"); + Error("No ControlId".print_r($this,true)); if ( !(array_key_exists('Control', $this) and $this->{'Control'} ) ) $this->{'Control'} = new Control(); } From 240a355b72eac9d05192bb21d77b108e4d0b79ee Mon Sep 17 00:00:00 2001 From: Isaac Connor Date: Sat, 21 Sep 2019 12:10:33 -0400 Subject: [PATCH 601/922] list me as maintainer and uploader --- distros/ubuntu1604/control | 4 ++-- 1 file changed, 2 insertions(+), 2 deletions(-) diff --git a/distros/ubuntu1604/control b/distros/ubuntu1604/control index 68bc1757f..ec112c2ce 100644 --- a/distros/ubuntu1604/control +++ b/distros/ubuntu1604/control @@ -1,8 +1,8 @@ Source: zoneminder Section: net Priority: optional -Maintainer: Dmitry Smirnov -Uploaders: Vagrant Cascadian +Maintainer: Isaac Connor +Uploaders: Isaac Connor Build-Depends: debhelper (>= 9), dh-systemd, python-sphinx | python3-sphinx, apache2-dev, dh-linktree, dh-systemd, dh-apache2 ,cmake ,libx264-dev, libmp4v2-dev From 8226e3c233d8400ce0eb680dd89df64613de91bb Mon Sep 17 00:00:00 2001 From: Isaac Connor Date: Sun, 22 Sep 2019 12:02:31 -0400 Subject: [PATCH 602/922] Update hebrew language --- web/lang/he_il.php | 669 ++++++++++++++++++++++----------------------- 1 file changed, 334 insertions(+), 335 deletions(-) diff --git a/web/lang/he_il.php b/web/lang/he_il.php index b3e03c225..ff4440053 100644 --- a/web/lang/he_il.php +++ b/web/lang/he_il.php @@ -50,7 +50,7 @@ // do this by default, uncomment this if required. // // Example -header( "Content-Type: text/html; charset=iso-8859-8-i" ); +header( "Content-Type: text/html; charset=UTF-8" ); // You may need to change your locale here if your default one is incorrect for the // language described in this file, or if you have multiple languages supported. @@ -71,59 +71,59 @@ setlocale( LC_ALL, 'he_IL' ); //All locale settings 4.3.0 and after // Simple String Replacements $SLANG = array( - '24BitColour' => 'öáò 24 áéè', - '32BitColour' => 'öáò 32 áéè', // Added - 2011-06-15 - '8BitGrey' => 'âååðé àôåø 8 áéè', - 'Action' => 'ôòåìä', - 'Actual' => 'î÷åøé', - 'AddNewControl' => 'äåñó ÷åðèøåì çãù', - 'AddNewMonitor' => 'äåñó îåðéèåø çãù', + '24BitColour' => 'צבע 24 ביט', + '32BitColour' => 'צבע 32 ביט', // Added - 2011-06-15 + '8BitGrey' => 'גווני אפור 8 ביט', + 'Action' => 'פעולה', + 'Actual' => 'מקורי', + 'AddNewControl' => 'הוסף קונטרול חדש', + 'AddNewMonitor' => 'הוסף מוניטור חדש', 'AddNewServer' => 'Add New Server', // Added - 2018-08-30 'AddNewStorage' => 'Add New Storage', // Added - 2018-08-30 - 'AddNewUser' => 'äåñó îùúîù çãù', - 'AddNewZone' => 'äåñó àéæåø çãù', - 'Alarm' => 'àæò÷ä', - 'AlarmBrFrames' => 'àæò÷ú
ôøééîéí', - 'AlarmFrame' => 'àæò÷ú ôøééîéí', - 'AlarmFrameCount' => 'ñôéøú àæò÷åú ôøééîéí', - 'AlarmLimits' => 'äâáìåú àæò÷ä', + 'AddNewUser' => 'הוסף משתמש חדש', + 'AddNewZone' => 'הוסף איזור חדש', + 'Alarm' => 'אזעקה', + 'AlarmBrFrames' => 'אזעקת
פריימים', + 'AlarmFrame' => 'אזעקת פריימים', + 'AlarmFrameCount' => 'ספירת אזעקות פריימים', + 'AlarmLimits' => 'הגבלות אזעקה', 'AlarmMaximumFPS' => 'Alarm Maximum FPS', - 'AlarmPx' => 'àæò÷ú Px', - 'AlarmRGBUnset' => 'äéðê çééá ìàúçì àæò÷ú öáò', + 'AlarmPx' => 'אזעקת Px', + 'AlarmRGBUnset' => 'הינך חייב לאתחל אזעקת צבע', 'AlarmRefImageBlendPct'=> 'Alarm Reference Image Blend %ge', // Added - 2015-04-18 - 'Alert' => 'äúøàä', - 'All' => 'äëì', + 'Alert' => 'התראה', + 'All' => 'הכל', 'AnalysisFPS' => 'Analysis FPS', // Added - 2015-07-22 'AnalysisUpdateDelay' => 'Analysis Update Delay', // Added - 2015-07-23 - 'Apply' => 'äçì', - 'ApplyingStateChange' => 'äçì ùéðåé îöá', - 'ArchArchived' => 'àøëéá áìáã', - 'ArchUnarchived' => 'ìà ìàøëéá áìáã', - 'Archive' => 'àøëéá', - 'Archived' => 'àåøëá', - 'Area' => 'àæåø', - 'AreaUnits' => 'àæåø (px/%)', + 'Apply' => 'החל', + 'ApplyingStateChange' => 'החל שינוי מצב', + 'ArchArchived' => 'ארכיב בלבד', + 'ArchUnarchived' => 'לא לארכיב בלבד', + 'Archive' => 'ארכיב', + 'Archived' => 'אורכב', + 'Area' => 'אזור', + 'AreaUnits' => 'אזור (px/%)', 'AttrAlarmFrames' => 'Alarm Frames', 'AttrArchiveStatus' => 'Archive Status', - 'AttrAvgScore' => 'ðé÷åã îîåöò', - 'AttrCause' => 'ñéáä', + 'AttrAvgScore' => 'ניקוד ממוצע', + 'AttrCause' => 'סיבה', 'AttrDiskBlocks' => 'Disk Blocks', 'AttrDiskPercent' => 'Disk Percent', 'AttrDiskSpace' => 'Disk Space', // Added - 2018-08-30 - 'AttrDuration' => 'îùê æîï', + 'AttrDuration' => 'משך זמן', 'AttrEndDate' => 'End Date', // Added - 2018-08-30 'AttrEndDateTime' => 'End Date/Time', // Added - 2018-08-30 'AttrEndTime' => 'End Time', // Added - 2018-08-30 'AttrEndWeekday' => 'End Weekday', // Added - 2018-08-30 'AttrFilterServer' => 'Server Filter is Running On', // Added - 2018-08-30 - 'AttrFrames' => 'ôøééîéí', + 'AttrFrames' => 'פריימים', 'AttrId' => 'Id', - 'AttrMaxScore' => 'ðé÷åã î÷ñéîìé', + 'AttrMaxScore' => 'ניקוד מקסימלי', 'AttrMonitorId' => 'Monitor Id', - 'AttrMonitorName' => 'ùí îåðéèåø', + 'AttrMonitorName' => 'שם מוניטור', 'AttrMonitorServer' => 'Server Monitor is Running On', // Added - 2018-08-30 - 'AttrName' => 'ùí', - 'AttrNotes' => 'äòøåú', + 'AttrName' => 'שם', + 'AttrNotes' => 'הערות', 'AttrStartDate' => 'Start Date', // Added - 2018-08-30 'AttrStartDateTime' => 'Start Date/Time', // Added - 2018-08-30 'AttrStartTime' => 'Start Time', // Added - 2018-08-30 @@ -132,13 +132,13 @@ $SLANG = array( 'AttrStorageArea' => 'Storage Area', // Added - 2018-08-30 'AttrStorageServer' => 'Server Hosting Storage', // Added - 2018-08-30 'AttrSystemLoad' => 'System Load', - 'AttrTotalScore' => 'ñê ñëåí', - 'Auto' => 'àåèå', - 'AutoStopTimeout' => 'ôñ÷ æîï òöéøä àåèå', + 'AttrTotalScore' => 'סך סכום', + 'Auto' => 'אוטו', + 'AutoStopTimeout' => 'פסק זמן עצירה אוטו', 'Available' => 'Available', // Added - 2009-03-31 - 'AvgBrScore' => 'ðé÷åã
îîåöò', - 'Background' => 'ø÷ò', - 'BackgroundFilter' => 'äøõ îñðï áø÷ò', + 'AvgBrScore' => 'ניקוד
ממוצע', + 'Background' => 'רקע', + 'BackgroundFilter' => 'הרץ מסנן ברקע', 'BadAlarmFrameCount' => 'Alarm frame count must be an integer of one or more', 'BadAlarmMaxFPS' => 'Alarm Maximum FPS must be a positive integer or floating point value', 'BadAnalysisFPS' => 'Analysis FPS must be a positive integer or floating point value', // Added - 2015-07-22 @@ -165,30 +165,30 @@ $SLANG = array( 'BadRefBlendPerc' => 'Reference blend percentage must be a positive integer', 'BadSectionLength' => 'Section length must be an integer of 30 or more', 'BadSignalCheckColour' => 'Signal check colour must be a valid RGB colour string', - 'BadSourceType' => 'Source Type \"Web Site\" requires the Function to be set to \"Monitor\"', // Added - 2018-08-30 + 'BadSourceType' => 'Source Type "Web Site" requires the Function to be set to "Monitor"', // Added - 2018-08-30 'BadStreamReplayBuffer'=> 'Stream replay buffer must be an integer of zero or more', 'BadWarmupCount' => 'Warmup frames must be an integer of zero or more', 'BadWebColour' => 'Web colour must be a valid web colour string', 'BadWebSitePath' => 'Please enter a complete website url, including the http:// or https:// prefix.', // Added - 2018-08-30 'BadWidth' => 'Width must be set to a valid value', - 'Bandwidth' => 'øåçá ôñ', + 'Bandwidth' => 'רוחב פס', 'BandwidthHead' => 'Bandwidth', // This is the end of the bandwidth status on the top of the console, different in many language due to phrasing 'BlobPx' => 'Blob Px', 'BlobSizes' => 'Blob Sizes', 'Blobs' => 'Blobs', - 'Brightness' => 'áäéøåú', + 'Brightness' => 'בהירות', 'Buffer' => 'Buffer', // Added - 2015-04-18 'Buffers' => 'Buffers', 'CSSDescription' => 'Change the default css for this computer', // Added - 2015-04-18 - 'CanAutoFocus' => 'àôùø äúî÷ãåú àåèåîèé', + 'CanAutoFocus' => 'אפשר התמקדות אוטומטי', 'CanAutoGain' => 'Can Auto Gain', 'CanAutoIris' => 'Can Auto Iris', 'CanAutoWhite' => 'Can Auto White Bal.', - 'CanAutoZoom' => 'àôùø æåí àåèåîèé', - 'CanFocus' => 'àôùø äúî÷ãåú', - 'CanFocusAbs' => 'àôùø äúî÷ãåú àáñåìåèé', - 'CanFocusCon' => 'àôùø äúî÷ãåú îúîùê', - 'CanFocusRel' => 'àôùø äúî÷ãåú éçñé', + 'CanAutoZoom' => 'אפשר זום אוטומטי', + 'CanFocus' => 'אפשר התמקדות', + 'CanFocusAbs' => 'אפשר התמקדות אבסולוטי', + 'CanFocusCon' => 'אפשר התמקדות מתמשך', + 'CanFocusRel' => 'אפשר התמקדות יחסי', 'CanGain' => 'Can Gain ', 'CanGainAbs' => 'Can Gain Absolute', 'CanGainCon' => 'Can Gain Continuous', @@ -197,142 +197,141 @@ $SLANG = array( 'CanIrisAbs' => 'Can Iris Absolute', 'CanIrisCon' => 'Can Iris Continuous', 'CanIrisRel' => 'Can Iris Relative', - 'CanMove' => 'àôùø úðåòä', - 'CanMoveAbs' => 'àôùø úðåòä àáñåìåèéú', - 'CanMoveCon' => 'àôùø úæåæä îúîùëú', + 'CanMove' => 'אפשר תנועה', + 'CanMoveAbs' => 'אפשר תנועה אבסולוטית', + 'CanMoveCon' => 'אפשר תזוזה מתמשכת', 'CanMoveDiag' => 'Can Move Diagonally', 'CanMoveMap' => 'Can Move Mapped', - 'CanMoveRel' => 'àôùø úæåæä éçñéú', + 'CanMoveRel' => 'אפשר תזוזה יחסית', 'CanPan' => 'Can Pan' , - 'CanReset' => 'àôùø àúçåì', - 'CanReboot' => 'Can Reboot', + 'CanReset' => 'אפשר אתחול', 'CanSetPresets' => 'Can Set Presets', - 'CanSleep' => 'àôùø îöá ùéðä', - 'CanTilt' => 'àôùø æòæåò', - 'CanWake' => 'àôùø éöéàä îîöá ùéðä', + 'CanSleep' => 'אפשר מצב שינה', + 'CanTilt' => 'אפשר זעזוע', + 'CanWake' => 'אפשר יציאה ממצב שינה', 'CanWhite' => 'Can White Balance', 'CanWhiteAbs' => 'Can White Bal. Absolute', 'CanWhiteBal' => 'Can White Bal.', 'CanWhiteCon' => 'Can White Bal. Continuous', 'CanWhiteRel' => 'Can White Bal. Relative', - 'CanZoom' => 'àôùø æåí', - 'CanZoomAbs' => 'àôùø æåí àáñåìåèé', - 'CanZoomCon' => 'àôùø æåí îúîùê', - 'CanZoomRel' => 'àôùø æåí éçñé', - 'Cancel' => 'áèì', + 'CanZoom' => 'אפשר זום', + 'CanZoomAbs' => 'אפשר זום אבסולוטי', + 'CanZoomCon' => 'אפשר זום מתמשך', + 'CanZoomRel' => 'אפשר זום יחסי', + 'Cancel' => 'בטל', 'CancelForcedAlarm' => 'Cancel Forced Alarm', 'CaptureHeight' => 'Capture Height', 'CaptureMethod' => 'Capture Method', // Added - 2009-02-08 'CapturePalette' => 'Capture Palette', 'CaptureResolution' => 'Capture Resolution', // Added - 2015-04-18 'CaptureWidth' => 'Capture Width', - 'Cause' => 'ñéáä', + 'Cause' => 'סיבה', 'CheckMethod' => 'Alarm Check Method', 'ChooseDetectedCamera' => 'Choose Detected Camera', // Added - 2009-03-31 - 'ChooseFilter' => 'áçø îñðï', + 'ChooseFilter' => 'בחר מסנן', 'ChooseLogFormat' => 'Choose a log format', // Added - 2011-06-17 'ChooseLogSelection' => 'Choose a log selection', // Added - 2011-06-17 'ChoosePreset' => 'Choose Preset', 'Clear' => 'Clear', // Added - 2011-06-16 'CloneMonitor' => 'Clone', // Added - 2018-08-30 - 'Close' => 'ñâåø', - 'Colour' => 'öáò', - 'Command' => 'ô÷åãä', + 'Close' => 'סגור', + 'Colour' => 'צבע', + 'Command' => 'פקודה', 'Component' => 'Component', // Added - 2011-06-16 'ConcurrentFilter' => 'Run filter concurrently', // Added - 2018-08-30 - 'Config' => 'úöåøä', - 'ConfiguredFor' => 'úöåøä òáåø', + 'Config' => 'תצורה', + 'ConfiguredFor' => 'תצורה עבור', 'ConfirmDeleteEvents' => 'Are you sure you wish to delete the selected events?', - 'ConfirmPassword' => 'àùø ñéñîà', - 'ConjAnd' => 'å', - 'ConjOr' => 'àå', - 'Console' => '÷åðñåì', - 'ContactAdmin' => 'öåø ÷ùø òí îðäì äîòøëú áùáéì ôøèéí ðåñôéí.', - 'Continue' => 'äîùê', - 'Contrast' => 'ðéâåãéåú', - 'Control' => '÷åðèøåì', - 'ControlAddress' => 'ëúåáú ä÷åðèøåì', - 'ControlCap' => 'éëåìú ä÷åðèøåì', - 'ControlCaps' => 'éëåìåú ä÷åðèøåì', - 'ControlDevice' => 'äú÷ï ä÷åðèøåì', - 'ControlType' => 'ñåâ ä÷åðèøåì', + 'ConfirmPassword' => 'אשר סיסמא', + 'ConjAnd' => 'ו', + 'ConjOr' => 'או', + 'Console' => 'קונסול', + 'ContactAdmin' => 'צור קשר עם מנהל המערכת בשביל פרטים נוספים.', + 'Continue' => 'המשך', + 'Contrast' => 'ניגודיות', + 'Control' => 'קונטרול', + 'ControlAddress' => 'כתובת הקונטרול', + 'ControlCap' => 'יכולת הקונטרול', + 'ControlCaps' => 'יכולות הקונטרול', + 'ControlDevice' => 'התקן הקונטרול', + 'ControlType' => 'סוג הקונטרול', 'Controllable' => 'Controllable', 'Current' => 'Current', // Added - 2015-04-18 - 'Cycle' => 'îçæåøé', - 'CycleWatch' => 'öôééä îçæåøéú', + 'Cycle' => 'מחזורי', + 'CycleWatch' => 'צפייה מחזורית', 'DateTime' => 'Date/Time', // Added - 2011-06-16 - 'Day' => 'éåí', + 'Day' => 'יום', 'Debug' => 'Debug', 'DefaultRate' => 'Default Rate', 'DefaultScale' => 'Default Scale', 'DefaultView' => 'Default View', 'Deinterlacing' => 'Deinterlacing', // Added - 2015-04-18 'Delay' => 'Delay', // Added - 2015-04-18 - 'Delete' => 'îç÷', - 'DeleteAndNext' => 'îç÷ & äáà', - 'DeleteAndPrev' => 'îç÷ & ä÷åãí', - 'DeleteSavedFilter' => 'îç÷ îñðï ùîåø', - 'Description' => 'úéàåø', + 'Delete' => 'מחק', + 'DeleteAndNext' => 'מחק & הבא', + 'DeleteAndPrev' => 'מחק & הקודם', + 'DeleteSavedFilter' => 'מחק מסנן שמור', + 'Description' => 'תיאור', 'DetectedCameras' => 'Detected Cameras', // Added - 2009-03-31 'DetectedProfiles' => 'Detected Profiles', // Added - 2015-04-18 'Device' => 'Device', // Added - 2009-02-08 - 'DeviceChannel' => 'òøåõ ääú÷ï', - 'DeviceFormat' => 'úáðéú ääú÷ï', - 'DeviceNumber' => 'îñôø ääú÷ï', - 'DevicePath' => 'ðúéá ääú÷ï', - 'Devices' => 'äú÷ðéí', - 'Dimensions' => 'îéîãéí', - 'DisableAlarms' => 'ðèøì àæò÷åú', - 'Disk' => 'ãéñ÷', + 'DeviceChannel' => 'ערוץ ההתקן', + 'DeviceFormat' => 'תבנית ההתקן', + 'DeviceNumber' => 'מספר ההתקן', + 'DevicePath' => 'נתיב ההתקן', + 'Devices' => 'התקנים', + 'Dimensions' => 'מימדים', + 'DisableAlarms' => 'נטרל אזעקות', + 'Disk' => 'דיסק', 'Display' => 'Display', // Added - 2011-01-30 'Displaying' => 'Displaying', // Added - 2011-06-16 'DoNativeMotionDetection'=> 'Do Native Motion Detection', - 'Donate' => 'úøåí áá÷ùä', - 'DonateAlready' => 'ìà, úøîúé ëáø', - 'DonateEnticement' => 'You\'ve been running ZoneMinder for a while now and hopefully are finding it a useful addition to your home or workplace security. Although ZoneMinder is, and will remain, free and open source, it costs money to develop and support. If you would like to help support future development and new features then please consider donating. Donating is, of course, optional but very much appreciated and you can donate as much or as little as you like.

If you would like to donate please select the option below or go to https://zoneminder.com/donate/ in your browser.

Thank you for using ZoneMinder and don\'t forget to visit the forums on ZoneMinder.com for support or suggestions about how to make your ZoneMinder experience even better.', - 'DonateRemindDay' => 'òãééï ìà, äæëø ìà áòåã éåí àçã', - 'DonateRemindHour' => 'òãééï ìà, äæëø ìé áòåã ùòä àçú', - 'DonateRemindMonth' => 'òãééï ìà, äæëø ìé áòåã çåãù àçã', - 'DonateRemindNever' => 'ìà, àðé ìà øåöä ìúøåí, àì úúæëø àåúé', - 'DonateRemindWeek' => 'òãééï ìà, äæëø ìé áòåã ùáåò àçã', - 'DonateYes' => 'ëï, àðé îòåðééï ìúøåí òëùéå', - 'Download' => 'äåøã', + 'Donate' => 'תרום בבקשה', + 'DonateAlready' => 'לא, תרמתי כבר', + 'DonateEnticement' => 'You\'ve been running ZoneMinder for a while now and hopefully are finding it a useful addition to your home or workplace security. Although ZoneMinder is, and will remain, free and open source, it costs money to develop and support. If you would like to help support future development and new features then please consider donating. Donating is, of course, optional but very much appreciated and you can donate as much or as little as you like.

If you would like to donate please select the option below or go to http://www.zoneminder.com/donate.html in your browser.

Thank you for using ZoneMinder and don\'t forget to visit the forums on ZoneMinder.com for support or suggestions about how to make your ZoneMinder experience even better.', + 'DonateRemindDay' => 'עדיין לא, הזכר לא בעוד יום אחד', + 'DonateRemindHour' => 'עדיין לא, הזכר לי בעוד שעה אחת', + 'DonateRemindMonth' => 'עדיין לא, הזכר לי בעוד חודש אחד', + 'DonateRemindNever' => 'לא, אני לא רוצה לתרום, אל תתזכר אותי', + 'DonateRemindWeek' => 'עדיין לא, הזכר לי בעוד שבוע אחד', + 'DonateYes' => 'כן, אני מעוניין לתרום עכשיו', + 'Download' => 'הורד', 'DownloadVideo' => 'Download Video', // Added - 2018-08-30 'DuplicateMonitorName' => 'Duplicate Monitor Name', // Added - 2009-03-31 - 'Duration' => 'îùê æîï', - 'Edit' => 'òøåê', + 'Duration' => 'משך זמן', + 'Edit' => 'ערוך', 'EditLayout' => 'Edit Layout', // Added - 2018-08-30 - 'Email' => 'ãåà"ì', - 'EnableAlarms' => 'àôùø àæò÷åú', - 'Enabled' => 'àôùø', - 'EnterNewFilterName' => 'äæï îñðï çãù', - 'Error' => 'ùâéàä', + 'Email' => 'דוא"ל', + 'EnableAlarms' => 'אפשר אזעקות', + 'Enabled' => 'אפשר', + 'EnterNewFilterName' => 'הזן מסנן חדש', + 'Error' => 'שגיאה', 'ErrorBrackets' => 'Error, please check you have an equal number of opening and closing brackets', 'ErrorValidValue' => 'Error, please check that all terms have a valid value', - 'Etc' => 'åëå\'', - 'Event' => 'àéøåò', - 'EventFilter' => 'îñðï àéøåò', - 'EventId' => 'æéäåé àéøåò', - 'EventName' => 'ùí àéøåò', + 'Etc' => 'וכו\'', + 'Event' => 'אירוע', + 'EventFilter' => 'מסנן אירוע', + 'EventId' => 'זיהוי אירוע', + 'EventName' => 'שם אירוע', 'EventPrefix' => 'Event Prefix', - 'Events' => 'àéøåòéí', - 'Exclude' => 'ììà', - 'Execute' => 'áöò', + 'Events' => 'אירועים', + 'Exclude' => 'ללא', + 'Execute' => 'בצע', 'Exif' => 'Embed EXIF data into image', // Added - 2018-08-30 - 'Export' => 'éöà', - 'ExportDetails' => 'éöà ôøèé àéøåò', - 'ExportFailed' => 'éöåà ðëùì', - 'ExportFormat' => 'éöà úáðéú ÷åáõ', + 'Export' => 'יצא', + 'ExportDetails' => 'יצא פרטי אירוע', + 'ExportFailed' => 'יצוא נכשל', + 'ExportFormat' => 'יצא תבנית קובץ', 'ExportFormatTar' => 'Tar', 'ExportFormatZip' => 'Zip', 'ExportFrames' => 'Export Frame Details', - 'ExportImageFiles' => 'éöà ÷áöé úîåðä', + 'ExportImageFiles' => 'יצא קבצי תמונה', 'ExportLog' => 'Export Log', // Added - 2011-06-17 - 'ExportMiscFiles' => 'éöà ÷áöéí àçøéí (àí éùðí)', - 'ExportOptions' => 'éöà àôùøåéåú', + 'ExportMiscFiles' => 'יצא קבצים אחרים (אם ישנם)', + 'ExportOptions' => 'יצא אפשרויות', 'ExportSucceeded' => 'Export Succeeded', // Added - 2009-02-08 'ExportVideoFiles' => 'Export Video Files (if present)', - 'Exporting' => 'îééöà', + 'Exporting' => 'מייצא', 'FPS' => 'fps', 'FPSReportInterval' => 'FPS Report Interval', 'FTP' => 'FTP', @@ -340,22 +339,22 @@ $SLANG = array( 'FastForward' => 'Fast Forward', 'Feed' => 'Feed', 'Ffmpeg' => 'Ffmpeg', // Added - 2009-02-08 - 'File' => '÷åáõ', + 'File' => 'קובץ', 'Filter' => 'Filter', // Added - 2015-04-18 - 'FilterArchiveEvents' => 'àøëá úåàîéí', - 'FilterDeleteEvents' => 'îç÷ úåàîéí', - 'FilterEmailEvents' => 'ùìç ãåàø ùì ëì äúåàîéí', + 'FilterArchiveEvents' => 'ארכב תואמים', + 'FilterDeleteEvents' => 'מחק תואמים', + 'FilterEmailEvents' => 'שלח דואר של כל התואמים', 'FilterExecuteEvents' => 'Execute command on all matches', 'FilterLog' => 'Filter log', // Added - 2015-04-18 'FilterMessageEvents' => 'Message details of all matches', 'FilterMoveEvents' => 'Move all matches', // Added - 2018-08-30 'FilterPx' => 'Filter Px', - 'FilterUnset' => 'òìéê ìöééï øåçá åâåáä îñðï', + 'FilterUnset' => 'עליך לציין רוחב וגובה מסנן', 'FilterUpdateDiskSpace'=> 'Update used disk space', // Added - 2018-08-30 - 'FilterUploadEvents' => 'òìä àú ëì äúåàîéí', - 'FilterVideoEvents' => 'öåø åéãàå ìëì äúåàîéí', - 'Filters' => 'îñððéí', - 'First' => 'äøàùåï', + 'FilterUploadEvents' => 'עלה את כל התואמים', + 'FilterVideoEvents' => 'צור וידאו לכל התואמים', + 'Filters' => 'מסננים', + 'First' => 'הראשון', 'FlippedHori' => 'Flipped Horizontally', 'FlippedVert' => 'Flipped Vertically', 'FnMocord' => 'Mocord', // Added 2013.08.16. @@ -364,25 +363,25 @@ $SLANG = array( 'FnNodect' => 'Nodect', // Added 2013.08.16. 'FnNone' => 'None', // Added 2013.08.16. 'FnRecord' => 'Record', // Added 2013.08.16. - 'Focus' => 'äúî÷ã', - 'ForceAlarm' => 'äëøç àæò÷ä', - 'Format' => 'úáðéú', - 'Frame' => 'ôøééí', + 'Focus' => 'התמקד', + 'ForceAlarm' => 'הכרח אזעקה', + 'Format' => 'תבנית', + 'Frame' => 'פריים', 'FrameId' => 'Frame Id', 'FrameRate' => 'Frame Rate', - 'FrameSkip' => 'ãìâ ôøééí', - 'Frames' => 'ôøééîéí', - 'Func' => 'ôåð÷', - 'Function' => 'ôåð÷öéä', + 'FrameSkip' => 'דלג פריים', + 'Frames' => 'פריימים', + 'Func' => 'פונק', + 'Function' => 'פונקציה', 'Gain' => 'Gain', - 'General' => 'ëììé', + 'General' => 'כללי', 'GenerateDownload' => 'Generate Download', // Added - 2018-08-30 - 'GenerateVideo' => 'öåø åéãàå', - 'GeneratingVideo' => 'îééöø åéãàå', - 'GoToZoneMinder' => 'á÷ø ZoneMinder.com', - 'Grey' => 'àôåø', - 'Group' => '÷áåöä', - 'Groups' => '÷áåöåú', + 'GenerateVideo' => 'צור וידאו', + 'GeneratingVideo' => 'מייצר וידאו', + 'GoToZoneMinder' => 'בקר ZoneMinder.com', + 'Grey' => 'אפור', + 'Group' => 'קבוצה', + 'Groups' => 'קבוצות', 'HasFocusSpeed' => 'Has Focus Speed', 'HasGainSpeed' => 'Has Gain Speed', 'HasHomePreset' => 'Has Home Preset', @@ -394,53 +393,53 @@ $SLANG = array( 'HasTurboTilt' => 'Has Turbo Tilt', 'HasWhiteSpeed' => 'Has White Bal. Speed', 'HasZoomSpeed' => 'Has Zoom Speed', - 'High' => 'âáåä', - 'HighBW' => 'âáåä ø/ô', - 'Home' => 'áéú', + 'High' => 'גבוה', + 'HighBW' => 'גבוה ר/פ', + 'Home' => 'בית', 'Hostname' => 'Hostname', // Added - 2018-08-30 - 'Hour' => 'ùòä', + 'Hour' => 'שעה', 'Hue' => 'Hue', - 'Id' => 'æéäåé', - 'Idle' => 'äîúðä', - 'Ignore' => 'äúòìí', - 'Image' => 'úîåðä', + 'Id' => 'זיהוי', + 'Idle' => 'המתנה', + 'Ignore' => 'התעלם', + 'Image' => 'תמונה', 'ImageBufferSize' => 'Image Buffer Size (frames)', - 'Images' => 'úîåðåú', - 'In' => 'áúåê', - 'Include' => 'ëìåì', - 'Inverted' => 'äôåê', + 'Images' => 'תמונות', + 'In' => 'בתוך', + 'Include' => 'כלול', + 'Inverted' => 'הפוך', 'Iris' => 'Iris', - 'KeyString' => 'îçøåæú úåéí', - 'Label' => 'úååéú', - 'Language' => 'ùôä', - 'Last' => 'àçøåï', + 'KeyString' => 'מחרוזת תוים', + 'Label' => 'תווית', + 'Language' => 'שפה', + 'Last' => 'אחרון', 'Layout' => 'Layout', // Added - 2009-02-08 'Level' => 'Level', // Added - 2011-06-16 'Libvlc' => 'Libvlc', - 'LimitResultsPost' => 'úåöàåú áìáã;', // This is used at the end of the phrase 'Limit to first N results only' - 'LimitResultsPre' => 'äâáì ìøàùåï', // This is used at the beginning of the phrase 'Limit to first N results only' + 'LimitResultsPost' => 'תוצאות בלבד;', // This is used at the end of the phrase 'Limit to first N results only' + 'LimitResultsPre' => 'הגבל לראשון', // This is used at the beginning of the phrase 'Limit to first N results only' 'Line' => 'Line', // Added - 2011-06-16 - 'LinkedMonitors' => 'îåðéèåøéí î÷åùøéí', - 'List' => 'øùéîä', + 'LinkedMonitors' => 'מוניטורים מקושרים', + 'List' => 'רשימה', 'ListMatches' => 'List Matches', // Added - 2018-08-30 - 'Load' => 'èòï', - 'Local' => 'î÷åîé', + 'Load' => 'טען', + 'Local' => 'מקומי', 'Log' => 'Log', // Added - 2011-06-16 - 'LoggedInAs' => 'äúçáø ë', + 'LoggedInAs' => 'התחבר כ', 'Logging' => 'Logging', // Added - 2011-06-16 - 'LoggingIn' => 'îúçáø', - 'Login' => 'äúçáø', - 'Logout' => 'äúðú÷', + 'LoggingIn' => 'מתחבר', + 'Login' => 'התחבר', + 'Logout' => 'התנתק', 'Logs' => 'Logs', // Added - 2011-06-17 - 'Low' => 'ðîåê', - 'LowBW' => 'ðîåê ø/ô', - 'Main' => 'îøëæé', - 'Man' => 'îãøéê', - 'Manual' => 'îãøéê', - 'Mark' => 'ñîï', - 'Max' => 'î÷ñ', - 'MaxBandwidth' => 'øåçá ôñ î÷ñ', - 'MaxBrScore' => 'ðé÷åã
î÷ñéîìé', + 'Low' => 'נמוך', + 'LowBW' => 'נמוך ר/פ', + 'Main' => 'מרכזי', + 'Man' => 'מדריך', + 'Manual' => 'מדריך', + 'Mark' => 'סמן', + 'Max' => 'מקס', + 'MaxBandwidth' => 'רוחב פס מקס', + 'MaxBrScore' => 'ניקוד
מקסימלי', 'MaxFocusRange' => 'Max Focus Range', 'MaxFocusSpeed' => 'Max Focus Speed', 'MaxFocusStep' => 'Max Focus Step', @@ -463,8 +462,8 @@ $SLANG = array( 'MaxZoomSpeed' => 'Max Zoom Speed', 'MaxZoomStep' => 'Max Zoom Step', 'MaximumFPS' => 'Maximum FPS', - 'Medium' => 'áéðåðé', - 'MediumBW' => 'Medium B/W', + 'Medium' => 'בינוני', + 'MediumBW' => 'Medium B/W', 'Message' => 'Message', // Added - 2011-06-16 'MinAlarmAreaLtMax' => 'Minimum alarm area should be less than maximum', 'MinAlarmAreaUnset' => 'You must specify the minimum alarm pixel count', @@ -501,19 +500,19 @@ $SLANG = array( 'MinZoomStep' => 'Min Zoom Step', 'Misc' => 'Misc', 'Mode' => 'Mode', // Added - 2015-04-18 - 'Monitor' => 'îåðéèåø', - 'MonitorIds' => 'Monitor Ids', + 'Monitor' => 'מוניטור', + 'MonitorIds' => 'Monitor Ids', 'MonitorPreset' => 'Monitor Preset', 'MonitorPresetIntro' => 'Select an appropriate preset from the list below.

Please note that this may overwrite any values you already have configured for this monitor.

', 'MonitorProbe' => 'Monitor Probe', // Added - 2009-03-31 'MonitorProbeIntro' => 'The list below shows detected analog and network cameras and whether they are already being used or available for selection.

Select the desired entry from the list below.

Please note that not all cameras may be detected and that choosing a camera here may overwrite any values you already have configured for the current monitor.

', // Added - 2009-03-31 - 'Monitors' => 'îåðéèåøéí', + 'Monitors' => 'מוניטורים', 'Montage' => 'Montage', 'MontageReview' => 'Montage Review', // Added - 2018-08-30 - 'Month' => 'çåãù', + 'Month' => 'חודש', 'More' => 'More', // Added - 2011-06-16 'MotionFrameSkip' => 'Motion Frame Skip', - 'Move' => 'äææ', + 'Move' => 'הזז', 'Mtg2widgrd' => '2-wide grid', // Added 2013.08.15. 'Mtg3widgrd' => '3-wide grid', // Added 2013.08.15. 'Mtg3widgrx' => '3-wide grid, scaled, enlarge on alarm', // Added 2013.08.15. @@ -524,52 +523,52 @@ $SLANG = array( 'MustConfirmPassword' => 'You must confirm the password', 'MustSupplyPassword' => 'You must supply a password', 'MustSupplyUsername' => 'You must supply a username', - 'Name' => 'ùí', - 'Near' => 'ìéã', - 'Network' => 'øùú', - 'New' => 'çãù', - 'NewGroup' => '÷áåöä çãùä', - 'NewLabel' => 'úååéú çãùä', - 'NewPassword' => 'ñéñîà çãùä', - 'NewState' => 'îöá çãù', - 'NewUser' => 'îùúîù çãù', - 'Next' => 'äáà', - 'No' => 'ìà', + 'Name' => 'שם', + 'Near' => 'ליד', + 'Network' => 'רשת', + 'New' => 'חדש', + 'NewGroup' => 'קבוצה חדשה', + 'NewLabel' => 'תווית חדשה', + 'NewPassword' => 'סיסמא חדשה', + 'NewState' => 'מצב חדש', + 'NewUser' => 'משתמש חדש', + 'Next' => 'הבא', + 'No' => 'לא', 'NoDetectedCameras' => 'No Detected Cameras', // Added - 2009-03-31 'NoDetectedProfiles' => 'No Detected Profiles', // Added - 2018-08-30 'NoFramesRecorded' => 'There are no frames recorded for this event', - 'NoGroup' => 'ììà ÷áåöä', + 'NoGroup' => 'ללא קבוצה', 'NoSavedFilters' => 'NoSavedFilters', 'NoStatisticsRecorded' => 'There are no statistics recorded for this event/frame', - 'None' => 'øé÷', - 'NoneAvailable' => 'áìúé æîéï', - 'Normal' => 'ðåøîìé', + 'None' => 'ריק', + 'NoneAvailable' => 'בלתי זמין', + 'Normal' => 'נורמלי', 'Notes' => 'Notes', 'NumPresets' => 'Num Presets', - 'Off' => 'ëáåé', - 'On' => 'ãìå÷', + 'Off' => 'כבוי', + 'On' => 'דלוק', 'OnvifCredentialsIntro'=> 'Please supply user name and password for the selected camera.
If no user has been created for the camera then the user given here will be created with the given password.

', // Added - 2015-04-18 'OnvifProbe' => 'ONVIF', // Added - 2015-04-18 'OnvifProbeIntro' => 'The list below shows detected ONVIF cameras and whether they are already being used or available for selection.

Select the desired entry from the list below.

Please note that not all cameras may be detected and that choosing a camera here may overwrite any values you already have configured for the current monitor.

', // Added - 2015-04-18 - 'OpEq' => 'ùååä ì', - 'OpGt' => 'âãåì î', + 'OpEq' => 'שווה ל', + 'OpGt' => 'גדול מ', 'OpGtEq' => 'greater than or equal to', 'OpIn' => 'in set', 'OpIs' => 'is', // Added - 2018-08-30 'OpIsNot' => 'is not', // Added - 2018-08-30 - 'OpLt' => 'ôçåú î', + 'OpLt' => 'פחות מ', 'OpLtEq' => 'less than or equal to', 'OpMatches' => 'matches', - 'OpNe' => 'àéðå ùååä', + 'OpNe' => 'אינו שווה', 'OpNotIn' => 'not in set', - 'OpNotMatches' => 'àéðå úåàí', - 'Open' => 'ôúç', + 'OpNotMatches' => 'אינו תואם', + 'Open' => 'פתח', 'OptionHelp' => 'OptionHelp', 'OptionRestartWarning' => 'These changes may not come into effect fully\nwhile the system is running. When you have\nfinished making your changes please ensure that\nyou restart ZoneMinder.', 'OptionalEncoderParam' => 'Optional Encoder Parameters', // Added - 2018-08-30 - 'Options' => 'àôùøåéåú', + 'Options' => 'אפשרויות', 'OrEnterNewName' => 'or enter new name', - 'Order' => 'îéåï', + 'Order' => 'מיון', 'Orientation' => 'Orientation', 'Out' => 'Out', 'OverwriteExisting' => 'Overwrite Existing', @@ -578,27 +577,27 @@ $SLANG = array( 'PanLeft' => 'Pan Left', 'PanRight' => 'Pan Right', 'PanTilt' => 'Pan/Tilt', - 'Parameter' => 'ôøîèø', - 'Password' => 'ñéñîà', + 'Parameter' => 'פרמטר', + 'Password' => 'סיסמא', 'PasswordsDifferent' => 'The new and confirm passwords are different', - 'Paths' => 'ðúéáéí', + 'Paths' => 'נתיבים', 'Pause' => 'Pause', - 'Phone' => 'èìôåï', - 'PhoneBW' => 'ø/ô èìôåï', + 'Phone' => 'טלפון', + 'PhoneBW' => 'ר/פ טלפון', 'Pid' => 'PID', // Added - 2011-06-16 'PixelDiff' => 'Pixel Diff', - 'Pixels' => 'ôé÷ñìéí', + 'Pixels' => 'פיקסלים', 'Play' => 'Play', - 'PlayAll' => 'ðâï äëì', - 'PleaseWait' => 'äîúï áá÷ùä', + 'PlayAll' => 'נגן הכל', + 'PleaseWait' => 'המתן בבקשה', 'Plugins' => 'Plugins', - 'Point' => 'ð÷åãä', + 'Point' => 'נקודה', 'PostEventImageBuffer' => 'Post Event Image Count', 'PreEventImageBuffer' => 'Pre Event Image Count', 'PreserveAspect' => 'Preserve Aspect Ratio', 'Preset' => 'Preset', 'Presets' => 'Presets', - 'Prev' => 'ä÷åãí', + 'Prev' => 'הקודם', 'Probe' => 'Probe', // Added - 2009-03-31 'ProfileProbe' => 'Stream Probe', // Added - 2015-04-18 'ProfileProbeIntro' => 'The list below shows the existing stream profiles of the selected camera .

Select the desired entry from the list below.

Please note that ZoneMinder cannot configure additional profiles and that choosing a camera here may overwrite any values you already have configured for the current monitor.

', // Added - 2015-04-18 @@ -606,188 +605,188 @@ $SLANG = array( 'Protocol' => 'Protocol', 'RTSPDescribe' => 'Use RTSP Response Media URL', // Added - 2018-08-30 'RTSPTransport' => 'RTSP Transport Protocol', // Added - 2018-08-30 - 'Rate' => 'ãéøåâ', - 'Real' => 'àîéúé', + 'Rate' => 'דירוג', + 'Real' => 'אמיתי', 'RecaptchaWarning' => 'Your reCaptcha secret key is invalid. Please correct it, or reCaptcha will not work', // Added - 2018-08-30 - 'Record' => 'ä÷ìèä', + 'Record' => 'הקלטה', 'RecordAudio' => 'Whether to store the audio stream when saving an event.', // Added - 2018-08-30 'RefImageBlendPct' => 'Reference Image Blend %ge', - 'Refresh' => 'øòðåï', - 'Remote' => 'îøåç÷', - 'RemoteHostName' => 'ùí îàøç îøåç÷', - 'RemoteHostPath' => 'ðúéá îàøç îøåç÷', - 'RemoteHostPort' => 'ôåøè îàøç îøåç÷', + 'Refresh' => 'רענון', + 'Remote' => 'מרוחק', + 'RemoteHostName' => 'שם מארח מרוחק', + 'RemoteHostPath' => 'נתיב מארח מרוחק', + 'RemoteHostPort' => 'פורט מארח מרוחק', 'RemoteHostSubPath' => 'Remote Host SubPath', // Added - 2009-02-08 'RemoteImageColours' => 'Remote Image Colours', 'RemoteMethod' => 'Remote Method', // Added - 2009-02-08 'RemoteProtocol' => 'Remote Protocol', // Added - 2009-02-08 - 'Rename' => 'ùðä ùí', + 'Rename' => 'שנה שם', 'Replay' => 'Replay', 'ReplayAll' => 'All Events', 'ReplayGapless' => 'Gapless Events', 'ReplaySingle' => 'Single Event', 'ReportEventAudit' => 'Audit Events Report', // Added - 2018-08-30 - 'Reset' => 'àôñ', + 'Reset' => 'אפס', 'ResetEventCounts' => 'Reset Event Counts', - 'Restart' => 'àúçì', - 'Restarting' => 'îàúçì', + 'Restart' => 'אתחל', + 'Restarting' => 'מאתחל', 'RestrictedCameraIds' => 'Restricted Camera Ids', 'RestrictedMonitors' => 'Restricted Monitors', - 'ReturnDelay' => 'çæøä îäùäéä', - 'ReturnLocation' => 'îé÷åí çæøä', + 'ReturnDelay' => 'חזרה מהשהיה', + 'ReturnLocation' => 'מיקום חזרה', 'Rewind' => 'Rewind', - 'RotateLeft' => 'ñåáá ùîàìä', - 'RotateRight' => 'ñåáá éîéðä', + 'RotateLeft' => 'סובב שמאלה', + 'RotateRight' => 'סובב ימינה', 'RunLocalUpdate' => 'Please run zmupdate.pl to update', // Added - 2011-05-25 - 'RunMode' => 'öåøú øéöä', - 'RunState' => 'îöá øéöä', - 'Running' => 'îøéõ', - 'Save' => 'ùîåø', - 'SaveAs' => 'ùîåø áùí', - 'SaveFilter' => 'ùîåø îñðï', + 'RunMode' => 'צורת ריצה', + 'RunState' => 'מצב ריצה', + 'Running' => 'מריץ', + 'Save' => 'שמור', + 'SaveAs' => 'שמור בשם', + 'SaveFilter' => 'שמור מסנן', 'SaveJPEGs' => 'Save JPEGs', // Added - 2018-08-30 - 'Scale' => 'ñ÷àìä', - 'Score' => 'ðé÷åã', - 'Secs' => 'ùðéåú', - 'Sectionlength' => 'àåøê ÷èò', - 'Select' => 'áçø', + 'Scale' => 'סקאלה', + 'Score' => 'ניקוד', + 'Secs' => 'שניות', + 'Sectionlength' => 'אורך קטע', + 'Select' => 'בחר', 'SelectFormat' => 'Select Format', // Added - 2011-06-17 'SelectLog' => 'Select Log', // Added - 2011-06-17 - 'SelectMonitors' => 'áçø îåðéèåøéí', + 'SelectMonitors' => 'בחר מוניטורים', 'SelfIntersecting' => 'Polygon edges must not intersect', - 'Set' => '÷áò', + 'Set' => 'קבע', 'SetNewBandwidth' => 'Set New Bandwidth', 'SetPreset' => 'Set Preset', - 'Settings' => 'äâãøåú', + 'Settings' => 'הגדרות', 'ShowFilterWindow' => 'Show Filter Window', 'ShowTimeline' => 'Show Timeline', 'SignalCheckColour' => 'Signal Check Colour', 'SignalCheckPoints' => 'Signal Check Points', // Added - 2018-08-30 - 'Size' => 'âåãì', + 'Size' => 'גודל', 'SkinDescription' => 'Change the default skin for this computer', // Added - 2011-01-30 - 'Sleep' => 'ùéðä', + 'Sleep' => 'שינה', 'SortAsc' => 'Asc', 'SortBy' => 'Sort by', 'SortDesc' => 'Desc', - 'Source' => 'î÷åø', + 'Source' => 'מקור', 'SourceColours' => 'Source Colours', // Added - 2009-02-08 'SourcePath' => 'Source Path', // Added - 2009-02-08 - 'SourceType' => 'ñåâ î÷åø', - 'Speed' => 'îäéøåú', - 'SpeedHigh' => 'îäéøåú âáåää', - 'SpeedLow' => 'îäéøåú ðîåëä', - 'SpeedMedium' => 'îöìîä áéðåðéú', - 'SpeedTurbo' => 'îäéøåú èåøáå', - 'Start' => 'äúçì', - 'State' => 'îöá', - 'Stats' => 'îöáéí', - 'Status' => 'ñèèåñ', + 'SourceType' => 'סוג מקור', + 'Speed' => 'מהירות', + 'SpeedHigh' => 'מהירות גבוהה', + 'SpeedLow' => 'מהירות נמוכה', + 'SpeedMedium' => 'מצלמה בינונית', + 'SpeedTurbo' => 'מהירות טורבו', + 'Start' => 'התחל', + 'State' => 'מצב', + 'Stats' => 'מצבים', + 'Status' => 'סטטוס', 'StatusConnected' => 'Capturing', // Added - 2018-08-30 'StatusNotRunning' => 'Not Running', // Added - 2018-08-30 'StatusRunning' => 'Not Capturing', // Added - 2018-08-30 'StatusUnknown' => 'Unknown', // Added - 2018-08-30 - 'Step' => 'öòã', + 'Step' => 'צעד', 'StepBack' => 'Step Back', 'StepForward' => 'Step Forward', - 'StepLarge' => 'öòã âãåì', - 'StepMedium' => 'öòã áéðåðé', - 'StepNone' => 'àì úöòã', - 'StepSmall' => 'öòã ÷èï', - 'Stills' => 'ñèéìñ', - 'Stop' => 'òöåø', - 'Stopped' => 'ðòöø', + 'StepLarge' => 'צעד גדול', + 'StepMedium' => 'צעד בינוני', + 'StepNone' => 'אל תצעד', + 'StepSmall' => 'צעד קטן', + 'Stills' => 'סטילס', + 'Stop' => 'עצור', + 'Stopped' => 'נעצר', 'StorageArea' => 'Storage Area', // Added - 2018-08-30 'StorageScheme' => 'Scheme', // Added - 2018-08-30 - 'Stream' => 'ñèøéí', + 'Stream' => 'סטרים', 'StreamReplayBuffer' => 'Stream Replay Image Buffer', 'Submit' => 'Submit', - 'System' => 'îòøëú', + 'System' => 'מערכת', 'SystemLog' => 'System Log', // Added - 2011-06-16 'TargetColorspace' => 'Target colorspace', // Added - 2015-04-18 - 'Tele' => 'èì', + 'Tele' => 'טל', 'Thumbnail' => 'Thumbnail', 'Tilt' => 'Tilt', - 'Time' => 'æîï', - 'TimeDelta' => 'ùéðåé áæîï', - 'TimeStamp' => 'çåúîú æîï', - 'Timeline' => '÷å æîï', + 'Time' => 'זמן', + 'TimeDelta' => 'שינוי בזמן', + 'TimeStamp' => 'חותמת זמן', + 'Timeline' => 'קו זמן', 'TimelineTip1' => 'Pass your mouse over the graph to view a snapshot image and event details.', // Added 2013.08.15. 'TimelineTip2' => 'Click on the coloured sections of the graph, or the image, to view the event.', // Added 2013.08.15. 'TimelineTip3' => 'Click on the background to zoom in to a smaller time period based around your click.', // Added 2013.08.15. 'TimelineTip4' => 'Use the controls below to zoom out or navigate back and forward through the time range.', // Added 2013.08.15. - 'Timestamp' => 'çåúîú æîï', + 'Timestamp' => 'חותמת זמן', 'TimestampLabelFormat' => 'Timestamp Label Format', 'TimestampLabelSize' => 'Font Size', // Added - 2018-08-30 'TimestampLabelX' => 'Timestamp Label X', 'TimestampLabelY' => 'Timestamp Label Y', - 'Today' => 'äéåí', - 'Tools' => 'ëìéí', + 'Today' => 'היום', + 'Tools' => 'כלים', 'Total' => 'Total', // Added - 2011-06-16 - 'TotalBrScore' => 'ñê
ðé÷åã', + 'TotalBrScore' => 'סך
ניקוד', 'TrackDelay' => 'Track Delay', 'TrackMotion' => 'Track Motion', - 'Triggers' => 'èøéâøéí', + 'Triggers' => 'טריגרים', 'TurboPanSpeed' => 'Turbo Pan Speed', 'TurboTiltSpeed' => 'Turbo Tilt Speed', - 'Type' => 'ñåâ', - 'Unarchive' => 'áìúé àøëéá', + 'Type' => 'סוג', + 'Unarchive' => 'בלתי ארכיב', 'Undefined' => 'Undefined', // Added - 2009-02-08 - 'Units' => 'éçéãåú', - 'Unknown' => 'áìúé éãåò', - 'Update' => 'òãëåï', - 'UpdateAvailable' => 'òãëåï ìæåï-îéðãø àôùøé.', - 'UpdateNotNecessary' => 'òãëåï àéðå äëøçé.', + 'Units' => 'יחידות', + 'Unknown' => 'בלתי ידוע', + 'Update' => 'עדכון', + 'UpdateAvailable' => 'עדכון לזון-מינדר אפשרי.', + 'UpdateNotNecessary' => 'עדכון אינו הכרחי.', 'Updated' => 'Updated', // Added - 2011-06-16 'Upload' => 'Upload', // Added - 2011-08-23 - 'UseFilter' => 'ùéîåù áîñðï', - 'UseFilterExprsPost' => ' filter expressions', // This is used at the end of the phrase 'use N filter expressions' - 'UseFilterExprsPre' => 'ùéîåù ', // This is used at the beginning of the phrase 'use N filter expressions' + 'UseFilter' => 'שימוש במסנן', + 'UseFilterExprsPost' => ' filter expressions', // This is used at the end of the phrase 'use N filter expressions' + 'UseFilterExprsPre' => 'שימוש ', // This is used at the beginning of the phrase 'use N filter expressions' 'UsedPlugins' => 'Used Plugins', - 'User' => 'îùúîù', - 'Username' => 'ùí îùúîù', - 'Users' => 'îùúîùéí', + 'User' => 'משתמש', + 'Username' => 'שם משתמש', + 'Users' => 'משתמשים', 'V4L' => 'V4L', // Added - 2015-04-18 'V4LCapturesPerFrame' => 'Captures Per Frame', // Added - 2015-04-18 'V4LMultiBuffer' => 'Multi Buffering', // Added - 2015-04-18 - 'Value' => 'òøê', - 'Version' => 'âéøñä', - 'VersionIgnore' => 'äúòìí îâéøñä æå', - 'VersionRemindDay' => 'äæëø ìé áòåã éåí àçã', - 'VersionRemindHour' => 'äæëø ìé áòåã ùòä àçú', + 'Value' => 'ערך', + 'Version' => 'גירסה', + 'VersionIgnore' => 'התעלם מגירסה זו', + 'VersionRemindDay' => 'הזכר לי בעוד יום אחד', + 'VersionRemindHour' => 'הזכר לי בעוד שעה אחת', 'VersionRemindNever' => 'Don\'t remind about new versions', 'VersionRemindWeek' => 'Remind again in 1 week', - 'Video' => 'åéãàå', - 'VideoFormat' => 'úáðéú åéãàå', + 'Video' => 'וידאו', + 'VideoFormat' => 'תבנית וידאו', 'VideoGenFailed' => 'Video Generation Failed!', 'VideoGenFiles' => 'Existing Video Files', 'VideoGenNoFiles' => 'No Video Files Found', 'VideoGenParms' => 'Video Generation Parameters', 'VideoGenSucceeded' => 'Video Generation Succeeded!', - 'VideoSize' => 'âåãì åéãàå', + 'VideoSize' => 'גודל וידאו', 'VideoWriter' => 'Video Writer', // Added - 2018-08-30 - 'View' => 'äöâ', - 'ViewAll' => 'äöâ äëì', - 'ViewEvent' => 'äöâ àéøåò', + 'View' => 'הצג', + 'ViewAll' => 'הצג הכל', + 'ViewEvent' => 'הצג אירוע', 'ViewPaged' => 'View Paged', - 'Wake' => 'äòø', + 'Wake' => 'הער', 'WarmupFrames' => 'Warmup Frames', - 'Watch' => 'öôä', - 'Web' => 'àéðèøðè', - 'WebColour' => 'öáò àéðèøðè', + 'Watch' => 'צפה', + 'Web' => 'אינטרנט', + 'WebColour' => 'צבע אינטרנט', 'WebSiteUrl' => 'Website URL', // Added - 2018-08-30 - 'Week' => 'ùáåò', - 'White' => 'ìáï', + 'Week' => 'שבוע', + 'White' => 'לבן', 'WhiteBalance' => 'White Balance', - 'Wide' => 'øçá', + 'Wide' => 'רחב', 'X' => 'X', 'X10' => 'X10', 'X10ActivationString' => 'X10 Activation String', 'X10InputAlarmString' => 'X10 Input Alarm String', 'X10OutputAlarmString' => 'X10 Output Alarm String', 'Y' => 'Y', - 'Yes' => 'ëï', - 'YouNoPerms' => 'àéï ìê äøùàä ìäéëðñ ìî÷åø æä.', - 'Zone' => 'àæåø', + 'Yes' => 'כן', + 'YouNoPerms' => 'אין לך הרשאה להיכנס למקור זה.', + 'Zone' => 'אזור', 'ZoneAlarmColour' => 'Alarm Colour (Red/Green/Blue)', 'ZoneArea' => 'Zone Area', 'ZoneExtendAlarmFrames' => 'Extend Alarm Frame Count', @@ -799,10 +798,10 @@ $SLANG = array( 'ZoneMinMaxPixelThres' => 'Min/Max Pixel Threshold (0-255)', 'ZoneMinderLog' => 'ZoneMinder Log', // Added - 2011-06-17 'ZoneOverloadFrames' => 'Overload Frame Ignore Count', - 'Zones' => 'àæåøéí', - 'Zoom' => 'æåí', - 'ZoomIn' => 'æåí ôðéîä', - 'ZoomOut' => 'æåí äçåöä', + 'Zones' => 'אזורים', + 'Zoom' => 'זום', + 'ZoomIn' => 'זום פנימה', + 'ZoomOut' => 'זום החוצה', ); // Complex replacements with formatting and/or placements, must be passed through sprintf From 7b9eaf42b86289233cf434b830cc14feafcbc31d Mon Sep 17 00:00:00 2001 From: Isaac Connor Date: Sun, 22 Sep 2019 12:03:34 -0400 Subject: [PATCH 603/922] Fix selecting group from groups listing under monitor name. Fixes #2711 --- web/skins/classic/views/_monitor_filters.php | 4 ++-- 1 file changed, 2 insertions(+), 2 deletions(-) diff --git a/web/skins/classic/views/_monitor_filters.php b/web/skins/classic/views/_monitor_filters.php index 1d07e3d3a..bc6db799c 100644 --- a/web/skins/classic/views/_monitor_filters.php +++ b/web/skins/classic/views/_monitor_filters.php @@ -24,7 +24,7 @@ foreach ( $servers as $S ) { $ServersById[$S->Id()] = $S; } session_start(); -foreach ( array('Group','Function','ServerId','StorageId','Status','MonitorId','MonitorName','Source') as $var ) { +foreach ( array('GroupId','Function','ServerId','StorageId','Status','MonitorId','MonitorName','Source') as $var ) { if ( isset($_REQUEST[$var]) ) { if ( $_REQUEST[$var] != '' ) { $_SESSION[$var] = $_REQUEST[$var]; @@ -60,7 +60,7 @@ $groupSql = ''; if ( count($GroupsById) ) { $html .= ''; # This will end up with the group_id of the deepest selection - $group_id = isset($_SESSION['Group']) ? $_SESSION['Group'] : null; + $group_id = isset($_SESSION['GroupId']) ? $_SESSION['GroupId'] : null; $html .= ZM\Group::get_group_dropdown(); $groupSql = ZM\Group::get_group_sql($group_id); $html .= ' From 48cb5684244e1ca063e8913f97d2d41a12268bb1 Mon Sep 17 00:00:00 2001 From: Isaac Connor Date: Sun, 22 Sep 2019 12:10:56 -0400 Subject: [PATCH 604/922] fix docker repo --- .travis.yml | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/.travis.yml b/.travis.yml index 3ec7f98b5..b8f620114 100644 --- a/.travis.yml +++ b/.travis.yml @@ -39,7 +39,7 @@ env: - SMPFLAGS=-j4 OS=ubuntu DIST=xenial - SMPFLAGS=-j4 OS=ubuntu DIST=bionic - SMPFLAGS=-j4 OS=ubuntu DIST=disco - - SMPFLAGS=-j4 OS=debian DIST=buster DOCKER_REPO=zmicon/packpack + - SMPFLAGS=-j4 OS=debian DIST=buster DOCKER_REPO=iconzm/packpack - SMPFLAGS=-j4 OS=debian DIST=stretch - SMPFLAGS=-j4 OS=ubuntu DIST=trusty ARCH=i386 - SMPFLAGS=-j4 OS=ubuntu DIST=xenial ARCH=i386 From 0ec215c95ff17d121178ba2da7e199a47ab40e38 Mon Sep 17 00:00:00 2001 From: Isaac Connor Date: Sun, 22 Sep 2019 12:52:46 -0400 Subject: [PATCH 605/922] Only try to install deb on trusty as that is the environment that travis is running --- utils/packpack/startpackpack.sh | 3 --- 1 file changed, 3 deletions(-) diff --git a/utils/packpack/startpackpack.sh b/utils/packpack/startpackpack.sh index 835725baa..62daf21fd 100755 --- a/utils/packpack/startpackpack.sh +++ b/utils/packpack/startpackpack.sh @@ -347,9 +347,6 @@ if [ "${TRAVIS_EVENT_TYPE}" == "cron" ] || [ "${TRAVIS}" != "true" ] || [ "${DIS echo "Starting packpack..." execpackpack - if [ "${TRAVIS}" == "true" ]; then - install_deb - fi fi # We were not triggered via cron so just build and test trusty From 96024b518e4b953282c25ef8365a5c5f55072cb3 Mon Sep 17 00:00:00 2001 From: Isaac Connor Date: Sun, 22 Sep 2019 13:02:13 -0400 Subject: [PATCH 606/922] Do per commit builds for debian and ubuntu --- utils/packpack/rsync_xfer.sh | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/utils/packpack/rsync_xfer.sh b/utils/packpack/rsync_xfer.sh index 8a7f01f4f..b6845e10a 100755 --- a/utils/packpack/rsync_xfer.sh +++ b/utils/packpack/rsync_xfer.sh @@ -14,7 +14,7 @@ done # We only want to deploy packages during cron events # See https://docs.travis-ci.com/user/cron-jobs/ -if [ "${TRAVIS_EVENT_TYPE}" == "cron" ]; then +if [ "${TRAVIS_EVENT_TYPE}" == "cron" ] || [ "${OS}" == "debian" ] || [ "${OS}" == "ubuntu" ]; then if [ "${OS}" == "debian" ] || [ "${OS}" == "ubuntu" ]; then targetfolder="debian/master/mini-dinstall/incoming" From 4c3ea7125d54c71a790e6b8cb0aca3c8d8118029 Mon Sep 17 00:00:00 2001 From: Isaac Connor Date: Sun, 22 Sep 2019 14:21:59 -0400 Subject: [PATCH 607/922] Add defaults to Frame --- web/includes/Frame.php | 9 +++++++++ 1 file changed, 9 insertions(+) diff --git a/web/includes/Frame.php b/web/includes/Frame.php index f472a38e6..1117459dc 100644 --- a/web/includes/Frame.php +++ b/web/includes/Frame.php @@ -6,6 +6,15 @@ require_once('Object.php'); class Frame extends ZM_Object { protected static $table = 'Frames'; + protected $defaults = array( + 'Id' => null, + 'EventId' => 0, + 'FrameId' => 0, + 'Type' => 'Normal', + 'TimeStamp' => 0, + 'Delta' => 0.00, + 'Score' => 0, + ); public static function find( $parameters = array(), $options = array() ) { return ZM_Object::_find(get_class(), $parameters, $options); From 8d95b2f5f8540c07dee6644e64415895296ff2a7 Mon Sep 17 00:00:00 2001 From: Isaac Connor Date: Sun, 22 Sep 2019 14:22:24 -0400 Subject: [PATCH 608/922] Don't select Layout when changing size in montage --- web/skins/classic/views/js/montage.js | 8 ++++---- 1 file changed, 4 insertions(+), 4 deletions(-) diff --git a/web/skins/classic/views/js/montage.js b/web/skins/classic/views/js/montage.js index 0cf958e5e..00130f108 100644 --- a/web/skins/classic/views/js/montage.js +++ b/web/skins/classic/views/js/montage.js @@ -25,7 +25,7 @@ function Monitor(monitorData) { } }; - this.eventHandler = function( event ) { + this.eventHandler = function(event) { console.log(event); }; @@ -210,7 +210,7 @@ function Monitor(monitorData) { * @param {*} element - the event data passed by onchange callback */ function selectLayout(element) { - console.dir(element); + console.log(element); layout = $j(element).val(); if ( layout_id = parseInt(layout) ) { @@ -254,7 +254,7 @@ function selectLayout(element) { if ( layouts[layout_id].Name != 'Freeform' ) { // 'montage_freeform.css' ) { Cookie.write( 'zmMontageScale', '', {duration: 10*365} ); $('scale').set('value', ''); - $('width').set('value', ''); + $('width').set('value', 'auto'); for ( var i = 0, length = monitors.length; i < length; i++ ) { var monitor = monitors[i]; var streamImg = $('liveStream'+monitor.id); @@ -318,7 +318,7 @@ function changeSize() { Cookie.write('zmMontageScale', '', {duration: 10*365}); Cookie.write('zmMontageWidth', width, {duration: 10*365}); Cookie.write('zmMontageHeight', height, {duration: 10*365}); - selectLayout('#zmMontageLayout'); + //selectLayout('#zmMontageLayout'); } // end function changeSize() /** From 23b3ae57835a24da55bd473c805139742305209d Mon Sep 17 00:00:00 2001 From: Isaac Connor Date: Sun, 22 Sep 2019 21:06:54 -0400 Subject: [PATCH 609/922] Remove debug --- web/includes/Monitor.php | 5 ++--- 1 file changed, 2 insertions(+), 3 deletions(-) diff --git a/web/includes/Monitor.php b/web/includes/Monitor.php index 84274c052..215ea405c 100644 --- a/web/includes/Monitor.php +++ b/web/includes/Monitor.php @@ -119,9 +119,8 @@ private $status_fields = array( if ( !array_key_exists('Control', $this) ) { if ( $this->ControlId() ) $this->{'Control'} = Control::find_one(array('Id'=>$this->{'ControlId'})); - else - Error("No ControlId".print_r($this,true)); - if ( !(array_key_exists('Control', $this) and $this->{'Control'} ) ) + + if ( !(array_key_exists('Control', $this) and $this->{'Control'}) ) $this->{'Control'} = new Control(); } return $this->{'Control'}; From 9a94ce6e413d04c481e518deb7011a054f112ed2 Mon Sep 17 00:00:00 2001 From: Isaac Connor Date: Mon, 23 Sep 2019 10:22:25 -0400 Subject: [PATCH 610/922] remove debug --- web/skins/classic/views/monitor.php | 1 - 1 file changed, 1 deletion(-) diff --git a/web/skins/classic/views/monitor.php b/web/skins/classic/views/monitor.php index e2ec46f17..46d16b082 100644 --- a/web/skins/classic/views/monitor.php +++ b/web/skins/classic/views/monitor.php @@ -647,7 +647,6 @@ switch ( $tab ) { foreach ( getEnumValues('Monitors', 'Function') as $f ) { $function_options[$f] = translate("Fn$f"); } -ZM\Error("Type: " . $monitor->Type()); echo htmlSelect('newMonitor[Function]', $function_options, $monitor->Function()); ?> From 83e477e6be6b0e7b118edcc2de39c401fbaa13d9 Mon Sep 17 00:00:00 2001 From: Isaac Connor Date: Mon, 23 Sep 2019 10:52:57 -0400 Subject: [PATCH 611/922] CaptureAndRecord in remote camera rtsp doesn't work. Remove it. --- src/zm_remote_camera_rtsp.cpp | 293 +++++++--------------------------- src/zm_remote_camera_rtsp.h | 2 +- 2 files changed, 60 insertions(+), 235 deletions(-) diff --git a/src/zm_remote_camera_rtsp.cpp b/src/zm_remote_camera_rtsp.cpp index a26e2626d..cda60a32c 100644 --- a/src/zm_remote_camera_rtsp.cpp +++ b/src/zm_remote_camera_rtsp.cpp @@ -58,7 +58,7 @@ RemoteCameraRtsp::RemoteCameraRtsp( else if ( p_method == "rtpRtspHttp" ) method = RtspThread::RTP_RTSP_HTTP; else - Fatal( "Unrecognised method '%s' when creating RTSP camera %d", p_method.c_str(), monitor_id ); + Fatal("Unrecognised method '%s' when creating RTSP camera %d", p_method.c_str(), monitor_id); if ( capture ) { Initialise(); @@ -88,23 +88,23 @@ RemoteCameraRtsp::RemoteCameraRtsp( subpixelorder = ZM_SUBPIX_ORDER_NONE; imagePixFormat = AV_PIX_FMT_GRAY8; } else { - Panic("Unexpected colours: %d",colours); + Panic("Unexpected colours: %d", colours); } } // end RemoteCameraRtsp::RemoteCameraRtsp(...) RemoteCameraRtsp::~RemoteCameraRtsp() { - av_frame_free( &mFrame ); - av_frame_free( &mRawFrame ); + av_frame_free(&mFrame); + av_frame_free(&mRawFrame); #if HAVE_LIBSWSCALE if ( mConvertContext ) { - sws_freeContext( mConvertContext ); + sws_freeContext(mConvertContext); mConvertContext = NULL; } #endif if ( mCodecContext ) { - avcodec_close( mCodecContext ); + avcodec_close(mCodecContext); mCodecContext = NULL; // Freed by avformat_free_context in the destructor of RtspThread class } @@ -120,14 +120,9 @@ void RemoteCameraRtsp::Initialise() { // This allocates a buffer able to hold a raw fframe, which is a little artbitrary. Might be nice to get some // decent data on how large a buffer is really needed. I think in ffmpeg there are now some functions to do that. - buffer.size( max_size ); + buffer.size(max_size); - if ( logDebugging() ) - av_log_set_level( AV_LOG_DEBUG ); - else - av_log_set_level( AV_LOG_QUIET ); - - av_register_all(); + FFMPEGInit(); Connect(); } @@ -137,11 +132,11 @@ void RemoteCameraRtsp::Terminate() { } int RemoteCameraRtsp::Connect() { - rtspThread = new RtspThread( monitor_id, method, protocol, host, port, path, auth, rtsp_describe ); + rtspThread = new RtspThread(monitor_id, method, protocol, host, port, path, auth, rtsp_describe); rtspThread->start(); - return( 0 ); + return 0; } int RemoteCameraRtsp::Disconnect() { @@ -151,18 +146,18 @@ int RemoteCameraRtsp::Disconnect() { delete rtspThread; rtspThread = 0; } - return( 0 ); + return 0; } int RemoteCameraRtsp::PrimeCapture() { - Debug( 2, "Waiting for sources" ); + Debug(2, "Waiting for sources"); for ( int i = 0; i < 100 && !rtspThread->hasSources(); i++ ) { - usleep( 100000 ); + usleep(100000); } if ( !rtspThread->hasSources() ) - Fatal( "No RTSP sources" ); + Fatal("No RTSP sources"); - Debug( 2, "Got sources" ); + Debug(2, "Got sources"); mFormatContext = rtspThread->getFormatContext(); @@ -182,7 +177,7 @@ int RemoteCameraRtsp::PrimeCapture() { mVideoStreamId = i; continue; } else { - Debug(2, "Have another video stream." ); + Debug(2, "Have another video stream."); } } else #if (LIBAVCODEC_VERSION_CHECK(52, 64, 0, 64, 0) || LIBAVUTIL_VERSION_CHECK(50, 14, 0, 14, 0)) @@ -194,7 +189,7 @@ int RemoteCameraRtsp::PrimeCapture() { if ( mAudioStreamId == -1 ) { mAudioStreamId = i; } else { - Debug(2, "Have another audio stream." ); + Debug(2, "Have another audio stream."); } } else { Debug(1, "Have unknown codec type in stream %d : %d", i, mFormatContext->streams[i]->codec->codec_type); @@ -202,25 +197,25 @@ int RemoteCameraRtsp::PrimeCapture() { } // end foreach stream if ( mVideoStreamId == -1 ) - Fatal( "Unable to locate video stream" ); + Fatal("Unable to locate video stream"); if ( mAudioStreamId == -1 ) - Debug( 3, "Unable to locate audio stream" ); + Debug(3, "Unable to locate audio stream"); // Get a pointer to the codec context for the video stream mCodecContext = mFormatContext->streams[mVideoStreamId]->codec; // Find the decoder for the video stream - mCodec = avcodec_find_decoder( mCodecContext->codec_id ); + mCodec = avcodec_find_decoder(mCodecContext->codec_id); if ( mCodec == NULL ) - Panic( "Unable to locate codec %d decoder", mCodecContext->codec_id ); + Panic("Unable to locate codec %d decoder", mCodecContext->codec_id); // Open codec #if !LIBAVFORMAT_VERSION_CHECK(53, 8, 0, 8, 0) - if ( avcodec_open( mCodecContext, mCodec ) < 0 ) + if ( avcodec_open(mCodecContext, mCodec) < 0 ) #else - if ( avcodec_open2( mCodecContext, mCodec, 0 ) < 0 ) + if ( avcodec_open2(mCodecContext, mCodec, 0) < 0 ) #endif - Panic( "Can't open codec" ); + Panic("Can't open codec"); // Allocate space for the native video frame #if LIBAVCODEC_VERSION_CHECK(55, 28, 1, 45, 101) @@ -236,17 +231,17 @@ int RemoteCameraRtsp::PrimeCapture() { mFrame = avcodec_alloc_frame(); #endif - if(mRawFrame == NULL || mFrame == NULL) - Fatal( "Unable to allocate frame(s)"); + if ( mRawFrame == NULL || mFrame == NULL ) + Fatal("Unable to allocate frame(s)"); #if LIBAVUTIL_VERSION_CHECK(54, 6, 0, 6, 0) - int pSize = av_image_get_buffer_size( imagePixFormat, width, height, 1 ); + int pSize = av_image_get_buffer_size(imagePixFormat, width, height, 1); #else - int pSize = avpicture_get_size( imagePixFormat, width, height ); + int pSize = avpicture_get_size(imagePixFormat, width, height); #endif if ( (unsigned int)pSize != imagesize ) { - Fatal("Image size mismatch. Required: %d Available: %d",pSize,imagesize); + Fatal("Image size mismatch. Required: %d Available: %d", pSize, imagesize); } /* #if HAVE_LIBSWSCALE @@ -263,17 +258,17 @@ int RemoteCameraRtsp::PrimeCapture() { #endif // HAVE_LIBSWSCALE */ - return( 0 ); + return 0; } int RemoteCameraRtsp::PreCapture() { if ( !rtspThread->isRunning() ) - return( -1 ); + return -1; if ( !rtspThread->hasSources() ) { - Error( "Cannot precapture, no RTP sources" ); - return( -1 ); + Error("Cannot precapture, no RTP sources"); + return -1; } - return( 0 ); + return 0; } int RemoteCameraRtsp::Capture( Image &image ) { @@ -293,10 +288,10 @@ int RemoteCameraRtsp::Capture( Image &image ) { if ( !rtspThread->isRunning() ) return -1; - if ( rtspThread->getFrame( buffer ) ) { - Debug( 3, "Read frame %d bytes", buffer.size() ); - Debug( 4, "Address %p", buffer.head() ); - Hexdump( 4, buffer.head(), 16 ); + if ( rtspThread->getFrame(buffer) ) { + Debug(3, "Read frame %d bytes", buffer.size()); + Debug(4, "Address %p", buffer.head()); + Hexdump(4, buffer.head(), 16); if ( !buffer.size() ) return -1; @@ -322,25 +317,25 @@ int RemoteCameraRtsp::Capture( Image &image ) { Debug(3, "Not an h264 packet"); } - av_init_packet( &packet ); + av_init_packet(&packet); - while ( !frameComplete && buffer.size() > 0 ) { + while ( !frameComplete && (buffer.size() > 0) ) { packet.data = buffer.head(); packet.size = buffer.size(); // So I think this is the magic decode step. Result is a raw image? #if LIBAVCODEC_VERSION_CHECK(52, 23, 0, 23, 0) - int len = avcodec_decode_video2( mCodecContext, mRawFrame, &frameComplete, &packet ); + int len = avcodec_decode_video2(mCodecContext, mRawFrame, &frameComplete, &packet); #else - int len = avcodec_decode_video( mCodecContext, mRawFrame, &frameComplete, packet.data, packet.size ); + int len = avcodec_decode_video(mCodecContext, mRawFrame, &frameComplete, packet.data, packet.size); #endif if ( len < 0 ) { - Error( "Error while decoding frame %d", frameCount ); - Hexdump( Logger::ERROR, buffer.head(), buffer.size()>256?256:buffer.size() ); + Error("Error while decoding frame %d", frameCount); + Hexdump(Logger::ERROR, buffer.head(), buffer.size()>256?256:buffer.size()); buffer.clear(); continue; } - Debug( 2, "Frame: %d - %d/%d", frameCount, len, buffer.size() ); + Debug(2, "Frame: %d - %d/%d", frameCount, len, buffer.size()); //if ( buffer.size() < 400 ) //Hexdump( 0, buffer.head(), buffer.size() ); @@ -349,29 +344,32 @@ int RemoteCameraRtsp::Capture( Image &image ) { // At this point, we either have a frame or ran out of buffer. What happens if we run out of buffer? if ( frameComplete ) { - Debug( 3, "Got frame %d", frameCount ); + Debug(3, "Got frame %d", frameCount); - avpicture_fill( (AVPicture *)mFrame, directbuffer, imagePixFormat, width, height ); + avpicture_fill((AVPicture *)mFrame, directbuffer, imagePixFormat, width, height); #if HAVE_LIBSWSCALE - if(mConvertContext == NULL) { - mConvertContext = sws_getContext( mCodecContext->width, mCodecContext->height, mCodecContext->pix_fmt, width, height, imagePixFormat, SWS_BICUBIC, NULL, NULL, NULL ); + if ( mConvertContext == NULL ) { + mConvertContext = sws_getContext( + mCodecContext->width, mCodecContext->height, mCodecContext->pix_fmt, + width, height, imagePixFormat, SWS_BICUBIC, NULL, NULL, NULL); - if(mConvertContext == NULL) - Fatal( "Unable to create conversion context"); + if ( mConvertContext == NULL ) + Fatal("Unable to create conversion context"); } - if ( sws_scale( mConvertContext, mRawFrame->data, mRawFrame->linesize, 0, mCodecContext->height, mFrame->data, mFrame->linesize ) < 0 ) - Fatal( "Unable to convert raw format %u to target format %u at frame %d", mCodecContext->pix_fmt, imagePixFormat, frameCount ); + if ( sws_scale(mConvertContext, mRawFrame->data, mRawFrame->linesize, 0, mCodecContext->height, mFrame->data, mFrame->linesize) < 0 ) + Fatal("Unable to convert raw format %u to target format %u at frame %d", + mCodecContext->pix_fmt, imagePixFormat, frameCount ); #else // HAVE_LIBSWSCALE - Fatal( "You must compile ffmpeg with the --enable-swscale option to use RTSP cameras" ); + Fatal("You must compile ffmpeg with the --enable-swscale option to use RTSP cameras"); #endif // HAVE_LIBSWSCALE frameCount++; } /* frame complete */ - zm_av_packet_unref( &packet ); + zm_av_packet_unref(&packet); } /* getFrame() */ if ( frameComplete ) @@ -385,180 +383,7 @@ int RemoteCameraRtsp::Capture( Image &image ) { //Function to handle capture and store -int RemoteCameraRtsp::CaptureAndRecord(Image &image, timeval recording, char* event_file ) { - AVPacket packet; - uint8_t* directbuffer; - int frameComplete = false; - - while ( true ) { - -// WHY Are we clearing it? Might be something good in it. - buffer.clear(); - - if ( !rtspThread->isRunning() ) - return (-1); - - //Video recording - if ( recording.tv_sec ) { - // The directory we are recording to is no longer tied to the current event. - // Need to re-init the videostore with the correct directory and start recording again - // Not sure why we are only doing this on keyframe, al - if ( videoStore && (strcmp(oldDirectory, event_file)!=0) ) { - //don't open new videostore until we're on a key frame..would this require an offset adjustment for the event as a result?...if we store our key frame location with the event will that be enough? - Info("Re-starting video storage module"); - if ( videoStore ) { - delete videoStore; - videoStore = NULL; - } - } // end if changed to new event - - if ( ! videoStore ) { - //Instantiate the video storage module - - videoStore = new VideoStore((const char *)event_file, "mp4", - mFormatContext->streams[mVideoStreamId], - mAudioStreamId==-1?NULL:mFormatContext->streams[mAudioStreamId], - this->getMonitor() ); - strcpy(oldDirectory, event_file); - } // end if ! videoStore - - } else { - if ( videoStore ) { - Info("Deleting videoStore instance"); - delete videoStore; - videoStore = NULL; - } - } // end if recording or not - - if ( rtspThread->getFrame( buffer ) ) { - Debug( 3, "Read frame %d bytes", buffer.size() ); - Debug( 4, "Address %p", buffer.head() ); - Hexdump( 4, buffer.head(), 16 ); - - if ( !buffer.size() ) - return( -1 ); - - if ( mCodecContext->codec_id == AV_CODEC_ID_H264 ) { - // SPS and PPS frames should be saved and appended to IDR frames - int nalType = (buffer.head()[3] & 0x1f); - - // SPS - if(nalType == 7) { - lastSps = buffer; - continue; - } else if(nalType == 8) { - // PPS - lastPps = buffer; - continue; - } else if(nalType == 5) { - // IDR - buffer += lastSps; - buffer += lastPps; - } - } // end if H264, what about other codecs? - - av_init_packet( &packet ); - - // Keep decoding until a complete frame is had. - while ( !frameComplete && buffer.size() > 0 ) { - packet.data = buffer.head(); - packet.size = buffer.size(); - - // Why are we checking for it being the video stream? Because it might be audio or something else. - // Um... we just initialized packet... we can't be testing for what it is yet.... - if ( packet.stream_index == mVideoStreamId ) { - // So this does the decode -#if LIBAVCODEC_VERSION_CHECK(52, 23, 0, 23, 0) - int len = avcodec_decode_video2( mCodecContext, mRawFrame, &frameComplete, &packet ); -#else - int len = avcodec_decode_video( mCodecContext, mRawFrame, &frameComplete, packet.data, packet.size ); -#endif - if ( len < 0 ) { - Error( "Error while decoding frame %d", frameCount ); - Hexdump( Logger::ERROR, buffer.head(), buffer.size()>256?256:buffer.size() ); - buffer.clear(); - continue; - } - Debug( 2, "Frame: %d - %d/%d", frameCount, len, buffer.size() ); - //if ( buffer.size() < 400 ) - //Hexdump( 0, buffer.head(), buffer.size() ); - - buffer -= len; - - if ( frameComplete ) { - - Debug( 3, "Got frame %d", frameCount ); - - /* Request a writeable buffer of the target image */ - directbuffer = image.WriteBuffer(width, height, colours, subpixelorder); - if(directbuffer == NULL) { - Error("Failed requesting writeable buffer for the captured image."); - return (-1); - } - -#if LIBAVUTIL_VERSION_CHECK(54, 6, 0, 6, 0) - av_image_fill_arrays(mFrame->data, mFrame->linesize, - directbuffer, imagePixFormat, width, height, 1); -#else - avpicture_fill( (AVPicture *)mFrame, directbuffer, - imagePixFormat, width, height); -#endif - - } // endif frameComplete - - if ( videoStore ) { - //Write the packet to our video store - int ret = videoStore->writeVideoFramePacket(&packet);//, &lastKeyframePkt); - if ( ret < 0 ) {//Less than zero and we skipped a frame -// Should not - zm_av_packet_unref( &packet ); - return 0; - } - } // end if videoStore, so we are recording - -#if HAVE_LIBSWSCALE - // Why are we re-scaling after writing out the packet? - if ( mConvertContext == NULL ) { - mConvertContext = sws_getContext( mCodecContext->width, mCodecContext->height, mCodecContext->pix_fmt, width, height, imagePixFormat, SWS_BICUBIC, NULL, NULL, NULL ); - - if ( mConvertContext == NULL ) - Fatal( "Unable to create conversion context"); - } - - if ( sws_scale( mConvertContext, mRawFrame->data, mRawFrame->linesize, 0, mCodecContext->height, mFrame->data, mFrame->linesize ) < 0 ) - Fatal( "Unable to convert raw format %u to target format %u at frame %d", mCodecContext->pix_fmt, imagePixFormat, frameCount ); -#else // HAVE_LIBSWSCALE - Fatal( "You must compile ffmpeg with the --enable-swscale option to use RTSP cameras" ); -#endif // HAVE_LIBSWSCALE - - frameCount++; - - } else if ( packet.stream_index == mAudioStreamId ) { - Debug( 4, "Got audio packet" ); - if ( videoStore && record_audio ) { - Debug( 4, "Storing Audio packet" ); - //Write the packet to our video store - int ret = videoStore->writeAudioFramePacket( &packet ); //FIXME no relevance of last key frame - if ( ret < 0 ) { //Less than zero and we skipped a frame - zm_av_packet_unref( &packet ); - return 0; - } - } - } // end if video or audio packet - - zm_av_packet_unref( &packet ); - } // end while ! framecomplete and buffer.size() - if(frameComplete) - return (1); - } /* getFrame() */ - -} // end while true - -// can never get here. - return (0) ; -} // int RemoteCameraRtsp::CaptureAndRecord( Image &image, bool recording, char* event_file ) - int RemoteCameraRtsp::PostCapture() { - return( 0 ); + return 0; } #endif // HAVE_LIBAVFORMAT diff --git a/src/zm_remote_camera_rtsp.h b/src/zm_remote_camera_rtsp.h index 5fa5a0778..be7542a84 100644 --- a/src/zm_remote_camera_rtsp.h +++ b/src/zm_remote_camera_rtsp.h @@ -85,7 +85,7 @@ public: int PreCapture(); int Capture( Image &image ); int PostCapture(); - int CaptureAndRecord( Image &image, timeval recording, char* event_directory ); + int CaptureAndRecord( Image &image, timeval recording, char* event_directory ) {return 0;}; int Close() { return 0; }; }; From 15a1b19b42d10cddcef111e78786661caa961ce5 Mon Sep 17 00:00:00 2001 From: Isaac Connor Date: Mon, 23 Sep 2019 10:53:21 -0400 Subject: [PATCH 612/922] spaces --- src/zm_rtp_source.cpp | 14 +++++++------- 1 file changed, 7 insertions(+), 7 deletions(-) diff --git a/src/zm_rtp_source.cpp b/src/zm_rtp_source.cpp index 02e8ed0c5..131d32d7e 100644 --- a/src/zm_rtp_source.cpp +++ b/src/zm_rtp_source.cpp @@ -330,23 +330,23 @@ bool RtpSource::handlePacket( const unsigned char *packet, size_t packetLen ) { } else prevM = false; - updateJitter( rtpHeader ); + updateJitter(rtpHeader); return true; } bool RtpSource::getFrame( Buffer &buffer ) { - Debug( 3, "Getting frame" ); if ( !mFrameReady.getValueImmediate() ) { + Debug(3, "Getting frame but not ready"); // Allow for a couple of spurious returns - for ( int count = 0; !mFrameReady.getUpdatedValue( 1 ); count++ ) + for ( int count = 0; !mFrameReady.getUpdatedValue(1); count++ ) if ( count > 1 ) - return( false ); + return false; } buffer = mFrame; - mFrameReady.setValueImmediate( false ); - mFrameProcessed.updateValueSignal( true ); - Debug( 4, "Copied %d bytes", buffer.size() ); + mFrameReady.setValueImmediate(false); + mFrameProcessed.updateValueSignal(true); + Debug(4, "Copied %d bytes", buffer.size()); return true; } From 1dd09923eb1c7d0a9fff720d6750988372039a77 Mon Sep 17 00:00:00 2001 From: Isaac Connor Date: Mon, 23 Sep 2019 11:42:49 -0400 Subject: [PATCH 613/922] Add special case for just rotating the monitor dimensions and add out of bounds check for zone points --- web/includes/actions/monitor.php | 99 +++++++++++++++++++++++--------- 1 file changed, 71 insertions(+), 28 deletions(-) diff --git a/web/includes/actions/monitor.php b/web/includes/actions/monitor.php index b35eba8dc..5d8adbac2 100644 --- a/web/includes/actions/monitor.php +++ b/web/includes/actions/monitor.php @@ -85,6 +85,11 @@ if ( $action == 'monitor' ) { $monitor->zmaControl('stop'); $monitor->zmcControl('stop'); } + + # These are used in updating zones + $oldW = $monitor->Width(); + $oldH = $monitor->Height(); + if ( $monitor->save($changes) ) { // Groups will be added below @@ -92,7 +97,7 @@ if ( $action == 'monitor' ) { // creating symlinks when symlink already exists reports errors, but is perfectly ok error_reporting(0); - $OldStorage = $monitor->StorageId(); + $OldStorage = $monitor->Storage(); $saferOldName = basename($monitor->Name()); if ( file_exists($OldStorage->Path().'/'.$saferOldName) ) unlink($OldStorage->Path().'/'.$saferOldName); @@ -115,36 +120,75 @@ if ( $action == 'monitor' ) { if ( isset($changes['Width']) || isset($changes['Height']) ) { $newW = $_REQUEST['newMonitor']['Width']; $newH = $_REQUEST['newMonitor']['Height']; - $newA = $newW * $newH; - $oldW = $monitor['Width']; - $oldH = $monitor['Height']; - $oldA = $oldW * $oldH; $zones = dbFetchAll('SELECT * FROM Zones WHERE MonitorId=?', NULL, array($mid)); - foreach ( $zones as $zone ) { - $newZone = $zone; - $points = coordsToPoints($zone['Coords']); - for ( $i = 0; $i < count($points); $i++ ) { - $points[$i]['x'] = intval(($points[$i]['x']*($newW-1))/($oldW-1)); - $points[$i]['y'] = intval(($points[$i]['y']*($newH-1))/($oldH-1)); - } - $newZone['Coords'] = pointsToCoords($points); - $newZone['Area'] = intval(round(($zone['Area']*$newA)/$oldA)); - $newZone['MinAlarmPixels'] = intval(round(($newZone['MinAlarmPixels']*$newA)/$oldA)); - $newZone['MaxAlarmPixels'] = intval(round(($newZone['MaxAlarmPixels']*$newA)/$oldA)); - $newZone['MinFilterPixels'] = intval(round(($newZone['MinFilterPixels']*$newA)/$oldA)); - $newZone['MaxFilterPixels'] = intval(round(($newZone['MaxFilterPixels']*$newA)/$oldA)); - $newZone['MinBlobPixels'] = intval(round(($newZone['MinBlobPixels']*$newA)/$oldA)); - $newZone['MaxBlobPixels'] = intval(round(($newZone['MaxBlobPixels']*$newA)/$oldA)); - $changes = getFormChanges($zone, $newZone, $types); + if ( ($newW == $oldH) and ($newH == $oldW) ) { + foreach ( $zones as $zone ) { + $newZone = $zone; + # Rotation, no change to area etc just swap the coords + $newZone = $zone; + $points = coordsToPoints($zone['Coords']); + for ( $i = 0; $i < count($points); $i++ ) { + $x = $points[$i]['x']; + $points[$i]['x'] = $points[$i]['y']; + $points[$i]['y'] = $x; - if ( count($changes) ) { - dbQuery('UPDATE Zones SET '.implode(', ', $changes).' WHERE MonitorId=? AND Id=?', - array($mid, $zone['Id'])); - } - } // end foreach zone - } // end if width and height + if ( $points[$i]['x'] > $newW ) { + ZM\Warning("Correcting x {$points[$i]['x']} > $newW of zone {$newZone['Name']} as it extends outside the new dimensions"); + $points[$i]['x'] = $newW; + } + if ( $points[$i]['y'] > $newH ) { + ZM\Warning("Correcting y{$points[$i]['y']} $newH of zone {$newZone['Name']} as it extends outside the new dimensions"); + $points[$i]['y'] = $newH; + } + } + + $newZone['Coords'] = pointsToCoords($points); + $changes = getFormChanges($zone, $newZone, $types); + + if ( count($changes) ) { + dbQuery('UPDATE Zones SET '.implode(', ', $changes).' WHERE MonitorId=? AND Id=?', + array($mid, $zone['Id'])); + } + } # end foreach zone + } else { + $newA = $newW * $newH; + $oldA = $oldW * $oldH; + + foreach ( $zones as $zone ) { + $newZone = $zone; + $points = coordsToPoints($zone['Coords']); + for ( $i = 0; $i < count($points); $i++ ) { + $points[$i]['x'] = intval(($points[$i]['x']*($newW-1))/($oldW-1)); + $points[$i]['y'] = intval(($points[$i]['y']*($newH-1))/($oldH-1)); + if ( $points[$i]['x'] > $newW ) { + ZM\Warning("Correcting x of zone {$newZone['Name']} as it extends outside the new dimensions"); + $points[$i]['x'] = $newW; + } + if ( $points[$i]['y'] > $newH ) { + ZM\Warning("Correcting y of zone {$newZone['Name']} as it extends outside the new dimensions"); + $points[$i]['y'] = $newH; + } + } + $newZone['Coords'] = pointsToCoords($points); + $newZone['Area'] = intval(round(($zone['Area']*$newA)/$oldA)); + $newZone['MinAlarmPixels'] = intval(round(($newZone['MinAlarmPixels']*$newA)/$oldA)); + $newZone['MaxAlarmPixels'] = intval(round(($newZone['MaxAlarmPixels']*$newA)/$oldA)); + $newZone['MinFilterPixels'] = intval(round(($newZone['MinFilterPixels']*$newA)/$oldA)); + $newZone['MaxFilterPixels'] = intval(round(($newZone['MaxFilterPixels']*$newA)/$oldA)); + $newZone['MinBlobPixels'] = intval(round(($newZone['MinBlobPixels']*$newA)/$oldA)); + $newZone['MaxBlobPixels'] = intval(round(($newZone['MaxBlobPixels']*$newA)/$oldA)); + + $changes = getFormChanges($zone, $newZone, $types); + + if ( count($changes) ) { + dbQuery('UPDATE Zones SET '.implode(', ', $changes).' WHERE MonitorId=? AND Id=?', + array($mid, $zone['Id'])); + } + } // end foreach zone + } // end if rotation or just size change + } // end if changes in width or height } // end if successful save $restart = true; } else { // new monitor @@ -205,7 +249,6 @@ if ( $action == 'monitor' ) { } # end if ZM_OPT_X10 if ( $restart ) { - if ( $monitor->Function() != 'None' and $monitor->Type() != 'WebSite' ) { $monitor->zmcControl('start'); if ( ($monitor->Function() == 'Modect' or $monitor->Function() == 'Mocord') and $monitor->Enabled() ) From 538478ff1c9420ea9ea59f9476a5c1ee2a78e3ee Mon Sep 17 00:00:00 2001 From: Isaac Connor Date: Mon, 23 Sep 2019 11:48:58 -0400 Subject: [PATCH 614/922] Need to -1 on the dimensions when comparing to points as they are 0-based --- web/includes/actions/monitor.php | 18 +++++++++--------- 1 file changed, 9 insertions(+), 9 deletions(-) diff --git a/web/includes/actions/monitor.php b/web/includes/actions/monitor.php index 5d8adbac2..e3d190d50 100644 --- a/web/includes/actions/monitor.php +++ b/web/includes/actions/monitor.php @@ -134,13 +134,13 @@ if ( $action == 'monitor' ) { $points[$i]['x'] = $points[$i]['y']; $points[$i]['y'] = $x; - if ( $points[$i]['x'] > $newW ) { + if ( $points[$i]['x'] > ($newW-1) ) { ZM\Warning("Correcting x {$points[$i]['x']} > $newW of zone {$newZone['Name']} as it extends outside the new dimensions"); - $points[$i]['x'] = $newW; + $points[$i]['x'] = ($newW-1); } - if ( $points[$i]['y'] > $newH ) { - ZM\Warning("Correcting y{$points[$i]['y']} $newH of zone {$newZone['Name']} as it extends outside the new dimensions"); - $points[$i]['y'] = $newH; + if ( $points[$i]['y'] > ($newH-1) ) { + ZM\Warning("Correcting y {$points[$i]['y']} $newH of zone {$newZone['Name']} as it extends outside the new dimensions"); + $points[$i]['y'] = ($newH-1); } } @@ -162,13 +162,13 @@ if ( $action == 'monitor' ) { for ( $i = 0; $i < count($points); $i++ ) { $points[$i]['x'] = intval(($points[$i]['x']*($newW-1))/($oldW-1)); $points[$i]['y'] = intval(($points[$i]['y']*($newH-1))/($oldH-1)); - if ( $points[$i]['x'] > $newW ) { + if ( $points[$i]['x'] > ($newW-1) ) { ZM\Warning("Correcting x of zone {$newZone['Name']} as it extends outside the new dimensions"); - $points[$i]['x'] = $newW; + $points[$i]['x'] = ($newW-1); } - if ( $points[$i]['y'] > $newH ) { + if ( $points[$i]['y'] > ($newH-1) ) { ZM\Warning("Correcting y of zone {$newZone['Name']} as it extends outside the new dimensions"); - $points[$i]['y'] = $newH; + $points[$i]['y'] = ($newH-1); } } $newZone['Coords'] = pointsToCoords($points); From c7d7d45380dfc4644ede9225d97e643d0641a0e6 Mon Sep 17 00:00:00 2001 From: Isaac Connor Date: Mon, 23 Sep 2019 11:49:39 -0400 Subject: [PATCH 615/922] Remove :'s, they can be added using css if desired --- web/skins/classic/views/montage.php | 19 +++++++++++++------ 1 file changed, 13 insertions(+), 6 deletions(-) diff --git a/web/skins/classic/views/montage.php b/web/skins/classic/views/montage.php index fee8a84be..ebf7a243c 100644 --- a/web/skins/classic/views/montage.php +++ b/web/skins/classic/views/montage.php @@ -51,7 +51,7 @@ $heights = array( $scale = '100'; # actual -if ( isset( $_REQUEST['scale'] ) ) { +if ( isset($_REQUEST['scale']) ) { $scale = validInt($_REQUEST['scale']); } else if ( isset($_COOKIE['zmMontageScale']) ) { $scale = $_COOKIE['zmMontageScale']; @@ -63,7 +63,14 @@ if ( ! $scale ) $layouts = ZM\MontageLayout::find(NULL, array('order'=>"lower('Name')")); $layoutsById = array(); foreach ( $layouts as $l ) { - $layoutsById[$l->Id()] = $l; + if ( $l->Name() == 'Freeform' ) { + $layoutsById[$l->Id()] = $l; + break; + } +} +foreach ( $layouts as $l ) { + if ( $l->Name() != "Freeform" ) + $layoutsById[$l->Id()] = $l; } session_start(); @@ -164,19 +171,19 @@ if ( $showZones ) { - + - + - + - + 'selectLayout(this);')); ?> From a05c5136436ff48bfbf762bb570abc8de1b640ff Mon Sep 17 00:00:00 2001 From: Isaac Connor Date: Mon, 23 Sep 2019 12:03:19 -0400 Subject: [PATCH 616/922] Revert change breaking multiport when servers not defined. --- web/includes/Server.php | 7 +------ 1 file changed, 1 insertion(+), 6 deletions(-) diff --git a/web/includes/Server.php b/web/includes/Server.php index f4d2fa3cd..f137c90b5 100644 --- a/web/includes/Server.php +++ b/web/includes/Server.php @@ -39,7 +39,7 @@ class Server extends ZM_Object { } else if ( $this->Id() ) { return $this->{'Name'}; } - $result = explode(':',$_SERVER['HTTP_HOST']); + $result = explode(':', $_SERVER['HTTP_HOST']); return $result[0]; } @@ -88,11 +88,6 @@ class Server extends ZM_Object { } public function Url( $port = null ) { - if ( !$this->Id() ) { - # Trying to guess and make up values tends to break proxies. So just return nothing - # so that the resulting url will be something like "?view=" - return ''; - } $url = $this->Protocol().'://'; $url .= $this->Hostname(); if ( $port ) { From bc33c0bcb5272859a7ba8cb97e39fd7efedbcd8a Mon Sep 17 00:00:00 2001 From: Isaac Connor Date: Mon, 23 Sep 2019 12:21:59 -0400 Subject: [PATCH 617/922] make zmcontrol log to zmcontrol_id.log --- scripts/zmcontrol.pl.in | 3 +-- 1 file changed, 1 insertion(+), 2 deletions(-) diff --git a/scripts/zmcontrol.pl.in b/scripts/zmcontrol.pl.in index ea6fa36b0..ae2de3c8c 100644 --- a/scripts/zmcontrol.pl.in +++ b/scripts/zmcontrol.pl.in @@ -41,8 +41,6 @@ $ENV{PATH} = '/bin:/usr/bin:/usr/local/bin'; $ENV{SHELL} = '/bin/sh' if exists $ENV{SHELL}; delete @ENV{qw(IFS CDPATH ENV BASH_ENV)}; -logInit(); - my $arg_string = join(' ', @ARGV); my $id; @@ -69,6 +67,7 @@ if ( !$id ) { } ( $id ) = $id =~ /^(\w+)$/; +logInit($id?(id=>'zmcontrol_'.$id):()); my $sock_file = $Config{ZM_PATH_SOCKS}.'/zmcontrol-'.$id.'.sock'; Debug("zmcontrol: arg string: $arg_string sock file $sock_file"); From dfa51c4e3fc1642f866b5da2d420ceac72c89c9e Mon Sep 17 00:00:00 2001 From: Isaac Connor Date: Mon, 23 Sep 2019 12:38:58 -0400 Subject: [PATCH 618/922] update of zmtrack.pl. include id in logfile. --- scripts/zmtrack.pl.in | 210 +++++++++++++++++++----------------------- 1 file changed, 93 insertions(+), 117 deletions(-) diff --git a/scripts/zmtrack.pl.in b/scripts/zmtrack.pl.in index f12f6bff0..5470da853 100644 --- a/scripts/zmtrack.pl.in +++ b/scripts/zmtrack.pl.in @@ -77,12 +77,12 @@ my $mid = 0; GetOptions( 'monitor=s'=>\$mid ) or pod2usage(-exitstatus => -1); -logInit(); -logSetSignal(); - my ( $detaint_mid ) = $mid =~ /^(\d+)$/; $mid = $detaint_mid; +logInit($mid?(id=>'zmtrack_m'.$mid):()); +logSetSignal(); + print( "Tracker daemon $mid (experimental) starting at " .strftime( '%y/%m/%d %H:%M:%S', localtime() ) ."\n" @@ -90,146 +90,122 @@ print( "Tracker daemon $mid (experimental) starting at " my $dbh = zmDbConnect(); -my $sql = "SELECT C.*,M.* FROM Monitors as M +my $sql = 'SELECT C.*,M.* FROM Monitors as M LEFT JOIN Controls as C on M.ControlId = C.Id - WHERE M.Id = ?" + WHERE M.Id = ?' ; my $sth = $dbh->prepare_cached( $sql ) - or Fatal( "Can't prepare '$sql': ".$dbh->errstr() ); + or Fatal("Can't prepare '$sql': ".$dbh->errstr()); my $res = $sth->execute( $mid ) - or Fatal( "Can't execute '$sql': ".$sth->errstr() ); + or Fatal("Can't execute '$sql': ".$sth->errstr()); my $monitor = $sth->fetchrow_hashref(); -if ( !$monitor ) -{ - print( "Can't find monitor '$mid'\n" ); - exit( -1 ); +if ( !$monitor ) { + Fatal("Can't find monitor '$mid'"); } -if ( !$monitor->{Controllable} ) -{ - print( "Monitor '$mid' is not controllable\n" ); - exit( -1 ); +if ( !$monitor->{Controllable} ) { + Fatal("Monitor '$mid' is not controllable"); } -if ( !$monitor->{TrackMotion} ) -{ - print( "Monitor '$mid' is not configured to track motion\n" ); - exit( -1 ); +if ( !$monitor->{TrackMotion} ) { + Fatal("Monitor '$mid' is not configured to track motion"); } -if ( !$monitor->{CanMoveMap} ) -{ - print( "Monitor '$mid' cannot move in map mode" ); - if ( $monitor->{CanMoveRel} ) - { - print( ", falling back to pseudo map mode\n" ); - } - else - { - print( "\n" ); - exit( -1 ); - } +if ( !$monitor->{CanMoveMap} ) { + if ( $monitor->{CanMoveRel} ) { + Warning("Monitor '$mid' cannot move in map mode, falling back to pseudo map mode"); + } else { + Fatal("Monitor '$mid' cannot move in map mode"); + } } -Debug( "Found monitor for id '$monitor'\n" ); -exit( -1 ) if ( !zmMemVerify( $monitor ) ); +Debug("Found monitor for id '$monitor'"); +exit(-1) if !zmMemVerify($monitor); -sub Suspend -{ - my $monitor = shift; - zmMonitorSuspend( $monitor ); +sub Suspend { + my $monitor = shift; + zmMonitorSuspend($monitor); } -sub Resume -{ - my $monitor = shift; - sleep( $monitor->{TrackDelay} ); - zmMonitorResume( $monitor ); +sub Resume { + my $monitor = shift; + sleep($monitor->{TrackDelay}); + zmMonitorResume($monitor); } -sub Track -{ - my $monitor = shift; - my ( $x, $y ) = @_; - my ( $detaint_x ) = $x =~ /^(\d+)$/; $x = $detaint_x; - my ( $detaint_y ) = $y =~ /^(\d+)$/; $y = $detaint_y; +sub Track { + my $monitor = shift; + my ( $x, $y ) = @_; + my ( $detaint_x ) = $x =~ /^(\d+)$/; $x = $detaint_x; + my ( $detaint_y ) = $y =~ /^(\d+)$/; $y = $detaint_y; - my $ctrlCommand = $Config{ZM_PATH_BIN} - ."/zmcontrol.pl -i " - .$monitor->{Id} + my $ctrlCommand = $Config{ZM_PATH_BIN} + .'/zmcontrol.pl -i ' + .$monitor->{Id} + ; + $ctrlCommand .= ' --command=' + .( $monitor->{CanMoveMap} ? 'moveMap' + : 'movePseudoMap' + ) + ." --xcoord=$x --ycoord=$y" + ; + executeShellCommand($ctrlCommand); +} + +sub Return { + my $monitor = shift; + + my $ctrlCommand = $Config{ZM_PATH_BIN} + .'/zmcontrol.pl -i ' + .$monitor->{Id} + ; + if ( $monitor->{ReturnLocation} > 0 ) { + $ctrlCommand .= ' --command=presetGoto --preset=' + .$monitor->{ReturnLocation} ; - $ctrlCommand .= " --command=" - .( $monitor->{CanMoveMap} ? "moveMap" - : "movePseudoMap" - ) - ." --xcoord=$x --ycoord=$y" - ; - executeShellCommand( $ctrlCommand ); -} - -sub Return -{ - my $monitor = shift; - - my $ctrlCommand = $Config{ZM_PATH_BIN} - ."/zmcontrol.pl -i " - .$monitor->{Id} - ; - if ( $monitor->{ReturnLocation} > 0 ) - { - $ctrlCommand .= " --command=presetGoto --preset=" - .$monitor->{ReturnLocation} - ; - } - else - { - $ctrlCommand .= " --command=presetHome"; - } - executeShellCommand( $ctrlCommand ); + } else { + $ctrlCommand .= ' --command=presetHome'; + } + executeShellCommand($ctrlCommand); } my $last_alarm = 0; -if ( ($monitor->{ReturnLocation} >= 0) ) -{ - Suspend( $monitor ); - Return( $monitor ); - Resume( $monitor ); +if ( ($monitor->{ReturnLocation} >= 0) ) { + Suspend($monitor); + Return($monitor); + Resume($monitor); } my $alarmed = undef; -while( 1 ) -{ - if ( zmIsAlarmed( $monitor ) ) - { - my ( $alarm_x, $alarm_y ) = zmGetAlarmLocation( $monitor ); - if ( $alarm_x >= 0 && $alarm_y >= 0 ) - { - Debug( "Got alarm at $alarm_x, $alarm_y\n" ); - Suspend( $monitor ); - Track( $monitor, $alarm_x, $alarm_y ); - Resume( $monitor ); - $last_alarm = time(); - $alarmed = !undef; - } +while( 1 ) { + if ( zmIsAlarmed($monitor) ) { + my ( $alarm_x, $alarm_y ) = zmGetAlarmLocation($monitor); + if ( $alarm_x >= 0 && $alarm_y >= 0 ) { + Debug("Got alarm at $alarm_x, $alarm_y"); + Suspend($monitor); + Track($monitor, $alarm_x, $alarm_y); + Resume($monitor); + $last_alarm = time(); + $alarmed = !undef; } - else - { - if ( logDebugging() && $alarmed ) - { - print( "Left alarm state\n" ); - $alarmed = undef; - } - if ( ($monitor->{ReturnLocation} >= 0) - && ($last_alarm > 0) - && ((time()-$last_alarm) > $monitor->{ReturnDelay}) - ) - { - Debug( "Returning to location ".$monitor->{ReturnLocation}."\n" ); - Suspend( $monitor ); - Return( $monitor ); - Resume( $monitor ); - $last_alarm = 0; - } + } else { + if ( logDebugging() && $alarmed ) { + Info('Left alarm state'); + $alarmed = undef; } - usleep( SLEEP_TIME ); + if ( ($monitor->{ReturnLocation} >= 0) + && ($last_alarm > 0) + && ((time()-$last_alarm) > $monitor->{ReturnDelay}) + ) { + Debug("Returning to location ".$monitor->{ReturnLocation}); + Suspend($monitor); + Return($monitor); + Resume($monitor); + $last_alarm = 0; + } + } + usleep(SLEEP_TIME); } + +1; +__END__ From d16d77d6b370c2814d3cc7f6c785454d3843a07b Mon Sep 17 00:00:00 2001 From: Isaac Connor Date: Mon, 23 Sep 2019 12:39:24 -0400 Subject: [PATCH 619/922] quotes and spacing --- web/includes/Monitor.php | 14 +++++++------- 1 file changed, 7 insertions(+), 7 deletions(-) diff --git a/web/includes/Monitor.php b/web/includes/Monitor.php index 215ea405c..314efd610 100644 --- a/web/includes/Monitor.php +++ b/web/includes/Monitor.php @@ -146,8 +146,8 @@ private $status_fields = array( } return $this->defaults[$fn]; } else if ( array_key_exists($fn, $this->status_fields) ) { - $sql = 'SELECT Status,CaptureFPS,AnalysisFPS,CaptureBandwidth - FROM Monitor_Status WHERE MonitorId=?'; + $sql = 'SELECT `Status`,`CaptureFPS`,`AnalysisFPS`,`CaptureBandwidth` + FROM `Monitor_Status` WHERE `MonitorId`=?'; $row = dbFetchOne($sql, NULL, array($this->{'Id'})); if ( !$row ) { Error('Unable to load Monitor record for Id='.$this->{'Id'}); @@ -240,7 +240,7 @@ private $status_fields = array( function zmcControl( $mode=false ) { if ( ! $this->{'Id'} ) { - Warning("Attempt to control a monitor with no Id"); + Warning('Attempt to control a monitor with no Id'); return; } if ( (!defined('ZM_SERVER_ID')) or ( array_key_exists('ServerId', $this) and (ZM_SERVER_ID==$this->{'ServerId'}) ) ) { @@ -286,13 +286,13 @@ private $status_fields = array( Error("Except $e thrown trying to restart zmc"); } } else { - Error("Server not assigned to Monitor in a multi-server setup. Please assign a server to the Monitor."); + Error('Server not assigned to Monitor in a multi-server setup. Please assign a server to the Monitor.'); } } // end function zmcControl function zmaControl($mode=false) { if ( ! $this->{'Id'} ) { - Warning("Attempt to control a monitor with no Id"); + Warning('Attempt to control a monitor with no Id'); return; } @@ -359,7 +359,7 @@ private $status_fields = array( if ( !array_key_exists('GroupIds', $this) ) { if ( array_key_exists('Id', $this) and $this->{'Id'} ) { - $this->{'GroupIds'} = dbFetchAll('SELECT GroupId FROM Groups_Monitors WHERE MonitorId=?', 'GroupId', array($this->{'Id'}) ); + $this->{'GroupIds'} = dbFetchAll('SELECT `GroupId` FROM `Groups_Monitors` WHERE `MonitorId`=?', 'GroupId', array($this->{'Id'}) ); if ( ! $this->{'GroupIds'} ) $this->{'GroupIds'} = array(); } else { @@ -431,7 +431,7 @@ private $status_fields = array( } else { $source = $this->{'Path'}; } - } elseif ( ZM_WEB_FILTER_SOURCE == "NoCredentials" ) { + } elseif ( ZM_WEB_FILTER_SOURCE == 'NoCredentials' ) { # Filter out sensitive and common items unset($url_parts['user']); unset($url_parts['pass']); From 766a59884de577163af929d9ea0fb100cb55db38 Mon Sep 17 00:00:00 2001 From: Isaac Connor Date: Mon, 23 Sep 2019 12:54:27 -0400 Subject: [PATCH 620/922] Don't hard code perl path. Use PERL_EXECUTABLE cmake var --- scripts/zmaudit.pl.in | 2 +- scripts/zmcamtool.pl.in | 2 +- scripts/zmcontrol.pl.in | 2 +- scripts/zmdc.pl.in | 2 +- scripts/zmfilter.pl.in | 2 +- scripts/zmonvif-probe.pl.in | 2 +- scripts/zmpkg.pl.in | 2 +- scripts/zmrecover.pl.in | 2 +- scripts/zmstats.pl.in | 2 +- scripts/zmsystemctl.pl.in | 2 +- scripts/zmtelemetry.pl.in | 2 +- scripts/zmtrack.pl.in | 2 +- scripts/zmtrigger.pl.in | 2 +- scripts/zmupdate.pl.in | 2 +- scripts/zmvideo.pl.in | 2 +- scripts/zmwatch.pl.in | 2 +- scripts/zmx10.pl.in | 2 +- 17 files changed, 17 insertions(+), 17 deletions(-) diff --git a/scripts/zmaudit.pl.in b/scripts/zmaudit.pl.in index 57c660342..c8244e075 100644 --- a/scripts/zmaudit.pl.in +++ b/scripts/zmaudit.pl.in @@ -1,4 +1,4 @@ -#!/usr/bin/perl -wT +#!@PERL_EXECUTABLE@ -wT # # ========================================================================== # diff --git a/scripts/zmcamtool.pl.in b/scripts/zmcamtool.pl.in index e26aca8a6..603c979bb 100644 --- a/scripts/zmcamtool.pl.in +++ b/scripts/zmcamtool.pl.in @@ -1,4 +1,4 @@ -#!/usr/bin/perl -w +#!@PERL_EXECUTABLE@ -wT # # ========================================================================== # diff --git a/scripts/zmcontrol.pl.in b/scripts/zmcontrol.pl.in index ae2de3c8c..4916ffd6a 100644 --- a/scripts/zmcontrol.pl.in +++ b/scripts/zmcontrol.pl.in @@ -1,4 +1,4 @@ -#!/usr/bin/perl -wT +#!@PERL_EXECUTABLE@ -wT # # ========================================================================== # diff --git a/scripts/zmdc.pl.in b/scripts/zmdc.pl.in index 744164f3d..04a5b9952 100644 --- a/scripts/zmdc.pl.in +++ b/scripts/zmdc.pl.in @@ -1,4 +1,4 @@ -#!/usr/bin/perl -wT +#!@PERL_EXECUTABLE@ -wT # # ========================================================================== # diff --git a/scripts/zmfilter.pl.in b/scripts/zmfilter.pl.in index a6fbb0548..5d3fb50bc 100644 --- a/scripts/zmfilter.pl.in +++ b/scripts/zmfilter.pl.in @@ -1,4 +1,4 @@ -#!/usr/bin/perl -wT +#!@PERL_EXECUTABLE@ -wT # # ========================================================================== # diff --git a/scripts/zmonvif-probe.pl.in b/scripts/zmonvif-probe.pl.in index 001d89f83..ab06f8e0d 100755 --- a/scripts/zmonvif-probe.pl.in +++ b/scripts/zmonvif-probe.pl.in @@ -1,4 +1,4 @@ -#!/usr/bin/perl -w +#!@PERL_EXECUTABLE@ -wT use strict; # # ========================================================================== diff --git a/scripts/zmpkg.pl.in b/scripts/zmpkg.pl.in index bf6f79fbb..4b2032a8d 100644 --- a/scripts/zmpkg.pl.in +++ b/scripts/zmpkg.pl.in @@ -1,4 +1,4 @@ -#!/usr/bin/perl -wT +#!@PERL_EXECUTABLE@ -wT # # ========================================================================== # diff --git a/scripts/zmrecover.pl.in b/scripts/zmrecover.pl.in index 02083d757..58647b946 100644 --- a/scripts/zmrecover.pl.in +++ b/scripts/zmrecover.pl.in @@ -1,4 +1,4 @@ -#!/usr/bin/perl -wT +#!@PERL_EXECUTABLE@ -wT use strict; use bytes; diff --git a/scripts/zmstats.pl.in b/scripts/zmstats.pl.in index ba6d8302a..044f7e1ce 100644 --- a/scripts/zmstats.pl.in +++ b/scripts/zmstats.pl.in @@ -1,4 +1,4 @@ -#!/usr/bin/perl -wT +#!@PERL_EXECUTABLE@ -wT use strict; use bytes; diff --git a/scripts/zmsystemctl.pl.in b/scripts/zmsystemctl.pl.in index f46833547..e14bfd630 100644 --- a/scripts/zmsystemctl.pl.in +++ b/scripts/zmsystemctl.pl.in @@ -1,4 +1,4 @@ -#!/usr/bin/pkexec /usr/bin/perl +#!/usr/bin/pkexec @PERL_EXECUTABLE@ # # ========================================================================== # diff --git a/scripts/zmtelemetry.pl.in b/scripts/zmtelemetry.pl.in index 592ccc295..15135e769 100644 --- a/scripts/zmtelemetry.pl.in +++ b/scripts/zmtelemetry.pl.in @@ -1,4 +1,4 @@ -#!/usr/bin/perl -w +#!@PERL_EXECUTABLE@ -wT # # ========================================================================== # diff --git a/scripts/zmtrack.pl.in b/scripts/zmtrack.pl.in index 5470da853..58798e5de 100644 --- a/scripts/zmtrack.pl.in +++ b/scripts/zmtrack.pl.in @@ -1,4 +1,4 @@ -#!/usr/bin/perl -wT +#!@PERL_EXECUTABLE@ -wT # # ========================================================================== # diff --git a/scripts/zmtrigger.pl.in b/scripts/zmtrigger.pl.in index eda7b2e36..b1743aeae 100644 --- a/scripts/zmtrigger.pl.in +++ b/scripts/zmtrigger.pl.in @@ -1,4 +1,4 @@ -#!/usr/bin/perl -wT +#!@PERL_EXECUTABLE@ -wT # # ========================================================================== # diff --git a/scripts/zmupdate.pl.in b/scripts/zmupdate.pl.in index 1f2cefa60..b0b63757a 100644 --- a/scripts/zmupdate.pl.in +++ b/scripts/zmupdate.pl.in @@ -1,4 +1,4 @@ -#!/usr/bin/perl -w +#!@PERL_EXECUTABLE@ -wT # # ========================================================================== # diff --git a/scripts/zmvideo.pl.in b/scripts/zmvideo.pl.in index 95a395b4d..04cfabb04 100644 --- a/scripts/zmvideo.pl.in +++ b/scripts/zmvideo.pl.in @@ -1,4 +1,4 @@ -#!/usr/bin/perl -wT +#!@PERL_EXECUTABLE@ -wT # # ========================================================================== # diff --git a/scripts/zmwatch.pl.in b/scripts/zmwatch.pl.in index 30d500ee7..1302039ee 100644 --- a/scripts/zmwatch.pl.in +++ b/scripts/zmwatch.pl.in @@ -1,4 +1,4 @@ -#!/usr/bin/perl -wT +#!@PERL_EXECUTABLE@ -wT # # ========================================================================== # diff --git a/scripts/zmx10.pl.in b/scripts/zmx10.pl.in index beb10ae48..89dee5d00 100644 --- a/scripts/zmx10.pl.in +++ b/scripts/zmx10.pl.in @@ -1,4 +1,4 @@ -#!/usr/bin/perl -wT +#!@PERL_EXECUTABLE@ -wT # # ========================================================================== # From d4a8c96ede0fcba74a1ac34c6f38929c9e122c3d Mon Sep 17 00:00:00 2001 From: Isaac Connor Date: Mon, 23 Sep 2019 13:10:14 -0400 Subject: [PATCH 621/922] Build and deploy packages for every commit for debian/ubuntu/raspbian --- utils/packpack/startpackpack.sh | 117 ++++++++++++++------------------ 1 file changed, 52 insertions(+), 65 deletions(-) diff --git a/utils/packpack/startpackpack.sh b/utils/packpack/startpackpack.sh index 62daf21fd..14c51deea 100755 --- a/utils/packpack/startpackpack.sh +++ b/utils/packpack/startpackpack.sh @@ -19,7 +19,7 @@ checksanity () { exit 1 fi done - + # Verify OS & DIST environment variables have been set before calling this script if [ -z "${OS}" ] || [ -z "${DIST}" ]; then echo "ERROR: both OS and DIST environment variables must be set" @@ -120,7 +120,7 @@ commonprep () { movecrud () { if [ -e "web/api/app/Plugin/Crud/LICENSE.txt" ]; then echo "Crud plugin already installed..." - else + else echo "Unpacking Crud plugin..." tar -xzf build/crud-${CRUDVER}.tar.gz rmdir web/api/app/Plugin/Crud @@ -128,7 +128,7 @@ movecrud () { fi if [ -e "web/api/app/Plugin/CakePHP-Enum-Behavior/readme.md" ]; then echo "CakePHP-Enum-Behavior plugin already installed..." - else + else echo "Unpacking CakePHP-Enum-Behavior plugin..." tar -xzf build/cakephp-enum-behavior-${CEBVER}.tar.gz rmdir web/api/app/Plugin/CakePHP-Enum-Behavior @@ -182,7 +182,7 @@ setrpmpkgname () { export RELEASE="1.${numcommits}.${thedate}git${shorthash}" checkvars - + echo echo "Packpack VERSION has been set to: ${VERSION}" echo "Packpack RELEASE has been set to: ${RELEASE}" @@ -201,7 +201,7 @@ setdebpkgname () { export RELEASE="${DIST}" checkvars - + echo echo "Packpack VERSION has been set to: ${VERSION}" echo "Packpack RELEASE has been set to: ${RELEASE}" @@ -224,7 +224,7 @@ setdebchangelog () { DATE=`date -R` cat < debian/changelog zoneminder ($VERSION-${DIST}) ${DIST}; urgency=low - * + * -- Isaac Connor $DATE EOF } @@ -294,80 +294,67 @@ checksanity # We don't want to build packages for all supported distros after every commit # Only build all packages when executed via cron # See https://docs.travis-ci.com/user/cron-jobs/ -if [ "${TRAVIS_EVENT_TYPE}" == "cron" ] || [ "${TRAVIS}" != "true" ] || [ "${DIST}" == "buster" ] ; then + +# Steps common to Redhat distros +if [ "${OS}" == "el" ] || [ "${OS}" == "fedora" ]; then + if [ "${TRAVIS_EVENT_TYPE}" == "cron" ] || [ "${TRAVIS}" != "true" ]; then commonprep + echo "Begin Redhat build..." - # Steps common to Redhat distros - if [ "${OS}" == "el" ] || [ "${OS}" == "fedora" ]; then - echo "Begin Redhat build..." + setrpmpkgname - setrpmpkgname + ln -sfT distros/redhat rpm - ln -sfT distros/redhat rpm + # The rpm specfile requires the Crud submodule folder to be empty + rm -rf web/api/app/Plugin/Crud + mkdir web/api/app/Plugin/Crud - # The rpm specfile requires the Crud submodule folder to be empty - rm -rf web/api/app/Plugin/Crud - mkdir web/api/app/Plugin/Crud + reporpm="rpmfusion-free-release" + dlurl="https://download1.rpmfusion.org/free/${OS}/${reporpm}-${DIST}.noarch.rpm" - reporpm="rpmfusion-free-release" - dlurl="https://download1.rpmfusion.org/free/${OS}/${reporpm}-${DIST}.noarch.rpm" - - # Give our downloaded repo rpm a common name so redhat_package.mk can find it - if [ -n "$dlurl" ] && [ $? -eq 0 ]; then - echo "Retrieving ${reporpm} repo rpm..." - curl $dlurl > build/external-repo.noarch.rpm - else - echo "ERROR: Failed to retrieve ${reporpm} repo rpm..." - echo "Download url was: $dlurl" - exit 1 - fi - - setrpmchangelog - - echo "Starting packpack..." - execpackpack - - # Steps common to Debian based distros - elif [ "${OS}" == "debian" ] || [ "${OS}" == "ubuntu" ] || [ "${OS}" == "raspbian" ]; then - echo "Begin ${OS} ${DIST} build..." - - setdebpkgname - movecrud - - if [ "${DIST}" == "trusty" ] || [ "${DIST}" == "precise" ]; then - ln -sfT distros/ubuntu1204 debian - elif [ "${DIST}" == "wheezy" ]; then - ln -sfT distros/debian debian - else - ln -sfT distros/ubuntu1604 debian - fi - - setdebchangelog - - echo "Starting packpack..." - execpackpack - + # Give our downloaded repo rpm a common name so redhat_package.mk can find it + if [ -n "$dlurl" ] && [ $? -eq 0 ]; then + echo "Retrieving ${reporpm} repo rpm..." + curl $dlurl > build/external-repo.noarch.rpm + else + echo "ERROR: Failed to retrieve ${reporpm} repo rpm..." + echo "Download url was: $dlurl" + exit 1 fi -# We were not triggered via cron so just build and test trusty -elif [ "${OS}" == "ubuntu" ] && [ "${DIST}" == "trusty" ] && [ "${ARCH}" == "x86_64" ]; then - echo "Begin Ubuntu Trusty build..." + setrpmchangelog - commonprep - setdebpkgname - movecrud - - ln -sfT distros/ubuntu1204 debian - - setdebchangelog - echo "Starting packpack..." execpackpack + fi; + # Steps common to Debian based distros +elif [ "${OS}" == "debian" ] || [ "${OS}" == "ubuntu" ] || [ "${OS}" == "raspbian" ]; then + commonprep + echo "Begin ${OS} ${DIST} build..." + setdebpkgname + movecrud + + if [ "${DIST}" == "trusty" ] || [ "${DIST}" == "precise" ]; then + ln -sfT distros/ubuntu1204 debian + elif [ "${DIST}" == "wheezy" ]; then + ln -sfT distros/debian debian + else + ln -sfT distros/ubuntu1604 debian + fi + + setdebchangelog + + echo "Starting packpack..." + execpackpack + + # We were not triggered via cron so just build and test trusty + if [ "${OS}" == "ubuntu" ] && [ "${DIST}" == "trusty" ] && [ "${ARCH}" == "x86_64" ]; then # If we are running inside Travis then attempt to install the deb we just built if [ "${TRAVIS}" == "true" ]; then - install_deb + install_deb fi + fi fi exit 0 From 80710e65518815ae4f08d7e5207da571d8e81a56 Mon Sep 17 00:00:00 2001 From: Isaac Connor Date: Tue, 24 Sep 2019 10:12:44 -0400 Subject: [PATCH 622/922] use @PERL_EXECUTABLE@ --- zmconfgen.pl.in | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/zmconfgen.pl.in b/zmconfgen.pl.in index cbffa1e6d..c5b6517ac 100644 --- a/zmconfgen.pl.in +++ b/zmconfgen.pl.in @@ -1,4 +1,4 @@ -#!/usr/bin/perl -w +#!@PERL_EXECUTABLE@ -w # # ========================================================================== # From afd10e49d63aa4b7ba98a47229aca32329b6ec3e Mon Sep 17 00:00:00 2001 From: Isaac Connor Date: Wed, 25 Sep 2019 10:13:32 -0400 Subject: [PATCH 623/922] spaces, quotes extra braces --- web/ajax/status.php | 380 ++++++++++++++++++++++---------------------- 1 file changed, 189 insertions(+), 191 deletions(-) diff --git a/web/ajax/status.php b/web/ajax/status.php index 804d8e278..a975c7da1 100644 --- a/web/ajax/status.php +++ b/web/ajax/status.php @@ -10,193 +10,193 @@ if ($_REQUEST['entity'] == 'navBar') { } $statusData = array( - 'system' => array( - 'permission' => 'System', - 'table' => 'Monitors', - 'limit' => 1, - 'elements' => array( - 'MonitorCount' => array( 'sql' => 'count(*)' ), - 'ActiveMonitorCount' => array( 'sql' => "count(if(Function != 'None',1,NULL))" ), - 'State' => array( 'func' => 'daemonCheck()?'.translate('Running').':'.translate('Stopped') ), - 'Load' => array( 'func' => 'getLoad()' ), - 'Disk' => array( 'func' => 'getDiskPercent()' ), - ), - ), - 'monitor' => array( - 'permission' => 'Monitors', - 'table' => 'Monitors', - 'limit' => 1, - 'selector' => 'Monitors.Id', - 'elements' => array( - 'Id' => array( 'sql' => 'Monitors.Id' ), - 'Name' => array( 'sql' => 'Monitors.Name' ), - 'Type' => true, - 'Function' => true, - 'Enabled' => true, - 'LinkedMonitors' => true, - 'Triggers' => true, - 'Device' => true, - 'Channel' => true, - 'Format' => true, - 'Host' => true, - 'Port' => true, - 'Path' => true, - 'Width' => array( 'sql' => 'Monitors.Width' ), - 'Height' => array( 'sql' => 'Monitors.Height' ), - 'Palette' => true, - 'Orientation' => true, - 'Brightness' => true, - 'Contrast' => true, - 'Hue' => true, - 'Colour' => true, - 'EventPrefix' => true, - 'LabelFormat' => true, - 'LabelX' => true, - 'LabelY' => true, - 'LabelSize' => true, - 'ImageBufferCount' => true, - 'WarmupCount' => true, - 'PreEventCount' => true, - 'PostEventCount' => true, - 'AlarmFrameCount' => true, - 'SectionLength' => true, - 'FrameSkip' => true, - 'MotionFrameSkip' => true, - 'MaxFPS' => true, - 'AlarmMaxFPS' => true, - 'FPSReportInterval' => true, - 'RefBlendPerc' => true, - 'Controllable' => true, - 'ControlId' => true, - 'ControlDevice' => true, - 'ControlAddress' => true, - 'AutoStopTimeout' => true, - 'TrackMotion' => true, - 'TrackDelay' => true, - 'ReturnLocation' => true, - 'ReturnDelay' => true, - 'DefaultView' => true, - 'DefaultRate' => true, - 'DefaultScale' => true, - 'WebColour' => true, - 'Sequence' => true, - 'MinEventId' => array( 'sql' => '(SELECT min(Events.Id) FROM Events WHERE Events.MonitorId = Monitors.Id' ), - 'MaxEventId' => array( 'sql' => '(SELECT max(Events.Id) FROM Events WHERE Events.MonitorId = Monitors.Id' ), - 'TotalEvents' => array( 'sql' => '(SELECT count(Events.Id) FROM Events WHERE Events.MonitorId = Monitors.Id' ), - 'Status' => array( 'zmu' => '-m '.escapeshellarg($_REQUEST['id'][0]).' -s' ), - 'FrameRate' => array( 'zmu' => '-m '.escapeshellarg($_REQUEST['id'][0]).' -f' ), - ), - ), - 'events' => array( - 'permission' => 'Events', - 'table' => 'Events', - 'selector' => 'Events.MonitorId', - 'elements' => array( - 'Id' => true, - 'Name' => true, - 'Cause' => true, - 'Notes' => true, - 'StartTime' => true, - 'StartTimeShort' => array( 'sql' => "date_format( StartTime, '".MYSQL_FMT_DATETIME_SHORT."' )" ), - 'EndTime' => true, - 'Width' => true, - 'Height' => true, - 'Length' => true, - 'Frames' => true, - 'AlarmFrames' => true, - 'TotScore' => true, - 'AvgScore' => true, - 'MaxScore' => true, - ), - ), - 'event' => array( - 'permission' => 'Events', - 'table' => 'Events', - 'limit' => 1, - 'selector' => 'Events.Id', - 'elements' => array( - 'Id' => array( 'sql' => 'Events.Id' ), - 'MonitorId' => true, - 'MonitorName' => array('sql' => '(SELECT Monitors.Name FROM Monitors WHERE Monitors.Id = Events.MonitorId)'), - 'Name' => true, - 'Cause' => true, - 'StartTime' => true, - 'StartTimeShort' => array( 'sql' => "date_format( StartTime, '".MYSQL_FMT_DATETIME_SHORT."' )" ), - 'EndTime' => true, - 'Width' => true, - 'Height' => true, - 'Length' => true, - 'Frames' => true, - 'DefaultVideo' => true, - 'AlarmFrames' => true, - 'TotScore' => true, - 'AvgScore' => true, - 'MaxScore' => true, - 'Archived' => true, - 'Videoed' => true, - 'Uploaded' => true, - 'Emailed' => true, - 'Messaged' => true, - 'Executed' => true, - 'Notes' => true, - 'MinFrameId' => array( 'sql' => '(SELECT min(Frames.FrameId) FROM Frames WHERE EventId=Events.Id)' ), - 'MaxFrameId' => array( 'sql' => '(SELECT max(Frames.FrameId) FROM Frames WHERE Events.Id = Frames.EventId)' ), - 'MinFrameDelta' => array( 'sql' => '(SELECT min(Frames.Delta) FROM Frames WHERE Events.Id = Frames.EventId)' ), - 'MaxFrameDelta' => array( 'sql' => '(SELECT max(Frames.Delta) FROM Frames WHERE Events.Id = Frames.EventId)' ), - ), - ), - 'frames' => array( - 'permission' => 'Events', - 'table' => 'Frames', - 'selector' => 'EventId', - 'elements' => array( - 'EventId' => true, - 'FrameId' => true, - 'Type' => true, - 'Delta' => true, - ), - ), - 'frame' => array( - 'permission' => 'Events', - 'table' => 'Frames', - 'limit' => 1, - 'selector' => array( array( 'table' => 'Events', 'join' => 'Events.Id = Frames.EventId', 'selector'=>'Events.Id' ), 'Frames.FrameId' ), - 'elements' => array( - //'Id' => array( 'sql' => 'Frames.FrameId' ), - 'FrameId' => true, - 'EventId' => true, - 'Type' => true, - 'TimeStamp' => true, - 'TimeStampShort' => array( 'sql' => "date_format( StartTime, '".MYSQL_FMT_DATETIME_SHORT."' )" ), - 'Delta' => true, - 'Score' => true, - //'Image' => array( 'postFunc' => 'getFrameImage' ), - ), - ), - 'frameimage' => array( - 'permission' => 'Events', - 'func' => 'getFrameImage()' - ), - 'nearframe' => array( - 'permission' => 'Events', - 'func' => 'getNearFrame()' - ), - 'nearevents' => array( - 'permission' => 'Events', - 'func' => 'getNearEvents()' - ) - ); + 'system' => array( + 'permission' => 'System', + 'table' => 'Monitors', + 'limit' => 1, + 'elements' => array( + 'MonitorCount' => array( 'sql' => 'count(*)' ), + 'ActiveMonitorCount' => array( 'sql' => "count(if(Function != 'None',1,NULL))" ), + 'State' => array( 'func' => 'daemonCheck()?'.translate('Running').':'.translate('Stopped') ), + 'Load' => array( 'func' => 'getLoad()' ), + 'Disk' => array( 'func' => 'getDiskPercent()' ), + ), + ), + 'monitor' => array( + 'permission' => 'Monitors', + 'table' => 'Monitors', + 'limit' => 1, + 'selector' => 'Monitors.Id', + 'elements' => array( + 'Id' => array( 'sql' => 'Monitors.Id' ), + 'Name' => array( 'sql' => 'Monitors.Name' ), + 'Type' => true, + 'Function' => true, + 'Enabled' => true, + 'LinkedMonitors' => true, + 'Triggers' => true, + 'Device' => true, + 'Channel' => true, + 'Format' => true, + 'Host' => true, + 'Port' => true, + 'Path' => true, + 'Width' => array( 'sql' => 'Monitors.Width' ), + 'Height' => array( 'sql' => 'Monitors.Height' ), + 'Palette' => true, + 'Orientation' => true, + 'Brightness' => true, + 'Contrast' => true, + 'Hue' => true, + 'Colour' => true, + 'EventPrefix' => true, + 'LabelFormat' => true, + 'LabelX' => true, + 'LabelY' => true, + 'LabelSize' => true, + 'ImageBufferCount' => true, + 'WarmupCount' => true, + 'PreEventCount' => true, + 'PostEventCount' => true, + 'AlarmFrameCount' => true, + 'SectionLength' => true, + 'FrameSkip' => true, + 'MotionFrameSkip' => true, + 'MaxFPS' => true, + 'AlarmMaxFPS' => true, + 'FPSReportInterval' => true, + 'RefBlendPerc' => true, + 'Controllable' => true, + 'ControlId' => true, + 'ControlDevice' => true, + 'ControlAddress' => true, + 'AutoStopTimeout' => true, + 'TrackMotion' => true, + 'TrackDelay' => true, + 'ReturnLocation' => true, + 'ReturnDelay' => true, + 'DefaultView' => true, + 'DefaultRate' => true, + 'DefaultScale' => true, + 'WebColour' => true, + 'Sequence' => true, + 'MinEventId' => array( 'sql' => '(SELECT min(Events.Id) FROM Events WHERE Events.MonitorId = Monitors.Id' ), + 'MaxEventId' => array( 'sql' => '(SELECT max(Events.Id) FROM Events WHERE Events.MonitorId = Monitors.Id' ), + 'TotalEvents' => array( 'sql' => '(SELECT count(Events.Id) FROM Events WHERE Events.MonitorId = Monitors.Id' ), + 'Status' => array( 'zmu' => '-m '.escapeshellarg($_REQUEST['id'][0]).' -s' ), + 'FrameRate' => array( 'zmu' => '-m '.escapeshellarg($_REQUEST['id'][0]).' -f' ), + ), + ), + 'events' => array( + 'permission' => 'Events', + 'table' => 'Events', + 'selector' => 'Events.MonitorId', + 'elements' => array( + 'Id' => true, + 'Name' => true, + 'Cause' => true, + 'Notes' => true, + 'StartTime' => true, + 'StartTimeShort' => array( 'sql' => "date_format( StartTime, '".MYSQL_FMT_DATETIME_SHORT."' )" ), + 'EndTime' => true, + 'Width' => true, + 'Height' => true, + 'Length' => true, + 'Frames' => true, + 'AlarmFrames' => true, + 'TotScore' => true, + 'AvgScore' => true, + 'MaxScore' => true, + ), + ), + 'event' => array( + 'permission' => 'Events', + 'table' => 'Events', + 'limit' => 1, + 'selector' => 'Events.Id', + 'elements' => array( + 'Id' => array( 'sql' => 'Events.Id' ), + 'MonitorId' => true, + 'MonitorName' => array('sql' => '(SELECT Monitors.Name FROM Monitors WHERE Monitors.Id = Events.MonitorId)'), + 'Name' => true, + 'Cause' => true, + 'StartTime' => true, + 'StartTimeShort' => array( 'sql' => "date_format( StartTime, '".MYSQL_FMT_DATETIME_SHORT."' )" ), + 'EndTime' => true, + 'Width' => true, + 'Height' => true, + 'Length' => true, + 'Frames' => true, + 'DefaultVideo' => true, + 'AlarmFrames' => true, + 'TotScore' => true, + 'AvgScore' => true, + 'MaxScore' => true, + 'Archived' => true, + 'Videoed' => true, + 'Uploaded' => true, + 'Emailed' => true, + 'Messaged' => true, + 'Executed' => true, + 'Notes' => true, + 'MinFrameId' => array( 'sql' => '(SELECT min(Frames.FrameId) FROM Frames WHERE EventId=Events.Id)' ), + 'MaxFrameId' => array( 'sql' => '(SELECT max(Frames.FrameId) FROM Frames WHERE Events.Id = Frames.EventId)' ), + 'MinFrameDelta' => array( 'sql' => '(SELECT min(Frames.Delta) FROM Frames WHERE Events.Id = Frames.EventId)' ), + 'MaxFrameDelta' => array( 'sql' => '(SELECT max(Frames.Delta) FROM Frames WHERE Events.Id = Frames.EventId)' ), + ), + ), + 'frames' => array( + 'permission' => 'Events', + 'table' => 'Frames', + 'selector' => 'EventId', + 'elements' => array( + 'EventId' => true, + 'FrameId' => true, + 'Type' => true, + 'Delta' => true, + ), + ), + 'frame' => array( + 'permission' => 'Events', + 'table' => 'Frames', + 'limit' => 1, + 'selector' => array( array( 'table' => 'Events', 'join' => 'Events.Id = Frames.EventId', 'selector'=>'Events.Id' ), 'Frames.FrameId' ), + 'elements' => array( + //'Id' => array( 'sql' => 'Frames.FrameId' ), + 'FrameId' => true, + 'EventId' => true, + 'Type' => true, + 'TimeStamp' => true, + 'TimeStampShort' => array( 'sql' => "date_format( StartTime, '".MYSQL_FMT_DATETIME_SHORT."' )" ), + 'Delta' => true, + 'Score' => true, + //'Image' => array( 'postFunc' => 'getFrameImage' ), + ), + ), + 'frameimage' => array( + 'permission' => 'Events', + 'func' => 'getFrameImage()' + ), + 'nearframe' => array( + 'permission' => 'Events', + 'func' => 'getNearFrame()' + ), + 'nearevents' => array( + 'permission' => 'Events', + 'func' => 'getNearEvents()' + ) +); function collectData() { global $statusData; $entitySpec = &$statusData[strtolower(validJsStr($_REQUEST['entity']))]; #print_r( $entitySpec ); - if ( !canView( $entitySpec['permission'] ) ) + if ( !canView($entitySpec['permission']) ) ajaxError('Unrecognised action or insufficient permissions'); if ( !empty($entitySpec['func']) ) { - $data = eval( 'return( '.$entitySpec['func']." );" ); + $data = eval('return('.$entitySpec['func'].');'); } else { $data = array(); $postFuncs = array(); @@ -249,12 +249,12 @@ function collectData() { $groupSql[] = $elementData['group']; } } - } + } # end foreach element if ( count($fieldSql) ) { - $sql = 'select '.join( ', ', $fieldSql ).' from '.$entitySpec['table']; + $sql = 'SELECT '.join(', ', $fieldSql).' FROM '.$entitySpec['table']; if ( $joinSql ) - $sql .= ' '.join( ' ', array_unique( $joinSql ) ); + $sql .= ' '.join(' ', array_unique($joinSql)); if ( $id && !empty($entitySpec['selector']) ) { $index = 0; $where = array(); @@ -270,10 +270,10 @@ function collectData() { } $index++; } - $sql .= ' WHERE '.join( ' AND ', $where ); + $sql .= ' WHERE '.join(' AND ', $where); } if ( $groupSql ) - $sql .= ' GROUP BY '.join( ',', array_unique( $groupSql ) ); + $sql .= ' GROUP BY '.join(',', array_unique($groupSql)); if ( !empty($_REQUEST['sort']) ) { $sql .= ' ORDER BY '; $sort_fields = explode(',',$_REQUEST['sort']); @@ -335,31 +335,29 @@ if ( !isset($_REQUEST['layout']) ) { switch( $_REQUEST['layout'] ) { case 'xml NOT CURRENTLY SUPPORTED' : - { - header("Content-type: application/xml" ); - echo( ''."\n" ); + header('Content-type: application/xml'); + echo(''."\n"); echo '<'.strtolower($_REQUEST['entity']).">\n"; foreach ( $data as $key=>$value ) { - $key = strtolower( $key ); + $key = strtolower($key); echo "<$key>".htmlentities($value)."\n"; } echo '\n"; break; - } case 'json' : { $response = array( strtolower(validJsStr($_REQUEST['entity'])) => $data ); if ( isset($_REQUEST['loopback']) ) $response['loopback'] = validJsStr($_REQUEST['loopback']); - ajaxResponse( $response ); + ajaxResponse($response); break; } case 'text' : - { header('Content-type: text/plain' ); echo join( ' ', array_values( $data ) ); break; - } + default: + ZM\Error('Unsupported layout: '. $_REQUEST['layout']); } function getFrameImage() { From 475432449f4aceceee7bf63fc0f54ed168006533 Mon Sep 17 00:00:00 2001 From: Isaac Connor Date: Wed, 25 Sep 2019 10:13:56 -0400 Subject: [PATCH 624/922] Add default values for Status record --- web/includes/Monitor.php | 3 +++ 1 file changed, 3 insertions(+) diff --git a/web/includes/Monitor.php b/web/includes/Monitor.php index 314efd610..d68d33930 100644 --- a/web/includes/Monitor.php +++ b/web/includes/Monitor.php @@ -151,6 +151,9 @@ private $status_fields = array( $row = dbFetchOne($sql, NULL, array($this->{'Id'})); if ( !$row ) { Error('Unable to load Monitor record for Id='.$this->{'Id'}); + foreach ( $this->status_fields as $k => $v ) { + $this->{$k} = $v; + } } else { foreach ($row as $k => $v) { $this->{$k} = $v; From 5c80e098c557a228c567ae72e13494fdf745d8fc Mon Sep 17 00:00:00 2001 From: Isaac Connor Date: Wed, 25 Sep 2019 10:14:12 -0400 Subject: [PATCH 625/922] Only save Group changes if there were changes --- web/includes/actions/monitor.php | 14 +++++++------- 1 file changed, 7 insertions(+), 7 deletions(-) diff --git a/web/includes/actions/monitor.php b/web/includes/actions/monitor.php index e3d190d50..53e533035 100644 --- a/web/includes/actions/monitor.php +++ b/web/includes/actions/monitor.php @@ -214,6 +214,13 @@ if ( $action == 'monitor' ) { } } + if ( isset($changes['GroupIds']) ) { + dbQuery('DELETE FROM Groups_Monitors WHERE MonitorId=?', array($mid)); + foreach ( $changes['GroupIds'] as $group_id ) { + dbQuery('INSERT INTO Groups_Monitors (GroupId, MonitorId) VALUES (?,?)', array($group_id, $mid)); + } + } // end if there has been a change of groups + $restart = true; } else { ZM\Logger::Debug('No action due to no changes to Monitor'); @@ -224,13 +231,6 @@ if ( $action == 'monitor' ) { return; } - if ( isset($changes['GroupIds']) ) { - dbQuery('DELETE FROM Groups_Monitors WHERE MonitorId=?', array($mid)); - foreach ( $changes['GroupIds'] as $group_id ) { - dbQuery('INSERT INTO Groups_Monitors (GroupId, MonitorId) VALUES (?,?)', array($group_id, $mid)); - } - } // end if there has been a change of groups - if ( ZM_OPT_X10 ) { $x10Changes = getFormChanges($x10Monitor, $_REQUEST['newX10Monitor']); From 1b653e7e7933dfd26a8b171f4011e747b892bf4a Mon Sep 17 00:00:00 2001 From: Isaac Connor Date: Wed, 25 Sep 2019 10:14:41 -0400 Subject: [PATCH 626/922] Add warnings for when SaveJPEGs and VideoWriter are both set to disabled --- web/lang/en_gb.php | 1 + web/skins/classic/views/js/monitor.js.php | 57 +++++++++++++---------- 2 files changed, 34 insertions(+), 24 deletions(-) diff --git a/web/lang/en_gb.php b/web/lang/en_gb.php index 18a1d72dd..b2890a605 100644 --- a/web/lang/en_gb.php +++ b/web/lang/en_gb.php @@ -177,6 +177,7 @@ $SLANG = array( 'BadPostEventCount' => 'Post event image count must be an integer of zero or more', 'BadPreEventCount' => 'Pre event image count must be at least zero, and less than image buffer size', 'BadRefBlendPerc' => 'Reference blend percentage must be a positive integer', + 'BadNoSaveJPEGsOrVideoWriter' => 'SaveJPEGs and VideoWriter are both set to disabled. Nothing will be recorded!', 'BadSectionLength' => 'Section length must be an integer of 30 or more', 'BadSignalCheckColour' => 'Signal check colour must be a valid RGB colour string', 'BadStreamReplayBuffer' => 'Stream replay buffer must be an integer of zero or more', diff --git a/web/skins/classic/views/js/monitor.js.php b/web/skins/classic/views/js/monitor.js.php index c0483d812..04fa06dcb 100644 --- a/web/skins/classic/views/js/monitor.js.php +++ b/web/skins/classic/views/js/monitor.js.php @@ -10,39 +10,31 @@ var controlOptions = new Object(); $controlTypes = array( ''=>translate('None') ); # Temporary workaround to show all ptz control types regardless of monitor source type # $sql = "select * from Controls where Type = '".$newMonitor['Type']."'"; - $sql = "select * from Controls"; - foreach( dbFetchAll( $sql ) as $row ) { + $sql = 'SELECT `Id`,`Name`,`HasHomePreset`,`NumPresets` FROM `Controls` ORDER BY lower(`Name`)'; + foreach( dbFetchAll($sql) as $row ) { $controlTypes[$row['Id']] = $row['Name']; -?> -controlOptions[] = new Array(); - -controlOptions[][0] = ''; - -controlOptions[][0] = null; - -controlOptions[][] = ''; - var monitorNames = new Object(); -monitorNames[''] = true; - @@ -140,6 +132,23 @@ function validateForm( form ) { alert(errors.join("\n")); return false; } + + var warnings = new Array(); + if ( (form.elements['newMonitor[Function]'].value != 'Monitor') && (form.elements['newMonitor[Function]'].value != 'None') ) { + if ( (form.elements['newMonitor[SaveJPEGs]'].value == '0') && (form.elements['newMonitor[VideoWriter]'].value == '0') ) { + warnings[warnings.length] = ""; + } +console.log(form.elements['newMonitor[SaveJPEGs]'].value); +console.log(form.elements['newMonitor[VideoWriter]'].value); + + } +console.log(warnings); + if ( warnings.length ) { + if ( !confirm(warnings.join("\n")) ) { + return false; + } + } + return true; } From 54dec069cda13f48b7cf15e57887ad1198e786a9 Mon Sep 17 00:00:00 2001 From: Isaac Connor Date: Wed, 25 Sep 2019 10:15:12 -0400 Subject: [PATCH 627/922] correct quotes and use a button on loging page --- web/skins/classic/views/login.php | 6 +++--- 1 file changed, 3 insertions(+), 3 deletions(-) diff --git a/web/skins/classic/views/login.php b/web/skins/classic/views/login.php index 3f31b3a84..788f46163 100644 --- a/web/skins/classic/views/login.php +++ b/web/skins/classic/views/login.php @@ -1,5 +1,5 @@ @@ -30,10 +30,10 @@ xhtmlHeaders(__FILE__, translate('Login') ); && defined('ZM_OPT_GOOG_RECAPTCHA_SECRETKEY') && ZM_OPT_USE_GOOG_RECAPTCHA && ZM_OPT_GOOG_RECAPTCHA_SITEKEY && ZM_OPT_GOOG_RECAPTCHA_SECRETKEY) { - echo "
"; + echo '
'; } ?> - +
From ca40e760f799591a177d18e125a22c65db366570 Mon Sep 17 00:00:00 2001 From: Isaac Connor Date: Wed, 25 Sep 2019 10:15:32 -0400 Subject: [PATCH 628/922] get global cspNonce --- web/skins/classic/views/none.php | 1 + 1 file changed, 1 insertion(+) diff --git a/web/skins/classic/views/none.php b/web/skins/classic/views/none.php index 1213b44d5..7e2702399 100644 --- a/web/skins/classic/views/none.php +++ b/web/skins/classic/views/none.php @@ -18,6 +18,7 @@ // Foundation, Inc., 51 Franklin Street, Fifth Floor, Boston, MA 02110-1301 USA. // + global $cspNonce; $skinJsPhpFile = getSkinFile('js/skin.js.php'); $skinJsFile = getSkinFile('js/skin.js'); ?> From fe893a4a01315532f85e45bb3da198f0e44e219a Mon Sep 17 00:00:00 2001 From: Isaac Connor Date: Wed, 25 Sep 2019 10:16:02 -0400 Subject: [PATCH 629/922] Add report-uri to out Content-Security-Policy-Report-Only header --- web/includes/functions.php | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/web/includes/functions.php b/web/includes/functions.php index 2a5529c96..a78ef2c66 100644 --- a/web/includes/functions.php +++ b/web/includes/functions.php @@ -79,7 +79,7 @@ function CSPHeaders($view, $nonce) { } default: { // Use Report-Only mode on all other pages. - header("Content-Security-Policy-Report-Only: script-src 'unsafe-inline' 'self' 'nonce-$nonce' $additionalScriptSrc"); + header("Content-Security-Policy-Report-Only: script-src 'unsafe-inline' 'self' 'nonce-$nonce' $additionalScriptSrc report-uri https://zmrepo.zoneminder.com"); break; } } From b936fbac6a358173f876780b4fd8eb2dd121519c Mon Sep 17 00:00:00 2001 From: Isaac Connor Date: Wed, 25 Sep 2019 10:16:16 -0400 Subject: [PATCH 630/922] Don't import Monitor.php unless we need to --- web/skins/classic/views/watch.php | 3 +-- 1 file changed, 1 insertion(+), 2 deletions(-) diff --git a/web/skins/classic/views/watch.php b/web/skins/classic/views/watch.php index 82e16645d..14e4ffd73 100644 --- a/web/skins/classic/views/watch.php +++ b/web/skins/classic/views/watch.php @@ -18,8 +18,6 @@ // Foundation, Inc., 51 Franklin Street, Fifth Floor, Boston, MA 02110-1301 USA. // -require_once('includes/Monitor.php'); - if ( !canView('Stream') ) { $view = 'error'; return; @@ -37,6 +35,7 @@ if ( ! visibleMonitor($mid) ) { return; } +require_once('includes/Monitor.php'); $monitor = new ZM\Monitor($mid); #Whether to show the controls button From bcb83899232801cf5de7d86fbb0e698749f3c26a Mon Sep 17 00:00:00 2001 From: Isaac Connor Date: Wed, 25 Sep 2019 10:16:27 -0400 Subject: [PATCH 631/922] spaces --- web/skins/classic/views/postlogin.php | 4 ++-- 1 file changed, 2 insertions(+), 2 deletions(-) diff --git a/web/skins/classic/views/postlogin.php b/web/skins/classic/views/postlogin.php index f183aa62f..baa5b0ae9 100644 --- a/web/skins/classic/views/postlogin.php +++ b/web/skins/classic/views/postlogin.php @@ -1,6 +1,6 @@
From 2b017f782b20c4b9a58c3188329cfa5c7d601d26 Mon Sep 17 00:00:00 2001 From: Isaac Connor Date: Wed, 25 Sep 2019 10:35:41 -0400 Subject: [PATCH 632/922] Fix missing eid= from View All/View Pages links --- web/skins/classic/views/frames.php | 8 ++++---- 1 file changed, 4 insertions(+), 4 deletions(-) diff --git a/web/skins/classic/views/frames.php b/web/skins/classic/views/frames.php index aec2f658b..eaf1edd0e 100644 --- a/web/skins/classic/views/frames.php +++ b/web/skins/classic/views/frames.php @@ -31,7 +31,6 @@ $Monitor = $Event->Monitor(); $countSql = 'SELECT COUNT(*) AS FrameCount FROM Frames AS F WHERE 1 '; $frameSql = 'SELECT *, unix_timestamp( TimeStamp ) AS UnixTimeStamp FROM Frames AS F WHERE 1 '; - // override the sort_field handling in parseSort for frames if ( empty($_REQUEST['sort_field']) ) $_REQUEST['sort_field'] = 'FramesTimeStamp'; @@ -100,7 +99,8 @@ if ( !empty($page) ) { } $maxShortcuts = 5; -$pagination = getPagination($pages, $page, $maxShortcuts, $sortQuery.'&eid='.$eid.$limitQuery.$filterQuery); +$totalQuery = $sortQuery.'&eid='.$eid.$limitQuery.$filterQuery; +$pagination = getPagination($pages, $page, $maxShortcuts, $totalQuery); $frames = dbFetchAll($frameSql); @@ -125,11 +125,11 @@ if ( $pagination ) { if ( $pages > 1 ) { if ( !empty($page) ) { ?> - + - + Date: Wed, 25 Sep 2019 10:35:57 -0400 Subject: [PATCH 633/922] code doc --- web/includes/functions.php | 6 +++--- 1 file changed, 3 insertions(+), 3 deletions(-) diff --git a/web/includes/functions.php b/web/includes/functions.php index a78ef2c66..482e36515 100644 --- a/web/includes/functions.php +++ b/web/includes/functions.php @@ -1400,8 +1400,8 @@ function getPagination( $pages, $page, $maxShortcuts, $query, $querySep='&' foreach ( $newPages as $newPage ) { $pageText .= ''.$newPage.' '; } + } # end if page > 1 - } $pageText .= '- '.$page.' -'; if ( $page < $pages ) { $newPages = array(); @@ -1426,10 +1426,10 @@ function getPagination( $pages, $page, $maxShortcuts, $query, $querySep='&' if ( false && $page < ($pages-1) ) { $pageText .= '>>'; } - } + } # end if $page < $pages } } - return( $pageText ); + return $pageText; } function sortHeader( $field, $querySep='&' ) { From 84d68f549f376970953b3c56be9ad10bf58d0754 Mon Sep 17 00:00:00 2001 From: Isaac Connor Date: Wed, 25 Sep 2019 10:36:12 -0400 Subject: [PATCH 634/922] enable iconzm docker for stretch --- .travis.yml | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/.travis.yml b/.travis.yml index b8f620114..ffdd9e2da 100644 --- a/.travis.yml +++ b/.travis.yml @@ -40,7 +40,7 @@ env: - SMPFLAGS=-j4 OS=ubuntu DIST=bionic - SMPFLAGS=-j4 OS=ubuntu DIST=disco - SMPFLAGS=-j4 OS=debian DIST=buster DOCKER_REPO=iconzm/packpack - - SMPFLAGS=-j4 OS=debian DIST=stretch + - SMPFLAGS=-j4 OS=debian DIST=stretch DOCKER_REPO=iconzm/packpack - SMPFLAGS=-j4 OS=ubuntu DIST=trusty ARCH=i386 - SMPFLAGS=-j4 OS=ubuntu DIST=xenial ARCH=i386 - SMPFLAGS=-j4 OS=ubuntu DIST=bionic ARCH=i386 From 1dda79af46aa43f8b45ad773ce326ac36d43aeb0 Mon Sep 17 00:00:00 2001 From: Isaac Connor Date: Wed, 25 Sep 2019 12:00:00 -0400 Subject: [PATCH 635/922] remove debug --- src/zm_ffmpeg_camera.cpp | 3 --- 1 file changed, 3 deletions(-) diff --git a/src/zm_ffmpeg_camera.cpp b/src/zm_ffmpeg_camera.cpp index cf55a75d4..7c9479f44 100644 --- a/src/zm_ffmpeg_camera.cpp +++ b/src/zm_ffmpeg_camera.cpp @@ -649,9 +649,6 @@ int FfmpegCamera::OpenFfmpeg() { ) { Warning("Monitor dimensions are %dx%d but camera is sending %dx%d", width, height, mVideoCodecContext->width, mVideoCodecContext->height); - } else { - Warning("Monitor dimensions are %dx%d and camera is sending %dx%d", - width, height, mVideoCodecContext->width, mVideoCodecContext->height); } mCanCapture = true; From 675db328e7be6198d05240fd826809d2ac3cbfaa Mon Sep 17 00:00:00 2001 From: Isaac Connor Date: Wed, 25 Sep 2019 12:00:32 -0400 Subject: [PATCH 636/922] enable bionic iconzm docket repo --- .travis.yml | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/.travis.yml b/.travis.yml index ffdd9e2da..3cc4464a4 100644 --- a/.travis.yml +++ b/.travis.yml @@ -37,7 +37,7 @@ env: - SMPFLAGS=-j4 OS=fedora DIST=29 DOCKER_REPO=knnniggett/packpack - SMPFLAGS=-j4 OS=ubuntu DIST=trusty - SMPFLAGS=-j4 OS=ubuntu DIST=xenial - - SMPFLAGS=-j4 OS=ubuntu DIST=bionic + - SMPFLAGS=-j4 OS=ubuntu DIST=bionic DOCKER_REPO=iconzm/packpack - SMPFLAGS=-j4 OS=ubuntu DIST=disco - SMPFLAGS=-j4 OS=debian DIST=buster DOCKER_REPO=iconzm/packpack - SMPFLAGS=-j4 OS=debian DIST=stretch DOCKER_REPO=iconzm/packpack From b787682fa9a046c4b37e63bd047115966329adfc Mon Sep 17 00:00:00 2001 From: Isaac Connor Date: Thu, 26 Sep 2019 13:51:13 -0400 Subject: [PATCH 637/922] Fix play from pause when not buffering. When change of zoom, send two paused images so that response is instant. Fix some misplaced line feeds. --- src/zm_monitorstream.cpp | 61 +++++++++++++++++++++++++--------------- 1 file changed, 39 insertions(+), 22 deletions(-) diff --git a/src/zm_monitorstream.cpp b/src/zm_monitorstream.cpp index 15406c456..0c71b5c61 100644 --- a/src/zm_monitorstream.cpp +++ b/src/zm_monitorstream.cpp @@ -328,10 +328,10 @@ bool MonitorStream::sendFrame(const char *filepath, struct timeval *timestamp) { struct timeval frameStartTime; gettimeofday(&frameStartTime, NULL); - fputs("--ZoneMinderFrame\r\nContent-Type: image/jpeg\r\n\r\n", stdout ); - fprintf(stdout, "Content-Length: %d\r\n", img_buffer_size); + fputs("--ZoneMinderFrame\r\nContent-Type: image/jpeg\r\n", stdout); + fprintf(stdout, "Content-Length: %d\r\n\r\n", img_buffer_size); if ( fwrite(img_buffer, img_buffer_size, 1, stdout) != 1 ) { - if ( ! zm_terminate ) + if ( !zm_terminate ) Warning("Unable to send stream frame: %s", strerror(errno)); return false; } @@ -397,7 +397,7 @@ bool MonitorStream::sendFrame(Image *image, struct timeval *timestamp) { break; case STREAM_ZIP : #if HAVE_ZLIB_H - fputs("Content-Type: image/x-rgbz\r\n",stdout); + fputs("Content-Type: image/x-rgbz\r\n", stdout); unsigned long zip_buffer_size; send_image->Zip(img_buffer, &zip_buffer_size); img_buffer_size = zip_buffer_size; @@ -412,7 +412,7 @@ bool MonitorStream::sendFrame(Image *image, struct timeval *timestamp) { } fprintf(stdout, "Content-Length: %d\r\n\r\n", img_buffer_size); if ( fwrite(img_buffer, img_buffer_size, 1, stdout) != 1 ) { - if ( !zm_terminate ){ + if ( !zm_terminate ) { // If the pipe was closed, we will get signalled SIGPIPE to exit, which will set zm_terminate Warning("Unable to send stream frame: %s", strerror(errno)); } @@ -657,11 +657,11 @@ void MonitorStream::runStream() { if ( last_read_index != monitor->shared_data->last_write_index ) { // have a new image to send int index = monitor->shared_data->last_write_index % monitor->image_buffer_count; // % shouldn't be neccessary - last_read_index = monitor->shared_data->last_write_index; - Debug(2, "index: %d: frame_mod: %d frame count: %d paused(%d) delayed(%d)", - index, frame_mod, frame_count, paused, delayed ); if ( (frame_mod == 1) || ((frame_count%frame_mod) == 0) ) { if ( !paused && !delayed ) { + last_read_index = monitor->shared_data->last_write_index; + Debug(2, "index: %d: frame_mod: %d frame count: %d paused(%d) delayed(%d)", + index, frame_mod, frame_count, paused, delayed ); // Send the next frame Monitor::Snapshot *snap = &monitor->image_buffer[index]; @@ -676,20 +676,32 @@ void MonitorStream::runStream() { temp_read_index = temp_write_index; } else { - Debug(2, "Paused %d, delayed %d", paused, delayed); - double actual_delta_time = TV_2_FLOAT(now) - last_frame_sent; - if ( actual_delta_time > 5 ) { - if ( paused_image ) { - // Send keepalive - Debug(2, "Sending keepalive frame because delta time %.2f > 5", actual_delta_time); - // Send the next frame - if ( !sendFrame(paused_image, &paused_timestamp) ) - zm_terminate = true; - } else { - Debug(2, "Would have sent keepalive frame, but had no paused_image "); - } + if ( delayed && !buffered_playback ) { + Debug(2, "Can't delay when not buffering."); + delayed = false; } - } + if ( last_zoom != zoom ) { + Debug(2, "Sending 2 frames because change in zoom %d ?= %d", last_zoom, zoom); + if ( !sendFrame(paused_image, &paused_timestamp) ) + zm_terminate = true; + if ( !sendFrame(paused_image, &paused_timestamp) ) + zm_terminate = true; + } else { + double actual_delta_time = TV_2_FLOAT(now) - last_frame_sent; + if ( actual_delta_time > 5 ) { + if ( paused_image ) { + // Send keepalive + Debug(2, "Sending keepalive frame because delta time %.2f > 5", + actual_delta_time); + // Send the next frame + if ( !sendFrame(paused_image, &paused_timestamp) ) + zm_terminate = true; + } else { + Debug(2, "Would have sent keepalive frame, but had no paused_image "); + } + } // end if actual_delta_time > 5 + } // end if change in zoom + } // end if paused or not } // end if should send frame if ( buffered_playback && !paused ) { @@ -698,7 +710,12 @@ void MonitorStream::runStream() { int temp_index = temp_write_index%temp_image_buffer_count; Debug(2, "Storing frame %d", temp_index); if ( !temp_image_buffer[temp_index].valid ) { - snprintf( temp_image_buffer[temp_index].file_name, sizeof(temp_image_buffer[0].file_name), "%s/zmswap-i%05d.jpg", swap_path.c_str(), temp_index ); + snprintf( + temp_image_buffer[temp_index].file_name, + sizeof(temp_image_buffer[0].file_name), + "%s/zmswap-i%05d.jpg", + swap_path.c_str(), + temp_index); temp_image_buffer[temp_index].valid = true; } memcpy( &(temp_image_buffer[temp_index].timestamp), monitor->image_buffer[index].timestamp, sizeof(temp_image_buffer[0].timestamp) ); From 492be7cc33bc4bc0a0b49b4f9fbe0fd56be41af5 Mon Sep 17 00:00:00 2001 From: Isaac Connor Date: Thu, 26 Sep 2019 13:51:49 -0400 Subject: [PATCH 638/922] make last_zoom last_scale last_x and last_y members of the StreamBase object instead of static vars so that we can access them in monitorStream --- src/zm_stream.cpp | 9 --------- src/zm_stream.h | 11 +++++++---- 2 files changed, 7 insertions(+), 13 deletions(-) diff --git a/src/zm_stream.cpp b/src/zm_stream.cpp index 732b1b810..ee874cf64 100644 --- a/src/zm_stream.cpp +++ b/src/zm_stream.cpp @@ -110,15 +110,6 @@ bool StreamBase::checkCommandQueue() { } Image *StreamBase::prepareImage( Image *image ) { - static int last_scale = 0; - static int last_zoom = 0; - static int last_x = 0; - static int last_y = 0; - - if ( !last_scale ) - last_scale = scale; - if ( !last_zoom ) - last_zoom = zoom; // Do not bother to scale zoomed in images, just crop them and let the browser scale // Works in FF2 but breaks FF3 which doesn't like image sizes changing in mid stream. diff --git a/src/zm_stream.h b/src/zm_stream.h index d4443cb39..eb99b74c1 100644 --- a/src/zm_stream.h +++ b/src/zm_stream.h @@ -66,9 +66,12 @@ protected: const char *format; int replay_rate; int scale; + int last_scale; int zoom; + int last_zoom; double maxfps; int bitrate; + unsigned short last_x, last_y; unsigned short x, y; protected: @@ -117,15 +120,15 @@ public: type = DEFAULT_TYPE; format = ""; replay_rate = DEFAULT_RATE; - scale = DEFAULT_SCALE; - zoom = DEFAULT_ZOOM; + last_scale = scale = DEFAULT_SCALE; + last_zoom = zoom = DEFAULT_ZOOM; maxfps = DEFAULT_MAXFPS; bitrate = DEFAULT_BITRATE; paused = false; step = 0; - x = 0; - y = 0; + last_x = x = 0; + last_y = y = 0; connkey = 0; sd = -1; From 555f3e9c0d9c1faac4c08f200eed99fc802caa08 Mon Sep 17 00:00:00 2001 From: Isaac Connor Date: Thu, 26 Sep 2019 13:52:27 -0400 Subject: [PATCH 639/922] Fix missing semi colon in Content-Security-Policy-Report-Only --- web/includes/functions.php | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/web/includes/functions.php b/web/includes/functions.php index 482e36515..7d8ace272 100644 --- a/web/includes/functions.php +++ b/web/includes/functions.php @@ -79,7 +79,7 @@ function CSPHeaders($view, $nonce) { } default: { // Use Report-Only mode on all other pages. - header("Content-Security-Policy-Report-Only: script-src 'unsafe-inline' 'self' 'nonce-$nonce' $additionalScriptSrc report-uri https://zmrepo.zoneminder.com"); + header("Content-Security-Policy-Report-Only: script-src 'unsafe-inline' 'self' 'nonce-$nonce' $additionalScriptSrc; report-uri https://zmrepo.zoneminder.com"); break; } } From e4265bd075d79cd73f281cb44ed621b9afc74a97 Mon Sep 17 00:00:00 2001 From: Isaac Connor Date: Thu, 26 Sep 2019 16:13:49 -0400 Subject: [PATCH 640/922] spaces --- web/skins/classic/views/js/watch.js | 37 ++++++++++++++--------------- 1 file changed, 18 insertions(+), 19 deletions(-) diff --git a/web/skins/classic/views/js/watch.js b/web/skins/classic/views/js/watch.js index fb77846c4..b6127a68d 100644 --- a/web/skins/classic/views/js/watch.js +++ b/web/skins/classic/views/js/watch.js @@ -198,34 +198,34 @@ function getStreamCmdResponse(respObj, respText) { $('rate').addClass( 'hidden' ); $('delay').addClass( 'hidden' ); $('level').addClass( 'hidden' ); - streamCmdPlay( false ); + streamCmdPlay(false); } // end if paused or delayed - $('zoomValue').set( 'text', streamStatus.zoom ); - if ( streamStatus.zoom == "1.0" ) { - setButtonState( $('zoomOutBtn'), 'unavail' ); + $('zoomValue').set('text', streamStatus.zoom); + if ( streamStatus.zoom == '1.0' ) { + setButtonState($('zoomOutBtn'), 'unavail'); } else { - setButtonState( $('zoomOutBtn'), 'inactive' ); + setButtonState($('zoomOutBtn'), 'inactive'); } if ( canEditMonitors ) { if ( streamStatus.enabled ) { - $('enableAlarmsLink').addClass( 'hidden' ); - $('disableAlarmsLink').removeClass( 'hidden' ); + $('enableAlarmsLink').addClass('hidden'); + $('disableAlarmsLink').removeClass('hidden'); if ( streamStatus.forced ) { - $('forceAlarmLink').addClass( 'hidden' ); - $('cancelAlarmLink').removeClass( 'hidden' ); + $('forceAlarmLink').addClass('hidden'); + $('cancelAlarmLink').removeClass('hidden'); } else { - $('forceAlarmLink').removeClass( 'hidden' ); - $('cancelAlarmLink').addClass( 'hidden' ); + $('forceAlarmLink').removeClass('hidden'); + $('cancelAlarmLink').addClass('hidden'); } - $('forceCancelAlarm').removeClass( 'hidden' ); + $('forceCancelAlarm').removeClass('hidden'); } else { - $('enableAlarmsLink').removeClass( 'hidden' ); - $('disableAlarmsLink').addClass( 'hidden' ); - $('forceCancelAlarm').addClass( 'hidden' ); + $('enableAlarmsLink').removeClass('hidden'); + $('disableAlarmsLink').addClass('hidden'); + $('forceCancelAlarm').addClass('hidden'); } - $('enableDisableAlarms').removeClass( 'hidden' ); + $('enableDisableAlarms').removeClass('hidden'); } // end if canEditMonitors if ( streamStatus.auth ) { @@ -702,13 +702,12 @@ function handleClick( event ) { if ( event.shift ) { streamCmdPan( x, y ); } else if ( event.event.ctrlKey ) { - console.log("Zooming out"); streamCmdZoomOut(); } else { - streamCmdZoomIn( x, y ); + streamCmdZoomIn(x, y); } } else { - controlCmdImage( x, y ); + controlCmdImage(x, y); } } From fdaee75310043510d4ad141665d126faba745d06 Mon Sep 17 00:00:00 2001 From: Isaac Connor Date: Thu, 26 Sep 2019 16:26:18 -0400 Subject: [PATCH 641/922] Use material icons for buttons. Hide the stop button because it does nothing. --- web/skins/classic/views/watch.php | 35 +++++++++++++++++++++++-------- 1 file changed, 26 insertions(+), 9 deletions(-) diff --git a/web/skins/classic/views/watch.php b/web/skins/classic/views/watch.php index 14e4ffd73..ec2674591 100644 --- a/web/skins/classic/views/watch.php +++ b/web/skins/classic/views/watch.php @@ -30,7 +30,7 @@ if ( !isset($_REQUEST['mid']) ) { // This is for input sanitation $mid = intval($_REQUEST['mid']); -if ( ! visibleMonitor($mid) ) { +if ( !visibleMonitor($mid) ) { $view = 'error'; return; } @@ -114,23 +114,40 @@ if ( $streamMode == 'jpeg' ) { if ( $streamMode == 'jpeg' ) { if ( $monitor->StreamReplayBuffer() != 0 ) { ?> - - + + - - - + + + StreamReplayBuffer() != 0 ) { ?> - - + + - + From b1bcfe8a9b6f4ff380a24f377b6f20768be8f745 Mon Sep 17 00:00:00 2001 From: Isaac Connor Date: Thu, 26 Sep 2019 16:26:28 -0400 Subject: [PATCH 642/922] fix backtrace --- web/includes/Object.php | 1 + 1 file changed, 1 insertion(+) diff --git a/web/includes/Object.php b/web/includes/Object.php index bc18476fd..fec0a3ff5 100644 --- a/web/includes/Object.php +++ b/web/includes/Object.php @@ -92,6 +92,7 @@ class ZM_Object { if ( is_integer($options['limit']) or ctype_digit($options['limit']) ) { $sql .= ' LIMIT ' . $options['limit']; } else { + $backTrace = debug_backtrace(); Error('Invalid value for limit('.$options['limit'].') passed to '.get_class()."::find from ".print_r($backTrace,true)); return array(); } From ebcacaa660821274f5e78170c2cf36ec21e43674 Mon Sep 17 00:00:00 2001 From: Isaac Connor Date: Thu, 26 Sep 2019 16:26:37 -0400 Subject: [PATCH 643/922] Use material icons for buttons --- web/skins/classic/views/event.php | 48 +++++++++++++++++++++---------- 1 file changed, 33 insertions(+), 15 deletions(-) diff --git a/web/skins/classic/views/event.php b/web/skins/classic/views/event.php index 2607d18f8..b271343f1 100644 --- a/web/skins/classic/views/event.php +++ b/web/skins/classic/views/event.php @@ -213,15 +213,33 @@ if ( ZM_WEB_STREAM_METHOD == 'mpeg' && ZM_MPEG_LIVE_FORMAT ) {

- - - - - - - - - + + + + + + + + +

: Replay @@ -255,12 +273,12 @@ if ( ZM_WEB_STREAM_METHOD == 'mpeg' && ZM_MPEG_LIVE_FORMAT ) {
- - - - - - + + + + + +
From 8940ca420ca5865529e6a2f99a9eb31bcaba660b Mon Sep 17 00:00:00 2001 From: Isaac Connor Date: Thu, 26 Sep 2019 17:23:58 -0400 Subject: [PATCH 644/922] Use iconzm docker for disco --- .travis.yml | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/.travis.yml b/.travis.yml index 3cc4464a4..d53caf21a 100644 --- a/.travis.yml +++ b/.travis.yml @@ -38,7 +38,7 @@ env: - SMPFLAGS=-j4 OS=ubuntu DIST=trusty - SMPFLAGS=-j4 OS=ubuntu DIST=xenial - SMPFLAGS=-j4 OS=ubuntu DIST=bionic DOCKER_REPO=iconzm/packpack - - SMPFLAGS=-j4 OS=ubuntu DIST=disco + - SMPFLAGS=-j4 OS=ubuntu DIST=disco DOCKER_REPO=iconzm/packpack - SMPFLAGS=-j4 OS=debian DIST=buster DOCKER_REPO=iconzm/packpack - SMPFLAGS=-j4 OS=debian DIST=stretch DOCKER_REPO=iconzm/packpack - SMPFLAGS=-j4 OS=ubuntu DIST=trusty ARCH=i386 From 7479d3f1f145ff6ae4335a379b61a47d55ddbc77 Mon Sep 17 00:00:00 2001 From: externo6 Date: Sat, 28 Sep 2019 13:03:16 +0100 Subject: [PATCH 645/922] Add LIKE and NOT LIKE to filter options This is useful for filtering notes. EG filtering detected objects from zmeventnofification; WHERE notes LIKE %detect% WHERE notes NOT LIKE %car% --- web/includes/functions.php | 2 ++ web/lang/en_gb.php | 2 ++ web/skins/classic/views/filter.php | 2 ++ 3 files changed, 6 insertions(+) diff --git a/web/includes/functions.php b/web/includes/functions.php index 7d8ace272..fc4c398c5 100644 --- a/web/includes/functions.php +++ b/web/includes/functions.php @@ -1275,6 +1275,8 @@ function parseFilter(&$filter, $saveToSession=false, $querySep='&') { case '>' : case '<' : case '<=' : + case 'LIKE' : + case 'NOT LIKE': $filter['sql'] .= ' '.$term['op'].' '. $value; break; case '=~' : diff --git a/web/lang/en_gb.php b/web/lang/en_gb.php index b2890a605..38799c9a0 100644 --- a/web/lang/en_gb.php +++ b/web/lang/en_gb.php @@ -579,6 +579,8 @@ $SLANG = array( 'OpNotMatches' => 'does not match', 'OpIs' => 'is', 'OpIsNot' => 'is not', + 'OpLike' => 'like', + 'OpNotLike' => 'not like', 'OptionalEncoderParam' => 'Optional Encoder Parameters', 'OptionHelp' => 'Option Help', 'OptionRestartWarning' => 'These changes may not come into effect fully\nwhile the system is running. When you have\nfinished making your changes please ensure that\nyou restart ZoneMinder.', diff --git a/web/skins/classic/views/filter.php b/web/skins/classic/views/filter.php index 67eaf7fc2..425e914c9 100644 --- a/web/skins/classic/views/filter.php +++ b/web/skins/classic/views/filter.php @@ -115,6 +115,8 @@ $opTypes = array( '![]' => translate('OpNotIn'), 'IS' => translate('OpIs'), 'IS NOT' => translate('OpIsNot'), + 'LIKE' => translate('OpLike'), + 'NOT LIKE' => translate('OpNotLike'), ); $archiveTypes = array( From 7a3134ae5eeab890f29367f2f7097b975e20db70 Mon Sep 17 00:00:00 2001 From: Isaac Connor Date: Sat, 28 Sep 2019 10:26:50 -0400 Subject: [PATCH 646/922] Fix restart login in functions. Only start zmc if function is not None and start zma if it isn't None or NoDect. Even if disabled, we still run zma so that we can send it a signal to enable motion detection. --- web/includes/actions/function.php | 6 +++--- 1 file changed, 3 insertions(+), 3 deletions(-) diff --git a/web/includes/actions/function.php b/web/includes/actions/function.php index f60b98fda..ebdc416fc 100644 --- a/web/includes/actions/function.php +++ b/web/includes/actions/function.php @@ -45,10 +45,10 @@ if ( $action == 'function' ) { $monitor['Function'] = $newFunction; $monitor['Enabled'] = $newEnabled; if ( daemonCheck() && ($monitor['Type'] != 'WebSite') ) { - $restart = ($oldFunction == 'None') || ($newFunction == 'None') || ($newEnabled != $oldEnabled); zmaControl($monitor, 'stop'); - zmcControl($monitor, $restart?'restart':''); - zmaControl($monitor, 'start'); + zmcControl($monitor, ($newFunction != 'None') ? 'restart' : 'stop'); + if ( $newFunction != 'None' && $newFunction != 'NoDect' ) + zmaControl($monitor, 'start'); } $refreshParent = true; } else { From f3f253c083f697242a3e995c3ce421462849aa6a Mon Sep 17 00:00:00 2001 From: Isaac Connor Date: Sat, 28 Sep 2019 11:55:28 -0400 Subject: [PATCH 647/922] Query was renamed to Query_json --- db/zm_create.sql.in | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/db/zm_create.sql.in b/db/zm_create.sql.in index 698e466fa..76451379a 100644 --- a/db/zm_create.sql.in +++ b/db/zm_create.sql.in @@ -282,7 +282,7 @@ DROP TABLE IF EXISTS `Filters`; CREATE TABLE `Filters` ( `Id` int(10) unsigned NOT NULL auto_increment, `Name` varchar(64) NOT NULL default '', - `Query` text NOT NULL, + `Query_json` text NOT NULL, `AutoArchive` tinyint(3) unsigned NOT NULL default '0', `AutoVideo` tinyint(3) unsigned NOT NULL default '0', `AutoUpload` tinyint(3) unsigned NOT NULL default '0', From 30b5612691f243328739c810db1a6f0ad256c85d Mon Sep 17 00:00:00 2001 From: Isaac Connor Date: Sat, 28 Sep 2019 12:57:00 -0400 Subject: [PATCH 648/922] fix case of sql --- src/zm_event.cpp | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/src/zm_event.cpp b/src/zm_event.cpp index a4117729c..e12b76327 100644 --- a/src/zm_event.cpp +++ b/src/zm_event.cpp @@ -448,7 +448,7 @@ void Event::AddFrames( int n_frames, Image **images, struct timeval **timestamps void Event::AddFramesInternal( int n_frames, int start_frame, Image **images, struct timeval **timestamps ) { static char sql[ZM_SQL_LGE_BUFSIZ]; - strncpy(sql, "insert into Frames ( EventId, FrameId, TimeStamp, Delta ) values ", sizeof(sql)); + strncpy(sql, "INSERT INTO Frames ( EventId, FrameId, TimeStamp, Delta ) VALUES ", sizeof(sql)); int frameCount = 0; for ( int i = start_frame; i < n_frames && i - start_frame < ZM_SQL_BATCH_SIZE; i++ ) { if ( timestamps[i]->tv_sec <= 0 ) { From 80e39221659bb6f7604b662c7b0f9e24ed64d421 Mon Sep 17 00:00:00 2001 From: Isaac Connor Date: Sat, 28 Sep 2019 12:57:43 -0400 Subject: [PATCH 649/922] add backWindow function to handle back buttons --- web/skins/classic/js/skin.js | 3 +++ 1 file changed, 3 insertions(+) diff --git a/web/skins/classic/js/skin.js b/web/skins/classic/js/skin.js index c29ef4a84..8a592826f 100644 --- a/web/skins/classic/js/skin.js +++ b/web/skins/classic/js/skin.js @@ -272,6 +272,9 @@ function closeWindow() { function refreshWindow() { window.location.reload( true ); } +function backWindow() { + window.history.back(); +} function refreshParentWindow() { if ( refreshParent ) { From ec9e94b99d772ea2c9a950bba198b77238abd0db Mon Sep 17 00:00:00 2001 From: Isaac Connor Date: Sat, 28 Sep 2019 12:58:01 -0400 Subject: [PATCH 650/922] Don't add checkboxes if can't edit groups --- web/skins/classic/views/groups.php | 11 +++++++---- 1 file changed, 7 insertions(+), 4 deletions(-) diff --git a/web/skins/classic/views/groups.php b/web/skins/classic/views/groups.php index 5ae28a40a..cba26aaea 100644 --- a/web/skins/classic/views/groups.php +++ b/web/skins/classic/views/groups.php @@ -55,7 +55,9 @@ xhtmlHeaders(__FILE__, translate('Groups')); + + @@ -71,10 +73,11 @@ function group_line( $Group ) { } else { $html .= validHtmlStr($Group->Name()); } - $html .= ' - - - '; + $html .= ''; + if ( canEdit('Groups') ) { + $html .= ''; + } + $html .= ''; if ( isset( $children[$Group->Id()] ) ) { foreach ( $children[$Group->Id()] as $G ) { $html .= group_line($G); From deef948964defd60fc21e060a8a776201c6f00ad Mon Sep 17 00:00:00 2001 From: Isaac Connor Date: Sat, 28 Sep 2019 12:58:17 -0400 Subject: [PATCH 651/922] Allow anyone to change their skin --- web/skins/classic/views/options.php | 4 ++-- 1 file changed, 2 insertions(+), 2 deletions(-) diff --git a/web/skins/classic/views/options.php b/web/skins/classic/views/options.php index 102ba2af3..b3f925f8a 100644 --- a/web/skins/classic/views/options.php +++ b/web/skins/classic/views/options.php @@ -79,7 +79,7 @@ if ( $tab == 'skins' ) {
- +
- - +
-
-
+
+
'; +} + if ( $mode == 'overlay' ) { echo drawYGrid( $chart, $majYScale, 'majLabelY', 'majTickY', 'majGridY graphWidth' ); } echo drawXGrid( $chart, $majXScale, 'majLabelX', 'majTickX', 'majGridX graphHeight', 'zoom graphHeight' ); if ( $mode == 'overlay' ) { ?> -
+
$slots ) { foreach ( $slots as $slot ) { - $slotHeight = (int)($slot['value']/$chart['data']['y']['density']); - - if ( $slotHeight <= 0 ) - continue; - - if ( $mouseover ) { - $behaviours = array( - 'onclick="'.getSlotShowEventBehaviour($slot).'"', - 'onmouseover="'.getSlotPreviewEventBehaviour($slot).'"' - ); - } else { - $behaviours = array( - 'onclick="'.getSlotPreviewEventBehaviour($slot).'"' - ); - } -?> -
>
-
-
+
$slot ) { - $slotHeight = (int)($slot['value']/$chart['data']['y']['density']); - - if ( $slotHeight <= 0 ) - continue; - - if ( $mouseover ) { - $behaviours = array( - 'onclick="'.getSlotShowEventBehaviour($slot).'"', - 'onmouseover="'.getSlotPreviewEventBehaviour($slot).'"' - ); - } else { - $behaviours = array( - 'onclick="'.getSlotPreviewEventBehaviour($slot).'"' - ); - } -?> -
>
-
-
>
-
'; + unset( $slot ); } # end if isset($currEventSlots[$i]) } # end foreach width segment + unset ($currEventSlots); ?>
-
-
+
+
- - <?php echo $monitors[$monitorId]['Name'] ?> + Name() ?> +
-
+
From 7271151eb03a66a6b0f8609fb0c7689d96aacd24 Mon Sep 17 00:00:00 2001 From: Isaac Connor Date: Sat, 28 Sep 2019 15:16:25 -0400 Subject: [PATCH 656/922] add some more aspect ratios --- web/skins/classic/css/base/views/timeline.css.php | 4 ++++ 1 file changed, 4 insertions(+) diff --git a/web/skins/classic/css/base/views/timeline.css.php b/web/skins/classic/css/base/views/timeline.css.php index 0512420ab..94c011e82 100644 --- a/web/skins/classic/css/base/views/timeline.css.php +++ b/web/skins/classic/css/base/views/timeline.css.php @@ -25,6 +25,10 @@ switch($max_aspect_ratio){ echo 'padding-top: 56.25%;'; break; case 1.33: echo 'padding-top: 75%;'; break; + case 1.5: + echo 'padding-top: 66.66%'; break; + case 1.6: + echo 'padding-top: 62.5%'; break; default: ZM\Error("Unknown aspect ratio $max_aspect_ratio"); } From 3d6cab83600e49c7f19ec820765a763218b7f41b Mon Sep 17 00:00:00 2001 From: Isaac Connor Date: Sat, 28 Sep 2019 17:57:45 -0400 Subject: [PATCH 657/922] Must force hash regeneration on login. Old hash may be from different user --- web/includes/actions/login.php | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/web/includes/actions/login.php b/web/includes/actions/login.php index 7c494ff3c..6c8312b2f 100644 --- a/web/includes/actions/login.php +++ b/web/includes/actions/login.php @@ -92,7 +92,7 @@ if ( ('login' == $action) && isset($_REQUEST['username']) && ( ZM_AUTH_TYPE == ' $_SESSION['password'] = $_REQUEST['password']; } zm_session_regenerate_id(); - generateAuthHash(ZM_AUTH_HASH_IPS); + generateAuthHash(ZM_AUTH_HASH_IPS, true); if ( $close_session ) session_write_close(); From 90b02beb94be807b8e4505eb4255a8165502603b Mon Sep 17 00:00:00 2001 From: Andrew Bauer Date: Mon, 30 Sep 2019 09:52:41 -0500 Subject: [PATCH 658/922] fix eslint --- web/skins/classic/views/js/timeline.js | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/web/skins/classic/views/js/timeline.js b/web/skins/classic/views/js/timeline.js index b456b8f66..877f31c2d 100644 --- a/web/skins/classic/views/js/timeline.js +++ b/web/skins/classic/views/js/timeline.js @@ -171,7 +171,7 @@ function loadEventImage( imagePath, eid, fid, width, height, fps, videoName, dur imageSrc.setProperty('src', imagePath); imageSrc.setAttribute('data-event-id', eid); imageSrc.setAttribute('data-frame-id', fid); - imageSrc.onclick=window['showEvent'].bind(imageSrc,imageSrc); + imageSrc.onclick=window['showEvent'].bind(imageSrc, imageSrc); } var eventData = $('eventData'); From 9ba8f5c7ffcf32ad1992631207b364bcba556232 Mon Sep 17 00:00:00 2001 From: Andrew Bauer Date: Mon, 30 Sep 2019 10:31:21 -0500 Subject: [PATCH 659/922] Update rsync_xfer.sh --- utils/packpack/rsync_xfer.sh | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/utils/packpack/rsync_xfer.sh b/utils/packpack/rsync_xfer.sh index b6845e10a..fb19fb46d 100755 --- a/utils/packpack/rsync_xfer.sh +++ b/utils/packpack/rsync_xfer.sh @@ -36,7 +36,7 @@ if [ "${TRAVIS_EVENT_TYPE}" == "cron" ] || [ "${OS}" == "debian" ] || [ "${OS}" echo # Don't keep packages older than 5 days - find ./zmrepo/$targetfolder/ -maxdepth 1 -type f -mtime +5 -delete + find -L ./zmrepo/$targetfolder/ -maxdepth 1 -type f -mtime +5 -delete rsync -vzlh --ignore-errors build/* zmrepo/$targetfolder/ fusermount -zu zmrepo else From 2c22a4727f05ed210fc92b7bf0b67ab235d4add3 Mon Sep 17 00:00:00 2001 From: Andrew Bauer Date: Mon, 30 Sep 2019 10:39:29 -0500 Subject: [PATCH 660/922] Update rsync_xfer.sh --- utils/packpack/rsync_xfer.sh | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/utils/packpack/rsync_xfer.sh b/utils/packpack/rsync_xfer.sh index fb19fb46d..e2e7f8ed7 100755 --- a/utils/packpack/rsync_xfer.sh +++ b/utils/packpack/rsync_xfer.sh @@ -36,7 +36,7 @@ if [ "${TRAVIS_EVENT_TYPE}" == "cron" ] || [ "${OS}" == "debian" ] || [ "${OS}" echo # Don't keep packages older than 5 days - find -L ./zmrepo/$targetfolder/ -maxdepth 1 -type f -mtime +5 -delete + find ./zmrepo/$targetfolder/ -maxdepth 1 -type f,l -mtime +5 -delete rsync -vzlh --ignore-errors build/* zmrepo/$targetfolder/ fusermount -zu zmrepo else From 85b16e89b74af6a1972b58aa09f6e73134af4488 Mon Sep 17 00:00:00 2001 From: Isaac Connor Date: Mon, 30 Sep 2019 14:42:10 -0400 Subject: [PATCH 661/922] Fix groups dropdown --- web/includes/Group.php | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/web/includes/Group.php b/web/includes/Group.php index 3478f67f0..e7442b3ed 100644 --- a/web/includes/Group.php +++ b/web/includes/Group.php @@ -65,7 +65,7 @@ class Group extends ZM_Object { session_write_close(); } - return htmlSelect( 'Group[]', Group::get_dropdown_options(), isset($_SESSION['Group'])?$_SESSION['Group']:null, array( + return htmlSelect( 'GroupId[]', Group::get_dropdown_options(), isset($_SESSION['GroupId'])?$_SESSION['GroupId']:null, array( 'data-on-change' => 'submitThisForm', 'class'=>'chosen', 'multiple'=>'multiple', From 09efbfb4f1c262b72f5db585a2f4818692e7ec1b Mon Sep 17 00:00:00 2001 From: Isaac Connor Date: Mon, 30 Sep 2019 15:02:05 -0400 Subject: [PATCH 662/922] Sort groups --- web/includes/Group.php | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/web/includes/Group.php b/web/includes/Group.php index e7442b3ed..b329946a3 100644 --- a/web/includes/Group.php +++ b/web/includes/Group.php @@ -76,7 +76,7 @@ class Group extends ZM_Object { public static function get_dropdown_options() { $Groups = array(); - foreach ( Group::find( ) as $Group ) { + foreach ( Group::find(array(), array('order'=>'lower(Name)')) as $Group ) { $Groups[$Group->Id()] = $Group; } From b4d5d92d86b14ea17880dab17728d049d23029f5 Mon Sep 17 00:00:00 2001 From: Isaac Connor Date: Mon, 30 Sep 2019 15:06:32 -0400 Subject: [PATCH 663/922] Add some non standard resolutions available on some vivotek cameras --- web/skins/classic/views/monitor.php | 4 ++++ 1 file changed, 4 insertions(+) diff --git a/web/skins/classic/views/monitor.php b/web/skins/classic/views/monitor.php index 46d16b082..bb0f8ef05 100644 --- a/web/skins/classic/views/monitor.php +++ b/web/skins/classic/views/monitor.php @@ -873,13 +873,17 @@ if ( $monitor->Type() != 'NVSocket' && $monitor->Type() != 'WebSite' ) { translate('Custom'), '176x120'=>'176x120 QCIF', + '176x144'=>'176x14', '320x240'=>'320x240', + '320x200'=>'320x200', '352x240'=>'352x240 CIF', '640x480'=>'640x480', + '640x400'=>'640x400', '704x240'=>'704x240 2CIF', '704x480'=>'704x480 4CIF', '720x480'=>'720x480 D1', '1280x720'=>'1280x720 720p', + '1280x800'=>'1280x800', '1280x960'=>'1280x960 960p', '1280x1024'=>'1280x1024 1MP', '1600x1200'=>'1600x1200 2MP', From d02aee64e458ba2da3a1e9ae2525f38f15b541fa Mon Sep 17 00:00:00 2001 From: Isaac Connor Date: Wed, 2 Oct 2019 09:07:18 -0400 Subject: [PATCH 664/922] Add setting of timezone to Options/Config instead of php.ini --- .../lib/ZoneMinder/ConfigData.pm.in | 15 +++++++ web/includes/functions.php | 2 +- web/index.php | 1 + web/skins/classic/views/options.php | 44 ++++++++++++++++--- 4 files changed, 56 insertions(+), 6 deletions(-) diff --git a/scripts/ZoneMinder/lib/ZoneMinder/ConfigData.pm.in b/scripts/ZoneMinder/lib/ZoneMinder/ConfigData.pm.in index 2b2a20958..7e1b2d2ac 100644 --- a/scripts/ZoneMinder/lib/ZoneMinder/ConfigData.pm.in +++ b/scripts/ZoneMinder/lib/ZoneMinder/ConfigData.pm.in @@ -162,6 +162,12 @@ our %types = ( pattern => qr|^([a-zA-Z0-9_.-]+)\@([a-zA-Z0-9_.-]+)$|, format => q( $1\@$2 ) }, + timezone => { + db_type => 'string', + hint => 'America/Toronto', + pattern => qr|^(.+)$|, + format => q($1) + } ); our @options = ( @@ -777,6 +783,15 @@ our @options = ( type => $types{string}, category => 'config', }, + { + name => 'ZM_TIMEZONE', + default => 'UTC', + description => 'The timezone that php should use.', + help => q` + This should be set equal to the system timezone of the mysql server`, + type => $types{timezone}, + category => 'system', + }, { name => 'ZM_CPU_EXTENSIONS', default => 'yes', diff --git a/web/includes/functions.php b/web/includes/functions.php index 7d8ace272..236b74f82 100644 --- a/web/includes/functions.php +++ b/web/includes/functions.php @@ -2362,7 +2362,7 @@ function check_timezone() { #"); if ( $sys_tzoffset != $php_tzoffset ) - ZM\Error("ZoneMinder is not installed properly: php's date.timezone does not match the system timezone!"); + ZM\Error("ZoneMinder is not installed properly: php's date.timezone $php_tzoffset does not match the system timezone $sys_tzoffset!"); if ( $sys_tzoffset != $mysql_tzoffset ) ZM\Error("ZoneMinder is not installed properly: mysql's timezone does not match the system timezone! Event lists will display incorrect times."); diff --git a/web/index.php b/web/index.php index 5c2448291..83be992e8 100644 --- a/web/index.php +++ b/web/index.php @@ -202,6 +202,7 @@ isset($action) || $action = NULL; if ( (!$view and !$request) or ($view == 'console') ) { // Verify the system, php, and mysql timezones all match + date_default_timezone_set(ZM_TIMEZONE); check_timezone(); } diff --git a/web/skins/classic/views/options.php b/web/skins/classic/views/options.php index b3f925f8a..aa2ed1e3f 100644 --- a/web/skins/classic/views/options.php +++ b/web/skins/classic/views/options.php @@ -389,6 +389,40 @@ foreach ( array_map('basename', glob('skins/'.$skin.'/css/*',GLOB_ONLYDIR)) as $ $configCats[$tab]['ZM_SKIN_DEFAULT']['Hint'] = join('|', array_map('basename', glob('skins/*',GLOB_ONLYDIR))); $configCats[$tab]['ZM_CSS_DEFAULT']['Hint'] = join('|', array_map ( 'basename', glob('skins/'.ZM_SKIN_DEFAULT.'/css/*',GLOB_ONLYDIR) )); $configCats[$tab]['ZM_BANDWIDTH_DEFAULT']['Hint'] = $bandwidth_options; + function timezone_list() { + static $timezones = null; + + if ($timezones === null) { + $timezones = []; + $offsets = []; + $now = new DateTime('now', new DateTimeZone('UTC')); + + foreach (DateTimeZone::listIdentifiers() as $timezone) { + $now->setTimezone(new DateTimeZone($timezone)); + $offsets[] = $offset = $now->getOffset(); + $timezones[$timezone] = '(' . format_GMT_offset($offset) . ') ' . format_timezone_name($timezone); + } + + array_multisort($offsets, $timezones); + } + + return $timezones; +} + +function format_GMT_offset($offset) { + $hours = intval($offset / 3600); + $minutes = abs(intval($offset % 3600 / 60)); + return 'GMT' . ($offset ? sprintf('%+03d:%02d', $hours, $minutes) : ''); +} + +function format_timezone_name($name) { + $name = str_replace('/', ', ', $name); + $name = str_replace('_', ' ', $name); + $name = str_replace('St ', 'St. ', $name); + return $name; +} + $configCats[$tab]['ZM_TIMEZONE']['Hint'] = timezone_list(); + } ?>
@@ -396,10 +430,10 @@ foreach ( array_map('basename', glob('skins/'.$skin.'/css/*',GLOB_ONLYDIR)) as $ $value ) { - $shortName = preg_replace( '/^ZM_/', '', $name ); - $optionPromptText = !empty($OLANG[$shortName])?$OLANG[$shortName]['Prompt']:$value['Prompt']; + $configCat = $configCats[$tab]; + foreach ( $configCat as $name=>$value ) { + $shortName = preg_replace( '/^ZM_/', '', $name ); + $optionPromptText = !empty($OLANG[$shortName])?$OLANG[$shortName]['Prompt']:$value['Prompt']; ?>
@@ -409,7 +443,7 @@ foreach ( array_map('basename', glob('skins/'.$skin.'/css/*',GLOB_ONLYDIR)) as $ ?> checked="checked"/> From e4b5052fb473a60d6ea1d4149ae41611db2a42f1 Mon Sep 17 00:00:00 2001 From: Isaac Connor Date: Wed, 2 Oct 2019 15:39:04 -0400 Subject: [PATCH 665/922] Add delete from logs ajax capability. Make the clear button use it. Fixes #2620 --- web/ajax/log.php | 128 +++++++++++++++++------------- web/skins/classic/views/js/log.js | 58 ++++++++++---- web/skins/classic/views/log.php | 14 ++-- 3 files changed, 124 insertions(+), 76 deletions(-) diff --git a/web/ajax/log.php b/web/ajax/log.php index 2fd220578..01b64cba0 100644 --- a/web/ajax/log.php +++ b/web/ajax/log.php @@ -4,6 +4,61 @@ # These are the valid columns that you can filter on. $filterFields = array( 'Component', 'ServerId', 'Pid', 'Level', 'File', 'Line' ); +function buildLogQuery($action) { + + $minTime = isset($_REQUEST['minTime'])?$_REQUEST['minTime']:NULL; + $maxTime = isset($_REQUEST['maxTime'])?$_REQUEST['maxTime']:NULL; + + $limit = 100; + if ( isset($_REQUEST['limit']) ) { + if ( ( !is_integer($_REQUEST['limit']) and !ctype_digit($_REQUEST['limit']) ) ) { + ZM\Error('Invalid value for limit ' . $_REQUEST['limit']); + } else { + $limit = $_REQUEST['limit']; + } + } + $sortField = 'TimeKey'; + if ( isset($_REQUEST['sortField']) ) { + if ( !in_array($_REQUEST['sortField'], $filterFields) and ( $_REQUEST['sortField'] != 'TimeKey' ) ) { + ZM\Error('Invalid sort field ' . $_REQUEST['sortField']); + } else { + $sortField = $_REQUEST['sortField']; + } + } + $sortOrder = (isset($_REQUEST['sortOrder']) and ($_REQUEST['sortOrder'] == 'asc')) ? 'asc' : 'desc'; + $filter = isset($_REQUEST['filter']) ? $_REQUEST['filter'] : array(); + + $sql = $action.' FROM Logs'; + $where = array(); + $values = array(); + if ( $minTime ) { + $where[] = 'TimeKey > ?'; + $values[] = $minTime; + } elseif ( $maxTime ) { + $where[] = 'TimeKey < ?'; + $values[] = $maxTime; + } + + foreach ( $filter as $field=>$value ) { + if ( ! in_array($field, $filterFields) ) { + ZM\Error("$field is not in valid filter fields"); + continue; + } + if ( $field == 'Level' ){ + $where[] = $field.' <= ?'; + $values[] = $value; + } else { + $where[] = $field.' = ?'; + $values[] = $value; + } + } + if ( count($where) ) + $sql.= ' WHERE '.join(' AND ', $where); + $sql .= ' ORDER BY '.$sortField.' '.$sortOrder.' LIMIT '.$limit; + + return array('sql'=>$sql, 'values'=>$values); +} + switch ( $_REQUEST['task'] ) { case 'create' : { @@ -21,17 +76,33 @@ switch ( $_REQUEST['task'] ) { $levels = array_flip(ZM\Logger::$codes); if ( !isset($levels[$_POST['level']]) ) - ZM\Panic("Unexpected logger level '".$_POST['level']."'"); + ZM\Panic('Unexpected logger level '.$_POST['level']); $level = $levels[$_POST['level']]; ZM\Logger::fetch()->logPrint($level, $string, $file, $line); } ajaxResponse(); break; + } + case 'delete' : + { + if ( !canEdit('System') ) + ajaxError('Insufficient permissions to delete log entries'); + + $query = buildLogQuery('DELETE'); + $result = dbQuery($query['sql'], $query['values']); + ajaxResponse( array( + 'result'=>'Ok', + 'deleted'=>$result->rowCount(), + ) ); + + } case 'query' : { if ( !canView('System') ) ajaxError('Insufficient permissions to view log entries'); + $total = dbFetchOne('SELECT count(*) AS Total FROM Logs', 'Total'); + $query = buildLogQuery('SELECT *'); $servers = ZM\Server::find(); $servers_by_Id = array(); @@ -40,59 +111,10 @@ switch ( $_REQUEST['task'] ) { $servers_by_Id[$server->Id()] = $server; } - $minTime = isset($_REQUEST['minTime'])?$_REQUEST['minTime']:NULL; - $maxTime = isset($_REQUEST['maxTime'])?$_REQUEST['maxTime']:NULL; - - $limit = 100; - if ( isset($_REQUEST['limit']) ) { - if ( ( !is_integer($_REQUEST['limit']) and !ctype_digit($_REQUEST['limit']) ) ) { - ZM\Error('Invalid value for limit ' . $_REQUEST['limit']); - } else { - $limit = $_REQUEST['limit']; - } - } - $sortField = 'TimeKey'; - if ( isset($_REQUEST['sortField']) ) { - if ( !in_array($_REQUEST['sortField'], $filterFields) and ( $_REQUEST['sortField'] != 'TimeKey' ) ) { - ZM\Error("Invalid sort field " . $_REQUEST['sortField']); - } else { - $sortField = $_REQUEST['sortField']; - } - } - $sortOrder = (isset($_REQUEST['sortOrder']) and ($_REQUEST['sortOrder'] == 'asc')) ? 'asc' : 'desc'; - $filter = isset($_REQUEST['filter']) ? $_REQUEST['filter'] : array(); - - $total = dbFetchOne('SELECT count(*) AS Total FROM Logs', 'Total'); - $sql = 'SELECT * FROM Logs'; - $where = array(); - $values = array(); - if ( $minTime ) { - $where[] = 'TimeKey > ?'; - $values[] = $minTime; - } elseif ( $maxTime ) { - $where[] = 'TimeKey < ?'; - $values[] = $maxTime; - } - - foreach ( $filter as $field=>$value ) { - if ( ! in_array($field, $filterFields) ) { - ZM\Error("$field is not in valid filter fields"); - continue; - } - if ( $field == 'Level' ){ - $where[] = $field.' <= ?'; - $values[] = $value; - } else { - $where[] = $field.' = ?'; - $values[] = $value; - } - } - $options = array(); - if ( count($where) ) - $sql.= ' WHERE '.join(' AND ', $where); - $sql .= ' ORDER BY '.$sortField.' '.$sortOrder.' LIMIT '.$limit; $logs = array(); - foreach ( dbFetchAll($sql, NULL, $values) as $log ) { + $options = array(); + + foreach ( dbFetchAll($query['sql'], NULL, $query['values']) as $log ) { $log['DateTime'] = strftime('%Y-%m-%d %H:%M:%S', intval($log['TimeKey'])); #Warning("TimeKey: " . $log['TimeKey'] . 'Intval:'.intval($log['TimeKey']).' DateTime:'.$log['DateTime']); diff --git a/web/skins/classic/views/js/log.js b/web/skins/classic/views/js/log.js index 369462a9d..3992be33b 100644 --- a/web/skins/classic/views/js/log.js +++ b/web/skins/classic/views/js/log.js @@ -1,4 +1,4 @@ -var logParms = "view=request&request=log&task=query"; +var logParms = 'view=request&request=log&task=query'; var logReq = new Request.JSON( {url: thisUrl, method: 'post', timeout: AJAX_TIMEOUT, link: 'cancel', onSuccess: logResponse} ); var logTimer = undefined; var logTable = undefined; @@ -148,7 +148,7 @@ function logResponse( respObj ) { function refreshLog() { options = {}; - logTable.empty(); + $j('#logTable tbody').empty(); firstLoad = true; maxLogTime = 0; minLogTime = 0; @@ -163,15 +163,41 @@ function expandLog() { fetchPrevLogs(); } +function clearResponse() { + refreshLog(); +} +function clearError() { +} function clearLog() { logReq.cancel(); + + var clearParms = 'view=request&request=log&task=delete'; + var clearReq = new Request.JSON( {url: thisUrl, method: 'post', timeout: AJAX_TIMEOUT, link: 'cancel', onSuccess: clearResponse} ); + var tbody = $(logTable).getElement( 'tbody' ); + var rows = tbody.getElements( 'tr' ); + if ( rows ) { + var minTime = rows[0].getElement('td').get('text'); + clearParms += "&minTime="+encodeURIComponent(minTime); + var maxTime = rows[rows.length-1].getElement('td').get('text'); + clearParms += "&maxTime="+encodeURIComponent(maxTime); + } + var form = $('logForm'); + if ( ! form ) { + console.log("Nothing found for #logForm?"); + } else { + clearReq.send(clearParms+"&"+form.toQueryString()); + } + + +if ( 0 ) { minLogTime = 0; logCount = 0; logTimeout = maxSampleTime; displayLimit = initialDisplayLimit; $('displayLogs').set('text', logCount); options = {}; - logTable.empty(); + $j('#logTable tbody').empty(); +} } function filterLog() { @@ -181,7 +207,7 @@ function filterLog() { var selector = $('filter['+field+']'); if ( ! selector ) { if ( window.console && window.console.log ) { - window.console.log("No selector found for " + field ); + window.console.log('No selector found for ' + field); } return; } @@ -215,14 +241,14 @@ function exportResponse( response ) { function exportFail( request ) { $('exportLog').unspin(); - $('exportErrorText').set('text', request.status+" / "+request.statusText ); + $('exportErrorText').set('text', request.status+' / '+request.statusText ); $('exportError').show(); - Error( "Export request failed: "+request.status+" / "+request.statusText ); + Error('Export request failed: '+request.status+' / '+request.statusText ); } function exportRequest() { var form = $('exportForm'); - $('exportErrorText').set('text', "" ); + $('exportErrorText').set('text', ''); $('exportError').hide(); if ( form.validate() ) { var exportParms = "view=request&request=log&task=export"; @@ -256,7 +282,7 @@ function updateFilterSelectors() { var selector = $('filter['+key+']'); if ( ! selector ) { if ( window.console && window.console.log ) { - window.console.log("No selector found for " + key ); + window.console.log('No selector found for ' + key); } return; } @@ -300,12 +326,12 @@ function initPage() { } ); logTable.addEvent( 'sort', function( tbody, index ) { - var header = tbody.getParent( 'table' ).getElement( 'thead' ); - var columns = header.getElement( 'tr' ).getElements( 'th' ); + var header = tbody.getParent('table').getElement('thead'); + var columns = header.getElement('tr').getElements('th'); var column = columns[index]; - sortReversed = column.hasClass( 'table-th-sort-rev' ); + sortReversed = column.hasClass('table-th-sort-rev'); if ( logCount > displayLimit ) { - var rows = tbody.getElements( 'tr' ); + var rows = tbody.getElements('tr'); var startIndex; if ( sortReversed ) { startIndex = displayLimit; @@ -322,12 +348,12 @@ function initPage() { ); exportFormValidator = new Form.Validator.Inline($('exportForm'), { useTitles: true, - warningPrefix: "", - errorPrefix: "" + warningPrefix: '', + errorPrefix: '' }); - new Asset.css( "css/spinner.css" ); + new Asset.css('css/spinner.css'); fetchNextLogs(); } // Kick everything off -window.addEventListener( 'DOMContentLoaded', initPage ); +window.addEventListener('DOMContentLoaded', initPage); diff --git a/web/skins/classic/views/log.php b/web/skins/classic/views/log.php index c2ce0262e..7dd83ef2a 100644 --- a/web/skins/classic/views/log.php +++ b/web/skins/classic/views/log.php @@ -56,41 +56,41 @@ xhtmlHeaders(__FILE__, translate('SystemLog') );
From 33951ae584e459ecc8854504c6c0bb0d9fe3cc7e Mon Sep 17 00:00:00 2001 From: Isaac Connor Date: Wed, 19 Jun 2019 08:36:37 -0400 Subject: [PATCH 241/922] Print out an error when a monitor is in MONITOR mode because we can't handle alarms. Allow signals to terminate zmu by checking zm_terminate. --- src/zmu.cpp | 20 ++++++++++++-------- 1 file changed, 12 insertions(+), 8 deletions(-) diff --git a/src/zmu.cpp b/src/zmu.cpp index 07f9ae8aa..bd70f8337 100644 --- a/src/zmu.cpp +++ b/src/zmu.cpp @@ -571,14 +571,18 @@ int main(int argc, char *argv[]) { monitor->DumpZoneImage(zoneString); } if ( function & ZMU_ALARM ) { - if ( verbose ) - printf("Forcing alarm on\n"); - monitor->ForceAlarmOn(config.forced_alarm_score, "Forced Web"); - while ( monitor->GetState() != Monitor::ALARM ) { - // Wait for monitor to notice. - usleep(1000); - } - printf("Alarmed event id: %" PRIu64 "\n", monitor->GetLastEventId()); + if ( monitor->GetFunction() == Monitor::Function::MONITOR ) { + printf("A Monitor in monitor mode cannot handle alarms. Please use NoDect\n"); + } else { + if ( verbose ) + printf("Forcing alarm on\n"); + monitor->ForceAlarmOn(config.forced_alarm_score, "Forced Web"); + while ( (monitor->GetState() != Monitor::ALARM) && !zm_terminate ) { + // Wait for monitor to notice. + usleep(1000); + } + printf("Alarmed event id: %" PRIu64 "\n", monitor->GetLastEventId()); + } // end if ! MONITOR } if ( function & ZMU_NOALARM ) { if ( verbose ) From 2d5f84cd22a30a7c813b9aae37f6a74520448877 Mon Sep 17 00:00:00 2001 From: Pliable Pixels Date: Sun, 16 Jun 2019 11:59:23 -0400 Subject: [PATCH 242/922] add event file system path to API (#2639) --- web/api/app/Controller/EventsController.php | 8 ++++++++ 1 file changed, 8 insertions(+) diff --git a/web/api/app/Controller/EventsController.php b/web/api/app/Controller/EventsController.php index 2f6cfd494..2eb5f7280 100644 --- a/web/api/app/Controller/EventsController.php +++ b/web/api/app/Controller/EventsController.php @@ -35,6 +35,7 @@ class EventsController extends AppController { $this->Event->recursive = -1; global $user; + require_once __DIR__ .'/../../../includes/Event.php'; $allowedMonitors = $user ? preg_split('@,@', $user['MonitorIds'], NULL, PREG_SPLIT_NO_EMPTY) : null; if ( $allowedMonitors ) { @@ -87,9 +88,13 @@ class EventsController extends AppController { $events = $this->Paginator->paginate('Event'); // For each event, get the frameID which has the largest score + // also add FS path + foreach ( $events as $key => $value ) { + $EventObj = new ZM\Event($value['Event']['Id']); $maxScoreFrameId = $this->getMaxScoreAlarmFrameId($value['Event']['Id']); $events[$key]['Event']['MaxScoreFrameId'] = $maxScoreFrameId; + $events[$key]['Event']['FileSystemPath'] = $EventObj->Path(); } $this->set(compact('events')); @@ -131,6 +136,9 @@ class EventsController extends AppController { $event['Event']['fileExists'] = $this->Event->fileExists($event['Event']); $event['Event']['fileSize'] = $this->Event->fileSize($event['Event']); + $EventObj = new ZM\Event($id); + $event['Event']['FileSystemPath'] = $EventObj->Path(); + # Also get the previous and next events for the same monitor $event_monitor_neighbors = $this->Event->find('neighbors', array( 'conditions'=>array('Event.MonitorId'=>$event['Event']['MonitorId']) From a6e42e43176d18e8332218c305dde8bde0a5231d Mon Sep 17 00:00:00 2001 From: Pliable Pixels Date: Sun, 16 Jun 2019 11:59:48 -0400 Subject: [PATCH 243/922] remove a password log, corrected PHP version in log (#2627) * remove a password log, corrected PHP version in log * PHP version correction --- web/includes/actions/user.php | 3 +-- 1 file changed, 1 insertion(+), 2 deletions(-) diff --git a/web/includes/actions/user.php b/web/includes/actions/user.php index 988b40be1..a786f78d7 100644 --- a/web/includes/actions/user.php +++ b/web/includes/actions/user.php @@ -32,7 +32,7 @@ if ( $action == 'user' ) { $pass_hash = '"'.password_hash($_REQUEST['newUser']['Password'], PASSWORD_BCRYPT).'"'; } else { $pass_hash = ' PASSWORD('.dbEscape($_REQUEST['newUser']['Password']).') '; - ZM\Info('Cannot use bcrypt as you are using PHP < 5.5'); + ZM\Info('Cannot use bcrypt as you are using PHP < 5.3'); } if ( $_REQUEST['newUser']['Password'] ) { @@ -70,7 +70,6 @@ if ( $action == 'user' ) { } if ( !empty($_REQUEST['newUser']['Password']) ) { - ZM\Info('PASS CMD='.$changes['Password']); $changes['Password'] = 'Password = '.$pass_hash; } From 70a91c7069654be0fef22a514eaabc5e7df8a98f Mon Sep 17 00:00:00 2001 From: Tom Hodder Date: Sun, 16 Jun 2019 17:02:00 +0100 Subject: [PATCH 244/922] WIP: Add pagination to frames.php in classic (#2618) * add pagination to the frames.php results * remove commented code, fix view all paging * removing debugging logging statements * default frames paging to on --- web/includes/functions.php | 20 ++++- web/skins/classic/views/frames.php | 123 +++++++++++++++++++++++++++-- 2 files changed, 134 insertions(+), 9 deletions(-) diff --git a/web/includes/functions.php b/web/includes/functions.php index 29293afde..e1016bb82 100644 --- a/web/includes/functions.php +++ b/web/includes/functions.php @@ -1077,13 +1077,28 @@ function parseSort( $saveToSession=false, $querySep='&' ) { case 'MaxScore' : $sortColumn = 'E.MaxScore'; break; + case 'FramesFrameId' : + $sortColumn = 'F.FrameId'; + break; + case 'FramesType' : + $sortColumn = 'F.Type'; + break; + case 'FramesTimeStamp' : + $sortColumn = 'F.TimeStamp'; + break; + case 'FramesDelta' : + $sortColumn = 'F.Delta'; + break; + case 'FramesScore' : + $sortColumn = 'F.Score'; + break; default: $sortColumn = 'E.StartTime'; break; } - $sortOrder = $_REQUEST['sort_asc']?'asc':'desc'; if ( !$_REQUEST['sort_asc'] ) $_REQUEST['sort_asc'] = 0; + $sortOrder = $_REQUEST['sort_asc']?'asc':'desc'; $sortQuery = $querySep.'sort_field='.validHtmlStr($_REQUEST['sort_field']).$querySep.'sort_asc='.validHtmlStr($_REQUEST['sort_asc']); if ( !isset($_REQUEST['limit']) ) $_REQUEST['limit'] = ''; @@ -1168,6 +1183,9 @@ function parseFilter(&$filter, $saveToSession=false, $querySep='&') { case 'StartDateTime': $filter['sql'] .= 'E.StartTime'; break; + case 'FramesEventId': + $filter['sql'] .= 'F.EventId'; + break; case 'StartDate': $filter['sql'] .= 'to_days( E.StartTime )'; break; diff --git a/web/skins/classic/views/frames.php b/web/skins/classic/views/frames.php index 17ed9c2f2..9a877ae3b 100644 --- a/web/skins/classic/views/frames.php +++ b/web/skins/classic/views/frames.php @@ -22,8 +22,44 @@ if ( !canView('Events') ) { $view = 'error'; return; } + require_once('includes/Frame.php'); -$Event = new ZM\Event($_REQUEST['eid']); + +$countSql = 'SELECT COUNT(*) AS FrameCount FROM Frames AS F WHERE 1 '; +$frameSql = 'SELECT *, unix_timestamp( TimeStamp ) AS UnixTimeStamp FROM Frames AS F WHERE 1 '; + +$eid = $_REQUEST['eid']; + +// override the sort_field handling in parseSort for frames +if ( empty($_REQUEST['sort_field']) ) + $_REQUEST['sort_field'] = 'FramesTimeStamp'; + +if ( !isset($_REQUEST['sort_asc']) ) + $_REQUEST['sort_asc'] = true; + +if( ! isset($_REQUEST['filter'])){ + // generate a dummy filter from the eid for pagination + $_REQUEST['filter'] = array('Query' => array( 'terms' => array( ) ) ); + $_REQUEST['filter'] = addFilterTerm( + $_REQUEST['filter'], + 0, + array( 'cnj' => 'and', 'attr' => 'FramesEventId', 'op' => '=', 'val' => $eid ) + ); +} + +parseSort(); +parseFilter($_REQUEST['filter']); +$filterQuery = $_REQUEST['filter']['query']; + + +if ( $_REQUEST['filter']['sql'] ) { + $countSql .= $_REQUEST['filter']['sql']; + $frameSql .= $_REQUEST['filter']['sql']; +} + +$frameSql .= " ORDER BY $sortColumn $sortOrder,Id $sortOrder"; + +$Event = new ZM\Event($eid); $Monitor = $Event->Monitor(); if ( isset( $_REQUEST['scale'] ) ) { @@ -35,8 +71,40 @@ if ( isset( $_REQUEST['scale'] ) ) { } else { $scale = max(reScale(SCALE_BASE, $Monitor->DefaultScale(), ZM_WEB_DEFAULT_SCALE), SCALE_BASE); } -$sql = 'SELECT *, unix_timestamp(TimeStamp) AS UnixTimeStamp FROM Frames WHERE EventID = ? ORDER BY FrameId'; -$frames = dbFetchAll($sql, NULL, array($_REQUEST['eid'])); + +$page = isset($_REQUEST['page']) ? validInt($_REQUEST['page']) : 1; +$limit = isset($_REQUEST['limit']) ? validInt($_REQUEST['limit']) : 0; + +$nEvents = dbFetchOne($countSql, 'FrameCount' ); + +if ( !empty($limit) && $nEvents > $limit ) { + $nEvents = $limit; +} + +$pages = (int)ceil($nEvents/ZM_WEB_EVENTS_PER_PAGE); + +if ( !empty($page) ) { + if ( $page < 0 ) + $page = 1; + else if ( $pages and ( $page > $pages ) ) + $page = $pages; + + $limitStart = (($page-1)*ZM_WEB_EVENTS_PER_PAGE); + if ( empty( $limit ) ) { + $limitAmount = ZM_WEB_EVENTS_PER_PAGE; + } else { + $limitLeft = $limit - $limitStart; + $limitAmount = ($limitLeft>ZM_WEB_EVENTS_PER_PAGE)?ZM_WEB_EVENTS_PER_PAGE:$limitLeft; + } + $frameSql .= " limit $limitStart, $limitAmount"; +} elseif ( !empty($limit) ) { + $frameSql .= ' limit 0, '.$limit; +} + +$maxShortcuts = 5; +$pagination = getPagination($pages, $page, $maxShortcuts, $sortQuery.'&eid='.$eid.$limitQuery.$filterQuery); + +$frames = dbFetchAll( $frameSql ); $focusWindow = true; @@ -47,18 +115,48 @@ xhtmlHeaders(__FILE__, translate('Frames').' - '.$Event->Id());
+ + + + + + + + - - - - - + + + + + @@ -122,6 +220,15 @@ if ( count($frames) ) { ?>
+ + +

+ +
From 77eb15ff174293e388ec73aa681a6bf9b305e479 Mon Sep 17 00:00:00 2001 From: Isaac Connor Date: Tue, 18 Jun 2019 10:03:14 -0400 Subject: [PATCH 245/922] fix an oninput and use validHtmlStr on ServerNames storageName MonitorName etc in dropdowns --- web/skins/classic/views/filter.php | 16 ++++++++-------- 1 file changed, 8 insertions(+), 8 deletions(-) diff --git a/web/skins/classic/views/filter.php b/web/skins/classic/views/filter.php index da965b4e9..1eb4b71c3 100644 --- a/web/skins/classic/views/filter.php +++ b/web/skins/classic/views/filter.php @@ -137,19 +137,19 @@ for ( $i = 0; $i < 7; $i++ ) { $weekdays[$i] = strftime('%A', mktime(12, 0, 0, 1, $i+1, 2001)); } $states = array(); -foreach ( dbFetchAll('SELECT Id,Name FROM States ORDER BY lower(Name) ASC') as $state_row ) { - $states[$state_row['Id']] = $state_row['Name']; +foreach ( dbFetchAll('SELECT Id, Name FROM States ORDER BY lower(Name) ASC') as $state_row ) { + $states[$state_row['Id']] = validHtmlStr($state_row['Name']); } $servers = array(); $servers['ZM_SERVER_ID'] = 'Current Server'; $servers['NULL'] = 'No Server'; -foreach ( dbFetchAll('SELECT Id,Name FROM Servers ORDER BY lower(Name) ASC') as $server ) { - $servers[$server['Id']] = $server['Name']; +foreach ( dbFetchAll('SELECT Id, Name FROM Servers ORDER BY lower(Name) ASC') as $server ) { + $servers[$server['Id']] = validHtmlStr($server['Name']); } $monitors = array(); -foreach ( dbFetchAll('SELECT Id,Name FROM Monitors ORDER BY Name ASC') as $monitor ) { +foreach ( dbFetchAll('SELECT Id, Name FROM Monitors ORDER BY Name ASC') as $monitor ) { if ( visibleMonitor($monitor['Id']) ) { - $monitors[$monitor['Name']] = $monitor['Name']; + $monitors[$monitor['Name']] = validHtmlStr($monitor['Name']); } } @@ -188,7 +188,7 @@ if ( (null !== $filter->Concurrent()) and $filter->Concurrent() )

- +

@@ -247,7 +247,7 @@ for ( $i=0; $i < count($terms); $i++ ) { - + + + + + +Type() == 'Ffmpeg' ) { +?> + + + + + + + + Type() != 'NVSocket' && $monitor->Type() != 'WebSite' ) { From 0103df9781fdfc99b2a804f9c16c343e146cf698 Mon Sep 17 00:00:00 2001 From: Isaac Connor Date: Tue, 25 Jun 2019 15:35:09 -0400 Subject: [PATCH 295/922] bump verison --- version | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/version b/version index b47971c3e..ca7a1ec9c 100644 --- a/version +++ b/version @@ -1 +1 @@ -1.33.10 +1.33.11 From 679b6b1b2db742b3dfb878a98dd4112c914d05a7 Mon Sep 17 00:00:00 2001 From: Isaac Connor Date: Tue, 25 Jun 2019 15:47:23 -0400 Subject: [PATCH 296/922] remove old qsv code --- src/zm_ffmpeg_camera.cpp | 1 - 1 file changed, 1 deletion(-) diff --git a/src/zm_ffmpeg_camera.cpp b/src/zm_ffmpeg_camera.cpp index fe0211a2e..cd359a64c 100644 --- a/src/zm_ffmpeg_camera.cpp +++ b/src/zm_ffmpeg_camera.cpp @@ -28,7 +28,6 @@ extern "C" { #include "libavutil/time.h" #if HAVE_LIBAVUTIL_HWCONTEXT_H #include "libavutil/hwcontext.h" - #include "libavutil/hwcontext_qsv.h" #endif } #ifndef AV_ERROR_MAX_STRING_SIZE From 5ab4414b11b371e89a549121f387a194468dcfae Mon Sep 17 00:00:00 2001 From: Isaac Connor Date: Tue, 25 Jun 2019 15:58:55 -0400 Subject: [PATCH 297/922] Only include hwaccel support if LIBAVUTIL_HWCONTEXT_H is deifned --- src/zm_ffmpeg_camera.cpp | 4 ++++ 1 file changed, 4 insertions(+) diff --git a/src/zm_ffmpeg_camera.cpp b/src/zm_ffmpeg_camera.cpp index cd359a64c..fbf1d4792 100644 --- a/src/zm_ffmpeg_camera.cpp +++ b/src/zm_ffmpeg_camera.cpp @@ -426,6 +426,7 @@ int FfmpegCamera::OpenFfmpeg() { zm_dump_stream_format(mFormatContext, mVideoStreamId, 0, 0); if ( hwaccel_name != "" ) { +#if HAVE_LIBAVUTIL_HWCONTEXT_H enum AVHWDeviceType type = AV_HWDEVICE_TYPE_NONE; while ( (type = av_hwdevice_iterate_types(type)) != AV_HWDEVICE_TYPE_NONE ) Debug(1, "%s", av_hwdevice_get_type_name(type)); @@ -465,6 +466,9 @@ int FfmpegCamera::OpenFfmpeg() { mVideoCodecContext->hw_device_ctx = av_buffer_ref(hw_device_ctx); hwaccel = true; hwFrame = zm_av_frame_alloc(); +#else + Warning("HWAccel support not compiled in."); +#endif } // end if hwacel_name // Open the codec From a44631a59ddf1fe05df4927f1aa01dc3286d3f13 Mon Sep 17 00:00:00 2001 From: Isaac Connor Date: Tue, 25 Jun 2019 16:35:07 -0400 Subject: [PATCH 298/922] rough in support for ffmpeg 3.4 --- src/zm_ffmpeg_camera.cpp | 46 ++++++++++++++++++++++++++-------------- 1 file changed, 30 insertions(+), 16 deletions(-) diff --git a/src/zm_ffmpeg_camera.cpp b/src/zm_ffmpeg_camera.cpp index fbf1d4792..5d671ee2b 100644 --- a/src/zm_ffmpeg_camera.cpp +++ b/src/zm_ffmpeg_camera.cpp @@ -57,6 +57,32 @@ static enum AVPixelFormat get_hw_format( Error("Failed to get HW surface format."); return AV_PIX_FMT_NONE; } +#if !LIBAVUTIL_VERSION_CHECK(56, 22, 0, 14, 0) +static enum AVPixelFormat find_fmt_by_hw_type(const enum AVHWDeviceType type) { + enum AVPixelFormat fmt; + switch (type) { + case AV_HWDEVICE_TYPE_VAAPI: + fmt = AV_PIX_FMT_VAAPI; + break; + case AV_HWDEVICE_TYPE_DXVA2: + fmt = AV_PIX_FMT_DXVA2_VLD; + break; + case AV_HWDEVICE_TYPE_D3D11VA: + fmt = AV_PIX_FMT_D3D11; + break; + case AV_HWDEVICE_TYPE_VDPAU: + fmt = AV_PIX_FMT_VDPAU; + break; + case AV_HWDEVICE_TYPE_VIDEOTOOLBOX: + fmt = AV_PIX_FMT_VIDEOTOOLBOX; + break; + default: + fmt = AV_PIX_FMT_NONE; + break; + } + return fmt; +} +#endif #endif FfmpegCamera::FfmpegCamera( @@ -392,22 +418,6 @@ int FfmpegCamera::OpenFfmpeg() { mVideoCodecContext->flags2 |= CODEC_FLAG2_FAST | CODEC_FLAG_LOW_DELAY; #endif - AVHWAccel *first_hwaccel = av_hwaccel_next(NULL); - AVHWAccel *temp_hwaccel = first_hwaccel; - AVHWAccel *h264 = NULL; - const char * h264_name = "h264_vaapi"; - while ( temp_hwaccel != NULL ) { - Debug(1,"%s ", temp_hwaccel->name); - if ( strcmp(temp_hwaccel->name, h264_name) == 0 ) { - h264=temp_hwaccel; - } - temp_hwaccel = av_hwaccel_next(temp_hwaccel); - - if ( temp_hwaccel == first_hwaccel ) { - break; - } - } - if ( mVideoCodecContext->codec_id == AV_CODEC_ID_H264 ) { if ( (mVideoCodec = avcodec_find_decoder_by_name("h264_mmal")) == NULL ) { Debug(1, "Failed to find decoder (h264_mmal)" ); @@ -439,6 +449,7 @@ int FfmpegCamera::OpenFfmpeg() { Debug(1, "Found hwdevice %s", av_hwdevice_get_type_name(type)); } +#if LIBAVUTIL_VERSION_CHECK(56, 22, 0, 14, 0) // Get h_pix_fmt for ( int i = 0;; i++ ) { const AVCodecHWConfig *config = avcodec_get_hw_config(mVideoCodec, i); @@ -454,6 +465,9 @@ int FfmpegCamera::OpenFfmpeg() { break; } } // end foreach hwconfig +#else + hw_pix_fmt = find_fmt_by_hw_type(type); +#endif mVideoCodecContext->get_format = get_hw_format; From 7389bbcb2541e1d42a201727d21c31cbe392ada8 Mon Sep 17 00:00:00 2001 From: Isaac Connor Date: Tue, 25 Jun 2019 21:47:19 -0400 Subject: [PATCH 299/922] better debug in selecting hw_format, add CUDA, add setting device for hwaccel --- src/zm_ffmpeg_camera.cpp | 25 ++++++++++++++++--------- 1 file changed, 16 insertions(+), 9 deletions(-) diff --git a/src/zm_ffmpeg_camera.cpp b/src/zm_ffmpeg_camera.cpp index 5d671ee2b..f69e13777 100644 --- a/src/zm_ffmpeg_camera.cpp +++ b/src/zm_ffmpeg_camera.cpp @@ -47,15 +47,18 @@ static enum AVPixelFormat get_hw_format( AVCodecContext *ctx, const enum AVPixelFormat *pix_fmts ) { - const enum AVPixelFormat *p; + const enum AVPixelFormat *p; - for ( p = pix_fmts; *p != -1; p++ ) { - if ( *p == hw_pix_fmt ) - return *p; - } + for ( p = pix_fmts; *p != -1; p++ ) { + if ( *p == hw_pix_fmt ) + return *p; + } - Error("Failed to get HW surface format."); - return AV_PIX_FMT_NONE; + Error("Failed to get HW surface format for %s.", av_get_pix_fmt_name(hw_pix_fmt)); + for ( p = pix_fmts; *p != -1; p++ ) + Error("Available HW surface format was %s.", av_get_pix_fmt_name(*p)); + + return AV_PIX_FMT_NONE; } #if !LIBAVUTIL_VERSION_CHECK(56, 22, 0, 14, 0) static enum AVPixelFormat find_fmt_by_hw_type(const enum AVHWDeviceType type) { @@ -73,6 +76,9 @@ static enum AVPixelFormat find_fmt_by_hw_type(const enum AVHWDeviceType type) { case AV_HWDEVICE_TYPE_VDPAU: fmt = AV_PIX_FMT_VDPAU; break; + case AV_HWDEVICE_TYPE_CUDA: + fmt = AV_PIX_FMT_CUDA; + break; case AV_HWDEVICE_TYPE_VIDEOTOOLBOX: fmt = AV_PIX_FMT_VIDEOTOOLBOX; break; @@ -471,8 +477,9 @@ int FfmpegCamera::OpenFfmpeg() { mVideoCodecContext->get_format = get_hw_format; - Debug(1, "Creating hwdevice"); - if ((ret = av_hwdevice_ctx_create(&hw_device_ctx, type, NULL, NULL, 0)) < 0) { + Debug(1, "Creating hwdevice for %s", (hwaccel_device != "" ? hwaccel_device.c_str() : "")); + if ((ret = av_hwdevice_ctx_create(&hw_device_ctx, type, + (hwaccel_device != "" ? hwaccel_device.c_str(): NULL), NULL, 0)) < 0) { Error("Failed to create specified HW device."); return -1; } From 86e8b5856123f6a59c34a52b79715be815d5ace4 Mon Sep 17 00:00:00 2001 From: Isaac Connor Date: Tue, 25 Jun 2019 22:06:00 -0400 Subject: [PATCH 300/922] move hw_device_ctx under ifdef for HWCONTEXT_H --- src/zm_ffmpeg_camera.h | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/src/zm_ffmpeg_camera.h b/src/zm_ffmpeg_camera.h index 210a67f45..3eb52d1f8 100644 --- a/src/zm_ffmpeg_camera.h +++ b/src/zm_ffmpeg_camera.h @@ -63,8 +63,8 @@ class FfmpegCamera : public Camera { AVFrame *hwFrame; #if HAVE_LIBAVUTIL_HWCONTEXT_H DecodeContext decode; -#endif AVBufferRef *hw_device_ctx = NULL; +#endif // Used to store the incoming packet, it will get copied when queued. // We only ever need one at a time, so instead of constantly allocating From 2a65b339c141fae0175fea896af53918a2761a3d Mon Sep 17 00:00:00 2001 From: Isaac Connor Date: Tue, 25 Jun 2019 22:19:09 -0400 Subject: [PATCH 301/922] init hw_pix_fmt in constructor --- src/zm_ffmpeg_camera.cpp | 5 ++++- 1 file changed, 4 insertions(+), 1 deletion(-) diff --git a/src/zm_ffmpeg_camera.cpp b/src/zm_ffmpeg_camera.cpp index f69e13777..9a3c3a3bc 100644 --- a/src/zm_ffmpeg_camera.cpp +++ b/src/zm_ffmpeg_camera.cpp @@ -151,6 +151,9 @@ FfmpegCamera::FfmpegCamera( have_video_keyframe = false; packetqueue = NULL; error_count = 0; +#if HAVE_LIBAVUTIL_HWCONTEXT_H + hw_pix_fmt = AV_PIX_FMT_NONE; +#endif #if HAVE_LIBSWSCALE mConvertContext = NULL; @@ -915,7 +918,7 @@ int FfmpegCamera::CaptureAndRecord( Image &image, timeval recording, char* event if ( error_count > 0 ) error_count --; zm_dump_video_frame(mRawFrame); #if HAVE_LIBAVUTIL_HWCONTEXT_H - if ( mRawFrame->format == hw_pix_fmt ) { + if ( hw_pix_fmt != mRawFrame->format == hw_pix_fmt ) { /* retrieve data from GPU to CPU */ ret = av_hwframe_transfer_data(hwFrame, mRawFrame, 0); if ( ret < 0 ) { From d26286a170126ca545a1fe41aaa60c7fde123d81 Mon Sep 17 00:00:00 2001 From: Isaac Connor Date: Thu, 27 Jun 2019 03:40:18 -0400 Subject: [PATCH 302/922] fix test for hwtransfer needed --- src/zm_ffmpeg_camera.cpp | 29 ++++++++++++++++------------- 1 file changed, 16 insertions(+), 13 deletions(-) diff --git a/src/zm_ffmpeg_camera.cpp b/src/zm_ffmpeg_camera.cpp index 9a3c3a3bc..9bf257f19 100644 --- a/src/zm_ffmpeg_camera.cpp +++ b/src/zm_ffmpeg_camera.cpp @@ -169,7 +169,7 @@ FfmpegCamera::FfmpegCamera( subpixelorder = ZM_SUBPIX_ORDER_NONE; imagePixFormat = AV_PIX_FMT_GRAY8; } else { - Panic("Unexpected colours: %d",colours); + Panic("Unexpected colours: %d", colours); } } // FfmpegCamera::FfmpegCamera @@ -342,20 +342,18 @@ int FfmpegCamera::OpenFfmpeg() { } AVDictionaryEntry *e=NULL; while ( (e = av_dict_get(opts, "", e, AV_DICT_IGNORE_SUFFIX)) != NULL ) { - Warning( "Option %s not recognized by ffmpeg", e->key); + Warning("Option %s not recognized by ffmpeg", e->key); } av_dict_free(&opts); - Debug(1, "Opened input"); - - Info( "Stream open %s, parsing streams...", mPath.c_str() ); + Info("Stream open %s, parsing streams...", mPath.c_str()); #if !LIBAVFORMAT_VERSION_CHECK(53, 6, 0, 6, 0) Debug(4, "Calling av_find_stream_info"); - if ( av_find_stream_info( mFormatContext ) < 0 ) + if ( av_find_stream_info(mFormatContext) < 0 ) #else Debug(4, "Calling avformat_find_stream_info"); - if ( avformat_find_stream_info( mFormatContext, 0 ) < 0 ) + if ( avformat_find_stream_info(mFormatContext, 0) < 0 ) #endif { Error("Unable to find stream info from %s due to: %s", mPath.c_str(), strerror(errno)); @@ -446,6 +444,7 @@ int FfmpegCamera::OpenFfmpeg() { if ( hwaccel_name != "" ) { #if HAVE_LIBAVUTIL_HWCONTEXT_H +// Print out available types enum AVHWDeviceType type = AV_HWDEVICE_TYPE_NONE; while ( (type = av_hwdevice_iterate_types(type)) != AV_HWDEVICE_TYPE_NONE ) Debug(1, "%s", av_hwdevice_get_type_name(type)); @@ -477,6 +476,7 @@ int FfmpegCamera::OpenFfmpeg() { #else hw_pix_fmt = find_fmt_by_hw_type(type); #endif +Debug(1, "Selected gw_pix_fmt %d %s", hw_pix_fmt, av_get_pix_fmt_name(hw_pix_fmt)); mVideoCodecContext->get_format = get_hw_format; @@ -518,7 +518,6 @@ int FfmpegCamera::OpenFfmpeg() { Debug(1, "HWACCEL not in use"); } - if ( mAudioStreamId >= 0 ) { if ( (mAudioCodec = avcodec_find_decoder( #if LIBAVCODEC_VERSION_CHECK(57, 64, 0, 64, 0) @@ -617,7 +616,7 @@ int FfmpegCamera::OpenFfmpeg() { } #endif #else // HAVE_LIBSWSCALE - Fatal( "You must compile ffmpeg with the --enable-swscale option to use ffmpeg cameras" ); + Fatal("You must compile ffmpeg with the --enable-swscale option to use ffmpeg cameras"); #endif // HAVE_LIBSWSCALE if ( @@ -918,7 +917,7 @@ int FfmpegCamera::CaptureAndRecord( Image &image, timeval recording, char* event if ( error_count > 0 ) error_count --; zm_dump_video_frame(mRawFrame); #if HAVE_LIBAVUTIL_HWCONTEXT_H - if ( hw_pix_fmt != mRawFrame->format == hw_pix_fmt ) { + if ( (hw_pix_fmt != AV_PIX_FMT_NONE) && (mRawFrame->format == hw_pix_fmt) ) { /* retrieve data from GPU to CPU */ ret = av_hwframe_transfer_data(hwFrame, mRawFrame, 0); if ( ret < 0 ) { @@ -1006,7 +1005,7 @@ int FfmpegCamera::transfer_to_image(Image &image, AVFrame *output_frame, AVFrame imagePixFormat, width, height); #endif #if HAVE_LIBSWSCALE - if ( ! mConvertContext ) { + if ( !mConvertContext ) { mConvertContext = sws_getContext( input_frame->width, input_frame->height, @@ -1015,8 +1014,12 @@ int FfmpegCamera::transfer_to_image(Image &image, AVFrame *output_frame, AVFrame imagePixFormat, SWS_BICUBIC, NULL, NULL, NULL); if ( mConvertContext == NULL ) { - Error("Unable to create conversion context for %s", mPath.c_str()); - return -1; + Error("Unable to create conversion context for %s from %s to %s", + mPath.c_str(), + av_get_pix_fmt_name((AVPixelFormat)input_frame->format), + av_get_pix_fmt_name(imagePixFormat) + ); + return -1; } } From 0686f487acd6c9f62ba93e01b2d8933844eb6754 Mon Sep 17 00:00:00 2001 From: Isaac Connor Date: Thu, 27 Jun 2019 04:18:25 -0400 Subject: [PATCH 303/922] %s => %d for error count --- src/zm_ffmpeg_camera.cpp | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/src/zm_ffmpeg_camera.cpp b/src/zm_ffmpeg_camera.cpp index 9bf257f19..781424b8b 100644 --- a/src/zm_ffmpeg_camera.cpp +++ b/src/zm_ffmpeg_camera.cpp @@ -904,7 +904,7 @@ int FfmpegCamera::CaptureAndRecord( Image &image, timeval recording, char* event ret = zm_receive_frame(mVideoCodecContext, mRawFrame, packet); if ( ret < 0 ) { - Warning("Unable to receive frame %d: %s, continuing. error count is %s", + Warning("Unable to receive frame %d: %s, continuing. error count is %d", frameCount, av_make_error_string(ret).c_str(), error_count); error_count += 1; if ( error_count > 100 ) { From 763fe16a0418d54474d2b315594a6cad6cb345d1 Mon Sep 17 00:00:00 2001 From: Isaac Connor Date: Thu, 27 Jun 2019 10:20:23 -0400 Subject: [PATCH 304/922] Google code style, merge some fprintf's --- src/zm_fifo.cpp | 468 +++++++++++++++++++++++++----------------------- 1 file changed, 242 insertions(+), 226 deletions(-) diff --git a/src/zm_fifo.cpp b/src/zm_fifo.cpp index 538b696fa..96e7c845e 100644 --- a/src/zm_fifo.cpp +++ b/src/zm_fifo.cpp @@ -1,14 +1,30 @@ +// +// ZoneMinder Fifo Debug +// Copyright (C) 2019 ZoneMinder LLC +// +// This program is free software; you can redistribute it and/or +// modify it under the terms of the GNU General Public License +// as published by the Free Software Foundation; either version 2 +// of the License, or (at your option) any later version. +// +// This program is distributed in the hope that it will be useful, +// but WITHOUT ANY WARRANTY; without even the implied warranty of +// MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the +// GNU General Public License for more details. +// +// You should have received a copy of the GNU General Public License +// along with this program; if not, write to the Free Software +// Foundation, Inc., 51 Franklin Street, Fifth Floor, Boston, MA 02110-1301 USA. +// + #include -#include -#include +#include #include #include #include - + #include "zm.h" -#include "zm_db.h" #include "zm_time.h" -#include "zm_mpeg.h" #include "zm_signal.h" #include "zm_monitor.h" #include "zm_fifo.h" @@ -17,231 +33,231 @@ static bool zm_fifodbg_inited = false; FILE *zm_fifodbg_log_fd = 0; char zm_fifodbg_log[PATH_MAX] = ""; -static bool zmFifoDbgOpen(){ - if (zm_fifodbg_log_fd) - fclose(zm_fifodbg_log_fd); - zm_fifodbg_log_fd = NULL; - signal(SIGPIPE, SIG_IGN); - FifoStream::fifo_create_if_missing(zm_fifodbg_log); - int fd = open(zm_fifodbg_log,O_WRONLY|O_NONBLOCK|O_TRUNC); - if (fd < 0) - return ( false ); - int res = flock(fd,LOCK_EX | LOCK_NB); - if (res < 0) - { - close(fd); - return ( false ); - } - zm_fifodbg_log_fd = fdopen(fd,"wb"); - if (zm_fifodbg_log_fd == NULL) - { - close(fd); - return ( false ); - } - return ( true ); -} -int zmFifoDbgInit(Monitor *monitor){ - zm_fifodbg_inited = true; - snprintf( zm_fifodbg_log, sizeof(zm_fifodbg_log), "%s/%d/dbgpipe.log", monitor->getStorage()->Path(), monitor->Id() ); - zmFifoDbgOpen(); - return 1; -} -void zmFifoDbgOutput( int hex, const char * const file, const int line, const int level, const char *fstring, ... ){ - char dbg_string[8192]; - va_list arg_ptr; - if (! zm_fifodbg_inited) - return; - if (! zm_fifodbg_log_fd && ! zmFifoDbgOpen()) - return; - - char *dbg_ptr = dbg_string; - va_start( arg_ptr, fstring ); - if ( hex ) - { - unsigned char *data = va_arg( arg_ptr, unsigned char * ); - int len = va_arg( arg_ptr, int ); - int i; - dbg_ptr += snprintf( dbg_ptr, sizeof(dbg_string)-(dbg_ptr-dbg_string), "%d:", len ); - for ( i = 0; i < len; i++ ) - { - dbg_ptr += snprintf( dbg_ptr, sizeof(dbg_string)-(dbg_ptr-dbg_string), " %02x", data[i] ); - } - } - else - { - dbg_ptr += vsnprintf( dbg_ptr, sizeof(dbg_string)-(dbg_ptr-dbg_string), fstring, arg_ptr ); - } - va_end(arg_ptr); - strncpy( dbg_ptr++, "\n", 1); - int res = fwrite( dbg_string, dbg_ptr-dbg_string, 1, zm_fifodbg_log_fd ); - if (res != 1){ - fclose(zm_fifodbg_log_fd); - zm_fifodbg_log_fd = NULL; - } - else - { - fflush(zm_fifodbg_log_fd); - } -} -bool FifoStream::sendRAWFrames(){ - static unsigned char buffer[RAW_BUFFER]; - int fd = open(stream_path,O_RDONLY); - if (fd < 0) - { - Error( "Can't open %s: %s", stream_path, strerror(errno)); - return( false ); - } - while( (bytes_read = read(fd,buffer,RAW_BUFFER)) ) - { - if (bytes_read == 0) - continue; - if (bytes_read < 0) - { - Error( "Problem during reading: %s", strerror(errno)); - close(fd); - return( false ); - } - if ( fwrite( buffer, bytes_read, 1, stdout ) != 1){ - Error( "Problem during writing: %s", strerror(errno)); - close(fd); - return( false ); - } - fflush( stdout ); - } - close(fd); - return ( true ); +static bool zmFifoDbgOpen() { + if ( zm_fifodbg_log_fd ) + fclose(zm_fifodbg_log_fd); + zm_fifodbg_log_fd = NULL; + signal(SIGPIPE, SIG_IGN); + FifoStream::fifo_create_if_missing(zm_fifodbg_log); + int fd = open(zm_fifodbg_log, O_WRONLY|O_NONBLOCK|O_TRUNC); + if ( fd < 0 ) + return false; + int res = flock(fd, LOCK_EX | LOCK_NB); + if ( res < 0 ) { + close(fd); + return false; + } + zm_fifodbg_log_fd = fdopen(fd, "wb"); + if ( zm_fifodbg_log_fd == NULL ) { + close(fd); + return false; + } + return true; } -void FifoStream::file_create_if_missing(const char * path, bool is_fifo,bool delete_fake_fifo){ - static struct stat st; - if(stat(path,&st) == 0){ - - if (! is_fifo || S_ISFIFO(st.st_mode) || ! delete_fake_fifo) - return; - Debug(5, "Supposed to be a fifo pipe but isn't, unlinking: %s", path); - unlink(path); - } - int fd; - if (! is_fifo){ - Debug(5, "Creating non fifo file as requested: %s", path); - fd = open(path,O_CREAT|O_WRONLY,S_IRUSR|S_IWUSR); - close(fd); - return; - } - Debug(5, "Making fifo file of: %s", path); - mkfifo(path,S_IRUSR|S_IWUSR); -} -void FifoStream::fifo_create_if_missing(const char * path, bool delete_fake_fifo){ - file_create_if_missing(path,true,delete_fake_fifo); -} -bool FifoStream::sendMJEGFrames(){ - static unsigned char buffer[ZM_MAX_IMAGE_SIZE]; - int fd = open(stream_path,O_RDONLY); - if (fd < 0) - { - Error( "Can't open %s: %s", stream_path, strerror(errno)); - return( false ); - } - total_read = 0; - while( (bytes_read = read(fd,buffer+total_read,ZM_MAX_IMAGE_SIZE-total_read)) ) - { - if (bytes_read < 0) - { - Error( "Problem during reading: %s", strerror(errno)); - close(fd); - return( false ); - } - total_read+=bytes_read; - } - close(fd); - if (total_read == 0) - return( true ); - if (frame_count%frame_mod != 0) - return (true ); - if (fprintf( stdout, "--ZoneMinderFrame\r\n" ) < 0 ) - { - Error( "Problem during writing: %s", strerror(errno)); - return( false ); - } - - fprintf( stdout, "Content-Type: image/jpeg\r\n" ); - fprintf( stdout, "Content-Length: %d\r\n\r\n", total_read ); - if ( fwrite( buffer, total_read, 1, stdout ) != 1){ - Error( "Problem during reading: %s", strerror(errno)); - return( false ); - } - fprintf( stdout, "\r\n\r\n" ); - fflush( stdout); - last_frame_sent = TV_2_FLOAT( now ); - frame_count++; - return( true ); +int zmFifoDbgInit(Monitor *monitor) { + zm_fifodbg_inited = true; + snprintf(zm_fifodbg_log, sizeof(zm_fifodbg_log), "%s/%d/dbgpipe.log", + monitor->getStorage()->Path(), monitor->Id()); + zmFifoDbgOpen(); + return 1; } -void FifoStream::setStreamStart( const char * path ){ - stream_path = strdup(path); -} -void FifoStream::setStreamStart( int monitor_id, const char * format ){ - char diag_path[PATH_MAX]; - const char * filename; - Monitor * monitor = Monitor::Load(monitor_id, false, Monitor::QUERY); - - if (! strcmp(format,"reference") ) - { - stream_type = MJPEG; - filename = "diagpipe-r.jpg"; - } - else if (! strcmp(format,"delta")) - { - filename = "diagpipe-d.jpg"; - stream_type = MJPEG; - } - else - { - stream_type = RAW; - filename = "dbgpipe.log"; - } +void zmFifoDbgOutput( + int hex, + const char * const file, + const int line, + const int level, + const char *fstring, + ... + ) { + char dbg_string[8192]; + int str_size = sizeof(dbg_string); - snprintf( diag_path, sizeof(diag_path), "%s/%d/%s", monitor->getStorage()->Path(), monitor->Id(), filename ); - setStreamStart(diag_path); -} -void FifoStream::runStream(){ - if (stream_type == MJPEG) - fprintf( stdout, "Content-Type: multipart/x-mixed-replace;boundary=ZoneMinderFrame\r\n\r\n" ); - else - fprintf( stdout, "Content-Type: text/html\r\n\r\n" ); + va_list arg_ptr; + if ( (!zm_fifodbg_inited) || ( !zm_fifodbg_log_fd && !zmFifoDbgOpen() ) ) + return; - char lock_file[PATH_MAX]; - strcpy(lock_file,stream_path); - strcat(lock_file,".rlock"); - file_create_if_missing(lock_file,false); - int fd_lock = open(lock_file,O_RDONLY); - if (fd_lock < 0) - { - Error( "Can't open %s: %s", lock_file, strerror(errno)); - return; - } - int res = flock(fd_lock,LOCK_EX | LOCK_NB); - if (res < 0) - { - Error( "Flocking problem on %s: - %s", lock_file, strerror(errno) ); - close(fd_lock); - return; - } - - while( !zm_terminate ) - { - gettimeofday( &now, NULL ); - checkCommandQueue(); - if (stream_type == MJPEG) - { - if (! sendMJEGFrames()) - zm_terminate = true; - } - else - { - if (! sendRAWFrames()) - zm_terminate = true; - } - } - close(fd_lock); + char *dbg_ptr = dbg_string; + va_start(arg_ptr, fstring); + if ( hex ) { + unsigned char *data = va_arg(arg_ptr, unsigned char *); + int len = va_arg(arg_ptr, int); + dbg_ptr += snprintf(dbg_ptr, str_size-(dbg_ptr-dbg_string), "%d:", len); + for ( int i = 0; i < len; i++ ) { + dbg_ptr += snprintf(dbg_ptr, str_size-(dbg_ptr-dbg_string), " %02x", data[i]); + } + } else { + dbg_ptr += vsnprintf(dbg_ptr, str_size-(dbg_ptr-dbg_string), fstring, arg_ptr); + } + va_end(arg_ptr); + strncpy(dbg_ptr++, "\n", 1); + int res = fwrite(dbg_string, dbg_ptr-dbg_string, 1, zm_fifodbg_log_fd); + if ( res != 1 ) { + fclose(zm_fifodbg_log_fd); + zm_fifodbg_log_fd = NULL; + } else { + fflush(zm_fifodbg_log_fd); + } +} + +bool FifoStream::sendRAWFrames() { + static unsigned char buffer[RAW_BUFFER]; + int fd = open(stream_path, O_RDONLY); + if ( fd < 0 ) { + Error("Can't open %s: %s", stream_path, strerror(errno)); + return false; + } + while ( (bytes_read = read(fd, buffer, RAW_BUFFER)) ) { + if ( bytes_read == 0 ) + continue; + if ( bytes_read < 0 ) { + Error("Problem during reading: %s", strerror(errno)); + close(fd); + return false; + } + if ( fwrite(buffer, bytes_read, 1, stdout) != 1 ) { + Error("Problem during writing: %s", strerror(errno)); + close(fd); + return false; + } + fflush(stdout); + } + close(fd); + return true; +} + +void FifoStream::file_create_if_missing( + const char * path, + bool is_fifo, + bool delete_fake_fifo + ) { + static struct stat st; + if ( stat(path, &st) == 0 ) { + if ( (!is_fifo) || S_ISFIFO(st.st_mode) || !delete_fake_fifo ) + return; + Debug(5, "Supposed to be a fifo pipe but isn't, unlinking: %s", path); + unlink(path); + } + int fd; + if ( !is_fifo ) { + Debug(5, "Creating non fifo file as requested: %s", path); + fd = open(path, O_CREAT|O_WRONLY, S_IRUSR|S_IWUSR); + close(fd); + return; + } + Debug(5, "Making fifo file of: %s", path); + mkfifo(path, S_IRUSR|S_IWUSR); +} + +void FifoStream::fifo_create_if_missing( + const char * path, + bool delete_fake_fifo + ) { + file_create_if_missing(path, true, delete_fake_fifo); +} + +bool FifoStream::sendMJEGFrames() { + static unsigned char buffer[ZM_MAX_IMAGE_SIZE]; + int fd = open(stream_path, O_RDONLY); + if ( fd < 0 ) { + Error("Can't open %s: %s", stream_path, strerror(errno)); + return false; + } + total_read = 0; + while ( + (bytes_read = read(fd, buffer+total_read, ZM_MAX_IMAGE_SIZE-total_read)) + ) { + if ( bytes_read < 0 ) { + Error("Problem during reading: %s", strerror(errno)); + close(fd); + return false; + } + total_read += bytes_read; + } + close(fd); + + if ( (total_read == 0) || (frame_count%frame_mod != 0) ) + return true; + + if ( fprintf(stdout, + "--ZoneMinderFrame\r\n" + "Content-Type: image/jpeg\r\n" + "Content-Length: %d\r\n\r\n", + total_read) < 0 ) { + Error("Problem during writing: %s", strerror(errno)); + return false; + } + + if ( fwrite(buffer, total_read, 1, stdout) != 1 ) { + Error("Problem during reading: %s", strerror(errno)); + return false; + } + fprintf(stdout, "\r\n\r\n"); + fflush(stdout); + last_frame_sent = TV_2_FLOAT(now); + frame_count++; + return true; +} + +void FifoStream::setStreamStart(const char * path) { + stream_path = strdup(path); +} + +void FifoStream::setStreamStart(int monitor_id, const char * format) { + char diag_path[PATH_MAX]; + const char * filename; + Monitor * monitor = Monitor::Load(monitor_id, false, Monitor::QUERY); + + if ( !strcmp(format, "reference") ) { + stream_type = MJPEG; + filename = "diagpipe-r.jpg"; + } else if ( !strcmp(format, "delta") ) { + filename = "diagpipe-d.jpg"; + stream_type = MJPEG; + } else { + stream_type = RAW; + filename = "dbgpipe.log"; + } + + snprintf(diag_path, sizeof(diag_path), "%s/%d/%s", + monitor->getStorage()->Path(), monitor->Id(), filename); + setStreamStart(diag_path); +} + +void FifoStream::runStream() { + if ( stream_type == MJPEG ) { + fprintf(stdout, "Content-Type: multipart/x-mixed-replace;boundary=ZoneMinderFrame\r\n\r\n"); + } else { + fprintf(stdout, "Content-Type: text/html\r\n\r\n"); + } + + char lock_file[PATH_MAX]; + snprintf(lock_file, sizeof(lock_file), "%s.rlock", stream_path); + file_create_if_missing(lock_file, false); + + int fd_lock = open(lock_file, O_RDONLY); + if ( fd_lock < 0 ) { + Error("Can't open %s: %s", lock_file, strerror(errno)); + return; + } + int res = flock(fd_lock, LOCK_EX | LOCK_NB); + if ( res < 0 ) { + Error("Flocking problem on %s: - %s", lock_file, strerror(errno)); + close(fd_lock); + return; + } + + while ( !zm_terminate ) { + gettimeofday(&now, NULL); + checkCommandQueue(); + if ( stream_type == MJPEG ) { + if ( !sendMJEGFrames() ) + zm_terminate = true; + } else { + if ( !sendRAWFrames() ) + zm_terminate = true; + } + } + close(fd_lock); } From 6a87ae0fa79ff7bb73e8de8db2fb3dfce049e1fa Mon Sep 17 00:00:00 2001 From: Isaac Connor Date: Thu, 27 Jun 2019 10:24:51 -0400 Subject: [PATCH 305/922] fix compile warning by copying two bytes, which will grab the \0 after the \n --- src/zm_fifo.cpp | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/src/zm_fifo.cpp b/src/zm_fifo.cpp index 96e7c845e..0c0f836bd 100644 --- a/src/zm_fifo.cpp +++ b/src/zm_fifo.cpp @@ -91,7 +91,7 @@ void zmFifoDbgOutput( dbg_ptr += vsnprintf(dbg_ptr, str_size-(dbg_ptr-dbg_string), fstring, arg_ptr); } va_end(arg_ptr); - strncpy(dbg_ptr++, "\n", 1); + strncpy(dbg_ptr++, "\n", 2); int res = fwrite(dbg_string, dbg_ptr-dbg_string, 1, zm_fifodbg_log_fd); if ( res != 1 ) { fclose(zm_fifodbg_log_fd); From 6ed29a3d563f508da1619431964219b4cccaaaaf Mon Sep 17 00:00:00 2001 From: Isaac Connor Date: Thu, 27 Jun 2019 10:29:47 -0400 Subject: [PATCH 306/922] Google code style, ifdef out all the extra includs that shouldn't be in the .h --- src/zm_fifo.h | 93 ++++++++++++++++++++++++++++++++------------------- 1 file changed, 59 insertions(+), 34 deletions(-) diff --git a/src/zm_fifo.h b/src/zm_fifo.h index 8d1b1ae8c..065fd569c 100644 --- a/src/zm_fifo.h +++ b/src/zm_fifo.h @@ -1,6 +1,25 @@ +// +// ZoneMinder Fifo Debug +// Copyright (C) 2019 ZoneMinder LLC +// +// This program is free software; you can redistribute it and/or +// modify it under the terms of the GNU General Public License +// as published by the Free Software Foundation; either version 2 +// of the License, or (at your option) any later version. +// +// This program is distributed in the hope that it will be useful, +// but WITHOUT ANY WARRANTY; without even the implied warranty of +// MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the +// GNU General Public License for more details. +// +// You should have received a copy of the GNU General Public License +// along with this program; if not, write to the Free Software +// Foundation, Inc., 51 Franklin Street, Fifth Floor, Boston, MA 02110-1301 USA. +// #ifndef ZM_FIFO_H #define ZM_FIFO_H +#if 0 #include #include #include @@ -13,49 +32,55 @@ #include "zm.h" #include "zm_image.h" +#endif #include "zm_monitor.h" #include "zm_stream.h" - -#define zmFifoDbgPrintf(level,params...) {\ - zmFifoDbgOutput( 0, __FILE__, __LINE__, level, ##params );\ - } +#define zmFifoDbgPrintf(level, params...) {\ + zmFifoDbgOutput(0, __FILE__, __LINE__, level, ##params);\ + } #ifndef ZM_DBG_OFF -#define FifoDebug(level,params...) zmFifoDbgPrintf(level,##params) +#define FifoDebug(level, params...) zmFifoDbgPrintf(level, ##params) #else -#define FifoDebug(level,params...) +#define FifoDebug(level, params...) #endif -void zmFifoDbgOutput( int hex, const char * const file, const int line, const int level, const char *fstring, ... ) __attribute__ ((format(printf, 5, 6))); +void zmFifoDbgOutput( + int hex, + const char * const file, + const int line, + const int level, + const char *fstring, + ...) __attribute__((format(printf, 5, 6))); int zmFifoDbgInit(Monitor * monitor); -class FifoStream : public StreamBase -{ +class FifoStream : public StreamBase { + private: + char * stream_path; + int fd; + int total_read; + int bytes_read; + unsigned int frame_count; + static void file_create_if_missing( + const char * path, + bool is_fifo, + bool delete_fake_fifo = true + ); -private: - char * stream_path; - int fd; - int total_read; - int bytes_read; - unsigned int frame_count; - static void file_create_if_missing(const char * path, bool is_fifo, bool delete_fake_fifo=true); + protected: + typedef enum { MJPEG, RAW } StreamType; + StreamType stream_type; + bool sendMJEGFrames(); + bool sendRAWFrames(); + void processCommand(const CmdMsg *msg) {} -protected: - typedef enum { MJPEG, RAW } StreamType; - StreamType stream_type; - bool sendMJEGFrames( ); - bool sendRAWFrames( ); - void processCommand( const CmdMsg *msg ) {}; - -public: - FifoStream(){ - - - } - static void fifo_create_if_missing(const char * path,bool delete_fake_fifo=true); - void setStreamStart( const char * path ); - void setStreamStart( int monitor_id, const char * format ); - - void runStream(); + public: + FifoStream() {} + static void fifo_create_if_missing( + const char * path, + bool delete_fake_fifo = true); + void setStreamStart(const char * path); + void setStreamStart(int monitor_id, const char * format); + void runStream(); }; -#endif +#endif // ZM_FIFO_H From dd57fd95ce4060cf9d4cc7273810a740d1fd316e Mon Sep 17 00:00:00 2001 From: Isaac Connor Date: Thu, 27 Jun 2019 11:11:14 -0400 Subject: [PATCH 307/922] Clean up cruft from videostore api. Fix packetqueue clear_unwanted_packets to take a pre_event_count and take it into consideration when finding the right spot in the queue to start recording. --- src/zm_ffmpeg_camera.cpp | 9 ++---- src/zm_ffmpeg_camera.h | 1 - src/zm_packetqueue.cpp | 53 +++++++++++++++++++++++++++++------ src/zm_packetqueue.h | 2 +- src/zm_remote_camera_rtsp.cpp | 1 - src/zm_videostore.cpp | 1 - src/zm_videostore.h | 1 - 7 files changed, 47 insertions(+), 21 deletions(-) diff --git a/src/zm_ffmpeg_camera.cpp b/src/zm_ffmpeg_camera.cpp index 781424b8b..5e403b468 100644 --- a/src/zm_ffmpeg_camera.cpp +++ b/src/zm_ffmpeg_camera.cpp @@ -145,7 +145,6 @@ FfmpegCamera::FfmpegCamera( mRawFrame = NULL; mFrame = NULL; frameCount = 0; - startTime = 0; mCanCapture = false; videoStore = NULL; have_video_keyframe = false; @@ -360,7 +359,6 @@ int FfmpegCamera::OpenFfmpeg() { return -1; } - startTime = av_gettime();//FIXME here or after find_Stream_info Debug(4, "Got stream info"); // Find first video stream present @@ -784,7 +782,6 @@ int FfmpegCamera::CaptureAndRecord( Image &image, timeval recording, char* event videoStore = new VideoStore((const char *) event_file, "mp4", mFormatContext->streams[mVideoStreamId], NULL, - startTime, this->getMonitor()); } else { @@ -792,7 +789,6 @@ int FfmpegCamera::CaptureAndRecord( Image &image, timeval recording, char* event videoStore = new VideoStore((const char *) event_file, "mp4", mFormatContext->streams[mVideoStreamId], mFormatContext->streams[mAudioStreamId], - startTime, this->getMonitor()); } } else { @@ -802,7 +798,6 @@ int FfmpegCamera::CaptureAndRecord( Image &image, timeval recording, char* event videoStore = new VideoStore((const char *) event_file, "mp4", mFormatContext->streams[mVideoStreamId], NULL, - startTime, this->getMonitor()); } // end if record_audio @@ -811,7 +806,7 @@ int FfmpegCamera::CaptureAndRecord( Image &image, timeval recording, char* event videoStore = NULL; } else { - monitor->SetVideoWriterEventId( last_event_id ); + monitor->SetVideoWriterEventId(last_event_id); // Need to write out all the frames from the last keyframe? // No... need to write out all frames from when the event began. Due to PreEventFrames, this could be more than since the last keyframe. @@ -819,7 +814,7 @@ int FfmpegCamera::CaptureAndRecord( Image &image, timeval recording, char* event ZMPacket *queued_packet; // Clear all packets that predate the moment when the recording began - packetqueue->clear_unwanted_packets(&recording, mVideoStreamId); + packetqueue->clear_unwanted_packets(&recording, monitor->GetPreEventCount(), mVideoStreamId); while ( ( queued_packet = packetqueue->popPacket() ) ) { AVPacket *avp = queued_packet->av_packet(); diff --git a/src/zm_ffmpeg_camera.h b/src/zm_ffmpeg_camera.h index 3eb52d1f8..0dbb95805 100644 --- a/src/zm_ffmpeg_camera.h +++ b/src/zm_ffmpeg_camera.h @@ -84,7 +84,6 @@ class FfmpegCamera : public Camera { struct SwsContext *mConvertContext; #endif - int64_t startTime; int error_count; public: diff --git a/src/zm_packetqueue.cpp b/src/zm_packetqueue.cpp index 11f24c2a2..11d610b0b 100644 --- a/src/zm_packetqueue.cpp +++ b/src/zm_packetqueue.cpp @@ -157,12 +157,12 @@ unsigned int zm_packetqueue::clearQueue(unsigned int frames_to_keep, int stream_ AVPacket *av_packet = &(zm_packet->packet); Debug(5, "Looking for keyframe at packet with stream index (%d) with keyframe (%d), frames_to_keep is (%d)", - av_packet->stream_index, ( av_packet->flags & AV_PKT_FLAG_KEY ), frames_to_keep ); + av_packet->stream_index, ( av_packet->flags & AV_PKT_FLAG_KEY ), frames_to_keep); // Want frames_to_keep video keyframes. Otherwise, we may not have enough - if ( ( av_packet->stream_index == stream_id) && ( av_packet->flags & AV_PKT_FLAG_KEY ) ) { + if ( (av_packet->stream_index == stream_id) && (av_packet->flags & AV_PKT_FLAG_KEY) ) { Debug(4, "Found keyframe at packet with stream index (%d) with keyframe (%d), frames_to_keep is (%d)", - av_packet->stream_index, ( av_packet->flags & AV_PKT_FLAG_KEY ), frames_to_keep ); + av_packet->stream_index, ( av_packet->flags & AV_PKT_FLAG_KEY ), frames_to_keep); break; } } @@ -210,25 +210,60 @@ int zm_packetqueue::packet_count( int stream_id ) { return packet_counts[stream_id]; } // end int zm_packetqueue::packet_count( int stream_id ) -void zm_packetqueue::clear_unwanted_packets( timeval *recording_started, int mVideoStreamId ) { +// Clear packets before the given timestamp. +// Must also take into account pre_event_count frames +void zm_packetqueue::clear_unwanted_packets( + timeval *recording_started, + int pre_event_count, + int mVideoStreamId) { // Need to find the keyframe <= recording_started. Can get rid of audio packets. if ( pktQueue.empty() ) return; - // Step 1 - find keyframe < recording_started. - // Step 2 - pop packets until we get to the packet in step 2 + // Step 1 - find frame <= recording_started. + // Step 2 - go back pre_event_count + // Step 3 - find a keyframe + // Step 4 - pop packets until we get to the packet in step 3 std::list::reverse_iterator it; - Debug(3, "Looking for keyframe after start recording stream id (%d)", mVideoStreamId); + // Step 1 - find frame <= recording_started. + Debug(3, "Looking for frame before start recording stream id (%d)", mVideoStreamId); for ( it = pktQueue.rbegin(); it != pktQueue.rend(); ++ it ) { + ZMPacket *zm_packet = *it; + AVPacket *av_packet = &(zm_packet->packet); + if ( + ( av_packet->stream_index == mVideoStreamId ) + && + timercmp( &(zm_packet->timestamp), recording_started, <= ) + ) { + Debug(3, "Found frame before start with stream index %d at %d.%d", + av_packet->stream_index, + zm_packet->timestamp.tv_sec, + zm_packet->timestamp.tv_usec); + break; + } + } + + if ( it == pktQueue.rend() ) { + Debug(1, "Didn't find a frame before event starttime. keeping all" ); + return; + } + + for ( ; pre_event_count && it != pktQueue.rend(); -- pre_event_count, ++ it ) { + } + if ( it == pktQueue.rend() ) { + Debug(1, "ran out of pre_event frames before event starttime. keeping all" ); + return; + } + + Debug(3, "Looking for keyframe"); + for ( ; it != pktQueue.rend(); ++ it ) { ZMPacket *zm_packet = *it; AVPacket *av_packet = &(zm_packet->packet); if ( ( av_packet->flags & AV_PKT_FLAG_KEY ) && ( av_packet->stream_index == mVideoStreamId ) - && - timercmp( &(zm_packet->timestamp), recording_started, <= ) ) { Debug(3, "Found keyframe before start with stream index %d at %d.%d", av_packet->stream_index, diff --git a/src/zm_packetqueue.h b/src/zm_packetqueue.h index a02a51ade..0faa281d2 100644 --- a/src/zm_packetqueue.h +++ b/src/zm_packetqueue.h @@ -43,7 +43,7 @@ public: void clearQueue(); void dumpQueue(); unsigned int size(); - void clear_unwanted_packets(timeval *recording, int mVideoStreamId); + void clear_unwanted_packets(timeval *recording, int pre_event_count, int mVideoStreamId); int packet_count(int stream_id); private: std::list pktQueue; diff --git a/src/zm_remote_camera_rtsp.cpp b/src/zm_remote_camera_rtsp.cpp index 1f94f4849..a26e2626d 100644 --- a/src/zm_remote_camera_rtsp.cpp +++ b/src/zm_remote_camera_rtsp.cpp @@ -418,7 +418,6 @@ int RemoteCameraRtsp::CaptureAndRecord(Image &image, timeval recording, char* ev videoStore = new VideoStore((const char *)event_file, "mp4", mFormatContext->streams[mVideoStreamId], mAudioStreamId==-1?NULL:mFormatContext->streams[mAudioStreamId], - startTime, this->getMonitor() ); strcpy(oldDirectory, event_file); } // end if ! videoStore diff --git a/src/zm_videostore.cpp b/src/zm_videostore.cpp index c39e24098..90ddcc4c3 100644 --- a/src/zm_videostore.cpp +++ b/src/zm_videostore.cpp @@ -36,7 +36,6 @@ VideoStore::VideoStore( const char *format_in, AVStream *p_video_in_stream, AVStream *p_audio_in_stream, - int64_t nStartTime, Monitor *monitor ) { diff --git a/src/zm_videostore.h b/src/zm_videostore.h index 8e7308e69..fe52cd1dc 100644 --- a/src/zm_videostore.h +++ b/src/zm_videostore.h @@ -85,7 +85,6 @@ public: const char *format_in, AVStream *video_in_stream, AVStream *audio_in_stream, - int64_t nStartTime, Monitor * p_monitor); bool open(); ~VideoStore(); From 158b9438d74070f0785d2af9544ea50bdbd1a04d Mon Sep 17 00:00:00 2001 From: Daniel Schaefer Date: Thu, 27 Jun 2019 21:08:29 +0200 Subject: [PATCH 308/922] Explicitly link with libdl (#2649) Otherwise on some systems linking would fail with undefined reference to symbol 'dlclose@@GLIBC_2.2.5' --- src/CMakeLists.txt | 8 ++++---- 1 file changed, 4 insertions(+), 4 deletions(-) diff --git a/src/CMakeLists.txt b/src/CMakeLists.txt index 3155fb920..331f9e039 100644 --- a/src/CMakeLists.txt +++ b/src/CMakeLists.txt @@ -20,10 +20,10 @@ add_executable(zms zms.cpp) include_directories(libbcrypt/include/bcrypt) include_directories(jwt-cpp/include/jwt-cpp) -target_link_libraries(zmc zm ${ZM_EXTRA_LIBS} ${ZM_BIN_LIBS}) -target_link_libraries(zma zm ${ZM_EXTRA_LIBS} ${ZM_BIN_LIBS}) -target_link_libraries(zmu zm ${ZM_EXTRA_LIBS} ${ZM_BIN_LIBS} bcrypt) -target_link_libraries(zms zm ${ZM_EXTRA_LIBS} ${ZM_BIN_LIBS} bcrypt) +target_link_libraries(zmc zm ${ZM_EXTRA_LIBS} ${ZM_BIN_LIBS} ${CMAKE_DL_LIBS}) +target_link_libraries(zma zm ${ZM_EXTRA_LIBS} ${ZM_BIN_LIBS} ${CMAKE_DL_LIBS}) +target_link_libraries(zmu zm ${ZM_EXTRA_LIBS} ${ZM_BIN_LIBS} ${CMAKE_DL_LIBS} bcrypt) +target_link_libraries(zms zm ${ZM_EXTRA_LIBS} ${ZM_BIN_LIBS} ${CMAKE_DL_LIBS} bcrypt) # Generate man files for the binaries destined for the bin folder FOREACH(CBINARY zma zmc zmu) From ac7d4869de65be78f0e9cdab1349223293a0124d Mon Sep 17 00:00:00 2001 From: Isaac Connor Date: Thu, 27 Jun 2019 15:36:13 -0400 Subject: [PATCH 309/922] We need to seek back pre_event_count video frames, not any frames --- src/zm_packetqueue.cpp | 13 ++++++++++--- 1 file changed, 10 insertions(+), 3 deletions(-) diff --git a/src/zm_packetqueue.cpp b/src/zm_packetqueue.cpp index 11d610b0b..f86314113 100644 --- a/src/zm_packetqueue.cpp +++ b/src/zm_packetqueue.cpp @@ -245,14 +245,21 @@ void zm_packetqueue::clear_unwanted_packets( } if ( it == pktQueue.rend() ) { - Debug(1, "Didn't find a frame before event starttime. keeping all" ); + Debug(1, "Didn't find a frame before event starttime. keeping all"); return; } - for ( ; pre_event_count && it != pktQueue.rend(); -- pre_event_count, ++ it ) { + Debug(1, "Seeking back %d frames", pre_event_count); + for ( ; pre_event_count && (it != pktQueue.rend()); ++ it ) { + ZMPacket *zm_packet = *it; + AVPacket *av_packet = &(zm_packet->packet); + if ( av_packet->stream_index == mVideoStreamId ) { + --pre_event_count; + } } + if ( it == pktQueue.rend() ) { - Debug(1, "ran out of pre_event frames before event starttime. keeping all" ); + Debug(1, "ran out of pre_event frames before event starttime. keeping all"); return; } From 3bd4486b651ba7d22e9643bf6632636d731b22e5 Mon Sep 17 00:00:00 2001 From: Isaac Connor Date: Thu, 27 Jun 2019 15:48:10 -0400 Subject: [PATCH 310/922] Start event when alarm frames >= alarm_frame_count-1 because it is 1based. Add some debug. --- src/zm_monitor.cpp | 22 +++++++++++++++------- 1 file changed, 15 insertions(+), 7 deletions(-) diff --git a/src/zm_monitor.cpp b/src/zm_monitor.cpp index 76b7e9a34..eba3ca7e9 100644 --- a/src/zm_monitor.cpp +++ b/src/zm_monitor.cpp @@ -1525,21 +1525,25 @@ bool Monitor::Analyse() { Info("%s: %03d - Closing event %" PRIu64 ", continuous end, alarm begins", name, image_count, event->Id()); closeEvent(); - } - Debug(3, "pre-alarm-count %d", Event::PreAlarmCount()); + } else { // This is so if we need more than 1 alarm frame before going into alarm, so it is basically if we have enough alarm frames - if ( (!pre_event_count) || (Event::PreAlarmCount() >= alarm_frame_count) ) { + Debug(3, "pre-alarm-count in event %d, event frames %d, alarm frames %d event length %d >=? %d", + Event::PreAlarmCount(), event->Frames(), event->AlarmFrames(), + ( timestamp->tv_sec - video_store_data->recording.tv_sec ), min_section_length + ); + } + if ( (!pre_event_count) || (Event::PreAlarmCount() >= alarm_frame_count-1) ) { shared_data->state = state = ALARM; // lets construct alarm cause. It will contain cause + names of zones alarmed std::string alarm_cause = ""; for ( int i=0; i < n_zones; i++ ) { if ( zones[i]->Alarmed() ) { - alarm_cause = alarm_cause + "," + std::string(zones[i]->Label()); + alarm_cause = alarm_cause + "," + std::string(zones[i]->Label()); } } if ( !alarm_cause.empty() ) alarm_cause[0] = ' '; alarm_cause = cause + alarm_cause; - strncpy(shared_data->alarm_cause,alarm_cause.c_str(), sizeof(shared_data->alarm_cause)-1); + strncpy(shared_data->alarm_cause, alarm_cause.c_str(), sizeof(shared_data->alarm_cause)-1); Info("%s: %03d - Gone into alarm state PreAlarmCount: %u > AlarmFrameCount:%u Cause:%s", name, image_count, Event::PreAlarmCount(), alarm_frame_count, shared_data->alarm_cause); @@ -1550,7 +1554,9 @@ bool Monitor::Analyse() { if ( analysis_fps && pre_event_count ) { // If analysis fps is set, // compute the index for pre event images in the dedicated buffer - pre_index = pre_event_buffer_count ? image_count%pre_event_buffer_count : 0; + pre_index = pre_event_buffer_count ? image_count % pre_event_buffer_count : 0; + Debug(3, "pre-index %d = image_count(%d) %% pre_event_buffer_count(%d)", + pre_index, image_count, pre_event_buffer_count); // Seek forward the next filled slot in to the buffer (oldest data) // from the current position @@ -1559,6 +1565,8 @@ bool Monitor::Analyse() { // Slot is empty, removing image from counter pre_event_images--; } + Debug(3, "pre-index %d, pre-event_images %d", + pre_index, pre_event_images); event = new Event(this, *(pre_event_buffer[pre_index].timestamp), cause, noteSetMap); } else { @@ -1569,7 +1577,7 @@ bool Monitor::Analyse() { else pre_index = ((index + image_buffer_count) - pre_event_count)%image_buffer_count; - Debug(4,"Resulting pre_index(%d) from index(%d) + image_buffer_count(%d) - pre_event_count(%d)", + Debug(3, "Resulting pre_index(%d) from index(%d) + image_buffer_count(%d) - pre_event_count(%d)", pre_index, index, image_buffer_count, pre_event_count); // Seek forward the next filled slot in to the buffer (oldest data) From 0ab4f9fce08734cd1b3037e913286dfee78ea991 Mon Sep 17 00:00:00 2001 From: Isaac Connor Date: Thu, 27 Jun 2019 21:49:43 -0400 Subject: [PATCH 311/922] More debugging in packetqueue. --- src/zm_packetqueue.cpp | 7 ++++++- 1 file changed, 6 insertions(+), 1 deletion(-) diff --git a/src/zm_packetqueue.cpp b/src/zm_packetqueue.cpp index f86314113..7668935f0 100644 --- a/src/zm_packetqueue.cpp +++ b/src/zm_packetqueue.cpp @@ -227,7 +227,8 @@ void zm_packetqueue::clear_unwanted_packets( std::list::reverse_iterator it; // Step 1 - find frame <= recording_started. - Debug(3, "Looking for frame before start recording stream id (%d)", mVideoStreamId); + Debug(3, "Looking for frame before start recording stream id (%d), queue has %d packets", + mVideoStreamId, pktQueue.size()); for ( it = pktQueue.rbegin(); it != pktQueue.rend(); ++ it ) { ZMPacket *zm_packet = *it; AVPacket *av_packet = &(zm_packet->packet); @@ -242,6 +243,10 @@ void zm_packetqueue::clear_unwanted_packets( zm_packet->timestamp.tv_usec); break; } + Debug(3, "Not Found frame before start with stream index %d at %d.%d", + av_packet->stream_index, + zm_packet->timestamp.tv_sec, + zm_packet->timestamp.tv_usec); } if ( it == pktQueue.rend() ) { From d972ab60060570a47378c527f4a755a5b599d6da Mon Sep 17 00:00:00 2001 From: Isaac Connor Date: Thu, 27 Jun 2019 21:50:12 -0400 Subject: [PATCH 312/922] add min_section_length test to alarmed events that go unalarmed --- src/zm_monitor.cpp | 5 ++++- web/skins/classic/css/base/skin.css | 1 + 2 files changed, 5 insertions(+), 1 deletion(-) diff --git a/src/zm_monitor.cpp b/src/zm_monitor.cpp index eba3ca7e9..fda0f5709 100644 --- a/src/zm_monitor.cpp +++ b/src/zm_monitor.cpp @@ -1632,7 +1632,10 @@ bool Monitor::Analyse() { Info("%s: %03d - Gone into alert state", name, image_count); shared_data->state = state = ALERT; } else if ( state == ALERT ) { - if ( image_count-last_alarm_count > post_event_count ) { + if ( + ( image_count-last_alarm_count > post_event_count ) + && ( ( timestamp->tv_sec - video_store_data->recording.tv_sec ) >= min_section_length ) + ) { Info("%s: %03d - Left alarm state (%" PRIu64 ") - %d(%d) images", name, image_count, event->Id(), event->Frames(), event->AlarmFrames()); //if ( function != MOCORD || event_close_mode == CLOSE_ALARM || event->Cause() == SIGNAL_CAUSE ) diff --git a/web/skins/classic/css/base/skin.css b/web/skins/classic/css/base/skin.css index 1dfd6ea90..cd0eaebc3 100644 --- a/web/skins/classic/css/base/skin.css +++ b/web/skins/classic/css/base/skin.css @@ -637,6 +637,7 @@ color:#ffa801; .container-fluid { position: relative; + padding-bottom: 10px; } .sidebar { From 1161c251fc7dfd4691ad8bc10358779d3c009500 Mon Sep 17 00:00:00 2001 From: Isaac Connor Date: Fri, 28 Jun 2019 10:28:53 -0400 Subject: [PATCH 313/922] Add a warning when the monitor is not capturing in live view --- web/skins/classic/views/watch.php | 5 +++++ 1 file changed, 5 insertions(+) diff --git a/web/skins/classic/views/watch.php b/web/skins/classic/views/watch.php index 902baaa1c..bef9acd61 100644 --- a/web/skins/classic/views/watch.php +++ b/web/skins/classic/views/watch.php @@ -77,6 +77,11 @@ if ( canView('Control') && $monitor->Type() == 'Local' ) {
+Status() != 'Capturing' ) { + echo '
Monitor is not capturing. We will be unable to provide an image
'; +} +?>
$scale) ); ?>
Type() != 'WebSite' ) { ?> From 6231c64a7a253dac034fb85d27fa5167d0816586 Mon Sep 17 00:00:00 2001 From: CanOfSpam3 Date: Mon, 1 Jul 2019 18:06:10 -0400 Subject: [PATCH 314/922] simplify rtfm step (#2650) save everyone some cruft and time --- docs/installationguide/debian.rst | 6 ++---- 1 file changed, 2 insertions(+), 4 deletions(-) diff --git a/docs/installationguide/debian.rst b/docs/installationguide/debian.rst index a6a27aa19..1c85e704c 100644 --- a/docs/installationguide/debian.rst +++ b/docs/installationguide/debian.rst @@ -82,8 +82,7 @@ a read. :: - gunzip /usr/share/doc/zoneminder/README.Debian.gz - cat /usr/share/doc/zoneminder/README.Debian + zcat /usr/share/doc/zoneminder/README.Debian.gz **Step 7:** Enable ZoneMinder service @@ -209,8 +208,7 @@ a read. :: - gunzip /usr/share/doc/zoneminder/README.Debian.gz - cat /usr/share/doc/zoneminder/README.Debian + zcat /usr/share/doc/zoneminder/README.Debian.gz **Step 7:** Setup Database From 2dc60196c5ddb6cb2874c16a291478d0102bdb97 Mon Sep 17 00:00:00 2001 From: Isaac Connor Date: Tue, 2 Jul 2019 11:14:24 -0400 Subject: [PATCH 315/922] Code cleanup and cpplint --- src/zm_ffmpeg_camera.cpp | 450 +++++++++++++++++++++------------------ 1 file changed, 237 insertions(+), 213 deletions(-) diff --git a/src/zm_ffmpeg_camera.cpp b/src/zm_ffmpeg_camera.cpp index 5e403b468..9cf2d93ef 100644 --- a/src/zm_ffmpeg_camera.cpp +++ b/src/zm_ffmpeg_camera.cpp @@ -1,21 +1,21 @@ // -// ZoneMinder Ffmpeg Camera Class Implementation, $Date: 2009-01-16 12:18:50 +0000 (Fri, 16 Jan 2009) $, $Revision: 2713 $ +// ZoneMinder Ffmpeg Camera Class Implementation // Copyright (C) 2001-2008 Philip Coombes -// +// // This program is free software; you can redistribute it and/or // modify it under the terms of the GNU General Public License // as published by the Free Software Foundation; either version 2 // of the License, or (at your option) any later version. -// +// // This program is distributed in the hope that it will be useful, // but WITHOUT ANY WARRANTY; without even the implied warranty of // MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the // GNU General Public License for more details. -// +// // You should have received a copy of the GNU General Public License // along with this program; if not, write to the Free Software // Foundation, Inc., 51 Franklin Street, Fifth Floor, Boston, MA 02110-1301 USA. -// +// #include "zm.h" #include "zm_signal.h" @@ -27,7 +27,7 @@ extern "C" { #include "libavutil/time.h" #if HAVE_LIBAVUTIL_HWCONTEXT_H - #include "libavutil/hwcontext.h" + #include "libavutil/hwcontext.h" #endif } #ifndef AV_ERROR_MAX_STRING_SIZE @@ -39,6 +39,7 @@ extern "C" { #include #include #endif +#include #if HAVE_LIBAVUTIL_HWCONTEXT_H @@ -54,9 +55,11 @@ static enum AVPixelFormat get_hw_format( return *p; } - Error("Failed to get HW surface format for %s.", av_get_pix_fmt_name(hw_pix_fmt)); + Error("Failed to get HW surface format for %s.", + av_get_pix_fmt_name(hw_pix_fmt)); for ( p = pix_fmts; *p != -1; p++ ) - Error("Available HW surface format was %s.", av_get_pix_fmt_name(*p)); + Error("Available HW surface format was %s.", + av_get_pix_fmt_name(*p)); return AV_PIX_FMT_NONE; } @@ -106,8 +109,7 @@ FfmpegCamera::FfmpegCamera( bool p_capture, bool p_record_audio, const std::string &p_hwaccel_name, - const std::string &p_hwaccel_device - ) : + const std::string &p_hwaccel_device) : Camera( p_id, FFMPEG_SRC, @@ -154,10 +156,11 @@ FfmpegCamera::FfmpegCamera( hw_pix_fmt = AV_PIX_FMT_NONE; #endif -#if HAVE_LIBSWSCALE +#if HAVE_LIBSWSCALE mConvertContext = NULL; #endif - /* Has to be located inside the constructor so other components such as zma will receive correct colours and subpixel order */ + /* Has to be located inside the constructor so other components such as zma + * will receive correct colours and subpixel order */ if ( colours == ZM_COLOUR_RGB32 ) { subpixelorder = ZM_SUBPIX_ORDER_RGBA; imagePixFormat = AV_PIX_FMT_RGBA; @@ -170,10 +173,9 @@ FfmpegCamera::FfmpegCamera( } else { Panic("Unexpected colours: %d", colours); } -} // FfmpegCamera::FfmpegCamera +} // FfmpegCamera::FfmpegCamera FfmpegCamera::~FfmpegCamera() { - Close(); if ( capture ) { @@ -203,7 +205,7 @@ int FfmpegCamera::PrimeCapture() { int FfmpegCamera::PreCapture() { // If Reopen was called, then ffmpeg is closed and we need to reopen it. - if ( ! mCanCapture ) + if ( !mCanCapture ) return OpenFfmpeg(); // Nothing to do here return 0; @@ -215,15 +217,20 @@ int FfmpegCamera::Capture(Image &image) { } int ret; - // If the reopen thread has a value, but mCanCapture != 0, then we have just reopened the connection to the ffmpeg device, and we can clean up the thread. + // If the reopen thread has a value, but mCanCapture != 0, then we have just + // reopened the connection to the device, and we can clean up the thread. int frameComplete = false; - while ( !frameComplete && !zm_terminate) { + while ( !frameComplete && !zm_terminate ) { ret = av_read_frame(mFormatContext, &packet); if ( ret < 0 ) { if ( // Check if EOF. - (ret == AVERROR_EOF || (mFormatContext->pb && mFormatContext->pb->eof_reached)) || + ( + ret == AVERROR_EOF + || + (mFormatContext->pb && mFormatContext->pb->eof_reached) + ) || // Check for Connection failure. (ret == -110) ) { @@ -244,7 +251,11 @@ int FfmpegCamera::Capture(Image &image) { Debug(5, "Got packet from stream %d dts (%d) pts(%d)", packet.stream_index, packet.pts, packet.dts); // What about audio stream? Maybe someday we could do sound detection... - if ( ( packet.stream_index == mVideoStreamId ) && ( keyframe || have_video_keyframe ) ) { + if ( + (packet.stream_index == mVideoStreamId) + && + (keyframe || have_video_keyframe) + ) { ret = zm_receive_frame(mVideoCodecContext, mRawFrame, packet); if ( ret < 0 ) { Error("Unable to get frame at frame %d: %s, continuing", @@ -264,11 +275,11 @@ int FfmpegCamera::Capture(Image &image) { frameCount++; } else { Debug(4, "Different stream_index %d", packet.stream_index); - } // end if packet.stream_index == mVideoStreamId + } // end if packet.stream_index == mVideoStreamId zm_av_packet_unref(&packet); - } // end while ! frameComplete + } // end while ! frameComplete return frameComplete ? 1 : 0; -} // FfmpegCamera::Capture +} // FfmpegCamera::Capture int FfmpegCamera::PostCapture() { // Nothing to do here @@ -276,7 +287,6 @@ int FfmpegCamera::PostCapture() { } int FfmpegCamera::OpenFfmpeg() { - int ret; have_video_keyframe = false; @@ -290,7 +300,7 @@ int FfmpegCamera::OpenFfmpeg() { AVDictionary *opts = 0; ret = av_dict_parse_string(&opts, Options().c_str(), "=", ",", 0); if ( ret < 0 ) { - Warning("Could not parse ffmpeg input options list '%s'\n", Options().c_str()); + Warning("Could not parse ffmpeg input options '%s'", Options().c_str()); } // Set transport method as specified by method field, rtpUni is default @@ -306,7 +316,7 @@ int FfmpegCamera::OpenFfmpeg() { } else { Warning("Unknown method (%s)", method.c_str()); } -//#av_dict_set(&opts, "timeout", "10000000", 0); // in microseconds. + // #av_dict_set(&opts, "timeout", "10000000", 0); // in microseconds. if ( ret < 0 ) { Warning("Could not set rtsp_transport method '%s'", method.c_str()); @@ -314,11 +324,11 @@ int FfmpegCamera::OpenFfmpeg() { Debug(1, "Calling avformat_open_input for %s", mPath.c_str()); - mFormatContext = avformat_alloc_context( ); + mFormatContext = avformat_alloc_context(); // Speed up find_stream_info - //FIXME can speed up initial analysis but need sensible parameters... - //mFormatContext->probesize = 32; - //mFormatContext->max_analyze_duration = 32; + // FIXME can speed up initial analysis but need sensible parameters... + // mFormatContext->probesize = 32; + // mFormatContext->max_analyze_duration = 32; mFormatContext->interrupt_callback.callback = FfmpegInterruptCallback; mFormatContext->interrupt_callback.opaque = this; @@ -326,7 +336,8 @@ int FfmpegCamera::OpenFfmpeg() { if ( ret != 0 ) #endif { - Error("Unable to open input %s due to: %s", mPath.c_str(), strerror(ret)); + Error("Unable to open input %s due to: %s", mPath.c_str(), + av_make_error_string(ret).c_str()); #if !LIBAVFORMAT_VERSION_CHECK(53, 17, 0, 25, 0) av_close_input_file(mFormatContext); #else @@ -339,7 +350,7 @@ int FfmpegCamera::OpenFfmpeg() { return -1; } - AVDictionaryEntry *e=NULL; + AVDictionaryEntry *e = NULL; while ( (e = av_dict_get(opts, "", e, AV_DICT_IGNORE_SUFFIX)) != NULL ) { Warning("Option %s not recognized by ffmpeg", e->key); } @@ -348,94 +359,76 @@ int FfmpegCamera::OpenFfmpeg() { Info("Stream open %s, parsing streams...", mPath.c_str()); #if !LIBAVFORMAT_VERSION_CHECK(53, 6, 0, 6, 0) - Debug(4, "Calling av_find_stream_info"); - if ( av_find_stream_info(mFormatContext) < 0 ) + ret = av_find_stream_info(mFormatContext); #else - Debug(4, "Calling avformat_find_stream_info"); - if ( avformat_find_stream_info(mFormatContext, 0) < 0 ) + ret = avformat_find_stream_info(mFormatContext, 0); #endif - { - Error("Unable to find stream info from %s due to: %s", mPath.c_str(), strerror(errno)); + if ( ret < 0 ) { + Error("Unable to find stream info from %s due to: %s", mPath.c_str(), + av_make_error_string(ret).c_str()); return -1; } - Debug(4, "Got stream info"); - // Find first video stream present // The one we want Might not be the first mVideoStreamId = -1; mAudioStreamId = -1; for ( unsigned int i=0; i < mFormatContext->nb_streams; i++ ) { -#if LIBAVCODEC_VERSION_CHECK(57, 64, 0, 64, 0) - if ( mFormatContext->streams[i]->codecpar->codec_type == AVMEDIA_TYPE_VIDEO ) { -#else -#if (LIBAVCODEC_VERSION_CHECK(52, 64, 0, 64, 0) || LIBAVUTIL_VERSION_CHECK(50, 14, 0, 14, 0)) - if ( mFormatContext->streams[i]->codec->codec_type == AVMEDIA_TYPE_VIDEO ) { -#else - if ( mFormatContext->streams[i]->codec->codec_type == CODEC_TYPE_VIDEO ) { -#endif -#endif + AVStream *stream = mFormatContext->streams[i]; + if ( is_video_stream(stream) ) { if ( mVideoStreamId == -1 ) { mVideoStreamId = i; // if we break, then we won't find the audio stream continue; } else { - Debug(2, "Have another video stream." ); + Debug(2, "Have another video stream."); } - } -#if LIBAVCODEC_VERSION_CHECK(57, 64, 0, 64, 0) - if ( mFormatContext->streams[i]->codecpar->codec_type == AVMEDIA_TYPE_AUDIO ) { -#else -#if (LIBAVCODEC_VERSION_CHECK(52, 64, 0, 64, 0) || LIBAVUTIL_VERSION_CHECK(50, 14, 0, 14, 0)) - if ( mFormatContext->streams[i]->codec->codec_type == AVMEDIA_TYPE_AUDIO ) { -#else - if ( mFormatContext->streams[i]->codec->codec_type == CODEC_TYPE_AUDIO ) { -#endif -#endif + } else if ( is_audio_stream(stream) ) { if ( mAudioStreamId == -1 ) { mAudioStreamId = i; } else { - Debug(2, "Have another audio stream." ); + Debug(2, "Have another audio stream."); } } - } // end foreach stream + } // end foreach stream if ( mVideoStreamId == -1 ) Fatal("Unable to locate video stream in %s", mPath.c_str()); - if ( mAudioStreamId == -1 ) - Debug(3, "Unable to locate audio stream in %s", mPath.c_str()); - Debug(3, "Found video stream at index %d", mVideoStreamId); - Debug(3, "Found audio stream at index %d", mAudioStreamId); - packetqueue = new zm_packetqueue( mVideoStreamId > mAudioStreamId ? mVideoStreamId : mAudioStreamId ); + Debug(3, "Found video stream at index %d, audio stream at index %d", + mVideoStreamId, mAudioStreamId); + packetqueue = new zm_packetqueue( + (mVideoStreamId > mAudioStreamId) ? mVideoStreamId : mAudioStreamId); #if LIBAVCODEC_VERSION_CHECK(57, 64, 0, 64, 0) - //mVideoCodecContext = avcodec_alloc_context3(NULL); - //avcodec_parameters_to_context( mVideoCodecContext, mFormatContext->streams[mVideoStreamId]->codecpar ); + // mVideoCodecContext = avcodec_alloc_context3(NULL); + // avcodec_parameters_to_context(mVideoCodecContext, + // mFormatContext->streams[mVideoStreamId]->codecpar); // this isn't copied. - //mVideoCodecContext->time_base = mFormatContext->streams[mVideoStreamId]->codec->time_base; + // mVideoCodecContext->time_base = + // mFormatContext->streams[mVideoStreamId]->codec->time_base; #else #endif mVideoCodecContext = mFormatContext->streams[mVideoStreamId]->codec; - // STolen from ispy - //this fixes issues with rtsp streams!! woot. - //mVideoCodecContext->flags2 |= CODEC_FLAG2_FAST | CODEC_FLAG2_CHUNKS | CODEC_FLAG_LOW_DELAY; // Enable faster H264 decode. #ifdef CODEC_FLAG2_FAST - mVideoCodecContext->flags2 |= CODEC_FLAG2_FAST | CODEC_FLAG_LOW_DELAY; + mVideoCodecContext->flags2 |= CODEC_FLAG2_FAST | CODEC_FLAG_LOW_DELAY; #endif if ( mVideoCodecContext->codec_id == AV_CODEC_ID_H264 ) { if ( (mVideoCodec = avcodec_find_decoder_by_name("h264_mmal")) == NULL ) { - Debug(1, "Failed to find decoder (h264_mmal)" ); + Debug(1, "Failed to find decoder (h264_mmal)"); } else { - Debug(1, "Success finding decoder (h264_mmal)" ); + Debug(1, "Success finding decoder (h264_mmal)"); } } - if ( (!mVideoCodec) and ( (mVideoCodec = avcodec_find_decoder(mVideoCodecContext->codec_id)) == NULL ) ) { - // Try and get the codec from the codec context - Error("Can't find codec for video stream from %s", mPath.c_str()); - return -1; - } + if ( !mVideoCodec ) { + mVideoCodec = avcodec_find_decoder(mVideoCodecContext->codec_id); + if ( !mVideoCodec ) { + // Try and get the codec from the codec context + Error("Can't find codec for video stream from %s", mPath.c_str()); + return -1; + } + } Debug(1, "Video Found decoder %s", mVideoCodec->name); zm_dump_stream_format(mFormatContext, mVideoStreamId, 0, 0); @@ -464,23 +457,27 @@ int FfmpegCamera::OpenFfmpeg() { mVideoCodec->name, av_hwdevice_get_type_name(type)); return -1; } - if ( (config->methods & AV_CODEC_HW_CONFIG_METHOD_HW_DEVICE_CTX ) - && (config->device_type == type) + if ( (config->methods & AV_CODEC_HW_CONFIG_METHOD_HW_DEVICE_CTX) + && (config->device_type == type) ) { hw_pix_fmt = config->pix_fmt; break; } - } // end foreach hwconfig -#else + } // end foreach hwconfig +#else hw_pix_fmt = find_fmt_by_hw_type(type); #endif -Debug(1, "Selected gw_pix_fmt %d %s", hw_pix_fmt, av_get_pix_fmt_name(hw_pix_fmt)); +Debug(1, "Selected gw_pix_fmt %d %s", + hw_pix_fmt, + av_get_pix_fmt_name(hw_pix_fmt)); mVideoCodecContext->get_format = get_hw_format; - Debug(1, "Creating hwdevice for %s", (hwaccel_device != "" ? hwaccel_device.c_str() : "")); - if ((ret = av_hwdevice_ctx_create(&hw_device_ctx, type, - (hwaccel_device != "" ? hwaccel_device.c_str(): NULL), NULL, 0)) < 0) { + Debug(1, "Creating hwdevice for %s", + (hwaccel_device != "" ? hwaccel_device.c_str() : "")); + ret = av_hwdevice_ctx_create(&hw_device_ctx, type, + (hwaccel_device != "" ? hwaccel_device.c_str(): NULL), NULL, 0); + if ( ret < 0 ) { Error("Failed to create specified HW device."); return -1; } @@ -488,10 +485,10 @@ Debug(1, "Selected gw_pix_fmt %d %s", hw_pix_fmt, av_get_pix_fmt_name(hw_pix_fmt mVideoCodecContext->hw_device_ctx = av_buffer_ref(hw_device_ctx); hwaccel = true; hwFrame = zm_av_frame_alloc(); -#else +#else Warning("HWAccel support not compiled in."); #endif - } // end if hwacel_name + } // end if hwacel_name // Open the codec #if !LIBAVFORMAT_VERSION_CHECK(53, 8, 0, 8, 0) @@ -501,7 +498,7 @@ Debug(1, "Selected gw_pix_fmt %d %s", hw_pix_fmt, av_get_pix_fmt_name(hw_pix_fmt #endif e = NULL; while ( (e = av_dict_get(opts, "", e, AV_DICT_IGNORE_SUFFIX)) != NULL ) { - Warning( "Option %s not recognized by ffmpeg", e->key); + Warning("Option %s not recognized by ffmpeg", e->key); } if ( ret < 0 ) { Error("Unable to open codec for video stream from %s", mPath.c_str()); @@ -528,28 +525,28 @@ Debug(1, "Selected gw_pix_fmt %d %s", hw_pix_fmt, av_get_pix_fmt_name(hw_pix_fmt } else { #if LIBAVCODEC_VERSION_CHECK(57, 64, 0, 64, 0) mAudioCodecContext = avcodec_alloc_context3(mAudioCodec); - avcodec_parameters_to_context( mAudioCodecContext, mFormatContext->streams[mAudioStreamId]->codecpar ); + avcodec_parameters_to_context( + mAudioCodecContext, + mFormatContext->streams[mAudioStreamId]->codecpar + ); #else mAudioCodecContext = mFormatContext->streams[mAudioStreamId]->codec; // = avcodec_alloc_context3(mAudioCodec); #endif - Debug(1, "Audio Found decoder"); zm_dump_stream_format(mFormatContext, mAudioStreamId, 0, 0); // Open the codec #if !LIBAVFORMAT_VERSION_CHECK(53, 8, 0, 8, 0) - Debug(1, "Calling avcodec_open"); if ( avcodec_open(mAudioCodecContext, mAudioCodec) < 0 ) { #else - Debug(1, "Calling avcodec_open2" ); if ( avcodec_open2(mAudioCodecContext, mAudioCodec, 0) < 0 ) { #endif - Error("Unable to open codec for audio stream from %s", mPath.c_str() ); + Error("Unable to open codec for audio stream from %s", mPath.c_str()); return -1; } zm_dump_codec(mAudioCodecContext); - } // end if find decoder - } // end if have audio_context + } // end if find decoder + } // end if have audio_context // Allocate space for the native video frame mRawFrame = zm_av_frame_alloc(); @@ -562,23 +559,18 @@ Debug(1, "Selected gw_pix_fmt %d %s", hw_pix_fmt, av_get_pix_fmt_name(hw_pix_fmt return -1; } - Debug( 3, "Allocated frames"); - #if LIBAVUTIL_VERSION_CHECK(54, 6, 0, 6, 0) - int pSize = av_image_get_buffer_size( imagePixFormat, width, height,1 ); + int pSize = av_image_get_buffer_size(imagePixFormat, width, height, 1); #else - int pSize = avpicture_get_size( imagePixFormat, width, height ); + int pSize = avpicture_get_size(imagePixFormat, width, height); #endif if ( (unsigned int)pSize != imagesize ) { - Error("Image size mismatch. Required: %d Available: %d",pSize,imagesize); + Error("Image size mismatch. Required: %d Available: %d", pSize, imagesize); return -1; } - Debug(4, "Validated imagesize"); - #if HAVE_LIBSWSCALE - Debug(1, "Calling sws_isSupportedInput"); if ( !sws_isSupportedInput(mVideoCodecContext->pix_fmt) ) { Error("swscale does not support the codec format: %c%c%c%c", (mVideoCodecContext->pix_fmt)&0xff, @@ -600,7 +592,7 @@ Debug(1, "Selected gw_pix_fmt %d %s", hw_pix_fmt, av_get_pix_fmt_name(hw_pix_fmt } # if 0 - // Have to get a frame first to find out the actual format returned by decoding + // Must get a frame first to find out the actual format returned by decoding mConvertContext = sws_getContext( mVideoCodecContext->width, mVideoCodecContext->height, @@ -609,13 +601,14 @@ Debug(1, "Selected gw_pix_fmt %d %s", hw_pix_fmt, av_get_pix_fmt_name(hw_pix_fmt imagePixFormat, SWS_BICUBIC, NULL, NULL, NULL); if ( mConvertContext == NULL ) { - Error( "Unable to create conversion context for %s", mPath.c_str() ); + Error("Unable to create conversion context for %s", mPath.c_str()); return -1; } #endif -#else // HAVE_LIBSWSCALE - Fatal("You must compile ffmpeg with the --enable-swscale option to use ffmpeg cameras"); -#endif // HAVE_LIBSWSCALE +#else // HAVE_LIBSWSCALE + Fatal("You must compile ffmpeg with the --enable-swscale " + "option to use ffmpeg cameras"); +#endif // HAVE_LIBSWSCALE if ( ((unsigned int)mVideoCodecContext->width != width) @@ -623,17 +616,15 @@ Debug(1, "Selected gw_pix_fmt %d %s", hw_pix_fmt, av_get_pix_fmt_name(hw_pix_fmt ((unsigned int)mVideoCodecContext->height != height) ) { Warning("Monitor dimensions are %dx%d but camera is sending %dx%d", - width, height, mVideoCodecContext->width, mVideoCodecContext->height - ); + width, height, mVideoCodecContext->width, mVideoCodecContext->height); } mCanCapture = true; return 0; -} // int FfmpegCamera::OpenFfmpeg() +} // int FfmpegCamera::OpenFfmpeg() int FfmpegCamera::Close() { - Debug(2, "CloseFfmpeg called."); mCanCapture = false; @@ -661,18 +652,17 @@ int FfmpegCamera::Close() { if ( mVideoCodecContext ) { avcodec_close(mVideoCodecContext); - Debug(1,"After codec close"); #if LIBAVCODEC_VERSION_CHECK(57, 64, 0, 64, 0) - //avcodec_free_context(&mVideoCodecContext); + // avcodec_free_context(&mVideoCodecContext); #endif - mVideoCodecContext = NULL; // Freed by av_close_input_file + mVideoCodecContext = NULL; // Freed by av_close_input_file } if ( mAudioCodecContext ) { avcodec_close(mAudioCodecContext); #if LIBAVCODEC_VERSION_CHECK(57, 64, 0, 64, 0) avcodec_free_context(&mAudioCodecContext); #endif - mAudioCodecContext = NULL; // Freed by av_close_input_file + mAudioCodecContext = NULL; // Freed by av_close_input_file } if ( mFormatContext ) { @@ -690,15 +680,19 @@ int FfmpegCamera::Close() { } return 0; -} // end FfmpegCamera::Close +} // end FfmpegCamera::Close -//Function to handle capture and store -int FfmpegCamera::CaptureAndRecord( Image &image, timeval recording, char* event_file ) { +// Function to handle capture and store +int FfmpegCamera::CaptureAndRecord( + Image &image, + timeval recording, + char* event_file + ) { if ( !mCanCapture ) { return -1; } int ret; - + int frameComplete = false; while ( !frameComplete ) { av_init_packet(&packet); @@ -707,7 +701,10 @@ int FfmpegCamera::CaptureAndRecord( Image &image, timeval recording, char* event if ( ret < 0 ) { if ( // Check if EOF. - (ret == AVERROR_EOF || (mFormatContext->pb && mFormatContext->pb->eof_reached)) || + ( + (ret == AVERROR_EOF) || + (mFormatContext->pb && mFormatContext->pb->eof_reached) + ) || // Check for Connection failure. (ret == -110) ) { @@ -721,9 +718,14 @@ int FfmpegCamera::CaptureAndRecord( Image &image, timeval recording, char* event } if ( (packet.pts != AV_NOPTS_VALUE) && (packet.pts < -100000) ) { - // Ignore packets that have crazy negative pts. They aren't supposed to happen. - Warning("Ignore packet because pts %" PRId64 " is massively negative. Error count is %d", packet.pts, error_count); - dumpPacket(mFormatContext->streams[packet.stream_index], &packet,"Ignored packet"); + // Ignore packets that have crazy negative pts. + // They aren't supposed to happen. + Warning("Ignore packet because pts %" PRId64 " is massively negative." + " Error count is %d", packet.pts, error_count); + dumpPacket( + mFormatContext->streams[packet.stream_index], + &packet, + "Ignored packet"); if ( error_count > 100 ) { Error("Bad packet count over 100, going to close and re-open stream"); return -1; @@ -736,14 +738,16 @@ int FfmpegCamera::CaptureAndRecord( Image &image, timeval recording, char* event int keyframe = packet.flags & AV_PKT_FLAG_KEY; bytes += packet.size; - dumpPacket(mFormatContext->streams[packet.stream_index], &packet, "Captured Packet"); + dumpPacket( + mFormatContext->streams[packet.stream_index], + &packet, + "Captured Packet"); if ( packet.dts == AV_NOPTS_VALUE ) { packet.dts = packet.pts; } // Video recording if ( recording.tv_sec ) { - uint32_t last_event_id = monitor->GetLastEventId(); uint32_t video_writer_event_id = monitor->GetVideoWriterEventId(); @@ -754,26 +758,27 @@ int FfmpegCamera::CaptureAndRecord( Image &image, timeval recording, char* event if ( videoStore ) { Info("Re-starting video storage module"); - // I don't know if this is important or not... but I figure we might as well write this last packet out to the store before closing it. + // I don't know if this is important or not... but I figure we might + // as well write this last packet out to the store before closing it. // Also don't know how much it matters for audio. if ( packet.stream_index == mVideoStreamId ) { - //Write the packet to our video store + // Write the packet to our video store int ret = videoStore->writeVideoFramePacket(&packet); - if ( ret < 0 ) { //Less than zero and we skipped a frame + if ( ret < 0 ) { // Less than zero and we skipped a frame Warning("Error writing last packet to videostore."); } - } // end if video + } // end if video delete videoStore; videoStore = NULL; have_video_keyframe = false; monitor->SetVideoWriterEventId(0); - } // end if videoStore - } // end if end of recording + } // end if videoStore + } // end if end of recording - if ( last_event_id and !videoStore ) { - //Instantiate the video storage module + if ( last_event_id && !videoStore ) { + // Instantiate the video storage module packetqueue->dumpQueue(); if ( record_audio ) { @@ -799,9 +804,9 @@ int FfmpegCamera::CaptureAndRecord( Image &image, timeval recording, char* event mFormatContext->streams[mVideoStreamId], NULL, this->getMonitor()); - } // end if record_audio + } // end if record_audio - if ( ! videoStore->open() ) { + if ( !videoStore->open() ) { delete videoStore; videoStore = NULL; @@ -809,60 +814,72 @@ int FfmpegCamera::CaptureAndRecord( Image &image, timeval recording, char* event monitor->SetVideoWriterEventId(last_event_id); // Need to write out all the frames from the last keyframe? - // No... need to write out all frames from when the event began. Due to PreEventFrames, this could be more than since the last keyframe. + // No... need to write out all frames from when the event began. + // Due to PreEventFrames, this could be more than + // since the last keyframe. unsigned int packet_count = 0; ZMPacket *queued_packet; // Clear all packets that predate the moment when the recording began - packetqueue->clear_unwanted_packets(&recording, monitor->GetPreEventCount(), mVideoStreamId); + packetqueue->clear_unwanted_packets( + &recording, monitor->GetPreEventCount(), mVideoStreamId); - while ( ( queued_packet = packetqueue->popPacket() ) ) { + while ( (queued_packet = packetqueue->popPacket()) ) { AVPacket *avp = queued_packet->av_packet(); packet_count += 1; - //Write the packet to our video store + // Write the packet to our video store Debug(2, "Writing queued packet stream: %d KEY %d, remaining (%d)", - avp->stream_index, avp->flags & AV_PKT_FLAG_KEY, packetqueue->size()); + avp->stream_index, + avp->flags & AV_PKT_FLAG_KEY, + packetqueue->size()); if ( avp->stream_index == mVideoStreamId ) { ret = videoStore->writeVideoFramePacket(avp); have_video_keyframe = true; } else if ( avp->stream_index == mAudioStreamId ) { ret = videoStore->writeAudioFramePacket(avp); } else { - Warning("Unknown stream id in queued packet (%d)", avp->stream_index); + Warning("Unknown stream id in queued packet (%d)", + avp->stream_index); ret = -1; } if ( ret < 0 ) { // Less than zero and we skipped a frame } delete queued_packet; - } // end while packets in the packetqueue + } // end while packets in the packetqueue Debug(2, "Wrote %d queued packets", packet_count); } - } // end if ! was recording + } // end if ! was recording } else { // Not recording - + if ( videoStore ) { - Debug(1,"Deleting videoStore instance"); + Debug(1, "Deleting videoStore instance"); delete videoStore; videoStore = NULL; have_video_keyframe = false; monitor->SetVideoWriterEventId(0); } - } // end if recording or not + } // end if recording or not // Buffer video packets, since we are not recording. // All audio packets are keyframes, so only if it's a video keyframe if ( packet.stream_index == mVideoStreamId ) { if ( keyframe ) { Debug(3, "Clearing queue"); - if ( packetqueue->packet_count(mVideoStreamId) >= monitor->GetImageBufferCount() ) { - Warning("ImageBufferCount %d is too small. Needs to be at least %d. Either increase it or decrease time between keyframes", + if ( + packetqueue->packet_count(mVideoStreamId) + >= + monitor->GetImageBufferCount() + ) { + Warning( + "ImageBufferCount %d is too small. " + "Needs to be at least %d. " + "Either increase it or decrease time between keyframes", monitor->GetImageBufferCount(), - packetqueue->packet_count(mVideoStreamId)+1 - ); + packetqueue->packet_count(mVideoStreamId)+1); } packetqueue->clearQueue(monitor->GetPreEventCount(), mVideoStreamId); @@ -870,36 +887,29 @@ int FfmpegCamera::CaptureAndRecord( Image &image, timeval recording, char* event } else if ( packetqueue->size() ) { // it's a keyframe or we already have something in the queue packetqueue->queuePacket(&packet); - } + } } else if ( packet.stream_index == mAudioStreamId ) { - // The following lines should ensure that the queue always begins with a video keyframe -//Debug(2, "Have audio packet, reocrd_audio is (%d) and packetqueue.size is (%d)", record_audio, packetqueue.size() ); - if ( record_audio && packetqueue->size() ) { - // if it's audio, and we are doing audio, and there is already something in the queue + // Ensure that the queue always begins with a video keyframe + if ( record_audio && packetqueue->size() ) { packetqueue->queuePacket(&packet); } - } // end if packet type + } // end if packet type if ( packet.stream_index == mVideoStreamId ) { - // only do decode if we have had a keyframe, should save a few cycles. - if ( have_video_keyframe || keyframe ) { - - if ( videoStore ) { - //Write the packet to our video store - int ret = videoStore->writeVideoFramePacket(&packet); - if ( ret < 0 ) { //Less than zero and we skipped a frame - zm_av_packet_unref(&packet); - return 0; - } + if ( (have_video_keyframe || keyframe) && videoStore ) { + int ret = videoStore->writeVideoFramePacket(&packet); + if ( ret < 0 ) { + // Less than zero and we skipped a frame + Error("Unable to write video packet %d: %s", + frameCount, av_make_error_string(ret).c_str()); + } else { have_video_keyframe = true; } - } // end if keyframe or have_video_keyframe - - Debug(4, "about to decode video"); + } // end if keyframe or have_video_keyframe ret = zm_receive_frame(mVideoCodecContext, mRawFrame, packet); if ( ret < 0 ) { - Warning("Unable to receive frame %d: %s, continuing. error count is %d", + Warning("Unable to receive frame %d: %s. error count is %d", frameCount, av_make_error_string(ret).c_str(), error_count); error_count += 1; if ( error_count > 100 ) { @@ -909,10 +919,14 @@ int FfmpegCamera::CaptureAndRecord( Image &image, timeval recording, char* event zm_av_packet_unref(&packet); continue; } - if ( error_count > 0 ) error_count --; + if ( error_count > 0 ) error_count--; zm_dump_video_frame(mRawFrame); #if HAVE_LIBAVUTIL_HWCONTEXT_H - if ( (hw_pix_fmt != AV_PIX_FMT_NONE) && (mRawFrame->format == hw_pix_fmt) ) { + if ( + (hw_pix_fmt != AV_PIX_FMT_NONE) + && + (mRawFrame->format == hw_pix_fmt) + ) { /* retrieve data from GPU to CPU */ ret = av_hwframe_transfer_data(hwFrame, mRawFrame, 0); if ( ret < 0 ) { @@ -920,7 +934,7 @@ int FfmpegCamera::CaptureAndRecord( Image &image, timeval recording, char* event frameCount, av_make_error_string(ret).c_str()); zm_av_packet_unref(&packet); continue; - } + } zm_dump_video_frame(hwFrame, "After hwtransfer"); hwFrame->pts = mRawFrame->pts; @@ -940,23 +954,23 @@ int FfmpegCamera::CaptureAndRecord( Image &image, timeval recording, char* event frameComplete = 1; frameCount++; - } else if ( packet.stream_index == mAudioStreamId ) { //FIXME best way to copy all other streams + } else if ( packet.stream_index == mAudioStreamId ) { + // FIXME best way to copy all other streams frameComplete = 1; if ( videoStore ) { if ( record_audio ) { if ( have_video_keyframe ) { - Debug(3, "Recording audio packet streamindex(%d) packetstreamindex(%d)", - mAudioStreamId, packet.stream_index); - //Write the packet to our video store - //FIXME no relevance of last key frame - int ret = videoStore->writeAudioFramePacket(&packet); - if ( ret < 0 ) {//Less than zero and we skipped a frame - Warning("Failure to write audio packet."); - zm_av_packet_unref(&packet); - return 0; - } + // Write the packet to our video store + // FIXME no relevance of last key frame + int ret = videoStore->writeAudioFramePacket(&packet); + if ( ret < 0 ) { + // Less than zero and we skipped a frame + Warning("Failure to write audio packet."); + zm_av_packet_unref(&packet); + return 0; + } } else { - Debug(3, "Not recording audio yet because we don't have a video keyframe yet"); + Debug(3, "Not recording audio because no video keyframe"); } } else { Debug(4, "Not doing recording of audio packet"); @@ -970,20 +984,27 @@ int FfmpegCamera::CaptureAndRecord( Image &image, timeval recording, char* event #if LIBAVUTIL_VERSION_CHECK(56, 23, 0, 23, 0) Debug(3, "Some other stream index %d, %s", packet.stream_index, - av_get_media_type_string(mFormatContext->streams[packet.stream_index]->codecpar->codec_type) + av_get_media_type_string( + mFormatContext->streams[packet.stream_index]->codecpar->codec_type) ); #else Debug(3, "Some other stream index %d", packet.stream_index); #endif - } // end if is video or audio or something else - - // the packet contents are ref counted... when queuing, we allocate another packet and reference it with that one, so we should always need to unref here, which should not affect the queued version. - zm_av_packet_unref(&packet); - } // end while ! frameComplete - return frameCount; -} // end FfmpegCamera::CaptureAndRecord + } // end if is video or audio or something else -int FfmpegCamera::transfer_to_image(Image &image, AVFrame *output_frame, AVFrame *input_frame) { + // the packet contents are ref counted... when queuing, we allocate another + // packet and reference it with that one, so we should always need to unref + // here, which should not affect the queued version. + zm_av_packet_unref(&packet); + } // end while ! frameComplete + return frameCount; +} // end FfmpegCamera::CaptureAndRecord + +int FfmpegCamera::transfer_to_image( + Image &image, + AVFrame *output_frame, + AVFrame *input_frame + ) { uint8_t* directbuffer; /* Request a writeable buffer of the target image */ @@ -1010,33 +1031,36 @@ int FfmpegCamera::transfer_to_image(Image &image, AVFrame *output_frame, AVFrame NULL, NULL); if ( mConvertContext == NULL ) { Error("Unable to create conversion context for %s from %s to %s", - mPath.c_str(), - av_get_pix_fmt_name((AVPixelFormat)input_frame->format), - av_get_pix_fmt_name(imagePixFormat) - ); - return -1; + mPath.c_str(), + av_get_pix_fmt_name((AVPixelFormat)input_frame->format), + av_get_pix_fmt_name(imagePixFormat) + ); + return -1; } } - if ( sws_scale(mConvertContext, input_frame->data, input_frame->linesize, - 0, mVideoCodecContext->height, output_frame->data, output_frame->linesize) <= 0 ) { - Error("Unable to convert raw format %u to target format %u at frame %d codec %u ", + if ( sws_scale( + mConvertContext, input_frame->data, input_frame->linesize, + 0, mVideoCodecContext->height, + output_frame->data, output_frame->linesize) <= 0 ) { + Error("Unable to convert format %u to format %u at frame %d codec %u", input_frame->format, imagePixFormat, frameCount, mVideoCodecContext->pix_fmt ); return -1; } -#else // HAVE_LIBSWSCALE - Fatal("You must compile ffmpeg with the --enable-swscale option to use ffmpeg cameras"); -#endif // HAVE_LIBSWSCALE +#else // HAVE_LIBSWSCALE + Fatal("You must compile ffmpeg with the --enable-swscale " + "option to use ffmpeg cameras"); +#endif // HAVE_LIBSWSCALE return 0; -} // end int FfmpegCamera::transfer_to_image(Image &i, AVFrame *output_frame, AVFrame input_frame) +} // end int FfmpegCamera::transfer_to_image int FfmpegCamera::FfmpegInterruptCallback(void *ctx) { - //FfmpegCamera* camera = reinterpret_cast(ctx); - //Debug(4, "FfmpegInterruptCallback"); + // FfmpegCamera* camera = reinterpret_cast(ctx); + // Debug(4, "FfmpegInterruptCallback"); return zm_terminate; } -#endif // HAVE_LIBAVFORMAT +#endif // HAVE_LIBAVFORMAT From 4e8ac4706016ccf6fb383c252c9874afc6be5aac Mon Sep 17 00:00:00 2001 From: Isaac Connor Date: Tue, 2 Jul 2019 11:58:22 -0400 Subject: [PATCH 316/922] Use the video_first_pts to set the audio_first_pts --- src/zm_videostore.cpp | 21 +++++++++++++++++++-- 1 file changed, 19 insertions(+), 2 deletions(-) diff --git a/src/zm_videostore.cpp b/src/zm_videostore.cpp index 90ddcc4c3..da9ec6a9c 100644 --- a/src/zm_videostore.cpp +++ b/src/zm_videostore.cpp @@ -890,12 +890,20 @@ int VideoStore::writeVideoFramePacket(AVPacket *ipkt) { // Scale the PTS of the outgoing packet to be the correct time base if ( ipkt->pts != AV_NOPTS_VALUE ) { - // ffmpeg has a bug where it screws up the pts to massively negative. if ( (!video_first_pts) && (ipkt->pts >= 0) ) { // This is the first packet. opkt.pts = 0; Debug(2, "Starting video first_pts will become %" PRId64, ipkt->pts); video_first_pts = ipkt->pts; +#if 1 + // Since audio starts after the start of the video, need to set this here. + audio_first_pts = av_rescale_q( + ipkt->pts, + video_in_stream->time_base, + audio_in_stream->time_base + ); + Debug(2, "Starting audio first_pts will become %" PRId64, audio_first_pts); +#endif } else { opkt.pts = av_rescale_q( ipkt->pts - video_first_pts, @@ -923,6 +931,15 @@ int VideoStore::writeVideoFramePacket(AVPacket *ipkt) { opkt.dts = 0; Debug(1, "Starting video first_dts will become (%" PRId64 ")", ipkt->dts); video_first_dts = ipkt->dts; +#if 1 + // Since audio starts after the start of the video, need to set this here. + audio_first_dts = av_rescale_q( + ipkt->dts, + video_in_stream->time_base, + audio_in_stream->time_base + ); + Debug(2, "Starting audio first dts will become %" PRId64, audio_first_dts); +#endif } else { opkt.dts = av_rescale_q( ipkt->dts - video_first_dts, @@ -1092,7 +1109,7 @@ int VideoStore::writeAudioFramePacket(AVPacket *ipkt) { if ( !audio_first_pts ) { opkt.pts = 0; audio_first_pts = ipkt->pts; - Debug(1, "No video_first_pts"); + Debug(1, "No audio_first_pts"); } else { opkt.pts = av_rescale_q( ipkt->pts - audio_first_pts, From 5ea5bd9bdefd5293ce912923e85b592ba72d447c Mon Sep 17 00:00:00 2001 From: Isaac Connor Date: Tue, 2 Jul 2019 12:26:33 -0400 Subject: [PATCH 317/922] Only do audio_first_pts if we have audio_in_stream --- src/zm_videostore.cpp | 32 ++++++++++++++++++-------------- 1 file changed, 18 insertions(+), 14 deletions(-) diff --git a/src/zm_videostore.cpp b/src/zm_videostore.cpp index da9ec6a9c..bd4f47a2f 100644 --- a/src/zm_videostore.cpp +++ b/src/zm_videostore.cpp @@ -896,13 +896,15 @@ int VideoStore::writeVideoFramePacket(AVPacket *ipkt) { Debug(2, "Starting video first_pts will become %" PRId64, ipkt->pts); video_first_pts = ipkt->pts; #if 1 - // Since audio starts after the start of the video, need to set this here. - audio_first_pts = av_rescale_q( - ipkt->pts, - video_in_stream->time_base, - audio_in_stream->time_base - ); - Debug(2, "Starting audio first_pts will become %" PRId64, audio_first_pts); + if ( audio_in_stream ) { + // Since audio starts after the start of the video, need to set this here. + audio_first_pts = av_rescale_q( + ipkt->pts, + video_in_stream->time_base, + audio_in_stream->time_base + ); + Debug(2, "Starting audio first_pts will become %" PRId64, audio_first_pts); + } #endif } else { opkt.pts = av_rescale_q( @@ -932,13 +934,15 @@ int VideoStore::writeVideoFramePacket(AVPacket *ipkt) { Debug(1, "Starting video first_dts will become (%" PRId64 ")", ipkt->dts); video_first_dts = ipkt->dts; #if 1 - // Since audio starts after the start of the video, need to set this here. - audio_first_dts = av_rescale_q( - ipkt->dts, - video_in_stream->time_base, - audio_in_stream->time_base - ); - Debug(2, "Starting audio first dts will become %" PRId64, audio_first_dts); + if ( audio_in_stream ) { + // Since audio starts after the start of the video, need to set this here. + audio_first_dts = av_rescale_q( + ipkt->dts, + video_in_stream->time_base, + audio_in_stream->time_base + ); + Debug(2, "Starting audio first dts will become %" PRId64, audio_first_dts); + } #endif } else { opkt.dts = av_rescale_q( From a9579484b8700af47fd7dd9f0a1e55d6770b993f Mon Sep 17 00:00:00 2001 From: Isaac Connor Date: Wed, 3 Jul 2019 09:49:53 -0400 Subject: [PATCH 318/922] gracefully handle failure to config hw pix fmt and debug a bit more --- src/zm_ffmpeg_camera.cpp | 42 +++++++++++++++++++++++++--------------- 1 file changed, 26 insertions(+), 16 deletions(-) diff --git a/src/zm_ffmpeg_camera.cpp b/src/zm_ffmpeg_camera.cpp index 9cf2d93ef..3399e4e80 100644 --- a/src/zm_ffmpeg_camera.cpp +++ b/src/zm_ffmpeg_camera.cpp @@ -455,36 +455,46 @@ int FfmpegCamera::OpenFfmpeg() { if ( !config ) { Debug(1, "Decoder %s does not support device type %s.", mVideoCodec->name, av_hwdevice_get_type_name(type)); - return -1; + break; } if ( (config->methods & AV_CODEC_HW_CONFIG_METHOD_HW_DEVICE_CTX) && (config->device_type == type) ) { hw_pix_fmt = config->pix_fmt; break; + } else { + Debug(1, "decoder %s hwConfig doesn't match our type: %s, pix_fmt %s.", + mVideoCodec->name, + av_hwdevice_get_type_name(config-device_type), + av_get_pix_fmt_name(config->pix_fmt); + ); } } // end foreach hwconfig #else hw_pix_fmt = find_fmt_by_hw_type(type); #endif -Debug(1, "Selected gw_pix_fmt %d %s", - hw_pix_fmt, - av_get_pix_fmt_name(hw_pix_fmt)); + if ( hw_pix_fmt != AV_PIX_FMT_NONE ) { + Debug(1, "Selected gw_pix_fmt %d %s", + hw_pix_fmt, + av_get_pix_fmt_name(hw_pix_fmt)); - mVideoCodecContext->get_format = get_hw_format; + mVideoCodecContext->get_format = get_hw_format; - Debug(1, "Creating hwdevice for %s", - (hwaccel_device != "" ? hwaccel_device.c_str() : "")); - ret = av_hwdevice_ctx_create(&hw_device_ctx, type, - (hwaccel_device != "" ? hwaccel_device.c_str(): NULL), NULL, 0); - if ( ret < 0 ) { - Error("Failed to create specified HW device."); - return -1; + Debug(1, "Creating hwdevice for %s", + (hwaccel_device != "" ? hwaccel_device.c_str() : "")); + ret = av_hwdevice_ctx_create(&hw_device_ctx, type, + (hwaccel_device != "" ? hwaccel_device.c_str(): NULL), NULL, 0); + if ( ret < 0 ) { + Error("Failed to create specified HW device."); + return -1; + } + Debug(1, "Created hwdevice"); + mVideoCodecContext->hw_device_ctx = av_buffer_ref(hw_device_ctx); + hwaccel = true; + hwFrame = zm_av_frame_alloc(); + } else { + Debug(1, "Failed to setup hwaccel."); } - Debug(1, "Created hwdevice"); - mVideoCodecContext->hw_device_ctx = av_buffer_ref(hw_device_ctx); - hwaccel = true; - hwFrame = zm_av_frame_alloc(); #else Warning("HWAccel support not compiled in."); #endif From 2470c09b20f82b05aa0515da1b0e5c44bef32523 Mon Sep 17 00:00:00 2001 From: Isaac Connor Date: Wed, 3 Jul 2019 17:19:10 -0400 Subject: [PATCH 319/922] Honour thumbnail width when bringing up frames popup for frames and alarm frames --- web/skins/classic/views/events.php | 8 ++++++-- 1 file changed, 6 insertions(+), 2 deletions(-) diff --git a/web/skins/classic/views/events.php b/web/skins/classic/views/events.php index 703e67153..fc692169b 100644 --- a/web/skins/classic/views/events.php +++ b/web/skins/classic/views/events.php @@ -215,8 +215,12 @@ while ( $event_row = dbFetchNext($results) ) { ( $event->EndTime() ? ' until ' . strftime(STRF_FMT_DATETIME_SHORTER, strtotime($event->EndTime()) ) : '' ) ?>
- - + + From 5b896b5e5ca57fe9780e852d570a31c7a5b2ecfb Mon Sep 17 00:00:00 2001 From: Isaac Connor Date: Mon, 8 Jul 2019 14:16:57 -0400 Subject: [PATCH 330/922] Replace password('admin') with the resulting string because use of password is deprecated --- db/zm_create.sql.in | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/db/zm_create.sql.in b/db/zm_create.sql.in index 261a4368c..d1952f66a 100644 --- a/db/zm_create.sql.in +++ b/db/zm_create.sql.in @@ -749,7 +749,7 @@ insert into Storage VALUES (NULL, '@ZM_DIR_EVENTS@', 'Default', 'local', NULL, N -- -- Create a default admin user. -- -insert into Users VALUES (NULL,'admin',password('admin'),'',1,'View','Edit','Edit','Edit','Edit','Edit','Edit','','',0,1); +insert into Users VALUES (NULL,'admin','$2b$12$NHZsm6AM2f2LQVROriz79ul3D6DnmFiZC.ZK5eqbF.ZWfwH9bqUJ6','',1,'View','Edit','Edit','Edit','Edit','Edit','Edit','','',0,1); -- -- Add a sample filter to purge the oldest 100 events when the disk is 95% full From df8c46f0f0a26ae8b7a574533d6822835b9e9230 Mon Sep 17 00:00:00 2001 From: Isaac Connor Date: Mon, 8 Jul 2019 14:22:46 -0400 Subject: [PATCH 331/922] Fix #2657 --- web/skins/classic/views/report_event_audit.php | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/web/skins/classic/views/report_event_audit.php b/web/skins/classic/views/report_event_audit.php index b378dc43d..f3f508623 100644 --- a/web/skins/classic/views/report_event_audit.php +++ b/web/skins/classic/views/report_event_audit.php @@ -218,7 +218,7 @@ for( $monitor_i = 0; $monitor_i < count($displayMonitors); $monitor_i += 1 ) { '.count($FileMissing).'' : '0' ?> Date: Mon, 8 Jul 2019 14:27:49 -0400 Subject: [PATCH 332/922] Fix #2655 --- web/includes/Event.php | 6 ++++++ 1 file changed, 6 insertions(+) diff --git a/web/includes/Event.php b/web/includes/Event.php index 07460a7ec..1b996a839 100644 --- a/web/includes/Event.php +++ b/web/includes/Event.php @@ -580,6 +580,9 @@ class Event { if ( file_exists( $this->Path().'/'.$this->DefaultVideo() ) ) { return true; } + if ( !defined('ZM_SERVER_ID') ) { + return false; + } $Storage= $this->Storage(); $Server = $Storage->ServerId() ? $Storage->Server() : $this->Monitor()->Server(); if ( $Server->Id() != ZM_SERVER_ID ) { @@ -624,6 +627,9 @@ class Event { if ( file_exists($this->Path().'/'.$this->DefaultVideo()) ) { return filesize($this->Path().'/'.$this->DefaultVideo()); } + if ( !defined('ZM_SERVER_ID') ) { + return false; + } $Storage= $this->Storage(); $Server = $Storage->ServerId() ? $Storage->Server() : $this->Monitor()->Server(); if ( $Server->Id() != ZM_SERVER_ID ) { From 288f2f3e8f1f91bfaec70c6597d4d0c06d078fae Mon Sep 17 00:00:00 2001 From: Isaac Connor Date: Thu, 11 Jul 2019 17:56:22 -0400 Subject: [PATCH 333/922] Convert zm_dump_frame from a function to a define, this way we get line #'s from where we call zm_dump_frame instead of from the line in zm_ffmpeg where the function was. --- src/zm_ffmpeg.cpp | 19 ------------------- src/zm_ffmpeg.h | 31 ++++++++++++++++++++++++++++++- 2 files changed, 30 insertions(+), 20 deletions(-) diff --git a/src/zm_ffmpeg.cpp b/src/zm_ffmpeg.cpp index 4ee6e6707..2ea1142bf 100644 --- a/src/zm_ffmpeg.cpp +++ b/src/zm_ffmpeg.cpp @@ -298,25 +298,6 @@ void zm_dump_video_frame(const AVFrame *frame, const char *text) { frame->pts ); } -void zm_dump_frame(const AVFrame *frame,const char *text) { - Debug(1, "%s: format %d %s sample_rate %" PRIu32 " nb_samples %d channels %d" - " duration %" PRId64 - " layout %d pts %" PRId64, - text, - frame->format, - av_get_sample_fmt_name((AVSampleFormat)frame->format), - frame->sample_rate, - frame->nb_samples, -#if LIBAVCODEC_VERSION_CHECK(56, 8, 0, 60, 100) - frame->channels, - frame->pkt_duration, -#else -0, 0, -#endif - frame->channel_layout, - frame->pts - ); -} #if LIBAVCODEC_VERSION_CHECK(57, 64, 0, 64, 0) void zm_dump_codecpar ( const AVCodecParameters *par ) { diff --git a/src/zm_ffmpeg.h b/src/zm_ffmpeg.h index 18e018e26..7618a461b 100644 --- a/src/zm_ffmpeg.h +++ b/src/zm_ffmpeg.h @@ -299,7 +299,36 @@ void zm_dump_codec(const AVCodecContext *codec); #if LIBAVCODEC_VERSION_CHECK(57, 64, 0, 64, 0) void zm_dump_codecpar(const AVCodecParameters *par); #endif -void zm_dump_frame(const AVFrame *frame, const char *text="Frame"); +#if LIBAVCODEC_VERSION_CHECK(56, 8, 0, 60, 100) +#define zm_dump_frame(frame, text) Debug(1, "%s: format %d %s sample_rate %" PRIu32 " nb_samples %d channels %d" \ + " duration %" PRId64 \ + " layout %d pts %" PRId64,\ + text, \ + frame->format, \ + av_get_sample_fmt_name((AVSampleFormat)frame->format), \ + frame->sample_rate, \ + frame->nb_samples, \ + frame->channels, \ + frame->pkt_duration, \ + frame->channel_layout, \ + frame->pts \ + ); +#else +#define zm_dump_frame(frame, text) Debug(1, "%s: format %d %s sample_rate %" PRIu32 " nb_samples %d channels %d" \ + " duration %" PRId64 \ + " layout %d pts %" PRId64, \ + text, \ + frame->format, \ + av_get_sample_fmt_name((AVSampleFormat)frame->format), \ + frame->sample_rate, \ + frame->nb_samples, \ + 0, 0, \ + frame->channel_layout, \ + frame->pts \ + ); + +#endif + void zm_dump_video_frame(const AVFrame *frame, const char *text="Frame"); #if LIBAVCODEC_VERSION_CHECK(56, 8, 0, 60, 100) From 13c91bdf606568ae4b3ad1887c528c19c00329a9 Mon Sep 17 00:00:00 2001 From: Isaac Connor Date: Thu, 11 Jul 2019 17:56:53 -0400 Subject: [PATCH 334/922] Add pts adjustment to the delayed flushed encoder packets --- src/zm_videostore.cpp | 74 +++++++++++++++++++++++++++++-------------- 1 file changed, 50 insertions(+), 24 deletions(-) diff --git a/src/zm_videostore.cpp b/src/zm_videostore.cpp index 5ffec165b..355578ffc 100644 --- a/src/zm_videostore.cpp +++ b/src/zm_videostore.cpp @@ -476,7 +476,51 @@ VideoStore::~VideoStore() { break; } #endif + + // Need to adjust pts and dts and duration + pkt.stream_index = audio_out_stream->index; + + pkt.duration = av_rescale_q( + pkt.duration, + audio_out_ctx->time_base, + audio_out_stream->time_base); + // Scale the PTS of the outgoing packet to be the correct time base + if ( pkt.pts != AV_NOPTS_VALUE ) { + pkt.pts = av_rescale_q( + pkt.pts, + audio_out_ctx->time_base, + audio_in_stream->time_base); + // audio_first_pts is in audio_in_stream time base + pkt.pts -= audio_first_pts; + pkt.pts = av_rescale_q( + pkt.pts, + audio_in_stream->time_base, + audio_out_stream->time_base); + + Debug(2, "audio pkt.pts = %" PRId64 " from first_pts(%" PRId64 ")", + pkt.pts, audio_first_pts); + } else { + Debug(2, "pkt.pts = undef"); + pkt.pts = AV_NOPTS_VALUE; + } + + if ( pkt.dts != AV_NOPTS_VALUE ) { + pkt.dts = av_rescale_q( + pkt.dts, + audio_out_ctx->time_base, + audio_in_stream->time_base); + pkt.dts -= audio_first_dts; + pkt.dts = av_rescale_q( + pkt.dts, + audio_in_ctx->time_base, + audio_out_stream->time_base); + Debug(2, "pkt.dts = %" PRId64 " - first_dts(%" PRId64 ")", + pkt.dts, audio_first_dts); + } else { + pkt.dts = AV_NOPTS_VALUE; + } + dumpPacket(audio_out_stream, &pkt, "writing flushed packet"); av_interleaved_write_frame(oc, &pkt); zm_av_packet_unref(&pkt); @@ -1196,28 +1240,9 @@ int VideoStore::resample_audio() { av_make_error_string(ret).c_str()); return 0; } - zm_dump_frame(out_frame, "Out frame after convert"); - -#if 0 - // out_frame pts is in the input pkt pts... needs to be adjusted before sending to the encoder - if ( out_frame->pts != AV_NOPTS_VALUE ) { - if ( !video_first_pts ) { - video_first_pts = out_frame->pts; - Debug(1, "No video_first_pts setting to %" PRId64, video_first_pts); - out_frame->pts = 0; - } else { - out_frame->pts = out_frame->pts - video_first_pts; - } - // - } else { - // sending AV_NOPTS_VALUE doesn't really work but we seem to get it in ffmpeg 2.8 - out_frame->pts = audio_next_pts; - } - audio_next_pts = out_frame->pts + out_frame->nb_samples; -#endif - - if ((ret = av_audio_fifo_realloc(fifo, av_audio_fifo_size(fifo) + out_frame->nb_samples)) < 0) { + ret = av_audio_fifo_realloc(fifo, av_audio_fifo_size(fifo) + out_frame->nb_samples); + if ( ret < 0 ) { Error("Could not reallocate FIFO"); return 0; } @@ -1232,7 +1257,7 @@ int VideoStore::resample_audio() { // Reset frame_size to output_frame_size int frame_size = audio_out_ctx->frame_size; - // AAC requires 1024 samples per encode. Our input tends to be 160, so need to buffer them. + // AAC requires 1024 samples per encode. Our input tends to be something else, so need to buffer them. if ( frame_size > av_audio_fifo_size(fifo) ) { return 0; } @@ -1245,10 +1270,11 @@ int VideoStore::resample_audio() { // resampling changes the duration because the timebase is 1/samples // I think we should be dealing in codec timebases not stream if ( in_frame->pts != AV_NOPTS_VALUE ) { + // pkt_duration is in avstream timebase units out_frame->pkt_duration = av_rescale_q( in_frame->pkt_duration, - audio_in_ctx->time_base, - audio_out_ctx->time_base); + audio_in_stream->time_base, + audio_out_stream->time_base); out_frame->pts = av_rescale_q( in_frame->pts, audio_in_ctx->time_base, From 05be9008c76553cee28be56927c5250ad8f0b87d Mon Sep 17 00:00:00 2001 From: Isaac Connor Date: Thu, 11 Jul 2019 17:57:11 -0400 Subject: [PATCH 335/922] use FFMPEGInit to initialise ffmpeg instead of doing it ourselves --- src/zm_ffmpeg_input.cpp | 3 +-- 1 file changed, 1 insertion(+), 2 deletions(-) diff --git a/src/zm_ffmpeg_input.cpp b/src/zm_ffmpeg_input.cpp index 5cca6b35b..03d89348d 100644 --- a/src/zm_ffmpeg_input.cpp +++ b/src/zm_ffmpeg_input.cpp @@ -7,8 +7,7 @@ FFmpeg_Input::FFmpeg_Input() { input_format_context = NULL; video_stream_id = -1; audio_stream_id = -1; - av_register_all(); - avcodec_register_all(); + FFMPEGInit(); streams = NULL; frame = NULL; } From 52e7cde66d3802fd46d5afc611768444ab44e913 Mon Sep 17 00:00:00 2001 From: Isaac Connor Date: Thu, 11 Jul 2019 19:04:51 -0400 Subject: [PATCH 336/922] If Email has EIMOD, not only attach the image if it exists, but replace %EIMOD% with the link to it --- scripts/zmfilter.pl.in | 1 + 1 file changed, 1 insertion(+) diff --git a/scripts/zmfilter.pl.in b/scripts/zmfilter.pl.in index 6527742c8..b572d40fa 100644 --- a/scripts/zmfilter.pl.in +++ b/scripts/zmfilter.pl.in @@ -728,6 +728,7 @@ sub substituteTags { } if ( $text =~ s/%EIMOD%//g ) { + $text =~ s/%EIMOD%/$url?view=frame&mid=$Event->{MonitorId}&eid=$Event->{Id}&fid=objdetect/g; my $path = $Event->Path().'/objdetect.jpg'; if ( -e $path ) { push @$attachments_ref, { type=>'image/jpeg', path=>$path }; From 67168a23870ea1e9749640ec6b30f8fc6aea963e Mon Sep 17 00:00:00 2001 From: Pliable Pixels Date: Fri, 12 Jul 2019 14:31:39 -0400 Subject: [PATCH 337/922] demote token log (#2663) --- src/zm_user.cpp | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/src/zm_user.cpp b/src/zm_user.cpp index 35f25f7c9..0c8142374 100644 --- a/src/zm_user.cpp +++ b/src/zm_user.cpp @@ -193,7 +193,7 @@ User *zmLoadTokenUser (std::string jwt_token_str, bool use_remote_addr ) { } Debug (1,"Got stored expiry time of %u",stored_iat); - Info ("Authenticated user '%s' via token", username.c_str()); + Debug (1,"Authenticated user '%s' via token", username.c_str()); mysql_free_result(result); return user; From ef9fe2dbd62b68ec190e9882c11ec2a0e3b43214 Mon Sep 17 00:00:00 2001 From: Isaac Connor Date: Wed, 17 Jul 2019 10:06:30 -0400 Subject: [PATCH 338/922] Free up hwFrame, preventing memleak --- src/zm_ffmpeg_camera.cpp | 11 +++++++++++ 1 file changed, 11 insertions(+) diff --git a/src/zm_ffmpeg_camera.cpp b/src/zm_ffmpeg_camera.cpp index b96142aab..87b53c1d6 100644 --- a/src/zm_ffmpeg_camera.cpp +++ b/src/zm_ffmpeg_camera.cpp @@ -137,6 +137,7 @@ FfmpegCamera::FfmpegCamera( hwaccel = false; hwFrame = NULL; + hw_device_ctx = NULL; mFormatContext = NULL; mVideoStreamId = -1; @@ -648,6 +649,10 @@ int FfmpegCamera::Close() { av_frame_free(&mRawFrame); mRawFrame = NULL; } + if ( hwFrame ) { + av_frame_free(&hwFrame); + hwFrame = NULL; + } #if HAVE_LIBSWSCALE if ( mConvertContext ) { @@ -675,6 +680,12 @@ int FfmpegCamera::Close() { #endif mAudioCodecContext = NULL; // Freed by av_close_input_file } +#if 0 + if ( hw_device_ctx ) { + hwdevice_ctx_free + } +#endif + if ( mFormatContext ) { #if !LIBAVFORMAT_VERSION_CHECK(53, 17, 0, 25, 0) From 75af3972239f746ffca58ea185e47e341e68083f Mon Sep 17 00:00:00 2001 From: Isaac Connor Date: Wed, 17 Jul 2019 20:33:23 -0400 Subject: [PATCH 339/922] hwFrame isn't defined unless we have HWCONTEXT_H --- src/zm_ffmpeg_camera.cpp | 2 ++ 1 file changed, 2 insertions(+) diff --git a/src/zm_ffmpeg_camera.cpp b/src/zm_ffmpeg_camera.cpp index 87b53c1d6..d5a02ddb7 100644 --- a/src/zm_ffmpeg_camera.cpp +++ b/src/zm_ffmpeg_camera.cpp @@ -649,10 +649,12 @@ int FfmpegCamera::Close() { av_frame_free(&mRawFrame); mRawFrame = NULL; } +#if HAVE_LIBAVUTIL_HWCONTEXT_H if ( hwFrame ) { av_frame_free(&hwFrame); hwFrame = NULL; } +#endif #if HAVE_LIBSWSCALE if ( mConvertContext ) { From 2b7610a5acf1588c54affbda7bf8364b3dbf45d5 Mon Sep 17 00:00:00 2001 From: Pliable Pixels Date: Wed, 17 Jul 2019 20:37:27 -0400 Subject: [PATCH 340/922] fixed ffmpeg log association to zm log levels (#2664) --- src/zm_ffmpeg.cpp | 12 ++++++------ 1 file changed, 6 insertions(+), 6 deletions(-) diff --git a/src/zm_ffmpeg.cpp b/src/zm_ffmpeg.cpp index 2ea1142bf..1df9b7718 100644 --- a/src/zm_ffmpeg.cpp +++ b/src/zm_ffmpeg.cpp @@ -73,14 +73,14 @@ static bool bInit = false; void FFMPEGInit() { if ( !bInit ) { - if ( logDebugging() ) + if ( logDebugging() && config.log_ffmpeg ) { av_log_set_level( AV_LOG_DEBUG ); - else + av_log_set_callback(log_libav_callback); + Info("Enabling ffmpeg logs, as LOG_DEBUG+LOG_FFMPEG are enabled in options"); + } else { + Info("Not enabling ffmpeg logs, as LOG_FFMPEG and/or LOG_DEBUG is disabled in options, or this monitor not part of your debug targets"); av_log_set_level( AV_LOG_QUIET ); - if ( config.log_ffmpeg ) - av_log_set_callback(log_libav_callback); - else - Info("Not enabling ffmpeg logs, as LOG_FFMPEG is disabled in options"); + } #if LIBAVFORMAT_VERSION_CHECK(58, 9, 0, 64, 0) #else av_register_all(); From a9d01ba3d2035fd2032fcc2311025c19f3a90685 Mon Sep 17 00:00:00 2001 From: Pliable Pixels Date: Wed, 17 Jul 2019 20:38:58 -0400 Subject: [PATCH 341/922] Alarm api (#2665) * fixed alarm api to use tokens if present * clearer debug logs for tokens * space --- src/zm_user.cpp | 5 +++-- web/api/app/Controller/MonitorsController.php | 7 ++++++- 2 files changed, 9 insertions(+), 3 deletions(-) diff --git a/src/zm_user.cpp b/src/zm_user.cpp index 0c8142374..b873b8547 100644 --- a/src/zm_user.cpp +++ b/src/zm_user.cpp @@ -157,6 +157,7 @@ User *zmLoadTokenUser (std::string jwt_token_str, bool use_remote_addr ) { std::pair ans = verifyToken(jwt_token_str, key); std::string username = ans.first; unsigned int iat = ans.second; + Debug (1,"retrieved user '%s' from token", username.c_str()); if (username != "") { char sql[ZM_SQL_MED_BUFSIZ] = ""; @@ -178,7 +179,7 @@ User *zmLoadTokenUser (std::string jwt_token_str, bool use_remote_addr ) { if ( n_users != 1 ) { mysql_free_result(result); - Error("Unable to authenticate user %s", username.c_str()); + Error("Unable to authenticate user '%s'", username.c_str()); return NULL; } @@ -188,7 +189,7 @@ User *zmLoadTokenUser (std::string jwt_token_str, bool use_remote_addr ) { if (stored_iat > iat ) { // admin revoked tokens mysql_free_result(result); - Error("Token was revoked for %s", username.c_str()); + Error("Token was revoked for '%s'", username.c_str()); return NULL; } diff --git a/web/api/app/Controller/MonitorsController.php b/web/api/app/Controller/MonitorsController.php index f83aecf97..0686232df 100644 --- a/web/api/app/Controller/MonitorsController.php +++ b/web/api/app/Controller/MonitorsController.php @@ -254,6 +254,7 @@ class MonitorsController extends AppController { throw new BadRequestException(__('Invalid command')); } $zm_path_bin = Configure::read('ZM_PATH_BIN'); + $mToken = $this->request->query('token') ? $this->request->query('token') : null; switch ($cmd) { case 'on': @@ -281,8 +282,12 @@ class MonitorsController extends AppController { $zmAuthRelay = $config['Config']['Value']; $auth = ''; + if ( $zmOptAuth ) { - if ( $zmAuthRelay == 'hashed' ) { + if ($mToken) { + $auth = ' -T '.$mToken; + } + elseif ( $zmAuthRelay == 'hashed' ) { $options = array('conditions' => array('Config.' . $this->Config->primaryKey => 'ZM_AUTH_HASH_SECRET')); $config = $this->Config->find('first', $options); $zmAuthHashSecret = $config['Config']['Value']; From 542d88b6a4abf4955e2540615d07a97adb2198d6 Mon Sep 17 00:00:00 2001 From: Isaac Connor Date: Wed, 17 Jul 2019 21:10:24 -0400 Subject: [PATCH 342/922] fix compile without HWCONTEXT --- src/zm_ffmpeg_camera.cpp | 4 ++-- 1 file changed, 2 insertions(+), 2 deletions(-) diff --git a/src/zm_ffmpeg_camera.cpp b/src/zm_ffmpeg_camera.cpp index d5a02ddb7..f0f6a3b1d 100644 --- a/src/zm_ffmpeg_camera.cpp +++ b/src/zm_ffmpeg_camera.cpp @@ -136,8 +136,6 @@ FfmpegCamera::FfmpegCamera( } hwaccel = false; - hwFrame = NULL; - hw_device_ctx = NULL; mFormatContext = NULL; mVideoStreamId = -1; @@ -155,6 +153,8 @@ FfmpegCamera::FfmpegCamera( packetqueue = NULL; error_count = 0; #if HAVE_LIBAVUTIL_HWCONTEXT_H + hwFrame = NULL; + hw_device_ctx = NULL; hw_pix_fmt = AV_PIX_FMT_NONE; #endif From f3166663a5eb0a224e46f7a638c295f8f591da53 Mon Sep 17 00:00:00 2001 From: Isaac Connor Date: Fri, 19 Jul 2019 12:51:31 -0400 Subject: [PATCH 343/922] unref hw_device_ctx on Close. I think this should release all the other hwaccel related stuff --- src/zm_ffmpeg_camera.cpp | 6 +++--- 1 file changed, 3 insertions(+), 3 deletions(-) diff --git a/src/zm_ffmpeg_camera.cpp b/src/zm_ffmpeg_camera.cpp index f0f6a3b1d..8c61dfcff 100644 --- a/src/zm_ffmpeg_camera.cpp +++ b/src/zm_ffmpeg_camera.cpp @@ -682,13 +682,13 @@ int FfmpegCamera::Close() { #endif mAudioCodecContext = NULL; // Freed by av_close_input_file } -#if 0 + +#if HAVE_LIBAVUTIL_HWCONTEXT_H if ( hw_device_ctx ) { - hwdevice_ctx_free + av_buffer_unref(&hw_device_ctx); } #endif - if ( mFormatContext ) { #if !LIBAVFORMAT_VERSION_CHECK(53, 17, 0, 25, 0) av_close_input_file(mFormatContext); From 9a31f8792cdf546e588f8af9ef6f809699dd4066 Mon Sep 17 00:00:00 2001 From: Isaac Connor Date: Fri, 19 Jul 2019 13:55:35 -0400 Subject: [PATCH 344/922] return proper error codes when failed auth or fail permissions --- src/zms.cpp | 28 +++++++++++++++------------- 1 file changed, 15 insertions(+), 13 deletions(-) diff --git a/src/zms.cpp b/src/zms.cpp index 5e6e4c2d6..c78dba1d2 100644 --- a/src/zms.cpp +++ b/src/zms.cpp @@ -43,9 +43,8 @@ bool ValidateAccess( User *user, int mon_id ) { allowed = false; } if ( !allowed ) { - Error( "Error, insufficient privileges for requested action user %d %s for monitor %d", - user->Id(), user->getUsername(), mon_id ); - exit( -1 ); + Error("Error, insufficient privileges for requested action user %d %s for monitor %d", + user->Id(), user->getUsername(), mon_id); } return allowed; } @@ -164,8 +163,7 @@ int main( int argc, const char *argv[] ) { strncpy( auth, value, sizeof(auth)-1 ); } else if ( !strcmp( name, "token" ) ) { jwt_token_str = value; - Debug(1,"ZMS: JWT token found: %s", jwt_token_str.c_str()); - + Debug(1, "ZMS: JWT token found: %s", jwt_token_str.c_str()); } else if ( !strcmp( name, "user" ) ) { username = UriDecode( value ); } else if ( !strcmp( name, "pass" ) ) { @@ -184,17 +182,15 @@ int main( int argc, const char *argv[] ) { } else { snprintf(log_id_string, sizeof(log_id_string), "zms_e%" PRIu64, event_id); } - logInit( log_id_string ); + logInit(log_id_string); if ( config.opt_use_auth ) { User *user = 0; - if (jwt_token_str != "") { + if ( jwt_token_str != "" ) { //user = zmLoadTokenUser(jwt_token_str, config.auth_hash_ips); user = zmLoadTokenUser(jwt_token_str, false); - - } - else if ( strcmp(config.auth_relay, "none") == 0 ) { + } else if ( strcmp(config.auth_relay, "none") == 0 ) { if ( checkUser(username.c_str()) ) { user = zmLoadUser(username.c_str()); } else { @@ -216,21 +212,27 @@ int main( int argc, const char *argv[] ) { } } if ( !user ) { + fprintf(stdout, "HTTP/1.0 401 Unauthorized\r\n"); Error("Unable to authenticate user"); logTerm(); zmDbClose(); return -1; } - ValidateAccess(user, monitor_id); + if ( !ValidateAccess(user, monitor_id) ) { + fprintf(stdout, "HTTP/1.0 403 Forbidden\r\n"); + logTerm(); + zmDbClose(); + return -1; + } } // end if config.opt_use_auth hwcaps_detect(); zmSetDefaultTermHandler(); zmSetDefaultDieHandler(); - setbuf( stdout, 0 ); + setbuf(stdout, 0); if ( nph ) { - fprintf( stdout, "HTTP/1.0 200 OK\r\n" ); + fprintf(stdout, "HTTP/1.0 200 OK\r\n"); } fprintf( stdout, "Server: ZoneMinder Video Server/%s\r\n", ZM_VERSION ); From 1e0c39c632e390c2d49ea965dc7f41176f0c27f0 Mon Sep 17 00:00:00 2001 From: Isaac Connor Date: Fri, 19 Jul 2019 16:28:18 -0400 Subject: [PATCH 345/922] mostly spacing cleanups. Don't bother setting pkt_duration on resampled frame --- src/zm_videostore.cpp | 27 +++++++++++---------------- 1 file changed, 11 insertions(+), 16 deletions(-) diff --git a/src/zm_videostore.cpp b/src/zm_videostore.cpp index 355578ffc..563c06be8 100644 --- a/src/zm_videostore.cpp +++ b/src/zm_videostore.cpp @@ -308,7 +308,6 @@ VideoStore::VideoStore( #if LIBAVCODEC_VERSION_CHECK(57, 64, 0, 64, 0) audio_out_stream = avformat_new_stream(oc, NULL); - audio_out_stream->time_base = audio_in_stream->time_base; audio_out_ctx = avcodec_alloc_context3(audio_out_codec); if ( !audio_out_ctx ) { Error("could not allocate codec ctx for AAC"); @@ -1061,8 +1060,8 @@ int VideoStore::writeAudioFramePacket(AVPacket *ipkt) { dumpPacket(audio_in_stream, ipkt, "input packet"); if ( audio_out_codec ) { - Debug(2, "Have output codec"); if ( ( ret = zm_receive_frame(audio_in_ctx, in_frame, *ipkt) ) < 0 ) { + Debug(3, "Not ready to receive frame"); return 0; } @@ -1100,10 +1099,11 @@ int VideoStore::writeAudioFramePacket(AVPacket *ipkt) { } dumpPacket(audio_out_stream, &opkt, "raw opkt"); - opkt.duration = av_rescale_q( - opkt.duration, - audio_out_ctx->time_base, - audio_out_stream->time_base); + + opkt.duration = av_rescale_q( + opkt.duration, + audio_out_ctx->time_base, + audio_out_stream->time_base); // Scale the PTS of the outgoing packet to be the correct time base if ( ipkt->pts != AV_NOPTS_VALUE ) { if ( !audio_first_pts ) { @@ -1116,8 +1116,8 @@ int VideoStore::writeAudioFramePacket(AVPacket *ipkt) { audio_out_ctx->time_base, audio_out_stream->time_base); opkt.pts -= audio_first_pts; - Debug(2, "audio opkt.pts = %" PRId64 " from ipkt->pts(%" PRId64 ") - first_pts(%" PRId64 ")", - opkt.pts, ipkt->pts, audio_first_pts); + Debug(2, "audio opkt.pts = %" PRId64 " from first_pts %" PRId64, + opkt.pts, audio_first_pts); } } else { Debug(2, "opkt.pts = undef"); @@ -1134,8 +1134,8 @@ int VideoStore::writeAudioFramePacket(AVPacket *ipkt) { audio_out_ctx->time_base, audio_out_stream->time_base); opkt.dts -= audio_first_dts; - Debug(2, "opkt.dts = %" PRId64 " from ipkt.dts(%" PRId64 ") - first_dts(%" PRId64 ")", - opkt.dts, ipkt->dts, audio_first_dts); + Debug(2, "opkt.dts = %" PRId64 " from first_dts %" PRId64, + opkt.dts, audio_first_dts); } audio_last_dts = opkt.dts; } else { @@ -1270,17 +1270,12 @@ int VideoStore::resample_audio() { // resampling changes the duration because the timebase is 1/samples // I think we should be dealing in codec timebases not stream if ( in_frame->pts != AV_NOPTS_VALUE ) { - // pkt_duration is in avstream timebase units - out_frame->pkt_duration = av_rescale_q( - in_frame->pkt_duration, - audio_in_stream->time_base, - audio_out_stream->time_base); out_frame->pts = av_rescale_q( in_frame->pts, audio_in_ctx->time_base, audio_out_ctx->time_base); - zm_dump_frame(out_frame, "Out frame after timestamp conversion"); } + zm_dump_frame(out_frame, "Out frame after timestamp conversion"); #else #if defined(HAVE_LIBAVRESAMPLE) ret = avresample_convert(resample_ctx, NULL, 0, 0, in_frame->data, From fe71a9abaa97af6d005a9d492b2b2b1c023fd970 Mon Sep 17 00:00:00 2001 From: Isaac Connor Date: Fri, 19 Jul 2019 16:32:40 -0400 Subject: [PATCH 346/922] php_errormsg is deprecated --- web/includes/functions.php | 6 ++++-- 1 file changed, 4 insertions(+), 2 deletions(-) diff --git a/web/includes/functions.php b/web/includes/functions.php index e1016bb82..867861ffe 100644 --- a/web/includes/functions.php +++ b/web/includes/functions.php @@ -2459,11 +2459,13 @@ function do_post_request($url, $data, $optional_headers = null) { $ctx = stream_context_create($params); $fp = @fopen($url, 'rb', false, $ctx); if ( !$fp ) { - throw new Exception("Problem with $url, $php_errormsg"); + throw new Exception("Problem with $url, " + .print_r(error_get_last(),true)); } $response = @stream_get_contents($fp); if ( $response === false ) { - throw new Exception("Problem reading data from $url, $php_errormsg"); + throw new Exception("Problem reading data from $url, data: ".print_r($params,true) + .print_r(error_get_last(),true)); } return $response; } From e821553265ed10a73b4f6d20d3162c2a83b07bed Mon Sep 17 00:00:00 2001 From: Isaac Connor Date: Tue, 23 Jul 2019 09:54:39 -0400 Subject: [PATCH 347/922] Split MoveTo into CopyTo and MoveTo. --- scripts/ZoneMinder/lib/ZoneMinder/Event.pm | 126 +++++++++++---------- 1 file changed, 69 insertions(+), 57 deletions(-) diff --git a/scripts/ZoneMinder/lib/ZoneMinder/Event.pm b/scripts/ZoneMinder/lib/ZoneMinder/Event.pm index 9c6fe3cd5..e1516f1f5 100644 --- a/scripts/ZoneMinder/lib/ZoneMinder/Event.pm +++ b/scripts/ZoneMinder/lib/ZoneMinder/Event.pm @@ -393,61 +393,66 @@ sub delete { sub delete_files { my $event = shift; - my $Storage = @_ ? $_[0] : new ZoneMinder::Storage($$event{StorageId}); - my $storage_path = $Storage->Path(); + foreach my $Storage ( + @_ ? ($_[0]) : ( + new ZoneMinder::Storage($$event{StorageId}), + ( $$event{SecondaryStorageId} ? new ZoneMinder::Storage($$event{SecondaryStorageId}) : () ), + ) ) { + my $storage_path = $Storage->Path(); - if ( ! $storage_path ) { - Error("Empty storage path when deleting files for event $$event{Id} with storage id $$event{StorageId}"); - return; - } - - if ( ! $$event{MonitorId} ) { - Error("No monitor id assigned to event $$event{Id}"); - return; - } - my $event_path = $event->RelativePath(); - Debug("Deleting files for Event $$event{Id} from $storage_path/$event_path, scheme is $$event{Scheme}."); - if ( $event_path ) { - ( $storage_path ) = ( $storage_path =~ /^(.*)$/ ); # De-taint - ( $event_path ) = ( $event_path =~ /^(.*)$/ ); # De-taint - - my $deleted = 0; - if ( $$Storage{Type} and ( $$Storage{Type} eq 's3fs' ) ) { - my ( $aws_id, $aws_secret, $aws_host, $aws_bucket ) = ( $$Storage{Url} =~ /^\s*([^:]+):([^@]+)@([^\/]*)\/(.+)\s*$/ ); - eval { - require Net::Amazon::S3; - my $s3 = Net::Amazon::S3->new( { - aws_access_key_id => $aws_id, - aws_secret_access_key => $aws_secret, - ( $aws_host ? ( host => $aws_host ) : () ), - }); - my $bucket = $s3->bucket($aws_bucket); - if ( ! $bucket ) { - Error("S3 bucket $bucket not found."); - die; - } - if ( $bucket->delete_key($event_path) ) { - $deleted = 1; - } else { - Error('Failed to delete from S3:'.$s3->err . ': ' . $s3->errstr); - } - }; - Error($@) if $@; + if ( ! $storage_path ) { + Error("Empty storage path when deleting files for event $$event{Id} with storage id $$event{StorageId}"); + return; } - if ( !$deleted ) { - my $command = "/bin/rm -rf $storage_path/$event_path"; - ZoneMinder::General::executeShellCommand($command); - } - } - if ( $event->Scheme() eq 'Deep' ) { - my $link_path = $event->LinkPath(); - Debug("Deleting link for Event $$event{Id} from $storage_path/$link_path."); - if ( $link_path ) { - ( $link_path ) = ( $link_path =~ /^(.*)$/ ); # De-taint + if ( ! $$event{MonitorId} ) { + Error("No monitor id assigned to event $$event{Id}"); + return; + } + my $event_path = $event->RelativePath(); + Debug("Deleting files for Event $$event{Id} from $storage_path/$event_path, scheme is $$event{Scheme}."); + if ( $event_path ) { + ( $storage_path ) = ( $storage_path =~ /^(.*)$/ ); # De-taint + ( $event_path ) = ( $event_path =~ /^(.*)$/ ); # De-taint + + my $deleted = 0; + if ( $$Storage{Type} and ( $$Storage{Type} eq 's3fs' ) ) { + my ( $aws_id, $aws_secret, $aws_host, $aws_bucket ) = ( $$Storage{Url} =~ /^\s*([^:]+):([^@]+)@([^\/]*)\/(.+)\s*$/ ); + eval { + require Net::Amazon::S3; + my $s3 = Net::Amazon::S3->new( { + aws_access_key_id => $aws_id, + aws_secret_access_key => $aws_secret, + ( $aws_host ? ( host => $aws_host ) : () ), + }); + my $bucket = $s3->bucket($aws_bucket); + if ( ! $bucket ) { + Error("S3 bucket $bucket not found."); + die; + } + if ( $bucket->delete_key($event_path) ) { + $deleted = 1; + } else { + Error('Failed to delete from S3:'.$s3->err . ': ' . $s3->errstr); + } + }; + Error($@) if $@; + } + if ( !$deleted ) { + my $command = "/bin/rm -rf $storage_path/$event_path"; + ZoneMinder::General::executeShellCommand($command); + } + } # end if event_path + + if ( $event->Scheme() eq 'Deep' ) { + my $link_path = $event->LinkPath(); + Debug("Deleting link for Event $$event{Id} from $storage_path/$link_path."); + if ( $link_path ) { + ( $link_path ) = ( $link_path =~ /^(.*)$/ ); # De-taint unlink($storage_path.'/'.$link_path) or Error("Unable to unlink '$storage_path/$link_path': $!"); - } - } + } + } # end if Scheme eq Deep + } # end foreach Storage } # end sub delete_files sub StorageId { @@ -519,7 +524,7 @@ sub DiskSpace { return $_[0]{DiskSpace}; } -sub MoveTo { +sub CopyTo { my ( $self, $NewStorage ) = @_; my $OldStorage = $self->Storage(undef); @@ -559,7 +564,7 @@ sub MoveTo { $ZoneMinder::Database::dbh->commit(); return "New path and old path are the same! $NewPath"; } - Debug("Moving event $$self{Id} from $OldPath to $NewPath"); + Debug("Copying event $$self{Id} from $OldPath to $NewPath"); my $moved = 0; @@ -650,7 +655,7 @@ Debug("Files to move @files"); last; } my $duration = time - $starttime; - Debug("Copied " . Number::Bytes::Human::format_bytes($size) . " in $duration seconds = " . ($duration?Number::Bytes::Human::format_bytes($size/$duration):'inf') . "/sec"); + Debug('Copied ' . Number::Bytes::Human::format_bytes($size) . " in $duration seconds = " . ($duration?Number::Bytes::Human::format_bytes($size/$duration):'inf') . '/sec'); } # end foreach file. } # end if ! moved @@ -658,6 +663,15 @@ Debug("Files to move @files"); $ZoneMinder::Database::dbh->commit(); return $error; } +} # end sub CopyTo + +sub MoveTo { + + my ( $self, $NewStorage ) = @_; + my $OldStorage = $self->Storage(undef); + + my $error = $self->CopyTo($NewStorage); + return $error if $error; # Succeeded in copying all files, so we may now update the Event. $$self{StorageId} = $$NewStorage{Id}; @@ -667,10 +681,8 @@ Debug("Files to move @files"); $ZoneMinder::Database::dbh->commit(); return $error; } -Debug("Committing"); $ZoneMinder::Database::dbh->commit(); - $self->delete_files( $OldStorage ); -Debug("Done deleting files, returning"); + $self->delete_files($OldStorage); return $error; } # end sub MoveTo From f9b5c8a1f4dcfeb2af820309113d45095db23eea Mon Sep 17 00:00:00 2001 From: Isaac Connor Date: Tue, 23 Jul 2019 09:55:14 -0400 Subject: [PATCH 348/922] If query is empty don't bother parsing it --- scripts/ZoneMinder/lib/ZoneMinder/Filter.pm | 7 ++++++- 1 file changed, 6 insertions(+), 1 deletion(-) diff --git a/scripts/ZoneMinder/lib/ZoneMinder/Filter.pm b/scripts/ZoneMinder/lib/ZoneMinder/Filter.pm index 8383e43b7..1c0dd151b 100644 --- a/scripts/ZoneMinder/lib/ZoneMinder/Filter.pm +++ b/scripts/ZoneMinder/lib/ZoneMinder/Filter.pm @@ -132,6 +132,12 @@ sub Sql { my $self = shift; $$self{Sql} = shift if @_; if ( ! $$self{Sql} ) { + $self->{Sql} = ''; + if ( ! $self->{Query} ) { + Warning("No query in Filter!"); + return; + } + my $filter_expr = ZoneMinder::General::jsonDecode($self->{Query}); my $sql = 'SELECT E.*, unix_timestamp(E.StartTime) as Time, @@ -142,7 +148,6 @@ sub Sql { INNER JOIN Monitors as M on M.Id = E.MonitorId LEFT JOIN Storage as S on S.Id = E.StorageId '; - $self->{Sql} = ''; if ( $filter_expr->{terms} ) { foreach my $term ( @{$filter_expr->{terms}} ) { From fd95ab23e9a78b116b621bd4498a5701dc2b83fd Mon Sep 17 00:00:00 2001 From: Isaac Connor Date: Tue, 23 Jul 2019 09:55:27 -0400 Subject: [PATCH 349/922] Add AutoCopy support --- scripts/zmfilter.pl.in | 11 +++++++++-- 1 file changed, 9 insertions(+), 2 deletions(-) diff --git a/scripts/zmfilter.pl.in b/scripts/zmfilter.pl.in index b572d40fa..0b8812c87 100644 --- a/scripts/zmfilter.pl.in +++ b/scripts/zmfilter.pl.in @@ -240,6 +240,7 @@ sub getFilters { or AutoDelete = 1 or UpdateDiskSpace = 1 or AutoMove = 1 + or AutoCopy = 1 ) ORDER BY Name'; my $sth = $dbh->prepare_cached($sql) or Fatal("Unable to prepare '$sql': ".$dbh->errstr()); @@ -283,6 +284,7 @@ sub checkFilter { ($filter->{AutoMessage}?'message':()), ($filter->{AutoExecute}?'execute':()), ($filter->{AutoMove}?'move':()), + ($filter->{AutoCopy}?'copy':()), ($filter->{UpdateDiskSpace}?'update disk space':()), ), 'returned' , scalar @Events , 'events', @@ -300,9 +302,9 @@ sub checkFilter { Info("Archiving event $Event->{Id}"); # Do it individually to avoid locking up the table for new events my $sql = 'UPDATE Events SET Archived = 1 WHERE Id = ?'; - my $sth = $dbh->prepare_cached( $sql ) + my $sth = $dbh->prepare_cached($sql) or Fatal("Unable to prepare '$sql': ".$dbh->errstr()); - my $res = $sth->execute( $Event->{Id} ) + my $res = $sth->execute($Event->{Id}) or Error("Unable to execute '$sql': ".$dbh->errstr()); } if ( $Config{ZM_OPT_FFMPEG} && $filter->{AutoVideo} ) { @@ -343,6 +345,11 @@ sub checkFilter { $_ = $Event->MoveTo($NewStorage); Error($_) if $_; } + if ( $filter->{AutoCopy} ) { + my $NewStorage = new ZoneMinder::Storage($filter->{AutoCopyTo}); + $_ = $Event->CopyTo($NewStorage); + Error($_) if $_; + } if ( $filter->{UpdateDiskSpace} ) { $ZoneMinder::Database::dbh->begin_work(); From b05aff1d5d5e4a339d5f6731dcffe2dfde679ce9 Mon Sep 17 00:00:00 2001 From: Isaac Connor Date: Tue, 23 Jul 2019 09:57:16 -0400 Subject: [PATCH 350/922] Update Filter Object to extend ZM_Object. Rename Query to Query_json and implement a Query function to parse Query_json --- web/includes/Filter.php | 169 ++++++++++------------------------------ 1 file changed, 41 insertions(+), 128 deletions(-) diff --git a/web/includes/Filter.php b/web/includes/Filter.php index 8da602539..f8b06d4e5 100644 --- a/web/includes/Filter.php +++ b/web/includes/Filter.php @@ -1,9 +1,11 @@ null, 'Name' => '', 'AutoExecute' => 0, @@ -16,63 +18,44 @@ public $defaults = array( 'AutoMessage' => 0, 'AutoMove' => 0, 'AutoMoveTo' => 0, + 'AutoCopy' => 0, + 'AutoCopyTo' => 0, 'UpdateDiskSpace' => 0, 'Background' => 0, 'Concurrent' => 0, - 'limit' => 100, - 'Query' => array(), - 'sort_field' => ZM_WEB_EVENT_SORT_FIELD, - 'sort_asc' => ZM_WEB_EVENT_SORT_ORDER, -); + #'limit' => 100, + 'Query_json' => '', + #'sort_field' => ZM_WEB_EVENT_SORT_FIELD, + #'sort_asc' => ZM_WEB_EVENT_SORT_ORDER, + ); - public function __construct( $IdOrRow=NULL ) { - $row = NULL; - if ( $IdOrRow ) { - if ( is_integer($IdOrRow) or is_numeric($IdOrRow) ) { - $row = dbFetchOne('SELECT * FROM Filters WHERE Id=?', NULL, array($IdOrRow)); - if ( ! $row ) { - Error('Unable to load Filter record for Id=' . $IdOrRow); - } - } elseif ( is_array($IdOrRow) ) { - $row = $IdOrRow; - } else { - $backTrace = debug_backtrace(); - $file = $backTrace[1]['file']; - $line = $backTrace[1]['line']; - Error("Unknown argument passed to Filter Constructor from $file:$line)"); - Error("Unknown argument passed to Filter Constructor ($IdOrRow)"); - return; - } - } # end if isset($IdOrRow) + public function Query($new = -1) { + if ( $new and ( $new != -1 ) ) { + $this->{'Query'} = $new; + $this->{'Query_json'} = jsonEncode($new); + Logger::Debug("Setting Query to " . $this->{'Query_json'}); + } + if ( !array_key_exists('Query', $this) ) { + if ( array_key_exists('Query_json', $this) and $this->{'Query_json'} ) { + $this->{'Query'} = jsonDecode($this->{'Query_json'}); + Logger::Debug("Decoded Query already" . print_r($this->{'Query'}, true )); - if ( $row ) { - foreach ($row as $k => $v) { - $this->{$k} = $v; - } - if ( array_key_exists('Query', $this) and $this->{'Query'} ) { - $this->{'Query'} = jsonDecode($this->{'Query'}); } else { + Logger::Debug("No Have Query_json already"); $this->{'Query'} = array(); } - } - } // end function __construct - - public function __call( $fn, array $args ) { - if ( count( $args ) ) { - $this->{$fn} = $args[0]; - } - if ( array_key_exists( $fn, $this ) ) { - return $this->{$fn}; - } else if ( array_key_exists( $fn, $this->defaults ) ) { - $this->{$fn} = $this->defaults{$fn}; - return $this->{$fn}; } else { - - $backTrace = debug_backtrace(); - $file = $backTrace[1]['file']; - $line = $backTrace[1]['line']; - Warning( "Unknown function call Filter->$fn from $file:$line" ); + Logger::Debug("Have Query already" . print_r($this->{'Query'}, true )); } + return $this->{'Query'}; + } + + public static function find( $parameters = array(), $options = array() ) { + return ZM_Object::_find(get_class(), $parameters, $options); + } + + public static function find_one( $parameters = array(), $options = array() ) { + return ZM_Object::_find_one(get_class(), $parameters, $options); } public function terms( ) { @@ -93,101 +76,31 @@ public $defaults = array( if ( isset( $this->Query()['sort_field'] ) ) { return $this->{'Query'}['sort_field']; } - return $this->defaults{'sort_field'}; + return ZM_WEB_EVENT_SORT_FIELD; + #return $this->defaults{'sort_field'}; } + public function sort_asc( ) { if ( func_num_args( ) ) { - $this->{'Query'}['sort_asc'] = func_get_arg(0); + $this->Query()['sort_asc'] = func_get_arg(0); } if ( isset( $this->Query()['sort_asc'] ) ) { return $this->{'Query'}['sort_asc']; } - return $this->defaults{'sort_asc'}; + return ZM_WEB_EVENT_SORT_ORDER; + #return $this->defaults{'sort_asc'}; } + public function limit( ) { if ( func_num_args( ) ) { $this->{'Query'}['limit'] = func_get_arg(0); } if ( isset( $this->Query()['limit'] ) ) return $this->{'Query'}['limit']; - return $this->defaults{'limit'}; + return 100; + #return $this->defaults{'limit'}; } - public static function find( $parameters = null, $options = null ) { - $filters = array(); - $sql = 'SELECT * FROM Filters '; - $values = array(); - - if ( $parameters ) { - $fields = array(); - $sql .= 'WHERE '; - foreach ( $parameters as $field => $value ) { - if ( $value == null ) { - $fields[] = $field.' IS NULL'; - } else if ( is_array( $value ) ) { - $func = function(){return '?';}; - $fields[] = $field.' IN ('.implode(',', array_map($func, $value)). ')'; - $values += $value; - } else { - $fields[] = $field.'=?'; - $values[] = $value; - } - } - $sql .= implode(' AND ', $fields); - } - if ( $options ) { - if ( isset($options['order']) ) { - $sql .= ' ORDER BY ' . $options['order']; - } - if ( isset($options['limit']) ) { - if ( is_integer($options['limit']) or ctype_digit($options['limit']) ) { - $sql .= ' LIMIT ' . $options['limit']; - } else { - $backTrace = debug_backtrace(); - $file = $backTrace[1]['file']; - $line = $backTrace[1]['line']; - Error("Invalid value for limit(".$options['limit'].") passed to Filter::find from $file:$line"); - return array(); - } - } - } - $result = dbQuery($sql, $values); - $results = $result->fetchALL(PDO::FETCH_CLASS | PDO::FETCH_PROPS_LATE, 'Filter'); - foreach ( $results as $row => $obj ) { - $filters[] = $obj; - } - return $filters; - } # end find() - - public static function find_one( $parameters = array() ) { - $results = Filter::find($parameters, array('limit'=>1)); - if ( ! sizeof($results) ) { - return; - } - return $results[0]; - } # end find_one() - - public function delete() { - dbQuery('DELETE FROM Filters WHERE Id=?', array($this->{'Id'})); - } # end function delete() - - public function set( $data ) { - foreach ($data as $k => $v) { - if ( is_array( $v ) ) { - $this->{$k} = $v; - } else if ( is_string( $v ) ) { - $this->{$k} = trim( $v ); - } else if ( is_integer( $v ) ) { - $this->{$k} = $v; - } else if ( is_bool( $v ) ) { - $this->{$k} = $v; - } else { - Error( "Unknown type $k => $v of var " . gettype( $v ) ); - $this->{$k} = $v; - } - } - } # end function set - public function control($command, $server_id=null) { $Servers = $server_id ? Server::find(array('Id'=>$server_id)) : Server::find(); if ( !count($Servers) and !$server_id ) { From 7c52f8a4aea74f9541830a9402c7a702d901405a Mon Sep 17 00:00:00 2001 From: Isaac Connor Date: Tue, 23 Jul 2019 09:57:44 -0400 Subject: [PATCH 351/922] Fixes and add Objects_Indexed_By_Id --- web/includes/Object.php | 230 ++++++++++++++++++++++++++++++++++++++++ 1 file changed, 230 insertions(+) create mode 100644 web/includes/Object.php diff --git a/web/includes/Object.php b/web/includes/Object.php new file mode 100644 index 000000000..041b45bed --- /dev/null +++ b/web/includes/Object.php @@ -0,0 +1,230 @@ + $v) { + $this->{$k} = $v; + } + $cache[$row['Id']] = $this; + } else { + # Set defaults + foreach ( $this->defaults as $k => $v ) $this->{$k} = $v; + } + } + + public function __call($fn, array $args){ + if ( count($args) ) { + $this->{$fn} = $args[0]; + } + if ( array_key_exists($fn, $this) ) { + return $this->{$fn}; + } else { + if ( array_key_exists($fn, $this->defaults) ) { + return $this->defaults{$fn}; + } else { + $backTrace = debug_backtrace(); + Warning("Unknown function call Sensor->$fn from ".print_r($backTrace,true)); + } + } + } + + public static function _find($class, $parameters = null, $options = null ) { + $table = $class::$table; + $filters = array(); + $sql = "SELECT * FROM `$table` "; + $values = array(); + + if ( $parameters ) { + $fields = array(); + $sql .= 'WHERE '; + foreach ( $parameters as $field => $value ) { + if ( $value == null ) { + $fields[] = '`'.$field.'` IS NULL'; + } else if ( is_array($value) ) { + $func = function(){return '?';}; + $fields[] = '`'.$field.'` IN ('.implode(',', array_map($func, $value)). ')'; + $values += $value; + + } else { + $fields[] = '`'.$field.'`=?'; + $values[] = $value; + } + } + $sql .= implode(' AND ', $fields ); + } + if ( $options ) { + if ( isset($options['order']) ) { + $sql .= ' ORDER BY ' . $options['order']; + } + if ( isset($options['limit']) ) { + if ( is_integer($options['limit']) or ctype_digit($options['limit']) ) { + $sql .= ' LIMIT ' . $options['limit']; + } else { + Error('Invalid value for limit('.$options['limit'].') passed to '.get_class()."::find from ".print_r($backTrace,true)); + return array(); + } + } + } + $rows = dbFetchAll($sql, NULL, $values); + $results = array(); + if ( $rows ) { + foreach ( $rows as $row ) { + array_push($results , new $class($row)); + } + } + return $results; + } # end public function find() + + public static function _find_one($class, $parameters = array(), $options = array() ) { + global $object_cache; + if ( ! isset($object_cache[$class]) ) + $object_cache[$class] = array(); + $cache = $object_cache[$class]; + if ( + ( count($parameters) == 1 ) and + isset($parameters['Id']) and + isset($cache[$parameters['Id']]) ) { + return $cache[$parameters['Id']]; + } + $options['limit'] = 1; + $results = ZM_Object::_find($class, $parameters, $options); + if ( ! sizeof($results) ) { + return; + } + return $results[0]; + } + + public static function Objects_Indexed_By_Id($class) { + $results = array(); + foreach ( ZM_Object::_find($class, null, array('order'=>'lower(Name)')) as $Object ) { + $results[$Object->Id()] = $Object; + } + return $results; + } + + public function to_json() { + $json = array(); + foreach ($this->defaults as $key => $value) { + if ( is_callable(array($this, $key)) ) { + $json[$key] = $this->$key(); + } else if ( array_key_exists($key, $this) ) { + $json[$key] = $this->{$key}; + } else { + $json[$key] = $this->defaults{$key}; + } + } + return json_encode($json); + } + + public function set($data) { + foreach ( $data as $k => $v ) { + if ( method_exists($this, $k) ) { + $this->{$k}($v); + } else { + if ( is_array($v) ) { +# perhaps should turn into a comma-separated string + $this->{$k} = implode(',', $v); + } else if ( is_string($v) ) { + if ( $v == '' and array_key_exists($k, $this->defaults) ) { + $this->{$k} = $this->defaults[$k]; + } else { + $this->{$k} = trim($v); + } + } else if ( is_integer($v) ) { + $this->{$k} = $v; + } else if ( is_bool($v) ) { + $this->{$k} = $v; + } else if ( is_null($v) ) { + $this->{$k} = $v; + } else { + Error( "Unknown type $k => $v of var " . gettype( $v ) ); + $this->{$k} = $v; + } + } # end if method_exists + } # end foreach $data as $k=>$v + } + + public function changes( $new_values ) { + $changes = array(); + foreach ( $this->defaults as $field=>$default_value ) { + if ( array_key_exists($field, $new_values) ) { + Logger::Debug("Checking default $field => $default_value exists in new values :".$this->{$field} . " " .$new_values[$field]); + if ( (!array_key_exists($field, $this)) or ( $this->{$field} != $new_values[$field] ) ) { + Logger::Debug("Checking default $field => $default_value changes becaause" . $new_values[$field].' != '.$new_values[$field]); + $changes[$field] = $new_values[$field]; + #} else if { + Logger::Debug("Checking default $field => $default_value changes becaause " . $new_values[$field].' != '.$new_values[$field]); + #array_push( $changes, [$field=>$defaults[$field]] ); + } + } else { + Logger::Debug("Checking default $field => $default_value not in new_values"); + } + } # end foreach default + return $changes; + } # end public function changes + + public function save($new_values = null) { + $class = get_class($this); + $table = $class::$table; + + if ( $new_values ) { + Logger::Debug("New values" . print_r($new_values,true)); + $this->set($new_values); + } + + if ( $this->Id() ) { + $fields = array_keys($this->defaults); + $sql = 'UPDATE '.$table.' SET '.implode(', ', array_map(function($field) {return '`'.$field.'`=?';}, $fields )) . ' WHERE Id=?'; + $values = array_map(function($field){return $this->{$field};}, $fields); + $values[] = $this->{'Id'}; + if ( dbQuery($sql, $values) ) + return true; + } else { + $fields = $this->defaults; + unset($fields['Id']); + + $sql = 'INSERT INTO '.$table.' ('.implode(', ', array_map(function($field) {return '`'.$field.'`';}, array_keys($fields))).') VALUES ('.implode(', ', array_map(function($field){return '?';}, array_values($fields))).')'; + $values = array_map(function($field){return $this->{$field};}, array_keys($fields)); + if ( dbQuery($sql, $values) ) { + $this->{'Id'} = dbInsertId(); + return true; + } + } + return false; + } // end function save + + public function delete() { + $class = get_class($this); + $table = $class::$table; + dbQuery("DELETE FROM $table WHERE Id=?", array($this->{'Id'})); + if ( isset($object_cache[$class]) and isset($object_cache[$class][$this->{'Id'}]) ) + unset($object_cache[$class][$this->{'Id'}]); + } + +} # end class Sensor Action +?> From 35ec60ca031f5ee6e3a72d9d53ae2cfe2221b1a4 Mon Sep 17 00:00:00 2001 From: Isaac Connor Date: Tue, 23 Jul 2019 09:58:05 -0400 Subject: [PATCH 352/922] Change Storage object to extend ZM_Object --- web/includes/Storage.php | 136 +++------------------------------------ 1 file changed, 9 insertions(+), 127 deletions(-) diff --git a/web/includes/Storage.php b/web/includes/Storage.php index b3caa3ffa..8607b52fe 100644 --- a/web/includes/Storage.php +++ b/web/includes/Storage.php @@ -2,10 +2,11 @@ namespace ZM; require_once('database.php'); require_once('Event.php'); +require_once('Object.php'); -$storage_cache = array(); -class Storage { - private $defaults = array( +class Storage extends ZM_Object { + protected static $table = 'Storage'; + protected $defaults = array( 'Id' => null, 'Path' => '', 'Name' => '', @@ -16,31 +17,12 @@ class Storage { 'ServerId' => 0, 'DoDelete' => 1, ); + public static function find($parameters = array(), $options = array() ) { + return ZM_Object::_find(get_class(), $parameters, $options); + } - public function __construct( $IdOrRow = NULL ) { - global $storage_cache; - - $row = NULL; - if ( $IdOrRow ) { - if ( is_integer($IdOrRow) or is_numeric($IdOrRow) ) { - $row = dbFetchOne('SELECT * FROM Storage WHERE Id=?', NULL, array($IdOrRow)); - if ( ! $row ) { - Error('Unable to load Storage record for Id=' . $IdOrRow); - } - } else if ( is_array($IdOrRow) ) { - $row = $IdOrRow; - } - } - if ( $row ) { - foreach ($row as $k => $v) { - $this->{$k} = $v; - } - $storage_cache[$row['Id']] = $this; - } else { - $this->{'Name'} = ''; - $this->{'Path'} = ''; - $this->{'Type'} = 'local'; - } + public static function find_one( $parameters = array(), $options = array() ) { + return ZM_Object::_find_one(get_class(), $parameters, $options); } public function Path() { @@ -66,93 +48,6 @@ class Storage { return $this->{'Name'}; } - public function __call( $fn, array $args= NULL ) { - if ( count($args) ) { - $this->{$fn} = $args[0]; - } - if ( array_key_exists($fn, $this) ) - return $this->{$fn}; - - if ( array_key_exists($fn, $this->defaults) ) - return $this->defaults{$fn}; - - $backTrace = debug_backtrace(); - $file = $backTrace[0]['file']; - $line = $backTrace[0]['line']; - Warning("Unknown function call Storage->$fn from $file:$line"); - $file = $backTrace[1]['file']; - $line = $backTrace[1]['line']; - Warning("Unknown function call Storage->$fn from $file:$line"); - } - - public static function find_one( $parameters = null, $options = null ) { - global $storage_cache; - if ( - ( count($parameters) == 1 ) and - isset($parameters['Id']) and - isset($storage_cache[$parameters['Id']]) ) { - return $storage_cache[$parameters['Id']]; - } - - $results = Storage::find($parameters, $options); - if ( count($results) > 1 ) { - Error('Storage Returned more than 1'); - return $results[0]; - } else if ( count($results) ) { - return $results[0]; - } else { - return null; - } - } - public static function find( $parameters = null, $options = null ) { - $sql = 'SELECT * FROM Storage '; - $values = array(); - - if ( $parameters ) { - $fields = array(); - $sql .= 'WHERE '; - foreach ( $parameters as $field => $value ) { - if ( $value == null ) { - $fields[] = $field.' IS NULL'; - } else if ( is_array($value) ) { - $func = function(){return '?';}; - $fields[] = $field.' IN ('.implode(',', array_map($func, $value)).')'; - $values += $value; - - } else { - $fields[] = $field.'=?'; - $values[] = $value; - } - } - $sql .= implode(' AND ', $fields); - } # end if parameters - if ( $options ) { - if ( isset($options['order']) ) { - $sql .= ' ORDER BY ' . $options['order']; - } # end if options - if ( isset($options['limit']) ) { - if ( is_integer($options['limit']) or ctype_digit($options['limit']) ) { - $sql .= ' LIMIT ' . $option['limit']; - } else { - $backTrace = debug_backtrace(); - $file = $backTrace[1]['file']; - $line = $backTrace[1]['line']; - Error("Invalid value for limit(".$options['limit'].") passed to Control::find from $file:$line"); - return array(); - } - } # end if limit - } # end if options - $storage_areas = array(); - $result = dbQuery($sql, $values); - if ( $result ) { - $results = $result->fetchALL(); - foreach ( $results as $row ) { - $storage_areas[] = new Storage($row); - } - } - return $storage_areas; - } # end find() - public function disk_usage_percent() { $path = $this->Path(); if ( ! $path ) { @@ -226,18 +121,5 @@ class Storage { return $this->{'Server'}; } - public function to_json() { - $json = array(); - foreach ($this->defaults as $key => $value) { - if ( is_callable(array($this, $key)) ) { - $json[$key] = $this->$key(); - } else if ( array_key_exists($key, $this) ) { - $json[$key] = $this->{$key}; - } else { - $json[$key] = $this->defaults{$key}; - } - } - return json_encode($json); - } } // end class Storage ?> From 9b6dedb35d4399bc7e8fc13083d103e1d1ad766f Mon Sep 17 00:00:00 2001 From: Isaac Connor Date: Tue, 23 Jul 2019 09:58:28 -0400 Subject: [PATCH 353/922] Update Filter saving action to use object set/save etc --- web/includes/actions/filter.php | 37 ++++++++++++++++++++++++++++----- 1 file changed, 32 insertions(+), 5 deletions(-) diff --git a/web/includes/actions/filter.php b/web/includes/actions/filter.php index 6b3019ee5..8548f21d1 100644 --- a/web/includes/actions/filter.php +++ b/web/includes/actions/filter.php @@ -51,11 +51,30 @@ if ( isset($_REQUEST['object']) and ( $_REQUEST['object'] == 'filter' ) ) { $_REQUEST['filter']['Query']['sort_asc'] = validStr($_REQUEST['filter']['Query']['sort_asc']); $_REQUEST['filter']['Query']['limit'] = validInt($_REQUEST['filter']['Query']['limit']); if ( $action == 'execute' ) { - $tempFilterName = '_TempFilter'.time(); - $sql .= ' Name = \''.$tempFilterName.'\''; - } else { - $sql .= ' Name = '.dbEscape($_REQUEST['filter']['Name']); + $_REQUEST['filter']['Name'] = '_TempFilter'.time(); + unset($_REQUEST['Id']); + #$tempFilterName = '_TempFilter'.time(); + #$sql .= ' Name = \''.$tempFilterName.'\''; + #} else { + #$sql .= ' Name = '.dbEscape($_REQUEST['filter']['Name']); } + + $_REQUEST['filter']['AutoCopy'] = empty($_REQUEST['filter']['AutoCopy']) ? 0 : 1; + $_REQUEST['filter']['AutoMove'] = empty($_REQUEST['filter']['AutoMove']) ? 0 : 1; + $_REQUEST['filter']['AutoArchive'] = empty($_REQUEST['filter']['AutoArchive']) ? 0 : 1; + $_REQUEST['filter']['AutoVideo'] = empty($_REQUEST['filter']['AutoVideo']) ? 0 : 1; + $_REQUEST['filter']['AutoUpload'] = empty($_REQUEST['filter']['AutoUpload']) ? 0 : 1; + $_REQUEST['filter']['AutoEmail'] = empty($_REQUEST['filter']['AutoEmail']) ? 0 : 1; + $_REQUEST['filter']['AutoMessage'] = empty($_REQUEST['filter']['AutoMessage']) ? 0 : 1; + $_REQUEST['filter']['AutoExecute'] = empty($_REQUEST['filter']['AutoExecute']) ? 0 : 1; + $_REQUEST['filter']['AutoDelete'] = empty($_REQUEST['filter']['AutoDelete']) ? 0 : 1; + $_REQUEST['filter']['UpdateDiskSpace'] = empty($_REQUEST['filter']['UpdateDiskSpace']) ? 0 : 1; + $_REQUEST['filter']['Background'] = empty($_REQUEST['filter']['Background']) ? 0 : 1; + $_REQUEST['filter']['Concurrent'] = empty($_REQUEST['filter']['Concurrent']) ? 0 : 1; + $changes = $filter->changes($_REQUEST['filter']); + ZM\Logger::Debug("Changes: " . print_r($changes,true)); + + if ( 0 ) { $sql .= ', Query = '.dbEscape(jsonEncode($_REQUEST['filter']['Query'])); $sql .= ', AutoArchive = '.(!empty($_REQUEST['filter']['AutoArchive']) ? 1 : 0); $sql .= ', AutoVideo = '. ( !empty($_REQUEST['filter']['AutoVideo']) ? 1 : 0); @@ -73,17 +92,25 @@ if ( isset($_REQUEST['object']) and ( $_REQUEST['object'] == 'filter' ) ) { $sql .= ', UpdateDiskSpace = '. ( !empty($_REQUEST['filter']['UpdateDiskSpace']) ? 1 : 0); $sql .= ', Background = '. ( !empty($_REQUEST['filter']['Background']) ? 1 : 0); $sql .= ', Concurrent = '. ( !empty($_REQUEST['filter']['Concurrent']) ? 1 : 0); + } if ( $_REQUEST['Id'] and ( $action == 'Save' ) ) { + if ( 0 ) { dbQuery('UPDATE Filters SET '.$sql.' WHERE Id=?', array($_REQUEST['Id'])); + } + $filter->save($changes); if ( $filter->Background() ) $filter->control('stop'); } else { + # COuld be execute + if ( 0 ) { dbQuery('INSERT INTO Filters SET'.$sql); $_REQUEST['Id'] = dbInsertId(); $filter = new ZM\Filter($_REQUEST['Id']); + } + $filter->save($changes); } - if ( !empty($_REQUEST['filter']['Background']) ) + if ( $filter->Background() ) $filter->control('start'); if ( $action == 'execute' ) { From 346933126d822e89d0c75d21545f2ac108a5364f Mon Sep 17 00:00:00 2001 From: Isaac Connor Date: Tue, 23 Jul 2019 09:59:49 -0400 Subject: [PATCH 354/922] Update filter view to use Filter::find --- web/skins/classic/views/filter.php | 61 ++++++++++++++++-------------- 1 file changed, 32 insertions(+), 29 deletions(-) diff --git a/web/skins/classic/views/filter.php b/web/skins/classic/views/filter.php index 1eb4b71c3..893d1ecbd 100644 --- a/web/skins/classic/views/filter.php +++ b/web/skins/classic/views/filter.php @@ -22,36 +22,35 @@ if ( !canView('Events') ) { $view = 'error'; return; } -require_once 'includes/Filter.php'; +require_once('includes/Object.php'); +require_once('includes/Storage.php'); +require_once('includes/Filter.php'); parseSort(); -$filterNames = array( ''=>translate('ChooseFilter') ); +$filterNames = array(''=>translate('ChooseFilter')); $filter = NULL; -foreach ( dbFetchAll('SELECT * FROM Filters ORDER BY Name') as $row ) { - $filterNames[$row['Id']] = $row['Id'] . ' ' . $row['Name']; - if ( $row['Background'] ) - $filterNames[$row['Id']] .= '*'; - if ( $row['Concurrent'] ) - $filterNames[$row['Id']] .= '&'; +foreach ( ZM\Filter::find(null,array('order'=>'lower(Name)')) as $Filter ) { + $filterNames[$Filter->Id()] = $Filter->Id() . ' ' . $Filter->Name(); + if ( $Filter->Background() ) + $filterNames[$Filter->Id()] .= '*'; + if ( $Filter->Concurrent() ) + $filterNames[$Filter->Id()] .= '&'; - if ( isset($_REQUEST['Id']) && $_REQUEST['Id'] == $row['Id'] ) { - $filter = new ZM\Filter($row); + if ( isset($_REQUEST['Id']) && ($_REQUEST['Id'] == $Filter->Id()) ) { + $filter = $Filter; } } -if ( ! $filter ) { +if ( !$filter ) { $filter = new ZM\Filter(); } -if ( isset($_REQUEST['sort_field']) && isset($_REQUEST['filter']) ) { - $_REQUEST['filter']['Query']['sort_field'] = $_REQUEST['sort_field']; - $_REQUEST['filter']['Query']['sort_asc'] = $_REQUEST['sort_asc']; - $_REQUEST['filter']['Query']['limit'] = $_REQUEST['limit']; -} +ZM\Logger::Debug("Query: " . $filter->Query_json()); +ZM\Logger::Debug("Query: " . print_r($filter->Query(), true)); if ( isset($_REQUEST['filter']) ) { - $filter->set($_REQUEST['filter']); # Update our filter object with whatever changes we have made before saving + #$filter->set($_REQUEST['filter']); } $conjunctionTypes = getFilterQueryConjunctionTypes(); @@ -97,12 +96,13 @@ $attrTypes = array( 'DiskPercent' => translate('AttrDiskPercent'), 'DiskSpace' => translate('AttrDiskSpace'), 'SystemLoad' => translate('AttrSystemLoad'), - 'StorageId' => translate('AttrStorageArea'), - 'ServerId' => translate('AttrMonitorServer'), + 'StorageId' => translate('AttrStorageArea'), + 'SecondaryStorageId' => translate('AttrSecondaryStorageArea'), + 'ServerId' => translate('AttrMonitorServer'), 'FilterServerId' => translate('AttrFilterServer'), 'MonitorServerId' => translate('AttrMonitorServer'), 'StorageServerId' => translate('AttrStorageServer'), - 'StateId' => translate('AttrStateId'), + 'StateId' => translate('AttrStateId'), ); $opTypes = array( @@ -127,27 +127,24 @@ $archiveTypes = array( $focusWindow = true; -$storageareas = array('' => 'All'); -//$storageareas[0] = 'Default ' . ZM_DIR_EVENTS; -foreach ( dbFetchAll('SELECT Id,Name FROM Storage ORDER BY lower(Name) ASC') as $storage ) { - $storageareas[$storage['Id']] = $storage['Name']; -} +$storageareas = array('' => 'All') + ZM\ZM_Object::Objects_Indexed_By_Id('ZM\Storage'); + $weekdays = array(); for ( $i = 0; $i < 7; $i++ ) { $weekdays[$i] = strftime('%A', mktime(12, 0, 0, 1, $i+1, 2001)); } $states = array(); -foreach ( dbFetchAll('SELECT Id, Name FROM States ORDER BY lower(Name) ASC') as $state_row ) { +foreach ( dbFetchAll('SELECT `Id`, `Name` FROM `States` ORDER BY lower(`Name`) ASC') as $state_row ) { $states[$state_row['Id']] = validHtmlStr($state_row['Name']); } $servers = array(); $servers['ZM_SERVER_ID'] = 'Current Server'; $servers['NULL'] = 'No Server'; -foreach ( dbFetchAll('SELECT Id, Name FROM Servers ORDER BY lower(Name) ASC') as $server ) { +foreach ( dbFetchAll('SELECT `Id`, `Name` FROM `Servers` ORDER BY lower(`Name`) ASC') as $server ) { $servers[$server['Id']] = validHtmlStr($server['Name']); } $monitors = array(); -foreach ( dbFetchAll('SELECT Id, Name FROM Monitors ORDER BY Name ASC') as $monitor ) { +foreach ( dbFetchAll('SELECT `Id`, `Name` FROM `Monitors` ORDER BY lower(`Name`) ASC') as $monitor ) { if ( visibleMonitor($monitor['Id']) ) { $monitors[$monitor['Name']] = validHtmlStr($monitor['Name']); } @@ -391,7 +388,13 @@ if ( ZM_OPT_MESSAGE ) { AutoDelete() ) { ?> checked="checked" data-on-click-this="updateButtons"/>

-

+

+ + AutoCopy() ) { ?> checked="checked" data-on-click-this="click_autocopy"/> + AutoCopyTo(), $filter->AutoCopy() ? null : array('style'=>'display:none;')); ?> +

+

+ AutoMove() ) { ?> checked="checked" data-on-click-this="click_automove"/> AutoMoveTo(), $filter->AutoMove() ? null : array('style'=>'display:none;')); ?>

From 0e040fc2fcbafd57682f319f577ceea47e2bfea3 Mon Sep 17 00:00:00 2001 From: Isaac Connor Date: Tue, 23 Jul 2019 10:00:05 -0400 Subject: [PATCH 355/922] Add click_autocopy function --- web/skins/classic/views/js/filter.js | 9 +++++++++ 1 file changed, 9 insertions(+) diff --git a/web/skins/classic/views/js/filter.js b/web/skins/classic/views/js/filter.js index 49a882ee6..36d1e09d5 100644 --- a/web/skins/classic/views/js/filter.js +++ b/web/skins/classic/views/js/filter.js @@ -72,6 +72,15 @@ function click_automove(element) { } } +function click_autocopy(element) { + updateButtons(this); + if ( this.checked ) { + $j(this.form.elements['filter[AutoCopyTo]']).css('display', 'inline'); + } else { + this.form.elements['filter[AutoCopyTo]'].hide(); + } +} + function checkValue( element ) { var rows = $j(element).closest('tbody').children(); parseRows(rows); From df0aef89affbc8a0cb6e31bf5395a3f03892f255 Mon Sep 17 00:00:00 2001 From: Isaac Connor Date: Tue, 23 Jul 2019 10:03:28 -0400 Subject: [PATCH 356/922] gracefully handle when window[fnName] doesn't exist --- web/skins/classic/js/skin.js | 22 +++++++++++++++++++++- 1 file changed, 21 insertions(+), 1 deletion(-) diff --git a/web/skins/classic/js/skin.js b/web/skins/classic/js/skin.js index d39062087..c29ef4a84 100644 --- a/web/skins/classic/js/skin.js +++ b/web/skins/classic/js/skin.js @@ -144,7 +144,7 @@ window.addEventListener("DOMContentLoaded", function onSkinDCL() { el.addEventListener("click", function onClick(evt) { var el = this; var url; - if (el.hasAttribute("href")) { + if ( el.hasAttribute("href") ) { // url = el.getAttribute("href"); } else { @@ -167,12 +167,20 @@ window.addEventListener("DOMContentLoaded", function onSkinDCL() { // 'data-on-click-this' calls the global function in the attribute value with the element when a click happens. document.querySelectorAll("a[data-on-click-this], button[data-on-click-this], input[data-on-click-this]").forEach(function attachOnClick(el) { var fnName = el.getAttribute("data-on-click-this"); + if ( !window[fnName] ) { + console.error("Nothing found to bind to " + fnName); + return; + } el.onclick = window[fnName].bind(el, el); }); // 'data-on-click' calls the global function in the attribute value with no arguments when a click happens. document.querySelectorAll("a[data-on-click], button[data-on-click], input[data-on-click]").forEach(function attachOnClick(el) { var fnName = el.getAttribute("data-on-click"); + if ( !window[fnName] ) { + console.error("Nothing found to bind to " + fnName); + return; + } el.onclick = function() { window[fnName](); }; @@ -181,6 +189,10 @@ window.addEventListener("DOMContentLoaded", function onSkinDCL() { // 'data-on-click-true' calls the global function in the attribute value with no arguments when a click happens. document.querySelectorAll("a[data-on-click-true], button[data-on-click-true], input[data-on-click-true]").forEach(function attachOnClick(el) { var fnName = el.getAttribute("data-on-click-true"); + if ( !window[fnName] ) { + console.error("Nothing found to bind to " + fnName); + return; + } el.onclick = function() { window[fnName](true); }; @@ -189,12 +201,20 @@ window.addEventListener("DOMContentLoaded", function onSkinDCL() { // 'data-on-change-this' calls the global function in the attribute value with the element when a change happens. document.querySelectorAll("select[data-on-change-this], input[data-on-change-this]").forEach(function attachOnChangeThis(el) { var fnName = el.getAttribute("data-on-change-this"); + if ( !window[fnName] ) { + console.error("Nothing found to bind to " + fnName); + return; + } el.onchange = window[fnName].bind(el, el); }); // 'data-on-change' adds an event listener for the global function in the attribute value when a change happens. document.querySelectorAll("select[data-on-change], input[data-on-change]").forEach(function attachOnChange(el) { var fnName = el.getAttribute("data-on-change"); + if ( !window[fnName] ) { + console.error("Nothing found to bind to " + fnName); + return; + } el.onchange = window[fnName]; }); }); From 88beb46c3e645491d93c157be5d6af10b37d16c8 Mon Sep 17 00:00:00 2001 From: Isaac Connor Date: Tue, 23 Jul 2019 10:04:15 -0400 Subject: [PATCH 357/922] Add FilterCopyEvents --- web/lang/en_gb.php | 1 + 1 file changed, 1 insertion(+) diff --git a/web/lang/en_gb.php b/web/lang/en_gb.php index 4001c456e..526486921 100644 --- a/web/lang/en_gb.php +++ b/web/lang/en_gb.php @@ -356,6 +356,7 @@ $SLANG = array( 'FilterArchiveEvents' => 'Archive all matches', 'FilterUpdateDiskSpace' => 'Update used disk space', 'FilterDeleteEvents' => 'Delete all matches', + 'FilterCopyEvents' => 'Copy all matches', 'FilterMoveEvents' => 'Move all matches', 'FilterEmailEvents' => 'Email details of all matches', 'FilterExecuteEvents' => 'Execute command on all matches', From 49621bf6529173843261ac542e9306793f9f641d Mon Sep 17 00:00:00 2001 From: Isaac Connor Date: Tue, 23 Jul 2019 12:58:03 -0400 Subject: [PATCH 358/922] Only parse Sql if there is a Query in the filter --- scripts/ZoneMinder/lib/ZoneMinder/Filter.pm | 4 ++++ 1 file changed, 4 insertions(+) diff --git a/scripts/ZoneMinder/lib/ZoneMinder/Filter.pm b/scripts/ZoneMinder/lib/ZoneMinder/Filter.pm index 8383e43b7..fd6dd59dc 100644 --- a/scripts/ZoneMinder/lib/ZoneMinder/Filter.pm +++ b/scripts/ZoneMinder/lib/ZoneMinder/Filter.pm @@ -132,6 +132,10 @@ sub Sql { my $self = shift; $$self{Sql} = shift if @_; if ( ! $$self{Sql} ) { + if ( !$self->{Query} ) { + Warning('No Query in filter.'); + return; + } my $filter_expr = ZoneMinder::General::jsonDecode($self->{Query}); my $sql = 'SELECT E.*, unix_timestamp(E.StartTime) as Time, From bb653b172c59d37e63844494a933e853e7cc94ca Mon Sep 17 00:00:00 2001 From: Isaac Connor Date: Tue, 23 Jul 2019 14:34:26 -0400 Subject: [PATCH 359/922] Use hires time to give better bandwidth reporitng --- scripts/ZoneMinder/lib/ZoneMinder/Event.pm | 19 ++++++++++--------- 1 file changed, 10 insertions(+), 9 deletions(-) diff --git a/scripts/ZoneMinder/lib/ZoneMinder/Event.pm b/scripts/ZoneMinder/lib/ZoneMinder/Event.pm index e1516f1f5..27c157359 100644 --- a/scripts/ZoneMinder/lib/ZoneMinder/Event.pm +++ b/scripts/ZoneMinder/lib/ZoneMinder/Event.pm @@ -41,6 +41,7 @@ require Number::Bytes::Human; require Date::Parse; require POSIX; use Date::Format qw(time2str); +use Time::HiRes qw(gettimeofday tv_interval); #our @ISA = qw(ZoneMinder::Object); use parent qw(ZoneMinder::Object); @@ -595,7 +596,7 @@ Debug("Files to move @files"); for my $file (@files) { next if $file =~ /^\./; ( $file ) = ( $file =~ /^(.*)$/ ); # De-taint - my $starttime = time; + my $starttime = [gettimeofday]; Debug("Moving file $file to $NewPath"); my $size = -s $file; if ( ! $size ) { @@ -607,10 +608,10 @@ Debug("Files to move @files"); } my $filename = $event_path.'/'.File::Basename::basename($file); - if ( ! $bucket->add_key( $filename, $file_contents ) ) { + if ( ! $bucket->add_key($filename, $file_contents) ) { die "Unable to add key for $filename"; } - my $duration = time - $starttime; + my $duration = tv_interval($starttime); Debug('PUT to S3 ' . Number::Bytes::Human::format_bytes($size) . " in $duration seconds = " . Number::Bytes::Human::format_bytes($duration?$size/$duration:$size) . '/sec'); } # end foreach file. @@ -621,13 +622,13 @@ Debug("Files to move @files"); } # end if s3 my $error = ''; - if ( ! $moved ) { - File::Path::make_path( $NewPath, {error => \my $err} ); + if ( !$moved ) { + File::Path::make_path($NewPath, {error => \my $err}); if ( @$err ) { for my $diag (@$err) { my ($file, $message) = %$diag; next if $message eq 'File exists'; - if ($file eq '') { + if ( $file eq '' ) { $error .= "general error: $message\n"; } else { $error .= "problem making $file: $message\n"; @@ -641,20 +642,20 @@ Debug("Files to move @files"); my @files = glob("$OldPath/*"); if ( ! @files ) { $ZoneMinder::Database::dbh->commit(); - return "No files to move."; + return 'No files to move.'; } for my $file (@files) { next if $file =~ /^\./; ( $file ) = ( $file =~ /^(.*)$/ ); # De-taint - my $starttime = time; + my $starttime = [gettimeofday]; Debug("Moving file $file to $NewPath"); my $size = -s $file; if ( ! File::Copy::copy( $file, $NewPath ) ) { $error .= "Copy failed: for $file to $NewPath: $!"; last; } - my $duration = time - $starttime; + my $duration = tv_interval($starttime); Debug('Copied ' . Number::Bytes::Human::format_bytes($size) . " in $duration seconds = " . ($duration?Number::Bytes::Human::format_bytes($size/$duration):'inf') . '/sec'); } # end foreach file. } # end if ! moved From 98922b6788dfdc1f1d58a608fa75c66ecfd0e2f2 Mon Sep 17 00:00:00 2001 From: Isaac Connor Date: Wed, 24 Jul 2019 09:37:16 -0400 Subject: [PATCH 360/922] Add SecondaryStorageId to Event so that we can update it --- scripts/ZoneMinder/lib/ZoneMinder/Event.pm | 29 ++++++++++++---------- 1 file changed, 16 insertions(+), 13 deletions(-) diff --git a/scripts/ZoneMinder/lib/ZoneMinder/Event.pm b/scripts/ZoneMinder/lib/ZoneMinder/Event.pm index 27c157359..fd1c8297d 100644 --- a/scripts/ZoneMinder/lib/ZoneMinder/Event.pm +++ b/scripts/ZoneMinder/lib/ZoneMinder/Event.pm @@ -64,6 +64,7 @@ $serial = $primary_key = 'Id'; Id MonitorId StorageId + SecondaryStorageId Name Cause StartTime @@ -117,7 +118,7 @@ sub Time { } sub getPath { - return Path( @_ ); + return Path(@_); } sub Path { @@ -132,7 +133,7 @@ sub Path { if ( ! $$event{Path} ) { my $Storage = $event->Storage(); - $$event{Path} = join('/', $Storage->Path(), $event->RelativePath() ); + $$event{Path} = join('/', $Storage->Path(), $event->RelativePath()); } return $$event{Path}; } @@ -164,7 +165,8 @@ sub RelativePath { if ( $event->Time() ) { $$event{RelativePath} = join('/', $event->{MonitorId}, - POSIX::strftime( '%y/%m/%d/%H/%M/%S', + POSIX::strftime( + '%y/%m/%d/%H/%M/%S', localtime($event->Time()) ), ); @@ -204,7 +206,8 @@ sub LinkPath { if ( $event->Time() ) { $$event{LinkPath} = join('/', $event->{MonitorId}, - POSIX::strftime( '%y/%m/%d', + POSIX::strftime( + '%y/%m/%d', localtime($event->Time()) ), '.'.$$event{Id} @@ -256,8 +259,8 @@ sub createIdFile { sub GenerateVideo { my ( $self, $rate, $fps, $scale, $size, $overwrite, $format ) = @_; - my $event_path = $self->Path( ); - chdir( $event_path ); + my $event_path = $self->Path(); + chdir($event_path); ( my $video_name = $self->{Name} ) =~ s/\s/_/g; my @file_parts; @@ -283,10 +286,10 @@ sub GenerateVideo { $file_scale =~ s/_00//; $file_scale =~ s/(_\d+)0+$/$1/; $file_scale = 's'.$file_scale; - push( @file_parts, $file_scale ); + push @file_parts, $file_scale; } elsif ( $size ) { my $file_size = 'S'.$size; - push( @file_parts, $file_size ); + push @file_parts, $file_size; } my $video_file = join('-', $video_name, $file_parts[0], $file_parts[1] ).'.'.$format; if ( $overwrite || !-s $video_file ) { @@ -537,9 +540,9 @@ sub CopyTo { # We do this before bothering to lock the event my ( $NewPath ) = ( $NewStorage->Path() =~ /^(.*)$/ ); # De-taint if ( ! $$NewStorage{Id} ) { - return "New storage does not have an id. Moving will not happen."; + return 'New storage does not have an id. Moving will not happen.'; } elsif ( $$NewStorage{Id} == $$self{StorageId} ) { - return "Event is already located at " . $NewPath; + return 'Event is already located at ' . $NewPath; } elsif ( !$NewPath ) { return "New path ($NewPath) is empty."; } elsif ( ! -e $NewPath ) { @@ -551,7 +554,7 @@ sub CopyTo { # data is reloaded, so need to check that the move hasn't already happened. if ( $$self{StorageId} == $$NewStorage{Id} ) { $ZoneMinder::Database::dbh->commit(); - return "Event has already been moved by someone else."; + return 'Event has already been moved by someone else.'; } if ( $$OldStorage{Id} != $$self{StorageId} ) { @@ -586,13 +589,13 @@ sub CopyTo { } my $event_path = 'events/'.$self->RelativePath(); -Info("Making dir ectory $event_path/"); + Debug("Making directory $event_path/"); if ( ! $bucket->add_key( $event_path.'/','' ) ) { die "Unable to add key for $event_path/"; } my @files = glob("$OldPath/*"); -Debug("Files to move @files"); + Debug("Files to move @files"); for my $file (@files) { next if $file =~ /^\./; ( $file ) = ( $file =~ /^(.*)$/ ); # De-taint From 99f78c50af9a981276e29a6fab92c4b0a48f3dfb Mon Sep 17 00:00:00 2001 From: Isaac Connor Date: Wed, 24 Jul 2019 09:37:38 -0400 Subject: [PATCH 361/922] Add Updating SecondaryStorageId when using CopyTo --- scripts/zmfilter.pl.in | 20 +++++++++++++++----- 1 file changed, 15 insertions(+), 5 deletions(-) diff --git a/scripts/zmfilter.pl.in b/scripts/zmfilter.pl.in index 0b8812c87..b3da3bb68 100644 --- a/scripts/zmfilter.pl.in +++ b/scripts/zmfilter.pl.in @@ -346,10 +346,20 @@ sub checkFilter { Error($_) if $_; } if ( $filter->{AutoCopy} ) { - my $NewStorage = new ZoneMinder::Storage($filter->{AutoCopyTo}); - $_ = $Event->CopyTo($NewStorage); - Error($_) if $_; - } + # Copy To is different from MoveTo in that it JUST copies the files + # So we still need to update the Event object with the new SecondaryStorageId + my $NewStorage = ZoneMinder::Storage->find_one($filter->{AutoCopyTo}); + if ( $NewStorage ) { + $_ = $Event->CopyTo($NewStorage); + if ( $_ ) { + Error($_); + } else { + $Event->save({SecondaryStorageId=>$$NewStorage{Id}}); + } + } else { + Error("No storage area found for copy to operation. AutoCopyTo was $$filter{AutoCopyTo}"); + } + } # end if AutoCopy if ( $filter->{UpdateDiskSpace} ) { $ZoneMinder::Database::dbh->begin_work(); @@ -368,7 +378,7 @@ sub checkFilter { $ZoneMinder::Database::dbh->commit(); } # end if UpdateDiskSpace } # end foreach event -} +} # end sub checkFilter sub generateVideo { my $filter = shift; From 2d556e6402b9430ff156abd8e441f0b03add487e Mon Sep 17 00:00:00 2001 From: Isaac Connor Date: Wed, 24 Jul 2019 10:52:32 -0400 Subject: [PATCH 362/922] Add SecondaryStorageId to Events --- db/zm_create.sql.in | 1 + 1 file changed, 1 insertion(+) diff --git a/db/zm_create.sql.in b/db/zm_create.sql.in index d1952f66a..113d434ff 100644 --- a/db/zm_create.sql.in +++ b/db/zm_create.sql.in @@ -186,6 +186,7 @@ CREATE TABLE `Events` ( `Id` bigint unsigned NOT NULL auto_increment, `MonitorId` int(10) unsigned NOT NULL default '0', `StorageId` smallint(5) unsigned default 0, + `SecondaryStorageId` smallint(5) unsigned default 0, `Name` varchar(64) NOT NULL default '', `Cause` varchar(32) NOT NULL default '', `StartTime` datetime default NULL, From 57133691e91c8898bd3700c3a68908fdc02f1349 Mon Sep 17 00:00:00 2001 From: Isaac Connor Date: Wed, 24 Jul 2019 10:53:23 -0400 Subject: [PATCH 363/922] Add update script for SecondaryStorageArea capability in Events and Filters --- db/zm_update-1.33.14.sql | 51 ++++++++++++++++++++++++++++++++++++++++ 1 file changed, 51 insertions(+) create mode 100644 db/zm_update-1.33.14.sql diff --git a/db/zm_update-1.33.14.sql b/db/zm_update-1.33.14.sql new file mode 100644 index 000000000..83d0cfbba --- /dev/null +++ b/db/zm_update-1.33.14.sql @@ -0,0 +1,51 @@ +-- +-- Add CopyTo action to Filters +-- + +SET @s = (SELECT IF( + (SELECT COUNT(*) FROM INFORMATION_SCHEMA.COLUMNS WHERE table_schema = DATABASE() + AND table_name = 'Filters' + AND column_name = 'AutoCopy' + ) > 0, +"SELECT 'Column AutoCopy already exists in Filters'", +"ALTER TABLE Filters ADD `AutoCopy` tinyint(3) unsigned NOT NULL default '0' AFTER `AutoMove`" +)); + +PREPARE stmt FROM @s; +EXECUTE stmt; + +SET @s = (SELECT IF( + (SELECT COUNT(*) FROM INFORMATION_SCHEMA.COLUMNS WHERE table_schema = DATABASE() + AND table_name = 'Filters' + AND column_name = 'AutoCopyTo' + ) > 0, +"SELECT 'Column AutoCopyTo already exists in Filters'", +"ALTER TABLE Filters ADD `AutoCopyTo` smallint(5) unsigned NOT NULL default '0' AFTER `AutoCopy`" +)); + +PREPARE stmt FROM @s; +EXECUTE stmt; + +SET @s = (SELECT IF( + (SELECT COUNT(*) FROM INFORMATION_SCHEMA.COLUMNS WHERE table_schema = DATABASE() + AND table_name = 'Filters' + AND column_name = 'Query_json' + ) > 0, +"SELECT 'Column Query_json already exists in Filters'", +"ALTER TABLE `Filters` Change `Query` `Query_json` text NOT NULL" +)); + +PREPARE stmt FROM @s; +EXECUTE stmt; + +SET @s = (SELECT IF( + (SELECT COUNT(*) FROM INFORMATION_SCHEMA.COLUMNS WHERE table_schema = DATABASE() + AND table_name = 'Events' + AND column_name = 'SecondaryStorageId' + ) > 0, +"SELECT 'Column SecondaryStorageId already exists in Events'", +"ALTER TABLE `Events` ADD `SecondaryStorageId` smallint(5) unsigned default 0 AFTER `StorageId`" +)); + +PREPARE stmt FROM @s; +EXECUTE stmt; From afa02e436d6bddffa202fada5f74162d5dda4730 Mon Sep 17 00:00:00 2001 From: Isaac Connor Date: Wed, 24 Jul 2019 10:53:56 -0400 Subject: [PATCH 364/922] Upgrade Storage perl object to use parent Object::find --- scripts/ZoneMinder/lib/ZoneMinder/Storage.pm | 47 +------------------- 1 file changed, 2 insertions(+), 45 deletions(-) diff --git a/scripts/ZoneMinder/lib/ZoneMinder/Storage.pm b/scripts/ZoneMinder/lib/ZoneMinder/Storage.pm index 1f7c1b9fe..17d196f92 100644 --- a/scripts/ZoneMinder/lib/ZoneMinder/Storage.pm +++ b/scripts/ZoneMinder/lib/ZoneMinder/Storage.pm @@ -46,56 +46,13 @@ use ZoneMinder::Database qw(:all); use POSIX; -use vars qw/ $table $primary_key /; +use vars qw/ $table $primary_key %fields/; $table = 'Storage'; $primary_key = 'Id'; #__PACKAGE__->table('Storage'); #__PACKAGE__->primary_key('Id'); +%fields = map { $_ => $_ } qw( Id Name Path DoDelete ServerId Type Url DiskSpace Scheme ); -sub find { - shift if $_[0] eq 'ZoneMinder::Storage'; - my %sql_filters = @_; - - my $sql = 'SELECT * FROM Storage'; - my @sql_filters; - my @sql_values; - - if ( exists $sql_filters{Id} ) { - push @sql_filters , ' Id=? '; - push @sql_values, $sql_filters{Id}; - } - if ( exists $sql_filters{Name} ) { - push @sql_filters , ' Name = ? '; - push @sql_values, $sql_filters{Name}; - } - if ( exists $sql_filters{ServerId} ) { - push @sql_filters, ' ServerId = ?'; - push @sql_values, $sql_filters{ServerId}; - } - - - $sql .= ' WHERE ' . join(' AND ', @sql_filters) if @sql_filters; - $sql .= ' LIMIT ' . $sql_filters{limit} if $sql_filters{limit}; - - my $sth = $ZoneMinder::Database::dbh->prepare_cached( $sql ) - or Fatal( "Can't prepare '$sql': ".$ZoneMinder::Database::dbh->errstr() ); - my $res = $sth->execute( @sql_values ) - or Fatal( "Can't execute '$sql': ".$sth->errstr() ); - - my @results; - - while( my $db_filter = $sth->fetchrow_hashref() ) { - my $filter = new ZoneMinder::Storage( $$db_filter{Id}, $db_filter ); - push @results, $filter; - } # end while - Debug("SQL: $sql returned " . @results . ' results'); - return @results; -} - -sub find_one { - my @results = find(@_); - return $results[0] if @results; -} sub Path { if ( @_ > 1 ) { From 58851d23d2b4780f2da15f7e5f26cb033edeef30 Mon Sep 17 00:00:00 2001 From: Isaac Connor Date: Wed, 24 Jul 2019 11:22:55 -0400 Subject: [PATCH 365/922] Add Secondary Storage support to the Event object --- web/includes/Event.php | 14 ++++++++++++++ 1 file changed, 14 insertions(+) diff --git a/web/includes/Event.php b/web/includes/Event.php index 1b996a839..dc7dd3575 100644 --- a/web/includes/Event.php +++ b/web/includes/Event.php @@ -12,6 +12,7 @@ class Event { 'Name', 'MonitorId', 'StorageId', +'SecondaryStorageId', 'Name', 'Cause', 'StartTime', @@ -85,6 +86,19 @@ class Event { return $this->{'Storage'}; } + public function SecondaryStorage( $new = null ) { + if ( $new ) { + $this->{'SecondaryStorage'} = $new; + } + if ( ! ( array_key_exists('SecondaryStorage', $this) and $this->{'SecondaryStorage'} ) ) { + if ( isset($this->{'SecondaryStorageId'}) and $this->{'SecondaryStorageId'} ) + $this->{'SecondaryStorage'} = Storage::find_one(array('Id'=>$this->{'SecondaryStorageId'})); + if ( ! ( array_key_exists('SecondaryStorage', $this) and $this->{'SecondaryStorage'} ) ) + $this->{'SecondaryStorage'} = new Storage(NULL); + } + return $this->{'SecondaryStorage'}; + } + public function Monitor() { if ( isset($this->{'MonitorId'}) ) { $Monitor = Monitor::find_one(array('Id'=>$this->{'MonitorId'})); From aff081ad41c127133737fb4d7feb7add9fb39539 Mon Sep 17 00:00:00 2001 From: Isaac Connor Date: Wed, 24 Jul 2019 11:23:13 -0400 Subject: [PATCH 366/922] Must commit after COpyTo to release locks --- scripts/zmfilter.pl.in | 4 +++- 1 file changed, 3 insertions(+), 1 deletion(-) diff --git a/scripts/zmfilter.pl.in b/scripts/zmfilter.pl.in index b3da3bb68..5cba8f1d4 100644 --- a/scripts/zmfilter.pl.in +++ b/scripts/zmfilter.pl.in @@ -348,13 +348,15 @@ sub checkFilter { if ( $filter->{AutoCopy} ) { # Copy To is different from MoveTo in that it JUST copies the files # So we still need to update the Event object with the new SecondaryStorageId - my $NewStorage = ZoneMinder::Storage->find_one($filter->{AutoCopyTo}); + my $NewStorage = ZoneMinder::Storage->find_one(Id=>$filter->{AutoCopyTo}); if ( $NewStorage ) { $_ = $Event->CopyTo($NewStorage); if ( $_ ) { + $ZoneMinder::Database::dbh->commit(); Error($_); } else { $Event->save({SecondaryStorageId=>$$NewStorage{Id}}); + $ZoneMinder::Database::dbh->commit(); } } else { Error("No storage area found for copy to operation. AutoCopyTo was $$filter{AutoCopyTo}"); From 341f4adbdfaedd093869a009754f46a0a2c6f58d Mon Sep 17 00:00:00 2001 From: Isaac Connor Date: Wed, 24 Jul 2019 11:23:38 -0400 Subject: [PATCH 367/922] Functions that change the Query must reset Query_json as well --- web/includes/Filter.php | 46 ++++++++++++++++++++++++++--------------- 1 file changed, 29 insertions(+), 17 deletions(-) diff --git a/web/includes/Filter.php b/web/includes/Filter.php index f8b06d4e5..d59ecda7c 100644 --- a/web/includes/Filter.php +++ b/web/includes/Filter.php @@ -23,29 +23,33 @@ class Filter extends ZM_Object { 'UpdateDiskSpace' => 0, 'Background' => 0, 'Concurrent' => 0, - #'limit' => 100, 'Query_json' => '', - #'sort_field' => ZM_WEB_EVENT_SORT_FIELD, - #'sort_asc' => ZM_WEB_EVENT_SORT_ORDER, ); - public function Query($new = -1) { - if ( $new and ( $new != -1 ) ) { - $this->{'Query'} = $new; - $this->{'Query_json'} = jsonEncode($new); - Logger::Debug("Setting Query to " . $this->{'Query_json'}); + public function Query_json() { + if ( func_num_args( ) ) { + $this->{'Query_json'} = func_get_arg(0);; + $this->{'Query'} = jsonDecode($this->{'Query_json'}); + } + return $this->{'Query_json'}; + } + + public function Query() { + if ( func_num_args( ) ) { + $this->{'Query'} = func_get_arg(0);; + $this->{'Query_json'} = jsonEncode($this->{'Query'}); } if ( !array_key_exists('Query', $this) ) { if ( array_key_exists('Query_json', $this) and $this->{'Query_json'} ) { $this->{'Query'} = jsonDecode($this->{'Query_json'}); - Logger::Debug("Decoded Query already" . print_r($this->{'Query'}, true )); - } else { - Logger::Debug("No Have Query_json already"); $this->{'Query'} = array(); } } else { - Logger::Debug("Have Query already" . print_r($this->{'Query'}, true )); + if ( !is_array($this->{'Query'}) ) { + # Handle existence of both Query_json and Query in the row + $this->{'Query'} = jsonDecode($this->{'Query_json'}); + } } return $this->{'Query'}; } @@ -59,8 +63,10 @@ class Filter extends ZM_Object { } public function terms( ) { - if ( func_num_args( ) ) { - $this->Query()['terms'] = func_get_arg(0); + if ( func_num_args() ) { + $Query = $this->Query(); + $Query['terms'] = func_get_arg(0); + $this->Query($Query); } if ( isset( $this->Query()['terms'] ) ) { return $this->Query()['terms']; @@ -71,7 +77,9 @@ class Filter extends ZM_Object { // The following three fields are actually stored in the Query public function sort_field( ) { if ( func_num_args( ) ) { - $this->Query()['sort_field'] = func_get_arg(0); + $Query = $this->Query(); + $Query['sort_field'] = func_get_arg(0); + $this->Query($Query); } if ( isset( $this->Query()['sort_field'] ) ) { return $this->{'Query'}['sort_field']; @@ -82,7 +90,9 @@ class Filter extends ZM_Object { public function sort_asc( ) { if ( func_num_args( ) ) { - $this->Query()['sort_asc'] = func_get_arg(0); + $Query = $this->Query(); + $Query['sort_asc'] = func_get_arg(0); + $this->Query($Query); } if ( isset( $this->Query()['sort_asc'] ) ) { return $this->{'Query'}['sort_asc']; @@ -93,7 +103,9 @@ class Filter extends ZM_Object { public function limit( ) { if ( func_num_args( ) ) { - $this->{'Query'}['limit'] = func_get_arg(0); + $Query = $this->Query(); + $Query['limit'] = func_get_arg(0); + $this->Query($Query); } if ( isset( $this->Query()['limit'] ) ) return $this->{'Query'}['limit']; From e3a9d5d48875c6cf8e24f73dc9f0d880a49e0a08 Mon Sep 17 00:00:00 2001 From: Isaac Connor Date: Wed, 24 Jul 2019 11:24:14 -0400 Subject: [PATCH 368/922] Rewrite changes to run through the keys of the passed in new values array, and handle object methods as well as basic values --- web/includes/Object.php | 46 +++++++++++++++++++++++++++++++---------- 1 file changed, 35 insertions(+), 11 deletions(-) diff --git a/web/includes/Object.php b/web/includes/Object.php index 041b45bed..2b58928d9 100644 --- a/web/includes/Object.php +++ b/web/includes/Object.php @@ -171,19 +171,43 @@ class ZM_Object { public function changes( $new_values ) { $changes = array(); - foreach ( $this->defaults as $field=>$default_value ) { - if ( array_key_exists($field, $new_values) ) { - Logger::Debug("Checking default $field => $default_value exists in new values :".$this->{$field} . " " .$new_values[$field]); - if ( (!array_key_exists($field, $this)) or ( $this->{$field} != $new_values[$field] ) ) { - Logger::Debug("Checking default $field => $default_value changes becaause" . $new_values[$field].' != '.$new_values[$field]); - $changes[$field] = $new_values[$field]; - #} else if { - Logger::Debug("Checking default $field => $default_value changes becaause " . $new_values[$field].' != '.$new_values[$field]); - #array_push( $changes, [$field=>$defaults[$field]] ); + foreach ( $new_values as $field => $value ) { + + if ( method_exists($this, $field) ) { + $old_value = $this->$field(); + Logger::Debug("Checking method $field () ".print_r($old_value,true)." => " . print_r($value,true)); + if ( is_array($old_value) ) { + $diff = array_recursive_diff($old_value, $value); + Logger::Debug("Checking method $field () diff is".print_r($diff,true)); + if ( count($diff) ) { + $changes[$field] = $value; + } + } else if ( $this->$field() != $value ) { + $changes[$field] = $value; + } + } else if ( array_key_exists($field, $this) ) { + Logger::Debug("Checking field $field => ".$this->{$field} . " ?= " .$value); + if ( $this->{$field} != $value ) { + $changes[$field] = $value; + } + } else if ( array_key_exists($field, $this->defaults) ) { + + Logger::Debug("Checking default $field => ".$this->defaults[$field] . " " .$value); + if ( $this->defaults[$field] != $value ) { + $changes[$field] = $value; } - } else { - Logger::Debug("Checking default $field => $default_value not in new_values"); } + + #if ( (!array_key_exists($field, $this)) or ( $this->{$field} != $new_values[$field] ) ) { + #Logger::Debug("Checking default $field => $default_value changes becaause" . $new_values[$field].' != '.$new_values[$field]); + #$changes[$field] = $new_values[$field]; + ##} else if { + #Logger::Debug("Checking default $field => $default_value changes becaause " . $new_values[$field].' != '.$new_values[$field]); + ##array_push( $changes, [$field=>$defaults[$field]] ); + #} + #} else { + #Logger::Debug("Checking default $field => $default_value not in new_values"); + #} } # end foreach default return $changes; } # end public function changes From 45afc2a534878b86ae10928fc4241c1f9acad36c Mon Sep 17 00:00:00 2001 From: Isaac Connor Date: Wed, 24 Jul 2019 11:24:37 -0400 Subject: [PATCH 369/922] introduce array_recursive_diff which we use to compare two arrays in Object::changes --- web/includes/functions.php | 41 ++++++++++++++++++++++++++++++++++++++ 1 file changed, 41 insertions(+) diff --git a/web/includes/functions.php b/web/includes/functions.php index 867861ffe..9e0655933 100644 --- a/web/includes/functions.php +++ b/web/includes/functions.php @@ -2518,4 +2518,45 @@ function format_duration($time, $separator=':') { return sprintf('%02d%s%02d%s%02d', floor($time/3600), $separator, ($time/60)%60, $separator, $time%60); } +function array_recursive_diff($aArray1, $aArray2) { + $aReturn = array(); + + foreach ($aArray1 as $mKey => $mValue) { + if ( array_key_exists($mKey, $aArray2) ) { + if ( is_array($mValue) ) { + $aRecursiveDiff = array_recursive_diff($mValue, $aArray2[$mKey]); + if ( count($aRecursiveDiff) ) { + $aReturn[$mKey] = $aRecursiveDiff; + } + } else { + if ( $mValue != $aArray2[$mKey] ) { + $aReturn[$mKey] = $mValue; + } + } + } else { + $aReturn[$mKey] = $mValue; + } + } + # Now check for keys in array2 that are not in array1 + foreach ($aArray2 as $mKey => $mValue) { + if ( array_key_exists($mKey, $aArray1) ) { + # Already checked it... I think. + #if ( is_array($mValue) ) { + #$aRecursiveDiff = array_recursive_diff($mValue, $aArray2[$mKey]); + #if ( count($aRecursiveDiff) ) { + #$aReturn[$mKey] = $aRecursiveDiff; + #} + #} else { + #if ( $mValue != $aArray2[$mKey] ) { + #$aReturn[$mKey] = $mValue; + #} + #} + } else { + $aReturn[$mKey] = $mValue; + } + } + + return $aReturn; +} + ?> From 1254e8ab67d0c90ee0b6b98b3496e5ad70036c78 Mon Sep 17 00:00:00 2001 From: Isaac Connor Date: Wed, 24 Jul 2019 11:24:50 -0400 Subject: [PATCH 370/922] Add AttrSecondaryStorageArea to lang --- web/lang/en_gb.php | 1 + 1 file changed, 1 insertion(+) diff --git a/web/lang/en_gb.php b/web/lang/en_gb.php index 526486921..0e575fd1f 100644 --- a/web/lang/en_gb.php +++ b/web/lang/en_gb.php @@ -132,6 +132,7 @@ $SLANG = array( 'AttrMaxScore' => 'Max. Score', 'AttrMonitorId' => 'Monitor Id', 'AttrMonitorName' => 'Monitor Name', + 'AttrSecondaryStorageArea' => 'Secondary Storage Area', 'AttrStorageArea' => 'Storage Area', 'AttrFilterServer' => 'Server Filter is Running On', 'AttrMonitorServer' => 'Server Monitor is Running On', From 1a0beab70336397109379197de3b253c01d2642c Mon Sep 17 00:00:00 2001 From: Isaac Connor Date: Wed, 24 Jul 2019 11:25:38 -0400 Subject: [PATCH 371/922] add Secondary Storage Area options. Storage array is now an array of Objects so use the Name key --- web/skins/classic/views/js/filter.js | 4 ++-- 1 file changed, 2 insertions(+), 2 deletions(-) diff --git a/web/skins/classic/views/js/filter.js b/web/skins/classic/views/js/filter.js index 36d1e09d5..99e8a9c03 100644 --- a/web/skins/classic/views/js/filter.js +++ b/web/skins/classic/views/js/filter.js @@ -209,10 +209,10 @@ function parseRows(rows) { } var serverVal = inputTds.eq(4).children().val(); inputTds.eq(4).html(serverSelect).children().val(serverVal).chosen({width: "101%"}); - } else if ( attr == 'StorageId' ) { //Choose by storagearea + } else if ( (attr == 'StorageId') || (attr == 'SecondaryStorageId') ) { //Choose by storagearea var storageSelect = $j('').attr('name', queryPrefix + rowNum + '][val]').attr('id', queryPrefix + rowNum + '][val]'); for ( key in storageareas ) { - storageSelect.append(''); + storageSelect.append(''); } var storageVal = inputTds.eq(4).children().val(); inputTds.eq(4).html(storageSelect).children().val(storageVal).chosen({width: "101%"}); From 2d46f2adaba3747401d96cd8549916a739e8d696 Mon Sep 17 00:00:00 2001 From: Isaac Connor Date: Wed, 24 Jul 2019 11:25:51 -0400 Subject: [PATCH 372/922] add Secondary Storage Area options. --- web/skins/classic/views/filter.php | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/web/skins/classic/views/filter.php b/web/skins/classic/views/filter.php index 893d1ecbd..2f159230e 100644 --- a/web/skins/classic/views/filter.php +++ b/web/skins/classic/views/filter.php @@ -270,7 +270,7 @@ for ( $i=0; $i < count($terms); $i++ ) { From 39262d55f5914004a2ae41a273bb7631d96294ec Mon Sep 17 00:00:00 2001 From: Isaac Connor Date: Wed, 24 Jul 2019 11:26:07 -0400 Subject: [PATCH 373/922] Also show secondary storage area when viewing event --- web/skins/classic/views/event.php | 6 +++++- 1 file changed, 5 insertions(+), 1 deletion(-) diff --git a/web/skins/classic/views/event.php b/web/skins/classic/views/event.php index b09f88acc..f0a6e343c 100644 --- a/web/skins/classic/views/event.php +++ b/web/skins/classic/views/event.php @@ -134,7 +134,11 @@ if ( ! $Event->Id() ) { Length().'s' ?> Frames() ?>/AlarmFrames() ?> TotScore() ?>/AvgScore() ?>/MaxScore() ?> - DiskSpace(null)) . ' on ' . $Event->Storage()->Name() ?> + +DiskSpace(null)) . ' on ' . $Event->Storage()->Name(). + ( $Event->SecondaryStorageId() ? ', ' . $Event->SecondaryStorage()->Name() :'' ) +?>
From 847cd9f34758cc11a54e44f318ad542d54d63755 Mon Sep 17 00:00:00 2001 From: Isaac Connor Date: Wed, 19 Jun 2019 08:36:37 -0400 Subject: [PATCH 246/922] Print out an error when a monitor is in MONITOR mode because we can't handle alarms. Allow signals to terminate zmu by checking zm_terminate. --- src/zmu.cpp | 20 ++++++++++++-------- 1 file changed, 12 insertions(+), 8 deletions(-) diff --git a/src/zmu.cpp b/src/zmu.cpp index 07f9ae8aa..bd70f8337 100644 --- a/src/zmu.cpp +++ b/src/zmu.cpp @@ -571,14 +571,18 @@ int main(int argc, char *argv[]) { monitor->DumpZoneImage(zoneString); } if ( function & ZMU_ALARM ) { - if ( verbose ) - printf("Forcing alarm on\n"); - monitor->ForceAlarmOn(config.forced_alarm_score, "Forced Web"); - while ( monitor->GetState() != Monitor::ALARM ) { - // Wait for monitor to notice. - usleep(1000); - } - printf("Alarmed event id: %" PRIu64 "\n", monitor->GetLastEventId()); + if ( monitor->GetFunction() == Monitor::Function::MONITOR ) { + printf("A Monitor in monitor mode cannot handle alarms. Please use NoDect\n"); + } else { + if ( verbose ) + printf("Forcing alarm on\n"); + monitor->ForceAlarmOn(config.forced_alarm_score, "Forced Web"); + while ( (monitor->GetState() != Monitor::ALARM) && !zm_terminate ) { + // Wait for monitor to notice. + usleep(1000); + } + printf("Alarmed event id: %" PRIu64 "\n", monitor->GetLastEventId()); + } // end if ! MONITOR } if ( function & ZMU_NOALARM ) { if ( verbose ) From 9727d0ed9f61b371c53ae15a74d0eac2a6ea4ef9 Mon Sep 17 00:00:00 2001 From: Isaac Connor Date: Wed, 19 Jun 2019 09:21:44 -0400 Subject: [PATCH 247/922] spaces --- src/zm_ffmpeg_camera.cpp | 4 ++-- 1 file changed, 2 insertions(+), 2 deletions(-) diff --git a/src/zm_ffmpeg_camera.cpp b/src/zm_ffmpeg_camera.cpp index edf338f6e..4b0bb7c9e 100644 --- a/src/zm_ffmpeg_camera.cpp +++ b/src/zm_ffmpeg_camera.cpp @@ -458,9 +458,9 @@ int FfmpegCamera::OpenFfmpeg() { } } // end foreach stream if ( mVideoStreamId == -1 ) - Fatal( "Unable to locate video stream in %s", mPath.c_str() ); + Fatal("Unable to locate video stream in %s", mPath.c_str()); if ( mAudioStreamId == -1 ) - Debug( 3, "Unable to locate audio stream in %s", mPath.c_str() ); + Debug(3, "Unable to locate audio stream in %s", mPath.c_str()); Debug(3, "Found video stream at index %d", mVideoStreamId); Debug(3, "Found audio stream at index %d", mAudioStreamId); From 16b035f76c3ada1b5cf6198f02d0617fda6a439a Mon Sep 17 00:00:00 2001 From: Isaac Connor Date: Wed, 19 Jun 2019 09:22:12 -0400 Subject: [PATCH 248/922] Use common first_dts/pts instead of separate video and audio first pts/dts --- src/zm_videostore.cpp | 38 +++++++++++++++++++------------------- 1 file changed, 19 insertions(+), 19 deletions(-) diff --git a/src/zm_videostore.cpp b/src/zm_videostore.cpp index 3ad93fd69..0c1e6a6f4 100644 --- a/src/zm_videostore.cpp +++ b/src/zm_videostore.cpp @@ -285,8 +285,8 @@ VideoStore::VideoStore( video_last_pts = 0; video_last_dts = 0; - audio_first_pts = 0; - audio_first_dts = 0; + video_first_pts = 0; + video_first_dts = 0; audio_next_pts = 0; audio_next_dts = 0; @@ -1017,12 +1017,12 @@ int VideoStore::writeAudioFramePacket(AVPacket *ipkt) { zm_dump_frame(out_frame, "Out frame after resample"); // out_frame pts is in the input pkt pts... needs to be adjusted before sending to the encoder if ( out_frame->pts != AV_NOPTS_VALUE ) { - if ( !audio_first_pts ) { - audio_first_pts = out_frame->pts; - Debug(1, "No audio_first_pts setting to %" PRId64, audio_first_pts); + if ( !video_first_pts ) { + video_first_pts = out_frame->pts; + Debug(1, "No video_first_pts setting to %" PRId64, video_first_pts); out_frame->pts = 0; } else { - out_frame->pts = out_frame->pts - audio_first_pts; + out_frame->pts = out_frame->pts - video_first_pts; zm_dump_frame(out_frame, "Out frame after pts adjustment"); } // @@ -1097,18 +1097,18 @@ int VideoStore::writeAudioFramePacket(AVPacket *ipkt) { } // Scale the PTS of the outgoing packet to be the correct time base if ( ipkt->pts != AV_NOPTS_VALUE ) { - if ( !audio_first_pts ) { + if ( !video_first_pts ) { opkt.pts = 0; - audio_first_pts = ipkt->pts; - Debug(1, "No audio_first_pts"); + video_first_pts = ipkt->pts; + Debug(1, "No video_first_pts"); } else { opkt.pts = av_rescale_q( - ipkt->pts - audio_first_pts, + ipkt->pts - video_first_pts, AV_TIME_BASE_Q, //audio_in_stream->time_base, audio_out_stream->time_base); Debug(2, "audio opkt.pts = %" PRId64 " from ipkt->pts(%" PRId64 ") - first_pts(%" PRId64 ")", - opkt.pts, ipkt->pts, audio_first_pts); + opkt.pts, ipkt->pts, video_first_pts); } } else { Debug(2, "opkt.pts = undef"); @@ -1126,17 +1126,17 @@ int VideoStore::writeAudioFramePacket(AVPacket *ipkt) { opkt.dts = audio_next_dts + av_rescale_q( audio_in_stream->cur_dts - audio_last_dts, AV_TIME_BASE_Q, audio_out_stream->time_base); } #endif - if ( !audio_first_dts ) { + if ( !video_first_dts ) { opkt.dts = 0; - audio_first_dts = ipkt->dts; + video_first_dts = ipkt->dts; } else { opkt.dts = av_rescale_q( - ipkt->dts - audio_first_dts, + ipkt->dts - video_first_dts, AV_TIME_BASE_Q, //audio_in_stream->time_base, audio_out_stream->time_base); Debug(2, "opkt.dts = %" PRId64 " from ipkt.dts(%" PRId64 ") - first_dts(%" PRId64 ")", - opkt.dts, ipkt->dts, audio_first_dts); + opkt.dts, ipkt->dts, video_first_dts); } audio_last_dts = ipkt->dts; } else { @@ -1200,12 +1200,12 @@ int VideoStore::resample_audio() { #if 0 // out_frame pts is in the input pkt pts... needs to be adjusted before sending to the encoder if ( out_frame->pts != AV_NOPTS_VALUE ) { - if ( !audio_first_pts ) { - audio_first_pts = out_frame->pts; - Debug(1, "No audio_first_pts setting to %" PRId64, audio_first_pts); + if ( !video_first_pts ) { + video_first_pts = out_frame->pts; + Debug(1, "No video_first_pts setting to %" PRId64, video_first_pts); out_frame->pts = 0; } else { - out_frame->pts = out_frame->pts - audio_first_pts; + out_frame->pts = out_frame->pts - video_first_pts; } // } else { From cc35e3f187cf25a3759755315535b84322f6dcdd Mon Sep 17 00:00:00 2001 From: Isaac Connor Date: Wed, 19 Jun 2019 09:51:06 -0400 Subject: [PATCH 249/922] add dumpQueue to packetqueue to print out the contents --- src/zm_ffmpeg_camera.cpp | 1 + src/zm_packetqueue.cpp | 11 ++++++++++- src/zm_packetqueue.h | 1 + 3 files changed, 12 insertions(+), 1 deletion(-) diff --git a/src/zm_ffmpeg_camera.cpp b/src/zm_ffmpeg_camera.cpp index 4b0bb7c9e..5442f7c1c 100644 --- a/src/zm_ffmpeg_camera.cpp +++ b/src/zm_ffmpeg_camera.cpp @@ -807,6 +807,7 @@ int FfmpegCamera::CaptureAndRecord( Image &image, timeval recording, char* event if ( last_event_id and !videoStore ) { //Instantiate the video storage module + packetqueue->dumpQueue(); if ( record_audio ) { if ( mAudioStreamId == -1 ) { Debug(3, "Record Audio on but no audio stream found"); diff --git a/src/zm_packetqueue.cpp b/src/zm_packetqueue.cpp index 1287c7bd5..b39b612cf 100644 --- a/src/zm_packetqueue.cpp +++ b/src/zm_packetqueue.cpp @@ -63,7 +63,7 @@ bool zm_packetqueue::queuePacket(ZMPacket* zm_packet) { && ( av_packet->dts <= zm_packet->packet.dts) ) { - Debug(2, "break packet with stream index (%d) with dts %" PRId64, + Debug(2, "break packet with stream index (%d) with dts %" PRId64, (*it)->packet.stream_index, (*it)->packet.dts); break; } @@ -273,3 +273,12 @@ void zm_packetqueue::clear_unwanted_packets( timeval *recording_started, int mVi deleted_frames, pktQueue.size(), av_packet->stream_index, ( av_packet->flags & AV_PKT_FLAG_KEY ), distance( it, pktQueue.rend() ), pktQueue.size() ); } } // end void zm_packetqueue::clear_unwanted_packets( timeval *recording_started, int mVideoStreamId ) + +void zm_packetqueue::dumpQueue() { + std::list::reverse_iterator it; + for ( it = pktQueue.rbegin(); it != pktQueue.rend(); ++ it ) { + ZMPacket *zm_packet = *it; + AVPacket *av_packet = &(zm_packet->packet); + dumpPacket(av_packet); + } +} diff --git a/src/zm_packetqueue.h b/src/zm_packetqueue.h index 984243c38..6e4b83b02 100644 --- a/src/zm_packetqueue.h +++ b/src/zm_packetqueue.h @@ -41,6 +41,7 @@ public: bool popAudioPacket(ZMPacket* packet); unsigned int clearQueue(unsigned int video_frames_to_keep, int stream_id); void clearQueue(); + void dumpQueue(); unsigned int size(); void clear_unwanted_packets(timeval *recording, int mVideoStreamId); int packet_count(int stream_id); From 540a114c4b2fed102fce183005639efa1630834d Mon Sep 17 00:00:00 2001 From: Isaac Connor Date: Wed, 19 Jun 2019 10:31:53 -0400 Subject: [PATCH 250/922] spacing google code style --- src/zm_crypt.cpp | 38 ++++++++++++++++++++------------------ 1 file changed, 20 insertions(+), 18 deletions(-) diff --git a/src/zm_crypt.cpp b/src/zm_crypt.cpp index 0235e5c13..f6491a480 100644 --- a/src/zm_crypt.cpp +++ b/src/zm_crypt.cpp @@ -66,14 +66,14 @@ std::pair verifyToken(std::string jwt_token_str, std bool verifyPassword(const char *username, const char *input_password, const char *db_password_hash) { bool password_correct = false; - if (strlen(db_password_hash ) < 4) { + if ( strlen(db_password_hash) < 4 ) { // actually, shoud be more, but this is min. for next code - Error ("DB Password is too short or invalid to check"); + Error("DB Password is too short or invalid to check"); return false; } - if (db_password_hash[0] == '*') { + if ( db_password_hash[0] == '*' ) { // MYSQL PASSWORD - Debug (1,"%s is using an MD5 encoded password", username); + Debug(1, "%s is using an MD5 encoded password", username); SHA_CTX ctx1, ctx2; unsigned char digest_interim[SHA_DIGEST_LENGTH]; @@ -90,28 +90,30 @@ bool verifyPassword(const char *username, const char *input_password, const char SHA1_Final (digest_final, &ctx2); char final_hash[SHA_DIGEST_LENGTH * 2 +2]; - final_hash[0]='*'; + final_hash[0] = '*'; //convert to hex - for(int i = 0; i < SHA_DIGEST_LENGTH; i++) - sprintf(&final_hash[i*2]+1, "%02X", (unsigned int)digest_final[i]); - final_hash[SHA_DIGEST_LENGTH *2 + 1]=0; + for ( int i = 0; i < SHA_DIGEST_LENGTH; i++ ) + sprintf(&final_hash[i*2]+1, "%02X", (unsigned int)digest_final[i]); + final_hash[SHA_DIGEST_LENGTH *2 + 1] = 0; - Debug (1,"Computed password_hash:%s, stored password_hash:%s", final_hash, db_password_hash); - Debug (5, "Computed password_hash:%s, stored password_hash:%s", final_hash, db_password_hash); + Debug(1, "Computed password_hash:%s, stored password_hash:%s", final_hash, db_password_hash); password_correct = (strcmp(db_password_hash, final_hash)==0); - } - else if ((db_password_hash[0] == '$') && (db_password_hash[1]== '2') - &&(db_password_hash[3] == '$')) { + } else if ( + (db_password_hash[0] == '$') + && + (db_password_hash[1]== '2') + && + (db_password_hash[3] == '$') + ) { // BCRYPT - Debug (1,"%s is using a bcrypt encoded password", username); + Debug(1, "%s is using a bcrypt encoded password", username); BCrypt bcrypt; std::string input_hash = bcrypt.generateHash(std::string(input_password)); password_correct = bcrypt.validatePassword(std::string(input_password), std::string(db_password_hash)); - } - else { + } else { // plain - Warning ("%s is using a plain text password, please do not use plain text", username); + Warning("%s is using a plain text password, please do not use plain text", username); password_correct = (strcmp(input_password, db_password_hash) == 0); } return password_correct; -} \ No newline at end of file +} From 4da5c52cd254dc56cdbcb1d0c7ad95bc9bd15252 Mon Sep 17 00:00:00 2001 From: tolland Date: Wed, 19 Jun 2019 20:18:38 +0000 Subject: [PATCH 251/922] remove extra px in svg tag --- web/skins/classic/views/montage.php | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/web/skins/classic/views/montage.php b/web/skins/classic/views/montage.php index 6527a6e8f..aac008dbc 100644 --- a/web/skins/classic/views/montage.php +++ b/web/skins/classic/views/montage.php @@ -269,7 +269,7 @@ foreach ( $monitors as $monitor ) { } // end foreach Zone ?> - + '; From edd52e7fbf407ac11441a7e59bd206f9cb91e34f Mon Sep 17 00:00:00 2001 From: tolland Date: Thu, 20 Jun 2019 12:46:04 +0000 Subject: [PATCH 252/922] add js method to track liveStream img size for zones --- web/skins/classic/views/js/montage.js | 155 +++++++++++++++++++++++--- web/skins/classic/views/montage.php | 9 +- 2 files changed, 149 insertions(+), 15 deletions(-) diff --git a/web/skins/classic/views/js/montage.js b/web/skins/classic/views/js/montage.js index 23d2f32ec..0879b6601 100644 --- a/web/skins/classic/views/js/montage.js +++ b/web/skins/classic/views/js/montage.js @@ -204,6 +204,11 @@ function Monitor(monitorData) { } } // end function Monitor +/** + * called when the layoutControl select element is changed, or the page + * is rendered?? + * @return null + */ function selectLayout(element) { layout = $j(element).val(); @@ -265,15 +270,18 @@ function selectLayout(element) { // APPLET's and OBJECTS need to be re-initialized } streamImg.style.width = '100%'; + + updateZoneSvg(monitor, streamImg.getSize().x, streamImg.getSize().y); } - var zonesSVG = $('zones'+monitor.id); - if ( zonesSVG ) { - zonesSVG.style.width = ''; - } + } // end foreach monitor } } // end function selectLayout(element) +/** + * called when the widthControl|heightControl select elements are changed + * @return null + */ function changeSize() { var width = $('width').get('value'); var height = $('height').get('value'); @@ -308,12 +316,12 @@ function changeSize() { streamImg.style.width = width ? width : null; streamImg.style.height = height ? height : null; //streamImg.style.height = ''; + + // not sure how the above block works... so rescale zone if img changed?? + updateZoneSvg(monitor, streamImg.getSize().x, streamImg.getSize().y); } - var zonesSVG = $('zones'+monitor.id); - if ( zonesSVG ) { - zonesSVG.style.width = width ? width : '100%'; - zonesSVG.style.height = height; - } + + } $('scale').set('value', ''); Cookie.write('zmMontageScale', '', {duration: 10*365}); @@ -322,9 +330,14 @@ function changeSize() { selectLayout('#zmMontageLayout'); } // end function changeSize() +/** + * called when the scaleControl select element is changed + * @return null + */ function changeScale() { var scale = $('scale').get('value'); $('width').set('value', 'auto'); + // console.dir($('width')); $('height').set('value', 'auto'); Cookie.write('zmMontageScale', scale, {duration: 10*365}); Cookie.write('zmMontageWidth', '', {duration: 10*365}); @@ -335,6 +348,10 @@ function changeScale() { } for ( var i = 0, length = monitors.length; i < length; i++ ) { var monitor = monitors[i]; + + // console.log("scale = "+scale); + // console.log("SCALE_BASE = " + SCALE_BASE); + var newWidth = ( monitorData[i].width * scale ) / SCALE_BASE; var newHeight = ( monitorData[i].height * scale ) / SCALE_BASE; @@ -367,14 +384,126 @@ function changeScale() { streamImg.style.width = newWidth + "px"; streamImg.style.height = newHeight + "px"; } - var zonesSVG = $('zones'+monitor.id); - if ( zonesSVG ) { - zonesSVG.style.width = newWidth + "px"; - zonesSVG.style.height = newHeight + "px"; + + // console.log("monitor_frame.height = " + monitor_frame.height()); + // console.log("newHeight = " + newHeight); + + updateZoneSvg(monitor, newWidth, newHeight); + } +} + + +// +// function updateZoneSvg(monitor, monitor_frame) { + +/** + * cause the zone overlay Svg to track dims of associated monitor frame + * @arg monitor_frame is a jQuery element object + */ +function updateZoneSvg(monitor, newWidth, newHeight) { + console.log("calling updateZoneSvg"); + // console.dir(monitor_frame); + + // newWidth = monitor_frame.width(); + // newHeight = monitor_frame.height(); + + if (!newWidth) + debugger; + if (!newHeight || newHeight < 10) + debugger; + if (!monitor) + monitor; + + // zonesSVG is a mootools object + var zonesSVG = $('zones' + monitor.id); + if (zonesSVG) { + + console.log("newWidth = " + newWidth); + console.log("newHeight = " + newHeight); + orig_scale = zonesSVG.getProperty('data-scale-orig'); + + //debugger; + //console.log("zonesSVG.style.width =" + zonesSVG.style.width); + zonesSVG.style.width = newWidth + "px"; + //console.log("newWidth = " + newWidth + "px"); + //console.log("zonesSVG.style.width = " + zonesSVG.style.width); + zonesSVG.style.height = newHeight + "px"; + + polygons = zonesSVG.getElements("polygon"); + + for (let index = 0; index < polygons.length; index++) { + const polygon = polygons[index]; + //console.dir(polygon); + + points = coordsToPoints(polygon.getProperty("data-coords-orig")); + //console.dir(points); + + newPoints = scaleZonePoints(points, + newWidth / monitorData[index].width, + newHeight / monitorData[index].height); + + //console.dir(newPoints); + + //console.dir(newPoints); + //console.dir(); + //console.dir(pointsToCoords(newPoints)); + + polygon.setProperty("points", pointsToCoords(newPoints)); + } } } +/** + * + * @param {*} points + * @param {*} scale + */ +function scaleZonePoints(points, scalex, scaley) { + if (!points) + debugger; + if (!scalex) + debugger; + if (!scaley) + debugger; + // console.dir(points); + //debugger; + var newPoints = []; + for (let index = 0; index < points.length; index++) { + const point = points[index]; + newPoints.push([point[0] * scalex, point[1] * scaley ]); + } + // console.dir(newPoints); + return newPoints; +} + +/** + * convery coords string - "37,411 1246,542 1263,694 ..." to js array + * @param {*} coords + */ +function coordsToPoints(coords) { + var points = []; + points = coords.split(" ").map(function (item) { + return item.split(",").map(Math.round); + }); + // console.dir(points); + return points; +} + +/** + * convery points array to string - "37,411 1246,542 1263,694 ..." + * @param {*} coords + */ +function pointsToCoords(points) { + // console.dir(points); + var coords = []; + coords = points.map(function (item) { + return item.map(Math.round).join(","); + }).join(","); + // console.dir(coords); + return coords; +} + function toGrid(value) { return Math.round(value / 80) * 80; } diff --git a/web/skins/classic/views/montage.php b/web/skins/classic/views/montage.php index aac008dbc..ac6691bcb 100644 --- a/web/skins/classic/views/montage.php +++ b/web/skins/classic/views/montage.php @@ -43,6 +43,7 @@ $widths = array( $heights = array( 'auto' => 'auto', '240px' => '240px', + '320px' => '320px', '480px' => '480px', '720px' => '720px', '1080px' => '1080px', @@ -253,6 +254,9 @@ foreach ( $monitors as $monitor ) { $zones = array(); foreach( dbFetchAll('SELECT * FROM Zones WHERE MonitorId=? ORDER BY Area DESC', NULL, array($monitor->Id()) ) as $row ) { $row['Points'] = coordsToPoints($row['Coords']); + $row['Points_orig'] = $row['Points']; + $row['Coords_orig'] = $row['Coords']; + // $monitor.orig_points = $row['Points']; if ( $scale ) { limitPoints($row['Points'], 0, 0, $monitor->Width(), $monitor->Height()); @@ -269,10 +273,11 @@ foreach ( $monitors as $monitor ) { } // end foreach Zone ?> - + + '; + echo ''; } // end foreach zone ?> Sorry, your browser does not support inline SVG From ffaad88bf0dcc02460eabc6c385e7f2da3db5408 Mon Sep 17 00:00:00 2001 From: tolland Date: Thu, 20 Jun 2019 17:11:22 +0000 Subject: [PATCH 253/922] switch to using SVG scaling to deal with zone polygons --- web/skins/classic/views/js/montage.js | 132 +------------------------- web/skins/classic/views/montage.php | 9 +- 2 files changed, 3 insertions(+), 138 deletions(-) diff --git a/web/skins/classic/views/js/montage.js b/web/skins/classic/views/js/montage.js index 0879b6601..6140f260d 100644 --- a/web/skins/classic/views/js/montage.js +++ b/web/skins/classic/views/js/montage.js @@ -206,7 +206,7 @@ function Monitor(monitorData) { /** * called when the layoutControl select element is changed, or the page - * is rendered?? + * is rendered * @return null */ function selectLayout(element) { @@ -270,10 +270,7 @@ function selectLayout(element) { // APPLET's and OBJECTS need to be re-initialized } streamImg.style.width = '100%'; - - updateZoneSvg(monitor, streamImg.getSize().x, streamImg.getSize().y); } - } // end foreach monitor } } // end function selectLayout(element) @@ -316,12 +313,7 @@ function changeSize() { streamImg.style.width = width ? width : null; streamImg.style.height = height ? height : null; //streamImg.style.height = ''; - - // not sure how the above block works... so rescale zone if img changed?? - updateZoneSvg(monitor, streamImg.getSize().x, streamImg.getSize().y); } - - } $('scale').set('value', ''); Cookie.write('zmMontageScale', '', {duration: 10*365}); @@ -337,7 +329,6 @@ function changeSize() { function changeScale() { var scale = $('scale').get('value'); $('width').set('value', 'auto'); - // console.dir($('width')); $('height').set('value', 'auto'); Cookie.write('zmMontageScale', scale, {duration: 10*365}); Cookie.write('zmMontageWidth', '', {duration: 10*365}); @@ -348,10 +339,6 @@ function changeScale() { } for ( var i = 0, length = monitors.length; i < length; i++ ) { var monitor = monitors[i]; - - // console.log("scale = "+scale); - // console.log("SCALE_BASE = " + SCALE_BASE); - var newWidth = ( monitorData[i].width * scale ) / SCALE_BASE; var newHeight = ( monitorData[i].height * scale ) / SCALE_BASE; @@ -384,126 +371,9 @@ function changeScale() { streamImg.style.width = newWidth + "px"; streamImg.style.height = newHeight + "px"; } - - // console.log("monitor_frame.height = " + monitor_frame.height()); - // console.log("newHeight = " + newHeight); - - updateZoneSvg(monitor, newWidth, newHeight); } } - -// -// function updateZoneSvg(monitor, monitor_frame) { - -/** - * cause the zone overlay Svg to track dims of associated monitor frame - * @arg monitor_frame is a jQuery element object - */ -function updateZoneSvg(monitor, newWidth, newHeight) { - console.log("calling updateZoneSvg"); - // console.dir(monitor_frame); - - // newWidth = monitor_frame.width(); - // newHeight = monitor_frame.height(); - - if (!newWidth) - debugger; - if (!newHeight || newHeight < 10) - debugger; - if (!monitor) - monitor; - - // zonesSVG is a mootools object - var zonesSVG = $('zones' + monitor.id); - if (zonesSVG) { - - console.log("newWidth = " + newWidth); - console.log("newHeight = " + newHeight); - orig_scale = zonesSVG.getProperty('data-scale-orig'); - - //debugger; - //console.log("zonesSVG.style.width =" + zonesSVG.style.width); - zonesSVG.style.width = newWidth + "px"; - //console.log("newWidth = " + newWidth + "px"); - //console.log("zonesSVG.style.width = " + zonesSVG.style.width); - zonesSVG.style.height = newHeight + "px"; - - polygons = zonesSVG.getElements("polygon"); - - for (let index = 0; index < polygons.length; index++) { - const polygon = polygons[index]; - //console.dir(polygon); - - points = coordsToPoints(polygon.getProperty("data-coords-orig")); - //console.dir(points); - - newPoints = scaleZonePoints(points, - newWidth / monitorData[index].width, - newHeight / monitorData[index].height); - - //console.dir(newPoints); - - //console.dir(newPoints); - //console.dir(); - //console.dir(pointsToCoords(newPoints)); - - polygon.setProperty("points", pointsToCoords(newPoints)); - - } - } -} - -/** - * - * @param {*} points - * @param {*} scale - */ -function scaleZonePoints(points, scalex, scaley) { - if (!points) - debugger; - if (!scalex) - debugger; - if (!scaley) - debugger; - // console.dir(points); - //debugger; - var newPoints = []; - for (let index = 0; index < points.length; index++) { - const point = points[index]; - newPoints.push([point[0] * scalex, point[1] * scaley ]); - } - // console.dir(newPoints); - return newPoints; -} - -/** - * convery coords string - "37,411 1246,542 1263,694 ..." to js array - * @param {*} coords - */ -function coordsToPoints(coords) { - var points = []; - points = coords.split(" ").map(function (item) { - return item.split(",").map(Math.round); - }); - // console.dir(points); - return points; -} - -/** - * convery points array to string - "37,411 1246,542 1263,694 ..." - * @param {*} coords - */ -function pointsToCoords(points) { - // console.dir(points); - var coords = []; - coords = points.map(function (item) { - return item.map(Math.round).join(","); - }).join(","); - // console.dir(coords); - return coords; -} - function toGrid(value) { return Math.round(value / 80) * 80; } diff --git a/web/skins/classic/views/montage.php b/web/skins/classic/views/montage.php index ac6691bcb..d8bd27ae6 100644 --- a/web/skins/classic/views/montage.php +++ b/web/skins/classic/views/montage.php @@ -254,13 +254,9 @@ foreach ( $monitors as $monitor ) { $zones = array(); foreach( dbFetchAll('SELECT * FROM Zones WHERE MonitorId=? ORDER BY Area DESC', NULL, array($monitor->Id()) ) as $row ) { $row['Points'] = coordsToPoints($row['Coords']); - $row['Points_orig'] = $row['Points']; - $row['Coords_orig'] = $row['Coords']; - // $monitor.orig_points = $row['Points']; if ( $scale ) { limitPoints($row['Points'], 0, 0, $monitor->Width(), $monitor->Height()); - scalePoints($row['Points'], $scale); } else { limitPoints($row['Points'], 0, 0, ( $width ? $width-1 : $monitor->Width()-1 ), @@ -273,11 +269,10 @@ foreach ( $monitors as $monitor ) { } // end foreach Zone ?> - - + '; + echo ''; } // end foreach zone ?> Sorry, your browser does not support inline SVG From b068428bbcbbf28928d379c3114df79f959ae988 Mon Sep 17 00:00:00 2001 From: Isaac Connor Date: Thu, 20 Jun 2019 13:27:42 -0400 Subject: [PATCH 254/922] zmcontrol complains about unfinished statement handles. This is because we aren't finishing them in functions in Database.pm --- scripts/ZoneMinder/lib/ZoneMinder/Database.pm | 2 ++ 1 file changed, 2 insertions(+) diff --git a/scripts/ZoneMinder/lib/ZoneMinder/Database.pm b/scripts/ZoneMinder/lib/ZoneMinder/Database.pm index 5c6617510..9a1c79237 100644 --- a/scripts/ZoneMinder/lib/ZoneMinder/Database.pm +++ b/scripts/ZoneMinder/lib/ZoneMinder/Database.pm @@ -214,6 +214,7 @@ sub zmDbGetMonitor { return undef; } my $monitor = $sth->fetchrow_hashref(); + $sth->finish(); return $monitor; } @@ -240,6 +241,7 @@ sub zmDbGetMonitorAndControl { return undef; } my $monitor = $sth->fetchrow_hashref(); + $sth->finish(); return $monitor; } From 3bae7a5432aa1a3c8fd6e94b328f48902279868d Mon Sep 17 00:00:00 2001 From: Isaac Connor Date: Thu, 20 Jun 2019 13:28:12 -0400 Subject: [PATCH 255/922] spaces and parenthesis --- scripts/zmcontrol.pl.in | 1 - web/includes/control_functions.php | 2 +- 2 files changed, 1 insertion(+), 2 deletions(-) diff --git a/scripts/zmcontrol.pl.in b/scripts/zmcontrol.pl.in index f83bc82d4..1ac21f0ea 100644 --- a/scripts/zmcontrol.pl.in +++ b/scripts/zmcontrol.pl.in @@ -70,7 +70,6 @@ if ( !$id ) { ( $id ) = $id =~ /^(\w+)$/; - my $sock_file = $Config{ZM_PATH_SOCKS}.'/zmcontrol-'.$id.'.sock'; Debug("zmcontrol: arg string: $arg_string sock file $sock_file"); diff --git a/web/includes/control_functions.php b/web/includes/control_functions.php index 77240df49..5573db5a5 100644 --- a/web/includes/control_functions.php +++ b/web/includes/control_functions.php @@ -732,7 +732,7 @@ function buildControlCommand( $monitor ) { } } $ctrlCommand .= ' --command='.$_REQUEST['control']; - return( $ctrlCommand ); + return $ctrlCommand; } function sendControlCommand($mid, $command) { From d026c610777fda32540f6c80b6427c0cad2c9c7b Mon Sep 17 00:00:00 2001 From: Isaac Connor Date: Thu, 20 Jun 2019 13:48:14 -0400 Subject: [PATCH 256/922] Don't allow saving to built in layouts --- web/skins/classic/views/js/montage.js | 12 +++++++++++- 1 file changed, 11 insertions(+), 1 deletion(-) diff --git a/web/skins/classic/views/js/montage.js b/web/skins/classic/views/js/montage.js index 6140f260d..3170174a5 100644 --- a/web/skins/classic/views/js/montage.js +++ b/web/skins/classic/views/js/montage.js @@ -214,7 +214,6 @@ function selectLayout(element) { if ( layout_id = parseInt(layout) ) { layout = layouts[layout]; - console.log(layout); for ( var i = 0, length = monitors.length; i < length; i++ ) { monitor = monitors[i]; @@ -397,6 +396,17 @@ function edit_layout(button) { function save_layout(button) { var form = button.form; + var name = form.elements['Name'].value; + + if ( !name ) + name = form.elements['zmMontageLayout'].options[form.elements['zmMontageLayout'].selectedIndex].text; + console.log(name); + + if ( name == 'Freeform' || name=='2 Wide' || name=='3 Wide' || name=='4 Wide' || name == '5 Wide' ) { + alert('You cannot edit the built in layouts. Please give the layout a new name.'); + return; + } + // In fixed positioning, order doesn't matter. In floating positioning, it does. var Positions = {}; for ( var i = 0, length = monitors.length; i < length; i++ ) { From 8b95ba8b3cdc10c04fb57f3cdeb983e79c44255b Mon Sep 17 00:00:00 2001 From: Isaac Connor Date: Thu, 20 Jun 2019 15:08:38 -0400 Subject: [PATCH 257/922] it is ok for pts to be AV_NOPT_VALUE. It is not yet deprecated and doesn't mess anything up. --- src/zm_ffmpeg_camera.cpp | 4 ++-- 1 file changed, 2 insertions(+), 2 deletions(-) diff --git a/src/zm_ffmpeg_camera.cpp b/src/zm_ffmpeg_camera.cpp index 5442f7c1c..d5d48b054 100644 --- a/src/zm_ffmpeg_camera.cpp +++ b/src/zm_ffmpeg_camera.cpp @@ -760,8 +760,8 @@ int FfmpegCamera::CaptureAndRecord( Image &image, timeval recording, char* event dumpPacket(mFormatContext->streams[packet.stream_index], &packet, "Captured Packet"); if ( packet.dts == AV_NOPTS_VALUE ) { packet.dts = packet.pts; - } else if ( packet.pts == AV_NOPTS_VALUE ) { - packet.pts = packet.dts; + //} else if ( packet.pts == AV_NOPTS_VALUE ) { + //packet.pts = packet.dts; } // Video recording From 4c8b8d0c16154581f5b9435d02aa777228d7e955 Mon Sep 17 00:00:00 2001 From: Isaac Connor Date: Thu, 20 Jun 2019 15:09:30 -0400 Subject: [PATCH 258/922] Only check pts vs dts if pts isn't AV_NOPTS_VALUE. Also set frame_size in output codec when doing passthrough --- src/zm_videostore.cpp | 4 +++- 1 file changed, 3 insertions(+), 1 deletion(-) diff --git a/src/zm_videostore.cpp b/src/zm_videostore.cpp index 0c1e6a6f4..5b12e5bc5 100644 --- a/src/zm_videostore.cpp +++ b/src/zm_videostore.cpp @@ -371,6 +371,8 @@ VideoStore::VideoStore( audio_out_ctx->codec_tag = 0; #endif + audio_out_ctx->frame_size = audio_in_ctx->frame_size; + if ( audio_out_ctx->channels > 1 ) { Warning("Audio isn't mono, changing it."); audio_out_ctx->channels = 1; @@ -938,7 +940,7 @@ int VideoStore::writeVideoFramePacket(AVPacket *ipkt) { Debug(3, "opkt.dts = %" PRId64 " from ipkt->dts(%" PRId64 ") - first_pts(%" PRId64 ")", opkt.dts, ipkt->dts, video_first_dts); } - if ( opkt.dts > opkt.pts ) { + if ( (opkt.pts != AV_NOPTS_VALUE) && (opkt.dts > opkt.pts) ) { Debug(1, "opkt.dts(%" PRId64 ") must be <= opkt.pts(%" PRId64 "). Decompression must happen " "before presentation.", From 36995de96f44c760b8674480bd013e3311e512e2 Mon Sep 17 00:00:00 2001 From: Isaac Connor Date: Thu, 20 Jun 2019 15:11:49 -0400 Subject: [PATCH 259/922] Alter option help for EVENT_CLOSE_MODE to reflect that alarm will end the continuous event and start a new one --- .../ZoneMinder/lib/ZoneMinder/ConfigData.pm.in | 18 ++++++++++++------ 1 file changed, 12 insertions(+), 6 deletions(-) diff --git a/scripts/ZoneMinder/lib/ZoneMinder/ConfigData.pm.in b/scripts/ZoneMinder/lib/ZoneMinder/ConfigData.pm.in index c848441e8..2b2a20958 100644 --- a/scripts/ZoneMinder/lib/ZoneMinder/ConfigData.pm.in +++ b/scripts/ZoneMinder/lib/ZoneMinder/ConfigData.pm.in @@ -2571,17 +2571,23 @@ our @options = ( period of time (the section length). However in Mocord mode it is possible that motion detection may occur near the end of a section. This option controls what happens when an alarm occurs - in Mocord mode. The 'time' setting means that the event will be - closed at the end of the section regardless of alarm activity. + in Mocord mode.~~ + ~~ + The 'time' setting means that the event will be + closed at the end of the section regardless of alarm activity.~~ + ~~ The 'idle' setting means that the event will be closed at the end of the section if there is no alarm activity occurring at the time otherwise it will be closed once the alarm is over meaning the event may end up being longer than the normal - section length. The 'alarm' setting means that if an alarm - occurs during the event, the event will be closed once the - alarm is over regardless of when this occurs. This has the + section length.~~ + ~~ + The 'alarm' setting means that if an alarm + occurs during the event, the event will be closed and a new one + will be opened. So events will only be alarmed or continuous. + This has the effect of limiting the number of alarms to one per event and - the events will be shorter than the section length if an alarm + the events may be shorter than the section length if an alarm has occurred. `, type => $types{boolean}, From f6960726b8a36049ae0e609acf5a07f177b1070a Mon Sep 17 00:00:00 2001 From: Isaac Connor Date: Thu, 20 Jun 2019 15:12:32 -0400 Subject: [PATCH 260/922] Don't check cause.length because we know it hasn't been used yet. check event_close_mode before closing the continuous unalarmed event --- src/zm_monitor.cpp | 8 ++++---- 1 file changed, 4 insertions(+), 4 deletions(-) diff --git a/src/zm_monitor.cpp b/src/zm_monitor.cpp index b907f2395..7cff1b1f8 100644 --- a/src/zm_monitor.cpp +++ b/src/zm_monitor.cpp @@ -1379,12 +1379,12 @@ bool Monitor::Analyse() { score += trigger_data->trigger_score; if ( !event ) { // How could it have a length already? - if ( cause.length() ) - cause += ", "; + //if ( cause.length() ) + //cause += ", "; cause += trigger_data->trigger_cause; } Event::StringSet noteSet; - noteSet.insert( trigger_data->trigger_text ); + noteSet.insert(trigger_data->trigger_text); noteSetMap[trigger_data->trigger_cause] = noteSet; } if ( signal_change ) { @@ -1510,7 +1510,7 @@ bool Monitor::Analyse() { // This is so if we need more than 1 alarm frame before going into alarm, so it is basically if we have enough alarm frames if ( (!pre_event_count) || (Event::PreAlarmCount() >= alarm_frame_count) ) { // If we should end then previous continuous event and start a new non-continuous event - if ( event && event->Frames() && !event->AlarmFrames() ) { + if ( event && event->Frames() && (!event->AlarmFrames()) && (event_close_mode == CLOSE_ALARM) ) { Info("%s: %03d - Closing event %" PRIu64 ", continuous end, alarm begins", name, image_count, event->Id()); closeEvent(); From 470da033228bb01d23eafd8e17d129bd3dee4654 Mon Sep 17 00:00:00 2001 From: Isaac Connor Date: Thu, 20 Jun 2019 15:14:20 -0400 Subject: [PATCH 261/922] Merge sync fixes from storageareas --- src/zm_crypt.cpp | 38 +++++++++++++++++++----------------- src/zm_ffmpeg_camera.cpp | 13 ++++++++++--- src/zm_packetqueue.cpp | 11 ++++++++++- src/zm_packetqueue.h | 1 + src/zm_videostore.cpp | 42 +++++++++++++++++++++------------------- 5 files changed, 63 insertions(+), 42 deletions(-) diff --git a/src/zm_crypt.cpp b/src/zm_crypt.cpp index 0235e5c13..f6491a480 100644 --- a/src/zm_crypt.cpp +++ b/src/zm_crypt.cpp @@ -66,14 +66,14 @@ std::pair verifyToken(std::string jwt_token_str, std bool verifyPassword(const char *username, const char *input_password, const char *db_password_hash) { bool password_correct = false; - if (strlen(db_password_hash ) < 4) { + if ( strlen(db_password_hash) < 4 ) { // actually, shoud be more, but this is min. for next code - Error ("DB Password is too short or invalid to check"); + Error("DB Password is too short or invalid to check"); return false; } - if (db_password_hash[0] == '*') { + if ( db_password_hash[0] == '*' ) { // MYSQL PASSWORD - Debug (1,"%s is using an MD5 encoded password", username); + Debug(1, "%s is using an MD5 encoded password", username); SHA_CTX ctx1, ctx2; unsigned char digest_interim[SHA_DIGEST_LENGTH]; @@ -90,28 +90,30 @@ bool verifyPassword(const char *username, const char *input_password, const char SHA1_Final (digest_final, &ctx2); char final_hash[SHA_DIGEST_LENGTH * 2 +2]; - final_hash[0]='*'; + final_hash[0] = '*'; //convert to hex - for(int i = 0; i < SHA_DIGEST_LENGTH; i++) - sprintf(&final_hash[i*2]+1, "%02X", (unsigned int)digest_final[i]); - final_hash[SHA_DIGEST_LENGTH *2 + 1]=0; + for ( int i = 0; i < SHA_DIGEST_LENGTH; i++ ) + sprintf(&final_hash[i*2]+1, "%02X", (unsigned int)digest_final[i]); + final_hash[SHA_DIGEST_LENGTH *2 + 1] = 0; - Debug (1,"Computed password_hash:%s, stored password_hash:%s", final_hash, db_password_hash); - Debug (5, "Computed password_hash:%s, stored password_hash:%s", final_hash, db_password_hash); + Debug(1, "Computed password_hash:%s, stored password_hash:%s", final_hash, db_password_hash); password_correct = (strcmp(db_password_hash, final_hash)==0); - } - else if ((db_password_hash[0] == '$') && (db_password_hash[1]== '2') - &&(db_password_hash[3] == '$')) { + } else if ( + (db_password_hash[0] == '$') + && + (db_password_hash[1]== '2') + && + (db_password_hash[3] == '$') + ) { // BCRYPT - Debug (1,"%s is using a bcrypt encoded password", username); + Debug(1, "%s is using a bcrypt encoded password", username); BCrypt bcrypt; std::string input_hash = bcrypt.generateHash(std::string(input_password)); password_correct = bcrypt.validatePassword(std::string(input_password), std::string(db_password_hash)); - } - else { + } else { // plain - Warning ("%s is using a plain text password, please do not use plain text", username); + Warning("%s is using a plain text password, please do not use plain text", username); password_correct = (strcmp(input_password, db_password_hash) == 0); } return password_correct; -} \ No newline at end of file +} diff --git a/src/zm_ffmpeg_camera.cpp b/src/zm_ffmpeg_camera.cpp index 201c0ff0e..d5d48b054 100644 --- a/src/zm_ffmpeg_camera.cpp +++ b/src/zm_ffmpeg_camera.cpp @@ -458,9 +458,9 @@ int FfmpegCamera::OpenFfmpeg() { } } // end foreach stream if ( mVideoStreamId == -1 ) - Fatal( "Unable to locate video stream in %s", mPath.c_str() ); + Fatal("Unable to locate video stream in %s", mPath.c_str()); if ( mAudioStreamId == -1 ) - Debug( 3, "Unable to locate audio stream in %s", mPath.c_str() ); + Debug(3, "Unable to locate audio stream in %s", mPath.c_str()); Debug(3, "Found video stream at index %d", mVideoStreamId); Debug(3, "Found audio stream at index %d", mAudioStreamId); @@ -758,6 +758,11 @@ int FfmpegCamera::CaptureAndRecord( Image &image, timeval recording, char* event int keyframe = packet.flags & AV_PKT_FLAG_KEY; bytes += packet.size; dumpPacket(mFormatContext->streams[packet.stream_index], &packet, "Captured Packet"); + if ( packet.dts == AV_NOPTS_VALUE ) { + packet.dts = packet.pts; + //} else if ( packet.pts == AV_NOPTS_VALUE ) { + //packet.pts = packet.dts; + } // Video recording if ( recording.tv_sec ) { @@ -802,6 +807,7 @@ int FfmpegCamera::CaptureAndRecord( Image &image, timeval recording, char* event if ( last_event_id and !videoStore ) { //Instantiate the video storage module + packetqueue->dumpQueue(); if ( record_audio ) { if ( mAudioStreamId == -1 ) { Debug(3, "Record Audio on but no audio stream found"); @@ -967,7 +973,8 @@ int FfmpegCamera::CaptureAndRecord( Image &image, timeval recording, char* event ret = avcodec_receive_frame(mVideoCodecContext, mRawFrame); if ( ret < 0 ) { av_strerror(ret, errbuf, AV_ERROR_MAX_STRING_SIZE); - Warning("Unable to receive frame %d: %s, continuing", frameCount, errbuf); + Warning("Unable to receive frame %d: %s, continuing. error count is %s", + frameCount, errbuf, error_count); error_count += 1; if ( error_count > 100 ) { Error("Error count over 100, going to close and re-open stream"); diff --git a/src/zm_packetqueue.cpp b/src/zm_packetqueue.cpp index 1287c7bd5..b39b612cf 100644 --- a/src/zm_packetqueue.cpp +++ b/src/zm_packetqueue.cpp @@ -63,7 +63,7 @@ bool zm_packetqueue::queuePacket(ZMPacket* zm_packet) { && ( av_packet->dts <= zm_packet->packet.dts) ) { - Debug(2, "break packet with stream index (%d) with dts %" PRId64, + Debug(2, "break packet with stream index (%d) with dts %" PRId64, (*it)->packet.stream_index, (*it)->packet.dts); break; } @@ -273,3 +273,12 @@ void zm_packetqueue::clear_unwanted_packets( timeval *recording_started, int mVi deleted_frames, pktQueue.size(), av_packet->stream_index, ( av_packet->flags & AV_PKT_FLAG_KEY ), distance( it, pktQueue.rend() ), pktQueue.size() ); } } // end void zm_packetqueue::clear_unwanted_packets( timeval *recording_started, int mVideoStreamId ) + +void zm_packetqueue::dumpQueue() { + std::list::reverse_iterator it; + for ( it = pktQueue.rbegin(); it != pktQueue.rend(); ++ it ) { + ZMPacket *zm_packet = *it; + AVPacket *av_packet = &(zm_packet->packet); + dumpPacket(av_packet); + } +} diff --git a/src/zm_packetqueue.h b/src/zm_packetqueue.h index 984243c38..6e4b83b02 100644 --- a/src/zm_packetqueue.h +++ b/src/zm_packetqueue.h @@ -41,6 +41,7 @@ public: bool popAudioPacket(ZMPacket* packet); unsigned int clearQueue(unsigned int video_frames_to_keep, int stream_id); void clearQueue(); + void dumpQueue(); unsigned int size(); void clear_unwanted_packets(timeval *recording, int mVideoStreamId); int packet_count(int stream_id); diff --git a/src/zm_videostore.cpp b/src/zm_videostore.cpp index 3ad93fd69..5b12e5bc5 100644 --- a/src/zm_videostore.cpp +++ b/src/zm_videostore.cpp @@ -285,8 +285,8 @@ VideoStore::VideoStore( video_last_pts = 0; video_last_dts = 0; - audio_first_pts = 0; - audio_first_dts = 0; + video_first_pts = 0; + video_first_dts = 0; audio_next_pts = 0; audio_next_dts = 0; @@ -371,6 +371,8 @@ VideoStore::VideoStore( audio_out_ctx->codec_tag = 0; #endif + audio_out_ctx->frame_size = audio_in_ctx->frame_size; + if ( audio_out_ctx->channels > 1 ) { Warning("Audio isn't mono, changing it."); audio_out_ctx->channels = 1; @@ -938,7 +940,7 @@ int VideoStore::writeVideoFramePacket(AVPacket *ipkt) { Debug(3, "opkt.dts = %" PRId64 " from ipkt->dts(%" PRId64 ") - first_pts(%" PRId64 ")", opkt.dts, ipkt->dts, video_first_dts); } - if ( opkt.dts > opkt.pts ) { + if ( (opkt.pts != AV_NOPTS_VALUE) && (opkt.dts > opkt.pts) ) { Debug(1, "opkt.dts(%" PRId64 ") must be <= opkt.pts(%" PRId64 "). Decompression must happen " "before presentation.", @@ -1017,12 +1019,12 @@ int VideoStore::writeAudioFramePacket(AVPacket *ipkt) { zm_dump_frame(out_frame, "Out frame after resample"); // out_frame pts is in the input pkt pts... needs to be adjusted before sending to the encoder if ( out_frame->pts != AV_NOPTS_VALUE ) { - if ( !audio_first_pts ) { - audio_first_pts = out_frame->pts; - Debug(1, "No audio_first_pts setting to %" PRId64, audio_first_pts); + if ( !video_first_pts ) { + video_first_pts = out_frame->pts; + Debug(1, "No video_first_pts setting to %" PRId64, video_first_pts); out_frame->pts = 0; } else { - out_frame->pts = out_frame->pts - audio_first_pts; + out_frame->pts = out_frame->pts - video_first_pts; zm_dump_frame(out_frame, "Out frame after pts adjustment"); } // @@ -1097,18 +1099,18 @@ int VideoStore::writeAudioFramePacket(AVPacket *ipkt) { } // Scale the PTS of the outgoing packet to be the correct time base if ( ipkt->pts != AV_NOPTS_VALUE ) { - if ( !audio_first_pts ) { + if ( !video_first_pts ) { opkt.pts = 0; - audio_first_pts = ipkt->pts; - Debug(1, "No audio_first_pts"); + video_first_pts = ipkt->pts; + Debug(1, "No video_first_pts"); } else { opkt.pts = av_rescale_q( - ipkt->pts - audio_first_pts, + ipkt->pts - video_first_pts, AV_TIME_BASE_Q, //audio_in_stream->time_base, audio_out_stream->time_base); Debug(2, "audio opkt.pts = %" PRId64 " from ipkt->pts(%" PRId64 ") - first_pts(%" PRId64 ")", - opkt.pts, ipkt->pts, audio_first_pts); + opkt.pts, ipkt->pts, video_first_pts); } } else { Debug(2, "opkt.pts = undef"); @@ -1126,17 +1128,17 @@ int VideoStore::writeAudioFramePacket(AVPacket *ipkt) { opkt.dts = audio_next_dts + av_rescale_q( audio_in_stream->cur_dts - audio_last_dts, AV_TIME_BASE_Q, audio_out_stream->time_base); } #endif - if ( !audio_first_dts ) { + if ( !video_first_dts ) { opkt.dts = 0; - audio_first_dts = ipkt->dts; + video_first_dts = ipkt->dts; } else { opkt.dts = av_rescale_q( - ipkt->dts - audio_first_dts, + ipkt->dts - video_first_dts, AV_TIME_BASE_Q, //audio_in_stream->time_base, audio_out_stream->time_base); Debug(2, "opkt.dts = %" PRId64 " from ipkt.dts(%" PRId64 ") - first_dts(%" PRId64 ")", - opkt.dts, ipkt->dts, audio_first_dts); + opkt.dts, ipkt->dts, video_first_dts); } audio_last_dts = ipkt->dts; } else { @@ -1200,12 +1202,12 @@ int VideoStore::resample_audio() { #if 0 // out_frame pts is in the input pkt pts... needs to be adjusted before sending to the encoder if ( out_frame->pts != AV_NOPTS_VALUE ) { - if ( !audio_first_pts ) { - audio_first_pts = out_frame->pts; - Debug(1, "No audio_first_pts setting to %" PRId64, audio_first_pts); + if ( !video_first_pts ) { + video_first_pts = out_frame->pts; + Debug(1, "No video_first_pts setting to %" PRId64, video_first_pts); out_frame->pts = 0; } else { - out_frame->pts = out_frame->pts - audio_first_pts; + out_frame->pts = out_frame->pts - video_first_pts; } // } else { From 55d98e4a9f66d0f60317727cb171105906f547ec Mon Sep 17 00:00:00 2001 From: Isaac Connor Date: Thu, 20 Jun 2019 15:56:25 -0400 Subject: [PATCH 262/922] fix crash --- src/zm_videostore.cpp | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/src/zm_videostore.cpp b/src/zm_videostore.cpp index 5b12e5bc5..6f2bb3afc 100644 --- a/src/zm_videostore.cpp +++ b/src/zm_videostore.cpp @@ -371,7 +371,7 @@ VideoStore::VideoStore( audio_out_ctx->codec_tag = 0; #endif - audio_out_ctx->frame_size = audio_in_ctx->frame_size; + //audio_out_ctx->frame_size = audio_in_ctx->frame_size; if ( audio_out_ctx->channels > 1 ) { Warning("Audio isn't mono, changing it."); From 5a0b30efd594f23a457177a995d16a2e455d52df Mon Sep 17 00:00:00 2001 From: Isaac Connor Date: Fri, 21 Jun 2019 10:19:48 -0400 Subject: [PATCH 263/922] escape $ --- utils/generate_apache_config.pl | 4 ++-- 1 file changed, 2 insertions(+), 2 deletions(-) diff --git a/utils/generate_apache_config.pl b/utils/generate_apache_config.pl index 664b4c819..9dce04e9d 100755 --- a/utils/generate_apache_config.pl +++ b/utils/generate_apache_config.pl @@ -102,14 +102,14 @@ Alias /zm /usr/share/zoneminder/www # Parameters not set here are inherited from the parent directive above. RewriteEngine on - RewriteRule ^$ app/webroot/ [L] + RewriteRule ^\$ app/webroot/ [L] RewriteRule (.*) app/webroot/$1 [L] RewriteBase /zm/api RewriteEngine on - RewriteRule ^$ webroot/ [L] + RewriteRule ^\$ webroot/ [L] RewriteRule (.*) webroot/$1 [L] RewriteBase /zm/api From ad1df8f80a250c05cd8808e34bdd782a57f62592 Mon Sep 17 00:00:00 2001 From: Isaac Connor Date: Fri, 21 Jun 2019 11:40:46 -0400 Subject: [PATCH 264/922] log the response if command fails, and add missing uthentication sections --- .../ZoneMinder/lib/ZoneMinder/Control/Netcat.pm | 16 +++++++--------- 1 file changed, 7 insertions(+), 9 deletions(-) diff --git a/scripts/ZoneMinder/lib/ZoneMinder/Control/Netcat.pm b/scripts/ZoneMinder/lib/ZoneMinder/Control/Netcat.pm index 2d9573299..11d6ba9b3 100644 --- a/scripts/ZoneMinder/lib/ZoneMinder/Control/Netcat.pm +++ b/scripts/ZoneMinder/lib/ZoneMinder/Control/Netcat.pm @@ -96,8 +96,7 @@ sub open { $self->{state} = 'open'; } -sub parseControlAddress -{ +sub parseControlAddress { my $controlAddress = shift; my ($usernamepassword, $addressport) = split /@/, $controlAddress; if ( !defined $addressport ) { @@ -105,7 +104,7 @@ sub parseControlAddress $addressport = $usernamepassword; } else { my ($username , $password) = split /:/, $usernamepassword; - %identity = (username => "$username", password => "$password"); + %identity = (username => $username, password => $password); } ($address, $port) = split /:/, $addressport; } @@ -118,12 +117,11 @@ sub digestBase64 return encode_base64($shaGenerator->digest, ""); } -sub authentificationHeader -{ +sub authentificationHeader { my ($username, $password) = @_; my $nonce; $nonce .= chr(int(rand(254))) for (0 .. 20); - my $nonceBase64 = encode_base64($nonce, ""); + my $nonceBase64 = encode_base64($nonce, ''); my $currentDate = DateTime->now()->iso8601().'Z'; return '' . $username . '' . digestBase64($nonce, $currentDate, $password) . '' . $nonceBase64 . '' . $currentDate . ''; @@ -160,7 +158,7 @@ sub sendCmd { if ( $res->is_success ) { $result = !undef; } else { - Error("After sending PTZ command, camera returned the following error:'".$res->status_line()."'"); + Error("After sending PTZ command, camera returned the following error:'".$res->status_line()."'\nMSG:$msg\nResponse:".$res->content); } return $result; } @@ -236,7 +234,7 @@ sub moveConDown { Debug('Move Down'); my $self = shift; my $cmd = 'onvif/PTZ'; - my $msg ='' . $profileToken . ''; + my $msg =''.((%identity) ? authentificationHeader($identity{username}, $identity{password}) : '').'' . $profileToken . ''; my $content_type = 'application/soap+xml; charset=utf-8; action="http://www.onvif.org/ver20/ptz/wsdl/ContinuousMove"'; $self->sendCmd($cmd, $msg, $content_type); $self->autoStop($self->{Monitor}->{AutoStopTimeout}); @@ -316,7 +314,7 @@ sub moveConUpLeft { Debug('Move Diagonally Up Left'); my $self = shift; my $cmd = 'onvif/PTZ'; - my $msg ='' . $profileToken . ''; + my $msg =''.((%identity) ? authentificationHeader($identity{username}, $identity{password}) : '').'' . $profileToken . ''; my $content_type = 'application/soap+xml; charset=utf-8; action="http://www.onvif.org/ver20/ptz/wsdl/ContinuousMove"'; $self->sendCmd($cmd, $msg, $content_type); $self->autoStop($self->{Monitor}->{AutoStopTimeout}); From 60618d5998bd7ae1aa16d583c86f75ab54a6cdf6 Mon Sep 17 00:00:00 2001 From: Isaac Connor Date: Fri, 21 Jun 2019 11:45:33 -0400 Subject: [PATCH 265/922] Fix hour subtraction in getAuthUser to actually subtract an hour --- web/includes/auth.php | 3 ++- 1 file changed, 2 insertions(+), 1 deletion(-) diff --git a/web/includes/auth.php b/web/includes/auth.php index c8ce0454a..b8005ad2f 100644 --- a/web/includes/auth.php +++ b/web/includes/auth.php @@ -285,7 +285,7 @@ function getAuthUser($auth, $from_api_layer = false) { foreach ( dbFetchAll($sql, NULL, $values) as $user ) { $now = time(); - for ( $i = 0; $i < ZM_AUTH_HASH_TTL; $i++, $now -= ZM_AUTH_HASH_TTL * 1800 ) { // Try for last two hours + for ( $i = 0; $i < ZM_AUTH_HASH_TTL; $i++, $now -= 3600 ) { // Try for last TTL hours $time = localtime($now); $authKey = ZM_AUTH_HASH_SECRET.$user['Username'].$user['Password'].$remoteAddr.$time[2].$time[3].$time[4].$time[5]; $authHash = md5($authKey); @@ -315,6 +315,7 @@ function generateAuthHash($useRemoteAddr, $force=false) { if ( ZM_OPT_USE_AUTH and (ZM_AUTH_RELAY == 'hashed') and isset($_SESSION['username']) and $_SESSION['passwordHash'] ) { $time = time(); + # We use 1800 so that we regenerate the hash at half the TTL $mintime = $time - ( ZM_AUTH_HASH_TTL * 1800 ); if ( $force or ( !isset($_SESSION['AuthHash'.$_SESSION['remoteAddr']]) ) or ( $_SESSION['AuthHashGeneratedAt'] < $mintime ) ) { From 85b9b045cc43ccf38a9703ba6a826f850d8c340b Mon Sep 17 00:00:00 2001 From: Isaac Connor Date: Fri, 21 Jun 2019 12:42:26 -0400 Subject: [PATCH 266/922] Copy Profile Token to ControlDevice for use with Netcat PTZ script --- web/skins/classic/views/onvifprobe.php | 3 ++- 1 file changed, 2 insertions(+), 1 deletion(-) diff --git a/web/skins/classic/views/onvifprobe.php b/web/skins/classic/views/onvifprobe.php index ed4dce6e3..e1c4c8ef7 100644 --- a/web/skins/classic/views/onvifprobe.php +++ b/web/skins/classic/views/onvifprobe.php @@ -86,7 +86,7 @@ function probeCameras( $localIp ) { function probeProfiles( $device_ep, $soapversion, $username, $password ) { $profiles = array(); - if ( $lines = @execONVIF( "profiles $device_ep $soapversion $username $password" ) ) { + if ( $lines = @execONVIF("profiles $device_ep $soapversion $username $password") ) { foreach ( $lines as $line ) { $line = rtrim( $line ); if ( preg_match('|^(.+),\s*(.+),\s*(.+),\s*(.+),\s*(.+),\s*(.+),\s*(.+)\s*$|', $line, $matches) ) { @@ -234,6 +234,7 @@ if ( !isset($_REQUEST['step']) || ($_REQUEST['step'] == '1') ) { // $monitor['MaxFPS'] = $profile['MaxFPS']; // $monitor['AlarmMaxFPS'] = $profile['AlarmMaxFPS']; $monitor['Path'] = $profile['Path']; + $monitor['ControlDevice'] = $profile['Profile']; # Netcat needs this for ProfileToken $sourceDesc = base64_encode(json_encode($monitor)); $profiles[$sourceDesc] = $sourceString; } From 38bcdbbffe1790971b8624d892616e74eca915b3 Mon Sep 17 00:00:00 2001 From: Isaac Connor Date: Fri, 21 Jun 2019 18:04:39 -0400 Subject: [PATCH 267/922] ONly close session if we opened it in generateAuthHash, only try to validate auth hash if it is set in the session --- web/includes/auth.php | 9 ++++++--- 1 file changed, 6 insertions(+), 3 deletions(-) diff --git a/web/includes/auth.php b/web/includes/auth.php index b8005ad2f..b6213e061 100644 --- a/web/includes/auth.php +++ b/web/includes/auth.php @@ -263,7 +263,7 @@ function validateToken ($token, $allowed_token_type='access', $from_api_layer=fa } // end function validateToken($token, $allowed_token_type='access') function getAuthUser($auth, $from_api_layer = false) { - if ( ZM_OPT_USE_AUTH && ZM_AUTH_RELAY == 'hashed' && !empty($auth) ) { + if ( ZM_OPT_USE_AUTH && (ZM_AUTH_RELAY == 'hashed') && !empty($auth) ) { $remoteAddr = ''; if ( ZM_AUTH_HASH_IPS ) { $remoteAddr = $_SERVER['REMOTE_ADDR']; @@ -336,7 +336,8 @@ function generateAuthHash($useRemoteAddr, $force=false) { } $_SESSION['AuthHash'.$_SESSION['remoteAddr']] = $auth; $_SESSION['AuthHashGeneratedAt'] = $time; - session_write_close(); + if ( $close_session ) + session_write_close(); #ZM\Logger::Debug("Generated new auth $auth at " . $_SESSION['AuthHashGeneratedAt']. " using $authKey" ); #} else { #ZM\Logger::Debug("Using cached auth " . $_SESSION['AuthHash'] ." beacuse generatedat:" . $_SESSION['AuthHashGeneratedAt'] . ' < now:'. $time . ' - ' . ZM_AUTH_HASH_TTL . ' * 1800 = '. $mintime); @@ -376,7 +377,8 @@ if ( ZM_OPT_USE_AUTH ) { if ( ZM_AUTH_HASH_LOGINS and (ZM_AUTH_RELAY == 'hashed') ) { # Extra validation, if logged in, then the auth hash will be set in the session, so we can validate it. # This prevent session modification to switch users - $user = getAuthUser($_SESSION['AuthHash'.$_SESSION['remoteAddr']]); + if ( $_SESSION['AuthHash'.$_SESSION['remoteAddr']] ) + $user = getAuthUser($_SESSION['AuthHash'.$_SESSION['remoteAddr']]); } else { # Need to refresh permissions and validate that the user still exists $sql = 'SELECT * FROM Users WHERE Enabled=1 AND Username=?'; @@ -396,6 +398,7 @@ if ( ZM_OPT_USE_AUTH ) { } } else if ( isset($_REQUEST['username']) and isset($_REQUEST['password']) ) { userLogin($_REQUEST['username'], $_REQUEST['password'], false); + # Because it might have migrated the password we need to update the hash generateAuthHash(ZM_AUTH_HASH_IPS, true); } From 46032385fe6c7c57bb6fb7adef6d1de4ad8adc89 Mon Sep 17 00:00:00 2001 From: Isaac Connor Date: Sat, 22 Jun 2019 14:10:55 -0400 Subject: [PATCH 268/922] fix viewport on mobile. Fix duplicated css when selected css is base --- web/skins/classic/includes/functions.php | 11 ++++++++--- 1 file changed, 8 insertions(+), 3 deletions(-) diff --git a/web/skins/classic/includes/functions.php b/web/skins/classic/includes/functions.php index fc62a504c..48632d59f 100644 --- a/web/skins/classic/includes/functions.php +++ b/web/skins/classic/includes/functions.php @@ -58,6 +58,7 @@ function xhtmlHeaders($file, $title) { + <?php echo validHtmlStr(ZM_WEB_TITLE_PREFIX); ?> - <?php echo validHtmlStr($title) ?> From 8b37c0e9b04f955a0a43c4d366751f1c71662104 Mon Sep 17 00:00:00 2001 From: Andrew Bauer Date: Sun, 23 Jun 2019 12:12:12 -0500 Subject: [PATCH 269/922] remove bcrypt & jwt-cpp as submodules, bring in statically under src --- .gitmodules | 6 - CMakeLists.txt | 2 +- src/CMakeLists.txt | 6 +- src/bcrypt/CMakeLists.txt | 90 + src/bcrypt/LICENSE | 22 + src/bcrypt/README.md | 40 + src/bcrypt/include/bcrypt/BCrypt.hpp | 32 + src/bcrypt/include/bcrypt/bcrypt.h | 97 + src/bcrypt/include/bcrypt/crypt.h | 24 + src/bcrypt/include/bcrypt/crypt_blowfish.h | 27 + src/bcrypt/include/bcrypt/crypt_gensalt.h | 30 + src/bcrypt/include/bcrypt/ow-crypt.h | 43 + src/bcrypt/include/bcrypt/winbcrypt.h | 27 + src/bcrypt/src/bcrypt.c | 230 ++ src/bcrypt/src/crypt_blowfish.c | 911 ++++++ src/bcrypt/src/crypt_gensalt.c | 128 + src/bcrypt/src/main.cpp | 19 + src/bcrypt/src/wrapper.c | 563 ++++ src/bcrypt/src/x86.S | 202 ++ src/bcrypt/vs2017/libbcrypt/libbcrypt.sln | 41 + src/bcrypt/vs2017/libbcrypt/libbcrypt.vcxproj | 135 + .../libbcrypt/libbcrypt.vcxproj.filters | 54 + src/bcrypt/vs2017/test/main.cpp | 22 + src/bcrypt/vs2017/test/test.vcxproj | 131 + src/bcrypt/vs2017/test/test.vcxproj.filters | 22 + src/jwt-cpp/BaseTest.cpp | 30 + src/jwt-cpp/ClaimTest.cpp | 33 + src/jwt-cpp/Doxyfile | 2494 +++++++++++++++++ src/jwt-cpp/HelperTest.cpp | 55 + src/jwt-cpp/LICENSE | 21 + src/jwt-cpp/README.md | 98 + src/jwt-cpp/TestMain.cpp | 7 + src/jwt-cpp/TokenFormatTest.cpp | 15 + src/jwt-cpp/TokenTest.cpp | 420 +++ src/jwt-cpp/include/jwt-cpp/base.h | 168 ++ src/jwt-cpp/include/jwt-cpp/jwt.h | 1593 +++++++++++ src/jwt-cpp/include/jwt-cpp/picojson.h | 1168 ++++++++ src/jwt-cpp/jwt-cpp.sln | 28 + src/jwt-cpp/jwt-cpp.vcxproj | 160 ++ src/jwt-cpp/jwt-cpp.vcxproj.filters | 36 + src/jwt-cpp/vcpkg/CONTROL | 3 + src/jwt-cpp/vcpkg/fix-picojson.patch | 12 + src/jwt-cpp/vcpkg/fix-warning.patch | 31 + src/jwt-cpp/vcpkg/portfile.cmake | 23 + third_party/bcrypt | 1 - third_party/jwt-cpp | 1 - 46 files changed, 9289 insertions(+), 12 deletions(-) create mode 100644 src/bcrypt/CMakeLists.txt create mode 100644 src/bcrypt/LICENSE create mode 100644 src/bcrypt/README.md create mode 100644 src/bcrypt/include/bcrypt/BCrypt.hpp create mode 100644 src/bcrypt/include/bcrypt/bcrypt.h create mode 100644 src/bcrypt/include/bcrypt/crypt.h create mode 100644 src/bcrypt/include/bcrypt/crypt_blowfish.h create mode 100644 src/bcrypt/include/bcrypt/crypt_gensalt.h create mode 100644 src/bcrypt/include/bcrypt/ow-crypt.h create mode 100644 src/bcrypt/include/bcrypt/winbcrypt.h create mode 100644 src/bcrypt/src/bcrypt.c create mode 100644 src/bcrypt/src/crypt_blowfish.c create mode 100644 src/bcrypt/src/crypt_gensalt.c create mode 100644 src/bcrypt/src/main.cpp create mode 100644 src/bcrypt/src/wrapper.c create mode 100644 src/bcrypt/src/x86.S create mode 100644 src/bcrypt/vs2017/libbcrypt/libbcrypt.sln create mode 100644 src/bcrypt/vs2017/libbcrypt/libbcrypt.vcxproj create mode 100644 src/bcrypt/vs2017/libbcrypt/libbcrypt.vcxproj.filters create mode 100644 src/bcrypt/vs2017/test/main.cpp create mode 100644 src/bcrypt/vs2017/test/test.vcxproj create mode 100644 src/bcrypt/vs2017/test/test.vcxproj.filters create mode 100644 src/jwt-cpp/BaseTest.cpp create mode 100644 src/jwt-cpp/ClaimTest.cpp create mode 100644 src/jwt-cpp/Doxyfile create mode 100644 src/jwt-cpp/HelperTest.cpp create mode 100644 src/jwt-cpp/LICENSE create mode 100644 src/jwt-cpp/README.md create mode 100644 src/jwt-cpp/TestMain.cpp create mode 100644 src/jwt-cpp/TokenFormatTest.cpp create mode 100644 src/jwt-cpp/TokenTest.cpp create mode 100644 src/jwt-cpp/include/jwt-cpp/base.h create mode 100644 src/jwt-cpp/include/jwt-cpp/jwt.h create mode 100644 src/jwt-cpp/include/jwt-cpp/picojson.h create mode 100644 src/jwt-cpp/jwt-cpp.sln create mode 100644 src/jwt-cpp/jwt-cpp.vcxproj create mode 100644 src/jwt-cpp/jwt-cpp.vcxproj.filters create mode 100644 src/jwt-cpp/vcpkg/CONTROL create mode 100644 src/jwt-cpp/vcpkg/fix-picojson.patch create mode 100644 src/jwt-cpp/vcpkg/fix-warning.patch create mode 100644 src/jwt-cpp/vcpkg/portfile.cmake delete mode 160000 third_party/bcrypt delete mode 160000 third_party/jwt-cpp diff --git a/.gitmodules b/.gitmodules index b64d78997..eb0e282a2 100644 --- a/.gitmodules +++ b/.gitmodules @@ -5,9 +5,3 @@ [submodule "web/api/app/Plugin/CakePHP-Enum-Behavior"] path = web/api/app/Plugin/CakePHP-Enum-Behavior url = https://github.com/ZoneMinder/CakePHP-Enum-Behavior.git -[submodule "third_party/bcrypt"] - path = third_party/bcrypt - url = https://github.com/ZoneMinder/libbcrypt -[submodule "third_party/jwt-cpp"] - path = third_party/jwt-cpp - url = https://github.com/Thalhammer/jwt-cpp diff --git a/CMakeLists.txt b/CMakeLists.txt index 85e17fccc..0b8c9572a 100644 --- a/CMakeLists.txt +++ b/CMakeLists.txt @@ -876,7 +876,7 @@ ADD_MANPAGE_TARGET() # build a bcrypt static library set(BUILD_SHARED_LIBS_SAVED "${BUILD_SHARED_LIBS}") set(BUILD_SHARED_LIBS OFF) -add_subdirectory(third_party/bcrypt) +add_subdirectory(src/bcrypt) set(BUILD_SHARED_LIBS "${BUILD_SHARED_LIBS_SAVED}") add_subdirectory(src) diff --git a/src/CMakeLists.txt b/src/CMakeLists.txt index 3628a4944..5b8660aad 100644 --- a/src/CMakeLists.txt +++ b/src/CMakeLists.txt @@ -9,7 +9,7 @@ set(ZM_BIN_SRC_FILES zm_box.cpp zm_buffer.cpp zm_camera.cpp zm_comms.cpp zm_conf # A fix for cmake recompiling the source files for every target. add_library(zm STATIC ${ZM_BIN_SRC_FILES}) -link_directories(../third_party/bcrypt) +link_directories(bcrypt) add_executable(zmc zmc.cpp) add_executable(zma zma.cpp) @@ -17,8 +17,8 @@ add_executable(zmu zmu.cpp) add_executable(zms zms.cpp) # JWT is a header only library. -include_directories(../third_party/bcrypt/include/bcrypt) -include_directories(../third_party/jwt-cpp/include/jwt-cpp) +include_directories(bcrypt/include/bcrypt) +include_directories(jwt-cpp/include/jwt-cpp) target_link_libraries(zmc zm ${ZM_EXTRA_LIBS} ${ZM_BIN_LIBS}) target_link_libraries(zma zm ${ZM_EXTRA_LIBS} ${ZM_BIN_LIBS}) diff --git a/src/bcrypt/CMakeLists.txt b/src/bcrypt/CMakeLists.txt new file mode 100644 index 000000000..a0883eec5 --- /dev/null +++ b/src/bcrypt/CMakeLists.txt @@ -0,0 +1,90 @@ +################################################################################### +# +# Copyright (c) 2014, webvariants GmbH, http://www.webvariants.de +# +# This file is released under the terms of the MIT license. You can find the +# complete text in the attached LICENSE file or online at: +# +# http://www.opensource.org/licenses/mit-license.php +# +# @author: Tino Rusch (tino.rusch@webvariants.de) +# +################################################################################### + +cmake_minimum_required(VERSION 2.8 FATAL_ERROR) + +project(bcrypt) + +enable_language(ASM) + +set(MYLIB_VERSION_MAJOR 1) +set(MYLIB_VERSION_MINOR 0) +set(MYLIB_VERSION_PATCH 0) +set(MYLIB_VERSION_STRING ${MYLIB_VERSION_MAJOR}.${MYLIB_VERSION_MINOR}.${MYLIB_VERSION_PATCH}) + +# just doing cmake . will build a shared or static lib and honor existing environment setting +# to force build static, cmake . -DBUILD_SHARED_LIBS=Off +# to force build shared, cmake . -DBUILD_SHARED_LIBS=On + +if (NOT BUILD_SHARED_LIBS) + message ("Building a static library") +else () + message ("Building a shared library") +endif () + + +set( CMAKE_COLOR_MAKEFILE ON ) + +set( CMAKE_CXX_FLAGS "${CMAKE_CXX_FLAGS} -Wall --std=c++11 -O3" ) +set( CMAKE_C_FLAGS "${CMAKE_C_FLAGS} -Wall -O3" ) + +set( CMAKE_ASM_FLAGS "${CXXFLAGS} -x assembler-with-cpp") + +set( SRCFILES + ${CMAKE_CURRENT_SOURCE_DIR}/src/bcrypt.c + ${CMAKE_CURRENT_SOURCE_DIR}/src/crypt_blowfish.c + ${CMAKE_CURRENT_SOURCE_DIR}/src/crypt_gensalt.c + ${CMAKE_CURRENT_SOURCE_DIR}/src/wrapper.c + ${CMAKE_CURRENT_SOURCE_DIR}/src/x86.S +) + +include_directories( ${CMAKE_CURRENT_SOURCE_DIR}/include/bcrypt) +include_directories( ${CMAKE_CURRENT_SOURCE_DIR}/include) + +add_library( + ${PROJECT_NAME} + ${SRCFILES} +) + +set_target_properties(${PROJECT_NAME} PROPERTIES VERSION ${MYLIB_VERSION_STRING} SOVERSION ${MYLIB_VERSION_MAJOR}) + +set_target_properties(${PROJECT_NAME} PROPERTIES PUBLIC_HEADER include/bcrypt/BCrypt.hpp) + +target_include_directories(${PROJECT_NAME} PRIVATE include) +target_include_directories(${PROJECT_NAME} PRIVATE src) + +add_executable( ${PROJECT_NAME}_test ${CMAKE_CURRENT_SOURCE_DIR}/src/main.cpp) + +target_link_libraries( ${PROJECT_NAME}_test ${PROJECT_NAME}) + +include(GNUInstallDirs) + +install(TARGETS ${PROJECT_NAME} + LIBRARY DESTINATION ${CMAKE_INSTALL_LIBDIR} + ARCHIVE DESTINATION ${CMAKE_INSTALL_LIBDIR} + RUNTIME DESTINATION ${CMAKE_INSTALL_LIBDIR} + PUBLIC_HEADER DESTINATION ${CMAKE_INSTALL_INCLUDEDIR}/bcrypt) + +install(DIRECTORY ${CMAKE_CURRENT_SOURCE_DIR}/include/ DESTINATION ${CMAKE_INSTALL_INCLUDEDIR} + FILES_MATCHING PATTERN "*.h") + +SET(CPACK_GENERATOR "DEB") +SET(CPACK_SET_DESTDIR ON) + +SET(CPACK_DEBIAN_PACKAGE_MAINTAINER "Manuel Romei") +SET(CPACK_PACKAGE_VERSION "1.0.0") +SET(CPACK_PACKAGE_VERSION_MAJOR "1") +SET(CPACK_PACKAGE_VERSION_MINOR "0") +SET(CPACK_PACKAGE_VERSION_PATCH "0") + +INCLUDE(CPack) diff --git a/src/bcrypt/LICENSE b/src/bcrypt/LICENSE new file mode 100644 index 000000000..b6f2adb23 --- /dev/null +++ b/src/bcrypt/LICENSE @@ -0,0 +1,22 @@ +The MIT License (MIT) + +Copyright (c) 2015 trusch + +Permission is hereby granted, free of charge, to any person obtaining a copy +of this software and associated documentation files (the "Software"), to deal +in the Software without restriction, including without limitation the rights +to use, copy, modify, merge, publish, distribute, sublicense, and/or sell +copies of the Software, and to permit persons to whom the Software is +furnished to do so, subject to the following conditions: + +The above copyright notice and this permission notice shall be included in all +copies or substantial portions of the Software. + +THE SOFTWARE IS PROVIDED "AS IS", WITHOUT WARRANTY OF ANY KIND, EXPRESS OR +IMPLIED, INCLUDING BUT NOT LIMITED TO THE WARRANTIES OF MERCHANTABILITY, +FITNESS FOR A PARTICULAR PURPOSE AND NONINFRINGEMENT. IN NO EVENT SHALL THE +AUTHORS OR COPYRIGHT HOLDERS BE LIABLE FOR ANY CLAIM, DAMAGES OR OTHER +LIABILITY, WHETHER IN AN ACTION OF CONTRACT, TORT OR OTHERWISE, ARISING FROM, +OUT OF OR IN CONNECTION WITH THE SOFTWARE OR THE USE OR OTHER DEALINGS IN THE +SOFTWARE. + diff --git a/src/bcrypt/README.md b/src/bcrypt/README.md new file mode 100644 index 000000000..98339fc5d --- /dev/null +++ b/src/bcrypt/README.md @@ -0,0 +1,40 @@ +# libbcrypt +A c++ wrapper around bcrypt password hashing + +## How to build this +This is a CMake based project: + +```bash +git clone https://github.com/trusch/libbcrypt +cd libbcrypt +mkdir build +cd build +cmake .. +make +sudo make install +sudo ldconfig +``` + +## How to use this + +Here an example how to use this wrapper class (you can find it in the src/ subdirectory) + +```cpp +#include "bcrypt/BCrypt.hpp" +#include + +int main(){ + BCrypt bcrypt; + std::string password = "test"; + std::string hash = bcrypt.generateHash(password); + std::cout< +#include + +class BCrypt { +public: + static std::string generateHash(const std::string & password, int workload = 12){ + char salt[BCRYPT_HASHSIZE]; + char hash[BCRYPT_HASHSIZE]; + int ret; + ret = bcrypt_gensalt(workload, salt); + if(ret != 0)throw std::runtime_error{"bcrypt: can not generate salt"}; + ret = bcrypt_hashpw(password.c_str(), salt, hash); + if(ret != 0)throw std::runtime_error{"bcrypt: can not generate hash"}; + return std::string{hash}; + } + + static bool validatePassword(const std::string & password, const std::string & hash){ + return (bcrypt_checkpw(password.c_str(), hash.c_str()) == 0); + } +}; + +#endif + +#endif // __BCRYPT__ diff --git a/src/bcrypt/include/bcrypt/bcrypt.h b/src/bcrypt/include/bcrypt/bcrypt.h new file mode 100644 index 000000000..e45b3ca13 --- /dev/null +++ b/src/bcrypt/include/bcrypt/bcrypt.h @@ -0,0 +1,97 @@ +#ifndef BCRYPT_H_ +#define BCRYPT_H_ +/* + * bcrypt wrapper library + * + * Written in 2011, 2013, 2014, 2015 by Ricardo Garcia + * + * To the extent possible under law, the author(s) have dedicated all copyright + * and related and neighboring rights to this software to the public domain + * worldwide. This software is distributed without any warranty. + * + * You should have received a copy of the CC0 Public Domain Dedication along + * with this software. If not, see + * . + */ + +#define BCRYPT_HASHSIZE (64) + +#ifdef __cplusplus +extern "C" { +#endif + +/* + * This function expects a work factor between 4 and 31 and a char array to + * store the resulting generated salt. The char array should typically have + * BCRYPT_HASHSIZE bytes at least. If the provided work factor is not in the + * previous range, it will default to 12. + * + * The return value is zero if the salt could be correctly generated and + * nonzero otherwise. + * + */ +int bcrypt_gensalt(int workfactor, char salt[BCRYPT_HASHSIZE]); + +/* + * This function expects a password to be hashed, a salt to hash the password + * with and a char array to leave the result. Both the salt and the hash + * parameters should have room for BCRYPT_HASHSIZE characters at least. + * + * It can also be used to verify a hashed password. In that case, provide the + * expected hash in the salt parameter and verify the output hash is the same + * as the input hash. However, to avoid timing attacks, it's better to use + * bcrypt_checkpw when verifying a password. + * + * The return value is zero if the password could be hashed and nonzero + * otherwise. + */ +int bcrypt_hashpw(const char *passwd, const char salt[BCRYPT_HASHSIZE], + char hash[BCRYPT_HASHSIZE]); + +/* + * This function expects a password and a hash to verify the password against. + * The internal implementation is tuned to avoid timing attacks. + * + * The return value will be -1 in case of errors, zero if the provided password + * matches the given hash and greater than zero if no errors are found and the + * passwords don't match. + * + */ +int bcrypt_checkpw(const char *passwd, const char hash[BCRYPT_HASHSIZE]); + +/* + * Brief Example + * ------------- + * + * Hashing a password: + * + * char salt[BCRYPT_HASHSIZE]; + * char hash[BCRYPT_HASHSIZE]; + * int ret; + * + * ret = bcrypt_gensalt(12, salt); + * assert(ret == 0); + * ret = bcrypt_hashpw("thepassword", salt, hash); + * assert(ret == 0); + * + * + * Verifying a password: + * + * int ret; + * + * ret = bcrypt_checkpw("thepassword", "expectedhash"); + * assert(ret != -1); + * + * if (ret == 0) { + * printf("The password matches\n"); + * } else { + * printf("The password does NOT match\n"); + * } + * + */ + +#ifdef __cplusplus +} +#endif + +#endif diff --git a/src/bcrypt/include/bcrypt/crypt.h b/src/bcrypt/include/bcrypt/crypt.h new file mode 100644 index 000000000..12e67055b --- /dev/null +++ b/src/bcrypt/include/bcrypt/crypt.h @@ -0,0 +1,24 @@ +/* + * Written by Solar Designer in 2000-2002. + * No copyright is claimed, and the software is hereby placed in the public + * domain. In case this attempt to disclaim copyright and place the software + * in the public domain is deemed null and void, then the software is + * Copyright (c) 2000-2002 Solar Designer and it is hereby released to the + * general public under the following terms: + * + * Redistribution and use in source and binary forms, with or without + * modification, are permitted. + * + * There's ABSOLUTELY NO WARRANTY, express or implied. + * + * See crypt_blowfish.c for more information. + */ + +#include + +#if defined(_OW_SOURCE) || defined(__USE_OW) +#define __SKIP_GNU +#undef __SKIP_OW +#include +#undef __SKIP_GNU +#endif diff --git a/src/bcrypt/include/bcrypt/crypt_blowfish.h b/src/bcrypt/include/bcrypt/crypt_blowfish.h new file mode 100644 index 000000000..2ee0d8c1d --- /dev/null +++ b/src/bcrypt/include/bcrypt/crypt_blowfish.h @@ -0,0 +1,27 @@ +/* + * Written by Solar Designer in 2000-2011. + * No copyright is claimed, and the software is hereby placed in the public + * domain. In case this attempt to disclaim copyright and place the software + * in the public domain is deemed null and void, then the software is + * Copyright (c) 2000-2011 Solar Designer and it is hereby released to the + * general public under the following terms: + * + * Redistribution and use in source and binary forms, with or without + * modification, are permitted. + * + * There's ABSOLUTELY NO WARRANTY, express or implied. + * + * See crypt_blowfish.c for more information. + */ + +#ifndef _CRYPT_BLOWFISH_H +#define _CRYPT_BLOWFISH_H + +extern int _crypt_output_magic(const char *setting, char *output, int size); +extern char *_crypt_blowfish_rn(const char *key, const char *setting, + char *output, int size); +extern char *_crypt_gensalt_blowfish_rn(const char *prefix, + unsigned long count, + const char *input, int size, char *output, int output_size); + +#endif diff --git a/src/bcrypt/include/bcrypt/crypt_gensalt.h b/src/bcrypt/include/bcrypt/crypt_gensalt.h new file mode 100644 index 000000000..457bbfe29 --- /dev/null +++ b/src/bcrypt/include/bcrypt/crypt_gensalt.h @@ -0,0 +1,30 @@ +/* + * Written by Solar Designer in 2000-2011. + * No copyright is claimed, and the software is hereby placed in the public + * domain. In case this attempt to disclaim copyright and place the software + * in the public domain is deemed null and void, then the software is + * Copyright (c) 2000-2011 Solar Designer and it is hereby released to the + * general public under the following terms: + * + * Redistribution and use in source and binary forms, with or without + * modification, are permitted. + * + * There's ABSOLUTELY NO WARRANTY, express or implied. + * + * See crypt_blowfish.c for more information. + */ + +#ifndef _CRYPT_GENSALT_H +#define _CRYPT_GENSALT_H + +extern unsigned char _crypt_itoa64[]; +extern char *_crypt_gensalt_traditional_rn(const char *prefix, + unsigned long count, + const char *input, int size, char *output, int output_size); +extern char *_crypt_gensalt_extended_rn(const char *prefix, + unsigned long count, + const char *input, int size, char *output, int output_size); +extern char *_crypt_gensalt_md5_rn(const char *prefix, unsigned long count, + const char *input, int size, char *output, int output_size); + +#endif diff --git a/src/bcrypt/include/bcrypt/ow-crypt.h b/src/bcrypt/include/bcrypt/ow-crypt.h new file mode 100644 index 000000000..2c8ddf8f6 --- /dev/null +++ b/src/bcrypt/include/bcrypt/ow-crypt.h @@ -0,0 +1,43 @@ +/* + * Written by Solar Designer in 2000-2011. + * No copyright is claimed, and the software is hereby placed in the public + * domain. In case this attempt to disclaim copyright and place the software + * in the public domain is deemed null and void, then the software is + * Copyright (c) 2000-2011 Solar Designer and it is hereby released to the + * general public under the following terms: + * + * Redistribution and use in source and binary forms, with or without + * modification, are permitted. + * + * There's ABSOLUTELY NO WARRANTY, express or implied. + * + * See crypt_blowfish.c for more information. + */ + +#ifndef _OW_CRYPT_H +#define _OW_CRYPT_H + +#ifndef __GNUC__ +#undef __const +#define __const const +#endif + +#ifndef __SKIP_GNU +extern char *crypt(__const char *key, __const char *setting); +extern char *crypt_r(__const char *key, __const char *setting, void *data); +#endif + +#ifndef __SKIP_OW +extern char *crypt_rn(__const char *key, __const char *setting, + void *data, int size); +extern char *crypt_ra(__const char *key, __const char *setting, + void **data, int *size); +extern char *crypt_gensalt(__const char *prefix, unsigned long count, + __const char *input, int size); +extern char *crypt_gensalt_rn(__const char *prefix, unsigned long count, + __const char *input, int size, char *output, int output_size); +extern char *crypt_gensalt_ra(__const char *prefix, unsigned long count, + __const char *input, int size); +#endif + +#endif diff --git a/src/bcrypt/include/bcrypt/winbcrypt.h b/src/bcrypt/include/bcrypt/winbcrypt.h new file mode 100644 index 000000000..703ecd211 --- /dev/null +++ b/src/bcrypt/include/bcrypt/winbcrypt.h @@ -0,0 +1,27 @@ +#ifndef __WIN_BCRYPT__H +#define __WIN_BCRYPT__H + +#include + +#include "crypt_blowfish.h" +#include "./bcrypt.h" + +class BCrypt { +public: + static std::string generateHash(const std::string & password, int workload = 12) { + char salt[BCRYPT_HASHSIZE]; + char hash[BCRYPT_HASHSIZE]; + int ret; + ret = bcrypt_gensalt(workload, salt); + if (ret != 0)throw std::runtime_error{ "bcrypt: can not generate salt" }; + ret = bcrypt_hashpw(password.c_str(), salt, hash); + if (ret != 0)throw std::runtime_error{ "bcrypt: can not generate hash" }; + return std::string{ hash }; + } + + static bool validatePassword(const std::string & password, const std::string & hash) { + return (bcrypt_checkpw(password.c_str(), hash.c_str()) == 0); + } +}; + +#endif \ No newline at end of file diff --git a/src/bcrypt/src/bcrypt.c b/src/bcrypt/src/bcrypt.c new file mode 100644 index 000000000..c32b51b0b --- /dev/null +++ b/src/bcrypt/src/bcrypt.c @@ -0,0 +1,230 @@ +/* + * bcrypt wrapper library + * + * Written in 2011, 2013, 2014, 2015 by Ricardo Garcia + * + * To the extent possible under law, the author(s) have dedicated all copyright + * and related and neighboring rights to this software to the public domain + * worldwide. This software is distributed without any warranty. + * + * You should have received a copy of the CC0 Public Domain Dedication along + * with this software. If not, see + * . + */ +#include +#include +#include +#include +#ifdef _WIN32 +#elif _WIN64 +#else +#include +#endif +#include + +#ifdef _WIN32 || _WIN64 +// On windows we need to generate random bytes differently. +typedef __int64 ssize_t; +#define BCRYPT_HASHSIZE 60 + +#include "../include/bcrypt/bcrypt.h" + +#include +#include /* CryptAcquireContext, CryptGenRandom */ +#else +#include "bcrypt.h" +#include "ow-crypt.h" +#endif + +#define RANDBYTES (16) + +static int try_close(int fd) +{ + int ret; + for (;;) { + errno = 0; + ret = close(fd); + if (ret == -1 && errno == EINTR) + continue; + break; + } + return ret; +} + +static int try_read(int fd, char *out, size_t count) +{ + size_t total; + ssize_t partial; + + total = 0; + while (total < count) + { + for (;;) { + errno = 0; + partial = read(fd, out + total, count - total); + if (partial == -1 && errno == EINTR) + continue; + break; + } + + if (partial < 1) + return -1; + + total += partial; + } + + return 0; +} + +/* + * This is a best effort implementation. Nothing prevents a compiler from + * optimizing this function and making it vulnerable to timing attacks, but + * this method is commonly used in crypto libraries like NaCl. + * + * Return value is zero if both strings are equal and nonzero otherwise. +*/ +static int timing_safe_strcmp(const char *str1, const char *str2) +{ + const unsigned char *u1; + const unsigned char *u2; + int ret; + int i; + + int len1 = strlen(str1); + int len2 = strlen(str2); + + /* In our context both strings should always have the same length + * because they will be hashed passwords. */ + if (len1 != len2) + return 1; + + /* Force unsigned for bitwise operations. */ + u1 = (const unsigned char *)str1; + u2 = (const unsigned char *)str2; + + ret = 0; + for (i = 0; i < len1; ++i) + ret |= (u1[i] ^ u2[i]); + + return ret; +} + +int bcrypt_gensalt(int factor, char salt[BCRYPT_HASHSIZE]) +{ + int fd; + char input[RANDBYTES]; + int workf; + char *aux; + + // Note: Windows does not have /dev/urandom sadly. +#ifdef _WIN32 || _WIN64 + HCRYPTPROV p; + ULONG i; + + // Acquire a crypt context for generating random bytes. + if (CryptAcquireContext(&p, NULL, NULL, PROV_RSA_FULL, CRYPT_VERIFYCONTEXT) == FALSE) { + return 1; + } + + if (CryptGenRandom(p, RANDBYTES, (BYTE*)input) == FALSE) { + return 2; + } + + if (CryptReleaseContext(p, 0) == FALSE) { + return 3; + } +#else + // Get random bytes on Unix/Linux. + fd = open("/dev/urandom", O_RDONLY); + if (fd == -1) + return 1; + + if (try_read(fd, input, RANDBYTES) != 0) { + if (try_close(fd) != 0) + return 4; + return 2; + } + + if (try_close(fd) != 0) + return 3; +#endif + + /* Generate salt. */ + workf = (factor < 4 || factor > 31)?12:factor; + aux = crypt_gensalt_rn("$2a$", workf, input, RANDBYTES, + salt, BCRYPT_HASHSIZE); + return (aux == NULL)?5:0; +} + +int bcrypt_hashpw(const char *passwd, const char salt[BCRYPT_HASHSIZE], char hash[BCRYPT_HASHSIZE]) +{ + char *aux; + aux = crypt_rn(passwd, salt, hash, BCRYPT_HASHSIZE); + return (aux == NULL)?1:0; +} + +int bcrypt_checkpw(const char *passwd, const char hash[BCRYPT_HASHSIZE]) +{ + int ret; + char outhash[BCRYPT_HASHSIZE]; + + ret = bcrypt_hashpw(passwd, hash, outhash); + if (ret != 0) + return -1; + + return timing_safe_strcmp(hash, outhash); +} + +#ifdef TEST_BCRYPT +#include +#include +#include +#include + +int main(void) +{ + clock_t before; + clock_t after; + char salt[BCRYPT_HASHSIZE]; + char hash[BCRYPT_HASHSIZE]; + int ret; + + const char pass[] = "hi,mom"; + const char hash1[] = "$2a$10$VEVmGHy4F4XQMJ3eOZJAUeb.MedU0W10pTPCuf53eHdKJPiSE8sMK"; + const char hash2[] = "$2a$10$3F0BVk5t8/aoS.3ddaB3l.fxg5qvafQ9NybxcpXLzMeAt.nVWn.NO"; + + ret = bcrypt_gensalt(12, salt); + assert(ret == 0); + printf("Generated salt: %s\n", salt); + before = clock(); + ret = bcrypt_hashpw("testtesttest", salt, hash); + assert(ret == 0); + after = clock(); + printf("Hashed password: %s\n", hash); + printf("Time taken: %f seconds\n", + (double)(after - before) / CLOCKS_PER_SEC); + + ret = bcrypt_hashpw(pass, hash1, hash); + assert(ret == 0); + printf("First hash check: %s\n", (strcmp(hash1, hash) == 0)?"OK":"FAIL"); + ret = bcrypt_hashpw(pass, hash2, hash); + assert(ret == 0); + printf("Second hash check: %s\n", (strcmp(hash2, hash) == 0)?"OK":"FAIL"); + + before = clock(); + ret = (bcrypt_checkpw(pass, hash1) == 0); + after = clock(); + printf("First hash check with bcrypt_checkpw: %s\n", ret?"OK":"FAIL"); + printf("Time taken: %f seconds\n", + (double)(after - before) / CLOCKS_PER_SEC); + + before = clock(); + ret = (bcrypt_checkpw(pass, hash2) == 0); + after = clock(); + printf("Second hash check with bcrypt_checkpw: %s\n", ret?"OK":"FAIL"); + printf("Time taken: %f seconds\n", + (double)(after - before) / CLOCKS_PER_SEC); + + return 0; +} +#endif diff --git a/src/bcrypt/src/crypt_blowfish.c b/src/bcrypt/src/crypt_blowfish.c new file mode 100644 index 000000000..0fa55ea07 --- /dev/null +++ b/src/bcrypt/src/crypt_blowfish.c @@ -0,0 +1,911 @@ +/* + * The crypt_blowfish homepage is: + * + * http://www.openwall.com/crypt/ + * + * This code comes from John the Ripper password cracker, with reentrant + * and crypt(3) interfaces added, but optimizations specific to password + * cracking removed. + * + * Written by Solar Designer in 1998-2014. + * No copyright is claimed, and the software is hereby placed in the public + * domain. In case this attempt to disclaim copyright and place the software + * in the public domain is deemed null and void, then the software is + * Copyright (c) 1998-2014 Solar Designer and it is hereby released to the + * general public under the following terms: + * + * Redistribution and use in source and binary forms, with or without + * modification, are permitted. + * + * There's ABSOLUTELY NO WARRANTY, express or implied. + * + * It is my intent that you should be able to use this on your system, + * as part of a software package, or anywhere else to improve security, + * ensure compatibility, or for any other purpose. I would appreciate + * it if you give credit where it is due and keep your modifications in + * the public domain as well, but I don't require that in order to let + * you place this code and any modifications you make under a license + * of your choice. + * + * This implementation is fully compatible with OpenBSD's bcrypt.c for prefix + * "$2b$", originally by Niels Provos , and it uses + * some of his ideas. The password hashing algorithm was designed by David + * Mazieres . For information on the level of + * compatibility for bcrypt hash prefixes other than "$2b$", please refer to + * the comments in BF_set_key() below and to the included crypt(3) man page. + * + * There's a paper on the algorithm that explains its design decisions: + * + * http://www.usenix.org/events/usenix99/provos.html + * + * Some of the tricks in BF_ROUND might be inspired by Eric Young's + * Blowfish library (I can't be sure if I would think of something if I + * hadn't seen his code). + */ + +#include + +#include +#ifndef __set_errno +#define __set_errno(val) errno = (val) +#endif + +/* Just to make sure the prototypes match the actual definitions */ +#ifdef _WIN32 || _WIN64 +#include "../include/bcrypt/crypt_blowfish.h" +#else +#include "crypt_blowfish.h" +#endif + +#ifdef __i386__ +#define BF_ASM 1 +#define BF_SCALE 1 +#elif defined(__x86_64__) || defined(__alpha__) || defined(__hppa__) +#define BF_ASM 0 +#define BF_SCALE 1 +#else +#define BF_ASM 0 +#define BF_SCALE 0 +#endif + +typedef unsigned int BF_word; +typedef signed int BF_word_signed; + +/* Number of Blowfish rounds, this is also hardcoded into a few places */ +#define BF_N 16 + +typedef BF_word BF_key[BF_N + 2]; + +typedef struct { + BF_word S[4][0x100]; + BF_key P; +} BF_ctx; + +/* + * Magic IV for 64 Blowfish encryptions that we do at the end. + * The string is "OrpheanBeholderScryDoubt" on big-endian. + */ +static BF_word BF_magic_w[6] = { + 0x4F727068, 0x65616E42, 0x65686F6C, + 0x64657253, 0x63727944, 0x6F756274 +}; + +/* + * P-box and S-box tables initialized with digits of Pi. + */ +static BF_ctx BF_init_state = { + { + { + 0xd1310ba6, 0x98dfb5ac, 0x2ffd72db, 0xd01adfb7, + 0xb8e1afed, 0x6a267e96, 0xba7c9045, 0xf12c7f99, + 0x24a19947, 0xb3916cf7, 0x0801f2e2, 0x858efc16, + 0x636920d8, 0x71574e69, 0xa458fea3, 0xf4933d7e, + 0x0d95748f, 0x728eb658, 0x718bcd58, 0x82154aee, + 0x7b54a41d, 0xc25a59b5, 0x9c30d539, 0x2af26013, + 0xc5d1b023, 0x286085f0, 0xca417918, 0xb8db38ef, + 0x8e79dcb0, 0x603a180e, 0x6c9e0e8b, 0xb01e8a3e, + 0xd71577c1, 0xbd314b27, 0x78af2fda, 0x55605c60, + 0xe65525f3, 0xaa55ab94, 0x57489862, 0x63e81440, + 0x55ca396a, 0x2aab10b6, 0xb4cc5c34, 0x1141e8ce, + 0xa15486af, 0x7c72e993, 0xb3ee1411, 0x636fbc2a, + 0x2ba9c55d, 0x741831f6, 0xce5c3e16, 0x9b87931e, + 0xafd6ba33, 0x6c24cf5c, 0x7a325381, 0x28958677, + 0x3b8f4898, 0x6b4bb9af, 0xc4bfe81b, 0x66282193, + 0x61d809cc, 0xfb21a991, 0x487cac60, 0x5dec8032, + 0xef845d5d, 0xe98575b1, 0xdc262302, 0xeb651b88, + 0x23893e81, 0xd396acc5, 0x0f6d6ff3, 0x83f44239, + 0x2e0b4482, 0xa4842004, 0x69c8f04a, 0x9e1f9b5e, + 0x21c66842, 0xf6e96c9a, 0x670c9c61, 0xabd388f0, + 0x6a51a0d2, 0xd8542f68, 0x960fa728, 0xab5133a3, + 0x6eef0b6c, 0x137a3be4, 0xba3bf050, 0x7efb2a98, + 0xa1f1651d, 0x39af0176, 0x66ca593e, 0x82430e88, + 0x8cee8619, 0x456f9fb4, 0x7d84a5c3, 0x3b8b5ebe, + 0xe06f75d8, 0x85c12073, 0x401a449f, 0x56c16aa6, + 0x4ed3aa62, 0x363f7706, 0x1bfedf72, 0x429b023d, + 0x37d0d724, 0xd00a1248, 0xdb0fead3, 0x49f1c09b, + 0x075372c9, 0x80991b7b, 0x25d479d8, 0xf6e8def7, + 0xe3fe501a, 0xb6794c3b, 0x976ce0bd, 0x04c006ba, + 0xc1a94fb6, 0x409f60c4, 0x5e5c9ec2, 0x196a2463, + 0x68fb6faf, 0x3e6c53b5, 0x1339b2eb, 0x3b52ec6f, + 0x6dfc511f, 0x9b30952c, 0xcc814544, 0xaf5ebd09, + 0xbee3d004, 0xde334afd, 0x660f2807, 0x192e4bb3, + 0xc0cba857, 0x45c8740f, 0xd20b5f39, 0xb9d3fbdb, + 0x5579c0bd, 0x1a60320a, 0xd6a100c6, 0x402c7279, + 0x679f25fe, 0xfb1fa3cc, 0x8ea5e9f8, 0xdb3222f8, + 0x3c7516df, 0xfd616b15, 0x2f501ec8, 0xad0552ab, + 0x323db5fa, 0xfd238760, 0x53317b48, 0x3e00df82, + 0x9e5c57bb, 0xca6f8ca0, 0x1a87562e, 0xdf1769db, + 0xd542a8f6, 0x287effc3, 0xac6732c6, 0x8c4f5573, + 0x695b27b0, 0xbbca58c8, 0xe1ffa35d, 0xb8f011a0, + 0x10fa3d98, 0xfd2183b8, 0x4afcb56c, 0x2dd1d35b, + 0x9a53e479, 0xb6f84565, 0xd28e49bc, 0x4bfb9790, + 0xe1ddf2da, 0xa4cb7e33, 0x62fb1341, 0xcee4c6e8, + 0xef20cada, 0x36774c01, 0xd07e9efe, 0x2bf11fb4, + 0x95dbda4d, 0xae909198, 0xeaad8e71, 0x6b93d5a0, + 0xd08ed1d0, 0xafc725e0, 0x8e3c5b2f, 0x8e7594b7, + 0x8ff6e2fb, 0xf2122b64, 0x8888b812, 0x900df01c, + 0x4fad5ea0, 0x688fc31c, 0xd1cff191, 0xb3a8c1ad, + 0x2f2f2218, 0xbe0e1777, 0xea752dfe, 0x8b021fa1, + 0xe5a0cc0f, 0xb56f74e8, 0x18acf3d6, 0xce89e299, + 0xb4a84fe0, 0xfd13e0b7, 0x7cc43b81, 0xd2ada8d9, + 0x165fa266, 0x80957705, 0x93cc7314, 0x211a1477, + 0xe6ad2065, 0x77b5fa86, 0xc75442f5, 0xfb9d35cf, + 0xebcdaf0c, 0x7b3e89a0, 0xd6411bd3, 0xae1e7e49, + 0x00250e2d, 0x2071b35e, 0x226800bb, 0x57b8e0af, + 0x2464369b, 0xf009b91e, 0x5563911d, 0x59dfa6aa, + 0x78c14389, 0xd95a537f, 0x207d5ba2, 0x02e5b9c5, + 0x83260376, 0x6295cfa9, 0x11c81968, 0x4e734a41, + 0xb3472dca, 0x7b14a94a, 0x1b510052, 0x9a532915, + 0xd60f573f, 0xbc9bc6e4, 0x2b60a476, 0x81e67400, + 0x08ba6fb5, 0x571be91f, 0xf296ec6b, 0x2a0dd915, + 0xb6636521, 0xe7b9f9b6, 0xff34052e, 0xc5855664, + 0x53b02d5d, 0xa99f8fa1, 0x08ba4799, 0x6e85076a + }, { + 0x4b7a70e9, 0xb5b32944, 0xdb75092e, 0xc4192623, + 0xad6ea6b0, 0x49a7df7d, 0x9cee60b8, 0x8fedb266, + 0xecaa8c71, 0x699a17ff, 0x5664526c, 0xc2b19ee1, + 0x193602a5, 0x75094c29, 0xa0591340, 0xe4183a3e, + 0x3f54989a, 0x5b429d65, 0x6b8fe4d6, 0x99f73fd6, + 0xa1d29c07, 0xefe830f5, 0x4d2d38e6, 0xf0255dc1, + 0x4cdd2086, 0x8470eb26, 0x6382e9c6, 0x021ecc5e, + 0x09686b3f, 0x3ebaefc9, 0x3c971814, 0x6b6a70a1, + 0x687f3584, 0x52a0e286, 0xb79c5305, 0xaa500737, + 0x3e07841c, 0x7fdeae5c, 0x8e7d44ec, 0x5716f2b8, + 0xb03ada37, 0xf0500c0d, 0xf01c1f04, 0x0200b3ff, + 0xae0cf51a, 0x3cb574b2, 0x25837a58, 0xdc0921bd, + 0xd19113f9, 0x7ca92ff6, 0x94324773, 0x22f54701, + 0x3ae5e581, 0x37c2dadc, 0xc8b57634, 0x9af3dda7, + 0xa9446146, 0x0fd0030e, 0xecc8c73e, 0xa4751e41, + 0xe238cd99, 0x3bea0e2f, 0x3280bba1, 0x183eb331, + 0x4e548b38, 0x4f6db908, 0x6f420d03, 0xf60a04bf, + 0x2cb81290, 0x24977c79, 0x5679b072, 0xbcaf89af, + 0xde9a771f, 0xd9930810, 0xb38bae12, 0xdccf3f2e, + 0x5512721f, 0x2e6b7124, 0x501adde6, 0x9f84cd87, + 0x7a584718, 0x7408da17, 0xbc9f9abc, 0xe94b7d8c, + 0xec7aec3a, 0xdb851dfa, 0x63094366, 0xc464c3d2, + 0xef1c1847, 0x3215d908, 0xdd433b37, 0x24c2ba16, + 0x12a14d43, 0x2a65c451, 0x50940002, 0x133ae4dd, + 0x71dff89e, 0x10314e55, 0x81ac77d6, 0x5f11199b, + 0x043556f1, 0xd7a3c76b, 0x3c11183b, 0x5924a509, + 0xf28fe6ed, 0x97f1fbfa, 0x9ebabf2c, 0x1e153c6e, + 0x86e34570, 0xeae96fb1, 0x860e5e0a, 0x5a3e2ab3, + 0x771fe71c, 0x4e3d06fa, 0x2965dcb9, 0x99e71d0f, + 0x803e89d6, 0x5266c825, 0x2e4cc978, 0x9c10b36a, + 0xc6150eba, 0x94e2ea78, 0xa5fc3c53, 0x1e0a2df4, + 0xf2f74ea7, 0x361d2b3d, 0x1939260f, 0x19c27960, + 0x5223a708, 0xf71312b6, 0xebadfe6e, 0xeac31f66, + 0xe3bc4595, 0xa67bc883, 0xb17f37d1, 0x018cff28, + 0xc332ddef, 0xbe6c5aa5, 0x65582185, 0x68ab9802, + 0xeecea50f, 0xdb2f953b, 0x2aef7dad, 0x5b6e2f84, + 0x1521b628, 0x29076170, 0xecdd4775, 0x619f1510, + 0x13cca830, 0xeb61bd96, 0x0334fe1e, 0xaa0363cf, + 0xb5735c90, 0x4c70a239, 0xd59e9e0b, 0xcbaade14, + 0xeecc86bc, 0x60622ca7, 0x9cab5cab, 0xb2f3846e, + 0x648b1eaf, 0x19bdf0ca, 0xa02369b9, 0x655abb50, + 0x40685a32, 0x3c2ab4b3, 0x319ee9d5, 0xc021b8f7, + 0x9b540b19, 0x875fa099, 0x95f7997e, 0x623d7da8, + 0xf837889a, 0x97e32d77, 0x11ed935f, 0x16681281, + 0x0e358829, 0xc7e61fd6, 0x96dedfa1, 0x7858ba99, + 0x57f584a5, 0x1b227263, 0x9b83c3ff, 0x1ac24696, + 0xcdb30aeb, 0x532e3054, 0x8fd948e4, 0x6dbc3128, + 0x58ebf2ef, 0x34c6ffea, 0xfe28ed61, 0xee7c3c73, + 0x5d4a14d9, 0xe864b7e3, 0x42105d14, 0x203e13e0, + 0x45eee2b6, 0xa3aaabea, 0xdb6c4f15, 0xfacb4fd0, + 0xc742f442, 0xef6abbb5, 0x654f3b1d, 0x41cd2105, + 0xd81e799e, 0x86854dc7, 0xe44b476a, 0x3d816250, + 0xcf62a1f2, 0x5b8d2646, 0xfc8883a0, 0xc1c7b6a3, + 0x7f1524c3, 0x69cb7492, 0x47848a0b, 0x5692b285, + 0x095bbf00, 0xad19489d, 0x1462b174, 0x23820e00, + 0x58428d2a, 0x0c55f5ea, 0x1dadf43e, 0x233f7061, + 0x3372f092, 0x8d937e41, 0xd65fecf1, 0x6c223bdb, + 0x7cde3759, 0xcbee7460, 0x4085f2a7, 0xce77326e, + 0xa6078084, 0x19f8509e, 0xe8efd855, 0x61d99735, + 0xa969a7aa, 0xc50c06c2, 0x5a04abfc, 0x800bcadc, + 0x9e447a2e, 0xc3453484, 0xfdd56705, 0x0e1e9ec9, + 0xdb73dbd3, 0x105588cd, 0x675fda79, 0xe3674340, + 0xc5c43465, 0x713e38d8, 0x3d28f89e, 0xf16dff20, + 0x153e21e7, 0x8fb03d4a, 0xe6e39f2b, 0xdb83adf7 + }, { + 0xe93d5a68, 0x948140f7, 0xf64c261c, 0x94692934, + 0x411520f7, 0x7602d4f7, 0xbcf46b2e, 0xd4a20068, + 0xd4082471, 0x3320f46a, 0x43b7d4b7, 0x500061af, + 0x1e39f62e, 0x97244546, 0x14214f74, 0xbf8b8840, + 0x4d95fc1d, 0x96b591af, 0x70f4ddd3, 0x66a02f45, + 0xbfbc09ec, 0x03bd9785, 0x7fac6dd0, 0x31cb8504, + 0x96eb27b3, 0x55fd3941, 0xda2547e6, 0xabca0a9a, + 0x28507825, 0x530429f4, 0x0a2c86da, 0xe9b66dfb, + 0x68dc1462, 0xd7486900, 0x680ec0a4, 0x27a18dee, + 0x4f3ffea2, 0xe887ad8c, 0xb58ce006, 0x7af4d6b6, + 0xaace1e7c, 0xd3375fec, 0xce78a399, 0x406b2a42, + 0x20fe9e35, 0xd9f385b9, 0xee39d7ab, 0x3b124e8b, + 0x1dc9faf7, 0x4b6d1856, 0x26a36631, 0xeae397b2, + 0x3a6efa74, 0xdd5b4332, 0x6841e7f7, 0xca7820fb, + 0xfb0af54e, 0xd8feb397, 0x454056ac, 0xba489527, + 0x55533a3a, 0x20838d87, 0xfe6ba9b7, 0xd096954b, + 0x55a867bc, 0xa1159a58, 0xcca92963, 0x99e1db33, + 0xa62a4a56, 0x3f3125f9, 0x5ef47e1c, 0x9029317c, + 0xfdf8e802, 0x04272f70, 0x80bb155c, 0x05282ce3, + 0x95c11548, 0xe4c66d22, 0x48c1133f, 0xc70f86dc, + 0x07f9c9ee, 0x41041f0f, 0x404779a4, 0x5d886e17, + 0x325f51eb, 0xd59bc0d1, 0xf2bcc18f, 0x41113564, + 0x257b7834, 0x602a9c60, 0xdff8e8a3, 0x1f636c1b, + 0x0e12b4c2, 0x02e1329e, 0xaf664fd1, 0xcad18115, + 0x6b2395e0, 0x333e92e1, 0x3b240b62, 0xeebeb922, + 0x85b2a20e, 0xe6ba0d99, 0xde720c8c, 0x2da2f728, + 0xd0127845, 0x95b794fd, 0x647d0862, 0xe7ccf5f0, + 0x5449a36f, 0x877d48fa, 0xc39dfd27, 0xf33e8d1e, + 0x0a476341, 0x992eff74, 0x3a6f6eab, 0xf4f8fd37, + 0xa812dc60, 0xa1ebddf8, 0x991be14c, 0xdb6e6b0d, + 0xc67b5510, 0x6d672c37, 0x2765d43b, 0xdcd0e804, + 0xf1290dc7, 0xcc00ffa3, 0xb5390f92, 0x690fed0b, + 0x667b9ffb, 0xcedb7d9c, 0xa091cf0b, 0xd9155ea3, + 0xbb132f88, 0x515bad24, 0x7b9479bf, 0x763bd6eb, + 0x37392eb3, 0xcc115979, 0x8026e297, 0xf42e312d, + 0x6842ada7, 0xc66a2b3b, 0x12754ccc, 0x782ef11c, + 0x6a124237, 0xb79251e7, 0x06a1bbe6, 0x4bfb6350, + 0x1a6b1018, 0x11caedfa, 0x3d25bdd8, 0xe2e1c3c9, + 0x44421659, 0x0a121386, 0xd90cec6e, 0xd5abea2a, + 0x64af674e, 0xda86a85f, 0xbebfe988, 0x64e4c3fe, + 0x9dbc8057, 0xf0f7c086, 0x60787bf8, 0x6003604d, + 0xd1fd8346, 0xf6381fb0, 0x7745ae04, 0xd736fccc, + 0x83426b33, 0xf01eab71, 0xb0804187, 0x3c005e5f, + 0x77a057be, 0xbde8ae24, 0x55464299, 0xbf582e61, + 0x4e58f48f, 0xf2ddfda2, 0xf474ef38, 0x8789bdc2, + 0x5366f9c3, 0xc8b38e74, 0xb475f255, 0x46fcd9b9, + 0x7aeb2661, 0x8b1ddf84, 0x846a0e79, 0x915f95e2, + 0x466e598e, 0x20b45770, 0x8cd55591, 0xc902de4c, + 0xb90bace1, 0xbb8205d0, 0x11a86248, 0x7574a99e, + 0xb77f19b6, 0xe0a9dc09, 0x662d09a1, 0xc4324633, + 0xe85a1f02, 0x09f0be8c, 0x4a99a025, 0x1d6efe10, + 0x1ab93d1d, 0x0ba5a4df, 0xa186f20f, 0x2868f169, + 0xdcb7da83, 0x573906fe, 0xa1e2ce9b, 0x4fcd7f52, + 0x50115e01, 0xa70683fa, 0xa002b5c4, 0x0de6d027, + 0x9af88c27, 0x773f8641, 0xc3604c06, 0x61a806b5, + 0xf0177a28, 0xc0f586e0, 0x006058aa, 0x30dc7d62, + 0x11e69ed7, 0x2338ea63, 0x53c2dd94, 0xc2c21634, + 0xbbcbee56, 0x90bcb6de, 0xebfc7da1, 0xce591d76, + 0x6f05e409, 0x4b7c0188, 0x39720a3d, 0x7c927c24, + 0x86e3725f, 0x724d9db9, 0x1ac15bb4, 0xd39eb8fc, + 0xed545578, 0x08fca5b5, 0xd83d7cd3, 0x4dad0fc4, + 0x1e50ef5e, 0xb161e6f8, 0xa28514d9, 0x6c51133c, + 0x6fd5c7e7, 0x56e14ec4, 0x362abfce, 0xddc6c837, + 0xd79a3234, 0x92638212, 0x670efa8e, 0x406000e0 + }, { + 0x3a39ce37, 0xd3faf5cf, 0xabc27737, 0x5ac52d1b, + 0x5cb0679e, 0x4fa33742, 0xd3822740, 0x99bc9bbe, + 0xd5118e9d, 0xbf0f7315, 0xd62d1c7e, 0xc700c47b, + 0xb78c1b6b, 0x21a19045, 0xb26eb1be, 0x6a366eb4, + 0x5748ab2f, 0xbc946e79, 0xc6a376d2, 0x6549c2c8, + 0x530ff8ee, 0x468dde7d, 0xd5730a1d, 0x4cd04dc6, + 0x2939bbdb, 0xa9ba4650, 0xac9526e8, 0xbe5ee304, + 0xa1fad5f0, 0x6a2d519a, 0x63ef8ce2, 0x9a86ee22, + 0xc089c2b8, 0x43242ef6, 0xa51e03aa, 0x9cf2d0a4, + 0x83c061ba, 0x9be96a4d, 0x8fe51550, 0xba645bd6, + 0x2826a2f9, 0xa73a3ae1, 0x4ba99586, 0xef5562e9, + 0xc72fefd3, 0xf752f7da, 0x3f046f69, 0x77fa0a59, + 0x80e4a915, 0x87b08601, 0x9b09e6ad, 0x3b3ee593, + 0xe990fd5a, 0x9e34d797, 0x2cf0b7d9, 0x022b8b51, + 0x96d5ac3a, 0x017da67d, 0xd1cf3ed6, 0x7c7d2d28, + 0x1f9f25cf, 0xadf2b89b, 0x5ad6b472, 0x5a88f54c, + 0xe029ac71, 0xe019a5e6, 0x47b0acfd, 0xed93fa9b, + 0xe8d3c48d, 0x283b57cc, 0xf8d56629, 0x79132e28, + 0x785f0191, 0xed756055, 0xf7960e44, 0xe3d35e8c, + 0x15056dd4, 0x88f46dba, 0x03a16125, 0x0564f0bd, + 0xc3eb9e15, 0x3c9057a2, 0x97271aec, 0xa93a072a, + 0x1b3f6d9b, 0x1e6321f5, 0xf59c66fb, 0x26dcf319, + 0x7533d928, 0xb155fdf5, 0x03563482, 0x8aba3cbb, + 0x28517711, 0xc20ad9f8, 0xabcc5167, 0xccad925f, + 0x4de81751, 0x3830dc8e, 0x379d5862, 0x9320f991, + 0xea7a90c2, 0xfb3e7bce, 0x5121ce64, 0x774fbe32, + 0xa8b6e37e, 0xc3293d46, 0x48de5369, 0x6413e680, + 0xa2ae0810, 0xdd6db224, 0x69852dfd, 0x09072166, + 0xb39a460a, 0x6445c0dd, 0x586cdecf, 0x1c20c8ae, + 0x5bbef7dd, 0x1b588d40, 0xccd2017f, 0x6bb4e3bb, + 0xdda26a7e, 0x3a59ff45, 0x3e350a44, 0xbcb4cdd5, + 0x72eacea8, 0xfa6484bb, 0x8d6612ae, 0xbf3c6f47, + 0xd29be463, 0x542f5d9e, 0xaec2771b, 0xf64e6370, + 0x740e0d8d, 0xe75b1357, 0xf8721671, 0xaf537d5d, + 0x4040cb08, 0x4eb4e2cc, 0x34d2466a, 0x0115af84, + 0xe1b00428, 0x95983a1d, 0x06b89fb4, 0xce6ea048, + 0x6f3f3b82, 0x3520ab82, 0x011a1d4b, 0x277227f8, + 0x611560b1, 0xe7933fdc, 0xbb3a792b, 0x344525bd, + 0xa08839e1, 0x51ce794b, 0x2f32c9b7, 0xa01fbac9, + 0xe01cc87e, 0xbcc7d1f6, 0xcf0111c3, 0xa1e8aac7, + 0x1a908749, 0xd44fbd9a, 0xd0dadecb, 0xd50ada38, + 0x0339c32a, 0xc6913667, 0x8df9317c, 0xe0b12b4f, + 0xf79e59b7, 0x43f5bb3a, 0xf2d519ff, 0x27d9459c, + 0xbf97222c, 0x15e6fc2a, 0x0f91fc71, 0x9b941525, + 0xfae59361, 0xceb69ceb, 0xc2a86459, 0x12baa8d1, + 0xb6c1075e, 0xe3056a0c, 0x10d25065, 0xcb03a442, + 0xe0ec6e0e, 0x1698db3b, 0x4c98a0be, 0x3278e964, + 0x9f1f9532, 0xe0d392df, 0xd3a0342b, 0x8971f21e, + 0x1b0a7441, 0x4ba3348c, 0xc5be7120, 0xc37632d8, + 0xdf359f8d, 0x9b992f2e, 0xe60b6f47, 0x0fe3f11d, + 0xe54cda54, 0x1edad891, 0xce6279cf, 0xcd3e7e6f, + 0x1618b166, 0xfd2c1d05, 0x848fd2c5, 0xf6fb2299, + 0xf523f357, 0xa6327623, 0x93a83531, 0x56cccd02, + 0xacf08162, 0x5a75ebb5, 0x6e163697, 0x88d273cc, + 0xde966292, 0x81b949d0, 0x4c50901b, 0x71c65614, + 0xe6c6c7bd, 0x327a140a, 0x45e1d006, 0xc3f27b9a, + 0xc9aa53fd, 0x62a80f00, 0xbb25bfe2, 0x35bdd2f6, + 0x71126905, 0xb2040222, 0xb6cbcf7c, 0xcd769c2b, + 0x53113ec0, 0x1640e3d3, 0x38abbd60, 0x2547adf0, + 0xba38209c, 0xf746ce76, 0x77afa1c5, 0x20756060, + 0x85cbfe4e, 0x8ae88dd8, 0x7aaaf9b0, 0x4cf9aa7e, + 0x1948c25c, 0x02fb8a8c, 0x01c36ae4, 0xd6ebe1f9, + 0x90d4f869, 0xa65cdea0, 0x3f09252d, 0xc208e69f, + 0xb74e6132, 0xce77e25b, 0x578fdfe3, 0x3ac372e6 + } + }, { + 0x243f6a88, 0x85a308d3, 0x13198a2e, 0x03707344, + 0xa4093822, 0x299f31d0, 0x082efa98, 0xec4e6c89, + 0x452821e6, 0x38d01377, 0xbe5466cf, 0x34e90c6c, + 0xc0ac29b7, 0xc97c50dd, 0x3f84d5b5, 0xb5470917, + 0x9216d5d9, 0x8979fb1b + } +}; + +static unsigned char BF_itoa64[64 + 1] = + "./ABCDEFGHIJKLMNOPQRSTUVWXYZabcdefghijklmnopqrstuvwxyz0123456789"; + +static unsigned char BF_atoi64[0x60] = { + 64, 64, 64, 64, 64, 64, 64, 64, 64, 64, 64, 64, 64, 64, 0, 1, + 54, 55, 56, 57, 58, 59, 60, 61, 62, 63, 64, 64, 64, 64, 64, 64, + 64, 2, 3, 4, 5, 6, 7, 8, 9, 10, 11, 12, 13, 14, 15, 16, + 17, 18, 19, 20, 21, 22, 23, 24, 25, 26, 27, 64, 64, 64, 64, 64, + 64, 28, 29, 30, 31, 32, 33, 34, 35, 36, 37, 38, 39, 40, 41, 42, + 43, 44, 45, 46, 47, 48, 49, 50, 51, 52, 53, 64, 64, 64, 64, 64 +}; + +#define BF_safe_atoi64(dst, src) \ +{ \ + tmp = (unsigned char)(src); \ + if ((unsigned int)(tmp -= 0x20) >= 0x60) return -1; \ + tmp = BF_atoi64[tmp]; \ + if (tmp > 63) return -1; \ + (dst) = tmp; \ +} + +static int BF_decode(BF_word *dst, const char *src, int size) +{ + unsigned char *dptr = (unsigned char *)dst; + unsigned char *end = dptr + size; + const unsigned char *sptr = (const unsigned char *)src; + unsigned int tmp, c1, c2, c3, c4; + + do { + BF_safe_atoi64(c1, *sptr++); + BF_safe_atoi64(c2, *sptr++); + *dptr++ = (c1 << 2) | ((c2 & 0x30) >> 4); + if (dptr >= end) break; + + BF_safe_atoi64(c3, *sptr++); + *dptr++ = ((c2 & 0x0F) << 4) | ((c3 & 0x3C) >> 2); + if (dptr >= end) break; + + BF_safe_atoi64(c4, *sptr++); + *dptr++ = ((c3 & 0x03) << 6) | c4; + } while (dptr < end); + + return 0; +} + +static void BF_encode(char *dst, const BF_word *src, int size) +{ + const unsigned char *sptr = (const unsigned char *)src; + const unsigned char *end = sptr + size; + unsigned char *dptr = (unsigned char *)dst; + unsigned int c1, c2; + + do { + c1 = *sptr++; + *dptr++ = BF_itoa64[c1 >> 2]; + c1 = (c1 & 0x03) << 4; + if (sptr >= end) { + *dptr++ = BF_itoa64[c1]; + break; + } + + c2 = *sptr++; + c1 |= c2 >> 4; + *dptr++ = BF_itoa64[c1]; + c1 = (c2 & 0x0f) << 2; + if (sptr >= end) { + *dptr++ = BF_itoa64[c1]; + break; + } + + c2 = *sptr++; + c1 |= c2 >> 6; + *dptr++ = BF_itoa64[c1]; + *dptr++ = BF_itoa64[c2 & 0x3f]; + } while (sptr < end); +} + +static void BF_swap(BF_word *x, int count) +{ + static int endianness_check = 1; + char *is_little_endian = (char *)&endianness_check; + BF_word tmp; + + if (*is_little_endian) + do { + tmp = *x; + tmp = (tmp << 16) | (tmp >> 16); + *x++ = ((tmp & 0x00FF00FF) << 8) | ((tmp >> 8) & 0x00FF00FF); + } while (--count); +} + +#if BF_SCALE +/* Architectures which can shift addresses left by 2 bits with no extra cost */ +#define BF_ROUND(L, R, N) \ + tmp1 = L & 0xFF; \ + tmp2 = L >> 8; \ + tmp2 &= 0xFF; \ + tmp3 = L >> 16; \ + tmp3 &= 0xFF; \ + tmp4 = L >> 24; \ + tmp1 = data.ctx.S[3][tmp1]; \ + tmp2 = data.ctx.S[2][tmp2]; \ + tmp3 = data.ctx.S[1][tmp3]; \ + tmp3 += data.ctx.S[0][tmp4]; \ + tmp3 ^= tmp2; \ + R ^= data.ctx.P[N + 1]; \ + tmp3 += tmp1; \ + R ^= tmp3; +#else +/* Architectures with no complicated addressing modes supported */ +#define BF_INDEX(S, i) \ + (*((BF_word *)(((unsigned char *)S) + (i)))) +#define BF_ROUND(L, R, N) \ + tmp1 = L & 0xFF; \ + tmp1 <<= 2; \ + tmp2 = L >> 6; \ + tmp2 &= 0x3FC; \ + tmp3 = L >> 14; \ + tmp3 &= 0x3FC; \ + tmp4 = L >> 22; \ + tmp4 &= 0x3FC; \ + tmp1 = BF_INDEX(data.ctx.S[3], tmp1); \ + tmp2 = BF_INDEX(data.ctx.S[2], tmp2); \ + tmp3 = BF_INDEX(data.ctx.S[1], tmp3); \ + tmp3 += BF_INDEX(data.ctx.S[0], tmp4); \ + tmp3 ^= tmp2; \ + R ^= data.ctx.P[N + 1]; \ + tmp3 += tmp1; \ + R ^= tmp3; +#endif + +/* + * Encrypt one block, BF_N is hardcoded here. + */ +#define BF_ENCRYPT \ + L ^= data.ctx.P[0]; \ + BF_ROUND(L, R, 0); \ + BF_ROUND(R, L, 1); \ + BF_ROUND(L, R, 2); \ + BF_ROUND(R, L, 3); \ + BF_ROUND(L, R, 4); \ + BF_ROUND(R, L, 5); \ + BF_ROUND(L, R, 6); \ + BF_ROUND(R, L, 7); \ + BF_ROUND(L, R, 8); \ + BF_ROUND(R, L, 9); \ + BF_ROUND(L, R, 10); \ + BF_ROUND(R, L, 11); \ + BF_ROUND(L, R, 12); \ + BF_ROUND(R, L, 13); \ + BF_ROUND(L, R, 14); \ + BF_ROUND(R, L, 15); \ + tmp4 = R; \ + R = L; \ + L = tmp4 ^ data.ctx.P[BF_N + 1]; + +#if BF_ASM +#define BF_body() \ + _BF_body_r(&data.ctx); +#else +#define BF_body() \ + L = R = 0; \ + ptr = data.ctx.P; \ + do { \ + ptr += 2; \ + BF_ENCRYPT; \ + *(ptr - 2) = L; \ + *(ptr - 1) = R; \ + } while (ptr < &data.ctx.P[BF_N + 2]); \ +\ + ptr = data.ctx.S[0]; \ + do { \ + ptr += 2; \ + BF_ENCRYPT; \ + *(ptr - 2) = L; \ + *(ptr - 1) = R; \ + } while (ptr < &data.ctx.S[3][0xFF]); +#endif + +static void BF_set_key(const char *key, BF_key expanded, BF_key initial, + unsigned char flags) +{ + const char *ptr = key; + unsigned int bug, i, j; + BF_word safety, sign, diff, tmp[2]; + +/* + * There was a sign extension bug in older revisions of this function. While + * we would have liked to simply fix the bug and move on, we have to provide + * a backwards compatibility feature (essentially the bug) for some systems and + * a safety measure for some others. The latter is needed because for certain + * multiple inputs to the buggy algorithm there exist easily found inputs to + * the correct algorithm that produce the same hash. Thus, we optionally + * deviate from the correct algorithm just enough to avoid such collisions. + * While the bug itself affected the majority of passwords containing + * characters with the 8th bit set (although only a percentage of those in a + * collision-producing way), the anti-collision safety measure affects + * only a subset of passwords containing the '\xff' character (not even all of + * those passwords, just some of them). This character is not found in valid + * UTF-8 sequences and is rarely used in popular 8-bit character encodings. + * Thus, the safety measure is unlikely to cause much annoyance, and is a + * reasonable tradeoff to use when authenticating against existing hashes that + * are not reliably known to have been computed with the correct algorithm. + * + * We use an approach that tries to minimize side-channel leaks of password + * information - that is, we mostly use fixed-cost bitwise operations instead + * of branches or table lookups. (One conditional branch based on password + * length remains. It is not part of the bug aftermath, though, and is + * difficult and possibly unreasonable to avoid given the use of C strings by + * the caller, which results in similar timing leaks anyway.) + * + * For actual implementation, we set an array index in the variable "bug" + * (0 means no bug, 1 means sign extension bug emulation) and a flag in the + * variable "safety" (bit 16 is set when the safety measure is requested). + * Valid combinations of settings are: + * + * Prefix "$2a$": bug = 0, safety = 0x10000 + * Prefix "$2b$": bug = 0, safety = 0 + * Prefix "$2x$": bug = 1, safety = 0 + * Prefix "$2y$": bug = 0, safety = 0 + */ + bug = (unsigned int)flags & 1; + safety = ((BF_word)flags & 2) << 15; + + sign = diff = 0; + + for (i = 0; i < BF_N + 2; i++) { + tmp[0] = tmp[1] = 0; + for (j = 0; j < 4; j++) { + tmp[0] <<= 8; + tmp[0] |= (unsigned char)*ptr; /* correct */ + tmp[1] <<= 8; + tmp[1] |= (BF_word_signed)(signed char)*ptr; /* bug */ +/* + * Sign extension in the first char has no effect - nothing to overwrite yet, + * and those extra 24 bits will be fully shifted out of the 32-bit word. For + * chars 2, 3, 4 in each four-char block, we set bit 7 of "sign" if sign + * extension in tmp[1] occurs. Once this flag is set, it remains set. + */ + if (j) + sign |= tmp[1] & 0x80; + if (!*ptr) + ptr = key; + else + ptr++; + } + diff |= tmp[0] ^ tmp[1]; /* Non-zero on any differences */ + + expanded[i] = tmp[bug]; + initial[i] = BF_init_state.P[i] ^ tmp[bug]; + } + +/* + * At this point, "diff" is zero iff the correct and buggy algorithms produced + * exactly the same result. If so and if "sign" is non-zero, which indicates + * that there was a non-benign sign extension, this means that we have a + * collision between the correctly computed hash for this password and a set of + * passwords that could be supplied to the buggy algorithm. Our safety measure + * is meant to protect from such many-buggy to one-correct collisions, by + * deviating from the correct algorithm in such cases. Let's check for this. + */ + diff |= diff >> 16; /* still zero iff exact match */ + diff &= 0xffff; /* ditto */ + diff += 0xffff; /* bit 16 set iff "diff" was non-zero (on non-match) */ + sign <<= 9; /* move the non-benign sign extension flag to bit 16 */ + sign &= ~diff & safety; /* action needed? */ + +/* + * If we have determined that we need to deviate from the correct algorithm, + * flip bit 16 in initial expanded key. (The choice of 16 is arbitrary, but + * let's stick to it now. It came out of the approach we used above, and it's + * not any worse than any other choice we could make.) + * + * It is crucial that we don't do the same to the expanded key used in the main + * Eksblowfish loop. By doing it to only one of these two, we deviate from a + * state that could be directly specified by a password to the buggy algorithm + * (and to the fully correct one as well, but that's a side-effect). + */ + initial[0] ^= sign; +} + +static const unsigned char flags_by_subtype[26] = + {2, 4, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, + 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 1, 4, 0}; + +static char *BF_crypt(const char *key, const char *setting, + char *output, int size, + BF_word min) +{ +#if BF_ASM + extern void _BF_body_r(BF_ctx *ctx); +#endif + struct { + BF_ctx ctx; + BF_key expanded_key; + union { + BF_word salt[4]; + BF_word output[6]; + } binary; + } data; + BF_word L, R; + BF_word tmp1, tmp2, tmp3, tmp4; + BF_word *ptr; + BF_word count; + int i; + + if (size < 7 + 22 + 31 + 1) { + __set_errno(ERANGE); + return NULL; + } + + if (setting[0] != '$' || + setting[1] != '2' || + setting[2] < 'a' || setting[2] > 'z' || + !flags_by_subtype[(unsigned int)(unsigned char)setting[2] - 'a'] || + setting[3] != '$' || + setting[4] < '0' || setting[4] > '3' || + setting[5] < '0' || setting[5] > '9' || + (setting[4] == '3' && setting[5] > '1') || + setting[6] != '$') { + __set_errno(EINVAL); + return NULL; + } + + count = (BF_word)1 << ((setting[4] - '0') * 10 + (setting[5] - '0')); + if (count < min || BF_decode(data.binary.salt, &setting[7], 16)) { + __set_errno(EINVAL); + return NULL; + } + BF_swap(data.binary.salt, 4); + + BF_set_key(key, data.expanded_key, data.ctx.P, + flags_by_subtype[(unsigned int)(unsigned char)setting[2] - 'a']); + + memcpy(data.ctx.S, BF_init_state.S, sizeof(data.ctx.S)); + + L = R = 0; + for (i = 0; i < BF_N + 2; i += 2) { + L ^= data.binary.salt[i & 2]; + R ^= data.binary.salt[(i & 2) + 1]; + BF_ENCRYPT; + data.ctx.P[i] = L; + data.ctx.P[i + 1] = R; + } + + ptr = data.ctx.S[0]; + do { + ptr += 4; + L ^= data.binary.salt[(BF_N + 2) & 3]; + R ^= data.binary.salt[(BF_N + 3) & 3]; + BF_ENCRYPT; + *(ptr - 4) = L; + *(ptr - 3) = R; + + L ^= data.binary.salt[(BF_N + 4) & 3]; + R ^= data.binary.salt[(BF_N + 5) & 3]; + BF_ENCRYPT; + *(ptr - 2) = L; + *(ptr - 1) = R; + } while (ptr < &data.ctx.S[3][0xFF]); + + do { + int done; + + for (i = 0; i < BF_N + 2; i += 2) { + data.ctx.P[i] ^= data.expanded_key[i]; + data.ctx.P[i + 1] ^= data.expanded_key[i + 1]; + } + + done = 0; + do { + BF_body(); + if (done) + break; + done = 1; + + tmp1 = data.binary.salt[0]; + tmp2 = data.binary.salt[1]; + tmp3 = data.binary.salt[2]; + tmp4 = data.binary.salt[3]; + for (i = 0; i < BF_N; i += 4) { + data.ctx.P[i] ^= tmp1; + data.ctx.P[i + 1] ^= tmp2; + data.ctx.P[i + 2] ^= tmp3; + data.ctx.P[i + 3] ^= tmp4; + } + data.ctx.P[16] ^= tmp1; + data.ctx.P[17] ^= tmp2; + } while (1); + } while (--count); + + for (i = 0; i < 6; i += 2) { + L = BF_magic_w[i]; + R = BF_magic_w[i + 1]; + + count = 64; + do { + BF_ENCRYPT; + } while (--count); + + data.binary.output[i] = L; + data.binary.output[i + 1] = R; + } + + memcpy(output, setting, 7 + 22 - 1); + output[7 + 22 - 1] = BF_itoa64[(int) + BF_atoi64[(int)setting[7 + 22 - 1] - 0x20] & 0x30]; + +/* This has to be bug-compatible with the original implementation, so + * only encode 23 of the 24 bytes. :-) */ + BF_swap(data.binary.output, 6); + BF_encode(&output[7 + 22], data.binary.output, 23); + output[7 + 22 + 31] = '\0'; + + return output; +} + +int _crypt_output_magic(const char *setting, char *output, int size) +{ + if (size < 3) + return -1; + + output[0] = '*'; + output[1] = '0'; + output[2] = '\0'; + + if (setting[0] == '*' && setting[1] == '0') + output[1] = '1'; + + return 0; +} + +/* + * Please preserve the runtime self-test. It serves two purposes at once: + * + * 1. We really can't afford the risk of producing incompatible hashes e.g. + * when there's something like gcc bug 26587 again, whereas an application or + * library integrating this code might not also integrate our external tests or + * it might not run them after every build. Even if it does, the miscompile + * might only occur on the production build, but not on a testing build (such + * as because of different optimization settings). It is painful to recover + * from incorrectly-computed hashes - merely fixing whatever broke is not + * enough. Thus, a proactive measure like this self-test is needed. + * + * 2. We don't want to leave sensitive data from our actual password hash + * computation on the stack or in registers. Previous revisions of the code + * would do explicit cleanups, but simply running the self-test after hash + * computation is more reliable. + * + * The performance cost of this quick self-test is around 0.6% at the "$2a$08" + * setting. + */ +char *_crypt_blowfish_rn(const char *key, const char *setting, + char *output, int size) +{ + const char *test_key = "8b \xd0\xc1\xd2\xcf\xcc\xd8"; + const char *test_setting = "$2a$00$abcdefghijklmnopqrstuu"; + static const char * const test_hashes[2] = + {"i1D709vfamulimlGcq0qq3UvuUasvEa\0\x55", /* 'a', 'b', 'y' */ + "VUrPmXD6q/nVSSp7pNDhCR9071IfIRe\0\x55"}; /* 'x' */ + const char *test_hash = test_hashes[0]; + char *retval; + const char *p; + int save_errno, ok; + struct { + char s[7 + 22 + 1]; + char o[7 + 22 + 31 + 1 + 1 + 1]; + } buf; + +/* Hash the supplied password */ + _crypt_output_magic(setting, output, size); + retval = BF_crypt(key, setting, output, size, 16); + save_errno = errno; + +/* + * Do a quick self-test. It is important that we make both calls to BF_crypt() + * from the same scope such that they likely use the same stack locations, + * which makes the second call overwrite the first call's sensitive data on the + * stack and makes it more likely that any alignment related issues would be + * detected by the self-test. + */ + memcpy(buf.s, test_setting, sizeof(buf.s)); + if (retval) { + unsigned int flags = flags_by_subtype[ + (unsigned int)(unsigned char)setting[2] - 'a']; + test_hash = test_hashes[flags & 1]; + buf.s[2] = setting[2]; + } + memset(buf.o, 0x55, sizeof(buf.o)); + buf.o[sizeof(buf.o) - 1] = 0; + p = BF_crypt(test_key, buf.s, buf.o, sizeof(buf.o) - (1 + 1), 1); + + ok = (p == buf.o && + !memcmp(p, buf.s, 7 + 22) && + !memcmp(p + (7 + 22), test_hash, 31 + 1 + 1 + 1)); + + { + const char *k = "\xff\xa3" "34" "\xff\xff\xff\xa3" "345"; + BF_key ae, ai, ye, yi; + BF_set_key(k, ae, ai, 2); /* $2a$ */ + BF_set_key(k, ye, yi, 4); /* $2y$ */ + ai[0] ^= 0x10000; /* undo the safety (for comparison) */ + ok = ok && ai[0] == 0xdb9c59bc && ye[17] == 0x33343500 && + !memcmp(ae, ye, sizeof(ae)) && + !memcmp(ai, yi, sizeof(ai)); + } + + __set_errno(save_errno); + if (ok) + return retval; + +/* Should not happen */ + _crypt_output_magic(setting, output, size); + __set_errno(EINVAL); /* pretend we don't support this hash type */ + return NULL; +} + +char *_crypt_gensalt_blowfish_rn(const char *prefix, unsigned long count, + const char *input, int size, char *output, int output_size) +{ + if (size < 16 || output_size < 7 + 22 + 1 || + (count && (count < 4 || count > 31)) || + prefix[0] != '$' || prefix[1] != '2' || + (prefix[2] != 'a' && prefix[2] != 'b' && prefix[2] != 'y')) { + if (output_size > 0) output[0] = '\0'; + __set_errno((output_size < 7 + 22 + 1) ? ERANGE : EINVAL); + return NULL; + } + + if (!count) count = 5; + + output[0] = '$'; + output[1] = '2'; + output[2] = prefix[2]; + output[3] = '$'; + output[4] = '0' + count / 10; + output[5] = '0' + count % 10; + output[6] = '$'; + + BF_encode(&output[7], (const BF_word *)input, 16); + output[7 + 22] = '\0'; + + return output; +} diff --git a/src/bcrypt/src/crypt_gensalt.c b/src/bcrypt/src/crypt_gensalt.c new file mode 100644 index 000000000..1f0d73da0 --- /dev/null +++ b/src/bcrypt/src/crypt_gensalt.c @@ -0,0 +1,128 @@ +/* + * Written by Solar Designer in 2000-2011. + * No copyright is claimed, and the software is hereby placed in the public + * domain. In case this attempt to disclaim copyright and place the software + * in the public domain is deemed null and void, then the software is + * Copyright (c) 2000-2011 Solar Designer and it is hereby released to the + * general public under the following terms: + * + * Redistribution and use in source and binary forms, with or without + * modification, are permitted. + * + * There's ABSOLUTELY NO WARRANTY, express or implied. + * + * See crypt_blowfish.c for more information. + * + * This file contains salt generation functions for the traditional and + * other common crypt(3) algorithms, except for bcrypt which is defined + * entirely in crypt_blowfish.c. + */ + +#include + +#include +#ifndef __set_errno +#define __set_errno(val) errno = (val) +#endif + +/* Just to make sure the prototypes match the actual definitions */ +#ifdef _WIN32 +#include "../include/bcrypt/crypt_gensalt.h" +#else +#include "crypt_gensalt.h" +#endif + +unsigned char _crypt_itoa64[64 + 1] = + "./0123456789ABCDEFGHIJKLMNOPQRSTUVWXYZabcdefghijklmnopqrstuvwxyz"; + +char *_crypt_gensalt_traditional_rn(const char *prefix, unsigned long count, + const char *input, int size, char *output, int output_size) +{ + (void) prefix; + + if (size < 2 || output_size < 2 + 1 || (count && count != 25)) { + if (output_size > 0) output[0] = '\0'; + __set_errno((output_size < 2 + 1) ? ERANGE : EINVAL); + return NULL; + } + + output[0] = _crypt_itoa64[(unsigned int)input[0] & 0x3f]; + output[1] = _crypt_itoa64[(unsigned int)input[1] & 0x3f]; + output[2] = '\0'; + + return output; +} + +char *_crypt_gensalt_extended_rn(const char *prefix, unsigned long count, + const char *input, int size, char *output, int output_size) +{ + unsigned long value; + + (void) prefix; + +/* Even iteration counts make it easier to detect weak DES keys from a look + * at the hash, so they should be avoided */ + if (size < 3 || output_size < 1 + 4 + 4 + 1 || + (count && (count > 0xffffff || !(count & 1)))) { + if (output_size > 0) output[0] = '\0'; + __set_errno((output_size < 1 + 4 + 4 + 1) ? ERANGE : EINVAL); + return NULL; + } + + if (!count) count = 725; + + output[0] = '_'; + output[1] = _crypt_itoa64[count & 0x3f]; + output[2] = _crypt_itoa64[(count >> 6) & 0x3f]; + output[3] = _crypt_itoa64[(count >> 12) & 0x3f]; + output[4] = _crypt_itoa64[(count >> 18) & 0x3f]; + value = (unsigned long)(unsigned char)input[0] | + ((unsigned long)(unsigned char)input[1] << 8) | + ((unsigned long)(unsigned char)input[2] << 16); + output[5] = _crypt_itoa64[value & 0x3f]; + output[6] = _crypt_itoa64[(value >> 6) & 0x3f]; + output[7] = _crypt_itoa64[(value >> 12) & 0x3f]; + output[8] = _crypt_itoa64[(value >> 18) & 0x3f]; + output[9] = '\0'; + + return output; +} + +char *_crypt_gensalt_md5_rn(const char *prefix, unsigned long count, + const char *input, int size, char *output, int output_size) +{ + unsigned long value; + + (void) prefix; + + if (size < 3 || output_size < 3 + 4 + 1 || (count && count != 1000)) { + if (output_size > 0) output[0] = '\0'; + __set_errno((output_size < 3 + 4 + 1) ? ERANGE : EINVAL); + return NULL; + } + + output[0] = '$'; + output[1] = '1'; + output[2] = '$'; + value = (unsigned long)(unsigned char)input[0] | + ((unsigned long)(unsigned char)input[1] << 8) | + ((unsigned long)(unsigned char)input[2] << 16); + output[3] = _crypt_itoa64[value & 0x3f]; + output[4] = _crypt_itoa64[(value >> 6) & 0x3f]; + output[5] = _crypt_itoa64[(value >> 12) & 0x3f]; + output[6] = _crypt_itoa64[(value >> 18) & 0x3f]; + output[7] = '\0'; + + if (size >= 6 && output_size >= 3 + 4 + 4 + 1) { + value = (unsigned long)(unsigned char)input[3] | + ((unsigned long)(unsigned char)input[4] << 8) | + ((unsigned long)(unsigned char)input[5] << 16); + output[7] = _crypt_itoa64[value & 0x3f]; + output[8] = _crypt_itoa64[(value >> 6) & 0x3f]; + output[9] = _crypt_itoa64[(value >> 12) & 0x3f]; + output[10] = _crypt_itoa64[(value >> 18) & 0x3f]; + output[11] = '\0'; + } + + return output; +} diff --git a/src/bcrypt/src/main.cpp b/src/bcrypt/src/main.cpp new file mode 100644 index 000000000..1d9046b77 --- /dev/null +++ b/src/bcrypt/src/main.cpp @@ -0,0 +1,19 @@ +#include "bcrypt/BCrypt.hpp" +#include + +int main(){ + std::string right_password = "right_password"; + std::string wrong_password = "wrong_password"; + + std::cout << "generate hash... " << std::flush; + std::string hash = BCrypt::generateHash(right_password, 12); + std::cout << "done." << std::endl; + + std::cout << "checking right password: " << std::flush + << BCrypt::validatePassword(right_password,hash) << std::endl; + + std::cout << "checking wrong password: " << std::flush + << BCrypt::validatePassword(wrong_password,hash) << std::endl; + + return 0; +} diff --git a/src/bcrypt/src/wrapper.c b/src/bcrypt/src/wrapper.c new file mode 100644 index 000000000..98ffeecfd --- /dev/null +++ b/src/bcrypt/src/wrapper.c @@ -0,0 +1,563 @@ +/* + * Written by Solar Designer in 2000-2014. + * No copyright is claimed, and the software is hereby placed in the public + * domain. In case this attempt to disclaim copyright and place the software + * in the public domain is deemed null and void, then the software is + * Copyright (c) 2000-2014 Solar Designer and it is hereby released to the + * general public under the following terms: + * + * Redistribution and use in source and binary forms, with or without + * modification, are permitted. + * + * There's ABSOLUTELY NO WARRANTY, express or implied. + * + * See crypt_blowfish.c for more information. + */ + +#include +#include + +#include +#ifndef __set_errno +#define __set_errno(val) errno = (val) +#endif + +#ifdef TEST +#include +#include +#include +#include +#include +#include +#ifdef TEST_THREADS +#include +#endif +#endif + +#define CRYPT_OUTPUT_SIZE (7 + 22 + 31 + 1) +#define CRYPT_GENSALT_OUTPUT_SIZE (7 + 22 + 1) + +#if defined(__GLIBC__) && defined(_LIBC) +#define __SKIP_GNU +#endif + +#ifdef _WIN32 | _WIN64 +#include "../include/bcrypt/ow-crypt.h" + +#include "../include/bcrypt/crypt_blowfish.h" +#include "../include/bcrypt/crypt_gensalt.h" +#else +#include "ow-crypt.h" + +#include "crypt_blowfish.h" +#include "crypt_gensalt.h" +#endif + +#if defined(__GLIBC__) && defined(_LIBC) +/* crypt.h from glibc-crypt-2.1 will define struct crypt_data for us */ +#include "crypt.h" +extern char *__md5_crypt_r(const char *key, const char *salt, + char *buffer, int buflen); +/* crypt-entry.c needs to be patched to define __des_crypt_r rather than + * __crypt_r, and not define crypt_r and crypt at all */ +extern char *__des_crypt_r(const char *key, const char *salt, + struct crypt_data *data); +extern struct crypt_data _ufc_foobar; +#endif + +static int _crypt_data_alloc(void **data, int *size, int need) +{ + void *updated; + + if (*data && *size >= need) return 0; + + updated = realloc(*data, need); + + if (!updated) { +#ifndef __GLIBC__ + /* realloc(3) on glibc sets errno, so we don't need to bother */ + __set_errno(ENOMEM); +#endif + return -1; + } + +#if defined(__GLIBC__) && defined(_LIBC) + if (need >= sizeof(struct crypt_data)) + ((struct crypt_data *)updated)->initialized = 0; +#endif + + *data = updated; + *size = need; + + return 0; +} + +static char *_crypt_retval_magic(char *retval, const char *setting, + char *output, int size) +{ + if (retval) + return retval; + + if (_crypt_output_magic(setting, output, size)) + return NULL; /* shouldn't happen */ + + return output; +} + +#if defined(__GLIBC__) && defined(_LIBC) +/* + * Applications may re-use the same instance of struct crypt_data without + * resetting the initialized field in order to let crypt_r() skip some of + * its initialization code. Thus, it is important that our multiple hashing + * algorithms either don't conflict with each other in their use of the + * data area or reset the initialized field themselves whenever required. + * Currently, the hashing algorithms simply have no conflicts: the first + * field of struct crypt_data is the 128-byte large DES key schedule which + * __des_crypt_r() calculates each time it is called while the two other + * hashing algorithms use less than 128 bytes of the data area. + */ + +char *__crypt_rn(__const char *key, __const char *setting, + void *data, int size) +{ + if (setting[0] == '$' && setting[1] == '2') + return _crypt_blowfish_rn(key, setting, (char *)data, size); + if (setting[0] == '$' && setting[1] == '1') + return __md5_crypt_r(key, setting, (char *)data, size); + if (setting[0] == '$' || setting[0] == '_') { + __set_errno(EINVAL); + return NULL; + } + if (size >= sizeof(struct crypt_data)) + return __des_crypt_r(key, setting, (struct crypt_data *)data); + __set_errno(ERANGE); + return NULL; +} + +char *__crypt_ra(__const char *key, __const char *setting, + void **data, int *size) +{ + if (setting[0] == '$' && setting[1] == '2') { + if (_crypt_data_alloc(data, size, CRYPT_OUTPUT_SIZE)) + return NULL; + return _crypt_blowfish_rn(key, setting, (char *)*data, *size); + } + if (setting[0] == '$' && setting[1] == '1') { + if (_crypt_data_alloc(data, size, CRYPT_OUTPUT_SIZE)) + return NULL; + return __md5_crypt_r(key, setting, (char *)*data, *size); + } + if (setting[0] == '$' || setting[0] == '_') { + __set_errno(EINVAL); + return NULL; + } + if (_crypt_data_alloc(data, size, sizeof(struct crypt_data))) + return NULL; + return __des_crypt_r(key, setting, (struct crypt_data *)*data); +} + +char *__crypt_r(__const char *key, __const char *setting, + struct crypt_data *data) +{ + return _crypt_retval_magic( + __crypt_rn(key, setting, data, sizeof(*data)), + setting, (char *)data, sizeof(*data)); +} + +char *__crypt(__const char *key, __const char *setting) +{ + return _crypt_retval_magic( + __crypt_rn(key, setting, &_ufc_foobar, sizeof(_ufc_foobar)), + setting, (char *)&_ufc_foobar, sizeof(_ufc_foobar)); +} +#else +char *crypt_rn(const char *key, const char *setting, void *data, int size) +{ + return _crypt_blowfish_rn(key, setting, (char *)data, size); +} + +char *crypt_ra(const char *key, const char *setting, + void **data, int *size) +{ + if (_crypt_data_alloc(data, size, CRYPT_OUTPUT_SIZE)) + return NULL; + return _crypt_blowfish_rn(key, setting, (char *)*data, *size); +} + +char *crypt_r(const char *key, const char *setting, void *data) +{ + return _crypt_retval_magic( + crypt_rn(key, setting, data, CRYPT_OUTPUT_SIZE), + setting, (char *)data, CRYPT_OUTPUT_SIZE); +} + +char *crypt(const char *key, const char *setting) +{ + static char output[CRYPT_OUTPUT_SIZE]; + + return _crypt_retval_magic( + crypt_rn(key, setting, output, sizeof(output)), + setting, output, sizeof(output)); +} + +#define __crypt_gensalt_rn crypt_gensalt_rn +#define __crypt_gensalt_ra crypt_gensalt_ra +#define __crypt_gensalt crypt_gensalt +#endif + +char *__crypt_gensalt_rn(const char *prefix, unsigned long count, + const char *input, int size, char *output, int output_size) +{ + char *(*use)(const char *_prefix, unsigned long _count, + const char *_input, int _size, + char *_output, int _output_size); + + /* This may be supported on some platforms in the future */ + if (!input) { + __set_errno(EINVAL); + return NULL; + } + + if (!strncmp(prefix, "$2a$", 4) || !strncmp(prefix, "$2b$", 4) || + !strncmp(prefix, "$2y$", 4)) + use = _crypt_gensalt_blowfish_rn; + else + if (!strncmp(prefix, "$1$", 3)) + use = _crypt_gensalt_md5_rn; + else + if (prefix[0] == '_') + use = _crypt_gensalt_extended_rn; + else + if (!prefix[0] || + (prefix[0] && prefix[1] && + memchr(_crypt_itoa64, prefix[0], 64) && + memchr(_crypt_itoa64, prefix[1], 64))) + use = _crypt_gensalt_traditional_rn; + else { + __set_errno(EINVAL); + return NULL; + } + + return use(prefix, count, input, size, output, output_size); +} + +char *__crypt_gensalt_ra(const char *prefix, unsigned long count, + const char *input, int size) +{ + char output[CRYPT_GENSALT_OUTPUT_SIZE]; + char *retval; + + retval = __crypt_gensalt_rn(prefix, count, + input, size, output, sizeof(output)); + + if (retval) { +#ifdef _WIN32 | _WIN64 + retval = _strdup(retval); +#else + retval = strdup(retval); +#endif +#ifndef __GLIBC__ + /* strdup(3) on glibc sets errno, so we don't need to bother */ + if (!retval) + __set_errno(ENOMEM); +#endif + } + + return retval; +} + +char *__crypt_gensalt(const char *prefix, unsigned long count, + const char *input, int size) +{ + static char output[CRYPT_GENSALT_OUTPUT_SIZE]; + + return __crypt_gensalt_rn(prefix, count, + input, size, output, sizeof(output)); +} + +#if defined(__GLIBC__) && defined(_LIBC) +weak_alias(__crypt_rn, crypt_rn) +weak_alias(__crypt_ra, crypt_ra) +weak_alias(__crypt_r, crypt_r) +weak_alias(__crypt, crypt) +weak_alias(__crypt_gensalt_rn, crypt_gensalt_rn) +weak_alias(__crypt_gensalt_ra, crypt_gensalt_ra) +weak_alias(__crypt_gensalt, crypt_gensalt) +weak_alias(crypt, fcrypt) +#endif + +#ifdef TEST +static const char *tests[][3] = { + {"$2a$05$CCCCCCCCCCCCCCCCCCCCC.E5YPO9kmyuRGyh0XouQYb4YMJKvyOeW", + "U*U"}, + {"$2a$05$CCCCCCCCCCCCCCCCCCCCC.VGOzA784oUp/Z0DY336zx7pLYAy0lwK", + "U*U*"}, + {"$2a$05$XXXXXXXXXXXXXXXXXXXXXOAcXxm9kjPGEMsLznoKqmqw7tc8WCx4a", + "U*U*U"}, + {"$2a$05$abcdefghijklmnopqrstuu5s2v8.iXieOjg/.AySBTTZIIVFJeBui", + "0123456789abcdefghijklmnopqrstuvwxyz" + "ABCDEFGHIJKLMNOPQRSTUVWXYZ0123456789" + "chars after 72 are ignored"}, + {"$2x$05$/OK.fbVrR/bpIqNJ5ianF.CE5elHaaO4EbggVDjb8P19RukzXSM3e", + "\xa3"}, + {"$2x$05$/OK.fbVrR/bpIqNJ5ianF.CE5elHaaO4EbggVDjb8P19RukzXSM3e", + "\xff\xff\xa3"}, + {"$2y$05$/OK.fbVrR/bpIqNJ5ianF.CE5elHaaO4EbggVDjb8P19RukzXSM3e", + "\xff\xff\xa3"}, + {"$2a$05$/OK.fbVrR/bpIqNJ5ianF.nqd1wy.pTMdcvrRWxyiGL2eMz.2a85.", + "\xff\xff\xa3"}, + {"$2b$05$/OK.fbVrR/bpIqNJ5ianF.CE5elHaaO4EbggVDjb8P19RukzXSM3e", + "\xff\xff\xa3"}, + {"$2y$05$/OK.fbVrR/bpIqNJ5ianF.Sa7shbm4.OzKpvFnX1pQLmQW96oUlCq", + "\xa3"}, + {"$2a$05$/OK.fbVrR/bpIqNJ5ianF.Sa7shbm4.OzKpvFnX1pQLmQW96oUlCq", + "\xa3"}, + {"$2b$05$/OK.fbVrR/bpIqNJ5ianF.Sa7shbm4.OzKpvFnX1pQLmQW96oUlCq", + "\xa3"}, + {"$2x$05$/OK.fbVrR/bpIqNJ5ianF.o./n25XVfn6oAPaUvHe.Csk4zRfsYPi", + "1\xa3" "345"}, + {"$2x$05$/OK.fbVrR/bpIqNJ5ianF.o./n25XVfn6oAPaUvHe.Csk4zRfsYPi", + "\xff\xa3" "345"}, + {"$2x$05$/OK.fbVrR/bpIqNJ5ianF.o./n25XVfn6oAPaUvHe.Csk4zRfsYPi", + "\xff\xa3" "34" "\xff\xff\xff\xa3" "345"}, + {"$2y$05$/OK.fbVrR/bpIqNJ5ianF.o./n25XVfn6oAPaUvHe.Csk4zRfsYPi", + "\xff\xa3" "34" "\xff\xff\xff\xa3" "345"}, + {"$2a$05$/OK.fbVrR/bpIqNJ5ianF.ZC1JEJ8Z4gPfpe1JOr/oyPXTWl9EFd.", + "\xff\xa3" "34" "\xff\xff\xff\xa3" "345"}, + {"$2y$05$/OK.fbVrR/bpIqNJ5ianF.nRht2l/HRhr6zmCp9vYUvvsqynflf9e", + "\xff\xa3" "345"}, + {"$2a$05$/OK.fbVrR/bpIqNJ5ianF.nRht2l/HRhr6zmCp9vYUvvsqynflf9e", + "\xff\xa3" "345"}, + {"$2a$05$/OK.fbVrR/bpIqNJ5ianF.6IflQkJytoRVc1yuaNtHfiuq.FRlSIS", + "\xa3" "ab"}, + {"$2x$05$/OK.fbVrR/bpIqNJ5ianF.6IflQkJytoRVc1yuaNtHfiuq.FRlSIS", + "\xa3" "ab"}, + {"$2y$05$/OK.fbVrR/bpIqNJ5ianF.6IflQkJytoRVc1yuaNtHfiuq.FRlSIS", + "\xa3" "ab"}, + {"$2x$05$6bNw2HLQYeqHYyBfLMsv/OiwqTymGIGzFsA4hOTWebfehXHNprcAS", + "\xd1\x91"}, + {"$2x$05$6bNw2HLQYeqHYyBfLMsv/O9LIGgn8OMzuDoHfof8AQimSGfcSWxnS", + "\xd0\xc1\xd2\xcf\xcc\xd8"}, + {"$2a$05$/OK.fbVrR/bpIqNJ5ianF.swQOIzjOiJ9GHEPuhEkvqrUyvWhEMx6", + "\xaa\xaa\xaa\xaa\xaa\xaa\xaa\xaa\xaa\xaa\xaa\xaa" + "\xaa\xaa\xaa\xaa\xaa\xaa\xaa\xaa\xaa\xaa\xaa\xaa" + "\xaa\xaa\xaa\xaa\xaa\xaa\xaa\xaa\xaa\xaa\xaa\xaa" + "\xaa\xaa\xaa\xaa\xaa\xaa\xaa\xaa\xaa\xaa\xaa\xaa" + "\xaa\xaa\xaa\xaa\xaa\xaa\xaa\xaa\xaa\xaa\xaa\xaa" + "\xaa\xaa\xaa\xaa\xaa\xaa\xaa\xaa\xaa\xaa\xaa\xaa" + "chars after 72 are ignored as usual"}, + {"$2a$05$/OK.fbVrR/bpIqNJ5ianF.R9xrDjiycxMbQE2bp.vgqlYpW5wx2yy", + "\xaa\x55\xaa\x55\xaa\x55\xaa\x55\xaa\x55\xaa\x55" + "\xaa\x55\xaa\x55\xaa\x55\xaa\x55\xaa\x55\xaa\x55" + "\xaa\x55\xaa\x55\xaa\x55\xaa\x55\xaa\x55\xaa\x55" + "\xaa\x55\xaa\x55\xaa\x55\xaa\x55\xaa\x55\xaa\x55" + "\xaa\x55\xaa\x55\xaa\x55\xaa\x55\xaa\x55\xaa\x55" + "\xaa\x55\xaa\x55\xaa\x55\xaa\x55\xaa\x55\xaa\x55"}, + {"$2a$05$/OK.fbVrR/bpIqNJ5ianF.9tQZzcJfm3uj2NvJ/n5xkhpqLrMpWCe", + "\x55\xaa\xff\x55\xaa\xff\x55\xaa\xff\x55\xaa\xff" + "\x55\xaa\xff\x55\xaa\xff\x55\xaa\xff\x55\xaa\xff" + "\x55\xaa\xff\x55\xaa\xff\x55\xaa\xff\x55\xaa\xff" + "\x55\xaa\xff\x55\xaa\xff\x55\xaa\xff\x55\xaa\xff" + "\x55\xaa\xff\x55\xaa\xff\x55\xaa\xff\x55\xaa\xff" + "\x55\xaa\xff\x55\xaa\xff\x55\xaa\xff\x55\xaa\xff"}, + {"$2a$05$CCCCCCCCCCCCCCCCCCCCC.7uG0VCzI2bS7j6ymqJi9CdcdxiRTWNy", + ""}, + {"*0", "", "$2a$03$CCCCCCCCCCCCCCCCCCCCC."}, + {"*0", "", "$2a$32$CCCCCCCCCCCCCCCCCCCCC."}, + {"*0", "", "$2c$05$CCCCCCCCCCCCCCCCCCCCC."}, + {"*0", "", "$2z$05$CCCCCCCCCCCCCCCCCCCCC."}, + {"*0", "", "$2`$05$CCCCCCCCCCCCCCCCCCCCC."}, + {"*0", "", "$2{$05$CCCCCCCCCCCCCCCCCCCCC."}, + {"*1", "", "*0"}, + {NULL} +}; + +#define which tests[0] + +static volatile sig_atomic_t running; + +static void handle_timer(int signum) +{ + (void) signum; + running = 0; +} + +static void *run(void *arg) +{ + unsigned long count = 0; + int i = 0; + void *data = NULL; + int size = 0x12345678; + + do { + const char *hash = tests[i][0]; + const char *key = tests[i][1]; + const char *setting = tests[i][2]; + + if (!tests[++i][0]) + i = 0; + + if (setting && strlen(hash) < 30) /* not for benchmark */ + continue; + + if (strcmp(crypt_ra(key, hash, &data, &size), hash)) { + printf("%d: FAILED (crypt_ra/%d/%lu)\n", + (int)((char *)arg - (char *)0), i, count); + free(data); + return NULL; + } + count++; + } while (running); + + free(data); + return count + (char *)0; +} + +int main(void) +{ + struct itimerval it; + struct tms buf; + clock_t clk_tck, start_real, start_virtual, end_real, end_virtual; + unsigned long count; + void *data; + int size; + char *setting1, *setting2; + int i; +#ifdef TEST_THREADS + pthread_t t[TEST_THREADS]; + void *t_retval; +#endif + + data = NULL; + size = 0x12345678; + + for (i = 0; tests[i][0]; i++) { + const char *hash = tests[i][0]; + const char *key = tests[i][1]; + const char *setting = tests[i][2]; + const char *p; + int ok = !setting || strlen(hash) >= 30; + int o_size; + char s_buf[30], o_buf[61]; + if (!setting) { + memcpy(s_buf, hash, sizeof(s_buf) - 1); + s_buf[sizeof(s_buf) - 1] = 0; + setting = s_buf; + } + + __set_errno(0); + p = crypt(key, setting); + if ((!ok && !errno) || strcmp(p, hash)) { + printf("FAILED (crypt/%d)\n", i); + return 1; + } + + if (ok && strcmp(crypt(key, hash), hash)) { + printf("FAILED (crypt/%d)\n", i); + return 1; + } + + for (o_size = -1; o_size <= (int)sizeof(o_buf); o_size++) { + int ok_n = ok && o_size == (int)sizeof(o_buf); + const char *x = "abc"; + strcpy(o_buf, x); + if (o_size >= 3) { + x = "*0"; + if (setting[0] == '*' && setting[1] == '0') + x = "*1"; + } + __set_errno(0); + p = crypt_rn(key, setting, o_buf, o_size); + if ((ok_n && (!p || strcmp(p, hash))) || + (!ok_n && (!errno || p || strcmp(o_buf, x)))) { + printf("FAILED (crypt_rn/%d)\n", i); + return 1; + } + } + + __set_errno(0); + p = crypt_ra(key, setting, &data, &size); + if ((ok && (!p || strcmp(p, hash))) || + (!ok && (!errno || p || strcmp((char *)data, hash)))) { + printf("FAILED (crypt_ra/%d)\n", i); + return 1; + } + } + + setting1 = crypt_gensalt(which[0], 12, data, size); + if (!setting1 || strncmp(setting1, "$2a$12$", 7)) { + puts("FAILED (crypt_gensalt)\n"); + return 1; + } + + setting2 = crypt_gensalt_ra(setting1, 12, data, size); + if (strcmp(setting1, setting2)) { + puts("FAILED (crypt_gensalt_ra/1)\n"); + return 1; + } + + (*(char *)data)++; + setting1 = crypt_gensalt_ra(setting2, 12, data, size); + if (!strcmp(setting1, setting2)) { + puts("FAILED (crypt_gensalt_ra/2)\n"); + return 1; + } + + free(setting1); + free(setting2); + free(data); + +#if defined(_SC_CLK_TCK) || !defined(CLK_TCK) + clk_tck = sysconf(_SC_CLK_TCK); +#else + clk_tck = CLK_TCK; +#endif + + running = 1; + signal(SIGALRM, handle_timer); + + memset(&it, 0, sizeof(it)); + it.it_value.tv_sec = 5; + setitimer(ITIMER_REAL, &it, NULL); + + start_real = times(&buf); + start_virtual = buf.tms_utime + buf.tms_stime; + + count = (char *)run((char *)0) - (char *)0; + + end_real = times(&buf); + end_virtual = buf.tms_utime + buf.tms_stime; + if (end_virtual == start_virtual) end_virtual++; + + printf("%.1f c/s real, %.1f c/s virtual\n", + (float)count * clk_tck / (end_real - start_real), + (float)count * clk_tck / (end_virtual - start_virtual)); + +#ifdef TEST_THREADS + running = 1; + it.it_value.tv_sec = 60; + setitimer(ITIMER_REAL, &it, NULL); + start_real = times(&buf); + + for (i = 0; i < TEST_THREADS; i++) + if (pthread_create(&t[i], NULL, run, i + (char *)0)) { + perror("pthread_create"); + return 1; + } + + for (i = 0; i < TEST_THREADS; i++) { + if (pthread_join(t[i], &t_retval)) { + perror("pthread_join"); + continue; + } + if (!t_retval) continue; + count = (char *)t_retval - (char *)0; + end_real = times(&buf); + printf("%d: %.1f c/s real\n", i, + (float)count * clk_tck / (end_real - start_real)); + } +#endif + + return 0; +} +#endif diff --git a/src/bcrypt/src/x86.S b/src/bcrypt/src/x86.S new file mode 100644 index 000000000..3dc8d008b --- /dev/null +++ b/src/bcrypt/src/x86.S @@ -0,0 +1,202 @@ +/* + * Written by Solar Designer in 1998-2010. + * No copyright is claimed, and the software is hereby placed in the public + * domain. In case this attempt to disclaim copyright and place the software + * in the public domain is deemed null and void, then the software is + * Copyright (c) 1998-2010 Solar Designer and it is hereby released to the + * general public under the following terms: + * + * Redistribution and use in source and binary forms, with or without + * modification, are permitted. + * + * There's ABSOLUTELY NO WARRANTY, express or implied. + * + * See crypt_blowfish.c for more information. + */ + +#ifdef __i386__ + +#if defined(__OpenBSD__) && !defined(__ELF__) +#define UNDERSCORES +#define ALIGN_LOG +#endif + +#if defined(__CYGWIN32__) || defined(__MINGW32__) +#define UNDERSCORES +#endif + +#ifdef __DJGPP__ +#define UNDERSCORES +#define ALIGN_LOG +#endif + +#ifdef UNDERSCORES +#define _BF_body_r __BF_body_r +#endif + +#ifdef ALIGN_LOG +#define DO_ALIGN(log) .align (log) +#elif defined(DUMBAS) +#define DO_ALIGN(log) .align 1 << log +#else +#define DO_ALIGN(log) .align (1 << (log)) +#endif + +#define BF_FRAME 0x200 +#define ctx %esp + +#define BF_ptr (ctx) + +#define S(N, r) N+BF_FRAME(ctx,r,4) +#ifdef DUMBAS +#define P(N) 0x1000+N+N+N+N+BF_FRAME(ctx) +#else +#define P(N) 0x1000+4*N+BF_FRAME(ctx) +#endif + +/* + * This version of the assembly code is optimized primarily for the original + * Intel Pentium but is also careful to avoid partial register stalls on the + * Pentium Pro family of processors (tested up to Pentium III Coppermine). + * + * It is possible to do 15% faster on the Pentium Pro family and probably on + * many non-Intel x86 processors, but, unfortunately, that would make things + * twice slower for the original Pentium. + * + * An additional 2% speedup may be achieved with non-reentrant code. + */ + +#define L %esi +#define R %edi +#define tmp1 %eax +#define tmp1_lo %al +#define tmp2 %ecx +#define tmp2_hi %ch +#define tmp3 %edx +#define tmp3_lo %dl +#define tmp4 %ebx +#define tmp4_hi %bh +#define tmp5 %ebp + +.text + +#define BF_ROUND(L, R, N) \ + xorl L,tmp2; \ + xorl tmp1,tmp1; \ + movl tmp2,L; \ + shrl $16,tmp2; \ + movl L,tmp4; \ + movb tmp2_hi,tmp1_lo; \ + andl $0xFF,tmp2; \ + movb tmp4_hi,tmp3_lo; \ + andl $0xFF,tmp4; \ + movl S(0,tmp1),tmp1; \ + movl S(0x400,tmp2),tmp5; \ + addl tmp5,tmp1; \ + movl S(0x800,tmp3),tmp5; \ + xorl tmp5,tmp1; \ + movl S(0xC00,tmp4),tmp5; \ + addl tmp1,tmp5; \ + movl 4+P(N),tmp2; \ + xorl tmp5,R + +#define BF_ENCRYPT_START \ + BF_ROUND(L, R, 0); \ + BF_ROUND(R, L, 1); \ + BF_ROUND(L, R, 2); \ + BF_ROUND(R, L, 3); \ + BF_ROUND(L, R, 4); \ + BF_ROUND(R, L, 5); \ + BF_ROUND(L, R, 6); \ + BF_ROUND(R, L, 7); \ + BF_ROUND(L, R, 8); \ + BF_ROUND(R, L, 9); \ + BF_ROUND(L, R, 10); \ + BF_ROUND(R, L, 11); \ + BF_ROUND(L, R, 12); \ + BF_ROUND(R, L, 13); \ + BF_ROUND(L, R, 14); \ + BF_ROUND(R, L, 15); \ + movl BF_ptr,tmp5; \ + xorl L,tmp2; \ + movl P(17),L + +#define BF_ENCRYPT_END \ + xorl R,L; \ + movl tmp2,R + +DO_ALIGN(5) +.globl _BF_body_r +_BF_body_r: + movl 4(%esp),%eax + pushl %ebp + pushl %ebx + pushl %esi + pushl %edi + subl $BF_FRAME-8,%eax + xorl L,L + cmpl %esp,%eax + ja BF_die + xchgl %eax,%esp + xorl R,R + pushl %eax + leal 0x1000+BF_FRAME-4(ctx),%eax + movl 0x1000+BF_FRAME-4(ctx),tmp2 + pushl %eax + xorl tmp3,tmp3 +BF_loop_P: + BF_ENCRYPT_START + addl $8,tmp5 + BF_ENCRYPT_END + leal 0x1000+18*4+BF_FRAME(ctx),tmp1 + movl tmp5,BF_ptr + cmpl tmp5,tmp1 + movl L,-8(tmp5) + movl R,-4(tmp5) + movl P(0),tmp2 + ja BF_loop_P + leal BF_FRAME(ctx),tmp5 + xorl tmp3,tmp3 + movl tmp5,BF_ptr +BF_loop_S: + BF_ENCRYPT_START + BF_ENCRYPT_END + movl P(0),tmp2 + movl L,(tmp5) + movl R,4(tmp5) + BF_ENCRYPT_START + BF_ENCRYPT_END + movl P(0),tmp2 + movl L,8(tmp5) + movl R,12(tmp5) + BF_ENCRYPT_START + BF_ENCRYPT_END + movl P(0),tmp2 + movl L,16(tmp5) + movl R,20(tmp5) + BF_ENCRYPT_START + addl $32,tmp5 + BF_ENCRYPT_END + leal 0x1000+BF_FRAME(ctx),tmp1 + movl tmp5,BF_ptr + cmpl tmp5,tmp1 + movl P(0),tmp2 + movl L,-8(tmp5) + movl R,-4(tmp5) + ja BF_loop_S + movl 4(%esp),%esp + popl %edi + popl %esi + popl %ebx + popl %ebp + ret + +BF_die: +/* Oops, need to re-compile with a larger BF_FRAME. */ + hlt + jmp BF_die + +#if defined(__ELF__) && defined(__linux__) +.section .note.GNU-stack,"",@progbits +#endif +#endif diff --git a/src/bcrypt/vs2017/libbcrypt/libbcrypt.sln b/src/bcrypt/vs2017/libbcrypt/libbcrypt.sln new file mode 100644 index 000000000..38c2d4047 --- /dev/null +++ b/src/bcrypt/vs2017/libbcrypt/libbcrypt.sln @@ -0,0 +1,41 @@ + +Microsoft Visual Studio Solution File, Format Version 12.00 +# Visual Studio 15 +VisualStudioVersion = 15.0.28307.136 +MinimumVisualStudioVersion = 10.0.40219.1 +Project("{8BC9CEB8-8B4A-11D0-8D11-00A0C91BC942}") = "libbcrypt", "libbcrypt.vcxproj", "{D6A9A3F3-1312-4494-85B8-7CE7DD4D78F4}" +EndProject +Project("{8BC9CEB8-8B4A-11D0-8D11-00A0C91BC942}") = "test", "..\test\test.vcxproj", "{C6B1CF6E-88DF-4109-9EF4-06CBA5BD5B68}" +EndProject +Global + GlobalSection(SolutionConfigurationPlatforms) = preSolution + Debug|x64 = Debug|x64 + Debug|x86 = Debug|x86 + Release|x64 = Release|x64 + Release|x86 = Release|x86 + EndGlobalSection + GlobalSection(ProjectConfigurationPlatforms) = postSolution + {D6A9A3F3-1312-4494-85B8-7CE7DD4D78F4}.Debug|x64.ActiveCfg = Debug|x64 + {D6A9A3F3-1312-4494-85B8-7CE7DD4D78F4}.Debug|x64.Build.0 = Debug|x64 + {D6A9A3F3-1312-4494-85B8-7CE7DD4D78F4}.Debug|x86.ActiveCfg = Debug|Win32 + {D6A9A3F3-1312-4494-85B8-7CE7DD4D78F4}.Debug|x86.Build.0 = Debug|Win32 + {D6A9A3F3-1312-4494-85B8-7CE7DD4D78F4}.Release|x64.ActiveCfg = Release|x64 + {D6A9A3F3-1312-4494-85B8-7CE7DD4D78F4}.Release|x64.Build.0 = Release|x64 + {D6A9A3F3-1312-4494-85B8-7CE7DD4D78F4}.Release|x86.ActiveCfg = Release|Win32 + {D6A9A3F3-1312-4494-85B8-7CE7DD4D78F4}.Release|x86.Build.0 = Release|Win32 + {C6B1CF6E-88DF-4109-9EF4-06CBA5BD5B68}.Debug|x64.ActiveCfg = Debug|x64 + {C6B1CF6E-88DF-4109-9EF4-06CBA5BD5B68}.Debug|x64.Build.0 = Debug|x64 + {C6B1CF6E-88DF-4109-9EF4-06CBA5BD5B68}.Debug|x86.ActiveCfg = Debug|Win32 + {C6B1CF6E-88DF-4109-9EF4-06CBA5BD5B68}.Debug|x86.Build.0 = Debug|Win32 + {C6B1CF6E-88DF-4109-9EF4-06CBA5BD5B68}.Release|x64.ActiveCfg = Release|x64 + {C6B1CF6E-88DF-4109-9EF4-06CBA5BD5B68}.Release|x64.Build.0 = Release|x64 + {C6B1CF6E-88DF-4109-9EF4-06CBA5BD5B68}.Release|x86.ActiveCfg = Release|Win32 + {C6B1CF6E-88DF-4109-9EF4-06CBA5BD5B68}.Release|x86.Build.0 = Release|Win32 + EndGlobalSection + GlobalSection(SolutionProperties) = preSolution + HideSolutionNode = FALSE + EndGlobalSection + GlobalSection(ExtensibilityGlobals) = postSolution + SolutionGuid = {2DB786F9-9679-4A72-A4A0-2544E42B78CB} + EndGlobalSection +EndGlobal diff --git a/src/bcrypt/vs2017/libbcrypt/libbcrypt.vcxproj b/src/bcrypt/vs2017/libbcrypt/libbcrypt.vcxproj new file mode 100644 index 000000000..577af5635 --- /dev/null +++ b/src/bcrypt/vs2017/libbcrypt/libbcrypt.vcxproj @@ -0,0 +1,135 @@ + + + + + Debug + Win32 + + + Release + Win32 + + + Debug + x64 + + + Release + x64 + + + + 15.0 + {D6A9A3F3-1312-4494-85B8-7CE7DD4D78F4} + libbcrypt + 10.0.17763.0 + + + + StaticLibrary + true + v141 + MultiByte + + + Application + false + v141 + true + MultiByte + + + Application + true + v141 + MultiByte + + + Application + false + v141 + true + MultiByte + + + + + + + + + + + + + + + + + + + + + + + Level3 + Disabled + true + true + + + + + Level3 + Disabled + true + true + + + + + Level3 + MaxSpeed + true + true + true + true + + + true + true + + + + + Level3 + MaxSpeed + true + true + true + true + + + true + true + + + + + + + + + + + + + + + + + + + + + \ No newline at end of file diff --git a/src/bcrypt/vs2017/libbcrypt/libbcrypt.vcxproj.filters b/src/bcrypt/vs2017/libbcrypt/libbcrypt.vcxproj.filters new file mode 100644 index 000000000..e30024695 --- /dev/null +++ b/src/bcrypt/vs2017/libbcrypt/libbcrypt.vcxproj.filters @@ -0,0 +1,54 @@ + + + + + {4FC737F1-C7A5-4376-A066-2A32D752A2FF} + cpp;c;cc;cxx;def;odl;idl;hpj;bat;asm;asmx + + + {93995380-89BD-4b04-88EB-625FBE52EBFB} + h;hh;hpp;hxx;hm;inl;inc;ipp;xsd + + + {67DA6AB6-F800-4c08-8B7A-83BB121AAD01} + rc;ico;cur;bmp;dlg;rc2;rct;bin;rgs;gif;jpg;jpeg;jpe;resx;tiff;tif;png;wav;mfcribbon-ms + + + + + Source Files + + + Source Files + + + Source Files + + + Source Files + + + + + Header Files + + + Header Files + + + Header Files + + + Header Files + + + Header Files + + + Header Files + + + Header Files + + + \ No newline at end of file diff --git a/src/bcrypt/vs2017/test/main.cpp b/src/bcrypt/vs2017/test/main.cpp new file mode 100644 index 000000000..fac9b7134 --- /dev/null +++ b/src/bcrypt/vs2017/test/main.cpp @@ -0,0 +1,22 @@ +#include "../../include/bcrypt/BCrypt.hpp" +#include + +using namespace std; + +int main() { + string right_password = "right_password"; + string wrong_password = "wrong_password"; + + cout << "generate hash... " << flush; + string hash = BCrypt::generateHash(right_password, 12); + cout << "done." << endl; + + cout << "checking right password: " << flush + << BCrypt::validatePassword(right_password, hash) << endl; + + cout << "checking wrong password: " << flush + << BCrypt::validatePassword(wrong_password, hash) << endl; + + system("pause"); + return 0; +} diff --git a/src/bcrypt/vs2017/test/test.vcxproj b/src/bcrypt/vs2017/test/test.vcxproj new file mode 100644 index 000000000..a05b3cf6e --- /dev/null +++ b/src/bcrypt/vs2017/test/test.vcxproj @@ -0,0 +1,131 @@ + + + + + Debug + Win32 + + + Release + Win32 + + + Debug + x64 + + + Release + x64 + + + + + + + + {d6a9a3f3-1312-4494-85b8-7ce7dd4d78f4} + + + + 15.0 + {C6B1CF6E-88DF-4109-9EF4-06CBA5BD5B68} + test + 10.0.17763.0 + + + + Application + true + v141 + MultiByte + + + Application + false + v141 + true + MultiByte + + + Application + true + v141 + MultiByte + + + Application + false + v141 + true + MultiByte + + + + + + + + + + + + + + + + + + + + + + + Level3 + Disabled + true + true + + + ../libbcrypt/Debug/libbcrypt.lib;%(AdditionalDependencies) + + + + + Level3 + Disabled + true + true + + + + + Level3 + MaxSpeed + true + true + true + true + + + true + true + + + + + Level3 + MaxSpeed + true + true + true + true + + + true + true + + + + + + \ No newline at end of file diff --git a/src/bcrypt/vs2017/test/test.vcxproj.filters b/src/bcrypt/vs2017/test/test.vcxproj.filters new file mode 100644 index 000000000..128a38664 --- /dev/null +++ b/src/bcrypt/vs2017/test/test.vcxproj.filters @@ -0,0 +1,22 @@ + + + + + {4FC737F1-C7A5-4376-A066-2A32D752A2FF} + cpp;c;cc;cxx;def;odl;idl;hpj;bat;asm;asmx + + + {93995380-89BD-4b04-88EB-625FBE52EBFB} + h;hh;hpp;hxx;hm;inl;inc;ipp;xsd + + + {67DA6AB6-F800-4c08-8B7A-83BB121AAD01} + rc;ico;cur;bmp;dlg;rc2;rct;bin;rgs;gif;jpg;jpeg;jpe;resx;tiff;tif;png;wav;mfcribbon-ms + + + + + Source Files + + + \ No newline at end of file diff --git a/src/jwt-cpp/BaseTest.cpp b/src/jwt-cpp/BaseTest.cpp new file mode 100644 index 000000000..aceeb38d4 --- /dev/null +++ b/src/jwt-cpp/BaseTest.cpp @@ -0,0 +1,30 @@ +#include +#include "include/jwt-cpp/base.h" + +TEST(BaseTest, Base64Decode) { + ASSERT_EQ("1", jwt::base::decode("MQ==")); + ASSERT_EQ("12", jwt::base::decode("MTI=")); + ASSERT_EQ("123", jwt::base::decode("MTIz")); + ASSERT_EQ("1234", jwt::base::decode("MTIzNA==")); +} + +TEST(BaseTest, Base64DecodeURL) { + ASSERT_EQ("1", jwt::base::decode("MQ%3d%3d")); + ASSERT_EQ("12", jwt::base::decode("MTI%3d")); + ASSERT_EQ("123", jwt::base::decode("MTIz")); + ASSERT_EQ("1234", jwt::base::decode("MTIzNA%3d%3d")); +} + +TEST(BaseTest, Base64Encode) { + ASSERT_EQ("MQ==", jwt::base::encode("1")); + ASSERT_EQ("MTI=", jwt::base::encode("12")); + ASSERT_EQ("MTIz", jwt::base::encode("123")); + ASSERT_EQ("MTIzNA==", jwt::base::encode("1234")); +} + +TEST(BaseTest, Base64EncodeURL) { + ASSERT_EQ("MQ%3d%3d", jwt::base::encode("1")); + ASSERT_EQ("MTI%3d", jwt::base::encode("12")); + ASSERT_EQ("MTIz", jwt::base::encode("123")); + ASSERT_EQ("MTIzNA%3d%3d", jwt::base::encode("1234")); +} \ No newline at end of file diff --git a/src/jwt-cpp/ClaimTest.cpp b/src/jwt-cpp/ClaimTest.cpp new file mode 100644 index 000000000..749edf2ef --- /dev/null +++ b/src/jwt-cpp/ClaimTest.cpp @@ -0,0 +1,33 @@ +#include +#include "include/jwt-cpp/jwt.h" + +TEST(ClaimTest, AudienceAsString) { + std::string token = "eyJhbGciOiJIUzI1NiIsInR5cCI6IkpXVCJ9.eyJhdWQiOiJ0ZXN0In0.WZnM3SIiSRHsbO3O7Z2bmIzTJ4EC32HRBKfLznHhrh4"; + auto decoded = jwt::decode(token); + + ASSERT_TRUE(decoded.has_algorithm()); + ASSERT_TRUE(decoded.has_type()); + ASSERT_FALSE(decoded.has_content_type()); + ASSERT_FALSE(decoded.has_key_id()); + ASSERT_FALSE(decoded.has_issuer()); + ASSERT_FALSE(decoded.has_subject()); + ASSERT_TRUE(decoded.has_audience()); + ASSERT_FALSE(decoded.has_expires_at()); + ASSERT_FALSE(decoded.has_not_before()); + ASSERT_FALSE(decoded.has_issued_at()); + ASSERT_FALSE(decoded.has_id()); + + ASSERT_EQ("HS256", decoded.get_algorithm()); + ASSERT_EQ("JWT", decoded.get_type()); + auto aud = decoded.get_audience(); + ASSERT_EQ(1, aud.size()); + ASSERT_EQ("test", *aud.begin()); +} + +TEST(ClaimTest, SetAudienceAsString) { + auto token = jwt::create() + .set_type("JWT") + .set_audience("test") + .sign(jwt::algorithm::hs256("test")); + ASSERT_EQ("eyJhbGciOiJIUzI1NiIsInR5cCI6IkpXVCJ9.eyJhdWQiOiJ0ZXN0In0.ny5Fa0vzAg7tNL95KWg_ecBNd3XP3tdAzq0SFA6diY4", token); +} diff --git a/src/jwt-cpp/Doxyfile b/src/jwt-cpp/Doxyfile new file mode 100644 index 000000000..e3303d2b9 --- /dev/null +++ b/src/jwt-cpp/Doxyfile @@ -0,0 +1,2494 @@ +# Doxyfile 1.8.13 + +# This file describes the settings to be used by the documentation system +# doxygen (www.doxygen.org) for a project. +# +# All text after a double hash (##) is considered a comment and is placed in +# front of the TAG it is preceding. +# +# All text after a single hash (#) is considered a comment and will be ignored. +# The format is: +# TAG = value [value, ...] +# For lists, items can also be appended using: +# TAG += value [value, ...] +# Values that contain spaces should be placed between quotes (\" \"). + +#--------------------------------------------------------------------------- +# Project related configuration options +#--------------------------------------------------------------------------- + +# This tag specifies the encoding used for all characters in the config file +# that follow. The default is UTF-8 which is also the encoding used for all text +# before the first occurrence of this tag. Doxygen uses libiconv (or the iconv +# built into libc) for the transcoding. See http://www.gnu.org/software/libiconv +# for the list of possible encodings. +# The default value is: UTF-8. + +DOXYFILE_ENCODING = UTF-8 + +# The PROJECT_NAME tag is a single word (or a sequence of words surrounded by +# double-quotes, unless you are using Doxywizard) that should identify the +# project for which the documentation is generated. This name is used in the +# title of most generated pages and in a few other places. +# The default value is: My Project. + +PROJECT_NAME = "JWT-C++" + +# The PROJECT_NUMBER tag can be used to enter a project or revision number. This +# could be handy for archiving the generated documentation or if some version +# control system is used. + +PROJECT_NUMBER = + +# Using the PROJECT_BRIEF tag one can provide an optional one line description +# for a project that appears at the top of each page and should give viewer a +# quick idea about the purpose of the project. Keep the description short. + +PROJECT_BRIEF = + +# With the PROJECT_LOGO tag one can specify a logo or an icon that is included +# in the documentation. The maximum height of the logo should not exceed 55 +# pixels and the maximum width should not exceed 200 pixels. Doxygen will copy +# the logo to the output directory. + +PROJECT_LOGO = + +# The OUTPUT_DIRECTORY tag is used to specify the (relative or absolute) path +# into which the generated documentation will be written. If a relative path is +# entered, it will be relative to the location where doxygen was started. If +# left blank the current directory will be used. + +OUTPUT_DIRECTORY = docs + +# If the CREATE_SUBDIRS tag is set to YES then doxygen will create 4096 sub- +# directories (in 2 levels) under the output directory of each output format and +# will distribute the generated files over these directories. Enabling this +# option can be useful when feeding doxygen a huge amount of source files, where +# putting all generated files in the same directory would otherwise causes +# performance problems for the file system. +# The default value is: NO. + +CREATE_SUBDIRS = NO + +# If the ALLOW_UNICODE_NAMES tag is set to YES, doxygen will allow non-ASCII +# characters to appear in the names of generated files. If set to NO, non-ASCII +# characters will be escaped, for example _xE3_x81_x84 will be used for Unicode +# U+3044. +# The default value is: NO. + +ALLOW_UNICODE_NAMES = NO + +# The OUTPUT_LANGUAGE tag is used to specify the language in which all +# documentation generated by doxygen is written. Doxygen will use this +# information to generate all constant output in the proper language. +# Possible values are: Afrikaans, Arabic, Armenian, Brazilian, Catalan, Chinese, +# Chinese-Traditional, Croatian, Czech, Danish, Dutch, English (United States), +# Esperanto, Farsi (Persian), Finnish, French, German, Greek, Hungarian, +# Indonesian, Italian, Japanese, Japanese-en (Japanese with English messages), +# Korean, Korean-en (Korean with English messages), Latvian, Lithuanian, +# Macedonian, Norwegian, Persian (Farsi), Polish, Portuguese, Romanian, Russian, +# Serbian, Serbian-Cyrillic, Slovak, Slovene, Spanish, Swedish, Turkish, +# Ukrainian and Vietnamese. +# The default value is: English. + +OUTPUT_LANGUAGE = English + +# If the BRIEF_MEMBER_DESC tag is set to YES, doxygen will include brief member +# descriptions after the members that are listed in the file and class +# documentation (similar to Javadoc). Set to NO to disable this. +# The default value is: YES. + +BRIEF_MEMBER_DESC = YES + +# If the REPEAT_BRIEF tag is set to YES, doxygen will prepend the brief +# description of a member or function before the detailed description +# +# Note: If both HIDE_UNDOC_MEMBERS and BRIEF_MEMBER_DESC are set to NO, the +# brief descriptions will be completely suppressed. +# The default value is: YES. + +REPEAT_BRIEF = YES + +# This tag implements a quasi-intelligent brief description abbreviator that is +# used to form the text in various listings. Each string in this list, if found +# as the leading text of the brief description, will be stripped from the text +# and the result, after processing the whole list, is used as the annotated +# text. Otherwise, the brief description is used as-is. If left blank, the +# following values are used ($name is automatically replaced with the name of +# the entity):The $name class, The $name widget, The $name file, is, provides, +# specifies, contains, represents, a, an and the. + +ABBREVIATE_BRIEF = "The $name class" \ + "The $name widget" \ + "The $name file" \ + is \ + provides \ + specifies \ + contains \ + represents \ + a \ + an \ + the + +# If the ALWAYS_DETAILED_SEC and REPEAT_BRIEF tags are both set to YES then +# doxygen will generate a detailed section even if there is only a brief +# description. +# The default value is: NO. + +ALWAYS_DETAILED_SEC = NO + +# If the INLINE_INHERITED_MEMB tag is set to YES, doxygen will show all +# inherited members of a class in the documentation of that class as if those +# members were ordinary class members. Constructors, destructors and assignment +# operators of the base classes will not be shown. +# The default value is: NO. + +INLINE_INHERITED_MEMB = NO + +# If the FULL_PATH_NAMES tag is set to YES, doxygen will prepend the full path +# before files name in the file list and in the header files. If set to NO the +# shortest path that makes the file name unique will be used +# The default value is: YES. + +FULL_PATH_NAMES = YES + +# The STRIP_FROM_PATH tag can be used to strip a user-defined part of the path. +# Stripping is only done if one of the specified strings matches the left-hand +# part of the path. The tag can be used to show relative paths in the file list. +# If left blank the directory from which doxygen is run is used as the path to +# strip. +# +# Note that you can specify absolute paths here, but also relative paths, which +# will be relative from the directory where doxygen is started. +# This tag requires that the tag FULL_PATH_NAMES is set to YES. + +STRIP_FROM_PATH = + +# The STRIP_FROM_INC_PATH tag can be used to strip a user-defined part of the +# path mentioned in the documentation of a class, which tells the reader which +# header file to include in order to use a class. If left blank only the name of +# the header file containing the class definition is used. Otherwise one should +# specify the list of include paths that are normally passed to the compiler +# using the -I flag. + +STRIP_FROM_INC_PATH = + +# If the SHORT_NAMES tag is set to YES, doxygen will generate much shorter (but +# less readable) file names. This can be useful is your file systems doesn't +# support long names like on DOS, Mac, or CD-ROM. +# The default value is: NO. + +SHORT_NAMES = NO + +# If the JAVADOC_AUTOBRIEF tag is set to YES then doxygen will interpret the +# first line (until the first dot) of a Javadoc-style comment as the brief +# description. If set to NO, the Javadoc-style will behave just like regular Qt- +# style comments (thus requiring an explicit @brief command for a brief +# description.) +# The default value is: NO. + +JAVADOC_AUTOBRIEF = NO + +# If the QT_AUTOBRIEF tag is set to YES then doxygen will interpret the first +# line (until the first dot) of a Qt-style comment as the brief description. If +# set to NO, the Qt-style will behave just like regular Qt-style comments (thus +# requiring an explicit \brief command for a brief description.) +# The default value is: NO. + +QT_AUTOBRIEF = NO + +# The MULTILINE_CPP_IS_BRIEF tag can be set to YES to make doxygen treat a +# multi-line C++ special comment block (i.e. a block of //! or /// comments) as +# a brief description. This used to be the default behavior. The new default is +# to treat a multi-line C++ comment block as a detailed description. Set this +# tag to YES if you prefer the old behavior instead. +# +# Note that setting this tag to YES also means that rational rose comments are +# not recognized any more. +# The default value is: NO. + +MULTILINE_CPP_IS_BRIEF = NO + +# If the INHERIT_DOCS tag is set to YES then an undocumented member inherits the +# documentation from any documented member that it re-implements. +# The default value is: YES. + +INHERIT_DOCS = YES + +# If the SEPARATE_MEMBER_PAGES tag is set to YES then doxygen will produce a new +# page for each member. If set to NO, the documentation of a member will be part +# of the file/class/namespace that contains it. +# The default value is: NO. + +SEPARATE_MEMBER_PAGES = NO + +# The TAB_SIZE tag can be used to set the number of spaces in a tab. Doxygen +# uses this value to replace tabs by spaces in code fragments. +# Minimum value: 1, maximum value: 16, default value: 4. + +TAB_SIZE = 4 + +# This tag can be used to specify a number of aliases that act as commands in +# the documentation. An alias has the form: +# name=value +# For example adding +# "sideeffect=@par Side Effects:\n" +# will allow you to put the command \sideeffect (or @sideeffect) in the +# documentation, which will result in a user-defined paragraph with heading +# "Side Effects:". You can put \n's in the value part of an alias to insert +# newlines. + +ALIASES = + +# This tag can be used to specify a number of word-keyword mappings (TCL only). +# A mapping has the form "name=value". For example adding "class=itcl::class" +# will allow you to use the command class in the itcl::class meaning. + +TCL_SUBST = + +# Set the OPTIMIZE_OUTPUT_FOR_C tag to YES if your project consists of C sources +# only. Doxygen will then generate output that is more tailored for C. For +# instance, some of the names that are used will be different. The list of all +# members will be omitted, etc. +# The default value is: NO. + +OPTIMIZE_OUTPUT_FOR_C = NO + +# Set the OPTIMIZE_OUTPUT_JAVA tag to YES if your project consists of Java or +# Python sources only. Doxygen will then generate output that is more tailored +# for that language. For instance, namespaces will be presented as packages, +# qualified scopes will look different, etc. +# The default value is: NO. + +OPTIMIZE_OUTPUT_JAVA = NO + +# Set the OPTIMIZE_FOR_FORTRAN tag to YES if your project consists of Fortran +# sources. Doxygen will then generate output that is tailored for Fortran. +# The default value is: NO. + +OPTIMIZE_FOR_FORTRAN = NO + +# Set the OPTIMIZE_OUTPUT_VHDL tag to YES if your project consists of VHDL +# sources. Doxygen will then generate output that is tailored for VHDL. +# The default value is: NO. + +OPTIMIZE_OUTPUT_VHDL = NO + +# Doxygen selects the parser to use depending on the extension of the files it +# parses. With this tag you can assign which parser to use for a given +# extension. Doxygen has a built-in mapping, but you can override or extend it +# using this tag. The format is ext=language, where ext is a file extension, and +# language is one of the parsers supported by doxygen: IDL, Java, Javascript, +# C#, C, C++, D, PHP, Objective-C, Python, Fortran (fixed format Fortran: +# FortranFixed, free formatted Fortran: FortranFree, unknown formatted Fortran: +# Fortran. In the later case the parser tries to guess whether the code is fixed +# or free formatted code, this is the default for Fortran type files), VHDL. For +# instance to make doxygen treat .inc files as Fortran files (default is PHP), +# and .f files as C (default is Fortran), use: inc=Fortran f=C. +# +# Note: For files without extension you can use no_extension as a placeholder. +# +# Note that for custom extensions you also need to set FILE_PATTERNS otherwise +# the files are not read by doxygen. + +EXTENSION_MAPPING = + +# If the MARKDOWN_SUPPORT tag is enabled then doxygen pre-processes all comments +# according to the Markdown format, which allows for more readable +# documentation. See http://daringfireball.net/projects/markdown/ for details. +# The output of markdown processing is further processed by doxygen, so you can +# mix doxygen, HTML, and XML commands with Markdown formatting. Disable only in +# case of backward compatibilities issues. +# The default value is: YES. + +MARKDOWN_SUPPORT = YES + +# When the TOC_INCLUDE_HEADINGS tag is set to a non-zero value, all headings up +# to that level are automatically included in the table of contents, even if +# they do not have an id attribute. +# Note: This feature currently applies only to Markdown headings. +# Minimum value: 0, maximum value: 99, default value: 0. +# This tag requires that the tag MARKDOWN_SUPPORT is set to YES. + +TOC_INCLUDE_HEADINGS = 0 + +# When enabled doxygen tries to link words that correspond to documented +# classes, or namespaces to their corresponding documentation. Such a link can +# be prevented in individual cases by putting a % sign in front of the word or +# globally by setting AUTOLINK_SUPPORT to NO. +# The default value is: YES. + +AUTOLINK_SUPPORT = YES + +# If you use STL classes (i.e. std::string, std::vector, etc.) but do not want +# to include (a tag file for) the STL sources as input, then you should set this +# tag to YES in order to let doxygen match functions declarations and +# definitions whose arguments contain STL classes (e.g. func(std::string); +# versus func(std::string) {}). This also make the inheritance and collaboration +# diagrams that involve STL classes more complete and accurate. +# The default value is: NO. + +BUILTIN_STL_SUPPORT = YES + +# If you use Microsoft's C++/CLI language, you should set this option to YES to +# enable parsing support. +# The default value is: NO. + +CPP_CLI_SUPPORT = NO + +# Set the SIP_SUPPORT tag to YES if your project consists of sip (see: +# http://www.riverbankcomputing.co.uk/software/sip/intro) sources only. Doxygen +# will parse them like normal C++ but will assume all classes use public instead +# of private inheritance when no explicit protection keyword is present. +# The default value is: NO. + +SIP_SUPPORT = NO + +# For Microsoft's IDL there are propget and propput attributes to indicate +# getter and setter methods for a property. Setting this option to YES will make +# doxygen to replace the get and set methods by a property in the documentation. +# This will only work if the methods are indeed getting or setting a simple +# type. If this is not the case, or you want to show the methods anyway, you +# should set this option to NO. +# The default value is: YES. + +IDL_PROPERTY_SUPPORT = YES + +# If member grouping is used in the documentation and the DISTRIBUTE_GROUP_DOC +# tag is set to YES then doxygen will reuse the documentation of the first +# member in the group (if any) for the other members of the group. By default +# all members of a group must be documented explicitly. +# The default value is: NO. + +DISTRIBUTE_GROUP_DOC = NO + +# If one adds a struct or class to a group and this option is enabled, then also +# any nested class or struct is added to the same group. By default this option +# is disabled and one has to add nested compounds explicitly via \ingroup. +# The default value is: NO. + +GROUP_NESTED_COMPOUNDS = NO + +# Set the SUBGROUPING tag to YES to allow class member groups of the same type +# (for instance a group of public functions) to be put as a subgroup of that +# type (e.g. under the Public Functions section). Set it to NO to prevent +# subgrouping. Alternatively, this can be done per class using the +# \nosubgrouping command. +# The default value is: YES. + +SUBGROUPING = YES + +# When the INLINE_GROUPED_CLASSES tag is set to YES, classes, structs and unions +# are shown inside the group in which they are included (e.g. using \ingroup) +# instead of on a separate page (for HTML and Man pages) or section (for LaTeX +# and RTF). +# +# Note that this feature does not work in combination with +# SEPARATE_MEMBER_PAGES. +# The default value is: NO. + +INLINE_GROUPED_CLASSES = NO + +# When the INLINE_SIMPLE_STRUCTS tag is set to YES, structs, classes, and unions +# with only public data fields or simple typedef fields will be shown inline in +# the documentation of the scope in which they are defined (i.e. file, +# namespace, or group documentation), provided this scope is documented. If set +# to NO, structs, classes, and unions are shown on a separate page (for HTML and +# Man pages) or section (for LaTeX and RTF). +# The default value is: NO. + +INLINE_SIMPLE_STRUCTS = NO + +# When TYPEDEF_HIDES_STRUCT tag is enabled, a typedef of a struct, union, or +# enum is documented as struct, union, or enum with the name of the typedef. So +# typedef struct TypeS {} TypeT, will appear in the documentation as a struct +# with name TypeT. When disabled the typedef will appear as a member of a file, +# namespace, or class. And the struct will be named TypeS. This can typically be +# useful for C code in case the coding convention dictates that all compound +# types are typedef'ed and only the typedef is referenced, never the tag name. +# The default value is: NO. + +TYPEDEF_HIDES_STRUCT = NO + +# The size of the symbol lookup cache can be set using LOOKUP_CACHE_SIZE. This +# cache is used to resolve symbols given their name and scope. Since this can be +# an expensive process and often the same symbol appears multiple times in the +# code, doxygen keeps a cache of pre-resolved symbols. If the cache is too small +# doxygen will become slower. If the cache is too large, memory is wasted. The +# cache size is given by this formula: 2^(16+LOOKUP_CACHE_SIZE). The valid range +# is 0..9, the default is 0, corresponding to a cache size of 2^16=65536 +# symbols. At the end of a run doxygen will report the cache usage and suggest +# the optimal cache size from a speed point of view. +# Minimum value: 0, maximum value: 9, default value: 0. + +LOOKUP_CACHE_SIZE = 0 + +#--------------------------------------------------------------------------- +# Build related configuration options +#--------------------------------------------------------------------------- + +# If the EXTRACT_ALL tag is set to YES, doxygen will assume all entities in +# documentation are documented, even if no documentation was available. Private +# class members and static file members will be hidden unless the +# EXTRACT_PRIVATE respectively EXTRACT_STATIC tags are set to YES. +# Note: This will also disable the warnings about undocumented members that are +# normally produced when WARNINGS is set to YES. +# The default value is: NO. + +EXTRACT_ALL = NO + +# If the EXTRACT_PRIVATE tag is set to YES, all private members of a class will +# be included in the documentation. +# The default value is: NO. + +EXTRACT_PRIVATE = NO + +# If the EXTRACT_PACKAGE tag is set to YES, all members with package or internal +# scope will be included in the documentation. +# The default value is: NO. + +EXTRACT_PACKAGE = NO + +# If the EXTRACT_STATIC tag is set to YES, all static members of a file will be +# included in the documentation. +# The default value is: NO. + +EXTRACT_STATIC = NO + +# If the EXTRACT_LOCAL_CLASSES tag is set to YES, classes (and structs) defined +# locally in source files will be included in the documentation. If set to NO, +# only classes defined in header files are included. Does not have any effect +# for Java sources. +# The default value is: YES. + +EXTRACT_LOCAL_CLASSES = YES + +# This flag is only useful for Objective-C code. If set to YES, local methods, +# which are defined in the implementation section but not in the interface are +# included in the documentation. If set to NO, only methods in the interface are +# included. +# The default value is: NO. + +EXTRACT_LOCAL_METHODS = NO + +# If this flag is set to YES, the members of anonymous namespaces will be +# extracted and appear in the documentation as a namespace called +# 'anonymous_namespace{file}', where file will be replaced with the base name of +# the file that contains the anonymous namespace. By default anonymous namespace +# are hidden. +# The default value is: NO. + +EXTRACT_ANON_NSPACES = NO + +# If the HIDE_UNDOC_MEMBERS tag is set to YES, doxygen will hide all +# undocumented members inside documented classes or files. If set to NO these +# members will be included in the various overviews, but no documentation +# section is generated. This option has no effect if EXTRACT_ALL is enabled. +# The default value is: NO. + +HIDE_UNDOC_MEMBERS = NO + +# If the HIDE_UNDOC_CLASSES tag is set to YES, doxygen will hide all +# undocumented classes that are normally visible in the class hierarchy. If set +# to NO, these classes will be included in the various overviews. This option +# has no effect if EXTRACT_ALL is enabled. +# The default value is: NO. + +HIDE_UNDOC_CLASSES = NO + +# If the HIDE_FRIEND_COMPOUNDS tag is set to YES, doxygen will hide all friend +# (class|struct|union) declarations. If set to NO, these declarations will be +# included in the documentation. +# The default value is: NO. + +HIDE_FRIEND_COMPOUNDS = NO + +# If the HIDE_IN_BODY_DOCS tag is set to YES, doxygen will hide any +# documentation blocks found inside the body of a function. If set to NO, these +# blocks will be appended to the function's detailed documentation block. +# The default value is: NO. + +HIDE_IN_BODY_DOCS = NO + +# The INTERNAL_DOCS tag determines if documentation that is typed after a +# \internal command is included. If the tag is set to NO then the documentation +# will be excluded. Set it to YES to include the internal documentation. +# The default value is: NO. + +INTERNAL_DOCS = NO + +# If the CASE_SENSE_NAMES tag is set to NO then doxygen will only generate file +# names in lower-case letters. If set to YES, upper-case letters are also +# allowed. This is useful if you have classes or files whose names only differ +# in case and if your file system supports case sensitive file names. Windows +# and Mac users are advised to set this option to NO. +# The default value is: system dependent. + +CASE_SENSE_NAMES = YES + +# If the HIDE_SCOPE_NAMES tag is set to NO then doxygen will show members with +# their full class and namespace scopes in the documentation. If set to YES, the +# scope will be hidden. +# The default value is: NO. + +HIDE_SCOPE_NAMES = NO + +# If the HIDE_COMPOUND_REFERENCE tag is set to NO (default) then doxygen will +# append additional text to a page's title, such as Class Reference. If set to +# YES the compound reference will be hidden. +# The default value is: NO. + +HIDE_COMPOUND_REFERENCE= NO + +# If the SHOW_INCLUDE_FILES tag is set to YES then doxygen will put a list of +# the files that are included by a file in the documentation of that file. +# The default value is: YES. + +SHOW_INCLUDE_FILES = YES + +# If the SHOW_GROUPED_MEMB_INC tag is set to YES then Doxygen will add for each +# grouped member an include statement to the documentation, telling the reader +# which file to include in order to use the member. +# The default value is: NO. + +SHOW_GROUPED_MEMB_INC = NO + +# If the FORCE_LOCAL_INCLUDES tag is set to YES then doxygen will list include +# files with double quotes in the documentation rather than with sharp brackets. +# The default value is: NO. + +FORCE_LOCAL_INCLUDES = NO + +# If the INLINE_INFO tag is set to YES then a tag [inline] is inserted in the +# documentation for inline members. +# The default value is: YES. + +INLINE_INFO = YES + +# If the SORT_MEMBER_DOCS tag is set to YES then doxygen will sort the +# (detailed) documentation of file and class members alphabetically by member +# name. If set to NO, the members will appear in declaration order. +# The default value is: YES. + +SORT_MEMBER_DOCS = YES + +# If the SORT_BRIEF_DOCS tag is set to YES then doxygen will sort the brief +# descriptions of file, namespace and class members alphabetically by member +# name. If set to NO, the members will appear in declaration order. Note that +# this will also influence the order of the classes in the class list. +# The default value is: NO. + +SORT_BRIEF_DOCS = NO + +# If the SORT_MEMBERS_CTORS_1ST tag is set to YES then doxygen will sort the +# (brief and detailed) documentation of class members so that constructors and +# destructors are listed first. If set to NO the constructors will appear in the +# respective orders defined by SORT_BRIEF_DOCS and SORT_MEMBER_DOCS. +# Note: If SORT_BRIEF_DOCS is set to NO this option is ignored for sorting brief +# member documentation. +# Note: If SORT_MEMBER_DOCS is set to NO this option is ignored for sorting +# detailed member documentation. +# The default value is: NO. + +SORT_MEMBERS_CTORS_1ST = NO + +# If the SORT_GROUP_NAMES tag is set to YES then doxygen will sort the hierarchy +# of group names into alphabetical order. If set to NO the group names will +# appear in their defined order. +# The default value is: NO. + +SORT_GROUP_NAMES = NO + +# If the SORT_BY_SCOPE_NAME tag is set to YES, the class list will be sorted by +# fully-qualified names, including namespaces. If set to NO, the class list will +# be sorted only by class name, not including the namespace part. +# Note: This option is not very useful if HIDE_SCOPE_NAMES is set to YES. +# Note: This option applies only to the class list, not to the alphabetical +# list. +# The default value is: NO. + +SORT_BY_SCOPE_NAME = NO + +# If the STRICT_PROTO_MATCHING option is enabled and doxygen fails to do proper +# type resolution of all parameters of a function it will reject a match between +# the prototype and the implementation of a member function even if there is +# only one candidate or it is obvious which candidate to choose by doing a +# simple string match. By disabling STRICT_PROTO_MATCHING doxygen will still +# accept a match between prototype and implementation in such cases. +# The default value is: NO. + +STRICT_PROTO_MATCHING = NO + +# The GENERATE_TODOLIST tag can be used to enable (YES) or disable (NO) the todo +# list. This list is created by putting \todo commands in the documentation. +# The default value is: YES. + +GENERATE_TODOLIST = YES + +# The GENERATE_TESTLIST tag can be used to enable (YES) or disable (NO) the test +# list. This list is created by putting \test commands in the documentation. +# The default value is: YES. + +GENERATE_TESTLIST = YES + +# The GENERATE_BUGLIST tag can be used to enable (YES) or disable (NO) the bug +# list. This list is created by putting \bug commands in the documentation. +# The default value is: YES. + +GENERATE_BUGLIST = YES + +# The GENERATE_DEPRECATEDLIST tag can be used to enable (YES) or disable (NO) +# the deprecated list. This list is created by putting \deprecated commands in +# the documentation. +# The default value is: YES. + +GENERATE_DEPRECATEDLIST= YES + +# The ENABLED_SECTIONS tag can be used to enable conditional documentation +# sections, marked by \if ... \endif and \cond +# ... \endcond blocks. + +ENABLED_SECTIONS = + +# The MAX_INITIALIZER_LINES tag determines the maximum number of lines that the +# initial value of a variable or macro / define can have for it to appear in the +# documentation. If the initializer consists of more lines than specified here +# it will be hidden. Use a value of 0 to hide initializers completely. The +# appearance of the value of individual variables and macros / defines can be +# controlled using \showinitializer or \hideinitializer command in the +# documentation regardless of this setting. +# Minimum value: 0, maximum value: 10000, default value: 30. + +MAX_INITIALIZER_LINES = 30 + +# Set the SHOW_USED_FILES tag to NO to disable the list of files generated at +# the bottom of the documentation of classes and structs. If set to YES, the +# list will mention the files that were used to generate the documentation. +# The default value is: YES. + +SHOW_USED_FILES = YES + +# Set the SHOW_FILES tag to NO to disable the generation of the Files page. This +# will remove the Files entry from the Quick Index and from the Folder Tree View +# (if specified). +# The default value is: YES. + +SHOW_FILES = YES + +# Set the SHOW_NAMESPACES tag to NO to disable the generation of the Namespaces +# page. This will remove the Namespaces entry from the Quick Index and from the +# Folder Tree View (if specified). +# The default value is: YES. + +SHOW_NAMESPACES = YES + +# The FILE_VERSION_FILTER tag can be used to specify a program or script that +# doxygen should invoke to get the current version for each file (typically from +# the version control system). Doxygen will invoke the program by executing (via +# popen()) the command command input-file, where command is the value of the +# FILE_VERSION_FILTER tag, and input-file is the name of an input file provided +# by doxygen. Whatever the program writes to standard output is used as the file +# version. For an example see the documentation. + +FILE_VERSION_FILTER = + +# The LAYOUT_FILE tag can be used to specify a layout file which will be parsed +# by doxygen. The layout file controls the global structure of the generated +# output files in an output format independent way. To create the layout file +# that represents doxygen's defaults, run doxygen with the -l option. You can +# optionally specify a file name after the option, if omitted DoxygenLayout.xml +# will be used as the name of the layout file. +# +# Note that if you run doxygen from a directory containing a file called +# DoxygenLayout.xml, doxygen will parse it automatically even if the LAYOUT_FILE +# tag is left empty. + +LAYOUT_FILE = + +# The CITE_BIB_FILES tag can be used to specify one or more bib files containing +# the reference definitions. This must be a list of .bib files. The .bib +# extension is automatically appended if omitted. This requires the bibtex tool +# to be installed. See also http://en.wikipedia.org/wiki/BibTeX for more info. +# For LaTeX the style of the bibliography can be controlled using +# LATEX_BIB_STYLE. To use this feature you need bibtex and perl available in the +# search path. See also \cite for info how to create references. + +CITE_BIB_FILES = + +#--------------------------------------------------------------------------- +# Configuration options related to warning and progress messages +#--------------------------------------------------------------------------- + +# The QUIET tag can be used to turn on/off the messages that are generated to +# standard output by doxygen. If QUIET is set to YES this implies that the +# messages are off. +# The default value is: NO. + +QUIET = NO + +# The WARNINGS tag can be used to turn on/off the warning messages that are +# generated to standard error (stderr) by doxygen. If WARNINGS is set to YES +# this implies that the warnings are on. +# +# Tip: Turn warnings on while writing the documentation. +# The default value is: YES. + +WARNINGS = YES + +# If the WARN_IF_UNDOCUMENTED tag is set to YES then doxygen will generate +# warnings for undocumented members. If EXTRACT_ALL is set to YES then this flag +# will automatically be disabled. +# The default value is: YES. + +WARN_IF_UNDOCUMENTED = YES + +# If the WARN_IF_DOC_ERROR tag is set to YES, doxygen will generate warnings for +# potential errors in the documentation, such as not documenting some parameters +# in a documented function, or documenting parameters that don't exist or using +# markup commands wrongly. +# The default value is: YES. + +WARN_IF_DOC_ERROR = YES + +# This WARN_NO_PARAMDOC option can be enabled to get warnings for functions that +# are documented, but have no documentation for their parameters or return +# value. If set to NO, doxygen will only warn about wrong or incomplete +# parameter documentation, but not about the absence of documentation. +# The default value is: NO. + +WARN_NO_PARAMDOC = NO + +# If the WARN_AS_ERROR tag is set to YES then doxygen will immediately stop when +# a warning is encountered. +# The default value is: NO. + +WARN_AS_ERROR = NO + +# The WARN_FORMAT tag determines the format of the warning messages that doxygen +# can produce. The string should contain the $file, $line, and $text tags, which +# will be replaced by the file and line number from which the warning originated +# and the warning text. Optionally the format may contain $version, which will +# be replaced by the version of the file (if it could be obtained via +# FILE_VERSION_FILTER) +# The default value is: $file:$line: $text. + +WARN_FORMAT = "$file:$line: $text" + +# The WARN_LOGFILE tag can be used to specify a file to which warning and error +# messages should be written. If left blank the output is written to standard +# error (stderr). + +WARN_LOGFILE = + +#--------------------------------------------------------------------------- +# Configuration options related to the input files +#--------------------------------------------------------------------------- + +# The INPUT tag is used to specify the files and/or directories that contain +# documented source files. You may enter file names like myfile.cpp or +# directories like /usr/src/myproject. Separate the files or directories with +# spaces. See also FILE_PATTERNS and EXTENSION_MAPPING +# Note: If this tag is empty the current directory is searched. + +INPUT = include README.md + +# This tag can be used to specify the character encoding of the source files +# that doxygen parses. Internally doxygen uses the UTF-8 encoding. Doxygen uses +# libiconv (or the iconv built into libc) for the transcoding. See the libiconv +# documentation (see: http://www.gnu.org/software/libiconv) for the list of +# possible encodings. +# The default value is: UTF-8. + +INPUT_ENCODING = UTF-8 + +# If the value of the INPUT tag contains directories, you can use the +# FILE_PATTERNS tag to specify one or more wildcard patterns (like *.cpp and +# *.h) to filter out the source-files in the directories. +# +# Note that for custom extensions or not directly supported extensions you also +# need to set EXTENSION_MAPPING for the extension otherwise the files are not +# read by doxygen. +# +# If left blank the following patterns are tested:*.c, *.cc, *.cxx, *.cpp, +# *.c++, *.java, *.ii, *.ixx, *.ipp, *.i++, *.inl, *.idl, *.ddl, *.odl, *.h, +# *.hh, *.hxx, *.hpp, *.h++, *.cs, *.d, *.php, *.php4, *.php5, *.phtml, *.inc, +# *.m, *.markdown, *.md, *.mm, *.dox, *.py, *.pyw, *.f90, *.f95, *.f03, *.f08, +# *.f, *.for, *.tcl, *.vhd, *.vhdl, *.ucf and *.qsf. + +FILE_PATTERNS = *.c \ + *.cc \ + *.cxx \ + *.cpp \ + *.c++ \ + *.java \ + *.ii \ + *.ixx \ + *.ipp \ + *.i++ \ + *.inl \ + *.idl \ + *.ddl \ + *.odl \ + *.h \ + *.hh \ + *.hxx \ + *.hpp \ + *.h++ \ + *.cs \ + *.d \ + *.php \ + *.php4 \ + *.php5 \ + *.phtml \ + *.inc \ + *.m \ + *.markdown \ + *.md \ + *.mm \ + *.dox \ + *.py \ + *.pyw \ + *.f90 \ + *.f95 \ + *.f03 \ + *.f08 \ + *.f \ + *.for \ + *.tcl \ + *.vhd \ + *.vhdl \ + *.ucf \ + *.qsf + +# The RECURSIVE tag can be used to specify whether or not subdirectories should +# be searched for input files as well. +# The default value is: NO. + +RECURSIVE = YES + +# The EXCLUDE tag can be used to specify files and/or directories that should be +# excluded from the INPUT source files. This way you can easily exclude a +# subdirectory from a directory tree whose root is specified with the INPUT tag. +# +# Note that relative paths are relative to the directory from which doxygen is +# run. + +EXCLUDE = include/jwt-cpp/picojson.h + +# The EXCLUDE_SYMLINKS tag can be used to select whether or not files or +# directories that are symbolic links (a Unix file system feature) are excluded +# from the input. +# The default value is: NO. + +EXCLUDE_SYMLINKS = NO + +# If the value of the INPUT tag contains directories, you can use the +# EXCLUDE_PATTERNS tag to specify one or more wildcard patterns to exclude +# certain files from those directories. +# +# Note that the wildcards are matched against the file with absolute path, so to +# exclude all test directories for example use the pattern */test/* + +EXCLUDE_PATTERNS = + +# The EXCLUDE_SYMBOLS tag can be used to specify one or more symbol names +# (namespaces, classes, functions, etc.) that should be excluded from the +# output. The symbol name can be a fully qualified name, a word, or if the +# wildcard * is used, a substring. Examples: ANamespace, AClass, +# AClass::ANamespace, ANamespace::*Test +# +# Note that the wildcards are matched against the file with absolute path, so to +# exclude all test directories use the pattern */test/* + +EXCLUDE_SYMBOLS = + +# The EXAMPLE_PATH tag can be used to specify one or more files or directories +# that contain example code fragments that are included (see the \include +# command). + +EXAMPLE_PATH = + +# If the value of the EXAMPLE_PATH tag contains directories, you can use the +# EXAMPLE_PATTERNS tag to specify one or more wildcard pattern (like *.cpp and +# *.h) to filter out the source-files in the directories. If left blank all +# files are included. + +EXAMPLE_PATTERNS = * + +# If the EXAMPLE_RECURSIVE tag is set to YES then subdirectories will be +# searched for input files to be used with the \include or \dontinclude commands +# irrespective of the value of the RECURSIVE tag. +# The default value is: NO. + +EXAMPLE_RECURSIVE = NO + +# The IMAGE_PATH tag can be used to specify one or more files or directories +# that contain images that are to be included in the documentation (see the +# \image command). + +IMAGE_PATH = + +# The INPUT_FILTER tag can be used to specify a program that doxygen should +# invoke to filter for each input file. Doxygen will invoke the filter program +# by executing (via popen()) the command: +# +# +# +# where is the value of the INPUT_FILTER tag, and is the +# name of an input file. Doxygen will then use the output that the filter +# program writes to standard output. If FILTER_PATTERNS is specified, this tag +# will be ignored. +# +# Note that the filter must not add or remove lines; it is applied before the +# code is scanned, but not when the output code is generated. If lines are added +# or removed, the anchors will not be placed correctly. +# +# Note that for custom extensions or not directly supported extensions you also +# need to set EXTENSION_MAPPING for the extension otherwise the files are not +# properly processed by doxygen. + +INPUT_FILTER = + +# The FILTER_PATTERNS tag can be used to specify filters on a per file pattern +# basis. Doxygen will compare the file name with each pattern and apply the +# filter if there is a match. The filters are a list of the form: pattern=filter +# (like *.cpp=my_cpp_filter). See INPUT_FILTER for further information on how +# filters are used. If the FILTER_PATTERNS tag is empty or if none of the +# patterns match the file name, INPUT_FILTER is applied. +# +# Note that for custom extensions or not directly supported extensions you also +# need to set EXTENSION_MAPPING for the extension otherwise the files are not +# properly processed by doxygen. + +FILTER_PATTERNS = + +# If the FILTER_SOURCE_FILES tag is set to YES, the input filter (if set using +# INPUT_FILTER) will also be used to filter the input files that are used for +# producing the source files to browse (i.e. when SOURCE_BROWSER is set to YES). +# The default value is: NO. + +FILTER_SOURCE_FILES = NO + +# The FILTER_SOURCE_PATTERNS tag can be used to specify source filters per file +# pattern. A pattern will override the setting for FILTER_PATTERN (if any) and +# it is also possible to disable source filtering for a specific pattern using +# *.ext= (so without naming a filter). +# This tag requires that the tag FILTER_SOURCE_FILES is set to YES. + +FILTER_SOURCE_PATTERNS = + +# If the USE_MDFILE_AS_MAINPAGE tag refers to the name of a markdown file that +# is part of the input, its contents will be placed on the main page +# (index.html). This can be useful if you have a project on for instance GitHub +# and want to reuse the introduction page also for the doxygen output. + +USE_MDFILE_AS_MAINPAGE = README.md + +#--------------------------------------------------------------------------- +# Configuration options related to source browsing +#--------------------------------------------------------------------------- + +# If the SOURCE_BROWSER tag is set to YES then a list of source files will be +# generated. Documented entities will be cross-referenced with these sources. +# +# Note: To get rid of all source code in the generated output, make sure that +# also VERBATIM_HEADERS is set to NO. +# The default value is: NO. + +SOURCE_BROWSER = NO + +# Setting the INLINE_SOURCES tag to YES will include the body of functions, +# classes and enums directly into the documentation. +# The default value is: NO. + +INLINE_SOURCES = NO + +# Setting the STRIP_CODE_COMMENTS tag to YES will instruct doxygen to hide any +# special comment blocks from generated source code fragments. Normal C, C++ and +# Fortran comments will always remain visible. +# The default value is: YES. + +STRIP_CODE_COMMENTS = YES + +# If the REFERENCED_BY_RELATION tag is set to YES then for each documented +# function all documented functions referencing it will be listed. +# The default value is: NO. + +REFERENCED_BY_RELATION = NO + +# If the REFERENCES_RELATION tag is set to YES then for each documented function +# all documented entities called/used by that function will be listed. +# The default value is: NO. + +REFERENCES_RELATION = NO + +# If the REFERENCES_LINK_SOURCE tag is set to YES and SOURCE_BROWSER tag is set +# to YES then the hyperlinks from functions in REFERENCES_RELATION and +# REFERENCED_BY_RELATION lists will link to the source code. Otherwise they will +# link to the documentation. +# The default value is: YES. + +REFERENCES_LINK_SOURCE = YES + +# If SOURCE_TOOLTIPS is enabled (the default) then hovering a hyperlink in the +# source code will show a tooltip with additional information such as prototype, +# brief description and links to the definition and documentation. Since this +# will make the HTML file larger and loading of large files a bit slower, you +# can opt to disable this feature. +# The default value is: YES. +# This tag requires that the tag SOURCE_BROWSER is set to YES. + +SOURCE_TOOLTIPS = YES + +# If the USE_HTAGS tag is set to YES then the references to source code will +# point to the HTML generated by the htags(1) tool instead of doxygen built-in +# source browser. The htags tool is part of GNU's global source tagging system +# (see http://www.gnu.org/software/global/global.html). You will need version +# 4.8.6 or higher. +# +# To use it do the following: +# - Install the latest version of global +# - Enable SOURCE_BROWSER and USE_HTAGS in the config file +# - Make sure the INPUT points to the root of the source tree +# - Run doxygen as normal +# +# Doxygen will invoke htags (and that will in turn invoke gtags), so these +# tools must be available from the command line (i.e. in the search path). +# +# The result: instead of the source browser generated by doxygen, the links to +# source code will now point to the output of htags. +# The default value is: NO. +# This tag requires that the tag SOURCE_BROWSER is set to YES. + +USE_HTAGS = NO + +# If the VERBATIM_HEADERS tag is set the YES then doxygen will generate a +# verbatim copy of the header file for each class for which an include is +# specified. Set to NO to disable this. +# See also: Section \class. +# The default value is: YES. + +VERBATIM_HEADERS = YES + +# If the CLANG_ASSISTED_PARSING tag is set to YES then doxygen will use the +# clang parser (see: http://clang.llvm.org/) for more accurate parsing at the +# cost of reduced performance. This can be particularly helpful with template +# rich C++ code for which doxygen's built-in parser lacks the necessary type +# information. +# Note: The availability of this option depends on whether or not doxygen was +# generated with the -Duse-libclang=ON option for CMake. +# The default value is: NO. + +CLANG_ASSISTED_PARSING = NO + +# If clang assisted parsing is enabled you can provide the compiler with command +# line options that you would normally use when invoking the compiler. Note that +# the include paths will already be set by doxygen for the files and directories +# specified with INPUT and INCLUDE_PATH. +# This tag requires that the tag CLANG_ASSISTED_PARSING is set to YES. + +CLANG_OPTIONS = + +#--------------------------------------------------------------------------- +# Configuration options related to the alphabetical class index +#--------------------------------------------------------------------------- + +# If the ALPHABETICAL_INDEX tag is set to YES, an alphabetical index of all +# compounds will be generated. Enable this if the project contains a lot of +# classes, structs, unions or interfaces. +# The default value is: YES. + +ALPHABETICAL_INDEX = YES + +# The COLS_IN_ALPHA_INDEX tag can be used to specify the number of columns in +# which the alphabetical index list will be split. +# Minimum value: 1, maximum value: 20, default value: 5. +# This tag requires that the tag ALPHABETICAL_INDEX is set to YES. + +COLS_IN_ALPHA_INDEX = 5 + +# In case all classes in a project start with a common prefix, all classes will +# be put under the same header in the alphabetical index. The IGNORE_PREFIX tag +# can be used to specify a prefix (or a list of prefixes) that should be ignored +# while generating the index headers. +# This tag requires that the tag ALPHABETICAL_INDEX is set to YES. + +IGNORE_PREFIX = + +#--------------------------------------------------------------------------- +# Configuration options related to the HTML output +#--------------------------------------------------------------------------- + +# If the GENERATE_HTML tag is set to YES, doxygen will generate HTML output +# The default value is: YES. + +GENERATE_HTML = YES + +# The HTML_OUTPUT tag is used to specify where the HTML docs will be put. If a +# relative path is entered the value of OUTPUT_DIRECTORY will be put in front of +# it. +# The default directory is: html. +# This tag requires that the tag GENERATE_HTML is set to YES. + +HTML_OUTPUT = html + +# The HTML_FILE_EXTENSION tag can be used to specify the file extension for each +# generated HTML page (for example: .htm, .php, .asp). +# The default value is: .html. +# This tag requires that the tag GENERATE_HTML is set to YES. + +HTML_FILE_EXTENSION = .html + +# The HTML_HEADER tag can be used to specify a user-defined HTML header file for +# each generated HTML page. If the tag is left blank doxygen will generate a +# standard header. +# +# To get valid HTML the header file that includes any scripts and style sheets +# that doxygen needs, which is dependent on the configuration options used (e.g. +# the setting GENERATE_TREEVIEW). It is highly recommended to start with a +# default header using +# doxygen -w html new_header.html new_footer.html new_stylesheet.css +# YourConfigFile +# and then modify the file new_header.html. See also section "Doxygen usage" +# for information on how to generate the default header that doxygen normally +# uses. +# Note: The header is subject to change so you typically have to regenerate the +# default header when upgrading to a newer version of doxygen. For a description +# of the possible markers and block names see the documentation. +# This tag requires that the tag GENERATE_HTML is set to YES. + +HTML_HEADER = + +# The HTML_FOOTER tag can be used to specify a user-defined HTML footer for each +# generated HTML page. If the tag is left blank doxygen will generate a standard +# footer. See HTML_HEADER for more information on how to generate a default +# footer and what special commands can be used inside the footer. See also +# section "Doxygen usage" for information on how to generate the default footer +# that doxygen normally uses. +# This tag requires that the tag GENERATE_HTML is set to YES. + +HTML_FOOTER = + +# The HTML_STYLESHEET tag can be used to specify a user-defined cascading style +# sheet that is used by each HTML page. It can be used to fine-tune the look of +# the HTML output. If left blank doxygen will generate a default style sheet. +# See also section "Doxygen usage" for information on how to generate the style +# sheet that doxygen normally uses. +# Note: It is recommended to use HTML_EXTRA_STYLESHEET instead of this tag, as +# it is more robust and this tag (HTML_STYLESHEET) will in the future become +# obsolete. +# This tag requires that the tag GENERATE_HTML is set to YES. + +HTML_STYLESHEET = + +# The HTML_EXTRA_STYLESHEET tag can be used to specify additional user-defined +# cascading style sheets that are included after the standard style sheets +# created by doxygen. Using this option one can overrule certain style aspects. +# This is preferred over using HTML_STYLESHEET since it does not replace the +# standard style sheet and is therefore more robust against future updates. +# Doxygen will copy the style sheet files to the output directory. +# Note: The order of the extra style sheet files is of importance (e.g. the last +# style sheet in the list overrules the setting of the previous ones in the +# list). For an example see the documentation. +# This tag requires that the tag GENERATE_HTML is set to YES. + +HTML_EXTRA_STYLESHEET = + +# The HTML_EXTRA_FILES tag can be used to specify one or more extra images or +# other source files which should be copied to the HTML output directory. Note +# that these files will be copied to the base HTML output directory. Use the +# $relpath^ marker in the HTML_HEADER and/or HTML_FOOTER files to load these +# files. In the HTML_STYLESHEET file, use the file name only. Also note that the +# files will be copied as-is; there are no commands or markers available. +# This tag requires that the tag GENERATE_HTML is set to YES. + +HTML_EXTRA_FILES = + +# The HTML_COLORSTYLE_HUE tag controls the color of the HTML output. Doxygen +# will adjust the colors in the style sheet and background images according to +# this color. Hue is specified as an angle on a colorwheel, see +# http://en.wikipedia.org/wiki/Hue for more information. For instance the value +# 0 represents red, 60 is yellow, 120 is green, 180 is cyan, 240 is blue, 300 +# purple, and 360 is red again. +# Minimum value: 0, maximum value: 359, default value: 220. +# This tag requires that the tag GENERATE_HTML is set to YES. + +HTML_COLORSTYLE_HUE = 220 + +# The HTML_COLORSTYLE_SAT tag controls the purity (or saturation) of the colors +# in the HTML output. For a value of 0 the output will use grayscales only. A +# value of 255 will produce the most vivid colors. +# Minimum value: 0, maximum value: 255, default value: 100. +# This tag requires that the tag GENERATE_HTML is set to YES. + +HTML_COLORSTYLE_SAT = 100 + +# The HTML_COLORSTYLE_GAMMA tag controls the gamma correction applied to the +# luminance component of the colors in the HTML output. Values below 100 +# gradually make the output lighter, whereas values above 100 make the output +# darker. The value divided by 100 is the actual gamma applied, so 80 represents +# a gamma of 0.8, The value 220 represents a gamma of 2.2, and 100 does not +# change the gamma. +# Minimum value: 40, maximum value: 240, default value: 80. +# This tag requires that the tag GENERATE_HTML is set to YES. + +HTML_COLORSTYLE_GAMMA = 80 + +# If the HTML_TIMESTAMP tag is set to YES then the footer of each generated HTML +# page will contain the date and time when the page was generated. Setting this +# to YES can help to show when doxygen was last run and thus if the +# documentation is up to date. +# The default value is: NO. +# This tag requires that the tag GENERATE_HTML is set to YES. + +HTML_TIMESTAMP = NO + +# If the HTML_DYNAMIC_SECTIONS tag is set to YES then the generated HTML +# documentation will contain sections that can be hidden and shown after the +# page has loaded. +# The default value is: NO. +# This tag requires that the tag GENERATE_HTML is set to YES. + +HTML_DYNAMIC_SECTIONS = NO + +# With HTML_INDEX_NUM_ENTRIES one can control the preferred number of entries +# shown in the various tree structured indices initially; the user can expand +# and collapse entries dynamically later on. Doxygen will expand the tree to +# such a level that at most the specified number of entries are visible (unless +# a fully collapsed tree already exceeds this amount). So setting the number of +# entries 1 will produce a full collapsed tree by default. 0 is a special value +# representing an infinite number of entries and will result in a full expanded +# tree by default. +# Minimum value: 0, maximum value: 9999, default value: 100. +# This tag requires that the tag GENERATE_HTML is set to YES. + +HTML_INDEX_NUM_ENTRIES = 100 + +# If the GENERATE_DOCSET tag is set to YES, additional index files will be +# generated that can be used as input for Apple's Xcode 3 integrated development +# environment (see: http://developer.apple.com/tools/xcode/), introduced with +# OSX 10.5 (Leopard). To create a documentation set, doxygen will generate a +# Makefile in the HTML output directory. Running make will produce the docset in +# that directory and running make install will install the docset in +# ~/Library/Developer/Shared/Documentation/DocSets so that Xcode will find it at +# startup. See http://developer.apple.com/tools/creatingdocsetswithdoxygen.html +# for more information. +# The default value is: NO. +# This tag requires that the tag GENERATE_HTML is set to YES. + +GENERATE_DOCSET = NO + +# This tag determines the name of the docset feed. A documentation feed provides +# an umbrella under which multiple documentation sets from a single provider +# (such as a company or product suite) can be grouped. +# The default value is: Doxygen generated docs. +# This tag requires that the tag GENERATE_DOCSET is set to YES. + +DOCSET_FEEDNAME = "Doxygen generated docs" + +# This tag specifies a string that should uniquely identify the documentation +# set bundle. This should be a reverse domain-name style string, e.g. +# com.mycompany.MyDocSet. Doxygen will append .docset to the name. +# The default value is: org.doxygen.Project. +# This tag requires that the tag GENERATE_DOCSET is set to YES. + +DOCSET_BUNDLE_ID = org.doxygen.Project + +# The DOCSET_PUBLISHER_ID tag specifies a string that should uniquely identify +# the documentation publisher. This should be a reverse domain-name style +# string, e.g. com.mycompany.MyDocSet.documentation. +# The default value is: org.doxygen.Publisher. +# This tag requires that the tag GENERATE_DOCSET is set to YES. + +DOCSET_PUBLISHER_ID = org.doxygen.Publisher + +# The DOCSET_PUBLISHER_NAME tag identifies the documentation publisher. +# The default value is: Publisher. +# This tag requires that the tag GENERATE_DOCSET is set to YES. + +DOCSET_PUBLISHER_NAME = Publisher + +# If the GENERATE_HTMLHELP tag is set to YES then doxygen generates three +# additional HTML index files: index.hhp, index.hhc, and index.hhk. The +# index.hhp is a project file that can be read by Microsoft's HTML Help Workshop +# (see: http://www.microsoft.com/en-us/download/details.aspx?id=21138) on +# Windows. +# +# The HTML Help Workshop contains a compiler that can convert all HTML output +# generated by doxygen into a single compiled HTML file (.chm). Compiled HTML +# files are now used as the Windows 98 help format, and will replace the old +# Windows help format (.hlp) on all Windows platforms in the future. Compressed +# HTML files also contain an index, a table of contents, and you can search for +# words in the documentation. The HTML workshop also contains a viewer for +# compressed HTML files. +# The default value is: NO. +# This tag requires that the tag GENERATE_HTML is set to YES. + +GENERATE_HTMLHELP = NO + +# The CHM_FILE tag can be used to specify the file name of the resulting .chm +# file. You can add a path in front of the file if the result should not be +# written to the html output directory. +# This tag requires that the tag GENERATE_HTMLHELP is set to YES. + +CHM_FILE = + +# The HHC_LOCATION tag can be used to specify the location (absolute path +# including file name) of the HTML help compiler (hhc.exe). If non-empty, +# doxygen will try to run the HTML help compiler on the generated index.hhp. +# The file has to be specified with full path. +# This tag requires that the tag GENERATE_HTMLHELP is set to YES. + +HHC_LOCATION = + +# The GENERATE_CHI flag controls if a separate .chi index file is generated +# (YES) or that it should be included in the master .chm file (NO). +# The default value is: NO. +# This tag requires that the tag GENERATE_HTMLHELP is set to YES. + +GENERATE_CHI = NO + +# The CHM_INDEX_ENCODING is used to encode HtmlHelp index (hhk), content (hhc) +# and project file content. +# This tag requires that the tag GENERATE_HTMLHELP is set to YES. + +CHM_INDEX_ENCODING = + +# The BINARY_TOC flag controls whether a binary table of contents is generated +# (YES) or a normal table of contents (NO) in the .chm file. Furthermore it +# enables the Previous and Next buttons. +# The default value is: NO. +# This tag requires that the tag GENERATE_HTMLHELP is set to YES. + +BINARY_TOC = NO + +# The TOC_EXPAND flag can be set to YES to add extra items for group members to +# the table of contents of the HTML help documentation and to the tree view. +# The default value is: NO. +# This tag requires that the tag GENERATE_HTMLHELP is set to YES. + +TOC_EXPAND = NO + +# If the GENERATE_QHP tag is set to YES and both QHP_NAMESPACE and +# QHP_VIRTUAL_FOLDER are set, an additional index file will be generated that +# can be used as input for Qt's qhelpgenerator to generate a Qt Compressed Help +# (.qch) of the generated HTML documentation. +# The default value is: NO. +# This tag requires that the tag GENERATE_HTML is set to YES. + +GENERATE_QHP = NO + +# If the QHG_LOCATION tag is specified, the QCH_FILE tag can be used to specify +# the file name of the resulting .qch file. The path specified is relative to +# the HTML output folder. +# This tag requires that the tag GENERATE_QHP is set to YES. + +QCH_FILE = + +# The QHP_NAMESPACE tag specifies the namespace to use when generating Qt Help +# Project output. For more information please see Qt Help Project / Namespace +# (see: http://qt-project.org/doc/qt-4.8/qthelpproject.html#namespace). +# The default value is: org.doxygen.Project. +# This tag requires that the tag GENERATE_QHP is set to YES. + +QHP_NAMESPACE = org.doxygen.Project + +# The QHP_VIRTUAL_FOLDER tag specifies the namespace to use when generating Qt +# Help Project output. For more information please see Qt Help Project / Virtual +# Folders (see: http://qt-project.org/doc/qt-4.8/qthelpproject.html#virtual- +# folders). +# The default value is: doc. +# This tag requires that the tag GENERATE_QHP is set to YES. + +QHP_VIRTUAL_FOLDER = doc + +# If the QHP_CUST_FILTER_NAME tag is set, it specifies the name of a custom +# filter to add. For more information please see Qt Help Project / Custom +# Filters (see: http://qt-project.org/doc/qt-4.8/qthelpproject.html#custom- +# filters). +# This tag requires that the tag GENERATE_QHP is set to YES. + +QHP_CUST_FILTER_NAME = + +# The QHP_CUST_FILTER_ATTRS tag specifies the list of the attributes of the +# custom filter to add. For more information please see Qt Help Project / Custom +# Filters (see: http://qt-project.org/doc/qt-4.8/qthelpproject.html#custom- +# filters). +# This tag requires that the tag GENERATE_QHP is set to YES. + +QHP_CUST_FILTER_ATTRS = + +# The QHP_SECT_FILTER_ATTRS tag specifies the list of the attributes this +# project's filter section matches. Qt Help Project / Filter Attributes (see: +# http://qt-project.org/doc/qt-4.8/qthelpproject.html#filter-attributes). +# This tag requires that the tag GENERATE_QHP is set to YES. + +QHP_SECT_FILTER_ATTRS = + +# The QHG_LOCATION tag can be used to specify the location of Qt's +# qhelpgenerator. If non-empty doxygen will try to run qhelpgenerator on the +# generated .qhp file. +# This tag requires that the tag GENERATE_QHP is set to YES. + +QHG_LOCATION = + +# If the GENERATE_ECLIPSEHELP tag is set to YES, additional index files will be +# generated, together with the HTML files, they form an Eclipse help plugin. To +# install this plugin and make it available under the help contents menu in +# Eclipse, the contents of the directory containing the HTML and XML files needs +# to be copied into the plugins directory of eclipse. The name of the directory +# within the plugins directory should be the same as the ECLIPSE_DOC_ID value. +# After copying Eclipse needs to be restarted before the help appears. +# The default value is: NO. +# This tag requires that the tag GENERATE_HTML is set to YES. + +GENERATE_ECLIPSEHELP = NO + +# A unique identifier for the Eclipse help plugin. When installing the plugin +# the directory name containing the HTML and XML files should also have this +# name. Each documentation set should have its own identifier. +# The default value is: org.doxygen.Project. +# This tag requires that the tag GENERATE_ECLIPSEHELP is set to YES. + +ECLIPSE_DOC_ID = org.doxygen.Project + +# If you want full control over the layout of the generated HTML pages it might +# be necessary to disable the index and replace it with your own. The +# DISABLE_INDEX tag can be used to turn on/off the condensed index (tabs) at top +# of each HTML page. A value of NO enables the index and the value YES disables +# it. Since the tabs in the index contain the same information as the navigation +# tree, you can set this option to YES if you also set GENERATE_TREEVIEW to YES. +# The default value is: NO. +# This tag requires that the tag GENERATE_HTML is set to YES. + +DISABLE_INDEX = NO + +# The GENERATE_TREEVIEW tag is used to specify whether a tree-like index +# structure should be generated to display hierarchical information. If the tag +# value is set to YES, a side panel will be generated containing a tree-like +# index structure (just like the one that is generated for HTML Help). For this +# to work a browser that supports JavaScript, DHTML, CSS and frames is required +# (i.e. any modern browser). Windows users are probably better off using the +# HTML help feature. Via custom style sheets (see HTML_EXTRA_STYLESHEET) one can +# further fine-tune the look of the index. As an example, the default style +# sheet generated by doxygen has an example that shows how to put an image at +# the root of the tree instead of the PROJECT_NAME. Since the tree basically has +# the same information as the tab index, you could consider setting +# DISABLE_INDEX to YES when enabling this option. +# The default value is: NO. +# This tag requires that the tag GENERATE_HTML is set to YES. + +GENERATE_TREEVIEW = NO + +# The ENUM_VALUES_PER_LINE tag can be used to set the number of enum values that +# doxygen will group on one line in the generated HTML documentation. +# +# Note that a value of 0 will completely suppress the enum values from appearing +# in the overview section. +# Minimum value: 0, maximum value: 20, default value: 4. +# This tag requires that the tag GENERATE_HTML is set to YES. + +ENUM_VALUES_PER_LINE = 4 + +# If the treeview is enabled (see GENERATE_TREEVIEW) then this tag can be used +# to set the initial width (in pixels) of the frame in which the tree is shown. +# Minimum value: 0, maximum value: 1500, default value: 250. +# This tag requires that the tag GENERATE_HTML is set to YES. + +TREEVIEW_WIDTH = 250 + +# If the EXT_LINKS_IN_WINDOW option is set to YES, doxygen will open links to +# external symbols imported via tag files in a separate window. +# The default value is: NO. +# This tag requires that the tag GENERATE_HTML is set to YES. + +EXT_LINKS_IN_WINDOW = NO + +# Use this tag to change the font size of LaTeX formulas included as images in +# the HTML documentation. When you change the font size after a successful +# doxygen run you need to manually remove any form_*.png images from the HTML +# output directory to force them to be regenerated. +# Minimum value: 8, maximum value: 50, default value: 10. +# This tag requires that the tag GENERATE_HTML is set to YES. + +FORMULA_FONTSIZE = 10 + +# Use the FORMULA_TRANPARENT tag to determine whether or not the images +# generated for formulas are transparent PNGs. Transparent PNGs are not +# supported properly for IE 6.0, but are supported on all modern browsers. +# +# Note that when changing this option you need to delete any form_*.png files in +# the HTML output directory before the changes have effect. +# The default value is: YES. +# This tag requires that the tag GENERATE_HTML is set to YES. + +FORMULA_TRANSPARENT = YES + +# Enable the USE_MATHJAX option to render LaTeX formulas using MathJax (see +# http://www.mathjax.org) which uses client side Javascript for the rendering +# instead of using pre-rendered bitmaps. Use this if you do not have LaTeX +# installed or if you want to formulas look prettier in the HTML output. When +# enabled you may also need to install MathJax separately and configure the path +# to it using the MATHJAX_RELPATH option. +# The default value is: NO. +# This tag requires that the tag GENERATE_HTML is set to YES. + +USE_MATHJAX = NO + +# When MathJax is enabled you can set the default output format to be used for +# the MathJax output. See the MathJax site (see: +# http://docs.mathjax.org/en/latest/output.html) for more details. +# Possible values are: HTML-CSS (which is slower, but has the best +# compatibility), NativeMML (i.e. MathML) and SVG. +# The default value is: HTML-CSS. +# This tag requires that the tag USE_MATHJAX is set to YES. + +MATHJAX_FORMAT = HTML-CSS + +# When MathJax is enabled you need to specify the location relative to the HTML +# output directory using the MATHJAX_RELPATH option. The destination directory +# should contain the MathJax.js script. For instance, if the mathjax directory +# is located at the same level as the HTML output directory, then +# MATHJAX_RELPATH should be ../mathjax. The default value points to the MathJax +# Content Delivery Network so you can quickly see the result without installing +# MathJax. However, it is strongly recommended to install a local copy of +# MathJax from http://www.mathjax.org before deployment. +# The default value is: http://cdn.mathjax.org/mathjax/latest. +# This tag requires that the tag USE_MATHJAX is set to YES. + +MATHJAX_RELPATH = http://cdn.mathjax.org/mathjax/latest + +# The MATHJAX_EXTENSIONS tag can be used to specify one or more MathJax +# extension names that should be enabled during MathJax rendering. For example +# MATHJAX_EXTENSIONS = TeX/AMSmath TeX/AMSsymbols +# This tag requires that the tag USE_MATHJAX is set to YES. + +MATHJAX_EXTENSIONS = + +# The MATHJAX_CODEFILE tag can be used to specify a file with javascript pieces +# of code that will be used on startup of the MathJax code. See the MathJax site +# (see: http://docs.mathjax.org/en/latest/output.html) for more details. For an +# example see the documentation. +# This tag requires that the tag USE_MATHJAX is set to YES. + +MATHJAX_CODEFILE = + +# When the SEARCHENGINE tag is enabled doxygen will generate a search box for +# the HTML output. The underlying search engine uses javascript and DHTML and +# should work on any modern browser. Note that when using HTML help +# (GENERATE_HTMLHELP), Qt help (GENERATE_QHP), or docsets (GENERATE_DOCSET) +# there is already a search function so this one should typically be disabled. +# For large projects the javascript based search engine can be slow, then +# enabling SERVER_BASED_SEARCH may provide a better solution. It is possible to +# search using the keyboard; to jump to the search box use + S +# (what the is depends on the OS and browser, but it is typically +# , /
+ + +
From 9a353d0b6d23a6d8306040f61a2d1af0a93d40ac Mon Sep 17 00:00:00 2001 From: Isaac Connor Date: Mon, 24 Jun 2019 11:44:21 -0400 Subject: [PATCH 278/922] don't set frame size --- src/zm_videostore.cpp | 16 +++++++--------- 1 file changed, 7 insertions(+), 9 deletions(-) diff --git a/src/zm_videostore.cpp b/src/zm_videostore.cpp index ed4365cc5..0e34418f1 100644 --- a/src/zm_videostore.cpp +++ b/src/zm_videostore.cpp @@ -285,8 +285,8 @@ VideoStore::VideoStore( video_last_pts = 0; video_last_dts = 0; - video_first_pts = 0; - video_first_dts = 0; + audio_first_pts = 0; + audio_first_dts = 0; audio_next_pts = 0; audio_next_dts = 0; @@ -371,8 +371,6 @@ VideoStore::VideoStore( audio_out_ctx->codec_tag = 0; #endif - audio_out_ctx->frame_size = audio_in_ctx->frame_size; - if ( audio_out_ctx->channels > 1 ) { Warning("Audio isn't mono, changing it."); audio_out_ctx->channels = 1; @@ -1019,7 +1017,7 @@ int VideoStore::writeAudioFramePacket(AVPacket *ipkt) { Debug(1, "No video_first_pts setting to %" PRId64, audio_first_pts); out_frame->pts = 0; } else { - out_frame->pts = out_frame->pts - video_first_pts; + out_frame->pts = out_frame->pts - audio_first_pts; zm_dump_frame(out_frame, "Out frame after pts adjustment"); } // @@ -1102,7 +1100,7 @@ int VideoStore::writeAudioFramePacket(AVPacket *ipkt) { audio_in_stream->time_base, audio_out_stream->time_base); Debug(2, "audio opkt.pts = %" PRId64 " from ipkt->pts(%" PRId64 ") - first_pts(%" PRId64 ")", - opkt.pts, ipkt->pts, video_first_pts); + opkt.pts, ipkt->pts, audio_first_pts); } } else { Debug(2, "opkt.pts = undef"); @@ -1120,16 +1118,16 @@ int VideoStore::writeAudioFramePacket(AVPacket *ipkt) { opkt.dts = audio_next_dts + av_rescale_q( audio_in_stream->cur_dts - audio_last_dts, AV_TIME_BASE_Q, audio_out_stream->time_base); } #endif - if ( !video_first_dts ) { + if ( !audio_first_dts ) { opkt.dts = 0; - video_first_dts = ipkt->dts; + audio_first_dts = ipkt->dts; } else { opkt.dts = av_rescale_q( ipkt->dts - audio_first_dts, audio_in_stream->time_base, audio_out_stream->time_base); Debug(2, "opkt.dts = %" PRId64 " from ipkt.dts(%" PRId64 ") - first_dts(%" PRId64 ")", - opkt.dts, ipkt->dts, video_first_dts); + opkt.dts, ipkt->dts, audio_first_dts); } audio_last_dts = ipkt->dts; } else { From 46c19c7efbf74a708da04c2eb03625ee376b215f Mon Sep 17 00:00:00 2001 From: Tom Hodder Date: Mon, 24 Jun 2019 16:45:40 +0100 Subject: [PATCH 279/922] fix for zone overlay scaling issues in montage (#2643) * remove extra px in svg tag * add js method to track liveStream img size for zones * switch to using SVG scaling to deal with zone polygons * update jsdoc for eslint * fix blank lines eslint issue --- web/skins/classic/views/js/montage.js | 26 ++++++++++++-------------- web/skins/classic/views/montage.php | 4 ++-- 2 files changed, 14 insertions(+), 16 deletions(-) diff --git a/web/skins/classic/views/js/montage.js b/web/skins/classic/views/js/montage.js index 23d2f32ec..1599e0dd7 100644 --- a/web/skins/classic/views/js/montage.js +++ b/web/skins/classic/views/js/montage.js @@ -204,7 +204,13 @@ function Monitor(monitorData) { } } // end function Monitor +/** + * called when the layoutControl select element is changed, or the page + * is rendered + * @param {*} element - the event data passed by onchange callback + */ function selectLayout(element) { + console.dir(element); layout = $j(element).val(); if ( layout_id = parseInt(layout) ) { @@ -266,14 +272,13 @@ function selectLayout(element) { } streamImg.style.width = '100%'; } - var zonesSVG = $('zones'+monitor.id); - if ( zonesSVG ) { - zonesSVG.style.width = ''; - } } // end foreach monitor } } // end function selectLayout(element) +/** + * called when the widthControl|heightControl select elements are changed + */ function changeSize() { var width = $('width').get('value'); var height = $('height').get('value'); @@ -309,11 +314,6 @@ function changeSize() { streamImg.style.height = height ? height : null; //streamImg.style.height = ''; } - var zonesSVG = $('zones'+monitor.id); - if ( zonesSVG ) { - zonesSVG.style.width = width ? width : '100%'; - zonesSVG.style.height = height; - } } $('scale').set('value', ''); Cookie.write('zmMontageScale', '', {duration: 10*365}); @@ -322,6 +322,9 @@ function changeSize() { selectLayout('#zmMontageLayout'); } // end function changeSize() +/** + * called when the scaleControl select element is changed + */ function changeScale() { var scale = $('scale').get('value'); $('width').set('value', 'auto'); @@ -367,11 +370,6 @@ function changeScale() { streamImg.style.width = newWidth + "px"; streamImg.style.height = newHeight + "px"; } - var zonesSVG = $('zones'+monitor.id); - if ( zonesSVG ) { - zonesSVG.style.width = newWidth + "px"; - zonesSVG.style.height = newHeight + "px"; - } } } diff --git a/web/skins/classic/views/montage.php b/web/skins/classic/views/montage.php index 6527a6e8f..d8bd27ae6 100644 --- a/web/skins/classic/views/montage.php +++ b/web/skins/classic/views/montage.php @@ -43,6 +43,7 @@ $widths = array( $heights = array( 'auto' => 'auto', '240px' => '240px', + '320px' => '320px', '480px' => '480px', '720px' => '720px', '1080px' => '1080px', @@ -256,7 +257,6 @@ foreach ( $monitors as $monitor ) { if ( $scale ) { limitPoints($row['Points'], 0, 0, $monitor->Width(), $monitor->Height()); - scalePoints($row['Points'], $scale); } else { limitPoints($row['Points'], 0, 0, ( $width ? $width-1 : $monitor->Width()-1 ), @@ -269,7 +269,7 @@ foreach ( $monitors as $monitor ) { } // end foreach Zone ?> - + '; From 1815bf18a988adfe0279a687ac84379b9cf81a3d Mon Sep 17 00:00:00 2001 From: Isaac Connor Date: Mon, 24 Jun 2019 11:50:58 -0400 Subject: [PATCH 280/922] Add support for specifying PPA --- utils/do_debian_package.sh | 48 +++++++++++++++++++++++--------------- 1 file changed, 29 insertions(+), 19 deletions(-) diff --git a/utils/do_debian_package.sh b/utils/do_debian_package.sh index a825d0b62..ba6bd198b 100755 --- a/utils/do_debian_package.sh +++ b/utils/do_debian_package.sh @@ -23,6 +23,10 @@ case $i in INTERACTIVE="${i#*=}" shift # past argument=value ;; + -p=*|--ppa=*) + PPA="${i#*=}" + shift # past argument=value + ;; -r=*|--release=*) RELEASE="${i#*=}" shift @@ -108,6 +112,23 @@ else fi; fi +if [ "$PPA" == "" ]; then + if [ "$RELEASE" != "" ]; then + # We need to use our official tarball for the original source, so grab it and overwrite our generated one. + IFS='.' read -r -a VERSION <<< "$RELEASE" + if [ "${VERSION[0]}.${VERSION[1]}" == "1.30" ]; then + PPA="ppa:iconnor/zoneminder-stable" + else + PPA="ppa:iconnor/zoneminder-${VERSION[0]}.${VERSION[1]}" + fi; + else + if [ "$BRANCH" == "" ]; then + PPA="ppa:iconnor/zoneminder-master"; + else + PPA="ppa:iconnor/zoneminder-$BRANCH"; + fi; + fi; +fi; # Instead of cloning from github each time, if we have a fork lying around, update it and pull from there instead. if [ ! -d "${GITHUB_FORK}_zoneminder_release" ]; then @@ -261,9 +282,9 @@ if [ $TYPE == "binary" ]; then if [ "$INTERACTIVE" != "no" ]; then read -p "Not doing dput since it's a binary release. Do you want to install it? (Y/N)" if [[ $REPLY == [yY] ]]; then - sudo dpkg -i $DIRECTORY*.deb + sudo dpkg -i $DIRECTORY*.deb else - echo $REPLY; + echo $REPLY; fi; if [ "$DISTRO" == "jessie" ]; then read -p "Do you want to upload this binary to zmrepo? (y/N)" @@ -282,25 +303,14 @@ if [ $TYPE == "binary" ]; then fi; else SC="zoneminder_${VERSION}-${DISTRO}${PACKAGE_VERSION}_source.changes"; - PPA=""; - if [ "$RELEASE" != "" ]; then - PPA="ppa:iconnor/zoneminder"; - else - if [ "$BRANCH" == "" ]; then - PPA="ppa:iconnor/zoneminder-master"; - else - PPA="ppa:iconnor/zoneminder-$BRANCH"; - fi; - fi; - dput="Y"; if [ "$INTERACTIVE" != "no" ]; then - echo "Ready to dput $SC to $PPA ? Y/N..."; - read dput - fi - if [ "$dput" == [Yy] ]; then + read -p "Ready to dput $SC to $PPA ? Y/N..."; + if [[ "$REPLY" == [yY] ]]; then + dput $PPA $SC + fi; + else + echo "dputting to $PPA"; dput $PPA $SC fi; fi; - - From 7914583a9e982a7623aea7f0c01bf02481ac07e7 Mon Sep 17 00:00:00 2001 From: Isaac Connor Date: Mon, 24 Jun 2019 11:50:58 -0400 Subject: [PATCH 281/922] Add support for specifying PPA --- utils/do_debian_package.sh | 32 +++++++++++++++++++------------- 1 file changed, 19 insertions(+), 13 deletions(-) diff --git a/utils/do_debian_package.sh b/utils/do_debian_package.sh index 0b9e18ee7..fc1eaaeff 100755 --- a/utils/do_debian_package.sh +++ b/utils/do_debian_package.sh @@ -30,6 +30,10 @@ case $i in INTERACTIVE="${i#*=}" shift # past argument=value ;; + -p=*|--ppa=*) + PPA="${i#*=}" + shift # past argument=value + ;; -r=*|--release=*) RELEASE="${i#*=}" shift @@ -120,20 +124,21 @@ else fi; fi -PPA=""; -if [ "$RELEASE" != "" ]; then - # We need to use our official tarball for the original source, so grab it and overwrite our generated one. - IFS='.' read -r -a VERSION <<< "$RELEASE" - if [ "${VERSION[0]}.${VERSION[1]}" == "1.30" ]; then - PPA="ppa:iconnor/zoneminder-stable" +if [ "$PPA" == "" ]; then + if [ "$RELEASE" != "" ]; then + # We need to use our official tarball for the original source, so grab it and overwrite our generated one. + IFS='.' read -r -a VERSION <<< "$RELEASE" + if [ "${VERSION[0]}.${VERSION[1]}" == "1.30" ]; then + PPA="ppa:iconnor/zoneminder-stable" + else + PPA="ppa:iconnor/zoneminder-${VERSION[0]}.${VERSION[1]}" + fi; else - PPA="ppa:iconnor/zoneminder-${VERSION[0]}.${VERSION[1]}" - fi; -else - if [ "$BRANCH" == "" ]; then - PPA="ppa:iconnor/zoneminder-master"; - else - PPA="ppa:iconnor/zoneminder-$BRANCH"; + if [ "$BRANCH" == "" ]; then + PPA="ppa:iconnor/zoneminder-master"; + else + PPA="ppa:iconnor/zoneminder-$BRANCH"; + fi; fi; fi; @@ -327,6 +332,7 @@ EOF dput $PPA $SC fi; else + echo "dputting to $PPA"; dput $PPA $SC fi; fi; From ee19322e11fdb89ed83cb9121c70a6dfe51d01e9 Mon Sep 17 00:00:00 2001 From: Isaac Connor Date: Mon, 24 Jun 2019 11:57:52 -0400 Subject: [PATCH 282/922] update do_debian_package from storageareas --- utils/do_debian_package.sh | 277 +++++++++++++++++++++---------------- 1 file changed, 155 insertions(+), 122 deletions(-) diff --git a/utils/do_debian_package.sh b/utils/do_debian_package.sh index ba6bd198b..fc1eaaeff 100755 --- a/utils/do_debian_package.sh +++ b/utils/do_debian_package.sh @@ -8,6 +8,13 @@ exit; fi +DEBUILD=`which debuild`; + +if [ "$DEBUILD" == "" ]; then + echo "You must install the devscripts package. Try sudo apt-get install devscripts"; + exit; +fi + for i in "$@" do case $i in @@ -16,7 +23,7 @@ case $i in shift # past argument=value ;; -d=*|--distro=*) - DISTRO="${i#*=}" + DISTROS="${i#*=}" shift # past argument=value ;; -i=*|--interactive=*) @@ -71,11 +78,15 @@ else echo "Doing $TYPE build" fi; -if [ "$DISTRO" == "" ]; then - DISTRO=`lsb_release -a 2>/dev/null | grep Codename | awk '{print $2}'`; - echo "Defaulting to $DISTRO for distribution"; +if [ "$DISTROS" == "" ]; then + if [ "$RELEASE" != "" ]; then + DISTROS="xenial,bionic,cosmic,disco,trusty" + else + DISTROS=`lsb_release -a 2>/dev/null | grep Codename | awk '{print $2}'`; + fi; + echo "Defaulting to $DISTROS for distribution"; else - echo "Building for $DISTRO"; + echo "Building for $DISTROS"; fi; # Release is a special mode... it uploads to the release ppa and cannot have a snapshot @@ -90,7 +101,8 @@ if [ "$RELEASE" != "" ]; then else GITHUB_FORK="ZoneMinder"; fi - BRANCH="release-$RELEASE" + # We use a tag instead of a branch atm. + BRANCH=$RELEASE else if [ "$GITHUB_FORK" == "" ]; then echo "Defaulting to ZoneMinder upstream git" @@ -167,6 +179,11 @@ if [ "$SNAPSHOT" != "stable" ] && [ "$SNAPSHOT" != "" ]; then fi; DIRECTORY="zoneminder_$VERSION"; +if [ -d "$DIRECTORY.orig" ]; then + echo "$DIRECTORY.orig already exists. Please delete it." + exit 0; +fi; + echo "Doing $TYPE release $DIRECTORY"; mv "${GITHUB_FORK}_zoneminder_release" "$DIRECTORY.orig"; if [ $? -ne 0 ]; then @@ -174,102 +191,153 @@ if [ $? -ne 0 ]; then echo "Setting up build dir failed."; exit $?; fi; + cd "$DIRECTORY.orig"; +# Init submodules git submodule init git submodule update --init --recursive -if [ "$DISTRO" == "trusty" ] || [ "$DISTRO" == "precise" ]; then - mv distros/ubuntu1204 debian -else - if [ "$DISTRO" == "wheezy" ]; then - mv distros/debian debian - else - mv distros/ubuntu1604 debian - fi; -fi; - -if [ "$DEBEMAIL" != "" ] && [ "$DEBFULLNAME" != "" ]; then - AUTHOR="$DEBFULLNAME <$DEBEMAIL>" -else - if [ -z `hostname -d` ] ; then - AUTHOR="`getent passwd $USER | cut -d ':' -f 5 | cut -d ',' -f 1` <`whoami`@`hostname`.local>" - else - AUTHOR="`getent passwd $USER | cut -d ':' -f 5 | cut -d ',' -f 1` <`whoami`@`hostname`>" - fi -fi - -if [ "$URGENCY" = "" ]; then - URGENCY="medium" -fi; - -if [ "$SNAPSHOT" == "stable" ]; then -cat < debian/changelog -zoneminder ($VERSION-$DISTRO${PACKAGE_VERSION}) $DISTRO; urgency=$URGENCY - - * Release $VERSION - - -- $AUTHOR $DATE - -EOF -cat < debian/NEWS -zoneminder ($VERSION-$DISTRO${PACKAGE_VERSION}) $DISTRO; urgency=$URGENCY - - * Release $VERSION - - -- $AUTHOR $DATE -EOF -else -cat < debian/changelog -zoneminder ($VERSION-$DISTRO${PACKAGE_VERSION}) $DISTRO; urgency=$URGENCY - - * - - -- $AUTHOR $DATE -EOF -cat < debian/changelog -zoneminder ($VERSION-$DISTRO${PACKAGE_VERSION}) $DISTRO; urgency=$URGENCY - - * - - -- $AUTHOR $DATE -EOF -fi; +# Cleanup rm -rf .git rm .gitignore cd ../ -tar zcf $DIRECTORY.orig.tar.gz $DIRECTORY.orig -cd $DIRECTORY.orig -if [ $TYPE == "binary" ]; then - # Auto-install all ZoneMinder's depedencies using the Debian control file - sudo apt-get install devscripts equivs - sudo mk-build-deps -ir ./debian/control - echo "Status: $?" - DEBUILD=debuild -else - if [ $TYPE == "local" ]; then +if [ ! -e "$DIRECTORY.orig.tar.gz" ]; then + tar zcf $DIRECTORY.orig.tar.gz $DIRECTORY.orig +fi; + +IFS=',' ;for DISTRO in `echo "$DISTROS"`; do + echo "Generating package for $DISTRO"; + cd $DIRECTORY.orig + + if [ -e "debian" ]; then + rm -rf debian + fi; + + # Generate Changlog + if [ "$DISTRO" == "trusty" ] || [ "$DISTRO" == "precise" ]; then + cp -Rpd distros/ubuntu1204 debian + else + if [ "$DISTRO" == "wheezy" ]; then + cp -Rpd distros/debian debian + else + cp -Rpd distros/ubuntu1604 debian + fi; + fi; + + if [ "$DEBEMAIL" != "" ] && [ "$DEBFULLNAME" != "" ]; then + AUTHOR="$DEBFULLNAME <$DEBEMAIL>" + else + if [ -z `hostname -d` ] ; then + AUTHOR="`getent passwd $USER | cut -d ':' -f 5 | cut -d ',' -f 1` <`whoami`@`hostname`.local>" + else + AUTHOR="`getent passwd $USER | cut -d ':' -f 5 | cut -d ',' -f 1` <`whoami`@`hostname`>" + fi + fi + + if [ "$URGENCY" = "" ]; then + URGENCY="medium" + fi; + + if [ "$SNAPSHOT" == "stable" ]; then + cat < debian/changelog +zoneminder ($VERSION-$DISTRO${PACKAGE_VERSION}) $DISTRO; urgency=$URGENCY + + * Release $VERSION + + -- $AUTHOR $DATE + +EOF + cat < debian/NEWS +zoneminder ($VERSION-$DISTRO${PACKAGE_VERSION}) $DISTRO; urgency=$URGENCY + + * Release $VERSION + + -- $AUTHOR $DATE +EOF + else + cat < debian/changelog +zoneminder ($VERSION-$DISTRO${PACKAGE_VERSION}) $DISTRO; urgency=$URGENCY + + * + + -- $AUTHOR $DATE +EOF + cat < debian/changelog +zoneminder ($VERSION-$DISTRO${PACKAGE_VERSION}) $DISTRO; urgency=$URGENCY + + * + + -- $AUTHOR $DATE +EOF + fi; + + if [ $TYPE == "binary" ]; then # Auto-install all ZoneMinder's depedencies using the Debian control file sudo apt-get install devscripts equivs sudo mk-build-deps -ir ./debian/control echo "Status: $?" - DEBUILD="debuild -i -us -uc -b" - else - # Source build, don't need build depends. - DEBUILD="debuild -S -sa" + DEBUILD=debuild + else + if [ $TYPE == "local" ]; then + # Auto-install all ZoneMinder's depedencies using the Debian control file + sudo apt-get install devscripts equivs + sudo mk-build-deps -ir ./debian/control + echo "Status: $?" + DEBUILD="debuild -i -us -uc -b" + else + # Source build, don't need build depends. + DEBUILD="debuild -S -sa" + fi; + fi; + if [ "$DEBSIGN_KEYID" != "" ]; then + DEBUILD="$DEBUILD -k$DEBSIGN_KEYID" + fi + eval $DEBUILD + if [ $? -ne 0 ]; then + echo "Error status code is: $?" + echo "Build failed."; + exit $?; fi; -fi; -if [ "$DEBSIGN_KEYID" != "" ]; then - DEBUILD="$DEBUILD -k$DEBSIGN_KEYID" -fi -$DEBUILD -if [ $? -ne 0 ]; then -echo "Error status code is: $?" - echo "Build failed."; - exit $?; -fi; -cd ../ + cd ../ + + if [ $TYPE == "binary" ]; then + if [ "$INTERACTIVE" != "no" ]; then + read -p "Not doing dput since it's a binary release. Do you want to install it? (y/N)" + if [[ $REPLY == [yY] ]]; then + sudo dpkg -i $DIRECTORY*.deb + fi; + read -p "Do you want to upload this binary to zmrepo? (y/N)" + if [[ $REPLY == [yY] ]]; then + if [ "$RELEASE" != "" ]; then + scp "zoneminder_${VERSION}-${DISTRO}"* "zoneminder-doc_${VERSION}-${DISTRO}"* "zoneminder-dbg_${VERSION}-${DISTRO}"* "zoneminder_${VERSION}.orig.tar.gz" "zmrepo@zmrepo.connortechnology.com:debian/stable/mini-dinstall/incoming/" + else + if [ "$BRANCH" == "" ]; then + scp "zoneminder_${VERSION}-${DISTRO}"* "zoneminder-doc_${VERSION}-${DISTRO}"* "zoneminder-dbg_${VERSION}-${DISTRO}"* "zoneminder_${VERSION}.orig.tar.gz" "zmrepo@zmrepo.connortechnology.com:debian/master/mini-dinstall/incoming/" + else + scp "$DIRECTORY-${DISTRO}"* "zoneminder-doc_${VERSION}-${DISTRO}"* "zoneminder-dbg_${VERSION}-${DISTRO}"* "zoneminder_${VERSION}.orig.tar.gz" "zmrepo@zmrepo.connortechnology.com:debian/${BRANCH}/mini-dinstall/incoming/" + fi; + fi; + fi; + fi; + else + SC="zoneminder_${VERSION}-${DISTRO}${PACKAGE_VERSION}_source.changes"; + + dput="Y"; + if [ "$INTERACTIVE" != "no" ]; then + read -p "Ready to dput $SC to $PPA ? Y/N..."; + if [[ "$REPLY" == [yY] ]]; then + dput $PPA $SC + fi; + else + echo "dputting to $PPA"; + dput $PPA $SC + fi; + fi; +done; # foreach distro + if [ "$INTERACTIVE" != "no" ]; then read -p "Do you want to keep the checked out version of Zoneminder (incase you want to modify it later) [y/N]" [[ $REPLY == [yY] ]] && { mv "$DIRECTORY.orig" zoneminder_release; echo "The checked out copy is preserved in zoneminder_release"; } || { rm -fr "$DIRECTORY.orig"; echo "The checked out copy has been deleted"; } @@ -278,39 +346,4 @@ else rm -fr "$DIRECTORY.orig"; echo "The checked out copy has been deleted"; fi -if [ $TYPE == "binary" ]; then - if [ "$INTERACTIVE" != "no" ]; then - read -p "Not doing dput since it's a binary release. Do you want to install it? (Y/N)" - if [[ $REPLY == [yY] ]]; then - sudo dpkg -i $DIRECTORY*.deb - else - echo $REPLY; - fi; - if [ "$DISTRO" == "jessie" ]; then - read -p "Do you want to upload this binary to zmrepo? (y/N)" - if [[ $REPLY == [yY] ]]; then - if [ "$RELEASE" != "" ]; then - scp "zoneminder_${VERSION}-${DISTRO}*" "zmrepo@zmrepo.connortechnology.com:debian/stable/mini-dinstall/incoming/" - else - if [ "$BRANCH" == "" ]; then - scp "zoneminder_${VERSION}-${DISTRO}*" "zmrepo@zmrepo.connortechnology.com:debian/master/mini-dinstall/incoming/" - else - scp "$DIRECTORY-${DISTRO}*" "zmrepo@zmrepo.connortechnology.com:debian/${BRANCH}/mini-dinstall/incoming/" - fi; - fi; - fi; - fi; - fi; -else - SC="zoneminder_${VERSION}-${DISTRO}${PACKAGE_VERSION}_source.changes"; - if [ "$INTERACTIVE" != "no" ]; then - read -p "Ready to dput $SC to $PPA ? Y/N..."; - if [[ "$REPLY" == [yY] ]]; then - dput $PPA $SC - fi; - else - echo "dputting to $PPA"; - dput $PPA $SC - fi; -fi; From 8cf7563ce4abbcf88dc5ebeb2c3910c76aa0b4e2 Mon Sep 17 00:00:00 2001 From: Isaac Connor Date: Mon, 24 Jun 2019 12:00:19 -0400 Subject: [PATCH 283/922] fix merge --- utils/do_debian_package.sh | 24 +----------------------- 1 file changed, 1 insertion(+), 23 deletions(-) diff --git a/utils/do_debian_package.sh b/utils/do_debian_package.sh index ae09f98a8..7addf8362 100755 --- a/utils/do_debian_package.sh +++ b/utils/do_debian_package.sh @@ -124,7 +124,6 @@ else fi; fi -<<<<<<< HEAD if [ "$PPA" == "" ]; then if [ "$RELEASE" != "" ]; then # We need to use our official tarball for the original source, so grab it and overwrite our generated one. @@ -140,22 +139,6 @@ if [ "$PPA" == "" ]; then else PPA="ppa:iconnor/zoneminder-$BRANCH"; fi; -======= -PPA=""; -if [ "$RELEASE" != "" ]; then - # We need to use our official tarball for the original source, so grab it and overwrite our generated one. - IFS='.' read -r -a VERSION <<< "$RELEASE" - if [ "${VERSION[0]}.${VERSION[1]}" == "1.30" ]; then - PPA="ppa:iconnor/zoneminder-stable" - else - PPA="ppa:iconnor/zoneminder-${VERSION[0]}.${VERSION[1]}" - fi; -else - if [ "$BRANCH" == "" ]; then - PPA="ppa:iconnor/zoneminder-master"; - else - PPA="ppa:iconnor/zoneminder-$BRANCH"; ->>>>>>> acb95709e6cd8fdb9e76b3d58bc6f546fc6b1447 fi; fi; @@ -349,11 +332,8 @@ EOF dput $PPA $SC fi; else -<<<<<<< HEAD echo "dputting to $PPA"; -======= ->>>>>>> acb95709e6cd8fdb9e76b3d58bc6f546fc6b1447 - dput $PPA $SC + dput $PPA $SC fi; fi; done; # foreach distro @@ -365,5 +345,3 @@ if [ "$INTERACTIVE" != "no" ]; then else rm -fr "$DIRECTORY.orig"; echo "The checked out copy has been deleted"; fi - - From 2d80283844f905750899f630941245fe779733fa Mon Sep 17 00:00:00 2001 From: Isaac Connor Date: Mon, 24 Jun 2019 13:13:46 -0400 Subject: [PATCH 284/922] simplify some logic in Analyze and prevent segfault when we close continuous event to start alarm event --- src/zm_monitor.cpp | 92 +++++++++++----------------------------------- 1 file changed, 22 insertions(+), 70 deletions(-) diff --git a/src/zm_monitor.cpp b/src/zm_monitor.cpp index 2e875e885..d7349eb6b 100644 --- a/src/zm_monitor.cpp +++ b/src/zm_monitor.cpp @@ -1380,12 +1380,13 @@ bool Monitor::Analyse() { if ( trigger_data->trigger_state == TRIGGER_ON ) { score += trigger_data->trigger_score; if ( !event ) { - if ( cause.length() ) - cause += ", "; + // How could it have a length already? + //if ( cause.length() ) + //cause += ", "; cause += trigger_data->trigger_cause; } Event::StringSet noteSet; - noteSet.insert( trigger_data->trigger_text ); + noteSet.insert(trigger_data->trigger_text); noteSetMap[trigger_data->trigger_cause] = noteSet; } if ( signal_change ) { @@ -1407,7 +1408,7 @@ bool Monitor::Analyse() { cause += SIGNAL_CAUSE; } Event::StringSet noteSet; - noteSet.insert( signalText ); + noteSet.insert(signalText); noteSetMap[SIGNAL_CAUSE] = noteSet; shared_data->state = state = IDLE; shared_data->active = signal; @@ -1429,19 +1430,19 @@ bool Monitor::Analyse() { } if ( last_motion_score ) { score += last_motion_score; - if ( cause.length() ) - cause += ", "; - cause += MOTION_CAUSE; - } else { - score += last_motion_score; - } - noteSetMap[MOTION_CAUSE] = zoneSet; - } // end if motion_score - shared_data->active = signal; - } // end if signal change + if ( !event ) { + if ( cause.length() ) + cause += ", "; + cause += MOTION_CAUSE; + } + noteSetMap[MOTION_CAUSE] = zoneSet; + } // end if motion_score + //shared_data->active = signal; // unneccessary active gets set on signal change + } // end if active and doing motion detection - if ( (!signal_change) && signal) { + // Check to see if linked monitors are triggering. if ( n_linked_monitors > 0 ) { + // FIXME improve logic here bool first_link = true; Event::StringSet noteSet; for ( int i = 0; i < n_linked_monitors; i++ ) { @@ -1502,64 +1503,18 @@ bool Monitor::Analyse() { shared_data->state = state = TAPE; } - //if ( config.overlap_timed_events ) - if ( false ) { - int pre_index; - int pre_event_images = pre_event_count; - - if ( analysis_fps ) { - // If analysis fps is set, - // compute the index for pre event images in the dedicated buffer - pre_index = pre_event_buffer_count ? image_count%pre_event_buffer_count : 0; - - // Seek forward the next filled slot in to the buffer (oldest data) - // from the current position - while ( pre_event_images && !pre_event_buffer[pre_index].timestamp->tv_sec ) { - pre_index = (pre_index + 1)%pre_event_buffer_count; - // Slot is empty, removing image from counter - pre_event_images--; - } - } else { - // If analysis fps is not set (analysis performed at capturing framerate), - // compute the index for pre event images in the capturing buffer - pre_index = ((index + image_buffer_count) - pre_event_count)%image_buffer_count; - - // Seek forward the next filled slot in to the buffer (oldest data) - // from the current position - while ( pre_event_images && !image_buffer[pre_index].timestamp->tv_sec ) { - pre_index = (pre_index + 1)%image_buffer_count; - // Slot is empty, removing image from counter - pre_event_images--; - } - } - - if ( pre_event_images ) { - if ( analysis_fps ) { - for ( int i = 0; i < pre_event_images; i++ ) { - timestamps[i] = pre_event_buffer[pre_index].timestamp; - images[i] = pre_event_buffer[pre_index].image; - pre_index = (pre_index + 1)%pre_event_buffer_count; - } - } else { - for ( int i = 0; i < pre_event_images; i++ ) { - timestamps[i] = image_buffer[pre_index].timestamp; - images[i] = image_buffer[pre_index].image; - pre_index = (pre_index + 1)%image_buffer_count; - } - } - - event->AddFrames( pre_event_images, images, timestamps ); - } - } // end if false or config.overlap_timed_events } // end if ! event } // end if function == RECORD || function == MOCORD) } // end if !signal_change && signal if ( score ) { if ( state == IDLE || state == TAPE || state == PREALARM ) { + // This is so if we need more than 1 alarm frame before going into alarm, so it is basically if we have enough alarm frames if ( (!pre_event_count) || (Event::PreAlarmCount() >= alarm_frame_count) ) { // If we should end then previous continuous event and start a new non-continuous event - if ( event && event->Frames() && !event->AlarmFrames() + if ( event && event->Frames() + && (!event->AlarmFrames()) + && (event_close_mode == CLOSE_ALARM) && ( ( timestamp->tv_sec - video_store_data->recording.tv_sec ) >= min_section_length ) ) { Info("%s: %03d - Closing event %" PRIu64 ", continuous end, alarm begins", @@ -1579,14 +1534,11 @@ bool Monitor::Analyse() { strncpy(shared_data->alarm_cause,alarm_cause.c_str(), sizeof(shared_data->alarm_cause)-1); Info("%s: %03d - Gone into alarm state PreAlarmCount: %u > AlarmFrameCount:%u Cause:%s", name, image_count, Event::PreAlarmCount(), alarm_frame_count, shared_data->alarm_cause); - if ( signal_change || (function != MOCORD && state != ALERT) ) { + + if ( !event ) { int pre_index; int pre_event_images = pre_event_count; - if ( event ) { - // Shouldn't be able to happen because - Error("Creating new event when one exists"); - } if ( analysis_fps && pre_event_count ) { // If analysis fps is set, // compute the index for pre event images in the dedicated buffer From 246b4cb9d116d2c1d2907928948ef9c9ea01d307 Mon Sep 17 00:00:00 2001 From: Isaac Connor Date: Mon, 24 Jun 2019 17:22:59 -0400 Subject: [PATCH 285/922] working hwdecode --- src/zm_ffmpeg.cpp | 11 +++ src/zm_ffmpeg.h | 1 + src/zm_ffmpeg_camera.cpp | 193 ++++++++++++++++++++++++++++++++------- src/zm_ffmpeg_camera.h | 4 +- zoneminder-config.cmake | 2 +- 5 files changed, 175 insertions(+), 36 deletions(-) diff --git a/src/zm_ffmpeg.cpp b/src/zm_ffmpeg.cpp index 98509f92f..1dbf3be3b 100644 --- a/src/zm_ffmpeg.cpp +++ b/src/zm_ffmpeg.cpp @@ -284,6 +284,17 @@ static void zm_log_fps(double d, const char *postfix) { } } +void zm_dump_video_frame(const AVFrame *frame, const char *text) { + Debug(1, "%s: format %d %s %dx%d linesize:%d pts: %" PRId64, + text, + frame->format, + av_get_pix_fmt_name((AVPixelFormat)frame->format), + frame->width, + frame->height, + frame->linesize, + frame->pts + ); +} void zm_dump_frame(const AVFrame *frame,const char *text) { Debug(1, "%s: format %d %s sample_rate %" PRIu32 " nb_samples %d channels %d" " duration %" PRId64 diff --git a/src/zm_ffmpeg.h b/src/zm_ffmpeg.h index 7c4414db0..e3b8314f8 100644 --- a/src/zm_ffmpeg.h +++ b/src/zm_ffmpeg.h @@ -300,6 +300,7 @@ void zm_dump_codec(const AVCodecContext *codec); void zm_dump_codecpar(const AVCodecParameters *par); #endif void zm_dump_frame(const AVFrame *frame, const char *text="Frame"); +void zm_dump_video_frame(const AVFrame *frame, const char *text="Frame"); #if LIBAVCODEC_VERSION_CHECK(56, 8, 0, 60, 100) #define zm_av_packet_unref( packet ) av_packet_unref( packet ) diff --git a/src/zm_ffmpeg_camera.cpp b/src/zm_ffmpeg_camera.cpp index c02259561..98dfd0e4e 100644 --- a/src/zm_ffmpeg_camera.cpp +++ b/src/zm_ffmpeg_camera.cpp @@ -42,6 +42,22 @@ extern "C" { #endif +static enum AVPixelFormat hw_pix_fmt; +static enum AVPixelFormat get_hw_format( + AVCodecContext *ctx, + const enum AVPixelFormat *pix_fmts +) { + const enum AVPixelFormat *p; + + for ( p = pix_fmts; *p != -1; p++ ) { + if ( *p == hw_pix_fmt ) + return *p; + } + + Error("Failed to get HW surface format."); + return AV_PIX_FMT_NONE; +} + #if HAVE_AVUTIL_HWCONTEXT_H static AVPixelFormat get_format(AVCodecContext *avctx, const enum AVPixelFormat *pix_fmts) { while (*pix_fmts != AV_PIX_FMT_NONE) { @@ -76,7 +92,7 @@ static AVPixelFormat get_format(AVCodecContext *avctx, const enum AVPixelFormat pix_fmts++; } - Error( "The QSV pixel format not offered in get_format()"); + Error("The QSV pixel format not offered in get_format()"); return AV_PIX_FMT_NONE; } @@ -122,8 +138,8 @@ FfmpegCamera::FfmpegCamera( hwaccel = false; #if HAVE_AVUTIL_HWCONTEXT_H decode = { NULL }; - hwFrame = NULL; #endif + hwFrame = NULL; mFormatContext = NULL; mVideoStreamId = -1; @@ -250,6 +266,7 @@ int FfmpegCamera::Capture( Image &image ) { zm_av_packet_unref( &packet ); continue; } + Debug(1, "transfering from hardware"); ret = av_hwframe_transfer_data(mRawFrame, hwFrame, 0); if (ret < 0) { av_strerror( ret, errbuf, AV_ERROR_MAX_STRING_SIZE ); @@ -259,6 +276,8 @@ int FfmpegCamera::Capture( Image &image ) { } } else { #endif + + ret = avcodec_receive_frame( mVideoCodecContext, mRawFrame ); if ( ret < 0 ) { av_strerror( ret, errbuf, AV_ERROR_MAX_STRING_SIZE ); @@ -305,7 +324,7 @@ int FfmpegCamera::Capture( Image &image ) { #endif #if HAVE_LIBSWSCALE - if ( sws_scale(mConvertContext, mRawFrame->data, mRawFrame->linesize, 0, mVideoCodecContext->height, mFrame->data, mFrame->linesize) < 0 ) { + if ( sws_scale(mConvertContext, mRawFrame->data, mRawFrame->linesize, 0, mVideoCodecContext->height, mFrame->data, mFrame->linesize) <= 0 ) { Error("Unable to convert raw format %u to target format %u at frame %d", mVideoCodecContext->pix_fmt, imagePixFormat, frameCount); return -1; } @@ -331,7 +350,6 @@ int FfmpegCamera::PostCapture() { int FfmpegCamera::OpenFfmpeg() { - int ret; have_video_keyframe = false; @@ -339,7 +357,6 @@ int FfmpegCamera::OpenFfmpeg() { // Open the input, not necessarily a file #if !LIBAVFORMAT_VERSION_CHECK(53, 2, 0, 4, 0) - Debug ( 1, "Calling av_open_input_file" ); if ( av_open_input_file( &mFormatContext, mPath.c_str(), NULL, 0, NULL ) != 0 ) #else // Handle options @@ -360,7 +377,7 @@ int FfmpegCamera::OpenFfmpeg() { } else if ( method == "rtpUni" ) { ret = av_dict_set(&opts, "rtsp_transport", "udp", 0); } else { - Warning("Unknown method (%s)", method.c_str() ); + Warning("Unknown method (%s)", method.c_str()); } //#av_dict_set(&opts, "timeout", "10000000", 0); // in microseconds. @@ -518,6 +535,23 @@ int FfmpegCamera::OpenFfmpeg() { } } // end if h264 #endif + + AVHWAccel *first_hwaccel = av_hwaccel_next(NULL); + AVHWAccel *temp_hwaccel = first_hwaccel; + AVHWAccel *h264 = NULL; + const char * h264_name = "h264_vaapi"; + while ( temp_hwaccel != NULL ) { + Debug(1,"%s ", temp_hwaccel->name); + if ( strcmp(temp_hwaccel->name, h264_name) == 0 ) { + h264=temp_hwaccel; + } + temp_hwaccel = av_hwaccel_next(temp_hwaccel); + + if ( temp_hwaccel == first_hwaccel ) { + break; + } + } + if ( mVideoCodecContext->codec_id == AV_CODEC_ID_H264 ) { if ( (mVideoCodec = avcodec_find_decoder_by_name("h264_mmal")) == NULL ) { Debug(1, "Failed to find decoder (h264_mmal)" ); @@ -530,32 +564,75 @@ int FfmpegCamera::OpenFfmpeg() { // Try and get the codec from the codec context Error("Can't find codec for video stream from %s", mPath.c_str()); return -1; + } + + Debug(1, "Video Found decoder %s", mVideoCodec->name); + zm_dump_stream_format(mFormatContext, mVideoStreamId, 0, 0); + + enum AVHWDeviceType type = AV_HWDEVICE_TYPE_NONE; + while ( (type = av_hwdevice_iterate_types(type)) != AV_HWDEVICE_TYPE_NONE ) + Debug(1, "%s", av_hwdevice_get_type_name(type)); + + const char *hw_name = "vaapi"; + type = av_hwdevice_find_type_by_name(hw_name); + if ( type == AV_HWDEVICE_TYPE_NONE ) { + Debug(1,"Device type %s is not supported.", hw_name); } else { - Debug(1, "Video Found decoder %s", mVideoCodec->name); - zm_dump_stream_format(mFormatContext, mVideoStreamId, 0, 0); - // Open the codec -#if !LIBAVFORMAT_VERSION_CHECK(53, 8, 0, 8, 0) - ret = avcodec_open(mVideoCodecContext, mVideoCodec); -#else - ret = avcodec_open2(mVideoCodecContext, mVideoCodec, &opts); -#endif - AVDictionaryEntry *e = NULL; - while ( (e = av_dict_get(opts, "", e, AV_DICT_IGNORE_SUFFIX)) != NULL ) { - Warning( "Option %s not recognized by ffmpeg", e->key); - } - if ( ret < 0 ) { - Error("Unable to open codec for video stream from %s", mPath.c_str()); - av_dict_free(&opts); + Debug(1, "Found hwdevice %s", av_hwdevice_get_type_name(type)); + } + + // Get h_pix_fmt + for ( int i = 0;; i++ ) { + const AVCodecHWConfig *config = avcodec_get_hw_config(mVideoCodec, i); + if ( !config ) { + Debug(1, "Decoder %s does not support device type %s.", + mVideoCodec->name, av_hwdevice_get_type_name(type)); return -1; } - zm_dump_codec(mVideoCodecContext); + if ( (config->methods & AV_CODEC_HW_CONFIG_METHOD_HW_DEVICE_CTX ) + && (config->device_type == type) + ) { + hw_pix_fmt = config->pix_fmt; + break; + } + } // end foreach hwconfig + + mVideoCodecContext->get_format = get_hw_format; + + Debug(1, "Creating hwdevice"); + if ((ret = av_hwdevice_ctx_create(&hw_device_ctx, type, NULL, NULL, 0)) < 0) { + Error("Failed to create specified HW device."); + return -1; } + Debug(1, "Created hwdevice"); + mVideoCodecContext->hw_device_ctx = av_buffer_ref(hw_device_ctx); + hwaccel = true; + hwFrame = zm_av_frame_alloc(); + + // Open the codec +#if !LIBAVFORMAT_VERSION_CHECK(53, 8, 0, 8, 0) + ret = avcodec_open(mVideoCodecContext, mVideoCodec); +#else + ret = avcodec_open2(mVideoCodecContext, mVideoCodec, &opts); +#endif + e = NULL; + while ( (e = av_dict_get(opts, "", e, AV_DICT_IGNORE_SUFFIX)) != NULL ) { + Warning( "Option %s not recognized by ffmpeg", e->key); + } + if ( ret < 0 ) { + Error("Unable to open codec for video stream from %s", mPath.c_str()); + av_dict_free(&opts); + return -1; + } + zm_dump_codec(mVideoCodecContext); if ( mVideoCodecContext->hwaccel != NULL ) { Debug(1, "HWACCEL in use"); } else { Debug(1, "HWACCEL not in use"); } + + if ( mAudioStreamId >= 0 ) { if ( (mAudioCodec = avcodec_find_decoder( #if LIBAVCODEC_VERSION_CHECK(57, 64, 0, 64, 0) @@ -578,13 +655,13 @@ int FfmpegCamera::OpenFfmpeg() { zm_dump_stream_format(mFormatContext, mAudioStreamId, 0, 0); // Open the codec #if !LIBAVFORMAT_VERSION_CHECK(53, 8, 0, 8, 0) - Debug ( 1, "Calling avcodec_open" ); + Debug(1, "Calling avcodec_open"); if ( avcodec_open(mAudioCodecContext, mAudioCodec) < 0 ) { #else - Debug ( 1, "Calling avcodec_open2" ); + Debug(1, "Calling avcodec_open2" ); if ( avcodec_open2(mAudioCodecContext, mAudioCodec, 0) < 0 ) { #endif - Error( "Unable to open codec for audio stream from %s", mPath.c_str() ); + Error("Unable to open codec for audio stream from %s", mPath.c_str() ); return -1; } zm_dump_codec(mAudioCodecContext); @@ -629,6 +706,7 @@ int FfmpegCamera::OpenFfmpeg() { return -1; } +# if 0 mConvertContext = sws_getContext( mVideoCodecContext->width, mVideoCodecContext->height, @@ -640,6 +718,7 @@ int FfmpegCamera::OpenFfmpeg() { Error( "Unable to create conversion context for %s", mPath.c_str() ); return -1; } +#endif #else // HAVE_LIBSWSCALE Fatal( "You must compile ffmpeg with the --enable-swscale option to use ffmpeg cameras" ); #endif // HAVE_LIBSWSCALE @@ -885,7 +964,8 @@ int FfmpegCamera::CaptureAndRecord( Image &image, timeval recording, char* event if ( packetqueue->packet_count(mVideoStreamId) >= monitor->GetImageBufferCount() ) { Warning("ImageBufferCount %d is too small. Needs to be at least %d. Either increase it or decrease time between keyframes", monitor->GetImageBufferCount(), - packetqueue->packet_count(mVideoStreamId)+1 ); + packetqueue->packet_count(mVideoStreamId)+1 + ); } packetqueue->clearQueue(monitor->GetPreEventCount(), mVideoStreamId); @@ -931,6 +1011,7 @@ int FfmpegCamera::CaptureAndRecord( Image &image, timeval recording, char* event } #if HAVE_AVUTIL_HWCONTEXT_H if ( hwaccel ) { + Debug(1, "Using hwaccel to decode"); ret = avcodec_receive_frame(mVideoCodecContext, hwFrame); if ( ret < 0 ) { av_strerror(ret, errbuf, AV_ERROR_MAX_STRING_SIZE); @@ -939,7 +1020,7 @@ int FfmpegCamera::CaptureAndRecord( Image &image, timeval recording, char* event continue; } ret = av_hwframe_transfer_data(mRawFrame, hwFrame, 0); - if (ret < 0) { + if ( ret < 0 ) { av_strerror(ret, errbuf, AV_ERROR_MAX_STRING_SIZE); Error("Unable to transfer frame at frame %d: %s, continuing", frameCount, errbuf); zm_av_packet_unref(&packet); @@ -947,6 +1028,8 @@ int FfmpegCamera::CaptureAndRecord( Image &image, timeval recording, char* event } } else { #endif + Debug(1, "Decodingaccel to decode"); + ret = avcodec_receive_frame(mVideoCodecContext, mRawFrame); if ( ret < 0 ) { av_strerror(ret, errbuf, AV_ERROR_MAX_STRING_SIZE); @@ -961,6 +1044,24 @@ int FfmpegCamera::CaptureAndRecord( Image &image, timeval recording, char* event continue; } if ( error_count > 0 ) error_count --; + zm_dump_video_frame(mRawFrame); + if ( mRawFrame->format == hw_pix_fmt ) { + /* retrieve data from GPU to CPU */ + ret = av_hwframe_transfer_data(hwFrame, mRawFrame, 0); + if ( ret < 0 ) { + av_strerror(ret, errbuf, AV_ERROR_MAX_STRING_SIZE); + Error("Unable to transfer frame at frame %d: %s, continuing", frameCount, errbuf); + zm_av_packet_unref(&packet); + continue; + } + Debug(1,"Success transfering"); + zm_dump_video_frame(hwFrame); + + hwFrame->pts = mRawFrame->pts; + input_frame = hwFrame; + } else { + input_frame = mRawFrame; + } #if HAVE_AVUTIL_HWCONTEXT_H } @@ -968,7 +1069,7 @@ int FfmpegCamera::CaptureAndRecord( Image &image, timeval recording, char* event frameComplete = 1; # else - ret = zm_avcodec_decode_video(mVideoCodecContext, mRawFrame, &frameComplete, &packet); + ret = zm_avcodec_decode_video(mVideoCodecContext, input_frame, &frameComplete, &packet); if ( ret < 0 ) { av_strerror(ret, errbuf, AV_ERROR_MAX_STRING_SIZE); Error("Unable to decode frame at frame %d: %s, continuing", frameCount, errbuf); @@ -978,7 +1079,7 @@ int FfmpegCamera::CaptureAndRecord( Image &image, timeval recording, char* event #endif if ( frameComplete ) { - Debug( 4, "Got frame %d", frameCount ); + Debug(4, "Got frame %d", frameCount); uint8_t* directbuffer; @@ -986,7 +1087,7 @@ int FfmpegCamera::CaptureAndRecord( Image &image, timeval recording, char* event directbuffer = image.WriteBuffer(width, height, colours, subpixelorder); if ( directbuffer == NULL ) { Error("Failed requesting writeable buffer for the captured image."); - zm_av_packet_unref( &packet ); + zm_av_packet_unref(&packet); return -1; } #if LIBAVUTIL_VERSION_CHECK(54, 6, 0, 6, 0) @@ -994,10 +1095,34 @@ int FfmpegCamera::CaptureAndRecord( Image &image, timeval recording, char* event #else avpicture_fill( (AVPicture *)mFrame, directbuffer, imagePixFormat, width, height); #endif - if (sws_scale(mConvertContext, mRawFrame->data, mRawFrame->linesize, - 0, mVideoCodecContext->height, mFrame->data, mFrame->linesize) < 0) { - Error("Unable to convert raw format %u to target format %u at frame %d", - mVideoCodecContext->pix_fmt, imagePixFormat, frameCount); + Debug(1,"swscale target format: %c%c%c%c %c%c%c%c", + (imagePixFormat)&0xff,((imagePixFormat>>8)&0xff),((imagePixFormat>>16)&0xff),((imagePixFormat>>24)&0xff), + (mVideoCodecContext->pix_fmt)&0xff, + ((mVideoCodecContext->pix_fmt>>8)&0xff), + ((mVideoCodecContext->pix_fmt>>16)&0xff), + ((mVideoCodecContext->pix_fmt>>24)&0xff) + ); + if ( ! mConvertContext ) { + mConvertContext = sws_getContext( + input_frame->width, + input_frame->height, + (AVPixelFormat)input_frame->format, + width, height, + imagePixFormat, SWS_BICUBIC, NULL, + NULL, NULL); + if ( mConvertContext == NULL ) { + Error( "Unable to create conversion context for %s", mPath.c_str() ); + return -1; + } + } + + if ( sws_scale(mConvertContext, input_frame->data, input_frame->linesize, + 0, mVideoCodecContext->height, mFrame->data, mFrame->linesize) <= 0 ) { + Error("Unable to convert raw format %u to target format %u at frame %d codec %u ", + input_frame->format, + imagePixFormat, frameCount, + mVideoCodecContext->pix_fmt + ); return -1; } diff --git a/src/zm_ffmpeg_camera.h b/src/zm_ffmpeg_camera.h index a5a5550a9..626269f51 100644 --- a/src/zm_ffmpeg_camera.h +++ b/src/zm_ffmpeg_camera.h @@ -55,12 +55,14 @@ class FfmpegCamera : public Camera { AVFrame *mRawFrame; AVFrame *mFrame; _AVPIXELFORMAT imagePixFormat; + AVFrame *input_frame; // Use to point to mRawFrame or hwFrame; bool hwaccel; -#if HAVE_AVUTIL_HWCONTEXT_H AVFrame *hwFrame; +#if HAVE_AVUTIL_HWCONTEXT_H DecodeContext decode; #endif + AVBufferRef *hw_device_ctx = NULL; // Need to keep track of these because apparently the stream can start with values for pts/dts and then subsequent packets start at zero. int64_t audio_last_pts; diff --git a/zoneminder-config.cmake b/zoneminder-config.cmake index e088e68dc..46cf28d46 100644 --- a/zoneminder-config.cmake +++ b/zoneminder-config.cmake @@ -51,7 +51,7 @@ #cmakedefine HAVE_LIBAVUTIL 1 #cmakedefine HAVE_LIBAVUTIL_AVUTIL_H 1 #cmakedefine HAVE_LIBAVUTIL_MATHEMATICS_H 1 -#cmakedefine HAVE_LIBAVUTIL_HWCONTEXT_H 0 +#cmakedefine HAVE_LIBAVUTIL_HWCONTEXT_H 1 #cmakedefine HAVE_LIBSWSCALE 1 #cmakedefine HAVE_LIBSWSCALE_SWSCALE_H 1 #cmakedefine HAVE_LIBSWRESAMPLE 1 From c3135accbbcd2e36a07f1265e65b96d93760e32a Mon Sep 17 00:00:00 2001 From: Isaac Connor Date: Mon, 24 Jun 2019 21:11:52 -0400 Subject: [PATCH 286/922] Make events close on a section length time boundary only if event_close_mode == CLOSE_TIME. When an alarm happens in event_close_mode==ALARM, close the continuous event regardless of the # of pre-event frames in the event. Add some debugging --- src/zm_monitor.cpp | 27 +++++++++++++++------------ 1 file changed, 15 insertions(+), 12 deletions(-) diff --git a/src/zm_monitor.cpp b/src/zm_monitor.cpp index d7349eb6b..d282f0e2d 100644 --- a/src/zm_monitor.cpp +++ b/src/zm_monitor.cpp @@ -1379,6 +1379,7 @@ bool Monitor::Analyse() { if ( trigger_data->trigger_state == TRIGGER_ON ) { score += trigger_data->trigger_score; + Debug(1, "Triggered on score += %d => %d", trigger_data->trigger_score, score); if ( !event ) { // How could it have a length already? //if ( cause.length() ) @@ -1389,6 +1390,7 @@ bool Monitor::Analyse() { noteSet.insert(trigger_data->trigger_text); noteSetMap[trigger_data->trigger_cause] = noteSet; } + if ( signal_change ) { const char *signalText; if ( !signal ) { @@ -1475,7 +1477,7 @@ bool Monitor::Analyse() { if ( section_length && ( ( timestamp->tv_sec - video_store_data->recording.tv_sec ) >= section_length ) - && ( ! ( timestamp->tv_sec % section_length ) ) + && ( (event_close_mode != CLOSE_TIME) || ! ( timestamp->tv_sec % section_length ) ) ) { Info("%s: %03d - Closing event %" PRIu64 ", section end forced %d - %d = %d >= %d", name, image_count, event->Id(), @@ -1508,19 +1510,20 @@ bool Monitor::Analyse() { } // end if !signal_change && signal if ( score ) { - if ( state == IDLE || state == TAPE || state == PREALARM ) { + if ( (state == IDLE) || (state == TAPE) || (state == PREALARM) ) { + // If we should end then previous continuous event and start a new non-continuous event + if ( event && event->Frames() + && (!event->AlarmFrames()) + && (event_close_mode == CLOSE_ALARM) + && ( ( timestamp->tv_sec - video_store_data->recording.tv_sec ) >= min_section_length ) + ) { + Info("%s: %03d - Closing event %" PRIu64 ", continuous end, alarm begins", + name, image_count, event->Id()); + closeEvent(); + } + Debug(3, "pre-alarm-count %d", Event::PreAlarmCount()); // This is so if we need more than 1 alarm frame before going into alarm, so it is basically if we have enough alarm frames if ( (!pre_event_count) || (Event::PreAlarmCount() >= alarm_frame_count) ) { - // If we should end then previous continuous event and start a new non-continuous event - if ( event && event->Frames() - && (!event->AlarmFrames()) - && (event_close_mode == CLOSE_ALARM) - && ( ( timestamp->tv_sec - video_store_data->recording.tv_sec ) >= min_section_length ) - ) { - Info("%s: %03d - Closing event %" PRIu64 ", continuous end, alarm begins", - name, image_count, event->Id()); - closeEvent(); - } shared_data->state = state = ALARM; // lets construct alarm cause. It will contain cause + names of zones alarmed std::string alarm_cause = ""; From 2cbcaeebbcba2a4c875544f4abd444cc72297acd Mon Sep 17 00:00:00 2001 From: Isaac Connor Date: Tue, 25 Jun 2019 14:11:59 -0400 Subject: [PATCH 287/922] clean out old hwdecode stuff. refactor common code out --- src/zm_ffmpeg.cpp | 28 +-- src/zm_ffmpeg_camera.cpp | 415 +++++++++++---------------------------- src/zm_ffmpeg_camera.h | 11 +- src/zm_ffmpeg_input.cpp | 119 ++++------- 4 files changed, 161 insertions(+), 412 deletions(-) diff --git a/src/zm_ffmpeg.cpp b/src/zm_ffmpeg.cpp index 1dbf3be3b..b701e79bc 100644 --- a/src/zm_ffmpeg.cpp +++ b/src/zm_ffmpeg.cpp @@ -505,7 +505,7 @@ bool is_audio_context( AVCodecContext *codec_context ) { #endif } -int zm_receive_frame( AVCodecContext *context, AVFrame *frame, AVPacket &packet ) { +int zm_receive_frame(AVCodecContext *context, AVFrame *frame, AVPacket &packet) { int ret; #if LIBAVCODEC_VERSION_CHECK(57, 64, 0, 64, 0) if ( (ret = avcodec_send_packet(context, &packet)) < 0 ) { @@ -514,28 +514,10 @@ int zm_receive_frame( AVCodecContext *context, AVFrame *frame, AVPacket &packet return 0; } -#if HAVE_AVUTIL_HWCONTEXT_H - if ( hwaccel ) { - if ( (ret = avcodec_receive_frame(context, hwFrame)) < 0 ) { - Error( "Unable to receive frame %d: %s, continuing", streams[packet.stream_index].frame_count, - av_make_error_string(ret).c_str() ); - return 0; - } - if ( (ret = av_hwframe_transfer_data(frame, hwFrame, 0)) < 0 ) { - Error( "Unable to transfer frame at frame %d: %s, continuing", streams[packet.stream_index].frame_count, - av_make_error_string(ret).c_str() ); - return 0; - } - } else { -#endif - if ( (ret = avcodec_receive_frame(context, frame)) < 0 ) { - Error( "Unable to send packet %s, continuing", av_make_error_string(ret).c_str() ); - return 0; - } -#if HAVE_AVUTIL_HWCONTEXT_H + if ( (ret = avcodec_receive_frame(context, frame)) < 0 ) { + Error( "Unable to send packet %s, continuing", av_make_error_string(ret).c_str() ); + return 0; } -#endif - # else int frameComplete = 0; while ( !frameComplete ) { @@ -551,7 +533,7 @@ int zm_receive_frame( AVCodecContext *context, AVFrame *frame, AVPacket &packet } // end while !frameComplete #endif return 1; -} // end int zm_receive_frame( AVCodecContext *context, AVFrame *frame, AVPacket &packet ) +} // end int zm_receive_frame(AVCodecContext *context, AVFrame *frame, AVPacket &packet) void dumpPacket(AVStream *stream, AVPacket *pkt, const char *text) { char b[10240]; diff --git a/src/zm_ffmpeg_camera.cpp b/src/zm_ffmpeg_camera.cpp index 98dfd0e4e..36ffc1a2c 100644 --- a/src/zm_ffmpeg_camera.cpp +++ b/src/zm_ffmpeg_camera.cpp @@ -26,7 +26,7 @@ extern "C" { #include "libavutil/time.h" -#if HAVE_AVUTIL_HWCONTEXT_H +#if HAVE_LIBAVUTIL_HWCONTEXT_H #include "libavutil/hwcontext.h" #include "libavutil/hwcontext_qsv.h" #endif @@ -42,6 +42,7 @@ extern "C" { #endif +#if HAVE_LIBAVUTIL_HWCONTEXT_H static enum AVPixelFormat hw_pix_fmt; static enum AVPixelFormat get_hw_format( AVCodecContext *ctx, @@ -57,45 +58,6 @@ static enum AVPixelFormat get_hw_format( Error("Failed to get HW surface format."); return AV_PIX_FMT_NONE; } - -#if HAVE_AVUTIL_HWCONTEXT_H -static AVPixelFormat get_format(AVCodecContext *avctx, const enum AVPixelFormat *pix_fmts) { - while (*pix_fmts != AV_PIX_FMT_NONE) { - if (*pix_fmts == AV_PIX_FMT_QSV) { - DecodeContext *decode = (DecodeContext *)avctx->opaque; - AVHWFramesContext *frames_ctx; - AVQSVFramesContext *frames_hwctx; - int ret; - - /* create a pool of surfaces to be used by the decoder */ - avctx->hw_frames_ctx = av_hwframe_ctx_alloc(decode->hw_device_ref); - if (!avctx->hw_frames_ctx) - return AV_PIX_FMT_NONE; - frames_ctx = (AVHWFramesContext*)avctx->hw_frames_ctx->data; - frames_hwctx = (AVQSVFramesContext*)frames_ctx->hwctx; - - frames_ctx->format = AV_PIX_FMT_QSV; - frames_ctx->sw_format = avctx->sw_pix_fmt; - frames_ctx->width = FFALIGN(avctx->coded_width, 32); - frames_ctx->height = FFALIGN(avctx->coded_height, 32); - frames_ctx->initial_pool_size = 32; - - frames_hwctx->frame_type = MFX_MEMTYPE_VIDEO_MEMORY_DECODER_TARGET; - - ret = av_hwframe_ctx_init(avctx->hw_frames_ctx); - if (ret < 0) - return AV_PIX_FMT_NONE; - - return AV_PIX_FMT_QSV; - } - - pix_fmts++; - } - - Error("The QSV pixel format not offered in get_format()"); - - return AV_PIX_FMT_NONE; -} #endif FfmpegCamera::FfmpegCamera( @@ -136,9 +98,6 @@ FfmpegCamera::FfmpegCamera( } hwaccel = false; -#if HAVE_AVUTIL_HWCONTEXT_H - decode = { NULL }; -#endif hwFrame = NULL; mFormatContext = NULL; @@ -154,7 +113,6 @@ FfmpegCamera::FfmpegCamera( startTime = 0; mCanCapture = false; videoStore = NULL; - video_last_pts = 0; have_video_keyframe = false; packetqueue = NULL; error_count = 0; @@ -175,7 +133,7 @@ FfmpegCamera::FfmpegCamera( } else { Panic("Unexpected colours: %d",colours); } -} +} // FfmpegCamera::FfmpegCamera FfmpegCamera::~FfmpegCamera() { @@ -214,8 +172,8 @@ int FfmpegCamera::PreCapture() { return 0; } -int FfmpegCamera::Capture( Image &image ) { - if ( ! mCanCapture ) { +int FfmpegCamera::Capture(Image &image) { + if ( !mCanCapture ) { return -1; } @@ -233,112 +191,46 @@ int FfmpegCamera::Capture( Image &image ) { // Check for Connection failure. (avResult == -110) ) { - Info("Unable to read packet from stream %d: error %d \"%s\".", packet.stream_index, avResult, errbuf); + Info("Unable to read packet from stream %d: error %d \"%s\".", + packet.stream_index, avResult, errbuf); } else { - Error("Unable to read packet from stream %d: error %d \"%s\".", packet.stream_index, avResult, errbuf); + Error("Unable to read packet from stream %d: error %d \"%s\".", + packet.stream_index, avResult, errbuf); } return -1; } + bytes += packet.size; int keyframe = packet.flags & AV_PKT_FLAG_KEY; if ( keyframe ) have_video_keyframe = true; - Debug( 5, "Got packet from stream %d dts (%d) pts(%d)", packet.stream_index, packet.pts, packet.dts ); + Debug(5, "Got packet from stream %d dts (%d) pts(%d)", + packet.stream_index, packet.pts, packet.dts); // What about audio stream? Maybe someday we could do sound detection... if ( ( packet.stream_index == mVideoStreamId ) && ( keyframe || have_video_keyframe ) ) { - int ret; -#if LIBAVCODEC_VERSION_CHECK(57, 64, 0, 64, 0) - ret = avcodec_send_packet( mVideoCodecContext, &packet ); + int ret; + ret = zm_receive_frame(mVideoCodecContext, mRawFrame, packet); if ( ret < 0 ) { - av_strerror( ret, errbuf, AV_ERROR_MAX_STRING_SIZE ); - Error( "Unable to send packet at frame %d: %s, continuing", frameCount, errbuf ); - zm_av_packet_unref( &packet ); + av_strerror(ret, errbuf, AV_ERROR_MAX_STRING_SIZE); + Error("Unable to get frame at frame %d: %s, continuing", frameCount, errbuf); + zm_av_packet_unref(&packet); continue; } -#if HAVE_AVUTIL_HWCONTEXT_H - if ( hwaccel ) { - ret = avcodec_receive_frame( mVideoCodecContext, hwFrame ); - if ( ret < 0 ) { - av_strerror( ret, errbuf, AV_ERROR_MAX_STRING_SIZE ); - Error( "Unable to send packet at frame %d: %s, continuing", frameCount, errbuf ); - zm_av_packet_unref( &packet ); - continue; - } - Debug(1, "transfering from hardware"); - ret = av_hwframe_transfer_data(mRawFrame, hwFrame, 0); - if (ret < 0) { - av_strerror( ret, errbuf, AV_ERROR_MAX_STRING_SIZE ); - Error( "Unable to transfer frame at frame %d: %s, continuing", frameCount, errbuf ); - zm_av_packet_unref( &packet ); - continue; - } - } else { -#endif - - - ret = avcodec_receive_frame( mVideoCodecContext, mRawFrame ); - if ( ret < 0 ) { - av_strerror( ret, errbuf, AV_ERROR_MAX_STRING_SIZE ); - Error( "Unable to send packet at frame %d: %s, continuing", frameCount, errbuf ); - zm_av_packet_unref( &packet ); - continue; - } - -#if HAVE_AVUTIL_HWCONTEXT_H - } -#endif - frameComplete = 1; -# else - ret = zm_avcodec_decode_video( mVideoCodecContext, mRawFrame, &frameComplete, &packet ); - if ( ret < 0 ) { - av_strerror( ret, errbuf, AV_ERROR_MAX_STRING_SIZE ); - Error( "Unable to decode frame at frame %d: %s, continuing", frameCount, errbuf ); - zm_av_packet_unref( &packet ); - continue; + Debug(4, "Decoded video packet at frame %d", frameCount); + + if ( transfer_to_image(image, mFrame, mRawFrame) < 0 ) { + zm_av_packet_unref(&packet); + return -1; } -#endif - Debug( 4, "Decoded video packet at frame %d", frameCount ); - - if ( frameComplete ) { - Debug( 4, "Got frame %d", frameCount ); - - uint8_t* directbuffer; - - /* Request a writeable buffer of the target image */ - directbuffer = image.WriteBuffer(width, height, colours, subpixelorder); - if ( directbuffer == NULL ) { - Error("Failed requesting writeable buffer for the captured image."); - return -1; - } - -#if LIBAVUTIL_VERSION_CHECK(54, 6, 0, 6, 0) - av_image_fill_arrays(mFrame->data, mFrame->linesize, - directbuffer, imagePixFormat, width, height, 1); -#else - avpicture_fill( (AVPicture *)mFrame, directbuffer, - imagePixFormat, width, height); -#endif - -#if HAVE_LIBSWSCALE - if ( sws_scale(mConvertContext, mRawFrame->data, mRawFrame->linesize, 0, mVideoCodecContext->height, mFrame->data, mFrame->linesize) <= 0 ) { - Error("Unable to convert raw format %u to target format %u at frame %d", mVideoCodecContext->pix_fmt, imagePixFormat, frameCount); - return -1; - } -#else // HAVE_LIBSWSCALE - Fatal("You must compile ffmpeg with the --enable-swscale option to use ffmpeg cameras"); -#endif // HAVE_LIBSWSCALE - - frameCount++; - } // end if frameComplete + frameCount++; } else { - Debug( 4, "Different stream_index %d", packet.stream_index ); + Debug(4, "Different stream_index %d", packet.stream_index); } // end if packet.stream_index == mVideoStreamId - bytes += packet.size; - zm_av_packet_unref( &packet ); + zm_av_packet_unref(&packet); } // end while ! frameComplete return frameComplete ? 1 : 0; } // FfmpegCamera::Capture @@ -498,44 +390,6 @@ int FfmpegCamera::OpenFfmpeg() { mVideoCodecContext->flags2 |= CODEC_FLAG2_FAST | CODEC_FLAG_LOW_DELAY; #endif -#if HAVE_AVUTIL_HWCONTEXT_H - if ( mVideoCodecContext->codec_id == AV_CODEC_ID_H264 ) { - - //vaapi_decoder = new VAAPIDecoder(); - //mVideoCodecContext->opaque = vaapi_decoder; - //mVideoCodec = vaapi_decoder->openCodec( mVideoCodecContext ); - - if ( ! mVideoCodec ) { - // Try to open an hwaccel codec. - if ( (mVideoCodec = avcodec_find_decoder_by_name("h264_vaapi")) == NULL ) { - Debug(1, "Failed to find decoder (h264_vaapi)" ); - } else { - Debug(1, "Success finding decoder (h264_vaapi)" ); - } - } - if ( ! mVideoCodec ) { - // Try to open an hwaccel codec. - if ( (mVideoCodec = avcodec_find_decoder_by_name("h264_qsv")) == NULL ) { - Debug(1, "Failed to find decoder (h264_qsv)" ); - } else { - Debug(1, "Success finding decoder (h264_qsv)" ); - /* open the hardware device */ - ret = av_hwdevice_ctx_create(&decode.hw_device_ref, AV_HWDEVICE_TYPE_QSV, - "auto", NULL, 0); - if (ret < 0) { - Error("Failed to open the hardware device"); - mVideoCodec = NULL; - } else { - mVideoCodecContext->opaque = &decode; - mVideoCodecContext->get_format = get_format; - hwaccel = true; - hwFrame = zm_av_frame_alloc(); - } - } - } - } // end if h264 -#endif - AVHWAccel *first_hwaccel = av_hwaccel_next(NULL); AVHWAccel *temp_hwaccel = first_hwaccel; AVHWAccel *h264 = NULL; @@ -988,7 +842,6 @@ int FfmpegCamera::CaptureAndRecord( Image &image, timeval recording, char* event if ( have_video_keyframe || keyframe ) { if ( videoStore ) { - //Write the packet to our video store int ret = videoStore->writeVideoFramePacket(&packet); if ( ret < 0 ) { //Less than zero and we skipped a frame @@ -1001,174 +854,140 @@ int FfmpegCamera::CaptureAndRecord( Image &image, timeval recording, char* event Debug(4, "about to decode video"); -#if LIBAVCODEC_VERSION_CHECK(57, 64, 0, 64, 0) - ret = avcodec_send_packet(mVideoCodecContext, &packet); + ret = zm_receive_frame(mVideoCodecContext, mRawFrame, packet); + if ( ret < 0 ) { av_strerror(ret, errbuf, AV_ERROR_MAX_STRING_SIZE); - Error("Unable to send packet at frame %d: %s, continuing", frameCount, errbuf); + Warning("Unable to receive frame %d: %s, continuing. error count is %s", + frameCount, errbuf, error_count); + error_count += 1; + if ( error_count > 100 ) { + Error("Error count over 100, going to close and re-open stream"); + return -1; + } zm_av_packet_unref(&packet); continue; } -#if HAVE_AVUTIL_HWCONTEXT_H - if ( hwaccel ) { - Debug(1, "Using hwaccel to decode"); - ret = avcodec_receive_frame(mVideoCodecContext, hwFrame); - if ( ret < 0 ) { - av_strerror(ret, errbuf, AV_ERROR_MAX_STRING_SIZE); - Error("Unable to send packet at frame %d: %s, continuing", frameCount, errbuf); - zm_av_packet_unref(&packet); - continue; - } - ret = av_hwframe_transfer_data(mRawFrame, hwFrame, 0); - if ( ret < 0 ) { - av_strerror(ret, errbuf, AV_ERROR_MAX_STRING_SIZE); - Error("Unable to transfer frame at frame %d: %s, continuing", frameCount, errbuf); - zm_av_packet_unref(&packet); - continue; - } - } else { -#endif - Debug(1, "Decodingaccel to decode"); - - ret = avcodec_receive_frame(mVideoCodecContext, mRawFrame); - if ( ret < 0 ) { - av_strerror(ret, errbuf, AV_ERROR_MAX_STRING_SIZE); - Warning("Unable to receive frame %d: %s, continuing. error count is %s", - frameCount, errbuf, error_count); - error_count += 1; - if ( error_count > 100 ) { - Error("Error count over 100, going to close and re-open stream"); - return -1; - } - zm_av_packet_unref(&packet); - continue; - } - if ( error_count > 0 ) error_count --; - zm_dump_video_frame(mRawFrame); - if ( mRawFrame->format == hw_pix_fmt ) { - /* retrieve data from GPU to CPU */ - ret = av_hwframe_transfer_data(hwFrame, mRawFrame, 0); - if ( ret < 0 ) { - av_strerror(ret, errbuf, AV_ERROR_MAX_STRING_SIZE); - Error("Unable to transfer frame at frame %d: %s, continuing", frameCount, errbuf); - zm_av_packet_unref(&packet); - continue; - } - Debug(1,"Success transfering"); - zm_dump_video_frame(hwFrame); - - hwFrame->pts = mRawFrame->pts; - input_frame = hwFrame; - } else { - input_frame = mRawFrame; - } - -#if HAVE_AVUTIL_HWCONTEXT_H - } -#endif - - frameComplete = 1; -# else - ret = zm_avcodec_decode_video(mVideoCodecContext, input_frame, &frameComplete, &packet); + if ( error_count > 0 ) error_count --; + zm_dump_video_frame(mRawFrame); +#if HAVE_LIBAVUTIL_HWCONTEXT_H + if ( mRawFrame->format == hw_pix_fmt ) { + /* retrieve data from GPU to CPU */ + ret = av_hwframe_transfer_data(hwFrame, mRawFrame, 0); if ( ret < 0 ) { av_strerror(ret, errbuf, AV_ERROR_MAX_STRING_SIZE); - Error("Unable to decode frame at frame %d: %s, continuing", frameCount, errbuf); - zm_av_packet_unref( &packet ); + Error("Unable to transfer frame at frame %d: %s, continuing", frameCount, errbuf); + zm_av_packet_unref(&packet); continue; - } + } + zm_dump_video_frame(hwFrame, "After hwtransfer"); + + hwFrame->pts = mRawFrame->pts; + input_frame = hwFrame; + } else { +#endif + input_frame = mRawFrame; +#if HAVE_LIBAVUTIL_HWCONTEXT_H + } #endif - if ( frameComplete ) { - Debug(4, "Got frame %d", frameCount); + Debug(4, "Got frame %d", frameCount); + if ( transfer_to_image(image, mFrame, input_frame) < 0 ) { + zm_av_packet_unref(&packet); + return -1; + } - uint8_t* directbuffer; - - /* Request a writeable buffer of the target image */ - directbuffer = image.WriteBuffer(width, height, colours, subpixelorder); - if ( directbuffer == NULL ) { - Error("Failed requesting writeable buffer for the captured image."); - zm_av_packet_unref(&packet); - return -1; - } -#if LIBAVUTIL_VERSION_CHECK(54, 6, 0, 6, 0) - av_image_fill_arrays(mFrame->data, mFrame->linesize, directbuffer, imagePixFormat, width, height, 1); -#else - avpicture_fill( (AVPicture *)mFrame, directbuffer, imagePixFormat, width, height); -#endif - Debug(1,"swscale target format: %c%c%c%c %c%c%c%c", - (imagePixFormat)&0xff,((imagePixFormat>>8)&0xff),((imagePixFormat>>16)&0xff),((imagePixFormat>>24)&0xff), - (mVideoCodecContext->pix_fmt)&0xff, - ((mVideoCodecContext->pix_fmt>>8)&0xff), - ((mVideoCodecContext->pix_fmt>>16)&0xff), - ((mVideoCodecContext->pix_fmt>>24)&0xff) - ); - if ( ! mConvertContext ) { - mConvertContext = sws_getContext( - input_frame->width, - input_frame->height, - (AVPixelFormat)input_frame->format, - width, height, - imagePixFormat, SWS_BICUBIC, NULL, - NULL, NULL); - if ( mConvertContext == NULL ) { - Error( "Unable to create conversion context for %s", mPath.c_str() ); - return -1; - } - } - - if ( sws_scale(mConvertContext, input_frame->data, input_frame->linesize, - 0, mVideoCodecContext->height, mFrame->data, mFrame->linesize) <= 0 ) { - Error("Unable to convert raw format %u to target format %u at frame %d codec %u ", - input_frame->format, - imagePixFormat, frameCount, - mVideoCodecContext->pix_fmt - ); - return -1; - } - - frameCount++; - } else { - Debug( 3, "Not framecomplete after av_read_frame" ); - } // end if frameComplete + frameComplete = 1; + frameCount++; } else if ( packet.stream_index == mAudioStreamId ) { //FIXME best way to copy all other streams frameComplete = 1; if ( videoStore ) { if ( record_audio ) { if ( have_video_keyframe ) { - Debug(3, "Recording audio packet streamindex(%d) packetstreamindex(%d)", mAudioStreamId, packet.stream_index ); + Debug(3, "Recording audio packet streamindex(%d) packetstreamindex(%d)", + mAudioStreamId, packet.stream_index); //Write the packet to our video store //FIXME no relevance of last key frame int ret = videoStore->writeAudioFramePacket( &packet ); if ( ret < 0 ) {//Less than zero and we skipped a frame Warning("Failure to write audio packet."); - zm_av_packet_unref( &packet ); + zm_av_packet_unref(&packet); return 0; } } else { Debug(3, "Not recording audio yet because we don't have a video keyframe yet"); } } else { - Debug(4, "Not doing recording of audio packet" ); + Debug(4, "Not doing recording of audio packet"); } } else { - Debug(4, "Have audio packet, but not recording atm" ); + Debug(4, "Have audio packet, but not recording atm"); } - zm_av_packet_unref( &packet ); + zm_av_packet_unref(&packet); return 0; } else { #if LIBAVUTIL_VERSION_CHECK(56, 23, 0, 23, 0) - Debug( 3, "Some other stream index %d, %s", packet.stream_index, av_get_media_type_string( mFormatContext->streams[packet.stream_index]->codecpar->codec_type) ); + Debug(3, "Some other stream index %d, %s", + packet.stream_index, + av_get_media_type_string(mFormatContext->streams[packet.stream_index]->codecpar->codec_type) + ); #else - Debug( 3, "Some other stream index %d", packet.stream_index ); + Debug(3, "Some other stream index %d", packet.stream_index); #endif } // end if is video or audio or something else // the packet contents are ref counted... when queuing, we allocate another packet and reference it with that one, so we should always need to unref here, which should not affect the queued version. - zm_av_packet_unref( &packet ); + zm_av_packet_unref(&packet); } // end while ! frameComplete return frameCount; } // end FfmpegCamera::CaptureAndRecord +int FfmpegCamera::transfer_to_image(Image &image, AVFrame *output_frame, AVFrame *input_frame) { + uint8_t* directbuffer; + + /* Request a writeable buffer of the target image */ + directbuffer = image.WriteBuffer(width, height, colours, subpixelorder); + if ( directbuffer == NULL ) { + Error("Failed requesting writeable buffer for the captured image."); + return -1; + } +#if LIBAVUTIL_VERSION_CHECK(54, 6, 0, 6, 0) + av_image_fill_arrays(output_frame->data, output_frame->linesize, + directbuffer, imagePixFormat, width, height, 1); +#else + avpicture_fill((AVPicture *)output_frame, directbuffer, + imagePixFormat, width, height); +#endif +#if HAVE_LIBSWSCALE + if ( ! mConvertContext ) { + mConvertContext = sws_getContext( + input_frame->width, + input_frame->height, + (AVPixelFormat)input_frame->format, + width, height, + imagePixFormat, SWS_BICUBIC, NULL, + NULL, NULL); + if ( mConvertContext == NULL ) { + Error("Unable to create conversion context for %s", mPath.c_str()); + return -1; + } + } + + if ( sws_scale(mConvertContext, input_frame->data, input_frame->linesize, + 0, mVideoCodecContext->height, output_frame->data, output_frame->linesize) <= 0 ) { + Error("Unable to convert raw format %u to target format %u at frame %d codec %u ", + input_frame->format, + imagePixFormat, frameCount, + mVideoCodecContext->pix_fmt + ); + return -1; + } +#else // HAVE_LIBSWSCALE + Fatal("You must compile ffmpeg with the --enable-swscale option to use ffmpeg cameras"); +#endif // HAVE_LIBSWSCALE + return 0; +} // end int FfmpegCamera::transfer_to_image(Image &i, AVFrame *output_frame, AVFrame input_frame) + int FfmpegCamera::FfmpegInterruptCallback(void *ctx) { //FfmpegCamera* camera = reinterpret_cast(ctx); //Debug(4, "FfmpegInterruptCallback"); diff --git a/src/zm_ffmpeg_camera.h b/src/zm_ffmpeg_camera.h index 626269f51..9f7fbb3ae 100644 --- a/src/zm_ffmpeg_camera.h +++ b/src/zm_ffmpeg_camera.h @@ -27,7 +27,7 @@ #include "zm_videostore.h" #include "zm_packetqueue.h" -#if HAVE_AVUTIL_HWCONTEXT_H +#if HAVE_LIBAVUTIL_HWCONTEXT_H typedef struct DecodeContext { AVBufferRef *hw_device_ref; } DecodeContext; @@ -59,17 +59,11 @@ class FfmpegCamera : public Camera { bool hwaccel; AVFrame *hwFrame; -#if HAVE_AVUTIL_HWCONTEXT_H +#if HAVE_LIBAVUTIL_HWCONTEXT_H DecodeContext decode; #endif AVBufferRef *hw_device_ctx = NULL; - // Need to keep track of these because apparently the stream can start with values for pts/dts and then subsequent packets start at zero. - int64_t audio_last_pts; - int64_t audio_last_dts; - int64_t video_last_pts; - int64_t video_last_dts; - // Used to store the incoming packet, it will get copied when queued. // We only ever need one at a time, so instead of constantly allocating // and freeing this structure, we will just make it a member of the object. @@ -110,5 +104,6 @@ class FfmpegCamera : public Camera { int PostCapture(); private: static int FfmpegInterruptCallback(void*ctx); + int transfer_to_image(Image &i, AVFrame *output_frame, AVFrame *input_frame); }; #endif // ZM_FFMPEG_CAMERA_H diff --git a/src/zm_ffmpeg_input.cpp b/src/zm_ffmpeg_input.cpp index 139e6d862..3c888fa6f 100644 --- a/src/zm_ffmpeg_input.cpp +++ b/src/zm_ffmpeg_input.cpp @@ -20,18 +20,18 @@ FFmpeg_Input::~FFmpeg_Input() { } } -int FFmpeg_Input::Open( const char *filepath ) { +int FFmpeg_Input::Open(const char *filepath) { int error; /** Open the input file to read from it. */ - if ( (error = avformat_open_input( &input_format_context, filepath, NULL, NULL)) < 0 ) { - + error = avformat_open_input(&input_format_context, filepath, NULL, NULL); + if ( error < 0 ) { Error("Could not open input file '%s' (error '%s')\n", filepath, av_make_error_string(error).c_str() ); input_format_context = NULL; return error; - } + } /** Get information on the input file (number of streams etc.). */ if ( (error = avformat_find_stream_info(input_format_context, NULL)) < 0 ) { @@ -44,23 +44,23 @@ int FFmpeg_Input::Open( const char *filepath ) { } streams = new stream[input_format_context->nb_streams]; - Debug(2,"Have %d streams", input_format_context->nb_streams); + Debug(2, "Have %d streams", input_format_context->nb_streams); for ( unsigned int i = 0; i < input_format_context->nb_streams; i += 1 ) { - if ( is_video_stream( input_format_context->streams[i] ) ) { + if ( is_video_stream(input_format_context->streams[i]) ) { zm_dump_stream_format(input_format_context, i, 0, 0); if ( video_stream_id == -1 ) { video_stream_id = i; // if we break, then we won't find the audio stream } else { - Warning( "Have another video stream." ); + Warning("Have another video stream."); } - } else if ( is_audio_stream( input_format_context->streams[i] ) ) { + } else if ( is_audio_stream(input_format_context->streams[i]) ) { if ( audio_stream_id == -1 ) { - Debug(2,"Audio stream is %d", i); + Debug(2, "Audio stream is %d", i); audio_stream_id = i; } else { - Warning( "Have another audio stream." ); + Warning("Have another audio stream."); } } else { Warning("Unknown stream type"); @@ -68,25 +68,26 @@ int FFmpeg_Input::Open( const char *filepath ) { streams[i].frame_count = 0; #if LIBAVCODEC_VERSION_CHECK(57, 64, 0, 64, 0) - streams[i].context = avcodec_alloc_context3( NULL ); - avcodec_parameters_to_context( streams[i].context, input_format_context->streams[i]->codecpar ); + streams[i].context = avcodec_alloc_context3(NULL); + avcodec_parameters_to_context(streams[i].context, input_format_context->streams[i]->codecpar); #else streams[i].context = input_format_context->streams[i]->codec; #endif if ( !(streams[i].codec = avcodec_find_decoder(streams[i].context->codec_id)) ) { - Error( "Could not find input codec\n"); + Error("Could not find input codec"); avformat_close_input(&input_format_context); return AVERROR_EXIT; } else { - Debug(1, "Using codec (%s) for stream %d", streams[i].codec->name, i ); + Debug(1, "Using codec (%s) for stream %d", streams[i].codec->name, i); } - if ((error = avcodec_open2( streams[i].context, streams[i].codec, NULL)) < 0) { - Error( "Could not open input codec (error '%s')\n", - av_make_error_string(error).c_str() ); + error = avcodec_open2(streams[i].context, streams[i].codec, NULL); + if ( error < 0 ) { + Error("Could not open input codec (error '%s')", + av_make_error_string(error).c_str()); #if LIBAVCODEC_VERSION_CHECK(57, 64, 0, 64, 0) - avcodec_free_context( &streams[i].context ); + avcodec_free_context(&streams[i].context); #endif avformat_close_input(&input_format_context); return error; @@ -94,14 +95,14 @@ int FFmpeg_Input::Open( const char *filepath ) { } // end foreach stream if ( video_stream_id == -1 ) - Error( "Unable to locate video stream in %s", filepath ); + Error("Unable to locate video stream in %s", filepath); if ( audio_stream_id == -1 ) - Debug( 3, "Unable to locate audio stream in %s", filepath ); + Debug(3, "Unable to locate audio stream in %s", filepath); return 0; } // end int FFmpeg_Input::Open( const char * filepath ) -AVFrame *FFmpeg_Input::get_frame( int stream_id ) { +AVFrame *FFmpeg_Input::get_frame(int stream_id) { Debug(1, "Getting frame from stream %d", stream_id); int frameComplete = false; @@ -119,85 +120,38 @@ AVFrame *FFmpeg_Input::get_frame( int stream_id ) { // Check for Connection failure. (ret == -110) ) { - Info( "av_read_frame returned %s.", errbuf ); + Info("av_read_frame returned %s.", errbuf); return NULL; } - Error( "Unable to read packet from stream %d: error %d \"%s\".", packet.stream_index, ret, errbuf ); + Error("Unable to read packet from stream %d: error %d \"%s\".", + packet.stream_index, ret, errbuf); return NULL; } dumpPacket(input_format_context->streams[packet.stream_index], &packet, "Received packet"); if ( (stream_id < 0) || (packet.stream_index == stream_id) ) { - Debug(3,"Packet is for our stream (%d)", packet.stream_index ); + Debug(3, "Packet is for our stream (%d)", packet.stream_index); AVCodecContext *context = streams[packet.stream_index].context; -#if LIBAVCODEC_VERSION_CHECK(57, 64, 0, 64, 0) - ret = avcodec_send_packet(context, &packet); - if ( ret < 0 ) { - av_strerror(ret, errbuf, AV_ERROR_MAX_STRING_SIZE); - Error("Unable to send packet at frame %d: %s, continuing", - streams[packet.stream_index].frame_count, errbuf); - zm_av_packet_unref(&packet); - continue; - } - -#if HAVE_AVUTIL_HWCONTEXT_H - if ( hwaccel ) { - ret = avcodec_receive_frame( context, hwFrame ); - if ( ret < 0 ) { - av_strerror( ret, errbuf, AV_ERROR_MAX_STRING_SIZE ); - Error( "Unable to receive frame %d: %s, continuing", streams[packet.stream_index].frame_count, errbuf ); - zm_av_packet_unref( &packet ); - continue; - } - ret = av_hwframe_transfer_data(frame, hwFrame, 0); - if (ret < 0) { - av_strerror( ret, errbuf, AV_ERROR_MAX_STRING_SIZE ); - Error( "Unable to transfer frame at frame %d: %s, continuing", streams[packet.stream_index].frame_count, errbuf ); - zm_av_packet_unref(&packet); - continue; - } - } else { -#endif if ( frame ) { av_frame_free(&frame); frame = zm_av_frame_alloc(); } else { frame = zm_av_frame_alloc(); } - //Debug(1,"Getting frame %d", streams[packet.stream_index].frame_count); - ret = avcodec_receive_frame(context, frame); + ret = zm_receive_frame(context, frame, packet); if ( ret < 0 ) { - av_strerror( ret, errbuf, AV_ERROR_MAX_STRING_SIZE ); - Error( "Unable to send packet at frame %d: %s, continuing", streams[packet.stream_index].frame_count, errbuf ); + av_strerror(ret, errbuf, AV_ERROR_MAX_STRING_SIZE); + Error("Unable to decode frame at frame %d: %s, continuing", + streams[packet.stream_index].frame_count, errbuf); zm_av_packet_unref( &packet ); av_frame_free(&frame); continue; } -#if HAVE_AVUTIL_HWCONTEXT_H - } -#endif - - frameComplete = 1; -# else - if ( frame ) { - av_frame_free(&frame); - frame = zm_av_frame_alloc(); - } else { - frame = zm_av_frame_alloc(); - } - ret = zm_avcodec_decode_video(context, frame, &frameComplete, &packet); - if ( ret < 0 ) { - av_strerror(ret, errbuf, AV_ERROR_MAX_STRING_SIZE); - Error( "Unable to decode frame at frame %d: %s, continuing", streams[packet.stream_index].frame_count, errbuf ); - zm_av_packet_unref( &packet ); - av_frame_free(&frame); - continue; - } -#endif - } // end if it's the right stream + frameComplete = 1; + } // end if it's the right stream zm_av_packet_unref(&packet); @@ -206,7 +160,7 @@ AVFrame *FFmpeg_Input::get_frame( int stream_id ) { } // end AVFrame *FFmpeg_Input::get_frame -AVFrame *FFmpeg_Input::get_frame( int stream_id, double at ) { +AVFrame *FFmpeg_Input::get_frame(int stream_id, double at) { Debug(1, "Getting frame from stream %d at %f", stream_id, at); int64_t seek_target = (int64_t)(at * AV_TIME_BASE); @@ -218,9 +172,8 @@ AVFrame *FFmpeg_Input::get_frame( int stream_id, double at ) { if ( !frame ) { // Don't have a frame yet, so get a keyframe before the timestamp - if ( ( ret = av_seek_frame( - input_format_context, stream_id, seek_target, AVSEEK_FLAG_FRAME - ) < 0 ) ) { + ret = av_seek_frame(input_format_context, stream_id, seek_target, AVSEEK_FLAG_FRAME); + if ( ret < 0 ) { Error("Unable to seek in stream"); return NULL; } @@ -246,7 +199,7 @@ AVFrame *FFmpeg_Input::get_frame( int stream_id, double at ) { if ( frame->pts <= seek_target ) { zm_dump_frame(frame, "pts <= seek_target"); while ( frame && (frame->pts < seek_target) ) { - if ( ! get_frame(stream_id) ) + if ( !get_frame(stream_id) ) return frame; } return frame; From 19af25bf1a93b80589593bfcda25f2c41d91164d Mon Sep 17 00:00:00 2001 From: Isaac Connor Date: Tue, 25 Jun 2019 15:29:46 -0400 Subject: [PATCH 288/922] add DecoderHWAccel fields to Monitors --- db/zm_create.sql.in | 2 ++ db/zm_update-1.33.11.sql | 24 ++++++++++++++++++++++++ 2 files changed, 26 insertions(+) create mode 100644 db/zm_update-1.33.11.sql diff --git a/db/zm_create.sql.in b/db/zm_create.sql.in index ac4f2fbed..f8fb8673b 100644 --- a/db/zm_create.sql.in +++ b/db/zm_create.sql.in @@ -456,6 +456,8 @@ CREATE TABLE `Monitors` ( `Palette` int(10) unsigned NOT NULL default '0', `Orientation` enum('0','90','180','270','hori','vert') NOT NULL default '0', `Deinterlacing` int(10) unsigned NOT NULL default '0', + `DecoderHWAccelName` varchar(64), + `DecoderHWAccelDevice` varchar(255), `SaveJPEGs` TINYINT NOT NULL DEFAULT '3' , `VideoWriter` TINYINT NOT NULL DEFAULT '0', `OutputCodec` enum('h264','mjpeg','mpeg1','mpeg2'), diff --git a/db/zm_update-1.33.11.sql b/db/zm_update-1.33.11.sql new file mode 100644 index 000000000..57b04ce11 --- /dev/null +++ b/db/zm_update-1.33.11.sql @@ -0,0 +1,24 @@ + +SET @s = (SELECT IF( + (SELECT COUNT(*) FROM INFORMATION_SCHEMA.COLUMNS WHERE table_schema = DATABASE() + AND table_name = 'Monitors' + AND column_name = 'DecoderHWAccelName' + ) > 0, + "SELECT 'Column DecoderHWAccelName already exists in Monitors'", + "ALTER TABLE Monitors ADD `DecoderHWAccelName` varchar(64) AFTER `Deinterlacing`" + )); + +PREPARE stmt FROM @s; +EXECUTE stmt; + +SET @s = (SELECT IF( + (SELECT COUNT(*) FROM INFORMATION_SCHEMA.COLUMNS WHERE table_schema = DATABASE() + AND table_name = 'Monitors' + AND column_name = 'DecoderHWAccelDevice' + ) > 0, + "SELECT 'Column DecoderHWAccelDevice already exists in Monitors'", + "ALTER TABLE Monitors ADD `DecoderHWAccelDevice` varchar(255) AFTER `DecoderHWAccelName`" + )); + +PREPARE stmt FROM @s; +EXECUTE stmt; From 6a87d9a8759db2954750c3d13468cd5a09235163 Mon Sep 17 00:00:00 2001 From: Isaac Connor Date: Tue, 25 Jun 2019 15:32:47 -0400 Subject: [PATCH 289/922] change zm_receive_frame to return AVERROR instead of boolean --- src/zm_ffmpeg.cpp | 11 ++++++----- 1 file changed, 6 insertions(+), 5 deletions(-) diff --git a/src/zm_ffmpeg.cpp b/src/zm_ffmpeg.cpp index b701e79bc..029492f90 100644 --- a/src/zm_ffmpeg.cpp +++ b/src/zm_ffmpeg.cpp @@ -511,12 +511,13 @@ int zm_receive_frame(AVCodecContext *context, AVFrame *frame, AVPacket &packet) if ( (ret = avcodec_send_packet(context, &packet)) < 0 ) { Error( "Unable to send packet %s, continuing", av_make_error_string(ret).c_str() ); - return 0; + return ret; } if ( (ret = avcodec_receive_frame(context, frame)) < 0 ) { - Error( "Unable to send packet %s, continuing", av_make_error_string(ret).c_str() ); - return 0; + Error("Unable to send packet %s, continuing", + av_make_error_string(ret).c_str()); + return ret; } # else int frameComplete = 0; @@ -528,11 +529,11 @@ int zm_receive_frame(AVCodecContext *context, AVFrame *frame, AVPacket &packet) } if ( ret < 0 ) { Error("Unable to decode frame: %s", av_make_error_string(ret).c_str()); - return 0; + return ret; } } // end while !frameComplete #endif - return 1; + return 0; } // end int zm_receive_frame(AVCodecContext *context, AVFrame *frame, AVPacket &packet) void dumpPacket(AVStream *stream, AVPacket *pkt, const char *text) { From cf7f3e8a884d742aa17e78bf6bec83e72fb0d021 Mon Sep 17 00:00:00 2001 From: Isaac Connor Date: Tue, 25 Jun 2019 15:33:54 -0400 Subject: [PATCH 290/922] add passing hwaccel name and device. use av_make_error_string(ret).c_str() to reduce code and increase consistency --- src/zm_ffmpeg_camera.cpp | 172 ++++++++++++++++++++++----------------- src/zm_ffmpeg_camera.h | 27 ++++-- 2 files changed, 118 insertions(+), 81 deletions(-) diff --git a/src/zm_ffmpeg_camera.cpp b/src/zm_ffmpeg_camera.cpp index 36ffc1a2c..fe0211a2e 100644 --- a/src/zm_ffmpeg_camera.cpp +++ b/src/zm_ffmpeg_camera.cpp @@ -73,7 +73,9 @@ FfmpegCamera::FfmpegCamera( int p_hue, int p_colour, bool p_capture, - bool p_record_audio + bool p_record_audio, + const std::string &p_hwaccel_name, + const std::string &p_hwaccel_device ) : Camera( p_id, @@ -89,9 +91,11 @@ FfmpegCamera::FfmpegCamera( p_capture, p_record_audio ), - mPath( p_path ), - mMethod( p_method ), - mOptions( p_options ) + mPath(p_path), + mMethod(p_method), + mOptions(p_options), + hwaccel_name(p_hwaccel_name), + hwaccel_device(p_hwaccel_device) { if ( capture ) { Initialise(); @@ -177,25 +181,24 @@ int FfmpegCamera::Capture(Image &image) { return -1; } + int ret; // If the reopen thread has a value, but mCanCapture != 0, then we have just reopened the connection to the ffmpeg device, and we can clean up the thread. int frameComplete = false; while ( !frameComplete && !zm_terminate) { - int avResult = av_read_frame(mFormatContext, &packet); - char errbuf[AV_ERROR_MAX_STRING_SIZE]; - if ( avResult < 0 ) { - av_strerror(avResult, errbuf, AV_ERROR_MAX_STRING_SIZE); + ret = av_read_frame(mFormatContext, &packet); + if ( ret < 0 ) { if ( // Check if EOF. - (avResult == AVERROR_EOF || (mFormatContext->pb && mFormatContext->pb->eof_reached)) || + (ret == AVERROR_EOF || (mFormatContext->pb && mFormatContext->pb->eof_reached)) || // Check for Connection failure. - (avResult == -110) + (ret == -110) ) { Info("Unable to read packet from stream %d: error %d \"%s\".", - packet.stream_index, avResult, errbuf); + packet.stream_index, ret, av_make_error_string(ret).c_str()); } else { Error("Unable to read packet from stream %d: error %d \"%s\".", - packet.stream_index, avResult, errbuf); + packet.stream_index, ret, av_make_error_string(ret).c_str()); } return -1; } @@ -209,11 +212,10 @@ int FfmpegCamera::Capture(Image &image) { packet.stream_index, packet.pts, packet.dts); // What about audio stream? Maybe someday we could do sound detection... if ( ( packet.stream_index == mVideoStreamId ) && ( keyframe || have_video_keyframe ) ) { - int ret; ret = zm_receive_frame(mVideoCodecContext, mRawFrame, packet); if ( ret < 0 ) { - av_strerror(ret, errbuf, AV_ERROR_MAX_STRING_SIZE); - Error("Unable to get frame at frame %d: %s, continuing", frameCount, errbuf); + Error("Unable to get frame at frame %d: %s, continuing", + frameCount, av_make_error_string(ret).c_str()); zm_av_packet_unref(&packet); continue; } @@ -249,7 +251,7 @@ int FfmpegCamera::OpenFfmpeg() { // Open the input, not necessarily a file #if !LIBAVFORMAT_VERSION_CHECK(53, 2, 0, 4, 0) - if ( av_open_input_file( &mFormatContext, mPath.c_str(), NULL, 0, NULL ) != 0 ) + if ( av_open_input_file(&mFormatContext, mPath.c_str(), NULL, 0, NULL) != 0 ) #else // Handle options AVDictionary *opts = 0; @@ -274,7 +276,7 @@ int FfmpegCamera::OpenFfmpeg() { //#av_dict_set(&opts, "timeout", "10000000", 0); // in microseconds. if ( ret < 0 ) { - Warning("Could not set rtsp_transport method '%s'\n", method.c_str()); + Warning("Could not set rtsp_transport method '%s'", method.c_str()); } Debug(1, "Calling avformat_open_input for %s", mPath.c_str()); @@ -287,10 +289,11 @@ int FfmpegCamera::OpenFfmpeg() { mFormatContext->interrupt_callback.callback = FfmpegInterruptCallback; mFormatContext->interrupt_callback.opaque = this; - if ( avformat_open_input(&mFormatContext, mPath.c_str(), NULL, &opts) != 0 ) + ret = avformat_open_input(&mFormatContext, mPath.c_str(), NULL, &opts); + if ( ret != 0 ) #endif { - Error("Unable to open input %s due to: %s", mPath.c_str(), strerror(errno)); + Error("Unable to open input %s due to: %s", mPath.c_str(), strerror(ret)); #if !LIBAVFORMAT_VERSION_CHECK(53, 17, 0, 25, 0) av_close_input_file(mFormatContext); #else @@ -423,45 +426,47 @@ int FfmpegCamera::OpenFfmpeg() { Debug(1, "Video Found decoder %s", mVideoCodec->name); zm_dump_stream_format(mFormatContext, mVideoStreamId, 0, 0); - enum AVHWDeviceType type = AV_HWDEVICE_TYPE_NONE; - while ( (type = av_hwdevice_iterate_types(type)) != AV_HWDEVICE_TYPE_NONE ) - Debug(1, "%s", av_hwdevice_get_type_name(type)); + if ( hwaccel_name != "" ) { + enum AVHWDeviceType type = AV_HWDEVICE_TYPE_NONE; + while ( (type = av_hwdevice_iterate_types(type)) != AV_HWDEVICE_TYPE_NONE ) + Debug(1, "%s", av_hwdevice_get_type_name(type)); - const char *hw_name = "vaapi"; - type = av_hwdevice_find_type_by_name(hw_name); - if ( type == AV_HWDEVICE_TYPE_NONE ) { - Debug(1,"Device type %s is not supported.", hw_name); - } else { - Debug(1, "Found hwdevice %s", av_hwdevice_get_type_name(type)); - } + const char *hw_name = hwaccel_name.c_str(); + type = av_hwdevice_find_type_by_name(hw_name); + if ( type == AV_HWDEVICE_TYPE_NONE ) { + Debug(1, "Device type %s is not supported.", hw_name); + } else { + Debug(1, "Found hwdevice %s", av_hwdevice_get_type_name(type)); + } - // Get h_pix_fmt - for ( int i = 0;; i++ ) { - const AVCodecHWConfig *config = avcodec_get_hw_config(mVideoCodec, i); - if ( !config ) { - Debug(1, "Decoder %s does not support device type %s.", - mVideoCodec->name, av_hwdevice_get_type_name(type)); + // Get h_pix_fmt + for ( int i = 0;; i++ ) { + const AVCodecHWConfig *config = avcodec_get_hw_config(mVideoCodec, i); + if ( !config ) { + Debug(1, "Decoder %s does not support device type %s.", + mVideoCodec->name, av_hwdevice_get_type_name(type)); + return -1; + } + if ( (config->methods & AV_CODEC_HW_CONFIG_METHOD_HW_DEVICE_CTX ) + && (config->device_type == type) + ) { + hw_pix_fmt = config->pix_fmt; + break; + } + } // end foreach hwconfig + + mVideoCodecContext->get_format = get_hw_format; + + Debug(1, "Creating hwdevice"); + if ((ret = av_hwdevice_ctx_create(&hw_device_ctx, type, NULL, NULL, 0)) < 0) { + Error("Failed to create specified HW device."); return -1; } - if ( (config->methods & AV_CODEC_HW_CONFIG_METHOD_HW_DEVICE_CTX ) - && (config->device_type == type) - ) { - hw_pix_fmt = config->pix_fmt; - break; - } - } // end foreach hwconfig - - mVideoCodecContext->get_format = get_hw_format; - - Debug(1, "Creating hwdevice"); - if ((ret = av_hwdevice_ctx_create(&hw_device_ctx, type, NULL, NULL, 0)) < 0) { - Error("Failed to create specified HW device."); - return -1; - } - Debug(1, "Created hwdevice"); - mVideoCodecContext->hw_device_ctx = av_buffer_ref(hw_device_ctx); - hwaccel = true; - hwFrame = zm_av_frame_alloc(); + Debug(1, "Created hwdevice"); + mVideoCodecContext->hw_device_ctx = av_buffer_ref(hw_device_ctx); + hwaccel = true; + hwFrame = zm_av_frame_alloc(); + } // end if hwacel_name // Open the codec #if !LIBAVFORMAT_VERSION_CHECK(53, 8, 0, 8, 0) @@ -551,16 +556,27 @@ int FfmpegCamera::OpenFfmpeg() { #if HAVE_LIBSWSCALE Debug(1, "Calling sws_isSupportedInput"); if ( !sws_isSupportedInput(mVideoCodecContext->pix_fmt) ) { - Error("swscale does not support the codec format: %c%c%c%c", (mVideoCodecContext->pix_fmt)&0xff, ((mVideoCodecContext->pix_fmt >> 8)&0xff), ((mVideoCodecContext->pix_fmt >> 16)&0xff), ((mVideoCodecContext->pix_fmt >> 24)&0xff)); + Error("swscale does not support the codec format: %c%c%c%c", + (mVideoCodecContext->pix_fmt)&0xff, + ((mVideoCodecContext->pix_fmt >> 8)&0xff), + ((mVideoCodecContext->pix_fmt >> 16)&0xff), + ((mVideoCodecContext->pix_fmt >> 24)&0xff) + ); return -1; } if ( !sws_isSupportedOutput(imagePixFormat) ) { - Error("swscale does not support the target format: %c%c%c%c",(imagePixFormat)&0xff,((imagePixFormat>>8)&0xff),((imagePixFormat>>16)&0xff),((imagePixFormat>>24)&0xff)); + Error("swscale does not support the target format: %c%c%c%c", + (imagePixFormat)&0xff, + ((imagePixFormat>>8)&0xff), + ((imagePixFormat>>16)&0xff), + ((imagePixFormat>>24)&0xff) + ); return -1; } # if 0 + // Have to get a frame first to find out the actual format returned by decoding mConvertContext = sws_getContext( mVideoCodecContext->width, mVideoCodecContext->height, @@ -577,8 +593,14 @@ int FfmpegCamera::OpenFfmpeg() { Fatal( "You must compile ffmpeg with the --enable-swscale option to use ffmpeg cameras" ); #endif // HAVE_LIBSWSCALE - if ( (unsigned int)mVideoCodecContext->width != width || (unsigned int)mVideoCodecContext->height != height ) { - Warning( "Monitor dimensions are %dx%d but camera is sending %dx%d", width, height, mVideoCodecContext->width, mVideoCodecContext->height ); + if ( + ((unsigned int)mVideoCodecContext->width != width) + || + ((unsigned int)mVideoCodecContext->height != height) + ) { + Warning("Monitor dimensions are %dx%d but camera is sending %dx%d", + width, height, mVideoCodecContext->width, mVideoCodecContext->height + ); } mCanCapture = true; @@ -593,17 +615,17 @@ int FfmpegCamera::Close() { mCanCapture = false; if ( mFrame ) { - av_frame_free( &mFrame ); + av_frame_free(&mFrame); mFrame = NULL; } if ( mRawFrame ) { - av_frame_free( &mRawFrame ); + av_frame_free(&mRawFrame); mRawFrame = NULL; } #if HAVE_LIBSWSCALE if ( mConvertContext ) { - sws_freeContext( mConvertContext ); + sws_freeContext(mConvertContext); mConvertContext = NULL; } #endif @@ -631,9 +653,9 @@ int FfmpegCamera::Close() { if ( mFormatContext ) { #if !LIBAVFORMAT_VERSION_CHECK(53, 17, 0, 25, 0) - av_close_input_file( mFormatContext ); + av_close_input_file(mFormatContext); #else - avformat_close_input( &mFormatContext ); + avformat_close_input(&mFormatContext); #endif mFormatContext = NULL; } @@ -652,7 +674,6 @@ int FfmpegCamera::CaptureAndRecord( Image &image, timeval recording, char* event return -1; } int ret; - static char errbuf[AV_ERROR_MAX_STRING_SIZE]; int frameComplete = false; while ( !frameComplete ) { @@ -660,16 +681,17 @@ int FfmpegCamera::CaptureAndRecord( Image &image, timeval recording, char* event ret = av_read_frame(mFormatContext, &packet); if ( ret < 0 ) { - av_strerror(ret, errbuf, AV_ERROR_MAX_STRING_SIZE); if ( // Check if EOF. (ret == AVERROR_EOF || (mFormatContext->pb && mFormatContext->pb->eof_reached)) || // Check for Connection failure. (ret == -110) ) { - Info("Unable to read packet from stream %d: error %d \"%s\".", packet.stream_index, ret, errbuf); + Info("Unable to read packet from stream %d: error %d \"%s\".", + packet.stream_index, ret, av_make_error_string(ret).c_str()); } else { - Error("Unable to read packet from stream %d: error %d \"%s\".", packet.stream_index, ret, errbuf); + Error("Unable to read packet from stream %d: error %d \"%s\".", + packet.stream_index, ret, av_make_error_string(ret).c_str()); } return -1; } @@ -771,7 +793,7 @@ int FfmpegCamera::CaptureAndRecord( Image &image, timeval recording, char* event ZMPacket *queued_packet; // Clear all packets that predate the moment when the recording began - packetqueue->clear_unwanted_packets( &recording, mVideoStreamId ); + packetqueue->clear_unwanted_packets(&recording, mVideoStreamId); while ( ( queued_packet = packetqueue->popPacket() ) ) { AVPacket *avp = queued_packet->av_packet(); @@ -781,10 +803,10 @@ int FfmpegCamera::CaptureAndRecord( Image &image, timeval recording, char* event Debug(2, "Writing queued packet stream: %d KEY %d, remaining (%d)", avp->stream_index, avp->flags & AV_PKT_FLAG_KEY, packetqueue->size()); if ( avp->stream_index == mVideoStreamId ) { - ret = videoStore->writeVideoFramePacket( avp ); + ret = videoStore->writeVideoFramePacket(avp); have_video_keyframe = true; } else if ( avp->stream_index == mAudioStreamId ) { - ret = videoStore->writeAudioFramePacket( avp ); + ret = videoStore->writeAudioFramePacket(avp); } else { Warning("Unknown stream id in queued packet (%d)", avp->stream_index); ret = -1; @@ -855,11 +877,9 @@ int FfmpegCamera::CaptureAndRecord( Image &image, timeval recording, char* event Debug(4, "about to decode video"); ret = zm_receive_frame(mVideoCodecContext, mRawFrame, packet); - if ( ret < 0 ) { - av_strerror(ret, errbuf, AV_ERROR_MAX_STRING_SIZE); Warning("Unable to receive frame %d: %s, continuing. error count is %s", - frameCount, errbuf, error_count); + frameCount, av_make_error_string(ret).c_str(), error_count); error_count += 1; if ( error_count > 100 ) { Error("Error count over 100, going to close and re-open stream"); @@ -875,8 +895,8 @@ int FfmpegCamera::CaptureAndRecord( Image &image, timeval recording, char* event /* retrieve data from GPU to CPU */ ret = av_hwframe_transfer_data(hwFrame, mRawFrame, 0); if ( ret < 0 ) { - av_strerror(ret, errbuf, AV_ERROR_MAX_STRING_SIZE); - Error("Unable to transfer frame at frame %d: %s, continuing", frameCount, errbuf); + Error("Unable to transfer frame at frame %d: %s, continuing", + frameCount, av_make_error_string(ret).c_str()); zm_av_packet_unref(&packet); continue; } @@ -908,7 +928,7 @@ int FfmpegCamera::CaptureAndRecord( Image &image, timeval recording, char* event mAudioStreamId, packet.stream_index); //Write the packet to our video store //FIXME no relevance of last key frame - int ret = videoStore->writeAudioFramePacket( &packet ); + int ret = videoStore->writeAudioFramePacket(&packet); if ( ret < 0 ) {//Less than zero and we skipped a frame Warning("Failure to write audio packet."); zm_av_packet_unref(&packet); diff --git a/src/zm_ffmpeg_camera.h b/src/zm_ffmpeg_camera.h index 9f7fbb3ae..210a67f45 100644 --- a/src/zm_ffmpeg_camera.h +++ b/src/zm_ffmpeg_camera.h @@ -41,6 +41,8 @@ class FfmpegCamera : public Camera { std::string mPath; std::string mMethod; std::string mOptions; + std::string hwaccel_name; + std::string hwaccel_device; int frameCount; @@ -86,17 +88,32 @@ class FfmpegCamera : public Camera { int error_count; public: - FfmpegCamera( int p_id, const std::string &path, const std::string &p_method, const std::string &p_options, int p_width, int p_height, int p_colours, int p_brightness, int p_contrast, int p_hue, int p_colour, bool p_capture, bool p_record_audio ); + FfmpegCamera( + int p_id, + const std::string &path, + const std::string &p_method, + const std::string &p_options, + int p_width, + int p_height, + int p_colours, + int p_brightness, + int p_contrast, + int p_hue, + int p_colour, + bool p_capture, + bool p_record_audio, + const std::string &p_hwaccel_name, + const std::string &p_hwaccel_device + ); ~FfmpegCamera(); - const std::string &Path() const { return( mPath ); } - const std::string &Options() const { return( mOptions ); } - const std::string &Method() const { return( mMethod ); } + const std::string &Path() const { return mPath; } + const std::string &Options() const { return mOptions; } + const std::string &Method() const { return mMethod; } void Initialise(); void Terminate(); - int PrimeCapture(); int PreCapture(); int Capture( Image &image ); From d0abd164942cd62b5d137250a1e3c9c26bed4180 Mon Sep 17 00:00:00 2001 From: Isaac Connor Date: Tue, 25 Jun 2019 15:34:01 -0400 Subject: [PATCH 291/922] add passing hwaccel name and device. use av_make_error_string(ret).c_str() to reduce code and increase consistency --- src/zm_ffmpeg_input.cpp | 11 ++++------- 1 file changed, 4 insertions(+), 7 deletions(-) diff --git a/src/zm_ffmpeg_input.cpp b/src/zm_ffmpeg_input.cpp index 3c888fa6f..5cca6b35b 100644 --- a/src/zm_ffmpeg_input.cpp +++ b/src/zm_ffmpeg_input.cpp @@ -108,23 +108,21 @@ AVFrame *FFmpeg_Input::get_frame(int stream_id) { int frameComplete = false; AVPacket packet; av_init_packet(&packet); - char errbuf[AV_ERROR_MAX_STRING_SIZE]; while ( !frameComplete ) { int ret = av_read_frame(input_format_context, &packet); if ( ret < 0 ) { - av_strerror(ret, errbuf, AV_ERROR_MAX_STRING_SIZE); if ( // Check if EOF. (ret == AVERROR_EOF || (input_format_context->pb && input_format_context->pb->eof_reached)) || // Check for Connection failure. (ret == -110) ) { - Info("av_read_frame returned %s.", errbuf); + Info("av_read_frame returned %s.", av_make_error_string(ret).c_str()); return NULL; } Error("Unable to read packet from stream %d: error %d \"%s\".", - packet.stream_index, ret, errbuf); + packet.stream_index, ret, av_make_error_string(ret).c_str()); return NULL; } dumpPacket(input_format_context->streams[packet.stream_index], &packet, "Received packet"); @@ -142,10 +140,9 @@ AVFrame *FFmpeg_Input::get_frame(int stream_id) { } ret = zm_receive_frame(context, frame, packet); if ( ret < 0 ) { - av_strerror(ret, errbuf, AV_ERROR_MAX_STRING_SIZE); Error("Unable to decode frame at frame %d: %s, continuing", - streams[packet.stream_index].frame_count, errbuf); - zm_av_packet_unref( &packet ); + streams[packet.stream_index].frame_count, av_make_error_string(ret).c_str()); + zm_av_packet_unref(&packet); av_frame_free(&frame); continue; } From 434bbce954904feca0dc754370db78e472798ce3 Mon Sep 17 00:00:00 2001 From: Isaac Connor Date: Tue, 25 Jun 2019 15:34:17 -0400 Subject: [PATCH 292/922] Add loading decoder_hwaccel in Monitor --- src/zm_monitor.cpp | 20 ++++++++++++++++---- src/zm_monitor.h | 4 ++++ 2 files changed, 20 insertions(+), 4 deletions(-) diff --git a/src/zm_monitor.cpp b/src/zm_monitor.cpp index d282f0e2d..76b7e9a34 100644 --- a/src/zm_monitor.cpp +++ b/src/zm_monitor.cpp @@ -71,7 +71,8 @@ std::string load_monitor_sql = "SELECT Id, Name, ServerId, StorageId, Type, Function+0, Enabled, LinkedMonitors, " "AnalysisFPSLimit, AnalysisUpdateDelay, MaxFPS, AlarmMaxFPS," "Device, Channel, Format, V4LMultiBuffer, V4LCapturesPerFrame, " // V4L Settings -"Protocol, Method, Options, User, Pass, Host, Port, Path, Width, Height, Colours, Palette, Orientation+0, Deinterlacing, RTSPDescribe, " +"Protocol, Method, Options, User, Pass, Host, Port, Path, Width, Height, Colours, Palette, Orientation+0, Deinterlacing, " +"DecoderHWAccelName, DecoderHWAccelDevice, RTSPDescribe, " "SaveJPEGs, VideoWriter, EncoderParameters, " //" OutputCodec, Encoder, OutputContainer, " "RecordAudio, " @@ -281,6 +282,8 @@ Monitor::Monitor( Camera *p_camera, int p_orientation, unsigned int p_deinterlacing, + const std::string &p_decoder_hwaccel_name, + const std::string &p_decoder_hwaccel_device, int p_savejpegs, VideoWriter p_videowriter, std::string p_encoderparams, @@ -322,6 +325,8 @@ Monitor::Monitor( height( (p_orientation==ROTATE_90||p_orientation==ROTATE_270)?p_camera->Width():p_camera->Height() ), orientation( (Orientation)p_orientation ), deinterlacing( p_deinterlacing ), + decoder_hwaccel_name(p_decoder_hwaccel_name), + decoder_hwaccel_device(p_decoder_hwaccel_device), savejpegs( p_savejpegs ), videowriter( p_videowriter ), encoderparams( p_encoderparams ), @@ -361,7 +366,7 @@ Monitor::Monitor( privacy_bitmask( NULL ), event_delete_thread(NULL) { - strncpy( name, p_name, sizeof(name)-1 ); + strncpy(name, p_name, sizeof(name)-1); strncpy(event_prefix, p_event_prefix, sizeof(event_prefix)-1); strncpy(label_format, p_label_format, sizeof(label_format)-1); @@ -2087,6 +2092,9 @@ Monitor *Monitor::Load(MYSQL_ROW dbrow, bool load_zones, Purpose purpose) { int palette = atoi(dbrow[col]); col++; Orientation orientation = (Orientation)atoi(dbrow[col]); col++; int deinterlacing = atoi(dbrow[col]); col++; + std::string decoder_hwaccel_name = dbrow[col] ? dbrow[col] : ""; col++; + std::string decoder_hwaccel_device = dbrow[col] ? dbrow[col] : ""; col++; + bool rtsp_describe = (dbrow[col] && *dbrow[col] != '0'); col++; int savejpegs = atoi(dbrow[col]); col++; @@ -2223,8 +2231,10 @@ Monitor *Monitor::Load(MYSQL_ROW dbrow, bool load_zones, Purpose purpose) { hue, colour, purpose==CAPTURE, - record_audio - ); + record_audio, + decoder_hwaccel_name, + decoder_hwaccel_device + ); #endif // HAVE_LIBAVFORMAT } else if ( type == "NVSocket" ) { camera = new RemoteCameraNVSocket( @@ -2297,6 +2307,8 @@ Monitor *Monitor::Load(MYSQL_ROW dbrow, bool load_zones, Purpose purpose) { camera, orientation, deinterlacing, + decoder_hwaccel_name, + decoder_hwaccel_device, savejpegs, videowriter, encoderparams, diff --git a/src/zm_monitor.h b/src/zm_monitor.h index c7e406f89..37efec69a 100644 --- a/src/zm_monitor.h +++ b/src/zm_monitor.h @@ -250,6 +250,8 @@ protected: Orientation orientation; // Whether the image has to be rotated at all unsigned int deinterlacing; bool videoRecording; + std::string decoder_hwaccel_name; + std::string decoder_hwaccel_device; int savejpegs; VideoWriter videowriter; @@ -368,6 +370,8 @@ public: Camera *p_camera, int p_orientation, unsigned int p_deinterlacing, + const std::string &p_decoder_hwaccel_name, + const std::string &p_decoder_hwaccel_device, int p_savejpegs, VideoWriter p_videowriter, std::string p_encoderparams, From 86c4051c44712c6b34bb6669c5f1327fba0569b4 Mon Sep 17 00:00:00 2001 From: Isaac Connor Date: Tue, 25 Jun 2019 15:34:36 -0400 Subject: [PATCH 293/922] handle zm_receive_frame returning AVERROR instead of boolean --- src/zm_videostore.cpp | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/src/zm_videostore.cpp b/src/zm_videostore.cpp index 1482884ab..5e07aecc9 100644 --- a/src/zm_videostore.cpp +++ b/src/zm_videostore.cpp @@ -1000,7 +1000,7 @@ int VideoStore::writeAudioFramePacket(AVPacket *ipkt) { if ( audio_out_codec ) { Debug(2, "Have output codec"); - if ( ! zm_receive_frame(audio_in_ctx, in_frame, *ipkt) ) { + if ( ( ret = zm_receive_frame(audio_in_ctx, in_frame, *ipkt) ) < 0 ) { return 0; } From a28f17653f7b81d01a6336aa17acde1c1901cb0e Mon Sep 17 00:00:00 2001 From: Isaac Connor Date: Tue, 25 Jun 2019 15:34:45 -0400 Subject: [PATCH 294/922] Add DecoderHWAccel fields to Monitor --- web/includes/Monitor.php | 2 ++ web/skins/classic/views/monitor.php | 16 ++++++++++++++++ 2 files changed, 18 insertions(+) diff --git a/web/includes/Monitor.php b/web/includes/Monitor.php index 6e685508c..75c432c09 100644 --- a/web/includes/Monitor.php +++ b/web/includes/Monitor.php @@ -38,6 +38,8 @@ private $defaults = array( 'Palette' => '0', 'Orientation' => null, 'Deinterlacing' => 0, + 'DecoderHWAccelName' => null, + 'DecoderHWAccelDevice' => null, 'SaveJPEGs' => 3, 'VideoWriter' => '0', 'OutputCodec' => null, diff --git a/web/skins/classic/views/monitor.php b/web/skins/classic/views/monitor.php index 1cedd8071..d13c6606b 100644 --- a/web/skins/classic/views/monitor.php +++ b/web/skins/classic/views/monitor.php @@ -895,6 +895,22 @@ include('_monitor_source_nvsocket.php');  (Type()), 'zmOptionHelp', 'optionhelp', '?' ) ?>)
+ () +
+ () +
Length() ) ?>Id(), 'zmFrames', 'frames', $event->Frames() ) ?>Id(), 'zmFrames', 'frames', $event->AlarmFrames() ) ?>Id(), 'zmFrames', + ( ZM_WEB_LIST_THUMBS ? array('frames', ZM_WEB_LIST_THUMB_WIDTH, ZM_WEB_LIST_THUMB_HEIGHT) : 'frames'), + $event->Frames() ) ?>Id(), 'zmFrames', + ( ZM_WEB_LIST_THUMBS ? array('frames', ZM_WEB_LIST_THUMB_WIDTH, ZM_WEB_LIST_THUMB_HEIGHT) : 'frames'), + $event->AlarmFrames() ) ?> TotScore() ?> AvgScore() ?> Date: Thu, 4 Jul 2019 09:04:43 -0400 Subject: [PATCH 320/922] google code style --- web/skins/classic/js/skin.js | 28 ++++++++++++++-------------- 1 file changed, 14 insertions(+), 14 deletions(-) diff --git a/web/skins/classic/js/skin.js b/web/skins/classic/js/skin.js index a14c63bfc..d39062087 100644 --- a/web/skins/classic/js/skin.js +++ b/web/skins/classic/js/skin.js @@ -51,51 +51,51 @@ function newWindow( url, name, width, height ) { function getPopupSize( tag, width, height ) { if ( typeof popupSizes == 'undefined' ) { - Error( "Can't find any window sizes" ); - return ( {'width': 0, 'height': 0} ); + Error("Can't find any window sizes"); + return {'width': 0, 'height': 0}; } - var popupSize = Object.clone( popupSizes[tag] ); + var popupSize = Object.clone(popupSizes[tag]); if ( !popupSize ) { - Error( "Can't find window size for tag '"+tag+"'" ); - return ( {'width': 0, 'height': 0} ); + Error("Can't find window size for tag '"+tag+"'"); + return {'width': 0, 'height': 0}; } if ( popupSize.width && popupSize.height ) { if ( width || height ) { - Warning( "Ignoring passed dimensions "+width+"x"+height+" when getting popup size for tag '"+tag+"'" ); + Warning("Ignoring passed dimensions "+width+"x"+height+" when getting popup size for tag '"+tag+"'"); } - return ( popupSize ); + return popupSize; } if ( popupSize.addWidth ) { popupSize.width = popupSize.addWidth; if ( !width ) { - Error( "Got addWidth but no passed width when getting popup size for tag '"+tag+"'" ); + Error("Got addWidth but no passed width when getting popup size for tag '"+tag+"'"); } else { popupSize.width += parseInt(width); } } else if ( width ) { popupSize.width = width; - Error( "Got passed width but no addWidth when getting popup size for tag '"+tag+"'" ); + Error("Got passed width but no addWidth when getting popup size for tag '"+tag+"'"); } if ( popupSize.minWidth && popupSize.width < popupSize.minWidth ) { - Warning( "Adjusting to minimum width when getting popup size for tag '"+tag+"'" ); + Warning("Adjusting to minimum width when getting popup size for tag '"+tag+"'"); popupSize.width = popupSize.minWidth; } if ( popupSize.addHeight ) { popupSize.height = popupSize.addHeight; if ( !height ) { - Error( "Got addHeight but no passed height when getting popup size for tag '"+tag+"'" ); + Error("Got addHeight but no passed height when getting popup size for tag '"+tag+"'"); } else { popupSize.height += parseInt(height); } } else if ( height ) { popupSize.height = height; - Error( "Got passed height but no addHeight when getting popup size for tag '"+tag+"'" ); + Error("Got passed height but no addHeight when getting popup size for tag '"+tag+"'"); } if ( popupSize.minHeight && ( popupSize.height < popupSize.minHeight ) ) { - Warning( "Adjusting to minimum height ("+popupSize.minHeight+") when getting popup size for tag '"+tag+"' because calculated height is " + popupSize.height ); + Warning("Adjusting to minimum height ("+popupSize.minHeight+") when getting popup size for tag '"+tag+"' because calculated height is " + popupSize.height); popupSize.height = popupSize.minHeight; } - return ( popupSize ); + return popupSize; } function zmWindow() { From aa817adbeda64c497ab59b595860bb459d3ad82b Mon Sep 17 00:00:00 2001 From: bluikko <14869000+bluikko@users.noreply.github.com> Date: Sun, 7 Jul 2019 19:26:06 +0700 Subject: [PATCH 321/922] Add primary keys to Logs and Stats tables (#2653) * Add primary keys to Logs and Stats tables Adds an auto_increment int(10) Id as PRIMARY KEY to Logs and Stats tables. Closes ZoneMinder#2550 and makes ZoneMinder compatible with Galera writeset replication for InnoDB (Galera Cluster, Percona XtraDB Cluster). * Do ALTER TABLE only if columns do not exist * Add forgotten prepare/execute --- db/zm_create.sql.in | 4 ++++ db/zm_update-1.33.12.sql | 27 +++++++++++++++++++++++++++ 2 files changed, 31 insertions(+) create mode 100644 db/zm_update-1.33.12.sql diff --git a/db/zm_create.sql.in b/db/zm_create.sql.in index f8fb8673b..261a4368c 100644 --- a/db/zm_create.sql.in +++ b/db/zm_create.sql.in @@ -351,6 +351,7 @@ CREATE INDEX `Groups_Monitors_MonitorId_idx` ON `Groups_Monitors` (`MonitorId`); DROP TABLE IF EXISTS `Logs`; CREATE TABLE `Logs` ( + `Id` int(10) unsigned NOT NULL AUTO_INCREMENT, `TimeKey` decimal(16,6) NOT NULL, `Component` varchar(32) NOT NULL, `ServerId` int(10) unsigned, @@ -360,6 +361,7 @@ CREATE TABLE `Logs` ( `Message` text NOT NULL, `File` varchar(255) DEFAULT NULL, `Line` smallint(5) unsigned DEFAULT NULL, + PRIMARY KEY (`Id`), KEY `TimeKey` (`TimeKey`) ) ENGINE=@ZM_MYSQL_ENGINE@; @@ -589,6 +591,7 @@ CREATE INDEX `Servers_Name_idx` ON `Servers` (`Name`); DROP TABLE IF EXISTS `Stats`; CREATE TABLE `Stats` ( + `Id` int(10) unsigned NOT NULL AUTO_INCREMENT, `MonitorId` int(10) unsigned NOT NULL default '0', `ZoneId` int(10) unsigned NOT NULL default '0', `EventId` BIGINT UNSIGNED NOT NULL, @@ -605,6 +608,7 @@ CREATE TABLE `Stats` ( `MinY` smallint(5) unsigned NOT NULL default '0', `MaxY` smallint(5) unsigned NOT NULL default '0', `Score` smallint(5) unsigned NOT NULL default '0', + PRIMARY KEY (`Id`), KEY `EventId` (`EventId`), KEY `MonitorId` (`MonitorId`), KEY `ZoneId` (`ZoneId`) diff --git a/db/zm_update-1.33.12.sql b/db/zm_update-1.33.12.sql new file mode 100644 index 000000000..8188ad841 --- /dev/null +++ b/db/zm_update-1.33.12.sql @@ -0,0 +1,27 @@ +-- +-- Add primary keys for Logs and Stats tables +-- + +SET @s = (SELECT IF( + (SELECT COUNT(*) FROM INFORMATION_SCHEMA.COLUMNS WHERE table_schema = DATABASE() + AND table_name = 'Logs' + AND column_name = 'Id' + ) > 0, +"SELECT 'Column Id already exists in Logs'", +"ALTER TABLE `Logs` ADD COLUMN `Id` INT(10) UNSIGNED NOT NULL AUTO_INCREMENT FIRST, ADD PRIMARY KEY (`Id`)" +)); + +PREPARE stmt FROM @s; +EXECUTE stmt; + +SET @s = (SELECT IF( + (SELECT COUNT(*) FROM INFORMATION_SCHEMA.COLUMNS WHERE table_schema = DATABASE() + AND table_name = 'Stats' + AND column_name = 'Id' + ) > 0, +"SELECT 'Column Id already exists in Stats'", +"ALTER TABLE `Stats` ADD COLUMN `Id` INT(10) UNSIGNED NOT NULL AUTO_INCREMENT FIRST, ADD PRIMARY KEY (`Id`)" +)); + +PREPARE stmt FROM @s; +EXECUTE stmt; From 8c735856f80ca38d83584c803814951275e8fe36 Mon Sep 17 00:00:00 2001 From: Andrew Bauer Date: Sun, 7 Jul 2019 07:32:12 -0500 Subject: [PATCH 322/922] bump version required by #2653 --- version | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/version b/version index ca7a1ec9c..325da8275 100644 --- a/version +++ b/version @@ -1 +1 @@ -1.33.11 +1.33.12 From 255f606ebf77f6885d420cdc80a04c8409e37ec4 Mon Sep 17 00:00:00 2001 From: Andrew Bauer Date: Sun, 7 Jul 2019 07:33:50 -0500 Subject: [PATCH 323/922] bump rpm specfile --- distros/redhat/zoneminder.spec | 5 ++++- 1 file changed, 4 insertions(+), 1 deletion(-) diff --git a/distros/redhat/zoneminder.spec b/distros/redhat/zoneminder.spec index c8413d6a0..d064c3b94 100644 --- a/distros/redhat/zoneminder.spec +++ b/distros/redhat/zoneminder.spec @@ -23,7 +23,7 @@ %global _hardened_build 1 Name: zoneminder -Version: 1.33.9 +Version: 1.33.12 Release: 1%{?dist} Summary: A camera monitoring and analysis tool Group: System Environment/Daemons @@ -411,6 +411,9 @@ EOF %dir %attr(755,nginx,nginx) %{_localstatedir}/spool/zoneminder-upload %changelog +* Sun Jul 07 2019 Andrew Bauer - 1.33.12-1 +- Bump to 1.33.12 Development + * Sun Jun 23 2019 Andrew Bauer - 1.33.9-1 - Bump to 1.33.9 Development From 0f35d86efbdec059eda5ccb1f1b12c59cb51af72 Mon Sep 17 00:00:00 2001 From: Isaac Connor Date: Sun, 7 Jul 2019 08:56:39 -0400 Subject: [PATCH 324/922] implement zm_send_frame which sends a frame and receives a packet --- src/zm_ffmpeg.cpp | 39 +++++++++++++++++++++++++++++++++++++++ src/zm_ffmpeg.h | 4 +++- 2 files changed, 42 insertions(+), 1 deletion(-) diff --git a/src/zm_ffmpeg.cpp b/src/zm_ffmpeg.cpp index 139ab5838..4ee6e6707 100644 --- a/src/zm_ffmpeg.cpp +++ b/src/zm_ffmpeg.cpp @@ -539,6 +539,45 @@ int zm_receive_frame(AVCodecContext *context, AVFrame *frame, AVPacket &packet) return 0; } // end int zm_receive_frame(AVCodecContext *context, AVFrame *frame, AVPacket &packet) +int zm_send_frame(AVCodecContext *ctx, AVFrame *frame, AVPacket &packet) { + int ret; + #if LIBAVCODEC_VERSION_CHECK(57, 64, 0, 64, 0) + if ( (ret = avcodec_send_frame(ctx, frame)) < 0 ) { + Error("Could not send frame (error '%s')", + av_make_error_string(ret).c_str()); + zm_av_packet_unref(&packet); + return 0; + } + + if ( (ret = avcodec_receive_packet(ctx, &packet)) < 0 ) { + if ( AVERROR(EAGAIN) == ret ) { + // The codec may need more samples than it has, perfectly valid + Debug(2, "Codec not ready to give us a packet"); + } else { + Error("Could not recieve packet (error %d = '%s')", ret, + av_make_error_string(ret).c_str()); + } + zm_av_packet_unref(&packet); + return 0; + } + #else + int data_present; + if ( (ret = avcodec_encode_audio2( + ctx, &packet, frame, &data_present)) < 0 ) { + Error("Could not encode frame (error '%s')", + av_make_error_string(ret).c_str()); + zm_av_packet_unref(&packet); + return 0; + } + if ( !data_present ) { + Debug(2, "Not ready to out a frame yet."); + zm_av_packet_unref(&packet); + return 0; + } + #endif + return 1; +} // wend zm_send_frame + void dumpPacket(AVStream *stream, AVPacket *pkt, const char *text) { char b[10240]; diff --git a/src/zm_ffmpeg.h b/src/zm_ffmpeg.h index e3b8314f8..18e018e26 100644 --- a/src/zm_ffmpeg.h +++ b/src/zm_ffmpeg.h @@ -332,7 +332,9 @@ bool is_audio_stream(AVStream *); bool is_video_context(AVCodec *); bool is_audio_context(AVCodec *); -int zm_receive_frame( AVCodecContext *context, AVFrame *frame, AVPacket &packet ); +int zm_receive_frame(AVCodecContext *context, AVFrame *frame, AVPacket &packet); +int zm_send_frame(AVCodecContext *context, AVFrame *frame, AVPacket &packet); + void dumpPacket(AVStream *, AVPacket *,const char *text=""); void dumpPacket(AVPacket *,const char *text=""); #endif // ZM_FFMPEG_H From 94cc85aa36908d42f2cd2faa7038cf0a5fda4819 Mon Sep 17 00:00:00 2001 From: Isaac Connor Date: Sun, 7 Jul 2019 08:57:22 -0400 Subject: [PATCH 325/922] Sorta fix pts on encoded audio packets. Sync is off, but at least it is close --- src/zm_ffmpeg_camera.cpp | 4 +- src/zm_videostore.cpp | 110 ++++++++++++++++++--------------------- 2 files changed, 54 insertions(+), 60 deletions(-) diff --git a/src/zm_ffmpeg_camera.cpp b/src/zm_ffmpeg_camera.cpp index 0eac0e49d..b96142aab 100644 --- a/src/zm_ffmpeg_camera.cpp +++ b/src/zm_ffmpeg_camera.cpp @@ -466,8 +466,8 @@ int FfmpegCamera::OpenFfmpeg() { } else { Debug(1, "decoder %s hwConfig doesn't match our type: %s, pix_fmt %s.", mVideoCodec->name, - av_hwdevice_get_type_name(config-device_type), - av_get_pix_fmt_name(config->pix_fmt); + av_hwdevice_get_type_name(config->device_type), + av_get_pix_fmt_name(config->pix_fmt) ); } } // end foreach hwconfig diff --git a/src/zm_videostore.cpp b/src/zm_videostore.cpp index bd4f47a2f..5ffec165b 100644 --- a/src/zm_videostore.cpp +++ b/src/zm_videostore.cpp @@ -1030,13 +1030,15 @@ int VideoStore::writeAudioFramePacket(AVPacket *ipkt) { } zm_dump_frame(out_frame, "Out frame after resample"); +#if 0 // out_frame pts is in the input pkt pts... needs to be adjusted before sending to the encoder if ( out_frame->pts != AV_NOPTS_VALUE ) { if ( !audio_first_pts ) { audio_first_pts = out_frame->pts; - Debug(1, "No video_first_pts setting to %" PRId64, audio_first_pts); + Debug(1, "No audio_first_pts setting to %" PRId64, audio_first_pts); out_frame->pts = 0; } else { + // out_frame_pts is in codec->timebase, audio_first_pts is in packet timebase. out_frame->pts = out_frame->pts - audio_first_pts; zm_dump_frame(out_frame, "Out frame after pts adjustment"); } @@ -1046,55 +1048,55 @@ int VideoStore::writeAudioFramePacket(AVPacket *ipkt) { out_frame->pts = audio_next_pts; } audio_next_pts = out_frame->pts + out_frame->nb_samples; +#endif av_init_packet(&opkt); - #if LIBAVCODEC_VERSION_CHECK(57, 64, 0, 64, 0) - if ( (ret = avcodec_send_frame(audio_out_ctx, out_frame)) < 0 ) { - Error("Could not send frame (error '%s')", - av_make_error_string(ret).c_str()); - zm_av_packet_unref(&opkt); + if ( !zm_send_frame(audio_out_ctx, out_frame, opkt) ) { return 0; } - if ( (ret = avcodec_receive_packet(audio_out_ctx, &opkt)) < 0 ) { - if ( AVERROR(EAGAIN) == ret ) { - // The codec may need more samples than it has, perfectly valid - Debug(2, "Codec not ready to give us a packet"); - } else { - Error("Could not recieve packet (error %d = '%s')", ret, - av_make_error_string(ret).c_str()); - } - zm_av_packet_unref(&opkt); - return 0; - } - #else - int data_present; - if ( (ret = avcodec_encode_audio2( - audio_out_ctx, &opkt, out_frame, &data_present)) < 0 ) { - Error("Could not encode frame (error '%s')", - av_make_error_string(ret).c_str()); - zm_av_packet_unref(&opkt); - return 0; - } - if ( !data_present ) { - Debug(2, "Not ready to out a frame yet."); - zm_av_packet_unref(&opkt); - return 0; - } - #endif -#if 0 - // These should be set by encoder. They may not directly relate to ipkt due to buffering in codec. - opkt.duration = av_rescale_q(opkt.duration, - audio_in_stream->time_base, - audio_out_stream->time_base); - opkt.pts = av_rescale_q(opkt.pts, - audio_in_stream->time_base, - audio_out_stream->time_base); - opkt.dts = av_rescale_q(opkt.dts, - audio_in_stream->time_base, - audio_out_stream->time_base); -#endif dumpPacket(audio_out_stream, &opkt, "raw opkt"); + opkt.duration = av_rescale_q( + opkt.duration, + audio_out_ctx->time_base, + audio_out_stream->time_base); + // Scale the PTS of the outgoing packet to be the correct time base + if ( ipkt->pts != AV_NOPTS_VALUE ) { + if ( !audio_first_pts ) { + opkt.pts = 0; + audio_first_pts = ipkt->pts; + Debug(1, "No audio_first_pts"); + } else { + opkt.pts = av_rescale_q( + opkt.pts, + audio_out_ctx->time_base, + audio_out_stream->time_base); + opkt.pts -= audio_first_pts; + Debug(2, "audio opkt.pts = %" PRId64 " from ipkt->pts(%" PRId64 ") - first_pts(%" PRId64 ")", + opkt.pts, ipkt->pts, audio_first_pts); + } + } else { + Debug(2, "opkt.pts = undef"); + opkt.pts = AV_NOPTS_VALUE; + } + + if ( opkt.dts != AV_NOPTS_VALUE ) { + if ( !audio_first_dts ) { + opkt.dts = 0; + audio_first_dts = opkt.dts; + } else { + opkt.dts = av_rescale_q( + opkt.dts, + audio_out_ctx->time_base, + audio_out_stream->time_base); + opkt.dts -= audio_first_dts; + Debug(2, "opkt.dts = %" PRId64 " from ipkt.dts(%" PRId64 ") - first_dts(%" PRId64 ")", + opkt.dts, ipkt->dts, audio_first_dts); + } + audio_last_dts = opkt.dts; + } else { + opkt.dts = AV_NOPTS_VALUE; + } } else { Debug(2,"copying"); @@ -1128,16 +1130,6 @@ int VideoStore::writeAudioFramePacket(AVPacket *ipkt) { } if ( ipkt->dts != AV_NOPTS_VALUE ) { - // So if the in has no dts assigned... still need an out dts... so we use cur_dts? - -#if 0 - if ( audio_last_dts >= audio_in_stream->cur_dts ) { - Debug(1, "Resetting audio_last_dts from (%d) to cur_dts (%d)", audio_last_dts, audio_in_stream->cur_dts); - opkt.dts = audio_next_dts + av_rescale_q( audio_in_stream->cur_dts, AV_TIME_BASE_Q, audio_out_stream->time_base); - } else { - opkt.dts = audio_next_dts + av_rescale_q( audio_in_stream->cur_dts - audio_last_dts, AV_TIME_BASE_Q, audio_out_stream->time_base); - } -#endif if ( !audio_first_dts ) { opkt.dts = 0; audio_first_dts = ipkt->dts; @@ -1251,15 +1243,17 @@ int VideoStore::resample_audio() { } out_frame->nb_samples = frame_size; // resampling changes the duration because the timebase is 1/samples + // I think we should be dealing in codec timebases not stream if ( in_frame->pts != AV_NOPTS_VALUE ) { out_frame->pkt_duration = av_rescale_q( in_frame->pkt_duration, - audio_in_stream->time_base, - audio_out_stream->time_base); + audio_in_ctx->time_base, + audio_out_ctx->time_base); out_frame->pts = av_rescale_q( in_frame->pts, - audio_in_stream->time_base, - audio_out_stream->time_base); + audio_in_ctx->time_base, + audio_out_ctx->time_base); + zm_dump_frame(out_frame, "Out frame after timestamp conversion"); } #else #if defined(HAVE_LIBAVRESAMPLE) From 3c1cd1e7501caa40fbaf6949c710a9c0c70c2c63 Mon Sep 17 00:00:00 2001 From: Isaac Connor Date: Sun, 7 Jul 2019 16:03:54 -0400 Subject: [PATCH 326/922] rename var from nevents to nFrames because that's what they are. Fix an error when page=0 --- web/skins/classic/views/frames.php | 16 ++++++++-------- 1 file changed, 8 insertions(+), 8 deletions(-) diff --git a/web/skins/classic/views/frames.php b/web/skins/classic/views/frames.php index 9a877ae3b..ea8b181a1 100644 --- a/web/skins/classic/views/frames.php +++ b/web/skins/classic/views/frames.php @@ -28,7 +28,6 @@ require_once('includes/Frame.php'); $countSql = 'SELECT COUNT(*) AS FrameCount FROM Frames AS F WHERE 1 '; $frameSql = 'SELECT *, unix_timestamp( TimeStamp ) AS UnixTimeStamp FROM Frames AS F WHERE 1 '; -$eid = $_REQUEST['eid']; // override the sort_field handling in parseSort for frames if ( empty($_REQUEST['sort_field']) ) @@ -59,6 +58,7 @@ if ( $_REQUEST['filter']['sql'] ) { $frameSql .= " ORDER BY $sortColumn $sortOrder,Id $sortOrder"; +$eid = validInt($_REQUEST['eid']); $Event = new ZM\Event($eid); $Monitor = $Event->Monitor(); @@ -75,22 +75,22 @@ if ( isset( $_REQUEST['scale'] ) ) { $page = isset($_REQUEST['page']) ? validInt($_REQUEST['page']) : 1; $limit = isset($_REQUEST['limit']) ? validInt($_REQUEST['limit']) : 0; -$nEvents = dbFetchOne($countSql, 'FrameCount' ); +$nFrames = dbFetchOne($countSql, 'FrameCount' ); -if ( !empty($limit) && $nEvents > $limit ) { - $nEvents = $limit; +if ( !empty($limit) && ($nFrames > $limit) ) { + $nFrames = $limit; } -$pages = (int)ceil($nEvents/ZM_WEB_EVENTS_PER_PAGE); +$pages = (int)ceil($nFrames/ZM_WEB_EVENTS_PER_PAGE); if ( !empty($page) ) { - if ( $page < 0 ) + if ( $page <= 0 ) $page = 1; else if ( $pages and ( $page > $pages ) ) $page = $pages; $limitStart = (($page-1)*ZM_WEB_EVENTS_PER_PAGE); - if ( empty( $limit ) ) { + if ( empty($limit) ) { $limitAmount = ZM_WEB_EVENTS_PER_PAGE; } else { $limitLeft = $limit - $limitStart; @@ -104,7 +104,7 @@ if ( !empty($page) ) { $maxShortcuts = 5; $pagination = getPagination($pages, $page, $maxShortcuts, $sortQuery.'&eid='.$eid.$limitQuery.$filterQuery); -$frames = dbFetchAll( $frameSql ); +$frames = dbFetchAll($frameSql); $focusWindow = true; From 4b41655dc5cf96475c85a7773a0ed26c50ae6fce Mon Sep 17 00:00:00 2001 From: Isaac Connor Date: Sun, 7 Jul 2019 16:10:53 -0400 Subject: [PATCH 327/922] fix --- web/skins/classic/views/frames.php | 6 +++--- 1 file changed, 3 insertions(+), 3 deletions(-) diff --git a/web/skins/classic/views/frames.php b/web/skins/classic/views/frames.php index ea8b181a1..80d99fe3c 100644 --- a/web/skins/classic/views/frames.php +++ b/web/skins/classic/views/frames.php @@ -24,6 +24,9 @@ if ( !canView('Events') ) { } require_once('includes/Frame.php'); +$eid = validInt($_REQUEST['eid']); +$Event = new ZM\Event($eid); +$Monitor = $Event->Monitor(); $countSql = 'SELECT COUNT(*) AS FrameCount FROM Frames AS F WHERE 1 '; $frameSql = 'SELECT *, unix_timestamp( TimeStamp ) AS UnixTimeStamp FROM Frames AS F WHERE 1 '; @@ -58,9 +61,6 @@ if ( $_REQUEST['filter']['sql'] ) { $frameSql .= " ORDER BY $sortColumn $sortOrder,Id $sortOrder"; -$eid = validInt($_REQUEST['eid']); -$Event = new ZM\Event($eid); -$Monitor = $Event->Monitor(); if ( isset( $_REQUEST['scale'] ) ) { $scale = validNum($_REQUEST['scale']); From b84e3499f4598e86c80b213543db71802266c548 Mon Sep 17 00:00:00 2001 From: Isaac Connor Date: Sun, 7 Jul 2019 17:25:49 -0400 Subject: [PATCH 328/922] Implement code to auto-load monitor status info if not already loaded. Check for Connected instead of Capturing in watch to display warning message --- web/includes/Monitor.php | 25 ++++++++++++++++++------- web/skins/classic/views/watch.php | 2 +- 2 files changed, 19 insertions(+), 8 deletions(-) diff --git a/web/includes/Monitor.php b/web/includes/Monitor.php index 75c432c09..c46048716 100644 --- a/web/includes/Monitor.php +++ b/web/includes/Monitor.php @@ -105,6 +105,7 @@ private $defaults = array( 'DefaultCodec' => 'auto', ); private $status_fields = array( + 'Status' => null, 'AnalysisFPS' => null, 'CaptureFPS' => null, 'CaptureBandwidth' => null, @@ -271,17 +272,27 @@ private $control_fields = array( return $this->{$fn}; #array_unshift($args, $this); #call_user_func_array( $this->{$fn}, $args); - } else { - if ( array_key_exists($fn, $this->control_fields) ) { + } else if ( array_key_exists($fn, $this->control_fields) ) { return $this->control_fields{$fn}; - } else if ( array_key_exists( $fn, $this->defaults ) ) { + } else if ( array_key_exists( $fn, $this->defaults ) ) { return $this->defaults{$fn}; + } else if ( array_key_exists( $fn, $this->status_fields) ) { + $sql = 'SELECT Status,CaptureFPS,AnalysisFPS,CaptureBandwidth + FROM Monitor_Status WHERE MonitorId=?'; + $row = dbFetchOne($sql, NULL, array($this->{'Id'})); + if ( !$row ) { + Error("Unable to load Monitor record for Id=" . $this->{'Id'}); } else { - $backTrace = debug_backtrace(); - $file = $backTrace[1]['file']; - $line = $backTrace[1]['line']; - Warning( "Unknown function call Monitor->$fn from $file:$line" ); + foreach ($row as $k => $v) { + $this->{$k} = $v; + } } + return $this->{$fn}; + } else { + $backTrace = debug_backtrace(); + $file = $backTrace[1]['file']; + $line = $backTrace[1]['line']; + Warning( "Unknown function call Monitor->$fn from $file:$line" ); } } diff --git a/web/skins/classic/views/watch.php b/web/skins/classic/views/watch.php index 0038f3016..4d2fa93d5 100644 --- a/web/skins/classic/views/watch.php +++ b/web/skins/classic/views/watch.php @@ -78,7 +78,7 @@ if ( canView('Control') && $monitor->Type() == 'Local' ) {
Status() != 'Capturing' ) { +if ( $monitor->Status() != 'Connected' ) { echo '
Monitor is not capturing. We will be unable to provide an image
'; } ?> From da5e8d19b8f5eb4f5c7241030b869a38bdf29267 Mon Sep 17 00:00:00 2001 From: Isaac Connor Date: Sun, 7 Jul 2019 17:54:45 -0400 Subject: [PATCH 329/922] Fix #2656 --- web/skins/classic/views/report_event_audit.php | 3 +-- 1 file changed, 1 insertion(+), 2 deletions(-) diff --git a/web/skins/classic/views/report_event_audit.php b/web/skins/classic/views/report_event_audit.php index c7517728e..b378dc43d 100644 --- a/web/skins/classic/views/report_event_audit.php +++ b/web/skins/classic/views/report_event_audit.php @@ -192,9 +192,8 @@ for( $monitor_i = 0; $monitor_i < count($displayMonitors); $monitor_i += 1 ) { ) ) ); + parseFilter($ZeroSize_filter); } - - ?>
- '.count($FileMissing).'' : '0' ?> + '.count($ZeroSize).'' : '0' ?>
- diff --git a/web/skins/classic/views/js/download.js b/web/skins/classic/views/js/download.js index 6dafdd23f..55a256795 100644 --- a/web/skins/classic/views/js/download.js +++ b/web/skins/classic/views/js/download.js @@ -11,6 +11,7 @@ function configureExportButton( element ) { } function startDownload( exportFile ) { + console.log("Starting download from " + exportFile); window.location.replace( exportFile ); } @@ -26,12 +27,21 @@ function exportProgress() { } function exportResponse( respObj, respText ) { - window.location.replace( thisUrl+'?view='+currentView+'&'+eidParm+'&exportFormat='+respObj.exportFormat+'&generated='+((respObj.result=='Ok')?1:0) ); + console.log(respObj); + window.location.replace( + thisUrl+'?view='+currentView+'&'+eidParm + +'&exportFormat='+respObj.exportFormat + +'&exportFile='+respObj.exportFile + +'&generated='+((respObj.result=='Ok')?1:0) + +'&connkey='+connkey + ); } -function exportEvent( form ) { +function exportEvent( element ) { + var form = element.form; var parms = 'view=request&request=event&action=download'; parms += '&'+$(form).toQueryString(); + console.log(parms); var query = new Request.JSON( {url: thisUrl, method: 'post', data: parms, onSuccess: exportResponse} ); query.send(); $('exportProgress').removeClass( 'hidden' ); @@ -46,7 +56,7 @@ function initPage() { startDownload.pass( exportFile ).delay( 1500 ); } document.getElementById('exportButton').addEventListener("click", function onClick(evt) { - exportEvent(this.form); + exportEvent(this); }); } diff --git a/web/skins/classic/views/js/download.js.php b/web/skins/classic/views/js/download.js.php index 3501fc711..0d0c05679 100644 --- a/web/skins/classic/views/js/download.js.php +++ b/web/skins/classic/views/js/download.js.php @@ -14,6 +14,7 @@ var eidParm = 'eid='; ?> var exportReady = ; -var exportFile = '?view=archive&type='; +var exportFile = '?view=archive&type=&connkey='; +var connkey = ''; var exportProgressString = ''; diff --git a/web/skins/classic/views/js/events.js b/web/skins/classic/views/js/events.js index 3ef9eae5f..ca7f7c7ec 100644 --- a/web/skins/classic/views/js/events.js +++ b/web/skins/classic/views/js/events.js @@ -100,8 +100,9 @@ function downloadVideo( element ) { function exportEvents( element ) { var form = element.form; - form.attr('action', '?view=export'); - form[0].elements['view'].value='export'; + console.log(form); + form.action = '?view=export'; + form.elements['view'].value='export'; form.submit(); } From 0643108ba47f696ca0d71f35dda83d2a929b2ea3 Mon Sep 17 00:00:00 2001 From: Isaac Connor Date: Fri, 26 Jul 2019 10:53:48 -0400 Subject: [PATCH 376/922] Use fputs instead of fprintf. Spacing and google code style changes --- src/zm_eventstream.cpp | 123 ++++++++++++---------- src/zms.cpp | 230 ++++++++++++++++++++--------------------- 2 files changed, 183 insertions(+), 170 deletions(-) diff --git a/src/zm_eventstream.cpp b/src/zm_eventstream.cpp index 5439b42e8..f3a5e35bc 100644 --- a/src/zm_eventstream.cpp +++ b/src/zm_eventstream.cpp @@ -41,10 +41,12 @@ #include "zm_sendfile.h" -bool EventStream::loadInitialEventData( int monitor_id, time_t event_time ) { +bool EventStream::loadInitialEventData(int monitor_id, time_t event_time) { static char sql[ZM_SQL_SML_BUFSIZ]; - snprintf(sql, sizeof(sql), "SELECT Id FROM Events WHERE MonitorId = %d AND unix_timestamp(EndTime) > %ld ORDER BY Id ASC LIMIT 1", monitor_id, event_time); + snprintf(sql, sizeof(sql), "SELECT Id FROM Events WHERE " + "MonitorId = %d AND unix_timestamp(EndTime) > %ld " + "ORDER BY Id ASC LIMIT 1", monitor_id, event_time); if ( mysql_query(&dbconn, sql) ) { Error("Can't run query: %s", mysql_error(&dbconn)); @@ -91,7 +93,7 @@ bool EventStream::loadInitialEventData( int monitor_id, time_t event_time ) { return true; } // bool EventStream::loadInitialEventData( int monitor_id, time_t event_time ) -bool EventStream::loadInitialEventData( uint64_t init_event_id, unsigned int init_frame_id ) { +bool EventStream::loadInitialEventData(uint64_t init_event_id, unsigned int init_frame_id) { loadEventData(init_event_id); if ( init_frame_id ) { @@ -158,7 +160,7 @@ bool EventStream::loadEventData(uint64_t event_id) { event_data->scheme = Storage::SHALLOW; } event_data->SaveJPEGs = dbrow[7] == NULL ? 0 : atoi(dbrow[7]); - mysql_free_result( result ); + mysql_free_result(result); Storage * storage = new Storage(event_data->storage_id); const char *storage_path = storage->Path(); @@ -205,9 +207,11 @@ bool EventStream::loadEventData(uint64_t event_id) { delete storage; storage = NULL; updateFrameRate((double)event_data->frame_count/event_data->duration); - Debug(3,"fps set by frame_count(%d)/duration(%f)", event_data->frame_count, event_data->duration); + Debug(3, "fps set by frame_count(%d)/duration(%f)", + event_data->frame_count, event_data->duration); - snprintf(sql, sizeof(sql), "SELECT FrameId, unix_timestamp(`TimeStamp`), Delta FROM Frames WHERE EventId = %" PRIu64 " ORDER BY FrameId ASC", event_id); + snprintf(sql, sizeof(sql), "SELECT FrameId, unix_timestamp(`TimeStamp`), Delta " + "FROM Frames WHERE EventId = %" PRIu64 " ORDER BY FrameId ASC", event_id); if ( mysql_query(&dbconn, sql) ) { Error("Can't run query: %s", mysql_error(&dbconn)); exit(mysql_errno(&dbconn)); @@ -226,7 +230,7 @@ bool EventStream::loadEventData(uint64_t event_id) { double last_timestamp = event_data->start_time; double last_delta = 0.0; - while ( ( dbrow = mysql_fetch_row( result ) ) ) { + while ( ( dbrow = mysql_fetch_row(result) ) ) { int id = atoi(dbrow[0]); //timestamp = atof(dbrow[1]); double delta = atof(dbrow[2]); @@ -256,7 +260,7 @@ bool EventStream::loadEventData(uint64_t event_id) { last_id = id; last_delta = delta; last_timestamp = event_data->frames[id-1].timestamp; - Debug(4,"Frame %d timestamp:(%f), offset(%f) delta(%f), in_db(%d)", + Debug(4, "Frame %d timestamp:(%f), offset(%f) delta(%f), in_db(%d)", id, event_data->frames[id-1].timestamp, event_data->frames[id-1].offset, @@ -264,24 +268,21 @@ bool EventStream::loadEventData(uint64_t event_id) { event_data->frames[id-1].in_db ); } - if ( mysql_errno( &dbconn ) ) { + if ( mysql_errno(&dbconn) ) { Error("Can't fetch row: %s", mysql_error(&dbconn)); exit(mysql_errno(&dbconn)); } mysql_free_result(result); - //for ( int i = 0; i < 250; i++ ) - //{ - //Info( "%d -> %d @ %f (%d)", i+1, event_data->frames[i].timestamp, event_data->frames[i].delta, event_data->frames[i].in_db ); - //} if ( event_data->video_file[0] ) { - char filepath[PATH_MAX]; - snprintf(filepath, sizeof(filepath), "%s/%s", event_data->path, event_data->video_file); - Debug(1, "Loading video file from %s", filepath); + std::string filepath = std::string(event_data->path) + "/" + std::string(event_data->video_file); + //char filepath[PATH_MAX]; + //snprintf(filepath, sizeof(filepath), "%s/%s", event_data->path, event_data->video_file); + Debug(1, "Loading video file from %s", filepath.c_str()); ffmpeg_input = new FFmpeg_Input(); - if ( 0 > ffmpeg_input->Open(filepath) ) { - Warning("Unable to open ffmpeg_input %s/%s", event_data->path, event_data->video_file); + if ( 0 > ffmpeg_input->Open(filepath.c_str()) ) { + Warning("Unable to open ffmpeg_input %s", filepath.c_str()); delete ffmpeg_input; ffmpeg_input = NULL; } @@ -318,11 +319,17 @@ void EventStream::processCommand(const CmdMsg *msg) { } // If we are in single event mode and at the last frame, replay the current event - if ( (mode == MODE_SINGLE || mode == MODE_NONE) && ((unsigned int)curr_frame_id == event_data->frame_count) ) { + if ( + (mode == MODE_SINGLE || mode == MODE_NONE) + && + ((unsigned int)curr_frame_id == event_data->frame_count) + ) { Debug(1, "Was in single or no replay mode, and at last frame, so jumping to 1st frame"); curr_frame_id = 1; } else { - Debug(1, "mode is %s, current frame is %d, frame count is %d", (mode == MODE_SINGLE ? "single" : "not single" ), curr_frame_id, event_data->frame_count ); + Debug(1, "mode is %s, current frame is %d, frame count is %d", + (mode == MODE_SINGLE ? "single" : "not single"), + curr_frame_id, event_data->frame_count ); } replay_rate = ZM_RATE_BASE; @@ -515,7 +522,7 @@ void EventStream::processCommand(const CmdMsg *msg) { DataMsg status_msg; status_msg.msg_type = MSG_DATA_EVENT; memcpy(&status_msg.msg_data, &status_data, sizeof(status_data)); - Debug(1,"Size of msg %d", sizeof(status_data)); + Debug(1, "Size of msg %d", sizeof(status_data)); if ( sendto(sd, &status_msg, sizeof(status_msg), MSG_DONTWAIT, (sockaddr *)&rem_addr, sizeof(rem_addr)) < 0 ) { //if ( errno != EAGAIN ) { @@ -524,7 +531,7 @@ void EventStream::processCommand(const CmdMsg *msg) { } } // quit after sending a status, if this was a quit request - if ( (MsgCommand)msg->msg_data[0]==CMD_QUIT ) + if ( (MsgCommand)msg->msg_data[0] == CMD_QUIT ) exit(0); updateFrameRate((double)event_data->frame_count/event_data->duration); @@ -534,17 +541,22 @@ void EventStream::checkEventLoaded() { static char sql[ZM_SQL_SML_BUFSIZ]; if ( curr_frame_id <= 0 ) { - snprintf(sql, sizeof(sql), "SELECT Id FROM Events WHERE MonitorId = %ld AND Id < %" PRIu64 " ORDER BY Id DESC LIMIT 1", event_data->monitor_id, event_data->event_id); + snprintf(sql, sizeof(sql), + "SELECT Id FROM Events WHERE MonitorId = %ld AND Id < %" PRIu64 " ORDER BY Id DESC LIMIT 1", + event_data->monitor_id, event_data->event_id); } else if ( (unsigned int)curr_frame_id > event_data->frame_count ) { - snprintf(sql, sizeof(sql), "SELECT Id FROM Events WHERE MonitorId = %ld AND Id > %" PRIu64 " ORDER BY Id ASC LIMIT 1", event_data->monitor_id, event_data->event_id); + snprintf(sql, sizeof(sql), + "SELECT Id FROM Events WHERE MonitorId = %ld AND Id > %" PRIu64 " ORDER BY Id ASC LIMIT 1", + event_data->monitor_id, event_data->event_id); } else { // No event change required - //Debug(3, "No event change required"); + Debug(3, "No event change required, as curr frame %d <=> event frames %d", + curr_frame_id, event_data->frame_count); return; } // Event change required. - if ( forceEventChange || ( mode != MODE_SINGLE && mode != MODE_NONE ) ) { + if ( forceEventChange || ( (mode != MODE_SINGLE) && (mode != MODE_NONE) ) ) { if ( mysql_query(&dbconn, sql) ) { Error("Can't run query: %s", mysql_error(&dbconn)); exit(mysql_errno(&dbconn)); @@ -569,12 +581,13 @@ void EventStream::checkEventLoaded() { loadEventData(event_id); Debug(2, "Current frame id = %d", curr_frame_id); - if ( replay_rate < 0 ) //rewind + if ( replay_rate < 0 ) // rewind curr_frame_id = event_data->frame_count; else curr_frame_id = 1; Debug(2, "New frame id = %d", curr_frame_id); } else { + Debug(2, "No next event loaded using %s. Pausing", sql); if ( curr_frame_id <= 0 ) curr_frame_id = 1; else @@ -584,6 +597,7 @@ void EventStream::checkEventLoaded() { mysql_free_result(result); forceEventChange = false; } else { + Debug(2, "Pausing because mode is %d", mode); if ( curr_frame_id <= 0 ) curr_frame_id = 1; else @@ -608,16 +622,16 @@ bool EventStream::sendFrame(int delta_us) { static struct stat filestat; FILE *fdj = NULL; - // This needs to be abstracted. If we are saving jpgs, then load the capture file. If we are only saving analysis frames, then send that. - // // This is also wrong, need to have this info stored in the event! FIXME + // This needs to be abstracted. If we are saving jpgs, then load the capture file. + // If we are only saving analysis frames, then send that. if ( event_data->SaveJPEGs & 1 ) { snprintf(filepath, sizeof(filepath), staticConfig.capture_file_format, event_data->path, curr_frame_id); } else if ( event_data->SaveJPEGs & 2 ) { snprintf(filepath, sizeof(filepath), staticConfig.analyse_file_format, event_data->path, curr_frame_id); - if ( stat(filepath, &filestat ) < 0 ) { + if ( stat(filepath, &filestat) < 0 ) { Debug(1, "analyze file %s not found will try to stream from other", filepath); snprintf(filepath, sizeof(filepath), staticConfig.capture_file_format, event_data->path, curr_frame_id); - if ( stat(filepath, &filestat ) < 0 ) { + if ( stat(filepath, &filestat) < 0 ) { Debug(1, "capture file %s not found either", filepath); filepath[0] = 0; } @@ -744,7 +758,7 @@ Debug(1, "Loading image"); img_buffer_size = fread( img_buffer, 1, sizeof(temp_img_buffer), fdj ); if ( fwrite(img_buffer, img_buffer_size, 1, stdout) != 1 ) { fclose(fdj); /* Close the file handle */ - Error("Unable to send raw frame %u: %s",curr_frame_id,strerror(errno)); + Error("Unable to send raw frame %u: %s", curr_frame_id, strerror(errno)); return false; } } @@ -752,7 +766,7 @@ Debug(1, "Loading image"); fprintf(stdout, "Content-Length: %d\r\n\r\n", img_buffer_size); if ( fwrite(img_buffer, img_buffer_size, 1, stdout) != 1 ) { fclose(fdj); /* Close the file handle */ - Error("Unable to send raw frame %u: %s",curr_frame_id,strerror(errno)); + Error("Unable to send raw frame %u: %s", curr_frame_id, strerror(errno)); return false; } #endif @@ -764,18 +778,17 @@ Debug(1, "Loading image"); Error("Unable to send stream frame: %s", strerror(errno)); return false; } - } // end if send_raw or not + } // end if send_raw or not fputs("\r\n\r\n", stdout); fflush(stdout); - } // end if stream MPEG or other + } // end if stream MPEG or other last_frame_sent = TV_2_FLOAT(now); return true; -} // bool EventStream::sendFrame( int delta_us ) +} // bool EventStream::sendFrame( int delta_us ) void EventStream::runStream() { openComms(); - Debug(3, "Comms open"); checkInitialised(); @@ -804,7 +817,7 @@ void EventStream::runStream() { // The idea is to loop here processing all commands before proceeding. Debug(1, "Have command queue"); } - Debug(1, "Done command queue"); + Debug(2, "Done command queue"); // Update modified time of the socket .lock file so that we can tell which ones are stale. if ( now.tv_sec - last_comm_update.tv_sec > 3600 ) { @@ -812,10 +825,11 @@ void EventStream::runStream() { last_comm_update = now; } } else { - Debug(1, "Not checking command queue"); + Debug(2, "Not checking command queue"); } - if ( step != 0 ) + //if ( step != 0 )// Adding 0 is cheaper than an if 0 + // curr_frame_id starts at 1 though, so we might skip the first frame? curr_frame_id += step; // Detects when we hit end of event and will load the next event or previous event @@ -828,7 +842,7 @@ void EventStream::runStream() { //Info( "cfid:%d", curr_frame_id ); //Info( "fdt:%d", frame_data->timestamp ); if ( !paused ) { - Debug(3,"Not paused"); + Debug(3, "Not paused at frame %d", curr_frame_id); bool in_event = true; double time_to_event = 0; if ( replay_rate > 0 ) { @@ -851,7 +865,8 @@ void EventStream::runStream() { } //else //{ - Debug(2,"Sleeping because paused"); + // FIXME ICON But we are not paused. We are somehow still in the event? + Debug(2, "Sleeping because paused"); usleep(STREAM_PAUSE_WAIT); //curr_stream_time += (replay_rate>0?1:-1) * ((1.0L * replay_rate * STREAM_PAUSE_WAIT)/(ZM_RATE_BASE * 1000000)); curr_stream_time += (1.0L * replay_rate * STREAM_PAUSE_WAIT)/(ZM_RATE_BASE * 1000000); @@ -860,23 +875,23 @@ void EventStream::runStream() { } // end if !in_event // Figure out if we should send this frame -Debug(3,"cur_frame_id (%d-1) mod frame_mod(%d)",curr_frame_id, frame_mod); + Debug(3, "cur_frame_id (%d-1) mod frame_mod(%d)", curr_frame_id, frame_mod); // If we are streaming and this frame is due to be sent // frame mod defaults to 1 and if we are going faster than max_fps will get multiplied by 2 // so if it is 2, then we send every other frame, if is it 4 then every fourth frame, etc. if ( (frame_mod == 1) || (((curr_frame_id-1)%frame_mod) == 0) ) { delta_us = (unsigned int)(frame_data->delta * 1000000); - Debug(3,"frame delta %uus ", delta_us); + Debug(3, "frame delta %uus ", delta_us); // if effective > base we should speed up frame delivery delta_us = (unsigned int)((delta_us * base_fps)/effective_fps); - Debug(3,"delta %u = base_fps(%f)/effective fps(%f)", delta_us, base_fps, effective_fps); + Debug(3, "delta %u = base_fps(%f)/effective fps(%f)", delta_us, base_fps, effective_fps); // but must not exceed maxfps delta_us = max(delta_us, 1000000 / maxfps); - Debug(3,"delta %u = base_fps(%f)/effective fps(%f) from 30fps", delta_us, base_fps, effective_fps); + Debug(3, "delta %u = base_fps(%f)/effective fps(%f) from 30fps", delta_us, base_fps, effective_fps); send_frame = true; } } else if ( step != 0 ) { - Debug(2,"Paused with step"); + Debug(2, "Paused with step"); // We are paused and are just stepping forward or backward one frame step = 0; send_frame = true; @@ -896,8 +911,6 @@ Debug(3,"cur_frame_id (%d-1) mod frame_mod(%d)",curr_frame_id, frame_mod); //Debug(3,"sending frame"); if ( !sendFrame(delta_us) ) zm_terminate = true; - //} else { - //Debug(3,"Not sending frame"); } curr_stream_time = frame_data->timestamp; @@ -909,7 +922,8 @@ Debug(3,"cur_frame_id (%d-1) mod frame_mod(%d)",curr_frame_id, frame_mod); gettimeofday(&now, NULL); uint64_t now_usec = (now.tv_sec * 1000000 + now.tv_usec); - if ( (mode == MODE_SINGLE) && ((unsigned int)curr_frame_id == event_data->frame_count) ) { + // we incremented by replay_rate, so might have jumped past frame_count + if ( (mode == MODE_SINGLE) && ((unsigned int)curr_frame_id >= event_data->frame_count) ) { Debug(2, "Have mode==MODE_SINGLE and at end of event, looping back to start"); curr_frame_id = 1; // Have to reset start_usec to now when replaying @@ -935,19 +949,20 @@ Debug(3,"cur_frame_id (%d-1) mod frame_mod(%d)",curr_frame_id, frame_mod); } else { delta_us = ((1000000 * ZM_RATE_BASE)/((base_fps?base_fps:1)*(replay_rate?abs(replay_rate*2):2))); - Debug(2,"Sleeping %d because 1000000 * ZM_RATE_BASE(%d) / ( base_fps (%f), replay_rate(%d)", + Debug(2, "Sleeping %d because 1000000 * ZM_RATE_BASE(%d) / ( base_fps (%f), replay_rate(%d)", (unsigned long)((1000000 * ZM_RATE_BASE)/((base_fps?base_fps:1)*abs(replay_rate*2))), ZM_RATE_BASE, (base_fps?base_fps:1), (replay_rate?abs(replay_rate*2):200) ); if ( delta_us > 0 and delta_us < 100000 ) { - usleep((unsigned long)((1000000 * ZM_RATE_BASE)/((base_fps?base_fps:1)*abs(replay_rate*2)))); + usleep(delta_us); } else { - //Error("Not sleeping!"); + // Never want to sleep for too long, limit to .1s + Warning("sleeping .1s because delta_us (%d) not good!", delta_us); usleep(100000); } - } + } // end if !paused } // end while ! zm_terminate #if HAVE_LIBAVCODEC if ( type == STREAM_MPEG ) diff --git a/src/zms.cpp b/src/zms.cpp index c78dba1d2..9022fa00c 100644 --- a/src/zms.cpp +++ b/src/zms.cpp @@ -1,25 +1,26 @@ // // ZoneMinder Streaming Server, $Date$, $Revision$ // Copyright (C) 2001-2008 Philip Coombes -// +// // This program is free software; you can redistribute it and/or // modify it under the terms of the GNU General Public License // as published by the Free Software Foundation; either version 2 // of the License, or (at your option) any later version. -// +// // This program is distributed in the hope that it will be useful, // but WITHOUT ANY WARRANTY; without even the implied warranty of // MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the // GNU General Public License for more details. -// +// // You should have received a copy of the GNU General Public License // along with this program; if not, write to the Free Software // Foundation, Inc., 51 Franklin Street, Fifth Floor, Boston, MA 02110-1301 USA. -// +// #include #include #include +#include #include "zm.h" #include "zm_db.h" @@ -30,29 +31,29 @@ #include "zm_eventstream.h" #include "zm_fifo.h" -bool ValidateAccess( User *user, int mon_id ) { +bool ValidateAccess(User *user, int mon_id) { bool allowed = true; if ( mon_id > 0 ) { if ( user->getStream() < User::PERM_VIEW ) allowed = false; - if ( !user->canAccess( mon_id ) ) + if ( !user->canAccess(mon_id) ) allowed = false; } else { if ( user->getEvents() < User::PERM_VIEW ) allowed = false; } if ( !allowed ) { - Error("Error, insufficient privileges for requested action user %d %s for monitor %d", + Error("Insufficient privileges for request user %d %s for monitor %d", user->Id(), user->getUsername(), mon_id); } return allowed; } -int main( int argc, const char *argv[] ) { +int main(int argc, const char *argv[]) { self = argv[0]; - srand( getpid() * time( 0 ) ); + srand(getpid() * time(0)); enum { ZMS_UNKNOWN, ZMS_MONITOR, ZMS_EVENT, ZMS_FIFO } source = ZMS_UNKNOWN; enum { ZMS_JPEG, ZMS_MPEG, ZMS_RAW, ZMS_ZIP, ZMS_SINGLE } mode = ZMS_JPEG; @@ -70,40 +71,39 @@ int main( int argc, const char *argv[] ) { std::string username; std::string password; char auth[64] = ""; - std::string jwt_token_str = ""; + std::string jwt_token_str = ""; unsigned int connkey = 0; unsigned int playback_buffer = 0; bool nph = false; const char *basename = strrchr(argv[0], '/'); - if ( basename ) //if we found a / lets skip past it + if ( basename ) // if we found a / lets skip past it basename++; - else //argv[0] will not always contain the full path, but rather just the script name + else // argv[0] might not contain the full path, but just the script name basename = argv[0]; const char *nph_prefix = "nph-"; if ( basename && !strncmp(basename, nph_prefix, strlen(nph_prefix)) ) { nph = true; } - + zmLoadConfig(); char log_id_string[32] = "zms"; - logInit( log_id_string ); - Debug(1,"rate %d", rate); + logInit(log_id_string); const char *query = getenv("QUERY_STRING"); if ( query ) { Debug(1, "Query: %s", query); - + char temp_query[1024]; strncpy(temp_query, query, sizeof(temp_query)); char *q_ptr = temp_query; - char *parms[16]; // Shouldn't be more than this + char *parms[16]; // Shouldn't be more than this int parm_no = 0; while ( (parm_no < 16) && (parms[parm_no] = strtok(q_ptr, "&")) ) { parm_no++; q_ptr = NULL; } - + for ( int p = 0; p < parm_no; p++ ) { char *name = strtok(parms[p], "="); char *value = strtok(NULL, "="); @@ -111,39 +111,38 @@ int main( int argc, const char *argv[] ) { value = (char *)""; if ( !strcmp(name, "source") ) { source = !strcmp(value, "event")?ZMS_EVENT:ZMS_MONITOR; - if (! strcmp( value,"fifo") ) + if ( !strcmp(value, "fifo") ) source = ZMS_FIFO; } else if ( !strcmp(name, "mode") ) { mode = !strcmp(value, "jpeg")?ZMS_JPEG:ZMS_MPEG; mode = !strcmp(value, "raw")?ZMS_RAW:mode; mode = !strcmp(value, "zip")?ZMS_ZIP:mode; mode = !strcmp(value, "single")?ZMS_SINGLE:mode; - } else if ( !strcmp( name, "format" ) ) { + } else if ( !strcmp(name, "format") ) { strncpy( format, value, sizeof(format) ); - } else if ( !strcmp( name, "monitor" ) ) { - monitor_id = atoi( value ); + } else if ( !strcmp(name, "monitor") ) { + monitor_id = atoi(value); if ( source == ZMS_UNKNOWN ) source = ZMS_MONITOR; - } else if ( !strcmp( name, "time" ) ) { - event_time = atoi( value ); - } else if ( !strcmp( name, "event" ) ) { - event_id = strtoull( value, (char **)NULL, 10 ); + } else if ( !strcmp(name, "time") ) { + event_time = atoi(value); + } else if ( !strcmp(name, "event") ) { + event_id = strtoull(value, (char **)NULL, 10); source = ZMS_EVENT; - } else if ( !strcmp( name, "frame" ) ) { - frame_id = strtoull( value, (char **)NULL, 10 ); + } else if ( !strcmp(name, "frame") ) { + frame_id = strtoull(value, (char **)NULL, 10); source = ZMS_EVENT; - } else if ( !strcmp( name, "scale" ) ) { - scale = atoi( value ); - } else if ( !strcmp( name, "rate" ) ) { - rate = atoi( value ); - Debug(2,"Setting rate to %d from %s", rate, value); - } else if ( !strcmp( name, "maxfps" ) ) { - maxfps = atof( value ); - } else if ( !strcmp( name, "bitrate" ) ) { - bitrate = atoi( value ); - } else if ( !strcmp( name, "ttl" ) ) { + } else if ( !strcmp(name, "scale") ) { + scale = atoi(value); + } else if ( !strcmp(name, "rate") ) { + rate = atoi(value); + } else if ( !strcmp(name, "maxfps") ) { + maxfps = atof(value); + } else if ( !strcmp(name, "bitrate") ) { + bitrate = atoi(value); + } else if ( !strcmp(name, "ttl") ) { ttl = atoi(value); - } else if ( !strcmp( name, "replay" ) ) { + } else if ( !strcmp(name, "replay") ) { if ( !strcmp(value, "gapless") ) { replay = EventStream::MODE_ALL_GAPLESS; } else if ( !strcmp(value, "all") ) { @@ -155,27 +154,27 @@ int main( int argc, const char *argv[] ) { } else { Error("Unsupported value %s for replay, defaulting to none", value); } - } else if ( !strcmp( name, "connkey" ) ) { + } else if ( !strcmp(name, "connkey") ) { connkey = atoi(value); - } else if ( !strcmp( name, "buffer" ) ) { + } else if ( !strcmp(name, "buffer") ) { playback_buffer = atoi(value); - } else if ( !strcmp( name, "auth" ) ) { + } else if ( !strcmp(name, "auth") ) { strncpy( auth, value, sizeof(auth)-1 ); - } else if ( !strcmp( name, "token" ) ) { + } else if ( !strcmp(name, "token") ) { jwt_token_str = value; Debug(1, "ZMS: JWT token found: %s", jwt_token_str.c_str()); - } else if ( !strcmp( name, "user" ) ) { - username = UriDecode( value ); - } else if ( !strcmp( name, "pass" ) ) { + } else if ( !strcmp(name, "user") ) { + username = UriDecode(value); + } else if ( !strcmp(name, "pass") ) { password = UriDecode(value); Debug(1, "Have %s for password", password.c_str()); } else { Debug(1, "Unknown parameter passed to zms %s=%s", name, value); - } // end if possible parameter names - } // end foreach parm + } // end if possible parameter names + } // end foreach parm } else { Fatal("No query string."); - } // end if query + } // end if query if ( monitor_id ) { snprintf(log_id_string, sizeof(log_id_string), "zms_m%d", monitor_id); @@ -188,7 +187,7 @@ int main( int argc, const char *argv[] ) { User *user = 0; if ( jwt_token_str != "" ) { - //user = zmLoadTokenUser(jwt_token_str, config.auth_hash_ips); + // user = zmLoadTokenUser(jwt_token_str, config.auth_hash_ips); user = zmLoadTokenUser(jwt_token_str, false); } else if ( strcmp(config.auth_relay, "none") == 0 ) { if ( checkUser(username.c_str()) ) { @@ -198,13 +197,13 @@ int main( int argc, const char *argv[] ) { } } else { - //if ( strcmp( config.auth_relay, "hashed" ) == 0 ) + // if ( strcmp( config.auth_relay, "hashed" ) == 0 ) { if ( *auth ) { user = zmLoadAuthUser(auth, config.auth_hash_ips); } } - //else if ( strcmp( config.auth_relay, "plain" ) == 0 ) + // else if ( strcmp( config.auth_relay, "plain" ) == 0 ) { if ( username.length() && password.length() ) { user = zmLoadUser(username.c_str(), password.c_str()); @@ -212,19 +211,19 @@ int main( int argc, const char *argv[] ) { } } if ( !user ) { - fprintf(stdout, "HTTP/1.0 401 Unauthorized\r\n"); + fputs("HTTP/1.0 401 Unauthorized\r\n", stdout); Error("Unable to authenticate user"); logTerm(); zmDbClose(); return -1; } if ( !ValidateAccess(user, monitor_id) ) { - fprintf(stdout, "HTTP/1.0 403 Forbidden\r\n"); + fputs("HTTP/1.0 403 Forbidden\r\n", stdout); logTerm(); zmDbClose(); return -1; } - } // end if config.opt_use_auth + } // end if config.opt_use_auth hwcaps_detect(); zmSetDefaultTermHandler(); @@ -232,79 +231,76 @@ int main( int argc, const char *argv[] ) { setbuf(stdout, 0); if ( nph ) { - fprintf(stdout, "HTTP/1.0 200 OK\r\n"); + fputs("HTTP/1.0 200 OK\r\n", stdout); } - fprintf( stdout, "Server: ZoneMinder Video Server/%s\r\n", ZM_VERSION ); - - time_t now = time( 0 ); - char date_string[64]; - strftime( date_string, sizeof(date_string)-1, "%a, %d %b %Y %H:%M:%S GMT", gmtime( &now ) ); + fprintf(stdout, "Server: ZoneMinder Video Server/%s\r\n", ZM_VERSION); - fprintf( stdout, "Expires: Mon, 26 Jul 1997 05:00:00 GMT\r\n" ); - fprintf( stdout, "Last-Modified: %s\r\n", date_string ); - fprintf( stdout, "Cache-Control: no-store, no-cache, must-revalidate\r\n" ); - fprintf( stdout, "Cache-Control: post-check=0, pre-check=0\r\n" ); - fprintf( stdout, "Pragma: no-cache\r\n"); - // Removed as causing more problems than it fixed. - //if ( !nph ) - //{ - //fprintf( stdout, "Content-Length: 0\r\n"); - //} + time_t now = time(0); + char date_string[64]; + strftime(date_string, sizeof(date_string)-1, "%a, %d %b %Y %H:%M:%S GMT", gmtime(&now)); + + fprintf(stdout, "Last-Modified: %s\r\n", date_string); + fputs( + "Expires: Mon, 26 Jul 1997 05:00:00 GMT\r\n" + "Cache-Control: no-store, no-cache, must-revalidate\r\n" + "Cache-Control: post-check=0, pre-check=0\r\n" + "Pragma: no-cache\r\n", + stdout); if ( source == ZMS_MONITOR ) { MonitorStream stream; - stream.setStreamScale( scale ); - stream.setStreamReplayRate( rate ); - stream.setStreamMaxFPS( maxfps ); - stream.setStreamTTL( ttl ); - stream.setStreamQueue( connkey ); - stream.setStreamBuffer( playback_buffer ); - if ( ! stream.setStreamStart( monitor_id ) ) { - Error( "Unable to connect to zmc process for monitor %d", monitor_id ); - fprintf( stderr, "Unable to connect to zmc process. Please ensure that it is running." ); + stream.setStreamScale(scale); + stream.setStreamReplayRate(rate); + stream.setStreamMaxFPS(maxfps); + stream.setStreamTTL(ttl); + stream.setStreamQueue(connkey); + stream.setStreamBuffer(playback_buffer); + if ( !stream.setStreamStart(monitor_id) ) { + Error("Unable to connect to zmc process for monitor %d", monitor_id); + fprintf(stderr, "Unable to connect to zmc process. " + " Please ensure that it is running."); logTerm(); zmDbClose(); - return( -1 ); - } + return -1; + } if ( mode == ZMS_JPEG ) { - stream.setStreamType( MonitorStream::STREAM_JPEG ); + stream.setStreamType(MonitorStream::STREAM_JPEG); } else if ( mode == ZMS_RAW ) { - stream.setStreamType( MonitorStream::STREAM_RAW ); + stream.setStreamType(MonitorStream::STREAM_RAW); } else if ( mode == ZMS_ZIP ) { - stream.setStreamType( MonitorStream::STREAM_ZIP ); + stream.setStreamType(MonitorStream::STREAM_ZIP); } else if ( mode == ZMS_SINGLE ) { - stream.setStreamType( MonitorStream::STREAM_SINGLE ); + stream.setStreamType(MonitorStream::STREAM_SINGLE); } else { #if HAVE_LIBAVCODEC - stream.setStreamFormat( format ); - stream.setStreamBitrate( bitrate ); - stream.setStreamType( MonitorStream::STREAM_MPEG ); -#else // HAVE_LIBAVCODEC - Error( "MPEG streaming of '%s' attempted while disabled", query ); - fprintf( stderr, "MPEG streaming is disabled.\nYou should configure with the --with-ffmpeg option and rebuild to use this functionality.\n" ); + stream.setStreamFormat(format); + stream.setStreamBitrate(bitrate); + stream.setStreamType(MonitorStream::STREAM_MPEG); +#else // HAVE_LIBAVCODEC + Error("MPEG streaming of '%s' attempted while disabled", query); + fprintf(stderr, "MPEG streaming is disabled.\nYou should configure with the --with-ffmpeg option and rebuild to use this functionality.\n"); logTerm(); zmDbClose(); - return( -1 ); -#endif // HAVE_LIBAVCODEC + return -1; +#endif // HAVE_LIBAVCODEC } stream.runStream(); - } else if (source == ZMS_FIFO ) { + } else if ( source == ZMS_FIFO ) { FifoStream stream; - stream.setStreamMaxFPS( maxfps ); - stream.setStreamStart( monitor_id, format ); + stream.setStreamMaxFPS(maxfps); + stream.setStreamStart(monitor_id, format); stream.runStream(); } else if ( source == ZMS_EVENT ) { - if ( ! event_id ) { - Fatal( "Can't view an event without specifying an event_id." ); + if ( !event_id ) { + Fatal("Can't view an event without specifying an event_id."); } - Debug(3,"Doing event stream scale(%d)", scale ); EventStream stream; - stream.setStreamScale( scale ); - stream.setStreamReplayRate( rate ); - stream.setStreamMaxFPS( maxfps ); - stream.setStreamMode( replay ); - stream.setStreamQueue( connkey ); + stream.setStreamScale(scale); + stream.setStreamReplayRate(rate); + stream.setStreamMaxFPS(maxfps); + stream.setStreamMode(replay); + stream.setStreamQueue(connkey); if ( monitor_id && event_time ) { stream.setStreamStart(monitor_id, event_time); } else { @@ -312,24 +308,26 @@ int main( int argc, const char *argv[] ) { stream.setStreamStart(event_id, frame_id); } if ( mode == ZMS_JPEG ) { - stream.setStreamType( EventStream::STREAM_JPEG ); + stream.setStreamType(EventStream::STREAM_JPEG); } else { #if HAVE_LIBAVCODEC - stream.setStreamFormat( format ); - stream.setStreamBitrate( bitrate ); - stream.setStreamType( EventStream::STREAM_MPEG ); -#else // HAVE_LIBAVCODEC - Error( "MPEG streaming of '%s' attempted while disabled", query ); - fprintf( stderr, "MPEG streaming is disabled.\nYou should ensure the ffmpeg libraries are installed and detected and rebuild to use this functionality.\n" ); + stream.setStreamFormat(format); + stream.setStreamBitrate(bitrate); + stream.setStreamType(EventStream::STREAM_MPEG); +#else // HAVE_LIBAVCODEC + Error("MPEG streaming of '%s' attempted while disabled", query); + fprintf(stderr, "MPEG streaming is disabled.\n" + "You should ensure the ffmpeg libraries are installed and detected" + " and rebuild to use this functionality.\n"); logTerm(); zmDbClose(); - return( -1 ); -#endif // HAVE_LIBAVCODEC - } // end if jpeg or mpeg + return -1; +#endif // HAVE_LIBAVCODEC + } // end if jpeg or mpeg stream.runStream(); } else { Error("Neither a monitor or event was specified."); - } // end if monitor or event + } // end if monitor or event logTerm(); zmDbClose(); From 3da12fd14195879e29da365848b147576555d473 Mon Sep 17 00:00:00 2001 From: Isaac Connor Date: Fri, 26 Jul 2019 12:21:15 -0400 Subject: [PATCH 377/922] Add a bunch of debugging --- src/zm_eventstream.cpp | 24 +++++++++++++++++++++--- 1 file changed, 21 insertions(+), 3 deletions(-) diff --git a/src/zm_eventstream.cpp b/src/zm_eventstream.cpp index f3a5e35bc..f9791474d 100644 --- a/src/zm_eventstream.cpp +++ b/src/zm_eventstream.cpp @@ -593,6 +593,7 @@ void EventStream::checkEventLoaded() { else curr_frame_id = event_data->frame_count; paused = true; + sendTextFrame("No more event data found"); } // end if found a new event or not mysql_free_result(result); forceEventChange = false; @@ -843,6 +844,9 @@ void EventStream::runStream() { //Info( "fdt:%d", frame_data->timestamp ); if ( !paused ) { Debug(3, "Not paused at frame %d", curr_frame_id); + + // This next bit is to determine if we are in the current event time wise + // and whether to show an image saying how long until the next event. bool in_event = true; double time_to_event = 0; if ( replay_rate > 0 ) { @@ -854,22 +858,36 @@ void EventStream::runStream() { if ( time_to_event > 0 ) in_event = false; } + Debug(1, "replay rate(%d) in_event(%d) time_to_event(%f)=curr_stream_time(%f)-frame timestamp:%f", + replay_rate, in_event, time_to_event, curr_stream_time, event_data->frames[event_data->frame_count-1].timestamp); if ( !in_event ) { double actual_delta_time = TV_2_FLOAT(now) - last_frame_sent; + Debug(1, "Ctual delta time = %f = %f - %f", actual_delta_time , TV_2_FLOAT(now) , last_frame_sent); // > 1 second if ( actual_delta_time > 1 ) { + Debug(1, "Sending time to next event frame"); static char frame_text[64]; snprintf(frame_text, sizeof(frame_text), "Time to next event = %d seconds", (int)time_to_event); if ( !sendTextFrame(frame_text) ) zm_terminate = true; + } else { + Debug(1, "Not Sending time to next event frame because actual delta time is %f", actual_delta_time); } //else //{ // FIXME ICON But we are not paused. We are somehow still in the event? - Debug(2, "Sleeping because paused"); + double sleep_time = (replay_rate>0?1:-1) * ((1.0L * replay_rate * STREAM_PAUSE_WAIT)/(ZM_RATE_BASE * 1000000)); + //double sleep_time = (replay_rate * STREAM_PAUSE_WAIT)/(ZM_RATE_BASE * 1000000); + //// ZM_RATE_BASE == 100, and 1x replay_rate is 100 + //double sleep_time = ((replay_rate/ZM_RATE_BASE) * STREAM_PAUSE_WAIT)/1000000; + if ( ! sleep_time ) { + sleep_time += STREAM_PAUSE_WAIT/1000000; + } + curr_stream_time += sleep_time; + Debug(2, "Sleeping (%dus) because we are not at the next event yet, adding %f", STREAM_PAUSE_WAIT, sleep_time); usleep(STREAM_PAUSE_WAIT); - //curr_stream_time += (replay_rate>0?1:-1) * ((1.0L * replay_rate * STREAM_PAUSE_WAIT)/(ZM_RATE_BASE * 1000000)); - curr_stream_time += (1.0L * replay_rate * STREAM_PAUSE_WAIT)/(ZM_RATE_BASE * 1000000); + + //curr_stream_time += (1.0L * replay_rate * STREAM_PAUSE_WAIT)/(ZM_RATE_BASE * 1000000); //} continue; } // end if !in_event From 09934ed7f5c13c0bf4acc5d3a14b7995649df64d Mon Sep 17 00:00:00 2001 From: Isaac Connor Date: Fri, 26 Jul 2019 12:21:25 -0400 Subject: [PATCH 378/922] Fix sendTextFrame --- src/zm_stream.cpp | 9 +++++---- 1 file changed, 5 insertions(+), 4 deletions(-) diff --git a/src/zm_stream.cpp b/src/zm_stream.cpp index 797946046..732b1b810 100644 --- a/src/zm_stream.cpp +++ b/src/zm_stream.cpp @@ -236,8 +236,9 @@ Image *StreamBase::prepareImage( Image *image ) { return image; } -bool StreamBase::sendTextFrame( const char *frame_text ) { - Debug(2, "Sending text frame '%s'", frame_text); +bool StreamBase::sendTextFrame(const char *frame_text) { + Debug(2, "Sending %dx%d * %d text frame '%s'", + monitor->Width(), monitor->Height(), scale, frame_text); Image image(monitor->Width(), monitor->Height(), monitor->Colours(), monitor->SubpixelOrder()); image.Annotate(frame_text, image.centreCoord(frame_text)); @@ -261,8 +262,8 @@ bool StreamBase::sendTextFrame( const char *frame_text ) { image.EncodeJpeg(buffer, &n_bytes); - fputs("--ZoneMinderFrame\r\nContent-Type: image/jpeg\r\n\r\n", stdout); - fprintf(stdout, "Content-Length: %d\r\n", n_bytes); + fputs("--ZoneMinderFrame\r\nContent-Type: image/jpeg\r\n", stdout); + fprintf(stdout, "Content-Length: %d\r\n\r\n", n_bytes); if ( fwrite(buffer, n_bytes, 1, stdout) != 1 ) { Error("Unable to send stream text frame: %s", strerror(errno)); return false; From e5c194e9ee12c8f1faecd8874fea4d1de9bef3c0 Mon Sep 17 00:00:00 2001 From: Isaac Connor Date: Fri, 26 Jul 2019 12:22:04 -0400 Subject: [PATCH 379/922] Fix return 403 status code --- src/zms.cpp | 8 ++++---- 1 file changed, 4 insertions(+), 4 deletions(-) diff --git a/src/zms.cpp b/src/zms.cpp index 9022fa00c..544aa9936 100644 --- a/src/zms.cpp +++ b/src/zms.cpp @@ -211,17 +211,17 @@ int main(int argc, const char *argv[]) { } } if ( !user ) { - fputs("HTTP/1.0 401 Unauthorized\r\n", stdout); + fputs("HTTP/1.0 403 Forbidden\r\n\r\n", stdout); Error("Unable to authenticate user"); logTerm(); zmDbClose(); - return -1; + return 0; } if ( !ValidateAccess(user, monitor_id) ) { - fputs("HTTP/1.0 403 Forbidden\r\n", stdout); + fputs("HTTP/1.0 403 Forbidden\r\n\r\n", stdout); logTerm(); zmDbClose(); - return -1; + return 0; } } // end if config.opt_use_auth From 4b89ced889bd17b94a2e9080134abcc2e458ede5 Mon Sep 17 00:00:00 2001 From: Isaac Connor Date: Fri, 26 Jul 2019 12:24:36 -0400 Subject: [PATCH 380/922] Warn about waiting more than .5s instead of .1 --- src/zm_eventstream.cpp | 6 +++--- 1 file changed, 3 insertions(+), 3 deletions(-) diff --git a/src/zm_eventstream.cpp b/src/zm_eventstream.cpp index f9791474d..36e8d097d 100644 --- a/src/zm_eventstream.cpp +++ b/src/zm_eventstream.cpp @@ -973,12 +973,12 @@ void EventStream::runStream() { (base_fps?base_fps:1), (replay_rate?abs(replay_rate*2):200) ); - if ( delta_us > 0 and delta_us < 100000 ) { + if ( delta_us > 0 and delta_us < 500000 ) { usleep(delta_us); } else { // Never want to sleep for too long, limit to .1s - Warning("sleeping .1s because delta_us (%d) not good!", delta_us); - usleep(100000); + Warning("sleeping .5s because delta_us (%d) not good!", delta_us); + usleep(500000); } } // end if !paused } // end while ! zm_terminate From 8167ff21438d0e6015dccf4ddb7c68de9221a218 Mon Sep 17 00:00:00 2001 From: Isaac Connor Date: Fri, 26 Jul 2019 12:28:02 -0400 Subject: [PATCH 381/922] fix eslint --- web/skins/classic/views/js/download.js | 12 ++++++------ 1 file changed, 6 insertions(+), 6 deletions(-) diff --git a/web/skins/classic/views/js/download.js b/web/skins/classic/views/js/download.js index 55a256795..717ab76de 100644 --- a/web/skins/classic/views/js/download.js +++ b/web/skins/classic/views/js/download.js @@ -26,14 +26,14 @@ function exportProgress() { } } -function exportResponse( respObj, respText ) { +function exportResponse(respObj, respText) { console.log(respObj); window.location.replace( - thisUrl+'?view='+currentView+'&'+eidParm - +'&exportFormat='+respObj.exportFormat - +'&exportFile='+respObj.exportFile - +'&generated='+((respObj.result=='Ok')?1:0) - +'&connkey='+connkey + thisUrl+'?view='+currentView+'&'+eidParm + +'&exportFormat='+respObj.exportFormat + +'&exportFile='+respObj.exportFile + +'&generated='+((respObj.result=='Ok')?1:0) + +'&connkey='+connkey ); } From 5a93150f5bb3cea41caeb430a5b79a2a1e898292 Mon Sep 17 00:00:00 2001 From: Isaac Connor Date: Mon, 29 Jul 2019 14:54:36 -0400 Subject: [PATCH 382/922] Use isset when testing for existence of authash in session --- web/includes/auth.php | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/web/includes/auth.php b/web/includes/auth.php index b6213e061..652ef3c98 100644 --- a/web/includes/auth.php +++ b/web/includes/auth.php @@ -377,7 +377,7 @@ if ( ZM_OPT_USE_AUTH ) { if ( ZM_AUTH_HASH_LOGINS and (ZM_AUTH_RELAY == 'hashed') ) { # Extra validation, if logged in, then the auth hash will be set in the session, so we can validate it. # This prevent session modification to switch users - if ( $_SESSION['AuthHash'.$_SESSION['remoteAddr']] ) + if ( isset($_SESSION['AuthHash'.$_SESSION['remoteAddr']]) ) $user = getAuthUser($_SESSION['AuthHash'.$_SESSION['remoteAddr']]); } else { # Need to refresh permissions and validate that the user still exists From 7f19831e0c71bf39bd89d4b7f50680806e949983 Mon Sep 17 00:00:00 2001 From: Isaac Connor Date: Mon, 29 Jul 2019 14:54:55 -0400 Subject: [PATCH 383/922] Use isset when testing for existence of authash in session --- web/includes/auth.php | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/web/includes/auth.php b/web/includes/auth.php index b6213e061..652ef3c98 100644 --- a/web/includes/auth.php +++ b/web/includes/auth.php @@ -377,7 +377,7 @@ if ( ZM_OPT_USE_AUTH ) { if ( ZM_AUTH_HASH_LOGINS and (ZM_AUTH_RELAY == 'hashed') ) { # Extra validation, if logged in, then the auth hash will be set in the session, so we can validate it. # This prevent session modification to switch users - if ( $_SESSION['AuthHash'.$_SESSION['remoteAddr']] ) + if ( isset($_SESSION['AuthHash'.$_SESSION['remoteAddr']]) ) $user = getAuthUser($_SESSION['AuthHash'.$_SESSION['remoteAddr']]); } else { # Need to refresh permissions and validate that the user still exists From 48ad8d47fcb29fee88568c0b77ba3010ec5e16f4 Mon Sep 17 00:00:00 2001 From: Isaac Connor Date: Wed, 31 Jul 2019 11:23:02 -0400 Subject: [PATCH 384/922] Add capture_max_fps to monitor object instead of just calculating the delay. --- src/zm_monitor.cpp | 23 ++++++++++++++++++----- src/zm_monitor.h | 3 +++ 2 files changed, 21 insertions(+), 5 deletions(-) diff --git a/src/zm_monitor.cpp b/src/zm_monitor.cpp index fda0f5709..7e4e7a333 100644 --- a/src/zm_monitor.cpp +++ b/src/zm_monitor.cpp @@ -302,6 +302,7 @@ Monitor::Monitor( int p_min_section_length, int p_frame_skip, int p_motion_frame_skip, + double p_capture_max_fps, double p_analysis_fps, unsigned int p_analysis_update_delay, int p_capture_delay, @@ -342,6 +343,7 @@ Monitor::Monitor( min_section_length( p_min_section_length ), frame_skip( p_frame_skip ), motion_frame_skip( p_motion_frame_skip ), + capture_max_fps( p_capture_max_fps ), analysis_fps( p_analysis_fps ), analysis_update_delay( p_analysis_update_delay ), capture_delay( p_capture_delay ), @@ -891,16 +893,19 @@ double Monitor::GetFPS() const { double time_diff = tvDiffSec( time2, time1 ); if ( ! time_diff ) { - Error( "No diff between time_diff = %lf (%d:%ld.%ld - %d:%ld.%ld), ibc: %d", time_diff, index2, time2.tv_sec, time2.tv_usec, index1, time1.tv_sec, time1.tv_usec, image_buffer_count ); + Error("No diff between time_diff = %lf (%d:%ld.%ld - %d:%ld.%ld), ibc: %d", + time_diff, index2, time2.tv_sec, time2.tv_usec, index1, time1.tv_sec, time1.tv_usec, image_buffer_count); return 0.0; } double curr_fps = image_count/time_diff; if ( curr_fps < 0.0 ) { - Error( "Negative FPS %f, time_diff = %lf (%d:%ld.%ld - %d:%ld.%ld), ibc: %d", curr_fps, time_diff, index2, time2.tv_sec, time2.tv_usec, index1, time1.tv_sec, time1.tv_usec, image_buffer_count ); + Error("Negative FPS %f, time_diff = %lf (%d:%ld.%ld - %d:%ld.%ld), ibc: %d", + curr_fps, time_diff, index2, time2.tv_sec, time2.tv_usec, index1, time1.tv_sec, time1.tv_usec, image_buffer_count); return 0.0; } else { - Debug( 2, "GetFPS %f, time_diff = %lf (%d:%ld.%ld - %d:%ld.%ld), ibc: %d", curr_fps, time_diff, index2, time2.tv_sec, time2.tv_usec, index1, time1.tv_sec, time1.tv_usec, image_buffer_count ); + Debug(2, "GetFPS %f, time_diff = %lf (%d:%ld.%ld - %d:%ld.%ld), ibc: %d", + curr_fps, time_diff, index2, time2.tv_sec, time2.tv_usec, index1, time1.tv_sec, time1.tv_usec, image_buffer_count); } return curr_fps; } @@ -1835,7 +1840,10 @@ void Monitor::Reload() { motion_frame_skip = atoi(dbrow[index++]); analysis_fps = dbrow[index] ? strtod(dbrow[index], NULL) : 0; index++; analysis_update_delay = strtoul(dbrow[index++], NULL, 0); - capture_delay = (dbrow[index]&&atof(dbrow[index])>0.0)?int(DT_PREC_3/atof(dbrow[index])):0; index++; + + capture_max_fps = dbrow[index] ? atof(dbrow[index]) : 0.0; index++; + capture_delay = ( capture_max_fps > 0.0 ) ? int(DT_PREC_3/capture_max_fps) : 0; + alarm_capture_delay = (dbrow[index]&&atof(dbrow[index])>0.0)?int(DT_PREC_3/atof(dbrow[index])):0; index++; fps_report_interval = atoi(dbrow[index++]); ref_blend_perc = atoi(dbrow[index++]); @@ -2064,7 +2072,11 @@ Monitor *Monitor::Load(MYSQL_ROW dbrow, bool load_zones, Purpose purpose) { double analysis_fps = dbrow[col] ? strtod(dbrow[col], NULL) : 0; col++; unsigned int analysis_update_delay = strtoul(dbrow[col++], NULL, 0); - double capture_delay = (dbrow[col]&&atof(dbrow[col])>0.0)?int(DT_PREC_3/atof(dbrow[col])):0; col++; + + double capture_max_fps = dbrow[col] ? atof(dbrow[col]) : 0.0; col++; + double capture_delay = ( capture_max_fps > 0.0 ) ? int(DT_PREC_3/capture_max_fps) : 0; + + Debug(1,"Capture Delay!? %.3f", capture_delay); unsigned int alarm_capture_delay = (dbrow[col]&&atof(dbrow[col])>0.0)?int(DT_PREC_3/atof(dbrow[col])):0; col++; const char *device = dbrow[col]; col++; @@ -2338,6 +2350,7 @@ Monitor *Monitor::Load(MYSQL_ROW dbrow, bool load_zones, Purpose purpose) { min_section_length, frame_skip, motion_frame_skip, + capture_max_fps, analysis_fps, analysis_update_delay, capture_delay, diff --git a/src/zm_monitor.h b/src/zm_monitor.h index 37efec69a..046f20c5a 100644 --- a/src/zm_monitor.h +++ b/src/zm_monitor.h @@ -279,6 +279,7 @@ protected: bool adaptive_skip; // Whether to use the newer adaptive algorithm for this monitor int frame_skip; // How many frames to skip in continuous modes int motion_frame_skip; // How many frames to skip in motion detection + double capture_max_fps; // Target Capture FPS double analysis_fps; // Target framerate for video analysis unsigned int analysis_update_delay; // How long we wait before updating analysis parameters int capture_delay; // How long we wait between capture frames @@ -390,6 +391,7 @@ public: int p_min_section_length, int p_frame_skip, int p_motion_frame_skip, + double p_capture_max_fps, double p_analysis_fps, unsigned int p_analysis_update_delay, int p_capture_delay, @@ -473,6 +475,7 @@ public: void UpdateAdaptiveSkip(); useconds_t GetAnalysisRate(); unsigned int GetAnalysisUpdateDelay() const { return analysis_update_delay; } + unsigned int GetCaptureMaxFPS() const { return capture_max_fps; } int GetCaptureDelay() const { return capture_delay; } int GetAlarmCaptureDelay() const { return alarm_capture_delay; } unsigned int GetLastReadIndex() const; From 90cb5d018aadd35a730e8421b2adf51b4b88846d Mon Sep 17 00:00:00 2001 From: Isaac Connor Date: Wed, 31 Jul 2019 11:42:38 -0400 Subject: [PATCH 385/922] Fix 2673 (#2675) * Change MaxFPS to DECIMAL(5,3) to handle values like 1/60 = 0.017 * When fps < 1 we may need to wait longer than 10s. Also, we cannot sleep for a long time, because we may need to send a keep alive or check the command queue. So limit the sleep to 1s * Bump version * Update MaxFPS to Decimal(5,3) * Fix missing ; --- db/zm_create.sql.in | 2 +- db/zm_update-1.33.13.sql | 6 +++ src/zm_monitorstream.cpp | 86 ++++++++++++++++++++++++++++------------ version | 2 +- 4 files changed, 68 insertions(+), 28 deletions(-) create mode 100644 db/zm_update-1.33.13.sql diff --git a/db/zm_create.sql.in b/db/zm_create.sql.in index d1952f66a..ed81489da 100644 --- a/db/zm_create.sql.in +++ b/db/zm_create.sql.in @@ -413,7 +413,7 @@ CREATE TABLE `MonitorPresets` ( `Width` smallint(5) unsigned default NULL, `Height` smallint(5) unsigned default NULL, `Palette` int(10) unsigned default NULL, - `MaxFPS` decimal(5,2) default NULL, + `MaxFPS` decimal(5,3) default NULL, `Controllable` tinyint(3) unsigned NOT NULL default '0', `ControlId` varchar(16) default NULL, `ControlDevice` varchar(255) default NULL, diff --git a/db/zm_update-1.33.13.sql b/db/zm_update-1.33.13.sql new file mode 100644 index 000000000..8114205c0 --- /dev/null +++ b/db/zm_update-1.33.13.sql @@ -0,0 +1,6 @@ +-- +-- Add primary keys for Logs and Stats tables +-- + +SELECT "Modifying Monitors MaxFPS to DECIMAL(5,3)"; +ALTER TABLE `Monitors` MODIFY `MaxFPS` decimal(5,3) default NULL; diff --git a/src/zm_monitorstream.cpp b/src/zm_monitorstream.cpp index 264749201..15406c456 100644 --- a/src/zm_monitorstream.cpp +++ b/src/zm_monitorstream.cpp @@ -27,6 +27,8 @@ #include #include +const int MAX_SLEEP_USEC=1000000; // 1 sec + bool MonitorStream::checkSwapPath(const char *path, bool create_path) { struct stat stat_buf; @@ -416,20 +418,21 @@ bool MonitorStream::sendFrame(Image *image, struct timeval *timestamp) { } return false; } - fputs("\r\n\r\n",stdout); - fflush( stdout ); + fputs("\r\n\r\n", stdout); + fflush(stdout); struct timeval frameEndTime; - gettimeofday( &frameEndTime, NULL ); + gettimeofday(&frameEndTime, NULL); - int frameSendTime = tvDiffMsec( frameStartTime, frameEndTime ); + int frameSendTime = tvDiffMsec(frameStartTime, frameEndTime); if ( frameSendTime > 1000/maxfps ) { maxfps /= 1.5; - Warning("Frame send time %d msec too slow, throttling maxfps to %.2f", frameSendTime, maxfps); + Warning("Frame send time %d msec too slow, throttling maxfps to %.2f", + frameSendTime, maxfps); } } - last_frame_sent = TV_2_FLOAT( now ); - return( true ); + last_frame_sent = TV_2_FLOAT(now); + return true; } // end bool MonitorStream::sendFrame( Image *image, struct timeval *timestamp ) void MonitorStream::runStream() { @@ -515,16 +518,33 @@ void MonitorStream::runStream() { } // end if connkey & playback_buffer float max_secs_since_last_sent_frame = 10.0; //should be > keep alive amount (5 secs) + // if MaxFPS < 0 as in 1/60 = 0.017 then we won't get another frame for 60 sec. + double capture_fps = monitor->GetFPS(); + double capture_max_fps = monitor->GetCaptureMaxFPS(); + if ( capture_max_fps && ( capture_fps > capture_max_fps ) ) { + Debug(1, "Using %.3f for fps instead of current fps %.3f", capture_max_fps, capture_fps); + capture_fps = capture_max_fps; + } + + if ( capture_fps < 1 ) { + max_secs_since_last_sent_frame = 10/capture_fps; + Debug(1, "Adjusting max_secs_since_last_sent_frame to %.2f from current fps %.2f", + max_secs_since_last_sent_frame, monitor->GetFPS()); + } else { + Debug(1, "Not Adjusting max_secs_since_last_sent_frame to %.2f from current fps %.2f", + max_secs_since_last_sent_frame, monitor->GetFPS()); + } + while ( !zm_terminate ) { bool got_command = false; if ( feof(stdout) ) { - Debug(2,"feof stdout"); + Debug(2, "feof stdout"); break; } else if ( ferror(stdout) ) { - Debug(2,"ferror stdout"); + Debug(2, "ferror stdout"); break; } else if ( !monitor->ShmValid() ) { - Debug(2,"monitor not valid.... maybe we should wait until it comes back."); + Debug(2, "monitor not valid.... maybe we should wait until it comes back."); break; } @@ -547,12 +567,12 @@ void MonitorStream::runStream() { if ( paused ) { if ( !was_paused ) { int index = monitor->shared_data->last_write_index % monitor->image_buffer_count; - Debug(1,"Saving paused image from index %d",index); - paused_image = new Image( *monitor->image_buffer[index].image ); + Debug(1, "Saving paused image from index %d",index); + paused_image = new Image(*monitor->image_buffer[index].image); paused_timestamp = *(monitor->image_buffer[index].timestamp); } } else if ( paused_image ) { - Debug(1,"Clearing paused_image"); + Debug(1, "Clearing paused_image"); delete paused_image; paused_image = NULL; } @@ -560,7 +580,7 @@ void MonitorStream::runStream() { if ( buffered_playback && delayed ) { if ( temp_read_index == temp_write_index ) { // Go back to live viewing - Debug( 1, "Exceeded temporary streaming buffer" ); + Debug(1, "Exceeded temporary streaming buffer"); // Clear paused flag paused = false; // Clear delayed_play flag @@ -611,10 +631,10 @@ void MonitorStream::runStream() { //paused? int temp_index = MOD_ADD(temp_read_index, 0, temp_image_buffer_count); - double actual_delta_time = TV_2_FLOAT( now ) - last_frame_sent; - if ( got_command || actual_delta_time > 5 ) { + double actual_delta_time = TV_2_FLOAT( now ) - last_frame_sent; + if ( got_command || actual_delta_time > 5 ) { // Send keepalive - Debug( 2, "Sending keepalive frame %d", temp_index ); + Debug(2, "Sending keepalive frame %d", temp_index); // Send the next frame if ( !sendFrame( temp_image_buffer[temp_index].file_name, &temp_image_buffer[temp_index].timestamp ) ) zm_terminate = true; @@ -625,7 +645,7 @@ void MonitorStream::runStream() { if ( temp_read_index == temp_write_index ) { // Go back to live viewing - Warning( "Rewound over write index, resuming live play" ); + Warning("Rewound over write index, resuming live play"); // Clear paused flag paused = false; // Clear delayed_play flag @@ -638,7 +658,8 @@ void MonitorStream::runStream() { // have a new image to send int index = monitor->shared_data->last_write_index % monitor->image_buffer_count; // % shouldn't be neccessary last_read_index = monitor->shared_data->last_write_index; - Debug( 2, "index: %d: frame_mod: %d frame count: %d paused(%d) delayed(%d)", index, frame_mod, frame_count, paused, delayed ); + Debug(2, "index: %d: frame_mod: %d frame count: %d paused(%d) delayed(%d)", + index, frame_mod, frame_count, paused, delayed ); if ( (frame_mod == 1) || ((frame_count%frame_mod) == 0) ) { if ( !paused && !delayed ) { // Send the next frame @@ -655,18 +676,19 @@ void MonitorStream::runStream() { temp_read_index = temp_write_index; } else { + Debug(2, "Paused %d, delayed %d", paused, delayed); double actual_delta_time = TV_2_FLOAT(now) - last_frame_sent; if ( actual_delta_time > 5 ) { if ( paused_image ) { // Send keepalive - Debug(2, "Sending keepalive frame "); + Debug(2, "Sending keepalive frame because delta time %.2f > 5", actual_delta_time); // Send the next frame if ( !sendFrame(paused_image, &paused_timestamp) ) zm_terminate = true; } else { Debug(2, "Would have sent keepalive frame, but had no paused_image "); } - } + } } } // end if should send frame @@ -698,11 +720,17 @@ void MonitorStream::runStream() { } // end if buffered playback frame_count++; } else { - Debug(4,"Waiting for capture last_write_index=%u", monitor->shared_data->last_write_index); + Debug(3, "Waiting for capture last_write_index=%u", monitor->shared_data->last_write_index); } // end if ( (unsigned int)last_read_index != monitor->shared_data->last_write_index ) unsigned long sleep_time = (unsigned long)((1000000 * ZM_RATE_BASE)/((base_fps?base_fps:1)*abs(replay_rate*2))); - Debug(4, "Sleeping for (%d)", sleep_time); + Debug(3, "Sleeping for (%d)", sleep_time); + + if ( sleep_time > MAX_SLEEP_USEC ) { + // Shouldn't sleep for long because we need to check command queue, etc. + sleep_time = MAX_SLEEP_USEC; + } + Debug(3, "Sleeping for %dus", sleep_time); usleep(sleep_time); if ( ttl ) { if ( (now.tv_sec - stream_start_time) > ttl ) { @@ -713,9 +741,15 @@ void MonitorStream::runStream() { if ( ! last_frame_sent ) { // If we didn't capture above, because frame_mod was bad? Then last_frame_sent will not have a value. last_frame_sent = now.tv_sec; - Warning( "no last_frame_sent. Shouldn't happen. frame_mod was (%d) frame_count (%d) ", frame_mod, frame_count ); - } else if ( (!paused) && ( (TV_2_FLOAT( now ) - last_frame_sent) > max_secs_since_last_sent_frame ) ) { - Error( "Terminating, last frame sent time %f secs more than maximum of %f", TV_2_FLOAT( now ) - last_frame_sent, max_secs_since_last_sent_frame ); + Warning("no last_frame_sent. Shouldn't happen. frame_mod was (%d) frame_count (%d) ", + frame_mod, frame_count); + } else if ( + (!paused) + && + ( (TV_2_FLOAT(now) - last_frame_sent) > max_secs_since_last_sent_frame ) + ) { + Error("Terminating, last frame sent time %f secs more than maximum of %f", + TV_2_FLOAT(now) - last_frame_sent, max_secs_since_last_sent_frame); break; } } // end while diff --git a/version b/version index 325da8275..91a50ee09 100644 --- a/version +++ b/version @@ -1 +1 @@ -1.33.12 +1.33.13 From 14ed777eebf0ccdcfaa071c12724d16794e4a0fe Mon Sep 17 00:00:00 2001 From: Isaac Connor Date: Wed, 31 Jul 2019 17:17:54 -0400 Subject: [PATCH 386/922] fix segfault when debbing is turned on for zma --- src/zm_monitor.cpp | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/src/zm_monitor.cpp b/src/zm_monitor.cpp index 7e4e7a333..787ff5e34 100644 --- a/src/zm_monitor.cpp +++ b/src/zm_monitor.cpp @@ -1530,7 +1530,7 @@ bool Monitor::Analyse() { Info("%s: %03d - Closing event %" PRIu64 ", continuous end, alarm begins", name, image_count, event->Id()); closeEvent(); - } else { + } else if ( event ) { // This is so if we need more than 1 alarm frame before going into alarm, so it is basically if we have enough alarm frames Debug(3, "pre-alarm-count in event %d, event frames %d, alarm frames %d event length %d >=? %d", Event::PreAlarmCount(), event->Frames(), event->AlarmFrames(), From 479e7c290c7bd7f0f71d9b4026d601370253b7d4 Mon Sep 17 00:00:00 2001 From: Isaac Connor Date: Thu, 1 Aug 2019 09:51:03 -0400 Subject: [PATCH 387/922] cosmic is unsupported, don't build for it by default --- utils/do_debian_package.sh | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/utils/do_debian_package.sh b/utils/do_debian_package.sh index 7addf8362..f80bc520c 100755 --- a/utils/do_debian_package.sh +++ b/utils/do_debian_package.sh @@ -80,7 +80,7 @@ fi; if [ "$DISTROS" == "" ]; then if [ "$RELEASE" != "" ]; then - DISTROS="xenial,bionic,cosmic,disco,trusty" + DISTROS="xenial,bionic,disco,trusty" else DISTROS=`lsb_release -a 2>/dev/null | grep Codename | awk '{print $2}'`; fi; From 6a425b698874e8afcc7d4d32255c3f5f5834cd07 Mon Sep 17 00:00:00 2001 From: Isaac Connor Date: Thu, 1 Aug 2019 10:02:31 -0400 Subject: [PATCH 388/922] If token is present do token based auth and do not do anything with session --- web/includes/auth.php | 116 +++++++++++++++++++++--------------------- 1 file changed, 57 insertions(+), 59 deletions(-) diff --git a/web/includes/auth.php b/web/includes/auth.php index 652ef3c98..ee7965dce 100644 --- a/web/includes/auth.php +++ b/web/includes/auth.php @@ -236,10 +236,9 @@ function validateToken ($token, $allowed_token_type='access', $from_api_layer=fa // if from_api_layer is true, an additional check will be done // to make sure APIs are enabled for this user. This is a good place // to do it, since we are doing a DB dip here. - ZM\Error ("API is disabled for \"$username\""); + ZM\Error("API is disabled for \"$username\""); unset($user); return array(false, 'API is disabled for user'); - } $issuedAt = $jwt_payload['iat']; @@ -247,7 +246,6 @@ function validateToken ($token, $allowed_token_type='access', $from_api_layer=fa if ( $issuedAt < $minIssuedAt ) { ZM\Error("Token revoked for $username. Please generate a new token"); - $_SESSION['loginFailed'] = true; unset($user); return array(false, 'Token revoked. Please re-generate'); } @@ -256,7 +254,6 @@ function validateToken ($token, $allowed_token_type='access', $from_api_layer=fa return array($user, 'OK'); } else { ZM\Error("Could not retrieve user $username details"); - $_SESSION['loginFailed'] = true; unset($user); return array(false, 'No such user/credentials'); } @@ -291,19 +288,17 @@ function getAuthUser($auth, $from_api_layer = false) { $authHash = md5($authKey); if ( $auth == $authHash ) { - if ($from_api_layer && $user['APIEnabled'] == 0) { + if ( $from_api_layer && $user['APIEnabled'] == 0 ) { // if from_api_layer is true, an additional check will be done // to make sure APIs are enabled for this user. This is a good place // to do it, since we are doing a DB dip here. - ZM\Error ("API is disabled for \"".$user['Username']."\""); - unset($user); - return array(false, 'API is disabled for user'); - - } - else { - return $user; - } - } + ZM\Error('API is disabled for "'.$user['Username'].'"'); + unset($user); + return array(false, 'API is disabled for user'); + } else { + return $user; + } + } // en dif $auth == $authHash } // end foreach hour } // end foreach user } // end if using auth hash @@ -367,53 +362,56 @@ function canEdit($area, $mid=false) { global $user; if ( ZM_OPT_USE_AUTH ) { - $close_session = 0; - if ( !is_session_started() ) { - zm_session_start(); - $close_session = 1; - } - - if ( isset($_SESSION['username']) ) { - if ( ZM_AUTH_HASH_LOGINS and (ZM_AUTH_RELAY == 'hashed') ) { - # Extra validation, if logged in, then the auth hash will be set in the session, so we can validate it. - # This prevent session modification to switch users - if ( isset($_SESSION['AuthHash'.$_SESSION['remoteAddr']]) ) - $user = getAuthUser($_SESSION['AuthHash'.$_SESSION['remoteAddr']]); - } else { - # Need to refresh permissions and validate that the user still exists - $sql = 'SELECT * FROM Users WHERE Enabled=1 AND Username=?'; - $user = dbFetchOne($sql, NULL, array($_SESSION['username'])); - } - } - - if ( ZM_AUTH_RELAY == 'plain' ) { - // Need to save this in session - $_SESSION['password'] = $user['Password']; - } - $_SESSION['remoteAddr'] = $_SERVER['REMOTE_ADDR']; // To help prevent session hijacking - - if ( ZM_AUTH_HASH_LOGINS && empty($user) && !empty($_REQUEST['auth']) ) { - if ( $authUser = getAuthUser($_REQUEST['auth']) ) { - userLogin($authUser['Username'], $authUser['Password'], true); - } - } else if ( isset($_REQUEST['username']) and isset($_REQUEST['password']) ) { - userLogin($_REQUEST['username'], $_REQUEST['password'], false); - # Because it might have migrated the password we need to update the hash - generateAuthHash(ZM_AUTH_HASH_IPS, true); - } - - if ( empty($user) && !empty($_REQUEST['token']) ) { + if ( !empty($_REQUEST['token']) ) { $ret = validateToken($_REQUEST['token'], 'access'); $user = $ret[0]; - } + } else { + // Non token based auth + + $close_session = 0; + if ( !is_session_started() ) { + zm_session_start(); + $close_session = 1; + } - if ( !empty($user) ) { - // generate it once here, while session is open. Value will be cached in session and return when called later on - generateAuthHash(ZM_AUTH_HASH_IPS); - } - if ( $close_session ) - session_write_close(); -} else { + if ( isset($_SESSION['username']) ) { + if ( ZM_AUTH_HASH_LOGINS and (ZM_AUTH_RELAY == 'hashed') ) { + # Extra validation, if logged in, then the auth hash will be set in the session, so we can validate it. + # This prevent session modification to switch users + if ( isset($_SESSION['AuthHash'.$_SESSION['remoteAddr']]) ) + $user = getAuthUser($_SESSION['AuthHash'.$_SESSION['remoteAddr']]); + } else { + # Need to refresh permissions and validate that the user still exists + $sql = 'SELECT * FROM Users WHERE Enabled=1 AND Username=?'; + $user = dbFetchOne($sql, NULL, array($_SESSION['username'])); + } + } + + if ( ZM_AUTH_RELAY == 'plain' ) { + // Need to save this in session + $_SESSION['password'] = $user['Password']; + } + $_SESSION['remoteAddr'] = $_SERVER['REMOTE_ADDR']; // To help prevent session hijacking + + if ( ZM_AUTH_HASH_LOGINS && empty($user) && !empty($_REQUEST['auth']) ) { + if ( $authUser = getAuthUser($_REQUEST['auth']) ) { + userLogin($authUser['Username'], $authUser['Password'], true); + } + } else if ( isset($_REQUEST['username']) and isset($_REQUEST['password']) ) { + userLogin($_REQUEST['username'], $_REQUEST['password'], false); + # Because it might have migrated the password we need to update the hash + generateAuthHash(ZM_AUTH_HASH_IPS, true); + } + + if ( !empty($user) ) { + // generate it once here, while session is open. Value will be cached in session and return when called later on + generateAuthHash(ZM_AUTH_HASH_IPS); + } + if ( $close_session ) + session_write_close(); + } # end if token based auth +} # end if ZM_OPT_USE_AUTH + +if ( !$user ) $user = $defaultUser; -} ?> From 6a9464044b674d8ccaa3b3c3bf56ef240d463fef Mon Sep 17 00:00:00 2001 From: Isaac Connor Date: Fri, 2 Aug 2019 08:03:02 -0400 Subject: [PATCH 389/922] Demote warnings about fixing non-monotonic dts to debug --- src/zm_videostore.cpp | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/src/zm_videostore.cpp b/src/zm_videostore.cpp index 563c06be8..8ea93047d 100644 --- a/src/zm_videostore.cpp +++ b/src/zm_videostore.cpp @@ -1010,7 +1010,7 @@ int VideoStore::writeVideoFramePacket(AVPacket *ipkt) { # if 1 if ( opkt.dts < video_out_stream->cur_dts ) { - Warning("Fixing non-monotonic dts/pts dts %" PRId64 " pts %" PRId64 " stream %" PRId64, + Debug(1, "Fixing non-monotonic dts/pts dts %" PRId64 " pts %" PRId64 " stream %" PRId64, opkt.dts, opkt.pts, video_out_stream->cur_dts); opkt.dts = video_out_stream->cur_dts; if ( opkt.dts > opkt.pts ) { From 7e6b0058d2ed80012db2b752c1d21c499edd3292 Mon Sep 17 00:00:00 2001 From: Isaac Connor Date: Fri, 2 Aug 2019 08:04:38 -0400 Subject: [PATCH 390/922] Update Zone buttons. Fix double submit. Fixes #2671 --- web/includes/actions/zone.php | 2 +- web/skins/classic/views/js/zone.js | 4 +-- web/skins/classic/views/zone.php | 40 ++++++++++++++++-------------- 3 files changed, 24 insertions(+), 22 deletions(-) diff --git a/web/includes/actions/zone.php b/web/includes/actions/zone.php index 692dcf11d..cc7db0226 100644 --- a/web/includes/actions/zone.php +++ b/web/includes/actions/zone.php @@ -44,7 +44,7 @@ if ( !empty($_REQUEST['mid']) && canEdit('Monitors', $_REQUEST['mid']) ) { $_REQUEST['newZone']['MaxBlobPixels'] = intval(($_REQUEST['newZone']['MaxBlobPixels']*$_REQUEST['newZone']['Area'])/100); } - unset( $_REQUEST['newZone']['Points'] ); + unset($_REQUEST['newZone']['Points']); # convert these fields to integer e.g. NULL -> 0 $types = array( diff --git a/web/skins/classic/views/js/zone.js b/web/skins/classic/views/js/zone.js index cf80e8f03..8ed5d4544 100644 --- a/web/skins/classic/views/js/zone.js +++ b/web/skins/classic/views/js/zone.js @@ -371,8 +371,8 @@ function updateY( index ) { function saveChanges( element ) { var form = element.form; - if ( validateForm( form ) ) { - submitForm( form ); + if ( validateForm(form) ) { + submitForm(form); if ( form.elements['newZone[Type]'].value == 'Privacy' ) { alert( 'Capture process for this monitor will be restarted for the Privacy zone changes to take effect.' ); } diff --git a/web/skins/classic/views/zone.php b/web/skins/classic/views/zone.php index 5f03580f7..ea4ad990c 100644 --- a/web/skins/classic/views/zone.php +++ b/web/skins/classic/views/zone.php @@ -63,7 +63,7 @@ $maxY = $monitor->Height()-1; if ( !isset($newZone) ) { if ( $zid > 0 ) { - $zone = dbFetchOne( 'SELECT * FROM Zones WHERE MonitorId = ? AND Id=?', NULL, array( $monitor->Id(), $zid ) ); + $zone = dbFetchOne('SELECT * FROM Zones WHERE MonitorId = ? AND Id=?', NULL, array($monitor->Id(), $zid)); } else { $zone = array( 'Id' => 0, @@ -98,23 +98,23 @@ if ( !isset($newZone) ) { } # end if new Zone # Ensure Zone fits within the limits of the Monitor -limitPoints( $newZone['Points'], $minX, $minY, $maxX, $maxY ); +limitPoints($newZone['Points'], $minX, $minY, $maxX, $maxY); -ksort( $newZone['Points'], SORT_NUMERIC ); +ksort($newZone['Points'], SORT_NUMERIC); -$newZone['Coords'] = pointsToCoords( $newZone['Points'] ); -$newZone['Area'] = getPolyArea( $newZone['Points'] ); -$newZone['AreaCoords'] = preg_replace( '/\s+/', ',', $newZone['Coords'] ); -$selfIntersecting = isSelfIntersecting( $newZone['Points'] ); +$newZone['Coords'] = pointsToCoords($newZone['Points']); +$newZone['Area'] = getPolyArea($newZone['Points']); +$newZone['AreaCoords'] = preg_replace('/\s+/', ',', $newZone['Coords']); +$selfIntersecting = isSelfIntersecting($newZone['Points']); $focusWindow = true; $connkey = generateConnKey(); $streamSrc = ''; $streamMode = ''; # Have to do this here, because the .js.php references somethings figured out when generating the streamHTML -$StreamHTML = getStreamHTML( $monitor, array('scale'=>$scale) ); +$StreamHTML = getStreamHTML($monitor, array('scale'=>$scale)); -xhtmlHeaders(__FILE__, translate('Zone') ); +xhtmlHeaders(__FILE__, translate('Zone')); ?>
@@ -132,7 +132,7 @@ xhtmlHeaders(__FILE__, translate('Zone') );
- +
@@ -162,7 +162,7 @@ xhtmlHeaders(__FILE__, translate('Zone') ); - + @@ -216,14 +216,14 @@ xhtmlHeaders(__FILE__, translate('Zone') ); Id(), $zone['Id'] ) ); + $other_zones = dbFetchAll('SELECT * FROM Zones WHERE MonitorId = ? AND Id != ?', NULL, array($monitor->Id(), $zone['Id'])); } else { - $other_zones = dbFetchAll( 'SELECT * FROM Zones WHERE MonitorId = ?', NULL, array( $monitor->Id() ) ); + $other_zones = dbFetchAll('SELECT * FROM Zones WHERE MonitorId = ?', NULL, array($monitor->Id())); } -if ( count( $other_zones ) ) { +if ( count($other_zones) ) { $html = ''; - foreach( $other_zones as $other_zone ) { - $other_zone['AreaCoords'] = preg_replace( '/\s+/', ',', $other_zone['Coords'] ); + foreach ( $other_zones as $other_zone ) { + $other_zone['AreaCoords'] = preg_replace('/\s+/', ',', $other_zone['Coords']); $html .= ''; } echo $html; @@ -267,9 +267,11 @@ for ( $i = 0; $i < $pointCols; $i++ ) {
- - disabled="disabled"/> - + + +
From 26720192eac08164c09577fa5e24ebdd1c2095fe Mon Sep 17 00:00:00 2001 From: Isaac Connor Date: Tue, 6 Aug 2019 20:30:06 -0400 Subject: [PATCH 391/922] bumpv ersion for copy to filtet code --- version | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/version b/version index 91a50ee09..bd9492a0b 100644 --- a/version +++ b/version @@ -1 +1 @@ -1.33.13 +1.33.14 From 78e49cd2cbe6004553e221bf1ef7b6118a2ae8a0 Mon Sep 17 00:00:00 2001 From: Andrew Bauer Date: Wed, 7 Aug 2019 09:39:28 -0500 Subject: [PATCH 392/922] Update debian.rst fixes #2679 --- docs/installationguide/debian.rst | 8 +++++++- 1 file changed, 7 insertions(+), 1 deletion(-) diff --git a/docs/installationguide/debian.rst b/docs/installationguide/debian.rst index 1c85e704c..74a9ca81d 100644 --- a/docs/installationguide/debian.rst +++ b/docs/installationguide/debian.rst @@ -189,11 +189,17 @@ Add the following to the bottom of the file :: # Backports repository - deb http://httpredir.debian.org/debian jessie-backports main contrib non-free + deb http://archive.debian.org/debian/ jessie-backports main contrib non-free CTRL+o and to save CTRL+x to exit +Run the following + +:: + + echo 'Acquire::Check-Valid-Until no;' > /etc/apt/apt.conf.d/99no-check-valid-until + **Step 5:** Install ZoneMinder :: From 5cc6b6b0af52a7188cada9ee5d22a629cee35cd9 Mon Sep 17 00:00:00 2001 From: Isaac Connor Date: Wed, 7 Aug 2019 11:15:50 -0400 Subject: [PATCH 393/922] Fix EIMOD substitution --- scripts/zmfilter.pl.in | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/scripts/zmfilter.pl.in b/scripts/zmfilter.pl.in index 5cba8f1d4..074cba1b5 100644 --- a/scripts/zmfilter.pl.in +++ b/scripts/zmfilter.pl.in @@ -642,7 +642,7 @@ sub substituteTags { my $Monitor = $Event->Monitor() if $need_monitor; # Do we need the image information too? - my $need_images = $text =~ /%(?:EPI1|EPIM|EI1|EIM|EI1A|EIMA)%/; + my $need_images = $text =~ /%(?:EPI1|EPIM|EI1|EIM|EI1A|EIMA|EIMOD)%/; my $first_alarm_frame; my $max_alarm_frame; my $max_alarm_score = 0; From fb7ab993b5258ba34d9996e204d8e292f6a6d5fa Mon Sep 17 00:00:00 2001 From: Isaac Connor Date: Wed, 7 Aug 2019 15:34:30 -0400 Subject: [PATCH 394/922] Have to include the --daemon param when telling zmdc.pl what to do with zmfilter.pl --- web/includes/Filter.php | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/web/includes/Filter.php b/web/includes/Filter.php index d59ecda7c..ae41be4f4 100644 --- a/web/includes/Filter.php +++ b/web/includes/Filter.php @@ -124,7 +124,7 @@ class Filter extends ZM_Object { if ( !defined('ZM_SERVER_ID') or !$Server->Id() or ZM_SERVER_ID==$Server->Id() ) { # Local Logger::Debug("Controlling filter locally $command for server ".$Server->Id()); - daemonControl($command, 'zmfilter.pl', '--filter_id='.$this->{'Id'}); + daemonControl($command, 'zmfilter.pl', '--filter_id='.$this->{'Id'}.' --daemon'); } else { # Remote case From fb414b3f19de38e672bf6cf8a2d97c8758fd9435 Mon Sep 17 00:00:00 2001 From: Isaac Connor Date: Wed, 7 Aug 2019 15:34:45 -0400 Subject: [PATCH 395/922] remove debug statements --- web/skins/classic/views/filter.php | 3 --- 1 file changed, 3 deletions(-) diff --git a/web/skins/classic/views/filter.php b/web/skins/classic/views/filter.php index 2f159230e..0c078daf0 100644 --- a/web/skins/classic/views/filter.php +++ b/web/skins/classic/views/filter.php @@ -45,9 +45,6 @@ if ( !$filter ) { $filter = new ZM\Filter(); } -ZM\Logger::Debug("Query: " . $filter->Query_json()); -ZM\Logger::Debug("Query: " . print_r($filter->Query(), true)); - if ( isset($_REQUEST['filter']) ) { # Update our filter object with whatever changes we have made before saving #$filter->set($_REQUEST['filter']); From bf6170bf618aef2a3690606a958dacc9a35e01d9 Mon Sep 17 00:00:00 2001 From: Isaac Connor Date: Wed, 7 Aug 2019 15:47:12 -0400 Subject: [PATCH 396/922] Test for values in aws url and give better errors if Url empty. Don't append events dir to S3 bucket path --- scripts/ZoneMinder/lib/ZoneMinder/Event.pm | 102 +++++++++++---------- 1 file changed, 54 insertions(+), 48 deletions(-) diff --git a/scripts/ZoneMinder/lib/ZoneMinder/Event.pm b/scripts/ZoneMinder/lib/ZoneMinder/Event.pm index fd1c8297d..0fc43f24a 100644 --- a/scripts/ZoneMinder/lib/ZoneMinder/Event.pm +++ b/scripts/ZoneMinder/lib/ZoneMinder/Event.pm @@ -573,55 +573,61 @@ sub CopyTo { my $moved = 0; if ( $$NewStorage{Type} eq 's3fs' ) { - my ( $aws_id, $aws_secret, $aws_host, $aws_bucket ) = ( $$NewStorage{Url} =~ /^\s*([^:]+):([^@]+)@([^\/]*)\/(.+)\s*$/ ); - eval { - require Net::Amazon::S3; - require File::Slurp; - my $s3 = Net::Amazon::S3->new( { - aws_access_key_id => $aws_id, - aws_secret_access_key => $aws_secret, - ( $aws_host ? ( host => $aws_host ) : () ), - }); - my $bucket = $s3->bucket($aws_bucket); - if ( ! $bucket ) { - Error("S3 bucket $bucket not found."); - die; + if ( $$NewStorage{Url} ) { + my ( $aws_id, $aws_secret, $aws_host, $aws_bucket ) = ( $$NewStorage{Url} =~ /^\s*([^:]+):([^@]+)@([^\/]*)\/(.+)\s*$/ ); + if ( $aws_id and $aws_secret and $aws_host and $aws_bucket ) { + eval { + require Net::Amazon::S3; + require File::Slurp; + my $s3 = Net::Amazon::S3->new( { + aws_access_key_id => $aws_id, + aws_secret_access_key => $aws_secret, + ( $aws_host ? ( host => $aws_host ) : () ), + }); + my $bucket = $s3->bucket($aws_bucket); + if ( !$bucket ) { + Error("S3 bucket $bucket not found."); + die; + } + + my $event_path = $self->RelativePath(); + Debug("Making directory $event_path/"); + if ( ! $bucket->add_key($event_path.'/', '') ) { + die "Unable to add key for $event_path/"; + } + + my @files = glob("$OldPath/*"); + Debug("Files to move @files"); + foreach my $file ( @files ) { + next if $file =~ /^\./; + ( $file ) = ( $file =~ /^(.*)$/ ); # De-taint + my $starttime = [gettimeofday]; + Debug("Moving file $file to $NewPath"); + my $size = -s $file; + if ( ! $size ) { + Info('Not moving file with 0 size'); + } + my $file_contents = File::Slurp::read_file($file); + if ( ! $file_contents ) { + die 'Loaded empty file, but it had a size. Giving up'; + } + + my $filename = $event_path.'/'.File::Basename::basename($file); + if ( ! $bucket->add_key($filename, $file_contents) ) { + die "Unable to add key for $filename"; + } + my $duration = tv_interval($starttime); + Debug('PUT to S3 ' . Number::Bytes::Human::format_bytes($size) . " in $duration seconds = " . Number::Bytes::Human::format_bytes($duration?$size/$duration:$size) . '/sec'); + } # end foreach file. + + $moved = 1; + }; + Error($@) if $@; + } else { + Error("Unable to parse S3 Url into it's component parts."); } - - my $event_path = 'events/'.$self->RelativePath(); - Debug("Making directory $event_path/"); - if ( ! $bucket->add_key( $event_path.'/','' ) ) { - die "Unable to add key for $event_path/"; - } - - my @files = glob("$OldPath/*"); - Debug("Files to move @files"); - for my $file (@files) { - next if $file =~ /^\./; - ( $file ) = ( $file =~ /^(.*)$/ ); # De-taint - my $starttime = [gettimeofday]; - Debug("Moving file $file to $NewPath"); - my $size = -s $file; - if ( ! $size ) { - Info('Not moving file with 0 size'); - } - my $file_contents = File::Slurp::read_file($file); - if ( ! $file_contents ) { - die 'Loaded empty file, but it had a size. Giving up'; - } - - my $filename = $event_path.'/'.File::Basename::basename($file); - if ( ! $bucket->add_key($filename, $file_contents) ) { - die "Unable to add key for $filename"; - } - my $duration = tv_interval($starttime); - Debug('PUT to S3 ' . Number::Bytes::Human::format_bytes($size) . " in $duration seconds = " . Number::Bytes::Human::format_bytes($duration?$size/$duration:$size) . '/sec'); - } # end foreach file. - - $moved = 1; - }; - Error($@) if $@; - die $@ if $@; + #die $@ if $@; + } # end if Url } # end if s3 my $error = ''; From 3a142df14f6fca1adb4ab16e59f12981965d0c5a Mon Sep 17 00:00:00 2001 From: Isaac Connor Date: Wed, 7 Aug 2019 15:51:01 -0400 Subject: [PATCH 397/922] Only send zmdc.pl commands for filters to running servers --- web/includes/Filter.php | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/web/includes/Filter.php b/web/includes/Filter.php index ae41be4f4..fbe877d7e 100644 --- a/web/includes/Filter.php +++ b/web/includes/Filter.php @@ -114,7 +114,7 @@ class Filter extends ZM_Object { } public function control($command, $server_id=null) { - $Servers = $server_id ? Server::find(array('Id'=>$server_id)) : Server::find(); + $Servers = $server_id ? Server::find(array('Id'=>$server_id)) : Server::find(array('Status'=>'Running')); if ( !count($Servers) and !$server_id ) { # This will be the non-multi-server case $Servers = array(new Server()); From c5d2aab80aa63bfb8d3ea7fe67f54a694fa43f59 Mon Sep 17 00:00:00 2001 From: Tsaukpaetra Date: Thu, 8 Aug 2019 05:47:23 -0700 Subject: [PATCH 398/922] Update faq.rst (#2680) Add new entry for timezone-related issue --- docs/faq.rst | 19 +++++++++++++++++++ 1 file changed, 19 insertions(+) diff --git a/docs/faq.rst b/docs/faq.rst index a703fd065..5b8c97f5c 100644 --- a/docs/faq.rst +++ b/docs/faq.rst @@ -646,6 +646,23 @@ Why am I getting broken images when trying to view events? Zoneminder and the Apache web server need to have the right permissions. Check this forum topic and similar ones: http://www.zoneminder.com/forums/viewtopic.php?p=48754#48754 + +I can review events for the current day, but ones from yesterday and beyond error out +^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^ + +If you've checked that the `www-data` user has permissions to the storage folders, perhaps your php.ini's timezone setting is incorrect. They _must_ match for certain playback functions. + +If you're using Linux, this can be found using the following command: :: + + timedatectl | grep "Time zone" + +If using FreeBSD, you can use this one-liner: :: + + cd /usr/share/zoneinfo/ && find * -type f -exec cmp -s {} /etc/localtime \; -print; + +Once you know what timezone your system is set to, open `/etc/php.ini` and adjust ``date.timezone`` to the appropriate value. the PHP daemon may need to be restarted for changes to take effect. + + Why is the image from my color camera appearing in black and white? ^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^ If you recently upgraded to zoneminder 1.26, there is a per camera option that defaults to black and white and can be mis-set if your upgrade didn't happen right. See this thread: http://www.zoneminder.com/forums/viewtopic.php?f=30&t=21344 @@ -728,6 +745,8 @@ What causes "Invalid JPEG file structure: two SOI markers" from zmc (1.24.x) Some settings that used to be global only are now per camera. On the Monitor Source tab, if you are using Remote Protocol "HTTP" and Remote Method "Simple", try changing Remote Method to "Regexp". + + Miscellaneous ------------------- I see ZoneMinder is licensed under the GPL. What does that allow or restrict me in doing with ZoneMinder? From 5b0509e000464200636d4c16922b894061d1eff8 Mon Sep 17 00:00:00 2001 From: Isaac Connor Date: Thu, 8 Aug 2019 09:26:00 -0400 Subject: [PATCH 399/922] When invalid operator terms, use print_r on the term instead of just the operator --- web/includes/functions.php | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/web/includes/functions.php b/web/includes/functions.php index 9e0655933..7dd4bbc0c 100644 --- a/web/includes/functions.php +++ b/web/includes/functions.php @@ -1341,7 +1341,7 @@ function parseFilter(&$filter, $saveToSession=false, $querySep='&') { $filter['sql'] .= " IS NOT $value"; break; default: - ZM\Warning("Invalid operator in filter: " . $term['op'] ); + ZM\Warning('Invalid operator in filter: ' . print_r($term['op'], true)); } // end switch op $filter['query'] .= $querySep.urlencode("filter[Query][terms][$i][op]").'='.urlencode($term['op']); From 189252867931251ae457e4aa312fccc6e58ceb5b Mon Sep 17 00:00:00 2001 From: Isaac Connor Date: Thu, 8 Aug 2019 09:26:15 -0400 Subject: [PATCH 400/922] quotes --- web/includes/actions/filter.php | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/web/includes/actions/filter.php b/web/includes/actions/filter.php index 8548f21d1..2e1f282c7 100644 --- a/web/includes/actions/filter.php +++ b/web/includes/actions/filter.php @@ -42,7 +42,7 @@ if ( isset($_REQUEST['object']) and ( $_REQUEST['object'] == 'filter' ) ) { $filter->delete(); } else { - ZM\Error("No filter id passed when deleting"); + ZM\Error('No filter id passed when deleting'); } } else if ( ( $action == 'Save' ) or ( $action == 'SaveAs' ) or ( $action == 'execute' ) ) { From bb6d2631c93035086792e82d233eb99525e900e7 Mon Sep 17 00:00:00 2001 From: Isaac Connor Date: Thu, 8 Aug 2019 09:26:40 -0400 Subject: [PATCH 401/922] Fix hwaccel compile on pi --- src/zm_ffmpeg_camera.cpp | 13 +++++++++++++ 1 file changed, 13 insertions(+) diff --git a/src/zm_ffmpeg_camera.cpp b/src/zm_ffmpeg_camera.cpp index 8c61dfcff..0acdb6c1c 100644 --- a/src/zm_ffmpeg_camera.cpp +++ b/src/zm_ffmpeg_camera.cpp @@ -44,6 +44,7 @@ extern "C" { #if HAVE_LIBAVUTIL_HWCONTEXT_H +#if LIBAVCODEC_VERSION_CHECK(57, 89, 0, 89, 0) static enum AVPixelFormat hw_pix_fmt; static enum AVPixelFormat get_hw_format( AVCodecContext *ctx, @@ -94,6 +95,7 @@ static enum AVPixelFormat find_fmt_by_hw_type(const enum AVHWDeviceType type) { } #endif #endif +#endif FfmpegCamera::FfmpegCamera( int p_id, @@ -155,8 +157,10 @@ FfmpegCamera::FfmpegCamera( #if HAVE_LIBAVUTIL_HWCONTEXT_H hwFrame = NULL; hw_device_ctx = NULL; +#if LIBAVCODEC_VERSION_CHECK(57, 89, 0, 89, 0) hw_pix_fmt = AV_PIX_FMT_NONE; #endif +#endif #if HAVE_LIBSWSCALE mConvertContext = NULL; @@ -437,6 +441,8 @@ int FfmpegCamera::OpenFfmpeg() { if ( hwaccel_name != "" ) { #if HAVE_LIBAVUTIL_HWCONTEXT_H + // 3.2 doesn't seem to have all the bits in place, so let's require 3.3 and up +#if LIBAVCODEC_VERSION_CHECK(57, 89, 0, 89, 0) // Print out available types enum AVHWDeviceType type = AV_HWDEVICE_TYPE_NONE; while ( (type = av_hwdevice_iterate_types(type)) != AV_HWDEVICE_TYPE_NONE ) @@ -497,6 +503,9 @@ int FfmpegCamera::OpenFfmpeg() { } else { Debug(1, "Failed to setup hwaccel."); } +#else + Debug(1, "AVCodec not new enough for hwaccel"); +#endif #else Warning("HWAccel support not compiled in."); #endif @@ -946,6 +955,7 @@ int FfmpegCamera::CaptureAndRecord( if ( error_count > 0 ) error_count--; zm_dump_video_frame(mRawFrame); #if HAVE_LIBAVUTIL_HWCONTEXT_H +#if LIBAVCODEC_VERSION_CHECK(57, 89, 0, 89, 0) if ( (hw_pix_fmt != AV_PIX_FMT_NONE) && @@ -964,10 +974,13 @@ int FfmpegCamera::CaptureAndRecord( hwFrame->pts = mRawFrame->pts; input_frame = hwFrame; } else { +#endif #endif input_frame = mRawFrame; #if HAVE_LIBAVUTIL_HWCONTEXT_H +#if LIBAVCODEC_VERSION_CHECK(57, 89, 0, 89, 0) } +#endif #endif Debug(4, "Got frame %d", frameCount); From df285006d20a7c172679db956a6170b2a550acf9 Mon Sep 17 00:00:00 2001 From: Isaac Connor Date: Thu, 8 Aug 2019 13:34:10 -0400 Subject: [PATCH 402/922] change sortHeader to include eid if it is in the request --- web/includes/functions.php | 9 ++++++++- 1 file changed, 8 insertions(+), 1 deletion(-) diff --git a/web/includes/functions.php b/web/includes/functions.php index 9e0655933..f5d7d443a 100644 --- a/web/includes/functions.php +++ b/web/includes/functions.php @@ -1472,7 +1472,14 @@ function getPagination( $pages, $page, $maxShortcuts, $query, $querySep='&' function sortHeader( $field, $querySep='&' ) { global $view; - return '?view='.$view.$querySep.'page=1'.$_REQUEST['filter']['query'].$querySep.'sort_field='.$field.$querySep.'sort_asc='.($_REQUEST['sort_field'] == $field?!$_REQUEST['sort_asc']:0).$querySep.'limit='.validInt($_REQUEST['limit']); + return implode($querySep, array( + '?view='.$view, + 'page=1'.$_REQUEST['filter']['query'], + 'sort_field='.$field, + 'sort_asc='.($_REQUEST['sort_field'] == $field ? !$_REQUEST['sort_asc'] : 0), + 'limit='.validInt($_REQUEST['limit']), + ($_REQUEST['eid'] ? 'eid='.$_REQUEST['eid'] : '' ), + )); } function sortTag( $field ) { From 45b970fb0938aa8ebbefeb41a70cdde4b4bcba09 Mon Sep 17 00:00:00 2001 From: Isaac Connor Date: Thu, 8 Aug 2019 13:34:28 -0400 Subject: [PATCH 403/922] fix spacing --- web/skins/classic/views/frames.php | 6 ++---- 1 file changed, 2 insertions(+), 4 deletions(-) diff --git a/web/skins/classic/views/frames.php b/web/skins/classic/views/frames.php index 80d99fe3c..aec2f658b 100644 --- a/web/skins/classic/views/frames.php +++ b/web/skins/classic/views/frames.php @@ -39,7 +39,7 @@ if ( empty($_REQUEST['sort_field']) ) if ( !isset($_REQUEST['sort_asc']) ) $_REQUEST['sort_asc'] = true; -if( ! isset($_REQUEST['filter'])){ +if ( ! isset($_REQUEST['filter'])){ // generate a dummy filter from the eid for pagination $_REQUEST['filter'] = array('Query' => array( 'terms' => array( ) ) ); $_REQUEST['filter'] = addFilterTerm( @@ -53,7 +53,6 @@ parseSort(); parseFilter($_REQUEST['filter']); $filterQuery = $_REQUEST['filter']['query']; - if ( $_REQUEST['filter']['sql'] ) { $countSql .= $_REQUEST['filter']['sql']; $frameSql .= $_REQUEST['filter']['sql']; @@ -61,7 +60,6 @@ if ( $_REQUEST['filter']['sql'] ) { $frameSql .= " ORDER BY $sortColumn $sortOrder,Id $sortOrder"; - if ( isset( $_REQUEST['scale'] ) ) { $scale = validNum($_REQUEST['scale']); } else if ( isset( $_COOKIE['zmWatchScale'.$Monitor->Id()] ) ) { @@ -75,7 +73,7 @@ if ( isset( $_REQUEST['scale'] ) ) { $page = isset($_REQUEST['page']) ? validInt($_REQUEST['page']) : 1; $limit = isset($_REQUEST['limit']) ? validInt($_REQUEST['limit']) : 0; -$nFrames = dbFetchOne($countSql, 'FrameCount' ); +$nFrames = dbFetchOne($countSql, 'FrameCount'); if ( !empty($limit) && ($nFrames > $limit) ) { $nFrames = $limit; From 5f77634acaa98d77e04049ad0fda7a60397350ed Mon Sep 17 00:00:00 2001 From: Isaac Connor Date: Thu, 8 Aug 2019 13:51:56 -0400 Subject: [PATCH 404/922] Update Group object to use shared code in Object.php. Should fix #2659 --- web/includes/Group.php | 139 +++-------------------------------------- 1 file changed, 8 insertions(+), 131 deletions(-) diff --git a/web/includes/Group.php b/web/includes/Group.php index 018eca501..c188b553f 100644 --- a/web/includes/Group.php +++ b/web/includes/Group.php @@ -1,127 +1,21 @@ null, 'Name' => '', 'ParentId' => null, ); - public function __construct( $IdOrRow=NULL ) { - global $group_cache; - - $row = NULL; - if ( $IdOrRow ) { - if ( is_integer($IdOrRow) or is_numeric($IdOrRow) ) { - $row = dbFetchOne('SELECT * FROM Groups WHERE Id=?', NULL, array($IdOrRow)); - if ( ! $row ) { - Error('Unable to load Group record for Id=' . $IdOrRow); - } - } elseif ( is_array($IdOrRow) ) { - $row = $IdOrRow; - } else { - $backTrace = debug_backtrace(); - $file = $backTrace[1]['file']; - $line = $backTrace[1]['line']; - Error("Unknown argument passed to Group Constructor from $file:$line)"); - Error("Unknown argument passed to Group Constructor ($IdOrRow)"); - return; - } - } # end if isset($IdOrRow) - - if ( $row ) { - foreach ($row as $k => $v) { - $this->{$k} = $v; - } - $group_cache[$row['Id']] = $this; - } - } // end function __construct - - public function __call($fn, array $args) { - if ( count($args) ) { - $this->{$fn} = $args[0]; - } - if ( array_key_exists($fn, $this) ) { - return $this->{$fn}; - } else if ( array_key_exists( $fn, $this->defaults ) ) { - $this->{$fn} = $this->defaults{$fn}; - return $this->{$fn}; - } else { - - $backTrace = debug_backtrace(); - $file = $backTrace[1]['file']; - $line = $backTrace[1]['line']; - Warning( "Unknown function call Group->$fn from $file:$line" ); - } + public static function find( $parameters = array(), $options = array() ) { + return ZM_Object::_find(get_class(), $parameters, $options); } - public static function find( $parameters = null, $options = null ) { - $sql = 'SELECT * FROM Groups '; - $values = array(); - - if ( $parameters ) { - $fields = array(); - $sql .= 'WHERE '; - foreach ( $parameters as $field => $value ) { - if ( $value == null ) { - $fields[] = $field.' IS NULL'; - } else if ( is_array( $value ) ) { - $func = function(){return '?';}; - $fields[] = $field.' IN ('.implode(',', array_map($func, $value)). ')'; - $values += $value; - } else { - $fields[] = $field.'=?'; - $values[] = $value; - } - } - $sql .= implode(' AND ', $fields); - } # end if parameters - if ( $options ) { - if ( isset($options['order']) ) { - $sql .= ' ORDER BY ' . $options['order']; - } - if ( isset($options['limit']) ) { - if ( is_integer($options['limit']) or ctype_digit($options['limit']) ) { - $sql .= ' LIMIT ' . $options['limit']; - } else { - $backTrace = debug_backtrace(); - $file = $backTrace[1]['file']; - $line = $backTrace[1]['line']; - Error("Invalid value for limit(".$options['limit'].") passed to Group::find from $file:$line"); - return array(); - } - } - } # end if options - - $results = dbFetchAll($sql, NULL, $values); - if ( $results ) { - return array_map( function($row){ return new Group($row); }, $results ); - } - return array(); - } # end find() - - public static function find_one($parameters = null, $options = null) { - global $group_cache; - if ( - ( count($parameters) == 1 ) and - isset($parameters['Id']) and - isset($group_cache[$parameters['Id']]) ) { - return $group_cache[$parameters['Id']]; - } - $results = Group::find($parameters, $options); - if ( count($results) > 1 ) { - Error("Group::find_one Returned more than 1"); - return $results[0]; - } else if ( count($results) ) { - return $results[0]; - } else { - return null; - } - } # end function find_one + public static function find_one( $parameters = array(), $options = array() ) { + return ZM_Object::_find_one(get_class(), $parameters, $options); + } public function delete() { if ( array_key_exists('Id', $this) ) { @@ -137,23 +31,6 @@ class Group { } } # end function delete() - public function set( $data ) { - foreach ($data as $k => $v) { - if ( is_array($v) ) { - $this->{$k} = $v; - } else if ( is_string($v) ) { - $this->{$k} = trim( $v ); - } else if ( is_integer($v) ) { - $this->{$k} = $v; - } else if ( is_bool($v) ) { - $this->{$k} = $v; - } else { - Error("Unknown type $k => $v of var " . gettype($v)); - $this->{$k} = $v; - } - } - } # end function set - public function depth( $new = null ) { if ( isset($new) ) { $this->{'depth'} = $new; From 2e9d72ed63c813aab8fff6cdb6b456891e3f531c Mon Sep 17 00:00:00 2001 From: Isaac Connor Date: Thu, 8 Aug 2019 14:11:24 -0400 Subject: [PATCH 405/922] spacing and extra () --- scripts/zmtrigger.pl.in | 120 +++++++++++++++++++++------------------- 1 file changed, 62 insertions(+), 58 deletions(-) diff --git a/scripts/zmtrigger.pl.in b/scripts/zmtrigger.pl.in index 8e1257db9..28ea6cde5 100644 --- a/scripts/zmtrigger.pl.in +++ b/scripts/zmtrigger.pl.in @@ -88,13 +88,13 @@ delete @ENV{qw(IFS CDPATH ENV BASH_ENV)}; logInit(); logSetSignal(); -Info( "Trigger daemon starting" ); +Info('Trigger daemon starting'); my $dbh = zmDbConnect(); my $base_rin = ''; foreach my $connection ( @connections ) { - Info( "Opening connection '$connection->{name}'" ); + Info("Opening connection '$connection->{name}'"); $connection->open(); } @@ -118,32 +118,32 @@ my $win = $rin; my $ein = $win; my $timeout = SELECT_TIMEOUT; my %actions; -while( 1 ) { +while (1) { $rin = $base_rin; # Add the file descriptors of any spawned connections - foreach my $fileno ( keys(%spawned_connections) ) { - vec( $rin, $fileno, 1 ) = 1; + foreach my $fileno ( keys %spawned_connections ) { + vec($rin, $fileno, 1) = 1; } - my $nfound = select( my $rout = $rin, undef, my $eout = $ein, $timeout ); + my $nfound = select(my $rout = $rin, undef, my $eout = $ein, $timeout); if ( $nfound > 0 ) { - Debug( "Got input from $nfound connections" ); + Debug("Got input from $nfound connections"); foreach my $connection ( @in_select_connections ) { - if ( vec( $rout, $connection->fileno(), 1 ) ) { - Debug( 'Got input from connection ' + if ( vec($rout, $connection->fileno(), 1) ) { + Debug('Got input from connection ' .$connection->name() .' (' .$connection->fileno() - .")" + .')' ); if ( $connection->spawns() ) { my $new_connection = $connection->accept(); $spawned_connections{$new_connection->fileno()} = $new_connection; - Debug( 'Added new spawned connection (' + Debug('Added new spawned connection (' .$new_connection->fileno() .'), ' .int(keys(%spawned_connections)) - ." spawned connections" + .' spawned connections' ); } else { my $messages = $connection->getMessages(); @@ -152,30 +152,30 @@ while( 1 ) { handleMessage( $connection, $message ); } } - } - } + } # end if connection->spawns + } # end if vec } # end foreach connection foreach my $connection ( values(%spawned_connections) ) { - if ( vec( $rout, $connection->fileno(), 1 ) ) { - Debug( 'Got input from spawned connection ' + if ( vec($rout, $connection->fileno(), 1) ) { + Debug('Got input from spawned connection ' .$connection->name() .' (' .$connection->fileno() - .")" + .')' ); my $messages = $connection->getMessages(); if ( defined($messages) ) { foreach my $message ( @$messages ) { - handleMessage( $connection, $message ); + handleMessage($connection, $message); } } else { - delete( $spawned_connections{$connection->fileno()} ); - Debug( 'Removed spawned connection (' + delete $spawned_connections{$connection->fileno()}; + Debug('Removed spawned connection (' .$connection->fileno() .'), ' .int(keys(%spawned_connections)) - ." spawned connections" + .' spawned connections' ); $connection->close(); } @@ -185,7 +185,7 @@ while( 1 ) { if ( $! == EINTR ) { # Do nothing } else { - Fatal( "Can't select: $!" ); + Fatal("Can't select: $!"); } } # end if select returned activitiy @@ -194,14 +194,14 @@ while( 1 ) { my $messages = $connection->getMessages(); if ( defined($messages) ) { foreach my $message ( @$messages ) { - handleMessage( $connection, $message ); + handleMessage($connection, $message); } } } # Check for alarms that might have happened my @out_messages; - foreach my $monitor ( values(%monitors) ) { + foreach my $monitor ( values %monitors ) { if ( ! zmMemVerify($monitor) ) { # Our attempt to verify the memory handle failed. We should reload the monitors. @@ -225,7 +225,7 @@ while( 1 ) { || ($last_event != $monitor->{LastEvent}) ) { # A new event - push( @out_messages, $monitor->{Id}."|on|".time()."|".$last_event ); + push @out_messages, $monitor->{Id}.'|on|'.time().'|'.$last_event; } else { # The same one as last time, so ignore it # Do nothing @@ -236,42 +236,44 @@ while( 1 ) { ($state == STATE_TAPE && $monitor->{LastState} != STATE_TAPE) ) { # Out of alarm state - push( @out_messages, $monitor->{Id}.'|off|'.time().'|'.$last_event ); + push @out_messages, $monitor->{Id}.'|off|'.time().'|'.$last_event; } elsif ( defined($monitor->{LastEvent}) && ($last_event != $monitor->{LastEvent}) ) { # We've missed a whole event - push( @out_messages, $monitor->{Id}.'|on|'.time().'|'.$last_event ); - push( @out_messages, $monitor->{Id}.'|off|'.time().'|'.$last_event ); + push @out_messages, $monitor->{Id}.'|on|'.time().'|'.$last_event; + push @out_messages, $monitor->{Id}.'|off|'.time().'|'.$last_event; } $monitor->{LastState} = $state; $monitor->{LastEvent} = $last_event; } # end foreach monitor + foreach my $connection ( @out_connections ) { if ( $connection->canWrite() ) { - $connection->putMessages( \@out_messages ); + $connection->putMessages(\@out_messages); } } - foreach my $connection ( values(%spawned_connections) ) { + + foreach my $connection ( values %spawned_connections ) { if ( $connection->canWrite() ) { - $connection->putMessages( \@out_messages ); + $connection->putMessages(\@out_messages); } } if ( my @action_times = keys(%actions) ) { - Debug( "Checking for timed actions" ); + Debug('Checking for timed actions'); my $now = time(); foreach my $action_time ( sort( grep { $_ < $now } @action_times ) ) { - Info( "Found actions expiring at $action_time" ); + Info("Found actions expiring at $action_time"); foreach my $action ( @{$actions{$action_time}} ) { my $connection = $action->{connection}; my $message = $action->{message}; - Info( "Found action '$message'" ); - handleMessage( $connection, $message ); + Info("Found action '$message'"); + handleMessage($connection, $message); } - delete( $actions{$action_time} ); + delete $actions{$action_time}; } } # end if have timed actions @@ -280,15 +282,16 @@ while( 1 ) { my $messages = $connection->timedActions(); if ( defined($messages) ) { foreach my $message ( @$messages ) { - handleMessage( $connection, $message ); + handleMessage($connection, $message); } } } - foreach my $connection ( values(%spawned_connections) ) { + + foreach my $connection ( values %spawned_connections ) { my $messages = $connection->timedActions(); if ( defined($messages) ) { foreach my $message ( @$messages ) { - handleMessage( $connection, $message ); + handleMessage($connection, $message); } } } @@ -317,14 +320,14 @@ exit; sub loadMonitor { my $monitor = shift; - Debug( "Loading monitor $monitor" ); - zmMemInvalidate( $monitor ); + Debug("Loading monitor $monitor"); + zmMemInvalidate($monitor); - if ( zmMemVerify( $monitor ) ) { # This will re-init shared memory - $monitor->{LastState} = zmGetMonitorState( $monitor ); - $monitor->{LastEvent} = zmGetLastEvent( $monitor ); + if ( zmMemVerify($monitor) ) { # This will re-init shared memory + $monitor->{LastState} = zmGetMonitorState($monitor); + $monitor->{LastEvent} = zmGetLastEvent($monitor); } -} +} # end sub loadMonitor sub loadMonitors { Debug('Loading monitors'); @@ -332,18 +335,19 @@ sub loadMonitors { my %new_monitors = (); - my $sql = "SELECT * FROM Monitors - WHERE find_in_set( Function, 'Modect,Mocord,Nodect' )". - ( $Config{ZM_SERVER_ID} ? 'AND ServerId=?' : '' ) + my $sql = q`SELECT * FROM Monitors + WHERE find_in_set( Function, 'Modect,Mocord,Nodect' )`. + ( $Config{ZM_SERVER_ID} ? ' AND ServerId=?' : '' ) ; my $sth = $dbh->prepare_cached( $sql ) or Fatal( "Can't prepare '$sql': ".$dbh->errstr() ); my $res = $sth->execute( $Config{ZM_SERVER_ID} ? $Config{ZM_SERVER_ID} : () ) or Fatal( "Can't execute: ".$sth->errstr() ); - while( my $monitor = $sth->fetchrow_hashref() ) { - if ( zmMemVerify( $monitor ) ) { # This will re-init shared memory - $monitor->{LastState} = zmGetMonitorState( $monitor ); - $monitor->{LastEvent} = zmGetLastEvent( $monitor ); + + while ( my $monitor = $sth->fetchrow_hashref() ) { + if ( zmMemVerify($monitor) ) { # This will re-init shared memory + $monitor->{LastState} = zmGetMonitorState($monitor); + $monitor->{LastEvent} = zmGetLastEvent($monitor); } $new_monitors{$monitor->{Id}} = $monitor; } # end while fetchrow @@ -367,7 +371,7 @@ sub handleMessage { } Debug("Found monitor for id '$id'"); - next if ( !zmMemVerify($monitor) ); + next if !zmMemVerify($monitor); Debug("Handling action '$action'"); if ( $action =~ /^(enable|disable)(?:\+(\d+))?$/ ) { @@ -412,20 +416,20 @@ sub handleMessage { zmTriggerShowtext($monitor, $showtext) if defined($showtext); Info("Trigger '$trigger'"); # Wait til it's finished - while( zmInAlarm($monitor) + while ( zmInAlarm($monitor) && ($last_event == zmGetLastEvent($monitor)) ) { # Tenth of a second usleep(100000); } zmTriggerEventCancel($monitor); - } + } # end if delay or not } # end if trigger is on or off - } elsif( $action eq 'cancel' ) { + } elsif ( $action eq 'cancel' ) { zmTriggerEventCancel($monitor); zmTriggerShowtext($monitor, $showtext) if defined($showtext); Info('Cancelled event'); - } elsif( $action eq 'show' ) { + } elsif ( $action eq 'show' ) { zmTriggerShowtext( $monitor, $showtext ); Info("Updated show text to '$showtext'"); } else { @@ -443,7 +447,7 @@ sub handleDelay { if ( !$action_array ) { $action_array = $actions{$action_time} = []; } - push( @$action_array, { connection=>$connection, message=>$action_text } ); + push @$action_array, { connection=>$connection, message=>$action_text }; Debug("Added timed event '$action_text', expires at $action_time (+$delay secs)"); } From 3368f94c1a96b871e060c45c9656a2ec841a2d76 Mon Sep 17 00:00:00 2001 From: Isaac Connor Date: Thu, 8 Aug 2019 14:38:27 -0400 Subject: [PATCH 406/922] Add code to handleDelay to cancel identical delayed actions. Fixes #2619 (#2681) --- scripts/zmtrigger.pl.in | 22 ++++++++++++++++++---- 1 file changed, 18 insertions(+), 4 deletions(-) diff --git a/scripts/zmtrigger.pl.in b/scripts/zmtrigger.pl.in index 28ea6cde5..eda7b2e36 100644 --- a/scripts/zmtrigger.pl.in +++ b/scripts/zmtrigger.pl.in @@ -266,12 +266,11 @@ while (1) { Debug('Checking for timed actions'); my $now = time(); foreach my $action_time ( sort( grep { $_ < $now } @action_times ) ) { - Info("Found actions expiring at $action_time"); + Info("Found " . scalar @{$actions{$action_time}} . "actions expiring at $action_time"); foreach my $action ( @{$actions{$action_time}} ) { my $connection = $action->{connection}; - my $message = $action->{message}; - Info("Found action '$message'"); - handleMessage($connection, $message); + Info("Found action '$$action{message}'"); + handleMessage($connection, $$action{message}); } delete $actions{$action_time}; } @@ -443,6 +442,21 @@ sub handleDelay { my $action_text = shift; my $action_time = time()+$delay; + + # Need to check and cancel previous actions. See issue #2619 + foreach my $a_time ( keys %actions ) { + if ( $a_time <= $action_time ) { + for ( my $i = 0; $i < @{$actions{$a_time}}; $i ++ ) { + my $action = $actions{$a_time}[$i]; + if ( $$action{message} eq $action_text ) { + Info("Found duplicate action '$$action{message}' at $a_time, cancelling it"); + splice @{$actions{$a_time}}, $i, 1; + } + } # end foreach action + delete $actions{$a_time} if !@{$actions{$a_time}}; + } # end if + } # end foreach action_time + my $action_array = $actions{$action_time}; if ( !$action_array ) { $action_array = $actions{$action_time} = []; From 38a09bbd187791fb587da95b5f097efae78c4811 Mon Sep 17 00:00:00 2001 From: Isaac Connor Date: Thu, 8 Aug 2019 15:34:07 -0400 Subject: [PATCH 407/922] Don't auto-add default storage area to header. If someone wants to see it's space in the header they can add it to storage areas --- web/skins/classic/includes/functions.php | 5 +---- 1 file changed, 1 insertion(+), 4 deletions(-) diff --git a/web/skins/classic/includes/functions.php b/web/skins/classic/includes/functions.php index 48632d59f..67866e247 100644 --- a/web/skins/classic/includes/functions.php +++ b/web/skins/classic/includes/functions.php @@ -286,7 +286,7 @@ function getNavBarHTML($reload = null) { ZM\Error('Potentially invalid value for ZM_LOG_DATABASE_LIMIT: ' . ZM_LOG_DATABASE_LIMIT); } } - echo makePopupLink( '?view=log', 'zmLog', 'log', ''.translate('Log').'' ); + echo makePopupLink('?view=log', 'zmLog', 'log', ''.translate('Log').''); } ?> Path()] = $area; } - if ( ! isset($storage_paths[ZM_DIR_EVENTS]) ) { - array_push( $storage_areas, new ZM\Storage() ); - } $func = function($S){ $class = ''; if ( $S->disk_usage_percent() > 98 ) { From 0cdb43e16511dbba0c948250d18123c9162dbb78 Mon Sep 17 00:00:00 2001 From: Isaac Connor Date: Sat, 10 Aug 2019 14:45:45 -0400 Subject: [PATCH 408/922] make dump_video_frame a define instead of a function, fix linesize --- src/zm_ffmpeg.cpp | 12 ------------ src/zm_ffmpeg.h | 10 +++++++++- 2 files changed, 9 insertions(+), 13 deletions(-) diff --git a/src/zm_ffmpeg.cpp b/src/zm_ffmpeg.cpp index 1df9b7718..58d4db980 100644 --- a/src/zm_ffmpeg.cpp +++ b/src/zm_ffmpeg.cpp @@ -287,18 +287,6 @@ static void zm_log_fps(double d, const char *postfix) { } } -void zm_dump_video_frame(const AVFrame *frame, const char *text) { - Debug(1, "%s: format %d %s %dx%d linesize:%d pts: %" PRId64, - text, - frame->format, - av_get_pix_fmt_name((AVPixelFormat)frame->format), - frame->width, - frame->height, - frame->linesize, - frame->pts - ); -} - #if LIBAVCODEC_VERSION_CHECK(57, 64, 0, 64, 0) void zm_dump_codecpar ( const AVCodecParameters *par ) { Debug(1, "Dumping codecpar codec_type(%d) codec_id(%d) codec_tag(%d) width(%d) height(%d) bit_rate(%d) format(%d = %s)", diff --git a/src/zm_ffmpeg.h b/src/zm_ffmpeg.h index 7618a461b..745754043 100644 --- a/src/zm_ffmpeg.h +++ b/src/zm_ffmpeg.h @@ -329,7 +329,15 @@ void zm_dump_codecpar(const AVCodecParameters *par); #endif -void zm_dump_video_frame(const AVFrame *frame, const char *text="Frame"); +#define zm_dump_video_frame(frame,text) Debug(1, "%s: format %d %s %dx%d linesize:%dx%d pts: %" PRId64, \ + text, \ + frame->format, \ + av_get_pix_fmt_name((AVPixelFormat)frame->format), \ + frame->width, \ + frame->height, \ + frame->linesize[0], frame->linesize[1], \ + frame->pts \ + ); #if LIBAVCODEC_VERSION_CHECK(56, 8, 0, 60, 100) #define zm_av_packet_unref( packet ) av_packet_unref( packet ) From 5b62c91cc25490d9aa992f86be3b4408b104b19d Mon Sep 17 00:00:00 2001 From: Isaac Connor Date: Sat, 10 Aug 2019 14:46:05 -0400 Subject: [PATCH 409/922] Improve some debugging to try to diagnose recent segfault report --- src/zm_ffmpeg_camera.cpp | 3 ++- src/zm_image.cpp | 9 ++++----- src/zm_image.h | 6 +++--- 3 files changed, 9 insertions(+), 9 deletions(-) diff --git a/src/zm_ffmpeg_camera.cpp b/src/zm_ffmpeg_camera.cpp index 0acdb6c1c..bfda21dad 100644 --- a/src/zm_ffmpeg_camera.cpp +++ b/src/zm_ffmpeg_camera.cpp @@ -953,7 +953,8 @@ int FfmpegCamera::CaptureAndRecord( continue; } if ( error_count > 0 ) error_count--; - zm_dump_video_frame(mRawFrame); + Debug(3, "Decoded video packet at frame %d", frameCount); + zm_dump_video_frame(mRawFrame, "raw frame from decoder"); #if HAVE_LIBAVUTIL_HWCONTEXT_H #if LIBAVCODEC_VERSION_CHECK(57, 89, 0, 89, 0) if ( diff --git a/src/zm_image.cpp b/src/zm_image.cpp index 12c3da86e..5640af46b 100644 --- a/src/zm_image.cpp +++ b/src/zm_image.cpp @@ -497,8 +497,8 @@ uint8_t* Image::WriteBuffer(const unsigned int p_width, const unsigned int p_hei return NULL; } - if ( !p_height || !p_width ) { - Error("WriteBuffer called with invalid width or height: %d %d",p_width,p_height); + if ( ! ( p_height > 0 && p_width > 0 ) ) { + Error("WriteBuffer called with invalid width or height: %d %d", p_width, p_height); return NULL; } @@ -525,11 +525,10 @@ uint8_t* Image::WriteBuffer(const unsigned int p_width, const unsigned int p_hei colours = p_colours; subpixelorder = p_subpixelorder; pixels = height*width; - size = newsize; - } + size = newsize; + } // end if need to re-alloc buffer return buffer; - } /* Assign an existing buffer to the image instead of copying from a source buffer. The goal is to reduce the amount of memory copying and increase efficiency and buffer reusing. */ diff --git a/src/zm_image.h b/src/zm_image.h index d90d7c358..6b2448c67 100644 --- a/src/zm_image.h +++ b/src/zm_image.h @@ -56,9 +56,9 @@ extern imgbufcpy_fptr_t fptr_imgbufcpy; /* Should be called from Image class functions */ inline static uint8_t* AllocBuffer(size_t p_bufsize) { - uint8_t* buffer = (uint8_t*)zm_mallocaligned(64,p_bufsize); + uint8_t* buffer = (uint8_t*)zm_mallocaligned(64, p_bufsize); if ( buffer == NULL ) - Fatal("Memory allocation failed: %s",strerror(errno)); + Fatal("Memory allocation failed: %s", strerror(errno)); return buffer; } @@ -75,7 +75,7 @@ inline static void DumpBuffer(uint8_t* buffer, int buffertype) { av_free(buffer); */ } else { - Error( "Unknown buffer type in DumpBuffer(%d)", buffertype ); + Error("Unknown buffer type in DumpBuffer(%d)", buffertype); } } } From d75d64280dc130ea6a5bd9c5877f28420531bddd Mon Sep 17 00:00:00 2001 From: Andrew Bauer Date: Sun, 11 Aug 2019 15:03:15 -0500 Subject: [PATCH 410/922] Update zoneminder.spec --- distros/redhat/zoneminder.spec | 5 ++++- 1 file changed, 4 insertions(+), 1 deletion(-) diff --git a/distros/redhat/zoneminder.spec b/distros/redhat/zoneminder.spec index d064c3b94..e319f4c8f 100644 --- a/distros/redhat/zoneminder.spec +++ b/distros/redhat/zoneminder.spec @@ -23,7 +23,7 @@ %global _hardened_build 1 Name: zoneminder -Version: 1.33.12 +Version: 1.33.14 Release: 1%{?dist} Summary: A camera monitoring and analysis tool Group: System Environment/Daemons @@ -411,6 +411,9 @@ EOF %dir %attr(755,nginx,nginx) %{_localstatedir}/spool/zoneminder-upload %changelog +* Sun Aug 11 2019 Andrew Bauer - 1.33.14-1 +- Bump to 1.33.13 Development + * Sun Jul 07 2019 Andrew Bauer - 1.33.12-1 - Bump to 1.33.12 Development From c1984ad7cb630381611ffc2063eef15d95230755 Mon Sep 17 00:00:00 2001 From: Isaac Connor Date: Sun, 11 Aug 2019 20:21:37 -0400 Subject: [PATCH 411/922] Fix problem calculating mem_size using an int from ImageSize. With camera resolutions going up, width*height*colour could exceed 32bits. So use a guarnteed 53bit type, which fixes the memsize calculations. Fixes #2682 --- src/zm_camera.h | 4 ++-- src/zm_ffmpeg_camera.cpp | 16 ++++++++++++++-- src/zm_monitor.cpp | 10 +++++++--- 3 files changed, 23 insertions(+), 7 deletions(-) diff --git a/src/zm_camera.h b/src/zm_camera.h index cd7a024f4..a6f576af2 100644 --- a/src/zm_camera.h +++ b/src/zm_camera.h @@ -45,7 +45,7 @@ protected: unsigned int colours; unsigned int subpixelorder; unsigned int pixels; - unsigned int imagesize; + unsigned long long imagesize; int brightness; int hue; int colour; @@ -73,7 +73,7 @@ public: unsigned int Colours() const { return colours; } unsigned int SubpixelOrder() const { return subpixelorder; } unsigned int Pixels() const { return pixels; } - unsigned int ImageSize() const { return imagesize; } + unsigned long long ImageSize() const { return imagesize; } unsigned int Bytes() const { return bytes; }; virtual int Brightness( int/*p_brightness*/=-1 ) { return -1; } diff --git a/src/zm_ffmpeg_camera.cpp b/src/zm_ffmpeg_camera.cpp index bfda21dad..d9736d6a3 100644 --- a/src/zm_ffmpeg_camera.cpp +++ b/src/zm_ffmpeg_camera.cpp @@ -986,6 +986,7 @@ int FfmpegCamera::CaptureAndRecord( Debug(4, "Got frame %d", frameCount); if ( transfer_to_image(image, mFrame, input_frame) < 0 ) { + Error("Failed to transfer from frame to image"); zm_av_packet_unref(&packet); return -1; } @@ -1052,8 +1053,13 @@ int FfmpegCamera::transfer_to_image( return -1; } #if LIBAVUTIL_VERSION_CHECK(54, 6, 0, 6, 0) - av_image_fill_arrays(output_frame->data, output_frame->linesize, - directbuffer, imagePixFormat, width, height, 1); + int size = av_image_fill_arrays( + output_frame->data, output_frame->linesize, + directbuffer, imagePixFormat, width, height, 32); + if ( size < 0 ) { + Error("Problem setting up data pointers into image %s", + av_make_error_string(size).c_str()); + } #else avpicture_fill((AVPicture *)output_frame, directbuffer, imagePixFormat, width, height); @@ -1075,6 +1081,12 @@ int FfmpegCamera::transfer_to_image( ); return -1; } + Debug(1, "Setup conversion context for %dx%d %s to %dx%d %s", + input_frame->width, input_frame->height, + av_get_pix_fmt_name((AVPixelFormat)input_frame->format), + width, height, + av_get_pix_fmt_name(imagePixFormat) + ); } if ( sws_scale( diff --git a/src/zm_monitor.cpp b/src/zm_monitor.cpp index 787ff5e34..617426d1f 100644 --- a/src/zm_monitor.cpp +++ b/src/zm_monitor.cpp @@ -422,8 +422,12 @@ Monitor::Monitor( + (image_buffer_count*camera->ImageSize()) + 64; /* Padding used to permit aligning the images buffer to 64 byte boundary */ - Debug(1, "mem.size SharedData=%d TriggerData=%d VideoStoreData=%d total=%" PRId64, - sizeof(SharedData), sizeof(TriggerData), sizeof(VideoStoreData), mem_size); + Debug(1, "mem.size(%d) SharedData=%d TriggerData=%d VideoStoreData=%d timestamps=%d images=%dx%d = %" PRId64 " total=%" PRId64, + sizeof(mem_size), + sizeof(SharedData), sizeof(TriggerData), sizeof(VideoStoreData), + (image_buffer_count*sizeof(struct timeval)), + image_buffer_count, camera->ImageSize(), (image_buffer_count*camera->ImageSize()), + mem_size); mem_ptr = NULL; storage = new Storage(storage_id); @@ -599,7 +603,7 @@ bool Monitor::connect() { if ( shm_id < 0 ) { Fatal("Can't shmget, probably not enough shared memory space free: %s", strerror(errno)); } - mem_ptr = (unsigned char *)shmat( shm_id, 0, 0 ); + mem_ptr = (unsigned char *)shmat(shm_id, 0, 0); if ( mem_ptr < (void *)0 ) { Fatal("Can't shmat: %s", strerror(errno)); } From 2320ab4d663f5ba6c03f40c4cd8aa8a77545d949 Mon Sep 17 00:00:00 2001 From: Isaac Connor Date: Mon, 12 Aug 2019 15:01:40 -0400 Subject: [PATCH 412/922] update HostController. Use config constants, don't use sessions --- web/api/app/Controller/HostController.php | 193 ++++++++++------------ 1 file changed, 86 insertions(+), 107 deletions(-) diff --git a/web/api/app/Controller/HostController.php b/web/api/app/Controller/HostController.php index 490eee953..a55d5bf34 100644 --- a/web/api/app/Controller/HostController.php +++ b/web/api/app/Controller/HostController.php @@ -6,7 +6,7 @@ class HostController extends AppController { public $components = array('RequestHandler', 'Session'); public function daemonCheck($daemon=false, $args=false) { - $string = Configure::read('ZM_PATH_BIN').'/zmdc.pl check'; + $string = ZM_PATH_BIN.'/zmdc.pl check'; if ( $daemon ) { $string .= " $daemon"; if ( $args ) @@ -29,15 +29,14 @@ class HostController extends AppController { '_serialize' => array('load') )); } - + function login() { - + $mUser = $this->request->query('user') ? $this->request->query('user') : $this->request->data('user'); $mPassword = $this->request->query('pass') ? $this->request->query('pass') : $this->request->data('pass'); - $mToken = $this->request->query('token') ? $this->request->query('token') : $this->request->data('token'); + $token = $this->request->query('token') ? $this->request->query('token') : $this->request->data('token'); - - if ( !($mUser && $mPassword) && !$mToken ) { + if ( !($mUser && $mPassword) && !$token ) { throw new UnauthorizedException(__('No identity provided')); } @@ -45,46 +44,35 @@ class HostController extends AppController { $cred = []; $cred_depr = []; - if ($mUser && $mPassword) { - $cred = $this->_getCredentials(true); // generate refresh - } - else { - $cred = $this->_getCredentials(false, $mToken); // don't generate refresh + if ( $mUser && $mPassword ) { + $cred = $this->_getCredentials(true, '', $mUser); // generate refresh + } else { + $cred = $this->_getCredentials(false, $token); // don't generate refresh } $login_array = array ( - 'access_token'=>$cred[0], - 'access_token_expires'=>$cred[1] + 'access_token' => $cred[0], + 'access_token_expires' => $cred[1] ); - $login_serialize_list = array ( - 'access_token', - 'access_token_expires' - ); - - if ($mUser && $mPassword) { + if ( $mUser && $mPassword ) { $login_array['refresh_token'] = $cred[2]; $login_array['refresh_token_expires'] = $cred[3]; - array_push ($login_serialize_list, 'refresh_token', 'refresh_token_expires'); } - if (ZM_OPT_USE_LEGACY_API_AUTH) { + if ( ZM_OPT_USE_LEGACY_API_AUTH ) { $cred_depr = $this->_getCredentialsDeprecated(); - $login_array ['credentials']=$cred_depr[0]; - $login_array ['append_password']=$cred_depr[1]; - array_push ($login_serialize_list, 'credentials', 'append_password'); + $login_array['credentials'] = $cred_depr[0]; + $login_array['append_password'] = $cred_depr[1]; } - $login_array['version'] = $ver[0]; $login_array['apiversion'] = $ver[1]; - array_push ($login_serialize_list, 'version', 'apiversion'); - $login_array["_serialize"] = $login_serialize_list; + $login_array['_serialize'] = array_keys($login_array); $this->set($login_array); - } // end function login() // clears out session @@ -101,106 +89,97 @@ class HostController extends AppController { private function _getCredentialsDeprecated() { $credentials = ''; $appendPassword = 0; - if (ZM_OPT_USE_AUTH) { - require_once __DIR__ .'/../../../includes/auth.php'; - if (ZM_AUTH_RELAY=='hashed') { - $credentials = 'auth='.generateAuthHash(ZM_AUTH_HASH_IPS,true); - } - else { + if ( ZM_OPT_USE_AUTH ) { + require_once __DIR__ .'/../../../includes/auth.php'; + if ( ZM_AUTH_RELAY == 'hashed' ) { + $credentials = 'auth='.generateAuthHash(ZM_AUTH_HASH_IPS, true); + } else { $credentials = 'user='.$this->Session->read('Username').'&pass='; $appendPassword = 1; } return array($credentials, $appendPassword); } } - - private function _getCredentials($generate_refresh_token=false, $mToken='') { - $credentials = ''; - $this->loadModel('Config'); - if ( ZM_OPT_USE_AUTH ) { - require_once __DIR__ .'/../../../includes/auth.php'; - require_once __DIR__.'/../../../vendor/autoload.php'; - - $key = ZM_AUTH_HASH_SECRET; - if (!$key) { - throw new ForbiddenException(__('Please create a valid AUTH_HASH_SECRET in ZoneMinder')); - } + private function _getCredentials($generate_refresh_token=false, $token='', $username='') { - if ($mToken) { - // If we have a token, we need to derive username from there - $ret = validateToken($mToken, 'refresh', true); - $mUser = $ret[0]['Username']; + if ( !ZM_OPT_USE_AUTH ) + return; - } else { - $mUser = $_SESSION['username']; - } + if ( !ZM_AUTH_HASH_SECRET ) + throw new ForbiddenException(__('Please create a valid AUTH_HASH_SECRET in ZoneMinder')); - ZM\Info("Creating token for \"$mUser\""); + require_once __DIR__ .'/../../../includes/auth.php'; + require_once __DIR__.'/../../../vendor/autoload.php'; - /* we won't support AUTH_HASH_IPS in token mode - reasons: - a) counter-intuitive for mobile consumers - b) zmu will never be able to to validate via a token if we sign - it after appending REMOTE_ADDR - - if (ZM_AUTH_HASH_IPS) { - $key = $key . $_SERVER['REMOTE_ADDR']; - }*/ + if ( $token ) { + // If we have a token, we need to derive username from there + $ret = validateToken($token, 'refresh', true); + $mUser = $ret[0]['Username']; + } else { + $mUser = $username; + } - $access_issued_at = time(); - $access_ttl = (ZM_AUTH_HASH_TTL || 2) * 3600; + ZM\Info("Creating token for \"$mUser\""); - // by default access token will expire in 2 hrs - // you can change it by changing the value of ZM_AUTH_HASH_TLL - $access_expire_at = $access_issued_at + $access_ttl; - //$access_expire_at = $access_issued_at + 60; // TEST, REMOVE - - $access_token = array( - "iss" => "ZoneMinder", - "iat" => $access_issued_at, - "exp" => $access_expire_at, - "user" => $mUser, - "type" => "access" + /* we won't support AUTH_HASH_IPS in token mode + reasons: + a) counter-intuitive for mobile consumers + b) zmu will never be able to to validate via a token if we sign + it after appending REMOTE_ADDR + + if (ZM_AUTH_HASH_IPS) { + $key = $key . $_SERVER['REMOTE_ADDR']; + }*/ + + $access_issued_at = time(); + $access_ttl = (ZM_AUTH_HASH_TTL || 2) * 3600; + + // by default access token will expire in 2 hrs + // you can change it by changing the value of ZM_AUTH_HASH_TLL + $access_expire_at = $access_issued_at + $access_ttl; + //$access_expire_at = $access_issued_at + 60; // TEST, REMOVE + + $access_token = array( + 'iss' => 'ZoneMinder', + 'iat' => $access_issued_at, + 'exp' => $access_expire_at, + 'user' => $mUser, + 'type' => 'access' + ); + + $jwt_access_token = \Firebase\JWT\JWT::encode($access_token, ZM_AUTH_HASH_SECRET, 'HS256'); + + $jwt_refresh_token = ''; + $refresh_ttl = 0; + + if ( $generate_refresh_token ) { + $refresh_issued_at = time(); + $refresh_ttl = 24 * 3600; // 1 day + + $refresh_expire_at = $refresh_issued_at + $refresh_ttl; + $refresh_token = array( + 'iss' => 'ZoneMinder', + 'iat' => $refresh_issued_at, + 'exp' => $refresh_expire_at, + 'user' => $mUser, + 'type' => 'refresh' ); - - $jwt_access_token = \Firebase\JWT\JWT::encode($access_token, $key, 'HS256'); - - $jwt_refresh_token = ""; - $refresh_ttl = 0; - - if ($generate_refresh_token) { - $refresh_issued_at = time(); - $refresh_ttl = 24 * 3600; // 1 day - - $refresh_expire_at = $refresh_issued_at + $refresh_ttl; - $refresh_token = array( - "iss" => "ZoneMinder", - "iat" => $refresh_issued_at, - "exp" => $refresh_expire_at, - "user" => $mUser, - "type" => "refresh" - ); - $jwt_refresh_token = \Firebase\JWT\JWT::encode($refresh_token, $key, 'HS256'); - } - - } + $jwt_refresh_token = \Firebase\JWT\JWT::encode($refresh_token, ZM_AUTH_HASH_SECRET, 'HS256'); + } # end if generate_refresh_token return array($jwt_access_token, $access_ttl, $jwt_refresh_token, $refresh_ttl); - } + } # end function _getCredentials($generate_refresh_token=false, $token='') // If $mid is set, only return disk usage for that monitor // Else, return an array of total disk usage, and per-monitor // usage. // This function is deprecated. Use the Storage object or monitor object instead function getDiskPercent($mid = null) { - $this->loadModel('Config'); $this->loadModel('Monitor'); // If $mid is passed, see if it is valid - if ( $mid ) { - if ( !$this->Monitor->exists($mid) ) { - throw new NotFoundException(__('Invalid monitor')); - } + if ( $mid and !$this->Monitor->exists($mid) ) { + throw new NotFoundException(__('Invalid monitor')); } $zm_dir_events = ZM_DIR_EVENTS; @@ -228,8 +207,8 @@ class HostController extends AppController { $name = $value['Monitor']['Name']; $color = $value['Monitor']['WebColour']; - $space = shell_exec ("du -s0 $zm_dir_events/$id | awk '{print $1}'"); - if ($space == null) { + $space = shell_exec("du -s0 $zm_dir_events/$id | awk '{print $1}'"); + if ( $space == null ) { $space = 0; } $space = $space/1024/1024; @@ -265,7 +244,7 @@ class HostController extends AppController { } private function _getVersion() { - $version = Configure::read('ZM_VERSION'); + $version = ZM_VERSION; $apiversion = '2.0'; return array($version, $apiversion); } From 0bf036fc558790d8ccb62146d01951384141efdd Mon Sep 17 00:00:00 2001 From: Isaac Connor Date: Mon, 12 Aug 2019 15:06:46 -0400 Subject: [PATCH 413/922] Remove Session from the components list --- web/api/app/Controller/HostController.php | 4 ++-- 1 file changed, 2 insertions(+), 2 deletions(-) diff --git a/web/api/app/Controller/HostController.php b/web/api/app/Controller/HostController.php index a55d5bf34..a5db77e81 100644 --- a/web/api/app/Controller/HostController.php +++ b/web/api/app/Controller/HostController.php @@ -3,7 +3,7 @@ App::uses('AppController', 'Controller'); class HostController extends AppController { - public $components = array('RequestHandler', 'Session'); + public $components = array('RequestHandler'); public function daemonCheck($daemon=false, $args=false) { $string = ZM_PATH_BIN.'/zmdc.pl check'; @@ -94,7 +94,7 @@ class HostController extends AppController { if ( ZM_AUTH_RELAY == 'hashed' ) { $credentials = 'auth='.generateAuthHash(ZM_AUTH_HASH_IPS, true); } else { - $credentials = 'user='.$this->Session->read('Username').'&pass='; + $credentials = 'user='.$_SESSION['Username'].'&pass='; $appendPassword = 1; } return array($credentials, $appendPassword); From c2e12934722cf667dfb52a825ce2dfb7f426e1a4 Mon Sep 17 00:00:00 2001 From: Isaac Connor Date: Mon, 12 Aug 2019 15:10:58 -0400 Subject: [PATCH 414/922] spacing --- web/api/app/Controller/AppController.php | 5 ++--- 1 file changed, 2 insertions(+), 3 deletions(-) diff --git a/web/api/app/Controller/AppController.php b/web/api/app/Controller/AppController.php index 6b71ffb84..33643cf2f 100644 --- a/web/api/app/Controller/AppController.php +++ b/web/api/app/Controller/AppController.php @@ -87,13 +87,12 @@ class AppController extends Controller { // if you pass a token to login, we should only allow // refresh tokens to regenerate new access and refresh tokens if ( !strcasecmp($this->params->action, 'login') ) { - $only_allow_token_type='refresh'; + $only_allow_token_type = 'refresh'; } else { // for any other methods, don't allow refresh tokens // they are supposed to be infrequently used for security // purposes - $only_allow_token_type='access'; - + $only_allow_token_type = 'access'; } $ret = validateToken($mToken, $only_allow_token_type, true); $user = $ret[0]; From a63b6486b9b48bfd2419e7098bdd2fd995881144 Mon Sep 17 00:00:00 2001 From: Isaac Connor Date: Mon, 12 Aug 2019 15:36:40 -0400 Subject: [PATCH 415/922] Remove Session from App Components list. --- web/api/app/Controller/AppController.php | 1 - 1 file changed, 1 deletion(-) diff --git a/web/api/app/Controller/AppController.php b/web/api/app/Controller/AppController.php index 33643cf2f..6dd28fe5f 100644 --- a/web/api/app/Controller/AppController.php +++ b/web/api/app/Controller/AppController.php @@ -34,7 +34,6 @@ class AppController extends Controller { use CrudControllerTrait; public $components = [ - 'Session', // We are going to use SessionHelper to check PHP session vars 'RequestHandler', 'Crud.Crud' => [ 'actions' => [ From 9da10abca9b254d985e0e3ee21cf157606420ce1 Mon Sep 17 00:00:00 2001 From: Isaac Connor Date: Tue, 13 Aug 2019 11:29:32 -0400 Subject: [PATCH 416/922] Move APIEnabled check to the api from auth.php --- web/api/app/Controller/AppController.php | 45 +++++++++++++----------- 1 file changed, 25 insertions(+), 20 deletions(-) diff --git a/web/api/app/Controller/AppController.php b/web/api/app/Controller/AppController.php index 6dd28fe5f..e3b422914 100644 --- a/web/api/app/Controller/AppController.php +++ b/web/api/app/Controller/AppController.php @@ -66,23 +66,28 @@ class AppController extends Controller { # For use throughout the app. If not logged in, this will be null. global $user; - if ( ZM_OPT_USE_AUTH ) { - require_once __DIR__ .'/../../../includes/auth.php'; + if ( ZM_OPT_USE_LEGACY_API_AUTH ) { + # This will auto-login if username=&password= are set, or auth= + require_once __DIR__ .'/../../../includes/auth.php'; + } - $mUser = $this->request->query('user') ? $this->request->query('user') : $this->request->data('user'); - $mPassword = $this->request->query('pass') ? $this->request->query('pass') : $this->request->data('pass'); - $mToken = $this->request->query('token') ? $this->request->query('token') : $this->request->data('token'); + $username = $this->request->query('user') ? $this->request->query('user') : $this->request->data('user'); + $password = $this->request->query('pass') ? $this->request->query('pass') : $this->request->data('pass'); - if ( $mUser and $mPassword ) { - // log (user, pass, nothashed, api based login so skip recaptcha) - $user = userLogin($mUser, $mPassword, false, true); - if ( !$user ) { - throw new UnauthorizedException(__('Incorrect credentials or API disabled')); - return; - } - } else if ( $mToken ) { + if ( $user and $password ) { + // log (user, pass, nothashed, api based login so skip recaptcha) + $user = userLogin($user, $password, false, true); + if ( !$user ) { + throw new UnauthorizedException(__('Incorrect credentials or API disabled')); + return; + } + } + + # NON LEGACY + $token = $this->request->query('token') ? $this->request->query('token') : $this->request->data('token'); + if ( $token ) { // if you pass a token to login, we should only allow // refresh tokens to regenerate new access and refresh tokens if ( !strcasecmp($this->params->action, 'login') ) { @@ -93,20 +98,20 @@ class AppController extends Controller { // purposes $only_allow_token_type = 'access'; } - $ret = validateToken($mToken, $only_allow_token_type, true); + $ret = validateToken($token, $only_allow_token_type, true); $user = $ret[0]; $retstatus = $ret[1]; if ( !$user ) { throw new UnauthorizedException(__($retstatus)); return; } - } else if ( $mAuth ) { - $user = getAuthUser($mAuth, true); - if ( !$user ) { - throw new UnauthorizedException(__('Invalid Auth Key')); - return; - } + } # end if token + + if ( $user['APIEnabled'] != 1 ) { + ZM\Error('API disabled for: '.$user['Username']); + unset($user); } + // We need to reject methods that are not authenticated // besides login and logout if ( strcasecmp($this->params->action, 'logout') ) { From 4140d51e9f24aba2dd4ec29b96c54efb49a565a7 Mon Sep 17 00:00:00 2001 From: Isaac Connor Date: Tue, 13 Aug 2019 11:45:50 -0400 Subject: [PATCH 417/922] database.php cleanup. remove dbFetchMonitor and dbFetchGroup. Their usage has been replaced with the Object::find_one usage. Also more quoting of table and colume names to fix #2659 --- web/includes/database.php | 179 +++++++++++++-------------- web/skins/classic/views/function.php | 12 +- web/skins/classic/views/plugin.php | 29 ++--- web/skins/classic/views/settings.php | 36 +++--- 4 files changed, 121 insertions(+), 135 deletions(-) diff --git a/web/includes/database.php b/web/includes/database.php index f214af58b..d941a01e0 100644 --- a/web/includes/database.php +++ b/web/includes/database.php @@ -2,25 +2,25 @@ // // ZoneMinder web database interface file, $Date$, $Revision$ // Copyright (C) 2001-2008 Philip Coombes -// +// // This program is free software; you can redistribute it and/or // modify it under the terms of the GNU General Public License // as published by the Free Software Foundation; either version 2 // of the License, or (at your option) any later version. -// +// // This program is distributed in the hope that it will be useful, // but WITHOUT ANY WARRANTY; without even the implied warranty of // MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the // GNU General Public License for more details. -// +// // You should have received a copy of the GNU General Public License // along with this program; if not, write to the Free Software // Foundation, Inc., 51 Franklin Street, Fifth Floor, Boston, MA 02110-1301 USA. -// +// -define( 'DB_LOG_OFF', 0 ); -define( 'DB_LOG_ONLY', 1 ); -define( 'DB_LOG_DEBUG', 2 ); +define('DB_LOG_OFF', 0); +define('DB_LOG_ONLY', 1); +define('DB_LOG_DEBUG', 2); $GLOBALS['dbLogLevel'] = DB_LOG_OFF; @@ -29,10 +29,10 @@ $GLOBALS['dbConn'] = false; function dbConnect() { global $dbConn; - if (strpos(ZM_DB_HOST, ':')) { + if ( strpos(ZM_DB_HOST, ':') ) { // Host variable may carry a port or socket. list($host, $portOrSocket) = explode(':', ZM_DB_HOST, 2); - if (ctype_digit($portOrSocket)) { + if ( ctype_digit($portOrSocket) ) { $socket = ':host='.$host . ';port='.$portOrSocket; } else { $socket = ':unix_socket='.$portOrSocket; @@ -43,22 +43,22 @@ function dbConnect() { try { $dbOptions = null; - if ( defined( 'ZM_DB_SSL_CA_CERT' ) and ZM_DB_SSL_CA_CERT ) { + if ( defined('ZM_DB_SSL_CA_CERT') and ZM_DB_SSL_CA_CERT ) { $dbOptions = array( PDO::MYSQL_ATTR_SSL_CA => ZM_DB_SSL_CA_CERT, PDO::MYSQL_ATTR_SSL_KEY => ZM_DB_SSL_CLIENT_KEY, PDO::MYSQL_ATTR_SSL_CERT => ZM_DB_SSL_CLIENT_CERT, ); - $dbConn = new PDO( ZM_DB_TYPE . $socket . ';dbname='.ZM_DB_NAME, ZM_DB_USER, ZM_DB_PASS, $dbOptions ); + $dbConn = new PDO(ZM_DB_TYPE . $socket . ';dbname='.ZM_DB_NAME, ZM_DB_USER, ZM_DB_PASS, $dbOptions); } else { - $dbConn = new PDO( ZM_DB_TYPE . $socket . ';dbname='.ZM_DB_NAME, ZM_DB_USER, ZM_DB_PASS ); + $dbConn = new PDO(ZM_DB_TYPE . $socket . ';dbname='.ZM_DB_NAME, ZM_DB_USER, ZM_DB_PASS); } $dbConn->setAttribute(PDO::ATTR_EMULATE_PREPARES, false); $dbConn->setAttribute(PDO::ATTR_ERRMODE, PDO::ERRMODE_EXCEPTION); } catch(PDOException $ex ) { echo 'Unable to connect to ZM db.' . $ex->getMessage(); - error_log('Unable to connect to ZM DB ' . $ex->getMessage() ); + error_log('Unable to connect to ZM DB ' . $ex->getMessage()); $dbConn = null; } } @@ -89,15 +89,15 @@ function dbDebug() { dbLogDebug(); } -function dbLog( $sql, $update=false ) { +function dbLog($sql, $update=false) { global $dbLogLevel; $noExecute = $update && ($dbLogLevel >= DB_LOG_DEBUG); if ( $dbLogLevel > DB_LOG_OFF ) - ZM\Logger::Debug( "SQL-LOG: $sql".($noExecute?" (not executed)":"") ); + ZM\Logger::Debug( "SQL-LOG: $sql".($noExecute?' (not executed)':'') ); return( $noExecute ); } -function dbError( $sql ) { +function dbError($sql) { global $dbConn; $error = $dbConn->errorInfo(); if ( ! $error[0] ) @@ -110,37 +110,37 @@ function dbError( $sql ) { function dbEscape( $string ) { global $dbConn; - if ( version_compare( phpversion(), '4.3.0', '<') ) + if ( version_compare(phpversion(), '4.3.0', '<')) if ( get_magic_quotes_gpc() ) - return( $dbConn->quote( stripslashes( $string ) ) ); + return $dbConn->quote(stripslashes($string)); else - return( $dbConn->quote( $string ) ); + return $dbConn->quote($string); else if ( get_magic_quotes_gpc() ) - return( $dbConn->quote( stripslashes( $string ) ) ); + return $dbConn->quote(stripslashes($string)); else - return( $dbConn->quote( $string ) ); + return $dbConn->quote($string); } -function dbQuery( $sql, $params=NULL ) { +function dbQuery($sql, $params=NULL) { global $dbConn; - if ( dbLog( $sql, true ) ) + if ( dbLog($sql, true) ) return; $result = NULL; try { if ( isset($params) ) { - if ( ! $result = $dbConn->prepare( $sql ) ) { + if ( ! $result = $dbConn->prepare($sql) ) { ZM\Error("SQL: Error preparing $sql: " . $pdo->errorInfo); return NULL; } - if ( ! $result->execute( $params ) ) { - ZM\Error("SQL: Error executing $sql: " . implode(',', $result->errorInfo() ) ); + if ( ! $result->execute($params) ) { + ZM\Error("SQL: Error executing $sql: " . implode(',', $result->errorInfo())); return NULL; } } else { if ( defined('ZM_DB_DEBUG') ) { - ZM\Logger::Debug("SQL: $sql values:" . ($params?implode(',',$params):'') ); + ZM\Logger::Debug("SQL: $sql values:" . ($params?implode(',',$params):'')); } $result = $dbConn->query($sql); if ( ! $result ) { @@ -150,24 +150,24 @@ function dbQuery( $sql, $params=NULL ) { } if ( defined('ZM_DB_DEBUG') ) { if ( $params ) - ZM\Logger::Debug("SQL: $sql" . implode(',',$params) . ' rows: '.$result->rowCount() ); + ZM\Logger::Debug("SQL: $sql" . implode(',',$params) . ' rows: '.$result->rowCount()); else - ZM\Logger::Debug("SQL: $sql: rows:" . $result->rowCount() ); + ZM\Logger::Debug("SQL: $sql: rows:" . $result->rowCount()); } } catch(PDOException $e) { - ZM\Error( "SQL-ERR '".$e->getMessage()."', statement was '".$sql."' params:" . ($params?implode(',',$params):'') ); + ZM\Error("SQL-ERR '".$e->getMessage()."', statement was '".$sql."' params:" . ($params?implode(',',$params):'')); return NULL; } return $result; } -function dbFetchOne( $sql, $col=false, $params=NULL ) { - $result = dbQuery( $sql, $params ); - if ( ! $result ) { - ZM\Error( "SQL-ERR dbFetchOne no result, statement was '".$sql."'" . ( $params ? 'params: ' . join(',',$params) : '' ) ); +function dbFetchOne($sql, $col=false, $params=NULL) { + $result = dbQuery($sql, $params); + if ( !$result ) { + ZM\Error("SQL-ERR dbFetchOne no result, statement was '".$sql."'".($params ? 'params: ' . join(',',$params) : '')); return false; } - if ( ! $result->rowCount() ) { + if ( !$result->rowCount() ) { # No rows is not an error return false; } @@ -179,109 +179,109 @@ function dbFetchOne( $sql, $col=false, $params=NULL ) { return false; } return $dbRow[$col]; - } + } return $dbRow; } return false; } -function dbFetchAll( $sql, $col=false, $params=NULL ) { - $result = dbQuery( $sql, $params ); +function dbFetchAll($sql, $col=false, $params=NULL) { + $result = dbQuery($sql, $params); if ( ! $result ) { - ZM\Error( "SQL-ERR dbFetchAll no result, statement was '".$sql."'" . ( $params ? 'params: ' .join(',', $params) : '' ) ); + ZM\Error("SQL-ERR dbFetchAll no result, statement was '".$sql."'".($params ? 'params: '.join(',', $params) : '')); return false; } $dbRows = array(); - while( $dbRow = $result->fetch( PDO::FETCH_ASSOC ) ) - $dbRows[] = $col?$dbRow[$col]:$dbRow; + while ( $dbRow = $result->fetch(PDO::FETCH_ASSOC) ) + $dbRows[] = $col ? $dbRow[$col] : $dbRow; return $dbRows; } -function dbFetchAssoc( $sql, $indexCol, $dataCol=false ) { - $result = dbQuery( $sql ); +function dbFetchAssoc($sql, $indexCol, $dataCol=false) { + $result = dbQuery($sql); $dbRows = array(); - while( $dbRow = $result->fetch( PDO::FETCH_ASSOC ) ) - $dbRows[$dbRow[$indexCol]] = $dataCol?$dbRow[$dataCol]:$dbRow; - return( $dbRows ); + while( $dbRow = $result->fetch(PDO::FETCH_ASSOC) ) + $dbRows[$dbRow[$indexCol]] = $dataCol ? $dbRow[$dataCol] : $dbRow; + return $dbRows; } -function dbFetch( $sql, $col=false ) { - return( dbFetchAll( $sql, $col ) ); +function dbFetch($sql, $col=false) { + return dbFetchAll($sql, $col); } -function dbFetchNext( $result, $col=false ) { - if ( $dbRow = $result->fetch( PDO::FETCH_ASSOC ) ) - return( $col?$dbRow[$col]:$dbRow ); - return( false ); +function dbFetchNext($result, $col=false) { + if ( $dbRow = $result->fetch(PDO::FETCH_ASSOC) ) + return $col ? $dbRow[$col] : $dbRow; + return false; } function dbNumRows( $sql ) { - $result = dbQuery( $sql ); - return( $result->rowCount() ); + $result = dbQuery($sql); + return $result->rowCount(); } function dbInsertId() { global $dbConn; - return( $dbConn->lastInsertId() ); + return $dbConn->lastInsertId(); } -function getEnumValues( $table, $column ) { - $row = dbFetchOne( "describe $table $column" ); - preg_match_all( "/'([^']+)'/", $row['Type'], $matches ); - return( $matches[1] ); +function getEnumValues($table, $column) { + $row = dbFetchOne("DESCRIBE `$table` `$column`"); + preg_match_all("/'([^']+)'/", $row['Type'], $matches); + return $matches[1]; } -function getSetValues( $table, $column ) { - return( getEnumValues( $table, $column ) ); +function getSetValues($table, $column) { + return getEnumValues($table, $column); } -function getUniqueValues( $table, $column, $asString=1 ) { +function getUniqueValues($table, $column, $asString=1) { $values = array(); - $sql = "select distinct $column from $table where (not isnull($column) and $column != '') order by $column"; - foreach( dbFetchAll( $sql ) as $row ) { + $sql = "SELECT DISTINCT `$column` FROM `$table` WHERE (NOT isnull(`$column`) AND `$column` != '') ORDER BY `$column`"; + foreach ( dbFetchAll($sql) as $row ) { if ( $asString ) $values[$row[$column]] = $row[$column]; else $values[] = $row[$column]; } - return( $values ); -} + return $values; +} function getTableColumns( $table, $asString=1 ) { $columns = array(); - $sql = "describe $table"; - foreach( dbFetchAll( $sql ) as $row ) { + $sql = "DESCRIBE `$table`"; + foreach ( dbFetchAll($sql) as $row ) { if ( $asString ) $columns[$row['Field']] = $row['Type']; else $columns[] = $row['Type']; } - return( $columns ); -} + return $columns; +} function getTableAutoInc( $table ) { - $row = dbFetchOne( 'show table status where Name=?', NULL, array($table) ); - return( $row['Auto_increment'] ); + $row = dbFetchOne('SHOW TABLE status WHERE Name=?', NULL, array($table)); + return $row['Auto_increment']; } function getTableDescription( $table, $asString=1 ) { $columns = array(); - foreach( dbFetchAll( "describe $table" ) as $row ) { + foreach( dbFetchAll("DESCRIBE `$table`") as $row ) { $desc = array( 'name' => $row['Field'], 'required' => ($row['Null']=='NO')?true:false, 'default' => $row['Default'], 'db' => $row, ); - if ( preg_match( "/^varchar\((\d+)\)$/", $row['Type'], $matches ) ) { + if ( preg_match('/^varchar\((\d+)\)$/', $row['Type'], $matches) ) { $desc['type'] = 'text'; $desc['typeAttrib'] = 'varchar'; $desc['maxLength'] = $matches[1]; - } elseif ( preg_match( "/^(\w+)?text$/", $row['Type'], $matches ) ) { + } elseif ( preg_match('/^(\w+)?text$/', $row['Type'], $matches) ) { $desc['type'] = 'text'; - if (!empty($matches[1]) ) + if ( !empty($matches[1]) ) $desc['typeAttrib'] = $matches[1]; switch ( $matches[1] ) { case 'tiny' : @@ -295,15 +295,15 @@ function getTableDescription( $table, $asString=1 ) { //$desc['minLength'] = -128; break; default : - ZM\Error( "Unexpected text qualifier '".$matches[1]."' found for field '".$row['Field']."' in table '".$table."'" ); + ZM\Error("Unexpected text qualifier '".$matches[1]."' found for field '".$row['Field']."' in table '".$table."'"); break; } - } elseif ( preg_match( "/^(enum|set)\((.*)\)$/", $row['Type'], $matches ) ) { + } elseif ( preg_match('/^(enum|set)\((.*)\)$/', $row['Type'], $matches) ) { $desc['type'] = 'text'; $desc['typeAttrib'] = $matches[1]; - preg_match_all( "/'([^']+)'/", $matches[2], $matches ); + preg_match_all("/'([^']+)'/", $matches[2], $matches); $desc['values'] = $matches[1]; - } elseif ( preg_match( "/^(\w+)?int\(\d+\)(?:\s+(unsigned))?$/", $row['Type'], $matches ) ) { + } elseif ( preg_match('/^(\w+)?int\(\d+\)(?:\s+(unsigned))?$/', $row['Type'], $matches) ) { $desc['type'] = 'integer'; switch ( $matches[1] ) { case 'tiny' : @@ -327,7 +327,7 @@ function getTableDescription( $table, $asString=1 ) { //$desc['maxValue'] = 127; break; default : - ZM\Error( "Unexpected integer qualifier '".$matches[1]."' found for field '".$row['Field']."' in table '".$table."'" ); + ZM\Error("Unexpected integer qualifier '".$matches[1]."' found for field '".$row['Field']."' in table '".$table."'"); break; } if ( !empty($matches[1]) ) @@ -336,7 +336,7 @@ function getTableDescription( $table, $asString=1 ) { $desc['maxValue'] += (-$desc['minValue']); $desc['minValue'] = 0; } - } elseif ( preg_match( "/^(?:decimal|numeric)\((\d+)(?:,(\d+))?\)(?:\s+(unsigned))?$/", $row['Type'], $matches ) ) { + } elseif ( preg_match('/^(?:decimal|numeric)\((\d+)(?:,(\d+))?\)(?:\s+(unsigned))?$/', $row['Type'], $matches) ) { $desc['type'] = 'fixed'; $desc['range'] = $matches[1]; if ( isset($matches[2]) ) @@ -344,7 +344,7 @@ function getTableDescription( $table, $asString=1 ) { else $desc['precision'] = 0; $desc['unsigned'] = ( isset($matches[3]) && $matches[3] == 'unsigned' ); - } elseif ( preg_match( "/^(datetime|timestamp|date|time)$/", $row['Type'], $matches ) ) { + } elseif ( preg_match('/^(datetime|timestamp|date|time)$/', $row['Type'], $matches) ) { $desc['type'] = 'datetime'; switch ( $desc['typeAttrib'] = $matches[1] ) { case 'datetime' : @@ -362,7 +362,7 @@ function getTableDescription( $table, $asString=1 ) { break; } } else { - ZM\Error( "Can't parse database type '".$row['Type']."' found for field '".$row['Field']."' in table '".$table."'" ); + ZM\Error("Can't parse database type '".$row['Type']."' found for field '".$row['Field']."' in table '".$table."'"); } if ( $asString ) @@ -370,15 +370,6 @@ function getTableDescription( $table, $asString=1 ) { else $columns[] = $desc; } - return( $columns ); -} - -function dbFetchMonitor( $mid ) { - return( dbFetchOne( 'select * from Monitors where Id = ?', NULL, array($mid) ) ); + return $columns; } - -function dbFetchGroup( $gid ) { - return( dbFetchOne( 'select * from Groups where Id = ?', NULL, array($gid) ) ); -} - ?> diff --git a/web/skins/classic/views/function.php b/web/skins/classic/views/function.php index 506bc006b..1cd2985ef 100644 --- a/web/skins/classic/views/function.php +++ b/web/skins/classic/views/function.php @@ -23,34 +23,34 @@ if ( !canEdit('Monitors') ) { return; } -$monitor = dbFetchMonitor($_REQUEST['mid']); +$monitor = ZM\Monitor::find_one(array('Id'=>$_REQUEST['mid'])); $focusWindow = true; -xhtmlHeaders(__FILE__, translate('Function').' - '.validHtmlStr($monitor['Name'])); +xhtmlHeaders(__FILE__, translate('Function').' - '.validHtmlStr($monitor->Name())); ?>
- +

- checked="checked"/> + Enabled()) ) { ?> checked="checked"/>

diff --git a/web/skins/classic/views/plugin.php b/web/skins/classic/views/plugin.php index ea7a9f347..4f41b3fbd 100644 --- a/web/skins/classic/views/plugin.php +++ b/web/skins/classic/views/plugin.php @@ -19,23 +19,21 @@ // -if ( !canView( 'Monitors' ) ) -{ - $view = "error"; - return; +if ( !canView('Monitors') ) { + $view = 'error'; + return; } $mid = validInt($_REQUEST['mid']); $zid = !empty($_REQUEST['zid'])?validInt($_REQUEST['zid']):0; - if ( $zid > 0 ) { - $newZone = dbFetchOne( 'SELECT * FROM Zones WHERE MonitorId = ? AND Id = ?', NULL, array( $mid, $zid) ); + $newZone = dbFetchOne('SELECT * FROM Zones WHERE MonitorId = ? AND Id = ?', NULL, array($mid, $zid)); } else { - $view = "error"; + $view = 'error'; return; } -$monitor = dbFetchMonitor ( $mid ); +$monitor = ZM\Monitor::find_one($mid); // Only allow certain filename characters (not including a period) to prevent directory traversal. $plugin = preg_replace('/[^-a-zA-Z0-9]/', '', $_REQUEST['pl']); @@ -104,7 +102,7 @@ function pLang($name)
@@ -115,16 +113,14 @@ function pLang($name)
- +
$popt) -{ - ?> +foreach($pluginOptions as $name => $popt) { +?> $popt) - + - + - + - +
disabled="disabled"/> disabled="disabled"/>
disabled="disabled"/>/>
disabled="disabled"/>/>
disabled="disabled"/>/>
- disabled="disabled"/> + +
From 74e414eb0014a52fcfa2919a25f45cd8518e1afe Mon Sep 17 00:00:00 2001 From: Isaac Connor Date: Tue, 13 Aug 2019 15:33:38 -0400 Subject: [PATCH 418/922] Clean up ugly hack in CopyTo. Do not modify the object resulting in cached crap --- scripts/ZoneMinder/lib/ZoneMinder/Event.pm | 6 +++--- 1 file changed, 3 insertions(+), 3 deletions(-) diff --git a/scripts/ZoneMinder/lib/ZoneMinder/Event.pm b/scripts/ZoneMinder/lib/ZoneMinder/Event.pm index 0fc43f24a..25cfebb5c 100644 --- a/scripts/ZoneMinder/lib/ZoneMinder/Event.pm +++ b/scripts/ZoneMinder/lib/ZoneMinder/Event.pm @@ -562,8 +562,8 @@ sub CopyTo { return 'Old Storage path changed, Event has moved somewhere else.'; } - $$self{Storage} = $NewStorage; - ( $NewPath ) = ( $self->Path(undef) =~ /^(.*)$/ ); # De-taint + $NewPath .= $self->Relative_Path(); + $NewPath = ( $NewPath =~ /^(.*)$/ ); # De-taint if ( $NewPath eq $OldPath ) { $ZoneMinder::Database::dbh->commit(); return "New path and old path are the same! $NewPath"; @@ -685,7 +685,7 @@ sub MoveTo { # Succeeded in copying all files, so we may now update the Event. $$self{StorageId} = $$NewStorage{Id}; - $$self{Storage} = $NewStorage; + $self->Storage($NewStorage); $error .= $self->save(); if ( $error ) { $ZoneMinder::Database::dbh->commit(); From c7b6db9be7fe274b36b9c3f84f76e0c6b7714334 Mon Sep 17 00:00:00 2001 From: Isaac Connor Date: Wed, 14 Aug 2019 16:18:21 -0400 Subject: [PATCH 419/922] Put backticks around all columns and tables in sql to deal with mysql 8 --- src/zm_config.cpp | 4 ++-- src/zm_eventstream.cpp | 20 ++++++++++---------- src/zm_group.cpp | 2 +- src/zm_monitor.cpp | 42 +++++++++++++++++++++--------------------- src/zm_storage.cpp | 2 +- src/zm_user.cpp | 10 +++++----- 6 files changed, 40 insertions(+), 40 deletions(-) diff --git a/src/zm_config.cpp b/src/zm_config.cpp index f9e11e59b..68c9eae08 100644 --- a/src/zm_config.cpp +++ b/src/zm_config.cpp @@ -68,7 +68,7 @@ void zmLoadConfig() { if ( ! staticConfig.SERVER_NAME.empty() ) { Debug( 1, "Fetching ZM_SERVER_ID For Name = %s", staticConfig.SERVER_NAME.c_str() ); - std::string sql = stringtf("SELECT Id FROM Servers WHERE Name='%s'", staticConfig.SERVER_NAME.c_str() ); + std::string sql = stringtf("SELECT `Id` FROM `Servers` WHERE `Name`='%s'", staticConfig.SERVER_NAME.c_str() ); zmDbRow dbrow; if ( dbrow.fetch( sql.c_str() ) ) { staticConfig.SERVER_ID = atoi(dbrow[0]); @@ -79,7 +79,7 @@ void zmLoadConfig() { } // end if has SERVER_NAME } else if ( staticConfig.SERVER_NAME.empty() ) { Debug( 1, "Fetching ZM_SERVER_NAME For Id = %d", staticConfig.SERVER_ID ); - std::string sql = stringtf("SELECT Name FROM Servers WHERE Id='%d'", staticConfig.SERVER_ID ); + std::string sql = stringtf("SELECT `Name` FROM `Servers` WHERE `Id`='%d'", staticConfig.SERVER_ID ); zmDbRow dbrow; if ( dbrow.fetch( sql.c_str() ) ) { diff --git a/src/zm_eventstream.cpp b/src/zm_eventstream.cpp index 36e8d097d..4b894c153 100644 --- a/src/zm_eventstream.cpp +++ b/src/zm_eventstream.cpp @@ -44,9 +44,9 @@ bool EventStream::loadInitialEventData(int monitor_id, time_t event_time) { static char sql[ZM_SQL_SML_BUFSIZ]; - snprintf(sql, sizeof(sql), "SELECT Id FROM Events WHERE " - "MonitorId = %d AND unix_timestamp(EndTime) > %ld " - "ORDER BY Id ASC LIMIT 1", monitor_id, event_time); + snprintf(sql, sizeof(sql), "SELECT `Id` FROM `Events` WHERE " + "`MonitorId` = %d AND unix_timestamp(`EndTime`) > %ld " + "ORDER BY `Id` ASC LIMIT 1", monitor_id, event_time); if ( mysql_query(&dbconn, sql) ) { Error("Can't run query: %s", mysql_error(&dbconn)); @@ -115,9 +115,9 @@ bool EventStream::loadEventData(uint64_t event_id) { static char sql[ZM_SQL_MED_BUFSIZ]; snprintf(sql, sizeof(sql), - "SELECT MonitorId, StorageId, Frames, unix_timestamp( StartTime ) AS StartTimestamp, " - "(SELECT max(Delta)-min(Delta) FROM Frames WHERE EventId=Events.Id) AS Duration, " - "DefaultVideo, Scheme, SaveJPEGs FROM Events WHERE Id = %" PRIu64, event_id); + "SELECT `MonitorId`, `StorageId`, `Frames`, unix_timestamp( `StartTime` ) AS StartTimestamp, " + "(SELECT max(`Delta`)-min(`Delta`) FROM `Frames` WHERE `EventId`=`Events.Id`) AS Duration, " + "`DefaultVideo`, `Scheme`, `SaveJPEGs` FROM `Events` WHERE `Id` = %" PRIu64, event_id); if ( mysql_query(&dbconn, sql) ) { Error("Can't run query: %s", mysql_error(&dbconn)); @@ -210,8 +210,8 @@ bool EventStream::loadEventData(uint64_t event_id) { Debug(3, "fps set by frame_count(%d)/duration(%f)", event_data->frame_count, event_data->duration); - snprintf(sql, sizeof(sql), "SELECT FrameId, unix_timestamp(`TimeStamp`), Delta " - "FROM Frames WHERE EventId = %" PRIu64 " ORDER BY FrameId ASC", event_id); + snprintf(sql, sizeof(sql), "SELECT `FrameId`, unix_timestamp(`TimeStamp`), `Delta` " + "FROM `Frames` WHERE `EventId` = %" PRIu64 " ORDER BY `FrameId` ASC", event_id); if ( mysql_query(&dbconn, sql) ) { Error("Can't run query: %s", mysql_error(&dbconn)); exit(mysql_errno(&dbconn)); @@ -542,11 +542,11 @@ void EventStream::checkEventLoaded() { if ( curr_frame_id <= 0 ) { snprintf(sql, sizeof(sql), - "SELECT Id FROM Events WHERE MonitorId = %ld AND Id < %" PRIu64 " ORDER BY Id DESC LIMIT 1", + "SELECT `Id` FROM `Events` WHERE `MonitorId` = %ld AND `Id` < %" PRIu64 " ORDER BY `Id` DESC LIMIT 1", event_data->monitor_id, event_data->event_id); } else if ( (unsigned int)curr_frame_id > event_data->frame_count ) { snprintf(sql, sizeof(sql), - "SELECT Id FROM Events WHERE MonitorId = %ld AND Id > %" PRIu64 " ORDER BY Id ASC LIMIT 1", + "SELECT `Id` FROM `Events` WHERE `MonitorId` = %ld AND `Id` > %" PRIu64 " ORDER BY `Id` ASC LIMIT 1", event_data->monitor_id, event_data->event_id); } else { // No event change required diff --git a/src/zm_group.cpp b/src/zm_group.cpp index 7b96920b8..070d3b571 100644 --- a/src/zm_group.cpp +++ b/src/zm_group.cpp @@ -46,7 +46,7 @@ Group::Group(unsigned int p_id) { if ( p_id ) { char sql[ZM_SQL_SML_BUFSIZ]; - snprintf(sql, sizeof(sql), "SELECT Id, ParentId, Name FROM Group WHERE Id=%d", p_id); + snprintf(sql, sizeof(sql), "SELECT `Id`, `ParentId`, `Name` FROM `Group` WHERE `Id`=%d", p_id); Debug(2,"Loading Group for %d using %s", p_id, sql); zmDbRow dbrow; if ( !dbrow.fetch(sql) ) { diff --git a/src/zm_monitor.cpp b/src/zm_monitor.cpp index 617426d1f..1b9442f75 100644 --- a/src/zm_monitor.cpp +++ b/src/zm_monitor.cpp @@ -68,19 +68,19 @@ // This is the official SQL (and ordering of the fields) to load a Monitor. // It will be used whereever a Monitor dbrow is needed. WHERE conditions can be appended std::string load_monitor_sql = -"SELECT Id, Name, ServerId, StorageId, Type, Function+0, Enabled, LinkedMonitors, " -"AnalysisFPSLimit, AnalysisUpdateDelay, MaxFPS, AlarmMaxFPS," -"Device, Channel, Format, V4LMultiBuffer, V4LCapturesPerFrame, " // V4L Settings -"Protocol, Method, Options, User, Pass, Host, Port, Path, Width, Height, Colours, Palette, Orientation+0, Deinterlacing, " -"DecoderHWAccelName, DecoderHWAccelDevice, RTSPDescribe, " -"SaveJPEGs, VideoWriter, EncoderParameters, " +"SELECT `Id`, `Name`, `ServerId`, `StorageId`, `Type`, `Function`+0, `Enabled`, `LinkedMonitors`, " +"`AnalysisFPSLimit`, `AnalysisUpdateDelay`, `MaxFPS`, `AlarmMaxFPS`," +"`Device`, `Channel`, `Format`, `V4LMultiBuffer`, `V4LCapturesPerFrame`, " // V4L Settings +"`Protocol`, `Method`, `Options`, `User`, `Pass`, `Host`, `Port`, `Path`, `Width`, `Height`, `Colours`, `Palette`, `Orientation`+0, `Deinterlacing`, " +"`DecoderHWAccelName`, `DecoderHWAccelDevice`, `RTSPDescribe`, " +"`SaveJPEGs`, `VideoWriter`, `EncoderParameters`, " //" OutputCodec, Encoder, OutputContainer, " -"RecordAudio, " -"Brightness, Contrast, Hue, Colour, " -"EventPrefix, LabelFormat, LabelX, LabelY, LabelSize," -"ImageBufferCount, WarmupCount, PreEventCount, PostEventCount, StreamReplayBuffer, AlarmFrameCount, " -"SectionLength, MinSectionLength, FrameSkip, MotionFrameSkip, " -"FPSReportInterval, RefBlendPerc, AlarmRefBlendPerc, TrackMotion, Exif, SignalCheckPoints, SignalCheckColour FROM Monitors"; +"`RecordAudio`, " +"`Brightness`, `Contrast`, `Hue`, `Colour`, " +"`EventPrefix`, `LabelFormat`, `LabelX`, `LabelY`, `LabelSize`," +"`ImageBufferCount`, `WarmupCount`, `PreEventCount`, `PostEventCount`, `StreamReplayBuffer`, `AlarmFrameCount`, " +"`SectionLength`, `MinSectionLength`, `FrameSkip`, `MotionFrameSkip`, " +"`FPSReportInterval`, `RefBlendPerc`, `AlarmRefBlendPerc`, `TrackMotion`, `Exif`, `SignalCheckPoints`, `SignalCheckColour` FROM `Monitors`"; std::string CameraType_Strings[] = { "Local", @@ -1136,7 +1136,7 @@ void Monitor::DumpZoneImage(const char *zone_string) { } else { Debug(3, "Trying to load from event"); // Grab the most revent event image - std::string sql = stringtf("SELECT MAX(Id) FROM Events WHERE MonitorId=%d AND Frames > 0", id); + std::string sql = stringtf("SELECT MAX(`Id`) FROM `Events` WHERE `MonitorId`=%d AND `Frames` > 0", id); zmDbRow eventid_row; if ( eventid_row.fetch(sql.c_str()) ) { uint64_t event_id = atoll(eventid_row[0]); @@ -1803,12 +1803,12 @@ void Monitor::Reload() { static char sql[ZM_SQL_MED_BUFSIZ]; // This seems to have fallen out of date. snprintf(sql, sizeof(sql), - "SELECT Function+0, Enabled, LinkedMonitors, EventPrefix, LabelFormat, " - "LabelX, LabelY, LabelSize, WarmupCount, PreEventCount, PostEventCount, " - "AlarmFrameCount, SectionLength, MinSectionLength, FrameSkip, " - "MotionFrameSkip, AnalysisFPSLimit, AnalysisUpdateDelay, MaxFPS, AlarmMaxFPS, " - "FPSReportInterval, RefBlendPerc, AlarmRefBlendPerc, TrackMotion, " - "SignalCheckColour FROM Monitors WHERE Id = '%d'", id); + "SELECT `Function`+0, `Enabled`, `LinkedMonitors`, `EventPrefix`, `LabelFormat`, " + "`LabelX`, `LabelY`, `LabelSize`, `WarmupCount`, `PreEventCount`, `PostEventCount`, " + "`AlarmFrameCount`, `SectionLength`, `MinSectionLength`, `FrameSkip`, " + "`MotionFrameSkip`, `AnalysisFPSLimit`, `AnalysisUpdateDelay`, `MaxFPS`, `AlarmMaxFPS`, " + "`FPSReportInterval`, `RefBlendPerc`, `AlarmRefBlendPerc`, `TrackMotion`, " + "`SignalCheckColour` FROM `Monitors` WHERE `Id` = '%d'", id); zmDbRow *row = zmDbFetchOne(sql); if ( !row ) { @@ -2865,8 +2865,8 @@ std::vector Monitor::Groups() { // At the moment, only load groups once. if ( !groups.size() ) { std::string sql = stringtf( - "SELECT Id,ParentId,Name FROM Groups WHERE Groups.Id IN " - "(SELECT GroupId FROM Groups_Monitors WHERE MonitorId=%d)",id); + "SELECT `Id`, `ParentId`, `Name` FROM `Groups` WHERE `Groups.Id` IN " + "(SELECT `GroupId` FROM `Groups_Monitors` WHERE `MonitorId`=%d)",id); MYSQL_RES *result = zmDbFetch(sql.c_str()); if ( !result ) { Error("Can't load groups: %s", mysql_error(&dbconn)); diff --git a/src/zm_storage.cpp b/src/zm_storage.cpp index ff2ba4997..4bba82bab 100644 --- a/src/zm_storage.cpp +++ b/src/zm_storage.cpp @@ -62,7 +62,7 @@ Storage::Storage( unsigned int p_id ) { if ( p_id ) { char sql[ZM_SQL_SML_BUFSIZ]; - snprintf(sql, sizeof(sql), "SELECT Id, Name, Path, Type, Scheme FROM Storage WHERE Id=%d", p_id); + snprintf(sql, sizeof(sql), "SELECT `Id`, `Name`, `Path`, `Type`, `Scheme` FROM `Storage` WHERE `Id`=%d", p_id); Debug(2,"Loading Storage for %d using %s", p_id, sql ); zmDbRow dbrow; if ( !dbrow.fetch(sql) ) { diff --git a/src/zm_user.cpp b/src/zm_user.cpp index b873b8547..52da3ba98 100644 --- a/src/zm_user.cpp +++ b/src/zm_user.cpp @@ -99,8 +99,8 @@ User *zmLoadUser( const char *username, const char *password ) { snprintf(sql, sizeof(sql), - "SELECT Id, Username, Password, Enabled, Stream+0, Events+0, Control+0, Monitors+0, System+0, MonitorIds" - " FROM Users where Username = '%s' and Enabled = 1", safer_username ); + "SELECT `Id`, `Username`, `Password`, `Enabled`, `Stream`+0, `Events`+0, `Control`+0, `Monitors`+0, `System`+0, `MonitorIds`" + " FROM `Users` WHERE `Username` = '%s' AND `Enabled` = 1", safer_username ); if ( mysql_query(&dbconn, sql) ) { @@ -162,8 +162,8 @@ User *zmLoadTokenUser (std::string jwt_token_str, bool use_remote_addr ) { if (username != "") { char sql[ZM_SQL_MED_BUFSIZ] = ""; snprintf(sql, sizeof(sql), - "SELECT Id, Username, Password, Enabled, Stream+0, Events+0, Control+0, Monitors+0, System+0, MonitorIds, TokenMinExpiry" - " FROM Users WHERE Username = '%s' and Enabled = 1", username.c_str() ); + "SELECT `Id`, `Username`, `Password`, `Enabled`, `Stream`+0, `Events`+0, `Control`+0, `Monitors`+0, `System`+0, `MonitorIds`, `TokenMinExpiry`" + " FROM `Users` WHERE `Username` = '%s' AND `Enabled` = 1", username.c_str() ); if ( mysql_query(&dbconn, sql) ) { Error("Can't run query: %s", mysql_error(&dbconn)); @@ -228,7 +228,7 @@ User *zmLoadAuthUser( const char *auth, bool use_remote_addr ) { Debug( 1, "Attempting to authenticate user from auth string '%s'", auth ); char sql[ZM_SQL_SML_BUFSIZ] = ""; - snprintf( sql, sizeof(sql), "SELECT Id, Username, Password, Enabled, Stream+0, Events+0, Control+0, Monitors+0, System+0, MonitorIds FROM Users WHERE Enabled = 1" ); + snprintf( sql, sizeof(sql), "SELECT `Id`, `Username`, `Password`, `Enabled`, `Stream`+0, `Events`+0, `Control`+0, `Monitors`+0, `System`+0, `MonitorIds` FROM `Users` WHERE `Enabled` = 1" ); if ( mysql_query( &dbconn, sql ) ) { Error( "Can't run query: %s", mysql_error( &dbconn ) ); From 618e6816efe5ac10b5bd71d7ff26c584bec28af9 Mon Sep 17 00:00:00 2001 From: Isaac Connor Date: Thu, 15 Aug 2019 14:59:15 -0400 Subject: [PATCH 420/922] Rework auth. login using username and password only occurs on login action now. Including auth.php should not touch the session. auth_hash logins no longer touch the session. replace userLogin with a function called validateUser which matches the semantics of validateToken. --- web/api/app/Controller/AppController.php | 29 +-- web/api/app/Controller/HostController.php | 10 +- web/includes/actions/login.php | 88 +++++++- web/includes/actions/logout.php | 1 + web/includes/auth.php | 259 ++++++---------------- web/includes/session.php | 4 +- web/index.php | 9 +- 7 files changed, 173 insertions(+), 227 deletions(-) diff --git a/web/api/app/Controller/AppController.php b/web/api/app/Controller/AppController.php index e3b422914..8e9e91888 100644 --- a/web/api/app/Controller/AppController.php +++ b/web/api/app/Controller/AppController.php @@ -68,24 +68,26 @@ class AppController extends Controller { global $user; if ( ZM_OPT_USE_AUTH ) { - if ( ZM_OPT_USE_LEGACY_API_AUTH ) { - # This will auto-login if username=&password= are set, or auth= - require_once __DIR__ .'/../../../includes/auth.php'; - } + # This will auto-login if username=&password= are set, or auth= + require_once __DIR__ .'/../../../includes/auth.php'; + if ( ZM_OPT_USE_LEGACY_API_AUTH or !strcasecmp($this->params->action, 'login') ) { + # This is here because historically we allowed user=&pass= in the api. web-ui auth uses username=&password= $username = $this->request->query('user') ? $this->request->query('user') : $this->request->data('user'); $password = $this->request->query('pass') ? $this->request->query('pass') : $this->request->data('pass'); - if ( $user and $password ) { - // log (user, pass, nothashed, api based login so skip recaptcha) - $user = userLogin($user, $password, false, true); + if ( $username and $password ) { + $ret = validateuser($username, $password); + $user = $ret[0]; + $retstatus = $ret[1]; if ( !$user ) { - throw new UnauthorizedException(__('Incorrect credentials or API disabled')); + throw new UnauthorizedException(__($retstatus)); return; - } - } + } + } + } - # NON LEGACY + # NON LEGACY, token based access $token = $this->request->query('token') ? $this->request->query('token') : $this->request->data('token'); if ( $token ) { // if you pass a token to login, we should only allow @@ -107,9 +109,10 @@ class AppController extends Controller { } } # end if token - if ( $user['APIEnabled'] != 1 ) { + if ( $user and ( $user['APIEnabled'] != 1 ) ) { ZM\Error('API disabled for: '.$user['Username']); - unset($user); + throw new UnauthorizedException(__('API disabled for: '.$user['Username'])); + $user = null; } // We need to reject methods that are not authenticated diff --git a/web/api/app/Controller/HostController.php b/web/api/app/Controller/HostController.php index a5db77e81..e3bfeec2e 100644 --- a/web/api/app/Controller/HostController.php +++ b/web/api/app/Controller/HostController.php @@ -32,11 +32,11 @@ class HostController extends AppController { function login() { - $mUser = $this->request->query('user') ? $this->request->query('user') : $this->request->data('user'); - $mPassword = $this->request->query('pass') ? $this->request->query('pass') : $this->request->data('pass'); + $username = $this->request->query('user') ? $this->request->query('user') : $this->request->data('user'); + $password = $this->request->query('pass') ? $this->request->query('pass') : $this->request->data('pass'); $token = $this->request->query('token') ? $this->request->query('token') : $this->request->data('token'); - if ( !($mUser && $mPassword) && !$token ) { + if ( !($username && $password) && !$token ) { throw new UnauthorizedException(__('No identity provided')); } @@ -44,8 +44,8 @@ class HostController extends AppController { $cred = []; $cred_depr = []; - if ( $mUser && $mPassword ) { - $cred = $this->_getCredentials(true, '', $mUser); // generate refresh + if ( $username && $password ) { + $cred = $this->_getCredentials(true, '', $user); // generate refresh } else { $cred = $this->_getCredentials(false, $token); // don't generate refresh } diff --git a/web/includes/actions/login.php b/web/includes/actions/login.php index 787bb34ca..9d0b41f4c 100644 --- a/web/includes/actions/login.php +++ b/web/includes/actions/login.php @@ -21,14 +21,84 @@ if ( ('login' == $action) && isset($_REQUEST['username']) && ( ZM_AUTH_TYPE == 'remote' || isset($_REQUEST['password']) ) ) { - $refreshParent = true; - // User login is automatically performed in includes/auth.php So we don't need to perform a login here, - // just handle redirects. This is the action that comes from the login view, so the logical thing to - // do on successful auth is redirect to console, otherwise loop back to login. - if ( !$user ) { - $view = 'login'; - } else { - $view = 'postlogin'; + // if true, a popup will display after login + // lets validate reCaptcha if it exists + if ( + defined('ZM_OPT_USE_GOOG_RECAPTCHA') + && defined('ZM_OPT_GOOG_RECAPTCHA_SECRETKEY') + && defined('ZM_OPT_GOOG_RECAPTCHA_SITEKEY') + && ZM_OPT_USE_GOOG_RECAPTCHA + && ZM_OPT_GOOG_RECAPTCHA_SECRETKEY + && ZM_OPT_GOOG_RECAPTCHA_SITEKEY ) + { + $url = 'https://www.google.com/recaptcha/api/siteverify'; + $fields = array ( + 'secret' => ZM_OPT_GOOG_RECAPTCHA_SECRETKEY, + 'response' => $_REQUEST['g-recaptcha-response'], + 'remoteip' => $_SERVER['REMOTE_ADDR'] + ); + $res = do_post_request($url, http_build_query($fields)); + $responseData = json_decode($res, true); + // credit: https://github.com/google/recaptcha/blob/master/src/ReCaptcha/Response.php + // if recaptcha resulted in error, we might have to deny login + if ( isset($responseData['success']) && ($responseData['success'] == false) ) { + // PP - before we deny auth, let's make sure the error was not 'invalid secret' + // because that means the user did not configure the secret key correctly + // in this case, we prefer to let him login in and display a message to correct + // the key. Unfortunately, there is no way to check for invalid site key in code + // as it produces the same error as when you don't answer a recaptcha + if ( isset($responseData['error-codes']) && is_array($responseData['error-codes']) ) { + if ( !in_array('invalid-input-secret', $responseData['error-codes']) ) { + Error('reCaptcha authentication failed'); + return; + } else { + Error('Invalid recaptcha secret detected'); + } + } + } // end if success==false + } // end if using reCaptcha + + // coming here means we need to authenticate the user + // if captcha existed, it was passed + + $username = $_REQUEST['username']; + $password = $_REQUEST['password']; + + $ret = validateUser($username, $password); + if ( !$ret[0] ) { + ZM\Error($ret[1]); + $_SESSION['loginFailed'] = true; + unset($user); // unset should be ok here because we aren't in a function + return; } -} + $close_session = 0; + if ( !is_session_started() ) { + session_start(); + $close_session = 1; + } + $_SESSION['remoteAddr'] = $_SERVER['REMOTE_ADDR']; // To help prevent session hijacking + + ZM\Info("Login successful for user \"$username\""); + $user = $ret[0]; + $password_type = password_type($password); + + if ( $password_type == 'mysql' or $password_type == 'mysql+bcrypt' ) { + ZM\Info('Migrating password, if possible for future logins'); + migrateHash($username, $password); + } + unset($_SESSION['loginFailed']); + if ( ZM_AUTH_TYPE == 'builtin' ) { + $_SESSION['passwordHash'] = $user['Password']; + } + $_SESSION['username'] = $user['Username']; + if ( ZM_AUTH_RELAY == 'plain' ) { + // Need to save this in session, can't use the value in User because it is hashed + $_SESSION['password'] = $_REQUEST['password']; + } + zm_session_regenerate_id(); + if ( $close_session ) + session_write_close(); + + $view = 'postlogin'; +} # end if doing a login action ?> diff --git a/web/includes/actions/logout.php b/web/includes/actions/logout.php index 3b9a7b8d2..aecdb7683 100644 --- a/web/includes/actions/logout.php +++ b/web/includes/actions/logout.php @@ -24,5 +24,6 @@ if ( $action == 'logout' ) { $refreshParent = true; $view = 'none'; $closePopup = true; + ZM\Logger::Debug("User: " . print_r($user,true)); } ?> diff --git a/web/includes/auth.php b/web/includes/auth.php index ee7965dce..1c1a1e5a7 100644 --- a/web/includes/auth.php +++ b/web/includes/auth.php @@ -20,9 +20,23 @@ // require_once('session.php'); require_once(__DIR__.'/../vendor/autoload.php'); - use \Firebase\JWT\JWT; +function password_type($password) { + if ( $password[0] == '*' ) { + return 'mysql'; + } else if ( preg_match('/^\$2[ayb]\$.+$/', $password) ) { + return 'bcrypt'; + } else if ( substr($password, 0,4) == '-ZM-' ) { + // zmupdate.pl adds a '-ZM-' prefix to overlay encrypted passwords + // this is done so that we don't spend cycles doing two bcrypt password_verify calls + // for every wrong password entered. This will only be invoked for passwords zmupdate.pl has + // overlay hashed + return 'mysql+bcrypt'; + } + return 'plain'; +} + // this function migrates mysql hashing to bcrypt, if you are using PHP >= 5.5 // will be called after successful login, only if mysql hashing is detected function migrateHash($user, $pass) { @@ -33,7 +47,6 @@ function migrateHash($user, $pass) { $bcrypt_hash = password_hash($pass, PASSWORD_BCRYPT); //ZM\Info ("hased bcrypt $pass is $bcrypt_hash"); $update_password_sql = 'UPDATE Users SET Password=\''.$bcrypt_hash.'\' WHERE Username=\''.$user.'\''; - ZM\Info($update_password_sql); dbQuery($update_password_sql); # Since password field has changed, existing auth_hash is no longer valid generateAuthHash(ZM_AUTH_HASH_IPS, true); @@ -43,172 +56,70 @@ function migrateHash($user, $pass) { } } -// core function used to login a user to PHP. Is also used for cake sessions for the API -function userLogin($username='', $password='', $passwordHashed=false, $from_api_layer = false) { - - global $user; +// core function used to load a User record by username and password +function validateUser($username='', $password='') { - if ( !$username and isset($_REQUEST['username']) ) - $username = $_REQUEST['username']; - if ( !$password and isset($_REQUEST['password']) ) - $password = $_REQUEST['password']; + $sql = 'SELECT * FROM Users WHERE Enabled=1 AND Username=?'; + // local user, shouldn't affect the global user + $user = dbFetchOne($sql, NULL, array($username)); - // if true, a popup will display after login - // lets validate reCaptcha if it exists - // this only applies if it userLogin was not called from API layer - if ( !$from_api_layer - && defined('ZM_OPT_USE_GOOG_RECAPTCHA') - && defined('ZM_OPT_GOOG_RECAPTCHA_SECRETKEY') - && defined('ZM_OPT_GOOG_RECAPTCHA_SITEKEY') - && ZM_OPT_USE_GOOG_RECAPTCHA - && ZM_OPT_GOOG_RECAPTCHA_SECRETKEY - && ZM_OPT_GOOG_RECAPTCHA_SITEKEY ) - { - $url = 'https://www.google.com/recaptcha/api/siteverify'; - $fields = array ( - 'secret' => ZM_OPT_GOOG_RECAPTCHA_SECRETKEY, - 'response' => $_REQUEST['g-recaptcha-response'], - 'remoteip' => $_SERVER['REMOTE_ADDR'] - ); - $res = do_post_request($url, http_build_query($fields)); - $responseData = json_decode($res, true); - // credit: https://github.com/google/recaptcha/blob/master/src/ReCaptcha/Response.php - // if recaptcha resulted in error, we might have to deny login - if ( isset($responseData['success']) && ($responseData['success'] == false) ) { - // PP - before we deny auth, let's make sure the error was not 'invalid secret' - // because that means the user did not configure the secret key correctly - // in this case, we prefer to let him login in and display a message to correct - // the key. Unfortunately, there is no way to check for invalid site key in code - // as it produces the same error as when you don't answer a recaptcha - if ( isset($responseData['error-codes']) && is_array($responseData['error-codes']) ) { - if ( !in_array('invalid-input-secret', $responseData['error-codes']) ) { - Error('reCaptcha authentication failed'); - return null; - } else { - Error('Invalid recaptcha secret detected'); - } - } - } // end if success==false - } // end if using reCaptcha + if ( ! $user ) { + return array(false, "Could not retrieve user $username details"); + } - // coming here means we need to authenticate the user - // if captcha existed, it was passed - - $sql = 'SELECT * FROM Users WHERE Enabled=1 AND Username = ?'; - $sql_values = array($username); - - // First retrieve the stored password - // and move password hashing to application space - - $saved_user_details = dbFetchOne($sql, NULL, $sql_values); - $password_correct = false; - $password_type = NULL; - - if ( $saved_user_details ) { - - // if the API layer asked us to login, make sure the user - // has API enabled (admin may have banned API for this user) - - if ( $from_api_layer ) { - if ( $saved_user_details['APIEnabled'] != 1 ) { - ZM\Error("API disabled for: $username"); - $_SESSION['loginFailed'] = true; - unset($user); - return false; - } - } - - $saved_password = $saved_user_details['Password']; - if ( $saved_password[0] == '*' ) { - // We assume we don't need to support mysql < 4.1 - // Starting MY SQL 4.1, mysql concats a '*' in front of its password hash - // https://blog.pythian.com/hashing-algorithm-in-mysql-password-2/ - ZM\Logger::Debug('Saved password is using MYSQL password function'); - $input_password_hash = '*'.strtoupper(sha1(sha1($password, true))); - $password_correct = ($saved_password == $input_password_hash); - $password_type = 'mysql'; - - } else if ( preg_match('/^\$2[ayb]\$.+$/', $saved_password) ) { - ZM\Logger::Debug('bcrypt signature found, assumed bcrypt password'); - $password_type = 'bcrypt'; - $password_correct = $passwordHashed ? ($password == $saved_password) : password_verify($password, $saved_password); - } + switch ( password_type($user['Password']) ) { + case 'mysql' : + // We assume we don't need to support mysql < 4.1 + // Starting MY SQL 4.1, mysql concats a '*' in front of its password hash + // https://blog.pythian.com/hashing-algorithm-in-mysql-password-2/ + ZM\Logger::Debug('Saved password is using MYSQL password function'); + $input_password_hash = '*'.strtoupper(sha1(sha1($password, true))); + $password_correct = ($user['Password'] == $input_password_hash); + break; + case 'bcrypt' : + ZM\Logger::Debug('bcrypt signature found, assumed bcrypt password'); + $password_correct = password_verify($password, $user['Password']); + break; + case 'mysql+bcrypt' : // zmupdate.pl adds a '-ZM-' prefix to overlay encrypted passwords // this is done so that we don't spend cycles doing two bcrypt password_verify calls // for every wrong password entered. This will only be invoked for passwords zmupdate.pl has // overlay hashed - else if ( substr($saved_password, 0,4) == '-ZM-' ) { - ZM\Logger::Debug("Detected bcrypt overlay hashing for $username"); - $bcrypt_hash = substr($saved_password, 4); - $mysql_encoded_password = '*'.strtoupper(sha1(sha1($password, true))); - ZM\Logger::Debug("Comparing password $mysql_encoded_password to bcrypt hash: $bcrypt_hash"); - $password_correct = password_verify($mysql_encoded_password, $bcrypt_hash); - $password_type = 'mysql'; // so we can migrate later down - } else { - // we really should nag the user not to use plain - ZM\Warning ('assuming plain text password as signature is not known. Please do not use plain, it is very insecure'); - $password_type = 'plain'; - $password_correct = ($saved_password == $password); - } - } else { - ZM\Error("Could not retrieve user $username details"); - $_SESSION['loginFailed'] = true; - unset($user); - return false; - } - - $close_session = 0; - if ( !is_session_started() ) { - session_start(); - $close_session = 1; - } - $_SESSION['remoteAddr'] = $_SERVER['REMOTE_ADDR']; // To help prevent session hijacking + ZM\Logger::Debug("Detected bcrypt overlay hashing for $username"); + $bcrypt_hash = substr($user['Password'], 4); + $mysql_encoded_password = '*'.strtoupper(sha1(sha1($password, true))); + ZM\Logger::Debug("Comparing password $mysql_encoded_password to bcrypt hash: $bcrypt_hash"); + $password_correct = password_verify($mysql_encoded_password, $bcrypt_hash); + break; + default: + // we really should nag the user not to use plain + ZM\Warning('assuming plain text password as signature is not known. Please do not use plain, it is very insecure'); + $password_correct = ($user['Password'] == $password); + } // switch password_type if ( $password_correct ) { - ZM\Info("Login successful for user \"$username\""); - $user = $saved_user_details; - if ( $password_type == 'mysql' ) { - ZM\Info('Migrating password, if possible for future logins'); - migrateHash($username, $password); - } - unset($_SESSION['loginFailed']); - if ( ZM_AUTH_TYPE == 'builtin' ) { - $_SESSION['passwordHash'] = $user['Password']; - } - $_SESSION['username'] = $user['Username']; - if ( ZM_AUTH_RELAY == 'plain' ) { - // Need to save this in session, can't use the value in User because it is hashed - $_SESSION['password'] = $_REQUEST['password']; - } - zm_session_regenerate_id(); - } else { - ZM\Warning("Login denied for user \"$username\""); - $_SESSION['loginFailed'] = true; - unset($user); + return array($user, 'OK'); } - if ( $close_session ) - session_write_close(); - return isset($user) ? $user: null; -} # end function userLogin + return array(false, "Login denied for user \"$username\""); +} # end function validateUser function userLogout() { global $user; ZM\Info('User "'.$user['Username'].'" logged out'); - unset($user); + $user = null;// unset only clears the local variable zm_session_clear(); } +function validateToken($token, $allowed_token_type='access') { -function validateToken ($token, $allowed_token_type='access', $from_api_layer=false) { global $user; $key = ZM_AUTH_HASH_SECRET; //if (ZM_AUTH_HASH_IPS) $key .= $_SERVER['REMOTE_ADDR']; try { - $decoded_token = JWT::decode($token, $key, array('HS256')); + $decoded_token = JWT::decode($token, $key, array('HS256')); } catch (Exception $e) { ZM\Error("Unable to authenticate user. error decoding JWT token:".$e->getMessage()); - return array(false, $e->getMessage()); } @@ -221,32 +132,21 @@ function validateToken ($token, $allowed_token_type='access', $from_api_layer=fa // give a hint that the user is not doing it right ZM\Error('Please do not use refresh tokens for this operation'); } - return array (false, 'Incorrect token type'); + return array(false, 'Incorrect token type'); } $username = $jwt_payload['user']; - $sql = 'SELECT * FROM Users WHERE Enabled=1 AND Username = ?'; - $sql_values = array($username); - - $saved_user_details = dbFetchOne($sql, NULL, $sql_values); + $sql = 'SELECT * FROM Users WHERE Enabled=1 AND Username=?'; + $saved_user_details = dbFetchOne($sql, NULL, array($username)); if ( $saved_user_details ) { - if ($from_api_layer && $saved_user_details['APIEnabled'] == 0) { - // if from_api_layer is true, an additional check will be done - // to make sure APIs are enabled for this user. This is a good place - // to do it, since we are doing a DB dip here. - ZM\Error("API is disabled for \"$username\""); - unset($user); - return array(false, 'API is disabled for user'); - } - $issuedAt = $jwt_payload['iat']; $minIssuedAt = $saved_user_details['TokenMinExpiry']; if ( $issuedAt < $minIssuedAt ) { ZM\Error("Token revoked for $username. Please generate a new token"); - unset($user); + $user = null;// unset only clears the local variable return array(false, 'Token revoked. Please re-generate'); } @@ -254,12 +154,12 @@ function validateToken ($token, $allowed_token_type='access', $from_api_layer=fa return array($user, 'OK'); } else { ZM\Error("Could not retrieve user $username details"); - unset($user); + $user = null;// unset only clears the local variable return array(false, 'No such user/credentials'); } } // end function validateToken($token, $allowed_token_type='access') -function getAuthUser($auth, $from_api_layer = false) { +function getAuthUser($auth) { if ( ZM_OPT_USE_AUTH && (ZM_AUTH_RELAY == 'hashed') && !empty($auth) ) { $remoteAddr = ''; if ( ZM_AUTH_HASH_IPS ) { @@ -288,16 +188,7 @@ function getAuthUser($auth, $from_api_layer = false) { $authHash = md5($authKey); if ( $auth == $authHash ) { - if ( $from_api_layer && $user['APIEnabled'] == 0 ) { - // if from_api_layer is true, an additional check will be done - // to make sure APIs are enabled for this user. This is a good place - // to do it, since we are doing a DB dip here. - ZM\Error('API is disabled for "'.$user['Username'].'"'); - unset($user); - return array(false, 'API is disabled for user'); - } else { - return $user; - } + return $user; } // en dif $auth == $authHash } // end foreach hour } // end foreach user @@ -360,19 +251,12 @@ function canEdit($area, $mid=false) { return ( $user[$area] == 'Edit' && ( !$mid || visibleMonitor($mid) )); } -global $user; if ( ZM_OPT_USE_AUTH ) { if ( !empty($_REQUEST['token']) ) { $ret = validateToken($_REQUEST['token'], 'access'); $user = $ret[0]; } else { // Non token based auth - - $close_session = 0; - if ( !is_session_started() ) { - zm_session_start(); - $close_session = 1; - } if ( isset($_SESSION['username']) ) { if ( ZM_AUTH_HASH_LOGINS and (ZM_AUTH_RELAY == 'hashed') ) { @@ -387,31 +271,16 @@ if ( ZM_OPT_USE_AUTH ) { } } - if ( ZM_AUTH_RELAY == 'plain' ) { - // Need to save this in session - $_SESSION['password'] = $user['Password']; - } - $_SESSION['remoteAddr'] = $_SERVER['REMOTE_ADDR']; // To help prevent session hijacking - if ( ZM_AUTH_HASH_LOGINS && empty($user) && !empty($_REQUEST['auth']) ) { - if ( $authUser = getAuthUser($_REQUEST['auth']) ) { - userLogin($authUser['Username'], $authUser['Password'], true); - } - } else if ( isset($_REQUEST['username']) and isset($_REQUEST['password']) ) { - userLogin($_REQUEST['username'], $_REQUEST['password'], false); - # Because it might have migrated the password we need to update the hash - generateAuthHash(ZM_AUTH_HASH_IPS, true); + $user = getAuthUser($_REQUEST['auth']); } if ( !empty($user) ) { // generate it once here, while session is open. Value will be cached in session and return when called later on generateAuthHash(ZM_AUTH_HASH_IPS); } - if ( $close_session ) - session_write_close(); } # end if token based auth -} # end if ZM_OPT_USE_AUTH - -if ( !$user ) +} else { $user = $defaultUser; +} # end if ZM_OPT_USE_AUTH ?> diff --git a/web/includes/session.php b/web/includes/session.php index 77ce43143..d111c2d10 100644 --- a/web/includes/session.php +++ b/web/includes/session.php @@ -8,7 +8,6 @@ function zm_session_start() { $currentCookieParams = session_get_cookie_params(); $currentCookieParams['lifetime'] = ZM_COOKIE_LIFETIME; - ZM\Logger::Debug('Setting cookie parameters to lifetime('.$currentCookieParams['lifetime'].') path('.$currentCookieParams['path'].') domain ('.$currentCookieParams['domain'].') secure('.$currentCookieParams['secure'].') httpOnly(1)'); session_set_cookie_params( $currentCookieParams['lifetime'], $currentCookieParams['path'], @@ -18,6 +17,7 @@ function zm_session_start() { ); ini_set('session.name', 'ZMSESSID'); + ZM\Logger::Debug('Setting cookie parameters to lifetime('.$currentCookieParams['lifetime'].') path('.$currentCookieParams['path'].') domain ('.$currentCookieParams['domain'].') secure('.$currentCookieParams['secure'].') httpOnly(1) name:'.session_name()); session_start(); // Do not allow to use expired session ID @@ -66,6 +66,8 @@ function zm_session_clear() { setcookie(session_name(), '', time() - 31536000, $p['path'], $p['domain'], $p['secure'], $p['httponly']); } session_unset(); + session_write_close(); session_destroy(); + session_start(); } // function zm_session_clear() ?> diff --git a/web/index.php b/web/index.php index a4f6160d4..546a3257d 100644 --- a/web/index.php +++ b/web/index.php @@ -166,6 +166,7 @@ $action = null; $error_message = null; $redirect = null; $view = null; +$user = null; if ( isset($_REQUEST['view']) ) $view = detaintPath($_REQUEST['view']); @@ -176,8 +177,9 @@ $request = null; if ( isset($_REQUEST['request']) ) $request = detaintPath($_REQUEST['request']); -# User Login will be performed in auth.php +ZM\Logger::Debug("User " . print_r($user,true)); require_once('includes/auth.php'); +ZM\Logger::Debug("User " . print_r($user,true)); foreach ( getSkinIncludes('skin.php') as $includeFile ) { #ZM\Logger::Debug("including $includeFile"); @@ -187,7 +189,6 @@ foreach ( getSkinIncludes('skin.php') as $includeFile ) { if ( isset($_REQUEST['action']) ) $action = detaintPath($_REQUEST['action']); - # The only variable we really need to set is action. The others are informal. isset($view) || $view = NULL; isset($request) || $request = NULL; @@ -203,7 +204,7 @@ if ( ( $view != 'frames' ) && ( $view != 'archive' ) ) { - require_once( 'includes/csrf/csrf-magic.php' ); + require_once('includes/csrf/csrf-magic.php'); #ZM\Logger::Debug("Calling csrf_check with the following values: \$request = \"$request\", \$view = \"$view\", \$action = \"$action\""); csrf_check(); } @@ -219,7 +220,7 @@ if ( $action ) { } # If I put this here, it protects all views and popups, but it has to go after actions.php because actions.php does the actual logging in. -if ( ZM_OPT_USE_AUTH and !isset($user) and ($view != 'login') ) { +if ( ZM_OPT_USE_AUTH and (!isset($user)) and ($view != 'login') and ($view != 'none') ) { /* AJAX check */ if ( !empty($_SERVER['HTTP_X_REQUESTED_WITH']) && strtolower($_SERVER['HTTP_X_REQUESTED_WITH']) == 'xmlhttprequest' ) { From 7c54ac85a08d0f72c4d49ad5142eba38414eae3f Mon Sep 17 00:00:00 2001 From: Isaac Connor Date: Thu, 15 Aug 2019 15:05:37 -0400 Subject: [PATCH 421/922] remove debugging --- web/index.php | 3 --- 1 file changed, 3 deletions(-) diff --git a/web/index.php b/web/index.php index 546a3257d..7959beaa6 100644 --- a/web/index.php +++ b/web/index.php @@ -177,12 +177,9 @@ $request = null; if ( isset($_REQUEST['request']) ) $request = detaintPath($_REQUEST['request']); -ZM\Logger::Debug("User " . print_r($user,true)); require_once('includes/auth.php'); -ZM\Logger::Debug("User " . print_r($user,true)); foreach ( getSkinIncludes('skin.php') as $includeFile ) { - #ZM\Logger::Debug("including $includeFile"); require_once $includeFile; } From f09941ed4852fd14279938ff472e5b328a96e173 Mon Sep 17 00:00:00 2001 From: Isaac Connor Date: Thu, 15 Aug 2019 15:16:02 -0400 Subject: [PATCH 422/922] timezone errors shouldn't be fatal --- web/includes/functions.php | 4 ++-- 1 file changed, 2 insertions(+), 2 deletions(-) diff --git a/web/includes/functions.php b/web/includes/functions.php index 65633a04d..2524ef65f 100644 --- a/web/includes/functions.php +++ b/web/includes/functions.php @@ -2400,13 +2400,13 @@ function check_timezone() { #"); if ( $sys_tzoffset != $php_tzoffset ) - ZM\Fatal("ZoneMinder is not installed properly: php's date.timezone does not match the system timezone!"); + ZM\Error("ZoneMinder is not installed properly: php's date.timezone does not match the system timezone!"); if ( $sys_tzoffset != $mysql_tzoffset ) ZM\Error("ZoneMinder is not installed properly: mysql's timezone does not match the system timezone! Event lists will display incorrect times."); if (!ini_get('date.timezone') || !date_default_timezone_set(ini_get('date.timezone'))) - ZM\Fatal( "ZoneMinder is not installed properly: php's date.timezone is not set to a valid timezone" ); + ZM\Error("ZoneMinder is not installed properly: php's date.timezone is not set to a valid timezone"); } From 1103928ed73748a6d1d6f597fb583490186481a9 Mon Sep 17 00:00:00 2001 From: Isaac Connor Date: Thu, 15 Aug 2019 15:16:20 -0400 Subject: [PATCH 423/922] only call check_timezone on console for efficiency in all other requests --- web/index.php | 8 ++++++-- 1 file changed, 6 insertions(+), 2 deletions(-) diff --git a/web/index.php b/web/index.php index a4f6160d4..11207f02a 100644 --- a/web/index.php +++ b/web/index.php @@ -77,8 +77,6 @@ if ( $_SERVER['REQUEST_METHOD'] == 'OPTIONS' ) { return; } -// Verify the system, php, and mysql timezones all match -check_timezone(); if ( isset($_GET['skin']) ) { $skin = $_GET['skin']; @@ -169,6 +167,7 @@ $view = null; if ( isset($_REQUEST['view']) ) $view = detaintPath($_REQUEST['view']); + # Add CSP Headers $cspNonce = bin2hex(openssl_random_pseudo_bytes(16)); @@ -193,6 +192,11 @@ isset($view) || $view = NULL; isset($request) || $request = NULL; isset($action) || $action = NULL; +if ( (!$view and !$request) or ($view == 'console') ) { + // Verify the system, php, and mysql timezones all match + check_timezone(); +} + ZM\Logger::Debug("View: $view Request: $request Action: $action User: " . ( isset($user) ? $user['Username'] : 'none' )); if ( ZM_ENABLE_CSRF_MAGIC && From 68052368f7c5b8913c26757b664ad6fcfd5d0fe7 Mon Sep 17 00:00:00 2001 From: Isaac Connor Date: Thu, 15 Aug 2019 16:04:37 -0400 Subject: [PATCH 424/922] use backticks on table and column names. Use data-on-change-this in group dropdown --- web/includes/Group.php | 26 +++++++++++++------------- 1 file changed, 13 insertions(+), 13 deletions(-) diff --git a/web/includes/Group.php b/web/includes/Group.php index c188b553f..a2ad252cd 100644 --- a/web/includes/Group.php +++ b/web/includes/Group.php @@ -118,13 +118,13 @@ class Group extends ZM_Object { if ( is_array($group_id) ) { $group_id_sql_part = ' IN ('.implode(',', array_map(function(){return '?';}, $group_id ) ).')'; - $MonitorIds = dbFetchAll('SELECT MonitorId FROM Groups_Monitors WHERE GroupId'.$group_id_sql_part, 'MonitorId', $group_id); + $MonitorIds = dbFetchAll('SELECT `MonitorId` FROM `Groups_Monitors` WHERE `GroupId`'.$group_id_sql_part, 'MonitorId', $group_id); - $MonitorIds = array_merge($MonitorIds, dbFetchAll('SELECT MonitorId FROM Groups_Monitors WHERE GroupId IN (SELECT Id FROM Groups WHERE ParentId'.$group_id_sql_part.')', 'MonitorId', $group_id)); + $MonitorIds = array_merge($MonitorIds, dbFetchAll('SELECT `MonitorId` FROM `Groups_Monitors` WHERE `GroupId` IN (SELECT `Id` FROM `Groups` WHERE `ParentId`'.$group_id_sql_part.')', 'MonitorId', $group_id)); } else { - $MonitorIds = dbFetchAll('SELECT MonitorId FROM Groups_Monitors WHERE GroupId=?', 'MonitorId', array($group_id)); + $MonitorIds = dbFetchAll('SELECT `MonitorId` FROM `Groups_Monitors` WHERE `GroupId`=?', 'MonitorId', array($group_id)); - $MonitorIds = array_merge($MonitorIds, dbFetchAll('SELECT MonitorId FROM Groups_Monitors WHERE GroupId IN (SELECT Id FROM Groups WHERE ParentId = ?)', 'MonitorId', array($group_id))); + $MonitorIds = array_merge($MonitorIds, dbFetchAll('SELECT `MonitorId` FROM `Groups_Monitors` WHERE `GroupId` IN (SELECT `Id` FROM `Groups` WHERE `ParentId` = ?)', 'MonitorId', array($group_id))); } $groupSql = " find_in_set( M.Id, '".implode(',', $MonitorIds)."' )"; } @@ -132,17 +132,17 @@ class Group extends ZM_Object { } # end public static function get_group_sql( $group_id ) public static function get_monitors_dropdown($options = null) { - $monitor_id = 0; - if ( isset($_REQUEST['monitor_id']) ) { - $monitor_id = $_REQUEST['monitor_id']; - } else if ( isset($_COOKIE['zmMonitorId']) ) { - $monitor_id = $_COOKIE['zmMonitorId']; - } - $sql = 'SELECT * FROM Monitors'; + $monitor_id = 0; + if ( isset($_REQUEST['monitor_id']) ) { + $monitor_id = $_REQUEST['monitor_id']; + } else if ( isset($_COOKIE['zmMonitorId']) ) { + $monitor_id = $_COOKIE['zmMonitorId']; + } + $sql = 'SELECT `Id`,`Name` FROM `Monitors`'; if ( $options ) { $sql .= ' WHERE '. implode(' AND ', array( ( isset($options['groupSql']) ? $options['groupSql']:'') - ) ).' ORDER BY Sequence ASC'; + ) ).' ORDER BY `Sequence` ASC'; } $monitors_dropdown = array(''=>'All'); @@ -153,7 +153,7 @@ class Group extends ZM_Object { $monitors_dropdown[$monitor['Id']] = $monitor['Name']; } - echo htmlSelect('monitor_id', $monitors_dropdown, $monitor_id, array('onchange'=>'changeMonitor(this);')); + echo htmlSelect('monitor_id', $monitors_dropdown, $monitor_id, array('data-on-change-this'=>'changeMonitor')); return $monitor_id; } From 336f45219bf8b05ab288b490cb632eadef8354ce Mon Sep 17 00:00:00 2001 From: Isaac Connor Date: Thu, 15 Aug 2019 16:04:56 -0400 Subject: [PATCH 425/922] fix object caching --- web/includes/Object.php | 42 +++++++++++++++++++++-------------------- 1 file changed, 22 insertions(+), 20 deletions(-) diff --git a/web/includes/Object.php b/web/includes/Object.php index 2b58928d9..4e73da5d3 100644 --- a/web/includes/Object.php +++ b/web/includes/Object.php @@ -8,16 +8,11 @@ class ZM_Object { public function __construct($IdOrRow = NULL) { $class = get_class($this); - global $object_cache; - if ( ! isset($object_cache[$class]) ) - $object_cache[$class] = array(); - $cache = $object_cache[$class]; - - $table = $class::$table; $row = NULL; if ( $IdOrRow ) { if ( is_integer($IdOrRow) or ctype_digit($IdOrRow) ) { + $table = $class::$table; $row = dbFetchOne("SELECT * FROM `$table` WHERE `Id`=?", NULL, array($IdOrRow)); if ( !$row ) { Error("Unable to load $class record for Id=$IdOrRow"); @@ -25,17 +20,24 @@ class ZM_Object { } elseif ( is_array($IdOrRow) ) { $row = $IdOrRow; } - } # end if isset($IdOrRow) - if ( $row ) { - foreach ($row as $k => $v) { - $this->{$k} = $v; + + if ( $row ) { + global $object_cache; + if ( ! isset($object_cache[$class]) ) { + $object_cache[$class] = array(); + } + $cache = &$object_cache[$class]; + + foreach ($row as $k => $v) { + $this->{$k} = $v; + } + $cache[$row['Id']] = $this; } - $cache[$row['Id']] = $this; } else { # Set defaults foreach ( $this->defaults as $k => $v ) $this->{$k} = $v; - } - } + } # end if isset($IdOrRow) + } # end function __construct public function __call($fn, array $args){ if ( count($args) ) { @@ -48,7 +50,7 @@ class ZM_Object { return $this->defaults{$fn}; } else { $backTrace = debug_backtrace(); - Warning("Unknown function call Sensor->$fn from ".print_r($backTrace,true)); + Warning("Unknown function call Object->$fn from ".print_r($backTrace,true)); } } } @@ -98,13 +100,13 @@ class ZM_Object { } } return $results; - } # end public function find() + } # end public function _find() public static function _find_one($class, $parameters = array(), $options = array() ) { global $object_cache; if ( ! isset($object_cache[$class]) ) $object_cache[$class] = array(); - $cache = $object_cache[$class]; + $cache = &$object_cache[$class]; if ( ( count($parameters) == 1 ) and isset($parameters['Id']) and @@ -162,7 +164,7 @@ class ZM_Object { } else if ( is_null($v) ) { $this->{$k} = $v; } else { - Error( "Unknown type $k => $v of var " . gettype( $v ) ); + Error("Unknown type $k => $v of var " . gettype($v)); $this->{$k} = $v; } } # end if method_exists @@ -175,7 +177,7 @@ class ZM_Object { if ( method_exists($this, $field) ) { $old_value = $this->$field(); - Logger::Debug("Checking method $field () ".print_r($old_value,true)." => " . print_r($value,true)); + Logger::Debug("Checking method $field () ".print_r($old_value,true).' => ' . print_r($value,true)); if ( is_array($old_value) ) { $diff = array_recursive_diff($old_value, $value); Logger::Debug("Checking method $field () diff is".print_r($diff,true)); @@ -186,13 +188,13 @@ class ZM_Object { $changes[$field] = $value; } } else if ( array_key_exists($field, $this) ) { - Logger::Debug("Checking field $field => ".$this->{$field} . " ?= " .$value); + Logger::Debug("Checking field $field => ".$this->{$field} . ' ?= ' .$value); if ( $this->{$field} != $value ) { $changes[$field] = $value; } } else if ( array_key_exists($field, $this->defaults) ) { - Logger::Debug("Checking default $field => ".$this->defaults[$field] . " " .$value); + Logger::Debug("Checking default $field => ".$this->defaults[$field] . ' ' .$value); if ( $this->defaults[$field] != $value ) { $changes[$field] = $value; } From efa264e0c7ae633bcc5ea7111dbb53157c739bbb Mon Sep 17 00:00:00 2001 From: Isaac Connor Date: Fri, 16 Aug 2019 10:24:51 -0400 Subject: [PATCH 426/922] Fix playing in reverse. Fix not sending first frame. Fix sql problem with backticks. Not being able to open a frame image is now non-fatal. --- src/zm_eventstream.cpp | 37 ++++++++++++++++++++----------------- src/zm_stream.h | 1 + 2 files changed, 21 insertions(+), 17 deletions(-) diff --git a/src/zm_eventstream.cpp b/src/zm_eventstream.cpp index 4b894c153..6bbfbe5c2 100644 --- a/src/zm_eventstream.cpp +++ b/src/zm_eventstream.cpp @@ -116,7 +116,7 @@ bool EventStream::loadEventData(uint64_t event_id) { snprintf(sql, sizeof(sql), "SELECT `MonitorId`, `StorageId`, `Frames`, unix_timestamp( `StartTime` ) AS StartTimestamp, " - "(SELECT max(`Delta`)-min(`Delta`) FROM `Frames` WHERE `EventId`=`Events.Id`) AS Duration, " + "(SELECT max(`Delta`)-min(`Delta`) FROM `Frames` WHERE `EventId`=`Events`.`Id`) AS Duration, " "`DefaultVideo`, `Scheme`, `SaveJPEGs` FROM `Events` WHERE `Id` = %" PRIu64, event_id); if ( mysql_query(&dbconn, sql) ) { @@ -674,7 +674,7 @@ bool EventStream::sendFrame(int delta_us) { fdj = fopen(filepath, "rb"); if ( !fdj ) { Error("Can't open %s: %s", filepath, strerror(errno)); - return false; + return true; // returning false will cause us to terminate. } #if HAVE_SENDFILE if ( fstat(fileno(fdj),&filestat) < 0 ) { @@ -829,12 +829,6 @@ void EventStream::runStream() { Debug(2, "Not checking command queue"); } - //if ( step != 0 )// Adding 0 is cheaper than an if 0 - // curr_frame_id starts at 1 though, so we might skip the first frame? - curr_frame_id += step; - - // Detects when we hit end of event and will load the next event or previous event - checkEventLoaded(); // Get current frame data FrameData *frame_data = &event_data->frames[curr_frame_id-1]; @@ -926,7 +920,6 @@ void EventStream::runStream() { } // end if streaming stepping or doing nothing if ( send_frame ) { - //Debug(3,"sending frame"); if ( !sendFrame(delta_us) ) zm_terminate = true; } @@ -958,8 +951,11 @@ void EventStream::runStream() { // or calc the relationship from the last frame. I think from the start is better as it self-corrects if ( send_frame && type != STREAM_MPEG ) { - if ( delta_us > 0 ) { - Debug(3, "dUs: %d", delta_us); + if ( delta_us > 0) { + if ( delta_us > MAX_SLEEP_USEC ) { + Debug(1, "Limiting sleep to %d because calculated sleep is too long %d", MAX_SLEEP_USEC, delta_us); + delta_us = MAX_SLEEP_USEC; + } usleep(delta_us); Debug(3, "Done sleeping: %d usec", delta_us); } @@ -971,16 +967,23 @@ void EventStream::runStream() { (unsigned long)((1000000 * ZM_RATE_BASE)/((base_fps?base_fps:1)*abs(replay_rate*2))), ZM_RATE_BASE, (base_fps?base_fps:1), - (replay_rate?abs(replay_rate*2):200) + (replay_rate?abs(replay_rate*2):0) ); - if ( delta_us > 0 and delta_us < 500000 ) { + if ( delta_us > 0 ) { + if ( delta_us > MAX_SLEEP_USEC ) { + Debug(1, "Limiting sleep to %d because calculated sleep is too long %d", MAX_SLEEP_USEC, delta_us); + delta_us = MAX_SLEEP_USEC; + } usleep(delta_us); - } else { - // Never want to sleep for too long, limit to .1s - Warning("sleeping .5s because delta_us (%d) not good!", delta_us); - usleep(500000); } } // end if !paused + + //if ( step != 0 )// Adding 0 is cheaper than an if 0 + // curr_frame_id starts at 1 though, so we might skip the first frame? + curr_frame_id += step; + + // Detects when we hit end of event and will load the next event or previous event + checkEventLoaded(); } // end while ! zm_terminate #if HAVE_LIBAVCODEC if ( type == STREAM_MPEG ) diff --git a/src/zm_stream.h b/src/zm_stream.h index 4f4f144a3..d4443cb39 100644 --- a/src/zm_stream.h +++ b/src/zm_stream.h @@ -36,6 +36,7 @@ public: protected: static const int MAX_STREAM_DELAY = 5; // Seconds + static const int MAX_SLEEP_USEC = 500000; // .5 Seconds static const StreamType DEFAULT_TYPE = STREAM_JPEG; enum { DEFAULT_RATE=ZM_RATE_BASE }; From f813741730de4e0b6af2f09ec386aba8d495a0cc Mon Sep 17 00:00:00 2001 From: Isaac Connor Date: Fri, 16 Aug 2019 11:31:27 -0400 Subject: [PATCH 427/922] Add maxage 7 to logrotate config so that it will clear out all the zms_e logs. --- distros/ubuntu1204/zoneminder.logrotate | 1 + distros/ubuntu1604/zoneminder.logrotate | 1 + 2 files changed, 2 insertions(+) diff --git a/distros/ubuntu1204/zoneminder.logrotate b/distros/ubuntu1204/zoneminder.logrotate index 846abd4fb..3195d0fb2 100644 --- a/distros/ubuntu1204/zoneminder.logrotate +++ b/distros/ubuntu1204/zoneminder.logrotate @@ -9,4 +9,5 @@ endscript daily rotate 7 + maxage 7 } diff --git a/distros/ubuntu1604/zoneminder.logrotate b/distros/ubuntu1604/zoneminder.logrotate index 59238b7fe..6162e9c4d 100644 --- a/distros/ubuntu1604/zoneminder.logrotate +++ b/distros/ubuntu1604/zoneminder.logrotate @@ -9,4 +9,5 @@ endscript daily rotate 7 + maxage 7 } From 376b8af88900b04ebadf1c280ed48d31e8788cb3 Mon Sep 17 00:00:00 2001 From: Isaac Connor Date: Fri, 16 Aug 2019 11:40:38 -0400 Subject: [PATCH 428/922] Make links in donate text actual links --- web/lang/en_gb.php | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/web/lang/en_gb.php b/web/lang/en_gb.php index 0e575fd1f..18a1d72dd 100644 --- a/web/lang/en_gb.php +++ b/web/lang/en_gb.php @@ -300,7 +300,7 @@ $SLANG = array( 'Display' => 'Display', 'Displaying' => 'Displaying', 'DonateAlready' => 'No, I\'ve already donated', - 'DonateEnticement' => 'You\'ve been running ZoneMinder for a while now and hopefully are finding it a useful addition to your home or workplace security. Although ZoneMinder is, and will remain, free and open source, it costs money to develop and support. If you would like to help support future development and new features then please consider donating. Donating is, of course, optional but very much appreciated and you can donate as much or as little as you like.

If you would like to donate please select the option below or go to https://zoneminder.com/donate/ in your browser.

Thank you for using ZoneMinder and don\'t forget to visit the forums on ZoneMinder.com for support or suggestions about how to make your ZoneMinder experience even better.', + 'DonateEnticement' => 'You\'ve been running ZoneMinder for a while now and hopefully are finding it a useful addition to your home or workplace security. Although ZoneMinder is, and will remain, free and open source, it costs money to develop and support. If you would like to help support future development and new features then please consider donating. Donating is, of course, optional but very much appreciated and you can donate as much or as little as you like.

If you would like to donate please select the option below or go to https://zoneminder.com/donate/ in your browser.

Thank you for using ZoneMinder and don\'t forget to visit the forums on ZoneMinder.com for support or suggestions about how to make your ZoneMinder experience even better.', 'Donate' => 'Please Donate', 'DonateRemindDay' => 'Not yet, remind again in 1 day', 'DonateRemindHour' => 'Not yet, remind again in 1 hour', From 4108495a7d642499b4653eca7ecad152e483e450 Mon Sep 17 00:00:00 2001 From: Isaac Connor Date: Fri, 16 Aug 2019 14:12:14 -0400 Subject: [PATCH 429/922] Add session storage if stateful query param is on, but only for LEGACY_API_AUTH --- web/api/app/Controller/AppController.php | 21 +++++++++++++++++++-- 1 file changed, 19 insertions(+), 2 deletions(-) diff --git a/web/api/app/Controller/AppController.php b/web/api/app/Controller/AppController.php index 8e9e91888..a241d1fc5 100644 --- a/web/api/app/Controller/AppController.php +++ b/web/api/app/Controller/AppController.php @@ -75,15 +75,32 @@ class AppController extends Controller { # This is here because historically we allowed user=&pass= in the api. web-ui auth uses username=&password= $username = $this->request->query('user') ? $this->request->query('user') : $this->request->data('user'); $password = $this->request->query('pass') ? $this->request->query('pass') : $this->request->data('pass'); - if ( $username and $password ) { - $ret = validateuser($username, $password); + $ret = validateUser($username, $password); $user = $ret[0]; $retstatus = $ret[1]; if ( !$user ) { throw new UnauthorizedException(__($retstatus)); return; } + ZM\Info("Login successful for user \"$username\""); + } + } + + if ( ZM_OPT_USE_LEGACY_API_AUTH ) { + require_once __DIR__ .'/../../../includes/session.php'; + $stateful = $this->request->query('stateful') ? $this->request->query('stateful') : $this->request->data('stateful'); + if ( $stateful ) { + + session_start(); + $_SESSION['remoteAddr'] = $_SERVER['REMOTE_ADDR']; // To help prevent session hijacking + $_SESSION['username'] = $user['Username']; + if ( ZM_AUTH_RELAY == 'plain' ) { + // Need to save this in session, can't use the value in User because it is hashed + $_SESSION['password'] = $_REQUEST['password']; + } + zm_session_regenerate_id(); + session_write_close(); } } From 1d0ee227d76a65dd4518edc107575bdf3fc06c90 Mon Sep 17 00:00:00 2001 From: Isaac Connor Date: Fri, 16 Aug 2019 14:12:37 -0400 Subject: [PATCH 430/922] fix mUser to username, etc. --- web/api/app/Controller/HostController.php | 18 ++++++++---------- 1 file changed, 8 insertions(+), 10 deletions(-) diff --git a/web/api/app/Controller/HostController.php b/web/api/app/Controller/HostController.php index e3bfeec2e..fd996bdb7 100644 --- a/web/api/app/Controller/HostController.php +++ b/web/api/app/Controller/HostController.php @@ -45,7 +45,7 @@ class HostController extends AppController { $cred_depr = []; if ( $username && $password ) { - $cred = $this->_getCredentials(true, '', $user); // generate refresh + $cred = $this->_getCredentials(true, '', $username); // generate refresh } else { $cred = $this->_getCredentials(false, $token); // don't generate refresh } @@ -55,7 +55,7 @@ class HostController extends AppController { 'access_token_expires' => $cred[1] ); - if ( $mUser && $mPassword ) { + if ( $username && $password ) { $login_array['refresh_token'] = $cred[2]; $login_array['refresh_token_expires'] = $cred[3]; } @@ -115,12 +115,10 @@ class HostController extends AppController { if ( $token ) { // If we have a token, we need to derive username from there $ret = validateToken($token, 'refresh', true); - $mUser = $ret[0]['Username']; - } else { - $mUser = $username; + $username = $ret[0]['Username']; } - ZM\Info("Creating token for \"$mUser\""); + ZM\Info("Creating token for \"$username\""); /* we won't support AUTH_HASH_IPS in token mode reasons: @@ -144,7 +142,7 @@ class HostController extends AppController { 'iss' => 'ZoneMinder', 'iat' => $access_issued_at, 'exp' => $access_expire_at, - 'user' => $mUser, + 'user' => $username, 'type' => 'access' ); @@ -154,15 +152,15 @@ class HostController extends AppController { $refresh_ttl = 0; if ( $generate_refresh_token ) { - $refresh_issued_at = time(); + $refresh_issued_at = time(); $refresh_ttl = 24 * 3600; // 1 day - $refresh_expire_at = $refresh_issued_at + $refresh_ttl; + $refresh_expire_at = $refresh_issued_at + $refresh_ttl; $refresh_token = array( 'iss' => 'ZoneMinder', 'iat' => $refresh_issued_at, 'exp' => $refresh_expire_at, - 'user' => $mUser, + 'user' => $username, 'type' => 'refresh' ); $jwt_refresh_token = \Firebase\JWT\JWT::encode($refresh_token, ZM_AUTH_HASH_SECRET, 'HS256'); From 51c7f0b73f5f49b59ec352b1e8118b6aba52d493 Mon Sep 17 00:00:00 2001 From: Isaac Connor Date: Fri, 16 Aug 2019 14:12:52 -0400 Subject: [PATCH 431/922] shuffle lines --- web/includes/actions/login.php | 3 ++- 1 file changed, 2 insertions(+), 1 deletion(-) diff --git a/web/includes/actions/login.php b/web/includes/actions/login.php index 9d0b41f4c..8cafa3b26 100644 --- a/web/includes/actions/login.php +++ b/web/includes/actions/login.php @@ -71,6 +71,8 @@ if ( ('login' == $action) && isset($_REQUEST['username']) && ( ZM_AUTH_TYPE == ' unset($user); // unset should be ok here because we aren't in a function return; } + $user = $ret[0]; + $close_session = 0; if ( !is_session_started() ) { session_start(); @@ -79,7 +81,6 @@ if ( ('login' == $action) && isset($_REQUEST['username']) && ( ZM_AUTH_TYPE == ' $_SESSION['remoteAddr'] = $_SERVER['REMOTE_ADDR']; // To help prevent session hijacking ZM\Info("Login successful for user \"$username\""); - $user = $ret[0]; $password_type = password_type($password); if ( $password_type == 'mysql' or $password_type == 'mysql+bcrypt' ) { From 3475a11e15fa520480de02342821c8e3fcfa8e0a Mon Sep 17 00:00:00 2001 From: Isaac Connor Date: Fri, 16 Aug 2019 14:13:13 -0400 Subject: [PATCH 432/922] use instead of session when generating auth hash. --- web/includes/auth.php | 14 +++++++------- 1 file changed, 7 insertions(+), 7 deletions(-) diff --git a/web/includes/auth.php b/web/includes/auth.php index 1c1a1e5a7..ce3e782d1 100644 --- a/web/includes/auth.php +++ b/web/includes/auth.php @@ -152,11 +152,10 @@ function validateToken($token, $allowed_token_type='access') { $user = $saved_user_details; return array($user, 'OK'); - } else { - ZM\Error("Could not retrieve user $username details"); - $user = null;// unset only clears the local variable - return array(false, 'No such user/credentials'); } + ZM\Error("Could not retrieve user $username details"); + $user = null;// unset only clears the local variable + return array(false, 'No such user/credentials'); } // end function validateToken($token, $allowed_token_type='access') function getAuthUser($auth) { @@ -198,7 +197,8 @@ function getAuthUser($auth) { } // end getAuthUser($auth) function generateAuthHash($useRemoteAddr, $force=false) { - if ( ZM_OPT_USE_AUTH and (ZM_AUTH_RELAY == 'hashed') and isset($_SESSION['username']) and $_SESSION['passwordHash'] ) { + global $user; + if ( ZM_OPT_USE_AUTH and (ZM_AUTH_RELAY == 'hashed') and isset($user['Username']) and isset($user['Password']) ) { $time = time(); # We use 1800 so that we regenerate the hash at half the TTL @@ -209,9 +209,9 @@ function generateAuthHash($useRemoteAddr, $force=false) { $local_time = localtime(); $authKey = ''; if ( $useRemoteAddr ) { - $authKey = ZM_AUTH_HASH_SECRET.$_SESSION['username'].$_SESSION['passwordHash'].$_SESSION['remoteAddr'].$local_time[2].$local_time[3].$local_time[4].$local_time[5]; + $authKey = ZM_AUTH_HASH_SECRET.$user['Username'].$user['Password'].$_SESSION['remoteAddr'].$local_time[2].$local_time[3].$local_time[4].$local_time[5]; } else { - $authKey = ZM_AUTH_HASH_SECRET.$_SESSION['username'].$_SESSION['passwordHash'].$local_time[2].$local_time[3].$local_time[4].$local_time[5]; + $authKey = ZM_AUTH_HASH_SECRET.$user['Username'].$user['Password'].$local_time[2].$local_time[3].$local_time[4].$local_time[5]; } #ZM\Logger::Debug("Generated using hour:".$local_time[2] . ' mday:' . $local_time[3] . ' month:'.$local_time[4] . ' year: ' . $local_time[5] ); $auth = md5($authKey); From ba94e9894961b180d1f120ee96907fe42fe23351 Mon Sep 17 00:00:00 2001 From: Isaac Connor Date: Fri, 16 Aug 2019 14:24:51 -0400 Subject: [PATCH 433/922] Add docs regarding the use of cookies and stateful query param --- docs/api.rst | 10 +++++++--- 1 file changed, 7 insertions(+), 3 deletions(-) diff --git a/docs/api.rst b/docs/api.rst index 177678977..b7a83c223 100644 --- a/docs/api.rst +++ b/docs/api.rst @@ -24,7 +24,7 @@ The ZoneMinder API has evolved over time. Broadly speaking the iterations were a * You use cookies to maintain session state (`ZM_SESS_ID`) * You use an authentication hash to validate yourself, which included encoding personal information and time stamps which at times caused timing validation issues, especially for mobile consumers * Starting version 1.34, ZoneMinder has introduced a new "token" based system which is based JWT. We have given it a '2.0' version ID. These tokens don't encode any personal data and can be statelessly passed around per request. It introduces concepts like access tokens, refresh tokens and per user level API revocation to manage security better. The internal components of ZoneMinder all support this new scheme now and if you are using the APIs we strongly recommend you migrate to 1.34 and use this new token system (as a side note, 1.34 also moves from MYSQL PASSWORD to Bcrypt for passwords, which is also a good reason why you should migate). -* Note that as of 1.34, both versions of API access will work (tokens and the older auth hash mechanism). +* Note that as of 1.34, both versions of API access will work (tokens and the older auth hash mechanism), however we no longer use sessions by default. You will have to add a stateful=1 query parameter during login to tell ZM to set a COOKIE and store the required info in the session. This option is only available if OPT_USE_LEGACY_API_AUTH is set to ON. .. NOTE:: For the rest of the document, we will specifically highlight v2.0 only features. If you don't see a special mention, assume it applies for both API versions. @@ -51,10 +51,14 @@ To get an API key: :: - curl -XPOST [-c cookies.txt] -d "user=yourusername&pass=yourpassword" https://yourserver/zm/api/host/login.json + curl -XPOST -d "user=yourusername&pass=yourpassword" https://yourserver/zm/api/host/login.json -The ``[-c cookies.txt]`` is optional, and will be explained in the next section. +If you want to use a stateful connection, so you don't have to pass auth credentials with each query, you can use the following: + +:: + + curl -XPOST -c cookies.txt -d "user=yourusername&pass=yourpassword&stateful=1" https://yourserver/zm/api/host/login.json This returns a payload like this for API v1.0: From 660eddc69dc35ae86690d6562e688bb502973425 Mon Sep 17 00:00:00 2001 From: Isaac Connor Date: Fri, 16 Aug 2019 15:06:56 -0400 Subject: [PATCH 434/922] Only open/close session if we are clearing a session var --- web/includes/Group.php | 4 ++-- 1 file changed, 2 insertions(+), 2 deletions(-) diff --git a/web/includes/Group.php b/web/includes/Group.php index a2ad252cd..3478f67f0 100644 --- a/web/includes/Group.php +++ b/web/includes/Group.php @@ -54,16 +54,16 @@ class Group extends ZM_Object { public static function get_group_dropdown( ) { - session_start(); $selected_group_id = 0; if ( isset($_REQUEST['groups']) ) { $selected_group_id = $group_id = $_SESSION['groups'] = $_REQUEST['groups']; } else if ( isset( $_SESSION['groups'] ) ) { $selected_group_id = $group_id = $_SESSION['groups']; } else if ( isset($_REQUEST['filtering']) ) { + zm_session_start(); unset($_SESSION['groups']); + session_write_close(); } - session_write_close(); return htmlSelect( 'Group[]', Group::get_dropdown_options(), isset($_SESSION['Group'])?$_SESSION['Group']:null, array( 'data-on-change' => 'submitThisForm', From cfeedd39a44d9818630396c71896d5cb00a0965d Mon Sep 17 00:00:00 2001 From: Isaac Connor Date: Fri, 16 Aug 2019 15:07:20 -0400 Subject: [PATCH 435/922] Use zm_session_start instead of session_start --- web/api/app/Controller/AppController.php | 3 +-- 1 file changed, 1 insertion(+), 2 deletions(-) diff --git a/web/api/app/Controller/AppController.php b/web/api/app/Controller/AppController.php index a241d1fc5..b6ef078be 100644 --- a/web/api/app/Controller/AppController.php +++ b/web/api/app/Controller/AppController.php @@ -92,14 +92,13 @@ class AppController extends Controller { $stateful = $this->request->query('stateful') ? $this->request->query('stateful') : $this->request->data('stateful'); if ( $stateful ) { - session_start(); + zm_session_start(); $_SESSION['remoteAddr'] = $_SERVER['REMOTE_ADDR']; // To help prevent session hijacking $_SESSION['username'] = $user['Username']; if ( ZM_AUTH_RELAY == 'plain' ) { // Need to save this in session, can't use the value in User because it is hashed $_SESSION['password'] = $_REQUEST['password']; } - zm_session_regenerate_id(); session_write_close(); } } From 28155ebd9047a655625cc62789b15f6df6a89994 Mon Sep 17 00:00:00 2001 From: Isaac Connor Date: Fri, 16 Aug 2019 15:08:10 -0400 Subject: [PATCH 436/922] Should use zm_session_start instead of session_start --- web/includes/actions/login.php | 2 +- web/includes/auth.php | 2 +- 2 files changed, 2 insertions(+), 2 deletions(-) diff --git a/web/includes/actions/login.php b/web/includes/actions/login.php index 8cafa3b26..aa1034431 100644 --- a/web/includes/actions/login.php +++ b/web/includes/actions/login.php @@ -75,7 +75,7 @@ if ( ('login' == $action) && isset($_REQUEST['username']) && ( ZM_AUTH_TYPE == ' $close_session = 0; if ( !is_session_started() ) { - session_start(); + zm_session_start(); $close_session = 1; } $_SESSION['remoteAddr'] = $_SERVER['REMOTE_ADDR']; // To help prevent session hijacking diff --git a/web/includes/auth.php b/web/includes/auth.php index ce3e782d1..4d356513c 100644 --- a/web/includes/auth.php +++ b/web/includes/auth.php @@ -217,7 +217,7 @@ function generateAuthHash($useRemoteAddr, $force=false) { $auth = md5($authKey); $close_session = 0; if ( !is_session_started() ) { - session_start(); + zm_session_start(); $close_session = 1; } $_SESSION['AuthHash'.$_SESSION['remoteAddr']] = $auth; From 070b8066f279db122e5d6dbef5abd6120c96bde8 Mon Sep 17 00:00:00 2001 From: Isaac Connor Date: Fri, 16 Aug 2019 15:08:35 -0400 Subject: [PATCH 437/922] document that zm_session_start should be called previously to session_regenerate_id --- web/includes/session.php | 3 ++- 1 file changed, 2 insertions(+), 1 deletion(-) diff --git a/web/includes/session.php b/web/includes/session.php index d111c2d10..4832957fa 100644 --- a/web/includes/session.php +++ b/web/includes/session.php @@ -28,7 +28,8 @@ function zm_session_start() { } } // function zm_session_start() -// My session regenerate id function +// session regenerate id function +// Assumes that zm_session_start has been called previously function zm_session_regenerate_id() { if ( session_status() != PHP_SESSION_ACTIVE ) { session_start(); From d39da61b6697fbf3f92aa6f4f75ea395cb54b71e Mon Sep 17 00:00:00 2001 From: Isaac Connor Date: Fri, 16 Aug 2019 15:27:24 -0400 Subject: [PATCH 438/922] Don't actually write out the session when generating auth hashes. Means they should never actually persist. --- web/includes/auth.php | 12 ++---------- 1 file changed, 2 insertions(+), 10 deletions(-) diff --git a/web/includes/auth.php b/web/includes/auth.php index 4d356513c..514a87ae0 100644 --- a/web/includes/auth.php +++ b/web/includes/auth.php @@ -204,6 +204,7 @@ function generateAuthHash($useRemoteAddr, $force=false) { # We use 1800 so that we regenerate the hash at half the TTL $mintime = $time - ( ZM_AUTH_HASH_TTL * 1800 ); + # Appending the remoteAddr prevents us from using an auth hash generated for a different ip if ( $force or ( !isset($_SESSION['AuthHash'.$_SESSION['remoteAddr']]) ) or ( $_SESSION['AuthHashGeneratedAt'] < $mintime ) ) { # Don't both regenerating Auth Hash if an hour hasn't gone by yet $local_time = localtime(); @@ -215,18 +216,9 @@ function generateAuthHash($useRemoteAddr, $force=false) { } #ZM\Logger::Debug("Generated using hour:".$local_time[2] . ' mday:' . $local_time[3] . ' month:'.$local_time[4] . ' year: ' . $local_time[5] ); $auth = md5($authKey); - $close_session = 0; - if ( !is_session_started() ) { - zm_session_start(); - $close_session = 1; - } $_SESSION['AuthHash'.$_SESSION['remoteAddr']] = $auth; $_SESSION['AuthHashGeneratedAt'] = $time; - if ( $close_session ) - session_write_close(); - #ZM\Logger::Debug("Generated new auth $auth at " . $_SESSION['AuthHashGeneratedAt']. " using $authKey" ); - #} else { - #ZM\Logger::Debug("Using cached auth " . $_SESSION['AuthHash'] ." beacuse generatedat:" . $_SESSION['AuthHashGeneratedAt'] . ' < now:'. $time . ' - ' . ZM_AUTH_HASH_TTL . ' * 1800 = '. $mintime); + # Because we don't write out the session, it shouldn't actually get written out to disk. However if it does, the GeneratedAt should protect us. } # end if AuthHash is not cached return $_SESSION['AuthHash'.$_SESSION['remoteAddr']]; } # end if using AUTH and AUTH_RELAY From d4642966370a5d433138b2d2fc27b2d2ba30be6e Mon Sep 17 00:00:00 2001 From: Isaac Connor Date: Sat, 17 Aug 2019 14:36:52 -0400 Subject: [PATCH 439/922] More backticking of SQL --- src/zm_monitor.cpp | 38 ++++++++++++++++++++++---------------- 1 file changed, 22 insertions(+), 16 deletions(-) diff --git a/src/zm_monitor.cpp b/src/zm_monitor.cpp index 1b9442f75..f8f32ecd7 100644 --- a/src/zm_monitor.cpp +++ b/src/zm_monitor.cpp @@ -965,7 +965,7 @@ void Monitor::actionEnable() { db_mutex.lock(); static char sql[ZM_SQL_SML_BUFSIZ]; - snprintf(sql, sizeof(sql), "UPDATE Monitors SET Enabled = 1 WHERE Id = %d", id); + snprintf(sql, sizeof(sql), "UPDATE `Monitors` SET `Enabled` = 1 WHERE `Id` = %d", id); if ( mysql_query(&dbconn, sql) ) { Error("Can't run query: %s", mysql_error(&dbconn)); } @@ -976,7 +976,7 @@ void Monitor::actionDisable() { shared_data->action |= RELOAD; static char sql[ZM_SQL_SML_BUFSIZ]; - snprintf(sql, sizeof(sql), "update Monitors set Enabled = 0 where Id = %d", id); + snprintf(sql, sizeof(sql), "UPDATE `Monitors` SET i`Enabled` = 0 WHERE `Id` = %d", id); db_mutex.lock(); if ( mysql_query(&dbconn, sql) ) { Error("Can't run query: %s", mysql_error(&dbconn)); @@ -1946,7 +1946,13 @@ void Monitor::ReloadLinkedMonitors(const char *p_linked_monitors) { db_mutex.lock(); static char sql[ZM_SQL_SML_BUFSIZ]; - snprintf(sql, sizeof(sql), "select Id, Name from Monitors where Id = %d and Function != 'None' and Function != 'Monitor' and Enabled = 1", link_ids[i] ); + snprintf(sql, sizeof(sql), + "SELECT `Id`, `Name` FROM `Monitors`" + " WHERE `Id` = %d" + " AND `Function` != 'None'" + " AND `Function` != 'Monitor'" + " AND `Enabled`=1", + link_ids[i] ); if ( mysql_query(&dbconn, sql) ) { db_mutex.unlock(); Error("Can't run query: %s", mysql_error(&dbconn)); @@ -2003,44 +2009,44 @@ int Monitor::LoadMonitors(std::string sql, Monitor **&monitors, Purpose purpose) #if ZM_HAS_V4L int Monitor::LoadLocalMonitors(const char *device, Monitor **&monitors, Purpose purpose) { - std::string sql = load_monitor_sql + " WHERE Function != 'None' AND Type = 'Local'"; + std::string sql = load_monitor_sql + " WHERE `Function` != 'None' AND `Type` = 'Local'"; if ( device[0] ) - sql += " AND Device='" + std::string(device) + "'"; + sql += " AND `Device`='" + std::string(device) + "'"; if ( staticConfig.SERVER_ID ) - sql += stringtf(" AND ServerId=%d", staticConfig.SERVER_ID); + sql += stringtf(" AND `ServerId`=%d", staticConfig.SERVER_ID); return LoadMonitors(sql, monitors, purpose); } // end int Monitor::LoadLocalMonitors(const char *device, Monitor **&monitors, Purpose purpose) #endif // ZM_HAS_V4L int Monitor::LoadRemoteMonitors(const char *protocol, const char *host, const char *port, const char *path, Monitor **&monitors, Purpose purpose) { - std::string sql = load_monitor_sql + " WHERE Function != 'None' AND Type = 'Remote'"; + std::string sql = load_monitor_sql + " WHERE `Function` != 'None' AND `Type` = 'Remote'"; if ( staticConfig.SERVER_ID ) - sql += stringtf(" AND ServerId=%d", staticConfig.SERVER_ID); + sql += stringtf(" AND `ServerId`=%d", staticConfig.SERVER_ID); if ( protocol ) - sql += stringtf(" AND Protocol = '%s' and Host = '%s' and Port = '%s' and Path = '%s'", protocol, host, port, path); + sql += stringtf(" AND `Protocol` = '%s' AND `Host` = '%s' AND `Port` = '%s' AND `Path` = '%s'", protocol, host, port, path); return LoadMonitors(sql, monitors, purpose); } // end int Monitor::LoadRemoteMonitors int Monitor::LoadFileMonitors(const char *file, Monitor **&monitors, Purpose purpose) { - std::string sql = load_monitor_sql + " WHERE Function != 'None' AND Type = 'File'"; + std::string sql = load_monitor_sql + " WHERE `Function` != 'None' AND `Type` = 'File'"; if ( file[0] ) - sql += " AND Path='" + std::string(file) + "'"; + sql += " AND `Path`='" + std::string(file) + "'"; if ( staticConfig.SERVER_ID ) { - sql += stringtf(" AND ServerId=%d", staticConfig.SERVER_ID); + sql += stringtf(" AND `ServerId`=%d", staticConfig.SERVER_ID); } return LoadMonitors(sql, monitors, purpose); } // end int Monitor::LoadFileMonitors #if HAVE_LIBAVFORMAT int Monitor::LoadFfmpegMonitors(const char *file, Monitor **&monitors, Purpose purpose) { - std::string sql = load_monitor_sql + " WHERE Function != 'None' AND Type = 'Ffmpeg'"; + std::string sql = load_monitor_sql + " WHERE `Function` != 'None' AND `Type` = 'Ffmpeg'"; if ( file[0] ) - sql += " AND Path = '" + std::string(file) + "'"; + sql += " AND `Path` = '" + std::string(file) + "'"; if ( staticConfig.SERVER_ID ) { - sql += stringtf(" AND ServerId=%d", staticConfig.SERVER_ID); + sql += stringtf(" AND `ServerId`=%d", staticConfig.SERVER_ID); } return LoadMonitors(sql, monitors, purpose); } // end int Monitor::LoadFfmpegMonitors @@ -2380,7 +2386,7 @@ Monitor *Monitor::Load(MYSQL_ROW dbrow, bool load_zones, Purpose purpose) { } // end Monitor *Monitor::Load(MYSQL_ROW dbrow, bool load_zones, Purpose purpose) Monitor *Monitor::Load(unsigned int p_id, bool load_zones, Purpose purpose) { - std::string sql = load_monitor_sql + stringtf(" WHERE Id=%d", p_id); + std::string sql = load_monitor_sql + stringtf(" WHERE `Id`=%d", p_id); zmDbRow dbrow; if ( ! dbrow.fetch(sql.c_str()) ) { From 503cf6cd249d2a76d84ad01d646d96f24120561f Mon Sep 17 00:00:00 2001 From: Isaac Connor Date: Sat, 17 Aug 2019 14:36:52 -0400 Subject: [PATCH 440/922] More backticking of SQL --- src/zm_monitor.cpp | 38 ++++++++++++++++++++++---------------- 1 file changed, 22 insertions(+), 16 deletions(-) diff --git a/src/zm_monitor.cpp b/src/zm_monitor.cpp index 1b9442f75..f8f32ecd7 100644 --- a/src/zm_monitor.cpp +++ b/src/zm_monitor.cpp @@ -965,7 +965,7 @@ void Monitor::actionEnable() { db_mutex.lock(); static char sql[ZM_SQL_SML_BUFSIZ]; - snprintf(sql, sizeof(sql), "UPDATE Monitors SET Enabled = 1 WHERE Id = %d", id); + snprintf(sql, sizeof(sql), "UPDATE `Monitors` SET `Enabled` = 1 WHERE `Id` = %d", id); if ( mysql_query(&dbconn, sql) ) { Error("Can't run query: %s", mysql_error(&dbconn)); } @@ -976,7 +976,7 @@ void Monitor::actionDisable() { shared_data->action |= RELOAD; static char sql[ZM_SQL_SML_BUFSIZ]; - snprintf(sql, sizeof(sql), "update Monitors set Enabled = 0 where Id = %d", id); + snprintf(sql, sizeof(sql), "UPDATE `Monitors` SET i`Enabled` = 0 WHERE `Id` = %d", id); db_mutex.lock(); if ( mysql_query(&dbconn, sql) ) { Error("Can't run query: %s", mysql_error(&dbconn)); @@ -1946,7 +1946,13 @@ void Monitor::ReloadLinkedMonitors(const char *p_linked_monitors) { db_mutex.lock(); static char sql[ZM_SQL_SML_BUFSIZ]; - snprintf(sql, sizeof(sql), "select Id, Name from Monitors where Id = %d and Function != 'None' and Function != 'Monitor' and Enabled = 1", link_ids[i] ); + snprintf(sql, sizeof(sql), + "SELECT `Id`, `Name` FROM `Monitors`" + " WHERE `Id` = %d" + " AND `Function` != 'None'" + " AND `Function` != 'Monitor'" + " AND `Enabled`=1", + link_ids[i] ); if ( mysql_query(&dbconn, sql) ) { db_mutex.unlock(); Error("Can't run query: %s", mysql_error(&dbconn)); @@ -2003,44 +2009,44 @@ int Monitor::LoadMonitors(std::string sql, Monitor **&monitors, Purpose purpose) #if ZM_HAS_V4L int Monitor::LoadLocalMonitors(const char *device, Monitor **&monitors, Purpose purpose) { - std::string sql = load_monitor_sql + " WHERE Function != 'None' AND Type = 'Local'"; + std::string sql = load_monitor_sql + " WHERE `Function` != 'None' AND `Type` = 'Local'"; if ( device[0] ) - sql += " AND Device='" + std::string(device) + "'"; + sql += " AND `Device`='" + std::string(device) + "'"; if ( staticConfig.SERVER_ID ) - sql += stringtf(" AND ServerId=%d", staticConfig.SERVER_ID); + sql += stringtf(" AND `ServerId`=%d", staticConfig.SERVER_ID); return LoadMonitors(sql, monitors, purpose); } // end int Monitor::LoadLocalMonitors(const char *device, Monitor **&monitors, Purpose purpose) #endif // ZM_HAS_V4L int Monitor::LoadRemoteMonitors(const char *protocol, const char *host, const char *port, const char *path, Monitor **&monitors, Purpose purpose) { - std::string sql = load_monitor_sql + " WHERE Function != 'None' AND Type = 'Remote'"; + std::string sql = load_monitor_sql + " WHERE `Function` != 'None' AND `Type` = 'Remote'"; if ( staticConfig.SERVER_ID ) - sql += stringtf(" AND ServerId=%d", staticConfig.SERVER_ID); + sql += stringtf(" AND `ServerId`=%d", staticConfig.SERVER_ID); if ( protocol ) - sql += stringtf(" AND Protocol = '%s' and Host = '%s' and Port = '%s' and Path = '%s'", protocol, host, port, path); + sql += stringtf(" AND `Protocol` = '%s' AND `Host` = '%s' AND `Port` = '%s' AND `Path` = '%s'", protocol, host, port, path); return LoadMonitors(sql, monitors, purpose); } // end int Monitor::LoadRemoteMonitors int Monitor::LoadFileMonitors(const char *file, Monitor **&monitors, Purpose purpose) { - std::string sql = load_monitor_sql + " WHERE Function != 'None' AND Type = 'File'"; + std::string sql = load_monitor_sql + " WHERE `Function` != 'None' AND `Type` = 'File'"; if ( file[0] ) - sql += " AND Path='" + std::string(file) + "'"; + sql += " AND `Path`='" + std::string(file) + "'"; if ( staticConfig.SERVER_ID ) { - sql += stringtf(" AND ServerId=%d", staticConfig.SERVER_ID); + sql += stringtf(" AND `ServerId`=%d", staticConfig.SERVER_ID); } return LoadMonitors(sql, monitors, purpose); } // end int Monitor::LoadFileMonitors #if HAVE_LIBAVFORMAT int Monitor::LoadFfmpegMonitors(const char *file, Monitor **&monitors, Purpose purpose) { - std::string sql = load_monitor_sql + " WHERE Function != 'None' AND Type = 'Ffmpeg'"; + std::string sql = load_monitor_sql + " WHERE `Function` != 'None' AND `Type` = 'Ffmpeg'"; if ( file[0] ) - sql += " AND Path = '" + std::string(file) + "'"; + sql += " AND `Path` = '" + std::string(file) + "'"; if ( staticConfig.SERVER_ID ) { - sql += stringtf(" AND ServerId=%d", staticConfig.SERVER_ID); + sql += stringtf(" AND `ServerId`=%d", staticConfig.SERVER_ID); } return LoadMonitors(sql, monitors, purpose); } // end int Monitor::LoadFfmpegMonitors @@ -2380,7 +2386,7 @@ Monitor *Monitor::Load(MYSQL_ROW dbrow, bool load_zones, Purpose purpose) { } // end Monitor *Monitor::Load(MYSQL_ROW dbrow, bool load_zones, Purpose purpose) Monitor *Monitor::Load(unsigned int p_id, bool load_zones, Purpose purpose) { - std::string sql = load_monitor_sql + stringtf(" WHERE Id=%d", p_id); + std::string sql = load_monitor_sql + stringtf(" WHERE `Id`=%d", p_id); zmDbRow dbrow; if ( ! dbrow.fetch(sql.c_str()) ) { From 369dd03909c7a2476eff4f7ad72e24f530918f16 Mon Sep 17 00:00:00 2001 From: Isaac Connor Date: Sun, 18 Aug 2019 21:32:19 -0400 Subject: [PATCH 441/922] remove errant i --- src/zm_monitor.cpp | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/src/zm_monitor.cpp b/src/zm_monitor.cpp index f8f32ecd7..d8d06016a 100644 --- a/src/zm_monitor.cpp +++ b/src/zm_monitor.cpp @@ -976,7 +976,7 @@ void Monitor::actionDisable() { shared_data->action |= RELOAD; static char sql[ZM_SQL_SML_BUFSIZ]; - snprintf(sql, sizeof(sql), "UPDATE `Monitors` SET i`Enabled` = 0 WHERE `Id` = %d", id); + snprintf(sql, sizeof(sql), "UPDATE `Monitors` SET `Enabled` = 0 WHERE `Id` = %d", id); db_mutex.lock(); if ( mysql_query(&dbconn, sql) ) { Error("Can't run query: %s", mysql_error(&dbconn)); From 239c68dd7f91fb0dff30c5c07f1b627b90fcf13d Mon Sep 17 00:00:00 2001 From: Isaac Connor Date: Mon, 19 Aug 2019 08:58:52 -0400 Subject: [PATCH 442/922] add .. to fix #2686 --- web/skins/classic/css/classic/skin.css | 4 ++-- 1 file changed, 2 insertions(+), 2 deletions(-) diff --git a/web/skins/classic/css/classic/skin.css b/web/skins/classic/css/classic/skin.css index b90412093..6f3ed4b97 100644 --- a/web/skins/classic/css/classic/skin.css +++ b/web/skins/classic/css/classic/skin.css @@ -324,14 +324,14 @@ th.table-th-sort span.table-th-sort-span { float: right; width: 12px; height: 12px; - background: url("/skins/classic/graphics/arrow-s-u.png") no-repeat 0 0; + background: url("../skins/classic/graphics/arrow-s-u.png") no-repeat 0 0; } th.table-th-sort-rev span.table-th-sort-span { float: right; width: 12px; height: 12px; - background: url("/skins/classic/graphics/arrow-s-d.png") no-repeat 0 0; + background: url("../skins/classic/graphics/arrow-s-d.png") no-repeat 0 0; } .table-tr-odd { From ca0b5830073002e7b3a03ce931b7fe8c74dfb12c Mon Sep 17 00:00:00 2001 From: Isaac Connor Date: Mon, 19 Aug 2019 08:59:15 -0400 Subject: [PATCH 443/922] Use material icons for sort because they look nicer --- web/skins/classic/views/console.php | 3 ++- web/skins/classic/views/js/console.js | 8 ++++---- 2 files changed, 6 insertions(+), 5 deletions(-) diff --git a/web/skins/classic/views/console.php b/web/skins/classic/views/console.php index c4c99e166..b1cc51215 100644 --- a/web/skins/classic/views/console.php +++ b/web/skins/classic/views/console.php @@ -328,7 +328,8 @@ for( $monitor_i = 0; $monitor_i < count($displayMonitors); $monitor_i += 1 ) { ?>
disabled="disabled"/> - + +swap_vert disabled="disabled"/> - + +swap_vert '.validHtmlStr($event->Name()).($event->Archived()?'*':'') ?> MonitorId(), 'zmMonitor'.$event->Monitorid(), 'monitor', $event->MonitorName(), canEdit( 'Monitors' ) ) ?> Id(), 'zmEventDetail', 'eventdetail', validHtmlStr($event->Cause()), canEdit( 'Events' ), 'title="'.htmlspecialchars($event->Notes()).'"' ) ?> - Notes()) { - # if notes include detection objects, then link it to objdetect.jpg - if (strpos($event->Notes(),"detected:")!== false){ - # make a link - echo makePopupLink( '?view=image&eid='.$event->Id().'&fid=objdetect', 'zmImage', - array('image', reScale($event->Width(), $scale), reScale($event->Height(), $scale)), - "
".$event->Notes()."
"); - } - elseif ($event->Notes() != 'Forced Web: ') { - echo "
".$event->Notes()."
"; - } - } - ?> - + Notes()) { +# if notes include detection objects, then link it to objdetect.jpg + if (strpos($event->Notes(),'detected:')!== false){ +# make a link + echo makePopupLink( '?view=image&eid='.$event->Id().'&fid=objdetect', 'zmImage', + array('image', reScale($event->Width(), $scale), reScale($event->Height(), $scale)), + "
".$event->Notes()."
"); + } + elseif ($event->Notes() != 'Forced Web: ') { + echo "
".$event->Notes()."
"; + } + } +?> 		StartTime())) . ( $event->EndTime() ? ' until ' . strftime(STRF_FMT_DATETIME_SHORTER, strtotime($event->EndTime()) ) : '' ) ?> From 59940ab675465d0643586bb19b155638dd2a4fb1 Mon Sep 17 00:00:00 2001 From: Isaac Connor Date: Wed, 28 Aug 2019 09:19:57 -0400 Subject: [PATCH 488/922] report pixformat names instead of just #'s on error --- src/zm_ffmpeg_camera.cpp | 9 +++++---- 1 file changed, 5 insertions(+), 4 deletions(-) diff --git a/src/zm_ffmpeg_camera.cpp b/src/zm_ffmpeg_camera.cpp index f1031d054..c9298fe77 100644 --- a/src/zm_ffmpeg_camera.cpp +++ b/src/zm_ffmpeg_camera.cpp @@ -1102,10 +1102,11 @@ int FfmpegCamera::transfer_to_image( mConvertContext, input_frame->data, input_frame->linesize, 0, mVideoCodecContext->height, output_frame->data, output_frame->linesize) <= 0 ) { - Error("Unable to convert format %u to format %u at frame %d codec %u", - input_frame->format, - imagePixFormat, frameCount, - mVideoCodecContext->pix_fmt + Error("Unable to convert format %u %s to format %u %s at frame %d codec %u %s", + input_frame->format, av_get_pix_fmt_name((AVPixelFormat)input_frame->format), + av_get_pix_fmt_name(imagePixFormat), + frameCount, + mVideoCodecContext->pix_fmt, av_get_pix_fmt_name(mVideoCodecContext->pix_fmt) ); return -1; } From 505a041c884287e0df38b69e0416b8625705be57 Mon Sep 17 00:00:00 2001 From: Isaac Connor Date: Wed, 28 Aug 2019 10:17:23 -0400 Subject: [PATCH 489/922] Don't add a final db frame to the event, because there is no jpg for the frame. I don't know why this code was originally added. --- src/zm_event.cpp | 2 ++ 1 file changed, 2 insertions(+) diff --git a/src/zm_event.cpp b/src/zm_event.cpp index 037cfac50..ef39dfa7a 100644 --- a/src/zm_event.cpp +++ b/src/zm_event.cpp @@ -246,11 +246,13 @@ Event::~Event() { DELTA_TIMEVAL(delta_time, end_time, start_time, DT_PREC_2); Debug(2, "start_time:%d.%d end_time%d.%d", start_time.tv_sec, start_time.tv_usec, end_time.tv_sec, end_time.tv_usec); +#if 0 // This closing frame has no image. There is no point in adding a db record for it, I think. ICON if ( frames > last_db_frame ) { frames ++; Debug(1, "Adding closing frame %d to DB", frames); frame_data.push(new Frame(id, frames, NORMAL, end_time, delta_time, 0)); } +#endif if ( frame_data.size() ) WriteDbFrames(); From 64d024b0c002301aafcc9e24645a4928fb960660 Mon Sep 17 00:00:00 2001 From: Isaac Connor Date: Wed, 28 Aug 2019 10:33:18 -0400 Subject: [PATCH 490/922] Fix spacing --- src/zm_crypt.cpp | 52 +++++++++++++++++++++--------------------------- 1 file changed, 23 insertions(+), 29 deletions(-) diff --git a/src/zm_crypt.cpp b/src/zm_crypt.cpp index e6b460e49..6b78e169b 100644 --- a/src/zm_crypt.cpp +++ b/src/zm_crypt.cpp @@ -1,12 +1,11 @@ #include "zm.h" -# include "zm_crypt.h" +#include "zm_crypt.h" #include "BCrypt.hpp" #include "jwt.h" #include #include #include - // returns username if valid, "" if not std::pair verifyToken(std::string jwt_token_str, std::string key) { std::string username = ""; @@ -22,47 +21,42 @@ std::pair verifyToken(std::string jwt_token_str, std verifier.verify(decoded); // make sure it has fields we need - if (decoded.has_payload_claim("type")) { + if ( decoded.has_payload_claim("type") ) { std::string type = decoded.get_payload_claim("type").as_string(); - if (type != "access") { - Error ("Only access tokens are allowed. Please do not use refresh tokens"); - return std::make_pair("",0); + if ( type != "access" ) { + Error("Only access tokens are allowed. Please do not use refresh tokens"); + return std::make_pair("", 0); } - } - else { + } else { // something is wrong. All ZM tokens have type - Error ("Missing token type. This should not happen"); + Error("Missing token type. This should not happen"); return std::make_pair("",0); } - if (decoded.has_payload_claim("user")) { + if ( decoded.has_payload_claim("user") ) { username = decoded.get_payload_claim("user").as_string(); - Debug (1, "Got %s as user claim from token", username.c_str()); - } - else { - Error ("User not found in claim"); - return std::make_pair("",0); + Debug(1, "Got %s as user claim from token", username.c_str()); + } else { + Error("User not found in claim"); + return std::make_pair("", 0); } - if (decoded.has_payload_claim("iat")) { + if ( decoded.has_payload_claim("iat") ) { token_issued_at = (unsigned int) (decoded.get_payload_claim("iat").as_int()); - Debug (1,"Got IAT token=%u", token_issued_at); - - } - else { - Error ("IAT not found in claim. This should not happen"); - return std::make_pair("",0); + Debug(1, "Got IAT token=%u", token_issued_at); + } else { + Error("IAT not found in claim. This should not happen"); + return std::make_pair("", 0); } } // try - catch (const std::exception &e) { + catch ( const std::exception &e ) { Error("Unable to verify token: %s", e.what()); - return std::make_pair("",0); + return std::make_pair("", 0); } catch (...) { - Error ("unknown exception"); - return std::make_pair("",0); - + Error("unknown exception"); + return std::make_pair("", 0); } - return std::make_pair(username,token_issued_at); + return std::make_pair(username, token_issued_at); } bool verifyPassword(const char *username, const char *input_password, const char *db_password_hash) { @@ -102,7 +96,7 @@ bool verifyPassword(const char *username, const char *input_password, const char } else if ( (db_password_hash[0] == '$') && - (db_password_hash[1]== '2') + (db_password_hash[1] == '2') && (db_password_hash[3] == '$') ) { From 5f0080ef9287483e4c8ca43cfe1da1a65adc0e1c Mon Sep 17 00:00:00 2001 From: Isaac Connor Date: Wed, 28 Aug 2019 10:34:30 -0400 Subject: [PATCH 491/922] Fix crash when using auth_relay=none --- src/zm_user.cpp | 78 ++++++++++++++++++++++++++++--------------------- src/zm_user.h | 59 +++++++++++++++---------------------- 2 files changed, 68 insertions(+), 69 deletions(-) diff --git a/src/zm_user.cpp b/src/zm_user.cpp index 52da3ba98..1ebd3f1ff 100644 --- a/src/zm_user.cpp +++ b/src/zm_user.cpp @@ -27,6 +27,18 @@ #include #include +#if HAVE_GNUTLS_OPENSSL_H +#include +#endif +#if HAVE_GNUTLS_GNUTLS_H +#include +#endif + +#if HAVE_GCRYPT_H +#include +#elif HAVE_LIBCRYPTO +#include +#endif // HAVE_L || HAVE_LIBCRYPTO #include "zm_utils.h" #include "zm_crypt.h" @@ -38,22 +50,22 @@ User::User() { stream = events = control = monitors = system = PERM_NONE; } -User::User( MYSQL_ROW &dbrow ) { +User::User(const MYSQL_ROW &dbrow) { int index = 0; - id = atoi( dbrow[index++] ); - strncpy( username, dbrow[index++], sizeof(username)-1 ); - strncpy( password, dbrow[index++], sizeof(password)-1 ); - enabled = (bool)atoi( dbrow[index++] ); - stream = (Permission)atoi( dbrow[index++] ); - events = (Permission)atoi( dbrow[index++] ); - control = (Permission)atoi( dbrow[index++] ); - monitors = (Permission)atoi( dbrow[index++] ); - system = (Permission)atoi( dbrow[index++] ); + id = atoi(dbrow[index++]); + strncpy(username, dbrow[index++], sizeof(username)-1); + strncpy(password, dbrow[index++], sizeof(password)-1); + enabled = (bool)atoi(dbrow[index++]); + stream = (Permission)atoi(dbrow[index++]); + events = (Permission)atoi(dbrow[index++]); + control = (Permission)atoi(dbrow[index++]); + monitors = (Permission)atoi(dbrow[index++]); + system = (Permission)atoi(dbrow[index++]); char *monitor_ids_str = dbrow[index++]; if ( monitor_ids_str && *monitor_ids_str ) { StringVector ids = split(monitor_ids_str, ","); for( StringVector::iterator i = ids.begin(); i < ids.end(); ++i ) { - monitor_ids.push_back( atoi( (*i).c_str()) ); + monitor_ids.push_back(atoi((*i).c_str())); } } } @@ -62,10 +74,10 @@ User::~User() { monitor_ids.clear(); } -void User::Copy( const User &u ) { +void User::Copy(const User &u) { id=u.id; - strncpy( username, u.username, sizeof(username)-1 ); - strncpy( password, u.password, sizeof(password)-1 ); + strncpy(username, u.username, sizeof(username)-1); + strncpy(password, u.password, sizeof(password)-1); enabled = u.enabled; stream = u.stream; events = u.events; @@ -75,7 +87,7 @@ void User::Copy( const User &u ) { monitor_ids = u.monitor_ids; } -bool User::canAccess( int monitor_id ) { +bool User::canAccess(int monitor_id) { if ( monitor_ids.empty() ) return true; @@ -89,54 +101,52 @@ bool User::canAccess( int monitor_id ) { // Function to load a user from username and password // Please note that in auth relay mode = none, password is NULL -User *zmLoadUser( const char *username, const char *password ) { +User *zmLoadUser(const char *username, const char *password) { char sql[ZM_SQL_MED_BUFSIZ] = ""; int username_length = strlen(username); char *safer_username = new char[(username_length * 2) + 1]; // According to docs, size of safer_whatever must be 2*length+1 due to unicode conversions + null terminator. - mysql_real_escape_string(&dbconn, safer_username, username, username_length ); - + mysql_real_escape_string(&dbconn, safer_username, username, username_length); snprintf(sql, sizeof(sql), "SELECT `Id`, `Username`, `Password`, `Enabled`, `Stream`+0, `Events`+0, `Control`+0, `Monitors`+0, `System`+0, `MonitorIds`" - " FROM `Users` WHERE `Username` = '%s' AND `Enabled` = 1", safer_username ); - + " FROM `Users` WHERE `Username` = '%s' AND `Enabled` = 1", safer_username); if ( mysql_query(&dbconn, sql) ) { Error("Can't run query: %s", mysql_error(&dbconn)); exit(mysql_errno(&dbconn)); } + delete safer_username; MYSQL_RES *result = mysql_store_result(&dbconn); if ( !result ) { Error("Can't use query result: %s", mysql_error(&dbconn)); exit(mysql_errno(&dbconn)); } - int n_users = mysql_num_rows(result); - if ( n_users != 1 ) { + if ( mysql_num_rows(result) != 1 ) { mysql_free_result(result); Warning("Unable to authenticate user %s", username); return NULL; } MYSQL_ROW dbrow = mysql_fetch_row(result); - User *user = new User(dbrow); - - if (verifyPassword(username, password, user->getPassword())) { - Info("Authenticated user '%s'", user->getUsername()); - mysql_free_result(result); - delete safer_username; + mysql_free_result(result); + + if ( !password ) { + // relay type must be none return user; } - else { - Warning("Unable to authenticate user %s", username); - mysql_free_result(result); - return NULL; - } - + + if ( verifyPassword(username, password, user->getPassword()) ) { + Info("Authenticated user '%s'", user->getUsername()); + return user; + } + + Warning("Unable to authenticate user %s", username); + return NULL; } User *zmLoadTokenUser (std::string jwt_token_str, bool use_remote_addr ) { diff --git a/src/zm_user.h b/src/zm_user.h index 04842b318..42fe07554 100644 --- a/src/zm_user.h +++ b/src/zm_user.h @@ -23,25 +23,14 @@ #ifndef ZM_USER_H #define ZM_USER_H -#if HAVE_GNUTLS_OPENSSL_H -#include -#endif -#if HAVE_GNUTLS_GNUTLS_H -#include -#endif - -#if HAVE_GCRYPT_H -#include -#elif HAVE_LIBCRYPTO -#include -#endif // HAVE_L || HAVE_LIBCRYPTO - +#include #include -class User { -public: - typedef enum { PERM_NONE=1, PERM_VIEW, PERM_EDIT } Permission; -protected: +class User { + public: + typedef enum { PERM_NONE = 1, PERM_VIEW, PERM_EDIT } Permission; + + protected: int id; char username[32+1]; char password[64+1]; @@ -53,32 +42,32 @@ protected: Permission system; std::vector monitor_ids; -public: + public: User(); - explicit User( MYSQL_ROW &dbrow ); + explicit User(const MYSQL_ROW &dbrow); ~User(); - User( User &u ) { Copy(u); } - void Copy( const User &u ); + User(User &u) { Copy(u); } + void Copy(const User &u); User& operator=(const User &u) { Copy(u); return *this; } const int Id() const { return id; } - const char *getUsername() const { return( username ); } - const char *getPassword() const { return( password ); } - bool isEnabled() const { return( enabled ); } - Permission getStream() const { return( stream ); } - Permission getEvents() const { return( events ); } - Permission getControl() const { return( control ); } - Permission getMonitors() const { return( monitors ); } - Permission getSystem() const { return( system ); } - bool canAccess( int monitor_id ); + const char *getUsername() const { return username; } + const char *getPassword() const { return password; } + bool isEnabled() const { return enabled; } + Permission getStream() const { return stream; } + Permission getEvents() const { return events; } + Permission getControl() const { return control; } + Permission getMonitors() const { return monitors; } + Permission getSystem() const { return system; } + bool canAccess(int monitor_id); }; -User *zmLoadUser( const char *username, const char *password=0 ); -User *zmLoadAuthUser( const char *auth, bool use_remote_addr ); -User *zmLoadTokenUser( std::string jwt, bool use_remote_addr); -bool checkUser ( const char *username); -bool checkPass (const char *password); +User *zmLoadUser(const char *username, const char *password=0); +User *zmLoadAuthUser(const char *auth, bool use_remote_addr); +User *zmLoadTokenUser(std::string jwt, bool use_remote_addr); +bool checkUser(const char *username); +bool checkPass(const char *password); #endif // ZM_USER_H From 42edad1e8c29fd79fce6b1957015dfe31e5b6f2d Mon Sep 17 00:00:00 2001 From: Arnout Engelen Date: Wed, 28 Aug 2019 16:53:24 +0200 Subject: [PATCH 492/922] Tweaks to the ubuntu installation instructions (#2688) * Tweaks to the ubuntu installation instructions I recently walked a new user through the Ubuntu installation, and noticed some things that were confusing to him that would be easy to fix. * Use release names as well as numbers --- README.md | 2 +- docs/installationguide/ubuntu.rst | 30 +++++++----------------------- 2 files changed, 8 insertions(+), 24 deletions(-) diff --git a/README.md b/README.md index b0f4be37b..2939aa941 100644 --- a/README.md +++ b/README.md @@ -31,7 +31,7 @@ Better methods exist today that do much of this for you. The current development This is the recommended method to install ZoneMinder onto your system. ZoneMinder packages are maintained for the following distros: -- Ubuntu via [Iconnor's PPA](https://launchpad.net/~iconnor/+archive/ubuntu/zoneminder) +- Ubuntu via [Iconnor's PPA](https://launchpad.net/~iconnor) - Debian from their [default repository](https://packages.debian.org/search?searchon=names&keywords=zoneminder) - RHEL/CentOS and clones via [RPM Fusion](http://rpmfusion.org) - Fedora via [RPM Fusion](http://rpmfusion.org) diff --git a/docs/installationguide/ubuntu.rst b/docs/installationguide/ubuntu.rst index 582b8e5c5..65b6d163e 100644 --- a/docs/installationguide/ubuntu.rst +++ b/docs/installationguide/ubuntu.rst @@ -3,8 +3,8 @@ Ubuntu .. contents:: -Easy Way: Ubuntu 18.04 ----------------------- +Easy Way: Ubuntu 18.04 (Bionic) +------------------------------- These instructions are for a brand new ubuntu 18.04 system which does not have ZM installed. @@ -15,6 +15,7 @@ achieve the same result by running: :: + sudo apt-get install tasksel sudo tasksel install lamp-server During installation it will ask you to set up a master/root password for the MySQL. @@ -39,19 +40,10 @@ guide you with a quick search. following a new release of ZoneMinder. To use this repository instead of the official Ubuntu repository, enter the following from the command line: - :: - - add-apt-repository ppa:iconnor/zoneminder - - Please note that as of 1.32.0 We are creating a new PPA for each major version, as a means to prevent automatic upgrades from one major version to another. So instead of the above ppa line use the following: - :: add-apt-repository ppa:iconnor/zoneminder-1.32 - If you are on Trusty or Xenial, you may want to add both, as there are some packages for dependencies included in the old ppa. - - Update repo and upgrade. :: @@ -202,8 +194,8 @@ CTRL+x to exit PPA install may need some tweaking of ZMS_PATH in ZoneMinder options. `Socket_sendto or no live streaming`_ -Easy Way: Ubuntu 16.04 ----------------------- +Easy Way: Ubuntu 16.04 (Xenial) +------------------------------- These instructions are for a brand new ubuntu 16.04 system which does not have ZM installed. @@ -241,16 +233,8 @@ guide you with a quick search. :: add-apt-repository ppa:iconnor/zoneminder - - Please note that as of 1.32.0 We are creating a new PPA for each major version, as a means to prevent automatic upgrades from one major version to another. So instead of the above ppa line use the following: - - :: - add-apt-repository ppa:iconnor/zoneminder-1.32 - If you are on Trusty or Xenial, you may want to add both, as there are some packages for dependencies included in the old ppa. - - Update repo and upgrade. :: @@ -401,8 +385,8 @@ CTRL+x to exit PPA install may need some tweaking of ZMS_PATH in ZoneMinder options. `Socket_sendto or no live streaming`_ -Easy Way: Ubuntu 14.x ---------------------- +Easy Way: Ubuntu 14.x (Trusty) +------------------------------ **These instructions are for a brand new ubuntu 14.x system which does not have ZM installed.** **Step 1:** Either run commands in this install using sudo or use the below to become root From 307fad72be078f55844d156d093e5fced24e4d1f Mon Sep 17 00:00:00 2001 From: Isaac Connor Date: Wed, 28 Aug 2019 11:43:46 -0400 Subject: [PATCH 493/922] Default to using V4 Signature --- scripts/ZoneMinder/lib/ZoneMinder/Event.pm | 8 +++++--- 1 file changed, 5 insertions(+), 3 deletions(-) diff --git a/scripts/ZoneMinder/lib/ZoneMinder/Event.pm b/scripts/ZoneMinder/lib/ZoneMinder/Event.pm index 80929cac6..394965954 100644 --- a/scripts/ZoneMinder/lib/ZoneMinder/Event.pm +++ b/scripts/ZoneMinder/lib/ZoneMinder/Event.pm @@ -433,6 +433,7 @@ sub delete_files { aws_access_key_id => $aws_id, aws_secret_access_key => $aws_secret, ( $aws_host ? ( host => $aws_host ) : () ), + authorization_method => 'Net::Amazon::S3::Signature::V4', }); my $bucket = $s3->bucket($aws_bucket); if ( ! $bucket ) { @@ -591,6 +592,7 @@ sub CopyTo { aws_access_key_id => $aws_id, aws_secret_access_key => $aws_secret, ( $aws_host ? ( host => $aws_host ) : () ), + authorization_method => 'Net::Amazon::S3::Signature::V4', }); my $bucket = $s3->bucket($aws_bucket); if ( !$bucket ) { @@ -599,10 +601,10 @@ sub CopyTo { } my $event_path = $self->RelativePath(); - if ( 0 ) { # Not neccessary + if ( 1 ) { # Not neccessary Debug("Making directory $event_path/"); if ( !$bucket->add_key($event_path.'/', '') ) { - Warning("Unable to add key for $event_path/"); + Warning("Unable to add key for $event_path/ :". $s3->err . ': '. $s3->errstr()); } } @@ -625,7 +627,7 @@ sub CopyTo { my $filename = $event_path.'/'.File::Basename::basename($file); if ( ! $bucket->add_key($filename, $file_contents) ) { - die "Unable to add key for $filename"; + die "Unable to add key for $filename : ".$s3->err . ': ' . $s3->errstr; } } else { my $filename = $event_path.'/'.File::Basename::basename($file); From bd3395ac984968a8fcb6033f10118514c2763798 Mon Sep 17 00:00:00 2001 From: Isaac Connor Date: Wed, 28 Aug 2019 12:19:54 -0400 Subject: [PATCH 494/922] introduce VideoStore::write_packet to refactor out duplicated code. Add the ability to receive multiple packets from audio encoder per input packet --- src/zm_videostore.cpp | 148 ++++++++++++++++++++++++------------------ src/zm_videostore.h | 2 + 2 files changed, 87 insertions(+), 63 deletions(-) diff --git a/src/zm_videostore.cpp b/src/zm_videostore.cpp index 0523b3e85..647920789 100644 --- a/src/zm_videostore.cpp +++ b/src/zm_videostore.cpp @@ -411,14 +411,6 @@ bool VideoStore::open() { //avformat_free_context(oc); return false; } - Debug(3, - "Time bases: VIDEO in stream (%d/%d) in codec: (%d/%d) out " - "stream: (%d/%d) out codec (%d/%d)", - video_in_stream->time_base.num, video_in_stream->time_base.den, - video_in_ctx->time_base.num, video_in_ctx->time_base.den, - video_out_stream->time_base.num, video_out_stream->time_base.den, - video_out_ctx->time_base.num, - video_out_ctx->time_base.den); return true; } // end VideoStore::open() @@ -463,6 +455,7 @@ VideoStore::~VideoStore() { } #endif + dumpPacket(&pkt, "raw from encoder"); // Need to adjust pts and dts and duration pkt.stream_index = audio_out_stream->index; @@ -473,6 +466,7 @@ VideoStore::~VideoStore() { audio_out_stream->time_base); // Scale the PTS of the outgoing packet to be the correct time base if ( pkt.pts != AV_NOPTS_VALUE ) { +#if 0 pkt.pts = av_rescale_q( pkt.pts, audio_out_ctx->time_base, @@ -483,6 +477,12 @@ VideoStore::~VideoStore() { pkt.pts, audio_in_stream->time_base, audio_out_stream->time_base); +#else + pkt.pts = av_rescale_q( + pkt.pts, + audio_out_ctx->time_base, + audio_out_stream->time_base); +#endif Debug(2, "audio pkt.pts = %" PRId64 " from first_pts(%" PRId64 ")", pkt.pts, audio_first_pts); @@ -492,6 +492,7 @@ VideoStore::~VideoStore() { } if ( pkt.dts != AV_NOPTS_VALUE ) { +#if 0 pkt.dts = av_rescale_q( pkt.dts, audio_out_ctx->time_base, @@ -501,6 +502,12 @@ VideoStore::~VideoStore() { pkt.dts, audio_in_stream->time_base, audio_out_stream->time_base); +#else + pkt.dts = av_rescale_q( + pkt.dts, + audio_out_ctx->time_base, + audio_out_stream->time_base); +#endif Debug(2, "pkt.dts = %" PRId64 " - first_dts(%" PRId64 ")", pkt.dts, audio_first_dts); } else { @@ -1008,28 +1015,7 @@ int VideoStore::writeVideoFramePacket(AVPacket *ipkt) { opkt.pos = -1; opkt.data = ipkt->data; opkt.size = ipkt->size; - opkt.stream_index = video_out_stream->index; - - dumpPacket(video_out_stream, &opkt, "writing video packet"); - if ( (opkt.data == NULL) || (opkt.size < 1) ) { - Warning("%s:%d: Mangled AVPacket: discarding frame", __FILE__, __LINE__); - dumpPacket(video_in_stream, ipkt,"In Packet"); - dumpPacket(video_out_stream, &opkt); - } else { - ret = av_interleaved_write_frame(oc, &opkt); - if ( ret < 0 ) { - // There's nothing we can really do if the frame is rejected, just drop it - // and get on with the next - Warning( - "%s:%d: Writing frame [av_interleaved_write_frame()] failed: %s(%d)", - __FILE__, __LINE__, av_make_error_string(ret).c_str(), ret); -#if LIBAVCODEC_VERSION_CHECK(57, 64, 0, 64, 0) - zm_dump_codecpar(video_in_stream->codecpar); - zm_dump_codecpar(video_out_stream->codecpar); -#endif - } - } - + write_packet(&opkt, video_out_stream); zm_av_packet_unref(&opkt); return 0; @@ -1158,11 +1144,44 @@ int VideoStore::writeAudioFramePacket(AVPacket *ipkt) { audio_out_stream->time_base); #endif + write_packet(&opkt, audio_out_stream); + zm_av_packet_unref(&opkt); + +#if LIBAVCODEC_VERSION_CHECK(57, 64, 0, 64, 0) + // While the encoder still has packets for us + while ( !avcodec_receive_packet(audio_out_ctx, &opkt) ) { + opkt.pts = av_rescale_q( + opkt.pts, + audio_out_ctx->time_base, + audio_out_stream->time_base); + opkt.dts = av_rescale_q( + opkt.dts, + audio_out_ctx->time_base, + audio_out_stream->time_base); + + dumpPacket(audio_out_stream, &opkt, "raw opkt"); + Debug(1, "Duration before %d in %d/%d", opkt.duration, + audio_out_ctx->time_base.num, + audio_out_ctx->time_base.den); + + opkt.duration = av_rescale_q( + opkt.duration, + audio_out_ctx->time_base, + audio_out_stream->time_base); + Debug(1, "Duration after %d in %d/%d", opkt.duration, + audio_out_stream->time_base.num, + audio_out_stream->time_base.den); + write_packet(&opkt, audio_out_stream); + } +#endif + zm_av_packet_unref(&opkt); + } else { Debug(2,"copying"); av_init_packet(&opkt); opkt.data = ipkt->data; opkt.size = ipkt->size; + opkt.flags = ipkt->flags; if ( ipkt->duration && (ipkt->duration != AV_NOPTS_VALUE) ) { opkt.duration = av_rescale_q( @@ -1205,44 +1224,47 @@ int VideoStore::writeAudioFramePacket(AVPacket *ipkt) { } else { opkt.dts = AV_NOPTS_VALUE; } + write_packet(&opkt, audio_out_stream); + + zm_av_packet_unref(&opkt); } // end if encoding or copying - - opkt.pos = -1; - opkt.stream_index = audio_out_stream->index; - opkt.flags = ipkt->flags; - - if ( opkt.dts < audio_out_stream->cur_dts ) { - Warning("non increasing dts, fixing"); - opkt.dts = audio_out_stream->cur_dts; - if ( opkt.dts > opkt.pts ) { - Debug(1, - "opkt.dts(%" PRId64 ") must be <= opkt.pts(%" PRId64 ")." - "Decompression must happen before presentation.", - opkt.dts, opkt.pts); - opkt.pts = opkt.dts; - } - } else if ( opkt.dts > opkt.pts ) { - Debug(1, - "opkt.dts(%" PRId64 ") must be <= opkt.pts(%" PRId64 ")." - "Decompression must happen before presentation.", - opkt.dts, opkt.pts); - opkt.dts = opkt.pts; - } - - dumpPacket(audio_out_stream, &opkt, "finished opkt"); - - ret = av_interleaved_write_frame(oc, &opkt); - if ( ret != 0 ) { - Error("Error writing audio frame packet: %s", - av_make_error_string(ret).c_str()); - } else { - Debug(2, "Success writing audio frame"); - } - zm_av_packet_unref(&opkt); return 0; } // end int VideoStore::writeAudioFramePacket(AVPacket *ipkt) +int VideoStore::write_packet(AVPacket *pkt, AVStream *stream) { + pkt->pos = -1; + pkt->stream_index = stream->index; + + if ( pkt->dts < stream->cur_dts ) { + Warning("non increasing dts, fixing"); + pkt->dts = stream->cur_dts; + if ( pkt->dts > pkt->pts ) { + Debug(1, + "pkt.dts(%" PRId64 ") must be <= pkt.pts(%" PRId64 ")." + "Decompression must happen before presentation.", + pkt->dts, pkt->pts); + pkt->pts = pkt->dts; + } + } else if ( pkt->dts > pkt->pts ) { + Debug(1, + "pkt.dts(%" PRId64 ") must be <= pkt.pts(%" PRId64 ")." + "Decompression must happen before presentation.", + pkt->dts, pkt->pts); + pkt->dts = pkt->pts; + } + + dumpPacket(stream, pkt, "finished pkt"); + + ret = av_interleaved_write_frame(oc, pkt); + if ( ret != 0 ) { + Error("Error writing packet: %s", + av_make_error_string(ret).c_str()); + } else { + Debug(2, "Success writing packet"); + } +} // end int VideoStore::write_packet(AVPacket *pkt, AVStream *stream) + int VideoStore::resample_audio() { // Resample the in_frame into the audioSampleBuffer until we process the whole // decoded data. Note: pts does not survive resampling or converting diff --git a/src/zm_videostore.h b/src/zm_videostore.h index fe52cd1dc..2940bc2e7 100644 --- a/src/zm_videostore.h +++ b/src/zm_videostore.h @@ -79,6 +79,8 @@ private: bool setup_resampler(); int resample_audio(); + int write_packet(AVPacket *pkt, AVStream *stream); + public: VideoStore( const char *filename_in, From c80ef0e0abf5989c8fb5ac4e67d642517ad354a0 Mon Sep 17 00:00:00 2001 From: Isaac Connor Date: Wed, 28 Aug 2019 12:20:03 -0400 Subject: [PATCH 495/922] spacing --- src/zm_ffmpeg.cpp | 2 +- web/includes/auth.php | 4 ++-- 2 files changed, 3 insertions(+), 3 deletions(-) diff --git a/src/zm_ffmpeg.cpp b/src/zm_ffmpeg.cpp index 12e813905..bd8643335 100644 --- a/src/zm_ffmpeg.cpp +++ b/src/zm_ffmpeg.cpp @@ -510,7 +510,7 @@ int zm_receive_frame(AVCodecContext *context, AVFrame *frame, AVPacket &packet) int zm_send_frame(AVCodecContext *ctx, AVFrame *frame, AVPacket &packet) { int ret; - #if LIBAVCODEC_VERSION_CHECK(57, 64, 0, 64, 0) + #if LIBAVCODEC_VERSION_CHECK(57, 64, 0, 64, 0) if ( (ret = avcodec_send_frame(ctx, frame)) < 0 ) { Error("Could not send frame (error '%s')", av_make_error_string(ret).c_str()); diff --git a/web/includes/auth.php b/web/includes/auth.php index 4ada2afa2..efd044ed8 100644 --- a/web/includes/auth.php +++ b/web/includes/auth.php @@ -188,7 +188,7 @@ function getAuthUser($auth) { if ( $auth == $authHash ) { return $user; - } // en dif $auth == $authHash + } // end if $auth == $authHash } // end foreach hour } // end foreach user } // end if using auth hash @@ -265,7 +265,7 @@ if ( ZM_OPT_USE_AUTH ) { $user = dbFetchOne($sql, NULL, array($_SESSION['username'])); } } else { - ZM\Logger::Debug("No username in session"); + ZM\Logger::Debug('No username in session'); } if ( ZM_AUTH_HASH_LOGINS && empty($user) && !empty($_REQUEST['auth']) ) { From 93d642304e30d136d81111944b810a31acb15e9d Mon Sep 17 00:00:00 2001 From: Isaac Connor Date: Thu, 29 Aug 2019 09:42:20 -0400 Subject: [PATCH 496/922] Add debug line for aws credentials --- scripts/ZoneMinder/lib/ZoneMinder/Event.pm | 2 ++ 1 file changed, 2 insertions(+) diff --git a/scripts/ZoneMinder/lib/ZoneMinder/Event.pm b/scripts/ZoneMinder/lib/ZoneMinder/Event.pm index 394965954..a6010899c 100644 --- a/scripts/ZoneMinder/lib/ZoneMinder/Event.pm +++ b/scripts/ZoneMinder/lib/ZoneMinder/Event.pm @@ -427,6 +427,7 @@ sub delete_files { my $deleted = 0; if ( $$Storage{Type} and ( $$Storage{Type} eq 's3fs' ) ) { my ( $aws_id, $aws_secret, $aws_host, $aws_bucket ) = ( $$Storage{Url} =~ /^\s*([^:]+):([^@]+)@([^\/]*)\/(.+)\s*$/ ); + Debug("S3 url parsed to id:$aws_id secret:$aws_secret host:$aws_host, bucket:$aws_bucket"); eval { require Net::Amazon::S3; my $s3 = Net::Amazon::S3->new( { @@ -584,6 +585,7 @@ sub CopyTo { if ( $$NewStorage{Type} eq 's3fs' ) { if ( $$NewStorage{Url} ) { my ( $aws_id, $aws_secret, $aws_host, $aws_bucket ) = ( $$NewStorage{Url} =~ /^\s*([^:]+):([^@]+)@([^\/]*)\/(.+)\s*$/ ); + Debug("S3 url parsed to id:$aws_id secret:$aws_secret host:$aws_host, bucket:$aws_bucket"); if ( $aws_id and $aws_secret and $aws_host and $aws_bucket ) { eval { require Net::Amazon::S3; From a4b057fa2bf1b5d21cae5934d2ab27fb802ff597 Mon Sep 17 00:00:00 2001 From: Isaac Connor Date: Thu, 29 Aug 2019 11:25:37 -0400 Subject: [PATCH 497/922] Upgrade Event object to use the common Object methods. Add deleting files from Secondary storage --- web/includes/Event.php | 214 ++++++++++------------------------------- 1 file changed, 51 insertions(+), 163 deletions(-) diff --git a/web/includes/Event.php b/web/includes/Event.php index dc7dd3575..22420cf58 100644 --- a/web/includes/Event.php +++ b/web/includes/Event.php @@ -2,76 +2,50 @@ namespace ZM; require_once('Storage.php'); require_once('functions.php'); +require_once('Object.php'); -$event_cache = array(); +class Event extends ZM_Object { + protected static $table = 'Events'; -class Event { - - private $fields = array( -'Id', -'Name', -'MonitorId', -'StorageId', -'SecondaryStorageId', -'Name', -'Cause', -'StartTime', -'EndTime', -'Width', -'Height', -'Length', -'Frames', -'AlarmFrames', -'DefaultVideo', -'SaveJPEGs', -'TotScore', -'AvgScore', -'MaxScore', -'Archived', -'Videoed', -'Uploaded', -'Emailed', -'Messaged', -'Executed', -'Notes', -'StateId', -'Orientation', -'DiskSpace', -'Scheme', -'Locked', + protected $defaults = array( + 'Id' => null, + 'Name' => '', + 'MonitorId' => null, + 'StorageId' => null, + 'SecondaryStorageId' => null, + 'Cause' => '', + 'StartTime' => null, + 'EndTime' => null, + 'Width' => null, + 'Height' => null, + 'Length' => null, + 'Frames' => null, + 'AlarmFrames' => null, + 'DefaultVideo' => '', + 'SaveJPEGs' => 0, + 'TotScore' => 0, + 'AvgScore' => 0, + 'MaxScore' => 0, + 'Archived' => 0, + 'Videoed' => 0, + 'Uploaded' => 0, + 'Emailed' => 0, + 'Messaged' => 0, + 'Executed' => 0, + 'Notes' => '', + 'StateId' => 0, + 'Orientation' => 0, + 'DiskSpace' => null, + 'Scheme' => 0, + 'Locked' => 0, ); - public function __construct( $IdOrRow = null ) { - $row = NULL; - if ( $IdOrRow ) { - if ( is_integer($IdOrRow) or is_numeric($IdOrRow) ) { - $row = dbFetchOne('SELECT *,unix_timestamp(StartTime) AS Time FROM Events WHERE Id=?', NULL, array($IdOrRow)); - if ( ! $row ) { - Error('Unable to load Event record for Id=' . $IdOrRow); - } - } elseif ( is_array($IdOrRow) ) { - $row = $IdOrRow; - } else { - $backTrace = debug_backtrace(); - $file = $backTrace[1]['file']; - $line = $backTrace[1]['line']; - Error("Unknown argument passed to Event Constructor from $file:$line) Id was $IdOrRow"); - return; - } + public static function find( $parameters = array(), $options = array() ) { + return ZM_Object::_find(get_class(), $parameters, $options); + } - if ( $row ) { - foreach ($row as $k => $v) { - $this->{$k} = $v; - } - global $event_cache; - $event_cache[$row['Id']] = $this; - } else { - $backTrace = debug_backtrace(); - $file = $backTrace[1]['file']; - $line = $backTrace[1]['line']; - Error('No row for Event ' . $IdOrRow . " from $file:$line"); - } - } # end if isset($IdOrRow) - } // end function __construct + public static function find_one( $parameters = array(), $options = array() ) { + return ZM_Object::_find_one(get_class(), $parameters, $options); + } public function Storage( $new = null ) { if ( $new ) { @@ -108,24 +82,6 @@ class Event { return new Monitor(); } - public function __call($fn, array $args){ - if ( count($args) ) { - $this->{$fn} = $args[0]; - } - if ( array_key_exists($fn, $this) ) { - return $this->{$fn}; - - $backTrace = debug_backtrace(); - $file = $backTrace[0]['file']; - $line = $backTrace[0]['line']; - Warning("Unknown function call Event->$fn from $file:$line"); - $file = $backTrace[1]['file']; - $line = $backTrace[1]['line']; - Warning("Unknown function call Event->$fn from $file:$line"); - Warning(print_r($this, true)); - } - } - public function Time() { if ( ! isset($this->{'Time'}) ) { $this->{'Time'} = strtotime($this->{'StartTime'}); @@ -219,6 +175,17 @@ class Event { return; } deletePath($eventPath); + if ( $this->SecondaryStorageId() ) { + $Storage = $this->SecondaryStorage(); + if ( $Storage->Id() ) { + $eventPath = $Storage->Path().'/'.$this->Relative_Path(); + if ( ! $eventPath ) { + Error('No event Path in Event delete. Not deleting'); + } else { + deletePath($eventPath); + } + } # end if Storage + } # end if has Secondary Storage } # USE_DEEP_STORAGE OR NOT } # ! ZM_OPT_FAST_DELETE dbQuery('DELETE FROM Events WHERE Id = ?', array($this->{'Id'})); @@ -509,81 +476,6 @@ class Event { return $imageData; } - public static function find_one( $parameters = null, $options = null ) { - global $event_cache; - if ( - ( count($parameters) == 1 ) and - isset($parameters['Id']) and - isset($event_cache[$parameters['Id']]) ) { - return $event_cache[$parameters['Id']]; - } - $results = Event::find( $parameters, $options ); - if ( count($results) > 1 ) { - Error("Event Returned more than 1"); - return $results[0]; - } else if ( count($results) ) { - return $results[0]; - } else { - return null; - } - } - - public static function find( $parameters = null, $options = null ) { - $sql = 'SELECT * FROM Events '; - $values = array(); - - if ( $parameters ) { - $fields = array(); - $sql .= 'WHERE '; - foreach ( $parameters as $field => $value ) { - if ( $value == null ) { - $fields[] = $field.' IS NULL'; - } else if ( is_array( $value ) ) { - $func = function(){return '?';}; - $fields[] = $field.' IN ('.implode(',', array_map( $func, $value ) ). ')'; - $values += $value; - - } else { - $fields[] = $field.'=?'; - $values[] = $value; - } - } - $sql .= implode(' AND ', $fields ); - } - if ( $options ) { - if ( isset($options['order']) ) { - $sql .= ' ORDER BY ' . $options['order']; - } - if ( isset($options['limit']) ) { - if ( is_integer($options['limit']) or ctype_digit($options['limit']) ) { - $sql .= ' LIMIT ' . $options['limit']; - } else { - $backTrace = debug_backtrace(); - $file = $backTrace[1]['file']; - $line = $backTrace[1]['line']; - Error("Invalid value for limit(".$options['limit'].") passed to Event::find from $file:$line"); - return array(); - } - } - } - $filters = array(); - $result = dbQuery($sql, $values); - if ( $result ) { - $results = $result->fetchALL(); - foreach ( $results as $row ) { - $filters[] = new Event($row); - } - } - return $filters; - } - - public function save( ) { - - $sql = 'UPDATE Events SET '.implode(', ', array_map( function($field) {return $field.'=?';}, $this->fields ) ) . ' WHERE Id=?'; - $values = array_map( function($field){return $this->{$field};}, $this->fields ); - $values[] = $this->{'Id'}; - dbQuery( $sql, $values ); - } public function link_to($text=null) { if ( !$text ) $text = $this->{'Id'}; @@ -686,18 +578,14 @@ class Event { public function can_delete() { if ( $this->Archived() ) { - Logger::Debug("Am archived, can't delete"); return false; } if ( !$this->EndTime() ) { - Logger::Debug("No EndTime can't delete"); return false; } if ( !canEdit('Events') ) { - Logger::Debug("No permission to edit events, can't delete"); return false; } - Logger::Debug("Can delete: archived: " . $this->Archived() . " endtime: " . $this->EndTime() ); return true; } From ef5497cba8e87d00cbe66da1e6a17d48dfa10b0e Mon Sep 17 00:00:00 2001 From: Isaac Connor Date: Thu, 29 Aug 2019 11:26:14 -0400 Subject: [PATCH 498/922] If we have an ajax request, don't do actions. --- web/index.php | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/web/index.php b/web/index.php index 93d2c8ff3..11d62ca55 100644 --- a/web/index.php +++ b/web/index.php @@ -210,7 +210,7 @@ if ( } # Need to include actions because it does auth -if ( $action ) { +if ( $action and !$request ) { if ( file_exists('includes/actions/'.$view.'.php') ) { ZM\Logger::Debug("Including includes/actions/$view.php"); require_once('includes/actions/'.$view.'.php'); From 6b9e8bec697312af354504edb52a64d86125fce0 Mon Sep 17 00:00:00 2001 From: Isaac Connor Date: Thu, 29 Aug 2019 11:26:32 -0400 Subject: [PATCH 499/922] Add logging of delete events --- web/includes/functions.php | 2 ++ 1 file changed, 2 insertions(+) diff --git a/web/includes/functions.php b/web/includes/functions.php index 24a97e294..ff578eff7 100644 --- a/web/includes/functions.php +++ b/web/includes/functions.php @@ -414,6 +414,7 @@ function getEventDefaultVideoPath( $event ) { } function deletePath( $path ) { + ZM\Logger::Debug("Deleting $path"); if ( is_dir( $path ) ) { system( escapeshellcmd( 'rm -rf '.$path ) ); } else if ( file_exists($path) ) { @@ -1206,6 +1207,7 @@ function parseFilter(&$filter, $saveToSession=false, $querySep='&') { case 'DiskSpace': case 'MonitorId': case 'StorageId': + case 'SecondaryStorageId': case 'Length': case 'Frames': case 'AlarmFrames': From 99a2ddba63c7892b2cacb826aa5bcba563cee1cd Mon Sep 17 00:00:00 2001 From: Isaac Connor Date: Thu, 29 Aug 2019 11:27:06 -0400 Subject: [PATCH 500/922] Add listing of Secondary Storage area in events list --- web/skins/classic/views/events.php | 13 ++++++++++++- 1 file changed, 12 insertions(+), 1 deletion(-) diff --git a/web/skins/classic/views/events.php b/web/skins/classic/views/events.php index 8f997f414..d0e3536e1 100644 --- a/web/skins/classic/views/events.php +++ b/web/skins/classic/views/events.php @@ -229,7 +229,18 @@ while ( $event_row = dbFetchNext($results) ) { 1 ) { ?> - StorageId()]) ? $StorageById[$event->StorageId()]->Name() : '' ?> +StorageId() ) { + echo isset($StorageById[$event->StorageId()]) ? $StorageById[$event->StorageId()]->Name() : 'Unknown Storage Id: '.$event->StorageId(); + } else { + echo 'Default'; + } + if ( $event->SecondaryStorageId() ) { + echo '
'.(isset($StorageById[$event->SecondaryStorageId()]) ? $StorageById[$event->SecondaryStorageId()]->Name() : 'Unknown Storage Id '.$event->SecondaryStorageId()); + } + ?> +		 '.$event->Id().($event->Archived()?'*':'') ?> '.validHtmlStr($event->Name()).($event->Archived()?'*':'') ?>MonitorId(), 'zmMonitor'.$event->Monitorid(), 'monitor', $event->MonitorName(), canEdit( 'Monitors' ) ) ?>MonitorId(), 'zmMonitor'.$event->MonitorId(), 'monitor', $event->MonitorName(), canEdit( 'Monitors' ) ) ?> Id(), 'zmEventDetail', 'eventdetail', validHtmlStr($event->Cause()), canEdit( 'Events' ), 'title="'.htmlspecialchars($event->Notes()).'"' ) ?> Date: Wed, 4 Sep 2019 08:47:09 -0400 Subject: [PATCH 509/922] In production mode, debug should be 0 --- web/api/app/Config/core.php.default | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/web/api/app/Config/core.php.default b/web/api/app/Config/core.php.default index 64f439420..e14c7d2e5 100644 --- a/web/api/app/Config/core.php.default +++ b/web/api/app/Config/core.php.default @@ -31,7 +31,7 @@ * In production mode, flash messages redirect after a time interval. * In development mode, you need to click the flash message to continue. */ - Configure::write('debug', 2); + Configure::write('debug', 0); /** * Configure the Error handler used to handle errors for your application. By default From 26670c2df2002da1f6fff7434ef5dac89788cb40 Mon Sep 17 00:00:00 2001 From: Isaac Connor Date: Wed, 4 Sep 2019 10:07:08 -0400 Subject: [PATCH 510/922] Add lock function to write lock an object --- web/includes/Object.php | 10 +++++++++- 1 file changed, 9 insertions(+), 1 deletion(-) diff --git a/web/includes/Object.php b/web/includes/Object.php index 4e73da5d3..a60e42949 100644 --- a/web/includes/Object.php +++ b/web/includes/Object.php @@ -252,5 +252,13 @@ class ZM_Object { unset($object_cache[$class][$this->{'Id'}]); } -} # end class Sensor Action + public function lock() { + $class = get_class($this); + $table = $class::$table; + $row = dbFetchOne("SELECT * FROM `$table` WHERE `Id`=?", NULL, array($this->Id())); + if ( !$row ) { + Error("Unable to lock $class record for Id=".$this->Id()); + } + } +} # end class Object ?> From dde655950fd7e2518bcf7ab9bd7bd13a4e52f6a8 Mon Sep 17 00:00:00 2001 From: Isaac Connor Date: Wed, 4 Sep 2019 10:07:17 -0400 Subject: [PATCH 511/922] Use locking when deleting an event --- web/includes/Event.php | 25 ++++++++++++++++++------- 1 file changed, 18 insertions(+), 7 deletions(-) diff --git a/web/includes/Event.php b/web/includes/Event.php index 22420cf58..e8b6d15be 100644 --- a/web/includes/Event.php +++ b/web/includes/Event.php @@ -126,12 +126,20 @@ class Event extends ZM_Object { Error('Event delete on event with empty Id'); return; } - if ( !ZM_OPT_FAST_DELETE ) { + if ( ZM_OPT_FAST_DELETE ) { + dbQuery('DELETE FROM Events WHERE Id = ?', array($this->{'Id'})); + return; + } + + global $dbConn; + $dbConn->beginTransaction(); + try { + $this->lock(); dbQuery('DELETE FROM Stats WHERE EventId = ?', array($this->{'Id'})); dbQuery('DELETE FROM Frames WHERE EventId = ?', array($this->{'Id'})); if ( $this->{'Scheme'} == 'Deep' ) { -# Assumption: All events have a start time + # Assumption: All events have a start time $start_date = date_parse($this->{'StartTime'}); if ( ! $start_date ) { Error('Unable to parse start time for event ' . $this->{'Id'} . ' not deleting files.'); @@ -139,13 +147,13 @@ class Event extends ZM_Object { } $start_date['year'] = $start_date['year'] % 100; -# So this is because ZM creates a link under the day pointing to the time that the event happened. + # So this is because ZM creates a link under the day pointing to the time that the event happened. $link_path = $this->Link_Path(); if ( ! $link_path ) { Error('Unable to determine link path for event '.$this->{'Id'}.' not deleting files.'); return; } - + $Storage = $this->Storage(); $eventlink_path = $Storage->Path().'/'.$link_path; @@ -154,7 +162,7 @@ class Event extends ZM_Object { Error("Unable to read link at $id_files[0]"); return; } -# I know we are using arrays here, but really there can only ever be 1 in the array + # I know we are using arrays here, but really there can only ever be 1 in the array $eventPath = preg_replace('/\.'.$this->{'Id'}.'$/', $eventPath, $id_files[0]); deletePath($eventPath); deletePath($id_files[0]); @@ -187,8 +195,11 @@ class Event extends ZM_Object { } # end if Storage } # end if has Secondary Storage } # USE_DEEP_STORAGE OR NOT - } # ! ZM_OPT_FAST_DELETE - dbQuery('DELETE FROM Events WHERE Id = ?', array($this->{'Id'})); + dbQuery('DELETE FROM Events WHERE Id = ?', array($this->{'Id'})); + $dbConn->commit(); + } catch (PDOException $e) { + $dbConn->rollback(); + } } # end Event->delete public function getStreamSrc( $args=array(), $querySep='&' ) { From f568e0da30fe71581fe653d3819a3ba958a6658d Mon Sep 17 00:00:00 2001 From: Isaac Connor Date: Wed, 4 Sep 2019 10:11:16 -0400 Subject: [PATCH 512/922] Fix event->id() to event->Id() --- web/skins/classic/views/events.php | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/web/skins/classic/views/events.php b/web/skins/classic/views/events.php index 6636d36e0..dfac3975c 100644 --- a/web/skins/classic/views/events.php +++ b/web/skins/classic/views/events.php @@ -257,7 +257,7 @@ while ( $event_row = dbFetchNext($results) ) { $streamSrc = $event->getStreamSrc(array( 'mode'=>'jpeg', 'scale'=>$scale, 'maxfps'=>ZM_WEB_VIDEO_MAXFPS, 'replay'=>'single')); - $imgHtml = ''. validHtmlStr('Event '.$event->Id()) .''; + $imgHtml = ''. validHtmlStr('Event '.$event->Id()) .''; echo ''.$imgHtml.''; echo 'Id().($event->Archived()?'*':'') ?> Name()).($event->Archived()?'*':'') ?>MonitorId(), 'zmMonitor'.$event->Monitorid(), 'monitor', $event->MonitorName(), canEdit( 'Monitors' ) ) ?>MonitorId(), 'zmMonitor'.$event->MonitorId(), 'monitor', $event->MonitorName(), canEdit( 'Monitors' ) ) ?> Id(), 'zmEventDetail', 'eventdetail', validHtmlStr($event->Cause()), canEdit( 'Events' ), 'title="'.htmlspecialchars($event->Notes()).'"' ) ?> StartTime())) . ( $event->EndTime() ? ' until ' . strftime(STRF_FMT_DATETIME_SHORTER, strtotime($event->EndTime()) ) : '' ) ?> From 4634cb63e55cf7bf35bbd32849c0c1879bcd0312 Mon Sep 17 00:00:00 2001 From: Isaac Connor Date: Fri, 6 Sep 2019 09:31:08 -0400 Subject: [PATCH 518/922] Use ZoneMinder's fork of packpack. Use isaac@zoneminder.com instead of personal email. set DISTRO in changelog --- utils/packpack/startpackpack.sh | 6 +++--- 1 file changed, 3 insertions(+), 3 deletions(-) diff --git a/utils/packpack/startpackpack.sh b/utils/packpack/startpackpack.sh index 677fa1f32..9a8778b34 100755 --- a/utils/packpack/startpackpack.sh +++ b/utils/packpack/startpackpack.sh @@ -86,7 +86,7 @@ commonprep () { git -C packpack pull origin master else echo "Cloning packpack github repo..." - git clone https://github.com/packpack/packpack.git packpack + git clone https://github.com/zoneminder/packpack.git packpack fi # Rpm builds are broken in latest packpack master. Temporarily roll back. @@ -241,9 +241,9 @@ setrpmchangelog () { setdebchangelog () { DATE=`date -R` cat < debian/changelog -zoneminder ($VERSION-${DIST}-1) unstable; urgency=low +zoneminder ($VERSION-${DIST}-1) ${DIST}; urgency=low * - -- Isaac Connor $DATE + -- Isaac Connor $DATE EOF } From 6bd2267483f5bd3be0fa846385d21da81bff9640 Mon Sep 17 00:00:00 2001 From: Isaac Connor Date: Fri, 6 Sep 2019 10:55:34 -0400 Subject: [PATCH 519/922] Fix installing default filters failing due to missing values for AutoCopy and AutoCopyTo --- db/zm_create.sql.in | 14 ++++++++++++-- 1 file changed, 12 insertions(+), 2 deletions(-) diff --git a/db/zm_create.sql.in b/db/zm_create.sql.in index 52bf01a1b..698e466fa 100644 --- a/db/zm_create.sql.in +++ b/db/zm_create.sql.in @@ -758,8 +758,18 @@ insert into Users VALUES (NULL,'admin','$2b$12$NHZsm6AM2f2LQVROriz79ul3D6DnmFiZC -- Add a sample filter to purge the oldest 100 events when the disk is 95% full -- -insert into Filters values (NULL,'PurgeWhenFull','{"sort_field":"Id","terms":[{"val":0,"attr":"Archived","op":"="},{"cnj":"and","val":95,"attr":"DiskPercent","op":">="}],"limit":100,"sort_asc":1}',0/*AutoArchive*/,0/*AutoVideo*/,0/*AutoUpload*/,0/*AutoEmail*/,0/*AutoMessage*/,0/*AutoExecute*/,'',1/*AutoDelete*/,0/*AutoMove*/,0/*MoveTo*/,0/*UpdateDiskSpace*/,1/*Background*/,0/*Concurrent*/); -insert into Filters values (NULL,'Update DiskSpace','{"terms":[{"attr":"DiskSpace","op":"IS","val":"NULL"}]}',0,0,0,0,0,0,'',0,0,0,1,1,0); +insert into Filters values (NULL,'PurgeWhenFull','{"sort_field":"Id","terms":[{"val":0,"attr":"Archived","op":"="},{"cnj":"and","val":95,"attr":"DiskPercent","op":">="}],"limit":100,"sort_asc":1}', + 0/*AutoArchive*/, + 0/*AutoVideo*/, + 0/*AutoUpload*/, + 0/*AutoEmail*/, + 0/*AutoMessage*/, + 0/*AutoExecute*/,'', + 1/*AutoDelete*/, + 0/*AutoMove*/,0/*MoveTo*/, + 0/*AutoCopy*/,0/*CopyTo*/, + 0/*UpdateDiskSpace*/,1/*Background*/,0/*Concurrent*/); +insert into Filters values (NULL,'Update DiskSpace','{"terms":[{"attr":"DiskSpace","op":"IS","val":"NULL"}]}',0,0,0,0,0,0,'',0,0,0,0,0,1,1,0); -- -- Add in some sample control protocol definitions From c58cb382338a94a622a68a7a8b9f9b7ed1cf684b Mon Sep 17 00:00:00 2001 From: Isaac Connor Date: Fri, 6 Sep 2019 11:25:21 -0400 Subject: [PATCH 520/922] Add some debug echos, fix zmfilter command line and remove -1 from changelog version, as packpack version wont' have it. --- utils/packpack/startpackpack.sh | 8 ++++++-- 1 file changed, 6 insertions(+), 2 deletions(-) diff --git a/utils/packpack/startpackpack.sh b/utils/packpack/startpackpack.sh index 9a8778b34..a1b394087 100755 --- a/utils/packpack/startpackpack.sh +++ b/utils/packpack/startpackpack.sh @@ -177,9 +177,13 @@ installtrusty () { if [ -e $pkgname ]; then sudo gdebi --quiet --non-interactive $pkgname + echo "Return code from installing $?" mysql -uzmuser -pzmpass zm < db/test.monitor.sql + echo "Return code from adding test monitor $?" sudo /usr/bin/zmpkg.pl start - sudo /usr/bin/zmfilter.pl -f purgewhenfull + echo "Return code from starting $?" + sudo /usr/bin/zmfilter.pl --filter=purgewhenfull + echo "Return code from running purgewhenfull $?" else echo echo "ERROR: The script cannot find the package $pkgname" @@ -241,7 +245,7 @@ setrpmchangelog () { setdebchangelog () { DATE=`date -R` cat < debian/changelog -zoneminder ($VERSION-${DIST}-1) ${DIST}; urgency=low +zoneminder ($VERSION-${DIST}) ${DIST}; urgency=low * -- Isaac Connor $DATE EOF From e6351109b21e134b7486a161311a6da7a3bae662 Mon Sep 17 00:00:00 2001 From: Isaac Connor Date: Fri, 6 Sep 2019 12:00:50 -0400 Subject: [PATCH 521/922] Now that we are using our fork of packpack, no longer need to patch it --- utils/packpack/startpackpack.sh | 24 +----------------------- 1 file changed, 1 insertion(+), 23 deletions(-) diff --git a/utils/packpack/startpackpack.sh b/utils/packpack/startpackpack.sh index a1b394087..fd84a3923 100755 --- a/utils/packpack/startpackpack.sh +++ b/utils/packpack/startpackpack.sh @@ -89,28 +89,6 @@ commonprep () { git clone https://github.com/zoneminder/packpack.git packpack fi - # Rpm builds are broken in latest packpack master. Temporarily roll back. - #git -C packpack checkout 7cf23ee - - # Patch packpack - patch --dry-run --silent -f -p1 < utils/packpack/packpack-rpm.patch - if [ $? -eq 0 ]; then - patch -p1 < utils/packpack/packpack-rpm.patch - fi - - # Skip deb lintian checks to speed up the build - patch --dry-run --silent -f -p1 < utils/packpack/nolintian.patch - if [ $? -eq 0 ]; then - patch -p1 < utils/packpack/nolintian.patch - fi - - # fix 32bit rpm builds - # FIXME: breaks arm rpm builds - #patch --dry-run --silent -f -p1 < utils/packpack/setarch.patch - #if [ $? -eq 0 ]; then - # patch -p1 < utils/packpack/setarch.patch - #fi - # The rpm specfile requires we download each submodule as a tarball then manually move it into place # Might as well do this for Debian as well, rather than git submodule init CRUDVER="3.1.0-zm" @@ -316,7 +294,7 @@ checksanity # We don't want to build packages for all supported distros after every commit # Only build all packages when executed via cron # See https://docs.travis-ci.com/user/cron-jobs/ -if [ "${TRAVIS_EVENT_TYPE}" == "cron" ] || [ "${TRAVIS}" != "true" ]; then +if [ "${TRAVIS_EVENT_TYPE}" == "cron" ] || [ "${TRAVIS}" != "true" ]; then commonprep # Steps common to Redhat distros From 056449590a3afb3693d4ec29dd2bc6fa8d2b15bd Mon Sep 17 00:00:00 2001 From: Isaac Connor Date: Sun, 8 Sep 2019 12:26:11 -0400 Subject: [PATCH 522/922] Update Monitor object, using Object methods for saving monitors --- web/includes/Monitor.php | 111 +++---------------------------- web/includes/actions/monitor.php | 70 +++++++++---------- 2 files changed, 41 insertions(+), 140 deletions(-) diff --git a/web/includes/Monitor.php b/web/includes/Monitor.php index c46048716..dfe5daa7d 100644 --- a/web/includes/Monitor.php +++ b/web/includes/Monitor.php @@ -2,12 +2,12 @@ namespace ZM; require_once('database.php'); require_once('Server.php'); +require_once('Object.php'); -$monitor_cache = array(); +class Monitor extends ZM_Object { + protected static $table = 'Monitors'; -class Monitor { - -private $defaults = array( +protected $defaults = array( 'Id' => null, 'Name' => '', 'ServerId' => 0, @@ -361,106 +361,13 @@ private $control_fields = array( return $this->defaults{$field}; } // end function SignalCheckColour - public function set($data) { - foreach ($data as $k => $v) { - if ( method_exists($this, $k) ) { - $this->{$k}($v); - } else { - if ( is_array( $v ) ) { -# perhaps should turn into a comma-separated string - $this->{$k} = implode(',',$v); - } else if ( is_string( $v ) ) { - $this->{$k} = trim( $v ); - } else if ( is_integer( $v ) ) { - $this->{$k} = $v; - } else if ( is_bool( $v ) ) { - $this->{$k} = $v; - } else if ( is_null( $v ) ) { - $this->{$k} = $v; - } else { - Error( "Unknown type $k => $v of var " . gettype( $v ) ); - $this->{$k} = $v; - } - } # end if method_exists - } # end foreach $data as $k=>$v + public static function find( $parameters = array(), $options = array() ) { + return ZM_Object::_find(get_class(), $parameters, $options); } - public static function find( $parameters = null, $options = null ) { - $sql = 'SELECT * FROM Monitors '; - $values = array(); - if ( $parameters ) { - $fields = array(); - $sql .= 'WHERE '; - foreach ( $parameters as $field => $value ) { - if ( $value == null ) { - $fields[] = $field.' IS NULL'; - } else if ( is_array($value) ) { - $func = function(){return '?';}; - $fields[] = $field.' IN ('.implode(',', array_map($func, $value)). ')'; - $values += $value; - - } else { - $fields[] = $field.'=?'; - $values[] = $value; - } - } - $sql .= implode(' AND ', $fields); - } - if ( $options ) { - if ( isset($options['order']) ) { - $sql .= ' ORDER BY ' . $options['order']; - } - if ( isset($options['limit']) ) { - if ( is_integer($options['limit']) or ctype_digit($options['limit']) ) { - $sql .= ' LIMIT ' . $options['limit']; - } else { - $backTrace = debug_backtrace(); - $file = $backTrace[1]['file']; - $line = $backTrace[1]['line']; - Error("Invalid value for limit(".$options['limit'].") passed to Control::find from $file:$line"); - return array(); - } - } - } - $monitors = array(); - $result = dbQuery($sql, $values); - $results = $result->fetchALL(); - foreach ( $results as $row ) { - $monitors[] = new Monitor($row); - } - return $monitors; - } # end find - - public static function find_one( $parameters = array() ) { - global $monitor_cache; - if ( - ( count($parameters) == 1 ) and - isset($parameters['Id']) and - isset($monitor_cache[$parameters['Id']]) ) { - return $monitor_cache[$parameters['Id']]; - } - $results = Monitor::find( $parameters, array('limit'=>1) ); - if ( ! sizeof($results) ) { - return; - } - return $results[0]; - } # end find_one - - public function save($new_values = null) { - - if ( $new_values ) { - foreach ( $new_values as $k=>$v ) { - $this->{$k} = $v; - } - } - - $fields = array_keys($this->defaults); - - $sql = 'UPDATE Monitors SET '.implode(', ', array_map(function($field) {return $field.'=?';}, $fields )) . ' WHERE Id=?'; - $values = array_map(function($field){return $this->{$field};}, $fields); - $values[] = $this->{'Id'}; - dbQuery($sql, $values); - } // end function save + public static function find_one( $parameters = array(), $options = array() ) { + return ZM_Object::_find_one(get_class(), $parameters, $options); + } function zmcControl( $mode=false ) { if ( (!defined('ZM_SERVER_ID')) or ( array_key_exists('ServerId', $this) and (ZM_SERVER_ID==$this->{'ServerId'}) ) ) { diff --git a/web/includes/actions/monitor.php b/web/includes/actions/monitor.php index 5062ad45e..21dc33b40 100644 --- a/web/includes/actions/monitor.php +++ b/web/includes/actions/monitor.php @@ -28,20 +28,18 @@ if ( $action == 'monitor' ) { $mid = 0; if ( !empty($_REQUEST['mid']) ) { $mid = validInt($_REQUEST['mid']); - $monitor = dbFetchOne('SELECT * FROM Monitors WHERE Id=?', NULL, array($mid)); - - if ( ZM_OPT_X10 ) { - $x10Monitor = dbFetchOne('SELECT * FROM TriggersX10 WHERE MonitorId=?', NULL, array($mid)); - if ( !$x10Monitor ) - $x10Monitor = array(); - } - } else { - $monitor = array(); - if ( ZM_OPT_X10 ) { - $x10Monitor = array(); - } + #if ( ZM_OPT_X10 ) { + #$x10Monitor = dbFetchOne('SELECT * FROM TriggersX10 WHERE MonitorId=?', NULL, array($mid)); + #if ( !$x10Monitor ) + #$x10Monitor = array(); + #} + #} else { + #$monitor = array(); + #if ( ZM_OPT_X10 ) { + #$x10Monitor = array(); + #} } - $Monitor = new ZM\Monitor($monitor); + $monitor = new ZM\Monitor($mid); // Define a field type for anything that's not simple text equivalent $types = array( @@ -66,28 +64,27 @@ if ( $action == 'monitor' ) { } } - $columns = getTableColumns('Monitors'); - $changes = getFormChanges($monitor, $_REQUEST['newMonitor'], $types, $columns); -#ZM\Logger::Debug("Columns:". print_r($columns,true)); -#ZM\Logger::Debug("Changes:". print_r($changes,true)); + $changes = $monitor->changes($_REQUEST['newMonitor']); +ZM\Logger::Debug("Changes:". print_r($changes,true)); #ZM\Logger::Debug("newMonitor:". print_r($_REQUEST['newMonitor'],true)); if ( count($changes) ) { if ( $mid ) { # If we change anything that changes the shared mem size, zma can complain. So let's stop first. - if ( $monitor['Type'] != 'WebSite' ) { - $Monitor->zmaControl('stop'); - $Monitor->zmcControl('stop'); + if ( $monitor->Type() != 'WebSite' ) { + $monitor->zmaControl('stop'); + $monitor->zmcControl('stop'); } - dbQuery('UPDATE Monitors SET '.implode(', ', $changes).' WHERE Id=?', array($mid)); + $monitor->save($changes); + // Groups will be added below if ( isset($changes['Name']) or isset($changes['StorageId']) ) { // creating symlinks when symlink already exists reports errors, but is perfectly ok error_reporting(0); - $OldStorage = new ZM\Storage($monitor['StorageId']); - $saferOldName = basename($monitor['Name']); + $OldStorage = $monitor->StorageId(); + $saferOldName = basename($monitor->Name()); if ( file_exists($OldStorage->Path().'/'.$saferOldName) ) unlink($OldStorage->Path().'/'.$saferOldName); @@ -143,15 +140,14 @@ if ( $action == 'monitor' ) { // Can only create new monitors if we are not restricted to specific monitors # FIXME This is actually a race condition. Should lock the table. $maxSeq = dbFetchOne('SELECT MAX(Sequence) AS MaxSequence FROM Monitors', 'MaxSequence'); - $changes[] = 'Sequence = '.($maxSeq+1); + $changes['Sequence'] = $maxSeq+1; - $sql = 'INSERT INTO Monitors SET '.implode(', ', $changes); - if ( dbQuery($sql) ) { - $mid = dbInsertId(); + if ( !$monitor->save($changes) ) { + $mid = $monitor->Id(); $zoneArea = $_REQUEST['newMonitor']['Width'] * $_REQUEST['newMonitor']['Height']; dbQuery("INSERT INTO Zones SET MonitorId = ?, Name = 'All', Type = 'Active', Units = 'Percent', NumCoords = 4, Coords = ?, Area=?, AlarmRGB = 0xff0000, CheckMethod = 'Blobs', MinPixelThreshold = 25, MinAlarmPixels=?, MaxAlarmPixels=?, FilterX = 3, FilterY = 3, MinFilterPixels=?, MaxFilterPixels=?, MinBlobPixels=?, MinBlobs = 1", array( $mid, sprintf( "%d,%d %d,%d %d,%d %d,%d", 0, 0, $_REQUEST['newMonitor']['Width']-1, 0, $_REQUEST['newMonitor']['Width']-1, $_REQUEST['newMonitor']['Height']-1, 0, $_REQUEST['newMonitor']['Height']-1 ), $zoneArea, intval(($zoneArea*3)/100), intval(($zoneArea*75)/100), intval(($zoneArea*3)/100), intval(($zoneArea*75)/100), intval(($zoneArea*2)/100) ) ); //$view = 'none'; - $Storage = new ZM\Storage($_REQUEST['newMonitor']['StorageId']); + $Storage = $monitor->Storage(); mkdir($Storage->Path().'/'.$mid, 0755); $saferName = basename($_REQUEST['newMonitor']['Name']); symlink($mid, $Storage->Path().'/'.$saferName); @@ -174,11 +170,11 @@ if ( $action == 'monitor' ) { if ( ( !isset($_POST['newMonitor']['GroupIds']) ) or - ( count($_POST['newMonitor']['GroupIds']) != count($Monitor->GroupIds()) ) + ( count($_POST['newMonitor']['GroupIds']) != count($monitor->GroupIds()) ) or - array_diff($_POST['newMonitor']['GroupIds'], $Monitor->GroupIds()) + array_diff($_POST['newMonitor']['GroupIds'], $monitor->GroupIds()) ) { - if ( $Monitor->Id() ) + if ( $monitor->Id() ) dbQuery('DELETE FROM Groups_Monitors WHERE MonitorId=?', array($mid)); if ( isset($_POST['newMonitor']['GroupIds']) ) { @@ -207,14 +203,12 @@ if ( $action == 'monitor' ) { if ( $restart ) { - $new_monitor = new ZM\Monitor($mid); + if ( $monitor->Function() != 'None' and $monitor->Type() != 'WebSite' ) { + $monitor->zmcControl('start'); + if ( ($monitor->Function() == 'Modect' or $monitor->Function() == 'Mocord') and $monitor->Enabled() ) + $monitor->zmaControl('start'); - if ( $new_monitor->Function() != 'None' and $new_monitor->Type() != 'WebSite' ) { - $new_monitor->zmcControl('start'); - if ( ($new_monitor->Function() == 'Modect' or $new_monitor->Function == 'Mocord') and $new_monitor->Enabled() ) - $new_monitor->zmaControl('start'); - - if ( $new_monitor->Controllable() ) { + if ( $monitor->Controllable() ) { require_once('includes/control_functions.php'); sendControlCommand($mid, 'quit'); } From 8215fe1c0fad3d6eb2bd0b2ad2ea21af4e532c36 Mon Sep 17 00:00:00 2001 From: Isaac Connor Date: Sun, 8 Sep 2019 16:10:20 -0400 Subject: [PATCH 523/922] Some versions off avcodec libs have pkt_pts and pkt_dts but they have been deprecated and weren't of any use anyways --- src/zm_ffmpeg.h | 19 ------------------- 1 file changed, 19 deletions(-) diff --git a/src/zm_ffmpeg.h b/src/zm_ffmpeg.h index f6443f797..eac8fe3e3 100644 --- a/src/zm_ffmpeg.h +++ b/src/zm_ffmpeg.h @@ -299,23 +299,6 @@ void zm_dump_codec(const AVCodecContext *codec); #if LIBAVCODEC_VERSION_CHECK(57, 64, 0, 64, 0) void zm_dump_codecpar(const AVCodecParameters *par); #endif -#if LIBAVCODEC_VERSION_CHECK(56, 8, 0, 60, 100) -#define zm_dump_frame(frame, text) Debug(1, "%s: format %d %s sample_rate %" PRIu32 " nb_samples %d channels %d" \ - " duration %" PRId64 \ - " layout %d pts %" PRId64 " pkt_pts %" PRId64 " pkt_dts %" PRId64, \ - text, \ - frame->format, \ - av_get_sample_fmt_name((AVSampleFormat)frame->format), \ - frame->sample_rate, \ - frame->nb_samples, \ - frame->channels, \ - frame->pkt_duration, \ - frame->channel_layout, \ - frame->pts, \ - frame->pkt_pts, \ - frame->pkt_dts \ - ); -#else #define zm_dump_frame(frame, text) Debug(1, "%s: format %d %s sample_rate %" PRIu32 " nb_samples %d channels %d" \ " duration %" PRId64 \ " layout %d pts %" PRId64, \ @@ -329,8 +312,6 @@ void zm_dump_codecpar(const AVCodecParameters *par); frame->pts \ ); -#endif - #define zm_dump_video_frame(frame,text) Debug(1, "%s: format %d %s %dx%d linesize:%dx%d pts: %" PRId64, \ text, \ frame->format, \ From d5d4d9d19b154924da52ffa23149509bea257992 Mon Sep 17 00:00:00 2001 From: Isaac Connor Date: Sun, 8 Sep 2019 16:10:57 -0400 Subject: [PATCH 524/922] ret should be a heap var, not a member of the object. Somehow this also seems to fix crashing on debian buster. I assume the compiler is confused --- src/zm_videostore.cpp | 42 +++++++++++++++++++++++------------------- src/zm_videostore.h | 1 - 2 files changed, 23 insertions(+), 20 deletions(-) diff --git a/src/zm_videostore.cpp b/src/zm_videostore.cpp index 647920789..c003f165b 100644 --- a/src/zm_videostore.cpp +++ b/src/zm_videostore.cpp @@ -60,7 +60,7 @@ VideoStore::VideoStore( Info("Opening video storage stream %s format: %s", filename, format); - ret = avformat_alloc_output_context2(&oc, NULL, NULL, filename); + int ret = avformat_alloc_output_context2(&oc, NULL, NULL, filename); if ( ret < 0 ) { Warning( "Could not create video storage stream %s as no out ctx" @@ -91,7 +91,7 @@ VideoStore::VideoStore( oc->metadata = pmetadata; out_format = oc->oformat; - out_format->flags |= AVFMT_TS_NONSTRICT; // allow non increasing dts + out_format->flags |= AVFMT_TS_NONSTRICT; // allow non increasing dts video_out_codec = avcodec_find_encoder(video_in_ctx->codec_id); if ( !video_out_codec ) { @@ -136,7 +136,7 @@ VideoStore::VideoStore( video_out_ctx->time_base = video_in_ctx->time_base; if ( ! (video_out_ctx->time_base.num && video_out_ctx->time_base.den) ) { Debug(2,"No timebase found in video in context, defaulting to Q"); - video_out_ctx->time_base = AV_TIME_BASE_Q; + video_out_ctx->time_base = AV_TIME_BASE_Q; } zm_dump_codec(video_out_ctx); @@ -375,6 +375,7 @@ VideoStore::VideoStore( } // VideoStore::VideoStore bool VideoStore::open() { + int ret; /* open the out file, if needed */ if ( !(out_format->flags & AVFMT_NOFILE) ) { ret = avio_open2(&oc->pb, filename, AVIO_FLAG_WRITE, NULL, NULL); @@ -417,6 +418,7 @@ bool VideoStore::open() { VideoStore::~VideoStore() { if ( oc->pb ) { + int ret; if ( audio_out_codec ) { // The codec queues data. We need to send a flush command and out @@ -632,6 +634,7 @@ bool VideoStore::setup_resampler() { "Cannot do audio conversion to AAC"); return false; #else + int ret; #if LIBAVCODEC_VERSION_CHECK(57, 64, 0, 64, 0) // Newer ffmpeg wants to keep everything separate... so have to lookup our own @@ -960,8 +963,8 @@ int VideoStore::writeVideoFramePacket(AVPacket *ipkt) { //AV_NOPTS_VALUE; } // Just because the in stream wraps, doesn't mean the out needs to. - // Really, if we are limiting ourselves to 10min segments I can't imagine every wrapping in the out. - // So need to handle in wrap, without causing out wrap. + // Really, if we are limiting ourselves to 10min segments I can't imagine every wrapping in the out. + // So need to handle in wrap, without causing out wrap. if ( ipkt->dts != AV_NOPTS_VALUE ) { if ( !video_first_dts ) { @@ -1002,14 +1005,14 @@ int VideoStore::writeVideoFramePacket(AVPacket *ipkt) { opkt.dts = video_out_stream->cur_dts; } - if ( opkt.dts < video_out_stream->cur_dts ) { - Debug(1, "Fixing non-monotonic dts/pts dts %" PRId64 " pts %" PRId64 " stream %" PRId64, - opkt.dts, opkt.pts, video_out_stream->cur_dts); - opkt.dts = video_out_stream->cur_dts; - if ( opkt.dts > opkt.pts ) { - opkt.pts = opkt.dts; - } - } + if ( opkt.dts < video_out_stream->cur_dts ) { + Debug(1, "Fixing non-monotonic dts/pts dts %" PRId64 " pts %" PRId64 " stream %" PRId64, + opkt.dts, opkt.pts, video_out_stream->cur_dts); + opkt.dts = video_out_stream->cur_dts; + if ( opkt.dts > opkt.pts ) { + opkt.pts = opkt.dts; + } + } opkt.flags = ipkt->flags; opkt.pos = -1; @@ -1022,6 +1025,7 @@ int VideoStore::writeVideoFramePacket(AVPacket *ipkt) { } // end int VideoStore::writeVideoFramePacket( AVPacket *ipkt ) int VideoStore::writeAudioFramePacket(AVPacket *ipkt) { + int ret; if ( !audio_out_stream ) { Debug(1, "Called writeAudioFramePacket when no audio_out_stream"); @@ -1134,11 +1138,11 @@ int VideoStore::writeAudioFramePacket(AVPacket *ipkt) { opkt.dts = AV_NOPTS_VALUE; } #else - opkt.pts = av_rescale_q( + opkt.pts = av_rescale_q( opkt.pts, audio_out_ctx->time_base, audio_out_stream->time_base); - opkt.dts = av_rescale_q( + opkt.dts = av_rescale_q( opkt.dts, audio_out_ctx->time_base, audio_out_stream->time_base); @@ -1239,14 +1243,14 @@ int VideoStore::write_packet(AVPacket *pkt, AVStream *stream) { if ( pkt->dts < stream->cur_dts ) { Warning("non increasing dts, fixing"); pkt->dts = stream->cur_dts; - if ( pkt->dts > pkt->pts ) { + if ( (pkt->pts != AV_NOPTS_VALUE) && (pkt->dts > pkt->pts) ) { Debug(1, "pkt.dts(%" PRId64 ") must be <= pkt.pts(%" PRId64 ")." "Decompression must happen before presentation.", pkt->dts, pkt->pts); pkt->pts = pkt->dts; } - } else if ( pkt->dts > pkt->pts ) { + } else if ( (pkt->pts != AV_NOPTS_VALUE) && (pkt->dts > pkt->pts) ) { Debug(1, "pkt.dts(%" PRId64 ") must be <= pkt.pts(%" PRId64 ")." "Decompression must happen before presentation.", @@ -1256,7 +1260,7 @@ int VideoStore::write_packet(AVPacket *pkt, AVStream *stream) { dumpPacket(stream, pkt, "finished pkt"); - ret = av_interleaved_write_frame(oc, pkt); + int ret = av_interleaved_write_frame(oc, pkt); if ( ret != 0 ) { Error("Error writing packet: %s", av_make_error_string(ret).c_str()); @@ -1272,7 +1276,7 @@ int VideoStore::resample_audio() { #if defined(HAVE_LIBSWRESAMPLE) Debug(2, "Converting %d to %d samples using swresample", in_frame->nb_samples, out_frame->nb_samples); - ret = swr_convert_frame(resample_ctx, out_frame, in_frame); + int ret = swr_convert_frame(resample_ctx, out_frame, in_frame); if ( ret < 0 ) { Error("Could not resample frame (error '%s')", av_make_error_string(ret).c_str()); diff --git a/src/zm_videostore.h b/src/zm_videostore.h index 2940bc2e7..4c6dbf871 100644 --- a/src/zm_videostore.h +++ b/src/zm_videostore.h @@ -40,7 +40,6 @@ private: AVCodecContext *video_in_ctx; AVCodec *audio_in_codec; AVCodecContext *audio_in_ctx; - int ret; // The following are used when encoding the audio stream to AAC AVStream *audio_out_stream; From f1cffa6fe1dabd6fd02385276524ee5d5befe860 Mon Sep 17 00:00:00 2001 From: Isaac Connor Date: Mon, 9 Sep 2019 08:22:58 -0400 Subject: [PATCH 525/922] Add more debian based distros to packpack builds --- .travis.yml | 8 ++++++++ 1 file changed, 8 insertions(+) diff --git a/.travis.yml b/.travis.yml index 80541eaab..d16829c11 100644 --- a/.travis.yml +++ b/.travis.yml @@ -37,8 +37,16 @@ env: - SMPFLAGS=-j4 OS=fedora DIST=29 DOCKER_REPO=knnniggett/packpack - SMPFLAGS=-j4 OS=ubuntu DIST=trusty - SMPFLAGS=-j4 OS=ubuntu DIST=xenial + - SMPFLAGS=-j4 OS=ubuntu DIST=bionic + - SMPFLAGS=-j4 OS=ubuntu DIST=disco + - SMPFLAGS=-j4 OS=ubuntu DIST=buster + - SMPFLAGS=-j4 OS=ubuntu DIST=stretch - SMPFLAGS=-j4 OS=ubuntu DIST=trusty ARCH=i386 - SMPFLAGS=-j4 OS=ubuntu DIST=xenial ARCH=i386 + - SMPFLAGS=-j4 OS=ubuntu DIST=bionic ARCH=i386 + - SMPFLAGS=-j4 OS=ubuntu DIST=disco ARCH=i386 + - SMPFLAGS=-j4 OS=ubuntu DIST=buster ARCH=i386 + - SMPFLAGS=-j4 OS=ubuntu DIST=stretch ARCH=i386 - SMPFLAGS=-j4 OS=raspbian DIST=stretch ARCH=armhf DOCKER_REPO=knnniggett/packpack compiler: From 8103156436173db679dae579a41042eb69313e1e Mon Sep 17 00:00:00 2001 From: Isaac Connor Date: Mon, 9 Sep 2019 09:16:52 -0400 Subject: [PATCH 526/922] when deleting multiple events, each event has to be it's own transaction due to locking --- web/includes/Event.php | 15 +++++++-------- web/includes/actions/events.php | 2 -- 2 files changed, 7 insertions(+), 10 deletions(-) diff --git a/web/includes/Event.php b/web/includes/Event.php index e8b6d15be..19d28e0ec 100644 --- a/web/includes/Event.php +++ b/web/includes/Event.php @@ -142,16 +142,14 @@ class Event extends ZM_Object { # Assumption: All events have a start time $start_date = date_parse($this->{'StartTime'}); if ( ! $start_date ) { - Error('Unable to parse start time for event ' . $this->{'Id'} . ' not deleting files.'); - return; + throw new Exception('Unable to parse start time for event ' . $this->{'Id'} . ' not deleting files.'); } $start_date['year'] = $start_date['year'] % 100; # So this is because ZM creates a link under the day pointing to the time that the event happened. $link_path = $this->Link_Path(); if ( ! $link_path ) { - Error('Unable to determine link path for event '.$this->{'Id'}.' not deleting files.'); - return; + throw new Exception('Unable to determine link path for event '.$this->{'Id'}.' not deleting files.'); } $Storage = $this->Storage(); @@ -159,8 +157,7 @@ class Event extends ZM_Object { if ( $id_files = glob($eventlink_path) ) { if ( ! $eventPath = readlink($id_files[0]) ) { - Error("Unable to read link at $id_files[0]"); - return; + throw new Exception("Unable to read link at $id_files[0]"); } # I know we are using arrays here, but really there can only ever be 1 in the array $eventPath = preg_replace('/\.'.$this->{'Id'}.'$/', $eventPath, $id_files[0]); @@ -179,8 +176,7 @@ class Event extends ZM_Object { } else { $eventPath = $this->Path(); if ( ! $eventPath ) { - Error('No event Path in Event delete. Not deleting'); - return; + throw new Exception('No event Path in Event delete. Not deleting'); } deletePath($eventPath); if ( $this->SecondaryStorageId() ) { @@ -199,6 +195,9 @@ class Event extends ZM_Object { $dbConn->commit(); } catch (PDOException $e) { $dbConn->rollback(); + } catch (Exception $e) { + Error($e->getMessage()); + $dbConn->rollback(); } } # end Event->delete diff --git a/web/includes/actions/events.php b/web/includes/actions/events.php index 08782a8a2..abea69b60 100644 --- a/web/includes/actions/events.php +++ b/web/includes/actions/events.php @@ -44,11 +44,9 @@ if ( $action == 'archive' ) { $dbConn->commit(); $refreshParent = true; } else if ( $action == 'delete' ) { - $dbConn->beginTransaction(); foreach ( getAffectedIds('eids') as $markEid ) { deleteEvent($markEid); } - $dbConn->commit(); $refreshParent = true; } ?> From 922273410ba36f7e6b40f0f2df8132b0e88a2661 Mon Sep 17 00:00:00 2001 From: Isaac Connor Date: Mon, 9 Sep 2019 10:04:57 -0400 Subject: [PATCH 527/922] correct dist for debian --- .travis.yml | 8 ++++---- 1 file changed, 4 insertions(+), 4 deletions(-) diff --git a/.travis.yml b/.travis.yml index d16829c11..e41dcb35f 100644 --- a/.travis.yml +++ b/.travis.yml @@ -39,14 +39,14 @@ env: - SMPFLAGS=-j4 OS=ubuntu DIST=xenial - SMPFLAGS=-j4 OS=ubuntu DIST=bionic - SMPFLAGS=-j4 OS=ubuntu DIST=disco - - SMPFLAGS=-j4 OS=ubuntu DIST=buster - - SMPFLAGS=-j4 OS=ubuntu DIST=stretch + - SMPFLAGS=-j4 OS=debian DIST=buster + - SMPFLAGS=-j4 OS=debian DIST=stretch - SMPFLAGS=-j4 OS=ubuntu DIST=trusty ARCH=i386 - SMPFLAGS=-j4 OS=ubuntu DIST=xenial ARCH=i386 - SMPFLAGS=-j4 OS=ubuntu DIST=bionic ARCH=i386 - SMPFLAGS=-j4 OS=ubuntu DIST=disco ARCH=i386 - - SMPFLAGS=-j4 OS=ubuntu DIST=buster ARCH=i386 - - SMPFLAGS=-j4 OS=ubuntu DIST=stretch ARCH=i386 + - SMPFLAGS=-j4 OS=debian DIST=buster ARCH=i386 + - SMPFLAGS=-j4 OS=debian DIST=stretch ARCH=i386 - SMPFLAGS=-j4 OS=raspbian DIST=stretch ARCH=armhf DOCKER_REPO=knnniggett/packpack compiler: From d5aa95e45fde34289034c7ec27eae1534644466c Mon Sep 17 00:00:00 2001 From: Isaac Connor Date: Mon, 9 Sep 2019 16:13:32 -0400 Subject: [PATCH 528/922] cpplint fixes --- src/zm_videostore.cpp | 41 ++++++++++++++++++++------------------- web/includes/database.php | 2 +- 2 files changed, 22 insertions(+), 21 deletions(-) diff --git a/src/zm_videostore.cpp b/src/zm_videostore.cpp index c003f165b..b10cb4a00 100644 --- a/src/zm_videostore.cpp +++ b/src/zm_videostore.cpp @@ -20,13 +20,14 @@ #define __STDC_FORMAT_MACROS 1 -#include -#include -#include #include "zm.h" #include "zm_videostore.h" +#include +#include +#include + extern "C" { #include "libavutil/time.h" } @@ -162,7 +163,7 @@ VideoStore::VideoStore( if ( !video_out_ctx->codec_tag ) { Debug(2, "No codec_tag"); - if ( + if ( !oc->oformat->codec_tag || av_codec_get_id(oc->oformat->codec_tag, video_in_ctx->codec_tag) == video_out_ctx->codec_id @@ -178,17 +179,17 @@ VideoStore::VideoStore( video_out_stream->time_base = video_in_stream->time_base; if ( video_in_stream->avg_frame_rate.num ) { Debug(3,"Copying avg_frame_rate (%d/%d)", - video_in_stream->avg_frame_rate.num, - video_in_stream->avg_frame_rate.den + video_in_stream->avg_frame_rate.num, + video_in_stream->avg_frame_rate.den ); video_out_stream->avg_frame_rate = video_in_stream->avg_frame_rate; } if ( video_in_stream->r_frame_rate.num ) { Debug(3,"Copying r_frame_rate (%d/%d) to out (%d/%d)", - video_in_stream->r_frame_rate.num, + video_in_stream->r_frame_rate.num, video_in_stream->r_frame_rate.den , - video_out_stream->r_frame_rate.num, - video_out_stream->r_frame_rate.den + video_out_stream->r_frame_rate.num, + video_out_stream->r_frame_rate.den ); video_out_stream->r_frame_rate = video_in_stream->r_frame_rate; } @@ -301,7 +302,7 @@ VideoStore::VideoStore( audio_out_stream = NULL; return; } -#else +#else audio_out_stream = avformat_new_stream(oc, audio_out_codec); audio_out_ctx = audio_out_stream->codec; #endif @@ -653,7 +654,7 @@ bool VideoStore::setup_resampler() { #else // codec is already open in ffmpeg_camera audio_in_ctx = audio_in_stream->codec; - audio_in_codec = (AVCodec *)audio_in_ctx->codec; + audio_in_codec = reinterpret_castaudio_in_ctx->codec; //audio_in_codec = avcodec_find_decoder(audio_in_stream->codec->codec_id); #endif @@ -867,7 +868,7 @@ bool VideoStore::setup_resampler() { NULL, audio_out_ctx->channels, audio_out_ctx->frame_size, audio_out_ctx->sample_fmt, 0); - converted_in_samples = (uint8_t *)av_malloc(audioSampleBuffer_size); + converted_in_samples = reinterpret_cast(av_malloc(audioSampleBuffer_size)); if ( !converted_in_samples ) { Error("Could not allocate converted in sample pointers"); @@ -921,7 +922,7 @@ int VideoStore::writeVideoFramePacket(AVPacket *ipkt) { duration ); if ( duration <= 0 ) { - // Why are we setting the duration to 1? + // Why are we setting the duration to 1? duration = ipkt->duration ? ipkt->duration : av_rescale_q(1,video_in_stream->time_base, video_out_stream->time_base); } } @@ -971,7 +972,7 @@ int VideoStore::writeVideoFramePacket(AVPacket *ipkt) { // && ( ipkt->dts >= 0 ) ) { // This is the first packet. opkt.dts = 0; - Debug(1, "Starting video first_dts will become (%" PRId64 ")", ipkt->dts); + Debug(2, "Starting video first_dts will become (%" PRId64 ")", ipkt->dts); video_first_dts = ipkt->dts; #if 1 if ( audio_in_stream ) { @@ -1137,7 +1138,7 @@ int VideoStore::writeAudioFramePacket(AVPacket *ipkt) { } else { opkt.dts = AV_NOPTS_VALUE; } -#else +#else opkt.pts = av_rescale_q( opkt.pts, audio_out_ctx->time_base, @@ -1231,10 +1232,10 @@ int VideoStore::writeAudioFramePacket(AVPacket *ipkt) { write_packet(&opkt, audio_out_stream); zm_av_packet_unref(&opkt); - } // end if encoding or copying + } // end if encoding or copying return 0; -} // end int VideoStore::writeAudioFramePacket(AVPacket *ipkt) +} // end int VideoStore::writeAudioFramePacket(AVPacket *ipkt) int VideoStore::write_packet(AVPacket *pkt, AVStream *stream) { pkt->pos = -1; @@ -1267,7 +1268,7 @@ int VideoStore::write_packet(AVPacket *pkt, AVStream *stream) { } else { Debug(2, "Success writing packet"); } -} // end int VideoStore::write_packet(AVPacket *pkt, AVStream *stream) +} // end int VideoStore::write_packet(AVPacket *pkt, AVStream *stream) int VideoStore::resample_audio() { // Resample the in_frame into the audioSampleBuffer until we process the whole @@ -1303,7 +1304,7 @@ int VideoStore::resample_audio() { // AAC requires 1024 samples per encode. Our input tends to be something else, so need to buffer them. if ( frame_size > av_audio_fifo_size(fifo) ) { - Debug(1, "Not enough samples in fifo for AAC codec frame_size %d > fifo size %d", + Debug(1, "Not enough samples in fifo for AAC codec frame_size %d > fifo size %d", frame_size, av_audio_fifo_size(fifo)); return 0; } @@ -1354,4 +1355,4 @@ int VideoStore::resample_audio() { return 0; #endif return 1; -} // end int VideoStore::resample_audio +} // end int VideoStore::resample_audio diff --git a/web/includes/database.php b/web/includes/database.php index d941a01e0..5ec54f163 100644 --- a/web/includes/database.php +++ b/web/includes/database.php @@ -56,7 +56,7 @@ function dbConnect() { $dbConn->setAttribute(PDO::ATTR_EMULATE_PREPARES, false); $dbConn->setAttribute(PDO::ATTR_ERRMODE, PDO::ERRMODE_EXCEPTION); - } catch(PDOException $ex ) { + } catch(PDOException $ex) { echo 'Unable to connect to ZM db.' . $ex->getMessage(); error_log('Unable to connect to ZM DB ' . $ex->getMessage()); $dbConn = null; From 792af28c549b71f987c032a35f154b375fae10c7 Mon Sep 17 00:00:00 2001 From: Isaac Connor Date: Mon, 9 Sep 2019 16:55:22 -0400 Subject: [PATCH 529/922] return a value from write_packet --- src/zm_videostore.cpp | 3 ++- 1 file changed, 2 insertions(+), 1 deletion(-) diff --git a/src/zm_videostore.cpp b/src/zm_videostore.cpp index b10cb4a00..4d10fb67b 100644 --- a/src/zm_videostore.cpp +++ b/src/zm_videostore.cpp @@ -654,7 +654,7 @@ bool VideoStore::setup_resampler() { #else // codec is already open in ffmpeg_camera audio_in_ctx = audio_in_stream->codec; - audio_in_codec = reinterpret_castaudio_in_ctx->codec; + audio_in_codec = reinterpret_cast(audio_in_ctx->codec); //audio_in_codec = avcodec_find_decoder(audio_in_stream->codec->codec_id); #endif @@ -1268,6 +1268,7 @@ int VideoStore::write_packet(AVPacket *pkt, AVStream *stream) { } else { Debug(2, "Success writing packet"); } + return ret; } // end int VideoStore::write_packet(AVPacket *pkt, AVStream *stream) int VideoStore::resample_audio() { From 097ce5e778898e3b99a2c5f23e1eb3f86a742aa8 Mon Sep 17 00:00:00 2001 From: Isaac Connor Date: Mon, 9 Sep 2019 17:09:01 -0400 Subject: [PATCH 530/922] add const to cast --- src/zm_videostore.cpp | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/src/zm_videostore.cpp b/src/zm_videostore.cpp index 4d10fb67b..eda382077 100644 --- a/src/zm_videostore.cpp +++ b/src/zm_videostore.cpp @@ -654,7 +654,7 @@ bool VideoStore::setup_resampler() { #else // codec is already open in ffmpeg_camera audio_in_ctx = audio_in_stream->codec; - audio_in_codec = reinterpret_cast(audio_in_ctx->codec); + audio_in_codec = reinterpret_cast(audio_in_ctx->codec); //audio_in_codec = avcodec_find_decoder(audio_in_stream->codec->codec_id); #endif From 6c6b2d7c6f1185cb049b644e05d3859b5bf7beb2 Mon Sep 17 00:00:00 2001 From: Isaac Connor Date: Mon, 9 Sep 2019 17:10:40 -0400 Subject: [PATCH 531/922] Fix build --- src/zm_videostore.h | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/src/zm_videostore.h b/src/zm_videostore.h index 4c6dbf871..01dbc4d78 100644 --- a/src/zm_videostore.h +++ b/src/zm_videostore.h @@ -38,7 +38,7 @@ private: AVFrame *out_frame; AVCodecContext *video_in_ctx; - AVCodec *audio_in_codec; + const AVCodec *audio_in_codec; AVCodecContext *audio_in_ctx; // The following are used when encoding the audio stream to AAC From 30687de91867a21c75d2c104545ccba3cd3a1b45 Mon Sep 17 00:00:00 2001 From: Isaac Connor Date: Tue, 10 Sep 2019 17:20:18 -0400 Subject: [PATCH 532/922] Handle 0 value for StorageId --- scripts/ZoneMinder/lib/ZoneMinder/Event.pm | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/scripts/ZoneMinder/lib/ZoneMinder/Event.pm b/scripts/ZoneMinder/lib/ZoneMinder/Event.pm index fc19eb7d9..b5a89e601 100644 --- a/scripts/ZoneMinder/lib/ZoneMinder/Event.pm +++ b/scripts/ZoneMinder/lib/ZoneMinder/Event.pm @@ -134,7 +134,7 @@ sub Path { if ( ! $$event{Path} ) { my $Storage = $event->Storage(); - if ( defined $Storage->Id() ) { + if ( (!$$event{StorageId}) or defined $Storage->Id() ) { $$event{Path} = join('/', $Storage->Path(), $event->RelativePath()); } else { Error("Storage area for $$event{StorageId} no longer exists in db."); From d1416322561730c47000bf9a6acbcbc8128a29c2 Mon Sep 17 00:00:00 2001 From: Isaac Connor Date: Wed, 11 Sep 2019 09:18:03 -0400 Subject: [PATCH 533/922] general clean of onvif probe view. Use buttons instead of inputs and use data-on-change-this instead of inline js. Also rename username and password to Username and Password to not conflict with authentication to ZM ui. --- web/skins/classic/views/js/onvifprobe.js | 10 ++-- web/skins/classic/views/onvifprobe.php | 69 ++++++++++-------------- 2 files changed, 32 insertions(+), 47 deletions(-) diff --git a/web/skins/classic/views/js/onvifprobe.js b/web/skins/classic/views/js/onvifprobe.js index b49ac5754..cfe0939d0 100644 --- a/web/skins/classic/views/js/onvifprobe.js +++ b/web/skins/classic/views/js/onvifprobe.js @@ -22,14 +22,14 @@ function gotoStep2( element ) { form.submit(); } -function configureButtons( element ) { +function configureButtons(element) { var form = element.form; - if (form.elements.namedItem("nextBtn")) { + if (form.elements.namedItem('nextBtn')) { form.nextBtn.disabled = (form.probe.selectedIndex==0) || - (form.username == "") || (form.username == null) || - (form.password == "") || (form.password == null); + (form.Username == '') || (form.Username == null) || + (form.Password == '') || (form.Password == null); } - if (form.elements.namedItem("saveBtn")) { + if (form.elements.namedItem('saveBtn')) { form.saveBtn.disabled = (form.probe.selectedIndex==0); } } diff --git a/web/skins/classic/views/onvifprobe.php b/web/skins/classic/views/onvifprobe.php index e1c4c8ef7..8c5feb50b 100644 --- a/web/skins/classic/views/onvifprobe.php +++ b/web/skins/classic/views/onvifprobe.php @@ -41,18 +41,18 @@ function execONVIF( $cmd ) { Please the following command from a command line for more information:

$shell_command" ); } else { - ZM\Logger::Debug( "Results from probe: " . implode( '
', $output ) ); + ZM\Logger::Debug('Results from probe: '.implode('
', $output)); } return $output; } -function probeCameras( $localIp ) { +function probeCameras($localIp) { $cameras = array(); - if ( $lines = @execONVIF( 'probe' ) ) { + if ( $lines = @execONVIF('probe') ) { foreach ( $lines as $line ) { - $line = rtrim( $line ); - if ( preg_match( '|^(.+),(.+),\s\((.*)\)$|', $line, $matches ) ) { + $line = rtrim($line); + if ( preg_match('|^(.+),(.+),\s\((.*)\)$|', $line, $matches) ) { $device_ep = $matches[1]; $soapversion = $matches[2]; $camera = array( @@ -65,7 +65,7 @@ function probeCameras( $localIp ) { ), ); foreach ( preg_split('|,\s*|', $matches[3]) as $attr_val ) { - if ( preg_match( '|(.+)=\'(.*)\'|', $attr_val, $tokens ) ) { + if ( preg_match('|(.+)=\'(.*)\'|', $attr_val, $tokens) ) { if ( $tokens[1] == 'hardware' ) { $camera['model'] = $tokens[2]; } elseif ( $tokens[1] == 'name' ) { @@ -84,7 +84,7 @@ function probeCameras( $localIp ) { return $cameras; } // end function probeCameras -function probeProfiles( $device_ep, $soapversion, $username, $password ) { +function probeProfiles($device_ep, $soapversion, $username, $password) { $profiles = array(); if ( $lines = @execONVIF("profiles $device_ep $soapversion $username $password") ) { foreach ( $lines as $line ) { @@ -94,7 +94,7 @@ function probeProfiles( $device_ep, $soapversion, $username, $password ) { // add user@pass to URI if ( preg_match('|^(\S+://)(.+)$|', $stream_uri, $tokens) ) { $stream_uri = $tokens[1].$username.':'.$password.'@'.$tokens[2]; - } + } $profile = array( # 'monitor' part of camera 'Type' => 'Ffmpeg', @@ -125,8 +125,8 @@ xhtmlHeaders(__FILE__, translate('MonitorProbe') ); if ( !isset($_REQUEST['step']) || ($_REQUEST['step'] == '1') ) { $monitors = array(); - foreach ( dbFetchAll("SELECT Id, Name, Host FROM Monitors WHERE Type = 'Remote' ORDER BY Host") as $monitor ) { - if ( preg_match( '/^(.+)@(.+)$/', $monitor['Host'], $matches ) ) { + foreach ( dbFetchAll("SELECT Id, Name, Host FROM Monitors WHERE Type='Remote' ORDER BY Host") as $monitor ) { + if ( preg_match('/^(.+)@(.+)$/', $monitor['Host'], $matches) ) { //echo "1: ".$matches[2]." = ".gethostbyname($matches[2])."
"; $monitors[gethostbyname($matches[2])] = $monitor; } else { @@ -137,26 +137,12 @@ if ( !isset($_REQUEST['step']) || ($_REQUEST['step'] == '1') ) { $detcameras = probeCameras(''); foreach ( $detcameras as $camera ) { - if ( preg_match( '|([0-9]+\.[0-9]+\.[0-9]+\.[0-9]+)|', $camera['monitor']['Host'], $matches ) ) { + if ( preg_match('|([0-9]+\.[0-9]+\.[0-9]+\.[0-9]+)|', $camera['monitor']['Host'], $matches) ) { $ip = $matches[1]; } $host = $ip; -/* - if ( isset($monitors[$ip]) ) - { - $monitor = $monitors[$ip]; - $sourceString .= " (".$monitor['Name'].")"; - } - else - { - $sourceString .= " - ".translate('Available'); - } - $cameras[$sourceDesc] = $sourceString; - } -*/ -// $sourceDesc = htmlspecialchars(serialize($camera['monitor'])); $sourceDesc = base64_encode(json_encode($camera['monitor'])); - $sourceString = $camera['model'].' @ '.$host . ' using version ' . $camera['monitor']['SOAP'] ; + $sourceString = $camera['model'].' @ '.$host.' using version '.$camera['monitor']['SOAP']; $cameras[$sourceDesc] = $sourceString; } @@ -179,39 +165,38 @@ if ( !isset($_REQUEST['step']) || ($_REQUEST['step'] == '1') ) {

- 'configureButtons(this)')); ?> + 'configureButtons')); ?>

- - + +

- - + +

- - + +
- $value ) { if ( isset($value) ) { $monitor[$name] = $value; @@ -221,7 +206,7 @@ if ( !isset($_REQUEST['step']) || ($_REQUEST['step'] == '1') ) { //print $monitor['Host'].", ".$_REQUEST['username'].", ".$_REQUEST['password']."
"; - $detprofiles = probeProfiles($monitor['Host'], $monitor['SOAP'], $_REQUEST['username'], $_REQUEST['password']); + $detprofiles = probeProfiles($monitor['Host'], $monitor['SOAP'], $_REQUEST['Username'], $_REQUEST['Password']); foreach ( $detprofiles as $profile ) { $monitor = $camera['monitor']; @@ -258,18 +243,18 @@ if ( !isset($_REQUEST['step']) || ($_REQUEST['step'] == '1') ) {

- 'configureButtons(this)')); ?> + 'configureButtons')); ?>

- - - + + +
- + From 8fb55cdbff6fa94d0144493a0af06dd23e0970e6 Mon Sep 17 00:00:00 2001 From: Isaac Connor Date: Thu, 12 Sep 2019 16:51:33 -0400 Subject: [PATCH 534/922] Add codec name to zm_dump_codec and zm_dump_codecpar add new functions zm_receive_packet --- src/zm_ffmpeg.cpp | 41 ++++++++++++++++++++++++++++++++++++++--- src/zm_ffmpeg.h | 3 +++ 2 files changed, 41 insertions(+), 3 deletions(-) diff --git a/src/zm_ffmpeg.cpp b/src/zm_ffmpeg.cpp index bd8643335..d9f62a9e1 100644 --- a/src/zm_ffmpeg.cpp +++ b/src/zm_ffmpeg.cpp @@ -289,9 +289,10 @@ static void zm_log_fps(double d, const char *postfix) { #if LIBAVCODEC_VERSION_CHECK(57, 64, 0, 64, 0) void zm_dump_codecpar ( const AVCodecParameters *par ) { - Debug(1, "Dumping codecpar codec_type(%d) codec_id(%d) codec_tag(%d) width(%d) height(%d) bit_rate(%d) format(%d = %s)", + Debug(1, "Dumping codecpar codec_type(%d) codec_id(%d %s) codec_tag(%d) width(%d) height(%d) bit_rate(%d) format(%d = %s)", par->codec_type, par->codec_id, + avcodec_get_name(par->codec_id), par->codec_tag, par->width, par->height, @@ -303,10 +304,11 @@ void zm_dump_codecpar ( const AVCodecParameters *par ) { #endif void zm_dump_codec(const AVCodecContext *codec) { - Debug(1, "Dumping codec_context codec_type(%d) codec_id(%d) width(%d) height(%d) timebase(%d/%d) format(%s)\n" + Debug(1, "Dumping codec_context codec_type(%d) codec_id(%d %s) width(%d) height(%d) timebase(%d/%d) format(%s) " "gop_size %d max_b_frames %d me_cmp %d me_range %d qmin %d qmax %d", codec->codec_type, codec->codec_id, + avcodec_get_name(codec->codec_id), codec->width, codec->height, codec->time_base.num, @@ -327,7 +329,6 @@ void zm_dump_codec(const AVCodecContext *codec) { /* "user interface" functions */ void zm_dump_stream_format(AVFormatContext *ic, int i, int index, int is_output) { - char buf[256]; Debug(1, "Dumping stream index i(%d) index(%d)", i, index ); int flags = (is_output ? ic->oformat->flags : ic->iformat->flags); AVStream *st = ic->streams[i]; @@ -350,8 +351,14 @@ void zm_dump_stream_format(AVFormatContext *ic, int i, int index, int is_output) st->codec_info_nb_frames, codec->frame_size, st->time_base.num, st->time_base.den ); + +#if LIBAVCODEC_VERSION_CHECK(57, 64, 0, 64, 0) + Debug(1, "codec: %s", avcodec_get_name(st->codecpar->codec_id)); +#else + char buf[256]; avcodec_string(buf, sizeof(buf), st->codec, is_output); Debug(1, "codec: %s", buf); +#endif if ( st->sample_aspect_ratio.num && // default av_cmp_q(st->sample_aspect_ratio, codec->sample_aspect_ratio) @@ -477,6 +484,27 @@ bool is_audio_context( AVCodecContext *codec_context ) { #endif } +int zm_receive_packet(AVCodecContext *context, AVPacket &packet) { +#if LIBAVCODEC_VERSION_CHECK(57, 64, 0, 64, 0) + int ret = avcodec_receive_packet(context, &packet); + if ( ret < 0 ) { + if ( AVERROR_EOF != ret ) { + Error("Error encoding (%d) (%s)", ret, + av_err2str(ret)); + } + return 0; + } + return 1; +#else + int got_packet = 0; + int ret = avcodec_encode_audio2(context, &packet, NULL, &got_packet); + if ( ret < 0 ) { + Error("Error encoding (%d) (%s)", ret, av_err2str(ret)); + } + return got_packet; +#endif +} // end int zm_receive_packet(AVCodecContext *context, AVPacket &packet) + int zm_receive_frame(AVCodecContext *context, AVFrame *frame, AVPacket &packet) { int ret; #if LIBAVCODEC_VERSION_CHECK(57, 64, 0, 64, 0) @@ -600,3 +628,10 @@ void dumpPacket(AVPacket *pkt, const char *text) { pkt->duration); Debug(2, "%s:%d:%s: %s", __FILE__, __LINE__, text, b); } + +void zm_packet_copy_rescale_ts(const AVPacket *ipkt, AVPacket *opkt, const AVRational src_tb, const AVRational dst_tb) { + opkt->pts = ipkt->pts; + opkt->dts = ipkt->dts; + opkt->duration = ipkt->duration; + av_packet_rescale_ts(opkt, src_tb, dst_tb); +} diff --git a/src/zm_ffmpeg.h b/src/zm_ffmpeg.h index eac8fe3e3..f23666568 100644 --- a/src/zm_ffmpeg.h +++ b/src/zm_ffmpeg.h @@ -352,9 +352,12 @@ bool is_audio_stream(AVStream *); bool is_video_context(AVCodec *); bool is_audio_context(AVCodec *); +int zm_receive_packet(AVCodecContext *context, AVPacket &packet); + int zm_receive_frame(AVCodecContext *context, AVFrame *frame, AVPacket &packet); int zm_send_frame(AVCodecContext *context, AVFrame *frame, AVPacket &packet); void dumpPacket(AVStream *, AVPacket *,const char *text=""); void dumpPacket(AVPacket *,const char *text=""); +void zm_packet_copy_rescale_ts(const AVPacket *ipkt, AVPacket *opkt, const AVRational src_tb, const AVRational dst_tb); #endif // ZM_FFMPEG_H From 0a8aba2b7694c96c9348d32edad63297da077e10 Mon Sep 17 00:00:00 2001 From: Isaac Connor Date: Thu, 12 Sep 2019 16:52:59 -0400 Subject: [PATCH 535/922] rework how pts/dts is handled. We still use video_first_pts, but if the result is negative, normalize it to 0. Also now use audio_next_pts/dts to calculate pts when resampling and re-encoding. I believe this resolves the issues with wrong duration in the audio stream. --- src/zm_videostore.cpp | 339 ++++++++++++++---------------------------- 1 file changed, 110 insertions(+), 229 deletions(-) diff --git a/src/zm_videostore.cpp b/src/zm_videostore.cpp index eda382077..d7b1fe980 100644 --- a/src/zm_videostore.cpp +++ b/src/zm_videostore.cpp @@ -193,18 +193,6 @@ VideoStore::VideoStore( ); video_out_stream->r_frame_rate = video_in_stream->r_frame_rate; } -#if LIBAVCODEC_VERSION_CHECK(56, 35, 0, 64, 0) - ret = avcodec_parameters_from_context(video_out_stream->codecpar, video_out_ctx); - if ( ret < 0 ) { - Error("Could not initialize video_out_ctx parameters"); - return; - } else { - zm_dump_codec(video_out_ctx); - } - - zm_dump_codecpar(video_in_stream->codecpar); - zm_dump_codecpar(video_out_stream->codecpar); -#endif Debug(3, "Time bases: VIDEO in stream (%d/%d) in codec: (%d/%d) out " "stream: (%d/%d) out codec (%d/%d)", @@ -222,6 +210,10 @@ VideoStore::VideoStore( } #if LIBAVCODEC_VERSION_CHECK(56, 35, 0, 64, 0) + /* I'm not entirely sure that this is a good idea. We may have to do it someday but really only when transcoding + * * think what I was trying to achieve here was to have zm_dump_codecpar output nice info + * */ +#if 0 AVDictionary *opts = 0; if ( (ret = avcodec_open2(video_out_ctx, video_out_codec, &opts)) < 0 ) { Warning("Can't open video codec (%s) %s", @@ -235,6 +227,24 @@ VideoStore::VideoStore( while ( (e = av_dict_get(opts, "", e, AV_DICT_IGNORE_SUFFIX)) != NULL ) { Warning("Encoder Option %s not recognized by ffmpeg codec", e->key); } + ret = avcodec_parameters_from_context(video_out_stream->codecpar, video_out_ctx); + if ( ret < 0 ) { + Error("Could not initialize video_out_ctx parameters"); + return; + } else { + zm_dump_codec(video_out_ctx); + } +#else + ret = avcodec_parameters_from_context(video_out_stream->codecpar, video_in_ctx); + if ( ret < 0 ) { + Error("Could not initialize video_out_ctx parameters"); + return; + } else { + zm_dump_codec(video_out_ctx); + } +#endif + zm_dump_codecpar(video_in_stream->codecpar); + zm_dump_codecpar(video_out_stream->codecpar); #endif Monitor::Orientation orientation = monitor->getOrientation(); @@ -274,6 +284,7 @@ VideoStore::VideoStore( audio_first_pts = 0; audio_first_dts = 0; + /* When encoding audio, these are used to tell us what the correct pts is, because it gets lost during resampling. */ audio_next_pts = 0; audio_next_dts = 0; @@ -419,9 +430,9 @@ bool VideoStore::open() { VideoStore::~VideoStore() { if ( oc->pb ) { - int ret; if ( audio_out_codec ) { + // The codec queues data. We need to send a flush command and out // whatever we get. Failures are not fatal. AVPacket pkt; @@ -429,99 +440,53 @@ VideoStore::~VideoStore() { pkt.data = NULL; pkt.size = 0; av_init_packet(&pkt); + + /* + * At the end of the file, we pass the remaining samples to + * the encoder. */ + int frame_size = audio_out_ctx->frame_size; + while ( av_audio_fifo_size(fifo) > 0 ) { + /* Take one frame worth of audio samples from the FIFO buffer, + * encode it and write it to the output file. */ + + Debug(1, "Remaining samples in fifo for AAC codec frame_size %d > fifo size %d", + frame_size, av_audio_fifo_size(fifo)); + + // SHould probably set the frame size to what is reported FIXME + if ( av_audio_fifo_read(fifo, (void **)out_frame->data, frame_size) ) { + + av_init_packet(&opkt); + if ( zm_send_frame(audio_out_ctx, out_frame, opkt) ) { + if ( zm_receive_packet(audio_out_ctx, pkt) ) + pkt.stream_index = audio_out_stream->index; + + pkt.duration = av_rescale_q( + pkt.duration, + audio_out_ctx->time_base, + audio_out_stream->time_base); + } + } // end if data returned from fifo + + } // end while still data in the fifo + #if LIBAVCODEC_VERSION_CHECK(57, 64, 0, 64, 0) // Put encoder into flushing mode avcodec_send_frame(audio_out_ctx, NULL); #endif while (1) { -#if LIBAVCODEC_VERSION_CHECK(57, 64, 0, 64, 0) - ret = avcodec_receive_packet(audio_out_ctx, &pkt); - if ( ret < 0 ) { - if ( AVERROR_EOF != ret ) { - Error("Error encoding audio while flushing (%d) (%s)", ret, - av_err2str(ret)); - } + if ( ! zm_receive_packet(audio_out_ctx, pkt) ) break; - } -#else - int got_packet = 0; - ret = avcodec_encode_audio2(audio_out_ctx, &pkt, NULL, &got_packet); - if ( ret < 0 ) { - Error("Error encoding audio while flushing (%d) (%s)", ret, - av_err2str(ret)); - break; - } - Debug(1, "Have audio encoder, need to flush it's out"); - if ( !got_packet ) { - break; - } -#endif dumpPacket(&pkt, "raw from encoder"); - // Need to adjust pts and dts and duration - pkt.stream_index = audio_out_stream->index; - pkt.duration = av_rescale_q( - pkt.duration, - audio_out_ctx->time_base, - audio_out_stream->time_base); - // Scale the PTS of the outgoing packet to be the correct time base - if ( pkt.pts != AV_NOPTS_VALUE ) { -#if 0 - pkt.pts = av_rescale_q( - pkt.pts, - audio_out_ctx->time_base, - audio_in_stream->time_base); - // audio_first_pts is in audio_in_stream time base - pkt.pts -= audio_first_pts; - pkt.pts = av_rescale_q( - pkt.pts, - audio_in_stream->time_base, - audio_out_stream->time_base); -#else - pkt.pts = av_rescale_q( - pkt.pts, - audio_out_ctx->time_base, - audio_out_stream->time_base); -#endif - - Debug(2, "audio pkt.pts = %" PRId64 " from first_pts(%" PRId64 ")", - pkt.pts, audio_first_pts); - } else { - Debug(2, "pkt.pts = undef"); - pkt.pts = AV_NOPTS_VALUE; - } - - if ( pkt.dts != AV_NOPTS_VALUE ) { -#if 0 - pkt.dts = av_rescale_q( - pkt.dts, - audio_out_ctx->time_base, - audio_in_stream->time_base); - pkt.dts -= audio_first_dts; - pkt.dts = av_rescale_q( - pkt.dts, - audio_in_stream->time_base, - audio_out_stream->time_base); -#else - pkt.dts = av_rescale_q( - pkt.dts, - audio_out_ctx->time_base, - audio_out_stream->time_base); -#endif - Debug(2, "pkt.dts = %" PRId64 " - first_dts(%" PRId64 ")", - pkt.dts, audio_first_dts); - } else { - pkt.dts = AV_NOPTS_VALUE; - } - + av_packet_rescale_ts(&pkt, audio_out_ctx->time_base, audio_out_stream->time_base); dumpPacket(audio_out_stream, &pkt, "writing flushed packet"); av_interleaved_write_frame(oc, &pkt); zm_av_packet_unref(&pkt); - } // while have buffered frames - } // end if audio_out_codec + } // while have buffered frames + } // end if audio_out_codec // Flush Queues Debug(1,"Flushing interleaved queues"); @@ -711,7 +676,7 @@ bool VideoStore::setup_resampler() { } } if ( found ) { - Debug(3, "Sample rate is good"); + Debug(3, "Sample rate is good %d", audio_out_ctx->sample_rate); } else { audio_out_ctx->sample_rate = audio_out_codec->supported_samplerates[0]; @@ -743,6 +708,7 @@ bool VideoStore::setup_resampler() { audio_out_stream = NULL; return false; } + zm_dump_codec(audio_out_ctx); #if LIBAVCODEC_VERSION_CHECK(57, 64, 0, 64, 0) ret = avcodec_parameters_from_context( @@ -752,6 +718,7 @@ bool VideoStore::setup_resampler() { return false; } #endif + zm_dump_codecpar(audio_out_stream->codecpar); Debug(3, "Time bases: AUDIO in stream (%d/%d) in codec: (%d/%d) out " @@ -923,6 +890,7 @@ int VideoStore::writeVideoFramePacket(AVPacket *ipkt) { ); if ( duration <= 0 ) { // Why are we setting the duration to 1? + Warning("Duration is 0, setting to 1"); duration = ipkt->duration ? ipkt->duration : av_rescale_q(1,video_in_stream->time_base, video_out_stream->time_base); } } @@ -936,17 +904,6 @@ int VideoStore::writeVideoFramePacket(AVPacket *ipkt) { opkt.pts = 0; Debug(2, "Starting video first_pts will become %" PRId64, ipkt->pts); video_first_pts = ipkt->pts; -#if 1 - if ( audio_in_stream ) { - // Since audio starts after the start of the video, need to set this here. - audio_first_pts = av_rescale_q( - ipkt->pts, - video_in_stream->time_base, - audio_in_stream->time_base - ); - Debug(2, "Starting audio first_pts will become %" PRId64, audio_first_pts); - } -#endif } else { opkt.pts = av_rescale_q( ipkt->pts - video_first_pts, @@ -960,8 +917,6 @@ int VideoStore::writeVideoFramePacket(AVPacket *ipkt) { } else { Debug(3, "opkt.pts = undef"); opkt.pts = AV_NOPTS_VALUE; -// can't set 0, it will get rejected - //AV_NOPTS_VALUE; } // Just because the in stream wraps, doesn't mean the out needs to. // Really, if we are limiting ourselves to 10min segments I can't imagine every wrapping in the out. @@ -974,17 +929,6 @@ int VideoStore::writeVideoFramePacket(AVPacket *ipkt) { opkt.dts = 0; Debug(2, "Starting video first_dts will become (%" PRId64 ")", ipkt->dts); video_first_dts = ipkt->dts; -#if 1 - if ( audio_in_stream ) { - // Since audio starts after the start of the video, need to set this here. - audio_first_dts = av_rescale_q( - ipkt->dts, - video_in_stream->time_base, - audio_in_stream->time_base - ); - Debug(2, "Starting audio first dts will become %" PRId64, audio_first_dts); - } -#endif } else { opkt.dts = av_rescale_q( ipkt->dts - video_first_dts, @@ -1035,6 +979,40 @@ int VideoStore::writeAudioFramePacket(AVPacket *ipkt) { } dumpPacket(audio_in_stream, ipkt, "input packet"); + if ( !audio_first_pts ) { + // Since audio starts after the start of the video, need to set this here. + audio_first_pts = av_rescale_q( + video_first_pts, + video_in_stream->time_base, + audio_in_stream->time_base + ); + Debug(2, "Starting audio first_pts will become %" PRId64, audio_first_pts); + audio_next_pts = ipkt->pts - audio_first_pts; + if ( audio_next_pts < 0 ) { + audio_first_pts -= audio_next_pts; + audio_next_pts = 0; + } + } + if ( !audio_first_dts ) { + // Since audio starts after the start of the video, need to set this here. + audio_first_dts = av_rescale_q( + video_first_dts, + video_in_stream->time_base, + audio_in_stream->time_base + ); + audio_next_dts = ipkt->dts - audio_first_dts; + if ( ipkt->dts < 0 ) { + audio_first_dts -= ipkt->dts; + ipkt->dts = 0; + } + Debug(2, "Starting audio first_dts will become %" PRId64, audio_first_dts); + } + + // Need to adjust pts before feeding to decoder.... should really copy the pkt instead of modifying it + ipkt->pts -= audio_first_pts; + ipkt->dts -= audio_first_dts; + dumpPacket(audio_in_stream, ipkt, "after pts adjustment"); + if ( audio_out_codec ) { if ( ( ret = zm_receive_frame(audio_in_ctx, in_frame, *ipkt) ) < 0 ) { Debug(3, "Not ready to receive frame"); @@ -1042,140 +1020,31 @@ int VideoStore::writeAudioFramePacket(AVPacket *ipkt) { } zm_dump_frame(in_frame, "In frame from decode"); - if ( in_frame->pts != AV_NOPTS_VALUE ) { - if ( !audio_first_pts ) { - audio_first_pts = in_frame->pts; - Debug(1, "No audio_first_pts setting to %" PRId64, audio_first_pts); - in_frame->pts = 0; - } else { - // out_frame_pts is in codec->timebase, audio_first_pts is in packet timebase. - in_frame->pts = in_frame->pts - audio_first_pts; - zm_dump_frame(in_frame, "in frame after pts adjustment"); - } - } else { - // sending AV_NOPTS_VALUE doesn't really work but we seem to get it in ffmpeg 2.8 - in_frame->pts = audio_next_pts; - } - if ( !resample_audio() ) { //av_frame_unref(in_frame); return 0; } zm_dump_frame(out_frame, "Out frame after resample"); -#if 0 - // out_frame pts is in the input pkt pts... needs to be adjusted before sending to the encoder - if ( out_frame->pts != AV_NOPTS_VALUE ) { - if ( !audio_first_pts ) { - audio_first_pts = out_frame->pts; - Debug(1, "No audio_first_pts setting to %" PRId64, audio_first_pts); - out_frame->pts = 0; - } else { - // out_frame_pts is in codec->timebase, audio_first_pts is in packet timebase. - out_frame->pts = out_frame->pts - audio_first_pts; - zm_dump_frame(out_frame, "Out frame after pts adjustment"); - } - // - } else { - // sending AV_NOPTS_VALUE doesn't really work but we seem to get it in ffmpeg 2.8 - out_frame->pts = audio_next_pts; - } - audio_next_pts = out_frame->pts + out_frame->nb_samples; -#endif av_init_packet(&opkt); if ( !zm_send_frame(audio_out_ctx, out_frame, opkt) ) { return 0; } - dumpPacket(audio_out_stream, &opkt, "raw opkt"); - Debug(1, "Duration before %d in %d/%d", opkt.duration, - audio_out_ctx->time_base.num, - audio_out_ctx->time_base.den); - - opkt.duration = av_rescale_q( - opkt.duration, - audio_out_ctx->time_base, - audio_out_stream->time_base); - Debug(1, "Duration after %d in %d/%d", opkt.duration, - audio_out_stream->time_base.num, - audio_out_stream->time_base.den); // Scale the PTS of the outgoing packet to be the correct time base -#if 0 - if ( ipkt->pts != AV_NOPTS_VALUE ) { - if ( !audio_first_pts ) { - opkt.pts = 0; - audio_first_pts = ipkt->pts; - Debug(1, "No audio_first_pts"); - } else { - opkt.pts = av_rescale_q( - opkt.pts, + av_packet_rescale_ts(&opkt, audio_out_ctx->time_base, audio_out_stream->time_base); - opkt.pts -= audio_first_pts; - Debug(2, "audio opkt.pts = %" PRId64 " from first_pts %" PRId64, - opkt.pts, audio_first_pts); - } - } else { - Debug(2, "opkt.pts = undef"); - opkt.pts = AV_NOPTS_VALUE; - } - if ( opkt.dts != AV_NOPTS_VALUE ) { - if ( !audio_first_dts ) { - opkt.dts = 0; - audio_first_dts = opkt.dts; - } else { - opkt.dts = av_rescale_q( - opkt.dts, - audio_out_ctx->time_base, - audio_out_stream->time_base); - opkt.dts -= audio_first_dts; - Debug(2, "audio opkt.dts = %" PRId64 " from first_dts %" PRId64, - opkt.dts, audio_first_dts); - } - audio_last_dts = opkt.dts; - } else { - opkt.dts = AV_NOPTS_VALUE; - } -#else - opkt.pts = av_rescale_q( - opkt.pts, - audio_out_ctx->time_base, - audio_out_stream->time_base); - opkt.dts = av_rescale_q( - opkt.dts, - audio_out_ctx->time_base, - audio_out_stream->time_base); -#endif - - write_packet(&opkt, audio_out_stream); + write_packet(&opkt, audio_out_stream); zm_av_packet_unref(&opkt); #if LIBAVCODEC_VERSION_CHECK(57, 64, 0, 64, 0) // While the encoder still has packets for us while ( !avcodec_receive_packet(audio_out_ctx, &opkt) ) { - opkt.pts = av_rescale_q( - opkt.pts, - audio_out_ctx->time_base, - audio_out_stream->time_base); - opkt.dts = av_rescale_q( - opkt.dts, - audio_out_ctx->time_base, - audio_out_stream->time_base); - + av_packet_rescale_ts(&opkt, audio_out_ctx->time_base, audio_out_stream->time_base); dumpPacket(audio_out_stream, &opkt, "raw opkt"); - Debug(1, "Duration before %d in %d/%d", opkt.duration, - audio_out_ctx->time_base.num, - audio_out_ctx->time_base.den); - - opkt.duration = av_rescale_q( - opkt.duration, - audio_out_ctx->time_base, - audio_out_stream->time_base); - Debug(1, "Duration after %d in %d/%d", opkt.duration, - audio_out_stream->time_base.num, - audio_out_stream->time_base.den); write_packet(&opkt, audio_out_stream); } #endif @@ -1188,6 +1057,7 @@ int VideoStore::writeAudioFramePacket(AVPacket *ipkt) { opkt.size = ipkt->size; opkt.flags = ipkt->flags; +#if 0 if ( ipkt->duration && (ipkt->duration != AV_NOPTS_VALUE) ) { opkt.duration = av_rescale_q( ipkt->duration, @@ -1229,6 +1099,12 @@ int VideoStore::writeAudioFramePacket(AVPacket *ipkt) { } else { opkt.dts = AV_NOPTS_VALUE; } +#else + opkt.duration = ipkt->duration; + opkt.pts = ipkt->pts; + opkt.dts = ipkt->dts; + av_packet_rescale_ts(&opkt, audio_in_stream->time_base, audio_out_stream->time_base); +#endif write_packet(&opkt, audio_out_stream); zm_av_packet_unref(&opkt); @@ -1318,12 +1194,17 @@ int VideoStore::resample_audio() { zm_dump_frame(out_frame, "Out frame after fifo read"); // resampling changes the duration because the timebase is 1/samples // I think we should be dealing in codec timebases not stream +#if 0 if ( in_frame->pts != AV_NOPTS_VALUE ) { out_frame->pts = av_rescale_q( in_frame->pts, audio_in_ctx->time_base, audio_out_ctx->time_base); } +#else + out_frame->pts = audio_next_pts; + audio_next_pts += out_frame->nb_samples; +#endif zm_dump_frame(out_frame, "Out frame after timestamp conversion"); #else #if defined(HAVE_LIBAVRESAMPLE) From d9d4c6b4cada9bd83602f9e9d863004a3be40653 Mon Sep 17 00:00:00 2001 From: Isaac Connor Date: Thu, 12 Sep 2019 17:26:19 -0400 Subject: [PATCH 536/922] fix build --- src/zm_videostore.cpp | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/src/zm_videostore.cpp b/src/zm_videostore.cpp index d7b1fe980..923c68515 100644 --- a/src/zm_videostore.cpp +++ b/src/zm_videostore.cpp @@ -717,8 +717,8 @@ bool VideoStore::setup_resampler() { Error("Could not initialize stream parameteres"); return false; } + zm_dump_codecpar(audio_out_stream->codecpar); #endif - zm_dump_codecpar(audio_out_stream->codecpar); Debug(3, "Time bases: AUDIO in stream (%d/%d) in codec: (%d/%d) out " From 788b5b480b844cb6453e741a756210f255dd39fc Mon Sep 17 00:00:00 2001 From: Isaac Connor Date: Thu, 12 Sep 2019 17:59:08 -0400 Subject: [PATCH 537/922] hack to make sync work on resample --- src/zm_videostore.cpp | 28 +++++++++++++++++----------- 1 file changed, 17 insertions(+), 11 deletions(-) diff --git a/src/zm_videostore.cpp b/src/zm_videostore.cpp index 923c68515..f3343ea94 100644 --- a/src/zm_videostore.cpp +++ b/src/zm_videostore.cpp @@ -445,6 +445,7 @@ VideoStore::~VideoStore() { * At the end of the file, we pass the remaining samples to * the encoder. */ int frame_size = audio_out_ctx->frame_size; + Debug(2, "av_audio_fifo_size = %s", av_audio_fifo_size(fifo)); while ( av_audio_fifo_size(fifo) > 0 ) { /* Take one frame worth of audio samples from the FIFO buffer, * encode it and write it to the output file. */ @@ -454,11 +455,8 @@ VideoStore::~VideoStore() { // SHould probably set the frame size to what is reported FIXME if ( av_audio_fifo_read(fifo, (void **)out_frame->data, frame_size) ) { - - av_init_packet(&opkt); - if ( zm_send_frame(audio_out_ctx, out_frame, opkt) ) { - if ( zm_receive_packet(audio_out_ctx, pkt) ) - pkt.stream_index = audio_out_stream->index; + if ( zm_send_frame(audio_out_ctx, out_frame, pkt) ) { + pkt.stream_index = audio_out_stream->index; pkt.duration = av_rescale_q( pkt.duration, @@ -466,7 +464,6 @@ VideoStore::~VideoStore() { audio_out_stream->time_base); } } // end if data returned from fifo - } // end while still data in the fifo #if LIBAVCODEC_VERSION_CHECK(57, 64, 0, 64, 0) @@ -489,10 +486,10 @@ VideoStore::~VideoStore() { } // end if audio_out_codec // Flush Queues - Debug(1,"Flushing interleaved queues"); + Debug(1, "Flushing interleaved queues"); av_interleaved_write_frame(oc, NULL); - Debug(1,"Writing trailer"); + Debug(1, "Writing trailer"); /* Write the trailer before close */ if ( int rc = av_write_trailer(oc) ) { Error("Error writing trailer %s", av_err2str(rc)); @@ -980,6 +977,7 @@ int VideoStore::writeAudioFramePacket(AVPacket *ipkt) { dumpPacket(audio_in_stream, ipkt, "input packet"); if ( !audio_first_pts ) { +#if 0 // Since audio starts after the start of the video, need to set this here. audio_first_pts = av_rescale_q( video_first_pts, @@ -992,8 +990,13 @@ int VideoStore::writeAudioFramePacket(AVPacket *ipkt) { audio_first_pts -= audio_next_pts; audio_next_pts = 0; } +#else + audio_first_pts = ipkt->pts; + audio_next_pts = audio_out_ctx->frame_size; +#endif } if ( !audio_first_dts ) { +#if 0 // Since audio starts after the start of the video, need to set this here. audio_first_dts = av_rescale_q( video_first_dts, @@ -1001,11 +1004,14 @@ int VideoStore::writeAudioFramePacket(AVPacket *ipkt) { audio_in_stream->time_base ); audio_next_dts = ipkt->dts - audio_first_dts; - if ( ipkt->dts < 0 ) { - audio_first_dts -= ipkt->dts; - ipkt->dts = 0; + if ( audio_next_dts < 0 ) { + audio_first_dts -= audio_next_dts; + audio_next_dts = 0; } Debug(2, "Starting audio first_dts will become %" PRId64, audio_first_dts); +#else + audio_first_dts = ipkt->dts; +#endif } // Need to adjust pts before feeding to decoder.... should really copy the pkt instead of modifying it From 16a7ab13922f7e91ec83359c0f58992ee9592924 Mon Sep 17 00:00:00 2001 From: Isaac Connor Date: Fri, 13 Sep 2019 08:21:19 -0400 Subject: [PATCH 538/922] Attempt to deploy any deb basesd distro, not just trusty --- utils/packpack/startpackpack.sh | 8 ++++---- 1 file changed, 4 insertions(+), 4 deletions(-) diff --git a/utils/packpack/startpackpack.sh b/utils/packpack/startpackpack.sh index fd84a3923..ea1aa0e8b 100755 --- a/utils/packpack/startpackpack.sh +++ b/utils/packpack/startpackpack.sh @@ -138,7 +138,7 @@ movecrud () { # previsouly part of installzm.sh # install the trusty deb and test zoneminder -installtrusty () { +install_deb () { # Check we've got gdebi installed type gdebi 2>&1 > /dev/null @@ -347,8 +347,8 @@ if [ "${TRAVIS_EVENT_TYPE}" == "cron" ] || [ "${TRAVIS}" != "true" ]; then echo "Starting packpack..." execpackpack - if [ "${OS}" == "ubuntu" ] && [ "${DIST}" == "trusty" ] && [ "${ARCH}" == "x86_64" ] && [ "${TRAVIS}" == "true" ]; then - installtrusty + if [ "${TRAVIS}" == "true" ]; then + install_deb fi fi @@ -369,7 +369,7 @@ elif [ "${OS}" == "ubuntu" ] && [ "${DIST}" == "trusty" ] && [ "${ARCH}" == "x86 # If we are running inside Travis then attempt to install the deb we just built if [ "${TRAVIS}" == "true" ]; then - installtrusty + install_deb fi fi From 701aa8d924e099c7d943e347693069c78791e017 Mon Sep 17 00:00:00 2001 From: Isaac Connor Date: Fri, 13 Sep 2019 10:55:30 -0400 Subject: [PATCH 539/922] add flushing the resample buffer to get the remaining samples encoded --- src/zm_ffmpeg.cpp | 23 ++++-- src/zm_ffmpeg.h | 4 +- src/zm_ffmpeg_camera.cpp | 8 +- src/zm_ffmpeg_input.cpp | 4 +- src/zm_videostore.cpp | 174 ++++++++++++++------------------------- 5 files changed, 84 insertions(+), 129 deletions(-) diff --git a/src/zm_ffmpeg.cpp b/src/zm_ffmpeg.cpp index d9f62a9e1..5616dcd91 100644 --- a/src/zm_ffmpeg.cpp +++ b/src/zm_ffmpeg.cpp @@ -505,7 +505,10 @@ int zm_receive_packet(AVCodecContext *context, AVPacket &packet) { #endif } // end int zm_receive_packet(AVCodecContext *context, AVPacket &packet) -int zm_receive_frame(AVCodecContext *context, AVFrame *frame, AVPacket &packet) { +int zm_send_packet_receive_frame( + AVCodecContext *context, + AVFrame *frame, + AVPacket &packet) { int ret; #if LIBAVCODEC_VERSION_CHECK(57, 64, 0, 64, 0) if ( (ret = avcodec_send_packet(context, &packet)) < 0 ) { @@ -533,29 +536,31 @@ int zm_receive_frame(AVCodecContext *context, AVFrame *frame, AVPacket &packet) } } // end while !frameComplete #endif - return 0; -} // end int zm_receive_frame(AVCodecContext *context, AVFrame *frame, AVPacket &packet) + return 1; +} // end int zm_send_packet_receive_frame(AVCodecContext *context, AVFrame *frame, AVPacket &packet) -int zm_send_frame(AVCodecContext *ctx, AVFrame *frame, AVPacket &packet) { +/* Returns < 0 on error, 0 if codec not ready, 1 on success + */ +int zm_send_frame_receive_packet(AVCodecContext *ctx, AVFrame *frame, AVPacket &packet) { int ret; #if LIBAVCODEC_VERSION_CHECK(57, 64, 0, 64, 0) if ( (ret = avcodec_send_frame(ctx, frame)) < 0 ) { Error("Could not send frame (error '%s')", av_make_error_string(ret).c_str()); - zm_av_packet_unref(&packet); - return 0; + return ret; } if ( (ret = avcodec_receive_packet(ctx, &packet)) < 0 ) { if ( AVERROR(EAGAIN) == ret ) { // The codec may need more samples than it has, perfectly valid Debug(2, "Codec not ready to give us a packet"); + return 0; } else { Error("Could not recieve packet (error %d = '%s')", ret, av_make_error_string(ret).c_str()); } zm_av_packet_unref(&packet); - return 0; + return ret; } #else int data_present; @@ -564,7 +569,7 @@ int zm_send_frame(AVCodecContext *ctx, AVFrame *frame, AVPacket &packet) { Error("Could not encode frame (error '%s')", av_make_error_string(ret).c_str()); zm_av_packet_unref(&packet); - return 0; + return ret; } if ( !data_present ) { Debug(2, "Not ready to out a frame yet."); @@ -573,7 +578,7 @@ int zm_send_frame(AVCodecContext *ctx, AVFrame *frame, AVPacket &packet) { } #endif return 1; -} // wend zm_send_frame +} // end int zm_send_frame_receive_packet void dumpPacket(AVStream *stream, AVPacket *pkt, const char *text) { char b[10240]; diff --git a/src/zm_ffmpeg.h b/src/zm_ffmpeg.h index f23666568..0aa6c6d68 100644 --- a/src/zm_ffmpeg.h +++ b/src/zm_ffmpeg.h @@ -354,8 +354,8 @@ bool is_audio_context(AVCodec *); int zm_receive_packet(AVCodecContext *context, AVPacket &packet); -int zm_receive_frame(AVCodecContext *context, AVFrame *frame, AVPacket &packet); -int zm_send_frame(AVCodecContext *context, AVFrame *frame, AVPacket &packet); +int zm_send_packet_receive_frame(AVCodecContext *context, AVFrame *frame, AVPacket &packet); +int zm_send_frame_receive_packet(AVCodecContext *context, AVFrame *frame, AVPacket &packet); void dumpPacket(AVStream *, AVPacket *,const char *text=""); void dumpPacket(AVPacket *,const char *text=""); diff --git a/src/zm_ffmpeg_camera.cpp b/src/zm_ffmpeg_camera.cpp index c9298fe77..fc72aff53 100644 --- a/src/zm_ffmpeg_camera.cpp +++ b/src/zm_ffmpeg_camera.cpp @@ -260,8 +260,8 @@ int FfmpegCamera::Capture(Image &image) { && (keyframe || have_video_keyframe) ) { - ret = zm_receive_frame(mVideoCodecContext, mRawFrame, packet); - if ( ret < 0 ) { + ret = zm_send_packet_receive_frame(mVideoCodecContext, mRawFrame, packet); + if ( ret <= 0 ) { Error("Unable to get frame at frame %d: %s, continuing", frameCount, av_make_error_string(ret).c_str()); zm_av_packet_unref(&packet); @@ -952,8 +952,8 @@ int FfmpegCamera::CaptureAndRecord( } } // end if keyframe or have_video_keyframe - ret = zm_receive_frame(mVideoCodecContext, mRawFrame, packet); - if ( ret < 0 ) { + ret = zm_send_packet_receive_frame(mVideoCodecContext, mRawFrame, packet); + if ( ret <= 0 ) { Warning("Unable to receive frame %d: %s. error count is %d", frameCount, av_make_error_string(ret).c_str(), error_count); error_count += 1; diff --git a/src/zm_ffmpeg_input.cpp b/src/zm_ffmpeg_input.cpp index 03d89348d..ab7cbe8d3 100644 --- a/src/zm_ffmpeg_input.cpp +++ b/src/zm_ffmpeg_input.cpp @@ -137,8 +137,8 @@ AVFrame *FFmpeg_Input::get_frame(int stream_id) { } else { frame = zm_av_frame_alloc(); } - ret = zm_receive_frame(context, frame, packet); - if ( ret < 0 ) { + ret = zm_send_packet_receive_frame(context, frame, packet); + if ( ret <= 0 ) { Error("Unable to decode frame at frame %d: %s, continuing", streams[packet.stream_index].frame_count, av_make_error_string(ret).c_str()); zm_av_packet_unref(&packet); diff --git a/src/zm_videostore.cpp b/src/zm_videostore.cpp index f3343ea94..9653bf9cf 100644 --- a/src/zm_videostore.cpp +++ b/src/zm_videostore.cpp @@ -441,11 +441,39 @@ VideoStore::~VideoStore() { pkt.size = 0; av_init_packet(&pkt); + int frame_size = audio_out_ctx->frame_size; /* * At the end of the file, we pass the remaining samples to * the encoder. */ - int frame_size = audio_out_ctx->frame_size; - Debug(2, "av_audio_fifo_size = %s", av_audio_fifo_size(fifo)); + while ( swr_get_delay(resample_ctx, audio_out_ctx->sample_rate) ) { + swr_convert_frame(resample_ctx, out_frame, NULL); + int ret = av_audio_fifo_realloc(fifo, av_audio_fifo_size(fifo) + out_frame->nb_samples); + if ( ret < 0 ) { + Error("Could not reallocate FIFO to %d samples", + av_audio_fifo_size(fifo) + out_frame->nb_samples); + } else { + /** Store the new samples in the FIFO buffer. */ + ret = av_audio_fifo_write(fifo, (void **)out_frame->data, out_frame->nb_samples); + if ( ret < out_frame->nb_samples ) { + Error("Could not write data to FIFO. %d written, expecting %d. Reason %s", + ret, out_frame->nb_samples, av_make_error_string(ret).c_str()); + } + // Should probably set the frame size to what is reported FIXME + if ( av_audio_fifo_read(fifo, (void **)out_frame->data, frame_size) ) { + if ( zm_send_frame_receive_packet(audio_out_ctx, out_frame, pkt) ) { + pkt.stream_index = audio_out_stream->index; + + av_packet_rescale_ts(&pkt, + audio_out_ctx->time_base, + audio_out_stream->time_base); + write_packet(&pkt, audio_out_stream); + } + } // end if data returned from fifo + } + + } // end if have buffered samples in the resampler + + Debug(2, "av_audio_fifo_size = %d", av_audio_fifo_size(fifo)); while ( av_audio_fifo_size(fifo) > 0 ) { /* Take one frame worth of audio samples from the FIFO buffer, * encode it and write it to the output file. */ @@ -455,13 +483,13 @@ VideoStore::~VideoStore() { // SHould probably set the frame size to what is reported FIXME if ( av_audio_fifo_read(fifo, (void **)out_frame->data, frame_size) ) { - if ( zm_send_frame(audio_out_ctx, out_frame, pkt) ) { + if ( zm_send_frame_receive_packet(audio_out_ctx, out_frame, pkt) ) { pkt.stream_index = audio_out_stream->index; - pkt.duration = av_rescale_q( - pkt.duration, + av_packet_rescale_ts(&pkt, audio_out_ctx->time_base, audio_out_stream->time_base); + write_packet(&pkt, audio_out_stream); } } // end if data returned from fifo } // end while still data in the fifo @@ -472,15 +500,15 @@ VideoStore::~VideoStore() { #endif while (1) { - if ( ! zm_receive_packet(audio_out_ctx, pkt) ) + if ( ! zm_receive_packet(audio_out_ctx, pkt) ) { + Debug(1, "No more packets"); break; + } dumpPacket(&pkt, "raw from encoder"); - pkt.stream_index = audio_out_stream->index; - av_packet_rescale_ts(&pkt, audio_out_ctx->time_base, audio_out_stream->time_base); dumpPacket(audio_out_stream, &pkt, "writing flushed packet"); - av_interleaved_write_frame(oc, &pkt); + write_packet(&pkt, audio_out_stream); zm_av_packet_unref(&pkt); } // while have buffered frames } // end if audio_out_codec @@ -858,108 +886,36 @@ bool VideoStore::setup_resampler() { int VideoStore::writeVideoFramePacket(AVPacket *ipkt) { av_init_packet(&opkt); - dumpPacket(video_in_stream, ipkt, "input packet"); + dumpPacket(video_in_stream, ipkt, "video input packet"); - int64_t duration; - if ( ipkt->duration != AV_NOPTS_VALUE ) { - duration = av_rescale_q( - ipkt->duration, - video_in_stream->time_base, - video_out_stream->time_base); - Debug(1, "duration from ipkt: %" PRId64 ") => (%" PRId64 ") (%d/%d) (%d/%d)", - ipkt->duration, - duration, - video_in_stream->time_base.num, - video_in_stream->time_base.den, - video_out_stream->time_base.num, - video_out_stream->time_base.den - ); - } else { - duration = av_rescale_q( - ipkt->pts - video_last_pts, - video_in_stream->time_base, - video_out_stream->time_base); - Debug(1, "duration calc: pts(%" PRId64 ") - last_pts(%" PRId64 ") = (%" PRId64 ") => (%" PRId64 ")", - ipkt->pts, - video_last_pts, - ipkt->pts - video_last_pts, - duration - ); - if ( duration <= 0 ) { - // Why are we setting the duration to 1? - Warning("Duration is 0, setting to 1"); - duration = ipkt->duration ? ipkt->duration : av_rescale_q(1,video_in_stream->time_base, video_out_stream->time_base); - } - } - opkt.duration = duration; + opkt.flags = ipkt->flags; + opkt.data = ipkt->data; + opkt.size = ipkt->size; + opkt.duration = ipkt->duration; - // Scale the PTS of the outgoing packet to be the correct time base if ( ipkt->pts != AV_NOPTS_VALUE ) { - if ( (!video_first_pts) && (ipkt->pts >= 0) ) { // This is the first packet. - opkt.pts = 0; Debug(2, "Starting video first_pts will become %" PRId64, ipkt->pts); video_first_pts = ipkt->pts; - } else { - opkt.pts = av_rescale_q( - ipkt->pts - video_first_pts, - video_in_stream->time_base, - video_out_stream->time_base - ); } - Debug(3, "opkt.pts = %" PRId64 " from ipkt->pts(%" PRId64 ") - first_pts(%" PRId64 ")", - opkt.pts, ipkt->pts, video_first_pts); - video_last_pts = ipkt->pts; - } else { - Debug(3, "opkt.pts = undef"); - opkt.pts = AV_NOPTS_VALUE; + opkt.pts = ipkt->pts - video_first_pts; } // Just because the in stream wraps, doesn't mean the out needs to. // Really, if we are limiting ourselves to 10min segments I can't imagine every wrapping in the out. // So need to handle in wrap, without causing out wrap. + // The cameras that Icon has seem to do EOF instead of wrapping if ( ipkt->dts != AV_NOPTS_VALUE ) { if ( !video_first_dts ) { - // && ( ipkt->dts >= 0 ) ) { - // This is the first packet. - opkt.dts = 0; - Debug(2, "Starting video first_dts will become (%" PRId64 ")", ipkt->dts); + Debug(2, "Starting video first_dts will become %" PRId64, ipkt->dts); video_first_dts = ipkt->dts; - } else { - opkt.dts = av_rescale_q( - ipkt->dts - video_first_dts, - video_in_stream->time_base, - video_out_stream->time_base - ); - Debug(3, "opkt.dts = %" PRId64 " from ipkt->dts(%" PRId64 ") - first_pts(%" PRId64 ")", - opkt.dts, ipkt->dts, video_first_dts); } - if ( (opkt.pts != AV_NOPTS_VALUE) && (opkt.dts > opkt.pts) ) { - Debug(1, - "opkt.dts(%" PRId64 ") must be <= opkt.pts(%" PRId64 "). Decompression must happen " - "before presentation.", - opkt.dts, opkt.pts); - opkt.dts = opkt.pts; - } - } else { - Debug(3, "opkt.dts = undef"); - opkt.dts = video_out_stream->cur_dts; + opkt.dts = ipkt->dts - video_first_dts; } + av_packet_rescale_ts(&opkt, video_in_stream->time_base, video_out_stream->time_base); - if ( opkt.dts < video_out_stream->cur_dts ) { - Debug(1, "Fixing non-monotonic dts/pts dts %" PRId64 " pts %" PRId64 " stream %" PRId64, - opkt.dts, opkt.pts, video_out_stream->cur_dts); - opkt.dts = video_out_stream->cur_dts; - if ( opkt.dts > opkt.pts ) { - opkt.pts = opkt.dts; - } - } - - opkt.flags = ipkt->flags; - opkt.pos = -1; - opkt.data = ipkt->data; - opkt.size = ipkt->size; + dumpPacket(video_out_stream, &opkt, "after pts adjustment"); write_packet(&opkt, video_out_stream); zm_av_packet_unref(&opkt); @@ -1020,7 +976,7 @@ int VideoStore::writeAudioFramePacket(AVPacket *ipkt) { dumpPacket(audio_in_stream, ipkt, "after pts adjustment"); if ( audio_out_codec ) { - if ( ( ret = zm_receive_frame(audio_in_ctx, in_frame, *ipkt) ) < 0 ) { + if ( ( ret = zm_send_packet_receive_frame(audio_in_ctx, in_frame, *ipkt) ) <= 0 ) { Debug(3, "Not ready to receive frame"); return 0; } @@ -1034,7 +990,7 @@ int VideoStore::writeAudioFramePacket(AVPacket *ipkt) { zm_dump_frame(out_frame, "Out frame after resample"); av_init_packet(&opkt); - if ( !zm_send_frame(audio_out_ctx, out_frame, opkt) ) { + if ( zm_send_frame_receive_packet(audio_out_ctx, out_frame, opkt) <= 0 ) { return 0; } @@ -1048,9 +1004,9 @@ int VideoStore::writeAudioFramePacket(AVPacket *ipkt) { #if LIBAVCODEC_VERSION_CHECK(57, 64, 0, 64, 0) // While the encoder still has packets for us - while ( !avcodec_receive_packet(audio_out_ctx, &opkt) ) { + while ( ! ( avcodec_receive_packet(audio_out_ctx, &opkt) < 0 ) ) { av_packet_rescale_ts(&opkt, audio_out_ctx->time_base, audio_out_stream->time_base); - dumpPacket(audio_out_stream, &opkt, "raw opkt"); + dumpPacket(audio_out_stream, &opkt, "secondary opkt"); write_packet(&opkt, audio_out_stream); } #endif @@ -1166,12 +1122,15 @@ int VideoStore::resample_audio() { av_make_error_string(ret).c_str()); return 0; } - zm_dump_frame(out_frame, "Out frame after resample"); - out_frame->pkt_duration = in_frame->pkt_duration; // resampling doesn't alter duration + zm_dump_frame(out_frame, "Out frame after resample delay"); + Debug(3,"sws_get_delay %d", + swr_get_delay(resample_ctx, audio_out_ctx->sample_rate)); + //out_frame->pkt_duration = in_frame->pkt_duration; // resampling doesn't alter duration ret = av_audio_fifo_realloc(fifo, av_audio_fifo_size(fifo) + out_frame->nb_samples); if ( ret < 0 ) { - Error("Could not reallocate FIFO"); + Error("Could not reallocate FIFO to %d samples", + av_audio_fifo_size(fifo) + out_frame->nb_samples); return 0; } /** Store the new samples in the FIFO buffer. */ @@ -1198,19 +1157,10 @@ int VideoStore::resample_audio() { } out_frame->nb_samples = frame_size; zm_dump_frame(out_frame, "Out frame after fifo read"); - // resampling changes the duration because the timebase is 1/samples - // I think we should be dealing in codec timebases not stream -#if 0 - if ( in_frame->pts != AV_NOPTS_VALUE ) { - out_frame->pts = av_rescale_q( - in_frame->pts, - audio_in_ctx->time_base, - audio_out_ctx->time_base); - } -#else - out_frame->pts = audio_next_pts; - audio_next_pts += out_frame->nb_samples; -#endif + + out_frame->pts = audio_next_pts; + audio_next_pts += out_frame->nb_samples; + zm_dump_frame(out_frame, "Out frame after timestamp conversion"); #else #if defined(HAVE_LIBAVRESAMPLE) From 5ddd20ed1a8554d476d4c7fbcd1fbe394f3959d3 Mon Sep 17 00:00:00 2001 From: Isaac Connor Date: Fri, 13 Sep 2019 14:34:53 -0400 Subject: [PATCH 540/922] refactor code. Handle resample buffering during encoding instead of when closing file --- src/zm_ffmpeg.cpp | 87 ++++++++++++++++++++++ src/zm_ffmpeg.h | 26 +++++++ src/zm_videostore.cpp | 168 +++++++----------------------------------- src/zm_videostore.h | 4 +- 4 files changed, 142 insertions(+), 143 deletions(-) diff --git a/src/zm_ffmpeg.cpp b/src/zm_ffmpeg.cpp index 5616dcd91..55fc52f73 100644 --- a/src/zm_ffmpeg.cpp +++ b/src/zm_ffmpeg.cpp @@ -640,3 +640,90 @@ void zm_packet_copy_rescale_ts(const AVPacket *ipkt, AVPacket *opkt, const AVRat opkt->duration = ipkt->duration; av_packet_rescale_ts(opkt, src_tb, dst_tb); } + +#if defined(HAVE_LIBSWRESAMPLE) || defined(HAVE_LIBAVRESAMPLE) +int zm_resample_audio( +#if defined(HAVE_LIBSWRESAMPLE) + SwrContext *resample_ctx, +#else +#if defined(HAVE_LIBSWRESAMPLE) + AVAudioResampleContext *resample_ctx, +#endif +#endif + AVFrame *in_frame, + AVFrame *out_frame + ) { +#if defined(HAVE_LIBSWRESAMPLE) + // Resample the in_frame into the audioSampleBuffer until we process the whole + // decoded data. Note: pts does not survive resampling or converting + Debug(2, "Converting %d to %d samples using swresample", + in_frame->nb_samples, out_frame->nb_samples); + int ret = swr_convert_frame(resample_ctx, out_frame, in_frame); + if ( ret < 0 ) { + Error("Could not resample frame (error '%s')", + av_make_error_string(ret).c_str()); + return 0; + } + Debug(3,"sws_get_delay %d", + swr_get_delay(resample_ctx, out_frame->sample_rate)); +#else +#if defined(HAVE_LIBAVRESAMPLE) + int ret = avresample_convert(resample_ctx, NULL, 0, 0, in_frame->data, + 0, in_frame->nb_samples); + if ( ret < 0 ) { + Error("Could not resample frame (error '%s')", + av_make_error_string(ret).c_str()); + return 0; + } + int samples_available = avresample_available(resample_ctx); + if ( samples_available < out_frame->nb_samples ) { + Debug(1, "Not enough samples yet (%d)", samples_available); + return 0; + } + + // Read a frame audio data from the resample fifo + if ( avresample_read(resample_ctx, out_frame->data, out_frame->nb_samples) != + out_frame->nb_samples) { + Warning("Error reading resampled audio."); + return 0; + } +#endif +#endif + zm_dump_frame(out_frame, "Out frame after resample delay"); + return 1; +} +#endif + +int zm_add_samples_to_fifo(AVAudioFifo *fifo, AVFrame *frame) { + int ret = av_audio_fifo_realloc(fifo, av_audio_fifo_size(fifo) + frame->nb_samples); + if ( ret < 0 ) { + Error("Could not reallocate FIFO to %d samples", + av_audio_fifo_size(fifo) + frame->nb_samples); + return 0; + } + /** Store the new samples in the FIFO buffer. */ + ret = av_audio_fifo_write(fifo, (void **)frame->data, frame->nb_samples); + if ( ret < frame->nb_samples ) { + Error("Could not write data to FIFO. %d written, expecting %d. Reason %s", + ret, frame->nb_samples, av_make_error_string(ret).c_str()); + return 0; + } + return 1; +} + +int zm_get_samples_from_fifo(AVAudioFifo *fifo, AVFrame *frame) { + // AAC requires 1024 samples per encode. Our input tends to be something else, so need to buffer them. + if ( frame->nb_samples > av_audio_fifo_size(fifo) ) { + Debug(1, "Not enough samples in fifo for AAC codec frame_size %d > fifo size %d", + frame->nb_samples, av_audio_fifo_size(fifo)); + return 0; + } + + if ( av_audio_fifo_read(fifo, (void **)frame->data, frame->nb_samples) < frame->nb_samples ) { + Error("Could not read data from FIFO"); + return 0; + } +//out_frame->nb_samples = frame_size; + zm_dump_frame(frame, "Out frame after fifo read"); + return 1; +} diff --git a/src/zm_ffmpeg.h b/src/zm_ffmpeg.h index 0aa6c6d68..ff2da509c 100644 --- a/src/zm_ffmpeg.h +++ b/src/zm_ffmpeg.h @@ -24,6 +24,14 @@ extern "C" { +#ifdef HAVE_LIBSWRESAMPLE + #include "libswresample/swresample.h" +#else + #ifdef HAVE_LIBAVRESAMPLE + #include "libavresample/avresample.h" + #endif +#endif + // AVUTIL #if HAVE_LIBAVUTIL_AVUTIL_H #include "libavutil/avassert.h" @@ -31,6 +39,7 @@ extern "C" { #include #include #include +#include "libavutil/audio_fifo.h" /* LIBAVUTIL_VERSION_CHECK checks for the right version of libav and FFmpeg * The original source is vlc (in modules/codec/avcodec/avcommon_compat.h) @@ -360,4 +369,21 @@ int zm_send_frame_receive_packet(AVCodecContext *context, AVFrame *frame, AVPack void dumpPacket(AVStream *, AVPacket *,const char *text=""); void dumpPacket(AVPacket *,const char *text=""); void zm_packet_copy_rescale_ts(const AVPacket *ipkt, AVPacket *opkt, const AVRational src_tb, const AVRational dst_tb); + +#if defined(HAVE_LIBSWRESAMPLE) || defined(HAVE_LIBAVRESAMPLE) +int zm_resample_audio( +#if defined(HAVE_LIBSWRESAMPLE) + SwrContext *resample_ctx, +#else +#if defined(HAVE_LIBSWRESAMPLE) + AVAudioResampleContext *resample_ctx, +#endif +#endif + AVFrame *in_frame, + AVFrame *out_frame + ); +#endif +int zm_add_samples_to_fifo(AVAudioFifo *fifo, AVFrame *frame); +int zm_get_samples_from_fifo(AVAudioFifo *fifo, AVFrame *frame); + #endif // ZM_FFMPEG_H diff --git a/src/zm_videostore.cpp b/src/zm_videostore.cpp index 9653bf9cf..ec1459fae 100644 --- a/src/zm_videostore.cpp +++ b/src/zm_videostore.cpp @@ -933,41 +933,11 @@ int VideoStore::writeAudioFramePacket(AVPacket *ipkt) { dumpPacket(audio_in_stream, ipkt, "input packet"); if ( !audio_first_pts ) { -#if 0 - // Since audio starts after the start of the video, need to set this here. - audio_first_pts = av_rescale_q( - video_first_pts, - video_in_stream->time_base, - audio_in_stream->time_base - ); - Debug(2, "Starting audio first_pts will become %" PRId64, audio_first_pts); - audio_next_pts = ipkt->pts - audio_first_pts; - if ( audio_next_pts < 0 ) { - audio_first_pts -= audio_next_pts; - audio_next_pts = 0; - } -#else audio_first_pts = ipkt->pts; audio_next_pts = audio_out_ctx->frame_size; -#endif } if ( !audio_first_dts ) { -#if 0 - // Since audio starts after the start of the video, need to set this here. - audio_first_dts = av_rescale_q( - video_first_dts, - video_in_stream->time_base, - audio_in_stream->time_base - ); - audio_next_dts = ipkt->dts - audio_first_dts; - if ( audio_next_dts < 0 ) { - audio_first_dts -= audio_next_dts; - audio_next_dts = 0; - } - Debug(2, "Starting audio first_dts will become %" PRId64, audio_first_dts); -#else audio_first_dts = ipkt->dts; -#endif } // Need to adjust pts before feeding to decoder.... should really copy the pkt instead of modifying it @@ -976,41 +946,45 @@ int VideoStore::writeAudioFramePacket(AVPacket *ipkt) { dumpPacket(audio_in_stream, ipkt, "after pts adjustment"); if ( audio_out_codec ) { + // I wonder if we can get multiple frames per packet? Probably if ( ( ret = zm_send_packet_receive_frame(audio_in_ctx, in_frame, *ipkt) ) <= 0 ) { Debug(3, "Not ready to receive frame"); return 0; } - zm_dump_frame(in_frame, "In frame from decode"); - if ( !resample_audio() ) { - //av_frame_unref(in_frame); - return 0; - } - zm_dump_frame(out_frame, "Out frame after resample"); + AVFrame *input_frame = in_frame; - av_init_packet(&opkt); - if ( zm_send_frame_receive_packet(audio_out_ctx, out_frame, opkt) <= 0 ) { - return 0; - } + while ( zm_resample_audio(resample_ctx, input_frame, out_frame) ) { + //out_frame->pkt_duration = in_frame->pkt_duration; // resampling doesn't alter duration + if ( zm_add_samples_to_fifo(fifo, out_frame) <= 0 ) + break; - // Scale the PTS of the outgoing packet to be the correct time base - av_packet_rescale_ts(&opkt, - audio_out_ctx->time_base, - audio_out_stream->time_base); + if ( zm_get_samples_from_fifo(fifo, out_frame) <= 0 ) + break; - write_packet(&opkt, audio_out_stream); - zm_av_packet_unref(&opkt); + out_frame->pts = audio_next_pts; + audio_next_pts += out_frame->nb_samples; + + zm_dump_frame(out_frame, "Out frame after resample"); + + av_init_packet(&opkt); + if ( zm_send_frame_receive_packet(audio_out_ctx, out_frame, opkt) <= 0 ) + break; + + // Scale the PTS of the outgoing packet to be the correct time base + av_packet_rescale_ts(&opkt, + audio_out_ctx->time_base, + audio_out_stream->time_base); -#if LIBAVCODEC_VERSION_CHECK(57, 64, 0, 64, 0) - // While the encoder still has packets for us - while ( ! ( avcodec_receive_packet(audio_out_ctx, &opkt) < 0 ) ) { - av_packet_rescale_ts(&opkt, audio_out_ctx->time_base, audio_out_stream->time_base); - dumpPacket(audio_out_stream, &opkt, "secondary opkt"); write_packet(&opkt, audio_out_stream); - } -#endif - zm_av_packet_unref(&opkt); + zm_av_packet_unref(&opkt); + + if ( swr_get_delay(resample_ctx, out_frame->sample_rate) < out_frame->nb_samples) + break; + // This will send a null frame, emptying out the resample buffer + input_frame = NULL; + } // end while there is data in the resampler } else { Debug(2,"copying"); @@ -1108,89 +1082,3 @@ int VideoStore::write_packet(AVPacket *pkt, AVStream *stream) { } return ret; } // end int VideoStore::write_packet(AVPacket *pkt, AVStream *stream) - -int VideoStore::resample_audio() { - // Resample the in_frame into the audioSampleBuffer until we process the whole - // decoded data. Note: pts does not survive resampling or converting -#if defined(HAVE_LIBSWRESAMPLE) || defined(HAVE_LIBAVRESAMPLE) -#if defined(HAVE_LIBSWRESAMPLE) - Debug(2, "Converting %d to %d samples using swresample", - in_frame->nb_samples, out_frame->nb_samples); - int ret = swr_convert_frame(resample_ctx, out_frame, in_frame); - if ( ret < 0 ) { - Error("Could not resample frame (error '%s')", - av_make_error_string(ret).c_str()); - return 0; - } - zm_dump_frame(out_frame, "Out frame after resample delay"); - Debug(3,"sws_get_delay %d", - swr_get_delay(resample_ctx, audio_out_ctx->sample_rate)); - //out_frame->pkt_duration = in_frame->pkt_duration; // resampling doesn't alter duration - - ret = av_audio_fifo_realloc(fifo, av_audio_fifo_size(fifo) + out_frame->nb_samples); - if ( ret < 0 ) { - Error("Could not reallocate FIFO to %d samples", - av_audio_fifo_size(fifo) + out_frame->nb_samples); - return 0; - } - /** Store the new samples in the FIFO buffer. */ - ret = av_audio_fifo_write(fifo, (void **)out_frame->data, out_frame->nb_samples); - if ( ret < out_frame->nb_samples ) { - Error("Could not write data to FIFO. %d written, expecting %d. Reason %s", - ret, out_frame->nb_samples, av_make_error_string(ret).c_str()); - return 0; - } - - // Reset frame_size to output_frame_size - int frame_size = audio_out_ctx->frame_size; - - // AAC requires 1024 samples per encode. Our input tends to be something else, so need to buffer them. - if ( frame_size > av_audio_fifo_size(fifo) ) { - Debug(1, "Not enough samples in fifo for AAC codec frame_size %d > fifo size %d", - frame_size, av_audio_fifo_size(fifo)); - return 0; - } - - if ( av_audio_fifo_read(fifo, (void **)out_frame->data, frame_size) < frame_size ) { - Error("Could not read data from FIFO"); - return 0; - } - out_frame->nb_samples = frame_size; - zm_dump_frame(out_frame, "Out frame after fifo read"); - - out_frame->pts = audio_next_pts; - audio_next_pts += out_frame->nb_samples; - - zm_dump_frame(out_frame, "Out frame after timestamp conversion"); -#else -#if defined(HAVE_LIBAVRESAMPLE) - ret = avresample_convert(resample_ctx, NULL, 0, 0, in_frame->data, - 0, in_frame->nb_samples); - if ( ret < 0 ) { - Error("Could not resample frame (error '%s')", - av_make_error_string(ret).c_str()); - return 0; - } - - int frame_size = audio_out_ctx->frame_size; - - int samples_available = avresample_available(resample_ctx); - if ( samples_available < frame_size ) { - Debug(1, "Not enough samples yet (%d)", samples_available); - return 0; - } - - // Read a frame audio data from the resample fifo - if ( avresample_read(resample_ctx, out_frame->data, frame_size) != - frame_size) { - Warning("Error reading resampled audio."); - return 0; - } -#endif -#endif -#else - Error("Have audio codec but no resampler?!"); - return 0; -#endif - return 1; -} // end int VideoStore::resample_audio diff --git a/src/zm_videostore.h b/src/zm_videostore.h index 01dbc4d78..cd704403d 100644 --- a/src/zm_videostore.h +++ b/src/zm_videostore.h @@ -5,12 +5,12 @@ extern "C" { #ifdef HAVE_LIBSWRESAMPLE #include "libswresample/swresample.h" - #include "libavutil/audio_fifo.h" #else #ifdef HAVE_LIBAVRESAMPLE #include "libavresample/avresample.h" #endif #endif +#include "libavutil/audio_fifo.h" } #if HAVE_LIBAVCODEC @@ -76,8 +76,6 @@ private: int64_t audio_next_dts; bool setup_resampler(); - int resample_audio(); - int write_packet(AVPacket *pkt, AVStream *stream); public: From 3a5d1ff3caa1b9cbcc32f1eaec97823f33bed373 Mon Sep 17 00:00:00 2001 From: Isaac Connor Date: Fri, 13 Sep 2019 15:51:35 -0400 Subject: [PATCH 541/922] Hack in missing bits for ubuntu trusty/libav/avresample --- src/zm_ffmpeg.cpp | 50 ++++++++++++++++++++++++++++++++++++++++++- src/zm_ffmpeg.h | 18 +++++++++++++++- src/zm_videostore.cpp | 21 ++++++------------ src/zm_videostore.h | 2 +- 4 files changed, 73 insertions(+), 18 deletions(-) diff --git a/src/zm_ffmpeg.cpp b/src/zm_ffmpeg.cpp index 55fc52f73..f4a8d74f6 100644 --- a/src/zm_ffmpeg.cpp +++ b/src/zm_ffmpeg.cpp @@ -434,6 +434,35 @@ unsigned int zm_av_packet_ref( AVPacket *dst, AVPacket *src ) { dst->stream_index = src->stream_index; return 0; } +const char *avcodec_get_name(enum AVCodecID id) { + const AVCodecDescriptor *cd; + if ( id == AV_CODEC_ID_NONE) + return "none"; + cd = avcodec_descriptor_get(id); + if (cd) + return cd->name; + AVCodec *codec; + codec = avcodec_find_decoder(id); + if (codec) + return codec->name; + codec = avcodec_find_encoder(id); + if (codec) + return codec->name; + return "unknown codec"; +} + +void av_packet_rescale_ts( + AVPacket *pkt, + AVRational src_tb, + AVRational dst_tb + ) { + if ( pkt->pts != AV_NOPTS_VALUE) + pkt->pts = av_rescale_q(pkt->pts, src_tb, dst_tb); + if ( pkt->dts != AV_NOPTS_VALUE) + pkt->dts = av_rescale_q(pkt->dts, src_tb, dst_tb); + if ( pkt->duration != AV_NOPTS_VALUE) + pkt->duration = av_rescale_q(pkt->duration, src_tb, dst_tb); +} #endif bool is_video_stream( AVStream * stream ) { @@ -646,7 +675,7 @@ int zm_resample_audio( #if defined(HAVE_LIBSWRESAMPLE) SwrContext *resample_ctx, #else -#if defined(HAVE_LIBSWRESAMPLE) +#if defined(HAVE_LIBAVRESAMPLE) AVAudioResampleContext *resample_ctx, #endif #endif @@ -692,6 +721,24 @@ int zm_resample_audio( zm_dump_frame(out_frame, "Out frame after resample delay"); return 1; } +int zm_resample_get_delay( +#if defined(HAVE_LIBSWRESAMPLE) + SwrContext *resample_ctx, +#else +#if defined(HAVE_LIBAVRESAMPLE) + AVAudioResampleContext *resample_ctx, +#endif +#endif + int time_base + ) { +#if defined(HAVE_LIBSWRESAMPLE) + return sws_get_delay(resample_ctx, time_base); +#else +#if defined(HAVE_LIBAVRESAMPLE) + return avresample_available(resample_ctx); +#endif +#endif +} #endif int zm_add_samples_to_fifo(AVAudioFifo *fifo, AVFrame *frame) { @@ -727,3 +774,4 @@ int zm_get_samples_from_fifo(AVAudioFifo *fifo, AVFrame *frame) { zm_dump_frame(frame, "Out frame after fifo read"); return 1; } + diff --git a/src/zm_ffmpeg.h b/src/zm_ffmpeg.h index ff2da509c..c65bb38a0 100644 --- a/src/zm_ffmpeg.h +++ b/src/zm_ffmpeg.h @@ -337,6 +337,9 @@ void zm_dump_codecpar(const AVCodecParameters *par); #else unsigned int zm_av_packet_ref( AVPacket *dst, AVPacket *src ); #define zm_av_packet_unref( packet ) av_free_packet( packet ) + const char *avcodec_get_name(AVCodecID id); + + void av_packet_rescale_ts(AVPacket *pkt, AVRational src_tb, AVRational dst_tb); #endif #if LIBAVCODEC_VERSION_CHECK(52, 23, 0, 23, 0) #define zm_avcodec_decode_video( context, rawFrame, frameComplete, packet ) avcodec_decode_video2( context, rawFrame, frameComplete, packet ) @@ -375,15 +378,28 @@ int zm_resample_audio( #if defined(HAVE_LIBSWRESAMPLE) SwrContext *resample_ctx, #else -#if defined(HAVE_LIBSWRESAMPLE) +#if defined(HAVE_LIBAVRESAMPLE) AVAudioResampleContext *resample_ctx, #endif #endif AVFrame *in_frame, AVFrame *out_frame ); +int zm_resample_get_delay( +#if defined(HAVE_LIBSWRESAMPLE) + SwrContext *resample_ctx, +#else +#if defined(HAVE_LIBAVRESAMPLE) + AVAudioResampleContext *resample_ctx, #endif +#endif + int time_base + ); + +#endif + int zm_add_samples_to_fifo(AVAudioFifo *fifo, AVFrame *frame); int zm_get_samples_from_fifo(AVAudioFifo *fifo, AVFrame *frame); + #endif // ZM_FFMPEG_H diff --git a/src/zm_videostore.cpp b/src/zm_videostore.cpp index ec1459fae..d411ac8ae 100644 --- a/src/zm_videostore.cpp +++ b/src/zm_videostore.cpp @@ -445,21 +445,12 @@ VideoStore::~VideoStore() { /* * At the end of the file, we pass the remaining samples to * the encoder. */ - while ( swr_get_delay(resample_ctx, audio_out_ctx->sample_rate) ) { - swr_convert_frame(resample_ctx, out_frame, NULL); - int ret = av_audio_fifo_realloc(fifo, av_audio_fifo_size(fifo) + out_frame->nb_samples); - if ( ret < 0 ) { - Error("Could not reallocate FIFO to %d samples", - av_audio_fifo_size(fifo) + out_frame->nb_samples); - } else { - /** Store the new samples in the FIFO buffer. */ - ret = av_audio_fifo_write(fifo, (void **)out_frame->data, out_frame->nb_samples); - if ( ret < out_frame->nb_samples ) { - Error("Could not write data to FIFO. %d written, expecting %d. Reason %s", - ret, out_frame->nb_samples, av_make_error_string(ret).c_str()); - } + while ( zm_resample_get_delay(resample_ctx, audio_out_ctx->sample_rate) ) { + zm_resample_audio(resample_ctx, out_frame, NULL); + + if ( zm_add_samples_to_fifo(fifo, out_frame) ) { // Should probably set the frame size to what is reported FIXME - if ( av_audio_fifo_read(fifo, (void **)out_frame->data, frame_size) ) { + if ( zm_get_samples_from_fifo(fifo, out_frame) ) { if ( zm_send_frame_receive_packet(audio_out_ctx, out_frame, pkt) ) { pkt.stream_index = audio_out_stream->index; @@ -980,7 +971,7 @@ int VideoStore::writeAudioFramePacket(AVPacket *ipkt) { write_packet(&opkt, audio_out_stream); zm_av_packet_unref(&opkt); - if ( swr_get_delay(resample_ctx, out_frame->sample_rate) < out_frame->nb_samples) + if ( zm_resample_get_delay(resample_ctx, out_frame->sample_rate) < out_frame->nb_samples) break; // This will send a null frame, emptying out the resample buffer input_frame = NULL; diff --git a/src/zm_videostore.h b/src/zm_videostore.h index cd704403d..f8a2f2a97 100644 --- a/src/zm_videostore.h +++ b/src/zm_videostore.h @@ -47,12 +47,12 @@ private: AVCodecContext *audio_out_ctx; #ifdef HAVE_LIBSWRESAMPLE SwrContext *resample_ctx; - AVAudioFifo *fifo; #else #ifdef HAVE_LIBAVRESAMPLE AVAudioResampleContext* resample_ctx; #endif #endif + AVAudioFifo *fifo; uint8_t *converted_in_samples; const char *filename; From eafa0da06fa82b5b3d5893b49edd6e39c076ba75 Mon Sep 17 00:00:00 2001 From: Isaac Connor Date: Fri, 13 Sep 2019 16:06:25 -0400 Subject: [PATCH 542/922] fixes, handle when audio codec isn't open in ffmpeg_camera --- src/zm_ffmpeg.cpp | 7 ++++--- src/zm_videostore.cpp | 13 ++++++++----- 2 files changed, 12 insertions(+), 8 deletions(-) diff --git a/src/zm_ffmpeg.cpp b/src/zm_ffmpeg.cpp index f4a8d74f6..3622a5faa 100644 --- a/src/zm_ffmpeg.cpp +++ b/src/zm_ffmpeg.cpp @@ -718,18 +718,19 @@ int zm_resample_audio( } #endif #endif - zm_dump_frame(out_frame, "Out frame after resample delay"); + zm_dump_frame(out_frame, "Out frame after resample"); return 1; } + int zm_resample_get_delay( #if defined(HAVE_LIBSWRESAMPLE) SwrContext *resample_ctx, #else #if defined(HAVE_LIBAVRESAMPLE) - AVAudioResampleContext *resample_ctx, + AVAudioResampleContext *resample_ctx, #endif #endif - int time_base + int time_base ) { #if defined(HAVE_LIBSWRESAMPLE) return sws_get_delay(resample_ctx, time_base); diff --git a/src/zm_videostore.cpp b/src/zm_videostore.cpp index d411ac8ae..a3fde7f2c 100644 --- a/src/zm_videostore.cpp +++ b/src/zm_videostore.cpp @@ -273,9 +273,7 @@ VideoStore::VideoStore( out_frame = NULL; #if defined(HAVE_LIBSWRESAMPLE) || defined(HAVE_LIBAVRESAMPLE) resample_ctx = NULL; -#if defined(HAVE_LIBSWRESAMPLE) fifo = NULL; -#endif #endif video_first_pts = 0; video_first_dts = 0; @@ -577,11 +575,11 @@ VideoStore::~VideoStore() { #if defined(HAVE_LIBAVRESAMPLE) || defined(HAVE_LIBSWRESAMPLE) if ( resample_ctx ) { - #if defined(HAVE_LIBSWRESAMPLE) if ( fifo ) { av_audio_fifo_free(fifo); fifo = NULL; } + #if defined(HAVE_LIBSWRESAMPLE) swr_free(&resample_ctx); #else #if defined(HAVE_LIBAVRESAMPLE) @@ -636,7 +634,12 @@ bool VideoStore::setup_resampler() { // codec is already open in ffmpeg_camera audio_in_ctx = audio_in_stream->codec; audio_in_codec = reinterpret_cast(audio_in_ctx->codec); - //audio_in_codec = avcodec_find_decoder(audio_in_stream->codec->codec_id); + if ( !audio_in_codec ) { + audio_in_codec = avcodec_find_decoder(audio_in_stream->codec->codec_id); + } + if ( !audio_in_codec ) { + return false; + } #endif #if LIBAVCODEC_VERSION_CHECK(57, 64, 0, 64, 0) @@ -770,13 +773,13 @@ bool VideoStore::setup_resampler() { return false; } -#if defined(HAVE_LIBSWRESAMPLE) if ( !(fifo = av_audio_fifo_alloc( audio_out_ctx->sample_fmt, audio_out_ctx->channels, 1)) ) { Error("Could not allocate FIFO"); return false; } +#if defined(HAVE_LIBSWRESAMPLE) resample_ctx = swr_alloc_set_opts(NULL, audio_out_ctx->channel_layout, audio_out_ctx->sample_fmt, From 193a71dfbdc615422052457c0c8483e47e306d45 Mon Sep 17 00:00:00 2001 From: Isaac Connor Date: Fri, 13 Sep 2019 16:10:15 -0400 Subject: [PATCH 543/922] add libavresample-dev to depends --- distros/ubuntu1204/control | 1 + 1 file changed, 1 insertion(+) diff --git a/distros/ubuntu1204/control b/distros/ubuntu1204/control index cc6158334..1a2c6c9e0 100644 --- a/distros/ubuntu1204/control +++ b/distros/ubuntu1204/control @@ -7,6 +7,7 @@ Build-Depends: debhelper (>= 9), python-sphinx | python3-sphinx, apache2-dev, dh ,cmake ,libx264-dev, libmp4v2-dev ,libavcodec-dev, libavformat-dev (>= 3:0.svn20090204), libswscale-dev (>= 3:0.svn20090204), libavutil-dev, libavdevice-dev + ,libavresample-dev ,libbz2-dev ,libgcrypt-dev ,libcurl4-gnutls-dev From 32a1ab58b5b91a80439c6ec328cf961ea8fcc1fe Mon Sep 17 00:00:00 2001 From: Isaac Connor Date: Sun, 15 Sep 2019 12:19:35 -0400 Subject: [PATCH 544/922] remove use of userLogin which was removed recently --- web/includes/actions/user.php | 9 ++++----- 1 file changed, 4 insertions(+), 5 deletions(-) diff --git a/web/includes/actions/user.php b/web/includes/actions/user.php index a786f78d7..bdbafd176 100644 --- a/web/includes/actions/user.php +++ b/web/includes/actions/user.php @@ -37,7 +37,6 @@ if ( $action == 'user' ) { if ( $_REQUEST['newUser']['Password'] ) { $changes['Password'] = 'Password = '.$pass_hash; - ZM\Info('PASS CMD='.$changes['Password']); } else { unset($changes['Password']); } @@ -47,7 +46,7 @@ if ( $action == 'user' ) { dbQuery('UPDATE Users SET '.implode(', ', $changes).' WHERE Id = ?', array($_REQUEST['uid'])); # If we are updating the logged in user, then update our session user data. if ( $user and ( $dbUser['Username'] == $user['Username'] ) ) - userLogin($dbUser['Username'], $dbUser['Password']); + generateAuthHash(ZM_AUTH_HASH_IPS); } else { dbQuery('INSERT INTO Users SET '.implode(', ', $changes)); } @@ -71,13 +70,13 @@ if ( $action == 'user' ) { if ( !empty($_REQUEST['newUser']['Password']) ) { $changes['Password'] = 'Password = '.$pass_hash; - } - - else + } else { unset($changes['Password']); + } if ( count($changes) ) { dbQuery('UPDATE Users SET '.implode(', ', $changes).' WHERE Id=?', array($uid)); $refreshParent = true; + generateAuthHash(ZM_AUTH_HASH_IPS); } $view = 'none'; } From 306bda86c2b5f8d0b0f5f129db980bf7b98d639d Mon Sep 17 00:00:00 2001 From: Isaac Connor Date: Fri, 13 Sep 2019 21:28:43 -0400 Subject: [PATCH 545/922] fix sws_get_delay --- src/zm_ffmpeg.cpp | 4 ++-- 1 file changed, 2 insertions(+), 2 deletions(-) diff --git a/src/zm_ffmpeg.cpp b/src/zm_ffmpeg.cpp index 3622a5faa..81506cad2 100644 --- a/src/zm_ffmpeg.cpp +++ b/src/zm_ffmpeg.cpp @@ -693,7 +693,7 @@ int zm_resample_audio( av_make_error_string(ret).c_str()); return 0; } - Debug(3,"sws_get_delay %d", + Debug(3,"swr_get_delay %d", swr_get_delay(resample_ctx, out_frame->sample_rate)); #else #if defined(HAVE_LIBAVRESAMPLE) @@ -733,7 +733,7 @@ int zm_resample_get_delay( int time_base ) { #if defined(HAVE_LIBSWRESAMPLE) - return sws_get_delay(resample_ctx, time_base); + return swr_get_delay(resample_ctx, time_base); #else #if defined(HAVE_LIBAVRESAMPLE) return avresample_available(resample_ctx); From 675cbe8854a87b9ea9b67c08e5e7f8e343d1e321 Mon Sep 17 00:00:00 2001 From: Isaac Connor Date: Sat, 14 Sep 2019 10:48:39 -0400 Subject: [PATCH 546/922] code style, add bytes per second read statistic and a code comment about the sleeping --- src/zm_file_camera.cpp | 51 +++++++++++++++++++++++++----------------- 1 file changed, 31 insertions(+), 20 deletions(-) diff --git a/src/zm_file_camera.cpp b/src/zm_file_camera.cpp index 1bc861b23..a7883c5d5 100644 --- a/src/zm_file_camera.cpp +++ b/src/zm_file_camera.cpp @@ -1,31 +1,27 @@ // // ZoneMinder File Camera Class Implementation, $Date$, $Revision$ // Copyright (C) 2001-2008 Philip Coombes -// +// // This program is free software; you can redistribute it and/or // modify it under the terms of the GNU General Public License // as published by the Free Software Foundation; either version 2 // of the License, or (at your option) any later version. -// +// // This program is distributed in the hope that it will be useful, // but WITHOUT ANY WARRANTY; without even the implied warranty of // MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the // GNU General Public License for more details. -// +// // You should have received a copy of the GNU General Public License // along with this program; if not, write to the Free Software // Foundation, Inc., 51 Franklin Street, Fifth Floor, Boston, MA 02110-1301 USA. -// +// #include #include #include #include #include -#include -#include -#include -#include #include #include #include @@ -45,8 +41,20 @@ FileCamera::FileCamera( int p_hue, int p_colour, bool p_capture, - bool p_record_audio - ) : Camera( p_id, FILE_SRC, p_width, p_height, p_colours, ZM_SUBPIX_ORDER_DEFAULT_FOR_COLOUR(p_colours), p_brightness, p_contrast, p_hue, p_colour, p_capture, p_record_audio ) + bool p_record_audio) + : Camera( + p_id, + FILE_SRC, + p_width, + p_height, + p_colours, + ZM_SUBPIX_ORDER_DEFAULT_FOR_COLOUR(p_colours), + p_brightness, + p_contrast, + p_hue, + p_colour, + p_capture, + p_record_audio) { strncpy( path, p_path, sizeof(path)-1 ); if ( capture ) { @@ -62,8 +70,7 @@ FileCamera::~FileCamera() { void FileCamera::Initialise() { if ( !path[0] ) { - Error( "No path specified for file image" ); - exit( -1 ); + Fatal("No path specified for file image"); } } @@ -72,21 +79,25 @@ void FileCamera::Terminate() { int FileCamera::PreCapture() { struct stat statbuf; - if ( stat( path, &statbuf ) < 0 ) { - Error( "Can't stat %s: %s", path, strerror(errno) ); - return( -1 ); + if ( stat(path, &statbuf) < 0 ) { + Error("Can't stat %s: %s", path, strerror(errno)); + return -1; } + bytes += statbuf.st_size; + // This waits until 1 second has passed since it was modified. Effectively limiting fps to 60. + // Which is kinda bogus. If we were writing to this jpg constantly faster than we are monitoring it here + // we would never break out of this loop while ( (time(0) - statbuf.st_mtime) < 1 ) { - usleep( 100000 ); + usleep(100000); } - return( 0 ); + return 0; } -int FileCamera::Capture( Image &image ) { - return( image.ReadJpeg( path, colours, subpixelorder )?1:-1 ); +int FileCamera::Capture(Image &image) { + return image.ReadJpeg(path, colours, subpixelorder)?1:-1; } int FileCamera::PostCapture() { - return( 0 ); + return 0; } From 0a31a8dab6331b72d2170abc15a9532f5c440ff8 Mon Sep 17 00:00:00 2001 From: Isaac Connor Date: Sun, 15 Sep 2019 17:53:25 -0400 Subject: [PATCH 547/922] Just use pts instead of tracking both first pts and first dts. Should prevent conflicts --- src/zm_videostore.cpp | 6 ++++-- 1 file changed, 4 insertions(+), 2 deletions(-) diff --git a/src/zm_videostore.cpp b/src/zm_videostore.cpp index a3fde7f2c..36505cfc5 100644 --- a/src/zm_videostore.cpp +++ b/src/zm_videostore.cpp @@ -901,11 +901,13 @@ int VideoStore::writeVideoFramePacket(AVPacket *ipkt) { // The cameras that Icon has seem to do EOF instead of wrapping if ( ipkt->dts != AV_NOPTS_VALUE ) { +#if 0 if ( !video_first_dts ) { Debug(2, "Starting video first_dts will become %" PRId64, ipkt->dts); video_first_dts = ipkt->dts; } - opkt.dts = ipkt->dts - video_first_dts; +#endif + opkt.dts = ipkt->dts - video_first_pts; } av_packet_rescale_ts(&opkt, video_in_stream->time_base, video_out_stream->time_base); @@ -936,7 +938,7 @@ int VideoStore::writeAudioFramePacket(AVPacket *ipkt) { // Need to adjust pts before feeding to decoder.... should really copy the pkt instead of modifying it ipkt->pts -= audio_first_pts; - ipkt->dts -= audio_first_dts; + ipkt->dts -= audio_first_pts; dumpPacket(audio_in_stream, ipkt, "after pts adjustment"); if ( audio_out_codec ) { From 60cf4586da11c3922ae141817e0b3c4f11805e5f Mon Sep 17 00:00:00 2001 From: Isaac Connor Date: Sun, 15 Sep 2019 17:54:23 -0400 Subject: [PATCH 548/922] Don't return a hostname when not in multi-server. Should prevent problems with reverse proxies --- web/includes/Server.php | 5 +++++ 1 file changed, 5 insertions(+) diff --git a/web/includes/Server.php b/web/includes/Server.php index 535ea44ed..2f9d038a9 100644 --- a/web/includes/Server.php +++ b/web/includes/Server.php @@ -103,6 +103,11 @@ class Server { } public function Url( $port = null ) { + if ( !$this->Id() ) { + # Trying to guess and make up values tends to break proxies. So just return nothing + # so that the resulting url will be something like "?view=" + return ''; + } $url = $this->Protocol().'://'; $url .= $this->Hostname(); if ( $port ) { From 6925a7583117a29cdc65c02b3c78879c90e157b4 Mon Sep 17 00:00:00 2001 From: Isaac Connor Date: Sun, 15 Sep 2019 18:01:38 -0400 Subject: [PATCH 549/922] codec not ready is not an error. Make it a debug --- src/zm_ffmpeg.cpp | 10 ++++++++-- 1 file changed, 8 insertions(+), 2 deletions(-) diff --git a/src/zm_ffmpeg.cpp b/src/zm_ffmpeg.cpp index 81506cad2..339b54c6c 100644 --- a/src/zm_ffmpeg.cpp +++ b/src/zm_ffmpeg.cpp @@ -547,8 +547,14 @@ int zm_send_packet_receive_frame( } if ( (ret = avcodec_receive_frame(context, frame)) < 0 ) { - Error("Unable to send packet %s, continuing", - av_make_error_string(ret).c_str()); + if ( AVERROR(EAGAIN) == ret ) { + // The codec may need more samples than it has, perfectly valid + Debug(2, "Codec not ready to give us a frame"); + return 0; + } else { + Error("Could not recieve frame (error %d = '%s')", ret, + av_make_error_string(ret).c_str()); + } return ret; } # else From deefa0754d17781ac23d5f6bb80e4c5c415b83a0 Mon Sep 17 00:00:00 2001 From: Isaac Connor Date: Mon, 16 Sep 2019 10:53:06 -0400 Subject: [PATCH 550/922] Backtick the fields when updating Monitors --- web/includes/Monitor.php | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/web/includes/Monitor.php b/web/includes/Monitor.php index c46048716..d6f8d1298 100644 --- a/web/includes/Monitor.php +++ b/web/includes/Monitor.php @@ -456,7 +456,7 @@ private $control_fields = array( $fields = array_keys($this->defaults); - $sql = 'UPDATE Monitors SET '.implode(', ', array_map(function($field) {return $field.'=?';}, $fields )) . ' WHERE Id=?'; + $sql = 'UPDATE Monitors SET '.implode(', ', array_map(function($field) {return '`'.$field.'`=?';}, $fields )) . ' WHERE Id=?'; $values = array_map(function($field){return $this->{$field};}, $fields); $values[] = $this->{'Id'}; dbQuery($sql, $values); From 52c17f9651397910582c9a66a3d579a29413f54d Mon Sep 17 00:00:00 2001 From: Isaac Connor Date: Tue, 17 Sep 2019 10:27:38 -0400 Subject: [PATCH 551/922] Set event_path to '' to prevent warnings --- scripts/zmaudit.pl.in | 1 + 1 file changed, 1 insertion(+) diff --git a/scripts/zmaudit.pl.in b/scripts/zmaudit.pl.in index 839b69e0f..57c660342 100644 --- a/scripts/zmaudit.pl.in +++ b/scripts/zmaudit.pl.in @@ -282,6 +282,7 @@ MAIN: while( $loop ) { } #Event path is hour/minute/sec my $event_path = readlink($event_link); + $event_path = '' if ! defined($event_path); Debug("Checking link $event_link points to: $event_path"); if ( !($event_path and -e $event_path) ) { From 54c14b17d78c708a4a037b02a26a654895d4b46b Mon Sep 17 00:00:00 2001 From: Isaac Connor Date: Tue, 17 Sep 2019 10:28:42 -0400 Subject: [PATCH 552/922] Spacing and google code style --- src/zm_config.cpp | 209 ++++++++++++++++++++++++---------------------- 1 file changed, 107 insertions(+), 102 deletions(-) diff --git a/src/zm_config.cpp b/src/zm_config.cpp index 68c9eae08..7d75042ba 100644 --- a/src/zm_config.cpp +++ b/src/zm_config.cpp @@ -29,6 +29,10 @@ #include "zm_utils.h" +// Note that Error and Debug calls won't actually go anywhere unless you +// set the relevant ENV vars because the logger gets it's setting from the +// config. + void zmLoadConfig() { // Process name, value pairs from the main config file first @@ -40,22 +44,22 @@ void zmLoadConfig() { DIR* configSubFolder = opendir(ZM_CONFIG_SUBDIR); if ( configSubFolder ) { // subfolder exists and is readable char glob_pattern[PATH_MAX] = ""; - snprintf( glob_pattern, sizeof(glob_pattern), "%s/*.conf", ZM_CONFIG_SUBDIR ); + snprintf(glob_pattern, sizeof(glob_pattern), "%s/*.conf", ZM_CONFIG_SUBDIR); glob_t pglob; - int glob_status = glob( glob_pattern, 0, 0, &pglob ); + int glob_status = glob(glob_pattern, 0, 0, &pglob); if ( glob_status != 0 ) { if ( glob_status < 0 ) { - Error( "Can't glob '%s': %s", glob_pattern, strerror(errno) ); + Error("Can't glob '%s': %s", glob_pattern, strerror(errno)); } else { - Debug( 1, "Can't glob '%s': %d", glob_pattern, glob_status ); + Debug(1, "Can't glob '%s': %d", glob_pattern, glob_status); } } else { for ( unsigned int i = 0; i < pglob.gl_pathc; i++ ) { process_configfile(pglob.gl_pathv[i]); } } - globfree( &pglob ); + globfree(&pglob); closedir(configSubFolder); } @@ -64,59 +68,60 @@ void zmLoadConfig() { config.Assign(); // Populate the server config entries - if ( ! staticConfig.SERVER_ID ) { - if ( ! staticConfig.SERVER_NAME.empty() ) { + if ( !staticConfig.SERVER_ID ) { + if ( !staticConfig.SERVER_NAME.empty() ) { - Debug( 1, "Fetching ZM_SERVER_ID For Name = %s", staticConfig.SERVER_NAME.c_str() ); - std::string sql = stringtf("SELECT `Id` FROM `Servers` WHERE `Name`='%s'", staticConfig.SERVER_NAME.c_str() ); + Debug(1, "Fetching ZM_SERVER_ID For Name = %s", staticConfig.SERVER_NAME.c_str()); + std::string sql = stringtf("SELECT `Id` FROM `Servers` WHERE `Name`='%s'", + staticConfig.SERVER_NAME.c_str()); zmDbRow dbrow; - if ( dbrow.fetch( sql.c_str() ) ) { + if ( dbrow.fetch(sql.c_str()) ) { staticConfig.SERVER_ID = atoi(dbrow[0]); } else { - Fatal("Can't get ServerId for Server %s", staticConfig.SERVER_NAME.c_str() ); + Fatal("Can't get ServerId for Server %s", staticConfig.SERVER_NAME.c_str()); } } // end if has SERVER_NAME } else if ( staticConfig.SERVER_NAME.empty() ) { - Debug( 1, "Fetching ZM_SERVER_NAME For Id = %d", staticConfig.SERVER_ID ); - std::string sql = stringtf("SELECT `Name` FROM `Servers` WHERE `Id`='%d'", staticConfig.SERVER_ID ); + Debug(1, "Fetching ZM_SERVER_NAME For Id = %d", staticConfig.SERVER_ID); + std::string sql = stringtf("SELECT `Name` FROM `Servers` WHERE `Id`='%d'", staticConfig.SERVER_ID); zmDbRow dbrow; - if ( dbrow.fetch( sql.c_str() ) ) { + if ( dbrow.fetch(sql.c_str()) ) { staticConfig.SERVER_NAME = std::string(dbrow[0]); } else { - Fatal("Can't get ServerName for Server ID %d", staticConfig.SERVER_ID ); + Fatal("Can't get ServerName for Server ID %d", staticConfig.SERVER_ID); } if ( staticConfig.SERVER_ID ) { - Debug( 3, "Multi-server configuration detected. Server is %d.", staticConfig.SERVER_ID ); + Debug(3, "Multi-server configuration detected. Server is %d.", staticConfig.SERVER_ID); } else { - Debug( 3, "Single server configuration assumed because no Server ID or Name was specified." ); + Debug(3, "Single server configuration assumed because no Server ID or Name was specified."); } } - snprintf( staticConfig.capture_file_format, sizeof(staticConfig.capture_file_format), "%%s/%%0%dd-capture.jpg", config.event_image_digits ); - snprintf( staticConfig.analyse_file_format, sizeof(staticConfig.analyse_file_format), "%%s/%%0%dd-analyse.jpg", config.event_image_digits ); - snprintf( staticConfig.general_file_format, sizeof(staticConfig.general_file_format), "%%s/%%0%dd-%%s", config.event_image_digits ); - snprintf( staticConfig.video_file_format, sizeof(staticConfig.video_file_format), "%%s/%%s"); + snprintf(staticConfig.capture_file_format, sizeof(staticConfig.capture_file_format), "%%s/%%0%dd-capture.jpg", config.event_image_digits); + snprintf(staticConfig.analyse_file_format, sizeof(staticConfig.analyse_file_format), "%%s/%%0%dd-analyse.jpg", config.event_image_digits); + snprintf(staticConfig.general_file_format, sizeof(staticConfig.general_file_format), "%%s/%%0%dd-%%s", config.event_image_digits); + snprintf(staticConfig.video_file_format, sizeof(staticConfig.video_file_format), "%%s/%%s"); } -void process_configfile( char* configFile) { +void process_configfile(char* configFile) { FILE *cfg; char line[512]; - if ( (cfg = fopen( configFile, "r")) == NULL ) { - Fatal( "Can't open %s: %s", configFile, strerror(errno) ); + if ( (cfg = fopen(configFile, "r")) == NULL ) { + Fatal("Can't open %s: %s", configFile, strerror(errno)); return; } - while ( fgets( line, sizeof(line), cfg ) != NULL ) { + while ( fgets(line, sizeof(line), cfg) != NULL ) { char *line_ptr = line; // Trim off any cr/lf line endings - int chomp_len = strcspn( line_ptr, "\r\n" ); + int chomp_len = strcspn(line_ptr, "\r\n"); line_ptr[chomp_len] = '\0'; // Remove leading white space - int white_len = strspn( line_ptr, " \t" ); + int white_len = strspn(line_ptr, " \t"); line_ptr += white_len; // Check for comment or empty line @@ -131,9 +136,9 @@ void process_configfile( char* configFile) { } // Now look for the '=' in the middle of the line - temp_ptr = strchr( line_ptr, '=' ); + temp_ptr = strchr(line_ptr, '='); if ( !temp_ptr ) { - Warning( "Invalid data in %s: '%s'", configFile, line ); + Warning("Invalid data in %s: '%s'", configFile, line); continue; } @@ -148,49 +153,49 @@ void process_configfile( char* configFile) { } while ( *temp_ptr == ' ' || *temp_ptr == '\t' ); // Remove leading white space and leading quotes from the value part - white_len = strspn( val_ptr, " \t" ); - white_len += strspn( val_ptr, "\'\"" ); + white_len = strspn(val_ptr, " \t"); + white_len += strspn(val_ptr, "\'\""); val_ptr += white_len; - if ( strcasecmp( name_ptr, "ZM_DB_HOST" ) == 0 ) + if ( strcasecmp(name_ptr, "ZM_DB_HOST") == 0 ) staticConfig.DB_HOST = std::string(val_ptr); - else if ( strcasecmp( name_ptr, "ZM_DB_NAME" ) == 0 ) + else if ( strcasecmp(name_ptr, "ZM_DB_NAME") == 0 ) staticConfig.DB_NAME = std::string(val_ptr); - else if ( strcasecmp( name_ptr, "ZM_DB_USER" ) == 0 ) + else if ( strcasecmp(name_ptr, "ZM_DB_USER") == 0 ) staticConfig.DB_USER = std::string(val_ptr); - else if ( strcasecmp( name_ptr, "ZM_DB_PASS" ) == 0 ) + else if ( strcasecmp(name_ptr, "ZM_DB_PASS") == 0 ) staticConfig.DB_PASS = std::string(val_ptr); - else if ( strcasecmp( name_ptr, "ZM_DB_SSL_CA_CERT" ) == 0 ) + else if ( strcasecmp(name_ptr, "ZM_DB_SSL_CA_CERT") == 0 ) staticConfig.DB_SSL_CA_CERT = std::string(val_ptr); - else if ( strcasecmp( name_ptr, "ZM_DB_SSL_CLIENT_KEY" ) == 0 ) + else if ( strcasecmp(name_ptr, "ZM_DB_SSL_CLIENT_KEY") == 0 ) staticConfig.DB_SSL_CLIENT_KEY = std::string(val_ptr); - else if ( strcasecmp( name_ptr, "ZM_DB_SSL_CLIENT_CERT" ) == 0 ) + else if ( strcasecmp(name_ptr, "ZM_DB_SSL_CLIENT_CERT") == 0 ) staticConfig.DB_SSL_CLIENT_CERT = std::string(val_ptr); - else if ( strcasecmp( name_ptr, "ZM_PATH_WEB" ) == 0 ) + else if ( strcasecmp(name_ptr, "ZM_PATH_WEB") == 0 ) staticConfig.PATH_WEB = std::string(val_ptr); - else if ( strcasecmp( name_ptr, "ZM_SERVER_HOST" ) == 0 ) + else if ( strcasecmp(name_ptr, "ZM_SERVER_HOST") == 0 ) staticConfig.SERVER_NAME = std::string(val_ptr); - else if ( strcasecmp( name_ptr, "ZM_SERVER_NAME" ) == 0 ) + else if ( strcasecmp(name_ptr, "ZM_SERVER_NAME") == 0 ) staticConfig.SERVER_NAME = std::string(val_ptr); - else if ( strcasecmp( name_ptr, "ZM_SERVER_ID" ) == 0 ) + else if ( strcasecmp(name_ptr, "ZM_SERVER_ID") == 0 ) staticConfig.SERVER_ID = atoi(val_ptr); - else if ( strcasecmp( name_ptr, "ZM_DIR_EVENTS" ) == 0 ) + else if ( strcasecmp(name_ptr, "ZM_DIR_EVENTS") == 0 ) staticConfig.DIR_EVENTS = std::string(val_ptr); - else if ( strcasecmp( name_ptr, "ZM_DIR_SOUNDS" ) == 0 ) + else if ( strcasecmp(name_ptr, "ZM_DIR_SOUNDS") == 0 ) staticConfig.DIR_SOUNDS = std::string(val_ptr); - else if ( strcasecmp( name_ptr, "ZM_DIR_EXPORTS" ) == 0 ) + else if ( strcasecmp(name_ptr, "ZM_DIR_EXPORTS") == 0 ) staticConfig.DIR_EXPORTS = std::string(val_ptr); - else if ( strcasecmp( name_ptr, "ZM_PATH_ZMS" ) == 0 ) + else if ( strcasecmp(name_ptr, "ZM_PATH_ZMS") == 0 ) staticConfig.PATH_ZMS = std::string(val_ptr); - else if ( strcasecmp( name_ptr, "ZM_PATH_MAP" ) == 0 ) + else if ( strcasecmp(name_ptr, "ZM_PATH_MAP") == 0 ) staticConfig.PATH_MAP = std::string(val_ptr); - else if ( strcasecmp( name_ptr, "ZM_PATH_SOCKS" ) == 0 ) + else if ( strcasecmp(name_ptr, "ZM_PATH_SOCKS") == 0 ) staticConfig.PATH_SOCKS = std::string(val_ptr); - else if ( strcasecmp( name_ptr, "ZM_PATH_LOGS" ) == 0 ) + else if ( strcasecmp(name_ptr, "ZM_PATH_LOGS") == 0 ) staticConfig.PATH_LOGS = std::string(val_ptr); - else if ( strcasecmp( name_ptr, "ZM_PATH_SWAP" ) == 0 ) + else if ( strcasecmp(name_ptr, "ZM_PATH_SWAP") == 0 ) staticConfig.PATH_SWAP = std::string(val_ptr); - else if ( strcasecmp( name_ptr, "ZM_PATH_ARP" ) == 0 ) + else if ( strcasecmp(name_ptr, "ZM_PATH_ARP") == 0 ) staticConfig.PATH_ARP = std::string(val_ptr); else { // We ignore this now as there may be more parameters than the @@ -198,18 +203,18 @@ void process_configfile( char* configFile) { // Warning( "Invalid parameter '%s' in %s", name_ptr, ZM_CONFIG ); } } // end foreach line of the config - fclose( cfg ); + fclose(cfg); } StaticConfig staticConfig; -ConfigItem::ConfigItem( const char *p_name, const char *p_value, const char *const p_type ) { +ConfigItem::ConfigItem(const char *p_name, const char *p_value, const char *const p_type) { name = new char[strlen(p_name)+1]; - strcpy( name, p_name ); + strcpy(name, p_name); value = new char[strlen(p_value)+1]; - strcpy( value, p_value ); + strcpy(value, p_value); type = new char[strlen(p_type)+1]; - strcpy( type, p_type ); + strcpy(type, p_type); //Info( "Created new config item %s = %s (%s)\n", name, value, type ); @@ -217,28 +222,28 @@ ConfigItem::ConfigItem( const char *p_name, const char *p_value, const char *con accessed = false; } -ConfigItem::ConfigItem( const ConfigItem &item ) { +ConfigItem::ConfigItem(const ConfigItem &item) { name = new char[strlen(item.name)+1]; - strcpy( name, item.name ); + strcpy(name, item.name); value = new char[strlen(item.value)+1]; - strcpy( value, item.value ); + strcpy(value, item.value); type = new char[strlen(item.type)+1]; - strcpy( type, item.type ); + strcpy(type, item.type); //Info( "Created new config item %s = %s (%s)\n", name, value, type ); accessed = false; } -void ConfigItem::Copy( const ConfigItem &item ) { +void ConfigItem::Copy(const ConfigItem &item) { if (name) delete name; name = new char[strlen(item.name)+1]; - strcpy( name, item.name ); + strcpy(name, item.name); if (value) delete value; value = new char[strlen(item.value)+1]; - strcpy( value, item.value ); + strcpy(value, item.value); if (type) delete type; type = new char[strlen(item.type)+1]; - strcpy( type, item.type ); + strcpy(type, item.type); //Info( "Created new config item %s = %s (%s)\n", name, value, type ); accessed = false; @@ -253,16 +258,16 @@ ConfigItem::~ConfigItem() { void ConfigItem::ConvertValue() const { if ( !strcmp( type, "boolean" ) ) { cfg_type = CFG_BOOLEAN; - cfg_value.boolean_value = (bool)strtol( value, 0, 0 ); - } else if ( !strcmp( type, "integer" ) ) { + cfg_value.boolean_value = (bool)strtol(value, 0, 0); + } else if ( !strcmp(type, "integer") ) { cfg_type = CFG_INTEGER; - cfg_value.integer_value = strtol( value, 0, 10 ); - } else if ( !strcmp( type, "hexadecimal" ) ) { + cfg_value.integer_value = strtol(value, 0, 10); + } else if ( !strcmp(type, "hexadecimal") ) { cfg_type = CFG_INTEGER; - cfg_value.integer_value = strtol( value, 0, 16 ); - } else if ( !strcmp( type, "decimal" ) ) { + cfg_value.integer_value = strtol(value, 0, 16); + } else if ( !strcmp(type, "decimal") ) { cfg_type = CFG_DECIMAL; - cfg_value.decimal_value = strtod( value, 0 ); + cfg_value.decimal_value = strtod(value, 0); } else { cfg_type = CFG_STRING; cfg_value.string_value = value; @@ -275,11 +280,11 @@ bool ConfigItem::BooleanValue() const { ConvertValue(); if ( cfg_type != CFG_BOOLEAN ) { - Error( "Attempt to fetch boolean value for %s, actual type is %s. Try running 'zmupdate.pl -f' to reload config.", name, type ); - exit( -1 ); + Error("Attempt to fetch boolean value for %s, actual type is %s. Try running 'zmupdate.pl -f' to reload config.", name, type); + exit(-1); } - return( cfg_value.boolean_value ); + return cfg_value.boolean_value; } int ConfigItem::IntegerValue() const { @@ -287,11 +292,11 @@ int ConfigItem::IntegerValue() const { ConvertValue(); if ( cfg_type != CFG_INTEGER ) { - Error( "Attempt to fetch integer value for %s, actual type is %s. Try running 'zmupdate.pl -f' to reload config.", name, type ); - exit( -1 ); + Error("Attempt to fetch integer value for %s, actual type is %s. Try running 'zmupdate.pl -f' to reload config.", name, type); + exit(-1); } - return( cfg_value.integer_value ); + return cfg_value.integer_value; } double ConfigItem::DecimalValue() const { @@ -299,11 +304,11 @@ double ConfigItem::DecimalValue() const { ConvertValue(); if ( cfg_type != CFG_DECIMAL ) { - Error( "Attempt to fetch decimal value for %s, actual type is %s. Try running 'zmupdate.pl -f' to reload config.", name, type ); - exit( -1 ); + Error("Attempt to fetch decimal value for %s, actual type is %s. Try running 'zmupdate.pl -f' to reload config.", name, type); + exit(-1); } - return( cfg_value.decimal_value ); + return cfg_value.decimal_value; } const char *ConfigItem::StringValue() const { @@ -311,11 +316,11 @@ const char *ConfigItem::StringValue() const { ConvertValue(); if ( cfg_type != CFG_STRING ) { - Error( "Attempt to fetch string value for %s, actual type is %s. Try running 'zmupdate.pl -f' to reload config.", name, type ); - exit( -1 ); + Error("Attempt to fetch string value for %s, actual type is %s. Try running 'zmupdate.pl -f' to reload config.", name, type); + exit(-1); } - return( cfg_value.string_value ); + return cfg_value.string_value; } Config::Config() { @@ -337,54 +342,54 @@ Config::~Config() { void Config::Load() { static char sql[ZM_SQL_SML_BUFSIZ]; - strncpy( sql, "select Name, Value, Type from Config order by Id", sizeof(sql) ); - if ( mysql_query( &dbconn, sql ) ) { - Error( "Can't run query: %s", mysql_error( &dbconn ) ); - exit( mysql_errno( &dbconn ) ); + strncpy(sql, "SELECT `Name`, `Value`, `Type` FROM `Config` ORDER BY `Id`", sizeof(sql) ); + if ( mysql_query(&dbconn, sql) ) { + Error("Can't run query: %s", mysql_error(&dbconn)); + exit(mysql_errno(&dbconn)); } - MYSQL_RES *result = mysql_store_result( &dbconn ); + MYSQL_RES *result = mysql_store_result(&dbconn); if ( !result ) { - Error( "Can't use query result: %s", mysql_error( &dbconn ) ); - exit( mysql_errno( &dbconn ) ); + Error("Can't use query result: %s", mysql_error(&dbconn)); + exit(mysql_errno(&dbconn)); } - n_items = mysql_num_rows( result ); + n_items = mysql_num_rows(result); if ( n_items <= ZM_MAX_CFG_ID ) { - Error( "Config mismatch, expected %d items, read %d. Try running 'zmupdate.pl -f' to reload config.", ZM_MAX_CFG_ID+1, n_items ); - exit( -1 ); + Error("Config mismatch, expected %d items, read %d. Try running 'zmupdate.pl -f' to reload config.", ZM_MAX_CFG_ID+1, n_items); + exit(-1); } items = new ConfigItem *[n_items]; - for( int i = 0; MYSQL_ROW dbrow = mysql_fetch_row( result ); i++ ) { - items[i] = new ConfigItem( dbrow[0], dbrow[1], dbrow[2] ); + for( int i = 0; MYSQL_ROW dbrow = mysql_fetch_row(result); i++ ) { + items[i] = new ConfigItem(dbrow[0], dbrow[1], dbrow[2]); } - mysql_free_result( result ); + mysql_free_result(result); } void Config::Assign() { ZM_CFG_ASSIGN_LIST } -const ConfigItem &Config::Item( int id ) { +const ConfigItem &Config::Item(int id) { if ( !n_items ) { Load(); Assign(); } if ( id < 0 || id > ZM_MAX_CFG_ID ) { - Error( "Attempt to access invalid config, id = %d. Try running 'zmupdate.pl -f' to reload config.", id ); - exit( -1 ); + Error("Attempt to access invalid config, id = %d. Try running 'zmupdate.pl -f' to reload config.", id); + exit(-1); } ConfigItem *item = items[id]; if ( !item ) { - Error( "Can't find config item %d", id ); - exit( -1 ); + Error("Can't find config item %d", id); + exit(-1); } - return( *item ); + return *item; } Config config; From cbf99313719e137f7a426de54679e0a8b77f3a99 Mon Sep 17 00:00:00 2001 From: Isaac Connor Date: Tue, 17 Sep 2019 10:29:30 -0400 Subject: [PATCH 553/922] Don't log about calling dbConnect when already connected. We make this call in zm_logger, it is just going to have to be acceptable to call it multiple times. --- src/zm_db.cpp | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/src/zm_db.cpp b/src/zm_db.cpp index 806ef8e5c..77c149f03 100644 --- a/src/zm_db.cpp +++ b/src/zm_db.cpp @@ -32,7 +32,7 @@ bool zmDbConnect() { // For some reason having these lines causes memory corruption and crashing on newer debian/ubuntu // But they really need to be here in order to prevent a double open of mysql if ( zmDbConnected ) { - Warning("Calling zmDbConnect when already connected"); + //Warning("Calling zmDbConnect when already connected"); return true; } From c8934dac7f4cb0834bdbddd27d8e81029647bbc7 Mon Sep 17 00:00:00 2001 From: Isaac Connor Date: Tue, 17 Sep 2019 10:30:00 -0400 Subject: [PATCH 554/922] Remove useless debug --- src/zm_event.cpp | 3 +-- 1 file changed, 1 insertion(+), 2 deletions(-) diff --git a/src/zm_event.cpp b/src/zm_event.cpp index ef39dfa7a..a4117729c 100644 --- a/src/zm_event.cpp +++ b/src/zm_event.cpp @@ -294,7 +294,6 @@ bool Event::WriteFrameImage(Image *image, struct timeval timestamp, const char * int thisquality = ( alarm_frame && (config.jpeg_alarm_file_quality > config.jpeg_file_quality) ) ? config.jpeg_alarm_file_quality : 0 ; // quality to use, zero is default bool rc; -Debug(3, "Writing image to %s", event_file); if ( !config.timestamp_on_capture ) { // stash the image we plan to use in another pointer regardless if timestamped. @@ -550,7 +549,7 @@ void Event::AddFrame(Image *image, struct timeval timestamp, int score, Image *a static char event_file[PATH_MAX]; snprintf(event_file, sizeof(event_file), staticConfig.capture_file_format, path, frames); Debug(1, "Writing capture frame %d to %s", frames, event_file); - if ( ! WriteFrameImage(image, timestamp, event_file) ) { + if ( !WriteFrameImage(image, timestamp, event_file) ) { Error("Failed to write frame image"); } } else { From 4509c6a2391a03d1c8234a6b98f7e5ce15381a4c Mon Sep 17 00:00:00 2001 From: Isaac Connor Date: Tue, 17 Sep 2019 10:31:31 -0400 Subject: [PATCH 555/922] Don't set rtsp options unless we are using rtsp. Should prevent everyone from reporting the warning about unsupported options. Note that I removed some extra includs that have no business in zm_ffmpeg_camera. --- src/zm_ffmpeg_camera.cpp | 33 ++++++++++++++++++--------------- 1 file changed, 18 insertions(+), 15 deletions(-) diff --git a/src/zm_ffmpeg_camera.cpp b/src/zm_ffmpeg_camera.cpp index fc72aff53..3a1d7bb70 100644 --- a/src/zm_ffmpeg_camera.cpp +++ b/src/zm_ffmpeg_camera.cpp @@ -19,6 +19,7 @@ #include "zm.h" #include "zm_signal.h" +#include "zm_utils.h" #if HAVE_LIBAVFORMAT @@ -35,11 +36,6 @@ extern "C" { #define AV_ERROR_MAX_STRING_SIZE 64 #endif -#ifdef SOLARIS -#include // for ESRCH -#include -#include -#endif #include @@ -338,16 +334,20 @@ int FfmpegCamera::OpenFfmpeg() { // Set transport method as specified by method field, rtpUni is default const std::string method = Method(); - if ( method == "rtpMulti" ) { - ret = av_dict_set(&opts, "rtsp_transport", "udp_multicast", 0); - } else if ( method == "rtpRtsp" ) { - ret = av_dict_set(&opts, "rtsp_transport", "tcp", 0); - } else if ( method == "rtpRtspHttp" ) { - ret = av_dict_set(&opts, "rtsp_transport", "http", 0); - } else if ( method == "rtpUni" ) { - ret = av_dict_set(&opts, "rtsp_transport", "udp", 0); - } else { - Warning("Unknown method (%s)", method.c_str()); + std::string protocol = method.substr(0,4); + string_toupper(protocol); + if ( protocol == "RTSP" ) { + if ( method == "rtpMulti" ) { + ret = av_dict_set(&opts, "rtsp_transport", "udp_multicast", 0); + } else if ( method == "rtpRtsp" ) { + ret = av_dict_set(&opts, "rtsp_transport", "tcp", 0); + } else if ( method == "rtpRtspHttp" ) { + ret = av_dict_set(&opts, "rtsp_transport", "http", 0); + } else if ( method == "rtpUni" ) { + ret = av_dict_set(&opts, "rtsp_transport", "udp", 0); + } else { + Warning("Unknown method (%s)", method.c_str()); + } } // #av_dict_set(&opts, "timeout", "10000000", 0); // in microseconds. @@ -650,6 +650,9 @@ int FfmpegCamera::OpenFfmpeg() { ) { Warning("Monitor dimensions are %dx%d but camera is sending %dx%d", width, height, mVideoCodecContext->width, mVideoCodecContext->height); + } else { + Warning("Monitor dimensions are %dx%d and camera is sending %dx%d", + width, height, mVideoCodecContext->width, mVideoCodecContext->height); } mCanCapture = true; From 9a3765f6aaa228daa957a0e02732cfbe829581fe Mon Sep 17 00:00:00 2001 From: Isaac Connor Date: Tue, 17 Sep 2019 10:31:48 -0400 Subject: [PATCH 556/922] spacing and google code style --- src/zm_image.cpp | 398 +++++++++++++++++++++++------------------------ 1 file changed, 191 insertions(+), 207 deletions(-) diff --git a/src/zm_image.cpp b/src/zm_image.cpp index f8ad1ab70..9cf4ada94 100644 --- a/src/zm_image.cpp +++ b/src/zm_image.cpp @@ -1,21 +1,21 @@ // // ZoneMinder Image Class Implementation, $Date$, $Revision$ // Copyright (C) 2001-2008 Philip Coombes -// +// // This program is free software; you can redistribute it and/or // modify it under the terms of the GNU General Public License // as published by the Free Software Foundation; either version 2 // of the License, or (at your option) any later version. -// +// // This program is distributed in the hope that it will be useful, // but WITHOUT ANY WARRANTY; without even the implied warranty of // MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the // GNU General Public License for more details. -// +// // You should have received a copy of the GNU General Public License // along with this program; if not, write to the Free Software // Foundation, Inc., 51 Franklin Street, Fifth Floor, Boston, MA 02110-1301 USA. -// +// #include "zm.h" #include "zm_font.h" #include "zm_bigfont.h" @@ -126,7 +126,7 @@ Image::Image( const char *filename ) { height = 0; pixels = 0; colours = 0; - subpixelorder = 0; + subpixelorder = 0; size = 0; allocation = 0; buffer = 0; @@ -279,7 +279,7 @@ void Image::Initialise() { fptr_blend = &std_blend; Debug(4,"Blend: Using standard blend function"); } - + __attribute__((aligned(64))) uint8_t blend1[128] = { 86,58,54,63,149,62,209,34,148,46,186,176,9,236,193,254,113,146,228,220,123,164,92,98,9,72,67,156,63,118,96,167, 48,224,106,176,201,245,223,219,198,50,100,31,68,77,33,76,166,90,254,128,191,82,84,32,3,171,147,248,14,196,141,179, @@ -413,7 +413,7 @@ void Image::Initialise() { } } - /* + /* SSSE3 deinterlacing functions were removed because they were usually equal or slower than the standard code (compiled with -O2 or better) The function is too complicated to be vectorized efficiently on SSSE3 @@ -528,7 +528,7 @@ uint8_t* Image::WriteBuffer(const unsigned int p_width, const unsigned int p_hei size = newsize; } // end if need to re-alloc buffer - return buffer; + return buffer; } /* Assign an existing buffer to the image instead of copying from a source buffer. The goal is to reduce the amount of memory copying and increase efficiency and buffer reusing. */ @@ -623,7 +623,7 @@ void Image::Assign(const unsigned int p_width, const unsigned int p_height, cons return; } } else { - if ( new_size > allocation || !buffer ) { + if ( new_size > allocation || !buffer ) { DumpImgBuffer(); AllocImgBuffer(new_size); } @@ -663,7 +663,7 @@ void Image::Assign( const Image &image ) { return; } } else { - if(new_size > allocation || !buffer) { + if(new_size > allocation || !buffer) { // DumpImgBuffer(); This is also done in AllocImgBuffer AllocImgBuffer(new_size); } @@ -802,25 +802,25 @@ bool Image::ReadRaw( const char *filename ) { return false; } - fclose( infile ); + fclose(infile); return true; } -bool Image::WriteRaw( const char *filename ) const { +bool Image::WriteRaw(const char *filename) const { FILE *outfile; - if ( (outfile = fopen( filename, "wb" )) == NULL ) { - Error( "Can't open %s: %s", filename, strerror(errno) ); + if ( (outfile = fopen(filename, "wb")) == NULL ) { + Error("Can't open %s: %s", filename, strerror(errno)); return false; } if ( fwrite( buffer, size, 1, outfile ) != 1 ) { - Error( "Unable to write to '%s': %s", filename, strerror(errno) ); - fclose( outfile ); + Error("Unable to write to '%s': %s", filename, strerror(errno)); + fclose(outfile); return false; } - fclose( outfile ); + fclose(outfile); return true; } @@ -885,13 +885,13 @@ bool Image::ReadJpeg(const char *filename, unsigned int p_colours, unsigned int { #ifdef JCS_EXTENSIONS new_colours = ZM_COLOUR_RGB32; - if(p_subpixelorder == ZM_SUBPIX_ORDER_BGRA) { + if ( p_subpixelorder == ZM_SUBPIX_ORDER_BGRA ) { cinfo->out_color_space = JCS_EXT_BGRX; new_subpixelorder = ZM_SUBPIX_ORDER_BGRA; - } else if(p_subpixelorder == ZM_SUBPIX_ORDER_ARGB) { + } else if ( p_subpixelorder == ZM_SUBPIX_ORDER_ARGB ) { cinfo->out_color_space = JCS_EXT_XRGB; new_subpixelorder = ZM_SUBPIX_ORDER_ARGB; - } else if(p_subpixelorder == ZM_SUBPIX_ORDER_ABGR) { + } else if ( p_subpixelorder == ZM_SUBPIX_ORDER_ABGR ) { cinfo->out_color_space = JCS_EXT_XBGR; new_subpixelorder = ZM_SUBPIX_ORDER_ABGR; } else { @@ -899,7 +899,7 @@ bool Image::ReadJpeg(const char *filename, unsigned int p_colours, unsigned int cinfo->out_color_space = JCS_EXT_RGBX; new_subpixelorder = ZM_SUBPIX_ORDER_RGBA; } - break; + break; #else Warning("libjpeg-turbo is required for reading a JPEG directly into a RGB32 buffer, reading into a RGB24 buffer instead."); #endif @@ -908,13 +908,13 @@ bool Image::ReadJpeg(const char *filename, unsigned int p_colours, unsigned int default: { new_colours = ZM_COLOUR_RGB24; - if(p_subpixelorder == ZM_SUBPIX_ORDER_BGR) { -#ifdef JCS_EXTENSIONS - cinfo->out_color_space = JCS_EXT_BGR; + if ( p_subpixelorder == ZM_SUBPIX_ORDER_BGR ) { +#ifdef JCS_EXTENSIONS + cinfo->out_color_space = JCS_EXT_BGR; new_subpixelorder = ZM_SUBPIX_ORDER_BGR; #else - Warning("libjpeg-turbo is required for reading a JPEG directly into a BGR24 buffer, reading into a RGB24 buffer instead."); - cinfo->out_color_space = JCS_RGB; + Warning("libjpeg-turbo is required for reading a JPEG directly into a BGR24 buffer, reading into a RGB24 buffer instead."); + cinfo->out_color_space = JCS_RGB; new_subpixelorder = ZM_SUBPIX_ORDER_RGB; #endif } else { @@ -933,28 +933,27 @@ cinfo->out_color_space = JCS_RGB; } } - if(WriteBuffer(new_width, new_height, new_colours, new_subpixelorder) == NULL) { + if ( WriteBuffer(new_width, new_height, new_colours, new_subpixelorder) == NULL ) { Error("Failed requesting writeable buffer for reading JPEG image."); - jpeg_abort_decompress( cinfo ); - fclose( infile ); - return( false ); + jpeg_abort_decompress(cinfo); + fclose(infile); + return false; } - jpeg_start_decompress( cinfo ); + jpeg_start_decompress(cinfo); JSAMPROW row_pointer; /* pointer to a single row */ int row_stride = width * colours; /* physical row width in buffer */ - while ( cinfo->output_scanline < cinfo->output_height ) - { + while ( cinfo->output_scanline < cinfo->output_height ) { row_pointer = &buffer[cinfo->output_scanline * row_stride]; - jpeg_read_scanlines( cinfo, &row_pointer, 1 ); + jpeg_read_scanlines(cinfo, &row_pointer, 1); } - jpeg_finish_decompress( cinfo ); + jpeg_finish_decompress(cinfo); - fclose( infile ); + fclose(infile); - return( true ); + return true; } // Multiple calling formats to permit inclusion (or not) of non blocking, quality_override and timestamp (exif), with suitable defaults. @@ -977,7 +976,7 @@ bool Image::WriteJpeg(const char *filename, int quality_override, struct timeval return Image::WriteJpeg(filename, quality_override, timestamp, false); } bool Image::WriteJpeg(const char *filename, int quality_override, struct timeval timestamp, bool on_blocking_abort) const { - if ( config.colour_jpeg_files && colours == ZM_COLOUR_GRAY8 ) { + if ( config.colour_jpeg_files && (colours == ZM_COLOUR_GRAY8) ) { Image temp_image(*this); temp_image.Colourise(ZM_COLOUR_RGB24, ZM_SUBPIX_ORDER_RGB); return temp_image.WriteJpeg(filename, quality_override, timestamp, on_blocking_abort); @@ -985,66 +984,63 @@ bool Image::WriteJpeg(const char *filename, int quality_override, struct timeval int quality = quality_override?quality_override:config.jpeg_file_quality; struct jpeg_compress_struct *cinfo = writejpg_ccinfo[quality]; - FILE *outfile =NULL; + FILE *outfile = NULL; static int raw_fd = 0; bool need_create_comp = false; raw_fd = 0; if ( !cinfo ) { cinfo = writejpg_ccinfo[quality] = new jpeg_compress_struct; - cinfo->err = jpeg_std_error( &jpg_err.pub ); - jpeg_create_compress( cinfo ); - need_create_comp=true; + cinfo->err = jpeg_std_error(&jpg_err.pub); + jpeg_create_compress(cinfo); + need_create_comp = true; } - if (! on_blocking_abort) { - jpg_err.pub.error_exit = zm_jpeg_error_exit; - jpg_err.pub.emit_message = zm_jpeg_emit_message; + if ( !on_blocking_abort ) { + jpg_err.pub.error_exit = zm_jpeg_error_exit; + jpg_err.pub.emit_message = zm_jpeg_emit_message; } else { jpg_err.pub.error_exit = zm_jpeg_error_silent; jpg_err.pub.emit_message = zm_jpeg_emit_silence; - if (setjmp( jpg_err.setjmp_buffer ) ) { - jpeg_abort_compress( cinfo ); - Debug( 5, "Aborted a write mid-stream and %s and %d", (outfile == NULL) ? "closing file" : "file not opened", raw_fd ); - if (raw_fd) + if ( setjmp(jpg_err.setjmp_buffer) ) { + jpeg_abort_compress(cinfo); + Debug(1, "Aborted a write mid-stream and %s and %d", (outfile == NULL) ? "closing file" : "file not opened", raw_fd); + if ( raw_fd ) close(raw_fd); - if (outfile) - fclose( outfile ); - return ( false ); + if ( outfile ) + fclose(outfile); + return false; } } - if (need_create_comp) - jpeg_create_compress( cinfo ); + if ( need_create_comp ) + jpeg_create_compress(cinfo); - if (! on_blocking_abort) { + if ( !on_blocking_abort ) { if ( (outfile = fopen(filename, "wb")) == NULL ) { - Error( "Can't open %s for writing: %s", filename, strerror(errno) ); + Error("Can't open %s for writing: %s", filename, strerror(errno)); return false; } } else { - raw_fd = open(filename,O_WRONLY|O_NONBLOCK|O_CREAT|O_TRUNC,S_IRUSR|S_IWUSR|S_IRGRP|S_IROTH); - if (raw_fd < 0) - return ( false ); - outfile = fdopen(raw_fd,"wb"); - if (outfile == NULL) { + raw_fd = open(filename, O_WRONLY|O_NONBLOCK|O_CREAT|O_TRUNC,S_IRUSR|S_IWUSR|S_IRGRP|S_IROTH); + if ( raw_fd < 0 ) + return false; + outfile = fdopen(raw_fd, "wb"); + if ( outfile == NULL ) { close(raw_fd); - return( false ); + return false; } } - jpeg_stdio_dest( cinfo, outfile ); + jpeg_stdio_dest(cinfo, outfile); cinfo->image_width = width; /* image width and height, in pixels */ cinfo->image_height = height; - switch(colours) { + switch (colours) { case ZM_COLOUR_GRAY8: - { cinfo->input_components = 1; cinfo->in_color_space = JCS_GRAYSCALE; break; - } case ZM_COLOUR_RGB32: - { #ifdef JCS_EXTENSIONS cinfo->input_components = 4; if ( subpixelorder == ZM_SUBPIX_ORDER_BGRA ) { @@ -1056,27 +1052,25 @@ bool Image::WriteJpeg(const char *filename, int quality_override, struct timeval } else { /* Assume RGBA */ cinfo->in_color_space = JCS_EXT_RGBX; - } + } + break; #else Error("libjpeg-turbo is required for JPEG encoding directly from RGB32 source"); - jpeg_abort_compress( cinfo ); + jpeg_abort_compress(cinfo); fclose(outfile); return false; #endif - break; - } case ZM_COLOUR_RGB24: default: - { cinfo->input_components = 3; if ( subpixelorder == ZM_SUBPIX_ORDER_BGR) { -#ifdef JCS_EXTENSIONS +#ifdef JCS_EXTENSIONS cinfo->in_color_space = JCS_EXT_BGR; #else Error("libjpeg-turbo is required for JPEG encoding directly from BGR24 source"); - jpeg_abort_compress( cinfo ); + jpeg_abort_compress(cinfo); fclose(outfile); - return false; + return false; #endif } else { /* Assume RGB */ @@ -1090,16 +1084,15 @@ cinfo->out_color_space = JCS_RGB; cinfo->in_color_space = JCS_RGB; } break; - } - } + } // end switch(colours) - jpeg_set_defaults( cinfo ); - jpeg_set_quality( cinfo, quality, FALSE ); + jpeg_set_defaults(cinfo); + jpeg_set_quality(cinfo, quality, FALSE); cinfo->dct_method = JDCT_FASTEST; - jpeg_start_compress( cinfo, TRUE ); + jpeg_start_compress(cinfo, TRUE); if ( config.add_jpeg_comments && text[0] ) { - jpeg_write_marker( cinfo, JPEG_COM, (const JOCTET *)text, strlen(text) ); + jpeg_write_marker(cinfo, JPEG_COM, (const JOCTET *)text, strlen(text)); } // If we have a non-zero time (meaning a parameter was passed in), then form a simple exif segment with that time as DateTimeOriginal and SubsecTimeOriginal // No timestamp just leave off the exif section. @@ -1123,14 +1116,14 @@ cinfo->out_color_space = JCS_RGB; 0xff, 0x00 }; memcpy(&exiftimes[EXIFTIMES_OFFSET], timebuf,EXIFTIMES_LEN); memcpy(&exiftimes[EXIFTIMES_MS_OFFSET], msbuf, EXIFTIMES_MS_LEN); - jpeg_write_marker( cinfo, EXIF_CODE, (const JOCTET *)exiftimes, sizeof(exiftimes) ); + jpeg_write_marker(cinfo, EXIF_CODE, (const JOCTET *)exiftimes, sizeof(exiftimes)); } JSAMPROW row_pointer; /* pointer to a single row */ int row_stride = cinfo->image_width * colours; /* physical row width in buffer */ while ( cinfo->next_scanline < cinfo->image_height ) { row_pointer = &buffer[cinfo->next_scanline * row_stride]; - jpeg_write_scanlines( cinfo, &row_pointer, 1 ); + jpeg_write_scanlines(cinfo, &row_pointer, 1); } jpeg_finish_compress(cinfo); @@ -1140,13 +1133,16 @@ cinfo->out_color_space = JCS_RGB; return true; } -bool Image::DecodeJpeg( const JOCTET *inbuffer, int inbuffer_size, unsigned int p_colours, unsigned int p_subpixelorder) +bool Image::DecodeJpeg( + const JOCTET *inbuffer, + int inbuffer_size, + unsigned int p_colours, + unsigned int p_subpixelorder) { unsigned int new_width, new_height, new_colours, new_subpixelorder; struct jpeg_decompress_struct *cinfo = decodejpg_dcinfo; - if ( !cinfo ) - { + if ( !cinfo ) { cinfo = decodejpg_dcinfo = new jpeg_decompress_struct; cinfo->err = jpeg_std_error( &jpg_err.pub ); jpg_err.pub.error_exit = zm_jpeg_error_exit; @@ -1154,25 +1150,24 @@ bool Image::DecodeJpeg( const JOCTET *inbuffer, int inbuffer_size, unsigned int jpeg_create_decompress( cinfo ); } - if ( setjmp( jpg_err.setjmp_buffer ) ) - { - jpeg_abort_decompress( cinfo ); - return( false ); + if ( setjmp(jpg_err.setjmp_buffer) ) { + jpeg_abort_decompress(cinfo); + return false; } - zm_jpeg_mem_src( cinfo, inbuffer, inbuffer_size ); + zm_jpeg_mem_src(cinfo, inbuffer, inbuffer_size); - jpeg_read_header( cinfo, TRUE ); + jpeg_read_header(cinfo, TRUE); - if ( cinfo->num_components != 1 && cinfo->num_components != 3 ) { - Error( "Unexpected colours when reading jpeg image: %d", colours ); - jpeg_abort_decompress( cinfo ); - return( false ); + if ( (cinfo->num_components != 1) && (cinfo->num_components != 3) ) { + Error("Unexpected colours when reading jpeg image: %d", colours); + jpeg_abort_decompress(cinfo); + return false; } /* Check if the image has at least one huffman table defined. If not, use the standard ones */ /* This is required for the MJPEG capture palette of USB devices */ - if(cinfo->dc_huff_tbl_ptrs[0] == NULL) { + if ( cinfo->dc_huff_tbl_ptrs[0] == NULL ) { zm_use_std_huff_tables(cinfo); } @@ -1180,28 +1175,26 @@ bool Image::DecodeJpeg( const JOCTET *inbuffer, int inbuffer_size, unsigned int new_height = cinfo->image_height; if ( width != new_width || height != new_height ) { - Debug(9,"Image dimensions differ. Old: %ux%u New: %ux%u",width,height,new_width,new_height); + Debug(9, "Image dimensions differ. Old: %ux%u New: %ux%u", + width, height, new_width, new_height); } - switch(p_colours) { + switch (p_colours) { case ZM_COLOUR_GRAY8: - { cinfo->out_color_space = JCS_GRAYSCALE; new_colours = ZM_COLOUR_GRAY8; new_subpixelorder = ZM_SUBPIX_ORDER_NONE; break; - } case ZM_COLOUR_RGB32: - { #ifdef JCS_EXTENSIONS new_colours = ZM_COLOUR_RGB32; - if(p_subpixelorder == ZM_SUBPIX_ORDER_BGRA) { + if ( p_subpixelorder == ZM_SUBPIX_ORDER_BGRA ) { cinfo->out_color_space = JCS_EXT_BGRX; new_subpixelorder = ZM_SUBPIX_ORDER_BGRA; - } else if(p_subpixelorder == ZM_SUBPIX_ORDER_ARGB) { + } else if ( p_subpixelorder == ZM_SUBPIX_ORDER_ARGB ) { cinfo->out_color_space = JCS_EXT_XRGB; new_subpixelorder = ZM_SUBPIX_ORDER_ARGB; - } else if(p_subpixelorder == ZM_SUBPIX_ORDER_ABGR) { + } else if ( p_subpixelorder == ZM_SUBPIX_ORDER_ABGR ) { cinfo->out_color_space = JCS_EXT_XBGR; new_subpixelorder = ZM_SUBPIX_ORDER_ABGR; } else { @@ -1209,22 +1202,20 @@ bool Image::DecodeJpeg( const JOCTET *inbuffer, int inbuffer_size, unsigned int cinfo->out_color_space = JCS_EXT_RGBX; new_subpixelorder = ZM_SUBPIX_ORDER_RGBA; } - break; + break; #else Warning("libjpeg-turbo is required for reading a JPEG directly into a RGB32 buffer, reading into a RGB24 buffer instead."); #endif - } case ZM_COLOUR_RGB24: default: - { new_colours = ZM_COLOUR_RGB24; - if(p_subpixelorder == ZM_SUBPIX_ORDER_BGR) { -#ifdef JCS_EXTENSIONS - cinfo->out_color_space = JCS_EXT_BGR; + if ( p_subpixelorder == ZM_SUBPIX_ORDER_BGR ) { +#ifdef JCS_EXTENSIONS + cinfo->out_color_space = JCS_EXT_BGR; new_subpixelorder = ZM_SUBPIX_ORDER_BGR; #else - Warning("libjpeg-turbo is required for reading a JPEG directly into a BGR24 buffer, reading into a RGB24 buffer instead."); - cinfo->out_color_space = JCS_RGB; + Warning("libjpeg-turbo is required for reading a JPEG directly into a BGR24 buffer, reading into a RGB24 buffer instead."); + cinfo->out_color_space = JCS_RGB; new_subpixelorder = ZM_SUBPIX_ORDER_RGB; #endif } else { @@ -1240,34 +1231,33 @@ cinfo->out_color_space = JCS_RGB; new_subpixelorder = ZM_SUBPIX_ORDER_RGB; } break; - } } // end switch - if(WriteBuffer(new_width, new_height, new_colours, new_subpixelorder) == NULL) { + if ( WriteBuffer(new_width, new_height, new_colours, new_subpixelorder) == NULL ) { Error("Failed requesting writeable buffer for reading JPEG image."); - jpeg_abort_decompress( cinfo ); - return( false ); + jpeg_abort_decompress(cinfo); + return false; } - jpeg_start_decompress( cinfo ); + jpeg_start_decompress(cinfo); JSAMPROW row_pointer; /* pointer to a single row */ int row_stride = width * colours; /* physical row width in buffer */ while ( cinfo->output_scanline < cinfo->output_height ) { row_pointer = &buffer[cinfo->output_scanline * row_stride]; - jpeg_read_scanlines( cinfo, &row_pointer, 1 ); + jpeg_read_scanlines(cinfo, &row_pointer, 1); } - jpeg_finish_decompress( cinfo ); + jpeg_finish_decompress(cinfo); return true; } -bool Image::EncodeJpeg( JOCTET *outbuffer, int *outbuffer_size, int quality_override ) const { - if ( config.colour_jpeg_files && colours == ZM_COLOUR_GRAY8 ) { - Image temp_image( *this ); - temp_image.Colourise(ZM_COLOUR_RGB24, ZM_SUBPIX_ORDER_RGB ); - return( temp_image.EncodeJpeg( outbuffer, outbuffer_size, quality_override ) ); +bool Image::EncodeJpeg(JOCTET *outbuffer, int *outbuffer_size, int quality_override) const { + if ( config.colour_jpeg_files && (colours == ZM_COLOUR_GRAY8) ) { + Image temp_image(*this); + temp_image.Colourise(ZM_COLOUR_RGB24, ZM_SUBPIX_ORDER_RGB); + return temp_image.EncodeJpeg(outbuffer, outbuffer_size, quality_override); } int quality = quality_override?quality_override:config.jpeg_stream_quality; @@ -1276,56 +1266,51 @@ bool Image::EncodeJpeg( JOCTET *outbuffer, int *outbuffer_size, int quality_over if ( !cinfo ) { cinfo = encodejpg_ccinfo[quality] = new jpeg_compress_struct; - cinfo->err = jpeg_std_error( &jpg_err.pub ); + cinfo->err = jpeg_std_error(&jpg_err.pub); jpg_err.pub.error_exit = zm_jpeg_error_exit; jpg_err.pub.emit_message = zm_jpeg_emit_message; - jpeg_create_compress( cinfo ); + jpeg_create_compress(cinfo); } - zm_jpeg_mem_dest( cinfo, outbuffer, outbuffer_size ); + zm_jpeg_mem_dest(cinfo, outbuffer, outbuffer_size); cinfo->image_width = width; /* image width and height, in pixels */ cinfo->image_height = height; - switch(colours) { + switch (colours) { case ZM_COLOUR_GRAY8: - { cinfo->input_components = 1; cinfo->in_color_space = JCS_GRAYSCALE; break; - } case ZM_COLOUR_RGB32: - { #ifdef JCS_EXTENSIONS cinfo->input_components = 4; - if(subpixelorder == ZM_SUBPIX_ORDER_BGRA) { + if ( subpixelorder == ZM_SUBPIX_ORDER_BGRA ) { cinfo->in_color_space = JCS_EXT_BGRX; - } else if(subpixelorder == ZM_SUBPIX_ORDER_ARGB) { + } else if ( subpixelorder == ZM_SUBPIX_ORDER_ARGB ) { cinfo->in_color_space = JCS_EXT_XRGB; - } else if(subpixelorder == ZM_SUBPIX_ORDER_ABGR) { + } else if ( subpixelorder == ZM_SUBPIX_ORDER_ABGR ) { cinfo->in_color_space = JCS_EXT_XBGR; } else { /* Assume RGBA */ cinfo->in_color_space = JCS_EXT_RGBX; - } + } + break; #else Error("libjpeg-turbo is required for JPEG encoding directly from RGB32 source"); - jpeg_abort_compress( cinfo ); - return(false); + jpeg_abort_compress(cinfo); + return false; #endif - break; - } case ZM_COLOUR_RGB24: default: - { cinfo->input_components = 3; - if(subpixelorder == ZM_SUBPIX_ORDER_BGR) { -#ifdef JCS_EXTENSIONS + if ( subpixelorder == ZM_SUBPIX_ORDER_BGR ) { +#ifdef JCS_EXTENSIONS cinfo->in_color_space = JCS_EXT_BGR; #else Error("libjpeg-turbo is required for JPEG encoding directly from BGR24 source"); - jpeg_abort_compress( cinfo ); - return(false); + jpeg_abort_compress(cinfo); + return false; #endif } else { /* Assume RGB */ @@ -1339,23 +1324,22 @@ cinfo->out_color_space = JCS_RGB; cinfo->in_color_space = JCS_RGB; } break; - } } // end switch - jpeg_set_defaults( cinfo ); - jpeg_set_quality( cinfo, quality, FALSE ); + jpeg_set_defaults(cinfo); + jpeg_set_quality(cinfo, quality, FALSE); cinfo->dct_method = JDCT_FASTEST; - jpeg_start_compress( cinfo, TRUE ); + jpeg_start_compress(cinfo, TRUE); JSAMPROW row_pointer; /* pointer to a single row */ int row_stride = cinfo->image_width * colours; /* physical row width in buffer */ while ( cinfo->next_scanline < cinfo->image_height ) { row_pointer = &buffer[cinfo->next_scanline * row_stride]; - jpeg_write_scanlines( cinfo, &row_pointer, 1 ); + jpeg_write_scanlines(cinfo, &row_pointer, 1); } - jpeg_finish_compress( cinfo ); + jpeg_finish_compress(cinfo); return true; } @@ -1470,7 +1454,7 @@ void Image::Overlay( const Image &image ) { Colourise(image.colours, image.subpixelorder); const Rgb* const max_ptr = (Rgb*)(buffer+size); - const Rgb* prsrc = (Rgb*)image.buffer; + const Rgb* prsrc = (Rgb*)image.buffer; Rgb* prdest = (Rgb*)buffer; if ( subpixelorder == ZM_SUBPIX_ORDER_RGBA || subpixelorder == ZM_SUBPIX_ORDER_BGRA ) { @@ -1521,7 +1505,7 @@ void Image::Overlay( const Image &image ) { } pdest += 3; psrc += 3; - } + } /* RGB32 ontop of RGB24 - TO BE DONE */ } else if ( colours == ZM_COLOUR_RGB24 && image.colours == ZM_COLOUR_RGB32 ) { @@ -1561,7 +1545,7 @@ void Image::Overlay( const Image &image ) { } else if ( colours == ZM_COLOUR_RGB32 && image.colours == ZM_COLOUR_RGB32 ) { const Rgb* const max_ptr = (Rgb*)(buffer+size); Rgb* prdest = (Rgb*)buffer; - const Rgb* prsrc = (Rgb*)image.buffer; + const Rgb* prsrc = (Rgb*)image.buffer; if ( image.subpixelorder == ZM_SUBPIX_ORDER_RGBA || image.subpixelorder == ZM_SUBPIX_ORDER_BGRA ) { /* RGB\BGR\RGBA\BGRA subpixel order - Alpha byte is last */ @@ -2035,7 +2019,7 @@ void Image::Annotate( const char *p_text, const Coord &coord, const unsigned int } } } - } + } } else { Panic("Annotate called with unexpected colours: %d",colours); @@ -2088,7 +2072,7 @@ void Image::Colourise(const unsigned int p_reqcolours, const unsigned int p_reqs newpixel = (newpixel<<8) | subpixel; newpixel = (newpixel<<8) | subpixel; pdest[i] = (newpixel<<8); - } + } } else { /* RGBA\BGRA subpixel order, alpha byte is last (mem+3) */ for ( unsigned int i=0; i < pixels; i++ ) { @@ -2128,7 +2112,7 @@ void Image::DeColourise() { size = width * height; if ( colours == ZM_COLOUR_RGB32 && config.cpu_extensions && sseversion >= 35 ) { - /* Use SSSE3 functions */ + /* Use SSSE3 functions */ switch (subpixelorder) { case ZM_SUBPIX_ORDER_BGRA: ssse3_convert_bgra_gray8(buffer,buffer,pixels); @@ -2241,7 +2225,7 @@ void Image::Fill( Rgb colour, const Box *limits ) { Rgb *p = (Rgb*)&buffer[((y*width)+lo_x)<<2]; for ( unsigned int x = lo_x; x <= (unsigned int)hi_x; x++, p++) { - /* Fast, copies the entire pixel in a single pass */ + /* Fast, copies the entire pixel in a single pass */ *p = colour; } } @@ -2294,7 +2278,7 @@ void Image::Fill( Rgb colour, int density, const Box *limits ) { *p = colour; } } - } + } } /* RGB32 compatible: complete */ @@ -2469,7 +2453,7 @@ void Image::Fill( Rgb colour, int density, const Polygon &polygon ) { } else if ( colours == ZM_COLOUR_RGB24 ) { unsigned char *p = &buffer[colours*((y*width)+lo_x)]; for ( int x = lo_x; x <= hi_x; x++, p += 3) { - if ( !(x%density) ) { + if ( !(x%density) ) { RED_PTR_RGBA(p) = RED_VAL_RGBA(colour); GREEN_PTR_RGBA(p) = GREEN_VAL_RGBA(colour); BLUE_PTR_RGBA(p) = BLUE_VAL_RGBA(colour); @@ -2675,7 +2659,7 @@ void Image::Flip( bool leftright ) { } s_ptr += line_bytes2; } - } + } } else { // Vertical flip, top to bottom unsigned char *s_ptr = buffer+(height*line_bytes); @@ -2883,7 +2867,7 @@ void Image::Deinterlace_Linear() { for (unsigned int x = 0; x < (unsigned int)width; x++) { *pcurrent++ = *pabove++; *pcurrent++ = *pabove++; - *pcurrent++ = *pabove++; + *pcurrent++ = *pabove++; *pcurrent++ = *pabove++; } } else { @@ -3068,7 +3052,7 @@ void Image::Deinterlace_4Field(const Image* next_image, unsigned int threshold) __attribute__((noinline,__target__("sse2"))) #endif void sse2_fastblend(const uint8_t* col1, const uint8_t* col2, uint8_t* result, unsigned long count, double blendpercent) { -#if ((defined(__i386__) || defined(__x86_64__) || defined(ZM_KEEP_SSE)) && !defined(ZM_STRIP_SSE)) +#if ((defined(__i386__) || defined(__x86_64__) || defined(ZM_KEEP_SSE)) && !defined(ZM_STRIP_SSE)) static uint32_t divider = 0; static uint32_t clearmask = 0; static double current_blendpercent = 0.0; @@ -3361,14 +3345,14 @@ __attribute__((noinline)) void std_blend(const uint8_t* col1, const uint8_t* col while ( result < max_ptr ) { *result++ = (*col1++ * opacity) + (*col2++ * divide); - } + } } /************************************************* DELTA FUNCTIONS *************************************************/ /* Grayscale */ __attribute__((noinline)) void fast_delta8_gray8(const uint8_t* col1, const uint8_t* col2, uint8_t* result, unsigned long count) { - /* Loop unrolling is used to work on 16 bytes (16 grayscale pixels) at a time */ + /* Loop unrolling is used to work on 16 bytes (16 grayscale pixels) at a time */ const uint8_t* const max_ptr = result + count; while(result < max_ptr) { @@ -3392,7 +3376,7 @@ __attribute__((noinline)) void fast_delta8_gray8(const uint8_t* col1, const uint col1 += 16; col2 += 16; result += 16; - } + } } __attribute__((noinline)) void std_delta8_gray8(const uint8_t* col1, const uint8_t* col2, uint8_t* result, unsigned long count) { @@ -3404,13 +3388,13 @@ __attribute__((noinline)) void std_delta8_gray8(const uint8_t* col1, const uint8 col1 += 1; col2 += 1; result += 1; - } + } } /* RGB24: RGB */ __attribute__((noinline)) void fast_delta8_rgb(const uint8_t* col1, const uint8_t* col2, uint8_t* result, unsigned long count) { /* Loop unrolling is used to work on 12 bytes (4 rgb24 pixels) at a time */ - int r,g,b; + int r,g,b; const uint8_t* const max_ptr = result + count; while(result < max_ptr) { @@ -3439,7 +3423,7 @@ __attribute__((noinline)) void fast_delta8_rgb(const uint8_t* col1, const uint8_ __attribute__((noinline)) void std_delta8_rgb(const uint8_t* col1, const uint8_t* col2, uint8_t* result, unsigned long count) { /* Loop unrolling is used to work on 12 bytes (4 rgb24 pixels) at a time */ - int r,g,b; + int r,g,b; const uint8_t* const max_ptr = result + count; while (result < max_ptr) { @@ -3457,7 +3441,7 @@ __attribute__((noinline)) void std_delta8_rgb(const uint8_t* col1, const uint8_t /* RGB24: BGR */ __attribute__((noinline)) void fast_delta8_bgr(const uint8_t* col1, const uint8_t* col2, uint8_t* result, unsigned long count) { /* Loop unrolling is used to work on 12 bytes (4 rgb24 pixels) at a time */ - int r,g,b; + int r,g,b; const uint8_t* const max_ptr = result + count; while(result < max_ptr) { @@ -3486,7 +3470,7 @@ __attribute__((noinline)) void fast_delta8_bgr(const uint8_t* col1, const uint8_ __attribute__((noinline)) void std_delta8_bgr(const uint8_t* col1, const uint8_t* col2, uint8_t* result, unsigned long count) { /* Loop unrolling is used to work on 12 bytes (4 rgb24 pixels) at a time */ - int r,g,b; + int r,g,b; const uint8_t* const max_ptr = result + count; while(result < max_ptr) { @@ -3504,7 +3488,7 @@ __attribute__((noinline)) void std_delta8_bgr(const uint8_t* col1, const uint8_t /* RGB32: RGBA */ __attribute__((noinline)) void fast_delta8_rgba(const uint8_t* col1, const uint8_t* col2, uint8_t* result, unsigned long count) { /* Loop unrolling is used to work on 16 bytes (4 rgb32 pixels) at a time */ - int r,g,b; + int r,g,b; const uint8_t* const max_ptr = result + count; while(result < max_ptr) { @@ -3533,7 +3517,7 @@ __attribute__((noinline)) void fast_delta8_rgba(const uint8_t* col1, const uint8 __attribute__((noinline)) void std_delta8_rgba(const uint8_t* col1, const uint8_t* col2, uint8_t* result, unsigned long count) { /* Loop unrolling is used to work on 16 bytes (4 rgb32 pixels) at a time */ - int r,g,b; + int r,g,b; const uint8_t* const max_ptr = result + count; while(result < max_ptr) { @@ -3551,7 +3535,7 @@ __attribute__((noinline)) void std_delta8_rgba(const uint8_t* col1, const uint8_ /* RGB32: BGRA */ __attribute__((noinline)) void fast_delta8_bgra(const uint8_t* col1, const uint8_t* col2, uint8_t* result, unsigned long count) { /* Loop unrolling is used to work on 16 bytes (4 rgb32 pixels) at a time */ - int r,g,b; + int r,g,b; const uint8_t* const max_ptr = result + count; while(result < max_ptr) { @@ -3579,7 +3563,7 @@ __attribute__((noinline)) void fast_delta8_bgra(const uint8_t* col1, const uint8 } __attribute__((noinline)) void std_delta8_bgra(const uint8_t* col1, const uint8_t* col2, uint8_t* result, unsigned long count) { /* Loop unrolling is used to work on 16 bytes (4 rgb32 pixels) at a time */ - int r,g,b; + int r,g,b; const uint8_t* const max_ptr = result + count; while(result < max_ptr) { @@ -3597,7 +3581,7 @@ __attribute__((noinline)) void std_delta8_bgra(const uint8_t* col1, const uint8_ /* RGB32: ARGB */ __attribute__((noinline)) void fast_delta8_argb(const uint8_t* col1, const uint8_t* col2, uint8_t* result, unsigned long count) { /* Loop unrolling is used to work on 16 bytes (4 rgb32 pixels) at a time */ - int r,g,b; + int r,g,b; const uint8_t* const max_ptr = result + count; while(result < max_ptr) { @@ -3625,7 +3609,7 @@ __attribute__((noinline)) void fast_delta8_argb(const uint8_t* col1, const uint8 } __attribute__((noinline)) void std_delta8_argb(const uint8_t* col1, const uint8_t* col2, uint8_t* result, unsigned long count) { /* Loop unrolling is used to work on 16 bytes (4 rgb32 pixels) at a time */ - int r,g,b; + int r,g,b; const uint8_t* const max_ptr = result + count; while(result < max_ptr) { @@ -3643,7 +3627,7 @@ __attribute__((noinline)) void std_delta8_argb(const uint8_t* col1, const uint8_ /* RGB32: ABGR */ __attribute__((noinline)) void fast_delta8_abgr(const uint8_t* col1, const uint8_t* col2, uint8_t* result, unsigned long count) { /* Loop unrolling is used to work on 16 bytes (4 rgb32 pixels) at a time */ - int r,g,b; + int r,g,b; const uint8_t* const max_ptr = result + count; while(result < max_ptr) { @@ -3670,7 +3654,7 @@ __attribute__((noinline)) void fast_delta8_abgr(const uint8_t* col1, const uint8 } } __attribute__((noinline)) void std_delta8_abgr(const uint8_t* col1, const uint8_t* col2, uint8_t* result, unsigned long count) { - int r,g,b; + int r,g,b; const uint8_t* const max_ptr = result + count; while(result < max_ptr) { @@ -3919,7 +3903,7 @@ void neon64_armv8_delta8_abgr(const uint8_t* col1, const uint8_t* col2, uint8_t* __attribute__((noinline,__target__("sse2"))) #endif void sse2_delta8_gray8(const uint8_t* col1, const uint8_t* col2, uint8_t* result, unsigned long count) { -#if ((defined(__i386__) || defined(__x86_64__) || defined(ZM_KEEP_SSE)) && !defined(ZM_STRIP_SSE)) +#if ((defined(__i386__) || defined(__x86_64__) || defined(ZM_KEEP_SSE)) && !defined(ZM_STRIP_SSE)) __asm__ __volatile__ ( "sub $0x10, %0\n\t" @@ -3950,7 +3934,7 @@ void sse2_delta8_gray8(const uint8_t* col1, const uint8_t* col2, uint8_t* result __attribute__((noinline,__target__("sse2"))) #endif void sse2_delta8_rgba(const uint8_t* col1, const uint8_t* col2, uint8_t* result, unsigned long count) { -#if ((defined(__i386__) || defined(__x86_64__) || defined(ZM_KEEP_SSE)) && !defined(ZM_STRIP_SSE)) +#if ((defined(__i386__) || defined(__x86_64__) || defined(ZM_KEEP_SSE)) && !defined(ZM_STRIP_SSE)) __asm__ __volatile__ ( "mov $0x1F1F1F1F, %%eax\n\t" @@ -4008,7 +3992,7 @@ void sse2_delta8_rgba(const uint8_t* col1, const uint8_t* col2, uint8_t* result, __attribute__((noinline,__target__("sse2"))) #endif void sse2_delta8_bgra(const uint8_t* col1, const uint8_t* col2, uint8_t* result, unsigned long count) { -#if ((defined(__i386__) || defined(__x86_64__) || defined(ZM_KEEP_SSE)) && !defined(ZM_STRIP_SSE)) +#if ((defined(__i386__) || defined(__x86_64__) || defined(ZM_KEEP_SSE)) && !defined(ZM_STRIP_SSE)) __asm__ __volatile__ ( "mov $0x1F1F1F1F, %%eax\n\t" @@ -4066,7 +4050,7 @@ void sse2_delta8_bgra(const uint8_t* col1, const uint8_t* col2, uint8_t* result, __attribute__((noinline,__target__("sse2"))) #endif void sse2_delta8_argb(const uint8_t* col1, const uint8_t* col2, uint8_t* result, unsigned long count) { -#if ((defined(__i386__) || defined(__x86_64__) || defined(ZM_KEEP_SSE)) && !defined(ZM_STRIP_SSE)) +#if ((defined(__i386__) || defined(__x86_64__) || defined(ZM_KEEP_SSE)) && !defined(ZM_STRIP_SSE)) __asm__ __volatile__ ( "mov $0x1F1F1F1F, %%eax\n\t" @@ -4125,7 +4109,7 @@ void sse2_delta8_argb(const uint8_t* col1, const uint8_t* col2, uint8_t* result, __attribute__((noinline,__target__("sse2"))) #endif void sse2_delta8_abgr(const uint8_t* col1, const uint8_t* col2, uint8_t* result, unsigned long count) { -#if ((defined(__i386__) || defined(__x86_64__) || defined(ZM_KEEP_SSE)) && !defined(ZM_STRIP_SSE)) +#if ((defined(__i386__) || defined(__x86_64__) || defined(ZM_KEEP_SSE)) && !defined(ZM_STRIP_SSE)) __asm__ __volatile__ ( "mov $0x1F1F1F1F, %%eax\n\t" @@ -4184,7 +4168,7 @@ void sse2_delta8_abgr(const uint8_t* col1, const uint8_t* col2, uint8_t* result, __attribute__((noinline,__target__("ssse3"))) #endif void ssse3_delta8_rgb32(const uint8_t* col1, const uint8_t* col2, uint8_t* result, unsigned long count, uint32_t multiplier) { -#if ((defined(__i386__) || defined(__x86_64__) || defined(ZM_KEEP_SSE)) && !defined(ZM_STRIP_SSE)) +#if ((defined(__i386__) || defined(__x86_64__) || defined(ZM_KEEP_SSE)) && !defined(ZM_STRIP_SSE)) /* XMM0 - zero */ /* XMM1 - col1 */ @@ -4253,7 +4237,7 @@ void ssse3_delta8_abgr(const uint8_t* col1, const uint8_t* col2, uint8_t* result /* RGB24 to grayscale */ __attribute__((noinline)) void fast_convert_rgb_gray8(const uint8_t* col1, uint8_t* result, unsigned long count) { - unsigned int r,g,b; + unsigned int r,g,b; const uint8_t* const max_ptr = result + count; while(result < max_ptr) { @@ -4279,7 +4263,7 @@ __attribute__((noinline)) void fast_convert_rgb_gray8(const uint8_t* col1, uint8 } } __attribute__((noinline)) void std_convert_rgb_gray8(const uint8_t* col1, uint8_t* result, unsigned long count) { - unsigned int r,g,b; + unsigned int r,g,b; const uint8_t* const max_ptr = result + count; while(result < max_ptr) { @@ -4295,7 +4279,7 @@ __attribute__((noinline)) void std_convert_rgb_gray8(const uint8_t* col1, uint8_ /* BGR24 to grayscale */ __attribute__((noinline)) void fast_convert_bgr_gray8(const uint8_t* col1, uint8_t* result, unsigned long count) { - unsigned int r,g,b; + unsigned int r,g,b; const uint8_t* const max_ptr = result + count; while(result < max_ptr) { @@ -4321,7 +4305,7 @@ __attribute__((noinline)) void fast_convert_bgr_gray8(const uint8_t* col1, uint8 } } __attribute__((noinline)) void std_convert_bgr_gray8(const uint8_t* col1, uint8_t* result, unsigned long count) { - unsigned int r,g,b; + unsigned int r,g,b; const uint8_t* const max_ptr = result + count; while(result < max_ptr) { @@ -4337,7 +4321,7 @@ __attribute__((noinline)) void std_convert_bgr_gray8(const uint8_t* col1, uint8_ /* RGBA to grayscale */ __attribute__((noinline)) void fast_convert_rgba_gray8(const uint8_t* col1, uint8_t* result, unsigned long count) { - unsigned int r,g,b; + unsigned int r,g,b; const uint8_t* const max_ptr = result + count; while(result < max_ptr) { @@ -4363,7 +4347,7 @@ __attribute__((noinline)) void fast_convert_rgba_gray8(const uint8_t* col1, uint } } __attribute__((noinline)) void std_convert_rgba_gray8(const uint8_t* col1, uint8_t* result, unsigned long count) { - unsigned int r,g,b; + unsigned int r,g,b; const uint8_t* const max_ptr = result + count; while(result < max_ptr) { @@ -4379,7 +4363,7 @@ __attribute__((noinline)) void std_convert_rgba_gray8(const uint8_t* col1, uint8 /* BGRA to grayscale */ __attribute__((noinline)) void fast_convert_bgra_gray8(const uint8_t* col1, uint8_t* result, unsigned long count) { - unsigned int r,g,b; + unsigned int r,g,b; const uint8_t* const max_ptr = result + count; while(result < max_ptr) { @@ -4406,7 +4390,7 @@ __attribute__((noinline)) void fast_convert_bgra_gray8(const uint8_t* col1, uint } __attribute__((noinline)) void std_convert_bgra_gray8(const uint8_t* col1, uint8_t* result, unsigned long count) { - unsigned int r,g,b; + unsigned int r,g,b; const uint8_t* const max_ptr = result + count; while(result < max_ptr) { @@ -4421,7 +4405,7 @@ __attribute__((noinline)) void std_convert_bgra_gray8(const uint8_t* col1, uint8 } /* ARGB to grayscale */ __attribute__((noinline)) void fast_convert_argb_gray8(const uint8_t* col1, uint8_t* result, unsigned long count) { - unsigned int r,g,b; + unsigned int r,g,b; const uint8_t* const max_ptr = result + count; while(result < max_ptr) { @@ -4447,7 +4431,7 @@ __attribute__((noinline)) void fast_convert_argb_gray8(const uint8_t* col1, uint } } __attribute__((noinline)) void std_convert_argb_gray8(const uint8_t* col1, uint8_t* result, unsigned long count) { - unsigned int r,g,b; + unsigned int r,g,b; const uint8_t* const max_ptr = result + count; while(result < max_ptr) { @@ -4463,7 +4447,7 @@ __attribute__((noinline)) void std_convert_argb_gray8(const uint8_t* col1, uint8 /* ABGR to grayscale */ __attribute__((noinline)) void fast_convert_abgr_gray8(const uint8_t* col1, uint8_t* result, unsigned long count) { - unsigned int r,g,b; + unsigned int r,g,b; const uint8_t* const max_ptr = result + count; while(result < max_ptr) { @@ -4489,7 +4473,7 @@ __attribute__((noinline)) void fast_convert_abgr_gray8(const uint8_t* col1, uint } } __attribute__((noinline)) void std_convert_abgr_gray8(const uint8_t* col1, uint8_t* result, unsigned long count) { - unsigned int r,g,b; + unsigned int r,g,b; const uint8_t* const max_ptr = result + count; while(result < max_ptr) { @@ -4547,7 +4531,7 @@ __attribute__((noinline)) void std_convert_yuyv_gray8(const uint8_t* col1, uint8 __attribute__((noinline,__target__("ssse3"))) #endif void ssse3_convert_rgb32_gray8(const uint8_t* col1, uint8_t* result, unsigned long count, uint32_t multiplier) { -#if ((defined(__i386__) || defined(__x86_64__) || defined(ZM_KEEP_SSE)) && !defined(ZM_STRIP_SSE)) +#if ((defined(__i386__) || defined(__x86_64__) || defined(ZM_KEEP_SSE)) && !defined(ZM_STRIP_SSE)) /* XMM0 - zero */ /* XMM1 - col1 */ @@ -4609,7 +4593,7 @@ void ssse3_convert_abgr_gray8(const uint8_t* col1, uint8_t* result, unsigned lon __attribute__((noinline,__target__("ssse3"))) #endif void ssse3_convert_yuyv_gray8(const uint8_t* col1, uint8_t* result, unsigned long count) { -#if ((defined(__i386__) || defined(__x86_64__) || defined(ZM_KEEP_SSE)) && !defined(ZM_STRIP_SSE)) +#if ((defined(__i386__) || defined(__x86_64__) || defined(ZM_KEEP_SSE)) && !defined(ZM_STRIP_SSE)) unsigned long i = 0; __attribute__((aligned(16))) static const uint8_t movemask1[16] = {0,2,4,6,8,10,12,14,0xFF,0xFF,0xFF,0xFF,0xFF,0xFF,0xFF,0xFF}; @@ -4712,8 +4696,8 @@ __attribute__((noinline)) void zm_convert_yuyv_rgba(const uint8_t* col1, uint8_t /* RGB555 to RGB24 - relocated from zm_local_camera.cpp */ __attribute__((noinline)) void zm_convert_rgb555_rgb(const uint8_t* col1, uint8_t* result, unsigned long count) { - unsigned int r,g,b; - for(unsigned int i=0; i < count; i++, col1 += 2, result += 3) { + unsigned int r,g,b; + for(unsigned int i=0; i < count; i++, col1 += 2, result += 3) { b = ((*col1)<<3)&0xf8; g = (((*(col1+1))<<6)|((*col1)>>2))&0xf8; r = ((*(col1+1))<<1)&0xf8; @@ -4725,8 +4709,8 @@ __attribute__((noinline)) void zm_convert_rgb555_rgb(const uint8_t* col1, uint8_ /* RGB555 to RGBA - modified the one above */ __attribute__((noinline)) void zm_convert_rgb555_rgba(const uint8_t* col1, uint8_t* result, unsigned long count) { - unsigned int r,g,b; - for(unsigned int i=0; i < count; i++, col1 += 2, result += 4) { + unsigned int r,g,b; + for(unsigned int i=0; i < count; i++, col1 += 2, result += 4) { b = ((*col1)<<3)&0xf8; g = (((*(col1+1))<<6)|((*col1)>>2))&0xf8; r = ((*(col1+1))<<1)&0xf8; @@ -4738,8 +4722,8 @@ __attribute__((noinline)) void zm_convert_rgb555_rgba(const uint8_t* col1, uint8 /* RGB565 to RGB24 - relocated from zm_local_camera.cpp */ __attribute__((noinline)) void zm_convert_rgb565_rgb(const uint8_t* col1, uint8_t* result, unsigned long count) { - unsigned int r,g,b; - for(unsigned int i=0; i < count; i++, col1 += 2, result += 3) { + unsigned int r,g,b; + for(unsigned int i=0; i < count; i++, col1 += 2, result += 3) { b = ((*col1)<<3)&0xf8; g = (((*(col1+1))<<5)|((*col1)>>3))&0xfc; r = (*(col1+1))&0xf8; @@ -4751,8 +4735,8 @@ __attribute__((noinline)) void zm_convert_rgb565_rgb(const uint8_t* col1, uint8_ /* RGB565 to RGBA - modified the one above */ __attribute__((noinline)) void zm_convert_rgb565_rgba(const uint8_t* col1, uint8_t* result, unsigned long count) { - unsigned int r,g,b; - for(unsigned int i=0; i < count; i++, col1 += 2, result += 4) { + unsigned int r,g,b; + for ( unsigned int i=0; i < count; i++, col1 += 2, result += 4 ) { b = ((*col1)<<3)&0xf8; g = (((*(col1+1))<<5)|((*col1)>>3))&0xfc; r = (*(col1+1))&0xf8; From 1a944797518a576af71dd46f3a3a70299819dd1b Mon Sep 17 00:00:00 2001 From: Isaac Connor Date: Tue, 17 Sep 2019 11:10:59 -0400 Subject: [PATCH 557/922] Cleanup/rework. Handle database connection failure. This can happen if we init logging before config reading. Default terminal log level to warning. Cleanup logInit copying the options in order to populate mLogPath from config. We can handle this in the constructor now. --- src/zm_logger.cpp | 128 ++++++++++++++++++++++++++-------------------- src/zm_logger.h | 86 +++++++++++++++---------------- 2 files changed, 115 insertions(+), 99 deletions(-) diff --git a/src/zm_logger.cpp b/src/zm_logger.cpp index 2089fecc3..7c9a3bc75 100644 --- a/src/zm_logger.cpp +++ b/src/zm_logger.cpp @@ -55,7 +55,7 @@ static void subtractTime( struct timeval * const tp1, struct timeval * const tp2 } #endif -void Logger::usrHandler( int sig ) { +void Logger::usrHandler(int sig) { Logger *logger = fetch(); if ( sig == SIGUSR1 ) logger->level(logger->level()+1); @@ -71,9 +71,9 @@ Logger::Logger() : mFileLevel(NOLOG), mSyslogLevel(NOLOG), mEffectiveLevel(NOLOG), - //mLogPath( staticConfig.PATH_LOGS.c_str() ), - //mLogFile( mLogPath+"/"+mId+".log" ), mDbConnected(false), + mLogPath(staticConfig.PATH_LOGS.c_str()), + //mLogFile( mLogPath+"/"+mId+".log" ), mLogFileFP(NULL), mHasTerminal(false), mFlush(false) { @@ -106,9 +106,11 @@ Logger::Logger() : smInitialised = true; } - if ( fileno(stderr) && isatty(fileno(stderr)) ) + if ( fileno(stderr) && isatty(fileno(stderr)) ) { mHasTerminal = true; -} + mTerminalLevel = WARNING; + } +} // End Logger::Logger Logger::~Logger() { terminate(); @@ -138,7 +140,8 @@ void Logger::initialise(const std::string &id, const Options &options) { } else if ( options.mLogFile.size() ) { tempLogFile = options.mLogFile; } else { - if ( options.mLogPath.size() ) { + // options.mLogPath defaults to '.' so only use it if we don't already have a path + if ( (!mLogPath.size()) || options.mLogPath != "." ) { mLogPath = options.mLogPath; } tempLogFile = mLogPath+"/"+mId+".log"; @@ -240,7 +243,7 @@ void Logger::initialise(const std::string &id, const Options &options) { mInitialised = true; - Debug(1, "LogOpts: level=%s/%s, screen=%s, database=%s, logfile=%s->%s, syslog=%s", + Info("LogOpts: level=%s effective=%s, screen=%s, database=%s, logfile=%s->%s, syslog=%s", smCodes[mLevel].c_str(), smCodes[mEffectiveLevel].c_str(), smCodes[mTerminalLevel].c_str(), @@ -297,7 +300,7 @@ const std::string &Logger::id(const std::string &id) { size_t pos; // Remove whitespace - while ( (pos = tempId.find_first_of( " \t" )) != std::string::npos ) { + while ( (pos = tempId.find_first_of(" \t")) != std::string::npos ) { tempId.replace(pos, 1, ""); } // Replace non-alphanum with underscore @@ -341,7 +344,7 @@ Logger::Level Logger::level(Logger::Level level) { return mLevel; } -Logger::Level Logger::terminalLevel( Logger::Level terminalLevel ) { +Logger::Level Logger::terminalLevel(Logger::Level terminalLevel) { if ( terminalLevel > NOOPT ) { if ( !mHasTerminal ) terminalLevel = NOLOG; @@ -352,34 +355,37 @@ Logger::Level Logger::terminalLevel( Logger::Level terminalLevel ) { return mTerminalLevel; } -Logger::Level Logger::databaseLevel( Logger::Level databaseLevel ) { +Logger::Level Logger::databaseLevel(Logger::Level databaseLevel) { if ( databaseLevel > NOOPT ) { databaseLevel = limit(databaseLevel); if ( mDatabaseLevel != databaseLevel ) { if ( databaseLevel > NOLOG && mDatabaseLevel <= NOLOG ) { - zmDbConnect(); - } // end if ( databaseLevel > NOLOG && mDatabaseLevel <= NOLOG ) + if ( !zmDbConnect() ) { + databaseLevel = NOLOG; + } + } // end if ( databaseLevel > NOLOG && mDatabaseLevel <= NOLOG ) mDatabaseLevel = databaseLevel; - } // end if ( mDatabaseLevel != databaseLevel ) - } // end if ( databaseLevel > NOOPT ) + } // end if ( mDatabaseLevel != databaseLevel ) + } // end if ( databaseLevel > NOOPT ) return mDatabaseLevel; } -Logger::Level Logger::fileLevel( Logger::Level fileLevel ) { +Logger::Level Logger::fileLevel(Logger::Level fileLevel) { if ( fileLevel > NOOPT ) { fileLevel = limit(fileLevel); // Always close, because we may have changed file names if ( mFileLevel > NOLOG ) closeFile(); mFileLevel = fileLevel; - if ( mFileLevel > NOLOG ) + if ( mFileLevel > NOLOG ) { openFile(); + } } return mFileLevel; } -Logger::Level Logger::syslogLevel( Logger::Level syslogLevel ) { +Logger::Level Logger::syslogLevel(Logger::Level syslogLevel) { if ( syslogLevel > NOOPT ) { syslogLevel = limit(syslogLevel); if ( mSyslogLevel != syslogLevel ) { @@ -393,7 +399,7 @@ Logger::Level Logger::syslogLevel( Logger::Level syslogLevel ) { return mSyslogLevel; } -void Logger::logFile( const std::string &logFile ) { +void Logger::logFile(const std::string &logFile) { bool addLogPid = false; std::string tempLogFile = logFile; if ( tempLogFile[tempLogFile.length()-1] == '+' ) { @@ -401,16 +407,16 @@ void Logger::logFile( const std::string &logFile ) { addLogPid = true; } if ( addLogPid ) - mLogFile = stringtf( "%s.%05d", tempLogFile.c_str(), getpid() ); + mLogFile = stringtf("%s.%05d", tempLogFile.c_str(), getpid()); else mLogFile = tempLogFile; } void Logger::openFile() { if ( mLogFile.size() ) { - if ( (mLogFileFP = fopen(mLogFile.c_str() ,"a")) == (FILE *)NULL ) { + if ( (mLogFileFP = fopen(mLogFile.c_str(), "a")) == (FILE *)NULL ) { mFileLevel = NOLOG; - Fatal( "fopen() for %s, error = %s", mLogFile.c_str(), strerror(errno) ); + Error("fopen() for %s, error = %s", mLogFile.c_str(), strerror(errno)); } } else { puts("Called Logger::openFile() without a filename"); @@ -419,29 +425,33 @@ void Logger::openFile() { void Logger::closeFile() { if ( mLogFileFP ) { - fflush( mLogFileFP ); - if ( fclose( mLogFileFP ) < 0 ) { - Fatal( "fclose(), error = %s",strerror(errno) ); + fflush(mLogFileFP); + if ( fclose(mLogFileFP) < 0 ) { + mLogFileFP = (FILE *)NULL; + Error("fclose(), error = %s", strerror(errno)); } mLogFileFP = (FILE *)NULL; } } void Logger::closeDatabase() { - + } void Logger::openSyslog() { - (void) openlog( mId.c_str(), LOG_PID|LOG_NDELAY, LOG_LOCAL1 ); + (void) openlog(mId.c_str(), LOG_PID|LOG_NDELAY, LOG_LOCAL1); } void Logger::closeSyslog() { (void) closelog(); } -void Logger::logPrint( bool hex, const char * const filepath, const int line, const int level, const char *fstring, ... ) { - if ( level > mEffectiveLevel ) +void Logger::logPrint(bool hex, const char * const filepath, const int line, const int level, const char *fstring, ...) { + + if ( level > mEffectiveLevel ) { return; + } + log_mutex.lock(); char timeString[64]; char logString[8192]; @@ -479,24 +489,24 @@ void Logger::logPrint( bool hex, const char * const filepath, const int line, co thr_self(&lwpid); tid = lwpid; - if (tid < 0 ) // Thread/Process id + if ( tid < 0 ) // Thread/Process id #else -#ifdef HAVE_SYSCALL -#ifdef __FreeBSD_kernel__ + #ifdef HAVE_SYSCALL + #ifdef __FreeBSD_kernel__ if ( (syscall(SYS_thr_self, &tid)) < 0 ) // Thread/Process id -# else + # else // SOLARIS doesn't have SYS_gettid; don't assume -#ifdef SYS_gettid - if ( (tid = syscall(SYS_gettid)) < 0 ) // Thread/Process id -#endif // SYS_gettid + #ifdef SYS_gettid + if ( (tid = syscall(SYS_gettid)) < 0 ) // Thread/Process id + #endif // SYS_gettid + #endif + #endif // HAVE_SYSCALL #endif -#endif // HAVE_SYSCALL -#endif - tid = getpid(); // Process id + tid = getpid(); // Process id char *logPtr = logString; - logPtr += snprintf( logPtr, sizeof(logString), "%s %s[%d].%s-%s/%d [", + logPtr += snprintf(logPtr, sizeof(logString), "%s %s[%d].%s-%s/%d [", timeString, mId.c_str(), tid, @@ -520,32 +530,37 @@ void Logger::logPrint( bool hex, const char * const filepath, const int line, co } va_end(argPtr); char *syslogEnd = logPtr; - strncpy( logPtr, "]\n", sizeof(logString)-(logPtr-logString) ); + strncpy(logPtr, "]\n", sizeof(logString)-(logPtr-logString)); if ( level <= mTerminalLevel ) { - puts( logString ); - fflush( stdout ); + puts(logString); + fflush(stdout); } if ( level <= mFileLevel ) { if ( mLogFileFP ) { - fputs( logString, mLogFileFP ); + fputs(logString, mLogFileFP); if ( mFlush ) - fflush( mLogFileFP ); + fflush(mLogFileFP); } else { puts("Logging to file, but file not open\n"); } +#if 0 + } else { + printf("Not writing to log file because level %d %s <= mFileLevel %d %s\nstring: %s\n", + level, smCodes[level].c_str(), mFileLevel, smCodes[mFileLevel].c_str(), logString); +#endif } *syslogEnd = '\0'; if ( level <= mDatabaseLevel ) { char sql[ZM_SQL_MED_BUFSIZ]; char escapedString[(strlen(syslogStart)*2)+1]; - if ( ! db_mutex.trylock() ) { - mysql_real_escape_string( &dbconn, escapedString, syslogStart, strlen(syslogStart) ); + if ( !db_mutex.trylock() ) { + mysql_real_escape_string(&dbconn, escapedString, syslogStart, strlen(syslogStart)); snprintf(sql, sizeof(sql), - "INSERT INTO Logs " - "( TimeKey, Component, ServerId, Pid, Level, Code, Message, File, Line )" + "INSERT INTO `Logs` " + "( `TimeKey`, `Component`, `ServerId`, `Pid`, `Level`, `Code`, `Message`, `File`, `Line` )" " VALUES " "( %ld.%06ld, '%s', %d, %d, %d, '%s', '%s', '%s', %d )", timeVal.tv_sec, timeVal.tv_usec, mId.c_str(), staticConfig.SERVER_ID, tid, level, classString, escapedString, file, line @@ -567,7 +582,7 @@ void Logger::logPrint( bool hex, const char * const filepath, const int line, co if ( level <= mSyslogLevel ) { int priority = smSyslogPriorities[level]; //priority |= LOG_DAEMON; - syslog( priority, "%s [%s] [%s]", classString, mId.c_str(), syslogStart ); + syslog(priority, "%s [%s] [%s]", classString, mId.c_str(), syslogStart); } free(filecopy); @@ -580,15 +595,16 @@ void Logger::logPrint( bool hex, const char * const filepath, const int line, co exit(-1); } log_mutex.unlock(); -} - +} // end logPrint void logInit(const char *name, const Logger::Options &options) { - if ( !Logger::smInstance ) - Logger::smInstance = new Logger(); - Logger::Options tempOptions = options; - tempOptions.mLogPath = staticConfig.PATH_LOGS; - Logger::smInstance->initialise(name, tempOptions); + if ( Logger::smInstance ) { + delete Logger::smInstance; + Logger::smInstance = NULL; + } + + Logger::smInstance = new Logger(); + Logger::smInstance->initialise(name, options); } void logTerm() { diff --git a/src/zm_logger.h b/src/zm_logger.h index f65c5ec31..82144a1c9 100644 --- a/src/zm_logger.h +++ b/src/zm_logger.h @@ -36,12 +36,12 @@ class Logger { public: enum { NOOPT=-6, - NOLOG, - PANIC, - FATAL, - ERROR, - WARNING, - INFO, + NOLOG, // -5 + PANIC, // -4 + FATAL, // -3 + ERROR, // -2 + WARNING, // -1 + INFO, // 0 DEBUG1, DEBUG2, DEBUG3, @@ -68,14 +68,20 @@ public: std::string mLogPath; std::string mLogFile; - public: - Options( Level terminalLevel=NOOPT, Level databaseLevel=NOOPT, Level fileLevel=NOOPT, Level syslogLevel=NOOPT, const std::string &logPath=".", const std::string &logFile="" ) : - mTerminalLevel( terminalLevel ), - mDatabaseLevel( databaseLevel ), - mFileLevel( fileLevel ), - mSyslogLevel( syslogLevel ), - mLogPath( logPath ), - mLogFile( logFile ) + Options( + Level terminalLevel=NOOPT, + Level databaseLevel=NOOPT, + Level fileLevel=NOOPT, + Level syslogLevel=NOOPT, + const std::string &logPath=".", + const std::string &logFile="" + ) : + mTerminalLevel(terminalLevel), + mDatabaseLevel(databaseLevel), + mFileLevel(fileLevel), + mSyslogLevel(syslogLevel), + mLogPath(logPath), + mLogFile(logFile) { } }; @@ -89,21 +95,21 @@ private: static StringMap smCodes; static IntMap smSyslogPriorities; -private: bool mInitialised; std::string mId; std::string mIdRoot; std::string mIdArgs; - Level mLevel; // Level that is currently in operation + Level mLevel; // Level that is currently in operation Level mTerminalLevel; // Maximum level output via terminal - Level mDatabaseLevel; // Maximum level output via database - Level mFileLevel; // Maximum level output via file - Level mSyslogLevel; // Maximum level output via syslog - Level mEffectiveLevel; // Level optimised to take account of maxima + Level mDatabaseLevel; // Maximum level output via database + Level mFileLevel; // Maximum level output via file + Level mSyslogLevel; // Maximum level output via syslog + Level mEffectiveLevel; // Level optimised to take account of maxima bool mDbConnected; + std::string mLogPath; std::string mLogFile; FILE *mLogFileFP; @@ -111,31 +117,10 @@ private: bool mHasTerminal; bool mFlush; -private: - static void usrHandler(int sig); - -public: - friend void logInit(const char *name, const Options &options); - friend void logTerm(); - - static Logger *fetch() { - if ( !smInstance ) { - smInstance = new Logger(); - Options options; - smInstance->initialise( "undef", options ); - } - return smInstance; - } - private: Logger(); ~Logger(); -public: - void initialise(const std::string &id, const Options &options); - void terminate(); - -private: int limit(int level) { if ( level > DEBUG9 ) return DEBUG9; @@ -150,14 +135,29 @@ private: char *getTargettedEnv(const std::string &name); void loadEnv(); + static void usrHandler(int sig); public: + friend void logInit(const char *name, const Options &options); + friend void logTerm(); + + static Logger *fetch() { + if ( !smInstance ) { + smInstance = new Logger(); + Options options; + smInstance->initialise("undef", options); + } + return smInstance; + } + + void initialise(const std::string &id, const Options &options); + void terminate(); + + const std::string &id(const std::string &id); const std::string &id() const { return mId; } - const std::string &id(const std::string &id); - Level level() const { return mLevel; } From ecde0a7ae0e7602ab8c0f6aa2485036c90ae5052 Mon Sep 17 00:00:00 2001 From: Isaac Connor Date: Tue, 17 Sep 2019 11:11:22 -0400 Subject: [PATCH 558/922] Add a string_toupper function --- src/zm_utils.cpp | 5 +++++ 1 file changed, 5 insertions(+) diff --git a/src/zm_utils.cpp b/src/zm_utils.cpp index 49b4d5ffc..d4bb48b73 100644 --- a/src/zm_utils.cpp +++ b/src/zm_utils.cpp @@ -22,6 +22,7 @@ #include "zm_utils.h" #include +#include #include #include #include /* Definition of AT_* constants */ @@ -416,6 +417,10 @@ Warning("ZM Compiled without LIBCURL. UriDecoding not implemented."); #endif } +void string_toupper( std::string& str) { + std::transform(str.begin(), str.end(), str.begin(), ::toupper); +} + void touch(const char *pathname) { int fd = open(pathname, O_WRONLY|O_CREAT|O_NOCTTY|O_NONBLOCK, From 33aa6abf591e5dc61730e3e0215ffa258e565836 Mon Sep 17 00:00:00 2001 From: Isaac Connor Date: Tue, 17 Sep 2019 11:36:57 -0400 Subject: [PATCH 559/922] Only open log file if we are going to write to it. --- src/zm_logger.cpp | 10 +++++----- 1 file changed, 5 insertions(+), 5 deletions(-) diff --git a/src/zm_logger.cpp b/src/zm_logger.cpp index 7c9a3bc75..1b8afc517 100644 --- a/src/zm_logger.cpp +++ b/src/zm_logger.cpp @@ -243,7 +243,7 @@ void Logger::initialise(const std::string &id, const Options &options) { mInitialised = true; - Info("LogOpts: level=%s effective=%s, screen=%s, database=%s, logfile=%s->%s, syslog=%s", + Debug(1, "LogOpts: level=%s effective=%s, screen=%s, database=%s, logfile=%s->%s, syslog=%s", smCodes[mLevel].c_str(), smCodes[mEffectiveLevel].c_str(), smCodes[mTerminalLevel].c_str(), @@ -378,9 +378,7 @@ Logger::Level Logger::fileLevel(Logger::Level fileLevel) { if ( mFileLevel > NOLOG ) closeFile(); mFileLevel = fileLevel; - if ( mFileLevel > NOLOG ) { - openFile(); - } + // Don't try to open it here because it will create the log file even if we never write to it. } return mFileLevel; } @@ -537,12 +535,14 @@ void Logger::logPrint(bool hex, const char * const filepath, const int line, con fflush(stdout); } if ( level <= mFileLevel ) { + if ( !mLogFileFP ) + openFile(); if ( mLogFileFP ) { fputs(logString, mLogFileFP); if ( mFlush ) fflush(mLogFileFP); } else { - puts("Logging to file, but file not open\n"); + puts("Logging to file, but failed to open it\n"); } #if 0 } else { From 6041616efc24b4f00d314940e4f39d6f3c59e55a Mon Sep 17 00:00:00 2001 From: Isaac Connor Date: Tue, 17 Sep 2019 11:37:20 -0400 Subject: [PATCH 560/922] add string_toupper function --- src/zm_utils.h | 1 + 1 file changed, 1 insertion(+) diff --git a/src/zm_utils.h b/src/zm_utils.h index d1340cf4b..9a8dd1948 100644 --- a/src/zm_utils.h +++ b/src/zm_utils.h @@ -40,6 +40,7 @@ StringVector split( const std::string &string, const std::string &chars, int lim const std::string join( const StringVector &, const char * ); const std::string base64Encode( const std::string &inString ); +void string_toupper(std::string& str); int split(const char* string, const char delim, std::vector& items); int pairsplit(const char* string, const char delim, std::string& name, std::string& value); From 0d347f0cf578c0779282dcbc4d93fa48ad385e5f Mon Sep 17 00:00:00 2001 From: Isaac Connor Date: Tue, 17 Sep 2019 11:37:48 -0400 Subject: [PATCH 561/922] init log early so that we create zmc_m.log instead of undef.log --- src/zmc.cpp | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/src/zmc.cpp b/src/zmc.cpp index bebc0bc7d..65a8d3e12 100644 --- a/src/zmc.cpp +++ b/src/zmc.cpp @@ -187,8 +187,8 @@ int main(int argc, char *argv[]) { snprintf(log_id_string, sizeof(log_id_string), "zmc_m%d", monitor_id); } + logInit(log_id_string); zmLoadConfig(); - logInit(log_id_string); hwcaps_detect(); From f0cfd674c1dd35563823ecf066084b05e8b703ba Mon Sep 17 00:00:00 2001 From: Isaac Connor Date: Tue, 17 Sep 2019 12:06:54 -0400 Subject: [PATCH 562/922] Cleanup options skins tab. Setting the values happens in index.php. Use global and --- web/skins/classic/views/options.php | 43 +++++++---------------------- 1 file changed, 10 insertions(+), 33 deletions(-) diff --git a/web/skins/classic/views/options.php b/web/skins/classic/views/options.php index ea400339a..d74e50625 100644 --- a/web/skins/classic/views/options.php +++ b/web/skins/classic/views/options.php @@ -53,31 +53,6 @@ $focusWindow = true; xhtmlHeaders(__FILE__, translate('Options')); -# Have to do this stuff up here before including header.php because fof the cookie setting -$skin_options = array_map('basename', glob('skins/*',GLOB_ONLYDIR)); -if ( $tab == 'skins' ) { - $current_skin = $_COOKIE['zmSkin']; - $reload = false; - if ( isset($_GET['skin-choice']) && ( $_GET['skin-choice'] != $current_skin ) ) { - setcookie('zmSkin',$_GET['skin-choice'], time()+3600*24*30*12*10 ); - //header("Location: index.php?view=options&tab=skins&reset_parent=1"); - $reload = true; - } - $current_css = $_COOKIE['zmCSS']; - if ( isset($_GET['css-choice']) and ( $_GET['css-choice'] != $current_css ) ) { - setcookie('zmCSS',$_GET['css-choice'], time()+3600*24*30*12*10 ); - array_map('unlink', glob(ZM_PATH_WEB.'/cache/*')); //cleanup symlinks from cache_bust - //header("Location: index.php?view=options&tab=skins&reset_parent=1"); - $reload = true; - } - if ( $reload ) - echo ""; -} # end if tab == skins - ?> @@ -104,12 +79,14 @@ if ( $tab == 'skins' ) {
- +
- '.$dir.''; + echo ''; } ?> @@ -117,12 +94,12 @@ foreach ( $skin_options as $dir ) {
- +
- '.$dir.''; +foreach ( array_map('basename', glob('skins/'.$skin.'/css/*',GLOB_ONLYDIR)) as $dir ) { + echo ''; } ?> @@ -508,7 +485,7 @@ foreach ( array_map('basename', glob('skins/'.$current_skin.'/css/*',GLOB_ONLYDI ?>
- +
Date: Tue, 17 Sep 2019 12:07:10 -0400 Subject: [PATCH 563/922] Don't glob skins dir and css dirs unless our skin or css is invalid. --- web/index.php | 37 ++++++++++++++++++++++++------------- 1 file changed, 24 insertions(+), 13 deletions(-) diff --git a/web/index.php b/web/index.php index f2fd0660e..5c2448291 100644 --- a/web/index.php +++ b/web/index.php @@ -87,27 +87,38 @@ if ( isset($_GET['skin']) ) { $skin = 'classic'; } -$skins = array_map('basename', glob('skins/*', GLOB_ONLYDIR)); +if ( ! is_dir("skins/$skin") ) { + $skins = array_map('basename', glob('skins/*', GLOB_ONLYDIR)); -if ( ! in_array($skin, $skins) ) { - ZM\Error("Invalid skin '$skin' setting to " . $skins[0]); - $skin = $skins[0]; + if ( !in_array($skin, $skins) ) { + ZM\Error("Invalid skin '$skin' setting to ".$skins[0]); + $skin = $skins[0]; + } } if ( isset($_GET['css']) ) { $css = $_GET['css']; -} elseif ( isset($_COOKIE['zmCSS']) ) { +} else if ( isset($_COOKIE['zmCSS']) ) { $css = $_COOKIE['zmCSS']; -} elseif ( defined('ZM_CSS_DEFAULT') ) { +} else if ( defined('ZM_CSS_DEFAULT') ) { $css = ZM_CSS_DEFAULT; } else { $css = 'classic'; } -$css_skins = array_map('basename', glob('skins/'.$skin.'/css/*',GLOB_ONLYDIR)); -if ( !in_array($css, $css_skins) ) { - ZM\Error("Invalid skin css '$css' setting to " . $css_skins[0]); - $css = $css_skins[0]; +if ( !is_dir("skins/$skin/css/$css") ) { + $css_skins = array_map('basename', glob('skins/'.$skin.'/css/*', GLOB_ONLYDIR)); + if ( count($css_skins) ) { + if ( !in_array($css, $css_skins) ) { + ZM\Error("Invalid skin css '$css' setting to " . $css_skins[0]); + $css = $css_skins[0]; + } else { + $css = ''; + } + } else { + ZM\Error("No css options found at skins/$skin/css"); + $css = ''; + } } define('ZM_BASE_PATH', dirname($_SERVER['REQUEST_URI'])); @@ -116,7 +127,7 @@ define('ZM_SKIN_NAME', $skin); $skinBase = array(); // To allow for inheritance of skins if ( !file_exists(ZM_SKIN_PATH) ) - Fatal("Invalid skin '$skin'"); + ZM\Fatal("Invalid skin '$skin'"); $skinBase[] = $skin; zm_session_start(); @@ -125,7 +136,7 @@ if ( !isset($_SESSION['skin']) || isset($_REQUEST['skin']) || !isset($_COOKIE['zmSkin']) || - $_COOKIE['zmSkin'] != $skin + ($_COOKIE['zmSkin'] != $skin) ) { $_SESSION['skin'] = $skin; setcookie('zmSkin', $skin, time()+3600*24*30*12*10); @@ -135,7 +146,7 @@ if ( !isset($_SESSION['css']) || isset($_REQUEST['css']) || !isset($_COOKIE['zmCSS']) || - $_COOKIE['zmCSS'] != $css + ($_COOKIE['zmCSS'] != $css) ) { $_SESSION['css'] = $css; setcookie('zmCSS', $css, time()+3600*24*30*12*10); From ad84736cb4f6f6500ae8fd9c6938ce9faaa6ed70 Mon Sep 17 00:00:00 2001 From: Isaac Connor Date: Tue, 17 Sep 2019 12:07:24 -0400 Subject: [PATCH 564/922] spacing --- web/includes/Event.php | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/web/includes/Event.php b/web/includes/Event.php index 19d28e0ec..02ebf50c0 100644 --- a/web/includes/Event.php +++ b/web/includes/Event.php @@ -253,7 +253,7 @@ class Event extends ZM_Object { } } - $streamSrc .= '?'.http_build_query($args,'', $querySep); + $streamSrc .= '?'.http_build_query($args, '', $querySep); return $streamSrc; } // end function getStreamSrc From e0074692d1751fd4a58b05b026517bbb6938545a Mon Sep 17 00:00:00 2001 From: Isaac Connor Date: Tue, 17 Sep 2019 12:07:30 -0400 Subject: [PATCH 565/922] Remove debug --- web/includes/session.php | 1 - 1 file changed, 1 deletion(-) diff --git a/web/includes/session.php b/web/includes/session.php index 8d4c28a68..dec414fec 100644 --- a/web/includes/session.php +++ b/web/includes/session.php @@ -28,7 +28,6 @@ function zm_session_start() { session_destroy(); session_start(); } else if ( !empty($_SESSION['generated_at']) ) { - ZM\Logger::Debug("Have generated_at: " . $_SESSION['generated_at']); if ( $_SESSION['generated_at']<($now-(ZM_COOKIE_LIFETIME/2)) ) { ZM\Logger::Debug("Regenerating session because generated_at " . $_SESSION['generated_at'] . ' < ' . $now . '-'.ZM_COOKIE_LIFETIME.'/2 = '.($now-ZM_COOKIE_LIFETIME/2)); zm_session_regenerate_id(); From bcaabf4cf210a768efdf6fca5e639e1fd296f831 Mon Sep 17 00:00:00 2001 From: Isaac Connor Date: Tue, 17 Sep 2019 12:09:36 -0400 Subject: [PATCH 566/922] update buttons --- web/skins/classic/views/montage.php | 6 +++--- 1 file changed, 3 insertions(+), 3 deletions(-) diff --git a/web/skins/classic/views/montage.php b/web/skins/classic/views/montage.php index d8bd27ae6..fee8a84be 100644 --- a/web/skins/classic/views/montage.php +++ b/web/skins/classic/views/montage.php @@ -180,11 +180,11 @@ if ( $showZones ) { 'selectLayout(this);')); ?> - +
From ce1823bd2987c85e9927b8f239406985b6333fea Mon Sep 17 00:00:00 2001 From: Isaac Connor Date: Tue, 17 Sep 2019 12:46:11 -0400 Subject: [PATCH 567/922] spacing and fix saving --- web/skins/classic/views/options.php | 45 ++++++++++++++--------------- 1 file changed, 21 insertions(+), 24 deletions(-) diff --git a/web/skins/classic/views/options.php b/web/skins/classic/views/options.php index d74e50625..102ba2af3 100644 --- a/web/skins/classic/views/options.php +++ b/web/skins/classic/views/options.php @@ -302,40 +302,37 @@ foreach ( array_map('basename', glob('skins/'.$skin.'/css/*',GLOB_ONLYDIR)) as $ ?>
-
- + + +
".translate('AllTokensRevoked').""; + dbQuery('UPDATE `Users` SET `TokenMinExpiry`=?', array($minTokenTime)); + echo ''.translate('AllTokensRevoked').''; } - function updateSelected() - { - dbQuery("UPDATE Users SET APIEnabled=0"); - foreach( $_REQUEST["tokenUids"] as $markUid ) { + function updateSelected() { + dbQuery('UPDATE `Users` SET `APIEnabled`=0'); + foreach ( $_REQUEST["tokenUids"] as $markUid ) { $minTime = time(); - dbQuery('UPDATE Users SET TokenMinExpiry=? WHERE Id=?', array($minTime, $markUid)); + dbQuery('UPDATE `Users` SET `TokenMinExpiry`=? WHERE `Id`=?', array($minTime, $markUid)); } - foreach( $_REQUEST["apiUids"] as $markUid ) { - dbQuery('UPDATE Users SET APIEnabled=1 WHERE Id=?', array($markUid)); + foreach ( $_REQUEST["apiUids"] as $markUid ) { + dbQuery('UPDATE `Users` SET `APIEnabled`=1 WHERE `Id`=?', array($markUid)); } - echo "".translate('Updated').""; + echo ''.translate('Updated').''; } - if(array_key_exists('revokeAllTokens',$_POST)){ + if ( array_key_exists('revokeAllTokens',$_POST) ) { revokeAllTokens(); } - if(array_key_exists('updateSelected',$_POST)){ + if ( array_key_exists('updateSelected',$_POST) ) { updateSelected(); } ?> - -

@@ -352,7 +349,7 @@ foreach ( array_map('basename', glob('skins/'.$skin.'/css/*',GLOB_ONLYDIR)) as $
Colours() ); ?>
()
()
Orientation() );?>
() + + +translate('Custom'), + '176x120'=>'176x120 QCIF', + '320x240'=>'320x240', + '352x240'=>'352x240 CIF', + '640x480'=>'640x480', + '704x240'=>'704x240 2CIF', + '704x480'=>'704x480 4CIF', + '720x480'=>'720x480 D1', + '1280x720'=>'1280x720 720p', + '1280x960'=>'1280x960 960p', + '1280x1024'=>'1280x1024 1MP', + '1600x1200'=>'1600x1200 2MP', + '1920x1080'=>'1920x1080 1080p', + '2048x1536'=>'2048x1536 3MP', + '2592x1944'=>'2592x1944 5MP', +), $monitor->Width().'x'.$monitor->Height() +); +?> +
Orientation() );?>
Colours() ); ?>
() () @@ -949,7 +949,7 @@ if ( $monitor->Type() != 'NVSocket' && $monitor->Type() != 'WebSite' ) {
Orientation() );?>Orientation());?>
+
'None','auto'=>'Auto'); foreach ( ZM\Server::find(NULL, array('order'=>'lower(Name)')) as $Server ) { @@ -693,40 +621,61 @@ switch ( $tab ) { } echo htmlSelect( 'newMonitor[ServerId]', $servers, $monitor->ServerId() ); ?> -
+
'Default'); - foreach ( ZM\Storage::find( NULL, array('order'=>'lower(Name)') ) as $Storage ) { + foreach ( ZM\Storage::find(NULL, array('order'=>'lower(Name)')) as $Storage ) { $storage_areas[$Storage->Id()] = $Storage->Name(); } - echo htmlSelect( 'newMonitor[StorageId]', $storage_areas, $monitor->StorageId() ); + echo htmlSelect('newMonitor[StorageId]', $storage_areas, $monitor->StorageId()); ?> -
Type()); ?>
Type()); ?>
Type()); + echo htmlSelect('newMonitor[Function]', $function_options, $monitor->Function()); ?> -
Enabled() ) { ?> checked="checked"/>
Enabled() ) { ?> checked="checked"/>
 () -
Type() == 'Local' ) { case 'control' : { ?> -
Controllable() ) { ?> checked="checked"/>
 
TrackMotion() ) { ?> checked="checked"/>
Controllable() ) { ?> checked="checked"/>
ControlId()); +if ( canEdit('Control') ) { + echo ' '.makePopupLink('?view=controlcaps', 'zmControlCaps', 'controlcaps', translate('Edit')); +} +?>
TrackMotion() ) { ?> checked="checked"/>
ReturnLocation()); ?>
'. monitorIdsToNames($Group->MonitorIds(), 30).'
'. monitorIdsToNames($Group->MonitorIds(), 30).'
+
- + - + - +
- + - + - +
- From 7b93a445b8f08f7dbd61944342fe2d071a58da63 Mon Sep 17 00:00:00 2001 From: Isaac Connor Date: Wed, 2 Oct 2019 15:42:56 -0400 Subject: [PATCH 666/922] Finish updating the linked Monitors dropdown --- web/skins/classic/views/monitor.php | 25 ++++++++++--------------- 1 file changed, 10 insertions(+), 15 deletions(-) diff --git a/web/skins/classic/views/monitor.php b/web/skins/classic/views/monitor.php index 46d16b082..c9bc3075d 100644 --- a/web/skins/classic/views/monitor.php +++ b/web/skins/classic/views/monitor.php @@ -662,33 +662,28 @@ switch ( $tab ) { - + + + + Type() != 'Local' && $monitor->Type() != 'File' && $monitor->Type() != 'NVSocket' ) { From 95615fee35fd4109039dbe70c87858c2e5fa5783 Mon Sep 17 00:00:00 2001 From: Isaac Connor Date: Wed, 2 Oct 2019 16:42:50 -0400 Subject: [PATCH 667/922] fix eslint --- web/skins/classic/views/js/log.js | 15 --------------- 1 file changed, 15 deletions(-) diff --git a/web/skins/classic/views/js/log.js b/web/skins/classic/views/js/log.js index 3992be33b..b4b6b696a 100644 --- a/web/skins/classic/views/js/log.js +++ b/web/skins/classic/views/js/log.js @@ -182,22 +182,7 @@ function clearLog() { clearParms += "&maxTime="+encodeURIComponent(maxTime); } var form = $('logForm'); - if ( ! form ) { - console.log("Nothing found for #logForm?"); - } else { clearReq.send(clearParms+"&"+form.toQueryString()); - } - - -if ( 0 ) { - minLogTime = 0; - logCount = 0; - logTimeout = maxSampleTime; - displayLimit = initialDisplayLimit; - $('displayLogs').set('text', logCount); - options = {}; - $j('#logTable tbody').empty(); -} } function filterLog() { From 714ce0ba609d0b97d26902d5cdf24ff6e030afdf Mon Sep 17 00:00:00 2001 From: Isaac Connor Date: Thu, 3 Oct 2019 17:27:16 -0400 Subject: [PATCH 668/922] Add coller info to AUTOLOAD error message when PTZ function isn't defined. Provide parent printMsg function. --- scripts/ZoneMinder/lib/ZoneMinder/Control.pm | 10 +++++++--- 1 file changed, 7 insertions(+), 3 deletions(-) diff --git a/scripts/ZoneMinder/lib/ZoneMinder/Control.pm b/scripts/ZoneMinder/lib/ZoneMinder/Control.pm index dabc7897e..4a6681fd2 100644 --- a/scripts/ZoneMinder/lib/ZoneMinder/Control.pm +++ b/scripts/ZoneMinder/lib/ZoneMinder/Control.pm @@ -67,7 +67,8 @@ sub AUTOLOAD { if ( exists($self->{$name}) ) { return $self->{$name}; } - Error("Can't access $name $AUTOLOAD member of object of class $class"); + my ( $caller, undef, $line ) = caller; + Error("Can't access name:$name AUTOLOAD:$AUTOLOAD member of object of class $class from $caller:$line"); } sub getKey { @@ -130,8 +131,11 @@ sub executeCommand { } sub printMsg { - my $self = shift; - Fatal('No printMsg method defined for protocol '.$self->{name}); + my $self = shift; + my $msg = shift; + my $msg_len = length($msg); + + Debug($msg.'['.$msg_len.']'); } 1; From a7f27dddde2d8a6aadd99e90333a1fcd39b0fe0a Mon Sep 17 00:00:00 2001 From: Isaac Connor Date: Thu, 3 Oct 2019 17:27:46 -0400 Subject: [PATCH 669/922] quotes and more useful sendCmd debugging. --- scripts/ZoneMinder/lib/ZoneMinder/Control/Reolink.pm | 6 +++--- 1 file changed, 3 insertions(+), 3 deletions(-) diff --git a/scripts/ZoneMinder/lib/ZoneMinder/Control/Reolink.pm b/scripts/ZoneMinder/lib/ZoneMinder/Control/Reolink.pm index 7a2f72fc6..be01e6133 100644 --- a/scripts/ZoneMinder/lib/ZoneMinder/Control/Reolink.pm +++ b/scripts/ZoneMinder/lib/ZoneMinder/Control/Reolink.pm @@ -134,7 +134,7 @@ sub sendCmd my $server_endpoint = "http://".$host.":".$port."/$cmd"; my $req = HTTP::Request->new( POST => $server_endpoint ); $req->header('content-type' => $content_type); - $req->header('Host' => $host.":".$port); + $req->header('Host' => $host.':'.$port); $req->header('content-length' => length($msg)); $req->header('accept-encoding' => 'gzip, deflate'); $req->header('connection' => 'close'); @@ -145,9 +145,9 @@ sub sendCmd if ( $res->is_success ) { $result = !undef; } else { - Error( "After sending PTZ command, camera returned the following error:'".$res->status_line()."'" ); + Error("After sending PTZ command to $server_endpoint, camera returned the following error:'".$res->status_line()."'" ); } - return( $result ); + return $result; } sub getCamParams From c62eff48a78d6de02d5a5d688b3fa874babda1ee Mon Sep 17 00:00:00 2001 From: Isaac Connor Date: Thu, 3 Oct 2019 17:28:44 -0400 Subject: [PATCH 670/922] Turn off debugging that prevents results processing --- onvif/modules/lib/ONVIF/Deserializer/MessageParser.pm | 4 ++-- 1 file changed, 2 insertions(+), 2 deletions(-) diff --git a/onvif/modules/lib/ONVIF/Deserializer/MessageParser.pm b/onvif/modules/lib/ONVIF/Deserializer/MessageParser.pm index 218a4caa5..bb43daeec 100644 --- a/onvif/modules/lib/ONVIF/Deserializer/MessageParser.pm +++ b/onvif/modules/lib/ONVIF/Deserializer/MessageParser.pm @@ -274,8 +274,8 @@ sub _initialize { $_method =~s{\-}{_}xg; if ( $list->[-1]->can( $_method ) ) { $list->[-1]->$_method( $current ); - } else { - print ( "ERror " . $list->[-1] . " cannot $_method\n" ); + #} else { + #print ( "ERror " . $list->[-1] . " cannot $_method\n" ); } $current = pop @$list; # step up in object hierarchy From 6f5c29726563eae8dc3f30cb383bd5f36d3be69b Mon Sep 17 00:00:00 2001 From: Isaac Connor Date: Thu, 3 Oct 2019 17:28:57 -0400 Subject: [PATCH 671/922] google code style --- .../lib/ZoneMinder/Control/onvif.pm | 366 ++++++++---------- 1 file changed, 172 insertions(+), 194 deletions(-) diff --git a/scripts/ZoneMinder/lib/ZoneMinder/Control/onvif.pm b/scripts/ZoneMinder/lib/ZoneMinder/Control/onvif.pm index ea287a42f..c830d28aa 100644 --- a/scripts/ZoneMinder/lib/ZoneMinder/Control/onvif.pm +++ b/scripts/ZoneMinder/lib/ZoneMinder/Control/onvif.pm @@ -49,211 +49,189 @@ use ZoneMinder::Config qw(:all); use Time::HiRes qw( usleep ); -sub open -{ - my $self = shift; +sub open { + my $self = shift; - $self->loadMonitor(); + $self->loadMonitor(); - use LWP::UserAgent; - $self->{ua} = LWP::UserAgent->new; - $self->{ua}->agent( "ZoneMinder Control Agent/".ZoneMinder::Base::ZM_VERSION ); + use LWP::UserAgent; + $self->{ua} = LWP::UserAgent->new; + $self->{ua}->agent('ZoneMinder Control Agent/'.ZoneMinder::Base::ZM_VERSION); - $self->{state} = 'open'; + $self->{state} = 'open'; } -sub printMsg -{ - my $self = shift; - my $msg = shift; - my $msg_len = length($msg); +sub sendCmd { + my $self = shift; + my $cmd = shift; + my $result = undef; + printMsg($cmd, 'Tx'); - Debug( $msg."[".$msg_len."]" ); + my $req = HTTP::Request->new(GET=>'http://'.$self->{Monitor}->{ControlAddress}.'/'.$cmd); + my $res = $self->{ua}->request($req); + + if ( $res->is_success ) { + $result = !undef; + } else { + Error("Error check failed:'".$res->status_line()."'" ); + } + + return $result; } -sub sendCmd -{ - my $self = shift; - my $cmd = shift; - my $result = undef; - printMsg( $cmd, "Tx" ); +sub getCamParams { + my $self = shift; - my $req = HTTP::Request->new( GET=>"http://".$self->{Monitor}->{ControlAddress}."/$cmd" ); - my $res = $self->{ua}->request($req); + my $req = HTTP::Request->new(GET=>'http://'.$self->{Monitor}->{ControlAddress}.'/get_camera_params.cgi'); + my $res = $self->{ua}->request($req); - if ( $res->is_success ) - { - $result = !undef; - } - else - { - Error( "Error check failed:'".$res->status_line()."'" ); - } - - return( $result ); -} - -sub getCamParams -{ - my $self = shift; - - my $req = HTTP::Request->new( GET=>"http://".$self->{Monitor}->{ControlAddress}."/get_camera_params.cgi" ); - my $res = $self->{ua}->request($req); - - if ( $res->is_success ) - { - # Parse results setting values in %FCParams - my $content = $res->decoded_content; - - while ($content =~ s/var\s+([^=]+)=([^;]+);//ms) { - $CamParams{$1} = $2; - } - } - else - { - Error( "Error check failed:'".$res->status_line()."'" ); + if ( $res->is_success ) { + # Parse results setting values in %FCParams + my $content = $res->decoded_content; + + while ($content =~ s/var\s+([^=]+)=([^;]+);//ms) { + $CamParams{$1} = $2; } + } else { + Error("Error check failed:'".$res->status_line()."'"); + } } #autoStop #This makes use of the ZoneMinder Auto Stop Timeout on the Control Tab -sub autoStop -{ - my $self = shift; - my $stop_command = shift; - my $autostop = shift; - if( $stop_command && $autostop) - { - Debug( "Auto Stop" ); - usleep( $autostop ); - my $cmd = "decoder_control.cgi?command=".$stop_command; - $self->sendCmd( $cmd ); - } - +sub autoStop { + my $self = shift; + my $stop_command = shift; + my $autostop = shift; + if ( $stop_command && $autostop ) { + Debug('Auto Stop'); + usleep($autostop); + my $cmd = 'decoder_control.cgi?command='.$stop_command; + $self->sendCmd($cmd); + } } # Reset the Camera -sub reset -{ - my $self = shift; - Debug( "Camera Reset" ); - my $cmd = "reboot.cgi?"; - $self->sendCmd( $cmd ); +sub reset { + my $self = shift; + Debug('Camera Reset'); + my $cmd = 'reboot.cgi?'; + $self->sendCmd($cmd); } #Up Arrow sub moveConUp { - my $self = shift; - my $stop_command = "1"; - Debug( "Move Up" ); - my $cmd = "decoder_control.cgi?command=0"; - $self->sendCmd( $cmd ); - $self->autoStop( $stop_command, $self->{Monitor}->{AutoStopTimeout} ); + my $self = shift; + my $stop_command = "1"; + Debug( "Move Up" ); + my $cmd = "decoder_control.cgi?command=0"; + $self->sendCmd( $cmd ); + $self->autoStop( $stop_command, $self->{Monitor}->{AutoStopTimeout} ); } #Down Arrow sub moveConDown { - my $self = shift; - my $stop_command = "3"; - Debug( "Move Down" ); - my $cmd = "decoder_control.cgi?command=2"; - $self->sendCmd( $cmd ); - $self->autoStop( $stop_command, $self->{Monitor}->{AutoStopTimeout} ); + my $self = shift; + my $stop_command = "3"; + Debug( "Move Down" ); + my $cmd = "decoder_control.cgi?command=2"; + $self->sendCmd( $cmd ); + $self->autoStop( $stop_command, $self->{Monitor}->{AutoStopTimeout} ); } #Left Arrow sub moveConLeft { - my $self = shift; - my $stop_command = "5"; - Debug( "Move Left" ); - my $cmd = "decoder_control.cgi?command=4"; - $self->sendCmd( $cmd ); - $self->autoStop( $stop_command, $self->{Monitor}->{AutoStopTimeout} ); + my $self = shift; + my $stop_command = "5"; + Debug( "Move Left" ); + my $cmd = "decoder_control.cgi?command=4"; + $self->sendCmd( $cmd ); + $self->autoStop( $stop_command, $self->{Monitor}->{AutoStopTimeout} ); } #Right Arrow sub moveConRight { - my $self = shift; - my $stop_command = "7"; - Debug( "Move Right" ); - my $cmd = "decoder_control.cgi?command=6"; - $self->sendCmd( $cmd ); - $self->autoStop( $stop_command, $self->{Monitor}->{AutoStopTimeout} ); + my $self = shift; + my $stop_command = "7"; + Debug( "Move Right" ); + my $cmd = "decoder_control.cgi?command=6"; + $self->sendCmd( $cmd ); + $self->autoStop( $stop_command, $self->{Monitor}->{AutoStopTimeout} ); } #Zoom In sub zoomConTele { - my $self = shift; - my $stop_command = "17"; - Debug( "Zoom Tele" ); - my $cmd = "decoder_control.cgi?command=18"; - $self->sendCmd( $cmd ); - $self->autoStop( $stop_command, $self->{Monitor}->{AutoStopTimeout} ); + my $self = shift; + my $stop_command = "17"; + Debug( "Zoom Tele" ); + my $cmd = "decoder_control.cgi?command=18"; + $self->sendCmd( $cmd ); + $self->autoStop( $stop_command, $self->{Monitor}->{AutoStopTimeout} ); } #Zoom Out sub zoomConWide { - my $self = shift; - my $stop_command = "19"; - Debug( "Zoom Wide" ); - my $cmd = "decoder_control.cgi?command=16"; - $self->sendCmd( $cmd ); - $self->autoStop( $stop_command, $self->{Monitor}->{AutoStopTimeout} ); + my $self = shift; + my $stop_command = "19"; + Debug( "Zoom Wide" ); + my $cmd = "decoder_control.cgi?command=16"; + $self->sendCmd( $cmd ); + $self->autoStop( $stop_command, $self->{Monitor}->{AutoStopTimeout} ); } #Diagonally Up Right Arrow #This camera does not have builtin diagonal commands so we emulate them sub moveConUpRight { - my $self = shift; - Debug( "Move Diagonally Up Right" ); - $self->moveConUp( ); - $self->moveConRight( ); + my $self = shift; + Debug( "Move Diagonally Up Right" ); + $self->moveConUp( ); + $self->moveConRight( ); } #Diagonally Down Right Arrow #This camera does not have builtin diagonal commands so we emulate them sub moveConDownRight { - my $self = shift; - Debug( "Move Diagonally Down Right" ); - $self->moveConDown( ); - $self->moveConRight( ); + my $self = shift; + Debug( "Move Diagonally Down Right" ); + $self->moveConDown( ); + $self->moveConRight( ); } #Diagonally Up Left Arrow #This camera does not have builtin diagonal commands so we emulate them sub moveConUpLeft { - my $self = shift; - Debug( "Move Diagonally Up Left" ); - $self->moveConUp( ); - $self->moveConLeft( ); + my $self = shift; + Debug( "Move Diagonally Up Left" ); + $self->moveConUp( ); + $self->moveConLeft( ); } #Diagonally Down Left Arrow #This camera does not have builtin diagonal commands so we emulate them sub moveConDownLeft { - my $self = shift; - Debug( "Move Diagonally Down Left" ); - $self->moveConDown( ); - $self->moveConLeft( ); + my $self = shift; + Debug( "Move Diagonally Down Left" ); + $self->moveConDown( ); + $self->moveConLeft( ); } #Stop sub moveStop { - my $self = shift; - Debug( "Move Stop" ); - my $cmd = "decoder_control.cgi?command=1"; - $self->sendCmd( $cmd ); + my $self = shift; + Debug( "Move Stop" ); + my $cmd = "decoder_control.cgi?command=1"; + $self->sendCmd( $cmd ); } #Set Camera Preset @@ -261,15 +239,15 @@ sub moveStop #Those values are: 30,32,34,36,38,40,42,44 for presets 1-8 respectively sub presetSet { - my $self = shift; - my $params = shift; - my $preset = $self->getParam( $params, 'preset' ); - Debug( "Set Preset $preset" ); + my $self = shift; + my $params = shift; + my $preset = $self->getParam( $params, 'preset' ); + Debug( "Set Preset $preset" ); - if (( $preset >= 1 ) && ( $preset <= 8 )) { - my $cmd = "decoder_control.cgi?command=".(($preset*2) + 28); - $self->sendCmd( $cmd ); - } + if (( $preset >= 1 ) && ( $preset <= 8 )) { + my $cmd = "decoder_control.cgi?command=".(($preset*2) + 28); + $self->sendCmd( $cmd ); + } } #Recall Camera Preset @@ -277,101 +255,101 @@ sub presetSet #Those values are: 31,33,35,37,39,41,43,45 for presets 1-8 respectively sub presetGoto { - my $self = shift; - my $params = shift; - my $preset = $self->getParam( $params, 'preset' ); - Debug( "Goto Preset $preset" ); + my $self = shift; + my $params = shift; + my $preset = $self->getParam( $params, 'preset' ); + Debug( "Goto Preset $preset" ); - if (( $preset >= 1 ) && ( $preset <= 8 )) { - my $cmd = "decoder_control.cgi?command=".(($preset*2) + 29); - $self->sendCmd( $cmd ); - } + if (( $preset >= 1 ) && ( $preset <= 8 )) { + my $cmd = "decoder_control.cgi?command=".(($preset*2) + 29); + $self->sendCmd( $cmd ); + } - if ( $preset == 9 ) { - $self->horizontalPatrol(); - } + if ( $preset == 9 ) { + $self->horizontalPatrol(); + } - if ( $preset == 10 ) { - $self->horizontalPatrolStop(); - } + if ( $preset == 10 ) { + $self->horizontalPatrolStop(); + } } #Horizontal Patrol - Vertical Patrols are not supported sub horizontalPatrol { - my $self = shift; - Debug( "Horizontal Patrol" ); - my $cmd = "decoder_control.cgi?command=20"; - $self->sendCmd( $cmd ); + my $self = shift; + Debug( "Horizontal Patrol" ); + my $cmd = "decoder_control.cgi?command=20"; + $self->sendCmd( $cmd ); } #Horizontal Patrol Stop sub horizontalPatrolStop { - my $self = shift; - Debug( "Horizontal Patrol Stop" ); - my $cmd = "decoder_control.cgi?command=21"; - $self->sendCmd( $cmd ); + my $self = shift; + Debug( "Horizontal Patrol Stop" ); + my $cmd = "decoder_control.cgi?command=21"; + $self->sendCmd( $cmd ); } # Increase Brightness sub irisAbsOpen { - my $self = shift; - my $params = shift; - $self->getCamParams() unless($CamParams{'brightness'}); - my $step = $self->getParam( $params, 'step' ); + my $self = shift; + my $params = shift; + $self->getCamParams() unless($CamParams{'brightness'}); + my $step = $self->getParam( $params, 'step' ); - $CamParams{'brightness'} += $step; - $CamParams{'brightness'} = 255 if ($CamParams{'brightness'} > 255); - Debug( "Iris $CamParams{'brightness'}" ); - my $cmd = "camera_control.cgi?param=1&value=".$CamParams{'brightness'}; - $self->sendCmd( $cmd ); + $CamParams{'brightness'} += $step; + $CamParams{'brightness'} = 255 if ($CamParams{'brightness'} > 255); + Debug( "Iris $CamParams{'brightness'}" ); + my $cmd = "camera_control.cgi?param=1&value=".$CamParams{'brightness'}; + $self->sendCmd( $cmd ); } # Decrease Brightness sub irisAbsClose { - my $self = shift; - my $params = shift; - $self->getCamParams() unless($CamParams{'brightness'}); - my $step = $self->getParam( $params, 'step' ); + my $self = shift; + my $params = shift; + $self->getCamParams() unless($CamParams{'brightness'}); + my $step = $self->getParam( $params, 'step' ); - $CamParams{'brightness'} -= $step; - $CamParams{'brightness'} = 0 if ($CamParams{'brightness'} < 0); - Debug( "Iris $CamParams{'brightness'}" ); - my $cmd = "camera_control.cgi?param=1&value=".$CamParams{'brightness'}; - $self->sendCmd( $cmd ); + $CamParams{'brightness'} -= $step; + $CamParams{'brightness'} = 0 if ($CamParams{'brightness'} < 0); + Debug( "Iris $CamParams{'brightness'}" ); + my $cmd = "camera_control.cgi?param=1&value=".$CamParams{'brightness'}; + $self->sendCmd( $cmd ); } # Increase Contrast sub whiteAbsIn { - my $self = shift; - my $params = shift; - $self->getCamParams() unless($CamParams{'contrast'}); - my $step = $self->getParam( $params, 'step' ); + my $self = shift; + my $params = shift; + $self->getCamParams() unless($CamParams{'contrast'}); + my $step = $self->getParam( $params, 'step' ); - $CamParams{'contrast'} += $step; - $CamParams{'contrast'} = 6 if ($CamParams{'contrast'} > 6); - Debug( "Iris $CamParams{'contrast'}" ); - my $cmd = "camera_control.cgi?param=2&value=".$CamParams{'contrast'}; - $self->sendCmd( $cmd ); + $CamParams{'contrast'} += $step; + $CamParams{'contrast'} = 6 if ($CamParams{'contrast'} > 6); + Debug( "Iris $CamParams{'contrast'}" ); + my $cmd = "camera_control.cgi?param=2&value=".$CamParams{'contrast'}; + $self->sendCmd( $cmd ); } # Decrease Contrast sub whiteAbsOut { - my $self = shift; - my $params = shift; - $self->getCamParams() unless($CamParams{'contrast'}); - my $step = $self->getParam( $params, 'step' ); + my $self = shift; + my $params = shift; + $self->getCamParams() unless($CamParams{'contrast'}); + my $step = $self->getParam( $params, 'step' ); - $CamParams{'contrast'} -= $step; - $CamParams{'contrast'} = 0 if ($CamParams{'contrast'} < 0); - Debug( "Iris $CamParams{'contrast'}" ); - my $cmd = "camera_control.cgi?param=2&value=".$CamParams{'contrast'}; - $self->sendCmd( $cmd ); + $CamParams{'contrast'} -= $step; + $CamParams{'contrast'} = 0 if ($CamParams{'contrast'} < 0); + Debug( "Iris $CamParams{'contrast'}" ); + my $cmd = "camera_control.cgi?param=2&value=".$CamParams{'contrast'}; + $self->sendCmd( $cmd ); } 1; From 88ca9816fece0251278cfff0aa0e48022b909d68 Mon Sep 17 00:00:00 2001 From: Isaac Connor Date: Thu, 3 Oct 2019 17:29:33 -0400 Subject: [PATCH 672/922] handle a profile not being a videoEncoder --- scripts/ZoneMinder/lib/ZoneMinder/ONVIF.pm.in | 7 ++++++- 1 file changed, 6 insertions(+), 1 deletion(-) diff --git a/scripts/ZoneMinder/lib/ZoneMinder/ONVIF.pm.in b/scripts/ZoneMinder/lib/ZoneMinder/ONVIF.pm.in index 056801d9c..f6863367d 100644 --- a/scripts/ZoneMinder/lib/ZoneMinder/ONVIF.pm.in +++ b/scripts/ZoneMinder/lib/ZoneMinder/ONVIF.pm.in @@ -266,7 +266,7 @@ sub profiles { print "No result from GetProfiles\n"; return; } - if($verbose) { + if ( $verbose ) { print "Received message:\n" . $result . "\n"; } @@ -275,6 +275,11 @@ sub profiles { foreach my $profile ( @{ $profiles } ) { my $token = $profile->attr()->get_token() ; + my $video_encoder_configuration = $profile->get_VideoEncoderConfiguration(); + if ( ! $video_encoder_configuration ) { + print "Unknown profile $token " . $profile->get_Name()."\n"; + next; + } print $token . ", " . $profile->get_Name() . ", " . $profile->get_VideoEncoderConfiguration()->get_Encoding() . ", " . From 7328eb1979479944bf59a715881120203478836f Mon Sep 17 00:00:00 2001 From: Isaac Connor Date: Thu, 3 Oct 2019 17:30:10 -0400 Subject: [PATCH 673/922] be more robust when sending commands to zmcontrol. Of no commands given don't bother. --- web/includes/control_functions.php | 30 +++++++++++++++++++++--------- 1 file changed, 21 insertions(+), 9 deletions(-) diff --git a/web/includes/control_functions.php b/web/includes/control_functions.php index 38e2835ea..eb61b8b05 100644 --- a/web/includes/control_functions.php +++ b/web/includes/control_functions.php @@ -741,22 +741,34 @@ function buildControlCommand($monitor) { } function sendControlCommand($mid, $command) { + + $options = array(); + foreach ( explode(' ', $command) as $option ) { + if ( preg_match('/--([^=]+)(?:=(.+))?/', $option, $matches) ) { + $options[$matches[1]] = $matches[2]?$matches[2]:1; + } else { + ZM\Warning("Ignored command for zmcontrol $option in $command"); + } + } + if ( !count($options) ) { + if ( $command == 'quit' ) { + $options['quit'] = 1; + } else { + ZM\Warning("No commands to send to zmcontrol from $command"); + return; + } + } + + $optionString = jsonEncode($options); // Either connects to running zmcontrol.pl or runs zmcontrol.pl to send the command. $socket = socket_create(AF_UNIX, SOCK_STREAM, 0); if ( $socket < 0 ) { - Fatal('socket_create() failed: '.socket_strerror($socket)); + ZM\Fatal('socket_create() failed: '.socket_strerror($socket)); } $sockFile = ZM_PATH_SOCKS.'/zmcontrol-'.$mid.'.sock'; if ( @socket_connect($socket, $sockFile) ) { - $options = array(); - foreach ( explode(' ', $command) as $option ) { - if ( preg_match('/--([^=]+)(?:=(.+))?/', $option, $matches) ) { - $options[$matches[1]] = $matches[2]?$matches[2]:1; - } - } - $optionString = jsonEncode($options); if ( !socket_write($socket, $optionString) ) { - Fatal("Can't write to control socket: ".socket_strerror(socket_last_error($socket))); + ZM\Fatal("Can't write to control socket: ".socket_strerror(socket_last_error($socket))); } socket_close($socket); } else if ( $command != 'quit' ) { From 11fe748154f91a4253b27c2d402726614aef4d45 Mon Sep 17 00:00:00 2001 From: Isaac Connor Date: Thu, 3 Oct 2019 17:30:31 -0400 Subject: [PATCH 674/922] Sort control capabilities by Name instead of Id --- web/skins/classic/views/controlcaps.php | 14 ++++++-------- 1 file changed, 6 insertions(+), 8 deletions(-) diff --git a/web/skins/classic/views/controlcaps.php b/web/skins/classic/views/controlcaps.php index 3ae021f9b..d9478b674 100644 --- a/web/skins/classic/views/controlcaps.php +++ b/web/skins/classic/views/controlcaps.php @@ -18,17 +18,16 @@ // Foundation, Inc., 51 Franklin Street, Fifth Floor, Boston, MA 02110-1301 USA. // -if ( !canView( 'Control' ) ) -{ - $view = "error"; +if ( !canView('Control') ) { + $view = 'error'; return; } -$controls = dbFetchAll( 'SELECT * FROM Controls ORDER BY Id' ); +$controls = dbFetchAll('SELECT * FROM Controls ORDER BY Name'); $focusWindow = true; -xhtmlHeaders(__FILE__, translate('ControlCaps') ); +xhtmlHeaders(__FILE__, translate('ControlCaps')); ?>
@@ -42,7 +41,7 @@ xhtmlHeaders(__FILE__, translate('ControlCaps') ); -
 () Id() || ($monitor->Id()!= $linked_monitor['Id'])) && visibleMonitor($linked_monitor['Id']) ) { + $monitor_options[$linked_monitor['Id']] = validHtmlStr($linked_monitor['Name']); + } } echo htmlSelect( - 'newMonitor[LinkedMonitors]', + 'newMonitor[LinkedMonitors][]', $monitor_options, ( $monitor->LinkedMonitors() ? explode(',', $monitor->LinkedMonitors()) : array() ), array('class'=>'chosen','multiple'=>'multiple') ); - if ( 0 ) { - foreach ( $monitors as $linked_monitor ) { - if ( (!$monitor->Id() || ($monitor->Id()!= $linked_monitor['Id'])) && visibleMonitor( $linked_monitor['Id'] ) ) { -?> - -
+
@@ -59,8 +58,7 @@ xhtmlHeaders(__FILE__, translate('ControlCaps') ); From 5384b9345a0883354d06c9e63643a2e6d206c615 Mon Sep 17 00:00:00 2001 From: Isaac Connor Date: Thu, 3 Oct 2019 17:30:52 -0400 Subject: [PATCH 675/922] fix errors on centos 7 with the functions view --- web/skins/classic/views/function.php | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/web/skins/classic/views/function.php b/web/skins/classic/views/function.php index 1cd2985ef..199ec736c 100644 --- a/web/skins/classic/views/function.php +++ b/web/skins/classic/views/function.php @@ -50,7 +50,7 @@ foreach ( getEnumValues('Monitors', 'Function') as $optFunction ) { ?> - Enabled()) ) { ?> checked="checked"/> + Enabled() ?' checked="checked"' : '' ?>/>

From b1496643eb610de3bff8eb2fcc70b3600e242486 Mon Sep 17 00:00:00 2001 From: Isaac Connor Date: Thu, 3 Oct 2019 17:31:10 -0400 Subject: [PATCH 676/922] fix js error in onvif probe --- web/skins/classic/views/js/onvifprobe.js | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/web/skins/classic/views/js/onvifprobe.js b/web/skins/classic/views/js/onvifprobe.js index cfe0939d0..71cb5e16f 100644 --- a/web/skins/classic/views/js/onvifprobe.js +++ b/web/skins/classic/views/js/onvifprobe.js @@ -1,6 +1,6 @@ function submitCamera( element ) { var form = element.form; - form.target = opener.name; + form.target = self.name; form.view.value = 'monitor'; form.submit(); closeWindow.delay( 250 ); From 783358c9325dc699a59ffbac47dc56413a1de127 Mon Sep 17 00:00:00 2001 From: Isaac Connor Date: Thu, 3 Oct 2019 17:31:54 -0400 Subject: [PATCH 677/922] Import Sony PTZ driver --- .../ZoneMinder/lib/ZoneMinder/Control/Sony.pm | 343 ++++++++++++++++++ 1 file changed, 343 insertions(+) create mode 100644 scripts/ZoneMinder/lib/ZoneMinder/Control/Sony.pm diff --git a/scripts/ZoneMinder/lib/ZoneMinder/Control/Sony.pm b/scripts/ZoneMinder/lib/ZoneMinder/Control/Sony.pm new file mode 100644 index 000000000..d35c89caa --- /dev/null +++ b/scripts/ZoneMinder/lib/ZoneMinder/Control/Sony.pm @@ -0,0 +1,343 @@ +# ========================================================================== +# +# ZoneMinder Sony Network Camera SNC-EP521 Control Protocol Module, date: Sun Jun 22 10:26:25 IRDT 2014 +# Copyright (C) 2013-2014 Iman Darabi +# +# This program is free software; you can redistribute it and/or +# modify it under the terms of the GNU General Public License +# as published by the Free Software Foundation; either version 2 +# of the License, or (at your option) any later version. +# +# This program is distributed in the hope that it will be useful, +# but WITHOUT ANY WARRANTY; without even the implied warranty of +# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the +# GNU General Public License for more details. +# +# You should have received a copy of the GNU General Public License +# along with this program; if not, write to the Free Software +# Foundation, Inc., 59 Temple Place - Suite 330, Boston, MA 02111-1307, USA. +# +# ========================================================================== +# +# This module contains the implementation of the Sony Network Camera PTZ API +# +package ZoneMinder::Control::Sony; + +use 5.006; +use strict; +use warnings; + +require ZoneMinder::Base; +require ZoneMinder::Control; + +our @ISA = qw(ZoneMinder::Control); + +our $VERSION = $ZoneMinder::Base::VERSION; + +# ========================================================================== +# +# Sony Network Camera Control Protocol +# +# ========================================================================== + +use ZoneMinder::Logger qw(:all); +use ZoneMinder::Config qw(:all); + +sub open { + my $self = shift; + + $self->loadMonitor(); + + use LWP::UserAgent; + $self->{ua} = LWP::UserAgent->new; + $self->{ua}->agent( "ZoneMinder Control Agent/".ZM_VERSION ); + + $self->{state} = 'open'; +} + +sub sendCmd { + my $self = shift; + my $cmd = shift; + + my $result = undef; + + printMsg($cmd, 'Tx'); + + #print( "http://$address/$cmd\n" ); + my $req = HTTP::Request->new( GET=>'http://'.$self->{Monitor}->{ControlAddress}.'/'.$cmd); + my $res = $self->{ua}->request($req); + + if ( $res->is_success ) { + $result = !undef; + } else { + Error("Error check failed: '".$res->status_line()."'" ); + } + + return $result; +} + +sub moveConUp { + my $self = shift; + Debug('Move Up'); + + my $cmd = '/command/ptzf.cgi?Move=up,8,1'; + $self->sendCmd($cmd); +} + +sub moveConDown { + my $self = shift; + Debug( "Move Down" ); + + my $cmd = "/command/ptzf.cgi?Move=down,8,1"; + $self->sendCmd( $cmd ); +} + +sub moveConLeft { + my $self = shift; + Debug( "Move Left" ); + + my $cmd = "/command/ptzf.cgi?Move=left,8,1"; + $self->sendCmd( $cmd ); +} + +sub moveConRight { + my $self = shift; + Debug( "Move Right" ); + + my $cmd = "/command/ptzf.cgi?Move=right,8,1"; + $self->sendCmd( $cmd ); +} + +sub moveConUpRight { + my $self = shift; + Debug( "Move Up/Right" ); + + my $cmd = "/command/ptzf.cgi?Move=up-right,8,1"; + $self->sendCmd( $cmd ); +} + +sub moveConUpLeft { + my $self = shift; + Debug( "Move Up/Left" ); + + my $cmd = "/command/ptzf.cgi?Move=up-left,8,1"; + $self->sendCmd( $cmd ); +} + +sub moveConDownRight { + my $self = shift; + Debug( "Move Down/Right" ); + + my $cmd = "/command/ptzf.cgi?Move=down-right,8,1"; + $self->sendCmd( $cmd ); +} + +sub moveConDownLeft { + my $self = shift; + Debug( "Move Down/Left" ); + + my $cmd = "/command/ptzf.cgi?Move=down-left,8,1"; + $self->sendCmd( $cmd ); +} + +sub moveMap { + my $self = shift; + my $params = shift; + my $xcoord = $self->getParam( $params, 'xcoord' ); + my $ycoord = $self->getParam( $params, 'ycoord' ); + + Debug( "Move Map to $xcoord,$ycoord" ); + + my $cmd = "/command/ptzf.cgi?AreaZoom=$xcoord,$ycoord,$self->{Monitor}->{Width},$self->{Monitor}->{Height}"; + $self->sendCmd( $cmd ); +} + +sub moveRelUp { + my $self = shift; + my $params = shift; + my $step = $self->getParam($params, 'tiltstep'); + Debug("Step Up $step"); + + my $cmd = "/command/ptzf.cgi?relative=08$step"; + $self->sendCmd($cmd); +} + +sub moveRelDown { + my $self = shift; + my $params = shift; + my $step = $self->getParam($params, 'tiltstep'); + Debug( "Step Down $step" ); + my $cmd = "/command/ptzf.cgi?relative=02$step"; + $self->sendCmd($cmd); +} + +sub moveRelLeft { + my $self = shift; + my $params = shift; + my $step = $self->getParam( $params, 'panstep' ); + Debug( "Step Left $step" ); + my $cmd = "/command/ptzf.cgi?relative=04$step"; + $self->sendCmd($cmd); +} + +sub moveRelRight { + my $self = shift; + my $params = shift; + my $step = $self->getParam( $params, 'panstep' ); + Debug( "Step Right $step" ); + my $cmd = "/command/ptzf.cgi?relative=06$step"; + $self->sendCmd($cmd); +} + +sub moveRelUpRight { + my $self = shift; + my $params = shift; + my $panstep = $self->getParam( $params, 'panstep' ); + my $tiltstep = $self->getParam( $params, 'tiltstep' ); + Debug("Step Up/Right $tiltstep/$panstep"); + my $cmd = "/command/ptzf.cgi?relative=0905"; + $self->sendCmd($cmd); +} + +sub moveRelUpLeft { + my $self = shift; + my $params = shift; + my $panstep = $self->getParam($params, 'panstep'); + my $tiltstep = $self->getParam($params, 'tiltstep'); + Debug("Step Up/Left $tiltstep/$panstep"); + my $cmd = '/command/ptzf.cgi?relative=0705'; + $self->sendCmd( $cmd ); +} + +sub moveRelDownRight { + my $self = shift; + my $params = shift; + my $panstep = $self->getParam($params, 'panstep'); + my $tiltstep = $self->getParam($params, 'tiltstep'); + Debug("Step Down/Right $tiltstep/$panstep"); + my $cmd = '/command/ptzf.cgi?relative=0305'; + $self->sendCmd($cmd); +} + +sub moveRelDownLeft { + my $self = shift; + my $params = shift; + my $panstep = $self->getParam( $params, 'panstep'); + my $tiltstep = $self->getParam( $params, 'tiltstep'); + Debug("Step Down/Left $tiltstep/$panstep"); + my $cmd = '/command/ptzf.cgi?relative=0105'; + $self->sendCmd($cmd); +} + +sub moveStop { + my $self = shift; + Debug('Move Stop'); + + $self->sendCmd('/command/ptzf.cgi?Move=stop,pantilt,1'); + $self->sendCmd('/command/ptzf.cgi?Move=stop,zoom,1'); +} + +sub zoomRelTele { + my $self = shift; + my $params = shift; + my $step = $self->getParam($params, 'step'); + Debug('Zoom Tele'); + + my $cmd = '/command/ptzf.cgi?Move=tele,8'; + $self->sendCmd($cmd); + $self->sendCmd($cmd); # do it twice, so faster, why don't affect? + + my $cmd = '/command/ptzf.cgi?Move=stop,zoom,1'; + $self->sendCmd($cmd); +} + +sub zoomRelWide { + my $self = shift; + my $params = shift; + my $step = $self->getParam($params, 'step'); + Debug('Zoom Wide'); + + my $cmd = '/command/ptzf.cgi?Move=wide,8'; + $self->sendCmd( $cmd ); + $self->sendCmd( $cmd ); # do it twice, so faster, why don't affect? + + my $cmd = '/command/ptzf.cgi?Move=stop,zoom,1'; + $self->sendCmd( $cmd ); +} + +sub zoomConWide { + my $self = shift; + Debug('zoom ConWide'); + + my $cmd = '/command/ptzf.cgi?Move=wide,4'; + $self->sendCmd( $cmd ); +} + +sub zoomConTele { + my $self = shift; + Debug( "zoom ConTele" ); + + my $cmd = "/command/ptzf.cgi?Move=tele,4"; + $self->sendCmd( $cmd ); + +} + +sub presetClear { + my $self = shift; + my $params = shift; + my $preset = $self->getParam($params, 'preset'); + Debug("Clear Preset $preset"); + my $cmd = "/command/presetposition.cgi?PresetClear=$preset,1"; + $self->sendCmd($cmd); +} + +sub presetSet { + my $self = shift; + my $params = shift; + my $preset = $self->getParam($params, 'preset'); + Debug("Set Preset $preset"); + my $cmd = "/command/presetposition.cgi?PresetSet=$preset,No.$preset,on,1"; + $self->sendCmd($cmd); +} + +sub presetGoto { + my $self = shift; + my $params = shift; + my $preset = $self->getParam($params, 'preset'); + Debug("Goto Preset $preset"); + my $cmd = "/command/presetposition.cgi?PresetCall=$preset,12,1"; + $self->sendCmd($cmd); +} + +sub presetHome { + my $self = shift; + Debug('Home Preset'); + my $cmd = '/command/presetposition.cgi?HomePos=ptz-recall'; + $self->sendCmd( $cmd ); +} + +1; +__END__ + +=head1 NAME + +ZoneMinder::Control::Sony - PTZ driver for Sony cameras + +=head1 SYNOPSIS + +This file is used by zmcontrol.pl to talk to Sony cameras. + +=head1 AUTHOR + +iman darabi, Eiman.darabi@gmail.com +Updated by Isaac Connor Eisaac@zoneminder.com + +=head1 COPYRIGHT AND LICENSE + +Copyright (C) 2013-2014 Iman Darabi + +This library is free software; you can redistribute it and/or modify +it under the same terms as Perl itself, either Perl version 5.8.3 or, +at your option, any later version of Perl 5 you may have available. + +=cut From 5f702c1905466bd5ff1568741d61d7e794998a4f Mon Sep 17 00:00:00 2001 From: Isaac Connor Date: Thu, 3 Oct 2019 17:36:57 -0400 Subject: [PATCH 678/922] WHen instantiating the client, can't get services because we havn't set credentials yet --- onvif/modules/lib/ONVIF/Client.pm | 55 ++++++++++++------------------- 1 file changed, 21 insertions(+), 34 deletions(-) diff --git a/onvif/modules/lib/ONVIF/Client.pm b/onvif/modules/lib/ONVIF/Client.pm index 00137b90a..90bfdd512 100644 --- a/onvif/modules/lib/ONVIF/Client.pm +++ b/onvif/modules/lib/ONVIF/Client.pm @@ -74,40 +74,34 @@ my %soap_version_of :ATTR(:default<('1.1')>); # ========================================================================= # private methods -sub service -{ +sub service { my ($self, $serviceName, $attr) = @_; #print "service: " . $services_of{${$self}}{$serviceName}{$attr} . "\n"; # Please note that the Std::Class::Fast docs say not to use ident. $services_of{ident $self}{$serviceName}{$attr}; } -sub set_service -{ +sub set_service { my ($self, $serviceName, $attr, $value) = @_; $services_of{ident $self}{$serviceName}{$attr} = $value; } -sub serializer -{ +sub serializer { my ($self) = @_; $serializer_of{ident $self}; } -sub set_serializer -{ +sub set_serializer { my ($self, $serializer) = @_; $serializer_of{ident $self} = $serializer; } -sub soap_version -{ +sub soap_version { my ($self) = @_; $soap_version_of{ident $self}; } -sub set_soap_version -{ +sub set_soap_version { my ($self, $soap_version) = @_; $soap_version_of{ident $self} = $soap_version; @@ -138,7 +132,7 @@ sub get_service_urls { # Some devices do not support getServices, so we have to try getCapabilities $result = $self->service('device', 'ep')->GetCapabilities( {}, , ); - if ( ! $result ) { + if ( !$result ) { print "No results from GetCapabilities: $result\n"; return; } @@ -147,7 +141,7 @@ sub get_service_urls { foreach my $capability ( 'PTZ', 'Media', 'Imaging', 'Events', 'Device' ) { if ( my $function = $capabilities->can( "get_$capability" ) ) { my $Services = $function->( $capabilities ); - if ( ! $Services ) { + if ( !$Services ) { print "Nothing returned ffrom get_$capability\n"; } else { foreach my $svc ( @{ $Services } ) { @@ -188,11 +182,7 @@ sub http_digest { }; } -# ========================================================================= - - -sub BUILD -{ +sub BUILD { my ($self, $ident, $args_ref) = @_; my $url_svc_device = $args_ref->{'url_svc_device'}; @@ -214,12 +204,11 @@ sub BUILD $services_of{$ident}{'device'} = { url => $url_svc_device, ep => $svc_device }; - $self->get_service_urls(); - + # Can't, don't have credentials yet + #$self->get_service_urls(); } -sub get_users -{ +sub get_users { my ($self) = @_; my $result = $self->service('device', 'ep')->GetUsers( { },, ); @@ -228,8 +217,7 @@ sub get_users # print $result . "\n"; } -sub create_user -{ +sub create_user { my ($self, $username, $password) = @_; my $result = $self->service('device', 'ep')->CreateUsers( { @@ -245,11 +233,9 @@ sub create_user die $result if not $result; # print $result . "\n"; - } -sub set_credentials -{ +sub set_credentials { my ($self, $username, $password, $create_if_not_exists) = @_; # TODO: snyc device and client time @@ -271,18 +257,19 @@ sub set_credentials } # use this after set_credentials -sub create_services -{ +sub create_services { my ($self) = @_; - if(defined $self->service('media', 'url')) { + #$self->get_service_urls(); + + if ( defined $self->service('media', 'url') ) { $self->set_service('media', 'ep', ONVIF::Media::Interfaces::Media::MediaPort->new({ proxy => $self->service('media', 'url'), serializer => $self->serializer(), # transport => $transport })); } - if(defined $self->service('ptz', 'url')) { + if ( defined $self->service('ptz', 'url') ) { $self->set_service('ptz', 'ep', ONVIF::PTZ::Interfaces::PTZ::PTZPort->new({ proxy => $self->service('ptz', 'url'), serializer => $self->serializer(), @@ -291,11 +278,11 @@ sub create_services } } -sub get_endpoint -{ +sub get_endpoint { my ($self, $serviceType) = @_; $self->service($serviceType, 'ep'); } 1; +__END__ From 12f75c32de2deebc8725eafa94c7d04d9de6e2f2 Mon Sep 17 00:00:00 2001 From: Isaac Connor Date: Thu, 3 Oct 2019 17:54:41 -0400 Subject: [PATCH 679/922] Fix version --- scripts/ZoneMinder/lib/ZoneMinder/Control/Sony.pm | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/scripts/ZoneMinder/lib/ZoneMinder/Control/Sony.pm b/scripts/ZoneMinder/lib/ZoneMinder/Control/Sony.pm index d35c89caa..d78049b25 100644 --- a/scripts/ZoneMinder/lib/ZoneMinder/Control/Sony.pm +++ b/scripts/ZoneMinder/lib/ZoneMinder/Control/Sony.pm @@ -50,7 +50,7 @@ sub open { use LWP::UserAgent; $self->{ua} = LWP::UserAgent->new; - $self->{ua}->agent( "ZoneMinder Control Agent/".ZM_VERSION ); + $self->{ua}->agent( "ZoneMinder Control Agent/".$VERSION ); $self->{state} = 'open'; } From 0515fe51fd5b8713e68857869b1e4feed37c4379 Mon Sep 17 00:00:00 2001 From: Isaac Connor Date: Thu, 3 Oct 2019 17:59:34 -0400 Subject: [PATCH 680/922] debug --- scripts/ZoneMinder/lib/ZoneMinder/Control/Sony.pm | 8 ++++---- 1 file changed, 4 insertions(+), 4 deletions(-) diff --git a/scripts/ZoneMinder/lib/ZoneMinder/Control/Sony.pm b/scripts/ZoneMinder/lib/ZoneMinder/Control/Sony.pm index d78049b25..25df76c99 100644 --- a/scripts/ZoneMinder/lib/ZoneMinder/Control/Sony.pm +++ b/scripts/ZoneMinder/lib/ZoneMinder/Control/Sony.pm @@ -50,7 +50,7 @@ sub open { use LWP::UserAgent; $self->{ua} = LWP::UserAgent->new; - $self->{ua}->agent( "ZoneMinder Control Agent/".$VERSION ); + $self->{ua}->agent( 'ZoneMinder Control Agent/'.$VERSION ); $self->{state} = 'open'; } @@ -70,7 +70,7 @@ sub sendCmd { if ( $res->is_success ) { $result = !undef; } else { - Error("Error check failed: '".$res->status_line()."'" ); + Error("Error check failed: '".$res->status_line()."'"); } return $result; @@ -183,8 +183,8 @@ sub moveRelLeft { sub moveRelRight { my $self = shift; my $params = shift; - my $step = $self->getParam( $params, 'panstep' ); - Debug( "Step Right $step" ); + my $step = $self->getParam($params, 'panstep'); + Debug((ref $self)."Step Right $step"); my $cmd = "/command/ptzf.cgi?relative=06$step"; $self->sendCmd($cmd); } From 5799815c2e00c54547b6250c72836d672aea4ff8 Mon Sep 17 00:00:00 2001 From: Isaac Connor Date: Thu, 3 Oct 2019 18:09:15 -0400 Subject: [PATCH 681/922] Better debugging --- scripts/ZoneMinder/lib/ZoneMinder/Control.pm | 7 ++++++- scripts/ZoneMinder/lib/ZoneMinder/Control/Sony.pm | 13 +++++-------- 2 files changed, 11 insertions(+), 9 deletions(-) diff --git a/scripts/ZoneMinder/lib/ZoneMinder/Control.pm b/scripts/ZoneMinder/lib/ZoneMinder/Control.pm index 4a6681fd2..6285d5739 100644 --- a/scripts/ZoneMinder/lib/ZoneMinder/Control.pm +++ b/scripts/ZoneMinder/lib/ZoneMinder/Control.pm @@ -61,7 +61,12 @@ sub DESTROY { sub AUTOLOAD { my $self = shift; - my $class = ref($self) || Fatal("$self not object"); + my $class = ref($self); + if ( !$class ) { + my ( $caller, undef, $line ) = caller; + Fatal("$self not object from $caller:$line"); + } + my $name = $AUTOLOAD; $name =~ s/.*://; if ( exists($self->{$name}) ) { diff --git a/scripts/ZoneMinder/lib/ZoneMinder/Control/Sony.pm b/scripts/ZoneMinder/lib/ZoneMinder/Control/Sony.pm index 25df76c99..463fddb52 100644 --- a/scripts/ZoneMinder/lib/ZoneMinder/Control/Sony.pm +++ b/scripts/ZoneMinder/lib/ZoneMinder/Control/Sony.pm @@ -32,8 +32,6 @@ require ZoneMinder::Control; our @ISA = qw(ZoneMinder::Control); -our $VERSION = $ZoneMinder::Base::VERSION; - # ========================================================================== # # Sony Network Camera Control Protocol @@ -50,7 +48,7 @@ sub open { use LWP::UserAgent; $self->{ua} = LWP::UserAgent->new; - $self->{ua}->agent( 'ZoneMinder Control Agent/'.$VERSION ); + $self->{ua}->agent('ZoneMinder Control Agent/'.$ZoneMinder::Base::VERSION); $self->{state} = 'open'; } @@ -102,10 +100,9 @@ sub moveConLeft { sub moveConRight { my $self = shift; - Debug( "Move Right" ); - - my $cmd = "/command/ptzf.cgi?Move=right,8,1"; - $self->sendCmd( $cmd ); + Debug('Move Right'); + my $cmd = '/command/ptzf.cgi?Move=right,8,1'; + $self->sendCmd($cmd); } sub moveConUpRight { @@ -206,7 +203,7 @@ sub moveRelUpLeft { my $tiltstep = $self->getParam($params, 'tiltstep'); Debug("Step Up/Left $tiltstep/$panstep"); my $cmd = '/command/ptzf.cgi?relative=0705'; - $self->sendCmd( $cmd ); + $self->sendCmd($cmd); } sub moveRelDownRight { From 5aa639ff7651385665089b1f839bd14722b4c4f5 Mon Sep 17 00:00:00 2001 From: Isaac Connor Date: Thu, 3 Oct 2019 18:11:54 -0400 Subject: [PATCH 682/922] use common printMsg --- scripts/ZoneMinder/lib/ZoneMinder/Control/Sony.pm | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/scripts/ZoneMinder/lib/ZoneMinder/Control/Sony.pm b/scripts/ZoneMinder/lib/ZoneMinder/Control/Sony.pm index 463fddb52..3e5e0d4f4 100644 --- a/scripts/ZoneMinder/lib/ZoneMinder/Control/Sony.pm +++ b/scripts/ZoneMinder/lib/ZoneMinder/Control/Sony.pm @@ -59,7 +59,7 @@ sub sendCmd { my $result = undef; - printMsg($cmd, 'Tx'); + $self->printMsg($cmd, 'Tx'); #print( "http://$address/$cmd\n" ); my $req = HTTP::Request->new( GET=>'http://'.$self->{Monitor}->{ControlAddress}.'/'.$cmd); From 436c46207fff904b8a34f60f484a4a0f0adb548c Mon Sep 17 00:00:00 2001 From: Simpler1 Date: Fri, 4 Oct 2019 22:52:51 -0400 Subject: [PATCH 683/922] Remove dash from IPCC7210W.pm --- scripts/ZoneMinder/lib/ZoneMinder/Control/IPCC7210W.pm | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/scripts/ZoneMinder/lib/ZoneMinder/Control/IPCC7210W.pm b/scripts/ZoneMinder/lib/ZoneMinder/Control/IPCC7210W.pm index c18b37485..92855e05b 100644 --- a/scripts/ZoneMinder/lib/ZoneMinder/Control/IPCC7210W.pm +++ b/scripts/ZoneMinder/lib/ZoneMinder/Control/IPCC7210W.pm @@ -22,7 +22,7 @@ # This module contains the implementation of the # IPCC-7210W IP camera control protocol # -package ZoneMinder::Control::IPCC-7210W; +package ZoneMinder::Control::IPCC7210W; use 5.006; use strict; From dc191d3833fa76e22bb0101cb93845c858d179da Mon Sep 17 00:00:00 2001 From: Isaac Connor Date: Sat, 5 Oct 2019 16:55:00 -0400 Subject: [PATCH 684/922] Use my docker for trusty and xenial --- .travis.yml | 4 ++-- 1 file changed, 2 insertions(+), 2 deletions(-) diff --git a/.travis.yml b/.travis.yml index d53caf21a..62103a437 100644 --- a/.travis.yml +++ b/.travis.yml @@ -35,8 +35,8 @@ env: - SMPFLAGS=-j4 OS=el DIST=7 - SMPFLAGS=-j4 OS=fedora DIST=28 DOCKER_REPO=knnniggett/packpack - SMPFLAGS=-j4 OS=fedora DIST=29 DOCKER_REPO=knnniggett/packpack - - SMPFLAGS=-j4 OS=ubuntu DIST=trusty - - SMPFLAGS=-j4 OS=ubuntu DIST=xenial + - SMPFLAGS=-j4 OS=ubuntu DIST=trusty DOCKER_REPO=iconzm/packpack + - SMPFLAGS=-j4 OS=ubuntu DIST=xenial DOCKER_REPO=iconzm/packpack - SMPFLAGS=-j4 OS=ubuntu DIST=bionic DOCKER_REPO=iconzm/packpack - SMPFLAGS=-j4 OS=ubuntu DIST=disco DOCKER_REPO=iconzm/packpack - SMPFLAGS=-j4 OS=debian DIST=buster DOCKER_REPO=iconzm/packpack From 5040d5b07587985364e693e65d6353b2236048e5 Mon Sep 17 00:00:00 2001 From: Isaac Connor Date: Sat, 5 Oct 2019 16:56:05 -0400 Subject: [PATCH 685/922] remove extra ( --- web/skins/classic/views/function.php | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/web/skins/classic/views/function.php b/web/skins/classic/views/function.php index 199ec736c..022853eaf 100644 --- a/web/skins/classic/views/function.php +++ b/web/skins/classic/views/function.php @@ -50,7 +50,7 @@ foreach ( getEnumValues('Monitors', 'Function') as $optFunction ) { ?> - Enabled() ?' checked="checked"' : '' ?>/> + Enabled() ?' checked="checked"' : '' ?>/>

From 444580a61f7a88a396ce498c9138f4046beb7fb2 Mon Sep 17 00:00:00 2001 From: arushipandit <56163533+arushipandit@users.noreply.github.com> Date: Sun, 6 Oct 2019 19:55:56 +0530 Subject: [PATCH 686/922] Update ISSUE_TEMPLATE.md --- .github/ISSUE_TEMPLATE.md | 4 ++-- 1 file changed, 2 insertions(+), 2 deletions(-) diff --git a/.github/ISSUE_TEMPLATE.md b/.github/ISSUE_TEMPLATE.md index dbb351b80..610480e8e 100644 --- a/.github/ISSUE_TEMPLATE.md +++ b/.github/ISSUE_TEMPLATE.md @@ -21,8 +21,8 @@ In order to submit a bug report, please populate the fields below this line. Thi **If the issue concerns a camera** - Make and Model -- frame rate -- resolution +- Frame rate +- Resolution - ZoneMinder Source Type: **Describe the bug** From af6ead60a5feee783607a876ba06bffc8be8e3a5 Mon Sep 17 00:00:00 2001 From: Isaac Connor Date: Tue, 8 Oct 2019 12:31:01 -0400 Subject: [PATCH 687/922] Add USE_SFTP option to rsync_xfer to just use sftp install of sshfs to copy files over to zmrepo --- .travis.yml | 12 +++++----- utils/packpack/rsync_xfer.sh | 45 ++++++++++++++++++++++++------------ 2 files changed, 36 insertions(+), 21 deletions(-) diff --git a/.travis.yml b/.travis.yml index 62103a437..c2404072b 100644 --- a/.travis.yml +++ b/.travis.yml @@ -35,12 +35,12 @@ env: - SMPFLAGS=-j4 OS=el DIST=7 - SMPFLAGS=-j4 OS=fedora DIST=28 DOCKER_REPO=knnniggett/packpack - SMPFLAGS=-j4 OS=fedora DIST=29 DOCKER_REPO=knnniggett/packpack - - SMPFLAGS=-j4 OS=ubuntu DIST=trusty DOCKER_REPO=iconzm/packpack - - SMPFLAGS=-j4 OS=ubuntu DIST=xenial DOCKER_REPO=iconzm/packpack - - SMPFLAGS=-j4 OS=ubuntu DIST=bionic DOCKER_REPO=iconzm/packpack - - SMPFLAGS=-j4 OS=ubuntu DIST=disco DOCKER_REPO=iconzm/packpack - - SMPFLAGS=-j4 OS=debian DIST=buster DOCKER_REPO=iconzm/packpack - - SMPFLAGS=-j4 OS=debian DIST=stretch DOCKER_REPO=iconzm/packpack + - SMPFLAGS=-j4 OS=ubuntu DIST=trusty DOCKER_REPO=iconzm/packpack USE_SFTP=yes + - SMPFLAGS=-j4 OS=ubuntu DIST=xenial DOCKER_REPO=iconzm/packpack USE_SFTP=yes + - SMPFLAGS=-j4 OS=ubuntu DIST=bionic DOCKER_REPO=iconzm/packpack USE_SFTP=yes + - SMPFLAGS=-j4 OS=ubuntu DIST=disco DOCKER_REPO=iconzm/packpack USE_SFTP=yes + - SMPFLAGS=-j4 OS=debian DIST=buster DOCKER_REPO=iconzm/packpack USE_SFTP=yes + - SMPFLAGS=-j4 OS=debian DIST=stretch DOCKER_REPO=iconzm/packpack USE_SFTP=yes - SMPFLAGS=-j4 OS=ubuntu DIST=trusty ARCH=i386 - SMPFLAGS=-j4 OS=ubuntu DIST=xenial ARCH=i386 - SMPFLAGS=-j4 OS=ubuntu DIST=bionic ARCH=i386 diff --git a/utils/packpack/rsync_xfer.sh b/utils/packpack/rsync_xfer.sh index e2e7f8ed7..4a29abef6 100755 --- a/utils/packpack/rsync_xfer.sh +++ b/utils/packpack/rsync_xfer.sh @@ -25,26 +25,41 @@ if [ "${TRAVIS_EVENT_TYPE}" == "cron" ] || [ "${OS}" == "debian" ] || [ "${OS}" echo echo "Target subfolder set to $targetfolder" echo - - mkdir -p ./zmrepo - ssh_mntchk="$(sshfs zmrepo@zmrepo.zoneminder.com:./ ./zmrepo -o workaround=rename,reconnect 2>&1)" - - if [ -z "$ssh_mntchk" ]; then + if [ "${USE_SFTP}" == "yes" ]; then + results="$(sftp build/* "zmrepo@zmrepo.zoneminder.com:${targetfolder}/" 2>&1)" + if [ -z "$results" ]; then + echo + echo "Files copied successfully." echo - echo "Remote filesystem mounted successfully." - echo "Begin transfering files..." - echo - - # Don't keep packages older than 5 days - find ./zmrepo/$targetfolder/ -maxdepth 1 -type f,l -mtime +5 -delete - rsync -vzlh --ignore-errors build/* zmrepo/$targetfolder/ - fusermount -zu zmrepo - else + else echo echo "ERROR: Attempt to mount zmrepo.zoneminder.com failed!" echo "sshfs gave the following error message:" - echo \"$ssh_mntchk\" + echo \"$results\" echo exit 99 + fi + else + mkdir -p ./zmrepo + ssh_mntchk="$(sshfs zmrepo@zmrepo.zoneminder.com:./ ./zmrepo -o workaround=rename,reconnect 2>&1)" + + if [ -z "$ssh_mntchk" ]; then + echo + echo "Remote filesystem mounted successfully." + echo "Begin transfering files..." + echo + + # Don't keep packages older than 5 days + find ./zmrepo/$targetfolder/ -maxdepth 1 -type f,l -mtime +5 -delete + rsync -vzlh --ignore-errors build/* zmrepo/$targetfolder/ + fusermount -zu zmrepo + else + echo + echo "ERROR: Attempt to mount zmrepo.zoneminder.com failed!" + echo "sshfs gave the following error message:" + echo \"$ssh_mntchk\" + echo + exit 99 + fi fi fi From 55b1d29927c4f6cd225e37417feebb9fbfeada85 Mon Sep 17 00:00:00 2001 From: Isaac Connor Date: Tue, 8 Oct 2019 18:06:52 -0400 Subject: [PATCH 688/922] better error messages when no command is given to zmcontrol --- scripts/zmcontrol.pl.in | 11 +++++++---- 1 file changed, 7 insertions(+), 4 deletions(-) diff --git a/scripts/zmcontrol.pl.in b/scripts/zmcontrol.pl.in index 4916ffd6a..b68697ebc 100644 --- a/scripts/zmcontrol.pl.in +++ b/scripts/zmcontrol.pl.in @@ -29,7 +29,7 @@ use Getopt::Long; use autouse 'Pod::Usage'=>qw(pod2usage); use POSIX qw/strftime EPIPE/; use Socket; -#use Data::Dumper; +use Data::Dumper; use Module::Load::Conditional qw{can_load}; use constant MAX_CONNECT_DELAY => 15; @@ -173,14 +173,17 @@ if ( $options{command} ) { next if !$message; my $params = jsonDecode($message); - #Debug( Dumper( $params ) ); + Debug( Dumper( $params ) ); my $command = $params->{command}; - close( CLIENT ); + close(CLIENT); if ( $command eq 'quit' ) { last; + } elsif ( $command ) { + $control->$command($params); + } else { + Warning("No command in $message"); } - $control->$command($params); } else { Fatal('Bogus descriptor'); } From 4126554092dbba62d40cb1b1397ed28d493d512e Mon Sep 17 00:00:00 2001 From: Isaac Connor Date: Tue, 8 Oct 2019 18:07:33 -0400 Subject: [PATCH 689/922] Move sendControlCommand out of includes/control_functions.php into Monitor.php. Make it smarted about talking to zmcontrol.pl. Fix sending the quit command --- web/ajax/control.php | 35 ++----------- web/includes/Monitor.php | 80 ++++++++++++++++++++++++++++++ web/includes/actions/control.php | 2 +- web/includes/actions/monitor.php | 2 +- web/includes/actions/settings.php | 1 - web/includes/actions/zone.php | 19 ++++--- web/includes/control_functions.php | 40 +-------------- 7 files changed, 95 insertions(+), 84 deletions(-) diff --git a/web/ajax/control.php b/web/ajax/control.php index 8bdac53b8..2dfa551a9 100644 --- a/web/ajax/control.php +++ b/web/ajax/control.php @@ -16,41 +16,12 @@ if ( canView('Control', $_REQUEST['id']) ) { return; } - $socket = socket_create(AF_UNIX, SOCK_STREAM, 0); - if ( !$socket ) - ajaxError('socket_create() failed: '.socket_strerror(socket_last_error())); - - $sock_file = ZM_PATH_SOCKS.'/zmcontrol-'.$monitor->Id().'.sock'; - if ( @socket_connect($socket, $sock_file) ) { - $options = array(); - foreach ( explode(' ', $ctrlCommand) as $option ) { - if ( preg_match('/--([^=]+)(?:=(.+))?/', $option, $matches) ) { - $options[$matches[1]] = !empty($matches[2])?$matches[2]:1; - } - } - $option_string = jsonEncode($options); - if ( !socket_write($socket, $option_string) ) - ajaxError("socket_write() failed: ".socket_strerror(socket_last_error())); - ajaxResponse('Used socket'); - //socket_close( $socket ); + if ( $monitor->sendControlCommand($ctrlCommand) ) { + ajaxResponse('Success'); } else { - $ctrlCommand .= ' --id='.$monitor->Id(); - - // Can't connect so use script - $ctrlStatus = ''; - $ctrlOutput = array(); - exec( escapeshellcmd( $ctrlCommand ), $ctrlOutput, $ctrlStatus ); - if ( $ctrlStatus ) - ajaxError($ctrlCommand.'=>'.join(' // ', $ctrlOutput)); - ajaxResponse('Used script'); + ajaxError('Failed'); } } ajaxError('Unrecognised action or insufficient permissions'); - -function ajaxCleanup() { - global $socket; - if ( !empty( $socket ) ) - @socket_close($socket); -} ?> diff --git a/web/includes/Monitor.php b/web/includes/Monitor.php index d68d33930..b46edfcf7 100644 --- a/web/includes/Monitor.php +++ b/web/includes/Monitor.php @@ -459,5 +459,85 @@ private $status_fields = array( //ZM_MIN_STREAMING_PORT ? (ZM_MIN_STREAMING_PORT+$this->Id()) : null); } +public function sendControlCommand($command) { + // command is generally a command option list like --command=blah but might be just the word quit + + $options = array(); + # Convert from a command line params to an option array + foreach ( explode(' ', $command) as $option ) { + if ( preg_match('/--([^=]+)(?:=(.+))?/', $option, $matches) ) { + $options[$matches[1]] = $matches[2]?$matches[2]:1; + } else if ( $option != 'quit' ) { + Warning("Ignored command for zmcontrol $option in $command"); + } + } + if ( !count($options) ) { + if ( $command == 'quit' ) { + $options['command'] = 'quit'; + } else { + Warning("No commands to send to zmcontrol from $command"); + return false; + } + } + + if ( (!defined('ZM_SERVER_ID')) or ( array_key_exists('ServerId', $this) and (ZM_SERVER_ID==$this->{'ServerId'}) ) ) { + # Local + Logger::Debug('Trying to send options ' . print_r($options, true)); + + $optionString = jsonEncode($options); + Logger::Debug("Trying to send options $optionString"); + // Either connects to running zmcontrol.pl or runs zmcontrol.pl to send the command. + $socket = socket_create(AF_UNIX, SOCK_STREAM, 0); + if ( $socket < 0 ) { + Error('socket_create() failed: '.socket_strerror($socket)); + return false; + } + $sockFile = ZM_PATH_SOCKS.'/zmcontrol-'.$this->{'Id'}.'.sock'; + if ( @socket_connect($socket, $sockFile) ) { + if ( !socket_write($socket, $optionString) ) { + Error('Can\'t write to control socket: '.socket_strerror(socket_last_error($socket))); + return false; + } + } else if ( $command != 'quit' ) { + $command = ZM_PATH_BIN.'/zmcontrol.pl '.$command.' --id='.$this->{'Id'}; + + // Can't connect so use script + $ctrlOutput = exec(escapeshellcmd($command)); + } + socket_close($socket); + } else if ( $this->ServerId() ) { + $Server = $this->Server(); + + $url = ZM_BASE_PROTOCOL . '://'.$Server->Hostname().'/zm/api/monitors/daemonControl/'.$this->{'Id'}.'/'.$mode.'/zmcontrol.json'; + if ( ZM_OPT_USE_AUTH ) { + if ( ZM_AUTH_RELAY == 'hashed' ) { + $url .= '?auth='.generateAuthHash( ZM_AUTH_HASH_IPS ); + } else if ( ZM_AUTH_RELAY == 'plain' ) { + $url = '?user='.$_SESSION['username']; + $url = '?pass='.$_SESSION['password']; + } else if ( ZM_AUTH_RELAY == 'none' ) { + $url = '?user='.$_SESSION['username']; + } + } + Logger::Debug("sending command to $url"); + + $context = stream_context_create(); + try { + $result = file_get_contents($url, false, $context); + if ($result === FALSE) { /* Handle error */ + Error("Error restarting zma using $url"); + return false; + } + } catch ( Exception $e ) { + Error("Except $e thrown trying to restart zma"); + return false; + } + } else { + Error('Server not assigned to Monitor in a multi-server setup. Please assign a server to the Monitor.'); + return false; + } // end if we are on the recording server + return true; + } // end function sendControlCommand($mid, $command) + } // end class Monitor ?> diff --git a/web/includes/actions/control.php b/web/includes/actions/control.php index 5dff5a5d2..5c996e636 100644 --- a/web/includes/actions/control.php +++ b/web/includes/actions/control.php @@ -35,7 +35,7 @@ if ( $action == 'control' ) { $monitor = new ZM\Monitor($mid); $ctrlCommand = buildControlCommand($monitor); - sendControlCommand($monitor->Id(), $ctrlCommand); + $monitor->sendControlCommand($ctrlCommand); $view = 'none'; } ?> diff --git a/web/includes/actions/monitor.php b/web/includes/actions/monitor.php index 53e533035..058ae1d8b 100644 --- a/web/includes/actions/monitor.php +++ b/web/includes/actions/monitor.php @@ -256,7 +256,7 @@ if ( $action == 'monitor' ) { if ( $monitor->Controllable() ) { require_once('includes/control_functions.php'); - sendControlCommand($mid, 'quit'); + $monitor->sendControlCommand('quit'); } } // really should thump zmwatch and maybe zmtrigger too. diff --git a/web/includes/actions/settings.php b/web/includes/actions/settings.php index 25c4f76d4..c33f3a54c 100644 --- a/web/includes/actions/settings.php +++ b/web/includes/actions/settings.php @@ -29,7 +29,6 @@ if ( ! canView('Control', $_REQUEST['mid']) ) { return; } -require_once('control_functions.php'); require_once('Monitor.php'); $mid = validInt($_REQUEST['mid']); if ( $action == 'settings' ) { diff --git a/web/includes/actions/zone.php b/web/includes/actions/zone.php index cc7db0226..b42aa4318 100644 --- a/web/includes/actions/zone.php +++ b/web/includes/actions/zone.php @@ -23,7 +23,7 @@ if ( !empty($_REQUEST['mid']) && canEdit('Monitors', $_REQUEST['mid']) ) { $mid = validInt($_REQUEST['mid']); if ( $action == 'zone' && isset($_REQUEST['zid']) ) { $zid = validInt($_REQUEST['zid']); - $monitor = dbFetchOne('SELECT * FROM Monitors WHERE Id=?', NULL, array($mid)); + $monitor = new ZM\Monitor($mid); if ( !empty($zid) ) { $zone = dbFetchOne('SELECT * FROM Zones WHERE MonitorId=? AND Id=?', NULL, array($mid, $zid)); @@ -60,21 +60,20 @@ if ( !empty($_REQUEST['mid']) && canEdit('Monitors', $_REQUEST['mid']) ) { } else { dbQuery('INSERT INTO Zones SET MonitorId=?, '.implode(', ', $changes), array($mid)); } - if ( daemonCheck() && ($monitor['Type'] != 'WebSite') ) { + if ( daemonCheck() && ($monitor->Type() != 'WebSite') ) { if ( $_REQUEST['newZone']['Type'] == 'Privacy' ) { - zmaControl($monitor, 'stop'); - zmcControl($monitor, 'restart'); - zmaControl($monitor, 'start'); + $monitor->zmaControl('stop'); + $monitor->zmcControl('restart'); + $monitor->zmaControl('start'); } else { - zmaControl($monitor, 'restart'); + $monitor->zmaControl('restart'); } } - if ( ($_REQUEST['newZone']['Type'] == 'Privacy') && $monitor['Controllable'] ) { - require_once('control_functions.php'); - sendControlCommand($mid, 'quit'); + if ( ($_REQUEST['newZone']['Type'] == 'Privacy') && $monitor->Controllable() ) { + $monitor->sendControlCommand('quit'); } $refreshParent = true; - } + } // end if changes $view = 'none'; } // end if action } // end if $mid and canEdit($mid) diff --git a/web/includes/control_functions.php b/web/includes/control_functions.php index eb61b8b05..91c886b82 100644 --- a/web/includes/control_functions.php +++ b/web/includes/control_functions.php @@ -1,7 +1,7 @@ Control(); if ( isset($_REQUEST['xge']) || isset($_REQUEST['yge']) ) { @@ -740,41 +740,3 @@ function buildControlCommand($monitor) { return $ctrlCommand; } -function sendControlCommand($mid, $command) { - - $options = array(); - foreach ( explode(' ', $command) as $option ) { - if ( preg_match('/--([^=]+)(?:=(.+))?/', $option, $matches) ) { - $options[$matches[1]] = $matches[2]?$matches[2]:1; - } else { - ZM\Warning("Ignored command for zmcontrol $option in $command"); - } - } - if ( !count($options) ) { - if ( $command == 'quit' ) { - $options['quit'] = 1; - } else { - ZM\Warning("No commands to send to zmcontrol from $command"); - return; - } - } - - $optionString = jsonEncode($options); - // Either connects to running zmcontrol.pl or runs zmcontrol.pl to send the command. - $socket = socket_create(AF_UNIX, SOCK_STREAM, 0); - if ( $socket < 0 ) { - ZM\Fatal('socket_create() failed: '.socket_strerror($socket)); - } - $sockFile = ZM_PATH_SOCKS.'/zmcontrol-'.$mid.'.sock'; - if ( @socket_connect($socket, $sockFile) ) { - if ( !socket_write($socket, $optionString) ) { - ZM\Fatal("Can't write to control socket: ".socket_strerror(socket_last_error($socket))); - } - socket_close($socket); - } else if ( $command != 'quit' ) { - $command .= ' --id='.$mid; - - // Can't connect so use script - $ctrlOutput = exec(escapeshellcmd($command)); - } -} // end function sendControlCommand($mid, $command) From f3f972359b699fd5e7f4970f41084c23ab6365f0 Mon Sep 17 00:00:00 2001 From: Isaac Connor Date: Tue, 8 Oct 2019 18:28:02 -0400 Subject: [PATCH 690/922] increase width of Zoom, White, Iris controls to fit wider button --- web/skins/classic/css/base/views/control.css | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/web/skins/classic/css/base/views/control.css b/web/skins/classic/css/base/views/control.css index 396af71eb..578ba0c32 100644 --- a/web/skins/classic/css/base/views/control.css +++ b/web/skins/classic/css/base/views/control.css @@ -28,7 +28,7 @@ } .ptzControls .controlsPanel .arrowControl { - width: 40px; + width: 60px; margin: 0 4px; } From c15e8eebb21168d80dcb001973bd6104a32dca9e Mon Sep 17 00:00:00 2001 From: Isaac Connor Date: Tue, 8 Oct 2019 18:48:37 -0400 Subject: [PATCH 691/922] Make PTZ presets fill the entire window width and fix other visual problems with the buttons --- web/skins/classic/css/base/views/control.css | 19 +++++++++++-------- 1 file changed, 11 insertions(+), 8 deletions(-) diff --git a/web/skins/classic/css/base/views/control.css b/web/skins/classic/css/base/views/control.css index 578ba0c32..f0a26e763 100644 --- a/web/skins/classic/css/base/views/control.css +++ b/web/skins/classic/css/base/views/control.css @@ -1,7 +1,7 @@ .ptzControls { vertical-align: top; margin: 10px auto 0; - width: 520px; + width: 90%; } .ptzControls::after { @@ -32,7 +32,7 @@ margin: 0 4px; } -.ptzControls .controlsPanel .arrowControl input { +.ptzControls .controlsPanel .arrowControl button.longArrowBtn { display: block; } @@ -72,10 +72,13 @@ .ptzControls .controlsPanel .irisControls { float: right; + text-align: center; } .ptzControls .controlsPanel .whiteControls { float: right; + width: 120px; + text-align: center; } .ptzControls .controlsPanel .pantiltPanel { @@ -90,8 +93,8 @@ border: 1px solid #006699; text-align: center; padding: 1px; - width: 102px; - height: 102px; + width: 100px; + height: 100px; } .ptzControls .controlsPanel .pantiltPanel .pantiltControls .arrowBtn { @@ -142,16 +145,16 @@ } .ptzControls .presetControls div { - margin: 5px auto; + margin: 5px 200px 5px 180px; } -.ptzControls .presetControls input { +.ptzControls .presetControls button { margin: 1px; } -.ptzControls .presetControls input.ptzNumBtn { +.ptzControls .presetControls button.ptzNumBtn { padding: 1px 2px; - width: 24px; + width: 45px; color: #ffffff; text-align: center; } From d1b086ddc6ecc330178abd093762cded8fdeccc0 Mon Sep 17 00:00:00 2001 From: Isaac Connor Date: Tue, 8 Oct 2019 18:49:11 -0400 Subject: [PATCH 692/922] fix cases of monitor->CanZoom to control->CanZoom --- web/skins/classic/includes/control_functions.php | 11 ++++------- 1 file changed, 4 insertions(+), 7 deletions(-) diff --git a/web/skins/classic/includes/control_functions.php b/web/skins/classic/includes/control_functions.php index bd963312c..7554486af 100644 --- a/web/skins/classic/includes/control_functions.php +++ b/web/skins/classic/includes/control_functions.php @@ -49,11 +49,11 @@ function controlZoom($monitor, $cmds) {
- +
CanAutoZoom() ) { + if ( $control->CanAutoZoom() ) { ?> @@ -75,7 +75,7 @@ function controlIris($monitor, $cmds) {
CanAutoIris() ) { + if ( $control->CanAutoIris() ) { ?> @@ -98,7 +98,7 @@ function controlWhite($monitor, $cmds) {
CanAutoWhite() ) { + if ( $control->CanAutoWhite() ) { ?> @@ -164,9 +164,6 @@ function controlPresets($monitor, $cmds) { ?>
From 1cf034ec5f1c2cd99a45934cfbea9c5438b449fd Mon Sep 17 00:00:00 2001 From: Isaac Connor Date: Tue, 8 Oct 2019 18:49:29 -0400 Subject: [PATCH 693/922] fix inline js on the back/close button --- web/skins/classic/views/watch.php | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/web/skins/classic/views/watch.php b/web/skins/classic/views/watch.php index ec2674591..9fbcfdbcf 100644 --- a/web/skins/classic/views/watch.php +++ b/web/skins/classic/views/watch.php @@ -74,7 +74,7 @@ if ( canView('Control') && $monitor->Type() == 'Local' ) { ?>
:
-
+
Status() != 'Connected' ) { From b15f7ad47d407003672aebd1ed431cd1b6d166d4 Mon Sep 17 00:00:00 2001 From: Isaac Connor Date: Wed, 9 Oct 2019 10:00:13 -0400 Subject: [PATCH 694/922] handle ipv6 in Server->Hostname. Fixes #2713 --- web/includes/Server.php | 5 +++++ 1 file changed, 5 insertions(+) diff --git a/web/includes/Server.php b/web/includes/Server.php index f137c90b5..175629729 100644 --- a/web/includes/Server.php +++ b/web/includes/Server.php @@ -39,6 +39,11 @@ class Server extends ZM_Object { } else if ( $this->Id() ) { return $this->{'Name'}; } + # This theoretically will match ipv6 addresses as well + if ( preg_match( '/^(\[[[:xdigit:]:]+\]|[^:]+)(:[[:digit:]]+)?$/', $_SERVER['HTTP_HOST'], $matches ) ) { + return $matches[1]; + } + $result = explode(':', $_SERVER['HTTP_HOST']); return $result[0]; } From c7f5673b475e9ae9ec56d23af007ddba0d11569f Mon Sep 17 00:00:00 2001 From: Isaac Connor Date: Wed, 9 Oct 2019 10:30:40 -0400 Subject: [PATCH 695/922] Make filterFIelds global and give more info in error message --- web/ajax/log.php | 3 ++- 1 file changed, 2 insertions(+), 1 deletion(-) diff --git a/web/ajax/log.php b/web/ajax/log.php index 01b64cba0..ef2e450f2 100644 --- a/web/ajax/log.php +++ b/web/ajax/log.php @@ -5,6 +5,7 @@ $filterFields = array( 'Component', 'ServerId', 'Pid', 'Level', 'File', 'Line' ); function buildLogQuery($action) { + global $filterFields; $minTime = isset($_REQUEST['minTime'])?$_REQUEST['minTime']:NULL; $maxTime = isset($_REQUEST['maxTime'])?$_REQUEST['maxTime']:NULL; @@ -41,7 +42,7 @@ function buildLogQuery($action) { foreach ( $filter as $field=>$value ) { if ( ! in_array($field, $filterFields) ) { - ZM\Error("$field is not in valid filter fields"); + ZM\Error("'$field' is not in valid filter fields " . print_r($filterField,true)); continue; } if ( $field == 'Level' ){ From 29a8cd3c91dde62b1b9bdd9595bc7991b4f07a02 Mon Sep 17 00:00:00 2001 From: Isaac Connor Date: Wed, 9 Oct 2019 13:00:29 -0400 Subject: [PATCH 696/922] use rsync instead of sftp --- utils/packpack/rsync_xfer.sh | 6 +++--- 1 file changed, 3 insertions(+), 3 deletions(-) diff --git a/utils/packpack/rsync_xfer.sh b/utils/packpack/rsync_xfer.sh index 4a29abef6..97e8c1bfb 100755 --- a/utils/packpack/rsync_xfer.sh +++ b/utils/packpack/rsync_xfer.sh @@ -26,15 +26,15 @@ if [ "${TRAVIS_EVENT_TYPE}" == "cron" ] || [ "${OS}" == "debian" ] || [ "${OS}" echo "Target subfolder set to $targetfolder" echo if [ "${USE_SFTP}" == "yes" ]; then - results="$(sftp build/* "zmrepo@zmrepo.zoneminder.com:${targetfolder}/" 2>&1)" + results="$(rsync build/* "zmrepo@zmrepo.zoneminder.com:${targetfolder}/" 2>&1)" if [ -z "$results" ]; then echo echo "Files copied successfully." echo else echo - echo "ERROR: Attempt to mount zmrepo.zoneminder.com failed!" - echo "sshfs gave the following error message:" + echo "ERROR: Attempt to rsync to zmrepo.zoneminder.com failed!" + echo "rsync gave the following error message:" echo \"$results\" echo exit 99 From 70396c58975b253070ccfc520d6905def5128ce0 Mon Sep 17 00:00:00 2001 From: Isaac Connor Date: Wed, 9 Oct 2019 13:10:43 -0400 Subject: [PATCH 697/922] Don't warn about the spaces in the command --- web/includes/Monitor.php | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/web/includes/Monitor.php b/web/includes/Monitor.php index b46edfcf7..092b619c3 100644 --- a/web/includes/Monitor.php +++ b/web/includes/Monitor.php @@ -467,7 +467,7 @@ public function sendControlCommand($command) { foreach ( explode(' ', $command) as $option ) { if ( preg_match('/--([^=]+)(?:=(.+))?/', $option, $matches) ) { $options[$matches[1]] = $matches[2]?$matches[2]:1; - } else if ( $option != 'quit' ) { + } else if ( $option != '' and $option != 'quit' ) { Warning("Ignored command for zmcontrol $option in $command"); } } From 1aaa52b994f70fc2fd28161643fe9579a9e1b6b3 Mon Sep 17 00:00:00 2001 From: Pliable Pixels Date: Fri, 11 Oct 2019 10:53:50 -0400 Subject: [PATCH 698/922] Fix ZM slack join link --- README.md | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/README.md b/README.md index 2939aa941..9be80d4b7 100644 --- a/README.md +++ b/README.md @@ -3,7 +3,7 @@ ZoneMinder [![Build Status](https://travis-ci.org/ZoneMinder/zoneminder.png)](https://travis-ci.org/ZoneMinder/zoneminder) [![Bountysource](https://api.bountysource.com/badge/team?team_id=204&style=bounties_received)](https://www.bountysource.com/teams/zoneminder/issues?utm_source=ZoneMinder&utm_medium=shield&utm_campaign=bounties_received) -[![Join Slack](https://github.com/ozonesecurity/ozonebase/blob/master/img/slacksm.png?raw=true)](https://join.slack.com/t/zoneminder-chat/shared_invite/enQtNTU0NDkxMDM5NDQwLTlhZDU2MGU4MmZmN2MxOTg1MmNmNmZjZGRmY2EzMThhNGQ0MWNmZTg1ZmYzNDQ4YjliMzVmYTQ3MDc5MTkzODE) +[![Join Slack](https://github.com/ozonesecurity/ozonebase/blob/master/img/slacksm.png?raw=true)](https://join.slack.com/t/zoneminder-chat/shared_invite/enQtNTU0NDkxMDM5NDQwLTdhZmQ5Y2M2NWQyN2JkYTBiN2ZkMzIzZGQ0MDliMTRmM2FjZWRlYzUwYTQ2MjMwMTVjMzQ1NjYxOTdmMjE2MTE) All documentation for ZoneMinder is now online at https://zoneminder.readthedocs.org From 3b586a2abe51f49d1973e006f11e0eda6f60c331 Mon Sep 17 00:00:00 2001 From: Isaac Connor Date: Fri, 11 Oct 2019 13:53:18 -0400 Subject: [PATCH 699/922] include stream index and packet queue size in debug message --- src/zm_packetqueue.cpp | 3 ++- 1 file changed, 2 insertions(+), 1 deletion(-) diff --git a/src/zm_packetqueue.cpp b/src/zm_packetqueue.cpp index 7668935f0..1b8694481 100644 --- a/src/zm_packetqueue.cpp +++ b/src/zm_packetqueue.cpp @@ -42,7 +42,8 @@ bool zm_packetqueue::queuePacket(ZMPacket* zm_packet) { || ( packet_counts[zm_packet->packet.stream_index] <= 0 ) ) { - Debug(2,"Inserting packet with dts %" PRId64 " because queue is empty or invalid dts", zm_packet->packet.dts); + Debug(2,"Inserting packet with dts %" PRId64 " because queue %d is empty (queue size: %d) or invalid dts", + zm_packet->packet.stream_index, packet_counts[zm_packet->packet.stream_index], zm_packet->packet.dts); // No dts value, can't so much with it pktQueue.push_back(zm_packet); packet_counts[zm_packet->packet.stream_index] += 1; From 90d6e11fb9cf9dfa9a30e8ceea5eabaf02793866 Mon Sep 17 00:00:00 2001 From: Isaac Connor Date: Fri, 11 Oct 2019 14:04:51 -0400 Subject: [PATCH 700/922] If we try to write a packet with dts == AV_NOPTS_VALUE, set it to stream->cur_dts. This might at least give us a playable file. --- src/zm_videostore.cpp | 5 +++++ 1 file changed, 5 insertions(+) diff --git a/src/zm_videostore.cpp b/src/zm_videostore.cpp index c3e19a193..1e19a058c 100644 --- a/src/zm_videostore.cpp +++ b/src/zm_videostore.cpp @@ -996,6 +996,11 @@ int VideoStore::write_packet(AVPacket *pkt, AVStream *stream) { pkt->pos = -1; pkt->stream_index = stream->index; + if ( pkt->dts == AV_NOPTS_VALUE ) { + Debug(1, "undef dts, fixing by setting to stream cur_dts %" PRId64, stream->cur_dts); + pkt->dts = stream->cur_dts; + } + if ( pkt->dts < stream->cur_dts ) { Debug(1, "non increasing dts, fixing. our dts %" PRId64 " stream cur_dts %" PRId64, pkt->dts, stream->cur_dts); pkt->dts = stream->cur_dts; From ee1e12b9386d6e7163061c1648c9a1ce4881b15b Mon Sep 17 00:00:00 2001 From: Isaac Connor Date: Fri, 11 Oct 2019 17:29:47 -0400 Subject: [PATCH 701/922] Be more robust about returning a Server object when instantiating the default Storage area. --- web/includes/Storage.php | 11 ++++++++++- 1 file changed, 10 insertions(+), 1 deletion(-) diff --git a/web/includes/Storage.php b/web/includes/Storage.php index 8607b52fe..95b755d09 100644 --- a/web/includes/Storage.php +++ b/web/includes/Storage.php @@ -116,7 +116,16 @@ class Storage extends ZM_Object { public function Server() { if ( ! array_key_exists('Server',$this) ) { - $this->{'Server'}= new Server($this->{'ServerId'}); + if ( array_key_exists('ServerId', $this) ) { + $this->{'Server'} = Server::find_one(array('Id'=>$this->{'ServerId'})); + if ( ! $this->{'Server'} ) { + Error('No Server record found for server id ' . $this->{'ServerId'}); + $this->{'Server'} = new Server(); + } + $this->{'Server'} = new Server(); + } else { + $this->{'Server'} = new Server(); + } } return $this->{'Server'}; } From 3b31381a57cc3f0e6d22c8ca47ae43e7a641df3b Mon Sep 17 00:00:00 2001 From: Isaac Connor Date: Sat, 12 Oct 2019 11:15:20 -0400 Subject: [PATCH 702/922] remove unneeded quotes. --- utils/packpack/rsync_xfer.sh | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/utils/packpack/rsync_xfer.sh b/utils/packpack/rsync_xfer.sh index 97e8c1bfb..49c10dd9f 100755 --- a/utils/packpack/rsync_xfer.sh +++ b/utils/packpack/rsync_xfer.sh @@ -26,7 +26,7 @@ if [ "${TRAVIS_EVENT_TYPE}" == "cron" ] || [ "${OS}" == "debian" ] || [ "${OS}" echo "Target subfolder set to $targetfolder" echo if [ "${USE_SFTP}" == "yes" ]; then - results="$(rsync build/* "zmrepo@zmrepo.zoneminder.com:${targetfolder}/" 2>&1)" + results="$(rsync build/* zmrepo@zmrepo.zoneminder.com:${targetfolder}/ 2>&1)" if [ -z "$results" ]; then echo echo "Files copied successfully." From 8ee567442ee917bf8822635f2da01af4b4f3b091 Mon Sep 17 00:00:00 2001 From: Isaac Connor Date: Tue, 15 Oct 2019 15:04:14 -0400 Subject: [PATCH 703/922] UPdate replay, scale, codec dropdown onchanges --- web/skins/classic/views/event.php | 19 ++++++++++++++----- 1 file changed, 14 insertions(+), 5 deletions(-) diff --git a/web/skins/classic/views/event.php b/web/skins/classic/views/event.php index b271343f1..df0712435 100644 --- a/web/skins/classic/views/event.php +++ b/web/skins/classic/views/event.php @@ -172,13 +172,22 @@ if ( canEdit('Events') ) { } // end if Event->DefaultVideo ?>
-
-
-
'changeCodec(this);')); ?>
+
+ + 'changeReplayMode')); ?> +
+
+ + 'changeScale')); ?> +
+
+ + 'changeCodec')); ?> +
- +
-
+
DefaultVideo() ) { ?> From 382c0230bbabc9395a3e22c51f31cd922b0f5df2 Mon Sep 17 00:00:00 2001 From: Isaac Connor Date: Tue, 15 Oct 2019 15:04:32 -0400 Subject: [PATCH 704/922] Add jessie build --- .travis.yml | 1 + 1 file changed, 1 insertion(+) diff --git a/.travis.yml b/.travis.yml index c2404072b..c6aac58fb 100644 --- a/.travis.yml +++ b/.travis.yml @@ -41,6 +41,7 @@ env: - SMPFLAGS=-j4 OS=ubuntu DIST=disco DOCKER_REPO=iconzm/packpack USE_SFTP=yes - SMPFLAGS=-j4 OS=debian DIST=buster DOCKER_REPO=iconzm/packpack USE_SFTP=yes - SMPFLAGS=-j4 OS=debian DIST=stretch DOCKER_REPO=iconzm/packpack USE_SFTP=yes + - SMPFLAGS=-j4 OS=debian DIST=jessie DOCKER_REPO=iconzm/packpack USE_SFTP=yes - SMPFLAGS=-j4 OS=ubuntu DIST=trusty ARCH=i386 - SMPFLAGS=-j4 OS=ubuntu DIST=xenial ARCH=i386 - SMPFLAGS=-j4 OS=ubuntu DIST=bionic ARCH=i386 From 04c22988adea06a3f48912ef763fd374b14502a7 Mon Sep 17 00:00:00 2001 From: Isaac Connor Date: Tue, 15 Oct 2019 15:04:55 -0400 Subject: [PATCH 705/922] Add code to delete empty event directories after deleting an event --- scripts/ZoneMinder/lib/ZoneMinder/Event.pm | 30 +++++++++++++++++++--- 1 file changed, 27 insertions(+), 3 deletions(-) diff --git a/scripts/ZoneMinder/lib/ZoneMinder/Event.pm b/scripts/ZoneMinder/lib/ZoneMinder/Event.pm index b5a89e601..2c5626f4b 100644 --- a/scripts/ZoneMinder/lib/ZoneMinder/Event.pm +++ b/scripts/ZoneMinder/lib/ZoneMinder/Event.pm @@ -409,12 +409,12 @@ sub delete_files { ) ) { my $storage_path = $Storage->Path(); - if ( ! $storage_path ) { + if ( !$storage_path ) { Error("Empty storage path when deleting files for event $$event{Id} with storage id $$event{StorageId}"); return; } - if ( ! $$event{MonitorId} ) { + if ( !$$event{MonitorId} ) { Error("No monitor id assigned to event $$event{Id}"); return; } @@ -450,13 +450,37 @@ sub delete_files { } }; Error($@) if $@; - } + } # end if s3fs if ( !$deleted ) { my $command = "/bin/rm -rf $storage_path/$event_path"; ZoneMinder::General::executeShellCommand($command); } + } else { + Error('No event path in delete files. ' . $event->to_string()); } # end if event_path + # Now check for empty directories and delete them. + my @path_parts = split('/', $event_path); + pop @path_parts; + # Guaranteed the first part is the monitor id + while ( @path_parts > 1 ) { + my $path = join('/', $storage_path, @path_parts); + my $dh; + if ( !opendir($dh, $path) ) { + Warning("Fail to open $path"); + last; + } + if ( scalar(grep { $_ ne '.' and $_ ne '..' } readdir($dh)) == 0 ) { + Debug("Removing empty dir at $path"); + if ( !rmdir $path ) { + Warning("Fail to rmdir $path: $!"); + last; + } + } else { + last; + } + } # end while path_parts + if ( $event->Scheme() eq 'Deep' ) { my $link_path = $event->LinkPath(); Debug("Deleting link for Event $$event{Id} from $storage_path/$link_path."); From 4b71bc75eab113240cf5a69650c2149839083ac4 Mon Sep 17 00:00:00 2001 From: externo6 Date: Wed, 16 Oct 2019 00:35:49 +0100 Subject: [PATCH 706/922] Change language to Contains / Not Contains and update perl filter. --- scripts/ZoneMinder/lib/ZoneMinder/Filter.pm | 9 +++++++++ web/includes/functions.php | 3 +++ web/lang/en_gb.php | 4 ++-- 3 files changed, 14 insertions(+), 2 deletions(-) diff --git a/scripts/ZoneMinder/lib/ZoneMinder/Filter.pm b/scripts/ZoneMinder/lib/ZoneMinder/Filter.pm index 611bea059..7a78e3b71 100644 --- a/scripts/ZoneMinder/lib/ZoneMinder/Filter.pm +++ b/scripts/ZoneMinder/lib/ZoneMinder/Filter.pm @@ -236,6 +236,11 @@ sub Sql { || $term->{attr} eq 'Cause' || $term->{attr} eq 'Notes' ) { + if ( $term->{op} eq 'LIKE' + || $term->{op} eq 'NOT LIKE' + ) { + $temp_value = '%'.$temp_value.'%'; + } $value = "'$temp_value'"; } elsif ( $term->{attr} eq 'DateTime' or $term->{attr} eq 'StartDateTime' or $term->{attr} eq 'EndDateTime' ) { if ( $temp_value eq 'NULL' ) { @@ -295,6 +300,10 @@ sub Sql { $self->{Sql} .= ' IN ('.join(',', @value_list).')'; } elsif ( $term->{op} eq '!~' ) { $self->{Sql} .= ' NOT IN ('.join(',', @value_list).')'; + } elsif ( $term->{op} eq 'LIKE' ) { + $self->{Sql} .= " LIKE $value"; + } elsif ( $term->{op} eq 'NOT LIKE' ) { + $self->{Sql} .= " NOT LIKE $value"; } else { $self->{Sql} .= ' '.$term->{op}.' '.$value; } diff --git a/web/includes/functions.php b/web/includes/functions.php index fc4c398c5..825467fb4 100644 --- a/web/includes/functions.php +++ b/web/includes/functions.php @@ -1223,6 +1223,9 @@ function parseFilter(&$filter, $saveToSession=false, $querySep='&') { case 'Name': case 'Cause': case 'Notes': + if($term['op'] == 'LIKE' || $term['op'] == 'NOT LIKE') { + $value = '%'.$value.'%'; + } $value = dbEscape($value); break; case 'MonitorServerId': diff --git a/web/lang/en_gb.php b/web/lang/en_gb.php index 38799c9a0..94236dc81 100644 --- a/web/lang/en_gb.php +++ b/web/lang/en_gb.php @@ -579,8 +579,8 @@ $SLANG = array( 'OpNotMatches' => 'does not match', 'OpIs' => 'is', 'OpIsNot' => 'is not', - 'OpLike' => 'like', - 'OpNotLike' => 'not like', + 'OpLike' => 'Contains', + 'OpNotLike' => 'Does not Contain', 'OptionalEncoderParam' => 'Optional Encoder Parameters', 'OptionHelp' => 'Option Help', 'OptionRestartWarning' => 'These changes may not come into effect fully\nwhile the system is running. When you have\nfinished making your changes please ensure that\nyou restart ZoneMinder.', From b63fc0b0e5c4f5bb39499e882a49c88a6405b6f4 Mon Sep 17 00:00:00 2001 From: Isaac Connor Date: Tue, 15 Oct 2019 20:44:15 -0400 Subject: [PATCH 707/922] Delete linkpath before deleting empty directories. add closedir and some more debugging. Also add popping off that last part of the dir at each loop --- scripts/ZoneMinder/lib/ZoneMinder/Event.pm | 50 ++++++++++++---------- 1 file changed, 28 insertions(+), 22 deletions(-) diff --git a/scripts/ZoneMinder/lib/ZoneMinder/Event.pm b/scripts/ZoneMinder/lib/ZoneMinder/Event.pm index 2c5626f4b..589e4bbba 100644 --- a/scripts/ZoneMinder/lib/ZoneMinder/Event.pm +++ b/scripts/ZoneMinder/lib/ZoneMinder/Event.pm @@ -459,28 +459,6 @@ sub delete_files { Error('No event path in delete files. ' . $event->to_string()); } # end if event_path - # Now check for empty directories and delete them. - my @path_parts = split('/', $event_path); - pop @path_parts; - # Guaranteed the first part is the monitor id - while ( @path_parts > 1 ) { - my $path = join('/', $storage_path, @path_parts); - my $dh; - if ( !opendir($dh, $path) ) { - Warning("Fail to open $path"); - last; - } - if ( scalar(grep { $_ ne '.' and $_ ne '..' } readdir($dh)) == 0 ) { - Debug("Removing empty dir at $path"); - if ( !rmdir $path ) { - Warning("Fail to rmdir $path: $!"); - last; - } - } else { - last; - } - } # end while path_parts - if ( $event->Scheme() eq 'Deep' ) { my $link_path = $event->LinkPath(); Debug("Deleting link for Event $$event{Id} from $storage_path/$link_path."); @@ -489,6 +467,34 @@ sub delete_files { unlink($storage_path.'/'.$link_path) or Error("Unable to unlink '$storage_path/$link_path': $!"); } } # end if Scheme eq Deep + + # Now check for empty directories and delete them. + my @path_parts = split('/', $event_path); + pop @path_parts; + # Guaranteed the first part is the monitor id + Debug("Initial path_parts: @path_parts"); + while ( @path_parts > 1 ) { + my $path = join('/', $storage_path, @path_parts); + my $dh; + if ( !opendir($dh, $path) ) { + Warning("Fail to open $path"); + last; + } + my @dir = readdir($dh); + closedir($dh); + if ( scalar(grep { $_ ne '.' and $_ ne '..' } @dir) == 0 ) { + Debug("Removing empty dir at $path"); + if ( !rmdir $path ) { + Warning("Fail to rmdir $path: $!"); + last; + } + } else { + Debug("Dir $path is not empty @dir"); + last; + } + pop @path_parts; + } # end while path_parts + } # end foreach Storage } # end sub delete_files From e232c22b3d461b8fa2e4cc762fea0eac443b9aac Mon Sep 17 00:00:00 2001 From: externo6 Date: Wed, 16 Oct 2019 10:10:23 +0100 Subject: [PATCH 708/922] Only add % to value if % is not present. --- scripts/ZoneMinder/lib/ZoneMinder/Filter.pm | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/scripts/ZoneMinder/lib/ZoneMinder/Filter.pm b/scripts/ZoneMinder/lib/ZoneMinder/Filter.pm index 7a78e3b71..e14ae8d14 100644 --- a/scripts/ZoneMinder/lib/ZoneMinder/Filter.pm +++ b/scripts/ZoneMinder/lib/ZoneMinder/Filter.pm @@ -239,7 +239,7 @@ sub Sql { if ( $term->{op} eq 'LIKE' || $term->{op} eq 'NOT LIKE' ) { - $temp_value = '%'.$temp_value.'%'; + $temp_value = '%'.$temp_value.'%' if $temp_value !~ /%/; } $value = "'$temp_value'"; } elsif ( $term->{attr} eq 'DateTime' or $term->{attr} eq 'StartDateTime' or $term->{attr} eq 'EndDateTime' ) { From f25a823bc8f6c768bb78e8aa1eec2019502bc6f6 Mon Sep 17 00:00:00 2001 From: Isaac Connor Date: Wed, 16 Oct 2019 08:53:40 -0400 Subject: [PATCH 709/922] Fix event => zm_event --- web/skins/classic/views/js/timeline.js | 6 +++--- 1 file changed, 3 insertions(+), 3 deletions(-) diff --git a/web/skins/classic/views/js/timeline.js b/web/skins/classic/views/js/timeline.js index 877f31c2d..0b4715f75 100644 --- a/web/skins/classic/views/js/timeline.js +++ b/web/skins/classic/views/js/timeline.js @@ -26,10 +26,10 @@ function createEventHtml(zm_event, frame) { new Element('p').inject(eventHtml).set('text', zm_event.Name+(frame?('('+frame.FrameId+')'):'')); new Element('p').inject(eventHtml).set('text', zm_event.StartTime+' - '+zm_event.Length+'s'); new Element('p').inject(eventHtml).set('text', zm_event.Cause); - if ( event.Notes ) { - new Element('p').inject(eventHtml).set('text', event.Notes); + if ( zm_event.Notes ) { + new Element('p').inject(eventHtml).set('text', zm_event.Notes); } - if ( event.Archived > 0 ) { + if ( zm_event.Archived > 0 ) { new Element('p').inject(eventHtml).set( 'text', archivedString); } From d03de9831741a7202e0b404c6b3187faa837776b Mon Sep 17 00:00:00 2001 From: Isaac Connor Date: Wed, 16 Oct 2019 09:00:39 -0400 Subject: [PATCH 710/922] remove carriage returns in ffmpeg log lines --- src/zm_ffmpeg.cpp | 14 ++++++++------ 1 file changed, 8 insertions(+), 6 deletions(-) diff --git a/src/zm_ffmpeg.cpp b/src/zm_ffmpeg.cpp index 339b54c6c..022653b18 100644 --- a/src/zm_ffmpeg.cpp +++ b/src/zm_ffmpeg.cpp @@ -27,7 +27,7 @@ extern "C" { #if HAVE_LIBAVCODEC || HAVE_LIBAVUTIL || HAVE_LIBSWSCALE -void log_libav_callback( void *ptr, int level, const char *fmt, va_list vargs ) { +void log_libav_callback(void *ptr, int level, const char *fmt, va_list vargs) { Logger *log = Logger::fetch(); int log_level = 0; if ( level == AV_LOG_QUIET ) { // -8 @@ -62,8 +62,11 @@ void log_libav_callback( void *ptr, int level, const char *fmt, va_list vargs ) } if ( log ) { - char logString[8192]; + char logString[8192]; vsnprintf(logString, sizeof(logString)-1, fmt, vargs); + int length = strlen(logString); + // ffmpeg logs have a carriage return, so replace it with terminator + logString[length-1] = 0; log->logPrint(false, __FILE__, __LINE__, log_level, logString); } } @@ -74,12 +77,12 @@ void FFMPEGInit() { if ( !bInit ) { if ( logDebugging() && config.log_ffmpeg ) { - av_log_set_level( AV_LOG_DEBUG ); + av_log_set_level(AV_LOG_DEBUG); av_log_set_callback(log_libav_callback); Info("Enabling ffmpeg logs, as LOG_DEBUG+LOG_FFMPEG are enabled in options"); } else { Info("Not enabling ffmpeg logs, as LOG_FFMPEG and/or LOG_DEBUG is disabled in options, or this monitor not part of your debug targets"); - av_log_set_level( AV_LOG_QUIET ); + av_log_set_level(AV_LOG_QUIET); } #if LIBAVFORMAT_VERSION_CHECK(58, 9, 0, 64, 0) #else @@ -550,7 +553,6 @@ int zm_send_packet_receive_frame( if ( AVERROR(EAGAIN) == ret ) { // The codec may need more samples than it has, perfectly valid Debug(2, "Codec not ready to give us a frame"); - return 0; } else { Error("Could not recieve frame (error %d = '%s')", ret, av_make_error_string(ret).c_str()); @@ -571,7 +573,7 @@ int zm_send_packet_receive_frame( } } // end while !frameComplete #endif - return 1; + return 0; } // end int zm_send_packet_receive_frame(AVCodecContext *context, AVFrame *frame, AVPacket &packet) /* Returns < 0 on error, 0 if codec not ready, 1 on success From f938fd83acfbc328cca2bc16d842d6a1791c457e Mon Sep 17 00:00:00 2001 From: Isaac Connor Date: Wed, 16 Oct 2019 09:01:59 -0400 Subject: [PATCH 711/922] keep track of video_next_dts. Use it when packet dts is AV_NOPTS_VALUE. Also handle EAGAIN in send_packet_get_frame etc --- src/zm_videostore.cpp | 11 +++++++---- 1 file changed, 7 insertions(+), 4 deletions(-) diff --git a/src/zm_videostore.cpp b/src/zm_videostore.cpp index 1e19a058c..453a25683 100644 --- a/src/zm_videostore.cpp +++ b/src/zm_videostore.cpp @@ -277,8 +277,8 @@ VideoStore::VideoStore( #endif video_first_pts = 0; video_first_dts = 0; - video_last_pts = 0; - video_last_dts = 0; + video_next_pts = 0; + video_next_dts = 0; audio_first_pts = 0; audio_first_dts = 0; @@ -898,6 +898,8 @@ int VideoStore::writeVideoFramePacket(AVPacket *ipkt) { video_first_dts = ipkt->dts; } opkt.dts = ipkt->dts - video_first_dts; + } else { + opkt.dts = av_rescale_q(video_next_dts, video_out_stream->time_base, video_in_stream->time_base);; } if ( ipkt->pts != AV_NOPTS_VALUE ) { opkt.pts = ipkt->pts - video_first_dts; @@ -906,6 +908,7 @@ int VideoStore::writeVideoFramePacket(AVPacket *ipkt) { dumpPacket(video_out_stream, &opkt, "after pts adjustment"); write_packet(&opkt, video_out_stream); + video_next_dts = opkt.dts + opkt.duration; zm_av_packet_unref(&opkt); return 0; @@ -934,8 +937,8 @@ int VideoStore::writeAudioFramePacket(AVPacket *ipkt) { if ( audio_out_codec ) { // I wonder if we can get multiple frames per packet? Probably ret = zm_send_packet_receive_frame(audio_in_ctx, in_frame, *ipkt); - if ( ret <= 0 ) { - Debug(3, "Not ready to receive frame"); + if ( ret < 0 ) { + Debug(3, "failed to receive frame code: %d", ret); return 0; } zm_dump_frame(in_frame, "In frame from decode"); From fd480110d9e25136d3e40db80211ed21c7eea30f Mon Sep 17 00:00:00 2001 From: Isaac Connor Date: Wed, 16 Oct 2019 09:16:22 -0400 Subject: [PATCH 712/922] Make Isaac the upload/maintainer --- distros/ubuntu1204/control | 4 ++-- 1 file changed, 2 insertions(+), 2 deletions(-) diff --git a/distros/ubuntu1204/control b/distros/ubuntu1204/control index 1a2c6c9e0..01bc906e1 100644 --- a/distros/ubuntu1204/control +++ b/distros/ubuntu1204/control @@ -1,8 +1,8 @@ Source: zoneminder Section: net Priority: optional -Maintainer: Dmitry Smirnov -Uploaders: Vagrant Cascadian +Maintainer: Isaac Connor +Uploaders: Isaac Connor Build-Depends: debhelper (>= 9), python-sphinx | python3-sphinx, apache2-dev, dh-linktree ,cmake ,libx264-dev, libmp4v2-dev From d145adf9c67832e64bc9a1f7b4218b912f4bd510 Mon Sep 17 00:00:00 2001 From: Isaac Connor Date: Wed, 16 Oct 2019 10:07:50 -0400 Subject: [PATCH 713/922] set default for V4LCapturePerFrame to 1 instead of null. --- web/includes/Monitor.php | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/web/includes/Monitor.php b/web/includes/Monitor.php index d68d33930..2647ae6d0 100644 --- a/web/includes/Monitor.php +++ b/web/includes/Monitor.php @@ -23,7 +23,7 @@ protected $defaults = array( 'Channel' => 0, 'Format' => '0', 'V4LMultiBuffer' => null, - 'V4LCapturesPerFrame' => null, + 'V4LCapturesPerFrame' => 1, 'Protocol' => null, 'Method' => '', 'Host' => null, From 7146bdd59a7b4e20ec0613ff4bb47f5bbd415b46 Mon Sep 17 00:00:00 2001 From: Isaac Connor Date: Wed, 16 Oct 2019 10:08:30 -0400 Subject: [PATCH 714/922] IN order to allow specifying a monitor Id that has been deleted, use monitor->Id instead of mid to test for monitor existence --- web/includes/actions/monitor.php | 4 +++- 1 file changed, 3 insertions(+), 1 deletion(-) diff --git a/web/includes/actions/monitor.php b/web/includes/actions/monitor.php index 53e533035..6a542f825 100644 --- a/web/includes/actions/monitor.php +++ b/web/includes/actions/monitor.php @@ -78,7 +78,7 @@ if ( $action == 'monitor' ) { $restart = false; if ( count($changes) ) { - if ( $mid ) { + if ( $monitor->Id() ) { # If we change anything that changes the shared mem size, zma can complain. So let's stop first. if ( $monitor->Type() != 'WebSite' ) { @@ -203,6 +203,8 @@ if ( $action == 'monitor' ) { dbQuery("INSERT INTO Zones SET MonitorId = ?, Name = 'All', Type = 'Active', Units = 'Percent', NumCoords = 4, Coords = ?, Area=?, AlarmRGB = 0xff0000, CheckMethod = 'Blobs', MinPixelThreshold = 25, MinAlarmPixels=?, MaxAlarmPixels=?, FilterX = 3, FilterY = 3, MinFilterPixels=?, MaxFilterPixels=?, MinBlobPixels=?, MinBlobs = 1", array( $mid, sprintf( "%d,%d %d,%d %d,%d %d,%d", 0, 0, $_REQUEST['newMonitor']['Width']-1, 0, $_REQUEST['newMonitor']['Width']-1, $_REQUEST['newMonitor']['Height']-1, 0, $_REQUEST['newMonitor']['Height']-1 ), $zoneArea, intval(($zoneArea*3)/100), intval(($zoneArea*75)/100), intval(($zoneArea*3)/100), intval(($zoneArea*75)/100), intval(($zoneArea*2)/100) ) ); //$view = 'none'; $Storage = $monitor->Storage(); + + error_reporting(0); mkdir($Storage->Path().'/'.$mid, 0755); $saferName = basename($_REQUEST['newMonitor']['Name']); symlink($mid, $Storage->Path().'/'.$saferName); From a3ea0c224e5b3ffbfa7853ab770c8ca6712c1ebb Mon Sep 17 00:00:00 2001 From: Isaac Connor Date: Wed, 16 Oct 2019 10:13:18 -0400 Subject: [PATCH 715/922] detaint cmd in runSysCmd. code style fixes. Return unknown for Longitude as well --- scripts/zmtelemetry.pl.in | 16 +++++++++------- 1 file changed, 9 insertions(+), 7 deletions(-) diff --git a/scripts/zmtelemetry.pl.in b/scripts/zmtelemetry.pl.in index 15135e769..efd5e735e 100644 --- a/scripts/zmtelemetry.pl.in +++ b/scripts/zmtelemetry.pl.in @@ -60,7 +60,7 @@ if ( $version ) { if ( $help ) { pod2usage(-exitstatus => -1); } -if ( ! defined $interval ) { +if ( !defined $interval ) { $interval = eval($Config{ZM_TELEMETRY_INTERVAL}); } @@ -69,16 +69,17 @@ if ( !($Config{ZM_TELEMETRY_DATA} or $force) ) { exit(0); } -print 'ZoneMinder Telemetry Agent starting at '.strftime( '%y/%m/%d %H:%M:%S', localtime() )."\n"; +print 'ZoneMinder Telemetry Agent starting at '.strftime('%y/%m/%d %H:%M:%S', localtime())."\n"; my $lastCheck = $Config{ZM_TELEMETRY_LAST_UPLOAD}; while( 1 ) { my $now = time(); my $since_last_check = $now-$lastCheck; - Debug(" Last Check time (now($now) - lastCheck($lastCheck)) = $since_last_check > interval($interval) or force($force)"); + Debug("Last Check time (now($now) - lastCheck($lastCheck)) = $since_last_check > interval($interval) or force($force)"); if ( $since_last_check < 0 ) { - Warning( 'Seconds since last check is negative! Which means that lastCheck is in the future!' ); + Warning('Seconds since last check is negative! Which means that lastCheck is in the future!'); + sleep($interval); next; } if ( ( ($since_last_check) > $interval ) or $force ) { @@ -88,8 +89,8 @@ while( 1 ) { # We should keep *BSD systems in mind when calling system commands my %telemetry; $telemetry{uuid} = getUUID($dbh); - ($telemetry{city}, $telemetry{region}, $telemetry{country}, $telemetry{latitude}, $telemetry{longitude}) = getGeo(); - $telemetry{timestamp} = strftime( '%Y-%m-%dT%H:%M:%S%z', localtime() ); + @telemetry{qw(city region country latitude longitude)} = getGeo(); + $telemetry{timestamp} = strftime('%Y-%m-%dT%H:%M:%S%z', localtime()); $telemetry{monitor_count} = countQuery($dbh,'Monitors'); $telemetry{event_count} = countQuery($dbh,'Events'); $telemetry{architecture} = runSysCmd('uname -p'); @@ -138,6 +139,7 @@ sub runSysCmd { chomp($path); $arguments[0] = $path; my $cmd = join(' ',@arguments); + ($cmd) = $cmd =~ /(.*)/; # detaint $result = qx( $cmd ); chomp($result); } @@ -221,7 +223,7 @@ sub getGeo { } else { Warning("Geoip data retrieval returned HTTP POST error code: $resp_code"); Debug("Geoip data retrieval failure response message: $resp_msg"); - return ($unknown, $unknown, $unknown, $unknown); + return ($unknown, $unknown, $unknown, $unknown, $unknown); } } From 9068cb1a19825b68b2f88a084202bc403607b252 Mon Sep 17 00:00:00 2001 From: externo6 Date: Thu, 17 Oct 2019 10:17:22 +0100 Subject: [PATCH 716/922] align with other filter options --- web/lang/en_gb.php | 4 ++-- 1 file changed, 2 insertions(+), 2 deletions(-) diff --git a/web/lang/en_gb.php b/web/lang/en_gb.php index 94236dc81..d405f5aa0 100644 --- a/web/lang/en_gb.php +++ b/web/lang/en_gb.php @@ -579,8 +579,8 @@ $SLANG = array( 'OpNotMatches' => 'does not match', 'OpIs' => 'is', 'OpIsNot' => 'is not', - 'OpLike' => 'Contains', - 'OpNotLike' => 'Does not Contain', + 'OpLike' => 'contains', + 'OpNotLike' => 'does not contain', 'OptionalEncoderParam' => 'Optional Encoder Parameters', 'OptionHelp' => 'Option Help', 'OptionRestartWarning' => 'These changes may not come into effect fully\nwhile the system is running. When you have\nfinished making your changes please ensure that\nyou restart ZoneMinder.', From 0e6e572e4576936bd05f91d7bdd929eabdd46a94 Mon Sep 17 00:00:00 2001 From: Isaac Connor Date: Thu, 17 Oct 2019 16:35:23 -0400 Subject: [PATCH 717/922] add libdatetime-perl to depends. Is used in control modules --- distros/ubuntu1204/control | 1 + distros/ubuntu1604/control | 1 + 2 files changed, 2 insertions(+) diff --git a/distros/ubuntu1204/control b/distros/ubuntu1204/control index 01bc906e1..e5688a421 100644 --- a/distros/ubuntu1204/control +++ b/distros/ubuntu1204/control @@ -57,6 +57,7 @@ Depends: ${shlibs:Depends}, ${misc:Depends}, ${perl:Depends} ,libsys-mmap-perl [!hurd-any] ,liburi-encode-perl ,libwww-perl + ,libdatetime-perl ,libdata-uuid-perl ,libnumber-bytes-human-perl ,libfile-slurp-perl diff --git a/distros/ubuntu1604/control b/distros/ubuntu1604/control index ec112c2ce..af5bd9992 100644 --- a/distros/ubuntu1604/control +++ b/distros/ubuntu1604/control @@ -63,6 +63,7 @@ Depends: ${shlibs:Depends}, ${misc:Depends}, ${perl:Depends} ,liburi-encode-perl ,libwww-perl ,libdata-dump-perl + ,libdatetime-perl ,libclass-std-fast-perl ,libsoap-wsdl-perl ,libio-socket-multicast-perl From a0f021ee128eedc9624e2b869117d8182210563f Mon Sep 17 00:00:00 2001 From: Isaac Connor Date: Thu, 17 Oct 2019 17:37:36 -0400 Subject: [PATCH 718/922] Handle the case of flushing resampler by sending NULL --- src/zm_ffmpeg.cpp | 19 +++++++++++++------ 1 file changed, 13 insertions(+), 6 deletions(-) diff --git a/src/zm_ffmpeg.cpp b/src/zm_ffmpeg.cpp index 022653b18..6b6036db5 100644 --- a/src/zm_ffmpeg.cpp +++ b/src/zm_ffmpeg.cpp @@ -84,8 +84,7 @@ void FFMPEGInit() { Info("Not enabling ffmpeg logs, as LOG_FFMPEG and/or LOG_DEBUG is disabled in options, or this monitor not part of your debug targets"); av_log_set_level(AV_LOG_QUIET); } -#if LIBAVFORMAT_VERSION_CHECK(58, 9, 0, 64, 0) -#else +#if !LIBAVFORMAT_VERSION_CHECK(58, 9, 0, 64, 0) av_register_all(); #endif avformat_network_init(); @@ -691,10 +690,14 @@ int zm_resample_audio( AVFrame *out_frame ) { #if defined(HAVE_LIBSWRESAMPLE) - // Resample the in_frame into the audioSampleBuffer until we process the whole - // decoded data. Note: pts does not survive resampling or converting - Debug(2, "Converting %d to %d samples using swresample", - in_frame->nb_samples, out_frame->nb_samples); + if ( in_frame ) { + // Resample the in_frame into the audioSampleBuffer until we process the whole + // decoded data. Note: pts does not survive resampling or converting + Debug(2, "Converting %d to %d samples using swresample", + in_frame->nb_samples, out_frame->nb_samples); + } else { + Debug(2, "Sending NULL frame to flush resampler"); + } int ret = swr_convert_frame(resample_ctx, out_frame, in_frame); if ( ret < 0 ) { Error("Could not resample frame (error '%s')", @@ -705,6 +708,10 @@ int zm_resample_audio( swr_get_delay(resample_ctx, out_frame->sample_rate)); #else #if defined(HAVE_LIBAVRESAMPLE) + if ( ! in_frame ) { + Error("Flushing resampler not supported by AVRESAMPLE"); + return 0; + } int ret = avresample_convert(resample_ctx, NULL, 0, 0, in_frame->data, 0, in_frame->nb_samples); if ( ret < 0 ) { From 60ec5456832c0fca3fe937987d65edcad637fc44 Mon Sep 17 00:00:00 2001 From: Isaac Connor Date: Fri, 18 Oct 2019 09:43:25 -0400 Subject: [PATCH 719/922] fix compile warning due to snprintf into a too small char array --- src/zm_image.cpp | 11 ++++++----- 1 file changed, 6 insertions(+), 5 deletions(-) diff --git a/src/zm_image.cpp b/src/zm_image.cpp index 9cf4ada94..97c2132c6 100644 --- a/src/zm_image.cpp +++ b/src/zm_image.cpp @@ -2037,13 +2037,14 @@ void Image::Annotate( const char *p_text, const Coord &coord, const unsigned int void Image::Timestamp( const char *label, const time_t when, const Coord &coord, const int size ) { char time_text[64]; - strftime( time_text, sizeof(time_text), "%y/%m/%d %H:%M:%S", localtime( &when ) ); + strftime(time_text, sizeof(time_text), "%y/%m/%d %H:%M:%S", localtime(&when)); if ( label ) { - char text[64]; - snprintf( text, sizeof(text), "%s - %s", label, time_text ); - Annotate( text, coord, size ); + // Assume label is max 64, + ' - ' + 64 chars of time_text + char text[132]; + snprintf(text, sizeof(text), "%s - %s", label, time_text); + Annotate(text, coord, size); } else { - Annotate( time_text, coord, size ); + Annotate(time_text, coord, size); } } From 17a7d0227519847126ee2a44ec17b631264e053b Mon Sep 17 00:00:00 2001 From: Isaac Connor Date: Fri, 18 Oct 2019 10:16:18 -0400 Subject: [PATCH 720/922] fix reversal of in_frame/out_frame in VideoStore destructor --- src/zm_videostore.cpp | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/src/zm_videostore.cpp b/src/zm_videostore.cpp index 453a25683..2abee068c 100644 --- a/src/zm_videostore.cpp +++ b/src/zm_videostore.cpp @@ -444,7 +444,7 @@ VideoStore::~VideoStore() { * At the end of the file, we pass the remaining samples to * the encoder. */ while ( zm_resample_get_delay(resample_ctx, audio_out_ctx->sample_rate) ) { - zm_resample_audio(resample_ctx, out_frame, NULL); + zm_resample_audio(resample_ctx, NULL, out_frame); if ( zm_add_samples_to_fifo(fifo, out_frame) ) { // Should probably set the frame size to what is reported FIXME From 6a56de41f08a8d463dcf72e8a496e5a8e037f31d Mon Sep 17 00:00:00 2001 From: Isaac Connor Date: Fri, 18 Oct 2019 13:39:52 -0400 Subject: [PATCH 721/922] fix parameter order --- src/zm_packetqueue.cpp | 3 ++- 1 file changed, 2 insertions(+), 1 deletion(-) diff --git a/src/zm_packetqueue.cpp b/src/zm_packetqueue.cpp index 1b8694481..45be587c8 100644 --- a/src/zm_packetqueue.cpp +++ b/src/zm_packetqueue.cpp @@ -43,7 +43,8 @@ bool zm_packetqueue::queuePacket(ZMPacket* zm_packet) { ( packet_counts[zm_packet->packet.stream_index] <= 0 ) ) { Debug(2,"Inserting packet with dts %" PRId64 " because queue %d is empty (queue size: %d) or invalid dts", - zm_packet->packet.stream_index, packet_counts[zm_packet->packet.stream_index], zm_packet->packet.dts); + zm_packet->packet.dts, zm_packet->packet.stream_index, packet_counts[zm_packet->packet.stream_index] + ); // No dts value, can't so much with it pktQueue.push_back(zm_packet); packet_counts[zm_packet->packet.stream_index] += 1; From 524a39a2243835c667e2e64136b25c1755d763d9 Mon Sep 17 00:00:00 2001 From: Isaac Connor Date: Fri, 18 Oct 2019 13:40:29 -0400 Subject: [PATCH 722/922] changeCodec no longer needs to be passed this --- web/skins/classic/views/event.php | 2 +- web/skins/classic/views/js/event.js | 4 ++-- 2 files changed, 3 insertions(+), 3 deletions(-) diff --git a/web/skins/classic/views/event.php b/web/skins/classic/views/event.php index df0712435..a13697953 100644 --- a/web/skins/classic/views/event.php +++ b/web/skins/classic/views/event.php @@ -182,7 +182,7 @@ if ( canEdit('Events') ) {
- 'changeCodec')); ?> + 'changeCodec')); ?>
diff --git a/web/skins/classic/views/js/event.js b/web/skins/classic/views/js/event.js index ffd4df259..76fc47c79 100644 --- a/web/skins/classic/views/js/event.js +++ b/web/skins/classic/views/js/event.js @@ -143,8 +143,8 @@ function setButtonState( element, butClass ) { } } -function changeCodec(element) { - location.replace(thisUrl + '?view=event&eid=' + eventData.Id + filterQuery + sortQuery+'&codec='+element.value); +function changeCodec() { + location.replace(thisUrl + '?view=event&eid=' + eventData.Id + filterQuery + sortQuery+'&codec='+$j('#codec').val()); } function changeScale() { From 7068769a9002533e6cf0ad878d2ccb6e7435c004 Mon Sep 17 00:00:00 2001 From: Isaac Connor Date: Fri, 18 Oct 2019 13:52:07 -0400 Subject: [PATCH 723/922] zm_send_packet_receive_frame sends 0 as success --- src/zm_ffmpeg_camera.cpp | 33 +++++++++++++++++++++------------ 1 file changed, 21 insertions(+), 12 deletions(-) diff --git a/src/zm_ffmpeg_camera.cpp b/src/zm_ffmpeg_camera.cpp index 7c9479f44..9e43fcf53 100644 --- a/src/zm_ffmpeg_camera.cpp +++ b/src/zm_ffmpeg_camera.cpp @@ -257,9 +257,16 @@ int FfmpegCamera::Capture(Image &image) { (keyframe || have_video_keyframe) ) { ret = zm_send_packet_receive_frame(mVideoCodecContext, mRawFrame, packet); - if ( ret <= 0 ) { - Error("Unable to get frame at frame %d: %s, continuing", - frameCount, av_make_error_string(ret).c_str()); + if ( ret < 0 ) { + if ( AVERROR(EAGAIN) != ret ) { + Warning("Unable to receive frame %d: code %d %s. error count is %d", + frameCount, ret, av_make_error_string(ret).c_str(), error_count); + error_count += 1; + if ( error_count > 100 ) { + Error("Error count over 100, going to close and re-open stream"); + return -1; + } + } zm_av_packet_unref(&packet); continue; } @@ -944,21 +951,23 @@ int FfmpegCamera::CaptureAndRecord( int ret = videoStore->writeVideoFramePacket(&packet); if ( ret < 0 ) { // Less than zero and we skipped a frame - Error("Unable to write video packet %d: %s", - frameCount, av_make_error_string(ret).c_str()); + Error("Unable to write video packet code: %d, framecount %d: %s", + ret, frameCount, av_make_error_string(ret).c_str()); } else { have_video_keyframe = true; } } // end if keyframe or have_video_keyframe ret = zm_send_packet_receive_frame(mVideoCodecContext, mRawFrame, packet); - if ( ret <= 0 ) { - Warning("Unable to receive frame %d: %s. error count is %d", - frameCount, av_make_error_string(ret).c_str(), error_count); - error_count += 1; - if ( error_count > 100 ) { - Error("Error count over 100, going to close and re-open stream"); - return -1; + if ( ret < 0 ) { + if ( AVERROR(EAGAIN) != ret ) { + Warning("Unable to receive frame %d: code %d %s. error count is %d", + frameCount, ret, av_make_error_string(ret).c_str(), error_count); + error_count += 1; + if ( error_count > 100 ) { + Error("Error count over 100, going to close and re-open stream"); + return -1; + } } zm_av_packet_unref(&packet); continue; From a6a61b75b9b1c664b630224a873f989b7d44f12d Mon Sep 17 00:00:00 2001 From: Isaac Connor Date: Fri, 18 Oct 2019 13:52:34 -0400 Subject: [PATCH 724/922] update ptz css in classic --- web/skins/classic/css/classic/views/control.css | 6 +++--- 1 file changed, 3 insertions(+), 3 deletions(-) diff --git a/web/skins/classic/css/classic/views/control.css b/web/skins/classic/css/classic/views/control.css index 55613d041..b9c59ae74 100644 --- a/web/skins/classic/css/classic/views/control.css +++ b/web/skins/classic/css/classic/views/control.css @@ -1,7 +1,7 @@ .ptzControls { vertical-align: top; margin: 10px auto 0; - width: 500px; + width: 90%; } .ptzControls::after { @@ -25,7 +25,7 @@ } .ptzControls .controlsPanel .arrowControl { - width: 40px; + width: 70px; margin: 0 4px; } @@ -139,7 +139,7 @@ } .ptzControls .presetControls { - margin: 5px auto; + margin: 5px 200px 5px 180px; } .ptzControls .presetControls input { From 2619e90e96332337a6504b5c3c0b929024d8993b Mon Sep 17 00:00:00 2001 From: Isaac Connor Date: Fri, 18 Oct 2019 14:12:26 -0400 Subject: [PATCH 725/922] add missing sendCmd's, spacing --- .../lib/ZoneMinder/Control/Netcat.pm | 35 +++++++------------ 1 file changed, 13 insertions(+), 22 deletions(-) diff --git a/scripts/ZoneMinder/lib/ZoneMinder/Control/Netcat.pm b/scripts/ZoneMinder/lib/ZoneMinder/Control/Netcat.pm index 11d6ba9b3..b8d756887 100644 --- a/scripts/ZoneMinder/lib/ZoneMinder/Control/Netcat.pm +++ b/scripts/ZoneMinder/lib/ZoneMinder/Control/Netcat.pm @@ -109,32 +109,22 @@ sub parseControlAddress { ($address, $port) = split /:/, $addressport; } -sub digestBase64 -{ +sub digestBase64 { my ($nonce, $date, $password) = @_; my $shaGenerator = Digest::SHA->new(1); $shaGenerator->add($nonce . $date . $password); - return encode_base64($shaGenerator->digest, ""); + return encode_base64($shaGenerator->digest, ''); } sub authentificationHeader { my ($username, $password) = @_; - my $nonce; - $nonce .= chr(int(rand(254))) for (0 .. 20); + my $nonce = chr(int(rand(254))) for (0 .. 20); my $nonceBase64 = encode_base64($nonce, ''); my $currentDate = DateTime->now()->iso8601().'Z'; return '' . $username . '' . digestBase64($nonce, $currentDate, $password) . '' . $nonceBase64 . '' . $currentDate . ''; } -sub printMsg { - my $self = shift; - my $msg = shift; - my $msg_len = length($msg); - - Debug($msg.'['.$msg_len.']'); -} - sub sendCmd { my $self = shift; my $cmd = shift; @@ -144,7 +134,7 @@ sub sendCmd { printMsg($cmd, 'Tx'); - my $server_endpoint = 'http://' . $address . ':' . $port . "/$cmd"; + my $server_endpoint = 'http://'.$address.':'.$port.'/'.$cmd; my $req = HTTP::Request->new(POST => $server_endpoint); $req->header('content-type' => $content_type); $req->header('Host' => $address . ':' . $port); @@ -166,7 +156,7 @@ sub sendCmd { sub getCamParams { my $self = shift; my $msg = '000'; - my $server_endpoint = 'http://' . $address . ':' . $port . '/onvif/imaging'; + my $server_endpoint = 'http://'.$address.':'.$port.'/onvif/imaging'; my $req = HTTP::Request->new(POST => $server_endpoint); $req->header('content-type' => 'application/soap+xml; charset=utf-8; action="http://www.onvif.org/ver20/imaging/wsdl/GetImagingSettings"'); $req->header('Host' => $address . ':' . $port); @@ -405,17 +395,16 @@ sub irisAbsOpen { my $cmd = 'onvif/imaging'; my $msg ='' . ((%identity) ? authentificationHeader($identity{username}, $identity{password}) : '') . '000'.$CamParams{Brightness}.'true'; my $content_type = 'application/soap+xml; charset=utf-8; action="http://www.onvif.org/ver20/imaging/wsdl/SetImagingSettings"'; - $self->sendCmd( $cmd, $msg, $content_type ); + $self->sendCmd($cmd, $msg, $content_type); } # Decrease Brightness -sub irisAbsClose -{ - Debug( "Iris $CamParams{Brightness}" ); +sub irisAbsClose { + Debug("Iris $CamParams{Brightness}"); my $self = shift; my $params = shift; $self->getCamParams() unless($CamParams{brightness}); - my $step = $self->getParam( $params, 'step' ); + my $step = $self->getParam($params, 'step'); my $min = 0; $CamParams{Brightness} -= $step; @@ -424,7 +413,7 @@ sub irisAbsClose my $cmd = 'onvif/imaging'; my $msg ='' . ((%identity) ? authentificationHeader($identity{username}, $identity{password}) : '') . '000'.$CamParams{Brightness}.'true'; my $content_type = 'application/soap+xml; charset=utf-8; action="http://www.onvif.org/ver20/imaging/wsdl/SetImagingSettings"'; - $self->sendCmd( $cmd, $msg, $content_type ); + $self->sendCmd($cmd, $msg, $content_type); } # Increase Contrast @@ -433,7 +422,7 @@ sub whiteAbsIn { my $self = shift; my $params = shift; $self->getCamParams() unless($CamParams{Contrast}); - my $step = $self->getParam( $params, 'step' ); + my $step = $self->getParam($params, 'step'); my $max = 100; $CamParams{Contrast} += $step; @@ -442,6 +431,7 @@ sub whiteAbsIn { my $cmd = 'onvif/imaging'; my $msg ='' . ((%identity) ? authentificationHeader($identity{username}, $identity{password}) : '') . '000'.$CamParams{Contrast}.'true'; my $content_type = 'application/soap+xml; charset=utf-8; action="http://www.onvif.org/ver20/imaging/wsdl/SetImagingSettings"'; + $self->sendCmd($cmd, $msg, $content_type); } # Decrease Contrast @@ -459,6 +449,7 @@ sub whiteAbsOut { my $cmd = 'onvif/imaging'; my $msg ='' . ((%identity) ? authentificationHeader($identity{username}, $identity{password}) : '') . '000'.$CamParams{Contrast}.'true'; my $content_type = 'application/soap+xml; charset=utf-8; action="http://www.onvif.org/ver20/imaging/wsdl/SetImagingSettings"'; + $self->sendCmd($cmd, $msg, $content_type); } 1; From 1a417952c3a449a5c4f832b6069a3383eccd14b7 Mon Sep 17 00:00:00 2001 From: Isaac Connor Date: Fri, 18 Oct 2019 14:19:25 -0400 Subject: [PATCH 726/922] AutoStopTimeOut is part of Monitor, not Control --- web/includes/control_functions.php | 14 +++++++------- 1 file changed, 7 insertions(+), 7 deletions(-) diff --git a/web/includes/control_functions.php b/web/includes/control_functions.php index 91c886b82..af426ee62 100644 --- a/web/includes/control_functions.php +++ b/web/includes/control_functions.php @@ -31,7 +31,7 @@ function buildControlCommand($monitor) { } case 'Con' : { - if ( $control->AutoStopTimeout() ) { + if ( $monitor->AutoStopTimeout() ) { $slowSpeed = intval(round($control->MinFocusSpeed()+(($control->MaxFocusSpeed()-$control->MinFocusSpeed())*$slow))); if ( $speed < $slowSpeed ) { $ctrlCommand .= ' --autostop'; @@ -55,7 +55,7 @@ function buildControlCommand($monitor) { $ctrlCommand .= ' --step='.$step; break; case 'Con' : - if ( $control->AutoStopTimeout() ) { + if ( $monitor->AutoStopTimeout() ) { $slowSpeed = intval(round($control->MinZoomSpeed()+(($control->MaxZoomSpeed()-$control->MinZoomSpeed())*$slow))); if ( $speed < $slowSpeed ) { $ctrlCommand .= ' --autostop'; @@ -207,7 +207,7 @@ function buildControlCommand($monitor) { } break; case 'Con' : - if ( $control->AutoStopTimeout() ) { + if ( $monitor->AutoStopTimeout() ) { $slowPanSpeed = intval(round($control->MinPanSpeed()+(($control->MaxPanSpeed()-$control->MinPanSpeed())*$slow))); $slowTiltSpeed = intval(round($control->MinTiltSpeed()+(($control->MaxTiltSpeed()-$control->MinTiltSpeed())*$slow))); if ( (!isset($panSpeed) || ($panSpeed < $slowPanSpeed)) && (!isset($tiltSpeed) || ($tiltSpeed < $slowTiltSpeed)) ) { @@ -441,7 +441,7 @@ function buildControlCommand($monitor) { if ( preg_match( '/^(Up|Down)/', $dirn ) ) { $ctrlCommand .= ' --tiltspeed='.$tiltSpeed; } - if ( $control->AutoStopTimeout() ) { + if ( $monitor->AutoStopTimeout() ) { $slowPanSpeed = intval(round($control->MinPanSpeed()+(($control->MaxPanSpeed()-$control->MinPanSpeed())*$slow))); $slowTiltSpeed = intval(round($control->MinTiltSpeed()+(($control->MaxTiltSpeed()-$control->MinTiltSpeed())*$slow))); if ( (!isset($panSpeed) || ($panSpeed < $slowPanSpeed)) && (!isset($tiltSpeed) || ($tiltSpeed < $slowTiltSpeed)) ) { @@ -482,7 +482,7 @@ function buildControlCommand($monitor) { $ctrlCommand .= ' --step='.$step; break; case 'Con' : - if ( $control->AutoStopTimeout() ) { + if ( $monitor->AutoStopTimeout() ) { $slowSpeed = intval(round($control->MinFocusSpeed()+(($control->MaxFocusSpeed()-$control->MinFocusSpeed())*$slow))); if ( $speed < $slowSpeed ) { $ctrlCommand .= ' --autostop'; @@ -511,7 +511,7 @@ function buildControlCommand($monitor) { $ctrlCommand .= ' --step='.$step; break; case 'Con' : - if ( $control->AutoStopTimeout() ) { + if ( $monitor->AutoStopTimeout() ) { $slowSpeed = intval(round($control->MinZoomSpeed()+(($control->MaxZoomSpeed()-$control->MinZoomSpeed())*$slow))); if ( $speed < $slowSpeed ) { $ctrlCommand .= ' --autostop'; @@ -695,7 +695,7 @@ function buildControlCommand($monitor) { } break; case 'Con' : - if ( $control->AutoStopTimeout() ) { + if ( $monitor->AutoStopTimeout() ) { $slowPanSpeed = intval(round($control->MinPanSpeed()+(($control->MaxPanSpeed()-$control->MinPanSpeed())*$slow))); $slowTiltSpeed = intval(round($control->MinTiltSpeed()+(($control->MaxTiltSpeed()-$control->MinTiltSpeed())*$slow))); if ( (!isset($panSpeed) || ($panSpeed < $slowPanSpeed)) && (!isset($tiltSpeed) || ($tiltSpeed < $slowTiltSpeed)) ) { From 6a3fe1ef1f252d396bd525bb269f6ecab91dc879 Mon Sep 17 00:00:00 2001 From: Isaac Connor Date: Fri, 18 Oct 2019 14:37:09 -0400 Subject: [PATCH 727/922] actually set date.timezone from ZM_TIMEZONE --- web/includes/config.php.in | 2 ++ 1 file changed, 2 insertions(+) diff --git a/web/includes/config.php.in b/web/includes/config.php.in index 01382ad37..dd3439680 100644 --- a/web/includes/config.php.in +++ b/web/includes/config.php.in @@ -191,6 +191,8 @@ if ( ! defined('ZM_SERVER_ID') ) { } } +ini_set('date.timezone', ZM_TIMEZONE); + function process_configfile($configFile) { if ( is_readable( $configFile ) ) { $configvals = array(); From ea707e5ad1ca2b77ecef42341115321834274acc Mon Sep 17 00:00:00 2001 From: Isaac Connor Date: Fri, 18 Oct 2019 16:42:38 -0400 Subject: [PATCH 728/922] change travis build dist from trusty to xenial. xenial is the default since April 23rd 2019. This should also fix an issue with ssh using ssh-dss keys which are deprecated --- .travis.yml | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/.travis.yml b/.travis.yml index c6aac58fb..7e27aee7d 100644 --- a/.travis.yml +++ b/.travis.yml @@ -1,6 +1,6 @@ language: cpp sudo: required -dist: trusty +dist: xenial git: depth: 9999999 notifications: From b6c22139d62599b89b5a270717945c22026ccf23 Mon Sep 17 00:00:00 2001 From: Isaac Connor Date: Fri, 18 Oct 2019 18:16:59 -0400 Subject: [PATCH 729/922] update links in docs. Remove build examples using configure as it has been deprecated for a long time. --- docs/faq.rst | 68 ++++++++--------------- docs/installationguide/redhat.rst | 2 +- docs/installationguide/ubuntu.rst | 6 +- docs/userguide/definemonitor.rst | 4 +- docs/userguide/definezone.rst | 4 +- docs/userguide/filterevents.rst | 2 +- docs/userguide/gettingstarted.rst | 4 +- docs/userguide/mobile.rst | 5 +- docs/userguide/options/options_email.rst | 2 +- docs/userguide/options/options_system.rst | 2 +- docs/userguide/viewevents.rst | 2 +- 11 files changed, 38 insertions(+), 63 deletions(-) diff --git a/docs/faq.rst b/docs/faq.rst index 5b8c97f5c..858408c71 100644 --- a/docs/faq.rst +++ b/docs/faq.rst @@ -138,7 +138,7 @@ So, for example: that means I shouldn't have any problem. (Note that 1kbyte = 1024bytes, 1MB = 1024 kB) -If for instance you were using 24bit 640x480 then this would come to about 92Mb if you are using the default buffer size of 100. If this is too large then you can either reduce the image or buffer sizes or increase the maximum amount of shared memory available. If you are using RedHat then you can get details on how to change these settings `here `__ +If for instance you were using 24bit 640x480 then this would come to about 92Mb if you are using the default buffer size of 100. If this is too large then you can either reduce the image or buffer sizes or increase the maximum amount of shared memory available. If you are using RedHat then you can get details on how to change these settings `here `__ You should be able to use a similar procedure with other distributions to modify the shared memory pool without kernel recompilations though in some cases this may be necessary. Note, this error also sometimes occurs if you have an old shared memory segment lying around from a previous run that is too small. Use the ipcs and ipcrm system commands to check and remove it if necessary.'" @@ -183,9 +183,9 @@ Note that with Megapixel cameras like the Axis 207mw becoming cheaper and more a These changes will now also be set the next time your machine is restarted. -Versions 1.24.x of ZoneMinder also allows you to use an alternate method of shared memory allocation, `Mmap mapped memory `__ . This requires less configuration and can be simpler to use. Mapped memory allows you to use a special type of file as the placeholder for your memory and this file is 'mapped' into memory space for easy and fast access. +Versions 1.24.x of ZoneMinder also allows you to use an alternate method of shared memory allocation, `Mmap mapped memory `__ . This requires less configuration and can be simpler to use. Mapped memory allows you to use a special type of file as the placeholder for your memory and this file is 'mapped' into memory space for easy and fast access. -To enable mapped memory in ZoneMinder you need add add the --enable--mmap=yes switch to your configure line. By default mapped memory files are created in /dev/shm which on most distributions is a dedicated pseudo-partition containing memory formatted as a filesystem. If your system uses a different path then this can be changed in ZoneMinder in Options->paths->PATH_MAP. It uses a filesystem type called `tmpfs `__. If you type ``df -h`` you should see this area and the size of memory it currently allows. To increase size for tmpfs you need to edit /etc/default/tmpfs. Search for: +To enable mapped memory in ZoneMinder you need add add the --enable--mmap=yes switch to your configure line. By default mapped memory files are created in /dev/shm which on most distributions is a dedicated pseudo-partition containing memory formatted as a filesystem. If your system uses a different path then this can be changed in ZoneMinder in Options->paths->PATH_MAP. It uses a filesystem type called `tmpfs `__. If you type ``df -h`` you should see this area and the size of memory it currently allows. To increase size for tmpfs you need to edit /etc/default/tmpfs. Search for: ``SHM_SIZE=128M`` and change to something like ``SHM_SIZE=1G`` @@ -195,8 +195,6 @@ It is important that you do not use a disk based filesystem for your memory mapp Mapped memory is subject to the same limitations in terms of total memory as using more traditional shared memory but does not require any configuration per allocation or chunk. In future versions of ZoneMinder this will be the default shared memory storage method. -Another good article about shared memory settings can be found `here `__ . - The essential difference was that the kernel.shmall setting is NOT in a direct memory setting in KB but in pages of memory. it is Max Pages of memory *For example:* If you want to allocate a maximum memory setting to 8GB you have to convert it to the number of pages (or segments). @@ -221,9 +219,9 @@ As above, reload your sysctl.conf with ``sysctl -p`` and check that the settings I have enabled motion detection but it is not always being triggered when things happen in the camera view --------------------------------------------------------------------------------------------------------------- -ZoneMinder uses zones to examine images for motion detection. When you create the initial zones you can choose from a number of preset values for sensitivity etc. Whilst these are usually a good starting point they are not always suitable for all situations and you will probably need to tweak the values for your specific circumstances. The meanings of the various settings are described in the documentation (`here `__) however if you believe you have sensible settings configured then there are two diagnostic approaches you can use. +ZoneMinder uses zones to examine images for motion detection. When you create the initial zones you can choose from a number of preset values for sensitivity etc. Whilst these are usually a good starting point they are not always suitable for all situations and you will probably need to tweak the values for your specific circumstances. The meanings of the various settings are described in the documentation (`here `__) however if you believe you have sensible settings configured then there are two diagnostic approaches you can use. -Another user contributed illustrated Zone definition guide can be found here: `An illustrated guide to Zones `__ +Another user contributed illustrated Zone definition guide can be found here: `An illustrated guide to Zones `__ Event Statistics ^^^^^^^^^^^^^^^^^ @@ -332,15 +330,15 @@ This function has from time to time been corrupted in the SVN release or in the How much Hard Disk Space / Bandwidth do I need for ZM? --------------------------------------------------------------- -Please see `this excel sheet `__ or `this online excel sheet `__ (both are user contributed excel sheets) +Please see `this excel sheet `__ or `this online excel sheet `__ (both are user contributed excel sheets) -Or go to `this link `__ for the Axis bandwidth calculator. Although this is aimed at Axis cameras it still produces valid results for any kind of IP camera. +Or go to `this link `__ for the Axis bandwidth calculator. Although this is aimed at Axis cameras it still produces valid results for any kind of IP camera. As a quick guide I have 4 cameras at 320x240 storing 1 fps except during alarm events. After 1 week 60GB of space in the volume where the events are stored (/var/www/html/zm) has been used. When I try and run ZoneMinder I get lots of audit permission errors in the logs and it won't start ------------------------------------------------------------------------------------------------------- -Many Linux distributions nowadays are built with security in mind. One of the latest methods of achieving this is via SELinux (Secure Linux) which controls who is able to run what in a more precise way then traditional accounting and file based permissions (`link `__). +Many Linux distributions nowadays are built with security in mind. One of the latest methods of achieving this is via SELinux (Secure Linux) which controls who is able to run what in a more precise way then traditional accounting and file based permissions (`link `__). If you are seeing entries in your system log like: Jun 11 20:44:02 kernel: audit(1150033442.443:226): avc: denied { read } for pid=5068 @@ -381,8 +379,8 @@ If you have upgraded from a previous version of ZoneMinder and this option is no Note that you can re-run the migrate-events command if any error messages scroll off the screen. -You can read about the lack of a limit in the number of sub-directories in the ext4 filesystem at: `this link `__ -and see what tools may assist in your use of this filesystem `here `__ +You can read about the lack of a limit in the number of sub-directories in the ext4 filesystem at: `this link `__ +and see what tools may assist in your use of this filesystem `here `__ If you search for ext3 or reiserfs on the forums you will find various threads on this issue with guidance on how to convert. @@ -410,7 +408,7 @@ Zoneminder runs on Linux, Linux measures system load using "load", which is comp A load of 1.0 means the processor has "just enough to do right now". Also worth noting that a load of 4.0 means exactly the same for a quad processor machine - each number equals a single processor's workload. A very high load can be fine on a computer that has a stacked workload - such as a machine sending out bulk emails, or working its way through a knotty problem; it'll just keep churning away until it's done. However - Zoneminder needs to process information in real time so it can't afford to stack its jobs, it needs to deal with them right away. -For a better and full explanation of Load: `Please read this `__ +For a better and full explanation of Load: `Please read this `__ My load is too high, how can I reduce it? ^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^ @@ -427,7 +425,7 @@ Zoneminder is *very* tweakable and it's possible to tune it to compromise. The f * Experiment with using jpeg instead of mjpeg. Some users have reported it gives better performance, but YMMV. - * Tweak the zones. Keep them as small and as few as possible. Stick to one zone unless you really need more. Read `this `__ for an easy to understand explanation along with the official Zone guide. + * Tweak the zones. Keep them as small and as few as possible. Stick to one zone unless you really need more. Read `this `__ for an easy to understand explanation along with the official Zone guide. * Schedule. If you are running a linux system at near capacity, you'll need to think carefully about things like backups and scheduled tasks. updatedb - the process which maintains a file database so that 'locate' works quickly, is normally scheduled to run once a day and if on a busy system can create a heavy increase on the load. The same is true for scheduled backups, especially those which compress the files. Re-schedule these tasks to a time when the cpu is less likely to be busy, if possible - and also use the "nice" command to reduce their priority. (crontab and /etc/cron.daily/ are good places to start) @@ -440,38 +438,16 @@ More expensive options: * Faster CPU. Simple but effective. Zoneminder also works very well with multiple processor systems out of the box (if SMP is enabled in your kernel). The load of different cameras is spread across the processors. - * Try building Zoneminder with processor specific instructions that are optimised to the system it will be running on, also increasing the optimisation level of GCC beyond -O2 will help. - -:: - - ./configure CFLAGS="-g -O3 -march=athlon-xp -mtune=athlon-xp" CXXFLAGS="-g -O3 -march=athlon-xp -mtune=athlon-xp" - -The above command is optimised for an Athlon XP cpu so you will need to use the specific processor tag for your cpu, also the compiler optimisation has been increased to -O3. - -You also need to put in your normal ./configure commands as if you were compiling with out this optimisation. - -A further note is that the compile must be performed on the system that Zoneminder will be running on as this optimisation will make it hardware specific code. - -Processor specific commands can be found in the GCC manual along with some more options that may increase performanc. -``__ - -The below command has been used to compile Zoneminder on a Athlon XP system running CentOS 5.5 and along with the libjpeg-turbo modification to reduce the CPU load in half, libjpeg-turbo reduced the load by 1/3 before the processor optimisation. -:: - - ./configure --with-webdir=/var/www/html/zm --with-cgidir=/var/www/cgi-bin CFLAGS="-g -O3 -march=athlon-xp -mtune=athlon-xp" CXXFLAGS="-D__STDC_CONSTANT_MACROS -g -O3 -march=athlon-xp -mtune=athlon-xp" --enable-mmap --sysconfdir=/etc/zm - -The following command has been used to compile Zoneminder 1.25 on a CentOS 6.0 system, the native command should choose the processor automatically during compile time, this needs to be performed on the actual system!!. - -:: - - CFLAGS="-g -O3 -march=native -mtune=native" CXXFLAGS="-D__STDC_CONSTANT_MACROS -g -O3 -march=native -mtune=native" ./configure --with-webdir=/var/www/html/zm --with-cgidir=/var/www/cgi-bin --with-webuser=apache --with-webgroup=apache ZM_DB_HOST=localhost ZM_DB_NAME=zm ZM_DB_USER=your_zm_user ZM_DB_PASS=your_zm_password ZM_SSL_LIB=openssl + * Try building Zoneminder with processor specific instructions that are optimised to the system it will be running on, also increasing the optimisation level of GCC beyond -O2 will help. This topic is beyond the scope of this document. +Processor specific commands can be found in the GCC manual along with some more options that may increase performance. +``__ What about disks and bandwidth? ^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^ A typical 100mbit LAN will cope with most setups easily. If you're feeding from cameras over smaller or internet links, obviously fps will be much lower. -Disk and Bandwidth calculators are referenced on the Zoneminder wiki here: http://www.zoneminder.com/wiki/index.php/FAQ#How_much_Hard_Disk_Space_.2F_Bandwidth_do_I_need_for_ZM.3F +Disk and Bandwidth calculators are referenced on the Zoneminder wiki here: https://zoneminder.readthedocs.io/en/latest/faq.html#how-much-hard-disk-space-bandwidth-do-i-need-for-zm Building ZoneMinder @@ -530,7 +506,7 @@ To save a run state you should first configure your monitors for Modect, Record, Now you can switch between these two states by selecting them from the same dialog you saved them, or from the command line from issue the command ''zmpkg.pl '', for example ''zmpkg.pl Daytime''. -The final step you need to take, is scheduling the time the changes take effect. For this you can use `cron `__. A simple entry to change to the Daylight state at at 8am and to the nighttime state at 8pm would be as follows, +The final step you need to take, is scheduling the time the changes take effect. For this you can use `cron `__. A simple entry to change to the Daylight state at at 8am and to the nighttime state at 8pm would be as follows, :: @@ -644,7 +620,7 @@ Why am I getting broken images when trying to view events? ^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^ Zoneminder and the Apache web server need to have the right permissions. Check this forum topic and similar ones: -http://www.zoneminder.com/forums/viewtopic.php?p=48754#48754 +https://forums.zoneminder.com/viewtopic.php?p=48754 I can review events for the current day, but ones from yesterday and beyond error out @@ -665,7 +641,7 @@ Once you know what timezone your system is set to, open `/etc/php.ini` and adjus Why is the image from my color camera appearing in black and white? ^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^ -If you recently upgraded to zoneminder 1.26, there is a per camera option that defaults to black and white and can be mis-set if your upgrade didn't happen right. See this thread: http://www.zoneminder.com/forums/viewtopic.php?f=30&t=21344 +If you recently upgraded to zoneminder 1.26, there is a per camera option that defaults to black and white and can be mis-set if your upgrade didn't happen right. See this thread: https://forums.zoneminder.com/viewtopic.php?f=30&t=21344 This may occur if you have a NTSC analog camera but have configured the source in ZoneMinder as PAL for the Device Format under the source tab. You may also be mislead because zmu can report the video port as being PAL when the camera is actually NTSC. Confirm the format of your analog camera by checking it's technical specifications, possibly found with the packaging it came in, on the manufacturers website, or even on the retail website where you purchased the camera. Change the Device Format setting to NTSC and set it to the lowest resolution of 320 x 240. If you have confirmed that the camera itself is NTSC format, but don't get a picture using the NTSC setting, consider increasing the shared memory '''kernel.shmall''' and '''kernel.shmmax''' settings in /etc/sysctl.conf to a larger value such as 268435456. This is also the reason you should start with the 320x240 resolution, so as to minimize the potential of memory problems which would interfere with your attempts to troubleshoot the device format issue. Once you have obtained a picture in the monitor using the NTSC format, then you can experiment with raising the resolution. @@ -715,7 +691,7 @@ How do I repair the MySQL Database when the cli fails? In Ubuntu, the commands listed above do not seem to work. However, actually doing it by hand from within MySQL does. (But that is beyond the scope of this document) But that got me thinking... And phpmyadmin does work. Bring up a terminal. ``sudo apt-get install phpmyadmin`` -Now go to http://zoneminder_IP/ and stop the ZM service. Continue to http://zoneminder_IP/phpmyadmin and select the zoneminder database. Select and tables marked 'in use' and pick the action 'repare' to fix. Restart the zoneminder service from the web browser. Remove or disable the phpmyadmin tool, as it is not always the most secure thing around, and opens your database wide to any skilled hacker. +Now go to ``http://zoneminder_IP/`` and stop the ZM service. Continue to ``http://zoneminder_IP/phpmyadmin`` and select the zoneminder database. Select and tables marked 'in use' and pick the action 'repare' to fix. Restart the zoneminder service from the web browser. Remove or disable the phpmyadmin tool, as it is not always the most secure thing around, and opens your database wide to any skilled hacker. ``sudo apt-get remove phpmyadmin`` I upgraded by distribution and ZM stopped working @@ -760,10 +736,10 @@ The ZoneMinder license is described at the end of the documentation and consists This program is distributed in the hope that it will be useful, but WITHOUT ANY WARRANTY; without even the implied warranty of MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU General Public License for more details. -This means that ZoneMinder is licensed under the terms described `here `__. There is a comprehensive FAQ covering the GPL at http://www.gnu.org/licenses/gpl-faq.html but in essence you are allowed to redistribute or modify GPL licensed software provided that you release your distribution or modifications freely under the same terms. You are allowed to sell systems based on GPL software. You are not allowed to restrict or reduce the rights of GPL software in your distribution however. Of course if you are just making modifications for your system locally you are not releasing changes so you have no obligations in this case. I recommend reading the GPL FAQ for more in-depth coverage of this issue. +This means that ZoneMinder is licensed under the terms described `here `__. There is a comprehensive FAQ covering the GPL at https://www.gnu.org/licenses/gpl-faq.html but in essence you are allowed to redistribute or modify GPL licensed software provided that you release your distribution or modifications freely under the same terms. You are allowed to sell systems based on GPL software. You are not allowed to restrict or reduce the rights of GPL software in your distribution however. Of course if you are just making modifications for your system locally you are not releasing changes so you have no obligations in this case. I recommend reading the GPL FAQ for more in-depth coverage of this issue. Can I use ZoneMinder as part of my commercial product? ^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^ -The GPL license allows you produce systems based on GPL software provided your systems also adhere to that license and any modifications you make are also released under the same terms. The GPL does not permit you to include ZoneMinder in proprietary systems (see http://www.gnu.org/licenses/gpl-faq.html#GPLInProprietarySystem for details). If you wish to include ZoneMinder in this kind of system then you will need to license ZoneMinder under different terms. This is sometimes possible and you will need to contact me for further details in these circumstances. +The GPL license allows you produce systems based on GPL software provided your systems also adhere to that license and any modifications you make are also released under the same terms. The GPL does not permit you to include ZoneMinder in proprietary systems (see https://www.gnu.org/licenses/gpl-faq.html#GPLInProprietarySystem for details). If you wish to include ZoneMinder in this kind of system then you will need to license ZoneMinder under different terms. This is sometimes possible and you will need to contact me for further details in these circumstances. diff --git a/docs/installationguide/redhat.rst b/docs/installationguide/redhat.rst index 5b5067058..d35f1fbd3 100644 --- a/docs/installationguide/redhat.rst +++ b/docs/installationguide/redhat.rst @@ -101,7 +101,7 @@ Certain commands in these instructions require root privileges while other comma Set Up Your Environment *********************** -Before you begin, set up an rpmbuild environment by following `this guide `_ by the CentOS developers. +Before you begin, set up an rpmbuild environment by following `this guide `_ by the CentOS developers. In addition, make sure RPM Fusion is enabled as described in the previous section `How to Install ZoneMinder`_. diff --git a/docs/installationguide/ubuntu.rst b/docs/installationguide/ubuntu.rst index 65b6d163e..491ee1eb8 100644 --- a/docs/installationguide/ubuntu.rst +++ b/docs/installationguide/ubuntu.rst @@ -155,7 +155,7 @@ You may also want to enable to following modules to improve caching performance nano /etc/php/7.2/apache2/php.ini Search for [Date] (Ctrl + w then type Date and press Enter) and change -date.timezone for your time zone, see [this](http://php.net/manual/en/timezones.php). +date.timezone for your time zone, see [this](https://www.php.net/manual/en/timezones.php). **Don't forget to remove the ; from in front of date.timezone** :: @@ -346,7 +346,7 @@ You may also want to enable to following modules to improve caching performance nano /etc/php/7.0/apache2/php.ini Search for [Date] (Ctrl + w then type Date and press Enter) and change -date.timezone for your time zone, see [this](http://php.net/manual/en/timezones.php). +date.timezone for your time zone, see [this](https://www.php.net/manual/en/timezones.php). **Don't forget to remove the ; from in front of date.timezone** :: @@ -434,7 +434,7 @@ Easy Way: Ubuntu 14.x (Trusty) nano /etc/php5/apache2/php.ini Search for [Date] (Ctrl + w then type Date and press Enter) and change -date.timezone for your time zone, see [this](http://php.net/manual/en/timezones.php). +date.timezone for your time zone, see [this](https://www.php.net/manual/en/timezones.php). **Don't forget to remove the ; from in front of date.timezone** :: diff --git a/docs/userguide/definemonitor.rst b/docs/userguide/definemonitor.rst index 7641cb751..a850c8c92 100644 --- a/docs/userguide/definemonitor.rst +++ b/docs/userguide/definemonitor.rst @@ -77,7 +77,7 @@ Source Path Use this field to enter the full URL of the stream or file your camera supports. This is usually an RTSP url. There are several methods to learn this: * Check the documentation that came with your camera - * Look for your camera in the hardware compatibilty list in the wiki http://wiki.zoneminder.com/Hardware_Compatibility_List + * Look for your camera in the hardware compatibilty list in the wiki https://wiki.zoneminder.com/Hardware_Compatibility_List * Try ZoneMinder's new ONVIF probe feature * Download and install the ONVIF Device Manager onto a Windows machine https://sourceforge.net/projects/onvifdm/ * Use Google to find third party sites, such as ispy, which document this information @@ -121,7 +121,7 @@ Remote Protocol Remote Method When HTTP is the Remote Protocol, your choices are Simple and Regexp. Most should choose Simple. When RTSP is the Remote Protocol, your choices are RTP/Unicast, RTP/Multicast, RTP/RTSP, RTP,RTSP,HTTP. Try each of these to determine which works with your camera. Most cameras will use either RTP/Unicast (UDP) or RTP/RTSP (TCP). Remote Host/Port/Path - Use these fields to enter the full URL of the camera. Basically if your camera is at http://camserver.home.net:8192/cameras/camera1.jpg then these fields will be camserver.home.net, 8192 and /cameras/camera1.jpg respectively. Leave the port at 80 if there is no special port required. If you require authentication to access your camera then add this onto the host name in the form :@.com. This will usually be 32 or 24 bit colour even if the image looks black and white. Look in Supported Hardware > Network Cameras section, how to obtain these strings that may apply to your camera. + Use these fields to enter the full URL of the camera. Basically if your camera is at ``http://camserver.home.net:8192/cameras/camera1.jpg`` then these fields will be camserver.home.net, 8192 and /cameras/camera1.jpg respectively. Leave the port at 80 if there is no special port required. If you require authentication to access your camera then add this onto the host name in the form :@.com. This will usually be 32 or 24 bit colour even if the image looks black and white. Look in Supported Hardware > Network Cameras section, how to obtain these strings that may apply to your camera. Remote Image Colours Specify the amount of colours in the captured image. Unlike with local cameras changing this has no controlling effect on the remote camera itself so ensure that your camera is actually capturing to this palette beforehand. Capture Width/Height diff --git a/docs/userguide/definezone.rst b/docs/userguide/definezone.rst index 97f42f864..1d00c71b4 100644 --- a/docs/userguide/definezone.rst +++ b/docs/userguide/definezone.rst @@ -40,7 +40,7 @@ Type Preset The preset chooser sets sensible default values based on computational needs (fast v. best) and sensitivity (low, medium, high.) It is not required that you select a preset, and you can alter any of the parameters after choosing a preset. For a small number of monitors with ZoneMinder running on modern equipment, Best, high sensitivity can be chosen as a good starting point. - It is important to understand that the available presets are intended merely as a starting point. Since every camera's view is unique, they are not guaranteed to work properly in every case. Presets tend to work acceptably for indoor cameras, where the objects of interest are relatively close and there typically are few or no unwanted objects moving within the cameras view. Presets, on the other hand, tend to not work acceptably for outdoor cameras, where the field of view is typically much wider, objects of interest are farther away, and changing weather patterns can cause false triggers. For outdoor cameras in particular, you will almost certainly have to tune your motion detection zone to get desired results. Please refer to `this guide `__ to learn how to do this. + It is important to understand that the available presets are intended merely as a starting point. Since every camera's view is unique, they are not guaranteed to work properly in every case. Presets tend to work acceptably for indoor cameras, where the objects of interest are relatively close and there typically are few or no unwanted objects moving within the cameras view. Presets, on the other hand, tend to not work acceptably for outdoor cameras, where the field of view is typically much wider, objects of interest are farther away, and changing weather patterns can cause false triggers. For outdoor cameras in particular, you will almost certainly have to tune your motion detection zone to get desired results. Please refer to `this guide `__ to learn how to do this. Units * Pixels - Selecting this option will allow many of the following values to be entered (or viewed) in units of pixels. @@ -109,5 +109,5 @@ Extend Alarm Frame Count Other information ----------------- -Refer to `this `__ user contributed Zone guide for additional information will illustrations if you are new to zones and need more help. +Refer to `this `__ user contributed Zone guide for additional information will illustrations if you are new to zones and need more help. diff --git a/docs/userguide/filterevents.rst b/docs/userguide/filterevents.rst index d3c4955c9..e33e15cab 100644 --- a/docs/userguide/filterevents.rst +++ b/docs/userguide/filterevents.rst @@ -40,7 +40,7 @@ Here is what the filter window looks like * 'Date' and 'Time' which are variants which may only contain the relevant subsets of this, * 'Weekday' which as expected is a day of the week. - All of the preceding elements take a very flexible free format of dates and time based on the PHP strtotime function (http://www.php.net/manual/en/function.strtotime.php). This allows values such as 'last Wednesday' etc to be entered. We recommend acquainting yourself with this function to see what the allowed formats are. However automated filters are run in perl and so are parsed by the Date::Manip package. Not all date formats are available in both so if you are saved your filter to do automatic deletions or other tasks you should make sure that the date and time format you use is compatible with both methods. The safest type of format to use is ‘-3 day’ or similar with easily parseable numbers and units are in English. + All of the preceding elements take a very flexible free format of dates and time based on the PHP strtotime function (https://www.php.net/manual/en/function.strtotime.php). This allows values such as 'last Wednesday' etc to be entered. We recommend acquainting yourself with this function to see what the allowed formats are. However automated filters are run in perl and so are parsed by the Date::Manip package. Not all date formats are available in both so if you are saved your filter to do automatic deletions or other tasks you should make sure that the date and time format you use is compatible with both methods. The safest type of format to use is ‘-3 day’ or similar with easily parseable numbers and units are in English. The other things you can filter on are all fairly self explanatory, except perhaps for 'Archived' which you can use to include or exclude Archived events. In general you'll probably do most filtering on un-archived events. There are also two elements, Disk Blocks and Disk Percent which don’t directly relate to the events themselves but to the disk partition on which the events are stored. These allow you to specify an amount of disk usage either in blocks or in percentage as returned by the ‘df’ command. They relate to the amount of disk space used and not the amount left free. Once your filter is specified, clicking 'submit' will filter the events according to your specification. As the disk based elements are not event related directly if you create a filter and include the term ‘DiskPercent > 95’ then if your current disk usage is over that amount when you submit the filter then all events will be listed whereas if it is less then none at all will. As such the disk related terms will tend to be used mostly for automatic filters (see below). If you have created a filter you want to keep, you can name it and save it by clicking 'Save'. diff --git a/docs/userguide/gettingstarted.rst b/docs/userguide/gettingstarted.rst index 713a667b5..896cdb99f 100644 --- a/docs/userguide/gettingstarted.rst +++ b/docs/userguide/gettingstarted.rst @@ -81,7 +81,7 @@ Adding Monitors ^^^^^^^^^^^^^^^ Now that we have a basic understanding of the web console, lets go about adding a new camera (monitor). For this example, lets assume we have an IP camera that streams RTSP at LAN IP address 192.168.1.33. -The first thing we will need to know is how to access that camera's video feed. You will need to consult your camera's manual or check their forum. Zoneminder community users also have a frequently updated list right `here `__ that lists information about many cameras. If you don't find your list there and can't seem to find it elsewhere, feel free to register and ask in the `user foums `__. +The first thing we will need to know is how to access that camera's video feed. You will need to consult your camera's manual or check their forum. Zoneminder community users also have a frequently updated list right `here `__ that lists information about many cameras. If you don't find your list there and can't seem to find it elsewhere, feel free to register and ask in the `user forums `__. The camera we are using as an example here is a Foscam 9831W which is a 1280x960 RTSP camera, and the URL to access it's feed is *username:password@IPADDRESS:PORT/videoMain* @@ -105,7 +105,7 @@ This brings up the new monitor window: start with Remote, then try FFMpeg and libvlc if it doesn't work (:doc:`/userguide/definemonitor` covers other modes in more details). If you are wondering what 'File' does, well, ZoneMinder was built with compatibility in mind. Take a look at `this post - `__ to see how file can be used for leisure reading. + `__ to see how file can be used for leisure reading. * Let's leave the Function as 'Monitor' just so we can use this as an example to change it later another way. Practically, feel free to select your mode right now - Modect, Record etc depending on what you want ZoneMinder to do with this camera diff --git a/docs/userguide/mobile.rst b/docs/userguide/mobile.rst index b6feb805d..a0653d176 100644 --- a/docs/userguide/mobile.rst +++ b/docs/userguide/mobile.rst @@ -7,16 +7,15 @@ Third party mobile clients ^^^^^^^^^^^^^^^^^^^^^^^^^^^ * zmNinja (`source code `__, needs APIs to be installed to work) * Available in App Store and Play Store - `website `__ -* zmView (limited, free) and zmView Pro (more features, paid) - * Available in App Store and Play Store, relies on ZM skins `website `__ Using the existing web console ^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^ * You can directly use the ZoneMinder interface by launching a browser and going to the ZoneMinder server just like you do on the Desktop -* ZoneMinder also has a "mobile skin" that offers limited functionality (not all views are present in this skin). You can point your mobile browser to ``http://yourzoneminderip/zm/index.php?skin=mobile`` and bookmark it. **Note however that 1.29 is the last release that will support the mobile skin. It's use is deprecated** Discontinued clients ^^^^^^^^^^^^^^^^^^^^ The following are a list of clients that do not work and have not been updated: * eyeZM +* zmView (limited, free) and zmView Pro (more features, paid) + * Available in App Store and Play Store, relies on ZM skins diff --git a/docs/userguide/options/options_email.rst b/docs/userguide/options/options_email.rst index 741ae0b6d..2eaa47165 100644 --- a/docs/userguide/options/options_email.rst +++ b/docs/userguide/options/options_email.rst @@ -93,4 +93,4 @@ EMAIL_HOST - If you have chosen SMTP as the method by which to send notification FROM_EMAIL - The emails or messages that will be sent to you informing you of events can appear to come from a designated email address to help you with mail filtering etc. An address of something like ZoneMinder\@your.domain is recommended. -URL - The emails or messages that will be sent to you informing you of events can include a link to the events themselves for easy viewing. If you intend to use this feature then set this option to the url of your installation as it would appear from where you read your email, e.g. http://host.your.domain/zm.php. \ No newline at end of file +URL - The emails or messages that will be sent to you informing you of events can include a link to the events themselves for easy viewing. If you intend to use this feature then set this option to the url of your installation as it would appear from where you read your email, e.g. ``http://host.your.domain/zm/index.php``. diff --git a/docs/userguide/options/options_system.rst b/docs/userguide/options/options_system.rst index 4f108442c..00d3393dc 100644 --- a/docs/userguide/options/options_system.rst +++ b/docs/userguide/options/options_system.rst @@ -39,7 +39,7 @@ OPT_TRIGGERS - ZoneMinder can interact with external systems which prompt or can CHECK_FOR_UPDATES - From ZoneMinder version 1.17.0 onwards new versions are expected to be more frequent. To save checking manually for each new version ZoneMinder can check with the zoneminder.com website to determine the most recent release. These checks are infrequent, about once per week, and no personal or system information is transmitted other than your current version number. If you do not wish these checks to take place or your ZoneMinder system has no internet access you can switch these check off with this configuration variable -UPDATE_CHECK_PROXY - If you use a proxy to access the internet then ZoneMinder needs to know so it can access zoneminder.com to check for updates. If you do use a proxy enter the full proxy url here in the form of http://:/ +UPDATE_CHECK_PROXY - If you use a proxy to access the internet then ZoneMinder needs to know so it can access zoneminder.com to check for updates. If you do use a proxy enter the full proxy url here in the form of ``http://:/`` SHM_KEY - ZoneMinder uses shared memory to speed up communication between modules. To identify the right area to use shared memory keys are used. This option controls what the base key is, each monitor will have it's Id or'ed with this to get the actual key used. You will not normally need to change this value unless it clashes with another instance of ZoneMinder on the same machine. Only the first four hex digits are used, the lower four will be masked out and ignored. diff --git a/docs/userguide/viewevents.rst b/docs/userguide/viewevents.rst index 70eea0032..44b61bfbf 100644 --- a/docs/userguide/viewevents.rst +++ b/docs/userguide/viewevents.rst @@ -31,6 +31,6 @@ Should you determine that you don't wish to keep the event, clicking on Delete w These last two options require further explanation. Archiving an event means that it is kept to one side and not displayed in the normal event listings unless you specifically ask to view the archived events. This is useful for keeping events that you think may be important or just wish to protect. Once an event is archived it can be deleted or unarchived but you cannot accidentally delete it when viewing normal unarchived events. -The final option of generating an MPEG video is still somewhat experimental and its usefulness may vary. It uses the open source ffmpeg encoder to generate short videos, which will be downloaded to your browsing machine or viewed in place. When using the ffmpeg encoder, ZoneMinder will attempt to match the duration of the video with the duration of the event. Ffmpeg has a particularly rich set of options and you can specify during configuration which additional options you may wish to include to suit your preferences. In particular you may need to specify additional, or different, options if you are creating videos of events with particularly slow frame rates as some codecs only support certain ranges of frame rates. A common value for FFMPEG_OUTPUT_OPTIONS under Options > Images might be ``'-r 25 -b 800k'`` for 25 fps and 800 kbps. Details of these options can be found in the `documentation `__ for the encoders and is outside the scope of this document. +The final option of generating an MPEG video is still somewhat experimental and its usefulness may vary. It uses the open source ffmpeg encoder to generate short videos, which will be downloaded to your browsing machine or viewed in place. When using the ffmpeg encoder, ZoneMinder will attempt to match the duration of the video with the duration of the event. Ffmpeg has a particularly rich set of options and you can specify during configuration which additional options you may wish to include to suit your preferences. In particular you may need to specify additional, or different, options if you are creating videos of events with particularly slow frame rates as some codecs only support certain ranges of frame rates. A common value for FFMPEG_OUTPUT_OPTIONS under Options > Images might be ``'-r 25 -b 800k'`` for 25 fps and 800 kbps. Details of these options can be found in the `documentation `__ for the encoders and is outside the scope of this document. Building an MPEG video, especially for a large event, can take some time and should not be undertaken lightly as the effect on your host box of many CPU intensive encoders will not be good. However once a video has been created for an event it will be kept so subsequent viewing will not incur the generation overhead. Videos can also be included in notification emails, however care should be taken when using this option as for many frequent events the penalty in CPU and disk space can quickly mount up. From 21dd9b527db0a9be80bd6f1a3706d584f6573a20 Mon Sep 17 00:00:00 2001 From: Isaac Connor Date: Sat, 19 Oct 2019 17:12:19 -0400 Subject: [PATCH 730/922] when ipkt->pts is AV_NOPTS_VALUE should still set opkt.pts to AV_NOPTS_VALUE --- src/zm_videostore.cpp | 4 +++- 1 file changed, 3 insertions(+), 1 deletion(-) diff --git a/src/zm_videostore.cpp b/src/zm_videostore.cpp index 2abee068c..2a2a28bfe 100644 --- a/src/zm_videostore.cpp +++ b/src/zm_videostore.cpp @@ -899,10 +899,12 @@ int VideoStore::writeVideoFramePacket(AVPacket *ipkt) { } opkt.dts = ipkt->dts - video_first_dts; } else { - opkt.dts = av_rescale_q(video_next_dts, video_out_stream->time_base, video_in_stream->time_base);; + opkt.dts = video_next_dts ? av_rescale_q(video_next_dts, video_out_stream->time_base, video_in_stream->time_base) : 0; } if ( ipkt->pts != AV_NOPTS_VALUE ) { opkt.pts = ipkt->pts - video_first_dts; + } else { + opkt.pts = AV_NOPTS_VALUE; } av_packet_rescale_ts(&opkt, video_in_stream->time_base, video_out_stream->time_base); From c240767727103afe529852dbae5adc8eb0d29acc Mon Sep 17 00:00:00 2001 From: Isaac Connor Date: Sun, 20 Oct 2019 11:41:55 -0400 Subject: [PATCH 731/922] Add eoan to distros --- utils/do_debian_package.sh | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/utils/do_debian_package.sh b/utils/do_debian_package.sh index f80bc520c..b3c26a0f3 100755 --- a/utils/do_debian_package.sh +++ b/utils/do_debian_package.sh @@ -80,7 +80,7 @@ fi; if [ "$DISTROS" == "" ]; then if [ "$RELEASE" != "" ]; then - DISTROS="xenial,bionic,disco,trusty" + DISTROS="xenial,bionic,disco,eoan,trusty" else DISTROS=`lsb_release -a 2>/dev/null | grep Codename | awk '{print $2}'`; fi; From bf69e053b4378f4ddd2aaf11bc85af3a7db8648f Mon Sep 17 00:00:00 2001 From: Isaac Connor Date: Sun, 20 Oct 2019 11:44:19 -0400 Subject: [PATCH 732/922] Add SNAPTSHOT=CURRENT to build with the commit # in the version string --- utils/do_debian_package.sh | 4 ++++ 1 file changed, 4 insertions(+) diff --git a/utils/do_debian_package.sh b/utils/do_debian_package.sh index f80bc520c..34067359e 100755 --- a/utils/do_debian_package.sh +++ b/utils/do_debian_package.sh @@ -120,6 +120,10 @@ else fi; if [ "$SNAPSHOT" == "NOW" ]; then SNAPSHOT=`date +%Y%m%d%H%M%S`; + else + if [ "$SNAPSHOT" == "CURRENT" ]; then + SNAPSHOT="`date +%Y%m%d.`$(git rev-list ${versionhash}..HEAD --count)" + fi; fi; fi; fi From d9d91c4a8d752ef97933eed30957d3ab4e9633f7 Mon Sep 17 00:00:00 2001 From: Isaac Connor Date: Sun, 20 Oct 2019 13:32:16 -0400 Subject: [PATCH 733/922] Fix #2728 by resetting the frame size before reading from the fifo --- src/zm_videostore.cpp | 3 +++ 1 file changed, 3 insertions(+) diff --git a/src/zm_videostore.cpp b/src/zm_videostore.cpp index 2a2a28bfe..26fa09736 100644 --- a/src/zm_videostore.cpp +++ b/src/zm_videostore.cpp @@ -952,6 +952,9 @@ int VideoStore::writeAudioFramePacket(AVPacket *ipkt) { if ( zm_add_samples_to_fifo(fifo, out_frame) <= 0 ) break; + // We put the samples into the fifo so we are basically resetting the frame + out_frame->nb_samples = audio_out_ctx->frame_size; + if ( zm_get_samples_from_fifo(fifo, out_frame) <= 0 ) break; From dfe2f55ebe79ab28521003d77a3307a7bb5ac3da Mon Sep 17 00:00:00 2001 From: Isaac Connor Date: Sun, 20 Oct 2019 13:50:24 -0400 Subject: [PATCH 734/922] More debugging to figure out #2720 --- src/zm_videostore.cpp | 3 +++ 1 file changed, 3 insertions(+) diff --git a/src/zm_videostore.cpp b/src/zm_videostore.cpp index 26fa09736..57d7d9a0f 100644 --- a/src/zm_videostore.cpp +++ b/src/zm_videostore.cpp @@ -900,6 +900,7 @@ int VideoStore::writeVideoFramePacket(AVPacket *ipkt) { opkt.dts = ipkt->dts - video_first_dts; } else { opkt.dts = video_next_dts ? av_rescale_q(video_next_dts, video_out_stream->time_base, video_in_stream->time_base) : 0; + Debug(3, "Setting dts to video_next_dts %" PRId64 " from %" PRId64, opkt.dts, video_next_dts); } if ( ipkt->pts != AV_NOPTS_VALUE ) { opkt.pts = ipkt->pts - video_first_dts; @@ -911,6 +912,8 @@ int VideoStore::writeVideoFramePacket(AVPacket *ipkt) { dumpPacket(video_out_stream, &opkt, "after pts adjustment"); write_packet(&opkt, video_out_stream); video_next_dts = opkt.dts + opkt.duration; + Debug(3, "video_next_dts has become %" PRId64, video_next_dts); + zm_av_packet_unref(&opkt); return 0; From 4261550678e930fb760110badaf8c25cf9b66ea0 Mon Sep 17 00:00:00 2001 From: Isaac Connor Date: Mon, 21 Oct 2019 09:39:34 -0400 Subject: [PATCH 735/922] Change default css theme to base --- scripts/ZoneMinder/lib/ZoneMinder/ConfigData.pm.in | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/scripts/ZoneMinder/lib/ZoneMinder/ConfigData.pm.in b/scripts/ZoneMinder/lib/ZoneMinder/ConfigData.pm.in index 7e1b2d2ac..ed717608a 100644 --- a/scripts/ZoneMinder/lib/ZoneMinder/ConfigData.pm.in +++ b/scripts/ZoneMinder/lib/ZoneMinder/ConfigData.pm.in @@ -187,7 +187,7 @@ our @options = ( }, { name => 'ZM_CSS_DEFAULT', - default => 'classic', + default => 'base', description => 'Default set of css files used by web interface', help => q` ZoneMinder allows the use of many different web interfaces, and From 370f93c56a75a3f009a31fdce59b856a584b4c61 Mon Sep 17 00:00:00 2001 From: Isaac Connor Date: Mon, 21 Oct 2019 10:27:41 -0400 Subject: [PATCH 736/922] toto => to --- scripts/zmfilter.pl.in | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/scripts/zmfilter.pl.in b/scripts/zmfilter.pl.in index 5d3fb50bc..065cb7df2 100644 --- a/scripts/zmfilter.pl.in +++ b/scripts/zmfilter.pl.in @@ -531,7 +531,7 @@ sub uploadArchFile { Debug("Adding $imageFile"); my $member = $zip->addFile($imageFile); if ( !$member ) { - Error("Unable toto add image file $imageFile to zip archive $archLocPath"); + Error("Unable to add image file $imageFile to zip archive $archLocPath"); $archError = 1; last; } From 6c6b5076d60d049860ebe198eef1b7d288c15372 Mon Sep 17 00:00:00 2001 From: Isaac Connor Date: Mon, 21 Oct 2019 11:39:15 -0400 Subject: [PATCH 737/922] Add eoan and wheezy --- .travis.yml | 6 ++++-- 1 file changed, 4 insertions(+), 2 deletions(-) diff --git a/.travis.yml b/.travis.yml index 7e27aee7d..9876a21d5 100644 --- a/.travis.yml +++ b/.travis.yml @@ -39,9 +39,11 @@ env: - SMPFLAGS=-j4 OS=ubuntu DIST=xenial DOCKER_REPO=iconzm/packpack USE_SFTP=yes - SMPFLAGS=-j4 OS=ubuntu DIST=bionic DOCKER_REPO=iconzm/packpack USE_SFTP=yes - SMPFLAGS=-j4 OS=ubuntu DIST=disco DOCKER_REPO=iconzm/packpack USE_SFTP=yes - - SMPFLAGS=-j4 OS=debian DIST=buster DOCKER_REPO=iconzm/packpack USE_SFTP=yes - - SMPFLAGS=-j4 OS=debian DIST=stretch DOCKER_REPO=iconzm/packpack USE_SFTP=yes + - SMPFLAGS=-j4 OS=ubuntu DIST=eoan DOCKER_REPO=iconzm/packpack USE_SFTP=yes + - SMPFLAGS=-j4 OS=debian DIST=wheezy DOCKER_REPO=iconzm/packpack USE_SFTP=yes - SMPFLAGS=-j4 OS=debian DIST=jessie DOCKER_REPO=iconzm/packpack USE_SFTP=yes + - SMPFLAGS=-j4 OS=debian DIST=stretch DOCKER_REPO=iconzm/packpack USE_SFTP=yes + - SMPFLAGS=-j4 OS=debian DIST=buster DOCKER_REPO=iconzm/packpack USE_SFTP=yes - SMPFLAGS=-j4 OS=ubuntu DIST=trusty ARCH=i386 - SMPFLAGS=-j4 OS=ubuntu DIST=xenial ARCH=i386 - SMPFLAGS=-j4 OS=ubuntu DIST=bionic ARCH=i386 From 3244c8ab5b3dcc2bb4c81844ac938afee4eeddb7 Mon Sep 17 00:00:00 2001 From: Isaac Connor Date: Mon, 21 Oct 2019 13:18:09 -0400 Subject: [PATCH 738/922] spacing, quotes, remove debug --- web/includes/functions.php | 962 +++++++++++++++++++------------------ 1 file changed, 493 insertions(+), 469 deletions(-) diff --git a/web/includes/functions.php b/web/includes/functions.php index 4a134743d..49896dbfe 100644 --- a/web/includes/functions.php +++ b/web/includes/functions.php @@ -19,11 +19,11 @@ // // Compatibility functions -if ( version_compare( phpversion(), '4.3.0', '<') ) { +if ( version_compare(phpversion(), '4.3.0', '<') ) { function ob_get_clean() { $buffer = ob_get_contents(); ob_end_clean(); - return( $buffer ); + return $buffer; } } @@ -36,7 +36,7 @@ function noCacheHeaders() { } function CSPHeaders($view, $nonce) { - $additionalScriptSrc = ""; + $additionalScriptSrc = ''; switch ($view) { case 'login': { if (defined('ZM_OPT_USE_GOOG_RECAPTCHA') @@ -101,14 +101,14 @@ function CORSHeaders() { } return; } - foreach( $Servers as $Server ) { + foreach ( $Servers as $Server ) { if ( preg_match('/^(https?:\/\/)?'.preg_quote($Server->Hostname(),'/').'/i', $_SERVER['HTTP_ORIGIN']) or preg_match('/^(https?:\/\/)?'.preg_quote($Server->Name(),'/').'/i', $_SERVER['HTTP_ORIGIN']) ) { $valid = true; - ZM\Logger::Debug("Setting Access-Control-Allow-Origin from " . $_SERVER['HTTP_ORIGIN']); + ZM\Logger::Debug('Setting Access-Control-Allow-Origin from '.$_SERVER['HTTP_ORIGIN']); header('Access-Control-Allow-Origin: ' . $_SERVER['HTTP_ORIGIN']); header('Access-Control-Allow-Headers: x-requested-with,x-request'); break; @@ -122,21 +122,21 @@ function CORSHeaders() { function getMimeType( $file ) { if ( function_exists('mime_content_type') ) { - return( mime_content_type( $file ) ); + return mime_content_type($file); } elseif ( function_exists('finfo_file') ) { - $finfo = finfo_open( FILEINFO_MIME ); - $mimeType = finfo_file( $finfo, $file ); + $finfo = finfo_open(FILEINFO_MIME); + $mimeType = finfo_file($finfo, $file); finfo_close($finfo); - return( $mimeType ); + return $mimeType; } return trim(exec('file -bi '.escapeshellarg($file).' 2>/dev/null')); } -function outputVideoStream( $id, $src, $width, $height, $format, $title='' ) { - echo getVideoStreamHTML( $id, $src, $width, $height, $format, $title ); +function outputVideoStream($id, $src, $width, $height, $format, $title='') { + echo getVideoStreamHTML($id, $src, $width, $height, $format, $title); } -function getVideoStreamHTML( $id, $src, $width, $height, $format, $title='' ) { +function getVideoStreamHTML($id, $src, $width, $height, $format, $title='') { $html = ''; $width = validInt($width); $height = validInt($height); @@ -259,7 +259,7 @@ function getImageStreamHTML( $id, $src, $width, $height, $title='' ) { } } -function outputControlStream( $src, $width, $height, $monitor, $scale, $target ) { +function outputControlStream($src, $width, $height, $monitor, $scale, $target) { ?> @@ -286,10 +286,10 @@ function outputControlStream( $src, $width, $height, $monitor, $scale, $target ) '; } -function outputImageStill( $id, $src, $width, $height, $title='' ) { - echo getImageStill( $id, $src, $width, $height, $title='' ); +function outputImageStill($id, $src, $width, $height, $title='') { + echo getImageStill($id, $src, $width, $height, $title=''); } -function getImageStill( $id, $src, $width, $height, $title='' ) { - return ''.$title.''; +function getImageStill($id, $src, $width, $height, $title='') { + return ''.$title.''; } -function getWebSiteUrl( $id, $src, $width, $height, $title='' ) { - # Prevent unsightly warnings when php cannot verify the ssl certificate - stream_context_set_default( [ - 'ssl' => [ - 'verify_peer' => false, - 'verify_peer_name' => false, - ], - ]); - # The End User can turn off the following warning under Options -> Web - if ( ZM_WEB_XFRAME_WARN ) { - $header = get_headers($src, 1); - # If the target website has set X-Frame-Options, check it for "sameorigin" and warn the end user - if (array_key_exists('X-Frame-Options', $header)) { - $header = $header['X-Frame-Options']; - if ( stripos($header, 'sameorigin') === 0 ) - ZM\Warning("Web site $src has X-Frame-Options set to sameorigin. An X-Frame-Options browser plugin is required to display this site."); - } +function getWebSiteUrl($id, $src, $width, $height, $title='') { + # Prevent unsightly warnings when php cannot verify the ssl certificate + stream_context_set_default( [ + 'ssl' => [ + 'verify_peer' => false, + 'verify_peer_name' => false, + ], + ]); + # The End User can turn off the following warning under Options -> Web + if ( ZM_WEB_XFRAME_WARN ) { + $header = get_headers($src, 1); + # If the target website has set X-Frame-Options, check it for "sameorigin" and warn the end user + if ( array_key_exists('X-Frame-Options', $header) ) { + $header = $header['X-Frame-Options']; + if ( stripos($header, 'sameorigin') === 0 ) + ZM\Warning("Web site $src has X-Frame-Options set to sameorigin. An X-Frame-Options browser plugin is required to display this site."); } - return ''; + } + return ''; } -function outputControlStill( $src, $width, $height, $monitor, $scale, $target ) { +function outputControlStill($src, $width, $height, $monitor, $scale, $target) { ?> @@ -357,7 +359,7 @@ function outputControlStill( $src, $width, $height, $monitor, $scale, $target ) } // Incoming args are shell-escaped. This function must escape any further arguments it cannot guarantee. -function getZmuCommand( $args ) { +function getZmuCommand($args) { $zmuCommand = ZMU_PATH; if ( ZM_OPT_USE_AUTH ) { @@ -382,14 +384,14 @@ function getEventDefaultVideoPath($event) { function deletePath( $path ) { ZM\Logger::Debug("Deleting $path"); - if ( is_dir( $path ) ) { - system( escapeshellcmd( 'rm -rf '.$path ) ); + if ( is_dir($path) ) { + system(escapeshellcmd('rm -rf '.$path)); } else if ( file_exists($path) ) { - unlink( $path ); + unlink($path); } } -function deleteEvent( $event ) { +function deleteEvent($event) { if ( empty($event) ) { ZM\Error('Empty event passed to deleteEvent.'); @@ -398,7 +400,7 @@ function deleteEvent( $event ) { if ( gettype($event) != 'array' ) { # $event could be an eid, so turn it into an event hash - $event = new ZM\Event( $event ); + $event = new ZM\Event($event); } else { ZM\Logger::Debug("Event type: " . gettype($event)); } @@ -410,7 +412,7 @@ ZM\Logger::Debug("Event type: " . gettype($event)); } # CAN EDIT } -function makeLink( $url, $label, $condition=1, $options='' ) { +function makeLink($url, $label, $condition=1, $options='') { $string = ''; if ( $condition ) { $string .= ''; @@ -419,13 +421,13 @@ function makeLink( $url, $label, $condition=1, $options='' ) { if ( $condition ) { $string .= ''; } - return( $string ); + return $string; } /** * $label must be already escaped. It can't be done here since it sometimes contains HTML tags. */ -function makePopupLink( $url, $winName, $winSize, $label, $condition=1, $options='' ) { +function makePopupLink($url, $winName, $winSize, $label, $condition=1, $options='') { // Avoid double-encoding since some consumers incorrectly pass a pre-escaped URL. $string = ''; - return( $string ); + if ( is_array($winSize) ) { + $string .= ' data-window-tag="' . htmlspecialchars($winSize[0]) . '"'; + $string .= ' data-window-width="' . htmlspecialchars($winSize[1]) . '"'; + $string .= ' data-window-height="' . htmlspecialchars($winSize[2]) . '"'; + } else { + $string .= ' data-window-tag="' . htmlspecialchars($winSize) . '"'; + } + if (!$condition) { + $string .= ' disabled="disabled"'; + } + $string .= ($options ? (' ' . $options) : '') . '/>'; + return $string; } -function htmlSelect( $name, $contents, $values, $behaviours=false ) { +function htmlSelect($name, $contents, $values, $behaviours=false) { $behaviourText = ''; if ( !empty($behaviours) ) { if ( is_array($behaviours) ) { @@ -495,7 +497,6 @@ function htmlOptions($contents, $values) { if ( isset($option['disabled']) ) { $disabled = $option['disabled']; - ZM\Error("Setting to disabled"); } } else if ( is_object($option) ) { $text = $option->Name(); @@ -503,28 +504,28 @@ function htmlOptions($contents, $values) { $text = $option; } $selected = is_array($values) ? in_array($value, $values) : !strcmp($value, $values); - $options_html .= ""; + '>'.htmlspecialchars($text, ENT_COMPAT | ENT_HTML401, ini_get('default_charset'), false).''; } return $options_html; } -function truncText( $text, $length, $deslash=1 ) { - return( preg_replace( '/^(.{'.$length.',}?)\b.*$/', '\\1…', ($deslash?stripslashes($text):$text) ) ); -} +function truncText($text, $length, $deslash=1) { + return preg_replace('/^(.{'.$length.',}?)\b.*$/', '\\1…', ($deslash?stripslashes($text):$text)); +} -function buildSelect( $name, $contents, $behaviours=false ) { +function buildSelect($name, $contents, $behaviours=false) { $value = ''; - if ( preg_match( '/^\s*(\w+)\s*(\[.*\])?\s*$/', $name, $matches ) && count($matches) > 2 ) { + if ( preg_match('/^\s*(\w+)\s*(\[.*\])?\s*$/', $name, $matches) && (count($matches) > 2) ) { $arr = $matches[1]; if ( isset($GLOBALS[$arr]) ) $value = $GLOBALS[$arr]; elseif ( isset($_REQUEST[$arr]) ) $value = $_REQUEST[$arr]; - if ( !preg_match_all( '/\[\s*[\'"]?(\w+)["\']?\s*\]/', $matches[2], $matches ) ) { - ZM\Fatal( "Can't parse selector '$name'" ); + if ( !preg_match_all('/\[\s*[\'"]?(\w+)["\']?\s*\]/', $matches[2], $matches) ) { + ZM\Fatal("Can't parse selector '$name'"); } for ( $i = 0; $i < count($matches[1]); $i++ ) { $idx = $matches[1][$i]; @@ -561,10 +562,10 @@ function buildSelect( $name, $contents, $behaviours=false ) { $html = ob_get_contents(); ob_end_clean(); - return( $html ); + return $html; } -function getFormChanges( $values, $newValues, $types=false, $columns=false ) { +function getFormChanges($values, $newValues, $types=false, $columns=false) { $changes = array(); if ( !$types ) $types = array(); @@ -578,7 +579,6 @@ function getFormChanges( $values, $newValues, $types=false, $columns=false ) { switch( $types[$key] ) { case 'set' : - { if ( is_array($newValues[$key]) ) { if ( (!isset($values[$key])) or ( join(',',$newValues[$key]) != $values[$key] ) ) { $changes[$key] = "`$key` = ".dbEscape(join(',',$newValues[$key])); @@ -587,9 +587,7 @@ function getFormChanges( $values, $newValues, $types=false, $columns=false ) { $changes[$key] = "`$key` = ''"; } break; - } case 'image' : - { if ( is_array( $newValues[$key] ) ) { $imageData = getimagesize( $newValues[$key]['tmp_name'] ); $changes[$key.'Width'] = $key.'Width = '.$imageData[0]; @@ -604,9 +602,7 @@ function getFormChanges( $values, $newValues, $types=false, $columns=false ) { $changes[$key] = "$key = ".dbEscape($value); } break; - } case 'document' : - { if ( is_array( $newValues[$key] ) ) { $imageData = getimagesize( $newValues[$key]['tmp_name'] ); $changes[$key.'Type'] = $key."Type = '".$newValues[$key]['type']."'"; @@ -619,9 +615,7 @@ function getFormChanges( $values, $newValues, $types=false, $columns=false ) { $changes[$key] = $key . ' = '.dbEscape($value); } break; - } case 'file' : - { $changes[$key.'Type'] = $key.'Type = '.dbEscape($newValues[$key]['type']); $changes[$key.'Size'] = $key.'Size = '.dbEscape($newValues[$key]['size']); ob_start(); @@ -629,14 +623,11 @@ function getFormChanges( $values, $newValues, $types=false, $columns=false ) { $changes[$key] = $key." = '".dbEscape( ob_get_contents() )."'"; ob_end_clean(); break; - } case 'raw' : - { if ( (!isset($values[$key])) or ($values[$key] != $value) ) { $changes[$key] = $key . ' = '.dbEscape($value); } break; - } case 'toggle' : if ( (!isset($values[$key])) or $values[$key] != $value ) { if ( empty($value) ) { @@ -653,7 +644,6 @@ function getFormChanges( $values, $newValues, $types=false, $columns=false ) { } break; default : - { if ( !isset($values[$key]) || ($values[$key] != $value) ) { if ( ! isset($value) || $value == '' ) { $changes[$key] = "`$key` = NULL"; @@ -662,10 +652,9 @@ function getFormChanges( $values, $newValues, $types=false, $columns=false ) { } } break; - } } // end switch } // end foreach newvalues - foreach( $values as $key=>$value ) { + foreach ( $values as $key=>$value ) { if ( !empty($columns[$key]) ) { if ( !empty($types[$key]) ) { if ( $types[$key] == 'toggle' ) { @@ -678,18 +667,22 @@ function getFormChanges( $values, $newValues, $types=false, $columns=false ) { } } } - return( $changes ); + return $changes; } -function getBrowser( &$browser, &$version ) { +function getBrowser(&$browser, &$version) { if ( isset($_SESSION['browser']) ) { $browser = $_SESSION['browser']; $version = $_SESSION['version']; } else { - if (( preg_match( '/MSIE (.*?);/', $_SERVER['HTTP_USER_AGENT'], $logVersion)) || (preg_match( '/.*Trident.*rv:(.*?)(;|\))/', $_SERVER['HTTP_USER_AGENT'], $logVersion))) { + if ( + ( preg_match('/MSIE (.*?);/', $_SERVER['HTTP_USER_AGENT'], $logVersion)) + || + ( preg_match('/.*Trident.*rv:(.*?)(;|\))/', $_SERVER['HTTP_USER_AGENT'], $logVersion)) + ) { $version = $logVersion[1]; $browser = 'ie'; - } elseif ( preg_match( '/Chrome\/([0-9.]+)/', $_SERVER['HTTP_USER_AGENT'], $logVersion) ) { + } else if ( preg_match('/Chrome\/([0-9.]+)/', $_SERVER['HTTP_USER_AGENT'], $logVersion) ) { $version = $logVersion[1]; // Check for old version of Chrome with bug 5876 if ( $version < 7 ) { @@ -697,16 +690,16 @@ function getBrowser( &$browser, &$version ) { } else { $browser = 'chrome'; } - } elseif ( preg_match( '/Safari\/([0-9.]+)/', $_SERVER['HTTP_USER_AGENT'], $logVersion) ) { + } else if ( preg_match('/Safari\/([0-9.]+)/', $_SERVER['HTTP_USER_AGENT'], $logVersion) ) { $version = $logVersion[1]; $browser = 'safari'; - } elseif ( preg_match( '/Opera[ \/]([0-9].[0-9]{1,2})/', $_SERVER['HTTP_USER_AGENT'], $logVersion) ) { + } else if ( preg_match('/Opera[ \/]([0-9].[0-9]{1,2})/', $_SERVER['HTTP_USER_AGENT'], $logVersion) ) { $version = $logVersion[1]; $browser = 'opera'; - } elseif ( preg_match( '/Konqueror\/([0-9.]+)/', $_SERVER['HTTP_USER_AGENT'], $logVersion) ) { + } else if ( preg_match('/Konqueror\/([0-9.]+)/', $_SERVER['HTTP_USER_AGENT'], $logVersion) ) { $version = $logVersion[1]; $browser = 'konqueror'; - } elseif ( preg_match( '/Mozilla\/([0-9].[0-9]{1,2})/', $_SERVER['HTTP_USER_AGENT'], $logVersion) ) { + } else if ( preg_match('/Mozilla\/([0-9].[0-9]{1,2})/', $_SERVER['HTTP_USER_AGENT'], $logVersion) ) { $version = $logVersion[1]; $browser = 'mozilla'; } else { @@ -719,53 +712,53 @@ function getBrowser( &$browser, &$version ) { } function isMozilla() { - getBrowser( $browser, $version ); + getBrowser($browser, $version); - return( $browser == 'mozilla' ); + return $browser == 'mozilla'; } function isKonqueror() { - getBrowser( $browser, $version ); + getBrowser($browser, $version); - return( $browser == 'konqueror' ); + return $browser == 'konqueror'; } function isInternetExplorer() { - getBrowser( $browser, $version ); + getBrowser($browser, $version); - return( $browser == 'ie' ); + return $browser == 'ie'; } function isOldChrome() { - getBrowser( $browser, $version ); + getBrowser($browser, $version); - return( $browser == 'oldchrome' ); + return $browser == 'oldchrome'; } function isChrome() { - getBrowser( $browser, $version ); + getBrowser($browser, $version); - return( $browser == 'chrome' ); + return $browser == 'chrome'; } function isOpera() { - getBrowser( $browser, $version ); + getBrowser($browser, $version); - return( $browser == 'opera' ); + return $browser == 'opera'; } function isSafari() { - getBrowser( $browser, $version ); + getBrowser($browser, $version); - return( $browser == 'safari' ); + return $browser == 'safari'; } function isWindows() { - return ( preg_match( '/Win/', $_SERVER['HTTP_USER_AGENT'] ) ); + return preg_match('/Win/', $_SERVER['HTTP_USER_AGENT']); } function canStreamIframe() { - return( isKonqueror() ); + return isKonqueror(); } function canStreamNative() { @@ -778,20 +771,20 @@ function canStreamApplet() { ZM\Warning('ZM_OPT_CAMBOZOLA is enabled, but the system cannot find '.ZM_PATH_WEB.'/'.ZM_PATH_CAMBOZOLA); } - return( (ZM_OPT_CAMBOZOLA && file_exists( ZM_PATH_WEB.'/'.ZM_PATH_CAMBOZOLA )) ); + return (ZM_OPT_CAMBOZOLA && file_exists(ZM_PATH_WEB.'/'.ZM_PATH_CAMBOZOLA)); } function canStream() { - return( canStreamNative() | canStreamApplet() ); + return canStreamNative() | canStreamApplet(); } -function packageControl( $command ) { - $string = ZM_PATH_BIN.'/zmpkg.pl '.escapeshellarg( $command ); +function packageControl($command) { + $string = ZM_PATH_BIN.'/zmpkg.pl '.escapeshellarg($command); $string .= ' 2>/dev/null >&- <&- >/dev/null'; - exec( $string ); + exec($string); } -function daemonControl( $command, $daemon=false, $args=false ) { +function daemonControl($command, $daemon=false, $args=false) { $string = escapeshellcmd(ZM_PATH_BIN).'/zmdc.pl '.$command; if ( $daemon ) { $string .= ' ' . $daemon; @@ -799,9 +792,9 @@ function daemonControl( $command, $daemon=false, $args=false ) { $string .= ' ' . $args; } } - $string = escapeshellcmd( $string ); + $string = escapeshellcmd($string); #$string .= ' 2>/dev/null >&- <&- >/dev/null'; -ZM\Logger::Debug("daemonControl $string"); + ZM\Logger::Debug("daemonControl $string"); exec($string); } @@ -828,7 +821,7 @@ function initDaemonStatus() { } } -function daemonStatus( $daemon, $args=false ) { +function daemonStatus($daemon, $args=false) { global $daemon_status; initDaemonStatus(); @@ -836,66 +829,66 @@ function daemonStatus( $daemon, $args=false ) { $string = $daemon; if ( $args ) $string .= ' ' . $args; - return( strpos( $daemon_status, "'$string' running" ) !== false ); + return( strpos($daemon_status, "'$string' running") !== false ); } -function zmcStatus( $monitor ) { +function zmcStatus($monitor) { if ( $monitor['Type'] == 'Local' ) { $zmcArgs = '-d '.$monitor['Device']; } else { $zmcArgs = '-m '.$monitor['Id']; } - return( daemonStatus( 'zmc', $zmcArgs ) ); + return daemonStatus('zmc', $zmcArgs); } -function zmaStatus( $monitor ) { - if ( is_array( $monitor ) ) { +function zmaStatus($monitor) { + if ( is_array($monitor) ) { $monitor = $monitor['Id']; } - return( daemonStatus( 'zma', "-m $monitor" ) ); + return daemonStatus('zma', "-m $monitor"); } -function daemonCheck( $daemon=false, $args=false ) { +function daemonCheck($daemon=false, $args=false) { $string = ZM_PATH_BIN.'/zmdc.pl check'; if ( $daemon ) { $string .= ' ' . $daemon; if ( $args ) $string .= ' '. $args; } - $string = escapeshellcmd( $string ); - $result = exec( $string ); - return( preg_match( '/running/', $result ) ); + $string = escapeshellcmd($string); + $result = exec($string); + return preg_match('/running/', $result); } -function zmcCheck( $monitor ) { +function zmcCheck($monitor) { if ( $monitor['Type'] == 'Local' ) { $zmcArgs = '-d '.$monitor['Device']; } else { $zmcArgs = '-m '.$monitor['Id']; } - return( daemonCheck( 'zmc', $zmcArgs ) ); + return daemonCheck('zmc', $zmcArgs); } -function zmaCheck( $monitor ) { - if ( is_array( $monitor ) ) { +function zmaCheck($monitor) { + if ( is_array($monitor) ) { $monitor = $monitor['Id']; } - return( daemonCheck( 'zma', "-m $monitor" ) ); + return daemonCheck('zma', "-m $monitor"); } -function getImageSrc( $event, $frame, $scale=SCALE_BASE, $captureOnly=false, $overwrite=false ) { - $Event = new ZM\Event( $event ); - return $Event->getImageSrc( $frame, $scale, $captureOnly, $overwrite ); +function getImageSrc($event, $frame, $scale=SCALE_BASE, $captureOnly=false, $overwrite=false) { + $Event = new ZM\Event($event); + return $Event->getImageSrc($frame, $scale, $captureOnly, $overwrite); } -function viewImagePath( $path, $querySep='&' ) { - return( '?view=image'.$querySep.'path='.$path ); +function viewImagePath($path, $querySep='&') { + return '?view=image'.$querySep.'path='.$path; } -function createListThumbnail( $event, $overwrite=false ) { +function createListThumbnail($event, $overwrite=false) { # Load the frame with the highest score to use as a thumbnail - if ( !($frame = dbFetchOne( "SELECT * FROM Frames WHERE EventId=? AND Score=? ORDER BY FrameId LIMIT 1", NULL, array( $event['Id'], $event['MaxScore'] ) )) ) - return( false ); + if ( !($frame = dbFetchOne('SELECT * FROM Frames WHERE EventId=? AND Score=? ORDER BY FrameId LIMIT 1', NULL, array($event['Id'], $event['MaxScore']) )) ) + return false; $frameId = $frame['FrameId']; @@ -908,12 +901,12 @@ function createListThumbnail( $event, $overwrite=false ) { $scale = (SCALE_BASE*ZM_WEB_LIST_THUMB_HEIGHT)/$event['Height']; $thumbWidth = reScale( $event['Width'], $scale ); } else { - ZM\Fatal( "No thumbnail width or height specified, please check in Options->Web" ); + ZM\Fatal('No thumbnail width or height specified, please check in Options->Web'); } - $imageData = getImageSrc( $event, $frame, $scale, false, $overwrite ); - if ( ! $imageData ) { - return ( false ); + $imageData = getImageSrc($event, $frame, $scale, false, $overwrite); + if ( !$imageData ) { + return false; } $thumbData = $frame; @@ -921,24 +914,24 @@ function createListThumbnail( $event, $overwrite=false ) { $thumbData['Width'] = (int)$thumbWidth; $thumbData['Height'] = (int)$thumbHeight; - return( $thumbData ); + return $thumbData; } -function createVideo( $event, $format, $rate, $scale, $overwrite=false ) { - $command = ZM_PATH_BIN."/zmvideo.pl -e ".$event['Id']." -f ".$format." -r ".sprintf( "%.2F", ($rate/RATE_BASE) ); - if ( preg_match( '/\d+x\d+/', $scale ) ) - $command .= " -S ".$scale; +function createVideo($event, $format, $rate, $scale, $overwrite=false) { + $command = ZM_PATH_BIN.'/zmvideo.pl -e '.$event['Id'].' -f '.$format.' -r '.sprintf('%.2F', ($rate/RATE_BASE)); + if ( preg_match('/\d+x\d+/', $scale) ) + $command .= ' -S '.$scale; else - if ( version_compare( phpversion(), "4.3.10", ">=") ) - $command .= " -s ".sprintf( "%.2F", ($scale/SCALE_BASE) ); + if ( version_compare(phpversion(), '4.3.10', '>=') ) + $command .= ' -s '.sprintf('%.2F', ($scale/SCALE_BASE)); else - $command .= " -s ".sprintf( "%.2f", ($scale/SCALE_BASE) ); + $command .= ' -s '.sprintf('%.2f', ($scale/SCALE_BASE)); if ( $overwrite ) - $command .= " -o"; - $command = escapeshellcmd( $command ); - $result = exec( $command, $output, $status ); + $command .= ' -o'; + $command = escapeshellcmd($command); + $result = exec($command, $output, $status); Logger::Debug("generating Video $command: result($result outptu:(".implode("\n", $output )." status($status"); - return( $status?"":rtrim($result) ); + return $status ? '' : rtrim($result); } # This takes more than one scale amount, so it runs through each and alters dimension. @@ -950,38 +943,38 @@ function reScale( $dimension, $dummy ) { if ( !empty($scale) && ($scale != 'auto') && ($scale != SCALE_BASE) ) $new_dimension = (int)(($new_dimension*$scale)/SCALE_BASE); } - return( $new_dimension ); + return $new_dimension; } -function deScale( $dimension, $dummy ) { +function deScale($dimension, $dummy) { $new_dimension = $dimension; for ( $i = 1; $i < func_num_args(); $i++ ) { - $scale = func_get_arg( $i ); + $scale = func_get_arg($i); if ( !empty($scale) && $scale != SCALE_BASE ) $new_dimension = (int)(($new_dimension*SCALE_BASE)/$scale); } - return( $new_dimension ); + return $new_dimension; } function monitorLimitSql() { global $user; if ( !empty($user['MonitorIds']) ) - $midSql = " and MonitorId in (".join( ",", preg_split( '/["\'\s]*,["\'\s]*/', $user['MonitorIds'] ) ).")"; + $midSql = ' AND MonitorId IN ('.join(',', preg_split('/["\'\s]*,["\'\s]*/', $user['MonitorIds'])).')'; else $midSql = ''; - return( $midSql ); + return $midSql; } -function parseSort( $saveToSession=false, $querySep='&' ) { +function parseSort($saveToSession=false, $querySep='&') { global $sortQuery, $sortColumn, $sortOrder, $limitQuery; // Outputs - if (isset($_REQUEST['filter']['Query']['sort_field'])) { //Handle both new and legacy filter passing + if ( isset($_REQUEST['filter']['Query']['sort_field']) ) { //Handle both new and legacy filter passing $_REQUEST['sort_field'] = $_REQUEST['filter']['Query']['sort_field']; } - if (isset($_REQUEST['filter']['Query']['sort_asc'])) { + if ( isset($_REQUEST['filter']['Query']['sort_asc']) ) { $_REQUEST['sort_asc'] = $_REQUEST['filter']['Query']['sort_asc']; } - if (isset($_REQUEST['filter']['Query']['limit'])) { + if ( isset($_REQUEST['filter']['Query']['limit']) ) { $_REQUEST['limit'] = $_REQUEST['filter']['Query']['limit']; } if ( empty($_REQUEST['sort_field']) ) { @@ -1059,7 +1052,7 @@ function parseSort( $saveToSession=false, $querySep='&' ) { } if ( !$_REQUEST['sort_asc'] ) $_REQUEST['sort_asc'] = 0; - $sortOrder = $_REQUEST['sort_asc']?'asc':'desc'; + $sortOrder = $_REQUEST['sort_asc'] ? 'asc' : 'desc'; $sortQuery = $querySep.'sort_field='.validHtmlStr($_REQUEST['sort_field']).$querySep.'sort_asc='.validHtmlStr($_REQUEST['sort_asc']); if ( !isset($_REQUEST['limit']) ) $_REQUEST['limit'] = ''; @@ -1068,7 +1061,7 @@ function parseSort( $saveToSession=false, $querySep='&' ) { $_SESSION['sort_asc'] = validHtmlStr($_REQUEST['sort_asc']); } if ($_REQUEST['limit'] != '') { - $limitQuery = "&limit=".validInt($_REQUEST['limit']); + $limitQuery = '&limit='.validInt($_REQUEST['limit']); } } @@ -1088,12 +1081,12 @@ function parseFilter(&$filter, $saveToSession=false, $querySep='&') { $StorageArea = NULL; $terms = isset($filter['Query']) ? $filter['Query']['terms'] : NULL; - if ( ! isset($terms) ) { - $backTrace = debug_backtrace(); - $file = $backTrace[1]['file']; - $line = $backTrace[1]['line']; - ZM\Warning("No terms in filter from $file:$line"); - ZM\Warning(print_r($filter,true)); + if ( !isset($terms) ) { + $backTrace = debug_backtrace(); + $file = $backTrace[1]['file']; + $line = $backTrace[1]['line']; + ZM\Warning("No terms in filter from $file:$line"); + ZM\Warning(print_r($filter, true)); } if ( isset($terms) && count($terms) ) { for ( $i = 0; $i < count($terms); $i++ ) { @@ -1132,13 +1125,13 @@ function parseFilter(&$filter, $saveToSession=false, $querySep='&') { $filter['sql'] .= 'E.StartTime'; break; case 'Date': - $filter['sql'] .= 'to_days( E.StartTime )'; + $filter['sql'] .= 'to_days(E.StartTime)'; break; case 'Time': - $filter['sql'] .= 'extract( hour_second from E.StartTime )'; + $filter['sql'] .= 'extract(hour_second FROM E.StartTime)'; break; case 'Weekday': - $filter['sql'] .= 'weekday( E.StartTime )'; + $filter['sql'] .= 'weekday(E.StartTime)'; break; # Starting Time case 'StartDateTime': @@ -1148,26 +1141,26 @@ function parseFilter(&$filter, $saveToSession=false, $querySep='&') { $filter['sql'] .= 'F.EventId'; break; case 'StartDate': - $filter['sql'] .= 'to_days( E.StartTime )'; + $filter['sql'] .= 'to_days(E.StartTime)'; break; case 'StartTime': - $filter['sql'] .= 'extract( hour_second from E.StartTime )'; + $filter['sql'] .= 'extract(hour_second FROM E.StartTime)'; break; case 'StartWeekday': - $filter['sql'] .= 'weekday( E.StartTime )'; + $filter['sql'] .= 'weekday(E.StartTime)'; break; # Ending Time case 'EndDateTime': $filter['sql'] .= 'E.EndTime'; break; case 'EndDate': - $filter['sql'] .= 'to_days( E.EndTime )'; + $filter['sql'] .= 'to_days(E.EndTime)'; break; case 'EndTime': - $filter['sql'] .= 'extract( hour_second from E.EndTime )'; + $filter['sql'] .= 'extract(hour_second FROM E.EndTime)'; break; case 'EndWeekday': - $filter['sql'] .= 'weekday( E.EndTime )'; + $filter['sql'] .= 'weekday(E.EndTime)'; break; case 'Id': case 'Name': @@ -1191,7 +1184,13 @@ function parseFilter(&$filter, $saveToSession=false, $querySep='&') { // Need to specify a storage area, so need to look through other terms looking for a storage area, else we default to ZM_EVENTS_PATH if ( ! $StorageArea ) { for ( $j = 0; $j < count($terms); $j++ ) { - if ( isset($terms[$j]['attr']) and $terms[$j]['attr'] == 'StorageId' and isset($terms[$j]['val']) ) { + if ( + isset($terms[$j]['attr']) + and + ($terms[$j]['attr'] == 'StorageId') + and + isset($terms[$j]['val']) + ) { $StorageArea = ZM\Storage::find_one(array('Id'=>$terms[$j]['val'])); break; } @@ -1199,13 +1198,19 @@ function parseFilter(&$filter, $saveToSession=false, $querySep='&') { if ( ! $StorageArea ) $StorageArea = new ZM\Storage(); } // end no StorageArea found yet - $filter['sql'] .= getDiskPercent( $StorageArea->Path() ); + $filter['sql'] .= getDiskPercent($StorageArea->Path()); break; case 'DiskBlocks': // Need to specify a storage area, so need to look through other terms looking for a storage area, else we default to ZM_EVENTS_PATH if ( ! $StorageArea ) { for ( $j = $i; $j < count($terms); $j++ ) { - if ( isset($terms[$j]['attr']) and $terms[$j]['attr'] == 'StorageId' and isset($terms[$j]['val']) ) { + if ( + isset($terms[$j]['attr']) + and + ($terms[$j]['attr'] == 'StorageId') + and + isset($terms[$j]['val']) + ) { $StorageArea = ZM\Storage::find_one(array('Id'=>$terms[$j]['val'])); } } // end foreach remaining term @@ -1217,7 +1222,7 @@ function parseFilter(&$filter, $saveToSession=false, $querySep='&') { break; } $valueList = array(); - foreach ( preg_split( '/["\'\s]*?,["\'\s]*?/', preg_replace( '/^["\']+?(.+)["\']+?$/', '$1', $term['val'] ) ) as $value ) { + foreach ( preg_split('/["\'\s]*?,["\'\s]*?/', preg_replace('/^["\']+?(.+)["\']+?$/', '$1', $term['val'])) as $value ) { switch ( $term['attr'] ) { case 'MonitorName': case 'Name': @@ -1249,19 +1254,19 @@ function parseFilter(&$filter, $saveToSession=false, $querySep='&') { case 'StartDateTime': case 'EndDateTime': if ( $value != 'NULL' ) - $value = "'".strftime( STRF_FMT_DATETIME_DB, strtotime( $value ) )."'"; + $value = '\''.strftime( STRF_FMT_DATETIME_DB, strtotime( $value ) ).'\''; break; case 'Date': case 'StartDate': case 'EndDate': if ( $value != 'NULL' ) - $value = "to_days( '".strftime( STRF_FMT_DATETIME_DB, strtotime( $value ) )."' )"; + $value = 'to_days(\''.strftime(STRF_FMT_DATETIME_DB, strtotime($value)).'\')'; break; case 'Time': case 'StartTime': case 'EndTime': if ( $value != 'NULL' ) - $value = "extract( hour_second from '".strftime( STRF_FMT_DATETIME_DB, strtotime( $value ) )."' )"; + $value = 'extract(hour_second from \''.strftime(STRF_FMT_DATETIME_DB, strtotime($value)).'\')'; break; default : if ( $value != 'NULL' ) @@ -1290,10 +1295,10 @@ function parseFilter(&$filter, $saveToSession=false, $querySep='&') { break; case '=[]' : case 'IN' : - $filter['sql'] .= ' in ('.join( ',', $valueList ).')'; + $filter['sql'] .= ' in ('.join(',', $valueList).')'; break; case '![]' : - $filter['sql'] .= ' not in ('.join( ',', $valueList ).')'; + $filter['sql'] .= ' not in ('.join(',', $valueList).')'; break; case 'IS' : if ( $value == 'Odd' ) { @@ -1320,12 +1325,12 @@ function parseFilter(&$filter, $saveToSession=false, $querySep='&') { } // end if ( isset($term['attr']) ) if ( isset($term['cbr']) && (string)(int)$term['cbr'] == $term['cbr'] ) { $filter['query'] .= $querySep.urlencode("filter[Query][terms][$i][cbr]").'='.urlencode($term['cbr']); - $filter['sql'] .= ' '.str_repeat( ')', $term['cbr'] ).' '; + $filter['sql'] .= ' '.str_repeat(')', $term['cbr']).' '; $filter['fields'] .= "\n"; } } // end foreach term if ( $filter['sql'] ) - $filter['sql'] = ' and ( '.$filter['sql'].' )'; + $filter['sql'] = ' AND ( '.$filter['sql'].' )'; if ( $saveToSession ) { $_SESSION['filter'] = $filter; } @@ -1345,32 +1350,33 @@ function parseFilter(&$filter, $saveToSession=false, $querySep='&') { // Please note that the filter is passed in by copy, so you need to use the return value from this function. // -function addFilterTerm( $filter, $position, $term=false ) { +function addFilterTerm($filter, $position, $term=false) { if ( $position < 0 ) $position = 0; - if ( ! isset( $filter['Query']['terms'] ) ) + if ( !isset($filter['Query']['terms']) ) $filter['Query']['terms'] = array(); - elseif( $position > count($filter['Query']['terms']) ) + else if ( $position > count($filter['Query']['terms']) ) $position = count($filter['Query']['terms']); - if ( $term && $position == 0 ) - unset( $term['cnj'] ); - array_splice( $filter['Query']['terms'], $position, 0, array( $term?$term:array() ) ); - return( $filter ); + if ( $term && $position == 0 ) + unset($term['cnj']); + array_splice($filter['Query']['terms'], $position, 0, array($term ? $term : array())); + + return $filter; } -function delFilterTerm( $filter, $position ) { +function delFilterTerm($filter, $position) { if ( $position < 0 ) $position = 0; - elseif( $position >= count($filter['Query']['terms']) ) + else if ( $position >= count($filter['Query']['terms']) ) $position = count($filter['Query']['terms']); - array_splice( $filter['Query']['terms'], $position, 1 ); + array_splice($filter['Query']['terms'], $position, 1); - return( $filter ); + return $filter; } -function getPagination( $pages, $page, $maxShortcuts, $query, $querySep='&' ) { +function getPagination($pages, $page, $maxShortcuts, $query, $querySep='&') { global $view; $pageText = ''; @@ -1397,7 +1403,7 @@ function getPagination( $pages, $page, $maxShortcuts, $query, $querySep='&' if ( $newPage <= 1 ) break; $pagesUsed[$newPage] = true; - array_unshift( $newPages, $newPage ); + array_unshift($newPages, $newPage); } if ( !isset($pagesUsed[1]) ) array_unshift( $newPages, 1 ); @@ -1419,10 +1425,10 @@ function getPagination( $pages, $page, $maxShortcuts, $query, $querySep='&' if ( $newPage > $pages ) break; $pagesUsed[$newPage] = true; - array_push( $newPages, $newPage ); + array_push($newPages, $newPage); } if ( !isset($pagesUsed[$pages]) ) - array_push( $newPages, $pages ); + array_push($newPages, $pages); foreach ( $newPages as $newPage ) { $pageText .= ' '.$newPage.''; @@ -1437,7 +1443,7 @@ function getPagination( $pages, $page, $maxShortcuts, $query, $querySep='&' return $pageText; } -function sortHeader( $field, $querySep='&' ) { +function sortHeader($field, $querySep='&') { global $view; return implode($querySep, array( '?view='.$view, @@ -1452,101 +1458,101 @@ function sortHeader( $field, $querySep='&' ) { function sortTag( $field ) { if ( $_REQUEST['sort_field'] == $field ) if ( $_REQUEST['sort_asc'] ) - return( '(^)' ); + return '(^)'; else - return( '(v)' ); - return( false ); + return '(v)'; + return false; } function getLoad() { $load = sys_getloadavg(); - return( $load[0] ); + return $load[0]; } function getDiskPercent($path = ZM_DIR_EVENTS) { $total = disk_total_space($path); if ( $total === false ) { - Error('disk_total_space returned false. Verify the web account user has access to ' . $path ); + Error('disk_total_space returned false. Verify the web account user has access to ' . $path); return 0; } elseif ( $total == 0 ) { - Error('disk_total_space indicates the following path has a filesystem size of zero bytes ' . $path ); + Error('disk_total_space indicates the following path has a filesystem size of zero bytes ' . $path); return 100; } $free = disk_free_space($path); if ( $free === false ) { - Error('disk_free_space returned false. Verify the web account user has access to ' . $path ); + Error('disk_free_space returned false. Verify the web account user has access to ' . $path); } $space = round((($total - $free) / $total) * 100); - return( $space ); + return $space; } function getDiskBlocks() { - if ( ! $StorageArea ) $StorageArea = new ZM\Storage(); - $df = shell_exec( 'df '.escapeshellarg($StorageArea->Path() )); + if ( !$StorageArea ) $StorageArea = new ZM\Storage(); + $df = shell_exec('df '.escapeshellarg($StorageArea->Path())); $space = -1; - if ( preg_match( '/\s(\d+)\s+\d+\s+\d+%/ms', $df, $matches ) ) + if ( preg_match('/\s(\d+)\s+\d+\s+\d+%/ms', $df, $matches) ) $space = $matches[1]; - return( $space ); + return $space; } function systemStats() { - $load = getLoad(); - $diskPercent = getDiskPercent(); - $pathMapPercent = getDiskPercent(ZM_PATH_MAP); - $cpus = getcpus(); + $load = getLoad(); + $diskPercent = getDiskPercent(); + $pathMapPercent = getDiskPercent(ZM_PATH_MAP); + $cpus = getcpus(); - $normalized_load = $load / $cpus; + $normalized_load = $load / $cpus; - # Colorize the system load stat - if ( $normalized_load <= 0.75 ) { - $htmlLoad=$load; - } elseif ( $normalized_load <= 0.9 ) { - $htmlLoad="$load"; - } elseif ( $normalized_load <= 1.1 ) { - $htmlLoad="$load"; + # Colorize the system load stat + if ( $normalized_load <= 0.75 ) { + $htmlLoad = $load; + } else if ( $normalized_load <= 0.9 ) { + $htmlLoad = "$load"; + } else if ( $normalized_load <= 1.1 ) { + $htmlLoad = "$load"; + } else { + $htmlLoad = "$load"; + } + + # Colorize the disk space stat + if ( $diskPercent < 98 ) { + $htmlDiskPercent = $diskPercent.'%'; + } else if ( $diskPercent <= 99 ) { + $htmlDiskPercent = "$diskPercent%"; + } else { + $htmlDiskPercent = "$diskPercent%"; + } + + # Colorize the PATH_MAP (usually /dev/shm) stat + if ( $pathMapPercent < 90 ) { + if ( disk_free_space(ZM_PATH_MAP) > 209715200 ) { # have to always have at least 200MiB free + $htmlPathMapPercent = $pathMapPercent.'%'; } else { - $htmlLoad="$load"; + $htmlPathMapPercent = "$pathMapPercent%"; } + } else if ( $pathMapPercent < 100 ) { + $htmlPathMapPercent = "$pathMapPercent%"; + } else { + $htmlPathMapPercent = "$pathMapPercent%"; + } - # Colorize the disk space stat - if ( $diskPercent < 98 ) { - $htmlDiskPercent="$diskPercent%"; - } elseif ( $diskPercent <= 99 ) { - $htmlDiskPercent="$diskPercent%"; - } else { - $htmlDiskPercent="$diskPercent%"; - } + $htmlString = translate('Load').": $htmlLoad - ".translate('Disk').": $htmlDiskPercent - ".ZM_PATH_MAP.": $htmlPathMapPercent"; - # Colorize the PATH_MAP (usually /dev/shm) stat - if ( $pathMapPercent < 90 ) { - if ( disk_free_space(ZM_PATH_MAP) > 209715200 ) { # have to always have at least 200MiB free - $htmlPathMapPercent="$pathMapPercent%"; - } else { - $htmlPathMapPercent="$pathMapPercent%"; - } - } elseif ( $pathMapPercent < 100 ) { - $htmlPathMapPercent="$pathMapPercent%"; - } else { - $htmlPathMapPercent="$pathMapPercent%"; - } - - $htmlString = translate('Load').": $htmlLoad - ".translate('Disk').": $htmlDiskPercent - ".ZM_PATH_MAP.": $htmlPathMapPercent"; - - return( $htmlString ); + return $htmlString; } function getcpus() { - if (is_readable("/proc/cpuinfo") ) { # Works on Linux - preg_match_all('/^processor/m', file_get_contents('/proc/cpuinfo'), $matches); - $num_cpus = count($matches[0]); - } else { # Works on BSD - $matches = explode(":", shell_exec("sysctl hw.ncpu")); - $num_cpus = trim($matches[1]); - } + if ( is_readable('/proc/cpuinfo') ) { # Works on Linux + preg_match_all('/^processor/m', file_get_contents('/proc/cpuinfo'), $matches); + $num_cpus = count($matches[0]); + } else { # Works on BSD + $matches = explode(':', shell_exec('sysctl hw.ncpu')); + $num_cpus = trim($matches[1]); + } - return( $num_cpus ); + return $num_cpus; } // Function to fix a problem whereby the built in PHP session handling @@ -1554,37 +1560,37 @@ function getcpus() { // fieldset tag, neither of which will work with strict XHTML Basic. function sidField() { if ( SID ) { - list( $sessname, $sessid ) = explode( "=", SID ); + list($sessname, $sessid) = explode('=', SID); ?> '; - return( false ); + return false; } $dx1 = $line1[1]['x'] - $line1[0]['x']; @@ -1639,54 +1645,54 @@ function linesIntersect( $line1, $line2 ) { if ( $x >= $min_x1 && $x <= $max_x1 && $x >= $min_x2 && $x <= $max_x2 ) { if ( $debug ) echo "Intersecting, at x $x
"; - return( true ); + return true; } else { if ( $debug ) echo "Not intersecting, out of range at x $x
"; - return( false ); + return false; } } elseif ( $b1 == $b2 ) { // Colinear, must overlap due to box check, intersect? if ( $debug ) echo 'Intersecting, colinear
'; - return( true ); + return true; } else { // Parallel if ( $debug ) echo 'Not intersecting, parallel
'; - return( false ); + return false; } } elseif ( !$dx1 ) { // Line 1 is vertical $y = ( $m2 * $line1[0]['x'] ) * $b2; if ( $y >= $min_y1 && $y <= $max_y1 ) { if ( $debug ) echo "Intersecting, at y $y
"; - return( true ); + return true; } else { if ( $debug ) echo "Not intersecting, out of range at y $y
"; - return( false ); + return false; } } elseif ( !$dx2 ) { // Line 2 is vertical $y = ( $m1 * $line2[0]['x'] ) * $b1; if ( $y >= $min_y2 && $y <= $max_y2 ) { if ( $debug ) echo "Intersecting, at y $y
"; - return( true ); + return true; } else { if ( $debug ) echo "Not intersecting, out of range at y $y
"; - return( false ); + return false; } } else { // Both lines are vertical if ( $line1[0]['x'] == $line2[0]['x'] ) { // Colinear, must overlap due to box check, intersect? if ( $debug ) echo 'Intersecting, vertical, colinear
'; - return( true ); + return true; } else { // Parallel if ( $debug ) echo 'Not intersecting, vertical, parallel
'; - return( false ); + return false; } } if ( $debug ) echo 'Whoops, unexpected scenario
'; - return( false ); + return false; } -function isSelfIntersecting( $points ) { +function isSelfIntersecting($points) { global $debug; $n_coords = count($points); @@ -1698,20 +1704,20 @@ function isSelfIntersecting( $points ) { for ( $i = 0; $i <= ($n_coords-2); $i++ ) { for ( $j = $i+2; $j < $n_coords+min(0,$i-1); $j++ ) { if ( $debug ) echo "Checking $i and $j
"; - if ( linesIntersect( $edges[$i], $edges[$j] ) ) { + if ( linesIntersect($edges[$i], $edges[$j]) ) { if ( $debug ) echo "Lines $i and $j intersect
"; - return( true ); + return true; } } } - return( false ); + return false; } -function getPolyCentre( $points, $area=0 ) { +function getPolyCentre($points, $area=0) { $cx = 0.0; $cy = 0.0; if ( !$area ) - $area = getPolyArea( $points ); + $area = getPolyArea($points); for ( $i = 0, $j = count($points)-1; $i < count($points); $j = $i++ ) { $ct = ($points[$i]['x'] * $points[$j]['y']) - ($points[$j]['x'] * $points[$i]['y']); $cx += ($points[$i]['x'] + $points[$j]['x']) * ct; @@ -1720,21 +1726,21 @@ function getPolyCentre( $points, $area=0 ) { $cx = intval(round(abs($cx/(6.0*$area)))); $cy = intval(round(abs($cy/(6.0*$area)))); printf( "X:%cx, Y:$cy
" ); - return( array( 'x'=>$cx, 'y'=>$cy ) ); + return array('x'=>$cx, 'y'=>$cy); } -function _CompareXY( $a, $b ) { +function _CompareXY($a, $b) { if ( $a['min_y'] == $b['min_y'] ) - return( intval($a['min_x'] - $b['min_x']) ); + return intval($a['min_x'] - $b['min_x']); else - return( intval($a['min_y'] - $b['min_y']) ); + return intval($a['min_y'] - $b['min_y']); } -function _CompareX( $a, $b ) { - return( intval($a['min_x'] - $b['min_x']) ); +function _CompareX($a, $b) { + return intval($a['min_x'] - $b['min_x']); } -function getPolyArea( $points ) { +function getPolyArea($points) { global $debug; $n_coords = count($points); @@ -1760,11 +1766,16 @@ function getPolyArea( $points ) { ); } - usort( $global_edges, '_CompareXY' ); + usort($global_edges, '_CompareXY'); if ( $debug ) { for ( $i = 0; $i < count($global_edges); $i++ ) { - printf( '%d: min_y: %d, max_y:%d, min_x:%.2f, 1/m:%.2f
', $i, $global_edges[$i]['min_y'], $global_edges[$i]['max_y'], $global_edges[$i]['min_x'], $global_edges[$i]['_1_m'] ); + printf('%d: min_y: %d, max_y:%d, min_x:%.2f, 1/m:%.2f
', + $i, + $global_edges[$i]['min_y'], + $global_edges[$i]['max_y'], + $global_edges[$i]['min_x'], + $global_edges[$i]['_1_m']); } } @@ -1774,18 +1785,23 @@ function getPolyArea( $points ) { do { for ( $i = 0; $i < count($global_edges); $i++ ) { if ( $global_edges[$i]['min_y'] == $y ) { - if ( $debug ) printf( 'Moving global edge
' ); + if ( $debug ) printf('Moving global edge
'); $active_edges[] = $global_edges[$i]; - array_splice( $global_edges, $i, 1 ); + array_splice($global_edges, $i, 1); $i--; } else { break; } } - usort( $active_edges, '_CompareX' ); + usort($active_edges, '_CompareX'); if ( $debug ) { for ( $i = 0; $i < count($active_edges); $i++ ) { - printf( '%d - %d: min_y: %d, max_y:%d, min_x:%.2f, 1/m:%.2f
', $y, $i, $active_edges[$i]['min_y'], $active_edges[$i]['max_y'], $active_edges[$i]['min_x'], $active_edges[$i]['_1_m'] ); + printf('%d - %d: min_y: %d, max_y:%d, min_x:%.2f, 1/m:%.2f
', + $y, $i, + $active_edges[$i]['min_y'], + $active_edges[$i]['max_y'], + $active_edges[$i]['min_x'], + $active_edges[$i]['_1_m']); } } $last_x = 0; @@ -1801,23 +1817,23 @@ function getPolyArea( $points ) { $parity = !$parity; $last_x = $x; } - if ( $debug ) printf( '%d: Area:%d
', $y, $row_area ); + if ( $debug ) printf('%d: Area:%d
', $y, $row_area); $y++; for ( $i = 0; $i < count($active_edges); $i++ ) { if ( $y >= $active_edges[$i]['max_y'] ) { // Or >= as per sheets - if ( $debug ) printf( 'Deleting active_edge
' ); - array_splice( $active_edges, $i, 1 ); + if ( $debug ) printf('Deleting active_edge
'); + array_splice($active_edges, $i, 1); $i--; } else { $active_edges[$i]['min_x'] += $active_edges[$i]['_1_m']; } } } while ( count($global_edges) || count($active_edges) ); - if ( $debug ) printf( 'Area:%d
', $area ); - return( $area ); + if ( $debug ) printf('Area:%d
', $area); + return $area; } -function getPolyAreaOld( $points ) { +function getPolyAreaOld($points) { $area = 0.0; $edge = 0.0; for ( $i = 0, $j = count($points)-1; $i < count($points); $j = $i++ ) { @@ -1828,174 +1844,179 @@ function getPolyAreaOld( $points ) { $edge += $trap_edge; $trap_area = ($x_diff * $y_sum ); $area += $trap_area; - printf( "%d->%d, %d-%d=%.2f, %d+%d=%.2f(%.2f), %.2f, %.2f
", i, j, $points[$i]['x'], $points[$j]['x'], $x_diff, $points[$i]['y'], $points[$j]['y'], $y_sum, $y_diff, $trap_area, $trap_edge ); + printf('%d->%d, %d-%d=%.2f, %d+%d=%.2f(%.2f), %.2f, %.2f
', + $i, $j, + $points[$i]['x'], $points[$j]['x'], + $x_diff, + $points[$i]['y'], $points[$j]['y'], + $y_sum, $y_diff, $trap_area, $trap_edge); } $edge = intval(round(abs($edge))); $area = intval(round((abs($area)+$edge)/2)); echo "E:$edge
"; echo "A:$area
"; - return( $area ); + return $area; } -function mapCoords( $a ) { - return( $a['x'].",".$a['y'] ); +function mapCoords($a) { + return $a['x'].','.$a['y']; } -function pointsToCoords( $points ) { - return( join( ' ', array_map( 'mapCoords', $points ) ) ); +function pointsToCoords($points) { + return join(' ', array_map('mapCoords', $points)); } -function coordsToPoints( $coords ) { +function coordsToPoints($coords) { $points = array(); - if ( preg_match_all( '/(\d+,\d+)+/', $coords, $matches ) ) { + if ( preg_match_all('/(\d+,\d+)+/', $coords, $matches) ) { for ( $i = 0; $i < count($matches[1]); $i++ ) { - if ( preg_match( '/(\d+),(\d+)/', $matches[1][$i], $cmatches ) ) { - $points[] = array( 'x'=>$cmatches[1], 'y'=>$cmatches[2] ); + if ( preg_match('/(\d+),(\d+)/', $matches[1][$i], $cmatches) ) { + $points[] = array('x'=>$cmatches[1], 'y'=>$cmatches[2]); } else { - echo( "Bogus coordinates '".$matches[$i]."'" ); - return( false ); + echo("Bogus coordinates '".$matches[$i]."'"); + return false; } } } else { - echo( "Bogus coordinate string '$coords'" ); - return( false ); + echo("Bogus coordinate string '$coords'"); + return false; } - return( $points ); + return $points; } -function limitPoints( &$points, $min_x, $min_y, $max_x, $max_y ) { +function limitPoints(&$points, $min_x, $min_y, $max_x, $max_y) { foreach ( $points as &$point ) { if ( $point['x'] < $min_x ) { - ZM\Logger::Debug('Limiting point x'.$point['x'].' to min_x ' . $min_x ); + ZM\Logger::Debug('Limiting point x'.$point['x'].' to min_x '.$min_x); $point['x'] = $min_x; } else if ( $point['x'] > $max_x ) { - ZM\Logger::Debug('Limiting point x'.$point['x'].' to max_x ' . $max_x ); + ZM\Logger::Debug('Limiting point x'.$point['x'].' to max_x '.$max_x); $point['x'] = $max_x; } if ( $point['y'] < $min_y ) { - ZM\Logger::Debug('Limiting point y'.$point['y'].' to min_y ' . $min_y ); + ZM\Logger::Debug('Limiting point y'.$point['y'].' to min_y '.$min_y); $point['y'] = $min_y; } else if ( $point['y'] > $max_y ) { - ZM\Logger::Debug('Limiting point y'.$point['y'].' to max_y ' . $max_y ); + ZM\Logger::Debug('Limiting point y'.$point['y'].' to max_y '.$max_y); $point['y'] = $max_y; } } // end foreach point } // end function limitPoints( $points, $min_x, $min_y, $max_x, $max_y ) -function scalePoints( &$points, $scale ) { +function scalePoints(&$points, $scale) { foreach ( $points as &$point ) { - $point['x'] = reScale( $point['x'], $scale ); - $point['y'] = reScale( $point['y'], $scale ); + $point['x'] = reScale($point['x'], $scale); + $point['y'] = reScale($point['y'], $scale); } } function getLanguages() { $langs = array(); foreach ( glob('lang/*_*.php') as $file ) { - preg_match( '/([^\/]+_.+)\.php/', $file, $matches ); + preg_match('/([^\/]+_.+)\.php/', $file, $matches); $langs[$matches[1]] = $matches[1]; } - return( $langs ); + return $langs; } -function trimString( $string, $length ) { - return( preg_replace( '/^(.{'.$length.',}?)\b.*$/', '\\1…', $string ) ); +function trimString($string, $length) { + return preg_replace('/^(.{'.$length.',}?)\b.*$/', '\\1…', $string); } -function monitorIdsToNames( $ids ) { +function monitorIdsToNames($ids) { global $mITN_monitors; if ( !$mITN_monitors ) { - $sql = 'select Id, Name from Monitors'; - foreach( dbFetchAll( $sql ) as $monitor ) { + $sql = 'SELECT Id, Name FROM Monitors'; + foreach ( dbFetchAll($sql) as $monitor ) { $mITN_monitors[$monitor['Id']] = $monitor; } } $names = array(); if ( ! is_array($ids) ) { - $ids = preg_split( '/\s*,\s*/', $ids ); + $ids = preg_split('/\s*,\s*/', $ids); } foreach ( $ids as $id ) { - if ( visibleMonitor( $id ) ) { + if ( visibleMonitor($id) ) { if ( isset($mITN_monitors[$id]) ) { $names[] = $mITN_monitors[$id]['Name']; } } } - $name_string = join( ', ', $names ); - return( $name_string ); + $name_string = join(', ', $names); + return $name_string; } function initX10Status() { global $x10_status; if ( !isset($x10_status) ) { - $socket = socket_create( AF_UNIX, SOCK_STREAM, 0 ); + $socket = socket_create(AF_UNIX, SOCK_STREAM, 0); if ( $socket < 0 ) { - ZM\Fatal( 'socket_create() failed: '.socket_strerror($socket) ); + ZM\Fatal('socket_create() failed: '.socket_strerror($socket)); } $sock_file = ZM_PATH_SOCKS.'/zmx10.sock'; - if ( @socket_connect( $socket, $sock_file ) ) { + if ( @socket_connect($socket, $sock_file) ) { $command = 'status'; - if ( !socket_write( $socket, $command ) ) { - ZM\Fatal( "Can't write to control socket: ".socket_strerror(socket_last_error($socket)) ); + if ( !socket_write($socket, $command) ) { + ZM\Fatal("Can't write to control socket: ".socket_strerror(socket_last_error($socket))); } - socket_shutdown( $socket, 1 ); + socket_shutdown($socket, 1); $x10Output = ''; - while ( $x10Response = socket_read( $socket, 256 ) ) { + while ( $x10Response = socket_read($socket, 256) ) { $x10Output .= $x10Response; } - socket_close( $socket ); + socket_close($socket); } else { // Can't connect so use script - $command = ZM_PATH_BIN."/zmx10.pl --command status"; + $command = ZM_PATH_BIN.'/zmx10.pl --command status'; //$command .= " 2>/dev/null >&- <&- >/dev/null"; - $x10Output = exec( escapeshellcmd( $command ) ); + $x10Output = exec(escapeshellcmd($command)); } - foreach ( explode( "\n", $x10Output ) as $x10Response ) { - if ( preg_match( "/^(\d+)\s+(.+)$/", $x10Response, $matches ) ) { + foreach ( explode("\n", $x10Output) as $x10Response ) { + if ( preg_match('/^(\d+)\s+(.+)$/', $x10Response, $matches) ) { $x10_status[$matches[1]] = $matches[2]; } } } } -function getDeviceStatusX10( $key ) { +function getDeviceStatusX10($key) { global $x10_status; initX10Status(); if ( empty($x10_status[$key]) || !($status = $x10_status[$key]) ) $status = 'unknown'; - return( $status ); + return $status; } -function setDeviceStatusX10( $key, $status ) { - $socket = socket_create( AF_UNIX, SOCK_STREAM, 0 ); +function setDeviceStatusX10($key, $status) { + $socket = socket_create(AF_UNIX, SOCK_STREAM, 0); if ( $socket < 0 ) { ZM\Fatal( 'socket_create() failed: '.socket_strerror($socket) ); } $sock_file = ZM_PATH_SOCKS.'/zmx10.sock'; - if ( @socket_connect( $socket, $sock_file ) ) { + if ( @socket_connect($socket, $sock_file) ) { $command = "$status;$key"; - if ( !socket_write( $socket, $command ) ) { - ZM\Fatal( "Can't write to control socket: ".socket_strerror(socket_last_error($socket)) ); + if ( !socket_write($socket, $command) ) { + ZM\Fatal('Can\'t write to control socket: '.socket_strerror(socket_last_error($socket))); } - socket_shutdown( $socket, 1 ); - $x10Response = socket_read( $socket, 256 ); - socket_close( $socket ); + socket_shutdown($socket, 1); + $x10Response = socket_read($socket, 256); + socket_close($socket); } else { // Can't connect so use script - $command = ZM_PATH_BIN.'/zmx10.pl --command '.escapeshellarg( $status ); + $command = ZM_PATH_BIN.'/zmx10.pl --command '.escapeshellarg($status); $command .= ' --unit-code '.escapeshellarg( $key ); //$command .= " 2>/dev/null >&- <&- >/dev/null"; - $x10Response = exec( $command ); + $x10Response = exec($command); } - if ( preg_match( '/^'.$key.'\s+(.*)/', $x10Response, $matches ) ) + if ( preg_match('/^'.$key.'\s+(.*)/', $x10Response, $matches) ) $status = $matches[1]; else $status = 'unknown'; - return( $status ); + return $status; } function logState() { @@ -2029,15 +2050,15 @@ function logState() { return $state; } -function isVector ( &$array ) { +function isVector(&$array) { $next_key = 0; foreach ( array_keys($array) as $key ) { - if ( !is_int( $key ) ) - return( false ); + if ( !is_int($key) ) + return false; if ( $key != $next_key++ ) - return( false ); + return false; } - return( true ); + return true; } function checkJsonError($value) { @@ -2045,62 +2066,62 @@ function checkJsonError($value) { $value = var_export($value,true); switch( json_last_error() ) { case JSON_ERROR_DEPTH : - ZM\Fatal( "Unable to decode JSON string '$value', maximum stack depth exceeded" ); + ZM\Fatal("Unable to decode JSON string '$value', maximum stack depth exceeded"); case JSON_ERROR_CTRL_CHAR : - ZM\Fatal( "Unable to decode JSON string '$value', unexpected control character found" ); + ZM\Fatal("Unable to decode JSON string '$value', unexpected control character found"); case JSON_ERROR_STATE_MISMATCH : - ZM\Fatal( "Unable to decode JSON string '$value', invalid or malformed JSON" ); + ZM\Fatal("Unable to decode JSON string '$value', invalid or malformed JSON"); case JSON_ERROR_SYNTAX : - ZM\Fatal( "Unable to decode JSON string '$value', syntax error" ); + ZM\Fatal("Unable to decode JSON string '$value', syntax error"); default : - ZM\Fatal( "Unable to decode JSON string '$value', unexpected error ".json_last_error() ); + ZM\Fatal("Unable to decode JSON string '$value', unexpected error ".json_last_error()); case JSON_ERROR_NONE: break; } } } -function jsonEncode( &$value ) { +function jsonEncode(&$value) { if ( function_exists('json_encode') ) { $string = json_encode( $value ); checkJsonError($value); - return( $string ); + return $string; } switch ( gettype($value) ) { case 'double': case 'integer': - return( $value ); + return $value; case 'boolean': - return( $value?'true':'false' ); + return $value ? 'true' : 'false'; case 'string': - return( '"'.preg_replace( "/\r?\n/", '\\n', addcslashes($value,'"\\/') ).'"' ); + return '"'.preg_replace("/\r?\n/", '\\n', addcslashes($value,'"\\/')).'"'; case 'NULL': - return( 'null' ); + return 'null'; case 'object': - return( '"Object '.addcslashes(get_class($value),'"\\/').'"' ); + return '"Object '.addcslashes(get_class($value),'"\\/').'"'; case 'array': if ( isVector( $value ) ) - return( '['.join( ',', array_map( 'jsonEncode', $value) ).']' ); + return '['.join(',', array_map('jsonEncode', $value)).']'; else { $result = '{'; foreach ($value as $subkey => $subvalue ) { if ( $result != '{' ) $result .= ','; - $result .= '"'.$subkey.'":'.jsonEncode( $subvalue ); + $result .= '"'.$subkey.'":'.jsonEncode($subvalue); } - return( $result.'}' ); + return $result.'}'; } default: - return( '"'.addcslashes(gettype($value),'"\\/').'"' ); + return '"'.addcslashes(gettype($value),'"\\/').'"'; } } -function jsonDecode( $value ) { +function jsonDecode($value) { if ( function_exists('json_decode') ) { - $object = json_decode( $value, true ); + $object = json_decode($value, true); checkJsonError($value); - return( $object ); + return $object; } $comment = false; @@ -2132,57 +2153,57 @@ function jsonDecode( $value ) { $comment = !$comment; } } - eval( $out.';' ); - return( $result ); + eval($out.';'); + return $result; } -define( 'HTTP_STATUS_OK', 200 ); -define( 'HTTP_STATUS_BAD_REQUEST', 400 ); -define( 'HTTP_STATUS_FORBIDDEN', 403 ); +define('HTTP_STATUS_OK', 200); +define('HTTP_STATUS_BAD_REQUEST', 400); +define('HTTP_STATUS_FORBIDDEN', 403); -function ajaxError( $message, $code=HTTP_STATUS_OK ) { - ZM\Error( $message ); - if ( function_exists( 'ajaxCleanup' ) ) +function ajaxError($message, $code=HTTP_STATUS_OK) { + ZM\Error($message); + if ( function_exists('ajaxCleanup') ) ajaxCleanup(); if ( $code == HTTP_STATUS_OK ) { - $response = array( 'result'=>'Error', 'message'=>$message ); - header( 'Content-type: text/plain' ); - exit( jsonEncode( $response ) ); + $response = array('result'=>'Error', 'message'=>$message); + header('Content-type: text/plain'); + exit(jsonEncode($response)); } - header( "HTTP/1.0 $code $message" ); + header("HTTP/1.0 $code $message"); exit(); } -function ajaxResponse( $result=false ) { - if ( function_exists( 'ajaxCleanup' ) ) +function ajaxResponse($result=false) { + if ( function_exists('ajaxCleanup') ) ajaxCleanup(); - $response = array( 'result'=>'Ok' ); - if ( is_array( $result ) ) { - $response = array_merge( $response, $result ); - } elseif ( !empty($result) ) { + $response = array('result'=>'Ok'); + if ( is_array($result) ) { + $response = array_merge($response, $result); + } else if ( !empty($result) ) { $response['message'] = $result; } - header( 'Content-type: text/plain' ); - exit( jsonEncode( $response ) ); + header('Content-type: text/plain'); + exit(jsonEncode($response)); } function generateConnKey() { - return( rand( 1, 999999 ) ); + return rand(1, 999999); } -function detaintPath( $path ) { +function detaintPath($path) { // Remove any absolute paths, or relative ones that want to go up - $path = preg_replace( '/\.(?:\.+[\\/][\\/]*)+/', '', $path ); - $path = preg_replace( '/^[\\/]+/', '', $path ); - return( $path ); + $path = preg_replace('/\.(?:\.+[\\/][\\/]*)+/', '', $path); + $path = preg_replace('/^[\\/]+/', '', $path); + return $path; } -function cache_bust( $file ) { +function cache_bust($file) { # Use the last modified timestamp to create a link that gets a different filename # To defeat caching. Should probably use md5 hash $parts = pathinfo($file); global $css; - $dirname = preg_replace( '/\//', '_', $parts['dirname'] ); + $dirname = preg_replace('/\//', '_', $parts['dirname']); $cacheFile = $dirname.'_'.$parts['filename'].'-'.$css.'-'.filemtime($file).'.'.$parts['extension']; if ( file_exists(ZM_DIR_CACHE.'/'.$cacheFile) or symlink(ZM_PATH_WEB.'/'.$file, ZM_DIR_CACHE.'/'.$cacheFile) ) { return 'cache/'.$cacheFile; @@ -2192,23 +2213,23 @@ function cache_bust( $file ) { return $file; } -function getSkinFile( $file ) { +function getSkinFile($file) { global $skinBase; $skinFile = false; foreach ( $skinBase as $skin ) { - $tempSkinFile = detaintPath( 'skins'.'/'.$skin.'/'.$file ); - if ( file_exists( $tempSkinFile ) ) + $tempSkinFile = detaintPath('skins'.'/'.$skin.'/'.$file); + if ( file_exists($tempSkinFile) ) $skinFile = $tempSkinFile; } - return $skinFile; + return $skinFile; } -function getSkinIncludes( $file, $includeBase=false, $asOverride=false ) { +function getSkinIncludes($file, $includeBase=false, $asOverride=false) { global $skinBase; $skinFile = false; foreach ( $skinBase as $skin ) { - $tempSkinFile = detaintPath( 'skins'.'/'.$skin.'/'.$file ); - if ( file_exists( $tempSkinFile ) ) + $tempSkinFile = detaintPath('skins'.'/'.$skin.'/'.$file); + if ( file_exists($tempSkinFile) ) $skinFile = $tempSkinFile; } $includeFiles = array(); @@ -2223,11 +2244,11 @@ function getSkinIncludes( $file, $includeBase=false, $asOverride=false ) { if ( $skinFile ) $includeFiles[] = $skinFile; } - return( $includeFiles ); + return $includeFiles; } -function requestVar( $name, $default='' ) { - return( isset($_REQUEST[$name])?validHtmlStr($_REQUEST[$name]):$default ); +function requestVar($name, $default='') { + return isset($_REQUEST[$name]) ? validHtmlStr($_REQUEST[$name]) : $default; } // For numbers etc in javascript or tags etc @@ -2310,48 +2331,48 @@ function getStreamHTML($monitor, $options = array()) { $monitor->Name()); } else { if ( $options['mode'] == 'stream' ) { - ZM\Info( 'The system has fallen back to single jpeg mode for streaming. Consider enabling Cambozola or upgrading the client browser.' ); + ZM\Info('The system has fallen back to single jpeg mode for streaming. Consider enabling Cambozola or upgrading the client browser.'); } $options['mode'] = 'single'; $streamSrc = $monitor->getStreamSrc($options); - return getImageStill( 'liveStream'.$monitor->Id(), $streamSrc, $options['width'], $options['height'], $monitor->Name()); + return getImageStill('liveStream'.$monitor->Id(), $streamSrc, $options['width'], $options['height'], $monitor->Name()); } } // end function getStreamHTML function getStreamMode( ) { $streamMode = ''; - if ( ZM_WEB_STREAM_METHOD == 'mpeg' && ZM_MPEG_LIVE_FORMAT ) { + if ( (ZM_WEB_STREAM_METHOD == 'mpeg') && ZM_MPEG_LIVE_FORMAT ) { $streamMode = 'mpeg'; } elseif ( canStream() ) { $streamMode = 'jpeg'; } else { $streamMode = 'single'; - ZM\Info( 'The system has fallen back to single jpeg mode for streaming. Consider enabling Cambozola or upgrading the client browser.' ); + ZM\Info('The system has fallen back to single jpeg mode for streaming. Consider enabling Cambozola or upgrading the client browser.'); } return $streamMode; } // end function getStreamMode function folder_size($dir) { - $size = 0; - foreach (glob(rtrim($dir, '/').'/*', GLOB_NOSORT) as $each) { - $size += is_file($each) ? filesize($each) : folder_size($each); - } - return $size; + $size = 0; + foreach (glob(rtrim($dir, '/').'/*', GLOB_NOSORT) as $each) { + $size += is_file($each) ? filesize($each) : folder_size($each); + } + return $size; } // end function folder_size function human_filesize($size, $precision = 2) { - $units = array('B','kB','MB','GB','TB','PB','EB','ZB','YB'); - $step = 1024; - $i = 0; - while (($size / $step) > 0.9) { - $size = $size / $step; - $i++; - } - return round($size, $precision).$units[$i]; + $units = array('B','kB','MB','GB','TB','PB','EB','ZB','YB'); + $step = 1024; + $i = 0; + while (($size / $step) > 0.9) { + $size = $size / $step; + $i++; + } + return round($size, $precision).$units[$i]; } function csrf_startup() { - csrf_conf('rewrite-js', 'includes/csrf/csrf-magic.js'); + csrf_conf('rewrite-js', 'includes/csrf/csrf-magic.js'); } function check_timezone() { @@ -2359,7 +2380,10 @@ function check_timezone() { $sys_tzoffset = trim(shell_exec('date "+%z"')); $php_tzoffset = trim($now->format('O')); - $mysql_tzoffset = trim(dbFetchOne("SELECT TIME_FORMAT(TIMEDIFF(NOW(), UTC_TIMESTAMP),'%H%i');",'TIME_FORMAT(TIMEDIFF(NOW(), UTC_TIMESTAMP),\'%H%i\')')); + $mysql_tzoffset = trim(dbFetchOne( + 'SELECT TIME_FORMAT(TIMEDIFF(NOW(), UTC_TIMESTAMP),\'%H%i\');', + 'TIME_FORMAT(TIMEDIFF(NOW(), UTC_TIMESTAMP),\'%H%i\')' + )); #Logger::Debug("System timezone offset determine to be: $sys_tzoffset,\x20 #PHP timezone offset determine to be: $php_tzoffset,\x20 @@ -2495,7 +2519,7 @@ function format_duration($time, $separator=':') { function array_recursive_diff($aArray1, $aArray2) { $aReturn = array(); - foreach ($aArray1 as $mKey => $mValue) { + foreach ( $aArray1 as $mKey => $mValue ) { if ( array_key_exists($mKey, $aArray2) ) { if ( is_array($mValue) ) { $aRecursiveDiff = array_recursive_diff($mValue, $aArray2[$mKey]); From a486aafa48a1161d1249ba63b1aac364d76014ed Mon Sep 17 00:00:00 2001 From: Isaac Connor Date: Mon, 21 Oct 2019 13:18:30 -0400 Subject: [PATCH 739/922] spacing --- scripts/ZoneMinder/lib/ZoneMinder/Control.pm | 8 ++++---- 1 file changed, 4 insertions(+), 4 deletions(-) diff --git a/scripts/ZoneMinder/lib/ZoneMinder/Control.pm b/scripts/ZoneMinder/lib/ZoneMinder/Control.pm index 6285d5739..896d10c07 100644 --- a/scripts/ZoneMinder/lib/ZoneMinder/Control.pm +++ b/scripts/ZoneMinder/lib/ZoneMinder/Control.pm @@ -136,11 +136,11 @@ sub executeCommand { } sub printMsg { - my $self = shift; - my $msg = shift; - my $msg_len = length($msg); + my $self = shift; + my $msg = shift; + my $msg_len = length($msg); - Debug($msg.'['.$msg_len.']'); + Debug($msg.'['.$msg_len.']'); } 1; From 5c715ec96b6cffef5b753774ee5943f43cdc44fa Mon Sep 17 00:00:00 2001 From: Isaac Connor Date: Mon, 21 Oct 2019 13:18:50 -0400 Subject: [PATCH 740/922] fix use of printMsg in Netcat --- scripts/ZoneMinder/lib/ZoneMinder/Control/Netcat.pm | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/scripts/ZoneMinder/lib/ZoneMinder/Control/Netcat.pm b/scripts/ZoneMinder/lib/ZoneMinder/Control/Netcat.pm index b8d756887..4f6bca07c 100644 --- a/scripts/ZoneMinder/lib/ZoneMinder/Control/Netcat.pm +++ b/scripts/ZoneMinder/lib/ZoneMinder/Control/Netcat.pm @@ -132,7 +132,7 @@ sub sendCmd { my $content_type = shift; my $result = undef; - printMsg($cmd, 'Tx'); + $self->printMsg($cmd, 'Tx'); my $server_endpoint = 'http://'.$address.':'.$port.'/'.$cmd; my $req = HTTP::Request->new(POST => $server_endpoint); From 12dfcae81f42b46d5932976d07f4ae3dacd09cf9 Mon Sep 17 00:00:00 2001 From: Isaac Connor Date: Mon, 21 Oct 2019 13:19:20 -0400 Subject: [PATCH 741/922] remove debug --- web/views/image.php | 2 -- 1 file changed, 2 deletions(-) diff --git a/web/views/image.php b/web/views/image.php index b3a2aae18..9486a282d 100644 --- a/web/views/image.php +++ b/web/views/image.php @@ -69,7 +69,6 @@ if ( empty($_REQUEST['path']) ) { } if ( !empty($_REQUEST['eid']) ) { - ZM\Logger::Debug("Loading by eid"); $Event = ZM\Event::find_one(array('Id'=>$_REQUEST['eid'])); if ( !$Event ) { header('HTTP/1.0 404 Not Found'); @@ -244,7 +243,6 @@ if ( !empty($_REQUEST['scale']) ) { $width = 0; if ( !empty($_REQUEST['width']) ) { -ZM\Logger::Debug("Setting width: " . $_REQUEST['width']); if ( is_numeric($_REQUEST['width']) ) { $x = $_REQUEST['width']; if ( $x >= 10 and $x <= 8000 ) From 91651652c789642966d9664a840c14881374f847 Mon Sep 17 00:00:00 2001 From: Isaac Connor Date: Mon, 21 Oct 2019 13:41:32 -0400 Subject: [PATCH 742/922] Only report an error for not finding the server if ServerId had a value --- web/includes/Storage.php | 4 ++-- 1 file changed, 2 insertions(+), 2 deletions(-) diff --git a/web/includes/Storage.php b/web/includes/Storage.php index 95b755d09..dec0f5a12 100644 --- a/web/includes/Storage.php +++ b/web/includes/Storage.php @@ -118,11 +118,11 @@ class Storage extends ZM_Object { if ( ! array_key_exists('Server',$this) ) { if ( array_key_exists('ServerId', $this) ) { $this->{'Server'} = Server::find_one(array('Id'=>$this->{'ServerId'})); - if ( ! $this->{'Server'} ) { + + if ( (!$this->{'Server'}) and $this->{'ServerId'} ) { Error('No Server record found for server id ' . $this->{'ServerId'}); $this->{'Server'} = new Server(); } - $this->{'Server'} = new Server(); } else { $this->{'Server'} = new Server(); } From d0366137762bd215b0a2a566e94f9aab21fca0fb Mon Sep 17 00:00:00 2001 From: Isaac Connor Date: Mon, 21 Oct 2019 13:45:27 -0400 Subject: [PATCH 743/922] Fix Server() not returning a ServerObject if not found when ServerId is null or 0 --- web/includes/Storage.php | 5 +++-- 1 file changed, 3 insertions(+), 2 deletions(-) diff --git a/web/includes/Storage.php b/web/includes/Storage.php index dec0f5a12..cf1e6ddcf 100644 --- a/web/includes/Storage.php +++ b/web/includes/Storage.php @@ -119,8 +119,9 @@ class Storage extends ZM_Object { if ( array_key_exists('ServerId', $this) ) { $this->{'Server'} = Server::find_one(array('Id'=>$this->{'ServerId'})); - if ( (!$this->{'Server'}) and $this->{'ServerId'} ) { - Error('No Server record found for server id ' . $this->{'ServerId'}); + if ( !$this->{'Server'} ) { + if ( $this->{'ServerId'} ) + Error('No Server record found for server id ' . $this->{'ServerId'}); $this->{'Server'} = new Server(); } } else { From 66fa57d96742f1a641d0cb3ed46070f883b80241 Mon Sep 17 00:00:00 2001 From: Isaac Connor Date: Mon, 21 Oct 2019 14:03:49 -0400 Subject: [PATCH 744/922] remove wheezy. It is EOL --- .travis.yml | 1 - 1 file changed, 1 deletion(-) diff --git a/.travis.yml b/.travis.yml index 9876a21d5..3527d70b5 100644 --- a/.travis.yml +++ b/.travis.yml @@ -40,7 +40,6 @@ env: - SMPFLAGS=-j4 OS=ubuntu DIST=bionic DOCKER_REPO=iconzm/packpack USE_SFTP=yes - SMPFLAGS=-j4 OS=ubuntu DIST=disco DOCKER_REPO=iconzm/packpack USE_SFTP=yes - SMPFLAGS=-j4 OS=ubuntu DIST=eoan DOCKER_REPO=iconzm/packpack USE_SFTP=yes - - SMPFLAGS=-j4 OS=debian DIST=wheezy DOCKER_REPO=iconzm/packpack USE_SFTP=yes - SMPFLAGS=-j4 OS=debian DIST=jessie DOCKER_REPO=iconzm/packpack USE_SFTP=yes - SMPFLAGS=-j4 OS=debian DIST=stretch DOCKER_REPO=iconzm/packpack USE_SFTP=yes - SMPFLAGS=-j4 OS=debian DIST=buster DOCKER_REPO=iconzm/packpack USE_SFTP=yes From 76fd32b427466936f746894ed830f4a6d427e794 Mon Sep 17 00:00:00 2001 From: Isaac Connor Date: Tue, 22 Oct 2019 10:01:24 -0400 Subject: [PATCH 745/922] more debug, and ensure that pts != AV_NOPTS_VALUE --- src/zm_videostore.cpp | 20 ++++++-------------- 1 file changed, 6 insertions(+), 14 deletions(-) diff --git a/src/zm_videostore.cpp b/src/zm_videostore.cpp index 57d7d9a0f..05c61aaa6 100644 --- a/src/zm_videostore.cpp +++ b/src/zm_videostore.cpp @@ -911,6 +911,7 @@ int VideoStore::writeVideoFramePacket(AVPacket *ipkt) { dumpPacket(video_out_stream, &opkt, "after pts adjustment"); write_packet(&opkt, video_out_stream); + dumpPacket(video_out_stream, &opkt, "after write_packet"); video_next_dts = opkt.dts + opkt.duration; Debug(3, "video_next_dts has become %" PRId64, video_next_dts); @@ -1010,26 +1011,17 @@ int VideoStore::write_packet(AVPacket *pkt, AVStream *stream) { if ( pkt->dts == AV_NOPTS_VALUE ) { Debug(1, "undef dts, fixing by setting to stream cur_dts %" PRId64, stream->cur_dts); pkt->dts = stream->cur_dts; - } - - if ( pkt->dts < stream->cur_dts ) { + } else if ( pkt->dts < stream->cur_dts ) { Debug(1, "non increasing dts, fixing. our dts %" PRId64 " stream cur_dts %" PRId64, pkt->dts, stream->cur_dts); pkt->dts = stream->cur_dts; - if ( (pkt->pts != AV_NOPTS_VALUE) && (pkt->dts > pkt->pts) ) { - Debug(1, - "pkt.dts %" PRId64 " must be <= pkt.pts %" PRId64 "." - "Decompression must happen before presentation.", - pkt->dts, pkt->pts); - pkt->pts = pkt->dts; - } - } else if ( (pkt->pts != AV_NOPTS_VALUE) && (pkt->dts > pkt->pts) ) { + } + + if ( pkt->dts > pkt->pts ) { Debug(1, "pkt.dts(%" PRId64 ") must be <= pkt.pts(%" PRId64 ")." "Decompression must happen before presentation.", pkt->dts, pkt->pts); - pkt->dts = pkt->pts; - } else { - Debug(1, "Acceptable pts and dts. cur_dts = %" PRId64, stream->cur_dts); + pkt->pts = pkt->dts; } dumpPacket(stream, pkt, "finished pkt"); From 35ae81d98558af82e128f0cc5bd12a7d9ac14429 Mon Sep 17 00:00:00 2001 From: Isaac Connor Date: Wed, 23 Oct 2019 09:25:16 -0400 Subject: [PATCH 746/922] dynamically allocate next_dts and use it in write_packet to store the next dts value. write_interleaved_packet destroys the passed in packet so we need to store next_dts before writing out the packet. --- src/zm_videostore.cpp | 25 +++++++++++++++---------- src/zm_videostore.h | 6 +++--- 2 files changed, 18 insertions(+), 13 deletions(-) diff --git a/src/zm_videostore.cpp b/src/zm_videostore.cpp index 05c61aaa6..fff7284b4 100644 --- a/src/zm_videostore.cpp +++ b/src/zm_videostore.cpp @@ -110,6 +110,7 @@ VideoStore::VideoStore( } else { Debug(2, "Success creating video out stream"); } + max_stream_index = video_out_stream->index; #if LIBAVCODEC_VERSION_CHECK(57, 64, 0, 64, 0) // by allocating our own copy, we don't run into the problems when we free the streams @@ -277,14 +278,9 @@ VideoStore::VideoStore( #endif video_first_pts = 0; video_first_dts = 0; - video_next_pts = 0; - video_next_dts = 0; audio_first_pts = 0; audio_first_dts = 0; - /* When encoding audio, these are used to tell us what the correct pts is, because it gets lost during resampling. */ - audio_next_pts = 0; - audio_next_dts = 0; if ( audio_in_stream ) { Debug(3, "Have audio stream"); @@ -381,7 +377,16 @@ VideoStore::VideoStore( audio_out_ctx->flags |= CODEC_FLAG_GLOBAL_HEADER; #endif } + + // We will assume that subsequent stream allocations will increase the index + max_stream_index = audio_out_stream->index; } // end if audio_in_stream + + //max_stream_index is 0-based, so add 1 + next_dts = new int64_t[max_stream_index+1]; + for ( int i = 0; i <= max_stream_index; i++ ) { + next_dts[i] = 0; + } } // VideoStore::VideoStore bool VideoStore::open() { @@ -605,6 +610,7 @@ VideoStore::~VideoStore() { /* free the streams */ avformat_free_context(oc); + delete[] next_dts; } // VideoStore::~VideoStore() bool VideoStore::setup_resampler() { @@ -899,8 +905,8 @@ int VideoStore::writeVideoFramePacket(AVPacket *ipkt) { } opkt.dts = ipkt->dts - video_first_dts; } else { - opkt.dts = video_next_dts ? av_rescale_q(video_next_dts, video_out_stream->time_base, video_in_stream->time_base) : 0; - Debug(3, "Setting dts to video_next_dts %" PRId64 " from %" PRId64, opkt.dts, video_next_dts); + opkt.dts = next_dts[video_out_stream->index] ? av_rescale_q(next_dts[video_out_stream->index], video_out_stream->time_base, video_in_stream->time_base) : 0; + Debug(3, "Setting dts to video_next_dts %" PRId64 " from %" PRId64, opkt.dts, next_dts[video_out_stream->index]); } if ( ipkt->pts != AV_NOPTS_VALUE ) { opkt.pts = ipkt->pts - video_first_dts; @@ -911,9 +917,6 @@ int VideoStore::writeVideoFramePacket(AVPacket *ipkt) { dumpPacket(video_out_stream, &opkt, "after pts adjustment"); write_packet(&opkt, video_out_stream); - dumpPacket(video_out_stream, &opkt, "after write_packet"); - video_next_dts = opkt.dts + opkt.duration; - Debug(3, "video_next_dts has become %" PRId64, video_next_dts); zm_av_packet_unref(&opkt); @@ -1025,6 +1028,8 @@ int VideoStore::write_packet(AVPacket *pkt, AVStream *stream) { } dumpPacket(stream, pkt, "finished pkt"); + next_dts[stream->index] = opkt.dts + opkt.duration; + Debug(3, "video_next_dts has become %" PRId64, next_dts[stream->index]); int ret = av_interleaved_write_frame(oc, pkt); if ( ret != 0 ) { diff --git a/src/zm_videostore.h b/src/zm_videostore.h index f8a2f2a97..7c465ea4b 100644 --- a/src/zm_videostore.h +++ b/src/zm_videostore.h @@ -70,10 +70,10 @@ private: int64_t audio_first_dts; // These are for out, should start at zero. We assume they do not wrap because we just aren't going to save files that big. - int64_t video_next_pts; - int64_t video_next_dts; + int64_t *next_dts; int64_t audio_next_pts; - int64_t audio_next_dts; + + int max_stream_index; bool setup_resampler(); int write_packet(AVPacket *pkt, AVStream *stream); From 77118d55b2fcf6aa425803f51ddcaccdaa720bb4 Mon Sep 17 00:00:00 2001 From: Isaac Connor Date: Wed, 23 Oct 2019 09:50:49 -0400 Subject: [PATCH 747/922] add 4CIF aspect ratio padding. Fixes #2738 --- .../classic/css/base/views/timeline.css.php | 20 +++++++++++-------- web/skins/classic/views/timeline.php | 10 +++++----- 2 files changed, 17 insertions(+), 13 deletions(-) diff --git a/web/skins/classic/css/base/views/timeline.css.php b/web/skins/classic/css/base/views/timeline.css.php index 94c011e82..1bd45107b 100644 --- a/web/skins/classic/css/base/views/timeline.css.php +++ b/web/skins/classic/css/base/views/timeline.css.php @@ -17,20 +17,24 @@ } .imageHeight { +min-height: } @@ -47,7 +51,7 @@ switch($max_aspect_ratio){ height: px; } #chartPanel .eventsPos { @@ -55,7 +59,7 @@ if ( $mode == "overlay" ) { } #chartPanel .activityPos { diff --git a/web/skins/classic/views/timeline.php b/web/skins/classic/views/timeline.php index 4b92ea94f..2fe419efd 100644 --- a/web/skins/classic/views/timeline.php +++ b/web/skins/classic/views/timeline.php @@ -248,11 +248,11 @@ $scales = array( array( 'name'=>'month', 'factor'=>60*60*24*30, 'align'=>1, 'zoomout'=>12, 'label'=>STRF_TL_AXIS_LABEL_MONTH ), array( 'name'=>'week', 'factor'=>60*60*24*7, 'align'=>1, 'zoomout'=>4.25, 'label'=>STRF_TL_AXIS_LABEL_WEEK, 'labelCheck'=>'%W' ), array( 'name'=>'day', 'factor'=>60*60*24, 'align'=>1, 'zoomout'=>7, 'label'=>STRF_TL_AXIS_LABEL_DAY ), - array( 'name'=>"hour4", 'factor'=>60*60, 'align'=>4, 'zoomout'=>6, 'label'=>STRF_TL_AXIS_LABEL_4HOUR, 'labelCheck'=>'%H' ), + array( 'name'=>'hour4', 'factor'=>60*60, 'align'=>4, 'zoomout'=>6, 'label'=>STRF_TL_AXIS_LABEL_4HOUR, 'labelCheck'=>'%H' ), array( 'name'=>'hour', 'factor'=>60*60, 'align'=>1, 'zoomout'=>4, 'label'=>STRF_TL_AXIS_LABEL_HOUR, 'labelCheck'=>'%H' ), - array( 'name'=>"minute10", 'factor'=>60, 'align'=>10, 'zoomout'=>6, 'label'=>STRF_TL_AXIS_LABEL_10MINUTE, 'labelCheck'=>'%M' ), + array( 'name'=>'minute10', 'factor'=>60, 'align'=>10, 'zoomout'=>6, 'label'=>STRF_TL_AXIS_LABEL_10MINUTE, 'labelCheck'=>'%M' ), array( 'name'=>'minute', 'factor'=>60, 'align'=>1, 'zoomout'=>10, 'label'=>STRF_TL_AXIS_LABEL_MINUTE, 'labelCheck'=>'%M' ), - array( 'name'=>"second10", 'factor'=>1, 'align'=>10, 'zoomout'=>6, 'label'=>STRF_TL_AXIS_LABEL_10SECOND ), + array( 'name'=>'second10', 'factor'=>1, 'align'=>10, 'zoomout'=>6, 'label'=>STRF_TL_AXIS_LABEL_10SECOND ), array( 'name'=>'second', 'factor'=>1, 'align'=>1, 'zoomout'=>10, 'label'=>STRF_TL_AXIS_LABEL_SECOND ), ); @@ -632,7 +632,7 @@ function drawXGrid( $chart, $scale, $labelClass, $tickClass, $gridClass, $zoomCl ?> Date: Wed, 23 Oct 2019 09:52:36 -0400 Subject: [PATCH 748/922] fix crumbs --- web/skins/classic/css/base/views/timeline.css.php | 1 - 1 file changed, 1 deletion(-) diff --git a/web/skins/classic/css/base/views/timeline.css.php b/web/skins/classic/css/base/views/timeline.css.php index 1bd45107b..a9d7be691 100644 --- a/web/skins/classic/css/base/views/timeline.css.php +++ b/web/skins/classic/css/base/views/timeline.css.php @@ -17,7 +17,6 @@ } .imageHeight { -min-height: Date: Wed, 23 Oct 2019 12:04:18 -0400 Subject: [PATCH 749/922] remove zmf which no longer exists and add documentation for Event.pm, Filter.pm and the Control directory. Fixes #2732 --- docs/userguide/components.rst | 8 ++++++-- 1 file changed, 6 insertions(+), 2 deletions(-) diff --git a/docs/userguide/components.rst b/docs/userguide/components.rst index 48aff0be4..c77f9599a 100644 --- a/docs/userguide/components.rst +++ b/docs/userguide/components.rst @@ -17,8 +17,6 @@ Binaries This is the ZoneMinder Capture daemon. This binary's job is to sit on a video device and suck frames off it as fast as possible, this should run at more or less constant speed. **zma** This is the ZoneMinder Analysis daemon. This is the component that goes through the captured frames and checks them for motion which might generate an alarm or event. It generally keeps up with the Capture daemon but if very busy may skip some frames to prevent it falling behind. -**zmf** - This is the ZoneMinder Frame daemon. This is an optional daemon that can run in concert with the Analysis daemon and whose function it is to actually write captured frames to disk. This frees up the Analysis daemon to do more analysis (!) and so keep up with the Capture daemon better. If it isn’t running or dies then the Analysis daemon just writes them itself. **zms** This is the ZoneMinder Streaming server. The web interface connects with this to get real-time or historical streamed images. It runs only when a live monitor stream or event stream is actually being viewed and dies when the event finishes or the associate web page is closed. If you find you have several zms processes running when nothing is being viewed then it is likely you need a patch for apache (see the Troubleshooting section). A non-parsed header version of zms, called nph-zms, is also installed and may be used instead depending on your web server configuration. **zmu** @@ -86,9 +84,15 @@ Finally, there are also a number of ZoneMinder perl modules included. These are This module contains the defined Debug and Error functions etc, that are used by scripts to produce diagnostic information in a standard format. **ZoneMinder/Database.pm** This module contains database access definitions and functions. Currently not a lot is in this module but it is included as a placeholder for future development. +**ZoneMinder/Event.pm** + This module contains functions to load, manipulate, delete, copy, move events. +**ZoneMinder/Filter.pm** + This module contains functions to load, execute etc filters. **ZoneMinder/SharedMem.pm** This module contains standard shared memory access functions. These can be used to access the current state of monitors etc as well as issuing commands to the monitors to switch things on and off. This module effectively provides a ZoneMinder API. **ZoneMinder/ConfigAdmin.pm** This module is a specialised module that contains the definition, and other information, about the various configuration options. It is not intended for use by 3rd parties. +**ZoneMinder/Control/\*.pm** + These modules contain implementations of the various PTZ protocols. **ZoneMinder/Trigger/\*.pm** These modules contain definitions of trigger channels and connections used by the zmtrigger.pl script. Although they can be used ‘as is’, they are really intended as examples that can be customised or specialised for different interfaces. Contributed modules for new channels or connections will be welcomed and included in future versions of ZoneMinder. From 9fdfb5944efe48300b91da9235243d3b025919cf Mon Sep 17 00:00:00 2001 From: Isaac Connor Date: Wed, 23 Oct 2019 12:20:18 -0400 Subject: [PATCH 750/922] Update schematic to remove zmf --- docs/userguide/images/zm-system-overview.xml | 3 +-- 1 file changed, 1 insertion(+), 2 deletions(-) diff --git a/docs/userguide/images/zm-system-overview.xml b/docs/userguide/images/zm-system-overview.xml index e4314666a..27eec2631 100644 --- a/docs/userguide/images/zm-system-overview.xml +++ b/docs/userguide/images/zm-system-overview.xml @@ -1,2 +1 @@ - - \ No newline at end of file +7V1rc7O2Ev41mWk/xAMS14+5ND090868c3I6fdsvZ4hRbE6wcQHn9usrAcJoJRxhC4dk4k7zGoFB7OXZ1e5KOsNXq+ef82iz/C2LSXqGrPj5DF+fIWRboUf/YS0vdYuH/bphkSdxc9Gu4TZ5JfyXTes2iUkhXFhmWVomG7Fxnq3XZF4KbVGeZ0/iZfdZKj51Ey2I1HA7j1K59Y8kLpdNq+2FuxP/Isli2Tw6QM0L30Xzh0WebdfN884Qvq8+9elVxO/VvGixjOLsqdOEfzrDV3mWlfW31fMVSRltOdnq3930nG37nZN1qfMDVP/gMUq3hPe46lf5wmnxtExKcruJ5uz4ifL7DF8uy1VKj2z6VX5i04lHkpfkudPU9OBnkq1Imb/QS5qzDqdGIy1Bc/jUIb3ftC07VLf5hVHD7kV7690r0y/NW6spgCUK/PXblf0OVHBtV6CCbclk8BRUwAaI4KiI8B6iIBHBOR0RXBUR1hMgQosWJyBC8DYgkHV8wTCWHq2zNRFfnzwn5Xf63Zq5zdGf7Ih9X9OudE6xwz/5r9bxTcL6VF0ZR8WSxG/Rs8i2+ZwIrCujfEFKQaRJLCC9TPMOTV0FTXlbTtKoTB5F+6AidPOEb1lC+7tjKYC4lqX8FvXbNL/qAja8kS/eqAVGfqOaBtKNKr63r60lCqFCHy7eAxkdB7yzAhlVvDOhD9wjEanwLlYSUkEBjaNRwVZR4T2wEVJBhY2jUUHDW5ogOHLmddGRi/Wb8MjJ3gc7mvCpj5SO02P8hiKlE7rqLptHSiSDxEDBaNnfZf5OTL53BKhzRhCMgr5PyR8xT6OiSOa8ublMW2RCWWLwQIFxIVq5YwkMBojAnzRYYNw3bmRQYGQ8/dgCw/HkEA+Mk98DEuOOJjHQhriHSoz3xo0MSszRtmdqEqOwSu6RRskbS2Jcu+dJg9135O6/kUGJkSMbksR05IO5YMk8Sn+N7kj6LSuSMsnW9NxdVpbZqnPBRZos2Iky21S8z7OHNkiG2parLM3y6iHYsgLrhonPPRWRTnsTGKO/4EEwwb+x6jMb1tXV84IFGmdJVvizZJ6ti9ljEpPsf/Qr7VcR1Z29zLOy+Xp9zqJDRlxOTxp++JKYYYWY2W6/mOm6nDyu+MVE00x0gtMx0f9i4ihMbMNVp2CiHBl7XT1F5Xw526QSO08RJAwEWmDub3WDhK5MCxMDYSybltdVPH8fQjggWnpSQsiBc4kCHa9s5zIpgwKOh2BYgH7/RvKEdozkTVsvybreFZfWqYQ/nVBU3PDQ8KcjSj1ysXgjc/4Tlk3vKlsnJQVNSv48m5OiOENeWjKoTB7p1wX7WkFCnC34KfqYzllJOqiQl6I85KRIXqO76oKK3/gyaoB+TlnO5ECyAKskjtkPLlNmMy7bJKQK47vY3wwTZJHigt0kWJvunO0iHdrqeW7NLG4AG6adIyNChaBFF2+Q3d8X5GghkJNCQyFOi97D4d8SNSq0JdDzscISesgA6mn4Mwx4bptDkt5lTz/tGi6rBnpimeXJa7Yuo7Qeau7HyZ4BbIj4MURK9bAWuboginVjXqcBUScAhs4+FERtGLYYLTLKHbaBIEphh/qu6QfHUN8ghno2h+R2FGpEqIDzdM7tq1kUlVOJMmDoukmKGFUDDPaZFNnS0nPuLAnh7mnpPpJGPsDa6ep+63m1WRFwI4O6PyzIreT6IidkLQ1uMRyq6rF5Wiz1cDgLLRw4nu2yv0jki+3N7JAOUnyv+gvZpF8vAAKOcCxskN/yYKgKDXwUvObyagSvUeCLeH2s02sUkB10MtU8Hp09GZ0HppZc4DnZyJm5IfbHShd4DlXtzifY9/TBGi29zHgaLY9+PpZGo6M1+lj3Cou8En9vRpc18jyT0WVf1uWBST8XlnXgsXUZeF4wbniw3nrOLODmnf0FI3ODaixHsj6WGuN3V2NbtOUg6GhGj3WiKvsy/KLyspYsj9ZMq6AWm8zpT8SbdjygXdaBagpv5I0XG1HVWndCIR3Ge39v2YyQS6ag540CXtArUnJf7s7uAiT1XYpNtFbe5j5bl+dFNeuG3cW2Ns/0n+qXVpqsyTlnUHV2huRHXKyj9IX+ns2tYaGcVVYl+3bxmvrZYn8Gh3HEBGYj8QrI0IckVaw2o1ffp3VAkl5XGcJecR+Ql8LA7fMkCxUo0lLOHgulPZPh2HpEbSjZU9A6VuEQHlwlBBRa9M1DOVtoqMoMjrwt9YOHp8A84b7jBW9dVQDngwDUPNqU25wBVOPqXNUOBNNf5oBmDLryaEWKL9Dak1Y6JWjJMYlrmd68DmX+QuUgruj2Lvk3Og4RCaWoVnVUOGKgFMUdNuJTwHsXw2Ws7+busrxcZouMmvtuAk8Tz0UjMHUXElsgNH5okQKcz2rD1HQPRFOCRi+dyzbsgmJPh+FkydDa2y/p+uZ4J3Z1Dw62F8OqYQ53O04sfpx8YKKB75zGkYDPpeJkxJHQfJ8R/ApVUcUH8SuKMqu8Cu471J5EnBQP7EbIi1bM/NR/mccRlVHKioGshPXo+vLL2+ga0VA0oooZjbZlj+RuyOGW11WZJ4sFyd+nkBFGGlu47tb0jFTI6OrM+zZe0vOWH9ITbg6DtkG7OHIiPobE44OjyaE9C53dRxwT0u7OrO7HGw3L5dIOilEkpw4jA8dan7rQuL4r2D8MNsUWRRlQZdAZUrIKd0b7eZbHyXq6tZWCQC+YyDffQcH99U/sP3ZNHsUJffKbAxSuoGaKidoa6WNdZhG/z2Gw1Ehg3JOjWX+QO9pwS/JHJlzDkFqLRw0ftNkzGOwxqMFzFLYPqxa9MYH2nmo6Pz3++fdf6N8fNstNpbHMgfn37Y+fhMD2KQksxzIqAl98++VzUBO7MjVVxOQJ36OIqRPumIpvEthBn2/ySTJt2PbVojC8FFG8EYIpO2NhEvAcMUxydNjD0wl7vJt8DprubTJPwzFwwlW1rehyUYYLymlH/Kw33HpzDrcnB0+2BfOCbqJ4lchL8vCA+XaVXsxZ3f3BE0wnZ5T8QKyuchXrQqmmg0Iv9SCjZGrAzGltUuUVawj1Vs/r6bJqsQY0KV1GYDEIB5ZFaodFQfQewzSAIbOEPHWHjZkleWT+uto8LN5plm4gDhWxYgGpsWbp8kdNykD30nTC9tIJ31ANbXvZN5wwrGNwpR9u4E3pmK8zxWUqQ5P9Ex+7YsehYyJi5wKxcw6d+OgByMWaS8INFTvYYWx4xOHL4QUxVHqTk11DVG4LSSonGhsd6jNyBTQSFnUtZAYmRe6PUi3smwqKmPM/e6FlIjAiuSDhgR4i4qlxHlCAeGQqcCHBiFkP0dcIXHzgdYlSJkF32/QO4E2vnA4YeXogpKTwZnnRj+mFiHzVPIE6H8bKGwT29dQ9BKzsAVY21FEEq5jnyabsZNjqm/ak2Dj511nJQGX8WHb9Etd7XZnD+YgVq5QiBSIZGZUMW2r9IE+wLc9GsD576mDt+w7ttIOxS8fJtu0GkE8zK/B8y0UWwrakV7pI7oNJutK6RObidsEUB6FHhoU4FE1FZqB7DwN92mIBQ0DjhXMDeQTZFk18TpedK4IRl93xLLC2FD5OlIw66YE8TjNiqqM1owLO45q0JTuKyWNC9VLTbk+pkLBXykwYeFCh0s4e6uatFY4axv0So72Viuxev66alY3eJwjrW8CMhqerMAynbP/kTKiW/fOm5TN5AYiTHZqZ9/tqZ0bYZKZ/jtlREDmPViSP2M83ZJ7cU7mo1hsrszlbVswqmtIx64cNydOK0/OHaEF+1AXQD1G1E4DlJ9qAQkceQ8UqgUb0XWX7pqnvvrCKGCiY0F8ukON9N5Ie6iIEV2EY6tbc3uaAdS3gk/ChYyjU02XD0bAA1FjwmgtT0bBwimVmvYI3EZMTgGXLDs4IQnG0NdddGCxFoMM8C29MiuTynNYUffvvX5JEfZJBXXj8Ei3NWep+QbOFjhNVo0O6UHbqJZ7yoGiarB/2arvuLEYwYxKuraAX1dlvyCaCJ17gzmxv9wFhdiec4c4HgWkt2mATiNNlwtGmx4Qa+3e8t7gcLhO7xUlFpolBVZ6jNe7CtCs2wjkUgxN64EZjbqqp2kZiu4mjklQxAeuc/r/dMOCtppeyaQPDhh7dnTdCQ2GUduPrVhGxxFPbVjDVyEhCVchGjVV50ETNaYzMMNwQIVBEYkaaT9EujTUpT3f4+s6+7sCMC9CEq1cxqF49eG13uPbEiOuXtVOzO3LULulu1Qr6aQuPWiUyksbwLTAX5pzvNXusXGFw2zFqkWyrf0EH3SCebauieNRvIcVLUZLV0IKEOJtvVxW3TlCUYMAgIFs0CK68x5xqy/d9TpO+PRi4n0dBFoy0gkUYp2RVu2K1FcGJ4Lm0BJAF9lXQno0Ad54cKbomPafpsG6/mlSnqTBKSy/B6Yu2cVJ+WJ8PIVHFbVvW8fF8PtmJPrWOv735OXTwtEPvrbhMGROkrTcO9fEwKDAeKVQq99ff2y14fRMqMwYJtqlhi8Epd+oCuwHbZk9rnz4b7toOAyHaERW4mfdIMy3aVbPBc8wJ3eeukSYv5Mx40U2b+30BRHyjOtqEnbNVQ5Evfu3lF5yN19atnYJfn3uD61H4JZVx2XKEfTR+fe69rEfhF9yDS7VD8Wj80phl8Kn4NUb6A1kiA5GlSH+MxUCNgdunYqAJhQPpqkAeaI/FLqQxSPliF1wbAgwc5UXnR2MX+mLXYDQEg0QXnZBfUyzSOzp6zQfLE4kC+CCQ4x66SK0PJUVzhbdDBupIHqgvy3JTZZdu2DoIVcX3bE7VFN28riSp+Sx5SWSwEs8Kef0yzx+i4wTMbNoRyWP9ZnNxio3IumPv8rqK51XG4KpSn+oGd6RifUQJwa5L7hm58hpS3xaLzzlRqt3sh6uqIjnRVrML2QkDGcho9XB7+92jApWE3/3/PP3+993jecveHmhX70xSaVtrGnfX/JoxS1wx8P+kLF9u63nk0bbMRPbuqUOhR9fPnVPXLwL9AXq/vRmmbAiQmkfa6tZDcLYgTMYS6ztNY57Cb1lM2BX/AA== \ No newline at end of file From 4f8c4e8abda7c354b737edb511dcb0931b95a39a Mon Sep 17 00:00:00 2001 From: Isaac Connor Date: Wed, 23 Oct 2019 12:21:06 -0400 Subject: [PATCH 751/922] Update schematic to remove zmf --- docs/userguide/images/zm-system-overview.jpg | Bin 95620 -> 67165 bytes 1 file changed, 0 insertions(+), 0 deletions(-) diff --git a/docs/userguide/images/zm-system-overview.jpg b/docs/userguide/images/zm-system-overview.jpg index de02dcf9eb284878c6bf5a141e632ff1b6092404..32f281b2a4b57996f62cb2501a296496def0d290 100644 GIT binary patch literal 67165 zcmce-1yo!?mo4156B-(KZy>n4yGvt1f(HnM#wEDBH7>z5xVyU~xI=I!0Rn_1z~h_u zzc+j{|GYKxX02CUtGidD9I_x0pQ>O0J!HD;AssY4M2eZ zNBPG)!gE1HM*K%XMMg$KMngqMM?*zJL&toDiH?Ddfrf?!#KL}sg9F4t$Hc|M#ld_2 zj`NR`!2P2o0wU^jLmUh=jOSnfi{+^o07Ql7h3`OsqXEDJ;ShjuPlEvRf4GVO_m2Yj z{|X8cGAbehJla1FTi^fyNY9QVV4%aHAY&jQp~1l;AR+;fQGmFpcp&Npd;&ru8cqRy zkF+LQE`CW}y_D4EIZbXUEi-813>uxeb5R|bhxeVEdtiQHX#+ijbZ8%=Tu^W_pSFdI zYeDh+_H!qs&wax``|!UUc>Y8{f=5I~`G*Ihz~^y9K!8U;MnFVC`xldE7l4S=oJhFH zG?I8AO*3d6S70K(R{jqHI&L0w=NS}QsrrV#{_V@BRRAW!^SOZtK!7;lv3wSmr}dw# zDPMp_hLWFHOm2&^j(ER)TODTtWxFIXfeU63RV)?SrAk8a$Yqrx-IFz}>q7dGvGTwE zEc-LfP$e+BkgL4fa2clsiImI^jug>5y1Q!&KHY8FkB@ z*0LSBntz)Rr`qq8C+2%crlg~7ntC>@2+`pv$xzc+x11-J2;m&~o3JBBpp3Hjy2)HN zS8*X?SW>od`nY00w#ThkP|=_jWyp+h z1i0OR5WUMpUCYTzfwfnmBk7zOL2M3|g?Q?S4C3r(Xy{;4 z!RH27dFfxuzEc^_wZook%aKJ}=KH{4`G#S|M!itOZw3c}4Lu--Uv+L?0f{*ZKqS!( zLCQ>_tp61qo?E|jLA>UuEBXiK@Ya1kRAyh*Ye-ABdjP($!b)g}Geiax@ft36ZxP@* zH&j(#j_ zfOEy8IN=B3@(|L;2d9(kPQOP0T{M_dL4i~qNEl0|E3xW|7D6PI{Oukb>7Gx}2H*(oDhBBHJ= zSBeY)b%3BF0XX0l4Ed_%oiXp2A2IZ5@eGpUIKms*LNYek<2NJ4cCN=HmqODd$*c2b zPq_(kRzs$AGonlqfEU@X=X;5lM6ueErNA`d0L$`JPFcz1wk|KKGC5>JEAr@PIWjX4 z9cF5#0hlpGPf?*R%}PhUY2L7LdOfT)rz)_Wo$$8sF?Fv+>3jnXH$D#NN|RX%00$~g z1CG()-$eidLTi7$B4VL+Qe-7$E59gSaN~$d10}8r8%V*M=VwLjBoGx-1A?>wr4tNO z9T+A0>Gk6neC~ZtL)Xjp8HB9+5x))Anl?(>MN%X#AUYE_MF0sL0W=8!MoFOdU!SxO zf5NU}ES#v}^&?k&nprE|KQAh-ne2^{x65m4vpItqX{^_gR5FPqBwVlT)+F<%->#cF zD|csQw&*%FCZ<4UMQ7dRDqa_A+PVGagdj>nC1k~%a6o`-A{KY+sZJjrB5w86V9Tf| znR$6zbP|A_sKq?oVNDYl|H^ft;b4NxbAxxSRb`AhDHH)HMa09Yf-p}-MFWpuYB;ja zrI!DVZhv{0g>FBZH@jd8crVXLjX0#xCB0|{0K0h&2TQYK3&aF0j}52*-7OKbI#|aT zu#+V4Kz(g`C}dwHP%Qvd$ol~iaU1f6BP&K+yIEWgKMSz3+imBFYF?2P9-7bc5+t%( zB&v*NSkP@tCDz42V2m7s0VF3997mYHlG@04!)R9c329a}LXG!FIj4izs3q;Jqy&AZ z$E5{117yUfQQtCQwc$oacHGz<{vGjX`oNYg+JK&QoSx+?Ffub8v)xd-cx?;Ngm~>; zX*(UE)9r(XRSMwg#Ep?eYp~NJGZWGITlUa#EMsYThP@@mjwxCM6DlN)lv)e?)2$?S zkN|8Q5*Q`}Z#yl%n$c|WIrUje zIhrh_5#%sEyc880o{+%9Rbz##Y(aQ#a7|g1pWSU8adbA$%RT{;n9PoF;m5(aflalA zZAU2Wh!i(j$&O5{D2`G!;OiN)9Yy0CCCVGqMF!Cyqp06=;DP+0^3&vauFLKzCkI#? zGw8`T4sARKw3sg0UF17f96)tCY4@xUiIVw_fRZ_=67^^Hfkir}8~%gl?4o>2G;qE~ zns<~MIj*E4;=D1}YeZ9vCLNuCJR(#E95CF+%&+y+2A!7|#(sTOQ^yGLmrV-rz=lMcS$ghHm>GzOd|?@HEJ)Ux?H4Z`nk-iflGG)wPZR~5se&=>-@t)N z`GYE2+52#-LV9A;m#-2(3yV}6PppOt9kBgFzT)G{ z?<1C1?GuYMRpnlt-!US;gS=i|K26$n_|U`>QL46Jhi*8Sg+J}wu2OODGXoE&xR+kK zQHG{M&aSkNVG;d496G(K+VLgAF1C-{vGa%-oT%riNC0j#p0FTZF+v9uTcpXX)YQo8 zAnpUNm_+!jz0SJuU;88~SeeSXN|P&CM$YgUaHA$vB+eyeOAPXBP9_b3lhdPoqFZ0j z7lT3n_f?wl^{p3s#9H-wTea{QYAY$jig#Z&{WdFlBAKwifIK?UXR-qH^r3g_ykh5Y z9CNDj8f~-1CaeOd=M<2;Iyd)N5ku(Gsz~K`^OJKD^eSe^&Rksg%)Y4)q29Z>p;B_+ z!tw4~w(6O@ivLqHmMoV?!sgGIuaej&)P9Vs9I|%EnVWEqUB!;KX}WJ@Run*0^$t`e z5E2R-_c`TNp8>d3yHcQGiR$Q&Fd#758;U!1F;KpwrWnZ$--SDx4cUC93TunAX5JYu9FvejAPbCx(p`oM? z<(aveeW$xfw>EtB+DtEig*OA-nVdEzYIFqiR-n^RC14>_V}wVgDGQ9P@Oc8LdDhn& z@}?%ZI2x7J1(*kyd)Nar6*-+N?>P6&^KyDoYvzdAA|fTmKoXc%fZ*=tx7*)w6L1I? zcbiM?RvIkv?YZuew2%+=kHHW;eM}5Mn-hHNE1n?(sq_P;NrW?-;7b?Oa#Y>aI)z0@ zmNnZzi2y!6t=p1QmxN_Vph)Iyz#P0_gw=UW00y!cX6PcG-4Y3l%#XvqY(C zHQgsbH9(mP0I>`q2ww%gz>Y{u-whlo;Su)r8ZR>9$lgou&NyEnbLL7u!0A|eNS@D& zCK7Z^6(Ep^n^4Rp1<4L+{lZTc#RVZii6t z*a;SbrtJ`Y@#`X|wMEDV+pNxvB9G?^vZbP|r2)cl`B7yO8KM@4BM=NKx$lQtGO;Fm zYc79XdwZ$!fTC3rCo9EP$un=cebQN^p$UXeYphS@xlm=6CtxCT_O_?`DrdUAy>(3gK30um=yC)kms}=`HerOzx`|qx-a}SO6Y(+Ihu_t zWqeFpZJEMVPV6da@+KJP5D2c&j{KOz0}lg;5!LXodHM0_N-c%M6fOau1ha|_e&&oY z#pq0D+GoG1+>1b06I24Zu4@IH8s?-7fh=#*-WxSE%bZG&N%l>su`QE=r-`h1Se!Ka zdpPzv!#&1;(m-y|I2@u3e5{rEA9jlB^Mxw1bNt*E$0>;MSi85=`*j@<4s|vds!BIx zdlxuD4_Ya1K8xK>uwH0@W_+~7j+Rxalvz^I#TBGM;fRve$3_ba zr2^#v;9@2P`-TDvkCe?9{W)35V9G7iaC9-_q8*3*E3~X_mJ1wNux}E$Ot)tUl(sUw zBfU`G_dQu*jTBr7JfBzegl*(yD+x{T%It5 z0#_u3ZH8^OyMhdJ0nL6p@K)Bi&YppGc9=#9ZrnxzsdApVr|oVfwBYX{O44)Le?xOU(A+#L$vGiL`6MIi``aX z0SZkRr;3vVdIk(<(;3K>Jq%B%;+qo;%?Wj4bbG^5qnV~8-iGLYV0Jo$K8RRC`yoyL z2|yzWM#H-=kBp;(|1Or_{ZAye6Q_P`id%C>A%jD8tt3bryMQL>P)7a_qBii=3CZ0e z!G*SWM4QY312?6j6@*(>Th*vfNvpy9f79SWDMcZFTCtU0n09<3izN>hA}Z^fGNC5` za6SJCaPhgzzPZMzYW~A67v&w79pwXyd6g)Vn^6NVMDSYgx5q;KES_lzQw{J(d?Tos z1&a3HBoJDaF0-Gg|A;sE(Lxt=i**l+#iVcjt^dmHJ}>``$eogJ(NF8**d`TC%sV497F<5!t$t)(j%kaMb#<|wT}ufU%URCk zt$}J+iZeLsPWKU-9AUe0IkH$PwDSNSQml6wardxV)-dO~=%M=Kq$%2UrSTGrx@cML zBO4Z2sftWs9*&qsV4D{l$0DU>v+{NIj#ud_n{hP z`!C+ILpV$k<+40vMGhs{enBW$&MQ0PS3$uewO4xN9pZHNEWT(B;Q2@a1HIWW>sFB3 zuTq3Ott@{g6aYG%lXeoh>{+{pv!mD!_OG|F_joJ%9xS-FFmIr9K>IcKkw}Ureh!ab zHUN!JWf+L9l?PZb9#&~5>gdLuzLS&d)?aJja?i~By=3Threp6GN&TUN1*Uc3GeGPD z8!ti6F1_a&R7;PW4a?j-l^VI_&382NAU#qjRTO^rEz!zgzObc0ZYN63OA#Ry8*6T} z^>3zxmKXiWm9)ZXhiZFyNwrL2fOv#bY3~S`QrTX6FNr7)?7wbfd^b#M$>Bv5 z>@&5_K|Yh)&0Ikjg;9bHS(TA~mneAxb|819h$~hY`uo=(<}9rzpV-BYL}a3}{r>P| zn8~*@HW>xweN?=*&4&abmi-idj)J5h4ScMY6ZFTxSs1$3zpW(akXB-v znR)5G`aST=12_963Vxk#xbow!&0p9HvdPGkE;uP_pny(&Ho=>6r_?^J*L|H)iVZegluxAmepED zzG>B*nBx=n)8-PxN0bRyhfI}~!IK1}sbcR3PsLQD#c3@SVKx3XF+PbNl2GY(K9SEG zOeqgZoX%ozl!ymJkqtX^h9gNE2a)$FVXNCsuv4;2kEnN#&RQl(MiX-b1yNzdbe`rV z`{Q=akava2Md(pzm`uW|!xx583_2cfaXc~|*Wm1vocBADb#Z;0GM&QI6xY0@WQs0P zk}z;t%|#UAOv!qg`8V@rE8l7qr12osFG->(fEQ+&K1U6L=2fKvqnsn&(c@6$!(msk z;KEs3_-LSOgf>-`@$~}W#?6PKkbd`MX3D(!0{{zb%8_ybcRMoqNU0?!)mLt{xT(ZZd579R7n$&AhUV=^tku3VQMqLP^6xTqZX$UI&n0L$gp{t3Vgi3BEX z*A62~R*mpIS~VJl{5gmth>mAkV#43gi%1z5LMQEn-3G*E$*Q`4bzKVVj6StU@yBZN zAqfnxm+~|GsJnNaEoQ45-Ha(oc?v%W>Ze?O`?$J!PCCBaL#^zz%8fe4!F9@quZ;jw zs8=H9)fQ9%n3IJwMVUY2T)kaJdMJJDw|d_A4;z|g`gg&N8B@bF_lQd@e>{tI%0Fv^u#p7EkpWB6>0)(N z!9&8K@w(ZNdp_Y?Tj+1?-7hwGX@d^q6H}2Go)onFE z3^o1_$NEk5FtW5ZJe*o0MI!YBA;!2YwY_oqo!j$NG+HMPLQMdQ+A=r7^J52y-`P&4 zxwU)7Dt}HPw|KI!`$>n9raE^c{bCPhHs6%o=PR4=NxO%BXD%$%$}H8OQf5?P2uKTo zm>P%1mLb!UJ-vupi39-9HGT0X>>mbJn7TIi_g?d`R7VAee_!u38lqzS;#m<;09DbP$D|xY6uI$;9QGwKh}m6Wy;R$_SSZE!Q;mDb^elC%JDH2>VHok7 zg4o$+T&(?uyA^M)n~d!tr}s8Smty|y$Ycv5rOK9xz9uT8*{_R%a^vD4LI424aLJRJ z_!{;X4$Zw73ERy>&=cTedgVq@yyINgG}Gffr(TC5#YW!CJ}uZx@I77Z;qMpP1_)?P z6hSJ5uBr9Ald>u%U77e)kYEA}Ou}SGe0|pbN7f4$9Ii^{izV}KZ)m6sR1+3( z5GQ)P0z|gN%TT_Uz8sGJHP4oa35{8~u!;04PMD|1#A&Rh`~?5C@)MxNJBm`n*D%() zV}0k-_hfvZ#>Dg0k{=hrZ{~h-+LsyMrnzu)H_BZ%%E-tqZ=G_jpYWfZuupk=``8Ye zi!a@Od)d)|Q7b}F2XDEFak@B$bb+rs`ArQd?m^_6@fh;Ln>N^`raKe!cf;qT?=7U@kdf#&Xj?7E%XCV3B z$vg9N!(Q)-<{&RW>*LFt(I%ct`@u+N`mfybuSxGM z2P4Mb{VPr0Phn2kZBfRDs>O8#1tIL0oN%l|*WuX+U-Ze=1{UG#s(ieU>udeQTMjZT zF(?ZahSpwZ3Q7BZA(1|V@QgcOP)}-p^&U5aI{{YPHnV08(`#>V2psrL)5Wf!&Qd@n zb&5k(Pk*l9b8uy;oRw(qI&olkD_N7HXd}7D1B(n^TOntK-j63e)J8qW-aOLT(z{gi z+>i^GidA>w!i$eGBbrLOwsOs(8|q}YlOxrljGV$2cpSg%tL(fNB0I_(R^k}A*Yrd@ zWYkN1E$~PWIq@sBQYMA8{ues=-!SDr`=yYusIXHuy_oCgPnMBphcQR#UIhjDBCGje zgWz)dsO@niIDux3dP8C@$9;66>^y0-F`HtPI2v;XKhDN^%tA%*U1ZQyPNPvJO})hd zC$=VTI?AtrW0Uc;(H}Q9rE~`_lvC^a7m7PU4JlQ6A&wjUg@>AQEI?f)Fzq5UF`U4O zP{h*UvI~tUc0Bjsfs}D+`WTM|>XfYXFJjAO7mSDU49>@PtY})REOnBCmCpPeMK#5^ z(Mms7wnRp{(kvMbIJi~HX`LONWbB6Q{3XLdWQLTkgUmgZ3*9SR1~inXs2SVe3SNfn4 z+%(Ov@Xf!Gn3PaUpxbej%u+^s4UQfJ_j2 z@JlMHR0kUZlS8Ji50Zcn`^xl{%N(A8d@S7!%RMz;l5IzG9N3y~a2Ts)oQ>7zFfDQr z*;~$Q#WOa0YNrhdXXR1LvlDisazr51Ac^%V+NC`xG#;4XmR%z}0OtNAYcnWj5FN*d}^GtJp@S(-rC^#LSTsWC;O#A#9;caRE$u z$k%0J5TvB0HH*hL9X-deZi?x~jEU$d*qrwpf8fp#Vvt`%Wp*%i>pmQLfol*E0F%0; z7>NgtGF!|$WjAJNaACuBT)x*##679n7%?QEtJ^do5*9n-$OIdT1Tuw;*^$7u1f{rXksee&9uA4m>v%<^*Y-q`u`zv z8ed+j-|+=_3C(TnDefUm?FXgpkug-?I_SE7(|jdwp&g?uwzf7{VyGOf}Ggrrq3l~p?$WiNHi9vJzUvvg6g zv3T^yo86^}k+v=KZ)&DX)7Db;hWFj#Kz~r${Q+%sluj~N@|{%3+){@b8_(s!g^C$PEmpRb2EfSJ%Iw~RCMjYD=Ky87N;24Qt(cTZ z;H10sDe?f{FCSHby}atentoR=7~J8i0b?#Z*q2c6Tm6;+6pFQ#khi;MdYNZIjXx_XQZiLY-m-=)zmLmt}4)Z&vu^@OMlTbd?~yH z4z|q9%Qs@+-RKw#r2ZC)xD7P-tB9`of@fC}#~W>Ig`R1f*r~vbsP-@0e^iS@J|Is>6B&3(8qq?0Y|!y8W+(d`q-~EP@7H z*B0tL33Mx0QbKTZMk4ViI6y3vGDLffckAm?`$hC@Sz_OtsCIBuJt!6mBL=GTfcSiY zF}~h|A0LcOSM(aTryMeBHg{NM1vWc(tX(1^OPIgl4bQ~xD^gI;Y($C9@mqgBm*WN! zO-`!J#aZMW3Jc+;5Pvs~>gf{Z{=xkOh<)pLnj8_M76X}a-&p*7rZoF3WYs$mxq>(e z#QJbQndD=+y}Emqnc7a+sYmen#9=|_63BaCvrSw;dy~#~(_<#H-c{PB$~ify9T6Y1 z)AnhW{%Z!y%;WEOq~S%vOMZS_7(2AfJcyPn_|PQNKfq{Ik-QUETtG~2FF>rI*K zj`IZnPtJ{X@hxh&M|`PH9|2?6^Y56;v8Q*;ZO%JG0T8QHfgD*7k2j44(ZC|jbD>?N z;Z-a5$Dm&uprB^|QTq+y32=D?k^0XkJ_IX`tq6+P<+Mie8TYv<8fzncX%Nom$ zkIfAb4SR04(^G3&)<#5So;Ctd443|LS(@scRsKq;T;rMiq|nN^ituH&VF8kt;%PbB zUB04s$)eY6yPZt)yVS~bu*zhmq6$oJLd?Zp;STw$v~ZsJ!pyEx2~96dCHf>M#UHoH z$GQpQ3BU~%Xn-?|@s#b*a6S^WVB!^YjNpWOwXZZI$azd-TFz;JL;1PyfFh(Ag{e6C zVp7=Z&GI-4k zC=#tW?hofPZ)sley9QqOl~x1}aPodO71~jhIMbpNxvQ$W*k<<=pw(fSrJi~aX$-U~ zC%WSPdZQ08$l?DJ=Q zc5RT-PM+BpoBGJtrOckG zt6<)Jrg>vQGfv!{QAF*!CyPv~A&_fgy~mouT?uvOB11?RKSf!a+tb+%y(&)BTE)L+ zQYftO@L8fC8yeY*h>C16UQZJp-J9GtGX(3zd>drj*M(?%f%z43wW88dRF$+~hk~dM zL(#~Z@4v>yT1V?vMWE3H(ZMrh0G?ww`SSqEUS?AQtud&!3;C!cZ&&=czJ&NE045!s zm5|z}0S_0F)4yJ3e_5iJj2ry5ji-3YVJhcpE)l=1mfuyG)Rh)&7IgpK;jbi`{Od$O z7-hi0Qc6rnw6^0|XC7MgsF(I&48Fp;|FkyBcJ>HMcwpt^{Ns4{ zkiy{i6CkGSh$J#xeaEcQibbk}pn6Gl{5Y~Ads2-*GJSA&J3S-poOeM*l~Y(orHUX(e5Qq+&dx%1+ic?-HQ+!_?YQ9lph#B;+ez!Si)@rP|@_#u=LOnG8>8Tj~f zxT5iSrn664T(@SlNfCC%y&Zg%qQR4;n1d7Y~W1Y+>uSvzw&FUu^2RuMQQ?@Qtpm zwHYI2`FdPntxr7xI6B<#-?YOQ>robqiQM{oeUw|TsDdvxV)TA()?;&fH;_G$*@ATM(6JWwNxZ6RxFHzy0C-$T#7{pJLO zJ1&oFM=|x%3cf!_ar|5&WYw=@+yON?r!e*430;T12`le{zM}ZsHz~Nm7A4CaerR7^ z0Z1=~=8;OGZ#j;Y|E=uf?M;uK@doOhsdOMq{$g5#hf_fj7Srd z*w$CW(XMB$6=*~_h#xsD`s0rv@3!s}AU>3dJ$0LfEFoA>Z*}#nuw=t7_I!7B9!S1S zK9fqArHdI7_L%6>(unL|{Pvw->EBQ8D8ST3INt7I_oez010!7e)@5V;6UD)#SvgKM zHjvAPCHfwA;F^O@B&a|G{=^KNKHpgfH<-vi$zgz57pvz~{Nw1eTAZj~B93WSTRvWe zW+q34ng+83wMu&6wDbiIRf%6-xvu4J**>wa6n-hWc}thvEcfBK2GnG+E^n@rq%Bqs z6bI=@W)$$TKRKOKCmF025`B9s5ZNaIhXCRWo56cVnlH5Jim%Xkybl7}V;P|zr4x+I z1&C2^&-J?4?33GK_ao-_5L#l)8*&JcQdA^H^n(jf)A>-r`G}c&yn`jQ6M|ZILm`eQ zV$X{hiN1!cHB|!#jI{-`5k3^xPUAyic&|mc?u>GcDodxWWFJxY+Q_YnalZ9|JZs7z zj*AxwN0bo?f(#Q^=wyWhvcmYs#2D77BQ5;SKymK-Kg<~)`z%;0L*7?!;VG=oxVu^i z9!?@f4>Z61lSbhZ^G=?~Xt54Yy@@nX1~?M(5cIB?uZ*UYjTt+8-2UbK6Yu>qwof5puzgeDhLU=mL$!fp z=O{&IU=@*smH{M}In>#s_MWD(00G=^(35zDgE$aTFA)O`{@BvcIEQn5c_lE$#|(14 zFY6SBs2O{Yr=MsaH+m;Wekd%9e@DQ0Qr12MCAVE2mF(U0y{OYN=(@9JfJ|x=dI;^t zDX2J6gzaJ+M8y=faBziPGk5of$ zU2nwUZ%+RNc<`Qewx*cAvK>(zP~}O=%~9RRa1wK@BaIez`$5OxsXD}Pvs#u^qLK$M ze#mTFmdtKUo21EAfQ>llbL+5wi^55L_dP>DdznLSnR&6V8U)fYg^KR zhd*J_H`HkPqpV#&f(S>mu&9q$O&bO}03j+FTOT_$q;;%C#>>J?Jpa=uYb`ih@FAlZc$hU2urU{CHU$$2l+ z8^pjq`FlX4GRIF%idmW=AKjS@v4kmD1BX%oRY&i&rhA25watf+N#6w12EyaPY4J}x z`yJ}9&FOwPl*jMq3E!o8P+sv(AiuqI0&<3Q^zt&(0H}l_0t1A4kz3fXG?9OK$$jh9 z57JITJSr&V(3nvb^y$fInW|YT);WLeYq4zmIyTF0SUP2_VZdopZ2(K(&wk+=f^q9Eh8Du)%kY+yS7q=CcDnq!9 zEVv;=F~6soGajhz%CXiR1X7w*A240q;_rGwo&e}II_}qe+464=9>e(BQT}WVJOM&o zuv1dELpnU|28SLAcu@UoX?4c4oMw$X1$GLa02mCI;>*Aa)&Hyj_AKpJa{1DH`}FRW zxY8G0f1b_e3!$Mqq*FJO4^{f3CHoLtU8WYzaT;b&5si#fW+bsJwt0zGdT?18fCM{; z=mn#L7-GweWFXLOvcCostg9AsG_A3}ZmjJmfma-4(OJIEti@kz0%6w4bU4zZq*D`;DrK~v?` z9!?4P))y?$Ji6of!@<31^I$yj%j;j2JAy?;yWxq|no6vDWEta`-wm53>$K63&y~;_ zG;jp2V#+%UmcFiBoOIA&`oweG`n^x>hQZbiLJj zOB!ND0`WG_TjQOzQoBlPzPyLi8dTHHBEb0=k(dgFdGYislTmdA171Mogi3(RJNW9* zul<@B&4yETtX#1znBh1vXIYBpEl@!d$?|7}e-&fO<1lv6rl=J-$GHw0O_L_t!@Zv< zc6Bo+XrdzQATdR+-QXJ*9Mr;YE5(Y{gWyBdtvgVlYX#3TLtldg4jc|nxKo$7>xPHh zw#ycfe7v=|YC`a=l1;yKW}}?Ur6PC0Em=A;_}xv~q^Q}OoVH{2gojTnJ;2tJ%9j}o zU;jCHS}|X-{2Fb^Sh<_x!e(QQaXKwr}6Pu@~ zY{3-!)U#=6Z_i=UYy^uDCXyeMqQ$Al*0649O5luoh)xE5vzZ3Sgn?1f+_0^(jQtz+V#7}KSx|uk)o)0c@7DU7B zSD^s7uW~sr-Q> z%H{bN*W{nZUgL$)v#KxP+|Hh*YdzlXSvX!}=7@R+bY^YGul*!iah$=cy{X`w-4Wq} zT#UnEUxxb1*y^R4vvfu9JeNq83EAXwp68P1nlAa-+F+(-_<^wuDUBP9*@}l)i4iwJ z0-&O?q$(rwJeP2{BbK(upls|M(eDhZLFPKk_45KAH+sJg=S_VEiGerpUe}UJVc0tdBlb+K#Mi)hU+~o4URnOY+6GiXg85MIX zm22ylfXUEZV3=^#;T*mehI%gocF#13tY>iRIo{dpw3c%Cw)Nw1-K^%K$Z7Kj62tdE z42@AUT>)BVRmTOHx3-GD}_&GjXn zIdDY!ysSrjZnchvB*%67Ax8kf-$6BbQt#$SxDJ^#F(F>S4tBnH_Lg=L?wXixGO0!f zOQ=`24)rb0Dim%W;e02jf22~4`EM5aAD)*nwI=}lb1-rX%)iJSvh)N9A}ER}**ZD! zkZtZ+s}-*gnuv?mkX`pHM(T9vfrK{QCv|OB`J5}aW?P- z4V>bW(`kKP&c7+!Z)Xb2-?uMAGOH}9$t<`@hGp|RWk6&t<4|ZqIPA1Rea{aNP*G7I z=KX%T!n#4qA^*BEA2B!nyCi4&eP^_e9+8F zRM`0e4)#I0F6nRC>CLaik12sw@mTU)5rd1aG7e`sJ1a4?eC6wCt;~Bc#2F@UNgbvb zWQ5~Z6lmuYK;Yx$k+a3W-fuTx2? zY%Bj$!V`XEhUuh0(irNVedbnn5-G(OE;VYZ#VCm~*FWL5m`T$cL?Z}rgKFpiRHFPw zzKG0IiQ@kU)DtW`obq3#o-EML?{Tae-o2KnE2WOR8h)=n)6_u zeZX;q1UBY0r=h(8Ala?lG3n3M)$-}Quc%(qy>HOboRbk8rLnva*i9(m%Y#SJC{l;I z!GE83o0IIlgu{ca(0SQccy)9*8B=Yr#k`e-XRaSqgeRu{w*;4)5RL*#am{kv>yH%| zo%7%PoLp!kQJLo40mIKJkOuE5HHua?FZk=$NsH~gwt1Ed>7&cfpO0KsZB^B5L#-ti z-|xMJ4^l`k2=M}+09(qQ{(lSnhCB}rT0=%SoIN)BIrT&=5eRXycQVMzTAh;=(}xjb zQ0*82aGc72x50!O8)f=4pEE0>d{Z<(!Tc-jvaY$~#va6PTeaE_j(6gCV}}=2gKcaY zXz4%kK$(YTnQ=8@t46e{`HEasEEsYJBj7WO@R+p$akE5G_SfqgmOjkqbg_5l4AWdv z^Ko84B+%bk8~2C51*|woAk{oJS&V6bMkLVuc=40KDnZK|?2?+~Qq~ndgWV>jBvb|~ z9l_2aYH3a2V=sDWKa}2GJy&SWCVZo@qu6RG_T8+p#|*TRDq6y|u)fu`kDn$T)SH@v z=fSTrXEUz1eSV*O<&b*2*F;no5&JH?i07wI$}`H^s&n11>}Mzg35F~Hm!04*;NWm! zG7_8>-OphI-VdbO#4x=J)k+s5Ij4=fLmd4=Mj;-zI+qe$fS5F62)ES&`@H42FMmL| zX>wVBS1*ft#Ke8~UlCX}|8VM`2!g5eoke-o`>#rw(&#?Hm?rONDwr#c% z>2IQHSO2bE(;w9ab1fnO<5o)2v|olC+mFL39~NGDQ zJ-ufdYmhDfCKP2NLJrrt^%dQ)RP{D7p>9k+E65Q_Q=~t+0FQ=A{??(N1l4U(qRoY@ z$Vav@XCFv*_2(Ts>%sI!B0XIcqQU_)X^3DLz?gc~SVm$s;2lC~9P?Rf;xu8Hs5_W~ zf?>ABDywuH>+f9+1Fk8wCtH)2;5W)beoriPi)@|Hax%wy_lzajc)BOlo}n@XCk;xL zOBBSG^~C&2S@lDi&#N- z<7p@`XeOA&d15Zlj$r;x+KtSz&k-;(FmpIHh&ov#z?|q`^`~$gZmFShL5x?@lnz}) zi!{d(mYUc`hFbF8NuOr{_mS|IqGx4_zvgL$FW(dL8RxN{kug+tC;kpHyi1g< zw|sS+n8jV)-gCliy(8+U;f8wBDmCD54yA>S33`kgUAv@)7P7L?9R(!nIN3BD!{JC2 z&^t!r$bUKOgCL_BJoI%%}q zJZXNO)GTYGs;$4L0E!gsTk&1DGt@sawWNZ0v(49&0GPD&%55qa98biQ#W_Z|{ z5fL|E4Ue^I{sWGOZ>XcTIGEwKZazMJ>FY1-Y(R_{QDo#$H-^0DUQU{@R)G1O?5i`{ zVv@a6nFrzlTm5~(5b+ID%zBE9&d=dK9qW_)H)uH4;(yGfFq)4IJDPa>J#x7i?G(QmoYZ!v7!q ziN5chYqpzfEHogtn!;~zt(KtCEW$%Kf6vD(EpcfQq0J+7q=~CVj?#`19M=(%+B6&9 zE>YD18ej9%{;9Pc7c_fsTv^P-d?0gNcBP#O z`+^=g2Uto}ZG8H4+ai1jr;>9dwg#sP2`Z``JpSWsgXLE$ zCpMa9)>Fs1kowG)@WwRH1L}m&^^sJCjcJO#>DbVNz&Y1%1rUDZC^x`6V@_4ixBaXd z?&}VWjuBUaM9HozV<^_LnJoCOK#2)9Ge?~iYV0(y;smFJVsiy7FFX8IdJ)Z^bR1`@ zQrBUdb~8~b+zkQEJ@ki}!=GJ$V}VOqf79W_K0qA!_7m+^bt`mLyD*a#bdn()cF3G} z*D4kj7TNubg3~V9BZ46+7G%R55fQOAwx;IRj2!ozcto&MiXRVAoXK@b&8)7&(x%j> zLzw%n(FgD)7N@lUq0Sr>b+M*W8FS2Svs@(>(!ENrPP{fkE-)=Eu9cpGuGlq51^MeL z>T%7|U-;_zN^kFrj_&sFdgsEIxxb>WV|FiXVy49^D%vTc>!Vn;&;Gc?jb#cB`(q0Z z+8o8))eM<#=4AXLegX{F%@G9)Y?a1Fj^49vLJ?5?fMMJwWfeq6uq@Tlh#fXq_XKv6)8%~5IG zYHqSmwUkB;rcpr*QOHjPh@B&5*8ikN}7tlB~LNU(N&JNnk2mgGI3g{q0UL6G+c5 z_ko9zWyEo*nRV6Jvu*mOX=oA4u#GXkIv<|ey0dL`i7?MoOKNmxs>;t5RvB-U2ody- z`X9W#byU=CyY@eHcQ*_$ba$vAGc*VTLl4po5(B6p-JO!+&?#L5s7QBrDM+WHh#2^e z`-vO(yYJ`y?SFo2&0?)%7pI7$PVebR)R<}u^q7M^7?Uq$v zgyI8o_xy^WdLyg^1+y*uZZO$U>~5sHXUy3rf*@bFwn;Mjhs&cRYVh`jNmL0Jr^D>C z^z^nB!LHS)<2>qGme?U+RbGfTrk7|)HiGf6L(lVMJBY|T>9IfA?OLjq;u?)2O8eE# zSX&uST^UgfGwQ*WcZqs(nuKf>MtaB;mmKQ1)35$NSFf9gZXy^2$i$h)S=ryhzLgtKg%qK9ImUu4W`OIC^!;u5q^ zj2vy!0_){%3cHg?ZPN7tvQe4g&I6UkuNRs!LK+Nr-U^t4;~j%A7v;t@FdSzUQUphf zl*<+0?qRi%i?vASlKM$R<$V^y=%*t!i}FvN&-LNo31@<-HtJ5BLDUAEs(W9-Zks&Q zHSJ3rvISuRxF{B03%A?7+%Dd&i4`ox3;=qZ`}kLlGwDFJxa{o)R8rIi0`211%OY@; z>zO=?m~<8}rsn^!Yq{o$2RXI02alre^KR%jB^PZqTx9bXld<}{W~-`h&sIqC+aDgu zM{!_P8vtSe(He6-8#?t~62ZcdOqy|<6}}2(bqw(gwlz$BtkXGdg~Up5Arb?Oy&6F@ zx+V~u;bI=Mmggs**|`1A?IEs{v@H{ftJa!0QKx6cvFE`k?IG7%qz;Y}l^8)qg*^Sc zoCx_~GF1!jEbfy`j~Kjq&2*X(}X7BGJCeoXJl63eQ9hoiM4iLY_nfbKPp+~AECmG7f1;u!aVnZ^%Jnc50yl?bz zdciLze*wnQeAwlnYG56BAZt&_f|%E6H+Mz-VOg|}v9AmKG*hpeyW zAKzS$J#$C=-{!`@?z#B{(PHV1r;9G+_>}(Zru^Q>frG%1{b`0%etJn#2MKY5vb_O& z2>lMIGXe=@jKK|k5g>3?hp-PQ+RSTj!jko!_!;r-*2HtXZWUFK&>WK;0TY!|QtK?N2%*1?ydF91f@}tC zu(desj5Mt`e{9jGkYLh2iA`{%YMua!?ke8da)m!WSw$Emt-pVEkdqy|!5P@M$B?)s zA(2^7YGLwC(BYorC0TD)c|g9w&vTnPzqDJO1|A^xhsi3@#5FCwnGH=#&Bw8`x7{Y$ zUb}4iy?bM=FZon)q*Q%Z7-^6r1t?+%ssP+sVY8LeH(^@M7n7QS(Z|>0UlRvmW&}^V zrl)1|U%!3USnAdi?F7v2QO0E6PH6}4U_FY^#AAHelSXQ24&8~J}kljGUaBGfII9eJf6!kl5X4H zVcdAc7BtX|%{`9Rq!QUj5m8h9tc3tZ;&t@@Uhu77fDtT_2dW#UIL&)hln-N#7r3j8 z?2^?-`EJ|2wNM-g%Qce~!^%xz9?r*CGAXK{C)TTd`?~Q-YyzhS_v1C4B}6EtgbTpF z;I{EEz`C?sHiI!C*&KMpHW=o;q56)$ck9C?t--jSw_oO>XHAMyPFz3dQuZ7LAGyw^ zl(>LkVaNzCRz*q~5F+bFg?~4A*uO_rDZJJG+^)YjT`Z&dJ8e8<2vSGd95^SDvdeXg zWmOFbi$Q>UY%z33;kS?gTaVLO8;hE;qAp|V#nCM8BcP9{-}k7ZI|r%F0rucK^M=Jg zt<9on-Zc@u|KW<|{I)%dc3p;A0m8X9nKo<_)`%aP1kNxdR>{k?!w#v49dG~M2lhAe zAjKeN%VHNIGIiu#x_s}LxT;ct%6LE~IDh+*GLjw)h4}4wgTO`De0dptybo>{HoYef z^&Z!nuw6^09+3ao8j7=w>dd1ACt zf6*&qQdMJHXW>%0`pKwDmR|SmCEt@fi)eQtpQhfwZ-3vTsA~R?&E)@b@!+;3=V;f5 zA|fuPGQOwl>IkbjGwJDcr0MFe*L`UN54Vwji=-f2cGc{=wR>6d3(%#TwYKq1*fLmS zF&GiheA&V1`ePzz#xJ@>A#%AfAv-8VSm6~|J;+%+brKxa^aMM4$9}=&cmfc zC!8(>ZBUKj)t2jp{T%5nHoYPab0KGw=&p?mw#(R=?|E+_qmu{nXQ#=21(zy1!8xKjeO8{5v`?2ff+{*Dd!YlZG5{WEnf{A!0Fbf-~gR)&qmnm1mK;{Kuj&QgwrlD_lCGdRf;5U z4R9$eC#c>q@SDs1eJ&r|2K^J8WuAskN%eK~a|1{4QWyU0rjghz-#@&+f^+$;3R)p_ z`cTGSF*0}kE31Q0xSWi;A3Y9eBEvJ6(1UzMVPbs92@}Ztsvbaj^khL1Qgh^YVm>#q z@P4oBgi2vzIVQ1~B7aQvy!e2XZ3bbU<>6c$kbb@*lbwj_8#`0@NTr~{2dx!+LMy@3 z^gViWbe<6!L`asoURg%*1Fer_Y{x#B)$uzeU(`{7--$7-j$QuBH$f|L&&wfO-P`Nu zoALcx_1baUeCJN5q}+XZ*B`hQ#>r3qzM2a)_+E#(Ro&yPReDk{)<#&0St*Bm(FaZo zVUr|1$eD%RjVdnGwWX_h+)S|$s!6K6bslst;s=XF`up~{;mTVav&rG{@IIBE&Y;?^ z=Dst|1wBn@CWK_?l#qV5r$xl;oNX#(1E3tXDRsQ(hpeK?%3NwQg z8N!RgR#Nfx%|v(!|ImQT`;DZ5ekDaV9Qwi0%yU#uoaP|s4-#v7B5 zQDV)dW%uubtKLm-@^8o2EYrZmL)Oaq2!T1+TTqWRE8!3j3ugGEN+Vke;`p%U!-Zdf zhx*qO7v*aA&H&ekXln5<3`$Sm8RZmz;6k;Xgp`PzvT4@>z}P$x^?=1lZzs>~roRJO18- zMbgW5D<>H9;L#DB7mqtXS1FNFIHVY{ouArScj6gq;K_Lr*CW+9cYDfb02^EL*s+HA zzWk1<22Tm17LuxN;IVl)+U8#FIbOjYSBb=39Klvvp@SFZ-2gZ$_?!PQkC|F%q?}go zm=6Finu}gsRg1slqROz@&B$yK1OeL*;lkJbe9rg_9p%|VrIXMz(c;o#=V?;N= z7xZqE31<-D`)ZIe@NklOCH+ZX+t!}t%V(X;{lSCzuOX6YI`n(yUoK^L#S(0O0eJNQ zEZELBX&$ur2CcneXS+$W;BF=tjJ*y;bY0YDV5Lpyu&c(>Dd~53>#DCWerX3+wo`oT zw`N>+VRMpukBQ0cC$WGl^31!YBz;ES7&uhI*XDU)zuG$6?l4CVF`UA3-N9scC#szq zzx>NdWQbNlZyJ#P*G?kk`v3Pu;)bW_|0<=8)5LVsUXiomBXWnq&w?jQB=|NOPm z_=czmySchSj8P~G_zW($du*Y&8Adx?CfV;Z_u1H349iP@Z&eR%Xfm8L)xqxOYz}Wm zf>;PKIdYo32V^_y-biw%2Q@s;b4tf4u@~Fkw&C$uED=m|=|D_Nszc*Wu|s^K$_zCb zv%9gbZd^kO{XA}uKHLrJYcFmO3Qg`v(MNd5+1%HlSzocXYtV+Y@l*|n=fRUc%9aUz z$%4jYW4XU~aE<(0_B2dU**uB6%!2o;yOIkR8raZNE6HXSE^;^E$$0B!!DjuLjO#lX z)7b4!#FL%}l*%}K32h7uS_rIl=(Lmrfo^S-)Vcr9Ep}eZg?%x?9d+!%YWNWZ!#?CD&)q);232NDjE)bc%5=y z=(($OpGtWQ)ZeiPpGVLN@qxsmD8vQn`H$tocC4t#L_5L}V?2j?2S(*=UW3*a<0;~n zTrM-38}0YVY$fk%=5>I?>suxvsMzzi37$AOK;p&Pa8C; zHM`7d5|+&tD3ZR^0ePLW=9=+2Mda0hOl1h@vg6-*Z4<=Uv>#GTl>v_8ZuUFI-f2xZ za$5Ze4qm$(GqUD4W>>rk&ZD9ulGcG>mtH#&B*^2C_HzIXNWvG4TDyL zG?cohXvvdO=~+PF^omWM^3hcH9TUUezbBrHPdV zx)~tRWt$|>S5rcjMq>m=9h)zmTyE$|4>t7#b?414Orc3m=8xW3!IUIb)QhWOj)vn; zTw9bRP9=oV_uBnZh6PWi6Ffzk!S9fO&^RU)r`XzNLSy=m(w`y~bFz*5z*N$TezJEHrHtn=(ZLO;k^d&%TG2 zMq(S;5J?c+UG*GQ;?)P0;(n72#Fh1Rr|$SX6W--)K@oq_6>QhPLhE7Yy={c{iQcVx(-!E}?vwzGta6lEZw6>eHR)ja7cf$C|T7u;kwHMLE}{MVvwToM%!l z%MPcM%ArQ2+wmpyI?`6Jkop{QHthA}(y=7UbD1|aL%R<+t9JrzWQmdv9;$g)V?901 z&jglE%9FxWa=FlU@&p2m2toiHi~x{eHsl+hd^8&i2mvc}xBCKE@O1Y?l&`j&wzZfb z{FNhjd4f&KbERj5VWiv%lw+x(J|jn^|wVzX16^Z{10#_HcELZ}8yD{(fzlbXBVQJ+kjz@a4<~8~VcjyuoZjxluMjQNaA1 z-MW_ObTUZI=##i$p4~IxCb#)5kH#oILTpO@+-|Jea+iW-S8s7?z5>BHpwKHJmP zqR)#)3J$kl|Gcl4ZMO^G210yivWvow2v+#P;JCODop^d=Zqya$DIYP2C%v7htK-W3 zdoAW6!`<%J2P!1MW`nadIXT@l%-GrU5E&;tkqo$|{007^(6Hz9L-TtXiE%CCzGe-_ z$9*NmbBLwrj-kHuffVg+v^Ur`?u@BJ%$O2X8KTu$v*J?axtOv5;~{OZ8x@f0Y~!4( zS!y|1bd{#F85+wc6jy2@DFu>3DO0+On7gqf`lwu6pRKi=BX&ALql$i&P-X0~s%V+) z5?&YJoh1wlUr+QoFg?-jb!5t5(&=jKMJgSU^P2A7ik#Va282evXb@4yVMQs3czQsh zFCKUPB|Ee}ckxUb^;4P(DXv$2H$vRJ)v;>3N5)y(PSt=X}*#UH9j!=XP_waaH8;`?67$Kd5-Hh)cc zop;tdtoc6B`9XV_GjLZ9ef1toJB;I5vL#UJpwmB^z5e*(R#yDm_?OvoPV_zjxh!MY zzNh8qQOna`0_&dN`|LaG>!HZ#_CYr2zSi>kFv&}at0!{LEGE&kOzF?Zi%%*JzOg

8W^inE;!$HZ;ab z9{;F(@dw(~{W!r3{@IHT-9IP_zUZm$u&mRWlY08O4bi%ly9;zs*z*7S=*q9ryQ~zs zrWuv@{W2!JdK>?Bk5onQCT){cTnka_LX^mdWDmBl_BFo+gulI&-ssYzp@SQ%DVX!W zG#Jfx=Wp^^UqYW;S7lTzkc^vRv2PCrc%Nl(HE#!gZyN0taXTk@AO*$f=qaRI!b~Y- z_a`Pqv)~p<)GXTAbNsTmXxW^;lL~4to9615zgnkbbf^I4}1r}+sG4qF-j)zrF z^(VRwSrV#eII=xM74bMMTx!*+l`-D6h&%>g&FnHHeIH=yiC?m4ednpbX!wu!LO{~B zru*cn#v;$mOXKt$G2g-&X#2?_!YN=B37D+8+d!}gB0V>97Y}S+ka0z}{4?((Qxdvd zxml0>)|$9)=(4}9oHy$+g1;@IePRFMcoh2oY$p68H}mfcDVWp$f+>zO3zUP?N>!8C zo2}{Z80oeC2zc1OyH2=dkTQ=wlB;p1D3|13!l7b-pN*IUtJQ`rYG&Tx6)JC1E5E~$ z|7SBs1%C^FZ?HOQbp`9rOugg{6v9Yzys=m`182`?{H+YmNKMm@@FSFSQ6vABor#Ql zq560yLi28$O$yq95fd5#_C>BdU|N_Ne0r4Ean+u!d{;uA50w&x()S3ds-)D`E$m7I zR1^|b!~i^w$O)g@N7roE)!=b3pU~-8yiLl4APlj}DoI@K5ojCW>4zx!VvrVAvf4HJ z>{@PGK7JHXu;cG(spo)e#EgY+n3Iv*SBj4Csaxf*$iWme5Nx1RyW-5bZ4wFwDvE#5 z=&K`gwLLoDY~MXw_^`-$wqZN!``sgv8B(~Nhv=J2@m@!df9Oz;=EHuaF(F@#bYdyI z=@eZQSuYv!x%@ts=x%cgtoaw5;-CCfd4zbuuMt=5ey6uhKJisIeo8+EhH&Bhi$}qm zG`|4ybw6s5hgHV>Xq`~t+V}pI>AkOz;EC#A00Cb4s?32ik+CMW$Exq!+SsTn)*6rV z)f*Dzvuo(!jUWz~Ug~q1Rm!p=Sz|tKI>ZS zh`I0Q64-O9T}8Oa>}@^)#m5+fzw?ekb7_%_dUJRzX~KfV89-|xkcG4z{=J_cT1uJK zM>Nb|(o`EsBowskz1z@-se#S;kQ5U1I!Nb5^ZPdrsgZvBsISGcwlFbc(ZV%)v-mr~F*{Q9!@7Q7Hgl*cQe(xdO9a>+#euM#+_4dhN7op}F0hxk{NZom{?%WeeVq)1 zJR0!&+BD$E27|%LAj=Ti$}dk)gLdQ0@9#u2Z%KSs4OrZ&JJTKeLHrBw-sB)bIsd`z zK;L#?)&p5|F|h$b*cNH09TM_vKr?#eaf=vTFM=^X!8S6vS%M8*YQGzrmsM=ptW$`6 ziXE6qdKF%dV#yLf!6e3XMs|62#GbvYb(qAR*_y=s=|ytvcx2{fstT8A+CsWk_@tHX*XZ=LbX}ZVEwq!*Lq|p3 z7pq?DUA<@1(pFdI-Ga&;(d`eWGT>+FWFUN%v#Ezu4niXUXR9gQ?3g;=lW>Hi>Ld!7 zM0?wC5nD4RgZemmRTzSw2`l)g9pYH-hOO!rrg)-o3;-2CWS-v{e-n|7fSl{cG8J*s zfRgEzb8dCmMobs1${lAQ3PX&TWQI>VrC&S9E5@`ky%nSBngR$MfrwOXh-}u zSI5FV;ujpU>)(CAtHcGR0+`v758pkCWjL5shw4L^Dr}3Zc)WSZ5qe;Gs;KA1mBCJQ zZx1UqLu~WouBSVN;(vZNa(yI%@Ii`cBYG!iEQgD!3v8dyU z&f)mi&-}RUB`4;rh?;538aSPCr}KV`+kRi#Q~f~L`Qn)dj_|M}^kvCuMe~N$4W+}&!Y3yM@tM%? z7*}Si$0(_pn6?)u-{)8Pt@*kQwn$WPD z^v)kK1{dgHoEsADpD@91ThgJu^*=sLd&bh_#*`+|3TUrzBm({a?*XbWQn>8~5LagrIx$Mp`Xs zzo&u<$X1pK`k?*kkIz&K22H0nuisDDEa(_!K+<1)56Jhy4vPDvY9^AI?g&o0JIbi2c2fh>&(LuY2xZB zham6JB%7#G76fweZyu?d-Gg1s)P(o*thiMp^kpCY#yj;(z557HpJ4$~HBHfTVj>p; zeDA@a&c{b1m$7c5{Y^5qh)#rBLlVdUmpplcMcRFy+Je850=x^RG{la>4AIwqQ`lWR zul(`m6ZYzRHs040D8Iwa?PV!t)A!V3`I)?9%6$|ZTRCoZPKWbu8H^NXPE%Pg#2W3F z@tu>2CFMSeqU+Nsh{qb?k@7EgL4FZTTBl&O!`GtlZEanGYa&K)I3_Gj`>pkmxqVu* zJbi3rZ6q%g>9D_%zG!@-m=;8t;_)UULk@tyV<$Hh_F&ar59z}>&YlT9s$lMjK9RfT zH3u4|^~x4XrtwlE8HB-rQoteE714O9Q}+E>i_Sirn)CDir9E^AQA4ILX(Kw~Sd$x$ zwSNoVb5+isdY5bgf-et<39)Z~-f6jRA$)IWDa+ZN+QTCe*Ewe?7BnjE@o~#7Lyi&4 z3&H<9mrDyuE~OXu029E7;t3IeKPQCxKnKU1*NlAUJ#|da*tI-{FP*zSo3{a$h8vW* z=dk$ux#{#J!W`Lol~{hf04oIiP12gF(~pmFc6-SltsUU_uw)9I(I`^$2G43G(GDHF zIFQlkGj<()IRm{OJq;ZtX{LKrq?{jqWO$#u*UI$k0Ht7DSz#%V-nq4W^|j+EeE@8e zT1*>T!n*=@wn8<0{ARc3W;9`)K`o~jm8z2>^s$bLAQ`b=jQP31Ef=G(Y&nUiB}&FF zhW&Q_3^wFgxzF!sFz%3#echQ~q17@i*BU0uSSE~xbSeN*3f?GAA4TlQ1|w=+2!@y* zS@X`}dAQ#71G_b`!56Cofn?+ds|#I_mEpXr0Pks{3_6PFSa_cOa(Ie*rPEPIUihQf z3jX$NN|qAVYgfcaqs>Niu!>iJZAFf*9nElZ-vNG9kqQC(7+hsc0jyG80hT{HLZ9kv zC%=XMBLe7;AiDpQU$=N>qRZ82Kp)`Z&uVL;J|`US=l*^-YxQ!pECSJ~c1R;hLKU|V8Vv-Nh&_@TFcT7?gb@G=jc!v!6CSiB6mDX?;Qbxhko1x%_(AsoigCsK3& zF}THT;7elBkFd!si9=pepd!X^8O*l@&4OsgVP2`ybR&eyEXhUL7zPq&ga z#|CLSF*!&v0a2J%dGQlglz4jDYulcWEEN@w-GZ26q5Y{e0?#*ZAHO^{ji-b;xjGYd zZ0kB$Dwn?DlLPfjpHOLFc$}&j2yUvBKv{GuGG6ozV^CAPy{|PHOFf+J1wHshr#ei21rHdhk4hJwsYc@C^ba`pj-4!AhIiFDa$uhL zNI&2$If6Eu+JwZW1AEZ+E&zV4k}nDF%TxvhCJQQ;RXqm6m9%UR!W@$?-s212*<9{% z1Zf<7Z|XNRT1X2IS#XQ}9*`O{!*|>*)5efFm23|?P;9M4QAY08+EcD-T)>al<({uT zrGWj|p=CI{7!e`1*Lfd~9@n>?@a_)_xHo6uj6NK%*#swbfVdjCLthW)h~h+)1udcH z%48@@gwU_hdFpeuhxCnaX61&y1PVv2Xn|GaRo|w%T^NlH-+`oi8I~FhiAZ_JMySC{ zWiyC5n!ROo?+<=~pJ61|x<=*)z8n}oLWgwiaK#S0VAE(@%Y~>^e9KZ|@ne1*Qf#q5 z7@08f#Xh6vM`?#{+{B`jl~m8khdh)&76G?*&SOe^WKOCZiVDIt0)1|Ue9-Dcdh0(`N}eQt!%km+e>8QBR8mMi};+=qmH(7lA0<0OS~=_#tHVs4Q~U4a*Z@qoyd5 zrZfpNZ634F;C$v%IZE->FVwqyaaO!Z=y{ZYsk_KWA{gs>ekaAAqLB2yV*#^`gi~AE zT6lPy*Lh9;F*Swy2upotLyH)`uNIQNqJn!#zF9FyBMHU!5&MjxBD`FVW-O2QE_gHt zCr`km*~(vy-;MYuRagZ-j>&Q03&Xh*U@0`b%5vxU9usBHV>Mng9b0ZASSMcfcq@=} zUVRHZ1pJb6(x1<`pG5BscJe zR!rNZAb{3gQG8(?c(|L3COJFX{-Ah$zQvDfHV%O&{Vo%v@{0K7vf7?kMy}aNetrc~ zeX7`q72NTF9W5SKT{GH?Me%T+tUgpBP_t+_h4dX0|Le@IZUwb80(1&MTs%-mO4j(* z+aYP1RUQr^myHip;uN4|_L5ET`GZ%CxeRa7^s&iD&Ai` zwe#9;rk|R}oEwizv-#Hx2seIOuAoxzI0qPMKxhu`TW^=F(TZrqsg_H|JtTtV`-!$Z zGZ!?DgxfP~XF^-p`8!;IIcDjuN_tSf#d(#GGm-+m`~ODE_=9uB0}{;L3k9bWY(^Df z2r46}lBtAJpHs&>etvA(Lu)WTbe}1~ljMydp`K6vJ=&ujwfK8WT&^^Pb4m8k%Y{?( zWxzBZX|=@NNc(gxV?ZVL`@&S-e7rHN6Rp_cGSU(gi&hEHy<$HWlg&)ZPKyBuCqpsN zJ8?E2yi-~&((lYRQuy81lULdQ*~y^T!#)JP-y1hK&#SBHZ^Cd=H%n}Lm2p#oQW z93kL1c%|7pLTnUlw}wAN)6gmlR=0bq^tSsTAJBijF3EzYd{|Ai&U4>p%*A85Dpz{L zIXm&|Th>?4*;FHIs|#NTte;qxxxRI(0{QJd$f|o2-*W|-Fl~je30pBjh#Y&SN*u)_ za{05;(vaS@$!If2{|fh~kPP1!*BMn`uKvYvh5p&>y}7!PKfrAv`IANKyAnDv5vFN~ zM}g{Z%vUlaJ|4>Va@M&kpL#I1Z1?4pIGMq|FqHy$3FO6Ut!pD_j}1^)J;cl2t-d6= zqXxa65_vrj&1Buwyn4LJ#5ip%)X$qM_LAu()OIkz$aTc!31j#L^^%pENB*?PNZ8|O z(+gztN1$obCaQ7uP!2Lw$1?7@!omk*Y(5x5l;b#5X=V=ck-Fr+j1oOQM@UbT-g#|* z8dKw&WwO*3n7C;*w&de(aocjxnKDP)gaMtbDLh~7d57CB8-y!LfY*V`j{A9xV<}Me zR%UYVtnTK}M~HgYL*aP25+EJC;*}C}iCTP3EK~MAVaeNZj&T1Jg)fobT|0{$?_6VK znba8JZfN*d=SVv2@cNb~>VR{w20CbdUP5%H3}=vza$V z;@`v&?eV<93x3wgfm78_K+jIk#t)Qrbuc zb|S_a(wx|hwi6zr2*wb(v7A*yB}`-Y55FDWce8gp@Vlka2VeR*qxU7V-&0M(opvm$ z6O!LJ{+`D8F|N3?f*Ux=N+knCqiNSK%7VM>*WvODaOZuV);Bc|dFL=w~&TL6d|?P(v~YaAWO~%zK%stA8QG zZoT_hnKC6;%JafQ3#qsN`PLypY&+iBV@HJzsbfi@!h)^mE4oJ6RBzLc#G{lQNrr}o z>IJU%MMK$ctB< zIHg7E9l9G8JjAinY7L_nj}#mYg#xN|Ao!e|ei0dr7)Bm4m> zP+CmxfQs7`C3PX`L&6P2<051i`XhX}H$5GOiGVw=!?u9^=+`~?@7L`a!XEy0hcKtr z&1Vu=Hm6>v@2?+tBS-ebaOx9-#=0$|I=3m=zcMUgW;?zO1Du|fi}!zImFvTZdE_QB zY+@6vSnC?4fSQ*MhL0Pl5E&Ov= z&hSo}!K2m~k~+2hl>$`drMtAmk%VkaLf?b2Phw2qPaj|xL3QQ(9l?+0_E=LXa&r16 zM`UB4?cOo|ET8$Kw$bX?)kRf#Zb0Ns8z+9nHi*t`cQTfGokm~Fs8U$9+q+#vVb?c= zP!l(ot`7A=m+7HNhkM0na=$Utz@RnCvq<%R zZp@+85-?j_by|(=J8)pYTJrLnrXJwN-^r^}PaAL~zalRE3&3qOzE%>aco{xJOghi6Gt2A!289jY;-1rLV|!x5j7Jtg z5}N!~p!ZU+Nu8tpdHDXrrM{shn79Tg_8TLz=#WJU!FS~xLS?`UzuU5XQouNu%2nCU z+jn3Z?q6)js`sHG>_?iWET_^P6#->!Jv>K#pr+_J4N<1Y{VS%m zUr*Zh`K`3O*Ag9;3wvbpEyS}&hhjtXBk-5 z`*ghrd2S|<5sIV2fPEpiNHSo!lC2IRpL!#Jnv7n5m(@1+0DH-DHM8AIaRS^*cWUVK zPKkkiX@uqt2`e;oge+BGJnFo%Ueikp?s7twv;A>K;)_sc*ozn^S78UnX@?m`H>Org z2YvjDSqQe~P=rRqJub!mXcZ@&9raz=l)|(-gnQ}9i4CXbpV>@2MYs$4Au@6MXG8wu z8#0u_m-#kT;ItHPY|NsZh(|U)Y)+@>)H_Q?;m-5f#8z?Kdoj;6SB<0|f~r@gW+LJPkLGzK=%YLQURokD-2A^MG{v#|Y)1n}w{nIt_A2SC22{yhU65LgI zK-L;*_9%QY-hymEDvo5)X^pg=%NI=C)IX(Epy@D0jHK_K(-S=^`)-z`I;d{v^reQj z!(kJns!TRl)|@vlj6TeOtJ7b-X5EIgBZP&MKwFP8Ry8arnj-Di&$X0OvBVKk&oAyT zePr~dhp=W}aP4dX!zvlN39VR|3)|n_1@WTf%Yjxoljq4>D-*dM(*i*Qogff=ZFB_^ zm8@uUl=)5n=ah7H<{p^(n{@OBtPcm-~I_ku

L2yukm7oF#d`HY23$LK zO5Jdft*_Il*c_RSMhnTq45;Np02<2go6$*A!uY&bd|IL(PRab&_3QLt;_Y%A))u#P zjQLVKMhG(2!X0*xX7ei}BE(MRS zvNrBsn%7e_&J2iqvW_h4j(*!jm-v^$+~2pExqM@|l$hxOEbW+?FhhQO!&O2?Iu8Tl zca85Iro0zf-b(mb=u6MKy3;(bjh#+*)6*UWu0D-Z6(cRuh^c73&?ew%UpLdU@emdi zR4^1)lW5)P9+6(lC$h3z=VM(iKCoW8MT1qdABI)`;|)wthn(+TRftWj>yNgtjSV8w zHN#fsGBk^#`{y`Dtn?p`YUdJAEF3CzGoghsEJ7931{PahCIF;0Uw0>U0d{jq(RMba zjaPbko8E>_iMeo!TvGZJ5>Lh3reKN>+(`qB6w~#Te#as(R7W<}?;s)6nE7>M&w*_A z)&Q9q|3wcOacY)_-MoiipOy~-yF`Qf4O+6x0}oQ+4SR44aXqUF`h2>vRUg1cCnQ^p zJ>^P$aX>CFv{q78iZBRKa3dtp6NAzq^!h2EKS+{@{i;z9u5Tat`nWk^_A9TQdj2Ca z;U*dj&;?kglNS^Ra(Oan0mXWtP0*!-d@|n4l1<2xD+61}$7)NR5%&b8==h~2EmL3u zJ0oH0rwP`$iIGbDJN!ijRTvS2>u0QNFUqD;yi)vc^^a#+qRb1?)9pr!8p@Wp+6UhS=Nin0;<$RvaS2Q=?;DU#-A}H~53);StMRUq=YTwi(0N=Mjc)CuesE z?-eKrFb+m^1@N$yYO{A53`Ytv%<3%s_aPjVcMk_a0e)9hPNv z?|UDANjuEavT(ga6zV8!uRb&$VWXcY?>rS;Rdf`)Um z2;^vwUIkuEF^^!ZDLiZ{1&~_tB>{ZL;9KZPdTZRm9k{;$|J+1txKF9V?I$A}Iy-NT z`mUW6BR?1Dqs)T8ep&Fyd{*`InU|$R>;zBpc;v{fQYuxi>;c;>UNe*w@q^yTnqL6& z!Cr-Q0+6;amt}>GaQe=@qV7t73_+5on9>0GiVijaakyq7AOEC3va2+MWSlpGbGy#V z=E;6p!OUkHUQYlPFA)IG1fw<77ci?dBiq>5R=hgGf6&*e742cCN0Fl-*^OURQJY)A zTd1T0lfoeBt%$+R^w|8?d-qL$ed^KO%iGqgQ2A^cLKY6=Xp#}avQOFFKz7EMeE^1K z^xT7eK{SH4(pq)e8N33X&CY$jq0006$yRJ^u5`lKtb%P2R{7GR<>K{dr>@ZQ7atlM zo9A4+3eqdCu`zXz`utU|R+2TLT|4`be_Mt%+y9yf@*4~KYjuO=&-9%A>??AD`TZx1 z&!EdaQ8uPA-#Wm1^Qo8jYRVy{s_)T(c!4I%kn$~$YKSi9b>gH$C^dndt1ouoUJbb#x7~@tY2&!C-rEJLt7QMr8NeQT^?>l!4up0=<2-hFf5Z zp>|k{7&fVT-|+D9mh>@7zsW?l{o`1?RbmS#>3FWyg51~7kuup3$lL)yg-HnjB*3%G zT{OBG#rFA+e3hHSanZ^4zpZe8g@Iq7oddMD;~CPIfA)UZIjmN`={ft;fmYQ_nCWn@ z#DeMsWADK9zqxaQ>IUCGaCEbk|6GwKuOD&oVp1MFmkdYnIMHQuw1;>P2*Z)=c(P@f zm{y=n`R@DDQVnTB(N81aGR@jr9*f1nbkkyaRYGS?x$)T%nH(bqsdw?|%XsOru?4iO zt@m6XLNaK5<1>0A|R`a&;3Be}_>FvTSzj+?ly)o0R zx%w54r0A%LoLge>vO#Kb;4OZgO(8rlt<0c{J?Z?B7hL;g?9`-~O6UnM{VZ>qmEKGn zmU@262kYqeYzs^>c$q{r(U;*lyMtd#5@nrPWRBRIX%)A*rS-Wf%}d5SfhbY&yA$%o zM0-L}HqeXFg%|S(ncL=1Gi_b%1msthJKNiP;#<+IOS81e$oe zxGgyN)@_2Qt(*g{4GXWfvHXnm_5tjmO@s*Vmp&?#GWMJ-0YOE^0Qnqx*g1FxX#JC; z)N|#L@Gn3;G_@6Zo^GW6YPiit;*-Qof^83z%^)n@r(H52BM*^AZ^&C45*iX>IHn|q zSs|OnZ^!q&el|x!SR%gVBrur9M+2ei)Rr7*|8^WGya0a>UIgAGlV*vAvG^;a)A@xFf`J{XWmvmJnrWd+-Rc4(Dtaw+R~~<~!|}+7Ae;?Bg1p8(mwV z`J{O2)Qb;eqXSBD6R{#1N}IpjhKl37DdDtR$kF(YlJQutxG;)x@_h=o*DVf5_z)_O zi*=V`hAK&C>Fj18XDl3k2u}MaKC?gKrYXLR@0)99q#pmmOYl4!v#eyr3zM|N$$IMX zw`vZK^oAO(iYRdu;j-QCCI?Lnq^}7v2~>%}AYLnzCG55qLr}Wb7M2&3K9wPxZS5Pl zlOFhx>azUK!_iJ^Z7;b|;e(M1LbEc)e0-EF_<;9#rNDw zx8rhWz09j0fYHpUgF{jnRLFO=2|IAHvZ;9&>Z1TCCK?Ze{c!#=!v}$JgZjGG%VoJ5 zG4zj~cwkq?IDbO0$T*uZixB3h(yp~xYj8MsC_>V0Ai_k7Uc+Y4)l^S3?z?|&ZVcG& z-;K#Q$Pv%WDC+4+{M@$a9e?CER;GlmSRwWAQ9h*tuT{HG3F%M zHcgp|IhJVU@+dD}34IToG=Mq0;RA&$!zCj^3S-AaJ@{}8yL(vBmYfa`5?jx9(yxy) z-;2*L(Dp(GK0>zxs8|mid8M_5E^KC~Gvx{5j_3=VgwZgi7!VP;lIS&oio{atfGrCYImFl=^7)ioRoxTk=ZfBWao~-J=*0xSyOtsh+obj5@9V6|tTo9r%&&Jp(l0($?vwkt``A~r zi1U*f^MnCA2t6C1dxu35gE`@pU?j_Z`@P^uTaztMZf6^<{R62~?=IJ#{%0TC) z`P6q1B=!9s9(t|dAcHZz`mWKXTzN+E_bDT^=_WbF^bN@id2Xs_;Nrqi8tm_e=)uk_ zoTUMYDaV*_jiu;ULg#B$Db%|3cGGx+>?yjq*fKuY(ttepE33tEi%Wmc^>h!dgv+he zgiynFo8O?tpKV9^9 zSA8SlPrtbpJ9NvGC$=R?BPXuJps4n_qGk+v?W|u~{>!}XU5-elPO~fAo|p5FBeMd! z?^QE;>Kp*KQxOgW6yyLsD$!#K%Djq|!0Bt6(i`E!EgNj21K|Eoajfrri5D=MsUG_2 zyOrjTWJ;8jl}h-+k!mDN)VZN%gcF4DH-)_pdOXZ0`*N>4n zJviwP)<}yCa-Oz3P&%xL!j^oRwEHFcduwjn*g&J_2nDla2z;yOTfBNUXpiB`?n7MH zAm?0hVmOz4s^4J>X-@CIJjM?ab!og*pX_BKz|Teb=A45nH2sjjjLm?J2GNVAfvGK1obcXwmT zlx0H!s|h$$*u6--2ZsM*cF^Pw&EMBJXy5BUUG`zHo0Xf3$@{1ptERoPmCn~T0~((y zc}TXzxqF#sOHd|9wS`R5k8}BA=k+1P*c?jQKIn+P#l8M=mM6s{uf7P^P9y&Smp*@V z9=z{#UiUJ-y4l6OZ;)((i;k4R%q!uG2CUCFRsMuhaX5=}U{~IaR!rHDE)emQJqCAs zjxWY)j#wXq99gpZ|2OXbU+>Dz!U|@#cxDk`wOvty{O9OtS%H5|p61hrRv9kv{hk-F zg9UIc9Ah(?a-;rRmDTCDi}`QD#s1^>WcCH1m@EF0-zcJ0Ew@q`OgTU41_jjKRriq; zjiKAlEBQa{y#-KP?fUK=AV5fgBEh8)AOtP$r2&FVafjj#h2T`);KALYg#f{!xVELZ z7l$G(Uc7ICy1ZYy_c?ph|D5jG`~Q7&=6o|JvxZqSWMw6bu%73+@9X+qHs#Y#_3*7r zuAJYWfc`RM#UuOQ1(DbP6Bqvr)Zmvk(xqiYde@dKoBAtiQ-zGsAQUPGlGVo1L`LXM z?~?A37dQc?9H0}3DQphJB(wkqg*R7YvbGNUqodKCJ0~o4wLHC3vR@1-jU3i6*ozHg z((Ib_+Kzn()?J_cAr4k)0E=O42JfFI(PH$74$gY_@$jtC^o^12^ykBZ25Nlc?EXW; zyNs2!yb_ikWQkA|G!@cCwQa$26txQel%1E(lD-|Kb-$S;C0{j?2IurLlc3Ycz@=I^ zPP-)^mmjUOLb*k`eR@^0Vxapoa$Pighyi>)zMk=zYWiKoz<7^0Ya^y6T&{jB-cC6j zu!W79f5WFiG7r3GKWNz4?md?HL%NI1OSw5BsAg6zt?M1}0}`TuizVxLQ04|fYnKOO zIT0fQp=G~9(O*bIqpjO_JJ?AgS8wEnNXW#oPRQ=H_fM3dwaYtl{ExP?V1!Z>o9 za=`ab?G`TWK6m{>kMhRMJQ??Bgsq?PpCXyi$NCWc7;4#pK3-ZM%4ghQW@3_Ok^^U) z!4?x7-WJ?-?gjOx1m9mkBM{GxOSj7wQ9}5zZ7o!%9WhZghH3}er~68?pTm~lE2gnL ztK&qw?X~KKba3%F$0UKFUvX^&&wiPzGr5UQ=})X>6TA z?y(=Oq5ni(Wc{+kY#_(_ig3T4y260WO_UvHHWg<|iB!%gE8gS@o)K6{b}U#IZ|6=7 z0QIiycHG7x?Nf;hY7Mb9PT=Bexs%0_(Mo{`eGW{aG-UJH_QYd6A>m=iiF56E`butV z7vqR{o^E}YEay}zE@-?qKfEOZ$|HgX9n=@w3BNaFrA@fA3UfK@X)+mKcOP#ILU3Hg zoTo<`6N>?=)e`5Zsbz=VSz!7UlC-%x_6_>{zgUFlYogw&CQ2Xwc=ZVd`5Ujw?B-VJ z1HQ8u!Df_eG`R`WYwu@l^3y$RBXu)jMox>n{_-6*UqcImy@k6xi#^M|@1OeJ`ZyZ@ zWJTk{3Enu&eD|x*>9|Sd!i-+6sf%GYmNcBp< z%_R4_bDwL$a5vM>axV=w!#eF@*)i8PjC@w?e-u+Qr|nKS4+!-$u%8`wd5@nmi*B+$ zYd!g-F2Xj0ki*+mugTFR5&}4MHP|1NvS{rT_zZM>Jxpp_-?WNRGle0zVJsIWn9`2- zbQmSA&KH^u#^pi{foxXRY^L--)>BAJWbZQw;g zd-S`j@qz2S7J3hd9!X3|KRkHB8Z$K$D;5sef$$)}Z(J-Mh|T0ni5c*1-i|_*L_ZKb2b5N5_NfVxCtx4_eW6$?LK)~7S4J= zs1w`+pAR|@01!gC_Ns#E2}w3@i{@epiBe9f39f#T4ZHgBH%iR^AoKQLNewTlb@5TT zBvo;58^DZBlcPoBr>^(gz6HEheskV+UCS$ft=?t!?drs8w|n564Uvt2@||X~=)5MN(WmE}BUK>p!Z#O+ z6QN&SC`(HXN{zq={C##x-Gim|CcyHj;oxYUJy~?I!4-Un3x$Bl>)DRQ5teN5D|cz` zo&gCiDd8RRL1Koq46o@*O6s#4rQOehCj2c>hpI5_3X-aD6%-8nuDDhNtG_36s-iCMWEA5=a2 z>noe3TYla$1WQg#Oz{mQ<~C`J%lNkGrSZ|?dHEuk=YhoL0;58-Eb`2I%+B%G&7WwD zboev^2J~YnfLNk8;HlTH_wMR^cyrG`#roc|_1oh|t}k#QFD6H7-p!l!8RXMSQ$N-Hmm&L>c%a zDm8FMWO{HxVmRZVs2-sbfNDkYKB>kts&7JdcIG*Hrp+kse9;dk?Xd5lSeC>RMr=e) zVp_q^{$ic2hx&${KeySqofK3VYmL_RgGEF+ed;05+>e59~d z+Kj3ag5CbPUXRX=M`_tZ?Z&lCO>@pAbu7+B&CK1MxIT4g^6*#7YKJ^$!1Lm_d~F0; z+$%(tvEH*CQ-*JP^hesx_^pFKUpIScXentJ*}m!3K$*u)ISK%tp9eQYX_cWgYZtJ!J?F1GfE?HaOd4Mk9Vj(WWL&Od*EaMZ|2Mpa9VWuI(h;6(T)x!;dx>tPGZnhvA@K~+SkwblzNX_*Ql zum@R`oKVYv_9$r@1rM|E7a3ZHBqM8_Ne7&e?;J!_B@F=O=u;p_wF)kcQLU8p_Dzv| z3Heq6gCixQVDOO6M3J)t(wEz8Cc(@JTPYFqY8x3c&s zibJ(nJ!=H5Ez(|DE?zX(bE0|}8`x+1QuXlm#ym`(Sgs}CSS)}5*3-Dm!LG5-xuE3n z4|n4|t=IKpLV1j~_s(eiysajhT&|7D`_ypHC^?kb49md~x1L1TLJAX@tTX z+S1F3a3$m}mY$wap+)mG4XB_kX&oUe72#>)UTt|5~wZ zV*1ZT)8D2EzhmEA5WqG}1%7Rs3GHW| zQW#lo?-P8CtId3VGIW;OM7*Lb*z$=MXM_2-YL#;%=BxYVSs|;Pl(U$p-VD_WQAI8V zpFZ+SnRL{zE1&A>S(fvSk-*V0TX?srqJ8axCX*j+!nQ>T+ckG*l1a-lV|`UY&4AQ6 zm_7hs;7*u!XGVX57uEK3EF_VAo4sA@(f;`nk4%f$KM_!5sNx z+`*Fu&;rVX4n{E4ZZ9)nu0A5%@`Lgd?7PV<(Yq7St`n>k(}U!-?rcI~lAdxNB$@6wRl5z04 z0Lgpz1UJDvmT-O75t;hchlK^UnSQtYB%r`Gu3}PiGl1Q(^zd#{KZ()Z`_^yT{OtX{ z_i=hzALNZMP@j5y)mrFC5yg<+Hkd*Xu&MG0eEEENT8ocsygKM(awpkA=u_o!mz3@d zs>7y`ga1&pnJ3XO)dcm<>|}wDrJXO{5%r;P3x%^8l9lK&j7+I$GBs05n&EPP2M%2{ ztqw9W6%%sU%61nnOTbEp>>B7&6Y!z?9O!6MLEd2#Y$j=`<7PWT2RtdK-$wSwJbW6i!ko8p!2f^m}4NFTnAo7&TqgaqZK;(KnN3fi7yT=QSP ze4JA5v@LAGJvMGSUfj!|+f^;Ei(Gl+mqGoCdEfVX;UM#~MX269I=3jM(<#@#tnOSm zWcPE$bq>>8*_9^*gaw9_5A`V@`c8-K%bv&Ht=@ftdVR0mE>Hcm@yIZ3wBW+;-h%8X za-|1y0pO@#!!)!20J2XI1jS~$hMCt!6t-h!zC8`GA58JGD*PxVD0Q$zAk^l4uVpm4IWng_QvB)_!-$pS8L)gVq+XwG#_4aEIF| zNxoB*|E?A{d(%Pj=NiY$qr4lB&85|*{My!|w;6PIThdNes%Info4thZyL+xqUAN9j z*|pb96?~9BB|LnW{lLa2WEwUM)|TOvkjYdxPO3s^u^A0q0l-i6{ktAW*w$8hOO%$=f!f^FW&~0hCjlTCl{NoM*jlD z$ny5PFVjyR=WF#3L6U8rqP|O0q_jQ;Nv`xtg(K-G-JcoERbZRTzmnRwmnbGqQ&ABwYz=JHi= zmi)Q4^4uGGe0ffD0WM@u0}2p`(?!1U*|Eq7wrZeg5Ts%kB(OcyNol&=wsAr>#mQ!w zYAnOH3B6?sK8wW(GZ z`M@}Hq>YxLQ9WF#G*o$H$jaM>ze^Ytteec&y@rghBIe3aIhX6J{QQRmvT-zs)yVqO z)L8Q#RJdP5OX@T%%2Z8u9tBi?c)(+%aZqIDEE;emii}`sJD6U;1bZM9yGpN{=}1qi zG=?&dzL3})^VvU{+9&`7vH0anv*{3WHdi9Zy;TyEP&U#rfGx{|C) zIKwV#r6#gWaK0wa0>B3{L_@$oZ@L7w&*%#SKcw(~UGC~u``azIWxJsz)a=#Z!ivPD z!myjPRPHvrNLS9&T=SqK&#VzfhCDSPLPcY80LfYhL#{UhKx!0-CKkHqmm(N@=l07W zwr;?l2Ew+Efj-iN6$8S6V|0pnk3?e|Y#Xm_Te>Fb$$eGNx_@kAQ+n%{w_vO40JYX? zE3y^Brt73y)VRhXuw9^9r-^DOeHA|qe<&umSdP(>7xBOQ2)QWx)<9h4{RhBS0P34ZA+e zke8mZ46iKm63;a;N(X*RPev7Xn`yOL1$Hx1EXJeO$(Zs+J6)7)5Tzx+fZ~HNW5<|p zn?hO4x+^(_z%rY4*93=WCTm3d0nV1f{E_bTldoa<2e`_1Ype<+2p(TX1lQ+}Y5oZu z{QLHA`P+XYjea#gTy9MxE`xMDe(9zEJkRB){wH9=f2}YvjVs{ss)dUbW%DnKsSzV)wcbaeuPbl5 z6SltLfxnWKY82D69AFC8t_;LfW4I|}gN0NW1BClv5Vn4;U3uQ?+PhP*8&X(Ra_;;N^`9hn7%(nk8bhXhNIdbzAlYv-Q+fN{%I3!jS! zf7ey9w$HU+KTYf8Ui96N;jdQVo{tej8^_ujej#)qyf!H*K-f8&*p&FbAXB&;2jgsP zO$?=i4$()#vCZ5eo7`V8M*L2+YYv&+;bI;DVmQF|@Rx9dCCPW!#q;b?yQRG0LLlw@ zGi~-)H^7QE`)!ELbryeL^r60NWQ{Tt5*>I=P-0r8oZo&xY(M(Z9rdDWJ<~t#uK<;J z@Hs6`6&5n0k?!a~s2jXE@SysEK4Ta9&tc$a$3&}fj90vMH~p(y978JD0xOS`PIfEr zT(!#W-E6l}&__Ogn}b$(LkUH3#+Xqq)OOq6ap&&TH%t$zV|8Yx4SOUP86FkXyv24H z$3_)$Fg8-!F`%ldm9MG+z*bH0%7jZr>$QH1c2;$&A>17nuV*V^2~>F!6;h*;S%Ztr z)QgYN8Twm;2?^A)Thc|`TX>A0?q8xDRa}av#{1>pC@fEHKkvZ38D}t~&ok=$uu9Yo z=_0N+lCi3+EH+^D28{7Lz-+==Wjrl|L1reKgHn_+W4bbxqqSwpfsDGt*uF(ki<{cI zI~4X&LAf|xLo^0MZHP|pT6m`5``+H~8u3+kr-eO+cI?h5e~&ir6DBeqP~He~Ew_9x z-g%Dan!1CP9}9b5e4#crSV77n52{PD z6*q{Esa61p6=q`jO9hI{(a$FCO8l1?O-7fVhOahye)=#LKh#Ftnrv4nZ!5JB>kOJS zbLGo1AQ?%6Oq9eMX6o^9fbgW9`Yu3djosf0y^=abDHgj|l(aREFKT&zOebaD;bIs$ z(6tc_i(EXUV&$$@!A@q(Q|86<%u5{Anf-dk-=%Pwm}b)aCaP?~1g}NA^eX@5<3awz z9BRvhUz4H#A@#%WsJu<)HXF9!f7|Bz?%V1z3yOX*OQ0 zZ*?z~YFCCf5UemBt$W>z!t1qJ{8DCgzrv)M8v=S#AjuNxdSfV?Ns3oml(v$D|BZRf zGAca7e1o$Cgd%y`kC~0Sm~8nl+EKJdwgyrjw$f!5SJ0p0P8NO3@1ag;)t#VWehwe9`q~Z zamsGWzGpJDwbI(a)M0j>cJfd@Dd?T_Efa&L7#(72;zS#)E;%4Q3=?vWq;rq3-`i)QydV zFOPdV)|V_*AHiA~Od^W3A>7&sO6w>Y2dqHt0rja3@wb?TyG~LA;uEB3vI0hYX}Mtl z5dyT_7?hBZ`MXLTuzpSxDf94Is>xU~ewnSB7;eFVEl zopH=WdP>&TA5i(ku!J(gftFM{Y8lp^fn6Wtd3@Yu=8h;*u>>BwU~>4+;PcCR)!(XD z@esPpvd~|(p8LP_zJCoE!Jmih7g^}#)$h-0`z2h?ukai^*X|Mkaly3p>sfyr%B1N@ zNpNdWkH;yqJe51gX8b|@%RV2g>VlYIU8iI`?|j37wX}+`rQy=dG%}>eOa2-ZnN7-J zk!q%3PcM+(l$We}NNilpVL~9OaS6me3^FA?n~}rA(vXFgV>v-*~_? z6Q)%-tWZ}@Q8@S6!+S2YYqD~wGm2Z#s*?;f5~IteEo^3ZrFbo_^27m$jK|{OfJ$Fo zi4hVhEHS6b1b|NZ(xl#fYcBce%G3}$ZAcY<~^Tr4( zWpGNnnUZ{}Ccu(C0{t)dHkZ~CB~(IPjV8D9%3+^@mR(^;u*s4tE!@dS4$YFN3?3)b zf^rxbZ!!C@xx5mRIXYoC`Pdj3l%!zkx3r>A^VZ?;gc)3SnfQEp1<=$MbY=L1`gv-!~>Sq$(XiV268bX1qMs?UHCceCEv8Z!v8uQ@?VZiwW|1TxvdWC=<1y> zjxOofv8FfS2PXlOV@ZX)CB48P!T9Jkf|j5|11c(N3ew*VVVHF zfK3~$cN`Vgu|OG(*R^vM1CoGCmyW%?N1oQ5Ado2}|MXi{H{ne8Y(h#}me(NZ4LS{( z3arY7)IPU2eaO?8UGxbR0rhN^NHg^kxjfmYU^dRE0;h+PX7+Its>%c--Z+4WhXKJf z0;u@7o@t9TIC9W)jvuf%4!Q?iY@tN&?8i#nJR#QHiHSoWdQi?a zHxZ|#7L0T^3Xjx;_o$o?KCzXYVdYL}qKcJ+qCh#JT2+z&_7bVcMMApAW(_G)757T5H*DS`X4{~~SI$TuTlu2Q!uJt%#jpgq(*sFF7&yWq^LzD@4t$>w;2df5 zCfXz$oFHXP?hxZ{F94vh#bqL=?`Ko^CVCv1dcZqGLJ<6$jANmyu}d?Ec* zEE;9tAaBhdr~`N$lMf+m1SW5~hzT>Vgl{d8aIwyEyh}DUwUjZ|R7&xgwvp1QN0<3J za%0zKMB>Q*5Q~6Ht_KwF=`liv5BF+wWrn`C3GYK!AFB&ScQt`qHJ$hB&0M_vvDhd& zBd#*^x*gPrYE_E_P+#zWPCGt@hQG@ZQ|3cbr_^g@=)1%f^+nc<+LH~waFkR=#ij#l z*Vp1;LH82ckOMe1Jr0`pMxHor@=~n9Obku9!beKTnejjleCGiF2tE3Mb+67#H;$I2 zBs79NuLNB!1S)o=sc&k(xW==##+gOt)0;XZ?im)w&@EaEKq57kJWkf2Ik(eu6h>1e z2qDpj#SOFNrzfYpln0KF$Csbb59#;CdphP3Q!0DzWDb+{g+~z~s0lNHVHZ~=?{#0Q z@`3C4O!T+<4n^%T>Y`FT?>E!f` zr@l65_w0;ns+flK`lg&R&celqnJip2mA^vY(16k&9n0^cLm(pC{JT$fwfdXtGDU`x zYTd*`HcnCFa+q*u77ad^c6ybOa%R4CUJev9N1E<{`PSpyxb$+O=Jes=@nLZ1;LX=C z{*Uflt1XvwK5pz{%SXq1CLeDF1_dhohtGHXq+96hyOqZ$1=8S-U)nvc()uFX&x3|^ zIvK;6ct%vg9425AJlg|DMAb{m8P7y{Nkr6B$XCIi%oCJ&w3xyjch7b=WV6%}4=3!~ z&)8#=NW{kIM0g`X{H$7p0GL!h#%(D^%Jy{2qI}!mcc^B>%6(hfz-Z<`34Dg)P)6Sj zX~N5KL9N2knpB)oI!gM8AgKQQ@hOeoqVSNX?-nMSJmy9x*Qs)?OZEBQf^YB4x3_|! zZ=iO60kSJHjnPQJz8Y3f2t)A=fajs{)AkwlW(CPvW6>Yna%vPbDw;7{y5|E7KJZ*UGDRgr zf4w}tUGXd`sucr%n`SLajm>J?#o+9>o5P6{JdR&jDEl9zt*n-iglsua4hjHTvE0cbXn~Nfx{m((R&m&@BHlXrq^?U>2y? zgvm70k4E-9^!dJ_U%y#S(wbPZ<9&R`y;nzi|Lr!%vUouD*`w?x?-7+8Kcto%BT$ln z>RP4et$$L5CGlBbEMHWoUQILo$Odv2JH60v+X-s>iP3vXQ2Aj z2rYD+PDa!kmGm_?l1=c{)|x^3n;k;CyiQ#8=I`%z-k^*MGhHhf_DmN#SmocTgf5%x zzUOviahad0j_bfiPos3d+cPXLDgQ_^xxoleX$K5r9N}=?E+VB#8sB4 zDq41{Qj3sHo+WNZfQJWyh2=Y%JOh^3%};6Rf$3Z6Q%mhuLDi>Co>ZsamUm@3gSROT8eoZT(=2_pg|5-9MV>!INMOO=s6 zc zry{{9Gc})tPT(rEdK4OzBJQ5g8DZm8QX=-uE(+BXOF7CkaJ*AG@z99()a#r6FD(coHx&&Q@iE z!^mrLNz)~+?dVq#7EF-BqS*!s3SU`st6AgPZcC-NT5BR!;1-8fD2x3`d@QpYU#Cxe zd`4-#5jcVnrXN8%J)k(v{6TEMxYPn|WXi@8bXNRwa7ppB#U)%9m?{#`uw^|h=7<-sS-{$}| zp!)0xsYi{dAi|H^b*2NOubcTpv(^l78@R|+uO96twc4-Wc8OUc;xMTg48ho~40F?^?7Ru4e%A>N?FTf6 zhHp8c_44k6uNgOv*C4FOVv5j&6Uax1N`)jqrx(m<0^q}A&S(?lqb;l?zgkp&J*DHF zYyt;Qb1%M>Babv!K?+Y-UNp-1Al~R#$H$18P>DXbeJtH~CF*Osm@xh8w6U4DTi)8t zdVS$ucXesQndIcD`BT7MW4Pm9jf*+iQ1>+D+yH*ZN{m(Q(c#)NX8F)N{NLn=9%2s2 zK*I*7`eybJ!Xi>lTvZ@6N(7XnLNNCDR?p`eY^QogZi`jfJfA8CKQ*0=K7@!GKMFJbmiSir&tPbZ z)_z^4Ro2AmW}DCM$$HC*XMH3tlZ^l`d$GhRkK%JBT}#j004g-cY}60p}iaTE827!L&QDJgfD-UzkFk(`^!)_}tnueX69W7@XiL zL}&mB$6iS@0mRBFc3vYR@k3P3BD2$P88XroahjG8RGfAcT_rPZCs3R(&I%S z^v`la_znA=Tv{VtB#4JVl2rXSvX2^{`}cCtu!l(QJLUK|f9~_sp)BrFV-lC*lpP`-h(vhy7I<06N9w?%f}acVDrzKht2} zjEKODe$-^gfC)a3g|4=FJ{z602|PTXcE3E^ymcPq-TL;5uoP^q8CBEn{q~BU0rDH& z+QEs(*!{?MevcpkQ6rE}G5=I*9ZYBsV2KaqW#e~s()!U(>2?vO@>sB%P-u2K^2sfM z5#jhUx#Vzc)Q?opKksHWW`>c;`2EpKW-ZAuLdOTpG6>r2HZkG^>XZ;=KWIY7rrz0* zU~c%0V5V6lboJ_*E+jQ+M1R+#;9<;_E-Ne!ySl(ZCoV`#EGY&?lSvW~f?`UF7lSPS z0yJ{mmPsgjV(0i!!ozinr8`}f&cMr%O+^ru+smT^O2^TH+=z9y>!aC-G%sm(sM9xKJ0i^U~^pd-hZY8=s3_OF+ySWam|S;uz|bbIfjDZp@DAkg6s=6!zTK?}~f* zYsjfd|C~CJRI*lARVUEQ+{m~J6R$Gv(Q$acq}qY`sQBuiIo~RO6y-_(1xWwKmPPvU z%l~&>%ba&QGjl%}&(29GvQWE|v5N6k?O$`9xe^y8TY?Nk6Y_X&E z&_km_Zq~^spZQp@OHpJnjI>42$ju^$$>$jYnG48UqrR1ZB5?o+eXwAAn<$iFahU%H zi^m7apZ&R-wN2iO1#tCbX=&Qd!U>AJ^y!sDZk@-U49dnj;&*VwBA-4>vu=W%IoGORl*`EK-x8O1a{qmQIPS10F7e)iPSndA-;~;`Y(cE@bbUkT>hVR zkl$SCzo}bTMxM6Gn*F(I*7$Fy(ENI`rk)!%;_Xv}LpgP`UvZPx^!Fsn5*`}RzUi__ z*W$3BA(GPoqUwlnbE~2EEseWfd#6u*U{v~vQ}I4d*XoU}iutRN8MKvm zxY7J@ObHmNacpJ2HFmp0#(WM3Da*k zo^YU<)b`iGYSxCloLb8Jxy&~hcY*1XoS~i8NF_%CeCP7oO+Y1amEO~OD5HWZ*QG8dW1rm}d*gQ6 zc!2@CaaI=!IdvW3B0w>v>Zc9?G^rebkohVsvZ`j{gPNiQwM4>)6Q#ZZFHCKf=7jNf z39WGHqT^M4h}`gDJuDUGZ`<$jYRXKsG(f<$*6P55Dt$)wxkWD3%-S@hJ)%fjFTCb~ zUUye#VCzl-c-J$qGtr_=J+nn7N{wLLPxlu6*#bA=Vcf^K`~LkF~3mI=Q`5%eXIN= zlf!2aAs91}foicleF#qpE(>G!B*eE+XDlkGk01aY1JT6$azl|7hc^c12XvqJv70{( z&vfTu;!5T%5)Ye1)kbFCVr;}U;5VYF5rgJFb z9T+Q{;F;2F{oxdq9Lk?30_nuuGfNg>vIvC>>Oz}nzgNKT$>BI--IIx_3Ffp`#MnCTSW3HI{jgg_e2s!;=vz>RsUQnA zUi$v31Yj8Z9$@-0&O1;0I-Ny!z;-#CrjpgWnG^;C1O2i3NT)gdEk9~nP%aiK z_x`BPqch`x0r(XW`o%OXa@Wsy`_7u*sr}k*Gk>=?SBn${q>fsE=?o+R&gs*WlM_0_ zAtf!wdK}!h++t>yju`rrlIUpJ$TJgXD~D>PbjAde-;;J7jP3jJD=oaxC_e;z7Nz>U z!YW;`cJt~j`T33e?STkVB^eL~1AqV@ROeO=2F5jxO`LeP zo(FkrHBG&2QgSKxbwP%ae^D~s1%Jx|$q@|XCl~B1;*FYDq==iT%5)?KwsjrW`mwtW zDju68N77ILj~vBlbrgSCmddH(Hlq&jAz-X+^T(p6-IL+x@**|rXZ>QOtwv74Kwn#F|#BCa~%Z{Bg_Nj^Ncf#cgy&adIbj zhfj-@x)9~q&LemBcLciUYQ3Y7B7Tm?{)vXtlorpXDCG^89~R%{deN|VD^9?HPK3Lt z+&^#S#WnTEUZd4|DcqX{TVg2FL1;k~xN*F=+Bj;E4Iw#CH0R?wvfAXqEX+Pxq(mkg zP?8hOZCpSU_=3C)*Q-P6Opd}CkJ!;OAGnS3{MkfMN>pOb9C5n4 zXg7O`m|y}c+S%l?HEY@t|J%$4)u77P*@FjJN=CxjJIEoCqDE2=oc==tG?)PQ5Gmu| zmY1MfTK~1Ew6cYzDG`;QL>@#wqq@S^rbD@=fg-$4zlu5pd9mP{jO>rhiSQfGO*mLfMcz+N9$Ih_g4h@&7G?>^d~cZT<-lAIp!MG z-7(tm%`}1nhB)}Hh|+jea)|~^TxH*ZFuWxG<^Vv9nvrBKwrk^bR#&gnb|vilj&|T8 z(!g^Lyuk`%F(fLC5zk;5mrW$hlMo@(-K^^4=tXWw!*jw^3IoBw}d0*SO5HAOMeve}q_AL~t* zmf+eCgitNnTNejJ{c%jRc!g}I?KATvlAGLg$(o7=@6wgo@A1Mq11!Wd!#*$~^ztrN zur8eAm5lt6mL?}LemLcHWz?HCkbBJNnL)P0LC9yw+>%Xn(DFe&@lu1^HQlg_;&pe! zkJhr=Z{j1y)?^iMz&Q;9!3zH}8xR5>%AE>WQjWpR8ByYX&T2o0TvGp1URHuzFBJIR z&v9M(@P3$9GL=={9j`sNMCE}W=vK9_y(?ooDSBc+Czl9i8Ijj5iBy3A<$kr-;7bjE z-^>Mu&M=J*+LBUJf#d#y#(>o6>*Y&p_<;w)1g$Q<%^j$?UNVo@(R&tE2=9o|@4;+%IeD1psxh_W^H+a>)(JbQnK96%;`>4^bbi zqjZWit({w}O8C6T)GNhFbgGGr=*CfCmlagtBjrO>jtvqJY<%XOSg&n#wL(Eey za<(Dr3}_rB)K@@FE-tQ0w($9qQA~+xkH3#>qs!1rK}LqZV1YxAO`-(t=fIVAkz8=o zj#E5NNu2B|{@P>)6)3ThG)aBXf9&&8ikg0MVnuhLj8B-}VYxz1dpJ+e!i>L|1qj^6 zt*<_-E@z-<&#Kj4Sc+u3 z_cjYO8RGcO`*q~yvnK~u(A5rE2+qV@vS3Jm{W>r(8J5?P_~(wMDbDvUc0Ak?LjJgn zQs3oWz*-wLd{If)Op~>b-6vOx@<{+?$)m0fp=d12)Xn`dy^(Z&1zGi*vNLlA$`w24 zlleHfd{W81BFT9b>nA9y`fC-!M|s45{F=s@Pdga{#0FSE(+n9~`q>>6AXKgkw64?QUI2Nk|LQMGvE@txcWILbkrM6+8@5|Bgjh^TZvPjPXlm)glE-GA0Psw+9Rwq-?S<|9vFHW#O<`2#W9vid=$U&~W|^i6o*uQ~TX$q*#8C-PXy3zTf{tX&_X`U$cI!Kn zv9a3rVEJ}ZZOEV~Vo(GG@*pId=e&L59%A^a!<$voekI3at7S*1nc*6&_)$pFijWbs zwEJj&SNisn)juQoeil;xv6cT4pN0AhKwhY5?r$x%6_=ConNRxaaR@Je8cw&9x!9;E z0ww~Bzdn|ZoL5(d8K#yLL+~#Ah}c2T53$dsZ4ylov!4lN?@BRMg)N{ysESL$`eMz) z35@vt&gmqk9Ni2t(LpWpH%T4k*?om`F}$~UF>wVIqSAtA4ocifxQmg4!|H0~0>qkO zE+Bvc5deM-|23c0-RuK&dC@9A&q|0dW*vu&0a>djRb2Rk#Jh3-6kzuC9lSx zObE+hR z7>Aq8OYPE$K#2S%?5Ra#YmtG}RSo}SJ04sTpDm?ZMJs6EgnR%8sqknF;agdyLq2C& z(@m86`dAYh191&9JrxKNYk*&!P%&SvTmW@uEdt*%B)a-00Mk`RtWqBpE*k6ZLTcXe#oA3uscp!{=;?QXy)?uI;r!7sOc@KJ zml>vi4j>M*ueENyBW)MOOP*_zpQfufn$U8_oucCv_c_7=_ol;o3ll#M%Dq}&%^Eo0 zCpn#2oI0%OCwi5A5q6z)%QP_$s&)-QULlUOc)m~`lrJXuS6Eh4dAVVj@w{_nc3EI-Hn#=IMk z)^1YTR=2(jnyL9vBYN*8uTUY*$yC*W;HSI@4-b8h7Z;(???Dv6zO{>rkq0l1Ut`t+ zO&a1XCArG4Q8%fgnw(Ts(P&ax5R3+*`-Tc$xJ9r>Alq`DbiWdBJ^uUltDd#=n<;Ye z)|P3iQDYLfqtl%PPW*q)4F8C%k~UVPnj7mvz&GN6$<*TD;D8d@KD&(L|CzjesW$iv zs{jA~PB5%xt6{Y9b@TtdE`DY^%Wq%)RGj{-yr= zAOAT2WryyQu?fFAM8l|(n3_|^yBPKbt*$hEvq9;{*!S58f@_13X4MYq4~I;kwkjhvqFaS1t)Dw0wz}wdiVRDvWd8I`?_+x{$zt#m{*RH3o{Y>3H z^wISu&D9*+fcLKq1HFkT!FMC}Nvja~Fui4qHJkjY3E!=~=GCcF&BiQQb}9a92ul}j zhp!{!+WZu+@Wtd~Ns3njaR~%dh%P~7VL@Ca zBHyMQTg9Y5E8Z#IbB}Bl1qM@Qqat`!At_@dih}|8u0A5XX9{kh_MC zYL!HwK~d98YUHeDK#p-;Y3R;=VJj5}j>jAc7<;>S2k+z0=zsFegV$GGgTOBAPKK@+q(EIaIFMxcM!x7|JNyf!n)htF-&8@PMFL~{ z9qYWY5vJ$Vn%p$9i#Iv2Rq?ru8V_R>XEC79(B?gXhaFHMH`$NrG#TEiM=mG!j|9e% z3?`jZ8-qx#C5L_fwCDEt6whNtyar~1C^Cq*@gz62piOMQv+i?+kx%*QU2j>KKe!&< zMin$-B7BlGwj3o&#}_Y@!4^OZ3BIR^E^z2PyCt2UVtx0upjeVQqCL^aMDA`ytO<82 z71W7Vj)v|A)|-|b1RJ*4Agf2CqcOkS85UHUkN(og02_$qB=^(v|iiS>*PQZksp@k5Nf=EX}=}kIP z6$BIz6tQ7@Cuhz%Gw*!sd}qyk-ZFOr*s=IE*QE!YHMHLS#1RE9&Ct#R7;%_qvS+2AIr=cb~aj-H~E)ffx7H*JuLJj zE3mFQGn+%Q=|$}kA?7`nWgZ^~3`7`OOmq~-iuZP!@dl5e+&T!Pp{j&QnSghgx7>)pOJ{$a5dr#p=0LOq1 z!t4*gJWW=hmod_`N+Sq4IBItPXMT%{`8wYp09rU3;nq9Ruf!@{L@HF6!o@^)8M3GN zh^cUZA@@O7Kk5s!e%Zx$wJ!~Vs9GgyYp9s%JSdR6$s9j#ahdzFRSsYDvyyTl%YSYW z|3_Qtd=vAd-iVmGayhRbq^r)nSz`TzD!&#?u7sKCgqDf5O3yiXC_=*+Km$vLySvqY zG64MLME`7;{gdP3Uqf&ME)sDiBae3u8YcdCx5fXxB!4wk|3BU(pF@ZFlz`8Ip$VlK zF%ohTp1qn^$Cu>k@(`t$mzsws0{V2V7|>80{ri~9cIR(|UwR(^30LK9LmpbsUr{@^ z`cBoKx$#Q*j<@sJwZOSv-?9Ed_;&8O>s5=eB8&GrgyfY7f|hE$u^Ylb@9p2dmj92J z{{O(LfcV76m>*Z(fcjqVB{yGazfSt$D}SwM^dXw}=@SQ&MpDd=7jBl@YqU)n))?f21wqgq2aCsOp6))7UX`&8; zqSBZg;T}cGh?@A~O15UJXu!|cC+PqXR(HX# zBdz_78CWIEHduk){Zi3VY(^1rV#?z64=(=ADa&CTB*Mfs51||&#beo&igkB{|0GM8 zV0Cdz2kNQdSu4nSQbtVnfmnRz@_CQt>4@B7J^tdMKEdb(|5hPF9{ z9hJC|tum&o)pMO&v8oZW{o4EF^qf!nu%c-GGyWK++&htB8u|hTbyMo@5m|>!kIpx~ z2aDVsest>i_IhcRoODi**P65WfSGPUj_U=9c9;GJZ*dxouyH8O%zh$keu7huo6Iro zI4V|lMkcZ%yS{R}Y8u^@g!gbstj3E2xJ?QeLQoU{0Hm769bbQ0gK^JAe8XZaVS6B* zXe{!ytKGvBW1=~fUgt#f8j0^qVcC8`uXlsWJ?yHl9)71izw zUS~sV7Ms-;xGK*i!0K|8S^0#qGAOSIiBp{zRU%7MAtiEX|C^NpsC7i}*$!UJt$S<) zu10%T3`hFx5ZN2&oaj2XdhrAq7@dz=g18Md-jjR*bE|ri?YX?&K4k6WlcEN`$+Y~? zPiJ|I9#3`Cj!m`EiW7a&V$A;nGBS}ET!Oj0?g)l%nsa$(kFHHgG5joI*{qD;A5QcNp6X3+h(0Z;(znr+fNyu!1L(Pz^_7h- z#VOuYh+wKjj4sDk6|P>epKIUV6m-k4Hn-4C$#*KuL}c-8kzeO1FcLBR^tNbcKTj&I zcNrBl*B2HlJsb{Ec_mTH>j)>0oAdyHcG3^s?-}qwjW3exa+Q??;PH|dRM_f`R42P| zSqQ#^u*VU|&d5!k`8#7L*9}kPkBZ30`qy1h|E|`&+A}bJ_QG4HJ3bG+(GHYM&YO>}-ad@Z7Y8#Xw zQlcC?$3W1%CvO9#g?|@ri7U5=3}$eiVkQI@LCe1hS90?qAc$v8`wTNa#81Wx#m zx0L*v90}{s`Bi#P`-)oBl=LdO_RGfultI6h)w@^mQ`*pNK zuJ82gK4{BAz(x7PsJi*amgxXvt6qZK$FbaWJCGS#ion#tW`FT-g3o{bckcgd$N!iN z{xePFPyFkj)N+4$Z>+Al5r8D6!euUg5N~yKY8N>9^!3h?Ag+?hj&_s7h92W4q|V!tl#s`s2Rt-?=OQ24MO7U@l~(%H5O2;{4+VpGJ!|Fq3(x zdU`E6>YWu%0e;UB=O>zaSQF^jS<^09XQzcdi$IJ$pO%Sqc)v8`Qrt>Q_s{b2fyf*c z&RG(iZlKr24$x5Z>wRfYLaP;-PHLmuXdzT~PXZg{JSuo$O!Nx&TCo#(F7o@YyA7)t z><60sxwp+l`znvK{j1uMkw5*3_Zltlh~YEfyn~6BH?hwq^KNk#A?w?4uQ2TcDb~8CZV}GlN zdzabdf$SUwFpnd=xZz3BjN6Ngn5?c|cMi!b;TJj#rF>|55SGhR-_cf)yn0D1Ilvx9 zzceBsJn&(P+O1H*C8JlaS(xzkykMb>=-UErQg)>1&8y`GD|_-Ml)52Q1!yJpgn_v` zU~R{?SUas)TY9rakgF(hu>O*Zb%W7}j?WH>J3ZJ1l2dNRmR|{>>Zql6`0(;T4YaRN zZ%VagH=Vq6N9EjI8Dh+b7(M&ZsIj?`aS7#G)6t6VDKyLe9BRTu9TKH2Y)((G^fU_; z*;j;k-)7j;>MDJ5etNdU`OGarqNZyqmZe%+oVcY1KyOiLUaBxAkS?wxc(*QaB5Kh7 z^Q)2m;*0CPr)9V7Gt#T-pQ4 zri_$fq0k%r#oK_A4uA4yy*9X|teVhvgQUeZpi*{!>3GAszq#7cdCFrW7&|u(4pPC0 zwkyF$A3O2xYfK`>`#m5JP7Q4{B)FaP<8Bt9+2>x_&IpNJF@3Z@ytUE|iiC^QT4V;3@Do=KW=t>R4U$Z4)oFJm;m{NW!>z(b} zE!39NsVV_2RVrN>R|TZ}vYZVw`L(Y1G_(6h{>s{0iDA9d=Sv?F))6;vPVe169YfSy zu=M zn~M9@5jlZD@Ke>EzAsw>7B_-jwNcd5TypZoiSo4`I6|-31DsuPnEe{Wjcm6ie>KSy znE0+_Q6ab_Q)R}bWZR-muiDE3>ym>gMWN8@;yjZ;Ch-{Pd2+Z zW1g1+=K29=FhHZQ+c)kh1^@bOy1I%HL&B_o;5p>P(#LRF*`*OLBWH$8_?^K&>;{xq zNhL(rN*W;Y5wz+j83c#I_8z2wehA^mpx`_WmEh_+Vt;>O81|*1xfW#VX_*}>vLC}S zjb16g+%2)iwF#EsWRSM4GV}OWKKT5gxQKaAEM2jx{UrZaiurOA(t6))gq9aH6I|;- zh2e)t=0spt4M7!DF?x=)rGxADA85@zn9WPq&9R5()))*aLb+$m1<^8t1;9u{m?

zB?kc7)XAFRM?eWR2+8YNB|ZMW;bxkC!;u)*G@Yx|iU$oD@m4TO{PQv#VAX={*g*7_ zUbkba#!01)Zt>&?b;_seHM=w%Lax~=omFSib-?VXEJ9>aYS(b-G(EQWTWLWc%5)XW zMm}pE^eDhBJ8cX|S}ys(D^62m50D?j0;~C%Pz}L(63S7kI239J-PxJ$8o}zd;t=<^ zwkE#y#a*+)PN6_C{lMY`DO&xia;jqFkT*xolmN&4#cobUr}>{o9(R-_^krwu1pIzM z9}X&o3{}hfT0)fMivl@udJf@odN^709$D!z#%2nLT_5JD)fcUhmJkHDcw=L-=R1)T zFfX?|!6&2faaCkQvE18PK#qwIwU>hME=wQ9^pw356;Y{(= zcOxc;J5T&$_Fq!=%NmN_N(OLc{hQeOPX>Q}Y18Th7VTf;b~nbY`ylksXdg|ggEL*_ z$#h}Gt$jwir*|IBD9nmF@;7Xrek5*_Bkc7qj_0a|DmccRf!;{rCi?cLpQ%Xf=_8DV z2bFaD^9j?Izfwys2?dEh33wMcw6$VTCCX>2?w++-X-Qp--= zGN)R)$I^qS#Rxd=G2UZ;f5AwG0E z+_b#O$fJ@$7A?nbwRI$%s%C})v$OAKrzJ4Fae-XCV>kNvqgz?UuG^G{pLTH!wC`4H#cg&Pa61h+qzSP>^LL5u;*Bl%K6(ckZxY z5V!Va+5AcGmVh-}Fpi4Rs$pDv^hhK)2L0|%gfnHis@v|`UJ#eI_)Eu3?;4lY>wVv! zfTH`q`%{XprhCNpnMP=6^dTa$^DmTr3$d8IPU)M&Vk5My!b)C)!QvBi>bY#|2Ps2K z7v8wf5kFSC4z73l8Z1wrc@VSx_WKcQh*F1W$llA5`vb(m)bo-!Dru4IXQ?xB=>Z@UH z;FljsT~mzeYtTHM#(pJ3N#8;Rw#nm*^}0_~mv7WNaf4Qy)9`8jd1*vbmqWE1>&YwR z?%M?-aPHxcKP+t<^q_d$&!;$m#JNVvtSTmKDo^;q=@(=7VlHKR1q-%n#J+K37k1Xb zvK;cf&I!mf4Xv4;>3}JFTa_nx3i$yIjDx#*dLPw`M08$@s*k$tW_e*mEa>j60!D=U zDm5W*KrKrVbU@%e!3!ZXnU_-u6vj_(P?>KFY^(D@TZ|Dai*hADu6WEiPi6)r@fhi} zs*ht}d$rU2%z{&8mO+)$tZtS@eo`Syk5Br_s)(gs@)D#u-;sMGcC8~_S*l=BT#d!l zgrW1z{ucYxkoZ!$Jcy5a1G+Sw&Y7@By;L3sfXE2oL@^6B>g?Gg9h`8k`s? zhH8n#@^T!>c%KhYpgD9wA1ZD548TluL7cu-j2{&Gl(l{9r<6@~(Doky`>xVkwQ)BE z*Bf40>Sxgqy&Yyn5M~^=#BQp~8TN6^U~6uJz$>Q2 zvw0(qyR<%Vi=t>~)Oc-v)#p*`n7RUHIY(nl&zz%)%phf3$(7W5GHCAQe@`l?U+hAy z&~wNxg1TyiFFv|Zh7o+l0H9PcawkAU=K=`ghY=rg*4_~~=5JnGBz0m-BQ)O~*^@3k zZQxK17|dTeYGWj@-4-mjOU!%~E{;G{^V)xT$x%MaQq0+ukGHD!iGC9bpHaa@P^mPs zsAeThJfAoKrHG38r;fh-SYTDfdan0FcbGvLTV=GJj2WE+f~V}X;$0n^0yZ?q1pNA$ z@4}+jEG8PQU{s?zPade{86{`mUIh8}BcJdaSMHoXWxUMMVY=!l-pO~?=M6>IDP|Pf z@$?j@9e~JwcGZ$;vgc-X6_bY2hk?834qsn4*Tb47QV2_p=e?eS?}%IcTiz%%O0OR> zPC$+f!&b~$BnNZmt9!8BV~vDUagzU16`uy;N5;XAJai2A)4e=t@ZEU z!We^`TjejA{M08O0R1TS`_rx43c{aRnKkm+-w23{XAa#{J7?>?5)qC-0MuGzIP4sP zP2~>0$~HT(e2w&;p3O&PX$+sjcm%C`rMnY`$ z3^O}S4~)OFi*z|#;%-sP%xa%I{{FMM7xf!@U~)Z?)zbyVt1UNH_epCO3{F;DVG7i& zwP00Z6E*;Fa;3)u%nG5`Pu zi*m9UKaoD{rtQ8ZLMC*5WTFFIgsziV(}`?}h!a0QV^Nkysm1771c1rdtxu4tk2hR| zQ5syn$Z`OKO~6)u_BqMkJ;)Y)@e}}AZMSv@PU@yhU=aWei0fvr&uh&!duk)Tn*z$vzNT$sCh<RTcwTt3Wt4r_g_ucF1l7jb?JSKxkkd8YF6l7I>!tM+y#kFy7`JBtD_9f zkHZf1x1SDN3Q&x-S&OuGPCmA7Hm;Uydsdd{|4Hht*dxaSmB!mIIEwZopZc6*Sulwz z8P*Z>HQ%=A(dI``+w?N$)l;AX3J8PO)U5dCA4V^V{L4vT6ZKqme!ACAlK~e?_t3Hb z!mw*+tc2<1`^=9&3bjF=DGdp!<^k=>eO#4}wqApTxd~DHN7Vye0omtmiDg|?JW!42 z5hEWeLPyP=)p^03)ks#cmERfoq#-Rx)?Db;a#9h+woSkV$DRzb7QM3y^a3`qB%~a((g77Z)qM*&QudmL7^6z_Xq^QZs zqM}4#^ZH)xNs)?d1=ulw5koRcQw^&!2_qEq$!T=Q0k9w2ifmD$u3~oC^PT4 z(T7!BuA`YsCx%9y3_Zcg0Q{Wt`hU3i`}e~oAhn(qJkpA8Zy&$98o1QmUJ?8ilvx5- zV)iC6h9bjOaP?(rbG)VJLX;!&7#Mnm0co^yN6@e<*vV0G`Z+uTy8n0z(>OsC zP%&bYPw;23u~+?=FFi(?5#I((-q0w~Ub0i0@5BUKy!~2O+|K%L(^g4{1GauR7Gp^( zri_rixy#1lUggqrdo6f_0ibQ7lSASeP@!uw9(?O%nA%Jzhl`!B-)C|?tZ%m+mF&9P zaxT^CVw)nyip`UM86yB-Xw84sY5rckTSO%8;J#pM`?Hcl+%XHa1#``Hr`Ss$!vU-OHXi z9;(J<4qk5#efPd0TphU-AYPsetl>r+yE6m13|@DlCCreTRZuwWKN=NI{;~KktF~J6 literal 95620 zcmd43cT`hdn>QRO0wMwef>ad{k)~9oMMU}y5l}jbN)0X2TOf)8(gg$rgebiuU23F@ z2uPP8CG-|ZC?P;d-gwW<^M2nv&-&KPtoh^HVdw0%&e=QrI_E0Cs~jl5DDwa|eQiB$ zz?m}ufG+g|pkM&8S^-c;0Km`?a1#IkFaqe$Tm;ZkM`x%Xz!_cu{oi8%K>rNiKgK3! zZv6W-Gyp&(6hQay*H}@He;Re=KePY+Nc-{3|6TDT&3{}?)BKV4A7jNo(05w1_w@|v{;W=Ie~(4~9ex^k*3una(j&FQ{V!(43*ArJxy&niUF?SV zO?d@Hr8{?(H6Lhc>*(s~n?8DMW^Q3=WoPf;=;RD_@%Hic^A89Ndi6RyBJxdCbW-xW zl+?8M=@~h>dHDr}Ma3o6HMMp14PP3YIy$?$dwRe1eIFSe8=si`HHF43EG{jttgfwZ z;CJ`-4+w|EqvJnxQSax!kwyLfH_HAKUF=l4Xz1u@=@|adb%w_O58>=|^jB}6y{KW# z@YIvzn(RwP&ijdVWfG(ZzT z^LL}Ap*|&ATI!Rcqc(a5`ag|T&g`0wr9-;McCWBEs;P!~BvU4uILEcK6tiGk@K z=l;tB$_$k)B`IjYdD=5nW};;W00F0@oah^X|5+z>w4Rp2{d3@E_@StAU*-fl+g|~N z2Dm(bwA<&kLUUXk5-l81*-`RaK-=2=p>ke2`?OXAU6NBec&G;9zcG_!-ArgU=k+ja zFiRUC>q*qlX81#aqiBh}+%7~dsuy<^#M=3tRKK#Bn}Gt&GQkZsR=x*@%SJ9PvetTvt(UNb zok~#pF;pwmmxv@}5|=S7px!iQcMOEfxs9=5bborPwwZ6!6t)ltUKyEXxubvB!0ab= zamfb!endvf>dwo(%LG5(gdS83FLJ99pVmEEo*J_VIy1FdKhf|Lt0pv3lg`Ep*$;=i)mZ(q2<8u0|gU6&Sbom4hVqDy>iRLY19^6tfBq ziUMdK;?-MWcBNCApQc=_YS8PGR=(q#y=u|m`{#1+MQ6O8oOo-%p&G_z&kh6@k|*Z) zR6&>{l0&{VQPXe)z0+|l5(IxcYrEl!SZF=hYaG8W;BhTpSF!@8;oOoB#V)3_e2WbX zxmjp9U=UE7vFFj}H@?1EI%*=0c98{XXM*}%=4L8M0<5F@67!JPsM>}E1)*^A#WA>p zckYHVA)f+Z+{?%UjK`w~8nY$Vm zL4@^>D>MO(*D8NNSVN~M03KECCQuq?hR+ZrRQ?Iq-IEXVbieQx=4)-M3~ZqFUvY`4 zUbktjo~lH1S}TrTGk`!z9K^^n;!YN}Du}wKo`cf%vLNS-KT}-Q7=sw)+^HiWK}*T+3SV%N2qbc`5ZcjHj*V zN2w!sf76?Y6p>$L{K7+K@+Sva`{iTkD$IB$Z>a^v4V#2WAU}nQ6IF1@z2`;ng<&mf z71cv9FFunItVcqYa~%JLzpCo3L>wQ8Z5Lm8u3KSlOytH*T2lb8U8st>et2Jo*(DVn zNl=V&b$~q$^v`?hX140ytj`Tfq1ECydB8O$5n)`9x)XZc8F7i^je%WqR-#>SSV2h& zUi*SC&z=FRT{Y={9A+rsbMKS;@49M7p8aa9s-P2kd{x307PCTZ&+lL0kxE+-&Fa*t z1mVz9=Y}2`1S8q|D>tqyPPDvlsqvUVJrO@G(kh*9+1b-&F3k-zQrv_>2HZ$9lg%^J z;89U$J;I?cR-$kh;#%zwyq`9&^mT09HzZJ9fN1OsWYh9JTN%_O`nGZGTHD=5gW?A& ztCmBuQOpd$V1;346icW8(Yt*FuJTh=CUcfC*)+u4<5j^-c)B(wi@7end~p5S8i1Yhi|~QZ&jW5cOn)F0 zl`8PuRS3Seu9@v3j^3JQ*qS?0la6l_fJA`VY{eDMluAXfnO*w@3I8Px|8!wU#i<{~ zS5IoaQ-+`q?VqDnrC+oKEu4Khe|lM=dHRh*O{2Tw54}8%vq)H>RKKUf`lkUu#u9ZDs9V zC#T~rpCJ0}`}B;~`yT8!kwO zHV#++Ho-C91bSlV@n(kv?;3{2u2M7}?=u58)f(biwyiOm5w){Bi1Ua#~Uc zVP0z!BZgA|OpY;yppuGL<(5$PP1onZ&+?rf4aI_yoEabdj0c9-Er5dP2#9?H=4(4@Vjn=uprs?KqGyfL8*F~lKEX39_prM<54p+8E ze6H4=om;f-=Y~e?#EtgxkMy2=FtU2~HCESP)l-Dzd-C9qy>sftYW7(1gB4hK!MuNsO@*QN31Gn+8ch{a6^m?4@u`Vv2KVN+`fR- zA35xvh|19_j#(pVDMjSs>5F4$cBVr+x5Bh%yy$zUI%+9^mh?Mta=3smvS%P63y}ei$sV% zI+Oo!=FVMV`b=O3kf(Mio|iR3Fhu%r!M3No(q)cKx;(F@adI{Kdoc6S72H9YqSYg* z8+uZi1NA3{UA*wm%FoQGN`r$7tKIGQ+=l z*UwOWV{ihfzgGDT$l^)?)OqAC>|B^7)h z2`^tcFV<-XgSAzQ#aPDl$8E^dXjt17!;b;UAbf51^|tsCTcs^D@=Z?_>$F%fY`;Ew z65J3^9`B0g4KNALl=q)@+n~+aS2mLU0GT5B)=j4AOwCvur0bh4kqZZ4~?}r0sl+=3}yI_kv=lD!G#odq0n;Oq5OEo$^~cnR)%);q)hE)yA*4Xj~ z3yX-+D#f<)rPCU6-%`ys)BRJ}UwrAer`>3h_zJ{igbE;jLKYav{0MFeV0R^f=!lGj z>~j-eQUH-c-4p<+@gplDr-hb$xezmXN>9Fm!1Uq~6o9ld1rPxxQpHXK@kWT~NrF%S z{TYD6#(9;8*f7_{E zE+R{p$oVeuG9Qn_mA9eOA8A@N7b$=QxD#&g>)VYv)~#}17LUWnRimGxS8n_C3v?k- zsmxb>9YjgP_bacVyFK}n=v6>G>T@&OKGK}_QE=P_(T~S>qPu1f6q^ z$(dRIxwg0732L~Mv|c|=%G7zSQ&qmOXFtWx#~u8HrB}tUyI7=&EKoUGQChnBJ)F-r zNN2|yl|3iD>vzP_Bg7MWiz-mnPF*q_Q@DW#FLl)#Fg^-Aq+QXfSzS>TI`M!T z;oWCrO0+N`vU3k2K4 zqz{B^En{FZ0xtA)!SLF+Tdj3uRaF>yWIQIP)1~{8?qYvaN$<dqU@$ zs&36R2v)Lb9;#$*V`CBMo!?s0PWXZ=KVRxA@0}Cl@VK%L&WB+QgD`t|kfi2WggON| zzl=LtdemZX&W?hTHcU|B0Z$nR{g7!_Fd%-@^3bzzuFn(lKsE~^bEg>^8S(T)Jtpu% zGL-+=O(m<#ucGQ~IIZp$7bBpVy`O)5=z_nf0AFOEPG)-Go^8mazn`d#cS>u>PS3|6cokn21ZZ!5U45LreK&7>M<+_*{k(+zgDAS&jL!mM zR823Z&phgS*6*q8gjK^E%{}_LA5*lyMp6oNhdL;hswyc>vKG5QT&MWc>XW`@xZ&S5 z>|SlDVV{Xow|+Bt<^|uYJb*w4KE*x(3+@IaZAsrMMDGoe=@5U-EYkbI63h=&!I~ zPZzV5-@g0!F{=*YZ8mq@U>GMXk{PN$i<+FPj~tw<@yA{+3z(iSd=q*dt`ocNH+z2c zqf)Be^f%wN#hQ^%t=REopf7myJY0Pl{1 zN&@ft&-LR)>)HHFt+VMx)|yLyB~M|)+or`bZ#2XV7?_l^zr%PFx+7ny3gsL6dgiZL zxqoPw@I!};PEU1mfSepFQVF|U_rN?Cbu1R$O3ps{NaH;aAU8kMArz^^U&ssUDmT z|F9DY=A9@jG7ER{EH#{!)hk>&&@#IC`h#fGxf?lkA~$lP0sqlgeGK(CC;(GDeR;d7 zU{+DD``NRMab@LBcMnvSJwk3tFHjZ1zQbWTdKZE}}yNW8EH7cv^AXJILP0 zeXO17EtU1%J;fO1?|DAz!_)d@JrkyeODSkp;ryKFoA+*%xyyAa3)X~`tY?S z=mc=r6?hrAg(T)u0EYew8*OsacBX zE^W&M0LMLn$8hY)U!VmGRn|NTz^<>dGq-O+Kta`5Cfu$$&DxMDowVmH$+e>)dn6%e zRhgZ-VisEp=v>PXS11X|2sIicgo2!w9@$o|WbB!nHSJj!4kO<-6*S`Ah>PtL$M=Yh z7gC_Um~Ytp@x@7prpBM!2T_Zt;BP)B_Mf$_nS?Fv$5xOJbtjbA+ixXlb_8g($r71$ ziME(>AtPd1p;9|V8=I7>c~^#0Oq7zLMK8-V0~7srV;lO2Sz%$ z7Ik7?<@W^{)%zw$-!44Lw)`R+b9gcD+Dtjkw<(y`>01(HAq%z;(w14aDX4^MO2Z5y zONiMroFP>{b3{E4n7)lcK6472LZkS#T#MAI+pl*mNK51-^JJ1dPN*}1&LvbL@~a^G zu&VS>aj(EuhE}Yidr;2=^V_|^8=28{{oxE(>=XNWm*cPT1a@#BIG{nhAdskQ-{Cv+ ze*MH0E3f6XT%x}6@oCDkSTK@pJ^K=I+!ar@Fs)Mnf~u|vJOienW^qQvmKgGJz3GveI%o4_ z`8G^y$G0GR6l;tgaCKhxxboXWG#udI_#{_&XXECwp+2%E7z`SkjYA$)+D650O>Y)r zL`9D*NXp}FtZ<`|YZLIh3sOp5Rt@n8Lb%Od}AB#Pl2JiM6B?RK*;Qs^{D;Q*e;ya% zOccNs1LVp1P2{n6Q^of$b2Nx=7gx!h%B$oL+ojc&Vpl1EL`Oan8wD_8JefcN1QnCT zj>0*O!ByWljkN&((LLLED1f(fF{mv$R&u7KMD;(bt)(T@_AUh=06D!YSII}xB2#Cq z|Jl|-{JsBK{^b8N??Ou%r7Em!pGQz2bSH}aW4}`85X}pecPCvw+kj!G3( z$XO`>qio5dV){E@)N^BM8u$FE7RnL%CY1j)T~!M6MM37`Z(`fDAug_N`;~u1UXyR~ zFBe|l?v1Z>Vf1WTuxkZy3 zl<z6_6ccLXOW@<8E%unO3*dH#IdxSUgL2 zuT!Csx-ZV2PAZnRg@>AJmfR|M=O1>>bCbMzK=eL z4wf=oG)y#6;dAh5t7!?_9&~z}qx7L0;po&5w!vNB6n8!P-s8nYO$qT0MpgEM5_D=| zfpdm$PkEVb`_rdR9EP6W-q$+mZeQtFO}cw7IyXrVaBdK7-6y(~?0)2e9o?FC{P`{; zO?G>3pfqFxH5W3}H^dP-fZ#M)?DA(Lsa^c#k}dy}q_e=xa<_Kiz6`r%!uj$KKg-+l zL(YL?)L=ipB&prkeVs|#hvt1N=sppGYfZLDZ&F=yTku9ISO}M&{Ze$h(p{AB&JM4h z8(1{msmh`K*1$c_M)Lx(&sfkMli_gQdgm#Acg|Wz8OSi7_& zw1RQ}6Z?q|-w*YCNW$Mytec<2t!}ENpmsfA-8(;zTzlF$M?x=z4kBxZI%S(+k!}hh z!aW(iVI(z{nWp3%)(h4#>5^L`_wn}{RxnvKH_W}d02`ohkXq1|DSoI2A|w^67{IaM zJJiDmVGKx`2+_HB;_*RYhqcUG(~D65)>bk@````J1C!2kRpOaY|BG`VD(=xCa}W&( z8K+4*WU&BldCx?KSgGpqwkbRRxR_+fw2X; zBBs3Ol_J_MZ5~5njY$3k(R~-Z zE1bw=u48i9Qjd;JquaKawo|^6leqI0EIiU8jyKuuwHzgB`S_f2bSWy9KcfIV*bS7? zE{Z*RcJX@8qFOTFyw{S9e&&ox#8|ctwr~*QeH(Dn;c#K|jJe)ffJJ(>A|H|y>Q~VT zWw@ipy*qdYz|}*vBWs3AQvjcT0FT{1|Iw1?5#M0lbA-#0RD6)iwX_1<;ep^$ zr%DeuI}sNui3q}4HVYo|6?~SMc%luzi<|2LU07Ea9}&iZ;$@OLt*Tx$NxVp+&B~5BX|*46xRYOUq|0bJGDeLNB>d>Hm_8# z;>yL1i_Kg(bEZQsHp`V-W!-2TPcmrs(@8{hiiP$A_qEAF6aYqsnrhrt5W@A%RS%uA zqo_}dXt0hT#ewJYH;&C39W&x%f?){gbw7~nO+ya5;h!nMEayjqRH$xWHvI5|6W5LA zf&d1Rtp8RG1@Hidp#aDikEwwvVPk64B(l!zY{66AFJby9UQ;lNYwVirD5Lh6*hjoNX)4OCm}4 z=ov51Pqt3JYM-j$zSW02zw_idkrWETq4YpNB-K%o_LgT zy*KyMO@#7s-_ug5@Nb%-fV zf}5cf+S=j&QNS(yGXP4Zp2_sU!Zibb6Pu8FtLVCnrz0i5Y| za2%4%+3O^5RAjj%-aJhm=bd_>v2#9|YrV;m59 zcgz>(GH)~U87El0_w6ij&28Sk2GQ~(7(YzaKzC0}5yP5)%YgGF8#2yY@hNWt1QW^=`b6~5h58B*dxR8rb`?nzN;Zp-qv41&W`$50%x8Xu!-^C z;=_$60r^O(L}-EGwH*ULTu-J{yXJ7q`*N^tO9=MMVWqA*-)Zr;EAR(6z@Z@R7&Rc= zU){z=ti*9I3PoVA*Nw?vBEA$Q)CiU$7Sv?#(vv^28J0uUK0^y%(z1LPc8az4>NbaM z*)VrbdBEa)_4mGiKOQe>1aYNTz2S;{Ea+1&H(~tYCxRyLZ9h+lN^v zYbka9)d*7}_n(d8#j}BQaOy^j2Y7daeW@Ge`l>PBlJ0I|n+pu~kejVhmxoj1)bp$? z0f_EwIwA}s#Il(hs!oKbqO%h}S^S#qXb_YbdGcOIl}+T0NQ6$@*Qbq_-z{B~SVXbH zfy68fmRV|BYTM_9(K+9 z2to=E(K|QHn*!jX=F;Oq2x95J%bm^0>fgD%MGjvQoa>re>=)6y2~9iG+GX42j)ROt zd;HU9H&^74Elrm!a{IQjn%B>kL2kg4zEi7#8e&AU&U7@QUbEeaY7xk8x7#AICpZ@ zye*iZld-bdsf2V0TY#$XkFM{D9NX{RUg}pU{RYDO4zLnU+mxH8&(`1*dK&zq^96aH z{B#rab=#99G(9jaees-kX1<5v^3n_cP$gmtrjk~n4H@7#R)^KHSPwdzaWTZ&*x@QD zkyiN(ZxxN+vNIOL;4{+m;`5TvTtri3>;a>yHU5M3hB=$6_j>kaO+p;EP9mejyGX4Q z-`&p)Sko))PnexC*Ud9O%ao>-B1XO7r|}ZwZvw ztWNeLnM=v)-N4JQGhb5k8td1P&;RAmP)hMt8uQUd$3yLq%b~nzosT5xv04xt z(PfNow6>D7b-Zpniw0Leyph`P<5rmannB#Jp z;1%kGo$VGmgrIpNr{T6mJ&BTL6NGG&YGPpY-2lz=rO)-TM+WBoPU-bRED7yTOPY8<6@R z_!LMrHe&Y#DF7Q_REuWiFV|z%NRk}v)11wQiJoULta$SxbTV<>Y(zs~d?uyE%-j+G zQHlMmwrfDA9&c^m3N6@^ieH7W)Vjh4dw;+acSa!vAnTienPUs6*jr4C+#iabW&XJj zWADQNFM>X~Sg}UQC=`u?qE9q!^=B6(;$-w6K=YHj7oOMfKUlmS_TYu!kVEj|Dn8{j z{!^|qF2G2|*Hyqo032ASx6K&i;|(1s)S+V!bD+^`OMmk~ETqvpv9vmCVE}YC!)6Q6)qz zp^LfPrGKj)f>z?bl+8C$r*gwxdtpS+-_Fj{E%W~E=ObseE?2l&n&S#Hb>C-DpX`lX^6yZ@9 zLV=`f#F{dj00i~6zTti}=I#?G15W*op0U0&>ihmR!8D;(lkKUb{l#3#beem4F9Mhl zZm6kYcS#vHl3s9$PVwvpI^^SskAU5yB-c2Wg?OT*pP!sw^`(s4D_pyC&u{#=TPP*^ z{csZJhwvUI1Tnc(ph`BdS;)G&b)X%V zW2QdAUA84S?W zS)Jsi`!O$7SMXq_%r*cxh{91Y2)OB97|nS z5V_r4jaLkwS1rSrzM5#beb_l}Xoqkhpp^mvN*egKOk96^>ZRVZN_e?%e2n2q$@Xdt1L|!N->8Sc!)q**Gj*tT)gj3hu zo^mJyifC$<5>f)x81(n!Ahnwsf3ZIpJ)x*tuww0?Z^i0c_&-lwpm&+-Dnr*3P9Qyo*yq6v)tjuP< zoqy34#?Yt4%^-$Dlg&nUMjszmtd8&Y=}DJQ1rZKZVPAt}uza`^gD)fdu*hs0dujpi z@+?TuC46x2^_KOJZx^Py zq{&LUHXQhpRYj>_%kKH0b}h2D_v;#*X?`clUr;g>e2;e>Y0+3jG7_yH4a!V7c9>=AHtp~qvKVFUYDz!3flxPTXuV^?@ zgSRB~0ApqaCgcSS{%Rmr=DH@jUJss9z(Rl7P-}=)g!av9z94?TF@COEcg{TPcQ`Xv zs2ZHSsAg*O)0Z`}{*d>9vg$6HI70C6K?d{DWuSjqt*$g*8p&k>*p^;Xaq_c2g;WBF zN)&)7_hQ58J7%F%O_Bnn!4Z6GqI(%Qg?b$AEnr-1&6eGQZyaW;+%AgKd@lv6(p>28#$S4R03ghGg zVF|q)V4yLvJnSPNY=df^gll={6xlkin$(BgxHzpdem>kNU08Q;crl2crH`HZg-t`WPw>AlH9Fcdc&OT`Q6h=Zl|fO$5KhRK_8hTWlF(rR7pPu(TXkK3cPB$$vQ%iGRq1N`nJ7B?AB};>R)^~jt|&wE+2)k*+qv%64MPpZ zegBG_e>Sw1+(LD8Ump*vDpjlp%@Dq1ON}m#*TxufQ^itE-(6YkcI)&nD|DYfebcvd zfyobIzC5`YPY(Nc&x_@5JNBRruabGt^h z2`4v%E&va14Huo}qn5IuLWGCv{D_UGxu!s9p>7)=)LXw@IH7m$Le^9~*JC&&_mW69 z0AQcp(XzSN+nqok5Ci(z!j}h9J5h>v2l-2 zv-TD?gyNeIO^I zOuyWnJ0Snoa=Y$L%T>`-=Tx2oJGP|zpE7esDF7GbD}*aQ z=v_lkkNefD0lSq?QQ`30rNo?VrBoKdjuo=S;>mVum3&$0_Wk+biFZ(=vfOhn+hz?} z`)1ebbVp(fji+?Xm+gY0kL=nJb-+jkh0$lk;gd^;=f7+g&w>R*ms)FR`U&~8LI-~CWDm51^-zVvbiR`-0xVBRO4k^9q;Qk{Q_g^_8DC2)u<hSnay!oH5B1wbZp!V;FUO~+JzXl%VS0Zv=sM312!Zzc_2Vd9zb2^Hu<_juZ*aQVz8iY@Rcto(rLMtzg@U%wgOd4 zT`ka-5PO%wX=A;PV!K!Xh%;Z5%fHGvCfPW;*(sK)ewTLDa;7=w9ud}y8d(O%o!Kdsn`YE04-3Cxxq z`SycdiFs;xW|`|^qjH(9?s{B%j^BQ0&DS7Ky8>i{ zpCxKKoahpJ@5giyyr5{E*KpC&DJz@6G`7y*;yGdjU-5nY?ZO}NJ-^+b7{gmWn*6Xn zAhRugcqR2c|8>v&j)^hx9dsyzG@#eG(GZ`#?=En0#c8R6As{s>82-kU6YsROa8z&B0T~@cO)Ds*&+kk)5L4{TmlWshX5P@FL(0=s5hGj(F z6BYEPs_4O)$M*ndUI5krm1nCTj{{v;o~|a^5beHN>DJ$83W$7jpr(mEpBH;0?c@?* z+Q_=!wsYBvR4Lmv-1V%)ymRys<~lms-x%cJ--;>~DqQ{*RC}v-ZL%0E#+jUK<`uHl z95xj?#+%cpvPrFiZug~^ibyUd#y(gIdt3pmm50dR_`c1iZGow;l(6ZE!SxcNapX@W z8$ssrZ9VbgXQ z=}geKePJ`t*iYQ{hkKiqKZu%;pFrr<6TN^-ms@=2{l+rClI2~4!*OOg_4w(ET+B;V zuX}K#A(14N`*v^tis8*I6^YPtZteW%F!jI4Cwa?J3wZfYi&1Nz{>~<`KB53tsuPGh zKo{8YjlZ)=uf~B#W&bX;|2gt~lWG-nPCxk!30ba_)yGIO3o=YI&d0H%bIut8gOQ#N zB^qkcQyu-@MT*;)GKa-{MUDJ=S}bgGe;2r>QbFRBD|9IIC)l5#k4Sgj{1( zK(Nm^t6v(gd*5OjU+5ptSxGoR=b5qmyWmNT=_4a#w`zD z9P*hYnES1$V3@zf)yTe|N{pYV{M96G68-x3q+^@W5Dq>x&^Pz-QJSh9_i*8!US+p@ zOXK4vVWE$g_5~!+61`N|TTC9sF=O(F2u=jC%=uG#s>`Ri zb#h^ok#&lIHEaX@?&iy-T0wGj{!62YN*Ta7M<$H42DM9mi!>)K~W|xsv(u zS$%aGtkqD(jJ?^;B7=8)cFn^pZME^HFMj-_x7&?AeU+2Lrq|u-mJyPL9Y8!PUn+O? z>X|h0(96$9hkht7njUUGYM%2)bjvW22j}=g6{v40>~!+@e1o&(25_`1Mwd`L(f?m?IJ@9yp`dA9BzP`aTo8 zlx!$!zpz*^;c2iBnmFx1iK(j*`3PP3y47A4&=jcKPnl09zC5Dv$@{7anVNYDfW^&P zO7B-MtrHJm`c}JoAcI3_)#M8}9|e#UgP$gUr%xb%BJ<`^CFvI*W)&-jLA=ns|H|}d z3s)I>6J1FXxukv*r(Wt^^4ldzU&OT-hQM5{G8j*t`8egte=hvd73qh~!Ajk6w1gy( zAe_fmvlq;ey#V3|OT~1~muqu|%?FrwNsjy#w-9(9|DLW$*ev{Yd=l(t96!>Zx(}*n zmK1{%qweF7x)0Hh7l0Urw1hGsR3?gzq&?vi;%%bNfRoVj%z<*OO>BDj3UP+Vef%=! zs|2NuysjZzZ1(uqxl~x`=2z9b6o42NvXQCI(+dh^*s+N^R?;ii_6VB>=d1%+6;0vFmAG*iy=wuv^+%=+=yT_IAU4n2S z`i+LzrGsiH!M{P_)TAM)uDqYmRj>0e$}@1;%% zO6W>>6-tAjEytw}-NVOKcBwI#RgISWeDhFn=liP>uh81vHPXU}g~=0Q2yr@g^yeWz z#9Vn#S##=Mqu)6mxaggZtdRUrFvaOXsQf~$q17B==jKUjTbmVq04o;KK)&p{C^)Z6 z)zq}zmjUyOC(^4Zg`M$vp}GW8#!wH4T3$d+V2;`j=nk<{LngT-)9Sc71gA?PIKa1} zy!_Lp0YbpV;Kq?zwBpN5&m_ww-NmCk(Wys@x?FqZr9V>dbAE}CQG(z;=y4S8SP@`s z(4XrgrS5kO+_ep$%eI|f+FnV3ho|@x14N(l2yp8o{0=p;(5YP!Oo+oJgiF<`G55IU zS=E;_#FOZGGF`7P`Yy!X{M{0!Xe|6OIq1@$z@yzW49mAwl?I|MN*)Uy7tCOnrA~oz z-R19QtIL^ys9lF4A{F65X(xNEoR1%%NKs(Bg`ugK-fUT7{yd1^HHeIq&H~g!1kqUE zWJ^Jzwq#RkqW0}YQP6&HBP$Z+xQ0V1>7PVLA3lH2h}qO`akxG)ne1}9HKdLMsmp|tvAm)Z z%X2!bQXOxPKJFc1+oY7f3M!*Kr3P-R0>Tyz0(}NRowHXParxvzU!`bO4LgAk8C?0{ zbz_iUX4jcn{`%&2$-r`3Br4ZY@Y$WXGpC@O)^lFZ(`4sJdCM@;Im5&CU}qn*)6JFC z<5R3CqDkCugwR&Fii$uuvBseTs4v7!Z&tEe5miw2tL0c*|)kmh3!J6YgzeB=!{&`MRtknim;&_NU#iAG`KHh~56u5YGU8 zCe+N|M1zV8dHGlBjg>e|`X${Zld>||vcfP%RW==CYGCVe{>|D|txnw0M6 z3^m{~`2iC7kZl;6Wv$Xz_2t}=TVPSoV_{=`^P;7ZqPz?%&eRA+i ziV;txtw!SRntH|+=Vca*8qV}%{F`SgEXqNJ)R-~aoD7AWz8ktg0bqlu??s_DO5lGY znpBfr`*=o};PKO~4l7|h34gjM!$|==o7E|@oZ3XArlo|NBh??xLf%Ef?UM?DHep)N z9VEp1tBiY2-G@?uzNSeYc&J2!L*trbrD888|MhW6f}B-TqF;>>L7%D#Hdkf16@gI5 zxrRe^e&SDZP+BCSqb;s7Q`Pa;X>N=9+;5`$BJI(JGAq%%Q^?r|SaS}0n$gA~Q~0t) z5h$fN+xoo)M1b0&Y7#o~_i>;|o#jFe@YFqePUHV}7otr3o0s`jT^7-&MdYCRuQb%R zxvANZi<1f`&*pUOaB`2u=b2GaN_)SpI}4oa(IG4O7w1%ju5WMiaRnz-qd)XZcT0Yy zvyl@QkohMkGy3g{85vcn9zKecY(!OV_7@Y^F+)?x4qkFNrjn^0GsL~wCiIgmNJP74 z#v$~^_jOwEZj;KU?MlD4O}Mqi27-A$`vq#`^mn(|1tepD(dzsGuty_swRv~H9qRwS z2vg_RTRXP$Ua#bG&I+7>EEb}9ouCq;IMY&2{XGUFv)Ev=j zl>O2;n^NZd{PbnnzT4~&%t>KH|I%%d><96xc;>s0_gD~Ln+B_J4Uf{OsS$*r3%a5h zH?koESf8*mDi4uPUXUm~eP-|rEb)KXd(W_@-n`!z1wo`rF9IqEC{4No5)o-4ASk^_ z6EH$VT980cq&EQp0Vz^NN|as`I?|+rgc1^@w?tZK@hoP}*?Z=X&zYI$Tzj84`-Ru# zt2EZS*L{D>=chSoYFXRskX*uQq-}3+WIx4uG@X@IZfNqUJ4^d#cK2?>1`+b|qlAOd zjrFNRL{ILnGuR6xwAB}^5QJ(&P!PL2l&ME0hO~&~{@q?^!?}rZ6AR+CE)GZi3(suJ zxa##o-oK)CSJy6Gv%P_e*|lOP<`ejFJU@|?gtp&gk)EIsUd~kP;q%4)tSKk|i`CU5 z$UXtm?O$7|Z3#AT<+-d@$*#Jc4UMCBMT*vRi*i;Mhm{PS?P$%Ag%Gf_FSIbs@%6W^ zQ9{l7SI)U>iV%p|VzD{;#gtj6m<(E}$}(rShGp#XMkUE$eylq;CJpptgPvHWLeOYe zjA1vmnCLAaeji=tPR2sBkcN0tEN%Qm*|nmtoVZx|{O%glmj&dX{?KFi)1ITtV7@9& zdtJ-_P4k6<+$mJU3n=s|<#5d~rW7EFa7knTKn}7=um4xrFnz zih1?qy3lIUP1k}$>2f(o4$ff@b#OfXE!O=o5H{71et*FrPCH`4PtPP?w?5`xW!%~I zlGS2dX`Ou3sp?QEY4dh2&5=C4>s(|V4S1^X^?Gg_EL8alG^@{`tlBw`a6t}DJtD!F ztQqVyHz+VPD!a)-PWQpUR-il1UZUTM=xA0;NC*kPNOidLTpId=Fmt!Oa9|T@}(Y4#rH!E_$qpChIga6>QJgShRP`~*!e)2rq;`~sm zZuD7xiY|%>KWWBLFS=F!h1Cj36vNEK!J29_5|9vLC$IfjdQMFFE^9N6;DCFXpuQK*tsJ)x= zvK?s~U{e-;|8DY&`$1b06%yfqr`;?K9Go^7`gTwvBqj*Rsy5_6UfDSLD5FX%=|IEP zVPe5A(5v-3MzX$vMg+qLibSk>(s649HoHv}nk>Iv-t7IX_x!GTcB-z6!i|fO%)(4! zTRnF!{gD3>N!Eb>Ug0?_!oZ?}>$UCEDXVgNg8wP$oUdK~;>u~~oWyn=6?+=aGp-1(194>QaCuzp( znT+*3pp|pe3XK=ndW)jUhfx#qqVmy8TpH~gd}bylEj$&)wc|vcQI1OwVl$nUZmc&w zBBPO(><~x?kBK5+Fp?DN>#&RqF9UUlYq8yD)xtixf?G}JU87xYmM_k{zJ5Pbvua54 zY{=v3W)L;rxD|s2cUaN&!ytKwQh0};{7{eXTShdN+U@)A*uSXxp1U7A*@|S1wM%Ag z{`TsJ$ZPTo_5naT8lOkH3GBVgDAdfL}(k43j4*jQ2gslt9h|c&y zzF_>yFD=CKw9xROULl?1qY>Fy`y}bf+=RUJ0Kp7rhi9RQqYpBv&&53|V`@#A1!4J* z)t_`22)M*IkJTUDTF{%{WQ;Ja*${$P>?{v`hsu}|H$pJPmomAav(WV3;8Kcz!G$lA zy$&{)D0x)QClrr?3m<=Jy2x8&b&3#Ax+l??aUjf&*$*Km9xs!BaS6$siFGqmm{28m zcLGg|vJyf5b%lju#jozwzAIGFl9YdkEeG{+>?w=w4}7C*C_)(jVChEr4yY^z>+n5Q`?T@Iao zrTXG7{Dkv$o9gf?3ec%7k$_Ik0O-^y*(4SWAW@5B0EwCkkf?k0|70?H{2@?7#`nMc zx@jSRR#$M=Tu_J+-aA5BhInAmzdga7CjGF~*ZN#@m7H;GxpcFAV9VE@*P2uB%3Y&t zx=KHsuldtg@a!b+;yTti@tDTx%fv98UWhVvye7Uf-mlm?Hzrz^(=}yG@71~>qlQor zHfm0?-Am+KxH(yE^ld8BzaHwccYwNBoM#Sv{5BC-Gz)^GG}gp^lL@Q<=g-nt_*tO# zNXHd}HYaI~#sV8da%=}Fk4u)!_vlYMO<3P-aK{>5uKcbtC-DpEWpEUUb*l~5GCSJQ zaiC6GXklQ<`2L&h9&js=tpTh5nTZ3XLvd?8N+`_V492>;J&P%8UL&5u_xdUEWX5zg zpWEU3A1%y(>_q*m|NkEQ`<6DIkQ7i)N8r}vGah9E>#5#&l^UKm$tU|z7=J6MHT?#jF1y#DpwOQKAWrpPASd!aCae* zMm+>7TA2IvW!Y-qMM>09yXHnD`Hx{+K6H| zSO&ieoORd;`JhS&Y*t8mec6C@J6lE}BjlAW3md8mB866ZtJFQ=Yq*Q>pd*IW2kDyecKxtzM$qOF`5f*^g5CUG~?nVd4PRQhC1_r^lv; zg){Z$Vnq1LnsQrwK9*$DM$8A;r}&7PN!h+&V{gg3*SXBvF+EM}RPxJq-jQSb1=aQA zGfI7ge8T4x_$b)#rpKb4wG8uxel6JGdFFurJWDCI+w{%#5;*TQK797f+SU$;QM{s1 zqI4YYG-+W5g_sSmeyre*(7G}e71dVia<;8Slas|EfP#5FVQ=U_hd5?Ph-qs8&2&W6 z^UsD5^#Fnq0;gC^)r_tzV-JVWh)g(($Oe@Uk*kl&gj2)w`PZF;TPIc^+K(#6OZtqrdl-E>~M#dwKRHGyXI>(mwYJfrUNaz z1jSd8qL;eG6im8BsA~NiE^lP*V1hs^(B>md9glhiyD1b2RGxiXUUsy865F2Q8ohDl zfV(^EO8OFFwPdZwyO}+f`-y{O89z_4E?rk)P*Ggcbo!KBMAX(ul}ieBE{D2t1A0%0 z9r0ajqO@Z7K5#bHKPn=TIn{b46s$}OyIj6yOT9i5VlX7jEmB=9mUp03Wo%T%HZW<5 zE<#D5#qGkGUf$%8-BMz1@}%&V8x-j8i4b_9-V{3!tSUl(mjA5=h4H*&M+HGH3g?cu z7186?$_6W+f8ElCVp>(YvD0l| z0?U0%S{I)ek-wO@iFO{X^(>N0+?A|<*aEq5?`uxjMf&JZWDbux7*#k6!*%KXy{vt$ z#S&^8EaS@DL<)rWz`G(Z*Ec3~T+x_CZ@5Nzkq+Cf{qbx2&Z zkGeqOhzF5EeC9J_&wHUcD?OFL9LKBw%hNp!VaoqMI2zyS4fM5r1cw$gYO~?yb%l!` z%%2Ww-wVH9=PMX*X;%KBn8bo~T@p(@qL1HsPvl{ErNl!JpKZI|f<^Hy%cbarK!CP= z%-UF0&k}{L;2Rw_TvTGhc}ChA{az=S%F#zF-3fJ9m}X6Jz@e47D3 z;v1a6Q)K4w!AMext&>8V)xT!ooa$eD{M?t(ckK0FZ4pE`{4pdXqdX&sbc*gAo!%Y1Q5hKV6or3lLM&|D zFaBQW_E}3fwj{R!IAI01Nf?=X0a%>p*H|9})ZAHH#jwdRptY2I@HUdjz6fg!KpXCW1e5}~!}6*=P3gez-UJhH(p|L)MUaZ(y(#+7VJscWxG zW2@H=##tA6xrpQVy0(63^X%=htm>FX`6M=8ekoO1)Q(?U(H&>iuk8?8BH1j|(-WhRgRpCvIN~K~0 zFL*_B?gniynGs01XlCvTOI4hUa@fIV`R%$|WLR5eu|WB!Y?`W4XW5ZLtu72!dwxA` z998EE0;2*7v!D>m!R@*=Hzo7@&O&Fl6!D0H<(Kc!9=dkERbMJ9;?`+A-?D59hOs|y z6d;%>o7I+BMKDe1`R40T7_-ywR2G-wd~Ab-5~sPn_k`j+qikR~ zK_=&|sgEn=__zK&QWF5dO8%A7qZIk@L%uu{Q=MEVc68eJc<+yx<)E#JR7Deqx+>;2 zPnIvzcfWj{q&Y3+ap;cQ;G4E^HhT)YHbP>vfDYXm{z+g6tyi2W++bd=Ou4dN;3mLz zUsd-t*xb)xUEa5@Q%FjzK5n5aPMyM8u;S}sP65}PLjJ2~OqkBzWW{Fu)na;S z++rzor{A9kYORWIsF+KS%6A%NOYuWyvwX2?ai%!?Hn-LN+P(N|WCEtFmL`mi7s59o zXcXj7YOMWMBXD9kOBF74s;Ohgvd5~Z;a*LaJbw-f4kX;&#N#Vn1) zw@D5UUff2cxzJ*4Xju9Mk9?cma$IYY5e@|UG~U$9l|!L3!|9{WNzbRaF60ETfOsNs z=Ll^bbX+b>b}?S)tjxyne;Vw`u;YZVRk21;n*+VERVg!!89TWs&uD6~+ zFhFZp+Nb#m#t};V*qTFCoBYME%R8eTYAEC{o64HRK8*w4_g)`Ae17)sJWDjI`S4s) zS&%l&Qc>BP=4C#3YcX|YOyJ!INEQ-#Pibt+PkGmFhrYC8>PbsWir_~ak719OnPt&# zl{n?S7S~{ni{8xzIMj82zC+ieOy#S~Mu1Dcjo>jqRIKawK(Q=WDPKAe41xO;mPCA_ z5$3OnzKSTH@TycrJ&Yc2p+fV=u?q2)CR0jAP8t`GO5JjEd~2nV8Q`TW#tK(K>x z(z$Clm=T+1bjKe0>cySX!;WGF_wa<9H}1K`hnKVd9R83PL7Da@>*?E@0--8h{dGs~!v_LxH5Fi|eoGRCr+^sDNN(|pO<3HA?bycC)0 zXIba{&k=(TbPgZkx0Ds|viYw>J;c<(u@00)o`MaUYYTCF)9*oECht4DX6(K!S)>=> zG6JeHD3$1dWB}(92A{AJ2lc&gsi-lSCC}9*ZLV%?cUN^H{mr`Pq@w)2ZN48f=MNN# zc1p1QL=av9hcfAr>Y+DH8121I)Dm27K5v*LHCJIY$yYlyX++p{aky$ZvH1Zd-9B#` zb)gb@RdzL3Zb{j=_odN8t6xS2zS`zf?Q+JcBx!C^K?ccig$uxJvaeC$53KNrL(vsI z%Be-9z}RX%P#0lhLz!3SqcC%wr1*n|h%bp80$Uu*%3qIzo6gpIx$vEbN{T>DVWs6; z*}a>=avTaovwKnox&viI^8t*yug|Et@u|Q>@nFHicNS*#B}jn^qY=LQ#@!i==6t;5 zZ~&bfrnlgi4-fLwuoi)-KZ8B5fvm%>5zZfOJVP}jDGuU?{K>>IK$L)PY^Yg*@vz7S zVSz|ex=Dz~IyP>Mmtl9q{Y8kWdic>4B+I}Xh>y^QE0-dN_LcgxT;MRW1$*I*Xt(e+ zB-x<{eq)VwhMyqagtjWkC;HDms4W{38nFv!AAVeJ!#&j;+kMr<%tpYuz9=~|(eN9~ zskQQdAf^0|bf$4H96x4FX59LMXzSv?Kke)H)SABA$31fy?|k)h%gqY#laVW>mP+#J zN|`$CqcCBC*pyN0O7_MyjW+%!xg;dNALROaxiUTBvW&Bvh$>5|wDT+epr7jc(${0= zAgN?;<8=gU*A~Wp*~PilCg~j3f;aWnmD942j)MRK@D*28L^q2T71^Isni2_w!5|B5 z!5SX~dRm~aR3KdQ*(J+2k71Z;*}atmPyhDcWb7nKqFy5)Bq=k4&E^|yc#E%e0*SIE z>v3M*(u$xgJ*kaVRf}pLy5=0aHTJtX_Z`$9myjvrM{^=NK)hLa$}e`Q>UghL`Ot!` zUExljf@S%t=O#L$E^#Z5J(e6o&sVte-h_{~FiW7u<`Ap12ePpH#D|23t6^?G|N{cCWVGRMvBP03{^ za*V0ryFxM*j*Gv}%FbAy%Z+J9G1j}_!MaZEVc2dh+V>$GugT3&vLIk%lZjh%6E3R?3CbaeKBcP zwHv-w!iN=l!`%e<ws&Hg_iAM6-TdyVF#ah1XpTlh zHO|SosQ~4&KT^v6h%-wc#b>UIa_=0C$yS9C68{_Qx##rF;hP71l*I6%V=t@2|6&7adJ|rD zNIYgBzk&B`dL5f-X7>J$N%P{Es-rSx1J|i!rSBpS@Q{d-;Di}4JThe}>L@K|w~Ad7 zh#=RieY*PLO`^Vd%Fb0VV|>?T9tAnkukmu;VYhFMhR<%mq>C+~T`g^l&@z*J$ACgUR^xrVu*zFyznDOn8lX*3%V*4@7y)$*;)5C| z!MGFvmjX2JQwMz3VkwYx_a-}Jf;66SRo=BH{V`RhaSW;N;Zgn!dy96)YTv4!eA7M+ zAhx=U@9>N=@|CTjQ(+l3Q4x`T1N}}`MDjLoE4nZEdOoIlea8aRNtq#NG`9=Ia#HC1 z995YYOH9ryTzlcCg1=vtWOC?~VxQUCc%>{eP<~*^uSuMmUD2lDu&b=7G6zxDwoqJS zlA#j{;rVeb;M9{RH-5(VlKF9}0ac}cpNt*1~p^SB; zY*b2cuFFmopl`jto#9ZQ!ccaD)KvYOOtXA^$2Y#-wK`gLt|j9tkd^uC>mS#m|4?%p zIBCT(v;rwvL>SB&+hE=_ElM1kUDH+_d*-lZUg_CYcO$=JP$?AN?Ksg^*UIN+3B?2ZOdz0Bi`%(=-H-Uc7NGeM`vN~4V zy}|eU7TI_=Y>-KYQH75(PE}F`h3Y?QGcS- zhWu{IeVpW#@Q*rKBdz+uZy3ZX#f|4UaDdS72njHQ2T2@K+u$+HiPJnI_Tk_oaWS@D z(e?R&`Ky9qw$uW#>H0s|tXhpr^>yktj==CfYke^$?fgCSUqk)BEWtBEz~lKm5u$;2 zMI8&p3ekbsU*=jv;vT7{&sMelHp-d@-i68&&XCE&#&Ru|%v|OZ#6#R&fJf0pMNZjD z3GezuLgMFNytuu8Zoe5w6dvj&8>DGV`V~IqFXbH}9prEA~97;^Ee+s2FtY0VIGzpg7*QFNWE3Ucwx{_!u(-X^nEX0?Gvh zY234Pp&^)Jq4|o}KI|n=UTW>mkat|KjCgN__JxwO7k6&(FD;AYA3g6e+ykISve5pI zoFava_hg22ryky4_)YexbZ1Pl;EKoEwUL~(iczUgLtD<7hSR|GIFo;Ze9W0dsZD?Txv zKBMS|_Ku5gr`31S(76`=PXe(QIz?5&TvBU3A<0OMC<+o2@hp+ABb^2B*m|>Qo2Ec! z4g3h78?qDcy!j>Z2INYDD;Lhm-kC+aMkU7f&4X&hCx2RTOyKkxYdtz=@?T})4dTZw zqCa7?{sgoEp8DiK)8Pap>m=UiZyw#bqmRcIZ4ikW&r_0(@4yDf=bLDiES-mbXP{hs zV782odDAxh!Ww;TiJ;-`Mqd8B)6F$CazMR{HCklWIxL;Ge8i(yu_gU1@gdGdqHz%3 zZ0(JG4^zcPL0a83{G`#UF1#5ZC-ff6JgL5HTI4uv$u1`b*L^mEsNee^e3 zxHi7jZ82><#mnq-O4|h3pAOZL(pRV@Fj8@7f+C9H^ujRoPY8&xdNEx02HV6Eocft) zNr}t0`7K>4t;|XS#oN=D(ge@TtavK~;6%SZ4iQAP>IGU|$D=|KhphQTTU^IXdJ=)g zI9bN$P@<5St^TN{-y^^DoimrqNbyKp%tX`23y73M&99^`x{3yl9z-1z@ zL;^oI)H~V!+5^jBwPS?JiaUan6F?fon*>&+s|CcmHWDKtBz!xA=J3KBsMYkgC!N$9 zWZhHD#pvuHONL9EIHva9;n4Z1~A_ChZM8o^(np6Lr7WwxuZp|kV;}9j6Q)!gpoz&DerPCmRS^Pj*R@Wq$~p*Z z)4GDjhzJ)-i1AJLeTN5O%0OW-?;K*u5KcZq$vg*Ywt;gDlMTj0#yt)cX%;VyIn-Cg z=Eb!fsI8SGGuc%x*oXUDTtYxAhbnqSc1j2tQ9^?ioF4l436<9(pIq$YL?Q|;wT)BE zolL~X#aRXJ*cw>V*TY&s5A;piZnU3|88@;fQe7df-HSJPH;EiVk@Wf?{fEs&AzYze z1ctdnFBHy)2GW_<*X#iYqPU=EZazu5VRGIVW5Il{WeD&X?2t zceqzJPFSnJ#adoF7ip{mLMTpEjZ{wO)YaTnM&U7WT0Z>$_Vu3Q81N@+`6NOO$gYq< zFCHZTTdL43ry_q=B1l)XYhFk3ZrPXjQm0wMT(Y8X-?n?rT~jn%UPt7{Vd$4?{j+`j zWp+XJ5d`Mjlg)_C0L)qa-(-1pDP(`F8vH5b2dptCsG$g-8n5VSQ$}n8N8tJy zsQd{(cu&CAWLoe$&%F_#gDO{GGV$H(sk6NFk*GuYA4 zK7IUrMhOwfpn4RVJ4Cc5y&b21<|=cbXdXIO5$E8^R9|qJ(unMBOHVz`!F?Fm?_m=c zsQ{P8GXCR;T^^Lyd`8Cu16ZB275+CF(U3_3Xz`yt@Ks-C&! zj?huQ|D`@|Ne4XW)!HQMDOEr`^r7UwDG;WvPI=?!LQF6aIzbVI*LK%f3EXW%%e)-J zGJ0ng*(yhOxcp;X_W^AKW$DHw_bq_-gRqy zD;3Xp<^y)(%p>wI{{Y}6? z>#517G;T6>&ri!gV7jhUv3+j#kimCWHF;h2SyOCzwXDed@|rNF z?t|{ATQ2i&T`4qIx9HU#~xxy(Al#|iqGbx3_23iA6+_6Z(#e4m~SjQ9U7MREL- zoSFl~e+Y~lj@8}+wvlf6&V{%bHdQ5gQPYV>fmXwpM+7OlCDzwv&s3*KR-fYjM9sl# zwjbn1qG}){kRsec(W_!xYg(RBt{j&tAAdtza3%DZS+s^Z9L=?-S8i&`pBC^s!_VJs z)%-V=ONsoy6=dT3OC0C#YQqWHY>yq6ZHF5R=RU|dTj9Pp^_y(FaOE>lzQJ|d;W8pq z4>G8>RrjW}Ni3%};8bIfW@`#Weuzx$o|&3egauWz=LEj2sc;ERR~l@$hEOqXO_z-43J@?zmUD6T^Q4Q+BgsCHkeY znsuNK!MfF*pSUyFt)q9|986dqS{dy7O~!0om*JzyAM)McnUR2GxviXjyQ%jXzR&ws z2?qvGQylX0`C1vs+N++cDP%(#9!+K$(gJQ}_?H*bOV(L#3uMFCZ~gD`d;2_g2KCFl z%KTRhbmhzIa{S?qhn{+&meBSK^@(6VJCR)9+|O>#=#?_Zfj`un_)ahttu7thU*s!) z11f{J`BVUyYUt(7`!P+t{NM>N=*+TQlC(LU!c6xC=}sK@O|ZuOH?bcR^h52qUzL-* z`~!U9Cl>xc1%ZrF{Zy}^UYy1|ABllC)z5ImHS)v+47WTtIuq{=)ic=Hj@fMx@i{JG^99H-A_(x)E}`9ocV zLv+9`Db`WQOXw98mjseQ&vyoN#xHVd(Xo1rRv{)F)(sM*t3vQ?@SE~-vI)0le&^&= z^UsC0;DiEURJ39^KV3y|L?yMO9S1n#V4Rvv1MGO#HzJuDqKeR_k2f%=p zk)rV^R{0Xtx7jSeb;{9{fC7+EtzKU4&PnL|`*h!vi=B+Sgo2`Sw}W#ACe;MgBEIp% zui2juC^|qHk6|6#qCobw#_jO)R$ax_c@5c%>_)3Mn%@m=O-bE%LqG6Y8LXe3*^gMbk@~jDBW*GicQevxjlWE+VhWMQud!>JNc)M`{V{nJ(Py^U z*cv&i#62q_EYrshg{=0%&*VgjrA?(Rx;uX|E&JTL;~U8G^j#K4 zBlUF>=)h*Ad9|Niqm|(1L&!Jdd&65G;rI_fdG6e&%P;upp}hUyeWqkA?c5;dBc9p; zBE?gNOsC3)mODUu%kllXr#z`&axWh;vAcJvK4)s@vOIF?>;4%Z{~+I)iI@naMCH&k z@yi6Yk_hb92qG=)wJ&?pL*KL6*0KRkmLn-AbPm_fN4A3Nf~Ih9w@+fN15u48EFF`BWVKy;)!VTv555dv6uhbKOt}wb%yK-nE`DWh7i8}_fEtA0+e$?#W_~C z{xE|W5sehDRK7yoM%CcmAAr(&`-sLrDhT=Qf*q}Tp=(EdfyVip)xb}Ej%;58`*Mxw zjJ>keUp}yB4vfokgVT*cT2M3+K<+E1Yg%FL|CP1>x9-aEX8^X`|4j7(wr~M|{XXQF z#ebN9@_T4s5xcv3KKpnuwlg_R1v8^c!60s7QiQKoiwKE=kK}H`K)ChIGNmFlL3cn`O zeUX-A@AfxxP;wvDH1v}Qw66A>NhHxzxE_J%g@ zDLb>ZZm;`un>U}YCK|PtwwjC7A`gKxOg6DlWeBE^ov7Z}Dz+V@IpD6=wX3eEiE;>k zB*bZ~PJ1f~#(wbBzZ*!`Tww<6_wU?gmI3x-0OcL_yXf5rRL)MBmTFq29z1fxTD!k)O zyt^k?CWiCCMLh&lI-Q$hg$x<1>Y(Lp51B&#(jUc3h-#jkT$AGq$unNE> z_VLis%A*gc3SumqM-fX8HV3_Up4vQm-y! z?zdj%3G_X?cOYgyt4fq39X!Azf@TQz-sdV6EPydIsoLq2@2j-rvd|aYn=Vos@SAhK zd#6$lvE!inWXzXiMeKrbK!f{CzElOaR1P>VsMSTiN}tzaQiWbQZFEt+`Fe7cbbPlb z=Po*_4d{|%IZ3_v-H?R?Ye1L)3?qc4>QQQjNDrxRBB%Q(yGm+p6WLT}>j-&2Z4JUk z3E|Q+2=47>iPatlG33hwCR$mw%VP!@Gd&jw%ZpZzg;H}TyA)NCWd6D*iVr2@ezu=l z1sG!EPcdA4O;x+-kRX@@RRn*v;nzVdLG~xwV&`XDtyTqF|7;Y2 z|GYT%h2eHq^}&Bu9*b#)u@dBWQV3 (>%#mnNr;Gmb~9&+zq_0RfqNX7#*PbG(4J zq(qRt$-LV0(u-c_W&%1mFY-Oqw*q$AC$V{dY_zxcYl5DQ4upwGuK>a$bPmVPwP2wCgt$v8718x+SZ&4o(GFipS`|(HnP~Y&eHr$Fg4kB z*PmdA+b2(^fd9RSpdjeABEm5EvI>dd?EkJzw} zGjJjpb#Adr;Yk@5LcX%gyuvk|ljNH{^VdW3zuFu9^Iqcr>F$UCdRXLI4DX>n5CUSa0e#qy zAsVAu33~079Z~+`K!@nuefZ4^2tJdcfW#+`IR$m`lZiOBcROKhOl-zs0tm4o@{;U9 z!UnY||5ix|7*hJrn>b(=#LQp6%RdVMAOLm_B5D)ln=o|#9MhJ>=J{o`$VMof$u0oB zw43ruG+knp#^Kq_`^={0Msjq61Xdmp?9pq0_z{HUNUhFI1RuRzzFJ;HtRDK4f{ zF_^m$T9Pga;i%cn3k^x?c`#68D12&;uY#0xz-j@rPM>X$jDuN%x%EYPb(7p_&_Ib$ zo!zcA)9LFaE1Zcdrw?5te_p@XGcnL(hG=RVXZ(66cZ#Vb@L&6JkwKe40cVF}U&8JZ9D`h3lpL~%KIP`-F_g=U<~d0~MPFc0FW2f@ zc2|Rj*g?VjrW<=ScN(=U;7X3?E$Wr2cE4RYT4zFTbjwf8KvQSUEWbs z5jQ@-d-ZZd+-#2#CllMx$Olxz(-;1L8~tP7=WmJ&?@8k2v8H!ol-$PFsT0@5-?of@ zX~6+#Q`VEq&wn9|{kwAF|7jrop9a#uY9Jjw#_L6SFoarhR}!p)b+AJvJrUPiI}4g&ft=yzMQxItcx|Tkb+D>1m{@k&!`=hup*8=3g`e6BKH4b% zb#K@2?%!VyMHuLmWGq~nJFMDrN)}>^Um-p4hxdWEom01e0v!gMQ5Pg7OreT!fiU%S z0IH{|y@%t7HqZU~=KkX8%yWHl%7!xlxNKAeunwLOJ;0FhS*#~2L?~`WE27DtSDSi{ zBhK7#Xoj)w^(R%S#~BGe0Ck&ePWg)eDCRVY5%bi``n=~Yu%;ysPJ5yS>-Tb2H!N?w z>_~x5SzDdf-tdeAzuUxasYt()ETIhR9g#^0YJY`LbK?tuh>I$z+XsW;s|OJ#Zw5n{ z)q@i3_NwxJ-nb}v@fG0oNQ91A-8jn1uOJrAz(e`)B_vL(HldKMUiqfl?*(AoEq|r> zLJK{xvnYeJ?ej`~N|#^pigr)Me2fb4aNJu$OsEWomS}Alp+;Q7^}<`yrEBEMRCaU( zhpc>mcv8OzeCGX9X>2sM>p5o%S&_fKX;as|s}KRSAM@@b$cne8A9I9@nU=G@Iy=OE z5L{>!pMYvk>Ych$2LCwdKg37=5ib;oyfO*R zrBl$cTXT2r|70z-CVuG^E>70*mxE5eJw|RxZByGmqc7=E`FMjw?VxsL&8P3n;$x*K z@DkB?8crKC&V^?PgaZ(3MWBQH^_XGZVz{12C;elh;``lp0V!7w#jePoUN;e4@ECu} zqpwOXK7{W>I}Zt#(ZSubg*F901Vud~R*9e%bGB{+FUiL7b~3r1>w4)b_iF~VcAAYZOhCpvV|+ZX51Db%<*`;Bv6Vtwsic*#hF`zdWXZ#0%EMzgFkDF1 z_-fDXK;rnSIJn*o!7+qRQxFWCrbY1n$uah+R zH1;wzcRUw8+qt~m7g&{XVIzk?1*p0~@r!J~V7Cajc2YB&E)=ll75IFv-_g5Kewn$b zlWijSL9c-Ow>f{eYRh}E;jULJHel}_O%;z+uq1ZvuMS8C)<&iym$zTI>Ff)Mc@KEs zKhikqtM`*wqip;+penFC;>Lzt^zS8tX53zgBYXK$1estsojpw5{M3g{E8hcSpqn3T zM(n6&0%6Gr>bGy)Aa&Pl^txDOloed_Zb-Fu3*t&2{P5IlOzY?;yu3Tdnr^GW{&8r! zGVw)E&vRCdh%H+!p-l4P=X|`RYfx_Mp>l~cOG%|uy+YA2YJnu9SfA1U22{9AGQW{u z7l-z>9P_tdEcb4<4|S6Ix%Aq!Z)7|o80FJpLg;$y&-=ZL@byTUw+}|kALHz_rkIq< z-_%_Tj5`Bcae8ua)+Fzh{K_E{V0c5!nG(r-Dvfm!tsFx@PGmbxf=^7#t zCjRlg!r86R3msykzv|AZ&(gC-h^t(r#4?7EzVKpK zPi}LQ!3F(a9zVo?R+t|oi><|sKb!oVQEpN6pui>f7u|DqOxYOlD5ip0)e(pA<4UrH zmcS*hR%|ih^fGsQH0_y3nxn>msJveuw_-fqNJINu`X<`gdZzOY)*N`>j32(UcNKI> zlRbEh^~dVD0S6d~qUF6xUO!;)uC%&yj*bgkzM>%``WPEVut!PXPkk{i; z{w$Bu==1^xcX?+SSJak7m?9l95Q5onGS8_huZDd-e`}xtNl}jBYr%JIwlU^4-0Ce3 z|2#3-5I2nxN(MU%W`5=7SYKxh4xd^u&7sYGux_zGUsv=4>V9`vN%eD0bhmaz`p#Tq zr-@7dx1aPxLnY(Jx1??q>sBgwBM_}f^dwz)N|GHov~w%b_V%isD>r*qDQ{q+VcV~L zA#(Famg@7}z^+$c?7Y8ya-&9^$z}& z1hWrM2P5)t7HA1(m8>~UnKw+vZGhLndo{u0x#u3HL>I`VF9G<)&O(sLg!>@!0%-t6 zixik_%l$EB;j~}A7}o?;>1h;`aqnECuzM*tjnovA?7oV8m$Y)6L4;bD1N}G#)ma3& z8I-Bx&hV2Owg*o;48X(D(>|AumI8Mj!XiJEP%6?VbS|e~CDQod?HZ>U2oQHw%ox>=I*VUMcoCbVpx-9WcnFL}a_DMYM4) z+49*C!<#tQqD!o%?&9W#E=>o;Q*97FuTg`9DU?$8rjo0}`+;sSF5ar^p=+4Ue`m^U#Nree?;V^I)Q`}YZaRCrEB>1x5z}cmS17umwznP zoJb4+2E&Qd;-3ut|7mKS2Fxu6fcSok=!a`CZv@bOF)+K2CQ;fC2I@@-cXrStfu&jk z%A%w1A?L|2skJYhrAeR=77L$6Iie!_2q0Wgk?}q%u-@&n=@RdivQ#VlNM<;$nMTZ( z13QUZ$7?uzZky9$5!C6~ak=RHE<^B4pdqLf6D7+d(q7y5id&n|*P1%+DMmSn-q|;q zCAe0esduyBcgXd!M4GoAbY3n!>|#alt_^%v$%BcMCK;3sfXZy@YZ{Ua36!zCWsZ51 zKTIqwOk-&=HNobEZ?x^xE!vSb_t|1kZ8m7P*22S4b||#AaewyUx`%HuU%PRl*>tS) zj=3LrZJ!UFpZ1>3Jo#d}vl!PLM-K9K`?&-%J{{s8%Gxu39)WUPC|oAVFz?fa?zYRDBH$Kw7fUu}^Yp9u3Glk5KKrr!P&zQpPeiUjb!ClgNF ze`ccmJs7mGpAeHw&}%^_9SUIVe<^_wD!{7Wmm0Gsp|GL_S!0msvw;*=6eZEIJj@x55lVG%xtu(c zpn8{bFmic@Cx~_KKc~U%(_m;L1io324-1zl@3tt6j71hH=~G3>M%T5+Spzuq_ybChhi)Hbqkv~_C=(Mktz7=)Yp^2N+_MayT6F!+NB-M`P`9bqpUBvr05hJI z`l$xq9gns9x6o<;XbOIcnE+q>wp{xvw;Ad*&pC!0 zVnrz;T|hvki8Sd72r69!RFoEqNDVQd)Bu4f3P=|aP!N#bi9kZAiPDQmZ=oh2NC_lJ z2@v9J&zXDHobz?9`#X1L*3A8bKiMl~XMf)1d0tPb23tN&aG=qmVpT|VM0syJdRari z0-`ovWjJF5VFt;xDIFL|ImJmCoqKrvH7BZ?=ZPW1x`q`nuV$jM-K?Wn#G->_81<^% z%$M#ByBa|(SzC))LY%6&by!8CK2;tQ^|n)`xUb+3IuJ+Xo)*LrXXZOn6I+z-3SAdL zFv60PlT$AyzdX+Vl^cLfw%ebic~K`16oK-tM(ukezA$#{s1J_8Z4`f8C6cEKpug>6 ztkKD>y<$~&L>tni8sJ=Szy3(z6PBg-3Rg;yL=NQG7^t(YYV^YS)nMjUfBxjLmOi%W z$>79h^~d_gQ; z_{4_$iF~0oe+joTr}gVBAmQcX{>@+kEU(^&zR(2Vc{t^D8kFMK(zcIyA*bva*H4W$ zuc{lCMvW!SQGtH3H`g%l(Ux9vaNoC^7cG%y|Mdd@Y;FK|1ho^nU&}^o<&GdCSOE88 zVfeNuBdn@tekVVBwMJFVrO;^;E*9qT6e;57`nv1be>UOU;IBl#7Gx-#FlZ5Eu)Bi{u6W&k?5s5HB10<-;V zP1$}1ivMe6NUV_smfTfUgBnmi)H16BpGax&_v+|GKZ`zp#;QB+h_w1Y_A9Or-dzD@ z*x_kiA4TLMh5C@xh@0esSbw4x*NR`DN|FO#$~wU3%~S`0U|-w!T#}R7z4WDT7Nel9 zcPKpZjzm_b6)BRcSxxxn_mz`uTsym`M5A;ZT10YBK2UpQAFqYkSYtcTrokv&S!e0O z@LLTO+vKtw;^de8)`5u@mq*X^(&oex{J&34i5jCqHUmt#_m2>?!h|_wX*dsJcvPq_fD)|?2 zI8831d@*C~sW_RG{A)6A6IE6aV55|5%SA~QmC1TpxyC2p z@|5LDBrOQ2ZCT#Xy`iK$1|Cz+f7^{#(9WC2TN^>2F}14h?OJf+Kka!zCE#-> zv~JxZ2s44)AFT4=WwW?xgQ!hgu`(m|?n!NR1K#J}m0qn2B%#n^H|z;=M+EIw2{rc) zO5WYNmB%lYL#axwygalPg9%r0Jb$*`IidCWmEr)wPU+SGQvdHr{8|S{q#>gr%4B-Ae?DAqz{l!=(kqL^)w^ly_?aG^#Fl%*1+W=6SNaI- z!qBuxE&4RnR|;yz(;>AyiW8>YgI}M&;djtHusjyX8?%LA8V3jVZt;6xSs^bAh&DCU zBt5_!H!7-rb>^^>{pjB7rAd@l7_f|QRODV05(L0r1-iwGO+;%j`8MXHt`p+wC5D59 z34`kbmT|8~m=UjV%+hd0iC0QECNRH8m@)~QtC`{8%AH@fYmVgX5FNN(RFyTQCje7V zK3eneNr{X^#i$V__BX@k!@*TQ3CL_O-8w`ozma~g?hr!@fBA&`n%88Mx7~7XR9FjN zqr$t}KFa4*X#{pime%rB&8&LA7-x>L>{6aw7Dh$HN;iVoUc$WzwpRo_Eyl9+28aW` zk)93-q|9EVW13-E`GhmNx-Rk8YoVuCu}9g{_Q5pHxh~mD4M{f#@vz5nqmsrS#Rg~2 z>O7Zv+8KN7Y{@mgYv)Hm@eI@lOKmlpswtfa2)KFS>!pUg+n}OBJ_*>P*AHw0jHmvECGo)Jae(ZI(Nq_^ ztagfmkI=cX?JOpGk39!mpYZcy?J#PC6aKKaCW?5>ms1Uf1ZgQT-Aa#3a0-a{A$lx< zpv9o!KnBhAwfik(!&CD?=dkS0QIF1q1Hrho zFvW!KP}PJ5eD~^eddDm(%D#(eG59@^#!!I@WjkoNCSB`3E5jL2_D+xF*ck_MK@B&qHKOi+}xaI?G-qYQ3 z$_CV>P?&mm-NboNPi9ZYHfBLWgsT4!XjWlwX%+lP*$W}LJ48KPNz?J-&%C2~|782|7OS|@E z?!7P;_q3$-t;0K!`{}K<18h)XL`%BcV5&N!8$*TeQm7pQRrUr@4AT51g z*F`C08!~M=u%a}39`_G|@IN8VW4HkWz*_hJ{2Ts%>x10brm)4}Aaa5~HC0Aw%7pkZ zGit=$fks>BxmP8uUNhhN%G~|@cKx!UGbbH93V!e`KA4C!@G->t-cs*L_WaFoLasNj zp@z-i*A3j9>Yg}V9|;WP{*~`rK8HRQqDV=oA@{uq;fuBJ;E6^W5e4}@&uW963)%<= zyF<>Kp1oyR?m?w_&SkfGoQ|6B0FXOQ= z_sbOdnP7!_z#N@!cegS!fhpAd_MOse6;Anr8D;yBAoZPr)tdAu)0E|PWXL|q$TQeH zJ#+W3_t?BW$~6iA7X{f*Y!HJ-OXoa~TUlw(&7K9)8(rsZ@2o7IvM~MF__mpT4rAz~ zdm@3~?bTI=`eU^LVY8&zKMb3CNUZ6dVE?b?58&FW)uzv(JQcf|f}`cANp+)Z4wxwM zTVky$l+(iB-q|oF8u!bm_iKO;9;^n+MbPfgWkqM5=CJ3`7mk3YH`na96_gjQTKmU% z3g3x5G1Au5s1rGA;Bm1wOr%|2qEMwmu zqR|92{%ywK3)Mp#BA+w&y=4wSsvnL^d8`bI3XFSIR-cV%gK9x1);aK2SfN=^TRvFx z!bqdrM)6Jkh$rNxwG_3)it)b5_eOjwbn_vFj|oBokfi%?WFOhWb3kUMr*;r(8xSJf z6^N;t+O?tez>Qp7}M0!_an@l7FeaI?`6p|6BVV@+0-VC!jH-^qaObg)u-R<-I*LCipl z_mfmh1(2F@vzlW-?3DMvI>hQ}w3H@^kKaGw4X@wk)0eBw&%2z!56A(QE z^-uf`u+Yl+a{~jxp}jy$|3Phm=8z5K!E&r^#j{Z3n=?=M`_yU}6EZwD={;@rafM!Q zfAaUHlq_?XWuC7x6mkInU>#!*ldDaNEnKMwd<>G*VoK00>V0UgesH0C8oiQeG+*$u zUMTXoKYv`dSHg|fP_Z=2i#k!~G7UvjEa!FYK%&Q1Mt<3ogby^vX@OPb)?V@0!)$_# ziLKt?WNVt*>b}@`EhZ6f=_$<*@xCxAPMsFli_<6p5GX+HlxhcmBFITDQw}}VA)11-sm!=>7eEgvqAH9TOmOqI`gE(FfZv| zcM8QATA7`Q*X;`MZhw1c&}-)VOd}aXH|m?V(kH1T_(BjMEtAG3^x}l*Y%VBd!kz`q zhf;^~>QOWcHLD8&sAm7<@(azRGtpiT-0z^RMAvQTdB5Jt~OS_=!ua z9d^7!TLPv$Ew27PVtL-_V8&;Pa93@Fa|9bktsV!)0d0%IadaF z(l9YO1C8ng-~P2H^;z0kI+^%W^VkoUUX->eaKwr)Bz*((+b;h^@M^g8Q^J6W(@0^Sws_C)Lab>M{d_+6`YccaZ*U5U%po>8)z_{Sx!Vu$n=-MHFsY z3O}}7&kB{(_0$RmTqQLP2k5JSbqBv>8h?M(=g_Pr^Fre&$a-iiL%5lT|90Vuct=%BmyiKjy)2-bi0be52Pi9 za8XWXRM>!i2KtpH85ctW!*g9(D#i05LJ4rr`+kXDW9Ikw;=-(QZjayb-hsBcr_znP zd>Y3Ts)M#{`5G_sdbo}RPmOwx$UK-V9bB4C&8pFAUbTI|4BMJLJMH!pFRg}q16{kn z6?pq$rU;!MmQ^ZN zHa6*kKK1mJUUx;;#r4wK!L1xO{cGd6kKi{k3ZpFzXq-kBO@ zHYWV4+BAAG3=DxNshOAiip!LHq>LP6L?^#Zg?-?o+oLpDX$rvb$#Cu<{xnbuA>8-= zY{U<9I}bFqYS2;{+T9b2hV(*`kR54Ob9&r{B$zC6s@qU~V;}T`65O-YVPf{~5`F~# z8=(L7LG~L0V7sky_-bRSJtfP6>QCG_<9?qSWIztaMS|>VVr&A&EG){MS>Kueyj!KQ zxfUh(soLZ#(+h3kN5IXWu1_uWu5fG79@CH_vavRO9#PUdJE?nOyV0U^(E1xIYD{IY zMJ<;ED}XB~sEj?x?V?|&_l#woYjpG_Hpp>TyxPIB;(wNNf^)Ws4TIY{BU`JTA1W^0 z)%EA!>+ceX%oWhqGg;Y^dyQji1QCQesYs$kYdkw1mf98~W2`a=R_eWuYEtVn9ei*f z>gjnrRW)&;>$ygi`uEAqyMRN@T&aBR5Fi-XA4*Ox^>|A8HVvTdV{4&>^aMc3urM_} zy)Whx)Wmh);Lob|-~Jlec3x2m<7ff|hy_{ZW0es?Y>HPk!EHahey1eGyXO?>hWy|X z{8!HH#Ptb*tDR3CnPTr59Fur)<%)Kutm;&~_d;Sa((xDa7DbDcQDh40aAUA&h|7KdHXqR0u6*aznyQP1u0Io^Rn468n`vBk^NbjGK`8mOUsCr0i@|t(Gg` z_Pw7$@v_yz{+TGL_K$TLB*)RHDs*$y<>Jf#;Uf6wR`h=^>K{8ar5f}1kOkWBH)WO< zNx}MvZYuSHOFMprSAmnM!Fo@|BewT_s3T1wI7hHBV|BFg*W7XcR0QATL-I5(&Iie+ zOXxWW)@y0Usz$fw7>(9fL9CvZUmWvI;?uDj1?Nw^=u9|V>Xk7rH`|eQQ zxf^a}e(r^kwPSKPd-a3sg zG-aQliu+fO&`Qiya`i+_mREnk_M_w{G^1)`T~(*l_7n8RP+8SK2|%qpRCldYoh`d{ogD~DUk2IIa0(X9_T-#_$&1Ns8P^9w|%kuH> zM|IWPClhMwse+gmG%kG}p(ljCC@zy+Ip2VnOFn4-${l0ma@1 zoh9F;T+c{9RUue4o4-Gk3-vtErK%e6JI5rg2r*HhUBj6ws{LZ&*@Oii%C%?F$J@z` zCHFsMUVh`u^tGwt-GhgZG;tAasu)o5#I7~8N%i1+NLnC?8)xk3yHrda@twQDV|vy! zh+xVc6HAXS7FTuwuV`(|;ir0M00mls_-UNm z%8frZ90`4*q#Ft+_Wkp6d?mTzRO^zipS&R#l>oorakDdM#Joa+t zED+0;5>K_s0)oe0({2L6V;ey5n307EydFE7Yww5I2x-JFD__bhYs4`ksDkA~=`&gi zA(v>!DSokYT9JO5Ok~+=uKlIRkSpIDJ`b(uK_-Km2nlu@WT{)RnC+>KQ5 z{P=p6DWA=;eF)HsB@yKg&t|<5rV0|+=wLUXT;}4apur7>4^1%=Qw?4`-s7mlwFzN5rA}&bdnw`WRp(t1XtOx`B%8=9H*cMGNZR$Y7}CDpk-mW|NHDjvTTjPt4Dap(jxd53To>p|Ise4D z9c#S!o1s?*9zhw~c}30eqKgbA5`Ph@-JVSdK+o8VLableo#i*L4>g>#{Io9P{8oNG zfYIwvf{9!qrP+39#w;daO`6rgM-7P2l>1aoqtKfEQP;9q69}5<$Y}qj#F`otQ}aP< ziO~(G^!`Kj9Nc-VAl#RVoEsZiU!siBME%ts?ns?U3RYivwrT{Mv=*>3Q0!2$`fhQ> zMBCAgZGSh{-o`ypHzhZ~RW{?sNTZn%__~=)LuYoH#FaZKxBWhHC`jRAV8XmDBbQ3Q zE5@LVZGB8#lJG{4e9MtOg9L(*QuET*!q4V=@BB^rN6TFPRv>gp>zHDbm_6ZVFB6Uc>Nt zcLZyl%)^~4++-}X5$fAE4lzc4*wo!vdqsFJw=|}~Hm}7^RR=ZIQ;w&m6(lJ~+t^rB zQ?}8}4SJwbNg{j4v$pa)%U1HQ$kU>kDLp$DRL6Xnx-D5KW7dXr!at&D&+pTBD zT9$v{_vA!PCda*{44h;G=926U@84lgJfARW+Pp)X?Zq@WDCJ9B_gJR`g`8=kkyCtv z@^6Om7DD`+oFGWAeJlHMc+I-bEABkR50J!fA(`Dm7$_C52q4eX)8pFGfeUJ}<*}{dkfigeJ^p@U z<$|db-8$u`e(~ta_ROVWNRpJ@W&{&T4zR9fj>8gniK;DH?67VbNu`EspUA!I=@8ao zVJG>E0LX3zQDq`$=K_An?JJg;!e@8ICuOQ;b0|~g7sOr;4OxA}tMpN9C*Ab>`XDYh zaCazWXJ{Q6k2}=}0x;J0EEO~v#}b-X#5jwBp9Y)idPG=6X+khI~;T$&npd6J~q zE0Q?yPS*^5|E3MxlcH@$-7TPI?h-5_HKpvPjB}}31eZ#oO6Pp=4o3+r$ttaVvEzwu zWf>uH!X-Lnna?oF{{!=}1_B~V3ndYQjz8nJi{lv6uAxTE$Md?G`={W=KZ*{N!9{$F zMEyp4z0VI!*{^8cabAj@H*kO^1k@#L?SQ}b zMvx(?81GrL9eHxbcGx$&s}x*}#{J@sf@R<~D|1&hH$;4z1Y10}$D)!j1l@|@r`hNRnb;%T~+3|!pB`r!&$4Qufs=V95Lkta3b#1Ybup;?o- zaj^{CySMoEC$Qw%V|5}aI0MfbZW&sZUQ;1OW2ed=X#K3$ zilB?bg@+30eIq^%r6itp2r-`L}eNi++LVSdp{Ttu+ z(&ZItGI|GXW6$v5L7VYO12Jq$cQf;9F*N&%Yq~?2qjb8%uoeUv!@g>FmQsfAh(N-% zK7puoPcCqpNmkLgX^BLHw9H11l{EThYM||G@`cIcCod;CTPgLfI zRB#?O1g0coP5i#@q*jqDGi(MfP;?p{^Rj6gL5_dBpZ@%K(Pz>gLs$0%y&HFocECZ$CO}p1;5K6Gpos7dA?0M_SWjpDCM!r(mtJZy$_;RYR z&l0w}x<)M=U9hY;zQU@JWYDffx|XTl$}W`*pRAY?&ZnP&>ro@hSFsw@V2Yj~k3Bn# zf3ZU?{6+OGhhT6q{;=TWfpY5@C#XkA=sJ7;v+*-|C%^pi;Rf$# zX3ZTK|F%)om{N(0K4{$tT$pS5kZyvvYULcMFB< zz`-6vP>A=nUlKx4KistIZWDCyVA=84tjS>&!i^bdFKHSLjRQ1g=Q8-+!3~;WVOODB z$VG}Yzh8V|IqHdew9I9r0GZyAw(cx>c#%vlA*K(d6+qC!C(UoPsY`Cp9tC3Tv4TKm zqik3atk96+lxm)eQBAA#Pa7R1>es||T?kcJzA^mZwCxC!KDu+?(cnhjJT2Jfy^?!RIUD;TML>nD_WY9aJ<%F2nHBZ%7 zggpdJx}{i$q;tn6Z<8{@MlzG+vK(2r^BXB&5rQb3#*<~S77i0H@B7amj6vx9TdRe# zsfMWOF$?vkh7dKx*U>R+Ipts57?K4gL`JSMvm`S>GJ4w9t^QGJs89S^eex=u^Y9LI zKOs&)&|3ZV&>Gaq@P2Niwx@KGt-Rat+QZ1Yx4{;L^d8~kO0%5Pu!>3TT2)?&hcJ@p zh}^=^)BMroq*0fohzkb82y64J+WXap6=4Fjd6SHG8&-@3Mm7Op% z$|C#;i4&en8@jZn8E22UK8q6S{1a-#dbX#0X?b} zdSSG%;jHw^BaB{Kc4V&ARJEd1=U`mK?ZYz78?Yrq>}RrHEP)wumMYSMZ^sb3lzEyC zPHf@LON+sho&~QHoG_q>A@TP;>PA1LM4itkT{=w4rX8gk5}E>mwTf)03|fkLT$wq5 zKITKW9l<6aMxIX>a?!?^9JVu&wBWBK`t0Rs&kmzx8a-AW$uly{219Z_Bu7&$XwUck z`k=Ab-ZpdHw;lf1C+X8mDTZ3rNLA~-_fnPql0Q2hdMEjq0}7!Z?pmVT7z=E=!>ht` zW-(W8SjZg8ZNTwExJMO$8Uc2!RaHoqEF4a=3gFk)MCVzqD0J|^Q9-pF=8vWf@yw5% zlA=~ik2Qw~W5}stC{HGQk60_eN*1KBL%Q~tsF7ugn9G-A-Y2@g98<vSC43Atc$>L5v3=HGCZ<&7LPps}UVQy5DKZxo|%n)gj?kSl8^S;GDRkzKDy}wfG z1a&$1v=r)Xd&oWTy0wSR?%bQaDeFK|E*7hIu1o{cpK)4UQXDn=2nqy<-Jl>$$Q#YG z;cA}EsL#s-3!)Xh@)aNe8*EJT#R{3^BBwC#1zkOEbDkX9aXMg*c`+YB;B)uVC?q;i>ms!%c zITaTUjqDXmbp+QAwA5bfNiOP1u-5#(FSVh59dTt~YD?{M4o+Ch>OUEC{#Q*o{fAe` zO%XA^rV|LFPzHG)^j^czn>ZU;2~M0))AvecBOW?Q>1@KI=8I(71ILW#u4!t5v-nZ* ztT6hKA}YjyjBUh`-+}42O_|l+H`e2K*lMgKd$GC4<)=;z1##)V?rW)wb>6 zFO1Lwc$o>kV^Pqbz`fDTHomkIRrx2PH3BZ;Nn}0NmNtTnpvfyvgZI6(A_gb=ZMwiu zerZ&Jl*-_*AD$7hPd*V6{!bc)62sqQ;{X4&xp2U5C7^_3vsg4h-ZkpXwHmhw*F6Mp zS*|OGRbgw);V$w@X{IT8$rj1E@#6ZipqbTUZJIp&8jw$RF#9$hFrvWzlVP@3r&o-i zpdeG@gVvQQUFoM)`j<*`rHVv4=Yhk#`j%%k%!ml*^il}^2|HIJgGAhk0KY6id@hO`BKcY=Lo!tG6xkn<+fccCgTER49UX)UpNlZ} z!2I;NKSqnFJ1EvEE=paYTe{Cyn;>&&SEG7vk@axOyKgl4XvUReI&bZ#ZKkIura-C@ zG9Lcxez0Wu!uDB}k=DmCOHCB}FGx;1YZ&e;zkeuNwf|)9yg;x}+tVeUNQm4^R1ZY? z#b>638(W@SI#i=J&(RILG}BU zBU=ZyAfwv2mF}H$>i|vTRfn`fk&ll9pcFbKQl#vKJFaXWHp?!HRQl=Dd(3vQF!~nR z7Soa?@sWM6`%idRlZZDM~D!5 z^GYy;ywohjp4x7I?5O~O@s)<%jB*_yShR#gOR=fNG8O2;DNFZzmeyk5qIZG~3vfYZ zj@%7*D5n;h3%{2iw9R!&pvfU&5O0ANB{k?rFa1l&KE7ecq$C&4!Y*vG+HtbmvnjvH zRpqNN{|GX*^TE6K<&efYKYH*aTOQgqa%Iax3X-h7CX}|YNaH}Ob$A=On(&7^P9L;W z9%z)yp2XvqGg-*txlUqozGCQ^Tm;d;BR>iho~Q%PMZE+;j=br>hBW^*jOwnRLsa|7 z&UklKvF4_S>4v|HrSwT&M$>VEWIH>FD+jxf2plf8-~R`e``F82O>VgSNF&shBK44* z5)nY0R+Hy0Xwb~?6wg0;`EjY>(8Ui&!yjL5Ir2u(1U}z}WjM^Dv%o}vHRYbBklVcp z#1r>GOcbZ_z*^Y%a#vTDRDbq6WtI6~-$@B3*6Mkuh=|5#L;i`g` z-)2hN6)H2`^EB!>Sky5Ieby=S`W#bQwQu@$UqPV*(-$ROzEGvh_7}Ac!fstVJ};4Z zMe4iz$9zHCj3$4Y)x%s~rTm;B8cyWLyTb-8=j%@tTjui;FCO=I7`i*0Vg3E?BFO-C zvHa4No*UhZr_OUH54=1!fJA_`Le&uQpQx_B#P__mwRNbfdo{aqPcWF}MQglak+fdB zdc*6BIhcS^@G;4U>Zw{9Mh915^K|Z~LX4rix*)3NNn>)W>7vOc{>IO3eDAMfW~3)_ zdsJqxlHoalPPzw*aOavDEcFo=_I%QpwB1-A1pf;E>WnP{3IY~rJ&yi2UYjGF6q|Mow=44jW)_E?-`wTBK^oB;LvJP}hK>GaILtxpoBhBf`J+iw zt6C_;+C~`_@G>)o(aePMiMV4h?KU#r(pF~XL%!`~9x(GrL@(4RNEtz8Q<-pY2OHTN zs+;$2tI0_1^i$<-bVQPrCrb~nAXp$O*35cJJqLBlQj?R{)<=|nK1K&@sD!^|=hEHL zak+BQZNXE4;=h(PPx7A|jUcZy|7OsMxId&6FEnl})uT3vnz>Tb6gBd$ywa;=_lm37 z5eE5tOME4>)wm8*Cb*d}w}zN-*mmlma!|0T=@4?;s7F44dn`hFONyG8@Kge1y4`z!g?q$Z-SPE8xLaA-q428*?oz9&dMRy^91b)G77pbA_4^2hE*VQ%9O zPq^{T+CO%2?84^&TJ5$y@2W~#QB`0x-!lrY!LigwfhIkuKH>xG>{9)wi|;;q^UJLr9NeaAcX-2t`ah99 za_13eZK&^8>QDSQ{85wOc(OLl#;*XsC+(6FAY)+=(Kih_Rjbhbu>Iz=uxl_BktJ$V3?DUU@fls6RyEHkmpgl1@L{M7K!-=gtK$Ix)<(!6YF4dmSDFq;m#!<^<3z(>& z=nM7r;X|#vl{%v-NLZeLPo^dQX}q+Gu09*kk(`8@*$#r*`ftfa$e@{fmMh9D%FFp# zC26Hg==wA+OcPHPJSjNE@UG|PXT~V%==_c-_5F+l7S))pGlDYZoTWNG99buh`A#!+ ze-Gxzw=>t~klWu=z^Tz9mSriP(gW|A8CF&~jyV7}f%w>8_S7sB6o#CVp6zaKCmsh? zG4`|?*0_P3f^hOdt+uXbGv{1Ao?iS^b|NOPN`&P}K{ z_UwUIk{1?h<0sSslJVT^ACfUJt68qV*JVv45&T_J)8(Jsyi%ZCgVUN@I*Eb;Z3nFEb(ur0fpup&ov9H5e@CKuddL7)5pDT#IRJk z^D-wY{6<-(9R{|5^=jC1LoQ|fCXG1>m2@2f)SE?Qm7rv za)?Ga<6h5lEev8M;X0UM<({9)$m1}V!Di6J#i4R(Ut!Mi$yufQp!ezD>oE-}l1~0! zye_>lQ7x;uS6QcN>SQg#P8PYRS=BmhG&0Z7>nX3Z-y0zGQa~8Y7^3n zU=hROaOkWyywxxgsVo&8EYeOFA1uR;6`Aa+D(HiqOSGZvX#sW??CqZ#svSj#5#(O2 zGq|5}f0mVJw4#4A?0Nsme)xOD9m^0fZwmdxWg^d0alaW-m5IWrzO{q78*DqCRAjl8 zd!}mQyeV1#&3cYepAfZRXCg1cq}G=cWV15(Rl_MhQ_>MO?Nw2h7kY$5|KEtT`0o)U zeOM;p-)8xuqHyFI5Tja_ z)A+9kmI2_RR9c;XkP-N}{wz%Tsqwc~U1 z5?EG4T}i3Zi@Co>wB|mA2>9?UecheEuXzH&6`V@CV{rhL!&T#ewsp_)z@c{DPjf@l z*2luW#&!_yoHW;q3|ER6@$lTX6*jH`WCa!7#ts`>lYATIpk9S@&WSyyb(>83&o-4_ zdGWmTKLYYRI3LodLYG4;7(Ew4`_3O^Mf;7)_Jx09?mPFZ zAmF0msjzu1Wl6g`leSt(eh^$sfDHPFX}}qCi~D=<3bdV{@y;UnX@Esb7JhYJI7)+& zP#UcjR@jCWi})I-AERNOW?qs~ESOpGOQvYZA#obNvbm@ZF60TzG5EqBoIMpYOy(s8 z%uk=(y_Zg$jbOo^Nhh+!z~vo@3BeHVR-;@%H{;0(PWTeh89v%I2cB_|Oi<|jvKKK} zj(FmEdbwUEB4P_6L>)7!j=ohxt|;CCHJr*H^$|GzBkg1Ey_5cLTt<5e2~aqKje~q`JsRlgRIjv z^{5IHlZRVPYgr$Yu|H=3W_3ZQ#POu8N=KD2%d`zS?G>SpL1r)ap!#HznA8WE>7 z4W{z~Pgxdgt*FG6K;PK#m(U7b%_MJVv9+CD2i(^M9XpSSlF?jtIr*(qG~QkG<*Ns5 zYX&B$Ssj|nW1of^HR$L1M>lu6&O|@PnETiCfkk=b4aUr?$G;5psox=eJ`MlE z#iI2FQ8gRs(;$Ta47HXN##qfuSsdVf^jM_qwyl=o=qGelRefdL4GmW1t=P&I?@Iy! zB#mO7A@ytTa#=y4QFneblz*JGpzliUV!N&NAs^Zd3#O4&+gpf*#;!?{y_FqF*a+C} z75h_ynt4M+hJ8*qDh3xqtSiC-3i_T4PPX{w*))~SHoZCi*eNDi>aE@xcH?e#sXX9usbFVdaAy}DxdgKQfup{sPJ*H0wnr?v-%^O8XhphFy3n0j=Zh>g!1 zNi+?T+Mlqe)aI;DF8f1v8Zd;%fbTI02jsG`0@a@u8Anee{TqSizm^Dz@&6ucfz_c} zl>xDmT-b9|ZQ@fQMe>;>-e{DdqOB1l*}TwaG`bk1?{z^jp6j-l{Am@w;nV3+!a&tYyRdCahg|+c?`8mgzTW?47>NL?2w(wq!wi5wb!!pM9~R?&X4A9) zmm1qcKx9?*fAX&X>r^fG|NeCgL1QR;R&WwT^CAv2^i-zZxvoChAyV;6kNh!FGUEdn z_k5r|=@yyOa(K+3iW2*_)@7V!Ss5kzn_&!`3+&SODQr<%C+S)cd`jxPDd)<}d1_SJ zxwpE6biqr(NBcjpkC86QZW|j*)ZOmBnUHYx#R<{3As48@0FK}a{3fbDl`uV%Uk?6k z_`H0=-8naEbIeS!4IOUCY|4Vh);34h5 zaZ3Gf;~WM`iNB=ERIm}V;+{|)08!>|2981$^tRmTpK6)4JCPS6D|n4-5*J#}ho7?1 zN6DMTEHUQ$a~iWY$~}L!%5`7T-~ZyHM|y^$WQOyJkgxv?V*CqoKK`FRFeKuSpZcG4 zeBfvO7a!Q}e)u9$z$n0DUBKyHt^q0ZS&@RtNy9IK#dq#p*>K34tkMwpSFg3*$4JGr z%xIDe;^z^kZ4YreV`ZO)eGZVa2JltTI}RPXO-Z8o!ehVs(lf7**$O_)Ax=4!4M-ML z#Q%Bd{N>gCwmsP)LYzbEv}uc*ApKz|t&X=7wBY(;!}-*~$T?cf$k)Qzv?~zcqaJ^ zeK-brphnXf(m*F~BiZcT-nK5hl-_T3X+GCJSZ1}5@#yy3*0+qJ7GWXZ(g0_U7~9$; zIY*HB3zo5Q$m|RKJV-qn$G@V2;RMC10fAeeCBkJn`1r0`E2llu6Vt90h;IM`>Wqz6 zW|9PmS|=O9^C8c+r4(E*7f~TAC*$1oCZeXUzA01Pr55COxFBD~UihKLe5y;RpDp0e z5BD2g7Pfnj3Z2U(8jBc3SPe^zplZvXQ{eO8qP4r5X*4dvS;;0lLo^ki{?Bp$fe+SXe zSAC62`DXBom-O|+VKb_N9}G02G+t1${(0Y5xV8&(A>87RP=QLM4J$#GYgsi`HHrV0 zraj+uFVo=Bqx%Gn>V~r=jOG_Cnts|TlRF}P`_59mb(#)LatWYXXZH~?1)@^S z`kt2<34Y8F2VVjiC*U5`v)Al+ zgmRWy1R30Pe#RZGGw(&Ze*HLG9Q_8Ikt`90+K5y`zJx=IJ4$HR$hsYGHZ-pLat*!A z-&3u|=Z2vRPrDU&OD zc6xH8-AIUGBheAiTB`zD>u3z1wLbDkYpwY3Na}$SBoIibbuxXO_J5G~o>5Kp|Jo-O zL`9@XM~F00X(~;nDM%9m5vc*90#ag#NDES;D7^^?C7;>`6j>LfCoOsyAZl=7)_~ zn^!;S!45uuaQ&6y*A3J3r*BdL!c4IGxXf6f53ET2Tp`+@!N;`rgCL>Wbqrm)9^(X= z5D}zH3hY04*SI;oaCwvxTp^J7y5_O(kBV>6gsi=y)ri?r zc!aQ8I7V?M?%LO7ZI&R5fyxKr#zzgP*^!?2(~RPN7)1bM@Gqa=ymUL^^qFtc9aMvk z+sL6<#~_J^US1!==u)&l+wJ2r&!)p?$js8MK7#PgiM&MBJ zL}i}3L*8FmzPOa0IYo@VD!Qof*o>3LwePPq2p; zJ+8j;x^5~v)(#itYlc77;=k9`Qko#Re5gfCqsEN0d_7U)`)6Ny)lv4f9rVSC05vZ@ zTRz*uXxSv8ljB?skn~H@P3}$4ZhW19`}WkuSfOt{_z3&uN1uo8fgN@R=|FAGi`o5C z?OBQxftSj2@26;wb_MctV7x!N?*@0%+ znZB^~gxSbEIRKCz@{X_9B7eZxtH7p*qt|^)=-~C$s?ux4E-b}eW@i6rt-Doao)POX z=xmYv#v=763Oaq}dys726fLHGFQqV{z()U36Bd^R5E>C()~U9(=De<@To+7E*$oC6 z<=G%2ZZt*z#d3Q@{y}qf(~FmFUa%*jh6QmEC*os;43{}Vw2>{>weKh3MP?V86cdk?P_T#;{t79(j61UK5$4w;wYg}JHbKUrI zX6MLrQJ@+Zz^M*FHjTx#vgFA(7#Nd+^ndGffisP+Yh|4yyE8Bbh5wgrHHQ9sZ8eCH z_-qvXb03Jb)0S{@1*l7-uNqI1orC#A$PAN!hxGTtn4XH=3w-<}vwx#y(74(L>97ozk(^2jRXX z5sPT!Ea8{jSV^qkNA z&zE0@Ua5%3B5L<@nSwv?Z7wc3h|THgX_aWfhcp;zF8<1QR!d6~<$UqqDnxiH&G#>s>j^+U%2NaK7t2=3>TQ?(hi6ucN>7U*WUBO^i{P_g{F|MTQ6k_gU*2=Y53Y+f*muP;!1)Ny*2bb(6@v1QC98ff32;to zz%6o>uHb@E!BZaP(@meuyDPGQ;^?$ptnkuzP=ohucEso)=Z2masZZj(0P}FH!R+R=z^SF`R z1Dkc#&7YEc7ybd)0;=0qww$QT-<8cy(@I;k4i974N#GUe%+N}RGQbY_xZ=HZO@rr{ zSZn*zr(Q`cF7aSM62~Xq26FEm&cSCF>^(_z^}kpkmA-icDMHHW4%UEpeyC>5C*<}r zq{cL2R-1cyS{6(8!|HW)Ku(S?^Br&$D3el$d6>1hx!rV_|odgfXBEIlNDZ;~+Hn>w0}c>ytXaZp`c4VNa= z-D9=Gxi9AC2c)Du!qW5ww(Tp7QTbDi%9)vK+ZuV8Yq3%Tap3ULwN|7R0=kOe{gm~`f z)mDZv)oJ}RZ4?0Qt~eHSZJLYH-01en%`S7QiyD@iR|MAemX1r(z~0M%tokcxeA;Zg zP|XvME9Q$(4F4sBF@TYFA3q5882lQ1jeQV@jUQY#EJ)|`?3Q}1->d#cET!Bw@Yef5 z{1%eNYww9!Unf{sCSJV7UA+eQzMi9)YswC)T37btFftU~Huh3bG&Mc;+3++!`KExH z-SYskz)}Y-=X%{Iw8H&VLftp75nP1Uc{F^^6Wms6v9FDg=baAqd;v}<8Cj#z9 zZ8wVQ9NKq2EQrBo=&BTNg zh&F2LsD^GZd8GpjxP^Pnj-&*;5;NU%DB6*pIp_A`77BPdoYRBTKXyGX_?&ciu;B-{ z*~EXO)9&nj^VvnOjuFP@hradu#KcZo8212LsTS56tQsPtwwefok+VdG$*N6ikrOlL zhZl?l?j!|h1fIB5i>efQ2)3?!k7?An${6aApa6fR;O%ZBc>6I}Ujt@|LUs~Hl z3_P+?^u7BNAd;D06n%f_*P5}3%-5&=?(-hjrjfS8lj1Ii4&Xe_l`k9J$}537?mhc@ z7u{Vy@s%6w=E|F7yhn2q*eOtCoHT)!&}>QC;bIqog6&|jb{fR4VI=5K3F64P+CVe* z73P@{#b4zbHb!L-n`P<_=>E`Jfq$cM#yQx}`uZpHZ+0`1D~Fh;XtJ$4-tP9 zH?&(;w^=);C+}y(o0$Y5j#W0MLo&0iMb&F4Swqy|QD)aHD9Y(GR_0~ro@=xgKd`U5 z>R;U4N3DTAfI@S0i!a;jMXpOlD|vHlx8Krz zg73 zwd5MA!cCk^Y8$Ii%`Uy)Cmd0VUOZ|pDdi+N^*4}Pcbk&dO6jD$J;=zU#H25H5o^?} z4Qet|+El+uhPM+q7{_UANQ%g<(X#n$YG7?m{HzV9+(h{dMYg;QEd@(mA037I*0ZGQ zOZrbAW_DWtq4;h)|7Y*U3JsW^SzOU4M9d`ZAB;X%EcfrQ1v2M9yavrotj`e6B_T{$ zD;t*YhIUjP@}Ubl)uF1ZXfH@TV6dCSoy4}o+#XB3=K9Ys=tmbvv)o}hSb=O)W?cJ= zYj zhISp2ihXY#_lJ)H`oo}I(_fQWnqh3!2wn(RdYXtbzI0V!n@&TZD@((=$fB35o+0U`uG+AO@&PNZXh=X0Qu5CEb&#+@RregAJ*-%c{ zAN|Vgqr=qK#G5-xmpfxi8V#;=pM4HU5a&LeXolZHkDMHtvrO&$g(simkMSPZ@G*Ckq2F40h6~5JYDZ^DlK1EEAteO}nRe?s zwbXT|^yvkHX%?`3=(@1DEMz#xozBv`U!*;kWEiYrKs>dJh%i;z*xm{+p`T|+kFI{p zE_a}jn8V$?o$Qs7j`Hb}(wG=Iv#RaTro2SH@3R-a3f_MX?F&(5oO;=!bx`a)&Al?n z1Xz-+`L{h)>C7bcpF$)pb11K<8kh9&rv&(yfTvN<0_x#sjb&5rbFROi;o_`wt2{^( zqEu){8XJ6j5*Q5Lxm4Bpki`FRA+FfkN;U_W<~i4HS>un70lwpO!GW_BwRqn?wYEmhCJB>bkFh5| z@cM(FZgMKGCzd=CzsEoKnoXtE4Tl1K*5=W7A#b!-9`z_j`=zp$)vmBVSJ)U&9X;rj zi3@!4rB#YP$R~cIrAvu^hw+4*wz^A3-lK()Ca(BuR_i$xx(~fEtn^h+(nH-fmRTnz zJW-UY42xHJH20iy!LMkB^JO-_mWbQ$AXx$mBot&w8B0*66NC^i+q`qY4)>OXYut@I zC3kbGhZbH~4RBhGAIioL0uMMlxw(`Rdwi@whwgp~z-5?~Xyk^lpE%JQ> z)u#j=dF(^)^YE)3l3%ZI3WrXF=}PK(#7dJhPIfGi3Ij*9Q4XxyN-xQ08{#!{ueJsaxR6+oN4;#)S-9T0h09efm7j znAjs4!udiq)qKf1?OM%`9#>LiVeOcr-RP9OE4W+in+Q}@Kb0fbUBGM7Z?gQDp2<=v z%;SykPBUOppZ-<*J+jl{?!4VEwwn zAHmO?o%z*rIf9)wEJV}EnX&nw;V7gaa}dXcRf2+!ZxfC$VFfAJ1fq}(Kv+DT=Fq6R zR}q@8(jY)h)W54Ho@7(N+I5AcWRH#NM-D3jX2%JTQyRyL`c;64i-suqr%@WujdT@FHb;sT4-k>p)gSn;&AH?@7yYOA}Tq*?&bE@?9J$Ja$TKXT8%Gh)J z`6|fRYXZMV3LeOV${e!o*vm1*pYeU+nPmh7G>qF0;#2VeZ~ip0C|HT0Iop6(2; zbY!RNR`(MjC)^Jzr#cvPVUKg?@f=gVwwC%~{`#4uM7;WJVwhCu0Y0EcP9VsBzb5Db zFufpY;yP9YRXD}m8!bQ8lDlG5RyK~?{#d#@iO%$TP>6Tii)(Iu$1}w-a4)#v$!3&L z#BxR44B<4bs3YAvPD>8y48Xctl~npVU*;|*_xr;+riK+CkD;yoxh6EW3Q*N;$ECQs zg!?Wbuck|~u+>@1%o2_OODYTpNihO@MoA%!6nvJhk5yggc>pWEPThR_Bm6l1^qRCG z+k3H;QS<9!2LLw`9AJhBz=1vSA%Ge3sQ8~cw&m~XOeaJLFavT2aRX~Vcr;U%Mwz7) z(x7HZlvz6H5-v@2HY!4wh!l=aEjJM&7*;G8J1Nv;%t+qj#X-# z?GOn?ep#Mc1WQo8XciuIe6d^kep2gs3$Lm4y`tHo&!7V#1CFAD3{lF(WdSh|&>+5T z`>RL25cSd=@i0|6d~NpNqp;frR0Ap3-g^&CzXK!W`;g~a2WiG+v(_vP^3`Fv1zN;R z|8bA>(M;(fv!c2JDr+kEi_;tB*L_dMI2OW^d&KWtI0td>#i7R2;AXL4^|_sHEpHc?s>1Jp}?_A!KU>G5V}=1OJr^;J+iqK*b)w^4rsv;ZdiSc(Bb{Qtv~@McYDGmgtMk5#_2-Vp|`z`@Fu^M2V5by_my>@^_@ z`p$rg!y#f{{0r5bnKh*jt#f1R8fN~*)ADnE)8eDb^g#8iCpvA^fP-?2>0Bx2N7;Rn z4`w-EtGx!MG~FFg43VID>yh&vdA_T_j{=r+G&X6e*0^+oyQ{$1%j>bzYuyv71bkKg zlP{w4ZC4XjUxmcXR<1%o33ei!5nhXSK;?JA@}3KcU{t2(F9P-7^boKRLec5oNYAZ4 zsR%R76l{U(UhcX@7zy_SXs&42QXj047*Q_9TyjMc!AnKDAHmDjz|BUH_h^htdGqQs zlc|mt^gV%^384>RcoojN%Z=tq-kybhr2&DPO~2-<(S2GEz0}dhQ0=d()*F35scQOs zmGx(2oojo7AdNX7NiI%n6&|f5afppP`0o2-UAbc*>__O{icKo#Dzv^Lzs4CMpKp!6 ze2yS)d+^t@%7hSU24DgT4PqG3GAOD9-Ku&Dq)ju>dg$>lMHI>pA3Pl)l~~Z8CTIN3 zrbe~n-u0Fvn}r5@0*3qVLQc44T~6-0783IWy{47p%Zf?Q{MG1^GFn!K9^-%JJ*kqC zzau_rB*&GPxzYb^oRWZlNqt5WC}e(Rsv{VzM0#oE;h@U^RP!W(utX*-3%gXjE1Yaj z2TxDQp^fIW97OsiPp5q&8Qsg4S1oGJ+uI6W9}Pwg-7hUS?jizVofkWbTO(8NfIB3> zbncJT(!^nno6WA*56q@n2C^HGGJ4;7H0BKV*bC(~qK-_a=o!f?&yB<0CQoy(>J*0s4X6zm z(@lbeR8!OXN+DgWlaKCix;-mrC6xD@PKy-N&J+>Zte=hQZ@mF4ng(2V zR(|;E-O;;d`H)cRi^t;?6_Pf>V0K?MvaIGN*y#y!ThAd{HhC(PnK`lB4C$#J7|wXp zoS)T1#S=n@dcf=JH;6W8YWIsZkT96A-U)5aphKsnKC-bK_PBR|N;y7D^VMWV0PK}e~j^YW;%)!X*1cCOTFU|+j7IX|g&cq+BEH6&k zs36s%087#9e~V53j!yrnVy~GANT0w&Kgl;AXc(q>{l!ue9{1Zf4Gabj{QY7Biue9I z8HE0{D1REFMm7j%N+3Lu$7t2ZDwJ2E$~_J18tbdFuC97YHr1tzWEhFphue6H$J@+B z>-qW~7T)ZqJ<0}jYk}Xobp+_QZr$+j{^TM+5@%%sl6co|Nn8OygN3{QR>N-qZP+v~ z2B4kwr2p-DP7eVjaR?xZpGN+c#1|6&m*4ddYq3APX+=T{?y$z883+%jz~WEG=24!` zS(E4$2Z};1=}73{y5ZTZD*~3-CYzhpV4Xq1*0jwbsW9FHD@O$FTsM9xsde-!DKQ`GZtAlU-dOtvH@Xbcns(>$AbOnC=rcEP1RM~-PidBZL&hw4Q|W6lWzQ!*4>CkbK!A#&oiDb;i8-Q&W2wl#iJLjn(0iD{V4<2 zK&0K;u2RuI7lHTwu>R>8#R1;Haa`M`dr1jxbi~4Ps7xhN=6AkmT)EGv*KaKCRNJ98 z*yD9op(4brzPQ7i*C)ec=mxao!TxsuT(-i8@3n#$y;8SlzD>7w6oXGD9JUrvYnRep zr4C3nq#AK13-mPFH%6DL*N&_0C}&UN8wnJdceYwo$TL{TG2p(N4j455;k)?5M;)QL z(r+?O(>gv*x*<VQ1#!HVYkcLOlzy_ z9wrld`BGWcRl_IsXGel~X>YVH1)U`qbx054stuxk)vG9edWRjNA~n6|cbg;$X!?YJ zRwzzAL=))1^=`DpIQLuDpDVn57Y3T!HIzhQ#2Wep;~&d!k&rhCQNl%z5YXU828+Z>9a08xnG*b zuG-JcP#i2n+(J4CHD;X~5!#33m>>Yl{96((SrksqdAt{r40^TUvr<3*cG4gas=TMN z-D7aMmv=wcFU3K~FZY$+UfX|Mklq#A_+=f+`3iRmmh0q7L3awATDP(&Udj?o=VG~f zHx)0P_j>#=={iDC^8FNfCsqSWgb273IJGV`$I(|peaSnKzZUJjap(lPO$R*oESE}x zOYFiD7j$_m`Ffx9pD{)%emx^L^?!I!{QCprkN-Nd(JkBLyH=Yi;YYdiQvr--CN~%V zqenvuEG#FDWS+AI&hsAFZOPZ8A9nK_OT|MvH#qPLrS*VW%!z`1_pmYDb27?HH2;%6 zkDA=X1H)Hkn?kR!k28L$1jDHcqZ&s1MQU9M$GQqM-;bv4**hu@@yPy|*1W(PZUugB z$0>U&7LZiSqzOD1l*IQrb3b18a<5#`$DM5{-Pm^|%wgw(Z0Xksj7wPBz-)a8CoQS1 z!%=uBh;ODxaO2n1Em5nZ>)N$J*51-J_TZXAS`ta=Q|5|D4jglgZW?{z`oGJ-|I@

I#Ov28fF73h){mj}Ku^N@oXaiR~@-YQ7in)4yA7ePPP8-~^x(&bNf=qdC)e~x7h z)J$0e+C1UKOJm#)b`Cd_TQp8eMcd>bNE{eWad9~ldhGD&=vv2vAtz}?t&hnJAxeH0 z?_ehW-gjRPRe4waT0iNxw(ZWfjdfAL@+JYXj_ns@(dE_ko8b(}#qhvSGKb}5-)fzq zu}a9@lBEe)__1dlctEN>{9^dI(&7c}e;_0Nen9`jIS&l3{$QH_`w{&Q=lnlW6#t)p z-`%eR8ep>OhWXGh!bt+H^0WUK+Abw}5o_OA7^d>8(#!iXHK|*~{zpcHKN{*6aGxhq z>)V+q7XjQqg9m>&e8)i4c(N2b2>(kPq$^o5E6mWQn6%vHsdq&W79?C1eM@=yJv!l^ zu7E$Ew?Bm)H~}Q|f9^8)UwXeX`#+hSY~yw-Yr9o?^pRH-NH%W}eBF-79K^A48})j8(2z=0p#SZ@(?5A4+*_1KEAj zJJ%+a+FLCcC2m_YiAbhOQ?$dkIU~ickt@nQlV}TF?aw%)@*pUO$w`_W-6URCwI=N0 z=ixPl`zOUs5+~(iKpAf1*XP3wZzsbj`zQB_Wm)!+EIdq-i*YCZ){1L8x`+6JbHWM@n&nilZatrgT;^P^VBlPOXQ|`h&r$x ztNM#&Si8*<7>I#@k^EdP!|yl!2(ZQ$Bg2c|zt5lBi<3%81bVLY3+VRCGP9mdWN;gn z=Mx4ysNg&V1XsBy-0{sFV?S6|tl zD})6Flp~tj)9}9WSnRnP@>FlC#S(ySZ<#wL|1+ttR`7n;hE^W{cwOM}Ta!L{IW~VS zP*xke@(cH^$7D49soGf4?B2wH!%EF=G;(6BoykH|n*p6>n2NhtECyMYC}Yo~ z2C-wOP6ycOy&o|03JjFHZ$fpb>Jr;dSUWkHl|kBBQ==%X17Vj>G=DPAbfgT!J_})A zOsIh3%edR|;pJY1kB!0RaOINoFU>Dygx&+E*$RAX>%7*Dyblz10S@F1vi`>&wBT82G3S)@hCTUQ!_UozUo8xHxaAkw>y_Vo2VDyVRd*(M&rBU^!2(iR zw8qtwF;2)L`+kqT;PFxM5og;C(49JLbwhP3$+qQ|oZn ziH@LP-ew*K@N5*`&$KR~RuwCl*KGm;9?%kX;{o382!(9_ALNJAE4wsL^ zq=Ox52{v%6qz&j^VdYO~k*iBcxtJ0O1l$L1ks)#Yp+WA%X4zYq0k|?uv7K5@DwX_* z_YnU2xy7gNYHs|j6&eMOjB8&!!vfz-g~(SWlOPk>9d>CEAs09!m^_2YmSo37l5wfH zKZ)Ic7pH9@%e^a4b_NY0<{Um}Q ztrAj|eT#B3uFwwBcYh-vkI1xDv|=Br0x#7`zCnXaqXwlv<9{61HEDBL1EP|41oerp zV~?ule~v-B)|+sEpax((3=~Q5iEDrlj!Q$GOz+eZ99XT`zRFN5ng(Q*V-6V}lz3dukB>{5zI&Cc;9QS1ySOiaxDCEh=D3*tEw^qX z|B!$AA~)W^z4%sNL5&h;mChPG(ZgBfmE?2vrtEQKt842snJ^zDHzLLW&Pl7eM+r+U za8W6mu%g>0?XQ#0LX93=yzHUWnfGrLL&H(3D)7P2Ub{VrWL-ObJUco>vz}sA>ytRi6+wUHx2D$}9!0OY>_}zz6%s0^ z)kIoxAl(%L`V)f3b!=~y*BYokrI`I)ed z`k`(Z)mo_gQ3(|%Ioosm)Pj@&@b`bNnE-MyCtxRJaycB&CPlr{Hy3LWk2iTYRaF&wV0-GfNd6>5o0dY<4)?nj46p#_ zu!pR$!mu#xyFv(50B!x~SjBCC?+nnozF4sb6g;eYT_U2y#Tt}Me;6`mt$j%Aw1=1? z?P2zWT~W9S_}<8ahVLqYQ^KU-UU^R#vQA#yL2GdNs>^L}A(h-REv*jQK5QBO_@I`xjf>TP@VP*75Qr>x5nB+q|QTO z#Xt{*!zJ+=^boNoBM5C^&hLC1zBU^xwQi;F`$lj6wngcvwtMywH^MPF>?PxTsFJ%i zdgmH^+=<^<6GKg!)RncjHx3ZXK5>Csad^W|{OKLZs>A~&difbcOm_6o54rDA3EMEF zd@wuVpNG*=o6YCa@vj6P_q3g)M<(L; zcCG3*yHTQjXpbWgdA9{{b!u&ESDjPoHz=%_Q&ZD6i#t4Vs#jEi-#k@>y#STC&1%?g zar;&Cc%A<3Y9-by_yKJX#gmA_abL5OG$;giTJsgpidtPa>nm%2+(U0?E43_2MXJc~ z`MMtyMi<_OeSVy%?b4IW#98iC0JTK(!1DbFAssqLSBL-M*nm4?GuC*j-s}bg0SM$z4Pg=wHZ$WB;!xymAv6PWbrD^bYp#h zdF|N}_T{bho*v3bi0~e?3b+*hl`G@v7^GG!ORhOfA7%o8priXt-cgxeFdZL$0#Na)Cl>yCXc_x>0i0M@3&q#_=n>efW^^~ zA>EEVBSnCvI99_;Cc-z+A=_=pxBQgN5PW8f+u2NYbh-0<9zjI5VooG6CH!7!Amn(+ zV7g2!#+Ha!q_rJBI%q8OJjgUM zl3hv3J&lEhO)B~G!RGb<&2J#v4zvZxBipk?Y2K%qr$!zPsE8W3Pji3o%!Bb^h9+)Q zAYPgdc{+zFkg_Jf%CF~d_Es52)1<+ISO28+|D7VSKmwIPO~3DLpFu!nkcz>79QOPz z()|Z#2Jl$=kFK1*6D`wzgmOp&4X0sM7faPk-JVQeQ?kAt@6YemjNfA-u zP7bXfy)#E%cX%ciQjdSAyL??}QMTt_{^Xj>XrQF{KR;-kNFaz*fSb#72LX(>)5zrq zdH+03rP&n4)p-(9(Ea<8mLzSQa&Uc+aA(NZaF(w4iZl_B@2HD(J?lg!Rc%(3lak%l z!JcC$@=I9uLjKhc@f!;E-}Ps0Z9oP9cVrj8yzgq=DoAzD9ErNwh#8S(oTGH>dQP^l&p8Lhf+ap*%8vcaP7;s z$8(P)>D{q;k#x0eBT7sOP4gyibZB!`%J)r*2@LphJhC|)DtW=3x@muz?Y^bj;m+C5 z-%NmYsvbj(HV-TepHE+|LQ{$&gN#U`{zmDY+Q$~_98Xsdy4DXL{4Bv)^26S~3+DOF zIe=rYS5p7{xny@1v97WyFeGFM$FcFa5GW0q1$>?b;cjm=p6c&qzj|kD`&7t=>&9tr z#{`*<>@Y7xxY^O3S#8e3rV|9$WMkOfVaNP-*B+?1Oge~7{nk&uU1K^&$QOcuwhJy^ zjB^Nk7D22%JHp_e6{*)ye;_&O-grOa4w;<7Z~P)|N8VecZ_a>wOa660b&dq~`6w2| zxJ`*z)BT7bbRyZ-7rrZ>TUYL9_29QoXQ_^deu;KiX?zZy!=*0VsFOu7Qa2@7Lw74| zz2DDeMenKYAhWsy2+lpR7AEKk%3mzk7~xA<`k=m{KoE zucj5qkmqZP%Eo4=5hC{S-`eQc#*0vcWtDOpS?3B<1>0KBzT%eDcMzDHLLJB2e0*&( zrJBNM*adIeW2sFL2fpc`wN}$nkIQ~rb1-?eAiO$!$hv4;IJ=886fYk(T3QAq$XluW zR@U5j`^hP&>XSCs_Lf*L!;Opg5?e1>J``NLa$2|{H^`LyGg3G)f*W8x>pCaqdom?zt7@qso^Ap^!r!ivFbt2VXDk zS3pq`;410|SbODJ1oIKceM$HHlLPKnV^!RnmG7hKxcW9@mlT{E(8!2(oN^`=Ra@mN znmoVFaH5Sjs~17DA36lN(rkJ0o!L&LOwhd%l)To81!myazRu|EU1O+xs}=on&jLq9 z*yWacSMY{cD=+QmYUsLJB+~mLt?#y=*ZKm(qc1Z6yFxD#N`zsc6F?3R842cYC zD@S(7+4s9YT5{pl^%)ZmYvHn;Xl)QFtZzuV^3Xo++wx_lyGlP3!nKcToo4v&Ct5B;8gz-zi&7izDu{wPNM> zvoV^)IMpG8!7`12K#qdASI1ybxF9(q>QkZ~&qs;aUw2ra{cPP}w+C81vR?(A@*~+Y zv~%1W?^OuayH?l5^Q$MwNGm0eVpe8l7;hjiw5fL#aod~}c@{^^eumZ&NcrFtLaU== zxreXwMCroBx6?)*6ZXhlwYNW4am$A;JrL9wb5d-rjIibpZC$xuQ(reF^0vtAs%>sV z(wZ@wjF-SEBk`&CHSd3_^aUX(gs70y42|q|EU)odoN<$(+A`T4C!_rWtQM`vHqBrlNUd-w$)TmN;Nx~0DSEt~6} z*lMLrI|$j4oZm^?ru!KA|m5`$`3E$e0GP|exR>U9n4jAKwZmy_(MPphC#s4l%iKHlkNE#fvF|y9M z>BAv5itqHvz7-m5swu7DX)+7Ui#*q!3hJIP5xjFJwhHy0I;OXyRzwJ7DtsOaOUuOi z`7_dyUK0p7^*&9F*c7ZI=wt3Jy}vfU+%FY(x(?#eOn(yH@!?W%oOsH^qxUx_BOfaC zei3dw7jhs-v=*CSUPCTVscn~atE$D)bVN>hKJdNgYkr3RwWQ&ZUCAiPr(bfQbHTdQ zVp~Q4wUFSV$WU+ct8w2}C|mQniZ}99`1*w?JuDN&C;svP=UXAB z&9HW$04x`$xbhQ=54%a!4m6P2onmIo6vk4)X5+In9cfg96e85>n!vc;OB1OfWn&k< z_jklE8+OdzD8gSfkSny2eDm@`M6twv7FN(`mXn7zYdd6GRYJ=!kGcDn(2ykJ{;;N| z+8oY>kD@n8X+1b%UsJLF>I^LvKA|{!i=indGw3rV0KwJ|$=4b}Oulb)y!U@PzO2UM zR`F;!xv$x}7R@eoS*dZ7qb_bUnc$&atKDvLDWe^2<<}UV4J&tOQH=Q2tgy+xqAn;g z^6D;RSwJ5g@E}#hM&(GL&0V*(Hf3`M$(*D&88CDOAvk*$MjZ-NdG=n0&vhTXx36YO z04ug|hRGIBFZU3eZuk~E$}{@kT~x68xfV-N*#ESf1_2yNM{8~we-Vw6k(i)9rHQ+{ z!irjm?5yaTL`Pl;{Rv?yukr@Dx!T;W6Nd7pu-4A!24Q!!?124D1uX+PTS_?LPJL#X zm8i1cffAnYObGCW6|}f|OUcW(wuFdnD_oCRU1d#dALyIMoGc4~$xy3kTO`ec8`kyT z%akL_Fyf%dd^gnYpwS6CJ}hd?Dc%%+u6ub1_guUEF@^Gbr)hR$U0TN} zY@zV%uXU6oX@Lc|>Hcf+RDrPg$+#aUO)o30*qgP$g%fxYI)s~}hP4#`aB=h?!=#{T zJ*(e5{9@VUD_3*_{!#7w+%odzFCUy=tZe^uR09$*DW%(0g157E#ur#&oqH^^})L55(q0zB_UdE(Vx~^*S$0 zRM~}iwg=sFTfp)BL)sUFLNk)fC7EB@+7k9}D|_th(O%BNKLc72O}mvTMiEOcrnLq( znMHy)HR`v`glWmvHE^Yl^qa1|HMn7*ez&zscH!m(_+-7yT`j@~AgKI*{%TMZS=Le> z#Hed-JXbbWL(X3s>2g%+7@TjYsQYyISzvW{@oO!gh_RXCN=4?c zAC2x;?Z8OLpq43i9~WdxtUO73*)e^I<^bn^39NbqmYAo4!Fm)Ck2-5l%A`rDywA1@!1bLov;7ZKUTz0j^UYp)Ck$eY%&3|Er88e|xyUhbs=?g+r_ z{@N-WciWTmI`TqS!z%UGj(YS9V{yz)z;qv^}0S< zZwB=(5vHs{V9IE8Euv@^*`BcxDJDTflFdGkik(kx@%kNAyHN~HpLMhHns#hOU$n8i zYzxuY%J4Um^0OhvUOTwj9=3!LrPOV7h$)gIUT%YqduWL^Q?!A~=u`IKGNcD9U80@!HPLwxiZaBMKO)| zxVSZGzlgV7$RvrH_?|1MPM3wI)+J5Nyb4e}oVe<$7xb})_o}trM_BoOfHdv==C5&C zT;#`?5C?$gRM|PUOZY;CbA}8-D-k<}WCMm|IOiHfgjUoNy0SLGs3DeKRp=W_n>(?e z*E2r9F6QXnyl3q-3y;q_O;(F9A{SPap3KOhJp!hDGNWe`Q$;0Bj85>kcP2KONcTov zJ$|WLJwWjN8!HMZ0#^fX*JOtPxCL!qk88^K&J5rw35=IJE{&_SPQ+xNvYiAM)JD90 z^)+=(&dm{Wt}!RLDSqfPb2Q{M^Rw0Rf?RFX?18xQ4&9#hDRu_XUO4~kgZ zj6~P=UVELyhYxBy@!=_pd(Ex)&o)<>(nkns?Tzs2DS@vA=Qr1aHARgTwO{O&Pxn$` zfz%<|c^BdUDdFUDPpJ(ax~COa8ubA4ss7VTJDJs;-047b&GyU1Q=S9*P7Qytq&_`u zt?Ns_&-^x;&YwmS3bI-|Qgb$sH3em7RiIiRx2G#X(D9+I*=?V#-Qp{VB3j?+5)5`<6qt1n8Wc z+e@Fa_QdWL!bz+ujgy)*paMi88qFfM>CJb|BJJ>9AEz9~Z4F#X)FMdHYMAiOpIx_mn7*#-B4rMxQbbYO|-+CtJeF?8(NealP32B)v6@?0L}!WIo+Hdz10W}M(Sv& zkxbY+wLn7{OCpq}Vj^i(7r*|MI@12S|L|8KQ9<9sAW9*^wSA8*7GGs~|r z1?GxM5+c6rdm5ed=IwKKgu-^)_C&FdQF;QkAT`!6l%x>)8SPg0%!Iq zn`Hn$DzUO>xm}J*+^_ET#CANkFpnQk2O}_b(Q|RR&Mgl*#u>c(Wek%5uS&#FhnVo7 zhFK1RA9>8JaU?qPw#Uwx+Gv`;zz(%$9NY%w7_{j+F**?SNjfnx&ErsK8`-)O$MHYf zJMXBb)^**ZqKJqHQWOM~A|gaono?DyiGZNAAY>^bgcy1W5Xb_hcMwnzkd9O-AreZI zP?RD~S`Y%Emq0=Z5kkDvz4zK@owL^3Sjk(z z@mS(Sx1Xd-_;Yb{lY%wg@hq=^W4C!;yluNT(J`gXYkn^KuY~6SC|L^ixs)LUh~-dI zs6E9o3*2zCXtmVJ_epga4Nf;HwROt88Vl(14$$4_?$=PaBTLDHa|31L&&_E&HLhAG zrDkI#^!i+jir=v8TNSOD8@HasMKpbH_f7L z1R!{QGL!J%^GywAav{|y2N`MYVV*9oHH)umg%`k=eTod-T#IJ!W5bTL z-hU^lqpk$dfLl=O!0Fcns5=`!Sd21HRG=#4scX%e2a)<;6&fKeQ6)Eu9DB#dtZWys zb8p{_>mJ;_zJ2`FW_`WBt+XwH-*NnvvQF43mf=%>j@0RfC;!qRzJB6B9ux8m^Le~w7_Q%hB05fA`-L@`EV zUT>(p0sa=c-TN8tV;?|0(3)zFxpX^UA`~GxI3fKgf!!izFyU+bhhS}%2Y>XmnBk@> zo`KEd%D{-!76Pq)+6H3ekl4J|qI{{N*0dw^nj{8Y6Fl@qI_=86ZcEn4=!NJKiJ-<{ zAn2rpc?F@{uCh1(E1+$pjp=_?1gJJ?hEGRe${UL*!>&EKPHFefU@_G=#Q3qCs<=(> zqv98C&s?H){N#F1iT{MOXCgI$pZATQkana0J|TKp9*o_~YtYV{a0CX&3u5}03!o5mWVKvuYKF=|5!a^2)QNJ+!FUrrM$%C%^oCK5uyPqk$g zLMgg%C=@;&bNl?6P{|_+ZBbKaiX-3rWW?nIjSkVDGLc&wKn2GXNCRXdSG)k9J7<<0 zB6E292TP1+bq=C_N)vDR=)Vs0td|1j_*nAg7I6rB$olZ3n3sh6@H6Gw0jk;@hC$19lcIn8_mhAi7sd%T zTG(DbQyGyo4PV7f;yAiVn(tQoAAMEiGz2m6_AZYvdlKxkle+jx##_=gwZwFxxHU!I zeLwpCa%QsBIG$g&S30EJ+wKAP5Ykq-QiPa^`Dm_d&U)pY#BrU&lf7)u|11vF1`aY^ zGMEWftV;u8wtsn}M{Ti5I8~Wg^w|B)>-}B2_tO8vRtMPY_D%k=`2XHcE9tN4_L)*F z2rC=?SOmqU#xO;#CalJ9RgZledw{^`##-7(;3X11MVs{nnVa5V6$BdWM>BQ-T5zAx z->_XxsXtggef_%_2QLL=B5&$2f1Y$X;N-0!7I9$8^6x$W`)K_8+W7zQP64a}Rls^=&qv&@6cex;57?mpcxxN% zp64M}4S#HVq_4q3sgu}}+Pz5lRek4QtrGl;*SLQ4|9#Z_&DHz6?awF+m+w+w-MtrF zVWK-P9S4898UC=k@t?R+zqiu;_FP81g`ZG1_w23Jf`xP9XEE;)Bia`~ z^Ci??;|w*w7kylpuR>c}&qKS7hI^EK(MsA|Q%3FVt}W7Nu)&amx;N+o&!OZOMC1cv zAYNO&hc`3Dsr#DVq0fYGaE)#WU&iM>jf%?aNWeHd2LX#MT<|6Ry}=o#(EmV|@)id%4o)+kVA)cZ);|XQsZw zSk!uSjUlYle!$8tvJVdP-7S-pv(h0K7AiGm8rtoeB5zTCB5A!U5P(QMl;9BO8F#Fe zbk&7SUR4-T>;y?zOZXu$JT|Su;|spCzRx48V}h@T+^gMti-b@u@L=LIG6N(R$nJ;PNEC8t+8qos*5+*)_qs;Wkf`r){QQz{}@Js1Li4a1H4` zHB>e|*P5amrHO&32l!feT7)m`38M7HPWKWbx@X@Z5xZ8o3IOXkHI1b+1 z3Jlec1kdQ^p5WTbvT*;>@iS52fJGrIiSwam3ESGoIc<9P>IO_=xp)x{AC!lg2c8*H z3Mxtwk#HR$y8nx;99Nv`$`z46>iF>WPpic=nMd$6BmiwSNilaHu?@iM4Q`>BnswrHdVoA3K zPU~`(5=Xu1)?>rwk;iTvtt{=&-lhKP0jX5{-Z%-kCZ;FZ$TGW943Q*~W|+9mQ(zic z^^qhj56`UJXLDiX?C#AH_TZx{u~X+_-1Y8kTo=8C@Swfl%W!6>=Z_<@NIm#;&L=P# zUqvAU7XfJMaqICKrzeru?kqgM6<<}7Z1dqj&};Ky25@MBl1w}4XGz8<2$WLC%j^c;e})h6(TV?z&=F_egACgKRtV zoe1W2h4>Q3)Rdi&m=7S%?$Q#4D=d1F!tCZO!B^F_t?FuP8-mC#V)|3@aKy~r1$^&Y zR&Iy_<2I!!h+-~4AEfMj;XLTMTw*~r%6KR^X1OeQr>fn>Lzbe$szdw2BNaUFnEZVI z_>83l{Eetl-|t`)zdanBEbEP zDfI`jHc(psS5@r4_xpF<_`i?CzmLQ3eFXpG*8`N<4L(;fRWS;H3&YfII4ETmLv7h9 z*8S?bcFkib_+f1nEu$@S*8b_as9p10|lXI;ih#&sfF-*l!jill;< z4zI%V^s`^_>&?VG6VE+bB6BqO@C^4yUS9wLKNPphR=Bn2a|=D0g?>=Rw(^l0ICm+3 zk|GshZ@5%`puOPRm5kCOuP?F1Yx|D_89HQ+DY#F&CQFkfK$;%H!2uiPls_%iXC&*m>zz{Ax58_p&GNU0xp!{KqKe8`Q<=ZZV~h{C)mZu~ z)3czi`KNaa)|K_eflRY51j|s2$ita`zUR01{+BK4$3F8{>+-@N`DI_aX|JF!3=wBDm=yu=tDbE_ z4$y4{!VG#ncWth8-JY`w>~=UAd1hU?Yu4oY=W7betM4W4J9(S#&Y%L4P?Gsc0`hbB z{I@o?U*pUhFx4ZBS?c{-9DjpWF%+wj>sAKMyx2(TX;v3wE@D3W<`Bj*P%Yab%?04q zuEv^Dz8h%=Sr2^pzU~r>;$>WW%g_=zKt*pyHCQOcO#70P?hMU+)p_mNS$bWOi+zF+ zp&(rAHMm$KK3fdXxBTHC{b^1 z1nU@|**a`xg&qRbi2Ga`nLV=pU>PG~w8#;vOG})9b^uVTaUxBzSwFKI)Hn-bEbvX2 zo2c;F#HUALl={;9YI;=gq}Rn8N{#nS@rJ0 zQ|bu5j|@xdFyjKSFr9gYo=OuXYtnBuXcoh8k2a8TXw(zJXOEfh^%Coh9y#Z|7|b<- z+cUYT7Z$cIZI^)(;R6^B&vhEt=9I|Wv8K4B|6ti~)YC2HV@K`5XYmA{Uz!jdRKOiZ z-m3$!%?89U@1!L^(WnYF8~=xIVSY2_7Y!RP*{p?q?S?s-v^d zDzA2EsH!@=wO|bOg!s&2YfyE~%YXbE!)k~r4Fw=rDuiWCp$4d3zGD-6`aQZCN_{2G za4k~ta7ygyktIKoRHefG)+`+oiT!8j;=p5TQSk)~bO|b^`=_o_neh3%R zlxl>Q3eh+ML23+N{i%K$%B#vXDlC%6{5Kw8LE%VD21ks3Efgg7; zrLIMxXNCblUAV14W7W`>m0W4w&xWtpq1Vl)1RU#P;Jl4JJBzP~UEZt*_ipAy7M|-j z&S5rfzdfSl9x#TYXc$}vLhf(>EuH#L!tFJGV+8(B56i#*ygx*yz=+Eq{utBwA2HiM zzX)ZlBHFLK#O(_562+)&+CT_e5Dd5FhyrQeftJw|Wqe&OiX|?DcCep~Aa93iU9xut z5&#^_v@H6YSP|PMy>ppEt3>?v>P7fISUTdl;k@DD)30)({M%HqLADinP=ak-z7Smb+J3Sk51aqCi>#G+T##z{0EPMF@`;Fw&&Q zH+yLjSdTeMba$MXup*cLA|*37)-C(+qmGPNRotzL!}Rwe!|j^vXmya@V0x>^V#nu` zpmXV7`H;?lqjB4bN3Gkh2@Coo_RT{@*8WDt{U;0Zr`7cz578h0Ku`VsP*SrZa3V}0 zq*S~WJ(H=AJ{SH)Vfk=OH}Sw~Fq zd1(S+{kRK3nhc>!gyou1Y(jTyhqqjK9Mky7?GYfd7`C3$*h01W?2fZfAeUKzW-jZo zmiNDnZYeg^4VD{=-LR!Z|6n=ZaFDXJ`~b+=Qv($M$$j#jCDx?3@8#eeN&$ElNyk~5r`W(`s1D3Mpc zA4r|VYqj!&x1S@0HA5NXn?pV3gNkcB<|wEX@16EK{=EM+5R3PdASvUQzOqZjOt);*M}t5iCuN^hY-p;(Uhs}{ z<6EdZROC$MAo}fz>%j&Q=08~U;yP1}cJJS<2UmZZddJ#ia0v{Bz&&vt9gw8&WGvJs zYucr?qFb}aZnHe{yTBA%YelrJJbk(x$iIe!;HHk$R8gGcO2La9D0p$MVSvA1j3$8; zEWmS^q?iAEmb>?bY@Qy|Zc2_2H+?9Xwn6IIXI#GEqoGQLJokhL3hNL~mCKcGacmBN z(wb!+&Vu=ZWSfT86*Apd5w9%udgl@izcYDeF(v*WV)?V#iE$7e4~T$oVFHxL?rn-i ze#cD-kcD%RPljvCqvUC!vEf&G?~<%i^vIsy#W_-5NBM_(f8v<6V{>g! zrO(qa)UaRG`~k5Ln-h+6h&KF@DL90*4k&^WHZAs#-5DUI8OZx`qm8S&i)wB>d|v-v zh+zj@hqv`=mCzu#8oa^nEdSHo+?M(q0+TS?$JD zqmLn_fxw36p3b;;qmg=RySBQs$Qltid{1DB#(6>?cHrBna>AwbE;sgx%0qW&jorWP zz+4PXhtcT_viHk-54LB9I+#t%i5UO-S*`^UBXM z-`y_gq-R7BB8yd6*!VUw3wQnKs(1n*u_mF8jYBuu;nVtFrWbF$E%=7GY29kzd-B!+ zjaJb)L1s6*r!y(S&eCCS9IZCZtrWd({#U`d|9i5(`P)S7g9Bw z1qD7fYJE^aF(d?WQAjOVAq4uw+F#>nc`9-2J~pbeF=e(ur}|ce+E>ZEOT|gHQ`4e^C_I*HWj2S| z2gu0I<>u2vIYs=h$~g!kl}bwWd7ZQ(*nE(22k&JVk7AS+IuAcpCqc4$z4}T@lKTr@e)0Pz=6MhNhb-Zo0MNvQ&lW= z+_49gQ^Wl0?D0DN3Wtnqoa3*gyhV4o-O$ z2bT-i>Eid1kv87awq9qJ)%#R)ySHL-P%U?_Q zMeo#r2iY;JmRUxXzY$8D>LzTQ?4sWm6BP0lXp=g}J^w^jB7Qd{IELJLfBQ zUJuZ~yVlBlG0Y(a)zv&pVG<_mya_%8ai4{{7fM9a0g9MR5)+Dg*T`mjZ)>6a{G z%|qgFI9?Wg}$Tgi<1{8KW~DKG^i@^HiTc&+<6Ym4(;6W>$a(N2MnM>0yvX zSGc4AW0=8fi=*=l1gzP;0SfK^#1s9k3Hn!CAh7`^`du+AI*Vq^0Op4U^+1FtsY!xv zZY<0Iz&gQVFRnAs_IU|Q+dsOmGhDlV{bcgNUk`4?vkMm;K<6|Nr$nO%+5uD^+|P9J zEeK11@mK%yz;bEm+2^L3*V4aK-*7FD3%;L_{KWL+&OerPOw3lvAQ$qJ%BE1&bl6LR zbat{I?UACfcEut^3(?k_UBDl4PC28`u6s zjbahT>_q|MzOfuSmq9}xlNTY!z#guDTJx|;? za@AZ|$JM`=t@JNj75{)b{H(<*er>uI*p;dA^$FEEm(nyhY=WWY4Q+$-L*MMm*`*PT z6}8a=uTNTGTg5Mw3pl&h2kzxGJqx>7ctqcxCRc{y;q`_?BIyG4WJ4FT2N#zR@a+UpRXW!5xN^v!&qUVs$ayta=ri8e33Y;I8%1CXE`^Gp21<3bUd`w~93AD)#~Kb^Nq_K|T+yuI#n z3+)g__n8!UhLo2IogG-+lG5P+%Fr(!jj)e+oCa_dnj`?WhS7X{3zo{yY$V8`#SSdR9m)qA|E^Iu(suW z->du|bPo04nB%@D_re2(35!^ztXz6ls|u7t0|I5RPbm*ZeR~b3#_B2*#;?m;T~c;c zZ&}b`<-WaSw z@h+vU)|0q+piSqo)PRY~qE4raiiSqZcarp4J8r;vrCm5*2b~R_xN4>(JwH$EfD$WF z_+4v`EDk4INvcuFByNT5aC<;a%FX{M*!&f&{E&4>_?R``OY=qSXE?2Hepdyv`r+zB z8YeHKp==gr?P4h4{LBl7_@EEvNkdc!J8aK!F4zvVi$N{kE` zl{mXw7eF*r(zw5u#60XI%GPk16mze|FQ7Jw1jHSun^O5!(;d8rX*&-D1#%4c1wi}ED}@@p`1orY>O>t(Nit&3Nnwe=gwtzC>mkKgdh=%kG= zy1W-K? z(=&BuxrK~_E}h0&vlWK|JIzIo-mymBqP8v*pgZ1CdHQZe;1Z~cM!Ju1|EP6%>9iF; z3iR-O+N7bI1dCK!BP@vSvn&2hyJ!NY$;~h>e?X{+RWl)tadF_ioOWad!1?60k=3tJ z+Vva!{a#6*pajCMtdC!d9<)&=7Y<=Oj6yJI^x*l2^7KW6d z14*5Uh)qs;NF$INn*fA<(mies$k|&x4%!TIPa6MZdNp^$*)H*5K;*tl^DM`6yBLsN zZX_4Ascu^HI4s_Y(_^~gI0Dt;m(wmQcG+ucaFo?GG$<19T6U(+)av!^U8^gXx5#|X z?jE$5W#SwlRm_)Q-sq@%prQ!#wFVLk)>e_Nz=Uj6bE+rCo~nS&XI8UQZN6Z<{6O=V zyKxncy^a?9K|^b3)1h%e&{(Ck?AVLv!VWFOAh1OXP;u(sifc*R4!zjG^_H--qx3eX z(+QI>4hDBSW;$Zgb)k9$>2La{qF|ev(iZ~SB4Z~W;J!=Yw>^c1wwJqsIUEw=OQr0^ zFhGSL?EbQz95VY0GRF_xeus-^N*I0b(ya5Eq$#Q$=z+yg~PJV=dLD9PK8wNGmHT zj5g;k@}*jjw6m((64=l3SAO8m6~ctN4m}0v>JYBlcZxkc05( zzfia{lKx7^%%rX~DsEKZ=KALHxK#UuLO(<6U_pMNQ|8%VTEC5fRn_49u3?verek%= zgdz`PXpV4_^WCSgUlg~{d|48{zVJc@hvLFe%+sN`8+A(GGXbmOYSVmifJn)`ma@S8 zbd}*Lhu|h|$)P-ga*z~-+?FA4AV8Q!9ql>TT9`@V7Gm@F-0&82W(^sQ*RIzLYC43W z8}7f;RD6sp2YmFH%7}Oq5AaBd@C_aT1etz%Pr21YaNO54L+S)6BD8 zbxa0k$61!qu>W}KMniOE>3WBjS}6;7ewZdtX#q1-%CcgS4;>0de-3;$u`zIsEWV6J zS~V@9i0hJNK)Km_gSu(+L?9;6V@6--VabYSn7SvQvU zTHRbp(iV@nuY#T2w*><3Vpz%!j9x>WAf>Mjd#f&Y?>VMH+`VlQsBz(_M{$Rjc6c*I z`;k7=0f&U|;kB9r#p`Omf}AVVZWPLT?7S>6RUoY(OUQ3siQS;aY`UR$h=Xo62H9@j$psl#%bP}M$ zelrqX)K%8gN%0{acz226O5HrncVBFjZuo(~@?}x&>Z*R5zO1hlhHuUDr)uQCABF}9 zcM6zdfU4X3XDZFF8pi<-fm7TcKt6w0m;lO}`gTF3YG|>O=1DbZ`Ixnyh@tA;YD$YY zMkcOK#%e)nc%Si}{41e}sz2&9Hy~uG;`B1MTNLvsJKr+cI*h;;dBSiYSKry_)s*@Z zyhY=SutY_n{t@e&98U~hk#78I6@Osywu~sAd8V(yB6|dpipRJSft0caAM@19Jf@cR zfKcxYcf8+mU@E}*^q&bs|1~gz?Kg+;?^pN#cb~^vJ;FrHXAE7PHeFr4SzH{Qs6WY~ zlEyO2fKP+OKiHmrPd!(4?v~>&j8u zKVqAr__m{wPameYHJ!Ki^$H8>dS}(@e44PBQgz83W+19^J=#od@p0N@j@n9YD&>wT z!-5KAACk>ZB7E*Z*@DOttiB1|?4fXXZB1|M_cMt?mp{jTezh*Rs+Y6f!9oG-*Q8EF z?}Xec5ap zcK%XrwUzDYw=;=CQLyKifnYp$zKvFkeOTY@VFYR3mt? zv%7SmZ^itC-Z%8#Gc4X+|J?mc-{w90bq}-E{^dmHA5M$^-LrcBpHhM1ZSNEet=f{P zCEShfg7fxvWKSn5AG8v-Jl^pk{>Dl1XApr3vi!8Kn#?5GxgAdv49zAPpFpf>!A{N~ z3<^W+h6RT^5_Ji2t~(E;#WhTjLuZa%p7h3Hlv_Dfn+L2AamIZ!)bhe&M?u@HLfxqz z9xL0$6EJQY1Gl~G90OiL$fkFcgIuy=)QftT_`}}S_g*}BOxhlxdP5=yS8D1lEb4Bw zTg=m4fZlce(C5*yEz?NG97UI`Mcru6l%Y7_m$|qc!M6EDOBxbkR)dO-s+Rq4vJ5F3 z(8PdRyiwzE+m_)=#Fs6~65+F^6OY4RqOJ|&oU$UDI4E0dF$`s&hecU@+9WO!f~Aw7 za~(-FgtGU#xknFETigF@-0hnBYP7%=+i#y|WcxoM3nfSHq(vH8D-akoqL~k76c%vs z@U=xw8}j!G!xhX@CZS?*r$RBmtSjEo?Wp@_*x3{|ucLi>Cb<`%N0;z=KZq7C)x8PZ zkRi#DIjQv|sSq^o1Y$o(6d%aZtEN90Blw-Lw20JJ*lEBjZs9+waS1ov&GU=)ZsWIr ze(mrnYH{gZ%&HL}n~}ynv@w*Sj7cGod@Er-T0#9BjJ_pZSS7-XtqUI?m+;{(U3RVQ zJ{hbOol8#Ywzm^hi5M{K1`}t}b_WbmAG}{Go`0*o0JxBWdXAZfTbSkhe(z1-5Rs2z zQ%*Ns`#{i1aw!MevkW%&Fsmlq`+iv=s~W2CV9UEPU9k|yFKJw#xL0{g-LDd2vpgC5 zfoSiw@W8_jjZ|`Z7K|i(!gdI$UX&rz#jkwAaXXQ)m&5uh4_FyFd|GE+^_;6Esr;^! z`?K-D*O(tH{khvaBdORNqIIA&dV9TdbrV7Gx`>vr~_nY8U$o`hQEms=d^~MCjdD6(0G<8xGW- zkAWCotm10S#pGh*UiI!(Nm_Qr(l9n7aba~Gx@?D19~&P9<$fX`$D~}!PcJtNP}V-* zs(rrQ9)_&l#d-_D>v2oFd-EX(9~z73*fV7s8@Y_7%Y*N^u6Y!wRY|YWh8|G8BdLLraRFLl{9>wRSrn z&ipQEpQmBTv2J3)#;0HJv1==r|6mycNPkJYL~o#)vMp1l=k1xUAU}HSo(}BU_Q3|s z?3~Nd$=HkUbWUSd@a1>y9BE7QYMpKHiQ=1Wt-2Ln{XjO6@9xQWEL>*&fya?5y;-_R zxBFQ+-`K(gLo=eHLf4(W7SE;LMWt!sdVFWD26Uu1U4L`b&y06gN@5yxk0%mbA%}N) zPYF0cv!|b(@^1w6*f%M?=qx-(!NnIpSl|t)>KH+x1=&y$Z?2ivqH(#NdY|;vZ)Qh! z3PX|NQ)_J2L@?cbV8zV|oV;4$+4MNkHx>K5OueNp;bp}uael&kvoE~+T0LKw_;~N& h=%O=Cv!k5Lx$A({5W6~2Q4bVI{}Czp&ld9N{{f??WOV=l From 1e6abd7bbcaa14e3714a5705ad31cafadf9c2148 Mon Sep 17 00:00:00 2001 From: Isaac Connor Date: Wed, 23 Oct 2019 14:45:25 -0400 Subject: [PATCH 752/922] enhance description of zmaudit, zmfilter --- docs/userguide/components.rst | 6 +++--- 1 file changed, 3 insertions(+), 3 deletions(-) diff --git a/docs/userguide/components.rst b/docs/userguide/components.rst index c77f9599a..ed148af89 100644 --- a/docs/userguide/components.rst +++ b/docs/userguide/components.rst @@ -39,11 +39,11 @@ Finally some perl scripts in the scripts directory. These scripts all have some **zmpkg.pl** This is the ZoneMinder Package Control script. This is used by the web interface and service scripts to control the execution of the system as a whole. **zmdc.pl** - This is the ZoneMinder Daemon Control script. This is used by the web interface and the zmpkg.pl script to control and maintain the execution of the capture and analysis daemons, amongst others. You should not need to run this script yourself. + This is the ZoneMinder Daemon Control script. This is used by the web interface and the zmpkg.pl script to control and maintain the execution of the capture and analysis daemons, amongst others. You should not need to run this script yourself, although you can use it to start/top individual ZM processes. **zmfilter.pl** - This script controls the execution of saved filters and will be started and stopped by the web interface based on whether there are filters that have been defined to be autonomous. This script is also responsible for the automatic uploading of events to a 3rd party server. + This script controls the execution of saved filters and will be started and stopped by the web interface based on whether there are filters that have been defined to be autonomous(background). This script is also responsible for the automatic uploading of events to a 3rd party server. Prior to 1.32 there was one zmfilter.pl process. In 1.32 onwards we start a zmfilter.pl process for each background filter so that the processing time of one filter doesn't delay the processing of another filter. **zmaudit.pl** - This script is used to check the consistency of the event file system and database. It can delete orphaned events, i.e. ones that appear in one location and not the other as well as checking that all the various event related tables are in line. It can be run interactively or in batch mode either from the command line or a cron job or similar. In the zmconfig.pl there is an option to specify fast event deletes where the web interface only deletes the event entry from the database itself. If this is set then it is this script that tidies up the rest. + This script is used to check the consistency of the event file system and database. It can delete orphaned events, i.e. ones that appear in one location and not the other as well as checking that all the various event related tables are in line. It can be run interactively or in batch mode either from the command line or a cron job or similar. In the zmconfig.pl there is an option to specify fast event deletes where the web interface only deletes the event entry from the database itself. If this is set then it is this script that tidies up the rest. We do not recommend fast event deletion and we do not recommend having zmaudit.pl run in the background. It is a very ram cpu and disk io intensive program, constantly scanning every event. Please run it manually or from a cron job on weekends or something. **zmwatch.pl** This is a simple script purely designed to keep an eye on the capture daemons and restart them if they lockup. It has been known for sync problems in the video drivers to cause this so this script makes sure that nothing important gets missed. **zmupdate.pl** From 849b1bb42ab3b4762a3bc9dddbc5e0e0f6b442ca Mon Sep 17 00:00:00 2001 From: Pliable Pixels Date: Thu, 24 Oct 2019 10:17:03 -0400 Subject: [PATCH 753/922] add ES to component diagram as optional --- docs/userguide/images/zm-system-overview.jpg | Bin 67165 -> 85046 bytes docs/userguide/images/zm-system-overview.xml | 2 +- 2 files changed, 1 insertion(+), 1 deletion(-) diff --git a/docs/userguide/images/zm-system-overview.jpg b/docs/userguide/images/zm-system-overview.jpg index 32f281b2a4b57996f62cb2501a296496def0d290..61594a337ba84c0a2218d724419f5931795f6d51 100644 GIT binary patch literal 85046 zcmc$`2V4{Fw=Nn41f)0Vpn!tXlq!NmM7jtTdWnkk5+zT+xP6V?>WEwhDql4W->GDop;uH*0Y|0`klH6;xN)P z)C1AbfItSo3q-|$Zt23@oIxNH6VOEv2*e1YiE#tb0c*e}AVFXOfoSt+K(xRo&7Z!! z6aW3&6D@hP|GuvIXG7{1=!%&u)DQa975e0ilKdsml^cd8bbs~+w7=HR{k6(5A(AkY z46319d&cx?lXxSH+5zHZJfV4_g_cGfbb^zHmXn6s0}=y{Nl)`v`|D@G8_fw?I{K3g zj7+DPfeq?8KqqKuX;0A6($oJr3{5ETJ&2Bzp6l#o?UUSh9x{mg@F+e{&1aOjQQgUV zcN8b7^vE}y>C|aHegVOA=cS}CTvS$3RlA~oRp+Lzp1y&h(Y^cT7M51lHja;-oLyYq z+@JdS2L!@`f+HfMqGMuT#HFRb%*f1o^*Xzt@ZI~O;*!!2HMMp14UM0gn!CDtdi(l6 ze;F7XpO~DQ{ysB{!7lw={Sk>^Hgesw34gwkCc?<3#QQ>P`BG3W4q zO#92S|D0jr|0T=*-LU`Lt~rnn=)_-*_QVNVdRkgq`jhlPJIQ$RPh&jA_*Xmi-x|wb zjqOik|Mx}(c0vQ}gN}}l0r=x!W@6^}UvAWSU|PyjXF)8qG{9t{naX&U;uh6AMuovd}w z?YJKAqJr*MpghY=v~~}B!owi{+$IuXnWmnZT~nJl1R(z-Z2} ziLfiUnDBinhznMQIVegGDK}*P-l>Wb(z#YXm1a+>5Gni7Ho!<~441LyQD^=2`}$|a zEh@;9HPEK9d5Wa5=sMROuloAo$^5_%jPJbkZAaz&L!=jG!}EF5taOQ;KZW&(jI?w}NuM zp96(O+<{ypnG<)B%&kV6a!>PB$P4d_x}O$4TGS^OhRPR0i|SvI=YpIhTk9WDL282% zB6(+}R*q4#u4-5h9nB%;vPJ^jt*xJZ)^lI4=Zro} zi8iA-V$y{(V^DLMVtkqeiYU%@!Q_LG4`#lxM>ov7YNP85k7vHoV#ALG~16cXYS=$9t3(COpl+lM)4 zJyR67?VnN?+4!pG=bpn5lmPk0->_Li$>o>PCU?d^5z*3_Qf zEmNi$NrX=ybNF?M7(Cx*A#U&PH$U)6*MLzsib(ZDoyYO2yw*74+C=b)zRXMd%7+YJ z%u;3Va#gj9e0gRIBX0DgM8c%kg9GEeJj2cnI)$ZpWL+)Fa%4?V)8dFXn5x*?G9Fr1 z&NKBKmQHiqmkYR}CUZXEtPSWmg))R>%(1|0eIy7bBrmDUJ5O$*?Ivydwrxv#6b%S^n{y1D zAId$eY5C1}2e$0|u0lH@G1)H9;kvk$%|Nwgh4{N`Du@R3f`dJp`8$1GpU0P9A!)Zx zRhRD3+%#vrFWo;(1)Xd^L$a9EI`2A&Mf1FM(Zf5!FxCwQT%a>GXXP;n#0LEE2ZLcwAvDc{|*vdGx{ zjW%!3R8P-%U%dR-lO;*ylQ`vQ<>+##)Un=p_Y7>~R>^iKW`KyGJZ7pyXfVYd^(r z&!TlFVsp&#wrkoUc*qv8$~sO<}6N0VB=9d*o&XPOED} zx20j!yBh|#4owxZn8@Xrb$_+_GxL1Y=KRjGCi#5nT{e(BX-MoDx+N{%#b-i43_>f>nJckG>b}-KW zp-+BA*p)O}55#pU%{pl1drn{Ke^UM9mHfM)M|&BB(`TPtVt5XR6BC!fG$gl)t#ZvE zaEx-<7DM;qi{8SSwUl`eQ;!n&7d&|3I!^w{cfO;2&U&wJx#ubMgvsKQdrW7z?@UY9sQsr>wC{Bn2cvUDzO_^7nuW zYx!;YyFn^4B|B2hpWJ??{`#cY*FWS7IZSg(S|^e4R8T)Meu0_jBZ~50`t4QE>S2qA z2M1SVW_YovwhOm5)iu-|>rVJGNoGCvd}MI0>65w@ysdJ@u^Y)7b`5?He=-J90M{2} zOU9x&dJB44lX8lGysvMa`5!C5{YOT`*%GpOx7S!Srw4!K3;_ zRdF)zHuV|d8x~q3srxR*&R3%vit{>479hP|T&e{N_B}O`uvgd1XcGH&4UTjO>ckc- zI!@3s_5nWm#l2p&*+*;RDw8GE*&QlBZx1&#s>+^x%3>XrV5T z8O{I3g@HQyCnEjUvBjAu_f*Xq_crsr@K5H@E?Ujy!u1Zlugt*8L3E!>wWFr*Vl9$Q zS{kfHbsM6LuRJ;dV&tJY2<2TA!wrGiP^$_{V3It^oC+E=0%NknL=fK~eF&mGv5X4J zd`YvjZ}|+-txUQ~1?8a_pt0*>R45(2D8Y+lo z9JfIUrzlZDT|2!HQe7cMpcpevrYE^jK~d;9)Ni-zqEwJBT>JP2i3`{NyqyMajIWAn z)mhSz^XR4sO!+elB@=IJno6bnyE(~z`%+_KnA*@BQU9{Ek5MA-IPBS}-Q+|t*EWS4 z#)aUYSskj-v^3okJWvjI|)4}#Gxg73l$;l%oP;&We&a)06bMC{7Z64zadsVyU%*Tq&`KFIvcz7Jo848A) z@wTx_a!b6bq!BkT-2L1?*wMi-(tvJYk0xKW;nZwKY1;03K+^WOiJ&HX zv$fqvV_uG^N0zic^c45O268rqb;iNfGQdWeu!dPJf7sBNY}RIL&3EhRxzy&yJyKaw zLx3Fj?Ha`fMs-?{@L>l!`KY+BOpKeqRqf=9536@N28%~Zwwny)E$(I>Man@%dS8AX z^-4cf?9u+JI8xvB+p-%myV55rjjM`)8&|M&j>y~BsTCCuf$MSE zw#zwvFz#AOOA@`WpxS094syL2M;=apXMeq2!1iWs1mNaFJl%#z99KFHPs$|MoCdon z$^1SeZIaI+&A^T?BRt1vMQG~#V~{6c?s9r)-DccZo4(R(-x6%tIo#b`Q+qu=zW%P8 z8L-E3e*cVtj`Y%g^6Zjjx)lx`z0<0}gP2=W9lEiNvzDzPSMJU@)+Ayt&1;I!*udJy zh36jM6TZ8`yAMumKS5F;#$ZDre8eh~PoE~dOj5OO=LdPvt(bgLvvB^ku;7aMq`Jq2 z5Bhv;c%?jwoUO%LROnRFTlhmy)<*sGjEc;1ZKjpHWOKCjRwU)tn2vHKUNiPqI`a4#a^jZ^a}>4JL6KZ#Xh!He<1$MlB7 zj7#dn2rYLb>AaJM!oH=3_pj#mJoXvUxqXH+T=9Zy9-D_Q3VC_lx@w#|b)B2x0@B__T9s?*p;qXgy-Twt;uXGUw&w%he`B^a7HS zB@_C2t+)5WOaLTJ@N;tF0NZ$K>bIjfbF;jQ2{auiGUN7>9!6jJ8h$sgIh@upg-uau z^@((nG?xC+^=D~4G)Y!Jb2ZYx6p#M<*!=e~`v3YVMja!QszA6E(p$A2@G-Zh5EWD` z#yO3eeg=C=xt)U*BfrRHrGmzjV^?X>t5rM=Uuvn##M)jd($D>IAx-6hJ?)B{lW^kqD$rb4#@0*6>SOhU%2>+PHC3giJ#W+5 zj77UGPKFEtj?W^`PkH>PsFY}Fh+99?d0y9_Em7!UwBGUq0n?H*oZk{A%JZLF2rz`R z2ZKoE0PuDP3%F6Va1IegBwc%b)0R&-a>8C)MsyBazE`=!p!aO#lOK|e_rzoz%Rk1- zarTqy*(8M3Vi4{SQJ76P#`(2ckDRtr##lp4E=lD8(N)`0K+_#Dk^8Vzc(RiWbz%()JB2o8U*eD-COb~7Z2Ny|2$ZjhW z`K+4&ps}%a7=F)1qz-Sa(${;PPWufhk1gY{p0}C-gN$tr#VhFfnYfIBeBbC*%e*>VlKmMs9ov_KS*?RD zPMm4W+B*MTS6oki*1m_o|6C)BOWcx{lp9)D`I@D5yisz`Rk3IVxHfj9TQ%9MjQqjt zhM{b9_OjonS(g{zh94?W;w8e*gP({^HA~a(?ie=`e^n$=4Zd>G*D?6sCjZGBmxaSV_Ise|@H}kTR{)ci?N3IJk$;`jr*Il+NhsyMGX>gh) zG80nq4A1M!Ru9m^LBV2?nvhah$mY_$norFW729XML@z|5)&doJ3ivBunrPk(O8vNT zSPrQZb`U=SiK5Wq6_PwhWJ2A%pv6|7Ht}}uho@z(ijH`nyEnn5UJUN{a?ue*Bvbfc zRo$5qI}ZBvxwR*fmJ3I>tK?s@z0U^aJg$U7ZV^FFS2jxU_yhbAlpelV<_W- zY0hQ~7-Eh;k;)M|*DNvA1lsbHZ;l1Ku8-l&f<8HE&0V z7<1p^rOzyhc_;6!Gt&8q7mG25o$ovzgd}NQ%+?JDYbszuk0@Vb43 z8TavBo?UNvg1(+!K?TL6I$5pgn_=u zxZH6Ru~!WD1zj^j=0u%DV6GJ-@NtJn%bFfoX7njy@KTRzCU}Jwn1p+3Bu3=lp6iBMt@NY1IuI&*|*`u4Dk8 z>W7xt%BHVca5Z;&1j=&U6u?MI-VxUq+`n&bPIH}ilnUyW3L6CP>yZE|A(HTx3hKLn zWYm%@j^Ez)vuD5k(t7R(WWnyo@QqErK;J<+_xKjsf!~rTC#PsN1&>a(vat?*B>ref zv{P;>D9G5{@=FV7Cj{HO`AzGf)VuB%zIfvbp z{O!;(^H7EII-*H0xhG(htx6{H4zYpWn7)Vajx1qJwiw-XVVsu;Cw=eMP>@g6R>yY}l1O754m>8|P(mMY1$ z@&())9(r8D^a{lPhC41T?r+!VpUmh|KfZ?;)xo(?IGdBHAmx{czx9Cr!PZTl5vz$rfJS24(x8G8ER`@LQK&l8 z$l-!nsbshi=cK&Dw$}pNgz1i0i5)EVAp@?;GkXn%5hjWHy=?`VbnAUm7YniB;v)d`SSZ;xfEpiv=UB)Mk; zsUZGJ+g>pm)FTAlTz?=?{)=7!jTU5yEBP0=`S3}UT>lo{6Abbw{fCiQteR!Oi1iMN zZN;N_*Z4$LCJ!{ed!NCdM6x9F1f&)+)E;xVnG`TQSl3ab^(K5#IcA{6O$jOY9pJl!_~a4=j6$mAt}mK6-g4oB=fnQzUxlV;+|;L@DIg`aLt)ai#R=3 zMs8^k_xH_q>ML)i+4YpSZkfv^nS>RDji!$9b&H&mc@6)a-Y0s(GTqgFQ}f>Y@Hu^2 zsW)sH!q=4+!4GJl80ElTy8#x|G=J(0bIoh~wz;6Y@3uI8+We>okJPy?Qru%2 z@4!X$ZfLN{83aI95vJI+IXJZN9?F0H%rlMv+QVhvYCZMT(V!|Y?y$?=u|N2IV-I`s z8e3sW_Zg%KZXJw#=lV%KA>)kP^7?_tYo17Nxha)Fa3PT$1Af*nB-Darc6+ZPV(iv7 z;a!w@c&An7Fl;o$ch}B{kEqkcJbImXbpmupmxpFItDg#*NgKyPqcj1;d}{6gU6y_BS_(2UbcN&d~qW^ zMqO6^Ll=^eWja^MU!uMW8MnH;+`AdauHmsZD^0rsewJD57IvQ4n`h{M4(k>sAFh&V z7H%krU|XHOr@=VMp`30anOJ|{+ws{|%h8Oz!%ho6(JREcl8(UHdE)R{o`}L6D7))a ztt0tMek%L1k-q!U$!A)jl?yu>6sbrg~xQ`R|0QA9oqD5a8)r#L9iQ| zA69sOy!9Gxql>Wn!>;0Btr;)3`$5u7+w+lypbU?*Yi(Nj6N7%CvSp>sUx_TvTv4WR zcj0BGA@gYgEo*-0^n=EVXPv|E1#6SOcr1SiKAJ)1y#yHlF8x38L=*6Wr)_|EqU86t z9{&TEv=H*2Dncq{0=;jl2?Xz`%t9*Y>-;}-f&PErR8)crN-rV?Q9+Mf5>Wd~n1REi z-?Ro3?HAU?>ea$g7$;(g-ZwbvB&=~0IU_hUT=i?^4({;vFLI&DIH}^3Neg^v#&c^{ zEfjH`9-fao#Exv8!^?DN2@(_Y;cB>-g3!3SK{<;l4J1FLe2sqpf~LpC;+VHOQBU|~ zE-_q@d+9)om8jwkx%XH5VX~FjPpV^AnRuOdXIdMibwJQ~qB`j|JlY!O)DF!?c|uEyKd z-DUB|Pm4eAD5QMIvLzMCscm<#rcpr(3)to%o%`c{uL_a(TcU^6i{j=5-A=0n75fO^ zDSbo}BobbbWE~6Q@<^8*EP1f1!x|l)AW>la*ekB*cHQ#b!q(hPk|A*ifC_wsJ^hflu9LMCC>+i1a6OL5LSp~t>g?8=E`vxFt<-tZJ}lnv!>+6 zUoOXd#|rLVdxwa@sjXwp_JF1Kb#hp1bcN`!xFc(id}5|hmzt^K z(c#qFwrdom_i>B+R>eX#@`mLz_+u(4EgmOD>DL$`>-w(~j_qxY+ge-3H+RnFZkS3p zUe*_{OHqz*qKjiQtJ$TYl}L3si%+K*DRdx@g?GRQywhcPZo(71eh(@RfvY<(jYhI+ zo-Oo1d~a6GDx05QKROuBpn}fY<{ZPYaT=k3#|azxsG+1Jg*M|^%m!m5{@|uu7=W9Y z-}53X(Db*ukC=V8*WX_xSJZ)BGoIcqpup5KW|AObpoQq9_wz1Jxw!n(y+m z{;bXeQ|n@v>0bQOksa7*60myAQcCwkH&9Cq-ycr0nGJ_oLdFj=$KE=&p0@O{6LJ%w zi>nRtT(IRi`^=N;o#;!N<$v%m|Ip>1UEHq_KC2K>-hOty{n|G#xLj$AzS{?_Vo%vh zd+Ure0n&)P9!mn_4TFpNj`mJ5i6ns!Fb6TAwd{i^bd0wnS8u7VKlhBL=bVo0dY>Y* zPs%)O5klLwsLZG$k9=HG|!tzol&S z$w^@V12$1+Tog8bR}#WnSNi@zYX6ehiQ3CoPL*Nb%BGndozTX(dMeB+urAip@4-jaWpxghi^m&qc~zDBb9QTrDm`f$&SLpnf?Ar^KT zmfqDaiuamoal;%Vc#Sm$9}8AY)>rgSWbP@mRG)qMg30MKqt#+kB=*_0%($QOT4!M= z$9q4*PHglvKh~0NN*;yNLT0d0H%ju`WW&=WHuo5 zj&4n4uZu>iEpIn>LL{;8Lvv?k+~GA#vLd?d9~{au_M<8*JR06Dc}*R)tcJ$x!hvLn z5w!)B+;!R`sG#s^DoF4r$rfumD~8d$3VA`Yu5xYOPFH>J;&iQC)s*hN{9{IIu|O7v zTR&Y&u3a$0sMxq?2%D=LZl=GT+pMB%CxoMTuA2GFJp7<16ENYK73kJ@D6wgSgK#d` z>mT1Do*p{y-+*9%HCx7BW*p9riRn^OxG^9Qp8lD|XJWd|azyl^XV`cyGjtm!)!V-} zq0Ek}O4BMCBWHP6?jW3@k%5hS*M^4rBbAxXWm+gmrfDIWoSi+>dfuc3oo}0J6(d;N zqiV&vc=vH(&%nD#`jFoLkjwplgX;+DD!B4 z-A1a$8p92imfK$s4=qwI%AQV3yVWEGI$`1~hHKIi2NE|XJd$z}21pdLCjQl<9v=N+ zK^asxUD7F-n&jmprgdF&tn&V0f1QDRO1s2-HM zP^9)k3ZGODt9w^?=0zs{Ii zE-|bp%Jk*3O+R+^GYRN6OLdTro153Yz-8*)=yQRwXFF{^^RbAHqOg;J%GfuC4oZwN@J?@7AS6M%`}lG5L7?qx&#S4zMQzzm9Yq~ z$0W~65S~xM9~Rk&iTq|QMdv8WS8Vk>p_kSijD@#V_wJFt7N3zpVpa~uZEA69$@!CT z&Wd;uPn+1NgNPa0Ny`)axOFBNO);t+8D2ZHG-XDRWKb_ZUW@e5RT!gW{V7{_{~Gb0s+Z1 z!^giLHb&6|IeBjJn_H%)3Vl(=>C>u=a#%cAH0m0$I51}8EP1TOC&VdiUS}xBth(~#v7=3bwr$7xB2>NS5 z4x;t4nisHABg*v|6#?pg$k}xBJ3inSq_dcU?(P(-X;WyuR^bDFw%5m3SE@v0 z-j0TGkzhDV{s;GL%N_+b+aDWBOxv&F7ku`vh&-QSJ89_obno&toK|5$tNZt>=2EB9 z<9s8$v`Xv78$Wo7zLB|o`Q@YiklzPd2mqrg5t6|n*sxgeJgzo*<%1xEs15kLh{N^^ zYY}8L%X8As5CGW6oM8;4Gmtu(V>Is;!*RQCBtoN5pCq%BEVTo-O+d6@j_;6`Rd)8x z7=VnSiTE?@uy>8&xS2PW5>!axE$%BkY`^Tle&}a^32`Mcgv|2?Jd{x`Biryf_ru)D27gMl zYU)F$mawFN>sR(o(7<3J?sQ8?cR(mkT~qS%aMhp1pZo-Hwto!|YaK5;6~Z}rjh1Fw6AV+^@x zKAjuW&&KdQ_`Q|U$YR+_Ogfswj&vZNQ$ZZ9PrXN$&?kv|UD=`qw|1XH%dCjubEXr4 zH_Ig)C3?QTpGc`Zm70sVmy2rKNH#S_PCA zaq+GQ{8mZJ%LI=5bSF;IT~@mEApU6Cfd&T!5NSX3Sa_2PI^g~0N{cZiN;QU~T*cT( zEX}y0oO0J(7ChVQax{{|3Kr32lh{{s6uB+Qr(~DtKICoT%Hm)*c%syNmYGL3bO+n_ z{Mb+`S&KzJf2oSe)JH1bJ97w&drL9|C|q3P#?98xv&XN^dL*yMjizi?wSM47Zy({< z6Og-i{s5-$D?qweQrUK07}4dSAZ8Ud2H`qOOe|l^{`C%iZjq1_DswBx==pBDyxSc#%C^>pan?ie&Vu9(VY>VqbyJHT&fI zQiJNXqp=37X)RM6B) zyzPZH-Mfki#LqzlE`~D3P?b>5Fs1^ORorpVBry=>8tkKM;E~F{U}bfc++n1qjz3HF z9KYs;iXe8MCoMg;%k?nfz7pnN&U0w7{0YmZn8Bsnb^~|AYCQMd9^MxjN2rc`C7Uh= zCXqz&s!RQDxbMWduBosKQ$-Emync;0suUF#xT&gUjlTbhzd@&HJ>q?5-u~_lj6o;( zO7Uhoe$EhA^tNz4jC<1i(IklvfQqBz%Enb}npfde&@A7$CZDBXE1wB#d9__17Td2F z9;wJ@g+C6}4SXy0>n4OoOWcYW2LKdBqI{@csD8f4q^Iy)tjd$LV3_#&G}{ixcZR4&^p$n$U#uG>qB~?B?B26VI1LJ@FT|oK&9HO*Oj0 zQhrJMCr60jN=0Opq3%$dhAK)Thd0{X(RmY2zX&9qOcF#+3_x-=0BI&udsUF@g2Qtc zQ0p6Ri7kbMSfg+@tPaf{$fKSdvp@G%4ddOKK9fVA)ni#9Oi$_-d}pS2FTha4TEI8x z%7_o-7SR}U_?*Nbj3=t;)Q$FzpME)avt-zCn3*Px;o%#$4od){cVAtfH6au%Fc4pq z6Q7z)$p30nHDi1nr|vEEbW=8OYvj7G&yVR1e`36R52o7cqHl)uL^e|S$NRv5*}8jo z<~^Jj8Z$qWR@l3LN1txzgTOuU2OM6G_@Kp$?i<4SS}ev=0wgY3lHTH+fH663Po`K`x1UHsTg+kl0ffl`g9 z6D-1h5*0xL=U7nm@x}3(ii&1|H3{2WqYf8BHwjAFM3VFAqSIG^QMK7Nt3g@1sU1qJ zt^XeE9ZH_H?5ZG-&=Sijfk#qA%hCEhXu_OWU0}@IaV|Yxo3yi!0HlFhKUTrcymQAY z@beH;##Mmpk~~}GTg64rwuEjj;Yvd_FXShaQli@$o&h?p|K$Zto%%Om-l3(4_@YbX z25!c;E0luf1MTB`#N$o~3x$Cg(@W8uIAB$}UB?kSXVf05N(d=R)otap*Zcfv?{Qb{ z=~Eolz8os1|3X@zS84Ibol{3E@yb96BbR%;UBjJnp6^IMNhQ?#uzNuwZCm<4$b8IU z&eXU!Nb<5(MaN9jVY_t>v(nlA24X6n76VL#5c@!DJUaH^g{BW~saxwTDmT3eZ z{=;nlp(T$!_bH|#G|awI_O936?JJT^jUjlcRL#%4@9uKGx|qFqFp}^THjR0gh2(0N z+R)-1g_2~jLpt4Qx^O~`hfNjX*L&}Vn!?0s6R2lqYQOUgOHFF+@@I1U?pcYGD*c1s z5$qDXTWdymT?q+;xIU#OLr?}F)XVSe1%)ZWZ2TrQ198oJy}<{|Nm&@QFwtgUns0a3 zR)>I&`8LRNQ|1G=%EI>vQOGbX`sUY)b+J0JzGNB?FweQBCSrFf%(N>Vc5><7Xj1A2 zEhI0YmY#&mPj-W7`AeI7{pNlUt=*TP$Am!wE9Am&*dN0rx@xwbpMx>!eZ3ve+!by_^NI+h-5TY@U0z~sJHMI zIdp?hMJmf&SofK(mWdBk4=3e!wMaiuq~(0W?eOp)R0mavf@fMBWI%4=Y&z3;otzUU zv(d~4$Z6bWGv8w50)9=c&)xVK4U>xQa!Im!XP_fd2pSmBraQsr@#7!#A^)oNMf}BY z{Y_$V=bz5RW9nc?sM|*O7YZx0syw7*`l6_*xheHwIDd*$uAy+0Ic=#FFXjo{36Dw= zw@r?4IPqz+Zl)>5YPu5faew9|P$ZFl^a+*fGk}^ot;T=hEW?=-BmZ;3%!OKVslt&v zh4tGW6=b%hZ{AP2ZRN6GI6yA-!*(~jBQAmbPf_x6^GIpT{KgPs!uKqNwm+Rmhk>Rmcd${u1^o=3)Uh2yQLaA87)!L1$AI4tq^(47FAm`j-sTYxv4GHrcFxX*b#%_%s#aCaU4P(1rdrl+=KgaA%~K#U z+%yi%@)PGL#<7GCNLk=*_D>SAgUr3v(hq`1-ET%OUv@(UfIPE)haK`(R}oQNVLTqn zc)do)!iGYrbWa8OM~zB@{a?gh4YoB2%bSER)AK`?7xo8=eUZilC5DeX|#f3}m2|=>1qWM%5 zm?6M(o`NIs-i5ZTY#K66ep@#T(=k|e%B{KY#o`FZTK3RyJbg^8=DCs|?#U&$vD!~nK2McT zEjvH!UHYW7p!5;b3uU#-ID?s&bUx#{57$v zDTC$4O~wiVwt?e;{KSrH-Q7q4wE@HeP$-82uuUI;Z4hbr`5OE|3{ZC$7mJ-8eqHIV z-{rvWx-wSxrLN>Odm}OOqO#Hgy7tP0o=+Ltbga)xosZg|X@>NQ)v0xe(RnmF@ZpPl zMp#@0hcY{T97{Y@EgH>!$4Z(i3OHNZe;(*Q<76NaF4Kggf|4}(uu~J#GS2K*4UhaErvRmC50dW_mvOebIRC7kYnJ`ZtW{C< zYOY%<`V(7G8G~htH9Fwe%bz<_pEDZL8*F-bl5P_{+XX)2%V1T85O(+X79)4mzAQYqc+M70i4u-e0_S^iuRf zi(8(O;jWHcZ(f4LW%~{0Gm<|o@8D^%JDZqyofrrQ%n^_v#3Qh8^?TVdgFC!-704Lf zx-r|L!b(FrB+Tw}iCn==cEv0w*QGT5JoYKq_eri}u6BmP&lGFkL^Gsli)dHTlFJc4 zr@|BgO)K!gjGCz}xVGUr26_t4f&)iua%1^P)&*`?&Fd>F%b3f0VJVf}vQ7dMXCDL< zR5N}udmq14+J*H0nSdhzsDScx0Tv(vxGDvj6?t_Bws z^Lu6YAm6Tv6dFY3G?Gy%(YPWma-8 zkl$-*k>v0h{c&27+V9cx5Tb?=(r|3wV&dFK+o7k{;lmO>?(OigFVJ7UxU)giKVO(9 z$xLXlPY#6t`o*l_=Dqz!mxXb7`v<+bfaEa^B)46dTuf1iHQpcB;#;$!PfU(K@Ny2( z2!&dV`oEPi$hzGy-n-ujq}}9P;#dAxbPnEQ+9`&OaXWPiv0$P03#2RQJ%oUxfEyP10bt=#%wf|ewpBuG-q3J0Er_WTW~v*(V%10#e=_{t0c zDszYm5!-YTDyt>OgpL0ZoY?QRPyPfn$T}fEL#wo)SHOB+J;xE+IP^S!NX3XQJ_m;k-Z2@9+9v*HvBj@4T=3 z4-duEj4|{69LMW;y`G0m{lG0&DwF0ruefFkCrHsZZYQOQO-#?vt(QMR5?%yOz;=Y3 zpnxorQ0{g_>gk0XYt1YrYZKhlPKEmfxYbUv>XiitG3x*e5qVt>f0D+XsY{N zp$O?|x03PG6HjBe*n!?v=XG7)Zmt4<)V;V?6Cmmnu=r^HGvHU5^YQx>S$x5uQB7&# z_yzzW%m%0`GKlJTdR|CoT+1g2>tn4Gug@6ejbxN&q3a4c0E+CNMJPy;yyI zPF_CA{L_yrs&5MEEImEdvDY#cPSz(HbTn#}*dAJU7c4c{!98f=p7b##iTk=lSW%enYnl+xVg9xveJD_mXYi>Rv-@ia5|ECq9eX<@g_IHUCMS`HqaYk)90X zMbLqz)jYlIg$f*s-eoTSUz%6z(CUh~DlSNagadVG-R;mA|w`6#I4eB>Pa*m%oi z1unp4^gLIx5Xq<~H$d-9iz~4Rht66!P%7N(Z~tKIM#fB*E87Y@#7t=A0zx({xP zo#RMaxTxYWD5pbwQiUY;b{|qSIL+vckT2tAZ%}?xI>^7%JjqutF*{!H;u3cR+=AS9 zP!F}^1*d6@HINes2*B)7HotOqz8{h3l4N$_8Lmmh&MEcMW^C^Gt!)vrT)oI(ZT0~( zh7^he3Zi;!0m29%@;)OQ1#ev=&?gr9K6n0(nB09DSLW?cSw5DBzv3YOlSBR?DqSQY zme^zZZI7IFkd3s*L_^OUiuuN0Zv-&KuGyCf%g>voB@6Qd&RIL-C%^AoK?)6Ag<2m> zMoq51$D1u_^~EOY#vF8Em;yxsTN$b@-Z0bMhp)haUYL~R4?V?RqTjieitou&wlg1C z3rPzJkX#WI1+)g;>C|eu&&%}b(tgKs2M>SDiIwJ05241kYTv+rnhYQ>O}|;;kr@99 z_2whQH8aN_c&B#r^O_`_q1Y{p_LW*lnp{=LV1JRHAM|0hlhTZbS}>Rn@q>W8RR#Dh zg8mN#UHopI2}ptEzJ?!5Fe{^znpUBe+^tDVeB&>VUO&UL|8a@}4b+8eJA zGbW%zwrc6FZn>~;+U$2R1a2~QJ-VLQ6Un7>u{5{JM{51p4{){<4h2Id{NMmB9h`w) z0^(W@n@{{&ko`}+xF+I0LA!&OrS&|5l>q5-^I43Kz6TmOa0lYXjd9rCPMYHe0nS|C zC2s6-zSa16HOzs}PAJ=T9E#H?ANepgKp)15BOiu{69thMOxAV|fg@MYU|hsY56VLC zIkZC%nmB1}W;<-=P-PO~N;>jv_8(4#--uqHv&qM8%$btxLsJohoj&OpPE+^!OrNP8 z3e(@bm!J&!QdM~WvTsh?9P>ysGY%e`E%$B&0kwx0eQGDcX?4F~v086Cd49?(KEXzv zTC(kB7s_@zv9c!)MoE5quwZ+s1o}my(J|m?5(4@~@^T@_*RA&mLmdXurWRhKYtS01 zNR$){=}^I+Mw*uTI>YRZ1g)7JZFMh?le!-@jdq z(DdT?{Q}&ao zcPKV0hAiG4ea-PkU7BDEw;m}ETkOj4vV3z_j5|5-hcJ-hnV9et`OE0@+d%>5OO`V) z$e=m*7ll!URCUP>Ikap`2w=!!*lSe z^$cLz$-@T5s&Nr+H3n2_I~mrfEY-v|?5jKNK23-id&XW**+kJtN?-1U3dW9N?2yxI zx?{EaGOB9c{w%2bENOBu7i`LUq#a!Lvt|3qG*+qM^UcL5suzY`og!C+a*9CLR2CGM z5=a|Qj|%TjeRJO0&=rOaF&_`B@#cq2w+?$7)C9amCm_n%pZr8h$#g&63Pqg8K`DLJ z$3P$T*yPyNccBY$pPKq#BqU$hO-%pd=-}Y_Vk;H^hI6>(s3)4 zm)3pWh|n5^feURkHaIk7oL^5=eZFpZ>E|PzReis@6hg=%^4Wz6`T4Lz*)ho-m9_m$ z;C0Je=L@lwIsW|K4=-{bTU2|bY&ywgIx>bI@KIg12psu1wS2>;c7q6WZF-smy%YM@ zDj`(FUx9NbvEE{ztT^}KFnnO15Pb+%SSsJ3fFzO#R#-TyUI>qRW&uK*n3|>@?i}Fe zFJWRr$2H37NMFpINt2zv%>C%8>EvCL9ia0Z)zFQsOMMR~E?sCItBdI=I(>hs!R2m= zNXuA>VotK@C-JYmk^1qm7MVy-+{YTENLawTdnmIuzx)r@?2kR(bInxJ!y|8}k7 zGnhGo#Tr9}pl;2ePlbLrQQm0;Pq|-HZog&KKyeGC5B#It-I3`o>hKbo9dIQ0gRM`D z`gsH`;E9{3@twLh=6?R&gjX#62kxsqN_V)&Nn1?(HP$XHj%r}nuRCNiEZ7p{*SZAli-Jv$QTSdzK8)B`)8LI%hIK(BF^qvsEy&Hx z!DkW^uB=k$Li)hQmSedqJ|a*Suz&4>Is4-@SvDKjqd#uLxW>uXdHtJ>&GcD4BflnX zsMb1{N64y;93d#3Yf~)Xrnm=!ZDNsKse|pQ!u*3NA%rNc>B`GLllXJq z{r<9J{+Ctlx6G#qSi}7mH^hu+@ErStAP(ZJehKA*(iCV|qd0hhanLz*l@3*B9sA0C z;oYdD#1d@R9vyd?YGLAIU78=^L{A`By!JQ>uFm88?uS=oIeha$i?VwDw@l{YBANPJRH2d2(IQJ@@P&2tBfI3~}w~3+kVAyME6Z;b+`14SJ;Y@=jAvzmQ+3RS-0%?Wz4Nu5S-!wtt-Z$&v3W{@_;PvdmEKz<1677(r&FWot4hc|wMfjANsdLuw$U=2jjC}FUy^_^tg z>)kQ2(vNL^i8F#JT+G7q$95(E^c1yn0Y${l4rKLI4>XFGvDq1n6Ry;$(-NGVcFNe{ z4nw5yNXz9HZ`H|b4{fw2b2?MdLqwl#JthW z!c6KEPwZ~B4@$$vYqvNMCPc*)^>Ao(<;Lr`@0yOe=Z<=PLX;tE1X526RjYOF%e~Mw zwxnmHfcXA_PYj;c54J#7Ovur=-XCPe3?GeRe~m4HLkGy8it`}fco2JoTLyiTvPamP zaPj$X|3N_pP2HfJ+X2?G)CHhe!k6tsf|G@K&TqGlfO85gbjB2ey);A!Ko5bg%}+C+ zcqASU`1_a7e^a`%h81vP6)$tWeZI!-xSp@K_{)vT2;Od=;|2XZOIKa%L7I`s(HP{v z7p{LCBL92bqKd&m$ov>W6byV+r!-iCI-`KDf~IFa9h6^6z)< zzkF-I6>q;9+kU%2klNwV&-Lp^s}@lB2|(kY94>cS8y@;V4_x+^S~Y;TpMa7@7VwK| z*AIQ951Ec_L8;Q<9R??*3&RWJ$*FNI9L=CWCA$HbE==r_XI;q1s2vv$Hs31+yCy(K!SXv)im=_zKMIoOD(}_TB}MK;tq+|N443H%^GHP z-%U(9Md@scGmTJ}cL@}j@bK#oing~xh zi{|Y}K3KNS*9&Sx96g6s3qxE06n`NU64}g9HnXPuu&X#@wv*Bum!BB8^OzsE_=wwp z_SpMe`pTo19EKAKKY(?n@}5=avsi<1N~<&Idn^o{iI7}3yty}GeXWbLVopS(Nu(*o z{B@$;Z7D}nN}0U^FbWkO9LVbI;bL=f{3N3_I>piPj6(O1orAoZ+6eiv5B?G^I$W

<)u&6Fc$GgP%PD#5iMa3x&Z_+F5%{`ln*Ryz?zA(~<10(!p z!TEGWXqwnMr(W{jLLf83>g_3O&P5ZnpZX#y_jB7Xk|i&yd+8=hKMtLBiy)lRgvoqAHcP%p z{EH&Od(glN)Jeou+@L+`Z2PKd0)4Nh=gqCd_7#2XQ-#dmo0fO-smieQc-*FC{gZQRu6NN)KTbpHf+;jl0NqC8(8x=EkfH#^H6ZyZs&dpW%&1b459e76aT*+=D*zlB*Ohcjt22O(G~HLtt#+M zgiI?ms|!4_VYa3{7&c2@hE@SkTxYe;`RI=#)PPa!?9(_&;D%|F56_cSrje$$%a~Iic!T>9R*3xvmF8NaaDEB&V(D7yi zlJimYvFymTzlb@wQG4S@7H1C+7m*%Bc=~8JvvS0TZt~ZRzy7rL#lQp3{MotTg}8f| z)4Yfo-6x@od;!RF9+gT8MOxXSE0nWME$5P(o{UH`r)-XzI`$EkPc3|JOmVrNS{;xY zZIT)ZGx_1;e_=Lp43q``dj=C_NCegYW4`K3;!qYK?dFJ-uz~EQEfjy9&&|ch<&|$@ zVjg&85a3v)UY;|=wDoG@TiwL>P({uw0Tos4sEUdI1C(V53OHzV4n4C0SUf#&u7e+_} zc_rp#b08ItxaNzU3h|;5rvjn;oZRaB;FSdZT0SVh1}*b>043PKf8+U?+ZL^@058E` z2Y@WlAj51pCZxS3scvTbjHMZRXZY(mf9@yU7b{JRQ*vNPp}gY!2a$1O!bG-9Bc%WG2lR*?nuAKZ5=3G0S_^- zm;K#2^grAM^Y`%1`DkcOS{I4}aK$Tz66QM$om<7mBx)_qHWBv&tKYB=zaf^FX7hN{ zGq>F9Ha<7`howwSCSU70^_)y4teVQqSf7PP zZBpu`str7!@_N)Q0s;?!|}>dyaB6=3=_J!C1VNuNrbRw?{+Uy za-w>hy7RtgjrX5in*RfS0&GA)uq=wJf00|Tr;#o#{0HiktLPg8mYm|gQj5VQ=Q@id zJ+5sFbLi)myY?4jWM9dgG^Bd_ds=_@PpKmwP#5r}ic&vMz5@;iib@gkfHRJc)AF!; zq^8AYbIWw9(hK$T%;));UZ&eKD?aFRqyMJGZ1`B&d1I0yKful?)S|9I1U zvRca|e225-#|DEuP0B=VaS~SM+4*MWlz}Hx*CF_(XGUM+J^2+roA&dZZ8$*f&|UE7 z_U~wgOu5^SD~Q+BCwF6GG$psB9UAKD&ZsI+Tbc>!c|Rm~T>NCU!Tkqo^1puA-+uj8 z$S&!lmr^H;0!YIvHi0jtJ1ecsW76K1#T(7{1ILQ9yjf0`kG^*{4U9$N49#FP;$FAou3Kq-# zoHGT`SJ-&KkZK$QF@*;quUD>dQ!p7UhLUle>5-gl1}IRE8? zpYOPC8xuv1>HD{V(>e4~>(UCG+z^Y#XoFz<-r@&6;nPJkmXb4b;jEy&;HBl`i0L=B z)C|iMd-~x$8{*x{uxRi?Py5bK0eKp0r8?pw&7D;W(^Qy!haK{0>2h1b%BkE7ja*C? zQvPz{vlA*Faen^}dYV3Y5l%m6fai3bi3Y9Y)qH2KEYW|V$-#lMZueo zicwAidTCVx>4bU*oV!7EZ^310E$v%QDjX&=s7w(Nd z0DWU3Css?KMu9$ zdnq4b-O44iUuMeG+v6O}8`~uBRb<#2B z2P&L=jxdE^?$}}^OHAzyg|Jvq#gy~tD70LaX0^y1Vxk-?iZgp){&6k%drFfXeS z>mBmF6QfY~p|gh{_Fxgsm+gq*9T}-DizRN{JN^}tgD>jd`o)}1-P097o1r%c9{V*c z@9HN&63J@gbAM5gZXOgEt{rks;Nsi&^3do}Nn2~J(NkmaCl?C*;dX`XUdvSX_3l?g z(gJ46Rt+KpIRGL)KAyw@re&aKt$mI5H3^|DpP#U1Zh{Oe|MTmwUB$l|yr|O1H8{=K z8?@H&xTqTeGG=;U49&v(cjH+Aq%k43Cz?NtQK5~Vv0PW#52c$_Ddy)m=?xIjrKL0S=fMSsdX{x}9~(*D0^rK67Rb-R{1`=HaF z24sDan|1!mvLy1wBC~<6FpP!%$}-;&OZF zxT-f!bW@1vHagvGa}E>9pL592;*^%o3G)AB1>6Cl3^rAszHrud5rerX_*KqP-g?rxiS)J?$vIF4gJS9xyLxT26Q%_Kzy#;_4t}k=%66( zf^~^6nV}I+GqHaVhLr113=uqjHt9^_rzvmT76X9n#!41Ns*0Cj*Oc}5{8D#QJF<8mj8!nYRTSE}PBKJC?6(dX(> zpvm((^dhlaXtYm4^T`&klBoD8iUYad21Q1P{ehxWWVijx2qhvc3dLzSsi1bI$FeD1 zrqwUz29I_x=d0MkO?~Y@hrua8#7v_mVg5#{7IoyJ^bwPY0>ZTNAj$uj75Jn^1)iGP z*`R5EYQLW535{;%*z$1W%{-|OiP%|TF#nz#DRi3W>wD{IwTpgG?1>vdiQ~D|Y_V~C z6JgQn3N6x6fSScJGL_TI*X&Evht$s7_r6G+kJ6ye76>l)V94WebKMTim?1hwTFPaVmJ}=eB*#y=4AxJ2 zMeE-h(rjuC=DucVZiAivYMkL6;+&Enll4*XbJK?qwBV)ps2u29jB`84!DC59E}RA{ z!ig{Q?15Z|V;ni5>&>3Hu(wlz0>0vgaa$T;mj&u{1)78XX@G*H>ygL(?v#JBeLP&u zt9Wcz#DU)PHp$4wO+3&s-+=L}_+y1N@KPC|M%4oiA2mSfs#n{)zVUrBH;G?1N!=T8 z-ghs^=JI>}_`O}yDQ(%;Qd=qP?;pK<3fX`VqAiCNV9cL=<9fA+cUo+$nOrzRzgDyq zObqD6am;y&#$8XeVp0iFg!IE0*O2eFVpXZiETExeF>r$-`uUx51>Ua(buIHaARVP+Q#oqG<8uj$C3!13Gp!dJ4IoZNzAmezk7|hN zmN#=YlaK%D(Yu z?9@^0tGeR~`UE+Tty#Mb4zN5Kot?cD#m0~|TYsihR+j{_CtxHyAPX0N+&3Kenyi-7 z%^IjeFp0(;Kut5i#7iR&TlR=UoQ`nDHD}=zmr=<9184VZ@0+e3XPTO6m3#;6!(Gd} z;eK{fksMYhWgp7b7SjdyI{p0My<6@w^~Iz4yg24v<;RD{KDX#~VSB4jFc72@Zz%7% z%6WZ4YYhf|a-+7vq%OmFohTFpH@f`uvBoMT=q4c|7m;yG6AIE{hje37@+zGBnbZX> z7^kJg3YgtxO)C*Kjb(1xr&BMTVFb|KMEGb!12%otUqAwd9ULr(#G%-R?HtGHX4Krl zI>(@)(xvNQ%9u# zyQ*nWXuZ8}j2uqP1%swwfz?q}iv&9jF4a?e?qx*Y_C_lX?%5x;FWybVYLd0wtpw_| ztQ3_OV|L!J!OTqu=4;{P)Xd7 zI_|CFOYp0guUHGepUgTKj4yP>!(un$*${T1jw#~#v%eG>8c+*^kUbyz7A?Ah))qzN zWd$(0{!IPb-d1}wx_ysv&&(p8{JeH_k}8xH9$MqQQ;p{RN#_dgd-^3Ir8;vHP$EQY z>ebgEPdcUQBHc-8;`EtrY#DQ!B82xWGL4E?@8*3-S!BbbK=24cGS>o#8*vNW0~){M z_l=cwxq>(KB9cy-8w%v}1z*CQF@15n$&b9u z$gj=(%(&iMcg;P?{H^8H`+g7PZn2-qGrVL=p_Vj{bL>>n=P`g_0X^ODo2jg5|GQPs z?mO9g2=*9W7%g8=IeyXXl;*kopyZ#dJG@5f_*M+=Z|EXv$U#-uk+Wt zoF8NLx$Ua5egmS4-LVSNy%nFKm{y|cw(xVQ{;m07?W;YL5>Lr4`>fdInVSWQJ-0^e zLsXx6a#B73mw+jg#R1!looq1!>Xj1~8Ja0uft^%X3(dsyCbH{uI!W@6JUhkEhIE>* z$Ul52z3S1fo{%ow!>NMHlu?`Z_1xO-h+mahUsb=I4{axHfb4(%hJTxy{;9(M zPo@88xO@VnhPfT&EVtGIdU(AG+4&8h1OVN;MSH$3(jLa-QgF^=rGCM&7Gb=vb~yYO z#koL1vN-`A)~sI+VOcYDamQAsD}}eV?J>7}46C-%NoGsgh>gqT=|fC8)| zY0GjKDh%sT;JWC%6Rr2{;YMY%Cf@RL`J`nIM6cLF#oR2vx=$fLnM1YkyxXeP`zW>( zJN}E>-AsVy0-$P0N|@!W&@&h_uB=S$`FH~PD8X-6Nup99>f%f!R`=5F{u3}Zpo|pP z3e4{-k^RSh(4Cssid5%zQ6{Ah+bDcaT2ZdZ&gagz&I^;S{;ZSQ;lUH0>`n`7Rp-A)L6(Ije^2eZBDq49&GodNL< z9vNbM4AMRaOJy`Zy1A>HgR5@di#?2KyuMYbnLlSSH&aIA@6e=!3!b~iZ^Fs!x|y_xf4G%c>q-;S7qsz$nnC_nYnZk2ctE zC{V5c)y15D$TSa9@1*ABK&TA#hIDc_#2oWf)Vp^{)Pf0D+EM9&3V^}lR5xbY$CAj^I9cmg0qoyk_~a{n z{oP3S3%xQ5$%Uqdaf#*31D?w#K7XcpdFpnImf|!_;cyUE#k(Q7FRe$|?R|P!TMTT@ zYfd?~G!ksWy>ow}C;t6c=%N5-wHmo3kqc=p{FUD{wdB3qB^`x@$L(OkOtI)5YQ*gd zb88otC&Gu!@N|WW%${T&dd1j6t#Y^^#Y0sOLk}(L0qx-D4M^5!65>@D?Yo?j%>w(G-4Ufln~l4XCFD8 zScUwm-@H7?S7pX=T610@mO9_2GvZ|hWRxnuOnlr+iZRpoVV)+FZ#2Are`%gk zRgE@ZU)f(CAPqqG}Se zG4Gw51a#z%GzS2`N%RSm3MD0$TlRW8K4MOEK&Sg?3xuC}(wOkU<0$%#>gAo8IRra| zeJ%3CDPbUF0UCi0RICZs%7)Oaj&?iM<>w@|C)(8rQ#oxLDT-00OTrhu`G6^Il)RhW>i#LsGp$p7w;-5u^M64iz~P zOAW1NuK2l07L1<0pT*A2ned_WB(JSF*v$Ns2t#4!t#A4l$_L}aG1a>r@nK5v5?`1m z44w33)~ecSkddU5ef5b57ouLs`$F@~4d4n9)0XU#0q;bzJE!h(|2P;V-?sTApR6@y z(2~$t$3`DS%&zAaulh&FOlw>Yi(SLA@)#-Z2}b!&3kn{!Z#^^qbMKX8@R#SJ*QSf- zKF4-U&Ex7wraLl79P2?T=9|wjl3)R@_AtX@Iv{a8ssTzjfcQm8sQ~)XJuC^NIC5Nm zqxg~AP(_hdP41)e!cOG?LIB8d+n<5P@rY#K9)Wv-EtwwpEA(^QiS~ow_}&n9W7YY5 zrF%JGojK7-(=G`>%+1CNEp{~16@!C~?Abk=6WOS24S z{`BrjkDfzGyTVddjf27^J%~cTQGu@JW|nRZIit0An3*uu8`c}qs;acB&X7l*w*(K- z{nYvjPaL?GM^CZIqhh7ZTR74y@3o6ipTN((M{iwB!!Mva@a**p~E!~xtO-~4XRtij+ zjp|pbEIF2C7p6QOK~}#(>lc_@Xq=javmpgC*S(qWA!_ zW<5CNL?%1eg6Ou#IP>L2{Lu8S%^2!X1aXF#tklV^ZAg?qhs~1ic%oG0(#VCJMyFYI zVPCxMsoNZci}yXOfMnd)IN`AiUi_R<8;1}ed-28@xGfRZbt*_!K6(ii`NJsvdjG}Q zn9wgfTvHwMv>>iHtzBJ$Al+r|g^BWM+=}?#s)inKX7D4aVeY3ycho(#Rn|#+&HVi8 zK%u~#BUFJRAYk7H!DGM!NI{ub3}*++zL_c`k_%d!JYKW!yp$TX{3iI)>Y5wZyK5~b zx*jo$1Gm@%uT(|rK&ilWdDhw;Ea<0HVOxPbR&4UtmR+~k_FkAWOuIxYj4;4p6*cFM zM?^TB$0|M)SvbhqH=XlU++V26EcgBRom=>t@_hKFb*;a&a+kv%3%KGL>lm8!x$3y> z=gz~b7taM+HAW6uz#a~nPLy>}FMGg5o(_a9W< zd|PG1b*;W?fsbl-j_X&_#ZguC`&i)ba_SFPnxk7|dqE24qA=(t1$}>GUO)cEkN;ZV z{XQc4yO#XT9&|*V0>BRVJS&LSj`PXci&`6}_}#C%*8c-e>4F9$d8*<>4)*&T?%}ut z zKF-%NlZV%A+y=q7S0;T^luL z3sI$?S76_n8%8$;Q$;1$rFYl&Pn3y^1^nQTqt5?z6TuOK2HY+6%YK6Y{moFRf#Qc? zTm{k!@y#&@*Vpan2Oc1loQvjHr?B2Zjn!{!$G;}g_&MC?3w#h6)}`e+VGLF!+|b{K z%D<1FtsVzXWz!@LV2eUk^*}Afk<>ms*0J>AScTefwZ2Acrw7UVxrI(OyN$Oo740=d zZDL8_43bXrp(IK^o({;gNzxbFHg80~9ZOsu+wfW|kwArF`{ivfOFBl5UZ;GSxZkpK zY~>Hm0^gzyQ9KN54Rth#f|vR7c06Gb$5}u64C=V=4)J)l(3qJoQLMxK=0e7Ocb)BM zH7LiqI}Pp}RPYSp9pZ6n=X8_1o+>ur{q@f~m!g|={Zhqulb6}`qbn;@ti z=J)jkf7n>?RRZ~tH#Ci-CeelEXxvMhOjavYu^H?h|rj zthB$&mP_CJ>zm>YIC1`!gcj3$@b-{*W_o4h6X4UOoE9NnG$HwQ*sUC=T=6DDI)(H# zLsVGjQ&)9Y`~4)XL@W6#J+7ry2L<3>z9Sxas87CA<5DhR(B93jxbp#BO6bQtm$cLo z>r)9hs-=YLPMidD2zNv2+DTk2Lxr8}LBMTRT$4Tcw z(FXdwyW}Fp{f!E0olQ>8I1X>V(Bq;$XQArIg=`p@J#Zdk?YAH^NqJwJ?$WCzlMl+!8^0Uov9et zCNxp$`41}n6&^{i!N3mE>dp5bAZc*g_!{m(v`cW;@nh@%HFEUd{>+p80z?&O^Dq+! z|DtF|g&fKOeiG67WG%utTKV}qeU9YPE0XU$eNJ3@kWeFhPe^ez_gw;YVFlte#5yuWEz~yvgbE50j;jy+! z(pKrp?zz+FGc+SZYety7Xs^7ti;3DmI$*-ETb+=w{yd$LXcek zk)m(r*#@lIw)z!jAG&WV8Q}6b3+L_imB(cNySQThyT>;+B$0d_UqRY9m_2{c2Q9lQ zQ?tH4Za zAm8|>50d_=BiaIRT-ceXAz#_QPKLt66~WYQSV_JOtYuyC5E^3B)QVR29@lrJPpAFP zlK8;u<$Dd8H~Qm@;v3LlqR{*avK?(g#fLsTJi^7+@qzg7q~lTfhzH8Xu`_y+c?@Y`+kUIOkn3-$j_NTk|Y#?ogdcX;1sm)lRPt$RGPLwBg7b zRS2l42A-4alyiA%H2ZnR+0ZrF!g<5*Y;%LPy04UGdlchFt(^m}Z@}0Qnu_7ad;|w? zCp5;5fazvER3u1(YOuT4Pod0ql7;G>bgzorwcNWb76H+aw*pth2IdST^OnA1a()t}{DXb?Rh!Ugjn}+thMh9-jB? z3Jg@GoB~wZVD#SlD!9#x1=n$wHGBoDRft}TCEfK|8&!{0w46qAUg$}~@Ht!Q8m=gc zgY*AnZTH&0@=IVU>K|;-J_<$sY775cyi7fEHvi{R7qCeChlY0HgGz*XApiobsB19H zzN_19Jd9Hc6<6oYT5HBR^&qrQ?YrLgN@7zk=HIG{#l46je7L3EZ$n3f^~7`ZcpK0I zov>zgR)T5dk9fMaDcYQw?`CVPsaWR8+@>q9^d45RaGm~M*%cD9I~9w2HwpT~!j$O? zT)9TfzO{-@@h7CtrI}O|uH<<%*=Z46Jhx1Yd`|LJvMCMUJqGj%cXQt{7?!dJw27YP zL|BOMaI=c%qNKZnwxQeTt`9<&kJ1Y84%%6s=&*su*jC)1Ox< zqg_}P69j}5A9JO9Cgfca4ubTrv`Uk8s-_M(TmmlxA&Ld1x^IBnnR;UidKKr4>QlcH zN46w)GMjYrCSNzlCRhmy8C|KZ6XW6_!KR1sx6mblqZVo53Q+dXK%>6)A)|1Dg)8Id zD^98CRe^A$VRu{8ktMXr+3Uj%agR=`MAE8P!lPT&{fvA7nnjk>i&v|f2qpG(Q&jst zf@~i$wb^P6nxKO+DNsOYZCWcAAgWT3;2dh4BIx zKH?Rd({cX(v1)I8$%VFgo^2G5Fd}XERw$tojUrzHo+9onWIbNfC(;)Ys&TlVKSXnN zyox3&D-U3OBK69YT@@@wl!-}kRT6`VJa z`PM9QV;P=Y5%IEa&Dy_A)}8zzjny+EEEO%PAs#gAQDWNQY~38RViohD#u}s()@^V8-=4k; ze{e#>K=kc903^O>>4UJ`oa4yvbFI!mcRoTi!4+!|21*InaD!7}8~lw8bra;vc|&EN z)4!N?%m~qVy4Y#V%w12tDa{v5jmpJUa&$S=$Cuq-&oP-zGSw@X+mJjrU$sDFWw`%+ z06Hnd>iSyGWPRRJGWlsO+LL4wbr^WaoxQrf*9lJ3raMXIL~tOAItM;gafIy51JEJZJ6(ymTqIHD z7oAnE8aH3O)DkGYpz3gQapNny=87-61?4KA{qevwYe@V#uy{JN#Gm?utOZur%^#*U zxjIWO570icYyY|@__xKih$|#V%+$a<1K8mJ2B=m+u)FTKLgEDs)>WZ)==E&)H1uty zWBq)N0%AyIXeK_{;q%w(XSM$*IjzCP8ijO-XVfRk-3100q*<^lHsbYD0uvSLvxN#@ zUp-mY3ejn(&c3vn>&J5c_<)dhOg^R6#gi||g8L#6T1%Hf=_vIXBnkkbVW>^Ig!qq` zNz|qSXBpwOU8tPZTeHWHav>M-EmXf{wzYrz$%9lgZyhAK%V!Qs8`co5wtq1?{pCN6qE;f+J9>j6mqa##x;hb^k3@d}MZS{MV_ zwRDxC)5*3b9p5mqV{l=b!^c-(`+U+DxS!?H_r6Q>FdpByDTDFAF@%9Di|TS zZ~)aHxPftevRq;3eK++iH>no<%bK4zD^A|DLsv)nuh=KMKS+C=%fG7<^z>?AuPL@7 z1`0vgF>;8A|s1{((TSEW&Mw_bVK3e-`?*T4KcWGsOvS*jm>sH>Qg!W`h*MHgksk8 zQ)KsiR7Os3&PjwcaiY7nwG21JV*SZQ&dC8kb92JY9U<;hVi}IkFgLdl7PAme(qL!Q zRIP++IGxy@xqA>^S$W9gd`Mk8PQDP~UMt?TWf$*u0Xv?^Z{eK9lm(x?VeyfWR53*xX>W6BUIDU~57 z(I?MX_aMU|A3joKUc!QtHup@RX(Eo3C?0*dx|B03U zJ8||ur|(D6qby*Xi0Sx?f?4$%cvOXHE#7)ZaD2W%Jg3L?l)tXAz9C~t<{)3H%HL_^ zlQ!v5Hu?1RU zvd7vM`FL{g@^FD+I4FzLQ^#n8-0N?9acQNqMUf9Tan(U@rlwB67*DK2_IBnY!GhoH z%KrGVpW--Z{Cti2GeTK=AU7edy4X60mMk+uHkKq;ebZ8D*dia4lnj;GfU68G%W2N( zxiu~%S(q!iZL4kF0jl?PT=hYaqqB`{-LRx-&mkuvFsl%JFJWgZ(n$5A=NsyiJO`F! z`~oLlnG#CEb=JCym+xKA7)MK+Z znngI@+%r&}a&~niG?@{lnsA(MvK`ANW9~Hvo<l8c%P-ZKnb=nbeDk z$u(?!6oASdV1$UenYxd=NPLoC4&>h?238bw`W38LTwP7uvkyzLFM)dolJ>0M2F;5N zic6W_^>bpY;`Uk3BSNeJ6j5pj&l@?QU*?LWAxkUFXdLg_rZY9y_BKAR@wn;jn`f`+ zWngz*K~p^)k;ZJISr`wY`NqRH?ln^uU};#}_!eF7)zldMA#Byy>vF12?)T1DRXQEX zHOH)T!axiLRr{^)fJ*06_vc&ep&31+oDMSV1@+(iV(+eR7pCgBD81i^sS-M|9gicS zi65Xm)4&N0AW`+AZ#hp9{+~- z6hhl?0mHU34;kt-IH`-**?_)VA5ddio9ThoTfl>` zuScZpjrN+Sbxv*kI{w|NAIbbm)N8w+ElSto-n0H@7lzEsVicE|w|jdGrm5PYtonr+ z4mBh4)a4Jxaty+?#){5flY2j=TQn$tL67~bxw(x_i#rARy92q)11INGF7dQUU~` z^bUf6fDjOn-UCP%2%sXpNvH{e(i2dO67tOQU-mou@tN7rp7}8Eo)3J__8v(S!s7xrDsu;+~r6zw3rmm zkWr=%nl(33-`5^Go2|b`yFKv(OKo2tb4hgFGh}VQchxwxBWz?jy1NQ&HS_II?)aAn z8yc6Qpdk);-%Ur^0=j{pUv}(VT?|mGFFUn?P$|V@aJ*7YqD-ft`!0#z0m1^Ec@UqI z^LpEwV&5HgFHoGsx#zxNF!~?0$uh1-66qs$rCF}wCDwyB?wD41)PqZR<=mr*VC2N9}l3 z6L#m-XOq`Sy<8!58I zXETGv%J2R#rEc3dv89N!ez3fBJcYhBVQm+5>Hj#kkw19>H@(kp(O7gBzJ}IgZS}+TvAp})-3;94|YLhU8IM$ zBsTK#`(?EC|H4ZEE}P#rs=o;wU;gvdGJvRbBn!e&!9=^hrXW+PU~rtq1-)aIA8%9< zVAdCy`p<4X!nNDsKLZs4hwfG#=|-JF#9L?fEuJ6S$uym+*{L!2#Ca8JcQj@6tcTN0 z!ff{l%3-Ei=ki(TkGVh!P_Aeo0JZBVDOBxO0IK;f@`xI_I3KzwP7LW!!*{6Nn1UCj zid%!U8AnQLE$QNm?$zD9=5SRB=-PJvf*TLKS;AQjgo-s0r<3L4kaQvLic5^v9l5Ew zs=cO8j}#2{4M1HUAN4JciI@Zk=&b{&m)~p;G=Gr<_E#`>U}rB0%yj=n=L#?;H6{c3 zas9>s%n-PBUabSt0w62=$(iu0N%gyg@EAy>`*WrlunhmRuc`Dna|~-qG|HVha#42j z_K@-)G{z+QDB6<9q(k!%jh`Q{e4!1$m7z3Z_7hs&DCKBLUVODz?5;TOmde2dCZXn zUG`l%|BDa#$Vfw`!+Lof!`N}j512?ud{BXz*qGUP%XV2(*vx<)aoXas#>mTZU^}1T zly&j@uF4itOVG{)yy)WEU*WH{K0kQp5+=0Q~#$A(sZ zYZ8_-__Ug1ROJ3`u6fm-V*qWTQsfYOnzA;bxWr3#>;IlAhefe(C}$h@NkLB9*)DqS z4{;u76cqP9k~d7tdbRJJRhacIRVL>Av$IHWZ+vh8MT`iK+-~HZOOy=}>{Siddh|$i zLl!d7Bx#TA@uw8hoIPn=md`wI2W_+ah_kzv>T87<)a`zZ_*hsb0;)KEYU7m9zNHkg z7SU`)4sXO_=yU_aW9lP_ccMVhyqd8KnksujA4rM|5j#kO}RoKa~tp7oyG7E>jn%AAaM39Q%;yXzzAJwmW z>TS)4x-lVgQjiB}19u{cShbMDOOQt6iiv_fhNWGzE~DPM=!0z>;(a?KZL?Wpx7h{v z8M(z(dyN@RoF9!^@@@` zw=ASG`53XHX9*J!_m$U(+k0D4@GJsuUS~G|O%~rZ?U;UyS=ziYOuKC=c3&DuKCA{AO5D1-Q5#CW(ln8Y?+?`-8--(|KI920J zhA?W#ZdhhFCo7iK$O0ytdU3|hHnG?BS>f-Xz8MWSnw7WSbM;>Kl^{Q`7GNEKoTf4$ zrP2VV116)Y5HctincqQDAF68nHi65@k-A3PY_eYSAOq~>&i>R{vP44ciCD$@#&3_4 zug5Cnwzi4hs59{F=|0$8pf4hE(6Hce<5?EbuwXj)w(T$I5k-5dbI zSP2a2upQf5_`F?wsPJ)vljqi=JQH9+`XFF#8$ub8J}~=Xb@`1*GhD;k+Et&hxPfjL zk{Gh*XaL6kX+~YfL?+uEX&~pUaT^)+eN0%QOynkAb8AbsWS*L}i&I1@zR>KULJD-4 zDnK1xyhO~aA`Svm;fk|X-L^G}ay#uMPqQ+ynE|YGfod=BwidlHdR=|?dL|$G_$bQR zI7xt+>{d<@9b4*c#-Xsxr#u9BW_H)wTMT?>y@WD`11kxKyz!-rxVzY-QTFE?z=R!h z#X$ek?1(ja>eUx*djn)hv2roK4L-kEX=?Ov^zOo};v8K`uEfUzKP&jH4@=HHNoh zo4JR|(3H5^+H#H`-W`O&h28ifV-T!{$xRtdPgOR#VU$OsQTh6)3hXv#%rr-?-tW7Q zd%tNCA|{gk{y?p}R8#{s>oAnhc~LFO*9&S zjKv#5N^BN}0@*vBY4B(2Vv@Lvnxcna?>p~1yCw;-ZJW(;`ezPEq2f%b|&+PrlRoAUgnQ^)f&+mQCRRSp9OWn`vOG7w#m-WB_P{ipds z)5L&G;+D!w=pQuXuQ%#4=-QsmpLN_Lz!i_*c|b3yM1FK2L-I}|4)jxLCzXaYcD`dB z&Jhn1Jp!7H3h#`4?rcjNN_HD`otVd#mw&i*^G)d+dOHZ2fi%&dcLh*WcdLM|uQ6%* zDGLAN>jIC=&5aOwXb6Y8?lql0e0}1y0gy~9;r_NM?fo9%9ax!0egDo;1V@+(5cxCa2+`wZk}P)tU@ zf$20d3*2#D*+Q=;D;w2siUgOeTbkh1b9Z9p=WQ2mB45@nH1@oI%6`VCknW8}H93GZ zhd1sEx&2*_c(zr^u#L-X_1WCKX8oLg9}8jObCS~QC(qA`MYIR51PHf`od2`oI#6!w z9Z`f3-2-P^uqQ`v@yJC@7#^N>|LIzVDz`QW`CJ*bH@rv{Q+1|0!CbE+9hwxCJAh#YPP?hq<__xE*f++2hVg2}aIZbP&6Kyk zo4GP?a9(bvLRmQ{5JSic0-OdhM`g1L2Z`Xje#Kl?Ap-Cp&aZD#d8T*aV7yq8-4kSn zA>-WKdZvLYgTR5Gf3B#psQ&Av!+i%ZskcvcH=M%xYGaYF^-yeKAhuniq;1PU0a~_s zz+q)d(76X13@kEw<843pEQ;na^Kh2{1&DTqe~Sq%!r2e;|8OzggD zfuF_tUaZNUFuw95(iV(~jd<`Qv2NwwO&ACD3I#OPu7}?Q^CQr@lZEKMP_Y@Mi_&r+ zwNhxdPji&y*CF90v)Wqs-TbH9GA}b0oy~-@isn_WN_=|-1PBv2B}|)0G-?ESOAIUBW`Om=*54JakL|)P3LlzaQjgp+ByE|>I-GG8@2OLk{NJN6 z{DyZYK!zbMe7IL}%?xf2dOtt$4y)`&EuG3gl031z`3DUhrUK>H*IXF^=sRAZdG}lC34Ru_crb*2LO)>*HGvQ@4To&a|n1( zo<#i0WEx_&m?UkoU^{E<@}Lh%K?q4A0d#_}xyyslwgmUwtIoH{ZkayZ+p+bGYT|z6mpb} z`jiX!RRBo#?k`BT8PJ0TR_(6v$R)3?_WIW(<*cKU;J{L&vuI#Q>Abb=Q8_iBwIx*z zYOj0MXV0?BcKWY>Lq&C` z_&fb7n&1yj)B6QUh*X{X024|}gzKt$|H(_9e*;!c^L6PonYp)j{#T1(RWg~b5<-wvb;qWe!HN5F~y(-ruS`{Gaj zgkP|r|HY>{M)GesbVERUA?LR=_{eG3Gx`IOIu&0sX9V4u_#*)nHOvPdEV(!E&R?#| z!b-#=b5~44+_6tLrOV4*&8m*9Z*A-q z6qWl>(Oy>FMHtxXB61SoSV1xU97h(&ukn9 zrg%kM1g`Xgb@j3S0MHKWGiD~w^#?UIFB`T{cwg$_J!%SCTbmo&Ms@2>OOvFpiwD1R zN*~le6IWpM=~0Rl4&LP=!|=_6qMc8k!DEJFek0YU5fH+a3H~l#kx6 zmyUF?a(-&w|DNsi1Y{P1pATgvsf0UqO?CDWDqsTBJ9;e!-t4|NZakT`5q6a~SPfS& zXm4ZDogbx-CJ!DokmAUNJ=sl}_*q}$C^%vJj(!V?p{4n?Y6Op1Uf}`uP$FaGjFEbw zqI_lKi|Y^1U1jRv+|I06=h5k`AkpK82BPP%*+MfQIq&ReDtA0%#ioj1ST<01lrXJ< z@a<5e@q89R^h5UQsV-+hx*@_L%>O$Uw>|vCvC30G2t%A3^f-D-N3G!RaY%VNx6Q=Y z<(U-$yJGGJdwxd82e-Qw;OMr@WToE>pj!Dilx-DNRic-tYhc?abKIZ-bXz8K3pO~B z%9l`UE@RaXvr$5`Cf$$KE0(|aGqX^%NrDOO+$-Qyf~TN)r!)Gco=^W!IwiqLl5D7y&05Lt3So{d9mUX(DY8j8z)nk$`ObCODx{IvPy6shgtoK(nULngEWV7#c|BI zjoqAWg@X4S-<56i(+0BEGt+E9%*S6?x_`s401xu7zo0`_Zv`2?!Ergj@^a)P#Sn0D z&U9zHQN&u6b1RP0sOR~0;SEQfv$CKX1u6^MQbXv%oRz-<#aMlAV%WzF3#%*_;lgq+|li)1Te$KoxDMK2|3)jH7mJ(fR*)Y399GX;T_bNHt?uB z-T8OjdUusr&tp^n`K@YvN|jwl!*(*7$@W_rclYjyj9bO!In!D5j2o0 z%mxNhg?Ry|#lFG6AEbYNUGFd6N%Hf9xxmF%x8A{NFF6>9-Ybo}CiZ-pMlH?39!8p5 z?pw@PY(w#SFh9^Y(U|3!mUzrQ2owEz0s^Agk=;muLWvn~l;iOXf?#EsZ?>>5B2YRL z)xOM)Sb9qZPtG-e?Xa>IdcKq5UDuFO%QY-=Nn45)yT>*Ym}6?Y_S7*yS31ijE9|d24kU#Ybj-lUz*3eTL^g*thZM zzvFY1<+=25ZUpqMnRKGACbVX-!HXZHAzpmif^CJANU zU^DaD=asZqertwB^PyaKW2u)K$tabW{7EI4z=4r2PTZ~nk=P%zx|$~y_Ow^ge>g(_ z{VtaX)S2Yqg>p-d!SyXR6PWIPIpE2R0XZ$BSq9lS6^5VMk^Ps93}4d@!C2LHF*$F4 zuv^P#>})s>tI{n-{{9pMH|`;>;5Tee0U>k=ET7-g6RE+q=6o> zgG4W}qC6L@Y=Awc%SSXbkcX0C8Q?EdVT~IJDc;yDt?KCekkJ&NJgzTvVWrtBSbd{= zmMFEJ90jibgC-FJ;U~Khz%kpHBaMwg?2PKrw+3i-SB!V);8CPcvE7MM&$go1xz5k8 z^k~MOJKdJ0yUg76s~hm^55PP94W<7-^S+q@dN$>kv-dY(%RjXL|L0`?|4*S?|G{7X z4-@S#xWhh>ts|fc=q3{O_>?6^bkg(Yu;3*8Q=e3}YDkICJ_(*gM1+C2 z_|<9T{>Cf`aCU(>hrdIz1m1ZoRUe=DDl1I*_=gVly+XcALR%oBra9(A?|J@k2>C zP0^&Q%L#$+t3UYDQ;{0$k^qnzGg`HteQ{9u# z(~W8{W#tUKP>cJxa?9C1$A{NbP8vP@i_`ZzJAfV-v(@`mut7k<=CB0{wu0|(ulW6n z6?w~(k#=~;6U^4GMv|hQt2wE6^rUc;$9NWnmz^}uIjZt0F<$$DCMGj=T76XB#svgs zz2EK)`u#EkE-H)Vw#HWZs>*j)o_u&ndvA`9=4O-XWm-OgK(=G}zxcmhHwDy=iYVY> z`^})4C+(~*j!wKrpmD^A>8Y4-QGhLTY9aVrXLF(b#!NO-6@}F^$oIh@aAi~&(*~&h z^U6pY42gWq)L8d|PqwabJydAC`m2%Wtemu5p?gV`)-zw9uv1m;dyfWikc^*m!G6tI zx!$3ATiZi0xyGN6x0JO>uy>c>$2ptE@4a@x+%<)%Ysa%+d^f#ot7{$dQcnK;I7B+) zK6l{>nxA|joWy{G7h|1b#;*YP&bT%YOtf?2yI9B#y^CrJ%qI|V)2Zdr>Us4&4}YIQsXn#>%1A>4Jdsh?!tk8I zyOC)$J<3&`7hn0)yNV#=0B7^eR)llBa4{C2?iRg2a)3B-`Ro?9A=N+hobe{4r?un9HCXZX;4W-vaBpoRL<^W- zCFpGx{BDr?)x`a4{Smm2f5$p}Hl7V~2Rv`iH4&Md=iA40mP6=rMRcDoSlx<9H#f0) zo^ut9<8p_2zB z9ht4Vot75FCnp}+b20b;A;D&L!1b&^9B#xbk%r@utw~V_d-h^OA7~SeS8X^$SAh*j0xy=pZ6QeKJE^^yF zbPJ;aJ7W$vL(F>S?qHTa*<;i6)&QL5J2v^9B+cq*`t*B1dfCZpD*`xP@tU;s_$Glf zvhjfYggI720QbeVQu%wLn_H2SPL$oXYR>N*TW-*&N|-+9R1edh%ec2yg@^>iL^qlk z@6NNBPHMi>MtC0bB~F zC?cfk1|qO_9rJ~O?>0Ad)e+M(8a!O^xlX+!;x9Wd)TXWlig!-Rmb7*@H`_(MZf%Zr z+8aK|Je?n6dZ^t;Y#Om6t1PQK_3#Xm8GES0lV5YHE-}gf^lNEu8ePqhh{MqZ)_9HO zswjGH+`M}4`qg~qQ91H00)mrYVeFtQ6?W^frP`NM zM~u_30j%p8R?Oo5BmA-P-){w!({LSUGC3;LprvS$k4VV`iHJ@Cis57@zkN+ONZ48V zCeSgongr>@RA*hEzjWptsLbNQ_L`pDd$tohiHrod#~@R}5cJI=&rFpc>``wl>xTby zDgzEXY^|GlCd;}gB;kgab_&B>611geVE3cifiZcP2);!s>FMGnmq3VOA8aFnBAW{G zbqW^ORohu_)b1F3W0Kujb%}iWqcFYjhrNxkpqe0XYJP*4{C6?~Q7_w1{7x`Q{(t$Q zHE3YsB>4voSrO1Pdj+eDPf;;l#8*^dK*sVXp{d8nR)D!&={>pO08T22-&Q;{G6Zrk zSB=0X^^;C4He~2=D0c?pW1y|H+XEL`Z|Ro9w=0)4HOgLg2DB030N+uc*OZuvJw@>l zYaTkvB^WXqI{6k>LW7HYy@Vd&v|*RRr!GHK*TathaF1Arv$dqC^fOKIertN_Rc{!5 z+ydYt+K-^}VVW5XPgfo=@IG698m`IT@oy|L;Bk=wl72V!0fXqs8}!d~kH28&{7FOl zW8#0-aY%P@sEE*G)9MkOj$eAX`nHy#^j8P@+?)b z^fNy)M3QBdg-#qm-UwU+o;AR2ysn`^%o&o6uYMz2S)9i$vj}yQc>i2a(#kyj!Fr3< zr8g-Gaa&TKp>jA0d}yxQNg!@f<8o7DW8(cdNeUeyU4KQB-NM`hK|@1xBEJGc9A7%y z_2oQ}rFsEm0px79{_CD8?gSKV5kS$tjsO(xbYE1jAre@3=j$Z^%(@5?aMfP=W%2q2 z0*cD`rD|&?|5CLX09D&!><=0y8R91Oi2#5C>S67JP%3_Tfr0yr#|}SpbR6Ucs3H<^ zT|cbsfB=l-m$ssd0wl69Be&?+_W^PfFF?}U<@jxg=&qq_hk0gx@eoeL_0Q6dos^x9Q-c%1OSlO2v z{E;?Rp4aArqf8B2prRx`mfs-Zl3n7~gAScgZ6q661?VvyBN}ftldkXg^DGmad%h9< z+m}9S2*>X13d|j#vIoFJLHwG+NE&Vuf38CRrz=I2{Z@>(Z7{L~P-qdf9uiVbigS7@yW z0&3hM&usPS ziJBTV59x#?a6dfOdp06SFo=fYOXgg0PaSy^B$pT}yeYsr?YqE;$7(Q-V%F#0Pf2@! zofGlhEeR_Ns-JJfs<3E;4zW4*>Ls9^$lpmQd}lK$p!X?siL;TJj(l>rr}ILttYV_+ zS8VIF;*c(*NtneY2X`Acix^a;??-J}i>{k-7kn<5*lW?Oq%fPJk*8O7K=k;z8UY+d zFHa)Gb;Ky=W$pHd3q0-Bt~}d?)&yYD4X$@>Tw!KGYLe(F;m`UFS^H5hhWR=)DkP*&s4Q(Pwz*ojjggep;h5VEkxjCm0SUCQhP$6czsYgHW zcLs;6H;kM(GKe;l4|;LAy_og5?_!j&|35 zC~!r6gL6BuPm5j0Rlk^ycYiw=&gU+h6Lj(T{WzD!hekE*6a*Q+JaXRF(<*4O#IF$H zIio{Hmv6fXf7a}3p71^FQ1=B>1Ht&3&=UmvJU1Pt119kbU;xL>0#|oYs3v0p7Koibk{pz4p9wIOe z!2Si-g$>c}>13GE5cOmx@L%Wmx3dw7gRw|e3Gvn__!W12>U0&?)ly00(|VuSc*rq! zV~c;x=J6#4nindjU$1f(UG8~rQE0}?O?!sVmr{Cy6psbZ)q6lVsPYIq0%vUG_b|#a ze2A4{`@Y@nOfz@qDd%Ri*%Q5=nux*^&S9hPik8E z(4hf>(>`k0ZNiHpMi}(i$xyzmqdr7^OvLUTYjn_wveXgfINw4O=|vM9`A>k~Z`XY1 zgK?A#IHL7rx?6#}RjAAaWw6OS9zt{_ap5O#f zX~L+#D$OoXX)yn)G~6XXrJJ= zLIy5VZcb7Z+#V6EMWg)M{lpRu2J0De73x-FHP63&Z%@Ok|E92aiB5x!Y~1(V0Yu!5 z^4jv-?0+55ns|E^I>2%l<7uFu9l%?Br92bVWb_bB90CJHRSqbsvJ{}G4&MCB4smoD z0;)Cj4JKkgxmEajQjuFMyWf>Qq&*Egs{d|htnK1~(hBW{~D+2?$osYXR1`I`Epk;Mb%7p&sqgN6gAtxZ!FfI^0~^{e{eGmmS(qqo*8 z)jz~r0lR%gh{Gc+qf;^ zaHuKun~YO>hR_D@r&Q$&Z|IlO|IC1#&U^z&c#8BS!iF0k6*`au?8f9EhErcRH|=r^ zU^Pxr7pXVe;usR-dqH=ukFZ=x(wQ%xd*(|0uahVKC&{yadp2FNhL`*YO(jJfSitpw z&p`!wzaAPvx)16G#HIkFp?&dutZ-xdMYxcZ^vGo`mKAZM*8`?MfbGq!-HqsF0+b`$ zJAJu^pJGiyMXwy5jH>O0;WtrN`g7gG=IK1{-4}hG1K$;2NO)OA6S`yyNue^3GeZuq zhfa0TQZL`EfjZ^O0OIZ7TWi0TcJ%;M)hkt2#>T3a0o~aC5H<8%)P6teJjLe~Qi1GK z09BA75 z8mUaI!Aijb@aQNxfPvN)>{!e@xNXsV{eFF0%G;{+6p`!iO&l90mO^RCa(Bs(4z)fa z7_qosa=68)1{=cv{l?KCtB$EgY!N8fnYChtZaBy4lY(5e~ zbS*vvlLL%MdI=&#cmgs<-E6z+!t4RSn_HcrVQ^-`oLaOt4>Qg_9eI!Wbp_B&yb%k? zUPG5;z2SgUf9&*kCuq&b#lht7j?GU;>a!`Yj^e2jp)(rSj*39Ra{cPcOP1usmmYOT z(b^>CngIMqX~iF(rF_&Q6PvO^*dEvS^4@ji^*DhH(-rv!)g!84M>xrIH%MK5>xvbO za7M)$9*6kCL8VVpD4>Bn6Tq2yZVpq$$6~;z-$aVs=YL)|TYKWm=@se)gw#zkaGSAE zuFbe)GpY31y6mL;i8WjrP63Ac^~V${N*`3;%&??c5lWJ({Rc(rH-_k6?7)A8g%frY z{T)Qe{KN|E5eX*~mSi9*y|K1!mPt|a4< zmo*|u+Eh+-yi8-pf?K8S+$ z3fjbGY);!ONTz7RiQ)%)#qER-qaeRfxUt4^nqY3^_x!4uc z_0_%|C|Hj}+5ezfWfJ^dCirJ8_21w*{-ZVF10b}J?8QhWB6CzH-xsqXjU2qa{NT;T z)YbG7gtVi+h=&b3TZ=heTzS}|$MozU{}rzj2t0y!qnl7{pbHWaHGYN*oJT4~lNUNB zD9Md>3m#Uro*d)4vIVar2vFbo`WqXADSFqc|3W+Ip#GY0`CUNy9VrX_mFW)bB>x6d z_P_a|&p|ea*AVCd4fbgyI{}@Tr|=)}(F6Dyz0bA_{i8zyN5B>rA6bznChahNj@GVr5k`^@U#k^0-(GQ{Tdr$>)um z`^mB3(;#+|)9uxGYtcRjv01svl6%P($>>%U5P=C6xemQUq6uPMkj zaOjHEn?Ndv7ZSSY`(AnC2BLRGiAO~T-!qI+1YUl~A>SNVHTF)Wit!^SkmOj=AYV1F z*h4u)@WE?xW+mmW24{4y@L}(Cs1*FvLc9^Pork40@74@Y=0Sce2Kz)7*w^W~$)5^! zO$!)w*d_=@L+WRq$b<@#AN31<#IcZN$r}zl@uriVBhmpiLW!TX72kh9yFY*N(Sr{nITdwp8qHV zne;VTx;{8*+Hat08{G?!>|&wNm5`;jA9=P~MR{lN+O-)ud|8@>th-dj@+90jDz(4f zy^@{{QBa${wfcmHjJ7&zqKe#|bLY_u!yL)kOfPA+&B*OYE5gq~IRcF6j`|`vQna1C zy}g{%x9`562|wcR^0&OsP~Ef(ILjx;5rYFM2)COP$YaZT#L3ndoE3gYO&P6ydAT8| z7Hv_}jtI_2Y8;Rpcl&aS_~6BwLlGqXwC|AGO|(vXQ}XS&o%um%g{Sh2ivQ1uwY44I z%@}V>=-VA}*HowfMv zN~R%Pjgf+bCS@|!+j}pYGy8{zPY1oKJG?^So}x(LAt%M3J}UO0GBiWg1&kETIwy8z zWQuf>taTPJqmw$UF*Jv#(7*?G&7D3*1*8u#-Cge%C$zjrq~ zNRiX&qolq>Q_VI_Rb{h;jZVpHoU>7{yg`=$PfQv&2msP(_k)*W0OrFO z#t1O*g!rSjOBfCimCbi;-N@C2i=amSVIwb84+Pk6Wdh;iAG6Uv(Q1c!TT3L__1wJB z-L5&_pczLUn!x}1pNs!54-^DU*$e<{wEx?qO{@Qxr=dd_aFqQ2^?N~gV~-E$jQJJf z6CXNOzBX>?b7>_^fct!N2A&nRysOCzy+FkQ$$p90rbV7HIOx{X57X}gd8IiNZawDI zcfEkSo)bkV)e{QSqCHA`1cL{{Ws2vaimZjAF)Nqe_R{Ht&H-6PYXjSKhbo>ZW)OWj zMVn|9_qma{+go9;hqcW1jT`d0FO;xwS0?w(y@ym2$(n@Aw4H`ZA)k+pzVp1#Gwk9r zzFpcOuye6(aeCGkAnSvpSK@wrkd%0)yIUPQ`0BlplNR+TI6Co|q^+hZ9LtKzTf zTHqLfZ|g9^@#?kW4l-G*RkZngNNY^Jt1e~%vhvm^zF8o(h&cyZuZiudeqC7ObBS=H z@!i`cXVYQaNux{Y=KE{@YHJtF>CDP$_!21q$&xhHXqsvWp{ilTS$1%Ih*ue4V+G&U4XR_3DLZ31Q48I!KRiYnF)wCVH&p z%fsHE=}jeGKCv)YgEaI(%2NlqKLtNRH^B|4tzCjzVF*DmvXgyE)|k@RIwtKFiozib zYEF^o4%I2g0YW}Soq(o8DiTMczg5U_lLg;)PJD$*8I~ePSl8>iG8L~#Rey4|?B+Jp zTF$1aA%xf+45W@9@YCzJhrzBbC#l4Ii9Xc9wmyCO(!&KM%#rZ%gy>T^A3^Y2k`m@E z3fggJpxLsuZ@v{A?L4LLA+s{>tdGI_T#3M`ML*AIK3_F}W>tCqh+~w?3a69YRwj^|ahtthm@5&mAog;{);Qc$cPS#O=e&fQ6w16b>C%pQfr?sd4M|E)iYR3vV z%mon4y2D8{j|Q=i?!I2TL+$(XZkyqtgS@n=b!_ zL*InH64BMIafTdT2#y8?=X+4a#+`kiR(?~nu92A?UA69$Z)GV-@p+1S-Ni&XMrK{! zOm0Nz;Rm9=UZZ?;+n4qYR&(30%0bGzN}FM1Y|2JQhxPQx_%n$1?LM;Nb#CF4Ck{YY@6XB^V5a|* zXr?Jpg5N!c;O$Z1MW03l0GTkCWy*r3^kL86)DNomJ)gSWEj|90Ge3~OuH|{I-zetB z^e2+M$H8W$p?3y6NLcIP^jMpIN|sN1fAv;31CBfPgy>A%-~aAFtmmIyx_@<&EdQVh z@1&!EiQu@j{#I?MO6#Pu6%X>x2KB-3BnD?>BRqm?OfJO7);2QvY@Eci~BzjzP zq!I9lqMsbfA_Wupp0{7f$1aZWM@VjjoURp0!ruQsdG$Iq$#DEq9GFcp7v9(0#no=~ z@(-FmBSNkQuZ+e>ZKI%hjP)^e#@Btz$ZQ5nsX zFfIP_R|TYs<+U`w5T|nTzE;EQ2@b2aIGEYAO0%`g<(n>+DQpaqSL(cAsAv0qG(PCx zHmHifWev;(mLl!RrbWtm*)@rZhT>C&%^7cv%j|T$o!X>j7Wv1SueeI~$hRB`atX(MWBS0V_O8+SC+T8~Put|T z+$_AFU~1`U;}R%_W#mRxJK_Ucq%%Rk_E-#mC=%8|Ru_v7xe4(9BANMn#L?{71>N1V487Vmy47{v04KU?9N&dnzvOd zD8A#Nd`OcHVyZS_(0X-DkfCVf7E-3*#r(VD@sDq7UPu^owDP(+_u_Hr3$h%+>T#z? zQw^}PS*d77z8O1xS|(cTTh19v8V_cHUp|kokA> z#IH-Ac#IfN2x;E+0#LFq1NC$O72%q+#L+4cL;DFF5ti1ws7QXY+{NdCIvXl$=u)mt zxFY{0`&)vXYqN^-7uR6kHp{>pRsuKM>p&0L(w)*i#gtmnki!p(iAI?Nxo`+|(%(pa zrH{%7D0&rlH>kqos+9$9#cSRl zzl>uC?&e8S`!DBEr(k?}@Sh)2+nOBpHgnmIkt<*%w?4~GI-cep!ML9z@wVT)0hrF! zww6xSh*r99SYD27dV>5bNKZXVwlt|ALJ7n`g?F}8DE4RzhLVjoP)xw#s)X}p0Q zqo2lC?K8?GX=PHSX^oBvyWZ$oNuZzAhvvb}g6IiAA5(9-2J=NxM&5s1)^8m%!t$=1 z|0bfw*)Y&C*vQrAQe$I(Uf&G?+n99r@veLAcPckD1V^hILnN+ukdziWhq6QS4(b++ zJEnlFhX&kS;^R!%zTEo~Z@bg}i>I7ZuN5WQ>erjb&{pf7W%f#9GSn0>B7Vnqu~MuY z34r&2gKR0KxEjD5-8j!?Gb_^vz@?EKw|q|LPT2aRK%LBZ=rjXNOe zGcMfRo!?MlU1wY}F1n0yXrFBZ$C`sC0Dn64Znq4kAzdDJZ*)kQE9MGvmLcWT8j}7{ z5y?x2D{U=ukG&E;=>GbYfBR^yfW0Y84GQjP&hEZ-m{)wosnmg@NKbqAK&8AEAdpA1+=1oE823<}RYd8VpN zDVgSk0RMcq4Uz$$9IYCf=u@~Zz$nkp{dGb2p#NZC_>A~o&AnV%R1kkeL6L^*!&#y8 zbxwyM3g3jHx?XP(Dw<`TR-zcy#4UdWnou0u@@<)XvjY& zR%*5x;VU(49=7b$vE>5yP7%;bmvAQtCkvQ+M^1Yza!*j43i=2a8|MbUwTE1SY{{5@eZ5kjC~jc2Et}^AO1=EV zCp{%aY6A*?3^@%0Y6T2lbThkrX?7!S3D&m9@w2DLNS^Tt{BxkNmYdY|p@#2q=Q`JJ zNR1%U04IVB;c?WyL3=~GcO$eZ$9T$*k>L}}ACB?7@=m4^>rK4-ZXYC;;B>;X^!Q_q z%WX$5LoXuQOgl*9^J1A1N@ymE?6mY(UuXri!l2!tCM569L8*9b&IM-{WPy0X^+^98 zFCCn;$=f6~ytHje63D}MQFcnUQ83m_=k(&nIUIu`?Eb(_O!(H`{1C1G#`fM*0mpbz zSKX{nN9U)(Zs-V}onm-7u7w<8O z`>S1)1G^=M2PL*o15^^j=MqMt*F;i-qje!{cNwd!+2x&%gk6{c?>s4{33w*;Afcp+ zmCRlvc11AH2p&$p32%f38%pJ>4&IqGgW7nlw)hCdx{3abXg=Srqa4f5qwtx-q_S}z z49vxQpc6V}h}flbmcb!XH&9WXLQ`Qz1G6#&8%^Uj$4ra5}GHapxvVYJB>B^d*CEhK33f=#(!VWnIIw}ZN09tNV zWVi%&TS2R79QbMPAKFh$7;s)E4BM-3^@{Zxi-^W51~|^#FG~oE=u|<6L?0l?ru0}n za)Ch3L#50PRrE7I#@-U98$Gb0FB2b@oH@mXt%mlRAKngN@$8`jyGjNpA~hP1P_zoa zO`MJo#&2H}?r2XkgejONNme`Bm^q4nwiY>V)^9HL%uh7+*#1Bw*u5rxk(<^;++B7gZgQ@9h;&>Tg81je=j^(!8$ zAwuj&8n47dYj_fcWp27Y^@htRh3Kj=dN`+Alg?e~J9pBYk&8y2=9InEfgX_-&4#om zN%Wr|tWa*KTn{Ra%RF;i zIxTmdh5~V-ikrD=cb`GQ?kOl|qq2~fYb&PvMOoaStXIJaKi;x(S?Zi{r*AO**J!NO z+dpWUWunr`Lx*{)vuZY!ak`lS)ri}?ZFBt>p-|d9;fV}`5|@nQb^S#RPod~&c_jS(=Ajn)mSOzWoz8i7X$N&+awD?ixH)b}V7d1qpE^U1a}8fa|pS-w@4g0jwefs6k$$&2Xd#~m3N3g%x*n~Cx%Nt zZK@S|5$;g&C*36YSD4$M9G|}b8iM>+dkFQ%^#2~}02t@WSVJ~fX`RBzJ?!L~QWQKl z0)z+ZHI6C;8<~9)PWnICdk?6lwr+nE1Vu%96Of`*=~9&{ARr=Alr9939zsN^5(q_l z6Hrh%5Tq+jdM9*5M0yJ~0YOS2p@awtzU_DK8UOE|bMF1ld*i+F?)$$x1{rZg%HC_O zz2;nV{)$ygrVENjaEao%MWf}S)rPP6QCgO=t+j1$N|%HOk6_|WPFu?-W}(zf9c)go zWW>7oahf|I6>As^-X(NmtL*}D14`%mR+2uUc)G7-z3#k_|M;(@;~4D*CWsd8s+FkQ0yG2 zof+ujXph0RP2Frz+9HyQyCNU4x96_V*rN|wa3oIlN-JnsR{j&f5inQ^Y_|8*%=uo_ zKiRBjTyWRNEOM8P6NYPRn7^tTy^rA)wbRd#cLp4Y9K~d4E4ia-l7dI<*ofiF$auSp zm2E_Wpk=_=n&)<{N(``rvI$QpSmw_|AWsx%H?7RSj-L>7s12otb-OSBsGvU?sPF1i zXTXa@!&n|m&jbtk&vrlmZI_&)2c|Rhk=~kF`4Okz(E9!Xch*_cjb{4A5o_S!A#DJ7 zaAG+g;59n02D3`XsT%mZaVxfA5I^XlG}f{`w6*=|$p-xO82;n$`<>zqqbJf=@S zR)G29EV>85n3r!4N)qmEnvOp6QmYouf(GTz+-wu5GVMt5^79y(E0WWv?9}xQ0ct1) zPR{8m?pLY7eiCjhUs%s^T_2FW>{;-jnNcppa`}CUJmn9jL@V-3v=XXm=h6tMs0t4CSP}ec({jYNZ>tc1ut1GsRYG)8jL+r#^K-~aAPc&#( z*=FcT5V1(_rISqQdj!eXE0`N%=LOYq#=GKmV`y&;Jo(|oy}1tvA1y|~RHuw`+)71#b9{3%b#UbuWg18n*M?>3vn#hlM{X6 zN3q`(e#w>msj~djGYBaeFRyLs)uC;!P>xlC(?RAqi#E_|QoikP)lY%ZCf-#9Y+3LJy^OR}UEuIDB$oOC$@$w;%DoW`6nt7C=+`V#p) z^7}g?fPg$ZulJK8;||3pK$F~ucLL};*`E|7p=>`gU}NAC0Bl{zW<1fkP8yB|?$YBs zVrFqhV@8FBP?1SUs)6nhY>~o?MsgW@f3ao$#YZ7(y#M01O5y*-)Rb%gaeMj`z&VFO z4-nq^H8;6%7x+JBh7Z*S{WUYl8DCOnkm^_0zcG1V|6-8-;-h~xZY9LE&IJkl*X*|Q zlak(1HuS@iMe&ok3}2!QuVE%m6~vLri?qo`H6q;Vc(y$671mk$L8esZ5$*C ze0n#MXb9s3a1xzDdG5-{84Wbk_@iUJY02#6&wCo^%R!k0$b4>;jgL1aA>|Iq&}> zGhtKNBz|%|jN{mjh+KLU)Y=$_K4X0PAEt|i~(h5wm$lJ_UZi7ko* zBHkT2m)?uIoRFW*-(^~da;(!7{KW7!VMIXu`o;&%>(u6zKuz)*`ZfMNUN}Qlb+E=A zDr1V@PPb`0tik*}V9y`FSKD;8v^*?_|LE zknKbpuFoKo@$+aei@i@%tSB-n>l*NG-taPD*zE1I4?^R#ag!+jo z&dBIKxD-0K!N;u5v(7a*6r})ST{pL`ece1i_#$h!cM zOT#o7f04?3|BEY|GWbC9BdX=wNRDUAjFxNb7riq8PYWkoJZOkSq0ApVy>)M|7uL0l zRjG~zlvseJ6Ud!q3g>jKoUyW{0 z_BO6xqDoaLYd*%=SrA}JD{QkG1624fk>CN1ecgZL$^;-D_x|eI-6N;LzbE_(Q|GWM zKPloZkRvyFDgTzJ*FWHle@E0Sko*q`g#N{do{Uv}wi?86UYX##?xob3P*640WvSard2<3((62&_P1 zXSQ6U4H!<;GhOT=aCJAC7xHfWSWW{6Dc;VWdKkGRljt)i7;20~1v^k4SwQ^2f!qcz zviD+lI9;b@7`Rz|1YKU+Yw~DP^Mb#q%ln(|^s3VW3EDQc6kc7sNDr1X^t&9(Ry(4Q zsdi^gg6(53x68Sgtc{d!EhIFA@ApjFQQ+eF=)Iww?p%=Wwrj-L!?HlkY!>_3at|L< z$#>bi*UKw-*D)C?(H^uVPKpqsXER~D$%!J{r zY{5!t${!Y5$BiF*+st?n;j-(G&YGN<&4`qb=mEOlu1TZJDw%ScAyGV~w_ z0}X2lU{B9+J5=Yw`KFiJxlfr-q7ov?n%y}ToSQwX4PEO~ALa`m3UW#&>jMa`*quIg ze#Uh;E9?eF(sQ zij(U6u3S+OHPVcWn}BZz&s4msQ9d}`!pO%fplIFKVd@UNw$9GSR%;hswkpvR5$&*& zcvIt{Xhrv8jJh-tu|&&2^*v*%yLr=4?mq5{f2`VL8@$%Ut8)t9-S7f^Phl|JYVtDtlC9l_a&2GK{$`ed-lSAb=Il8IIx)W5)SNk+ z-1+H#aUenPjL#?ZJtajl=TIGFPi{{h%}Z@L8$=6n>I>L^?;4l+ByVernr`=mIve;u zD3%tWHnxl~)^A^VN%Q`CMF$P>?X#t!5Wwjh9!7G57j9S^y*S9+-y_{uPro>UX-Q#% zQX6+X^D17{!iUJOUOi89x^E~MNI02`#!ncqZZ&Y5bHBEvN?B<9I9U+dJ_b#|QX zjBEN~`lCnujCT|G9cBf(ltZlEgamgLR^<1W7~}|T(Y^1W_LH@aVg35@&e!D6BWq9e zT<6WAJH*;Ag`1miPi*H`>L-^w=p=D=3t&HGYU{!Tbf$RRbs)7z^M?v4emw*_Ak7hom4;8Iw?+Ii`|<2_ z=iw|c;|4rmjD*i3Gf5sNXOlT-tzys@3$fei-B@371iR)&U$h2yhcim-J`^kY;ztoY zHs}Y22r@mqo2)kQ!%O_*eSrw+TFv7=_tem@lxmbEY{U{k_fT)y=%W8QRi|a=X29&G zr?#pxd$zm&c~+CvhTX+9@Ga%|O{nC`Gmv-(^=RMm{B8%Q_fzisI^?_qBn#{Yjw7lD z9#hY5CpxOmLCgTL%%^1#3{|W{_ZyfYTB2S3ggBRD?Q2f5x8g_bBe_E~oJx}LLrElV z+)&pJW{A&y*wtF%zBYAz{jGu;X)pd*Ir)ZJX1S{JL$REf=Q!DRUA7YN!rVht#G^y& z$+ZdZ9a_+j6aXX$MX;`iNmuHqBJC&g6K|}>1h~Z7+i^I&?WNcQ1df7PhzEEm!FH0Q zCskW!2M$&rec{VXJ0elz<;1+vPU|nV?L&KG6~G=R-aJ$~wMzNwF;haFG0m8DD>ggt z*pQ?+F8^b>skRYk6fYQS`9}4rfIBa@*yqo;`4cs1&a}l;^gyQr3F^ci04eH?Gb`#w z@an6$XLI0nFs{A~YttwRr3_gETKy;Saw-q?1PkXKAOw7p;w_1y1(*>UxSs*Sbme4= zChpjF1Pc@Ja}jDQgP;ekEf2^~A6TL@AiA`E^|75Dio3fXT99%Gsml#i`<<~QQyg^b zHCQPW#@lol<`db{NHi+3bN9Me-+}01tj+nzaklS7kB`SyIna`x zYkhHnc=1j+j2+$0CfGWxHg3NZx7y83v&9ew%eSd}z3V(}s!;7x1?-U5+&ov4>2X)PC`HFteN5hnRXaM)e+h0`kl83A#zJDUrjZ?Y$$8MwF&Odk0J6kEF;+Fhw?81-IF0^gYuxBtL=hP?DZ zynf|61zD;h4e82ok@&1{v9h8kiJf?72YX});DA&ORtCTIvjg<>-c^wwLS|l3rZ=bx z^)5~I80K4Uf-b3gNk@>bm4Qh2YKTPzZCPbP1)J*xF2SpXZTU&h^R_CrAPJp=RLU(0 z5{}}qh@eRbixqB%#NyYNp%E=1B|mTsKjV-5Qr{GVeyh|2+ibjahST)yrxiw5s(toY z@i5}MuFzxZ?^P5^ZrTETvrzlXHEUm&+4vRO}P-FZcBWGQv%>A zeTW&6rL-8l;zE#-UXu3k!9XT;)>1tZnbsrh(!3knQnLDa_ssyc3x9(Lg&H@2;s-oi zq}hXqPA=g9cdtA*bD+zYxG?&awZ1-vCZcxdwLrXBG2v9J#?nx@)X60nA5N)j_KpGazt`TiE5$YxE$hlwPPlLN_O!b5|Fe zLXSFIy}NxmZO~jre-dpy=RDHV&FB8IWT4I1H|qzdn!(ASI@R09$F{5Q@zuM%GRzVBL-`@B2ldJad|=&zHGx6mCf3M_sn}7P~71>{I33EwBeK008=(p z>8A!$bk^Ij4`&>1o@qG+pXEU3ejT26v+gY{VXI`G>4C^gKJ$T`p7SlaG6#`;<7raA z_DMucNHXLmM;D?JXg4ihSWkZ*j40haWs@bmr<3?yAI$cJJ>AQuQ?)*FUL)YVjdU8e z;Tytt>4CH%7~nM6jiIxKx~L})u1ahx=uPy@#W@~cn;THdp4Av>Dd2tNkgwM&_xg!e z^6L*L6AM(MBIyPQ-ATd8vU2Os5ZUWx315_Kwr@RYRJy`ArsJa4tv5J5T!?M25_j)8 z)^@W#?9yN(-NF?nJ+C`rWr|Z8e{A4i;kj*}XnEzVpj)!GA@gU)g!5^a{n$Jx0=C~C z^SGK?ZE*R;s+yF5W@(WccTI#E!MX`sPKoFhFjN*C8F)56`9U%E z{&)@x>-ekZ_7HcH9#}rod7IC`Y{>Yk<&kW+fZ{m{W;aANO}Mw3*3g3ypH{oCn912K zsSfNzBgX-cs@aB=nGmbs0VbE5RTp>?L!&>~Nsu$-ccRrLfTll&?7Q!JB6QkeZ0qD} z47WjEf4;s-^K4C_3G1E*NT%m=TKvmr)BqW|D6|YvS=ZXsoV0gzIu@jtFo$T#Nq*5a zFgtcWYhLr})yw<{-EUeqN}JA+x|Lg=)J!_p z8uuLbhWTXK?rwLMO*b~Fm0evC0?rb^g=oqQeFP0IHOGDf^p4+8W_KPN5>ET=mkC?t9@fRug#>Z31T+24l4aX&bndJYNHrH7vfFuqvxJ zAoDcjT5lb>gmeS*RuFd>CJzBzV`<|8yX%!c>Je0ebQcx^U(`0cy13X5Pzo*6@t#kT zk)yoHQy6uuOw`lH+r7n1AK2d6usy#U*s8o>QNJr`zJ?9<5U)C&a(kvi(Bt!tu$emS z3U<`g_r!Jh5<=JE#sJgUt-Lxa}!BGN?e0;}=M3aN6SVZ&&pX(!6;f1s0;LF9XREvW3 zVXj;#%L%j-$|OY0qVTNhV-%uNw#fDK{&LZ1mJWrNohT8GMsUFG6Rb~hbY=Wz-J07C ztK~4xk1hzg=+s@7JU8VWot)dp6#>xV&j7kEtQ(@IuG)tMWqX4~(mJM|(17V*xV+=7 z31Ixuxi$d0E;UHxu3Ni4^w8zE2Q|jj!FN?&x72=SZeMa_8Bcna?RLv6nv|30tcdNq zxZhWx9!nAH%HNRmIa?uFmVS~VK2eWmcr5$+3ia)Gp{MWZ`m5;;kA2TM+igN0omcdT zq^2P?o_l@ji5ZnwfBS|}8SwLfMtdrkAE1^JP)bpMtP$RFb7YHB>-E^00EPEz>*~VU zGW$f-yq3=S7dkwrircBai+3RZAeAzO9H#jb99VpDbAS|t3+&)yuC*1h#fy$Fjn~`; zlpm#P%3SV`xZIY`plOK7AM=D{+)6Hc=TL5WDkOvs(DeHwL;v4pZ~iFc4*v_7_V2Pc ze-v{Eo~A!Ss{a$#`d^3AO z_NlkTQxQ-=niF7w$Dc6c3CJMeU)@N0kNrVCQyeH-aKf=>0$MnhlYOoxLC??$uy2;O zvb8>VNOg|-DklxwuaeOq*WSs9`qfdF;T8j2b$dp6*0cJ-x+Xk?G;%|i{zV?qBg|}E z_BTfv>Zg?DcG9O|W?=+LUA|BRoj_CAg81!kAf~w}1ApHDudBSApKk4rxhI~P=$mId z0O~=zo|Wju_=U@H_oHlylDIWvLwC!fHV$6l=5(xSdzff`reCDd8+`9Orc9v+6lW>U z`{w1s{KjG8ABf^7YI3u9#lkwQ`$8q`^PvGx|4z}O1$=oKifeBDN+XW)g+vQLNmAE06c|*0WdL<)&7;x}>VGm{c{3D*Pf$ipT&eXGl z^+g_UIVx8q%?a=N>O{B}gk%!Hkv4G3IxJIFRxugMrF9lC6L5Wh_<-_2l9duih`=Rb z*u&oqqKUz0VAq@Lnj4h-gg3kE<ZwS5k_6NXqHc;&`;kPj?|Hn!q zbg5XfEZHGe9-o+793AfdAr#$0LDA0kgXI`_o;qX!U*olavjJcFFa2m*}}%)K~u_)%Q}s3nU!9N()V*Z z#14*sNO#D=(O&XVaQKIDqbd~vNJCSti2VQz$0ZuRKd%-@_R?S`aX|0_=)TxCo`pM* zCA{wIpn`sW&TC~`43ze257fcw#A|q=;LHB^uGc0>4fPzc&+;*@H;1P6nMOliv2A|4 zqnUC}hPqO=3Fk^RRSf77;ovB3<4F&7&YKzZ?|t$fZrBOnvfmu~8hv}H2YpWr>-@T+ zyTVgCe0TFVuZ#)+5>I>bK_ea@nRo%LpZD-TsSD>YAb>NWCVWB<06WlY9Gmgsa*!K& zzjRV)_{bmHLI8;&ptBNj8ju_11N6YI|D?b^fOi6g?GH(Sz{w>z;R7J*LGj}!#R)41 z`N1!5izPtKsuq~N|L~_vzMubx-!Rb_bYSvJmnA&uWI~T5Dt%P^OT49{??A1l*d5yb@1AdB!X6jZg*(ipW%-ANgADX>3=WnW} z{)-{#J{X$aLGQePknZ~|!>Rl$y72yr$A)9Idf7a(nCnssGFFWJF2!@YcTJKMo#xx* z`Cs=_kO9_LQZNnRFqL!~cCIOLd#yWIxwf^XCeS+p3qe=Ktj<5hUa9)gd4t-9>5$a} zOC?X4{)fRY{=)>C!TXSxBw<3!XHR(jA9rT-C6ew*q?Ho&83L`IswC1FnWsW@}V zN99URx|$Nk^T49}=cSbNAEy3ZBRLPo1jfveIEB)3q4s#EitxAH#y|9on}Hg03e}qD zE;S8UasI@G@;qr`kywP$ivma$wltkhc}lZB-*?J2PqT~L@F-pun)ue$EP7kOC02GW zYqyBoPc|gr@INlBy#F{c=0!0`SLlmuUR-&>GOY&VjDKXGE^9A~2j-AR+HCY-P;u6BMEdf$g!E%8`-b{tr%1~=CtIF#=B78Ond#IA zj6aU&2Gnf6DbI_wdgL23G2s;P<>_Uydz?IXst(MlFEQQZ1@iX)@R0p!o+kjf=rUjU z2^Scp9)YP=rLwG=IAHQFE`vfLx$Ws3hS%mU1!H%cO{&9x^Fk;LBi&|goi8g4buF^4 zgW-8|n;9w(ZDu}Y)E1PwT{ZBnYkupHHPUh0^R7hKB0mKbXkGvFMxgP}`$(Wtl&W@~ ze{&bgC6;uW#bP<62Hf>~mY-CtMs$9As7` zfE!&}9r#I+I08TzXmPYBv7kse?wJ!%9CW3c7Omg|+NTjjAOh=1cWDrB0En068hDo$ z>C{h(+;lX8bZG{TM^O;YivvLv{VtdiK4O3yI-&PK60v;$%`Op-NIL54!E&I@t2NrQ zsQsgQt3TLGcRSZb*vrXSG-`m;F8En5S!5HMfyd8D9dZGdb!3>kYAvy|( z24$|#%`-6&@duL?K7$6jjR*^U5$6f1wLq2QsFVOIx&DSznzR@BPqPM}4;}*Xctc~_ zD2d^C-3}=Qz6aez!O; zXTm)4u^oc}N}(s50Pd2e8mG}+!Au03;?+xlwao0FqBkNql{eudKdjJjYPO)2@b1Zb z)wBWub1P@9cJ+l4M9tqAu=}GY3^1#y+E#IlZZ$eJZxIYVKj*BuMy&_f%ZVz}V1qSN>>J4imkWh-Mlvv}@a?zwqu6zc1_&jG799QWSd zvT3va-X=s+n^flw9(^v=$k0`ZQKPlQkE7~d=Udi>apy;M^h3P7E-10+oa*Q4mO6HF z9blbn6gqdjAdR9T1ceC#W&pe#iPziB%qAtmK7@u)Faypt5AMVK$yuHv^-T@L7_^mh zjl^)XJ3(Tk`l`9;-A2;~FTKVudFRk8ExB|-d5Pd9aes~b4eDp6e7LdBCkx_CU_WvU zeZl*Ob~dPP9-;cwE&QFzWpECEgpgLoCvv(v6X^l*Q4uj3b_?%ADC0S4#&ExpKaLAh z5V#sp^6+5~eAP;;V%1g`V;+O>aMsF|N3jJN{H^`s+n|Lex!^>YcxW)Ls<#BuxIGS| z&G+v_aUZYSHw@PXmfd&cvetvJeW}-_iC`;#F~CXlG;v~pB#P6E27=410e(AaDGRzZ z6{4z^@BWO~XEc7$Anko4TjdEpOZKby?2v>Gznkh(+UB=Y&H4^BGk@9!a~g?1j#U>l zh04~tp|nO9^1%5St#RU1)8SHQb1oRo=ye_;!!?|TB2T!d$`%HUYlgSJOpc!7o%yCI zJu}T4$+KXm0;$L;`R~7-{eNJ`C2A8K$p}@Nvfx4Fd4;&a`#qIIaJ1z40QTA5Y{A-4 zJDan%FN`&d^G*0gz9q^(Fo`fbPf-CBdH=BW+6VV9?t(SW0E+W>afc_FIXU!w9U3(1 z+$1%CLrc1r?=i8R%Q#RxKW9`7>St7GscUXYar^AK@*c+0&slK~IJ^E=rPu%L|9)2! z|2=j1r+2C~BUI+Su>*L7x$?a-2pcwGC$5Eo8h0;F(6mP+R=&r7MfbFomHvf%M$L}$ ziWAOFAlkAR{ff33K(tLT{}a^(aOj`}4zIW&5D?Zg{DH7eJqaSYClOr$3-5hHRUn{; zfu&Cr>^cDF7XVr-HwA=s;p|^wT>;qlxBv--Kl}}gk3jyS0aOMLfUq7@1cY@%AguQS ziF)MoUlIM*7!c8ge?@e&EuavV1hlf$V87zJ8xYr7tl;<$8tCjcAff{jB`4=fk;I9> z)2#o0yv9#<(&Q=_e2IL%S0#(@ZsU}95;s`cB8JV>F>SrEMqUAlkG>5bLg%x&6g z;q`N3loZc>lCX~id9UF;Lj%#9i;Qnnwc&Y0xFL>Qgn0iD^*yZ)iKk3fO z%4fZCKGb%QA`t#}CU%g9uz@Qpiml!38}U(twks<0MpOt_6u4nU2tH|rQmQ`=G!z{j zZ-3EVNfdsq_1WsSsl^Q34HVCNg{ZeQPutDQW#A7{2r}mu$2xC(T{Ep3Dg74aX1Gt7 z^hoLFC5~P@?!M`G;VZ=o6|g-1xLO{-|F}-@(x-#R4LQOj4&W?vZi|cul2EJEJGf*2 z3uVKTlPYFSDLQr8-y$;Gb3tmtji^w{#k~&`t$Kth;$tw>NjNpfKh?IOaa4iM9So+s zu1YXR-Q7hkN}~ED9IisvB61x?R${?=;lCZ-cgh>y^lh)Nrs;>~(FtM60h z$!=+zDt7vqGjA-dJKnM=G3PVi)rQ=P@v9ECN?WWQ3W557X#G70x=t=P;Avu|4Ny({LjPs|MG@X$}pn>94?m@fx{*5 zufrwV&H-^GAKq~n32dMLq6=OkL!+arxw1Lr<(G z6@|2a^X%P{dZG*`g861#PU1uWrSx}WNFtdckjw^HVNGfPI8b&Y00*iK;6RTw(4}xE z#F0cc5CJ-)05O;4eSq3%5k4C{{*$7bZEGFuf)DK28@$|^|NJETOW!c%4dK>I{Ymej z;9fN&t+sHJ>U0&6y4TJzmEXVL*2to8`<);9H{L0Kj{jR(`kw;W@8@BvzjA$}A?M4J ze}NNUG32cKSr2~A{ACmgb#u&ybf+D;L`z6Z-F3Y^H$W{lJ#-zwN8*t1joqIb?$s^AbkzFWI zWbNiPG||+mOv2nJ+d#Osp+0QV;C18cv+Uc^WiJa}aUH=iQC&YNIQ`S6x~7m9S{}go zN{J3TSa!^9-krP65jp<6lZ3A~%Dz;x1%0{|JJMA0{!_;q@?XrR7hZZxSk*$PFTO>y zIY434{5qBTvs?8Cc^^mCm3_3C0G3I*>D&Mnr=Wx29Zo zb3ZTCcMdLjLRyAl+gmrmbnEcNeu*bGOspoW+FU)AiNmy?unpNs|7v}%Jvu%`4CZ@L zMN$b0UbI2h;&}>Ni{>`1twA$_TuvW90`!;?;Wy{7IhEu-=F1Xy^T3xZiedcZG<%|L zg}+UA|9iLOx$pWI7B81PSKlLbghbQcbn=QO72>MoXb)pRq?_P;+DrTM+wgxeB>(fw z{ol6@AQebL$DF~yhE`L*g}?;^I?6n^eTIlyEy|T(>)=`2dspPAPa&>fwbDvzs+NdW z5mlX<_`{Y{OgcAS7R*Uv1%#pp`fT=-ST=ZhMr+=b<|oXY%onYTD}0go#A%XuTTrl> z;?5HDZE7l%Do5@n?VDazd2d zF(iFFOZy398i9dj(;VfI;rrIBbWUQZrl-i7v3jmP-z$wWsnz#d)15d8m!}QXOmn=E zA$&T|+63{=p=j z6JPV=07PdSR5yy+-R)R8`yJ`_u_4grh3!Ujm?3xJx6dg>ZUPw;vyHWNEumQG6@B!} zM=3fNO4ZJ)a{T~dhQd|VaMqJh;Cw+ZPlRbGMOjI;=ztx<7N*Qbj4=o0{7Fo$JvD+u z)IG3vhu!)B&(5}raw-fmG^ra1A^_#UT^d=<5GN1OzI_ZzUkgHD2}97;AAzaCgU59{ zw$r`n$q<#JtAH!R^;2p8=!l*dr|D4_8E#=iXIb>}iZ-)zsYihou;04GWnvfRFQllC zUl@!qeUg(pe9FJ9xWFn`|0QFU=%dCvb!Ugf+8KkQKkeLP{uhCj^5?%R75+s~{XMw; zKk{CYigX3Wr49i31>sz7;n|}U8_^{YKU2g59eu+lEqU-n9M+KcRQKM+F?y}W%k+K_ z4aPA1KHU!%)tw8woCZ1k%VC-=HJuKK~nsG2bTONld%aIXv3atJ0j z`7RQd=4^;<5Sw=1vy&@TIBoz%pW3C6usUzk-O2EAx(~b>CamAn(;f3IE8P7$#iOV} zK#N4XjHF6TUQ&}b8u5{42ix(Dk))x_hWYNyU25G*NkU}8+j2|guA;k+Df-aIEk;sK zv%lq0f-1%V9~X^?;7cTj)L!NJ-ZIGhibS>+XVg~R0_XU0%E>4O^+Vzv!aCDf(IRbB z&W2kQB5AeksB<>d@$rW8TDvqCp!Qc0Lb`!NXiq$j!z@Nhs$RydzZ#M_g6$cc?nad@ zf3jLmh7^oHc7Zg!ey3Ug4Io3bzzGrfd(BIL><%*tj0RU!0#}R!EZQxHDg}2v%Onai zI2CV~Ce)7elos5R(c}d5JDSmpQGCoEKy&&`%I?BZpLGqs%gD_KiY~k3%**lu5=K>C z_l`Fs?aUBkZ9`}Q%d>ASZ`^lU=y1o~Cp6?}8+1`viwcHE1;ZBuyW*2@=l*Hby#6ze zWV*q(jp=Woc4w~HXuftb`%J-@LB5q6q9JquJx!7gXi*EygDK(-quLutH$m1TPNP23 zVyoZRJ?akO(``nx!Tqeqrm*gje)So}kEYm;d0-Vm<5X!e+z2M3ja?I$UKf(}q5qvp z|DE8m$4^nU*xm>aR-QpP)YYCzw|(HE%Bd9#tPpU6ez_#h$rh#MRwFb+1WDn8wZB}i z(UMJ;F6OqUV~wPv0#MMjDtgJfSKihK20tU z-KeyvlJ6&+qdB!a7UAmR7GfkF6Ne8O@9x{ra$Fz~5BE49%qVb)3i$ zLop0dZA=qa5WtBK$2JvdM;R!qxeBtTbH)racYJvnb?hDP`_0rzl?7BPZ^mO}I<^l{ z+_9V}XCCeCy(*IJcJ@K6=&R~xmUc5^eYFS*yWBSCVUi905L1`M5T{CWCSgf~ZlNNx z2*J31_`I+n&~vU&weF?uI%d%6p{(xi0Ke&l*!a8P5uzRj6t@L~Kyme$)l^6k7*Hju zS2iyyY)LBEcn=L%b*)O0MXd_iW2vgQ@3uU>Zbfa+i~UdfVKl!>r2N~qv{wr?(>4MoX)(}_%TyEdM068V(Ix0mLrc+t7=vgqRC;qX`4{lc?91Q2X-1zMQ^ z{otBS-B$WwcAO3j3$y@GB};w@K9)6xa^0sU3Fx|8=`Z^|tCViC>zVKx*;}#`ADfu?@9teZ7CqV#!C zTYJIoiK>);Rf~{ zf<8`^+bnk9ibsd)!`wyHM#-o*Ri%Txa*Y6zcF*YM(P%7@yBAs4Qa_^?PbEnrPL8I0pR2l~6cyTYTY<8x< zq$28Gy=4AleM67(d)cFPemaiMwGoA)GYll2XZ4x2n~-^o{DQ@ zbF)s0t&nU{U`MjeJr5ixw4}vfnU>0jO*Jo%+t2K8;kM2>PZ2L*r+cgDY@> zKuD#pnb**4#0&Duj6*$~tH#PsMv6b%S7xkUcIS0@qBwTBzp5#_cYETolo1NMZ7nkduyaY-Mgv2sZl+i#4W_$Fnnpz?1w>~i?-n%EiQ#g~=B z+gRq;Cr@OKZ(VaYe_p%sP&als*LAXxfaZxi#gk*qvU3W$v31?Le2 zLrm^XLvfz9ffwbQ4MYo?>zam(Vrjo`BZDu;-*RGDJ;x;*@^a-BU7x=a0X5gQmz&<_wm2oDmQ;17QvRyzb3&*fY%`V$QDb^ z2(O^L>GCokhKLr!3cbgKr&#$6{%X{q2I`9CyCkeoAxLt5Oz34Gkbf=M}yh*`C;U?yn&(Y4-X&l+mD)?>n5ez`kVwstD7p`sxy{iS@d2yo^444 zL~Lr?iVFOZ?M=Q}zo5MqiYLOgc#&Co_|}B-mPLm6bb!M(!s}X@8b4W;+d|&(`RGM2 zR6C!C2}lqWjN&^7*&pCzbn~_TTAQn%JMAB3IxgYyqV7m4{rwrmy^YiP7FuRJ8Q0US z*i5osiS~cN7h%DVotCk*?b+vtYiU1KsM@-q<67M@pRz7}U8p_W3T49XY&(jm&-)-YJ#*d5Gh~9;LRT?DAWv>zEg6Tpli6qmp%$nD#2`uinBl`pz;@yzRDk{y`AR) zi1bOrG*$jkfJzvzs!`-$(Rn!H{#>^L$}>?gPS|W3^CFvm zEX#3fC_3?D@_X_MS1`iqX?nVZa`dMx$(Ze_^Q~Xi?-Gmf+Jq;#dvD3DI0izx!SAIdilL&v_|lQW?Z2oAc3^{6o2757U-xfKQQTaE*wL>H*G4;d&(7J%Or-vVee z4bDlDE+IylKQO>Pet^G+@GE|pf9uV%EN5pQGrQ2E2!R-VL4F5)ietstUHDm80FfI{ zV+Er3r^QG|sT!0h%g4DCx)c1;PqU;wVwG)vZMSxjXLIs@;fVg}*hlrd#KN!7DnbCh zxW>#LhP|wmSkx1IralUYxwteNO{j#DDR3ixFE^IAOh0LzMR?Az@V^$)eU^Oqjcxyu zLU%)a3Dd!EYMC1uP44Ua)$<~GHomI7SI~3nE>TBqSJu7VHnK7{eX79^4!48VNY}|3 zC)YPPtn1R>6Lp95t0qeyk9}(zzu+ux7T=foCP&YWYwa+=;v%QBV8~o>r~ytOxN@oN z{s}WDK#+Z*(bY5=dXmbKB{@atn??qYLT%eDrcYKU=lHnOp@aKuY@2vE?_;@iKIp|> zaT^^qEO@?-VE(^?jy7e_-H>6zrQ&^u}^$VbF3}%&?J;-9i)65{wE(G_a_P+yj zK@jniDuA5eH2>@U`Th%2>O$$=UbnwXX?iEDFv^}WMH@tF`BqpI27g(Qtj9lK+EACN zYQRaTUxjkP9s3GY{ah@PQQwAbGwU_Mgej#vkyQL1B5!W?AJfND5NWy>KYq(D0bF1* z*vbpuxgR0BB)K4Tj(Cx%RLe1G$TmCUXeLLaHY>hG46ppfD_wW4)XS(FQOOaL*@0T@ zT8u(4N~$Wn^Y81bQ|4_ex*4gL0Z|jwX{s@>iMuV?vXbgpdG@U@<;N0O*S^>bJipO>&fn6L0&9WV0?o^q4S?2&hS=8pFLe9vr`{u)REkl8UG zmm=xo!aJB0wm*17EKDa!wiR*yWgfNS5Ut~5hmFx&dz^dEK4^NFvq@Gl&OB8={0`vm z_YhbPoDI-bamhWSugal9neM7);jcdz(m18H3!XGHULla+=NR zn(9-I94+9=it`P9?bgS=zyuB~({w=-j*#6Nkxhtjn6}55E1TW6r@6&!3DlrmL*t#ML>0EJ%bhWM#Zvj-W*@R1$RT7jjlWyBvCJqhA z35B|eiVB{)OM)(6li4pfCR1F_w`Xgc`eh|Yh$EgWJQ;3d9BsK;?4ASw8l2thj-n8k zw475YQf%z3U)svlo2L#^Dc&3Yftp6a`Z|%7+nH#9fY_|T+)}vK7qcuHj$+skynVNV z{uKfcqO#x~5|=0{+*NG?HY|!C2tpt^3+OHF0FpA{$IswVFtr?bU(pP5g^Dn=_>-bM zo$QA?S;Ki84>l(WSCJDGum%R?@RG~x{&T&yaEpHdho3*Laz8$2VwWlyGZ<>jm$&QH5Ir!r^v zCB;bokolEihwYWqPX*?lio>+YFZXwN{lzVD^9v8Z^VS~O7v0{I!7GSs(RvhyZ-_q?wsIo0LLulHS z+uoze?uU1kWeuJ}y-!!&{Afhi(<0OLq>ho33G%h~e)ZWN@hNrH;2|Wg*)c$)9$8sW zyx*gKv2P|A=#vRZm{*dE$R2R~4#DFGe0R)Osqn@TKzG9%#c7;Z&;X3qx{Upy)^XZ+ zj&L6pThN`h?BNBQvWXf~o2o%ip@{4o_8FGb5+AyJH9wW}8IrR}rl`ac3?D1$X5;w5 zJh)3aDQc}PY}i`=Li*uTTgjdr7X6iik1zG8^}HzAGITvs4|srjN)Os-+M=76Io#r; zAFmYYfv_0f+IPd2!34N0ZOLI+DRUd5aO<1-TGWrq1x~)esQWD4_a!$GXEdD5i6$66 zI%0B*CRAoPz1zlnmYb$#EQjmZ4ZAYkC-emig+d7zq6hR_3!G0=(1PrN_4pQO3sSF+ zzN;UVz#e2#-JgBu_MErCugu?k%BAWElc6t(J-_|@t$B(X}U6ZU~9^duBpJy~=c`Ckdt z?}^mkc;~%_(FhG@o`h-pEz<#br3W~G#DP^x&)`|M4ysJn%A0G~o;A8se7?$n<+@3Y z;(|Ee3F}n%G6Re;`#qE&~oAfm{%5pMt{veivR204w@(B zKeYePLeOp8z)QP{y}|P67yj0J78ke9_6-jFaq!XHvRgL~pG>aKet2d34*5G1*OpYM zbN^?EdFuQ=?xHK`SR?d%w}DrJpxrzRJSPcffXTzQ=_0k6XfiZTn)#pYyY>q%{!#ew z#=13c&TV|e8&`VyORTPR%Jg3?2WC9tJ$K@2=#p7Z99<%n{M=29kL9;a+x{qC)NJ;L z_J?`X`Sw5BZGBexXn3Ko{mr#+bGGPu$-1#jOIRls{qrsB)?E`%d`?l(@twb*hVk)Q z_DB9LZ)y@B9pSuUIyWhwA!-I8$I53?Vhna}^ldS>bF zgKH|*$Ip2s^=$d}^jq&^ohC}nnX`MbTJuoHqH7o3T|>D=zgZm-s2Ir(0An* z))jHE{cEHJB-TbTwIY~l+R_y_Gk%p`Tf5Rram%L8=d+wRIc2gUZ!@brV5*Q@&+;R5 zL3W(kN0Iq*HPz{=Q{VpK&3$-R?_t@=C7D7Kjy`q%o}cfvX1eTSM;Y1VBH*ewV2{YT zFh9Q>bV-`Gjj*=L#9eLfZW5`fpj*=9wweN4MfHb0O5(6kl%JaZ`4`-c!bMixc{Ktn*FWu zO7g}J^Cmu=Yx&1}WyO5Ii@IBNgWa#2$m%`19e6o^ycq+JQvh!1nDxHHL^kN^`HmV#{dSYp)!nwik^ahu%a-Op-FV65 z?B&xsvwEfrdMl)c^l6;wxgF|0uj2H#RX=Wi^nZ}v`SpIAnN)cDeAgd&Hs0&bmYUuP zFFe2Ec&*g&r6;A`k}6oIY+AD^?`KbDYr+}3C)f6;+qcYm*1zCI@yqFD1r=G|J9Shy zUU~l}Z_&RCN#DEj)-LZW_nzcAGxmn%lTVB?W{ZD|)t#HQtQ&ZS%6$IVWmA{mIJ_WN$1Jjb4Iuhl~?EH>CEzjs58E6}`9WvFGJ?dqN-X zRX!?KeEVo|HQ&V2+Qk*~4!aBK?ws1RW~E|jdH6J)so`2N=J&+zv(!mMF#rc&4w&w) z7py;i_TYbp&b4dzlx>VDR{wBVNbmgDbV;p6h;NmOecDex+y zd!L71QM#J<%lG)qN}i&Ry}QfwuBdvjl^@LSuonWJ<0D!D+}?Q9W6QK_dt?g}f}Xp1 zKH56(cHp+pkJ+r-CtmZo85{BbFpq%v#CWIchD(2#AFk5xG(9h#Ijzob?IZt9-9P`F hls@-cO5(v!$u7MkDm7g@UlnC9N8G^$J4pEdO#p?7mPh~q literal 67165 zcmce-1yo!?mo4156B-(KZy>n4yGvt1f(HnM#wEDBH7>z5xVyU~xI=I!0Rn_1z~h_u zzc+j{|GYKxX02CUtGidD9I_x0pQ>O0J!HD;AssY4M2eZ zNBPG)!gE1HM*K%XMMg$KMngqMM?*zJL&toDiH?Ddfrf?!#KL}sg9F4t$Hc|M#ld_2 zj`NR`!2P2o0wU^jLmUh=jOSnfi{+^o07Ql7h3`OsqXEDJ;ShjuPlEvRf4GVO_m2Yj z{|X8cGAbehJla1FTi^fyNY9QVV4%aHAY&jQp~1l;AR+;fQGmFpcp&Npd;&ru8cqRy zkF+LQE`CW}y_D4EIZbXUEi-813>uxeb5R|bhxeVEdtiQHX#+ijbZ8%=Tu^W_pSFdI zYeDh+_H!qs&wax``|!UUc>Y8{f=5I~`G*Ihz~^y9K!8U;MnFVC`xldE7l4S=oJhFH zG?I8AO*3d6S70K(R{jqHI&L0w=NS}QsrrV#{_V@BRRAW!^SOZtK!7;lv3wSmr}dw# zDPMp_hLWFHOm2&^j(ER)TODTtWxFIXfeU63RV)?SrAk8a$Yqrx-IFz}>q7dGvGTwE zEc-LfP$e+BkgL4fa2clsiImI^jug>5y1Q!&KHY8FkB@ z*0LSBntz)Rr`qq8C+2%crlg~7ntC>@2+`pv$xzc+x11-J2;m&~o3JBBpp3Hjy2)HN zS8*X?SW>od`nY00w#ThkP|=_jWyp+h z1i0OR5WUMpUCYTzfwfnmBk7zOL2M3|g?Q?S4C3r(Xy{;4 z!RH27dFfxuzEc^_wZook%aKJ}=KH{4`G#S|M!itOZw3c}4Lu--Uv+L?0f{*ZKqS!( zLCQ>_tp61qo?E|jLA>UuEBXiK@Ya1kRAyh*Ye-ABdjP($!b)g}Geiax@ft36ZxP@* zH&j(#j_ zfOEy8IN=B3@(|L;2d9(kPQOP0T{M_dL4i~qNEl0|E3xW|7D6PI{Oukb>7Gx}2H*(oDhBBHJ= zSBeY)b%3BF0XX0l4Ed_%oiXp2A2IZ5@eGpUIKms*LNYek<2NJ4cCN=HmqODd$*c2b zPq_(kRzs$AGonlqfEU@X=X;5lM6ueErNA`d0L$`JPFcz1wk|KKGC5>JEAr@PIWjX4 z9cF5#0hlpGPf?*R%}PhUY2L7LdOfT)rz)_Wo$$8sF?Fv+>3jnXH$D#NN|RX%00$~g z1CG()-$eidLTi7$B4VL+Qe-7$E59gSaN~$d10}8r8%V*M=VwLjBoGx-1A?>wr4tNO z9T+A0>Gk6neC~ZtL)Xjp8HB9+5x))Anl?(>MN%X#AUYE_MF0sL0W=8!MoFOdU!SxO zf5NU}ES#v}^&?k&nprE|KQAh-ne2^{x65m4vpItqX{^_gR5FPqBwVlT)+F<%->#cF zD|csQw&*%FCZ<4UMQ7dRDqa_A+PVGagdj>nC1k~%a6o`-A{KY+sZJjrB5w86V9Tf| znR$6zbP|A_sKq?oVNDYl|H^ft;b4NxbAxxSRb`AhDHH)HMa09Yf-p}-MFWpuYB;ja zrI!DVZhv{0g>FBZH@jd8crVXLjX0#xCB0|{0K0h&2TQYK3&aF0j}52*-7OKbI#|aT zu#+V4Kz(g`C}dwHP%Qvd$ol~iaU1f6BP&K+yIEWgKMSz3+imBFYF?2P9-7bc5+t%( zB&v*NSkP@tCDz42V2m7s0VF3997mYHlG@04!)R9c329a}LXG!FIj4izs3q;Jqy&AZ z$E5{117yUfQQtCQwc$oacHGz<{vGjX`oNYg+JK&QoSx+?Ffub8v)xd-cx?;Ngm~>; zX*(UE)9r(XRSMwg#Ep?eYp~NJGZWGITlUa#EMsYThP@@mjwxCM6DlN)lv)e?)2$?S zkN|8Q5*Q`}Z#yl%n$c|WIrUje zIhrh_5#%sEyc880o{+%9Rbz##Y(aQ#a7|g1pWSU8adbA$%RT{;n9PoF;m5(aflalA zZAU2Wh!i(j$&O5{D2`G!;OiN)9Yy0CCCVGqMF!Cyqp06=;DP+0^3&vauFLKzCkI#? zGw8`T4sARKw3sg0UF17f96)tCY4@xUiIVw_fRZ_=67^^Hfkir}8~%gl?4o>2G;qE~ zns<~MIj*E4;=D1}YeZ9vCLNuCJR(#E95CF+%&+y+2A!7|#(sTOQ^yGLmrV-rz=lMcS$ghHm>GzOd|?@HEJ)Ux?H4Z`nk-iflGG)wPZR~5se&=>-@t)N z`GYE2+52#-LV9A;m#-2(3yV}6PppOt9kBgFzT)G{ z?<1C1?GuYMRpnlt-!US;gS=i|K26$n_|U`>QL46Jhi*8Sg+J}wu2OODGXoE&xR+kK zQHG{M&aSkNVG;d496G(K+VLgAF1C-{vGa%-oT%riNC0j#p0FTZF+v9uTcpXX)YQo8 zAnpUNm_+!jz0SJuU;88~SeeSXN|P&CM$YgUaHA$vB+eyeOAPXBP9_b3lhdPoqFZ0j z7lT3n_f?wl^{p3s#9H-wTea{QYAY$jig#Z&{WdFlBAKwifIK?UXR-qH^r3g_ykh5Y z9CNDj8f~-1CaeOd=M<2;Iyd)N5ku(Gsz~K`^OJKD^eSe^&Rksg%)Y4)q29Z>p;B_+ z!tw4~w(6O@ivLqHmMoV?!sgGIuaej&)P9Vs9I|%EnVWEqUB!;KX}WJ@Run*0^$t`e z5E2R-_c`TNp8>d3yHcQGiR$Q&Fd#758;U!1F;KpwrWnZ$--SDx4cUC93TunAX5JYu9FvejAPbCx(p`oM? z<(aveeW$xfw>EtB+DtEig*OA-nVdEzYIFqiR-n^RC14>_V}wVgDGQ9P@Oc8LdDhn& z@}?%ZI2x7J1(*kyd)Nar6*-+N?>P6&^KyDoYvzdAA|fTmKoXc%fZ*=tx7*)w6L1I? zcbiM?RvIkv?YZuew2%+=kHHW;eM}5Mn-hHNE1n?(sq_P;NrW?-;7b?Oa#Y>aI)z0@ zmNnZzi2y!6t=p1QmxN_Vph)Iyz#P0_gw=UW00y!cX6PcG-4Y3l%#XvqY(C zHQgsbH9(mP0I>`q2ww%gz>Y{u-whlo;Su)r8ZR>9$lgou&NyEnbLL7u!0A|eNS@D& zCK7Z^6(Ep^n^4Rp1<4L+{lZTc#RVZii6t z*a;SbrtJ`Y@#`X|wMEDV+pNxvB9G?^vZbP|r2)cl`B7yO8KM@4BM=NKx$lQtGO;Fm zYc79XdwZ$!fTC3rCo9EP$un=cebQN^p$UXeYphS@xlm=6CtxCT_O_?`DrdUAy>(3gK30um=yC)kms}=`HerOzx`|qx-a}SO6Y(+Ihu_t zWqeFpZJEMVPV6da@+KJP5D2c&j{KOz0}lg;5!LXodHM0_N-c%M6fOau1ha|_e&&oY z#pq0D+GoG1+>1b06I24Zu4@IH8s?-7fh=#*-WxSE%bZG&N%l>su`QE=r-`h1Se!Ka zdpPzv!#&1;(m-y|I2@u3e5{rEA9jlB^Mxw1bNt*E$0>;MSi85=`*j@<4s|vds!BIx zdlxuD4_Ya1K8xK>uwH0@W_+~7j+Rxalvz^I#TBGM;fRve$3_ba zr2^#v;9@2P`-TDvkCe?9{W)35V9G7iaC9-_q8*3*E3~X_mJ1wNux}E$Ot)tUl(sUw zBfU`G_dQu*jTBr7JfBzegl*(yD+x{T%It5 z0#_u3ZH8^OyMhdJ0nL6p@K)Bi&YppGc9=#9ZrnxzsdApVr|oVfwBYX{O44)Le?xOU(A+#L$vGiL`6MIi``aX z0SZkRr;3vVdIk(<(;3K>Jq%B%;+qo;%?Wj4bbG^5qnV~8-iGLYV0Jo$K8RRC`yoyL z2|yzWM#H-=kBp;(|1Or_{ZAye6Q_P`id%C>A%jD8tt3bryMQL>P)7a_qBii=3CZ0e z!G*SWM4QY312?6j6@*(>Th*vfNvpy9f79SWDMcZFTCtU0n09<3izN>hA}Z^fGNC5` za6SJCaPhgzzPZMzYW~A67v&w79pwXyd6g)Vn^6NVMDSYgx5q;KES_lzQw{J(d?Tos z1&a3HBoJDaF0-Gg|A;sE(Lxt=i**l+#iVcjt^dmHJ}>``$eogJ(NF8**d`TC%sV497F<5!t$t)(j%kaMb#<|wT}ufU%URCk zt$}J+iZeLsPWKU-9AUe0IkH$PwDSNSQml6wardxV)-dO~=%M=Kq$%2UrSTGrx@cML zBO4Z2sftWs9*&qsV4D{l$0DU>v+{NIj#ud_n{hP z`!C+ILpV$k<+40vMGhs{enBW$&MQ0PS3$uewO4xN9pZHNEWT(B;Q2@a1HIWW>sFB3 zuTq3Ott@{g6aYG%lXeoh>{+{pv!mD!_OG|F_joJ%9xS-FFmIr9K>IcKkw}Ureh!ab zHUN!JWf+L9l?PZb9#&~5>gdLuzLS&d)?aJja?i~By=3Threp6GN&TUN1*Uc3GeGPD z8!ti6F1_a&R7;PW4a?j-l^VI_&382NAU#qjRTO^rEz!zgzObc0ZYN63OA#Ry8*6T} z^>3zxmKXiWm9)ZXhiZFyNwrL2fOv#bY3~S`QrTX6FNr7)?7wbfd^b#M$>Bv5 z>@&5_K|Yh)&0Ikjg;9bHS(TA~mneAxb|819h$~hY`uo=(<}9rzpV-BYL}a3}{r>P| zn8~*@HW>xweN?=*&4&abmi-idj)J5h4ScMY6ZFTxSs1$3zpW(akXB-v znR)5G`aST=12_963Vxk#xbow!&0p9HvdPGkE;uP_pny(&Ho=>6r_?^J*L|H)iVZegluxAmepED zzG>B*nBx=n)8-PxN0bRyhfI}~!IK1}sbcR3PsLQD#c3@SVKx3XF+PbNl2GY(K9SEG zOeqgZoX%ozl!ymJkqtX^h9gNE2a)$FVXNCsuv4;2kEnN#&RQl(MiX-b1yNzdbe`rV z`{Q=akava2Md(pzm`uW|!xx583_2cfaXc~|*Wm1vocBADb#Z;0GM&QI6xY0@WQs0P zk}z;t%|#UAOv!qg`8V@rE8l7qr12osFG->(fEQ+&K1U6L=2fKvqnsn&(c@6$!(msk z;KEs3_-LSOgf>-`@$~}W#?6PKkbd`MX3D(!0{{zb%8_ybcRMoqNU0?!)mLt{xT(ZZd579R7n$&AhUV=^tku3VQMqLP^6xTqZX$UI&n0L$gp{t3Vgi3BEX z*A62~R*mpIS~VJl{5gmth>mAkV#43gi%1z5LMQEn-3G*E$*Q`4bzKVVj6StU@yBZN zAqfnxm+~|GsJnNaEoQ45-Ha(oc?v%W>Ze?O`?$J!PCCBaL#^zz%8fe4!F9@quZ;jw zs8=H9)fQ9%n3IJwMVUY2T)kaJdMJJDw|d_A4;z|g`gg&N8B@bF_lQd@e>{tI%0Fv^u#p7EkpWB6>0)(N z!9&8K@w(ZNdp_Y?Tj+1?-7hwGX@d^q6H}2Go)onFE z3^o1_$NEk5FtW5ZJe*o0MI!YBA;!2YwY_oqo!j$NG+HMPLQMdQ+A=r7^J52y-`P&4 zxwU)7Dt}HPw|KI!`$>n9raE^c{bCPhHs6%o=PR4=NxO%BXD%$%$}H8OQf5?P2uKTo zm>P%1mLb!UJ-vupi39-9HGT0X>>mbJn7TIi_g?d`R7VAee_!u38lqzS;#m<;09DbP$D|xY6uI$;9QGwKh}m6Wy;R$_SSZE!Q;mDb^elC%JDH2>VHok7 zg4o$+T&(?uyA^M)n~d!tr}s8Smty|y$Ycv5rOK9xz9uT8*{_R%a^vD4LI424aLJRJ z_!{;X4$Zw73ERy>&=cTedgVq@yyINgG}Gffr(TC5#YW!CJ}uZx@I77Z;qMpP1_)?P z6hSJ5uBr9Ald>u%U77e)kYEA}Ou}SGe0|pbN7f4$9Ii^{izV}KZ)m6sR1+3( z5GQ)P0z|gN%TT_Uz8sGJHP4oa35{8~u!;04PMD|1#A&Rh`~?5C@)MxNJBm`n*D%() zV}0k-_hfvZ#>Dg0k{=hrZ{~h-+LsyMrnzu)H_BZ%%E-tqZ=G_jpYWfZuupk=``8Ye zi!a@Od)d)|Q7b}F2XDEFak@B$bb+rs`ArQd?m^_6@fh;Ln>N^`raKe!cf;qT?=7U@kdf#&Xj?7E%XCV3B z$vg9N!(Q)-<{&RW>*LFt(I%ct`@u+N`mfybuSxGM z2P4Mb{VPr0Phn2kZBfRDs>O8#1tIL0oN%l|*WuX+U-Ze=1{UG#s(ieU>udeQTMjZT zF(?ZahSpwZ3Q7BZA(1|V@QgcOP)}-p^&U5aI{{YPHnV08(`#>V2psrL)5Wf!&Qd@n zb&5k(Pk*l9b8uy;oRw(qI&olkD_N7HXd}7D1B(n^TOntK-j63e)J8qW-aOLT(z{gi z+>i^GidA>w!i$eGBbrLOwsOs(8|q}YlOxrljGV$2cpSg%tL(fNB0I_(R^k}A*Yrd@ zWYkN1E$~PWIq@sBQYMA8{ues=-!SDr`=yYusIXHuy_oCgPnMBphcQR#UIhjDBCGje zgWz)dsO@niIDux3dP8C@$9;66>^y0-F`HtPI2v;XKhDN^%tA%*U1ZQyPNPvJO})hd zC$=VTI?AtrW0Uc;(H}Q9rE~`_lvC^a7m7PU4JlQ6A&wjUg@>AQEI?f)Fzq5UF`U4O zP{h*UvI~tUc0Bjsfs}D+`WTM|>XfYXFJjAO7mSDU49>@PtY})REOnBCmCpPeMK#5^ z(Mms7wnRp{(kvMbIJi~HX`LONWbB6Q{3XLdWQLTkgUmgZ3*9SR1~inXs2SVe3SNfn4 z+%(Ov@Xf!Gn3PaUpxbej%u+^s4UQfJ_j2 z@JlMHR0kUZlS8Ji50Zcn`^xl{%N(A8d@S7!%RMz;l5IzG9N3y~a2Ts)oQ>7zFfDQr z*;~$Q#WOa0YNrhdXXR1LvlDisazr51Ac^%V+NC`xG#;4XmR%z}0OtNAYcnWj5FN*d}^GtJp@S(-rC^#LSTsWC;O#A#9;caRE$u z$k%0J5TvB0HH*hL9X-deZi?x~jEU$d*qrwpf8fp#Vvt`%Wp*%i>pmQLfol*E0F%0; z7>NgtGF!|$WjAJNaACuBT)x*##679n7%?QEtJ^do5*9n-$OIdT1Tuw;*^$7u1f{rXksee&9uA4m>v%<^*Y-q`u`zv z8ed+j-|+=_3C(TnDefUm?FXgpkug-?I_SE7(|jdwp&g?uwzf7{VyGOf}Ggrrq3l~p?$WiNHi9vJzUvvg6g zv3T^yo86^}k+v=KZ)&DX)7Db;hWFj#Kz~r${Q+%sluj~N@|{%3+){@b8_(s!g^C$PEmpRb2EfSJ%Iw~RCMjYD=Ky87N;24Qt(cTZ z;H10sDe?f{FCSHby}atentoR=7~J8i0b?#Z*q2c6Tm6;+6pFQ#khi;MdYNZIjXx_XQZiLY-m-=)zmLmt}4)Z&vu^@OMlTbd?~yH z4z|q9%Qs@+-RKw#r2ZC)xD7P-tB9`of@fC}#~W>Ig`R1f*r~vbsP-@0e^iS@J|Is>6B&3(8qq?0Y|!y8W+(d`q-~EP@7H z*B0tL33Mx0QbKTZMk4ViI6y3vGDLffckAm?`$hC@Sz_OtsCIBuJt!6mBL=GTfcSiY zF}~h|A0LcOSM(aTryMeBHg{NM1vWc(tX(1^OPIgl4bQ~xD^gI;Y($C9@mqgBm*WN! zO-`!J#aZMW3Jc+;5Pvs~>gf{Z{=xkOh<)pLnj8_M76X}a-&p*7rZoF3WYs$mxq>(e z#QJbQndD=+y}Emqnc7a+sYmen#9=|_63BaCvrSw;dy~#~(_<#H-c{PB$~ify9T6Y1 z)AnhW{%Z!y%;WEOq~S%vOMZS_7(2AfJcyPn_|PQNKfq{Ik-QUETtG~2FF>rI*K zj`IZnPtJ{X@hxh&M|`PH9|2?6^Y56;v8Q*;ZO%JG0T8QHfgD*7k2j44(ZC|jbD>?N z;Z-a5$Dm&uprB^|QTq+y32=D?k^0XkJ_IX`tq6+P<+Mie8TYv<8fzncX%Nom$ zkIfAb4SR04(^G3&)<#5So;Ctd443|LS(@scRsKq;T;rMiq|nN^ituH&VF8kt;%PbB zUB04s$)eY6yPZt)yVS~bu*zhmq6$oJLd?Zp;STw$v~ZsJ!pyEx2~96dCHf>M#UHoH z$GQpQ3BU~%Xn-?|@s#b*a6S^WVB!^YjNpWOwXZZI$azd-TFz;JL;1PyfFh(Ag{e6C zVp7=Z&GI-4k zC=#tW?hofPZ)sley9QqOl~x1}aPodO71~jhIMbpNxvQ$W*k<<=pw(fSrJi~aX$-U~ zC%WSPdZQ08$l?DJ=Q zc5RT-PM+BpoBGJtrOckG zt6<)Jrg>vQGfv!{QAF*!CyPv~A&_fgy~mouT?uvOB11?RKSf!a+tb+%y(&)BTE)L+ zQYftO@L8fC8yeY*h>C16UQZJp-J9GtGX(3zd>drj*M(?%f%z43wW88dRF$+~hk~dM zL(#~Z@4v>yT1V?vMWE3H(ZMrh0G?ww`SSqEUS?AQtud&!3;C!cZ&&=czJ&NE045!s zm5|z}0S_0F)4yJ3e_5iJj2ry5ji-3YVJhcpE)l=1mfuyG)Rh)&7IgpK;jbi`{Od$O z7-hi0Qc6rnw6^0|XC7MgsF(I&48Fp;|FkyBcJ>HMcwpt^{Ns4{ zkiy{i6CkGSh$J#xeaEcQibbk}pn6Gl{5Y~Ads2-*GJSA&J3S-poOeM*l~Y(orHUX(e5Qq+&dx%1+ic?-HQ+!_?YQ9lph#B;+ez!Si)@rP|@_#u=LOnG8>8Tj~f zxT5iSrn664T(@SlNfCC%y&Zg%qQR4;n1d7Y~W1Y+>uSvzw&FUu^2RuMQQ?@Qtpm zwHYI2`FdPntxr7xI6B<#-?YOQ>robqiQM{oeUw|TsDdvxV)TA()?;&fH;_G$*@ATM(6JWwNxZ6RxFHzy0C-$T#7{pJLO zJ1&oFM=|x%3cf!_ar|5&WYw=@+yON?r!e*430;T12`le{zM}ZsHz~Nm7A4CaerR7^ z0Z1=~=8;OGZ#j;Y|E=uf?M;uK@doOhsdOMq{$g5#hf_fj7Srd z*w$CW(XMB$6=*~_h#xsD`s0rv@3!s}AU>3dJ$0LfEFoA>Z*}#nuw=t7_I!7B9!S1S zK9fqArHdI7_L%6>(unL|{Pvw->EBQ8D8ST3INt7I_oez010!7e)@5V;6UD)#SvgKM zHjvAPCHfwA;F^O@B&a|G{=^KNKHpgfH<-vi$zgz57pvz~{Nw1eTAZj~B93WSTRvWe zW+q34ng+83wMu&6wDbiIRf%6-xvu4J**>wa6n-hWc}thvEcfBK2GnG+E^n@rq%Bqs z6bI=@W)$$TKRKOKCmF025`B9s5ZNaIhXCRWo56cVnlH5Jim%Xkybl7}V;P|zr4x+I z1&C2^&-J?4?33GK_ao-_5L#l)8*&JcQdA^H^n(jf)A>-r`G}c&yn`jQ6M|ZILm`eQ zV$X{hiN1!cHB|!#jI{-`5k3^xPUAyic&|mc?u>GcDodxWWFJxY+Q_YnalZ9|JZs7z zj*AxwN0bo?f(#Q^=wyWhvcmYs#2D77BQ5;SKymK-Kg<~)`z%;0L*7?!;VG=oxVu^i z9!?@f4>Z61lSbhZ^G=?~Xt54Yy@@nX1~?M(5cIB?uZ*UYjTt+8-2UbK6Yu>qwof5puzgeDhLU=mL$!fp z=O{&IU=@*smH{M}In>#s_MWD(00G=^(35zDgE$aTFA)O`{@BvcIEQn5c_lE$#|(14 zFY6SBs2O{Yr=MsaH+m;Wekd%9e@DQ0Qr12MCAVE2mF(U0y{OYN=(@9JfJ|x=dI;^t zDX2J6gzaJ+M8y=faBziPGk5of$ zU2nwUZ%+RNc<`Qewx*cAvK>(zP~}O=%~9RRa1wK@BaIez`$5OxsXD}Pvs#u^qLK$M ze#mTFmdtKUo21EAfQ>llbL+5wi^55L_dP>DdznLSnR&6V8U)fYg^KR zhd*J_H`HkPqpV#&f(S>mu&9q$O&bO}03j+FTOT_$q;;%C#>>J?Jpa=uYb`ih@FAlZc$hU2urU{CHU$$2l+ z8^pjq`FlX4GRIF%idmW=AKjS@v4kmD1BX%oRY&i&rhA25watf+N#6w12EyaPY4J}x z`yJ}9&FOwPl*jMq3E!o8P+sv(AiuqI0&<3Q^zt&(0H}l_0t1A4kz3fXG?9OK$$jh9 z57JITJSr&V(3nvb^y$fInW|YT);WLeYq4zmIyTF0SUP2_VZdopZ2(K(&wk+=f^q9Eh8Du)%kY+yS7q=CcDnq!9 zEVv;=F~6soGajhz%CXiR1X7w*A240q;_rGwo&e}II_}qe+464=9>e(BQT}WVJOM&o zuv1dELpnU|28SLAcu@UoX?4c4oMw$X1$GLa02mCI;>*Aa)&Hyj_AKpJa{1DH`}FRW zxY8G0f1b_e3!$Mqq*FJO4^{f3CHoLtU8WYzaT;b&5si#fW+bsJwt0zGdT?18fCM{; z=mn#L7-GweWFXLOvcCostg9AsG_A3}ZmjJmfma-4(OJIEti@kz0%6w4bU4zZq*D`;DrK~v?` z9!?4P))y?$Ji6of!@<31^I$yj%j;j2JAy?;yWxq|no6vDWEta`-wm53>$K63&y~;_ zG;jp2V#+%UmcFiBoOIA&`oweG`n^x>hQZbiLJj zOB!ND0`WG_TjQOzQoBlPzPyLi8dTHHBEb0=k(dgFdGYislTmdA171Mogi3(RJNW9* zul<@B&4yETtX#1znBh1vXIYBpEl@!d$?|7}e-&fO<1lv6rl=J-$GHw0O_L_t!@Zv< zc6Bo+XrdzQATdR+-QXJ*9Mr;YE5(Y{gWyBdtvgVlYX#3TLtldg4jc|nxKo$7>xPHh zw#ycfe7v=|YC`a=l1;yKW}}?Ur6PC0Em=A;_}xv~q^Q}OoVH{2gojTnJ;2tJ%9j}o zU;jCHS}|X-{2Fb^Sh<_x!e(QQaXKwr}6Pu@~ zY{3-!)U#=6Z_i=UYy^uDCXyeMqQ$Al*0649O5luoh)xE5vzZ3Sgn?1f+_0^(jQtz+V#7}KSx|uk)o)0c@7DU7B zSD^s7uW~sr-Q> z%H{bN*W{nZUgL$)v#KxP+|Hh*YdzlXSvX!}=7@R+bY^YGul*!iah$=cy{X`w-4Wq} zT#UnEUxxb1*y^R4vvfu9JeNq83EAXwp68P1nlAa-+F+(-_<^wuDUBP9*@}l)i4iwJ z0-&O?q$(rwJeP2{BbK(upls|M(eDhZLFPKk_45KAH+sJg=S_VEiGerpUe}UJVc0tdBlb+K#Mi)hU+~o4URnOY+6GiXg85MIX zm22ylfXUEZV3=^#;T*mehI%gocF#13tY>iRIo{dpw3c%Cw)Nw1-K^%K$Z7Kj62tdE z42@AUT>)BVRmTOHx3-GD}_&GjXn zIdDY!ysSrjZnchvB*%67Ax8kf-$6BbQt#$SxDJ^#F(F>S4tBnH_Lg=L?wXixGO0!f zOQ=`24)rb0Dim%W;e02jf22~4`EM5aAD)*nwI=}lb1-rX%)iJSvh)N9A}ER}**ZD! zkZtZ+s}-*gnuv?mkX`pHM(T9vfrK{QCv|OB`J5}aW?P- z4V>bW(`kKP&c7+!Z)Xb2-?uMAGOH}9$t<`@hGp|RWk6&t<4|ZqIPA1Rea{aNP*G7I z=KX%T!n#4qA^*BEA2B!nyCi4&eP^_e9+8F zRM`0e4)#I0F6nRC>CLaik12sw@mTU)5rd1aG7e`sJ1a4?eC6wCt;~Bc#2F@UNgbvb zWQ5~Z6lmuYK;Yx$k+a3W-fuTx2? zY%Bj$!V`XEhUuh0(irNVedbnn5-G(OE;VYZ#VCm~*FWL5m`T$cL?Z}rgKFpiRHFPw zzKG0IiQ@kU)DtW`obq3#o-EML?{Tae-o2KnE2WOR8h)=n)6_u zeZX;q1UBY0r=h(8Ala?lG3n3M)$-}Quc%(qy>HOboRbk8rLnva*i9(m%Y#SJC{l;I z!GE83o0IIlgu{ca(0SQccy)9*8B=Yr#k`e-XRaSqgeRu{w*;4)5RL*#am{kv>yH%| zo%7%PoLp!kQJLo40mIKJkOuE5HHua?FZk=$NsH~gwt1Ed>7&cfpO0KsZB^B5L#-ti z-|xMJ4^l`k2=M}+09(qQ{(lSnhCB}rT0=%SoIN)BIrT&=5eRXycQVMzTAh;=(}xjb zQ0*82aGc72x50!O8)f=4pEE0>d{Z<(!Tc-jvaY$~#va6PTeaE_j(6gCV}}=2gKcaY zXz4%kK$(YTnQ=8@t46e{`HEasEEsYJBj7WO@R+p$akE5G_SfqgmOjkqbg_5l4AWdv z^Ko84B+%bk8~2C51*|woAk{oJS&V6bMkLVuc=40KDnZK|?2?+~Qq~ndgWV>jBvb|~ z9l_2aYH3a2V=sDWKa}2GJy&SWCVZo@qu6RG_T8+p#|*TRDq6y|u)fu`kDn$T)SH@v z=fSTrXEUz1eSV*O<&b*2*F;no5&JH?i07wI$}`H^s&n11>}Mzg35F~Hm!04*;NWm! zG7_8>-OphI-VdbO#4x=J)k+s5Ij4=fLmd4=Mj;-zI+qe$fS5F62)ES&`@H42FMmL| zX>wVBS1*ft#Ke8~UlCX}|8VM`2!g5eoke-o`>#rw(&#?Hm?rONDwr#c% z>2IQHSO2bE(;w9ab1fnO<5o)2v|olC+mFL39~NGDQ zJ-ufdYmhDfCKP2NLJrrt^%dQ)RP{D7p>9k+E65Q_Q=~t+0FQ=A{??(N1l4U(qRoY@ z$Vav@XCFv*_2(Ts>%sI!B0XIcqQU_)X^3DLz?gc~SVm$s;2lC~9P?Rf;xu8Hs5_W~ zf?>ABDywuH>+f9+1Fk8wCtH)2;5W)beoriPi)@|Hax%wy_lzajc)BOlo}n@XCk;xL zOBBSG^~C&2S@lDi&#N- z<7p@`XeOA&d15Zlj$r;x+KtSz&k-;(FmpIHh&ov#z?|q`^`~$gZmFShL5x?@lnz}) zi!{d(mYUc`hFbF8NuOr{_mS|IqGx4_zvgL$FW(dL8RxN{kug+tC;kpHyi1g< zw|sS+n8jV)-gCliy(8+U;f8wBDmCD54yA>S33`kgUAv@)7P7L?9R(!nIN3BD!{JC2 z&^t!r$bUKOgCL_BJoI%%}q zJZXNO)GTYGs;$4L0E!gsTk&1DGt@sawWNZ0v(49&0GPD&%55qa98biQ#W_Z|{ z5fL|E4Ue^I{sWGOZ>XcTIGEwKZazMJ>FY1-Y(R_{QDo#$H-^0DUQU{@R)G1O?5i`{ zVv@a6nFrzlTm5~(5b+ID%zBE9&d=dK9qW_)H)uH4;(yGfFq)4IJDPa>J#x7i?G(QmoYZ!v7!q ziN5chYqpzfEHogtn!;~zt(KtCEW$%Kf6vD(EpcfQq0J+7q=~CVj?#`19M=(%+B6&9 zE>YD18ej9%{;9Pc7c_fsTv^P-d?0gNcBP#O z`+^=g2Uto}ZG8H4+ai1jr;>9dwg#sP2`Z``JpSWsgXLE$ zCpMa9)>Fs1kowG)@WwRH1L}m&^^sJCjcJO#>DbVNz&Y1%1rUDZC^x`6V@_4ixBaXd z?&}VWjuBUaM9HozV<^_LnJoCOK#2)9Ge?~iYV0(y;smFJVsiy7FFX8IdJ)Z^bR1`@ zQrBUdb~8~b+zkQEJ@ki}!=GJ$V}VOqf79W_K0qA!_7m+^bt`mLyD*a#bdn()cF3G} z*D4kj7TNubg3~V9BZ46+7G%R55fQOAwx;IRj2!ozcto&MiXRVAoXK@b&8)7&(x%j> zLzw%n(FgD)7N@lUq0Sr>b+M*W8FS2Svs@(>(!ENrPP{fkE-)=Eu9cpGuGlq51^MeL z>T%7|U-;_zN^kFrj_&sFdgsEIxxb>WV|FiXVy49^D%vTc>!Vn;&;Gc?jb#cB`(q0Z z+8o8))eM<#=4AXLegX{F%@G9)Y?a1Fj^49vLJ?5?fMMJwWfeq6uq@Tlh#fXq_XKv6)8%~5IG zYHqSmwUkB;rcpr*QOHjPh@B&5*8ikN}7tlB~LNU(N&JNnk2mgGI3g{q0UL6G+c5 z_ko9zWyEo*nRV6Jvu*mOX=oA4u#GXkIv<|ey0dL`i7?MoOKNmxs>;t5RvB-U2ody- z`X9W#byU=CyY@eHcQ*_$ba$vAGc*VTLl4po5(B6p-JO!+&?#L5s7QBrDM+WHh#2^e z`-vO(yYJ`y?SFo2&0?)%7pI7$PVebR)R<}u^q7M^7?Uq$v zgyI8o_xy^WdLyg^1+y*uZZO$U>~5sHXUy3rf*@bFwn;Mjhs&cRYVh`jNmL0Jr^D>C z^z^nB!LHS)<2>qGme?U+RbGfTrk7|)HiGf6L(lVMJBY|T>9IfA?OLjq;u?)2O8eE# zSX&uST^UgfGwQ*WcZqs(nuKf>MtaB;mmKQ1)35$NSFf9gZXy^2$i$h)S=ryhzLgtKg%qK9ImUu4W`OIC^!;u5q^ zj2vy!0_){%3cHg?ZPN7tvQe4g&I6UkuNRs!LK+Nr-U^t4;~j%A7v;t@FdSzUQUphf zl*<+0?qRi%i?vASlKM$R<$V^y=%*t!i}FvN&-LNo31@<-HtJ5BLDUAEs(W9-Zks&Q zHSJ3rvISuRxF{B03%A?7+%Dd&i4`ox3;=qZ`}kLlGwDFJxa{o)R8rIi0`211%OY@; z>zO=?m~<8}rsn^!Yq{o$2RXI02alre^KR%jB^PZqTx9bXld<}{W~-`h&sIqC+aDgu zM{!_P8vtSe(He6-8#?t~62ZcdOqy|<6}}2(bqw(gwlz$BtkXGdg~Up5Arb?Oy&6F@ zx+V~u;bI=Mmggs**|`1A?IEs{v@H{ftJa!0QKx6cvFE`k?IG7%qz;Y}l^8)qg*^Sc zoCx_~GF1!jEbfy`j~Kjq&2*X(}X7BGJCeoXJl63eQ9hoiM4iLY_nfbKPp+~AECmG7f1;u!aVnZ^%Jnc50yl?bz zdciLze*wnQeAwlnYG56BAZt&_f|%E6H+Mz-VOg|}v9AmKG*hpeyW zAKzS$J#$C=-{!`@?z#B{(PHV1r;9G+_>}(Zru^Q>frG%1{b`0%etJn#2MKY5vb_O& z2>lMIGXe=@jKK|k5g>3?hp-PQ+RSTj!jko!_!;r-*2HtXZWUFK&>WK;0TY!|QtK?N2%*1?ydF91f@}tC zu(desj5Mt`e{9jGkYLh2iA`{%YMua!?ke8da)m!WSw$Emt-pVEkdqy|!5P@M$B?)s zA(2^7YGLwC(BYorC0TD)c|g9w&vTnPzqDJO1|A^xhsi3@#5FCwnGH=#&Bw8`x7{Y$ zUb}4iy?bM=FZon)q*Q%Z7-^6r1t?+%ssP+sVY8LeH(^@M7n7QS(Z|>0UlRvmW&}^V zrl)1|U%!3USnAdi?F7v2QO0E6PH6}4U_FY^#AAHelSXQ24&8~J}kljGUaBGfII9eJf6!kl5X4H zVcdAc7BtX|%{`9Rq!QUj5m8h9tc3tZ;&t@@Uhu77fDtT_2dW#UIL&)hln-N#7r3j8 z?2^?-`EJ|2wNM-g%Qce~!^%xz9?r*CGAXK{C)TTd`?~Q-YyzhS_v1C4B}6EtgbTpF z;I{EEz`C?sHiI!C*&KMpHW=o;q56)$ck9C?t--jSw_oO>XHAMyPFz3dQuZ7LAGyw^ zl(>LkVaNzCRz*q~5F+bFg?~4A*uO_rDZJJG+^)YjT`Z&dJ8e8<2vSGd95^SDvdeXg zWmOFbi$Q>UY%z33;kS?gTaVLO8;hE;qAp|V#nCM8BcP9{-}k7ZI|r%F0rucK^M=Jg zt<9on-Zc@u|KW<|{I)%dc3p;A0m8X9nKo<_)`%aP1kNxdR>{k?!w#v49dG~M2lhAe zAjKeN%VHNIGIiu#x_s}LxT;ct%6LE~IDh+*GLjw)h4}4wgTO`De0dptybo>{HoYef z^&Z!nuw6^09+3ao8j7=w>dd1ACt zf6*&qQdMJHXW>%0`pKwDmR|SmCEt@fi)eQtpQhfwZ-3vTsA~R?&E)@b@!+;3=V;f5 zA|fuPGQOwl>IkbjGwJDcr0MFe*L`UN54Vwji=-f2cGc{=wR>6d3(%#TwYKq1*fLmS zF&GiheA&V1`ePzz#xJ@>A#%AfAv-8VSm6~|J;+%+brKxa^aMM4$9}=&cmfc zC!8(>ZBUKj)t2jp{T%5nHoYPab0KGw=&p?mw#(R=?|E+_qmu{nXQ#=21(zy1!8xKjeO8{5v`?2ff+{*Dd!YlZG5{WEnf{A!0Fbf-~gR)&qmnm1mK;{Kuj&QgwrlD_lCGdRf;5U z4R9$eC#c>q@SDs1eJ&r|2K^J8WuAskN%eK~a|1{4QWyU0rjghz-#@&+f^+$;3R)p_ z`cTGSF*0}kE31Q0xSWi;A3Y9eBEvJ6(1UzMVPbs92@}Ztsvbaj^khL1Qgh^YVm>#q z@P4oBgi2vzIVQ1~B7aQvy!e2XZ3bbU<>6c$kbb@*lbwj_8#`0@NTr~{2dx!+LMy@3 z^gViWbe<6!L`asoURg%*1Fer_Y{x#B)$uzeU(`{7--$7-j$QuBH$f|L&&wfO-P`Nu zoALcx_1baUeCJN5q}+XZ*B`hQ#>r3qzM2a)_+E#(Ro&yPReDk{)<#&0St*Bm(FaZo zVUr|1$eD%RjVdnGwWX_h+)S|$s!6K6bslst;s=XF`up~{;mTVav&rG{@IIBE&Y;?^ z=Dst|1wBn@CWK_?l#qV5r$xl;oNX#(1E3tXDRsQ(hpeK?%3NwQg z8N!RgR#Nfx%|v(!|ImQT`;DZ5ekDaV9Qwi0%yU#uoaP|s4-#v7B5 zQDV)dW%uubtKLm-@^8o2EYrZmL)Oaq2!T1+TTqWRE8!3j3ugGEN+Vke;`p%U!-Zdf zhx*qO7v*aA&H&ekXln5<3`$Sm8RZmz;6k;Xgp`PzvT4@>z}P$x^?=1lZzs>~roRJO18- zMbgW5D<>H9;L#DB7mqtXS1FNFIHVY{ouArScj6gq;K_Lr*CW+9cYDfb02^EL*s+HA zzWk1<22Tm17LuxN;IVl)+U8#FIbOjYSBb=39Klvvp@SFZ-2gZ$_?!PQkC|F%q?}go zm=6Finu}gsRg1slqROz@&B$yK1OeL*;lkJbe9rg_9p%|VrIXMz(c;o#=V?;N= z7xZqE31<-D`)ZIe@NklOCH+ZX+t!}t%V(X;{lSCzuOX6YI`n(yUoK^L#S(0O0eJNQ zEZELBX&$ur2CcneXS+$W;BF=tjJ*y;bY0YDV5Lpyu&c(>Dd~53>#DCWerX3+wo`oT zw`N>+VRMpukBQ0cC$WGl^31!YBz;ES7&uhI*XDU)zuG$6?l4CVF`UA3-N9scC#szq zzx>NdWQbNlZyJ#P*G?kk`v3Pu;)bW_|0<=8)5LVsUXiomBXWnq&w?jQB=|NOPm z_=czmySchSj8P~G_zW($du*Y&8Adx?CfV;Z_u1H349iP@Z&eR%Xfm8L)xqxOYz}Wm zf>;PKIdYo32V^_y-biw%2Q@s;b4tf4u@~Fkw&C$uED=m|=|D_Nszc*Wu|s^K$_zCb zv%9gbZd^kO{XA}uKHLrJYcFmO3Qg`v(MNd5+1%HlSzocXYtV+Y@l*|n=fRUc%9aUz z$%4jYW4XU~aE<(0_B2dU**uB6%!2o;yOIkR8raZNE6HXSE^;^E$$0B!!DjuLjO#lX z)7b4!#FL%}l*%}K32h7uS_rIl=(Lmrfo^S-)Vcr9Ep}eZg?%x?9d+!%YWNWZ!#?CD&)q);232NDjE)bc%5=y z=(($OpGtWQ)ZeiPpGVLN@qxsmD8vQn`H$tocC4t#L_5L}V?2j?2S(*=UW3*a<0;~n zTrM-38}0YVY$fk%=5>I?>suxvsMzzi37$AOK;p&Pa8C; zHM`7d5|+&tD3ZR^0ePLW=9=+2Mda0hOl1h@vg6-*Z4<=Uv>#GTl>v_8ZuUFI-f2xZ za$5Ze4qm$(GqUD4W>>rk&ZD9ulGcG>mtH#&B*^2C_HzIXNWvG4TDyL zG?cohXvvdO=~+PF^omWM^3hcH9TUUezbBrHPdV zx)~tRWt$|>S5rcjMq>m=9h)zmTyE$|4>t7#b?414Orc3m=8xW3!IUIb)QhWOj)vn; zTw9bRP9=oV_uBnZh6PWi6Ffzk!S9fO&^RU)r`XzNLSy=m(w`y~bFz*5z*N$TezJEHrHtn=(ZLO;k^d&%TG2 zMq(S;5J?c+UG*GQ;?)P0;(n72#Fh1Rr|$SX6W--)K@oq_6>QhPLhE7Yy={c{iQcVx(-!E}?vwzGta6lEZw6>eHR)ja7cf$C|T7u;kwHMLE}{MVvwToM%!l z%MPcM%ArQ2+wmpyI?`6Jkop{QHthA}(y=7UbD1|aL%R<+t9JrzWQmdv9;$g)V?901 z&jglE%9FxWa=FlU@&p2m2toiHi~x{eHsl+hd^8&i2mvc}xBCKE@O1Y?l&`j&wzZfb z{FNhjd4f&KbERj5VWiv%lw+x(J|jn^|wVzX16^Z{10#_HcELZ}8yD{(fzlbXBVQJ+kjz@a4<~8~VcjyuoZjxluMjQNaA1 z-MW_ObTUZI=##i$p4~IxCb#)5kH#oILTpO@+-|Jea+iW-S8s7?z5>BHpwKHJmP zqR)#)3J$kl|Gcl4ZMO^G210yivWvow2v+#P;JCODop^d=Zqya$DIYP2C%v7htK-W3 zdoAW6!`<%J2P!1MW`nadIXT@l%-GrU5E&;tkqo$|{007^(6Hz9L-TtXiE%CCzGe-_ z$9*NmbBLwrj-kHuffVg+v^Ur`?u@BJ%$O2X8KTu$v*J?axtOv5;~{OZ8x@f0Y~!4( zS!y|1bd{#F85+wc6jy2@DFu>3DO0+On7gqf`lwu6pRKi=BX&ALql$i&P-X0~s%V+) z5?&YJoh1wlUr+QoFg?-jb!5t5(&=jKMJgSU^P2A7ik#Va282evXb@4yVMQs3czQsh zFCKUPB|Ee}ckxUb^;4P(DXv$2H$vRJ)v;>3N5)y(PSt=X}*#UH9j!=XP_waaH8;`?67$Kd5-Hh)cc zop;tdtoc6B`9XV_GjLZ9ef1toJB;I5vL#UJpwmB^z5e*(R#yDm_?OvoPV_zjxh!MY zzNh8qQOna`0_&dN`|LaG>!HZ#_CYr2zSi>kFv&}at0!{LEGE&kOzF?Zi%%*JzOg

8W^inE;!$HZ;ab z9{;F(@dw(~{W!r3{@IHT-9IP_zUZm$u&mRWlY08O4bi%ly9;zs*z*7S=*q9ryQ~zs zrWuv@{W2!JdK>?Bk5onQCT){cTnka_LX^mdWDmBl_BFo+gulI&-ssYzp@SQ%DVX!W zG#Jfx=Wp^^UqYW;S7lTzkc^vRv2PCrc%Nl(HE#!gZyN0taXTk@AO*$f=qaRI!b~Y- z_a`Pqv)~p<)GXTAbNsTmXxW^;lL~4to9615zgnkbbf^I4}1r}+sG4qF-j)zrF z^(VRwSrV#eII=xM74bMMTx!*+l`-D6h&%>g&FnHHeIH=yiC?m4ednpbX!wu!LO{~B zru*cn#v;$mOXKt$G2g-&X#2?_!YN=B37D+8+d!}gB0V>97Y}S+ka0z}{4?((Qxdvd zxml0>)|$9)=(4}9oHy$+g1;@IePRFMcoh2oY$p68H}mfcDVWp$f+>zO3zUP?N>!8C zo2}{Z80oeC2zc1OyH2=dkTQ=wlB;p1D3|13!l7b-pN*IUtJQ`rYG&Tx6)JC1E5E~$ z|7SBs1%C^FZ?HOQbp`9rOugg{6v9Yzys=m`182`?{H+YmNKMm@@FSFSQ6vABor#Ql zq560yLi28$O$yq95fd5#_C>BdU|N_Ne0r4Ean+u!d{;uA50w&x()S3ds-)D`E$m7I zR1^|b!~i^w$O)g@N7roE)!=b3pU~-8yiLl4APlj}DoI@K5ojCW>4zx!VvrVAvf4HJ z>{@PGK7JHXu;cG(spo)e#EgY+n3Iv*SBj4Csaxf*$iWme5Nx1RyW-5bZ4wFwDvE#5 z=&K`gwLLoDY~MXw_^`-$wqZN!``sgv8B(~Nhv=J2@m@!df9Oz;=EHuaF(F@#bYdyI z=@eZQSuYv!x%@ts=x%cgtoaw5;-CCfd4zbuuMt=5ey6uhKJisIeo8+EhH&Bhi$}qm zG`|4ybw6s5hgHV>Xq`~t+V}pI>AkOz;EC#A00Cb4s?32ik+CMW$Exq!+SsTn)*6rV z)f*Dzvuo(!jUWz~Ug~q1Rm!p=Sz|tKI>ZS zh`I0Q64-O9T}8Oa>}@^)#m5+fzw?ekb7_%_dUJRzX~KfV89-|xkcG4z{=J_cT1uJK zM>Nb|(o`EsBowskz1z@-se#S;kQ5U1I!Nb5^ZPdrsgZvBsISGcwlFbc(ZV%)v-mr~F*{Q9!@7Q7Hgl*cQe(xdO9a>+#euM#+_4dhN7op}F0hxk{NZom{?%WeeVq)1 zJR0!&+BD$E27|%LAj=Ti$}dk)gLdQ0@9#u2Z%KSs4OrZ&JJTKeLHrBw-sB)bIsd`z zK;L#?)&p5|F|h$b*cNH09TM_vKr?#eaf=vTFM=^X!8S6vS%M8*YQGzrmsM=ptW$`6 ziXE6qdKF%dV#yLf!6e3XMs|62#GbvYb(qAR*_y=s=|ytvcx2{fstT8A+CsWk_@tHX*XZ=LbX}ZVEwq!*Lq|p3 z7pq?DUA<@1(pFdI-Ga&;(d`eWGT>+FWFUN%v#Ezu4niXUXR9gQ?3g;=lW>Hi>Ld!7 zM0?wC5nD4RgZemmRTzSw2`l)g9pYH-hOO!rrg)-o3;-2CWS-v{e-n|7fSl{cG8J*s zfRgEzb8dCmMobs1${lAQ3PX&TWQI>VrC&S9E5@`ky%nSBngR$MfrwOXh-}u zSI5FV;ujpU>)(CAtHcGR0+`v758pkCWjL5shw4L^Dr}3Zc)WSZ5qe;Gs;KA1mBCJQ zZx1UqLu~WouBSVN;(vZNa(yI%@Ii`cBYG!iEQgD!3v8dyU z&f)mi&-}RUB`4;rh?;538aSPCr}KV`+kRi#Q~f~L`Qn)dj_|M}^kvCuMe~N$4W+}&!Y3yM@tM%? z7*}Si$0(_pn6?)u-{)8Pt@*kQwn$WPD z^v)kK1{dgHoEsADpD@91ThgJu^*=sLd&bh_#*`+|3TUrzBm({a?*XbWQn>8~5LagrIx$Mp`Xs zzo&u<$X1pK`k?*kkIz&K22H0nuisDDEa(_!K+<1)56Jhy4vPDvY9^AI?g&o0JIbi2c2fh>&(LuY2xZB zham6JB%7#G76fweZyu?d-Gg1s)P(o*thiMp^kpCY#yj;(z557HpJ4$~HBHfTVj>p; zeDA@a&c{b1m$7c5{Y^5qh)#rBLlVdUmpplcMcRFy+Je850=x^RG{la>4AIwqQ`lWR zul(`m6ZYzRHs040D8Iwa?PV!t)A!V3`I)?9%6$|ZTRCoZPKWbu8H^NXPE%Pg#2W3F z@tu>2CFMSeqU+Nsh{qb?k@7EgL4FZTTBl&O!`GtlZEanGYa&K)I3_Gj`>pkmxqVu* zJbi3rZ6q%g>9D_%zG!@-m=;8t;_)UULk@tyV<$Hh_F&ar59z}>&YlT9s$lMjK9RfT zH3u4|^~x4XrtwlE8HB-rQoteE714O9Q}+E>i_Sirn)CDir9E^AQA4ILX(Kw~Sd$x$ zwSNoVb5+isdY5bgf-et<39)Z~-f6jRA$)IWDa+ZN+QTCe*Ewe?7BnjE@o~#7Lyi&4 z3&H<9mrDyuE~OXu029E7;t3IeKPQCxKnKU1*NlAUJ#|da*tI-{FP*zSo3{a$h8vW* z=dk$ux#{#J!W`Lol~{hf04oIiP12gF(~pmFc6-SltsUU_uw)9I(I`^$2G43G(GDHF zIFQlkGj<()IRm{OJq;ZtX{LKrq?{jqWO$#u*UI$k0Ht7DSz#%V-nq4W^|j+EeE@8e zT1*>T!n*=@wn8<0{ARc3W;9`)K`o~jm8z2>^s$bLAQ`b=jQP31Ef=G(Y&nUiB}&FF zhW&Q_3^wFgxzF!sFz%3#echQ~q17@i*BU0uSSE~xbSeN*3f?GAA4TlQ1|w=+2!@y* zS@X`}dAQ#71G_b`!56Cofn?+ds|#I_mEpXr0Pks{3_6PFSa_cOa(Ie*rPEPIUihQf z3jX$NN|qAVYgfcaqs>Niu!>iJZAFf*9nElZ-vNG9kqQC(7+hsc0jyG80hT{HLZ9kv zC%=XMBLe7;AiDpQU$=N>qRZ82Kp)`Z&uVL;J|`US=l*^-YxQ!pECSJ~c1R;hLKU|V8Vv-Nh&_@TFcT7?gb@G=jc!v!6CSiB6mDX?;Qbxhko1x%_(AsoigCsK3& zF}THT;7elBkFd!si9=pepd!X^8O*l@&4OsgVP2`ybR&eyEXhUL7zPq&ga z#|CLSF*!&v0a2J%dGQlglz4jDYulcWEEN@w-GZ26q5Y{e0?#*ZAHO^{ji-b;xjGYd zZ0kB$Dwn?DlLPfjpHOLFc$}&j2yUvBKv{GuGG6ozV^CAPy{|PHOFf+J1wHshr#ei21rHdhk4hJwsYc@C^ba`pj-4!AhIiFDa$uhL zNI&2$If6Eu+JwZW1AEZ+E&zV4k}nDF%TxvhCJQQ;RXqm6m9%UR!W@$?-s212*<9{% z1Zf<7Z|XNRT1X2IS#XQ}9*`O{!*|>*)5efFm23|?P;9M4QAY08+EcD-T)>al<({uT zrGWj|p=CI{7!e`1*Lfd~9@n>?@a_)_xHo6uj6NK%*#swbfVdjCLthW)h~h+)1udcH z%48@@gwU_hdFpeuhxCnaX61&y1PVv2Xn|GaRo|w%T^NlH-+`oi8I~FhiAZ_JMySC{ zWiyC5n!ROo?+<=~pJ61|x<=*)z8n}oLWgwiaK#S0VAE(@%Y~>^e9KZ|@ne1*Qf#q5 z7@08f#Xh6vM`?#{+{B`jl~m8khdh)&76G?*&SOe^WKOCZiVDIt0)1|Ue9-Dcdh0(`N}eQt!%km+e>8QBR8mMi};+=qmH(7lA0<0OS~=_#tHVs4Q~U4a*Z@qoyd5 zrZfpNZ634F;C$v%IZE->FVwqyaaO!Z=y{ZYsk_KWA{gs>ekaAAqLB2yV*#^`gi~AE zT6lPy*Lh9;F*Swy2upotLyH)`uNIQNqJn!#zF9FyBMHU!5&MjxBD`FVW-O2QE_gHt zCr`km*~(vy-;MYuRagZ-j>&Q03&Xh*U@0`b%5vxU9usBHV>Mng9b0ZASSMcfcq@=} zUVRHZ1pJb6(x1<`pG5BscJe zR!rNZAb{3gQG8(?c(|L3COJFX{-Ah$zQvDfHV%O&{Vo%v@{0K7vf7?kMy}aNetrc~ zeX7`q72NTF9W5SKT{GH?Me%T+tUgpBP_t+_h4dX0|Le@IZUwb80(1&MTs%-mO4j(* z+aYP1RUQr^myHip;uN4|_L5ET`GZ%CxeRa7^s&iD&Ai` zwe#9;rk|R}oEwizv-#Hx2seIOuAoxzI0qPMKxhu`TW^=F(TZrqsg_H|JtTtV`-!$Z zGZ!?DgxfP~XF^-p`8!;IIcDjuN_tSf#d(#GGm-+m`~ODE_=9uB0}{;L3k9bWY(^Df z2r46}lBtAJpHs&>etvA(Lu)WTbe}1~ljMydp`K6vJ=&ujwfK8WT&^^Pb4m8k%Y{?( zWxzBZX|=@NNc(gxV?ZVL`@&S-e7rHN6Rp_cGSU(gi&hEHy<$HWlg&)ZPKyBuCqpsN zJ8?E2yi-~&((lYRQuy81lULdQ*~y^T!#)JP-y1hK&#SBHZ^Cd=H%n}Lm2p#oQW z93kL1c%|7pLTnUlw}wAN)6gmlR=0bq^tSsTAJBijF3EzYd{|Ai&U4>p%*A85Dpz{L zIXm&|Th>?4*;FHIs|#NTte;qxxxRI(0{QJd$f|o2-*W|-Fl~je30pBjh#Y&SN*u)_ za{05;(vaS@$!If2{|fh~kPP1!*BMn`uKvYvh5p&>y}7!PKfrAv`IANKyAnDv5vFN~ zM}g{Z%vUlaJ|4>Va@M&kpL#I1Z1?4pIGMq|FqHy$3FO6Ut!pD_j}1^)J;cl2t-d6= zqXxa65_vrj&1Buwyn4LJ#5ip%)X$qM_LAu()OIkz$aTc!31j#L^^%pENB*?PNZ8|O z(+gztN1$obCaQ7uP!2Lw$1?7@!omk*Y(5x5l;b#5X=V=ck-Fr+j1oOQM@UbT-g#|* z8dKw&WwO*3n7C;*w&de(aocjxnKDP)gaMtbDLh~7d57CB8-y!LfY*V`j{A9xV<}Me zR%UYVtnTK}M~HgYL*aP25+EJC;*}C}iCTP3EK~MAVaeNZj&T1Jg)fobT|0{$?_6VK znba8JZfN*d=SVv2@cNb~>VR{w20CbdUP5%H3}=vza$V z;@`v&?eV<93x3wgfm78_K+jIk#t)Qrbuc zb|S_a(wx|hwi6zr2*wb(v7A*yB}`-Y55FDWce8gp@Vlka2VeR*qxU7V-&0M(opvm$ z6O!LJ{+`D8F|N3?f*Ux=N+knCqiNSK%7VM>*WvODaOZuV);Bc|dFL=w~&TL6d|?P(v~YaAWO~%zK%stA8QG zZoT_hnKC6;%JafQ3#qsN`PLypY&+iBV@HJzsbfi@!h)^mE4oJ6RBzLc#G{lQNrr}o z>IJU%MMK$ctB< zIHg7E9l9G8JjAinY7L_nj}#mYg#xN|Ao!e|ei0dr7)Bm4m> zP+CmxfQs7`C3PX`L&6P2<051i`XhX}H$5GOiGVw=!?u9^=+`~?@7L`a!XEy0hcKtr z&1Vu=Hm6>v@2?+tBS-ebaOx9-#=0$|I=3m=zcMUgW;?zO1Du|fi}!zImFvTZdE_QB zY+@6vSnC?4fSQ*MhL0Pl5E&Ov= z&hSo}!K2m~k~+2hl>$`drMtAmk%VkaLf?b2Phw2qPaj|xL3QQ(9l?+0_E=LXa&r16 zM`UB4?cOo|ET8$Kw$bX?)kRf#Zb0Ns8z+9nHi*t`cQTfGokm~Fs8U$9+q+#vVb?c= zP!l(ot`7A=m+7HNhkM0na=$Utz@RnCvq<%R zZp@+85-?j_by|(=J8)pYTJrLnrXJwN-^r^}PaAL~zalRE3&3qOzE%>aco{xJOghi6Gt2A!289jY;-1rLV|!x5j7Jtg z5}N!~p!ZU+Nu8tpdHDXrrM{shn79Tg_8TLz=#WJU!FS~xLS?`UzuU5XQouNu%2nCU z+jn3Z?q6)js`sHG>_?iWET_^P6#->!Jv>K#pr+_J4N<1Y{VS%m zUr*Zh`K`3O*Ag9;3wvbpEyS}&hhjtXBk-5 z`*ghrd2S|<5sIV2fPEpiNHSo!lC2IRpL!#Jnv7n5m(@1+0DH-DHM8AIaRS^*cWUVK zPKkkiX@uqt2`e;oge+BGJnFo%Ueikp?s7twv;A>K;)_sc*ozn^S78UnX@?m`H>Org z2YvjDSqQe~P=rRqJub!mXcZ@&9raz=l)|(-gnQ}9i4CXbpV>@2MYs$4Au@6MXG8wu z8#0u_m-#kT;ItHPY|NsZh(|U)Y)+@>)H_Q?;m-5f#8z?Kdoj;6SB<0|f~r@gW+LJPkLGzK=%YLQURokD-2A^MG{v#|Y)1n}w{nIt_A2SC22{yhU65LgI zK-L;*_9%QY-hymEDvo5)X^pg=%NI=C)IX(Epy@D0jHK_K(-S=^`)-z`I;d{v^reQj z!(kJns!TRl)|@vlj6TeOtJ7b-X5EIgBZP&MKwFP8Ry8arnj-Di&$X0OvBVKk&oAyT zePr~dhp=W}aP4dX!zvlN39VR|3)|n_1@WTf%Yjxoljq4>D-*dM(*i*Qogff=ZFB_^ zm8@uUl=)5n=ah7H<{p^(n{@OBtPcm-~I_ku

L2yukm7oF#d`HY23$LK zO5Jdft*_Il*c_RSMhnTq45;Np02<2go6$*A!uY&bd|IL(PRab&_3QLt;_Y%A))u#P zjQLVKMhG(2!X0*xX7ei}BE(MRS zvNrBsn%7e_&J2iqvW_h4j(*!jm-v^$+~2pExqM@|l$hxOEbW+?FhhQO!&O2?Iu8Tl zca85Iro0zf-b(mb=u6MKy3;(bjh#+*)6*UWu0D-Z6(cRuh^c73&?ew%UpLdU@emdi zR4^1)lW5)P9+6(lC$h3z=VM(iKCoW8MT1qdABI)`;|)wthn(+TRftWj>yNgtjSV8w zHN#fsGBk^#`{y`Dtn?p`YUdJAEF3CzGoghsEJ7931{PahCIF;0Uw0>U0d{jq(RMba zjaPbko8E>_iMeo!TvGZJ5>Lh3reKN>+(`qB6w~#Te#as(R7W<}?;s)6nE7>M&w*_A z)&Q9q|3wcOacY)_-MoiipOy~-yF`Qf4O+6x0}oQ+4SR44aXqUF`h2>vRUg1cCnQ^p zJ>^P$aX>CFv{q78iZBRKa3dtp6NAzq^!h2EKS+{@{i;z9u5Tat`nWk^_A9TQdj2Ca z;U*dj&;?kglNS^Ra(Oan0mXWtP0*!-d@|n4l1<2xD+61}$7)NR5%&b8==h~2EmL3u zJ0oH0rwP`$iIGbDJN!ijRTvS2>u0QNFUqD;yi)vc^^a#+qRb1?)9pr!8p@Wp+6UhS=Nin0;<$RvaS2Q=?;DU#-A}H~53);StMRUq=YTwi(0N=Mjc)CuesE z?-eKrFb+m^1@N$yYO{A53`Ytv%<3%s_aPjVcMk_a0e)9hPNv z?|UDANjuEavT(ga6zV8!uRb&$VWXcY?>rS;Rdf`)Um z2;^vwUIkuEF^^!ZDLiZ{1&~_tB>{ZL;9KZPdTZRm9k{;$|J+1txKF9V?I$A}Iy-NT z`mUW6BR?1Dqs)T8ep&Fyd{*`InU|$R>;zBpc;v{fQYuxi>;c;>UNe*w@q^yTnqL6& z!Cr-Q0+6;amt}>GaQe=@qV7t73_+5on9>0GiVijaakyq7AOEC3va2+MWSlpGbGy#V z=E;6p!OUkHUQYlPFA)IG1fw<77ci?dBiq>5R=hgGf6&*e742cCN0Fl-*^OURQJY)A zTd1T0lfoeBt%$+R^w|8?d-qL$ed^KO%iGqgQ2A^cLKY6=Xp#}avQOFFKz7EMeE^1K z^xT7eK{SH4(pq)e8N33X&CY$jq0006$yRJ^u5`lKtb%P2R{7GR<>K{dr>@ZQ7atlM zo9A4+3eqdCu`zXz`utU|R+2TLT|4`be_Mt%+y9yf@*4~KYjuO=&-9%A>??AD`TZx1 z&!EdaQ8uPA-#Wm1^Qo8jYRVy{s_)T(c!4I%kn$~$YKSi9b>gH$C^dndt1ouoUJbb#x7~@tY2&!C-rEJLt7QMr8NeQT^?>l!4up0=<2-hFf5Z zp>|k{7&fVT-|+D9mh>@7zsW?l{o`1?RbmS#>3FWyg51~7kuup3$lL)yg-HnjB*3%G zT{OBG#rFA+e3hHSanZ^4zpZe8g@Iq7oddMD;~CPIfA)UZIjmN`={ft;fmYQ_nCWn@ z#DeMsWADK9zqxaQ>IUCGaCEbk|6GwKuOD&oVp1MFmkdYnIMHQuw1;>P2*Z)=c(P@f zm{y=n`R@DDQVnTB(N81aGR@jr9*f1nbkkyaRYGS?x$)T%nH(bqsdw?|%XsOru?4iO zt@m6XLNaK5<1>0A|R`a&;3Be}_>FvTSzj+?ly)o0R zx%w54r0A%LoLge>vO#Kb;4OZgO(8rlt<0c{J?Z?B7hL;g?9`-~O6UnM{VZ>qmEKGn zmU@262kYqeYzs^>c$q{r(U;*lyMtd#5@nrPWRBRIX%)A*rS-Wf%}d5SfhbY&yA$%o zM0-L}HqeXFg%|S(ncL=1Gi_b%1msthJKNiP;#<+IOS81e$oe zxGgyN)@_2Qt(*g{4GXWfvHXnm_5tjmO@s*Vmp&?#GWMJ-0YOE^0Qnqx*g1FxX#JC; z)N|#L@Gn3;G_@6Zo^GW6YPiit;*-Qof^83z%^)n@r(H52BM*^AZ^&C45*iX>IHn|q zSs|OnZ^!q&el|x!SR%gVBrur9M+2ei)Rr7*|8^WGya0a>UIgAGlV*vAvG^;a)A@xFf`J{XWmvmJnrWd+-Rc4(Dtaw+R~~<~!|}+7Ae;?Bg1p8(mwV z`J{O2)Qb;eqXSBD6R{#1N}IpjhKl37DdDtR$kF(YlJQutxG;)x@_h=o*DVf5_z)_O zi*=V`hAK&C>Fj18XDl3k2u}MaKC?gKrYXLR@0)99q#pmmOYl4!v#eyr3zM|N$$IMX zw`vZK^oAO(iYRdu;j-QCCI?Lnq^}7v2~>%}AYLnzCG55qLr}Wb7M2&3K9wPxZS5Pl zlOFhx>azUK!_iJ^Z7;b|;e(M1LbEc)e0-EF_<;9#rNDw zx8rhWz09j0fYHpUgF{jnRLFO=2|IAHvZ;9&>Z1TCCK?Ze{c!#=!v}$JgZjGG%VoJ5 zG4zj~cwkq?IDbO0$T*uZixB3h(yp~xYj8MsC_>V0Ai_k7Uc+Y4)l^S3?z?|&ZVcG& z-;K#Q$Pv%WDC+4+{M@$a9e?CER;GlmSRwWAQ9h*tuT{HG3F%M zHcgp|IhJVU@+dD}34IToG=Mq0;RA&$!zCj^3S-AaJ@{}8yL(vBmYfa`5?jx9(yxy) z-;2*L(Dp(GK0>zxs8|mid8M_5E^KC~Gvx{5j_3=VgwZgi7!VP;lIS&oio{atfGrCYImFl=^7)ioRoxTk=ZfBWao~-J=*0xSyOtsh+obj5@9V6|tTo9r%&&Jp(l0($?vwkt``A~r zi1U*f^MnCA2t6C1dxu35gE`@pU?j_Z`@P^uTaztMZf6^<{R62~?=IJ#{%0TC) z`P6q1B=!9s9(t|dAcHZz`mWKXTzN+E_bDT^=_WbF^bN@id2Xs_;Nrqi8tm_e=)uk_ zoTUMYDaV*_jiu;ULg#B$Db%|3cGGx+>?yjq*fKuY(ttepE33tEi%Wmc^>h!dgv+he zgiynFo8O?tpKV9^9 zSA8SlPrtbpJ9NvGC$=R?BPXuJps4n_qGk+v?W|u~{>!}XU5-elPO~fAo|p5FBeMd! z?^QE;>Kp*KQxOgW6yyLsD$!#K%Djq|!0Bt6(i`E!EgNj21K|Eoajfrri5D=MsUG_2 zyOrjTWJ;8jl}h-+k!mDN)VZN%gcF4DH-)_pdOXZ0`*N>4n zJviwP)<}yCa-Oz3P&%xL!j^oRwEHFcduwjn*g&J_2nDla2z;yOTfBNUXpiB`?n7MH zAm?0hVmOz4s^4J>X-@CIJjM?ab!og*pX_BKz|Teb=A45nH2sjjjLm?J2GNVAfvGK1obcXwmT zlx0H!s|h$$*u6--2ZsM*cF^Pw&EMBJXy5BUUG`zHo0Xf3$@{1ptERoPmCn~T0~((y zc}TXzxqF#sOHd|9wS`R5k8}BA=k+1P*c?jQKIn+P#l8M=mM6s{uf7P^P9y&Smp*@V z9=z{#UiUJ-y4l6OZ;)((i;k4R%q!uG2CUCFRsMuhaX5=}U{~IaR!rHDE)emQJqCAs zjxWY)j#wXq99gpZ|2OXbU+>Dz!U|@#cxDk`wOvty{O9OtS%H5|p61hrRv9kv{hk-F zg9UIc9Ah(?a-;rRmDTCDi}`QD#s1^>WcCH1m@EF0-zcJ0Ew@q`OgTU41_jjKRriq; zjiKAlEBQa{y#-KP?fUK=AV5fgBEh8)AOtP$r2&FVafjj#h2T`);KALYg#f{!xVELZ z7l$G(Uc7ICy1ZYy_c?ph|D5jG`~Q7&=6o|JvxZqSWMw6bu%73+@9X+qHs#Y#_3*7r zuAJYWfc`RM#UuOQ1(DbP6Bqvr)Zmvk(xqiYde@dKoBAtiQ-zGsAQUPGlGVo1L`LXM z?~?A37dQc?9H0}3DQphJB(wkqg*R7YvbGNUqodKCJ0~o4wLHC3vR@1-jU3i6*ozHg z((Ib_+Kzn()?J_cAr4k)0E=O42JfFI(PH$74$gY_@$jtC^o^12^ykBZ25Nlc?EXW; zyNs2!yb_ikWQkA|G!@cCwQa$26txQel%1E(lD-|Kb-$S;C0{j?2IurLlc3Ycz@=I^ zPP-)^mmjUOLb*k`eR@^0Vxapoa$Pighyi>)zMk=zYWiKoz<7^0Ya^y6T&{jB-cC6j zu!W79f5WFiG7r3GKWNz4?md?HL%NI1OSw5BsAg6zt?M1}0}`TuizVxLQ04|fYnKOO zIT0fQp=G~9(O*bIqpjO_JJ?AgS8wEnNXW#oPRQ=H_fM3dwaYtl{ExP?V1!Z>o9 za=`ab?G`TWK6m{>kMhRMJQ??Bgsq?PpCXyi$NCWc7;4#pK3-ZM%4ghQW@3_Ok^^U) z!4?x7-WJ?-?gjOx1m9mkBM{GxOSj7wQ9}5zZ7o!%9WhZghH3}er~68?pTm~lE2gnL ztK&qw?X~KKba3%F$0UKFUvX^&&wiPzGr5UQ=})X>6TA z?y(=Oq5ni(Wc{+kY#_(_ig3T4y260WO_UvHHWg<|iB!%gE8gS@o)K6{b}U#IZ|6=7 z0QIiycHG7x?Nf;hY7Mb9PT=Bexs%0_(Mo{`eGW{aG-UJH_QYd6A>m=iiF56E`butV z7vqR{o^E}YEay}zE@-?qKfEOZ$|HgX9n=@w3BNaFrA@fA3UfK@X)+mKcOP#ILU3Hg zoTo<`6N>?=)e`5Zsbz=VSz!7UlC-%x_6_>{zgUFlYogw&CQ2Xwc=ZVd`5Ujw?B-VJ z1HQ8u!Df_eG`R`WYwu@l^3y$RBXu)jMox>n{_-6*UqcImy@k6xi#^M|@1OeJ`ZyZ@ zWJTk{3Enu&eD|x*>9|Sd!i-+6sf%GYmNcBp< z%_R4_bDwL$a5vM>axV=w!#eF@*)i8PjC@w?e-u+Qr|nKS4+!-$u%8`wd5@nmi*B+$ zYd!g-F2Xj0ki*+mugTFR5&}4MHP|1NvS{rT_zZM>Jxpp_-?WNRGle0zVJsIWn9`2- zbQmSA&KH^u#^pi{foxXRY^L--)>BAJWbZQw;g zd-S`j@qz2S7J3hd9!X3|KRkHB8Z$K$D;5sef$$)}Z(J-Mh|T0ni5c*1-i|_*L_ZKb2b5N5_NfVxCtx4_eW6$?LK)~7S4J= zs1w`+pAR|@01!gC_Ns#E2}w3@i{@epiBe9f39f#T4ZHgBH%iR^AoKQLNewTlb@5TT zBvo;58^DZBlcPoBr>^(gz6HEheskV+UCS$ft=?t!?drs8w|n564Uvt2@||X~=)5MN(WmE}BUK>p!Z#O+ z6QN&SC`(HXN{zq={C##x-Gim|CcyHj;oxYUJy~?I!4-Un3x$Bl>)DRQ5teN5D|cz` zo&gCiDd8RRL1Koq46o@*O6s#4rQOehCj2c>hpI5_3X-aD6%-8nuDDhNtG_36s-iCMWEA5=a2 z>noe3TYla$1WQg#Oz{mQ<~C`J%lNkGrSZ|?dHEuk=YhoL0;58-Eb`2I%+B%G&7WwD zboev^2J~YnfLNk8;HlTH_wMR^cyrG`#roc|_1oh|t}k#QFD6H7-p!l!8RXMSQ$N-Hmm&L>c%a zDm8FMWO{HxVmRZVs2-sbfNDkYKB>kts&7JdcIG*Hrp+kse9;dk?Xd5lSeC>RMr=e) zVp_q^{$ic2hx&${KeySqofK3VYmL_RgGEF+ed;05+>e59~d z+Kj3ag5CbPUXRX=M`_tZ?Z&lCO>@pAbu7+B&CK1MxIT4g^6*#7YKJ^$!1Lm_d~F0; z+$%(tvEH*CQ-*JP^hesx_^pFKUpIScXentJ*}m!3K$*u)ISK%tp9eQYX_cWgYZtJ!J?F1GfE?HaOd4Mk9Vj(WWL&Od*EaMZ|2Mpa9VWuI(h;6(T)x!;dx>tPGZnhvA@K~+SkwblzNX_*Ql zum@R`oKVYv_9$r@1rM|E7a3ZHBqM8_Ne7&e?;J!_B@F=O=u;p_wF)kcQLU8p_Dzv| z3Heq6gCixQVDOO6M3J)t(wEz8Cc(@JTPYFqY8x3c&s zibJ(nJ!=H5Ez(|DE?zX(bE0|}8`x+1QuXlm#ym`(Sgs}CSS)}5*3-Dm!LG5-xuE3n z4|n4|t=IKpLV1j~_s(eiysajhT&|7D`_ypHC^?kb49md~x1L1TLJAX@tTX z+S1F3a3$m}mY$wap+)mG4XB_kX&oUe72#>)UTt|5~wZ zV*1ZT)8D2EzhmEA5WqG}1%7Rs3GHW| zQW#lo?-P8CtId3VGIW;OM7*Lb*z$=MXM_2-YL#;%=BxYVSs|;Pl(U$p-VD_WQAI8V zpFZ+SnRL{zE1&A>S(fvSk-*V0TX?srqJ8axCX*j+!nQ>T+ckG*l1a-lV|`UY&4AQ6 zm_7hs;7*u!XGVX57uEK3EF_VAo4sA@(f;`nk4%f$KM_!5sNx z+`*Fu&;rVX4n{E4ZZ9)nu0A5%@`Lgd?7PV<(Yq7St`n>k(}U!-?rcI~lAdxNB$@6wRl5z04 z0Lgpz1UJDvmT-O75t;hchlK^UnSQtYB%r`Gu3}PiGl1Q(^zd#{KZ()Z`_^yT{OtX{ z_i=hzALNZMP@j5y)mrFC5yg<+Hkd*Xu&MG0eEEENT8ocsygKM(awpkA=u_o!mz3@d zs>7y`ga1&pnJ3XO)dcm<>|}wDrJXO{5%r;P3x%^8l9lK&j7+I$GBs05n&EPP2M%2{ ztqw9W6%%sU%61nnOTbEp>>B7&6Y!z?9O!6MLEd2#Y$j=`<7PWT2RtdK-$wSwJbW6i!ko8p!2f^m}4NFTnAo7&TqgaqZK;(KnN3fi7yT=QSP ze4JA5v@LAGJvMGSUfj!|+f^;Ei(Gl+mqGoCdEfVX;UM#~MX269I=3jM(<#@#tnOSm zWcPE$bq>>8*_9^*gaw9_5A`V@`c8-K%bv&Ht=@ftdVR0mE>Hcm@yIZ3wBW+;-h%8X za-|1y0pO@#!!)!20J2XI1jS~$hMCt!6t-h!zC8`GA58JGD*PxVD0Q$zAk^l4uVpm4IWng_QvB)_!-$pS8L)gVq+XwG#_4aEIF| zNxoB*|E?A{d(%Pj=NiY$qr4lB&85|*{My!|w;6PIThdNes%Info4thZyL+xqUAN9j z*|pb96?~9BB|LnW{lLa2WEwUM)|TOvkjYdxPO3s^u^A0q0l-i6{ktAW*w$8hOO%$=f!f^FW&~0hCjlTCl{NoM*jlD z$ny5PFVjyR=WF#3L6U8rqP|O0q_jQ;Nv`xtg(K-G-JcoERbZRTzmnRwmnbGqQ&ABwYz=JHi= zmi)Q4^4uGGe0ffD0WM@u0}2p`(?!1U*|Eq7wrZeg5Ts%kB(OcyNol&=wsAr>#mQ!w zYAnOH3B6?sK8wW(GZ z`M@}Hq>YxLQ9WF#G*o$H$jaM>ze^Ytteec&y@rghBIe3aIhX6J{QQRmvT-zs)yVqO z)L8Q#RJdP5OX@T%%2Z8u9tBi?c)(+%aZqIDEE;emii}`sJD6U;1bZM9yGpN{=}1qi zG=?&dzL3})^VvU{+9&`7vH0anv*{3WHdi9Zy;TyEP&U#rfGx{|C) zIKwV#r6#gWaK0wa0>B3{L_@$oZ@L7w&*%#SKcw(~UGC~u``azIWxJsz)a=#Z!ivPD z!myjPRPHvrNLS9&T=SqK&#VzfhCDSPLPcY80LfYhL#{UhKx!0-CKkHqmm(N@=l07W zwr;?l2Ew+Efj-iN6$8S6V|0pnk3?e|Y#Xm_Te>Fb$$eGNx_@kAQ+n%{w_vO40JYX? zE3y^Brt73y)VRhXuw9^9r-^DOeHA|qe<&umSdP(>7xBOQ2)QWx)<9h4{RhBS0P34ZA+e zke8mZ46iKm63;a;N(X*RPev7Xn`yOL1$Hx1EXJeO$(Zs+J6)7)5Tzx+fZ~HNW5<|p zn?hO4x+^(_z%rY4*93=WCTm3d0nV1f{E_bTldoa<2e`_1Ype<+2p(TX1lQ+}Y5oZu z{QLHA`P+XYjea#gTy9MxE`xMDe(9zEJkRB){wH9=f2}YvjVs{ss)dUbW%DnKsSzV)wcbaeuPbl5 z6SltLfxnWKY82D69AFC8t_;LfW4I|}gN0NW1BClv5Vn4;U3uQ?+PhP*8&X(Ra_;;N^`9hn7%(nk8bhXhNIdbzAlYv-Q+fN{%I3!jS! zf7ey9w$HU+KTYf8Ui96N;jdQVo{tej8^_ujej#)qyf!H*K-f8&*p&FbAXB&;2jgsP zO$?=i4$()#vCZ5eo7`V8M*L2+YYv&+;bI;DVmQF|@Rx9dCCPW!#q;b?yQRG0LLlw@ zGi~-)H^7QE`)!ELbryeL^r60NWQ{Tt5*>I=P-0r8oZo&xY(M(Z9rdDWJ<~t#uK<;J z@Hs6`6&5n0k?!a~s2jXE@SysEK4Ta9&tc$a$3&}fj90vMH~p(y978JD0xOS`PIfEr zT(!#W-E6l}&__Ogn}b$(LkUH3#+Xqq)OOq6ap&&TH%t$zV|8Yx4SOUP86FkXyv24H z$3_)$Fg8-!F`%ldm9MG+z*bH0%7jZr>$QH1c2;$&A>17nuV*V^2~>F!6;h*;S%Ztr z)QgYN8Twm;2?^A)Thc|`TX>A0?q8xDRa}av#{1>pC@fEHKkvZ38D}t~&ok=$uu9Yo z=_0N+lCi3+EH+^D28{7Lz-+==Wjrl|L1reKgHn_+W4bbxqqSwpfsDGt*uF(ki<{cI zI~4X&LAf|xLo^0MZHP|pT6m`5``+H~8u3+kr-eO+cI?h5e~&ir6DBeqP~He~Ew_9x z-g%Dan!1CP9}9b5e4#crSV77n52{PD z6*q{Esa61p6=q`jO9hI{(a$FCO8l1?O-7fVhOahye)=#LKh#Ftnrv4nZ!5JB>kOJS zbLGo1AQ?%6Oq9eMX6o^9fbgW9`Yu3djosf0y^=abDHgj|l(aREFKT&zOebaD;bIs$ z(6tc_i(EXUV&$$@!A@q(Q|86<%u5{Anf-dk-=%Pwm}b)aCaP?~1g}NA^eX@5<3awz z9BRvhUz4H#A@#%WsJu<)HXF9!f7|Bz?%V1z3yOX*OQ0 zZ*?z~YFCCf5UemBt$W>z!t1qJ{8DCgzrv)M8v=S#AjuNxdSfV?Ns3oml(v$D|BZRf zGAca7e1o$Cgd%y`kC~0Sm~8nl+EKJdwgyrjw$f!5SJ0p0P8NO3@1ag;)t#VWehwe9`q~Z zamsGWzGpJDwbI(a)M0j>cJfd@Dd?T_Efa&L7#(72;zS#)E;%4Q3=?vWq;rq3-`i)QydV zFOPdV)|V_*AHiA~Od^W3A>7&sO6w>Y2dqHt0rja3@wb?TyG~LA;uEB3vI0hYX}Mtl z5dyT_7?hBZ`MXLTuzpSxDf94Is>xU~ewnSB7;eFVEl zopH=WdP>&TA5i(ku!J(gftFM{Y8lp^fn6Wtd3@Yu=8h;*u>>BwU~>4+;PcCR)!(XD z@esPpvd~|(p8LP_zJCoE!Jmih7g^}#)$h-0`z2h?ukai^*X|Mkaly3p>sfyr%B1N@ zNpNdWkH;yqJe51gX8b|@%RV2g>VlYIU8iI`?|j37wX}+`rQy=dG%}>eOa2-ZnN7-J zk!q%3PcM+(l$We}NNilpVL~9OaS6me3^FA?n~}rA(vXFgV>v-*~_? z6Q)%-tWZ}@Q8@S6!+S2YYqD~wGm2Z#s*?;f5~IteEo^3ZrFbo_^27m$jK|{OfJ$Fo zi4hVhEHS6b1b|NZ(xl#fYcBce%G3}$ZAcY<~^Tr4( zWpGNnnUZ{}Ccu(C0{t)dHkZ~CB~(IPjV8D9%3+^@mR(^;u*s4tE!@dS4$YFN3?3)b zf^rxbZ!!C@xx5mRIXYoC`Pdj3l%!zkx3r>A^VZ?;gc)3SnfQEp1<=$MbY=L1`gv-!~>Sq$(XiV268bX1qMs?UHCceCEv8Z!v8uQ@?VZiwW|1TxvdWC=<1y> zjxOofv8FfS2PXlOV@ZX)CB48P!T9Jkf|j5|11c(N3ew*VVVHF zfK3~$cN`Vgu|OG(*R^vM1CoGCmyW%?N1oQ5Ado2}|MXi{H{ne8Y(h#}me(NZ4LS{( z3arY7)IPU2eaO?8UGxbR0rhN^NHg^kxjfmYU^dRE0;h+PX7+Its>%c--Z+4WhXKJf z0;u@7o@t9TIC9W)jvuf%4!Q?iY@tN&?8i#nJR#QHiHSoWdQi?a zHxZ|#7L0T^3Xjx;_o$o?KCzXYVdYL}qKcJ+qCh#JT2+z&_7bVcMMApAW(_G)757T5H*DS`X4{~~SI$TuTlu2Q!uJt%#jpgq(*sFF7&yWq^LzD@4t$>w;2df5 zCfXz$oFHXP?hxZ{F94vh#bqL=?`Ko^CVCv1dcZqGLJ<6$jANmyu}d?Ec* zEE;9tAaBhdr~`N$lMf+m1SW5~hzT>Vgl{d8aIwyEyh}DUwUjZ|R7&xgwvp1QN0<3J za%0zKMB>Q*5Q~6Ht_KwF=`liv5BF+wWrn`C3GYK!AFB&ScQt`qHJ$hB&0M_vvDhd& zBd#*^x*gPrYE_E_P+#zWPCGt@hQG@ZQ|3cbr_^g@=)1%f^+nc<+LH~waFkR=#ij#l z*Vp1;LH82ckOMe1Jr0`pMxHor@=~n9Obku9!beKTnejjleCGiF2tE3Mb+67#H;$I2 zBs79NuLNB!1S)o=sc&k(xW==##+gOt)0;XZ?im)w&@EaEKq57kJWkf2Ik(eu6h>1e z2qDpj#SOFNrzfYpln0KF$Csbb59#;CdphP3Q!0DzWDb+{g+~z~s0lNHVHZ~=?{#0Q z@`3C4O!T+<4n^%T>Y`FT?>E!f` zr@l65_w0;ns+flK`lg&R&celqnJip2mA^vY(16k&9n0^cLm(pC{JT$fwfdXtGDU`x zYTd*`HcnCFa+q*u77ad^c6ybOa%R4CUJev9N1E<{`PSpyxb$+O=Jes=@nLZ1;LX=C z{*Uflt1XvwK5pz{%SXq1CLeDF1_dhohtGHXq+96hyOqZ$1=8S-U)nvc()uFX&x3|^ zIvK;6ct%vg9425AJlg|DMAb{m8P7y{Nkr6B$XCIi%oCJ&w3xyjch7b=WV6%}4=3!~ z&)8#=NW{kIM0g`X{H$7p0GL!h#%(D^%Jy{2qI}!mcc^B>%6(hfz-Z<`34Dg)P)6Sj zX~N5KL9N2knpB)oI!gM8AgKQQ@hOeoqVSNX?-nMSJmy9x*Qs)?OZEBQf^YB4x3_|! zZ=iO60kSJHjnPQJz8Y3f2t)A=fajs{)AkwlW(CPvW6>Yna%vPbDw;7{y5|E7KJZ*UGDRgr zf4w}tUGXd`sucr%n`SLajm>J?#o+9>o5P6{JdR&jDEl9zt*n-iglsua4hjHTvE0cbXn~Nfx{m((R&m&@BHlXrq^?U>2y? zgvm70k4E-9^!dJ_U%y#S(wbPZ<9&R`y;nzi|Lr!%vUouD*`w?x?-7+8Kcto%BT$ln z>RP4et$$L5CGlBbEMHWoUQILo$Odv2JH60v+X-s>iP3vXQ2Aj z2rYD+PDa!kmGm_?l1=c{)|x^3n;k;CyiQ#8=I`%z-k^*MGhHhf_DmN#SmocTgf5%x zzUOviahad0j_bfiPos3d+cPXLDgQ_^xxoleX$K5r9N}=?E+VB#8sB4 zDq41{Qj3sHo+WNZfQJWyh2=Y%JOh^3%};6Rf$3Z6Q%mhuLDi>Co>ZsamUm@3gSROT8eoZT(=2_pg|5-9MV>!INMOO=s6 zc zry{{9Gc})tPT(rEdK4OzBJQ5g8DZm8QX=-uE(+BXOF7CkaJ*AG@z99()a#r6FD(coHx&&Q@iE z!^mrLNz)~+?dVq#7EF-BqS*!s3SU`st6AgPZcC-NT5BR!;1-8fD2x3`d@QpYU#Cxe zd`4-#5jcVnrXN8%J)k(v{6TEMxYPn|WXi@8bXNRwa7ppB#U)%9m?{#`uw^|h=7<-sS-{$}| zp!)0xsYi{dAi|H^b*2NOubcTpv(^l78@R|+uO96twc4-Wc8OUc;xMTg48ho~40F?^?7Ru4e%A>N?FTf6 zhHp8c_44k6uNgOv*C4FOVv5j&6Uax1N`)jqrx(m<0^q}A&S(?lqb;l?zgkp&J*DHF zYyt;Qb1%M>Babv!K?+Y-UNp-1Al~R#$H$18P>DXbeJtH~CF*Osm@xh8w6U4DTi)8t zdVS$ucXesQndIcD`BT7MW4Pm9jf*+iQ1>+D+yH*ZN{m(Q(c#)NX8F)N{NLn=9%2s2 zK*I*7`eybJ!Xi>lTvZ@6N(7XnLNNCDR?p`eY^QogZi`jfJfA8CKQ*0=K7@!GKMFJbmiSir&tPbZ z)_z^4Ro2AmW}DCM$$HC*XMH3tlZ^l`d$GhRkK%JBT}#j004g-cY}60p}iaTE827!L&QDJgfD-UzkFk(`^!)_}tnueX69W7@XiL zL}&mB$6iS@0mRBFc3vYR@k3P3BD2$P88XroahjG8RGfAcT_rPZCs3R(&I%S z^v`la_znA=Tv{VtB#4JVl2rXSvX2^{`}cCtu!l(QJLUK|f9~_sp)BrFV-lC*lpP`-h(vhy7I<06N9w?%f}acVDrzKht2} zjEKODe$-^gfC)a3g|4=FJ{z602|PTXcE3E^ymcPq-TL;5uoP^q8CBEn{q~BU0rDH& z+QEs(*!{?MevcpkQ6rE}G5=I*9ZYBsV2KaqW#e~s()!U(>2?vO@>sB%P-u2K^2sfM z5#jhUx#Vzc)Q?opKksHWW`>c;`2EpKW-ZAuLdOTpG6>r2HZkG^>XZ;=KWIY7rrz0* zU~c%0V5V6lboJ_*E+jQ+M1R+#;9<;_E-Ne!ySl(ZCoV`#EGY&?lSvW~f?`UF7lSPS z0yJ{mmPsgjV(0i!!ozinr8`}f&cMr%O+^ru+smT^O2^TH+=z9y>!aC-G%sm(sM9xKJ0i^U~^pd-hZY8=s3_OF+ySWam|S;uz|bbIfjDZp@DAkg6s=6!zTK?}~f* zYsjfd|C~CJRI*lARVUEQ+{m~J6R$Gv(Q$acq}qY`sQBuiIo~RO6y-_(1xWwKmPPvU z%l~&>%ba&QGjl%}&(29GvQWE|v5N6k?O$`9xe^y8TY?Nk6Y_X&E z&_km_Zq~^spZQp@OHpJnjI>42$ju^$$>$jYnG48UqrR1ZB5?o+eXwAAn<$iFahU%H zi^m7apZ&R-wN2iO1#tCbX=&Qd!U>AJ^y!sDZk@-U49dnj;&*VwBA-4>vu=W%IoGORl*`EK-x8O1a{qmQIPS10F7e)iPSndA-;~;`Y(cE@bbUkT>hVR zkl$SCzo}bTMxM6Gn*F(I*7$Fy(ENI`rk)!%;_Xv}LpgP`UvZPx^!Fsn5*`}RzUi__ z*W$3BA(GPoqUwlnbE~2EEseWfd#6u*U{v~vQ}I4d*XoU}iutRN8MKvm zxY7J@ObHmNacpJ2HFmp0#(WM3Da*k zo^YU<)b`iGYSxCloLb8Jxy&~hcY*1XoS~i8NF_%CeCP7oO+Y1amEO~OD5HWZ*QG8dW1rm}d*gQ6 zc!2@CaaI=!IdvW3B0w>v>Zc9?G^rebkohVsvZ`j{gPNiQwM4>)6Q#ZZFHCKf=7jNf z39WGHqT^M4h}`gDJuDUGZ`<$jYRXKsG(f<$*6P55Dt$)wxkWD3%-S@hJ)%fjFTCb~ zUUye#VCzl-c-J$qGtr_=J+nn7N{wLLPxlu6*#bA=Vcf^K`~LkF~3mI=Q`5%eXIN= zlf!2aAs91}foicleF#qpE(>G!B*eE+XDlkGk01aY1JT6$azl|7hc^c12XvqJv70{( z&vfTu;!5T%5)Ye1)kbFCVr;}U;5VYF5rgJFb z9T+Q{;F;2F{oxdq9Lk?30_nuuGfNg>vIvC>>Oz}nzgNKT$>BI--IIx_3Ffp`#MnCTSW3HI{jgg_e2s!;=vz>RsUQnA zUi$v31Yj8Z9$@-0&O1;0I-Ny!z;-#CrjpgWnG^;C1O2i3NT)gdEk9~nP%aiK z_x`BPqch`x0r(XW`o%OXa@Wsy`_7u*sr}k*Gk>=?SBn${q>fsE=?o+R&gs*WlM_0_ zAtf!wdK}!h++t>yju`rrlIUpJ$TJgXD~D>PbjAde-;;J7jP3jJD=oaxC_e;z7Nz>U z!YW;`cJt~j`T33e?STkVB^eL~1AqV@ROeO=2F5jxO`LeP zo(FkrHBG&2QgSKxbwP%ae^D~s1%Jx|$q@|XCl~B1;*FYDq==iT%5)?KwsjrW`mwtW zDju68N77ILj~vBlbrgSCmddH(Hlq&jAz-X+^T(p6-IL+x@**|rXZ>QOtwv74Kwn#F|#BCa~%Z{Bg_Nj^Ncf#cgy&adIbj zhfj-@x)9~q&LemBcLciUYQ3Y7B7Tm?{)vXtlorpXDCG^89~R%{deN|VD^9?HPK3Lt z+&^#S#WnTEUZd4|DcqX{TVg2FL1;k~xN*F=+Bj;E4Iw#CH0R?wvfAXqEX+Pxq(mkg zP?8hOZCpSU_=3C)*Q-P6Opd}CkJ!;OAGnS3{MkfMN>pOb9C5n4 zXg7O`m|y}c+S%l?HEY@t|J%$4)u77P*@FjJN=CxjJIEoCqDE2=oc==tG?)PQ5Gmu| zmY1MfTK~1Ew6cYzDG`;QL>@#wqq@S^rbD@=fg-$4zlu5pd9mP{jO>rhiSQfGO*mLfMcz+N9$Ih_g4h@&7G?>^d~cZT<-lAIp!MG z-7(tm%`}1nhB)}Hh|+jea)|~^TxH*ZFuWxG<^Vv9nvrBKwrk^bR#&gnb|vilj&|T8 z(!g^Lyuk`%F(fLC5zk;5mrW$hlMo@(-K^^4=tXWw!*jw^3IoBw}d0*SO5HAOMeve}q_AL~t* zmf+eCgitNnTNejJ{c%jRc!g}I?KATvlAGLg$(o7=@6wgo@A1Mq11!Wd!#*$~^ztrN zur8eAm5lt6mL?}LemLcHWz?HCkbBJNnL)P0LC9yw+>%Xn(DFe&@lu1^HQlg_;&pe! zkJhr=Z{j1y)?^iMz&Q;9!3zH}8xR5>%AE>WQjWpR8ByYX&T2o0TvGp1URHuzFBJIR z&v9M(@P3$9GL=={9j`sNMCE}W=vK9_y(?ooDSBc+Czl9i8Ijj5iBy3A<$kr-;7bjE z-^>Mu&M=J*+LBUJf#d#y#(>o6>*Y&p_<;w)1g$Q<%^j$?UNVo@(R&tE2=9o|@4;+%IeD1psxh_W^H+a>)(JbQnK96%;`>4^bbi zqjZWit({w}O8C6T)GNhFbgGGr=*CfCmlagtBjrO>jtvqJY<%XOSg&n#wL(Eey za<(Dr3}_rB)K@@FE-tQ0w($9qQA~+xkH3#>qs!1rK}LqZV1YxAO`-(t=fIVAkz8=o zj#E5NNu2B|{@P>)6)3ThG)aBXf9&&8ikg0MVnuhLj8B-}VYxz1dpJ+e!i>L|1qj^6 zt*<_-E@z-<&#Kj4Sc+u3 z_cjYO8RGcO`*q~yvnK~u(A5rE2+qV@vS3Jm{W>r(8J5?P_~(wMDbDvUc0Ak?LjJgn zQs3oWz*-wLd{If)Op~>b-6vOx@<{+?$)m0fp=d12)Xn`dy^(Z&1zGi*vNLlA$`w24 zlleHfd{W81BFT9b>nA9y`fC-!M|s45{F=s@Pdga{#0FSE(+n9~`q>>6AXKgkw64?QUI2Nk|LQMGvE@txcWILbkrM6+8@5|Bgjh^TZvPjPXlm)glE-GA0Psw+9Rwq-?S<|9vFHW#O<`2#W9vid=$U&~W|^i6o*uQ~TX$q*#8C-PXy3zTf{tX&_X`U$cI!Kn zv9a3rVEJ}ZZOEV~Vo(GG@*pId=e&L59%A^a!<$voekI3at7S*1nc*6&_)$pFijWbs zwEJj&SNisn)juQoeil;xv6cT4pN0AhKwhY5?r$x%6_=ConNRxaaR@Je8cw&9x!9;E z0ww~Bzdn|ZoL5(d8K#yLL+~#Ah}c2T53$dsZ4ylov!4lN?@BRMg)N{ysESL$`eMz) z35@vt&gmqk9Ni2t(LpWpH%T4k*?om`F}$~UF>wVIqSAtA4ocifxQmg4!|H0~0>qkO zE+Bvc5deM-|23c0-RuK&dC@9A&q|0dW*vu&0a>djRb2Rk#Jh3-6kzuC9lSx zObE+hR z7>Aq8OYPE$K#2S%?5Ra#YmtG}RSo}SJ04sTpDm?ZMJs6EgnR%8sqknF;agdyLq2C& z(@m86`dAYh191&9JrxKNYk*&!P%&SvTmW@uEdt*%B)a-00Mk`RtWqBpE*k6ZLTcXe#oA3uscp!{=;?QXy)?uI;r!7sOc@KJ zml>vi4j>M*ueENyBW)MOOP*_zpQfufn$U8_oucCv_c_7=_ol;o3ll#M%Dq}&%^Eo0 zCpn#2oI0%OCwi5A5q6z)%QP_$s&)-QULlUOc)m~`lrJXuS6Eh4dAVVj@w{_nc3EI-Hn#=IMk z)^1YTR=2(jnyL9vBYN*8uTUY*$yC*W;HSI@4-b8h7Z;(???Dv6zO{>rkq0l1Ut`t+ zO&a1XCArG4Q8%fgnw(Ts(P&ax5R3+*`-Tc$xJ9r>Alq`DbiWdBJ^uUltDd#=n<;Ye z)|P3iQDYLfqtl%PPW*q)4F8C%k~UVPnj7mvz&GN6$<*TD;D8d@KD&(L|CzjesW$iv zs{jA~PB5%xt6{Y9b@TtdE`DY^%Wq%)RGj{-yr= zAOAT2WryyQu?fFAM8l|(n3_|^yBPKbt*$hEvq9;{*!S58f@_13X4MYq4~I;kwkjhvqFaS1t)Dw0wz}wdiVRDvWd8I`?_+x{$zt#m{*RH3o{Y>3H z^wISu&D9*+fcLKq1HFkT!FMC}Nvja~Fui4qHJkjY3E!=~=GCcF&BiQQb}9a92ul}j zhp!{!+WZu+@Wtd~Ns3njaR~%dh%P~7VL@Ca zBHyMQTg9Y5E8Z#IbB}Bl1qM@Qqat`!At_@dih}|8u0A5XX9{kh_MC zYL!HwK~d98YUHeDK#p-;Y3R;=VJj5}j>jAc7<;>S2k+z0=zsFegV$GGgTOBAPKK@+q(EIaIFMxcM!x7|JNyf!n)htF-&8@PMFL~{ z9qYWY5vJ$Vn%p$9i#Iv2Rq?ru8V_R>XEC79(B?gXhaFHMH`$NrG#TEiM=mG!j|9e% z3?`jZ8-qx#C5L_fwCDEt6whNtyar~1C^Cq*@gz62piOMQv+i?+kx%*QU2j>KKe!&< zMin$-B7BlGwj3o&#}_Y@!4^OZ3BIR^E^z2PyCt2UVtx0upjeVQqCL^aMDA`ytO<82 z71W7Vj)v|A)|-|b1RJ*4Agf2CqcOkS85UHUkN(og02_$qB=^(v|iiS>*PQZksp@k5Nf=EX}=}kIP z6$BIz6tQ7@Cuhz%Gw*!sd}qyk-ZFOr*s=IE*QE!YHMHLS#1RE9&Ct#R7;%_qvS+2AIr=cb~aj-H~E)ffx7H*JuLJj zE3mFQGn+%Q=|$}kA?7`nWgZ^~3`7`OOmq~-iuZP!@dl5e+&T!Pp{j&QnSghgx7>)pOJ{$a5dr#p=0LOq1 z!t4*gJWW=hmod_`N+Sq4IBItPXMT%{`8wYp09rU3;nq9Ruf!@{L@HF6!o@^)8M3GN zh^cUZA@@O7Kk5s!e%Zx$wJ!~Vs9GgyYp9s%JSdR6$s9j#ahdzFRSsYDvyyTl%YSYW z|3_Qtd=vAd-iVmGayhRbq^r)nSz`TzD!&#?u7sKCgqDf5O3yiXC_=*+Km$vLySvqY zG64MLME`7;{gdP3Uqf&ME)sDiBae3u8YcdCx5fXxB!4wk|3BU(pF@ZFlz`8Ip$VlK zF%ohTp1qn^$Cu>k@(`t$mzsws0{V2V7|>80{ri~9cIR(|UwR(^30LK9LmpbsUr{@^ z`cBoKx$#Q*j<@sJwZOSv-?9Ed_;&8O>s5=eB8&GrgyfY7f|hE$u^Ylb@9p2dmj92J z{{O(LfcV76m>*Z(fcjqVB{yGazfSt$D}SwM^dXw}=@SQ&MpDd=7jBl@YqU)n))?f21wqgq2aCsOp6))7UX`&8; zqSBZg;T}cGh?@A~O15UJXu!|cC+PqXR(HX# zBdz_78CWIEHduk){Zi3VY(^1rV#?z64=(=ADa&CTB*Mfs51||&#beo&igkB{|0GM8 zV0Cdz2kNQdSu4nSQbtVnfmnRz@_CQt>4@B7J^tdMKEdb(|5hPF9{ z9hJC|tum&o)pMO&v8oZW{o4EF^qf!nu%c-GGyWK++&htB8u|hTbyMo@5m|>!kIpx~ z2aDVsest>i_IhcRoODi**P65WfSGPUj_U=9c9;GJZ*dxouyH8O%zh$keu7huo6Iro zI4V|lMkcZ%yS{R}Y8u^@g!gbstj3E2xJ?QeLQoU{0Hm769bbQ0gK^JAe8XZaVS6B* zXe{!ytKGvBW1=~fUgt#f8j0^qVcC8`uXlsWJ?yHl9)71izw zUS~sV7Ms-;xGK*i!0K|8S^0#qGAOSIiBp{zRU%7MAtiEX|C^NpsC7i}*$!UJt$S<) zu10%T3`hFx5ZN2&oaj2XdhrAq7@dz=g18Md-jjR*bE|ri?YX?&K4k6WlcEN`$+Y~? zPiJ|I9#3`Cj!m`EiW7a&V$A;nGBS}ET!Oj0?g)l%nsa$(kFHHgG5joI*{qD;A5QcNp6X3+h(0Z;(znr+fNyu!1L(Pz^_7h- z#VOuYh+wKjj4sDk6|P>epKIUV6m-k4Hn-4C$#*KuL}c-8kzeO1FcLBR^tNbcKTj&I zcNrBl*B2HlJsb{Ec_mTH>j)>0oAdyHcG3^s?-}qwjW3exa+Q??;PH|dRM_f`R42P| zSqQ#^u*VU|&d5!k`8#7L*9}kPkBZ30`qy1h|E|`&+A}bJ_QG4HJ3bG+(GHYM&YO>}-ad@Z7Y8#Xw zQlcC?$3W1%CvO9#g?|@ri7U5=3}$eiVkQI@LCe1hS90?qAc$v8`wTNa#81Wx#m zx0L*v90}{s`Bi#P`-)oBl=LdO_RGfultI6h)w@^mQ`*pNK zuJ82gK4{BAz(x7PsJi*amgxXvt6qZK$FbaWJCGS#ion#tW`FT-g3o{bckcgd$N!iN z{xePFPyFkj)N+4$Z>+Al5r8D6!euUg5N~yKY8N>9^!3h?Ag+?hj&_s7h92W4q|V!tl#s`s2Rt-?=OQ24MO7U@l~(%H5O2;{4+VpGJ!|Fq3(x zdU`E6>YWu%0e;UB=O>zaSQF^jS<^09XQzcdi$IJ$pO%Sqc)v8`Qrt>Q_s{b2fyf*c z&RG(iZlKr24$x5Z>wRfYLaP;-PHLmuXdzT~PXZg{JSuo$O!Nx&TCo#(F7o@YyA7)t z><60sxwp+l`znvK{j1uMkw5*3_Zltlh~YEfyn~6BH?hwq^KNk#A?w?4uQ2TcDb~8CZV}GlN zdzabdf$SUwFpnd=xZz3BjN6Ngn5?c|cMi!b;TJj#rF>|55SGhR-_cf)yn0D1Ilvx9 zzceBsJn&(P+O1H*C8JlaS(xzkykMb>=-UErQg)>1&8y`GD|_-Ml)52Q1!yJpgn_v` zU~R{?SUas)TY9rakgF(hu>O*Zb%W7}j?WH>J3ZJ1l2dNRmR|{>>Zql6`0(;T4YaRN zZ%VagH=Vq6N9EjI8Dh+b7(M&ZsIj?`aS7#G)6t6VDKyLe9BRTu9TKH2Y)((G^fU_; z*;j;k-)7j;>MDJ5etNdU`OGarqNZyqmZe%+oVcY1KyOiLUaBxAkS?wxc(*QaB5Kh7 z^Q)2m;*0CPr)9V7Gt#T-pQ4 zri_$fq0k%r#oK_A4uA4yy*9X|teVhvgQUeZpi*{!>3GAszq#7cdCFrW7&|u(4pPC0 zwkyF$A3O2xYfK`>`#m5JP7Q4{B)FaP<8Bt9+2>x_&IpNJF@3Z@ytUE|iiC^QT4V;3@Do=KW=t>R4U$Z4)oFJm;m{NW!>z(b} zE!39NsVV_2RVrN>R|TZ}vYZVw`L(Y1G_(6h{>s{0iDA9d=Sv?F))6;vPVe169YfSy zu=M zn~M9@5jlZD@Ke>EzAsw>7B_-jwNcd5TypZoiSo4`I6|-31DsuPnEe{Wjcm6ie>KSy znE0+_Q6ab_Q)R}bWZR-muiDE3>ym>gMWN8@;yjZ;Ch-{Pd2+Z zW1g1+=K29=FhHZQ+c)kh1^@bOy1I%HL&B_o;5p>P(#LRF*`*OLBWH$8_?^K&>;{xq zNhL(rN*W;Y5wz+j83c#I_8z2wehA^mpx`_WmEh_+Vt;>O81|*1xfW#VX_*}>vLC}S zjb16g+%2)iwF#EsWRSM4GV}OWKKT5gxQKaAEM2jx{UrZaiurOA(t6))gq9aH6I|;- zh2e)t=0spt4M7!DF?x=)rGxADA85@zn9WPq&9R5()))*aLb+$m1<^8t1;9u{m?

zB?kc7)XAFRM?eWR2+8YNB|ZMW;bxkC!;u)*G@Yx|iU$oD@m4TO{PQv#VAX={*g*7_ zUbkba#!01)Zt>&?b;_seHM=w%Lax~=omFSib-?VXEJ9>aYS(b-G(EQWTWLWc%5)XW zMm}pE^eDhBJ8cX|S}ys(D^62m50D?j0;~C%Pz}L(63S7kI239J-PxJ$8o}zd;t=<^ zwkE#y#a*+)PN6_C{lMY`DO&xia;jqFkT*xolmN&4#cobUr}>{o9(R-_^krwu1pIzM z9}X&o3{}hfT0)fMivl@udJf@odN^709$D!z#%2nLT_5JD)fcUhmJkHDcw=L-=R1)T zFfX?|!6&2faaCkQvE18PK#qwIwU>hME=wQ9^pw356;Y{(= zcOxc;J5T&$_Fq!=%NmN_N(OLc{hQeOPX>Q}Y18Th7VTf;b~nbY`ylksXdg|ggEL*_ z$#h}Gt$jwir*|IBD9nmF@;7Xrek5*_Bkc7qj_0a|DmccRf!;{rCi?cLpQ%Xf=_8DV z2bFaD^9j?Izfwys2?dEh33wMcw6$VTCCX>2?w++-X-Qp--= zGN)R)$I^qS#Rxd=G2UZ;f5AwG0E z+_b#O$fJ@$7A?nbwRI$%s%C})v$OAKrzJ4Fae-XCV>kNvqgz?UuG^G{pLTH!wC`4H#cg&Pa61h+qzSP>^LL5u;*Bl%K6(ckZxY z5V!Va+5AcGmVh-}Fpi4Rs$pDv^hhK)2L0|%gfnHis@v|`UJ#eI_)Eu3?;4lY>wVv! zfTH`q`%{XprhCNpnMP=6^dTa$^DmTr3$d8IPU)M&Vk5My!b)C)!QvBi>bY#|2Ps2K z7v8wf5kFSC4z73l8Z1wrc@VSx_WKcQh*F1W$llA5`vb(m)bo-!Dru4IXQ?xB=>Z@UH z;FljsT~mzeYtTHM#(pJ3N#8;Rw#nm*^}0_~mv7WNaf4Qy)9`8jd1*vbmqWE1>&YwR z?%M?-aPHxcKP+t<^q_d$&!;$m#JNVvtSTmKDo^;q=@(=7VlHKR1q-%n#J+K37k1Xb zvK;cf&I!mf4Xv4;>3}JFTa_nx3i$yIjDx#*dLPw`M08$@s*k$tW_e*mEa>j60!D=U zDm5W*KrKrVbU@%e!3!ZXnU_-u6vj_(P?>KFY^(D@TZ|Dai*hADu6WEiPi6)r@fhi} zs*ht}d$rU2%z{&8mO+)$tZtS@eo`Syk5Br_s)(gs@)D#u-;sMGcC8~_S*l=BT#d!l zgrW1z{ucYxkoZ!$Jcy5a1G+Sw&Y7@By;L3sfXE2oL@^6B>g?Gg9h`8k`s? zhH8n#@^T!>c%KhYpgD9wA1ZD548TluL7cu-j2{&Gl(l{9r<6@~(Doky`>xVkwQ)BE z*Bf40>Sxgqy&Yyn5M~^=#BQp~8TN6^U~6uJz$>Q2 zvw0(qyR<%Vi=t>~)Oc-v)#p*`n7RUHIY(nl&zz%)%phf3$(7W5GHCAQe@`l?U+hAy z&~wNxg1TyiFFv|Zh7o+l0H9PcawkAU=K=`ghY=rg*4_~~=5JnGBz0m-BQ)O~*^@3k zZQxK17|dTeYGWj@-4-mjOU!%~E{;G{^V)xT$x%MaQq0+ukGHD!iGC9bpHaa@P^mPs zsAeThJfAoKrHG38r;fh-SYTDfdan0FcbGvLTV=GJj2WE+f~V}X;$0n^0yZ?q1pNA$ z@4}+jEG8PQU{s?zPade{86{`mUIh8}BcJdaSMHoXWxUMMVY=!l-pO~?=M6>IDP|Pf z@$?j@9e~JwcGZ$;vgc-X6_bY2hk?834qsn4*Tb47QV2_p=e?eS?}%IcTiz%%O0OR> zPC$+f!&b~$BnNZmt9!8BV~vDUagzU16`uy;N5;XAJai2A)4e=t@ZEU z!We^`TjejA{M08O0R1TS`_rx43c{aRnKkm+-w23{XAa#{J7?>?5)qC-0MuGzIP4sP zP2~>0$~HT(e2w&;p3O&PX$+sjcm%C`rMnY`$ z3^O}S4~)OFi*z|#;%-sP%xa%I{{FMM7xf!@U~)Z?)zbyVt1UNH_epCO3{F;DVG7i& zwP00Z6E*;Fa;3)u%nG5`Pu zi*m9UKaoD{rtQ8ZLMC*5WTFFIgsziV(}`?}h!a0QV^Nkysm1771c1rdtxu4tk2hR| zQ5syn$Z`OKO~6)u_BqMkJ;)Y)@e}}AZMSv@PU@yhU=aWei0fvr&uh&!duk)Tn*z$vzNT$sCh<RTcwTt3Wt4r_g_ucF1l7jb?JSKxkkd8YF6l7I>!tM+y#kFy7`JBtD_9f zkHZf1x1SDN3Q&x-S&OuGPCmA7Hm;Uydsdd{|4Hht*dxaSmB!mIIEwZopZc6*Sulwz z8P*Z>HQ%=A(dI``+w?N$)l;AX3J8PO)U5dCA4V^V{L4vT6ZKqme!ACAlK~e?_t3Hb z!mw*+tc2<1`^=9&3bjF=DGdp!<^k=>eO#4}wqApTxd~DHN7Vye0omtmiDg|?JW!42 z5hEWeLPyP=)p^03)ks#cmERfoq#-Rx)?Db;a#9h+woSkV$DRzb7QM3y^a3`qB%~a((g77Z)qM*&QudmL7^6z_Xq^QZs zqM}4#^ZH)xNs)?d1=ulw5koRcQw^&!2_qEq$!T=Q0k9w2ifmD$u3~oC^PT4 z(T7!BuA`YsCx%9y3_Zcg0Q{Wt`hU3i`}e~oAhn(qJkpA8Zy&$98o1QmUJ?8ilvx5- zV)iC6h9bjOaP?(rbG)VJLX;!&7#Mnm0co^yN6@e<*vV0G`Z+uTy8n0z(>OsC zP%&bYPw;23u~+?=FFi(?5#I((-q0w~Ub0i0@5BUKy!~2O+|K%L(^g4{1GauR7Gp^( zri_rixy#1lUggqrdo6f_0ibQ7lSASeP@!uw9(?O%nA%Jzhl`!B-)C|?tZ%m+mF&9P zaxT^CVw)nyip`UM86yB-Xw84sY5rckTSO%8;J#pM`?Hcl+%XHa1#``Hr`Ss$!vU-OHXi z9;(J<4qk5#efPd0TphU-AYPsetl>r+yE6m13|@DlCCreTRZuwWKN=NI{;~KktF~J6 diff --git a/docs/userguide/images/zm-system-overview.xml b/docs/userguide/images/zm-system-overview.xml index 27eec2631..8cbd3b3ca 100644 --- a/docs/userguide/images/zm-system-overview.xml +++ b/docs/userguide/images/zm-system-overview.xml @@ -1 +1 @@ -7V1rc7O2Ev41mWk/xAMS14+5ND090868c3I6fdsvZ4hRbE6wcQHn9usrAcJoJRxhC4dk4k7zGoFB7OXZ1e5KOsNXq+ef82iz/C2LSXqGrPj5DF+fIWRboUf/YS0vdYuH/bphkSdxc9Gu4TZ5JfyXTes2iUkhXFhmWVomG7Fxnq3XZF4KbVGeZ0/iZfdZKj51Ey2I1HA7j1K59Y8kLpdNq+2FuxP/Isli2Tw6QM0L30Xzh0WebdfN884Qvq8+9elVxO/VvGixjOLsqdOEfzrDV3mWlfW31fMVSRltOdnq3930nG37nZN1qfMDVP/gMUq3hPe46lf5wmnxtExKcruJ5uz4ifL7DF8uy1VKj2z6VX5i04lHkpfkudPU9OBnkq1Imb/QS5qzDqdGIy1Bc/jUIb3ftC07VLf5hVHD7kV7690r0y/NW6spgCUK/PXblf0OVHBtV6CCbclk8BRUwAaI4KiI8B6iIBHBOR0RXBUR1hMgQosWJyBC8DYgkHV8wTCWHq2zNRFfnzwn5Xf63Zq5zdGf7Ih9X9OudE6xwz/5r9bxTcL6VF0ZR8WSxG/Rs8i2+ZwIrCujfEFKQaRJLCC9TPMOTV0FTXlbTtKoTB5F+6AidPOEb1lC+7tjKYC4lqX8FvXbNL/qAja8kS/eqAVGfqOaBtKNKr63r60lCqFCHy7eAxkdB7yzAhlVvDOhD9wjEanwLlYSUkEBjaNRwVZR4T2wEVJBhY2jUUHDW5ogOHLmddGRi/Wb8MjJ3gc7mvCpj5SO02P8hiKlE7rqLptHSiSDxEDBaNnfZf5OTL53BKhzRhCMgr5PyR8xT6OiSOa8ublMW2RCWWLwQIFxIVq5YwkMBojAnzRYYNw3bmRQYGQ8/dgCw/HkEA+Mk98DEuOOJjHQhriHSoz3xo0MSszRtmdqEqOwSu6RRskbS2Jcu+dJg9135O6/kUGJkSMbksR05IO5YMk8Sn+N7kj6LSuSMsnW9NxdVpbZqnPBRZos2Iky21S8z7OHNkiG2parLM3y6iHYsgLrhonPPRWRTnsTGKO/4EEwwb+x6jMb1tXV84IFGmdJVvizZJ6ti9ljEpPsf/Qr7VcR1Z29zLOy+Xp9zqJDRlxOTxp++JKYYYWY2W6/mOm6nDyu+MVE00x0gtMx0f9i4ihMbMNVp2CiHBl7XT1F5Xw526QSO08RJAwEWmDub3WDhK5MCxMDYSybltdVPH8fQjggWnpSQsiBc4kCHa9s5zIpgwKOh2BYgH7/RvKEdozkTVsvybreFZfWqYQ/nVBU3PDQ8KcjSj1ysXgjc/4Tlk3vKlsnJQVNSv48m5OiOENeWjKoTB7p1wX7WkFCnC34KfqYzllJOqiQl6I85KRIXqO76oKK3/gyaoB+TlnO5ECyAKskjtkPLlNmMy7bJKQK47vY3wwTZJHigt0kWJvunO0iHdrqeW7NLG4AG6adIyNChaBFF2+Q3d8X5GghkJNCQyFOi97D4d8SNSq0JdDzscISesgA6mn4Mwx4bptDkt5lTz/tGi6rBnpimeXJa7Yuo7Qeau7HyZ4BbIj4MURK9bAWuboginVjXqcBUScAhs4+FERtGLYYLTLKHbaBIEphh/qu6QfHUN8ghno2h+R2FGpEqIDzdM7tq1kUlVOJMmDoukmKGFUDDPaZFNnS0nPuLAnh7mnpPpJGPsDa6ep+63m1WRFwI4O6PyzIreT6IidkLQ1uMRyq6rF5Wiz1cDgLLRw4nu2yv0jki+3N7JAOUnyv+gvZpF8vAAKOcCxskN/yYKgKDXwUvObyagSvUeCLeH2s02sUkB10MtU8Hp09GZ0HppZc4DnZyJm5IfbHShd4DlXtzifY9/TBGi29zHgaLY9+PpZGo6M1+lj3Cou8En9vRpc18jyT0WVf1uWBST8XlnXgsXUZeF4wbniw3nrOLODmnf0FI3ODaixHsj6WGuN3V2NbtOUg6GhGj3WiKvsy/KLyspYsj9ZMq6AWm8zpT8SbdjygXdaBagpv5I0XG1HVWndCIR3Ge39v2YyQS6ag540CXtArUnJf7s7uAiT1XYpNtFbe5j5bl+dFNeuG3cW2Ns/0n+qXVpqsyTlnUHV2huRHXKyj9IX+ns2tYaGcVVYl+3bxmvrZYn8Gh3HEBGYj8QrI0IckVaw2o1ffp3VAkl5XGcJecR+Ql8LA7fMkCxUo0lLOHgulPZPh2HpEbSjZU9A6VuEQHlwlBBRa9M1DOVtoqMoMjrwt9YOHp8A84b7jBW9dVQDngwDUPNqU25wBVOPqXNUOBNNf5oBmDLryaEWKL9Dak1Y6JWjJMYlrmd68DmX+QuUgruj2Lvk3Og4RCaWoVnVUOGKgFMUdNuJTwHsXw2Ws7+busrxcZouMmvtuAk8Tz0UjMHUXElsgNH5okQKcz2rD1HQPRFOCRi+dyzbsgmJPh+FkydDa2y/p+uZ4J3Z1Dw62F8OqYQ53O04sfpx8YKKB75zGkYDPpeJkxJHQfJ8R/ApVUcUH8SuKMqu8Cu471J5EnBQP7EbIi1bM/NR/mccRlVHKioGshPXo+vLL2+ga0VA0oooZjbZlj+RuyOGW11WZJ4sFyd+nkBFGGlu47tb0jFTI6OrM+zZe0vOWH9ITbg6DtkG7OHIiPobE44OjyaE9C53dRxwT0u7OrO7HGw3L5dIOilEkpw4jA8dan7rQuL4r2D8MNsUWRRlQZdAZUrIKd0b7eZbHyXq6tZWCQC+YyDffQcH99U/sP3ZNHsUJffKbAxSuoGaKidoa6WNdZhG/z2Gw1Ehg3JOjWX+QO9pwS/JHJlzDkFqLRw0ftNkzGOwxqMFzFLYPqxa9MYH2nmo6Pz3++fdf6N8fNstNpbHMgfn37Y+fhMD2KQksxzIqAl98++VzUBO7MjVVxOQJ36OIqRPumIpvEthBn2/ySTJt2PbVojC8FFG8EYIpO2NhEvAcMUxydNjD0wl7vJt8DprubTJPwzFwwlW1rehyUYYLymlH/Kw33HpzDrcnB0+2BfOCbqJ4lchL8vCA+XaVXsxZ3f3BE0wnZ5T8QKyuchXrQqmmg0Iv9SCjZGrAzGltUuUVawj1Vs/r6bJqsQY0KV1GYDEIB5ZFaodFQfQewzSAIbOEPHWHjZkleWT+uto8LN5plm4gDhWxYgGpsWbp8kdNykD30nTC9tIJ31ANbXvZN5wwrGNwpR9u4E3pmK8zxWUqQ5P9Ex+7YsehYyJi5wKxcw6d+OgByMWaS8INFTvYYWx4xOHL4QUxVHqTk11DVG4LSSonGhsd6jNyBTQSFnUtZAYmRe6PUi3smwqKmPM/e6FlIjAiuSDhgR4i4qlxHlCAeGQqcCHBiFkP0dcIXHzgdYlSJkF32/QO4E2vnA4YeXogpKTwZnnRj+mFiHzVPIE6H8bKGwT29dQ9BKzsAVY21FEEq5jnyabsZNjqm/ak2Dj511nJQGX8WHb9Etd7XZnD+YgVq5QiBSIZGZUMW2r9IE+wLc9GsD576mDt+w7ttIOxS8fJtu0GkE8zK/B8y0UWwrakV7pI7oNJutK6RObidsEUB6FHhoU4FE1FZqB7DwN92mIBQ0DjhXMDeQTZFk18TpedK4IRl93xLLC2FD5OlIw66YE8TjNiqqM1owLO45q0JTuKyWNC9VLTbk+pkLBXykwYeFCh0s4e6uatFY4axv0So72Viuxev66alY3eJwjrW8CMhqerMAynbP/kTKiW/fOm5TN5AYiTHZqZ9/tqZ0bYZKZ/jtlREDmPViSP2M83ZJ7cU7mo1hsrszlbVswqmtIx64cNydOK0/OHaEF+1AXQD1G1E4DlJ9qAQkceQ8UqgUb0XWX7pqnvvrCKGCiY0F8ukON9N5Ie6iIEV2EY6tbc3uaAdS3gk/ChYyjU02XD0bAA1FjwmgtT0bBwimVmvYI3EZMTgGXLDs4IQnG0NdddGCxFoMM8C29MiuTynNYUffvvX5JEfZJBXXj8Ei3NWep+QbOFjhNVo0O6UHbqJZ7yoGiarB/2arvuLEYwYxKuraAX1dlvyCaCJ17gzmxv9wFhdiec4c4HgWkt2mATiNNlwtGmx4Qa+3e8t7gcLhO7xUlFpolBVZ6jNe7CtCs2wjkUgxN64EZjbqqp2kZiu4mjklQxAeuc/r/dMOCtppeyaQPDhh7dnTdCQ2GUduPrVhGxxFPbVjDVyEhCVchGjVV50ETNaYzMMNwQIVBEYkaaT9EujTUpT3f4+s6+7sCMC9CEq1cxqF49eG13uPbEiOuXtVOzO3LULulu1Qr6aQuPWiUyksbwLTAX5pzvNXusXGFw2zFqkWyrf0EH3SCebauieNRvIcVLUZLV0IKEOJtvVxW3TlCUYMAgIFs0CK68x5xqy/d9TpO+PRi4n0dBFoy0gkUYp2RVu2K1FcGJ4Lm0BJAF9lXQno0Ad54cKbomPafpsG6/mlSnqTBKSy/B6Yu2cVJ+WJ8PIVHFbVvW8fF8PtmJPrWOv735OXTwtEPvrbhMGROkrTcO9fEwKDAeKVQq99ff2y14fRMqMwYJtqlhi8Epd+oCuwHbZk9rnz4b7toOAyHaERW4mfdIMy3aVbPBc8wJ3eeukSYv5Mx40U2b+30BRHyjOtqEnbNVQ5Evfu3lF5yN19atnYJfn3uD61H4JZVx2XKEfTR+fe69rEfhF9yDS7VD8Wj80phl8Kn4NUb6A1kiA5GlSH+MxUCNgdunYqAJhQPpqkAeaI/FLqQxSPliF1wbAgwc5UXnR2MX+mLXYDQEg0QXnZBfUyzSOzp6zQfLE4kC+CCQ4x66SK0PJUVzhbdDBupIHqgvy3JTZZdu2DoIVcX3bE7VFN28riSp+Sx5SWSwEs8Kef0yzx+i4wTMbNoRyWP9ZnNxio3IumPv8rqK51XG4KpSn+oGd6RifUQJwa5L7hm58hpS3xaLzzlRqt3sh6uqIjnRVrML2QkDGcho9XB7+92jApWE3/3/PP3+993jecveHmhX70xSaVtrGnfX/JoxS1wx8P+kLF9u63nk0bbMRPbuqUOhR9fPnVPXLwL9AXq/vRmmbAiQmkfa6tZDcLYgTMYS6ztNY57Cb1lM2BX/AA== \ No newline at end of file +7V1Zk6s2Fv41XZU82AWI9bGXdCZTuVW3pieVe/MyRRvazTS2HMC9/fqRAGF0JGyBhU33XKfS1yxmOct3VkkX6Hr1+msWbh6/4ChOLywjer1ANxeWZZqBTf6he96qPR4yqx3LLInqk3Y77pL3uN5p1Hu3SRTn3IkFxmmRbPidC7xex4uC2xdmGX7hT3vAKX/XTbiMhR13izAV9/6ZRMUjey832B34R5wsH+tb+5ZbHbgPF0/LDG/X9f0uLPRQfqrDq5Bdq37R/DGM8EtrF/rlAl1nGBfVt9XrdZxS2jKyVb+77TjaPHcWrwuVH1jVD57DdBuzJy6fq3hjtHh5TIr4bhMu6PYL4fcFunosVinZMslX8Y71QzzHWRG/tnbVT/BrjFdxkb2RU+qjNqNGLS1+vfnSIr1X73tsUd1kJ4Y1u5fNpXevTL7Uby2nABIo8NeXa/MMVHBMh6OCaYhkcCVUQBqIYMuIcA5REIhgn44IjowI6wkQoUGLExDBPwwI8Tq6pBhLttZ4HfOvH78mxTfy3Zg79dZ3ukW/r8mjtA7Rze/sV+voNqHPVJ4ZhfljHB2iZ4632SLmWFeE2TIuOJGOIw7pRZq3aOpIaMr2ZXEaFskzbx9khK7v8BUn5Hl3LAUQ17CUXaJ6m/pXbcCGF/L4CzXAyC5U0UC4UMn35rWVRCGQ6MPlOZDRtsE7S5BRxjsd+sA8Ep4KZ7GSkAoSaByNCqaMCufARkgFGTaORgUFb2mC4MiY10ZHJtYH4ZGRvQt2FOFTHSltu8P49UVKO3Dkj6wfKS0RJHoKRsP+NvN3YvKtJUCtI5xg5OR9CnaLRRrmebJgu+vTlEUmECUG9RQYB6KVM5bAIIAI7E69BcY5cCGNAiPi6ccWGIYnQzwwRn4XSIwzmsRAG+IMlRj3wIU0SszRtmdqEiOxSs6RRskdS2Ics+NOvd13y9l/IY0SI2Y2BIlpyQd1wZJFmP4e3sfpV5wnRYLX5Ng9Lgq8ap1wmSZLeqDAm5L3GX5qkmRWs+capzgrb4IMwzduqfg8EBFp7a8TY+QXLAnG+TdGdWRDH3X1uqSJxnmCc2+eLPA6nz8nUYz/Q76S58rD6mGvMlzUX29mNDukxeV0hfDDE8QMScTMdLrFTNXlZHnFH0zUzUTbPx0TvR9MHIWJTbrqFEwUM2Pvq5ewWDzON6nAzlMkCX2OFoj5W+0koSPSQkcgjETT8r6KFuchhA2ypSclhJg4FyjQ8sp2LpM0KWC7FkwLkO9f4ywhDxZn9b5OkrW9KyatU0l/2gGvuMHQ9KfNS73lIP5C+vwnJJreFV4nBQFNQv4ML+I8v7DctKBQmTyTr0v6tYSECC/ZIXKb1lFBOoiQF7w8ZHGevIf35Qklv9FVWAP9grCcyoFgAVZJFNEfXKXUZlw1RUgZxrexvw4TRJFigl0XWOvHudhlOpTVc2bMDWYAa6bNLC1CZUGLzl8APzzk8dFCIBaF+kKcEr37w7/Ba1RgCqDnIYkldC0NqKfgz1Dguas34/Qev/yy23FV7iAHHnGWvON1EaZVqLkfJzsC2MBi2xAp5WGt5aiCKFLNeZ0GRG0fGDpzKIiaMG0xWmaUOWw9QZTADvFd0w+OoZ5GDHVNBslNFKpFqIDzNGP2VS+KiqVEETBU3SRJjqoGBvNCyGwp6Tlzlrh097R03xIiH2DtVHW/8byaqgi4kEbd75fklnJ9mcXxWghuEQxV1dg8LZa6KJgHBvJt13ToX4vni+nOzYAEKZ5b/oVsUu8XAAlHGAtr5LcYDJWpgY+C10xeteC15Xs8Xh/r9GoFZNs6mWoej86uiM49S0sO8JxMy547AfLGKhe4NlHt1sffd/feGi28zHgaLUY/H0ujraM1+lj3CvG84n+vR5cV6jyT0WVP1OWeRT8HtnWgsXUZeF4wbzhYb1177jPzTv+CyFyjGouZrI+lxujsamzythwkHfXosUpWZV+Fn1deugdn4ZpqFdRinTX9iXjTtgu0yxiopvBC7ni5EVmvdSsV0mK8+/eWjgi5ogo6qxXwkpyRxg/F7uguQVJdJd+Ea+llHvC6mOXlqBt6FdPYvJJ/yl8aabKOZ4xB5dG5Jd7ich2mb+T3dGwNTeWscFns2+Vrqnvzz9M7jcMXMGuJl0CGOiTJcrWYnP2QVglJcl5pCDvFvUddCgG3zxUslC8pS9l7LJTySIZj+xGVoWRPQ+tYjUOod5cQUGjeN2dD1fR3mcHI25DfuH8JzOWuO17y1pElcD4IQC3CTbHNKEDVrs515UBQ/aUOKKbQlYWrOP8BWnvKSqcELTEncSPSm/WhLN6IHEQl3c5SfyNxCE8oSbeqLcMRDa0oTr+ITwLvbQwXsb5du8NZ8YiXmJj7dgFPEc95IzB1FxIZIDU+tEkBjmc1YWm6A6IJQcO31mkbekK+54HhYMnA2Ptcwvn19k7sqicYbC/6dcMMdztOLH6MfGCggWefxpGA9yXipMWRUHyfEfwKWVPFB/Er8gKXXgXzHSpPIkryJ3ohyw1X1PxUf6nHERZhSpuBjIQ+0c3VD2+jbUQD3ohKRjSahjmSuyGmW95XRZYsl3F2nkZGmGls4Lrd0zNSI6OjMu5be0vPIT+kI90c+M2OrpYfSUBKvt+8tjfeehoGMOTcO6evIsjK4Kx0YM4De/fhY0vyuHOj/XFHcWRcMJCHeWLaHBOx/4QAaZwRr5YieKX0bfxe3+f0H4rt/B5Jr1LpdVA4p234lLELnEXJeroNoJzWLale1t/BqICbX+h/9JwsjBJy54NRFEMRPR1PTSP3sX49n4ebmWNk710x5fZnfE923MXZMxWufuZEiUc1H5TZ09siIdAoaLtoLtokJJubR4dRcmWzDpDtX//4jfz9afO4KXWW+ln/vPv5k5AYnZbEYtKlJPHl198+Bz2RI/qUMmKyyvRRxFTJy0zFifJNv8uJ+iQlQWR6clHo3zPJX8iCtUVt+Rxwn0CvG+Sq5GfOJp+9xqXrLCgxDJxw+28jukyU4cx3yqlJ40DcoC/L44pZnm1OPaHbMFol4txBLLO/XaWXCzpAYPBI2MkZJY+NzmlKdmojyGHvwSCjpCuyZ7TWqfKSyY462/zVdFk2q4Q1KV22QLBrw/5N5fwtKDMgWK/QZZYAZtj1YE5tZkmMzt9Xm6flmYYT+3xOEklmuhprODG71aQMdCdNJ2wv7eCAaijby65wQrOOwSmJmIHXpWOeylicqYQmVtv3M+aehlRuW1YZ3uxN77rnHS8P5NceOtTTBTNUIcVJ8PrKL3xgpDl08cQ8BZ93vc3i3Y6w2OaCeE800drX+WSarCXH6hiWHrzluT9Kf7SnK7uiz5HthJupmEHoywQDXU2LNQOwzATEI12upgAjejtUPIUMyAeeiSmlEnS/Te8B3nTKaY8Q1gcSwJrQ2rV6W5RkHVMvebKREVVxjTZ0cOzr6PTwaaMH7OWo0hFGvsiSTdEq11UX7ajXMfKvcUFBZfykePUSN3tDYHU++qDpB0nmZbUkiKQlvOk3ufwgl7LxGi3oNU4drL3AI66ujZBjuYZpOmB6L2TODd/1DMcyLGQKeqWK5PQuYIJlT62oPwBu/SnGs8Mmkig3d0FHuXUw6mgHFAzEhKiDS1WdtanEg8ECzD8qCxnMTClmmfu6C35HdK7LXfDFqLlpFvmc0QXTWC3Rhe0aYOIvpEVOZ3DSGiheWuINXww5tXgd4ZpSCWVRRfqCbkXxc0KAQtEFmVIXaKcUavBVPKcj6mjX8iU+J0LdEqW8Do4YKbyv6mmpzpOY9gzgEQSnaw8NpmzIxeqwkkF2p+X+uT5vy+yh3Qoe7ChSjNUHQGQgyyprgMhFuIqzkP58Ey+SByIX5WRxBV7QOeGMvG6pM37axFlacnrxFC7jn1UB9EN0Mvlg7pAmN9KSx0AyxaMWfZfZvmnqu8d57qCJRH2uR4b3bW88UEUIpsIwa6+4NtGASUngndDQcNDqeGTdnjqsIWvu8A6m2HrXKXgTMTk+mHNucJUUiqOpOGlGbykCD8waZLRJkdiy1Jiir//+S5CoTxL0BcfPr1MfJe4XNFvWcaKqNaQLRKde4CnL76bJ+mmvtqsOQQXDXeHEGGrpqf2GbCJ44vrO3HR3H9DNagdz1PpYIO2oDDY+P0YpGC19GSgsvnJucRkuE7uZZXmm8TE3Kzdrd2Ga6TabrrKh3dngQmOuiCpbA2S7icIiLnMCxoz8v91Q4C3HBtOhFP1Cj/ayKYGmNEqzanmjiJLSnSlhqpZIQtbcR4xVMWiU7TQiMwRXs/AlmZiRxpg085pNytPtX1PxVAMzJkAT7uhFcPjq0G4tOHHIiJPPNePqW3LUzMdvVAr6aXuoGiXSUubwDDA+aMYWCj5WrhC47BhtVabRPRuHahLPNGVZPOK3xPlbXsSrvr0VEV5sVyW3TtBfocEgWCZvEBxxeIfb02lStwc9F2PJ4yUlLWcRxmnj3Ruy8ItRq07pd6K2OTh/kwEWxVAeoQGXDR0puybcp35g1eeqS5260igNvTinL9xGSfFhfT7L4lXcNEUdH8/nE53oU+v44ZXroYOnnHpvxGXKmCCsmzLUx0OgV3qkVKn4vN7ex4Ln16kybZBg6gpbNA5DlPcK9ljzfFqLLJpgkLCQCFHOqMCV2EcaNNJMeQ7uo0/oPne7d/wWX2hvumlqv2+AiAcavXXYOVMWivzg115+wRGKTd/aKfj1uVcnH4VfQhuXKWbYR+PX516IfBR+wQXUZMtLj8YvhQETn4pfY5Q/LAOMdzDURi5pYaBC4PapGKhD4UC5yhcD7bHYZSkEKT/YBefLAIGjuGLAaOyyfrCrNxqCINGxTsivKTbpHZ29ZsHyRLIAHkjkOENnBvagpCjOejckULfEQP2xKDZldemWTulQdnzPF0RNrdv3lSA1n6UuaWnsxDMCMOvYpFagbVYtFVeGJ9hoGff0Xd5X0aKsGFyX6lNe4D4uX6HsnCrPTB4owbIKVA8LxuccKtWs1cSUVVKeaPrZufqEhhpkuHq6u/vmEpFKgm/ev17++Pv+edYwuAPc5QvLlPrWGMfdOb9jaotLBv43Loq3u2pQfLgtMM/ePZ0o/WcN4pYuFZHfUgR+ZYVTJfj378n7Q57hv+4WT4unIMJf3v+eyTTqfRU/k5da44KOoilDqwEVuMZh2aXGBcmU0K9TWF04tt3xJHMeN++juyWtg3r/n7msoxjpeS5gpCtj5DjupJyNaNo+5tywgraf2b2QxZ75BoZjnDD5wAHQ2w80Ahaey+d14fS4QytfDl0DqXM1DGSCPhBdy1/A6RI0T2PQoSmiz10ai4vdAMuqa+s+2zVs3X75nbIQ46cP0xyovJKFstPNq80+HNrXNqhtfYsZL6WzYA4GAw5x2Mlmhmk73+50alK+4CimZ/wP \ No newline at end of file From 1e50cc80347fb34eadaa82a0a024d004a3150c78 Mon Sep 17 00:00:00 2001 From: Pliable Pixels Date: Thu, 24 Oct 2019 10:23:11 -0400 Subject: [PATCH 754/922] add brief blurb on ES --- docs/userguide/components.rst | 3 +++ 1 file changed, 3 insertions(+) diff --git a/docs/userguide/components.rst b/docs/userguide/components.rst index c77f9599a..2c8fcc78c 100644 --- a/docs/userguide/components.rst +++ b/docs/userguide/components.rst @@ -72,6 +72,9 @@ Finally some perl scripts in the scripts directory. These scripts all have some **zm** This is the (optional) ZoneMinder init script, see below for details. +**zmeventnotification.pl** + This is an optional 3rd party real time event notification server that also provides push notifications for zmNinja as well as machine learning powered object/face-detection. Please see `Event Server Documentation `__ for more details + Finally, there are also a number of ZoneMinder perl modules included. These are used by the scripts above, but can also be used by your own or 3rd party scripts. Full documentation for most modules is available in ‘pod’ form via ‘perldoc’ but the general purpose of each module is as follows. **ZoneMinder.pm** From f06a6977c074921f235c93afd203c453c1b04ee0 Mon Sep 17 00:00:00 2001 From: Pliable Pixels Date: Thu, 24 Oct 2019 10:27:07 -0400 Subject: [PATCH 755/922] python note, since we are in the Perl section --- docs/userguide/components.rst | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/docs/userguide/components.rst b/docs/userguide/components.rst index 2c8fcc78c..572e28ca1 100644 --- a/docs/userguide/components.rst +++ b/docs/userguide/components.rst @@ -73,7 +73,7 @@ Finally some perl scripts in the scripts directory. These scripts all have some This is the (optional) ZoneMinder init script, see below for details. **zmeventnotification.pl** - This is an optional 3rd party real time event notification server that also provides push notifications for zmNinja as well as machine learning powered object/face-detection. Please see `Event Server Documentation `__ for more details + This is an optional 3rd party real time event notification server that also provides push notifications for zmNinja as well as machine learning powered object/face-detection. Please see `Event Server Documentation `__ for more details (Note that the machine learning components are optional, and are developed in Python3) Finally, there are also a number of ZoneMinder perl modules included. These are used by the scripts above, but can also be used by your own or 3rd party scripts. Full documentation for most modules is available in ‘pod’ form via ‘perldoc’ but the general purpose of each module is as follows. From 3e9eefa6c93805af03be46e90b35428f928406c6 Mon Sep 17 00:00:00 2001 From: Pliable Pixels Date: Thu, 24 Oct 2019 11:00:20 -0400 Subject: [PATCH 756/922] makes it easier to edit stuff on a mac --- .gitignore | 1 + 1 file changed, 1 insertion(+) diff --git a/.gitignore b/.gitignore index 0dae662d7..3167e62a6 100644 --- a/.gitignore +++ b/.gitignore @@ -157,3 +157,4 @@ web/undef.log zm.conf zmconfgen.pl zmlinkcontent.sh +**/.DS_Store From e1e6fa3bb1ff84a41344352a2290f07a5dfe3b36 Mon Sep 17 00:00:00 2001 From: Pliable Pixels Date: Thu, 24 Oct 2019 11:00:31 -0400 Subject: [PATCH 757/922] fix authentication doc --- docs/userguide/gettingstarted.rst | 11 ++++++++--- .../images/getting-started-enable-auth.png | Bin 170386 -> 119502 bytes 2 files changed, 8 insertions(+), 3 deletions(-) diff --git a/docs/userguide/gettingstarted.rst b/docs/userguide/gettingstarted.rst index 896cdb99f..d4f851841 100644 --- a/docs/userguide/gettingstarted.rst +++ b/docs/userguide/gettingstarted.rst @@ -10,16 +10,21 @@ Enabling Authentication ^^^^^^^^^^^^^^^^^^^^^^^ We strongly recommend enabling authentication right away. There are some situations where certain users don't enable authentication, such as instances where the server is in a LAN not directly exposed to the Internet, and is only accessible via VPN etc., but in most cases, authentication should be enabled. So let's do that right away. -* Click on the Options link on the top right corner of the web interface -* You will now be presented with a screen full of options. Click on the "System" tab +* Click on the Options link on the top bar of the web interface +* You will now be presented with a sidebar full of options. Click on the "System" link .. image:: images/getting-started-enable-auth.png * The relevant portions to change are marked in red above * Enable OPT_USE_AUTH - this automatically switches to authentication mode with a default user (more on that later) * Select a random string for AUTH_HASH_SECRET - this is used to make the authentication logic more secure, so - please generate your own string and please don't use the same value in the example. + please generate your own string and make sure it is sufficiently randomized and long. Note that if you plan to use APIs with ZoneMinder (needed by zmNinja/other apps), it is mandatory that you have this field populated * The other options highlighed above should already be set, but if not, please make sure they are +* Note that if you are planning to use zmNinja and plan to use ZM authentication, you must also: + + * set ``AUTH_RELAY`` to hashed + * Enable ``AUTH_HASH_LOGINS`` + * Click on Save at the bottom and that's it! The next time you refresh that page, you will now be presented with a login screen. Job well done! diff --git a/docs/userguide/images/getting-started-enable-auth.png b/docs/userguide/images/getting-started-enable-auth.png index 9160ffecc3491a515f9b7a0ac4716656e8898ac3..ec376c4782a458906133f38f86a4953bf02c3864 100644 GIT binary patch literal 119502 zcmaHTbzD?i+cqFbh*AOylG3T9bSvGR(#_B?#LxmFAkvK}-CYAHA>G|A&A^b7-^O!1 z`aJJ>KL7By-FvUK*IIX9_cewp%D=jgL4<*TfN)<*Qd}7U0r?sM;SMg^UEt0+1x5`5 z0!E{yn3$rJm>9XDBgo9s#uNcTGBh?0RTXcOprbkQ==~tlM@jU?r;XC+0?wPSpHle+ z;);o4mr|71B3X+_AjhESJyf(;ds~Q7_Sz7q)YnCX0L4X*X;KklPCFH z>%m}@^C5PLeQoEbr#EVjHW48x2oK-dBk8nBi=90z|E7s#co!j8x~;f^M(kND2^u3> z6cSF8K&zA!KUXWd)1~P+EoCnr0>?0ZTAK+*Gy-`Zg{w9VBYLQqwtp!~df&=Zew7l& zupX1AUJngNDl5m>`9n$#TMU+|u9(gIsc51Tsg~;W&4NysLy_}(cWw@yELg zlFKH~D8DB@g+E9)U)p*mRV@CI);le+B?!74BN>|71H7T%Rj8qK*(GyfYC&|U5pg<(FYkB|rHP1q_ApXP=49l-VXLu1bF zvGG&YA?JO>^^wmnX=CZejNj=KhI9rse*6GR=sm(pHOGG7?~59OsNQLMkBRMt)?;=# z_hJH*dtj+qOd=8eYCGcr4MY7P%_YV5Ilu>a*t>^njlZe@^i1x@(Bzgalr6(`Q=I_RT<=j`Q zMQK7<@P&O5+rQ_Ii=wDZ#~^*r^o^r1I8#*7Ay+&Gy9!Y)gh65~gGgyNmt~ZB6nl$$ z3y&x)JHyg~y^?(zizL+SE~4mX1%7pB)xRs1qi~jjP947XbRadaXoGz(0Ml(Y1`uZ`l9sdq|}oKIsWWl z>lQ`rWp(csBh+BIJ#-_Th$L?JZj)K!JWzKh^LmmNInWxvynV2~e|2VlM(@ug61gaj zMp24B6}THH7UikghhlHa4TD2W$rv2SqV4G1W1jMwRK)REt#; zM;-DClv|b4CE--YA80Lkq-3XG^2%W(KTqQ-o4rx)14AiM}MdsM_$0XP2UqUN3KKRsqHH4svJRS zPESY~Pou%4!RjVwCre6O!U|&^h#QC(qVrLL1o~%gDDu-Yb(?ilbenePBB_5B_WSt0 zQ1P?9?8jGzqDuNhFP}?4mnjoHC|t(Iml(@o%gr0z9mN}M7#)z_l6Iz!7*@}EnFYzh z>JE#Ui{Xz$vixDaqRE4T3tGeb_=JP8{6c81#sOf$35I!#7>XE<*OCc;Hz-Qqt z+h`&xG%F;?u2$d8(5{*OT>qxNq+ZxN{aoTWo=Ek+TewO19ML+*H%|Jb;w1jQxukW@ z^pS^_&e{w`?_5K?OKIt1zPL3y7>l%8EAaj+mFD349Z?d;1@Fv0KtYuMqCC!{GWGn7g7&_&HGr(!! zf*%F#^K84-iLg;E^RM7Uf4PFubg#t z_0zX*29BinoAuN8ANL!}V8+?UJ<(=c&fINr&U1b2m{s?!;d+C2HGA!wbAf~Ba`8&P zYl(}`OYThCk;q{Ku%&!#7e({ZM=tNseLQcDuj7#<5tk6x5EYQZ?*#enirByR87$5S{_64d za&a6Ry9I3uA5J$)&LMCVpEa5FQHC*2@O}lR4&gYyJh}nCKH0Tk%TpuIwgAaiNe2`2 z7}-&HZhbD+kp2+$kl6Dur91>bKNf7f6YzfQDLXH zgKgGU_h_uSMpvOxG4JEZ(8!3A$eR{S!|`Xdc#qIy(eaoR#`VYVRr7grd#0?k&@b`J zI7=}}J&|#gnvUh@cUg&ZG=TGi*Ps(!kS?_@GG$Ta2RX7iFLSuEmPVFG`-mJ^? zprXDayrRZTsOO;Thb6NIv$gFyZ;?y#`2CWcl9G7@Tgl16Iwf=C>u*E43$ss?Lz0!b zu9D27G(Mc#IURjJ@jAYoy^Ml+HCxlYXTc`Gv~ieMJ{CCloIe%NDXQ6ua}tx7oSP>O;v;T`Bpl&f*L`<_61#dv47$ z6;=aP%E`m|jctv~jbf&LrnVQ(r@ND#=Uq!V_1a_8nbRe~KZ1iJ0!ivr%?&g(O4OSh z5$&+K-;wD-Do+z8%Bo*heA}Y2QWoNXAb?|^dHA`t>zj&44ns11Ul6mR zjBAfLV~tBLb9E7{@@BK&b^YYKL9Y*w*UN3$cCGe`nE{-Ewe)1cbSFr;*x&(NbT}xg zUo91j<(n?l+j282tp_o_ME{`9u`F!fVW0wk4eClte1aR1&pKG6aoXZ{P#MT5aOhLC( zFjKuQ1$VDTgIgjQ$RfQQ&qj}V&JQc{I1TI#x|@i+ZEpzncbA-}k1BoXP5L8{=uEzb zh9W?DFcEkN5TscV+Dx4)jtVpCe)zswqhYbPh@ybmXouPf5+Dvb+N$S!^7(4=x9Prvg{OLLoz*i$^4GhSu!mwyij{v|+Z;p}YB%gXBJ=Ema2&H{2YXMN7Y!^8TFjg^g!8F+)) z32f(V=+12C^z^Sue$69p>SXL_Y42L*j^M9WFUg#eqHGhwM&c^-X&!K-j`eW$rQg{^{Elq(_x;+cQ=lrby=icA%^RwO_ z)E@`;msEb<1;iqV!O!}Shy^jcExv*g5QGt=#6?uy5qDBiy;RkvgBN;baXnxp$e-yL zT$O}(=BkR9r!V%V1uv#uCW;Fh;?#B+PpVIfLqaq~kj0fY8{>~w8*Tzz1gp#8cT4HI8qgU|;;>X!)zq{YvKS>`(tQ00nH&KTr?ac8ERIoZB6gqVM4Fmh5q|ff1gUm0~~vv zYey$1W>(gL%pnUBZ6X=J|2nZ>i@T!6{(Ky!Sz*>EyPTeXVe~(~>MOiUiybvtW4|P- z;$pD&qxFBB27=$T0(s^WANZL{RAgpm=5#Zq`k#XOk6mlp>`qsW=PEtz>Fq^+#r*WW zj>Sn^q)3QsX>6Bag<)@@!C|iL442iskJIunl1_}CiKokh2XP}D;~VLYyKPO6*LM6y z{(T|&AA~=v7>Rh2&594T#4SQ6$>hs@^EMJp{W#azbft0ECIOv))d0VI3Tzdn$gu*AhM~>_ z4bDME<hJr`3ANxpJD7`ezsXll}TS7O#$Exr45n1o;La`f3)9NfJ95cAM3v1-V7t z%;gQu17$`2>#*Lwnv^fCpb9gk3zc-|?NK^qqi)=bwA3hbW5Vw<(@@IoM^A)UEGC*I zMz2YZ%2XN>YzYI2JR4RTo^VHe5Bhh*QN53t(`I5~Qk&nT#!mG~6~*t`FJ~b|cqh8( z2lHsnGsPX!v^49Pn((RSHyo8D{=3E^5nmQdJ$upGzJTKKC)EOoCsX;jE4l6u%Vz3j zAjXwC_${7}eeh~}ysiF(A zQTJ|qZ0s8RLV^-!#JcbVuM^X`It4jid3oW(P768V>(LX;x89ZAvK6!M%iToNF|CQw zAZ!9cunMMilF6o_H(wU}{el4VA>CiihKEabRV-G%gYlD7jp=RIR7Vv#M-o#*YG+ZjUg7AKBTb#%_)`na%X=F>GPMc_8@jHBw=R zz5FzuA#!JgEP3^;fEa{i>5kDc$4R$^!xidT=O>z@s4tLSTRHd=1>ZNeRlz^i<^YuD z;ZY1xyZA_& zrCjfmzRcD+rEW~ryI7yrXfdh7J^7EPo&*6-s?<*y0%_{nR>&TR({J>!ebLGO(`0fr zkSWipB{S1WEiI{0(mW(G30S#Uu@B(^9n<7m3s{U8yC+gS+1^k673WLy`WjUnQ|Kni z83v#soEXqkbrcj{X!rwhfzW_*4gdFZ8Hu*zm7ncvsIXDFL8LC3>BwypW@{)sNMX9v zuTyhUd^{Kha8|LN5QX^u3_iC@$imaCvWl&;9Qg)>C!-KZ)?p?JGWq)yUqP`Wt;~Uk z-qo*vdQU|k^x7vr=Ms`jR46DYAwE_6jrL#9j(L2kX1MMLLa&(vo_JjmX|9lCYS0|W zN78&PGv?|keFf>PGWXAi;-1~TYg>bf;U{^il6+T$rRngSX@{1uUMn~{yKv1EgONMAmktvP`{j%kHO8HP)zmWqOc z-E_h^@tMTA@W!FWSgR-1z5w2YCD4?3U&j;CL*hh8***O>OV4W z3{{J?p$GV2BDa@z;n^p14dGq|M;<=;6|NWX$V(PriKVDW*mOdOf-2nu5$qH|oEXJN zdLDGzy~4`J*HBy->JlR=jPDvd!J5d4$&W%Dhx@TWaVg@XbaRtcN&Y2-Xq8Zvb3vv$ zGxrtSx1HdBi*T`W@M4SV$kXAKvDc=DyY)ieDBEV>)D zvZ=gdZ|)PD&48L41x{z3xLkKM-7dEZN?bdzgf8t*&ks7tSiif&8c*xJt&+P*A!mjY z@++HVtq=HWdAtw%xZ8759lPnNr_ZX_(|ww(op#DP>JOdm&JIRZ6!1?SCJlq@1X&u7 zhL^oP;DcgVbyrEjH52-teY*_@--zdmjU#xzHJ+1ko7)BDSGh|y=k>!~Me@dioAMb)-5(-i}P)(ZRwfi4?^Un2z1 zHU|;;0nd|4YMHpnvxAl0ckKP8o_lp2q2WzFp^@Q4wz>QZB?dy=5$A)(r*m%HYlJ7` zpI%{|s#4AsYE{f0DhU2)Tix8aIPktGBKpDe!yB@FS|Arjz--febuyxo%whSVFO_ei zdfvl&d$P>fVPWqz$;GSo8MFQr%Tzu$maiTvEGl)GE{*lhn?{L=iOJ>G=l;KybrKob z2=|KWtm~4jCpp8Q{#S0B;g76dq`fBI?7BOh$p3vcixqKqGbf!Zl-Dp>$frrqp&h^4 zs2yXSf^MK*wc4zY$aB#Tbtf~7MS6^Bsq79G|KMsYEwO+{<(xwY$;oQ80`Jm5I{A{4 zzY5z(t+ocV@#bxgR zZ=A)-w4ptWaKhk7p#QRcxtAGQ6=w2JbSf>PNIW(^wo^bctiw->&zo;9gmfA`st%F(ug_Lg z`YE11ZGD6J*l0lL25OyN?m&-GfgVXe3*1 z&f$uLl0x1m7<#eSko`mI5kH{)yQyyTd8PXr{OD;mj!1C+#-%sJg*r8M$xsk);BPVH zzVJ)1d!k)!vngun<+AYBO$O^P(?dkF!9cn>>kvxej%}fjMOBCd#F8lLi~8V+CV!x~ z(3E+)x0#lf7R__!Sb8e=-h}5Y28(9NwsHBE-NqR4vGo4rHe`T_on`ITZx>SsHoqeC zt~_&3=CV!MKi#caND}Y=C>A{3&j+)?6|5o!3vThmCHTT0M-Xv#L(Vs8*G=nIBKVS^ zY%9#%+!JfwDK8u{@1e#Ar%lt_=w!c#pDy?;#AuXzU!0tD2we|VPg@nlbgUZYpRRV% zrrYQ>xVqHQ;PnNO#gV+c{#^yA$&+W!GF6xla0OXmZ|SUEKF0n_K<_{JIu13SEr-dM z)&YOphA~%{n)bwL)xHSkeQ~xJAP0t1VKW?6b3_NnVR+NUoD`HaF%*G^SGwbAN1!by zlg5!eAOY~sCdG4B8}2#h=zE;%wFgBt^IH!ZkH>ZF3ZAWAz?v7pm<*qP1Yil;Ul>1+ zPntZc3FE$*B|E&>?%|@P?I^C_V$dml?boxJyKlMX`;Jh*T}(d?BWvEVhdC8B&rwtm z-ud)FEL=3-;vKU3T6E0BS|9hq4&;%%3lksTOw-M^CoPp-ukKdQv0>^jF$!nYqqljS z?%4vGQURnEO0%EpOYW|S{Z%Q7BC94W^|B8**Nv<$(GC^~JFo z*wLmse*m1GO!bUi!gK>Q{w;oJf~J?f%yR&zS5Y9|!xaCLFY>L;$B zh>>?P?+aAE=!I~CtGx!8Y)k6f;!ZrpkBjxyTRN~-la7`7K{^+(G zN;@rvC9wKdi~q2fz1bRX{-Y`xF2>Cj%qQ3_{`@kCP~U#c3tyW7OKfc``t`$V#u8|` zIJH()6si{6#pU6E?OJy%jfi49r3r3+rQKCgx$~wntqDDIC^F63bJZ#XSka??vRtQ| zlbYt(M?R~aQS!aRW%VY@C0m__OCyAAN*u2y+hjkEU{t8Pmom`x9Ffkr&e-a05#nzu zx|i_Ft>FM6AK*3%JWgqu(3NYu5-10q6TEJo=5#Ln?pr22VQ6Ujvh6o1r*PuWztDiuvL6^M@amTbZ6Fq|)qX(GAB&lK=1C7U2TfmLw!HMMLPu_CE|H<%8`VQVx` z{z!$TRfeVR^9!F0m=MGZ{I%=yayE>2Ke8pWy|sjI?89Euh1~@ZxYm@RxmM-SSB>=R z706=f-Eercdm;aO_+43--t>~)Z@tuBqyx7J(cf7FL!_|w_IOdiC`4jU;}{5SYV(pu zm_WY7fP}IAAs7|N??*9_FoI%V#lp|j;@qkI>hht51wc~LCd5X-1E4=x9?g}ERt8F4k!RqNuqZ%21vTIQ*1jw0O` zN+;iwLG@33umsOC@)#=GhJeU1K%%nuaxI2`Ipk?dZt_mTch99DLSB$?XhYX`$^m6e zBEi?&Ujtmz!J}2N${@;te2EU}T1Oy5Ot5##8-<^)$~}tQLlSibz4QCJi5#=ZVcLdE?JX zGR*BgmH$XpxQO=sc&)=qrdeN7oq^9O^vG1Fp0{S4^(_h@b$r@=csn2NmX5=_qn`j# zFERseM0|X_IgogiN09JkANluocRTJ<4R`4%uXo)U%yCs5!opWpifBJNI>L2QaABG) zEp$RpZ*>A{KRBA|YDE^@Ok&`#JWCDPDA~3;@!r88S(v5eP(D$-!ykwT7Y<^mb3T$@ zQrAd{=jmR1pK}`FRiz63>ks&zQZ9wHt&37x>$rl!>;Je`1f*Co^6X~@YxcL{&|mR^ zs5c`jd!y*Tqj0wdn=O}Yrjjk|(3Mi)YVk7QcOd?i|NJ$SAxv1dE3LtKbJ-D^fUh?G z;^CAs+)}sbUIOq_JL%l{17sZ)?Wzyr*qA%UQbS+mN2}ne% z0lzV|+#Z&?Zs5`%R7L?{b#lUKkaMP?|11P=LDbk-2~DXhZ>&glQ0{R9FP;9#vN{D68xyFk5Y)?E7K%a_c$h$?Sx<>MzOL0)arg}Z(* zku67Dk(nts#(JfC$4_#xOskW#@Gcw^{jVKPav(bg6iZ^hEw&{}J3{(r+gp5onx9^V z%Pt$}>!-QUj@FDfl2Jx+@Hs@zSHl+j$BV&tbjr9U1XJrf_q>ghiu(FlCp@UgyRmV4 zf+C~;Q0adzg~Q3Q(R(rO-79k09#>b@RD4R)PSq{HxS{7cneGZR1wlAFuHoqiTwAG| z)g9_2yR4{3jGnX(%q8b5>aJV!-peO&+~2VW0m&u(OTEjsEEXmbK6S?E{q7n~{OZ?V z{mFen-pB@aB2iaRst$spsYSGM06gs(SlF*;_}=yikar(B_E5a`#mTPibfu+;ZKPyh z0)7P@yPvH`Rk?!-;mlLml}WUDap^=;g7E+Z9%j2hi#Ep+(AB_7z^tPb|4tKr8qAM1 zBG$3Sk&sBr+=^-O``m7iUQAfDr=8HiX2QUyQ4dJwUDskYrscTjOwzsJQi*pH_`&6K zE)#lt^SQFLZJfhryaw6Jp@-`Ok=9Y?Yn&6h(WPH)Yv#;w?X2DwX;*pB#-S%&bHTH8q8pfq5rGoFG@n8lERp=5vn?2DHp+ z1$jnDlS_Mx-EGtK4$k>|SeeRU%{TM&kc-{$jo579H1sI2d;0n~z3po(hBAu_^Yn|J zvYv6~NVO&e9bR}pv-GpPL4V3sp-+-DJ@%=Y*~}51*2v8M)anN8RDZSh1;S;d_{uuw zaaD;qQ-#kp=&MCPnbwH~IfwK! zuSM2|$$@+7GZD!(=;xtR7kKM4SWfCw&s#mT3uqEg+9PFV&$b=UT=LE+_mO{#K4Tb- z!*+TU9RfiJ1r6{YzB_cC22ST{FK}jaBxeTLnz;_B(WPaDxWWmDzPFGZACR{8cqN@q zz7<-kU5Q|ij~2KV=4_JxE}*VPYS$H~KYri_RM%e)vYb&vhCaQTshZGFwyFJmv8L%X zrlyfdxx+A0IS<5_{s%xIUz6tJ4V^5WYzVl&G5BTm#_dPJq0P>_DlX>@#fG&w9UH*K zmjU&h+V_|ZVjv(J0{J1Cfx$B%71AqZE;Jl5=FP%!U+Lj-ZB4H(3mzabB7@X?p}DD_ zZAz}2O*^xHW80u*%?BK@Lsa6yqM)K4`cgun)uN*j)_3s&-iUHpRW*wXzrX5Wfm2p{4=A z1qQu|!D=*UhPd`V@6hBRa?!UnPjPrzmU{?53dw<=@7^b>-DK6S?5t#EWbDaO8$L4} zX`BF%7Yj!9!qPsjncfKAEjk$m1uX8e+rn$jXreBu(p~g-JxzC$IDUS;}P6?DAh1uISiS#ac((c)2}0iWJxH z1MM$<-SgPu_4=_EZwD1PnQZOz9L-g#20~qQ$6ET$rMVk3UN|GDH&W<&(qY((GnmtQ ze3Ha%*6_9t+EyV2cNdjBKbrJKh@WAsKOzIuRWEVHh2s4?o$~ zohq9_8B4h{q>$aY5UYhUPA(7vf7@dP40es^-6MUmdkk@!SMX6#gd0jU2&6_A0!rs5Is*vXE?(aw56^b> zD{XWsAy+8Z+t2XvYFiz?jf?=B!3>e+!?S2Qs*mefK4$@XK#eB9_*e)66&kY@I^TH8 ztq`iq7V3fva|Wt4Jes(965Ki>fQJNOehj^cTpdX}VS@!5TFch=3Y4C@q7IB)Z#avJFQG-6R< z0{i+T?=_}f4`^KWHjaL9+hl(#A0ceo`tX=C-*xu*fYLhUaT!THw`&JAb{Okzjl+s0 z5@?Zh;gaD7n?JT*b1|usBhH@LX}8`@o5-2kydgCYo;&*(j)h!v!{?k)Wszc7BA>9! zaLsU&*7hZmmbFrC8@>|_Bb;JPAE;(O-L@{#=WJo&bCjXoX*b@S%>P(r8E1KO)jVf& z6eKn$)-IMQA}<6wM1l!{rs`0*K$dYnmL9tW$b_&}^xw*WfSjM;%fCf6*tsdc zj_A^n?Z?LG8f}c?&#&Aa&I-eWL21*V+f;XB+r5Og*p+h4<>e#rzOM$kbW#Mrh~!%+ z5tj^gg45Xye-2&HgYJ$OCF5OkD1fP@oo63K({?V+PM4J0dOoU z1nzH=>Cmp4nKMokWz!ada{}N=_3P5CYeBT39z;Sm%h?yhWImTeq5eiWF4CV>iUq)W z(oE5{v{j!N_0JN?c zORr)dOe8ZQg;f?GoEcFd1csdK&P)`^7>C5__lU8N9it5xOc~u)*xXxXZ z1YDFIzlxnPV2Td1>^S{u4b&la*dd#($~P<9@&0LWly6q}ezYu;eQBhJVFDx%kKWVU zoE~7A)pj@OX>(U|Be6nN{4pAz1|OG;h!i(DktHlnAMZ_$(jd=!-gp5`EVLGvSgif} zsF_KTiDp>Dg^zk+R|VO6QMt+uXFsgG$g{dUJDe+!vaQ+ntu9ySLK0{YHEdx0KSlS! zmw%D!QJ1F-DMUfwI0mnb12vQh*LGR%V%~k_KCLKypvH27c;efnz2;T?+e(;Mp_I9L zvIYI+mWKag!gFKY$rAn(+&;z~ikxFf+380!P6GnFw~)!aIlLu$@-q+h3Z6F|R04EfG3Tg~U*(ezEHE7=(MeN|EbA@1>>_#Mv{WTt~>M5USCwu`WlM z&Cg|;_w95S&$e}2rmd>dVNHS_@p%+I|2YuyT=avI(&uH^j_Ekr)dUT)XE+>|rb!xPvY6L7`0`RzV<~z+fQGqLF(IqN}1N;XpStwt*UA)ySV12tT<}yirsXv%i8lKqzLI? zFNXYPK_b%2G8&@yyBxfW{q9@YAOVw=Z07P6AffKS+}(WZaReKlwc|C^iLZc# zZBnAU7E)y^daQKEBdL^zMgMy#Zkn|)lVxSEvi<>;66()gRI`?ixP16X$+=%v z0YTe=8js@+o1%qt9o9Zm9w-DUKTIod!iVh2k-j5RIF#jV0;OAQuP1LLoP;WrJ8;s1 z52)Gtq?VunoDQ|LC0d91+%#Bk1#RquF@n|U+{(9c> z(s)sU@^=f%Z?S@Jxv6wExc%j|wyMvwvDw)9AMl47K%%HpQ*#QM?9fMtU(n~w%MJLf ziwpJX)}5M^_&o2hJsyw|S$Yuq#_ig59^Lb(S_yW&(XXU7-|Dux$8Z7>vJRTN_{Kqt z+vL5ge=;!QiWbV$jEflupRxfWKxcJCrtg#ZQkB7xIuGJct zPLM4$jtxBz0Q@6$O7wGx3_7^SFFBcPXHBlQrr(wkUOoI)=m|P5C^Z8MpJO|sr@-09 zc%$_q&m5>ISv5<^AvO0m$EcnJuSFENznypL67ODcX?Xy+EP23X1*nlRIi4PqS-BXQ z9-H96cP_Sl1hLwh?uwwyzmZ4QO^wwsI%ZBbL0;C4YCJynKvYDnKyr{bY_?6}EPa`% zq@skyI!tfl-g|nFnGe+Hd)iCeJbiD)Ogl$C++UOo%#t#RRk|JvJIk@-gP%O7)?YZA zb)(ilMEYHA00@hOFlDTGp>;{)__?y>^w=8h;%})9DkHJsvd_^@DJr^H*4F z9R!mORL#Ca*;Z)D%17`lW8km;PCpWWL~!mO$&`ePR=wXf17 zXb?03!vf*&F)GNCMKCnoL4DvXSE&!Si69l2R?9s`Dk=`caE{@ExIek!#}V@(p+1}Q zxw&!$x{x#^8p|ahvW1*Uh7=8a2z50>e0oCXr$Zp!)4_NbKd9hRf?iK)3SdnMES40o!jwE26KHHRB z9Tv-cH{GcvO6toNY6fQ+DJy-wJ}@>Ooa%wd=q2l&2LjhfVdi5-@6&`0;O9c$;67RN zBP2UXd>e+W7#bqz%srNZFId#Ha-ngov$n6YVJ#sm�Y_wGaVgoH{$$mG)#-ukXM1 zR-UfyI>+M+?KLVEq;A`)l1+=kNFVp4xNeNu^4QSrdzG2lW*h3;B`dlW&ON{J_M4>r zx7!^9_#7)!DC8UgLy&80pnJPZT8Fc*(yb}cJQ8|pETHwg=Z|ifuka@F_`=O+J3>}n z@Q{Kz5FR5{W;wx=Yo6JmtrcdH47skXD_yzm*GQ`|k3rm8d=9-Jq`^18zdr!xX75Vzsfi|)W z#dcnxkXjfihsFCtw)>|8x4`8dUdVl7uHLmqMZd^J<4=1fwP{6)b^nJ*Hzp@6y4e}^ zw8(m*cuXLcm$T_@#uMj3k^bmsOmuGu^St~q0)C#tD{?No*%zlW(T-S)2O2l?2!)US zv@swqs$ow8d3%9Tf(OsbfiwY?V&XDRYSIUy8S;1`bW%kh66^Du07~FySl{wL<-i}6 z!B0<~AU(jCm-}IO`9Q;mg`e@y%Hj8`xiiR=-G~{_3}PSDR4&B(m(28-yZnKu{&|_3 zj7*u2#9`k51ZV>!Tlr1&sg*PQg695f8Kdk-Q9vfG6HOy$bA9>a>oCss*3_|i-JkRQ zMnhd3|jt^0nGySji3L%vN(4tC0N&dx$m6Gd5M9n{7)8FR>q%2g} zjC6FRDJf3~_pIa8xiz}-|7-8RSQm-|XrBS5PPXL7CJ70NTb5Q$kvXO&3&7X$^@U(t zOqHAZKi&D4eP(cBhj4=CXYo%o0Vvfrfz=7Hiv0Iq{88@Z+jIOIp!`||H$-Y*r_3mb z({A<=s98=bu8CX`70r2L@Z*C*f9hXL`c*mt3PS5AsjeQ!X)%Z}R07fWQNRBW-udTt zfCCg)ofX6Pb^@53xS^v%rvLj0S&^auPN?;CC4HvBRsCM!AKkG(Aoz?3fMvS2rUekJ z4$o9f4S+7qe+ljHMdn^1>*j)h5+y4utM1jV0WRaezX#l<3@74r^iR(}XIS|E@@bDysQ0_6%xdMJs1SPdNJ~Ht1$+EwU+(f z0DNWmKeq9cwTj-WI^_oNZR8OOuVjq=7p>M;SXM&7B!4UHe`5PC0m4*5LJL7>1o-%g zr2j!^`D69uiWlf@(8Zif2>e{^vY?T$>e-;}LUJ+)4`4wq7m8XZrI`h2zp`Cm*^GN! zbXK2s#WT=kp#M7FCf3q`iKUd_v1PT|;Q!)09-_5*sTs)KA1e8-ml2*gq!;b96F(N@ z>OSCXJ@L$pT^)b=!Vmk*sZ_wHr#F0a%guJZh_Ukd;o&YcBmHF=M{+~;Ae;Z?`+r}( za32+RPgj>iyMXFytLN2NZysBLDst03=;dm-+wtPv@v1Hlkz$`P3vz^)J5BUFT%K}< z2aw}W8GEW)BrB1uJuDdK(iQW4uy+e`wAU#MoUc*;RnEe(I3ZFyhyLkpLeT5{ zcULqd8wJ!T)pE%e=ne{ZY!1<%pFpx$S)c@jtno8dG|XJshusj+*#`2ywoW!n9JTWhX1QrYaRF3`gO*oxxK z`KHZMuXM0ik7kPdJP=uD%b@2EHq-W8nR^+^8;~4ewSteU0a9%r26BTB>b$R={Ft1dbD#X(UC|6tAL5rIg<_vV!Z8CS{@rh6c%ZkHS5))`pPj#7 z*hCA*|n{;t1T`=*x)J z8PRu!cnDVK7%}1SHEq|g=i9ZsterL7oD)HNb|eq4C+l5C@%Iv%9KG|fzz7VWg=%!i zJ8}3e-6Sb5zXTKjd{X{+b=wAnmF(CAB>~4EPQ9qbhT4-76YGqaE47jPd1$-SujQYfiPm@ zf}P!<^Bx9@l;4iNbC>=cX<*>K^@KI3dxa1*odboKV|A8Z-0?d&p863-2KBDCscLdy zn$^1Og8uB${T~;btBPa^G<+DWMzX{EQg}u}ePVfuQZ>*K*XE+R4K6Z-UquUJzvJdX zX1SLSlV<9D_l<0>c4FIKaaqBCncNeFG#KNl`UWfpALYbi5$ry}a-X}HU3-G=mX|zU zZrVe{NlWv)_RkOd0`w&31V%1@9NKOUXW0=I>D0Ie;WoIz_EPBct?lq1yLIm@!hXQ| zny#`sA$pZfIi$P2)q9C%4fi>S2aiur@$es)(4^~VlsL$l_0IyiZa3|Fg4szzPOH&Q zI2^tM^yl*~aUOq^$5FI^W#N_IVQtRco#e8*cjo}MW^kB7xb#tAczaZPd&UU+dTR#X zyzy5&p?dlZK*y4w8^7VS9B$(U`YM+z8}PLr+pqp8x0JgXn~FZ0FTRLf^|?_O29L~7 zmd}uqn<@K@{KR|}eiW0JULsXQFu&a?P0e&YW8pMDe=D!zAib71VXUI9*Z3{@1CBSK zj#bgZl>kp`VxxzFoqdD_x-Sa99P8iKw5^ChS@Wu~C9X)c#@J2H3aX|-V*f(@WG(Q9Z#IzbqyH-7&OE!d{X*|_*j4c)Kfkw3pLTlUuavd$=hS2 zE>M^xn)Y=oxw3`uM7i7rfR0q(LcOnymBuWz z1drm+Uo4-AGSW#`h}S`{cwGv~_phThUf&c)u?1b7`$s{xFQy;rpoa#NxK7gGD=~V6 zuS~3!xPgnoc6P<|TX%2i2&MGsZAaFjO@&8a#Z4FFLV>LAcM1n6*|h9ypuyAM%9^-A zsGmHY`#Q7#pe0?11@z^XFcyRY1K@7g>mTb4o~5AXtMTjO5}&D^sfyH6y2uis8`YnB z0x)uuNSm+E3v4U;xLmvGb2M-13%T2KZVR>mYFoB#3;=qr{XFZnqTvweaCP@)&i;I_ z;(K`|Lq8PUEIv*n9GS2}g}W>V3brotliQ${K=fOlQ=%iO6(pF{BX<{oj;P-7()$l#ZTDn(x8z|>b_0DSNS#J{&KR9m4h6V~c zWLo`O3ENugqxJuC(Exp+dugK1X`M|$1lTCF@yGY%V)D-JSVlR@0f36Oyw}Lmu)`MJ z$!WhRoD5JXu5QVp08llJk5ji-znwBj{alVRJ))~pjZAv%^F{5=^=Y#_|2s1FF#z*m zh?z(hZ@!*`@A|Pn<=WbDKGnT|<`wlHaDnFeX}RQ+x%xu&U`-drc)MOhcnk9WDdN(h z5RBNk7ulRW9I#iUVBo*dfPwmwIGwCN4AKY36cpEYe~TcoZh$p4^d+))*g+3oMw_QO z(nEk<%iE}u5$ZWdNxiU{ht?fdKTHO^lU8uI4SwUd`Z(N84j}%)#KFV3XcE4@*1Hb7oiXsoN<{)a%s^vd=0r2T>6LrOK zWCCXGRl7JMpp>>J=w2!qWDiQEE+3Ad!YE9@^Cd0|=xGVcjmZ>Le<3^n3qS(4411~|Aofg)KZAI@$&JbbV2gW~~m;EfYFfjYMf zEJo^#+q-&9OHs;{z17(CK6tuk1a|Y_tyVnOwjRRq<*FwJGtnijijKj7MhQTPbm2Mtkzpefb6Unr|R(Pd}6GdmL}AL7#eYN|D5O1c>$=&9Q*q;wkVC&FNa4WRWOT zw*dAs2@t{Nms^P%USZo&!|n%xyPWUPVFkM%ayJ5KUEvi#mpBMc%?ZI>?1^cXN@E51 z=s9!FBXaGwWF8w7gzByUb)tb-ibU}&q2<$Uub&(1_yFKn)F&%bFUEHzzvP|{mF13u z6MVgON>r4KuvlCYnQGP{o@;jH^brQ+%mFEIofN{zdJ4RLlYMMvpWI7>)B%1yB8HT~ z-@N*qu1q0&P#Xkvwe7vtK0nj3BVSD{BD@|KT6jh#6tN(k@?rBr!nFmRwl+Aer(q}= zBi*71AiP;PSke2)rqAH+y^JK?CAIPdM5O~j5_9X#P&8288o`8a%g2@sLf~fz3alsR z+Y=?}7sb&NpIgki$8q&ahR^rcB`2d3rt;MoNBB+ZUC+~Ev$UJ7u`fTtBv{Wa(?v5( z&zIx@E)4+0NC5uVP;K1c4Fm6^^Iy$m3pRfPKPU%|>7 zFQvF~d;n^=o_j2uannqCNm3?`$zh$AZ?C;vykc|#la0DgBTMv{6LRU!xAKmCC(U#3 z`IG&Znw(=8L+cLeK|Y1La@#Mt}Mqx@6K7k%N0Z8~RnKzASo!ZlspTz)&6c8medi6@~uL zh@Mp?lXw#l!i)~# zs34oH_jgp4F`jwXITsDWH@sG(bhNXZe8Oo~@XLG2qS2;Cnf4~E=bKF`3+C{<{4nUD zZfC`K;T0Uhzg<|NTZV@ogmFBECAviBJengovv$Cuq-cG!9L74k0<^-$me_P8O3K7} z!+rMZ*6YdIsr)?v_qIR-DIgm!ZaTL*{gigDj1vo_Hxx~eOK#J`m_*^Sj`W*l`olzy zUqEk$G_>O5G>7&4ZIZ$9i0!p&tc?tkRZwT`^5fzAI|A!d^@=r#9{La{!r5Bcr2f_f z<(aH~|J{mvZmT(YdHj7ZE^ABhD_#8eKPM{+LxR#@%rM;YPbmDndy9KQY2*7)y{ldP zk?5D$w7G)3v=?cSrwWnBdAhHo=@nVnn%VmV`geCM?jOAB)%Vy`&yu%bWpod_+zAk_ zS*u5~#Sz$XnhmWVObdp#mkF_VkG6>jZNHBl7{`tjK+%7yF&h9Gi}H|yYwVQ7ch9BE z?N`d7hJ7`iS(mEt^Q}dBZp@44qTHmIyXr!8{#VvBNvJ24EOo{l(yP1RdSe=nQJ*fo zk7olY;&{}js0?Qn_xJDFVPU|MiiUVVsuJI&Z#5uaX8X2n{cyP)i9sukqQ)?aq?uwa z#?awk(w-KCjjfT|;bk?rmIF?68oGzZ`UfSdLc9aoBR_e6vW4?pikEe++xlm`)9-Y+ zmv80wNeQaSj=<3T`V~bw;@QP!-bOia9G)ZL*kWfsvRmW9l58d~9~1FaJAa^2yqpoBdd%O%_F>OZXHOd=xsb$NSqagmPwD>7|lT;+wt<|vX&{7e@QAq~GJSH#<2-6pw9L40n#k?YI|7euRY*Evt18VFh%D$D7g>k{7>Jt2y>az%1IjKkV%Yn&`ZHx)n~ zV(ljIbr7N;&lWB_y!(p{pYa@z2M8>5WfBW{0ON5;Ud7NzQ`f;CfvtIw-NV{E0Tv(5 zc!++j2cZ<*?7H_gZ2L_)e*Lk}>Kqa{7NXAwH)vE&ivL zvugYABI46If8JIR8@dc%;v715O(Di~Z=vse^ASvaX=1kciG@-_1hb058u#P~(#^Lv zehnkC0wUr`7kS%nilCsPfpM8ZGXf{7pj1SQ8*EK!SIA)v_`h=ddq<#(jy zvWijR04UIE)KEqa(W1x?EL#g|?RvwX^T#3@ z1H3PdHI5#{MG7E+uU>utm9khqDM^z1gIz#4`V6QUtN8L-dfmLjCr>|$)x$RM_*c6V zkM@7)_Vo5vfhF=AEf12ld59mFUltJKF44T!O#J1yN)w>PM|m^8DH^MmXbxd*8d;<# zg{4fK z?H|!7HnQq3_Trmsat&F!d*7`hDqpWXd8$6Nt3I;^;0-21Gq>sV{yfEMq$ueI4!Q0c zF`>;4kj;$&4d!#vcUL?v#tFH~jIY)2W8?Snw*QC7^&L9|w=?H2^$jgxR zA1)Qagb$(-A$RBBt|a3<`h9}kNOA0PK;|Cwx;QZdzLyDXZTfDDgvg>FlgwMjDF9h= zf#782jah8F_+-5R08oC)9%{<^gb+1rbBrp-K%Y2*%w%&PWGa$N119kE-A4KGgF0ScAv#6vlxeGL*b@M?>xfcdrC#K7Xw6m)#*%2&Ta*A;*dX`8@ zEK^$koD4E=M50H{IuS#}To}Uhoe{3}NQy=~AFsK&KG2OvD-6CH^a;XKnC|9St`?TD2o=<<2-pD?bb6{o$DL39x$RQwOZ+Yy zHOjhz5lAMm(D{KX{RlQG&%>OWymcYNR@CYn>gB>gPrN^_%Lg0*rYsg~%r(DuJ?02{kBeJ{K&hif|3CK z-D(&ut=vG2661K5vH1Eo=1IZJmrL3nZa*HA)ao(8wdYNqKTi@cW&@axJBGx8T+~It z08yb(&EGAUfI|cT#NBA+lQ_CDi1vowP}cOY)bmh@p#(KdR`hw?>`s=&nXK+&m+$mc ze)VIi$OzRvpVg)<_kxzd;)y>2fStOx?BCbQGJhXw>a#b%Go_WlrVyGS+XlJl{^ukf zhq>(`d?7{Zbb(FU1R1TU<)p2ClcZ!n`LB9Y!FUHMo33cDVC^iU0-hwh(K9(p%J1@k z%&cnCWt=yn!bJD1HpeD9H9fTG7>3xat^)E?ekzsq*p@Zk_K3Vg*^vRxeuS)b`_p@U zLWgt+PDpXg)Z@A5BMZ0aGnI42;_+nYZU>4&tiyr=0@nM<$_?)}b zoHBb6QzSsq<>dGV%A7gS9DjyjAFQz~a+XUNaD=5+BFW3fxrmpE?O$V=H2F#u-zi&t zC&m+9F2>EN5>PYZfZ+`$iQA(cJt?ROPR9{ehvOYMy^DUD zP>HIFq3^zZze1a8ZZBqlb6_2+y48jRnJ~U3MT@;(^rSC;(n(urajB{(xVV(Lzt~9R zWpIx~SlxMY=LE0JS&`f>CoEaUTa{uB0a#e}BC ztJBFE-qppsstQQo6b}XJ{tLvmL4$;UcE>VNH1RRmGscjRZmaoX*$%wKFyqrRDF8UNJd1=0lrVY{7#~C-~R<7uI|4gm+ zs6x>&7w?mruBaRKC#vrkKubTbdcHY&Ggq|K8Qnqp!m3a@I;>g zp8}&8s1;rE)|;MYrBs{DBjy(;fsFURKqy(cE--j<8EaS)t=l?6mB-Ki7mndQ6LyZ35wp+bOVE?K(9d$He#|raPmLu zInJrb3gl*aCpo+S(c>DGDBsei(?YF@C}Ib&HJ)uvNr2T9b8$7=J~QRzp3x7%PzlaO zy#2XpprD8&Fs5b|T~txk7d>R!l_r$s)VFYybGoFZlJ$)rqU!gI+bii_XN(OBc!6~) zq>iiZxpD>&mhrFBzTsk8oYf`>)v&0Q1b8m~wM0_!b_0QEhoEigvqtG`%y(bX1jjjL zUA!1ej99694dnbq=CaCDKsl^UJ&Geaf94)nA|7KLe$ZKOW*4fr~S=?5347H0?u$kng|8v4D{y zA_6BaOe@rN#Eg!~d(*1!d0ih&OY==|PFrGpi?Z}MOxuD>+v+jt^6Ex}O$=AX&%3ha zT6=>;Gf~}c7pw&M-AG-(9`jJV5_UMK86qxv&gNFeFtPiZ#MXXF1#eJ|M^sD)EVEDE zm}L|$k-Ll-HZgItsw;b*uI5diFs@}>&@FVGxd$sAZ+7ocZYKw)OuXFxs&Meebr1kJ zYp5iP4fP--N%5vDSKXjppdF)_wmX9c>4#MNDF&JA^Zej^aG|>$l)Xo-OJQAUJ;~oP#Tuh7&|Ue-icT$sd{8{?%0T3%5-+YY@?f++=T=P z;X*$Uswm|zE@YK%W2rl9RL&#C<^DZPXQLhqbROveospVvmsoa%QdoC$f|!aWv-8Q| zI)*r@*_RQ68uLFxaXc9;q5C0cMDr=Uj*nlWt8Wh=r#Yydoo0W%MA1#%e`ftFhFL?q z>IP+KS34Ped7*jYVAn7!aJB(Et{VNr7FKu$N z-@VHCV*(`Va;skh^pP~KDGH%$GPgX)Dr)xPWK2I;@A^-j((@Xvf6N4M5dDCS7mA=#%S)$ zl1Y#Y#}?k{1p5smW#sLe9->tk)RX7(t{VRjw5vb2oY@FC0Kxuv=t0yE(#Q!f%nQZ980&8k%-{%jtR@{Nji60}J&vm415LL?2j;F3YnAS&Q zV&lzL-TQ^^7onObsE`ZBbT*pbqDp}LEt1A`=Crm;X_u&dXt{Ne_|y&1e3;%Z!+P1fJ;eDtisfG&p4=N4 zj+etMmYWYew76YfjPk*P3DbI@f;74E-efqsMC-|Vu=Uyt4A|nGM8`iz<&ObU6S_($ z_mMF`#KJeNH4_;_EkOeBFB!}>x>KGGreLWivfrsLYdNh99BXNbw%hP+*<|enf8!Cg zPiJA{cMW+mp6yr{W^jyfamd^Ki(L8_&MA^{12^!#l!2^+1FS?;Gv`g--tO7Uap0%; z8a1NaC!?CGjC;3b@1lp{$;;3`2^qf)7dYgM7Lia-rakN4XKgxF`I_?RLm|3PIv~Nl z*$^9N=^Ev(k^e$)#P93|=_h%ACbH0jMgH_e@@RccOjW4G=K)RTZGnHG=B}a|H3gSe z;aw@OlNXut!aKVwF}!>@&H@#>hYlx$_?^3ZSi6^;!}D}iqnGYjaOJCWbZy7a;(Yj* z@4Jp_B-F0in%)Q3#9I1F&?8D&l+ksM`7;h`BS-zpKJ#$fUJ7*xD$4X&OMR(>bt5tK zadRl;O&*PKT%PN{Z&v>uzFdg?S~#jOhW8YrH1|oko3%E|{HrYTy_tGw(G5DjCTEqZ zFaxz`9!_E#OjlnM{rSP)bKBeafs4y%pUAw5)^tLKKMwSWh)^}wy97Q>zOgQdIAa)t z%R*2>cb0?7{_(mh(?w`E7U_W#rY&AVbIG^oH~jf%_dboYh-z&YbNW|N7FC=!E$v-= zO78>Wuit+7*P&06H03)`0+Pf#1B!f`sRlPc#887(dnl#S1JoBUUN9fO%#SO-L-4;N z;1i4=D69hLY{m@eLyXJKvOiWD6%V4d4W7JYUivqf49>r$BvL@QY!vDux0lpiU&;s9Bf~}&$ zrhg`gB1;I|=n`s!)j(T~G#?|{)8UT$#Q3+>Q&ZF0wI=6h^2}HNcLx0&%)>Mh+6NE5K4NDF3~L|=*q+9|g1lM(^QDk{CRAOA z2;dpPJFED=`h!28E~Jrf*ElP1>hec?UdQ>@DQ79{(*;n$2Y18j9vTFD3|wIStHUrQ zN;v?3lf+(X7HiE0dr)5NcKq`x{-itW)HxL_E-xn+A|78+EB{$Z|L5zOM5W%_i5?jS z{=1qp*)FUBqrYnG|8w!w5LHnio!ga8V70^im)SFL3k7Hhkj(AN{52hJ7RI7~J4tIm z#{NVQGygw><1;4r3=s3Hpu0vo^)3&T^*)-aSr!33yv}%)%{%oXjY@dyBOnU7g0e^n zQH9z)f1bOzv=le*r0`!~vp;TxPm{_nhn0;`|+;faH6kf&viE6}VJD7cGWkt_5O!nGnGF8u4gS3;n#c(L&F^Dnj!=9Yk70|(#4x!e!T z0mD&B<;I+<=5V^xcT(`7HBKLNNkL2aVR~6ji*0I*F%c}y6n1%Ud@3>8&VQx45|Q=D zdR~Znu>vtnQKl=M0 z0EakFt>Mq=1O2kF%C{}#DM`lHbfh-ETutO^Q2nBx8f#|P+gp?;p~dx=Cs~OcWzQEF zX09^>ZwKICsY1f%l#gWHp0yJ#r<7Urx(DP}v$xK?lai~aG(R0Q4#lfw)X>N=N^GmG+_ z3zNu8<+e-X1Xe0wLDYPSG+D|uibR4FRE?nA?&7%(m>vocH3|U0SB?{b?J2z)*cyY< zR{Hd<^ zQc0WNTpGKMOd~J1KN;+AEHov$OqYaNFT1cImKR8SFq-D~eI>l7Sss+Rtp{(kiY9W^ zI1dP6N{F%2K2~_i581A}VKm!u&`(W#IlEe08@H*}3kt9`0X$ApRfX&_U;@}!lltP0|K?5`j%z15>}+>#5{Yw-=bcHj zoAojaY0htgyI2K^sN*yd0&}(%9C1ex#B5o|Xw_f_Ol^7q;;df!UY1fak~Xub_G2G- zFpiP&FC`d1K4@MqsUMRh(lbFWSDnCMV+OC&xdeu^`Cze&)?b(E9jA-eof}($GI{{+ zKnOyGLOXd+P|c-HiS9+J-$TZCkv=&hdXzJQr>)~<%gNIeQ+dmKbE=)T0#^{Tl!t`2gxuRW*&mrG?cT-Kw&#C%oe^dE>A!_8z`mJ+NAtOgTC457Vw(O*04!lPv4vsjoP5i zJn6hZ@%1fiflDDLs%EzJ{+Ep;muacSM;70X5F*SQ-|m0)zepQmZKECPuDgEjc^7&K z6eiE7S((t=MIFy4cJ&k>e7aR$YFZKzbfX_jL;aQe6W%@QXRgk;4~?)n&M9|+JdZodLtBOf$Z01SN~5?Z1)v_wsjiO$#hWOC6az?K{1lmSKbYN}=~OOx z3jn9ji{#o3&~m+(yPvj}EQX4o9swL*3%)hEiS*_0l*xF*AX@vRHGx~WWcu-wfm>mF z#Gc^(u`H|skEaUYR>_a6WGvf-tnJwHPx-;jJp6l4PkzKG@q0ZcJ9!UK8E@RXG#w5&-l(eUQ;x}?P$ zVv|_S3uEV^A0s?obG-lb)c@l;istHY#8XH`chn=IF0ZgxkbR`s)z0SViNY}g zD%!MpcLC?7Q+wDNJzj;dAOzn4Q=)5MsOJUwD;nP{nlQ-u8Qn9mim9>t0Nc>fSWW%a z=b6cA*%3lxZmTC2vOI4_hRY1a=`p)Q6v-jrrXR^qxBx!z5gsECD+cAq3Q3WzkRkA{tnfM`2 zZhPUTweds96Z`YLp!KOjG}$1YpwSS>JMn49XbQ(PJ00oqe$9Jmf) z-(jjJ2uzYBWIQ9_z!?M^gcg@(+X5}wjQvNKCXXx*rbMq_RaR@M(kd?oCW*s)!-}rX zuFivc>uYAihaXCA=?w=rZjCW%5J<#OW1{@ve@lM}hj+LN+%bEjg!icXTzA-{H)Stw znpd{BcA3HJ!tdnXKDq%OXZy%N0D7P|da)IXgV-DN!^K=J*p=bKRjtYk*3*ivBiA%& zTYbm5&%zl^`V`D8rk2!;P-uAiVto;Mm9^sR>)eZV6^P?(Q|~p_?yGhrL~)3f7!^b- z;Vr70$Au4y_Rgc&%Stv0YF%(CS?|PcV}_}Xja(;m*{=RHlr8z?w06Sx5iaB^uGTOr z(i9IFUNm$X>=ciKx;}oJ5!q~w-`rf~PX<14*t7uwoT3qh1Yg4q>9D(t{%!5AIj{r> zsC;)bK8gR>nQil|KakWJ0kl*L)`lHlq}85>(o9f?I3bF@e8;QFZ<*qaI{~gzPAQyZ za9||LIqN_qaLZ~;c(Q6nK5*G^02DWF8wfBL^KX>3y{yqXzNwjo{g8YFGPmoi}a-~HzH%5iIO?J(a{yJC{bb9O?n(kd>{WRF2rX^jIx))agRsoV^9EE5G>Jg z4Z%;fd9rHCm0?rm>?FyzGw(4;xUixUx%jD(ip6far}vdz8B?*38Aa{sR)UhXW*rLY zmfGd#y_A3pF1`1gT-ALd!}m6y75z|1#6Mq|kMXIkdWTPo=4v0?lwx1QQGniE$~TOO z9C&j|6zDV+pX385dl?HfWp}1OQyi_Cb^XotN@Vnje1f*`e0-&1({YWUl>&zZD!;I> z04>Mf#p(n7wtzsxGZ{U?@3WL3hovR3K~r~&JOO6emX_~($A28kA3F?mNy?<g9=TX?;%KAeRG|)YVgx> zGl%_5OWnrU$`LOhcE02bi`1tkL_2=FpKIrY|HE5C1XbeM14tl#VS5c! z%5T+4TH+|u2R-HW_hLq_rxR$K(Vr34vX<1mxt8bgv2>O%ZctkDP-E&o*t>OnB4iLT$^`E%IXVPr}#Yt#F<&mv=TZ9ZtcLDr5ad?XK9+lQW@ zE{&b3z+8Ha9zz{-gKaQjslSn8%nW>VBr~j2o{hM)duhAYaaoD4z(d6*FVG#$o1brr z5^)<0YZ8VJ&lIW}%EIdu;o!aFo)q@!AD`APzN;_jsp(o^O%$2Q!EaH>o_KMI!TN|} zmc?yH^NhW|XazVsPrc;6$X)ZPvXmd}yQS+Bf#z~bcZc6fvyu$cePd?t8q0kb_1CG8 z!2itt4zVjf`5-;@;#p{(XTQz^N$x5qDxAD=HJt3k=;m&a^zBeenCBvXH3CwKprBb0ji-MBVyiG(9cJw`xQjknUu7(`0C}*s* zSa+sQ>Ob$3^?5XuzH3G#w(>v`{wMq40m7e3EkBDUGwk>CNP-!dQG)tXeHuVr$M(~8 zsD#S_8U=$04upKjt(zj`|SEigT^>oA7nDEPcWa$IZ&& z*I%36JB#pe@kMu9u~-kradj1e{SOSgM$-oer_@g?+B;1kFolBouGE)hQ1Y(PzCv8-6;4D6p9HhoF$Blt1bBS<`W@JUUzk&A;B zxwgqs_R4c!5*)wk5{JM@O_6gDISmKU{Vwg$9jJ;4XVLrkFlA@%d~`n&pUEymdyOvb zFOJI9o@at=)35<-*eig^zS=m!>Fnh?7#?#pQhRTt^?i_MK2H}&=cuTNlpzTJtSBw+`| zP=ISN^cex~>U1+qYja$BrHv#~z#AwDD)pQP)q^m*{ESr-AECoC&lfJluTMX0l0eh` zxmMki@-AFC^X&K#rUns3wKD40%~{=P_IYSN;&&-sG~n%W8@Zz0ycY?2?5MxdL5n~m z*M?l0ATM9!J4Hhx^5|>875EhcU}*RmW4?S?tJT6S@D|Pofp*z1a&Dh1R8Wx%+^-jN zc!0Rf6(;ik3?cY%{1rH=-$d>s0Sc0koq%O2o6K(oOBv38z5#jgZ35k-Hbp9S!Hcq- zx0Z4Nb83R+>Q_xv75vCf14|Zdrl0qN5=B1s3IlqV$743XCCi2GHuS_;PUfq@HV&In zpGD(FQSa`-%|W&ty3yt+>8`(4kpsa(0qJDOQvsQA()< z)*uCpXbd+8jchV9>i_)0e@?3`9HRlS&6;Yyf>6)`=(lQ>&6h!-RSjr#gBB)$NtA#D zRxYS&70_rmB`%SOhk+cYqeM!jApu)fK+2_S)}|YKVF37{^Xkcxuwlz_?mADKGjhrCB8$Wd)627E z;YRlU_j51!%?57PUwq|t8Aj}HzJ)1%D8PDLoS)wXf;sZ^{@UEC3VGBdY9Hc4?q*cb zCb`-`Rp3)nG;)dg&r8ISs^whZx-aAm38~a?yzj9FM3rjbd)e~5FHMi>Mmr1UQU&k< z8S+%!6uBh8X}_O9K)9~5X)x@J9-o3&BGPQ-JQ3*K#+uYf0q&|u5DPpt^U8uOtY9l47`UDi$^2V2+0&tU z!yv&n3n5~y+M29KSWZ<$EZ->zg6e-nMDWghMCxqsOgV!N3(W?XfILY&>krzX9nOAM z)8GD{9pGyJtQpzPM8>QYYHkN4E(IE2LLJz-G0DDT8zVDuJpTyD+ZC*m9Wm>SzG&6)gKOI;>f(QgTQ*!wCp6sYk7hHiYL`mOG zu^-9^76{E(3bB7RyC`XTfNTi^d!81klA^g`aCsV^ZZ;#4KYy^=znN&3wmY~sdy{7D ziI5#Bj+_8*qN0<4HP#Uzyx!5b4-|wNJfiRAe|dZcX7%wddkJ!@r&I0dY*@wV@UvC` zEWxZfiu0U0sTq>Wq>}H*P3)o>G=PAGQSFrg=wPq}x1<)>9&F)_kd|h9;W~OE|;A~tiY&SbruwMJ6r$_FD|4G~GDb76Bb_!F8 zF{*8eYA+#qd`dP*iw23ghoJ|qVO6y^qAy)&)8{YF5tnOlb6};~L4>6{O=43KwOcQH zd4}z`p0v;N^4NadvgqB}!}S*>cUXrv0Z_9LFYf52>|{rd{}HK_$$Ogef1GD>TN_aN~dNn$@P z39@#f7h~tMIItZt!q#uMb*yK_U*lRqrlC8X4p-P7S}tHl+|Byf;&Tm&H|?W5b|TT& z1BhD{m|?>Tf`@9Xm{bQ;4#@;UFJ+?gYIZ7-X^{2Cf0^9n-5^D(%51_RTqqf4t?Z8?lL_ilvn z%reCnjM5@-yT6vy%wZz?*jNMmTzwPCmDz@ey#VeNc%X_}zQXxRBt+?UrPHvC6Gfa= zos{8ZjvUeaskFeN?la?#&|M=k^3t+pR}^I;xy~uOC#OF7!TGM>!8zSW)j=)2#Wm6b zgpsL%?~R3*@Ecv$+*$h1vDsss&gpOU8|diT5f48a?mSsew?lfSnxP;TrYoJ!@1@T# zOw(WnP>nclUM#Z0c45NDMpv@s+szwdP8#Rsd?>f_PCaIDg3o47bG0mHcxpU+oUNkg z;m6Q1Ob?d{JpSiB*ca^Qlu1LJhoWyu9t4X>;Ro*C!XXmQGB9>b?=^pax8c`v{d3*s zz(awC?%Ib#{2qG8Nm8dlI_wDI z3?V~jkTP!p1({{ZY9N#P7GVs)&BIo7>MNcBT+y9(Z0dpdME{`)MF;s_E7jTT=Bu(+ zE`f9CjmKQ4-l8kl*wDX6ozSps0Bx+k);!PAr}c8MFLZxB?h}7~vs|8Qw0%3kJ9xxz zMiv3xWxMUC)*eXNVm|{qoir!~bdngEC0sKi*LUKvX$j+fR)NMoCM9E}8%n{39Ytsu z<>^~av7E|Qp2l_~;!6vU`_zvx`U;|{M7xy`)86ak9>k6dNyZAR2{(?uH;IqW3Qlt3 zflg2I@ZQ6K{7>80rfhYIQqUS68U}l}SNe3)o*S-??>mc>bZpPIcVrMd;x zhl@9*fn^yFr`D;tEtFpGvY_Mc(0A7505&+VKHhmE8H&@4Rt!3XplwR@Iq<~KLdX0t zU;z(<(HyWLMYC63PiK-uNtednt=B$JIkTl3&x&1inOt|=4EC(kDRogle~;5#N=gGZ z9|_7{VLY$dW7B22-BR9EudnL=4WuM8cp)>Q@k$B}3DEo|06F0GOI`UWPCq(w3G&jN zG!bYhRe13&8eM|&AZqNu>rlN}=Z+DGxbH(T19U%ULXuHo=y_Qv+z47FDj;Ew_4>-k z6ifCRNq<4q*OcuJ){GyiD((n|JB!*syMSuVipt6`+=T4=?(!1*(l~lwH4g7(9TV~; z(Kp?YBWIt&Nc>cUiOXX71!I=gvO7I{TqTUYPLP@YgEzM?DK*YGbg13Z`0kk8p?*In z9+_F8aT{L)Ub_1l!}ew%5qT@A7$MT+I6KG@w^!a~L%e=Ab)C^&h*wcmM8aAUm9{v} z8A^0d$7cC`)%0xAsp1yXDX+VYB+Ru{sPd3RuyZzHr?=J(;Mm{d*^Ou6(osYlsV2brCyqRR$o~ zzJSDG5Z!v6U&Z*ESfZC*z=mH;;%{5C z=IJGl1~m;1^;H8OZ%BJ_vhdO1WT$G7fxD(%b!8Lt`~(_jIa)R z$b%*AGO0vaUP(CHw2t=C77h!mU4QawRCHUgnFJ=CP@KE%yxXEX~$f@k;^ zx7mkjk(ub9uZ$r4mJj}|IOrmNO*dG%QE_h4djkONT$8tS=kwf05?tS9)K>A`-r1{U zv#&{?ik{KfJ>?Vk1}n`ySBgz)skuxkSfE5Y?7~efM(oNn>w_SF_=0J3c^t);SGrb) zUlzW~-ELOl^wGrgXYf^C@U2=iS|BjdC+3A<)ay+zYMUh1Qcpdk-h);9nuu;*_K#{Kl>HhM;iN9cN( z<$%vMpjG>z@`alB3pc63cx~~fYfbKjI7QJOx!1PkdUY;W?a;HZl>jt4HyR6~^2B{_ zBHE5=nim&T`a_4h^H1-VEUpl9ZKTAj92-yP!|e`;AB2dg(m|Gq!iiuLZLH3!sl`il ze@SaV`s9lvh7CXRV|r5>5?mihMXWE6ZfDnYk_&sb%glok84;>GqjtRbk+hGC zu^ErrEsIIOr}L&i71aA)F?f z5#8V2GcK-Byw8~C100S326TP|K+_)0wp-XYLsJ*?{ZAl9K~T4^oWsyOwDyMraLYZF zEHcK=DunTDAMvBmS!I}OS)2EkDGubO1PgPh7nI(`l3E^MU=`NReGLTrf9E43TpOwJ zTl0CNudw;Lr1)5$?0x-s^E*Ll-7~+yxg04Nv3@X>^_#v5IS>2i%zoN!oNI}lUf=g` zlVOc#&CfaxKr9o8&ga!7g~Z};Z)a}~ba2$!X)UET;eP$0NAta$vM{$^Dv@83rfW4I zfYjHZ>k}OG8yG`MxJu1RqNdNcT$@J6Mgp4d&}TNHmj#BP2k%HY;k=#+KquW}e0}&G zp43Z6`r{m%reSCZR*_zovet0p2;FPe^?_cqnld&bfGc~O;EfOOFv;*WYA# z!49IAGXjlLD!FXY@lk1AidAb~A}h6#{A+G1Umn7@rqth30Low|&UkWt0f$}o`A?YV z%2fvHO~OZSoyG=e`%)O^?Cl*(ngckn%HK(= zk%t!E;^P$11JBR%?aZKRGsd>@ZD85`(;**gx!~wKAFg>J>id*+2f8iz{gVZw$RH4# zT|uQiTjfKhm_J|Uk5SR{ay~!k6ZAXvw{Okm=yc{J3a;?8-*M)A{bVKn;mcONf_uz5 z^{9}eodkKJaz7%rw3N@=)h@L~m0u_$7eCu-&OPs;SOX^RCosQ6Hm5KE$z%v&$Q&0b z)>-QOw&4C+dDqfKQUW~m7uILSS$_g%f6kM?9EdF82S&+6FC;A-hujRh=EimE`l6*x)Y%<4q6g>?tiS{<3^RGfh!@@e?ll{j`2NPL!vNi;kW* z^FF3W)=~cDWqudc$nW^MnVE;8@Zz!6U3&Eo|Mpgh50AefYS?`f<%5RC$bSFh z&CbQx+dYrQ%jCac>k4;{E!E*X!qvh;1@KJcZEa=ze;mMdUl9#p^28)3Cl^LdA+QjD z*}QJ_aP7kusz!|Zn14FKXp0Nm_&e$FSpM0gr}QXs)qGLDzq|nI2*ToT_Hehsu zeVV-RG(Z5u$CA7tmFQ8hO(O>ndK&J5%b>QC?+ zE2WuU7Ox*#-uWOL%2MIxA3Kyo*|Ssw-}`LP7ofiSwq?O)cBgJDeM0AjNB8*Q(|?&_ z8D8k^yKCJ&J^R2X)hSbB{gp^b$mXZ|(r<1Tm7fdVERNMcru$PN2^8G*yG2HAOgpFL zk}kTJy5ny>t8lQqU@nOdSPCi*bvifly=sU0{L%WD3M-^@W3=+lm`MclCRnB)O@Co< zp`ni*c}us*JeJ`y>N1w0YjvmZy;$Bop+`9bO}a|9lD2Lk3ZorRuI+@)_@{8Y>hqA3 zMWBpsF#ZzZWBdzZ{%xZCaf@z=Qx1XRmiQUXKy_9tgY5fI%5TFME|c0OqXxoE@9A^n z#zxX5Yi#OFbV%q?(`F^=ZY!AcJI)J?cLlkW_TI0AFUO2t)_j{DueLJOaSb0ooDa6P zu*kuOFf|5pTbbsZTYM<|HWP3!{#e(i+IGD4qRG_ffrHU3340NvFwLpFfxaQpt?myx z0YuQ*T|xT$)Eq`|Mdot6p04^^#S_NBO-!N1rgt&X|HZ* zn9zjVQ14sr^>+m&>Ira6du&pDKJUSBHiIddM|f$@2_Ec}v^AIH;9nhupN}rOlrf$8 zz~{{#Hg##lo!m=ral@RUWvjq4TV=@%OdKu0c zf$DYP4x(|zk{9-9@XRl6*Qt(B`-{-n1B{^GiUELY|Pp8r)>KycxkbvM=$$;=EA2wrE6kz6+k6C?wKGPr(y)d%AF43H*P(1#l z5DTVul)C-m&m}W z*XO9GLsd;3Z$T}$_Ng=f{E`2#kq=4H#U22L{H zN89GZ7aLo4!JavKV|1Y|uvgk$)-X0#i9M} z`Yfs(g@g5j{U#`u3IntP{|cfua_+VQ7mMroDq`Zhze_ki{6clWxTorv8IhU`+cTiZe+ zKG!RY*NB%Dg-C{YmchDK;qQ8e;pulwr$QioAFH3oo)$J;qt2p01UznL?)fv&`rEp-XzW4SI89oNX-`Ba;zBOMs`k@ zMw)#-# zbHHwO&xj(;3-A0cO6}>tZ|PeE^Kje zF;ST2>#wL1{O_ZLD+Zr?lezmeinTIZt?s-e=XCltgg&|ASH2blCCE^%quDwDZ=~dz zn}EwNXbD&e{?%<)G1ilP?aZR=&ta4gYze)?Zv8z=QbS2;#*R_8^G$Sgzu)uxg8x28 zBF}N}KX_32{{5rNBwokdh=k3-BF&B`)M@GI+h{%VITFpGymoiU9e$;KjqVV!j5T-hB$*#WI-9JNok$ox=RH?n9lP~)0gui|t z;?p5X*}vU0hwk-pz0@Id(ERr={M)fcyhtdrH$rSo4D_nKGszE!KkwH69)tym-27ge zkEQKiF_1T~J$D zkWQ_mfCz7a>NdN)s88I9gC-kMlZ91_JWEca|Sd*I(PrT zHASN7mBue;0ZU+zJtGNe0&9jeEWIQRZ;QUXyx6|n05v7WGR$${Bx-{02tBz){ICVf z3TcFDw+viKvjqWk6J)INKn+aYL1Z&wo3f8LxL_AA5kPdl0jh-60Ir)vwxgHu{{Rdv zy0t6Jqs*UYhjH!oRD84oY*?-zVW{FF?T}T-`NO5^7mJ@I_zlTtQ$1S~TI+Vmhd$uU zO#!<7rz|9m_IYoL1+qv0ik|diMY8YoDM38dTkeeB>x=brn!irF~x!q+0>$5KvMS z=}u7rQ95P>1d;9zkyKhFlv0rH8bD&CyOaip4(aaro~ygM`@QZtoIMwo1uU;#ml~jvu?t|eSF6_R5KtpK$kVw`&%RgIbLT?u5P4rHanE(K{Ex6Pf@c9wLNeBC+r)%q;kvjpL?`hq!M+UdxDTM%o@LS&f`{#0a z{@NTqk1!I+6rSy!ohE&Ao(|as@^P-UdEgj$$pthgbk_RiG%boS;aF>s=ML%7bcF*T z!Cw{2U#u(8uRmt+9h6&%*0IbaW3d_14;XHuvWg#?eaV_waKmy{8lVin0DianZw&J?qKDZwSzqBlzh5px#o5Z8PxF*Mw2Z-e;v4a^>Ab~TFw^ox8F0aXcum<@c z;p*4w%Q5*Z@GzL-zQcl03Gz`V@>J{-1#++OO zVCxc~Fgyao5&{FFGDip8*7Kcl z^L7&8>l1gua~J~R&eij?HqA6oX@uBP?sQ8D)12TWWtj`b=0M0YF^3fOaih;smf#2+VB66FftZJTtCGb8X8htvESyPi>wC?b}2jTctR%F0|wHUF3U|3*gK|Q-|>uY96FV>lF zX3~dlvONB&E%U>5zvOGB!vNbcC#oPAz4ct;UXt5#q5KqW#8xlT%M0L~e2HHvDk(^1 zg0mB@vo-Pqllt@SLP8-~28+o$zy6w!#^E2kCKFi?YJ$6a-InF}KYTpjn5kZ;c$+^I z>v`{!A%&yGl)sPh&q9nub?z0{KYX&hQB|l(ep||@TWE;`sI8vPX>47g60m;1H&dsB zw^j-D?}18DB^*1zb6)7w8BmW-5-%MGQlbnbhl275+n4D&H#9&}Bic74X52w>hI4e& z$yXfb)nfos+2q$5vo8$Z0bpk&{|+5cUgBrF1-e?92w=T?_}$hM?mUUX6fZO+cCQ;Z|jW(ITM~f^^S>P2+|0xbY^TRyn`OEkFZVTd>rIU{^nXyo2dK zdn^gg$43$y>Lo}vsa(&@3IMVXe}6!;41Imz?ruk&aA=Q~?FNv(Ju3+}p$Myi%xQ6r zecj|j9w_5jO>~kke~eVxWF(Lx&@WZxsHfu462Lo3ck==$bNAchfV;7eQ{}v+lFDxy z7}}dv{R3zx=ah*6y)8Po{M$0AxZG7eR`nMm*cw1jrDE?PHISBmD#1JjF;X;UjHt-) zndY{@o~fIA27x_-;?2!Enmn|!G$^*fk$lWJfBBRm@qIxZF7H_P#)|zu%R9Cz=QY3X z)AyIev2f>bAG6&E@X(rb#WtL}(Iq_;ssV%rw`m4aO|-LrhZ*#S*uF>a7u;ABS(Hq$ z_+6Zjzx#7WDkU_5x;6-_doE#zYsMaXs6aO*`tW_UNLAgYGb5$_=;`zM_{glLj(b2l-L+d9#Z&PnfR=ek0`IwscTZeO^}7v zw@y{_Z*2yv9O z-rNgs9o6Fg^^(EXKrfN8285Be*%gDi1uD+)_5^$P?tkf?svQkmCt!(C@agu&HPH*T zfvKcc3smKOpS!po_(xZcWd-EdZQeZ^{P@Lm>2(N5-kLB}ukyI1tD+h~se&@i_=w0zum#b%w3}d~->q3+04atsm69?SsgJPzu zv^IeXhRvZNjuDzohHFm9qXaKz^)$_LFo_@KoEWKL;h!2Q_LEE|SG`_Ii?hr^n1XX` zi=hpe9Ix+jRJ-nEvCO5KiSup(9DBd>ZS^431OM3!O@%}`JOWAc1Tl|K+@B?5aZp|q z&HmGxO?6Mt7#hPKY|nz1d9Q><1TSR;a4gt+$@ts074BGDtfVhI{Kr&zoIpB(Yr5*w zqDLLS9>e@9ajX^jQJBJc$vJ*(dB|h z7^BH+r_!(J;tgMUPk6jcr%QCdbcEIH?F1@C&0F$kIj?JC6s5g|D{4AH`?}bm~ zEvGmE;@pi)>+-U?Ysq|oP=)LeRoZN~Y6+*asS^T@5&ve3rZw5h}?gD~?asr8rJcJ_a&q02$f43b%!0>SWN1F8sL)Dgul#aFI4biV z`*Mk-%kILP*A2DfT-VDiymn9H5LI=jD~Lk44mnPhTR!z@y$hZJ*SGTO38{ebw`#`s z?y*}u9yJ$6`4KZ+ZTq#+48%)pH{JY1ZSnT*Ctq{BGms*OSkGHCy<&Y*vUsZ*ggCHM zzX$RJt@i!_bfewEYa*aLaI2xFHInt{F4FnJ7feA$9!A;yDT>~R>3=i;!oQ=paGro< zV}Go5<^cg&H7hOvwzE_h2(GuOi{$_d+|zS=z=dob&G zI(MKxQSwj}(-Y{e4zS;Gm7&-;_0PVI_@@bYhmbLwcUP))?GB z0I_>1$PI3AopSN(L8{cligO3MwJ{iDo&^X=#F=}DF|h*0fK zk1Kn3-afIZbF+E&@g}uT%zlhQdj4)9fjzBPd%P1WzV0qLO2?9_vfIWfguoi*N*Yfz zbe+3hyE1$tk<)M&(T+J(DjQ9DnpIP=HY#LXxf49vY}a1BE^oyuM2O^4!fH^m_7m%( z(Oam#a8#P9!+gi|4)F*){GX9?BV zySWUD-$`Y7=sB0r$lRLM&euno`Q2jvkuO#HH3Ux=akoC1@rw($4>+NrWXM;KO52y5 zG{@OgtfqH)j+(H&6SfSM@a)wj;ydl8=oxCf4$E)wOl;y5OInUUc0R>uw+moEnXBDE5-lFb(>I7{Gw3K; zJ+rkDGbJgzP6deJX22wTz2$x^;E_?g`SL7#LXRaAJbDi z8);3YkYoBZ(_x5_#i$B})xr^G3V#=F9`9g({8VUuXVPj%K9A{l!R!4qk~r%ae0DM=;^2!*F2q?yPY1@45r9Yy%aLI zdHlPNZAdu$*WUB_9q9y&<111PW`|=c`S()-1rtJVAVGZp=pkP=K+#4yAFCu-9BzLP z3CNKv>cUbLkhQW@NiDTi^2`O_`$T672pGqUja?sSrdLK~bSwIw!|)m@vl@Rgm+}&t zof3wuH$W6=w`U}V=EKWTRW6>=miN!f&f{-H^be!w4NGppu)MeCyUX`Y;0N$h)R?+izETRk$%O%nc^Lpj*qfF!9cLd(C&EsxYn zQxyBxlckJ4cYPyy&xpeg+2o;Dr{f3u5QcGG)Z$=ju+hFW#>uoo5y)xwZbBk_4000H7lr zG9Ow22O(_Ky;p4(ZN~;WFx|;Pp6CZeyoHevf$8Qe2}F=ejd|m%%Lw-a+scLHpqr-a zlsRA`oe*Okh%e=1mi}G%0-IST_A$^&Er1F-Ad3)n0|@wKkRu}i^#t-2@|cY4lUK{- z$$K_fGP>Y3@!4C9{19+Va=|=Dj>PbsfRX|N5D!jFhdvNPzB+9Bp~sH!vmfKEO2jLNdS7NQNR?%jX-@r#r@sINPG(tDT(ry8_s z^Z%OT4pdOx3(>loJyOVr66iY0t_0m%_6{T077=d0=+OCtDF9UFS8~45^SNeA#44$O7vCITWWr~m|D^`%Y=`e(*1+_p&z_J)P?6_$*z_IkL zvW&*2f!IujU4#lEM_eD(7lyxSQ%{f(vh+U4Dl2yk%`iIyg$DDxJOVO6sGs-sZ-@i0g7*P8bf`GYr|uAxH-{z z3OhR^V-qds-sp%tfL3e}1(ul&cAeEHyT<=>ZU0yUlvL-l^yok(#}Pb5H!Gg1T!_N~ zRWPca(xL7E@<2H`3#9Q1FSmw}g;OtCM?n5=nqR&9?lKvf_R;Rj3P^1b;1Lgl#QZx( z9e|r3efQkz8S7erxmw7jyCC-tfYgHd zAnpNxESZCbhUXa2(l1R36>4+cUYNwVU)2E>RqET#z%};_WuEAtL9!S?FC0FOD>W>- zH)i-W-p1d{k?OYT8xKJAP}kNrg+T6Bk)BuBrzPx@1DWjfuYAB!Vc(W_0|l|n6#&Nf ztcu9&Yr%-XBD`O9T@dp|I^7}U{aw{Fnid47*7}O|O z0V|@oF&tV`&7XI|7e9UA=FmIyG@QYt)(_BtXKjIg)e6v$*qJ9S#3L5cLpn>?(jt#H z?|CVe!=9BPmSQHY@x4Gf!1D=UGv1Bwe%B@cgc21QZRWdy;JhL1mfjUj-o07L!JS7^ zI?b~+Pl*6}%B6IMCHS16QO4_uRtQ+~SGZ62vp&mDi|bQ<_`RoslYmzqZH9?8hb#hL ze;O1NH>H|qW8kZ@EFxP%POIjaH1^>ZRU1u?V>ZnP_Hqyp7}5hq*%3u711-_@eV_on zScVym4S2L%X-c}y7yM}ckqvLC}2-V+Fee#D?{P!b|x2Ta{Y z&yKs#h8B8LM7a?mS8g@o^3TWHg+g8|uoX^EnId#D<=_cA{y*;{9zz$SDvP$Jk$(K>Ekhv-+F@OKN8R~@aQq5>ssI#zCj z+A^uf=ikP_0m-cncOHH6M76K9^fj0>;K3Xg-1p7qvlyW`>g$)HD$$CZ{ML+{|LMgG zv~hlz8%4K{^Hwj}5xNcWq!oxycMJ`w5S+b>3rkJ`cxq8UJO?ae)JXg`EVD;b)Z<3qfI*Fb=Cf|B!TxUL<@5u57}Yf z_fPsr`;%hMgj6A9N0eQgh;#qI8sMf^YvK=nf*}LlNZK3KQF8~0q7SN&(x;zu(yB;s7% zg@dE@!}{s#i{8H1E;k@({b6A6uEC?w#gy0-ACgzHd(KQ%_{dEhm3Re z`QGD&0P8N3ULs$S(A>`0dQik&#^9NghhMmex2~Ux<%$(no19G0?d~fXaDYjxKW@LK zUxlUVyITXymQeK(b=LzuO74AV0kux9Ui9QIpgA)y{et*3Ir>=e6MlYm#>U$MgF4N( zxbsw!A@*tvBK*tUuD*8~#CE0ejB9ksv0nJHFv$$qfBU#3z8$eB`t2ZO6*uMGp{(jX zquYAOk}F27r444lUHe(Ld`TD(E$hBnA<-%|zrydK^76zZiMID!_2&*ApdaAf!9>)2 zaz(@T^v-&x%zk~M%cI`F-+}qh0E+Frluc_SnQb-$hpgy`6ifiU^s#e4LphOB&;#Fd z+ki}V*eP-}K|_YOVd{XV|I*zYtmvwI^!t?>dJbyI*TvFrHq>S8F?8$e9^BeP4j{u%tuI}LNAPRYu%qI4fK9){h zsL!PL9pOOh$^C*59tK!i(Sq}Es2z^Mb^k%Sc@l5#;nD832~VOnMNMwnz?p|KS6RsE zFPjO5BEIPHm#92C`w%wcG^Z8UKVT&k_T^n3eB?=0JZZ4m%cpL0?^fMqnp=0C@3&Xf z3G-_DRT4N|=^05t7NjjEtj}d+=z3&}fyOtlF&fXQ_olp$mGypO%>VC%OBgar{PZZm zT9IA&>=qcZF3Q>26a#R~bHnL4T~MtSELQU9(=MhU z5`rz)W#e@>jD#9`*|uS9M7X=?iv@=yQ|nVz9KPUTl?os}T(_nMA}VV^^MW!-;nHDG zg;j<+L+Is3ox#-u{$W zh#tZ73Dyo`#1Me(6n|B|H$~DR4*0ey8-#jHzk1C-OU@>*(ASecfi_=N3>g|3BgTi+ z4{e+-{U8`LgH!>kdn8eURl`ygW{;(M{lE>6YP@U|#$mwemO!WVWk=6~f=lrWvej=F zlAbc*G0f&wu5Mm_^2jBN_{H6gmr#dnUeho~HO~X8JQw;u2`lK~I$&Eo>0yMq zV(~bqZ3N3Xvo}f+>BMRfaa?zm)F-VIA#QCs2sj6bWNX&~B?&}C4u>#n2_T?xmGfPr zCnL#72zKqMvn?;g)sZkosw$AC*Pz&ix#ca|sFravNW%9dx%JrNS6PAAZXD0K>N$w$7#|VRn8kREJn=1r4U3EKR}Eu5~LH6JYsv;78ma zbG=;3Vak5cEQ?PH4%Rr(tY05IKgf;7<1Ua?60_>=>sT)=bsZJq`wBBoB!6ht*(&jy zgG>^jnoM(2d7foi^k9PJE~iZ2UJU$kCF#)zuLu80Y%On2yOwvD5GPHrs@1jzr2k5<|X01U8na>ZA;?01v=MV-=CN=0RFuY7che~;_%@BRzvJ5r(?&|I9Fg6U0xbQ)^OsN^Z|yFX zLOy#n5_f?b&qB>@&O!TceSKbv7HK17n+up9iqbqE(R6=$;@Gf{c~(Py zg5}cr#89cjuV-BRdG#uE{&uU8mQs=frYZ@%w-bpHbVjFQp9g&DJ}ULQePKz|GSNrn5RsB+wCB_(&H zFS0`U03a;Wn)l9I=`70i^5Sc{6kbJSmz%fEhkY(W|r zc_XSJ^TWIF24rc7=E|=J_xnzMhBFfNr0aEX7%VX#{c3Oir1Epu|Fx%Jy?q|NGz0 zcM>_}tU&#si>g48o_U$)iW(8L_=~Q9U|=UZ5GzFCwMvNX#zzn^VVcns<{A$E@`qyBiQT=c2s-ZVuj z?&JPXWsW9&=yD!#)5h7T-4NW9go@-kJ`)!>P zEX0AcGc%ehDiPf4l8NG4b0nGzGUa>5F)lW%Y2%kPJDyn#hH@glxi+l~Sm0I>?bq3- zHwhl~V0$KYa~C7=JIhAP*bAV7DAS`XM2OvFeVB)aLBLLDX{Doy{!wm>VfX0+)2(={ zKo7qBu|&rtW!mtkPL|_!{!TAPIj4gX7EF}vIm*tuI7-I}yNb;aU1bl+{f?))Jq~?# z{u3)KiRDb53pDL?L}<%4ZPUkEZod1RCu(ahF&bOi-Coq05X)cgfjDWxw#&6GGLP#T zMoEWZ@7mLPrsH)Kb75$yPc>8!9B3gj%I^*xJ+Z6^S)eWBjE{lmRZ2OJmj*Zy?3kkt zGdp&_la`(4C6$ws6O(;kTaum4lL*%GbDO+A^kv6o>bWjAn=!8{KJ3q%!_9CB>Rv0* zREKS+)aA1s8Bb^h<5l>OPP~{E=;b=Nl}zn_ZLcki*>P*%)@-&JCzJvF@yCP$Z3A%eTR~+HQhfyIM}L=--OZrY`6C-`%R0}2@%Nl2k)uvWjkw`N<6Ia#aVs*lokGT=-b%|l z6Czmfcy-e=YyHps}WhX@gx}i1Hm0kvgxO<#Cf~N?_gR}V4r)6Gx=1(nN&u5)$UTNczjXtuQ zp26ujt=JINy|&g7b$NF_43~4IkEs7ng22kP@>C2o;qcpf(| z$qF0_4*&QAP~F)8SQK?|aDV`tt`3kWtn*lkaY`|zQ5MH>weND06^hT0SA&_)y~5F1 ztlDnrF6*&ao5JxLJF<9LY8_GCEac6tDNvIloXAM8qBB)>9ybB=aloa~GGJv9@v=WER>NS9X+ z(}n_$x@;0X!YbUKCv~wG)99v-XZTG=f}#k6@?-u%$1ICpzLI}bOaFDV55&=npz2p~ zJ}10p?AkU1>3OVR9Zk!W`8RIe$UF?KnsE8?0R>ABss4}HEz|i5NiapF|5;z}uMoAo zYBY!f^|T#Yudiu}w?xhv{rH|q<-tGg^iTM_hb~f?Pc+tmI`@;^`@A3k`Hz)Co`2NGu@z;rNOd6<|C^B4BRFnhq{ZrB6^pxH|pEW=JfdoCO#sd`0 zG=S_bz{!!E+3WrHwMprT>c8d}6@7uUP4jx>Nn>B9{o{50>$!rz6D2`?{8fftWpbZC zZS_9}z)OQx2tc}YsCyA%uU@@MyLGEm=6@dVj~p1Rmv=ngn&6^2I%Ssr=k7TC?&AFK zBZfF?+_0)4aLt_e@9DRmrd;{Y8+(rBj8-_?9-{*yA;PWHmVp0St6&@u%z0{~JSrwe z2av+LcVZ46eZl+JX7cx7fBw-RH8mBso|2U>a%wO6*9asodnZ5IE8XOl!~G#&_|Jho z;qcZ3(_N((=-eW*7UK%jRWAH&CuokMvyD?3GRxB#kenOj)B68`V$XvgGg(C;7Qoc! zx)Rv)k^YSNo-*$vNdI1Gn<}Qxj1RofarhTiayN2l{I$B?lI!gDO!f~f{eDHmRm{f9 zVRMic+ z|1}pR>WKmw_95+Lu%D+=d;Pu;?|C$mb8(*)`Y!!^F$0w6>)al_^qjq%>bUQC*>N_) z1!1#xa}ZuZhygRB$!7R@dqC(PwEYZ0mjTo`qW&H(nCcF!^ydp!b4q@;%p|@thsS>n zd#kSgMkj37$Z@#~gU@pj=g7qUgWFuksoE(r?Vju{sGH&KpiGZ|;O*VrWnk@R6f}Pl zr=$EyDwOai(bPesKMMm@0<$=D(Yc5pI@(*Hdo6&#|^{`A=dUN=q|inNCWU5$6i_T9|}2x3HDzUAk_h8 z#NI-0y<9MbJ_OYi1vcfoJ<^2C2w8Fh!5N}TAj+1KoyAG#(5J%ZviZaf6rDrvoLi2! z>nbD^Kkfly6 z|6Ka-8L%7d?Cd=B2~o_4x39YH{N&5`yur@NI_KQ4rs2|?4~PN?P%ClGM*?kg*Vow{wQDyJ;-CSA61D~{oSQHTG;-97KpQQtUDNf6+S|!_Irrgu5f;w$ zjEN54zch9Mn4;JCdcN05d(dkDyVYe>!!jJVtX#?3=?96kY0_5@XF#tejic~V-Osjg z4@`pOkzKatKr6$;Sg+Et6f}$vc8Qc9X_?%rN*|G5`Z>+jLnNYcr%xV_F;XEd{1OW6 z?y+;-j=NdhL+esGHsWA!uye+%koA^`qtbbn(Sf(aLb*-^g+S~zPInIh}HI#dU4 z8%_0&D3_=8OGHeHEkI0Ysgci@4=;jSNC{a)AWk$+bVPIuI3(&r*?X>LA!F?a1Pl20 zBFJ{ofT&(CYh{Vc84xgCk{|s!xG$tw;|#N8C8b}j5-q!7sAi$E_F~-CI3o+;T^^a* z$NJ;zT0e9n>CtxN>AOPQ^z}a=YrDF-EZ-dXE?OO${@wpw4EUVod*}&z6`n*O7|msI zoD>aM2T-K(RO%Vf8a;7sC^{?wLdgen*n6qnpzJUZK$ip>GoGS}jzb-9Z-w-r9y?RP zY+IQp4M+BXL&lYg3)obvzy^?z9jLdLEnQ-aNAzBzIz1djy4Jo{1d3UA3Io)C=EXT& z-lzmNi`pWN_Rv{P$x4`Gi;=iyx+6~{66KZ+=@)0t@lU-L{S) zjh{9Do*U>>zGxAV0oHKKo~WfX{m&A75EqOm`SSGfig`WY6el80X%tQN zQ#BP-jr%#VOc|`#*Ex{Q!lZ1=%?Dbm!#A5bgqzhbsnOhV=1%ks^wb~Me%ELGb5|*q zpr@^Kt9To|P(~J*h5hr7#kxZ`_4bXNI2Ee?p7dI@&11(|nT|&*%XtxuRfy!Msm7t%& zS@vCeCA19?>WnIjpOj=Zo1QtyOn@|U_oN7Cv@Gn1Ecd*H%d=Ebz*SbFd1K~kZYr_9 zco!r{DkPdzFW|8hj3_Xj=j)#+3rwQJdmTZ4V|PHu>Ohq`J>K^2P$>)rbUq9r1yi5} z$W;vB_k%4J^7}lAfimcL)B-)^8}El&$l>mjqWG<%ff&7EMh$hK92eQ>OI!nKT(F9< za{JzZZ(=+YL9dTo2ZEV5*iIOa`}t~S`2Ih!`~544cp@qs_e+;A1NR>3yjR11QGEKu zb?|zE*h^JkqbnPzf2cE?G@%cqO^`RDA&EQc}Si7U<>Jk9$e?hKd=-=$w~E#!hTx+X+b z9MpHJH0Y*fAoWi)*!Xud~UYp80{$qL{7 z({-Qhx&`#|a9r+#SP*qkpwSs-2QiSa%yZ#2mx8eCaCe1DY~TXho`QEeE8kzDp^3meC$lq1}$np`h~N z!{4%DV5qp#6ZYdczUe0+jqT|zpRJy2-t%5^a$4Jk)jY=FN+!p<7+|-vrxE2B8TM=x zk-L$VJ=q_VXC-o^F1w%IzP~8Mwes(BYNz*e^3(l`32iP#9jrH+{m!3FXB!A3yz)-c z?v14he^^6cHx9I=UKq==8?&U;SVk4Ej45uJE7+t0&UXW@uaVMmZca;6L3T)1xq;IXL>A_J#zUgLe=UOK20DE2va->cEV@Y0qnBSH(`!^ID-qmOyD~`bvo$ zh^Gs*(GA>3Q2_FkG_8DKsUD=CBD7F1Xv9}8jaZqfTHDl>$9Q-(;@x?O z19WWW5T}bU*Gl0k*$2J)Q9v*&`}B3IS*73^aON@VlM@hdh1Gu=L47}i!iTDI+VaGv zFgp0?hwQ3^rO9ru)8dE}zF~;ZQwhYSPZs;DEd|IgooPQx$rv1jd#%J(SZ$*TyY=B6 z?LEa^>1$3KErxS$WXeH^91u1izH>~S20Qrx026tI12(KjV~v9dnFEpxi@s{dR7*4( zVJ6u@My4?|_4=-%AeqAPVC5_~o#|+zNEL#sWAK?Lwi!+L&ExYLr3o?@{$0ZIzJz|~ ziiFAspvlkCIMA0(3qZ>a{-p_D7Jwq?{XmCH5+i^-K;n_Rh<3Rb(9}-UM009)187ii zGXn^9l>GebyOR3C-YxAx1ku6iZW)pp2C)qH?5S=%me7mK*z#PTlJz^x01-$anPy(A z1L;U00?F1sbHaSaMV;2gjo3@)Dsu~6HjG&v{$?qjQx>ai~0^&ftjWGA>A1!5O zBB!~t1rQ(K14Q6G5f(WV19$tJ;0CuT?zeeIOHrwB$H}iu{Q&j9XX0_G1>sTuZVh52 zGndZdpV&2%L-dwMuTlWDC;l;rhLTRea7!PQLUNoXK+7?p&2)A7z1fqg1BvEgGJBq`n5$dxdpa$se zCm{OX5j1?ux|I$;tgDO=yGC*w1|I#zz{&MN@s#{$PE~yFj(=Tbs_0j_S zK@>fikNZXC^9xUDhAco?Wi7Y%sKuzQ$Q#7>fWk9AfEOJF6hl(Itt)d_&xbxLM3M|D zDxT1ji2-N(8rg9M@hQ<3GO8 z*^$YcufjAQRlyBQ=GJhl_qXprbkD~Oe`Ho0Z<{#3zZm>*H2Kk3z%*I(+mrd`hlJTJ z%qwo@rV41(lb>!|C@*Wa*NvE_M_ZQs9cx2r2`HCIWQ>4Ju(}uxBb+Gs1p|&8elIq| zDnwN3=J(pKr>mlWfk{^P1t9#^WQlxfv)(YpivVF|*g^%!3#&~?MA{%Ilx)r4>Y#KZ zK??zo1*|6|z-p?m3YTu-J~9BF>gD-up-#izn6xGU%a%-DITRq)>f#E(g9laFfyxlV z705YvCLfnXzB1m-Jh5iq0zyjh7u4-Pp6ME$wAR4-qeiRk+qrig`UvKoVmFE_S^{ zQLhWB=hol>L*C-=Dvj~tC@vP~D6x|#*P_xGCJ%aQ)c;BJt!f7i>FrHSgBik{%%rU9 z?MMHr@R_oFw!=xZfYOg~;`2n^6(e|rBJq^#CUu%kTOr+mEmVZ6c5@>{g1pLQBlL#B z?l3^>RPU4dRuMDFIj@PJ%U6{Xk+lYO1tF3JzXZK{RV5+ie03DmZKh?((P>ATbch)I z1tE8yAitcaIUhPlnjVc-4TnkuO!)8n^!Pe4dDMjzPG-gcDt~qT0%3|*73N0Yy{CbX zu$-8vNq3vKmidtfAt5xv14OT5*TNa3k9DtKYqVuE6tDUc%g^xTM&p+d;Sss*ssY|a zNcjwG^c{Rdk9|x(3}e{_=3_YozJ$&|nM-f2blC!eFHD0R=4 zi$Qkl>{wE}C5(EmI~Y&6JH2;-P%YRj*h05bW%|>ECVKso%E?Yagfvp!@pGC5X&ezx zz2M!PJ|Ny8Ax9jzrOfSqR7Zz*I?+bS?@gR%jhSzcC?-8{v>zq^lvNGP1|~nNN2`6p zsfluIUq=J>jo+ocSUI@%7!5*6SHRgfU9(g1v^mSlXTXZ4`0N`SGHWu)EAi%yLGJzm zrBa{me}Ln`8va5=|1o;~fs_bO!)-A-`yNSH)m=Nywtg(`+Cayt3e2@@zKt33q$o2i zCWD|>#Q zb#1vLw>#MJ_FBAM9;&5QN-C<(wKUi9vN5GuYZEE$J@e{yHvIv8VKXcjpz3o3Z-Kt&4pf*}||#LOcCR zibpBbzisa%Oi6l@X-SkWX)h^$$lg?av?_p2Woxj`_)ex)hD;ef;@q_lGB6mb#K4NN zn*+{*${zVr9n~N?9o-%%CzVRDWybPDxZ_s4&Xe%r>zvuj<}qsa(3*@yPI)mZ_Z-yEHR4 za|147&1QQ}Jy2hX3b^f9nzHp~;S{!W^{}a{Sft!?Z*80}13nx-`XHnD@5d){{IZ-7 z!-Js}gZiEx+ORjJ^Fe`mI{_~$WwcR2>u(QD)6-5=2!8wW z(eGg0sp>(ytbL-&P;@H)B8hM>s(h+?r)0tx{kBzW)t37eP8huvKmp&$pt@yz|6#Wn zoPQUkU=S>m3ZbSiN7(t<7F@SV66x%V@udv8cQ9DDbE0V`MBAw|nL;9J1WG{G`G?9b zs5e0m3{~#r%CHrVfpVWYz?DYXxdG@cyWOywx>6BCzCbCH+)Zo;664YZ1%T%N<~iFI zslf4?)yRUQx7=`aJqJ8eUHNHMn7E%HyNKWbucyle*ROTt`X7eZ2$2KZBG+X!1o18# zrEfjZf$;Ib?=bVGSBkH+A4_|Q^{e|+dG`n7^7Qn`TkoUgqieam_s>-{Zg5jHGZN7kuD_~TE}=O^Gp+b)F!K_t1$X_U1wSGC`fRrFYP;H=Hhe{Okg)k5 z?(h#IpZhY+^5O<`nWnYTu}Ug32G(iPxvxu>#lDcTpDmpgO}`opu+B7=J7dl$Wwvy8 zI})V5gK?`(=}Gt`dc7imXnFh({oy@YEw7y!hcl0XHh zF@BSx*c@7uGkeSMe zy|eyEjKA;`aN1h|41Rl~#vMQmw(j(wzp~0&#aVlYeVt7i2Fya^l4LYXxg(#ZIh%=) zU@<$oteV1)w@F81=HHo&P4busyTc+wng=7x5=5vEp97=Cq^!lx*q=e02IA1FVl2FU{Gv z&ofRc(*>U5rZjdu_Xe(M_)-#H*A7`<;(s|G^2?Fb+m-%3QtN8k_cbzZ-b^jOTc*gW zxYsY~+1R@U=?*pZTC&^P?boh$S8D1%oQjZ95Y+IMzIvM$+aN1N>!fBr#>RTtN_nYt?@1 zk<>OMDC$B`-+Y3wHLn376y%epek44zv<|#MdBxG5)jlf3@fcos3W`xtdE=c{8Npa+ zL?-vqu)IPP;%a{R`GQULJ(6mchczM}^bdhR%O!H#!^-iKu9xwgPR5zSn^0u-ayI3K z+B?!=P;k}@EZMtxUp4du?8jRy;bb#%8R0QWi7&3xoul>YJo4oc!r~=6?~80=R22VZ zw)%dS^Z}Qs-_!OZ<;fa=ytaXbae5hN3SQt`O}5?w7IKXV@9ocjzo31E5?WS#-X#+k zDx~rj+9W^3li6Nwf<{Y!Y=i&54#(iLfr%~qV}#B}rOT163;$SUzits2xlLfp%)aJS z7H2l@ZMq<8a{c>T*oH+U^ILg8u2d zqm}8ufb0{@f`nXH^$588Q*5J)|8e(3-homcvl{__u=W0FmYgX~{}6P~f&1af$Mp2{ zu8vsj-)Hbo$*xAh*uf+yd;2FLA&ydt@oTd30OM-PQMBBmOnBB&3N0XXfX1&Q4E&rj;63U)cwtWW7H= zUT_=lH?U-8H_~NA0gWo4X(=l4*LD8i)x9q=6FmdAl~K{rBY>yWx-s}Z;~DjT4OO0= z(FzG_xMhG?<8V*;KVH~#32Bl*bYsvu0Is*sMt&@*|C$Ex07#LUnHiW44{biJ$NR5g zo|mUD@;q^EZ)+>s-nO?rwo&=h1;LHe%VNm@nOI=$Jpw&{PEJnQw5XA<*Vt}VK7ClI z2ve&WmKoQ2V4B2@kHcHo35Q!McXB+NQtA1lJGx0VIwLTIw9P(jn^wm4c-)!v`O_C1 zH!GFQZzp;Y3g~#FgYE6+tDibCYOSwWcp(vEmIrCq9G$AG;cB}2a16uRKi|+he+e0s z=kV|_kWc$OMXP8>usCMs$P09#RdiDhFY}}hM5)F$RD9Adde<7-Un;)%=ege(DxsR_ ziA&B^0#H1Ic`T`M@t>cKJ{{SCn-}N_%UT@0=+tjL|nkn7jS)-Sh z%aK)Zly+(KHU4GC{`9OQOPo!yk5B#MzD7z0=K0pbx4Z4v;0ZdWvzIULMq1olu2{Rb z{LL>Fagzw&tt?~+`{ZWsxH_?$nP+A$)<{B0R>v2g@Qr#`+3a-}z6^e5EXA6~0USY= zVts5zE*JiHRe?EJFpJIz?as7bKtrcsb8}HzrmX6ob_O@vH@mOP>!>TcN!Ml7sptDn zp4t|25;l~Jue`PxT#L5wOEo6MlzLn?7DzM7|J8Lyb~!nrC`V&mh>K{eDg<{EolWC? zgVbAu@Vv~jm)(V4ZY-YDoe2)AVvW2NGOSR3&(d0TOvVqMiAj0}!X@|0iZLxO;i+jT zity$RmD+3~t^|6%c=4yl?JY-7q*dvd>#*3@3Na?tcP)Iyz9-XSQ&TukmSRhJHh1Mv zZf1)-r{lg}{1q*~`nZF)z5PxxDWbC^j4bA2P!5nKID`RN6Ts|8^=;>r+7~S#SCRglC6-KW0mewu3We`^FS4AA@w9=SJ{K4s z)S((K8%1BPq8nlOcJsxc5mj5RJpHy`?mfo_Y#*HQZ!B}MGBPee(DAI~8-uXPC2+$2 zVF8$2LhC($;bLq9a%@aD8*8&%pEK-v)hYqL$jT{=@2+DPYQbWVZ~fEPfh4C+1a-wO zhB`%tb)?2cT8}tXWkTF36^h4{8{@;L3U3^NEVn*v&u)yh*;1#4v@x%h;xFdU!pRHd zQG~Z+$fHIP2P!(GzK3_I@#5OfY@DM#%F8=uFZF58=m-AkC4+cI?rn!GE6+bFbxwV4p{+yWvo-Oqs=tF^@3i@oT6kbis3H!lex*)&ch738qQ)%1o4B z#HOk?Yjm`XeO~xUm1wpE)AwmiB5}5&@NpX?IlmP05gj~9LT9MCHSlIMG%mC<;ltU; zMU)>2jl4t9Cy^I~O1YGw)NE}me|mJ!B}7RBIRH+?ZgI04B^&&-Tl59U;!jF}7b<&|1!UtpS_Jm=A~BWcW>K1^QM15QKL`sw1uY}X|p+2@9%*?F|hI%M8}uLay`^x7$TQ~dsS61{&dVGks)$O63( zru}R|GK|hAYRL)-A&!zmRw9qY#B*15bh6E=M|P!M{&+%qeE#g2f0812dTs8r44_kfc{Lkqk^zr`JpdP;YTxQ2+ek@bWZLB_&(@4cSTvja)Sn##_LS?F(^{#a#lkBH zLQ?5c0|3#6NSP2-xMgE-Cf)bE#CsPa`eyi+0AX;l5%G}qoHFP1SUac3P+;_JYq_6J z?;%Q$mye8BpQd5kez5 zS#_x%i_TFf&cQ3*me`K8O7bkp^$<$C$wp-cn!ts?xYAPTYLKYfUZ#A)zemYk7_b1!s!sE(7|o+AerVZBk46E?#iApYM~U8I zv9L!RJSguGlEAjcN`OLKefdg#r=J|_?;!niG^sV(#C{5=#f-Jo^D=5yPAD3>^M8cB zcOaGh|36;RKxI=ZD_atU>{;0}du4C3op3~?lY}^A%g&a~K}l8_*^ZTQ?0Jl1`@Sys zc;EN^x$obvzxv}i=el0=IUa)muWdeS%?P#y%Vpy(k!W*ux=B@BDoe6|?R}#-QZrFf zbfkdeSQI$y@;i>)S5Q%@&`=TWyDYLM0X2ORWZgmiTX;g*qzt>X->L#PWleN@*Xqr6 z_il;2@H1E7@l)dq`2*G;AFdYU1GOD}(A*w9g8a$^L)b(-4|dj}QvR^6Riee=KF+h* z4m*y5Z9pj4+rh@}804(V?wlrT!s;qiz-oA+r4>y+IgP*pdh|&xoscrR;umC}hPto{ zaB49fwh%Z5XtU|Z^E;f>f5`$)-@19d(Rh7k^$PUkK-zux=Kn#k`T2?wNZ)ASTA@5|8orf!% z6hlxr@;0q}JqxUA&t&MQGP{9loSuwy=9(_TyO>2%CG)W=AT7uDY1}WuF9-O#4#5z} z#q##O`{jw|tIP!swOjqIuOACSU&>Dqt0KA;B^RhM9fvQ1@QhpKAGSAxd@K{e5_fz9 z0@6>ALc-Bjp-n$}-Ckf@fYk0SN2Wm6~;?;OaemgfM2+1T)DSnA; zi~4;qv{tu>VA(k$hj35p-e;bzMM;T_j>F!^^ObFTlzv-c_JHk*Bu{|@ep*e@C;|CG zlJPc}V0R@a(6aOB5S$IH`8X17H34J^Eg=L9c?;90zNXS5SvVXXnwy=s&{zTy>K$*9 zF^!Qw#C_$Avq^qOyKP-I-jBsbauv5o4cQ)`x;oW{NCM>km6=CL6r$eSZu^wgn@9Vr z!w__9z{oql9biO1`FKe;J5^4cgEUPy-gS*r@xl~ZUPv_~CB%|iy{AAe3gOuTI2Q(Z z-Y_FJR%8=>q-T)G?U%%Kj(~=4Xi>*;qvz5f=x~gTycIw4q8>_FtMKvwhCG7|!Pm)F zN%l|f2pa#%?(USr(Bk@Q6=%u{&+)s>scOp?LIPjDV54S|^u6Ron2edJq>g;D_-@;W zl&L`Lp@aZ1vuNtAa0efzKIUjMOI*_i?S0=ii|TTOY8Hhy*1DIYVGka`j#ZjKeS%bD zN6GE<1l*iIaQ}m z{1Kng)lr`tpp~%_F7+v@Q%;~5T!OB&%x!X8pstVREJRJBRHL36F&Oc}GIq)<(6*eQ z0e5KNg$7y{bB@p5BP+m_Q1eNs4opXt!*O!G|JEuDI=8#J@Sl0|$I}9SiC?m!;Ng+i zs!z>!jN#}$=c?hArJ*K=Me&R$tJJ*+D?*FqvDz94zN@!Be$giMT+gZ4?vnh^B!<$i>H@QZsjA{`=q(MyW$2dkO(EexwR%YPHy{XqJ9sK21WUi z^0tK!??gB-nzvWwgRUyPKfu)=FK7wi?D=|q_2mt%Em5(Nv7V?-SNuB-_{^6 z-X*S63ojog(E-pweNBYAsmtiCKF{n$V71;XUwA%fy+1e+HWRxtqX~;~o65Mxmw)GK zr`y-ea5LTe)A9kSQr@*6FEIx;pX@sp|A-guK)T69p+8;owO^Gag;t?M#jyPq3;zn^ ziU7iEg7@pzvb^ute-4&1-g+(#x;`^nac41~B2_bx@Yw`kC&ugV1jOUO7UpkFLL3uEaq&wl7->^@A^IsG7u#6p*GT_rWSEjy1G z<4zfH9OcPxAGZpL5w*$X3h51L<0^PzG7HVakg2nP1Awe)&ae`@AcDollhNzAmNxI) zRRtbO>as%D6x?3KuZ5t-w#$Q1u-Bz{K?b=mNvG9jl0wXhI*MzJHMw#U26io6NDsa4 zcy-puasKPW-u)4G@>wS@ilk}LiD}WS!0GDZ?$ER!!3Z1uq>H?MKWabDh>u?1^^wyX zx#<(BtJIes%zVHes6EjNBz&4IE$;I2CIkmJ^Z=)2OK@lv5)o}z#g?jLfNE5ouBZnT z&{^B#JzD)pdvm+@yhZsFi?|0bTE-;mT{08kgsaG`WSRO<3jx{?T)j)zx4W3s+>qVX z;OgFdxkOOpt}+FJjc!C1Ep|T(H*@bj-uuyi2z0`X%UPD?(-(o>uhMIlTWS0UlUl_= zo1 zxxw2^^pHQ=diPkND{`>HYuyw?gmJsyc%~Dx6X0!C)Qj^2SgZDv>fyah{@L%M7g}Gt zQ2tsTxX0@MTaudMPG)`aOK0SkNu5=qd$j(p*1q`RriO-2jMg4uGtc1f6drf~Wm-87Y1xQxoH|!CHYQFsf2_>(DQ=rQ-V6l_@Ka~HPKbN|I zm7%Q)r%OiFAUB@u{r+apSi98m#l@ZTwRFZmXk&$Xr5M*0lY%e!t+x~r|Ml_oAJRK~ zetwz~%A`TvlIj+H=XmsbIzPVpOVH6_cjbtcy-D_JYsbze!1!irD(4@+t^VdYE!KvC zr~cGH&LxX-bBB-a4)G>1UDDa7>6-DNpdSa8yAX->7(OG2aGvH)*=&g=pUHv|$Nv1i z$P*`UngAXf_NHv9#<*zHD zc2Ft6fOoAHtmh_B^cNV`=)wefvPWl3p`&?MV=B}Nh#IW}?{=~LcbrC_s)+aS7e6gVMq4B1X|f&C4Zjh+V7G36sg3Tok;&CKFD;q@ecR4Ttm+6s^N?a^xnJdKi8e1phTCjirRRq@e3G2(PUXY`@IH}e&sZ5#{^o7dN)t!hu1!x zkm{L~Xd@SLK;PT{83s2`_QA?AU(Tng1I(o=oQqf`*cggZU#(3? zs-OYD&)_nao-0Cl8;a`zcz(9=D^Rf?0YsCmHjln&EykErWq^qbxnL*8fcDks63~_B z#oQwv2AS>>z@JqlgSgtULZ%o}X94L>Lg1ErSh|?l-rP-rCI;!3pdE9=a(;fk+~n&y zZ=f(YGKem<(GYBYnvAXkd7(i%Qe+ywm1`W^lwV~lqBlL)EPhlB;Fq_`<2INgW1?1u zd&f_ozy1V#eN8U46RlqDAuw?-1{&8f9dbX&*OmDJfoaj0MN)fKwIQlw7I-+64T&^9 zxCOi*IGYW93w4ScFphmX?zD}SEVJ&QBB9s4H2`E78P`GFK-8%S%% ziO{(l9xhplyH2LdJVYLYvXG%{4t9vv?_fPTB4VN=v?EPK!_~!Q>GK)lJX8mhJ%^C; ztUS!dqI&FGXGqe-;vHRau&~W%r3b<~njxDDNI7tnuY|z=V?C|tvq4Do$z$I00Ye#? zR9R6piW1;|<`?Kd>?$|Q+4;cc3{6(YKDXbl0t6d15S~o8<4*d_vHEB^>|t7Tve|aL zuduGxz4lNmho28Wh|};0oI{jiFZQmILaRo^|5Y8y=7%e*^SWO>RfvB(t$r_&ODM3? zOG*U1k|B>3IRweqN+1V90=p7H9oJ3N%CsXlUA>T#n^1}E)ljKA)WerGZ3kU&%NPR} z1bGdUsq9lUU|}r3H+wszcq=@c>5B?vLQr{Ns%-?zApgaL*A&+%hp;x$$j-c_<_q(X z%f1g*uEB*8?0dQA5db6Vs!Y-S9s^^E;7yW~XaznyVCjs*vgCGp6QD~-cs@PSKzMzn zH3`0FGYlLnmgDRSij5B@sg--lJ7qTJ0I%uBv$+o}q)I4rgcoak3_iVcEucy)mG&sR z1}x-g<|dF#&ocNcS}>8!*QvX{8{{}5OBFeeOByhrLNq_#cUz{QpcsUxB(JSUKv-S| zrG>@FN;gnv5Q+dbAb=6^PXr*#6%h_MgH?+#(e3w$#HQOFQ1(rJe)P*Pal=j%27TJ+ z=vgkG8!U^gLtF3ckKzU(kAngpf^Q}oeiL`R5{ZtzSsAuLHKr6OGxhRhJJyjsWPYm9 z6(yTp%rI>wgTwWXioRo>?n!t5#VG?j_Z z-vLRH^97krhL5VowUds+_q*oL{`GqK_)sD>37>_4gp4*y!C>F*Md6*#K)O{Ikc#6y zfBQhZIHbd37YEm9z*kp*+ECk%zyjBALg!n*Z}BBicQ#m;aP^0Z4bz74EVOM6(g+rsGp#_3KO zrQKv2U8s^&JUYTtmr;X`V=DHe0pnQfOoj*3qzy`ln+(ge6F5ss`$FXVv?MFH5|FY_ z8dD(2orfv$Cp|TW>q{jBvculkqCP=LruFWGZxX4+gD^GCABSaZ&W{I@yf{`9Wjy7><+qn<>>h*=jV{e;h#Vw+13>2rul4jC7}>d;M=?V8#bsr|fjl4e1H&q?^4dV%fYI#S!nITcZEL3T9F z&dSr}y>H_;XeKviMn-K;cD?lJ3sf-0#-d z2a@*s_?`g`!5wL3k!b5VCB{;GPJ&P}SYPHg^Cz#v$DXy11^nvu98<*(!5yA%XKduH z=O&$$1~CT6H*?|(_tvFy;K%2PY3(5-ky%#P`k<R=IOeV* zFe4#^#fRB>sMn>8MS!Tl zL{Mgwj>qpI!?V_0oX80Ij@NuYNfl5|a!zo^RwO&!+%BtL%&6Y|4o>lJMnp$66s$o@ z3plxeIUrm%L)CvDkif_~v-MUvBGRP~pElqezMMyLu zz~L_)-ChSa5d+t6AdYKdAc@FICW~x4i1crok28X@^*fjY7`q)38fPsS3#)*+GJ%vFV9#I2twG9+$)sx05NU`=~fH>;}ETZ1-&PqdKlMwrMU z({!u!-TvN}F1@fX%0^K%8iUt(%HN8xTablVko^DvtEmF=3bP)+Hfpvoal;rw@`8L# z&)QzMqvFE_y|uAanwriBZ0CS|jz?-TzB@rob*8P5@zzZiy>GgJ=N7o-oyXshIqpjU zCp00}kN@#%8SQFTP`?IT2H|Q^Yj98p_J7F$Dk%c>reW~dDc@HDiUXx+Rs7d4kU!}X z^z1F1wPeS0?W!+1;=Yn6a9#b1en;r-rH4oqywg)>sAd^L#A#o@vYssEASd4Ym(HE_ zReYu+S&HzMUrPH-7rlt-RGi@Ci`a8FxgjKh)MT?Z0Z3 zFtOL$K!9!2Sm7t&B720|!4L)>MgDSutjGZGeGc0#3QEIoks>M6k{RnSmCRzEY=LUh zC?a-}?J}X2*jBFwd55&%!gOp#5I56yW87?_y-}TFWx?$Aq~Pt3c}*D`I8Y7#N}$lj znRS+bT2!lNBhFp~eqE@LOpbX4in!nv-hE}6LF!Cw!)^O2f~USI14N$cS@B1; zZD|^KFb!xKH|@km!8S-`;C`7-95;0z4ZYL zI$xe<8})W^^;DvyM26&Kp-9#{Lq26L&XwGTF?w#(V28L4;*itDT_=XxGCws@D0yGNHZAvzqRB*pusx~ZHZr{z|_jRvItrg4&E^Bj_O;b06_46pi=%3m&3)3<>Vehpoy7#%Q(Ic`yYfG@V1CPc{0F(I7eKJ4 zT)|jT&wp6FmaBfcg?tlm@AKAS1Orwe-_8~V9okmKAhF)f5D_4G4d1oxEE?)tYZw>D z{U}Dgc^^o~lcq_7d5Q?NLFTS(XqtZCJACGQW`g_8P3CgaBlXF9yafL{oj{~Yc$$lz z@e8~+^MT={drp^GzRxoCsn^;seL*4iknGh$>+__xmQlkbKlSzEUY0vH7O|oFI+oYk zIF=SM7SZuZmaI-O^X1}3>Xs1_1R~WcFPG^8mltfke4Zg{YqER$&(gw2@tnRyR(vn= zKRaJuP}=a&Ps2Rs@*#t+i*2Nt#~%~-$B9W2_8ec7i#Dz$UDP@vT?42SKp@1h$485MI4{RI7AR4)A)b7j%k_}z95;HP(4o=sMugeEM+ka(oJu$43|h(C zT-ao_c>bFf&GZEyaW>q1w|b4KPI>4MXS0WW@(OnEBLgy-G!SR{&!_0BCSa4%6TD3x z>vmqIUdC;Z7_?Kn6%nKdNX5JI6ktpNAybk;Dz(pBTi&-w{a- zAD1|Vf>$KaU%cN8Cw+x5V9uYWF^T)LOc#1T_NP4}-UrQ|IO{8J z!wCc}Jt{=c+}hsaR~`R&&42r{z3zNFtoMzB0s$bM12oohdFj;!sA&0*ukDh-PlY@j z0BuQMcZh{A3vo`WqCMt0)zMt^{tIEc0OJi&?KgjP`~DItoCZonKOv+Pz;=$>*3HjL zUSY*cvHHsS_dxB>ztFqoZykL329QK(1SPkCxdBs^n`eUm?>j<|D4~gG1G>PJK*|Q- z9U(l4sl|AXkJovBErsXT{qnba?>hf;Dr8CVB03UCpxf!<2%~xco|3~=x=cv$!)8MDt_2)S!!GU1O&1PfU1P#kS zdJX>^oRCex^aKmn9w1JB{bL^g7saUuN|=LAFNDvyCghg=fH8t1ma6AJJ}$AyLZS=6 z#TMq~gP_2!CqQ8NFW_G2LHsEgNg{p;Sa;F)Fw*7C#Y{0YIZ4Fp{Fc zon89(JNwUH@$XlrR|hW0`1Nv;EDU>P+qwR`|8gRMWs!c-KU-@9**yO1%M0C+n-5%=Vr(b28GHo3aW6p$|yv12q z6fACR25M8e?dZYo8>>IqO7kmTqswpHEiYw1IeD$O@%a;WHNM}+xhT-_rw)Z7PoIG4 zB)0JD5;aVwSmS(oN*XM=#&qgDtx7)lcH2)sDUlR?cbsVGOU#wq_>Nft;)7S5C88Px zScQ>a!hoU(`u-(Q8_T;bnlFv+VSJnGzDcw_$er^eB=i6Ui!*?39~3A@g1x|DYB$|w zI(slvy2XE+WT4DXDNP*nbM<)JY;Etyrzj3J&CJ$ zV{G!ZyrbNAf5zTf|6W%meiU8`Ad-g;v)4+d1d)U0`)E5oKv>~_rh?zTDh3@E#jEk6 zTavL{I5*C7ND(3Af~GPz8=jmAA=R=!tvgxFtx94geEJ0yrG3{E$(^aM&Dm zNHFfV+sz+Mo_*ywmNNNiY3rGyr452Ir{^cfJbhO>KGPo5ZROI9wAA%)iUM$5>~c?7 zd6`P{Iy*CGU61-g%rjB^R_?akF%_5m^j z%A1kd6_AqDXa6&aJFKTwhtXMPWal)?`L}`182Wb2k|_WYDRkR{$~s~h_{Q=B0mpQV zt#=W_tk!U`Ds&1+NRzzs0J2)5d?spPFFy~9pbhj59Q}M!uUl_=`T`#MuEgO zT2^AB7C<8%Ehuf2rxosdwmkJ}T42b6`E@AWLwdM}wk6>!YV3>siG zO^y#{#T~$%tSk$)N|r$f#bXP=t6)8ydAcR`gGDADpaBFCRyc=!Ku2L2>aJA{sR+$8 z2?O1_(c&1RXRRys$8b+$)=uFqW+xGXm(Uul1;98K9_2}02Zu2fjKzu+vzFWO*m4(( z$rNg1ScO26EGjK$F5mxb1WaB%J3m$(PP2-yKj1JXU)QaN*Fx%>&u}ZtZD7S$IVuy1 z(gM2xhx)^951@>pIiWdZ9T2+rUjLJ`><<)Jy`p9n`FXyM)fVYlRY4D`OGkGesUelUPC!CP zGJ5<bjrnrRoiSn|}__iG7yjq~QaeLJeNU+Jh zhgwewPdtG+RGdrOC0da|%g&@_DFfs)IrjGjwcC1;pUc3pFbwqJOLTV@ftj>%jG0P6 zAJFvrCG#NYvk?q~EVus2I1H3lmTGZhCEyGghHZ=PFO_TqC~2I?@Fv8>Zn|88#<`F| z0%EybvqS*h7pSxm)s^vd4BXbhZ&3VbJq$qidY=}j`$S2rI#`>K4nh5cO8Li;)M<_F z;1N1+kL7py4P~kT<8M~0X1X^omA=KO+*Q2bC#gBKx+7kqOkT6iNUk1=$ zJ`DP(-3e|cR6(Y}jIZ!R6Lx|Tav+ca^t2K3^9Xq0em|9QPmGF+Ldm6!_~Q?1rRKE=Q)fjRCNkvY76|?DtscXXRSVYImB+=%BDFQcF5hNFRl2&n`R@q>$2~s!c|_9 zY+&yRFKUy=JFUvX@brO6)s{W(Yue8z*8Mk+gK>4lC+LGx54;P{^A8E19D#Gul_jOm z`%sFOChNaIlwdeyyz%#%x1`tK;`UfH7b5Q7yJp}4?>kUXkiyu9>8 zf7XfOe5aoWVo}{FQ1GfvIU@<#SG+Xbxy`A`-*QkmeHRJCXY8%6OD}1cYWEg$S2RW2 zBB#OP^V}h!F~h zSP>$G)*H!38JNEwuZQ_9ITn4J1Ym!Uv3o+<*Q{VkfwSa=K(iIZgCzc@F@;W3XO=^U z{n6T?y9RDz)0%imV%%lC`C`e_eUt?3Z_*xyx+E)Mk9xwyZbI%5H7HnJE`;H9csU$p z&9>i@d^Bxz=!fPGD+Xk-;peB%j5uyF@OuyYCtr%vz6)s`LH@V z2%)xjQ}up|_aWay1tqBzv9q6{=85BFvaP5MHhw>KRIm@4)p-^4^iq*%nGh@Rxq1sM<8@y1SL9S%SBHUD zw1#!j$_9nlEe7ZL?u_ETT;Fk!W5&?rWR3;M-^>tNUji68kISs`0?d(YSIfrD*)8oQg{48->edZh2iZhI3AZ0#QiB4@Kuhtqj!=glXc)!jNl zQ|H_y={x@}>Hgez$zk{1&v^ypZw0QOM!@~9^mQDGIcA6oJLhk4wA=|=bR1y+syys4 zMR$6kR>_iSXNtMK!^b5;e_HxO74_b2IA%{Xr(9RrbByVtdkS)0Yv<1QTY1DlBB0 z+A<+ji98>oIAOD(AlF{o>iRY8>uT8@d2`(;2T1HYoeoW}6*J3u7^VVbVTZv(@@@TcbBMI|V{=FT2J$GAE zv8-x*Zr_f*E+x^f@HuyYkgPs?XLBgGvkBx8+OQq6LgJupj`~E}^p=m(QmNQo$f}Qp zSRCem4D`Utb8bl6b9@rx*W_ZMYPFIuTcxCNw-r@8)S?66;Q&HO19}cziV~Nhhho(_g>K%v}wp zIuk6eJ{0KjEaha zrQQrs#t0XFz5FGWc7U$?XAo5(H@hcM;Nz?Kpm6~b`V>h5*}2HW`eWSjh`fKboN8UV zOcJ&G)i;h(?o$l8-@i5>Ikl_Jx1ar*b5*fne&|$9s%2d$AR6^pIXmvX2qopYj5U+d zAM6QA0$&NqAsw&LOXXyvi!*x5w#*Mt4y#-L#Q0WP0*r467mZBadw0(4qKFrMBuAUO zj3K^#V)-kaPT~YlA+W^vW&x81d{!*`Y%;cH-c=!amh61z{i%zKfIglhwBfLadxmT- zrM0v^P0F>y@CAT1ZoAM90}zMEvt+-cs`-gw?a%A2_1W>Wb5}JrNL9zKHW0+UhA;0i_f~kI;#}uTBfkDYJ<}uB7-J;t z>$@}n&XE=DJW%$rhDhg{GdmjZ^NC%7Ujl{EHKTboBQI=|hSYjdbFyRiq^|v;mj#96 zHt3_7l}PL5uK}KxdsTr?wsU2;V_?*pkq3xvzy;G|VCoe_-yG-omTBAOpxUHgsT8#b zNM6gYIRrj*s$`Qq!3;J)3#0Mooo(L|ZzE!?`FY|h-xeo(K?MBEU030$W>S!r52m$_ ze;3vdFw)ZMw>-Ng@LsE+Z`MrbB0BHMkITNqY!nEatmmWnpEb z@N6r(>kJP;rr3diuI^iCtY1B%&+#D!d~cud#RWa)|fAr zxA#&Hh~1X3hU_SLqkAW*vJ5^yA&k^};RUaL5pR2{WRaq|hJ@0Zvl)al9#`{DAJE&> zNXE{|o0Gj{D(dT>wwV!E`08F}%uZb1hzb_~j;1)no1_rbI03%b@$&_1`}Y{7-sHNh zoDy@NoLv3kDL4wOQ5j#m4!&4V)E<2OomcZ9L|0B>0py1>`gAV5zU*_vR=3J7SeK20 znt)2a+;2!mc8L@*eDSa^!MpOR8e*(Y*ytXyQJHy5bt4M0x@plnK;>Lpk>Hn|S=qV- z!a>`_K&&~rDXq_)RXITiR+3}B<6b4Geg!$h4%{v6Eh^fmnVp&-!&OY{yI{nOagTu} z@=`GgB{(SW0&|_elAN;tXaW>SBetqmrQG-b;}9tC9n_?7~ltb@XjtqsS)qKbY{J zXYdy^)-)EeBalz<$QhBKPx8Hykhv!_zP48%PxEy%;Gy_*>?!utbsp0|q8jz8FE3sM zYAHP#OOxi*eHMBCiTz3~gg7!#t$U-@@VGRfB2roCWB0I1E}boNP|R2_d%&(n7=>AbBP>MS)!4AP71A?PN(zF zJ;-*-Ni>}~<6lks#5t_mIZbPkC7i9<7|7MSXK+QR$_-MY9}hE4A@&}>UrrEooupm) znf55L!E=hg>2KI(iIgV%0G}~6Z5=_HsPnO!YlQF9NWDSGi`MnR(n;`L6D!IY7^j3|O_XS+OposkM#NtU(>w*AdRB``+ z7>2l)_zxy0D3VUQrBOyKeoE2Y$`>$1ba$&)3`QHv*Z~5U{-^TZ>hks?RNgCB{%(%0 zZo1zQa7>#v7UKXEdQUlQ^Y{9{tQsEK0WaNEyCKi|CxD-jK6fjY3Mxvp6Ie4O0&iZ6 zk~8vW)}TutLo>PrPQCi>N)L$Hwe>Dw4v=l{A})qHAodIaJvoT_UQVYoq6{0ypTXBC zxVb@4qOqcP*xN_3oVjf-@0qb!QK#tevE4i~N(cg*R#;zdMXPw^G0YagAsy2A`#d^? z!bN^6I+pb?mx4oFB*tSVtzN>TD-qi1>L!-oA#R+vspt z?SgRtct?Xo&*pA4)lkjde)MQFt~B@ZlBL<(c@vy(<&W3je?Zm>kvqXhUDjENZ}kNI zv+>1)cBp_Q^s{F|^*;Fr0e?W@f7>hBME-yh_)`q<3xs!mz2M9Rl*3tm^Oo>79E9d# zP4a56Y>%@5GJGCDz#k2YYvuqE8aDqPl>tG2tFVxGDC9Letr_lwZydh+_ra&}6)8){`jwZ9bF{1AJ}CvwkE&|*At=vdk z>ptGEKX(1bTr>s>4<6leth&SH4xI6_kBxC5h{0N*BE=^bjL?xE=`jG6IeqHeXdull z3|Og3xdXvNl+@J1%3p(tJ#od8ANbwH8m$30(%p3z7^5d@C$6{;m)Xr~g%1c0?DmTh zs8pYG&zCFeL6Iktx7Qfg!<`FT<)40eiSCB=Zhf>*)~ zu%s-y^;p48sX58JeHG~4I!_i;6PJBD1Z>e+t-^uTcLfT%8b1yJ9mk`dTkjFQc=M9L zzQ?CL>$q#3=v0YyqFXeTva1nmtC)yQMH6f5=HTju`@|7dMLz1 zxCjxw4eyuUm%aCzFTe2!C`I4*mk-cld^zz<&t9&f=MO|Q7to_1u=3s8ECvw4$Inb& zhs{t?9rh}x?g>S|GF0j`;f;>Vl@UXjK*WBckp6ug55gEN-B>T{FFBBUHAL=b9kE^E zxJkO2SJJ_2$VnzX?lpDE^AN%~D@*iMg%4)gDMc?O%%MX(m8xHVIDY)lw5%X2Ol+?O z;!i=G;~Gn-bTM!o@rc$2*oJ>f2Gwb~!udhh!cBuo=g+6lSMJJJ`mB99pP2G-<)9MGjCf>7!FB_qjC@(ZGu zx`JhLs(S?}M9_bMw}JDYpG>tSJ%P~8m?09E+$iBxy&B#HsI2F!UfpEIjf1gD@Qe{@ zEuBjd2{K1(3D(BE2xwqr{@l8#WaI_0i5+A~x<%hKSh?GS4dL4GdO>cawXF?1Ixwf{ zz0?HEk)ku+GIa(Iw5!9u&8;$bUR8$UJQ8Q52_%H)4Kg`v&V1g^Ltn#xPv% zoc_l0LDp0qnl01Ja*QEMWJPSC2BIJ?hT5Rlc<1^qKUp8Hd8)R5^E!*!M~_FLG#Jzd z(6~yt&#J~Bow#Z&^?oL`OU=2@ogqwsz*tBHOZ9j#AA~?JgpARJ#e4j|`p=X+l*tSu zC-#bmX~Ixzy~zdo?GI)OPcN%@DCOpf<8p3Z16aN9KMUeZ(YU#y7}m8K3g9Yn zrYqRq-qp&2Vx5}#_6Pi*jFWDNG1X(kX)k!uB87**h|&Z~JXVq3e2~I@)>nf5i0^_G z&0mKcP&~pfd{`R+mM=oZinKmrF>xYjrk0VXUoRoAGg0l3jI|}k^EVh-W6$;azLvQZ zMDS8+B8;re?MJZJLM7@F<(Td@4eO6mfo1oD0~v#kIeN9tVq|B|-YsMISCx8XxUX4z z+pzlaW$sv#$yye>HdQn2xqOi#CK9=w?h$jLM`ZDhYK$Y`c+(aa zszTYvx>`93B@aK23E6-W>ie21vnnhqVz7DkJndmy?Ex9y+?9mJc$H7vw(3T{EY+EP z<>I)yLr$^H@MUiPryV!+P))gH%ulEp1)+xaPA!KidzH*X#TV$5U)=hujgnCt@mvJf% zdzZo$YBiK4Lya+}T)Kxc zOQyqJ`_RyQ_i|tw&MJ3%>t5h%jJ=N}nLFDAwGP@fh*Sav8|^BpT_^WnX$y?i#YI7D zNXc)-cfZ)7sZLvvtBB!4HP38;od%xWlDh$ILj2)=#ifq0a-#od};Vy|H?xXr*1_?<#b%?s#NvZrlu!@9zOM#u##yRreos+DCi@c6zmaAqrTL zNV(o>zzi9YI!k!<4PO~UgiJuR)-iJKriy637Uxe%!CngVv%{@{_(rZ}jXECjf~VdP z&03#A(j*FW5(W~{+Sx@|l%eOSdk48PUK$lqgmyv$97t?h3Mg|$f2e9PE8;)2r8MQb z&%mQhbkEx4T-itOJBUok&BW`yqyE&upgCH(@y?QH6$o=`zR5;CQftU?*_Jb>uxo!X zD@zpn%0fgzOPo}=Oe4}Y8|8`6u}y*(*mC=+Ly6)kQhwm;}ur--x!>=4V z@4j*{z6ee&J&6ZNpTzPErsDph2TGUejXbvwYV4(LVq;*vU6Q8f@*-597664707>hUB!CSfhjlnm7zlixQyW!iwldF4xHD+KY!f)W~5Qw->5&U zaIw*FR^P}!hdRvLumeG-U}zj^*yC=aF`HUE3+Sm*toLpCZ2WwiuhlSKM!vuTKMOl|-=N=ZZXCTL6LKN<7tItRVj4&HrFF_R11T&V+~~DAdtX z7(?NELyPo82&CuH+1$IVpFnn2gM4pB%_sLb2?&3Fjt1#oQXqgIivEnycU&Sb;j&9Y zgBq>^^YgU<_0H>4|4R-L1d8wPe4)S_$x=yf47!i!F9bPUdNB00MO^KSvQmSIRvk_L zG@-+%dHI}Z3wf;otJt!kveI#aVha>6_$_+>%b@`(#VjOhrka@Y@Cv$AUx6MAEFN^TloRuSY*Bs;-hW`Bo=dzYeYJ$z=->x-C9~@>Nl8hj zJ!V3GJp}*qYSxMPjG&{frKM#FAc-qw?xs)r|Kp>wTzC>n@o+h9ZA4a9QLAON>Hd-m){zPpwhauUy0 ze3SFa=fBHy;B3qcovTJSCOG2jt4rICs&eH8IQ3~udE9M^YXx$jmS8nGHqQOIr~U+G zfp1UIC3!WC!BnY^12?lI)p1K_`2|0c*S|X6W)9`A78LQad&MsuNnA{*N^Pumpxmk% z$(4~J@ELpkonvW|I%Y6`N*i5smuMN+$z4ocuRlw?0n~2)`UAgTFkKf3WJ#c?T=kUhW_su(Aa*T={ zFAH(9->t!{DSNELmzUoi4#&%U-C`Dh^-7at?LS_ul|V+=b7cv;pKnn04)|-sg=id4 z%}3nZUmiQ_G4x%*p@MeEV}GA>Io(8Gcc5I{Yu{m9@ar=QndRmA#oUY2C9rEtzx*9; z(UdX_7wbp66Ql6!b#hpYf62dGC|;k;b3i}dI9c?u=%@LaRop7o^-^{9HOF{W_W#90}k~OW9J2^kOKBTBDj~XwOj(4lUMQZky*IE_Yd*9X> z8VCuTvZ6r0-oiLWgxPXx{L7a^TR`rDObrkMfTUj_OK)A>tCPl&2`^tRyCq8boN=lz z*>0%_NO-lVxO><^q_r!0JjBfZN#*TwkqyXF-zgF8R9Bq0A8*P$M+>(St7^f1Vgv$v zRfeDZgulzO_6}_P-c0{%;0cbldjh}VoPh{f1-nM(AfRp=wm7+7W16y|#V>u|+;#~Q zxWgaT^Yd348wbZH05<0H5_kKp^7FSf0eOkOxx&)`Nagu}Y<;QcOn&A?|2%7&RO7Y; zC6<4IzDnefzXIT+rkNkHX3+5lFn9|a7Vy7)>t7Z$CB8vJ1;7~&L8wsCL`^;YZ@O0R z{{7SJD)iOXYDG_^jcCEoC)=`I__t+8-xYU3M!V2x8FeTxFRwG0#s|b@{{7$pRsU4I zUg_OKU=?d;V`KBmkKMOA_AmAU|9jBq5_SwE>|9)BKsHkc4i`%`wi8_Z@%LEnk7Y}b zA&`l_r8_C*>p5t0UTaHfx2GNd-=V&GME=%5g$)8sK>~*nviODd{Vp@HtpB{MP8P3( zJUP&-4tbci4G=aAdl{P_E&uNpJ{gmIgoGO?A(RIM;OUoGUJCIp&Ai)b@bAx{9w%Ym zpQj7q{(*ndS-~Uqy~lS2|9!jk%g}cNEjA{bi8;_h0K>{O*7|KavX@=MU<5(_Wg@dh2b(FDx8wvo|T+{|BIO`?Q8<@{|udnIB+A@>Dy8Pj_q zJq`5qU5o^CNsd5+VH?zw&;V5lsdPN(cp-TL6b9luuQ-~Mk17*HV7#g0(HrS!|9pQ{ zR=kawcGpy6Kr(>Tq*H%dC!#-)L6HF{6-N#vD<*RR-1u3-lPN1z$BXzDLOl$m!WuL% zTF*}3`IFlbcita>uJoJV-r(ZqCjMCnOZb0$eRWt=Tl=;mDxrWwsUV?4mxV|pA}Im4d4_gd?D?&l8J z!_z1#c`;IwEsfMp3b!&4djam?4`)J2D$b|RKmuyK*6BT=^L-b z*e{LWVT$ZvwuPR6GT$!_cje77AT!a>)YKf&Oo5PVX#b-6MJ?vQxr%d{D*xrr_pg1z z6fniRl>}p=oK665Cl^#2W!r3jailYOQU2>m8tcDJ68|PA_gN^P2ECvt9uP?8*L^i6 z#8Z?U2PKnPYU2D~ZjV1)2_*;1tyW<&pMI)r3d{ZyiHK#xfZ-ycG!5PBEa$f|)c>|V zenjA32Xl`iK-7ZPW(w$^ndcx|7BLRy*QffOSUkXqT4p!@^W3~Ocm)87@Ew<_%lc#! z@PK&BW$M}b&&`E)@y`$OEMJixg?7*nXv2O#kskcm$ESKc3nA;vBlPjXqMC9%z*#L% zmIgj?>~efmz>4lqlS8RX?2C|oEeP^YSlI*fNRCAi!qpVHeIn{Idzwz#zI5V4uV(SE z3s1#R#cPYIc`|2WLS8RR7(>LGgfU|ZoXiw2rCeE@&`VdG@7d?C{o{DRCG$G9#!=Gh zprde@;|qKFoL!+#QwO7!;f)TN!K0ms{*LDTWjtNs z;B|;`q6I-^mU+#zw(mwjlpCVkht{DPa{v~Vguy1i3;w^CSXiVO1YW1((L1Xs1l2vS z`JPJ*J-p@Xg?DUDxdX)TmJGeyRw#MVVNlqy=t4i>d6)xjOA#f_BD23S!AOSkg^JyL3 zCxBd94x(x5A@@cP=Ulxyi6d(IFZ9G#C*b#0+siXpj8v7%HmaN~50-uc?>kpt^Mmu( zo&z6N-vscc>g{T8_8r8brgvh;yhq=K8V63moE;r%mpJ-1RV z&m<#Y+nFaFOjmSEwL-x}5$@2+tP~Hak&3~-J_3E?bCIHO(=KwPb!+!+-Bv2X_9`Bz zi~t8}891yfILQC;Nd$|OfuB%PMMY&KZUXq1aPzBw%l^G~`(T;eryC046tishba~v`7gEE9 zB+1(YU_&zi)m);BZk@YZoPd2cImZ`+c)_P{>0uGmy{wNO(Yc1oG{Wav&hYT?6v!YZ zdq5=gb==k@U{2cLAgjYBd<=y8L+WkZ*vYXG6rU}aZ);UG&%CQWCD$L}o56Fl<{AhS zgj_23qKoqC=pZ(-ptSCL-OGWz+1`lhQostf8U%OA0_X&|ir+}nAscn3Sdv_S0{Vh5 zbSMPS?(#qs@RJCxf9(-sVZcQAY2oMT7=}*K8jW3je%UgmsNeN<>3cCX;@2B^;jl9JdW9~S95GFFXxVZs5ZQIbk^TKmwG@1P*H69^z8P>yKTHLao zL#FS|2=WrBO^zTr^Hp9`iXlh9bi8j>0s=}aguZ~`p!(8#$wuJ2_;Xo(taxe3T&1FP zhPmibL#kItp;*q%IbgV2wR3Rm+2>Qx^x~3Bf;obMifaOqYWs9g<#+~U{dVb?d0Yb? z!Lk=PEkTi!9%A#ysm-uYAi2#|*B~~%|0~`><|Uqnn;?91W1(>{Tkh0WYK*u8B^5hL z0f)}ecu{{1#QaoNhp}cz3w1|3KtaObNb3X?Y>)2yL=)G*th`P1K9F)zPvXE{Q_(|5 z^g&JJGvM!4<*lmd+CdXE4~>Ooa0Xj$d<kvX} z-!J}Qcb+MTp9(4nrLFGr?X)9@x|MPLv|qcqGC84Y`YG0~@6?;h9rwL)t* zyI==hY;d$!n95r7Rbc#OZN>(FItq-skIDjR_&VC_XB%mRoC+bo*Zi7MaxdYv;SPM! z2p$BTpY6=|BH)D7G3s&RHfxc7_d28wS>kM0#7p8s-Z;1p->8UKn`;sk#?)FL^J7U> zNyKz~plK;~-vumYD70rwXAtaOdXlHY`Lv4T(8urve-DT%X=5K4$7f{;jF;bW>FriE z)PG6mai`q>#XI_|VuQ1s-j#hg2IJUzIEH`Yxc58p(GFUBvG=aQQ7q;5_xMPSXQH{S z<$4Y|M&xgnH`={-J_TusBuACN62hq|w1z*~cO6eAY<3)KYZVvWbYK;}pXPWox@Jg{ z3ug26hxX|EI5V!rjDBQIx!VuT!lKW|e4?F7%a1x^(=7NIIqH5SCM9Y;*E2tr2-UWk z5AinMZS*>*$uz{F)8OA_jlI~9*B#}x zErN4#J!JM{_GS>BaMd>r*gAS`p7fjiqc@2}AHEGKtNFZuhQZ`yl(#v9rDAG7_FR2_ zRig4xwE}KVgyRxnElYAm7}D0UdV@7P*6|7hlCL?IdsbHuiAHnNG=df7~u zX(Wd!zUF-^f7G^_>k;64(X3i3BEGil^VjpsJWJJz44fvlw9xt>V-B(TOqS!=5*Q`m zG`6;4BfOg$voVsj=dF-v4NFwDc+xNi3?~h~?Mm^FmBg?KfI}y7DY(Q&G5HNk z%ce4836V==d19wy#+xhbk2ioONi#{rExr)=|BD{3dA6O+2+@u~Z?hY)S1=-Ot6i#v zDh4HfLgnJAV9{C`4Ey&92^V`YI*$#42)}W@x!?HF70rk zzC@@*tK+OKV6PPeR6xgjA$(KKKn}DL2p6)do7{w>H$%Xdi^S@xP>>;AN&0N z89Sh=+}adUN`G4*HG?Ulq_|kM=_m!OS@U7H69eSh>xV9>vxZ1(Z@Ut z6+3Jr^s2KMQM`cP5Pqif3;!aqxh4aV^MuvLpsU$6f;Zt93jBt#s2!Cv69{pGenV?5 zgpj9LFWI;ERTZWJ>6qK(tX8#6trUlMO(=ar)RStr!aip-(B1aa0GidhHlGZ#K~O%l zV=*dfs`OO3!=|vGt!4*FT2ukMP4NdI>In@7l<727>#9Xh8j>2`FcHYDbsaL<$z_Jm zrb=GN-r8yso(#NXrROwCWFIw~+~CAi!KSUL`<&?3lm5K#1!`|h`q4(CkXu*z+l)l# z)^-gGcy{(>|F6M(=e_aG%>BHG2zSzV?>KuY(pirlY9B5>A7CF=-_6}%kUOQC5)7to z6dH+rbRd4A6q=6IH+j%OFuPJ-WXHET1!RGQ5pP*Hxr}$*t%Y)?&R~H_F zrW*U;gO$n#Q_393BnzE7m|R zTcWekS={-%VB;w84ZJt$?DI zy893b0#bvDLPE0f=&P5CiT+gY(+(4>rH z+G9`pKpOYNqqUs1YuB4v*LUa$4ExC(MFkm^;|R3f_pzlWRlWBx{)ZM>WwN))e$^?e zS5TQE{fq6}@2=d5KQD&1>di5?6W}IC$)co3-VUdxpkW7S3j*(hR@@3!gMTMZ%$lbE zdavDzr|1jnOFI#>s~e~1`&iayaK`$H!nctDA=I73Ru1D$>K+=2X9W`T2*ll(*y*TX zcr0gAzSVdhdYYil1ZxrIkmZ zJl>$-sOuJrWxO8cIQ~P-I^2XK#ZqJZXjU<$-c!qx-~D+=IO42i1WVzgn&mT|)cE2$ z?l;|0l;?EcysSLyEhQ;K7~qMAdep~4FrhfQY4{n&LN#Z9 zUXrhK{bUoJdcFH&1|uKZuydESFKjsd-H7$ zW57kdB^#fA&_qCi2Gmlq?72A5mGcqyq^ilI4Vi`^Am?hi-Y$KM9=QyloqO(8Y|p?baB_$nmn)+ zT^3ElMIBY&3+|5)BQVzyh54eSW@l#Wp=UCLzYsRAUS4oFr+^3#D&v9q9g`&n5ReKK zN&hJFk}WU!x`W!7ds^D+T+3>-5VaoVYsxU1GPNdMtMH?SJh@#olHuw-(yvb`rU_N| ztR5y$v3Jnft4?pQjLs9#?FbF67!OKZCP&%+2)hC|$bb!L0>gi50St z@#vkOW=~H19J%bR(N)v-z_j&GZUTgB41o8!Ik+6`YW*NGJ+N8tMK@s4JWhMxbj!pv zOY7S5@Mc~+{II>_-Jr#T?ctKVhB)?}gR)muM6gq5-I}g2^Jea>8z_gWlg12|bolmH z)^z7ejAQvs?1Qe=@qWkb4&5QR6LfBKkQcs|WroGY(fEdNN$7t)riEUo5ysa(dLxy6 zxg`!{$yZI6E0mll@1y_r0{9O52Re(06qB3nNFY{|vVv5~&s$(&qS2AhE?S5Re)@dd z6ORTq`sDon-e3=+h$Um@sb}VZM$J!li@xmJhaMk3EuoICJ{2&*u?Lzd&anc3N_Cs& zR~d|2V7v)ZCV*Fi@%DwUtl)|g7(b6i3D{<7u!1cIRe_%h)U$V)JfnW;>n9De-30mY ziznDYDwi8ZZvy*IP1{&-XW zK+%(5f}Twm-Tx$C8+0uu+~1>HYk3#()SlmiooxLQcl^hz2g=$7I+RS#lRO3fV`w8k zdsd76bD!{q+{^#m>LqQwtgNi4q@+4qmijqxOCDePF-CD@@jE3fc?ITc2e@Dhn1ajU>spm7hCCs;^lF95a_!?bEoNHHheB$wRuO$Q0H*7I1@#1e zgpxq@WdZiIv=OJNz(YgD?|wJ_JUnCs@F3I=+U|A$pnw4c=#ze^wFG!=PLw^jMloE! zrwbrY<`9$$(wb^DXC4oDzN6*;`S9K4iK-d^m&6xpY8Va!d2D1<^bxRpF7YF0dE#U` zvHhgtQ?e%jz?!PEzHeuDuem|Czj1U}-jSpQ1oOH!rm8si?rz}YO(?pRQd0sss}*U6 zi3fnu$pDz9Pp9wpWU4s~cu)@#8>$bjMb8e!h4*Q|VMXBgG|hA->5Vd3)8Q{%K>0Sf zo&dVxQ#m<*m!6o&Ps)GZ?;d?TkP-ytcML#sTcFp@I$Ck8`vh_8cEGFlgg6qAaygk} zDd??%caHlE;1?y z0+qo%sT1Yx&TTJprOdA>SBU;umC!=&kHOzUX_$DRmw}O5(UvGo8~7lTgIM8r0T&>@ zIUG8<;dQnE7s?u%RTRIFhZOG?;KADIA^^nd4V3Bw6xpDGo^4v50>kWENScL1kh;(X z3~u>E&$<9IZvx9W5cbS=U``|9+?plduJT!$L+u7oUprM7b%>rEKBadqel_)wuNj~! zvDw3P_C1d*X}3S5z6CX5F|d5r>P}Z&1{t}9z{jLwlj%Yro$#RWDyBfsyd7*i{(_{u z5tuF-E4038HyB)C)W5vFs6%g%*{QJ+B6rvFeJQ%4QQ{qwc_xA3E0rYR`D*_Tnq|;{ zUeas>fLi>kJPA3Q9YUK5z}_Yy4gzc_;zC_ZtUjK;YWQz=C z6EOqi6T)wYGI0CRb%$x>3E05P$2G$MPF@CFbi0OXYSL|&ZJ;c#c9GgmdfMvnb8o0yh(V)hQJsAz*=jdFUKKrHz*0X0{8sHI-+Iw_XUo|gO!&|b_s13p)jtfp`T~Y6`6{{j1D6I_Eapjx zYXNF){N-MNity=qAFdc{6H3BfLYWjS43M)pVLm`8lMKmpqa`l|rj%($_px=Ui7!H& z^y=v_d4-12D*MIwHC}+xL1<|LnN$5)>if5_079`}jAY0tV)`s=+*KNOIo&MYHwix@ ztdAx!$Lk(p9wdGz_rYGne3T`3)Pb+f*KS~Ra{(wlxwF4mAhhMzm$RD<4IHZ90ywsq z{9r5Q2}TjGA7G+oTG9AF*W6e-G*^LfN!VIq)a%Q^iz2wCDR(_MZK6#po6@Ns=Tg0f z4~>s>hy&TyU9qi^=`MirHyYq_)PRS+yfRnIKOG_wpP8{QYpz{n;0^g4IDoODVCbX8 zu)RzdnFixMM=6UYy~H=*jY7{m>U?KPqz6-p9dI)R9w}m88s+NP_8zgWS3S^d9OTQI zwanp-+gLtuq#C*+q4l)RL94d#$59%s4{ZL{@1reye<9fWxc)%2YCW!)`rq~{8D>0~ zFFdnF02w`-vninIG)2CdaQsz z9Ja$4`iL~4z@i`ian9B+s6|B*GkPe2r}~f8o9^ZDGXYD zrOEtPQ!)LMe?k;D09y#U6_v!aw71P*x46T)p-%54Z%Dkj@ zsh;h&+gl8rQE@SfmGc4OdIbny?jske+uM}f4LmvO68aiUzq<0Gv^O4pf1wIT>(%6; z4v+9lm|;1sv0JcWII;@_61D~t9Z#!Q9*uZpODPYp?3>42`|%+(;eMgXQb=v)T3uaH zf)E&0`h$isT9Th)s}t|VEG+!m6KxoL0M0ZP3g6fG;+Es^-jZ-(&}higy=*YV(Pw6V6gnJKN60S!+hhCUb* zj897#vGH;X)2b)v{i-!Ut|4FY8q!{tHf%oDIb4~EifO%@m#wyTvcSz_K`ZeEjF?x{ zFOZ0ZJEuvjU?vmSJ4U>qLYE5*e7@d?C28D$^i!BC%CF+>lt?KJ3YO~ZQI)s~{uP?iEF+Rd%e{^XLe&njvRVwe*y9Z1CQYNsr6IaLF zd~CB672@ilQ0F0V9^5<_x$i;}s&=Hi{NXXZ?&J*ZuUY)>CJt1XVW`(as4f0+e~x@# zF6qimk-hOV)c05~$t1cG*+#Z(Dj5Xq$g6f6o#&}y!^AeS`^g^sSmAm^f4mn|2IEAZ zkGA3n{Z7m{QFQpqf;V3>crm}4yG#qucP2;3)qS+cQ!7aZ|3ZNERTp46$L*n=igcoz zsO^z{Dzn}U3(N_bu|6?a6lOiDoUlN~q*0m%(; zpys1pDgL$@w#UZuY`qd3Y8$I;uG;!Tu+T%-yYKsw_nlrnc7qo?E%ug%g>YC2SXE_| z?i9x!$k`!WP`BtXl2d!QCwP?#yNUShR_lFJ!A(O^=`~+DJCw~f@HE%QA}8IbJo1nc zc8I39j2$(*<*HqH8I{o!vO^`>!RlAmV-(jk>N@|vr>vOQ$6{|!2v{sTF8x`^i7{Lu zkYUgOSuNym4xP6u0SR-1!y_b^huV>9wphKT(L z#aqr44$iw&tJQG#7a9dKAJ^drE#!!^OhQ_OlA~G((Mc;$4S6WUqQjyy z^)r64a?f49DnouUdvhu<1E;bZ%7&6pg3ZzLK-vSRXqSBcw>2-y%|4S5h>2w}rgEQnAK#p#shae_*9V~)fAn{7`qM~F zw#qv6@m9S?0p;xsq7s-X1xdESX;1~0mx=|6Dk=)=(xj?f+ zE7#*=%&wQ@PYT2x`}&*unFqP4{?$aHQM2#AK4v8Lqit$tcdtcLM*fuXrb3@eTgYxb zqE7tKu{m{(cDfo!JZ6`GlH2ZjypUhXOxR4yCZ+H;@Cd0Qd+Nspyu1U`j<;p*=5OS% z(e7Az;Nm!D82ezN{w^jaxlXvAg3BVnXQ?AgB2ljz|IJ4)Z7f&MVF@?ZLiK*`9-EJ5 z>b`Nl-`;$DSYHmmv&tpvz#QdggsH9jEDsbg4|czTNP<<#m+i8nuiQmobfAQKq#k*{ z%Q>=5>8u76o=Hu`I4QUOe5Bqirkr`r0bCOz^3L2W7up{g#LsY60|TpNFe&C%(QBGzU{puL6X)OC46x-^ zlyJ&Ts=MY&E{30vrE}KH!b#iy6u!}oQzTRsprYFADc_-|mvz(vFx%f9q9QvVh~j})F2di^cA7bywantT9KkFh`V5jH0;eIbg! za2wV0xqJ1c+Xp7dpT|8XUu#)-@`j_C@2{_X9c`&{^*=vFeRg1iOf`u^J`tN z-F_~Ui}y+cmnsZx`oP4dpTI5kr7k}l^l7f@UFEmgPv94?QT-1FB6J5)nsN-OlEuJ9 zvlO_iQn01y%45Ei{BQmn`1EVQMpwgj073WZf5`*>xyIi+kqiv43nUOh5jEz=hx-&e zGGPI&xBr1n{sKk*06;B=Tmh32|N}U^v zS2ykqZY$9lN*^fHx$RHO(H?NtY}34TgH|xr@l5yqwtLe9DZ(@nGd(t?`(r(UW!5^n zOT+J++3JV8Eo7Rv`bC6e>XQ6; z;he>`vxA@sSn{~zboAXZCMu3TzM{AGedG)I+nY!704e?VTlbq?mIf!g0`iG!0AmCK zMAduCBWAmDVT2`??@g1=XCqomEb5Z*klArTvqm1EFdG+8iZe=k`l z_K0)srcjlY1aA8W^G>yX`%=JwhE!~jRtf)_(D%Za92-U5z~Vsuv-dnK^6gEjc#-=^ z+$)o^<-U~6=48>Yf05Dt#dZ6QdEG)~Hn>L4@>~tngv06=d2Z#f3;z71Cam&wWv^+V zsIZ?`WB;Bo*=Lf)-p@9~Wfu~z`94RSWh~yv4VSrJV(3Owi%>Bm^Xh4>jSYWs5>q(( z~+uN*}>Y+mA8Zl~vas{3QV!h66{ zDR$_r3vW@z83bB`!!}PRT(x>I+ER;%g$5@_ zQZHd7?~X;n%Ms0=$TIH3Wy-7$fG)n#-2&_5&b;a1bMc=v9`JMVw|a5ogwH&Pr#nePXC;JnMn0#I{wN$;p4V4rDPX}B>_j*mkh1K zhwYlx)&=Q1lLdo38F*V^;$$xzVoWT~ z+_Dbv89R&m=Gd~>wlwJ$H{h!g_l9ifZBgM!dcnGN&$y!Gij!r#8mYt)q z2kknRVp!n_qw!!Ab@Jdd!Qjt;)a^Jr{toy^{^xHJ^Cpl43LHzw!4{${V)s;D=;a;| zmRzve-!=(~3Rpx4S>C2BXO_sts=9IOm!{rCX^Fj|0Jdq7#8@p z%+g&%qL|9fld`e5|H_dVAA#iK)=9FeKBr&*OOfK^cxwmFPU z&`V2X3>NmTlsgoJlb!y;9ICLt;yNnQVh3&PM$In;>J=C(SInTTQ%5Sa3a4$=O)BA{eir(c(lzB+&HDL7mC)kAZLZ6Cf z7s_R3COghGWj=3mlDzDLs&MLPlh4z5m|aRTm~n3V4!T*#SjJJ@iNu|Iy-c%Nv`*J7 zI7oBW<}gdK`fC=n`Q};_s-=yGpSR@LN|}P~!<9*hY+%ldz3lDSTNeUQ$CtrS@9)+4 z$NP->c}Zp-_`s*IhB^C?Z#wZ-2lS+dj{(Ci-1ojG~_o~0lWvqJyl&pO;jMF2$t zWj;8*f$g(-YXqAhQs6>TF8;=w+jXt{{rT%uh_BCejBe)$ZYpl;#3apMb6(9DXv zFLwOY08aD&ak~9}0%6f&&jDuDgO1`>_f!hOiWFx;}WCpU`S(6c3S>lO2~h^VzCV{$^-)k@KI8~*S;Pt zj-eWt{^zBNjocuE{A(doJ4loQJTvTrPjUQT-wT8JmROCAM)Bxb0xoZAg)~g}S=7IG z&VMf}Wj;d5XfCanfTxgRH=m+=os5aJBIg%C{{Lhc0;BYdCO05V)qF_}=d$k$L{@aZLZ@O|X{yocK zV`#9a@#*D2EU(!l2?mX{UF`bc0~vQ;y=Q*8{G#BmQa;&+P!ddLOd;b7P?~G%>+558 zl&pS#CF-iov(2@s+)*Yz&4qC{v+Pdq&TrTDK&Em0&v)GQH%@&&(N_&jU?Kkt>+G?^14>aQfA?4qFf26t zQ1<(fQYA&nfN_w{15&lEv}~(wF(Zm!cRy1DpX`)b-}bZLLQ!QLf#mhj$A~IU3;7YY zi@$Cl12^g$l%|j%U~jX3w0DL!`qE!_Hi%5@RBkMBUOeKHQD=T^M_Yf6co!JOYkd7= zO!DjU1+Oz$)&A7f7>p`I4E`eBi2?4%QCE9MN7>evoxe+?QKRnf3o*pcRyidE=Gjm< zUm<`3^9isJJ#Et|t1WfQ%?aU(gR;s{uF$}Js&L{zwg zySY(33v9k;R*G7OLNMEoL9X8&nA|n(%(sB?is4kwNg)vDwsY4V+6W%5eOU&vk)?(~ z{9l2+_3=|L)Q(9!U@A8&Rf7@Eh)5bETMGo-V=Sk?g_gPQZ}ijljDgsw7u4F;D99S8 zX!qWv^-PS>AQB1T(ZRnn<3w3mx0x7b=wWsuUCwo z0#hT!$sqt2S^cF@Xy@Z7-af)vgnFh>>r>TQ0P4b0hy)3gW7=On=59vLtWXHHw_o|G zfa_U&&tkA2WaTc5?i$na4O@HGfKX(RgfXPtDfB0)Mr;FOY`q<2?F4*Wx8%>u0!VId zj$g+gs+Cb$4R0LGQ|Fj7BWM8BUILO6uQSgq8_xii{>OPnfT3Ts0@h-iCW26W={5UD z6H~BZ_zs8&xnI8l2G7NSFRckird)UKbo;r(hM>saY9vI$(gmJYZEbBiYyIm2A+H^w zY;p-G?_Smkm=w~tvxG*oI)TY=0sp_XXB(&-m$Gy6ZDt!?JZ=Ir3zZJE1gUV3CL|#^01^V*Umokx{;(s8 zw=TecX#i+Orp3J}-{u;779Ih=;k$&dZX+K&>49?|#J_*j=SxbOcuNMYEL1RC~Htjh8xbuK;x;KL@C?29h6mYWuE&Kx4zn{AQ2vwFPQ z^;z2))y}ndkDuU)=5>@m?1~WE<5-M&VO4iG=f{jWYvBh$sXT`JZibdAZspg<9&&bk zs#}TCpVty);UXA(J_A&~fc*X?`|$l*xswXYtrFhZceWY5rmk$fbNoiA+6hxqjPSkl zt9ZC{I*A6cKSu|!TC<+aQ1T;HYjHXo5LJ-Z=aaSI?XeOZdCmt-s3s}FOe%pb<;a7q z-(9~I*3znWU9fVl8xKITMkfj_K5xw{cUaa0XHyJhEXf@Fh2M6jAKY{!prx-Ru5tSd znBLNfX%r`X15^sER$Uj}LbFK2VHj98D z&kU}e`Bj3pB9cKL#_iSvjlqRZCb!`alsz(f|MiBsI{3z-FH*of=hTIN zWYGP_4R$zv>pmYDp{*yiTkNFH1b-3OTukXv5og{$t&z7Z>8Zy>nQahB0Sy^qr1IeP zM;|`FXRu?{5b^ZvO4vw5tVHJvVEgYl^z(Ra-{q*RWHw7D)pj~T{8X^r+7dRk(VSDYjcQQn zJC|tR+4-%g1vMUZ)z{n;@79WX&BDOKlDLb>%lsq#axVVJ^xXFH=$F{R?dlAzhd->l zzT)j3EIg31p~X41ty#V~y@%VB3!Xe~=$w_|u<1@Ex7dN~Ph>ho0SpS(qQq-1si*b= z^cvnh7-qxeLF`oyv^C2i$-WQ!r%N5%cH@@maW9{qsT?|6#=f>y?Q945@pTtwyD;no z)kpi>+e-(l_q5{1D;umk7b0JJT&*5ZBHF&$Jhk1ezPH#XdJaZk^O}>JHoNAv zMY0;V(m_w{`<9;bTPe+XtE{hk!D6lvMoHpG`owq(57L=CHYU2ta5&G}{amYP_k56eOoU5q9 zKZ+0;Q@lq^LzcbSk@D>MR;^h}T7m`TlC@M1GV`d9N{GBi<<6*Pg7gT!*_px9%c*4| zYm3>T6l=`0ROf0k$I8TMH#pH&kIUTXeBWf)6&QuTxvA$( z;S$c5B<`_^XVl=X#X*{bw{Bbiw7U;`{&a(P-wm>JzutD<7%@e%Lm~PjD~KcKpTfgI_-PL`N~wA<_!bJa}%RG8oZv54pZg++gK$c5-M?jO@_(QU3Di z?cRmR#{uCy`sH7>#C^Qw8^&H7m1EB>QBxc`xmgCiID3YE@Ku0%D*iVrl;ecp=0-eA z@&>5^)FYW*N5#VT)OhJB2QpjIcbQx1eg78ED7z5M1qf1}JZ^;zRJHGy8Av3SnrU}l zO_NsO4~%py2U?I)qetH<@Ji#wBqv;pfvB`^BdsT4UjBQyw9Z}%+C}k9Ga7TIKm>`+ z@?U9ta5`A`fsDnJGh6=qw?eBFQA48r*$w&G8}3!Cojc|=?S=*Sn+_Qo6{e=o1qarD zX75OG^$^BeM@%#c^zk~as zG){X)OvTB%solV`WULF>b&!iT%=VPbRwcfuNtch}gi7a%G&Ink-g`CKXsQ?W^Qkdi zF*uapvsbHw*YqA&UjmWlJRN(1H!{-4G4&OP%gDiqGEvaaexM>2#Q}+wc6Y|ZyyCXw z>L0q7s|VlK35|`$mvp2ZI$$z zn_~D^F3~M6F{qC_g{#B9K-vUmw z8EG`SWqohY)H^@1#`?0yqIHQwYwDS%?^X@YcY+e*xn@5g`DQj00{Xkx=BKM?+ zotDNQeXD=#2fZQ0=Y3{$DN~-#T`=I*6sWlDeZ)+>QLW6^Nk8~M1$a;Vc!mh@Ix^3G zcnq2m!6)`LXg75`UF@~;;tm!4kCIa1u)vfCgaAS+>G{S=wk1#`CUW@OLs{1;94;iF zKS&+1Y2(UY{nR1Qme$U`di4vs^-J}~R~)t@X^Q8W>$UfhOzEAvF&295qt6iWqfI|O z4^?vbutWPi9iKkncwc#!!jExwzYSPL7EJ$GHFe}{AfH$Sm#^nf*=&Tnaa=TY~KP(@80vgr%Mqgrb} zL;B}BM{caKA7UO{Jp4VSa$rA=UzgyYR1fHda2AGJH$aLVGa_+G{1~z+2k|UbIR^=m zkuQK%Q#K^})hshN0rRT@DBnoRcg_`iZ+kM7J#O(%8;Dz;6Di-@q%49LHO4jifeyD3 zN|wgYK%F^XB{%t^MMD$Ftkv~(Y*{T~kB@;~I@ac+say6}chK%t#AhA|MH=fa%mUhC zA*2Uw&+#}pzO~AR448l45v`n=J!`ND@+t=a$fCoTs)7*iEdp&xWX)!WU`Ie6;D$PE zbxCVs@^!enj>DW};;#VVE)8&Gpi94{8Yyhvoq=#PgD{Vr@A(c8O?6WUSQ|ijQWG;u zH+xHe9wLO+B^?#KKSE0B1IW1m+tNC5Ksu$c-4I zu2iWVP{;Q}Q8gW1rAUx}q@9LDUR@9gC(FZ0oJ~kX&Rpr%j+j!z0lS9^p_15~e3euvu(b9SUfOJAcsTh~o>{hw z;-ac)KKOgXAQ*m0cTwbLtbakqeYE7F(p~y>uK8NBoG{=&fhp}<&9cGWYrk2&l-vij z!bKMcv?QOUrNOk0@>}jG*JS{V1q|q~ADrQFG(JMH=Y{E&s-*7v!;Gm2+?%B8{CBRb z9@^sZd`ZcJ5qqw80BEn&$n;3wT4uO}!4A=?h5g+xK z4FJ<_dX}(Z;1v!z^bP>e$7&t#R|%_Mr0jzvY2BWLLQz~D#LI7KEDI;T_{24mTYX z_&@=#7o^hL&h}>7;})j`h7Tk#VnWYh=v9U%lSr~zPu&5wji|BqXf(nn8N%#`XShIVG}qCmjg_s5;<1^ ztW94+Hs;ql!L^PgMEM4jFl(*?e@`P|wNMC&;0dD)uGc@=&1{tNE7A=2GV^eQjqo)g zk)u^~3-X+hsUfbnz#Y57<9*g_q)KlxubGQ|>qb`6IzBvx30kd2r4!tX8H9qYglEtHdhqdU8G6%zh*}M@(RV-I_`!T5 ztw-uXnB_Vr!M`wkFh=(z73q%!f@=W7+FXC7*fpj#zl6bWg0F!0^{o-ZV#&o< z=Osj8rSf;_6JqCTWg2hXjj!ghw}97DmAi;&y*$5V{G5fv{Hox`N%~{WMhA$!kO{+k zbhI88w+t9_^T&mAN&i+xL0vx@AN~><{_MuYL;8(KL?^M4Kz^aRhL9DHBg0;b?F$&C zUA~vF)r6hY!W4kIZu`Bt?Z-WV+_Uw!!dkG9)?SM_a6UQOO;8UP5uLXUZ%n+_E{~^i zKVD-qoOMAF&)17GrZ1VSuaG68@p52_btmMykE~-uR5vmaO89}5l43iplX?BZMkc6h zUz1N9y232J3}d%v3glCF2I*&3SI@M|8x-&qraHjx1o)7c)iqRtbT0i_3+9*D{oGjN zQNKN7ZH?5;GFq+!6*snAOkDnKJ<6Iz-fpbI^OgIYJK-3{G_}yl0}o>?0+ZnVH zAbGUUB-0;V#&BBDymgt+Low(G+fOnv!o8$93+#l%dI8OoG{D_&yB+U8#!1QS1Tvgq z<2UNR5$m*CG2i0hq?&tLar5miK}0|EC56dgNun6h^jTOG+<0GE0;wn)lEtYqDvZ3s z?y6z?=zX!d^ybeh%7#V7Mbb_!13$jf$WspAZ#D1f8YG}^aZMt_x<%#>)L!Py&!YJS4 z{zcNr;V}8lJjGsw-=%*rLkP%4J-@+#xZz#FzNN;T@__%OA@%)^{P^0aqUnb>cp#2~ zNJX_*Ck9`PGIK56fWhBjBgq8vB2jm(r!Sa$!aq%Mn>__V=hUi~QRHy902s$t(|YKB z?{RKu&~wsdcLox@ivCxGA4r9_LTIGl1lp|orOc#sTEl!{(ESom5s%&GR~ApVnVUzx z7zjddpvylr%E#mv^<|o(^*57LA{UiX!#A2+%v8VI2WQq8v4?V*AJY-6avTd?N}62u zuM5JIi+{4$!~L+*;Y0e!^(fhm?YReRhLtDf=NyF0JG1d5q2)Qgz}hoXcfG}rFq}3^^4Dx&k!>13Sj%s6HYt?>PA@PU6XS_cQ!o=>FdWvE(usfk)5} zTVXVERcKjoxukmuh_cGvfb%}LtBMp61U`7Ncm#Q|5{AKY72+eUW8C?g&1Z z+E5#rA#luV9}{amlLKN5UsR?9?jmY1h#a zMgw>BOkh42V;N|ggPcF!17#dtwPh6s+ph7`jeG{%{8J#(a0B3_4h^|NQxxp^i(EzB zonOj>`7mKSk$00MccuC{dV{rG=>~a>u4An(1Vr3<@_gva4fXyH8TRWLRm)%k?BFy; z$&UhJeX&X)AfyZ?+76a)NMb)}#GU1KT#W}Fc|DqV&Jy!=p?ReN&nEw#xAok|v$^|Y zmK53HEmgB7$u!Ao_gGv5eNRBoAQ(OBA16eBm117~(0Xisqv#Q7jr8NOg9~Z)P8=q> z$J$u_;n0>_Uwjng2sYA{Tp z#mlQ#akfpWZYJ%T87mjZ%1Qkq-(R_xr*Y&X@$F0Vmrn9^!g4}U3@wE-&Fb+_`*6OD zK6(Up+&weXr2MT3wlWbTa7&Tse?)(Sx@#p_81_H~o(P%kujvng2#)JR;7s5Qn zRMW6(7vnQb(%&zrL;lDyp?>D}oLpF`$AVT~Y!f-8hO$OG}qDh)Bmc2s)IY z2#BPhLw8F`hjfP^B}jM2|DNkrx%a#NF4l5@;hZ^d?03hrpXYzy^Vg%$#6S9Sw=!8{ zuj#52;g6!-@tge(K+vBiLN^R4;0h#kT%ke=Pm^=89v_KggTfjup%Sn6-~ncBQ(0B7 z^pG{0oASR=0TOY8xClUeG%4kwI(%cS{6|UiKR%}79xehZ3_~t5+p?rx&>&Lsk9Y?J zO%Bj?26{tjcq@#b!y~c&XY7AWV51~WC#Z4Hb$;+q2b`6!CkX#ImKNfuBq@&##g~Lr z+w{YQn|dm0zZb!=M+XN6#N@@!#s>A(`OnlJfVZ8e%>r$$beS#yB>nGalUSf7QgvPe zl!Q7-nIeZkvqqFOC_*YO1s8%yr96*A{?DI)6^fQH2Cc|^K<^9?!Ah^E(ltCj-hX@S zHmF%9B2em1rpN_wupUvqiJv*1|M~c;2%7kPPvB~Exg37LVAMLe{&Y=nYBHm4+t_44 zEoX19n~zs{q}o5MgQT@E2g_Q;OAqMYy1jq@UU8t%LZFN7Pj3yCFb0`05X&g2 z_o!ph{L5?ky^8<{2JW)Yp_x+y5vJ{_SD$51tekI577PomC_@Vy+QrCegc36T$KZh} z5|W_F0TTDh=p}$g`BFfTCYT)lh6LuR$Jv}aEU-J`-Lq5RtQ>dF@ZWp($K%~msC3y+ zerpSwK3{oevp;mh8rs9Lu~ZH-V$A>2OW*c~QSg^|{IwDVRREe&7BTo!NoPi^+g{0{2kgAR~QP+f0Z2=6s)Mmv-cZPjjTE z-!xKpS@d%HEUUUD1Ny#W9*uozmUk}UB!VZ&>H zquR)=;KiW$bCZ7EPn!dm1j9(@sY~cabz>tfr?=z_r8jN$_X>Om#XUb4%+ov;;1{rS zry;vKqGF~_c(?F@IScMyvZbsh=YLISk~wz#_wV1sA|lKIH=O9%vkfQJyRP0-{VY8` z+SGy*rWb7S+$rF`|N41l&q}z=>U{rICBQ#5{;Y?4>fFA$TzS4_up!H*kui_1sF_4D z;ti6(6vqEv5LvkZ@F{-qc&NxO0sqo9W78It9otKZS+z22`>*f%-fL7uo-*JhKL5xU z+xqI+ni77jwsJOU6U}LwsI7JaB}*c-16$77`Fz2h&5o+l{(&9T#V8IR&fo*`UKzXi zSc0%_g?Zz@Dxv>7wDae&IsoHlKN?OCse|NzKz-@;9WJvecmu3PSo9)JkK2&3RpUV7 z$cG^gJgLW8j<>mSp9rGfY$eied|AUyJqwoYK<_)r8uBw$Be*(q1BVOo*>~hLBdOOf z;8uCyam+WU-xC-0Dn}T%zqoM`Eyt-AnIlfxRnt0_N@iT;$~GZj$`+pp>l6Nl`W5@Gq`R>6= z0pkWx{N1xS^AjSt@P6w#E~QDH5~|Kp;U}6Ru&~(lHfH&t-%DW8*^SMUo9x#$!uBaBgB^ zQv6U)+!XUJNVj)>Fz9gONn6KWzgbXv zXlyu8=C;)tD=YK!_B6rovFV8S)@dsAUg;Wy{p1ptNT&$~h6B_sb3mL2q0c!Z-uOn7 z`5m_a`WIW;+MKFlNl&1D-Wr@iiU-*1F`wPiRF7sFdE)>57cUcIw>GJKll_9& z4Rh*ti(F{}H(Y=2ZyFaE;`O!wK=}D0OO@`%;5Fa8%ZDH9aCLB{hQ@s-5ONauakb5~6N?o4t-dca!T_-h!dJq<)zDz&W) zA=pK>pd?**FnV+l>oC*)2_nP=9K7}Ogvjluk*V_g-~#iY*llkKaiAD^TtGeoI%)lY z>ePS9F*6A0U-2(FpQ+6Qg`7>0ukOE~u5AFC<})XFjr4fo!AXftCB9WI`FdMrgNzo+ za>^!Tzvd2tfO&X|r(<_y_Ub8I{NW+wKdA&zt*;MQ?2G`!jH!dwYUPmHGPb5HAxLbH zH(J0h9!DuXC=0gi>%6=@ z(M)64#KlJ;ZdCP3D}byouo}p5*2%GDCJK)01B4g-4G<~}xj#Ye2ntezHYE$+Hu){O z8vqye*9^NfT7_fFzeyH!Ac$9aG=B~z`TNHon7GV48K(1lLBF|H(ZhEh+hfm%aFM=3 zA@#%7gx;iCBuz8=HVctb@6(S+72ds@YPtOn*K$IO2G_TNB zx+=y}r79>j<6{$L=$k8JnNW>`YOL!zweL&A_hzRDLKMU<*}PI|3uo6fgcx4%(l1U> ziMsZK4Er4R*xRCZz?lQU!A{D1VAae6vdqUZ39Fm?b9zU!ixiaV!pBg}afaA_FeKXZ z!qdiqANCSO315yMs3q02f|3ayYc2d&-z$a6vNc1(fw~NALH(Qc;)fmQ zY0mA?%Y+DBTGv*=vd;zUrrp=fWG>zH{@zw3hyfhpV;5C@0tm^kHdM1Jo zq>;5iFES{Q#pvtoyW8cyzw?~R)$HX1G4U~A1!Zx>U;6_(^)`2OrY@UaWGR;FWVIVs z%9}eycT-Do4#+@0-0dZ|vyv-TQ~DLjd{73?4mrOIf-_MP;bQXGD{XnC2m4vBl&#_m zTe-(#?JLx%q*B83r{AYn-TY-2Q=UB`-BttA0x7$@N(@iTV;^m^6h^T2ffQZ`z$F7h z5jp#oQvPspQ|Tc;G_w%@$PV$gyUAAo*&112#^gso?!41Fp-_y+Xhj9dIliM~V7(Pj zM_{mKv~9gj)+Qqz2dZtD=lrU-!@{Sah>+k`MeK1N<1Y+fy~QgYm#th?xJrW*`_(lu zP7*vFBju`UH4cj3PVq7K#em?_W{^Wh%bz=*{K@ze`NZHbE-WYoay|0rXK(AkT;1OqI`FBSw8_DZWfGj z@2`P_qvW#ph3|!!XkpXV%TA+7G|gbAS%NZSy186I%8Z-9uoDz`0&r&$Rid4+ z!7&X6310xo8RqhFUqWw5CmuC)MoYoYyB9jq$OMSJbCYI#ZSOmUx)fUqp76x6`yGE7X93(J-3uu@Y8+;+zni-m z;kV`F96Cq`4X2pnfTm(tEVb#+I|XY)t!yF(fRlVXT$?n!=jZhREa|#=XAL-KRNa`g zZdlL4hc$^B0b}SR%hq<5)@fCL6to_6f4F^C#1}UsSxW1)E5FVlW?q3>c z?y?1LbOC79ngb+Wm)bDDIQxih%l`-~yE|0|oB$}jvG}gq&(H)wr%s}xqAoM*-l=SA zYD&T3$q-cj+|a;rcj}^L*?ruHbd-Pyi1aoQ4e${Kl?O#jgeMURD6fl!)x>4<6ay zFTL9LExj?j)Qdx20X!ss{wEqmby$tJI7k2U{oc^p+<$0rcR#>_0%*|s)glV|0)$Gy zZa2y#1${BV1+@(H3_=2QY^_+FdcDIoIB6CR_m&{M{l!Z*tx6uU=5HE zr}$WE-?_uf;k1`$-eoAjwik0Qa|?J$e4~n*caaB2qk;ySA`;bTzL; zTqdc z3z$foMIE) z9HTof<3<78vqqnuXdEGwROaiv(4vkv11S?|VFlF##@GX(1>U@_=bA{f zpy{{B2-^|+#V?}bKdm&at2s)wkixh@s1|x(VEc!Lw0Z1|b6oCMc zuOM%j4R?D~dqKUQ({lxHO`o`~iVQRZ#5}b1je)=~7xu4gM0{Rd0u$Lp!6}?D(G0Lr zR02R+TrBHr@gm@*08KKSA*Vd+_s`&y8*lq=hi}O46cxvs$7Z){t}FBw&bvCBz)?B1Q8W?1jub-+OK0DYdvP50kncq6bU9V%Yk-y_SOrHE?VMRxS_4_M}9sX5( z6HW+n3f(jXv}g~oDkRaxK-|TP<`%<6EVzh}3m^B0XbHH!4a3d5HNGS_2B4NIu&v($*TfExU?$?A zPH7Q$osFQoUH1OO6Af<2GEBWzwgOu0@2I@6y_m^!;Oq2%p56wDqF#IyjA zE<(63ia|1AN2}#BqNn}!fI$*l$$Y77tAM9ffWF(|^dc7gE))RE@eS07jB_?8f;5W| zIv93Yb|ps8{sB=X*#x*0=`2sL0QW)o9uj!MK6W%0iB}MYm$!KUIIog?=smLEWJBgs zl}VKIMQ2X}z%2=~3uVzjsz^;si=s|(3|3MPB^4-1eX?Mig(vX^Z(=t;#OYobzr=6ki(27_yi3WTF_4+KAZVgZJ$yoH~;4 zp8<4^vyVpo<`j@zLpI1AyuE>oY^UvG0ztzWxl+tsI>qnUtKJoimmcVS*XI?36P^71 zr7?)TP3Rf#jW+u}Qs#zkr>_dy_(b#!omG9>?gd(yRL-!%Wks5dVfGpNGU=9Kl!ZFJLpd z4`^Z<_dU}`KY7;R4TBCupCr23c4{#@SxlN8aehM)OCo;FSp;0qpL5`a9LF z`9ULA)2KH>el#Jn+^3p`rAKm!Vj!X`pj|%XMdr8Nqu8{HOCbBs0~9;Fif|R^Sn(Ja zaXZWro`N!_GG%YlrN1!_u_cZgQ)nj!rnd9ki8kD?eo=GqphXaQy3yz(i*GjRI8gxc z(e-uN4}r`bh$7isw#Ryopm&hS`mV|%xn-IGV6!rkZ|Crl&TgZwqKGtLlKMP@y<-z^p8 z`vivm^(Dc2lCD1nIE};20`Uzd;W}Y>u-oac8zvdQ(4U51>>rNnt|@_0@H=CFooo!L z&Xb~h-G3cmMD>aRps4!WN&F4TNeT))XTww2y=83tV`t_r(^UnN@fgxYa-45|@-bZd z(H)`#B6ak8sS~m?Vk3Fi+Kfa+F?#g7a7y3XB!Dl)rtPKBuoFVu>XPzX9c^Y8-K5bs zIFVH}?5=(uYo(Lf+-=5>E+Zas=f7r2WQbAd-M^v)`)YG(2K&7?>KLL^@6isBL9rvX#+aa#V>`pE`GPeE%5}9HFfm;+cuWk?sGVtw;xX@C= z4~ca8LoZ7D-sW@UW7!m%)_z+_XL4#m683$ zc{q{gQ~d0Zjq?KzZ{%o*um{p=NTvZ@>RC&YYtMj7?PHI)&A9ZeAi4x7Lo5v zSp!4+?2!Tw0!!LG41@%>A~voXH03rhF*I&=xuf^4Ztf%yL^g9#ih3TN{o>@la`=U_ zx5k)UXcQm)++A&XXu)uFd`&8<%zA!IQmgU%Dmt{E_H1Wt;*jp{uu!3`$(aLNBf{04 z*6OgfA9IwlOK7MO@Kg`8A0H^L7%Ju*sDO=-`27`Tf`ypeR_T9+>G)tbPU-diQR#4f zmEK$HcOnQ@%qlT{xNK4dKO^H1E& zvTCp$96O_gk2H&fNf2*&i;eRxHkf({)76zCXZ1sv?i$2~o!#&k@JT`|*hQ|(cye!L zMVVf+EPaR|+en@ei;=o~cExtqG=&VgeBoVDb}aWU>$e^I*jM#ZTcYN3eY*9DU)(%z z)Ym=2q0{e>R0>}dTd{$w?x*!>sB4#B}c$QNS`|fWK?YOtr-U(Z#hLP$# zRzefVYvsOPAzI*fT{jc{{ywCfbZWS>jtzM;jton6Z9$!=qJk%C3gePY$zo^rZdnpI$%wJzf=gKHPGWY6{ZjvBc7OgQ^a0yfalLgs zG{e29;}2gSpOSyQzAuKdEu6I2nP`Xo>o>>0rNiP)`#wFlyTi@emwe1*{jyy@UP$0E zC?#vP0RMdbL}KI{mEUI94ch-6NH83sk~9k2sR6X+=l^^1{u(*r!}W8&t?|Df4Tm^* zSslf%dV~0%cmMr#D3LJ*3ilb*@1OkZov0=nMH0ecmkgE*G4e;kh|FqP9Magm{R)Vyc^IMogGG-I5E&#(S#W`BPhcMWzM z%*$Sq(jRXmK?TOu76j`qJ|F)$vS3w30H0cXVRq=6ZG7p)e+~SvZ&3`Ww?OvjS?R}* zLKBH8DXiuRmVf;8M5v3m;_4Fi8FurtgqfXg9nCA; ze;yPcBADg=SSn_>AXu1*|IhD(VHN9mM69NwE9lUTi2v9HKgRn02~^bb^O;14!~2z# zA^v~-c#7DltW-`%zfCr;Fxh`h)A8wx^C3#2Z6fSwL*7S^K2ipA=monnSmb5%fd1LF zr3TToZ!fBf9n*8*adfP!D7zuyk|F zcsZ)Fizy!Cd8*;h(4Wk@Im|7{@=w#0^&a;%E16nPZ*T7yL!=wce&}H3E2_9%;O3ac zU^DFUw(WJkDt$E8<`H&chT-w~A4>%FP2p<@=VvAnP1BIXt2uoFj^?-o$aD~xF zd`Sr_F65ULe#?nc+UgmQQ|Q)=B+s4oo_XHqKYOwFXsD@NQ@`MdPj%B@lI2#5lk=)9 zbceSWQ1|jmhBL|o;$Hi;Skyeag^kcpCJvq{R9R7XpLS5z&DuFbz}tI5d%G&+g19ce z;@|UopY9~xK@LJZHPTiqqolziW%>+-Rp^iDYGPJw5_Sfa^ci)rhdt*}CO#+hu9}NC zH*NE_egFgfwR0+S?kEt%*wfIQ%n}^N+4*^P?qI*N+*P`-E?(x8--@nkCvk7FGAHk7w14)B_?^0B)oCKEs1S~hXZ^*X7 zdK4fUCdgS6_&mx%wr3Mkb_IQ3(F0Wg(_s#nV!{r9m`Y0?OTIoJ3FiX_{$6UM?vIJP zjpaW}zweqR(uQ8wDw?67;C_$sG!f73s`s>75VnvGqT_D*F#`b-2c4;-jJjAUsUL7W zr4gp!fr-pg%qlPzi7ZP^r6XS=a|HAA&%>}!K5SCd;))B(7jk`{KbVG0C@UKGW3!s? z&sM8gD+BTz9%Hu?sNI)Q3m{og&?+?74|0iQyAeF5FF=jVv0(U7^8jPGwjn4M;O#Ub z!}L5|D1eR+<-^L8y&yaG@CAOXe|q7_AVdiZ8jSUG?vHGMl%Xxi0qHKAgM{8W6R3w& z6tEXTIxa&OwX9y|9yKa>8iF>Vcc7m_9*R?^R;SxyZ6TBfB(n@r5^0t=E?9xQVjiR^ ztEOemOCjo-2Q|g=8P=e=)L5ZXup?+2?FZRKqxJC6s5amqlWl((_=HaY>XP`i`(IYN zVh_7t07U)pC=GxEWE_0sugC^-A=+2-puSde-#XGFRZjqO7_QfK;4uITQdRwH zJ29d#F`})q&$KG!v}gqcG|q~n&ECuLf4QzrUkQRy+s~#oL#y;2ve81kXwRq# z$OF(;M4B|-*IP+voGw=_Rp)osyz8Fu{4$r|W?%pv>_| zr!2NSl*4+!oEm~f|Q6350;RBu|NS_QVt|B0ueF9f4nijw_uB;utIK?j1B1Bw$ zw349{U9LR!j)MABhX?ExL;R^bP)LXt83sZx_F|liZS!xqjig4=0gHqO^y>#3nMi!E zVURW_!EAy=&IoN&@L2>W-7fc3VXz{<+va?`{5=}uk6gIf9rV|HA0zhn08T3n)FR$# zAN}xnUMo}{DWu6QtZp_}$mZfsZ{}T%9vb|vjNIG?Ja zM+x{w@Va{I^b}ytIjj8G{K-tYz)HzJ#IuzTs=8ii@uPa*W&D*rY9x-WJ-hO=K;Ao7b`P z{T+k*79{6*uA>?@`i+7@zg(`;QF8@J_8aGi06U~5P#h$T9|YayCRVRePi{S?oExJx zqa#}FN>OElICUUZ_~Hk?@>Wf-o4eB`UNb`b%Qd4^mg)InV_Tpy@(AvcHYIH+SE;dX z)KZ@I7<3O}XQbudj*Q_OFb?6W-2z)9A2fZl>}Q?+3Qh+bph2TaRxvdDW4aZoPz$c= zLvlfVnsdASpL=<&(=Cd1H@^?t&fcsbC_W88_{PcgYeej@_eD!-PjV@2TWW`=aDV`? z6Shry(`etuiXt$5lx$SB(1(PkYAM|6Tebt)ZDkReBOv~51-Jq0>Mo%XvZp@iVD=WF zyz%`&OUDlzhx<|avm%7g1%i;{B79p#z&_f0<`zE>e;$H$)Xro%weyY2>f>0K6N{0D z)C&OqQk_Wv;2z2K>IYDr5TyUf#xGfpi2|wNO@O3)hL-59Hwrno74bdC%2>*<3*KA3 zmcza^{-|}L8;I%AWN`nG)q$a{u2Zlb&9GAjF(RQrL=bfgl zxY*`QNA(*zS!3$Comvz0TTn@gE8Cq-m0T|cr)>51SPuBFK4Vt<$4WVeb)#V1DRy8o z*?+!TQ&mk>^(bW^rS3u7!RFRU6H&F4T+~MVXko!l1#{EPJypmBiKByEXBg(ae)}kr zKa~;}i4RvPhN)aRdGyHa^Kz4ULX=S8ijo6cu!PjIWfPok`6Z}Qc9rUw`)1Jx@$Li3 z6^h`#q>xc?BUBm)SBN@g!>EWSWrVb)CFqb z4id8oE7j+RfOjCcUnDBMR2^ienLLfSaBb?ME<%{D{UwpsfIBwo6)$d|j?*JHa|OO;E>!K6ZAk~f5pQspQ&~Y8h&U|_6%uAe5I4QZfmtAG(g6fjQbh`F$hrUs z=qsKCaEGQK`duq9R&^xO32|@<~ft&+<#PFW$1;yN@Ydrw(N=UGy`#fQ5 zOuBAzIy*Yn?GoG_9c(A1ar24^{Y#+zHw-x=in0teQj}eO$!#j5GMr`IfR`XD>k^E@ zi;H6$;vWD!8UpC2BZSi8iQM9VVBsJTEy>47YwOQZkOi>GqUZpGLrxgI`mz~D~D)?bNW+T9vI+FVD2Ii zbh5-_N&n1$wfIVKkLz;ti7{EN(H%1E3X+3dI}qTeFABYvNIUebi7lw;mI@#0!PV`Z zqW%cJk?7tv3VY)rA(JCEhx^jC;!Tw^YsN=?hTJ2T^7jA#8# z9WTu?v9~wdIzPLY^C-IrC~sWVmG1rsLrV-``*n@$N62Iv)Uf^hWW zojBT0FC^WHqKhd-P1tWQDeVwQk{3n(O2EpfdykdGP{@xrvM!{5Rb_H-) zaD}1tPqFVaVx_B8;B5$kPPM-Zzqqn$_su`#3?TuxS(VL-)pAXp0(SXzpG-MXo58hM zDJu=qZGgkXr7$hqYt(kz|B^ZH=P}pUnx34aP@!ukePI1|;iGP1*2|vlm5J(Gny#aq z2o)2$EMwU9^N+*#b^R8~*jw#0bDKbl$^%#6DkXR*hOc_(eQw2?C|h_AORIh9zjbWK zDV{xv;ct!LVV=J)<~Xl0WS$s(_Nryg>jn^+4e0`)bvr)A#RYI!*JUh0jHm$q`fMKp zj{u(N^S!Jl)p6i3sU`rLaM^0NSDgfaLbk83>6ct`z{V{75kmSE7bz=Pnsq5!^gK z0wBEA&+c~b02>2EYmSvC&rI@yF1&y&w%yMWJk@X0fuy*9Hjl_A#DxTkoHn1R)WEN^ zfvY^kBp*d4Krgfj&>HO24gdghDN-^U!z!H4v*=vfJqqwCSbDwBY60T@J{v3#_FQ;A z>#22a3!fu6F`naJ;RKq1zzcKMuM#x~)QO*;iR8}At|PB|u_dmW(##8FZ zPdS?AP$AlGElm_4q&C5^eFo(^)Bdh_uPJv01O+&>JuVD;?-xNBnTEmCg{ATeyMAo~ zUXaaZsn4fUjOPpLasD>0m#By8AW5L{5xa8)+2t*=)wy64nOE8`R?reTJ9puWhBOpC zqH*7QNC&ImEiatj=$yq2)NBeJEh161Qta#JW-hh!#FR0tr)K?1+=QD?nY6-#ZH|8@Bc5SR2uS)jZ?22KK{Xe-bE?t^r=l%z+MRYRbA#>y`*!TmMZ3q3;aBAf|tM z!k_F}TvO{>{bhSuq6~d6E->MSqYW?VpBA|Q56GvWXbGJLc$QP5fyCk`TZFQ68gL;# zDIjzNz?u&q)1~QGI?Z3x4rE4oWc3~l!*b0hJ}qrCTMla;R$l0E20ayd&~aTbzW26{ zelchb;t&N1hI~b*+Rb#U+#ZYSoy1(ye%r-^Lds5CoYah6#{zpyzyXajA-TQhb^ApUEjSy}O7q-z=|_>{ zhoYP=0oG9d|7X&vmY8NY0LF`8C+=`XTlsY2ahB>sjo=_Zc>1MplGq^4+W?kOnEX=d znmiGT$mKTdE;uz?tuE3AT`2-UI&1^N72gUcA~N4ix>tBB0W+L*2fz=F9P9<^u%@y{ z3;o#%v>5nQSQt^#@^iE#LIELDLnT0SeOE=_Th^4M@M-4$SNhA#crQ8FRu0kl2RrlJ zbsrmo#%ElJm7c@gx2LU(Ghfr|6CX$;7*{IvblC((s_;|OHG=hw8N>Se~q06!wODbb`LE4vaPzQ zJGN!)9OA9jt;!?(S8#}rE(gAVie5F;n{@$9>Cwizt3r#M>FgYBbLUy@DJXwuacTTd zcwJV~LzKP*4D=Kkz8O-F$8GVC+^XB)HvyN?t7d6M$vmlZQr)zML~v_>#3%rUL@=-M z8LqkIN-e0!cJ5V$gZ?RQ7}qvwruy^kF3?;QWjk`(fvC9@A7l0LiF5>WlhIM5Q}!8D zz{*!~LvlkhsrbV0)Di7jUmT_oX4wmT)z-p=I9e*EAPxTSsdIWG}^#Y!~c1r8| z34kBqcJ){aw;ZJN>)3l|1wiWf3!UG9x-V(nY#I^nm)@Z@%SG;}{kOM@q|v35j0dZ` z?{be0lpC%#Q;(GRzHfDEITkhyGuysofo;;9xT(1yMXG8;H6uhBsL8k zy&ZXRp+2t{l;cM{H*;fgY)VC9kcT_(+**B|*I&=quL;(1M%#(e(NH|$;tfUQMM|G~ z6s;PRV=NUHFn6!@x+Wb}1g6`>ARXB4sRe?tf6#JMY8hx<6+c2JEa5ryaS==*#m->$wNtY2%vzLSfe4TpkS^L z?`#s`Y~gFIzFPhuZ{z6BvULLwPGi+K)D2xIqT;|hoFd+e{VbzvB%>P@>k$1}VRK?i z$dmu(efAouwkI(sMNhe&UO#u<^E8pvNapDFNmNh+$I;67@@1LBGASx011sk-_W=Ra z_XKTvnw(auc$zAxL!_$iGKE!^Wb4SB-TLN078d*!OT;9J-E*W)i6g#sE)z8tkqJy4 zW-;=jaI9~IJ2l{Y9^$HD^Le#iI&I)URP(}35K`C5!gzPaHw6-@s)&r3AX0QmZTil0 zaI3*Qb3r|Wv5o8vv+Hd#!c|z=-PRxw8=-OhFz{figVY3}L}ys_$})Zpy-IKK%8rNf zZG*hGLhprjv23|p+{BD`gsH~r%M5kIf`~t_#+R8~J#hlZ^bSH&8wA9$UL|ZdvDIqA|6( zNz8NWYc3vb3WMFtjJF@%@I}73D-BO_$7|I~WGYO{tD#z$@FWof@@N21umM>aJ4cZFd0t_PW;G(`^fk|fp)I>J zx1^<<=|JC2SgA)1eQ(KLv)&;wf}E}qO$PD=vjnuu3dmh$^kKE0_hoEK!qzzJ!AI1^ zjunDIBs<$6N3D+Y?nVB@8=CDGyNt)v9T>%^4N^< zs=coRtEQ0>@YMCclPoVOY%%QYyl5^9DBX_w=n0Yq)}^H>hotv|@pe`ND^8TfzW_%Y zM~K9}$xA-3d(9!6AGDdRR}%Y6uaAZv!`b=!KT$A}BdKp%AjuA#;lUX1`jf#Qz|3Ga zhfWP~T!S?Ny73(14%_uM7325`?f2CqiA-INQDhWG zSDsxe*hbTQXCE(kHN9Qw+&ORld~=4Mift)BZ4PaAn>s3Ygc=uxzxSRi;3y#4j=A}j zSg5N`1GW3anb^B!ONhO|OFT^TXSEwlG09Mr>;?oCucrD5`d{mTyH+ zmm%|p?g6Qm{Pu(lPfJoMZBiHvUD?U-6)Az)QA|3wXY9h#mu>B?D_de-&Uy?I!}{`s zvbkngV6?{_Sxyt7G-(gssW+OV3%<-Tur8+{5d42m`h=NRw&u8mMZzq9PPyH~J|s_< z6R;r~gD=S(_n63x6&mG3Ri1!`GS@Y{YiD=--rnZb)6Uo?-~ z@4m>KSToj~PdvU2Ug3gnG*K&ZDHRIkd$||_{;-o2p`bF*1JX3nk-J0ve5w^LMEW7; zV-jLS-7rFk8Ybm1x1LOyWDsq)i{RGKQBl?Pt+>3)d9P!orAoc3J$;&;D+T)HDlUUh zzB9t7Da*eZy0JUuQ0;WK+^WdJTM@?psEcd#!ixB&C%~t)Z#ozZvWw~4DqSTFLThyv z1N)jw6MX*5T?f_->ew#%UI*Y|G0!8XGNVjhr@aS-e$+SV%8K)6UDO&dudfwu(0hcr#-xQf%EbVC{_7n3 z`9g&prQvU6<=IkPp%+qLOl?#mFgoW-<;aj>>ApqZ8w#C^L?>a(Q(sxcf||$opS4b` z76qn>by^Lp{pHU83$0+5jBWU`wLX|>Ua77mFT8f+)wB(1-%7!a8fwy>o*tLkc#0X2 zoCDa&SL0eDDN-i*1GNqZ!$I8~-$cwwx03DuV+51VW332ZGkRpexez5X-(}@@;pmXs YyD+W8`@t!z6X4&SoAQVZDSfa10|!?fG5`Po literal 170386 zcmeFZbx>UInr`0f9p| z6%>>c7ZfCvv$HlbwJ-z$5erF3f>c!;Mjt##L=_N#72=aPl#bTUzmIgNLW%{+=|hD2 z;q*(syFQ!vH<}h&b@|umdcs^)Rq#_sc_BkXEoxo-N`;`~Bzr4V{T}`*ZL8 ziM271Y?Dc3s2X`v5W9!RodeJTq}GW5E2->ALLOPV2^AdO=KE`V~{>m&}R_#S6}tLAk~zhzJl_Rgt2Rl zsO!rl)YSKpv#em$5P!9084SE;4<)P((;T+1DdvFyCL`xT?U-=At#VpagXg%nQE$pK*A$F}K(EyW0Kf;P)U%_4-5Q(`~La>oc#L~;;| zGgbwW5q&k|8+oz=ZWVb-Su{nlmxXFH0UFhO;0__&11N77II*f?w?#Cx3mzCe*hNwu zDM*zM;vX>Ds(7^lVq_8;50{890e=Bvn$fKI2j5NieuJ94Ggu{P)9|PMspmtE`I^Z; z(ami8Z4LgLp9(Ei6gAIbh8OE%Cwq!~lHR)d%n?iS2XA;stogBovZ=hwo zZvFbmn>i6ni72tbI&?5Gjsbw$T>kAUpzS8YGmGOD(>$ijvucJsyRb6w1?2Kx>*>*D zG}@yPX&}M6Va*6cQzD1{H7&vrq-)q1WGbk08E&I%uO8iJHp3#OiqEXK9|JTSM7W88 z$p_)(o-V+%=4)gZyvrAFL{MUWYB5m8ts-L|+#)vwRglEr$Z`-1zaz3?EFfFEcx(`H zzrz1TWrL*sU7C%u27bS_b_fROCd7pJ4)r@45nDi%2~n#Ls+!LN$+!>fQnV-9galfg ze+G$%SOA@HG@9WLZn1z9as5!`koYdH9oCV+IdN2s*Dm}Obidq>l2Eg}fx};OShpgA z)2a>-sge7+0Veb<*yTdzQ(z|CZV2t68$#|=Nr#9KbgtpPM|z3LjQe52`opT&WPRv* z`Kn)){qTBH|F(8S-s*xaiKYk7+LBp89~dLz2i0C`dLVVcRQB9&-MUbD;dzID+tz_* z`izBP842f4 z*5LL&BIJ-i{56Elam3=(3OvRBbtw)$4vBNp$KO2(N8=oa8+JkL7*b?uiB+QS<0hk9 zhbM=>+ez4o*j3oY*x@$2+L`YdWCr8zaTwIUPbNkDkv50|I|5lC<$&!ZAn^@YM1ns%$p83)vo)c&SS}3 zp6HZ$7ktO>TcMkeSk@)4S|(R6S2W~C!9HGv5~$Kq_977QN55>lvPYg$c{$%sJ3lFM8vd}ufyEQc zll2v}T{fY}EEl^hwOGBtO|D+hQBGQTT$@JQvO>Ln#k3wDVt~#FoUsPW98(ml5i^U- zMD`-HE2GM;CkJ{RWusK~=e@!~Nm2=ca%b_IxL@&BWlVmxOdkJE4q1h11-p`c zhbPCQ7W@{jb@&!z$M;_)^zA9jV-iMG_Hwe405RD=jf$0m)UTJPuBaBFq)%<_YUh((x1n#I~;+;X{L zzJc}B#OaGu*ctYj_NvB`{aNGkrfoK-KPR=biS5Jo;Vy*(*X|PV*J1p2UH?%-ZHayS z^^XHdT5t@4q<-2$O`aBxmi<I8Jbbc&ebqVGQ}oEC)p#%MQ7t?pabwy*X@tX z>BZsY-1RTl1s9%6hKp^NvrD&g%l(Wa&#vc$sQRd>1OG{P9hJ?1j&ZMKoot5FW z-eWdpvZtv_&$b1&xlM^K{SQZ%^_M`D7vvEXH)L{hTB)|wKPi2ZW>RFNgXBPQ{M3D3 z%bmK8BZOJWg3VMt27~kPQATECqe(7qNn3RDg=$m*34xKf_{lOcWq5N6W;RF3W5U&> z_K?@uo&M#nqk|Uv(dNn7wb_wb?LV!Bm9oIei?O01%)gIUB`%eWehiJq9h0GBD{0KB z8PT3>LFsX^_OX>cliQ6G3n|>rPDxz?a>R$jj^pdeoD^_q=fi?mM!U@Wr9I^`twTR= z;tp+nMfn}OgV-Tg$RUH?cUin?yai) zrE;O-P+lotYr8V1EWD9Oaa0ptK2SPUQt@hdY`!{}o;NM!TwtqMZb)oO?7Umxm~?y| zNf?D4bzcmstlaEclWW;pA5g;qs4S^iYzi%ttjsB5DK9rI+gz`VXO%LPSSdgMB-qHU zH{46S*I?IZZFIHdtkZILU%r#&bm2Tdg+Rv=v z*15a7zdH@vSX4jxsnM!q{+`NFC-ZaBTldL#!p{p5=bIY-ifgiM(do70?*eaphq(aiE3bN-1`qw#(7iPs`v1FFOJ)~Ij1 zLc_N4d@a+f^#I{uBCK`US!a`~iPg?~7_7%{CP?BN6}~BV$z$(nR4;cVcOk(ux0N^Y z^{yA7^?q-*tuX63G;2CjiEGhQ`?=??zxd7PZGyM(b@^W5!tPi0E?}>-p^d@Q@x{8b za}^Q=@>v^JC#pm3R(a=a!}$)V9+(@54}Sm`)dqOYzSP?kJ&3Z*LgwKnNV!hAX}$_u zPAaI((IE)m508XV6-fL=<Rv$7naqBbm9Tbr<-+oK4#)q8lTVF@B84dQ_m z85wDThxb~86WR{TXJ2u%Mouf#G`OipRuJg~^HBW)8@FZ7b~E3b@^Mgrwh>da2LVAR z{pbBfT!G}`;|%fD^rxzWsiHZLq^gmz!&ZnV^>3>qPvi}dUJ_H2(GXkKer33tb zEpsq6`Y)FKGxG1t{!OlbC&%^AW*l;+E`}CrLZ+66R`wsP@h~$oas3;a|7GMq8U2@) zs{gr?o}HfVUzh&N(7!DGhZPQ4J5$3CE&Zbl9(pdo|MKiV=5qo5QPjUE?%%EQZ%;qW z!UMwv_@5@`fuZ%^0tW%%0}&VE|LOAOv>n<-Y0(w|nk2;mn{-Hn1z zSG`kRQ8-|g(Nyk!!X}P#zrkkOvAR2On`GpoUT9hw2c$ZZ-X?Lv#aVUfBV(b*#DRkV z0|gfl07FhCWkVLl6<>3XGR~4WCcqOHJ?zXB<#4ZTzr*%2KVxn;Z#N%srOzh%f=u|i z>%(E7ZE+Yy!okISK6mkv@^#a~fb(0J~$%_y8b~?z{ zR@+SeaQshk^TD)S)hGiWD9Pt8TN$6<>ui&RB2k}Hjt@A+k|EY7bx-KaM$Xr5m2Qlf zC;C~2P)}>%KB@U=zI2pqUDgT4;OXz50|ViQsnj4o3k1T64_)FMVD%lwd=3iHAEu%P z`=sVc5Dz|d8F3A#fAd*}e12;sepXQAV0%#1(*aiqdbiIq^a1O7kn3uEsl>`elokAlz$`rnzuUqH8R?)x0*tdy@u7Y7KbD-B{&l$Lt&w4Ds zc_t#mGBppsTSn2Hwc&wx-e$loF*_L4AMK7PSg?q|mJza_VO#y)`G!^6Ic>fM3Z1gF zara%5N5=LFqL1oxbiW`6r*}O-IR&j;u3Eo?XL*;z%J@N;r6;SXwNu1;J5KDUtOFZBAj?!xrqF1Tqeul3wJ)v z9GHB&+Pt(kC@dp&m9$n5UQL`3x;>e9c`e%W)x>|=6M0$RLvz{B3F!Ei+iw3vY95Fp zKEXGc_%^S4)M zi8QCbyqPPZi`pi=M6T`wxu7qjyq;g8Hmc=R_PD~q0Bzx{-&nUaHm`5rD?95EMp4H{ z{qVD27`T2MXHC}-$i9oLiDM#G)7q6@Y~rha@y4#!VNPWCktv|{LZnK0LkIk#ibAfLld zTJ=j-vg)nMTRLCP2+PEeV)d(Nwc{>ow!$RQPDGVsn_FMB5&t))|Cga)6i|B9Q-r@5 z&R%HWtnZ|koweV+FQZPbJZbjM%LhAtuX^p5!aTlZ@l*g;@VX`|-hXtw$ak6Z( zgVJ*uEC$@U@xoA2UGgF3RBW5Q8aNviXI;-021(%**0iz+*dG>e{uNzqQCe)67?Qr? zc4Z}UCyO1U3%Xor>|iXBQ?d2B3vjO9wg>bWc2IFfSoV1z=2^OI#eI1_LDZlc8mtwuR*k=c^&thHCPrWssAEW&;KN|CkoY%|&#yAfz>4Goa5!~ozbFxQzPraeh&Bj3x~RwPpXzqcV(t(0XHU=KMj9FWn=nQw{L?!fnxwCXhxv#8fgFvgPO04T#v zmp60Oq(U`-7ZL2B@jD_fYY*ayPNyBFcjtadw&}yjB*9=5{?sJsn=Kyx=%ew=bFeky zamIIeQrNu_ViMlhmtZ3d>dya{PEBVdtjzgt0YMyo* z@KM11RUctHQeVaBx4VYHr9mE1Gldo6YNb7 zj2p&0DuS;?Jo^TImb~s5tlGDe6f{pi(kZ?DP6%FzyzU?|c-#j`^Uk^MZbO_uSz#&0 z@STFUB0%mxAUzze??6$m;Bka0dYuDwRFFmFj>yZ-?yuSPSY|9vhi+k4fDHtqyr;L- z8ZQ0mKI?;~wdFlVUGnKh?0Jg^j_KE`J6WOqDvvM$(u)(M4+NXzOxAu{7VcY^9UceY zVlIaYrab)G#W+8g3VkWX37vjx9cY%J&W|YXEH{I#st1-U?>p{j0Jj~(unlhc2dJ+f zO)$h=y?#%}%pNw5$cSDOp4vkiVLWrNc@@EaN%M;HT!&+J|9e>v<9Yx1Hk3Dbasb>iKoh56GG~ ze$YSr@OKY_07ukTVF<642cdTzE@Qw~R!0A9(+ghE_zj-9wc~fhn`R%W8ej z{k-P@z3{2SqS?HR9XiP!@jO%6;%S<9ry}d|JS*c?4(&%-jm~H*=28FqaudNwptg!A zRU}hp0}s4g27Tqw;@heA%d4zYcm4{(PM7sNtj@;i$*yl&Y4o|d;roOqsJGWVFVXEp zVYR6&IZR?%7vBAv?_lRW+lKigvDNL4IWI^D|0gs2Jd{6jfJhPoJHZ_!Kr7N1_%d|x zniExW*^C3`e3%-E%y4-F&W+ofP>z~-$tPXoGRzK#S*{`Fo^s zXF+>>lL?-Tr2krYLyMc+Eh z8F#l$dZ9Er%9V;w0;{w}Sj%X=LVk~nunZ6x{4A1u_@taqe;m=Y997ESKeYtMWmcIG zZE)U^EbNhryhL{PR=&It*vJ;|z1|2vY%dBN8A2e}7zd&qo4pqcn9>(gSbrYINcwnrZ=($*6U?GkiG>i@8Oc6@_e!oNEQIsr(IH-(QY~S zf~$Y|?sZ!pkRv}tyAFJP2|Ikdu`Q#KKsb}}j&*V6@4~8OL{HdK(a7pj{5E#)&Wn`g zx!vk=9`bjK%6Q9c;9>q8nZW~?k*~6qa86Ewmoxd+ej78X4;&`g$&oaA?(1eBJwRt{ ze-5dKd=qCmpAEZQLK&@ciUB?^wC1zY^xDUs-*_J->uyoN1cI`&^5ps}G4TDj%u+b? zf|p4lB*b3+^3dpL<9*F{G+|*RC?Cfex1-v{Isv!nWu5Z}9Q|8uB$2_-Hnn#!gF- zeU3=i+(#?!d~Td`ApLWK=%ylO>pG|YVu}<0WLR_jXz_45UPscCe-7};WFJkN3^J_o zU$LJolC?hCFf!|H24kPBT??Q;npB12B8(}Y#DHSbN83q}6^Lp7$z1<`&G3m+#D^IM znZys`rT5MAmlavg!<&-2EF;!8aI`;F2lz;Xu2q|(U}k*sEEU})^wG<7&JAJY`kWQN zAXkZh^aInn4nOG|KHy}jA3#BoPT%^J1RwDJ5CS3X{D=zyYHeW&53*VpRRGDQoQZSp z`^u-p;`<5SWWf5v!XxB!?)$-F+A`Ze~14i95#Qx@B2(APhn zaEV$Emm~JZkH$PX3O%U}jefL^wq?LHGdb=IT`@aePhi{c=OsW?mV>LZlraswr?w3a zEM;vjdF-qz#(+4V%Jgd*q<=OJq4_4CEio5)zIE>nka`>N{hgXTbMHaJxl0j#7Wu;| z`lux&`k*q23-wIg9N3R?9rVF`%>QQQU6{NKt~0D!vAZQcR!B zmOqI{}XCUQ`C>;mFXhKTJED!~&7)5@=?*jXDu;ZJCZQV|~hcmPd zq5La4Ivcl*#HR{(xF7ruiNLiYQbtN19K-U*+X+tqG$gs2D#Vqx~JcPyCr zPTSnj>~dt|CJ^Gv-galcIr&Hb!Vq%ADjW$pqeR` z5hoc-3kv26omu0ef%h{Vx^_Fr=rwt9l%aSvb0zfxPZBiBl=2fe<}ul!GozYiz{Xp| zOh^!=KUtI_keMcSJ0B*u^|6)(uwnyAR4eWp!5KKuDi@xifz?}?G;1P&R?II`YSk|S7 zQgZTZjsUcV;DGh1v|!;NUmz#PtHH^dGiI*O>_i0Ij>H6yoihETp6K7Msq=v@T4=9# zDHH*ZW=Pg>-c&%1de%MXa?@D1Y4+7_WC+83>>5ZdYie_9+}_K2L6qg`q;a{ak+9ua z|F%;dWX-?Plo(Is@p4sJmA8dU+X^JoR6B&j&w|}>LS!aj(UUz>8=48=+er@z4RBSh zCdN5JA#INCo-H`QnKmB~LBe&Na%}k~y1@mVw8l;)VY`WjRS?$HcF|<}*N^PfGWHvL za*SJ{t~PCjdK|BO_PcRlM-aH;1r&)!vk$dT9 zK1D`tm-jlZtdL2M3gmzWWCH86>=`3m5$Wj3=ItlarWzMb9O?x6cUNea&LfheB$`Yg zuN2l(RZVG+P6qVq$gywM8z$%WCHp%Id!`)#_ldvt2Qo!x9(zxus*0H7_b46bxA1h@ z=M#CQw`D7xym{1jslRrzREY9+#(J{WHNtHP-u%OT?g$^88QCp`S2OdLJjBomI2Z$@ z#pPHs7tpcXoy2$JY|7^p4dp?Zo{@SlXQGmE_cQO5U#x0-6swXZ`#n{ROBXxdC-UyT z1y$tIKUmALXA^D6~VxLRhSJWTrHf&5V>wiVHZ(tdq z)4sn$cE`E_WR_|@IO;8(WG*ovHQyw8Xf$Arte&_hI*svCa`Y~8At9`#fHkk65a8#- zSKq+0-HHQyHA}rthfZGWC?(Zqp>209Z9{G8xNvBY=xkHGXRqVL;fJ)v=E^cq4Eznw zYNbs7LkGEYBJa%PC{8|I3L~EkZl?<;XzmG&{qZ481LkEQ%J1QCKwgmwnKFZ&?K@t8 zmjUlL9 z>M?wph{+U}(X#qrEX%4{2=IB0uS`yzIzc+`Z{RDx5kXGE#Ys~>4rVYRr`gYF~VK9I@sp)6_d+v zd=kH3CQNQ|OG?O1J@+(vJ_0J=OxUEpQ5;EJI^2}gMFQiPEW6E&)~dx6f8pm|9+QEH z&DM3F(5N;AK1KtV^O$JSi33?TB?>~phl7+iplG24Ex@_8Xt|hQbj5!Y$EsX*1f8_B zQu$ixODj@~HBkJWyQmV_Kg`H4P&2oeI6BQ05q1Dw^OsUIYFHc#^(pNx@XPG+&r!AO zm8L_w(-|Wo&bhYYEw&-+wtBx|)2mkw>dh*SggBqM6nx@5`Qr`5%QTAxHe;TyTlv1V0`I?7sl0wcnn3F)w5?X z^#~{VRj)bxo;r%nYs-Zq6Rvr^=&ec{eJend`%j=_PJC2wcSLQko}>o7nVfvo7tvc+ zO+2YXOkGVyfk|;fH_(ksksGh@t#Khu*Foa=;gLxsd88x!`1POVo@@`M7;Xufej5H- zII@55o)5YaS<$sypqyzEf^tLEn2KhE#Iv6o-~FYZTFnVwF+5Iu&0`Ah!-CdmnednW zRJ*sC)pSg_sZ2S}7jAVA$kh6>?-OSwuWVnBHGkz}uXpI()Zgg? zg9@jX0HK3$Cs0Qsz*8=DSu?5~`^3p!b&g`HL{kQ$z(UaFyt*Ju-hqK5wHlqyCz7!lRTwP&xYBs~L zsHPCi%luQ<{i*tFk7F)OG=d;YK&PLpulbFT`O)_AOl&ONsY{JP1#@&PEZv!&!4AKd zfympznencX;&sRiH(_%vo3qqV<@Sp(WB938+1TtzPyBhSSuTvqIAvYM*u}iV>|%gt zDl#5(`_4V!;U2HjkODWTItf4-o3Xxft})G1=h8tIJWiDfk1J;uS8H;PFH#|#7gO46 zSZusza)vA7E1WmYH;Cov+?+dJ#IzW!*Yr~gXbeHLfV5yohkuQw{9d?H-;<}HHN;GP zHW&;A>%Piy*?lK-t6^SxKF~G8q!y1frfFg+R>dS!rWG?JbKcChgjzzq5sB?XZ)`%5=~fQJL%n{VrpDQ$B`ljhO3FwJh$v(418Dd%%Kolv zQwikfFuEM{YRliI77y6=eMea$H_Vrnz(yazYF#LHS8-=Gi_8)^FqIZaOiv6?XRno4 zXV93~oaPw#4n~X1z7f^8Tw7g5^2PCa)wZoaqMHaQIX{0pS29#C5zTj3YI}Ok10n;@ z*j8ks01xvg$9s*2Ndt=gfuTW%aK?qMF(9&WWMLKUuoKtNPuTU1 zT39Qv6=#&XEyyiu`>Z^O&i?#InGQQFr?wkH%T4VbA~86;2UpWsg(dZ#IoG(rF`CtX zU$9WlGgoJ%>PiH(MxwUbE&vKpP7uUZo%lM!0EvxIzoj~>R)0!H7UmYOBwRGaEK&HN zF&oL@8FN*2!enOllykbDl9CV-+LOZeoyuS}A9HUkE#zk>BPZmukg8h|B)L0;p}s;# zSee6ETAaUqg&s-4Xro5v`SqFGEcQvM-pwH=E8gSRCRfKu*`^USr|Et&^(gpOxbH5H-=juWw8A<$rJWAye@ zL`N(jo?0N$ z9+%vJqGE0~ISRKR>v<}*JZer1^W;xvPoVL(kT2 ziYK@7{k(uY;p`J`t}9@@I_b{jIeo4Jvs4H~jY}r8oSI>uX#mGiTeemtHYRA(IVztG z+cSxt<2fqDJxYAbSAe8Evp`T*GK9=Xt|C|*Y8F0I7?F<=<5Cx*5eDXO2nH5 z-Z)Ux$odUBqSF*UO?z8`GtT}hLsG^7(y5!bW;3n!GHkV)nC^qaD56A@?d1Fd6d*32 zYly_Tx8!Rpj}+Z-kaQl1wO1<~!v~n^*pru-ySF|m1$ba$p9%13CJ z!}bcZiyfa2ykVQKCX!of6ht)8T=BR%Scb++9;GcNTT0Y~vnx&)-@B9H+ADBWbn?Ig z+7`d_-|u9cF=%(HV^wAi<~ZZbcce3Pbw1VhcQ_huOU3VTPP3O$L$OD7I5i4CASZ`r z4&ZB*^1)QJ57<@MDqz!gvS8e%86ND)@nXAA7`P_tq+uVf|5^2acOtfK4fiJ*ZJL^$ z4U_%V!xhUi;sThf6y$Idx1-G+doq)Wot1YS$Hn!mptRuWo)61AZleD(`saLl%;iQ) zu-~KYbaHFwl~xTg!3sjIv2lIQK~Eh*Q)tFZT_^PA89_TRzGjx@ERi0){;6EbJy@=8 z)^9mrnPPVES%kBAEKF%2yYduA|Dv^MG|6SrL9W>RkGW<%tbrxJfD;GIR3u9^@A7G4 zo>^N@$Q{Jy$mJgsK*`AczJX}i8Unq7Y z-kTu+=9qvSRxpnCiAe?#^2MPi!zMVtMeIPS zzsC@zOk*<3q9tuu(=WAEu>+`REdwk?eq)dzis{CFZS_T(u|TGO4~4nO;`!Zv_T6T& zA?J2R$}#_sD8xGF{Sb_-YvHa(H#w4zF z?xl8FHU7284DFy5rA_vi>U@mR-S8}>#L)506g%Ffg-B;Z5FA~h86`j*f9q(N&E$M4 zqG@)!Vo&@=y#BtXe}3-3f*IG@*~1R4aQqi)s-eVTqm$XoW}d~ov%a&Va}`Lk9GIS$ zQCh|CQx3bN9?!##^+Rn>NLH7ee&e1uXdahovc;1G&u7fUYzgp-j@EyDpF1pBFc;!2 z5DULqFZ~w%5xI48mAN1d>BM^tcFKZhv_-zy=EoH_j{C8(;J}g2TRqMy2eY z8Zjb^WeobKNLJar*Hqyqg_KiVhb>RaxWL8s+l(c(${_hzYLwa#ww634?zjRj8nCa1 z8~B0;IVdg$Q9v2s1}&?)+3o$jHS4-_>>$o-vJU(=GtjIYeqpG+vtLh;@f!PsUP4YR z?T)z2S{);XZiWd?lAcNFM@mG-Zdd{}dbsaJ(tEaLlM&11+=%QkrlBJlSCK|BY|iXI zUOO&hCJ>6jIF#-an%(dadoM<3jdrf;@Y`;TG`jvsX^djc;hPccSuiqE?zj_i-qrqL zIF9{&kX|fB0k8MY8Sz79)5q|4#}QM>eO+m(098DP5=0%*Xc-*M4EisFiY;*+aL7#MlQ9uqQBCWA` zLIpNGt3W8~JcUKEcH1^~Si|T5SDF=2nC~0y?%1}u^@v%mM2qPzwTu<=FVJu6m_$+u zn>KLyyzQ0H^|xS62a&nct1KFxR}?GpNXr>N%xrEe{vfEDDtbJxqDb@9H({zIrVk)s z`L&*;Rax6YB;K&MbDb~4VM!^`(D>&I!G@ItQ6;o#{)n3Xa*J@4XwTts6QGSPC z9+0Yjb5b~`W-kzkR6y!a*3#OhrLx=dKkvu%?(wK3;@OSfj2v$m4R*OTn%2}`JM7F^ zq2M*{w)X4SKv%&w=-Ea5F}Z5SQUCTcklJSQ!VPb>qjYf?X?s_vUi zwt)8fnz?!amf z1qQ3@^DcId9c;e$;(dPGJtYqG}Lz=pC@g)3l&gvJ;Yl}QN$j2Zkdd%Lrqy5A7nsk!z_4e z53D*EEIN1aPQUW%pYbS*xu7i{5r{mGXzdX8pHXM!HNV8Yw&?SNyrGE}(Vdx^Kbt4F z%TQB|C6MSd>p=8_Mao1yrZRPY2l2k{1KQTr3u3QLX(z2cATAt7v2t}TPHrJKyl-Qq zY8~Y@ImXP;IsC(4awov| zdeFNCc0<17{JJc{WYvCqIxCR79}vyz0%UnZcfKB>G|78kro6u?ozm@|ihBi7(>BY4 zH*a?JI%}4E4exbXK|D^ZP|D(V%epLs+ZDWFYKmW>S#eOxVEe4zZq0s2^<0xKGh$T{?6r_^9n z1JQJcKRT~|aAVI9XlMF)$$GdhC&`p^G)2^1##R+w(u+g1;@m{Hb~0ia_o|Ba&Jm>> zRCA7p#y$m!yD5%*w>e$nO(;(=zYIm6864&LEqY~9m8b|h3t=7c80S5j@1Bs$)XvLm z$2jaz8LB;SG54$DHOHG0${X~BPCBj#zLKV>HcL!6#9i%{S8^{Axt7RujuM(R$E)R~ zv)kV=Q0+Ceajl{TQ+A|~t+8fvV24v#L95lu{SnnxOR&N;5O&*m(WIVJ3eT{(gQ0Ju znwh;tJGvW9LQ1?#BYcbrNKj%oN(-uxvEbZ=pIv+sTE{<>ty?_~8(lSxOH^yN>gf^4Nnu(x!uv>FbM zshBEB@O+kb)ruZA_8Vz^B2l$Rp(InC;d2!54dt-RQ3cx-N7R*~j9ci||8LT#*7~&hG zF-t7dCZKDQf!vZAs9eN%&%1XksLNlTBUOq{hEgIVRWS7Pb<&Wztahw5h<>EN-ss+S zx*~SE>*!SdNVQu~!fvmTyR3@u&Xx(BrW%~0AoGm84TfH~{f%OO!_nN{`)qkAOa7O9 z?tUdK(4f79j+79YzcYhkg_bu;)I9GcJ*ds`9xl5ONX_BCTRBV08LD1&SJirwSP$ap=`XVHn;a9a; zd2u!wtlTa?Kobfwa_*tR#{o(mIJLYG#be6r=JqsAHaL9tC>YVPM8(epzVAQfW4{$2 zH8glbnfodZ{5~vFg|ZQ)n9o7{DytTin;JUr`jmT6eXuMh%gN$dbU*tm-Lcd#rZ6QV zZi*#YPj)H*4@+U!wM2O10o`vLmK;WdQ%@EV0fMm~8nbtyNlHXOq=jPV>?fyfFEPk1 zeIk0D#$1UB8T^Sg1-*(=lG3hzgu@B~-u=Vr+teDFUjOa2oMD9w6<>ckL|d-1opEnE zL0)@?CL4yglTMCQ3FfxpxL2_hg0<%zCU$<3w}?D_kpmaXjIFIO@3UjZf8{yCIrT8AGYLniI>y+*;v)?X!UMR^*Zxl40T+x(uYGBN1 zbtqedZi%;5{Q+EU;HxaSB0G$o!nd2+frbOB?ammPUK%JeoA>i+q?3J3GJpL<_CP5- zPoG_O(dW^NTHsEAuT*nqE?|YIluf6pP1iBjIq!bbF2{5>tG(VqoebOy8w4fpu(DQ) z6}1-;n;oI<7)M_w0p0g3w1L-*_j-!5-?dlOgQ$S%mF<7tCVP4}-#1-cUWv8%Tmgw} zz#eaJ?GROTe2?wHhuHMlqWlYOYFRHt9S;#=qBzsgp+2$9{@x{>P;5B^IeE54DqTF9 z>~3ZG{sPvUd==_GM>IDJVGs?4xljyYn&s$p=33yAT3O}Iy^1oXj(i|9F*u`?ur{9d zGATYnMnKJ9ZY}k^e3kee%@cmdr13R0V(@sa7Ht%^a3zi)Q77kP8HJ0K=O4Nznq@^} zgQT#jm#65SNPdfXwwevBy;#(SkeWdg-Cr z{Ik+0l+m!>m7e2d)s{m#V&o2@{`{v^Et=!em7})PAhKpG^^a#I z)+b&{*#uYeD%&KeVMt-L4prl!-3`0;u^;vTL#o%&GB)Pd;9VTVK|kYhAR|u```)t* zpJbThKPL~ZpU>!j2(4AsW1bijm5w&hj@a{8LT{?$D{pc=)(By7;n0>wlZ*{kfl37j~4avn-fv*(NXDkG1(jp`HVn(Cxrj_epqMV-t)dW$yZE3`R&4r%Vq8$0SxK{*w_}bg3AsViHABh^;@Z~5@*963F7w?Zd z;I)rOb)hi3SeYlaMw9u6)|21Owwhb#lGXC1bc~??%3@iD-!}DG7(Noa{O?JJwgT}& z*G2jld3FeqaN@c4lTZttD6(BE@cLGnT$W#|wYHOfhCDl8MPs{mVVpf+7K zn{OyT36=_!)B((4j(cUTX{RyFEE2`#V)u`YAg@)c6DWqvUu9d4fTPHY^*Wx|U$oM+ z#Ph*x4}3Yfx^;54xTGhi3hb>MVOo!%VN0`)x@!--oVYp*&p!(-i-1A-)+s8OD}FjJ z?dHpvNokYcVly&Qpu5?fUG%85&l5j=9s4L^VA_V8)=|2(+V?v0ARSp)qE4%xvyg*E7Z{1tzF{jol3zjc2FC3MA=F>49&sS zlPh;fBg->)V#erMIRoMX#(dqJ+1i|clWd+ixb%SW%}vetpGJq ziaFwx$*P$M3xpo8&K?|*KbF7OTSjmMno5yQy(y-<{Dp}#l(s`IvQrSB^0IKBKMG_8b`L+ z@^JwC@WT+<*x@DjEU2@9l9!?lT>!>_mefHkG<&&UAhN17C9DEGi0b9nKLt=ML( z)z-3%4VK)#G-+ws)^oz{LC&H|msea`K8GTX8J9$(?9p}&S^GbPC(<(z<#SV!MYr7A zo@Qjn@GAcw=FT#zj&51k2_XT3yF0-(xVyXS!rgu01PJc#9^8Vv1b25^xWmF-F5fP4HJ2*X0)KU*;o5>iEHx_%*km5Hud3QaRe;!sH;!BsW?vrD z(<&H_)RGM>=CSL-Vk+xZU(?bir_%k=lP#2cWQ(p7#e<-v3A%*~71V3rf38F>2l6~= zD;Jk(S9GqsDNoQ`xjxhHz|Mx_nGU<7#im7}dT15ocFrOl9WhYsPyD&WJDoYRy-8x7 z0oTds7$P50-(uI~O$@@@(X!0-4PR|4k}IRJhyA!r;VV+EYgt4)DxKKTyFbM0Q9bcR zeXoQ7+c=G7Hi$tBpE;SwtCo8LSvM2+5e>^sC~VTp&F5rlWD*dDN`=`UMZC*u9w%9e zTE$%e_Am5SCG+c)m@e~HyC+<##bp|y3hGSXNb2Tf_z~DWf#l6NXy}e%si7vYEW}=; zJ@OJPBiLyo_1@V76#NOyO8eTguI~pu@SCG)qPh4YarbJ4Z*kw%M9A+7T~PZs?&PZ3 z5f^`wS$ym`=5SAk1A(&Qc%{{a&1hB+e7bOC582QPU=XQwYUDL;2)8XWqc{deaiO%H zi*2QZyfUz%U_7;8x4xPhfWeL(F208m-R?D(2zU)rP!A6|X=zhIUJh|+Wu(G2t(y#Z zlOO3ed7phJB@(mQVzDg1dyspa|)wi)AGH%;(Vd_D$>(x zEmbjwy3uxtE`N@bH_w2Gc*I=RM7&igwja>UqKxt?G;A0^e@+kJ96&p=WZ?WQLoUfm zidszaTQ475mJR>TsqYTW~6ptPT?&~eZI zl=gJo$N%;|B=>|3_D9Ji_rmc{^?6A$#{qI#3hL2KjFR%wU+{G7?oO3IWJWKCV3DRDT>~yxD&SpDdtyh#tY*+FQ<5w({xhy03EW*tH zTzqwbKQiSt){yD8bIdhYW=f-m;cq9IXbo|fxrntRURlNozNO{-_8pk(9dao-2xfJB z>z{TNofQ)$K%Xnfa~OP9w!RkYb}2^gT%XOOFRt@&--=Na%iPVI>#p)qg(R##Xw~XT zFSarfR5`2hvYFx<-#J*Mt?oARYQ4X$jL^AwNb_BbTEt@GIb1J_BP za%q5#D8^DKk71+mO$$_@9wo-?;Td-HAa5cZV(3Ue%p6!{G{TH{8zNTChW{9rjv>J5 z$55WS(LijiWBANyh#j}aQ{T%x+h*Tup#8k{4dy2)5~9(c$qQ*YMegY^dv^VS%H4|9 z@2M($zfQVQc@GJ*V)#w+C?#FD3qmbpb!h2kxHyy4dk;gR^@Tl?LR1PImAR7tjKBT% z*x(Gu&%-F22S3Y}p%OM7rjl5r-i(s`u~-6ye$;fxq%Ql4SZo$P^r5MyD+ou|igHSi zTe>m8kz;Uq@J} zwyXVovhEZrH(b4@htn9_dfU=nhqoLigc~g!%e39p@7`w6%jL4)H7|LP7 zie#kmgy?d~!5UpoZIuJg2{O`_9}V<##1tL=ouP^{{HTy|; zoSE3nlFJ69E(c@S6$fo{ey@fnt&@}%7ph_kW|JW|aZgEu8U5i%{hfz`qJC53d-lVC zUu!iW@ga53UkJQ%vHa?8R1DayL?X_~a9SmA-&iAbF+4QOSP$ec+&(ylo`KDV1xL}j z)TpW{vW18t_o-Ac3@qJQ?!r+ua(&c{q2RWi?N@b;-8s}NTC0h-eJI`aysN18A}L%~ zdAp!2U0a5f@(>L@nT1Eo`rN^)%OP%1X$M8GF8` zC+Ty$q8JfYk;DpHKFF*{-nK{d6zQ(MnF7QJ!yJQG8gA}2B@A!(64aAjA}%TK;o<&#ACL+?r#AY9W~ z5KJ+;?DU{6mKBd;-o$WQ)>f};Xz(lsTTYSXr-=`~Q1z1&h+*?s$E?K6 z6O%10nZ{fS`aj()P+rAG5^rxkMJehnK?#T8uIx%bTT~oQ_aEndZ6jk%8IV)8U!h!f zOK@^lOpJ)Hkn)cC5y!dw0Vr49wn&B(iRM>X%+FiGP%|D2LnR$eoU$KpgelrdVH9x3>(R^FQ06RJPkyXLs3Sd5>k@_jsOKdTO-akWrsy@1IWS z=FDkGtcUequ=Ik&?rfE?Y{L*z9U15_@O8k zz?<&OEkA+nG|lf`STju9Bsomi3t0GMXLtOw+Rt|IR1vsM#eIp8gtkeb$d0)TRn@ti zD*inc%N0XHt+h=nTuV5vIHOjZ4VDvoC?%6EBD%3I<)Yy}LX@WF_gyT&0JF|@0w#7fggFbl8$N-LXTJWi~V*F~ktQR3}HsOQ_Z>V_w%50TBnUoXTixUs$B z)yB>8Q^(uUl?Guhk@8h78gMnYmvpjejhC`w5*YcJ55W=@GmxJX-ASaS9B*c!;>557 zt_GUe{Df6n+;U^5>GD^nxE@S$2IJ9BQ!H@4S3(F&xYjl$FLv^RlF7by>Lmp%9}6>W zKp#e1qckcWTjL=8}cp|gDQ85djuci~OhE1nr4acxX{!aw3 zEAI|1t1^pMm%%@pO*1x=MvD|JUeB8L;#|(QE|j{`zxHu_FNbD2pGr@#DebgimOYlG zPOvS7mWKJrfCR~g(|J4#Td}hTr;eEden}8hGeX~<5<9K``rU`ki$r+P+5B|4ZJw(b zFp~Q*p#;RhLOgAxn)=Nygu7Dp(iBD4M!AkrUy@uUHxs32Zr9_7!Kp^}i=C;IGy-3n zt_DdIBcu5X3K0digqe1f(4drG>uBhaux$pC%cv?d)NCM70=6N%*LEqEktFu!KnU4YTpx-_vvhz#8W%NK$m^;LAfL3EiSxY0 zIsu7ZEPlZ?Fg%g=hjh}mTqTV-xK=#(nqQvANDc6N1(+vo)hf!}ou@!;W3&u}CtSF2 z)ADlQ%c!TQZx~7q+(jPKTeRZezJ0>TA?9mO$wg4_NHD@HwW_POdiV~yO0Pgx00y#$ z_TwostpBTYF5>9Hq#&e3_c5977*tWyz0-6>Q>Zn>-Gg+GFnbXPfrv z)96;{uz$J&in3{J?)2G*~LXqJP2!GP32M_3)JEx!JQeojMw38<&)($ zt$LlYMLyZv`0Z2JT1&>zD>6iPFtmC=+rg``6;}8uBG?_lI4f&v_Y02$;NW7+9mDM7}F2ezvr0v=e`D|S; zL{QOSkq*CsjZ=NwJhCBvi0)`Fs@b?PLls?9!FSw90SCJeuH+G+{`kjRz$f#`z?RP= z`u&@$7tIUVUnUt)PRi zA-zX(?YN@N0?ku`S+=0w9zM?dK55aAa5^#nmhdpXiL;#dAppJJX7ZgCy+#&y%xH@M zy>Zh_%<6y(rcJXJkw42cRia1SD_-Mkw9d=kG}4!M`R6&{9-F1G4pVBQz$(1 zx_Qh*N=6}E;#AWNanHWaQzHRm2rlN76SA;E4i0bJun#s=W2HtsG!G*Gu}%J&lQEI* zS}AU{$BzA-escu7PL*9HZ6+v9=XAk$tC^vLM!t8I@)p zEtfHZXi`P^Ct7)HE5v+tqgf$s5T|h+vfpN)7BS|5BU*aXc2Y!hUQLni?3HuoK`*jq zuQ4FD@>jn`;`+jDXqw<@8EuML25H$&!}?H!;sXKGiZnp=oKm7_*{F4Qa-(c^;?wuY zt(7*YlK8O}W!F|6CPK%b#|PwR!@CEHYO}x03oh{FToH!OzINX7DXL6_u}e)HWH|l` zI^?@#>tlO@&clz5r`*Dc?cCm>%&&ni$i|C*J%GNowSq_D!@@%r#YZkZV+C3_KPh@o zR>;K^O^hgA@zj%iLO?!27~+hC!b>A#1B?UMp4iAi&?8Ycwl(&Y6vzNTUZ1dQzKxgB zm)DaddkDLgkBc4#-4s%JcngbCvm9J(s%bYPQ*cUZ5UPKqT7ly+=TId9!o4=VUgA;Y z$iBk3p5BhFHetxN#eAI?UXDJ&zsu~2d&M!!RwfUPm>mH?PZ9-iU#_W zI@}SF9ZC-+llMM=*&pUhgXieBBXU=4-YF?n?KQ0b!~u5tSSw_#zNIqWJGMT>&gU^ zFUXX;B*cQGYTwILz!7IHTy@V z<7{8`C;S-M_R_Ugh|Z4tlsHscM22fF!|R8LgP7%GbrDptIu}(I11c~XId)_o?EyP| zfof;YGSXFRJyT(_;^KFsD{(!D@Gk)t_q{{wp0ZYBqfkSU`b!&i zGphy6!MEy&k0f!#lC}9jZ<6ey&>uD;2GP`=VMIh+sTh!>)GpIXxU^qL0~Q+}ikssr za!R|vv}~Y7k1t}@Flb{h*&5EIGwC&* zKMfG{jLhL1cpdqfTdT?*7KA%T4cic(JxoWIdT(FJZywsDXFMUhXz7c3wOUVS}t=T+*+?vOW)#wlsMu?Nk z1>i15CoH_yxPBX}77`RVx%pb9YbJf#rn2;GBcUO$)VbI1{$gi6dGaSq~ILM~shoXvW-dTGF%kY1wfz551W$9>A95Y+%mBM)CS2MVee)*Im;>Bfc z+lTC~1W@i8{Az@(hOHjGz4ZilUyD=+kTA|;= zW9mE%Hg-ypilU>bN2JgE<0{ICrQ`eGWb&M88fyDvx^RbzbpmQFR^4ae*3#0oLUks4 zdKb+mFy$9wNH^r0Ci1Q#$?Ef{1LN)vIZ)6pYP17Th88l)Ck(=2?x!1|{~5vE z7yU+g+eX<~qd8VmaT>@hBmRhwoy3*wrrW-A?i)W#maDeX+!d09$dl2HBB7Dcwo5H~ z`Cdk?=SWUE^-u5NcF>Pq1VI*c4>!0_E04}}nlOVCvn%Vr4SM%`B&}NgH=*w_Sj0(r zy%|jrjD>S7#XLN&o8!r7b&ao${oT24JFM*WD8^l1=fW=@ppuWpZ+{{z*gj#`g0&xs z-5<|ytYdn7pD1eces9$%b`ZfTMjyL0I@$tln;Mu{;rosh%pmD*veH=#0HSDFSx}g_jrv283W4VC2f715Z%CsMzYrDPMfN!`db(@v&8I;{k-% z_v-3x$xMN{K!?b$VE(kj;d3|2gcoO17m$QKm4%T^#UUeiiAy`Yaj#L^q|V*3KeezN zl}wko9%tBYh8NK_=@>1JUD?+a2=}~PHUzkU^XcY!H%i{@;QK2<1T8~q7 zB@Mo`qP;caYTO)RSdC~Ucw)DHxToYYE~;g#rhr&#iN3Ileom}3#BRE+apw~p)AJ={ znJTvhJTlq>cF=K(8!A7!ZS0j@EKaNo0D?^*7S?{s-{Q~fj><9z{s|JWn3=&-ucF4KrKcx*6+O=@R_w@C2l=N|)rJqgIV=yGg6we9P^WxRNEIIMAYrlB$WOgbyaq}P1L27au~ zOGO+ZuJ3zKrPgy%&nJJx-;~I#N*$);Nn;BX71vNqh`#4=Z0*j_RlbY#M@6&_Ntp=4 zXO?pusB{5(AS}80Ob63`h42#|RRmZRW|AWe_Ug7Kkq3vs-M+V|8^;_N}$bUTdng=Q>Y(&gOJY>|&}8c4W!ML8Uw zZuy+n%pqw4;3hTHWy_e-Zw ziDbG=wU~;^cBMw?T&8dy&Yg+o#*C3%S7vfYANI+L2V|#bwW!t8R-KMic!b;%*W3)1 z<=OMw@{{O&OjI~ceIVJ{Be^y2FUsTDh_YsM@W~YUma!*Bn2Oo$3fjs^#RFrZ)sq9h zvOSXqY>Oi+Jy8MkTGqF9r`ebVkz_;JZX5|Nh1Ds-=L53 zuNP&RCG8dmL zn+_-C;AFl!*Q)C!%Z3HR&dLo^r;bjH&trg<3wncNMG)>qlY<0?(%Bs51_s>-6J~*V zrT5#)Y5aKf=a z(;P=Y$vOhW6FYl}_|v_J&~OIZcy+_J6rJIsC%`Phcvz07ZxCV;sJ%ITHNSn-qvq|$ zgm;)Xzh+ksz9BiQBCk6ADzeSzgyH@D_9XrRTeL^s>-sA4v|DR2Pq;e zUdJ^}ygV=~>*u$g%4T%hnnuv~5V&^B>QwvHj8??_ISG; z7qvWYV&@f3-L8e86kaptq3IAyB|d}=OW$r6;bTI9s3{&X&YS|<`Vyw^6JcuBScx;n zfBFC|cV~X}B!!zde!=c+xPm*(Q^>ZzLpjVk2dnq)FV9lef0VYVTi`=|+{N5~w4_9C zyuGwW;?}cci4LLFNQ5dXE=9!3FEet*`XReWrK+%(w5DPk{Ia&6a4Tu04P>sdPfr>Xksh3f>PGvm7;GuggLs;aUU zLK0-ggCjyKXlC^ZO3&RpbOOO(hOo!Lk!#OvP(XE-?ruK(hxjWA+Yokf9KL5z)Keb1 zJ1RS}ZRk$3^0Mr9gW0+41FVS@;WMV!;V=(q;868`D?s`jIAIR4%uVounk|>N>6WBp zy>f2z5FcKylrYW}&@Tp#S{)$JtwNlgaadcky10&C5fQ#(ZUS49@)g`4&PO)UdSiE7 z#X~tffv9eSFLru-!zj=hM41C=(byu%pIPnZ!hf_~dE-$45z1TY@py4XiONJYFz~HG zcsk}LVj9C!tg2LQ!l??efYx+99_V0FLCCFsmS!&~N1yJ?AC6TI`aax+!NUn&8_Yf9 zTcd4ox8?S#*wi>tCHwM-L&J}m!<;y;ZddM(1|C(t$ZkOg5+7*@Xe;| zG_8*3jdfdIKZw-KXrc5bLD+JXSh~AHFQ|{p+8?E+Ml=TW<>dg5(##CavIYU{xsBAJ zv;>@M*o1#jMnDE~jrW}1CSi&?{qSXJL&nK2)8C!MQCf$g+t=|8wT*q-z$5*H0 z`Qo7eN2o|fV2HNpB*|;LIiRIXM8^}PGz#+=wJ<#>T;-eQ8sxSew8Ju**hj?r*sTtF z-_&`$Z|ZIy$)fVj8|2f2m=db!IpaO@p9PO_HI8sO%(jmdF$~-#qi>{C_&dB7pM%gq zM~x#px2~LpUN0!+7s?k_V-w~=4FCkyj#MSz5Nau802_gMVh>a|uGQM1rR6}`C1%&+ zCSV668dMuM|1w>*Oh{6)yFlB&oY+TMToODhWWK5#tp}EjX^?h}z#+`0L~6TC<8g`& zO_Ua~kwQDEn5s`gXO>cfGN`l}V2#k*z8Fkn8+#)wZy|xL2WxUEiFGv`hn&0ErLNbN zE`K?ycU{zsJ**}ARz)H`%hYJ$jm$|wzfdJe-Jt0j@r$z4&tf49$KAS=4fQ55k)5_% zGxdiOq+jJ@{ChH4=}hBW<|_>IW+y4fcZZ3WZ%2!NLVSN0FL|&fIYdI*?&8v~>R&`e z0=}#1B?mmxN%;z5tl3t@^Opz}jb`5(p&mHgJuFw@WJ+b7 zXcg{-(T43K*IT8D;16jUY8X?L^c_ufg*6Q%_zBL);=YL1(tWp&2;~22dwAr&e4$4A z!l6_qJIkPvWYMrf9Drp7V*NF+eMh9T{upf8QorI8b@9a3lekN0^8HJxTE9S^*&RT0 z(rUo%rTR*3$JQp9;iBcL*g8kSUt*-o9~#59*c)!Q&1G&dPwmAEum*AH{>a%{8feb^ zUNeYuM!v`HrA;WCtr^+)o-I=YoReCnsJc*kgvCv}xQs5}``U(9<#^UPuZ;ItD2P*z zp7?P8S;e&;Gh=%~m*RorPdE;VSZkpskq@r+ykc^Z<12RBr(HF_#-yLTG{8p``(DV- zfliP9=lIP8EVEHYJ>n*b3}2o7ZIpy4n78p=2fGzUp-5t@Pq2`WQT zOF#MW$9jn;QMy7Y+!2y6N+N$sdJ)lB(In_lBq9L_$Tk585ceJJT}CU}ohc$u55ua{ z-soetlc}fK`hy(*2)^RMrfYfT41mbQRgBFZEB#mBRW8HrmMrOayUwJGz?#?HtWP$pr z6cT<;(~@P$NdkgPto0$8Sk_COQ(PU?hGSYh;zILE9xJBRGX>zObYHdC zTstAXy+@OIr|(LW->?Jcv;ex~Lcp?Sy`w z^-E+we+fQtt!#E0nX&9hkgT6&k|e>h@RwjU0vq7um7EM8XD%aqU*FY=-bG=}Gl*eE zl?~BU#8*1s_uWMdWcEXbVJE$I1T}ZyU&Y=}<=N=_s2^#jWMSBu-4w$xo9KW7TVTaO z+;v_okug^&yHyrWntra{p3frV5Ux0f__I1tf*o_(TT>O@KcTj>+MeGt_RX%3hO!W9?sE!fDG@ap77!O7?+xbeU_F{lS*J zMWSloT|0%w|I}2usT9dt6ku(zD+D(!P5mV5$c!BzszOB#qNd-i8rv0HJNR0V2ToRA zEcRzQ#(g-_W*zvgn7s0nr81@TaCqSEq~;bdUpP#_z>wpP(R5rZF1p@xaO-e?7}HQg z$~3EqC?*!1C;Noa^w2;vx&Dk)VI9%JJbcrkjRhqx!Rr#K3tFhYo4%3NzS?%j$DwX5 zF;+UH;6J8BmHwh1uAr{c4d22GgKx7xgr$?#1!DVVfBV>Kc&J`Fo2*%MJcQWLF6>t{ z7q2w8+%znPaphKG*Ru==A{YZ8cB^0?l23BwowTUK&bAoQRL8GVOm16I9zjGt4D4Mf zn!Zg)$Zvq7z+7F>GoFOvkMP2%Q<~syOq-EDOk3(X_&3#uW9l+Tp-5=9rG%TPq?=LZ zceu@h%0?>{g;k$8;(JGrc{-#HEh0t2zcUx=+bs_9ho&X(}s;rnj{N4N1O`BDW z4UY*Rk@scS3R?X}4yngM>rh3;Y*TIIdg0>Jwwk)CueaBopi`0kzF(gIQs7zyZH;$Z z^QZNT7r~tr@qxtwoI%HG^+3(?2O2>TDD6Gf&o-eO4LMzgpAJ^Kmp2wdz5dJ8~!P!gHMFnv-7^iwc?f| z8T=Gxy2IGc?`#Bk+&l*rtY6ud%x0IqUB2^!XOK&M+ zRl0U^@0}9$#J{h-K8b`XEc5co%NL#NnnpPhp)D~H0Cm7qyLIkMY+Zmw7-RnPu$eK! zY%BvOs|3H+_OaOHcak%*Tow<^X~?p^$dKA%p`%*0U3`GWkcGxKgt%$u7|z@xyP_J` z@}^>>Knjzk9NHuJs4zimX?fxRWP#9M1qxq|OSy3fs7f2#&_eTzKYXUh#jO4$DqnBPBL)q|b#b7G7O9N%mE&C8Hjj z7}2CH$TMwnkb%T$J#}_yu4pe?1Bc^K*01Ea(?nn|FK4{}B^0ePwRPZg^(}%w^P6Yi z&j5LbR_0ZG?1oe^+SJZc+*Lf8y;}bOALz6#K^1+;qq=!j8vX_`p22tQ)tKPip4+BA zwXTlhChM)59K0aWrWy8VBKxxAzDc;Jo;D$^Nn_J+R0~6O^>l%e+X~oiDw(v5%=A=i zTZMY`p_)q?keAjh{@pEvyw>z=H;7{cFg1`Z8gTi%E*#Am7QJy(uuNZ67VLbJt139# zOUQp*UWCJzz$UP+2fk5x@nM)i4{s5-7#8*)-`43-s0%?TSA%boy$Ej?4^<5n?XpPJ zIGzTgNZ>2hzZZ)=Cwc?hg0&o0T2$1~Cj$4F&mClU4a*T+$M0^OLmNUAFi^#ZQpiWG zZb+61lgyV1TV8(ARN8#bz))R~s`YJ3X8PsJ37;dc>&LdcYM~fi#>F02)gMSOy z@#Qvn`^gowv+GR-+hr9GXVUeb+ROKQxe+DBjD3#{O1b zTjWXuL}azsO9!h1j_(qpTW#l&sn_Z?qjsIH_DFvC1hRvDmOm@0KVTbUk00$lDc*pC zI*mN0M4D~b*BuF@(fkE10F&cRgmF+4X>`od2Q)T{H*KOjIeRuQIG@ai?%wMQCW_xo zEbsQ+G2K>g8NDuQTesE<1iHc(%U?}fb5X{{o>B{xQY8|~*^**?LhhzI^oVf8rOlQY zlGF0H);>QT%@bW8=r$;@|Inw|ouv{$Cob(Q)PM2K6aozTtX?acz__S}D3QzV>KO0` zAYufo-88IEqtR~;IY?vH!^8?Z=Dqk-`yHB`0Da4_9C>hR@ahi>`1$6@UC*0v>$v~{HUV}c$P|`gVnWUVnEMBMIk9&XdfSb zgsaR=s0V)|<7sOn$pNePFg_4GV_7#1D1*VD+z?@b`=ZTNEu(>p2QGk%iG4x_@sTtU0hu>8xRn1C?)c8LgdA5p;VxD!N45mdlY8^W8FkG3 zkM1hb0l!&fRqZ>Ei8?)S6tJp}E?6LEJI&F*EOB7@2}gs}Wv_hNgEZV+ra}r`*5iZs z<%eZ7QdZ)~o~gW!o6U$`^*>cdzI9RX<<@0H%Q!H3^UIZCJ8~F?c9^-9T6|0OPHRX< zYGk;qn-u@D8co#HvVM-sj>JeT!`b()A8`y-qc#`T1CIr;0ls2jmC}coFsWV~34m&- zIZIXY=+h=RW!F>RvUHkh$ec>(mF8bA6b%q%v4{n`$?{PkNEi8P>C z9CAGK4`Q(I&+T&`>z8inmY#HyW+TnkKkfIq=zn1(XPF_2zRGRIWH@+HPHr8vnme9s8M z2$Egge#{&iL}@Uy-F|1750*aQ4@d2E#~~hiKj+dub`ZL@72Tl|sq-7=J*jq#OVvGX z{sYjB1xXM1Q@PU2_9f=%nb-H3U2kDxqU!d6sEBc5-K+`BXDiM1w*wdd>V!CAHpCx2*@Gk7~jNUGGa&( zB5Eh3Fig85Yxp7qx_ z(TP^>FF973=_?`l4g(>diIIXj@>}z(_~i}@v9K!S$5%M0R&DV^V@w;+8|OFC8G~aHUi;L#!C!)SoU( z6zGAz#$TV~MB-)$PRQi0iaN(|$@R%F(yll(-1rM9st^Ea$TdJ*Q7b~}ve7)Pl!5tB zsnodrRDO*kqvIV``md23D=RWqkl9}#L-*GMod@bM_4-rtJtT78jn`u^O!A)?cfare zfltmICAhP7AOFEHSNYlXjbgC^n(XmiNe?eUC7?S}N zrIar}RuZ&~3GKDYAdq_g1Ls}*25DJ+TKaaL^69^zOq-mcS=yXyhBN*q8aqbdh3s7( z?uC}U@E_CnKl61rQ2s)kep6W-rT&L?{*MUm|39Db*S1NTvh#+%%x-}FO5)0qWBq3 zBKml?2#@slY1{&`?=;K`SRib{Fz1Rg|lHGVM z_GwRmAI?AVJPbLoASB{t(+MsJe!7sT+B3Z^JI-s^s;GQs)cLpN;MWDsG0vf2C{rD_ zaNfVkx37U;)K`J+^=;2cI(jP*ldp@-Oa{eJh9s-C5vqIaxBGtz&M06*uu?P7t-nw$ z^EIv|t$%6413kYBH)~rr(&|O{fHBkAHSpZaR4x z{$QakKs4%r;4Rqe#3P>k30t>4T!4=U#BHhjmNRjk{HhjzY$gBLKD!^%6RD&*AY%;N zv>@E++F)X+i?`i;~J;Y*)J`Exsu(^tY1s&1_{Z~JS>XU$56u~dL>?tf~K+{@?8t1{_z@yTeV9VZzA z-D^!OQq!gXIqy1fkW#(V~%>@CN~cu|1Z_TxOB9FbM+G<4PXA5h;ZQrGT-IO{2IK5UBbJZXOePh|J7>2c7S;M;GW!uY41@3Z4W#UWalIB z>X5VFWi?r`LyLf(B^FZGWO-#9jzDjMO>n9_oM`T-&#kK!AHY!H%|&dZ04{6U+EnD7 z>`(1iI(e|9c~_s(-CbqD?RfYSo`)z6S%cdoNh_uYQcF_x3xr#~SVtV=rr`Pv|Sdm<8rd7q%Km6#YYNHZ^Yr(j?4P(vQVEFGA8zVr6 z3~jsg5jBs001Z1Ehumo!kz~=vZZ(h0m)&$JXnV7XyE*YzXODNm=aIK#jG=eETbaXg z*e~9aUQKL0(@=YRZ#@*tSysCcYHU?Cx+rzQfvp_W+2 zYydy6{|Y+G{S6kb#plC%Q(6Afxo@WhD!G^WVQ%?z_jMrv&FEAc_nbc+k+^mN`xo7k znP*mJ`{%du@t);o;1*7Jj_U*k;a1whNvRY|G=lMnWs}+Z8_L9+Bih;NS>=yj3?93` zUS}hYbds@@NsApp{MU0|FN^F?UlZ%K?pG7t5j0pYn<9~zY*@-T%4W2EAOpS334B1_MF=>xt0W_IKcTFh7 zAg_ogI-5ynYz^SlHch8DL=FEl-WC67Ur=*nuIILs#>MhJ!Rbb`|4Yhm<4)#pf}2IV zR|2pN)i6G=+w{qfprGcX)9sl(#_TSnzbFC zQ0$ztzpL@;(i-jXey5M)6FHDyu#v zLOw}L{{fMO%4oRzFB8?#fz(+EIuhv6)vCeB&isfI{3s`rLil~UKD)f9Q=}rqKuD-N za^$=3#Lnq8(h&{;eGc@5cg(xx+6NaYG#a>ZpvYhzW)T0m8Gth~c86K`vohG4-+KR(j;95w|u9R^IbuYeLilbdmfHdEaUf8*C8TRuj;{ zezIlW&@L4psS+2%s~Z#=uLi5;Dqgsr;-k-X1$QS<8iI%aT^P_$0H&8BJZFCE5aQNo z*VgEh46>RREo?U3o_YXRxUKLS$5VhF9XiyJR(NsgGsuO+&}^gvNB6Hx~^SZKs&2GlkdvW2Zi6b4mPY}4bJJx|Pxcd0dmA(osqOb3$oW5p?d_vu9 z_@^+EZB8+u5*+^GD?9My+kzQPa2zg(p+{K0`V*f-dGui%>8llD5BGH+@r9Gl(czje zmVdHc+vvkaL~uPdPv7cEit)DIrbcF{)dGtk6ttf5^AMnOnzdI03BtcN z(*X18EdTp~TLsyVJlV()%2NZD@9~et=DiPlRyEw(EZ+VgK@zfw0%M#>2G?EG$HmLp zHID0NZw{8bA`RBjj?stbAtB|!8s5S%kS69&bz`}lEv6ZYfBNrP8;Fi?#jG)B@v_@Y zryVHIr_HB!pWyKS#R4$3<^*~9X?HT&t3O+q(!v*o8*=bF?3XWg8 z$n9YgbfHKW?fds?d+k8A-33?+!Xorl*Cqv{Oy_RDhJA=oIsb>;8NDn7)Gfx+cY;|m zxX519ZMD{zTgY+!t3n%&Z*x8(=N2dR_bo)nKcmA%ZWMCc>G@jUa7Vo=kQT`6#2RU| zj6{}gIDA&9(7ss2jjm?oCn@~+Nx!h!u6I2-_sA~#+6SH2vh${B2EBvuDcY*AQzEE|`Bt`%4o=^=_;8qH`0pcvSYE&^+exvG1HMGfD%B zJDFdWHKKky1u8w1(S4kNk;s@!NE+S`B7Q&2{dEcKLeG}!V-}4Q*BBADtr~Ej0dMGr zN2j6?`MXlec^SD7I`EFg1>L;y<_B3FI?063oSr(}YgbXsHO_lzuBSDy7Pb7bq5|3XQN$u>Y&R!I z1ZqsLx1qFTO1>@b`h&7=kMp;Vz^~eCTTKkCQ#@sB_JlLlWzf2j+)s8ABez(-M&ilC z)N^ei)#2f++REk`sH*D19oR1-FVWLTZUJ5y?n|@;ZgcgkNoIPAcCojxV+Y~l7 z8Vb(Rb;?43wV#cli4AtOOSh??oWpT<>jce$Dw@?Wl; zB$(do0}@=5TMY~Z!ro=NX3G23${_ddoRL#1-gd&btIjeenh6^?OWuB}QYzx)PkvN)J&6aW!3vGfIXb8t-;w|wyH7KKdzX%% zG!ZXm3SgVi4 z?h{rmi@Gh(HV5jD-ztHHbzBMjvvXS&b8l-&&WQy4k%Trdj`gv_Eq)=5xUDcQiS4R% zNiD%~k~9Cbg#RNOH_HnlSlz_EB zJnDgM?E!hfse5N{SUbr|zkK5MpYa3nW8>kP*04r=)cpWHXe;eoWoB&_6=!fX|B_uT zL4p^4RwpU4&Ccpt+!|qiy{Jvim_Z_FvAQH`0&}7;?#j$~OS?x$4leF|7v;-d~At+d!3HA`8^xyWq|GTLL6wZDu|g~t9VmiPT= z=TNDaqijvh?OFcLV247_U<%XoBDL6kya7%N{s*Dye(w3LT1;WD>DTb~ieW0z3v5Mk z^u39V84R7zwsHphl4Xth@5C>SPxwj~*N~#YOF;7Eq;8Cgmv=eo|BJ|GF$HAY6A+@N z@m}V%3%8Yc{c<+871y_Rwd@M0=ix@=Gu=@V5jwG*El=M|79KD4|@< z`LQ!zF!-OD3xz7^SwH+%oGOF>+ivGZNf+)RrHtRQgHT4@@Ay>)<_jsF-|UT(XKgrO zl5In#L6q0eoSS!cRz4rnM2PyIVF#*L0r#hMZ$!)sN%rCLx_?EOt^&!NUpXJNuc8bG z?w&5Df(ebf33dORW-qD=1oqwZW{%HwZ#J&xB_M|C7C*W4E)qP|C)?|h(d z;i=VpZ_pbgV*aH5woSuw=E|Dob1%n_9jR(hwGI1|2^qw6 zNOXAJz@s5Ud31;0K|b0-5nFjwdh2riavcvN^t@v!aZ{fSh=6eFH4UK{mc*Fo1E9{4 zm>+5lT}a{m{$U+;Gu{~81lK9aA_yK($D$c}#tm9(bXAYH3+K|E^NAwL&%>*^>tgQ_ za}K5B2tKTCy>V$2@cxGDKCww(%WcCycH^)}G2YQymZ}1q;XN7fpE40BBC|Zd7>7i& zF!nK=FGupqn!rU!@`{$;`}Yd2*|skRrS6^dP?d>Yy54<@q$}AhAJJ;iOBh2w`F0Mt zk2@6LDji7UZStN1`CUDc``};*DBnU|<3^`g8FRC?fdN!5pHKksII7ncM>(|n{PY&@F3;`rchRy>2@Cj}B@><)gwcgL1Hue|yapyD8 z14vvS2FOUeQ?HDGU-rEw5lc6{6yRt#v5i38%sb(7e(B+|^cl9+U$d(_nUD7_?Y$g& zfX&C<{;K9*0p$>%4&QDZ=_m&b87y3}ia^b_1bPr20EKskozd7W8~E3fEz&OT*Nthx z$IQ}>cEk|L`P3%2&J!mVdH5AZauHeHbJ1r=f)z_zeN1Iw`r(+wj zHS~2$$ypgA3#;x$nIROPaX2C_WW#aU;&x|l=Mdz_OgQW4LYv9{Xlc4HHy+#qvG&XJ z*(o5>*;Za>SpChp(oX5*<6!WB>w_cK)AW~{h)Z>{mHhc|)~A^=XKoc#M%9m#6^J%7qVQt-txV$~q1nyOE zpZUy&^~UXd>jDkxzM-5y88ia$ocJR%9vsI;5468eVKESKDkl$K^}+8gYD~CdLY*-(;_+H=;VXAOl)kf^!zE->`rYpcOCzQC^3Qsh=8% zeD6I9*(lJd_AmRlG3XOxBVIoF)ir=*-5wnHDJU;sZ4hX)hhz&Bf^6^;%)!P!2@>Kq zW{YpdmnN6NU$NMqav3D>W6A|LH;svncmgofQ%u8Bzx`TlUJHc6$*1)JT{c#Nf%_^t0 zK$m*uPx;cR#NI+g02eJT| zDq9=+0lw!#`_mGoOLrSQ+w3SlnNP%75PF z4~6!Hgtx2wz4RdF?@loF2R>MxPkQwKosxf3_2V7bzwx|c;4K4oer`~#WRU%f z59vP{?2nUskqM;fttLn8?@lO0{sqN+b`%u-yZiYD1QF-G6z%`2ZvYYg|8~{=YLKnk zH75Kw;UwWsFCa}%;~~_4cS4pTu!W}@#R59nU(Cfnsqg>Zh~FR|q=0RP-&H36YG3}3 z2|#`V0(M{=1b?$vD;~%@Bv9P-d+oPtyj>2mc<}5X{@p#n^Ztyu5wZF?H&^KIPANqH z(4~O=D}+#H_8a{_yDfXOi+4^ebUt;!q9Vi!{$+2hC*e1oUvem94TJv0@k2zN*e$zX zbN({`;t$^X>!9#g8}K=5ul~Oc-tGd?-UfAk`~Su#|DAcnfXuVBJHGI@c|jdWQ$lDE z>>mgF|1rpN{DtYg=~r)R#h{FU$n3q5ci@o6*tS(}uJ(!!S3D3sXd!rY>|t zL+J63nKEnn0xqcB!{wZj?m#|~jsdw+?bWm*T=ANuj}I5RUi>_iXk_JIK{`Cu`ldBs$z5A2bZ zY}P|wytEeVOo}GY4PuV--Hmbtyr1*Y2wH*^H$Y`!gw@D+XO5H;FFC64>DIlQ9OmFHy3wWLh{uapG!3k07<$CM zq4E)+#>nPo01_#KmEiSQ_K-MmySkogqBhz?;^1kYgg~!Fn-}`b#T4VI{-!|am_fk( z&zvqj3VJ1#1_)@|znp!8T5ve|04v;}p3E%6TVM!d?XV0k+?0c_o4WAqky29pypAO` z`_S0*!Z|a;+N8Yaa(#7Wz0nDR#o-7|BAI4QTrPr`Okgz!ZLw7QO@)- zBrLJbhNY({`+g^eG!{cw&Z|#tz4OPVo&7UoYdja2j2c5Pbx#k~7K!d^%rktjZmZ+^ zZzHjTq@&P+a|KcaUEu>`^EmwrF7(r8PYl3-++&=~RWEm0`ll6oET=VgG)Re61bj(s zH7&u8%j?sO*45-gN)GO6GjaC0(u^PZ`2z4L&|(6D*@n@KHu&`C=Z4%&G+1hv)*Y8$ z=w+GBXtN6_K&Qj~tLjeFT}1f$o5gSJk2BGBPd^v5Qk-wb?T3y71%zqDkK>kmgo2sp z!L}#8htnR~MkSx|K0;0Rr`n~LE6|_gN=$KmSR?*=A(YC%Vz>ZEoN)3!eIfP99 ztUe_liDAvYeh;Hbic`&-@UjT`IPLK#g@p_#EKZFzdOVRNJq8@C7}!~8)#HOBZQ1)C z%5P^+Fp`c_goP(tM)$TL;13?Y3R&efu#hb*d@GbJ?&Ry<1AGcd^jjZn#?5?w>f1eVx*J z*H+P=q_zbQ3>NhOlsUiM6^*$Px|uVssd7P9X?jfkS!c;&hE#8~22oj$)9rKGuevTg zse*5^=mF&=x4uX5q_M^cm4N#Vj`L#^w3kKsCp;>M7Z8FFXcEJH;QAe1t zSOpdHL^j`a4kz~5LeQo}Ezc&q?Z|5DLKv2>H?L|u)PZMtq&I!XYtxnc0WHS=q`cufpAc=&8?G`!k1m7rT zd?RE~5{D5OSJUXI(>h8nI>gTVS|@{0S(5(-%)AavK0cx%H-4e-bGBY)kPgR?f!~{2=c1Pz^AuVv8@@ zV&Xx^W3vP7mAkW#14!8vPw%BEpe^*I4T|;U`VXzT7RP*uq#VvvMoP}8%L<+DLm#Z? zZuf%M5=4_y9?MH1S0491XcS`l+DvEmMwL$vtky$Ko)(*hbYZy7YV22J!qr*IB-_xm zMog}%L*0may~w!Xy$1?1^6?uN-Q7hTeQsTEQ01@u3KebCF>Z3j79?N z*k=8dA#2bg_Og4(g_b!YfFz>-=wy;KA-(+LjHJ@yVDn6q+&r>z((x48Z)>#sGz;wJ zAkB|SsU?(@1nm#CMwd@kuAvEA2yrjY2mn~GNGZkE5SOKTNc~YX3I-D~IwGdA6uwt> zoSMY;Fz&CJcjTn-4ztaiSmh6f+q*(f12HsK+}%_y4&GKul=T3WB>y@Nk}YZ)Sro4w z2tkY!?*tF0-8LG%(Q$Q4{%QJl=S@$}6e5J^Bu0Iz^dQ6LV&l>Hovwk}Vay7krgB8+ z?acW+S8_lFWg(C4e6>U8-m#0=%5H^ItzeLm>R;9HQA|n7y8&Y&lQMqCat@4!?BUr* zMA+I@l%K_mQz__wiHpMxQ$=F-oK(PZXS@-vieM} z7%?GFhZ*`no)DSxRxWyR3oe0?a<#BdXYy0Cg>cUD6oIvc^JP6(Mbe6{$4F0B>-ioR zX%=+#$)PK&{d7V-vzLNu2+*PRg4M#`?sjmEg@xQ@X~(rSVCjTU@TyVZm~MV31|&NR zp{4TUIE=@iHKPaOEXS|p*=I2p``Mt)riqp+f?TjDkGkJ&N?u5>moYJCN>+2m_?2!t zOtDBxs-^i>`4+urisVT61q8l9It(M6Fk7ymO-@cOG+1R$pF7NJIN2l!Fxk=^D`+Rj z2?UP+T1k3ujI=>}?RB`NrPQP@hD)CN`-Y-rd810=o0CY9D;D!@BVi+9gQiR+1ub-1%pA2QVR%*h2kiV1Wh}5PbQ=-dv3$u}A zn+z)x+8>9?Y%_1o_u$xkCalhv?CE4mKGC|rzpJv+D3rmNyoSg`)&X{h@r7_elyCykqGsO`mA z%)4&gC*-u}L5#X@LuI+NDNGCaCF z)lq*FnUpM5ZIBqZLt<{L0j1zs^7#mC&X#K^f|kq;%8CT10{z?4lTUjfE@M-4U284EOdiT3|=^W_V0IFHyi_nw+-B;TcVn zzc?M5?g(SVo5aTX$e83#jFt?U>EIhw>YfS~JPVHQykgoD)gSF{L*qrgs|sZEule7K zp>DT@uWu%uIGWGolk~s6Xx`9o({$%EVODjZHRjyo-7ubNzysI5JB8+sfH5Bt{MM;$ zni{pdq*cP~!XFf6`Vjo)eDCN5%^)zT9BqYX@>Ub=ytt6=kgJeKeG+0wa!fA)G9xGb z`10J~e6uA@?~00YPw$|zc7MROI^(hBZ zS`5Zd1J19JUg5j40%X_Q-ZYhlqp6iIeZePiTP!d zn?sstjD;2cEhqt(UTb?y%2lShCqWa(xe;6w?|UEz==*o+kI8TZ>RKI-W}1_zs{Px8 zLb6-pa3qPCK$BAyjn zbz2gUy!_h+_YMvHA=^>vc+?E^M)MA@D$i15nx@3BI|JL0-jE-ojjR?VK5ucBsx*DT z?3juqjq$XJTzjRuO1Cwu2`Jn5Xw6#^z05tSGE%NmyIcI-V}=LVqtZpk9w#=vR_y!Zd)sXJ#HoD~}$@ zBOF#Ak}{wch&OEy6IxTRn`3Inq~31HUIRFpjuDy3pl~Nz$C=Cs?tKyruL~DThYNdu z!Jwf4>{_#Q*SvyrXVkeQrlwHD>Lw#Td;z0}^9zc&yKK%VOba)=kcejeWZ|nOi~N2> z_T34*6=+ZvW`ce&kEci+tnpuxTMq3o5~DG<1V>?ea*NOAzio zWi@dV3eKrA9U=q0zDzK{WoHXeg*rZxL?kA;HK{lTdAdtn%Sb@B=D#kHUSO8^TQ$S} z0Y^wYRDAjD-sH!8++lx$ee5ua)a-FR}VuHk-J`hUEh(2;PQEAN|PR)f{BSWOL7b~S*U|8b1R~g2)E|jDpyiR7pdLq zcSq&~qp_YwqeNXWjY>>X4z3uNZ8`jk^ih2yE8hMmK&9cD zap=bEUa#Z!Ld$14BV&Um!68{hE%wU0VDu%MFXTm*f_>3Vq}UXR;!$~!x-T!~FJ&C^ zQRPlN=n&JXI-UVFy)y*xeD9!>0_U5Jjz;eh)0+H_4T8!q!}iNID9v(s6o}V`g#tkp z3(qC8;1z?<9OJLA8g*F7*GBjzTYM_!g^_#>|!i}W1qv~Bq;Fl@$;qUt&Lt4c5~$!DYDBE z-s;Wf$Iu0VruuZpY}vlU;&urPePXrq1OG}u1D#is$4ObgW@wF(-Y)cWqr-l6G8)IQ zYiCY~LbwM*G!W{_NS#=>tE$l2Hb9QBIy))~EZT6M!;lxX9&e6jOYcvl&whiyJdxS8nOr{0RR}LN@XsZTiUdm5iEk9nl^7CN22E(qi9EF0c&!2D4f_~vwhZQK%XQaTsW=a zKBW!MCk{9Ad*&g90VF>DQ5jBJ`RPcyK5uzp{y z-OvHHh>LsspeQNA1feFAXj0x&iavp!yxCjusRTglk~XG>qc84;?OFGkn1Jnl9wQK^ zvFo0GxF<)#i^acruxFa?*&p>XCvLj87KuTGXp90P;nfn@Mi86Rh8V?=s_&R)tXI2@ zlL0r~FI*s?0il(lhiE2T1U)br$STd1SQ#hnJd+pO?^a>0a)`L8)M@I6X^GsZY-7Fs zB8!K2B`8~V3=*mjM2}{dQXT;7r`(2=-EFQr>l^gk#J+r*JSF|4ucaELRwVIVw?h@` z(K}xE;d`W>NX_hEF5cA)TeO~fw5%3i^QAJ)JvkO=A?(%%8L;AB&06&=*W)j_F*4+) zrY;xsV(Au?qcT#xmFAAw?zUS#|2(tqH~A^{kj$r%Y;QA1DpQueUZv6kJ=d{qvrXI7 zaEI^D-qLj0O^iKlG}eEz$Ut@8U#S_G&R&wv zi)GCnM%wzy?wGptv46$2j0IKmR21&Kdu#lr`7%V&*kZBF%=y6l1`}$&N6cx)x?k&0 z{&R1Pua!FIE+?GiA&QhW9RajT>6;kv_OP#8Vv`LTklh#=b{WT}oGdYgFU7R-%5P{w zW0+%?EyOe70M^M*58Y5TRNI3+tOYO!t>CD_nM?0gdfMBjdg{99`8m~(OC4Sv*Y4^L z<(5ECW_NdY8lPGT?<#hXYd&bpP}x=POF-xo19AdS|3KiT<3(dIeY>boHFx2l2KPGB zQU1Wg86DGj77v9wH$=&m2ABe+kC0p;W~|R4jlQ-{e~s`oz;qEkQg^Q!i-0_Gy&5o_ zVn@)Xc!mSQMn%q%G0RuBNN*C-@|FUor$}@iy{?^0S0vjCDK~u^4lROs*&p|2SPw%S zAYd>w@yWLXC<;&^Kq6g^jz;ESrhfG5OE{D-EK$SsDnH5*6LX`tJ>B#=%&Uj4d6YZK zRUL@R^bT4$yIieD<3j>e%L;^2_$nG9rE=ZeSuHcG)Eyt%%TF&(nUSV(XnL=zstafjQ8?*0 zsi)f*qAc&VSDUM}t zig|(FKeLala>Z=5JtzYkTWpbx_xoi_7GX`)pvnrZN2Z0JZ)n@OX)?~MUbjE)4mwL0 zHK64BH76rJnMS@o@!%k4dVt^GOHF7*_T!1%R~A+CHPEWfP~?uJ_j?L#_D!zQ)ZTpP zp>qqUN<}=Fyt>l6;76qqB91nu-SSu$}8(@C|8+j!V9!%fC{21d_8(n{j8kdC0UM{y-KpH|v@XIH$evxy2 z;xuek3afwv$Um4kUX01;{Y9>F5t14!DjaXu>woG8nCJK3W~OMD6nQx%9^ z!biUW6mxsft*K{0;cN@&Eg?)MfaHW*mq089znScQ@ zeZ0J8ZDyn-T~$TSW`|IFk{AR_-Rj98JEvzUYD12!We6V+}Q`C z9Xd`bap<01Mie)Kgy^|X=&{ohHZ>>ob}2BSm+`gxjK5Su=`v8sv+3inY>ND|(h=Co zCrE1`N}8)8W33}Xnx5QOyEIa@+@M;PVU&>@wJ{${F_xVbYta4(*c^y8yI9|GgiWJ z(c7cS)t(d~*sfj0(gcXK@?#K+Y;TsUx?CBW2N-q;k1k7Y(V2;XJ~@I1lVWP7X-?8| zxT!UB(&$WRa+G`;TwnaqQN7=WKKSSWJ6By}EqhV+A5x_AyxCV6qAx-nnkY8jaz2pkn3)F$IG|Rg(KkJqC)SU!>~GgCb*evoB0uWhrKp?^mK=*; z%kua7o+&A*N^Rzki(wiLrP`|MEnW1Ch#tsZH` znS;@7zG3H5Lm}&IqC4(=d-}592NFoxV(1+M9jrzp8I)A3JD^LnP)#-r7-)AfR?Tv8 z<+D%cv?tE_x-J!OwC@vyYtPNWO}_@%dWeZ!mykZ)g^O^;y z^52kbH?`!8|EMCKuWeBO{p3cJjOr_VYnM!8^)?($Nj5r4(Rp^smZziGEdTu7A2|p; z*0X|a#^K4#1=(^sKnd--L@R|)W4|V!%R2OJBrMmNWo>qt$zn>GrOSfQ@_F`q^YrMz zWI#c_Qr*T{#bx!dP?J(T`nc-Hig0?!2+R;AqXLt`FX8e* zNpS3(!Yt1V-!ShLt4z@_r(&r{7MYk8z9X3%4b!kJ26D27iwlvoFoQWVd$lqn)QKslU*5o;V zvia4K@|6~@E#SzknouW(^B>7mK&wC|vE_6@fh5$-uqW+OmQ@=6O z!~}9YXk1spEpZduTCO_37vE{tJuH!@u9A!_57komEKp4dS|BY^!s$AHs42ZEg_cHS z>Bk8D@^83{*TiUWiOAhs>QIY;9ipmEjc>%p5aT<#Z@Jr>BR1|a#&?Y%ui$GT*=;wD z1MUopIxk5^Vvu1V7zTcBZCv`-sg z2_08LZ^!Hjv!#S`wG3K!->PbeMG%dbP!ahB8Ya@?auZfCq|xWswv5d`zYJd-+zkvE zbUFz6q0Sy#>bSLxs&)K!&r^Kfez(Va5(Wm3|MZN>&}!Ax{qlLgM+oDkp4$!hmgiVG zTPnGjUM~M3m0Zp+A#C3!SyEYl!j^wpddES}4lE?{N4!U&=?4hOp=ef1h7M6}Hw_MW z1aS0cXN@XBKjuz_GMWv<#dNb(8FG4o!pb2ggv2?g@NXR@;SvP9Pt|OneoCF*FI4$# zn=p$dfghd-* zF&(N%f+S=!ZT|{HZzTQH$aKz>Sdec6d64(Uj|_39bje=nFv@dzT(so3P)u_dqTNuS z<`Z*qGNcssaI3|S{1bscWXT7Ay7D5oz@yyQ1}bZ1xiK0}xABwXEO&?tO?mgUNchmL zTpcV{b&a4F_$>L*@!4|qSk6U4f^C5c6nD>8F41J0{s*0asCk^FVu2Dm33*C(gHO>G zHooSZOVl;b+4yyL7>kGlz;rclSEQ%qPlGid{Ue+iX&T7M zyUlnyu+atARnlwRh8+$T%BghK()!;cyk^2$&VE1x4m#SwIA00((8Mz1r!rtl(!9{G z>1m(KD1Y`h8)%{)6}w}tw8{Z1yZR?MkjNS26LRV>DjNRQ@wkd*KJPE;-?S_+TKN*} z7#UV;6m7s}Cs?nf`(SW1F*YaC>77^3T@AjQ3GQe zezJnKgerLiXELp2LvF=_=i~yu{^(qIB-A#nfpxrD3G*nVh)4sCzOYyPMBq zdh$--f%Y8-+TrsTjIIUF8iQq!EVZ1`P)9kRSmY$ETZAuVKpLqbKL|L#(p=x9!2-fX zd14Exn2Mw6I+DF7;}4IAn%K{eUiZ2psd}e#TT}|!N7AcM#L_rQ0G5=W>bOfc96CdF zb|@z&8Bnxu;&gX#7f4d5>o;p=L!)-(D^f$*-tXyTjc%O8!apU*QuhSFnNrlieHLXulO_?>M88)AQ-K!fmR@}^8NT;qmViK)UaNf6JGtW63iwnD??3@IbqZ}8OX69( z4?PyA9<|zfr_s`9G`4-Mj^5$7fC>_FXZTC78m=>8YMqe@j$7hThz&!3z2Iir7+;`M z7$s6NRxcxIh1VvO-Q)#L#i@ebTfo#B(2D!VHCTO<~yd1jJ-7B0X9X~407kTQH>ByWhU=Jlw zsIuE%?FPVb?Al|oc59YpFA6&$#5|Gk!ACEWwQ&bgq>}w$TQ|9{qFT=&+ni8~x+RX0%~=2$KmVAqY&xVc2p+E{qh>KyE&2-M;oB7Zcnm;U_C zN*pu%vH3*r;-;kz*1{RFM(;Tib^S6YLvvWuCi?Y6r6M`Oxh@|M+!x&5&TgyIo6Azs zcA2@T#n9z~(9_;a-5C@aUgsqWSGZ-1_nWt8gt0TBE@E@``^01ty%i)dQ`*<+v(xLw zt5y z38w;_6yhBM;YH9p@SkF?lQwy(fLU;;faq5oZcKr?i4*PnJZ)@q(M}**+<%W z^t9X3=@mJ2j8GA&uuj~}Mo8?svX(RIm9x+)x0<=jc@-X!RM2HS63G~kzf|DoHAWOy)1GCz8ME21EqQaPkGM+P!1LV-iis2Yy zZ|j=5aQ0M?1JAT#>s6_Kme?!cejvbZ8(mMWr6WMMx$$XS@Dw2n&XV|x_DEWCIZ+WU z)cv^nw%yopilyeS1cM)6rG0%gHg=+6l9)U{oh7|+&Y2_3M)kqAb;p1+8zE+7T6f5S zRf{UWYbq6H(u>nRNx2|L<{e1tPd#Nc9a|u0rR-6$6`V7%5+N$1G!f%G1}0U?vauGAY{YM zOznol0+)I;<+#BhJO5G7Yvt-uEQ-J;QFx^oJLo-0B8fsg5&vYAhwbvL?eBJ~ci{b=PfQ zP{)%2XLQPscdpQh@`VVTP^zCJ)z;kns(n$n*eS#mDa=ppj2;zxRI~+dn0Y@L5tOJ8 zY@zuLChVBuH>d{VQ{AmB4u^20MPV;%5Jwb~-OLULuDu9MAMx>@%CWo8Puk4f!_k9~ zZCIh#%(_cla<_NxwBTBYb8kgXt~qy-nBEa?8-^7a>|y(BUTQh>7OIP;;<8>NY`RxA$qn>yU0w zMnB(CjvX-jW#U|jbe0@U6da3kv${z`;W>RL&L7I8LF748;hbs6s{o)puSFV0{$2|} zI4t8H1$KpQgbhD6^_J9g-VuLqbrz;iO{@RMW&hdyyV1GDMs6{%%L*JVFCW4n9-a)k z38;A(oQ*`BpdM+sN>_}JaDBI6vw1U5mKtdt*wKH$% z|GjJOdvCf2?6>Yqpgx?H3OO?bnmMR5eX~Q^UjgMK0ZuaRj`c_*Id|7zhQiP)w>w>2 zZZrHwc-pi;xD!-fqIy&svPG1H_QtdmNp=^|674;^WIi;7{7A~QU-IB_0P!YZjX(eK zR)Ml#DmE!$uvNT@KH9Azxe>z5(SlF4kz8v_4y9r!^z#k@ge4rO&1hj6jBz&Vp3!5x zk71iv|N5wHaI#@C=qxJ^1>xb*)?*Sw?I$y%eB+puw>rdBFObKNETjHqn^#yDMG?A} z$b(MVLr&X@J5tckS5TnSrJnJ*+U0)m`_s-IpSZ{i617HVnr8{YJ__NUqe==|4sup zXT4YT?u3}?Lz1wE*TDNqERQ~9+Bc&IdQ{CW-G|BpzKBp&U07|i-;(szaImLI4%Z_{ zX`P+C0Rr#P%BuIm8YleN!R^gB?vQaMMw`m|6m-Yp-|hoEZzw)IJ$bDcn|Bwi1UA3& zc2@+`zH+g+20A)ARw4=~C(OA>^;f+wh{$=XHD_RMlJ-%00+EGVA-#E=FQB%H!zfN$ zD!16xKhM9cIMAv!c`uCAH*7OI{PX}MMBJ8qMEHO`n8@^UvDss@GXOtIzayQ@TaKp2 zruG_ulPaoVpm23_I4x}>u+@F5A+KC;FKhUMwpd~`5D-Lf(xM&Ut`CHu%~$u&3*9be zau>^p(}#c9^uF%a>&w!o?t)?;j2B;Im$zh!^kfv!H3-ii0XXH2q-5devH&fs8XoS zfTmPe@R5L`SL^uHYZq3A&Ps>a;K`+5s%W?CUsIVUNp(B3cJ?H2?6nG8pl+ixAk8%~ zK>?xSfd;rty4>#bKJM8zH~8#qd`=prSt!*&0*SuZq}}C))-z&#rAUMPvO$7YTu8L1^y*`e7-xRPs(-25SX=y=^v^@xd% z@>;&>B3V%P5X&6ZmxCbE7C56SQjOJ>nXQOiohfs6S+%blEUnzm-xH%IL*IlV?4;Iv zj}9Z4optxomOVqXA?h0*Nr@$3Qha{};SWvl-7UdkP+WoW&ud1I>VGEb-I3mk15`1N zR~RyW#f)ISmx#pnb&=(HZfOs%1Ia6IWk^Ihy>J4T_uE_B?|NP=7Ln$l9UpKK(BaPD zz~fT0`3NJ}wdVlyXmPBD{@Vm!e=SwRp3r+D>u!Pa8u@zlW@q1d;T}trKfPG$1Dog^5_3jm1eRPP!ujf!$a)Po8tJ!G&Y9k9$U#0@> zby-IrZw*BpLD$VT8VEmfXNE=}HoG!g(zhgv$@S#_0L&>*4dv3)hAK!*C&+jrUjxz_B>yobUHh|gQDA1^|rTa$MIxtV3GRDn~m5F zd{q1uYziB{+UnZmZ|sgLr(qsEKczO&%di=(eb9SGsqw}|+qYZFk7ztUsMNAprU_=% zx{Cvc!SFMyXhQ)2T`=<$D3pB|%7he7@wmH6{xUiWSmfoxX%^gJKP*;jPOtgH`(m%u z_ls0=Qff#YVr^w=b3v0$Y4kem*0kyqiyYWwL|9M9pZcn??2j2PXS1YJ5thD^pW|H<=;cgFZ#-&`c(0JAgn(8B=V+ zHU0t#h%00lyHyn*%lXT~xmre6EmT2Z+X_BV$GuI!-G_KTJ#!Viy=DHxka4id}hB z%~q`iuw&g0F~qj=!(j$LIBGs}TZJCLVmcrK%1IjoVa%@CieBR}kZ_X&c0)o?-n$jE zYi!o?U9nzw;yC?`p`$(Amt*^gL!!inD4n@lWr=5J=5+`VyYtIF%(Y#R=9}&n$4J+f zppkLCG~0Je4pxY3%(J-OLR#7ML`}H-AYYPfy7N++l05Wj&eg#0d$HBEg7C_`(;!=-YIX7MaHTv8uJ(!yjcoUnwo;F?LK>f0eQ)d;{GZaC#t z@R=hACJRX6eBbb5?s3I)03lW|ovRf^3*enji}g23w$?4DRvd3pJqI61|z zyiCAXjk1-xE0)aACRrsihgm{*?uXruHUPO6VWWg8JOl`?egV-uJ5cbcs{hcz{_tInS@r|uv%bC5{D-^EwjAq zrqVEiAlTm%=xP(rx<@dsAXs!GD$pmKKm_3~g^yJ@TTxhOB5fn_(@sfb^DcI< zqZJ$RrVu!p8s(rh(I-KwlE@()n?mk8TPgS{9vW=T{^!@MCH@x?uhz>M7o;{%oQ{gA z_?B1w%QAruOu_=y*W3}BlK5sg;(LKNY>&-|2raf0_(jIbS!pz;Suf3?jU%A zUc4AJxrLM=4P-$wOo_bml#^1$BS9e{y_4+~Z@O7D!+`(-hu|WP8So@DFkpUzx>9vc? zV*|cNZh4(6@*{5O<=4sC;@OsJWqCW@OC^SRcg6PEjOL*i+cPR`^&&U69!rw*kKoV~ zimS!Qje&5uf*u}RTie_4B*aw^Aui^-Gu+Liqoc;Arc)8|j|O$!N@YiR$F3jTi8aRK z=zx!??)*Xigk2ZQpG?ZK8%ap#Ao<@OJR}fYa$wN6%ui}TMI%KK1X4)*fFCFD^@Tfh zar@NY2}J3RAsRM!>!z0(@huZqpups0WJ}hQ8w_0{Q;{2DqvwCI!ta;9e>o}G`i94>bxOQgHEZ>GCJvFW{!jV*ch^KPiOU(NWjqIta)uWqHdPJ2Wmg z7OuxlbUhfbdW~n{X>Li53~>qs98OsF_rR^m7O%C24<3B%6p#9Rog&?J? zmUADHS$_{==-mC@>0j!TUP#*LZab28r};r9Sgx`r$8H*#giFO+MCxvhQ39MY(mK{}?LnRt@%KCZ zzcOr#XPNxZ@elvskXumDIR6ZC z{qb}EW#GLg{3B%b|920;n@Q8FGREQl5KHnlu~`ZIXMy?qk@@57{Kw!+#&1d|0Y*I> z|MA!V%bW>{PmRs0A(@y{dXt0CIGpOYdEv$Z&t^S;%x!aWPu9L^*?O{ZUTApY)z1CDjV{kNwfU6W7yS{8L~$QkEaljNDl@i zA3u)MJ3d~=Wg8mx4DVgle=sRv6lO7g7b8W9ecDVFgtCTh*Wyt(yg~;!k|739vbHkR z@gZL#z2u=}jpNbM@yxLYv8YwOA!sNzC^)!l@&`$G2UE)TsFW%zjQE9CPUa2qNV_+- z>68a1I_KBT0+2Xt-3j;t9nJ3ubXQS4XrcSM|^4>HL=s!+P2Hhpnb#y={KAuhRX2^Gc+@E?au~V`2^S(Zf zmC6P1R_6^m2-zkq{-79F?qx zlQ6}&P0DxrTnTUeT(mG)er|j6Rs84W?~Cv;^R?!RM%bI!j`#rrR`>xzJa0LBW!9lH ziPXn_nbRkVwU`;b{9P@xGl|aA`nv6z|I1!NfG5XDqj_pe+QptMnML%)MsqVCp`a&b zhW90$(99O5{8GRGgL!-H_}MIhKjMHOiAPo6y$qd}8BNnD&n zJ&15eceY&^kxU}~Hg7s(Q^KFmn0j+}4196hZWgL7DHG!3V9PZkSBQ<}Mh3c{zq~q^ zHjwk%b~%Aqi2Y}8+XcTA;kxM|6SoQz1YeXnc$Lg;o@$hwKx$QZ?itMIF9wM&A3XRq zUMbW&A#c6lq*S^(Vuv6CzFeh$yf`)n>41D2;6dJZ41ye@`asV{0 zu`jH)(8dVuwrj6?qqrH7OCLU;5L1qUotv@yX~~8(xJPCbgLyBJ-+9pS+*iq0(=m~uwI$xesg2VGj`s;ys3Jk4gn*M-A#=c+ zELS();$2E`zqU-{>zLAOMb=bygvS>~79g;V!z&GYgg2u;rc_fHr$#e=x&G6_`qk{2 zsKO929+C7wLw`|y?`+qs-_7AA{TcOPIm$$suz&inCZ-yh?&vwfV zC@hn>#nwD<-ZPibulwgX_uH>mji7+`!L~e-$7?h>oKEPvWy;sJNs+nggR`C2!)oP zh<~Tv?(u4osuMb|npoDF!W6sRufsJLpVSoJ9-8Vo^kb)d841A<8(zarmSd zRotBq8R9fCYi%Q8$qm06u`Lzpl$U+@83Lb5tP%iiaZ%`DK6YN1a8q&MiqY(>RUN4 zZ&26#Z3>h3Mwh7Lj2JJ0yw+jlM-5!o)y~Ppd=I~M12`U2)2Al{f)`O>4{Jufqc_zg zL~X)y{kMhHE5J2ONQfx!0dbI>YpmhjRH5Es)uWd`pQ0SGE2eCN^dz`p6W{KD;Cm{3 zR><*SlQ(Ty&#zW?Tf&dx2B-4@p&2yBOzzmBB?BVON;DqEl=-dNK~*>wDn}C>DF3{3 z`J^-d8Orcg&^qSijS&`?pHPRa0b;&My%O0%0A7bZW`^B<$20Znum_c>S#P}@S_CKQ zkg=Mt_9ZQz=CtfKb0UR)$2GO_P2ectLkHkxvY|o%%3*&ZW1z`t-(IY=t}wne5Si$c zlM}mb+l^|+WkXGjvxRUrl0h?D+NtrpDroBi&h?R3_QXuT(H0}v@ePgopg-EA_1&(! zIS^8EHFss;d`B4E^zUL%!Vl+0r6SAyfh|s%+c48}Xhgbb031b8!)}yZ z`>YSsArBY_njf~mN9zO?W_D$QR@+&5#`@7)o%M-Lm(1nJJcN_kpv39eUp_IbPZ)s* zRLwSmMGF|KFua|iT%ucB*`-Vpwv~`~)vmh02K{!J8}H%V&u8k*9165FZ12A8?_jic zoH4uCSIRdG%4>bYQ}P|-$LT8152FCJFG-5{Ci&`B=zRUmIH^t{j(-2`!J+GTvUh01 z>&$+YHWtNhXqa`E4I6}ykdG^8Vm%=gKQ0i+HIjU%aeN298WHHV0#7{4Zciqei*<*q(Mh_M3kTnfCJ#oHsjr398 zcZsZ|FPhpGh~?>4#RF$^tr33N>o31<@VyyAR_W{BR3*LEa4zrx%1gOu2ju3}7PSsp z$@jVcjw3oLr9PC|D@(3|a}I%uzlv3wZFpUlDIfdVx4=26Q`o!fgYMaE&A7HZJ!Sax z)hZG8KEe}Zn`jqV>l=nR#fGXXG^747usjPP_zPoS`BJ_8`9|0Mh9638rQ3>wIF3MQ zXhp_s+wsz&UhT$*{SaU5=BFoVo%b9$U?=&P3RH6)mEF=4qU!wNgWRy5-xjY0DNA-# zRBEtjpBw4ZgWl%(dz@Brlo5QbRmRuFoa~vp5Qe8gWU0@4*U*ElZfv*2tS~XX_q(tp z=`#>bHHlm6re-k7x5`iTRQbk+zTQ-4tD%id_(qXUhLy*D^wG3PrN=;2W-kyGRe_P_ z8nL(CrMJva`RW}7@48alYE<6dAz8mucPs`&9Cqc~nV8mEVN2D(GST6ncTsKbyyZ*H zP<@Wg4kOD+O*DdA*L-I`{qOIi!o-pMHMKHB`X;k_>U?}!emOYnYWIWV4g0t6diCv7 zkMYU@zraKSK2if?vMFkrp7gr)o@X+J*P-56XsZr7(>0MbG#O5JgXyy>C76mj7pb3W zNm@SmdU?B$Ry&( zsQI-Ckb`XYr^2B zq=IVOp1ICUY0JBR*-I;Y_)P9!63fQI=!PHjLY3L_fl8(oTe)5STTEJoh#VdM7rh^3 z!yX1FK(Hi!wXlAPfab0&kq@Ma$y43p0PFm!zw{9{d^656$R*xnLAP1lG@M|<`kL|b zlq51PI^iw^QWgpJHuE|!Q6VosD>SrY*sqFq+kXFqo0N2pxwVYpB%ZzDj%Ur&spIpb zNf^$U?Q#{~m(TL;FWo$Y1;WykzMfRT{>_B9jg<5V!K5~k0mXvuyBiMLP9yHQl&)cR z#=DbraX2cM%L}hl#APdDDAAq<-7Q6#I<=;KSMOI7 zgf~}Hgz#D;xp&dX?NUmsa{J|D4X*fe21+yy-kz;4_=Rc{D2<4`WU>aTC+@VH36 ztQ8o|T{{C`=9QI#Pqc<_21`b&%8u!J3x{QAyR$m(-i@?Y9K4ZqYlB4WfR3HQ*t99^ zX?I%_^-FRI#@qXNTwqtH(ZLZUZP(_58W=&;cd<D?6?y3e46AV5jJSm$a-Fu3&lTwTC^xr5<~;KEI)T$BxBdA}0KMHw}t=fKHP zkFidHi3>?sH`N!9z8C8GP%qoEUz4IHx~yjN4@DAuEHs9_qq!Qf%(E>7XDf$4rOh5! zTjXo_-$*2GoY~r}3c(?fIIk%NRue5(?aLU2l34&(9nGlv*OSSNl0ORh$?{FPhBn&a zCg1KGNNVNHsL+E6@Ub19T!%TT zr^PBQ!;vGq-CcgLbv$tzdxL3yfQ0!)_bH}oVvex{Jw+z_$>iS2=x_oT-n3@7!Rb7w;zKW zqsWGrFq`HSU8Xuv&hRoclkqP9RfDg8?88Q%CYdS0Z z?)+@{Vkn(n_32VE9JBy~($*tf@{`Q%FV>j$Ya~HX{_dVFZ$06~h$(?wBCN4<}GchdbsQ)D_e^bT* zdhh&_?vf+`bSbe`iL(niWhA5~@Xe zxC+(m%VEOA!Rn5^!<58^qJlhGZ^widWxL6pZQn)j^uiUUSEs^I5@-~=RgghYhSqP^}Ip$k#Nr4NZmp`0J*YJfbSYyFDX1ib`>3ry|z4I*qMX|5nX0^GBxCjLM~ zjKsoP(9{lUE#NZxm`_v4PaBI}VqI3LT(5e*eM_wpv4vISZh6HV#jEIf%s9JwmC*u& zbwcY(DL3&Y9bV*0xf!dkBoT}@6>^l-jVnv_rKIeaW*4zNDN!E|5IEAQ7WZi!D0;3_ z8@J`v4xxnh)b4s()xtm^6xVE52^ze@3+kAS7KqK0x@L=a3vWO1pPh)l%rHof^Kx6` zTxj}WN6jnAJ>_Ulby(6h-PF`vFzogzPa2w#Q{H*u5KbE(Tz z<+ijCqX&`7=0SH;y1o03zKwk0O(pX9%tsX|W_$vW9AMIwB0#N5K|8Gb8$}h_1%a_< zhR=7Gh>(FVLeB?Fgd8XFL(EGqDA=R+bKJZR_v}A#Z={T<_sPK<6YH|!r4EL|tX?6g zr@#AmDE-%iL+|@IF>d8`SnT6mM(+alEsH)VKd{G#%o!;)mE7*O?Mv-P+l#IT$ro}> z^-KX#4&n_bsJsK$M@X~bbYw{vwe$JT_}XSZ^jTNBi+TXgze zC)X!m9$DazBqIG=k2<$Re*e8#PtEk!qIa6^%K`7IdMe@#>@+$lGrIBCVN@AE-ZIXQ zymwFH&cjy2T!FK^DgPeh+h)fM4R}7eI7cL)qPOHkS$$=;JT`t-I)t~WC<(#Q6AMK= zhDO2f2)sjR!J`5PeU?Ip@Ng$emnJ3q_gl6q>iAi!<-wP81Vzl0G01>$r_T$lC%YWNf^V&amr z8`ni80Lxzk`rald88xjOvK(r9QwzgRVB5^b)ue}M8?R^PDmv;E(dKITU+9^4+5z>! z!C%oJXxy*SXGY)K)1IW>ZqkJ7jteKAr2g5yn#Sd(bMY#{aPR)dPtdl{{YeLQrt+oQ z^B_cSyv-+1YcpfTiw6DGm9L82-}-T!rhW6qQcE|RJ;jDVxg+Ls5@botbZ2R9)TXl>yfSw|&(UstBsZ+H8M<}~1zP{pa zIhE?bcK-+Z3oI3`nht+N4a%Z&?D*E;F9GOUa^r!Cz$dMjNp_UGNF>|318xXV4tmEo zYlSkpcq362KbqhhtVS6-y1bNAIyW;Ks1LZ#Tg+Byssl5SyFn5# zt1fMW2B>)=P>)OgYQ>g^T+YOn{zLq5!@3N44sd4ic($sMoOmzO^nJ%NZ(T(erf0>l zyPWlu&U?R$u+$<4fS2h4C(unr;I_hnUj;c1hM}d2c@*}OhrS{(<4kaA%iItN7_dx>@=b09VFnX(UDgf92J1m-6>a1b zG}FLP*nb{Ei9)`YJ^KzDM&>0hV=F1c+I9FGa!($A9H zwcj`ZN4w})*VKl+hYuhfs*n4O>4CLYU+?bPDNdMYHH9K-Y@8cYYgft6mU#~*f;b6t zUXIR?gJ;sl=A+5QYhN5@+nd2qAzU7N{V29oY`oLKQ{&vk|OwBB`$QH;slODMrza{sW~YZ{Nr5-9Ngs+WHXXC3bNSEs~6dqZfrKQ=!7Ij>!qd z{7&Z}W&LtF>v`tg({ICuj(P@* z8KsccX!%jY%A~NN(f8$cXqvm`>W<JO)iJ6vLE=rBk|RqRg;97~)S z)Dzxz@Cza&8jVwk{D_SSC_SiAsM&`mY*CyDt=JQ_xyfifsC0kfk|wd*VRfKLU%58< zy!wN_#LDVoK!;NzBWA%N8S1mtEJ>wihIZ&mLA?b$QF!EWa?8;ivq7e8b{;|y=_Oq2?VSfJlu-v5--WlZ|cB$rzME! z`OqRF)Jmi^z*w1uZmroXG_3GhQ<3vV-{R z!qlvHTV2nTe93B1$fNh_sO?Kj$|nt(4`1Y_fb+788hsMO9*FcfG8aFv(%DQP(gFI_ z_3+KL=G53SDXReD(RV#FZs}nj_lt67Pcm+D832@Q#R5xu8NIUCch$#OJ&L)=uk9MJ za#lL9{AJUAC6Q~yOP-_C0(2t=^b1SN9w6O6?lB@g` z7g_K5u^k{?Ol-FI_Z7|yuv>4UrIe^rJXHT6eO9zaOE%lv7U~sAfbqnHA;a*b0gfDr z>FNH-prpus)kH)4g`dCFc`RB)R~noqGpZ&u%&sVvoC)w*yzlKh9!!)RY%_GvRd&^q zja2i0{00x*Vzv++nDx0jw|?%evnh}|V&Aw9)NQgQ-798n?4`}Kt)g*Rc3K@C=PXUT zK(I=Oh~YPw2V~HqGDrSSO1>xbt*n@`f6M2sqZq;pF@O}|iW-if0li##_?VZZXO2f0 z+jRi1p{t^xTTCw!>v%EBj6=F;&eDipU1@Vg$DqTarCy;DkHk9 z-1zDi`sMX{(981~q8qz)z>gxi4(kxCkr|K_$Jzy{n3Z0-Prmhh!9561@#2ykV&Qh= z7iQRid^dbpG@Fh1@j)vK@xcgGel8#@+1zHn4?w;X3Ik$G{bcGRE*3JV0} zh|6wF=X)yS(@*J^36a5v7n#AaLZnf0iCEx`-?LUCA-os3iQHUVpgJ!+&;(P8Em_P=}p-aFvMWBi20%{O1M_1Gu|DD(7avi%};~!@xb}E z_hYl{h{2fD9{YGdS*YSXrbnj7#Vq+vZ z%@+S$r4|v+JWr}YUr|kG@Kh79w{_ zwY7y*Mqp-+%kXK0la1Dh0e`Jx3a87nJ%qK&GYo9wyZ48+PtTG%FP;#l&+k$Cu0*4C zo`iW8*jlD-+Q0|wIrw!r#0(8}W0E{7ke^?70&W_97S}sz?v*89?`%KR`3~V8CaC9O z%)7p9q34y4%ztZkE2%o$Fd&R=bCn|mVcv+-gOxC8HGEM_ys18>i|n|_=54#hrYF6C zrUTe~u3d&@75Kp*qJ`TM9e0u8sy!IQF7Ev`e=tU9h>OYgm;8(66&%M%w8DzD_a*v2 zv!Qun8ynPmP|5nL4`3s{_cgl!$uvViJ|@%YSyUk(hVI@CY<6v7r}9y!XglOzDkK}L zI@BF$-iGdCud3Znojt`jzuHf&r!<*IxLQ^a$KIy-)obTnD2_mqJ!=yPZojX1gw8Do?Jz#yR+XO<{~ATW4VfmxQmf}=j*LexL@u>knpG+|E8a_i(a$)ggsH1^Q7u#Y_MXkTB?v#6sU(iBvalQmcGpQC zh*hjx(YY34>BAxek$^ecjny;EGEi;yX`c;W=z7DdJn_d=HyUcdYu6Spoaj*~nk_R- zs5mH#8W?WsIRng^^~Gu7qKQo!9{S*7L}V#T8yo*3+Q6^gLdPXt^)TTg!7g*HksiD0 ztM}VMne>6$Do4<$B1pniZa2iP9v$i+iXYSptP@TNCsW`HaLQj|UU{)?BX$vNPbenv zDrD3N*SJ)W%+3wtSc&)KJ_Yqtgk5*Y$_z=dT4kG%DF=1#weajz=S;ssUe^lTtreY= z;1MqPvvNm91&dUxU6wrk{O%0$;$6^tGJ8RCiRPy!vMHV;v~PZ;*NbfOKpL{zkDiOQtIS&O1R%GuE$4M-wD9VvdVYgkzbGnd(-ctx-?wCa# z87TmqfS(Z`1?bnq?~AG|+Fi6!KE9VbAgHz^XY9*jk!|x*&?raQGH_2l(JZUKO{$bC zTQz77n6K=TP*h$>;#^d|gc(q6HlQZP!tkj&bUfyK-RH;z-eE=R2fKp-VfIbv=X0u$ zYRCOZ@Vc{yLxUefP7JA-@!N>C7j5HbzwfsTVi~%qxK-bow%1Rba!TMn@&b5|(11&A zfk4cB5NP=;bw($=(_u{^b#b4j|057o;ix6~N5kUxU`WFS4@a`Q_;b>Q^+w zKJb*)OVz7eGnzrNI>Dvh;^`BzaMN`5;!`fF$g#Gr`pLQR-qCt2dlc_YzZMOLewr)w z$X>w0>Nv(~sj)?-0=9msfqdWMU~~#O6fK?}73P%}L5EhtW(S=7`f(SO<3IMWtQ8%_ zpcOR8@hxOYciceM@prXe zS>f<-JUnd0Vld9fwW4XsuSP`}$LhmtKs6<4<_jP7#;Su5#78ZXhYXD)tylV&I8lUM z!;89L8}OCFVwx+$TG&F*rSs8PYK)avunZwjvVTiJqTr& zZKLl__@*+dL}seIi;_m$98U~g9A#+TRJ5a;2cI<3aG8U1(`;#6;#UUfP%__IaK-kX zIL#^@ALmuIEWx?D{=C5deRq8R(D|Un^-bcWtx;e0u!8XwMfueTUy(y5yX{P(LJUc& zzroZ;2eYLQeTPCwm{RYgpMWy|_LX>gh3zXn`ITclB#!EbUCiW z7eh0;VyDaC2`Ydlr7G<;W??g9c^Y#+hy+{(EW~bqrRi2;Pvg`D9ZaJ1KKAmv+w8-{ z4Z1>E&K`t-o1ZA@X7aY;^a!J3Kx>bRnxK)0uYXDX*v)I$UkT)2{Ub6T@xGv1Ap35gn;_D9ar{Z1+C_40q1Y6WyD$~x*4jdHgu&0KI^kEf+HfGHF zUc^Y4Ouh_JjD(?q36b){7zmt&3IO8{M`EhaBUtMhxf>XmF3sQ)auv9Sty;rCe@4!! zt6Hb(3FFv?8$mO+Aa0HddcoGV7%}F=hMVV7P;A7^jnGh*u}=cJc|cABqFI{>n!6 z^Kdp|+LdP*)SskWcMkX%17BHl4jl<&f(g4$F=c;w)^ChNr}izBVpjmM2(Gh(Tl&MR zdt<)BcEpyY%_m?Q))^H0Y&KBw*ru$yyX9lciC$QmFCT$r-N%+1LlKIUI?7k+8PQ`$ z4{2y2a~K2QQmd!Q*k2cA#@&rdvNG$Bx2=$zx*|)2XQ)v%F&wq`%6!vEewc2r@&XBR zXH-}{H;arS$ZyE2594`rq$#SkSrzYTQwg3+~{VG;VLVRzd`k51=d{j;uT z>vOc{@c;C`DL?6tMhWqdRCAVVUOWsHwcnqfMQqe4?LYIrH1-9aS@V30HFHtwQtitD zZ}i#nP<*Hy*gzx#y}FyVsmb?k++O>&C)ghAOqZ`=WyWcvi6K`Z^yMF%oNDR^suZXA zT4YPO7n_hG z7iY9s8tksWIZd-nPerWR+Mn6cI%;*hb--JL#P0RMbg7Vu7Ir}B`OQuBV?n#@ZMC4h zzo3a$rQ;@KQc_2^aAlqQOOC;5Ul+Cq-AZ5OtOzl#eIAQ$||s> zZGGWK6nTkwT*+GHs{B?znU`()X-5?l3bQvd=Tc@<^NvW5FWd7~7}leY@%wGlr#yxM zSv51TfI)xS}F9gy6|a6t9b1@TyCgl zB$kA}Xtgotg1`asaZgyVo6+VHj=Yf%%HS&_u#AI4S;UBAS82}4 zMN8u^+bIAK<2v%?BG(#^Pld*X^5s3ga`6yku>kP`d56E(MNlaZk|Xkzizf1btovjo zjiT>!lhsXiu5r;)c)SOO0wI}Xl(tP8VM(VIXYp8}mu1nipE!xGVeLS5w2zYg6D2GC zJk7LNZo2nMMJWuAbC0bw2ITnL#H)=o06pUcw;5iC0=VGg(=}(9T8)qkaqM-1R904^ zXVsOyPuxeIVv0BD?%rxbqGwfz;M0or!*w29*birR0kq8s%8qzbi*l4PaoDbYt%iL3 zE|<~pX}?a(quA<%4*#se}m!?AyzpYEiNPaMmdiz)@JY)ieV;8 zq*#DrM<21K8*Y8(2&)Q39X8P)pjPWrDK?ArcArkJGI;aXi?J}qq&V2euqzTozlaBRM%H$^_F9;DIagNL(4 z!qz6A90yL=y8up~txu0L7KThU64*5H8+pYZNwk2#yov6u8N<@TsF7X&!7=n-hQoM< z&5MVQ2>_BIQls>IYe|O;t1xnn9`k{O*21495lsCSSj@~|FIF20%2K_g=HhQH0F$Y) zok~YfN9^r+=&n8Y7&D=WXB=uPuWi-P@Hh)n)9kpgMlDxgvgecUvIptm4h-op}VSV=&=+kT(1!`JhD=lNag6cI^ zN+oTZWmPnxYP+J)m(h?7u<4DaGjlM9+x`z4kNQ5!Y{Yu;fkRg+E3@he!dRb*vFLPU zn7H{!F$|T?dyN(cb*Qj>Tv$zwv84EHJ!GJEE_ceh<9a)#y1j)9z`yEt#vgM4D@Atv%qSv*-k!g z_JeI;i(Zi!LB+#*CFD8SfPnc`olJJ#f>#?}fkc?KUIMdD7N_p2L8(YB~ zgUW8!O-rsiwwjBZ8SX07PaKCECV zk9)YC((zfUr(!P4gjxl^ABEub0P2s$ey0`J&{{j{D+Kb>i6C`Xn~{he`X~|o`}0j6 z$DN=#Gh#Z7K`bMBvy$~mBc-B}$K?XKjJYlNo9V+93*i#TZOS>0F*EbF{0NzZ$1O&e zK1!`Gf}wrk+f|>Mb7uRlSk27Q=EkKJxNUSAYA|S}n@*rCT`C~Kxit30yb-HEMKVg% zMXg2r?3#fpBZW$*-@I;-7y}p<9!YM+nybp^CcFptL^6H;1G zDO*CKi%!r=Yra0h1&i7=vKSZoklD(ivsF7)xqF}u z>oWFV$IZbTs{vkY6&Tx7>5_JR z9;3(}^`iq<^v6i$m$>FKt6`{7TGg{~?Pb0p#yx2qru6rm9jDs)W2CF6)zGR8`Jim5 zhkPVW5D~W{4wG2<&kjP*-S;4(!O@kB1O^mMlY-Uj9sP&mfiNt92rG?wO59uvX3IoZ zzCK2QKt!I$+q&ZPLHpXK4$ouU(OA!w^&6W~BpR1p!TMVBKrYe&Ode97x2`t2{@O-2 ziOs}??Iv;r9(uBbMlmt*4MfpH5)2N*u?wx1>3a2F71i8@RKLeSALOeqxusqRkgZM6 zN}K(I@SOmG_l=qp2Tb{no(JrtipeAeS_6%<%^GN2*e??d2kcBAM-=5@KFM|`vhV(E zM?~bnyKcb7h235LC?wKr;UgKEEcY7q-bi}+1 z(3m}&Y9;g_=+bAdDtt?^3nAL?2QJwgeDwSVAm0H6l?39ev7L`y+yXv*TS!IjX|&E6 zOEE|>;A*3F8fD9pby}3DN&c`AmKMiRlWvu!;a-hn=rjcJIUR#~cWy8MuXhQIL@5>4 z>8Mp{(UIm;}B?+<)oNw@1A9@GBPu~QhM-p3q%`abQ#$4=k3?9CrZct zl9uD|oPt8m`=g@M@)Ta+$}l`UvNI3NbT6}esTg37~jOr%xD0{yt z9sJeB%G;mqfexz^vQ!XBK6jn(>h+rEc5}eSdcyt?yZxsuynz0Toa<30l(3$dtnD{3 zFw^5D`1oO`mlljm7#o(ZMo@70859~W9_P|Jjh~#fXJu(ER?|8f=Oo%Ul&M4T8eX}U zKxKmhu}YYM;J|i|MPh{WFd?9pideA)HE3XF#9 zGSz-rBjY(A;xGD5a5ur8o#SVwVIt8?!LPf^)70FH@orGVDY>)qYt@?#Q&&^wSn1jE z!NWA$$Teb1-t4n3ue=Zy-?qM@MZBOO6Vm=<8ifofx%0@$&AQB8+pQ|YM~rs5^w6qZ zoYGwG#G>>L5S2&fqjB%;B4b>S-mhuPZ9{V5IgDSAi97yfK)&qZIzH{9h#cRvmXk4f zbwUzOS`Bj8ABnamRiM@aNa&C*_Ebj082}+aAQ5AkWUz6?#OZzC;@vb0YZ$04IpsGf zm{O*iKO$&*oD^AMp>QVFr>-G;Ccx)(0w}`yTX>0U?(x%xBx6!Gk%}Ne;yp9|3QYw zzWc9acn77Tr_OMn3qP+%=wvglm)fVYaBz>ZIA^IkR&6{v>xQE;GM5F{&{n(sR$-$b z1OJr`ukb(F@Wy}G@Q%+6skb$$k%JYgGv8Xv?^JQ-Q7&{2u7k;<7y{)CHews|(T=+<*Lb5t%e0PFyIMm%_J z1V(2^PCrmxrixxvi*Jh_k%v4bJHS7y?Hs_aS5^2$nB zem>QSda|A>z4vVK+Q?$`>hAM(vKx4Tccf%g7BGrz;#AKn=n zm8Ez2KioN6#_v#u1#29^K#-dN*YlXq#6Mav4y%oJJ2kY2B^#wJ*5A#xeJzp-3x+Sc zs`Pdpi0fI60)vA7E~ZR|L&YhcpV_)>rZcCBKWtvPUk&2$+z;XK6uXw7y15Xtm`aeW zxXO?ihdEXjloO|dh*0GxwwjO1d%yxf7eB>GEVQ6}?l%LMgqrE_O|m_}d<(Gf7fpHd zA)QTKx!*5liwa}6FT%Q}5l|AHZ^3k7qRwo!zdg9$1$3#^SJ`nKD&{RZ#vhO0~t{~*CT1)E)y4W_eI2w2Y0oH(HcEth~}i#-#)3R znTGRljF10nruO$O_}5+d-#>kc--C(IC?CvX{-YNHzxT#>Fv(cf{3r8&HfFG##2fH( zc)j6^{ZEPcZ>gaky-CNve6`Tw%`|8@#~Aw!gx z%kEG|0&_}ojJ^MwhPI@y7FE7CKxTjhX88Y@@{Jhs&ewa&JBeh{fBXuVd98L_9~wmb z?^owvf6X-eE!9x-oXq#1PGhYUSgpVn?I+}a`VZF(zvn$cSm~ctq5r=4|7~7;!9COe zUzz+Hhl@M^moaquQ%znU?DKfv8$F~>3dzW1=>4L=1DSkyF9bjp3&*$gF8}>*Iw)9yy8jtg@DC~z{KXdBr5~bAM-g~z*$y~2AImu_lQu~K{{o$ zF0d#O{m*Bno9SUz4zuU&**hh+Q`)y?;Q>8v1h0>lahjUkHWsS*ydMt=1nDp^I-KDOtMi7F z=&XuIi>eET-xK}Wfgk44GimqAcZU}K-4HSd;974rk=pOK5LVLp;LT*Yx2`6H#X+wx zoJ}*9Qbz>?{&{b7WIMGLti%XCZFSFnxtTvG>=%dK9L)zU+jSsUocWLxBg(!$mJ!K( z+x+XNtl!!9l_O#5{?o(%-z=(cXmY1lV1(6HB%Tu`J^=yqUa9l)%II8LK8#3(FB|WKUauK?W#N8HXp!~=8ZA`bpC1IG zjoenNs80Kh_!kxy25rr2q`W=p5V=~2W{INS!_vi{t&~=IGAb$<5j(&;P_sEY zVY?5Z)JB=dTVYRcNc$^>FU%#=2QDt&5$wHhaERXSoAm$DL^7lM`nQroM@+it;eIS# z$4}@qP?> znK5&7>#lw32}!Fu62pMr9w(PDLg>^A05_mf;_x)<>(d^vH>YNr%rX+za0BgM$KbUP z#J(tR!OBo9W1Czfar7^a*Jofx@0A^-65yPs-F3B-I6Aw5+Vk<+qEx#H9dyYI`qo~p zW-Femu{X-L5Y2=8SEG>5^si}i(`#lp+Bd3YJ*zdUQqo^&mQ=#x79_}Rx|fDDXxJD6 zD8{^C`f6frAR0EBfVh#}mRG7=e}M9&O#pZgf4>MB|dgyuHBJ$0IDCO{R>D4j5vl z>q(7s2P%V+^!}wyef=JE=^h@8F*YzvklI)NN2zn#lrVO)PKq$_yEJfCxrn(I_Ye#M z526bk)O{KCu9KG?NvuL7bzN%90#Yez6ebiD>0Bb`RN#t^KgFc!%l7SiPDTt~C2Deh z#wsb8Df;=bkFSSOe9!8Pt)Y_^qE=q1-Wfz99(AojvXY)#8Wl`F3oW}E#}6BbQ;r?} z*HAwsIi!1UFZ?e?M=0Jyr6%H$Sh^+VXzJG1Wk5@w6^)abyu8A={byXUF{-tA%qH3JB+O{f<9cR2rb%Qyadmn!Im&7>jyX}>30O>ZD8 zr!%lR2pa4Ul}kVG17E3cj~D$Iwdyx~VTmiRrcOCk_I~|k?@Wlk5i(5&nGF4Wngdxr zE-hdbA6BDhkLyfe@UHXZjpDQ8m2W2f;ZA9vQla#X*BmLQRe)&Gk(i<-T}+HXg1co^ zojJ6r;B$s~wYH0=Ia-d&nNjNQ#lShN8gsI zU$7D#mXAMrLCe1`Kyf}TB~WFebb#F|VY|wIo2gMzZQHbH1!C2d`Btz6zpqbp;VJr1 zfX}}Eg7=+VMIwnWa$K^n&J9F6uDRP+Iju#$#ksMdGned$Af9m4NI@O7fS~D%Y0uKv z^b`)7@z_8j|LM()bobNJys|YETQ_I@t<531N|P~L!YRhyFB^X`{*~&IT97m)P*ZVFN406yL@> zz1G7qyXWz24K6z+<~GxEfD*U{)N2%o=t1{x(2(dx)bBE-8^X1~$b=c@sP1j%G=W_h z2x~c*O;|+U3co=K0i(Aw6m~a~@6+OFqoc(s3Q>!3)(@OAMoWlsNB6{-O-xKRyQD`c zcu*P10({ZxPj795yaFQmS@>zWBMt?Se?$Q}7mu`WFmg7Y@7*L{Dh}IrcjeAsJ37}F zdOj~_b==Z;(er$eAlpKm8s2j-ztcOPitABLg zQVZXTFQB7`H6R(Yk@*LD@$Z<-9u7_Z>5%{BdWzHSG$V<&+WLF5$BpIlHl;vIpyOc0 z?=w+Xzg$;!?Qy$CY5YvhP#3}fNhhzEmsnU3v?xU!Qr3TX9D*IWWH)$`Q^UD%|50z; zK1%4MAdZtBwE%UH!fS&7-!x3vZa^OTEINV}U{b9YCSjp(^0t0&04FXj3#@PByI8=1^Z`SRc`d1erFaeLP=rH}Ll)gyXtRQhCU8K(K^KW14q{aNTKQvlnWdc1 z5*!&uEWZWrZN&@WE_RrtD#aO{`jZONaMpW#Hzg$9`D@Q(uXgA~@bdlgScf-O>0!y+ zx7WXT?I?G_((ntuyNJJtq1{Z(3{$GX5`Dc9VD5-|CNO{(3h|mzSV4dD+A*FDX8hDP zJrBP3;@FR#{FFpcV3X4Jl+^3K0GreIQq|NCQkO?OEPzWiS?cGl^VzzowK<;#3ihG5 zY>HGlBOY}vHRl$g|AX5s^r#gY-U&aqmJkewF^OhlfCj261jooE1fY#nhhSM zOCSoHr_{yMC{M#$KKkBa0iyJ9CdE>KIv0%3Rgx|?|Ft%DL=(HK zj?Mva@;Av_k#LPwdO|AGc{no_$JZ?U$Hh}zfcTXGl98Ks^crS@B?qs&94ReH0W-lT z{HZsE2As+&Mp3g@BwOq#y9`L#40$_Dr5f6h8jJgjO~es(lHEbIH}tpY_A9^WJkGZ_ zm}Wunu>(`!9fQR{@=S)=d8tMJwW7)_sV`n7D@LMuh>&&9JliWcWLfebYF1^-Ez&El# z2Tx1|$tx=0A7>`dVzJf_)ccDf&af#d62PAGI%phutq>s8WMW|YZ1!VH z6X4Q6Tyy3_R#+mXEcU{VNgHq)_8^6r0H~@rWTfH8h+zEjpl0sO>{D0uF1|K7FLAou zcU3jIz=CWADpz3%l?ag+{SeurfFs9hvBs#KS)JVne3AlLl$6>vjK5KNj?AU3m<~V+ zaJZ|esdVI!>=I!DqZoGq&lS&lz@xLy2oy=IG^cxELFSJusNADp-ag`^DcPBsRn`~L zMrIe_fMJ@hZtpyxb}X#+_)yY4`M@TrNUOS%82;mqqldp$xqaD2OBLYX_LV{GAw#(` zg15dBHmHy_sLxVtCMxwbTn=dPTxO4U6Uwfw(k`LFvP>`akn_UF%jOGpv*lPquT`dw z8DT^+hx{cqErYDe3OGQtw30-PTBAtC*c;x%SsUqtT$&cw>z65qJ#>Iw3a7KQxQLrj z*<{318GWi)IpHqGmtjZIJ&D;(();+j!Le;6znMHgg>U^L13MTbjDhka!-@7rQ4 zgfC6DKO3!YVEKL%mpOG~nn`Eh>Dc&g0CV71Lhm6ee`z5lz?sWweU{dW01fHL>u{f+Omgu zL|)-)*LuQ^h+lGF!!F$)`+Exkskjd0qpO-wCM__G59?@03WI2%$$Xo|RT~;9AVNOi z#4g4?Fxvjm7#5w-3*TY#f&2MxafM%TXd()OGVzLCy0giQiY`bnmyB{lY)DhDp}Ip< z_#tZpV!Evn@9Fj=$y6>Z=;S8b`$ja9zsnQmaAI6O`qAS~4nf1qBG(;dmUifrI<-mu zTAVkgYFw`qLzK&E?h^U;4%fx%C%Qa>~8TzNVIkxTlWP6Y17TOv@UudcLqgy(;YaDtz(&y`|%9>5R&s3ZX&+sRuqt*;9ctI;+qoVg+%15NseHzx==F}oQB`7Vco!r`6t{HZY}s5E-2+-MLli>fPUsP1C~6|MpsfXg@xqGbsK2~{aU08 zxrn%0N0f=vo_-SomU7GCkhY{wxymU~NTdf{iFaYXknXQ9s)vgud<@-XDpJljFOYj5 zvv!YinONr^_PdT8t(P&EWw|fA{4wl0nu&;L!>S*Ge`%_X5?@1~WV!)$Yw`C$_Vl+m z)Rh&q)1WTP6F_!;^V%wBC_FuP9?=58kG+&aUezj@aI?mGY#=-}w2|@R7cX;B<3;n` zk`;hhOT2)rgpzFY1BgW7>{DyuAlXtL{Dp_NAid`~UfxSV?qJ&fZxok7`*V{jTZJbk z;+fa5msh@lJTnL&Fn;IT(ged`VRB8=adJY!`ZVuMeskj@JPPxt zsiCrhPvV#5?7TmY#6Q~<>A$4e@?)w+5Ue%yPJ#XrK6sd8-Fx(vj%&*Eht5xjTYMw{ z<@(-3*iVXx=z&^21GQUxy{r;tgXi1NubT!fjC+U z+`jCR-n!WVWs6*=s;0(LHO{Jy8(2My#!-guF7|s7;WHxd2fin~?0qLy^DQZu6bC!^ z=q39Z>2g(WmO?4U{CkrEC)fYrgR$TOrxInaMCZW^qx*V7df;gF_}N+~qqHU9duj_# z)BIbl#E#SAB^zO**UIvQToGajS za=)9RC9dgqtks3DS6RJWog=q`&ZQ@mC#hs(b?~R>1YwHWsj7jLWka@}X?6x9lBCh$ zX>EKn)2QB|C(7K&)m9oQH~rPV525vuU#j?!+3J-=jXrqa`5f0)i7nw#QIvb4)$U54 ze|>D+S3 zhzwOY{E1EICCS)OyGK$wjkY3(R^j2yJ>^5pOclS}m^a>K(i=RBqERA-5>r&iTl{YP zjHeYn^3-!;iT#^*VBLlaT^v5Dy21}z+9H}WlhE(on=%}v&R*|nH1RGRT_ECEW@?o+ z#4q%&rM8RWd5kZ1&k8zb4E?TlS%eO03FZOTrHbnClI5y`{Ye=a!4?AbTS1$Wh()!n zswfTohe_JCog`y|(!Tc$qnA2-R?U1@A9Qt^@I3i>88aJKvqG7KpKw1mtf$|th>hk% zrtQM8)-bdEct&#Er26d=|7F70nBX2k=>SIKsk5h~8-!zGMm17I*-;<@0;T0?c=c=d z=Vj-ccf7R~=wfp=J*^9CJ>MZ7_`=mDPQ)ob4d7ks}2%5dbrebl(8 z;0t!)CJ%U0>E_|Sn1FFK{g}6bRJVZ2As(xzc3i3i{6u9C*s3V(wrbAt`RZsn(#AIy zrU2vWEJ#v-cS9F9iy;y7-Iy97v582W0y{qNxBU0<{o=(Ee28MKjR``2C@7k~<5*({ zk4iGFhs}iCIW2fgva&7Y^B`R3lttkC1O;qi+|E?e!;ucIiBX*MzfGc;Zg+b32RWLE z02tP2dYtT{Ft2onM$N%SpPHeT{MKr1HkO6) z__ht17CjWsn9KSYlOQ^=aq7NoHa438xJ<>7{uxH5R^?(VRqG@F!m-nXI5Gta`r8uL zI;uitPg6@nEK<2Ae7H4`dWS!gPMcl%STDMuYPhX_vo}Ff4Fno)eh~pPQr)RUUmY`MIzNTh0&o!&uYF$iR-8JeRgTgyJ zR`$FGL%c)mf><6?O|n+eU*6XxXpTOn3kQWcgGBMHg;idp+-!JUv&;z!zUPlwy#@0! z<9Y@@*>ndqK3E{=MlK^7-00ksHaf3at<2mc>DO9k7?=Rf~8~yS)WJ|nG&#*7K4xP>(3ON_jZM z?Jo-j#f#?+#OM8Qsp-@>gILiB@24@S>YQ}5A z=6-c7^u+bXxLI8Ka23kf5zEagk=Kk1rUV(ts_vvD@FnLG2d$Fa^$y7>kjYhEXYp65 zHLAi8gQwIroRlCSUt>N|2E!-&vf?hN0|;aa=2Z@|dCEUsE6|9s{C1?z=%LL6y@qO> z+)2WtliCHPzw7Q@#&%5v&IqLYDUPwxxD3u*IxFxwHd)MBj-+VO@YQ+2?JMH8DB@5j z!C1nJt8u%GrDg4RoK|^|iZA_|?v0c_d_k0aV$#?<>hR`xxGvn|;A4&0+x-j*-)tPj zaoKQV5Z?T6`&{ytLsCeUArmS%+;?xp^nzwDYgfaMjZ%b6rf#%+;iL?^{eP#{7oc>-X z0gn5N!Eu~!|K_Jdk7Un8*)^lyK_UYjQbcH8-G`5U+*e~Ik>h?KN^kBw5^qUE#g|ja z)aZ!@Q9DD3dI?Wawfj((DYZ%Oq{2GG5t|OILPv?r>X6uiMcVfJuyx9Mc7kN3Yof@J zWuDki%T6@Kp3u3CUmx73J-Y1UB0Vkn4gYbX8lxnxVCEC}Y{^#Di#y(Mcv$A?d&fz5 zpIJTq$h^&JHkO&o{Mf34ip#JkT3UFyA`9)2GwA#Qy{dJYmWaC&sx)dcmP#&)JEZJV7(0(C)Ku-=vYl_*1IGm-$z)}A6O5ef45KzEdF?W@WO=cMJ9 zhSRRr(JRz^ykz+HSKWk!Wrm#(%%33bUS^{VMH&%M#)W37B@Kkh5N+DF*@l=iNbAZJQ@ED_i*L_Dq~OEm0YSEpIR&$V9s!xj(L(FIQ_Eiy}H_ zvl~eb3i{_NBtcXn<5it6ku+@tiBU?eBzz21H@nN?v45FSBk}lY@yza4rRo~;`Sx4< z35;HsvEt!ScQ~eFe748cO|xY)(jM|FZXMQ+=BFEL=xXZR!${C(YDwvN%2A4hqk7g@{OSfHVy1qIB!PBp?5~Cvt8fJtSU` zn~v4{I1p_7G7D3prnTmho|pAJ#&{>Z`E1=I0J~Fg;Q>S1X>(Gqytz{faM6bJ;lqGx zAF>#&^_-q5al~D{V89nZ$*Z(1{BlX8F|k0lwOM1bS1 zWs&fwPve&EL;b)%gZDqelzkycUY#8ez{H8X@=P@|Ij)Zxw=JP{!XrY){U(hz8tL+< zR&6GPHK3)&p-OnN>G+3gCrjK;Etw)(rjMjwFt^@c1LJrnH3S@Ej~!t}LX}aP=sZXL zhL+}L>qtLSKV`o?16dYN)SC@EZWpaqHh%{dZ~%ad)X%?;5X#_ut|@uB9ud4>Da))H zdaUR=Rp!SPOSGbWS>=Fz`%z`+0bmSZhqiMt)T8^N zvB#aYr@~oGc9`TaKUJN+i<-pQ6c5naxt}mGp7I5XXe*>Id!H*gW$9u!pfz5qqC~n-Y|N3#I~<}FyYbx5V$pS;Ouy8$z030 zO?ncx=d*SARi>{d&-cklB-8a*ZVmJT@`86)+9PEk_~V&FpMGUl!FdaH0Q0`Z4~=rV zu)kxG-=cA$o-K)%U*cCR%K!1HPU_*QecoEHbOqw=>yJKpEx;5fLMjo`3ht^96cxqS6PCvn$Ypn&k91a- zxfE9Jartst?Xjh<_6oc?p*Q&s>ntsIb~3}MQVUlZ03E#_`ZdTsFDLH{W3*^1)lNd6 z==_IfujWgbk7g@-t8`i;WhETqDdh&_d@eDXu0E3-m&=rz0Cc+kQa?;^?1PIhWZMHq zJ(7i*@+}>ri%oHCQYTRa^BWJP42jG6aC+`XO`S*BqRxjX=A*2VqC_gxrJYpH+jlWU zlt9*`(Sacyna3$?*R>E4@nIj$r8x$Cj&Q*wlLJv)BwxCn^3i8IPfwo86iR=j;U>Hv z#hx|n(X7OnnzXuoJ|-HR5slwOks8}p=`!8k_PUTA@#vwJ2%2Zj@fTqb?!4|pL1}Sa znXZyIw?_S5|I##$!0Vv3YffGc6dO{#&mID~R?>wDcBph++*vCV_`E2AFfZC-WDr$@9 zq3zd57;W(Pn0OA`z9^5$kB9zsJMS#9$Xgh2P2E!~L7}Ptf=@}F>Cv9K6`B)90V*NZ z_xl26=}ab+^fD>pPRIJZ3k;9Yw8VJrhcY`z-?gU>MSrU;-dx!{$9^b)S%I=w-DidQ z#f|_p+p$w~%>WvmAwZ26R5%v)-a~Zc(LLLkQc6j>eKu=Y#ryvL+VqV`2M)C zkqRW(;Olo?(|dtj`PUtrBe#jugdtS!m21twPjk0P?=2qU^yh>#9nYa!?yj&q9OSrt zF0SuB?PcY@#!2oGWD~|y#x7O??eq6k1zYS%|9Q4U1Sgdtl?S&%z85 zoy&ZEb~?$>bjo)QUq$N~nZ5UVcd?nAO8eIbqa58atv?3<%itGL zF#q!IjKES*Nf-i`SKtPT^Y!(J$|iyK@w~kWZ;tcX)VN@{sKDi@sayQ}zK;Q>BlePo z{y5*P3uYAc7~M4T@UE<=>;&|5Q;Be`Ea&3V`0@`F9;<{2-z~GuB(WSGAV06aY3;U! zZJtZu5sIPP%zL`wP9ltBDK-a$S^D!DRUH^Qyu*otL81~?*<;njY6m5I&x8vXj>s{2 z+37sPYH0yhejU}UsnpAssTxx^i0KOvGf#vvRerz1+5wy}rGc;NzJm({o^O1ttQat3 zt|U?EOOZhv>Yyolp!q3rJ`1sErln7Ov2r6??!?oYrR#mkr_i@3oD?d?)E6?X(5954 zE83xye5y)~H@8$WjgO&eDm)-&ryK5`uWv{LAEiXJ(V0|jYp#N)&kJzmri%7f z=ZdeOLCQigxZVe+2i0lEz%8++Or(E& zxs}~FP#&J24ZkTVvx|jy;9mR@y`9Fr^z{Hd`J>-Se`I=|Opaz6--ls#WrMpawI2X; z3J?{iQ2L$Y*f1Sq-OVR@rB6#JDl^tE$dxZl0~EVkiQY)IcP$5cFnyaSilMM%-(xkn z=*cd0G?P^W0fs!Psxwj;c=$G>^EaQ-CQWJMOA0V|UkT=)C^Q#m&eVBaJAb@$qTNoe zO*k-W2R%q{p%EUZNewgww)ZTqDu;fa^#1Hw9!wWGaT(gvOzlWSoGsIxId@P$Y`Rb? z5_(djd2B-*lz&NJZMXOxYHE-6O!q*%b0Kh{hJQ`=)NNXut>@`itTq%WnF-^X~6l_5D zXD}*#^9?MJKFqO|dZ}$}Y&(nbf(Unh3B};jWNAyauwSK8`bN8gdw}2^0 z4R5UY75@4yjieZ1$eFacD=&TEM6+2M9mZ`%&)wcDSnKVH@Ql=$!Rfa1v-5ZEgYkSX zktzVkTi7g%CBZNKwTQ9Jy*Ifms+W_HGk=vz;G8iY7FLiLk+(8{G3(8AEbIIExqbDM zxpVfl%?Jw-zv-WMmg}g^;#Xr@HPcx;bYW&JMY8$z3ilg!mkLR({)+KZM++LLAA@Mk`km_Hq@Z{C zI49}FzKiUT8dGnX+rstvbuc(@0YcYkJ)=MegB%`MRzro;kJ(TQ%<$(SJ*BqZa?ka} z2EHzF_3X9;EmfJ)MAcFK+>2&ei(%)S#xXu6QIW5f!@EYG-vO%6@dk*4JeZj%3mr={ z`892Ac{(1I=U6E4jf&-EBdCf8n2o6pD72Muf;sJKd}$&6_nP7NpjqBLtEfT?Sfp3BEzhN^s#pBbH%b2U~7 z=+Vf7iX}o!N20{T)3L*Jct}B|r4xNlJRah0w#O?zp}}%jy${)a&clj`Hmak7ZyW_lc#Am`Sn7*JGR&h#P`| z8-klTvCuOkWN#vPW7d{NrG0N4&0B@YwkIMlCv>FeCav1!eQWBgbdB`rP|b|6G4P&~|fq zU7=QmlFN|4+?Z-eby#g!{u+?hUxjPuTAqB+xAYcaw!ei1P3@8-+r0hQDZtp5AfQxW zMo{I0DkuFIyeqj#+o_A1dwJV%qY`xHedbwGQPIb9)|O8WdX7odlIBI11@^H0W;wjT zasfKo0rStRf9F`iH3nU~Lr1AlK$HzIIkUu5P7>8@Y+M@&R|m~~iPKS@E+p+m%pB-H z91`bNyC1EkdElI&jPoSoaj9mAe}?l4pySk3yRi=ula5+s2Jpdl z2u5wd@3_VIM%t#KpM;!Gior6w`XesYHds_FDQy&d& z+qcMNQGgEccXX-k3|{pL6vo7Th?bHTN@{;sm|p%PECH~}r^{-Zq++BZlvJ)a>q0l% zjJb^+IrV5H_48c|Dq}VLM#^Kl<2;7WOMJ$7c*QfgF|`Lw(;kdQ9-mgnmzspBLEGW3 zI28meseTfieRdg1`n8o&E9>1Us-cN;oi9GZXnDi4U*~u_&ts>4xVNnI3%87?iH}8j z&E)&HYC~WW274E228QrF?{BA07gv9l^&s8c+}zhCCnYO>XT?!164f&-V;bMatpqxZ z#DhLh29E6MH{wz}{o|YM;?z!FTE1+UaiJwBx3`Q!1syFu+3!Q2J zBU9@o9Gnqu@D^X>L@RxYT9~}5Y4M6muT^Q6wGKfd%EK>O&#m!Dtl(DxKE*l=rtO^d z9)u$}@1RRL*B(cuMk$@X7TxM@4Nc(lm`jQM91@F-E(fr0S1yKg4f@Rqo9w-=D0V0d zuRMWi?4tJ5^R`E~(17`Re{sIVSGLm)qSHxt9JCRUd@qAJ{xHOzG_0a;|1_kI+0pm` zN~4NjHh$DnSacPC^n25SNAt(q)rdB7nS*Srn%f!ZGe}KoShf?N$=GT)eR}GX`eR*2 zYD+*E&R=fD z`3qIJ_S}=Xuf{@opOndwPk^iJdljL|p=(rIJT7#y11GIZNZy+JvHL5Qc#{uuQy(pK z7Rt2aKC2as&uknzL>sJJMU!YIcUWDPI^IUvfNC3^Pb?F)?hRiEadpWJJ&USBdRq^R2bEWSipbXGdzqsZZ zS&${48DdR3$sz=cDy?ld>A8(xf{7WxA&|(SpoNB=wneB?w%pi}WANvW!y!d~DOs!K zX^!9aX(<&cgQLq8MkCl!#BjA&nUiZ!Hh6|y&~!F7UFeA!U5x;SW!IwVw$D?=hC$eJu18>Z2Aw&{1VKj_Dc4F-(_9pJ_K|3^s(5U16 zjg@auths`mOQChidDf=>3)a-bE zSxtbX*EJAN*Gms@JUNMt6T8m&`vf6)hrT~#?|3Kap&(gD%o~TNQxZ#EHcMMIOQ8qRKrW;pu5jgp#(4KLY`YJ-EMQ2MxI zAj^gqo-)6#ZlfWddh}F^p7N|&HZI=Rmr@?)YV(dqrd2iH*befv^==8rVMhMTxR&s6 zEQi8nU@dYf8-kk$wTs9Ag?nm=*q%w;4!r0Sla_!K6}>8|jp%`GQDz7!HwCASk_~#2 zy@wABmF;j9HhE#y59@llmU+pQU&}@a)K0Cd#U;o7HAn@~F>5vc3YtLolrvgtfwVSM ziTDTbgH(To=)j5=@q&gTt3iubjN!5$nV2;?4}NuaH{he1ZX0x}hpx+?@9F-9L<7M{ zv|z8#*7Ot)U5vdgs~8M~9&8wr54wJ>VQr$=5fpFCbPcG|?z$$UZu!Tr`2oZQD z;eXsG;{{cUA^<3#mhgqK1O0yIow^`F5cH}@Pi>qq4~?o{PAB&{v9pOh2M3E&Y9c?u zzm8MuQF3Md`OiNPI2JnOG{blYbv^P$8D>7~Q+(AMP(q={Va!mun(eF+@2#~idP9>c& zj`BkLw_KcHugQaUlea4z*1Lo_y&n^H71hM|OA}hZD&BRM%HdvY04XO3b5Lz;Y;b6o z!Lna)e4m!q#=m5*;p*UB!8)FWpUxcZ;HnJkWfXr_R@=dw+j{o9`SknY1QSfF z(LFwX1dEH6>YM#A=9@O2IX-l*^g9Eid~MZ^mnsGg3D@X8?V&_&r(-EcB}%#-e)(y~#92RoMTYJP(|`P$!z7zIw zW=Kd(uswNG_b33jI{N6i1E5=N=810dMO1Y2J4ckHM#O)vQTNVZ3kYNQM`F488djaI zU=*#twZd9A-zk1F7-RoF_lkvZ!{Qs&~P&E4Tc+($%vf`)KMAVh*7QLaf z<1_(f1P1UE^yWy|(CPcmf!NE3Ve4n^iT|g#KsWyCHF#b{8DxJOz`wB#|5(c$G1O3e zUQ`r5XG)M|3~cmfPwq8eTUha|kZl{0cyRdr{OQ+xyGSy$2OoMn@YnW+52kvo%h{O0 z^4~U&3f~lH7cM6q9TO7tr;YrU=Lm+rFYIpW1=io1{a?-dAH)0&Ft#P{3SY799}W6T zPygNC-zxIY#rorOP*43;?xtQ)|L>9hk=y=DKsj1)KMb3+9GndPKZXZ(1roSb)(5@r ze`iAekJ0?^EDf@fLqrbfd!)cBR~Jw9R6cM|NO!C z{Tul__{-+O85EDyujoI$kjE#m86$|hH@uaDo;q*K3e+mCwig-U< zr<2?f{Lf9}|32~<*f#6dHl>f~iRHSlPQ?tJ+l+wfi#n-}C~cuXzrBA%(^nhO>-7A^ z_Ge<|zZD#)x13}&&|b^fYCy;EKVMrt0q~0Xm&X;SDyIMWN9~ayJM~;ZGIIEz3mP<~ zA6_qIBmdomuC>AM*nD=?n)P_E;u3bT<$TBN7Nz*QhZ~0(Z)hA}{#tBt$a%wLJn;Yd zprvy{K&o$x(kVno`2X=0$Xzc(|JCV#8sLAuD0~@RB05HM3#e-8|CuR^@Jg^VmygZfx#iY zX2{{oN#pi7@3+i_dtpK@4i20GNgyF$bc2UOkVTx0o5d_HbMxB?UM=_P=z8&AM7TH1 z-F}+5{u~N(l?*|i`gVzaIpvLjBBFMh$WNrlWu4Z4S-9&2`I!VhrydHyp6npTBS5vr3`d9Gyd)I7_>&hCq z`nt2iSW|sKTR)C!o&C=00;@0r7xrWSb$1`$qhUg&-ZwQz=D!Vf{WE$qCmD_nOwD6z zc7A=)#1C6)E)n%lW~6z`zZ$oKh$8#palc(4t9~@)jRcy>i18u~JwGu<_b`ZBf+IUn zRWbuN+bsU$D3+Gu`x)TQ`BI(PM3>4hI)5><5HIR6R z6Fj&Y<}OnMyV-E!wJPLH+U$mfZ;C#A(jw0vS-gEAw5S_OPzqCjTD0uLLnNH*JjXDu zCdOswN#vXQVGZoY7JtP`P{WrDb^ocy<5q3Uo9DQ{zRGpGHNoT>nxxNIS@eW~h$|Y% z83huJ6XfC#4@F!_t)24C%h^0@(Y6*kuL4*0GhvGdTm7%hgsExUxch38JOTp2Y21fc zvTQv}Arw3JKZ|+tUk1JGSLn9iM`VqNj+M#mW~)%pZpjhGFL=wu@k}(AL%UpSPTh0K z*dJCUiHx;qU~KPY%<&9}5U*w0?5$r#)2t!9VV%HPdr2I;>QZ*%k$-5b;>2awm!4H5 z$I}7WT0+=*Q%X2EJjr@Ay;?8~9VB8DB+#p;R}7MMgjkgcC~>yfbvS@(d*2h{J2ADAU@LOt<;Bl>F-{=E&(VW3K`thK$8^YdO{(G?_r&%x$m314B^ z1HEeN74*2Jw+WZmJ+z{`_Obb2VTL^%s(m(K6$#6cU1j67UYn!PR@)FBeal+&fXyT* z#r}<%^=nF@Pj2D)vW19^2$LhFbXO8IQ;x?FOE(lZKeoI?*>b?OBIlt3t7%-i;+$zj zz^JK9p{30i6ANnO2pZ~ch%j7luqN4K-Mdt~DY3;W<94Nf5^zYj*Ci3!!qR{FS0W>v*b zlo)phCri3^UWuoV3IEX{Z@pvw$l@YmRzfik$J|5DR5H03jUpA1U#A3tz+Z;DB_IGPi zO`p?D2g+RmVYlR8XS0el^0}7|FP>SVbDM)lnsJ9?RqpAJH8P4?#tCxHYfV5kqbbim za&*XMa6Q1iwzOkjMbI8t)4qSXN0|q>Ae9k1c9V~}es!8b9HB3ctJI)c%Lo}>(Pj(j z37Ioequ{><{{U3knKg5;U#TmRCsn*mG7@s7$-}&Y*;sA47*C%ExS|bN{(LDi_+c=( z%Z7smX4EvYeY?=L-utN-nQUooz{5enIoI&TDkYg)r7mhbGtNyWl6mb}eD74HRV^1E z6bA{~k({5|;H`+*&;x%x@=D_^-00Fe6T5_yB1W9Ahz(MEjQIL80|hR58-3+m`7*XbHhqW<+ zt~i~eSK`+i4#U;9^czFW5_T;sP^()+bJG_E%|j=aDq;n(xvSuO(`eT;tOn3WBwX$8 zUPu{)pHuLd7#=LObDMSf*JdN%sNEsXGNJf=^1-rK`7qU}41Hc(*f^ve*dhe3}ub6;MT$S9Xon$@9C-28=p-vxXChD*BFOT9? z88_}%{D1pkdk0wOa>FKfwN&<>Ns2#^X^Wzq%NxiYKbls|M-F3459CSWu9sp5OQxMxHp!S{UN`sZ;lZSAajj3!TYIv++ zgD2T^)QFnHY%ja~$cTm(<*Yo=e7ML|lyoB^`!wxq;7U`3vn8HxC2SSj5O4xXX2r`o z?^5*#SYM3lw)2qdeHP-LyHoVU8B(q0jO>P$3jooDE@kRc<{wG1f*R9=#sF$%%D?kv z#GH_6^101Ja*XQ!w6weVk!^@}%a@GO>B+|mUwCfSULZo2p0;M|S^GS$-RNQ5wr=kD zyH%Q^L=>$*F5=!AEhXV{MFViHD*@;M=9MDrbkI61xTO~WS*sHHcTGlXv^(>!i(vRK z$A~=)(ZWT1*rf@{ZuWTwdgQvxZ4gKas(~90)G2XnP!|)AvLj)SD~VtC;$NFzvRKul zPlX?5PdM%GseWa^2`{fG#qzLyu!QsbdF(t6S=59A7RzBsXW_b%9V$5WN@HEV{C$Ak zARj-Rwz?CmbPGsIB1+vq;s0Xyf^kORK_nLK>mNPi+;|j|z>GY2F`?+)*D1I?K|Vm6 zuG@#Km>~Y8Czxz!6*QLjL^+Bp%P%uSg_%i@D<#VhxXA2{5)-j%i=UVcFhLAi(=Q>O zsFqf+g0geo@k?nCGB7CXD`fO}H|qo26QSR)f2uLYWWU@Ny-?}tMRDL7W7in;mR8CP zy4uA9co);}jGm+t=U=My@q#xvK9b$2(#m>IM!gE#^~`U_O7hrm#`nJU<-T8k+^)Ii zO*Fy8*r6$36M8GR71LCNY`BsEYj9H1cDW4KVX*yo zG}I@KmzA2i>yFzvk^j@8-E$xN!}rL+-kN9M=*g{h-VS0n|C|d6wvY3BWQDBQZ1v4U zhsowGDHa!p)T@86LjE+r-`>ya5dLoX)xT_-50pFg`RYj|9gfl)?927zG<%PHhvDFB z;f?#tPVe5|!Mh)VT+UT~LXn9TC5L1938cp8uPgaOKrMop>Fej`4o3zg!v@0_skebI zFM#^0KwD4YYQ;50Xle$Z71>r~WACz~d(x9kn?!mCEdd^KjpauGT8)GR|HlH4N5D@Y z)^7e%jS(O9F!lU^oZw<#xA@0?TYBoBO(0t5%pM=BUfc#2*h)Dvr@FHb1QNo!ILHqG z(gmMh2^Mpny)h;~9b1EFprvZmYu_Fz{om(CsisW_o%O!*wV4jLEv>d9E$S3Tg3R(MRi_{~IaQC_2}LhzR-$7fU1 zvUJk6jYN~}nlBA(DwA{5=DPgbuAdYwV33s=QWzUJNVddxcs4oPFoGf?&srRKIDjgZ zK|XlqOH9MUdZNTn^sTBrx^%vGK_YvMe5)!WiD#DBuXtoT- zcygYbhp=y7c%3v= zj_N>Wu!gty8oGVp4Cf&aeyKE})f<8S8V!0E~=h&E~5F*P#|LTnAj$p(Um zlH+f&Ux{^eA(~BJWFd1Qsn4ojuKEp#ZdDML5RgG>gll|o+2c}m#)$a)PaPtQP4f;P zeY*O0`E86kNwSqQ$F)2JJCES1#Jl0;6b&}@><;3B3iht3j{ZK&XPKK#|X*#4ZOU_wX_1X9AvdU7=fT5o(L!?yI1x9p1i%OlrNI@}!lC zJBO5$2#^Dpgw<2_RxcF;cX}}FU3W)#FKx3q~`0eN5LcK`w zbOUK|4y;u8dq9&wlY|?^lUSwBEFb}JO%UHERCbR)s39=GiHkE=C165<2^iT5vq*Jh!#pNs^YaA;%y zN-Bbsd|w0dd0`4tZt*r+p4({#_!QI{6<(@p5Q=aTtQR8VA0h#p{@w+WehO zz{L2ZhL~)+D~13nxnx43+Yv9ce6Fs9QMy2%T!&J0=*i2KWR;$pk9?#-o}o-nnWkCg zVI21eC$}eONomcHLx-Ce52GD;LU<;m?#_!G6NdsGCf+Y@#MT$}Mf=|=?Vr^#j7`Jz zjp+Jm>wkbsOj)A6oH*_zuzt)%n-{4^_PAln5m@YfEkNBBXSN6g(@+N4n zC{2g3QLXe`;!5U+qsQ`GT59DgEU_^**JRat$|k*uO8N%8v|Qik=Hf%&LR6Fe?Z>?V zk~>ad1h{6U7{ppGnc~u^K_|7PjAZl663zOZ-gVcVO;2=VUh1qPJx;0t#yGbWX&ObX z4J0``j~sZhA6t|?3D%8m^;Z1PVLZBeM7N%yD2r6od{cz!b0}$1%|Z>Ojk;)TPd$yo zb!WLE;L8wxSOp%%tW&EZcbt}P+G<4oTzG4q;!{ICec1Kl$!iKrY&XIMK%U~a=1VP% zbS_|nyDjoPO}svgBoOb&Yx*&8Tfcv7!!RlrlC(!TBSx^pyxn)e|4koBfx6eJM%VhE z+jWL4zskNVG&1>@My6QW#%}@{P);Yk9Ayvc*iZhKZqelQ|74^;>SN#}Ju4EWGNcj4vGW;ezdDG2}j%R(ns5F^lhM?2*;Pn+AXEaCFhH}LX z*nGq$6=t)(wjeeMA2niz#k=`QG=T~d3@Tl5L`;_)mL=HDI|&de+CEqPoc~^Xtf~1& zmDfx1xHu2RVJE@*nM=5sTIeiJKC!~g3m-`3dQisk=b;KdM?B+sNv-vHGS^O4$n1rY zMw)@f7F}!Z+l+s~+UbbL0N{giT5ue_x==`XK4fjZ5MosvXoouX^e2&R)5aJs$hMEqFGBv;H`^l)Y#j&-gHPbobXZ0ORhtpxsjiESxj)F!> zB%yAk%)p}#nu&W(XGTUl2v;+mGuFdI>YJ+jte%zv#9FTGYql@@g9z>2>>MRJIdd5x zDRcz%TH8b?Fl}upK<&!>2-F3OZ>?v}<8*05F>mCF=I<9Ut0vR=zKu~*M`I?(gIdYiG3QFBV!Jd5iSeC z<4|cTLQH-C?Uxr^qL~Y91rI&H022+-rWY1I;2*kWaB5vO^0>-Rux>q# z{S*52L&o@}84uF~gARWft&$QBD^i+?RI^@+I4yb1|E-&=b9N}6Q9H`X(S0hHIXU)eMMQxn&;BxAgLQnqXeq(bFZg~o1Y zkQzfWl*H9Mr;Oe9Rg_@hh-iKOqn{bZC_tKQR>w zHc_rNndTT_jj=_=Gi!Z+yq+uE%mmzMX?rmkD|VM})! z`u3QBXZUZumQO9`mX3A*ja@eGd~^93uEB z7*~DH=n5tcF1awquAwmk_We$ogJqFp|GzNR*~Lc46D7EQ(#fW7}Zk1mNF*NJ!@@4?Z4qT$zBxB zI7}Fd`5o1C@nl5)D?tGTNXxJv`_6{NAuhtH1+1S=01vv4`wtVwwYY}fV^kdw9!qDv zTL5)rEOanQv5)E}cXz4dSN{OiI!VQ|utgDjvaqOF5-db|(nxxr1eR*C^YcES>;CXF z9U{dKeYd%n?x_XgvO%Hs`z6!fP7&aj#0VrdTX~0IWj}fgJ@6IEn8lw~8e}rZW%Ka0TLW3jBsvD5{Q-pG&0WCpxrp18be`?%Jp1>9OavU?)WFB8X z;^xtb)aXhkM|5{f@%cMm)>0-Lesl0z552>@)S7^ij=Ae`R$_dSq*n>;vz(BDIZHs8 zsok;U61h4!8|slo*DD#}pF5rUg=p`R+|(fls~}gePqj3Ja1-5g>%9L#8jFH1aS5RR zNTm3#!#vfkVNp0@3$2LhE2Q>ndN~JkDt4hbt{Omr-a>MWDN&XW>`6VZBOK~c2qY!> zV3^?j)msFrmxZbm#w^f+oF5PDphxqHO{@^_% zKAX@@i2v9nG)y7=^csMA?p&2#_%zAvpF^G8BhrKxbp&Vb_t6Hd>t!jr1qD@$-HKU0 zRQx4o1)WphKwW^erMqp;PjK=ZCAiyc8zOVmD~-Nq+l~jQ-VeAHa#621-Ie{g9-uX0 z{XC@FA*di92}%}7g}GRF_Vq`)(0!?Aij>`nj%9QuaegwG$mSM+MF2}Upqnk++*(=- zu*+GS+@BFo7B*j1Q^|oJ=G88V?x^8Z)v^#d=XFMoMVN6GzMtjh>$E`3V>wH}D~iZ~ zIur0)5l#9G-?GGXDpwbku^cEkDkf4LOVsPV-Z||K`)daa2}8JR*lwO{?Qaioef0xA z|FHXc?it^dJ39mWT92-P)t&+|Q!6zJSiqg-ufWp?c%LtTY>KmU79fF)MY zS&?}wR-VzJpWD2IE;=qx4>qu0wrH&@P62gc2eIi+`3yy?LcaF6nI`2;u0rLcpYV;- zl>jADJ?>7c*)mXB_7Q~~v9%z%_1G46+_F;xf_A*}G-+oOSa$d7Ok@@vLj`f1k@~v| zeCFi!0?_^&g!{GZa2W2OC6P_IP&|Z(AV}a`%DHmAc$`0LsdCB|pe_K2zYk zu}wc|z@^r^$*9Yd+e6>9)3&SOTDFY8UxV}z|2wI|CJ}66JE?Dpr>&> z=aXEpBnD=Y9Dlk|5DChd`Yh*$0h@H)18j59(cBEn z1x(yIZR5Tl{!?0|s2Nz(2Bk!u*(tBu;M+^7&x!Yog)TuKgjOE-L#9as%}_P)K#BG? zmfw00`ec;z)A z&98|mAW||XY~7M+!eqsYFY`RYYOPiyr8czs$|_E4p5}GQEOYHlY4)l!o(Mcdvr)wS zIWPXE!c4A0_Np}nnpmt3%&~2j0(YjA;MVG=_b*59WJ&WaL0!`q)f!r?5EK9EdII{d zPDpP!gX=>{ABs^8g^+$`u3l>+v)xYy(*q27JF${&Bn=AQ99niQy%(JmKcY5S+KF;w z?Bt?U0`d*Srqyb|RevhtZ?>q|D3xg?%H5D`IY=g?^N?l!ETimke|q>-pSJ5fYR$8y zOjBq4*c@h1nQJ;Abv-;?-;n)vj*$4C4nk75Nla3zIxi1{u7-NM{ z+-`{5Qpnb#Dn$X06%J<7eOC0c>G=_)Esz-k@qC1Ztpd7`J>(Bdi|FEx)nV)mKJ4CJ zv~)=4`_&F5zagaq{y&sd6sHY^c{+VW@+Ni4oxEMnbyl=+ORycfH1b9J$W)cpO{zcK z0A@05J>zdzC;jwBLFmZQo+Ud(Qh$r^2i8JidiqfDjr7!Gc*i7$o( zr9T*oyH?7W>9a|o#GG-yi8XS%ip(aA4M3s=krZF@fxIVV-LUQeT^cA4GQS4sq6MCQp2-f<55 z7N@vmU36K8;rgzicN{eoiein!pbk?Y5Zgw}>ux;x@qq-XI%dB`c1_8Dl4m*c@@pV} z1$eAwJijePsN!Wjnhl%=UOJ^C+Z*au^r~>3H|4gXIuy8jx$}fhtqazyBbBdTj?QeT zWX@%Vfz^Rg>EGl+RVstJ3d$N@*VMgD*ErL5$lOGlYN_Fw3K1+1B8wG9NVmFKu3XZ6 z8$xIUTJLQmRqbbr9@=~Ldfb!2-^Tw4wpx0vuGZj3u?(MUt9)*Xko}JWW>&*z5P!h) z^+}gNb^FZX1?Ro(^((rRqLI7;X~wD}d|?{IXB*5Goip0|xZQsc6}^G<-j;O>@eHD5 zI+q#c6xD@pz$yw9mF=jS$}hn3q`mC8+Kns1YSON(H(r3!tqZvzkx3U1asc8a^pD-3 zinqw#nb}#DjKb1Lv)+WG*dU*na*DJf&PLQ-|7}8f>-~L$PBOrd`bYIoSAcl^=`=+) z7g|E(wV&a76)oWDm{iqII8Nt#38Wi&M(Z0iS(kbX{CCu zIKh}u3(bX}t8k?#KkjHXvBL`lO|%Lyvn3(7qq-=EMS`~2k5t}{IL?}LoxO`p%z#W0 zVWBlvLToRX- z6IJ|%csp+|A?YeX<)l!Py|%EzbT2gw#@!!dC_uUa1;m!4X*IN%j84@@s6qJ>=A97l zB~0DZCB`0;QJT{J5+9m*I}JcROGJh?)V8|}ye%4JQd`G-#E4+CvhKH)X-WqL+mOmv z4#pudguR`Ui}qqw$4Zt~UV9Ssj(SWN0c=vJba^&9xcudj=%aeeawIpo3)GkOuQJKky3^4L}pC>mq%iB|UX}2@KN9Vt^S5-_RfNtdjn+Ib^gXczr};Td$n$xfbY`DJZG|Xsi-~kh^q?Qd*+n1$6}2`A5^Y#4VqDgyF!zt z#e0ovdaEK%zJYpLiWC_B^62sdAf;t{qYW7;`GoLe-3LOos|6}mc@X_(uI!o9UG$bB z;6J&JliRQ#do=pk0rDqz_zWL>yL&F@)nGjD?`1D2n*^SY*JLl>5jhyGKerh_S$CC9 z6b=AVp#J9CS_h*ZT%-Bx%v@qjw2~NJ!>LVBUGSd~q^b{U0{x*^Ozg>KLW+v4*@TTY zTyB5Gb+;Kx!pUSrpHg%a1rVhiZPSB<*Vb1%;(ZoXP{;CAn{e=4nrmQf;&o0!}^6~R4 z{h-Tbu3E=;>q$G4UKs`9aW=JUQIRdZOVi#|jQF^R)&+~3kSjxRJ!sIo> zv#b5$Xq*w&=%ca5hU@Q~j*#uNnDk-IFu%0dZ5`?uKR%`QTyT6rHRkxX_oYsSXRKki z!q$IX+D-|XYz$)!sZ6EXfom$~)iJ{JdI$19NTv*u8-~lfT8S(356OTuW515|ZPdB6 zzU1p)N4Bc)5M1dXii-zUp=^5h8Tm6epkc~?J~Mrp$1602QU)qyrU~@dkR}~XE0u7- z3KHjj7R3Kk=3?-!K>0{&XjxV)MZ+vd@$eeC0!&8f71|mfp~)cp?U_LwedGS^J`YwX zV}pBOY)xB|g5y2%j?ZQoijUp4`HHE7eD=3?tUar)gDxyl|4N`0sNI=h`A+_}0o+;{ zO>}&-qPg;3I)+d&wW&cyDLvxbvJ5}ByCJ^c!x`oKRzu5p_9tQcuqHe}oSp8oXg=Ad zcv5C!(8`wDOocNzaHS3xRloVduD}9+Ph3J%{@94tAm4Hy3tqeLUzNoh9dL0*kIHLb zAc>WehnUP}j4FkdU{80RgS~$Y00&M|YqMmL;$tWQIb~pM1saF--!TqI>%!_y7v`s7 z{@WMOeyzd9YeE9ZCf7XkB`N?ZeJTSeXq8eO74(LJaibljI# zkLSDity>j80lL7=zwC5Ql?c=p}IoXl~?Nb98qSrJwsy2%-p zu1*aK4cWN=pYxVQj{LDrKuyqD--5Wf%)ZN1u)oJ8iG_Hq7VueG4gtJ2;kxz8 zzi3EJXgyY9=k12IwcfSlr{o>r6M1f{oJb6y8WPqh?SlpuNfY|tOE;-={#Pf3Iv@A< zTlc?tooQr!XYa=678|8hXD{!OG5id$w#ZQz)^&1|U-9*%XTtj{Sq-2_{pF`VVON`MBDw!id#(T=N+cjK^`Qg^<M2u5vhMTA8F)(ywlo*;4&7;{`R>#Xou9> z+UkVzTWxSp`pbjqe=rULnI3+IY~<+n&l+d{-yDJd(=6zJa-947rvI;7fCl$@29x~X zHa7peg&aG`r>z1)<>oKXqJPiUzswl^e?MUOfPC68d^orNH|MASYmhLY33K=ms`cMK z^@hOb#*@}Y6QP&u!u7C#ufzZ2qyF=k-jV_QPaUrtF+*kmquM8Y&*k{vjCB8eg9j+! zjG8EL#DxFXc>eu*|8b2AV*dOJ{D`8AC<{d!`LBOw&ixctg9g@U}_4PqTNbDh_7{chs_?`1$23-aq!e@73dfBM%A56rxO~-e_JXV)sT24@85D--(L>d zSiCSsGJYW&hGhKH&ngS`2V-n)qgJRUywN>Altd3>^y@1 zdcZg!`!+{JfW&`oL0E*GrN?GUK^gSlj)^l6w6xQE;^qI__e5X{sh2}m%;Uq2S6f?e zO1O=J@|lXUJOkaiS6$t6lB&8_K}rLBOHXa{=Ouq4j%xRf_13(sOi*P(W)gdEpTC4d zQ03CDV;(&jbU9Y(R}zw5e{{<{1ObKXeVztLWK~!jLW70J2FO{Yo;<=qzQ26sk07~e zY30cSOSsg26FJm3tbOt`oRgH_Co^%VfJxPQ!Bkd+K;nC){~C*v!wVNTt+anNW@^q$ zxF{|(^~evk%mmKl~_b?g_ zFAy0?Dah6M^JhZe2>xD;{Dq%QxIGb-o+mbAA@-}zN3PjHg}Gg5a`2vK&4A@Vjes&U zdQo}&^#<*G z#Rr+~A^E}}^;hcl7)aeu;YgYwDFpoaV!b7!`Q2(`~338 z-5fXZ&(py%J4AI4$)qHYu}@%Voo``?<>cWS;Uuf}&b`Hn;pD8gnP&3ia^!>GUA;J_ zr_9^VU3UYMs)dA={l?4+x-SdscfD{5&v|IaqWV;W$$CdIwHBiTsnCfVVU1B4_Y9ugugH0b4EPZE13K?-fDmQ#{u#vqj(d!5rawdX z;Wt}VTS@KUA30vRx@Y{&`HKdSTK@)~YaC~Ge|prQpZS8tF+H;5$*J7h0bguWUbHUn zuU5Qs97*k8sp(M^Y<8bH*MCYuyH3@%EXB>q*dqtuqAWAtfoz>?e~p!=>7!(Ld?{E| z5`VrkFDQE!O#Xc+k?eAoO>Bnz20=6{M3;sU4?h&Bdu6Y7r9D4 zS%iW}I=|K?SGVTatHb*jNeztqWlNpbAWt>Nwh(c+88#)2ISrax_t@D6hsQnoTQ@MT z4x9N?=Lax0*WufwycPz!SK(2*SR@-ImaPi)K#oOmFhb{lopY1vAJh1}@OHhpLvP*2 zbqYSk?fU`JzU5rFLf1!4@0Q_x$T4s4#(<~1-8*?SpR$xzkguPn} zI|?C9A`024b1+@dbjp5B<-J*-Hh!6K5&3hDWq<5#v=T_Lu{*{`f_7QHe+yhQo8>Zy zV(&bCZdB`tiSajsN8qQ|X2IFu;w;SQ!OyKNgU|1HR8f!ux$Q08&o&#B4y)iZ+8srm zhpa}!aA~XhR9DNJ^PN1CEk3q>t?>8o#JN5U(FmmUrSq)l`4&bL!<5kKkM^u|?@{Vu zA)jcFi%uUuzhF>^cAk(Tq4`?BYZF#9W!#J93fG%*v8?$1K-2P>v@8>Ulpg?xZS7e@agB{$$sVi7O*+I^)m3E z`+mD8WQuHh&-HnFA3ZO7;OoGzwJE&NQ?Q#TIo{Ob}cqOm9HV6t8sQY!i@84SL-dXd7n?1;IWuLvaQ;q#>B=($Hn=TRy0dI10!Zx z9AqEmJe9tp-N`%Zj-1N}^t6KPK{ciz=@y)a-^;X5k=mPZ&d+FL;)}W@;fOFh&JE)e zteFz5mJFJR7P&783nDTL%eTg~RU$B*?x#n&QZw{WW-3MCUUrh$mLDuIIvoqn6_?&~ zYy(Cst>}7cfZ-xTy~yoxxXU4#bVXC+nl7P?s_N3mBavKQjLL62bXCl&AqwOXIs*an zqw4aMZ>d!qq8QR}U4DD6t$>|nU%8y=OdaeD^hO<$AB<~<0;n*1TnIB{?WGzlGx z;;`dP#6vwPSJr1lwYvhWjti3LrM(QT09Yt=8HWJh`r3G#Xp$ zHK8?MHJnI$Qg_o=Z#**9W&qHP)or3oT38%-&C*~S*(aOr%d2-{$(G2oXEBBgEaIvh zl_a$`OcILM6XSjPoAC(P%nGAznk7mL9OEvplN^VQU-DU7UnS$rA_L*zyl#``?iy?l zq8DI_@7IE!nF6<{dTy>3^}`=lrz{r8V|9?MN_#NYv4To#`C*eDUgQy8!fGv}A9`+ zwjT|k;Y|%}MalGfYeK&p=Q=-8e!(R=h`P7lohRIc|I4@*gVEdZkd!N99a=H&2;#QM z4rA*m#DyYude-bcXvppx7oC=)%hB>Y=eveb|Lp+(qui12+bfLe^R3!IQ_kmN2;@^q zZGpYW3j<}$xVL)K-%JafCGg2=tUM~uH}E|-_UKwkvAA&w54?ckjl3O|n<~@HfVAQX zz5D}OGTNBmZF{CCR$yhHf*#(g6BAAVCn~wfUzq-cCQ5Q68a@ix+*hkL2@HhwNd#GA3|?7#W4JCv}=x3eHC zkQqId3-}bmvUn|cd$jQNbmfX#KP08xVg;72&Jz+Jdm0pwxftS?mUcbWJqcmXDC@2k zlp@ooQ*SVD0h?eJi!G?R)p)+S?8UC~uVXXHQz^641KmqZvv{b(48-2S0DK#iw_e$c7<)pisdR*lYd9{u`#AdL)moe+QM3kKDuV1uS zt0l#D{Jq{n4aP~o)!qc{vb~X<4Rs9{!T?-(YFvMHBl2dMS zr>V9as{$7W&12)#@D0oiaO|I!tVS80N z?wdC1?zelR0oxzp+7)Y|hOr)~U=0bh(Ucz98q^Ud>)xw+=zCA2(cMD8Sk4&7{aZom zqk6#BEgNf&jMosON*RmPVCFBykx|9sN9zjmc2ZfL!J&m zuZZ-v>AA|^KuM4D60HvB$x1WwJNLD`cJ@ZbYdn(s*^w@}l{q1|NbJjHy+_1QI}Gm7 zw7dZt#$l3iAS1tPU?HNubwF1E+*`1^7sgsiD@1UFNDCo z~*g(b~;dH(hPT&3@ zpm0QGST4Ur)mI^ZK($6@r-XOZA%8)&TXBVois}mjkbZuPQ{59wOTN1}-5Fe3jiPlc z^BC!UDt}mAYWP9?nz{B(If_mnYCX0J{MMdXBJ*Nw*r`hNthma%ww2P^UMl63U4Z1Z zNNjjwgyhq!0FVan&&S*;%-^{Q;NaviEnW=zBprv16h7XSHGP<~P%h%}XtwYiE4BX1 z(>@0-##W72LRV8Z^fc{J*ZW?*)^D!$6gFmz+lLL8xm`L-!wmqb9`F-h!iYqt1}~tPc{{InJSfcG)G8DEomnTWtgifS#xaqsUjcCzjLF z-(>lDJ7{_j?edC2L=K{D18(msrvpo#k=4iqQ!8LtEYZr}#P0w|K~2rgpA1VsRq2i~ zpPS|-td`2L=Q4K|da5a_5&5o!%JDL(ABUZ2-?K~HkV(#pBwxPR zUX0ui#rP=87BINh{N#o88hc|Gio zw_Bu^V3b;l{c7pQiM;!|eJ#;CTyRt^EU;=%*J{5m;;|(+LN|)f2ZaWvMp@p9k*|M= zO;6yK^r*?yv;11Ga~t{TwchvQiHcrO+~yNH@R_z+I$u&S&B>YEK3d{=)mruEH>B7OIuy;n`+QF3Vsjo{`KLQ=veUogSd)#b)&VaP2v-NoLx z+vl4Ip&!r;y3)I%K-_v<(Z!*j^(swAeiwN3F9c^PHhEI%b!c7NPfwX#~m zokzN&p-nXYDZWvos2Ltojq-)Y6N0Jc7M8Z1Ie+_yE*}l$ELs8ras>Q7Na|R{rpV*#82>(q*zPA2=*zHR~cP9P%rQXISEcsR#>ve!H4eInB1W-g|80 z#5`%>xuoO+W9=HGwF`5;)JU-DRx|2Ox!?oB-~x_PA@k^B+LP01wAGpTvmCLSJJ1i* zPm@cfs7l-HHR%%TC&^e@=SpV~Zh+%T$wl$462+x)9U$AlSp#@%Rw+0ujDFX##5>ld zA;hIsftIm$!}u_?vT^EeL1#G0G6YrexFe^E3auc7J`T@VI^t7NVR=ug^Ym5v+N)j0 zKe>iI26)2eVg<;AkGD)EUo_#3p`9{!!RCIyOG%#AS5j%AvK*H98~w{K{?mFY^VdCX z?+!I5v#3|HiVu#;uf?T0PyQ?4*@T4M!Oh9*Vw@ic{z|NyL(Ua zFODM(j00t;`fjFgtCUTH9vdtUxq7cwdb@1R42S!fg<$d1{A8|o~}Ws8r;dtNf7J81!Zdd9mWIa28P z;ue@j2}XKj%$kIgOOT!W=38iWeQiruELQ$WEHAW zET4#2deWV>KDv_JaEJG_u;%1R#S7CKO+50f(WjPC@3v|fwt%N{$QmWXf3vJVezY;p zwiX~miS#7;If+X7oQXP?{SygLZm5Cj~JG)=z&<7a0A zHo+}6WRs7N(Xh8EEG6lD5s^-q+Y2dCtpj~4<`#*cE1!rNPjgr5AZ#3vUMHW~&Y<1d z=KVozF7uZIg~u}^H>=BkL7E%gC`C(Nh;AK|_hT#ydQ^6^!;`%WHDcKA$z>=!k$lV& z)YY@bSPP0bC2dae@TAo5${aQa8dES{?B_B!oQ-`4Rzr}d-TN18BI{!(vZ~J$YZR@g ztlId17UO!T)2F_*PJST|CN9-I76oNU3#aMQ+xt#$h@jBW>ATVJ$VgG3R@=*$1Lcmr zsx8YD6J^8vyJa5t2Zp#ZY|F;38}z67)Vm+227#xR!9(W2l;}P5FPnE=g_oHfl)`m4 z9LLlN&d=zokHX(riMM$>qN~uG<~6E5#`EC>GxqoXB>xi}0BfH8jWQl3|G)>U;rx(2 znQ}7K#zWs4F^i2FDb;r(J;rK zGKtA1zQ2uB6G`w!Ng7SC=Gg0RGNB3r?>?z`pZr|#;kXWCQL0cU;6(JoAbWrM1pclh z`3CO%7iOUhE<0awh1&~w4$G$NXXr}X|N>T(L{O}M4iUuaIY)A&kJu>dR%qzZ+^>pjmq0vW0 zr~4KQ>peZR(VJiI$9}dph{m-ZIA^|c=5anwgsZKrSRt=ETeMlbfls}ov9uY`b+4k( zk_70@=VIz%=Afk}z6}Ra<4Us8_*&T%Cy9(>hPV|j6oq&f4ch%f?>`Z=F0w$H#_d4$Pbw2zCms(7WJs$rkWG zSj2ABy1O3+AK(UqjD@2Uj3;WG(&zQW=E~&bq-2=f4T+3b45Zepam-|nB%Ti1eNXpw zjdI7dC$zpq(zD)dUAcFBLw%bNfLqfr;$F|W@z4)1Ghl-(NU-P+Qr-3s<&K7X!<`;L zb2~rO;_MjBHc})B>s${FUiqXdu3ER@z`PUI^J$wjg-dhPE>mrd4E#AYx?mNQ)T`Y` zT+%c#IPG#u;pn!e5A|G}q+lbnQE4k5&u^EHISew#?}`v<9{NAbzdw5b7tfWGNl{M` zW%g(Dm8ZUaH+t*Pld!~MJ|0mM(fd(DgSC#t$k!$f6tcr_r?>a&O2OgaZOnzH2fk{I z3Q*5uufL941JR65WA4bI8+dM_zV1*6UI%)iY+o%RkK7M!ApZ-eHvasu)9KP1LN~Xf z450iJuOPA75>T7N&IT6TW^ZV5tv!+bz^7KZZ5>vi!aSYZO@%3;{8qjc zCB>vZwQcRS6#BJPI-^Wz_kFaB`IwbF!Bd1}iiJhkeq_ zb5Sv2`T4G+*sj!+Wn3nS%V;@h4lO!QMWj8TL zpfA04fTw#8D6UL?*n@hQWDR_@IS-YqRx=KU$I3Nj;r)qeoD>C5U4hEexFLf{(xML4 z99tBRW{5FIntk9;6sHb7Hf_w~n+BGxpwv?Gg+3!8SyLN#U~>scuDD!i`W1us*$W(+ zX7+aSkX5``6WUiGRhPYL)wzVT)LEVUPHa7UH9ssnHxoA@zTz= zO3EVJbWjuajJN*Qoa_X7_Ef0vQDhwhC@$5;4EPO2saIbE@=T6E&bNeDGr;d(l6BI1 z&qUhX@Xmc0sS=qPB*EO}E#n~w(P<;PO?#B+aK55eja|4r?bk;g1BxTenJ@akv{>@{ zRC$r2#4s93RpV*Ly^G)gjoFm3sdp{gJsM8{i$P?998*+OF-c~MNLu9$ydfQ+X5->& z)tr(|E9Cnsam`ElVyxVgJg)Cl!_8bCWJwRkO6Lb`nvW0OO`n!8G8y!^@kXA)3&ctv z1tC5wS5Zsg%N_OC)@SL;(mI|kM+#QYpZzBG`o7(TrCCCu^j`Lq0V_g+=tbn|X|UBv z0+a_tl2G!9&IKQrChCtlrzb>W%6Jlci7wGWgo>SSp54zfWozJhZYdod0cO^97Zn(% z-LU$cDj~RAhhSZ-;el_{B*|o1Elt#!NS3kn?g38ln(A+(;$R`mklZ)h13NB?sHCPp z$e(8sYw9POvqqJMXU*a`9Yb`98gRBnv0@*4n@3cB3%EHRKHA-|ZPjuC@$byFEJ#Qp z*qUUrs=gm#%t|8f8cFF{t)vj5`sR)QWVc`88#)tctsiAm6LBNouAHbQuU2`( z;-zpdB0?0gOf+(KQ5yR+dknN$T)pdXyrWmSFCBYWc;L-3=5zOY;%Ssq<*Kv^etkX$ z$l~g8%RdKzabwVSkX-nXGL0}fkCB%LzQ@(Gk0&hP^VU=HVnUv>pP3s;%Rz&nsEM(+nb z8#&4oTf8s%$D4utOy@@#Qr(UMF3_*4zx9=M-yP4(s#jr8<*tT*KHbqgwQ!QeLBilY zQaUn~Lu^Dq8k*}ceLLvkdy59$WA)gL8ZXMNt{>9kRE_IN<m(@D8r-%Qezpfx0?) zI>XIxWi6hC*5R)zKJa>MY*}Y<-+q$|CVBvw!RNNZ@3Ep7`&FI^AO`!{h17j=J?Zl= zpyH$@>*8C?9+{;W?=)&|C!sKAhZFr>N*QF!Jrlgo3dxoWXH(;h7VWBMzSiAq*$+u% z?_$wl7MCNWs&T85)bZXiI4QDLMD5>SNdgZk1o~4Z~a#@8b2x@99B zg&h-BZ@#XY?x# z10Z+Q(n{g&rqcKKgi)b!3|BWpw3tB%&HW-MdQ1}| z7irQri^stzhUJKhfGY?{Xj>lALA+uEviHosY5q zU`9%P;mMAtwHk18sZexU!v!h+`W~V!lWd_9bHMFvGlW`|{pDe3JCtBK!nC5PUHL9N z?tM3(VoW>iies@JH$Eb-gy*uk<|+!ktTe{JdGf?&n<|&)22qhS0I43(>_oDf-QAyB z+6~T)^E&!N1K|WML3gAAz^E11+-yfk?FC+Kn7K;myUJd3jFFU0xdB0RAW|5eAPXRK znVigHSm8Ry4I_&Tke<*DD7yoUYhIv)jEM&j>LLnxB}(t^a2%~tJN(Fu=)lJv(qFnS z?9t>D%%s?$>vod2_%cg)JwJ}^llOY-i|yiaN6p5aVblnmmv(bgK+ik8T?;J!x4-ZkZ{Snk!~heiP-Hh|UbQjEa3wdT2WYwH%R}cWO%~~@l!fZ zq;p|^yR$Q%*m`*!f6l_Tb413kG}IV`)a+#&ZL{S{fy!S|s>W%m{42i@jSjrVdG%Bj zeUjRgA9?-*o=oDx+OH)pku^A^&Oa$~p-Fh_K>#nDL z^#GPa`~(h5A*i~1Dy&`YbcsZRZo`7Hj4nCF+>gx$X^$W>OJn0lc>aDt%eW!l=4G}D z;T5@jej7q2hhJ>iY^x3pqtC?yXZQ2EuZdn$75fp*q+wHo*eh>YhJ0&`H=a#)fDP4- z=1E_xp>MgS=XtpwkeeNeHuRolVDhAe7W;$s5Sx)R&(}j`orVnxNq3i=s@mPbSl>7B z7>n2Mj2}mT=5{+pRRnFFp4LQMUdV?_T~>LKWnp? zB&T2*>|GBZ8+sVzQyFNY{Z@u`8RI0z$WP7icTgvvKvP9w-q8K58Twr_uR)Xd`z0qu zVOHfFTmrL@BJW(~DSJIV1lM0Jz==K14Zvruz+^}WxD*2BgRHY1CCy8 zmx0c2`cK%@j=PH-q#4WGtu{fbHDYT+KWuKsdS&~#+vHU+-cGo50X2ar+Xu~Tr-Tm+ zAFr1_47x)0^=+HG3th&rd6e`Ay`-PTH8Xdc3x9D+IuFF0J^Z+DnPMhjV2;6xeVnpY zyFORoG1;-u_B;RD`c=N`Uqm@?esJHu9g$e(MYq8a^-{NYS?$fzx$EkbdE*e(RjbD% zocdWweZo17z~VrZJ58W-y?W~x^yJE7@rByf_awmKHTB>b4qGJLW1+2rYCQaDOQwB5m^rn z=N*M(S213^@5zsaB~}krnf7F4^(wv^(e`p0N13g*Am>--0Giy+8kL`SGe3YwM{Ff^ z(RnA^87cosZ6_TdEr&3+r4kW^eR+O3)Hn$1FlT#YG?i3tQhb0 zt&BN^Ti0N$H{YU*!34P3iy}o}G}vU!-f_^V#Pgf4nN*rCBI>lTt{R@G9R?yaFpsG-zyBj zoPRscodDO1KUDUzF)bV+-~fSEF=U5(>cp_bt!8>5`v@0Cv!}ajRajsCA%1^-kYjBrkIzk+ z7vVe}wCEI~Ts661baIjgMnNi5mwc>g^ZK>Q0xr{m(<1z*8z$4Z5^Y_JbdZpkV-e#y ziM*GG>pi=oZae*~wwYNGi*}wkVi~3X4D@F_?R40R0iTz9sqWFj_V7%;TUrf#&vtlj zZJeo&__Jfig?n)%lo7apL9&{XI?f#<)^s{%8vlo~w~UHo>Ds@O5E5L1y9IZ54GzKG z-QArK+}+*Xok4@UySuylJ0$0v`+oHQyle5HR}X8Zx_ehu*RJcguiA&pLD~4t-Zu6h zoB1Oy2v-7PiHw0C~a7`!qoLbQkOKCYz}Dv~A6U zfkL8o*yGi{Hv+MQ(IYxJVX18XuL91ANfQIu3DS z@_Pfk!?@NS&KEnM_RP_n%rfa4p0eWV`_*^Gr{lk~q`Dv6W$B;=^0233kt&$;kE)Z8 z4M*@G>!A+UNGcuMdJUReZ4i=TbTX#B^ZbsTtdmNzpl1kFF66x!RS&kBkFzP!f@` zcR|hZGTG=T$xs~9PNuqD8V(C(`WU#$rG%=!77C4XjWWtf$`#eSjjk{GvgyzDr;>^QbAa_arXlO(AOU~k}SOx3>A ziTU%r;_i3Ga%}_aT(*x@*geC?wOyFg90&dTRc*kyj>1VeN?mHief_MYI*Hq}YCpR$ z;iImq@vUQ-pi;;1@j&afncXv=y_D)>~Uc%X-m|iJE9F&W_Psv<|4#cJ1qD&$CQn z`RO=g(Ticq-3@QMUv_J7#(Rvsnb>9>QRi=40ju$kjufaJw!pDL8|gDqmCY@PsXg!< zP2)UYod~_3fqV__RbbM3D85F$-tc%@UjrK1hhD2H7rkW~;s}UUsomvfzq%`M%87L< zaGdvX=x*3i*;vl>TBhDuW94>?+QvK>c+f3!H69cdTZt11r6VDbi1Hpz71EHEyk!= zDDT-^Ru@R1@c67J(Xn(zNAcw_U|628ZyYLY`nF;C z0sJde?`jZN&P+mXa;)>WA9zDw_4>E~`hHbIvGM!rXeLPdGx9U0c;N^#5yWhRD))YJ z@xz^aV0K~P%pv^9aXj;hB+03;^Z~_Mq)a12U}*Ad(3Z<3%2h>t=XQkBH>Y+0>#Ww5 zy{Q4;7-iH{%ma`-(D9eAOIGE~>aoEP(#9jE7tZ5h&2davUCC_sq=>Eb3X8!&m(_3K z@vpqADzls`2`BgKY7JypVb1f-A{v4kusvS!ylc>Hmmfn?aJx{z(t(D|tEOKZb@z7| z`-Fu%Cnb0AJ-yr#Oa^I4^Tnffq6~hNV`bd%W1+n7JUsP$_uw};oxp5dqe)gmtl?Mn z>CW=2IU$+(FcJx-c~N9(>vMQ22e*UU&`l6EbQOYc=Y{oEm{Gqa0LqRrFHO=iNxpGt z^qWVej*Rd8JuB~MNS^3{kK-6A?CY1Rl-i?SPi5p~1!PHHjA5L9O*|&^6u%k~peYq$ zG(+2VceIoSg=$EHo*4Wo!G6yMu?@&U{X361J^t(=$_*`dhmzUjuu_jsPUe-Wdax=n zz~%!U6_R9&+>gqIoCp;P5=_`aub)M@?hk>4Hmo&b(QV=F^t-1FY?V~dy-OlXUaYlg zu!_j^134C@CGD?>;k+ss=_#`QuOYCGeaI|2C2ZTL7Qc9kGcqd{+2XB(MHQv?VNcV7R=lB@&J)@$0QEldvj0< ziJgGj(h(dmVb~vz*+Z1HUqNe`chh`>YAG53S$d0#AMXS4RWO_%v6W?;}^ns{VDvWP3t&CKymE^v9 z2VZlNk@mmL6O7 zLqrBTOml4+C+9s#WG-kO71BKVN1o!+4Oc}j8uDq{+TECj4nefPNMheotT+|+VWdkI zl5gMXkq#^_AWS0?w}BH7ZH9LHwsN4~s_nL-|?W*{SV#|iui|zh;bW&X~ zw9sa=y|Ox=Mmx=*$991+f9X-5Hvlk@blEHJo3}N8oW=Gu2W0P>p6^G~$Qv#*xLjS{% z)ntvmsxbsvZ3d*o>i$TH*m2@x)DeY+Wy9n3!cV}`FCOQsTWPW zpcRd*Ir&@hd~urM3Q@l(q(u4!;|*m}yV%RR=v-#Ss|mKDp_&j7mZQysFQF_S9+K;h zi-aEyJgOEOWkedXz5O8V4P zjb{m2OdUb$)Iz&z?5W2w>np?3*pG#LDceY{Aql+2G=Hxh&B4@&ZXROgLty~v+|PML zo4ZvwviWTKT-Al(#1i|5kS@e9{1fkNBl2Z+^Q``?TrobVE4(gt9bZk*($aeJeMmJ9 z?P$;W`qf9;qo7vn`}g4_RMA%ie?F3wx`p=^WIZ z;Oe;aib5dJQWPGWgQfJ6uPz8Kn<pZtR<0$V+wIzLk z<@zaK=K+s(=y4Bne{1j8&bWx^^K)Ifht%T$Q>s)?g6`Jy5v6_Z6zI#(Y@3~{)RU#A znqvyqaCRk);foK5CazJ2+TD+YnUq+dpP{XD-(ODlng*#WuJD;rjDW9)$NvLBEa0ET z0W`;s{SVrpnhYHA)I8OoAGuyvluPcfFkM7e4{U-3^zBD6k(q`WlC2X&mrs}MSUp@c zVYx4d^3u=RCUAhZib4-D149Epv_;Ho_EWB{JA1MAva25qyw2~^$y;l6s>BoJ6yg9I zP}_|vji&k*alVZ*z*w2~vC1`)6cI5d_I$0GOSP8=EHYV4w}my}Ac@?om$(zLvo!-Z z2FH*-vRynM2VK=7^>*janUgc4Y^D7MA>!n4x_J_pkptPCx4vGaDF+4OeU}l!_w{&7 z5ofr<84fE&6yjE@8C_MfF*Cv|uS*?&#_6H;D{Qs2_TCHa*Yomsg9vO_tO zTno#@A-Cu2SyNYh1ft)&O*~iNc3Y1a&r>YXbCIph)d{UVt*S7dVGrMkYvi>e^<>>M zUYWjxUw!+HD*YDo{#hxF- zOqrtye8T^uYx63@%RsE=ZaJlE=pLJV-~?)_AuA)kHmTIQ%q~eNmb{wmB#ri!FUTq; zYL2wkwvgKch%`~eC^%hjrWBTokQyFuPla@K34nFng86B^m&L?&$n$T;IjuK7hGDVi zVUb@Bn)sHhOp6Kq)l@Ga@C5yJo z?Jo(F(%VWsYMN(-l-d#4e&!LseuEc}cc?<_dJtv)^&{e|X<6eZ;N0G|-sxXUne_6s z%We9&S9CVOe;KQ&5%}`_xOq@qKBI6bh#&tumVm(FcOaakk+eOc1{8h&(_-L(n$5=z z8bP95AYAy27LLaBX?j|Bf%*sDKOKw;)hma~gs|+vvm?q%M5ttlT+{WqcHvbF{Ug2P z@0&A*_hIR4=C?c4e?-Xt$PWI81Ge-xj%hT3_TO9bza8`VgGp5`;<^1%82_`n{$CDK zC4u?Hwo7jS^}jUZKYRqdQ9wcr z3ty?bqLU;VS2#f8k$U@o%9i@Xi1^(-oUrNYSNl z*P5Tys{!pV4OmDTe@Rij&fdmBXzCVQcPrq1yU4ZsJB|Bq-|(;7`)?=rXn?dVdq~8G z|HmWzC)zS>!GYn@=ti3QcNhETqyOQ6O&l05Fa$a8{?BbvdwZ5tnxg+_0ulxxL#MtI zjP!qK!GFCrw)nSRG8jMcPhb46|MMTtWOTlTFbyBXe|s1Io0DE6gl{4I|LakBCBTU7 z1-uLYOj%l*rdK#^C`^{Uw`QJ z|HKZOA8AL=zK2DLGyVK!Wh5hB#e<;3&YI5H*rW^Gn1!e*DyI}dgo}Mv(ormYz`SNs zuKt=ahN`svB$^l=2Pgcco`d3gJ)vCM9kqiV-#w*g2Vo*a;*C@U`(RfYAE)kglI|HO z7}Gw%k`(Sq_*_#xaT?H>f%iOKU;o;?PDwq&XG{qPi-PUE1Fi?N zr?gra3{J!LSH#^d!2cJV@H_l}#R*?6n@-4|G%Yom)gPMZsm(NRf92)sK4&4LQCk=p zwRd=bJ_kB$Y}}o1qCauDKV)dOd7yGQ(fC1Q5b0K`Px~Dyc{EE(pwxQ;aD=GAe=Dhh zqpMnb+BGc&MzZ&W0p~NR0J#(sBO?oan))5Egd9)LinLM__~gXHr$=5$jpq*Gn7#}z zKn0@d3w8oS72Guw*Ee-hQnJ{)^4oZN%Hf&EGDVL7QZYF_fw^V_vV}+R>m!vg*L;e~ zP!KBS3nIh~e_!1QL@7~oziQFTJnA2k0dC6PNxi*wuMj{0Fl5rM#K{v)h7u&r)$>&{ zK`u-5bHX3?u+iA(L(m>@BGvqO~+m33b`!V_4!@aTI7I)B4PJ2@!(zR-l6gf`N!zMO7iW9dR6xR8;%M)CY z$u_%96}CE#tB?#fRf%m`Y3QP~N~^r!7rOJkt`I7!K&yLj$5m&KPLZRRTfi+qf0SB0 ziIXvbs|oHx@ZebZ^YPcmyI<gpJ-x~DPT zR@aMVv6I(api3mn&7X{!R=Xucl=%5_U(Y5)+sMa1fX_85lv{Y+n}|9RcBBl5c39nF3UH>~s+Wj%WS5P;Nj zydD3(C4{y&FS>m_?((kudG~zg#MbG|Z!pr+6jse4(aC1*>31Y8o&Y1s-CaOlqLxmf z!tqoiv`J=5!*-alszMm2`m8`eChKas+A#davnv2zSVY8HO#&up>TIF)>0{5N{PF6^ zAZ-NLpS-jC#|7r+B6sV1Uz0!3AOA zH?itgLfXjA=_MW3ZtRhb`3wp-JG@G%ioZUIDWW>5UX=!)bYnOpGq2%*}RdLzv_Ib1c_pbs9>m`vhiOh}aXKs1}iX+My> zkapg(Zj)%Dw&uzG@bUE~U8wnX({Fn%7ODE`a)*xNIf+Yn|GFLI?-|NVf_TjB05i?= zl)~e@gY}5}(^cGykr`};e+UG5ZRx|mGk?G`UJ~xhkSWOd?gIaJQn0Q%b@FL0FCTKD zZ83oE#Nl9UhEJ8FrSSNS!p)M^~P9i(^J<)1)S z-F>)i^76}Or~!~}urhyz7@hHnTxE^8w|TzD((YYTrPDHbgV<17%|IK%@MGmVO1Q2_ zEQK`^mE_Y4Z_IazS`l9i$W^51J; zL9H1v(1H}aVi*02o%vb8Y`qOI%>Z51^GQ(og+_8qTB7_U(hKKxpeU|Am!GFx)+C;y zvrOa#`Q2Cp8e#0X4m?QpWF+chZLu{$Kd+h@z+_vPUsH>Fq%Fu=u}?_6kvFi_GT6h{ z6F}&7@@z3r02#g0z|dT!?QIa$Sa15HC7?h9*zE&xZKd_5R5Y`dH{MsB9qQ9ZmI!cv zaG+cUlbI=P@hM)F!Ep!0Xe~|FInjtqz&Lvyrkb5=xCX23+T=$WcFlng~)K8WcwZu64V* z{*?cS0FLGbvBCd60Vwbn0jOSqFBg1Zdey7EsuVj3T=9%8ErkGA69lxh@NY|`m)pH@ zka$fhU;LA$Mq3uw8w!cRI#fk9YtXXh3sJY1`(2ee_S5F-#dul6dQWPkFwJZfUuEEC zfD!R~L(N17!7rF4yb9T5-i|ycOTGb@VYS%k!g!CIlaTT5CHm8d=uYQTd?b~==(RljGy#px=P zZHc@n4NRb;m38|Ji1R~_DJSc#V_SyOKkXnzW!C;uB}<8vO_-2xjWW~Hh^=}%wT|dQ zaPMcfv{bEf3*SFPIBXcawaxn zwzBvofvE6w+9E_4fZ@1oO&|5;L(==+gR`5Y*-Gh8+l);up9u~-z!M^(O|tE-wc;z( zUr!WDDO_&F1b3d9b>lmhf8uVfS2m%SXckMp@R}pdm^Y!H7iHw+0Aa=6@WN1jYVp5o z0mz;>MAl(11`iCUfA~YWIVGY0q1>vm{-WHfs;k#AD``N`+R})op0q#T9KS$)4#)0T z*KO)J{s)kJfQqb}GVgWuZq?J@w&y*1G`Yn96MMt#c^jtq)Jq3% zTi<+n@kw+!<+wCCb%*wf{aA2$M%2wEhxo(^_jBO2>N%j+GE?y2bVa5uSM2$Q)A>{` zka@=JS90vBPWY0ny}il`A_p7MaNCLPnTLQ(TdfNajwS|pwKD7E7&$zra}?gLQVHGn zn2&Kg9xO7zME5+h?Bl9d&PEB%b{vyvqRih8slvVg9GdJ=e9PO#e>F*O^Wh|@|HAbo zj{T)fX!Yw>DA2I7jhjUNPT9>~;pF!0UW7cwzhr{6;7jdG6|??y-Eoe5x+nHuLkST5 z_y0lH_ViGum0KqB1C*_JUVl=&8sadHYUkGC(z5WQA2b_I0nwSLrr-j7=Hh`%LEqv; zs}kn5Emn>|I9`WCI-tx zih9R3mxe06+z~V}f{-^Hn8?M%W@w#bBqUM>6~?(cxoHG4yV=j<>)IzkZ2c0uHTSXC zm+SvJpS?^b8CG0eELB$ohcP4WEw2s$GH&838Q&W#eF_BS1<)oSQ8s;z=RNElJM&Oz zJ<`O3DjN=p$o391C{Q}F>ZWvFnsv;x#5*FsCnT;kH3(vm_$m;abWwwX0O`NP`=v`{Jlzw_~VHvCfb?jambDG!^5U-s>oo-3nma zr?DKfg|rs4V7CIwSBzOp#jic6fa@&dBG7pO84tLa(DvDWmf3gVUxBICBCWqZrsdy0b^-v8-c)@)U4U+Am8?=lp9jNo(x4xia+1UDSRRH2DD6x5G7TSD? zL^Mq1yc-&brLs%`A(mJ((aPcHlK+Z*$|YYCKm2p8SzhG1j;$OFcAb)<@T_>O=Cu9b zz;{k6WmCR^&AAP~aFyecTz?}+1Lv{DlM+DV`Gn{sjV3bN`aO7}@-7r5;uy>5vL>-t zYPDJmeJ2*V8Nl~C(s*Hr9?dxHYW|A7?8#B%pCE@gA}SO+=UC?9jDRjsd6>NMg$?z$ zi2Zj$uqK^n^W1hJt;qyO{ZLe0w$PLeTplWKW9&b(gE~bh+Imf|3StwJHK$zQQfF^V~DV@339@bUA>nIbU&iqJky|dNfdpd z7xfzXnXPIUiz;dj*y}8o4{kkOhZUMNuk%MFwN0x_fD*D7pQ77(okxdPh9u*a)_M>M z4DK#6-RWr`>v~~6!8JgmAZe)!3UAbBy}_at3eFCBV22+>e%b-om12M63R&$C${3u} z-)h+9N8F?eMds_*L5QsuO@^7wP)x_f^-=zsQ!R&($tpmrFvY<+lt0)(9_|ggV6L#) zciTcA^cyf3?NX4p?t$*s^>tpE=07QMLqtY4d4+^{372F=d&fcE24}lF!dJ%HQQL~x zwmh+SJuOqc1T+@VU+<3>t<18cy?}n5&aI~PEKS2fDyY>i6(~I9>sY#1VtExoM7oI9g3`*|d-7ruEMTMPJ$36NPUG+w?Z zsQxs4@J+#1X$fCY&;fRd$3&qEnrU~nrR*OKoN#zqZU3h#Z0&GXo zG7`G9F1~fH*M59GG^c|>gUwr4eekjd?Z)sRUX|t8I8PnSMD9|j*X{Ug1V?ymOuW!M zs}bHM(U|)qt%x*F?(>yh38JV%jMOU&R)Z5tA%fZyiggZ@YKV|sd8&A>N*T*y{)8R= zXX{JXHV*r8<5S-XDd=zRdnoo&@s=@QN z9_6Qa%U)M39w;eRbW(NKy1l~KxUab8vA%bhQ3R)MK`Ut=WtvajcssIDbFNlk4wW^Z zGFOf1mks!AA%k+tsQH^BLmq+%fz+l#E6|9x$hy2y2c8ULI7#L!i_=^07I%I*)r5?b z1oDX05WsRg14v37%&UETzgbE)v8oT3s3)!lRTamk{99f zS*v3nHFM=s(}%W>qf16hUZEz^JdT%tasoBqGfZBAxd6UZ?%6A2GTT_z)jMoMtMW$* zI{&(?*=<7xgti^`$+iVo#eS)(h3#K8u(3k{ixV5OBHYX*E!vYCT1&hLE9kMU=UyP6 z;ZRWWj}tL~i7|~97h_S?;wnxW>Vq_yBeFKKkOj-PufVr?f9w>0r5?P)WxU_{j?j1X zzLwQ|o6QKvbbZ(f0z7}#Toea@(E49^@(3RiC(;b1T@kF%We1HJP|Wq00t zHgtd2d9_7Rb3P^}&|km8Hc&i<+VvQOBaU^1oxar+!7#A236UN`j1q^L`ZbpYIX_SCF(O)bis#R~nbP_Ex-G`?VB%NHbm#AHe|ykan+dhvBn zC0Ep{A&KVtwPF1p6NUN`4RwNIMQFT2{bX9587C1p-<|{?Na65|S z3MiBFjFYYygAu7Ec0wonl6?a7wnuIz#kL^UXB~IKqNwCQP@v6y3w6kJH+J*&AgD^r z-yooTZ)YB7uk_&47(zk9zx8+!k0MF;PRiOnM_fIy(BqCiT%rk6S z@CTKm!tNiFnI)qVCtgOE|Dqcg94~k_NfYS_gBB9t6J!#8lFesjwTh#@l5`rbZ_F`K z6i!VC-O~#RU2!@h)*}TsCuysT%MdrKj-+vW?o|EqJikmxN;UiHj(>sztGnB8(z#l1c~>xi0mgzv<6LK@;?LxUZy3vR>>`AQC}+?gneKR9Bd@~Pqmt8PT{ z1E%0;bnKCTn8|U`SAQt?{rx@w95}J2_%VABMcDhoi;>sr`w?!qvyu8Wc_E-dg6Q$8 z@wagj4RvMTyJ=Zp)N#ermp@e7jKP-1AF53m-f{`!H`Eq@l>~&^kkLe3IM=tHAvD{R zCoG*`frZ2NOTS&Bly_p<+H3{LnYA8cpmG~W<`jK-ZFOb~vK^w1q$006O(fJv?u_Gp z?x?Vd^p9lbr%B}3!(5W~j-U0QBC3r&3_bNQY?y|qc94G#6d7p$mc>9FeQJN~rCU`S zJTiUg^_DXI^CwMs*6(#0fYe>mSXu_G;gLUdx5Ai%)ZGX!d_;)d#rS%S8T6VB$_~?O z1o7=S>q%Ps4;*}H^0h6p7FPcU?nPY`Q zvV!2slTFBFl1laYh690sfdLQ@B!bC?w+b;SoiKsgX}r96sj$kP|#ftLE^Azpb|=O)XBEQ{ zPeXM_)}i=g04TZhT}tH`g2gSfU`!LOQ6#6EDfe>VvnQ92_vf$;>Rxo|>_g*o?b4wf zCZ-a}WGS%tk~<6JLBiryOP-?4l6k-jk~<-w;^lyXjVTJ@Wt1Ln44F~N{N z-EXQ;(p|6YQG5v7zy zbF#syk2jkUN42h3eVSuV6@s?}K|9>!&lxkV=8`U$GrTj7csdd*M=ab{aQ@e+x5bd` z7p?v-`IM~A4QJ9ok`chM#>DXz8D)w;#^3Xa;O)%ptpW$`t;sd35Hjh=3bm=m;>(x& zthhs+E7SxMXs@7@P32ecZt7A$ayq6K-ay961&{)VP8$Sa=fUuXO${VNQ1^mx&n4sL)X zNNWFh!{+_UoCoW2LnGfxH+~#6Sb5gL?^a&|nm-amq?l5uB}bGPOCdDE`#2_|%C_NA z##jlT*S+8Ht>&TU4<|?tT1r=Z^d_n`Yx8)<*Q_)ZjJkN&;}YBS(4BK6LShx$ug9_G z4SO4`!#sRtetB5pZbs04DkHQ|jS{Ep<31U7<;=FvdPDv$4Y;eU#_;i%{cLs$JSknO)_r5DtK^{#Cg(k_(0!=7Lp<^D>Cw^>0$(>|AT)XAYvfeR0dbO@ zF@!xv>80U&YD3Y=58dxU*j}P!yBJgxkB)adYqJg0T24)h17lJ;=!#n_GhvDnbX@Co zfcbod?A+^Ij4|9G^;i23bfXdqq?ALdzRo7{bx^{bgpY>5rRzL!UJVT5(egpQRifi| zZ&X~Nru$*>5c|QboQ#6bfYD@{*LADMQrf9+>c%ZZxy)3+x7Iiph^4z7uuj2z!iR*8 z*&u0Y=?}u7g{6E=FCn*!_K&6Blw5$5v)?qKgv@G@OJx=fsEK>UVCv5hz-dQ|=Ob>9 z-kph6w8eB5X&)^Lsh@CBp})XPYJkJYPjo_wMxmw$@|B*Wibzdj3O?K~pw@p_MSUbk z62qSCWgM$`64Q)Q(Q>6KY8L*R}LsHzI?TQAxdEpfU z#jupUF_n2yv)n5K@)+k`358AfD?WG)LNS3Rk!GWFW#VNrERM0Zx-SEo1h!fftxM!+uQlRH{vqdvA*6A%8iI|D2t-ztyJ^~sw)9GV);C2R)pPDtsJy=1&- ze{wVfy?jeg6Y}96KTfVwrDl?A>AjAf<`D5m*fL*S92o|?a12{%t`dJh!#byfdsb&! z#UGWHJ~*(D!bvpWG%v~5y;~z0Z4IQkf8z#uxrn))-QZ0^y>53NROE{Og$*wJGL+3> zCx=B@4xE&i%$5*lkmT3<6u=7YU5zY5kUM8@zF?OkL=MfeG-#`C(9(=J7y zhJY{ZQsALK46n><+eW;s0Y;oyN#2E7>0>SymO9v26a`FInR@L`k*m% z^QLRruYsy{+G8g*aqLhpDtVaQGO$X2wiwm2W?ApyW0l@v&{1-EZ$yVh%KSCt5Dns0 z94;11$OT}`E5=S^%wdc6r(@IR{_(;sd8?=A;#ZvKp}PgBqisdcMVFJYZm=WjtB99G zWT6kOjBF_~v)r`L2%S)09$a_P{+7J(#DI}>pETMUeiLOUc0EnwUUhh6)?0H}vRa6< zkmR0qu1X1Ix2v%%xfw7Y6|)q2Ta_L`_`-xVx2&(#0?wH=jN{_gg*+L7u^8p-hWRh}s#;$yWiKJORf z2H_B+sgFn@nQ&Pd{BVH~&?G&c?^W?HAg09Rau92p;TJxX!Us!NW~xEqGx0+TO5v%* z^x$ei1b+EyBm-X2K5_dx)Ob9&Dd4vl)va1k5XhDys7xxhP973r6&WL|}&QtE;YxB7tbk9g8 zk}+d<-^;c>i7MNOIa4dwATrJu>yw@V9s5+sWrFf#euTO`F7WywGeil|k+I-S4>yTb zgxjn$G@zkCDG#p6yBB|PY)QiC-p01pK|^+8o0*xmyig&J7h$nqHGMg_!!G=wT#rrQ z{b`~`swn#1RLY4g5?&y_^>QB|N^*%mjSo96kN4|J)mTF%ek|*JaR;1lOC)L4HYgng zn+EM_O@e?#!tYdtSg&T^qi(A7nUd(|Zm3>|V;LnSOxd^=6h~)YH=1lS^{eABC+Jdg z(+!*a^wmcG{&-fF<=CInh-urq7h44b6^T;pED$P;?PvC=)34JLgjBvMyu4_WFr;=B zegR=|1kb;cFF}@C3-7t9#;_V!syeJyCW3g^UNf{%y|y_&sh^uTLKr>ot8cqJ#Kg`v zA!7z2--_PSy>)KpJq0zAyUH^(YKP`spo#7wb}d#G-MTOr>>BAFAT!?AM#*4e`s zfA^hGe^OSjE$%@u4yZ{wHA+!;)@OI=8vT{O(~QHcDO`>?!WE{0f6(LL=4M#e&Ma9m z3M{^N1a!S^ z2<|8-^ze?Q?K%<9`B3e8e@XC5QBKUkMd4y44RIX|n{R`k>k8}DTb_q}K_AK`Z+A5`+^4vFpH6_cFyokoFF%_Cch3`hm}S;4s+Z3c9BFjF^76(YfjZgHx2Iqv_0b49jrP^xK^r+6_wY(;ub|=ci?v<5$a1Y}BRtwxGshV(n>=j&+ ziyY4dvL6{E0&l)llF~GGy(rc#b)ma6EzB*8oHFs^NMP273#?2!ZY1XWXT+0o+9KSX zL~t*Z?JZCAJaPJN+WzB1lHs_UzSf4Vx)~&&%8l6u*5-1l`sAcGG!(Ub`(1*gc|#SG zlQ0=%h8#rz9lvzON?|qkyXWpFypm~a|F{RHlc_=kVBt{wV^4~h8imvVf*T2BU|>?P zsze>K)*O|r_;eqzJchQo5znUF>aG@ka^DWIVIa51aJy7;4;u~|SqF9$766#ql)?s! zX}!_F?4w273d>>u&`gRnTurf5shq@`AcB=u2xe6(x+XU09!QPk8OI zj?Isd(k2SnLrQB5%eRca-5h2^SA8uf_cI_xA(OfYj4WDa!G8ShvG|iP!fKJld}B1_ z=yQdGP-%`7{61^)fpnuYp^XKm&o;aIaaz+%f!?`^T=cKmeY>%=_1cV6`NNT!&j@*A zWTZBX0@3GB>;Ohkqvx>LzCmJg$X~h3{>47q`VgL`aTDp3Bi+B~SevseVUjh|LqiHh zRmlbDE;VzSd!a!oJzT&YrewKE2C7}jktNWB_LFi!6;%LnuOGZ+^43$2r!Dl$o^|pK znAqq-TD#1^QSIqV5#tr=_E*^oZbQ3vg@9xG8*M=9}{?9&kamL#PDW9LQ>}ytEUh~+@)B$kc zgobRCRmKCys_X|BF7pvOCo=UD?MF4f^;3we)}d`kql}Cz1y|{Z>yA}a!hH{GI%v$) z108Uf71K@$6Eq|C)6GK`+f93A6vCD@k1+Jx{nhw)kAMX5KJGN_ImATJ@*00GqPbRt z+-6env6|7|-UROZkY<0rwhNw>A%^FCn7ER#(L?qSGyee-9S2mpIIz!@Jb&?@$_2c9 zG=7Sz1A%*gv`1$4Sp9pL0=nU}e^iNWuZ@5Hm~T{DT1198pmILj>h9{s?|u=1@*3*D zTF|{UYf59c4lJF!MhpfHZmmj7wh_d@uTr{R(khnxG6Kz~RJ;j8d2R02PZ*yONhFg_ zgh0Z_YdRgsf?p>5El0n9+~@e#aV){>TS#rRee8ha8P5$SVIaj)+L0lsRrN|ZrHC=v z8QQjyC?CYsr&SJxblvJKTNYr`MyNiR-v~U9ULUlUDx)44|B}(w>HHy`-QTQ)NBNbk z=P_26ChV6WY{HL3Qh@|b-j!|8z7dj)^LOYpisB!N$EyvvgT88RrZZ4!8^A}hjpgN` z?J>7o31#dp*qhrl?;!YEdy@3bG8>42uxx`OR8%~&ZRPfw;B}c4-#5-T*@k~}r5a$8 zh#E>R+BP9c^)?fDU4ut&xKp@#2|r3^Tt`kXerIM45+O#wr4wt{A9Q_ zUvks|oQYV)+5s(>>WGwPMqko2V!Yv__-Y_*ZG?E;Oq?7*NmXRvQ5o2vgLfmKe2QE;VNPocm8tx8}7~IRpklB5&yDyngoKN|YK>$mc4d|ele9U&1 znOG6cC#*)5#E4wOAm zLN}2_XT`_HNpbXB2AfqZykkgJ0iqj(L-fIIUuYVGE5Tl?ES>O z5yYFpPN*DAl9X0zUA0Tm(bFuav~8gPrMW~|nK9IymL0&aH}0(@a7uwBP)##58_N8J z0Us?I>2hnsW+sOHIf>*}6hEMupsYc8Qo~ z+!ueNYnS4eaPBkm?#lpPnW~L+OJrg5Zu!C;l3-N7yXMKAOe2NOT zlQF*49w2OWce7}jd)q?AaISDRy9xqyMeHq-Q8Y_-+~@)is3~cL*m^`&O_O1fuRbB1 zxN_Nr+IUu?PJX#R6II0-+d5C&CYjn;897AD#-)57-i-C1-kno5yV3q2zJ`gb)uISf zB=vo+QGgaBE_r)~)QJei{#a`vQ`}*j{f1mf8nxOE0a?7??s)JJT_j(+4sl4W3g*63 zzB4|paH4ToUvTo)!+^=|1i!oj;#RkcCFfg03a@w$(+|rCT^?%HfF@o67QPUvYl-nIL&C}4GN<=dd(PlncnFG(Pd$560h}^F5TO9$uwv*2Bben&xj{BZiYQX# zf&TnOZq38acf;w_z-h{A<%?CVs=8IBv}-wwu?A&?Yx_HP=F5U;FuhC5pt++L?J01<6WV-_Dx9mih zyUY+RNCcZKaBx)3J}DrN#3*u+(&pemu-hi-+_$$MMRFCquxM}DChW>%+8F3|l0S&BRwl^RfCn2GVBA#SbTNo0vnnNa>3$P@!N^&X zXKlzCN@GGOs>f4Ql$wRVwjXVwRaK5WzBnn0>&ACfgb)-O2n{`-fF#&sY8sZOWUD0PE=V_Jq~X_#Y$(v$mozmErCk1Za8tbD>i>L!nh&k z3`L*)G}gAnysVvlYDgn~H9oeQgLu`7o^e^lW;} zssMgL4O~+0e(_3=!19>J7pmU!*qN`-xf>nh5-UCMVg0r+dDLg^y!=f`4@xIn9pt_= ziJ5rhkJX&U$AyyT*=>rO=|XONgV;GONN8_PHqpesEXW*8wq*2i9-M5xZ8UV=brmg| zd1=jH5TPFx5wa{6hao;nx3Jibq(0z#AaKhHVAsml!$;LQ%~(u6<8EUWdo28gn+GR} zCWaD1(F~W03m$XGq9s}I>+$cetL6xU4sWKt^Ce0l8+IaSU*F` z{p${LmXS==8PtIC=pwHwJLV5c3ZJwR;jVl4JpD+OY>UWD-N{i+8m*ski7VU~B8?6y zNm!~zU#GLdzAxwZ^X|l(9_F%3Xb-ideF{rEVX>_`0G8Y=j=#QFzi7_6mv{Q>xge%6j*RQ74iK}4J?rpZmh=4z= zC#Xu|@Hc#0o4r{8N+39~w^qkLIZi#TZ5wXE@42c$J-(cHPbxicdyacGtp?j6$96N? zD=9Hfmh5Db*`GFD;6II09xn~i7i+6r&29i{u20ntCsfcJjZW$-8(`(-<)cLOwav-p zq^p8s0S~U(EA&8px70z9$PynOP$*{fz{My})tLdV7ZpI^?5@NBlVKfAaMdaT@-85( zifhE;`FZZ)nFb-dlr<@`Uo)ZZZm04B^D#QMoYw0ylE?O8m40}0=`ky>V`XoSg+JZc zM&$)2hVqFKSrJnZYS@B)GYp$8sAM-zD?~DS%0OnF=IvU&Ame$AfClnU`!e=MW;sLV z`&jh`soc{VC*mQ~#&);d( zloF+8NT?q_WN@!`+5pYZ&-1N8i{tljd&p!8ORjpcU&avhkbMSq+ z_!P_zpXDUI3p#YtZtu5s?5^<6Lv3zo$qc=$LE zPv<;uwNKvCLusOH0i|ns;91c`CGF8odkQy{cQYt^2{jd#K5@-xCz_Wuz~{TuJf#Lb z@UwRJXITIsps`a_6*RFQmM!KDYG*{fZq1ZG!zCqQs7?-`w!K5-i-?IAJo8)KdHQaat{W1;PFEsXDkjVMR7n8_ln~$Dh=<<(v0ppE z5`P(j@LxKOGqbE*O}}Tmt$SXMTfM`(dOYx$gb+ljG>HD?-!Bb&c-P`8-_6ufL5W-l z@U9emP=aFrF`~{|&T}o|+8_6@Oz<=jq!NwWAGSg!^CZwTTn_W5K01g8!P}9~+UG4c zzU&JJvg`vbb#%!;IHcJkK4yB)*_@<-{C6l}W97R}2u^qyO825M@0f8>nl-_ zrs>+v?4}(ho!gmnPyqD57+5z_zkgd6EA2t?+|PYL3!V6&KZwBP%I%mVvlpBaR8*8S z56c}dW>QbtR#j3#_5ZVLgMaB+Z+lZPqQ(Dx5dH@#>)#=_KknOq`d}@MpwoNy!=Xh* z<-h*$U#|LZA7}(YNky&JQ@> zH1hXb{q*;S_<#H_RRK(;%2j%m2K9e02ruZUkI~Wgw2T@4{O30Lf86~)E!mA!!i$)9 zqIpC_p6e5J>L{3k5C83d8eSv*m)zEuUw|K!xNg0}5nO*?>=jRBO>^JTs@Jfa4k{h= zzZU9ek_iehHMia~Mw#_R3UAx&f1Xv2h_ciy*3X`fYk2X&|ChUsX@OYvJKZ6kg(u^+ zzJziweJ3*&hAxUo)N8Pb8gQ%NhjR|Md&|bGXeBcLuM{?G6|HhadLupP4MxId_80 z_HWlMTgeyBkELJ~$4T{1y`72&mhSvCcAbO2Z%hvS*l8}?D(3$mI}ID8Rqwv*0|s9H zfBX{-9Y|~S5lG9XhQ^=kcqtKdB)*k_&FNLQ>dh0F-7UZ>6UL!VY5O z*jwK1MN*)ENXkSA((Y@+p1hH%^VZcVW+I2LZVbk6AQEej<90u#hod zEhw?)>B6b$I#){+XPaA9LJ1y3Oyh@ zJY2vhtU%~TClXm^=QqE!Q3)=&-?$rP?j)Cze>Y2)m}A6;8Y`vx%an@;e7fg)R)>*c zV>RtcGDO``;6G1tfED?q{#`EzcCEr&l4ZfzNWU!?J_OaU=ah>JhkAr*VSiM+b=3@Q z%X57d5}PZ0Io%zB$l-M2vX7|H%DAg4r{F-n9H)yzgrHrW4W}u!#*z^?h0k3Et#j?1 zkCU5z_P!yN5)2&f^eR@BCYz&s)b*#&&kI5xu{!6YQk1;>Rwv{vb# zFy{pZ;cyB9XBwww2F$BQt z^6e$8Az!FQS>#)@x|u2m>6x!Tq%4>DSQ$3lB`w~S7>mj zPIq^Mqd>k(_Y0L76g;cQ*9FSg+79|yQQAc@ILzptX7AG%G_ELcKCa+Kj7&Bq#&cj# zPAQy3PqKLrI}Ke)B_{5SRkdH?AdgV;n#9q^#*S!&c6c&D+#pE4?4x8v`>lw<>jG^{ zDHYglSFKpB&XF!P+FWq@Aa7wl3b)phD&djXK*6Zyj~VgxBURat>vJlBloJ-8&hTQ2 z$>Byx8uS;x@6eQ6!+TUhgkvxj4X!4Pd*g4sT;dOv6q0g@OOm(u#6HarcJI6?xj0=+ zHh@QI)?_yhCOiE+e@}|*4N4x}EzC}6O2(^enWL(wM))DC$x|~DDuFJ#H^fRZd|nq= za6dWQcb?NH2Dy6-NUy2Ys{ft?UC`#F_q+tCa(EZZ{kb0Tx$3M5xJK$_ifNafigH zvp090SeU<$kpH?OL^eXn9neKew>qUz0zi&d2z7%O3D`Z02|lgE=CYwQm7)9ZQ^ zjrE5Eze4TK?$e9dB3b6zL>3Hjtm4&Pcgf8)O|sPpD|j{ zWBSmcOa8o(x6Ky5W*#)*=iEZN2(X`)IX1LPf;E#nYZc{=mK1C+PAdF2xAd786xRLX znnydBZJ`LteQ#*Ff3DGL&@Ueh1e99Dwz#qwsl>yTqv1O>jcurQHhcIdVPt(JyA}gT zT>ym`#LE{wymoBFrcX-MXuRU}?D^{M;ZEEf=zXP;4)0ya9Vg`_)z4^-<%_$wM4)!A zAF$2I(23gKC2$L5vgDu_;T&CEQ%%{Vr@04lUO$^9m<#uW5*(nAaPmi`-&6clhV61o zZc*ZVbq;;0{N%pkutJE>@vq~>D8BP6BzD2BTuEd&f+Z^1SgB6zbC59hf`XrLKe;Sx zX!zu+jcNs0$NG>6{8`^`pLGdTL=IsGA$tvM{$=NcotY|<)Vn*D3j%0&oLRWkH5)Bg zkX>yMR;fqW^3(DsEI}e#<_Jd|!f$%`KA6MiY|L(U9%nf!4^8Ga^2f|-l>PExTBY9h@~+k~#1-MM*V^F< z)pu*7Ek+KKgfV}dDMP(QK}AV9{U}Qx;T9T{^HZz@ShJ6!e-xHRd_880ukI^5&-|Mj z=QcZIoe@HoG{z*p7HZ2xsR%2>PpBg$^z+wAadBy;+4+rWsbe}L4}<~yj1)5onm8-Y zf{)l;K2_(o{xm{aE9uvo73LQ1-sW99S;aG&JPLicJ5H(;7b5DYTcAy(xL|%_j>fpk zc6c6po+V+r1_PQ?ZlB4|DeN$Z2LpYC{Bc?m^|VuFlJZv6jW7`_eCRc4h6H!8XNt8h z{Te7@V&}`!^^H6D1j4~%99rD#IjZikD1%3J2{|X;y>h=FCmZRyn(S@^U}JE?heI-1R+I*I#w)_AV{p0WrP_-$&h+M<2TFy*-O*yWr zMynn?={LK!oGCpP2y^LzAuK^}5oT0(m$sgxlDurv-^#-c(}3$OjNjtWfh@of6N!#i z1mpIO=E~~nJI{hcVv~F^zA7?tjJezP%bX+ZaTPHZCRq|Sap-adE3QwuSS<%XmE>QB zr@{vXt&J&3y=YDBuf!JZ-?4H=-SdS=&u?14I$E2jGLdaWGwwh<;t4&u%szXR_W1iv zUkuXBGf_RNA^UkIb+w>sZ}jW~53>TSMMF-`@e%GjYO%T4gXyHP-)gY~$hLHsASNop z@}}c}w^@*~l-alLFfyFX5Y5h+T>x92GZo)=_f6(Q;D*AvzOnXvV;*8|uZQ%hJ9vk) zOOTBVf=yrx1I|2b6DUACZbSY8ucQYrD2`NVThL(rW4PJ-g``6nn4$M~SOK9&93Y4K zwl)^)DiNPh(Or9X6#i_zPCxz)n6Tv8>|9xNGzbQxvF<$L8d<@Dk~t4A8%BuQPp(+m z*}mDz`}{5V{?fgU2MKcxmb4unK+(w`8<8mlSmd$wNCAdDO5fziV@)~#iAVBlsNP5j+#+^LNS{ttab ztu&`EL_dRW`$TL;WbGtejh1qZwGD~Q@OaS17*9Yyxn_ufC97AY6|QLoca$v#9^r*c zXfzY&>)PKLe|JuFRLq(^BkO*eDl0UJ<*B7PbzrWu@QK7Gy@ws^TP0f+R4~^s@4NW? z)p}-LZ$CjhD?PqFK;*u+a|SH09dfLt$^~++f;yq5oT9(ES^~jCKG7?)mIg1-ezdfW zBJH@L$PseQ3Xd@vGpspg4ws{oUZfl}_ys8BEfLZ6;Efzz<#_)_UjvD{wW*} zUSKPdK9TO{ulnYR&=Ki=0=KtuO+T^o|6XP}~ld)iH?HdauX*;>!CdWZLccnfj9&W*~ENbkvDK6|VM5c*tVzHs*> zKJ+X6YJ@>VU$>k3wCL%k3xgLe(yH(+M>`F6wi&0G%zo#{=gMdIvqG-C`U>DSiHi}hpJb6L_ zW+n2l{Rq#Wrp6+>?8s13JWaKv8MpFBLx7!ki^-ya;pyiG?(p0o(6_XV=Tn|+$JrUi zQolV=66?LMV44+a4k~vGKq?x5I&B^m3JMuH1#itu3gf@90LHwT2PEd*KgmAKle>8t zJxn1YQ>TME@Hq9i-$(I?NS=uP{=G7$qCp0~^}%jqXIOJga=q4YMvpuo;Y#KLzBeu( z8%S7nLR@%}v#{EdycJ()NLkQ06hP@NOxx@SQE37)a8_4ilEKqv;}T^JJ|qzw8Qt=U zR$6?XTpb7ae&}XW;?wi0FyVTw7fW`U8W>lT3**d<1w;TTTyBOT%BP8!v401|CS>B% zLz-y~3ZzcawXhw5m(;6P)R6{F#FZzjdijf)Y2|Oa+q-6d>6yJ z1{1ob#?Y=Tc_TZu&q)ee&w8TP48^t}*yZ#z7z+AZM$M;Q=kl-mEpy|-?LY+C<5uou zeLRl@o&XZCzHNpjCziNhD#gdjiAm;W2A3KR*mgG{!~G~IyJTunA+RN+VkI!611AfB zVAaQ~Hb6saq&%Z4pv)ScN+waa4f#sN48GJR`tb2>Ju#||b4<|nT_cU>Z9mgDN!T_LL*oT+Cpj?w^~Ob)7?oCc@#jU5Qr`KUXK8Hb~#I? zpm&`CGuF%@jJ+`*m-+3@OiRc$#$3Z#$g->?TanXuYGtxsvY zV!Wt#E_3deg-qKMWei^9V7kP!DB0 z2ao~0-Fp5ZB}*{3!;uw`x|1LzyoA!o7|AC1`AJv)gAJ+$Xo`dF4s5LY*_?>|>cM!F zPDN9t<)NzEX8jqtrgIilew@cK+ooaWxX2=2?VOkHGB!v0)3%Lx%`g1n?!{PNE+t1W zhXWJOrb0Qg_{q?pzf~HeGE|(21%u9S1RBAm@0X1eBj2geccpEoNJu79-B3Jk@F)k#(P)(&~+meLR1G2 ze`oydaf1{8n|Yg~&Z$0;Xb~mRKq>>)HpH#Kz&*!h!unoL>P1hx|EBAlF52_RA)z-QjjE&XiD8oB6z<*t=D+T!%Y zWT1qSo$C!oNG$7UNpi3pcn8AnH84{yzSYN*U?{s13=$h@&P&*fL)Ob>Lx`wZG-|d~ zHIg?|SFkx~M4IW;|E}}ueMpucCyU}YP2XZhzZY&_ryE5mAzof=OrPW)o0c{-$7^`J zVTT%pJ*L_=mp4Nk^IGG{h51VJ_4n9RMzal)|H& zs>1~99AB)-E)h+hrQ1)M{FUUun1FWSURNv1aqz%4*R}j{5Qe-T0Qm-th>;V?n~q{M z!ljHJr#P%b+`u7OzeC2iVEB+eF(0t7<@a222Zd@|8>hb8#)lct%Ilb06%8r??&^JG zOCpIu)g8=_OX+rrBC`T^j?=sEspf^h(byf&_#b{KoN2o0kuX>tM`*1Q<<_!HacAr* za+w9^Z&!4)m@IqvP7HAj#!CR?_PMa7N@FUf45)Ue41dqu{u&u+V7BEDIsO#KUM`** zpBD0&C#;7@0;({LXg!&~wfa$dL^Q&WJZaWwEzIY!847x3bRZ{QM%$>g9@0B3IUGaU z6g{KE|Bv}2yyU86S*N4Ons1=_fh%^NRhjGUR#FLUpHi5pVc%{4+}W|7Q_rhm)>*p0 z-WLE)RQFkU+Cs|Mi8D3D@1q>Bo|T&#D+wUVMdT2cFc9OTxVVzuLPC{tB7c;>%N_L9 z$90=0qavX}D61m-Fz08^!*-nwj`gz@LTyp(uw$u?aE{Bvb;pTh z{6$Ua+sR=+Ew2{F(?T+f&OVv;+^3{76yLv-9kpCuYHn(T9nd#8JZNZE9@rU?iz_ng z>p`_atW807_Uj@K)%m}l+f={q+SiM`gkdzsQu&{}07tg5}+w ziL6z{NtzvO+q@)90C@bshPOuf#NE7C4;iva!V0m;wSMA?aQBH4NODjyxnR8Z1m#u# zNWzEdE8#=i6?gDtc>u7sra|wM}n)!OWi2f=_f#?{?J#9SbhSu2qE- z@uKmT&iy*7PPT-9jb?j4-R8=6#M6J*k)X5g#U702A41y!E+$6*Ah+;~VFAmBT(=cG2|W|XV^pk5Ya3EX6~J0c&~6fS5LYt7SY?yw+-Ii3goDZS+L z!&D=?F{aIfRLlkRjQ%Fx+~lKNDrXtE0|#CI0yR{|U+Em0FCgVwwPnG_4^W;8`8r0c z?lqjU-#9+q_kxD>;=c}21A(2Q8MIIq#3W(y`ljXVOY2KbESc7GiYjBH6vGEziAje2 zR6(97Q2EllUS!E!xa5FaAzN`zjSLsi@>8Va6i+N`j6_E8yDe3ITCd{hM|26#>O^wU zHhPTLiWXef6<}FIktjLxD;lq`L+?_%Oq^HBgZ<4NkVh^C>c$nBMyhq;{k{ZVJBP~^ zrA&Uwy)l@C2H3)T&jD$O;+%{jbpCMC4K~IF@_WY2=(Z)1NQso=XL}W#{u5b@EaDcO zlY_P|+-N=u7c~-mbY)fCb88SLm4j)GX56ql)MSJ z8RV+@Gucl$1UdERbvlPF8?I;VXJY*#p**jRq8J14WNvuv{z)<9dvfM83tXF&izj)* zU31Q|SWPKP!#LmQV3w@$TDkA~pyK5#!d-Uj%SfLU> z53wjJBYwUF&-U+~%OR~*D>{<0P(S9#-yl;hRw9=Rbs4lX=5Sc1XI9#OhO#!OmYhAN z(>~xG$Q#uN_ohGUw`KQ_7!H#>N0^3Cz7*s5POoaM%zA=@xHb|PnrlDXV`=d~PV`b&b8 ztTT5EuD{t$Y`u{SWDr?2uN6WuIWm^2<(GyX8Lk*-aOI?CHPRFWu->D;9$47=q&crs zpT$Fm5`F6T>};_z@9ke7$cef;Rp{G#@dQC$h4#k?kM%~wa-Ots)u9j6kiDpQ&4~yog zwjc^$W9pNtS~^3##Fd5a>ElnXwm9|;>E)nr)A@eWrV(EF%#%BB4HN2&pe{=K^!oW} zyrOBF-5j_@U~zk%2AzJ}6n)cHz<8NXgJ+}CQi82cf!nRmsKF3$gYNU}-x`E+KAUaR z-Mx@rg;J!Ma`EQ9K2Sx}w^7b9b1u5k5~0-@%~NVG^LTCRmXGNhoEXUMc_bj|(Rs(i z>7z+#pazznWFO*+?Gm&6IMuB}3(~{6m9=pDr8v!hE7&YU_n93Qvj!40s z;oD?tbej4YCCUTREo4X&iy9rNEBh`6gtmP34~2IUl$q9B^{G~GB6ySv-uxm;?Yn7ONK z#-{v3UmR3s>{#+q2PlhjVZ`X=`6N^+h9nGkZS`2<-#s9rvs-%zBIfq>LPk5AnM3F} ztcq(1W#Y24^1a6nD^!%djK;M-GC*H;Pu+%r7dmV%+Jx{_ezgE#fKyhJ)$gX{u0c`y zse$DhxtHb5c9b3N^LsvD(t8$kMR;lM@LsSn)DJCpT)|Q%|G_gCcSlrMLR=PlP$$Y~ z5(3jbTjUr!F_f_6!?c^QQVu^`kxIo`Ozw~;G39AyO1XE+bOddH}Lv_ zWJtAoYW1XAJCBBVd%;gBSns9S%yqiG+o2GxS*KaBN4Mq0lpQe?-t`<$8tSwvSw6u# zGDK=H^LF^kl-gmh{Lpo#wp(qH$Yctg3%bjY`-ecmOkAt?^9Yk_eg$h$#+B*^U!%jW zTkrePFW=$*ov6VVAyXFlqoq`-!q;Lbj{B2tz9qB!i>&v|vrf1ljPm840zTMPObZBz zMeSxMokyc_1MQnof`ugXgot!*jm4?+gC@$TA>*>Q&!%akJuqqVfYC*E4lHs93*&6A znv(XFAoq3b9xp5SZJscP1p*%2hsGmyd7z6TDzgAm$J5hM=EYetg(e6|lB&hN{g23M z^V0m8xYunuD$=NtW96o{j^udNgvP^Wir%We)oRXBbLdgqDU|iAtVPZnL#ydK?n{rA zijO&MX=WsS4RkVXzJr!3qSTfcdB7O0k3&h#hL=r?tM_L|VaAkBzfxDPwRRm|kBd0u zditE4nCXPzF1)!}%Oio5?C2&8+LRuw8RHbP{A)QG?8$Ib#lshNSYazbjH)Yn{IA1j7 z_}YL!xYwQ0SM8sFYo)%>S@Pm&aP&Fw8b7xI&#h`d0-9SB$MR}*i;u!LdDogZfVPHo ze0|(eRG9$x&WVLktO#8B>zw$I8 zs3AcqE%RnZu52FpynYOEp8yDA_vCG3Fq2$zmX;Q}=W!pWFoHbpC?N8&!aZz8;z*E= z93csr#==z(H}fN>?x2Bk4_FCE=VI5HZ$`UhJ`B5jgjTu#9oBe{n)NGw6=nNp&b}+W z=+A`t4n<#S(2gkN(XFG%ei8{()ZQwU-edVA61|VU|E=mu61V%?f(N&5_Q4x^nnT_a z2S15U>h0-DiNrD*Po(F*b#GjIJm&jt7IOqv?-f`i24dxc-RV#70b9+J@KJjA;7|as zws%YZRBc1xuN^myH{EyK(_jtU)0yo~Z2bsPx1m3-EL+7_u%k4!#tS%eHM!DUu{2`= z>f(qHlnACBEQhKsZ9itb8A6A~smIB}fGhXauIdLF8v1)7WGQh57{w-YL=q}x;bm9> zm0L-{O)Mc%7EBy_MZ*2PugO2807HD0v4jD7osCU}=v<()+UI8ph=*@!3{^*Odqv9@lr&j3pvFR4;6G=S_2FMn*OY>WEKnA-)_?8>;*vLNc8DQ+HfaZbYhtd-SC)((`mLFOjWH_82eBRyppN%LILDdyZ(KSKj93HjpJa(PR({T{l&5FJ{WuRJt zJ?<#mjrzP4qe4)U+5XKICiyVCX|Sui=zNuSlIHJ&QH}UvMb{;mv;3W^C0t;w-*4-w zEINmU6V7DSzF((plh=jGbopj`Gv!Q;rdeh5;A2FQ?1u~<2e1&QMX+tp4tadT5HoJA zArQ=vjh+SQag&*NR|8YWiYc;$+;X6e{!87qfp=*7JHA+vE2Hm)-$8OPM#@blI5giR?IOI?kn(+t?z8i?jT`DGb;VC^50MrAflgPsn_# z;LRE!&X)0hlEMm}!N{}bl%~`hWMWDlx^!ByJ3NX1JQms=3jUl}M;> zeZsU%tCJ*_k6%~Mbvdz07MX^C$@yZf)=^+Cl6L7+ z4xtR@nWu?Yeqq~H{$}H2-H%`gn*1Eu|ebd6T2rtBsjM_OfBU*xjyE5eCdkFIU%NQ z6|_|NzargeFrO8+$*F~N-jF7GXnUistbL1jlwNn%r%0(#7q@CEZ3@S)nyw6tsx8hJ^OX4UMJHRInkswikGq))Hk^dn6_{z5mJ* zMGC14vd{kc_?8`4RWkvG$)C#ojty@tGB?AU{O6m5&_59x@Q{^)CQ#B2uk-2H;Ia4kf z0UEGY<}ky|t(F45rsj;Ex2*WcE*vEfaCFQyj1Xo&t#MUt0HzkdXje~UwE@NW_>uZ_ zK*2q4svaZj9ZA;xlPRhL`8;b~D(GB42OH(Gwov^{Cve~-tkRZHDK_poh7Xf}(xpH? zB~GUNxEF@rN2cwZR1!edH;_Bl{yy$s-D>orhjs&7hgY$-EYZY!M}C4#^TY&M5DF z46F9vrR5qRJZEkqs(dN@>gh#LBV-y}reG}ZL3doQZp?Q$El6DMWGfykRmh$m4msb2 zCFk(Oz80(GXKFQzyff)6v$Jt8df}0-c}o|RTnaVGA_x-%Blm{|U{-C{nBKJ1!F#;i zNti@q=s{$a&{Ryrx>m}NIS`XVoEUFN?}yKv=j~!16|b{>HzL+6SfB;IGrXMFa-lQm zeaSW+Q`-J5e&Xgt3`b7s62VlgP0-wPFi~}kQpVZ1_catxNWvequ_siWIj2^Ey| z1v{hl0@KV$gk1b-SaZ=!|35W;OU;N zPm_<54!&t1OK)LlfaU_@{BdXdXVZO0^3lgd~$P z_9Lam{MqU^9AYiH9J<3iR$04im8Hj!(73(n_TbeaI(k)&Ye(+$1}E8%);P3JpSNAg z%6>~?MZCO3k+2Qm@XhjY^G)~UW-fs{oOUXhb$6qc7)k?9sOnt1KV;yVX=n|HlL~4G zlV2ux{_AnD>B!D#g+yZ|y|vC#v{VOL(Xlz{?N@Z z1Mw34ABR_?_1B5)AXv({t#{;yD%AC~Z)td8$_}=wiYwBTysk&ezf4Zv~RD$_q_a8iOVKvQ=EsD_5+vuD_fDI8Zl9F{>hCC(qk%2u;PrT#dUKft#J=Bgr-ewOr!k zuBbW#Z<|1wLL>xB(9Vkdb@B?Gxn4$gd-k@| zbYCHRId6X~GD;#kog>BthF1)+q}B6;_w6dDG9=R21umrQuxh4@8iLEaXVEH&D?BxC z+KwjpqE!JK({rASq}-A4?o2*0h)WQlLu;!L-~@A@1;W|WWkj7P6WTnjiiQF2uR{7U zeGs%d&BY_RX8tq9(^|}2y=`Iho0nxpvZR9SI-*+bE`U~c+`BXN>E6a^Y71+&>?AsT zYkPpxuj?^Vws^h#*W5+3JT4@60u#0uyj^)V_NNAtJ<6b;PprDTwI(X+s^_F>5ZLmi z!u#k~=_yOxJxB6k-L9YxJB)A?<172il5J_|hSoHc{j z7UZ6w?n?`*Qishr|G*q%0!G|G_2Eixv=V&NXgixxourC?M=&c1J3{=N?Jk6cb5&O< zx(gai0_ko(qbdtqZiS4e<&`$uT8CWHerW~=fHvCuB`Hcl+_h||hrhf!>mgfOx*#Pe zF9V-f;VNrql$BQN?)KiggJU&4Bu*g}7RFrxJ~Z&hP;`WJ;}MP#IH# zpD*E*?FKZsF2z^27?HD=IP+fX?_3-z`)yR_E`f&n2Yjy-x8*x0=qJq9n;&QxZTgz= z3o>_{KtZcf$vZQ)P=Pf$4Q^`1c^^wNjp#(4YW$kRW=t?ADV>@t6$|)Un6WG$yUbAK zWlXMDtD{&nr?!IMHY!GSc%Eq5OfC?GLW6oud{QT#dH2s9Mi=0;ci1m*Q|mmM3!*Av+n9{FaMMagVGB7k^CVO`-5YxKGd%V_xn zR=T9vcFPG57tRPg!dnBn&p!I!QJjLA1)s!hhUb-kP7ERf&5B( zzT4|$@sKKNM8mu66P6cNb$aKk3>T3F()Z|~bBCsf$saEL ziE#z3&!mK|YYL6IX=l~50%Z~K0vtZ}ON+Gg^{EHu0JPLbhA5sWM1;~SI2dB7WZ zE4@rdXyvU}_~JUce0UH#mNYoXkM^oxUsJommL#i=OINeWwa;5#UGxnQ00fi@XBNfE zrGVH*gn`slq5vzhKA?QLk{Rf=^vpR;H*NnIU`j$jjb|Grx(_2grTuper&nFjoypvQ7S?>^6F;Z{&-;#M63>tv;BAZmoU{KYGNA5~Nt0hmo; zcbCJKTq?el-#i9>P0a!GE}H+^5H?NnJTmC<$;@fS6faKNw1$GULU1h1r_!xJ!wAt| zY64lIMp*I#gVazl@yPZxoPm?u{#zeS0*@_-Zf$Y{WgBAY8Wp!>sx{MGR((0f?c!hX zA4lK+hX3$0{R{pB?e6oyANY^t_cS3SX+%0pwcuC-0TXUqpa*qQ5dg()W_?asZ}<8K zdTf=30*ts9^^4KdN5+uDuY*~_*;6Go#Ltj{(gvQTgBuG&A%sfQgxYvzV{*xk-SdR( zNMxwe;hIB*-4)Rin+0QcF1iL=P19jXwi?8+*urs^OrLkU8y1cIxcHN>oe>$P{Z1#xi1e#DRzT; zOCk|Rxxj|@A?S(3b8s==VOXIg$Y$)8SI*k_8(sy_VYWZ z1ny9_d~`89#T@E9f&Au?m?z(hSGbtYXoet&U?ndh)AP@6c^;EMriB{B5I6)hlBCLN zv*p@h(KJzj3V6ODpN&4lzH<5L-me51_iG8+U7380wJ{YYSSWaG8~T~0M6Hg^}478LXisR&S6SK>$vCmJ_3-R|{?xs~pqaM?Il zXO8rh*dH4Z@KDeXrXwN2fDoN?M@E1t;nScGyDo$t@gw zMxtZP`*KY=(9-&85d*vy-^WFbVYSprwFXZpx}x3xNs1AgXXXr$QQn~sa5|w?+%S79 zb$1@Zp&I6pA*U5)QdCu>3wd)Jj0*(!9GU$Y86;~lxVyurT8_!^l}myF+Jef+Z488y z6JM>RaA-l69ddD~G00KQDN;ejpR-rl@S|C<^>T+5okK(!1#LVdSkEE-7frZ5P;hrY zLqzaO5PAF!V)2o1)K(I`wpqaCHexzGrMKu5=T<@gQ@ucLIu+{MB`k z%7j^Qvb1W6>jGJs)(BtusnV2P%P=}UPQyhSnp_n0mY`;%Oj=1_{h2w&v*LFH-m(%9wYC7ZkgkxdLC=^xCK^8|9n>cEHi^sGN1Cs2>7#5cSE z6g_i)9rWA~Q9)E@2&J2H6*(s8?iuj|(xyO4%ef%cHBokG}>>WP3boz>0+VOeGtm`JF)aLq<;mq)<44n2nRReQv zzT<@P5yrl(x`Kl5Ny@A^Mg(z+G9^;g&I;3FkKMfiN%j6jh?^2Z-B+O*@WrC>X?Cu^ zAWD2##B+1=awvTPDP=7`?H62m*<}T*hDnuF-nSw{^LmIs)AR zoLb0pvjwGULFtpLlu4xm{I_#*!>O69h>OvP7;C=(+xuDpoQx1U4HQb!;ujf1)v|K_ zvv>UR335xbbr0m@hC%V(cKG(7j9U~aqwBGs*EF8D`3<{ZdMo!ZEODlgOW~0qxY->; z!D;AA_aqI*{aElVX~!}&ZHJbEZEDg^<~Z?^S_K-IUdQEE3i*yt$g$hg0hg0_eR?(3 z*)8Wj+txvRbi-Ol)JO;%H^19x-{5GuuXw)GRz5aCP8$B!o*dtBHnr)C2jBnlmpxSz z!;4k6V9_;39c&V|LN%(9jSyXE202Y*Q%$*ErTrtgD={ynQb#<0_^ka56z}ezfGE3* zI>LutdkiLrt{J3Q>`qax57s<;ZUTilaT<~aHQYlM1jWU)E92Y}1j*!Mq9%;_8>+$@ z4zy7FQaN7Zf&zkFjKr>(!K^3*noH{{uygSmgx2TP{F1|i{HQY*qU@|H|@B{CxHraa;8zKV8?I|4)ebBiS@(hVRIW%TlK5Yi|F|t0pckrQE(* z*uPQQ4SP}1wKm$FJc75Y=Q+TPj#xoS>^QbLXpwA1Hq<_%O_qb~@Zs#3^U9hdtT#7X zN`;AWxw4~8mzXV2bdq;ZkKp(GTzpC+lK2YMaO~ST6A*Cr%6Lz~3>%di{CS6t*qzgx zRa7|&tI3$)t-)UDVC2ej^%hS; zDG3W$KUNP*;=_aNm*YDRJ>{PfPrBvh5Z$Yut|ltnA*WuMI*H-lgOM>VqZa^hvwT=N zMA@8!cJih6w)Hspz@NJvpPO$sjhtPi}jCipS+1#z6>%WW=G+|jbNpoMkbm$|N$0*N6M_;Zw z<%(tUyd9&omYP=un5FaX)j6_-GdI1aO_j->#zr31>ttyQd!Dw?wcdYgsM>7&Jl`1R zBh-7V^u4$%*jd8lT|41dfeG``(|Sif&|W0=jN|Fx_v%A?*4F}=Y5R(4DYnXO*j7=f zql&zV+OCImNsIMmy!X1;A%PlxVpb5)XTQxBt77+;s9QSC#aPjYpZi7+mx-pk#b33f zwptonm77=W1e>pLv;A2vm&@Uw;G_EMu~>IDM?0+gCz0R+Z7n=4*ilhSZ_-2y6mu!> zC1H`B)-^q1t80~%EO0zZE4uF?2a7k#BP!iTp@B9p)-RfJj@!xobhg%%Z4H9!-eNLR z%7SIR#fOY?B}uc&62Ib&PQ;TV{!*#?OkNo;cunzSzZu8diHV8sFie$5M~-Iaw?E)s zUIqUF_u}(ZmVEyh%VuM4&gM-7_XysDiYexUWZ==Ox$oR3abj%x!QLe@z?uE6*IzWb z4i9D1?#S(W7iAoc+#5SKYZNuOa$sO?wBixb4oY$(6sdCQ4N|?LcP;Z)L@>qBhnflI z&e*i(C01)^+IpuES*sQYVbpkIWM7ITs+t@uVPoLUN~aAl}MzbdAW&5G|h@p0}06cY=d|CCN>skhXh5_ljbR zG=%4-X=vny>k=t?gm!*z8q{0i<^bG-)s{UuSIJubU3|Qli#=I6?NN-UP+~8GK$qpY z6JAkUplc%O?k(&J&;&X#CAv&6`aPAUr>8HO3@yp5g8P%Y%9pZ-5W&=<=2>=!RX25{ zPu`om8-^?jfHFIHXo2ES4O;p}=y{tlH^O4GWPh#bw_2$!=;jyk6CHr@N{n7UySTMTZ z{$RlX_|6L-e-Doj5KY`S?%(>=eDr@2qON~Lg0u==4Z;wKJ92U#+%_AAb4vu$H6i!$ zM09Ghzuh5#vvMj0>n;_~cQ3G6G-eA*3yw()Pb#G7ANGv-bytbY;ln+SLW&+|y??Ua z8aBMoeBe?QqZpyRmy{6bM{-zbl2Yn}njXxvEHS@-bzpjv&+fBHV0fKB-!K9=OmcpF z2jUlpMqrZe0cZKZ94Dpry5#H0$&H>eTPI2gmsAbWc5Y0ww?9Ccc*Oju+$>EQh!#_= znu#rX1wRWUufpQ)+R`p|eKRF*#?#=&sM+J*V8-2Ac!t{JY7_h_@r*>Px?8uj$Q9~Z z{Zvy}+fNr&Uwf%Sbqa-8h%GOQR+3nnK)0K2rg0gUbIuKflX$C@=0;la5LsDj+A=|S zp=;m%Kjgh-R9syWHX1Ahf&_O-aHk=-CJ;QhySuwfNN{)8;O_43?$C|9yL0=MWaiE{ zGvD0bcdcHmy$;>yRBbuCYF9n=1hJ~t<-&ErO00I0uP&6O41G+RdP&=}O};PYo%-Ck zCFL7FQDI|g_-&=M?k*6@;H_6^4~9PqT4^%*ws2Usf7pkE1~Tl8DbkwsemVzHO8l(7 zvYg2au{?wN{0DbuGLS0a`dt=;fg^ahstJ9x4;=oeXG8l@^+USy**OSu)E&rbDv+f{ zEPO)xIeQ~woKw`zi2SbqsU$p@Zr$RVP=&^gQg=huM6n`VcFs~Wh%8-jJ#5M9^U09z zJ5ej8s|UWGC}I5^`oo3#4*xxAB2m>Fq|nbPKj3xW=9JLus=4W=+!;}Rq{f7!lhZ)? zauPTj1^-3;+l*1J!+zskZSOtF2l5{1CEmn>qS*#mitw60%s?aFQ56lLV2jWUlkC=c z*PAaE4XO-Fw=>)vZk)2lZP)ON+G~+JL*+i`6(e`Xz}8C}i<;x;Xq5uDZ8L1~KOK|$ za=2-CursMwS?Nyg0F!yz-BFFa&-5m^xyfl}RV>pDDPtbd;Q-K-aT6Li{~;!CF5fWW z%U~y*-LO+6hhZi=VNjZlYfh>A(_o-i&l3;k#z?$YcB%*7nL|U?BU(HIk~NV>!yi)MJB; zSPP?zju7CSZsU!>4KLgJ{$=Lw1WP-XLWZr#w}m$-IaO^a1dDiWUo~8ZC;GGE!>Al&Z^^!k>ijIV;*`^aj9r9cThcIp z0{TPZK>3a>+Sp_}3$XqCfWMKl>=bXtHQS_y zN4xVMWj~GskHX35g*y^{W(bzixe-Rc-TJfQdWt(n^shFo*86yvx{T4Uxi|G($>Cb62_bTW=Ye+oG^L1dLHxsz3%4=v3*{Pt zfQ>7NM%myUa0???2WE+Jcx%l8eNqp>hG=8UYN1PzL!>1H9QGAKjJUl7ndyb-=zeHFjrRGF? zx>$FC%>aJ;D}p4)VI*z(uZlAD?Qh0w0V@x;nh-_V6Qu&^hdzo)`<->*?4vLZYtgui>OB*U&5pKy#*UYBJ!6P1B^pdivt^d%qc@v0#QFnI3nUrPTFJbVg{M} zoZIQ;G*jNveXUq(ceE-Qu;|~sH@^vRz>W8B#>?>_;j=}&q5uB0Gx;Q71GfD%F^4N@ z4T&Lsac=yhf$Z~XaYFlP4sGl&K4zaXTnJppHdCjRE3$ul>tBC&JBZ@EO76fmU#8x| z5C{*t40pbL_G$)Oc4A`JKseeoKPUR07X{E%#lnVc@FaM8=f5@i8wk|>y@oPYS-~T@}K8Sn!t@NM&{P=&| z>pwg)fE_$sBw;a-qW|HJ|EeT$CA9JXS0(BX#o;0&?x!fy!oOn={x{Wq%AkF!K^|=R zX;+{J4{3ao-;e(wysGQ@GO5RAd*mJU`|AItK}-$(;ke>qs*flnC<|Te&pB_cgUYCA zuKnVr10*v2@_#G?>orv84qk4N23S>Iq@cGL9bV!7S)J^E_vdaJzZI};MLgUR-t|x@ zo*@TJtNL#z$-iFYFM}H|Uo!iS{(Cn3-x?ES{9Tszce0%S+XKLBCg~MoQ;U!Y#J`>T z|K{R54akrGzf_|8QuVVHbiKND<4WQ8`djDka=k~kon!-zVo-JcQGx)Qvw&cmt}Xjd z(dLq$=+b{)MWd0IMUs;v+1RXABSo_jFK*cfr2zuM!{64g^Eik;tsG+)c&RH3F%C@9 z%!H2CV&Z$ekfcQS&(FWFUoTw4PE7b7QHbrJc;}jPOMqkII?z)O@~q6+_Pm-KIu}PH z!Qbe#o1RoHuG50x29t;HQbEX#IY|9*iXNM3ehVfoL9-uG0OP(oBTzFoDA9pbynBQ-wUA_Nij70{5vmnUxPJkvQ>lJRQ zjyUJJq5YaxbvNNU`We&Xlb~kIRokn@P|!%z_@zv270~N$hAN9fX1Zs=o8skY&KS*O zZ2tVTXj1*8>HJW|-Tqw8-u=Ge(e1GLQH=&EyOh93$M|zgOofjpVBKkjtU#&fDo4&%o<3?;(lvTiHo6B#232Ex+Yt`aYg(2y#27 zfAEuhguC2mtLLh)6l29FP`#4fw&d?Ao?dNi#64v|3wp1&MQJ0icU`a3VY1p?1xgKI z!jUMCXD{C(^63mDGlq*~QkNf8_mAQ0)fzptc^}Qjec^!~PxE8s%SfEc?%un?A{`!b z^muU`D(h)^ZFR~|r2@Cl-%&+OWM6O#yz&LfRrYI4ikAE+;^>82MtRGluB-859<3p4 z<6YEdjgH%DYCe`M=oYTMN%2Z5gk9Pn}tuiIG7`G88h@-fE|-K0+6KRXpn|! z2WkB*@qJHwHq)$P46cnZ^aH3a(M4JQcyte@6OWFExu;ivb8 zhIxMJ#ONt>p8>NAmm@sE(pU7a0El=y#vrotp_}fwaS&R|^wf$Xtne1ZY7&Aw1s~5Y z$9a>{MfO$7RV8Xmzo*SCD74XHY_(l$>_f{cSHH;l$@z!iCtNv4N(4d=z$4K9MjF_#OTQ1FBT6`e!%{-=?j+gOEd!tiQ@wF9ci`hJdYjW`~xuFnDY+C zlQd|mektB5+~99sZGL0OXSouAyg;$yrkY;8X$5%WmWkf&qDWiwE(Ip>@i%_Fy$v^YP*+PsGTbgqwJbEf7<8A_Kq1dRI6^POyc2gC zoyhDXxn|wylByD4yKtFV`Jiy`hv_Jt#DvAU#xPLzZss(}Z#Y8FFp&*1CG$2K<;JvO zqo!VYQc)FI3zF3Hx?_X|!LxflnC`OL2ZE}CtDfocJ#+CfFp#D_cAv=4tHXJX+0rUE zGt~S%io?q+H3-y>+Zs`4hs-9%b1bwt2IaHqr7x$2HuGF5Cerxqdb7{kGkv!%mKir7 zUmng6Zdbh0Pu0WmQbUbcX~##os874?zNVRR|K3t}`5=SxN_D40W4#cx=rLE0LmIU_ z@5n;=?cr5X8@d* zWoCGbHVZ4SYh7{1QE#Fg#c8i4Y+Q^|;4y*n^Vo~e**aase6Z`or&Tz(2!3R^1h-N* z%16in%%eIV3_r(W;2FYk90$O14kv~E{x$wkT!xsYH-SRVZ8+>CfUj%!;Q=z;fz_r$ zhyjFkukmQ`({l&s&{JA1h(nbI(1$2G&L1jv>U^Q`xH&wxx?b#sfFPj#xwx&aRQ96P zn634DlivK?{q6qs43A}x7k#mOk=2kI&ZQ-Ggf)yT#WL%`=F6{I03o6{b8FNdds`Q& z7Pnk!svHm#z{HAwS!~3U(8b}k zLV~`E=1QzOQ4v+nWTn7XXbjs%m!;%{3Q7`4vTp5p#uIZp1?}ZGAu&)rPP4jNlP%D4P>0-Y=!$BZS`&K~K(=Ud!JBNrqswjT~41_8>5T`?K!mR_P z{s?pm?bH&)Fq&?kg^erOcD^0l_YDdjC| zv-T26F+Sc38do8+3-yb*n8uwA%pnWNTBt$Nn# zfS;OZ8vq~A3`3-(uIZUAe4N~-Amooc;1KCjO%uCHYxNH6-K=j?>poBccX;+pyL?*Q z&SX8HIA>;R{X0Cnl$S5qoHk}RNv#$N(b@(o4Qn3TLPKNxBlnJPv4tv+K`>eNzwST&E5%t{R zyt$CS!m?bga_|)lm2V|VIY&@Ra`!8#KwW$9 zTXSuCbQf;YryspiZwp>yH6aUyTX}?{tY<5;dR?st= zfv7e{BvcA-&}c=W&|NlenWtupirfi^g1q%X31a9#5)g2UXr*8hGEJM7vpfFcWXWa3)l{5e_xTS+=G&!VGed`=|WgbVUa>Wiir+~J?F3EIWR-Z!hurp0=BHqNu?qyn!KMA|tS$cdrTLpzcrhtak6U|gjVod=K<>&E`7*w6mznCAhQ~aY|_rr=d0)+%CdV-%q)SG_H=@Vq5bma z&!yWMl(gfE!7@M34k&${^Av^#QSXDNR{XB`(gJN^YOV6i`mTeR&`W?pcPiOeG}{iR z7#PlnoT@*_a*{@0!%pD35i!ghubsE!cQ&+QVkC=|yA7G&@+owfgdg7m2B|~ur}bt~ zS58Yw>6C+AwYn^ys3j!SFo;Qqnau+gyhYmNf{$j_FNkXH#R-b5mBeqRT%h?hWw-b6 z4rmku6Gz^#a$nWCS-bT+l9+6^a?@DU)0QJDSqOi*v;8@|;vJ+?VBOk+Lw51`W(nh5 zdp=k(+txGgzQ)8)XV;PTo*l2;Toq7@_f@*gZ_!UFN9Sr*>%Cd^*%4NQqt!T*=McOB z8O}zxlE3#(KRni#keuf)40FZwuIG$=l7}l9i4GPp7m+B(OMHUI(ZYO)C`H2HV5t5l zTvG#&o%_6^335M;vOqp}R!y*%@t4sMfCSMaSI1?g(Uo81yq~LKM+j;-fLBOdukN_* zI>=+`Duv^iD1gZM&7%&DdWsW?*oCNq^BF~6+r>l$!BS|7P(GGDP@^Gvteze?ADOSzz-$E-+i*=K%- zrR>cTcScescQdKb+cOB?hRj_9%~1#P?snE=q?PtObphGJ(Ssz06URdCQ~bU$qh7Jf z(NBRr?aOcc#ZDkzg&-a@vMJ^W>vM+~1>@J;eUqUHrL<+GSR1CEqkY<@!V~KaB5jJ- zPen^bI~+cC$Bdiqwa zJI}vs3EZBMiEG!oj^3+3DpbZVb;ZpI(y6R~ydc1tXIkoW#uqZ6neZ$_W!b>N?mDFy z9c&sA#Lj2ebexZri|}o-B=EiUF*?)fBGf5zwq(^^%i>$l3BqaYvq7G(w!8rBFK#~5 z@$ZjU8FQSIYv#|F;;z^%3d>00MLvB)REs+7vpm@47w+Vran}FgWVGVt9MWjwLgvi= zAgS(hjE3*&LNQ3gaw1=HSG}?4H51xc`!VKmRcG1dDfV`=U*~XHK1{XY23Clz3fktS=&q6Dj*XTbZa;|#?KGMfiH;*ZJYsjU za&+H6vo{E>81|rdMclJjc!tg8C##%e2T`m9NCD>qe-y<~5nm~@Ti{S5mwH#c3ni2E zEa_hsts9Gkp(D&N|!a|4W$;WeB;Gj+XDPb|wdEqbhDGTTK85Ot$ zvxn8ZLyIrpp4{;TVH)_{n8IKcMP;W*{k0Eu+EO@?z69cq_@dM8K0$(#ZV0|`(>xM; z+_3M~WO1bget3@yE3M2OTb8+I#kPxf70J2Z4T0Xt+8e?K)WGD`ZrlYD7bRCQ0KGd*OC|$@Em^-2o>`>L*J6~`I zQ!jZ9!!Q@mGZW*q_Cw38G^#eGuUxN3eynmR+o-JF;+kC|+G9)&A8+C`)n0^!1l>G3QpJ;B0V)wsJhR+v_fj4fMRz*ga> zVZRRMN=$ zE-qd$ZA_-7XXKDrJ>S^0Af?KLf5ndv&IxzacGJO$U?R9M#C!cDy)ewvrKs|QdH~O; zq{a0jkt;~(2_t+z?HW1v*hm63cT_WI>cPO^)m}UyWum_dL~4j-lJ5yLywVg>3nEnF zTYSo7fTVwn&tU;GqY=o}oTCIMU_;I*D>qlVw)6CWEP~5{DJ{l=Cx&;&msN$$#hjZK zaB0#v>bJx5WZJP$02Fc+8y#|i|+Az&QPs^8wyQJ6@` zauP-;e4zf>X7-qYrV@y`?877L{QG?K9U^3qlcl!wI(pafVF}~gA z4Pz{3%d^hQ33V8`@o5a2d}Q4xY37N-BadDQi^+U1#GhOg9OV}tXZx~rRde9P4E%=qH0c9kVpl0A1Olb(H^ULylWldi~LtCGeuYpQzQA@K}(@ z9LUt|YG&r~N&Ywnb2RPXycB2P^jchqFWz66M@VDLAY?S@$6eagAKJH5J!r7CI$#Tf z_`>vvQo1QpE!cnZ0NLkneI)QjRvcD-xMnigP=_0AZLABi z-dMA8hJ}o`H0xSmfYsgIiZ3#`<@*($@pkCeAK8 z^Ik`3-+)E;AYCmot!S((X<~L@xUm%UcHX;yMzu46AYL; z1RKjVW_rdu3$CYf*Fbw0LR>)*pUJS8|LO9JvFFK~r0|cKYa_3xi3$buf_YV^lmpjQ zlrmJWS1vp!O}1|6;@dg>*-s*PAPE|`y6qOo3B3*gLsnzMz?mhIBv|l1H$g@$luewi zx%_Udav-g9>nJC2%RIr_A0XOq$3hM3r|~w?X$?1;3_G`LQK6@w6+h(b_R-hM`y-5d zQtC4FWM_-gm%HK&&z0oPmwX2h=dkMTsm8z@pHB*opW~4E@(%aOHJ2ruxEzCL{)=r_ ztC-4~M;FLl?V3y)xJ5^)rHs(SH*YBQ>7Hi;u%>oH!lvics*Az|WIBD-XTUG!};J2M-yI66Kp{ z73%;U7Int7fc66orb|(LF6n6Pwj0Yarbplqp#H2@W`BE)4i+Rt!Sr}vCt}A$HwKR- z{uErdo$GLBxVI8Xy9O!-Z66#zzJ7l8IY61sEs8@AS392M9PK*sSUxIz)gl+x@H;9u zj4Iu1TZV71xzf4IK;#*ym-jLI=+&Llt=L(F7%;2>Gj*KpQo0+c>-tJPy z+b)H!wP19in~V*2v8%)}vDc5URc;i%QF@=J4{R)fM zFdx-0T*(aLI%r@m+2#-0uP>ZP`F16^P(B>Sq{PgnTsSK9P%dd zX|t&jk_6VJc~^k^uu7yz-F31}u#xH0!B=Q3Mt)5SQ*-WCo(8V$Qm<^T+~Y~#xtkQiA?s1_TL~48k&PeI z4#4Ner1N%!;eM$jg)=O@7B>YQLvkN+A8#WTf7j;gG_(y_I!DE{$3bm}gfLcwyxtcM z=$+!}<0j#BCPJ5L^tHtM|8*PBDKl@_-L6XeYf%H$cbN`)Y5y4WF^i>l!R?X&vtF*4iPZnM7G-!F>(7yflv+)1zB-w5BZz zIfB`=e}L)|hBmecqr7ui^>@)4K`pit@X|SyS&0M!adYvJJZrj@UV*AC-9yU~5gak5 z5wW-^wt5;*jn^AOOAi!}y3U_}9W0H%K!c5_twyEe2%mTzgX4F_^A}V>lg-iIFBT6r zDJ`^;wFQCMGIcLjI4pn11biZ(t6A7SYX;fta}~1A6n?f?hmmVDLcWH6o?#~rb`;%h z&s{mm7jAtidOBjQz7yK*JI>{?rqnA!?FG5C+`E~)lo`=tgvTum)fTvM`)y3woTEKW zN+aOl(<^B8Iq9UbFSWp)^{Ab+ZV#V}WH7+lpQ$Iy2*eq&KGv~X@M1IhSG8!Yy#2V@ zb6XUdJ4Vl0Fsged<#4Wl>TO@VHa)Ez?3DVv=flj7!`?x843AyA3@Tm0Xzs42?_5~G zxmMMtdfr*XPV;L_&Gph1H|jmlt8H$(VBV+xtWLrACdwdn&E7 z9nfBr>pX8Dujhq(;ps^%jHf!^L|lhgC0kb4FMF~To-+N)5a2&~^XRO`HJbAD8RNWW ztwLGN8sqhDb{E6*7TTfP3HNJcoNvmm2iHg+?f%YN;75nsEjy-+%LsO?JHElz0{gwA z<1oFTpk{oFpDi|1k}Cmt;VB$nRPV#YhSg7LlVTyrSn4N$@}XW->N)8~A1+u=XqkD= zqaOA+hQ?&tJUGZf7w=}d)k1R>0j~8|9R@~R`?VzY=n%8Ibz$_^BZvG<9RG&4z z(*{#}IA(s!!tvmrz})>#K~n2T)PPGn0%pt}JBRGWYcl0>Pa@7M%g&jFp#3XxfQ{{Y zB)qsLVlY!TKrFb}-JK4J%8#oKT!t66-0-?ZS-AjFgZ5-68PxSu|%nC#Ej_`pVxLWBwn7|D9U2l#JN;{vS84kmRF3g z15n<4y7u$x?XHHISC~Uku^2{E1#urP%<<}!E1RVF%dopZViqs`*mg{RP4-~i>L}u* zf)9|tdXQ|j@-zCjc>e7~cPUeGY!kAs*$D5N$3M%BT-O)K`1N3Q;`lTBd>GwB(iarA zn1`9g?XK=`u8JxSWQ(S5KMs*hukLQ*h!X#ti*Z&*{kL(8nyoM+OquN^mntPCo)$nQ z-SbV|v2H&yIZSP>D$B32?j`<(6_-FTKaRDsW!swFiVvSfu}~9}%BRWdx>->o>azvB5u{$tGii+MW&jE!iq} zy`dh|JUBa~VNyALu!MG@@eMJVG7x3)XCIW;wdztIj;IdA=}}Hm^iilh*AuqDfv+6WPvL+4-C)lU z6j665^V4ssP^y;(GPS_{0=KXCRe}u=%+S+Cykc;pej|}|)9s85d38)R1UrU90-(#M zRQuosWO@vjEx%_Y6S)jL=5+avCQwFZ8=h&%)`36{?smj zO6)_3#(1NSw=Qs1B*eG7q!gBX2Yo*HcG~A@@%%?WJ+eDXzQC-X^3@y-7oit351PS{ z*_K8n0a-NSg}0XNOZ3k`WpG&%vZbw+sa<}Z+O8MZfU0Sn@a)YVs(s#=(8}tQk9Tif zy%u`?`*E-hLNgii_(csz`y?8X7q=6ylx5jD%rT`nc(j?HAA)tzvYXGz%ampFuP-v; z&w`b7J8|#EnQePEXe+{snzG(jR$P`I=6c^I zlYcAoQj9$g}Td~czm)-c$zeI|?hhSn25O*zj0n{19$aZl&B!;II(*TrX4 z{n38Ql%VY^3~|PVcO~)f_Va`hFgyr{K6RW^Qx$){Ux9Z?Ge4Jlb#h_E;0iAnYovfY z%Ynlo@S++u2SuOzfF&~)MW0!;5lY}lV!LTbT|{UByg@J=B+_)w^Y1t#kWB8p2CK&0hJ59i-{mL(Z?RbbTeSN1XT+gJG zcS&XNX<>AO{fO}Ucba-=J9I0kFTdWxf^XCbQK(knZPrgcJqoI$xW~?eGb<6B^r8-T z^L{J}c+G_Sz4y{UR2&;QJ03b<&VW+G#VlL#nN-)C7HC@28y zw{nG9;rrSQCPbpVo;kZs6HqZI9fs=nfwef0XSQnD_*+u`4(*236D+$TeS{DD$k11s zrI!~In77g@az3;UUV0m<;IsBRuT;+Gl0tn+B7ujrxuuA9E%1caL>r$yL_po}D80&# z^!8+$?6AsgGt7qJ)SEoN81wO1dhj^h`^G*$I?=T8RW1Kri8pf|3|N@JC^r*J@!|QrPjiZQU zw7JbH-~pf$c08VbHuQ^L0EaM%vMmiKm=2$x5RO{AK>-ctN9&>s6YDJdi_8_n6>6#9 zwOMKsRA6o6Q@`_k7KU>IR>FV#TyY-c^y8u0F zZ4!?o4_lZ9FGB1cygu`FiDD|dh$HY;0yQCq#=Ow?krS-S#7f+3`J(f9>7P`z`PgJn z#6yMNjk9gX>Gm!5oPN}?g7VY2_r8m^Lbq6td?^x(!8TiTvkXQQ^HR>>Vo>hIBg(fu0l9R!_9 z{=u$smKAr%;0tNE10Uu4*9c4@U|#GT%f2`!K(}}~2Di8VnA-teOD&U>Y^9VbtMP+pIDc@qc8W1hpGz ziS1JREST|mth=!6Ng2H4OX`p*F|q&gwr?~{j(uw~ zt|lx{{2g+DPC(N%tX6B`RhXq&)@2#H5AVTC(|R%Q5&=7jM$%&XfLn*T(>6Gu4p2gP zJv3SAizcj>0PtM-;xdR@-NzfJ0jCG6SARHWN*>;*WR_eB-MWiSvPCw}NDCCy(bz?~ z60dx;HEXH_9dWFg9($Ojg3GHM0w~L_lwI<|!{)g(TCpTf9h*`LZ_;hGenyp(k$>RT z->~UgSnvsxo9q{y!*1|e@$jN_+pVS9%VFv5M#Nk=PeZhs8a{aU!7g2RfED|QVBb5u zlSbBJp0mEmLnq77lF&ac@_D=YxVD* ztwOXPt3U~87~=nJZK~TtyIwpWoecVUs@>EnYQ!@51_X*`KgGcvQ@dQ2HAuH?Q&5)i z1xB7j=#!`L+TgnIsRcili_0cQP7Zw>)Hct0ypol;J;b7n&!6MsM)@No8Snw(Y5^0< z3^^zOP0zBj$K9qYD#E;h@#x8*BLDd-Asa%ruv$?*IGINT*WwB(p+h&!Ng~DkE<)e% zn=-<>f8fL%WEi`s)$4Q@g5hbdMHAf!%H9(Z*s9`2+B%A(nez*x)cfEDg{Rh|O3#*h zY!bve3a76CND7CkUH<{6h97;OO(*31CY4AJJif>>XkW@GnyDAxFrX9&xpT%1e-*HC z;n^SZ{I22Egx8Smb~e^E%1J95+89)KtoLzWXp>y#&ELIq8ODFVJ5+wt!Y~sH$$%y^ z7&RPp#wtlZq~UqDRT!znp~USHo0B8}(?ilv*SmIkfB}c_JC5}9H3RF#_QYz2A>}-k z=oy2qujgUrr`RB>Er==cT31qt9_wNy`}p_w!HsxMpXtQl%cp%VY0eUKts)g4!Vw;a zy7d8-q#FkPiR%|;wgXw=zWcwA4%)wbBEHETny^2A+x#*RAAr(SGVh?UQChiKsoVdw z9?T#QRi?YC5YpQE39w6jz)dZ*a!}fg5Jda>_sQim1vo#s?Bo-EZt48Df|fYD0yyG$ z@gp$n`2R~TY>0&iXPGU%d^+VYB>Bu+t&?`~gL46TJdnbOQ>>(bL2#Vz@nS5tk>UIA zrO@ZNzkM0OH_LiN-b8^vHBQ`p8fO_Mo)fVh6$S=hFpxFw(7G)0Gq4@e{EgEZgJhH< zdwxe7z%H`!{LzaWKjQC~+TV=~tvB6dQax$+z^`&68ZzO_7*AQeZ-1i{cKy6{BXVSF z@kE*>{x(dpP#{V(ZBSNd3;#+T|NW5v)Ht0XO7GkGy3qmQ^mc(*a8Nh-!1%_T-G1H00M2i+I`}qjsk@4F5Yz z;=d1{`r#j=Hh)5V^(*i1m)^h9GJfx=e>Lhi!SDgM0g$fZ{|E(H)derl;~r1g0>1yP zAKJ;J{ut(G%&Kqytm=PhV{w6@BMjGEB2WKiuK)Awr*{G44K&Z|5->>rgPQ-U_52@N zSAah4OZ|_NdjJfWxru7)DJK3OweFE5&eft>we8q*ETZo2=_5&DvW!Qg7oAnWt^X27 z8Wb2TtR8|#pZ7LN-;QPaToi1$>YU@6=&rxR!je2-bb-p!kj&e~@x8sR_oe~L#ZQBd z!Xoecei%SU)3(U2?3$Z(Ox*Bwas-Bi5`3d6#SM!L6n#?=Bx4j?rW6E!xfi&CZY3YU^)q# z$^nJONYiO_9~(p+#>P%?B}(hfVVmnsa@cvR@c}zbHz_d{fS39ew}Uv^^96&%vrIuf z{bg3M7g6tqo?TsD86Pq9~s$_j>_D$Q{ zBq;qt4zjytLKimtVDfy>#yp)q4C+S=Xs)-%c|pTd#AT2P4qD4l*%8P-V|#H__5F|l zo(|v0sF$L%VzHbdu;W3Sn*KIh z$Y)_<;k!}#J=tI_4IQ0)IZ4?jiiDRnlWcU1+iExS4>TFVEcO$RbK5D>?TqtPcv4ty zhp%JLZ{df2F26e(xNm{a;o1;c{Y;`=J7$}0phbtf#bI_gO%^*YQGYBIo?R>B+A~FW z+N-JTaL7P_$2vLzlqw%`GZ5ds5o3_Ko3UuMQF5iagd9A!Eb`4he`Wpkb!&9`F^lUS zr)I*HQ?}(2GyCaWl?cNv5>wP;9@piUrqh-mD}X~Y4|j*RUigh|aOu2BN?AF|>g;X7J*uhoqvS!v1Ldj=t%TNzT;cZY%!w@nURZVj^=;nrWim44we( z7jQrxPMuI;PvebK-7Gi{O02T?E0@BF&noSXH77e0<+dGE7_bS)6VU z4ZAd2l}i)N2)B5K%N&zL;)dRI&B9jKC_OJ0a9makM)*p`>N~zhfI0%qO392fWz+mv zesWY?;Kzb^6jK^8z+EQA1U{telFyaM5d9@MTPq?eF4q=t9;^blL{KEneSy3?O@h`+ zK5gE*8KZ{>_S!}atfzDfPY+7I0)y`-IMM}M_pdHBVKCa?pn_qj%6nB{i~+wDoox>uwCGrKn8>f@-^rf6dP_bs&8zrilijh z#96kzANsH8f-dSIh`PGfnIr<`)nu_q}iV5389bS9?W;sHm!X@6162GElM$6(V^{{R}4VSS?}v4j>H^wFIs0OrM*k~;Dv_$CsZsP`Y_3A1vC?aTaA`XF}25L3%3VbO6%cMDbPP!XoihFxU%8CsWRsMNO zBKT3ghT4iIuX80pewC?}{#7@+?U7||B`-NKDfm=PVsUiEeS@L?`U@vE&v1~V^gV7E z(qGa%4d4<^s$Bj00|lC>Wx)C7?!}xLh(d#Pd0Ez~aYmi~AL?pKamzeczaRCU^`Fyn zF>t94=|_N(4c&Lon49{cSCX~XbsPLMo+hwUfBe!j^Konrs63d44?b8YI z3RFIt!wf8OzRlB0G~+1R3C6y83HSh-NIT<5NMcazC@XyCyqb-u6VHmUqp2@^tve7o zmTnt`?a*}D+KiL@>)@MuHuxsKjeI*|%dt@*+xF#(Yd@%YuTALE7LN~;(f*lo`X|eZ zMHt}N9l?x}Uj88$d`i!F*9C-vCSU4Z`v*TPlyMqN=HZNb|dwp$pPUN zFZEoR=s@@7x4p{lwv*%@i!)CLF#@N-^G(&jGWiql77I%Bnz2C*g7jzzwSLF7ner=X z7Dq(_e(}88`nwrD%XllFKx{VEGXEk1e@!(^aOf7}_%4GIPmvgmPHiejs_en0qJfsSB@9rH5#Tri+2L9>m-h9fR+L zG|Hg2C;<-CikH^Iwz~u{390u0F@41D-t(D!xBL&>dQ>zYZU(hH(jwboKDCRb8>r|Q zLB)Ng>2=J`o`RX4o6FKwz*V$*!l)FYdHoR!iMIy2C}xMxh-|+n81!a@%PUaUp=9!7 z2uJ8Zv*Yo@-n2T@t8$D@x+ZL*p7tRit|R+C&RuYbcV* z$yY*9?8n8?2xTJ05w&2xbxen5HE!%h)pQyBpQ`}Ha__FZpX&SZTGk*KJrL#{oSBA3 zqmFL#H{FVkc2sT8iY*XTUxnS8I7X|B-%Jsw>(wDmm$_!{ z@1h3*gg!&r6r3sgf8qx;B*6Fq^pnI*QI~tdvYPoPF}L~<4_wf#7#$LRVV4gS?Bnx3 z5<$Co&B+(#_#5emNr>s0yLg9Heu8~dbiM%V4&0&J$ho}~pUTdYjRhz~V<&1L$F=~- zc2BZQj=jK&B9VzF@1Uc*o9j#@i2MYcxt9-HDis2gca-4L)|O}GM5fl_c`r}f`}BmI zSuh@uZpA*H6Cko&ME`d63+gTwP*WrkROu508 zC5|pFxcOt5)e14_j;{i$=7TWeWpZOQqgXKOb2>QNz9$$9T!08`V!i$3rUoaT?rBlh zmeJ`=_t1nFmn?kmOabpS2&*7zcBK|e>Hy7L3=;?{sVj{#$!N^@PQW4S z-xpWXJs3OWK4{t9`Niwj$x@d9%{ zL08;v?}=maLUf!%2HW$_IBL?ZwGR}G>Zg2rl9xH0qiarYNBPG*Xxd|a1Dovnh|b@he}>a} zmQq8QtR!K2OVR83?PjhdM}(RgG|euUv_M%JTLs0>X>gDBtCf3}_pAAU$>Sk>Vd2D! zC`xV!!>%u4Z5;az3-U^vK+l~~J+D5q+3i?8PimeUFhRWVPQj2PYbZ3AR9s9qh5pD2 z(HV_q>P_xz{(9wuKp4i_wbWZxlh5&&WqM#+gSBh zQqWgqoD}Sq5aG`fcgTB8D#Ll#85_z|s1XAKvP#DBh_N6q4H=O!Da8ErQARs~buSr^-}IM4&Ar-P?X1$gp`-ImC+ATFjg4?VcuA8vGW|OY5>{Go-)an42skrz?X(qSDQ`w z1L_IpN&5qy*hp>;gICPs%>(}#hNwBqXguux{TE$+-~XCApzInV?GNG(4q)W z`fD?TGdI!Qv13Yt%^O66wy~2!wh#PJWJ9w}EGAm!xv>7C5hYDcw$(LkF$V}`EzLVG z{!nX#wf@U>7_664ku{)PhIJ`h&hZ!i_TT(X^tW_(5Erzq<&;mPjIQ?SGU9hGjVA_n zdN5^|XOBE%l@>pv+rMg44)ykZD$vcoJ+SmNw5SPdkbY>`VAvFfGaQgBoAG0 zWv^?M_ow1qF97f~R_=u70pkuY?+fDdLtj3e^z%(!s)Ct_PX>*+kncY zuJo~GRTarL*D|cMR_-t8A8|5B_EOIenD&(9_QC5z@wH;LgE1rVhfysQ_=lpXcH>O2 z?_MtP6YFi(&zhqvOZ9%3F+~cWtG%?t!ud9^1h#O7H;x0C=*2 zGhX1wIA5XbhWO5$cVk|^5xyHJ-u0AT){7x9vBc*Ai*JR2CN1Dx%--b-O`E@xJHTP7 z)5xqA!OdKi47Iw@5@|_WukEz2uuY;58jX9017D7o#-pb%n}8Z%eo+@X&vvd;YoiZD zY9x54t~p_^Avm$%^$c6m6j_;|x7Uk*UmB@rry4}ElZ&3PN|!3bit-EO{IaGqu(b73 z4>C;2|1t}Mi5?PBfZ90ize(Z`&ZP;YGoaw~BjlE0HxN+TMS#jfpNZmN-$cf?9 z?tIu5*epR*TPDgz9nvQ+jC!ob_@O@CgMVNUOvimo&ReE_!|&=h__K$3jU_^r%GXD zG+y<2XR)Zt{WMbCBcf|xqWvb}@QQpT#9||9_Yqb>`<^-Ozi*$l+4nNNx+qWe^ z+01UkXaYPMYbg8cD&-n>n&^Il#+yuU{9^iRo$t-HYb05!O7bsV_a?<;t~BU1cIHTJ zzEKZm$LS4B!UW;Ia7kP+YH=guqAr0`3kS%gQ|`ppNRF|h4Cz&&_`ey)JZFW=?;bo7 zW)SGElpu0*fAvcPy=Rc&yU$L1BoPcgG2Xl{%KdHz-7eK9Q-i1GVm>$<*75WZmzaUT z@FOSHZ;8}ojc}4%MCOt=tT~sjkmY+fV+b97vuUUPnsO8&zQ6smNZjIKKF3lTv9|OebT|+5{m95mrFI3&-tsVLk;_lcK_g`)g$!2JTokLglG(X2 zz=-h?oj*P*Gj_0oQ6rH$NXdKc<{e?*-O8P9>o;sXTwa12-Yja{cHe8JtxC|yPnXd} zS!R$0P?`kD_(S^sh3GSy8TWTZD%Ba>8MN#h+OSTe@tmc!PLc)KEd6my6CJk>X(lR0IGe)5MhXBfuWN!{h zw`w&&!hD^x5%~{cB$H4ESEUuj(p!_z@o<8cK3H4}s{`WQ#aREHsD6h|!C*@`dRGzP zi(*=jvNXb^Ju)!~qvj39^#CiT^I4E(*CeF5f^nQ<^D^*)y}#Z00ehZeMbP6pmvL`b~M%dcTOeGtk zO9dDN&s@z@c^GqC#en}ttB>voq_CW7uo`moH0xS1nF(+5kmN#`J>SpI$C>?)JE)nM*$hsFJ_5Fa&RADiTABEPIF> z9fEZ`QBI5k)F$K7=48_=gO1OxMeHevima%K8Vud-B`PG?NFz#oCfl1L#T_UzG3i<5 z7R8*Lg`eiOdhjEqJc1}6gPpD|TJ2H8%n9^Qybf5@Bb^ZJ@UzK%ui>jo8L0xH&F6O?Fr{BirrcoOru1E_2@UH0?y7nbUe3Yi%pZ_V;D#=Kb}h9@+q zq23z2ymBo^e#OXGyC&uV+Xn5%-1VeZ=@O{aK0hLc>1nA^7sv#NxNDPp@gZ=|&W6b8 z9&S%wq<0;7NFZt~hG*8*r5G zGMy0Q)28!mJAi^;Sma3fitK`BdTZd>3i}1yRz{^Fj-6*N9!st1(ixU<>Zni%o$@0! z#BK%7KH=c=HMl3_4v?QWqJ0_!)Qib&`nCL9+e5W_%Kkqn{r6V-Jq}l&K2A@*VrGL+ z@1|ciew;2w))D#LxO&Hw*uTK(VKKP}n&LoSP2;>6=lnU2tU!}23FFR}Ul0*5+)9*> zV+&WeMf_&P>LU*C&}cC8$c|f*_a{0tspe}NsD!rGoAs^Xe3YRK2HyU|!H*v`SYaph zu-VM+ENTV`YcQEe!nq&G_9dASq8G1w*ToqZ3u^-vl50E4b`^QW7Vl(@-KE1{a_UzE z;FJ$S!Qf-#4oavLi?r$Kl#~BG7q44io%>JT4?jtJj}QQ^Ij#zL%Y8A@O*nY(6t&Q% zDqfall{_JAHcQi(PqIOsU9)cj3KGz%E_5%G1d5_mGy~zbJ8$2gr)@aP#`^Y#OrX_R z!DOOskbpr)sYp#Ia1GtEv~?r#Db7-O;8E^98~AZy>LiXhMdcG(DsIEq$tP&bZpxql zsuh@X`B%i>qX1tdN=6J1I{goXOlP8+`4;*9wrc!Ce%e0jm>=y2!oM*6c5DKpDT zV}1;_aT%oc@LmX2teq{@o$&MKkNPLq(y_i9C-x`CjNF=2OAw&XZ(i?5<6#|~JH5qG zT;361J=7m|;nD7a>7Jq?);Yy3*^3UC4BFP|dQ%Y~<7Kb(rfxqN6n z8gmH#`ztltA>xpQlK{Xu;yevsbBG0dUBCE=g`VjVK?)* Date: Thu, 24 Oct 2019 11:10:04 -0400 Subject: [PATCH 758/922] add mention of timezone --- docs/userguide/gettingstarted.rst | 12 +++++++++--- .../images/getting-started-timezone.png | Bin 0 -> 11681 bytes 2 files changed, 9 insertions(+), 3 deletions(-) create mode 100644 docs/userguide/images/getting-started-timezone.png diff --git a/docs/userguide/gettingstarted.rst b/docs/userguide/gettingstarted.rst index d4f851841..1c49d7485 100644 --- a/docs/userguide/gettingstarted.rst +++ b/docs/userguide/gettingstarted.rst @@ -6,6 +6,12 @@ Having followed the :doc:`/installationguide/index` for your distribution you sh .. image:: ../installationguide/images/zm_first_screen_post_install.png +Setting Timezone +^^^^^^^^^^^^^^^^^ +Previous versions of ZoneMinder required the user to set up Timezone correctly in ``php.ini``. This is no longer the case. Starting 1.34, ZoneMinder allows you to specify the TimeZone in the UI. Please make sure it is set up correctly. + +.. image:: images/getting-started-timezone.png + Enabling Authentication ^^^^^^^^^^^^^^^^^^^^^^^ We strongly recommend enabling authentication right away. There are some situations where certain users don't enable authentication, such as instances where the server is in a LAN not directly exposed to the Internet, and is only accessible via VPN etc., but in most cases, authentication should be enabled. So let's do that right away. @@ -33,9 +39,9 @@ We strongly recommend enabling authentication right away. There are some situati .. NOTE:: The default login/password is "admin/admin" -Switching to flat theme -^^^^^^^^^^^^^^^^^^^^^^^ -What you see is what is called a "classic" skin. Zoneminder has a host of configuration options that you can customize over time. This guide is meant to get you started the easiest possible way, so we will not go into all the details. However, it is worthwhile to note that Zoneminder also has a 'flat' theme that depending on your preferences may look more modern. So let's use that as an example of introducing you to the Options menu +Switching to another theme +^^^^^^^^^^^^^^^^^^^^^^^^^^^ +When you first install ZoneMinder, you see is what is called a "classic" skin. Zoneminder has a host of configuration options that you can customize over time. This guide is meant to get you started the easiest possible way, so we will not go into all the details. However, it is worthwhile to note that Zoneminder also has a 'flat' theme that depending on your preferences may look more modern. So let's use that as an example of introducing you to the Options menu * Click on the Options link on the top right of the web interface in the image above * This will bring you to the options window as shown below. Click on the "System" tab and then select the diff --git a/docs/userguide/images/getting-started-timezone.png b/docs/userguide/images/getting-started-timezone.png new file mode 100644 index 0000000000000000000000000000000000000000..e372eb8b0ad9e640dd341f57a8ab876a885b0ca2 GIT binary patch literal 11681 zcmeHtWmuG3*DxT$ATfh;Ls(VLx`Ys4Gl7MiKKLhMN0_|T@um)0wP05 zcMtWA=XlQZob&$uuIv5t&X2k7S$pkO_lmvNo+vGi2c$RXZ{XnIkSfCzbZ~I48DgLH z0R-6ZkpNLe9Gn}C_E4ynG8D?9<>vgz{;4ev4lF7qmGB|ODs^}B%Y)}bc=<4*MsTAF zk(9@(CHQs-@+MRsRKfb;Bi<7^Mf~LJW|UekdeJ4XpeK|cx(xB)1UPS1I?Adz zp!eEu0qz14@yMH`+LhfQ_uGlw&uzy!+4?DPgh!}yI&5wv;jp}8^)lwTOB4k)epYck z_saqpqFa79rq2fKPYEBbuKp?niL8LPSIS+vs}pM`6eFQTXrrH?H>G z&z*~kqLJ45td!R1&%)_W?W=RV}s~3U!KLo#Dg3TjA}C^+{T$ev`uqF(mg+rEVl`yO9_4#_hom_ zd?zaTgjf)AyB_~t{>>nb_vIaYy(DQHUt|M6hc)KEa8B<(0A|~P$eslgM&jy!wk75f z6f>d|Qb&|g+YtLG&ydjH5;tR{4;>T~Eiy7Pl)$^^uD=`@RyX!d2%ufgKlywl;GGfgBgbOv;&qD6M~5zPLKISGU9Y4hv5%R3h*b|>7=c;pi1 z6acIhMBk8`NGQ^)O}&i^9?kVYn56*(j_m1B?+~;C?+Wg+?v^GeC)Xwyj_GjcJS=kBB?+}Pmha$3_M{$+jkg=4cql5)^g$CWQ0cgQRePs_nto140h{>XQzH{LwSR2KrTk{Fpd5psdt=B+;{qA;Vu#GjIs>Km+u+N zBDtfK_8!J}N@KmE?&lZ1UV6hm{(gLIIAi4gQ2f}ysMAQ`E9jW(kn-5K($RN9`Ni)T zUVYN2lRIu=k{gsuD6TUoSKSV63JI*fq`uI<5V&T0EnF^MF0>U2{g9stZ-B?49l<4u zq1w^IfraMQlau4=PfX$dqxknLh0rfIL|276(snN;XL{rSmlOY2BpPRA5b29mSN$RNVCXRQI&O6i|#y3@Je=Y3kV_<}2pp0a-Zd z=^5Z|Uqz1Q4m=v*9ylDZRwYSwNo6z^oG;jH^LXb)=T=nT_33g&V)6A-mq)Ry-+bA^ zfLFO^kdkNt=V-!+g^wWuAeA8{jgasuJKorl_c`^Y@;yZK`91JW^OHFmK2qMZ-+8%H zb7;0cjgHtQ-kDw%ZPBu;p!JL;3i7);yiCJ`;i7Sua5eGbu7!nc%DFrb8Y;_+X!UJ9 zpBo2(+5q3E_PEAagryGBiYANlRqv)slU9+K(2P@Q5Lr-}Gha%#fvx;HLSgMNR~x%z zwXwao4R3+N=ELm6P=Ofh@$Q*Oy||^$+D`O*!Mwu)N16}+bk$Rj`pvy(OWp>wC7+F5 z9gEg_$5QMJdP=OyBN65`7fuG&c8gb z`gWyT6zPB)_|R32RlgBVByO8A`E6rXhdwRY@B*jG{1eGtm)B1oDgNvh(SD-wsK<7< zs-Y^bs_v0Y-)_&TJ+CkC6USwVQqRnB((*Uu<+C`Bu*so%Z9D7Bu3^(3GvLg~Or84| z8Fq;VFOHqu4}Ko`AD+*gCvN*UKjC`L2cjl<>N=})D24HxJ(e;lt=pQ$ls-2@G=464 zTfL$xP<(;`rphE=+-u}@H5v5!v`Oe?>AmAU^L@2;9~Nb*tkLtiEYFPhll>=R@8;<$ zhrt@1%#rtv9gXviP}>k&$1{)P&B^1UER(=DZG{EzbV}WxEJa*wTwD;&0EPA68Bpm3 zTqYhbSk^dus>TJXugYz-_J?W$6>qI!deCngjK5A5OqEBRMnuFTZ`D7vvoJ6y*Kcmb zbpnaTGMfcfAE!@L)+$wXt#LT$4!gRT`k$W;?#ld-B6lg+f7Ra8rR)3VPA2!4FkUTH zuRevlb)Ii|YfHDQuT}@VmXCf~^aqLiE3K<_8g*7p50Vcqx=c|4_NzrXeYk1m=DYQ7l`*rPm+$+&3Qc5{WjAfPG#-Y3k4tr$-uh|b805HB zxo%%?A5>L3QCZjMto)-su}wiCDN;^fu84I9^fjY@$7;4yuE>Z3g1;xNKUZ zqHs{+Bsk*KI4b-&9k%XO2PJv+r$MPLLG$%Ke)?WGV-43p-*AI1_;9F%gaB=OpEKwp z*k*8_I`SG_C36i=Iq*>vy}Tp9{N~M%_t%1-5Y835`1(3r9UM$RVU@=?E3n*5v>oN+ z@RPS)MyG}rydDGBuL^>2>?wd5W~Ia#I5@aj_74p`4As>nteqYC;5N=ywtNUj7wkb7 z2M2k0(Ew?Wf9>M=DWux zeS?LC1>$D&NJ2+J>GyW*FDbUi9v&_d{QTbD-hAFde9mrm`~u?Q;{5jn`2_`eu^7DW zK29ER1h11j_)j8#(NVBp@O}mt&=;JhqRc;eaIj9|6}Dp9RF*l(SPmy z$HxC!_`MOr|4aV=(&tZO{Q<>VOZo(L0 zCfrmf8i)TCo)Hpmdj}rI4NpfX-%$sP^s4lYeAv@@9ehfwBt1(ZRHgPsO}#HxVMIYl zw|YdD2*j@(NykN>H{wH6=2|(}pM~ycRQP$3Yd5el-LT=kU1b+=b~Ry~tzT<6bejd2 z2quen^La4-ACGxXcno9Np>+QZ`?V~4JFjI==`XC`8-`f$Zj=y&2s8YHge=|-p6!29 zmBk}v%WH7}!KxB}^Z88yOO)yVJJBJZ)@Rps{zaB0gaEWs{h^cod4kculzZ%p7Y?|8 z!OMd44?Xg<@hJ`C*zBeMHqIZ07^Tp%6!|~oKTRe3zhDgs(L3P%zx*igKHk;oU{D){ zCWJhd&x~Hb%+$z)E#U>$&9n$ZG_oba;_gpzJ^j$bk#A6L?zw0)QVZ~K@ToYnagKR$ z#{Q@Gld|os6ebYh>(@DbZ+l|CpK-D}QluK{Ci;hCmlE+b~eC+}@0YJT$>2MgEs7woEd&e`sMnAJD!)(KM7 z=Ki~#{`q|dl>ORV=nt_7;r+pS=giHv_liA}Y8o(iI?&X%aW&)(7;Ht+S`ZCB>ZrW}yDI&<(dE~Rz5 zf7~CCoQBluFx5P5UN8I9#u~vmvLkqTSRT}gX}@3I?HstDxsy`vZ(HMddU?cib+H`; zJlp!@%=KY@YNPq;5 zmn`$ROgV~U6c=Q1c=RQs#@MJcMdln0MAwuDIDS0+nHlqmzJV+a>k75`K0jZo=SoY> z_-!|yz77Za?+ti236U^MLrh&-ud|nPSsh2;EsM0umIFEnY~_2De|1B3qXh90a;;Y! z{Caoj23gB(*(DC04J^M74l(|A-X{uqQ<*DvxdHcQ5DRhe1gWD)=e+VyTMZTHa0aDv zrNJDjg}u4f&~}4n%-5lsClezk4tI7^>rm`7foGdVj@~n_4`#ZgdpEv+@}Bey$SG4~s3X z4_qThip@MJZ!B1j3uFe=Ih=`20R88#p);P8aWB1`h*^3mWY={G1}N;Q=0J|nr|m-S zSl8|nM2BcWPUb?}qd0SDcgWlre;^X158r8a3P&>5VuhDvvD_W=-;J>#L1dIQtiAu3 zFr1pN0Y~3{b#7hkLt{Yos>-&XxWCy1$!)b^P_Qp%5~tlB-% zOf8@Mv2>Kk^~yF70vDrjY&p6WJ|6o!X+6;hc4-;NmW=pvf0~CQN7CB~(JeVk9!ACR zxPNr$htsFcHgp7Y)0D|$h@x<6Qe}Vb(d0sc4AU%Tye{>{yd3nYC6XpP5VNY?GL!}u z?I1%3F{-vZ&9#KMiY_D5t^H~O7*SvKO%%&DikcpczE&rOMv#$y+W4TFw=WG3>zNCi zh=ULcLlc!fBjUr|2$ZP=(dLvZCMWPzVOKHIDVE_5dViK%%a=M!9Dy_4>PQiUL> z2OPlID}h-lY{!a7tw?oY1XyoRI<6lK;Pc0f=8{E@78u-lr1cYMMQRRsSHSw1Jmzep zN|W+gq+`d|pP9}~mnYpaT}s0F*;(#;d~EN3?1YO_R^2EMx>&dV&J}^t{=pxxs*1+y z9-pI*N{+m{#XmXsJuiWbjd=GMo9*h7IcGbQG^NFFz&o01oj`emk8bLXMV_Vl>6)D3 zXAwTx6slABBTYQE!UNzT34fe&vdUQw2R~v~x=MGf{r0*#u#JebWE}BEPBCz@0^Z(M zlx9x9<1qKVVY}(9!0y>l+e3ZGPLa$zrjq$Yl~7d>^#g!W0+W==5?lOE@N*zj+AZ%H zfsKlGvPu+$8K2l|y|k_?e`OcO4yGi*S>zq$n8g)lV&$9f^zR?Xwx~nVzleW7$p~WFwrxDbk88@d2|m%3`Vk8vJ~2UIcv|a4dh> zb7e7+JymWYqHS4fF)><|DEkE;vEJ(sIZt=0?4)+(%gLbd%fnVYCp-jTr++6~S{U(y zwF0nY&DpT(+a%5;gVM3?unjnjDe}(9TqQVRQL%8# zKFCTQcI#*e3hcxT5t6lb1n#MJcZS{w(rIE0y{Cj?G2MM#R2?aT(nXqDJ>8zJbEZs1 z(2x%S-d`gVWAV)g8CA%#7~IK}NQ!rk&nH2`C74*FS)I6n==7t?_y`hs3`}F%8t)1< zkNu0kpJ4s0z9O_VyiYAun*9p(F>oeau>hO6n( zAXAdpO>&}zvyl|RCe<7U59iil*(q2X4 zOpwElQbBayLo)F{eJct_^oWHoGcbukba)oT*?K{oli56I-QwFD9 zy819xR2?Dax24K559KIk4paDkFHppoR%umGZKinNz|Y0a_d zSIR@w(Xqv*Cb7H#1o=-r5^WXbOvjsG{CQ7eS^J&v@1cVEeco=PC&rS6HukbsTUirtesc1 zfbe^{H=o&rhss{s)N7Ku7!stX>oRe`P*-Sd$XtjabbZcuyStf<;+1WO4D-;*45Ss+ zxsbgNhFuJ=m1Xf#h<1WhtW&q$m{GC_su5}W3E^;``j7`i`JHn&?1w^zDUq5_g9!>RgsoS@H#^Oi$p^9M=so}~#2Pk|f{M&Zda_==c0Uic)U1J~A- zk@QNm`Sgo6%kXkU6DvTl>6^JDvk%J#=njB&e3Z~tZWh4ZcCZJ$btcXyQ+}IX2Q$`! z6d2?upg_|_9mgf&`OH#}F0S8uDdFjWB16O@1eC;B29?EF07O!1^J#8qx!kgc5$Bl= zuRW2RXtP)hOzPXfN)TcLRO3%u68fY~I?&)VO{#DKxdb8&@LkO(^=x1;;v$QJiMQ7_ z`v>8kO1|woz6~(%Afi_m1=c#1;xdSzHg9sCpeDYw+wq$JuFi~V?A)u5e>y4=AIww| zZ~bK8W@G?mYgSx7IiDjyg61vHA2bJE%!}46d_*zU z7Ig{rDO!(7(a)kHTS59@V+?>Q&i(Vg5{{NL{T8Cj$0rHdFVM|M5k~6sa5|!eacJI% zdz^-!iZrN0u_>XIuPcthAY(8pU^OWh+(*myVn;SS#}0(kMnLX(uq>bc(|)9eO{Rly zIn<6>t`}v4Xh~OHE2$cYp19T;_E}MDUObpEKNIj`<}=NLWHxdC?hyQ`^`ZS7(KvYD%8<#p1c%uL7^Zkb7~fUA2OFgH&P<q>SdgI_naToEE7j(FZjT?fVsWFjP`hnK0~Mz@vt!+tKvxzN4+XGBM#gX= z!F0~4MC{5+Jkl})!i+1Lt(oRZg9X~{g3fg>cE^*3Um<9Pya}AOxf3t~I#h**yX|og zVw9L{7fR(%iYnyy=3Bqq`;6_hv~qA}X)bepdgNeqIozqIi(OaTq;?Q!4?>>>a$=sD zV}+6sMv)V33gpNke~@#)7NqJ_&H!o9Y8EYt5m5dZsdmR3>QI?$CM<0AsXaS9H`^jw zIwMI~H1Qe0H`tV>tdk$)3N(@T-?Bye?&-v7K|9ip*4SIPo}<)?%o3G$JN)`1(rRXo zdB6=jN)BCi+Rp8tF(t>dr65; zr8G$z{=ApBl;TA?LjfqHGwTjApEAyE2g$B$$$m3XH4lP&`2f+UX8lt1^Jzpt&korR zHT|G0pUUI&GRNXNH3itEAXj-%eE<^N76u=3=kRGz;srAjZJOxb<#f?S*!JE%+?+Rx zr(vbBUQIV{Cagx3NlXEp$Hswp$aS_Zx*dYM$0)S8!b#q^z^~(L`&UzTY$X>~Kvb#2 zSiuqGHw-l_ckc@aeafB<-ecYWI3Ve4YQdgfnY|Ck0>UI?+?@mLFy2e|k&AAQ$&NfBCV3M0OF zOREm5RJeMJ8cv;M16R-z-7T^sqvHv?xfmuOLwo_zX|C{Rb{^MdI`v9p|5f@xs2=V5XAFfFb zAPBh2B#toR(U#qNBHlzLRrs{LH$u8#!Lh!b)4bSJ`qxM=@7E~@bMn&oKcGKGb5X(N zC8}Jef1&+?wcNq$Cw$p4p9*ua zLIZ#Uw2h7q#_VWi7`$a&Efbz;2lL@jbSf9{5%dvU>5dbfrLCe9ceC-U^6MO3T5h*g z*hKHQTmzQuo}2Ff{6akXMiWTL?C%nBFC9BR5JMv==&3aZ&Z8q3-C&k1MFrn|*GsiO zdK@T>cDn5!MlktunRJTC*M3l`1eFt*e49YXWllsHmPu=&tf~y zy;ppyEGw;h9Diw;$A0uNsC}4$TMM716!>=IaeSym zc0eBm8u?umxNy9|z`;DpkJ_;Uj4t#1(E>8=rulG+5G~>#SS|^hrv5gdWgMVCTT*n! zfB%c?irwoJOFR!H8M6it`=_twiB@JC{U~jw9qYb3_$<6j7k7V@E@Y=M>HQ;M0W{J- zTGdV_*}=`3KDa&Ww@um){LJ;P?nj^>gu0xN;^b)KTa}gg@r=9XM{E-zJZPn(R9uF6Y(aCr@~eprCuN|n6DozV=a@Lw=-J0BmWdSF zv8lOPcT7JitLK26E+)ASv9I+%_EucLJnSvkX?#)-j9Hq&>hAhV6O}NT&f3^E_r*ZH zzwh&MOs*fR$8?1*ivMMKyzecKA-T?{rp{J)z7-iK^L}f;$9%p-L$tRfy`G94OokGksio}5`=GWiGM&+-cgS6MCf9pN4)%&S7BYsV6oUd~Mz|B)JcN6QRqM zi4k4%7fV#}2T@9HeYB>P3G`otim|di_aUU~%Jl`SxrYMb$^CHH=h;Yda6z7N?NcKN zi9p@O(KI2g>!pE3falDte#1k8CEbJs|3xtRWFa9zZR8LM#9K+Xj*ps8J*A|<4nR3H zdo`5AzUyjArRXn+2Bh;ftQ2th!$VHw5otnYn)T=JzkW(Rt1zT~CXjS2BA4 z>`S`^RHdra#L{tyv|GC-@ z4uA93qB*cqO@V2iHH`Z{#=m!o@Y-5S#0PSnEY6veM@?*N<^!{bW!|0QH^swk2f!jb zMoNZ>gg(nwuZectA|)!7Gtl9}lB(f4x0=6&(1p z$Ku#%RXM$>5gt*Xf0xO`lry)sw|=vBy6xAHJYHh$txjbmKE`}0oVH|K%&9mFQf{2O zTRUVBt$hGUT%6GmUrIK9QTtxfRF}ELEmr4sr~ANYk@ZSYxFvXo0u2>oyXYX3Iv7I0 z>d%XJ7f)uYk|K_a1mPw#8fNbBjQG-Iiy~j_D5t^fnANklG3ecSsh>B|HD6EV;$4RL zNb8ZuH(~hZsdM%*KmJp#$nX$06=&PcGJ&Hw(%2-{etx>Y;Jd3?I-6iWTLF-)ipvg67N|byF3|?65>|eVpG6bYCJdJ!@F+~JnN3x!1?Py-J1r;p5Z)A zrk4k1eA}P4nYV^)CMHhOSsBtWswz9YsO#R?<)8g?I>>H z5`5;G3Qn!~VpR1gER2|@%Pd*cx+``b?%Jpmn6mbL+|wF|8ltHPwP~w;++I5?hT5Po ztx1!UvFBfOiqWAeM~hKR6f9Xtlz2`hTei;)&+qmQ%05Rkj+3lk7ow%}v> z7E|}EOq#Od;U+b1J0M={C5ma_=@Pf{!NEq=pmZf)>_|i!zB5tb=5Sr)e$OCxib-jf z&QE^c#pR^s&aGtT3qO#@o7_NO*>mmttF->sPy2#d0ipYYGBRWX+6Rksr5O+(w}X%5 zcn@T_QO+c?+SL!4rtcQ@jcQT5Yqo~plTu)YrdTiG<1a_F%ul5*M9D%8HM7J7qPu7M zpvG$vVyq;)S?&W-wyFCiMH2eI^73?pQ<}N2J>}d1cb_9RuA+`@n&OtCbZL;vg>?Xv zBmZwPovPQ6A2>p?WZ$IL-BuLH+4eU2`xsIkgQHG@A@syvA2|T1llh=xKQqgS?{HRbPez?n^ygg@_A>T%uo#!9p=@QOd803tXz8$T z>C)m$HX9v)QB&iTTj|o6uQcG54I=VITI9CBg#<@{Zh~JZIEPjp?e@xl%Fg#7wNpq$n3M2C??O&Wc)u8`0uLc2ovx4#NzCnNZ7gPekRk0Rqr}LMj zzd8P^ko+x&mgQI6!B>Ar`mY0LFuoi1aGDj~_b=!gOJ2+SYdOllr}uxYE@Gt-}IiZGk6FXSi3gY{p3NKsbQP$-kPeD?nUcIO_S literal 0 HcmV?d00001 From 2ba8bb27379e646cb2f8a7c62ec6aca2ea513114 Mon Sep 17 00:00:00 2001 From: Pliable Pixels Date: Thu, 24 Oct 2019 12:01:04 -0400 Subject: [PATCH 759/922] updated documents for "understanding console" --- docs/userguide/gettingstarted.rst | 32 +++++++++++------- .../images/getting-started-audit-event.png | Bin 0 -> 50064 bytes .../getting-started-understand-console.png | Bin 235246 -> 106254 bytes 3 files changed, 19 insertions(+), 13 deletions(-) create mode 100644 docs/userguide/images/getting-started-audit-event.png diff --git a/docs/userguide/gettingstarted.rst b/docs/userguide/gettingstarted.rst index 1c49d7485..8736348b5 100644 --- a/docs/userguide/gettingstarted.rst +++ b/docs/userguide/gettingstarted.rst @@ -66,27 +66,33 @@ Understanding the Web Console ^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^ Before we proceed, lets spend a few minutes understanding the key functions of the web console. For the sake of illustration, we are going to use a populated zoneminder configuration with several monitors and events. -Obviously, this does not reflect your current web console - which is essentially void of any useful information till now, -as we are yet to add things. Let's take a small break and understand what the various functions are before we configure our -own empty screen. .. image:: images/getting-started-understand-console.png -* **A**: This is the username that is logged in. You are logged in as 'admin' here -* **B**: Click here to explore the various options of ZoneMinder and how to configure them. You already used this to enable authentication and change style above. Over time, you will find this to have many other things you will want to customize. -* **C**: This link, when clicked, opens up a color coded log window of what is going on in Zoneminder and often gives you good insight into what is going wrong or right. Note that the color here is red - that is an indication that some error occurred in ZoneMinder. You should click it and investigate. -* **D**: This is the core of ZoneMinder - recording events. It gives you a count of how many events were recorded over the hour, day, week, month. -* **E**: These are the "Zones". Zones are areas within the camera that you mark as 'hotspots' for motion detection. Simply put, when you first configure your monitors (cameras), by default Zoneminder uses the entire field of view of the camera to detect motion. You may not want this. You may want to create "zones" specifically for detecting motion and ignore others. For example, lets consider a room with a fan that spins. You surely don't want to consider the fan moving continuously a reason for triggering a record? Probably not - in that case, you'd leave the fan out while making your zones. -* **F**: This is the "source" column that tells you the type of the camera - if its an IP camera, a USB camera or more. In this example, they are all IP cameras. Note the color red on item F ? Well that means there is something wrong with that camera. No wonder the log also shows red. Good indication for you to tap on logs and investigate -* **G**: This defines how Zoneminder will record events. There are various modes. In brief Modect == record if a motion is detected,Record = always record 24x7, Mocord = always record PLUS detect motion, Monitor = just provide a live view but don't record anytime, Nodect = Don't record till an external entity via zmtrigger tells Zoneminder to (this is advanced usage). -* **H**: If you click on these links you can view a "Montage" of all your configured monitors or cycle through each one -* **I**: One of the most often missed features is the ability of ZoneMinder to maintain "run states". If you click on the "Running" text, ZoneMinder brings up a popup that allows you to define additional "states" (referred to as runstates). A runstate is essentially a snapshot that records the state of each monitor and you can switch between states easily. For example, you might have a run state defined that switches all monitors to "monitor" mode in which they are not recording anything while another state that sets some of the monitors to "modect". Why would you want this? A great example is to disable recording when you are at home and enable when you are away, based on time of day or other triggers. You can switch states by selecting an appropriate state manually, or do it automatically via cron jobs, for example. An example of using cron to automatically switch is provided in the :ref:`FAQ `. More esoteric examples of switching run states based on phone location can be found `here `__. +This screen is called the "console" screen in ZoneMinder and shows a summary of your monitors, associated events and more information. + +* **A**: The options menu lets you configure many aspects of ZoneMinder. Refer to :doc:`options`. +* **B**: This brings up a color coded log window that shows various system and component level logs. This window is useful if you are trying to diagnose issues. Refer to :doc:`logging`. +* **C**: ZoneMinder allows you to group monitors gor logical separation. This option lets you create new groups, associate monitors to them and edit/delete existing groups. +* **D**: Filters are a powerful mechanism to perform actions when certain conditions are met. ZoneMinder comes with some preset filters that keep a tab of disk space and others. Many users create their own filters for more advanced actions like sending emails when certain events occur and more. Refer to :doc:`filterevents`. +* **E**: The Cycle option allows you to rotate between live views of each cofigured monitor. +* **F**: The Montage option shows a collage of your monitors. You can customize them including moving them around. +* **G**: Montage Review allows you to simultaneously view past events for different monitors. Note that this is a very resource intensive page and its performance will vary based on your system capabilities. +* **H**: Audit Events Report is more of a power user feature. ZoneMinder regularly runs an "audit" of your recorded events and this option provides more details about the latest audit. +* **I**: This is the user you are currently logged in as. +* **J**: ZoneMinder allows you to maintain "run states". If you click on the "Running" text, ZoneMinder brings up a popup that allows you to define additional "states" (referred to as runstates). A runstate is essentially a snapshot that records the state of each monitor and you can switch between states easily. For example, you might have a run state defined that switches all monitors to "monitor" mode in which they are not recording anything while another state that sets some of the monitors to "modect". Why would you want this? A great example is to disable recording when you are at home and enable when you are away, based on time of day or other triggers. You can switch states by selecting an appropriate state manually, or do it automatically via cron jobs, for example. An example of using cron to automatically switch is provided in the :ref:`FAQ `. More esoteric examples of switching run states based on phone location can be found `here `__. + Here is an example of multiple run states that I've defined. Each one of these runstates changes the mode of specific monitors depending on time of day and other conditions. Use your imagination to decide which conditions require state changes. .. image:: images/runstates.png - +* **K**: This line shows you system health information +* **L**: This defines how Zoneminder will record events. There are various modes. In brief Modect == record if a motion is detected,Record = always record 24x7, Mocord = always record PLUS detect motion, Monitor = just provide a live view but don't record anytime, Nodect = Don't record till an external entity via zmtrigger tells Zoneminder to (this is advanced usage). +* **M**: This is the "source" column that tells you the type of the camera - if its an IP camera, a USB camera or more. In this example, they are all IP cameras. Green means the monitor is running. Red means there is something wrong with that camera. +* **N**: This is the core of ZoneMinder - recording events. It gives you a count of how many events were recorded over the hour, day, week, month. +* **O**: These are the "Zones". Zones are areas within the camera that you mark as 'hotspots' for motion detection. Simply put, when you first configure your monitors (cameras), by default Zoneminder uses the entire field of view of the camera to detect motion. You may not want this. You may want to create "zones" specifically for detecting motion and ignore others. For example, lets consider a room with a fan that spins. You surely don't want to consider the fan moving continuously a reason for triggering a record? Probably not - in that case, you'd leave the fan out while making your zones. +* **P**: This is a "visual filter" which lets you 'filter' the console display based on text you enter. While this may not be particularly useful for small systems, ZoneMinder is also used in mega-installations will well over 200+ cameras and this visual filter helps reduce the monitors you are seeing at one time. Adding Monitors ^^^^^^^^^^^^^^^ diff --git a/docs/userguide/images/getting-started-audit-event.png b/docs/userguide/images/getting-started-audit-event.png new file mode 100644 index 0000000000000000000000000000000000000000..91e1386d8c839f297eb4022fc059671b836d16d3 GIT binary patch literal 50064 zcmaHR1ymi&(k|`}fdoQucX!x82=49>EV%2&36MZ=cXxMpcXxMp_qTJ-z30FGyLpc_ zYp-Eys;8>Dy8A2nDJLU}jDU*(1_p*KF7{ag3=E1J3=CWx4hHnZElb)K3=E;gR9IL} zTv(V;&d%D{)WQf1OzdY&EUXgd0d`+o!gcsKM1~lA3rULvJfFjX9to+>cMM@6v~r@# zdI)nt5vXWrZ7ew(<)C8d3O#-Fa&JdLY-mSq+IcxwNZ!s<;9iUKs@EvT6_4|&^HB1` zXaiU{xFVsLzY)0DmI+*!JKr~^3R~7?IBzf{n|7FZW_4n4K2}yV!bGoE?XxrD)gM*~ zBi)a8cW=se7NI|&!LWjCAT+xrgzvE`d(|NHVZibwx=X9bg&Di>;b`C@AkbU+y2R~y z*}LHFpN(cIh=(!3SSR15b{ir@fe{uEIcbp7!2cB1@GXZ<8`&b^RViU6RKeN`0dL6**YgDXwQD1B)I$Cqd$>s zHvKn7BS-J=5AYpCSHlKlk7LZL$2eSLv=JuDyj2N0;E^o_9X?md{a5;8n}&?Uy9p$h zC}}1ehm7K-pED>tQWHA;n>VAyex?k8Uf8oC$=u_L!g@ns}j zd@k*exPD{I969RhYTOWv_9}ax{&mv}EO7E=4D*%r5bFw|@4a-(MFe2d(Fe+yEA*!7 z1VfRay=T>8)#ABKgvXW{z2OYKA>_bu0kH2OShAUU){&NdIL={-2qC(CW4xj336bGC zaLZ9FAfVIXj=_Kcu6zjC4s;u&WU!KTqlpg^BB6JD0DAZUtNOK5G{~M|8n} zmQ$dlmOwNLumiYe3dz~#e~w100ayM(Ei#jiD}RztKTS7{c1U)Ji5r}oZu*U-nq?6c z|EF=r)CAsm&%WI?x&z`P#v``ddp@7n03w5FM)LO*NRXI*;+@4ESb7pnHSxy7M#K2S zl)HS`!8u=%%Wu^LENIz3G+}H0S_!l4bkch&Cz%)jh?3{a($TOkWFw^oQwmmx>Wt<5 zX)X+}$D>s;+~(26-ucVD$vu@Xtzg*tXE>sA_=WE$--W+BbxLIYGZvJy6;k^C6wmhNW$N^-$`L3B|P9UWa8oi(jMm8w*#lrU{uP^8eMkS2CXY7j|b z$|Wwf_=Q{QkZ^^hg)C~|(a_oMBbQ%uh?Z!pn5Wb$rE~;)oUvF{4u^!QSe@9NWLqRr z|Ng+Zk;>q9fAnB-bOY6uLM&ks!x7a`^a`OS5m3Vk;G_^rY(j-Y97nE7tIFUkZ6)=I zqKx5;ZY*{zPJq%&-t)U}=Dr*+744w$Akm=FU_OLO2f!yIyjU*VMk+&8Ur1hO;tP`m zlVpX^Me!!uJCT_@=KO-`lWEN9rs*+>LkS16&`Fh?FFBq$sDr`LD=}Py{)5tk&d~xz z<4VoS3QA6e)rGtYB1O1G^vc>WsLxjv`3MfI9w%U=Mck?72G}6UN)-4(nQ{omBc-^v?(l82My|yUrs;SGjeiw z^2lZjXAdV5C)vkCr$?u(COxx-r)|f@rx!}53Rp6V3h=UAO!s zu~)EcBph=bu=K=pCtgaMOTi9{89P)-Rl!v0+ZVc~yQaDpJrwmc25(`XX)V{>C;69% z6!s7W!^U35zQ(%7p2S)g|0+>ad8blWGBC?Oi&wH#th*FHZ)1TnkF=;@;b&1d@3iPy zQ&oq#$hH`=bhOyFq`HX8Ny+)08;eKFv76J4)5?K&>waKhl&b6C`&8Pf@hH{k&8UGS zQmjqvM-Ar9%#%)s0;dmlISsu{ulwBFxjVfMMYh1r(ydXaGDoj39GMhTVUxP9YA$em ziG2Jn+^(f}$LB(>4{q<=Zd`_dqHb|Of!m2&@k`V5g!7sk?W3iQzzf9lr2~$3Ig|4D zj=$i&fNwXiaS&qQ8{j+OvJfGV{yryyHsN05rRjkkZXM6-vuJ3Ya0~A)DW?fp`L5$~ z=5sP6X=3@2tB^EtX5Y!c>%P+=c;)XT`3mgz6YCPQH8hEqn!e0$%txKjnIM}GW(qc# z?OXn#9J13>+q1EmxoNgV9_PxiRAu4NaB}IptnGp!jPk_lK~b zVWDMVZ=Fc`vy2p&@8M(MF==IIb!HK3d4L?ivcW>Qqo|m5^ z&fMF~DZ}Z}u#qfmR~2sf9)YWOe3~V7r%R6|;o2@O{h9gI`;tsW_m8Nt0?{vwEp)b; zV@^#cuugi;=g!M32ensXKefbV2Kr0WwdtBnn-HDbma5FgY7~+t3tPHdHd};^e2grg z9PUo$?{bngJ@Y!VG7A(+?96upUyfg1V3$!@RSHz!DSNy|+->RASUXCFcuF4#9(N4; z$)bwjA3hFj6O?OA;nKUY!vrKndr& zT3Xmi*d(wepegOUfGcAsuIok9{vAWsgY1B;WSS{|5ndH856dab>XZAz)dY?&jv@o% zYxq;vWz0sAqF3YF0v|dH)1$_{+oSY_W=vh++CuYDGE$2BGyloUbYN!~H9?rW-Tm|p z*W*=H0h_Lk?qDmfhvggg`N@XE;&rt*mEmY81f^le&!1q;Tu5MC*kBS2VBJRcRoBJo z4G&(i?OvM=u0Rzhu<1rfv;}Z)U3##0EG%%Hm;H$!0*RNwEiCEO-=Zle7R~6f;S;Et z2=emQ3L(ACVb_an+}zCGuCM2W#VYQ=_QleYHcYU-1>EQNsz0dd(m9Mmzh!!XnPQ?Q zYL_4;f>3R$sgjz5nzR(Rfwd*QzM=J3BYGE08xYV11LJk!2Hjd3Ip`C*SXx-wbGz^n z|Mdnp=>GR(24cd$UU4wzBUY1^BNVo_Ga_W8XQgK(=0_kTB;>U-H0D3rH=%2s8POu*(wNOPzfDZ@zeN7WW*zXQUwA`&W!K|QL=dh#4 z3wX62H=VVjHyE|zp?3^Q75xN|u7#L2LhA%TiKQpPk*Z8Nx_rPO1pmYJgA<&Zn>aKc z=a1BUdI%*4B^*&Uj1&Oz`&uUpkBueAi=9C&0&wBLA}L=U9NgenzoYgTm$2Rl)HOTC-gpXsC4s z2y;YAVg*ITBEr6Q_45_D;Q-OEVF1Tgyb9+#T6FkufDydhguJ>PZ`glX2V@k&UAS>a zvfaY((8PbTeLgKn5o*cMy@5mQG2IFd+252Kq-Z zZ#)Q3ZB@MiL9#$RcPZh&EdTe!{qu_^3H40Py!@uSW;QyM^ z=$KRb>Q5u$?_bI9++xT&8V-Yu7XWmt$-8TDHUam=x6dsazWs9Ihhw!$E1k$51&XW& z4dqMrpbR#E7OJTPKt<(+Fzp{^S5)Tug6iSIR<&7mB7By)&YZCVER+l-TMPy zSUlCo*&K6`zDcrRqx9**4Rr_hg{-4n{C`!4p+oDY_(WuuZ0 zE3Yqgu6B1Gr~}3x1#7P6zR!D^9iCHM&bfIUvG8SW)T&w@DfV^wC8GXk&zq_3i)`lG z4JN7Kx?T$z$%VRYt;r6D2X?*cdyQk1D2l6YQ;wHoYhEWxmx{7)0$gVTIA_&uh0e{~ zyCMe_vJ3|`)@g;K+=iY$r!R{~qW!tjNruD0V}swt&m>d09ffvxlGcL{(hh;zgcK>v zB#M$`~2gyG>pg?DEs5$(!5kg z`OgFi`@ibt9k6h423$=}_x+w$w}K7&B)@#gJv*g-I5pNf(2Og6hi|!9i>bzo)UeOX zbtix${$?PXA1M?VHBf7L8jZ44Ysn%J+GO3PemLW75@LJd#Sqm;;3^l&vq74renmGo z$I==uj=2_&jAu8J(bDJ`cST>XwphC~;_h|6+LXOwbpnl$A>jEYO{cLqDB{NuBk*>w z-FknFNkv5!krm3NLa@uy0@-XN8P|VrTNZ!qc$6#F=7-AW+Ur+46Bl-NSE4zzJt2Q5 zZfjey?6xP?MdkeB_Tcf#`yiPx?a;w8f9LJVydFJ8y=-P|JcY1Ea$|H`e3q?#g*{25 zfCCq4oes2~X$*0&u&{}r6gymJtsR)2HnfDzA z^F_#9_Fd~!Lc(#0X5CE> zL=A*8-8z-s=j$w~1YWA#claAN@I6HHwpx2W5zd2=J;8?kJF4PwrN9Kwxu9cwtkbKlFiqv{jbWUfI}VuqAkXqE?uq$c7sqW#RMmP1Q}F`c%kh@pula(0 z{c0)=_`g@{(Zm-8g~+**tc=7!F6r*pw1*I>gAy1m?<=WJ*Os~G9}~SU~NBC4gJGf7V1Ej>@RlH zx0gNZjy3hYREE41&w%C<lRzkA45*XuF&w zG!i)GrIZfkeFJ%qZ#&Jzqb;!Nw7s(f592LN-=^SpbF21_RXK`lYjk@*Z+CC6fNX>_ z;cAOkutjhRDF@T|*ly;d?exoCKi8fvrNHQ;AU1;r;Zwoo`jd5A?2%QoNa7LTlP}E9 zEATYj4~1*E95EM=cr|5_z;0BT?0WlfIUq{Ve>hVlr9-Kyj3@9gmb6XWDO;Jw!C4AM#a^pw0-o0Mw?b@c(80)rFqO-QU z&|-}SA>5oiyxBOE7L9W&)f%YAyEL5VY!;+57ZaCs!egMGfI2GKymi~*)1q+bfmd_$ z?cvbn&@z`op%r~o%~?7N-=2i6c!m4b3{Gx7NhyIbe_7LpvGv5=yuGYx@orJ;<#1G3 zLhl`I3RC4}m-E^ntYTh2{@t=QR+zx(YsYyfOR#zdrVMuvC11p+ltMOh6}+m&GZRmm z5Eka)3Im7TZ?mXt4|GxXy$d=~X&_XVX{m57?gu!Te*5IwzYcuffF-RFggjU<*L`Vu z30uI)Z?T=44R~yEai09V&}J==@OmI>3;~UaotI`?%k+k#LO#m|KkWqZ62>FX|8ftR zz;^^>+3!-zsL!95I^5Z_yxe@a&oZ^!*B6C@@!8LU2JW4=3JusUyzAQDf9-R<0ubQm zzEQ-;((B7P%vo{_4Zd426K|Z5D*ssG5v&ONnkL^k|7t`~V|Fk8ltxn-Cz&@2gnRs~ zPN(U571AA`NpGO*DcElD^62RMbX4V~+pxa*hD)P-eKp>y4SX5N6$rE==9|=EdH(XC zMWLoI{W2dlmME?UB(NDfTQwkHA@AUq8qEy*?nwk?@UhzZ>BP(XA@p^uP?<(rz;-mO zDx`Az9-Lx`Di1lR9bu2w%Hz}+W4=``SOovwJQhPT16dq6noJV3a@V$33z%~kLWVZGc+>7w_vXx8it&bs#W0*X3E%rLlCNQB_fq4q zoEK^T?7My} zL7_q$%Fg7Es?OonW4V_=vd2emi1=cF9Hp>b0xG3BF@4{A0V5i_EW|?{;quBTjIRly z*f$wcz8tvU+B5>VIy|ys#P8$iYcr1iY(uoD(AdK&b+>FAjKulC%5^{9HM3}p>Z;3j zJ0_Ps; ze%|#5?ioD1 z?Un)SBpLK&lk?|wu8-~qa$BK+qg^br{8lgulpLw=hCPv{zqr&>&%e$R4D5*tm~un( zFX<*wWBKZWVzFi@Uuj$@^E{akoMLpOdqY&*a)Kt!@>yS2d1;nr8y{NkkH!R~0&j>d zH6>>Xw>MzV*i_Oy9Lc%V5}N(DVBn_}AV47RU46K|9!yba9eJ}AITC1>X0WB^#y&_# zuec%nYc;+;P8p#85*PBS%t8&Rpo+RdF%zC;}UA^!NrGSfuKFYc|Ojof>BFeRDrPv z`BUIN(^Ozz%}S_2@)pl8yokAB>sIDelKA?R%u-e7Rl6+ShhxcJeDdjfj5(*-oew5y zO-DhYvi!-$Fy-+Lb&#?SF zVoX}64PUQeRNQD>8zX=)6dBqxJ*=*q|6M47%e~i^D>LWhd`OjV&#(ov9}>G{9oWIJ zk)@N^IIt0|u*BYghpw2`{)oK(PK}4IQsd0ReZ-IgEAx2gcm0c^&Bd)&GC?_5ZFZZ8YH0?#32+WfGQ29E)t(v%BG{`%pcR`kL-V5?4v-eO6 zb04qDr~AO*sX4lHT;XLc190nO1h0?|7A>u}>~5Eub+^${{1H^h?IGSk(XtCXR1&Lq zO*Xo~3D&ACT=A!q+J%fa>ZRGvPP*wcXwSS2RZD0O@3g(w?AULxu0tDTQtW&J;_2*| zoIBHkm#aM1LnMWS-~-(I#R=B;>PL#%QJaLQ3ut=wcm+r$79y$Jd4#?$1YyMSQx*{8YKxD&eQ|1 zlCgW>9qOHc7zJe*Z(|#kopBVo-HuUQzgEq)kQdK%{p1}#Q|a0chigxeMVYzp8Fc0i zJ|qdN!fJ>1duTxbDN^+~qo$yoA|+R8{i8-r?Rk4(5p;EO%sZq|G*a8{66b`t%F2iC zOV@iQp{*YR@r3%`@F5TRPojw~4EG(rpcy_wsPh3!l(B5H9>!<}D~|>k_{})#q3gZ$ zEK`P`8wA3wMPNS@0xs5NeSdG>qwaY5BH?8UJ+94NrzudScyh!WsJO>dG6Ge;2YDp$0#_-Ck3s?Pe5XTK-49pyYIXg80c! zhbi{Kg@sgtJn_RrgB+2e*vRIQ7|!RrQT z?0XL(Xw4J-5CJ~|i=VY#Y8}yK8fmRPSxk`at|));^Zx040idLpTW)v6v%)TSvdpMj z+Hc~fkY%E>FNLY|I(RVIp5KyXeZkeFrQ|B+LAcdFUz4JMBw9QC^+2wi4444tfLE*T zv@{tjU77xx?IVskJdb0V;az|N-!o8$)bSYB6|hFS)!Y0HW>nAh7#{MMX7$+OBILH z3My_d#C5E3Dlut(Z>IHgZ&}qzePY6BtTb2fVuUksEd*ktwn>Tv=d_UOT(`>`UQno{ z-3-iz39(tV?o%)9>B}AYQdi6)FTli)QO)b3A#bFZ31*eCPVig-iYvsKY0=S=>SVI{ z2Rt}5%y4(=;~I%?0I{&TFui;lyBB}N=(k0gPw$6?rjSPnSo7s97S!HfWC9SJP-AvB z4Zm9sOQ?0Mf7DR8Z|_*M>%~b+h-U;kpKZjo@G;<~?dvT+t!Gs>q_@`x5m}*pU2X3q zV`37lEtuudI`CSC?_GpNU(4ukKA7ccQ8zTInKWTiEd9v7+{BO^G8jvhY|cmrKMe(u zL5}QOqc|&pQN_O@R$l9*>cvpJWL9s4koPPl32`B_-VL6YuaKGgGpn}f&R38fshD9UVpFWT$%7HJjTK7*U|J&sytyV)ic z+d`lntgqfF9K9KIsk3z(*Qy#h;qJ1&=&{-fh6JKiZ|4f?i$S&DKBUk%?B_QGUo|Tm z$i~COqY>w0Q7@YC^b)_DzKT9nxajP`JJ_vlV1?d`sM^*B>MR``iFbwA(X3?`3JzG& zs_9vqIqkJ2FT$Fg(k(Fm^_%jFu+fmom|yT+7wRuoE2a2f*D-^?3>am;)9O@@BmBwiE+QstLD$hcxR zJ^O(B;|WS3eIq;j_~7kuxNVBHl58@SoE}nXxsSF5NiGBj_MOm7Rm&~n3v+ANw|EOT zccCd`9=_3+(Gw`qhm4>82@3?cUV8iC!P{*(sWhm|z&MW7z^i7LWu1(wZ9fLyK316W zZEvSDQDiayFYkhW?$T+9iLwa>1cQBTq}8ZzuSa&-B;n0{jrw%e0JsaCu}ybL#vGw|$@`^9zx{aXiYlf5x#7bAGO@-^(iU$GaFy<;>@A&oRUWE^|MXySJ;<@yf>3)tQ&s?jtZyV$KJ;5y+ha)8YIgRpY{$j>Gb#^i>CnCW;OZ zbk@~kdW*mepT3OL1`NSKs#9|6eF)GCe}BJceh!2(dIKdaTNaECx1k?>_bD>V&O4^> zq_p^~eJ_!_p8;=JFHclaYwT9Il-7=7jP!7BC_W0{w#==nh`XS0R{wT`;IUtA=c{u_ zi4QbZda<_=3^u!WyV-mCR=8>e63{Zj?cNB?+p?Y3OgvQ zFkJ6tqOdton~G+&2zb^wLODPFc5~v4^A20Z%stTdn&{B%H6ef(pbK_JxA_EcyIoaH zTN>YzSbOT6AFC08g^}zEL}qhsUj%1>9v*kQJvCruU`+9CC;f>3VU7tfqJH{H)af?Y zvI`?y>_>t(4L2Bi#n4Rp&FvmhHt|y4pOrDk)pOYV-7S$C@$>XBKpqb!&x;V_F}JUA zqxGRPZInvSAB;v0S6>AFn^w_gV7qI`H%k+9S#=a zSi^Ti=CpUD18!z8qn!5FpQ*w@u-8I|nKv*WhepNcdb3J4K`+Tk076_P53m4JMgPnN z?b9%-s3ryJ0#zG!gNSzTqq20X)e{I@&*CmaY%$3{ z;4r!SCy>L4Q>1X0cLD|^CdN&%ZeEj#Qg!&|SEHylb9|$!%Ot;Wk@SmSEZw}p)STuD=)*oNqoD_i zWz5W5u3E+0G1`G2q%bg}eDOZ+84O7+o_Rk{Cl?x-(8#2+|FubSfE|v5qW4XEt(hP(ubx|Q4dDC4q;kwIZ^(^ zVUEN~BqJsFYyN^@@pyw{#q2Shy-m!$acBE%@%1t6eU*N*H#7yI3pU#LI~7Ks?9Hmm ztp;#ND54bJ1L+!CFWtVJmEq5c_Rj&ApcVq2GJ;|OjRc_0uD0@0e0KZQ_Z}`QyoxF^ zR^JxlS8=0WXB^Z9snplCEW0(nx}?p_)OOq`g#0i$kOKpg3yUns^V{ZR4vWcXW*>8r zAMjcF@(roAd5 z2I4{t?94e`9CBH<+zCNN<6c@&mqf{g^CNrHB@n%U*U|R7YHUq-`7cH_KY#XEU6FR-YiY}2)Fg6j{*BW*^(RX;+pNuYp61Dp!yGa74(d@Z z!ny{%+mEG?HZRVD`+1+{Tqt|K6#R1faB^B2-Id^+UF&y4z=SP0?n?Wjp?v4lx;4U~ zMFKq9u1V=%o&h4x5`=W~9hKw}HCav)HM5Nrk-kYQqZ#hkGh4Il}RS0IJ%p*I~tM4^$E=!j_ z_P;7ih0y>|1ZQhv86T^X^DtXIjCN)jT>4G8Kx{qUAZ#v%l&=CB{R%mVu$w2N`xCf^ zL$^*!`RD&7%fCg7Aw}cWkRxN+G5sT%6b%_vqx$T}T_*m&b@`hg4gEJ2iiU;kPnEYH zFrdm=reMk(=^v?ZAS$tMOv2xV(EqFY_u0>TZO5oCW?M9iwwe4-)iW^oV+@dL#~A#n zQh$_95(=ZX=pH-2x_a6frwvs5{l7l(cfArbT|{(P6&+FRPh+gdg6elx;!ODeFWyX& z-J&1Rf7H)L(mM#HE;~N-&jngg`4;_3xf|k-+Sii-L;^Jxq(uKD6x!AA>h}ZnSMWd9 z9G5}$*)BS&T#`Q;-4!B6!NFo~iF(!dZ6ac_WXVYU6kEN{wdivh)`$G2E*nbPJhXY@%+on@lRb}+#bUT|uInX0ca?Z{LZH$R1x|!h_NdtM9KKKw-2qN#7-sBPbciwhANBvQp#VWapJk^dOJ?A$g<|cmUr4T- zKPj>m^JJJ*XAf!78tSv8WllLoXq0(pWYrRV1neZX+pJ4iB|;Aac!25=S{!7e8tjE6 zs0ZG*%UmTp1wQI_tF0kBeLEtRU$E@}!QXCl|8o4ST69u^+d3L!zh@bH&PZTDBjL%Hk}SYJ1*BPCD_!gLz!G zw?h@H6?zn3z8g(c0H+%5#%xD+n#lYw2aiK$dYywC3wiG!xEJ!2`5KPqjaQG1bIHX6 zha2rQ?pV*jE+al1?F8od_twBv?el5QMVX_T6Pr?fN*S#wq~$6$fW-eEJ1|BQB%Lbi zU`BW+t4o6yRGZk$q8PQ~%YR^3e;U}Xyt|{0w|(Wsk>tK)G#x?gxYF>DpKBb@DkWN0 zHnu>T_N+`8KVUt}s7`+tNAy%zWIejqwkQHN)-~MYZ`a`&(t`a_7uZczA89d zb}8{iYuRNh#CX=Y!xx&_`BZDcB+X-c*?uf$wFQ_2n~|OUS;uwfT>`&Hqs4Ol#K*S7 z!lG=Cr`uhZ{HvkCLBq}NpUjSjO6s*12@WTV%BA(22-dGPN2XgVk$_`#xEquz6DsT@e&vY(-m{ z?%q!TU9iYRG`Z03gf3XH8o{6o2ERo4E@BnNJ&NC4C>*$-v}flBI=-| z)#Vs_9Mm!xQd5b^Ea z)#h`fz?j(*&7_l=B30nsOf9mVt?JglJW=zvC!*8k7Y)G%mPeOg&N8@O&Lv_zDbpV$ z5tU3u?L@asZPz7#eK0br*ft~VpXUBq>Ea<$7yGu97m;9jms*S$!rI!meEhWoP;FQw z>QkY$qK`W#8_6&oxfRccJNV#%o1~b?CKbt4#f!|Ph0d=)1{Y0EHyN1&pyPh5DPv&4 zwqQ5f&%q{(UIZ=u`K#yb{IBCdp*tb#5BbQ?48b26hW>-NjyLNEc{v_*G zs;j-RxKDg;(=g4=q8LA1A$(T#Yr&ax9cc+cr-#q;v%9@#iyO~l+s~h=uF5y*aEpm3zZYUrZ?f&Eb~yB)Wyu>tV2qGCD4C~cO? zQ?k*j$|T^mj4h|qE=u&l=R5vPWp*u+*^6&M56_e`7Yr5E5_&k~7zQa_j$26vuWHEY z8w@fpy&j|L*vJT*|G{iYQk|UTVs*syv=Th))Yh5%@cS~giq51yAJ|WnNgURxxSUNR4tJ!qFVc?oO4LiGNR{-)!sm7f+Xb~mD4PToi$fA- zZ53%T`QZWe^*nx}OBz-MAJL&Fu8XY}w)-IR>xzqvvLuFDl$;ot1ZO|7$EihfY)?a~ zNqLM0{*1Bd^1Q*jn=yemu{O^aBm_!M1VqFf@hEbliTNv7l#i4YsV-mpucbiH15Fd^ zm}i)su=dbDhsdXpSa0p3Cm084U_z(eIBl2~6Qisg_p`~pzehXfpNYhr%}2ClW-svf ztFco{X`4}#VzoqDP&eydfA8sn=?Z|1)VZ<>)yl76M7siGVs4#l&sRxgKVKgGhPLoEgoEZ){FDC2(3yXMKmIvGUHv`9DH>X{g0#%9* zsJ0SqR_awtP&Y`n*W2smD)3A^j$S((bfoykoY84DJJgg2FVgCGSI%QJP4ABZioS1cua?=G#Sc^7C(QZjH_7orn-~ zQ>QCUswVPZ4>h(oOS$_8@bkXq1l2vlmx7;X+(*%GxxHOGuC~OrwoF>c;w_IhF(}}@ z=UjCbvKQ1FUlP#RYC(edN$mLrPuV^D$Qwfi=SP}P8_Z#5q)u5TM((ooIFO$`owLIO z8OYFg+;>QihNr*b`!X4VHz+$4EKQ4AJb8Ir=K5v8&q1z}_eQ#u_qqp#y&U3Tt;Yb| zmld=xtRrX}K@Sb+Xue7b4%n7yAQhlw_aeeD!!ermG=zA}=>SW9edJOIKqat>G&D5q zkCNp-sM&{ed@a}S%C=f*T)m1A4@AM=&d&;Eez+h2EdvMm?{0w$FrVu@T^uofu!0v? zMy90D?WK9OHef}6gp;r`aQyuESdl2uP+#=H&aRJ2qhPbZ^EZU_rKUqZJ={oYZEQ1W zP=}(l%$7icLce)Od(l|nQdDjA9X#%AqJ1sS)FKQ?S#JJ4zK?=uk!0Z4h9&sDx`J?Q zCaJmo${J)xswFvBsKKNsb8K)m0ez~k#VVf*#K6Eq&S4d22OT_XtyZXyW=k;d-{y?l z)`FBCLZCJSK@)jjKoc7cMJ-Ioz#t3iwaFF<#*X1?=}rB8^2PpZ(dMVsgZd?%{XMTu ze579KWVzW&XyhuN%d7i~EA6Htq>Gv;L5-1r0>Ee>1P|q7fJ!&8LVWg?%5dc9|E@UE zhw~#`0B&f_kCEX23S<6){t+Yq5z*~=W|KcP#rc?#m)m;>o6&~^r3kwUcPWB+L_)}2O%?jQ&G}PMo-Tqc|H6^ zM*b%N4&n_81=Fif`Zuut&)|;m6%G^?cscfB{4rXAA_UnSjB#1|k5PfwZ@t?#;9|@pR=d?iXJNt3hkBAZ+GA^BKRi zoMF6%hLrlPQs%?P9SrZYcs3_itW}iPY&0By7rITCeS=!s8$ci;yXq1@l3IEB@45RYA{`DF#+3DP5h z(Znx#!My2sr84zHbIYq@>9fh(FkqlTU=;rImG)2e#A6`=>X%IG72vKC}dXR#VY3w>U@0|vUK7pFYU_QD@*9b!4@&-jcv zYzX3{)X3$;)H?V=xEpF%E$gpjhv(Igc91Pm&p7ENQC3?r_>A(#c$Jfv)5pNEV9+Xkx<%X&zB(rbS zAaGvsPndYTjEF2m*P;`tmp)Ecl$ucT{^r5#M65WvAkGPC0URl^q)2$l0Z`>U^k}EQ zCdD#U@8a=O>cKL~{X({tmo2}<;Twj_`NkoHAci0&a?Yp+q{ac#ic?3}*1q-ZKng)= zWX0Yo_O{fg!V;*=htkhUu6!PngHr zc^*~A*d@KXE)jdkW`NbJ!m`U8jFa{}%-paWzj%()M>cP+S3SkcBdIt!q>D;vn=Tfi zi`FqdtYq$ZZU?g&qXj^8Tq348FXsvPL_+$#0cE~X0Zlb|om5KYWsXblYDKTw?*f7E z*|{`LB3|}_j|2z6drhv*XxmC?W1sj(Cd@4&6`NoQI2|UAbnMmaeL4?hm6Zequj*&H z7Nzo&JJ|9~w)8||XAc~W&V8hF?5nUA(qq3k?^}06rj^{j%6uAvU z=m2dfNsa+t_f0g}DKeh{8L(uVeBAOZn=dh!z0fBkXRh^}3ouGvcxZLGvlcQeEV7%1XBPl0G$(7DB|-w7oyD;wAM2`CkSj7L6|D;?F{ zT^=&9qRZK<7#ZAzKuqDBoEbx%dPq?`3*(0~98fD!W?(Gybhgkx+?c5-k3U(hANc@& zG?(F{VP`lPZ|@YfYdT;&JElWmJQWZ9@%&lnDsZ%X>Y8u`-+CG2!Ro?zs-w;3 zSs@{#sxX|JI|Dl{J0c3e8ce@S3aEtD%XA2T;mD*#Nj^1TLjbY$TFbiFsIls@h zHkt`i_XR=ekQ*4|n+cWbxekVC6!D!BWT}A+IJ1TPP||&@hl~{7s>fMh1A>}CZ$}uI z3(hy+m!$Y5p9Bulwr&>T;0{9xJ72?W@&WJ@JUApkI$8|`qPNFVuFCz;bhXcR$3f9f zG!9O}9nMML3Ab3yoG&wkuMf@Q4~lA*6Ir1ck5vgu$=bnjza;V4RRJu_z2hXJs#vSr z#(M`d4b@Xs=#F(rzPl4ppyOfuB7U-~39Y!9z~FoyZ00*o){c^OmJ`NqFubFXp*@Oa5xF8RLc?K5?1 zR^eR9+za-h&DA63CeZ769n6U1GUfgXCaL7%dk>grT4Dhi;vsv9PG)w2-IzpqV~wd< zr%Ck^ShLAD+1H{m=0otYosmAn0b@tu#JaD2RqI2EmVo1G@cbmXvmsW?B&jqhI*18l z?MzGZMUOlYq9w4kJl@N--x-?8Z1Kyqx92`J8&*(U9e{#QZ9ZEZq3iiTb_xAsf+jq; zDTwHACtE$FpbbW$P(q?GHlx7UO^?qB30QA5xg87_b;QPKJ$-+U1T^tabPcZH^_hJY zQRZJRX35VQ`)2Mw=7-Nfw`5GKoDPEVUYt+nusHZCaNJ^yfq|f+nU=r-?HVPUcNi=$D8|@D7 z_YghMtKvvlOyMt*TQ==I8*0kQkC;dnL@U#oh?Rkj^zGUxv#^}AdD?}|Igq2lsNcTA z9Fj-8cBS9v-c5WW?N6mUgr^0J>p){r%AiaNQb*I+bk*ycY^F{5a23ywE-@&6nm#iz zb=BvK%}6oh*wl0~&jBBTrE$XZGf_jn4CzTPIY3ShS|e;Peh-(M=9C&l;&y$o2cSedI7#(I+vOeyu|xaOBOc zTjuowuYM~x-grY^D2O*<2B|Pp^DeWjRaN7t3RS(dRK%kNNMltF$_ucAv0)a|bzdki z8sneXhTn$@T zB}x}60z7xw+L6G|(ymMfd*+G9m)F#iv!%@>&0^Z>hgMS4?ca^at>BDj2>rR|J7|fY zb2E_OotCi=HxxAxjg3p(RrnPj!ycc7#v^)MAafT`lcyIch0(eoS<>S{r_8Nh2o+cl zDB~ogiVp{`fYW@JgXeH`q3%GQZGxfqGHtQSt3UF+e9mCDT`;Z02V0|-IzSLIh z6*RT~(Oct9)`7i)Q1rh3B7<&}(z=RY-rlNyL5-{4z%RXm(Slp8^?_PYj-B!sA>934 zbt93hi1h|J+lMt>^qg>X~U3@t~t>iQ9?1WB>U~7#RcP(m9Uu$2g z`}8ODmr#!l@bm_h)+nCuh;9x~?n|mqsiC1i(HtDoNFQtc1WiBmKhv*I!@aKh67K|| zzZ$&I@Z!MEmiTof3q2i$o&v2tUhP1K9}y|;odYM4PbddN-D)|@7(1#v@qK|}fuH(N zRUduC-SpnG5ZbeuQ1@1GaV=|@H}38P4elB|cnFr@?h+ul zyEX&}5ZobXaBbY(J-AD7*8su4#X0-zeP)K4o9|+Nb4%0RYgN~(dgcE-RoWSk?&}ht zboR;>w(7uc`3#pRsU}Bfz<oWc^N1G~Cy9or}CPm6fXH)4A+BIH>x!MtB zd2@3CriackzSc2veAi3Ke>YT`r{#O}12Cq3Vv686I+gv}S=QZ9eW(1hg7n(BjJ+>N zy3v^vG+(XSPJYf0lXq78gLv1C_u4<%$mx6K^t(!FXnA-f(fd=$*B}i~^=wT_gr5kY zco?{E2swKwHX)ji_QEsqWYb)0l>u+511GS`^x>=JxsX(MiYOfuJWWj(P2J#_2yik= z1GcpDaR*L{tg261X=%rN4=SM&p?#t7vEvQ`s}_=zD5L@);xsBTVibgmByPl|!IfP- zFi?yrO&(ucf>cqy43aUi$%YGmy_Br0kOSX_F5+r@pY_)ss%tF5vl&MlROA+D52i+m zTYUV~(0E};O{ih;jW0h&?bMl% zXG=`v%ag_04a87ySDDC0V)35Nb6q06h7OLpf3cQRsUdK~cvR1HkW>I3@fFKp1X%EKtEy?fYn1 z5%5j$C3z6a?n~u_{ktd}ra~Bf&?LvuHJn1*!I!46h)m+}utS`yCGq+JFha;Kf}~;k zP!*?T@4`so24?px;8&TL6p)LU&m$Q~ve?+5QB=RJV+RPMjGnQG+n)xE)*EG7#gp;E z)q%X<2!0qaqz}AC+j~8S-m%Y&aEJ(tq@&C>X=}{WF19)3dodC-1uknZ;V)Y*4);ZV zQ%uzZK}=#&@0;0W3mf2F&8%->XVh&11}Prd-w_ra5`4<~ZU+fTMu)XB#f=o;elQAU ziQetoUPKZ_>>Oa%>))P9hy?LH64(5_r2zC6np!RrjlwwjY7K0tU+wgjo9S0yVSsLe(pC}MV!L^ZnP4>UQ_=@N3l2G=}7EhcZAVSnTggu)Xy-2-K<@NeYdhPfkvktt+X7 zRkMNoM38sYsPDYoI%`25#i zxsqgFo&fX)fnj3LYjNH!k)oJNWWQkJs2jN(7r~@>G0MCx0U_Q8T?Rh z^jj?uap9FdqN+>t9UZ({5dTw6?zR)kmvTmRQsX`=T@Y-UkQ$3mS1j5!TF098?jmUq z)RI0J3OQjOm0AIb5~2hb#xc;~Mr}!$i5f!^`WVk{Ai!?`!ubx7hLI;e#iRQKI^o7S z)V7(Dxa#9`s#%O~n>RF27R5;GevB)FR=suQ#Y2oCj~GDR9IGZ~FT$^pKWBy=nv&|A zOJLTFQF0vMl_n}@?^UKnG#}p>g}#J;GPN@yQ_xtmw|?`w;zsR1UI5tBuaK?VQBdo1_(*;4&$L>qnM8m9e<$j%%5qW0mm`L8DBOVqBX0OAe>=@H+N_8>fxZzTrwB~s z?y8c^zWap{_h(!%1j0z5WJdEyh2;Jh$#0&#K@@$R zIA4fJO#dQ-cv|0sb(a{7FI&wu4@TczT5$rN9cKl!jqgqUd@zU~?gSLa3OYYcGD}Qx zgs!m#jXGD6U4K3zY*T~HnMnJk21bkyq#hL zYOGUWq^+YDiq0a|G(c(By3Bh;;DyirzxLLF$73^Kzxh9v%0a;FXr*RiX1-kRIeD>q zOa<^NyNy`?S6COIs_lha;rHTo*#HF2uLPXQmpu^PK6@avhH8ks*aD~nYVCHip?m+d z9sa9~Zg5gKviA+UIvaiZ_MlzWjfZ7--708`}O-Z-LdG9Se3?-~q1{{QJo)C9KQ zULH^j2x#}A9>Ve+eAoH@2Ff;8*?_ykj*4`jmXBCrW5+6n$9JWAl75zS=3T`8l0p81 zYJ>5qHlvBNPcqLCmFoE6DvN5+LCwLm^yzUqA`wwo?O>OFS>h1-U=;VBvqdNKbfafK z>pTsQFIX#K(}w+8kB45Al=!FE)n~Q3nTj>kzo+dKDHJR$tiz&p-N4~|)yPLPpudJK z|MoS|lq?d&xL=}g_ybxu!{@sJVTm^ZJ+jWKU4?Ka92B7WtM{wiHPr*NukB-ehiBb~ zXhnXF=BMs$hqFh*^M@EQ!n=*$ulh}mtO`oCx<0y^OgBA%XU9ad9xkTa?V^sRHdvKZ zfLc~hs4Ct`4YrS&tPJmMAI?8NK|vu*y5}*U@c_Hc5^pkxN$BtWY1y*2N00g1QkQGX zfu3b-`F{u?JQ4^kNwYl9nuunjF8wW&JemPLP5Nzx>x9eA8a~{3;>ckQR$(UQxOL`5 zSk7I+n(tt4X<6yG(uG=~Ywt3z7KO+}>)78O(i3g6;(WHNPO+=sU{klIGr0HGs)uug zO-|nM6({b@A+Op-#k-rtl*ptv%=ZLAj>?v%(v=s-%i0(wAI{dc>P+y6YjK~G2degR za`N;8yw0bgnWIY2*hY@~Q<`2e<8Zx=Jafy<(}=?J%WN^tx`q!Pb!Dvh*VatdM6=NX zLVCu7PGk9&(^}Muw*?e?p#hu^uYa`?P$}dsd`k{P-tvEV<;lz&L>fo0-drV!4@uqyJq=W)YCldG-cA~iMj`58q*HVAIOQ6)NWsR+o@bXh^KXW?nS z$0{I(ynipB{#FxEkiwP2_T?t(F_@*h=MAUw$a`EJYBqe^xMubGh9X_F(y0GDKf*?<8Ax;GP8)7Mt|s zF+X=sw^}!}rIL+2_TVFp@>H0)GZm7vWD+^A%&F=~CO40v z_^Yjv&%bxa-%H#73dA4mLKkL2L_~bA2&v2~RdCVwjgZo|?V%QhkmFr%B$+J^b=|6u zXK4ogIn*{B;=5##0@oyKkvPV$iL@XDtacc<9Ni|D6`(D>ykG?oX$wu|wbsCf{)+aW zik*aHU!JpxA6nzJMKlGtEa|spx{i=}ycJ6+sd6<`xF=Wy7fP0^{zpXkRE$w^yF`00 zuRrd4t(JE;63ar{dt^AT!)86>aP8nhAx1p1K`mUCgp{f>0UnvG{)}Hv9Xlebv9fwp~~`ts&FU-2E&@=4co8g!G;0D z-}xrPXnx+Xd6EdYln{IDW<4WDz(x2$qp|IbWeBf&3h@A|d$uh3&u7r2@v^fxRwM^; zb7v=2cB;6p>sEk$oO20`{VJM8oM~I0<=7(dZ+-@>qkdZ>k9)7#v3B1`&$pkh$OP{? zSFuW3zCWh7-)X;r`LSjGF$*b>D8H0D6qOFXEF*<-Xd3B9aAQsN40$@iXB$@ill2@M z^YiNzEce|o=WVb0BpnZfAVnP!dPqV}%V5S27eNCt^~T>VA{Kow*SfMRr!nmy@7A)R zG^2ME%e>A`&?FGATvftiQ6ZTOUKM$U3zC`BpUIN9_{7jRtCsx=^H!NqdfT^tecZ|F z9srjv((`Yuh|uX^W+YWHmD`$%i%S)1q*n!e%80{v}ojvk(PLqhdBz485aN6 z_1NlUl0KxiU8=93pAvq$r+m1*l|{_JuC zhdB3qrzmP@Veg<+McP|8!thzIdPlVyoeBr|7#WL^$}loCfv3!a@;^^mA18&QH1Z6F zzPSz}(?uv~G2oV@7)-uv=8T}D3eZGGMz&ss9pV*U`DV%Uw-ePMGYCG(0Ku|36`G6( zWpYlgt03Hx(euZ9uMK`bH$(-i_82tIqrQ`58pk*NbP1!nZSKVtNbc&!9&6n920~URz_45{iz+>wCXjX<2?qk>6owkNI{>tVELt(ztfBi zaaO2fL~d!KehA}V&R4x`W~`9xQO@Rf-j{lMeAoi4zG6?>o>tzO_&(n3jEMe^^bxNx zz@uRN{=Jo`&s`xXmNvEl1T^E+KrylL-u;=d0p;XSb$sf!EN`Jf#%GChKA0ImW^E=P zN##id;3LV~bN19{*5=jURg2CPy`b!0zgPv!$RL(P)JYm7OUYj)rtV8(@h?ejTego8 zarM)}RIq|$1}JIG5Si#win*44kq{AFW7lV9T4`wZ$cR5Yo*$x~i@Dn=X=p9wiN4FC z2e9lf{S3FRp$%{N8WGkP{yK>@b@c9lHfMl zeGmm;HhZY7XDku3911Wr%a(yCF8O3;HgvO-VLJ#(4euYbs6nF0tb@ZU$8x+D`){&9 z{xTM<+k>xSUf4Ih;ws!qnM9Ky*)vh}(HS>JBi0M`>Z@ONDUl&qwZf@hnQ2Q)KOl~R zCa4?&hKZkzU_>DdJ!8^4w&@m4JsGu#TvAn`*(XojiKLRkaTk{h)X`Y zmD6SZmm8xm)lit<`#%BnmL~kd2o_(HDgF&9NzGth(14_{42UqK8;4V2vgIMv5+x)g zCbA{McJXO~WJFkw83O)hl)$(obsiA~P{1bNn9e-0{2m#T4r&%xO3t#I8V-yF7 z0NAzInebl7&7ws90J#7{2I1I0-}YbJ&sRmLfycr4w6r5zp6eH{J4)mOw$xl1)+F_( zUoU>WR68|fV_7{+&!>Mb_&=Eg@Ry3``<^SOOo)1E(17Q0(OsJ<) zFqe>&o_D!1`xvr`m(b8WRYtwos@wf|q$T$_rq|r6(t8hHc@oWN(XO>glt^i9JYL>8 zzkfvwlsBwmVGm?JncEb`Sx>^(<4K#}2mqU?5xpAPBNeS}*c$JOrG7^l7p%$o&c4yS zO7-+LxQ-cY?f>9Jvs5&ErpLOhu)jodcBEh;2^nRYoM2hHVoWaj>aF-+$kCX(Njmdi z$WfQ0_J1KqWB)61L;{8Gi*?9%o=AFkc%k%*Q^aTqop;0CfpRTq=hayH2|aFE{=9oz z(*W=2#JfgR2()H0gEZ}WM5d;SKzo-weK$M#D#gL%sHiG3HO_bsfXI+#Hx({F3@{ZjTj!jecg; z{4cN(<3mWqL#iWBe-Hc{#3ae9UM2U>w-!el@otlu!~q`MGY+3TuI&S0jvw9Phjpsw zk+Xf$-ZdQjNth`9=zY?f(sdpD-PVrF|QpPpvXX?8e zS+0N#?flZ1wU74cbP(_H=`I6ABG#ZRTim6C^rXh+7-8KuPf+f-6)cApd#upS}eP{ zf~`I9*p#a#b#<2Eem<9I*?fm~vZU~yIE^}D$TM;tb*YaUI{^^~OU+LHhnx-bN223< zY)+RM4|n5HxQ2~-CO)_8psTnvAw^f7T}OyONSLvKANe&2EF%ZWCt2x~vHfFhH^rfw zjjrm4PB7OVL+qNS!s&10F4FY5Juh}D*lwv=C?|RIto(Fo+xcCN{lP(3%N{+zR?$ zSdc3hwZICX)Y_jM72`cGE-p;EzhZJ&&M?JVo0{gm1!NQx4URiS%^#MwBmj`~+u!BB zG|w#20%j$XcHG#?+&Z+GGQsACH+u^y<`8RW6Rzc;|cY zhkYKu>*j>UuBoAA4Ms?pVk)brTv>FFGk@@@`=Cu9=~eOmefr!)+^5GPqlZ>4HJb%? z0~b6@88no~6TYlmLbu4Yc*{8KCLZZ%!IXU7ShcxcL6p?*r3qAz7d@Amn-CkE9$X2l zYIsB58QZ&D+yjNnlZ=~Nce!DD*C|~o$Z)B?McGJ5DSb7g<7)g{%kD(sG0=BnA5R6@ zjY~@gSSPPq!rjqGQ(E8S8Zd4xcQmE$FibgaHkUar>fyH;j!e4T!>nHq4+<6)+}oRH zp)iy2;xjbiMO1UAotPc`ZshpWo;T5;8EU1#7$6{|lZ#Y2&2hD~{Cobx!d?S2(=rXE z^Ll1>* zhjo5Ij7d*ti4?p_LLuV*0C*hIgoJPvw;%_T00J$E|CDFOBGS{4wIVHO>(kL*{p{#v zqUfIIbBgX^p*CM&8$d~ql5Rso-Hba9-`aOgNY!kU#&>0N|KWJEIcxdp_?&_hd$!PA zw?P^n#{~~Bfk^(K9l5HgK3GsYr~gv2cCJuoXxagI-W`Vz*-RJM6ap`MCyP`%+7bOd z`wWiT9^R^vpNy@3g40f|nS`C!jc48c;5s44x>+PWlxsYR!x@V@n@CeA&7o5+Xy%?} zK!Y2QW89cCfYCx~%KF+4-DAC&%hcejF8sc?zUw$S1X)P3B!eqOP5M?!8WM4#g1sOS)S{BPlTT(;jBCd=nEt5%+s#unaoS?>GVxZ`Z z!yVUYLmNx{N>wkY9MeVwl5Ro|JH~;DyD=roZ;n$Fn+?ea-@?%0zJ9KHW~1uDkiPl% zx}$2aw_9vJd6@JA5LS}7dLdWePSI)FqiZ??e+pl$`kdT&^U2$?Tm!t{uT~gp-p<+{25b8E?V-Z=l_ZKTAz`5;?b`Wj?emQ!4yoYm|tzDr1gVs}1o*7{f4toG$ z8Mv7W$GJY+9Lr2w2(|m66d90I2cG=#mQwB^O2r-Y0|eNUQCMVowWSkcI9s6-`7W>5<$Agst$h&tC~BB*ZtdeJW}BS7keo{=#Y zkfIEX@T?xztP$`#6`%kqqR-71{@!wvYfczO>`iP~lf~ayR9{Utbbwt_it$gE(v*kn zAG10F4m&4_4az&Ejcdm3U*%|U*iM~o7sxe-5}2Kx?0jXP@ZJ;pL1OUFCTVsL->OkS(gJo8l!7Y3dni}_M`NJ$iw(LLVpst+6Rc z{3Tk8#+WW?{F52iBD=08=vmymbP;>|DlM+>JT@WU=LN(cl`K)}d5Mb$$$gc7{{(EQee*&ZsvIUA_*7Tp&x$^El5-~Yh=Z@;PMF|!{>@fJ@0acU zW^SsP@Y@Q&Z3^ecMbd2UDxJX24XHJ2^{+);SBW>2m-U{7*0e~%{!KQK^-<)Rtq7?GZmfo#gGVmp{x?S0C51fZ#8mX6KDnP;)6!fVg?Aawy};D+p$;RXxwLqQ7UE*-p9>gafw_9GvATtYk1cr#AukZJy7h9b-sPHRA~atCBii zeM~0yxA~k#e(z>gRK}}WGz=qK0~)6y7Y5AlhbxfGs`S4aoDY7qGO(`VkomOCe$dM@ zy+GZ9tEm;qC+pa<(^Es3H2IUts@MZWt$Hfh9Dzcl621B-;o7W6xvayKqRKrJ4JC;t6uRP`jxu;sTsJkWm6fKA z2Gvi6mP^ZCDTop0+Q0RJJ-Os8Qs};MA^-LUeC)@Cy--a1n?#&%)NZ)>Zad(lVa^s7fJWv)Ts3yPjjoG$MH|?Q z5C*Ydrp8-q5vcyXo#4H-pxt5^(fM`)e;14yJH2skWF+IoT0`LpG-X+Ma9x6pLflfJ zGXf*6Mo2xPLyG?BfF^0NA3a^hi0cJ$2gQb)H}_!!9VL_hX|o7>#Chif#*C2s_m%gJ z7J}spJQ64gi>6c2UB6uoY8uDL6}UsDi%1zY6HJMuFd(yKtr|ZFY@&= zy**wf{4{DG>N*K$5YXlUf0-Cu9EO>n*OjW(TotfOK%1bCLgJaUBxWb5gD-maeceg4 z!+s|dk;FAA*VqMLblxCEw_Fa2QcnOUhFymkz=E;L#kzLGG-|<*968aDnO`cdN@IA6I}_Zta-WfQ z3HTZ0<6l}EK}B_|fI;%yX)oL4nqL8uR1h+;I@?cI+v6ifgoX z^p#XzYke*;G!TU|!P0Ri|14OmMe9`6w=7Ht;iVqqFW**UB*KDwe)&duW!P{4@)+Ff zw*9SEFD%Zy2psr&u!K5wBtw_lw7FMTv&@=U$JMK+kvM+$vQ)$#0_2afe#KXLRL>{< z)L~&--}t22;plKX6b4f!KtQ*_7qB%H*tm-HM{FLn(|vwAGMm?9f6(b~hKA=#R;<*0 zbKhwJgOsV5Uw!pBI(K0?VV1Mt*DxR0tAt&a1D^1YIkvGjE>jL01y)v@Bp{D;7u9{M zaW(@7kmX0rcdf-%&`inwUfdR&6{Ae_^O*I%i`??s=?S$LUnD-sV0tzHP&xnKOV0Dg z#;Jk9RAp95{!>^I{-=vhF%dui%vVW}9KETHwE^EShnAzAS#qV5Gu|IPP(>76+mKkB^d~XR4 zoH#C1X9_;G{wr$C6;}NYBn2=-fYLO1%?HYWZnbTIt zi20}x%%#aD)jN>}5NT{D2>yFw<8Trrae{xk*U$qTn}-O%>)xFL#sG{K^!fJgvqycb z0WLaN+#|o88ev8=|FYooZDa>(*+ppCdw*95nfzJR*GL_AfViNAhv3jS?@`v-(N8-C z_1pe)Q0>ZU`(q8tpBpCh3(s^VWPrP6a-a*`8QD)CQH<0+LS(1_Q#uGcA+;P)CUQDk zG0kaFi2$!zJS+AaG10IS7e91-zA1R9AL|R?YEdHm!5S#`@SqPmHs|k}5$n+xc1R8} zW1#~S?sy9F^Rd0^8BD=gk-{Aiy&Kt8<1nAz^L3y&`^7shy_M|87uAA)+XnXUyiwIn zgRh`m(}I}|rESx)G;$*bJR2uJ^R?Fi>Q6&H=wckYrqW6%07R3s6wvr=P(xVHvM$)? z?sk0Iym+BN!&DmPh3Q&IBja2R`I(6PYX@wCLbjYro&5bHr3>^T#FM<*M+<1XU|_SU zg?!8ilsf(>BNHPU05>pKVQd08MO3;RX}Mp`o8`JY>V}s}MoQ`N=Uvd?yH1P$2QiJb z3`2uxQ4*-wT{9$y7B!n>p)_}ScdDPQhip%4XRX8Y(F`AbT#jQn{fHbE8nzo*^z-$(D(MbB5q5o$XJ( z{Kop4Zos!Gvs($&8MgoyTnlEZOr{!W3mDcw5$O=&d@ug$*c&7hS}46viT3Ljf8_p_ z#wRY4PkQ&gO0lHo2JcV4ZTuSMneq&{tL#8!-#sb~ID(hA*&6P&3T6;kaW5%w=!(O2 zc(hEfG$i**GmaYGnom0j2q>OMB*U4^}JD~Q#G0)XT-`kB- zSI#BSJfMP1291f)Y7G67_!lu~aD8{$Od*VuT!mS;M! zCu)pG^zF0RvC@n}Oa)N){4`z7-Tv`k#jGlfy%r4i>zS&)bs(AcK*x4_k8typyPW%|0-eibqktGZ1( zH76~=9#4&R>)Bil*))MyiHh(*tRfNG+zgxz$P`ynLV~nf)X%eW0pQ(SQh$|WrsQ*R zNXDTC|98C^HmLE8GGsM=(idHY$U$t+!euxnnwNc`te@q@E)QU*7dse+&(dTRjSn&} zwq_QeWz9#ohA*>LozIeJ0&r5?i+zUL=RU*YW!J=uotH17fE0WIP}AQmj(ER#WmFiG z|MHMZ0E59l|BoJ02QvSUdq}N4EefFjDJVLO%y@$}fgSTR)n7Ly&`AGI3Fi@k!O~b! zMQvR5zA0gPdfNF27xRfOOczY9G3&gn`i`jp0WXJE6qf@*UVVSgS)gqNL zxfGgj$)Bm23|;N#BsgEV&OJAlQ)R0(O)vdmpspEi#aNU;zARJf#r5I8Ot%gJR~EV` z0By2d1=)(GclYJ6N|^6Jbw<9H}|SH7clu(nmc zB_(G*QXbP}x$)hX2ZnEL(6Y1fGUi)C$=nnjBu-m1g6G%1`2C#9 zjj|S2U+&yIt(f$bDPqyW5(AoC%_9$!B#AKS3QOX(R~D(Yk*`yx?DbciO?e2v_wrjq zFMWvl&-8774I?8fyH&er6U*9mKM_YqO)Wv{bt*a!U_&HIoohG&I*0bOw4UGnaT((F z`)ac(+4*&BgiE!d^R`rL98UTIu~w<=w!{LySRGCk0d?NrEF8`nEgVqea5?W}dRDwA zXz7)*J5$xsG~{tqrUu`bCvi{YqrJkR17RiIX-01XMLqA02`YLTG1A8z1siYQ#AY`i zdGl@SSD!Hn(*JXrelQDZ?e{kq;naOqV?vA}AtC3$Dm;YBvqTPn5ecWKe%}TbTMn(0 zUpLJCkd?dQg=JKsn~t=WkoEpd(>lL^X=K%~{7E@nXD20?*-cl&WQ`MZC z%#dQAO!TmX#rGnSI986&2Hm%uZw^w-1070CLqi9ZRf2~7q)&x2)#aXy@}nf_iBOF~o)D3St=$`}laGZA8(#wQKcW zDwR4dZ`50-@5UDeiEq_)ePMlXCo_f%MtZ}EwgA7O=x2{6_nkD_u3&T?5CbFQ7TMFE zU@rjlQc_X*G&+{TC3|~)Vmo>lrmw4Ot(TC%s?P$rxH$Y2g&)9G*ZC#a)=ISm9NC2c z2kAS;w&-Utg>*p$x_a&Rw9B*VrCio@%wP9!#O~R*#Ovwdn!{=L=N0|eE{E6np15NF z9_fN<`KsxnMOXEqMd5@2YJQVkOO*>IdZ^NzOLx`t`+cM9omHZtk61nX8I-a^#sf2* z7Vg_aMjJ%G2vpsOGbdq5r!X%^U_HZC2L;v@i+SPpsVd>{4D?BaF5urIy(L4uvMa^P@Sv24k@RJ2x@SEfvOmUAct z-Pe_y!VfI`9EzmhqgaA>ad0(y?T~&DX-e7RBsAUk{8qQ5l)a^Cs&&PiUCp0qh`71~ zV7PvOLEPN^5t-n5(xSe;v9a}dcjBtQ4M1Jg&s?02T?eegnBcWk5(83s>#YTdp1528 zJ`fpyFos(8Q|~vz%Fp8zKj<1Bt`>7^YcC&u*CUUh0`2fcn0rBhVzm14Ndyal4~n4O z@AuK-tnQUwi%0U&cj6P}wPi?wQ@Dn?VjYLdK6;HTu~MIu(p|UTlN81wcD*3`qu$1M z%oIMur4GKCR%g_)!QDgpPDLYAS%?mukGi=sBnd&5!AQ!AnRC4A`R(6Jeb^?ZQlLV^ zVbW5d!*IQf?&)k+9vVJaRLeV`XO@{Rpsb4}pJy@flkcENv&~Q?h%3@@t^N2##SEXf z*8JqyKs+w+KAsVCpD0J|{pIZW^kM9Yi(1N`dn9Y99I^S z`9s|y*x^`4`%{Iz=M(^3Y++&XEyf6F&pc~D2)V726deHOX>c%}arv`XPcR4cVE9Ia zfZW97WVpkp&HiZrKY$yJW8c3#r0fv?cmx45^g6vH0mN!9Pz=_rh`y6k3v4ZyZf;3Q zNokd<)$OKHxkdi~X}&=qQq654nFE^NT#>csrddr{{l;$_{#QgI-FR?;yu4193 zDn=AU`*x=LQy}<9Z91N|RNHm36-q4@vNWoe={m{G${+RbDc;=Rzb)a8dhb<@3>QaD zuS>aEQi5rP;+yud4>OW3yZ|u064(eak; z)A80dcmi3{Hay0j(oT{ zyz6jT9wcXP`3)8EPkwwZ+@16e?EWo7&;Im)?A zZH%W|P*P69AE#3h?l#4-O6GYS#sgMzp-cXA~-t7=3&3 z!B*4_pfTDzU`ouAto;HQLnJ6cco^XHGiL4DdT%qpVQM62uEp~jFNb(RaiB-aHYk`U>b3W^fO8_4Y7MX9;j(b<+&^2LAJo6*Wo&kxBbTPEZ zB(iMXXkg)xVM7ER~_SDPh;7u#=RW&FW-)466BG^xeg<1K@0nS_Na zGuTmE5K>S;$F~)y{Aq6@_Z%Rmh{_M;g&(R1kc0&9r9XYj`9>zJw>^?-wvLaFkNiEo zvr3@kEgcYrjMB7ox6eOEh9a_v@7}%Z2Rsa!0q3!1tA%Q5;3USar^l10VW-J1G=Y-b zfnX~yhYEG)%}+Y8*^Nvoflzw*a-?jIf@Hc$qR4gxH-o>o4}+6{8xA|El?f9v8LxbZw60RX z8uZ5b^M0XK1vVMl$BV(D5gF#Qw4bg4B=56G;qU}BI_q0-1G3st(ZazKNFOv)FV3O! zg9zw5zv~adi_q!t3;}S`8bv#|pDPrilNA)Wv814Y?dgK#P6oP(-=U%}?E9fTl3Ia6 zL55uJF2YQByVr~S*g~+M_hjG|J-XwI$1IYAOaY+j$NVlq^glt)KkQPw`Lp6fD;)gx ze+Xg!!(oj)%Xg~A*(qKOWha5;=vVbCL-&6^@4uj^l#c+wW%|ST-AjlTWIo^~)n(4r zdH#ZG2m<65tB5f_6dh(sx53@}`K)3E@g6Mg_i{xGeyW?)MQ$?B-y43|<_RQGhNBzWCn}V&G>&EH#thMMA9o=6Se%NGiU(_{rQr zUT27n6YyeM$D0A96{G)KAdUv)hfBg$bNA_@jA33&!-O+z2C>#QtwtseTs0oPHbDY+R;;jb=M;f~UDkfaWyP;v%E@_aU_Znt^f@ z3Q9^8JS%QLO0;SQaToz|JKb#^k?^e>I5u?t*aV0T`v?BLG3VYQ_GfSO*11S&dF3#* ze#&fi-t%#2W_Xo;|3<%d_p7tEY^hcZ@k~|mlCO(x!^3bohr33lS8MJEpQm+hSF;Iq zLb+GOtUMVr;@O>ro2NZr`?M3=Dam%EZKP}7ayLZ2brtpH6Tv0sVOoCeL8Sc8l+WzK z@>8N@WR%tO*rNtwWYFn=8qh^<3UlG32fTdKSTkfmHCE3k9 z8mA}sj{QL;&CF+%-MN+1ff!^PPil)U9Tpk&x}|Y231n|E5X~_5eN~?Wi(;g|A^u5K zmSgMkB=plts8_@9Eo+YJ*thdJ%GP*=5|T;#d}?O#LnnCF(Iwd)2N*hwTjh=GuhT9Y z;yEns^S<-h{`lr;@nh*yv{vQNnQK();>fwF^l-QQOjW zXw!^4)hP;ZVkt`9ytDO>bJhU1GKdM(iC_}2g+lFwsA8GsQ(35z7a_%tM-1j|y#3fO%5nbpMWI{gs%9<6ss7As&AuGHDt;rW$rcM@PR_ z*K^O^+}<7pR3nQlCU!KDB!!^iYnF~4?S0DRW|ef>rB%)#KAV7~N`kK@2AR74TVmqfOe*(vcx z`6$k2uslu?dL2dx*R(C2S`h2U<}c|MlhJ|Yt+3Lq^OeXR8ZR-YFZY(-h4b(AEL~JS zYf1FNcdev&pU-b|?8R@U$i%)Pdfi4g{gE_zO7d8sxbBSIVQ5j{8u? z-a2kNanav0jufPkO=O8*eR{k;KkY)7b#to+1R=_R-R>Fw(_Vf?LZZIUd^2y$?S3(b z)f`*HUS2BygH$vT8;=xu|6hZxBRZT8vk)a>n04^b2)Mu<>pZtoYOAWMmizb@pVJ2W zztaXQMt+FjQKam>vk+d6Z_n+^GAH4L2|MC^oYMwAHt8f_(G4~5$M}qW(K{EYx#hiq zNSqE)?UkCI`@s8FdgZC`-PM$)Ig=V0X%ZeZY!64xj9+}u9z3;-`?Qesw~(lSM#&~z z5-`mTyIEwi|LLQAj|a>9!6FNjkt?K|*NY}0_D)Y4vC9>AJwqLXhw!M8=G@Wy`B|CG z3v?22E(b>IovsKuna#a)(F!hdV0J07tKyu|VAPUyCJ+~9PIaXtZ%^R5(O?|?dqj5Y zg*WrH)~Sa}4a)z@C!l5suxUQ9ZI{gIx~Ada;PmHb`0V@VthTOq9XbP5e+R&!J4G>j zVnT_K)AU;ikg={dZ8$#9+IkqT=lsiGn{_x1W+BCo>oX>{vhe3%NK}N!s{bjz?yKcg z`mo&oCS3Nt3n!YCVfxeIPSd8Ls#{L+YQ&G*2L9_KR8mGQk+*4Ydy9Td`N=r& z45XEdacmo$NuH5e6G?7}4ll|YQ4;XVAsr0=7&)f4>6w^mNtZ70~s zU0qlZi!!{DN*ahs!5t0I)9WS%b)P}ds+38k*(9sT5i+VfWdfU?HAtF;p%|NYi{eG+kENSONJwSK!o3$gjyUD>H9P-%-79f4FWf8KVwRb)5}JM z^K+ShT7EFlB-Wfv5jzOgDz65jPnwDh-$%^|!7GibG(eKIwY3$Kkg&}|$@s{(^PO^| zFY=lw9TM0lzDu+}=a{_3dK#~=J~KnjaJHIH(ric~@7c^(_E4=>naN))61MgC=#|F) zCpDR@-V1=2pyT~{=If#gvfo5Rj@&uO)BQd#r-lH#e`jzsinIa0;eKgmKY+ZLBNmV9 zoAGn;N6r;@1(QwL?S>zR(f-%lEqi%EwsGF@=8YDsmQe=K2|67e=^wh;v{R|H6sY{X zzGHk^g+B)T$S^`YnScC53?Tyt8q++#`9`tU#SdNRPv60^gMM44BtXx+J{_@-D5DZb z^oFXZjhHl-E%#FXM7+2za|`GgQ2*+mOa93d8M-`jCHDX}K75wUs|cc)sxuA5j^)9omO7)NN=Yta*?6bKhb znqk8bD?UvN4e&T zSWUCv;x%fEC)GY^`ke!YQ9bw?k;7>d>bS2vG+XlQlj~PKV8EU74J+bl-h-h$+2CG3 z<4VAA2RMq*1aWBOFiRJz)ec@*UG6a6B>GRGPUe3G# z(w83>(|qMg|Af$g|KI<=x0VkL*(_8ScImOPzL-N~ZeX1@He0Exs`j-Q>Afss38ro@ zWF)Dza5sG6-hbWzdE5BS{&)44294zTXpsN6-YU`_8sQyEVR@~0(c$7bAT%>yMF6$HDT<_u96~MgY>1Z8N zGT)FNSjgt#iPg_q9Bm!w*|O4fq=~luU+StOX@l7^-I(}z>buiQIeTn!e4bDmp8i7V zx1z#?NSD}z2)RHt+My5L9Z0#1v#EhRNjM{c1wO|Wkt*3VQ1EWv+F|9CiceiQef^-` zj9~02U#$^`SP+|1RTG<@%$6y3Vo=L{|GQp#hnG#plUKqw;WwhD5prjQaI`*yg>mYw z%gj5GpEXu!C~x>0Hk*w2-0i-j>=ACzQpv-oiiE5v`+5jS*5Vv;N$g=^(p-N#SYZKd z6wA|Y{`Ns|(u2y)&2<=JuItCw_cA2U0S+XfjC@N095S%qtnhmfD3V?NwG+u)8ZTx; ztD*C-j78g2V4nY+7u-yC^pw`p`Lc9tQ+7DND3r30u&q>#*!-kiI82aCAuqp2?JLMB zo=28Op-viWai`a?7x#wmq1|oq7a`aY%k6#=YJjmc8h&j5HFDlnOh*w)^IjTphoICy z^$Sphi~(>KMsJKU;L=g)w5Rl}JJj)gxKz@%T=j3H{Qt`P%Al$mHC(zR1nCeELAnI# zl9H6}*hqJGBM8#c9nu|2N_QjO&8DS0@7kX4_1RUIL(j-GQPC5GxX-U0I%P5Ay4yIRA-6@XW?a6Oe@ zcB6;JUMOYC7br^0Dm)32Qm(*!hC?;glxSHB9fvFBIEzxuI=Q11Sy|}G`aQm1a&GFR^3Arfpd?)WvMl2QC>L5?F<-Y_YjrSGp(b%|!i<+)^bkJ4F)g zo5v2HraW}Vi|X|Iog^$C`#S}3;3-Lns3nB%Eh!t3P7TK3Y%V?2DW%<*)l_8oDimao z8cKY$$KJ%sSF!909t7Ks$oE=3L8l%wYOGdNF;?#R;`#BR_&a4IkyUML=&Z$bxsXbk z4ufzYdaUVKZf_7Kg>-dnZ0zygx8c4(QZH)2uDEdvNk4!^KxN*%>ntlRjRP=~XdHtk z)m*h@^hXSSHKV~Kuxv9!S(qtsb6mb!J|Hk6T23byjugztYVkhZEo)}9-x#pfw1L2g zT-ns$d6|0cp8|Grs`BU8KVXn@&8%S;%VnwvR5Nhb7k-8MdS_d6I=W37`D^D}JF*`Q zJ5NXvcypfis=Z>iVjP2>Q^kUYqm!r1im-Pk@KxVLcTSS*)=< z^I{>-QZhkasRbK-mFfQVFfRp!8SH2LA+6)G0uS&pXOo&d{{>V*Auy8xu59~FNLB@8 zXk6o;oOuHbeqnzGKj7=OmJwcX7ZnK}Cm~$TCLm>z+`8*O11W4TY?%EJFYyLP`g=x3_`Q)JqxP zQ)|06;7XhfB$*VeRlJoIxO1={P`w43jnr#xGNsdiwFNx5Ctp5m9oX*2K@e>uxiB}Z zjt&JfXPQqLWRbsC6b}E=7Z;P7hKA)x|HIDGxAu1JwZcgsu@F|Iksbgsto{M}rqlM; zeuUhX5z>3)z+g&WR2?fNZBSd`Bp9Y^o`J!gDMFouy0*5B?@8 zmk^Jjjsj6cI7LOmCn-_)#dNi|cUd0xD8Wyq1CQ9*Tffl*Y~vGb@`R*SnsPE<(7LzC zvp)P`&Uq(X-qpr8z#1EbeY(=ET}^*alT z;!DEqBV1C7E@1cUoX6sJY693U><=Jtv4sn+0Rk6O6d~al->G~%M5YAE?@t&iJnTEV zr!WvSHo5zmfbrJ!&v*+nDwl17xPQ!YRundWrq{GxOgc+ZKj@m5&yF0oeHxQeZweL0 zz`)!79qbgPp*LTEE>khTcg=gob13>{zC>E*M{U`X#p_iHO34z@5rUTtk06jG)*YrIQ6-%~ThoQ&56wUV(ZDHd-g%XFFayFyujT!EPQc&Qqz zgqQq= z@J#-)W;#E$r}_T1Zn=fA;+S00yUNZy+`_Dpn#s5Xu<6Q2Xu8oB?qR}4Yg$<8oK`b- z=Lfp?@pTL4rP~5KCs_C9FksMO#|ry zy3A*%z|O{ccaJ2QAGqFxe_!v)t;@1fGe2b!GGy+~)$8c`-p@Bb21e%yFS&N`Ugl+s zrD>>}@T(B)%Y_7Urlze*F&BZSp6ToebEKUraD@FN$vASoKwfB3ihFbha*jmWo&CjsF$=&F2B5VB0PJ0u~WH252>z$?j(QeO?YPP=UyKt2<_AEE97WHA6~ZmC9JV3=@qL zLu?}n;b(RMgaO8H>f@?2G} zL;_;M6u?FS!q^{59t(uV}5Y13o+^C0shlR4zeLk3U}ocXM3{|)^B zxWn)k|IwO_79j|`AZJ((VFLfx9|lOZN&h9wn@1^+j}S5^qYoti2gdyKgN7JD=ENQ8 zTRckUAYulcs>Br+(_05ZVnzOeqW*j)mLao956+V6X?v91hy*B?l==_MDyobGbu;MP9}`Ogn2 zKz;%G=6}l|07VOa!zQ_5I|^>B;{Qes0CBXd*vc9Na!v7bQ-wwTlIZ$7B^yy{!~nQk z%$C=Fn;>(cSfwea(&Svp^gEd!h3lL1e3jkenqRaVrcy4>d3{x^Osj4azKJ`jj=PAW zHN9)jn7?tQQvkGO>gk#VD}^P(me=Nadr03($|a9a2|bb9*d~VdX^Y~*+`QR07vHA3 ztc6#S@y*wmbi;mGa5t0oT#wm1BN|j)Tzs)XN5Lz+ydpCjEbOXWQfGZg6y!s+-#_T~ zaO1XjH(^P3#l>#n{vEnj^$2zO`61=~KB?}Jh8^+QZrR;i{A%cP>Kk_*jpLyiC5YBl z=Z+1>41%E&6AKg0n?*7nz>V z40>LVJgfsHjXB3Vl&}lkKr3Sy@-4VA)h#`y4#PPNC4O#rkEZ>`!I5+~p9sS{h3?>1 zZm+2U$&#X!n_t_@{oPltPeV6n)>iSl$Fzf9@j=X7+dgo0V(EtdcjWF7^W_ddGO`SM zS#COe8S>7UH*Hb31B%k@j~Ug2jq?-Ztj5Vo()jOF9zmKIDo z$zc*QNqE;lcuNSMU1oZxWLK^preAoI%t?jslg^QKxC`L+e|#8nB;~QSX_$AB#2BIX zKq+0jV6uGXK+Vv~zQB`Nlim4n&1AGvsC~RT6>z-y+N}rJpKHo{ooNj4nDz3SYn3a5cOLRq>;3!rp1IZa zTTpHlS(Th*-p@U^Y`GD@>2D{Us)0r{5=nNSbql{;5b$LMutl<(W)-wbcvD(@T$BAZ zqya*0J^4ZNA1vR?sH7y?_q<2`sLy$8uRc5ZBmkox)*qJd>P*w*+4$uCygoKCaZEM$ zxFUF~>PBU**B-^}vr6+glzG=^X5izG78RXJ9W8JjO1Dorl{lH8Z(~vbl%(ZTgJvrR zsT!dVVNR3##XrBipyu9rFG%;xJf@T%yM~*`H#-3-(caFPOX)y8bZ_CNjJWRX7fGeX z#=RGhROS$)SSIA(^Z0}OR9OvawzLg$ZZWnDyqLL8(D0@N~cNKY9yl5 zIXe7!NF$1p;yX#bN`F)-iIr{~xs!|j_(5_p3eDo!=@x(SbP_F(PKLEswJ?I&j{qmE z?S*V`(?gb4oxR0-MQrb1^fAO+w@XKJX}L05wS_Izug-UI84yj3hvSzC0pcnrt7mb} z+9n_h){)uJrP8BWKLWxEZd7Ov@i&+nvU4X+r9_g;ao*(z(^9vQj&j$VYn35%y6Ve( zk+)kWQ)8oyFnRT+CR^iq@_hF^qW1%{Dh`NeJ&fQc@uskZv*FUwSKjVcC|2Xu7T-;0 zwO!r&bY1FNDhw&B!k$r{f{+3HRH~0-SvhhHVfVK~vdWR*o;K4v8D4M4IfGSlhsu&U zC>syK^u#d?$(SXQ*bn!4581;wYQhz8N6rs$!O@n2H#N}rY4IDt4P*}7KycR%x7@rj zgzD<*$D>kA5()}YyqC)#Aq*@eP{cowqd(zxD$#!#6OeeA{*idVjnAS=?!Iu|4cQGH zIm1Oyi;OQ@u;k`w9vPV#pMH1M_^F*bWpk_4_)@UuHP#DozE=er|HA4E8S(AW_?q6S zMDTI5wPpO1^d(vs(?Dc)F}QBNsu7RF4|_8+b!HN|ykCRyZ_@zURqM(uw|I7yFd(pP z4)&P?EZ2*Oscsv6+y%qwuhrN}EMB*>F| zu4Vt#u0gVd3&e7|GJK}Ow%CVTqG!dEmB(x2WNn=X)~<>Y;u}-~W6mBt`>qqdMMT&C zUE5kRl4BGoA91$K`dvPfo9u!z+xAMi*Kw_2fe*udp)1D!{kWagP7t;}+6W)HB#0zv zSDeQ>zCAAqVQ1GJZ1q_H-Q?y%DkKiM4}TKcC0v|#*V!w7)8`8)`=*a0K&5g6udk2= zb}jS+nq%_QXN<^&^WU-y>Z{ru{Fkb&VDIljcD>K~)<#d$LRc-~7dZ~SgA2?cFS<~G z+Q~x`B)M|e*=w)|EDDY_H48^OJ7(&D`%KGaC7{cX0!Yj%Z8(NIQSAI=S=# zk2SwP2o?}8z-F;EMzz8B!CO}<=EbFaWeSLE8K|joa;m;5hpK3sxx1suQ%Jk=i05(9 zt-@-RGRaJ`TgxFd+L;!}7FYeO0N=07{gtTTAOT-J5aD4v_6J-RzkS{*yD3Nso791g znGdY&Y1;T+{BxW%sR?)9Wi-P`IL*KWc~j|J%6J*$Y&4IQI6ub3t^U`x0VFn^6wtz` zsyM83f!*3k33!9@n!;1Q{oTVT`wz!)u1N_7}rw|(*RFnjOTDm5o<%00?EX2rPl*ncYVggBwCy5g<8d(ZHV zNebmdP zdJ6Ow$P)Q*A73;~yKWi~E$>=c|5ytMV1%~;YD4D}Pq){S-XsBuTmS3M=)iJ;YLM^R z4-ak7FR|cnEO?51PUv(oWe4B!X$5&oYZD zgou!ehtzl9%~2W3j>HYO^Mz=#uuKkioog~F< z%i{V!0@;yALSqh{lS8B- z%<-Nay+Ddch3aw|)7mhwT^5O6p1xvMnp*h|+2aLCo)-g1qFlAEjn?RdF}{5c+wwix zf%%-@`EZo}MTGe%-X|RNNvp6}GHRmYS7bJq7qzm&b|E@#4?CyH*L1dA?^EwI;wsjE zIE40NAzGeWY6ORI$g+JJ5QgLMKA2+9_OPLhkn*~Ge=qUS#NwiU+wTN0p=|E4B5-%gMu@&Ln zzRpA=6wLtIN@f?RRtGNciwLG$U|BSVa9Kz(yympXHG|-SWu9(1uoT$QG5(;cF{TXo zEavi_q7MXU?J1-DSJ`l8-5@A8L#xz7KMvtd@NvUSN7ElQ$U=uI{>wM>Um} zifD389(Y!4ZGus@y9|;H$=PD|-DxTwaiV^nM8Q1Rl}{-afuWcq_V#;!9hr^?x&C7?vyF*8hD5`3hA zu_IzW{<^ZnYhUzhT{cf@nx&MAbkiqK_irf_7KYwLOc-0w-^v_Ua4VeWZV3jSCUHOD z*q8*LL#wC{o?#yp?a>r^_zFV9Q8ITZ1byI+Ah{YdT`)YX8G)fgR%_oY8>7#V-qFl! z5H(j^8;1TAAIc1$f7Hij@}y+MUc@xAv`F1P4^9f56X@FMdS=FMtlrXE@QM*<4Cbiy zJ50}$9cN0#*rD=#bNV>pUdf2+TE-;#Nb&{&bd@AuYObez56$G=1CP;yxV|D0I|&^Nnq7%~?($v~W!6Ka6!#-`?jaR!2GdkQJgcBhVDn z6v`|Jgv|ie2(Qt8(pUA=W2a4hd~s`}~=4cc4#lO3AXLu*9)Z z_0`L9&FdMdk~RMqcN{Ghr zMXs7?^~XR9s)>af_$;Q&98#s?XyVYf%a}U>f;+Tc(;oVHSPAB8CdvAVj~Vb$#o-dv z=sQ8Rc-_>KFx!3#(ef_mTus(ECxugcydW+OE*qk?`Q46^_DZ_{*um9yVCJhZ%DoZ)eYEq)5!D#ez{QLCle#SHE&3(uegq;m8sJbv2RbwM??RnSfvrQBW%9wxne15FAhx+EUb&eMAqvg8;7II#ca8VH8{WViNi4W1MU zdyKTO@|eEr5?LwZrEiN~X-+XZTUhwhrYa!Z%y*b%*Q?`47uT@Wnr4Ggmd ze}vm?DaNaTgkt0@Oa$R<4R#u|pyBD=a#gKG%CWU_6SZi<}8tS;0(*-D{U>{ROj%;YG)VCduM}@nF9L6jbF+iM&`tM zD^;?$97_vAagD#?MF^{;t>FaqE~u=c8##u93$d+FrE zCUDmXuJJVfx}bRR!r*wlx6)?iEhH0q9SrUT7OpfllH3M8k=0B-!uDi|Iqd*Xs zM0cwX$la?kxDL@A+(1-CXKlt8)yhl7TWhi`JVl6_ z5qj1RvqYfa2$cDg{!q+R#`mVRc|}57QkQdPPM!g!T`-9pRp|sXo&7u;H|{7Nr~~-1 zxm2e-gAIBq--tKVuU4i_&hY%$N=8)GoR%pGDU#!|g#1rb-}q;8Mnhri$(;)Q?7fI7 zXjdFC6G`jl9(|LR`8C)~KTJ;>Z~x#&*BRT8n(dyfHZG3jPp*0;YMnxIIYBiNGfu1k zLGqx8yo?gx*e;yzTms|f==2#2S&9f?*P|zPWefESojVICIXdK3ms(7M4Qm2vLxX$9 z(!t3X(qBuqpCJYB)^BYot)UVqvMdWuYjlmirUBx0G<{-=$_dBexh>IPI)_Pju|G^- zObxyL0<{G9G*m|)9+&>x?)&9#D0C2m?`u`0IP1={b_JMF=7m)mZ3J8xsx@>=4f#fW z=hy=A`4hE`DaGFcP|DX?tCu;DlDeHJ!D0OC z)}iKJQAG567MkxZTtsdN0w5c}(GsG0aZ z4CFo=t%L$(L;J#iQ4zr2-2vV0jtE4D`SAr*YAFBp>U?ecqNF-p3@Y(gJ^$|gnAon* z?Y`?ZVp=YMHqTo*|RE5DV&vat5N=KKE;p!>jlP1i%?*?U^XlCGACK!EitR>ns zbtWZobXa6~?f&CPOA)3>dVZtYR0bSi?r%saRx95G0_^7Hi{-h+YG6|-^xCpQB?-Tq zt~pOoZ0j7;e!9n*ViYc(Ud;4jo5Lr4OCSz#hH=yw^CDoAOh~`FX+OPdrP#9?y42K5 z)(p0|{^)ED_aMar)?);H&&AfZ0z!U8JU>HOYEjrq$OHrvjZy!S?g2t3s^D-Cv~knl zYvg|{<5QCb4+D3(IlOiF9^1kT(qRGneH=Yjn#UH-0Eq-R%4=^EA1hOd{D1gwgHGcn zfjqyaNDHeWz-7AB>ptUPh~^x{z?%e$5%h-2eOxdY}=>SP*-Iu6uUKz+1% zec1)FssFFNCO;sXda2;YgNTVCoBD25%qNeg1^@5d+yHBGN&5l%(L>q;u2(xF&8NpL zD7?N#G~DOghQDS)td}bD+|u{Vxq}XRbcV^!vABHaa za8;ge&C7Tj{+K#p;4;}(!Y!tC&~zFf52nBF%ZV%>s(Fb)w=a{I-Mfw0mAoL?n0w%~ z_XVr!*n|$5YO1j178>HT%FbOj;-i!a&8tjdnN(t2v+)pHmYYoHT_fXyV5pi#ZitqPTdTL}_} zN+A}?oKsd@9AljBsltDIC`?03%eq-sze7vF4D#VRVDfTwtZD%2St>1NSRrbAVvoaC zNOZ6BHMvia=u2O8nU*C$IglZ&D!^14{p@cA63YQh3yb}RbRy8yQ>^|?3@C`6q(S}? z(rEU#Rh29x9ADYsR5~X0Dqy3b6=;G&l&36}`PyAq@gbye@pQ`mV|WoG?_;D88}XH42-8N(r`Lx zMTb07$d7~4Z$5DEN)a`15Tp0m?##A;^*j#sYIZA%FXk_B4FV?IX z3SABbx`Us)EJI7Ydlw0~!>2rF>^Fyi!Vkc=s0MgF_>rGHc^!AjI?Y;d&N zX*XjS59uKQ0X-^Vwh)gAZr#g5D3e2X8?o;*0`I&r_V;J2i`A`eWs*7o z(@pszOV>kNC8^{9byIB1QkPNB3ZH(lwt9JCPl;e_t9{@r$@F^ka-OFgZ_|9(2a$1Q z<4klH-xXZ%13iuUU8sqiwqNVUx3)|Y`914_LIEi^w|aR6ExTSyqaj9^W&Dl9(!V4} z&$|CZa@6tB&R{%W{uq#*_s>?D8}>w!Q}H(goUNZ!%M@_ik=35H%}ZpIAjibSB+!2V zBuC!=mK;EZ0!CIM{Q1}PfK^r|^+V10#`v|pQEf0i6pF@MsN z$)_cWJZvdVBcVzc+67|>pW8Bx6WZ6F1baj;c`OH1t2D zIySt%iwbF+rTXXbC7DDb3%rcj%Z$s~ktpc#-&%Gp)?CL)guRHrRZSewOYPnq8Qjz9E`)V5?FR zQ*~_rXUA^O9PnUmz8Tb~wjZpLMFPtUtVW<5VpxB$f5P4s_JM?|R8H6Hpy zpjcPKX=9b-)5$RbW1ujOyE!;2Uc1|7b>zL4(T>`OF%8eJbvR=&IdG%jhuSMPb%zHc zn;X(!O*Mn<+~5p5Q;oBW#@esv`Pg}%2kyd-TdvF>IIzcx7IL~?bStbyz;5g2(3K6` z6$_>&)enFpeom+{nj2KCBzBi!opU~wE`8p)Y($5ZkW*9);+ipE8hBIiw%7NjtNy(v z3tcy5KsYLKsK#ntnEsTGd&xXtsI*&foJu5v*u8fx`Cs2;$O{DcCb$3oCWB&Q0aZ%fvfmSF6*;>WnmTY%R>_I886?ud=r8gGaE>ZA zW1fY>?F1<+*A47_gfFi;?qvO@b_RFPra{ZTBU~xRpkBTjI-%ZKK~mp9fBVVhde_8M zCv?dcspY!hZ62o{`wK~77#kCRjNd+QMa3*!Lv98CtA|wAMQh>0c?#d3o%voM3xN<(7*XYTut zaoZOP5b2NWQt^IJ)r^hSZ~z`%@?gG=TOumise={l^CzdT0#?&T2EYN7X&Pf{-XI zYL-v09)%qc4+pU(JN=^`a={G95y#-S{}IOj(~Hgt@j--_5aK>6Xd;t?9I<5R%A-e2 zECoRnDriq0RTVv@27W6T%C5sl5n?z5=I9rFf`1e=AVE4?e6jRh{^K0|`zGjy;Ef99 zcE3k8R&bJlhD-1>3-4o>-$x%fkt@@MdXKA_U?4p+86E#jO8Wcqw^RTp(#B$<{Bgg$ uF9fy9eL#Kxh$ijjvKj=q{r_}%4m>t`;Z6_Uf?2c{QPCB;PUqAQGH}lNB?>qC>KUHV% z#ot~YlSy-EbfJjE9q(ZBrpI{AlXWYlnfE7r>c9L~U!}2+w7?6<%1fz)vqtuer{{*uV z5`##F)WuM=SBtEKtTQk~t@U>i!h&?s1*|A~fb;fUdL4DTZTU@c-T~b%-Nv(DrdmPb zK~;z)Lrg&>_swDYz4^W|*Ez6l!1#k8*!MuCvuKfm^0Bd@5NG;*>Rw%uZiU-sOb)z0 zJ^fa5w2lpj1i^^32m3l8E%J;}Kcop}2nA9mJy6|1DZokkTIX3q+Ai;ctw;@9hG_kY1H{dRNE8*qFT2-;=NXA&C?sbg7Y&7N&RKJOKv} z3HP~_uQJ`dp(b`voP7#&K&JvYoQ0yIDQA2kCE zV+d*IlY+h@A)N(@cIgxM$T{XHNP+&);h^dxrtkn3E-f5ZIrnNT6L=4)4Fp^QZe4ub zplKG)Vl6FA9xx^+^&{VqmW5ST7^NDD=Zb(;H0wFed(BilDfH&|kniXsUK_1|mh^+#Lv(=22hQ)}a}jMprS-C3EB%D*0@?Pz>JhnycSnO%RHmkt zhBpm$6!iEmtmsfCnvBu}suoTwwwRBrbWz5zK)--;N^y#g8T@r|{Sbq$#y!mMC^ z7H?+o*zq3K8U7XR70dGrU%+Q5iSYsxoYSoMdhw=*Le&syLTXN$>DhqBY*)?$< z*;C?8vQCPm(N_~UM||#}ju;(@E=gb6PinaYjx;mLhGI@>4apYCCz<@#Ib7uOwdDu7a-0v83iS*raKc8UPJOH#u8bLaG|ZEBfiw z=`;aqKPBJb!0*S3yflC@voVq})3Guz^D;U&t3q1uN>QBeT;G(jz>##5xcip){5Ff+iKbb zeezz#9@21C5#3@;Vm5J)*oN3?GOIIrCpR;X*z@KwES$AztD;>aI0}kO4ofMPek`5N zX3lZU#4b$D+s^qGi7YtGNG+^Z&6l$lRFvZtwad2%J#`TZO$)_Uv}n}GTm^Ln_%?oG zeW-shgPVef3dITq^@@np7i1Z>8OH3|kX0rGDMilu7U~(VtSqHl=@@#?LvYlw?q-~G zp0Ez4^JL!2S;<0ANSZk}$TmPV7&`s%$oI(gsCcOuY>V2*y3*Nbdd>=|68kYo5(S-l zoBEmRk$RD8R~cQUsg9}MQZ>57zl2w{Ua7yHzG82Uw1TjvY#n6Xvf{et+tkp4zQ(>5 zvwpTVysoi^%tg%=%!2{caT(z9HJ#Q#>I^(+OLHBHZH|z%fdi{j6N720Yi%T@DpV#k) z&onSe&|T0&PzA6U@Q{EDA^Uj0ndCL6ZHF4kqTwvJ1CmZDq)_db1R>BFs_7OT!!CYB7g{ z&4asp-}fx{DbqX{*Bh*zTQ6<{58X7rRE}sn*c6|REu@%hj8+;|^Welq#KqRc{q93B zTwn=lAC2?+#yR-eoG-)y=Ce(bHkzAVf~&PrT-+f`Sc7#C{F4D_O~#jhfyxv^B&uw3rEu-;BOk(0kHb*&OjyxnwON z)|A%NY=PKFuFSM5nHzr&&FXA#kY$BuDRX>enkQ%^KG{0m|9bR(c;9$Wxbp6{qK;=k z!9uWh*iwGrd-d9S;`>_Fa=HFm6|d{wIr6=%@mPkr;`tRhRUr9;sgvH}>$Ge81+=Sy z+qK)q=1KFNWQ2~C{OCw^zAk;cMLWD(_j-fnbdz${+>g$I&b>|%(*RSOH|M8|m8atD zufC;yh2P7Ss~oKk!#>VGKA<;{+0@H5Fx7lM6Q1@Bn(SO;VtnOJgwA^>f)tR&2u@!| zcT3x}7uUY8)r7r-g~bLFw5poxYiQJ{cXxu?qHsnN>H0Q4r7zbti#H6NQd+9aI@s%Y zzrRf12yFAA+JC<*>K`3a@hqjyqL~b#SCnxb7o}@)DWh+$x@!D=GUa;o_)CAnkK0@P zOml zpFaEY*EwD732xBPsmKV3_0YqY#amuJ0(YMaK^tM|VIgrQL@E60UOIPKvvzVKt|I1P zouTb{!2%vkeYhSs?Z;1yg)a)D3Nm>X{1tc&xIorR)~z@1)w@~jKx`F8_|N#a!rPSH z3KhS$->ZD6tjw?4&z`SxH(yg)!nRjC&ax45yx;jRJ{H3I;%JHDyd9qx9=Koc8p_%A z?e)jHaD8lkV_jeDIu-TndY zZw0+mVejc_`TPEUSwyn#3FKHZFKgEv<6G!+*^t(Yrary%6y)#kejpa;$eFrT@R=YW zV2~E7n$DVXvOLCiHVlR)c1ETQ?l$&+8eI?&UU!~9mo}!(hQ#hR*0xSO?tG;Gpy2s) z{ns!fDe*r@oUQmsHRTkEMeH0+iP;(07??=;;fRTec^ys6c$7uO|AYO{FFw+5&d&Bc zjErt>ZVYa$40ev@jLh8J+>A^tj4Ukle<SXL_Vef2V zXG{E-Ttg!}7iT_F(!Uh_=kZTFP2Da2OOvhBf4KF>LB_vk7?~NE82?Xf&K73>7q-7< z{>k@(#Hm0^te@x?NW#{Dmhnjzz`7cBN#;N&VoXo7Otbb?y z+tlA!|1yO~!O_C>4@!Sw!OzUg_-|wXLC?$h7f^o#?w?Wl$LOE1@Wb&k{%45!;dn+Y zFhM{BL8L^5RNX<(JE7x?S6#N<^p5dM%uA?_Y8zOyYGI-f;z2+Ig^B>elv;^usivzG z(txze9oqJ>lJi6g88xIt8exF4Q6dcrIdvkMWFUkjN<(28O|Na0#q%e{(8nbIK~f0^rWG+#6?ntP!C@8z9_0GAbRlSlgoFfz zmUQ;w?W;z5z^J7KL0o*cpmmp{(UsVeFcZ5?hX;y=nwt2zwWBbB+igzdf`p3j2Tj{K#jWBdF2y_t+jHyIU+W66u|3fcs% zD{_;vCCR@}&@xVnepw1$UH!XX?83x~Y4Mq!e#D$O*scEoowX!Hy{6Hv$5~a&`RQWC zZ+8=}=N0eU11ZhiSPCM$<)Y_;9(Dpby2 z&*Km?sN-OMW#vmHXWd-z$i(4B-Y<0;lwA4$JNutN7<7`w^Z9*xUl)6vEzw^@^4S)W z74~Y~j*LjwPMx2f!Q+h^w8HL2T!~@-k8=JB=n`CjLHQ`dQ7@?qKik>qskOU17fQ~0 zvrR)pM1-KNKZ=yQSG#y}G`> zoi4Ih<&hFp5&S1w8yooHaDw{B%h@p5Hmj^I z3dHOrtZwHkhRZejEuo>I<&y#RtCe-U1QnC2wCoS@ME|;;|HY)94VZWLr>{=i2W}Ja z0S&`wMU+LR{CUWDpofm!RyH=63EcSMlLSDwV33>A2s=3{j-!y8?Suaja0rMggjgUN zoxdPYjqX(4KQd_h+&fl@Qq)Y^55RqdKk)wsQ*)WFKQTLzfG<7=WS=8?l&rVqo>fxu zk>s;$UZz!!{-^K%kU#;5(LEtcuLgqYDME(Y)kL~xWQsGEx7q430-FLnZ+izBfYkKX zjo>;%#jjtp9v&YXmP*<4h+;#LQr94 zc#BvLZEM;rEiPuvRAZ*Q02%x(?zlL%!d)1S}$Bj(L2N zguRu6g$2!3B<$MR;eRknlL)4R>E2)zm3zJ3eALh#7TlbL(z82+!kFCuR5XZe^qP;ca7k$9i>cE-oJQ^z;nWpWNLw+~*8bqx@ti0kW>j zt^mFj1iXFx33cr)3_t?9`L<4{lXGCoonq@JD$jF>^Y=V~r@<6|3*C^HlOutqqGv8~ znLs-kz7Ev2u%?mtkVdJLy%x+x@Xdp2G3NuswvdHk)8Yc)N4)avO%=U72ULDm5>6 zYZb;??7KlLR4ZPAPkPQio!`)UQOfYj_J6KZ02LU2mySFeHrCR7*pqBke5hYg^!Wu* zbC?2DiR9>%O_i(tlPl2gBNtHtE%JuG6zKwUmD|#8o3@oKeD~oId3CWJdEchlPNMx{ zZOg1iuLEc5#;b)tJ{jBAbrL3xiIAVLHVfI)=BOD9*yuH^%7s#Gr`L|>JN=})fk4w< z*tyEn(xfG$B0|hDEY^mE5JTN5B7L=^>RGC%en<>tVq&sL(W-4+nf-Ib$2T`~^gE)n zpa&+!1g5sVd)uAW+Smb@d)4+>U0!GHllT_QJI4whg{-O=ndfwaCLi6MDGLerJ8N7< zcyMK8-KHfAU69$sWMWo3ayCB6@%2wHG@1Ku`opfYv-Vy}IgwX4KbOAH|91VWjUwJ5 zcqbLSlfVz45A<(A{z_iRm+_Bk13&?Nto~+WQ7?qJ1n>CpYwxe>F31j%%U`d7mEhsE zz*$CM2SAA#eso)Ft#G>-`pCUrAxwxX6=mD{`THBx%gA6U@>LU6kjQ*dNuNmV>G|nN znwn`uRv-r74|}q596ynw*a#hOm8&S>?Ap`dh2Usw4Xz2<3kGFmtmPrZs%CTB+|T~-8`mXD>)ZZx^1I%9cTLwip?qRa1DMucL>yt4 z@j9;f`CcJ`yd?wbc+BndpF2wo+M;PhDLU*pSRwR3Ap6h0xpo4ENpZW$CyQWZ-NLP% zaCEJFI%3jvXeH>Y2ZUt|V*}~;Q@qp0wiaLcDHvZ1S<#i}bgr@i<>M5E-mxx2?%_hf z?vV10jh2krg75ie>*SWlsr@%j((+aE%2vjTn9lLy&f?kIkQ38i8=QcSx-ni4`<70J zLsxf*vyq=V+2}VAWM9T@eT_iUl$QR`z?fr8PXHSG7f12p4_D34I zX~J!yIp>B7s^HQ3r)aL>PEzZqt5Xz4ZlH|{BP|f7Jx>JGI3@yF&f8MhD0a*Q(-7Jj zPJdL|$%0j;%4L6POL23#|MJ%?&Droc-#lfNse>N2K;FrDoeGdB>}T!38(z!PxOPMG zEOQ|AI`nyAnBBN?L-H@G!uizF4CmQqx!mc0{5}(y20przwmowwef`)n2HI$C zg7@!WIs+o(s}btjp;_v!F#PhWlpKLBz0!<%)xonmt3&>jMlI?W!Yr|LF-o_(Utiq$ z8j-C6emge*sj1!RJeoB40-WdpCP4PPu{pmg@vH{i!|%)pD=HiSD{K=A=C3@bgkUh0 z;;R)Q&g5(ggnYy@lj2r$W*y<^Sxt&}R%fUImiy!4DJPv?JT}9Ru2D8cKWUnh3hVdi z9Eh{+Z0CNc$1Kl=ac{r<+-@V}oul2&=)zkzUOPfBJtU0VYro9}5aZ-MjUOEXm%NJxHU5u?`nc$h^+iKEky3bbTJ~i-E}JgQZBTy|{+fG%Fk6zm|+#lIEHV?*+B2+a|Ab_>PUC;JUll98wVzE#5sBEk1ER=W} zyv(wOS)GV9xvgwD?C5Dxp(*hPi-}*Nsr5(FXcBs@NX9oKhS=CD_N_9qK`U#fp@wHB%D#v1oDG=b2H5-%K-7*@VxT5R@CCB7 zzG})yeoGr$hs-5NtI1x;NDHf5>Q0l!s1+@4qG+Dg!o!<}>@-q@Q&M%sP8!k$HbVlY z^*XwChBd6>$3YBA_cE06fMw0h({i9EbQzMO=(_o4`JL23@cT$ zF!loi6+X%Ma52ONGq=}6Kz(pbEA-PD)qXtK$RN5EOjE6=b4hWPxEgcMN$Q-kBS|)^ zz{hNRcKJO`#iH=lYD;H{5PR{ogf)N8Jpdb+3X#91V#3?_(4VNTn%39qj7)b06x_~_ ze|nYsARUOdLw%P7L;>)~FUQ$Qy3$2!(%Leky%J}Nta;~p{3OBv#iI74^465IxBHk9 z25wQsZ0dAd2?~RCA#qx?F^tTfTplLf7xBo$pb4o#NjB^8&K+59L@P;k%2`XZGe#1w z=dk;5b5iTf408=NRpZqgZP?BQrgGhTO4jGK3oHJb3u2C%H0m@_Ichq~!aZ0O5&-tP zc-fPyx=K!LI>QY2Cv>mnlYT>w*9vS~Rm9VaEadZnPhCR~AU_ug4mPP%XB45mpSi>} zW@L)_#tgM~VExT3`on58&M!JGILxA7J39uo&Or+R44DHn^+-d*4wK?me1b*Hm)MTg zWez&q2hulw*L(TeIsD9#6%ElxT|mRaK;NCaMBYW>p`rP_B=H3y66e=tgD73EIa}@o zDDxYZ%(%9?EWKf`YgUBqwT>#!U4NEYM zhh1$`i&16mjC`?f3S<}2m1knAn|nBR&~y}sMt0EJV#r5ued4WK&t%`U4ip;$O(~S8 zZ#V9#Ho_P~E1C}qi@SKusTQNk2;jb0GLoDW>vj%6W&wGgaheY0KN$@oY)?+#;c>dH zWe>LoO>5ZhtnG=X+y1;{Rj^sBPnKnlG8G z9ar&SbLZpRdKqPdFrf4;N-Zqiq|NhAFWq0~)C;%KI=;BBE=Swa{p`?#(sDYRx9GU& z{IN64_2Th^Ld+)ao`Uj?n0=f%NKwGiAkOD4CW?Lg=DsedfIw71PCAd$Pa|kS$1+cZ zM}a`#3neEGp7NC@gZteU_?dEhmwLV4simwRcYzd_dWgBJ z-?hcLesPC>FRW&6UTKF-$8Hjfmra(595gKpTf&w@1nqB72YAZlhUI(=CxN_92Rnpb z-+eCvUe8TaoO3XrI{VMJ&QfvdTj6!SJr5ELPu^Qwe)F_=5boC;`?%K!fSR8-6?RhW zIKRk0DF-&nw1}w_ZeXUy=$E6acMmaQ+qtaDn8!ka-KW4WW4~`@Ud{RYJJ zG;_N3MzUIZqTixEW}A#3*FH|%296jW&k@vf;tQ@)re_%CUO@-bOiTN`U$*pub^uiD zH!Ux9g~edE5|MreoS4UZd;CU3K*!;&&a3J ztN}%pG78}nl`S<}JVt(w`v$d+hZ$c=>EeJP77d+0p90w7ya4Ro4oBCS37HdJ0>!IS zsI4*v*MVXNL4dJlsolOY036)6q%jU~%Q5CytNlcKNjxaY1J0BvJF{EpFd0@fYRd~; z-u(%z-Is5MqI|m^7&H)0ufE)eG33Mzs|Z_#3lTfkY5VKPd8u!T24o3euD(v%Rq80o zYdLPcnGgdodyI^yt1k?HAy$k7Z%aYNsq0a6iqaZcqlDjaG%wa>4ZXye1QHh!{xmf1 z4E{VBW!fII3z{_UsmiL{bYls1xS5f&)MJih z+XY%mO{FwqTvZw4&PJ(K`NfiuDFxqikyCRw3J*a}*c*e3vU9mQ6b`$zOzstli$?c7 ziy@=7YQ43~V@v~I1+_|JnIw%Bbt?1(#S`+R`U+Hn4JtM2@Z+CmUlSZ9b=<4fb1Kte zE9}uKU0oZ)r2G%gdV*4r4Wxa95--3s1qp*FY|vVmUWBf(fH|{L2 z*AE);iu2zy?2S@>&u$T-o=CoqoDF|~7gP~{X#SWHPwF1X=#bNP4>~M6G&Kj?`8vh$hjdZ=0yZq&J2mziaOAH#bycKLn059iGJ+*5roKK*3>=(h-M$XA zhcnu6D^~zQ@s@UolF~FS=fv@oTqNzb1&{k{{Y4lJ7RAr^BM5CY%J9f#g) z7hju^5ShxBl}3X2Q}#8dNA1RJ8b`o20Mh$ELPGX%*VDf~wTYzP7o(7MaH736or2&c zvz6JE`b2=?i1BEqC~e6v!bP>M7deKc0EGP}cN!&lARb~H=Y0!QM0xjs8gE&T=EKd( zUXIT_mrNtEshyfrvxKPA)C**L_~Q~D{K~QE_hO0Z0TiC-=ok0qlFG{nRFuDGDQoS7 zmise`z@DZ{sx4`jH$6lsW26O3JDMRzSgcayoR15C?}1E80fO$ zm^ngX9tJs-C?XV5U&$_wx87UjBHQGzjg&FYO{vX^zSI14 zEytOjFF}LyAxr8Qr?fcP^vZ3KolX&yWuV+JI--%`>na%Xwvm*(Z&>=3I4$FCsfR`4 z(QehY9qyyG5H~&_zNN$f!0V&vVq;?c=A!eFLD#B+ zs0mmv?akD>Iu+0?1Z*`{RF7KQl_KBhabLPNA4PjQ63xG~IH_+Tx@Z*m>B-gsW%N); z3Mt@lo(aI4oD#6cPFS_}`WkAIvSN3&@y66~rK})9{E_HzhGUy7Fd6iiCa*tx$9eJ9 z?Mcgr$8Ou{AT`DU_L(Ru|0BYjfr2Q*lgdHV-7k4?@T2-qDcsW0V5&51$8;NN%9%`& zOYYr~Q0Szmn{)s&^4dMv!25C{H$SbOOz~??=rvc=FGVj^GRx<*{Z8oPpywkRS7ML` zAN}&Q_{r~JqF+10_4N3_^exm~sKARHk{!uaX)ayJ2m~dC5qIkB7PB`|A$cQpXo$(5 zLCeFe-{3e9fMfws+(0^ek<2al`F&(_)^Y#h*2>}Bpj^mb(IA3Bns!XaLqs?zXmE~! zU3wsB+nd3%S%7xBB8KRyf6l_oE34D{@q$TEXcesgv%t`6JF4{Jxxgo2p=h7SXRp@m zS6C1!EK<=^sC@?&JULWi_Ij}$23IPTh|2VASXF4EAN>aG0Sk=MMDP^H_e4XDMDCCQ>aV}Se+Jz{C+(#O&NZ1u$MF@ zZ7HZ)f6QBIm#6t;qF5_`S??{P*6e078WOjlM~MzoIE7z=CS@5ig3gHfshCP(cqs0} zUiy23pezM_xk4V7$+DfB)b0uF0r8>#tqQF8KH3$TgA0dQC#N2Qb`seES(^0YtrNtL_6+Mq9?eTm{+RUueeqt)q#_?WeF1r2(<)n zSZ(%WeCn3~98s!6RORclnl7B`W!k9SQ1a(@6({>e<;g&lM6>9ojTN zvc1p1?qiIa3 zMfl_eXBSVPGC&x9C%rxUac-)GwEkHcpYsK2zO#f+L$F z3c2;rynr(q4!+Ox-0csZ2&ri4J5ZnL%otF|n{Kc5BtSiJ_`I!}L7FVqzvCt6OA_4? z*(A=E_WTw-Z|OHrn1Y@;06Ia;g?dW<#9fZFbL~eLE%>8pb1uirWRP`Jg5fY_L1m5X zwP+RX>)1ic>XCaY({Z8Zs;U~xkE1FU1{t|qr8NjD_8)J%>Kj_u>l$6B#eTZCOMo2dD2D3iglVpknwmZ&p^Ey(fJ zJcS&&s9(v)gqw&e>4O@QhMVrRx3pOFwR1n`Stl_g;C&L`;O()}$X+Hymh zI3smLX8~Z#U=}52+z%C^w$ur_7gg*zVM|qcY(ZR&%Wg9&b>pwYQ_wztV&F5?7)uRl z0KBSDRa-hdx|Ab zap-n<1}p+x<*y^S8Cw+2ZYy`W|Nx42C(3G(h@GrJ(S41LHyT6d|Z^gcZew z*E(mk8xK|RfKFU%Vua8y*GkPKdqZm2imA0_qOsDe2Cb+;3b{vo4k(_t*Ppcq$PEv`?woOP-6ex&m` z?O0NFt>9;3YAY}$LvXFd>fa0R#WT%o3m#zU?McrKXbU(?Y(0gPQKQz7BH8{*nN~gE z*aH&c*pm+p4;VvMu8^nf*SRppfElxT&o2szz$ylRr(QlpJA?hAVi$T3`lg~Syk6~U zB71>@71c;1%S3**hpk2KN%-r7 z;MA5@rgRr`hOWzc>e_p>k$I?9-I=D4&aO0|`;o`ojc zm<7QQEWuGsAIu|UBE+hxE2d2@14=_2Ihjw=JGd7|#(P$Ux?w@W86;fIr0(b3(9Biy z5Bd_mp*}hbIgJXW9Xh-ma2Bir`T}0%-;&S}di6O!FtOCVQSJHyxQcZ4ZJ}0c__OLG zDE77CASm+;D5%i#NDv%i0-LrkrF5Bc$>NNDi{i>t6ZKLa6yA3na8XC#c*4F?34fgm zd#uV792x8)^+hM@>!D4nhiHcR3588a+wPQ-(>mr<>>5}3;C-fDdHPUhom>u=2trJ8SdWH*8vmS3v`xJLXyoKPkbu)W4emP zMU)-fcVi<)i-L@3VRDYvDIbQ|9&u6sW|nGd+Bg9p#C?HRA%6Vf&(e3jK7*tJZDkBC ztref4$Q%VNha*_Jb1$LpJSB7WxvD67VAapxVsz&|1&7AdM74X>r7j=I zxjsv9&|9XE1lVpl3_0tiN0_b{TR2j)(|RsbgANzmx=J75d490*@Rd_S1cS-(>a9-4<{_z4oOfxjqV&^7Lfb?RKdE zU;FZ3qBP=0m(3!g_aL84Gd!xjT2hs^XVFgDNsr~H+!?XLpIguIvdn6y1U47Br; zS&7oe#mzBRYBKzOzntT{;oWX|TNmTaLs+V@&J~rfBbn2NAqS?wn9`J+4E-E%qE^}n zBcgy}?ezH&stY9URSxN8md3=gh^GRm7^6hEz)!h*r1o-H6bBYuL&CGL_r%+9y@bAx z%8(f2yuaytiw|rx+bcxFZ%=F#5*vqvBo62MYxyRxwp4G(Zngaw*8D2$n;)MB4?!`2 zmV^3`XZN0Lc-U`;TWc(YTHSEDMfF%o0PD`XAc!uTfaY7w!lj{i&CnMk(ksdOPPb}(Zn-LzvCi@>P)es{5tMrkaB^4{b)r?b3Ib8hb#E7F86*8E%0V%OeP zdOhgsbP>LCIlzHG&D^-eyG$aP0K=e?4uvT!x{s0Kg9L)02uFqswKhn$Tpf!n0^L?G z$S>IrFm_WT<##X2-%iMzow3}A7w@v2!cO|Zc>z1HC?rR{hsU)<1v4l8Q~h+^J#-Z6 z6nKFtye;ZW+!%nOYR;&a#Gpvp7dt{qdggimQ>9q8WifDfC-ZY(6`^HvU6xkar{gq56JK7wFA+^Kav*r@CrN zcs)*11yhA#{4ogg>7rJsEo6Jq#Q|Kh(=X^^Aok3m+*epO9 z%VnT&AofX^S(X8H6c#Ovu6Ja5Gg%i)7ah=X?~Xl*Y1^B|1g~hCN7Hvkt5C+Gk0eZT zXy9k|0^Ghj)UGS*nxorkfA*6+fMZv0x0nHTp3dVxnGI|7+vw#*x+I%kR<@>W>Wemr zIF>BtAYL4HqYw985<(XbhB|X=8@RI`7SJliNCX95_f%MI*URhROlSj(kCkHVZVI%d zeso6J0~dw~H#&7ICQqB@T$zfhlr}_5?+u4o_Hnl-G#29OqE$b`#Knc7u~IY7@P)(T zSYijRu8kvpU)#JGYN`9G^0TbsypMCnuC_E;w{L7y*7RmJ$PeI=lgLabfvtv9kQbRH z7DYeRS|}vW9Pnms5+i0<#OJOtP}Nd@;rYEQLc3x*K>O5?#RXwS5rFVf?``2LIn7TW z$VRW91OWH@5PBHG1cQ@DIXTnm5*_irVQL%$^(i{78OO)#7uPJfXaLZj#lA$dLq0iBas^lRpqH_ z2NYcJ6r<~dFiJ<58d|g1&dwGQeC6P*t}RL$-h*AElQ^QW$w{hFurKfnUEw!Al`46b zd>xsB&2X8qaOj}QR`MloN-U$!f-Rx7TVP_5X1Y=fX@Kxgsg3fQc%T7&rMDkngzPEK@hGO8tfrxijF@BwBf@?-E%ZULoVcn0$>`+jK3s4*8U5XydzYX1p)&+ac+i-kO?=ENlwfYnn)4r-s46r1QkBfqV2Ipn_#*;O+_YB+yUr*4#L zA=x(aom7MF32DA-RgnNsK+KTC$p@s4XB(E&_xVwOisM|Plv@4y#zf}IohMsF-}CFG z@RD+RerV5t3kpAj8iX)jmGYep)S-q1aO|* zWiv=8V@?|+{T%CI={~|ScS(_p`XR@Eje`6nbh(?8E-;z_mPt6BphEPvpWuC;NhN8z zpK-sk^fm?&+$^JL6x%r3gRvHcNOv!%jDFD!L0^MZlY4CL85CnL$5eL@eatl7)ry(k zcW8*-#a%n-lcC!*Y05Zlw<&+KJ8q#w7c*Lmh?DC^;*5MP5)G^;^Gw*5;3p518DD8< zw9KZ|_{yWf^#Z$D$|2L;kLG$Q^1MXFUqdmGI$YndA8xAdzc3(-KF0zF49H8dVxeTu zS|~9}@X+Vk;m$E;E#Nqrl8bQ>Diu-aT3lq^e?cJ}0!`}Uvx}gn$3|$ojQAoqCKuvz z);nd8f#ars^l^Z*J6A2CpU%sg$`L@1M zy4)IzU8Y#vjW)cA$Gu2PV2p2^6&||gikgrj-r_jm*&M8G7 z$j?M3l)zw^$oSd_Uz>`>(I&z#il0fr-oZ$ZG#awCOtb!sawBr#gpwy*-zx7fQ+UHj1K&UZ)E0jpF~>;z8qJD)6cZSJ5A5YU zAREWbX!Jkd=LAEQ_%Mgc+hop|_}(E{L=Nc_@<`-O+%GerK)IvjYj@ka$V(af><~=; zQ!MZMZ6d}i)l>i|Imb!pM1Ch7Vzi8p@@<9*&W^W-)*gNlRj^(q(WnsQpACFmoy!DeX$HVPz=Gj!)|OX-X<-ctOz z{Y6@beQCEpbS1_*xkG|Ga@H;XC_ymNmEaR48nG;uetn~k8cgZvi%e?^f+T%Keu;`@ z$>S0H9bpw!s3{H~cbPj}P&w#6c=Zw-;u}K2j#ZOP4?|appw%3!*s`oVLZrj96KjB< zw}iHa>HMXVeibC4UWBhuu7FoioQj^)0%*)vL|=G8d-XffqR39T_5i^}{VeGmX-GNV-*Z4zMc2z3Xd`o3ZKHe<+>l*GU^wr>8;^xGO#t+!fg$O*C zU@4k0UiG9#Ix@227~rg1n9BqNygTI?!I4pC{w4|GG2Y!QS@?XVvszijD1U=CkNT;1 z`DQNg{$-2PP0}}vto9LRM*n+_F`~eqFBjJZ*WgY$k{XXY;4v!!Q9uQ0<^^diZ!M&! z(7IMrc2^@<&rSp>s5WVSW=yUp)x-sZ(M+aqsv)p3-Hmi_2baga0+jq*FM^ip@z35r z$!{AE`WycI-{5^X4asV##2^~`a@uZZr4QAV;&7L}e!CfMC#REXa1l<2bidUVkT^w9 zDCB1MLfyX1Sn7Qh z<_n!1KxJ3$nDP7e%yX{xcEExOEKg9$@znf0=HrKWW4PQ3KaWE%Q znO5N8@0)av!*Y39-V7a{SOJMjXsyTW4=g9rgAzuaydbEtam)+M z_yUf}KA@%Oi?N?tX2R9dIRv=kdtpo@uc=v1?>CAwAq?ers67RkLF^DL3fn556DGma zjafn%fH%6~3wY==t&u<2kkl#}X#yyz3F$Z*&d(W-S#`mU&=}N(Txt*HKJ&~@Ms`M+ zEFrNK$jsP83YZjHF_yjxXWjyqRB6qD;>8(rQ&^Vj;$Oz4aiPXAlYwRh^=loF<@18x z&S@MqGY@R)p{K{IkbKek8Z=uedj0;{hfc{h?|pR`(Xk=D_>q$5Gqil;Ab;vkuOr|+ zxo!dBFs#?5wTvs|Ofzr?J?@i6TS&bk>Cn(Rc{`4Z-eIK{%n1E`1e_9)m}Xeiv0fDe z4BTo$I`Dx7%R|#PL4(37eHH6GC0DoH=@@+gdk#E}@BsKCrCkeUv?KG@E0~EmOe|p0 z;=qgo-KFWi_dUold=Vwccg=pJw`iuM!36y*-$0jLmHGiPVB|;T3T2*tmGLVvWh}Ae z7$jJmLS8>9hNkwEe_o@Axc4~=& z!WPpA*ABWv_1AwdbFO|$0!@np| z44=tk4iKgr0>&cx$%Hrq8cX#=iiUbOmFpm;`)mE^9&^pL)~u>ov#OpFvyvy*VG<_~ zXr}1^#?cM3ZmUNCOq;Hsr|86?YV>JRA8Zq}iN-?Z4I1?7MgO>NQyy#5j>$3ocvrFx zsG-T3BCaW^qQR)V43K}zs|)(5Vu8JW@mM+)6CWy<%2IgL=bn7Sk5Slc+Qpc}1Fns> z<4#Ey3>L;#wK0Pyj06Ed=aDYNBh)PT%MF`BP$^H?b<-8uwmwt5z;}YJ?^^GCF2hs7 z+wO&}+Ld8+r#B|Al_0Mv?{j<2Sn+Wshf4anO=sf;#w<2!;ZaF0f0!&09Ex##_@Zc{ z5^RV!Tef*S*_1WX_61oFrLFQaz6(mA5=0(63^vr3e_}C|veOo4VMsTxJW&qib|nGV zsy?NY`LiRY#h$f)L)MU}b}OgR;}DWZz84V;4wI+a7gx9SfYOm_BBSfIJqnG^-zB~8 zWJ#PUMq(97E)Y^WDZONwn9aFX(k|erk>;mV{&}yJT}lU?jF=RA_kAKnZ^~qEk{<_F z1S3#Ju<_=(zSdj@F#HJ7>pyQWPJ+ z{Ubi4A=_ZAfjDu0ZMpzt5xJH1oS=#vaRehlNZd8srT_8MERb& zcin&%(X1fSAQDUX$QjptgAq+LkBwmmSORFtfWfi(;T+-O`^NjcoR^Mby<)XKoTy0) zd=3;lV@Y*fab91!VH86N5ZFq-W-@fN)wi*0yhSmNd(ECmM6Ly={|JDv zn>I=V$2It{0U9X8L?29uF$GV_#z^ns zVBa8IH;fqjoLc!O z78g)r31i6ne6LOjM3RBCHb?yaH6WZAfcl4bGgzg+p$~DLCUg|5j>%k zr&)s>MbM>6IGM{^A4LiMke?{6VU2IJP%3w9Q9yeM%Mr7K=}w|R95)yJ{^e5y>Fb5q&GX90Sx7XEUOVURTtb(fBqHai0H|n7e+gaaUZ9z z6ly3ewbIw}hbYiX(K|TV&cz?*ggqxQ6;s4h>P6`yu51O0ALs=N$aI|H-nviPr z<^Cgh5V*Z2k(Qp+GBTmNlV&)wg2ZOXk>M8h3_C-{H14E0Q_5FTK^03aKk2(L?QUw> zyN&3zX4_Awhl)jz6?cvDOK4uPhbre!UEo@!m#2E7VPP#N`IA@UiGFD%U2fF$js0KM zLjD2|75NSQf%I%eqr?Jy!D2`73oZzV}4|Vcik}O3a30;SUigv%U6%W4-KYz zZEonpYIUmfApjFmK*Hs>M+pfYzhf}?9jn?JUWDhC{0}!ca>TY8UJC}nQ^OYS!If=u zXa~Z{60aS3wdToj#XVj*@uX{t8R?I;`Z0W#kx7de;QVrZ(u?|_y+!YLto@bLaqBey zluglDCnLjl5gWHl@#CqO_g~N30Yp3IE)oP1Ydrfc?kBz&4$nuP^gP@@S5t z%l4E2ETeq5LF9;p!7-#jXjD(^sW?uXoW+2+REQujP(qTSl)tdoA z4(G14@+#MmM))!&rQA{H-U=wfqdF4u5zE(f%h7<0k9N!OpVF7Sb)*FFROWDd@}I@v zq%cvszkdK4l*W7#G0|TrOFX~(`CMe@uFR6g;?FC>+|5wLy2RqZil5@T<1IJYYci{qKS~E%xrN0vg}k-wW& zdpU-O**}Lye~&Rr2!baeD3ujy>gY-G$K80HXe92QZb;dI_GxZ7&d51i>HH@r z^|xeIo-Om_p3~TrJW?zY43C{jU7dnN#z#w`WE*-uc!Lwk!DtT6B`qaE@lGRD1^>~9 zKZnyB7C)GfGN$=d{>=i|h9#h*$Fc~UYOwSlei3ttEI?^(x-_Tjlvh_9%(s&$Q48B_ zAlTLQlA`^U)eK(vsc?Sd{I?)b2=TJapfD@h2aJBq`s7H%jTBUE zC4b+Yp&=)1-)|cR2ni`DXOC9)p;HjhZ#~S!t>^z(qs+8NA=VOhh>;ooXfdGduRvdL zak>7pG65;4kw2uLGZDM}_D}uvaKx6vq&0)LV+erTgyhNl84*r#y!p`6a!GoB!!%4$ zTo>)`Yj}6)u(DP5^0W!UN)a>4Nbf0;Ra4HfFFQt*zsFT7&pu%d_R7QYY%%L%emtJm zXS@b}jJhl{dy9q36l_zIibajq(3c_6cCS?t*Ud!D8TMPVbk7(@xN4$<6ShCP1svgeMrh|uux5Qe_q*t=5Srz+UUyHMI4$9ebR zTnnJ)|1#pZ!Xkv;h#t}ByF!M_8%BFk;Z-Crq9lLFZ$v~ZLhN5vY)>Qs-(G+dNLGsq z5@h&rj^an~SyF;7iWAwcg-x9#cdY_zxTJh0OfJyLXp4OSgzxqt>qbV73MTg+9+ zL#cryMVyZrbBsK~y!%^8SEarm?Gr&vBXmI@aJ1O~5Cl*%dax~xTOu%_QQNcIPy|a9 zGtBfkm+OL({JcUob6#7G>iXbBSqGdvNY5;Ei$e(b$U@1QFJ?R}5y=JztiD!?nj8MC z<%B`5Q(+IDIL|8wA54rnVKPgMY;kIKe9${Z-w751u*#xv5&kx$RnqEVWKH|oaA4}G z`?`{MTGKz~BwXdT>vaiWj@GJaEAGJBNVdUWCtfjZenxUPvmk^^(5#m|EVO-_$kz3f zf;TC@wq9xs=rw6b0#m0;KyvXG0g-AZa$9EcvWUyG$Nns0v9g#a(5IAc_&VC#!i0gT z&p$@@tiQvh^^JS0|h$zXZeoA3%(RTVP%Wl>xSvuR`J!Ms* zYnc$*&cX+J9|~0q{{-JbABSkZ!PcP%3h8Mk#;YgYK|N$&#tq5K-#Qq^93v8r6>|e$ zC0BFVLIqzp0MAKVy>&asb3O;^o=Ys~)B~0c5bNYvC|{r^WO+O{aauM7$#X222>b1} zmfA?~Cea2a9{GqiEyG~NjBw@;H-n1W-UjGn^bT)laeG#{$F%zy{#BEQ{~hl(OO6u* zYyR(nFs~q*URtzz*~^Q$ylw82EXCLl_JW@95thpHKWA`XPG1WkN2A|ti65N#X<5(g z8s$xFyNZam`O0->$Wx&ZV=R;Rq>id_UTqf@N*m%4Yd4g}YSc%Vj$P_zUFY#Ttj{!c zGAOF>SpIz2QRlq)Q(Kt=*rjAsPlU7hrg(ony3u(n_!^Nryx05*Oy11tyc=gwtDCuC zz^tfGQ^aL^Bbri3NkLY(tyouZga>-pujIz!^1)?Ojv{J~ANF2tI|eM`j+zX%m}s!( z(a8L?Hixzc@!n7JJsMJux5I91k|wVBv-v9heupQ|)k_$H&ay3q%HG-sGW9s#%e371bOOo_#9eXP+XldmenF+w|G7qwf!PYMLRt( zx$~c<>6VO-bRPb~tVq7lb?rta0t~=Hr(r4H^T=}?OxYtJVr6jMaCk7$N*>{_l2d;C zo^!m0Th4dbFe|tp69_ukW6f-QE%!2ikV0vi+X*Z*S5W+U0dqZ&$fK2c64|uyZFWxC z+DFXugC<|%r|(B}6<7%iy8=av3&5^L3HUd<`SGze2;VvbV+L@Bc<15_nweMU|r zAe6*BwE*tt9bm}4S}7`)TpYHt(_}(AP49UK{;xV3_VQ%^;fMJP#|l3mk#m;81`T3_ z%5G!TVAMn|Aljx%o~{P+LLoTMR49eB+_d>{hc9mRa{^<}RS(RH5!AI1R0=9q^F*s- z7$rG}-e3rIN>Y9bV7Qg7f=+0=mXAk2x32#!p6}|x>^i_=vR{4vtpY3BtpxlC zNt5d%5`0B{GzXbbH~mphO{SEGbPqq6lZ@VT9NA^Z@9=_?fW~yvQuN?d1~-<$L9->- zR|Ey3vO?LZ3bYvhVL4N6+cK#DWZu7rV6NIXXpRpRE{fP2C^~o;1<;gN_}DLkiu6Yl zD40_Tw+Qm;wz17gwrFjl~bu%+x zdgut4FO_}GZnJ1!D``3TO3OG24&PnsUzb}jHZ?@T?4cW9gFxX6E z@iiWpDnN8?1^)bu_E5An(PofBYZeRmyb@ym!%fP5HjMV=iOT!D<&Gl0Qrj^drVpKm z8wMb2to5aE=}tN83|C24A(cnB^>y8*70Q=hsA@X4wg*lF-NkQ41k#lux{YWsMFn%cNY{vYtc2Vwa(Lpbk(nOgf1cKyQ}!re@G$ndvx;;s z&Bgz87g8j+z$@pnj&S2zw}6%?KF`IHp=YkhL_JsyxK|GM95wsAmsV6l9N+Gu!pe~H zsQkK{_yNFz&xDbIzb%>&?UN4DLd4_~3W#O4{04GT2dDoG{sozIoum_N$#Jii$I$qW zO2u<{S;?+tsj-Yi;-7PY3*a7ocQ~f-%!`lhz8mBjqa2tnt+xA~f%q+PVQ_Q+qkLy7 zSlZ08m&nI*(>rlIUe2DssA2OngNfJ8t15dcQ@dcX(%+|y=+^<4yKj|NrCw+Sx zqeT*ojPi%p6YRJ8cL&XU(9jZoVr^|TT$R0+jhmWEsZ=i!w(9#;D4^3UT+2E+^M{WY z21X}uD4YV&2obxrh+7MbOz(2S{*cD??@PR!X~c4Dn{s&kzw$h{KQG9GKJEzQ%R#488c|Xaa$}vCXymGLtEoC)73{-)4zLz;` z;Ad&lVesX(aDEltVB0+yA6!0A>+A9@wHo{s;f0Ye3qtQ$ShfnG-gr zV7zOyXttT1skWxFv+3UHB3cJ#-hHetF8Ov&s(PfL`qLW|N*BfPtE>PrLD^iA0M4M! zVFi9VrmK}2eFjtE)vLg-I-<-X^zFVtA-Cs(|Az9Elf&s2Yh|}LPqjK|1|+YwD~c$l zP@&WFA{ZzT9PTewKaz;110=(SO!IRKlFh!^Q1D87wf;lVvGIX>R=8=2&OuZS`0pYA z`H>HX_)Wm%v7eci@g3)azJVIw%fWAGpNV`ta3HJ~>O3@N5kKtyDCOjQu*}i981%{# z3D^<;Jq=a51$^Mhuyr%I&`03)Bde4`Zr3e`DV%FUx^3QD(b#((Kuu`iiI@EY?2JnQRygJU4*!ThCk@EG+ zm4tU`*hVo0ZqUC9<-cHE0nFdJoUr064Qw_7>)$43_vg^{nI%l2;H4Y06_d8^7W>%P zb#Zwmkp?J7cWGnT{(UH6e2hUa;k}qaTYe0O!{Yw@KgYeBH5dOq=6LWwV-_XU+|4F{ z_V1cWqK)H`(g;NzkpwXMKz{@lAHzM6|2>I+=JG!-ixh}_m@VQQBl#^yh^C2@5~j6A z80&GFay%KRgXiv0KhakJ#^3)hN+8zrq}tkZ5)*QJ3)z5KudsCx0}kYst!H9YadOj+ zWVaYzVHrgjLj~L>LRZ$i;uD8ImBjGQt#uN$6!Vwz-`1V4Qo)?b@}R=hj}m}BA5_(r zg?ZWr3hbL%&lW6U|Azx%LkU;wh)n_Dp>|BGpXqBdtDpOJV@K&DR2tK@EB!_qLIGL> z-C-KONuH)>AWkb;{AIVV>Nlbm78BJx3J0xR^j(kizaG@^d2r)M*16`p>UP(<7befF zR41arfAFgCcxc6ioR?uU=`@;tR`Ix}_Zw4dyZO?d`jYIgp3YU`@l$nPg2L6Os<3k} z5xnd#XPW%j7aIetdC11?yvD6tiM0|wSm0rRDUEG6ErpdWKRbl*Glit(-0NuEj^I~# zoE(%}`}O=AB(yk$Sg>}Uv{d;^(Acc<%WewJ@*Qai(0K8auX)18NxSqqc2hZHvK>z0>8@*k)t>zfp|9oxmC zw~nLjmzcy=ui&B=-j}I?)LdsZ=R;f+)tY~4fDDp=OLX654x*fIIZqMes;`&~I(g;r zF&a-oq>1eobSeF4mjDh4!l%p$*BYibHBMEM%svp$A{L?7jeUkv<~Bk|W*wBi_q`>`LG zA8z~xj`lgtRIK1V-V6WIxNXT{6=$YekwPqnoMLO-tUrB=_TSUd@Ohdst}}WPURX0t zgPimJ7+`v_hM3NC0X>tkv;&w8r8gI~`7RD{HM0doQQVE!jGc-{Y@_L7V_WaM+fg5}N z)5tk@??zu9C$-MyV?m;KITfz;c$d#d29KLw2-}nT{gGiMpU$3V3yEgz9c-$Wo`G*}Tw{XSl%= zs(#XF+^|_Yy*@i{;p)FZ&-~K%l7qYcF#|3yV#v7p_P}%W>4!fR(>Ow*^RxdUCB>oM z3dHxixXfgw0wKQmKe)KX5=7G_0z@Vy0M7*#_jyIc4qcCZ_?XA93T|F29`AP2082PE z)(&2b^p^EU(2p0{ml-u#bl`cygLI~h1!3%Bd7v_5J%e1Cb6erE0Kne}Rtve*-Z0Hm zMM|8OAseEni z8xX9BiHMDUhmiT~?+kLsN{Ad(qA(E$nt?q+@0GUH7KIMhk9c z{Q*gln@j7U%SiEfmDX4pZ+S4MagMXN;&voM2QMXA!Q+{887_Ed&&r^pq8s_tFNOQ@ z!l1Ut{;?L9cZg%?u|-q5&uH#?e-ClKCQy* zs6dX=gh&k)evsN|>g)%{sE45ecdMRkMufq>A zL!Jzpe@-P}RGytxx@qx(!HGrJ$2D^ZoePoFz1rD2MkdL~u~lK}{q_)}mi7DBn&&?T zHIM3(;d4hkD~-J~#o2Wc1}_U#R?=k6aBz!ALKm}zJKrv|=w8B0Tko;XSDNIX63|f7 zuVTHBUYVaH0gvYXTG&W~%n!WJmAE3ep|}rZ))%?9uRD(+C;zhy@Y5oCl_!bt{|9ym zV1hw#*Dlk`psjT@H~u0)5Cu4lnzuJxa(e$tdW3mH4&b5W%je#^R}LKOWG}_C1-7^D`{d|g51p=Zy}HNOWiA<-Ohv_Kgm;l{|Iy1lY%rz0gMf!~h+)gti_LOe zV9m>kuZGW~98($3zEzD>cF4|NeDybCcxegj_sRg?{7Gd(@4q13*E%P$pw`FJr`Gc0 zlZlv)a-Ivw<%M; z`0JyEoxA*z4~-C!n|^=Lh1ifwf|_`|8?mq zlFq$_W`OcH-BjY!U!#jD*x1mkJ@$>pu!KMJ1- zrWf0+iHyZMj+nN(`V&TcbOGJ^u&R>W>RaLG>wg8=$q{ueDh$XmmtblZm4ZqP)}J2n zhH47wryaEgLUm~2Secj-XJZaWez#6bUOClFJ5O!>J?j52gYvpDP~&Vt`snNHTRme+ z=p`vBxk&SYH~#(TOv+v|S>#`%Ll5(pLFWX&XY^C73*i%Y*STT_Ou)F*s(mENxzzu9 zLt0iWQ9()*;Rr|`v z%envmFd2jaE;Jl6Gk{ zm2{HxkFjELHX+++^!No5Wc=TYA1DkLiOQ^DV^iZ|a1+_V1-ZyAgz_tj?x)`fMpmp; zOfBNw|DIcnD-3;L=4RKv^Q@TvQ17Z;(<$%UG#8dhC-Fe8{L8>*|3gS}1t-%sv+(Vr z8uh^>KE+*D7>-|l4@sS|UcMVU4m+3Xuu!XI>3RI!uZmmzM&;HMv73)RlJ~L*#W|{L zy;?1sues>!Tn{CSi&i1Kwq{HBacFFEw7pqA1wi^IS&yOzvQ&ok1hu(~kZV2gek+G- zD{#G>V~%mm9GoXHxR!v%?OJR|jCF0&t8QKbfOdo9Vecinb2Sx5sHN7N(yiOT>XLeFPBp;}F#)a6nNeY5J zJ?b83MjkZ;H7s&$1eN)ivXVz|JaLx^8+z4y>bCO^bkeW2?us&cKqFQq-nh#trF&2R zz}pRHDXR_LKP|~zttcM^{Y+ViGY%Sna~+@ADcD2k(0rP1c0rfgi;SMJ-#D3?yfB%0 z!pXjE)0RkOa5+8?j>+;7+rZ5zutrfVPMs4?NZE7FjHaRc%S*-@R`k0F_}ypayae}= zczGP>?u~9o5_8u3$Yr@$truU0ttT};xULd`(?^eSP5f)f=#1VTfZGAG>+3iDpC!fu z2SZ8moswby?UfO30YwkH`|o=0c4!-JCCg-KMB-_~<iObI8@d(LqVk;2JroRD)N;~pDkSFahc%UptQu5DMcSg^$Ja5Jf#@BDl3%yP!gtT_>X(kt)$?KFT ztmu;2F`d$6n*jM-NMFU^XipiCsS$%)57&__e_++`T#MRnyQh*&D5pj^l(an_GeCKT z=r@_%Z|^?R5g9zFCQ9|Ygky&pRBy)k(n_E>ed$xTyJ2T)JgE;o^)b4aA&t&?u1=E1 ztVH4v@ZP$@I&l^fq|Uv2j#JAJye!|WrN+3*I|?reP@>O@W5pg^16|oa5Bo^!YToR` zv|}KiUWSJ&eSuAe8x=Z1_Iyjomm&sM&AbZ_?=sr2?v0}7PF~1Ay{EL!qT!}jX~#J* zLk@I(n;>}mja@5F1tWA{wu$+DDZ}?@hvDAbLniyWrU|X60mQ1<{1w=j!v9$1fk_=SY0_(6tjsTz8*m` z^{%X6-LM(e6^2~;m1Xu(k>;{XeKhuMubP%#x)>q*wC6Bz$8}a|D!z83&PiWe?`iw; zPOGAodUDF8D7I?H`hi_%-uf5#NcFtie@=0`z*2?@;ef_dUTn&=*7K`$HXL_hX0^I6 zaCA?}mv__8U3FS^pYO9!DC@=9CEYP#oE@t6wCyK|Uii*g*o{uZJU&nJ>ife*^E*-mbGjTmat$3pbI7MY_!cY+T zyrs#cZ%z_;zmwz62Gcjdn#xKoh{|3XB}TOB0Tdq|7n&44jWe%PTTg;tgI$i87%=9j z`&s*zqCe{%?7HA1+8yW;bG8LK8IKA^1$%g6#>V-##Vp=BljDQc9%(pFK6$weIMEwm zVcsbLqlZ=(lO-giuDB~m^(#`M?VN{}4+&rC zGkm4(k4d{~mrKn={MM7V?>=}2l`Z5vS1}U3O3Mt-K3pOgkm!6*+Gcwca*DnUQgB3> z4+1_Of7k#c44R7&IWQQhYvaJhEAhWG2%r3rSxjPbhv2E$f;vcr@IKFGvOQ;yA^?$I zcaIQLRGq2=T~Vkqc@4Y%)FG`_fC*AW1|Y@xyc?MnCP|34lW&=EaPt8BNpVdIN#k3e zxGPIGJu7|8>uH{M41%Iixr6mjqfO!bP6R+w3f2t4h{#}1*nQHvD_5T=IPGrkyhk4u zFNt0q6eK{z%wF?cktod$4q&X3jz7nKo#~ott5f=iJdq&t6ORZW^+cw@&_PN2rs2x9 zN}@fHrr}kzE58x3nPi}+h{*a|8d$mHQ!(4C{yh0#+SgE>lFf35k6Jk{BK{^} z4b}*_`p|x#jm>HI;}*8JH}F!P&J6?%KR2uaIRPlQLUFt>z!~M`c3;Rnf9v4}ZP3Vk zJM($B_N&qS+IQw%B&lq9^B&h7-Dy6%IL{H)R{tS3?nAppgNtQLEQ^I2uJ zwOTTDjfbJmJ6nDGr_o`PB}F{ZaUypBjypI;@<9a!;rndsL<)!4WWoIju=Sx`;L=;7 zII#c2NJ!G6R^SZHE`C?9v(Uqz1bBP&cV{)Z)kS2MJlb@P{l2W}u35>(3;7-=s5BM_ zG38%$|J@cMKmk!KR9@@rSH_v*(kh#{pL){brE(bj!`=iXswDm?h0O?2yqJ_g*jgI? zs%{&Kr9Zc?n6z?_O>Vg`Buwoh&@q79?5kbvho}Vn*Pe_u>f9==?B2%>Vitx0sS9G> zn<1)j33Te+L;xUzv152Y{(h)j!WSKy%UWJjcCMC3K3b?1jIr1avs7T=PQlMlWqT($ zHM}`&yB(LAT@;idIx-p#0ZHmY7r@2gbeqSqu=4YaoQ%%m2QLb02l6;MFb>~R%&d~_A9E%ZhX=3-iGR%I8;FU;S-Wo<&xIuG?f512Ow35UI zki02N$)mWe0+#5xUxqH22)yo`GtzT8bIPBcg>3qa5Kw}bm*9CZ3Z75!9}i6lACl(~ zf~eL#Qk^>|!rA;v*2MAfrFejeh*62SDl4B3r}xx+Bqv(_*pW;h1IvKPfWFP_P%RmX!Md=o$Fk@^II>S|2eo$Tqh0mt! zb3rgGh#S3f&Ke1h%+z!DM7lxT>*jfuQV$!5T6R1-wCt?^-R(US^jmoqtY=vmv@I6F z+5n`_z*3)+sD`Tp_^RsLbujsSo|J(EV6lukV0rTNXl+0FN{k21BXA5u?7DC2BsxKL zO^hg_i~rL@A4OXRXkf74Di;0hw3X)`XrQ17t#Jw24t7vQz0`h6PI;$hnIyVkXJZYK^TyC*~3pK|u#b6lG9q{P6G^D)QEY2ZD-rR4!UB)wv^1>RjfU~h$kQp{SJd6n+FlPk z-uIAS=1J^SVzm7#<1>79m|eQ!_~T5Sfzm3%nr>aS zQst$At~qPm0m;PkiV0^bYrVOe1v>-0WO50eNe2;i#)mpERT!Xl7lx zF$x3XOad{!gR2=M!t=j@m7tx5mLH6nP&ar>r9c!uT-B2iscBOQ3rTWoxRoru>h-jQ$ED#|o!k z&$dS`rbG$__xV1s`LBVx<7-g9g+ijadJuUFHd5abQ1b`IpG z?}#sfBNT9MDtMuBei&0jnUfkQ)z`z-bFR1Y6jVVC1&E6{H25IcG~+l0QU3UanL8ig zt}fLJwdEj^xv?~^V_@0Ml@0udZJXG zIRw&BYII^dz5OapZW)$@vfX)r8T{o+pu9eOPDz^+zYFQR9a!q)mivC_-JBzx?1vn~ z_;pu4U@tt3viL_Ctw80p0E*!1$yHw_II@v)c!CYm=7*_Zs=ow1V^wAjFxY(4qf&a z;tCgO2E%vS`A_IqA9p?g7VwS80K!52Hp3rbt$}jqeC$}gsINhPqkbiC6+!AIc*BpM zwaoWD^>;*@Zb}_|2b`aK|1qZ*)L&o8B4!#w)Kr}B2@a)y$Uf?efGb6Ab6tF6UP_`l7;j!&kvt;33+THCjE?BU6={B+4Lj#Nm;7_Lw zX}-|}!%1L4D`^|zHN8(qIX z&1JVliS@B?=NbuKK=Olmfe1BFpt^n;s&rs3;GDQQOFIrNeeBcgj3EkIcuVa~Vb^NA z^({fG7L|kc=lxJjXU8?|tQ=Dv8VSdbu4i0UC^u6Upt^yWQm%FrtYrgG)BNVbVO+WZ ze^qF%$sezNfg3Iq1xx&t?6z{LO|8C^JJdfx$&?y+j3`oPC`6&j*Mv#TW82W$&Zo&>GAyeJ{Mf&LW&2TMn8w7VwI9UI(KQq_urKmDlhEjb7UqdZAZ-t2kx_BfwkgA#FlWBsO+;X-E3Tw zBY3QEfm6jS8E6_>RjzDTMB-c4QXLmGEMt5OU%mcwTI zU15mxQkSkuTHtOd4oB@_UPg2(N8vi)K@MV%Xd-3wiBv_VsO<~QjuntXDhklbgcqz4 z%(EyPj;h)MX`hiJWlg)2;d~7 zHt;-X=-LDk>lj!s@X&)T6Yo)Dvmg96G@5RcQ~c^ekE$(g`d}TYRzi~#8>9ig~7*Fwjl7d5X0X2Q_;JKyf$h*UPj{~G%m$1f_1a=TuX5`j8>Q171t@s?_GX*%XBDw^SBDF zmPp!dx4ef66O&ooXVr90T@K)zpng1k|F5Ob2SYkg)osE~-0D0^lw&(q8&%iXt z8Aj8=cSbxMg%5GPVCPc07RT;5qIj=B&8fvWBaj)%F2(IXu22W7IKI(o*GE`qXrt|& z-Y|68AWGt4H(FnPZPxMRBJ(($nMBD_GxSQe=2Wz52#FH)^YJYF=MZFlQ1M5#gz zeABC>VdRM&6qLpKc}#QZ?oY^r53_PnhPw@0p~C{ax~a`mC7qyEQClz9L%nNkwd-YZ z=L95oHauT)QUB7Vb2FZUhbGA<8P@*(=2 zfc@)x!eM2YUD?q=6!*tEW18JK)b>%HER0RKZYPXU9>8>UmppKdox4|#u!*OqC!8Tt zNwOipc6dmYM)WCN*+)TXqmtGvVkejm*6Yw@X|<5Z6K}2h?MM2I9fFN%?-OgaCd|yt zHZhdtE=b)T59Nk=&BQ>8b zQL%SMn;_ z*5PCdi@H|UqIR(OsS~knRy@uHA@r}Ud|a_9vB`)CX{cotH?&p)k7Eg*VDhGDFA{AG zUY@MscT}iNq(R5k-u2q5e)_fVbKqxi|JGWc{Ln)rt)Uu;nDiaIQsHSsv{$WKBZq>X zw7{bK*H|UIYy)CE+$c{-c|pen!8-s2ot9UihkI46+iO>*^P;nLUd~OE_#I01J%l?% zV~y{6GP@_7{R30o>owvtkpKN4^dq)j%yypAHe=KOuEcY>)xG}0Zk710!zS^N> z)VCt~kTXLfppjyFHU0P}Gn*P~lMqosDS!a{F)Xnnk6lwkxoT_AUF)Z|q6|voVHC75 zp!4iE7{$qI5=9GRR5)Y=b8E|<)0#D|j4*1+i*br+L?AfQM#JaE`8CyHB6x9|K*}6w z^BwVw_{XivZfbQp46n;k2z;xuYTen)nQ^|PqQ-K50=?;3@Td(2KYj9IUIaJq;fMDk z$1$aHlzsT>n(9JuyW_&vt>?E*e=%r52$^PnO+>j6QHNh$xb zt-)eCRBVw`TyP_?YX`IFlstsnb@^;FpzRE7ei_rgR=eli5%T94tfV)GIY9cVMAnqf zyx@urGa49;44aQI0io|eVYYvah=Q*YWdaSSO}1BZUm=o1c#q?%v4aQbqg7?r>stOR z{$r6N^@`NK6lFefu{)&awYMlFM&wUp2V=}{({_i8sCX<`L|-Y5^=IDWjI#@#_3o); z!*fT__pzGg=;OkNTha2`x!!Xq>+HO`$6JixWZ)3Ex(sDh-J9?+b@>FZl(b04kimM< zIAD10PxqZ7qk1m_Bc7VbPTKyoOsDIzK)zD3`x^37fvk0*b1yIXe;&e-vuH98UI z*0$DoxF*>qy5QQwoOkCy{^3VFijF~f_?o_kT1l<_dTKb^986}|xaNW&zSOVLI#2Oo zKt1CS#dZ_~gBRQcKR$mw*3mznPZ}qb9EwMe%ASMB0*D_o@J{;B)WgPEM}CE;<{19o z#?}}alQPa)Qp$whaYOB{gR4t4lhEs^TzkgKH&P={K)na#)?dNRjRO0o6%B7aOSQtr zYpO!tvm?iZqFyzW0aK}o=Tf~dH(OmvCQ(dY^LO5bdy8tfZNviB| zmn>en*hx9w3{hZ#RzmW3zD4_f0FJMbYb#x2JpG0)B%(>-5-sE#wym)azV zy@xXnYxBL}SiTPY>(+h?$T7~^#bAz?SJ_X}sx}!o?D;sYdyeSU1sXbzH0bVeX>@>$ z{5AjHlC?c~MLBwus&Lp?W$kJxYo4L)=vS?s#67+FoFp4Pl_tO8dtx%P7>pf^*KXb3 z2G{ycY_yZ1HuB$8>h4*zGTPP;-r73;kQ-ORabbiD{)&MClSmK{Q}Kt62YU!n`5U}1 z{&~BrY4R<4&CR!cxry0n-a1JEnSd2rw-86i=lI16jtXMaUO^Y-qWlc$Li^|5ht8!& z<)F#?FSJ4sWr#U^D1djk+|tDXf3`)2=cMw=ue**zif+?@?Ksnw8#8=>>}Z_Vm3auh}f&wh?kJ-xOKxGY#uAA3EFbxMsk2{x{cBL}X zJ5I#K89H^f)FNxVNDOTw>2&nAWo~swN(u}fJO)Dc`4X`cZYJE?ks^kbdd+puUqv&w z_Ys7#4wC7iN29g&i^lW%;w05%REMw=kH4Bo5%dome&uWVqoYv9rSe1@4$ohljr&dH zVEf>A@Vj=N1=|b3ycIH4*KSLdNXPs?e4S-LT+NcOgHO;wg2N0FB)A557(7S>2^K84 zySux~;1Ytn1cv|_Tmr$}gS&t8+U~vI-d%oj>o{?y9b?eyaO4%<0V2)D}iJo%Nm& zI>lb50Rb{`hLY&nj1~P#wiFOl+h0@!DnV<~u=ZU(iKAiz?P4P-Vmpd@#4kCdNib96 zF>aohe78P&=+8cIrzBf23S*5hW5wKmj%gZ?F8(?c6Kb)+l zAEnBCl3CW5POvypz|dijaQD(Fwgq+y)F8xW)jS-;)PEtH<*bnv2bvPkxXM6{>TJvv zi~I0ypFLW0GTDjM%qEm;a=ui_&{;uOyN8pcOXE|U*5J0gQzm<>E}l(Kj|)!7#zIvz zl}GJo5Nr5NdHwOv9?EQ7w~)iyK^3yiN>o~ch5KgM}Q-AbzP3dlIlosX365H{nx4I0P|0fyIIb1GNwsiykWOmGHbMtd}%89H$7RR#Yy9^{OhHRQm?oTz9 z$QcH*BXz}F9dmsqLmh8)`o(>Y%aI?H%MZz@FlmX!4Yj8FvBaZz#!JF2DalMDXgLdU zEXvIvQI<3bn>Dbo!=9z&_VmOYl$)LQZ=`zbdE2BdN@OOotD ztLe1%hGG(6a@IqB$dONMI=!y76#c`}CDK&}ACoBy`??Tdm~Tz*vi12>1T>wxyJEe) zoh~AI&e!r7SzSfnl!L#1SGchFQJ zd@OCoj@Mg$YAF_B47av0A$_S3AO8B1Hi|T!^##%@LdMW{6ts-$ud1`S>_c_hPM;6sx!Db~bmsb{Xr@{yn|}hDhbe6;G?_-8)2Zvr%d91ZxZGE` zsyt=aX)+wfUPy&lf|sj^XQ!%&8-6&)UJmPg9A(EFK0fHy`Uzl4i6lF|pg4?5)Hi1> zh{qr%9pB-5fB35mSo@i$rmOro@|-+ZG&0f<+6^qT4-3FImf5OWqSNRjIKXw0>Afy` z87w;a{$XL-A#keBm*tIRn=mtkg+imv0ELjyFgE??auhIKP+;7@<2Ot(jhhpbvv9r$ z)!{&D%Y0rocsrRMYT0eHkBgo9ZZ;?GbHxk^E_Pfra0c6U2(XzoT#FhhW!kud&8thA zg+5fVfs||_TW{3VoV3rLhIF%JmSKoB+s6`XoMo!(9paG7(80NC4^u-2UQfOA$v!7B z7));wCv_5aO*pd0uEu%Tb24gLa3m&q_k--L^gTtxl|a;Qin?J-PY3W>=jXNjw_Wu8w}(CP-A%S+rEs*pBn|q&F9p zoh?1ny^ad+98krN$TBrEHg^}BM%o4+v4+zv3ie@BXLm>MyD7axqer<eb?dy z;tyat8!zaQT^*oz`LueChqfx>Q$W!dpHN6rh85=RThETKpsup?D>byf- zQT~;wfy{VKLxEX?4J7+mGDjMP(n>G$4GjMm#Kio~TP~5GtDFvCJ%sf=jp#TV!gjXt za|15{U|t+MAub!fpZg^&3(AUnZy2VHBV4wtJOB+;%#>W+0)3>dGH^WnwNlAvXEMWjXX@A1C`>WpVElJQ@ ziYlc~p3eayw5e0&>sx*MFP)|V!=7!-RvLy#m@ZgJ# zN5>PY-aU_E+_FOd3vD#Z9y(?-hzQ;a?x$4e@){n^sK_3H%ow61=ixG8MRS8e2N>1` z-JUO7f@k@kmOus)qJ`tL~|tsfPPu+tR-KN0*EwZ{XL3efNz< zUDP$VM_ECR^~3Bf8*NIQ8AE`k#~id|UHaR1XDy$N{UL0hSGzShFOe*brZwe_%ZzUZ zZ21Z-tB)EHY;~JPuL4&K`A=hJ%f)kgcxQrVP8VTZy0ZuI7L4D-#rsHE6D7eRreE6`z4&4=WIO+U4Hemh)ewLxagQHP;9gZ<@FF#hplcgQbY_OI!MAe?nWA5$emznUbyZFaDRs7pvjWDLbX&{b z@@*a|`SzhTtlo+j+GS5Ny|CzIrdNYB(QCah-ek`nDXj&Hy4{9$bsnR_n_)FHU>MY` zRG*pq`8NjZ)me?0g7JZk?v}KRZ|^C1U39N*_*6b%s@$8u&n{PI6ZZU79DMo`UoJ+0 zBd(8=!jkqUg@T!p?%AY3s_Tu}v-uXM;&CBZzYXjoS6{VW#Nf>pi0?Y!0~KvQMVvro zI~~@2_LE`np{-_)k85*zghvYt!euR}ux`X;lL!1E+shcKVngb$2zK8KgqdZ<8TOiL zl@v&dq$%G=&;&Z3C`>J3dzOc{Iht`dGbST7sNf9>gvu1%wKT}@MH=;A>jeZV6*RvQ ztT*m@sr2f5t-M?PL9|ru(`uw;KBc!ysfKUABhkEF`HKF1ZLimIwdeM=;4cb~U-I<< z7vfyW#TQF`=vH6REeM@N&of}>Q<8FlZF)R!u)lZ6EOFo!<|m^N(kf)lScgZ})<9{v zg|$qmKBk3R3*>9wIFY1tm}1L z&Z=RQW0Ix3`}Xap?#bnflL}EA;2**h_pxWpkVuKNJAGlbmbYAOsk!&KQ#`rE_Fxe- z#l8PKnyFHD(?TR371TDm2Z`cjw;O*e`*(DZ0kNXPSVVSvS&%@O_6QPD8A1g6dQFOK z@)-Kvr1$_#a-~gcfrmm-txy|njiBOAVW{BwyVgX>#YI-c@+FKU4&Mr_8g zL56&C*Gk?YrQBoY`^*~ZW-K!~*}2C8R5NX#nR=^Fc%_8s*<|}S%LlP!BmKG8#?qWO zz%SqIv`X{JS|(r7_8-P5y=H4$g-zWwh$;lQEXAX?-~3GErD**P`-K#b^H-(8$k^bO z0uv2Wd$P3&7XgqnzWP}6P!^7;^{^k?fFKTY)-vgv&4|A%i9p4k1k~@>3j=-$^VI}? zmP||s?B)VfU6ES`OB{dhtKCreWZn8)Lb?9D&d4lLE1T5b>!!MjyTJ(ARV0IkSSeUD~$cyr+f&m@jkLq{6h2(JSf13zOqDxK_ zx3*{Ve!(+88F}$=V-y{>`SME#Y6@N+=UO7cHxha9q3M zFe>Xm2tZ7bhTZXsrsOC?PgbYFPNknocWy+5;oz@w*bx9tg(iW2kTX9xoJF=tW&pIs zf7_FPYx5kLUv6=>a$EM3kNVz$=riO#&gC1KJ>&adjZd9k(C2?j(HBUJh72>vC6S`D zurw*>p;7E0A`{6|RtIy^UIR_-7y&;{JLzyB!-lZL&fs0jFvW&W4C_+84ZkU_E* zm!2_P{M~=XKn5OsbtO?7RF>wyeC)q_;$ME`PtofO0U1zKN&2DhI=loyfGP0N3CXGyvXY)_ws>8PN5#&IY*fO} zdw<^WpNjA^3+!w*g>poxO#f(C z0rJvuD}OYqWjg3T)d_)$-3u4U#_o0IoTtWHbLXaEVjt;1joWKNPXFo?I^_TASolOA z*a;~4AvrLlR>B=VwILE%B&!q~`@d+_UwvoWgi8!Z{NqT-$j))CJ)C=;sJfD756;xA~Y!wjlYqzuKV4gIu7XR8MYkbS^UL$| z0=KiRuwR+-B*jgCnv^0c#EHTpgQ5oU_yUD`aXO|jLy4R#g(tqEs|>H^JGRG$*$*4u z@E(>h4^AScH36pKj)J+R%~7cZ(EX}uI{UQe8>|#+O@`&UOosTrEJX<;-@uJ~#4|53 zAD@mCZ36pHCAoC~`*m~-@%T3HW5Y*6D&Kaz0LkbBhF2dBQube6p`CtgnL=Q8BZz4oilp*(d`Mb3-L9)x4$6d9j7i1wb5^2lLy#>>BcY(a+qUAJBt> z37Iv)hq!KLl6*d5nxP4TXXdmIFgt} z*0JB559GBQEal+C{yc_6{q@TPwyoIT`WVgpK9Bc5h`Q_|<6uAe`~`osQSN{~&)a7Y zlkTc%ayyE=_(L9oDR6o8nQ{tSnLb!>ZU(GGvaxX3N%>VC{n!|PX}jqjcvUR~t%hWw`L%YM;GRWmJ3a;5%)bpf5( z;o+|GtbO4r_kFH6=?uLVrR;E5Zr4=wrpWxMd4K5>e66pktB2yb7QD+MH1p&Hk|zW6X#e_#77>A3oO( z@N7}4)l!s)ysIE(0!{vW2hV5UP0yB3fosu^JNsP)^77JUJ*Zy{O41WlR30MYgd zo)-Z*n-R{U-Z>dz3uNG~Bo(60F%ptx=wAB*z|It5k7EZu&3O?D!=Yjq#!Z!_V2sGQ zt!E|`s05#Z31vgmB2jDCup|(E_CuYsNuQZPoy+kx7AoB)b z4Rm(;zL7M2CD2hdy}^Ksn1Jh7uH6{@yLTwZaTAs#!dE!71p?aBV4MjYmY_ z$eWROG~<$vC|x#@GN>75A7_gn~voyHX?sfNZCXK^TCY{Sv zS>W=QA#|n4^7pUmo*8kS21`wKMut}wN^anO34Lg4 z7L6t_)VBNiIxw#_(;Oh1@)c^xVPX;~6c_)qFj`=b;i#DUz8~Zxbg||eAXe4C2oup_x=c>*b|OWny{zlBy5n9$!1z0(i0s1}QOC|z zW!vSP*MxJF$*un=9&Vla;57HlaTUMl<55` zj<@&8ccMl|c3WH4sg7F1e&@TKU%MMx(>zzEBbl2ZvTA1NYn!FSx>rL*ySC6tLXq<^ z$=zgaYq=Pq)6hyM^xaW?O0~Ok8!roir~9+XMVI9RP#>|F_X-l|^Q#tV<8nqEtsU2^ z!$s?)6gI8}Q+?$QlFib0UdkBxY?WGp&#V?JeIEAD`$Zqe<&@?O&#_=4An&KW%EzzL zR7%)3mxqh{pqF1d%JCd)HET@@XKPIxVS{qpF^(m3ny0^OM~nQr{OaxlH|r@HuFc-3 z2yACMOoWKu8$8J>@jqQQc0fakPP49B>D$f=*{n2oqy;97c9+A?U(VHy#qI2`ds1I4 zCHt|(kV@+3h+;h|1fdbT892L;3T^hjy>U@+kHs;Dp7|q{@7Jc}|Pjv0_Zuv<>$NOf}Y&=gIt5tRRxt`t0)k`)vIj?^8sqcMCWY9oh ziDsssrN$@5PrgH%R0r<=+f`BLgBKxa${ zLl590+T}}t#!m{jjktV(SmMIP{%cwSuRsKbiwt+Sb*0yIwmEu&*0Xkxl(g8^vCO;Z z&lSn@SPfO>$$-|U2gpWd&9#}y%$l5^Q1-HTPeQ)042c8VzDHDD$Zmy9hyw}%~1*>L7(SUP$n5n&DMJCuN^*~ z{ApM5?rw-{^qQ-}%;)54BjL@ZbGeqFQik%~0=f=5V*IRt4O|3RG7;h`aHph}W<9GoSQ7y}nZzog6X0J8Eq60Jd zX3)Nwj6qSYU9O69Jw6org&ZmAd}wEJB6oO8idVvq#o6GFht9%Nikr3&BU93n;!cf> z4MHp&QM=t_^GO@&Sh+u+7{q>53sdt|I|`6iZ`rk_dR4U+XzRDpakG_yKb@^$Y1!?`Nrw8)OyY=QC`f%awQi+8@(f^z@iU zpg0^UiH*mkbNBFQqr`J53;&WZ+Hvf;$Gy)ApsbLr*6$oS=S-v&a7Wz(>@w`F zP`Q(o;S)*_2V#{Ba-j-*l*GozNlc=SKtVmMH67*1%UMQy-Al7%Xp2Aik$oVfK;p9= zF~jQX?cNy2SUS|D-iZ4jcx|I1XJv0PXs~-pq+bOJZIOxsZNb>$5+5QATS1UD^h3;v zP@>12NLqBIq9F!=5bDMwE@`I)lwI z5z4jp@@?|+(+0ih?xvr>`DFIv)RET~SM~{K)Jw!`u27TCL0^(G)}|GI+?QE(>S!R> z6@-2SoG&z$9*g^)whD{X9mJ`5irL<`yA{_m%?LDs;*Z1A*!sf|O7(W)R7p!*%0pMm z17s&0X{i0kDUprG{CsO>lc~}@N2jlE9yXW0R^4?c1na)I0uyW4<#nB)v{O^q%G@-g z8!R5Fj)%?rBmz2BkmW0A9K-4G^l(*tcld2|pUugaQ@-u~yjT=^*s{;+lkMKeB@)Tf z_~?uC$~4n1_)1*bII2dyvP`}Bh8W_#j&?wN5sR=6H}G~bhFl~N?USAS7vf$lC_NHQ-bIXe&vU{`KN=9hu25@U+X6|WE-n4Ina@CZ3xY$KvM@DimDTQj_-5ZJZA9qd$lYZEw;WrLkj^2>(2d7 z=w5ba!OdYZFDOZ*CY=@K@@F@#@XzzY&e$4%!9DSvZ~C2V1#zuK3%LCzDI8(!r;u|x z6Vld)1DiK9dOi<;+%%^dSsiPs7^-qjim>DG+eVkxb&92!h0_e}i8&{WwygZxV_e_% zI2yc`g*4Nw-Bh8ADfKXyj0Y7JCB3{dwX5;Cn(c{{n!mJZOJJcQ4r8m*@3IQd^zHOwvN#uGZ zUS!V2pI~ZbcS-8a=bXT-jm8mmG>(A^G9|LVPs>R8Wc`~ z*LRmk3fZ?C#WIZI^|mz19#;n!P7+kT;8J3t6_A~{oFsoiG$%NO_~SQ|awcmHJ$7($ zt*O4}w5BOPZl69P3Z*D8vDOm}hZ561jLV34CJ>=$(5h3Jlq6K2Kcq&AeDtH62~|m0 zp&78OX_H)WO2C~j`f4L^Dx-t2j6@=lqYYJR8vC* zqf&_xEBYddPDqmiBDND}CY1$;&tmu_D)PnRbt`@#MKknZO7WYjgpr*B^9WvhLYJ-I zhX?kz$-cJh!ozwAby@Q+Z$(8q_ABf1DwS0_jqtgw0b~6?tvH=-5YeFjtv&DK` z8S&V_AXa5FtcuD2-LIf!Da#t8`Xsu^k_}KSLB3#2v7nw|%6<|X^{SFI3wgVl&g&}< zwgx0vz#JN&`YZwy!S>1zZsQTU8z<+Tr1vx*VI*#HWVPvDMe#&n{BD#x*PEj+q3U0Zq;Hf*yhi^}QcWo3ok>aH9nJntO zR4Yo8oaV~^n9P=V$CA~3sCb(}c9*i;*AU_2-}*{0v6u$B332}LGX^~@cP3MHAj0hm z@D_NQ=^Wo49#aYMI-coxbh0`7JhO9T-Lgw(Q_L6xcbT&GpC=m5b%A+6-q!|f^E;}s z>4~!p`{KSTY&#+5^^=LC?|0P#2LQYz&=3=DJ0=MRFvZ zP}D;zT>)rJCPy+J1X!Ik&AH=bAz58Cab%psniIUGyQdf4;5sm_ z=Oc_uHykg#9(yAi$*P#D?@Ot${Ki99DJ4&@qNu}azPm<4wz63?{YA{)=u&Ep9Ty9{#j9V>*Y~1ivK&}2U>Jom_39)xhJ}$kZ?YTE> zS?_UE&%G`8F@V00aD!sBqV*JJIklfP1J_akwaeCuVte)=+$tO_dI~S_JyLh)^XqkAL#PrFvOG5?H>>QW5FT-q+sAzdWI8THMJ|b5KZd-XQ4D#$ zK%@;Ij31d6Y54B2&8D{|V%OVoj={Fl^*htYSxA^fbwF(Q9!4HcH&%R%GXCZTQO9*q zLNw4)$Ta5}zeCT(>qt+I(f;Bc0cIk8&QRYvsk8w0peeC9NdqxWU*IQ|@Vp^0vVC*{ z>qK+{hI_G_!`;J^rgf0$L>$pXXgvx#YSRjK5O5!x;Pt&EzZ8e`)<{XaI(Go-F?Boe zI|J*-1U5`$73U_GqqZyeRx?xZI{1q$8#*|gY&Ex)TAzG!_CELl7aQgr7nnp1b7E*K zcv-*@eZm~=_xw75-!+fVpX=bIn_tE<{3ODDXo)o$ul4b{s&^=v*)!4O0!sTfV}CrX(s&Qli#=74rL^_we=S)(ezdwm5Gn#w$=xBX&*2*ai@DtT`V0>HmpZdQz1 z=jSQuYmQ@#eU-zgcVB2udh$qfA61sGR@Ilh&+|cUngx_T$D^XD745fs zbyoYlqe!UevJKFtwQwfSSHw-In!lsduW76jk>+9;=vTmI!iZBO)8zS?VxD53xQOpy zAKKRr7QOF)D9t1aAQcxzHjM-@rsa*wGdVvVzyZ^NO&P`fXU(2UPt9V?1&1qPn&g4& zm_jlG9;PX;0lPJyd%G9*SpsZkZ;-D6^79b*?#E1w&;9y2+y|lYdb(S_YWMTrFcrN^ z!?!lNMenOWzg|?|jRz5t z4Hm_nF>zuH6?Vk;-ia;<@@`D43mmcg(n8Pzx}|c*a~Cp37cyguqt*#`43Ms8x7bxU zKikotLULq0Uwmv2XASb%;F$QVoBw+415=H+D`?y>Mpq3Iq<&ecin(0>#^sdSRORbz3SJBCj_ zPTp%zlo$KAy{2kc{UT6Qy(%n;rwfOoI)&`4!`MK*Bxy^2@##baG!rMmuUorb6m@k`!OxF33C^xVD@fwwD9>_b zmu0}47=8AvRCXZ;U?`4uxzfpFL_(aapU-{DL*zqpe;mo31CY)@j@FNRafpJO+&0R8 zLPNebwBqmb9OG%=E{|{PLCh^kD0t-=*FDuE@LOw)ebo1ErPoUvFfLnG~mP_A-HCXi87e=2)fKp?f z?*S3d4{-_A*eX@ipCg^pGi#syB8Ty8zApG88rF*aS{ibSD1rXFnt?j2AmrX{Ev*0H z1%Q5!(G7*S09q&IR@lk`jpt+67)9U2&cj$m8gSdrN_n5zNMyg#?>F!4NY9RMa%f*yrpMRt;Zaytj!!JY9H`%L(mDz3w6$T ziG2OpSEZkU4Pcz;9DzW36QDOG8F+~p<{WcoscERx6Kie^74SIccu|uiE@bqqcc8{F z<$Ea>C=AC)sDQ!DKQbrNj@3*Q`C9g@*ypzRkt6vOgX0-)m(2sle%q16j2Kvn;Ve;o zz)NIog3h>5i)5r_HPaaKdFJ!-7mNBiGZD`Q`INjRFh_Y(3#`9O@@L_W_BhR0>2d8B z9Gce85RJ3gc7iti$laOo!A`7>yy%QC;LS9%>-v{B^gA)i?;@#HJSnV#p@ zx%JXJe!XteA?V*R?V>g+Yawtwu@jJWJ2#BP{Y*377!KF1VXa#-?^Bv6H!sGlI1%=b zp1o_1z40_c{6ZKyU&mWzAftPteuKH>KX4p@d*}r$1vi^T0UxjQ^81B`r#4N_Q_Uad zM|~b0W=`brH#3Fym|cq4d~OCsSp65IKp44t?hpHVM=3iF!=dMeCS&IKjV4LiNq+Be z3jF46lml>^_e|jj3x2 z&OrP)Ru~(Ul@Of)0t8_mssM2bGRoLvHx+y?MPNv@xYG`R(d*p0;2iQ3N~ss}m;sw6 zdsudoDg`RKKmv(-F-B7ub9ds_G11HTDivF>fGW8P!@OuFA73 z7#@Jp6m4&5T|De-Gavi)J3{R}E+x$8B#&ClZ|!Dd?V}sv*Wh5k##N5v6 zbEui;(C0W|2vX9{(4X!ln>urhb2Knw<21)l4|19bbwr3jReGpr{ME_MOV284dI_{o z&rtvmpO-(+j~}Wf*BqEozPl~joW`L#*HnEIKDYaRPi-8>^dhTzN9`Iy zktaHGyZe0bUL5BC+>4-pOcdN%1D|)2oIbn}1%s}0LH=xbH$(;r!7@&aj$!aMH2cNS zjvYmKoqm1lF#Y{-A4m5OO6^>QakgM<387zNQJiEFEy<>ii~|-`;0NhjZ5FREXJ|vh zssEvT+Dp&#A7$L>Gdm4&pxG;&i%jE;Pnt9$1qp{`u^p;<7C$##(OyUGas0e(1mK7o zV&Xy$jk6t;vV$KN%3_NrQqrZZ(!YVKoR7{-qS9VO@->i*&x*QRW;^A(vTgMcU1Mu@-88-^#h=Y=AN`D3|8xqRY* z$1gyLHro}@-RgHSKi~TH#PH=I1O-BugBMzJ^{Rm#UA|{HA@oxMF&6KUASK<~KQ%=oIRjKp9G21;cqfJ+g(43hn_m z!-P8bQtr{%28z;ZO^Os)+k4OATz=F#nea5u%F;6?7ZYm!A+ot~%|E&-OEbU)8ED|EP+c?~TeRp>xVto!*sCk&in%q?%OX3d~*PEvBzydklL%CET1Yg87iyGn9Bbw+5c5x6~_yqh2)nMS)7uf!EvSl z#{0X=cP4;MxpGfX@&%1Y)*ni+BJ7AZM{$ax;4ncopNV(R>Yi zp;@E$+Eaoi7ScZWj{(v&PW%g|F;P1lxVjBK`G@w|LU~vS+K%eTLhI|^yk(O7mBnln z;o0t{UupDVvu9{ACq?dG37)oq#5Zr>^rLY|(2Vkn!UO5yfE-88LO&jcT0*-5l%PPf z4-AYzkYb5>P^RUidi8xEvH=SvY9eN2+Qj!y8{)P+c!Ve07VODlt!O9yPAK18^Tdub z-C---Ws}6V`9f79SV%a8mm!_fCF>X*f#m8qRGqFwgU=Hq%ftYy(cC$}+}2ZUT5L0_ z)@p!WJJl?&HGAIFw5Ygv(2C?PB+NfD+7Wo9(i?_Rvk)qDnz-Asu)b*CeWp@DJeFhh z(_U{l`z3_=$93H$jLa}?@H6n< zB>cs0$c}siCjRF0Pl$!FH4)#j>Wzaz5P7bX?l^DVIPfoeB(ne!ly_Un2JqiuFtb+hDg^!K=2k z%m-6QlMCJF3nY-jqM1{+Q@$ac8*envCBI_b=UUv&Z!B*_UGHVNr0?Z3%M!@O>kGe2 zzm~d%Ig+9gs?4)Y1a6CzxYwYE9mphyLd*%Lcyo>tV1k~kC$Gl&=YGXk?dg+*3zIhj z61ad($D-{$g{{b<0ULy$K>TmR7w3SvG71f^=$+;0yiQ!}V4MD12cm{V;E#`;hL~ zg+k;yYYNrv(>s5yA373YY{pcO)!s`iM~xgPc1OkjspJO{#G5NRE`i`j8|W)3S3CNOM&2P1;tlli){kD3;OoUT=%n1haYH4< z{M`k-YU=TlRV827BsU$-+BABZxjNJ6Aqsnj1X(InToV;VB}`ifowg&ysw)ajMFV1F)WRGw)P_$KHwhPgp28nDBv4GPehx54DN*unAb@c_lc7{ph z;}JRmr}Zg!7r(h=+x+V41nbF=UT7bN<96l+-UpWDQpTB1SsbboRvAeSya^?TJu?nI z6&KF8F{tYMwots7+iC>gm*P>I-qrq`@!DqgxA#QHc(Rz$MzM%V&tSH?waIYi=4K)< zV(#Lah!=pcDE?Byw`K^UAj^9TfH4bT7?EuzHN@73?n;71@|W|3qgxO@CAt9cr-O@Z z@>(Ub@@QQ{bTScXGV}K(uwF%>5Y;WOqR4 zi{}A5PO|weZ{xnX-y*odmFl`-fy!xmW;90B**NG z1#r~`hC(*Q>fhN#TR5NG-G<73*_uC1Sw66ly8dMv5JD~lfvK6HD{R)ByKatuys zlA#helRU=Q3}oMbu1^1)i^=mHTK;bW`zoE*rWzUC?ZBXJ`CqXpfnhb_vAh$Vbq)kB zYvL_bMZm=Qsw(OzAim{#S#V$|ry2p|is6jt7ak#u;3$FUTADnJZCC0?FUzX9 zryb?0ZD1^TnSrUmwCf(7w-vH*iWkm#Bi2+vk;@9|2S@z#$I1qQh_B=~z2yN;2NL(x1v(1GFM}kV|Z4(9>)b$kqjnjb!{)EPh6^+m|2*)m?7crA@quX#7l_A(bQA&T3^(cKGr<^G%sdsET1UcvDwA=lF^&c z9xK32sDu6~OaRIIT93AFQS%{y-HcwM-|~+Tas_-T?di%UVq%ZQ-!Dit44*1cFwK~D zBaSod@gMB#`D8TgdWEfUHrG|07`wYAVqJl3j*w{CIM#P;Lt3|Z8$7o}R_soJdK;io zhBvaMr*p!kXGAS;&);Zn=bz`U;#5XWZOWXd=CypB>QHsL(LhxuW(zzVPK~&vfhq22 z=MEZAsvfoCdNG#L7?1AXl>dRaDq0~6l-ZGgTIpX&MGcb)IRg{QQeHI``Gw1vnbT`m zi!K0u3w!N;VHol}Z&saI_wvg_ROP1ZeRdIoK!X=(s_LE^uCpIO{g}gN{6hAAm2&j- zDx!N}d0l6Z-Ki~EES*}Po6`TOmnPy#;O^^SVu{Kxm0l9KKW4mm!g^Afg1UyK%+R^f zqcP7qCw7dKAoK7^?pYDX)8g_26n}hpi{ym9tu^J1O=3WvkU1*N0=4wxb-*j1jTfNj zS}zNDWY=X*$_bq}1R;rYtv=!e(}N19nS6de^$3>rd>co#tki^UZsKyL&z|MNIvJTX z6mdn6CcfbGlBf|3V7 z)FIhiu_gL`qxMI_ljP9O^OrQwxVfK+a`^AE7>S1 z|1^3nDYl;t%?V~>VwlNU%g>g#lsIds&a$e)gWqhnTE6(Kd$DhlToB%;Cz)Gm(cI!a zXzs}N(u|y4bjI;4OF~}!8(XZNZ zD5_nXz?!N0)hTF5rQ6IRblbjGt!IrJw4LWt`W*{Xbxn&Z>ebV1)h`0Zq8eWOqvL?< z4`l3Hc401jy!h|AtZNPGZd>171iStmyfRPSnv}}g4(n^psMcNg(U9AGK*wM>G+i_r zJv-WIu|wWVN;oe063wlp8v)a5b8%Bnm0p#}+@mN>!ew^9rZRBrb>q1bN>F4&{yejH z5pe-y2pvQFxfimRD??nrHZDuP7u4l2p-pQT=0W3>a82~{DX)nf)@J^w-f^Rka09vC z0W-bNv{wN}6;SDtTIhy|lH*9HbbpOMVKlR*Tf((2XD_|^fVF(gB`f#n5`whRpfORdu zXM|+KmVx8p?EUjNp_*`_7XJHxGuCj>op}|1@H)~(1AkLg!BF;}2X7^F2nf@F=^WoP z&%lCiBQqjlaDuTMBBqz69aG{-?t}c+x*ud1^mkEFR5>Cg9GM&D_Eb6cg3YIr)o}b> ze~+5IW(*UHsiSHxl2+Urj?V7FG5yY8xcV&V8b%(!+kc=@vD*Q9wFdEt*3JQPNU0}- z{my+2&`A;Rm*(czWv!K#0}MLm=7}G^+jGNdVVU)~HnsU=X+!&Lrb;@O$2x`IGO|j{ zoHr;XatKi+I|lW$tT_x&34Lmyew!?z1EfSXgdI1ODYBYcjK8o|&ARy3z1Z-3-t5&) zD6U{E?_I^h4CI+*sg;(>(?Q9;#HRV)mJZXWrHW0F2&iKT9Cpk`|C8`j*qbq5=bFv> z3QD)+pU664O!y7vHvH-qoA&!--;_fI53$84V&2;r5Ta#dEu3?%^SH8Jei?g9562xz z5D4t1HHt(B4u^!()`c|Jczqr{E04;^BDyPXm(nxCx~Qxei5oM%e5}`w{xC6rxG9pc zKT%lodB^h=7z_t~SWEOuqehL~1eP9DwwE6-jO4zqai9PhLX1s#D+tsMxsLs(FekY7 zW&W`Ekyr@M1qI%4{95#2zR|`qYuAd3T^w*6X8}jW!cLjY$PosHlrne=;ZNy#zvGq6 z@;TRk%&QcuIf6T_b5`8%nHEnJH($kmt~C6Xa%X9+@E3~f4@YtL_zS(u1$Yy7f4E*r zF8Z7_CNMUK57I(9<&=t2Xb6;1waDYT{9qM3;+D5c5Abw}F+60I&%egw5cr*#_jDA5 zQt1DnDsy~t79?PHiQLhh@DxOuvX3QaUyq^;KMcM!#-l*ZqllbWdRsBa($BPObp=O~ zo&G11TqE>Olv~qY;^dj1JuvNKFMkjL2{AeGEH2c;ZW*)(&l~aMpz-Atao8H-xTC@O z!&6)UsLW6;RSiu;BBwWBxIg~|C(`R)j#t?KY^mW+@-&D4(kRoenwyj(3vv-F9I`Ev zSta}*^Tx*HxDb+6k{x0$nO#z0yjTzGT$)UYF1|X| z{$Dc-^hv2!;1`j&e@b_A#!@=8D=*phi~nyN`G3|>3_z|7Z;=tI*^jvIZaorQ9#6J1 zZw>y+E&ETe|Cyj5ravVk4onmOR1;0tQTCH=^zU=N{@Wh?dme*dPncN$P#RZ=e_7yI z;6Sfhf}w_0-$R?nRSU}hCypW<#J0A!T{zt$r`>3+1ZO2r0*BLim{_#x7$|)1Pbw1X zsOvL$t>gurf6Fc|E}G5O7?&S&UR+%jgC37V4req?p-Cfr>ygRV+JpG#wGVe!#T6A5 zZ&_1t?88U;92~!8Wn~3qefZWTC|mC`KwmY8u^L2~=9An82dRoD`=ZDmrd!?4{$MBX zJ!dL(cK-m}9N3xBY4-mgTVEN~X4kY^Jd{!bv^XRbFHqdw9a?B{cPZ}fR*Jh9FNNan z?heHXF2UX9r0@4WPy3y7eq}9^wQug(vu9?{Tyu>=8b?ZITv4^fOpgVb#K7za3F3I1 zcbc4b)^8LJTb~}Q%zwSbI3+%E=?y@VyCH4;v59{Z`q5qc)wudmnY_SgQT#9C4w~m0 zSO3^%0IZKl*YL_-7eIl6goq~BH@u%ObbubO_^0Wn3JWfzg6FV_Y{_ZQ(rl^0vBdqG z_xZ&|o{~Hlh35ttND6i|%%q~6mpz>uwlmz*`fl4$_{XpW#-m}<5UA4$!(||GR>bzR z8s23y+pGDBs%X_8LtzG;$TPd#pCdux=P%W6p6?fNXdsK^otTta{DFETc#E_el1Y`} zqF)gSA@kzD*@!jk3_>R%5w#DfwO($4VSq96Do6Pn-{HG1Sk~q(-*0goZrk<}C-PsG zM{;G=c|F{ocQbg6A9-I^X8zn$$juqQ*Q_*_gTb9!HcEwN{m@SM*Fwl9xVF<`OFRzZ z%^-`es|NwZq^>#pvabrInj5Yl?vrK(=?UP3Gx(e9KC;MMBs3hC`T+rkhLVesvr&N~ z5S@((*RYpt$gR9<%wOuZ@*WfKrYo|;H@jCCe$XGx#ua%NOb`OW{&V64N#Fn@h0(45 zZ~?@XK5WmVg>>q_+~cDImM;b%x*xeO@0IexV53%^A@Y9RGmG{1lj9N~KH;VlBHB^# z8u)3<0DJ+4!a7INtXdx~&li>-r~Bg*n>HwF9_4A$o7Og9w2u8q{r;OI@R-PYsQ4k> z)Q@`jA(^n=h0lH=B7W~hgP)`I7Hdo(;?D|f(67)T95 zdrvn9C%bWV(wvSU=^5^aT;AdCah))KVg3=9KG_~02r95SNPwDuYm z{?+LP3?5aDt;OIr9=6D^cCw1$&1tz%GkifALPoxa6V{6Y@)!#xE?x(pfaOV#z?S7x z{^tR?f#hVe8SB>C;8_>~@`wu#mM+Z2Tx~v$FLl`NA|yUcu_!q?_ocrosatza<%@A@ zzu?ph&r5m3&^c`lfx)y7I=BEtL^=!JXc&5(&EE)3A!dVm*OyFuJV;ws*x4a1oK6xL}s}I_rbt;%rqQ*Jj)j&4)cWtH?EhF z6;fOtyM+Z4pr>mIs+h`AuHe4ljXYVL=v~*V3y3f0W9idv>G_QJ!%X4gC;7~~%uJaT z?+#R|x@zi^Rdra3_8%YTTMqv1s)eyfuNy|2VI!3IKr*`jH0%85S70A8uyP>qovNwu zklyQ1K|G;XLYG2Sf_8dY!TcRnp8%M208;kyh{mJGyNPsI{y)KnD&r$*D%h;-hyQ24 z^H4Uj6EZq3RJ0hB7_E5E%X&!QTU9-&zOy%Kt$LmfN07U;>p(_CgZqarD*kBj9hhyVSSvOmbyGhoG)ntA z_<{^4^vM0_j`wqjdNJW%e}@=ada?G!&X4oh%tynnT^2|Vucr6Ig*>IAICvJ^*Ots_ zt3@l&nVC)IIs~Jfjc0wM8Whvp7tDW7D!}Z?eJEu9Ml;rHfO<2Q6O-c&~Szn1n%ZW7YXo)BvD+2Z{q**1mDyU zpR?h{sRQI*$-E+sxPPCP>%fXuzW67&aYY2PfLDPbnPArXpt{ZqOy4$tfH1gH6&Ksj zbUPwlK1R^|aH*0*55}p;Bs2M`v~l3*X;R=J7F!;s1+z?^coR|8ua<8{oFjHvWCJ&s z%AClELIe**evlH``pYA#0Zu}UDEu_Y^W{yJ^x*(f*MSTk?Wk=$hjpD&a?_aI&oLDb z!jHUj3NC)v17pjg3dP{nTvw5B8z_hk@kPgApx?edS!uR5u zXOH@?(W1rXlab|b!7X5)_UFDY$TGn(q__&)Q1V_}{qSQL28ma}25nqMdm8IB7CQWN z^XthWOr&GzdEL{Fgn(Vg)c|d&thIOV!leBuf8t}W_Y)|?=`((D!>-IqDFRVuJ!2c`B*a*imfQ zer2C|msYCv#l5eIno3X5=jq};KSB@?!x2Yc%#WGyNf6u;hWNGIFX&?_WmjlZ2G`lM ze)VC?#nOwHgIt1c{O2}#Y5usI$2ALH+nZ3nBiBd+2`?py?@B~}$C;+czW$QKyteoQ zlvn@j??~_-bUwA^B;1-a z6wwtBin-OG=)*7+R%$!3$iVC!9)}e2X&N^$ zH*hK-7qOA9FbwH%Q$;fa`4(kjTj0sHcYDqxV>sZWhx)MfDRrN5pZW3VjITb37WCYl z9$OIdW*CoQ$}O0A`1~}O#G`Kz2a)l_WS18w54cghIbiop^xWsP+-`k{ounTG)|A$QBw|NZ&2)@(52q|+SRr2(g?cjcC!A-a5^>~)a zbJBgTP4}wPFZOCor2@XN7sH}*Orryy$$8H(9V}f3r%lex5BB$)^3xj6M?weNvfp@7lx#Vg_&`31L$VDY6y%sOGjQD__0}>e^?7*iQr7=KYUpW z76wTxrP+Voj^*Y1@~88j5eeus=94C(niz$yHam;V99zw#%RMWJNR^vX@kVY&K;0pmgB`sAz-b z41#T@)4CdBID^IXRfUxYN1MFoEb^OKjNCVqX&=}d?UlC1+)+6~h8qtX20IZO-LQ_P z>=PLfE*8&tkDQAW2Uq}B?5XB)F9N=y$FPr#ABljS>qq$p1h$z-+R!(#i?)lW+=HQq zz?A#r#EP?qndXr}j2r3n{Cn6fbCyGM;P&T#a(n-c4OsmI@hg~VZNpD72jnlc(@d7f z>;Jm5{VJ!_f_N7soXHt07g0VeqmN9GjhO08C*>v=+X?aV(Z3bY;(sT@fWWVHqy&X#TZw`F|rd zST+g_zuD9gaT?t^^G(N&@~Dedg-R2g1Qr+*0$YOxz?w-lU#$FIQ<4J` z;>#(Gfy{HyNbkXNWxD}mU&D35o!|iQF-+^Y8NGyndZEZn09QPm0HGa0m(_^EO4raj zSTE?CT2eT{&j9Mjga{1 zV(oRD0^VNc*lnN>;0j!6LkQm==B+y7l)#<-zRRyB1nlp^2fJT-rprU9etzES+~T|L zcQD9T$Cc6r4x&U!tPI^T@sX^>xiGS&laar@K@#7fuuw%7(x4YO)5Ff}Bg-#eKQdyd zr~9eVIKpw&&X-Grhv^MiEqkt2Z?_46;^rD&zrG3YHeF2R@XkO{sL!VpdL9JSae8_w zvz~2-_4x5DwXRa0_9DPep2X-3OBgm^sE#}`1Y7U@Bk4nVNjSGCiH&#n7o{f6RgyLC z-DgM0b0EDbcdA7p7m*AReF-A}v_NvI$hCEmrktF=&I19A>FgD6raRUE>vOE_lTPec zTqPfTgbOXY?CbyHQW2y_1Q&y8NzKY$iH!P~`ZfhT6Tb4XF*Ik%eHDOVg$ZC@^g4~r zbU+i%$Mrt;2RRf8g?s>%sg7bPBGdBT`vUwV4W-!-F&|5HS|J>DzEc4n!X18*CS8~l zM~i187bYjcdHBMrUG;tRT|}!rAFUQEd3gLFNNNETgcj=Buu)D>GSE$kz~GafS*QR| zbjK)4NEH{E3CRnn#EZfqNz>QR=Hsr~qtArfg@4j*7g^^EOEvY*yLV3~s8$L`A#usv zgAvO!=pExGCJYiIqI7TS&fcB)P3aT30}P#3!t-dzNnHb5a|2mzF)FUEu_Lb7-n!PR zdj+-H22@cjV@mQ40I?qJU*hNryDaufC&A)=X5y@3@XdYxy>59(v8rta=FpiZD&i^g zX|M?f|GDli44swBHCYihAVub7@EUelk{s~1V2$KXgL0A+-gmX$_D`q`v~kXo15Jh} z-!$LzSH#d$$#ySS+s}MI)j3K(re*XakBCGC_D-PVcj;kDy;Gb-MW{r`0fvo$SAFX>1_}Kj$V7-TF zQ{*MUjt!8}6T{;g!;dvqD@=l%-ndC~S03@wi-vzSats;pRb2^t6M)2=oAHL|(BYqY z3@lsOrV13?rcQwndriCb#HrK$f_bNM8HgQzxGJ>K&%^bZ?G78mq;axw~y_C-?ArEewWstk|2ckW_glBC(u$mvHCgtU1 zBGq;iaxVtDU3w4R-)DZY<&SgNB_{nRSE}m)w2>JGGkl1s=y<3@nd_gIU1i^s|HEt4 zHYK5Jy{zkI<*qY7$&(~*ff&nUNyz@0NITUoUja@aZdN~*qi7-j{pgW2OXEvbo2`eA z32e`hb=82v5!FonO@J$k*&yplq3Ed~bq{y^uQJou+Q06tYwx0xd7KYqmo^VS?$Wus z>PZW<7Dv2W#EAPUJ^+QA;r^2`%g2Hzt_hm>&c^27MUJVq8FEK`@+W1YdrSH(%e6Pw zeIi}qK%UU~qM*I7%e)56Bi&>EE?G$)7bL)=W!F(GtdE^dJzXVAHLxp7AJP$b3Qx>5 z&1pnG{w7Rn_17)k>%(Ead4Trt4fV{wIrTO};kJUzoVab&p=`;mrPuZ2e19ajOM1L= zb~gcI7f8sMo95Z1W7F_;QZ?tV&l{y@XW;jm7J^g=jsLzw)%;vo9H>~5k}H;RK7hc6 zMsyi#2dI!lm+Rz|qFwdaenu?q@r;%EvvdWi%~*$`!(%uwEta12OXR=WWU~WUJnoA) zpAGUCPgqM1BS)i0n)9zfYMD5P&Eiog&L-vXl&ztH(7oHcI$)?#8BXUzB?yVx|9mmp{OyK6_2{1{(=WEZU+a2qi0-&)U5T@t^b! z94X^-U%NuG;nWYXLm*Q)IC6D~ejCKoc!?2VR}i)f2oTFI#-zoIAKY|+T_y5iNv;SV zcIQLQRtPMk-N*O$vjhQE9PpbXBl0>M>0|?}U&wpkmv!2)NRC_v$^6Bm1@9YJ$vydn z%xwZStYK20Cv*Ihw8qtoT=d4<$+rt)_sN!?h1TCZsq9CSn8;2$?MRqdsvcN7Dj|b*sgc7)(wT-^qhw3>S4iBm9zCpkUSX- zC-kqjz=}?~>ST=Ox30OY#q9N4ysu6;gLwY3(wCyT{b_b?P^rqvFom>OoY6yBmhdq; zXQy1x&V-br=~2m6t!CP#v;7R#u^{nOSO>lQ@4R#hEOn%iGqU@BAMbHWNr6iUWz}^; zit5Ig=RnqcB#mn_RMs3DG+RC~q~CMV5r{TftXA37VL4kSlxrN8N@COdebvV5STw`g z(eZ|^g0a}tmU%P%-=o7A4y4AImn4f5kDz9zo~6c;mDo-*&I5$$BR4AZW9JJ8Hq^+;Aj3}sdp1={6GlSpj4v#nv7yQ?E-KD5EkH@@7fXn?jc=9cc0kq8bKB7KXm%Ug7&`4$ zlKb*6!!5Cni5J1n6?Hgz&rVP>#DuvkEPS_?Rs_71-7{VMIz^ucFdG42*MGU<5PS?E z#sJV2%ZLudFwG? zp}^+W+?;4Z>kpctyJtB0o9x7%kgp>SBNNHcAMs}s0?Q3F7Z}Qb+BZ)+)>iUd`az91 z`w16jy)6jj8*I3A4oe7jSf>u+iJm@e@6JZ3oC_K==3|{+mM-1QPj0)`DOm5xQINeR z)mA$?Yu~=gU&vfs-!T3#yKal2kF1Do0b?+5-2i8!2xG#d%8dMG;Q6Umng2Gr+T+Hq z_A+39;CU|g2B9HVLI#j$$HL?5Ra24YcT!1&FN0hnwX38mx3T?v&lPArxnLKi))Nb!hQv9@U*i zRGD0v#$Y}vmuM!t-MJ|pJwiSoo84U=kZjkX;!A3GtAAUOx-V*eI-gWfp+{Rap^c0R zjr(L%Ap1UO?4lk+uipIEk7#Cbk`rE9A?X;B;z*i7S1wo(pG8MxmJVr^uGKIv`@IHZFC-!lAYeyG{pHPk&3jVF{-B9WkjR()c5iV zS7vxJVqdEE=hEiYT+@!}8AjN|4GRzb%LQ>YCmiv7F^+N%{{a8C-wZCXVykT2Gk!?0 zJa<9b8jdND8^&H%C{3dOp-+AVXs6~&EmCF<>qx%E5C%K}Qr(F_Zabv4iUE@ToE@dV zic}gkB=e$-1`|H@tq(P1xWdyeM)YE)$JQDAtTniMNu`+yD>f}Nnm*iKgkEFn9Jkq( zsxQJb0JQofB;SXKh44W9a}gSCR4``jOaf&G^YOjgakCxH@`vXn35;$f$a35NO>smkvupQpILVGI@>v##a>IeZRa{yl*Z9`^Kk{+TT{dJ-`LU{(e*% z7+V}K?Fs&Tig${A8pCPRWzHcfH^3n3%)U%XQ2Cj_;oZO2Q6g=`fs+etBZTg*e%Z?W z6+A;KD^XJt$XCUkf8rZTGb>Pw`so}8jF3r!Pn~B!TX(jbG(F$g*Hz(<^K{%nU9DL=2^bDlZku}f*P~(2c z`Bvq2L272%@m)}Xmc~~rc4t|YBc`wsByr=Gz5Bqe?IwqrN%skn(a4N>er*@w+$;_u zT_gJE<3(U2unm}~d_d$$-^5z7SKV(@PuYcmwzwBnN)#{38JI+?Tx=tJ04s(%>H|)n z`vTussZIx$EpXb7Kstv-pW8}oFE$z3bN@VJrD_Kcfe}MNctYZ9B?&7ivoR!+{TcY; zE}2g1>Q>67D~NDJiWoCCDh>g%gRP^Estl(iu#)gPxz-9n1N-O~NT#XZyZj7;c+?i) zmlcHQB&rCS!MRgeg0=?CEV|9|=Yw(s(BiquiHED@qg+a*QBtOUXGyu^ue`zFz^NC! zs653ygrUKUf8vPA--L4_p`uKyP2S&@BdPtf#*RO!{qa2jxR8M;_spfeTw`FEf)!LQ z)%mI*7UznyFtiZ~|LTN9VnL-3c0kse#`8->{4!cUCn#8WoA3FWH6!%cR1~=Z_RJs; zLmB6{@n@5^>`0F%;V9E8LydQ4SC{9@I<2f)E{nyeWNhP^Ul5roVMC(i0R5p9ntY1( zP$n4(*ZNlH)>wX9Z04_p4S+7}8K7@eYE(*;w2&YYDZ!yDRff@#t#>w3GmGR8@O2%f zSCm#(;&hmb>{ZXwh!)RM%JJ_?FY#1mt}&mcMW8>D>7(ab%0=c?JAW9hD6!(fL$QW4 zXM{H}TsApawV?RD6S%jXUqM$toXZ<>|DhZeZR!ID+Bv1LHj$!u zzeo?o94|(;=NqQCk`Y!9Py5ZNE}Aor+pf=EJ=3SC^F>qvuC!RkP)p}hnA~+DIWzVaJBloMNyH*n>#20WPZ9qoE7rw8A1efFkhlik| z*Aa;6DANy23C)gUN*nyectJj-x&SQi%fmT}#PfgWd?PiFgwvzw(L-#bbXi*VB!R#F?w%#7PEs%8=I0QPg*& z^fyA;x3-duiQp{!MeDskucHg_5d@&i8uLMQ#|j1SV@8nnh|b6hWOTj%5euA%?$n#I zBjL&+TF|=e7--x_=z40=xkXH_XJG>}@J8*27h^L!6{6|;J!Zgsem%vzZ;?(M8=--D z5o4dnL$>yc!Zz=A5h|rT&3a-qKb@py1(+sgxTtx$^~55n%WpUcp25iL4T-|UMxq!V z=-~@jG=P&D@JOp1V|O_F2lE@wYlfrG=(J&G+FtsLj3(%v`a((Vd2$P=;w5T|AO_+L zSRR-+elY=RLUH#hqeIXth>YxEOzBASFo+mo3B^#9boM)T;c~tl@!{nShAihP;98)X z;fKGz1JmEU{`w&ihkGl8lIekyLOG*m^tUGbqY%J!{AJ(cu6!z{9G=b3_CsBNz7%JG zUtpsKw)=&^pezZ<8_f-#S?nq}veVxoMtVQ{oX{UDFGT%Qa+cYNufD%76yLhteNztu zItQD_0Y4oK8dESi7ak3|gT;SYZ{O`^Vw3K2QSR3_h{je5R|~2PQ%5P7t8X@CfL`63 z-cmz>MG6e~MVsc%(G&jAAUk3fGsGC=n7&k{_1Y+d&mwqwr!uVrph%T`Q+thN=d8T5#jiXpRK5o+B;I}B!7uzYn$Q~sqqyqem>}ZgTTmx zKUMy=DQ#k6B9D?w$U-W zhH2NwH#Ya?MNRo|eq$49KM={t*Lv!^BjU)JxfEw6pdMN+4rTI;xRD8YO1+%e7e@z8 zC0!;-P2_U6UNyzjD?*VY453je`|dXK<{fkL2QiFL zKm00qTQB|UJdsWKc1~|)g4IWP8s_eA_kY*>j z7k>Y4L)pYX&tW(gc!v8X02mNWwJj+F#$(-7{NT}wt%!B9;5Da`EX85a^A*q@b|h^B zJAAokt2?7qS~_)WCd@mT*o%Dq$WUBQe)T%f8;Oe<(Ebg7W;-2~Y|_e`#C4U}?YKt) zM6yu|a*y}f{ju}hp4QhyVWO+@ptqr8lhyjt2=`@2PA z=MS;^O&9;P29i`xkO8F37o%4DHYu}rO;)Fk)@I*R{;BE?wLBuI4~cj^#L8=GD* zB*&#)8O+NC(tk${xhH}TISV~Tw?)L1^nPiFKB-qqj3U&t;jWWAR`0An zWII3R8}M|=i~v@c9ty$RN9OLy@oEF@SDv}P@G4NqbV5w&9WK~In`!d!JUpM*=F9|f zX6q4pda-6naRWNPop0Z-xQdjIum}l&u+p|M;aK{_6jJU?=m^jz6ctVmgV%Z2r^Hy5 zy*zAB*2IFDa%tuVbJuxow&#V~J)b3|{Kwe;*XBQiFG&=aKsb?^hRV8RO$r4wx-5b! z^Zs!Ox`40zh$XBJeG3wM>B!{mzLc*5iB>}}h6mmDk2i6+3O)?*7&LarMgC&gmI{ya zl0qH(7WIhIX#Ks$s19`69BE}5cWxsP2vy$FWKt4PS)k-!Ph4|VgO&HplZiz`N>x?v^%&g4Q1uWehvs>;7~$ZEyhyS zy4&>)=an|N);RO>5t^vwIQ%!0u_>nc!bI+VH4JprI@T^WrNJ+W z8`f{Oi6C$R7D8=GrEv%x&(lz>#%H5PB;`<2AO84PII*_q6tDbOqN)Y!#QPqVB(es5 z_`hB1KT`IsztgPLjff~6j53#GxA>MRPC-nl?ykpT-R`ueu2K4oq{Ty{(f%ngL3}RIdV$8AX^z8#IV5GroOiDcNFb$?i>8w=aWTS-Rfd6l6~P z2IoMKa+*Q2Zsi?<7hr<{-sXmlkYA=Bg>D<<6`4gp<`(Qo!^f=hstgZcvdzZTDTNCLd3G#Q(e zF?BA3;Y-Et$=$k~@aHud-7wp9wj3!qZj#SM!I;e7xAAk_(caL$?)x>aigtdN(?1m5 z=4;nw&%lUfRAE8zuY?45->gW=g-9zXyH(nAzrF{0(>YpqN*n)AT=HKb{=XkNNWQ>; zJSv8IGX>p>NJrygwcCdrB)moi5%4d}o!MrxUtyeY2XWP1tp^rs`N(LLUh_SVksg(d z^qUL%XKVgi6~>u_v3CP%kAUD#g_2X!8VPO zgS)t5{#&gwQy3{@zL zE6B6^{@#OzP=#^@OXfwX>h~8`nX3?id#v^%Z!UH7KR!T`0`W~QCCJm5nTMM@?S^YF zWM)=0j0JyUZjK`T$IaZY__X_&50rzQz&=Do?v_XQWE(;=XACZlmZ_W}`kx1UHA-fk zu>Z6$+`(0R>+5KA0S?Z<2+Ny9LT zCKiixxB7UM3T-|eun#2p!P8`Ze7Byj zEBr%Axg%QaH?fW$=K6Mr!y}};H|WaqJluKpd2;Fton27fv&u7c-|??)v)@y#lPc-V zBQ0N|z>iw8ydH<@gv`Oy&YgQY*7GqIOr_vkO^6bEQ5^CtB~_#nk1+w)&3hTH({_ zGN-0CZWD42vl$@du-?@;vpTrL=tWGsK{PaCYI4yUxfScJ-nl$%@O(Th#0RKZvAd{-RJAR;4)Z#-ubb9@CI2Ly+O@6nWze+LNY0M`3E zZvyn%7w@SzLgW(0dp#RO6Vc`L(1%4QHMsw1@t>IdzoGf>k3LPrj)bM3 z2o3E~RJ6^mTr#CuPk_@f2o z#W3?`G7+`O4sRn0svOA&1^tT878YUGGekq{7W}Lz{u${Oe{2Kvi(sdU7nN3+)#hIY z0%I@q%lB#U@vgd26%j?X68| zwd9~qc9^5|6(Wt2|3Ho6nB!FO&;R+`^qTqjTntZqi@~DHCSxOIYSuMAWaBu=3(cq8 z*wP&y^?dv%EQFaD$U=)8!S0?GT$qgX#tD@`d_!P$%-?SIUt9iF9nsCy+)r3uK7x#G zVPRnjt7B4f_`{vYY&ao&kYEs*phjkD>fT|DRPl_CyPA4R%Hm~Ghw$9_aZXHP;&zR{ z*_~gYH3~FZGaWoQ(a-eT#{GXb3akb=KQ5HYH#Ko`a^fDAMb0y|bQ>Nv)MDk%%+D7$ z`)nEl@$7Z_U|aqQ2WP2VU^*fw$c@W$H;#wZ`q8iNTe?L$udOi7JN5m(dDZQCe%Mna zEfGy~OcRrAnD9B_qayAEAhcp)-HO@j$+!%fQI!P>VytKF&QC4PicF3_riw0&4GjG0 z)EamvGA^Aq_hw3^hP%TQOAicon5kDVj|ysCC>P1Sb_ zr=prfVy3g7uo1OG)TJ9pSa<`XyX=!Da5_eGOIRtb_yf&DU**(RJCqHMx zb3db1S1&Sx4K|;3vcRalLu^Fd>{{AT zMH(5tMY~@nnBJ-a8!4p1c74(3E&fay?`^Q)!EmbG;i8(_x1$uQ!s8jw$3?E>Pii#X z-K&q9MOdKT2ol@%M)>L%_+N>5oVw~q>a8CT{QHeRX6!AKQhqD?u`SBzgU#u5UWNre zU~c^JR@$_W9x2U3bEW$JRc~(!4TVZK)VL7(CW77=& z8S~s6S4>f^asMnc@!18xl*4)tIx%5}{TJGHCx6*UqDRsB`31v+<}0bNnD0%?7<~6h zU+HPXT!#(!Uoe>l242i3vFd7z#0CW$d`6ihU+-w=<#(|TKGyF}q^s9dBBNFQX$xvo zcu5?k;C*@4oH6l@#mN+JIGsla;(CUj%x)QkKrAPBdH1EM5Ckbwd1oP*Tb4{toYfy& zAX*hV@_l*&?-yORFemO70duv~FpIUhk>4`s0jFHrN0Roasu#kNqdpmGBBw;u3rl-) z^RO#>67X7eIr*x_`jfD^TO{p>Mww}!lpLTUFf5^OjY5WO26FT0UST(^C2lSbgg!m5 z{BGTPlS0IOTu#_GX=?=T=>5u$zUuGzJ`x5jSKi&*T@1k59!leqIgQKxO5xE5aa(6o zdusD%{v>caw>y#BQltFNEH%Wn5qEwRh7**Andh2vr1^Gw=Kz{ssO*@w{Djl5!NORo zs`T^?WRWP~%*CQqEM?=I=V>~>K|as+=_Ub3S(at~LH@etcYg|F@|&Pk=APk+MzkvRkIrsOA8r$Ig#Dd&y&r#CH=bZRJJ>w+ zp3WCB^jBuyWz%VtPb?V@=b@dhgB~mId#t@Q_CDL>ZjF-#FU<~04nGPAJQ5QKc=_G$ zm3p%<<3GcEn9RJF#8dJsryo9@r)B78$#hkwT%1_5P*yzqIiur< z*k?Lj#pirkb-y98ocQvf^l{$$o-mm=&w2Bw3!Xh4rfjes9a8P-7GY^VeWB~&KK_l% z(IE-r43rZfQ-#9LA6JvR#r88X+s^}Ez)ZMQ*;)1E7YFNev-RkdMrThjPmN`K%!K02 zR_Q}Np}lL{3X~uoNY(qmZ5Bh5_^~La-B`y@ z8IQ${q2*YK0~jG;e%r)eXgoIhX>w<*z0vU3ZsYx7-)Ykb`Jsw%JRIXyZ>v~X!oa{U z3(XXcsn$hRqaXI4460j7l>3L3lX<*bl$MO%kLVI)pOsT(+JWG*yN{NdWlSCv>ibT# zw3g(_RlJU;ig;}(1iN1X5Sp>&s| ztNp(4p57_Ma~N5ydTXL4mqWG?KK@rtN(bDPojhXOU#={AYv?D&A*+-W$2UAhb~OQ0 zD26sMU=kr@IB}H5kHeXyP}7-vQBg*W0j89$QNZNoNu$?63L)^FR*mM5tpJl<1tOk& zYBBy%(ISH!}z)K3lj$#%Z>r$md5hby=IV-MsI&I zu(RiN%Lc94ZPduTyX#5d_GYw1W|S)$&hD9$IK*`iU9H@%divngK@(g3HZ)t?dHFCh zjX|OB;}B6osVas2_OSDE1Omu=KZAk$>+P@D#zXC*gBy5nR1E@nnoyX1W|)^Z70R4` zME37gJWzF8<=daSB1pujDwPEX+|m8C!qPj9qlv!c(7uyhrc)*y;^}2dkcDKg#_q-< zdQ~ha=(`s)MjKS5S|bR%_xThnx9Z6T)%9BuYfey-BBVQpWa5<;oY^Immq?7sHofXXy@ ztp%W#lmgPw)wh!v-P`Y@rAF-1XJ4q_Ua!|Qh5L91yF6Z*gT6?aWjsYXd3`Hcl;@ri zl`}6~H)8ZW#O{skuc1#x3csOwU2T<}Vxfm=^Kk1p(`r~jSo!Hy(EZ&`X?mdyql2znu^Yd?0~)c%vA+-MY(R$=l?tYx@cD`O1C3-mW}VWu4k)x!*+oz~`sAlzUBvUa1#5=k4~vZt1v4!q~e z^^i6HMm3YuR`z+=a|#_4(kP=UB;s1Xv2(E~A)k}SoP$s&&=HsapajVKM{h8Nok5Nv z(pOTXQW~1R&%BBy^D&t>iwvTytAMJl%75WSRKO;?QYZY3pjL z*vQZPhb@2l@6@^LW;gEQNw-V_mmFQlDPuH*ytL`uKJn$GYsM17{B-NtC84>xz^Lc? zV(4WrQ1Sz!skg~c@%{&HWDa0r(#6NoWZEn1*_{ZHuI7iWJ^4WdSikL=|CKYqUy<@l zMMY(9MaA0~e(gICWj2ZI1zm_WvSxupSy5?>JceN-yJKgMocwx&1gVk@LI;+dBg2a^ zf4{vKblB<+x=TN?C#!H(DT*ihtth9FnV}ts-=b55;$mA{G+R|nU72h;TJ=AC2vssq z$~o#GNN@Ww*}f=GG0i!`(}q`|dB=!h<<`|qSlV)L@48V=)!nG#JLRR;N`t|7s%n@P zb+2e*9D(gPk>aF(lo7cBxjURWvafubNMtiW;o)A00LkNPbf&4V?vpdFV8~DeP)-~* z*UDM#IH!9N9d?5iK;EZH5i2j=NVOh|RPSVA*gV~ai<=|2hgL=ik1kj@A4;0c^Y`_B zDmqHQW#9#IS(JGml4T0MSOT)vzvpbD7(a)yXg%)x+plPJb3|TEw?;<88}2+eAZwW< zjCrea?v%W2eub{Em}F{8PuKZ~cPj zNUG?qcld`HPFO9nQg+g0!eXGNx&}3t*@I=pZmXz>Ah)yy-qA^$Y66dT`F%%=jB8c7 zIz!Yi-sO||s>Q`7QmBceQ_bG2nebvi{O#MS(cA;M5!0um{p88h3+ww7^G)wjTP^!- zdb|%AV`6hY#peQ5Dm!gAAP$jEaj^<(awK7RVeEMGf#i^5MS=6a96Nd60@s3ft;DbGLIm&-l7wD3cCdXRPRCKS`X^30K(8LyScv6Z=k$`kD*BEe3K;cPYT zB&!);HUzVTCW|PUyQ(uDWvR-!PrtZ*86ov9$MS*Wae`Uz->;ujS5^RzRZsE4wh*AWB9cqhu5YLBJNi!oskW`!M)GWhsDAYxr^IV z9ZRdF2#{&gI_sNJHwLg3_z!kp)8kTpsrl@s!QT3iPZrOG;TMCkHSd0u$R_=r7MV41ce=KUAXmbOKGDEVX@SXh1sMN73(7|C9r8K9`Rhy5&vffYpuWA_VZx zj%AkZVhj~`@7iEPMD55O?2o0or?HYs-HN=E!sWiNiuY*6^GSI@4_|dqb#i`pGrgSC z(gfTkL~ZncYmdOai-?X-*`azW*Vf^4)#Ggf-T))|l|0uJzbsHd6wcD*5OURh;=c+H z%w0`w`5;9=Ddj3L7GZQ68>-los7(`aWm(a1Lm;5nM9AaW#Ic{TKj!;Tar2Xd$d^m2 zb?<9w(wNX4JGE*3>Y(*9WT}Kfs?j6{4}On>cc%~cl?(X03+|zEUdFcN{Py^qH4scx4|{&C4DDww)p>AFLSj3}BFpX*tk=Cf0hQ5@ga)7NivFDgn4)r4>?t7nD>&na*UnnM8SRI zuEWFn?5vklMzI(fPk{+@Y{9Ulm!2fwi;iv93vrqVbZ|dLgJ0b2+)QYZ^)2QQ{!${6 z#P$TGMGSndvSMC4Df*R5%9M+!T(oG5vN4DE4`^Lz-AoE3FQia!qiN(%n7qX_Dg`=vBj<$t zFtf@x1MlX4fcS}&8ODO*?hfcD;ssECj+p9YQaQNn^al$eP;NV9z_NOIT#Oc2o-LMy z@KB#;m1`cN%`U^(%U;(`ouEi6G=(_cx$6~}Jsa40r6br8pWvAWw z^KaQsPQ$^`M8g!8$KAO{Ux-F5!w>Q<}myR&37!3scuYpDz-pM$XTL%q!N$hwi2}mYGUa_qToSyT1=|2ZHWeqY@khE=J5es5o|CtvjF`0?nT~7d+;c z%)VWbbpEFA+JhTx=SxjZRX0oP6Zu4wA}A1!Z^Srqll;ED?(|VIfENxi?F%M3uuD<9 zKJAg_+CTvJ#N-WcE;iK^I|+7KY#PQmX!Ck;LoK*i5LAfZpmG_zS;i~)2W-q>A6PDl z=eUL3+2c~prNEradfR71#Z<|=a0`5ETKus#3k}2tvvRy8#O*>RUPPGa&r z-YUYy%?~JIe1#hTio9+;gV!hQE)JH)0xdC`J38KWCPk1vPj)=LS+L*1%sTFR){&d5 zilpnbXJ*rYn2lOg*ZI;#nLXsK+-H%2PLh>k;ZLj>g5z@NS#AKt`mwlV8!`5myC7!P zl2)y26-7+){q-7?_k8-O%cIBBwTsQ#J6UwWXGgNMfgy=jniU`XpFJI3!=>fm3Shp_ zKdA}%W)9%@Y{8U7<;Zf_lFwQ>`R@xoBuVL#UZV~f-YtfO-+cQ0-Co)D9)5*^L0mH6 z;C|KXDt&YQLioe6UW2~(+4^w_K~P)u*C|nS#3$>^q@L7~D+~W&*Ch0O62JX-AUwPG zaB#!F#uVWZD>4=K&AZw!he9Jr+}DcC2nWX~Sw#3LA)4QvI?|8?fV3lgFjeiq>{C&- z{NV75;!oo}Z^q+zF6_OO?oZcV`mxMONl^k?fiDq2q>x?lq&8!N2#pMC{@|P_b8EdO zNX=v`j7PiNKDjR7m$3vzhEN!$-Otz<_AJNS)AT^+Bp*@|_iGljZ$NtxgxP$Rj|o-1 z#Sfzlk3GWwrn;lLc*ugdDk7oBNRe-|77xA1=T)N|x%HalL=UEv6@ok2^;dVf=ie|g zB+{FJ%8H%xg#XpvO82TjM}+fI+y0T}R6C9(=Xv=)cv%fiK(2Ra#!nDEdA#tF=rNk7 z?s*`mxY8~8fWL+H11G$rkhvntUXLV-|MOAYoOF*V3QclI@1kEUk0&hs~!!chPhZH+Kpn#{N>r?*_MZzDE@3^BE~#T$_X z(q*+0SW%pk0^M34#(DC+Rt*Z=zTV1SxKX$I*;T`A?f(0QWVi&163kwh#4|%Bo(gNfBSA*GSIM#QM?6{e z3Yf_5@b9t8j~N73HLTmv2tR+MP}8n6Dz zq1jKa8GP$yCUSG4_suGKEP|0Eq-CpJ`24P;}XkzRtY*4k`I?-tY|8;u+LVVYG z!ts)3$D{m}C(_g}_ci1R;#Hd+lE%`Fq2Tv23LQ6nR%a)gM>fVx5DZj%tSMv3Y(Lp%*f1fwtmYdymvt0i~X!WAz>m1(KP5PIJSOQ zAul>?v1 z29Fc)H*9? zY4XJYvlS@v9`b8?s;3R3cj^WN3jO#TeGaD8_nx$Bb*BZz{9 zV(U!~+m7F~gn4Y{q;IgM6O$VOcjk@S*n2snZhd*E>g9PA+!kpDyW{Cl4edk6wM!bike+I*R0*k8z}LrynutQ%tN2Z zKIkYV37vpJ?M7UD*HO3Z&~1>NS8)8L(-cKyvBo*>oP;QH)@ejN70#?w>t*u#q&0Jj ztz#p~4=Dl6f)C^U{7Q78nFsmuC@)hIYaP5XpC%|Gxj&<}&P#fn0&3!iP_i+C0kG_e zdwqs3f@d4+J4xMVx<5|tjgI66@fBqnhv;3iexQdtJ z{rvG!4l(#yd7G)Gy48Zx<{~7DVC8qbjPvJS4fQvmwE2}p735fs#!}%>eAXJ-x^z3m z01iY}@jFbiL)#O*U{@n0g(x!i@-W~weR130A?nG5$w1MTB`tfm!|@quVLM+@>go8L z7GC58@lcc!$du%H4Vr# z(kFeM5m4%<_BEOSA#uY~wEBT*v&B=8#nra7TQB-s?WBJ%G43n#`Kej=PyYVTG_@K# z@$8Qczi$)`=kAzIW+sl9B%qsm{1TtaI)O}t7)9;mnu*x6wj2|*KH{!T-_W;Z{6r0R z)-(|55A6C{{o;hB7yO%e=b@JlheVBT9;dJh@=E}4l17&EHg}6uwOS_RL27F>DXgea zmpq2K>rUA&s+A#)pp(WjU-=Cbj3)6i9Z;MO{8n7t@V&AP97f8?jwR^<9lrz(jiCi* zNb>f)qQrM+|AEJt=3r`cEv5_pD6$d!Brnj}+Hq|V1{#=<5;6B3OdYFBgvo6DuIY<4 z_I?sd=+?$~cyC}}V&p4XfX&9j9>b{LNc!{``9$*>y@zX+*XLSNVLudu5Tu70>?m`G z4HXaw6I1U&U`_~}T0Nt5UO;U^+kIXj?AME;VA7Pj@!Y$9MZ~5a%o6wbZ z==Kh$YkPejg4U-s+?84?XjSh}P)MlpW%j)nm6f#Hcwq@DXvaU@tzGAOjmi+k7%$(^ zlj53ql8a#mt{}AD(<*0-q~9kq)A2WN_f=q*MX9Yq^-9`hvFXz@?;ZJRN@MR0ob^Njbl3LhEE=3BDGLI& zMJx6&Eq4*{_Qn{G{6bTk$N*!7abT^Yu$oqUMj=6$s$52{*4m~tGAN!AJ;}hPB>?#O zw7ad33oCa-Xg0VRdIY)UQh*lIlMz@Uz#?F->f#!iQU&AGp)z;(n-JYBw{>kMjc@CI zg;+yZZIk1kg#(-N4iaqtFm@u|W@w^7Ri3?P}pp&{(14->AU;hGMySY{3 zk^L5$60$gMIQ1%UI;?Q~8ZqccR}UaI@g+tf``UaW`N9HGM~Qa@Al$HGz(IqT5q(0I z-=kUBFo8`B(lrqiu9ew$N#HXkHW>CI%{>?`8*MzOHw5|(KX#1&;i5(nBTq}D#SpbJ#;kO)HMTn*R|mG=Ee~UB zb05seOwRkVy(eRnd);F`{0b5*Vx)-nuUZC&GwC$TO$7}uWb+RU?AbMSwo^qoqHQlm zdc$QS?EQ8*w?YwKt_h0~y1KK;Sn#09cVJvD{hLBYT7#w4awNdfB!((7EmvpD1{;y+ zJ{tQMsmQRF)YnJb)1DQV^>0csD+(Mt^HPsKA|0GKJ4Z`P7E4Qdv)~9rDO>(Gb93^j zlzYCLWa&3wuKvyK#FQ{(m&~p;`!`R?@SNP2#P%PwB`KyqWJ%=>()VO+RV!xvrDyo) z4`cNq|6~RIlh*b(N1P(u7wErg59|ya5&Jo2+6@L#Qul{X6YdsQ?*m+_zbVdtbFcpX z=C^0a#vVT*u?fqIgfX#RnCYb+_EUyzf3u1I!FT&7x5|(b3t3p#U1ZAYOSNMT?)K4# zM^4+kP{Mt)qLvn(JGXCCTmYTyk<{>5%Vz?=xwc3bqe!M@KZENWATyD@rmU`L zso{t=PUr(x2JyRZo6&Ow#=(L-dw#I}e2gv{ZF>5QsEp=#)a$W5PbtGXIUutC)nJ7s z+1Y+dq5tAJoe*eF2ehJ7I)v^9vmcOsLbbH9$6g>L2;10}_>7GPBH*0^{<4 z@4Ky~e~tfBc|KNK+D!NNpMvCg4Ll@RzYcT$9)A=CFn+RNS1HD*!Ha~!E8P80$Zplx zYuNs=nOB*+@?-OtVrHds*z=knKc+~r${GO-spn$A1K{8jH>OmYh*g@tNSA+$8ynjr z%PTRHdTHh)Kw0@Q|L+HU|MLK>3V*maq_O+&V~^i!m;@ukZ@j31nfr}|)d}+G87$n~ z+;~w{tpnegz(B}Z(eUWMh1185&HvZjXuY7#jGqx5(o}|^nmc7UO1&5T4`+^)3bWGI zQ$|g+12y`u;U`Fm(-$Nk=A`CUq4*6#fOS6N;QlX`@_z>Q-)~o^)SrGE_q7hzN8^S8QfvYxztYFsk(&@MioUZ`Hq6X);uZlQMs9tPqVV`D;GxcRcPVnMf6+uiVZyK#CeQG(-(MfhL>@ zo9`Q22rFxFW@gm?AoSx?7(V!KXb_816@Iw=SOmgM0XmwaMT5}?*~a-O01@V|GSL+3 z3V07`p}EO}zHeX-Iq5YD=MIP&5eEk>=Y&OTP$wX`48d51*0!;+;TJIllyfLl&oe!nCgfb?wjH3R!~7pkn(Mt%Qut)XR$MBr-5yM7G_g!nNuFH^ymWUUES54#LG*$1;Qn(fiugV4mYS|y^b!0TpAAZ#X4+;}O zP~hSmT1n#pQr~OmRA!~0!_Rr z?lmac*uIBUof-E!(vF}=%gffZI-aIYtp?3gEh_5yiZn8wFN(w@vOR`He11xh`1 zHN{qc+-IEvG}(OyJ_2a9D%SOmZfL7Vj&vX1)=p1@l%8yXr@M5~2vfthfa?C@(eQtw zVh0UwAMgCzNav-2)j=FR8d3G8aqMLkqJpJ}fPTBZc1mi>dQ8fTpcg6vMY@2>#GIMm z{@$L+{%je*JA2ZK09u1ylLB742d|AXye_o?-5whZs$>B+ITiT2J+)Y26Z21YZ5p6E zsN+OPA7~9_oKkP9`VUK)UE&#Jt8;Weq7mv|Cy|lCGgZ`Q+wLi?P=dH!H>**k>5tk~ zdedt8(H?!@D2_0ohfYc56?X-gYHRo{*_=}?ZBfGe*f`1y@LNiP{81(AZ8cd~I(_0I zXCPhwR$|y83|}(7mVSz_Ng>G#C+U%*Cc zlT|VVB?Owk>Ulf=E**K#7{6(<&f(P{r=&|CDx=#*Tvidg&6M^P+7ckqN0UiTL`maxp1HqmCe3l|c#O1wW1Y6~NZr5G;QLd`c7Tryx{ z@=;-Opq7`C#wqe%0jK}tAV(nsf;iA{PctXw7Jc5OO58cqcJixDhr(g>_5BUZ#^c~u zRmAcB*OOU9K7(93hGWpPe&+7uy&eJ}I!HFvWczl+c2BHIo9f z1PMs%PkQMytNOHU`CHmL^Zcw1Ov`!1t1%9Z$w^8ys@JXPq3&51qnc>{ zU{t@cw;|I~zk#QdlD2z;Mb%wi!nuP*MLUU1m@7a?#&Or&hcTXR-$SrWY!&|@U0v%7 zIRCS9A%cU`*O07F1n(O$U7v2>G%4;oKlBW$fL%4iXw^mmZD-i6x}>Foh6r}qX!W9} znKO^{{vnCFDqbSosd4dEfX~=A)8g#Q@I-;72;q^`xA4h7I<+~1Za3^p?z_5UjW=sq zAVt>ay99@4XW57r`U_OzZkP9FmP-p>f796~k+nKV@uRzJ6W{E-m0!Beg3~F89ef@? zoX9i`=!oZ)mNGCFxxu#N=UZHCMG|RgY2(o_zC_*4tuX!Zks>O(0TgLaj7_C2Le{Zy zhG+&us#(~ATh9YQ(3AsI?4&V5J)|baO3@h9sF4HG>Ph_7f`(6jl1b6;o$JNnE~+5| zqls3=HI_=wmh@-7*oOM9FAS7M+r5fkd=Qr&rkmO6=34Ja~cbA4&w=-sXzmHUHzB4kJb= zHHf-z&d~Me7B59UtWNu%*G)at(|C*8)r|DE|YPuv~GDXA5 zxOh%dG&JjVtfO7hcSc2zf|SPM%V+79-cnVTsBvL~3A9vXbGr()gb9Bx0@$L45s1&5 zZAF@3EyyUBQa5S^qub*W^e}5G-Z}Xs%2beIyywhVYFsAM%8hFxVQE`YpjP(O2!m31 z*IoRpUgHK~4%#RE2Pb0nH)9+2xo=@@5QFhh-Z*z)TKA@YiVQEraZgB zg9_bjiVJu+il z=)2wLSx%A1e&`RPYGY{XLDfneFXe!wkhBR|NP(Zlq`AFeE*)_t|Lmot%590E40_jd zln@J6|E3StgL$(Hpds`78$*^T;p-u={CC^|MJQ?Q3oqjfp7dA1+)c#`h37@T^+H=f zr+7A&sbP?^FwOrgdi3k_iRt<5SOubT0e*#R8S$x04ks4h1>bS`invo5-AL0LsnaAI ztR+bpMbzZg(dh8Ip16%*-UV+VRm^IX+^}-b7Vf{Z<(I(GCk7WIlKSxb=r*>#LdSD+ zMss7}H^tdP2W&ycQsXL~kG5Ygi}Yt@Zg_Go816F7+-hsTGj3J*;3|3|*1oq;4q56n z0`cul(XC}mPD+ZkyY&cmNNZ?CL&azYp634MNj#^UjX}B`9XhRB@^;Qw5p#X(o!6dx zi{|K7xLD$Q)e_Nb?gMWRJrxN&bV6aD(}|~G%z4dj`)PC+CU)nRCAC(#m@M-{36Yv4 zNUAcnsTH?7YPxJ-N;;?_4m)|FCLV|>txcr;XMIhF?y%)&WMg>vc=6sd$KF?F5P3Ti z{~K4o^Bz13KYyD&;}^pI3hbPX-8itHlm&_ex@YJ`N3M37#zd-S0`!;LlShh(FjBscXn% z+)dwu^VLztzR;@gzx~Gz`Yr#T9r?xyjXLj%h^rTyI3)Xvc~na3Ad|%bVI&bh2+%5v z>HD_ODs&JxxIo}v+Fbw&1PS|B*EK-PmA{g)l5x%Vv(yKROq{z3ql~igTwnZjVshc+ zo|?IvW{CHtY(v4~s-XFFBU>_TETLT<6C?B8e3PrrX>cZAp<%R%y1ZeKIGj}6OxIRB zMSa+?&UxUtjKNXcR&a)ri=BUKZ_aU$O_f_flaqv63MD@VKS-OT@MkN7oBP+0)y_9R z?O~@9+?or&%L7bl5VoM&FV2LVqG3#R7h-{riY-wSKw1is@YLWYXz96No5zSYw z4SaK?Hg%C)939DN4I1!t%Ci1zDX03khVIWi-PUPv)OcvKA9DCD-#bKJdi3ppEB}{+ zK%nGt_;*}6J@w4uavoej%1qhk2$)&MeTj)g1mi6?G$|@ET56{mZ8D^?qEg9gW!Ii& zqZ&PMd?$-5!BE2;oL#S}f`jWZr+p|l&R_@Hii*5=uV?>|kWZy>&?e(pP8|3>aQch7 z2y8ucbPS__nj=!zCN@^avpiLAhaJ83%^N7vMlN5WfNuKPY?VYZFRfz8u*iHK#;;UK z0+Wj{_#(o@{a@#E=v;+}=D#xWu}bs>Av?A2K=j(~;vC{DkaK$W&pYr$uakh2jpyld zJl4I2+u+Vw1-7qfdfl#D3TMivt(D*I(uO&cVuX+_9R9$jYGxU?&t|U{FtB0DRs7B& z@&0G6HtPkhpZH0Z#u8o})n07XeL~Z%*vwl4RvVFx6VX`uv?ADY>YUyqM)9DB!JJmk zCRwvPo$Or3Rg8Y?!5gdft&rVEI4X|R8E_g8FIaigLX^K~zIalo^WEqu`pl1X1D@IF z0ew`Q8b^Q5@Tq2rb(ogn=RM`*t@2TCc98&))dEB+x$XEkZZv}-r7Sn&mqks5=k*$v zC+*ftfBJWS)G3~aDIBzWW%yKZk$#0R zKH++IQfBLHIXHg+cjjl$++r^5hjCg;nvwrw1IeP}-0JOdA?|j3UxW^&MS{^U0uH8f zD=-K-oct#A7<6SS88w}zu12|1m_|^;-$@PX=d%dWSYay66qmD~91D2X+nno8xuj`@QkGD3${+{v+tg2X@LoYP>#CZEff&^4&5KtrHi!Q9MOo06IudJX)6vzlp zCw8Bzl8YIFKQHZd76suWv~;NG>K?#f#>K^bNQ|i(3q~!Sd)5X%tl)e6wQm39bv3+k zM*G0evAe4-&33?sBNA)A9q15T6x4Yx2I|)eUXSPga;*t7b!L$@d;`goUTYsXv}`yCORgVr%}Nztw>M}=Fg z4cqE<7_@l%(`-cMNJy{POAQi-h8!P#s{{MHg8i>dT{P-uwvIGdDTgD!+cL*yre?&3 z<;MAS>*YidCZ+?Eeo);&oe?61zmKYZ#+DakFX1MR)AH-|pRA##c{ezYDjbAc0wM&z zWh9DfFNecQIjgq5s>EZ_=T}MknHEJs+%a z*pfYiGIfedHeceB$17kyNX;!TK$zc4^4|mJblC8vlWXP8sGYgyG*H;yDcl(?%?CEFGM-D z?RCS^C6Ct|F@)O%4#n6d=Js?2>;5>xJ%C_IE{dO$M*Xdo+%i!=`FxC5_(nXZmjij@ zl-&^E7*zJVHBIjicz_6aJ~ICoR0gycqpIw4(=ah5@;Ke8>*y?4c@j1Xy(W-eFhGe( zc5=F~-MCBoEtD3N#8BVtw zr2sXWuP8;k?07a8usO{)C<2`0g*BSwxkk6%(iJ+{j|G1c+y4`=eC20MuB4?#!(FT{ z_Jxq0)d)oxD!PI`8qo$@daC@d;0ivd}idc6aScRL$N&JgB~-PTYPAH0T$D_u+WW49^EC6s@~|db@f~ai{8T_ z3W%GPZ{^19#6gd48tjB1NSha=iJ64FPf+}FGse;jn#C83E`+G;DJ4f|P4} zG?iLiU41NmQz?OLI%l%~lQ|$HqF;T4BG)m_6kN<~ZhV;+|85_O8J?7dqer+FCB!#B zWQl98L_%0vO(H*vR?MMYwzcb&^6eoh)F=lX?#Gu>#%2mbl#R_AnI!!=L%~%)l$#|P zwKW5rF0QROo%~JRn!M*Lx!SC<=`G|*KW$TVC==tSzgVjJfSWO>E0S{md22c$pSWr8 z5irIZdDr#KM$}m~q3VCY#kcU?zMV=JlcheK=kc1wpslMFpN@4LpYvQ2X?gkZsR_@^ zd9xQQsTn$i#W8`%uhhVkVIiK=(~FdDGK{yOIaPy^*4~(@kH3`On3LYDb$q(Ku1w~^ z8YaV-EPeG7VcnIAVzMs~IcVqA5W~!L7_O)DSb7q*wTw#N5RQuDQ?G{En!+G=GD_n2s`h)GgWDV@o%m@R0BU|IQ=;SKPo=cOm1OaLtk^5HXYm(zxQXy|K(JgbiL7bFo94gv>1d0v9jd(U5?VGXJ(q%b_*3U1(v*?m+Q5FG|P2E zY8yNWKypc>>wV$-+v*Uerr$B%PPhzJGX|L9=YYPgYzGf&!mmB1?-I9VIuCgU>EU7_ z{8deMzeS2lOT*6J1UEB8OdpsZ+uJyOhS5zX?QNH%;mGx7_r^#42K)7_-%vFOK+2CMG7VZfCEBdp#@d zAMf1&7;3Ur1}QcEKuvzmVk*B$_$rHyVE5IT1J!xYwo^V>wYfqsp?*6Pr^vdgMlH5q zx*U6Lk48NGqMo40jasC>|IaS|z4Ky!ZnN!b*}<4fn~={{iPL7W@bJkv+{SIl8jy$X zzChb2*vnJ%qU8s?6`!|$yiGH01S{(G(iP1ZFsMPyGG`2Kr`1biK0fq{Pyqn&L!P2u zxTEyD1!^PDmCQRO%_wcGaJkwv!{7XVgH;EF;l$;4^NEbmlm|FNW(yWYNnRY1lzV2j z{)YSzvZy0K(L$U4PyJ%fz()_T$zcR+Hoq=Zv|XkUey9|rZIE26o0Fk;xOzf0aun6cGTpn%om< zYb<>~t#!^qZCFv@rf1Xt5)`XXxZaO&?e`q%)-C8<&ZZG;)^?+!^Wa7aaj>{Z%(&Q+ zwZ7PnmKx8SF>s$sYk@kpHa5;F8A&ub z@`EFQvIO2{S;KNneLZIZ9RAB7aC0+MTspTcnbqW__6KhFb8|7?+VXk@MuVn<2!l5F znRJ7q;=_$mH)IP-#<_uCRYpP8kce;+!R7SzDRvHyCMy=^ZQUb`%&$qB`9B=fKQL%J z;L413E6VmKU`*SZW*J+$k3Am23i4XY)T`;Y5z(RlDz5~H`d+r=eEtEn)lbQrD`s-) zMUV(GV(^^^Q5vl<9USa9TJMXo22+r(gGgb)S>K?Ah7b#%s@#PcELmet6U3Mu;|`x!<1N2&#w z!JBrH!`!*)4Ppy6GVWcrv(YRf$$;2FupDkTRh!k^-uNC<8aWMaq^nGz3OGs~w*n zE9d#z`JQevpXTcv0Acdj`5Lof;K#%#W@Jx~Eap^lVXd6Y8#Es~)8o1MgP7a2qRl|v zNEW<5ikIxP_jTltgkx4Fa^aT4>^i}s;!vnNKleV1yu;O+exw=1Z?%W>>P=Zt2q5!L z4|MY5a>uY~ABm~FlkBF7w<Ea(wemForBpn(ve8d8 zv3h@!dkIXxZ?}jAUIB>44B1{n6W-@I#O5DGJiSl4kfOVox`LSXBuiMi;`YA}XLg)8 zY~Nv%V^znkmuQq}$e*0VGfPruW*L$n>3uTXl4=Jma2qI8n*`v-CSHr|W0T2SS(UUf zg6XZ_LeryC2)Jw8=mo2Te>2j|py~!KzkR`YZDx`Q7R-!nQvqTaZ_4cluAcqLuR7;knW^QGV?rYID zIvPH^8b+V)5?4w({}gsS4}?vzx>%_QewlUc4~7!z*O zEGer~&IUt=4%FvXksQssNb?JQG+C4l@@lTL@CQ;n;pXQ0R@x=r<5%Ak*nE;5>HWCy z1D^?zc%4T(yb);`0b?)lgSiY9O3|>xhOszzmxIh`jAu zU8^#vFrX<%)x@yY@$B6dp@^+l^s;hv?>Vj_9`%rJNT~mG>xMA&=C8|~rXwZm~ z>S66PyJ~Pe8=^c9x0Sv7ZSbZD14&qR?(Usj6EOMv{zbp{o@bY(0cH(4l18zEbnMH? zJvk43)T}tV$&BA*-RCN2fP}%FB5FCW;c9%(mK538=SC;yu82wc4)!F<^R!z5zFSQu zo_8#BlidJ_eodK=)s9wzxl!`1P6yn61f5XFBfBSs}7 zXZ1=crE@L2it2mcm`K`vwv@s|_EcPZ!v2h@0>Md-3XF=L6alva3A_O_ndE-(Dt~+p zy&fxh37g^LNjFAbTdp4QuM^*?&im{2NRzuu>vH}xX#C_2x+%e->V4-|+ayI+((QI+ z^0*(6hu?P)r}bh9ULOgb<#|AFuVsvIF7h^8jiEe#5K~GAp;>__{s`5K>MGeFZp

FA+(xa1siLm_X0p>PHN-B$%sqgehBGELZ0)1!tZWyU6a;7(|a9 z7rnc!+cLz~A$fruI1%Gt>AM)%2!{P&o+!v2;*@1izrUsF?6sN1d|QWn(k=+NJ4L98 zwLp-5Wy>4>d~T51WC{NWmZ#nMoxY_^X}NvUBJC=Kqb$z zl^ z5w<}BX68n?P?9&`LhkgqK*~eLAsyVrE8^A;I3zb-tY$KK?aCf4E<=L+=~mh#X9Ekb>d$fQisX#!sH586o||ERmIxs|m=fV7-nK59Qu{ScaM?Pau>%fML6 z%;9m_cLJMSL^YnwT{n>|Ewzk4k+E{+2(tI>Lv15b??{T9Wj9 z8ZXad9ft)K;(eZ&*W!I$7eq>T!*VK2@SB?3lWfveOsBu4@&t$c@x#`lxl}pe>b}`^ zBP`4o<15_$@cXR=sfgKF+AdH5q?m29llPt!StVtvg1D+o7YKX2hP-Bd(~*81+%0Hc zEYo1w?W|W8J#pLLlRQAolU6KVXa5e~B2s7$bzJuDR+94kR}G};=FNpk3-{sipv^xa z8$U-8QmeH%yRTM9j$d)TNS3%Nf?VFji;+|xD*O7{Ba=zeW%0l8d*+8lNlnTYV7yJ! z+4CnzI1!qcJ#?VWKexQv^lDq$+Z#l?t2682@ZMAf*5@=BrE*%^x6`+QTuWi|NKJ3w zS6zx1yc^*Rq{lBb2j>dkHjR6YSwy3Q#=+?evt&dhHql4xnTum*AKM&TA6t!?K9Z#` zth}~3_)fUbS1T!P8+wih*Q4>uuZukESaaLw&S6lyRmR?D(*Lz-G=}^q4|ox%fNrZ(f>w}z})alW(tkG1H~$W$s|XS9$ea}i7o3(1wXfY2sDTT(xNwY z{hWUY;O~$fA67}gMoS&MH;oBs0<37^v7+m#q;l%GN@=5(Ei*^L@&?mMZO=`(Uxv#@`)s)i!a%j z44&6SzGnrrDdM@x=JT+8M&{4kE}Z)i5JQ}XxdM{d-i6iwQOq?ahF@9`h`P-5Qao!v zm&f-TX%TLr_$L&qg5~#-h~V+TC!uxa4u`90k)=qa8N(tDMxWU2RZTlZc~_1^d9`a0 z7vTb&P1}!>bjv~U7H=_;v;9z{J6DNR;GR;DH{k9t5n-iB(ugjde?Uf|AyT`I0W7kY zuB}(E{f{8MvMMV|$IDlL7*1|(O}ZW4dgZz(*LKq_Yw4K)`=ONR_|5s!88{e_!B-ujK%?A`}=#EiAf z%8tGFk+<;V(s2CetUwU`jvAH|F26oiZ17#U4L|(aPv(fT z3<@xI-+A0$f4$j=RZNp0kA0Vymj_6z;@sT_!J;AT9Goa(>j36(M9M*i)L^qj$7VL> z*h6-6%b8PGH&aK{mBkwsc5g20e@B5g6+Z>Ew0(|W-}rj6D(rTP*e9( zv|Qk{2j^%x;0jZhnyAC|icsz^p9p4uXR@)SxXX^mjy#85J&4z= zCr2;h;N|~NT7ip#F~UclynT-+a=@xW_A&*D(yFyj>}^5E7HD_zA=_~-ExKIO0JF(3 z&@?7mvE+cTX!pTH#9qjp^{wP^h?5jz!mE?;X}OZ-x}ShUV8?@ws6Kuzj+>+h&cFZ> zuXE!wZon@l#axV>VcTTfVSl5_y#+~ z-*gkTd|m&htAdRU!5QrX6j+AA(y=);aR8yF+5Xd`*CCYSW;FmK&6Mh6G~mYM5J-VQ zZ;i8Y2zUk=#iU^7L{-HVl$MtEJFRVsHchHY+AO#34vp|fku-{Y_D2N_gyS`h0jRMp zCM9IqA@b)^Lv???H4qA&%;XcxROvpK+h3V}J?!D`PG|n3w*IeQ$m(7=Dr?DeSg?t% z_8d%M*KeLlQDB@4snuRg{8Sne*QPdLWi0aXvpf3Dvq2QN-_mlIHy3ejIP^(mQ9qG4 zJgqkZ*AS^-I?HL1M*X;tfORH=2{$a+fLqQNG)VkLpGJO*$i%Nzc1nwiB)bst`j`Zx zsIsIrNm=q6JHR#N$SIH!bfkaZg8`dBch@K0(GT>Wh?4d^Bl_HplT3`KsD;q*(ER?-=Kp{xIw4^}!>q9bJ!8N;t*UM;^D_&|1147gW>d^e?pCIP0Eb~qGC_PKA|=JZ^+9bCRk zurv0D6X2<~#I!yHzT7&E0-Hy;uh~J*Evl{N7!&b6W=Ey>_V#v>i_Z=s8Kmj5eY_n) zvX)1d_6%K1oxZ~Zkqn8a?x1Kwa(3}$rBVm@k;X^$t2i4i{>wH6SiZjtDHBNW^TGf= zOvmIcDEnQ}`%iH#svS9tR$Etv;W~IjQ&|~nQs&%6ypt4paC10u;}fv(R|Do;I!!;TG$Z8DZjc#O<0<_J8%C02;)` z9^^P{*)^S2P6(E|0ib_t?QGl;&g!+??rVvaalmvl>mm!)1B%*YtLT02P{ zZ=H4&zPMyy0?_XyC5kAIDE9$yNUZT7geroN()|N|fWqyIne7P(y%zFRu!A zNBS`ZY0zVkl0?Eg8-+UQe5wi0XhBHB-{Av%jJuPy_aTwT+$FIjC#Y|7H3dKU?ynGg;=Qs{DUpRi*S~`!)EJec9 z3P_LZ#||~N!bY52TzsTSi3yH(kEvXC*%X#M3WTsCJTBJU(uxv&(9Zb#?$(drg^tS`~!bs1qN;ygZGP# zp?jh(@BZcP`UheD64dHe((I-MDnf|l{%|87ecy!V%ok$tXwGexz-IHTu70M%OtXmgFU$LH zO>k-aw*!{KSi<(gAKkkBOh2U^#873nPywPn{)u9p9cM!y@y&Kp!xHQmHrbkq4^Em3 zB2zfOthVjEv-7RF@DD@XxuFbscHUYERRm}m{(GYK-~I%j8*2P7wogmxZpNhZjH8^4 z?k?A~&*4A7f_a#oYJ`k~6V!!`p!J`oL^d3DxBrb~{lB)>SR@1!F%4162Vs#_%9;D$ zYFz2D>0vZns=2@aL18aV43mm*?nAFyto8-#e_P9-2~15J95p31bpnHc|H8t|!K}>I z5I{xVb2V_S8*y zp)75Dmad3CB#^?;h*K9(Lk%5paKj@>TUi|mE7o5E|3d}`H9>B9OdR=klI2)-$3uFj z232gPV3ewY1Q5;$`APO=uLrJPckrKU#Qy?wOej=gPjh0Frel}(%?{eZ3NN5Fs15}y ztzye~ig~E%=T94@Uh2KSEpp)tj4<2QV`4dyhUX!=q$BdAky+BHDS@9eV$E{~uOoKO ztG=VhDE~AX8S&oA$HSkj`)G!QDXkyjN=}1I;KxA4+!-5G9)Dp<-JA!5Mdkt-F z+RFyw+#KJWsp3c9m$f;~=gNa8vquYS-tlPu_pNnR82C(3%>yBk8XlA8jshl*3zMpZ zX=&w$|Y(O?tfH@nZ~FVeBNV#hZ59Va=pz13$TE+^>`47r4$ z-LTW7^e$L|*qm@Sg5l<;r>9&>)%Sp$X-Jr`x(@G(v4daK6a-Wm3SwH~{;ViTBzYZ+ zIm1#Jtdtc)zs#HZe?@8i9mIqocMgFbAoNd3M>ZdGmXw&Fs?_?%_-R?4oScj!pdeg!x{r&l%{}LSjpD#M?F$R&aq0fmoEhNpwLZ?xVLKCVdk>37)zcuME%vnI? z@G0<-XUz*ps&-=Fa}kGlv~DlI;pn;lf4|J~j4>E69n^~wA#Y>>=lX3{%&q48^#{)4 zHP}3MT&RCaO#b_d(?UA^79iwI_rl*oOp%DfAi_Roi!vqr|NA$9cL0^=Cvg#476*28 zOOOr(x)d>Y$OR|kKNV!L{X2!8dW1l|hN0f0IWJemJ*!fD|0TTm&))_FFKujoR+b*b zYuA{B-(F=8I+{xi$s&wa5NNjZ$EG*sirK?)U4=80L<626Y({R+F5#eJBUi1x$fUe@nsF95CPl#(tnWkH7E;4s5_(~+5STxt*Ixkl(_(&3cuCu|MbiHy6;ro2Aa#Cdj z{4=HG`r>s)<qx|L@_L5t5;(a~|+M)ME_V8(ij7$o}!^sRHj0;urGzP{0Qh zi2ajS^<1AUGe)ZMNRNhhdlf=$cVCi6ve&irbT(zpc6uA+x4Ux)A>bV zNs>odyBNO3)x+uy9t@QDi@O<@x#_8$X8BSfKAJg3CI&|*r%SK+=yt2h_O>zI`ZER3 zXq=_XypPOlGq_1jOW>eoI3F=H5{tG?*^>ti6Zd|?xw(V!a>-;pCmTu0DkjEA#k@7Z za8Ymk1u3B4Gu<}tmU~BcNoo2tXmfieXQ-|dyBhIuHt0H~@IL5x-a5lqyF36x z?43}ZPAa3PCrn#b2`jIfXDg3hw6e2=rpB1Zs*m*MuHDqA#dk`Rt=h-FR`U+lME8ox z+1;Wux!!%iJ)-8~rx2yL0$LXvz_N<0ITUzp!x7+}zx%?vl4@ zVs737sQ0J?^Nj8t;$JuCU_~#vI_|&o`M$J59(PjoU7Verv5V%Tz&ZJ&SFG$m&pQn9 zr~|bT#^xUe4Y*!m{11XVhoW6>JEDm>RX#2~TaQU{4InUA4B^DR?%f$ublEn& z);Y@e$EN#Q@^4kHWHPI;JEnS;| z=A>2bXjN(Js_bTK|C)a{5B+O`B-WSPb8-hVdJ{2HE-8phP<>yOQemGYX-i!T*WyB^ zqR-<#x?)A?#9!)OTD;`#RXst>n#bX4mMli6l_)^3>7vC96V%Cq!Tl{42v%(}NG-O_ zAof2c6)I^V&Wcq`;c@Y?*`&lRheOa?aQvmp`A>W@fZr*jJ#QJxGJ;a=vFT<+x^VAJu+wBvMl7ivWaAF3eHjgd@p))wesyu zyNwt;Z!G=_GLIplII(L&y}Vq(rjKMl6ED&T$Iv6;UON%wnV9f3qpkp((LN zBOx9Y3>#coQ#Lu4=A>PcSg~wlW22XgnCpJ`#}M+a{q^Nh@Ln7%V}YfqDGmN&vIS;w z2El5C?F~!-`@+!IHsE0g#Ag$~!B^^BY|lvHL0Zn{raj)QcG!<+v0UrbVybqn5V}^f z&!&n-RA<^T%aPTP^{}XUVwfCHnJ<|WRDUrn&;WaT*y-H%5}uCXTXssoN^p{$sVfk1 zilV`i_o`>?=vxnW0PLtkM_%g1m}y)((ZSQ)b2A%_kDx0Eh4Aw+*lXy->Z=QU)hBki zum$JxP<6#Dd-JF(FGIthRWZ8BH`nYmE3y=vT;thCN2oKqlX*rd=FaZD%NQ^BSBQ;8 z-x@q!Uh*{b&XKQ^(UQ)xcjat-^t$}Uh;DT$G{8lttlhN@gNKWUcB_oe`+mI-@`iwWu9Pv(~OC`Mhf4iX>Tn>5(=Gmc&jj2j>G<1SFg z+Vl|dBSM?c#_Y77-+0N{_|uHNe6@@8Yy%GnwCBzDi;x$#Px*J=&sv?%c~;^Z@=V$2 z#GZv?F6J4~oJfphe6d4kqWfl5e!1LtBY4}4ImKbha|(YXCqVEVGPBl(jBNADKj%KS z*!=u6+L`{lTAT(u8PCm{@wJZfBhQU9yB?2YRr`%|Iek5zXolqlWKeR@s{zD&b?}xg*yNJk0fyR^)A~&1-UCI+BnZL5I;K@l9pfvSKdK_rlH{IO0 z3_JkU2O3_`;+*@f6TVj1h_$Nj^|#x*gpmE9-`nCnCL&*%zoP*`NN0iQ`iuL!(_3>z zF#JgQlU!`$c$SN{^-4wq6F$r=-yXyb&n(feiEWLqYFR)<`2?{%K{B(=TzvK&g{;%h z6@MLVBk_e>Tn0ysuO&BT3myo}BvCP+$6X1d)Ovip4^y?ZEKbK8+GnPH>l^f|OCQMk z59JR+yU{P|<`VO3{1N<+$)T9uza_Gp`%d}tGzohfJ9EU@)AC!-ag3|x4z+xaIfL0l zrFIfwXs;rgEQy?iKFaN>u=E>*AT4uvkOnefXWK+UfHXcg{^^dlcP8r(tOWbm&z0p5 zCV!70w6~X>uKL->-?Xie+n|tK&ky5?LNBnAU<=H=RU04oEkaw?Ce@NhFDe@g=v#L@ z6cDpnKbxnOvf4xM1R7ZuX+VdzIA(#DP6Ss>ku>Bhd78_et#2Dn1HqZMZkud&vnY+d z%kkvH0TUAITI1~3yVl5kN(O7-o3DpWr~2!fv6ZoEYhQ&8Lg{*L7m)pZ>)oT#&6O=| z6q4$Nx^Ctp1E^I+@@dhB0o(^|4^Rv)hom0eLpoHCbtjb_FD`anAGN)r)PgY(q@$m2 zH3WdoC)#@@NkOrOePAFI z#fD0N3JT>MDfy&qX9TdTjH@A2WgsB*RCk$C4s;mVaoM+|TAgBjg2HRDZMyKv_#p!w z1ZrDWt3-gJy=Y(V81Xhhl9!fRowuz@C8gj{Hq1K}Q@$^WGp3qd6;^vG+ep<`*4f3y z@4EI}^6A{Pw@p(&@YO#(acN@1mczu`(V-Y6p{=_5sDR_u!HH#?R0`|#Q}?0bAfUyB z)%T1o9^3I}r}StQ6PNpi&1I&0Wo5y13%R_~<9m^hm$;>o-*+8Xr>C5xHr(KTgcJ&v zA}b;1s#cl+!agb1|NpDJ?yq*gjkR!p}DUzP+pE zcYJDl#9n`js%kSHNj+5q?7$SlezveMl-_8G?|O#|{6{(B;ZvMYjB>{iz);$*(+CPU zc$y6qNTutNl9{|W&naRyrv<2HWEf#!o)uIqH@&zvHNHtE74{yckgcL7uPL=*{-tbf z^~3Nd+S2fmds$VSjdVTB=kxg1G|7l-k81~fLeqIV`O-}<$IUWzRXui>`yb%kTaAqF zAK5M?d2Y!uGwMdyY#ntS5D{<2^n|U|D!W_m-<7OzN1t}MPw;xwm#4q(xpk4LuzRPB z{KI*Qs-h>e*lnm-9p=95v=Ch$l1-j`MAp0)5Zffcs;swlv+kta9k%Az~I##2Nqg|g^ZRP65d_Ok6K2Pdy73k^T^Nz}N&EZ}JUnE2cc}oMQ<{5bN2Br=d;^Jm1w~W}~NjT!xpy>gB3uXPmu^WJ7H7Qb$&Q-YFK9 zwGK$j+%VSPAgDW0hmqUv2|7i-K*~=Y(bd)515i^A^f`#G6XvE<33t*78;mRb{O(__0y`v^S)@+^uQaLm(%0udDOXOkDj_q13RE}0=OHujUvhUB5 z))PsyXHo=35B;VhF`{3Y`|Tu#4m2yaAn5?YcD3@f&(5)@O&{{7pV~_w9Ic~-Te)V% zcGU?9#^f}^Mx$3VIJsR(tw71{Jaj`Kz0 zD`ftb{FoM&r}3=8t3`QxjtPx-P^ynEO*hY)4vBovfc!cGODkThYaK2y6n z0F$^D6hdZjGl2rM29TN@}Daj^~9HNv0i z9N`NzQm$2zGQ6(Hx8Wun7SXWrS+6NVZkvC8mfVk+CPLx0fxLksD^apKZScekI6gmw zeJ*R)Ha)6tfNr!uHQqEaDq;947nZ+Z%**OgCImK=6RiP&%wb09T!RZGln>J7N zXIH|5yPNx|%H?H{{L2l)U2NVNIoxvT91N9Y%4St^+L4{w+++nlLR zYeUc!u`uXsM-b!%Bdu`_QLy|GgHE+|_7Ss$pM(P@_YkW&YERne6Wso6=0avWJeyY9 z>bjOQ28F3%*bv@UF6DF5GqW0`J?+sW*Z-b(8AEUA_~p65S1ud1e0*N8*8z5o&S7mK z=nBHT*11)z`pB8GKW|SLIBtE26Kw8VU&?Z(t+qe2-3s!bHrXVTmS3Lmw2p!iz|z8( zHWx)S2*SSG=w~Apq!?}Y8WyJs!Xz8dVem$X+Hs=tE>s&o5dZPp4I?TAy|?drq?LhV zt1s4i69XU3jw`b+Fl&PJ^-jta==$C^`aU*pNm*iXVb`0*fXVVk#ghmU(_+(_iuBJ~ zvN=@}8uMwvdVEfkW(ucuXcx|B$!@={BaCsEeLK894-+IRHtM^EGDZ&v&VX8$s12L&2BR}pZRk$i;aZ}KHGMRgowT(sWAL3t9R zr@8+oNxxO!ZR)!TiIY({tXlp?x>S8u!xd~jz_fInCy!e`@bKBEQ%SNSRavDSABof+zrUf&dg6krvS<-ehn`k+O zylZ|uY5_z!ZGv@Qqb)mj)2`PMmHsDHo_|`=o@ZcmAy((P*IbCr9|4&gGcxY!J!1m} zD?!>11V=SajJF74iwp>IQ8H;3;Q{ejM75x|k(LcBf;pc!7Oks!stLBA8Fm_M2ZAs4 z3?D()qC(-=2V&1kbF_AIDJ$9XFmsgwZd}T;6^bC4P5UqW3|h{!hV_?uwn)SwUbWO62~EAeuZ^WEfejOa zqimzrdrl0eWR?olNW--+7?hYuT!|4=Gxi<%IRjiL^d|35Qo>fl+dk}5Ulxp6B^Yhvr7S=+8vTg1Bj&)R)h=zL5T` zWx3gG7S0}v6hW)~Z+jpaJ)yHIHmCPYTt5*jz_s!8hiVJRqA z+w5msvR1hoKTs;($-_UlmjU$Ug>$wAxK2{OMO-^QOv07D%yb787%qtV0A)TrY$B*uN9mSI$JQcy}48u6SUG zsrYz}n;CKDajbbf>T)X4ayniGo5J2KWv{Z4vkYO9aeg>wOJktU9wmpPNI)RAwmD~J zR?_h?!G2}<)NT25EPl*|I-h59b@Qe0JWBno-Y3Td%@NWno%JuNWeL~cz9}2}T2j70 zXD1i07I(!Mc+9zmZ}Y&orZHqx3L1v{(Af)GYtUt#Y?`sVD+3R8DCG(Minj93_6ymz z2I_F;-)Z~De3R(RtJ_jCZ1Re>X5GOX$(jcHa=6IX*pUvhS^NUNxr%{u4~UTo_iJaX zo4%Lm5`x!nCs58ud&NqG5NVXG&bjAO#+-qI#c*-xpJhV_wWB9i#r})I?cj3B&CN1iUJ;=aJ=~N3x)WL6ypP1-++A zW{c6r%s`b*L`T$G)ZVCsT@!u?F%5Ad6)mun+w`zpeAX<`mKvWRYT5)tmne=aMfTc`YSmLw|jHJD~c&?@W2J0%s=qoV_w2>1Ll{u2*d|9#he*8)kSM?+skHKN~pn>T-k7^(J} z!SC;=%Upksc)=*CRW{0)L6zb!_t5dMYuA34F|pv&)6qD3x&IbeZU;b}`EmS(IOojF zx^9-NEWJSrMizN5frA0toA|z9x3rufiw=3pAQg-3;C{D79Dny&TSM0c7`76ze3!X&S}i{MC)*_IazND7NuiV9b< zVLdodR0Sd>Jjlw z9DA~uz>>&j(&q4K>emEPCq7;DpPr2!OC0Mg~AYogq?O1?p|kyJ7IOiMrD zMxE0O2FN`91_FBm&*V%C$WQFQBL=LaM@Bp>9d4WoB_E6(RlQmw2bm$@L}(>&r-L~S z(U+906@nJz8Zj4)R27U;tU1qZkDAVE5Z%de8yN?$u@T3rQ_(x-r*?0+^qrg-S7pmi zfLeb;idJ#Xvx8=FEjG$EH4=#T_8xZ)7Iv2;G6~!r-PnULW=1dOVA>J#eJC;&!=j^2 z8K;y0WBS%a%%Ga?@TKP>DLXNW*|QW(TWcfY<7=LPpDxs(5s48Ml;T&RqoRT3;r;;Emw+L)7A5?nSj)+3&2eGnAawGQo??$46c)Oidg+`dL8 z773UI1sTSNO4RH~hvRn_3Ug~16Sqq+3PUIt@dVq-o1&9r>^kImfi`S;ZiX8tYlhxe zj|=z6-#-!GiAFtp$cGaOxYW;ZNz#MeZNV|Q9({*I^tFyyo9nT!N%yY^jby;q7V&0# zhuUdqv_TLB8gqG2`4cQf_HM&YpQOo6OJJTO1?nN4b!G6lyNi4&I9H!bVo6?zRao=o z!ak*^ewU6H?%X__ zXtdK1tqDQoc!T+I?(!UL_P6noXel&MTsi5S=y^;9ed|zOpJPwiTchhj&oAB_&69LV zT>j|4FqHNy^vtA}+Dl)WT?do{Oe@|3sQ;GX;o*%_-ra**0d_0dR4Xn9l6X`>a*pt- za7-&~Hue&Zfv5ds!(h59Tmq3v3kfopHePjdX%Ko?V}0CR`uWmbmR;GHb2TqbzqxM)pbz`! zPtQPK?GY^joUuKEDLG94ySHX2?XC{5a{2os3l`+V6;-O1NHo(5CG7dE*|_bTe=yE1GPeSey3DkEqnH>dVpA22$fJBGW1 zuhahorqJ=b=J%V(*Pg&4CnT^|Myy3IHk^4x&k%YK?q_Q$aQ$PK5UkHRs4TqNg>d{D z7ybETG5BV^uhe=QA!_DXN%Qjofa3777&4Is-F1wQD@ZMFXaQV!YgD>hzcvyF64IN} zE;kBjam1I5MYqQprmf`X$YU*l-G>F|v&Mac`m!`&5u9#8+?&H&Ou@Q<)!%pucDKBEhiQT)6 zEU_St4Pa`o#rdsW!UOQEw4(I5+7dk93mt_tkKk}Fr_+Fu&GW+pQz96bzQy-u9qZ)!h)>(%< zVq)SzGtNnvUdtsjY$XiOswIRkiRn((x)RGUWZ@U)v*(pZwaYTdr}9too7xvxcAoN; zEiL>sMU-wH4(*-;X5vDo2ji~x+2aCW76`;58j5|!CAy`b`nt4vr)j7x0e0P@5_6$iMW z>wjVvg#XPZENU?8_ee-cPv#|$QJ-`HfHN?4owihOmC|CFaBUQu0iy1GsK%A-PpQqB zj;iP@Zm*~qO~^33205K0*XD&f8$W;l;6z(CdbcIWEi|W=+&GgNmhC`A<6@@V8*EtE z_j@!;bA6Gql8VwOt(0R=J8Ep*jBWlVCHY+wk2^FlXLY;N{DR0N3g#9>l2`kIA2B)* z#UDJ~E0Ilv#6bOdhcV#FVaX+O>Ixe(PCr;JlZ5XX`+tQF41!?DI2vs{d+|>H*#li_ z_ipjL-$@~^=4y*&`z{d!OW9)RpHj7CLPX1v28+m2d534HN zl66EC6eh~eeC4@1X@5{TuVU_te1b;iXOQLy=LF}pYtpoOCa_lctSQh1-Lit45g+%P z(WFsc30t=q7hMXw1)BBC8fdJ=q!aevD?LlZf!Z_oR}tnN75BmMM0_?f-~F&V;RfF2}e|gYoq6@kFtgy+QK0w#%&>GpQSI`y>dx{uHa2*9*mdGS8fcTgrB; z%KeF2_B*%m%SZB90)*d~d9}lS+`UUD~YO2!I6fdVfqqHnV^oaBm;KOrtJ zFW;~R+h{rSaV@%-7w)k->#7NT;zl*PyIWLUPw#ZZ>0pw|^?b8W!&9y!?#(5@W*ko9 zBFm&|2f%r5YQr4^rXhI}kx#V_yjyIG!y!Q;GhN$I82ua^9F;X}=b(zAQ{rL2a>6;r z`wd4al3tviZ@QlNl22!UHhO&4Xq8)SS9m*^-knZB7g>6i)B>E&cbabG9OQ*yG^JOA zvJTq#@RWoV!czM=Co0xtEl(OKkC&D3@Y&^XVKUCS3eBx#2AQ*M;fZ`tl>`M=H~47EEtiTk2*%aYIp)ieS@@yeI$$@m?>Vt~N*6sF9qIaW)S_%s0 z1q<_s`p+I`)b;Pj&$@$=rLt1kF#bAw0inOs-uV4Z(!3Z3bgrF*wzj_hnT#ylP3ysG zjcH_z)b#A^8g*z*9PUM&g0UMpaYOJ~ax!kC)1HDNZftalYH75H{@IdU$Mpeuu$d{u zv2D)!gCqsl0x1;k=0>MKboOYz{$Oo@d3S=MAORYmX-7sz#!7LH&mp4DVbp`aS7}*U z`fO8FQ8zdwRbzdukf}k|*aP|H!Ax8JU)zLT0iS!(3^*x^58sqEE<(E?J zxg5`LoJW;CS+rOv#&3}L_Nv*S_Y(G&st0FCX;1Z0ue}yLtG3|8m~5_Y4E;2$9g3Ow?zM>U(%F+Y)n+Hq-G7$U? zz_H+x<8=|fRBImd2n2J$1aIpWe66uE)J0{L5HGGK7~R!tUm=^HhuWPE`!C>0xEWJe zAbc?{g)f)1pY=ReQ>SJACoq!cYY|C4&N3Za!qyYoPT=r60em1zcD&LuSB|8NH(A`H zLJVEMF#xEahw}!sRB61*ZOv2|fYM%QLDaCevW^ya}ars(D zCaQ3DH5_={U5)ZM(gOX^_wfs+5Q-E&f1@on-$}X$Rbw$?!Lnye2UlTRmVnv%-gzCQK7OpcZO>>9VgeD8pQ1Meml z-#sRS@G-Wd;liZp%X`skJcK*(1>n|{pr6u(nLSWknFbtzE04sb(R_)oyPp+=7-_!( z_rx~{aOh_VyuImJ6&t+221uSn z*2~RcB7CNl&)F!1K^On7{d3LOKUH)R;>8n~d^}NpeQkS*}?OHctx(tXNGzzE>WI zCLA?{kGsiSPDV0=-FGg%qzI_628zDZe`Io8(OvQR{i5!BtzNxlDe^azh-HFtbLbh# zbVEL}$gsx?%GA+o^b%%U)RC5*v|esvy{Vy2N5FdHs%P{*I7Pg!E0!PFh+06_qY)8E zYp;R!d0AAa519*2M85bC=xC88$j#=a5k-O)W50>e!F$FLHLYFE+HVIcF{pce>}Z*R z^6EO>_c7ZUR?+6))~*E=O9ENTI%%@qx?_YkFF`J6_BKw$HO!V;4^SCgb~i0Y&Cya0 zcOCBjqa!vCVHg7=$&8oGpH+a{mI&N7V|l@8!fnI?Go|CQm(4iP6W>Bx9MWxULN@(d zL~j}ZciCYwXyHvwhT$YsY%CiH7oH}-z9ggpr7R+%39(B98fmJ8ZxdsCIXt%Gq*{^s z20pW^By@=a@WEHVH{yE$xvo)y)NjOK6x5I<-d^%RLEer!=BoCGGSWBf7G}N;8@6=@ zFHjwXtX255QYX*1Yqy7>+4Gwhi0_LN2v%0G)vxOree+X6motg;RJR23bB5307?{&HU{SC^k%rtpZW$1}u+zaAg949rxTfN^uz704NL7}QcN^%R9Tg=|MN{KjvZ7pnwpzc`xMwIpiSzNJVDAjY8imwh z&o13F@dlV8TSFWkYa% z5v}NmmyGr5Y=Fdbv_q%A94;OuiRV`I<1+S6cEt(e*Mm8cAELj5hr*|sV82Pe2;iT3 zR7Mdk9n=+P`%aZM(9D6LS%a^JcSHUApr^pTnhzIp)Aq6UZLen;rgf$Lg0z9G4c zomrWtizu&bCSMvJH!qpJXj0ZnTrI!DP!00IP@k@KJg%HQy~*(BWm>Zy@Q%O2FDv*X z$wQQK0i*t@eaLm>SzE_l0&G`Irc0p2Zr>#>CaB$LTi^KPbgX0BEcCR2uD5WtpC8i< zpcy==Iw3wc?CQ0@`c20M9dmqNz%-y9*8d2qQxRY+THHi}j=0&arUdiM&?O(?HpCtY zvkbycTCYSnBs{vEf1ghJgfw7YzlUB@8z3tpM^YXnTeMy-Cl9knM`MoW#;we2tuXTI zVNK-^T_`VZ&Lu*oMB5u?qXhjrh>+ucjq`f^4cGWUv_5b>>?EkuIB~=a%*y*7i-8m# zSU~pIt1V~uR(f;JAGhJwLM-EN{2GEiNfZh6nhi?ri-quhb^y*U>v&PrmV08{fsrkC z&E-a1C>w|5dNbuj_0D4v7vuLOGgaub`_9~c*S%5twkv!O=BV3=$3r*4yT%h9f__T43^~xgy19D4!9UmWH0>-95D|VH z(86OF7{JH<+=Ow)_U_aK^B=bL{&cZJ_4Zj>5C6wvpPDa8h{!8d3zy19<=*g*Umv>| zVXmI03S);5Os3whV@t~;$-yV1_j@FZ?afzB3jq&p5d&1OiZRP$7d+`*G-b!Z6^n*3 zM)YLp__4NK+YbCV%6^TR*?pG_KP@foLRE3&Knv4mI{ep&jrRaMQ58`DZLo!jaG+?I z2-^wPDa$#W;m{jT?tZ~s)IcI(OuzTxBHTMYJ9^YGK=zBz3`3?DrWm@2*=WD`0bnqp z)@%5!Fo{-!8n|9STqIvnQ3AT_4!^=k#V;!}s9PX{pP`~OEi)EY;s(kPAePqrJkqYM;K4BY(0 zQNjo&7egi1f3aC4ZwLEQ^gM>14-|bJ?b`3nKtIL&ER1T;cZmQlkecF_oc)5HAS0?( zrP_7D>DAR!my^XEntI{taMmy$m#Zdq3t>y!wf2=3)y>IXaX}Q>fMzzqwTUN5stBYY zr+fyYjLUSikNFepMc%=Hb@^b(@X33X1cgyxKEFT8WB(dT0r#2b@U~{b6k08T9FmLRpdR6_V$1vKROn1#);|>x0L;E8r*re zd*D0HEC&L4Vkd7*Qe0CKh_Twp#1Z{Vvx3XnFH#d)%J<@ew>bCqzULFp0vB4{#F_SZ zy+Wub?`$xWkz5<3j+j3$^+d+kTg^RihCY{c*rU|Tk+C)X!$%b=Jt|S6f2wf5M$KI+ zs*4tVSU0wu4F7}v%;5QFt!d}ws}t1NuQg4s(BiP+Y3$G7zfSZXst$JPyFmf=khoCq z4-`uxI8qVt5X#PIXCyrdv@IO^?W*UQU*M14paK-=t&Y3Mjxf|WJa9~L0F%ho<7Gyg z7Z1s4OshdIg=DrN%NQ&EQ!gP5-A*@Fp?~W(5zEEHd5rIIQhL)i3)zl_L~!HEy0_?m zWc>w*Zxd6(Q6?GQ@uVK^ATwuR5!kr9rS;x)MT_u3M(7to521B2{CEKqAt9VR6&Xxx z>u)%#Q(h(U;WNgYU{E9<#yAii;3{?Olp{MT6IS@9QN2Tc>xV<6=A3b6HW>5&6p?g0 zllHl=EazXRl%0@6{^X@iO2l;8&5+U-H2fpX9#V!RO*dIu2?0sqf$ZOLAooDhsA#{5 z^mZ{n(S%4mWE0^#;z^*Qhu~it{ziN)KgRa9Qm2GO>G*ePp|P4k$0BxiY;66mOHe>U z7eWp^i5uCht>5Uyj`L~zHRxj+p?jI*?>>2-5;^c~NCt8PiBLWdL?qF7D|#dU z4GxL~pswx%M87QtV!{j8oe?$42uX##nbYQv_xhBwWKt$H>?wzSzO< z?fqazb6+h8lW(45BAW_u5!Nnf=Y5K;QWirTHXv4iq*rJ1bf&Sj`mZ9(zm&2J9LZu) zbNxif*3EDRNB$5ih?$rPi>`?pc#sP(VHj2Sw9XG)|rjW1@mre-dSJj=hsdkCDRAiZqmp#R6OkpU;G4NMI=qu3MH zG6dRxhzkIA}=Ml@3L@h-48c&^!WJT*UodIU9_dVJA(TLkDXucTSh}ue!FjwrKQQ$LYH< zlr3es&(xFE0)jdFFAUf*DQOd8I;(dlAhPL|6@ecD;fg(W%bm=+&D$N=HlzobJ}*Ck9k=M)BNV5J=p5NIkG zLJl%6gMGb2ZQ?*N>9E~mP4qb0oPAywE4_ysofx0%W-p?m)?_8?r8__i3(Z^sB)vc# z3fz9=T}jr_X`E_}RRFLHJbDj$rs+37$F!1v+3-{lHWNZigF$AHVq%HC=^RM>Sq&yvO%$0c)G?2e|r>>x2~kiCQEtdoij z_6j68z*+#rk@@351hYT2@cpouCYOq~7l#w3~ye#w%ej@--Q4M5XkB*`( zJOCsa{b=ZPEtex%r(K~WS4SZcQVh_H|9m+9#h$662qvs7{rDQSD7lCWZ@M~p!=RIU z8tA^A^1dUF{Q^TaO!i8)0JNCkh>kMs+Rsf$uxA-GYkGfb)mwJn?8oF5nHrHy`@q7& zRE)XA88n1vvFZ zynAU?GLAQItp>Ixw#o6tq$KdxK#XSq`bFGj2zQ|lMkXNfpnU)16tpck&Z?vx08PpK z2)BhFTWp})*g8&%C-E^PJ;~TnfnL4xs(_+w*d*kl9-y`?j#2D!R}KNvKlhqX%~>|N z0z1vz6ZYMWjTNB=uf{>N0jaPXe!Zr888q~uRErO@(uuC~V1 z85*S8{zM@N@7`gYmN{S2v%%xqk~9GeE5VpauXUcrzrci4TK=NIy6UMz{mFfTlbUUu z2eUe2gxkFh7?cTjxjdoOI9mo!&CN|x$r&G57(<6=WTX&UIcdVbMR^s>8QM1Q}WpNZ%?Vh8cQ7G z1(Xg&EJc27n4yS-#>Z(y`g@`96w7LpV68m#uXyx?pfdFuZu_hPX}oI}8Z&KtQn;fq zZ4J7tq>-Bn({dX*;TB^>PgYiq)9AWhOaNvQ%}41)+(9wvZnr?c;HSVV7-R&!>B!g` zFYXtssk&;{U}$S}^>jG6&>}O2p^HgHXxjZ1;?!PLs3M zNZE!6_RJ1dfME`XF8-FRj1~J6(n}|8?PA*&Yw2Fm&*h-MWN% zXO%6d7wm;%^Ve5b4~QXTMA!tqgxf^hf2oa+R;p!O0qO9~R7llwdvh7+n8LI6hzZbZpt`YC;t|uykpAl1T|ylh)Oq6< zSbw09q>WG*=GJ+9II0q;epq&bxbJ)=6Y7H6q1_>4cq=;&R8RyO3=rc+uLJy7r2jPC zPn>SxsvrD6J;j6)%IC%jZbp;+*m$igiw&iYV4B?x{fPa7L5-H2B^+ZtThs<29F`T9 z70&S8bd*v<_jevTuZd6sMU%ZHBL`R_e{TQV$@MolWkd3}#*sm( zNkdJwgPZo!Ku-f8D53@?2*RBr(HnUv%J6T)kTBV>@$A$BYRw@xLFB#ff^c1Kjx~j3 z#*vv@*UyI3zUEVjjp3ha4uaPwNd_e+sp+vD=t+I{H#A&&Q-kc0hdYI91RnPDS7$P7 z#G0!~w@LO84+x}r#(}cBN@BPT?UEAehZv0?y-U4H4x(>F?L~JdICCk3bwDPxd_C=` zsHoXd1t_ug+uv0ZYLxXh?TjLEnJzT)`6XZx4YeEd#;c4U_i}tsk5C%j5Ojy}1~*@b zq-X4iLO&(e0#N{VE4d2|ol=je*_P#aeWzU%Z+`2slz_t+jJnSsZ-71CoA(9vT?_&G z8u5}8^8eFH0E>~&mv~_#xDVJyLC#%dwDZ(|t+bCIY$oa>5-*}uje>{}=e*{93uf+k zn1uL^KZi84Ho50V1Wh9)f3%VA;Tk}MqjUdxo37n_bwl~dTJ8&Vn2cbTrInSyS7~?F zQ{S6H#!fPxKu1i+SoA%FQp5#>gK!5XpgMNlTcnS9iw=xT`scyXY5eU#%>bk&?ob$P zSOKxd!jpMg;x=i6+^*7!!%%T3tO%tt3qyfVU)KiBfx@dG@}xb(%?|!FViSD6AXNDK zvCwbl1=JeC6#?W0OyX1p)L-eadpSveWwBu~T455ftzfHG_fm=Xo`ty*ww1V%Fc zt)jiTWa)r6oF?25q6nU}1OhYl6=E`j&8yB9`AnzXrcR|!JzKK*e0mv(9CdB<|4isy ztvnCYXW-yWkKpnNxq)95UphrMb(`F_(4VF#lIboaxg^PEWoNeeE1z$UC%MELV|d>^ zYz*+7qVA%3+$EIr*&JiG%#NffHU`%o&+88id(i3KFWR(~l(}=R`P1a&22~YP`4a^NTt7De3)YnU zTV6$=A!y+qhx_x+tL%1R zf)MW`b$cEwW<>)-j)M7)VZ2ZGb@|`knzg{q;Qxi4H#}>8JZzsA!29m;M&8F;8n`BY z=5l!+!2kPn{J%@Kz=J~LE}qyI7~>>u8nS1Stgy^R7nf`cw?(-Z|2SD)i;do{vFoJk z>%;?Xf`1wsYC#9q=KXJ+!+W#Es7I`S!u)-Zk&;KZ(_5P)taGMLhPu14(?y}~(bZuR3o@bDVpaFyYOOm7gSD87_LcPSyH?#G2)65`_FSCY5gCNiNU; zE@EnNkP_^8pR?>^z^N$Y9!P=!%N28JmIa<$Zcd)X)AuvM%y)vig`|(O&Vn6HcYIuo zd=`BU32Z&E#i>DJ;^d1R$}_u4=JY%_nPqhO9b5S4i%%AV#)7ak225F!gjpW~HxyQ< zZQDKXs(rEH{>3e63Ur@HaHASmwlw@o3tnl) zKF>Sn8y|-^sC6-G=2dxa{_rmjDQw@rH12*q9ob$7k;XUse^#Pby=nrCU(c!u{4tTY zk~U3K&`~s)`BQwW$mzsm#g{gmDOa$(9HW;C-eWCzfhX@Ui_b~08#0{~sxMzNdAcSC z?j%sT-PR3s)nV71PfO1C3C+@JuPB=^`$)0#-cHAizGJ{m>Ta8Ne-j19m;lSKe;?no zc`iKrxUu2Zu8$6p$1#HlIAGG^P*?YFgTK19hQ6Zy%$IX~cJ1E1*J!e2xuW^Ti<4%} zojdoi-kdU^Rs~BY*238)&CxOn!e4@O@3JtiKaAx#iUUhr6I_<4rFT0C2MIR`m#Xbg z2OeT!zoIYVyv~b823bxgOG``To4&unJpnaQrmWX$p`|M~U@3kLJOw{^`G(98m|4T_ z3Os}5^pQ&`6V83RI3vwej<@PoILDpN17F$A@9qrBR+C}eS}GjJs)aQnFthx#4`yW3 Um>A@>g8>LUUHx3vIVCg!0F+$n1ONa4 literal 235246 zcmaHS19YU#x^-;ZwmP=$WRi&{b~3ST+qN@FCbluLC$=%MjlaKh?tkw2u6nIr-CeGF z>#2J7-cLs;D@q~4;lY7`fFR09i>rWuz;1znfcd~c0aKAC+{nAprng*E98ngk4^91J{v)aVGdv#7AYS15Hy8w7Q$Mmy5!yE#=n`8poe+Kp(%IOBu$QN2m4F(cSm?DZtckG*yVoH6}FKW(J z?0RAl6S^o$d1zsg>^!Yr#V`*Hi1?q+1VqF)NFzjN2w2dL$on!pJPoAuDx_JZzG>9& zTaKl%M<#W@hqYF*Wk_GIZy;8xJU)-?-!2oA81cM91*_%}43!&Or|s7tOec{r+2&)j zcgrNjMb!hmBZd>6qMr3aX=oG=g?guMLyVztK)S7w#sL_t1airwW0AM1b&PT}5g{KI z5C9==^`RgAE3@@)7NA_yLT1ryt$l{|+4N5wxKr$R?uL@qfnTXtzx77N z`B#Cou>t6*z8-#-GY@bXO-Rv1Vp(wpzcDG`pfKL|%{$!;y@Y7hX`vyW#CP4W83h&B zX_9dPSghso!%mL?3;qtRZ`>JX2vbaX7FyO3Bz&@maW;Eq(2{b)xO|BkC~R13Imp!M z&IGm88CCH#KYXn<tVciMA5y7w08Yw|){ZWd+nQD`@ zhRDz;7`@$NKtr|x(mL^6L`US72Z3M~pRBeidW<5O#ZAI!36QxWQ+*r`$m@v6K^g!} z8wc}sQ-;_d+z($1g=XV$#1Tj`V@?gk7FKHEKre-Cw#Z3v0d%N~9^4WU)Vy3~YVITiPnsDio@8aGVYwL0-9Q?9C$kT|v z)>sqY6{#aSrymaloiB>R=zQ6dC2l&nEHQ)mq0u6unIS!l>(E%&e8cYjStxfZkrqXE zlWXK?Y7!d&v$YcFA*$yoDL9Ako6t64Ah`A&ZEkUO2o&V{QTOH9eLUW~1$8LJu6f-I zL`SxOh77`Y|}5j|2yb940Ux1y59p9YyySOr5Ybs`)SQYpMQt3kp~nk>99-WTIFk(#q1Fs@W(JUo$WA6!e~?zkLnkeVTmTBdJtiM=5|MS z?7ac_vQ&2XoCB3D?2$PNQCP#ZjyGyITuuMu&b>RmFQH#F@~%ECdmvU{;I=Fb6$RRF zSSJ|DV7Pvwe%OA<*1{K<0dcYf5q47EzNQTE35qG|YBF0&A}UVwj_|Huq-YVvBK0I~ zNn|n%DuO?P8#A2!om1x(PRM;o#*QF$TZ>~lcwW4MyE%~9c3LQ9jhG^ z90}Sy9If_U$2mrIlTMTH3usj3X)cmAWvNVQOA;N!9RqIsZ`Ael^z=6+d@J~sd?UO| z-cXNT2t6SU#@nd+MR5dI(%P;F3x zQq}uKvr74=a?Q-oE7>oKv(mHL4y8r~Mj^W_gI1B?vW~JtvfZ)_B@(g=veYTI^oX=` zDK^REDNe~6w3iy)Rd1pp#YR=THT_>`)mKU!^-9uWXAzIPojHAQeYoDix|CANzZc?F zW&Ze9>Z#l$=Ax`1F{#I>XH)&HY1Oic2x^Gg41%p5*9u1pw*@DU%0lTXw>PKOvA+Oz z1AVhn>FcA)QAJt>v3k#s51F7JJ2eR|x-&_d;CXi^e&P1ZW+b7fPIOY^<$=_@B4Cn=`{rvj&)^`y;8^FlM%nT0E;Yt%X3 zx!#)gveS9X%9cYuUoanon}x&E?(sg2GynebrO9#fZsXve=7tKV+B)rt9bH|IiQXiS*0%OZhAUdH28b zZ};yL4(ojmm=p=lpUHO-X$fiyTIp-*3nEn{g%|rK_M?EMK&?Qje_|lmP+`ZyUHa+e z3K~@s^({P98U>f2P4LDrS>~(lyq#)&B>K+ zWg4;?Uqp|yahRJ;^9#s1U|B8JVTj6#j(sFgS4pcQTG4QDyU3l8tfh5DyeIAruJryn zYIhoMo1R;r8=KQB?kKBKx}3h6C?CPue!i)2uVD*fZ87hjj+|J{;>gU2_u&r9PD*r2 ztm&WLZJAok5O8x%>lIZdJ05kJ+(_r6LBPBi6}vIp=QynF|Ebt9^7St1*dahl#HBBc z=h`WDQZ08pZ%uI8dvnZV8Xg?ZFC%W+eA-Sczs2BB;4pj__JvL`gRJg+{j!0>^=>z1 zfZPLP3B%;K7q0}DFCMcUrm*9gkxfx)7>^$qPpY~Rq7k+G4~{JdYZ}}1?)1Fst3TH} zZ>(s`?qoAuv?NxJ)Xvm2e4C%!ZjNRbEGzjIxvN*2Q(IGe9u|40U0%mh#^J}kmcnXk zwtCl<+jlmGwD18M%No{O;wu!Z^QyS&E3GT`x2uzRm8=!E>aSmkHw&9g4^khsd9*uP zJZ$(Hb-lb+9+ddp`7X{7*0uDFbyVx3S}P5f8aA#w)_fg4N?hX(bL$24A8sBW&Z0J# zzMX#6?$EdT%;arU{JP|4@DeZ;(WTipC~C9(C0#j&OQ_cLBx$NG}dpMQSYsrQ@;4f z`EBcB#&_2(Y)i?R+jU;wseN(z&+nCaj*?UP7W2opQ{N@PCQP@(z1gqHYHf#>i}hUJ zjw7U_si=+>H~lU8RxU@sQSknt-(j-I^hA~d70&}_aRUOe0%gRn0=9l=xBI?;j>m(! z&a%AM$h_HHHU1?Zz1RMS!5<&~A5%hQ?< z{kU$ed-c8ZO}B^3Z=r>uM2JTSah-to{A z!{}HzP0>^ndjG!2(h|@sGXO{6H?LK#@!&Ifz#mNVqnb zFwT0BbTda;J=r?_$FzVG1pJi)U}0hg{7==KEzSOyYJcVY zv)VuA_0R73|7wg^+0xzAT1(v0#?;mcI5a^P7A|)FfAsU;vi@_V|5jD=KdZ8Ga4`RS z)ql(Sx2k`Qg;&YZ(iFH%e=UX}3qRn$rTs^Fe!yQV^=~Wp&&TqQRN!+FgyRSN>lq8e zNl&Y{fPe^t$cT%4bq77ug>IeyI+uGEct<9EDbX&ihKhm$T4yl8q>hoW8wbfpCf#5N zSqEBZG!Tk8h|ECp+v}3h672WoVV>JVE@em7#^h$~6#sNrR(5tO*Qm@?wwqa%(-hA* z6{dtRsxkxy=>PE%z#wJta)+z6Y39nlT(z>YGF#RB1BM1H(w{8c1`nqX~s}iSP_}_>1ud!ZT ziU^Ooedb#IF#o@b{WY^sFoN&}C5PqjU{1SD`8@BN>rqdT(PI$H#()QhSR<#oHNI#hyG_L8ksL zH==)F4QHJxb+>n`wP4-cG*|w`_~zB;_s3LDhsF6S$I4=wpVI)zrmpksp!3_4Lnezc zl+AMO$Ch`yr){KgGs#TVN*lZ12S2a-l|gf3P0Wzgb|C!fm!|Iv<-YGP^G&CO*KDV= z1Tp?OWxWv}gwNC)TP`YjgIi>RLa3kLKFb$rvsboq<@`&&#kS=Jh2^ks%|*O=Ci$FxECUe|f8>^Io+)utjO zLSB^;*_3kooqiLoov$NBQgOe#eO@glGZ*f9KHuZ0ls^9K3;iLmhZ>G0Ow!xt3d!U9 z%bZ3uA)pX&q>r-axtRg zVd1{o$#l09F7w$#-aH2u`>-3WajtYMCJ7uF*K-2y)~j=BV6+sfDJy2eg@_4F1m`2{ zT<1BA3ACVHJ*(L=qO}6FSl?$m|3{15fhm6=Awb?x{qI&zVvNH56YW`%F|WJ*yRLBK z_W0d`LtImydHqNtH~;J$A90(E68*UPZOn&4;4XW zwQ_);SaZLTOwWa{)e0m1wrH8Mf>H#4Y-S{X4J&{hz7vk&Os;%BXKI2>V(_!Q(XbYO z8bV-5mtM?PGCEWk511HYVD$OT`oFBJ3G8#VL{uso*5ORSK%>R1C}J6kFJj??p6|0- zg<2(+LJn^V6e1puiw=4xslf#wr$w>8Z^p?_M12i%>MY z-0Tt^qt~b=Sg6*``o35tF&G6clU%7`g|muc-=2UI@U_MlX3g487mF-td3eS62LM}Z zkUn0mo=WRE%F#pwiBWUUyS}oeuopWn{{C_C*Zrr4V{epN1&(OU%96et#C%pJA5&(g zE5yywv=X^w=hUXbXX$2_S4mf)JcA`yd#GcMhovU`)m`?NT(5I=x1^r$SA2Le5U$ll zy}xBlY;@(FpM+;l9deM)P;1EJ{`lUcR7(Uzy`n03vsNih5yn3wTq|}S{>+wrD6|v1 z1nE$gDdasL)u_zrq<%AZEleJG%?N($YRF`_Gv_q3yhz9T`ZqfmL4~#F8&g^-Au*$Rw2E9>LLd@6gaGlk4 zbD6weg6hl>4S{nI`Ygy`Gxt2H*?D2m>kM|ic%z@xG&Sv$C*RWbw4`o7shIj&DxXna z%M6V~fHL?zOzcN7c3Z{2BW@$``DS17r3lJqwK1aI?GlTP&-NIYEvmCHJeJJoW{Vph ziinR#FV|cuM$2Y4(Gd*Vpiz_CXgKgr0%C(r+yy-IVc48%uIGm(Kg2%_xYK$Hm9SR z?Y^MI3%M#+cHO`E1tdqL27Rh{UedCXXPg3JE8y~*s*X}Hu`^KpVI>%}a@{>G!M{6g z4Fcw&?Wpxk1~K50D?}cqnoQ2s5@WDOSjm*~1Rq0CFaNsd09|)vlUZC`RWB*@8lmTT zZhG{zT(&xn(>j`z?YDUny_?KwRR=<0Q(L&}IK}b3mTIHlU9+NzMVAd~6dtG_$rlaE zC;U8(*Not{bB2jZtRLi0eq9R1$Ym#e-cI9Iu`w$6y*DNKe!f3)^W4XiZ6gMdNkl3~ zpiydS5MHU1z&nweR4iP7xw+MZtIO!L{=CJ09$TDV);rt6tn&LrlFhimdv>iR&1(n= zlCR3WM}@@lRp=gH*&{@+^jR<4OPQwHYR8?*?z4%4^<=z6SR9pP33Wdw*kiDbGV8>y zx{Wk6$w|z6Q>ZDz_=s(cC62A0GnP#?JggJSRQR`54e&z;+xFnU78lx)ygPQ7?%AF1 zO&X!`xSJg=HyyuSZd-&M*#CU(5o9+WLO5BvbWobi7qaWT#xl$WI}(qez}1_aQ$i-w z8Swjf4lB}M7n>n0Rm=7DWahA0P452ucn#hk?6^3QOw;#;B;>=gr9sLzC~xrl^!?W6 z2$}a-p6&z2G%fg=jWR14?H<$pb`#a;syha{HK$0QaKNAUt?Bz5@L+>E0yjF$7g6fS zm1?ndn+w5qEe3;x3yuY^Y_eKn)-bEJ>akj^8qLlv`!lbql)^fKe578t>i)DNB~Hz6 zv&v3IF~nH~=R$(c)qj|WyMRI#yggD5ugh3}DqA-#f-5?ew<2(-r8%v(*b)Ey))a{a(4&af*Qu0@!JF;4 z?537C0toc(PMYWWhyb(Eb_t=bfU_DS@lS&g#dkUPq&9S*QDL5mCgh8q;yEH9-LzS$ zml%7$U(yfm-VV8XSSvDRj%KKQ{rgG%sQ_X9Fu!v&C?svbg+IiQ{j>!^HlzjZ4!R)d zs@xg*bfS+zt`TVRAa7L1MgRK50!Q#nZEI#VPF5J_nZ)7Iie|k_mf`@-qG7w$Emkh7 z>A&f^#`xt|hceVKR5G)2Z8k${d~EfpnWAuS9}Bom57zeEDL&_Q+3-}et3VLvwZ1_XYK{rH(TT~R z_#fS;QZS>4j3w6Dau4P{qk>OvpvZMASD$9T~1(`5a=5n314-acMnlqSAC^mt23&$r-5|9hL}XO8sr)lY`l32i<$8 z*h6fWSGb&VvbKP1f$6~8`!H}egJ164FG+=9hc~#5(YA$9?+g_=lm=7=o(61*gB|Io zzY2R36p#pj{r>j;a(}S?aG_8&4l)e>?wp9Gs-nVuJn66l7r^%$=$zh7@fpJuce{h} zqr$RvflbNEe*YSFx0oXT-0ef`$S-u^G$Rre8s5N(a{2M`YDcXHu zX-)&8`2x=p_XHRYB|q1nX=;5ipT`?iif?!@(jS<#XwUk7Rn|VD(Q{yAbUAQ-0kZtQ zXTb|OOW)b`4@p1{#(uVJ5~&!NO14H%{ApW!(HHH_hEc=z2HK6wM7gbs7*@n(pmx2#XU!hLp-^3*XL`B0SdRH z`gN#UkV@oPJ?KT9881q(i-TK-jTh6u?rnDmiIB9Jc3R-m6tlM|rCbdTe+nvL4mt6a6L%TK$TYA7NNLdcD>pbIW*HDq$9QhM~Xrb#1wCD za~dep6Hf(gDV0lO`a`vm;R(FcRCXXqzaRaI*o@isd%wqyjP{1@I%I5Fm$g~bBT>wm z;yq=+6Z#AK(S(j5SeTxf4 z;1QAJf4`dxF@T;vf81OP`*_+5PT~mWWm2z7=XO3_dj#Ftx;uTOAce3wUHoY|U!LEW zWO?`TN{lkBaaGJ^*k4A)v*yc|?F~(aMub$0a@p0Ab{e6O{e-#ItKUW>$62TTbG0yA z$dMvKB5hvs3Z<9Pw9C_68g5;t_o&Wsab*wiTRhbfFY54*bbk4Qq zO^8W^72NrH(Gj=ldCExTdsx;mEl4fi4L;DU*X4O*pyA2Qz?sH zs0t@be6ak0X`T3hsHHh`M@BFdh2hN+^Y=_FYz8hAB80 z68*kilS|X_-nYS#)rJhP(@&E)CLMFUUx$!p6$`0VyD5WvQR{%KuT75MuZY4`%T9TU zy63dfF>9n33wlNcLttZC{f_)Z7H5MTzQYSa1kp~Ukm7S%OXHl7b~ZkCxt_1q^%>w_ zha&}oMPD&<>36si#^By6ri)JeR6j;FFpWY%9~yzP)NNlE1s*fo_IM#}>6E-7U0$E1 zKztB_>)5tn`8(gc{j7fchinSnS%Q!SMtHXf3$*;U$ZgWM6f({sns33LW79MZesOLML=nih2v~ytWn?ihe*Kl zw^dD7=GQDU?;kpCtN>+$iJ|nvvY*;5GfG15`yM*ZoSv`eZqmUBIDalyo3x|tc6eN- zvU%=Csfqa-JU544A>kQ;_Hif(wFQ9TV|O~tOHPeHKHkeP=iCm-5_OzgVW&z68R=6 zBC0Czq~eMp5|CtW-;1p#V7Xx=Nc2L{1MSNZ5gZ9eCI6Lx(?8R%x=HN!M*62!A9(mt z`+yG9Q%i>?T~5dZG$yO}L4te0vPAB5qeezL>t$Z zcYJ`o59&NJ(a97U%m9$Lpb}vt<3T{QzT8hIpS$}=9uw{l4u1HSPaott3`-@S^D)XH6#7!%FnsBuce`_2M!tb~4vGQ1N?um)B%PkC z&(+Ym{6!_A$vV0g?oFT(mFM7KY)>I7@w!ydVWm2#7L_JJ(#BG*ipkszb4We zPiIIJwnoC1TT4rLpJsx6wpg&q!+4(3s4=dEq?$ub;$_fpETpJ{|BJs_*dQo;fPvh+ z#8N<$7hu}4rxuh^?|5CIC-&-hOsbb>+BrqlWC=Oj+EP4TK!M=V4+|R|UK$8jt1z=~ z0DFXYsT;<69UpGfA67_h?Q#66y(RWRH@SYRW+wwmHMzWn7<>L@#-QGZXJt!JVZNUJ z`8hWn!`%*nxsDZ=WpkND=<{ZLI*Im#7SNf7jQ@a;G>~q6LIxyocAs}WfXIw^zGe%Z zi6>Bo`B%sFP?m}LYNI8=&9*I78;5ICJEKN*=fo?YOS?QnV9altddEAPnf$)5T`zyo zWJzzh9}49Av)?woK9$0G?Yf^swK+4E+|E7Ig3ay6LD0tk0$YIYr|g)~P3Q4M=Wji} z?|;^vrd+*>T21bwdhUPW@mEG5;k}2%|o6k^1w1M4Ltr5OeE_x~l_nTbQZ) z*TJ)~s@?}$4`a9_DTAR2&~bbMgTQxJP8KRx8djnEon$nZ#h|z=!P;Q6Q{n_)W}1GT z*7PtTMW9I3d)#8>#wh60?}_itzzqAnb94uA9Lj8~ft;G>5e|7alGat+CnMz|b++ty z?_C@7t6?Qr0$o(+;~CP~J+*S>F9=-^2zEb{x-3}n&as1VkqiMQZvez9ZLO7D>_rVjS{`1>`Y&UrGl}dPb93kIg zlkAl>3MHl|syi(Eeg_z2pcNXQYwd@iT0FL)mB>eMT~v4Tftcvfl{d9`C1RIMwzcUiy4?Jb3s=wG$b&ENS>Z%r?8K2#P1es*j9u6j5Gk7$K zI!?22h^(1sJl%%IoD7m%7!6f9jY*db0NY6ulWz^2?7>GM+V#zNO?dxVwo_&V+C_$W zC~VPk@*p6+4~8uuZMyA<)9u$P(xIr2-y2I#C=y|R>Ja&XC*OEhJ5cS*V<73 z8$6LF0)^#TtIxtnwr`N{4FBjys98EB=#ENXkCz<+(~=1%x}xeYrmi%>te0IfRtbuG zOUamVV8kcz*-Wb<7r7+bX}X>`!oeS4exCC41w05s*eUiwUi5BGn%L>lY>uCS4KAbW ziPhg=CWNTzpXOdbz)Kytc14X&Q=pIs=$vu*Hz%t|zOzg<{J8!4&H^dP-{76VriPM%C zN7og|#!d(#(mC6c8r`gqw^)LDDD2P89-F7o|M5*FtVYrbj${jYVEuIeYcT$8lb3(p zwH(pwm2dsZT#nCK`I)wS_4V~GQ@F=N6CkO}+-IVF0yIki@}(MQ$Z#PLe&e^)yoW`P z$#tEZ0KFaQO-i|>^MJH$-}~+%=9oc0gmlLrMABVgOC(-GhP(-qp$a}5Bha18(HgmqDsFf7f3oyIf>`tsEPyxJrf>^8xO}8 zyoLdPdkbrhjAmBE~hePX|*NyAE}C-NC;-H!2>!+Hs?M8 z-*ZEFwnq|*L?u1Tp+i;ITI|p-J(Zh*S4#F8ZKT-l>_|*-pmBPOzNcjw3M^8jU^X>> z%YXqYgji8$&~GfKVJTuC2#Gn0<5xLA7n!WFYTw~x)-&Ekyl!KdGU^O?FEc`D_^4+m z>wPYJkGEX}1uEKF@H7@6nTZ;YSMS!l{zOk2%Zn}qVi`WKD@0)9d`pJ2Gp$}jS%21% z)pdWD`H=QaUK_sK@dpd~kWak-${u=0HF~1L{Bfoy0R+}*eOXD~ar*5$<&jqOu=7JG zbX>s||4GLMCY<;3c#c1Gz0#4nyAFITA&D6@mXA`S7dUFtdsXJo(c#UfXn$_oOHIXJ zm;7E^Q^A+tRGAul4ddZhdNLLiO}boOHxwzgArJ#5>v~E7#S%*0rmk%7*irHu9a{sE zMW40T<$TXX#+&1Sp8hWkW5F-RL(9UwrS+!ck&5tpu0Z8c^UEia6c;WD(T*r287DK6 z2$$v1%s?3Oc;EtyZ_n=RPnD9$=q4QMFeE}M$tF}a@pI8nPWLNiy07K&1VK}%@F-zO zkces5z5_Vnk03+iN4Z{{7yU>#^VPb1^GMFkR!h}8kV!?IDC%FGfAvBg0WsD$k5GSd zEZd1!7@w!3yem7weW`A7qq;gtgUQSN%GuDKxvBhQ9sXu+X{WlewS#FCF?f&Cv=4#@ z@4>sk@gpGBVRsBhG%9(1iP@3z2~7r&pR-Z2r?T{QWhot-Jj`Y07$@ zhP)ycww!tWe^=K(ieUVw!E&MQ1Qac23q!@$K;!04y3P8`F z@)M{->}O6}?M`xS(PhKf(^1K%qcq@*=!9b5owsbw48`CZAKrUz7e+B9SiuOGRC)YZ zYG1$UQ#EKXn>5LFot3~2K`6+V3;IAxz+`!3C!j1AdOdTpo_7i4+O5LgoJwQVmhJLt z_}C0Wz+qN)&L+VQ^bfOwdpE|7-R1@|-<$?s6Jm@zS}3+Sw~FiJBsgS^RaqDSqWJ{l z+;+cD!4`%@s3J3*ihy5mdI-*u=~>2l5j2&G0dw@nw%|W*S;UM6+hPbtW1$_x#f3Kh zoGs55^@YF&EBX)SVMhthnJiQ+1iM2Ig7Fvr)T|R-E`}-Y+bI= ztSbzb9~|rr3cUiyY3vkqw)9B{QdCSEg5K%a75p%rRegyZKytbtWH1IvBf8at#K1SO z=?{jcooGID28R_EeXx2&J(Ro=bDV>!&3Y^8oigwE&|3FyB>jQm(BuYLu_a%)*zA&=@|dC&dj0Nt zwdr?**dmbpPy+GSR}&&0OF)WM?*ZQV9<{V(bL6sTK+XDqQ@ z#ZOjEMSI$5NpS-Al*yQ%8_bf@7e2peS!cq=p3qSD>~-+ zD?hynSI6FuPp@EB@&qV6MDMvdz15}>∓W7~db%%bA>d=WQPL-uq#uX^0JzQxm|9 zegU~z0@nPX8?)_R&@Z=&G;D?w!5%~yUr6+NnHh3%3c+D)f$XDEdYVJ>0D;wVt$D~y zfCuY|-;?3c0;zHic@WR9kO>>?M@JmC;E7t18Hip< zY4MlW*5(s_3mv(m_G&eqEBGQ+T9GEZ4bX?1NzmV&Q!O$7;gRl?)4C(n^8T3e42KmT zmRltG3_*q`df3ty&4nDe@%ZCTb;u%KD{oC!b+R4;ubhh}!dk-<-(mkm7ArFytzsMZWa z+2N3PB*g6~fQD9HG5foT@CQ%|VKpLLBekD>yuV8QaSKEC`_h@VD*#<&%HSz};y)Xk zyGge(C z2X&NyEfrd&t1>cd5a{Y|w{lu}Y?Ywx-fQ?U3@RtL13tDvE1D)x$XnA|(%_cGVu=!@ z00c2&BE3SMM2BCW4>iA*(~})K)%yPIe=)lxVo))Q{tOa%I%kp&x68x(*Oy%ixYNfV zXygK*9vt>Z@Cp%G1@jPs8A7+&8W*TIe;E*I%Vg0W{{mP!}& z;pKDsMn<%TpkM59dsy9zN4^BSY$I4o=RlLSLHFFhuQmTP9N>o?b<95)$vP-X#R50l$@_rweYOC+KP<{43~SWt9iP?)g2 z;kYDRA);_3#6sgoQRzXF`YBUOJG-yovH;4+B>Gb_4qKlGqu3LA*T`{h zBn3a;*l-DeP7s~RsMkdsHPrxawQNoljeG2sd>|nbD1Dn!p4R|Yj_{1veuC7XDYZ`S zkV;_Y$8pWy$)i=&c>9Kf6FEq|fyq_*_M0-#n*@{sd0!`82Jv(N(vo@0u`H0WhJopKj~b_jqQXo$4hyQR@Ao#J<)IavadMEf3{Lu%JFxh`&skdhUgTBe&SxRRy9%RLcWQym=E{+0{e=;e`V*(#fMTWO*=Gw}gea4Ad z!j|qUrXst9%-PI4bLpgVp~!wBq6G#-Nb3c~5lb^dWKg#Eg>`DUi^ml3#9_z5u^5~JQ6f1or z*7PK!Umfu6dD7AB7NWqn4JxVM|YfB1s|b=43s& zR^=xP4WaUbemi?-xBsSAj}{W+Tq!-riV)!YPGm0ez9zaZ@kH2i4GqDKV<=Xe@3N$; ztBdW2;&{}&W{ZmKQT~^vfA*z@@3e_1_QdXJieQuHUN>llv(9Nm=qmWXd*&FR)L{0U&Wl>+aw^3~%s5lM+%Q8tnxDY1E2;Dg@U5%M z&fDf=DKfEaQKh?=)1u;aAo?Wc)M(oY%`zd{N>E?iz;3*Ow8l)jJT7$~c`QjcDrjK?bB~KwgG5duRiw7xmjLN8F2g`6X)|FZ4<7V6d zx!{rgS06A`67~z`z6y65P$6jn%932^m6&(UEw&rHoRYrlYGK>=-g8NSf&1VnY(Oct zzPHFO&VVe6Eo;xmi?%viPp|q^+R!&yeD_hxL zm{8=vlhvx0!%OW8USFoydh6q|u5nNKp}i9hkgHjCYao7(f+krc0Yk&OvR}m3+O#1C zgur3aNoyT#BPC+OSk#^bLw=Wx@W7eTaBq%EmPw+DNE7832gW2t@Mquo&Xp=yPNche zDC3R$8N-N61wRhD^ha5a#ETdL_}D?F?Kj#t1}U0ztAjGMsqOWYqYJh)Asm>#_Ns!{ zG61Cpd4>WEh*_50?Sn&#&5TZq)1tV*sM3YXJf_EN9y4EuYM37cwEEuH83;zLMEXAW zrt|$swabl`Nf>P4#wLXAe~&ee_k|E9xN2%urMn@rO>M(K4{Er4Ah;Pj$s zKt6*>{jm~?asx;WKjL&3mm>*)+^SFGddP$_k{X>Wa%y;FN5^70cx=&)a4U^R`Lk@C z00Xc_3)8u$fbU7M#`1b<$Vf+3I-@%?q_z{emNzG-Fr<k9m%n-okw*)1$F7Kz38%ePZ9<`9xxv=c<(8*}AVNe>09ZnyYjStu z{W7vsy_SxIxwe>${z;G|%m2X!Cpe+{aA{t{gG-U_mT~2CHGvi7Zk{>74~Nw#dF}M^ ze3T_t-2-z9XJ>Z}G1j-zurh!Rf2dg->WVIoDqXzoOdrPX-omB#gvF3ftWq^N7U%JV zECi7UiGylnn^o28h<$4~;Ug6d{PV&!*Cq}n1fEGGM_7!uh$7GOwk#DrIy`$BWP(*{B2itWki`6cK=bV6c{aIeVDY7n%*y`;#0}Jwg-ed*W#20{9S;c5#MX-S4guf-FFp&}``*8y*G` zpEJ?e0{=aldRpKynt_fKIl7SizHN%-z9cPlSSLGtNm7!~NzhMyht-5U+nfK#q6z{$ z#r#Pk@$SI{%kX{{{ALm!cSLRC#kCeO=5Wch<$54T1K-aUN4 zC+Id<%7v@%UP#2-d0b?-cH&9{h)i0Tt6|3UoD|HjLE=UtM_~$C4yW~n59btzmFiA3 z>rG(!82A{bMhqCvsM685JWtOHv6&x7`6UZcB{CZ(MmBg2Yaj%9Yqj5+H z7*Tkxp}S74YGT+W8s4}DM%}obE-c>MB0z6LNrtROB|gX7Xn^qP1l`^TffiO6%U%m7)T0+!ucQQ`ZC0H z`S^biXd5M;sqhNVKjc_vs53{U)6-g&)q0c?1%qNW0_89@j9)(-SM?u3W%^3z_}1X| zlajdqh7yICe}l9Nhr(`l+wR0~VzKI*jmb1U&)}iGnd>%p(zCngH}+O;BK05Rv0W}Q z;a`s{=L9bpW-FFRn}pWFS^M@-M~EA*tkU!(saLYFp`zQarqRL|!}M}tMPwRWX1 zI;$W8V-;`RR?y9cMp4P#>}FRkSr@6f+>rqLcU^lwIzwh*P|mN{Hv-0!&%t1^EI3;~ z)w{_G7Og)x9~oa+8f*T`mii=u5XN9N)agTvpq!!IStEWS#tHUJ$>Gyl!Xss-3PFM# zR<6ksE^G9DhHDW^G&_`GVQVD-dHfZHqhzXgBY6nw0au{O0)Pk@Q}Fj#s&<2g+J^1x zFpz}d?^&qQ603N*Us~3Qj<$gJR3yL7b~F@>=-mEuceau>(80+*i1ty403klOX4fNj zBD^051jcfn`#`}c(CKL8PV-g3^Dg2~2}T0B>N_Aezc^d@*iVXs^-Bm8Is1Q5&UVPO*Z8h0Zp@o7jW^-T*mT+ACfyPLL8^}&)KK!LW? zFX(G6H0Z*kc0TM!O}DF)av(*9NLOyKW>l$04VoHJQe0z3CS1~xO#U$0&*}E-G~ooH z5%0BGMJpI^g+}$?y?ru}P>p8Y5p6}_o4R@5E&UywVj{dm&(-Z-LC1*XCI$ldF#KA* z`0B&vwBlId0<`ZjBMde(<}vqI5(K`P2uBK#9mUe*09m9khgU=~K|&`)U@ZtrRUmeF zbtsRB?3mJKnCTsi+vxYoc{u{<4Kh_Ef<-7@(o$3l0JBeyG`x{e;m8;?df8h2(o%zJ z2)oZ18tLI{%CQpympAjH+bOKF3~5v1`9e~Zjg z5bNoO#7dq!H=`8DcEys>8wVGWiQJNMCw@|Uhn`3(9B6!X0jgd|gHDaa0rfNfS;ByP z1KDSznEY5|EV(e@6#{+&b{|}?gW`(}VQF5S@r1acDSEL}l*q(H_ZXa^a^A050pOH=72}Nl;C{=WDd@ z`pz~AMPUEq>x6-MLxAi^a0CE0n+-kD-vI24AXlEm^u5{2-sTPxdg*CrbK*EtZ@N70 z9kpY4La6)CAL$I`a+1Pcn^kI@|!3i(g3<+4xeIITyB+=KC&|mA{0*Ek2FTs6P!{k;{qrFY~ zV9L84p?&Y5=$P(rs$zy6>y)zK!}58P%!kl}^I>un%kcKe$^05T{G8%}sCZqYKB{`l zd&lkoRk>SDT~_T)XW)o3@L7VvyMr?pD`toxp8XRsm664|Ni+tAH@K6J6{0qKPhq;% z3q?#akH1XUfyVfA{rMGAVki`P%$GRK3+L=MrIuwV7>gLOYX7N&I|R7yQFmuwnYw_Q19+PeT6wyH1s%IH=_ zctZVbQKdtRDc_NVH?jE3Y>N1crV8`va=7Ba6=u|tGmB(#n785Ug#VbwmN%LEG@r^D)9=Sc7_3vlHOVi9+IBQoL4D!Qwi^#k;9ch+Su?o3i- z6vjhugc#i-?)lS~*xGFf(M5~^UHtn%?9T61i}3)b9YNUB6p%zx*5{p5;p-8AL!`-$ zsKy4C_{v;JBD;tK&tYTV1Lx)pW&#u}$9ZN0{$VWw?0wuid{rvS?Th9x!;C_%ZNm8( ziAoiObAvcA^V|E#ZMn&nM!Q;k=~FIPvYf+aPi)UdB}2&9K(#LVWPw^&#u;#_)Vl4k zK;GBx-Fzj<9k4yG>$%}ABHWWj{gym-2p`9b9I3yk3ZP_O?9d(9Q$$}X%JP}>6T*vl zVTLw*2EBI^hRmNSZn!WPWCaY4rHKkFUeb%a=g8i&Jq<-e8U1KD|;o)=m zVUv(IQ7W*=Gn4`X@5Pk;N@dD3dP%}U{mjy_{RI89ZXH#yafled*RSow!{hHKdh?7$ zn*K)>P$h*@5pg>jA`p-{r6f63uxw1LP6D|Yp0`}}B1`joEJ@0|>R{(cU-HLL3HA>3 zkm;Kr`rxRU#*0><9}_8!A8yW;7TjNtAx6TMtSw<<(C&fuI_V)EP=iql6PHI0i#=u0 zMR)@!eC&~?HVvRXoXkVaYVGvBDFZYNwU&H{YG?!b6pr>Q{PV_vp{ND~X+MB%5P+|k zfsKV=)eJCO6oj)a_Qu6zkPPe0!bxUM0K{2Q4D-o-xyj)HGr~Av<=D9&5gZ1}#o7_# z=C_bbT118rcJ%b-kcT3qnG#?YMZMO~7U>Db6!5v!6?lz#kV3n@N!AG&t%Q|Y$yM3< zL?inUDhURZh6!>abwU7?Uf%$4cW|QLEg|1zC4XdWO!^Z&&Y&>KUuU{=Zun?TAypT2 zZ25>on$TkrdlQQpmi_Ar5yMVNAp~gW(e@c*_q`XHdTijo{L<-;rT3C3xyB4fVI-Z8 z8Mg+LbWtB=z=$t2+HwRdRoF9k#GjCg?sBaFtpJHv?HjO<^>FUb4eEa8L|?w>koIUEcNERIX*A^RkY(=C+%8=z#Xxy zUAJc1pU!W$s3;^8NCZMUEtEY3j#yq<0y+kkTLsC<2!*pOQ+K~Ozb(oUvlRAJ^=!XP z!w@y9Y{3BQ`RETH4C9{fn*qrgS+TDn$i11$FvAoUtm>N$qj=clM;ldoktf7@%uU|g)y`_0wB7iTNA{?GREdC1UUOiV4 zTXvi`cy{7m$Jje$%U6fQ2{ebx@y@_I1JN3ia58F*(Zt0j@jv*k;%3*02SZDCgh(*JuB6tP4}(0a0ukX1Dl|T{40P*SeoIL>`^>L%IT1@q zP@=bi0o$v{+A1xHZ?3Y`<&WUPeg&e&kdd*Fe$0Z|?g~+hFv8+jTdm+o4!2!CV7QQ{v?cZDA{gG?CcZ%)IRb3 z{_?K7w!=NUF&Z&*Iyixhl)D7F87c7orf?d8R1g>S3dND|*X|nx%pbaf9xB3Dho5K` zOPn9)TU@p=FR-hx*;;oryrTeB>`bYzR=Rb*d(+O%eLQ~nCuRZGUIsJgZx+ojx&fpU z1Or`TS0{N&A;5#;BI)d`R}Gy z>m*fnQzxJitPom+!`*OQbtm~8i%)BkO?1~ozib+IHMoU+ie-LCq&GZMI>T&gO@>;; z;ACbclz7ahyR>NYb!)YaIuny5%a_4#t)Vl$6xbY`K?>o#!Vw87xZe32)F zMyRN@jTl@(BN3*mESp6^XZkXg0Y~=??JmpjHHpS_^^d%&U37?Yx?9)*LqP_fe`f1` zzI5SgeF&Zj?e^7_dNiD5bgW$dAmb>OQ20KcWR}|q0TYrmxwcKq8XKVuzmkLRe6?Y* zkx6wL7PN@e`Ib_KS?|iL^06$A(na4Vo1-6J+LKOA-k`mD^Equ?hOM(PH7v&&B|C{Z zn*|$XoT=Gq9WR^2t=smyZL#@KiBMXS3CsWyU+jX{V3Bnc%{S>ir`0z1HjrnU?FVA{ z*{|gZ6!%B?SxU*VRd|LYPc6;XuJ#t>?qb`RJuPAES#z6|gwK!jT}rRG)~M|kRf{>s zSPfIFteRcqK(4d3n9PfI);@#rap|Y`Y@PYP@Y8G5C~wz7>Z-Z8?KsQ5E*X4H6<^Ll zky^Zk#iCzyYlCcRtoT5iW@4s z-qcbnowhcFC0{!DOYDf};x~<<`AeUAK3AJ1SlI5Ymq&jg!vans!6czQOJ9GMv2FO_ zGHPWtoBJwpxeWoNQw2h2ZXzDDRaz9`P5|1}YRZ2W=Z{Te(dUgseM6lnaKkYLLgct0 z$IM{gkCwsX!n#8z+mWM?M}8kb$GLsH*kG`1v)ZO?!y46P0GJGL==WZU%V|Z`%`8 zewZNS7~6+tkO}~GGl0(Z*2s>zqY|Ku)(>|ydegsN|5-aPfVfv1vB7}E`YdicK)$o$ zmK&K2HmHwGnH0SzS-dt=T4}I$qCA=aV4q18|1j|>n`r1&>pwWH+J?A>peDjL^;mUr^@O!g^nu;0W0{L z%j@$5p|+TLvDzf8c0rBlDZqUoEd0QIPXa{7-1q5E%a%M6#3=lxi#B=dx&!OytO(}@ zL=2D-4^5*Ek?QiO4nsVx2;RLNPYnmej3*TaW*tKHK_8@%_{Mw0>O_~)v>)?mOeeC= z6q29B*;4xkELqXFHfBo2)k<#ki-;|8Tw{9J%-;W<@Wvq12ESF|)@hy6(Ml(!F8#Lj z`fH{elJ6~!R_TYtd-?33{=Ao)s$7yqG-34q1c9XdnB0A%Q9fMl3F@V?*iS^L5`GeR;j{o%uq5?1?VIjhe{_4P?GO3c!^#i%hLc7RfEOuHLE&V%9b>mu!Dq z|6nlTXjOvZdt-s&c`d+~I$?BPwcUOgBNM*w!`=FsLuTHQ-8E^WN+nQHlt z?YKq-Ez$umVAgd~B~-ryW#bVS9AXjea0h9PtdPh*i-{E6Y`p?np2~`RQkLUc$epFj zB@ztg9`;qYALM&rFAJDg*1U!B3jR{+DlQ(XH99JC@& z%H0u)g^F{T3|bK1e0e*OP7Mt)0AQ`MXgHLVn1oI~S5jcXJCITisFJAGQ^k`lV5j#agE&1Pwh&QkKxZ$d^)dw{D zk9#9vkPVO#PPqv&zsqXSsnC!CrEN?x>o+M?BkYYD{nq5rD$t$X0Zr8{ykH5}@1Nhu zU?7neYdSw2IF%8os9E?}fvr*Qs`VP&21hYs+@sVnx2al#LxsJ9wxYkeTX*>BxuY`g z{kr<8=vFs50-hqeEp8F$r79rBF@KL2w*iN;$Axoa&^PwNawZVxnsV*MdXs~Yx3{?7 zP8!#gux2#}e4j;>CqTWylEGWC0}8ILb^5!dAs&HE2gmGk!5*5^r7Ko}8sO}NXt$u* z%b%@g4M>@25w`S(%>>QsXfsy)F21-bZ+yfZxBQ2LE=hv;&(n7pe0C}4@^ciE@JP~iAI&K%M=)z0Gk-2%ryPODS?bA zo@k19cguIn*;%*Aj|p*4U$e#)0>4n1O?mz}WXT5o`rxOzco&;eW8s|4R?BU3n>6EK zE$z=6i1CZVHBkFu>nrS{VgOD154gO-F^J@>{5jgu-7$CRUpGg9 zKR{7t&kRfTc}Hi z%QuvQ&ks!+%fP{O_QVnl{J_%o(>DE%YZ;>S;EoJ>)#+Qzn?st4)utxh5E6s-OYp?t`#_s~3yz4KV=Xm3iIS?ZG zdgMr<-nX#t@Cq7lPotsNnz=Za5P^DNjj%>^TOY55!dhNd{s8FiN@VaP2q@U%%zD^b zjpk>qyBYfZFbi5Z=^uKGEWp? z#SjMB*S<}}4O2astI)J?{djEbGMK&UT*MS8y(PAc^#hz3EYfFacPCEnxV z%P>q%_mDd~Jf*xVq6ZU+*ozq4FgV9=ALD7Ja(I}yv!wUF`Ts#H3C;@+GAv*rVJc+F zm)C4rocmV0m>Usx4c%IlGLPm?|NL0F9lDR)_2*oriIn*iy+` zuC>#uHhg&ew~6(;%S&QPlX;J0^KWQ8MW4>ww8p|h_&3Mx^Tc8?ii7+gGNs@~F&SP` zvRB38Yfxot2EC?2e2>Os_XA>pJ7g0v9dT#wF{Y_1GLlhQ6M0E_^%LRCrx~^b5}CEJQ3f`VIR1UD*7Js4v--o?sj>bbMI)!O}~&L8CKk=x2-$MusGkf;s5W z>*U!w!G*yD6C9>>vF(OSuo|wh)+zOL?9%L}REW=&=5C8yhrmT#3OkCJV3jXLgzG?RN=X3DSJn@Lr`_+Ovw|AxMP||6P%Y$cC{lu123uuiw2ZZvp z7+q4)BiA+0C+7u+z#y&A7_Ym_tiP`881ZXrOmMDPy=P75HDjN)g}1o9lxYyiJ>R33=tfM#hIlDs^X=6}ccas~M9OdS;NBy~{?lQ3;mpB| z`2hcj-lTnKjYi`^MF_xu^>a*VIBq5t`qlSN@tIJ1BL2j_aVYDp82c?1_OB>;Zc>le6SVZ7QNPxS#7)ekjkfCGb9S@GK z$-0>3s*mPA$!+zhHdu3?1W-cr(>Y?;sfZ0$02vx{S%zn;uoy`p`M&ca)o2}kcTm^| zVAeo7vhT4G&;rK}!lZzfK&bTyAw7Y8bq9p8t^@vsng)2iI}z|-qj{lSrTdEeMbGYY zt!aOm3&T<-n=vKcx2SCZ9wSxnkcvi8wNy*!$*1pwCxB}?ylQ;+4bc$^YagK0zy1a^ zX{Gg^r^FBrqv^@G7KNXQIE_1?TY3P04;)T>M_t`MzzZpMN{BBqsDiahFD){+A7Eb* z4*Bu&K@(&-Cr7~r!600tu>MA*h0jL3&Or7;NE!>bJ2hrXFWTXDg==}t7;et%1* zR+|Y-xKArtzK}5s>=@u71K}Cze^)*hD@){ZhcHNJBuhb}{aH)?iK<~!;!dQ;9w23F;LE4PvaPD{bX&iWx1c%rn`vuUR>o>#W!#XP)`MmR5 z;E~Y7T%9J93qp*K#m6HU*b87XY>P{}7^lGg0kzgUb_Yn1C|fMTxd9U(sS}UPfFdzn zSl}BRLAD<2UH)_3fnp=XVDiaBAntJC`QceFaR?-v>=&_R))e>FqUWp0{&b215x~-{ z*#F$1!QTn$nPO9a%Tna$>m`vhqP68;vAHXqyXSLM_U7jU1r}NvKYDLYMc1NK4_XOhN<&<#}(29w6+OOcbDMY8>9{&@F~Hn9;au&Q?SkwtnH zAQpb3?>NN}Rn2^65`8X4CZNr^w|D;8M1FBDaDpsFYnDDkJQ7LD`CzlU z{Z#PBIjxae^c$U>tfQ+u^Y4*xEX=Ty>jhY54ptZ`i2LKFx)qMT_2peET}KmTN4V(E z_N3PRu_Sa`*d(Tw=$Wj}Bs}bj7j*hDZ$FS8_@h(SWwPBXj1f*TOW9?j| z;!pR>BsVMuK&qTHWOjvl5qq;nJX|o_g?TzqUKk(=;K?w-7o1k(x|@bQ*;tp++Iy0;pN6T4j!!D=QX-y>mm4uGo(0vrhTy;pvt zeeFpTDk5J$ow<)+g=^Bekt)xjH^UFb5h|A#8cE$UI;;KO9dtPcUVQyR=P%tTmn6@n zS!7Hq_@3aWHjH1l6P8lX2!}AfbI?${FCVKX()xs}H8KCh}gfRtB%^1_Wj#G*`WLD5j z>1#8*yI((}{ivC7cZRwAH~M+=AIbL9%r z%oo`?&Yfvfq*-x_?O&;Harg2N-W1X`aXPBaK>?|yowkb)9+lzRW%7W_(eDz5tq^EI zMAeU7631||=evk)Jc%PNI(0wNT}Jvs>58BAT!Ej{?6;Ss-u>3jg~6~N4T=PHsQDB- zwP4gDPJdFTrd;c#x&m@+njN-45qR0N&*vQ6eItK=YYptwMO+eeK|NO<_x&!Yak9>A z8&AVu2gi{3dtS0Q_qiXe+>J6cXMJRzB)*|A+5nW4srZaX{jDbA&`a7k_QGc7v`*f|3${K8 z)jKQXhp%vWj}*$fh^hMBnpV7?C8y!*@c06)%0Fl6M+9lf!41uf=#TERprJ(xi~!vO z2j}c^NBs^&bX9{oSd_isP~V+e_aPaJ`%qIvv)!r5_v2{F2QS8dZqSmtwO@h~#Z=5f z#nH2eX90va3$JXFSDcZn7@nHNJO8fUoEWdzk<)S%cScHlc)B9B*>@j6YS9RDO`n{E z*;>DoXE%ABoALUsFpOj&Sf`cufjnH70+4Z3*sEVy8^;RKq`6s;!{}$grb1qR5HGOV z^|T21?9!EFUOLM|$pKwqUKl2@-p%3?FyW#>@xoFt&YzMX)~T&Ru`j@U1}RnwGwzPu z|I$>Kumh!NIkZQr0H4F6OV?W>YKRISwoNRoNxsrViDw_RlM@vA4y!|ma=JUWR_a{^ z{b$s`K=>ajnHH4>F!h^XQbic0#N=bU6GsbHk$4k3pDGLJW6?0ey!fto>Uk#>yY%f> zOzQ&h%-%SiwsyD=4OVzN)MMmNbNN<_bN%UhYe5K2G12zV(h*k&wzK0jeIrI`5#YQLgF|C2uz$VTADKFPw-Ojgjt;)d&BO3Qa%KqU zoe}jC2lV42aoeFyJ!l~>U`iuX!{!1vW`mwXw^QkqUC9*YdGo})XRL!mQ|MKVppyYb zP|=zo3mS1J$!Q{BDmzC0J`<3KGXY$3Q4@4{9t{ z7%iXo`QRo=h$U|C2U>Vm_DI0tv%f5dX;`MuShzPt9K0ss8K<1fn=bM4q)(CD@dvQR znT=co3IW42s%jZRJfvWl=2XDvN_7;C;7n@;!jCv>I-Ed?y$9owX?&`DcUpzYhQasq z>i+a6^*##V&8KHTjoLW0z1$8?aMzadT=OnRsK{urrOw3w;Czz~P#xEi<2=_A|b} zad$xH%KTYdP$srqL`!owU{f{Cg{7xj;yXO%Z+?0LYI8UKqu)#+0DFv#Hb6|Q0C(+3 zm4hExu<^mech9T7GLM>!$JPBn@s+WN3V_KN#x5yIOSQ0giG;%L0iM=b6?WldIR2FZ zwCy82Ta<&IdzO+<_1duef@GC)qQt(`bvF*?iN2O2!$vn0*QZx$to7!QPB|SUud@ce zNy^xoni^>yg?D}|dJUnb&?}6x{N~12+K!PbWs6GU24_4o0)|;hS%p<9FrcRtaJJI5 ztXB!lh=Zx<#SeX_XiL_;_kb0v3iay*Oz_Ugcii!KZ&Eq@>6bxi>?S?pzYWTyv`doR zsn);F!|w;H1<7LbQ(csMl4}>KiS~vFCId%~HHlLbnGh*)18H1n25Am!>06xATo(%z z2dei`>SR)p=fFWEBEfq#i+xiQNdlUdEQ)Fx%}W5I=4yYyuj_Gn#OMk|k7p?<9WXXV z6T*=ZEv?w>m590G>5Mp-Z#FAX2ts0h8ZwAfSi&@+qG1XstNMOKR&Rao<=rzFmEKth z*hj1A6TfBD#|&}-18%ICA!lfOD-6kROh7;B*lkbO1B2qu`O!<)_4Y#FjVofKksX3;ZSr*BR7-e(_DH&YPrF04m46dBm<^CF#G7t|K%*0;DQz=C&o_ zQ6NFnq*%8BDiS=wl@4X;jPo`pwgPF7i6)CWPowqLW;hW>ax?QiheMS4ov;3>Q`LTW zGl$2tx8M_t35yikz9;x{UYVUrt=-UqwXZb>PHijjh{%x98j z#`d+rotg!PEbC=#2q`-K`sRrPPfN-%HVJDkQgD~0*x(mcjDJXk=+H(##>~Gy0FF~` zjU9=D63KT@@WqG)O{nFx^~^1_6vVw1SR|Oi2rp7{QZ=z-Z-NEeJvyaGFuvCq8-E_+ zdoGbdkwTAS?P@W%NEI$Wn%b!?Du2{{jA2a6VK)&E+zf35>^bvZ$~58Yoi17zVuj$A zn60ij6MJHJG1kM6-MQ$D~}%t&{@PtJey-@Qs)UbX853NY-;2$Tf91-xw zs8fi-zgkzx9e0zjpYFjU##P&Lf!B+sN_dYvJB!Z0E)OC015Bye!<>13)`CLTllFba z_0W6Osc6Svg&iqc=*DfK4#zR4KB^XGXkD0mDu}E1I3YqZ&HV({m1EGYO{#6m=g3+e zRnF#=kzA}tmh5`~no-)L{ulA>t`lF-Q#0_w1K*BjU7I~l=J2GRWok~(#4Bf~H1`Hyvi@QELlK0;SadfurakKgBs z5%ovAdsxyrf9=rh2q?;b(HHXN*Mwr~;Z#3Laqz2}-H{?or+g}f1msy6TxIRRP z_@ge82;#53eYj#P?s=Ck(6KC6PZHbA+xND>o!Xb%V!Q)1D<2oA2}%DvI56O9vCba@ z9eB3ly*tO?cdVJ+qWeW464g;LxV13(D~+AVk~rb*w3L4~0f(04n;!8a0L;dhBp(CGJwo#^I_SBYrT2b(;r(ytsajJX&P6 zGATV6?AKPvad&N=-LLx+djyHd4ye-AqL5!W9i3Id#@aKi1pq3{PmaC)U6ibSUUm<+ zi32U;0`qX_fQ_IV2!`S)1nO#^6$2NOTX$VNfAYlDVeqt~K-;vFSGd zkVxhE_q5nTuJlG~3UEJdD##d21$kMcG)MWc==sCGoTRj8FI<{yD0x?Q+Rf_6iT&#r z3O-3O688PKuD^+R5ld2$=t$H*00L|-zH`>`fH^g+MZ;!)q36l-!Hg3Z)cw1W*gEIS zgF3Ubqq*Haa~VJnMjI1rM~f8=D7j1G%4@5K?=1n<)I!t)eZW))-VasWerN^2PhmmI z*dN`EJAT9mrr)+dYpLE+G5Rw!^qNESD(m)>zEdaR^;+nRPo;J*hxZsX} z+7n$+J7A+`#_S+Gnj`$~@vFG#T7!B4Po>w(iXlMfmeaL3yM&P2{kF=@k(k9R~4t{(;|3?T>uPh26{2xB9&7ce|g!%%g#fde$ChDYV^FV?RoJK6(q% z2{_Lw{}tR+p@W_6gOO7t3?1q4c0&p@qWzLbtSNR&;newc=$P&y94lSn7nbwU`K+Ld$L86xU1P@yc8~N3&~#Oy>)_aBQ}*)EQBM6T zuHGQSW=F#&PR(r(-G9ia4AAG8pBBRWyip=tZ}kf(w!*PR>|vXjtun@@YxD3@D>RS` zhQdM(bSaZi&@>Ui0!D+SWD*%wxZcK*a-G6izNlR znt86MY8;gA;3>ie#e$SUOLDgH*{d3LlXVX&%(D%b2>BRntK?jO;F}|Ud|9|IWL0W2 z_~d~J_tu@>_`6%^Ko`J1aP){>;le{KZbA1(jvgk}Ob$ci71Fy!u~XHB5xZGIIVS8b zX^g`}KRb@-22^_r4Cv$J6NQIl9ZxMteV!dpzZe(+bjb_04IrR~)doA`PzVrA9ez9p zQ1mQ<^Tx%AX=CP=*T_oxF!TFmZsL-)%C^F+jVb$}hP1`Nm@jkt?ylS@tP z7Y1O2F+`DyRFPaXQYDl($KSITqQt6_eJ;AYRoigpXr1rLmpIce`Ix?cLQnRynt+i^ z;W0fI`@C>ssunFVRrvbO`+?Vtd_f{O-%iR%L;2UpgWXVhoG?PO;NZRW2fBisx~xW2 zCoNvz8svu|3s4nRsqYc+?24_YIB(_v4Qn@I92ZHc2-FOQmjpWEbVB=iR@|n2`^Tiv zo8EGWOLXIm5bC9YRnOt4A0eBUC~U&70c+O`7bNgYuX(AKLLeDH+9?w;52o=ffbFeP z%6)!mv;pP4fjrEi38T*LeKG0S3O-hoxlIh$tBj@ z{0?29q%21@7hbml0(^xgK0X9IUP&La_2CAi-X2v_BT|0cFfB6a4GFtpS_4jEMcBH6 zdXkQ%!jjI*WAx?wmGMq~o+M`1iQSbFe&|TP6lge4*G&+7G}=2mL-8=N#1Qaw&;4p2 zVmMx)KElU13ge%?UgJ|T+KXJEz&p&R3=zpWFfQFOu9|XAISLMpTHtcM~PX8l`bD|`}LUxwl)jOPOCfw z6fF+e!@I2`UmuQ!&o4W-7Gb_Rs{rv~ z`fGE@cLf1dGpLT7&8e_#xEU5pNUS_2c-*W=KbB)Q;WW`D2sBJq1ijs+Ve(x|uS`a^ zQvBRREZYwnLMq)Ca-u5(<>eKNkIobPS~wP80On_Cm{4xCm&;Gd_Tg+qm}ob2{x~01 z<}@l=N$g7|s^;UjuhH3o_2lGbSub`h0cA7?&x>iisjUR+8@7O+;ZRVN(*mX4l z%E2+|iAPhdf9j7KV>Sz+RJ3AN@q@ma)Vc7p3dPK}$Zi-3=uKiwZ73Re#L+^ZqYCWN z-XtpVCNDrZ$rM!zj{?M6{EP<8;URk*fsR`5r-%t+Pk3d z5fzI8O$u|!IBe$IdbU^G=wTqt=zFs-d6Ix#7!7qF))G1=DS*D7OL!_QavMYBhzd;O zW-7cTCWCZ7_JnmEho?mMGoKfjvJHPoi3;TPRg7ml-Bw%SbQxBv#(@2ql@f97>_BzY zNNlM5V_ymPH?L+^&q8p09zar{-v z0pZxI$MLuT6Q#J=q*ACLObZ_-TkX6&cO_nrLjh_`KN)CmPeP zn%gVeK6hRDe^LcxIv;-G=XxPv^BC~RP_HdoMiPHws&2{Kh`{siS2O0ZnN};0-iNWU zWB?obU!@C+wn{gPUH6#@k?ylCW!9NH%`=vG+?!?MREMY)E<20^sNHWDCv`*rQkC%K zyp!c-xOxe~lg8svn+x%eZbYNdncKvCj&qU8Y)gs*H&_#u0-^LB@iOQ~3s|J8=gqJ6 zv}n)*YQ6`Md$W6p?6NT)HBkE|X8KP3+FtJXpli7Jk2qF35z4>pDTb+f4n~=v3h>5Ez21+5D)PBH z(vXlS?FoZ6_-2xHpv8+i+Ic>t?*j)Gdpc)+qdh-R4iQPS!-s{1k`Twl{QXkYfu%-K z*ZV=6w|z6@yqWjpt<=!dm##cy7$F?6e>aQ>nz9ca<~uM+3^Ess-Ya!gxrtHki00IgD|1`mN3K~Fj?Ndo$5{h zy=wLHYfO`%DG`Hl=#=C}d6-v7Bv+B7`^U$bPas#@0M5tw#f!BIu#jK+LM7)(F*f%} zJ#{4Eo+lXl=0F;-4mjzn4`i_RUZ~R|pT6Q^3bg%7mE^Ch7k%x3?&gqnta}KD>lAgpD*QWUB3*nG#-xADVUmwBjoBI<*L4)>Q6|&5^pXC zmqkd0yo701%~8Dw9I<%BU5>h|iTtoou3A%Teok_*^tIB15?z&$J&vjG1LNFU3ddY4 zP`Ew-R6cgSyDU29QW2=+8fISm1@@B|Jd0)k^tFZN4$!GFlA$o5H~XXsJd2?c$AC-mmQX_Kt9HH7Tk8f2tou0F>g{m+&CmoI!J*`uT`m=gC7 zYyU5w`1_Y0N>NbjmpjbaOMZ5YZGos;Bza%gfY?RKnAv7jW4B`Hga3Ph|8)TVKElCX zn3xblVFr1E|I7maukcZw-_`RG5eq@y`ugK zTH{m~n@l?r0m^?K27k|GG%-Of`O3H)NNoT1V~EhZ2|;z1NZ$AXvIW)nNy*7F1;Nd! zN1j|W)!)m|PiWq}m6T;|&-`K}ZWRx$-7eI1y6{#Y+UB%<*T`x_?Vm;W-~Y6Y9ogSO ze)E`K`LDv`Z=<6^1RLiK);!#kvAFKa85ay!>Kmi6T`0&OYr<%kO*)_Z*jl#N!4%_Z zdI0)25eplvMM1ICu2sbF?w_RdzfP%mD}~9auEgb{|IWl`$+;F3^>|qehS;=T1|bl*|JRlO_#K?E(ErP7`tu4o5$FhsGzV|Z!rC$hU{RFA zLd!(#r?sfG%Khy=!4L`YF6GpI0c~IAo%S8)blv~M_={`7ig(;!Wqeid2g(1({Z=q< z-6T+Acs9X!IteKMnTLuILCx?b`#=2Xo{^XrzWFczaeXqvLPvbY9OOSlrX2O8Uu8*0!TuKs{y+2EXj~6a zh;{b16c^$C_8ti$=;0#_>LTtRR|5HsL60y6?;+eT6Hk{`{r@z9f1OSW7g$s}c}xAZ z0cwS~RJ>rSez#d8eamik%JnzbLJYhAD!PJkLV{33J|cJ!$|+$~r+ohJm7PZbyD}hC zFy$os+7kL|U4_IOc3zd0?VcaG@#I9(~4^aMC+>^r5hRPch@q zmh9Z+#eHH(bH%HjE`tED<9deI?-)Y9?bF($k`P_x2TO3;@=*TVZU^xT)l`ny zi^WyFd!{nKYAkZAr~cgX!na zyH+DP?CilDE(I$2XsSQ%rv?wZvN9Rs$@jAcKqo?nSb>AXSa&CkJ1$jqZfm3+dBPeh*dpY?j?N5S=zr$JYAqOZVRgp_~Gm zv4)QD3w%oQdWM$K$u=U1kmOMhZ^@Ujs2@|5rHu!-tvD?&9VQQ8@nRtm$ibx0b7Fmi z+d-}q-EqABxD`JJO*%?SRb7j)YOLoL0HOuuj>JDO8-ss7i5cxxcN^ zjWU@Y<>KSAPLtN!G-~I~aQvBf<@vHe!@hjK;QqDWA(ISg0#RBob0@7go?d{8j$g9s zs@nKxh3y73!V6^VmgoSwn}p?OzJnW^64a$cD>~m%y*1tUIJMGuv(A2 zX~Djx=O|xY&}XXoX_Z<0huww!jq_!8@p%j*(&E>|=(#fG^Ifv)6-M6Pzz{y!2s z9>wq*`5o1NmM%tAXjA_+WKGUjax$_ew`W*8=UxYZ=%3r}hti{d@|gbOs5asG$+vPH z%TT@1zZVu~Xw2H9X4;0E?>iNm1R#-P-$v2IDDo)by#vjN}u2Qb58nGh-*nES2>Kyf613G!jQSfYQPH1EXo_4g*#ycrN(F;vAW+A7>ZK8W`YcM-Ne= z!iW>l7-NFfOmG;hRO;;#2Ks$g=qy6i2=T9$(AtaeU%}@3l~C3V?NCE&V!WLFr`(I>{75AI3O+ zE@|IieV(!N3z>1#DN_ctq}Y3J;c@=s&_CHUi?@3Dtu|S&0+}^K+Ho=h>>G zG-cq3NHI|$BE&LJ8;uMd0z7a-4aTuFF2f&&Q13NH(p#SJI2OgmNV4=~W%#KE^->iJ zZu_YVL1DwUU!nArI^2kdF=#wu98pR5<&5tDM#8(5mYVI?y^Kg<-!H85WwDk0UpX_c zp?&{^k{z%`y7g(+JpIV1f)zhWovUyzEl~Tj>#%PiP2PVdY_&x!0(KJ$fc&OoJhalv z-1M?s;&5`TK9Da@^OgpMhhJ;JX^~{SGoalfb z`D3nJ`-I_>n6k)h^*f<>3ZDH{@s|2bSq(W@s6kfqi3gQn2H9`lKoE=MO%XhP?HOKF zBige1g)c1l<2jGKgv9$p%w~*&`E5AM0Sq$_80LHXs71E;DSDkf-k)aei3gcKOe#dh ztWJKOxaeQkJZ0a?=5V!3!M++*a5Mf;^w&I&2rUZB-s`{afAgE~iA|M^6ac(2LtZ0t zG2Sp&EQN5i*nltc>wtVao^BI1SRqmzz+ewQ<~sg}@yyyV{Ax@4`_ZR>o3qM(o*UU$ z`$dg4m}f({b9Cuq>7x{zTUGqwH1Xc(X!^V8vg>D!Z4R!-Tl;7 zmZG}T>1>sho-P9i7k`_S1kP&#HBqR&!z6HK@_rZ)vh*JL_4I~QTN#}w6Jy++`7TAb zD(n*s3ghu2Cho^s11AAoZZR?Az(C5%mrNOMs}Gv9twiCSw*?&qXAjvkcX?$O!ZTPL zXiiOJ;sa)kqYs|5lKAw$1Ze{QWAnf$_`3iWIxWN{aL$MtY4Sky*nb9aqLPcqIpj#$ zE{z>iveye%50agsK0UGP1tETHa_M%YsyzI-`2OCtx3mmmo8$w=R~I4p%vDX(*lW9n zU{O_&vzL+{2x;|ma$IjJRwBe8(bbO@^kiNJ&Fn zl-r4wp95i)m9fi6&TdSm#h+M!+94(g1d@xoRX=2{4Z$U#LDL0T%8YW+*i5nmPnh)Q zexev5kQO;_!nBdf^>gSO7B`z`u4WqH^GqcHH@1hswADKDbVpsu$fpZuPI)!f8y2Va zw@twVWt^f=$>J?g9Pa=Ls#0G&CFuKc;q!xzVaez(vN9Bv8osQBmn?-gx3aN1WczXU zad&5!_Lf99(NIbgIXthpQah>6vT6(ysgax9TwNLX_%e0o=SzXdP|pI|VqKS$VuDxN zRo^nkV72rVkqk@#2mFt~vn|u34>p+rNl4sGOitjV-Q`H_d&A5I=6V)jb5rrU$5tfj zCHU82*!NyirMqPldg#$Gapw>b0H8)VKy&M!e z4RfXjTT=Z$vd%InuC~kCL4sQ#xNFeh?he7--8DEg?(T%(PJ+7xcXtg=T!=Xu_m z`D$i<$QK-($wuwo+B1fxZN$IszOeZ@ScA!tBZjgWHy5tuB#1zEwF)V6 zj6RO8I})qd9#M~Ml$JpQ-BdhCc;x>+d`^E_?DQkn`YGmLzTkmc$^0wflOtAgW^_P^Y_3O?$?_ zhvgNfdSkomfE|Msy8PjjBlX}kIIglv|0*(mW%|~nu<@7X8-iK{#eW{F0lFp~ck;U1}%qYOR{cl&Ni+3pzZQ*f^)MiS;IDTd#9 z@fY>G*q8>U3su20HA^b9%+w(uQ=FerqnCapwVLNQpf!5mZi${{q-=2IPCFsv{7Lhp z#8prke=o7dO+wM(nI}4^H5|)Z457@BH*2tx$1A?OQ2dk=x6BySAJq^!zlY_6bz7hp za1wkBZlt$v$`xrkDSomWD%J)|X6mxU3O?C9UsNmwx3M=FuXXlQnlGW)ARRT3Ef1Eu zhPi#oOf8*&TH@QN;?0q~qaqNThI0@#veW4wRm(`!D&oe?nvBWuUO1BNFnFOS<`s#A z_cD*_pdTmH!4wwcEYkZ1Q#Xo?_9nC_%GaT9GmgZf=@VD7QJIpTx?@pq2!FG5o-mvx zG9L~OyR$g9nL6?cA3hIRzQ-teBu@GiBfDt#St$ml(7Za6#{gEAIWJy2Q#kuK|82)o zH91XN6_KA>?|GRvXB1K;Hkp>zy25kTw|aZUmk!*u)DmzpqLTXjc0Vn*$Y1@R=@v+H z%jd(UAtKEG=VB_w0GTX@Ow*uY(5%AC^9BwUta(85C&R(IWYFqCybzIH4?+`4T#O0* zjy^2?gX`0fgVxIv5OGC&(+BOcTdy`TBjY-8z(2+wyxxOn{TzGnHLBa%Xtn=w9^w9p zL}Y@efK%mwZZRm||0J~0_`5Cj^QC;vvGW$_gZ4E)ELUs9X)L>U%)n*Dy1;Mcm8m4vSM*NLp+)?sCVq~9U-bvV4JXkvFY*gN7X z&r36=k_A#R)cu%|NsB{cbc9i&Fc!B%BWGu_JRtQ`$7m@mXndqGk`&ZY}JJQfhcn*50CEC{C? zcV77N?|@TiSNwx(MbR~!55!TI8`<6hg>ky-L>oSyBd4=tZ3G#0JMG>Y4!=Z#cFgyf z=ED2dOohHk5X2kALY=kXH7XX%J|(0AN!lG{mzTq%eoa-K$R%Bq;-wSDfu%>Qxq%8_ zCloA-@ve|4L~m556*X`R$S<9ugSQ{^zSy{ilC57{#PnLn1ef3f9-rnn6jl=Yif z^P_?+AM%i_6^)f?1T&>ftOdao>@E3rtk@rxc2J)-7VyVrtf#hO zLQH~6N9#1SI%6`7JaI;`#$%#IMe;UZS2mP3s++Ks<86c8{kviQHjFZ*xM?*c(V3mr zY@8}b8^V)*Z9PXe{(0+r3e(bXv9^NWiB7-xOU=07uF*@Tj;taZ?D{}r+38K45y2WU zyM=C9(Y6DjL|&a2S4X6Zqlx)lYeE%sk4@Bm;j?%lm)<$Fd5+`(+A-3j7IQ|Hur+p) z2EIEL220JSF+;&KwiEXqJ;98FR*T+sSf9>iB$5#`txIuwMnrT{);)fUcNS{)rmvxh zCPe{#-|}Lt5&nID7uqZGS5YVwB}{A)f+t2OQ481c-ARFahN;g3zVEvmp&+Bq|9tum z^hbnL%maYc_$9tR;9z+xD;fs9mSBOGc-Tvm#Z=}$HFPbIA_T?T<+{y*u+p(G#;0qo zVZINWVO;_o8}>E8l8G3G5wklf^EQv|;(%3}7 z$(co6)EA-@YKFazCuW{Tf7q$W)f!Ix2GV|7SL+3;Y?AS!a(N4Dg^yTesvdtT3KGp` zLC9F1Ae?#@>atO-A4;9LWy_aaCFHP8x&~;3{Kb>J@1ok~`mR^@`kQ=XBgEskJIM`Z z4FcKIEwE;6d;6?WuvU-RKb;;D`;&sU3XNgU*Dy77OZ2#nx2o&wgMm($2*8&X?|V)^ z@B$XEtViqZt?K349WRo;u%5~}0zOMVrgE>cfavrGfL9P>HNR+54sWnq`3baGe)l{y zT5TVPnE+tzDp#pL_g(V8{oYvt-TK?plIU8s&$HWdlVgF8cGA;t*)#&hx!$8aAW{DD z4hn)0zc(yyqs2I@gXr1efPIUf@3ellq_|ir$xHE1+v}a*>BiGS1UZwSXMK3b+Y=oX z?pG89?3P)8ABe}iMNkT8+AEJ8^niZn_VJcuF*E~K$Hb1qnnk7~Oy|AU6VuV0<+%XU z#YLdVv;G=j!uH&48crJT`e;g9oc3$B{E5$~J87Pyrn@U}xI(6P(7N=hkXylU_N~Hb zUr`{$na@`Y);+QNRR9N~Z9R37+n+*vodBr7NnuK988t`J_xH z17ns&3d_zuPdDG5mYHa*u(B(+%b-?<7907R>k)Xa+SC=4Z?%E(Vh%oZ_Ma$Y+9JH9 z#EFG#G;4CdW1c;{&k8O0eBU>$rl>>^noSMQqC?13*USq$eECFh?nO%nf9)K43io}G zxLz;x(C%8u#jS%>(Iv>M&>3a#G6`elw0 zcAR_4ZQ#6ly;bgWYj$pC{Iy&Hug`Zz&f_w`MLwwEslEO+y>d3WA}E+edXG)$hi>Xv zNDAQ-Y@Jk7l16Td(PO%PsRn;eI`i04E`vF0CU_3^$zBn)VWwl_9&$gp#pwlArh=oG zMvKRxldq*NGk@M+KPx}Ueg2t3@Xs}*=@S=bC+W!5D;h$1>G(D;XjQ|s&i94N*npW$ z{-9&IMHb^EZ^qh5r$YTIHTK#o-z{&C*n@v5_=QiC53L&si#5OdJ+43IA;WwXBY-W@ z&R|0etqsIjWcCj#0jQ8TM=nyG(OJV<$?W=-<7{lh+le;>P|=Mvkb#&U=>2 z%E|>%*ErAOh0DBap}uoxEmwib1y~dU*=q@CEQKYfIl{o-Yp!J0udD3E+>q|Y1ywC$lSmsPMZCt`iQNI1-AF8+N%h;9+VG0puhxym z{{)4MB;`nweo0H3{%n6!o~Jw{CcMhpaN(?;73DLjx)3!qYf>+dy(1Q-b_mz8m}Xj> zgQ330+DslSAGe?RJp6Q5WooO9rjGKQc5^X8lIoV#YRytcCx7>e_p+QNV(J9+Q2~-U zFOGM2{VenR1+{mE?7dL2%MQW)Z(CB%LQpr1J4+r+@vjT5j-Os?9WP8%ttOOdv2)7z zzEtX*#dp1seY{a-YxDVxO$B4Ac>+cs`Sjx0cw@$X7kv_rPzraCZKcZipJ$~#+{;x; z=gb+HDQ%k#%|a;A>uOj~iNZAmVECke?R>FFhu(;G|Em?0)e7xelwsc@jG7J*i<5jG zM-6Od0$I_*dGcVKx`9q6I@b$OWw3!Hq>{;WTLC-Bs?N9c>+1DNoj*jcyNrIM zEA0iWUH#Z`Gp5A*H6D#XaaNljXAbbP`X7tLgU*_^-`Qv;B&Tpoq}?ZOJnzp$v2`6t zU$1iju#o4(wf#zyAn@pBimsAeO#-C23*TSQ@qwh-m!OH}HGF714#N*}GXCBvYwn+S zv$?gC{syvaX3_Rm7W86(^S4U)zM^$seSIX{bwTO;!}bEh!*lN^+eh~oh-)edUzIs- zC+(~?2Yhq4EzJBHlv#A!=xRxP`n)p!W8M``4HtwFR|k!Xxr^Kqh@t?>iR|=YrM6GL zwl66ExpsKr4(J3Z&hBdh+B9BU20esLsR+|9@YHahoX?726ly?FJYIBWas~`JP z$&debPDQp5fjFqURnTh2{pMl&<%DOfGD@gk6lC9WX#Q#g3sLhJMr>YahlXzrvA5Kj zkE9NP!0viNt%Z?eL^iGhEb)#% z+?%w&Uc#7A!Rv05AAyTvfq>i29nmNx^0FInKsBJtEdUb1#iJh`WR7AVtZIj4rF;#*zs( zQypOYGUNZD)xCfZi*7?&hCO4yE^!QUd%YCbt297LEX!P}UGR{eY4U>z2b|2YFWe47 zG8XEjl2x35_uO(vCZKP7*jo}B2(%!>8fQwA+IziR$>sJJBD2Sb8aUv9E4t0>L48>p zK0NlhYuq+6#`-+N2lf4za<&dD=!{uQ^m)Ce;5!Nuv?p5ms4ZRdnyH5O1>DZKM~w8D zxKh%b{tq=JNu%^ed>8ca^NI2B%9O~I|^sF(Q%{b#+8J2nw$F11eUGWtQZbNIpXMVjS zp1Aci#3Q1+GMPW7)jB2g?*?x~$L2nLA26(b#J&7<-j?jBm zg|tYoUfKJ?mN({rY>PiBiiger`?{Nyuh;tT%Caky;EfpJV+(KAc7}xscGPfq@S@gm z)xWC)Oc)3%A)8;y7u4$BDXKLtuaiekM3q&-e1nUq*V(ZdIif)=nHPiRr}_#AZPq9MPCvYy$fdVQ4Zg54~rSsov)oW=@m?#z`(6Ome8ggDsu zUj61RD0ky)tP8J){_2*N%JNuh-lTYn*M|!78*we1=Z4uY?;mfU-FO^shW7V`mEfd_ zd9%38)xTi#<)=r|S3jl0dKy~qKh^7@2-IKJm>V_h7u{ckWoqnOeI_*h^DE<~@im9} z;hpUg1vQ2J-iHOt&-bO57!$c{MmSAA%QZ~Blr@dOjQNm(Dq>`U?Je*(YHtd}&V-fMVZBSD}G|FkD>Li)@7f0-sj9SQV z;04cPCo+8He|L)fTFtx7bniS1P7gYRa|zc?+6x_eI?*36JHEV!2q1-x>P+z47^vb; zBMiNy{WYnlfxmQUqkFoa|H)lnxMQW2X6V(K;zZ@ucR+^|M=qB0?dCBEBA=#ma3k5E z&mQEu*7fWVK~QpX*D(5@m(u?~6+b`|`98!2!`m*#67pIu*OzExqEO%zOA0UT*9;Qv zJD|dpEC@#&9+iQ50^sRWKRg{2pf=QEsvZh0_g-#o8CSHqJX{zN!iXgT7Bh{cAru0x z+~jQlcT_mvl$);7?&-?k48elChM7Z$-T$6}B37L&}l$?O;|m11Lb~D@Y{hZV%)m-)hB$5U%Wuj52sPE>ym}Txju5 zfVpzW2lPiv;l&geBQ-z>!8B;+{~r9%AsD|;tIeZE z9WlsQzs@{FHI-OCQW&&GUss((wGKi($v2_fR~hEf|Ip{Nx%!r(Xf7;M%CcikyH*>i z_6UmZGE%E*%c)&YdA^GmzR*0^ejdDdR7$yEJ-uH6Lif=Em+v>hxjOw&_#9wB()ruy$ zG96ng9aq_N<$^AJ>5CBL&5ru7(*3K4kN8r4;?4t?595uwd}RjDk~~j4^KSKpz-91$ zA8y2giFyrKaLRxU_>!8y00k+}Y}CVe_WN*0(On%vzZ6dPbqFH%6&O;^ybcUiyuG>R zeKRcyS87eNf`y5xQl;O1(~1O%Ki9~@$_n*O+if}Ty!)RW$!jH96<}qWb_e^&goK2! zIqeL6h(IbNDc;B6neg;#z24T`q0f7==Kd~l zF|qv`th@wpUo{DL6RsMoyC`Q1Lh9=91NHUql^ys}-wc`-4xt6Vmi-Wp9T z#tr~uvp^xC%Qyf79KQw0j{pm=|C^D|;;F8vTyCjBr$ADj@24LOOeH{lI4RYB{+1%U z2A9>`K~Gbz%q{;-HmoGnZaBCWDej|4+CZR9c2=3Dba=ayPz+ooRPQ<2aYoV5M*k2_ zonm>LNh7WpjB29DkbC5p47=|nR2WP*Vytl%OQEDzN$n(t0hFiuHpE}AtK{r2LW?~) ztY*Y8&ZinHwCW@l2EFc1rd_>Y)t&5Se>3nuY>2+x3*{o+U8fE4;)IXkldK0U!a`}; zAI;GK%V~2eLzlTn5iQi;5fGkHO%n!%VBxv@gs~2R`eu*sKu?nBGtwlH?dZ>nr-crf zVj3QXG!CrE_tj=+m)2j7wY{q**(^c1dA)g%H8=>;gx_VzP3APs)on#?o*U-cj~wb zp+OhQ9HVUHuSS1fr6TtwAqP*dm3$j4zH~aJHyB|}|M5d@Q8&3&&Gt)^+oM#lG2^eh zZ{YLmHjCnb#h?_d|7f{l1ok7={Vo}Sb^AlR8_|gA9Ljr9ZuE2@oyznU$i$`h|QY*xF(PB`OAigJ0)m*G<8_ z69Vyh5$^qC4=-xlWK{Enf`{zL>B_zN3|f*0Z-gM#jO2@2?x$G#U`K&~!R z$jpmw#5-C)|1v$BS!ZdEm4so@qifg#U(??HUtt<6UG&~k%$F1M9nY{O*GJV`YIH2i z$mZztVVQTA^SG6lBOZ`+py&ucXSse&!6;P*s>I6?+$N}o#Tc>pXPKW%cY)FUvL?MX z=)>&7DHts#^XvBzWgh)ufP;*X4YDLgP#5{9uRQysJnQdH&tTPU`xlOKl&5Mp8v8|~ zpm_)*svVUo5X}i6iebKR#e2Z#q=nn~vgDVX^D`+|kMViJQ1VhKDrZ&HdSP?rLVDpvc z(3MVLeDmUL{fI0$u_K8yVy98C8Ss!Ld;5%QvG&1CtUw(@kK&fx{cpYt(yePQInDpv zNt3{d33u&}RHvW-PB7V)^N#J{BtSo;krb565eEOXVvmn6))7RD0_Wxc#RP<10(6Bu zaXD;L)&D>#!I}!h`xpY?9v^=(x8n*E$PqP%EZ9HsjGZr$6NnT!|FCG|sXl+t-3p5E zC|=>#lLCyO&gq7*J?N?tLPESwJK?d2Gms-FEEC}OH{1A(MZgkeR#6B=$wPe@l86AA z_N693n766gdoQgMrXS|<0x$#q#d-KKo{hqD-gtdfR#hFTY2#M)EUy^Px$co=t4zl9 zXV~56`ELFmMl1vv&azOWxH&a3ULIE$oWY{_U7}LuH{{MFI|o7%>hi>tvfwh5nQ@Nr zUZe9Ikbps&dSA$n!7bTD{&i5W`{%QO;Jvh||2E&NsQC04QDdHs%?c-L~iZgn;y4Jdig?6jkX+HSv zZb7(Ep$)e4_4K@+&VqQUk*IUFOcVFmp71u!BKz0f>B_MM;u(nvZg%h9c*e0irgb#f zmsd$rxZR(p-&bEaySFu?JR~tc9{3z2=>)_9y`S`~0)Oy0Y>;G84mp#2<{hWnGpfc8 z=2`j3FekWDe~J7Ogo8w>xN;%Cl@6#Q-#?a&F71=Q4n&<-`QF-OQH2kYi1Q2&bxo)< z9#7>JxDCR4XN7tqpH+T3NA-JXzgG2Z%o|||$3{1iH5)Zn-p)aa$3fCpE%guq>kHXl zY{}eC5PC+-RAflcnWN#B+ZTm@`H}U@#LQ2pBz%!Fw=_*5)HyTkOGAX-1g-3l7%rU? zRfJs=UaTp=zb*of?ESe)LOMJLy$w};agQcs$>$vk&^Ff(jnjKLtFB!e3MbdL^W0Mj zLOYnD`Rb|0JD?IXWBn7DKSIuzX()u%yl3!%675li=UfCvx#I3~<+FHrsKf1oV31MB zzyXS|%AA#c>uno6V0rMH-0ztFYg8w?p&$jpS8S@!XUI=?)w2VPBe0@c0?#KZo@dQ| z2R_f8rof1`^=RXW;-JmdjqK?z(j>?tD4dj|_$VHht^4c|$37-lyaUfW%@4G(|k zpPl1vJNQYfRCfGh>c6UQZuQukfb#M!D3zD#rSh+a*_WX)5BW)VbW!{Ko3#l?Ar$4DhFSn38_xutu?I-Ys$1QgYz%Qfk~@b8jXTDyrc2^q z7^)%3&21dkbwdbB_3kooBz7FKA!C5-Pq&HLFN+;bdXnPX8b7{pLio&wBI8?Il7S2y zd+C!0%UJrYhm6Mk3p8x7c*ET{o4u9GejKIX%)MJu#Rve%tTN1`1>dnI0C%T1+p}J( zL?G7Y{JWk3@Prhmen_>3 z%A49zqa#V6G#Mc!M&``NN)l{ugG4C%Ro;&8nwYBSFOmg92JfR0Bn`8o!6KvV2S8{Q zASw_wX=QZtm2{WoOgY8|QNz~~!N?h{V}b{K*Kv765NOT0GK3v&56A^DoARQc{`U_9H5-Q6BIk5mh4IlhV<7(;L70f)NaO zZEHJ^y0V$JvaXRGdvGu{1OJd#S zW#FGFHx|(!e(Lx9LM?IN>iNM+z#wVD$5o55VM?woDxB(1IR4jW^95E!ed!1#o}o!xDLPP0(IMxm_E) zdn)~z4hU+i0jwK6?SplEmQy7AG_ql$7hPHxe1ng{9!>$674_tv8Yi1Yh z<)_5bpQ=36q?y!@j?0W8df^`l1%;?0uo}uE6bj50L`thAEc0bCzgsx)!eYBIDd_mE z6y0yVqq^EhVRiU^9$HL*TfZ#AB2a!*JBdExTS7)Rp@8aM7i2W+R;7Uz1FGJ1EH!54# zw|%B-wHdAGKeNmbM@*k zpUmyuNMq0BZZp4YpOdEGI!(K8?W`PIxpBUr6a|-vL#}94J&q`i$N{pWLx0U%kSTW6 zo$0SCPrjON=uVe(ec?VjfqYlmc)``fWjc#!Z~ggp>f2vEl5HHS**ZO}iqRoQ%**bR zxxRz7W0=FyOW%{+F~N*K`RDCLn;qnJ+uQP^_9vE+)CEeTToqh<5_AW0%*XLXba%|e ztfrfqF@qQbtuy+w_BE})Q`hA2;;iEAyQ8=?2C>i`%j2z2HXVm%9fzkbTK+YeNB#Lp z1LOVM0CP^Mq!y#h)_+%n{yoStwc-4sq1{8O|A{VoUMjY>oV6U6IBpM=!|Y_p)PFKwx^GcR`cZ3VJuLVQZqg)oM$e!DerIx3 z9u?_+ugIGV*{0?bAa&SDg&BYbn_R9cdqBjizSS1p#gXmTMt;aNNBnOLpfG@(sv_Y& z#XtfjC|t2GsPxMZDx+`YKoAWGS$kR3K!)v@O(LOL->b{7pwyue^X_`*lv4+zh}OSeqvA0Ylk>w z_yqL{>1*^R6;~pQ3Cp>mv!Ia=U;;7*7&vlY>#qqlvAA*s*i3(>Ss%GB(wpKN(l3cOaiV-)E}3E zaQv2Zn_BAGy;0^Z{ z!^@!mTYYwBX~!c`lR`{({<&@Xp5oj@1M@ZKH}7l8QuR6}%4UzqY$+VWybXO^dlS)^ zwUVIE-yVL#^Y5br5ov_nz-f$t0n)*A2mJNdk&TBkMj|#vd zWP~sv=@6f69*nx{%SwPdP*!OFQXgKPFKX(PA$7ZQWu05=%udjsi!fS64QmfMpwC3~ zaitBU(uEO#k#n^;VbQ^N;s+Xpt28oM@{P+^^WANcpd`}HEAgl?{+MHtozvKktJH}V zNdC)%k-Y!#5_VXgzc?yjsTjuGwp>_buusH8J5xYiM2vZeGyTLF&)iOT1E<3+u2Arz z@zQ!h{iF+(hi{<@@DE=;-*Yk6Lw*>(&frj!S z(vOaNR<||(W94f>lBnGoxu0@_UG*(nAC=3Atj6C{Wt%jy{&&T1ON@lE3U~rEQ*v}< zR@jn_z_YpB5>NNmXgIoj!}{ziWcWdPCydxT($$R&hmD5%;#N*h5`1}K1QwH;{oNrA z&D-{Bll08O8t48DA`-#Z9TW+$KA19cyXayJ_f?DtG<(qF-`Qc>j3ocQ(x}!tjRcLd zq}gbjX24E8;2|W{X4!g4J<&~Qnh)b13S>p5O-XbuBtpZSoSko7uTdSVq4 zpalv&r1ODl)sdlvDYRHi=kv!nWXFnE!hi8Ly$}tg!pC;B5n}K)?R&5Dxc&G>P-!W8 zttN?@*zYIdW`97_Ud7en8joEn&WFD*OqGD+h?Kfiq7`<(lu_BKSfudxWFG`n{vDC2 ze%|soj7HqE69partxc7CaUth)Jzv+u@XEXu(YkUT2zmbYXCL1+D~4an13-7l;4~vx zTR4Qk*Cmho3$C-qm*&qW0X&geXbH3`Wh0L&BN9x>Iv|iW6~nn+oXn_n&V!6`1B~i9 zM@ME&%CK4!Vq}YMllvA2Dvvy(;kQ#rWQF(#wK-+t92GZlA+8A7&w4O<7^Oaz1boSa zHxaq83=q5%3AiLr`odR_NJ@ku+XqZKCn8Hwp~VB}4(cZG#*Ru}|7k(}v)nv#+XeOx z$OvJChRBqQzz4i~9^SnE-ZJ#n(4L zJ+QwOA|=E@JZc{VKnP@8jti@mYRBHQ{SBRFc5h? zzrLneTr8*>CL`cFx-8=`qx%RS%fdmkh>LALEshLNKgio>Cn=NWA{S#L@F~m z^1(m?#eI7QYXC|k#U%3pE(5I}lt?p*y$Rw=U;ESsgXXloo&3(ZanLp2b@g{|kFYNj ze4?yU-M(AobIdI4n$of|ltGKoTHse5vH^d*6wm8{@X!2BP`5~J$r`rL_TLJjKMQ1Q z26DC3sIp@WMAN!1B8zS@R@HvPc=L$U&%UUO)VRTcbq~&=-Y1tRg9t#?O#*yuN@GJM z5~cpI=Nyx9=%vQlEbbNL?DtSCo^R2x)cA>|^8hr|UNKQcvEGI?+`lM&5X8kZV7~9n zMq)h)!=kqy#neX+MsN@MqBA8dHTLl6t_5Lkr-SSIfwRUt5jiXSp0%T;8_fLv#9Z5= zCo8dl=xr+7M6o9b)JU~Psp4x~+NuO(?$9Z-|Esz6Z@;{YCO~Mdg%7lwLmgQ-vkeV_ zam$pU7&Poly(Pqr`jxpRCc=A#$oqn{RI3gvV2lOeB0e(#lY17($KNt3l`cRa;qY-k z2Qd?$_YNgc1T`GSVbDtF{*0eZ3-%iywgKOWz{!&h#=Q{2O^G7q@)t+Br{Js)11Y*r zB~*Zo19C^KD2C9Bcg=NSZLae@?WrTn@9ohAh@edWlc`)=&?kMetYGz+vs0);QQd7@ z(HgHzv*8*|=+vs}|A=U^)D1u47gK7~OCk1M+rIfDtChM#(= zo1OKjty@+q#*8Q~P5>sK=rfxV>_F)klV52=k3hchXhUi5>K62)tbT5kLKiiFuhIK4 zPI$@Gj8fq<@;B;OLb>8?NSlxp%T4m;SEG**eVoUCsG2cxiY&9XBij9cuO$(_LW*kO=xa#v;n zhrofG7hp_Q)zmDOzL7$*N8U6hx}7~)Vud=CT;@t!UX)t+G6-x6a*^Op_M164lHeWn zlU7Ivbwyc9@N||a_dn?aGbr}J(W^&d7)ld2E}io*P=ZLuYL%3SCmFSC3LzDD_n5A_ zGXFbiiqK}*Z5zs@F#6dU2^VTT$(q)^>4%Z`ADAm|>;CS#_xX{?&jQ0+7r;gp7jeDmUPX&n5#cp{`bEe#uw@O-krQNuZ~87>aKn z?NQZ}3xnkd{M@O=`?$73g-I||uH?8w&JD6zfgfG4{=8auJm*q8N*oE>KOXczk z*YtF4;#qRITsx`M0OV)M1~x4k?K1b+P&t>P)|x>MsO>1SKm2|C0DQNl+v9z}RDzBE z15fb%MFv1$A_jagZEX&yi7S|MryPXRrNgb`^&)-oDj9Xv0pP9 zj1#HAxZ_^v%)qGC)hs_JtgSp6Tf-M#msHoa^W|z()_M#v9uHW-N}~!qRIAJOaqaw; z6VTwo=dhh}y#%g^2OZBu4wSo;@$D!G4Fk1{Ky7bPZ_?Zv*wtddw_05h!Z|bPNPpkz zi*Ny^Nmj<3x-b94(EflO#M>>W^J`5R9f7&ShN?u@G5Jp#sx%t)7Zwz(WMpJ4)at*! z3fc1e@k{C0xr`6NEBN4ijE@>6<>6tTS`5<0Z~3;Avo#fjWuW{K$>q2-0%!(wl6BH{ zK=)>~#rC9b;ETI18JT8508#H{a3^b8-IKfIOU-yeOl+wW6WihaL;Mf8Y8cHy`~~eP=zCCtPdGO+Be)F z&*(i6hugF7aL%ytCE{{N;M(Sux7p~MsT=vG=bQT&H&LBjY#Qn&&S;B? zm|1oFeb_T2#r*$39fT-_KZqzUlSuWs=BRK{=gDmNevxH72psHyOPC&z;2|Qld?bi0 zs#M6OpxM?ajL7g8H^eCmuF!5^u_WLQ7?qWtLVpiZ9FIbdcIo>*X!~CCMm<}m7Vb{tEPn7nsz zL8Lzb_K&72k8V8aW2SY5s4)(eJ6%b?7_~Pym-POutmTMvvOI76xYeW=c~mBS>bFd2 zJ^#d`WHW+jS|0ONxa4U~$~;5ZbZ%R%{@{kPiI$_`mjVm>yR-EM_eYwqY8`z`rxnYs z((bA;^5l>^yalId?X;3LY&;b?Ssr=K&Iy+N!F!B*w1<5%iOV=v9)d|Uxs`z_%#Miw zRsGQ-)0aDK)u{IyZTv+W36Mi$NGqg_{a;TG{#`Au$G2)CF-6+!H^P2S?bbS%_M=!i zi60@2jo$%FUV*`DWQ3Nj0|?d$8O|8Uw&bViKVge2TX?)&4jus2znLT{DQrIyGGTty z!q$7RpF)wvJ8Ve#X0N0rWi~)^2=n3EJ5Oh~amnm^reIF``sah9K%g>CxOK`S zRVW_JMO|`B59CDvw!Vk{`|W`v-Wq5>Yc3w%>oRrA`#Mx_a*d7Zts-3}Y~7QIKD|^c zXJ1eTM0C*9^V2ncP{YFs0SYgo$s1Ybg@TXC?~U)3Z^d5RM9)|YJga$Fw9U6Z3%tv$ z=D#*=($mw=O){cj^LZOMej10IU66SJHSPXN$b!d3i~o?xhwlJcY{ z3LIcL;yJ-pvbbKm`vpjRBvXlq%b=Q?#@8#t=1%Y`{T}?nRH+@Lr);4Sr5{aT{~al5 zF2F7T{xkolS~Hrsl`Qce;D~VkABMJ~0h$^||DbLYt?r zWwuTLPI5y&N&d2R{DQt$7S%c-mxKRGy8*gXp}eRMvWN@YLfyngP2==HAhZVXdQLS} zihh)+?T^B?xza0BXK0WyYsw5M0|C-n#Ty`tk>N(?x0hyNjn0>Si;Vx*rawT+YI#sT zl;dv)7EmsL4){!7ZNu(|@3b-u4wV@773gunty3KBq?|Y6QnF{L1qzAIg9rwZghEIr ziNs#P%p3W9b4~JfEALY(C5!i0nGu(3b?}tGR>rtYa_s`p>5zhtC}kEgy;^LU8FwtM z2-VD3_*ct}&m#2N@W-Ez2r813(wNT4`3Ka35m>^|HMGc~XR;@NPJ4f$^zrk;(8f9X zO6I*%1EHA2_`qFBu7Szsm+}v3!bEPzh!7tqyH&xT$7~YQ`RwS`%0-q65rNYxS$TXP()1 zb9Q{*Q#?Q59~w<*=M~WZpQM4%hn+w`Q;9xz5{g2IMcQ{Ms#qGtEzPK?i_f~Jz9tB0 zWU4H8hBnK`95|BtC#ETCr22RZFE4ui=K6SLiAee0(C(j({fL0y-9tWEPAh->bBo() zq^RT4-D&yQ02HUDFnmgq{a--2q(^iX-}I5&XfVsPz#{umrq5|(+4~I1Bn4RQHb-B( z*4q;*{O&h0kMT5BFA>IS<>k3~OZsHuf!DZEN$^*S2PU%V9Ql@xl`aJsIaXvG-dqE> z3Itri#N`XV`{O~38RqixbF1i`S*NFz&X;7W^?-}ed(Vf9yeIz7lUf-dZkLw}=Bb--?*)S0z1BIP%9=1#VtHBl-egyn4flH&|$F|u42NralZnebdP-n zo+&LH9BwPSo|jG{z)+Bu3X+~A7sY$V%%MKQYDmRSZ;zZ=q`&GK z!~;9u#+k;g_Q;x3^Lm-l=TzbEOns^U;jCoo)tGSAxL@#g^E@!zJ?{{Qd9Uk-0UR{= zQzRx#1%u4ca*HY*kLO?w-p!zUlB4N&%i0c~cke2tR;!(BCsp952Iv8p0jDQ!M3t@0 zg61x*Bqe2YL~nTR3yzozt)DtEALu)1wpda2T^R5T3WG(}uzW-4I0J^GBXF=Vd+*M{ z*qYQorCwA+8#<4VmeD;NDeS}eu{N1`258-%A5j~>&dM05@k@YrFlQHDp53X|)>e0h z;J>Wr*}mMSc&f;Ju{_j&MZfQ$y2b5FBRh*)Zj=q<(7A~ybIy12P@_ruU2pd|eUJat z`E$3=zp3?5hj{ZE|Z)y=E zG=%yLrlz}0sV@m<=Uu<)_gw`oQ-nRyk}%IzPt8rMYjZ^gBh3adSk8nDUGa^QYdfI` z=md1(wwq_pq*2ZzF<*kS6jq+o^66L>*`sck0`~eE{)+|R^M;CENqhW9PHE(SQ5n02 zLqAa60`!RjM#M-?d+5070!AaX))sB?3GPEEG6E@LlAYJvs)PumywredSXVw-zP76o zy1XLtv&l48owAee)9pz=U%fu21Qd~)(xxVBC*PUNm7Ce;aSXs-AqNvk|Xd4G=`+wY_*{SnDbu}x89@V-}>su8#k0wAi(?7O=uVJ6t=Lcp0mbu(f@9L&7fdftKYr!{^|7VJFr zJBHD|&XMHNFX$r0kX*Rew0?P8-lAu-Ma>C&N7$RCfzRH~1O%d$1t899CYYu;eUt-3yXKpsJ{RUvRg|i-DpHpJH|tVlX;YHA&a-GhGj=2wqClO&qJA7Qjo&; z-AmbQU1t1x@+7^HqX^&5(Ip|F&aJ4WY<~9Y!0d+a&Z*yINo;XB2BMqgTDijVN#-5%&Wn9GBf%Or13Z-?GUTmgb^0tzT0qEZq{O2bgnh=S76HAr`NBOsw5AvttNH$xApgmiZd-7v(E zLwvXU+536-ezyC0zwh|{@%xX11MaKVI@h|^wbr?y&YEyfkQgBnaGe194(>6lb9@o@ zkF3tZwMZ$pxRa~#*fQb z@rViMo1mrwIQ;0>?EnYF8TbNpSISzNKrr^0eB`KS+!=dSmyOpq^iqbj#2mIeQDjuL0m=yLlj(VrG zgFE$~brTv}m~0jfK2L9-)qnKeR3xbh#_2@~bct&crD^&Uuk*35z%v8lXK7MIH|U4a z2eInEV+pgGU@}n18_dtMZn-aPT|qiu!dz>xqGlNq6AT@ebgO)`QXT#f==aHcevyQ2 zPSVq4jOYAzxuwzYE^eo78qC zNs+m#fZFYuFq&wSJLneQ^eT{wXWkOs^qmgp{;h0H1@#?YWL{u(&A0gdUUhZthg&#pNpl;Li3a0tDmh# zH-I*TcuJrA$b@RPztc=mUfJRc9ZxLz@&$WbU*Zn{@k7cV=wwt)o+rsRPqDfL!-daX z2i!a`@7OXF$Uem&Fq*4(JLke;j12bp0eus7dfx0TymAJ!oaB_H!mxW8p4U7)m?2L- z4b@s_V98r?TY*2Bl2&})-?+fFTe)VKn`Uw=6E8nP0RR!B+7Ok@PBM{ zAAY}b7nv--b^p-Da<(pJwJ$mIgtgICnb_F1Kh#P63%cxm4;Rk9m z{WpleNR8N=<%B*D{f0^I;OmD$cun?8ayLSA@YnP&9N9I9KbrRd-{e#IKU?E zy{Gzq2Abz|ji&FrBn(!I%zHaCi%i!^l_|p?v~>SPMI!eEV09~!Rb!vZqKNXkQ$|~hadscLTC7HKEFGOHI+E0UWV5$rc>PZQ zD7%xgdKF^u1GQlDV_AhiQfAaf);R7E`OJ~4M--^;kcBf=pgZybF4w zDDk9YK1FTC#j!}6{fF@ZW?hxIz(?16tRu?bojrrqD6HO*cpU{(KMmGac;lZZM27XX z(-oJTYjlfohcbyjj7r~atvo@cl7gvql$sx~`;%=F8QJk%d9#MC!KRgDQY5nS!|C-i z*qquIUpijXZJJpO#$o7ZYGm;cTuq2thk`3H=tK6*=OkZ>`?U4j-gNWOdBcTjYVm#S zv04f=k;s6oIfzK{iAX9MO(WIZC5}9I*gJRXl+L|li&_Z`#3ja;Ct&XMnpX3X@xSkZ>1BbrJ>x&AUecMgw=CtlkVDTFV3SF5LIfJ9Mci z1c4GEv1is(6>p-@*fsFm9$y5IK5$bl))sS_;oz~|9C)Idu3Mm0U3_&nY0n0U@S%%a zWBl3j3=QMG&*fI?NVyRcK$IZhYq_`IkvjD0VRxm#>xlcC<2Grt+KW?kGV%9p^G=Y% z@^7cBc969{D|aJ!M)r<(XFEEk&4-@+2(oLIE)S;TTiVI zTA~>)P0Tc4T2+ucX;C(6Hj17tCW@M#>d? z0$m$C@%A36@)|qtLuE!Fjh*`VrIc0bo&8HiT0sWP6ID6r!;_?rFSDx^xH(!85%yD^ z64WIVdSTar(c?b)SM_Hd{x2upk4DviT7i>1fU-Vpt@eWoodxtc9q<}_}>2h8N z%bkuu-}d#j^Dok@S;AiD^IS!}Vv zUP?Meo?3}8?2%R47J6<#3pWprlM%e}66q08-gGjDs&L%kEcW^2bcu$>3_SElM!j8e zfEClHxM~w7ZjBa5<~H^5Td)_z6pz+a*}!#}!k_N8e!R}yUm6x|T(bDq>i2w8zQ=F% zRvN+WPY>DdjT%@CUl*~7d!cX$+Eofho*bI=19Ve7;h4qLna+fqlTPGx+@eXP>if40 zVG4)EiQ*)<0;fazM1Fcpoa%gC<~MHVWOYRF^xefLOfda$38d={oWR}gARY&=JA;8{ z*0~p-NtYpy&0`L2upJhQA*of1pEPeYh&?dpt;D4J0Fs)Yut#VIjb|wP10L zDfQg<6vCeB1}8xxGu`8r3Glr8-i?RrEtr&si?ah*Q&AM#qnYJ(>c~GeKe6sE1Ry7Q=$GDGHd6GUsbS@%oijrN`e=eG?8@^Hv*b zaF|Wm7f-$lH_+4GyZq+m_Y+Y%a{_`c1Cn8;smrklcl5L0fz zM+@|ja1TkJ8of6cT;rmFJ%Jws*qeEKWeO*s?KNAU!brxPs zpHw-k{mfqMcS=8{&04nIhL+yBw^VNOL!US45e#Gt@-!qV@??6PSrl&@ zLh1gvx;^1SUMRxQaG&aYrT>e$ySpj7Vsam~!*YXIjHD@*Cp%%(h%Q}Jnli>K5umjL zNoMNPC~T*F(%bV~-SOS`%p(+e*v<-UxS3q=3MqB)3q~Hm()U8^gRZYcN3H`0XtYmM zE_tTN8POPuF$g&tJ~?OFtds^Zz2W60-p~FR*Z%!sgUK?YvwnU5gPMHaH_#7<9j32= z7hjkgi(eb7*od|gizSd|50JzkIe$$v63+e@>P=!nV@z)JZEba#|8x8589;9PwR>5Q zu15c<4#ONkMoh327z5N2A|M`PTRVjNsZ-n32BghN0(;i6T_?jV;jcRY61##LopmSf zJkqmBzXQ<%!V%i2U019 z^g!zu_!wAxALOuTk)l*jL>aIz?qM~=4ZJ96L58*H`g5=n8yFanscl>x7730+3uYT$ zsSU*-Q`RD#U7U@bPi7mG`jVbI05**b_kigg3D%~!VLTo6U7face{MBwo+YE3U*jkCT)&LA35)_bgm#1%lbm=<;YD7t?pkU}}>;*bjw(rS0y zOdlhW>RN(doE`e#g!!UlCj9KW>AJ>QKP+&0(0v}YiT57_3LYp4zo3DA=D2=I&UYyRa822qz;e!y8O0!;PR8~Y=V)Anb z%WrK~i`L?6uRR9naLIO!OeU~B$6l9Em7T=UX?WOho;oOkvgAa*B*R*7yzO2d>$wT074;2!a4iCby^nFF1fAhf9GO_p{zP?y1Qov())gaZcyyGaca9Vj+cWnyknuWs zR!C@2l3sYoGlNl@k0^3&=gF0^QftI~0+7_lBQLn`TC6>Q0Iz&R@vLz4k(_RlQcFB0 zXV7wL;tZSC4`K1MQEO81TH+)fb9jk6^U1A!s~DA2yItOd(c~2qQ&3c;sT<8i{Ti$k zsJ7G*jvq^Ul&Xc0mT;{D2(3IYn#4)IckaopKyW^&>^|$)r}FZ9m7gsPq;y&if#MF$F+|Ct*4+_Qdb_lb&h^MUwUG(Yclo1vk zGCQuitIb=otMg<;Haq)b7CfMdVj<_S9)(|&-PoEcghRiS!t>nbLyLDw~a{#>h+51`+FhAoOjnW+rAvB zkC~alsvPEWVCh1R<-r{m!ek2t&j4Pu%G6BZvWBPJ`A()(_yJri)Ls!Zb?M z1_srQn^+HCh)QT4EK(!PIN4p#H*&<=Em`s1Lcc70>!9>8loQ;?AOfgEj0{(-tQT9c zC2r#$kY?RHSPDadEgQQ;DayhG4|3{dv4%$Ne+(t4co0>unf1|F zxyvI0$7Q+Aq$~QFME9Gj2a%CObcvSt1xs+=b79e!yf(`?dG5GAK=paC^ZiECwbwV& z?p{uM`FxxAE*eeg#wj~QZJ)s2dG7NGW8KL+Y%ED8kHWnA`;aX4B0547at}5&bCi`* zT?W^YCl5XFAKstnJiZ&U8fT9HV%Czn&6x-d_(nWOYL0h*z?Ga5>m)-?AU>Q;{ajbA1{Dykv&(9UH-4->}a0H>0^6sGXlE~`HheO{6pt0umw?q)WM zC^I`hh6B0i^IC9qz<}WpAD2;twx^=p7WbHF7%ZvA|YjCx5YDKSr zN91YFuxfh?-;c*0V1cTr&I#2;p?Df4x{7!xek4HIm@Gcny-@=M*O3 zw;yh1utgU+VKPMg+IZi-+N}Sf_5g|=9dXzvAi};G=Q1yHxq*hT+<*myZq%&d5l`E7 zkbZ7q$rmB{9v;UtH!@2j={&Om|-2vO#LAT|g7YI>j5F|k4c2o=J*vD8A35tngK|8&SozR2MQ6lFfiP7== zYJb~lx!lUCr((6{Tjz|^s#xC+Czc*4HerygKs|D)P@fbn3G39g5?(kOC)C%DX4XGL`53ZJgPdnrm|AU7mdl2ZgLdjmu+T-zVs8aptbC=kUD(-+2i4h7EwE^v))0~#(e2m7 zH<(;2ma=+nR4Aslb2;{Oyw5dv(<+W;05oCrI7v$AM+d9C7E^U1*h=!dCdRm?xY#wx zEO+H-;a;KBmIkbkjX5X7Lg(@{_ zlYvgj>U50DM3fIJ%5*v(Y49egSZphpVC2!7?%)*W=7Q7>a2N80y|QaAs7dlNuy^I* zE`ElM?gH##NkAoMbo?orrU`l5(me-4Ck$mnlQ(Q8l>~CV$M= zax8X%5?@NxzM-gc)M@e|St_o{0Q1mE_|Wx-wz--pr(^{SI&YS!KRfn%nCPSE=>lf) znYvFiFllyAoL6A~`|S-Vlt&?{5ii8Oxb(4BYElj*C0^K+=__LfVj<{egjZTD@B2pwxdqXC3 z_1~Gxmw@2=HRHe;ri5Jx<^;Hc-yqv=mwh5TjAW9Sgv3lk@-er_^8w|eMlW6Bn6f3C zw}Yp0Mda5%F4&*BGakFjZY?O!IdZ3`7dnNJ!@vB9XEjUW)D_&+P`Zq|l-=R;=;sJ@ z+0BL?`cz1~bKa)mv|jDAm|iwusLM@yq>kP0wlg8ETz=iqYUtygpI6>}U)8Cyz2Y4D zbm@&j#}z_)z>gN*>Pewim*L`d#zo*bx_ghQSzoJT~$B=C-rp zh4u9dqja2Y5wE#;e9B6Lb50XR(QTTtDapP{XReO;p0rd99<RPEZ z&%SzN53K@#MuYk!Q7#L-&)C50J{qNZpT8MA@B8XPRX}c$tbdJq_eycQZttAsmVxlj z7w(SZM1$jURVNWtng52(=biI@9sQST7A5=Zig$bbg)C%bd$Qc8vVXKi31CXRkIJ{` z5ubgOP)2Uio57#hF#oM?m-E;`)5lr>ioz#HgB3+J?U>4~i;Rybw;3i}5##btucsgu zcUje+DpAy1u2H$_IiCd-#`2YdsFC9nPfteLi%p71M9m{eNJP9q{FVD;F7oz5mX_#! z#~79tLp<%Pz3eJVP0Dwlv$``dubuUg+8H693#&Donkl>S65<B0Zm4siN5=tst_CkO zCyUmKV{OJoe>=2%-lIw);!QiG_fo;$&PKT`-ys{G@Sxp{yqEJ*_^#J3?MfsIeo{}e zo{7Nc>JyUP<=SD(CxCDEhnuE=ho%@YW8ZD%o5R4;b_#G5(i<~{;{tSj8uMq?V}+9~ z_rn2JB}#`;6(4yS>hKrT5*Ivs3@YnA9j!fl1k!0Ekccu!WsB%(TN4tX%}~#TmpsTh zu!hhyuEBuPY?vGH2Gwl#(V%LPq2Eixf`Q?CUub)%QK|Vb_xOZ@LG;5jTRRH0 z7`e2{>L)`}`0l))!K|ivr;HY<_a~H@t6UbMc)Ah~OJ^@6o%l^?gygAAC8+JDEC@Hbh z{v)zvG(`MgmkH4{Zh~BMcwfbqd7R3TVT;UGD^+zym`g_R>?UjS_Tv*;3cd=d{%?=~ zd_E$(ymATL`p8%9wRgywu#&`or2EHgudhjw8VoSLmGBA48nA$!noWl$8MzW%c(K*= z?(!TFO9>AQ+B|vY&3^lIRO?NS!S@2SNlvViWK;6+2l}oi1|}k&-`t^42`5fusXy|H zQReCuS{R`SRwH*KM=B2Lo@p{hzJLqYXw|iLp`n$4!5}k?rl8)P$DbxfFL~vt_wY*P zpr|v^(wD+0s`yENkqYM+v@c>LtgCaR-vLIu^P@Wtu~G3=rvBwvLEhjyhY;>lp7U<% z7J)v(9NOeqBL1z2zOMVzxm?n5Mn&l5OcfBXVmNE-?i`ed)ZIj&-Fy(jCTX5+R&B~fKVR7irx zZZ`NhGc*(!+^9X2gr_gn&+AI;1{#ZhGmu*RfOy7y;~vQ%kO{A|T2Rss0f=ff0qf5KkeKbEq#b^Bgn{$>3n-D+67_*h(fjv--5||7Z}sEe zva0hl^9@mo%kUlg8@?(MX0_MzLqG4Nv<*E#4Tn$*h6C6cgogV%_eM>EqE3T zIcv%Na=^$FsX7)GMF4;BmbKkTp|AAK7JX5dfoB{pJV&3(nNqO(yVhE#?$<)sfiOPRZqOSqm<~_o0%A%MgF|b)7&4xm^_~K znDDN>)bj9xb|K_IQItLdo}P1*J@uVRgu`}dfb*5y?1_R!t^2G^g+jpZb2=LD=J%M7 zZ6$9X(>W>^q?z4Xf@QDtj{f}OA4ce3KR!VN3{CK0sv!_r6{7`aATcoMB!DJC%gGzBy-m$_l&gf8LX zrp`2kvZ<;&ljjQ!i@@~jIBG2{WgK4{0mEKx6#Ba5tOx~PQA4eF?X4F3gEzbrHohEd zGI?5>?%JqV#uBh*8j)x2nI8;1#~IW+AN;4-P$>xd61@xMt&;BEh*8s#6X>m#pt*;G z)wT?O4s*5o5buD&^5jMiE%VSZP_74X@+bNK4x2a7K4O%k7oN=Mh<}D~v>2++^eE%c zPz5I@AAIceG>Q8tPNmR-QCLmtJh$qSJx01@Bq?IkGs4lXUgE03!ZB@- zmPc9_nWyO;->E!W+m=Uu_@y({yVx%^R0|j?A+gyHk&~F`j6M0XOs6`3XL;hd+Yv;L zLUK#v>Xhk>$nkhC2~cpbS;O-3z@?>gXZ9GtE@_3;ccP=k$mli}4cQ=g;Ey>nqb5Cd zJfMB!qpJ%>j}pQKMiU^T8cJ3%<y(@=2j4ELNch=F!hRzTImVnW96s5Jr~cjS6hZe@b<5b5cnoJA%SRriGoKb$l4-x&8-@jrFJ(W_5U^=C`-2Q_nV4Eto?A z={KU?Q>@kmRhy@r^&-QJ^DJYY+h!kG@`A4JSB`CNwqy~-cfiKu18y8RQ zr08nSN@Q?g1_a`vT@cbOc>5J3Zz+`II<`}WGW@OC zQX`&ykZ2+;`}Oq3>Tn1v7gQpgb4%O4C=bZM=+Mt1$l*%ZpY_}t*eLfN^S8Psy;IHv z$xq$3DJK->g5Xo+&kI2Nk~7;@0mKx?=276e4IF{Nmg*n zSz`(@WzriTR%vXRW4T#gA?u3+fJfS6htEA3XYGP^1fQFUc`*JCvYKc&FD9x#RJRKK zq4PI?5r%+@UY0(x-{ds3ZD2>E z0w(_IM!$>Ime*m$|9;MYVEhfVSNG%h=d_L#PrC=k1l|BLANn3##I4FdK1S@1;vuvR zrj4cu-Ustj_Wg1i>S%`r`MpM$f$b^OrH*J1o4!hIgiA>MSyg@qZ%uYz)=SJ$80xt} z``BIT8)z|7REec8wt{UM^GCF-2~Gm`!6B})Gc>=2g#V2AX)E`CMjc~44qwfk0ZkjV z4ew<9d{FSQmIt`uivTJn&z}pzy^LfFF2SUH z#Ahh~HvPYR#n+-0Ln+Zs^$^ifXxkJHe+>6`DoBNL=E ztCac`9M_la)t{2>0DstHKYcNSoHfHAZuAJ(PDrQ~NpJ}lm|;#3;w5Uw!=M^)#@6*5 zcZLhe|J^_Q>kewt_^QZX8HCgzWWIr&`^IRJo)81Cb|DxHgj0)JYmmec(Q3V|1oFAd zjOFhB(>?HEOI}AjrG%HNJq67NQ3rzfcPdt_TfAIH2e9lEt7Q5^4oF;{oR@7VLUG^r zcYp8C4uNkw)!uq@%I8R{sMT5^7%l5A#CrRG^km=w%aG98t#!HNe&0Qu-+wQfb^piM zSVA6~h{dYxS(TzqBnn7+@h!AUS_RRBbfF@gnpC6#syf+2mmAfb1!+(dPzW}nYs^omZ^i@A|{Jxie zN9-*mhOr06n>EexOG4O0kA}FN_2@Ohz9P<3`nRM-02x`jPk>7&AP*0 z$+$8qFxpk_QF4KVQMu+g~isMaTVK^{?ne#p#vWkLSq(~KAw9n|Hs+QO?3O9UTIRLMZ zh{lfknpryIv5Ec{&s0U0o(`Lx&84&B{l8(M>`Ps5mCD*e_yAoUX`C-`LS(*fkj=5< z*Mj&Mnq0oOK;D3j_Q;()_!wEcW@-|bvjf}OUF{~b{_(Fhu%HpcD~nEghyT|-V+7zTXE=yTb)p{$>=?R0vJs zMFpLP`QrUGdqIao7xnAKMdc4d+RmY^3YkbREUg<3d48&t355yRhWRd-s4|eNkE;u3+u8c z4>sZsgyO&T0@){5RJ6j!C?C*0b=)1eE*d0arXi(`Rz`vP0W z<51DTsB=vpLbX7Td8XKgDizu(GG+w|5DNz;yFl-D(rEqj#d!j~M zd+j(UMT{M0aK}IVO0Q_|tvBwnLy=MiblKY`4U3;^4?eXXCjEmBzNd~T%Hz1(m}RIA{QVPzC4=1sW3t=v$%pdBBnWXiusQorp6)Fy1NIb7Iq| z=VLOq$EszKFW|(LjERIw3*&QkBT5TM*e?{K@{0SiO3dMNg&t?Pt1HR8yg8(h+Q2^d_oN^5Tpv0Co(HXr?l6=_BHOl7UGrtqy+3arTcHM(p{;1saL zqib&^p&OhvsMGr4o*8WThyW4pI{()ujUD7&892EMesaQDXV9uo)5P3J-@AKv*p|~c zygj5V1_EYo+WiVJL<0zNHz!(kMIX+-%e)SJOf9u;$Jz!Ux zVqA2WwZz4@zqo#)-f21g7RlVR{UkQ}`08-}9vS!LMg@QvQ)#n=y zR=+S6q%vv!$J2?xJ-d5_n$0Ek-99hWw*91*eFq7*xc&|P{&6k}I%pPP#{e^Ukq5(Y ze{o%_r}N~y7kU8{^)5qYtEdw=-Yd#dczU*YKP~^lKqs9rFpZDC4$prvjV@{3W;T3W zBff>JX<6sNr=YWsnBofuVR3oIcma0*4YgOEl#Xt?fXx7mkk3r|{($#~B1&bu!9 z?Dhs&uP0-xsK+pL_l)@Kb zk!cRc8Es5rI5&}7@h=RCs6X~kc%oCPeA&Qp*{jwINEpVMoX3$Y$Y(QpfcqTbp!=JV z{KeS+0t-_<-~2Fgnd^q{=i`t}VRq0QDt7@g{kXAy-yCGIZBpCRcZnH83lB6NDo!Vf z_ywv14kMB8&F}cwVE1oc)ojoE#uDCy&)Eb%=6OmqWtz_MWRub|#Nzd1L*0@>eY zf=fN%m8_Rt=Mbkr_YUsluwL^7a|uy1yk0V7*g3K%1q1D3{@tY9#QJ(~z3ghrI4_-P zO@HJ!$T&`&DRZWK6`NADJ28lyT_H;6`v>##+hjz)V*ydLD0dPWpCzB8Z<<;++Fgov zJ|77FTi^fKJYSv{Y1e!H;`00}8v()DfYmQ287MFv`X$e!CI=;BoZNg zOi1kiF5Fp!>k~OP4Ex*tA{>(m2@2{KKUJB#Q6&ZYZyPw!h0WZw6qbEC)V-Wy--1N+ zj1ax+Bu5EET|1=um~uiwH>%h6esezlX>C*r{JubJ_QQR)cwrXD8BKh^H!QM=T?4Kr z|FO6VeKhny%KPqhAMxSId?EI$lBo%kOYMP+Cva5r|AHF)zG1T-f%n-GF2&btDk*^5 zqb8iW|L<`Q(<}`BqaCZ*S^dO;Vc8l)*nk~Ucj)`c2ftVyyNAP8JKQh+$=UdqGXtruxtI|4H^A zNb0tPZlq)E#BDs{w=Tlm(cJRi*Zze7RmcJ32=O6x33p*aj*nf~QHN~3_?aR+fL~<1 zi@XCvm`Ei1STEXF)&_6?X@KaM=HjLA{`N+_Nj-lYgJ~s(sd&YdTDO1YeYCqKo;E%2 zTWWJQws+Rhv=;CHso%>wc>T9I_>M`Xbp&oD0Nx6*d%ck=neiCkR+57HjF|IahJtNS zN_WDXmX%(k*KV5v-+$2oDuu_s0q`LDNk?+NuQfQDrj~#TtcNUB{T*4YBAeeY1dVuX zKRli&(NRyod3hpyZwdB7j{yH~68s0ui=z3S4L9N@1BL}=R_#axH6062-wS-~NY2k5 z?RgcQXFQlxn_ikNoNK;$*Iwus=7dV&j_;-%xop$y@iSU8{RAK~V?M<)`g~vTx8UlZ zHuujzQi=E?;BJ{ZUs=&rbBR>Vn}-TY46EE08V26QiJ?pN7F%wxH!_h)asFK&MAJ9` z?HiWM29IZTxqsZ0O9m{`j^>zPC(b`FQ;VAYvQlkR$i9T7D(~lbK&VA9+R+!hdK~mN zHRxNy(t9J5M1THYxol~sXz0fRT+zl|4%gg>R7V*GW`r1>L6!SC_psgMiv3#@!XXV} zi)g4daQ;nb9&eJ${=o(C2MYex$xP!z17fh;ceCX|ms{^IsJR8LSf<=#g^Vo#Qr3T7eC_(dasGx6B&)2K^60!m44E*AKasW+V zTIC1eu=a-o_!ly8hpzOSFe)+hNOR3_p^&mC+C)mJ7;ue*<77)!8kx4A3qEMS`QP=r zN90PCt)+`vjzeXKtcq{TJST;$i&sm@AiELi$xv8}2jC;?fi}@EcEArCXX0dDLEEi_ z$tllo!=@exCqW)}m0ZtZe)#Qv`iCa}r=js(#OgUW3ks#xHer4m8y}*?_1YdI z;V$onJ-V&L-?Zzv1V9895*5@P$N}`!Uan>R#X4>gtk>=X3Hi-W(rXAQYN#ExXT-)> zg*<#1I)|7_tm|;KSpK&Sn1^;>8!kio;#9m{5=h*U9Nr3IsD|p9Z-ri+-03yYc5h>0 z)O6N=_b?Cc2fH^U3YhspuBN8lhO=J9BUAT=pr59F5SPPWZ1MiSdH)v6gL|iXBWtUf zQ29b4i_f4dL!P=bykR3zxcgehP0eiQQIRA)Z~JcX?EKj;v=-3H%2ofUaL&rRk0heF zruVEQ-Eon)3LsPp zc}tXJ^0is)pNnAqE#_d-+ARlT33I;0D{EsWHWbvah6Yhz7V!m zYz=Wg;Mw_~fA#8C8v>X3ry3O~Aom$Sa^9|@h zrxEZEu0Nu{2$m}Bs~7Z&c;%CYXUiF&UZU|!5UuKAlK$l6>O!B&-y!`T!~36@{z1R@ zVqFLX7%_1@U^<>O)*F)mNQOE7YQuj=oCxX&Zpvh*I=3xeRAK*cBWpN0@qhfTe?F!c`nL#wh3eZf;*^Lb2zlf`+SrNJdj|GqLb;tLIwJtz=H~x9eLs-#Dafx~PoU>yZ!^kO1reUkk zm9jxP4YENg4Kh350*qT+;0d?J_-s~lC?Npw9B$eMpmrKM$IT#wS*Q`7zODZITL`tbTwjo5$Lo4Z%J6!AM4SB?JXQqyC9t%#0i~>bIGqXgr_rkXTi4Enkf>6Xro)U+Kvg3?Y(RW5tQr@3Q13zEnS9>6Y zNd?8lc$+e#O|ORubMx{zfQ${iDUo9G3gnP9W{0c~uQtJN0Gp5?YJuqB;g&BR=futx z0$3#L=T}F0tYqtwV$URMwmdO34aici^ct&mAZuol%Bvm=#lSi6qqTkBZJQ1nOP@PZ9qGiI70Yo~cfw*Lkh(9GejcK${wN%5s6Yt7P0eLVd z2`EI92!m2a)8INnYrJ;(i*!$ZL2*JfxVS#jw{6Y?VRa1jcy6tM`&>7;EqBe7e8&@DuHjXCBtd;PKKy+2W}J?Do(7N$o$=P+0C!c} zZ6&4!^ypwtAN1rNa3Z24*gw*?BPA&~fYC#MG$=)eH6VKlZdp01Y7FGy@GupYzF1EZ zh=`m8^$QwYo%Q>SF)ckb31O+inyMhPEcKOEv?(Y@0x3J#(Xg|w-KnXmw9ou*2g_-! zp<`l$_LEKV(H)nl6a39VfG2$dxjy(^gdFzHlsubXNrKS(dFlw8Em7A=AuEN}PicyI zkv74(n_yAQaWdUMRu=Fh3<^v%ZmFi|-(dw;1T5y&O#%WY^9IO_w)+5ZFM9O=b&G^TP zvdYevuWp(2C6TNjjRE8=Y2d6zYpuu%ctZ_xW4I$%wz`*R8iW76evKd?i>p9;8{P)@ zBTkTU54%Z{UEn0}?Jc7xULX59MU@bO@1AEL0KGqo?|OgtCQ)TuQYB3*KRD=S;{~#O z!mJ8l9jabW<$(5Sathf}K^dGp)(7G5@J?lh8}VJptuDFvj}M3KzN{ysR)R|eLRL4{ z(h)D=p;h?~57gXqD(r5Ecxla@kO<(NwQFnF2T`~)Fbsn)A;)3S+1i)tIsQOmdKJf= zOFAdqcS+uA<4$!FUM^QITOBSa^N=LxDYF)Jg(pr0(j8Ux7|M9&7XX8W&fP}x(N{y= zg%v|mABm(;s#1e4uPKqhjL9y&9Vr`gt?Ig2VHoZn8-dzq+i?xMWHLjEsGT)Fp_*&K zT`gsp^inbIj!0qcYCv2uJBgKnl|s)6W3lVl({iY> zD6ncF^Ca^;K?E&C0U4MOrO6RjE zER$GQ$K1WzN)Em+c`!`@bDul+Wn)o`DS%-Z#g5VTi$q5Bz&@A{Kr3xQ;4{>Cnk zXV3fBcLhj;fCRJ~XtH9WM%U><6r?zG?O^$pvMWR4OQ6SMbxK*n?NP4Umpjum0GOzS zUX949x{;bB6_%f7h6~>*f6WAYDE27;C`adZ=`|&PpvFo+n@E@X*md5wOoFOyOpjF1 z@pd4f`HofrYaU}26~Co-4QOM0Vp&p_D`(&%=CWMpD19@9FLLen5dz6;J1?5qsq_XNVz;4X5r2K< z8Ee;HP^T4@KXU@;cMaE2M;_v=#OJd6*66epWzHMuIcn?OwRu$)AwkB_gqQubd#cZs z+rT5G32WGn@zq|Ch;k^A+qH0aLn^|BjrAOCwpd1oOt$ZOmTl6X;$|ZbZU^ZxjLzM>?|G#@uV0iCv_!sabJ*P@^M z>-GFK>(lB-{K%3b!Yi+Ur|y`GCjh6skMDjH-Qt?T0yL-?OLa+d#afc8fxVuY3%C5N6+ zCx_Z5Wpip09lS%UzEp^;R`fBhO^@NKGb6Zw;DxzPiKV=9?yA#1```#O1I)5j1MdQjSyF zbbGVIukhjGp7j=l^X+Pv9_-q&A?X**o;{Q))VeTj$1UcOp}rxgfLy4B;lBkJ5iMSL zC^4}OyLG?#*esm)6huJomaVzD2WWUy2fHDE65u87bcMX+qMSj13< zm8&Zp>Jtd`cKy-qW;kUD>K(CT+I5-0yg){p^pce>#^vh9EoX*rGyrSjG_x(3Y-u~Q ze)R%*;st&Ow2v)w0=6GakTJR_|c&iO2?6G<*6VI+qFD-+UlleMz$ePP^{%5>Z%cL`_ z336#m+5#%ICF&Gc=miHZv5gb?wCw5_2U6faxL0QChk%DW^0761ABH;Idamp`SNA=HT%k5 zQ4D9~8&c3OD%p;krUnTrkGfNS=GCzBkO_`saE6^bg5-vsL=Yc;aJa+G4?gu{RP4B~ zF5?E&K=YJMO-GN^=XgY5gITm(vO@&nxLsV7hNC7tVuh_NRgiL8?U&gw9(|GxQ0n{j zN9&8@_YCcxC>+lzU1cfNd)b6}3U3J*YPp9WdJ~`<;}v~WT|eR`NS=H-7QxO$S%;e> zmQ#$D@$nfwQR=xzlTUMK!mD2fw&jQ~l7@p-9;=ajUu-WFqty#i9yKQzS!TLy^Ds^@ zGB;?D#fwN_S=FL`Sju@j7iZO-rz%TT+tmM9?alRll&T$_t}qoB8w6uD<(4w-SGKk$ zbZOCE7Y6v=>%c+Ii%#aOo+Ca{!vS5%1*#u@fWARl-VQR4QD%e}agAWYE~dig^oZ!B ztUL1aWxpgH0h`&6nAHQ~r9~qZXztq#3El#t+^o&wE{@v7?2ilhS|+^<9A@_y6yk7y zTqR9x!C1={;4nJ-fvnLyEs12@|D`#t7`y2PSrg$Fd{RvJn;m-oJ|8Ti?N?005%l$A zbPLkp!Ujtd0nN^C4FNgu9ON}LZ>uKm601*W`rZ1cd}MU6Yo9qcNl`5Bx<0;jvic4v z1l>RwpK}muFp~oLa<))$DvONgQQC4%f^t1f>7Qy8%5v+UzxS4b@3roe8=5A}TH45a zwJRmFuTL5}3~q@R=xZC(S5^#hO3U(wBR9eB*Mtt-f9tS0zi zkafz25SVVYy|gqQ-|r96X}2#yuM9_`d`;iyxE9`i_)Ql`T8}U?)QV=Q957Jjx0?|? zjE9s%>MB0{7K&EloAzuT`zn0)BH-f@*&&vA69nseDMmUP zXdSw;8YRTu0A=A;TbX!;1&GP?w0m{OB)c+Ps@QU+9NBDj*4qvEma)h=XTEp&0_f&) zy%aw1k3*w2&V%7bzHY9j@=@D1yn3|0y%7eOyURsYxeQng_4C3R-RH?lrBx0Ir$C zYyPm$ib`3f!4!<9st zLKfmndykC6k4`Y^tX73YqLP??EBEtTsND3HQ{;X519ZcBt_o4t5hW(o>D4gg5l14* zUm73s*y;t-Xg;MQf;SWKs`hQ(z1xN_#9<)-vAKP^hkpQSi3L^853ies>mix9TL)!*NEA?%6&WaDu<=%bOa^mNaJ4yj+|2Q;;$bWx zZPlGgeV^hG4`)!9Cn|aQQBu;pNMlY0Q%s~3)UrYcQLRSye3IaB9n&_oM!5vZLc+-mdL$O?_}qjJYw@B7^e zB{ZWY=EGBGpK+Cp*QgWAyX1jU?@k*#5SJC~ZLb?fo43yBG)#2_+fOD9IXK%sPaQEN zG*?ZwP3%kAF&DACqF~ctCM#P^cJPkp7f8Fr#`E%umg4;C|JD5+|7xyazJF2tTpQQ;X}sx)&%=blvt109{z$rruI7 zX#CuQtYbLsuarC{vxztHyE&oqiHhj{P_^vmz}(dc=&CHK1>@f~*IhA9HTP_a;f^|l zw))j$j6>Z#>AGVb!;g&(U>Yr)3i5bk38#Wli2JR&E*(wPqD zV91S5Fw8_U`gQm!w3rz2-%Rr}Cz7pS+Li3^s8VyZ5jRHf^tYUb!*%s$icdY`Hq-4O z3-L(ydUCav$_CuUmB{_$njrv`i4!63>;L9($j+AoU=gP8#EaVEKbmc4;P3$=yf`*h zw)76#9<&xAS4#_@I4z5}k&3g0cn1pB_aPe+=bK>^jbBMmIMu2#(csM*gBa5}bz0&w zjDjw%R~3H1o~H4d%so+qxmEF1qG1}_PCuYaPyYPlxtYCbWO(h6Aj`pvZ8TnPewvr0 zBgk>^VI%SZI5o`X+g}9|%#r?;{H*JX+)tLgcy%@u?chx>Qjt1DkN^eD4}v4#-Kv8Z z*zKz4tTL&25 z5~hKgL#1Z3A71k9m<*Tswm&aivy%~g?n9wK9`a$FGXJfmeA&L)I7B0WPa5;9vDa?B zKm>_hUF^)eKul1tot@mibg(2>L((rHh%maK6!zgIfCGXSv2lC1z<}D1t@p4;*oO4J zQm~I>+_BHk?#N)7t7jue7g0QKO-hAq97 zH%gaaNUOm#h3V_>trP73tY6J{bXLCOj8a4d^SBC8SFn{f6dZ32jf6hWK2F!j=2VS? z37mLXxciK2$RXku0C$)hD&33|?v{6=bnHFqIDZD8ysB0xW2T!|p>#Zzu#Wm}bk*%p zy5SWCnikn2R)9AS<@VzReJEBG)oHd=6+k4YGZ@yUU(0@a?Y1X8!W1dY)rWKk?oNXi zxo?x0*N#HxIRt}p66BDlxOkY{g53!pJ#9j}CBeA2bjgU>=r*Nm6~{ihF=j<*xh{HGCex}f(P5TY%jSs9slY^u zGJf*#I}z0YRBQ2^)F<*9o6?BHB$#U^D*<`qM2&_oy3!--p+Jz4cTgWrjBq@^21%Vj ze~(orz1kyHm~lwG1ANh9@ULS2QW|wDq9UScUlGb^xe-rs^0x~S_5py9RJ&v#yQnac z>-kBFAG=*g^XyKG-XOmlb!M!VK?`R?(5nOVm8VJ?1WNEZpvW#mDercVz4cF=P}JN= z{R^?{gWpV;!F%p!|q|xD^^QV zu)Bf5P-tcCh*wO}3kEJLWiAu;dK2|Ua1u+&BQV7%_D`sl4yka$g|y;aay8gt90Gq^ z*HPjiZNiXg6(Jj3<2X8fGrewO{!_#jdP=k^=s2Fnu6+5VgFUW@+XLMNUUB>e%D4G` zpH&4;mG21W*NGBC`fylJ4eOm25}kk%rA~-FG43^iu{|9h{0=)xwTzJ(W;P!~(IPIR zs8<=wA^N{;%l3bXI}+DonnqPuZ3?j#M1cJW!MYc{kqc4s)JxGaCCY5|MiXmED!ena zZmB>)BaQxhVFIifrg|UJK6?HF3KBVRP3JgA5)K&y2o)c%o`W2ysi)Mx#1$|<*nN_B zxZv3QC(Fq9Q#iwK>d5_qYr*rSK&ePpHjky3%J^R-lYaVk8B(-}8sUZQJxZd=>@ZT$ zgxZw#Th!t3T#lhY20M@L>Pyh1!Z(csEK;($$o)x|5ol>$XJuVN%JDkw-Z6%pp}5q*G8lu|B3~R{d?O*WyNn; zeBx!`!E5-S;7*yAo3zPhD+Sm{N!K?=2-ULQg-NDYflqF zXXfd(k*|C{dh`&9csjRxYMvBAZ71^Ok6s;!RM`xud4BNOztzv$zV=2l>fRPQ{%HW6 z39Tqc*pW~JaHqQHt_U}UVW8s_CfYBkd%|Kk3`Fgkuz|yA6D*m z#y1!+vns58Y)+wLjz?0FqS(dyCp7XcIBRk447lyGAo2x4_fT}cdF&T0rBc|lxKd?@ zrsd!q<**l`(hjnZjBRjr^B}eRZs)5BhmL2)e`~bXe-? z>iwTCvZ8g?ZD-h+%n%~dvM`PAT(Qm4jbBsbF2mbi!p!uUN~SPfC13fOQU#`xZ0_GV z4b^wgH9xn~xs&9-7{d;`LwIu5phF{Wmy}DJAt3$hJlflLC0iYD8{RByWTdjBNut~VNYyF%ZFv0{ z*_VRj)_nCxi{U0jJkPBgFZOl1{T|mj{~+MG%RI8swxao?y@F{bfvt*W6iz)^{c%}q z6uqg?NPQIl%C|3bz3j%e^A%N{Pjlf>v&&qH@uIV5*Tn%Oe6M6lxl^@#uusSe43U0b zdp_NV%=IR}uT*WKcYJItNZ^pMjs}Ns#h z_XEIN{LWlxJLxn2)j_K$UkddN;!=t^QoD%FS{O^{kutVOuj3K6y4O!PXfD@p6}0o2 zVc(Ahe#yU-Y9bgHV7iWO#$`|`kAzYDu-1lW@e*an#F2D}KVrCJ4os&W*PfC+@>-x~jNcN5sn8sAHPp^>!{3*=qohu!vGP4t~wW{CoQ(q$`7p5ehG^Pfua zX{l!Z0P?&v$tts~$^;6v`+x{(jNz=z<1L_z-Hs~yo68K1$b>PUt5eMK*V*B}?n?vL zP{$!HfK<$*VPWJ@eg~i+L9t#|I|LKjDJSJC<&x7~^OciOWN*G1;@eTRh}^$WeL7}U zR7`rNuSl-Rc^JM;~0p-Lg|a-0~liEwBhNIALnJqTAdNo_m)1K4`y8Ws&Xf= zMkaBCUhbO{pj+Vhd+R2=CY$BaZ(hO2ihW@F`I4BNjmlJ&af`e_Y>-?&?qxJypz>0@_8*G_hJ9RPxt zi}2j@shO>cNp7#t6o0=78@JL~kN`PBW|q zh7)W+4>{K|fJN85*wxNY*SdL8I^b$TR4tQ#`*s!aG<$#+OuyJV{#i;~1;_ZRUv zoUq*jS&3(nV@94^;A&a%6(9#eoR3*~rn9ZDFSQt7p>$V8g__Q5XWmFtP&xTDeAJWz z0BeB)oG8&tD;k>JV1VYD0Vx9wr5Wi{8R}Wmb%QC=r3-7ic%U@qExQeK>~8tDUzvQe z)1K2fW;yZrCa7IEC`;{TaXY$n+?@8iDGc>uS;c1U&pXK%I{`Z&z5Q%)?(yR=ox!+% z24v6Lu;*KgM4c~0*q81)7*{*iK0GM*dFBkwdv&yz#Oz$IQN%~h+cz!3qQyB`C>pR0`sdiy?yTQ8@x~`Yj zrqf`f`JrxsB3aIO#rn9~ z!D|1_XqhboG&boO%ZHuI=AfT;5&T?)LN~`_PO|2aj*&@eMZR}je?WN(c*OHAHy$3Y zpJk21^5H3qMYC31xJQ_+NDtD{oS#7IodD>5O!*T?X>PN_*Be*Zqb=+O1h%RX-Cd@8 zpg>ICCuld?V&96r#JH4W7yI}Gbxb_ftTk=gb1dN671Ay|TuaVqY1UIN8{=-5gATqp z?*09I)?;9^bXD;VwZtnM638bCG2ga(9>T#@qNVg%NjbLDVlTmujKm7EYewt90 zyS$AL59rArj2@#N4_>ZX8`#N^i|X7$$ca8-#w~ost;Ye5yMr&n{nFXAs_@)>GXPBL zzp;0wApR760ue#hFuQk+s>m79C3An zC}yMx#$9f- z>`Y~Fp&9H!!kvT&zx>2?Ny_!%8wKf~Xfh$*${$(VlpZE_gD!62ywI`q zgc{ksZ60@~*xr2LTpPPj5C3o+6>El{8E@Ij<~W!Us}#LWNyE%iEB?bF!h#6elM}-o zqkAOUQ%9HTBK1y&Kk`w<2jdKlC z?U8{(m^3(6BV8*kY1Q{gi-k2f0tHe0od^4AJ0C$uRq1#)s21#dvtx?>&}P6UN5dr$ z7yTc=B{ii?@oWi~Y`mct=5`Cn^sE?BH(sql1|CY}(C9+H%jgiZo8`Xa+}LHroqmGO zMLZtoXk*!WTFIU-NHrT}A0eo$=rCv`{a0usi_)Fs$d&b(x{Htvv%-RAt*SE#nehcfds4-v_1{@Hh*v3rn4h1(dKbFjvB+AL}38lRSZhHF8 z3I<|iSKY5-^zc1A9fLE5#qPWh=A41nPJ{JiqiC`ByCK8w`JuW8Elob{$kNp_LO9*B zb=~K!%X}P;I&F_Q$o%-bMzrSm0z#hFb+m zEEvAi5;PL%SR>GQTsBLU#t+8OsvxUCzXuqwcYN*w`t8mNpve&cbF2TVeou|MJ#{}| zvLj>@dYM6dcDb&w;xUM4<_;HdXz09dGD0B&GpKf64px-Kbz~_nH*YH-S=FyyGns zC0IY~*192JX8@McPoTpe6jmz#EVOdQq2|&xPof6kzA?E`u+PIUg9Eub*# z^LY!>eKMaJwH*P6iCo||S*gi^rI2ky&i*Wv>d}m~HJCN#VW6P)MuwBBy#UKXP7>&h z0os(#?nXxM`q#Ds%0H&LRO6is0zV@GF5KfDLVFC!AX`~y(bxbTgNtmAb|E+bIG(6* z_v@ZiIJi@jCys}J+S0sAq3LbuiOjxa`@{39{c4wQ?u1O826>!D@_qV1r+o+y{oP~$ z?w=tAK!s-8Mb|mIAC#`_{+Xl!5D=V$rl2c=Sa=Pa{tu&X+MZS*)-5yLZDVYVMf$Tz z|Ex+1y$%UkLRD=vq1e6I!*K`IV2RsN(1mawVCmciMnI#gJNx6s6T_3_g8Q6VA_=F< zaBqV%3bWx29{(DdE}96`3`AuYvPqVZPeC#`CT2gx8+=}%06ns{7SIz6fS^xGf;=~K zL$K%CFelvPd+)jlOmRUZp^nJJcEtH4Y{Ktg&MEYzb|(fv7wGxkU5BpJWE8HN*DwRT zG2>0j?=BhnpXlV0c6KMsmN^AB;f_#+rdT0E4P=#wQ(a(q9YF5KyZr@@s{TTMi5ES$KO`3Sjq_<>-7N0 zl8D9Fr*dyuubv|26x{CF8+k7z5XMEFA;~ufm=;tFvG; z((~rC;|$P`Kt+wxv}j^MV>nAhiVVk(7YY>clx)(gW&L^ah;Om`dJkdaI$dSfe9Q%n zACb)9@4|FbCG+sJb0=6NHFPoY4l0jGu^`N(2l^1oE=%LpIeg#fTy1!t+f!r9$P(2? z42vVbkE_-DP`S;d-ym+lQbz4m(T?`-l!tR9-X)$`bA230dFMe%Ah(tIy18>L^=C4- zOybbR#u%EQk3~SmS+CgbYd50$VMGI5k6Rl=melI_S1n83I~3+{;0C%sk8_XvtoJcw z50KgNHn+)eCu%Et83zg*Nc;%hHd-Lj%oZ;;N>F8y;@1#b3KBN)8;_16{&a!H8#%*p zhF*%0m~!w^c%4zXi^!@i|1^;m?pZwtfV)o76g&esYDB>TnWYU#(8k#UPyC|C@vucg z&8pXeQs`u%YOz{wA6WJFa;jt9d6jwp2JFidL$mLSeIv@zcF>uzT)INxX1{R-{^4NhH)r(cLpU?pVgbe9z+hWGSYHQev#GYCy)X)Ck=b?K|ZffMocUl)1@$ z#Lj$Lu4J*zn;v&Y;XWV@ZD*C$Z3Aqpf{p;N1G`gz=2+; zV6AeE*Erukw+Pa+AzR-|y>I3akfbWEWZ4YuEKrD#(0vMo9l~rANotC3$vK&Z0TSI6 z3mvz!uGeU7!^uIDpf5lT57i%6jd?K`+V<)^a0O_BKXtaJMyWohbTi&S59Dp?c>tvP z6Chf~;5lXAH?~>k)z0UEJvu6&x=~U-o03Mjt0p?KW&xH{q{(q@GGu=}`w?yyLMDl5 zUlEiNDXIlo*F9H4) zdcjY*f0ocv9A(+uP1RSs4K$Co!3Ef?>PSZPIX zrX?A5Oi0W13&2%$Am(+iM3y>0IHr}M-mfmBjf2=vu_pFlwb@4?>tIfL^bU9BcmV96 zFsEzoT|`h>zYW%Q4b$4aVm~^0|3PMpuMPbLDWT`gZNHYp<}kLN++w5l>FVW`#?-)G z1}>S+S^{+q$^?j_rYGt)H-$Nf(Hbaxe8_VOBvUqwsGD_l9x1Z_$%N#Me4_3!qkDu7 zr=02@Y)t&|#c)ryU-#VT_SSJ3b#Lp^1-h9TqgmsCNQl5p%#6RHaU8{5eQ z0~eAiqoL*|75p3{aS(8ymCY+*ERsrl*6(yOMNF%UUCR=ByT3(1ZX_lE%K4k)3`9kj z_I|NwR70|hk#a~?iY4uRomoI3wYnlv5onUgTzX$iFicXqC5F~VnhFOuf6D65X$#DY z$l}+VxNX^m4vw_kQcqlTxN~$>4`N;9pY)+depex(afOL%8M0T(qq~c3P)> z6Cr0;he+W+B+27R5<4IT*_?iAPRbI>TOJ zzQ64MV>1!BDV_ZuNdxo=CAL%`1~fg2CBgH6c~#6!+eJw31@I55QEmt5v{=DE4*@DX z(N`9s&)eqD^C&p%#j>GNF8MvIJ^}y{C=e``f07A%w-x>&Wp5|^x=y9uH0oB0=?4GI zyJ9!j^_wmQb~3O4Q@;p%2vm@IhA0>~zX_Xk!?fn+Lg`gE`LN2pZp_aX5`oBKkIK$) z0H9@NOWp^`vc>fgtA(HBAZ<|B=Bw;>j&o7iSBMZ9OT8ihl8IJ|-~25>A3QeI90#B7*y?W=VU8yAllBO#!6)ci+_? zXGe7a(@GZqDFSW~$>CN=nJ$gthrDiSg340bs~+dkSqg9qD~1Pk*!* z+&FWI==Xg314F%;H`7D!$0C9uzx-9%;T`Ty#!`5Hq$-~>qWrvWCcR;c; zt5s#tYSy|a6J_;NVxlP^RwQ3t_>F72^?W6Kr~Z|(08_NPDmSD|jA%+>1YfVHkIdbm zbq0ZOKxmqxx$Q0Lguo!fE|Wl3v`_yxAK~%73|eHGMHFbVs8bXO-&~^mBEyP#k`$%d2QMb);SB%$i%y1Jv zi|1=7KP0(UTq)3d2^;Za1jDIKN*Ly!S_-Ph-4_6i$n!I)7-A&fzP5?*1>9+oD0KGe zJu%9jwQ%0%vGfTW0eb=W+$ne3#d0gEF;z_axxQj$$ll5zHVo)LboK{CWo*fR zz^!zc&;A*cpu2p}sslKky6+lu%zdti`yK3fRoQxuGHY9=`sL#xw(0~^;4_kDoA0n7 z`?OzOAsvfIEj1AfKok?7*3qK}4F3?XB1x|JAvdisBFaE*r|CBlZ(64RU!-UGtKC8b zHDUp%=^;ce<)3RxcM~xI$b#rPP`gx`Y?0gHpi_qYs{IX8%h4rHG%F(``vtmeeC&P9 zZ$OUM#ll{}tj#2nhgSvTUodn&P|6f>RJ9qG-RIlWuLZA}J^d?UXF>%yTMO|lk9_D# zJHdoeZ&Kos6Q<1Sj&vn~+C8PUE8!7mYnilt4~%+-TU52zFc~XU$Nqfscr(c0c;b&c zI7CxCS{h$C}!V(QRk{xS>c^9-qv z@Zw5D$5tU^E~xlCJdxCB9iiiUmBrMpfTjqQP&e@Gt)IWqPj;AXNC0enc*V4q3ak^9HzJ%)5!wBk?HX6_Ezu97m4+w?LQ-5$=_j5V90Qg0%aQ+ zn$crOcJQ70=KjjvjL=JdmXf2Jj?U8|pmnXMT$sGZcQi(Q^*`<1)9*tSl$EdVl*<&< z^FyoU%=LaQ^5AQyp^QF`U7XviiCnOF_UsyN={h{$d^XhXwGT?R8=e_nNEL9Jb&S!< z{bw%#Z_D+8fmF-Ivv)lo4;CLtDtIezyH@J!;SVsF2-A4Hq_DXo-fpc@@9z@jIm6?h zyzrjpjz-Ea%AxKYiKF|#*c#_oz`NgTi>tMXhpI!a=#Fmyv2QDRl#+K|y`;VJIEo|& zD^8y{eO1iJPE#v4J9yRb*4?8D_Aq+&s{CK#&$CLSd47Cj=bVHQQ0nyD?DqO1>3lA= zuy~k{=rHpry#AeO>dHq~Koi#F>TxEipb9BBmS+m5^QQWb9LXww?;#F0PW5*4-WM!N zRlGmAYqh4)gG$DH2%q}j+2I_VV9wg3yjc4AQ@WPWIV~%T+*w2~?g557&gZPw+$_sN z)aOgyKyA*K%AkX)4gAki-zr-VEZUsZVFfN(aQht?Ou~|VvdWMAK;r(bYYw3Gz2_WJ~a1# zl!w*0R5m;l(gF_BLG>nEeI78oq1@$xP5BV}8~4L`wUw5DWW2)RU9dkumz` z=x{qHv~OjZFP+hyFuQ!*7^&2+B>VcgX~j`!f2*TXkM!n7yFj(2@Aiyb=Xf{X#LszJ zW;m5~c^H2?z7eb_`kZMmsjHhbr9_Pr?YaDlYMOT?Xyx8FHQ%hf`9h_4Q)a!V)7fs1 z=Go8_&Ml0-LL@LPS6mew6y30-fN~|M{_XgUz&6J5K=>795f;W7M-R4d&M6P#e0Ip| zThnKXOMtO$aF(8$nrf2%Z0a)!pMBlxfin5Ga)qy}T^<}yZHKDnO%0#8MvNylHdneq z2fjC~bgSf4Gr+5JtC{DYjWbNTdh<7u$b zc-H>1#zIl;vG4sh2BNFLfbNAKW`yjBqD)?$Via!6i}X%zh@i~^H5XoEAM}2dv};;s zoLL4`_zfL@6rHy%?d!GPMD=b*Y4UlnWJt^^DA=1vz;0v}>X+GTl;cAHb4MRty2J=* z-uGDh^sJ(`$(6btV+hJOf94OJT2gQ59XCwgK;Q5%gE^*O);Krxv$ZcHN0m6<>O#CL zjqN=M3CJHd+KLzKE!(zE@*5JvS~)E}hS~sm-i+m=T$0Q}9D?GjZ|av?-c=|+GBM7p z9+{s!sVDQ|kNynD>>sE~32{6VA7-sT@hbFH-U0c|k7k)?wh`~NIb~l(B`&w@d(-!z z+W`FIvsv7YH^hqL@o(eI1Vit z*|INl>X4CJv6FP|0%l1WAf@nNfq|9rU06tLSlCnB&pjTmgcEiT%b)2caau*5E`>a! zU{8t6^(nM-f6ysBi<(-caIh^R9&FU0-`M zad0#uJGtJF8+5Yuj)%Mi%AG4Ln<|!?0Bn$8V?6#P-;{ZXma z9!x12xjDA~tc_{D6-2+JHf2$IF8g2@Qbq2c+%nCvp7rRAayhu?R+)V7lv4yF<^cw` z8%nHil-*uilh0the>1@s^+)F9DJ!D&>}QgL@mP%|udz9M?P&LwNkCWU-qSJ1FQN8} za-_miNx)W7??7dQmYPCYGw*-?Z@+Sgun(p=?1M>qRj7f9{109Mmz3g%#y;v6srNhg z@4p7q9(216dY*w+|MtWGHQwz&;PWREi57sb1Sa$EzPN2saN#^V3;mHa|H0rNVnbd6 zpPxY2NmBSv22cCD3`5;}s?3dpFY50v9x(nK(I@KOdKB7k>Hqe~?`KN9mL6EV+Qs&H z{{NpYzPPpzE{y9RoA2K=AmT>>k2G~OM+u2LdATVAAO&k^Wtlqh_tSAi2TaG&LgPHw zzdaoR_^J;&TZhq|ZI^MIE{ZCqX>peh`Tz1tzi@KqW`4b~2>lPX#l2t3xZfGx=uSuf z=D>ir8E^$WV)IyS-u7T%SwhuV(bUvL zRcg8LHwFV(_a7EE>&dy^$Y+t_3JRfhg|B}8e)k#=nCg7$n2d~h$n5G|3K|~#f;YJT zZ+x*h$}8H>-;Eu4w&$9$6Q`RVW4mJtjYg1bq1&bx@_-Rnq&XggZ`g4V@aT3+FVprU#&$_ zTH?$64Sx}mA)eT}ETo{Q7zd$k$rM==D#&74yRESN&YE@qaNbY2A?HIyY(}*A!=yk# zFDNPa$q*HO|J%R4pL|x&zxbnMkMZxh2=RUzU=#GuZOp&Nw&FsiY`gLnZ=@eH;Z3;z zsZP4j+hHo#C7ec9%4+}a5F)>dm&%U5;0^p6M)K-UY~V#A@`|FZFa+dQn+Q1ggAuBL_mza4~C0qP5R z9R&p%JCgMOzQSzL;@X;^{y8iA*Z;B(;(^$}LrEOgf`BLn=nmbKNhapkEKP@eD99*O z0W7DLHfo7txW%kSAhAyRG~qvgH6W1T!Sce!qZTr63D$uBJ`wpD5x> z{>vI+Q3KN`iQ4@EunSCaO8`G@i|J$=#ZU1w1(k?$%-Ta@u4tQ_>d++^@0fh6f zmi+(zpZJUaUp^);4tV@;BAtT&+Yz>;jt!h7QVQuVvH$lx{u_Vces&+^gfIMx{7)jh zhuHiHz$6PL)V(G6Usv>hdJ^$kN~{Ui2I`1N#&SW*LyZs&oe(o|+X4lOt73iVqRGel zy>AU8$SE^BVr!)tR%|PMlre%1dWwO|MpD;lGtfYe6XJ{G-BcB(&HH+XL1U&n&m)4- z7M+9-g)T{R>{-<1&Wn5rdP(v|%5e_P`TC27I#g#+_ZICxZ1K9Dq}LY&6pD(Hb3o2< zPNotTQcGc{-J9SS^%`(_aI4){qMWze+{N>XqGC;A#8GwD(*A!KOREa5wf7F+8N>ttrRcbQzUGb2dsbF9>!@p|(I67N$_8!fy;@0s zi&_3+pQiNlLkJhoHtMyw5n`!lYz#O-Hds!RV0$7Lx+IQvW!kS6e|$BTF(g@djcAR; zT74ZOu0`c<+gIZ2bHviC`8r7|}{cQy*`CXASz0jd4v7FS`L*Y42W@>LI9asiB^{RmGfzM2;nS zk2T&6P*=Qr&{MwVmOuCQM!IU!4&JV3@-~g3-z`ZAar;P@A{KwjAZjOxmf-o*MUKZT z$vg8H?+VOkTi#!o85Wlfmc~5YojYSXo1Eo4Q;d#PxY0yx4u$Te8o#d|h8vi?O9Xds zia_LbL3PTTnbbvRDvo{2EBy+!`DU{E9PasPAn&yg!e})X-&_dD771E2#W(c_SJz=y1z!fd_UK%6wDW!1~+n zyeQ-KrL2I8A9PCIa#o(SatO%}gp2BYD1;gwo{Q{EPc^(lM9rm(q?O#4byu&L3q97Z zNb#)BD~Z;qBtZvb}kegON;-9Sj?C~4x8_ku@p=9IaE3Fmmwm-2SiVFE9 z(-Au=`SZ3z>%@nMQkebt8`_66+YMjz@aUmXTpQ8eWn`99ke)j%2Y*rYaPx>&{*z7Z zCz>1Rhtl&^=3Vp)*y81k?p2#~2WZis_u&=ZpE$pPStg2`wzPA4Q}2m*mV0LiboR0R(6ddD|A=@I8IFngwomc#Z3g5PiR5&|q>tfQ)F z*WON)e#|}7DCPKprU&^Wv;5wU_L6ol{piVxfDOBcioFuo{`0B(vgqB0+J`^C`xo9c z{oE6)QiGb_X4TV|xYXT@ij}x5NysO^C)AO8kOVWi{=<7i+>&VI2!oT9KhuMg>FR2% zkaSzzM_ErozY~aE>lyQlttavdG7s4b{O&AaJ7OI%$vL6-J(-jNO*s|8ZaOY|Douk7 zcSDLy>bgs}%c(CNVl8$o6@1`g-&c0U3XMK39QlVXYotFRsTilwNZ!FR4aOEtJ*xXO zY)CVeb@L@R}=}WPRHk^m*6xez9!0 zx#6`oZ=Pn%NTr3)b?k^vvsNYGDY~1^wJVgbi1-2xh~nO;yrDVBeY#JcmT0`A>(c;g zw7@(cdQE1l(vKQ|aotfV+$j_fd;QZouZ-zuj9&4RkH#h^A{kSPy(oKRRJ4orMX;K@ z4gKyJ&L?HR*pf*^=Sh(%7pnF6PA9GDYt2qAig(I)8~73Jrl+T9eUr{VI_>Mloq`Iz z?vN&V!P=jLvU@?yCAC<)7AY6n0X2T91cjyRJo%s zld+CjSXe0ROqNfuXeJ;|*5A!O-d9#oP#CQ+7Mg+jwCeN%1&3A-Iiw*firyRZg;5yg zYX{?mwpas1`x)?3^xoIIC8ljMJ7Z%91B9vVwUP&9)fJm2!bSSML-5>(eH98~(q`OdCsja6K{)b`SM^&;B_^EJD4Hplp@ zxi0PijLNlt^L5q1oz+f?pDqZ)QHSQnPwjCR7@M=fOv5T};U+U?)P}=fFGPMm(vQz$ zig{lKGrZ3me(=l6>_25;CrE{fPy^n=YsUGArp z&?u6{+j2fEcCPIla=O^<6Rq~bsmIe{oX1J4Ws}@&--oV_Q)2-ngIHK@3$%$+OGDd) zE}dR~z^bOmsDm@;)nL0ipA|}VJn4scMp7L4)UU)ZJAKanuI(+((uf*ru$r_mKu=c^ zg+v?0Yy&gCM|Es;o%R~p*Ya@ZsN_DH0qU8S*EOdY8Rc0(vIrazcP8f_{f`N)71lF z_jx%?P!iGj#j$vGtE1ejrSKE<@~{EevU5P?c&YtQ;3#M4@ho;haEBeZI6Cf#aX6Q` zG4z9iOJjmSLPI0Dr>94z0+8KEYaMUin4AsS*;-x~- zZT$T&W{F*Y+R8#ND{X7{Gev)Q4g1S3!G~do=(@RTeU{P+KV%jhGKc(c^WG_yxDBnY zP@`n4-m0JwRrj-7Fit7uL=%s_E1nZ5x}xYeHs)75l%}^k49k^UXehjL+;wPA%*p;Uq{h4{;g4Z+3ghUiBeG@=4w>p-ZPuB!d7k*D zO#-8SgLN(Nrt={}!Rg5H&Y99G9Lq;Pq`#Nm!=^r4+=5!<>&xSYXV(=?gX29FlFH>y zDfqVLX#HZ?kzu1PIO>Ca@!LKw>qJjkL6lno!HxLv$RD{pT5s4i$bC> zj6|^{<}LdpF_|b^hG#?*j_+nT3>fhIcg$B_|8>R-=tGU+yre+6padb~#gCNJyB6^f zVyGLSh0@zaB}Y%7DVn~|9oJY80?w}9gq*)FPB)gwk$A^#u(G76#^PnmZnpJT2dW`C zW#&C*3T008(0;B4j}+aon+}iAZbU}9d4zKxi}FL|wA_9mi1^DaBC?)_beJYc?J<-_ zp~+hp@3{69>t8rv@X$*40+a;qA{NVgBHgr#zUEtaMzuQIy0ygq2#cv3-NHf##@82D z61GxH`CTXxtG%wPv>e);&hB_YjPwJj>w0*ow1GEmOS%O8zMSo|hX<}viL5a@@gn}c z2}Em+wi0egJ*Ff4p|SmteAUTl^vr)PH#hyO*$e4g#Iw_&khK!0)(YK#zbP%!B(-?crUkR?&i+vSk z^NI+O^*0&oKVbLF5!wh8q4tN~-z&mCy;|}h-wvO{eS5O(akX(bb^l{Ily-Pk%L?;+ z--rF|zVJ&jh68?&Y?_2S`doHd+01pPl$2CTK2+DF?&mk4TN>r}KS+#BX-#&%nO1^Z=!^s`Ei}FJ zvnIJ*0d(U`?NVM$j8+H^RGBKBerO{FP(!Ko*s2KijbFS{zTbuyRs*{J0SmAL?c46jmzoX_2S zy95OjN8cVg1ZwhIgV^n>aV#m1avos($QzIb(l;QTHbk$mzV1> zJmT8CoI;3AX*iWh-F3r%)fx=ZDp|)(Ae58j&`6J6t#?l^=Y@b$Kf8W1=q{vth`(+6Z z&>eR}(}sddxf)WwXqeFW=l77oh3B5Pz#s3zea8V>YIo2k9M^hKnc!A5H=zAcW)zjd z-z#U$7u-uCfHM-2N{N%7qHC_D#Z~ZLYdlLRKas7~saQ!Fnv&RWv7mxC{!m%);SU(U z1A1^Uci}+1$}bm;)-@Z$i`h%O3J@+vE(lum!_8S91ah?ffCpWY5w6}hj}Pmp<&+rk zWjsg}R*&FGiH+OcVff$n);6Avg=cpe2e%z;^76W4B3`?NB`Vb%GSp&xPz>u4*5JGR z!iM=(^FOQr&#}2V^89T~>T#WrgZ!*5p!Rl7Q!=q`xOyM$9@UFRovMkf)I(6nkxA^-=Wdt*3_^i$AS*y>oUX*^q>emE$Y%GvSW(b z@A?x0-+8iFaE*N-zWFyj5i50yOVw0f3p6Tlsu^~GEm<0^{fu>2%A}9u+NOl{3xZcu zAZ*3t?im-c+Bmf~!(#(=;o2A>UR;^@pD~@p+t?tAPS}0&mqJ z*36qxsgFs7)RB&ZBB)-4U^cO~dCJyqwoZ zLVBYD8?*iZPj41~<--*++`;8s5oH#coX*|gd3t__n`FnuQgVql*>4Lia&DF$xI?k< zVz1=Xl%#yx7?y@%!&0L>*Zj|or`-#&RxKh8Rb2Vr7_5t+14ikqY-*D~dbFnwOettZ zxaPvNE!XPTq%>mek5@ z#$GR>pp~OZ0p0$QftMC&!&IXYufU?B>F2@2Pp39Do&|r6k;G+6-TlIkfLy({~+2HkE7_!vd3vfhL2^9JD^Ii^L9pkPoy`)D*MS1zXJx zgU`#PBc<*N2F?24qhe@K>p!5!4+Evm2Gn46cpEJW3jCWKJ!w{`@Z#%Wip%>3IZCpRa?wj)V&Q-DrP2Kn0 zp+#(W@pimKP=8kkM!}Lxu@1`}tYNqNFhrYv`%*Qr1hkUq`stni@xrUcf$sXcstf20 zi+nSVV*gB3__+}93r{53Awotkb83d|hRH{5yFR(4>SMdtbOb)@p)W+Fl{DbjnB8}a zA^j;=EpLu@S?0~(|1{b8rBTs;+srA~J~XvO#r#13^6DNPGj0Jl<3*08!Y56+Hg^Mi z9T#3WpG^)bwJIk`cWp?Tv>sn)A;+grwLMO?f#?$itYKs<#%((^xW2^1#3?{QElALd zv80{M94P&|+zZ-?o0}T}iuyLQX0|P@o?HL_JLGhbTqv}s?g3KQ(&r}FV>-It-u5F$ zUxSt9jS$Qj1L58MC`vMTm`&U^G0W-fB9)A8D!Xa`2Z^KE&0WbQc##kfb?N8S^eF7= z5m(&)$u`qqZaeqJ-fwARhmKXNsthxZ`KQ!JsZt!?czQK^m%O4%lrEHOpN2`&e;4H+ znI(^TUzOL|oUeXNma#hw<9)7vL&}@#&Q~E#UZb4q>Q3B&Mi7P-gg&!(fYoMxm z$fmZjz$-2#U)#iGZ3)!ERe0yL&0s*{9>|SF+l(yvDLL;Qd0cBxT!?RT)IP6xb;eCx zMHsYjE$cB+=%J6e5o5f^1YA<^ZRsMZZTeX`hRiv~Nu$F9l?bt^{-`^El! ztD=9pEaG|$P651r1eNI3aFg$8iDEGQL@Re;8KdS7=1epco&#nVM^!ajZ{I3C(^L6e zmp<$a;X;DB8KcuB25x$B$C@3bGd{Q=_e1RYspPL)J1#M(SrPA~Ij$7f`d^I0Q$4kB zISb2yy{{BNufXMJSPYL)wHtH3h%BBTan6G7gPh$kaHLgo# zj*TSS+5c{DCO)xR4jyfX<$RoNZbGC&O!g?IxAE*F_ zww@Ii+jUNkw3cXk>4O;A6QRo;@z5EiaLUvarLxrq7AZw2f%NdZC1_A%F!tpp{@h_S z7*5WRUzI~|IQOX)?XV^0peRtrE)>Yps@L7` z(f6KmGIJF(rTWeSwY|DInaXzg_`PPqfQ5F|sk80|N$-V1REHID%zHT!zSs8_uSw>% znvN^j`AL6QQHo~P7xg%LEcWm;i)XZOg7j9a@tX=>`U#1%iS6HJ>u!>nR8{@_N28So zOCd1{M<~z6;^5oam^t~ZU?f?sS&mY*#vCSXlGS|Y1+V_3a5UXpr<#u*_)!~!nWR~~ zQ$02p``xN1QAi2i=$GMHtz13gmNhP(yMQym5QL1a&&7S{UU*8JMtkhTPo89_8G>$_ zxYsN|tSjNd$!<(~v;iryNEioQMnqdyoL{-Gn)JgX52L<~wPg2AD>gFJp;9vjLbbKh zgE}y5x$!^8@?pdp8(+|wWWRocH`^)jj&-r~lC{Up{#jc?!>l=1%HY8p&7E;{TbgoP zYULA_nX!H?_!Thxlr8i{45?OG1>*l5A~3($;Mo|-gg1u!Xjr3{v1J;3B_}wy!%a%L z864Ne)hw5UNRpztl6}#Y^?u86ZafMm9v(G6i$VjDl(*x?+UW-8+;*NBsH&Ud?n?VH zUlFe6kNm2cnxtU8S>fSWt0M~Q1IF4hJW`|_r=G_8R7by^ zGD~*7uw1f3Otqn3pyL~~Q+;Iv7DyaIA@*5$hIt6o9yFi2G5VJtbTW~8VRjkG{x-Tc zDb$=bx@XX_-QWR=U8iwXz#ot>;goQ-6Gi8qM}L|*eJ|vj<*n^4)TyL287wsCD3X0% zxW-e!J1h?`+;KN3>{P{Hepmd_t)X&*e=gq$gS?~fAz@REp>G0bZm2sfIPd6qPwA4- zs`Jd~xmtQ*>1_aXy5@PecLDUCBT}U)z44%8Ui@72>!m8k28Fv(?pA8$($3pg&d;}R zM0G$hXIt3T9s_Gd`l1%DoliMuGsrynHmrF@49W={R4v)Vgau6jvx~+pymo$zB2EDX z(25~z%q1{HVSzcqYexwAGg&`vru|U5(o*fBeoREHutIs{uUQCCVk|^jdzIWn8*wI` zNQ?yuk$)Fe`=jNo!w;0`@E3PsPKr%cid}-gL+z+kmKvqXdM7HQ3;>*2cI0jkTDm0d zm-|p7n^9CfUif>(caEpxmJW*X$pigd4px|CIF&VJT)*Gzrb*w!}K;-U1QzH*Lu=vtXY z68VjWY)ho}0tY)l{Ai1f<*pQ)Hj)hn1JZP7jZjW}X3YfRaHg%s9ht7ge>~}KRBch# z+6^@8GuoK1&WUYbUrb_;2%0E204brPKHuE(=tlTCr=q4$b7)X6cR_yDjx(;F|NK_# zY`!v~O&LIXg{x=DHI4f+4g$|SYP`XbJhZe5A4b&*8?5ngh^`;(45}5WzXl_)uo~qwySe*@lQa0V}4LG+y0QxWV*Z!W`IyHtbdi*`Q22Qep`l(o{^Rv^22z%in&s6+rNCny z0nT~c=QVgWNBI3gVpL=UchMq$P8AD>In8qm-ad3~HBr;}0#t@j^czro9Wc$d_oyk* zcx2P>bK31^gHOfE1F0rCv*o*&^%6F(jm8s8_fOIDo;2KUq9I*8VrCtTM`IDyxc=*r zP;PtOhuzY3*Lk#l^h{M|NI`bEc8)Z~6xyxEp=J$O04$@pWP8U@V&!WEf;~5bV0SJB`XrU48}mBN z%{ud{dH3)w1Z91&glhqwIqScnd)|fqPge&n7Ef|9hr*qs5XbZDv+4WxMl`mXG9YBI z{cct+sm^$d75I(6d-N5}elEMu3VdF##U@|qYShJ*-_>|DPK=A8)~+37)M<$}W|QbJ zG9M4>w9y!FfV;8A>q{*iUC`l(uH=YLb9oI#s-GCJz4^X2$zR`|hX|a}(5eoRvk4Av zQip0B{|g#R#W@hJ;#>2x*YwE(=j2|R02zcYc>Qh>?vOTN8vP~ghGn1U`>G0H?p4z` z`0m0F703?Lm3A`hyCi4dRd~n0F3(W`!FFiPXtYPx+q$CBF-h#ruL_-fFF&dLO19EC z9tRawWdk#X&{8eiG#!RFrW4hwY`d8+{zb+xpkrH~Gf#JAc@bdnILcM@8|GyOzy~;e zUaA(8C0us*dSAXCuTZFb3s0k7p`f~GP6c?eE)R{YZvXsTY@yn5R0;W7{L2b8tKXKn z&Ap1DVFp)Lp;pg!b2o_QQ-D_qV*I@Ej;;$88Px12@sS16%kfJw9^2}XHLI3>X{kcm z#z%$EjH@cN13)bQyaPX~Gf%a6&f@x{uqe>uR!a+WUeI2;4Y?%q^gUAM_|g`zSH=;) z+rF$`GZNoaV)f*esw;y6M50PVLAv5nDwO?x#Jy|D96C?CaIyXfdE;GKVi6DPON>Qo z`Yzl}-mpW@t3ylej-VZZU?gaim6J=ngwM&Dn-?dOoHBCkX1^?;Z%UK$hiirH;}!h< zTP1LHbk18FSZA~{ijfhA?x7OH1Pwc{?7E3X_JMmsDVMz>9Ig7)zn6dc&Oqzv7EHc$b?D&v z^7P;Mbw8bI(GQ_&XI>ISVu(j_iv39wj>B1Qa<8iD7WkTlnCdmbn$NnubtIV4MWGgS zXteZ`w1*7YQ@jit^mG=Ir~)>qV40w$811+0AO;Fee77`T8E}%vQ;r&Horv4(c>JUF ze)1_mVI-cAYE}mpi{{t2Kq+kDzf3B_a$sSa?Q&n{C=(rP${5N=Vj)Y;$OZ)A)L;(*9Fd_SNwLt?lq&tLI%*7-Mv24#ekh)5&cIfPn@tU zWshbc>rReqk%^U$7}hcKnw=;yD}vSD(p4)Sx}!n5Yr3O;tMGSO%@=I^TWPvo1evTl zmmx0f`PilKSmreN>d((4N8|1AFGG*~w|nI6wVM&p2-8(1s=+To6)W`JuoX?%?mTK! z=);nWp=UOh)?CY!eY*GK*XFH-Q=)Y;tt=jE6ujgj1~VOFzF!nZ%@Ih)t;J)+%I(HGCY;Th60+d zz2LX%Aam?3ON0cEF|PD(ArcBE^>p{Kc;UFMuK%t)zBCTtT27>{xQ`NAxj01)4wVu3 z_v$t!Nq0PsOo+_YN&2+vU~h>2uVR-v?(@&gH_Vhd*(M~9#amt!i9y+nFfO4pGcG@cE0e|}ipa~xx9q<^xQXW+F0_m}VjJWc8gQsZ zI_tiv=qIgJir)=Ja!UBVs{vXlZS}h3Jyf;A@9}+X* zOAnzWi&d|xwbhxXy41Y;%f9bQgh*!atg#e%_a)AjESu?X%k-o6R8qI)6tz*M2eL&7 zw$=LHA+#y+kJ}+ zzs-Un`Ou~DTyJ=1Q3i)z9SGx5d=;y`PKBo_678ojnR`h^?E}Xv;%VJK7;vHxn;` zCCxX#L1}k%hrAj&L^F#>yoJaO&^mel+?EfHNj6~@IOl1iKlW|4f<&9CmFsJH36ytu z{K+?h!eep3nhjL%8a(;|wl$;8yN7(TFJrDFwS=D)q`oE^=za|O?1RA29-K%hB&m{j zcL&5&T+&Xvl<3ImG|kYVgqoFiy|2(>^eeR)no4Cv&Nt**3v1+VoG)!VdD1^0oTwk9 zEt|H>a%Xm0QeaO1`Ybt05s};|yp3?AN2QXi~{Jl{St3*j`A4e&+LzP#6S3^ zN&ol6#~*7B-;mGxXN!(caVD-jSFAt|jb?>8f#Z6GHrI_wEaON#;z&D_%!X{g2!@jX zKp6=ZOQbMc{_FNL^G7SXzt6R74i28?FR;5tT_`!{md;?fHl=1++wGU(tRh20lIbRZ zex-4}Vc9z3?rE^mOM6WSyIIJo#6ZR>2V>$2%ab1Ux8nT`AfbB6uJY~(u#tml;VKt* z0JA08lzdoMy{%>P3+ z8qu{C{-wYEbnmdTHfqC> zZ5XA!HY)!*_WpN6sgE+gcx!}(|~t7cTdBrd|uDo+F8ZLUM= z(z2{_=Bn8)R91T7x<|vdHDM!#eVK5mlf8e@ zBolgn7KB;v=M9z9LzAnh!${_UU0_rN+fWl6*8qH#964x;u18=(gW4#_Dhy>bw5999?@^G+CAjW zj{Py6v$6`@rr%Td&TVXmVu?%m`}Z<4D8gD#vSubWK*`IaO3&34{C3XCS9;JOJwJuV z!uFGk&v8Y+T?T}FQ9e~-1KqkTa_0T&ib+KcgY74Kq7F|3dgMJTqx`$o?CYhq6a8`7 zd&KHbs7&5ZjM_E3cgJi%z*ZCvm5*M{SnFKOFP2o?e6x#PcOkLE*FPyxdR!J37E*4o zCHR_hLe@txwy7I~sBt#=DualHv>Jkv1yC)t0l`qwq>zWwsU*1kAHGV-_n^zshW|d8 zUplB6l{f4}!|%>JBOk%Rlmg1?E7<6xKKkvZ%{B&YY*tG;V5MUntxtHz*-6A4q!pj4 z`qp*VCEgohe{*Wj&ZJ6`&oMFb`io0Akm9Mn>(lE613FXx-sXHCNY!@mWYly| zqgDLJ8`7`)AaDcKFOZ3wWeg5$w}Oj{->$QRU~NAp5U?ZyDUo?`n$5-4^AlGI^0idz zFI#iP5i5Bk2fo9EQAZKYGL&Z)Pu~QBdjwzc2wvTO-A-iQcmUW_2#}jU?XHRA*lRaU z{%5$tD>1;U;kWfipYcCft$%%m(fq*HEDEgyt_>9*?x?B)jCO)%#G68fndXgCr@(!V z1r!@xCKQAs4x>^ZOa@_p7QzsK-*=;~=x}+`p@;L_RYuG3qe`B;;#gHsj6IfR*KAgD zO0TSzL@?ZxP=dc$m5}QaEB}{nt;Lxm@|=x-ahFmt9Sy_EU9q)WB>);nPvV>*b&T`X>mKfiEROjB8R9?fVqZH&dE7dD{{zc2Xl7)n3$KqJ`gclA(9}N zLuS#^>1)>~3448yeeW6JZ094WU0iV~MrgEgnQ-c+6NwnROFd+-BFT^}eH!DfPJ(`1 zR@-|TpPra531Q$ryGAOEVwsi+A9n-yUag9Lh}Z&_ahcuABF#q~guU4&0$>2YR+VD* zEN`zP)akrGv$yqOv4FOSWA6CMkkOC zdQ?i+nf9{v%@O+O;VU$?sk4;Azj2kcv5wK8HgPVh{#L(OLJc*HiI*5KRB+_AU2^EC zdxA07CHM6>Th3GG*wV+kw^}AFX1KZQd^*+kT-z3B&iq2)zfM@hD_K_p1zpMi@u`!` z6!QtS?@~Uc=~pa9xz?Ir%^*iA+S1iL!1o&FGd6YCdaI_mKm$C3uj%wnqrarH=So3P zm%|t8OBi~(g#!P5MR%a+aknSWOi5uxE)`219+vllFhLg-6X(KU2?+^>wYB5SR49Ta zO}GVuTHqiIJj=M*unT2mbF3}$-|Hs>Cty7y=zA+ge?w%vtUh5YYvnBuFIzEipHDtp zLg{f6-1vfKvHg27R5%igVT}d=)wo8ttKgI=l93pesG8QK7)Tp{%kVDh0L zpRaL0pNEb9<%@e9;t#f;RzC_SRETTBZiZnJv08QwzOq#E{_dZTN~>1%lu$MZ{F{z$ zXh@d|Ks)5^iIZm%OEWu2-Rxm!-^QaN&VJ4e$e@He&&sd}VKujdgyl=8w=Hf%FNymo zia9_ub%Er{gymNrqr8NBf-9i*AztQnM=d}CO4A=~7xGs;1v#2M{qC%$!LxwYAC+Ew z_cx+45_;v{d~lWf8}V@anNX@=y3}mPnz#F|S=J1A2ELGWsaxk!zt$^=^(G$e#w4%s z!edCqV2o3Kst$+~fTQ63X{!8jwVyti<$J5DwQoOKKT|EHjp&Sy03p%{Py4yx`5Unn z75kXagBQ>qH0!byBf9CG?tIAR7^<@}{qvPv*Gid<;atP$fQIhwpc=w!xuL6W8NuPn zo!2y!4r<%WX5Toi+nS9uI3rw5=jrI$=l}R1Zt(QL0Z?B(KDxRj!e3+e9g%Z)a|gvc zPVp_0#{+Ywde>gxR_S>rg_{rVNO z_=m)Adld^G${IEsDtj+vY2pp2|6BG`&vHG6!`a|YrRQ78QU;rXJqm#M;g1y&+lFg9 zO*&1HfaIlQ$*CeY&&r3j)TMZ-&C4Qm)};{gYGo|c%t&T77WV zSm>H=G{R0lX$5$nh3YlCG(3lP!Opr@hL*1A~y>*I!~tr4Kot zFITkyJM1&rT=%(Rsi&G+m2CCul-?sU$Pk;2*66244!DehY<;U1*7~qEjVZSNI?@$y z@#m_hawzf^%uw#J#~Vw>BPVB}5OA(NBOxW#-4wt$GE%{PNpcbQdiIjKHHZ&alrYOI zolo)q>Wq=44PI`m5`%HhGGp&5XBHM@1yT3EhNZm?0D?dl1;6!x8DNrazz{K)>)?(R z8iIi8x{`4uKkY68@3aWCYB&9UoraOE&uK#J&$%c4P$o0`bgUBFTz#(X0$n?0-0x&G z-i9z~F?J04Y?_24`xK}LK^Rd0ooBR~ihkuz1aZnb$$x#7AXt-aby)ZGpZ>^ve(KUW zaO7sSX(ojdo;|y;X>!>qW_N{mbyT4$Zgja`N9+*yT%gmh!;v>U|0_ucCo(#w1~@%b z?r2$&f}&vm=B>hq5=xYhR4!Fnd0nF%d!jY%q&C*#GAel_!8z{N-^nJeqx5(W)(lc^ zuBhfeCK~cfH}2V-5EVP|y%#XM`p5bH;hh2qvwF39sP-KYBf8 z0AEh;RXym1&q>XwXO{sF*MII0a6cv8HN?62sQ7Wj(l0S!?!(@U zVdlk%$D56n?6GVZ18V!ugGCUS-|eh47TH?<@8L=-_u|;7|4KfgW|l}74Slj9Yl1`L zM7Px>wnJ*$S3|$&J21gOz~GgfCx)7DW#fF5M-rBbfqqxCwAm18g`2e@rH*aua{GQX zb|Z`YHh8ZvhEsh-le0k{h1)=-D%y@>KhHJqR9KaciP=$o%GBbE^WBmXXnv2Lbwc4V zQ)h*gFGtZtLj?qBnp6xu4NYz-Hxx;RchD`1^$Wgc>U?x#hJjU9bjKF-m>0My`4eXD z*8PY14h-nPK9|z5+^xffVBvNi?VHf14L*HJVMwIj-R$cHz4M97=jq9V8fkN#f_`S< zcf(DpBPSZ!x&!A8qx%`(`cmAHeP~X(?4cM>0xB%v#r>nF{}8Pt>rqDyZ8==rp-4g!xqg zMZwjSR^4Gaf03=k1#r!Jr)#LkU{`@*cQyJ(F3lVkTGZq!FyO5U04muN`jr;%%orF~ z!3bQ$tcUn0KAciWz5VxPd=pzHHl@g8W;S|v2QW~BL$ABz)AHBzM$r2F+9`;NKd%=Zquv-Be%t6?FGv`)U%nvO%K>Z_>QadOGUb&ov!cIInxF z+Lmu3>KWSIEyQ+TVp(;uc!#*{BRAKaLMK_QwdQq+%eJ@=Bhr!C1W32jj9cN%LgUe@ zHKv78@(`QYIEl>k)z15|en}tBa?vLT7P=(9DaJ6Nb%IZEJA!Me_XBRvOxlj#pmo{{ z<;9M#3aK5Rg%vkA34iKSe!C@@7KUwR&v3}ZQ37Ug0P4Yx8EOL>0q`s1*qw6;iVMMe zAnaenV&i#EjoZAe?FXcJufj!c4X;9C<)1I$N4eV31czTLe;;+I>&f!@ZA$mf0G^nr z=T5xMj@^{o9dTMb9zz*(Td;;|7-y;l`f+Z&M=ZE;rN~kt%pt7KBj-Kyh}~jB&B!hi z*#H~8%6CC~%~JGuS;%@>_ik!@!W5(T30!r`*bBa^iRb>njG`Fup>oX3!a^5CU>di= z8E=3;#I0CAOwv=UBq$E2OAupU!1eH#c9o=n#R6llQ^e&bbifhyKsP7KE`F#B<7j&9 zInrOJkSXT>bE+7kg1vB;GpOQtk6(7y8SILZT0i;%>W)pEb^K-MqGEEHbL@q*{-U#| z#aJGRUVk-fWzu2YW1aSjLfVTj1$JT1g5Jl1<=ezsI%#DZB#1vE;nM_CIjH^dwmiA){d zVEs64^Hv?;)8Ac?kBJmI8V+UhJ(oF!4g1;X8{avL{IG?b5Z_J}snK&!&{=7NY|2dc z>}n%=e4jj~u3b-&LhCAt(78gdP`Za;H?J9jjVt|p$aV+Y)9i=Xrm5-<{=c{={2`gh zZ*8{pJo47#>n$#|_FBzYtZS-vqf|2^W@y}DpX-T2#%0(u`1_h(#o8^vUps4B+gM?b zu{B{Lp2`Cc`{-LGTLjH6rmXERd5DsC!_}0J8ugoU-b4LlPs=91hwQe!B(bxuA722j zh;elC=(&TE))`w{9_x5v^sQKZtXW&!TKszd`NQ~86hUz-lg5D&NhmYmqF*(YV>Jz$ zxyu!cT%JoUD7pyVLaY`!Epl#DPi zfJS5sGL#q>M}0#hx>-BQG{ohxGGz7v8LKlzGw!(ho?_D{5PkuXoZ9Y*p_Fq&V^($2 z@fA!`fTg}SYYvdgZlZ4mO>p^ZrMgC0k+Rqr3x|$1*zBB*;Be1HOvqx}a|q@qK8v{* zE~)5~KPQTrVwwVvs%C$e>z8lF`5terK{IURDu0}GJ(qTW4AICx4|!~R)Tnd6)D%DO zCSEPjFkG};e?N<=_035KKd2O?TJ{y1TnEs>HE(8;29nBV{Mpv^6(dd^EgeuUx{Ajo zn!JnWHBT&*`TwWj2uS~3xI~8Uh2{%n7{bb*eHYwsmhkMl&zWh{} zN)VVofU;ZP%ja^{I1l0ka zRXm!^U%&<9LMsj};<>Eyn!4S^^ z>9dJsh|Q_}3AT8{TPr+eQj`e}z`hE~)G`Fs9>6xSQdpKMsO$6#q=^oggik(PtzcmZ zQ_@JjKH`tX z%_(VX$ar!@evP;E!jba+DN%wZG~}?||FKPww2x8;MfbxspY2$BXd`zen<^^xub}(+ ztgH{#Z}2IWAzcYbEM_OOb=56^TFA|AoNd+|zLVu(&#{y*i7sav>fV&mi+hfTl+sP6 ztq)so@*y>VzdTX-I90~(f7gO7u!+_MNO27r55N2!V5AM4>b_*TROk4omreu_u*R+7 z48w}G*~2Gc=O|6m7N|Au+OR1=JGSwWEL_^q6-kw)CO};ua#^lrIV|AWt86e_zJ_y3 zsCGHGla|m1u&4VRor&BXs}PrZygof5=H~jZ5p)d+t^f59R?(V(6raREvh-`EX6u+ps2YTfWkU7@>sTr=8*Rlot&zO zB$abY=$JN|Mej4yYN8z}0y==S&mczJ$3?zpp9bubR^CZu%@X@e`G_F2TZAwa@7>6c zGU?YjE3L2*Zsic)g}d}R*Ch!r{^|4>8!r!Sw1@4MewVQpLlEBcLRN_cTgHJ*o)q3Z zQY7Dca*%sybF^ktXvRGnQ<~m+dpo~0w>V*wurvsndr&F>+P&e;t3>7*XjkiZkC0n= zUVQ1t5m{4wf|0r%a8Et{CBPULb-BQ%SiG8kYQNj5o|5w1S#=y_TeM0&;CU55`)vXv z)Utgaie9i&1TQXAb~or~8>(6c_xxOA*S=5wJ^EC}z92ce#n^h^&azrfx}jf+4ETt) zkU$P`gBVXX#-!?a#^~za%`kY2UtvX_nf7_cHdz|C6FGoM-j>9>zjSutV5EFmzoetn!P+-$#8Byfa zG6*Mi#=XldfSZClQ<`@#w4q)Bo zU&1}5)SLY-Ee&n+xo7=Hf$H|(yooFzmy7Cu@e~g-YYNBsc?DFcob%MI<%)12ebw=1 zSr7-ysg?*m(w?ypX7tY_O2R;w9IUHzZkEqf(Z~ejFUhp<$5&|cG_M}EUsmRW&i{?} zlUh1=Tj|Tdg=SY&-Ex8ZmV%fCXLb&Y31T(k>%pEdNAt>9S3c;T5azdtj<6>}$TBqD zQRxi7EB(euO>2tZty21higFemk{8SOqCD+A%wZXlV64mU&sc`(l)x=Xst)2-Kfcl1 zPCr3_Y8-rCwma-`-d^j@rI}W%VPKDuIb}ksjqTDOZWm7L`1>D2MDzmK^)5wkZ|?hB zd(b{vY?hKAIo3ua)dK;@7@~Ox^VepT^Ivs)^(p0S{!N54o0huHL{nZOAN#z6kHzpt zwuI1P1Da>=tsfrSRTUch*J*|sM)+k`6JnUHA4S$x~ zl=OGfp2#iaaM+NlHcTUPZ>VvZd)D(UujGe7JVFW%CY;oUH8!vQNU}*W=c`#>zf`n} zwl3p=mw-IVEXVu`d;I=&n-gfixOlF zcWh|Hsq&m~k4eH@=VS9V?D^nUcZEu`|Id{ltifx?(6d_fexk~;pX*~e%OT8{tzmhi z=soYlkCxZ~;LKo64ok0D4r#zAY{1Xw^NkuCs9#v7^P$~utOBGstG1@7);JV?R$ag* zvrCGMa;WfW-qTt50%^G#BXb3JCH!taZ&uqzCNj*xkAY{y=1;8}B6QBauaPr?GEFbpD>>4@1|+uU7o^?O@YhuYf8-_; zpZ+!TJGOB?x|_u(S*}rhsvKYfO=|E>W-ap0)VW)ntxLJAy&cndHA20;+sHNZ<9g5mCQZSGap&v?WXZ775q7{d)_61RWG3+z7k6 zV}5%Mf*Ty^HOVUG1YMB@6>CJH}r`sOzsuUZMzS<;uy))%Um{jdg)k z-&{v?!$V)-TE?S$;LB^zN?<(4Q3eVUex|Y|W90ZRB_ujm40sUQw>J8HPU0>8qh77% z?om~eQe%>A%MD;snCXW=k966fay$^0fdbE#lnt864&*BQM#Y#t1MK>f@p2p3Qt>~W zePvW!-I6u|f(Ca8?w&w!cZc8(!QGt(8izn|cXxM(1PSi0jk~+^b!NVqdFReu>%KE< zogath$gbM;ll3GkLjp>truP*|oY%z?v5GCFb;VOCy zaaIBRz1s3tDp9s{-tHZm+M8QNAM-`wTVLBRUt-GwqQuzLE^-?V5wJGp6+DN$WpaXJ2_?)mjX(bC|I#qUT_!|us;aam98aDC~dbozBeUCvo0J>BK` zZ2QEHxPDGZG6?6q=TScT-D=b{K}$!XSb7%6=+*EM_UGy+c$WNm+=d0#9xYw1PVFEk z9IG~%fepI$rKYMObP7Sq8dhLj0u>Y0FZAUG+noml^KD;NlO=zgV;iv1&3NAUKFI?9 z$SpQuQek+(@;h|Xc6sekvjQW%Nxqu4SHSz6PH;G7qfzgfif~jJ->DnfC`zI|^SHi4 z4KiyH9J#8I|H9%+Al76f_OUk_C;i?Gi#gql+T)}QV0>HKWIW?r$2du#lRoxzVDywT zERVZ8QkgqiE4lh%3s$`xs+BkoI{-$iR!f0Fspfa?tUg@idyLp?Tq{svNCVu3W>jQ= z%?4brNzC4|k#eQ+y=av1Xk`j!`ulK=8 zp-BDfK|^#a(fNDh?~Ux#g;qi3y+}Bu69Wo9!J;7_luk5 zN%AS5HZ7SslD1qPh98)hmO0(}sB4w_!l+A4q?-#?Q`?k+sO=VxdTgkt;{=tdAY=^e ziq~zvMSY%PFR1hRj6+V~#xQ+#&q!N#?lb5z+6((4T8~;O{Aur_uW;9S2(`rU8eLRD zp5PDg=RuLP%tm}eT19GSvVtk#a`s|xATb8kByHv782|6X@k}CeiCZH24(^C(|4qWg z&;^ZBk)00Jk+rgE`!>SPc_p2vQ%|4V+v&U;PtQ`9iiNf+;i}~`kDKZJvPz{)d5(q! zoUvB+V+~8qW*0s3lQ0xV7)WO`jSB3C-yc0nSn0qU4ST)itAh~yHbtuRa~=E`r&Gh0 zOW5YyDjydbSwimv`1Ir!)4_qlM_xY!HeG1Nk3M+ZM3dk}ZSH+1?{xlWJG%1t2kqPY z7N-s;YgqMg7iOk8vt+pfmM`>rwXwOg{>jA?xuUzaYg;bfenNRkv)pRw;V#e8ScX5l z*W`$8YI>dRb>YKZZ7_17nH$yj5{I#|KwMDJM4gG1L}_`p#^>*i<$Md;L0+}0x7?c} z+#m~W7vRHb0bfV2SEohuiWi(CEc*woyAJa?5Yy$|@@zC`BmHsW5!Ov6wWyGS5oY*Kj_;*in6d_QkN zM1Sc@nhu`=@wiCn*)H&jb@|anh2y6^<%(JrN)0!*PATD&e+7V|sF&PFe52X**|1n* zz>=>0u9u1k-9!9hEleT}}fOh^Bi)iRUD#PHZyBg0k> zLp(U;K7c%TLUO#^(e}8-G(wJiv~S6d873fK?c}D|RCWaX==8~@TYgzGQk_Z)9p%m8)v4HP+OezJA98w;!pv}(~7fEjs z`crYsL90HC%a;p0>SZzu#1)QT_ns5<_kqv6?>66q?1Qx^SRe(ndaqhF7= zfOhb8?8VtVff^0S^A#`O>ToYH69Klodk!9tFWSevevNnF57CMXI=LFFA<5#tkxqER z@$6PTuRONwgiM??;k56YI2>-qohBAo6)n%*ef=!~;@e2-04HmwXzRL?`nb)=iiWi` z8i!<0a+kl%OS7np1>ZlweCoQ%O@br}=sfUFic&9gsm{DPOmbT+3zNQ5$$kjy&{_T< zn&S3$iP5qb^qoDRJ688{ZA9X^*0kZopwDJ}`I{V6#=H+6o)Dy5JOp$zII~daazGUGhxzhn0X3{<7zEU8(dkAP)3{?EQR~Iio1Qe|qZZ zDk4LI3oeq6wCiw(NnbqHzBO{v9&BXahnD&PE0HZdZnqcr zB~a6^`%o7vw#X>YNo9b5=EEr}byU`5Q0}6jukeq%6Kc}l9%hYw5R+PF=FDsru{aSN z*%?<&-U^pZh%PkroIJ;_sTgQvA-h`*97Cy0XRtR|IYrwJ+EI%>W)4+Bibo3~QvCGk zdVhNDxw7pTQsDOTD$9OQNAL5iTa&K+Y1-i=fO4aiN)kett2sPqospFE*D!)EXWDeD zi&fi?rCv92l@JSA*&oKHrdp>~io}T*PKEGAgt9V_!4Q!>LqkK+ec4p{&C?=^63sT2 zBL^ra+O+``@93?mdRsIMS&ty)GCT}*_-o2-I_h*(fCf>bgU&V5d$O?f_Vc%Lu@Vvm zJb5P%M$7#}HUY{Mzf1t12Idh=uPy!YhY)%0ci#zXbho*D4a>IqC7kH<@)Eu#RSC9H zoztzofC`E4W;`p)sm`6#lJ(?k7qjh7pockd7dCrxh@?z7R7BAR*Ei`Lg}poq%A6%f zia5FUbwvvb3$VDA z`ejVga=24~^wzSQX1324IkK>Kxb(n|Tc_dfEbYg@X5*Ia{H_5cGXdHR)+Y_AO+)mA zcsH|SOx^p+kiMR{V0}_lco+oE*GOVVzvruY(39r(uqe4iSleV2x; zTfRm4Skx@TaU&QTXo0{SZ>oW+@u#YEj$M>@%d<^apFGxoBXi2>})#+hh=Pi?mo)6kRU;~ zruphE*qpJ+0Z%^L0HgIeb=i;Jd7hjSss*_z{Z=C^bV+480zNtF{`dqRLqy0vQy)5O za`U*oySZ@Vg$?)>|AvHyrOom%9(QyPbtO=DpG9f1dj$k_Bz2kHbO~0t9S$Jw3pCk% zv#Z=ImRkA}|9v8-W`+@yp15c%4s5SjjoJ@S4$f5wB`VUlanb{x<*_uW{Z!dD zW6UaWo_-S^G&<6$yYp(OXUzA5fa4S=@qcfBmx(U#aI86&_&uaGT;l!25<&39vFMdh zprt0_D%~NS3BlcYV`qnJwCYBNapKqdB9z;@eNBb3A7(Hi?i1mAy%S}78raLpp0iU) zHdcDK>hm{KYOdvHP|(}JrvMq4DOIC@@=So^SjV_WVLw5p_v6n>w`Hb#`+bX~IpS2= zYj4k6cIn8pKnS0WV_eTC|97Zsi-=?5om~o1`7-yO#MTlTCI)Yh4>k4Xw(YZ^2y5wA z4pC=DqBDjR9j7XjDvvW=%<;SZM92F44L8dSIXg`!-q*C7Gj|=vc72DyghwKA;<+`g zhq2D0+D5|s06`#`?~xCXdr7yg%8`k2`$_D=^wex9PLsHljn)5&G07>f5y(gV;G;Pn#a8z{lV%&gwdIm+d)_h#az&KlJaSZI`BE`GXlvXOwLTuZD$mRX{C2RW#VBT z|n8v4go2B>{DSGjTJ({FYIzN%g~MLC&wDDEuyJ|Gr9Ya zZClmYsRXZkys?`X=!|)xU_6kG%=-1{Y{){tE7OINXT~PO_u?!`-|*5-xDpXP_0c^o zH1F=C?r_(ImYC#RE-Hwxov>s zD=6%Pl=W2?S5gzB-Zh2FQy|8eHEY*FBcUdLd}ojdViNtlJUk&tyPP_ssv`(*X^{u+ zdhX5rg3~R(I@r-A2fDzCCbH+^gUMtJU*TL#{|mxY0|k*SHm_+d{BCw@GUX}g$j5Bz%gih> zkkwHkMNvzpZ#IHr-ul7)+*``9n!2y)^QTe4O1H6_{;gG>C`>IR$Vd!M*W+Y#VUK}m z(y(S_(Tq|Fv3@I7CerZ@vUV$T^K5d7$mpmj6iNyTT(j<2F-TO9X0N{}DuiFAAOuG+ z-v-TfIs3=a$2dI=*NiEei}I2YR|`*xlrYD*};OwsJt)>Pz=oPxi8 z{ldh;DsWdhW~d4yYmZZKb!7*4^O!u}=ouUy_6%&w>@8?p-dtKm`gtn^ejE7ssRtP{ z-Ds(4=F}_%=y|jV`UC|@0`Yf`j%eS|jb4Hb_n&3O#o5`}B$roLB(2E&EsQXWeMFC5v?FoUkJFrdkD^B zp#I7zDx%)m-lowzL?+}Gy}7v|T&hk>BY1dvQkIm2L&E<8*UbZKA?&qB^2r$X-?+KY z57{*89Z+gHJUH5y!Mp0+Rzl<$N`+sMbE4sad zE4e_`Hy$T)g8#(>!2~-KzT2xT!)FWl`{e)iN#Dy-1w{n60KLqAKCFk#)_%Z#t zAE#Sv_U}*pU$69zgXnehzG^nC`Xf;P`=d1)e7`Onj_Uu7{%bif;%-K_!a5-T4z>T| zntfr&N?i?(QkehoABcAmKRKZM8y?m;o%FO6?X20CKKv_WOo&0RKU9YQ%+>n8%|)jS z#AaJ3z`DlluPpxi=enZc`L!-q zovjuYFE20G#!ybcngc8&5ebP^XjoV~+fyq+1mgb&m5D*5wxm$%@fN*9FzZreS-QF6V?q-dCaGbxA4$QV%b@t zXG?uBLH`nckI;YSx7VOo{y!)8S{xGe0q!(nv~g+oYAUR}^2mzbczgZ#VBX`BtpQLl zTN(bk$V#}#U&Q3U4gH^St|Qpjsmg*DAL0MRb_htmK*1)@&ZC3R9)N+*!mNVXAary4 z+V-Q)PM_@|V%$F*xWMo7 zJqh2b>oap3xk)G0w{g=4_++va${dOp{7Y891b{{SWsB2@`LFbG#|hT$RM!>REz4B$ z!$qv66f5HVMQ;9r%Kx1Ie?Pfa`J+W=$OBye3jAvwNVV>d2n3_+P51Y#@g3eI<|>c+B^Y zv|Q6cJ`uG=DJ3x+sM?4d{goB}6bp}3@Af)dwEvHm608Wg|4>G#J@YRO!9Rls$%F*B z{r9{C3WF=+KMKM>9qvE=n0@p|kX)=4S^tp{|1h2Z{7*q*%Jn6QJH)p4|1~c!k-p(c zutD-!@*8zyBvs9R+i3VgnK=eC8oFY$EsH8~8Bz_rjEi*vj=<*_d@IW*Lh|EJfA{Uq z*kE@&z5YRkXWRL$UU8GoHHwZb(OKPn}>grrX!~`*0EDt2yZw^>6e}M zk2!;Pf15|yHjr>U%m3+H{*g;RBB`H?JsIM>kI6QM{@V<@rv5`nRwVl^)_)M6t$=#|1HmlHrEGx1A$0LorGPN6+%8f1 zbR4AY;t4a0l@MK)h2qgC8mI2efOt$b=}Z3_#kU%So8W?iTz~=6mM0h&NGN4>{9keO zXF6ED?8-(%{+FciCHlsd(aSx8lvp=(y)EDgb?%`H7&V1Q<>bUqs^}R=AL38f6u1P+ z3wxLu^OF(xrr?2qAH3wb_3cEY2F{yL`V+yd3I)5r#Tf}%|LC`gIJh64hm`m?+u7U+Y(<-A|#$1LSl}Ki^IqOw;oL8IQq5K zXk!fr?aAY}fx<8AXGDd2671f#>^S?Nl8|T;Z)=lN(ik}<@bn|h2P8@jtV!kVCT}Qz z6_NOQOqoP;)F3+Y2SkD>Wb50ZYRF4bQB;2Zv>V)hOd%t8g3#LrDX&LAwsDT}dG zJ$gE9LSdaANniM#e)&9Iw{~!pjOYW*Qbn!7S|+*{CY^n}lF;u^KT)IdnxIpz)&DdXQ}sl!X+Qtc zSC=t~z=KVv%wj%mVm3*uU%BzAK1b_&j+=la7*st^8RGd?W~oE;C7#1feMULjULQO@ z$k>|)%xb$TKa}bhpV}jEd9-5Crwv+NnqTtVsW{4n)>KtK!jvwx$I;E(6+Pyw6flmm zxooq43V!CqthxJw?d7U+Zd^h+I;zs*O3%jeCAuz(!y}7D&!VfK+@@fbNV2e0ze)Mz zm$4-SjqTtV!wSY0%|0_u%n?LDl0;pr`y2hdU0&E3hmyA^dkZwI5_yPqVr}Q1>{;zg zl|Z6YLr4_u=mkDUx(?Zo9-*{`X}`eVE5fC(M$D=N zRFsUe?)2Qus9W8QNm?#2=LFyfTH34?KEDj@ReFwjG;>Y{;xe~7I>U)Q+|9`^BtUAcJQHl+!vhk~U3e z!T6>(9d=aQUbzDl9-}>Y>vAxJi}-M-RA;yp0{3yGD#ymlZh|Q8YKyEB<-(!qS*f^g zOu0pmQQ)iWGHY2$Wlf5)m1FR4nC3|jk(0I%i}BZ-4{+CFkj(-|;SvpIC(06;-hjEx zY_>m85LD6Bl(Mj}h>wdC0hf%aXfI!$c63MP{x#BFyCB7w+0ZX(DHUJz1?`wA zZp-}cUtCHgU~#0~8tPJhnfy}6pla3lb%XVdJgcrqc{?0Pz6T*t$14pP4hma)l^vA9 z7DiHkYYZ6Te+^E5@uu~>P~LXA!Mi%mTUrf?pJMv;F231`s|Io{XKAQQ zPom}SRl>+zt2wN(8rK2yK?@B;yMx0kGwO0vC|2URg-rKyZe{Y8x8@VrZYIw@JiQip zxl=~FH)htbsd&c!OSlVf$q`^?=}KJqETNZ|Y6GZHQye2=-a#_IXLVEj*??28eQxdo zrQ4ocQW=?wKN6MHk!DkRq(L3nu`I-oy3Yu`_RN>XzqUxHwJXkXxx5*e{jDwa?etdo zaeZ7^Ov6BnBo0>MbfmO!zHxi{ggR)_gdwrU_<`Zv-B^warP%s``O7Hz&2yrb6zLjM z{rRy5KE9!ceLS4#+LD%Ffos^=cF=P^E-^l)b=Sm1y^Y3c2ecXyO#u%3t`@Ibl!N}} zWk-SY*e9T;dGIe0=d;!2Es*1bF6i6@0qas_WOY^wO{b-_!+Q5{3x9IrRhI<0no}k2t@zLBjY{62C3E+ z-&ER7Tj*Clu<2IrEwhyF-!OVy-@fNvXPX!`<(WwczXyuHT5Z1##!9`tElApho-zD7 zfU=Nr#hPRu#5!5RXxWsFxMF*%IxD|Y2`oT)jh7-&rekbmP8c5rxo52O@UruSQHcYz zM?(Ij{jkAE=}DQGh339IUY@lP`L`H$oyHHmfA~@tP=M`jq{VZ92YV~~ zAn10!mt$D#>^AJZZYO>Rf+YBXQ@GV`5@~@q2t(>e9 zKz7+i$9T*acM1c8{mrMXc?a=6rzbNibGP9i2ICwK_%I)C^S0f7m9sZ3tHD?Rf3Lh} z^ylC@)3~SJL_mZrIQ_|FC1xm}s;r0drk2E8zw==n$mtb#jrwx|WJP&_nwipPBZPwF?%xVZ zE==SWQKp?40(@!xsx;j1o`ZF!jq7&KkP~Y-t5S%#W`pl^>Xan!xmwbR-niQOmhrZt z^)#3}2SWGi8f9CptKL|GBC+QdN9bI_78La` zKj^2tJ$xQ&`21Dxkanx{#flRYRtBpWnzVs8<4oYlKfvSL^RNp=tx{EBDbV#C^-J(4 z5oCr-=Fo%3tXV%zhFF13%1Y15jT}sehtS7}?_YeF?8+GCz)M7=zE5?pj`?k70z8k$ z%X}5T)&4kHKe^vsxKnrYT*%@O63Q_>NA}ImCSfj!{yuE38dDClaYvXNX zQ@_9yotM93m1=s%9->fI&?+yrD;!RwR2D0<@@TO6#p}7>Zt#vbb}$5zPiOJQE8udy zj-x8|bsf#+P-KGkf**6p!{Cp}$VSIy|HcwQz!GxE^`Vp?B(0*PDz|>6qn_1*kc|yb z7`tNamLDlBLoyG;v{dZ#`#;Y7mN?1AYj_MxSAtiVj4!kC`k_PYDdCJi29M z-;OD4h*&dZeWP@5Pu`S7jXW zUTae-C_B*ZR1Yv8j)p`Gsl2w&O1kf{nJ~Nuv1Rf0rwfwlSus>(vmi_9oZk~@wdmZU z?)8wGXNb|v%hPMN`(G0K%#v_pMggAf7kZyenl41Xjp=87#$IzEjH%)k>@<^~4h-H@ ztY%_N<3%?bEwz;#|BSxI1^cLY-KG#bKU2eKv-P!p2lOJ{;`X9_6-Is4S)?#~$Wc}w z0S*5?&Gpn~COW~6qTMPld9^G}dKk&$L5OEPIDGIecbe17mf?GKT}f-O$dPS!JFMQ+ zZOQdZ!Zz^W<7N7%?yuNRe_Wu^LQ0T~>E6-71>`6Ej zk{Wt8a-m}EqMKyUDG#-uiLRT<*9}*dD#rRG&Glxs>g_t&MZ#Z#1Y~C$pt}@ zPhCMJaI2A+Gx+eege4cC2`*fr<22?yi1yU2e3Sd4Q}$ajPR#!#iIuHqkE!x3*;oV%$y7I|L%3F@9(J@+G>hjfcyL zxQ&l$r%yR~JLy3jF~;P$L?Texl5n$SWbI^Gnd1_i`#v~081f*%!I8+!%*@Z^AnUZM zf=~!_yHp&vD&e7}{cfz?6O43}M#AG!<*CY?$D6%!>rxtX9+}m)|7wBeykS3$<7*pM z=HbDK5eIuQev3V=8K9k*AnNsRc_55rc2gobT+c*2M0ka#tvR>-Baq(woOkQ4{+G+& z2ixF{R-&TR5dJ-!bAa?TNS{gUdZjKM8#r+9t6+Qfc#_Ld!=bB{7lhU?ak8BfwUchv z^l5IyyqwiyG#T!sMw_AiZL-zr6T#b$GGE(P8`2gUbQgCw^I1z{I;?6=>BRqG`!j>k zFpl#yrOHE(ch zpF5{kk;QB1-f2#%z-`QY{RQUj1mpI$$;Z^m#nGf^W`VT!BDwr{<;po|cayBD;QKL5 zszjk|6pVXkh0h(0T>5eOC1ltVt`BYGFb)yd!(I+1xs!qt3O;56$qt%08VQAhSag(>SqN%bc%iRY-b+q*ISNLuK0c?Za=VX4h#sn7~@vhX{t#* zvrxgvIp|NKGM}fHiaK{G0A>)$*5S4tAG6}xVE;Y z0xnZxV`G!`N)pJo;O#W}4Y8Z&3VSf1+4=eR zMF9VYKdGT>=tF`J89k5A9xhIEQcV-rpOY*HDHGnS=*>Dm=)YFMY{X0=FkEXujwZ~;vmCvB*~s|vCAMP{N#m;W#b!4oYbr{c zcS$No@YcEzXYGLgvTggrB^SU`20e-1W6$ZuvJc5O^c03z$AqeV+Uz=&cjzlhRq?BL zl~05BRr^alA`Wh#o6gW%sS~Zk9fIR+)0ZWDT0>=Gs zmqbBtR(>hx^7|P^A&y4C&J?r@Nl3Govir2va zN%%ayrrSyLx4yLek)A&RGyMANNIJX{cZi@F-;=An)mIq>3KBBPi*rhU9w2ywaPq5I z(<)!7UN>-PkBNyXiiU<3*3S(OMQ6zWAlY%)&OKWsr3Y4#CI!ePGKYbFg4)nS!^5x& zBpLDj3Vtnd*p}(S^o|{=kcwm+x8n~VF0&tu0xZ=0cW?qXTW`O+Xi|vnM!^@>g*?&| z-C^5~jl_&KQPB&3}G)ZhjTRX9(DB1TNzAj*wK)bFPON=gfV1pk)XeQt7y7_E1Gg01&l zCc`F9j1EaFss(anG)4bL;ZxSvL0e|jf8%ZPEvH?KOWideAu1+d05JDmrNNe< z1qol!fnJaFfpb$eHn0bELS~Nuh{XHpjb=f4 zgSmbnY*(kwbs>IzBNWg?D?y)_wA?r%5--ax+g;yavUWTu5A)5mt{>N`k-A9>Q4DXy zgAnaSqYUG~JKQ&PKTOj+e`)7fXf!qBWB;0=2ZZgB+ z!S#M>B4EZN4=RCQ7R`l?i^L!6BExdCVrUNH5JU5t=kr{6quF@}1&)?mdAfKYptSF^ zi?86P5N-arr|K>qjl$3!A_2xQdE#ve0cxIGe-mBDl*U=;TTinJ6z#F3mXCT~8^Jo1 zZ)+>~lqxN2d8<)UCMv_;JBDQ2fX90CaAAH*s7^saiS-kkhb1Kj5aU`Ao);i#F;t&hnJ<56_%ab=8ZhGyQOa7L(K=sLTFKn!=0VkN~gJc zCYfPJrlB*TM$%>fMTzVaBKfDogG-&VhnzNfj#NqU^@rx=)1NN+iad2?7QdPfv?MAl z7A>*g25E*ufJ3>oQ0*2Qnl+{!Pt= zCO2*MWoAYP8i6tu+vA@fhx1We{q9y{D>%POGu!tE>CqJJ#&JhtYG8kmf^E?AqTV5X zq>Y;+E>j67kgIE{y99OZP9YGb-0PnfCw)Tygt|WrZ73WPTNX|bK6I#gysOZu=ZEd) zcD068Z+w%7J)fY0Ig!-WDJt;V8A{Z8D}!(yQJt)SE>_>T-7mrLnh0)Jmy`+Ac(@0I zOwi`-;myWr+9&Hh9(!VsX`WJy(hp{%fU}gHpiA~uw?2vOewSn|RXN%dskQ85J2eCJ zjL#3^o{v4@v_&*x!=(s_X{ix!_S24clieosG$sur6|AZaSl6S492Q5fRr}kDNy(MJ z!IeqANRXWY3ZJyKTkm`|@zFi`-@$J!jiAuKb25vQiNB!n0%$Q44P6_u!6#V`r$fCA z48{@PYC6wrXbB;Ch;8Fry$B3w>B{XSo*`E3G{v8C+2V?IzRHui2v*q)=7lIk%(M@3Em^}~ zl%~2T$GqatvSy?*P16ybyOj@2;26+G@pm<76dfjgq-AC;(I;sRhK~8yC z29K70Ik7cgUX%La8_Bl_-*o29g32mtI78DvoqGs}tfbXuL`E0mpWWgBG4`jdihcP3#m=ki!3EtiemUP#PO z*S0USCj+6ji;Wij*H6ocv>h`mtNXv6@mV)kRj}dLSh(WH2zTu!Pg-UKxW>|cJK*BZ zZj-7ABPAo88B=)Dgamv(CZ$EGQ+L#Wzu1L^^6Qi(;RAM2QDNBGW6kb%y)^)R!2Svb zvlE(-!!hO9IYHU>B}x~7DnV5fd&Q^i0qJo<)SbGkt@ynxpZHuhWsalwZS<5bWuAAUip@T z!&qc*&P)yAXOF@I=fOG^NPavK zWTq3E%z@SiGWA)=zP5ESS6JlpFn%zN@AT(UE1=(iDzH6ZN*3gGlDb#Yb{&Ec*+zu7DGj5xPB<7pGOo6l$Tf!cz#?aeb*R1H^`Dv^0xj=3q^?boB!)e>8o!s%e`C&`Ql z=Yqy7QUk97{e1bL*B<#42nIe5oVl3R(P-FZcw`QF_>h7SOB(s=QrFhugbNdYojGJ` znC$}yF*gmS%Ze;K7{JL&l0V5x`}j6HVxFzVrYEf^MmP3%9dPozW8c>+b905!TBVxR zA0&yS;#^`S*t|8pQ{k?=dwQ^PGDA?NUSIx?_}O_A3&5c( zIGISA9h`h(iBAT}M?}_DxfZph+GW&%-(RLmwHy;-@9|a9#=RN#KzFk2fG`DlZvxuk zqi2D?#Ilt6VqNfk9B+O}3y544xHTHr%x>1Y7HEXyVFy;eM7lF;Jl2ih+dw4 z;JP$ietodZ=;uK@?f?!7=2bVoB@;<;l*<JAzmT4Zj*$OaW1G}pf@8DlbQ(40&pS^!{^kK!D zPF(6|s@GMkw|#BBihWa58TiI{(hqtof*(uebUvAyjhd=(0!_>f{|KG$Tzzg#q$1=} zPrv;nM*zUD80)-I{y-r`KUfVUGIu^dycW1Bwyc!-}@L%fgM@Y9qo>MbI2!GvnK*eu_Gwjoo4CQ zsXNV#91h7#g{5;zPP~Uh-sccvxat>M;-&Wv7_&ubIgAa8J<7`Y*hEJlR zxL)(KD%YE^LyxuK(vd^PHrmI4q6E*QI98giT0jYD*$pMa8DJ*2=ts}3R(XpVwOZw( z>>>w$A)8Y7IE*9Qw|^^N;}rge3xH0G*_SzrqmMV7in3pmkh;bUfl0^Ql0(;Bw-Yd? z%RHO$Jj=qKEL@Npwc^&TE&F;D6~iBOaPgaYhVl*jmLX3I25_uj(-jySW<@(Noe*Y) zAAg_``Sp_@AJf5;&J0WPtv94gg#m+!g2_)C?Lr)nuqKI4EMFJWcO6Nx0QNf8dDKF+ z%PRn*1_zq?I6Za%(vSL`;NM@`sug^o&(B?lq`mLU01S!Z)6r=q)U6NM<5rD-`cyk zsBIifW%Ska)rDndV2Gd{yBpwD0gPlicO6u(3u}>KAW6Q-g7YrFd8@(oViPXVq7ziY zWDlYDa-y!^zkd&d<-O3M#>U5&_Ve?LPfwRMFfd5H<7z0kI1-JgAT{j+Loal{cV%TI z-sX$e{%}%jZ(9bPc`S>P+M(i+QlE#k$vwC-c%Kd0Gw5DkxDdOEzZY&Xa6K_x!%QhL zN^M;}g~)i4WrZvXsvc%D_4e3-CIrFzDBp3zPTEkg8W~*G*3&*>A{Z7_lr`_$e;+UQ} zpSlOef=a%@E+tzB1i){CVus=QrZm0j-M+e2fvN}pT#<+>BtM2`9`C6)i-(yMIY6Sa zOT~uC^e9fd&z0?(L z+k9;+>e3L!#<8EH(BHdI(u!b?*hJV>IV`1qkuxo=^-5 zyn@ym@pHOJf3X2_s++cw zG}?8hY87Ocwns@Wxs82h#PKkjyd*uw?-u$L=eLbsC+#tJ%t;ZJcnsyB`7vIF0=Q!=4B>(&~gIH85tQV1q1{ruge3o*s!Kb{Q2NH=t*t+o-(?+ zx~SUY9>MJdS-_dhY&X<>EVm~tmx!5Sf==9>Bh$Fk5C#$%+LDHApNPYUj+J9*fz*_5 zaD)bREUQCK!O#*<) zZT->2m}7q<%rCPO4Fk!S@H2D!X1j-I1s@-YDKN_PS?b7*krloE!Q=geN!_bOJ;4nU zTRr^&4x`Q52<%9p+u@KVMrF?IGPbg=NW~?A?BE(WD_v?eY;jftnkjeQmEuT-KdVom zV%?myeHkmzI*eYpFzx2Cp&TE<2eQ4?ZW+Q& z!$IumYbm>n?RPSaQkPk7ml;d72P1gYYmx$X`i7X9b6-#r!BQy;w|^R793f#JDh0!E zO9086I%ajKF^Zu(*?l)?_FMGwBM4th4K~+tRc)yClvD&EOCmxH=EC0~=%yuiULXe_ zyP5WP1}Yk&rpBnvKD=7n9h`~oRdx>T3O^bwJ2tkmNTHCu;^iERm_7EzCJ4!6mTR#H z=T%%@k4UA}Jt)Rz?USb*fkKT;))|_Cz1(t$ z3D~7w6B5iMdIkJ~&^p)Uwi!3Sksh+}+{ic{gnc$_?Ra^g8>MwF*Lo|Q0VibiP|-HP9dW!$W?#RenwXkenwY@Ow$3~g zu34ynm(uNZ;I9!bG7gF<4t#4&YY(qFVBA27mph5z>L;(gqm6PY<--S3fwZHVSwF9* z?N2gkcIsLXcG_%U5BgpUuWu*x0vHx^Kn!UT6ga2K7%O40xYR@oOF{!j{DSd86ts1A}3nOU6;i|zyhE-mt3+|nO{#|-4 zcTp&xA^Sx{VV#M=6<*xicxm=mI@Al$Z?m2EOo11$u|P#x#lR2q%3*y{FJF76Y-^(x!I*%nOq7oENU z&DCGVbeiq4BE_eNs0m?q^U51_Z_|fx9{1RnxNI8Qr?jkWJ-hxlu~iK874Z!p`QO)hb{2FktcfBSOYVTd^VtB!3ks}c`lnL$@%5hr(q^)JXB7yF9LSW8tPkRL}=i?h39Ws>6 zNYF$0zce}}a%E^`CLY~pPQNeRK?geviIxTC$_67qX@_BF@2Rc{MT`-=gr~|c=3{8c z>*A!p@FR`lp?yQnZKG(-$(X~VD%6QoqI{1jWzKqf$D|dxyDiA~xL0b>=SG&|0^4e> z&X&&Jr_-tp+J~Zld!`7xT;wcCa?#bwl;(FQ~LuItli<3kG%+v5)3J9KR&P*JtHst7Tu)-fE@7-fonv!!I_tv?{3mu4Y%2 zl_cwbJgC*hg?RkzTRQIYLmJo7HuY(GW=0H#w|S@_sOkE-SDkyH#tBJk2DLsJY+V)( z7OR4WlYywG-T%PW5;X*lIhbt6XmSpAEowpBa*pf=&+MNBh;g|z(GTPh{EpfoNGiUr zIKK9fd+9m%ej$0o8h#gZbrG!!y7D~hEx}pg)al~PimWJ#Y0JItp);}#pjIvi;ucoB zddp@musCca##6AzLYIP7!!8i_ce5DlxLvJOvR)NjWaX}ii>3o9kjb6XT-EKKrP$gr zdwJMmG5LI~(CRxY3ZK^6CZsq!22z$w%!-*Qz5*gDAq-Dil;~(v<46>JEcifdh_u&v17nkgwp)KY!it-|}t&y_* zD(1y!d^IuJiE#z~i{WawT(09LPjA|#pZ@|c=z_piOBFVcrDQ_2;^I3mK-M^8PdFjZ zyHp;3oT|L&id1vB+L3LE5N5hv(l@US@3TYud{@Zs_gsdW=oKLejD|FCreBpafGqYsJCSG)v?-7c=)h%h$irVQk)DIt z=^b|W2kO>M96cG^Tg#)?NVdDhBO9dd3d^mI-UC?@!vg`74-`^S(T8~a8 zhKA|EM*zgDI4@7ASO>z%%{H?Pjm~vTSLRYoTPct1rpWQ|cz_G2s)7i#kN$_4JgWzDv&E8|uCBVCt6N`5sSN3-jz`{H_Ga0eDEKm*OGXo4 z9ltk_ZuiPz?bvX6Hd0ZL$g)dG#9_IsFn=g)7eiVxyzRGQ3Lkln4D1Pc+{>@BkoDW* z4Ig5nK6^hA2)b`v=@lRaDqB~OW?ajMo!%AbV}c9l(CzVO6(auul7)OP%dU>l)LNma z-9WHhY?Lr>$XhfAwk@ZlL(cXeyHh%%>Ut4N%PY6mS?=zun6K&zDh%VA$~m}JK5vDU zq%cqx|IVH8QLQB;+zb2MaJnnnpr&Dc?ld{E&;aQxa$5%pz%8pX`7Eou6$;dcs7U8% zFVbT=Z!ohH>RB9NYTg2x>N%o-;_UqhM+lOajtDzUM*YcV1Ss7P)SU3csv|Cjtja{X z&-wW~C<9^I=)F0BtporoCJ&mqz2tj-#%@AQi$+d&l^7tIm3=xOIJ`avHkqZUZjH1Q zT7hJg*u*jbU`3>dbG^AxZl;vF&EC>g?SOILfbz`^XLseIZcA5o$lz^PE)-T=Ep9c4ueGj9L^jZsbu`6VkT!9^fWz}YhUp~TmeX0qFhWxz+4*m22Vnm#<_7k)i-hSap z_+|X4>vewy(&=M%B|(z+K;+oZoSWj^Iz64R10$Q@Ry7xOPmB>fUhr~h!KL zA0Uk>%_WMH+s{J8IghZ+<6Sj$5c%J`rdp{NX_&hP1h`z+8it3%5?lKGiHUK1F9n|f zdxT-2=e+Kg_MhzSdVZ^H$tNKZy_*a^)%6??RY4Y4kH zDI8hwpiYSQv6D`LIeS?{117G@x4|EguuWr;vM8E^2 z#}wfiqiv0WHS_Oz80acwkx|VPw)02+cKIsCK1}uZU-jdCY&uh)*sW8sMN+5PIG}=3 zQDS|^hQU~Sl$6NVgr3s^6w>kN#i?|zO}Zk!w0ETs zl?-}~VIhlM4frRW0uTX8VcEhx=5&euX-4~;!|qu%bz@OCXqemkT-HO4wnWkIYM7?l zE0`txmziJorRXwnO6fvf5e{kr_|;GDQE{l*<1w#`;+B{Rv#}*gk z0Ze~6bNQ%)ii)$9AhF>buF@p{o^DV>$M}={CX}r+tX1m(K>c!$HHJoqr&0hjkSr46 z*bi$-gKo%?`(0u%!sT8hNvUS55)At>yKjJrHf}-2BsIcWlOrlFRnXti|#&jCvR;!1li;22Y))Dyq1lNxr7%Vj2Eg^c!I1P{+6$ zC=+wH6p%o;P~36m+4A<|QxWh=1vm>X=B~A({i4EslR7^8U31-8lrZRrgJRim;UeV7 zT;Lhpo&~Gcn!Ps~aNP>1a7=^Q%T}$s=jLwT@P$n^gR6i!z-NgS8Bs zE(TMj_O!4^;^?GJ*~@@fdR2!YU(YWzrN+-pvF$N;>pETy4cm zL)ZZsjU{UF*ypWu={{Q^3;9k9=x(!BFMWAJSfhP}Sm{K#7i&nLoXDhBSa3KD zY#@N-81ezLR#@TZuMQ2r1)pQI0w=?9*dab(_cZu$_ZG8QI{=kcqn`j0Ztg8vY1Xud zv)CHmSx5}BGRXmn%iV}+m6>Gan+w^o_paf-5hERwF#AHhA-yRr_TnVcqym#kjBHaI0lnZ4P|(MIDHQDq%1 zmphfpS|!fZY{{{o%#K;ZevzP%X(aqYo}OQ zTPbTy51`6Vh(jEON)&S)X31H~8IO}xE{NsUMNs>HV{azvmunzH+6a2w64o)JxytC( z9=(6J9;1e|2CMnTABnUk-nxpsE!JnJcVoIZGlR*ZBwlqstJqC9s=@u%ED{(cDVC*1 zd-0K+K;1HVAj+lRFQc5R-8Nl;?tE>&3m2vn1Hs~2T&pIJbxS0bKT8J5#?bbs5M`C& zw%R#y_B*B8J)03l7qV<4G@Y4;9!}FB?FmG@1FM8lK%LKJ~5K-+TD7f^Q@&z{U1m1NUzI zPM@uRgJ+_{eMqX6~?;l6> z<~mw1Mqu-TP$WnXKBT0i{9*};hIa%?BvFwwrh|&(j)W!1 z(dqv2G!ztaLoV*_u^xGCd4nA766 zmpc%u%rGRU+g*QwH(kkm^(H7xkkprPOgHT`RyLb$uEx5gXo>h}DSZ6XKfT_NaI4kS zu!ImUE~t}}z3c={g>*{g3i)u^9CC8X_5C3!>iXglIreBeR>`hS@VelKK*T&VjspCN zOejsSrCbRUWyj3*r(5flY-4meio@t`zx$8H`F?UewXe44oXo9)(-UB*$aM(_GVYvk zZwAh;GVnT~P?%Y}Z-xT{OKtVZ>$e^SN@CF1ka%#^uwm#(!e8&LsFy(zA@#gU>{=;e`_0cAT; zIW2j0yk&|LI3P%LMzEQ|N}`OJXq;7aVdYtpgf?78Ni=rV^;Vrjs_LNMkhIs<{Tr6E~f`PLuy!G;V&J$usg*mqOXK4dj zVIc93pUfKeGhc0(gN5B6tGea9fbDbLu8RbUc|?N?Os(?#-cJcB4`UkmsV7|DaF3U< zy*soLEzS%`^?F;3gOMx6)rxPPC&Bh*-ekG{o%OF*6Dr}r3W)Xx-$Dn+=!68(5&$GP zi9IZ|wKEt{5YzqLQDmI-2)$yt5_oE)zg?CP=-oJ~Aq^i+6Sr9y7~~Pw#5zDTQ{g3} zZKjvSa+MqomzXB~SwnaL4~qdjEGDSX{1=u0#n9DY`g-2Mxrdon!2MspO zQJrIoawh{owVit=n@ltYqDWBJuHe2Mn+|h3SoJR>0D23ym1j1=P(+|Z+CuDOJ$@-lw6*HyJ3`P1)_E7An}yNn0*D?5U2?4pDL$rTqMp_-28^*0@Gxz6hpj zhi%$&vxB*wC95~*v3WL$`Pu-iL|HuSel-BXz5LWlcULTP7y zkP}_?VGI3f+dU^s+@eKCjW{!X8JMjjszT^4(_H0`C#iUadnp{2izb2A6)+hZWhAaY zaV3thFvwVYUzrnBA&Z-5hcl3Qlh~Ru-mHgsRB9KhjphmDlFgS-LNVAI zl(63NT8N5qN;;m89kF>DoATk#?rp<`77pRw3F{&ph(cWJPWAb9_=D;UI|~#|)-y$e%aXJ%^${MmWDoF4> zwUPBdZ;JD-$QdZ%U(bOamRzY`EDC#S)#q`sIn5JW%UU}nReDlOge!2259pMqzjD7q zNXuN$bIpkdU+g|fP_qd1_*d}gAG z$8X0A0b~J802Uo%8Z>|u(h}x_u-xjdsH=+;5EP^!Cl59=Gy5Xr^zPleo&9}L9v+@h zbZH3NBhkO)_`5UWqHE-XW(-I5GrV|(+Q%w6l$z$?vSa(qimOFPU_0L|alG<2lky6rni3@;bv9~u+4o!knpPnSql)-)+q zaL|z6q%rQYI7WvKUmdLDjpn9sTt(l@54_HVpDZol_arlKV%j-dVvrDI8)rUl2n^AF zn>tc3jxc%=he_1RrLFnc9S`JCLmF1rlB@lU&6g87fEKDBk)kt;^LI|N6M0*^nJ|Do zKe!V@(coa=2wfuPuEWJ;fv&fAANlCyhej|w%)6=92vosW+;3SYVR#fk>hfbXIt&1z zcPvy3Gk3zys;jjo@j6nObNz`aaKTGQ$bguTj8YdR+jQs zRcaptPRpwR^Ny;g^%~|?LMos1z1>2o##s9sz02#i6y*Bon|HZ2`wHYhbglQXWc%Ys ziA;Ag<~>!^jS%CmvIlsR@Vm6HKhpf3>vwp#?1y`|O z&oLuJXxVT5jC)^DQ1`795L5sNwOn_R!RL7hT4GY$E2j{+SCpT#B6hJ>&|IjU!+Q3D`|dvnyZ{<(k(rRq{YI>8_yY8|4N{U!zeg4 z&iz)ak4?HX0ZE#?WV#j% z1>vnLxuU!sOu@At0NU?bwt~XmXOJU^+i}BcX06g#oi) zk>wjrWOCo7aQ`c`QZWB8PRYjKE>u3AE8}b}bYZN2@qFtr4-su5g%{Oady@esV#>2p zCSSaFEbm|fxhdka@I*q!fVSg8M%$+QC)i-i^6|t9&L@n=^^&K!-K9rN)D0~m0GE(K&JHx;4B|+F-BktyCp4pgZ5EDjlzbNJGU}khSmNw0c)wAP_J-^5TRMGX>;@`CZ z*70<@aUb?3f_m31NJW_E|2 z_(TWx)6^SW1gULpHKC3W!4oPUP3}M+7v5p-Evd_7dxj93p^y(w^-mG<7g(9-ZOQcw zEN+9fJJ=Rm&^~z2SGXJYB6sIHt#ly~5p7W^losxq31)sk9(KaJ&Mj!SrG&+TwQ3V+ zBSsRdA@Gx+9C<(O{WJMxey74MjSOY|+!?oksHmpct4fBTwt`44TB`u1n_&nkPuw>i zY`b~;x=k+UOPj)TW6%_Y39Q;f9G5QcgO&%!Lk6oL;vw_=oWdg6y4>s|@8@#kad)7O z?@(#4B%7FKRYwyb{NA~wslh*=^~>3P8q~WR<#t!J2Q4-YaWkW{8#PzO`;oV}NJ-VN zt}>Z?xcWiSW%e*Ic}J&^ML^l;SGJ3*PR_b}i&l=Lr^eSmH8^i5F_(I(W_Z4~z!0Ts zwAW*ouB|E?cn-&`OuLXcv6{r(r411~ccqx?~Ec?^~O;DFqd8ijaUDfJh$`BrMsrYef-&W_1 z1J(IBpw@0QlYRm}n4uhb*fXe013SIw#_`jjs?Ra|P8rc0#(r_IS5Sbf$vlZ`5TpAf zV#?4P3G#zSV%4xK%FVTcJbQd&hjR=|OYMB?lT3(1Uh{7l@RuK8XXB6ky1%4<@HHYJ z(Ag7aP|?yBgob|dQdts;kN@>vXvr+eWny@AREcX_TuZ)?o0O3A!iub?qoyXITZ@6t zv<5EQ=rlW+>o3Jq%8T?YLn%yvmkj=LRru}kCh4MI4!6%+l3BXefz8Y{F5OIiomVD2 z&%10)J~nP_GoN#`y?JyG?j2%oex2JQ<7wS2rAhkcae-8ZtcP7 zHht7|N02cJ3CjcH9qa~YRTzb^fe)}d#69XINUgT zb>+|*P>ZTGDRm-!>B(u-sWW^T0n&Dou|b)IGV*&;y{n;Q-0l{0_oc;kKZN_1*XCE7)+dbukdf{s9D5a_&?!h`_Lnstmob-I2u(PTYfNd!}k3Mho=58ZM3UjZ%h3p>`%QjlVME{ z)mSH1f0Q-p77COHXrAc%W*}Q1yQF{~YRO}`=XRfOk`qSlmW35b@f5Cj9Fc_IK+r_p zX*(CK2M#6NX%hXF9(gDfZ+5VQ134EwBHs6PYWLcRJh*iBTe6TM1<3CJ=HR1w{jX<2 zL!Gj-$Q^yUpz2I68Qk2DrTqYG1;BW6ggb@LH*ebCxoymUfiXb{W;u!#$!hJ#!i=@|=v zVgS;2LNDGmvO3I&3de$7C5H_KfI3Ep*DF{{XgfnFy5hGA=hXYvI1lP%7uZ+Ohxfmi zVdrTiJpiB=pxMF>AZjL1AcV-tHuZ$h_fAhOcLK(uPn&HztJFm`wm6j($rPNu?vPMX z3;ZkNPX}u}u3fQBAuoUUNbrsIwzP1x_Gg)~ixv*(V?{I+lkFQHs(~0?xm=y3Kl3WW z%ZijPZ7Z*Y;h7nHxs{3)Z1$UV={s`3MY-GiVEe^1pHXUP%}Jh|yMI^l?%^_HI8{{U zSZW<(X&=N(@&nZdvJP^;(O_#76mPG8*f6O3W#~%p6?crQWH`$EedKFf zaQk#I(U9S2Nc9>MQFl-Qti{8~7Ubl`q_z=JOXe%dfJt1|3|?2pd)`h$U#nfuhMRLr z9L+6KttI&PzH1^~tE1;rqOkL3mU#E`Big&KqpZpwb-Pn6fAydZ+Rvtu9e`9kztLy= zl_}-tWg@UfbMMm_&{sbUyIlx4ucP2i&)Va%esVTf-;7!a**P{mzs#!O-R{FWoILK- zv$j{5C9XXTzNfez88xT=1R@41N}Qb#=FJ@;_!G1JZRtkw4WuLKUU;jv7g#$WeW=~s zaV%VP$ve%4q*uE!@89|LYYq3u!}>sO)Q8-@UqV9bG6Ey?H~aq7h$E-T)EiG$(=Z*` zIsx@CO%YF#YTCU)R{*Pb<` zO^{gb0qm+}cd+0mqvG(&0WwQv8rMl@N2gBDlNmbYtUfW9F0UP4uk+?!{do~owND2&#@dsf*M_%{+zaxC>+Hu2>v#HuX` z?9v;`!wAP9b*9Fbb(rJ6pbTWuhM(vR!=@PlMd?|K_i{z+oR*{3az%Ru4hjm)CrV17Cq(cyDn2xE)S7$1 z8~YW*)!yugyEr~**ZH2yXm70DdC$w3VRsCap>O?ozeo}Km4bQd;bq6*7W}GT>HR^C zT>3G+&ZCwhGM%_{29nI_X;@sdiva{pCTsAR7`#H5{!%a0@8qkqG%tt#B=S@*29yAy zpDsaH2ZAsq$6uMHvsigWLmUIeq|IUwy55qL1uAQN@)?g5o#5UUNj55xSsoh#FdI`R zDdj54t+iHEE?kW3CDh`M&zZM#4lPlK2eVv^ofu)-GdF#=r+BT#g+?5D`_LbQA&;=y zfnGY0rWt}8K&f#wtUN7;RmuU>DrB5ixYf52Mm2Rv`nvYzl$fbGt?=^XV*AFg&RQ}< z5ZnC|_&@|$#&`tIaYhG;^O~nS2cwKtC)6G|IQSRem~X;9`(rXXK{KW^#Ma-xXAyQ> z?efnufFxXVm-#y~MEQD%R8&-`*05U%+E-b54Z=LkOWvio2zZChvTT|VcXqptiJr;f!;v9{-_!IFE>SiUThvywEsY%tx_z!_jAb1ky8^buA zmP}FZn&a=UWCFEC6U3pPC1n#VF?aE^v#7&{O5p69iA#1l1b^gE(Ebp0#)3jwUeFX3 zMu9Aj=-p^&V3G6jh9c?zoVVelZyy`yNmtGxG^snNxUMK=8|_K)^9~OH)<*kij-O~X zCge5Wu@Y$i5)w-E+O|C1irXi2B#sAUd)8@lq#9o{?&zb&))I1e*B{PxD4xPuu~BNp zGvgJEV)x3SS2uBI)m0^ENKhQ=7O$TdIEjOwW44RYWFng{TuBLJBZo{%J1DeJ?dIfK z{e=~*-ra1;R*EhXW$1V?J>1rRDPgB9&99wrQobc$kXJ9Jzu81+^zw`ib{DR*xHVFT zLy=dwB_R1}eXfXlSs%NujUzHmd|l>3{-s)bA|w|Zl~cYy`^(S+Mpl8g>G))U(Gd>P zH!sgEae+HvxxH&~Zo8d#Yvn%VFkW?{UM8EsIfJ~tJ6R}@$P|(mX1p_HGJQd=#-_Cs z@`###4XId=TtqwUCAYW|B3h2Zja57wKp*)*i4LWT475vVR+5s?$+~tObcGognv08A zt+_rmx?HbX8o=6EPTgXQyT*TgVxDVtKe=?=m`In23I&X)~iKGts_bkzB)4ua#=XP=ZndtYM^XY zKVCqU@pwzgn6etUoz>4Z?Ve*GNrQPiCC9-ZYhd^3-5!GfLljBlBM%$-c*8#F@(z+6 zId@vz>rB;0=WG72WbUmd1yRu<2ZMFa8m+hwK=*|W6LYFlw|fH07ekbAuS>&E!Qsve z7RK-^qN;WE`yr4N$Bq|y&T%PJ=EY|FETQP^zjQrSCq1F=iTk3STLP+8Vz&?ZrPv@G z<37OLc_8V>XO@2Rd?Jo|jtKY=fn#RExb-08h2t&AP{(fYhhee_A@rI4>#z0f!d(3j z(Ocm@1tM%-T%6(6?glO(%g^r24K_=^*bfzPPtT*aZ}^a8fr54T2^>kw(9TS(P%-@V zP`W!<;soIUfKgUxAznV~8e@q8KWvi@Jc=}p1Cf9n7x2d&#HXi6c)He}3UpfldTfec z6fLM}qX@f@@fK_JjKQIAaBb;~XRmolUeFYHimY-3t#Mm%I6EBoRAym+m1@#c1JHS;!H&Qr6 zgH>$OPl*I_y|tLneItJ8{+Dh7z}BI?LtOdr@uNIHzwcH)EfJAl3j30h=*akZBtSf* zASD&KaDm)RH)kT~un$*h9Oh;q2zINzYauEtF*oCuu;(2t;FO6doSy0pj%B7QvCOW# zQ=S@F9x6`ZUN3gqtb)3X{q+4mY=JA2Wd?L33LibccglMAAOHTJ-`qkM;hy&i;+)(A zYT0M^cz$rF{AT`mqv%M|>nFwXM--*z`A>L{QO9Vjs2u>d^-5XB@WD0`5$hBq7l7QIw7t~3d#S3Z-7V&9 zfg&yfS5=Y!^IiP+-%gzV(Y-!}3vuUk*!D+H8R(2(WUeD@O}Q)`E#ZWw#KPDSB--*b zQD2umLfZwciO7EX$2;NR`>rgl1}TwC{_l?S&&ALk=>DjDS8h*cwjY5> z=>ALE=l?|$y%3Nf)&g(|f0?`ghgTM0R@CzUfcU?i9l=H#(5v3}s6ze60r^`K{txdh zpzfFQ@c%n0ZjNX^NhxL;oVEFaUl^@$G1ewYQXEMC!%zL&S6#?ZU03O3*d%|~(%_$4 zZ1zMzYXlN2dnI7OY93o)gI}sOxrvKq2|KyGD zw&X@rD5%B#+uF9fNtGi|ok-BW#qbXdjHY}0%c8PD0b#>^6-TtY+v)dQ?!UF>YA9Gnf9vdK*O&{~yXR4tF8-rFt-gyhp`@a}JXk*?99ZJR z*Zk`@`wvGR0FU!RKVP+fa!3C;FaG-jzW&kRCyI-L{2QzOzbsu2z|c>3cm3-PY5v}L z=)i)PjwtaP=m+xm=KB{v{^=oc`2G9;^@;ow!RLMqie%?Mdn){IVG^eiwJNXxQ|Bvw@8bx3ktB^Pgw!n ze;Aa1_2UGh&%HF{``UlJtbfsszx(@CMt}P^zu#zvP`2{QL@oD9aJxAYCW~xKqUC-8 zWh|qgu>Ze}tphSRE=h+*f|}F=^QhA#b0cnkZW}4bL{Q)WUz?oRIYo`ZW>krBH8}%UBPKQs)Y~+nHXLp&$frlzT6o8`UM2tK{I?u@$OmW@f6` zprEF)vb)^-@vlCkNrZnFbDB(bcrck8_l48vktD*Y_{ZrYmFde^Wl_^J{=?(r6{8K^ zQ6^UcX=GEdydET0Nojt42ta|1b~1Vs>PLY*gaS!QN+S0Q5l{OQ>`ygy8!Ldcc><5@ zNMgCV-&&r`%`7bovbtn38Esl>-YRCY_eRIo1(q39WVHu*N{Z=JVgiIM3@AsF9FR#w z;ALx4{6kRXxu5Fi+tWwYiTTthZcxu?|1}qxV#8u^484aj&RLmJEs1h%^&#NWv zc@^;qXQhgd#vg?tCw68K5|7kkJT`Lzc;m)i5(L_V5&za^H`-yL7DzDsgOj&g7I zAX>6%O1MpAktfm_(1^s|z5A)nguj$IhKIyYc1wSI5_*V3bTm%HZ$;rvMq$Dw*;lURqy_3bI)l*ju_Q*rwnA8pL`7d&Y@9&~8zw&x* za?mp;z1j$*U2Yj>LH$`LuMxm6v%O!Zo{H0WAxh_38{xTauOt$M?Iq_srFmajbjn4N zwO!}@9EOS{X{I9ff7HPO=?-9CPH;mT>{;gQqppe3Q1c*T#q$JMH6IuXa%!l0`DEy@ zjc<7sppFc!SFB`yyu*;W8uJe9`H?fLggTuo8d>E$^EOoz4x$u*4vTM#0`Tk&CpzM< z>)d?vnRjgA7++U8!j^{#IXsSfhl`80qU1%hyuWfg9-9V!P(KRvUV23IY`GK<&rYe3 z4(QL~LBWN8_)YjGyxytSV8?2Q>i4BFlG(Ee0s&+MHq&6t2Et(?(KG&#uL{?2;+Qm zqa$gudHbo{MAwnA&lxj3gSFPgndD`EUjWzU`|_;?&pywxocKN*Y~fP@>5>tjL?Uw6 z#i3mvZoMxnYy4E}bL>+rckEMNQs4Jr&`I}23=`ruS9J@YD{htjqO!Vc)VSYnGIQMT zoW>AQKZuSa;`j;m>ZUd^OHCGd9v zG}*V-vCkwcWIlI-cZ=D?07Uc-UshA|TdUKld>V(4urP%lJ1=i+Ex_^t+K?rel$I7( zRYd{06_fk(%`a$Z`&N$J6>09=2?NjyRXTKM!ORU8MrYiyiNp_D<3#HQ*H~ry2u1s7 zm#rP#eHq-rxTzTeh`#Oa(%X~rf)GF6_fq$Ly6k?LUzI$lvsJ;Mq)U##w#?UY@~GIk zySbR=d3<_Y0Ikq#+QN@6jI2GZz3y4Pww_9q`z(M4f?JWCz%o0ypf4 zpU)G7&6{&3jzo(z7$~TMQ4ktf56*=7xYhtd8`m@m8CfjQ;Z{`mQYmN6!9XS-kC%xl zZfkp+f{spR@mF66^5(m7e8otl^}}Uiq9Pf?`E@C5E9Gw-K`?B@r%rJ3F@rcYZtnYy z@*MHKA*!7ghgaX%TA`j}6a+P{j^h!SNgQdYJM8HUBAn&;&6kL(?5-d~v${-F+gBmy zO)|ds=|{i5cXMCvank@-dq_nANlbZixSIupi}f`?$p2Z@yBMK^?~jB5?r*8aU4#+b z)5B5DGBu|6E%f}P8rg_`baEvUi{nMgew=xUftf``;Tugyx>f2`pm4GjwviI7BrTOZ z+s^4vaqletVlsIfz9gg;rM4cL)$;;nX|BF-45oBKffc;dx}8L{gH*>#bH}0SHq9rJ z>ry#nx&}JWS4bED(PBGj>YXo6M7#6C8i4o(QO!$@^d;~Eg|5Xwu>&Rg7?lA z4$nJ~5IpWht@cGh{kQgwVx1_Mc+r3x?W$!~4pN{Qzq@Q*Mg% zF_wtJ%4gn#^e?RyN^Cq@19Q`63C{lO8qlB}&`pW$q{HEF^3csrm1+q%jP}wZ?F)}W z;tk$PVw*fmA0H;#6z-{XUZ$9W3rBYP85zVU>#@pQv^kVmmrmr^tNm9)*Xs+z!y)^K zl-pg}T1ZWCtax-W`#{mj`tV>%{zuT_d4KUw5GN7$74uIX&R3cmed3EZFT^#V7ogO)*`{bN%R9c zWWOmz?n7)O$_2R+F;+XGTcQUzp?CK7DEBSR%qW2ba*W&BwcfbmrTqY4PTrfggqAzd zx=c-ZwxDHaWm7GzHQjdgR%dv{Phc6G3O9R#4@5vBKQ2s96qUrWRxRfksZll2+0YK%#f=JXLu_uz!kT)70?Tc8oQYih zC0JjoXRk8X_>x_hXNcw7tDD{MP`aNh{Eq9~KHgvy2E%xIQbTG6qbYf&)`N2q0g460 zLQlD!Z{38?Z8Id=XT(Cs`k+y{vzw_`AW%1*I)|Cb2`t3A^XSFZ22EyQ%*gfzQhiO5 z^AE|aa7k0Pc$KBvoZib;;a;ypfiwD8@GXn+m(Jk+1f-MT(4#H-nu3Uy1ks~RF64Sz zHuU+<;_r-m>H88VAl5Q@-oQ8_EC3>{0pG3xAUF-E?_atR*E~cK<3}C8b za;o!4K$xN4k)hb?|6@7#%7xWOFtXE2SLajRWeFzY#Paz|SL{-xCo?ko*xK=4Izn%D z(C|Tp!j_r~ny&UD3)witWvlrif%^Qdlo;0rPLWB@yU7A)q2|C&4}MIo7W}XPC!Xt> zp9ZP2{Y1z=?ztp$gA(?qYhGq0PA@-KH|BMdR+ja-mf-hz<4@=Ufrv9Y0i}&E5FBgy z?B=TpYZ7k}Cx@O(3pk4iC1uc2Qc=YtqynIKbzEZsQpC0RxHwrGo3FDoGqQq$e)5%6 z2YFtIG9iuC05~QzJe*_^(5_EIjEbrPblrxU$@U|m*!t7bE60u$<_FgUk|_6LqiR2V z_<*op?6Z`N8GG8GFnFQ5x-i#lZoPbo^m@(i87C)u^q9bcc74Q9uqMgJgB?82Nso9N zXiElYb1xC$HzGZhZ$yrWl(lsHyv2Q#8l>FKdtX?}lY_O0H%Nr*Hj_EYuu78Y;=7c5 z6I;WH)9N=v89a zsi*3S+TVHUQwF>KGc!}uxC_l8XL=*Mc--+Rw~Cj5%!_S!__;JyA0yyz^+m>S+2N0~ zfqRCXc&WV00xqmZT}*CAbD4vg0h$#_D~t)xmpRG?CQBg>PoOo!N~?q(P8vVIWVhSU z!lgcfeN`yXj6*W%09;N-Nbij}?Kp_{ITfj4?)pfASXT$s?naRAeOXRBKdbFa=jFB} z;DUyNDI>FXi5!L?TBkCj_mVb!mOWslF0!BDK*hVikccH@w^}RxnyY+fGpG#*X?UzA zbAwHeF+0(yPB7x*6NG#Y3!AIPZpgwb4vJ`aTy+oZ_y!CVT zkLv82^l%QkpWdTCjyF?`g{qasns3Q0?wMbN6nCTcaC+`(NC)TpQn$&TrjO$8?VJuc!>STQj31g*(S8>l>nWuW3xX#K*ifW$20 z9HYHzLeUWke~}-#fVH+&`f&key4dl>QQ`-Zsd&P!tD(8?AaX{Fb^)8r4HJN2Jwxt# zS@(1zKje7VhSxGSk}4T2CeGy%vO&wmrTG9Tn_-}Q4Y{uXHi9`hIphQc{1>WZx_rVT zK)F>VU8V4mX^=|$EU#>az)?K?D}qTRpQ9tQu&5}NfYikb`F`~C&dTX;nR3yiFNj4J zf(;)SMY{C4*X!rG4i&jW1V_Ev3nd0A(+voRVr(eq5(d&uGEZp>Z<-wye-q^ppM;tr z`tmsJb;&+n?YOj7^v`+(QKlZw>V%p0W^yev=2=s$)pf>$yww>EKH#$J<(GB;wZ2h! z|Ev9#iI@l2s;gbwC`^sT)m1tQar*hufkE;9xTGD$&&XUeyH8w$TO&|L@7}+==wmRv zCaE(U9{BWgeF0|7(0FAa!zB&o-Q3x|0P=FUL?$4)j}jN(xr!hQ?R$5#lxW&pQCZZ| zF_km2!GnCzQ|!!kJp}}SXhIfuizS67t7CxT=->+C7iCKerr+nsLAR--(`vcu|j%lM9cDlT+ zjJf2|<4-oHL!Y_5c}GvzE|O$&ZDeNw@1JU>f7bWZJ293Ixzej}T$W!xgzbm@{) zHoK0quyyX6xAzqk1LjukCxb?um7%W~iVkVg%OUV7wE`|QgxFi@`iCO^1>U+c>j_sG zT2tSW4uCh>D&UEMQSR@5VfDY^GPY)SZ+B;~eWt=Qbr)yYC?tEWn_tT(D7{l_^ZjJE zT_}foyefrI{u=q*Hg3LtGXr}MdU;L1ORODJGQs#Th>t4}sVKOWQ4~W8t$Y=CG zW#GT9v+`+L44me|Sk80Ey8^(rVgRi^J~sCH6vu9^tb2V@@bLx7e3-@WpBN?&GVSU- zi_B`tvIx_ReGpN8D#p)1I1@$AyaXc}rRel3L{hV|B0|h3XDm*59?eRwgf^4Wxrrwd zL!PpVzA{O~;JCq1@x9K+uIdWQ`zdBuho)_zdj;vQ>E8l%)NE>>IVZYo;UzAve} z;tWCaH&t;g(wxvw7*0+MedzenMoF<~ggHO3o`|n|7Wd>3*Xm5g&=J_bH`oPkg12eExy_d9U&VlMy?e|X^HdRChlrDS0_=uir+^6?!2JUG)XZPDLvk$Yq{dx{Y5~Rl&tOw!t?pUO13ZX zQ&SFaV-OW8M{qIM1#OOCO;TI(>8Y5SIT`<*<1W6rbBgX}=(XNhFFABejUx$9VC5D@ zT-nh4-H#~c;q(=<=u+lQ@zuh1x3jSYHYva5k?sZ_5rNP%!`V}E|J;gdAHN3rh;>-? zk7ps6yy$<#>A=$bZM8vorL?e9y;G!AxUbG|DW zGRCmy%Q4(5D*PI*EoLFUV~_yabjN;!E0-}oY~4_=SM8Y}O*s3Y9E2D+9-|X~^o1dR zpX;<>wQMk_CM6+LM&vLTEqb?~R9ojGM)hxA(Rmn)__`&7{=Jf7|`oWP@6H4qd z0H)@h5r?>JKwRG@Y+aJ@>SdUPMq<4Mh7^@3TB+`@#}d@9;`~c>DJjvSjD>WHOF4J$ z>k{)k4NhicdR(Dn8yWg0VMBDuqjLt!tKrqwxQbK(eD+)w2>0p-?I`SR;phn(QQ_@( zZ-h9olgS%S=CzCT1b9;+?zZqeM|R#Bd*U!Sg!33S8bMCe{G=P9wQo0<%CDH6oj#=K zy>$sInweX`ueVIH@B}9ikB2;l*Vu)u@>X_V+40>R`tnO|dM|!J{~*|U`t3^}tsFb; z%E8$~|C$6S<+TkMpMwlYL+k@PcZ<7d&nO456lXXHnzC>)uq1jkj+m+8$&m_ZsZJuO z+Q>aUi45NBh7!af?sjm+IafxGRFE}C9;N^{ILS*5S~@;+IB-ICOe{bcTul$`;pIcK z)r5PP5g>Fp4!sU39ks+ix9wDbWxwoh>r|V}Rm*PV{qsnS#VM*-DU6J58Scrzoa+1c zQ{#HFhEcms5U4`Mz?L-kkOnd=Q^`sG+mlYeYt0GLGa2b>l&s6X5=u6JsewFZF?E-# zP2`o+2KB6?nD*5+=Ky40+laJrx8FiyC4A2{(r5q(7afcu!3-YuHlp|MqeX&Z=s!(T znPQrCX*yGr_ZU2!yx0-oPA59hm#|lSySfjS(y`0JfKX4&fcf*8+T}cn&%Ys++Z>Wt_?vJa$u9BmB@!uL~=g)?Qp++;ZH0Y2Ev!m?F?t z&vW!!8wgLNl<@u9a$*Kezsb7W$5A6NLbD&<4W3KZYu@I0yQ1S}K)h6g?=@7f;h;_llo(!9-5uiLjuDLUVRJ(BlQ5#Rd$x<*C`B6&b{ zB`lw}rg%)_wK7qWtQ{K5HOGXQ%>3^kWDplmEFyZm1F zah*g?BTIi@CtJONo;#KKThq0YiA|kk4%79{xx4bl`hfeIOVq@h;%~5Mks7lLtvXmJ zk@b&)M8#u&1ktgqoQK7YuUkW1&nZHueVq=XoU#T&s!NX)MLWRxBSX=gVR!)KZ3Yva z@e(cN_wY)+2ZGZ%Klp^0o4yz5+&4K`a#zp!29NHUD)~jF48h0NaQE_z@6|Pa0a(9R z?4Vi4XR$(h71n4|c1VB(L_z*p=(*Dlhr)4kgb~qgw9b^ls9M&Pk0}%bSS{Q!VC~4$ zZ5S<^m}9Mh?^m>F@Ph0f2#OWPb?eiA!Wv$+@IXGRRKle?FofNa_TB8bNYv^dXI?^b zuN%+q%d|=+cxOJ=uHJdOZ4v8L8(9P=0BaF6BGcB?2e7~;{8^p9GcKHpM@(FTcqVKg zo0L@O{4$c8>@d>y+#{cw>F6DmVP;`71882UCYTlx5$CD+dRz5S2S4 zC$w&};N(g|B)Od)<~pIh-^3@CvP>?c^&1E`L`=mSKpoGOg{EunYPe;s<%Ipy(9GsU z5#z)YX~KG(y=PY2OYi92@*79o+tPGZB4wA2hh(yp>C)!28#y&g7o&zb&-AfOY%c#v%8}O2K|C1W_%#~J~7?#Ru%GlKTb23J9|aV4?G^KK~rhEy@Kt0 z485e=A1c|9%x`LF10{_s3+ap)?Q2SNWgDjgCDa%9pPdo#PB-dB+{1zP=0~T}==+6M z;kPu5NYXeueAArq7RI{dwX1?-`N%W;a?a6K!Y?JT)48T#HZ+UVpQ20zTjk<*_g2FD z{KpgJ0w}MdZMGJId3%(FJ&u`{@1$<#39t;Ihs21L7$&9`o7VZ$qnqyi(NP2KT6u-< zLemKYkUi#()4D8=1CXz>$urPvokju!)n&Oy^QcxUw2WF>_3QG?FhP!V8J}Vodegr{ zqAJ@d<10IDz* zoOp0L48SVy@^fj^e}S5_&2V8N)-z4x98pEL6no1&C9+B#D2fLwE)dSM;v5TvKNuWG z+7T;>n0ONN2B$#3mBvq%>WtT8jdmlo!NYwJLCRFADMu!7yA%;;-e#K1h%#2occf=eTkL*QKcIkT z=S@Z!YcHTJup+JF3+PQr5>CroKO82uV9coEr~(M~w;74re5x1?ZI%w5Pd>|Kk=*av zAgs@K-re$;5c_ATS)BKX2iYjOeeyKV+vMkePA9$nHe0no+6Jt-+zO9qAMoVhfw0ZL z?K$G|-N=(nq6iTL3o?p`lmLjZK`a(}oip40EV6?MbIebb=o8n-6DyL!fzn2=@Bw&(P|{@}Q2Ai- zJ}vr1zJ{;95k2FkMwSc(8OP*0gh3a~v&IF^ zN^2rJEt%m*G<$MNJeiSU_beHqyn$S}Ai6Jl!yv|S{mP5146L((8Qt+r?I0uxZo9KESSC3;6VYyJEbp|WYczoIWK4mWKOBS*U^cJnWpmx!&@M$ z{R~X!lP$-Q)@5N!@bey&WY_LZ=w9W=nBUgR+~6L$@MrsC(7@9nK8}ITq~UqL{FaEI zlh~_2x~2Cc7jM>y+QvYl(M@x?@tt86P4aJ@Fg+} z6$$GCDh0`o3_`nU&0iV>6p*K4q0 zL+|7ks^dr;+u;_&^I+EU2Uberdln2J8HcH;D-E`iCGbcy^^1IfJlvD|n{V9KJ8rgI z)qN{$=T?UUv<@jvM|TRlWsNuDAUQnM7=$xNaU`h2Z3-{@oDWkL#+POl1w)g<_ew=E zbhjX|wVCx#6<%Q=}pSP05ztnpHWz&+Jb`LG0UsV%Oe2d)~JyR6ciN6WI*&r zrIdQbh_a)|xdj;w4LFKK$m!K+qCPSc9LTkn-PBq(!^SuocymJ7))PDvQKz*KVYeEW zXB(4GO|GBxhf5T*$_U1QlW@~M2~nFw-9+`8;ivwi;{@j$<(wV&Z>yT>mXaKP9r zD}w;y(jZ8kD~z-(!&u7O?XX*{g7T*M>O`|*Jhz;^@Tu2~&%XZ_{TCNN@#0Zk^ zOuls*%5(va?iN|eZ+1TfkuCW==2ig44a~3`m4{4)xgeE9yb*9x)m*uU(Hht)N`Cpe zQW7_|PCuo{HR9MFd{WE_Rd_pWR6H>q?;;X#9}*4lg=&2v$k(>ob)-+5#=VnB$sFu= zzX0l*0s7yeu`vTtVE?4LkK`#Abj}(3Ame0EqWBysH;;vSG1oU)C3Z0$SA`%w2UlAL zNOb?;>Qs0RBtzQ)R*RWalkpqBz3ZU6kCpE$<}B%WHwD~E3TqnuCB)gyBjG|gEQpu0 zTGsej=wDE3Lc48;DVKNH2aOKA#?YP|)UAie^xL?Fpg<3rqZJPxJbz09MH;j|4ho8y zD7%+$e-9G;eztjs5H!=Ue><2Z8I_7w9X0+5ln+SBR_b2U!FWG{?*~V{7MQN44xyAr z7%kjV3qS;RJl`73+36EavWyA0@SxM?H}Ka!74^7J6=Mk`IVYYRt^D>Pc%;b>B9ZlY zELxX6&RyjI>9c>7IkTiDSHYdkH@>>cu9*mCRcZ_)Qlip%3=jo>m6-)Ko|^1S;3a|k(>+R{9V zgZ2og(lky8^r264konoGAxW>ImqQ9Ybub!Lrq#;3lZseB7^bWKLJ-l+Lgt_&T3F9$ zGAyN_Z(xg5s#L<-3sj4X6xA&(s`!M3k1ewOzHkO)5?Stg@w@5~KospVtGc-Ysnn-_ zmAt}wt0T|<+P|77zPj4wbo6EQpg4^{Q+EQAkg=xmXiQe|`V5?X>gU)9sxP)G6(;1! zP}w&wf%Pu|Ujpn5-m+9565GQcs-5C(TOvY{hdo`fei1q+UQ|FbJX{>g~^uW3j z1rr}6+z`>xA+GnQf=a{M#;Oo_@(w{WiJ-jVk@Uc;q(j zi1~Q_Ocq?WyiaxSq@L}&X<8U3x@Jn@o$p*a786lIM;n;$A_{9>@ea9q4rEV#z5M3i zRo-3iP9PvNUd_E6@Opy9zGonx%fpYt?WKx>*bPX!0TNEaa3I8o%~)RU9uZVZb!8lU%Eu80W*I#c(6i7lR`^b?UTy zV4H3;ZGB3hKpW9?iqDjkBT7SxhR9Csb<<+UtGn3U-1PqYi3k@0oVCo86V|6aMn zip=*hjNz>G%$BSgSTq4^2FcF9u|geJvt*_9Vk167`TmtNAM_8-{ACRU?&@xnp&rC~ zTl-fkYzd9vXUBOgmt+gjO~kzn}=_P%;$BLf05v3ZTy!8Kee z&eU1wQLJN`yhfqluW#E|2f$aS+i@?vi>c5F!O~A7yG_z-3|pElj>4Nu-zOf=`Mz4U zv0V5p#mFIg&PYb_gXdV7WANSgX65@2MM1E9GfM6%UnMpNrX8V$kS)GRQ=M{VQqJTa z?@L)d^~OD(rsbD8M89llAT(te?nYhSJ2=Cm;K_%q ze9g!aZQq@Tt1bNcokGu%-i*!MSdszh zV*VefTCKBm*Q*{Q>%6hxupO((D~6R`fLUPCDD@nu?Yurcw*Mo^-G1@BOzji)xH2vz z555W9T98wvko1z9gWPXN1D&19SyG#neEIF2)&Iqe4XS+6IDd@Pm){}Ka zx-d2EWr{&Wp+qm8&7Q zZU@d)L}}NZ#V=jWm1reiYdJ}Cx4S!=@?D=y*Wr?v*>Mc?vX}>LY1}7&r1^Qk&f$GZ z*nVDZXh2b;Ih0Q9FP*-Aow8TJL_Nb|f-UGD6;-iF z(gdyy$W{KMZ-Ze5Xihi#F)7T~n4Aw$^IJ>PIap3_X^7Jl^`FlV7RU|s=*Tg8enB07 z2i`bn{N_=EE>K0p1i4tp>LZM8`byrYG*3qA3WVo^mvmfPB9t|wa~9<&zjSV1(EB>I zU(2Qg>7}-(#?nNY)F>@sJctabp|O0~i@=$Gg%}$bUnt``C3|9a{2r^M=D`gVbAC(O zy$q(qlehL_QpjP^rTZ~DTbHK170&IWNHSco`~_AVnn>Ww&I)qYdP{w4V;{YC7C z#%aNp77sm7lqDZ6m_a8j3!ss{W+7X`juANqEG)EdN9K-`Y~ll^><1YXmK*(^}*Tu!^iOd_VNb|cBXx1E%op+C+p_~30nie}9kFcEwka~9QZ8W>F`7dbUu+FsM+An^|V6HrHGjF*Phqw_IPj6z#>qjc=jhHRsY7uqbuw z%94-gjJCtHQ~gXIoM$sw^_TJ_dCZ!@A8=L{pIQx+zDBT~rz}xQsZC3sx~-6_4Hp_2 zn(lB;Y_(&zF%^vs$?$>jyS7Y_;o|u z=G$8D;#6el079PWpTXHcSSnv_5mr;B%N@I+mMF3Sqy?2*ukzW`1rbUrh!$q|)4sgW zp=w<;O?ZQ$r+Hy*V^5-v_lQ0ctR>QPDD|}3d25LOdMy`8>E_3n`2sN`k!9v^W4yzR zs?JnM5ZPisVoyyHRK1XPWp5J30x?n^O`+=Kz%d9qv>cVS(=+D;iMqR}CVb&!mqW=A z6h$wU0`jH}>R~f*K*)LT2{$9%JBSgGCk1bI?CkF1Fxq=~cqr@Y79*|;?@OW-&dMAWdVT9I7r`vwf_6$?xmyeZuAY) z_w9_IQ+9P*2`oVP4OOvvME;+3N}H5jOqIBPWO+U!bAzBf9~aEX`Bd`n9LYp)cJkqV z2u^U$-IvKSPW!DTN8w99B+o+CVer*2;FD!rhd+f;y-NO_Hr%Ydqg!Um3uXD6D_ekp0%qEh~tWS5y`5 zQebz(3ji91OYpU1XDwoL=Z>nCQGI@x>YPAJL#wc~uMbkVI1Q?xIXbSm&)cW~V+@0;GW6#s1V z63apu7@>>$S)?x+cK>@E1zwJQ|9S1t*ZgExoslsCykB(0o^r6zVR&q9>10L%=C7Xz`HIN zGekyaZ!b~+%l5X-SDFF6^(GCuw2`|&mxOu=`Vtu#2QHaat8pxlUzV{^$woY39S>$t zmI=5}#I1;k2<#GvKSC?Ae9>o$q0UuU0^mQ?4tqI2%IKk<0B-;+(>mr5Z(P%91lur_ zg0v<{+SPXd@;9%#1vDS*4LNm~$;L#TsbkwLo^7IsYLZg3^nPi!$McWZaajAz39^n8 z8JhN>AB{Oo<1@0m z<7$;Khqbh5w;`tUt`W*Z&fPzBE&az7iEtXJ zG*Jp|;LWZw9rQz|-^UQhU>2V>xmcULj3D|dw}PqtAa-|-d9ABv(Iak=W2AC=azRgb z_VdBhis_h__gbniTKY+DClI0FDf@1|VR#{rRaKRUBJHp-191 z^+qSptO-J`aUxMGc{;Oa=E{?Z*5sHahrqpO6#?yGwO_{+4o6HSP8&wUHID?(gQgdz z$Uji9$?r;sWimRdnOt#yF~WBGk*nIe-$%p5qB0H~!R08z2w1|JW+~_z7^Z_i;X)*C zP^}bVHhdnC+J~I-G_KLki^McdPL_z1Vq)c;6PcT*kHt;YCn+lJ401KtNz#MJ#bk(n zO>kf5Au>7=UuvWnFr~ca;m2ai{o+W^{8~HUm-wV8{#(_H})upT>|D%_Y&qs+J*FKGwJP%7it`hN*pz(?}gsh z33VK~E7HHeP*an}IjvLd!aC7Jh6$rnw>1FQcb&1M)gS`;^+N9UQ|uufc&zB}Ua=UL zW^$C#lkvq++s@|C0d*;cH2#G$U&=%vG@dyv-b`?~YM?x^vCM_knJ35IS}crQ=HC)o zNI87r=Y-#kp@qT$21;+gu$7{(~;PlV%`=uUpHX(8rd$^ z`AsoJJjw-uusvYThRLn@pRzR|OTVO0)72QoE1YFZX+BqZolLw$#1#N0 z!}#BFAZIuep)9x zC&z!Ze>ZqGI96ih5|;9Et4Zqmjfcd3zGJ2J@K3N^ldRXQ%DiyXk_f+G9hmptOtW?s zDeDV|2&nQoszkE*3d0WwvOze%*}~^OhMByHlgR|A$?8b_Uf%C}lLeea$h6=}?~Al; ztdj9+MwUpifoz=@)3m038+B39HGTjDyR;{R!2s`DR^!+=hfyPZ!WiK|1yfD1NI^>8|F({y>S@)*AUObR#dm&HX^=`DLB(Kgp z2oMq!ROX{EIs1u-t)(eLybLNshlDn5Y|FIG5-o!)foK}ajvW~vS_9SQ`1IsbBY_r1 zo`^rCQ#_*V`ET&y0Zff?{lvr?)UY+>%ApIRziUusV`Yz+kISY13WR4SdqxwRV0e@{Rti=uv4jbCetRv$J_IX&=n9c|xtZ>jI4CA|QQz-)Ra zb{c2gMTm@MV5rpv1L|H`Bt1`m1YU=ZI}ESP{rE6$fz;y^bmeBDMo$$0Su7k1gihg( zrYA?6;UZ-LJTPI&C)1XDX1P3bJVuGdaV~sh_!cZhE=hBL*80QHN5!{B*q)9uA0irSm+g}LGytG4^*~Uq(E%$^71BD(I?s3OR>Ayhp&Q~tU_({ zNeenIbDS@c;%q(!Flydx85SvVJwxn19bfO}htW-53R9m2Jj<(hVkbfGOiyZ42*&Z5>hV{?C zYe7~omw@^uf!^udewMG+zMUMT5GvkTOWO#NC@R3UsH`MQ;z9Ey;Q^gpb|5RlHH7}L zRt&iOAK08!D(1J!2-~f?GcYqhW&mj(A?YH*!eRG0*-}KkbO7`wPBT{FdH$vBAfq6+ z+OB;69~wJ%NX~`O2IDF0QP3W(tmRK;=5%nU6?0Ht5Z6$l-tYCSn=}^8kE4kMF-&{E zEM?}!)$-O9ad%~iu|<*6Jo-c)K{xLlNXV4X3ceY;%N9kz27hHm;cknKkxqa5E);(# zT7xq&&Z%1h8|L8{WOkdD#zpX`%K?x~NY5yx4<6jz0~G6uZMY+}M9py~Sd}adS#W9` zm@n-Desamml6X?X3p)@uxL#l61y;t)t4|y3AmPC+iNK7g z!5)z(n$<`2MJWDK%-h9ya{7#(PKp7@=<7b_Tc z_x2>7Tt%DK>u0}WRu5dDykFJ=Wf3OG;>P(t;i(a1H|TN(CTJzhE#5`WO66$oR3`OHEhT3H+B)AYO`Zq8^V(bP<7_pA%89~U;r~iW1oJjv#s>vPe$EZXG zgJUI9=3_1L8@Quy7pKF1doEOQ5w&tuUR*AYIFsX{@spVkUJQfHYf;XUs5LNwh5pi1 z4jtjo()#FV6ew9L8Xx;`*`Sl-@m8=5AQU3cet}gqT$BaB_(TW8?S9Sv;#rE$#H*4b z-0p63v?3`Ksbz7d>5$O0n%Wi}>FX`V`wzjQ)X(1CHHa*THIo(039=^=?aL|MXq-1R zR4N!8R3r4Uzp7=Ib-v9J+@K~x9iJ@|e8u$~{RK+ZEsx<^8fU}_pm!;&%{8?5rY5)A zk9QuZ)s$F*%pkSpmB6Z;8K#PGh=*Dl!d(Cpl^M6bR<8~aUL&RBqX|< z!ratEP(Y((hPDSIzo=@D%Sm2Y3Kz}U&(BY?Ry|K@hgF}f91G2vY_A}n8Ra0t1<<=x zWCYllS{o3Zqb`drQY&l`)-!aGT0UsR(PBo4C^~<(a`p97#o{RRT@t>nvbUl{E|Vt4 z%W4K{?RP6^PROPbSeU=#eyeh0ii~#CQSPuYOG^qeiXaZR;E6DHlSBvA2P;&VkE=0= zXMjA}rTGjK8PDsqLvMd3>^&TnlHkI7aDGa*)V2>h&L6mGNEA!x9WI`o)wnCG(h`j| zAyidmv{bHGwACkAypEm)Nf?=8^~ydNZ$Nd;bz7yXI@L4@*OL57U1`BQNkHyR+k=qYdhlh=+7qCqXyr4}Z`! zwIX!PYZ@&%Za@(Ow7EPzf3v)oOtkzI%oki&G#GFw+oujo5 zKvhclCeT3sAc&0#-0W?;#N+75960jSaSw6%l7MS!(M9S+-HqBa@ftmS{`f60#WDCR zVpc;31*e1>CGF(^n)QU=imamouTwn5*u?EgldVSru!Dx%3d;5lBZ(IU`LSHWj;}Ul_w@S`AEJ$8DXZ-cejgq!D!PRxb60MbFITr*WPHSU!&=%}2XsPNd8(4NzP z#2qGqqX zc^u=rNLiwf{=Ap>0;njld3qL1d=w7w$qsGY4T8c~>YmdJXj`%SDWk@GfFpF5C^C^x zLBhs2AfkV_OmW$x3UnM=0JeR{&S%>3%${i)2h+p_7UBAp zTrv8lX6_3R>~reUX<@ux+uw2#PJwV@yFaX#T~EqF&xU#5*@-AxQzX}Nhp>nXBMv$9V(``Lr7)?`O#&&4S!<2?|rszE$mMOAD8ZY2HHY^)Ktu0h*3 zNOK@+r>+jYi}HQ*5v>-F`6&k};sL*Q@~!8%U&K=c#posRI4hf)BSS2aHyRk>I3j_n z$xvNgJ?WHkyi6*(FaCR1t#MCWmn$j2*G`Zh&fDOXOXqEGhYXERDdG2|~bIQ6YHdzSn7xgaE& zG($>0Pk^}5++!w-%d50r3c#Y4N|ibmNQ&6wp)YHu*cr3&R};TBx%VgxI^?u_n_FOv z8Ftt+IXQ`qjh%@oq#|H!JctE0&*;N8?OzMM)f^=u6zc`* z?;G9|V`G`9O>E>|jVaWWRC>R3I2g=ocU5;o@7&^aB8;BS2}V9mUi~PGibB_!3Fck7 zmsFn*ar(GhGx6~xeosbT-M2JVRy5o1*`>UuFQ5OZ0|UiQLK7*f8hLk?28MzpVz~FH zH$|H1m&KI7*e;F4jQ2Rjo729qZG&UvmGrvwy$Q@#t-sL|%rU%Y|8d=cVi+E;v2I=| z^UP2~S<@jPy**-fP5NV}$T=laKeV{Fc_a1!5W($vVNZ-pBkD(`V4(iJ^TpZuPVC*g z0?vVrh}@XnS1ay8U&Fuae*0X4N~@-#HUQ7(`SK+qi*lDPkN8vX1Hsn$65~ZbJGpr@ zB&ZG$%XjvQtbS2O!obEH{rzdkU4NJ}=RCMBDIwu)v~`6Jj_uSa6E3dE#;jY*vD!hN zEuVDIn=P7#MSCP1EnS^fX(`rhTSl3m5>^*W+CB5QjINmZ?zdrfbAwh+FJ4g@trvf_ z0ae*DMvokU4RAh+46w_&oQL13f<3?MM}3`Ks_>?+!n$$&22dihoEN_3+Q3e@{jFc) zn4eYs13&0xE*pps$D<|gW%Er;f}};$YJ&;~UPAO&F0Zb|dhVvAQ}T7SPo`uv+hX#9 zeRVS_tJ?&n58eK)9wAX-T9cW+_u+O{2p1b^kgZDsWROQD{mPvk z;VKtlymbyNmI19+Z~iU5p0+w?ly7CHMNM3@KHvM8wac_a^Df+rH!=uta+F>#gyeW^XRLrkqd9ynSOe?#AE7JY>;>dEfg7F% zY(;_SDE{FLT6vP`AXYP2 zlEvBoGrIrJ4*-5XdTZ ziSx)yO-V^eK|ui<7gzND{+@8|C_9^qasp67=jd(xvrG!$*ZZ0jhWwwX8C#JNl@I1b zF%_r6uMhy@7U}m_-5rr~pHpSnAR`~}?=Gd*-{J~rlr))D5FtHYYW~~Thzf$RHD1qM z3_unT6kGrE=PNTy%Y%{4+uK{w@;G{l;9a+6N|1Y$JoZ+nsBAGQ8d~%~fd0%OrR@@Tn{rN5_{7~L}jtu$VS$@62 z0#8;Oz&1&vlK-(cpO9G9rbeb3?n6-=(jCAp33MezSG6yUDU0k%TdE*nw0|44Vp>CL~n zJ3KoP;W+t=%~bqfEbgCH#h<@F^Z@$j^1vjD{GZzjjt1J4A+p z{9ooOtzPZPsWjln)QC#hl8WT2o`qT58XxlW5~s{ViNW%Ck5xDx$8 zSwBE85z4=m?#FuD-2MLDPkbkM!uvhDVAlWiX84^*mfzxwR@nB{w- zWKNzYRAfc`PY+0?Lt?$<16{z8h`8{2+ORBi2%4chU((VKq};^&de6ip ziX|icQ-Za+qa%oE28T|SzeDsz)`cy>iv=5Pt3%He4kJfLD<`XqzH%ow$odQ|tnp;X z*vNQ#(Ky9PD||1n=xk1;>$ktlAdAlvctjGf|L|?(=ow=3?jyq5Ac1pVKdfJ4yKNG0>EPz$!vVQ$)t7x<^< z|K+1wm+%M>hg-V=46=XkB|jaq@)ZK4lY&wrXJ$rq33-t8-#_x#xP&X7q`VY6nN73$ z+hEb7;iI2vHC|T%xrFm6*pX(}--c5}e`uLfIAzJ4zMouHMw5Q?)%ee5DyyEv!{#*O z&N2RZdLH|q+K$vgmE%mPbQU5Q-h=>gN&E2MX4>8w?mLY05^3}BUncpFR?ePbHe4K< zRpytrnuFi`>s$Cg)8rk($bYEQ&DTvp`nNYxS{8BsH}f3>H^&+0@_~2T=v*(`;7U=v%Nn&8yg#I zTOh-nB3k`<4ul>K;odSt* z8fYm-(>}Z(X$BL5K-V@Sb+hlOkNgR;GAKDJw&p&?HZXPYE{0=Tho&L6__P7+_g9;LwIdwN?^CsePp&yM$_q2gC_zv#{UfBpO0H8J;|nV{e>Ji2CE z9IV9P$tr$-7`iZL4`mJc450@@ zV_bjh%0IlFcfeyy7)FlY{~FZ)w74&lT3o37PP$ZQ!|24AsK)a?4%^VD?5Tt=aPo6Wpd@SNt!e7Wka&Fm5lk9@t~pM&)U zOf49lwc)=S<3D-s&z>&_npQArZ|$$|_uy|t|L{SnLP+)p@?!13|7UFf{_Oww2Xr{# zMUr_9F#OG_|J}3wpO0|HJo)WJxa(%i`v2=8e=Sf9bdpO3_?|uZ|8Wlg+e7~GxYVym z=x)Vk2s)ysOMrn)jpP|M9pC~;bOaT)PgD>*?Et^W~ImA>3L-qxJ^K(!{XY@$l#*D znP>`8R8gV|Jj!bh&d_hJF4pvT*xOdr(V|TrbT~{b$dPolb*#8ybH7JsJ`45~p8UAM z+jY(3U^|QkiDsbHNp%1DE#Pm)_Rj-D}FGL$@@lMa5nEVcioik zZLJZ=#GI}b@v2uMOxDA^`o690m@}_%vMG2Epq#trLagY_@>5~9GWUZNeamT_VCSG< z)UZ{WpQK#Ah*J;Xw?l}rx|Ixa!edX&&N1rm@#y9}Nt2CI+mCog$H(lgVKYUAzw9{D zx<*0CL_R?^*SK`9lbG3spl3=;3t8H{*)`#!p=FH9Pxt{cgDzfeR%NevSP?_3R~?SK zd!bS~?nS5lgcu*#hl^YIhziX64V^^7C&k1nwn*~AtAZoL*8PS*G6&Or%vfvXo6ZLmKDciA0cz zqJI9*H}(;e57u*~yT$YM^0+1O3|CyL5*mhORqFJ%%&z^J?N(t6h2D;nqM@$0C#uqs z&kA@WR>$B^IKd1XDh-r5QgU{;d|^H>QWmJXOWYUb50fWT(%eyF3r`zG-OUfaSM%n$ z9`IhD)8^&AE7R2zMU5jNza|=AI4CCsT>eNtyvk;GI3qo6%X5+ggc7sT*Z2 zT%dn{>1)>wEG;GZZSFT3nnk5Z;bYPZtl|-~RIT>(?^^T3uth zXj=6P4S^$7w88V@6^-~<(v(&wRWC_MXw;a=zGjsbQXNg8|NVO{wX*ikb+N-%TH{-V z`;P8@&vuI5scWA5Efr;z0#Ck}%&i!SYw-N6>^}RsB7C7BaLbM6HO;E0r1+NB?cF=b z3|^{n4(?y7e32$~j(_%$?_21VwW<>5bZ)QgUb%~R60dPpf5GJ^qkDp~YQr^FW4zXe zt4zxsnhHSl%P!)A=Yd;BmbNu7gtT0o(&V^*Qb#^x>+v%*!KBGj(02!f#7q0P*O({2 zLh5Vy3EakK(&F-N*o~Jo2~yVxHdVPtVAWK5lfJ`SjT+ra)1DtA($|mLi9MY9$EeS| zKJoZniPXXDcIIR6qKj)2&aw%Yv+i(C2Ozk93p!0^0mBR|(>Hj!etRp`T%Lkjw9cRh zc=W!Q+A9nD@5&reKI^_0*HNE_To6hZHbrE@R+FZqG2l= zqQxubLe9@9eq1xc(mt+jaTQI!6?ptS?XdcB2&wvppL0}5-H8D)H_io+)yzk?y51;O z{-BDIGJJY~;-U0mu>Hiof8i70{>z3j*18cTwUZ@l;uUS}?LloGZ{MOxZT%E1C>eL^$bA+4+}A_0G^4Qku-fXh}+G&qo4IlCW13O-Y0b5 ze`TKbaHqSduKR}A)U7VT0LO~rt7Ybu%TV9#9saTq`9NyX#(6E4qStm9oG?n$s>Kqh zinW8PvpP)b5;da!S(k_>z|b6;=4no~w5?JV{`D8J$Ej4x-SKsJcSpDs>no|R-1|p= zfRE^juR-P25Y-;9Ae?3vp*W#+#VG?M7#aN^A_bXQ7qc|^yN}k2ng<5cT*Z4yZeqI* zRg&C_nJ4gCURg%{`d(RC&vs%+!iGcS!W*Y73MB?@%o&;(eN=t@AHP|vD72Cl`bDGt zG)z&lqLOE;wx@~j8;osBpm78&#rZ3x)>x~wTic+{?Ht;@SwGe}cAOt5H|H$WrKcTd zGVBX_dwUa7QZ7s1HY}yZVC*VY6%~z~oQl0jqq@LCxU#^{{PHnuK5hDus9G>1Q2`^z zmD?!RbMMeFzmrYAs)sf5k?&7r+TVn5SQ&GD0}*T zKRNgn^<~*hmx#2Z0VTBr^MT+VXgbY4#n}Iq2Y3+2=Bu>4F4Q|SJ$pmpDweO&81+M! zzUv54!k&}2U)LJCkxy%Z`%!x}=MRy`tJOu6g`H_+dtL-cCTexo?O;rNU2n2}rrxUO zkH~=Bq1&$&3jiaSM~yy1B3?(QN!|pJxP6k(CErw2ULCOC+v6$~R$m<;-#~Vkh?Zn# zaO)Rx@&`rWf^wgxzshchtF8b2IT}~%veA6?!s1J$RgD|13#Dsa$p^r#Ge+6ptENAv z%&;`!@b6hQA-|r8pstJD>f{UC6|!>me)=+{_S?%CQo1NtA4L1>Y0VJeHW`rppSQ_1 zS$vUa@6)bI`Z#EHY_(>0Htic1$64#>c>~j3bF0D;CrWBuC7|oB zi;8{tJx{O8tm_??*bvO)KL% z)3pQJr~p*u4-nFd?a+UXgGT542EDA_lHoT0zFoKVb#`g6Q2De(Fye)E{>TVn#h`{3 zIr7}nuXpH0?dH|rS5BQj|69twHvKiFcFn>ij58vldSICzkv`%=JEeHNDm$@RHkEnO zru*5dXmHaJZg&i}|M|oz`a|{8%}2UYc(4C&7Qg{93Xv_(KFvXe&CMzdygCV+2qf%| zvK~pa?_XKIq8m$o=+SN#+XLAWOaJpqs5(h%ay`0K{MGeC&#nhM{mT1=qVx&2ZerzA z*9Y{Rry4!>dGKUZ3@w#y$@hcu#)5w7s>~UewjR#*o{Lb5fiyyOb0XGO_vnrPm+oyI zH@iYsD(vOyg=E*g2}g)KQloU{5i#cn*Q^mHW_-L=$00in?Db$(&EmKczrHn*WZ%GV z8&Qf0-lUB}F@nbc%9>k04;fF7IC$Vqql>na1p57%RH$X(Yj5?4DYR_z&2G2Va@;@K z<@cLV2oKr){$&T7V8t5);uUKzw-kmxo*tUt?k>r9CdQr@I<`mewCe?`P@rSkA+TBxj~GwvC+k7HfVuV0#>&8@askXV|U@?HrZI-$4B5caLP!r5(4 z_z-!qd_IL5-tgt2pJBja%F2i_ooCP7R~T4rhg#7BO7LeM9#vlx6Sa(u6GvPh^h`7} z={wd|0_*F$ySvX5)EGmpfnU(s)wLY9y1bKn5&;SWBiklW_~orfQ38F18vU0pUOX27 zIW4;}<{C~ZrrI@ac?W!~%$P$K?#836EJU7gv!CyT*SD8^`3_8zId8e&w=O< zV)1t~la|6!T5R%V=_wS!3as}~c!KeEiT3;vkL0=^rhaM9N~=XMcV6lkeJ5{?w6&dX z=cWV$3Pz*pOa|(Q4#IuOxXNdzaAC)(xn@rz!DX$}Q_#D3>2Nou*Xmwqi19<|hG=qd zDcdsaJFb5P>)FoHj0++j|7fTx^GQG*-#aY^;GkfGAX*25*yTYpUfV}j($j~V_X;~J zRA+Th{59%7Y&9F~c%0w;36lI)Lx1ON6DpZxW7%)LoUZg}l;;jiiUaDmljJ*EQM3Cr zBl-|o?laD?shjNG9Pq<(>TeeSi=mr~>Dm1}WkD=7^;3Mk-?ChTjQ|TMKUisx5dJHHhS~+bjou#kTvxI_ z7Rp$!_l-X15%i6I@VMC9g856ly_y67m0UgwPF|alXx-|b6p8mVHm`f;(y-W)lZK`g zufE3;s&(tqYnpWg?}Y;YJLl$IpSjPLo8yg!zO(2H{`X>;D?*rVIYvma*W=i%Kyt2A zH^;}vuQK0tTnE2+@nxGlj^j%*l78nX{FURl=qJZE%6|87*0LaVSH>FYPhB(V#9-6q z%|k;Nhz&necEt=ppxYu(KUbWRHMglZ^B01zXR5BiQW6tyl$exNnQo1}Q%AEmL;u$I zReZUonU-TuG;f|PE*2_qdWSk=e3Xi5w)lkoEdw9)lyP)OJ0O2p3qo?E1!DyOoJi2Q92nYXu~!8%*wVR#h|=GS z?(X0^FlDp~q!w@~zx^G;Vrbc*J?aX+aN#pYD0SLY|5u$hF=^;IMV_YN7oCWT#Yk8u z2@(YyTE|GDr?Gfqi(Qqlu|i1#m*M=oO4Dx6nEHEj@*f*F);0wSFwC}<-7B-MQX;Zl z3~wzQCz=%VUi#376H;G!;S)AjHHvN$uRf|+Pc!^`*!xH7iqZdku(aMO!W z?!nfIE@J(Qp?DRl47=#wAID(Fgd7Km0pC;!ie5k>M1h(k4At!vqpCxycaMvf$-E-NXU$Rl-@^gDc0uPi{qxW2bi7Kb0dnvgwemy-s2 z8(les-qxZ@Z*cizX#v!duDPh6NWWE06gZlH_jChLceEc_JWoKsYTgj{C9run{Ip&2 zNIp_|n!4o`+fcsWz#|>4{_^bg)Eo=_EB^Tbd#lnWDJ2<|u0KWfnd%A@Eg@B1iCK`jJd5%DHb~-vU4PYNfTVTcIHdXOa@I1|?p)>J96p9hGgsecz*`e~uCB_T%+#kxTV5j4jQ->FNb39)+ER1TP*;Fk(_jE| z8Byt&L{=Rt)J8O6rszrya%)Uj&4v)B%j3N5)g_89%tG%cVCbN?Z!5V!6q>EeIB12F z$#>o~yDZD?n}WeEc4%CwH(v;(Zr(i0mmz>r#$D#tts*mgshj!H!VYM7F?>yf`h-O{ zyPb)+{KvHZRQGVhlAd%i9rr}YwEud{egNl8h@2WR0-J&aCU zfzUcuZoZI&9g;_|%lLv@nw8+eLcIm8EzT==#C9#oqcGaB;f5Ixv4HITInl_=Gfv3v8!0PEJ<1r23DZHM}K# zGDb1L8p_RnE@0+olvJe`O! zuA=4<(_VgH4{dI&=(E*oqBNlR7(pQZl;GRN&+V4?k)>+vc>(JSQhkR+>4Q2ZrK#f| zzCm=yx=LUAZQp&2RnH{q_^LNpc0|0Qv)o3_Nq9Drs5*}alP;$H0gNH=WR{Bu$b-K_ zJn3vbm6JQvdb_UYKmvL}KG)a<9PK-;n~1~`v5P8_B6I-~l4Z+cTs)zW;8;HIeOPW) zx1%)cnS%(Li;mBj7Wtk)WCGa6cZ^<_O$8dgexyX*=wcv8m={CEo5Du^+Hi%-cFn*>SD)mYr*oHrUWd(rKoPsDk0cc~OSRskTZ@AY?zaUOujgb{Q_{P z88mm%H=m=xCN7yaLFz^%*l`Wsu{GEKyG5YxnYtwmHEApJE45|65Fx+86GY{5O_wMW zT2lyIz)WU@_^}VGuKr4&Cyd9|R`WZ@0$gnMr`Dbf$`>jnMH9?DO7z?}6`_%I>xVxgo2E zEg57|o<$-?`e1z4dF@V4gO1>WP|b~vjfdfXWGeKeW0vD;6t_#6h>oL5O6eK3Il;{* zeRl8r`xBnljRZo?Cko1Oeis=|u`KNjHF)l6T{u<4oU`bsdsban}aWE(hQ-R=mvQYU1%*@Wg+7Glez(E7np3D z%iHp+5ZSwwg`#xZN)`tc2@HEyD_eH#;6Cv!EP^vMM7 z{eZ&mex6bXr|ER!^c=TOq1g#~TF6rs)w%?xKi~&;Wi0N{D-4D7oA>ET)SoqazY!RK zM8-3#V5K;wx*3f(IHk|d?NC&BQ_1`LOL7@a*}s5hnqIKl5akEn+*E96XOqIYNAUH3 zX=&tpN7d#^am0JpwR?447=wnLuflEF+8*a-oKA08e*&2xb~Khn*)Fb?jo!uz%T*7Y zHxa!W3?uYTAMa<~9~WDf{AnA6>jM*{>GdT&7F^pqg*^T81D?mBHGIR{tx?H7jPD#p zE597Z#E1GaD-86mqH9ywynqn*s@npJmcY*l6jBmF+CRP2HdCs+rv%;$*3WPPbgOOr z=k6t{Pp-|d|6}~;%mM-ZkPr5^hhDRxhWuWQuTPPxU$Z+K@YAJai=sNv`+vL_U*8!H zsrApy9KLCwEzQY6@=WpUOMCCuQy9GNu}g?H?YtQ%y}AT_zO1r2^R>6>6lGXrpy4P# zb=D*K{K7%QX^IzEN5@&j4VzRrNnMj0#xyL^f;MLTo04e#OZR}&5J(xl^AUsQ_>!p* zj<9RQcK(>}Tw-1r<3H6NIO*sV)Go($QJxlnY*oT$f5*Qx0eM3_F$1bcof1{H1U5*j zN=~S^z8KV&oq+%#0(6`BV)yAll)Zf9XFJ?Z>6P(SrvAl830jHx&AV>Y!3PLCTG> zi<&B=PfmHA1DrQ8b=Kt~K#%&EYBqQ9m`eNjl2Xrc?FKdobgdOOaY3c_NvnCtVnQ9W zXPJ0*ZVtgejKolOc9zaf*C1g_AToO8TRt$vxmS!|LYUf_H;_AFDIU+?2dk5(qz!y{TSJ3wA$9JKcAPBoc+Xo4 zdq>+rfs0pmd!%$ujD{UV2rICEO1F=AuHu>EUGWY~3>tn7fh`RwiEZDtDwn-8BBgYE zzeIgnE|pTfbb!It^^_!YR5WiZm0P9db-E=~1&;4q%J9x{V6|&k_K$KO+GdsS+6wUw zs=TO5;A7_5cU^QlN|4R(k3%&!x3GXb0poVlA}T^y#Gm#gSGx4I&uVN{nN4ctNRMP8 ztU4Hg0a}*LJ|Uh5yR|I`?opnWUgQ7djsdasx4*%QTkO)#WDOK+#>|h%mOEcR9^$S; zh;fy0^CLk{N`i9@q~*))du@qzP3RZf?OsHWiQitdk#`n_v6H$pGrDeWU(4+4`6SZ7 z?jKp=t`HvAY7pV6Zo#KuJ2mzXMxeHB#RH}N$nmOYpWutyCLuFn1K7LyaD_K>;|otT zgWp?c-g)?msn=0d5xvBNm(QSoH?5Vz#_evS)#M*CZk0MIHZ7Q=jwBZa=*MJisU`v6 zLOd!mbzkb9El=`{!4RhO`7%@a?(Pf~QoEBybFGY?MCt|xc82T8vd1;<92`Fb2%-Ke z&X&Viu8u<9^drdqIf76BY`S~3@^ z^T$u@On{mzuU6!bA&}noYHt|NDkMHisR%QkZW?cRx`VI`9wpAtJQPzhmm==v|Kqk0 zAxXz+&i>S6pGH%Io}nF-j%ZJ6zZ~D0eQoKNx%3GOj9sSk=ERPklAfLDxuxt=X&G3s zOt##sLHy@3B|Kxv&|G7UIZsbad_duJ{hvZ5+?UMn-*4YLNnxjuwx@?mNOuSQlkLGH zeKm@CwMlawlA{ITMP$bRdf^2?wFv=$ zjZ@#EJbZ&XtL>k0n6kPbaCJ1mp@Xx>B{k;o7wiIIF?oxNuqbATnN|GoRfg{P@dVyc zdwcBCNjIQPm=^528lpbQ;-H?+bYVG*sl_pl5OVT#DVtAPgPyjYUW~1+?XQU%Xg(BQ zZUP3ox|QJ8zCF}Z>?pk?plA}lRNe9Ory2b_(hXt#WO9fMhpQ*J=1w{(!Oh|BnIo5v zfiH+Y?@-s~eVmHcurHO8l~;;|WqjNRp;4VZS0GX&QuAx~UaY3&V69TEI|H%;+s_4; zT)$VFpd0{lQJ%ZWpLy z#vMRBVy51my_YVGF^b4D)5vr}d&(IZmX0H_Z9v zbmD;SQ*@V3BN)9DIWX(*cS_%j#u^1z>?+@CN%;-#7g!SraNrffYc%F}bO-A)DN6V` zTRGoJ_;{$?B8m@^k}9nlC8>$A=_JzioDmB1%F=Udt)&b=gF1=Bm9z!u1H*N_(*qgA zHB(yAExIf7#`)TBAikSqRge8SSxb$RRz3z12jpL_marY3bFo>2=8^%9WxVjxtLh#n z+q^BG3c#L*ckfd#ODuP%inhP1gb}buYqAPk-?QWtZP_oN!ne04@NB9euLlj*^I)!4 z+vNTXo4ICap_VyhYUlc_i_^+2*AdKgCh{g2q_lhh_?hhf9G8(ftXldh)+jhtq|B zdSl&vK}n^DQ?|V36j`r7{#JewnYfuBO2`1LtvR3bNZoPw-ILy8(exY@lJY)Nf`huP zdE!LlZLYj~BaY2hYiDR`v*iz6*E~vj^&U*xl5wTZSc&|^Ot#QQAs1ZTQo~4y;vwrx zF9)^5Ez|pk=-x6O%nS%Nts=K;*Cu#)vfmhbA}rh zI*N|P-tB@9{<(VWeyC|VzzCNAzWA!)I6{A}KRE00iOlGqHj$TpXIFh5E;qT0Xx1O< z%jXdYhP2uo!Izc#4RSz5Q7jc4g%0b}Ut@z8oxhpA@L$*qrjTDcwX?8q*IJ2q^r`qQ z?@P_oID=N3VtnBkEw5Kj*lpjA57PfA34cb_$sI|BWmmx8u*R^za+ef*M7gn$$wOhF zIf60C1g|w4QPRR=e;k~CxnE(#e?yJf)O`<6uHfQqE+q&m320_ZFs$@Ex10FT9G#X~ z?G@fpP#_EH53A+*j^{jo^Nh^ZR@e~3?;uMoZG1pX_&Iz4cJ78)m@5PKj3Rqa`*VgL z7iMS|FYzRvSI=fV1(%Z&@H070@Uo23BUKqxeHx!!g7eAXG5+4rUlZ~17qqms6N-y( zlYn7S{TySsKlZQ>=GY)$R{I*mw4?u8Ei4l-NUdrJ`&2)>C=||=6^N>Q)GYhZX_t5) zk!Ts}y&>x3x{`Q$J}(q|+-e?~qf#6zCR|p3fA3sb;{cSC{UCoqViv6xR%Dah&8ia0 z%M;t@QB|@0L5xy*v$DijrFlP4!#z$?M~-)P>ZGeBH?}VVEW5cpVMuGWC8LgyWFe6V zw}^;rI-4G9*nBoF*Vd_oqd)d@LRHx!r$r3 ztT{ny%KR}Q99Jo6k>mi$ zSX2DDu2?5a$21iI_!grljR(6_eOaz30mgQ~|fJ!QOIcm+eC^M>B$r2C*Ax7^)1mKTs5DH3__IwhZ~< zeMXgi8d|c6;Z>~cWK)7BYwI6@b6b`C2_J&EbmFwy-J^G_7F1pDSiENRk@2QmPr`ba zMEKslN&e)dpCsy^N`LE+wGn-aLf-LXxAghpR*Gi?n*iK~T|yOJe&>5AUlulax(NO& zE`g76dR&}&PTRG0z!YN@(mzRXhB}4?OX4aas4BcN)kFi0|WU4b~-+ z@v$JYLe~S&wu=d6o8pjZl^l)tEAESHhHt`pf80vDB|}V9pnNhqKDVC9tA{RoVS0Kn zYYR{wXVi&TF)fz+<;t{C{ev|_im!a;VajKIAVKG+gwDjQQ$H@~S@@ENoU-5(U+^GiDj1cECM4I@s74?OO8FwbykL zqXxXE@IK>&WaHJdF<>0Gm2*{!t~s~znVh0>r;v1TQYsk`=Hd_x;x?AqihOewZ<_poH-47of`2bt%Zk~gfp++O^OS+B+cmEJdSNqYd?n19br^A#3taFETNR-pDDkP#;10mZaf5ZAIND38vt|pbTYyXLmo$Yq_{|1KPqeqLiLwWcI42C67+%25i!G{L zjXe&i?4I5aRd&bmcu-}Hbm60_dZs+-pUX<>`d|wLF4QH=oh>T63dM3Q^Qe7m@mJab zB|#@&A`|B;xEyPHtpmf0Ov1)^UK}yRk zC&ohbbHf-zuDzC$S6VeTp@-sFIT!Z+XF3A@X4g*7>(ZXiEBw2G z`_xiP8%O)g3mND-P*k#O$|@T(shp>08%H^OblV>@vWis z)s^4faF+SBmH45NgGV>}S;kOx^XEfjZe~-HpnZ3X*Jc{ui$)b4(UP{m-tla?S$Qf1 z2KF#?Xfq;~r8^Rkx?ejf}($$^~3pJEFe3OK?s&A7t z+b+MfkW9OE%Un~Y6UMZFC?&14tB!Vvz-#O8m&wu>N?Ur@Hm^ZJr$>%=hm1XbcDF!x z4}VX09r>{>BAnv(08z$zI#A}KKqEE#s0$c?kFo;XYQlF;9tH>_;xo_L+@Fy@uonII zGdKUI_#V9dUy5(I0>e26fs;zDx~Oi)bp#Wh{qo(`v&A?^33!157&*S^H8uvM|IEht49dLh2sBn}yQxo4 zgzk!*Q~oRbDON;E!cyh~R^V3wLBKZRX@<-LaBcdDMyRDZg-wJ0BP_$Cpu1-j7;hd& zlo_ATOl>jpx;#006N5`XilhD(?A~0UvbQ&M?mylVz)R^G&eoZogzwwop+uf;0WOb> za$Rt9Z)(46*Zt~`)-ATub1MoW=vTZ;GR}pakK1)+>9sA-a5VLY(0S2c100z+^~Q*q zx*4-ShG4T(;#g!?9l5+Fj9K=3(*(o)iJu(8)r*HJqG>Xr8D;lIWy#NUtnF&9Oyyo( zEp|I(5YSEvQ)gwAsdxF2qK(L|ql^wDZ5D(34U(lVH7zN7cXFuQm{~7vCb%;*43FUV z%6FBBDyS?}lY@6CSvK@-hE7}xliBj!YnD$SR!NB|#5kU8QBmo{WfK z-?Z1O?)et02^I>Ph{lZX@O{!%Awv&0#`USzyVPij$57Y-uuP z^4KmWlQZ4}#dy33d__4N62`l@Uf9&jDV1-PMQKKL3xJ2|5^D526CDo8Cp%!e6~v1j4P6!Pv=|FdO{4*s#1UDpfW+8&Txt0mhhUkg#EpI?u83{^XXhy6GOYk+!uK3HW| znQxSr2U#U8LyBsiMAr5G;oUOTpDLa>g`*v$+W(R_IP2J;oIhzf{VPZ#FznY8iUYk@*^%Knd=nD~xfnw5Z@Ndlp47d35c4AGDo=!{9F#9;q z7D)wh>egc?kEaQ39UAm2ufw+Zs@{wao1~M|c18nDtnkF6zvmav0BY$hO2~6z^`i}E z^DtYi%8RwYwL6fM-DEXd_~)kG%Sd_+SdCApU8PW5E>Hq6PybZ-ii)MBel@xHF|9%S zO~5DeSk0i>OWX3Ap-&k=n8Fndanv&FR}=+;BB8aH+=DN2&2EWk2Ge&Bz1oh*?N;C< z*p-vz2}`QUh^!@5wJ$3I_=kCUgjnd&I-1$KmZ%d%ujmokrxD?n~+HN*_&{RAX91la;=t@mYz9$a&3C$KEdQPnat(~ zMCOx$p`1nEzgHAH&45izlI9i{wVjh^ub5NSE3R`j z8CSZcjK1O0u}`i`N_=qAp;1S=q~?na+D<8vmX1+JfKV$!38H;3ooH%RSa@RZFcWEo>9l?8 z*T#UC4G`Gd1XQoHP5deHpnkPAj^%X!IHN9C;oz>GIO!4N(XSKfw7_9!|8&-5-_iG% zD+>7?MxQGEeiHjPRzBcO7z5gW;_TaE6+lB4yfAXkK{^y6iFtf{kmxI3pm4H9rE32p zlMdtU=7%7@2mW;|P1@T19MxJK$&vnU&pv3w_g~rE?@IdWRtE%b!81+e-f|B=CTAY_ z7iLo4acBqQ8e&tkJ4j{5Kl3N^zE=xpH&Axzp3Mr2UTrG@=aY}8&%K20i*4%=+K@pKv8XmVPcpn zD0O|CFWXC|PUSX&g zV5&UnrQ)|;Q8ntQ;yt+wU(*C5R~<~0*ni=CB^1kgy)rO;7y%scX3dO>Uh5e_%ao&1 zn9WB>eOH5dPlj}1sJ9zfRo&1+qhLaO$E3c#HNmCdQgG?*$DNa|>ryx68}5m7>a7!iNK*bUHY0f)n*uZ$K-E8*9y(308buO^Un|U}k2QbutHUTQ zXO0lXh5IuaN~_;Q8X*<9)`TO#^GbPDjl;b5@`&B3)pvfM|5OvxV6wS6U>Oa4+!Km= znK=_xQO6bSP{opDen(&Lu!x1pajA=stG=SlAp=ko?z%Nme^s$tDJlt$LYk)h+Ki&Z z)~X+sbw5rK`Wx5g2O(J0Kk{2(gH5=~ygt&%{+)<*FhIVIE@lADaLA1W&QmN#{?4F# zR_=>?CNFZ|_&sd~1SMThVqya-#}e9{AFCylVcCAJAoo~@8V49`p)>9>+!$}i3dD5p z&UDeqky{^mPolpg3xU;k!+DbNj;FAJQT9zPw>2PHt|A$&ZwQu=>oL1kY6Ff4TIC5w zz%>3LPd!#%Z6ZczYjP)HZF{LuECU01HJ3Qv*P?FyRsbyDkWnHc~E$o00bh@P`Ig-PF_+ zV)qR&3laYKJbjZ?0y3_T`D$X3HYE(F>Bmf$p`osXAV8 zU%L&-ZsO{ps5p*+3e(*P2svD#{)F#@#8QykY>~@)FAIfiVprC9dp3=v5w3T|2yOhm zpUSLCNYzJY!I3%n!sl2*o5&AE({pQr9u7G1Ai= z|CJ8;+|O<{ilvhW+(HUbFo#!Yho>^$m+r9_|IX1m%`F}RJ>&^BNf$^xR`|EXJD7+it^mE8pNOq(4(6A=AW;u*6KyKW>5ANjtp)5>!hi zEbodbvW}gRXr?@S5gwm#PkIX=X@ab)o?qR)xL)RE>7bu{$&fV(l&gA zYww(Z!OmECp9An}!C1);zrJT!*ox`M%U?ZMqT<$(=;+*lo6J;Mi{BlM8TAXVsu!fC zue&tEe(g&-9h^BvS^-5iwTLix#IG9F*s7!wxBc~s*0{V^d9!O^i)#`rAoR!#<6FM7 zf5`!ZQT}~6Vo9MpFmKZ&W0Pn}2wadT+KJ+-ksloU;^A?`HXo^Jm-Ln-ThQx;eyGAJ zOCcT}d+SwS9^_;=xAf|i&6c4~?Lou<+qOvRfV@u?m@ZhvwAi3_{GiEnrnI7Y@;>qZ zPs0dUgzsr}Ur3(LA30L&+R*5GmZ`QoQXRrny}Vut3_BdnWg1)twxM_HMKQIEhq^V# zHtI!<)O7{TQ9dWGoh26GrxG;E*i|RxAtk{=Y^5%x6uY7Y#lou+RTRt#8UH z%ureE#!v301(xouQmXvUkoV6jwBqo@H9)7G`V0$In*;niuE<@P+>90v=N1_;s6|=# z3F-_FWB=XCv>eL%v;^J#Rq*g(FH2^h(8@NQ*BsOMO~_nm9FNLkq$O6Bk0q%5E~!dQ zwFy#a?qN7PG2i!x*Rn-WE%3wQt6r=@D>7K-IGq!ZRP#XrSAo{1!v@} zZ~OWT)kCLB=0AK{RNR{UB;P%85Yeg*$$`EBw_QWN)&`f9c9&KQ#;1>WnH`LlM&=ik z|A{U{-F^4bl{fH)zg6ou6StMif$7^j-|wYPo#Ga_03(dPuM!Oo1-uP0?~*Y6xQVOb z`nzWzAYM0}=EmNn?oin^&M_C`hUP0pXASXe1MXjT4eFf?K`-WHDA2jmyIgL40j&*B z3B9Lv2f!OS^(gWE(ezzxOUACujMpooNMH#A0$&OOm`0CLDKmOQ>Gb`9R8H78&0Y27 z_`luP>1$+7Y^pcrJDP83o)WzC4$6`Mg!JsX&iXE3tQ60+?+dQU&*rPD3Hk0Q7Fyba zGk&Cs+ zUWETyiM5-pr5x7&9`f|-_~ki=H*FFmpc$%HI}xV8&?GwfT4+8%weZW7CB$_Fpciq;_$*L$fZWDeaYMF1)J zH8UlU@b`cFV*Udne7_5L$U}jXL=8lR<40uYs&=wNxma zKY-^BYZ_Av_^w@9fawg&^wOIMP)4=Xo_4s|ltxPVUEcZHB)R^}+e7hhXp8vCcGX;J zP_1zRQo^O0aA&KRM2B2@(3_xpj!+b?a?-K?tn_)C{=Phbvy>U0Aw_3OaqC}6nQ-_H zqSof<=`W?A+Yk@XoDBlp^ zl|-oCc`$vD)}$XH#!bq#a!F2(u5=rBjVQ26M)nM^ZGibs0O^m9Tu4 z{oZ0?`wTy5K7aGwHgG20^^wIV7F&lsyRWKS z#KX-OL@a_PYrfDMZdCrY1>=>dyxkM4lT8%qZ!{2XO!=%AzS;S}m`GpIqIqQjnp-d+O z1&`luGU`>NFb!JDF6&4800GY)zn}?9eWU&MSK{%~>8%6yI+8*KTAcBWRV&M(| z>O$ZRv2O~Iy+FF%vF54W&jKVCGqnX87b(d~3>_%12ZGKAyG2IWyMOCa@dVObcU{mM zq|=TjyX&wgol+Mp86326A+=#W*plvm^;{Wo4@m`WrMdD@&u#DC7X&75gg!fKaj$cW z_ubLm&04Cw()jjjP*bH>a#PEjIu-GKjTYyGoh*-;|5}KKh5zTtZ9JvOR(gp&8%Or! z<>fVT|F-~dDT`^m;g~$n7g7j=0Vg$zkR;3XLk(ngdX4-I_ow!?TQ8v7J#JCgSczPs zKyn3DWzYtqQZg;JawkFiy&s+@+|mv2fTwf5T9rDt8ZDFZCzHzqQ&kat57F4QsJS@8i>qlnjaRLNm= zqH_FU_>v@V;tgbQT`#HqjY<;hQ$JM$SH0t@$tl^&NQ>PSMTpRfVr7RmudS71be=pFmbj%2n38pxt&a0i?bUgb_Tzv0 z10Hal-r`6U(aeyr3dF}facQr$+uYKOz012R$s^$R5>tk)!#(fKpYf)1AI>kn zdg!Luu`Ew)!7c4{j0<;s6u7}}chnPGrY7(S_P8ZC50EkA?SV}uDb~?6akYz>OXPT` z^2)W;!!k2=RT6PlSj_!#c<&nEa#I*&$he;V+FEwZWuC#*NeETx(t5jWBK~2l|7D>Pzirq!^X?TA8BeWwX+>WP+L!UnQXOi_)T^=- zcOsQwNxS@(R7Z>{*hZPqKD^T4PJt3epO{3LQ=xgN*-Ls3CmPYEGQ2cV!GP47@3I3$ z{z5wc^7E@ttaV)Db*{wSmd48+oOp(!X6=!0D|Fg!>&s`k1fYs6&RVE74VQYiD5)Yb zR|F58ZvY*kNtko4{R1@@hROc4c|`|^82QAiB!2m%-(Ll?-1!;WuxP1e^k|}S4>}M; zLE9laQy&U{VwCAcFb#0?@Mr`6SS|NT&7NM2nvz>FJ?){}WUY&dy|Rn;BwM~iT!wue zuC}C;$J$-dhL7)oyFz2|+`G1_%%&5JK<-cMIV64vo9~cD{4Z)OYWkJ7;G8`&CU9MHSsm?{}|P_FC(C*0YF8DJ>>>8_(=AmTK@vsWheZi(5?1zC`ZBFcO)YIt3myT}D#N#w=`ayDr0qB|)j^hR;CkdZc)#&r1QBTOT17i+ZlXo#6v01J^iAJC25Fh zmMY0yH{tOZC;^QT*1G?Ni{V&46@F|te1v zgCaX+TU6D;_~Hh~J&W)?v%>zF&%H9w?%;$K$5XqPrF<)Q&F7dB)9gbjm+it%9ED>2 zP6;oD`i9-*G4Y~Z{wV3JaM>m3l@*!?HlE&o4`Uu0IJTl00J7+=Z!Q`wt3D#58Rx>_ zc|ksV24CXrqFuPSKdPd}r&UEgD2?%|tYC<(CR=VK&M9cWB2m2{%;f7R9X^50r(?Vp ze>|rFK~QUtOOL(SiZe^I@l*hE*nF-1qjHAlQ;6%+DD3hjg%>Y%$Cs<*o*UkLTzn2GskI_rD-BGsTG{i9d4AS+!ar;lnW6vWg>7r zs`nl?@VKseK?jp)>p|kRh~n7hFp46Dp;^_uvkF4MfdO#;R#1z>2NNKL(+I~XBNYgq z@~Yk3)GwvBUuNFVrcwP3_@H$s@&({p!k{DWuWH7i}Go!{-0V7iYK3AVO)X$1m3 z%043a-dSbuW&fHLo@g@WVIsMwQAO7DdCPQQsm8GOc3AYMw&Wo#kp@#9fNV`qp{kK< zk4g`JNU@ZJ)Yj$(CbrhH&=C>yFn%vJO;oeLQCo>Lq^~g<)2VMsnwR&mxJry!tV@|5 zJ9=i%&t0T%E*xf7r6t@VNOPJ#3H5rc#s^1CWtx2vwUJC+PbHYsl)EPIwY)stm&-3W zN1?rKA%*mL4)2k6G`IvbEY>3L{7{*Jb=g~gdie@^7y_i#o3004*mAVRTJ`#vJv=$t z=yX<-YqpN<FPZ^i~X=J?fAr1zs8p5 zEsNQ$fr0j&VRx2{;@ecph3h0;uNC_a64mYi%Db}y9m9(djyC;{`vn?pQGmDIT-dZd z5^oJzv|ZjX+=Wn=Ze2;Vi?_c2rxrkMsFv-5;7D(T)IGTKkVEL&y4sNoG})}_cm|bh zT>*d2(@Aqv%-lgjhddYG~z&VUzR^5_Hq0l=fO{Gx>x=8@sA@u>1eaj%Ll^IqCG zX>fPx8}(nQl`y!bTzoLrSukY~$k*(C!@m4R8ULnPf9Cw!S>}0Tv-u!L75C|(SXxRV zN?f{8+>&$0W^c-&Op)xH7F2!t8qR6dAL=^f?7TipCFl$L3ajY}pd83NT}9F18w87q ziA3?Nuy*usZ(6zCyVf7A_u2OTlux4U6WtrGk}@U&+5iI~cWi3XGZCBT`q9gKrmUHC zpnBV|zqRpuk%jxSXvnq3MsSJAimPzKpo-_+sZq{z&wa^R0yLgMgqHJ3`SWOL;EZi@ z-`5V<=gU|+gT}t!JEeKvcS|l)iH0KEn8lQBDKk&=I=C?R>a7H`1p8b=An56lClE^m zMW-B_W2rQV@11iOV9h#eC0AUo?X;obrAl~b#l8dfPBZS=P>^Q`7zyg((b(scUy6^X za9Fx)ma^Oft$V;~DOGJ4+5!j)J2*V}C)KT%*S)`t`m`-m3@YkV4C!nM?Id_B?_<() z*{+7U`D~>OQjxB2Q7$|>n?y?@?4BEamkQO7l3bba^o1De=et0Xvjfh5i7L^gU2p7+ zK*{66`rfdPx27G!x(rXokItN@Fpod#d)_O19q2#bu~a(^OUv^kbi0=LzS`idz0TZZ zw}2Y`d=id&F_LS{j!yugJBEU9QR?(k&A8a#Hi(Oel)*$_$i6yBIN!1SzVN2ncnN6u zMs-8W%sicdVstNa{k`dxG;g3VEe%a|1zSy*O!s__VaOzCxA_YoHb`&1EUT1mF_Uhp zn5fN9*IW8CWIo_fnT?{Ho|Qv3QiIQYh;5ZWD&8ur&s|xyR@k2C6+NbY9@6VKxttK4 zTu!Fkk5ozB-XQBsVo@8oe*Xz2vniTlAZ~F~=%bAyEA9RecV#3{`>9XrjL7=Ed5h~Q z4NXyW`&q!ZVFwRurHqTd6QVa*MKse6oZbx;a`DU=R++C7|H*(|UdE1A#O}Mirj zaxgUJc!Yt(^=ajFgaxR-4w+8)!O0@7q?V#E9i71I*PPLD##C#(@<*ft4q_tX4-YlS zx%wGeb!;g0EYDh%@klw})MY;Ny^~*FBn2G$2bsmW#3A{vuGCI z?izr>TCiF1nd)!rx0VEqGcR=<9!jFx8Yh9+YIL)N^4+(7fgHSczd$3{kskZ z4-^~gQx(-q10~_g?`yJE`N87IgIqQ}&2AYgrP=j!uM*rXmJP3pRWI!GuD%DR%o#%pp1%lY4X$j5^s;1D6-jwq4yglD6Auw#6a7|D|7h~|Ggq*Xlk0;ZlI5Ks`IV=&D0jd7J0>#2lWMqPO*U*)5L)4%nq-OB?L}QOY zhUUq*+MLq-*T&xrMjK_Oh z$MkUPhY#QHu>c`cj}ZbcVW92{;0^tLQF_{DukttDS)j_|M62=0+=T58P#6Y3*;Tc; z^>W#IroOz20NztjQtGcT82Cg*CGL8$`@_J+ytpVN;Z*9m#&U^LP*9NG{l;2U>@{b* z`T~K$y%}50qr+|M-f0re767*rUJ7!5A0=eP_(1XJ!B1RfyTO9eg=ARQCKGsR$E^Fm zBarCr_$95)Iw4GoVf7DoVrZC?m7Oi>?(Pl_&&kQ@#xt#{t5dO8yXITf+|7br@wdbp zOSm+IUF7j>9-7NV@#knZ3Sk%llnepUt=C0;+ByV|JHy{>H}lR>1Yp8(|5)WO)BLx; zR$pL^dO?6whvLhZvWm%Km2!SlGc)xpbQ~P=y}iB2RUXeA_lpzW|`h5KZR zZdnDE5%!{?zu?rVHl-Pm^^F9ZDj|ueBfowR4^#gskZFBMVLibXAui~U-`Uj(!2bI$ zOL?ZvQ*x`SA?L!@mBRuDjjPTqupaOgJY)9-SNmSx)k*r*n3{lUt#oU_Y+dCHg zE2u%p;+5E86&3GiCyq$={fB_&e|w+*c*A=agE&qtItexEV%Q3Ifl4%mH8Wzxf%<<^ zn*CoHZk7i|zj=Y@Sj+85f14IJnF1M^GOG$857V(QDbaq2r^vL6YTW<3DDi)~#eb>b zS@sMp&xPlm*8Mg`1fxF1c9{@aTlQV}e`l}1eHog9*AFA#v$B8aCI7E(;O|SqyBn}G z6Y~$G|AQ+5)5r(+-jVqWD%F40gZ=wg|8odIDBcXr*n+~syKw(;5f#9I8~p$3v;X~T z#1eqUX*+Bt`~TTMVOMP4{>@1LegzVvw3L-Lxc(;{KZK8s~wGlU$)JtMdw3fB!Gq>a1sh${)oJ# zEs#b{{{A;x|J#WP68a--d|EV0{UX|1U1)J^MJ9Z%h>BuCcZlc@0B=kOvp6z85TB9yk6HC2N4sI-j(Ijjiin*5+eG`3wYr^_)#Ziq z{)8^xKxe|8U92MxgN$PI_+NM%V-ufiGNuyT0m%5@{^#FKatyFC1h-7m<^T8p2bjSz zYCz)s|6S~VSQ?P+|9@uuAJ+K)%>pTxohw8c&(~DE9PfLe`&JV5sndR+Sh(xQzu7ha z`5^)5R>RMw#6OL(B!t&g?uNf<(g!-{F^t8^k0flA0q~K zefw9#eDJ&)el;Ajf46~9bFDR(eNBS+C5;hXpq$tdJ&engT2}8NF>mbmZxvl=({;cX zW>}MPw^HPV*=0BHXSPbWouLDNO=k$y>6X)QyQcn{qf-9(;h2s1U$)M%)H9pX5mtP(5uR`PP*qrVV& z0pvOR@~@68UT#23;tGQmD|olw&=upU8ms)W3*y^*1k>0!x9sq= z^6$gBmZy)J1%*HhZ|0-Nm>L7>^!5s0``-)WlastQviXdrt#8=NpK&Lv!Kva7^-+6> z1nEp1&AHp#La&ifa@Rn)rbkY>C^0M>qeAnIR_I&UN9hIgax`j1GCjh%6Y+YMS(~%m zl!a4rcP*AP5mi4%MikWId#+DK3Q7voZt^S_pDT?8T1<|{JxvbU8jIE3;O&XNm;cIF zvM?(QN{(+iuas{7+)c!$!wz>BI9u#$HLS*+T5*`eA;vntv72X^&8iNP9tL?@sffP@a?<_9q%U8NdKumCZc`(CEJ0mdftyO{_YD?jv(A9 z+heA&?ufN=0bh!gR9bkC7x$c;m^g}poB?QnjXZ@)$PqbxAh64!4k;)3$a?L@zJ_#P z3)lseHb<(?r}2#R)<$(&dp3Byi{K%j_e4EVfgMvrGbVzmd#*)Qo-`#XV=Iki-kLE* z-+%y|z2Cg@B-4L7*`)cR=arP?3=T^44-8~RVlbm9tz;maRN?dS@x8;x7Y76(CxHUl z*T~4{Rg|gJ2&bC(gjYMtSig~=K6B%Xt(`iNd@DW$pYc{mL&Z!J7|Rn5nIT2L=x=Ap zYaT5R&(PA_3kLB_H*tDvFz#>9TLWa7XT$OMr~H|<9Rs+l*xnK4$#7q^Ja0TIs41ph z*O)2uxE|)LEMgBm*6lOhIV|0~a#h%NRUzz6{=iA>A{cqQ2Z-?g>7V4~gfSZjNlAHp za5dFEjraS}L_RvS)3Pb2cP@@PYL}{QSN2v6;-40R+h21Vc5(3k7j_K^AhtvdVo*i`aDxYE73ak1I33#e)^g8Aw`(=m{ zLjO6jcp$6y-lH$w0HI)LeX5)939UJ4Vx9kSmq=dDSiv+;tbM!((Y-P=>8X}FmHdN> z6Q}P;6kToXM5y<#i|gRNXgNV8|Q3GY4L z4z_oDf}yJpABsg^VWp~63P&uFxr>tXSrOwt5sp4Xs=;RB12yRggKl1{5^L*q>{?$s z+RB`dFDsfcnb$p!l>gP|lkt82J8QiGKh3!~jY_w!SwaR2Xib{OpH^C|YA^sftO|7R zIF$EYLL&5YEHWZ1J8DE&SeSyUs_5j-Q`jrbWR>bl^=%7>WbtO4^Pk z-Hcgfl__~;&G$#hnK`9AA(tIT$@?C(u1gDLhI$Q-;1XD`vw=O*8t%-|d zZ+g>(S@>FwkRGb;91 zg!oSO1X5oa??$Myk$CDrJB0j3!xnoRS~ObplIJT$m#R`$?MI+nJG0*$U!gAPVrR!L zkjvSIT{fcQE3I-xvQ?_*q|&(G;&VNEIA;9)mU` zK2ToJqxI{7sgy-{g6MSk9U-AqaBy&RVq)Qu-o@@%nb!`9!bnR&UEM3~KBYF_7Ts74 z|L4S?=7v9LNy-d5br?qq!e3ua7#_bBN17h|T}Xdao-|J7qg0V^XEG1#ShybO4Zdm( zW#>ThUSW0z62BS_g|!>2wgtsj<$1)|;83Db4x~uE`LM@8X5;CYO$VdtPI{_ez27X} zIKuzwr*|a6+o?=voKen1xWs{%xW5}?WyxT+hD)v~IU&^$o_hJfRGWVu%TuT+PbLr2 zqiN!Xj@U2wTm6nv9kEo3QMVP{?WVOF`EV}0ALl{u4=-q3qTWTh7*V(~IS}k$xAvGL zr|^5HGP(Kw(IuhfjHyY=#V6LRrOv~FDafG)r{yj){zPiO&iG8*WbkMF;*&^mK|=r~ zyFx|8_&S1`VzP3@ii9)HJ2Z)z!5cbAL~2Ixi)^leT6ezGN<}UMEa_=!Jo|917R78S zl92w&y>e8#DUJD>YrBr=(5{QKnOf6!p&z8}9CNvKHxBOvUa;vM4%z29mu8x~s(l52 z_FUb_FJgf|`2_1E5bY|c@)Br>$Od!9*HBY_S%`4W?Zx9Rae%{TbP=A#ZEoi8E6&TD!})AvGQTy3KqlPI z_ei}U&*Lk4y?1ZLQF4$GdPYT_3^BV`tN>qb%#I4#1Ru=sNhJRHo-MFBX=&k5JtB5C z!Nb=d7zCA_RA@FhuzPoea_ey3-Hor<@K!3O3j=5}C-CCh6BD_pn#&tR_SSx4QKDeY zN%~f(#Lvm1g?w@r9q9wN`)@ov=fP+}ag2n7gfCye{%mk`kd*nj1!&rD#$9e3nvGDF zSfj5+7ksCVt8egB-WN(479|F9vK&?u6B87ytiLB+Cj3{zHg`nP){-A4U1%JjOOQBy z?N2rSb#8c?`sSouf zFyL=5>)&EkEO6Y8F4A~-Z44IYgVmOX#O9`XJmdO5Mp?iV&Ycne_4KxPgdw@PgCfN3 zX0V`B*Sitj8Vso?q)DlW&MnZohQT`$Xkp8*40sO^Xbz zzK%=xofKCNb?y5wTkzFb7(;4}Ed@S7ioj0TGsESvBS}*y2`v%{|3cY4c`bEU0YQlW z#7=Wv?A4Z~l5AE{IdDO&wudWUs!P|q?Bu*)g9ac@(k0%%8x|}j!kzCis>0tGxqVUMJ!XlqOp3GZ})ql+3T zsLMNdL@G0}xi1SjP-vo952IMX8ngkkce=N<`>IBPlopY!ce6e9N@4U6Q}=>$i~EeB zC!cs3k-IT3P8B4&_HhbAskT**oDM=-y{V#G373QLfGej~)Za%` zKCj&9S01bI)nxxUP5C%36#y~CP}>CO(UHedAw9zIlnm#Y4e zPXHhN#$KF)t0hB*2wb^?*BIs)Xv&WG5*;U)RWuej*=Lf0j;Cq|K;H!>oJ2l8&iXp0 z2-1&Hh|rLbkS~mk(FFwsfHNyqI79GGt|ch9b6!PK@@-d7Pt+mNOV|(SXmMqLJ3C)b zz7v7SO2*2rO)!-^z6s^`!8i{dm}_k041&HRCKsR4he%QK*&@Fr#2NMZo&UDNx$O*2 z2)@HpYi0@FQChx-)?(A>q0X#IY1bi4$TytgB^%vlt?^?Z?NMz-jh~}Y>BN~B+wHkB zQL<)18UcN5!AZRelIxGE({D2yZ{$>S9{nx`t08F$SY){;|NspN&U1Rp1a_GNi+i-ttAG_0Ua z>kO{z(gVeQPOcxdaL3IuRJq(LXYisl)#4m^?w+U_)|O7VqjrPUV`bA?+8>RZvZG%qxEm!J3T z0uhd({J`@r*{4+}rLJx>;K{y+)od-f+*kQcM0TA_R5pi8Pwkt_fI4tM=PZ_~Mi;Hw z+SO2Gik105-PF3$K;ZbsDObm!pHqlW647;PY!Nd>ZpJT^=myJlWx61&TA+P>oqwUc zQS7OjLkx~n@{nn_TkbIvyAw6yrwad0>Dl$8MmCUn$esfJ6Z=O|C&4c}>p6|s;?9(s zvAS%c0tA#7(uf&ObcZHnjq-acK-bmT&tCT}7PLWJt}x=L3S)NgYsu~%o@(If|4_<8c(K$tCIpY-rj=54-fmK3^oKexU%VhQ^0 z*Uw1ITT|nh17|K?Rmfrc*!;Dpp~k{%NRA&rZnq`g_8mo#cTL<7t{Kh|Z8SK(o0Mfu z#Pr-RVzk)4z(07sHv>{sXe|*@K;s+o>LhMBh!#ks(--7C-`i=zVze@f=eAQCT-ScS zDgP48_Em|G|eCT>P34w_#REPHfhsYM{5eAqfORS(eM++2GmUq zYA|vqVL)L%DE)>y4f6F;X^6LO7p!vL$W;rRDaT3@&wWUyIc3F$DVn{jrmexBc7suz zi5+|TuCC$pnf9bv`xK*i`H4nxIyNz8FO@mOP^xjFB!;kZu<@fVgbs&?kE#~bq4ZPY z6<_)xjAegb;cihmOZ~&oFAmBII5wb&F~gdDy&^hx&J@89%C^a#s|Rs=nQ;bglQkDM z#}!8PnsyEc5|N)_z*)Zu88e<46Br+CUn7N2QhxzeUYHc*nc$YOyKjDlU^E7k@ari$ zEC!YwzCN+3%a{t*f&0tLMf{;$k{i(w>7n)*8{gHSsrnh&a`uSzH)T9eVB|gn94cEI4%XSlS{4UaI~YA-pchD$P;B5 z@wD(!vD-aZFg|YL&w<>?cmfkstTgkT?!65f7M#$_AJ>YWZI5V1mP(>)lY4Aj&|?TB zcRL_m_ zS*G*bhXyTZw5;9WFdf%Rsy`{RQFvJWjLg?lZ*xxJv37>#y7i+UZEsftSMgy51dKiu zHbiT}%p>P!1_MR91@#H*1)qN3eTKZv~i`;8tgAFpQWGn7L6R}r&K^fbV z(RE1;lssU)v=N6=2N{u~KdO7ke~rBlZb6zl7w|+n!`)rU%_Y24&oB2V^7Sf3Ykgc% z4!`7C zY>XSQM(%fIcl3W4pco)0NrF(%4C zz&BHMuK6kSmUVy@?RK=$ULLF>O)rUOQy&jU2!Uhc6R?FoUw93*U{a7zU!>d^ql6KD z4J%1G_4}T#ZurFPdKN|HfSzX4!gQ&)m=kxC`J};aum#Ozt8_K~?vtk~|3yW3IG|Qxn=+;MUzH57x zZYABf;LUL6HzGvhami0kA>krfn6A>Nbqy=E?&)y^^Jbia{$#rg$3-`|8kxs^S{)-R zVVo47TMJ&JbK+@k-BlthJNX9nKHIkyGJ19m*tcc1%q~Vi9Oegz2r&xlNwAUqNvxxZ zYrbc_wIEQkN;SgZuV|Gnq5;~hA_5(2(SF)+UwW(WN32~t59l=Z)3C{i;=C;hES zSXpp+N`yP`HRO)^pwn@OqzqCgg*h%-x><)RQASsCy@6T4qi(1%5G77l)LW2IDD8J6 zeyG|)ni+lmbIYB@bQ45>{a1>ZE8l%KG- zw>L_cHAxZXfsXE&l*UNNjntwiGZT}^u~AIxu$&k9sn~Dwt?ba~7?8Lo2Kinj5TP8R z|2!8gnyhyE3F>V|(;yvv67H;aWF5jXw%(XGl^OnlYs4ZOLtCl*e5szoeL@+Na{`v* zsbSAO%OiL!EA(le*UDjLLQks_G~`#+dg|0o>Ku?Z+{vzPcE`Q{Xh2<>s5>V;r8taz z5!%jSsNQs=wbdA9J7%wt`WSNZB#SZpF0x>zGFbWbd&s>tkK#eH1WMp zWFnf{TG^a-LF=C4}?`h(QxAXX)mRw+*+JB0`D4%V?w_t=GA2gI#V6X zBG?lZs$x{c%)Dpu+#0w@@jsyrrD?eo!|mq}I_@s2a-5;NNWG@pY@u1eCa?{0oX{iE zGW^_#e1e+wkxM$AJHO+?OyGwqih7#caFL}tKJrY95m}>nsMLmIwi)fFLi~Qi>xSpB zJ@f1m6~TC#7VXmvMWU^SNVKJ}gKtOzopQhGzJ-Q~j1{fnPGs?;Gb7?(BBKUpv}RVZ z>rcy=|5=r-HYCK-u9cskx=7cO8RueI2W6EX=GKi(-HB+xoTLP-RdceAi6+9c^vNoT z@_fgMDFMM9bR3jx$%{Bn2E}7eJT9A9cMTA#jR38*6*_S$5G*D5nlWMdPVr&8X=<53(fsF6}r??vO>>c%IcrW#BioXfU#?DvZiHQF5Tgg{kx> z$JF{AhOUS<4a3&~gs%7Ax6y8pQ9?u`PF|d@0?U2i=TH;_k=7)A9<2#z-RDbkF%j_% zy!R9*pQ683Ip=Ygo>O>x{*q)=i#~r@u_z?GpLB=|hL!vHl;0BVj{*`g<|X(|)aBN_ z-?yNFxn%#(sGru43I7Dv48ZwcT9K}xK(@x*ZI)N+<0qRacLSpf9a*N83MA4YX%M!!yl< zyZ49?4`#FK>q<2v$LOuUtk=d(zZ)f$*LZ&4K$|O6i}FPhVyN%|=zYF1npyV?3v*xF ziYgmlXwFg9Y_8Z$(}W5&iHDV~t0=E-^U?ZyFd;duAyMjbSU@>M3oAucmN(VP1f5qb zl}H!9G{uNk?asyt&SHq6>7oDol-*8N{8VK$4bgH7v9c3Z(SFZ33lbv}O9jVNp-D%I zKb{weEio^PBu@7z2pP!Ziy$yL_DVGG^-{wUI@q8IP?N{*DxjUt4OONXl`jfl2`W~T zU2Ho!mFMXsW5>x?MKr74z0>@9O2`#a)Z46ef93et@X2OE=-GQX)tTk_vE~5|%rP(R z0rK-O0(%Ve%epXwZWl0JnQgwgE%=wpi)mq8~SyujRvJOviJ#ye-ZLBH1 zg7lB2+JhM6z^wOGt&O3((4pSw1Ld$xA|VZchlmJn)w|A(`3_IdL|lqVYO*0Os~3q3 zJd)7-APz3HD{r8TH4~>&hs8>7lT9dGln>Mt=qqosV3wzT5pFbdF3wV`GQQAg^=;|- zPNBJ_iFXMz@C0Om!*xDa{i)p!tAy*`rcTkqzuaYogtF8UePf{9dK*UdTPKjxdI7um zkywu?f^Hx))iIH}EJVdpjxOqp*c6MK3U%LaNzpL^bWzRm=f9piWZO1N zdDBu`m7?qOm|s;Qs*bXAy8bIaowHnU3mC?HcM@mV+7DEFjQ z;@W_8ylzZLSILOkJkvv33p&6JcFk++2n5lB2Orm9)RA!$k9~^SHZs zT~V^sU>`dSy`G)@Qt+)_4XfpPrt)N%zVp1ui%KeJ%p=w$cHy|{@&yD`{brEzXBJQgodD#trNI!Mw5 zoz+b7qq&ch@z{IGFyp`S{L~ox`8l}m#7fztZ94XD&!z%n$On?2S^5ne^;Y~_Fe1rc zc)|6<&8ikvBl9ry+O%~!P5&?0DiBP8#_Ll$)IGsYO4Hh# z*gkUC&2Jj$>9q~Qot27HM+hFdPM&qrEfMhvk%G8^HKrv)Jt*9PC7kE7nuwPD9VDmu zs1;sCKmFan)y6iJPb;Xjdfu98v}aMU^*bw^2XJ`vW|2Ts<7Z5k8erT$;XinQ4%@seD}^wy&jfu5AU4Lrd;}H)r4uEm^!4Sxcx=If_fE8j`I>Pwg_tk9 z?{O}(z&w4UG!Ib9qFiL|`BKU7=rhWoI3E_e-Sny4^|A{Zn4y64wp!QaZ?52tiErWZ zZq;(Z30Y4c2%#Rfs@_YQl1KRIk|zO(BeW!+>O|ALXqG_(BcCWkp}2+y6b|AZ#k9lV zEhvia?=^oce+C}+++K=!^J1J*tH#qo2q2YlKyvGpP1 z7c;GOS0z8o{;t9z@gypxE(KhZ>Y(k&$VkSx>aDGZzkdB{IFUNTJ7A9OV*djPW411S<>sc}bxnR%XbGhD4L*tvct@Al)B6@;x&_XR zCl@uj53dJ)LQqG7h8pBthE1|mI)81K$9cc*D(L4gjCn^6>#{g)>PQON`?=R~GDQs= z9si@Iy_$5Ry3JWMD*gO2z?Pmk>Id4@5FVZdkTG)jTtT(Ka2J1*?@SGf;+>)OX!t3G zNWE|oA44p$K67-(_q>~mw-Ohr>n2*&LG06HL5(7_mSn>Mj6fklrR2UNw1=^_5QDtE zHO$RJwr}3HYr6Epf~TgzX_%sRZy}b-D9OG_E6yOnoP~L6ET^euPZUSGc}C1R7o&?` zlNdr5P3-9=G~++sQ;a)M&3J2d_xqp-NCjquVTrSZkSqiAzCZY0*=OSGLM@7p3%@RW z?wsU!stb#a{`ur{Cgs)cI$P|xddy~x2i7e->YbtZCpr&W=G4hmDUe0HvfnOL1raLn z;eA_4f7p+$E9mZ&l_itV-hu5(lgTzRqiZW8my}Yp0~glqS9N^=(ikJ2Plb5XygHsB zH4MFvY7WQxbNv%PuSV_0<{Xhqdphic&h^J>rM2Wq^7eWPP{$r}iUxTU`jNkJjp5aX zBB=Q6y}uL5D4G@A(wgNop-^g&5hz!kZ#cas!T4Z09K^^F9uYx!Gi?bu->KKJB1^t+ z1Nb17HI(ZM@5bDu5qoP>7g`3!{T=AbpO59EJ}4;;VmqbQqAdq+P0E0+@TnNgc5|#4 z2&Vmk*u&vZ>~V+d_2kQYkAcRQ7<3?jMn1j$@bJK>T)D2L1Z#5^g}(IK09n zXwCR0>|09$BfrkU_M-c;hMPF{QgYwKa(t1Vi;09cA~JsUIOr*$!o_0>$ECdSV&aXf zn{QuMgH}11D$3PmS;>Z+m|=lTB$4+02Medta&re6Lr9@azu~gt*J1W3*I^>#7D5UJ zGZ{w1L<(n>@%Kai=HRrnikc*vZFBle5+yBce2w7{IF?&uD78Me`2?Js?xp48DDnqv zB-G&aW%wUm;l7_`{i}Xx53@Hth`t)J-+iL}^unF1HL#&eQ~ouXIdD0IGO!|B*u^IFJcBSKIZSP2odM_~{Aqpf>i zjfgnQr_iUz<=czt2e)d@l&9Lz19apf%AoA2<|Uzg$x_t-IN|YPoJIk<xf| z?|dYVVp&3R;51Qy#YXH2co9BQzIIsbcH3h@VZZH#h?j!Fzh1oEEGl|2IA?OvKWN|J zX-gj_#&A6?Gu#eI+%`0Y3N6o*R~71^-JGMUeu76)aMlrf9bC2&Lkv$y$Vw9*yEL2H zoIDZeQQtt<$>h8U#DUYmT@=w)u9*Q=x;>rt@M|A;9d+c%!_{A4TI<=LQuy}^8!mzip z2~qKfebidfs!++C`;vm!;zXa&@Z-fm@_`e_hnH$loFbP*LHJAuj9W6?=mpa)LF(b; z*_B1H@RYGOF$I+m>YKqfKfh}%IHX@>eRSoZEa)OTN7vjnvbW*Lnh^+e5Y?44x5`j* zat)^k$25`iqzu8R-1~~D`a>=$>1|ms=0Crj&_5vcn2+$qzU!yA8S$9MleG~uA=%lJ@0(YG6xnTR zE#LIHL)}*Qt@f-+Q*!E~zu4%7z*DlZUQH>L|=|CZr z1?qm=Bnrh>=|#wC zmh*h?rF(6qkA5RxdwM^hA#&idwrG!+Votkm+~@tw!Qrh{zCD66e23qsCvp1YY9%H) zM!3NZp!O_oOwHL2aIJZZQZPf9Ldm02yEf+hsRJG-8YLbR=zQ{1ua!paedFFIVi9A& z9-`g!w12OnUD%A@Y2^FGSR7%Y_sY9JgU?J;mU{Hww5Hl&xh=RYVQRT@WkFo=Ee#Q| zma3)*rdz#@tG!A2Or2=(;$BFPTWNi;3QvfSZ;DN%V1ZHOJhWeq@CXB zv@o}~XFOVINyWgxxUg4@E7vS2!kF?843q~7-IZDp53{%xr39RG_oQG!k-}$`zfvYM z_vxo29DoBh{QHY_4sIoz^kp!g*5W+FA`eA8$!tYxoxSWjt7=G}$8Fyel$ES4+Z(*Q zTC?%x)mjPs2BbvgS-ws4TLxudHWUMGY{73WZZD&@7$H{PK@-;>u2x0n!J;GZZly2p zrO~Xzh^gr47er%I%QA_Y`s8;L@)30Ty_uxc3A^n+Eu_LI@}Nu;;=KI13mY*yo$_(_ z*~=F4Ok_5&X%P#sXB?^{rm;xi|3p8$t%@+22*Wz*SH!M*%bJHzcBMnQm{N5?!(5ll zcME3n!GUk9+8!-!9xb++gpT{w1nEE)wiA@GTgMF-pi(pyCL-pg>&<-Vu=q+j#&Ujh z5V84mCuDDl2s)DyLS=h-pD#c?f8rf~Vkr~x?N8p_MOO&?TW@eRzDj?i=VGs2`11Z4 zp@mZbea(ikXhy$SO8dd;DFnx!aDClLpauBCmmv6;XvPRIuUyX3A3}c&pQu=zlRe2i zeuQMk5W_UIJSBZ6(wLNAPaDy_vc1Q&=XNz~Jb{zilN!{e* zYbzJCznK&9`B^sbtp;!1&ex(T>KogBUE=ttYN1Ah|K=Lag${IlXb(w=d2m^ORwUin z&5rR`{6-4YNpQ06=LW9K^)y=<5Q#?d)ZTPj4NL;HSTB)@1N_xMl>&L35}#iEnCw0 z^Lfw=a|qs$^J$5_>iU!%MOpk?={;xDaUc2c*i3S<3U?jb0NvipMR+WJpLTF_7YRyt(0}*pp)adk$;5=5^7k^EaC$8 zH-!m+QaiBT_+seM?YkbAx}fRyoZr(tfDaptLJEs#&y4^=4EW*v=c@S7W0v^P+pm^#}Re z+s5HBz&HJOOF4~d^RhY>AkzWuZ0(svRK^u9kB+d{4H45YK+Tm5;= zR$%?LI6e`#L#%4zyVcw(4JPA;_m0a#zkQ2-i+>UHt+v}tBJMJnt9?%~MTA(%b<0hN z6hFs^t{M?At^~l-NrL}lWkKHNp%7;&>LJm*;^L{IQ8-vw855KI&p$EC6USnTHse^) zmqh_5G4>$KTtp;DE3RN+)-gD$f}~6y`vQn|^0Ko0OifLzibxv4VPV;eiyCLw*E45g zKATR0yGDyd(}0K27{MF(Zl#`{cN>(~1QC?w)7;}u86s<0p)c4iz7(vASgOw}BP$Ir zdE6&%>R}k5K_F60$yA*_$E?A76=rDWwlchzS?}vmI}G0u)xaa9vDg*(AVJ*9^IPaG zXOxn8a^a~;)f1>Dz=^_wqfDTd6$k&9z!D}x{osIcc8}sOHODpDCJ#Ma&u3n2yif8{ zkK8m%yFN;EtKDMqc1=&UjGzcH(%ZS$2ab=u zbWj>vBY9mnIcuHY#pY^B*(Xxe%Ur!p!_dTkY5}xEf@JJYeU@H_^Z7uo6Vtq8niSuf zv(+><$mmr+kHSATFUJT5$4R@Xj2P9ESngS+T*81ctVScnsLu1V=tpSn2F{XA?t2tV z_jaO)!0)$kk$_z43)pZh??h>_v{XlBW1gGxu!?z(B zNB-3fKdnHPVD$ywly^a+^+=%-NZHzR1HOKsE|PxoKs{;vGd1p?A|B;3lkDVD%;@vp zFT$lccrU#v!<3IdU>k7UL#|$a+Rea+rS^Av#Prz>i|6{VjGuJ}-@y<>wL;vkl9oHH zh`vHlV4lTo3DkXMs`tKzAqW8iV}gC_^m5|Sbj0^?wz?o%9v*GXQBm?v%4Ec409lw~ z3yylwO_uVr2RJb=H3305!)mEB+ykYpP;t>X*Uo}u#4~+$AHYq_%4gMMEBfONn!^y- zdPvGTMA2gJ&E7OsUPih3Pq^V+Wj!ZPg^{R6=kg1Q`p!w%Vy$3{Zy=iqf-0Fam!e$5 zE+?7GeXFs*)1@f*({oGc^!FBCEaSu)$Rk1W)dy*f6j?1cKX~w-NkBAYHQP(zBxuhS zl4A!F?y$iq7^&|T1|-nPON+M1<7x2wicCgh&?FXHcu zm)D5BkGgZ)BNzO>ZWYzcj$Niyvlz=4LRB zm2$vy?T~~iz<)cIk9s*|bX0aXg;k(3E%(g6dc##S+o?O7lk}na(yYmBeVTQ2rM_CD z>BV39(X_XSd8jjTF*eP~-?$^mFW4BecxZ<{2?gdAyhV{f$S3jlkEe{DW|sGed33V7 zWvpOc_|%Mv<7bVYw_81e(US|RbG%XuYtJPd^Oh=oPEJO++hKnxzLu=9vy!l-;Y{xK zKH*&kPoTnCZRi>Mgi3KScJwKiu#5KVA0M?`qxHmHYW8_QAlfSd;iuCyDcHl?%Lz?} zpB;TdQBl!kdOOR2q{z(Fw8F$fih5KuVe=O;_I_5;1>0|5nc5)Ko z7^Jsv$!KKncoQKlz0X7NU%>p=bvaAjINk4o*ku-S3jXZyC-|`-1ULW%ush zNGad#>Q?vuMUy4Aeh15Zq~1$wVpol~X>z>TRs+?JZHN3m5pcce_BSURDF@GI8YlD! zl6I_96iqplEY<=QCk`qz%ZJsR#JbPi`L72ar;^iPLC4X1yDnXL*79}(X;DF_x#7(@ znNCPY2rtogbzonsd@)GUF|tzmG6=_GDTE#qN>?q#57iME)o?-z6?>aW?8rmSH=Ig_ za0I>)Od>A{Q+%(7W?sNby$}m*`-QU$|9SmEOQ&CbTXmUGxaQVZAp2ym?33fpNi^53 z#$(zRtQ-MY8S8`dfJJHSLk7u=nyC=1xv7SmVI}r;-qtvz|Bt<|jEb{c)=UUVAS7sj z;O&`vr`!j!TR zs&?(Fr=Hq)0s|$9yx#gK&EC~ED?JcmRAu{^`RK68V8Jwbd>|yFv zt4kNgDg@~nFucJHUl9-%(rL}&xcCC7PJPXLg>v(1N>aHX9dzTbN&YiyLcbckygPou zKFk(cP1R8K#}fs;QxHIsCGcw0OsW%EHneSt2$nCLL6f{<#c-)c>|-qV#B6`j)j004^AntAbr-;EWG*4e& z!EDO>wp5*|uIAi8+|v>+eLdY0g}DTXwNf<#5wW9Zd+4@<=bcL*V0`tfyhjAyWl@aW zP3MrP`*zJ1JA9VzSD|$)y7}eLv@N53 z<%sEgYGUIGYVKx*w9jNd43%;Su9hntfm<65*=?YGCtY>d`kxjp4C^a2eNWXF~ zhan@cw~=ge!;jB>=8h<2PzaVzO2j45bfXtoW1reu2;;DFmW;_6C#c z(o?EwSMxvw)e=uebc7Xr+#9{w6+%H0DEiP>>(5$MgKDqw#XLJUzPX1VyPq!e!lD)O zxhr}6$o53KQ|9?qQ{YKM>#NBdrkr7|>B0A}GRbe$Oacj3@j@7bZr_zRg3PE*cp6(k_hnGhyymy@*{DAw>O4`!V zWKx?1Bj{4I%cPHBML!_{!By_w(wdb&>ANwTSX}=I2kefT~IJ z+#ghB(+3Z94#9&*nF$WNV|R;c+Y$QKO!;^1vPKaBcb*YQ=5`*{*aKhMQM=F0u`3A5 zrqDZyWIaro0R0$cmbh};@&ocxClL=HHo^+;+#RVSYM5}*D{YNl!{ov>ILHN-&z_DS zC%gA>KB@Rms${*ZKBc=-R0NNky!TWPq^;K z^B_0O8o{W^`aV>^qfLZewH_Rp$?0I@;7DI!#AcosZ;AU-x&48mhKm#l^u?2CVFRyVm?9+<|S9Zx0MhSNRUy@0UFeMxM}S=y*ae%J9s4*1ptZ z<1m4z>}>TUXd=w)Ee?Y-WYLjaL|vI{^*vEhsPF5S*Cg&A4cJW*)BDUx_(EBjNm^Ey zywskh(%S1In|2yQUs^8oZW64UD)SKCU?__;;0(H*e3w{K`CS!60e|uSidR8;N_YFq z$|x1ZlnXEIrQda8Dm&XY0KjG>L{1U>W@0VQ{Zz+}14Hjf1_>p|cdBcT3 zL`>@AVAN#us^(!lPu#$VOli8NvDt8fk#%7ge!(P$6J25cc!iwdG()YlCz|q zwk;#5(`LZvBW9Ap91ogegu&P?cX#^-tI+|Q5#_L3a=qxFx^Svx zoDdFkESsnssW4lZ?3)5K+1nRM*9*| z87G$ejU<%URz$bm11C#n6i3@qTPh!e2BTg^a`Uu9*QQf~ z8~M=MxOBVaDxgk!hp&^UD(9A16lTb(d6_$HaC)VYiOVH07~bFlF77;J2DCP5K>O<@ zlh!c8>xN!J46x#liHqDUw#h3VS6@Y%S#~^!4$#)-JT9y+=Y#obtp2 zHEL&EmFKlXPOLA?%%1Pa$JXhBV#j5hpnhF@6Yb*2-(t51xrF7+^X2dU+(YCyN@z(;oGZ{KA`Rh-dd$FmcKVLv z0e^d=vp%Jq+78}h?@Aj7Rh)bT#r{QY+-%hoe&_;iyZ5}p$(NShfVhHju3ap;q^9A& zpMe=@W(J#?ETNcnQS^av*#KfVfa$nAXT5vzMduG2m$Xqe(;cH`_)=X;%;9mhpSAhw zZtq0~P*FW2y1R;trieQEa*%jUPRwF^aP#s=Ob7B!3*uT3#9)H>!!w$|(sm{Ofgg9U zIYNV(LeN8apn^z%|Fu7*hc9Y1#@T+n_!#!~t>7`AF0vEWID^s|57zn+H&mdVMg1Ej zmj|{XQu{-%ZO4vsqwKVbzQLmPz6daf@bw>uP*^C?ev45J-ZnQk_q*D`%3?O`pI*r4 z^Gx*FAy!zy87ySacGFlVxR{j962p5cq=%{qzr$x`X7)q#ec5npJ0BMGN3+~o#`A(V z1@9O1fW@OFb@j{KO{>?VdY=+L$^OZ6*l;iIyrWet64wqyXxb|BuXIeL1SVnEC-L0! zNRzyInKq1VQ=$NG5jU>J3<9bNNQ0NOG_VF9vSv)J)Dgy!*@Bf97=UcflSgJme3KcJ zkjM>i^^uIB*TknkD$r~I9dEF??5c0$CRq7M=XE2`-0WVwlsv#xFZh(p6n5yUEqqP( zc>gf9=E&Nf61(xvmVxZ)_#-^rE3Gk8G^AVTBG$~63~v~zsJ1L(1ZErJFQ)osm)e|s z5viI}oX88mhdqdXUb-p2La7}<#ksyPBVBm`ckTJ9!Cz_XKCMvGCPQ%3=6?D$Q{8d9 z29VsEmxU(^)Um_R<~*>yGruI6->zjuV!nK0j#9q?7RAE6WTDioM3EvApU;LA$dTk} z)U-qEP|U{~La529N6IR~50W{;dqrjI#VI=Rv?p6{!ebVBlrx5ln0C2_SpKF9eq&PI z)F(;DC3HQp8+4SUv5efOdhSo-cqi|`#zfIaKjwlrgr))VAQEXT#wleCo#x1*D)3A1 zsw>^b(}q}ei<=L2$(D4#`N0>{;C;UA#ST;HRJz+Wm-#|l%Q-#k+1#yx58N??T_!Zz z4w<=mmnNPnZP)M1N!#q!+qFV>RMK{*TsuzrV?F^j+Va4OJiRF=KUQx~@>6)}C(>GM z<~{k-YY3-|Iy$5Nh7aJvg)^5Uhqrx;|uZfdJze4_gfUgD_vlXr0W- z(>)S)XKL{P>h-5B=oVA*062fQwCMn`_2y%WE~C$q_VNibQ+y|>{c6)WGe0UQj2}qY zM!R_#PcAG;*QuKKNcV+ z7}LPX?6v(Rw?0i5*p6hdYda@dVG1Jq4kGy}5-yno~?7#?}M$?QuT3C~K`jrY! zM6ZK3aQztHk9n5WTJA=BRK0V?sAK3#vT${eTcPZS_v&gfNbhagURyw(@U?Q@O;cSH zY79QqTP1zf=w~)<^t%=uni8@3%Q9YNUFoIcijs6Us|yjBCY+BW_7`XpPDV`}};HQ4db$ zKih7eSe~M~tnJRi>U+5kJrIz#w(_TG*bWxD-VZ$*0y~3dCN!#B)2*43>#w70YpAJ5 zH=wFH&I*ap+|Ow3Cc2{`c#9_1gr6CvQilO-+*Qrf9u5Lv?TUl2^6S`FMZBZ7t+p;r zFl4atd~f0sKt*Q|Mwo|yuMgKU*i7(DPnb+yVN+o59g>_|=H5gek9wpKfFa6PCr@={ zoII~A?Boz3gKcBcOij3N@D&pd;S=JC$^3vO=7%LWbhI5wQ9i!?NGC(UDXbK&fdCk- zru=IC?e)j`uioY2%I003zoiBnJMsy>WSfIKgn@e;Ztjq!oBg=4*O> zZRF8mIq=x!75(Dr`%*}G^IZ7$X{F?wQ#ikTs-Lm3xvh$z`RZ&+(8sUEbtSG1jdYv3 z%E~aNf%=f%-rf@RYCTEqN`(Y)%@%Jq7taAX!Y$WJzEAhJh`yizAu3YeV@)cal!JGF z!)Lre_=K=QXzS~z`UjWue_mX{@MrYi@4p$TXZphi!PEcEu@!@BjWJ(D0`=erJdC=~ zd@!2e4<`r>4NaPOe^Xra)`R>{*Z~Ihmz>Rk(J2zk!eMq_Is{iV-uyoM+4 zg!l*eQvQ=8{|}Ej(!-#rP8HihbFkvb|M0he=113;FGIl{8^k$?e`WTtv}?qRJ{N*x z*WAXx_IW*_?scT4zt7&+8cs5LA=0+2ssSfP>W}oF!6NWBZpX30?fRS$Q)5>N*ib{#oG@-`rN>4Q2R~mdq=fHwX0p;)s0J(S2{n=unVwU;oR?@Mpjq zqwo)aRy#917;wZE;|v9*_;WMSr8U9`H59;KP$uF8RL5>R*0AT6RVQcbk4*`b&;$t<$MvQXBQ` zH5?imn%=6MMknOxSHQqOyEy-T4PD9pDCl`fj@-X0IDda$PY#B`sTSZf!~f^D=HGw2 zuP^5x!NH4pw*>#!1ZVb-efyv3|IhCK74d@!zmKg|LL~>ocvU`1lZv8*W__hG%r{j> zJ-|GbbO;uoDmCwsoF&WvO9r6?!Bo@p=ZmT?0oMs$#pLCqhZ7-P3FZHwu>V$hVedO4 zyED5!PJx!bFj-=zk-u2Qj)FipQTsDUM?M|NYMGQSd&{3C&zT&+yEHH6u@8#ErkE4#=uM}a?-Df*k;0P zqjQ3nJn**s_XJ(KgIf<*&R+;bJgKn24L|yp?ee??6mqWcAKld(2dRH_dPE|>{xi>1 zq2nv{u3-0W5vGX!4=4w@p`visXPz51-sJy{C*b=T?)GUja^hUZHUO+Mh8qJm7(*ag zHG;cEmiY6%w9*WY=eLUa#0dC!aFzQ9bN+8)ZbBfdMvm058EpXJwW_=B*=Js1xoh&- zx(cC)QWe2{6z%_eyZ`f`{_&e`qd$(r-xv44eCXes{(t+J zXCmyB?sVUowEe$c`+wu<{=3sI22sd!pM~e+UvZgXev&F|@OMYCl3jmo_I$A8ICJno z5%s^>z<)dA|NFjM{m^Wzrb&gE1D2C6f+YBoq) z6ik3~U7kIge!|sqtVy~kOM}5$8*Hs!WKMG?$VXHA$W=q zs8fr8n{q&e1+$qT`b;dFseS4{U zXw}KY#RCG?A5*8t0H}Hr@A*ryO`@}e#2?Y_PYpg;ZygI0>Z9z~w#E8<^V2Q$sSwOu z7tC-MYke*)OR4_cb>Sp2R==k6RGyo9+R)+dHV-nq zLHzoyN=z3pADqm0zkbYFY`I8KG8#X(QoC6R7Pff(_U&}H->bXUzDbOrJMY4kBDr+4 ztD{*J9i0k_;Nak?-?3!oFqXcLgrNKSD7VoCxPRz8#><;^Gg*_`ze9umlOIhy;fL^B za({m=VG_l|vQjIvpG6x9_h9q`rsHTRLYwi=?HE)X6FEn4uVGou`6hRBU1}13MZUM) z%ge6mZR(%ma@QgZ5jh}j6P zY<|{J6QQd=w#FLY+O7|uHWY1}(jOF`4ke#|-N`{GRv-#T8t(1n6_iCa(UrxB_whSq z;V@N8UCh@Fst}~oD}(6wq{~Lq2!Q(O{L0qVwSi>isc!5DnqKkJMDI8g6VFc{ygqfL{39=YI5jyp% znYihxse??HH4;HVC^%@q-5InZeY4_#0=vrKog z@Mi_Em^?vpcfIDTik7=(o?V7g^P&%K?3X~oeJ0cEqq;I3@fxk?5CCSwgHU65?pJdX zHcMg@P;2fIQ0}QC8MC>ZNC~!P1Oe4a*6foN=!+o z#bG8pIX=tNAk`oh6>E>AE$b2JP6KoJI}ZL&L$b|rOO#9MI^zKl)k~-_21+B*ELN)5 z^ZgR(Fk`b|Xz_4KVFJKZ1l`G`$hJjOZFX`o*~dh{%kb4R{0Mf-_=4cN3@FQHL4Lu8JcL9kME19AN#g0Gjf=SUrueW{I<` zh9cw4JncRo+0TDpB`*VYc&he4MCU0_{aP>-$KaoKm#eLqpKCgAqZr)t0YXZfz6R&6 zpm1j3EAZ#THCoP21teZh+w9NlEduXE^A<=Y;0x^*6puF9!c z;1j{wY)V262S@&TRfVow;x-GhitpT;Fj7!8%>q!wn?Xf$>(8Z*PEqeJ>pN|Sb%_E?Zl}*lbT&DA~ z+K+3xI+EZ@rpdU1hcKF4K3E02ZM9`;t||RC{c4JOW%E^Q@ssn4TQJQQG;sH70FCYr zl5`Bb&eOWLs<-r+F6+t?2q?Mu!`t;oxP&CBi1U&JYf(w_XRe`bN7?r|IwRv1oH3C~ zliz_E;goHO$4W$iQS=XZ9^rV0dqnRJ8*##nkL}clpJS(yv?}*-!qY0%>Si<2_pm3R z`&3`8YOWj{w69041{V$-;rHs#KzHoB^3W?_rxw;eL9WL@AJ=Hadj|L<yJAT`oo8cZvW_sng+~ zSB3)Egit_5e>lxNvE*7}T@wi7`-dMjo6-GhZ)b^1qYyls@`o8}mz(@0()gQw1=3Ov zRD5qP?(Ngsfe-BxKO^$^71~W{aCetq#ZmZD}+g`A|n34A7ZX9kWo(F(dX>vhmgLuwadfl%sufpQ26LQXmQ!>WHVKwWM>co zb#<{D@9^q9viUJ|sPuv0s-iR2#++4!cjf|?dk2iI&!Ne}<9n^g>SP_g)!`PDtu)iD zFVwER%ABjq$Un_DAM_2(;o#rTsBM}>nY8w77<%9zR}<)KRp{RDcexm}d&)6;XLn)G z;h^~Oad(D1OH)%0g^|lRzMM9)<5c00__FUkt`0%EB9Wd+D~WpSDcRO$$VF5 z4baqZ1a(tm!Ls%+p0l*DSE|~^zNQ!vB=x}2<7TS>JMCflV~o-d$kxvF6}4GoZCU7> z3Z^KbQ*Yig;^1z_Ny%tr%rd1_erjRu#>sERSkP8dAhM!&rZscew>?~nwNsh>k>^ax+ZFHEe(H||2S+cP##!zo`7RiH?|i5^fUJ}g ziM&6vC!L6@OK>jAVIO zZe8^pRd&Di>*0`9;O(rFNTd-L#=5QmU)uL<)WP~SIe$IXY^~ud6BP?;T?a!xueQd7 zJ58iy6+KN{XndcE?GpzOmYUNA(J0^IGWPPrIGK~9gpaZoKCjU0jTJ;bG;@Dc4{E?nE6t*=fn16^vVro}GMt%s4)?9lCYdD(R_OF~v^=TbWnsf0pAX ziu+U%0am%|tnK0GcNv?KYfPJ4x?lPHbeeL#X8|~P6iJ@ z-W*|BJ^I>J^m*}du;j$=1cOIgwTd-%0s*UO`=!BUI@qMP?r*ACzP3S+{Exn$F4eKs z@1_yY=TWI8O{SYJW8Lsrv$1lK6JsHmjEsKT;W?q_1FBK@EEu6nNTc0pJE*B$jNqaU z5Gmv7qTdExxITF{ZIy{_uy%mMnI|-%v1=Ug^!-it{9N@e)R`&xvgf(FjkR0-Cv{J! zqlx#QOh07Xj#o0|cST3lE+TNxH9spAXaX@d(<1?`xWP5BUW5Dr*7EQ*6{0$Qgj>=t z@gTBB?tJr0^uOU>@7ig*ISiJRp)gKRgO`uc z_2)T;m9R5;c-O|pDjby3^74ErxJzG>#)Qaq<0USOVc=dH$LG)SSsoznQG!Zi_pLB0 zv$Kt!gsiNphB@lt&GdKURJfe{9K=C9!q+Iuj%rRb+J`9_s>{76{qR5=tE z?fBdyWgr}f1pIks-ejFh#i)_Bb!#!vkNpQ`(5OzPTi<^)k#b>6ls{ zC3?C9-j4O<_xH$1G$dPpXkO74D~* z51#fC+@DCZnkM$A%|AkS*befny=pFYG-Dus1$S&edi<5Ch?UvSR~(P^Y-7a5OWK;O z8DOH=p0v(0%O%CA-BMm=JEsRqGvUDsk@8lSHSmk*$e|3ppG^E^bhpdwUv+on`;=F1 zvhy72wEGzk=ZD=KRjpw&#rO*PVpma7imntZ5Z7E)o_$x1Ls2JGuuuYCaXf|iXh0^l zkg^xAw!`Fo8AI={MT4l?j0z$-O<)_(_H|?aRwG3Co+Iw{7gAq)@jgl)GW4B}bxjpX z(gY=v982}^@4_(}T<^EwQwgZIh9!%g@=dH(&(^Z-Rn^jEuA0e7YclMgc$sGiw#KjQ zS6OtLAHs&#_gX;TE@yWEhuaJkmvsazrK1FzVr35Ed4*3Q3JQf?Pbo&R!0Ye2$Lm@7 z4k}l`c+0-;SSg{mjQ&vGHf?GKc8!sS*}Nw^zJqDpH+|`Isu{aV(d`JM!ts*TpFEE>1clrOzx*8lUQpbzsC4tA3Dt>=Q=*fEN+A&X1ng z!l;^J&IiG7aLt@AJ)WD7)K;siv^|_$oCLw(d0o|;ERUppoBb?E7g&4x*N5^@S6>3t z{lj$u-W4zKA-go#VVKG_YsVw|{CE~k;L)<^O~e&Pf>>>-Z2A5&9(Cv4GBDkQRi;^B zkt0ap`e9p}eWU@U{+mY!%J%%EZN!)nVl%I#Eu7ZcD(L0W;3cT3i_^^epqmf`-j8Bt zN^}AdN%L)D=AmrOM<^f&y?{gY6{5kID45HS*!GIp#JWD2FP`h8%mubN+GEQf?2Zvm zPwPG?W=_MmfDXGja;Iz+s>2XX`!?h-7UB7oGg;b3biG_xM6>$byB=KiT^=LdZ?2bq z_gyLPiJuHh0{{Z8<6r%|aIn(mIA>`z=6+ttgWB@TR(`H&uM#+rt<9){%FENjbKfm; zbTN81DZsgmtxt(noCg?{ry(566YA|n6RGV9xcFGhIy$B!N*AZzGCF|)UKhg+s_5Mh zXN4_;ytQpdHEUTvX<1@wenzyd@io(XN5!GupcHdr&R!ia4td$SCqfJezWJ! z!LycIJwSZl1-D{o?n9vF7)D)9JZ=Z;HJ+Fv566^|S~hSp>z*+oL)nIpD(B;ln`7HF zWWD940t>rMl7m#^teb>uVE;g^8>l$O@G37>lg8$DmxE&=FZJeYo6$kf;d}h-PbQDi zZ!J&7H-2+LEX!RyjNHSr_STkbmUS)H7};-#r=29{(_~{90G{4}D;iezuzRm_-P9S7cMqXtGJe{I1;0_Td1ZBoc$O;$QU8>u!=CoHuQTTV*J=QzD zvYOkkj^{nHz^o>@%#Bx9XjJdtef3zjZe~ZDi^AugTD1oU*>?)rsy{&Hg@B*6Ch8sfrEF8yW^0-buUHT9cV_lm&~`xsrs+Ia z=jiZHcMixscZs`u!U_&LM3kuxUz3eWM$^r+Bp?!_)8A|k4v4>8IDCxDmDt}QxgjDx2*%cIo@|YKgJDABO71N zpC@MB$}bZdtt~u3r+=-QJnJN-sMfDn7jZEq-d@nmg5sU=VOY?KkJ#xcD&GohT`5~b zhQGfq(EO25%k3oVrUkY%uQPArNwy3WsVT#t*_?GWO8Mf+S=+Tn8l}HQL7Mb}K~-wf zXar!7qP%EmJT&AG-xX`_5Q+fV5a9Egr_KLQ%3;i0U^B}0ugS;Vh@0v&AC5adZ!v|NR?+(w z(UX;lS7+)mC;NM8w}P&j`6yHHID*74ULwG{)L^7&H`8%^tMu5vi8+jSjMHEudP4G5!*^p2T`S&(8?}E`ua{ClF|wcRA=QEecs^0U`LjJM$c&$-q1hu zs#AyprC#C|?(E0ZV>2@p6!vjyY$8g*UquL+eMhW#p09#-9?)opEkV@<+SX>Z6EN2Y z<{j+>`Kn@|E3aaqzFi%P+0CQoKbGbC7~&OWw(Kgb(OM1zj~XziTtV2#r>9TA4vk?) zdWtchBu|kmW_Po_lHg?N-DpMY7J8h2^vd z=XCJ!{t#7mKt+EXnk?ELAtfdr&B&ARd^U!V}1Vp_NEo+`MA^ys}b z$cVR#_-H>Xb$jPHGj4eJ*3t8$VK)4}xx=Dl>x?L5ub*pgX{y7Bk$xG-aYv|p8Wb=e z-Pc^|AEk^iJHB@1SDH*_YjyMa>#t|-I$LJxcyQ^3MI3WK3Zj+cuit|OPssJ!`kG+I zHq+G70kVLPAt<0jWR7O=wFsj9+Mhg=&rd5$3BA09&yN)!T1+uRu~>sr zE8Ybj&k!F1M+} zc)@pY=xvfmUPnV}v2;$Fh0>AbUYiDKzlc_wGXG>9i_ztKNCF<7p?nLI$UK6xpw*8OrIZnw(+#TFeI<-A4j2u^eh!&&CF*C z{$tAY2@SFqPx_ro$x5!pj_6`O&#COSMrURi8<{>*g=&TDx)EKbdB=0C&-lQ-mb*n9 zQNvzdH#k0s&l(Dh##k5K!FvxZW3;Am_2!~0n~T{xUU?O-4lrK8P?1S~c4JDzHdt-R zF_^Wa8Y&Q(9K+a4a{cf&D(eh7DUK#w8t2`^r~M{MKnuizU|v4gI|Qj`&jGmW;p}}1(vB^h8=K7^3#*lEHeX z6TeU@YYJ42-`iA9!vyZ%M{{IMa5>bpcOD;cc1nx7`L4F_aMcpdcY-`S^n zKVvQJNXs)EQ%##(m&5%LGV_(_&QiA zz2i0@2d}m;sCya~y}R!EwQdGEkN96^1@nxhYa}Kc$m`)|hrZ)^IICZr(?V`$`QKas zr4xs{(iV4nzh4aqwLiTN3r3Vv8zV zNezqphp!-h*%p0WtPWhU;fDdVM9S`CkhhbTzDw`RQvEMu#YyNh{B>N6)L8-*9$Ie^ zU(u60vqVEYmwK8|sWIU$$G?~;H0tn6Mt<6~>Ad@X0}C0f5xA__)%sK90cSqiI4?K- z_B4Hdden7tn#OJlxcd!VZ7`oUj9BxAo-Vj_CcN=u5^R_PpgU2MO82r$&VTIK`r5_% zdOZ0(8GLvt5w+?7zC&T_ewtu^!gpS+in$BE#?iITxLJ4+o+gdg;ffRKmbgYD3EvRo z=kBo7&9iQHC=}J!7$DJKJ9q26zQgaR8pt{s=NZR_S%Wg_CwZ~h%&uDL0ZArmd63?h zPY&LFyVb+3Ilj9OH`-V7`z5lB!A!M^xvg5MZaf}CBA!(ip|S_RWzu@bo04y{IAY4}%BS-^SQZbG zHjyj8AVtD9eau<*n;5L2~K$m+4a%S!8JMf&W$&l?+NQK&*akya;Pn{1|R zOQ7iy76iwC+I{OiVw`R@Ersti-hS>bPdG8Fs*T`S!G=iPcdWl>6{Xr)x9pA8lYe)m zDbvYcIZR--@5yqS+aFb%?5`RXLD}%+`h#UzW)0QM8YZ<`9w-f?7sc|KM+1>K@eaHG zYsb;td!Oc89gI7;=zmGaQ}(L?&Ij3>{3h9Cw~;=5>EUklL#_OT@Ejs-LCRq?_Z15` zVemch(b}?6vdYkh>sLp?Vouf@*Kjm%4m_JL(3!0_wo@`!sTNtU;!`^ihnM5ubggT( zuL9ca)2Yg2DHfnDh!r1czYO+{?4G|IF}^F-D&iy5safn5@H}AQb%1qG(`8DV8FXq6 z<4t^?Z^avZm8F%kB9Aw_4Eb4n&3~&W_B)l&_G{ZBW5Bn9S=-@t5JLX{{O>L1Ijd)y&_N3;b31l0_XtMV}vzK_oyD|L&d@v&z( zPrN+OU(1>`N1X~|i039e=jKO}UnD2<=bi{WfE^CI zkB%Jn&0#=X3~wVx78U)-`P^!(M{L#;`R%VS@!iLk&TZp@9i3qm<999Z?_1Rf>dwRKbwyHB5(M|0=m1}LSO;hKgiv$V?X>Dp5yhYaR-%*Eb# zpD%TqDm;i+4i8^CsPKCXK>7IHKaRIsoNLLBxeGrJQN&`qTt?P(AQhf?s!Xae9-K$7ReM@zBc1Z%iSwIN;`afm&t#( zDFItf48X-#9$S-oX5$jND$H2!;jo*oiLx?{qrx)UQN+_fAefy&nR z17+Z>uW^b2xW+H`ZFptVC|)_F3wb2UotSSzMAH<#_qJsdEqBKPNwZy%L_u{Cl{bf# zlpZ6*3b1ykDPXz=R+9waCTVg-s8E7&yS$wM+B!t%6|-}{#tF^!a4Ga=*dI%8(mfER zX6H6|5b@X#N)U_eA@Hd&m{5Uuh1G>7FVwU3aP<_Ub)!-(n2q#0(bszU4;#rm)Z28= z(d^t@juPk!Nrq;pQG0^|Zc{=!CJNkz2i6(W6;`{H9ijC@!;OtiCaP}e&F@|UjDvO+ zgg#=w=~aqpQUp9-?7VT=j!0jrm~CI-!6=xqUEk+eSQmk)-3=~kuPokFIoN7`nl`4~ zTm#Ej+l5PPEN|WOgQh}`R;Zq9#~wE;8CdL6vUZ=(!o0IK#ub33Ab9Wdf$w;>;i33f zO4HB$0yk#pt@EUhNj!TX#L#?+>%%SNBRmweOo6vb4R8ED%VJ{3;S=BMI;`_o$(aGUT4*+KQ+W5hvaE73d3Ts0yTBnZ?9jirDlhWUNiE4Hl9{`t=@zwx(aQtNH6n zdLZ57iCu$6B_)r3Hdio06bnC^=l4IU5R?m1cmUXhMF8WndgDM`~smOWkGHV=csoprMpVmI? z$wq)3lHCd4_L1#rDBkvX?k*Oi*7(_Zc`&47&I{ZcW%G3Z8_6cDpE~lAAJ*>4t>Jne znp=IPO$ulqJKPV}NYSSEfx8&H+KD5mjqG%AG+C+{sqJHU*qxo_<^Ni&f6|X}5#heM z|I5@4vBTPbSrY5?2MXhg4M_mrDiYAe{qcP!ko8Kz+sUGl*TrfDqG&7!e4PKZKtP!R zk^9y_b&Z7WOzTy2-O+gC|JFiRRLCslu&E$GND@Z*QbBflnq+w#LNt(V`I)A%mIW#$ zlDe}TJGJxqITfYYfE<4mx_g{Kk=<5f4T5K#MQNC`OIoOFQbO@z6Embu?vaqO=dBEzH#9L!v< zK%~6+!5dUZmFBT;8{MdFSlPcfYnMlWeWAtCX3N>kMY5tuZ%3%_d=f>p`3|fl1rfyu z8YMFw4Rby}r)eI0yC0$2`l@f5>fah@>yb8kR-x6O;Pc*f+cO!T)$Xy_2&+UEb9{-M zZ>G05&sN4G;_?FWO%mAT1~!5=Uaqe49&hQM#dkBw&QN`=s``LF{rLF@eQ+XJFwh6}Lj-OTlLgCAX!|nWjRz3CbEpH>n>r8`@O~axv)7 z>(@<}1jRiWgDTsX@0Htbb_~&X^juC}fR`!+egnW9r|Fn&C~-0bi*I1L4wxS?p@#6j z`s4(eXl4{5QOLuv+AyE#qF)IeX~_ajc(1PTv=en%<&x^_wE{g5$!cN!!gTdwXJ5|% zT=uh2G6_%HzMo4qQ-vL4?_zpN$kOw!f<+n`bh#^R1>tuJsqv<3J16-#X)0*v5`;V* zsX9IHCu~5&qI4_W)J&P%7p_-75p9j{y?~bKtJbF1mZT$)`Nto75*~!AWjjT{->O*N z*Hl!h?N9uRR6{f-O)B$eL|ynq*nA*g5U7M?RDWfJzIm(oU3fnEiIp6adB3eSl&J@d zE|ualI*qqV@%F}kKgyCoc-IOew`vK!i&KZIR=xgM`A3Y7O9D6Bf=_(;>UAz}Nm~To zQhR-Qt&!3;iRB3)SdH7TUaR^#^6cphNT=@}vQz>iyvUPEydnkJp! zM{%2t29f8>)sI(V>dLI}v`~2kde|C`o(ODwOS8lMZcmjm`U;25pXCv-6dF5%LRD2 zoY$>?d!_Za;GTFU7ioR;K=;MiD7=$TN@LF`M{OqM??%0}zEaWQj;<))>sHNj+*Kcd z3Lfp4bj1P>&q|ZuU64 z$d;Ou0C_miLZ7p6{3ivdT!7km2a%69WHRUjs7@5xV#D#mu{ZRBa;u#z7z$cveDs%=YBxD9T~kMS=gMF7lru$CB)%(c2xr4hea z!x+~yHc05?>}?x+$7vm_MGmPSP6|V=?4BWW1F{^}wQNRtH-v`;n5>-YmJP@$(P55i zzoD}KtG)M(YI55eg%OdefFM|q4ngT1rHi1_73o#F0s*NpR6&YJuc3p5B2`*|(4^PU zdk6ugw*UbGguspa>~Fkhe|w)j&c6Td7;k3=ecasGr%rrcTCmmI;OefV21Hsz~bRC^^>@Ow`{` za;qcNAzVUt*S+RA-$6D`Vca-=Wkmc^U&W#7JQ4k8J8S8QqP~%4qBPB{EpFfs&QldK zNWHp76`lCORI{65$f&2vl4J`3FIvxjFc z|5gcO^gCOS24Q-}ovk!$LA*GjY7`AKI1#7};8Xk7H?vA{ler%s*rTS$6dwUvjxMh{qsIkUoc^t2D*U zBO_iu-#0P`LVkwkMvr~kn5ljYV8z}*P1ZeswEvp2#%D{6$!b#E44Y*JMP|y%Hj~o} zz(e=ghI9yyQuVd9XuW}>-Jg{XJ1HX8rZFsE(HD$tr!LU15R8^kDRTJw8?M$3axL1u zrE$iZL0yH|80XyBEoZ)iSg!@Qi22lkFX?Y)_AiFd#Cjmg<;94nqr`2K?R)a1!8Ua= zhg6zmVO-nqHP#-bamTf|*p1f(~o!b+Sgd@<3D z+fB!sJf(W*jTol+Qn|c`bXSxY2(@HYtJ+f}55vTZG^nW-AHWA?!r%|3 zo*hm10BUd9bd{2@+DDa(V4{&v~4musZ*QX=5Y$BHOHXt?sA6~)DkxbVA%G*Y?H>hfPpw+W7~4@*(N=0F zA72|}ZmmBnaF;gO&2Jr?JD$Fp6}ua+I=*eR@ufS$+@yTq8GC%GPt#Ko6ztNal9mQa zzif(SWL9$#y>B&mNW&fmZ?v&O=xmXcp`7V4ue82tEi2h)f|D*+eq5Hr)Com8R~REm zcnm!n1Du8#^Bp}>7%FJ!^hx`E4=&~^Dq@Ee((}KfROFs=`#2Y_TmFdPI6n{q<(Yj{`#&O1ODQgIJdE-7OH>vz| zfQi%3U8*^mt#t#P`yi~X%EkdXR5KFVT`IiB{++9$po0YlbGmT7Ch@vfM zia8K9kFx?3O013SNcK|C`-_8jbY=Rj>olyHEu%RbNKPFqe|dU~MJ9Kzy(L&AX3PdK zOCjl%v*szL9ysGeiE~kU6kf~cwX`mZ; z%X@wA*|r6%$++^pYy8hWk9Vo2$5noOLisw}_-G%MS*u+soFj^)wM+Z+Z)k%M6K&C`0<_W6KDgOpvOiW_>|6`1$Dfoam(3HU%JyB}LGJee;_) z7TB>L0ylk}E-$B|C4MkdN$~BOsnlpW@8yUNBEB4Med~SS1@C~K(`{wKn6r+YpQso} zwUY?YMfUI^W9Q6sFr{z_XZbc>ZE^&CD;Vv6z0o~U5~ zPNTvNu_4OrZQ_-;J-a^F)EF$&f`CU1Bw>ZL*OR0W__TGFa$gJ!=-@M-m>>^I{t48R zNA5S9LYOm8H&i(SfnOYFNbpWywSpwPFrVlPzHE*2aBbt|c&Gvric~l!lk?xAcxmef zo{KkplqWU(*}{4-G)|)Ke6R*s2kB4FRh)18zEPd}hGKH}T9wj!<#)%`5OfR3I-f>$ zi(A<`fL9r8MegE zWfI%#uZv=g_+l*GCp)@=2kw0f3z5~9Rma>71e!#=C2?rJ-LCdqmBoCjdg9Q18nGq>AfUb<4bCQfRhVR+ze_p@!IMLHMud;`@6NP zS+>XGVL&QHHav4aQAna1qnLrXwS1?|_Aw@a4wm zD=`CpCEDWP{Y;FBG2HU5qU3DR(M#A zytR{yf%Qt>I&KUHmlFmQMUXB_3?bm8trd;bT+8{i&^lwQBcqVLCOrJaw32VtYva== zWoGLoz<@{T+IMhXh^DB}hsKdvPJ$WesdCQED&_PDk|5K0ABK=vW} zdf|zzJsxA9^Hj0DqwEGv)@J2GR6P0DNuKs)5y@D-{*79jyxsSpjUV{#hs1s>4^KP~ zvL0Sz(Q)Z_emT2BnjEI!&Zm)sR<>}zbvC3{9VOD8egMF{;oR*fRtG8S9zhzkSYh7k z8zzON4y8a0X1UUj?q0i6f_$@6*d*by&lg{;4XwTjr`OA$>7>7Eq6E-g;VaXHbPcL$ zy5+irm|J0hO_|sxxe6|Mz{jVR*R@~rHeg2AF#XSLofkTh+W`WXOPos0$`&m-QRR$6 zmDGDKTENqpVt_jB@yt4`s^t1g0NCmsM9W9#)7Ps;p{`mcPvS{x((kEZDO0nggl@3< z`zq_~HYbul$?>W>P(5|@P@iZVI1zCvjj}*%vkW6SRNKp*hZLv_*Hka>iXrj&w6^hN zBx)f<_)4AW=ec@=&ptou;FSe!n}W`cSL*QxP@ne#CQyE8UUBi)%J?bDCL4_$3EbjY zC55HE*qj+q&@%5N(0AoM)%XrnCq~0um|r)&hbKevC==kD?p5EZkjnjZG#g+Spy2op z_dW4b#Y6ttFUnQ|wrB00@=L(Ey2` zp&JaM*v;l9mu)0xF+)6I`0xG|H~;}V!bys^QCI!=$#^yzFb{d6NrSTt7#0!WNdo6} zspj3uzr4P7CHZS)U3FZ`h(?Vj#JLJ=l(2R$+rq@q#ktqu}5h`*SjB+$=!O~6?%0P?$0SWlN{FH z9!U_n+T7SWEcZ>wEGsMifa1)f+1PH}9G5qK%;!ryq4JWUzOD79qmyagSw{!G&tv~< zJIxBDU-`olA9D~f2>Vn7DXJ2p^!g+9WpMqbh6Y*vn)~j{wVjMZ39!$Pd7J{v}r zb{&j_5j9ATUWSRAn*8of*OK1ej=8)#-oa=64h+`c7b@N-w<%=p*5}jVrvv7)bU3gc z+da-nVtG|jWaF5BHty)D#S={$C@6+@5_lDoQma*rCS@}9ePgM-Is$)`-z3p!VHK~B z!+TOOulVpXJ!4>1cC4nXt_)&0bl3H?d4VybGVyK&5+>%=2vFkd?ajGPgBwVF?UZaE zywZ>?GZt+W!9gi{C~fzi-WTOWV-^F|J zQfkecHIvSRQ*HS(-@Mgr+_b@qyp-cm|5{|!1cgD_k6F!>R06&=+H8qLarpJ0#@;oasej5Oa6%M z{BOQhvb7~2xcFc58p9{Ah+i0D!!bGh=+O-zGrs3`-mvR_)9IsKbre*nDonUJa(*Qf zQ`0G1pmy7HIQS^oTbLQ8p8nkd-eNrC_TI^SMVFnBf8k+A_m+|cB_@l=dw8kKY3JRyi$$ig%M)A<>DY2d` zB+`vu|A{Rgk23F`*p|G5cctPnF=I?6O0N{0eTOu8_VM%Vyjn5GLY9;HRU;&30AP*z z$fGL@^l0~4U7;yDBz2KUImFg6Rkr@D`50C$WAJRX4gg5H@l+Dg9#BWf@t?5B&`6>S zC>844W%Hp!H!MdSe9W(cluJK{rAsMOJgk%ex+lsNbVFyFd=}mLM|$#vk;k@jB&%%fRtZ4!qKNjlA|P zmVh2>Xo!Q!9BsBRO`Z?oN;d#;-p?=<^VYr54B_JbddNnNtd&B;Juu4DJSHn5luB>r zA<#|sPQ!48NAfGg$Wq(M2sfMkLBdIwTmecVz@%UvGw2Q#zlzgfo!OrfFry49JD#@o z_O{mS1%D0+J=-!__^GMQkK7I^I&>6i;MmsVy0d2n1-qzS&4vcd$a>_dwCC2X<+BwHXF{mrtG# z@3i*XIH3gZK1^IOrDcNh27)(0^_KvxSl~Ab8IxA7&Hcu8hyBg?@Q`dyuv3p$jmPtb zY>%Vwrxq+u6q1P-0+WA*_;a6tirubR9rlY2MoOFr1sq2pYJ`qwF_=LG^!mm|V^yQ~ zfg9)J=ty7}WQ5~&&lmaf_l|=?5zS8xjZ0Riss#w?PwRx-0|6C62r~4Gi+8!?a@^L> z&))UJ$DwgrwzJ|wL z7rI-CO^ZY8Q<8(q5ASu-G44c=2)LAlYkZ3OCOirA=QS>Eic8JgPfuC6^uexBihZZkR>M2o zJqmGKmy~X?>w|A+pe1wmx>Cja6u&B8<|LE_ZcgVH)xXx!n~VBH6ECGC`YWtX6i5eP zEALxjEp?=GaE}k4jn|~hmaORajFPY4xVboEzi##}d?g54;9rAVzVGbg6On#%Cp0yJ4T6Wi5|caZ zFYl>rx@f^4?HzbB+_CG3e}dV26C180CenEA^|pc|(gObc8_B004RseWc5F#mSDDW` zm7jyhE+V;Dp8uVq$*+*R06KG|1mW7ne7)#&bGi~q=)zu;KmE2Qwo#96+Hi)g~kS3TLG!knGQHx=e-Suhp z;Qjd^QqTgso)>K-f`xA%}w9cC0GF#AJZB(Ig(VL^c`3FKuVQ`m_-={?a0jw(}K z_~C;#M%@TNl<4t|Yf+w$)lwQTFpTz#T59E4rFB8XYuorea!JhXXLjQWv#TNY)UI?d zdi0&*5UuN#p67 zQLHtJ3Ne)uIETp2@W9^`mEQj}(pXnI0F)YBt7vYl9492ThneN7(u;&^JjzPu*0_SM z%oxz1x4_+4i0W!l?8I61!-ZFaFrUoECo^#7ndWpX$Hz{g#Y^r8=gi%!8xDhw7MVJ0 z=Zlq>$g2_|4?^zx&o_4Wg*YT{tHY#TWGskTgsrdGKl=Tmqte}#jXs>>U%l6u_f z)wzcYMn8EQRX6nV$X%`^*h5*fMDH*bT3O2NPEpmd%KN{tdHUQc%?Ivon0MITTC&ZH ziM&%jQtK}_8~Z^}5Mph!9xDn$mS1cLWK1flu?x6o4a^&VlDggcuxOSc?7)-qA+JfL zZ49nuG^9tywgsxQV9#naH9sKg`kB<&W_?yAQ}Io6#IZ|DC?V`OAY`qIAE;`j5BZt& zLObZe^hlJZoVs!{<6(0vNC?${01U%m6kfM`7H>XON;Tc=8Z2{9(7eXGi@XZp(9Pdm zf2^MiU+2lEcI!$Zf0{?pnhq~|#jb%3Ya@e9bG?uP<$&koRaS0O#`#TvpX3~UV}@i` z@4)CH&o?7KZYx+Au4IY0gn!-a{%C7XZfntgGWChHW~y~{*&4V;D7%rFl9VBiyIZpf z?cuI2Z4oM)T8^$hOD!dvWR?1k+|f9k3^-w{8?tBmP1o+|5u;63#X>@T{WOo%@BDOx z)n;edWL4zKQkH8+^17=7Pv?hKcAu70K9G^=DLE=Gx82soBt!a1vD=%aGKC}fH+HAf ziVM?0>@%lZkMuyQcY}F#5vO}cPT3@9KtlUi@5I5f%6$&f=iM#WFPe{?>Tj%`pOx!r zvCMoMBk6V0KnvMV)E2Rrv0{S0+HdppQ<;AX-_QfhX)fzwmJ@KWA{G<$gw&(fpjW=O z6YFMk7FO~nCFDdk8M9rV?1L?e;(=Wir{p#pN2On@crg{MqC$x#7nS-jomdBsseV}= z9VlsF=7pHow_?m+v9BLMdIy9TkmF$nU(|GBJ?XsWu;#N5?Xy{M^_--(+iOp-QS;!Z zF0C){A*rzElO{*YpD&s#wT)EVCT30|L`|Y$D`GAn!>K9V``ro14-9;>7inbYxr<6l zJQdE52h)Kg)s6<(bku1l{gQ-9PmrYMJWA{Kyb38MOwinX*l=$qO7cnrc@iI?WXH_Y z#DRs+OwJJHPtMlV=Vo!{HQ}wD!e$9yN+^0LG><%xh8V$iswkh;c~~F41tpL7N!O9w ziV>RoF(A1R8?27Xm=hX%r)!HH*e0SMIQnSYN=XHM<)kTvZA&1llQ6;7-ek1Et5SKU z^>f0d;PewWm-RHw(`@?SoHJ#{(^M9QI5pSfT7M+6V7;5D6~_dsyW}|?UScjHWPK*$ z1_ckR%}Vuz-t*jKmCdP_nF`jY$3ehz41Qke{Fm1VhN1V#*yuD`S-0)^n|xH^B;Frmq7`P?Z^o1&JhAzpa0Mp2nM;90_;k{PGDDHNV*)v9KeAf9r3 zvVPQVkU)Gi)P;W*QL8alvtl~n!+5*nJtujETI+?BSlu{kh*5`>n@WVlE^KOfb z6u4hr>=wEk>{*d{$0Y|wmM<1Q`N2{;+B=13!~@Tk)L3W<8ki&o1|%@&Cy*xB%`Jaj z48FPqxQ1FpuB^U$Pfchh`qeGko$)qnqtoz>CfGkUZGmKeGEcWwM9*w?%e@As30PGZ z*R%^*7;*#c?JTy+DBxY&ylVpiuTQ3nL%)2IiDJl*gXY(t#<~S06wAB6GSR;jTlIqZWy;eF8+Ar zZnIiJxLmgx_-*h}$)~oan+EG0Nv^wj+dMp1VjB8WT}io|B#2=HXI;B`+bkHs`DGL5yZ zMLCy);#RzRCo2x*lB**P4WpP^KI(F@P4_N z%0cHq>bzw(cd&>;iUNvCU2*bInJ>|w?K)D;%4{s@SLEeDiUyuJD!bTkR>Qd_tIxh3 zXIN(H?`ZxMv+$62#D{Wla!pO}VB-#gt*KHjbF-aBhA7Jf23LN9ko&0FoOS4R=!#E& zPk-7#2zIU6nM(lp(*b?l{sjUgr6;u;!^jxZm;^WH9lUit(kL>dM4Owe>b(2|| z3=^DF8eoC?li_7{KRm2pR%3=izu6ahrLVF?NFl%~Y312d-0~W>#>NcU+@Ocnk}6M@ z7U`l9asf0YNHu6ggBtY;Vrx*MaXQi%8Z&TuKNp&r@zeYQ_SUSBd8spu|e4urU{dMx6xK= z0!lAh8DutH8rO4am^&EAo43(7=`5TeZ zQdhc*DzElyTRJoyDBJzeX1F<#6}jbCzOgk8^m`kH*%1 zCe9eI6B8iI6dz8vJv;8g}je>fmtta^C)fpJiQK)t-%UT~Sc?7<2df{MG1zsy5F z5}M1GaFDC6*wvR5c6fNUXzN-X@@VXMsA%JCn~lmblBat1u%y->(Yk-OF%~nM;pxSK zI8f~K5R8#1_2VD20eA(1?~P{5E|*pNRr=$?=FXm(Q<~lHEj2LgyBZ5=(!TC;>ae1xlfcEHz;@*q2)ehaR<<=`Qgpmi5u+%=ChIXW;N%4n)tbg;c_#m}I!34_v@0vXmvEAHs?)-@JLaL1HH`4P2Uh^p z=%q&~VROS?g9$6+N{0{P$J1?pD{3SP)Zu1B>n5D!V`I~SxNGwI0msH@XPoUOSg5?% zs#>7@wttNfF=vtV&xO+O^|}c+9$$`De$mb2m^sRTgr%{GW}8ki694LXIjftUIk@xa z_?AV&Q0#`T$ZEX(|5O2*&28?+~S$lfbCCk#@%yJ_HT~n7m@Ze&l zanAC~_<_R|^)6|nn+{a^w~2AnCYdFVKpPWzmgv^BH#4Zo&=M;!#nq?XGk4$l)Sk)J zPo)E0E&HKzxY_=tsJkKexX1bp_1wW5T1@T@U9@|bh>hrDA@!qOhtStWj2sA4hixcz zduXTJwh_kIxSO`p$e{QNkgaBxQa!NjQeK3aA z1SCtGA;#>O9kzuwX~IV$#;fhSf}RDH2u#QlO9#`*-cbA2+ac}W*Vl&-k2SMB6~n)3 zTYt6Y{u=4=uMFBB{}g!4w(VcM)cb|&KR@%=kc1H-s`QG!1|#(`y@XK||LLK>`cVR? zBcY~d^48d0`hN&WM52~P^rJq0&QF)+AA=gdBY;liXr=x$WC=@nIzmE=O4{H4y!Vem zhi(x-t4Te3ga4Wo|M}a%c);7E(k~#^q~Gf&|H!((!z6HmjQ}c9@Eq{3BAI`{pG0v& z^n$w)S0MY3L90j!pd}A7MSrhO`#TK(D3du~DA=0#){u{v{yC@w;ehFQWj&GNkFWeM zmdve5i0`YS<#~UvtoTa}`RhfLJRpENKF!zo$7*xu74dttnm6_t_#cD5yg~pqekX0K z^j|FQ4|o$)^$x`@a;I18YBw%P+>sY`m0USyI2;dKo;8lfW(=3J6Kde&C|={Yx_z3r zY8r{U>=7@{~TjX&tUtI zFdJ*wdOxFFPV7mBEJc@(n;?G(LF!}Ui6&8rZw#kmpN)aKyw{on~r+D_Ib&$6Q%=tIMZ!af+IlcD0+N z_RMRs5p{?#fB&;`t0w-|-%yYcYZor&xaImyz@XyYL<#ru)gg9|p?5`>(vWmrE>z;2 zWgOBg)t*$&#Z(XEgYp=Qc~u^;xe(t*gE_e_{^IHVtMe!6^pcXl^(X#Eq0EV*KRWJm zFwM_uoOvVg)m(%^m_}a%wup?QNQ^uxPnRuR(()gjIv!-F|@6(!o z-$Zg^Nmkvj6K?7y%p3Us_`mp&AgS{EzwG$`U%msQ)n5=U3WVav>GQeG29*9JkcvgL z^GoIWEpx^p98aAE_7Vx{a1ULA5K6CSQ&q+*IMp8;FPSnkX=4wyCp|dPplR%&2Pw>zVtu zjrYGq``<{SC`u5G_-B?k|2f8NmjdzfqUz;YdVfObzd)Xg_B+OmnAZQl<=nqfapWqY z)Hs@U<8LJXe>D4#@<~A;6gSZV&;P}0nF(fljlBHtx8J{9cM0sb%cIJW=yboER@Tb$X}?^c={5#gh%qNQA_^djj00F$-r@&Et; From f97ea0a2a0dca7d378f4412df4735dcb78b9ff2f Mon Sep 17 00:00:00 2001 From: Pliable Pixels Date: Thu, 24 Oct 2019 13:14:52 -0400 Subject: [PATCH 760/922] change audit report description based on what isaac said --- docs/userguide/gettingstarted.rst | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/docs/userguide/gettingstarted.rst b/docs/userguide/gettingstarted.rst index 8736348b5..9957208dc 100644 --- a/docs/userguide/gettingstarted.rst +++ b/docs/userguide/gettingstarted.rst @@ -78,7 +78,7 @@ This screen is called the "console" screen in ZoneMinder and shows a summary of * **E**: The Cycle option allows you to rotate between live views of each cofigured monitor. * **F**: The Montage option shows a collage of your monitors. You can customize them including moving them around. * **G**: Montage Review allows you to simultaneously view past events for different monitors. Note that this is a very resource intensive page and its performance will vary based on your system capabilities. -* **H**: Audit Events Report is more of a power user feature. ZoneMinder regularly runs an "audit" of your recorded events and this option provides more details about the latest audit. +* **H**: Audit Events Report is more of a power user feature. This option looks for recording gaps in events and recording issues in mp4 files. * **I**: This is the user you are currently logged in as. * **J**: ZoneMinder allows you to maintain "run states". If you click on the "Running" text, ZoneMinder brings up a popup that allows you to define additional "states" (referred to as runstates). A runstate is essentially a snapshot that records the state of each monitor and you can switch between states easily. For example, you might have a run state defined that switches all monitors to "monitor" mode in which they are not recording anything while another state that sets some of the monitors to "modect". Why would you want this? A great example is to disable recording when you are at home and enable when you are away, based on time of day or other triggers. You can switch states by selecting an appropriate state manually, or do it automatically via cron jobs, for example. An example of using cron to automatically switch is provided in the :ref:`FAQ `. More esoteric examples of switching run states based on phone location can be found `here `__. From a30902e3d31f302d26769f218512beab5cac4309 Mon Sep 17 00:00:00 2001 From: Pliable Pixels Date: Thu, 24 Oct 2019 13:21:04 -0400 Subject: [PATCH 761/922] fixme --- docs/userguide/gettingstarted.rst | 3 +++ 1 file changed, 3 insertions(+) diff --git a/docs/userguide/gettingstarted.rst b/docs/userguide/gettingstarted.rst index 9957208dc..a9a8dbbf9 100644 --- a/docs/userguide/gettingstarted.rst +++ b/docs/userguide/gettingstarted.rst @@ -39,6 +39,9 @@ We strongly recommend enabling authentication right away. There are some situati .. NOTE:: The default login/password is "admin/admin" +.. warning:: + Fix theme text after I clearly understand that System->CSS is doing + Switching to another theme ^^^^^^^^^^^^^^^^^^^^^^^^^^^ When you first install ZoneMinder, you see is what is called a "classic" skin. Zoneminder has a host of configuration options that you can customize over time. This guide is meant to get you started the easiest possible way, so we will not go into all the details. However, it is worthwhile to note that Zoneminder also has a 'flat' theme that depending on your preferences may look more modern. So let's use that as an example of introducing you to the Options menu From e1108bda0b431305dda621d68fd7da33962cd519 Mon Sep 17 00:00:00 2001 From: Pliable Pixels Date: Thu, 24 Oct 2019 13:56:56 -0400 Subject: [PATCH 762/922] add support for todo --- docs/_static/zmstyle.css | 8 ++++++++ docs/conf.py | 5 ++++- 2 files changed, 12 insertions(+), 1 deletion(-) diff --git a/docs/_static/zmstyle.css b/docs/_static/zmstyle.css index b8f0235f3..3db3d78d3 100644 --- a/docs/_static/zmstyle.css +++ b/docs/_static/zmstyle.css @@ -1,3 +1,11 @@ img { border: 1px solid black !important; } + +.admonition-todo { + border-top: 2px solid red; + border-bottom: 2px solid red; + border-left: 2px solid red; + border-right: 2px solid red; + background-color: #ff6347 !important; + } diff --git a/docs/conf.py b/docs/conf.py index 9bda5df7b..9de7bd820 100644 --- a/docs/conf.py +++ b/docs/conf.py @@ -31,7 +31,7 @@ def setup(app): # Add any Sphinx extension module names here, as strings. They can be # extensions coming with Sphinx (named 'sphinx.ext.*') or your custom # ones. -extensions = [] +extensions = ['sphinx.ext.todo'] # Add any paths that contain templates here, relative to this directory. templates_path = ['_templates'] @@ -265,3 +265,6 @@ texinfo_documents = [ # If true, do not generate a @detailmenu in the "Top" node's menu. #texinfo_no_detailmenu = False + +# Display todos by setting to True +todo_include_todos = True From 363474f61307d480613b48ead53be6fe0f5cfb80 Mon Sep 17 00:00:00 2001 From: Pliable Pixels Date: Thu, 24 Oct 2019 13:57:09 -0400 Subject: [PATCH 763/922] fix up getting started screen --- docs/userguide/gettingstarted.rst | 30 ++++++++++-------- .../getting-started-add-monitor-general.png | Bin 158019 -> 62089 bytes .../getting-started-add-monitor-source.png | Bin 182877 -> 72382 bytes .../images/getting-started-modern-look.png | Bin 98946 -> 22602 bytes 4 files changed, 16 insertions(+), 14 deletions(-) diff --git a/docs/userguide/gettingstarted.rst b/docs/userguide/gettingstarted.rst index a9a8dbbf9..ef64f661e 100644 --- a/docs/userguide/gettingstarted.rst +++ b/docs/userguide/gettingstarted.rst @@ -39,11 +39,12 @@ We strongly recommend enabling authentication right away. There are some situati .. NOTE:: The default login/password is "admin/admin" -.. warning:: - Fix theme text after I clearly understand that System->CSS is doing - Switching to another theme ^^^^^^^^^^^^^^^^^^^^^^^^^^^ + +.. todo:: + Fix theme text after I clearly understand that System->CSS is doing + When you first install ZoneMinder, you see is what is called a "classic" skin. Zoneminder has a host of configuration options that you can customize over time. This guide is meant to get you started the easiest possible way, so we will not go into all the details. However, it is worthwhile to note that Zoneminder also has a 'flat' theme that depending on your preferences may look more modern. So let's use that as an example of introducing you to the Options menu * Click on the Options link on the top right of the web interface in the image above @@ -107,7 +108,7 @@ The camera we are using as an example here is a Foscam 9831W which is a 1280x960 Let's get started: -Click on the "Add new monitor" button below: +Click on the "Add" button below: .. image:: images/getting-started-modern-look.png @@ -118,24 +119,22 @@ This brings up the new monitor window: * We've given it a name of 'Garage', because, well, its better than Monitor-1 and this is my Garage camera. -* There are various source types. As a brief introduction you'd want to use 'Local' if your camera is physically attached to your ZM server (like a USB camera, for example), and one of 'Remote', 'FFMpeg', 'Libvlc' or 'cURL' for a remote camera (not necessarily, but usually). For this example, let's go with 'Remote'. +* There are various source types. As a brief introduction you'd want to use 'Local' if your camera is physically attached to your ZM server (like a USB camera, for example), and one of 'Remote', 'FFMpeg', 'Libvlc' or 'cURL' for a remote camera (not necessarily, but usually). For this example, let's go with 'FFMpeg'. .. NOTE:: As a thumb rule, if you have a camera accessible via IP and it does HTTP or RTSP, - start with Remote, then try FFMpeg and libvlc if it doesn't work (:doc:`/userguide/definemonitor` + start with FFMpeg first and libvlc if it doesn't work (:doc:`/userguide/definemonitor` covers other modes in more details). If you are wondering what 'File' does, well, ZoneMinder was built with compatibility in mind. Take a look at `this post `__ to see how file can be used for leisure reading. -* Let's leave the Function as 'Monitor' just so we can use this as an example to change it later another way. Practically, feel free to select your mode right now - Modect, Record etc depending on what you want ZoneMinder to do with this camera +* In this example, the Function is 'Modect', which means it will start recording if motion is detected on that camera feed. The parameters for what constitutes motion detected is specific in :doc:`definezone` -* We've put in MaxFPS and AlarmFPS as 20 here. **You can leave this empty too**. Whatever you do here, *it's important to make sure these values are higher than the FPS of the camera*. The reason we've added a value here is that as of Aug 2015, if a camera goes offline, ZoneMinder eats up a lot of CPU trying to reach it and putting a larger value here than the actual FPS helps in that specific situation. +* In Analytis FPS, we've put in 5FPS here. Note that you should not put an FPS that is greater than the camera FPS. In my case, 5FPS is sufficient for my needs + +.. note:: + Leave Maximum FPS and Alarm Maximum FPS **empty** if you are configuring an IP camera. In older versions of ZoneMinder, you were encouraged to put a value here, but that is no longer recommended. Infact, if you see your feed going much slower than the feed is supposed to go, or you get a lot of buffering/display issues, make sure this is empty. If you need to control camera FPS, please do it directly on the camera (via its own web interface, for example) -.. NOTE:: - We strongly recommend not putting in a lower FPS here that the one configured inside your camera. - Zoneminder should not be used to manage camera frame rate. That always causes many problems. It's - much better you set the value directly in-camera and either leave this blank or specify a higher FPS - here. In this case, our actual camera FPS is 3 and we've set this value here to 10. * We are done for the General tab. Let's move to the next tab @@ -143,7 +142,10 @@ This brings up the new monitor window: :width: 800px * Let's select a protocol of RTSP and a remote method of RTP/RTSP (this is an RTSP camera) -* The other boxes are mostly self-explanatory +* Note that starting ZM 1.34, GPUs are supported. In my case, I have an NVIDIA GeForce GTX1050i. These ``cuda`` and ``cuvid`` parameters are what my system supports to use the NVIDIA hardware decoder and GPU resources. If you don't have a GPU, or don't know how to configure your ffmpeg to support it, leave it empty for now. In future, we will add a section on how to set up a GPU + +.. todo:: + add GPU docs That's pretty much it. Click on Save. We are not going to explore the other tabs in this simple guide. diff --git a/docs/userguide/images/getting-started-add-monitor-general.png b/docs/userguide/images/getting-started-add-monitor-general.png index 9b722907d2eca0e978755f6079b78f858a32840a..cf4c9348745315585b18bdfd85b0869fe341e801 100644 GIT binary patch literal 62089 zcmdpdgXQ034ijSVAJQ8tyJZPh0X?>@S3DY19_#7Fkq5$6X`pH-3RQ z;$kl=DXSY1EJY;{n>*n(EQQh7uIur>GFWeSEw@X(13a|R77J~6}xbL!E215L6>V`h(&`3kEafIHu?GC+YUR_ z5ncEaVvvT40Ck~@N$*W#ta(g$D_wr#0%wt2r2;tP!A#Q*k1B3BI4 zr+e{rVr2E!opIy*%UQMGYOF82k>4zd~mh zcmqZ(%Es|gD6Z&Y?#D}@M;<%>3dVvT_itoM3WP5I z1Ye{^3QUxClFAoW2uN8d2XG!Dyx$R!+p%pi(%{NgFdE^?eMz$j7vQmeyd*+m`GM$) zRX~B#A!-(iP$ZHP``QdaTl7UN!v-djn6VNg9u|$Lr!+=c0GGIg5~|t@b#bR(Bfl(m z5F9c00-&Ouzj)4`-(ch#;grIabl&_nnSn3pgttX(Mo{n{Uwy?xzVtk)o%6SHBT_5e zvhUFk@!#mKI7mt=bnj%*0m1enZaHE~cHck5zpR5-4}B*wnMI;}_?>xzY2xJ`%^ogE zL_wCtCyrW_Gj3R=r=ew1nxwFeh}auGuabR!pIKpoCTx0Td0GOu0~`g62{SHx^T z>OC)qYrt~Bb9p@-L)z`tCAZ3Xtl>)T`6?r3q%&!4|9JcN{T1+v-k(u4X5|A4WhLrt z;9;P6pmT?O2c2;^oz#1ZrkB*AeO>Zh>?YL5?8lVHW%2Rx_3^nAD)bp@6(0Q zSxxB%=}Wn`ILh9gzFz>1{*B)F{F^<*IwdFOct_#FPb=zAdyI(RBvt{E&9N8sBq>)bt$yCM4+Qrb_iWDq&w@pxMFZN!#jCSZjhl?4RzcLIUjmfFN4;|m zOlM}MzFF!SdyXS=RdK8)A8_w-bbsSZIgz*gh&(85?pX7&=6Q{=L$OnsZn@bUcB4c>H=!T|DkQ){X+}SABiM^qsqb z^#=W*N2@eoO~p? zb7;q7#thxGTu}s51chAr+{!Nxev7$XyW_i`yAF6rxhHuDUyNSJoLKx${#|#jzdyek za*Y0aewX`)60nlUDH7GkW(SBaR7+iLQuw?7%RdVx`3;LQO!$WmKFpm_o1T_u%$OTkoJ>6_9h3VU&3# zXD>6C@P627J<;CqM8IvcdAiTLPrZ*^MNH*I;m1PBLazMP@wIV<)6Hx8JGl~04PY4* z_ZtctqWG@DuE!W{Abf`o_8T3_&jU&#!8z7d*;o9>wgr~v5?ei-%9aY|eSqVdrkbdl z26N$o%#N=ZsG3Bk!PDFT`coU0t_p=C6#l*8;_++LEW+j==@DttiEeYZ_fAH9XYm= zs~fCD;rM&j7A8C05ogFDva^xPZ@1}3Hut{ffE@!SHX$x~g8X=I7qq&#I$#wtAj-*CWTm%YxXpIj4D@eLq#*3*V*E4+SwP$vF>vU}$jq z&QxD^RQtF)?7V%kWjN@=>nXYav0J;lW_|>FWHU2WDAU2aTKw1XiP%`smtpmEEasnj z&0ZF}`56Q7NfidiVEd|wC8vktfk}?(wDR;;sBO!6@M2V=^*nUT5aa`bR_$AWEqrRq zrmGrSY-E@Ubh^5V|oz>t<;NM@k08*2xN+c9M4k|p< z>p6QmO6X6h%7Xq7dz*Wbuv((()ATqih|R%vqjTkcBY&)$&=9gb+q|EKk?wgXba+1z z(h>8HJjT=hYT}&t=Cr1W)6mwizm>!b^hoggaMf|{tk##_Y&aT$&a6Ew46d0M1CEyf zPL>6(3*b<5R+!_;9{ldm!YS?!NI3nsA)NB$$#WCwE;03o7tEEm|a1(FrW(uC*aBl`v?L! z8dJD}tgIdQTm`BAs=){Q{8Y?BMe$b^M@vB}EqNshaT|L81t;@+W>zX8Gztm|0edrZ zK9vuW|1^jFCrI_l(b1NVg~i3ih1rFJ*~T8o!p6(X%fiae!p_bFtHI>pX67)WWgYXRx;O!~09Y}x1Q9hxVq6{Uc_ok}r} z^m@~oPqV?WCdF1pT6cf?oZ5Ecs zrpw;T$yRT?o1eYeZ8PJA;V*ynxuTG=bk+`);^`W*9>9GhTcTQaxccXLCb_xFD(8-* z#8zYdnL#`4as>y5Eu_-32waToH#Tlh*pB2;_0T|ZBJo+J3Sj6 z_vD4(NL;_>Ns>enmHwt+w8MFS@r!tyUq4kobFs_G*U9peZ|svXS%RN~%Jl9v6xwz6 zc^aD<&rsYnKedJc5es*E#>R5AHyU5$#?Q&KpJ=fyZ|aY}gSz^v&u=fh8eu9$>{FO6 zZJw_RO3<&r?iEX9dQFD+*Q8(i4Ix&B0(9yMBCErPNz}4uq4m}$SgE+6^|}q&$(Bva z$?py6=hiyr7F>g=I|<3*Wf%5|Wfkm~rgg;==8ufG9qmyOKrQz@cLqZn%?6w8 z_~v6{jsbQ-!6Ds&>Vv^;$+^9J?GrK4;-z~W;CaarUfuQeAm?Raw$WS7vh-VAv{)51 zZTOX4wI?~g^sAPqaOz{MF^9OJs9*4msw55dDg8>bwC!9FF0;Sw#GKCNr2%x__0?Zo zt|qp!b%H{=3uOy&7mpL6w#A@t=c#4)`{+qrrY8Yt%*)|rmsNS;lZ>ElG2PSo9_Gi= z@^06&0q(<3q=ZAgIg!_nP?AQXk^?(2f=$bz#&!)*8@is`4E<)=7;}iubuhm>;bHLgSF1ytPJzpJ5Het2f~8KKHQ{W(&CQL6 zcGZyglKZzNtManctMkOP)4n$)QS6z?JMaIJ4Lmj-E@Iq*<#@L`O@92T28qEi=_2|o znR1Q!ceQ(a24~{U>M&V+O+Trd((t^2r z2B`kHIPV$Y4MM(L*vnk5*%T)~sWMb=N`o@T)sO{!V`g+ae&clfk$hXCR5P|#U9LGt z!_8$oCD)tHA5!zGzrVmT$#P~&MU(mWu^yYuy?NZgvrFr)*GD6>E}7C!iNPRpEvfQ1_Fop8?c?an69YZ$Id{# z1#8O4&}$SewkOtq{*ql7f$cGY5*90rCYd}* z%g+nHmAMd<8w*9FM_`C~PByi*IiX3WM4an zM+HzU;2>)+f=Li5{(!Ly&Q1RIxgI=HqeBdtnn9k95K zC_2NxR&jKL=igmT9z5iiX>Xkr;d7%x6$|CBs=K%9%u5~gp+4E5J75RF_Khg~Fet2~ zLa#+b0sN{-BBk=#<$j8tc!#-PBI%a=Z;g&JK-``lShU(ScrDnYs=6Uq{aizSZ6~gn zN5MKvvd(J+Yxar;jY;E|mNv)Dvy#SfKaEAq4QYM8Y5Hnmb8t`9?rC+)=H!We{aE;4 z4g%&Qtlm~y$cEK&4zxsIUYduZQeU9a&@IY~`n^%_R~qc-6Ve!@2ch)OlN5@Wy`ZqY zB|86B?+g~sSZs@mDBuS`jdc0#y37ZL3vffLWcAtSb^FrF805GtN(g{-Ox9|Yxzf4S zOWFa&PPa)3E}{>Ozm;yngLo_rV-LP%m#*p=%PMV0{JjKsL>>$1-%0C&+D;t+ zl;UA>hHd>wN15Mf1pTfX-%LN8yU~pi3^)z11(=Alrg zljN2*jdR&#&(t#xWi$&CRd)N^O^3oEaz(|Ofz8iuHD;r7%nXr#WStKAPmH1bdTV0!i82U;-1 zK4Cr3mAjhsO*`F$x^VOE8d3;JBIm-WckR~N?o!k~F5z#(IB&gXUqq*-e?W5$V^Sj7vW&Y*mU_>&H48EUEDVze)C2K<-Fzr z&S2U^W=XA|O{Og+vr)2`)(eq$mhKYCw;EbhL8X<_@5ui#=rEVpOAFr}yNR2ofcv*o zesY2xR22V@YV>B;h=t?-;;au@l_=7b42*I8Qvczq6B!XSZK3wvKOO@%039QOO0T_4 zwL$t}>AeEKR_=2rrsU)#x$m_WlY_;YWpSpv`%^`L32mx>EGU)I8RAJ^Y<8rl@CH8V z&D2+oa=m_n{QZThbm67Ts`&<<#A&is9kThl<3f#cwb6PTEtZN|Jf3^D5a*iJBLNV3 z%WCuH(@5ND*hu^7!<8w&e@~DBwjrF`+kA^mLl>hbFJ-1ep;2aRzwsU}c zkc@0y8IE85P%CMUQ1*|y`J&*F_zBRP$w0f))6%T!8cHlYBn+0a--nRROp?>eivng( z61Z-r+pLy4BDKRbU^=2OvumEQX#}C<_@8SLG#*v^WcXUe-9I7xLy$2=K5=Neg^fy&tcjv=4JZc z;{g{Vcaetn6+{jKX+2I3DsW(LgCK`to>kVu$f2601|h5UhpTxd9G};hA?M&zJ2@90 zDe~%Nf?1Ue*Qw6fSX1RB+Uc+|59tAR8k+8!C}@QK2=p$NU|(y%JnFFQG6YPV%i(Rg zwj+Mo0M8<5G<`OwGMX*`N{qVMbm52ohHCedo{X#f(UYv-C>#3?j6RMmd)6LD#*Nt1 zrTW`)<8`Oy8ZA2Nw-yKF8g;UOwhH@ASt!7#z-hU#M!iI%`yoSMF=OvGT2b7;2fAzO z@SttfND~IS0X|TVX5 z-)?LypQ<M>yTfse8z8d6&)^ypGwf!x+|UZT1J_1ut1<+sUB z-|1f}>Kryuo}ahlJL=~LwddqJk0)%;dV3sh?aMBb`|L8^p3G-@C1UPP){|E7j9l1m ztJ4_{x87Q$4ShS05x&?MxWA8cU=cjRvz%!cjO~qKl?a{1v$tdWv=SPs zlf~Md5BIKy9v$>_kfWwtL9gX=sLS`b(rAYwXIoi=5!L8w8>y(e<8nQ>1oJ4;D^e7o6%G00nbVmjas!!x}@WGl1>PwV3HL{qYyjscyc5g*gMy z`)8?p3&CD#w{@0<`iG<2OSSyu-t7d;2A^H@rw4R9E3*WzkM=>DnjydiC!_H$`Yd3& zV<5SjNCBj&`L(m`b~94M!Pad?6=kNk>2{`FX}V|RZO{#mf5de~TjA^tCMidZH^=8l z!HW*v2i#KgWaP#E3ZIWBsqw1+*)B)K698prR45Wk$-r-xw#&ro`-{27jQz{3kpb4YC9-Bs(mX+&m0VC9l3lC%kp2s?9!da+Y170@8@z@D9v4RJ3kS zpWeh^2U}QJ)Y~dcVvuedx@ap}ZtdZlO)Xqstc+Lal#xuP*I5KD-e)FR%?s1Twc21-`*liQ9d0scx>>3P+&GnbFCLakj7vH%E-KDUFF&ru zJPJS+Z&wne?)V;ug|4N^v4U^o?Y)l=6*Y3*)%kaKUURKZ9d{l=z}ZJE3ERjpYS0bhOzd zYK{dT%E!vCImfx}uuDR#wBSnc#Z(#~jAE1AeS}w2*mfR<0Rzcj?QY}2o zFDRIE5sp5+y$V6XB(!=N-%>nG<2ldyhz8Mn&6K{TzMRDW`FQO$<+%Cq(8tvI1dE!j z8D~z8;gLgLS=v9YFP0nOTBBF!af`Mhb~T*Z8w35tv973?(e2OBh)B}|#jwZ@jD7{4 zn5&YsKml8e9wua-S76D?P82O}9U2m-M}Vrg%PJpFmv0f$%Hr8M>X8mQN*ORD_m$bz1xY z<_UBT9KiO;C@O+Myz<2t;c&Is+S;prGWflgatOt|k?h9AyqJdLDKJL5!cPs8BLR;aG21)>*vj5qFT25B0L?6d@3! zn=A|sJ15X$P7(R0OcQt*G-wn6G<4%m+tP2B*FVrb(|Pq_^+Wr5lUqXKP`%3~@BVvY zw;}Oei9ZxmHEnE*4ePB#%Y1c^1NK{R8}>552}{8V+9Uj!vA6YtfBs^|iIzOxTlMI) zMcv}}?+S-rw}DQJB8w%#aFdh1P-TtTZlgt~#qMB)>WI`GJfzSs;fRlf!C42*H^WAT z&L-owiW&|9s6;f^2LaqSjl7KZ(ryhO<>k(u%%Zvck79PJV#tGtZA>P!7ADK|2YS3# zAI!Sw{Lih=DtwxZ?z_ETynjy1N=_6&7K)87#z+Qemk39{K;cfQy_5j*&{UdB$ALc( zcY2Ym-LhkCRCcVONDeEcu?vR8^D+KWM5UJqZq>1D-4c$nK^5Lark462@vWO!IlJ~I zi3u3S7B5yDoG;HGfg^&BUsYDl48?BjrtgiofC11wx4Y4yvlHs8^|DK^NtXPB`FyX%^t zpbooV{I02(-%OQM#!+;MOda2s;6A}^r#g=^?WCK~EpPfE-L@n@gdM2G?0;>ieA1pT zT}swZl*@_5cZ~yi$e=xVNM*UqmEn!?!=p2 zD?j2KPK9PVQTJ-h+Ln1`(z06N2)oodjRE@)BBtX*kkNl}M7&&~89LpC6PS;rX&MUb zSG>SnMEOvvJeU^K(H&Tc_=DpH2ax|gaE6J|@9y~<_&da%9yI9KPiCHF`~h2D6(Rps zWfSEO>!<|Zb(k@!rNe|fk#tA9tw6SIh`yWqEipoug=~$!M73CkK7&h-JLn!$QRbK( z@uaLGsBeDzSo%|ORW4I6N%X4`@}fFP&TeMt!xW2`X4>u#ocBX`+50t!v29vZxmQ8E z7t~rMOIY5vTXQ00&)P7JzKilXCi)x3ZLS=nzt(O}wHZSIniz>>KrnXp0rl%>tnxnG zXn|iNofmVyl)fw*L!08vPK%C;GiOBp!<$VxH{o-sq9Hy1HqYrF$vIaE+A7kc| z$U#6^tSzMh1wP1f{oT(Y-HXE*drk8mnVx^*j4W1^H(da2A|&vHl0ATEFx|#Eun9r1;eo`A@_Nt8En}0^Wh|=p$e;utFzbtb~C$ z39N*o^J4W9ofh}=Qs=|D#Q6A){fxv!bGbxDdJZciC9plfa;~9Eb*?ypPkQQ>`jSoLpi7Q!i=f!P&HtnIZmU>q+2D%e6h*N;JR45 z#ylDD(&KCQn?&hVn>VJf9+R5RsXF6)I) zlO>ugvz+hp#>QiRP^0W`4kTfv0!(DQ2KWMINSWSNeL(YplyWeG&ST0HSB2U7l@Vo; z{TR`-cfZGdru<`7DG+EPeDSK|oZ8fM{yi}&(y*ABzPYG4?$0iW^gRXOW{WHd8h>;- z3lFE49ZTDLuV(=u9*j{{W!f{h0Cp%d?hJOGP?nl~?Q!rW^C0{nt?lt)erqTdczf7j z_(h*O<#wcuykSwGCLjJ&2gHJ`>*Ak5FTZ9tDj7WI6b`>mBu zDm7-e-o{ObTAihUI`*?zM7W^ZSA6`7TjjHNr_K1PgF2du)q?vQP)LJS%PeGk+|%M= z^6jipN`m!zV%~f{|J!+Ie6*riiL{|gUgE=H?Xozg3z-`)i>CXXj2iI<#cG{$eG*ot zp<$aAKob>nPBly&L&dX12&yqjxwMX!T0lR1;p?|EJmvsN`sRo84GpO_t+Pv>r$anR z^UjcOnpPXVUr_0PeCyu5=+Ap^smamzY2vaX(~NvXp+-?pTwCJ}?ek~AyjjiD{ufx# z+ZPIKpLD6$Pis_X_M3JOI-K1u<nrr+y5ax4$#CLc-gPNRKHMrT7%H}2 za`~dVWJ*&XX+@nn(m%81V>LGxG<)aS57N;T{xs? zVffiKwXEY+*XV3{=F{wtrBeYlMmT}v8U-FDGtmm*h=hYZ0zm@(n4w&{1_oY}Mc2ai?}yu?dAIHK zq@u_mj%2-yVg939PRl9RAglYE^NXwXn0c3FuWfh0?o_@U;r@7G%p);LeAD&m_PkBo z{T8qX__|it8r;q2xU*7|%4Qn8=<|5b1+z6JO4L9CY$?;A9ATg1i?i+ zGWpC8zh|JsxjN^gmdm+~zOSIo{)DL_Ra(e?IpoesY!;^~uU(heboU2<*nQTbT)oqT zYmD<-qqHl1<{VWYq*y33)%tzGt$C}`AoP}L$o(kI$}$ZSvE)q#)F$3^2RA@d)-Lkr z=T*l+#U5_&zo(h$FUURGZbyquS<4Dff%O{AZ*^px%?CCb!gAhu%u=C;!|up@_>$yrXgM^36#b|DR=0=+kv^* zcsQ!3ieMPuJ#YWzio1uYYzmX(`D24eeYuOC2G3@smk)%H3qej#Tb-=Uk7L{_onatw z)7)X%_(_yJ~Sy4+&z@v)f}oz*~K$?!3Qk~moR zzK?jfW*+%oo%BWa5eDzk#Ii(~5c|ihA%_H)HzBX=Lt|*yS4?9Bw-WLn z?~i;8?A~dXrwKmZojwS7=R%{nmnuujoBDflvTYX~$K@Z0!WTA^46O^(ol`Jh3(Od} zt|Da;Y%+0jP6|EVIoM=-Y^S^29bpI^cj4Bb4)c@BE=iGlnWc@mg(coEMw}>4zZAam zNb%Z>$1>14leEag#>0uPG5~!&937_jeq8q{xK3KD#$t{_@+V2~Jd|7D9rvL=K-pQrn6UofA9&Du%isi6zYOt-=+q(wY@u|+rBr`?oZ zI?$}g*A!x%WX2d{9d}?DIKp>HjP}#iqhJQi|Azn4I^}+ah_abz)wNo6!S=D5JZT5> zQ1w7L$y>AV(+gWP)aoVmBl;vw)xsZwYcm%XNo(VZF0v8h`YlvEGcB&ecE_AC5Qj^9 zmU7^tTo~bWeIgPR5Q6hFB#E}l4D0aATA3ireY$y3x%K5?##%znBRJ_^vLPxz0*IVZ zDKhFyHi9}bxUbN+zmWlXv~nL_a<$(=^X*uLc1tn%TJ^XFrU7KyHk8hcdBg{#7SjoP+7c`GqO z`)3~vN@C&lf)A}yy*`declbU*VK`<}Lm}cHX?$i9(_tv}jwzBg@4GfHs3Y*;@ zHZ0#{vhFRlKokcQuhYCPW`%^ESyP1)>y@6Ddu=5HZ))jG^Jrs*N5>XgvY>XD$I#(- zlCOG9p+RorEJeYjSj1q8AzdD6siSiWAnM$bHog+OJ&pmxHg6D83CZ=Otsj_<6LtkM zc|s*hzbYZGXkj1xt z8;uf8~-RXZooT9d6Wv2;XwAR<3);8smjbIc^0cTt-> zz;oRoGK81L&oVZekh6Wr=Vw?0>b6w`jfT>~{K9m(6Ni7fqJxtOf1{A5ZOkHv(lWhP zND~mHK&#?~)efUSREU}`J0i`0B(5oA50A|tPiyg&cP9C+Z58}3y$@r#{KtA*@oiDh2 zQY{RAfhy~a>~ge*+D}Z*hqN$WqYr5p{BSk=Y9oVwjxd^RbB;8l%9Z)Z)y*;!B~%28 zvH=NO*=F6Ft~gqZT19SD?)6`Jw*hof3e~7E0Kot`TF4#F^cz`1l|luwwhcpB*>D#& zdkpT)Z)~Qez>$pPo<5Gq6{}xaq698xQ6!wr5QqMF`Uj~W%D=_t1~G6dJJ2y{P-=w8 z@!l-Jd!_RuM-U0x$A^E<(nHLrYRYsvK^M!7rg>(JNSm1T{de^TfBcozW2k(!OmE1k z8~FDay=-5Y=-HeWt%=)vTY=UvEwtR85}q=6hF=`R)!pbh!Q&rLlq7B8rybB_9p77; z0#VVbf3T6hAJ=}i6)Xr1Ivm!|tmhrtqMo-dt5;IZvGBm?1G&Y4WP zmVtW#1K7_Ad62v+N$Fh|chqdK_o1aCl$o)@a`D)VL61C^ZxZq2xg?R1i^#MK1@chW z25`6*s=w^(eLy1Iij+_Mw)2pqBUOb3)hn;+62x_hmaFsHvvHR`v0F8&TbjEJW6T}d z`J!OqHm#jYPLjFRW~sFlZFh@9PuEe)U(2nPzz=>wb;+FZyE#kRRP<;ck9*-u&-=c{ zn2DBD4{QHQNyu9mTR^9W0Ch_AX&1aY?jfI-Ak>ei!7VirzCZg~XEFZs^JMYnVi*kE zoKCUf*n6&Zg(c5xD@0q_LSabAreWFJV{3^Y0KkLWpMc1O+4|wFO=4JPN zrlTwA6s=r9T$R{% z1VMVh8cLpF+3p7;7%!|$u}v7#a109442RhG`&&Ncu*tKQ5-R(4IMr{m#|y?&I`bbC z3LRP|>q8k?MQtr`b$jm%IBZRC&DtJP9RycDe^vuH=nPYG9ZPKEbkj7))D-`Y#MVpz zbOArYn{ajJ-?LvBcE+Hi@oD10C_P?sM;#CvSFRCZ(%6U{N>? zLvQiCB*QZKhrn0Gkhf_26S~a94wVj@I4sF@s~$l)=jk;frrFJ1LDE+8TfCYa1Z<^; zo|nN*FR;*VyoM#@7fp|LZMk*6((6?A%05}%kRMZR+2G#CwFs8_X+xhy$w;Cv$t37g z0a!wxQiLmQV-y0(b6v7gm&&UWW#t_`D?E0jwaU68mi6JRikcaf}y|EQZ@re}Ya z?u4SLt}Lg3;R->Lz~x4BLSf^YSXU)<9HHxS6=QWL?IGGk&kq0>_M#ggzN(4g5ez)P zEC80)4Ap(>hm#{gxb4vwn9!j}5Lr!b=al-*)8Y7B@huT(%<9MZRcf^=pgcU*r>**;z?Sj!uU9MCLB%#|Om zfKNcNrhN|W6hy5_0)R&As%G`5&sn+yTDLGnW-o746GlH>Xr&OE9hB%!7ZqxLu(mEz#&s3T%H=%nd)OVYCsTO~;6b1HV) zpBhpSx;7K;XLo;XXD0R9Esq@TSDp;6Zl#gmA>^plfL^?6J;f7;k`^K(Wa!M&q1#iy zHy{_R;yWMg$~?zv!b(skS3|0=M_ev$kQVug+B$SpYk5fVg!yeW(j}HGUM3y=LK zrGrL{_g8iU5jr+OJpt@p=1=KnERFVO*SwQ$o_0>=({juoxp>(qenu*Pa+rEE8&nR} z0=iNv0S)vb*}Gc^-t76C;nBlSWe(bf2bzX31SkEDz#YF6LEZAct#H7?%1m!3kU;b! zr{>-+RjAfoXeruwjchQ7XoK6C^eId|a`we}Wa3*c{qN|vq+mk9O`pEW^a|`L^$hq0 z#YUW}-j_3vOJ^AQ=$d%PhFaYZ+NtI)JTJVQ`-m273w43NQ9p(fb`+1*Kd)Gc)Oy!e zy=&Oa9<=`3`}d`qA>m1fPGtUDY%wqqDzA~w&&inr+^);KY}24uYcs4b5x7~)b+!T` zWM!K#dTDxhZ}FgHZs{A(XN-)SZVJ^N(|hWMH>$%3GLYig)?NnucysZ9EzaX?7iaTT zNhnMdu!8JFbzxh7JG=nR!1{K56d3``yZ-`Xr0`z*z2U}`kc`+rc_rvxoB58aV)iT2 zu>spknO` z50=A0ivIFlwB!1BK8D*DfA+qCI{Q>EfoBVktSz!U)4LD#T~)r8XV)v&ooN0Y9W}vD zh)9HQt#IR^&*o=)^I5CE%~0bBm#R4F(fZzg)ujLYa{{wlSU}i~-q5;DaRE0&G@d*@ zO~9x&r~GkhFXH?qIzLF_;L`tyXnDln8(8lQIwbU~R-hQ(=RcBGDzA**d^5UopEf2L zV>;U}|B$8%V<2{l62BrO(b!SiyzIn|3J4#1eW~0GXGsE`G4MD5kAmE*5Zi6!>3Ztp z4v2p3NOkLSm|RH2NKGr-26PA9pDkb$mTx?JsPbpKvAJXC#td+%V3lQkSG6q_lhAd3 zkO3b*PgkPUHnYuwL4ew0iVvw2<{mic|C)Ll!H4NIU~_MO>*X&hQ$scCw~DKH72WL- zy_P>I1S3tFaeJkfIgbcOiK$}g5a@KKA=iDbZk}svuAx!9?ci8k!44+nb0+I)i|wth zi0GG0)|;wsPkeD!BMu!Ny0%?eTE99Ms*%3gFtf}W>Kl8mo33dE&8MtWzZ~kU2941w z_2K{6JXujHWARrT_AWrGsfE89cq2M2`mV zKY3NKdrTN&V`a07ZCJV+t5|ZI57FU6uxa_y-r4y}_z&R+!wFOf+U9#B>1c&&|4oAe zAxK7qd7vY&sQJH%P>>_$#cn=JQTX>R0+yZg21X9DTD)WVuftws*hH><3snDWnZ=5_ z(*Pr03r=ug`N1fD=lj$1Yuyp|z@ZdQRB!>aiZhB@x!&yO>GDHi{C8?}{P>#k4fOC) z)e8kzPOu9Fzh)e*2J7_u>+Q^`EYW8ruoFZ>JMb%0GgvlL(66@ky>63Z(NHS)i1U&g zutclMhk}gS7%{_e}6#+kV&oNuy#(5s*}R zUkIKlk@7p2+8}1aVnL?zq>Kz}me#ABQA_>WPhXsNezm)w?*Ynm8|uSwY3KA^76DRZ zPVtzpcz(sj#T_g-jMP1m$)7|@G|E0dg`Q7NbXzXwa)^5wX1V;cdLZ`~^EP(!hfi5v zsff=pNj7MYn^%KL*%R2LUpdbhbHV6)(_o)K=OUZs)(cp(nK&A`$cv2*be38&=b82b z`P8lXd{qVBZUc`)PRR9E>Jy)R0ed~OGn(rKfpM>p`AJPf5IsG8tDyVcanB)an<}|L zb654C$zt^>h>ML+S+;n{9RE@Cy3bmXKE&DECs#7+j_v*_oz0KV&lAGfhnT-xkZOHm z?FVbjlTu*_B$u5iD$MwdC45&osw8-`llw3OyRrav1fm)cLstCJJxhCFv9z`6&&Vpv za`4YjwXZ#Yi)LO#u(bY;+VH+T1YRzARDc#5M|nb)YrZ~RvA`j|Rm?a5s#O@awIX+n zEN2BCUr)C^04U27uBKt=alVf>)9P~3CDSG;!}CPO=Y_RAU&M&OX{6K9(jp1BwN;G3 zNvM3L&>{mcN#8j+Mv+v&wNmrIy7^f0iQClozTPyj^Vm$#yt_8zGU-Ced|dK40=X>M zh1fLg#9Gf(wj0Vl{-tfQFe;s$eGW#3V#*P>e84OC{>#*JCp)AR257l_9z2hx^4KEL zFln}@zbki!3PaAu(5m}9$!-}Ffy3bW60Z(R=<0`Vl~Na<3)CuYyw*bX_H0~HoV~3JVL4X{ zt1UXU1~8EL^STB&QV-L&>)|(3o{Xj}ZFkj=EuGJ>1b#i->{kqWRz{9q=sS)|c#}`_ zt_I>Z=SN+9{41+Q839S7xA$Pqvf{i&-v6#D1&K0v9i|j@Pvl#S?HZ8IBuEk)Rd}f% z3ruCa@wVp8__OXhk#z$6g{;4>C4J$9xfEOx3BI3f4%`l}!NA`BYV+|=(u@1c%@ui=K>DDDuD^3VE-%V%?*D@ARv-lcRsYC@4nxvlkP4$I87eiAudpHCa=j${aO!~`W|g$994`d+RH z_!|l4Cf#&m3149)zBic?^VF6u%!l5# zz{tm7n9~NP^=w{?vJ+f2DpQ_=zd^_F@E~qEErtbAl6C##kaTRAPoCb9*MOnFzteq%TJRk>h#FIANjMJ*VveZDu@LTChC06!2Nmy3py<(^8rpBPiX zFClivB8ln1Qma3pZs<~?3-*38Z&)8vQAGE*?mDpHCt)KIX z6pYmITCW{{iT?cb&O|(PGxqOeS6QDMx$6I>H)BQ(FDnS0@CNoJ;xXRsv~~RVb8#@1 zb)-SDRv2*!8TAm`&XhLYF)k*ErXX^dB3-c*K`;C$}f-=Ijv$iD1=wB(v@e&AuhFMl@=STslwjR*BX#)Uu z&>k!$L`eie!kUu7=-TnGdU(1BjUOu79&Su@h44SZJmtpA*r3vl1%?E*KX5549w$~z zL)NCWnC8#jr;_~>rsBPnrNM{CwnZeuPtLr?KvG0Jk@ek<+?J<82&13~V#JPj!h{)a zG3p=jydSA4vHf!1{%}alq)!QN((7+?eCn0&sN^#ZLVhA#+Z~(DlE6AQC4ioxuE8x; zBXT=@JK|4gN*lPHZ*y>-{JzL6)sK;a$hJ0J>Os7;P@Mog;7!@0Ze%I-~ETsD%D{?u|8Z9`N`1!{ZOzyVUXaO@_!QmVTn&P z6hT%cpB(?KB!Y+|PBCDkU9MF{#ilu_{$KN~$d}&@THK>K6M`6}KFI#h@Dg$&;|6$4 zhMRxBR|1;`FHY?LqZ*p_=!rV?zgfmo!yp(hl?uWi1O#)=Ic$t1_MfAtQCxD6nqq)4oZdC!@Me;0^R1PK_p(L^*KN&(QB!SG0Rd_3M`ky5r;`7jfG*i?m~O;J(NLyhyHPDL!I#aLb* zp5f+S_kZwU##5A!eK2=Y&jgQG^~8A%j0R(pHaju$g3mYs6Q~2^PF=E+=|zwaFzs^0 zq4O%!+HF=WPCyC$@fM+xo`>o1;v)ZN!=B}-t{JY@g!gva|O@=l`>Bmf;2QZmk z7xvO#yqghe#m8@~?TIXg&;dwYPN_l594rfy35m5~=)6RY;T1+-C?+=3 zwn;a9eYRm28%~Q9HiKklylLT`qL<)6#ve^5CZjxJH{y+xieS6_IS7#KyRFhfKfiM- zuZZ=n_m~VJ;1LvqA36kBVU@TT?9C1>_f4sSsLNz`8hPS^v%T`^VO)Edv&tOtAWC^0 zOa-=4fa>cTX8VD)9*~tfo4M6W?RQ*cTBfKFp?KkVxWzh(?LYP+r~Y89dpTxd#5 zodg?R@~^0tTZ4(}wj2Rjj*4BPoPDM3vHSg};Mus-gevGMxTGy$f0@**SLcWb+b=3g zEJ^eMPLa;vGKK6$bitp?MwF7+6w=1|8>?)d%=;JQ5t8e62i4)=ctjk~O`~62SyP#) z_pqG*9DjO%z_Clz?uFJhR4{pPyAz7}XqglE$yMS3VbhxpKd3?{6qmu^gW zi4kDn8sMw{ubmmcX_S#?KIgc|!tkd*l zKPL(dSv8zEPH2rg3~4%|XamXQekh2X%nH0NRZ=NH`R?J!kHP}FT;c*IwZ%Y|k|XT& zqZp(bI@<1={!V=DTJ)I+)crwm&&+^Ly?iGb?y})1S_xbJhaGU=$kBSctD_b#_ebH= z$frr&e#Pg#sH^2N_qtw5EMA-(A!`mGQ5FUe*dgwDWK7Z`9MZQ$mkl!-}MbslySnkJZT=pwo8NaCQWhrVVFnGaBYV5cloe4}MJvpT6b} zS&N_)aAh=a4I=o-DcvmW@tZ8pX@qr8Uls`fd2D~-soxGJ4E&rdGNJYI#Gz(7gyq=L z>MZs1W-!z6_uE>oYsd;RjJ}l-Mc`L$(nr@K7x38s!MnSiJTmB?9hV0>Yslk87J4P{ zzK921v{TNQ6C6C%L~Voo52#4GC-JeneJnV;SSNQ z&%%Cl0F2i}RJJ5!E*vdP{Younc@-nsTx7p|EJ35qVSv86Q9fz~E3XLk zlcuk3xhh4?S{}R4CW1<>Cw}sn;j(Q^G&F1y(L4whWBq|3@Mq4x z^Rz^fy-g0|d~Es;g##?cI58KjqXRaXkz`m=zYQhZ6*cNJrV$0-Gdn)mW%nCe^{eOdE{C}CJA*6dY@~17*_mr&7r;-To$TQ40rlqwbRDBCI+jo6dRT7 z*!#Qbi2_c0o2KcV3c{OPgNR<#FG0i1Qc9{T%N;#bQdB)PDx| zku$7RD`AEp*K_9S^$ALN9vjWGRg6vNnc|v>_vzykZ5knC?U0faw8HQ5^=Eaps$@T6 zfK4^yji~oajRY*cr6~@%pve=JCR=G53kaWuJBJ<1>CU~HSXmK-F-(i;>@4rVyGSKiqarEw-X_|-D) z7hKqLFSzeDK-ySggzm^u6MmQZvwzU6dLKL;3uD$-f>@_qUwQuRCzz>Zgde=|TdAL+ z6uSzeQcL|S%PcjGG?5MG1=cJ}R>O3DQ zFDBzEnLWBY#&`1&PA7+mM;SB1*(7v|Mws|1B5r#YA|=A?wfOqPx%$kv8C4bAKRA34 zevtA-fn`eh&nO=OppaYec$SCUemb_#=a2L_l{Mb9Mqrpf&azkRX?B!V)jOZIDn^Tw z-`y5UdZc|7uYY&&Z!Z8$qS3h6-&qN8f~%NP$co2G9?QW=)RR2Nh>_C=YOP!z3tk&8 zDVws`P5rjTsV7R3DVPX+M9b>>r<4WM7x5H>OX{;3ALUs7qD&gJwpd8m>AC7ZW&I0) zyo)73x*M(<%Kr3M0}|x`ke2)QCmHcSY0;Ebd=%#zhKK^g|Fkw(s|3-i4pq5TQP`0c zw*OL<+zC*6wEBbQaCiT$UI-G^!-D#Dm7mq`{`aDVm?-uziA*VoSby;#p*)O6&t=8z zf0(Th11^C&P2ZKjLk7u?)tgo9B)G0L{|0hwhfIY~4W(Z1UIpMFf8eyz*=p$*{VXwy zaw+T)2qCw1d)E&+*Q@jh*6aJCs02S~dtV1~XF$8nklfi>dV0EwKQ^(glkH9UGS3rN z`G*g8lmA$bWk4}9a^tciFk?N@Y*ph<-Et{HL_g7a8Crl2rCetAY_w3CO1Z zu@ZqVbgDa zH|>P^b(_%(Ecynm9=@0}i`mHQ>+>XFu1DXpq?N#`nT?TO?Y`Zx)0B>wv?mj1C&@4* zyZZ9Cy|*hT(T;$Rhgz@kybhCw&G4i^=y3Lxp)hadj|o=d!p}r0mQ8H;JFLx z!@Qu*Nc-hU8OU)?+y*FoBvZDUos(ZYTw-j!TWjJ8=&b^g94oN;PFyt4CeBWcU!Lr~ zX|OJhp6Q7E`h8cw;1y(Q5m5-q7zsaO-E;mC@Xsl(XEUJoJV?D~Hh^N`yo-*)xm~Ms zSD0BZ>>!@c?jv3;+qz5u9<>#Ova4AuSGT!c+{J`u_)gS{IN}nOb7RN5 z^Pzi-5d!OlfmE)jBRY#Z986`wjh)drtkb8YgRSrN^$C0!Z608GR^SAz2;iKG*yeaH- zg4B*G`=!T7%5SY-{`Rg_Golp%l$rY$NzT>I;v#bV%NNlbZ#+scVN)xGEQ`SBmolZ! zn|c#ZTHPZjr%;GRl@qkr{W{$!4Jl0ka(<-e4V!j99Tp zl)!!H@R2@c%RPRb#&c)m>kz!LZaDZExVMs9(z9hrWH|s3Yi$&d{{sp^%S_4c#i^e$ zy1yekPh{P}bf{<5ke1t_q17p(qgRO0veA+Vx$gX0)6SyrZe&PD3MPSDqbj;>;n+62 z`jJE|}2k6{E4D9TAi#yGpG=lyxBd)e+i(tA5S$B1stn z?+_XQVJ4od99Jtqscv?{kK~&tn;4$038xDz6n5E~Wwo(nc4kq|{ngRZVAsRfQ9$Lo zm?}Kaz54ab)(lilQejO)Z3kZ9HDw@timsTz(;T~QW;z=NkzMvtF7oUXkR(Tx*|}>R zclw+M@-;^M~b9yYPJY@(OHiMkes~Zp9C8)L#ttsUNCVI}3RZi~x z7lNxD&Ebr}OPq?uCfbGWT&cGbi{VZkzO@^1tBUmG?wV1jz?$ffBR`%q#6Zen}!W!-HF-p-uF|05q6`%G==A$x% zSpIZbpj-j;N^L`){m6Bi;}NWgh282Iij$~Isi~4TCCJLd`~ByFFP4~o`{*fhHs6!D zGGxl^+w0p_9iYRfzsSShlQn4+L`JnYyd-qa9Qzb_VAP+X#@N_h~Sbk0@7w-W!u5ufzeS7cZeBDrd< zfdrA>lO$4=7lj@gH2Gk7c8a)Gw;J`fNSRy($kN%r+vz>A4$gPdC|Y|WvmF=9D%Fnj>TafH-%EJ z6|QNAB?UT$6|hrJ6Ta~2m4XH7MfJax^y;BAx-!Q99wRrmd$VW`23IXOPrAn=y{bIO@ zLi~^1707iTJ|Mpkhq^>dJ!pCxQ!M36b60?PJKyygfk^ynF@b|Yb?d{m7wp%VWz!9* zE${QT*N?deX{ODDF!|tdyy&2EvoK1UB|SMnTSRhm!GE|L#m^TlmxarHs79jiQ<)+h zj#^X3ojBy`Wqj{nxVO({Unw9&?5AtnW?BS)S7bSE+|B;}x9EJcQ4;Pgfy7rZf>Ttd z+X~;N;&P&4KQ{tBzfS$tivL8BKDAH>?D&Ikf~8}M+fU1{tz%#9^u5B*tTA{yzUzX2 z%s~uIYDZ_5+_X%PA%uaPd1LP^`zdN&eM+G)Z_<*{UBzsP$X3nt__2|_j(%&4F*zI~ z(cB>$Y$3RoS1hrYFdansTKd}-yI@Bje`#Fw+fMME(}5K=AREuS@IPFbUfjM1DqDPO zrQh6{V!a=xveHsty*(m1FTlV`cm3;^7;`_d^8=w<{XJ4&FAwP^Bbv-CfsE~7&S!FT z3Bl)D*-hw0J7na$MANrEETk0zQjDH_T)AK98cl`4B%u3~#z)(R*K^ z4}Js{QfVm98=AP{@j=)0v)qCn;&fnFGpzej-EyFNNzqJmoqiD4oZ|AGE`|{87i9tV zh{8V`d5)gURG@i3d4p#q^-0{2Mv++`d!MO(>+Yc62Dc@l<@4GN?zPL7VzrKU-WiuZ z3|s$dn&{{k!8X_CFPqCI?$&iF@|-SB?vp|M{^%$5NShhx5CKHD=KAf&I{vI3ELX*R zSn?~ISxk2fOlfRPrDv)`CSwqykn$G4v0sV_?+tC2%2V1<$A}PF8=NvSl}V-J!d_bY zr)k*aa^#d!vE0+H$g0uiEBfgf>IFHcDQgkcXNiE&SA4C1NMQ20&3I-572glos+jG! zPtduC@H1j>3i|lt`r{Uy$0pyjLN4aCSjxaHgSHC=a^Of8vSFrJ=rCqKFGzCwlIr!V zDV%&dt6Zvz(Bok&2dhCPlhUKZMlYp>*22_MB#ahv$$O01VEB>^ainY3RTvCilq`)( zN07E*;t!57dv~8$$05cLG6!62lNXwtKCcMUAGbHZO3A>Cy^e6Pp1Q}ff6zD0Ip_d% zeoLiWQKqXn1zk}v-92{dlISy1@5j}{Sn0B2Cu4Qq|Cg7YOov=5?JBItdDEEG++)fV}5>j zuUipy>sht|7}2LsQpNp0RK{+x(xd-hkvnWa>pSZe^x0z8D^6mD$gke}uf#3i{$Gh( z^`UD1`CGagXo3<;OH1us{;$J~!;BFFgf2yyRVm$p66TUPt=Icv+qtfCi{WDNPK9`| z8qX)OC2=I(3r5snZ#~q<2l09rE?p^od3xC4IAY3#l*{A+sS2R3uk1WK-4_9}=rX2< zD4dT#=&I}}eF6vLOh9AAnwjj9_V71&_cJ8!00{Ru#3x>!)qMfc?h)TyY~@mE$qwP$ zJGwqEsaLBOlGO8N5qEs1JzQNV{{o%j5A?0PsJ_WWn|AU5&JsYd!(gQAAfP|d^Y@bD zTGPh2{`3{El^66_N)R(E>FA70OC)G$oVlj^TAvWz4papDUsBj z*0*(gBj(B#R^x236=3i?8?J%YTn2(twTdH+gitA~J6db7(Dr98&pR@KS18@D(>)Is zzMs1tHkW=t>bVrFuX-cO+CQv47vR_)Xn?9g6V9MGt%8wX4q)i>d$&-c9{|BQOL*UC zdsgA0c}@p2aqgQU3gRrj=*{kM!Q)>oS~o)<%3lh9vk9>mYB!nDjD$v{cx$B8v_1|X z@kdSPDSsRDgi&MG_0Ex-XoocLn-*i0Hp+QwWvq4G-yR8kVKLre{ndaFmOn*I;K(7N zhWbr``M3J+9Bz=fFiv!cL$VasXTU1UGUVTk+#Ax+htpN2D|ZTtXD<8^i8i=xwvmS4 zCak-rk+zCRx*QZ24RQ9->*CkPYeqBPXuZo!`f{|K z)Z_GUpPJb~3a z8^4c{jUU|o`XYl9DB0QT8lermK26LOTMrD_t!)X(JcP1WqqJ+Z8$8>~ZgvdLBHTi| z9x2UW62od4uZG=+yd@!+r3xY{b@GlN2udg2{rOze;dP`CV%vLYLKtY{br*zU$dq}c z=LHWYee1PU@Q`iBU%@NtLN2Mh^^)JFu8_)d)%5Cc$z>L@wVu!MT$Wq2ou?(B^|Tmv za!--i(;Y_OfyYC_uCZ8gcuHjV4m1M$Ld>tChx|b5Ec?@C1Dw1fXyabnagDAj&fvXVYjBElsLyXNWhT33gsI^B zwZGG14%fEw_r|>2&+MtvDtxrcl>;jH#&AI6q`Gz8cePRzU7(&teQEcv4b6oRv05ml(n?kiCh*z0)00G`t)jODd4R$cdFD66>N|S3`gV=O z*p>wkNJ<$4k;a5~_D!WNGH;~rdpVwGAxG}gXb%)b zX9}foRe9gc^zH7gjUKI~G!n2k+0>t5PV5$jfA@3ni@2G#XR=+Go8U4Z@A>i|Fe8i` zHi)wve*lyvh>u1$8r%pt@4dO8L##`D$^Pv+}ept&wPUGvPc&5s%V0o9_i< zgz;j#2JK*``Sd$NEv3OLm@jvjlU{9o}5pc!WKJj)tIDU5T1e6sStDttFk1O zoI5)6Z%SCistLbyxP$(-mwW;sr|(J;&h9(1Uc;nX{E#o@_fw>rDN`A zAt4yLxBbfQ==kDoFkf_dA+&C}ni)l{Zpef-Oo)2pA9fwfm8l%(r63;14J}sHRy7R6 z0KQI4+xwkZAKhK)F`J4L6jn)n&%aQz%DXRqhmC`RS)dZ{MKGuMD~DJv3ZeR^cYVS% zn)Tum{n~lCFDo}h)88Ml>7XQaLxDXyH(pf9ag&Rv^Rcy_?Avbvc(`QDDY8ZtjhU2m zidpE*p|3VD0umk5tNS1w#D$5>yuSw#A0^-|}Ho%wdKb?Wk3$ zGSMWGPqp_E`jBBIyRx0M3*n&Xd#~O>4n?mXGiIJc{JqB7@R(MD#yXh=G zbKRA1Gh)GrTIjjPWvE*)_{d4(rggVa#5L>(51Rd-p(%J>A-%1{I^C2_5O=s1Hdj8- z^v=Hwx7$-ttaF-(xJ%xG+)6$dy3I;g_Pq&Xz$2+Nam^#8JnyXSH16Pu9fMCA#>grt z!P>$V(0>EQL%>`p9+%}qvg=TPyd^L41tY&VtG9(w842Vm3S#O+H**FM)9*1-T>bdr zmMIjWx!0Q0A*M4kSp79a(m9(RrQpo5?J#I1l99gq;fA8l8$%^h z#X}@8EgE}H7rzo+DdNS=&FNX+jO*Rfp0ODwr)sy=(G}YjYn|g1w+?@?avby)7 zW~>>!qql4y%5Z-$w&~X&^tT zsZXW?d6p(+Q2Q=RPJn2F4EdVLT%vmW%cZdj=yC2$)+IsYe$#{gn0MBQ5uC*`~z%NlH(EZ?G?^djDZXq z_LhU+t4|^87zVCeP`CFkGSwA)iDs(?$<*Iap0?U}0k0Go5=(bc0=MGDqx}tQq(I#X zXFgW==O*AJ^#;$ARX}DTPP`o+{~=1!sz`5yQOQRkwmOv3d^hv?v>sr=gd&utnZPDz zv=}YVvsNK|HUcdb+_(gXYJM;0c+^UM$j@6rG&^cEX2U81pR=N%GLyb$CZ>8b5CW_C z%253}RqwcrAJuPD-!+LUAR@1YaFOGbKWY0HmWr_Hq})W9Rai`lFzagi_m;nR_wcW< zt_ zA@Wf_^)Y>69~g-`kkIh2@p)?mvh?W`-LZa+XRzsjz)WbD3uY$}wtGiFO6pc(^noGlifxncvOU|}XE+IHRi`Oe<~x9t}gfm@d3hx5uvYZmxoN24vo?2M!mvIwMfL^abE zc0R}=hH0dykRmE}5;oa%OnrisA3XmJ$G>-3lSVYn56%C@YA{n$Ata-IhJ^4Z$Pbw(ztCA?kKzpZ$u#6AxyEWI6FPM260`L4QMd)@qOe8l6JS2KixPx{i^=+ ze#CXtuOer)B8CtN`a`sb@-^3j=p%mR_e2fBH8n=ulgOEBNL;vIiix1g;a}o0Kt+uuWZ#9U)RrLX z&1wKH?+*6U(uf^7$Z$}M6FX6^48v?+j!eDde;!SxIRb2=vnd*Sf6ShYDP1kf^3hV$ zSBzf~V}nIsWfJPx6*S5f6bPg5ZC`_ll@_G;W^m-A@qQh@R27OKRtZ4i5NFJY5 zJE`((0-A%>?|_lmkL$(7fJ|ak_>pHO-NsSD;-c7E*JKo4w|zq&OVzhrKYV zhxxd{)1&2bA*85quvJ%g;VvSLF$W<|u^IDM-F-einCxaRa7}*{raliKL-#8SIk9h5 zM5%Q2N4yAg$L~q4YrY&DN+hq$E1h{o_q|=b*7RapKcf=;PyYw=IGAL=iQW2LXr*M}}Ky?9P&2SS)8 zi*|i&Bu`5_1j&~rH~CtRq&y2orHh+wC?~v;f8@_C(J<_ z_6U2y&#>_-#r^X57tzuEDi!-)GOPA2#rj>;8L(5!1{=ud|s5 zfu2nIUTU0U#M_1&!paB}{jen5A*4J&Y0Mtmx^n8G2oF6+!K@U`nJiP{>?NjX(hyR^ zsm$;m-Wgo$&d4~XOb4{z5}zrYmi>qx{W1(nA~k%>x&BcOrtmp$x)U3l>E^{}oW;xq z;*lgn;?TUHIH7BGVCRnSDDCxD&VZa4>hFf=grkf49Om;9@#`7h%eO*Ne2*QF3O)5LevP5mE8I~o8pAWL;Dl^M5iz@l! zt|+SFdj@+Qs0gBAZkodj84&f7Q(slM{~AL$I}I~d5>1L?K%3Az>oc;Xy+0Rsi&bC6 zd%9{l#Ayj9(_U9^H0oNHX)MOd9c+4j34S)fJt4Ot6V$f{MdRW2bSu8f>|qy zjRdhJg_>$_R2s9)6;VDbF@1|Krsz{LYZ^@6>{qFCC+7BV8MU#40Z3#`AcoM zZ`cPVZt8R3g>g%zyoKkeD1Ww&3i+pDsp4;}*gT!k{+A-pB>sY1Z$bp_V%3`7D*nei zSVB6Q*^euHm;MV)Q_vBdjAs2Vkt1%&z4qoxXu1Xt1R@9Vxo;+*jYj7oib4je3>tQHot3da&$C~A0JK}KIsuI;rgbjsd?h)wEKJ^ zVO?qWp8?R}hkBu_vWma^*PyU&M6Ju7xRvB@&UB1|beP884~14apj8gI496cp`5e+m zEe|qMcho`CAYF&{`X^1nds9b2HKv78R1aG zh*V9dHbE{26-|R+vNZsqVYg6_Ccg$1k;_^*#UNCZ?BhWB#6|gu`-^d^NY_!~Rt$HQD1SVLOSw|ST zK2iXfr%}~EQekb4ba=`G!-ZU#4+8Da&*0z_L~G~YnI{-q0>asY{L*j`0X-`l+m|cg z594;5`M@@?Owh;`K!)Q$Pj0#IxKfxrJUd(?zAeXlTkTALZ|5dCjydGdp%fO++eA~X zTs=^Qg3~~zdg#|w%lH-`nPPG-qaTQVj+9p-FahLZgIOjLXeI{<79||d%*mh2Io(>+Yw9(H|N((@y37DN$-!c{O zZg(7)^ze6kOcWc2A_WRqc`v+sFU9O^x}O|PoH@R_cGpA)=#i~f1rqu}id_*)=6zrX zE<9oeqK}qn(R}(AU)B}h7VilQtgg~`jSN&>vuqytqMR?jgnMZCscz1!4o<(=jVOAt z!CIH?w|oW;%L7>3P#KZ{?VP`RbcFh=sMR_bANfL&Wqn2hmYr^Bz!CaHD5lqq33mJVUf>$ zP!)h-EK&AH#`h785RV(CowaNBF(gn1gb6ZB9 zHIxyEyOqT4ep~%SD{s*f@h&y$<5v4)cha0gI>klIS(HRM1Ulafy4YSc@w-yODIVqA zwKwtdWsA8q+8GeeexdnkD8RK(y50N%@r9uLR+l_`b*!oc$s__ZB?UJw9*JbN+a|kj z1ye$-iaj+s3hA?H`D?O?JZ=abnL7-M3=Ea^@x>z_sj9nA$+4eUjazZMZ5p{9S9 zlKV6;##{ylZ;B#Oka`p`7NafVo&Mfkd2^n|NfLa$frpt1Ji^;_+PMnJ!bl&!>RNVm zqOX^ZfZb_6A~USr4;?GG@$el|8sc#;|4RK1MB2v58U>uJl(V09G9GSQ++ClaHS$5K zR9}ls2hlfoulOQ&BH<*TzDj35ao(9ejwLE_H%~3&Zq3vjqjHg)heWQ+w&96W-5=Sh zn2?#U>&x#Nx9+1GgmJCv^T{ZMb=MSWQBACwmUZ_A!d5UpN_+8m9A zCFeil7V>pt^osTFhi_kZN{|pmWB;?iBhl%_ro!O4oRNQx@CF=-9^K=AK8=K;&tnz0 zZarK3=h*1*U%~$PK=Rh#9UJ}<%m@Qism}(5{V!0^Bb3?y5&Aac*`F6;yc)|bM=d}l zC^!3l3#j4~!qTi4+^G-ZIh8Zyh;!7+vR|{R7QYbhRSp$pC+O9Tt3rSL9Y#BQ*&E{5 zBS7EGU|N*JJv$1Bf7_@{P5vU96htj41ss2XFPR4$V;uaK8g>IdWe^EN+~fTe3)3_P z|1FfuKFd@7E*Hxj&A|4UtK53RisgB3DX16E@4$ek8B(GQ6DCXF!n;rLRcajbz85?f zd8wRVCe5h$K?O^{0foE^E&_>&02=_dC_Hq>^)XXMx$Kp$OFOFhF(-7ehz2Elxt1La zo65pjcc)VCj>b$T5RL%>P~+ZwsQRK-ST$r;4EOsbVhHcNq*5 znITm$R>%Zki^+zEywH5byviY4Ea;m@40pgRmUkt_FzjS`_DlW1Ju7f8pTIi03MZ#n zKZ5T@OYNi|bW7-QZqzU3_nFi4I0fIsq9=h5(P)gBL7P%U;_T+~UeEl0bWwEZA(EC%c)^LBh9N62A)9Onp$@y-!X3rQp1(U6>CFan$#YD`wjrCSfRxo+ zLfyR3gV%dSJs+gDdE5+;to)0q<~ux8J0l;YaD<+-t_$U1Na<`~wT|PsLrGl#b11aO z4=+&=K4cilwg1)*AOb43q^eCf-Nm9jK*UfY^#J>G4M0avFICceJLp0-q`1ks8zlU#4rgtlu&sDGx0#scPJl|?!FsMvdZlPJTzq4q@X)rvC5_4hayP0NyUy?kmlP*Z8~35;>$pe;pC)?C{6=pa);11FWB zYbQEtS(=b|E=S~3;opn&>O{-N#Wg(!0@4Fi1Ty!~Y}`=ABfU^~e`_fzDV!(w<=N?! z(M%#d(MJEk?U68g1*!G*q!!6hBn*G)`U|gXCnfm>M%IO|@Ujd}1fG{^rc&+X4$Y6E z$XC|16SIH7)@OkqkD{fwtUFx)dfvIueUmUr++k z`2|u~FlOx8aAl(xIB1@j??t3*wY`IsClW2R02O%;{AKkLqc3BtP>0pe@3^}7@n|ay z8&3RY?^mzScDkW}`a}k*s5gv^%P2kFY_^H&XBQ-?JP&k{TBb1>t`dF%TckZQlGL{0 z+o;`M1xeB=%~e^BdAGQm-EMSs6eS=++_DI0-`e3-#hL-G`Cyfe>b}<9t6x58e0B@p&Pb${ygXUa zw&K%R#uM6!dLQ^gLWB10!KW+YwyNYGF4G2KwxHCJ<}2o}v?HQ-VCl00!^2Me7f2n2 z2wMqe>@q+u?6CA;2?(yEh(sc3s_YQ6zXvLu8kFheLMbcK3#IbPFYilKFMih2N(AuI zu8b~DykS)(T&5Wc6!;O-7V=|;X{b!OY|nZA=b35Q7uB-w5mrh~Y>%PO43if@1t$SB zCc3zOQWUf7S#!4p`yiCmkx&eTUEU?&0;F8l!!?$rB=OvHXHltKr^%hEA6iXPQw%)B z+2xuU6RbSoFS)f3Q?W|$p5OrP9xpXib%t!KJh=~v^|8kOp}7eHtDNTrLW{$C7?%%#pj#730W&@FIGMFxM6%R2Vh$of4cc`!&9dwy% zIGi^hI%QMm4kUA5mL$@9MSViWWn|BM-$Km!$o>7I8#(&7D{y>D~;3V`|IQ5wGeHuy3#U4zD9YQz{S#e_(k9LQ&WC% z>mX`RGE#5J%%Az10t=tSF{h_mibt-@e`|UUwv^=s@o0@=6$iTMUs}3=Xp@c(3HT=v zeT?yYztVk*=_u|PY7*0lo>7zAo)ul}YieKk?~ToHq&;ZqMZKFdpi`v5JYMU>vXU>$ z{=Rzfvtu+Yo-08SDeHM3KDjuYmPy3SkWc?uEui)hnV$dk0V~a#sttw*dFnMiSdpK* zrsAzf(m$19xnvcV#+a7xe9cfUuoBu&6w|DVa_VN(uDa=VT4p}l^Go?lGS7s|zUu7- z8&IC}wo?&9j6{f`1Bq{ME0gH}3$|=hwSC!{HCYIN? zPT6o=j_E2mR4Rl4Xs%Lv3ljWcY8BYtV#ZTQcNs@L+zm2aG<5RB8;+2zsCjd{TVP5k z#$hR_wojI}xR?`tnCq+H48M?|8DxTNR<^n)X^|%ctk9g?l`h4UwpO(ayiMf(^-*H! z_%+==MCoU*KhWbrTOauJY8(RKo{k5U8}w63;+LcM=35(b)xX&~is$U;YP7ybS7l)H zP*6p4D;2Mvw+l4%43<_!r+J^qqTyuEZtk#$#bmVnY@Eq|S@YUfwr*dS z|Kr}QX50Wrl1is{LR?Mq59l)-6qxsJ&*KYt4!ljQVQ|UCnA`W`Y9FR_8k<_)J;S_42zmp37o^(g z1aIc7VUl9IqaGzTJ&H;pY{)4{n7 zjp9jhzZ>{(VU5W`M?EoAykC8;eKN9;4r@7xviAEAfP+*$Wpq1{KQM(!=yPnH6Bd(I zdail&fiBZbD=#8+@TlRQNiPlQbo$p8{3p1$_RFG)1Q z7PZJKa}}@tZ8?v0j0v=;SVe>(aIePvv9Jm_^k$=p?G+iSe?s@}Juq3T$MF1mz>!>) zc4X-N%`l>}g7k(8M|Tg4fGO_Nd%oxqze4i|=U5-zFFJ>xg}+Ux^HY z?y^(Z$Ju*D2NW9I?eVASH+#lxWhiGfmUo9C>=u!?k6fc$=~85+@4IWhyn#y+yl-Tf zM0KLLz0Z9ppn%4P+mA8gTW@uw8Ihs)fcEqKVLr=34Yh`n(=47P{QYU_u4@pdfEQXXqHtf#z_15>O-}q{?qy3Q> z*3LS^Ac9p3$X1bix%0*Y;8`aK8kLYRpH!b5`IBlbuHVhr zHt-Ae`n@1>wqzVQ;qmx3{R*n*cV2MLTCU>Viic}LSf{M5ZD^bG8+R^0PsgKE^umm? z6?MiF3wY5e<1H%6!8@Hmr%F}C;rvU7huWI-n~!vI%ric#ktz3SCH{ncT&m4hB@w+K zMW&O`{mG;1CH;DAAv@NCW9eE2+$*0h(7VetEc;V9&~I%(H7sD56&ibGSu|Gn zPRc~k-GfP`)*6{B?|9G|OsOtQ_|Bxz4muA~oN!M)|Ie9ZCd7`El3n;*M?9N;qgFJG zaEXS%pq}W%Bk34Fy2U$-Pi?!&i2HAHs!1KULH7bIyaUIzhlv(kvMtV6WUusm#?N;? z4|adj=McY4yD73eI$my1FR~iaMRlQLE^uLXfBuC%wKR2I@|PsV1;JW@9VX`%&JvY5 z{Fk{cfxI3<&hz*No`p-9M^14q0?MBrXS|@ETG;FnjXn%&Lsk0%_X@b+LBMlvl03|? z)a~mGcUSd$JfAt)iN^P+a|xU~meH1>W!gTwOC>Nbq|szO9Ha#e=D(-Dn#vTi9bHT* zSxzr0sh6Rx;BhGa61JmHPD$_L6qazZ$X{Ye)@R$|)v99TcUNc^(?B@lfjkTO)~&;) z2ko{}5_row;6knyGvwAfpLMU2NXB(rs19oK$GU$tkIX1I+6W$Y z^_751;}T80wS3iYBGjC=b*D$`QBgZQxQC|0W)axHI$LR?27FkhM{#y7w$>{z5Lv4! z``}tru_d3=8iW(I*JeyO>Pnv z&(f!y#JC?xvdOW*pFWi}45$$>@1Q$hM~|$FX2d(ccj-t9s<-h);Jf}(ahk?)&*RfH zNmb#-$YQy@3rG52HQy>>o4~_gM9VQ3*}E-tAJYP7H-MH!?>Aq`93Myfsh+NpCtd2K zcg|MMTc!$l|B|imofOS3s5Kd zv>~56xbk%SAF1VWG6)pQ8xoe@{~T)wk<9+gG(csA%`Zy-d#5B#6=v*hZDAwdS=!KG z8H|4f7D<{S^qn7}|3{k)iVaf`B6m_ zkC2FYxbh5?-e3-@em8?g2f>6`=A#g_wVVrijkJNhVL_R#f+$Qr=vRwz`+JSyqNOtx zLc60J?E+8nQB_2%5&ENkp;%ygxJaq3fb54NMiX#aFC}Cons6whg5?9|8nJilzL`rI zqgo_Pf>c^WtPwBC8&QOBY!(xZtYf}@q^b@|&wn(os8;k@TKVb3w2v@C$RE1xKa(!d zeu7+0ngT?@yJwS!K!gtTkhct~5wzLR3CcU2E=pgF+w<5NDM_^ihpl|V^GFqW4h=vD z*|KOecm$NF7`-CH@7ER#>p60m0h#?v!$V$+NY>Mi?7GvwN(j! zv|r-1qEMJj2H${9Z6}bJO>JO#$a?a3v|ihupmfXa=Z!B+?cj7g_7c^g?M65_gw7LW zwnk;3N5SVcXiM%0?Rje4Ip>wukvb4;;#(?^KUxK0qX=qGzDEfEHgSVG=7e9>(4fWw zqIv80?B*Zf2uDRH%fej{u70_S7HJ=f6#hWl?Fw=}YD`{FlY=;Qt0EZU53lnV63*3v z+F%LnqTa<7NfU?y^=#-pcjqJrfbb&&Xe4QzsyL@|bg~~`ZZ)npqyVR&_cgVU>r<0E zJQKmC;1rC4Vj_N_*2ap;*~ei^^H28+7bzNcJaUnnKA7+b7LCe8#H_Pi{ZTZv0c6kN z(D1?Ha7iZe03a(WacmAmyQ$vb8Ml80@?STS_A~5?wfR>3+X<3cqe}NF=R#-(@C_KY ztgz;SUg)3ySqydABhY3h>Dj$^;B3RLE3+3;X!a~;c(X3Df}G3vPv6oeO659NhZW#s z98nrzAZ-VgS@iXPVNoqkKiTTOJ(y?Cvp>!ly>^&>_Gco4mr7_5M76F)_rMuS&?_&_ z5KCa{l4{yV%V#@ii=Q1Q%G(Fo#|GW9wvR)e)C#jU%O|XLECq6t49Bkpva*Q8+JA4h zCc1BRDwh~NTp6#a!1)w_^T+OJqQ&2ekfJyd1 zC`hp!t+)I-#Jqd48`;?5h7A$bfCzUHG+?ND6fWsmkFeJ=f~GRCJ?+;Fg{6BgYTeuF zu8p>r&wAy4S5V_Eo+@2GT}uRP1N))X30%vw&p;l(#&4h1&4zT(LV9KV?FG<0w+n_q z$|NBfmr+Yjt&%+|TNEv~`@xF^&6b*7$XQh_px?9j(L3i= zGzJ~NG{*tZy9byd+Fb>^ZMX2r&XWZXWT{8GAwWz2sbxAzxfphF1(-^TyqJ?5+8{fx zs6)zcv7c;_iHycJ4bNBFiuWBT!bB#x2hx#LYvOVKzER~+K}r*k)jCJ3?|Vh~K<7_O zkD?B$5~MYOB|V>xA2xwzJh_vmmfe?o>+7<9SLwe&InY<)0tml$>nhWZUH4 zu&>qrKi=Lls>-bk8zyxV%BDfO1O-7t>26UF13?KXL6NSFlpq4qp@gJ@U?43W(jZ6( zf`mv(NQWS$?_8d9JkNOE=g0f~`Nm+J;n-*A9c#^b%_~edG|4}d70g0w;&M-Jdfl2e zs|{_u?6o8`BoE^G<_ZSw>FQ@;M10bz8r)!}>Vpd6ZZIl6;+`lv`+$n)!wLV=L*uHs zSG#du2RzL7sPMKqMlLgorFMpw=7Nf4d_~2f2DRsza`--snLvk3w8Nx2+Q~dM8P8qT z$oRGD9j5apSfF7`fBr#97}|D%6{^rOy-gca`w`rsf1SFvEYNUbCeff+TTDMr*S0vQ z^F#TKk97y;fA5Qzjz(=uh@5zBG28j>man}b)P|vSBwv%4+B`n5SN*y)on8VTPeVf> zNoV0f;vZCh#^EcE<7+LVm`8W*g3k8KW}tM#Ms@aQM2y?F{$rxVXH7Iw(_WbF*S-0t z3JO;6K|8q6+SR;&%9*>Ey>klwXM@nl{tV@cJW=Yb+RVp0RMjjmfu+rU3Ii2Uv(E*7 z*h7CFeaq6nclH8j_)f;>wv<-amv-o^z{_(SV9}|@WHRHkf=p|uIN*UuBg1#A@7Adg z?`0i;@6Rpk$1Klqdam^RA>;|?Km#x<5Uu|z+1Nc`Pv=>#(QW_x0kq>mL8(-j@g@wvZfGHS}Fi zt<8WSAnD<7V|5_m7%ZjRh4#f4-~~V6$Tf9oYatanpqiIC1zX=NYe0JthAskC0-pVfUHOz;?N+0(Aa36)=7v%$PR5ya-v?qufKa2WR zxXi`yvkV|J2mq4ZM*J6$FQd=?&f+6>Wes2riQK~};Zo?SEIQau-Fi5mJjgN9CI}EMdbl1puh)Hn_?xnZ80}7^o=tlw}|PzAMUA z*<1X>I&;CZrUYoRNn$r+-oWKjIz;C#>yn9iQGH6K4>AEojmU+rJN#s_uQEl`C@`36 z_rR=naEuC8Z(O)?u!~ShA4O!_K3p$HiYLRWVS z4mnxrI#8M1&4ByN0fO%ALD*{MtJGz5k4!%J0IJp`RL#7%ayjBrxrvCIV9I1#F^A0Z z)?0NCrp$rsvAH_4V}Oy{pk;|g8`aUuO{`fXGCD=lV%SvPgI|(4n4UWJI#06Mwjc%( zvU}Z!dRh;r@(v$ms@CB8iDw|A?m0-Q!HiF20G>`M13SR`5;KN@m2V)e-Itor9#v?^ z1-@AgQcxg!zAW7Y9~5ZWUu30&l$?kKpE4|J)!A`A9!HAZg}TkM2+SLYpAItbstd5yl~LagAQp!`T& zQEXUF&_MltG9!(cXo+%X%m+}D48Z`v3aJr>mk{#rfonq)v=x zB_b7+GFc#qU=yag6O(%i0KeQ_4WM?-3>=_5zBvm9hnFbB|%_5=jaJ3QS#_OiS)c~8M-Nl(>QOlFg6d>X)YNBATy>Il=PM+CqFtYi>lE>9 zBpwyAlefy0hNW}G=n_gmhUr5uNeU9KBOZ4p4C_8)2J@1>vu~nsKA7P9rMP_1RAabz z(pn}Et8#sfG(`B@Z$P)taf?o`3gaoP=e@It@;gMTZs8T8m*HUY!lFWR!2%P#vYWBI*4Lq4GaG1z$ zpW&wUpYqvxKyTvJb0}=(Qt#FZj^)4^@+^kpp2+J{xiNR@-X3}qNS}&teljf4gI^2? zBML+lT-YnEF*B}|F_WEb>En`5Gt4tlw19Z~7oSdgx%H>9QxWPhtC~wQ1&qPc^=ZL* z8eF%xfx>Xa!)mnEh)d>-EI8G>rtplD+Bt8{t8}1b*QHHY8C)=T+@#;@=;`&KD&wW5#^}W z*2k=}cgniC%hN^@5q+a_8yaU698 zL1#uMAx8I67|VHgM&On6smkvbpO3sp)E~bE%GN82aVbY*Oq$IFTXlY4c7K(L z3X0rO8~z=?v@H|^@@)V0y~M{fy2d~2M%U**e^aQg88LtH_)mGN!Y&ASm!oN~5*+$% z)w|NX9!@m^T=-=cu2wgjdBl)!IJmV$@wBI&mxfmrs-}Yz`?N15*EKSlr%Dcfk+4s) ze@8|6sNBU+RUi|N;r9VEz*%Q7KKpjp6TE||r5O6Z3p0fpIfm2U9bPoShqWo(O;c6A zyMit;5wT+?!{;kpZf@nMrj|Yr(w&*l?S7}qZil{GMz23S{qMghX+ZEgSR!7+7yGN` zh70#7@T+TXS>HY(*OoFm-WVSf{KMu!XKbKm|a;S(#UR-|j=P1EH zBnZITE>cs8wJ;(0(m$UA9|(S+k<}Xijc~U9-wZi8VsUx5{)39107d5i13^xqqQ$sT z;PvmH8%0D!Iv*K2uih9tHg=I(glBK2TosQgEs3z{M!oG`D7~r*HZSG6D^{cgXngs<6u|RbJ%=VqC!MU zjLK}fmnSWYQ_dvN9Y%GwKb(P_u>~#LKd!3^AqXArVadJ${nuXy8|b@K7Q|L2x3vD8 z%nJ_{M!Gl{RqB{s-x7a9`(;fyUbn(bM!(0a)?7ScdMWVV-m3lMyrV3 z&cdT>i|vW?wk@5&gTEkXgn4=0D!nQlAjeWK)D}m&VSjYv?uLd$6ke2~tkrMduO3ilh zh5Yt|LWMhzw64xksV>C6uvtvreDpcA1y2UNP~Cu*c94Dmkng|x9zPm(p!2T}2Z{^u zwXXaGW1OC@h~0fyjPpVBc=}jl!WT>cD!BJy--34MocJ#g59Na~TRoI6mK~lj|4+f8 zNSe=ZRm~!g8gS|meaQ|~`N!rCfH{`0nRE?a|JY7nil5#0h6>m(cOChYOBWWR_)tXn z_odInkg3iro5a_U+5?2;-``8ajzIDqhcsedfu|p0UImp>>F7es(C}qjL4tzvL$#+n zVu>uo>c}~+QyK}V7XkC>9UNl{P@o8FrC5-eL# zWRzMt7^63|wkeg3TP6Wra`96^!~R(eXT*+B<$?(B2-XG~r4m%jd8Dt1n1ZyxwZ0`U zt$PlPeZtb1$7j?EuSJ^3{pjp1XqzGZU0{0`C!qp6Jc@hx-t(8hp?!0E@B=d1uLKnZ zf|(u7qCGIp)~5kgZW-vBcelPwpE|Xhd|q(SQ~q_y(r#Q)@q|TmA{ix29tM_*e*W2I zG7tMP2MI(e*MxC+=-FTcEWtU(%e{FOj)|4hhPi_$ygeSM}lb!%rbQy=kPsaP?~pMXYK zACw6r+&(6Gz(O4#+{HWam)aBUq{)CVuG6&LS6qb;~B%Q;)IM}jG1 zMk`(BCVZ?q?N8U=o%#jM-6x>RTLcHDU(PfB{8b+L*9v+i4jLuGmE&XMGVU)f$mt*KE$GV5D>@QN=X0OpLrQJEcr<(N{y z__iaLyzRefmR>(ybKV`+#u5Gt8sV(6L$aI}&}HXlA=Sg`nZqosC+eRlt}jllvPJ7X zxg;!|YpKc~ALp~Bdyus;hc$!JAin0$0zW11w{c}dV%QnNJ}ad$2Fw%&-MBqM*4KdB zNJn-7S#9|S_0UMQXDRh9?$@ywn<%E&J_V+yllDJK>B6WuHKUd|Soqty1Cy)t!8x!T ze37jUx8?03=LoeTQ#^tUwaZkz?H&gglRgW%`tiJyZ>BDr=>?w|m@xlSGDrdL=oHH| z9lm$6CRYBdthCQ4sGDc1tVdYpV!y9GM=1+P9X$vwy*=vDso8=H5DR$}vV3dHUd2}w zQ89L`udjAC3!3%*_97dN z2I~xV1PF*j-U3N3%&@!OZfg3*W@~bNr`oU(!3zy`JBqr}yy^Advr%*jg37A3D9ZBN6Wvg#9AcvHD#dwjhA73g;apyxL(_GS z)(NX@9y9>`driCowc}S(wab9#{Zr+wQb)0erlrK81e${cd!%aGsh1Nd&UJpjT(}Q) zwBW#%Oj3AH;jLN*9(LpyKbdi{WBl`-*44) z?;HpOy;oi#p#QHM8~!^LrLevB)x4jb;{Vc6AdSF(mz)1%=+E6s)qds8zwfDV7Rs;x zHS_}iS>ZXq4f3{3~C2<**gilEzZQ)~ zmLk9Lo~QR){uk=|p!xLm$zX+3A(jO zn%mWnLD+%~M}?`{@SSr=d?rZ%;Hz_L!9yFI;Aw^~c4h?f5C_4V)(yrFQBm^IAi0IX z^ZJK9ZpTfpN+5Wc^e~(k|01E^y0E`a&9O6ZUR2$aAD{T=8a(fSPI0pL3#8osyE4%w zkn}k`2nztxSoMPt1sOEdGr)Y=5~;9Kz_|-#PcK$BRD3>xqd_%PnoD{sAg<&8{1ORA zpy|v)qwr1`#ks6+PLq9Sg9$xA#YNQy0vwj~C$3s>sYirebw~8p617fyFavO18W}tj zC%|YNQQ41X?5MpzWj{Ld-fB05<`|VA^|s%g7a6eo+4avF%rC|_CB0VLrt0_p;-puk zL~;#8b;!aWzB7G!*}tnY5oSt1Dx5*MKGkRE=GNJC7-0tpO~~*D%|Ur*mP#Vh$T8mt zJa=mVVMy%1!G1I%qoSfsGzi|<6GUnv7<6xx+r9+!5Tx3iRj<9Q!3$z_2)H%pF;bWf3mj@?RoPor^A}WC_A%EvEL0nlZ$}R$7B;8u z-+AV0eZK$bi4hCJS`$m5RD&83NFUBkpT->eH35>b(`H*(JMrjRoVnCoo*BF^o5%Q*e)k;7@GoFW?D$ zLiQ9gS5`bg4)PkTB0AgW*z&i5m-*W-5rssJtfz9$dxKr(0xFOJnJ+gmc|Urcm+gGp zj(hH{O1Gqx??YZplIGR>uP)NgaCn1ZC3h<)$2aJue&51y$oYc8&JRFseFIq^g1+!0 zRQz<$rS{bu>yRHvzz4yKSx)-SOd{h{Fz*{eAQ-ZtM_xC%BU(b$7APVc;mTm6&cOte z+w~!41U({rZt3$Ae&3@AZ_gzAI)3a3klBSlGa;hIx|;PmJfj4P;Z86`Uc7Np-n0a| zlCovU3@9WMEPIP-D12=^n=d5y|ob38Qxy8tg5Wr`OY$A@ad`H zkuBueETIj%IkUl|e=o$nbL{Fs38NerslO-dxmgU(qm1%4R5t_4P@3k9rYFdcUIT4l z6Hx6>P_U2mW?6M6-#n|H!@+>M5JYikx2#WEN4qytePky)g&+}VW3O*vEA5gIpFs4~g-87RP%^bmwGCx!BxEz`D zXj5ZBR8jd9mx^^A#ggJW^MNl@A*Ca|C}v(g<%s0TS4-^{L$f`39aETv>f@@olr$`6 zX7sAi0IGAn|B3QJB=Bm_J|gE;mSiOTaMuOu`eC>P?1IZtef!uwF2zlajCaTF$JRn$ z?BJ#k80XJ9wPLGo$BV1vlmbIV!gLsnP{rrKN~Hiq;*!E>STT$^x=ug!r(rg*6?*>* zW#ocAgX&P}`stz2FRu%=D)oxA4{hN(_!@p*m;ASia6z0Oq)1z#LGfstAeRYJ4h}BX zP}D2AZ7}nwj=Cu&$}pX45mpav@nZ?0%@nh1$`uS|ccppmjb^!!{oKEQlG~PRBUqzq zv1E9p!rNeJkDLA*l7x^f@6l*>W7?vV?yqoJd|Q9zZ~24SUV8Nt@rltp&nKbp#>@m0 z&u^ryo}OrHL?gMH1}aA_20G!{rjw?_;-k0*jU9V%WTGytVI3tArcMF*1epCKIO_u;VJ{}rFBxdCI1zX`dII|@blcGXNEdh5~G_xCoh=Po~YXn zf0bzvdBamCwQlZqUM)Vmgi+d`(q$7HtQEDIQ4*Yhz-*7;m8BKV#@73f&zpAhMUJsg zsXdRexFay6DqCi#Eyty#&o+LpQUCnPc_9y5u!VBqye~~rK8%f|Y+f&0385_E8VFAo zs4rMOqJ&X?7$ZJiDnGj8WFx6m1|cWuWF$I?B29}FYYi*RoUJ%R)y!3iLsgz5mzi$9 zIZjh5!XwIhVTDIU0Ji(TZi!%R_Q{W;cgkHZwzW+>^#V{PD=A`S?66!~XwzB21)M2P z?7&ye5#G9FGU=}JwWl4P(R(6wAtdxS=tRil*3-O=`!D0-Nd5VdcgnN-_B? zZeWO4J|gV&x@LNEubsMLUQ#MCAQ$0!WAcy2|oa)vtyJ!#kQw3)b-RLH%b zk|?uFz8Xi~WgB`s@1K=Wp%4qS?`m%`}?1M`K=m&+GYE z?_T*fdvpn`VBCc}%pb$!!>+i6G4ZS%S;K@`yI(snKXw3LCY;J#@i;Ubf0a;kB#pF% zXHD+c(4Hp1NowvvUiO{1q==UAC?WT%cYogn3Pd8jQP~{r9Z63l(aWM_p=w?l&y2F% zjG%u+<#&k#YTK6!$KL!QRHVNJ%#c67Qjh81cJ4SJsTVADULfR<5+kBDq(S!iFi-(k`{rXjigaT@N_R=}>ZgyHdv4E( zlzjO`&}vNBhklo)rh>b{(XV#88Sn!NIp6B!bDYJg{uI2e*Zyor#%C$aWP6Nu&uHk< z7r{4(o3b%4<*}XVga0q=3k{5h0!Mq;Sp=m2)AOu7M19Ld|G$Stg`EqE(*K8N`AyVm z0>g{K=i?tB5AF*;W~$#Tkt6@3=Kp^u`ux@}{r%%&vn@_V=vyauUc9nE?s`Em6*sYf(nna{0@#`PLT~h+k8Qs|HzARO$ z>%K)_27iG*CYWfVlLHyfp}fnvgiAU4J-=BUAgijFOY}B?jS^MW$R=BQqgz>&Kki{K z5N&?YE8 z2cbS)R4W>M9Wi;g`y%wQg_XhYXw3+w!f1t3t8+u620-4kw8JeUkT{rY1YRw`9(yPi<&WXv;;0y4k8$hdNKV5)D@H-6ivej;i)Df`qK;hFjg9_i=gxrl3!6-ht95ScU0u>}eQ@7+Vh5J_g0~KJrgNxzMlU zCZ|z67ow6+ixmU${23QfB))mm-#1tTH+5Luu zpx_E%xxNN?%T6}f?~1=CPd&Z&nbzBNL9?_dU}sqOYOyMBb2-{Cl?6*67x^fx1Hs4)7PZR^(Yo)lb*0Q(jcL3(J1uwo_(FUy;mTQF;4}kL31!3&T zDHF$w=!vjKh@R|;rU?+lGa#vp=oCw;C(5sEfZ{|{@KW#!;uvAWKS91IB5|nA2vPej zPzAeQ`3mqH^e4teP*w~)U?!s8ry^|D_)QWn-9^j@NXF_zJgj69*)*^O~OlBIFCEQ3EO|V4T@eWnjFt;cK?ELgAv+dIq_>E)VAj$n4jtSefKGWqs z-kOukR0~agigm|ES7aaA!9Ib44xOX%0>8lZHP41^pePbiXUNX6Kgq z)H_V{;XI^SnxuOzkkJeY^<}!;PbBJXL3r<)!kckXMn0hJ4wUTuo zlqCd{u5qbu;L_C1;xRnpIFJX%iUTB8m#uL3o_bv`K5M1KHwow6F;!IRW|mIU>G$Dx zmn-H42NZ>XZx&9(tDQVsr4c4WsdX~lIj9A~fWuboq1iU_Mk5xoQ#YDL&cuqGy#>8& zk{U15&4nQ7zdnQqGJ1oQd)%#!C%!D&S|HA_u?+9ovuEYrYzAPz2wAO_u4AshEn-qu zNO$SR8E!6E$=nJE#aL0loCPyYPs@*^t#>x6uTzZ~PU=s~{#d)#K87`Qg%+_w6CPg! zkn1qc$A%Ggo9*Uc?zfOWIXV~mJCYX~u?0wDa7yL+z{T*k@N+D$j@$k>s7{bIsmt(J zkEkCJt(mgPT>^+@EiJ_1ALtz69Oq0%;Q>DgX}AR~v??i0Rq(FYOR5`fm~TK6&rl1u z;`mF-(hYAFcK_Xedy}$sxnKq0#c@$Evh+h@+vm{eso9y9y zD(g9fV${GF(@iPJJ4ie-TGanuw4mz;MM}H&mz_DA(k$=b6it+be(y>AiR_B%*C9tu zWT@dz0SeH205R>A?_F_e5Ee}x)R95%zW`}(PKKkn$wSIz(E~BGY;oaYn}<@43)KfZ z+yZZhcCJu?b~&?JkcG_dnb4LIh;zf@ zw}rMvqCHLrTv^TRG2W!My(^SlkTWztkiAuZ4v&Jd{CYsWWZcTw)>HE8k2WTd-L%|*5p=Fx0@*9&r@Tz>Jk z?2;*qOyYLQMleg#7K^bLm!DE>U?|`c`*dUNCGx4_UNb8`R5$0Wt6{9#c)dWsLdnk; zBQkWCGOJFxt;RGBCO!g&G175r5zKQ=H&8}&mNVs3LMzYw4t?0i`VUih^p=g8;(lP0 zd&r-J{IIw-m<89Xv}xe1ii5MFxx5qQSUn*dktmmi(-{f7{Dorip`BB&uT#FgMz#30 zluA+U4AE1PRX_D$GWnKM1P#}Ks6DdU3Qf{{XADip>dLjN71xKG#5hTDW3vOZ>R4lP z|2gTKT#GHr&5|L)44JiDLGNe0Aw%(|;DSc((S7D&{}%Ge5gzr!l;6rvV*HcD15WH; zv5?;1ORi~%z9P0R;J@7S?&f0*4G}V1!;s0aGNjOHzCapICR0b@?1nn;CDoXNYF4y2 z3*J$UD#@5WRCQ1pl^9!Q&m=cJYk#(-U4>VJmxYGAID7znYZ;2PO-zd2N4A57!=g_; z!DI7J@7-`e0JV^!AOj5PNM?#pie#?`y%3kWYG3f~QjxZiZ*(J^F>R0kq}UabzU}I_t{|l`y;=gsVS1l)x-O3g&||L!n!t-i;cA>&nHP zefj!}-&-_rsypY|NgM>7J6Bk}w!@#vD`|{?MBI*w;NE2TdA8Jb4Q15f%L@CX#-~~d-fjP2SLVb$n&FfxU zX_A}!UY$1&T{ZLmab-uVJ_*-roskyQ5>?0DwP_X=um~8^ z__mjoL!&~cP(yK*NdKIPkMFJzN8V8S_h1EMM4L2!sFoWmF2y&p8GsR%B6TWeXfsXL zpSr42StRtT(B(i~597RwMf5$z?11rG>OXMnz5DK?lF_TJj&)mVtucoMrCoO{pH^GV z92*Z%rIf{a{#;M{B_TKJ*}6&Tzv6$-bxd+Cj+V{j=qqCSRt<2K_a#@ z(GBNF9nQ0x8efZdo;PECfnodZ$V6uol@LRQxsniKzqM0vd)4uMVWPhxG*Q%RT$?;f zCW!xqjYyWaj_eet|IfENlY8S5)B0<@GAt_8saywQ6}zzOt7n8Y*6vAsYr+cE-C1#S z-g7nF{paSXCjDf}Ro&!6C#SdJXr6z6mro*muH15k_a#;g7u(Q$dYgWITL6i$ z)2;378QkfjBkyuFJB)MPSt%JiH_2^o!En>_Vw?kSR~08{T{Nh8e}(GW2yn$ez_Pe+ zb99t>zT=H(xn`B)y0h(qb4d+TpnMo0y@GX&evA8gm@~G7lJk1wqOJXpeDVqUNFE^> zgRoBqCYkQ(rhJLvN*nBbWrJTR<~!w6ZVHT@zV=X3O390}x3DWuIetWptqC0nBL69oH5=K=F^S^}3&PZ0 z?7$<@5%Mq@!3OX?Sjq6!O~ofSzE-70PTDH}EV6-VVW3I6mr@D+k}>LqQN3d7HS#=i^*Hbulnxs zKE6a4voRqya4ArI4ana@EOD+m7c6Gybb2Rz-mfn)@L>_Z3v^d+~#@|g(A$ zE6LnQ_@Y)z4xgnYjJfTko#56;ss6((v4*R&9Oq#Aw)M&QQx)srP`<8^`dtNvSVKiS z!E}KZTGmMY#rG~vk9E^AKb%7*JAJ1=Gi^tW$j&vaXHq&;Q4LKVHX%CF!r#LBG)#II zM;w0gs5c>J-HdhgRD>0M!Pp@RX;+6{yk?Jp>l0qnrX3qvbtT(hv97@s@?B|Hd_4K+ z_ZCVYB};T>Ahzk}OK(q~+Pik1qgf(;&P3viL7=pJo6$2tnYEGg0pd~4B!c8`{pVMe zg1;9T8As_Jr3_S0mN_ktnKE!3<(eD*TAH#fmz)$_@?4v;RfoW1ZF0ipPT0xv?%k96 zH<+r$EeG;UmSv>4GdSHgn`cknBvTTwmV6|F@;x1*}$Tn{&za6TaV@c@{Y&VpW;;pbtQvSp1k@a`#17DSzn#d{m zQXICrZC7yp*h&4W#qbijb6O_|WGX`^ANrB{`%gaTk|SprIZ~y9^O4NvW6B$6X&4Up zK?3C2$s2e>ZzZe51GmT>19&A;OM2|PkJd*=&+xNaULc(PveHcae&(@mprvVI;<(YI z_656|wwH!C+O6EBbO{cms2szX?#vU-$P2L)zi`$seX*7z#lk{E3ZEV}npb&@2-G>JV5(!xr=`DDSqJq;ClhI$yN>tv zIvxiNjYV`lw`A$quWL<*2!hEXwk*VC2BsRetz?cCh6m^}mQfowVIve31NqDy0<9;P zV1`K}MvzDmPC68q^>(v+Re0k26Y8Z=vp)S#VM!F2Q_*Q^HDuy`D+%}y3hLdsRlXS4 z2jU*CtT^~>3bFNv)Le4X<_SCVj$k1^vQq@dwz7LJMdOW1COp#`cn9>|0v?)}dM86w<@`UMR z&IMM|lXSLM@p%Cu!~aq@Btr>usxk)WUed_>94?wm30vtuY|p*veg*`Ft$^c$zQ%^T z-8@Rk-a^7z8JX!+Q9(KBO9r;_7#arx!*p-6%6ffbcPp+A%*9E{M-2RBAX=uo^HT9S z*YG;dy65lV!*9s7m7bt2Uh}aK1Cr_d1H!h-!{m6o#n|SLiUy0X4yvt#pxXLpWIZJc zn3mTl{#9`Q{O2*yf)mR#asL5x;SF153HCZ~3&aKq&~d!~7di7IqV6^qq9WJ-_#g9X z0fM!tCeF-%CG(t7*Wrth9LV|h2fS8cr-RSc4-os0Ob@EFfM(U*z5E~Fq>(dfserzK z)aEaJG#NgOv>GbHiu33)v_TvM4nM#T82xiDy||#4qc6O5+@R3n zu+2w=Jz+nU*d{HGl=oHxW5^7sNhL6iB-QpO;j>7*{`Mt=d$7Bcus7=E8QTIm`VHVK z$c6B=wXUmWxt75j+8YGPI>}d(O_HsW?UUUL8v&vE+YXUEo+L-VpdM6(w$OLH|N8iH z3XIsf@jFF3#XF@9%t)prg2K|Sp$xWD;MECqw0sAfEB`T!7RMvqaz#IXb%S58&Y zO^lUYMZ8BaHO1(3EfBUxKu8i$|INS)U-3p$jMEM>OGL>CDIosU9ISbw95e)Tr3PCq zEv+Jedj`0pvDSEaJQbQMikHBMcR7paTY_I3XqOitrR{K@bpOE!LMit0IrHduyW3FG z7f&=54Y*R?*@iCpH4OLcGSdufAoR`>Xe>cwANyWi5i&}nJ+`;P+PK3=6Jd$)E6aY? zbM$^yoF{>L27_&*GPa14(Z3O?r|&-$8*)cg8=nZJjreL#%jk7fk$m2lauT5J9yNCfeCrXeiQ| zEaOo)+-yN>0eD*tb%o)IL(ne(%CyrthVsBxCxAs1QwTr95^FJ~;ZTJFv~xvw0Q6dn zpx#9J7`K^~q2^#&w3l64z^aXwp5 z-Tj&d;xT0lj!tm3)kX69dGUnE*@-Maq{Kyoi!G%p)4re|Qph0>rps>-jC#&0>JH?C z7yvdh;=T{aF^|F*Y2Tk-^oPc9ogHQ=_K7F5=RDQf)maNcHCUl-{q`=t8zkxl3g!1a ze%rJRF#(|L$}#{nYXRENQZ&*665@z)u`Jr|>Nx*e(gWxQJ*0mF4Z#6$A$mnaz!2lo! z7Kq%yj!gjx6>g;?H#CoeNk5aEn#60nH&m~|!*#a8eX--#uEYVhc7(k6r z^1yt}9R-!2KJYWRUb%f46x^(Xe0o#R;1@ugUF$htu#8wR`Lz>Yi9JX^H8Fpm+tqD( z^z-5_iphZ%+RA{1zwXY4L z4cn`cXDIJ91NX^pi*mxl5^sg5e9#^C*-@k7K-y{}m4D0RJN78IHc%aqINbgXIZX>c zPuH2;VV23>^Pm%aPC>#ImBD&1BIx{enB^lnub==;$CtI&M-NUmGugYOiUnXfr;!Wa zOXe$l!nd=WPhvZj#IVLH8XVVwCm_o!xS~I{k9E^2njmxEIfqm-UrGk|#!9*X4; zJ+FAzp-1)M*o$$qjvcViwgdj7^E^+k4}z-hts|&P(&_d=dZ(}|?#3hKHw{05{omq{ z=Ika=XdUY#WW?6=vBIJ^IvjZMQsk=`$|o;#XNDv+SndI*q&$km-(Oc#&$U9$VlDD} z9j&k$6XqC~oA1sXFE2s)kNm>|ulALPSLlEN`{{w+<{@KU?HdB3adtNz`XVH3m)fzj zq#jS0b-UF+r$m}RE+=MjiqjK-yh^eua9_HWt3J+4z9^^UrYC9F_iO%MW{MvV1x=Pu;Lw;p0B7d>~BpzZA4dB|5<~~2wPz)# zO9f8Vu43*e{f+c+oE?L#!>W21WwQiO$dlCrdPv11SM_@S9xUUo0+a#8K_wIC%&U98HD04_$EM^fivfyLs(q=)jR-p` zS#s*t{yJdtQo`y9fx6UBqiyTW3c~tN3nHso=c2MlkIC4T9!(yzHn4Tq6EF>JN9KU_yIl`rls`~U;}77aRg4&aAL^P@ z=D!oqPb6_8quT2$M&ttp_S^4l`0LFV-RmI8D%;w~Q7MxMHi6neHREu&tUt51Y zb;2Ffc%l_kFn)i6Q}tleecFuP$$C05wNPBK!=!W1E!YJdN_Nk-(26z2imSaev=&yu zmt=8?Nn}i=O#9Ti!|-t;T9KhZK<&c`I62z>f!P81s#BZT)V1d4!%SZ(8I5zc=Uh6C zRj`{IYO=VcG8|4^cpbD4gaWUmjQkjW$*41!rDkkt)Cs@ZZ%_^Ip&k*Ic^YtCcqq`a zIY#B1Mg!TLvqM6VdWeNheGLMh=(}!J7MZoFVxLTvCXo)RGw1b$d4JuaZ#hVB-6+xa z1*eZq!T46$878mN+~F!-2;Xd$((^K?o=L_dNRzK)0vxYf&=-Tozvl~Cs)S?ShQN;?lQAtSi==_57ApFh4e_N znoukoE36EL%F0=_U#)y z-uUXvvkKT7&SDc1tdd#ce70NNN2Y?6%MK75=naQop$u*QU@xTOq^@s@Gc#wD!CafD z<4%4b`=Tw0%Zf6Ro&IuFxpBY+lNCzVK}kKcH;U^;I&axp>Y}|?{Qa(ktoP|m;wEt8 zKfd=uHrhFy1O%ZCxkN6R{saN@R}~3kn-0%P2|54o4polH`yl9Ze1QjywhArJ>v!MX zr4=eYOBC|}uSND=ce-P8>;-C>yoBYh((4A^o!$hVBdneVfT#zgXuNBo9ybYKm|MY6 z5QVQ9@-Yfik#c5}W!yGqP$J7CEoaBgK>M}D!zyRz!Fx%w^J*p~l?pRu$g|H#jw)#x z7Lmbd78XU^R*f5e9(ymzvPh)ySSp{>*XvChOpaRFZ1yPzuZ5h9^>%~2iv{=TgW(P% z;3Bo`l+k*seztEf#pmISG>1YJeV9hIgn32jm{r#Hy@syHnG_4-HCc@hytTnm><8J5 z1(cj{9-QH}>`z#_NQA2RK=wkxu=u66w(|VCc2b*khG;e+ufPN1((taT6)H!11`Z>@ zU6i-nO>SJavhcj;y6fTd*f;XD?5q8IE7OdoQ@uT>8^r}yUx~U&9G_>E3kJ;B^DxV7=yLChDd2|n_5`(#KzRw!@pgYEGC_+3z zoy*YU>!T%oh4gXSx`xuymNPeOdo~s*SG);!n|=d5Pk!1NW(l)TB|nYiw4(NF{``hK zV77hb$2#c|)3XN>4RgHY_{Y8L(+!KOD4%8?POEwAsGiH+LS~HH3B5iHr;Xlkk6S@W zzU$L^C+34#74N6Ci*@V#442!w+~}uVXXYY9h4k~^-hZ}onmu5p><3oCSUHREtJynZ zCdFpI_{3EkBHRa!14o07$Mv*v;XM}@A%Fa_Fl?%PvS-GcxV`zBRepqiTE-%qgs{^@ zy?=Hj^&<<9n6&EIQKqO@yayQ>|Ju$9&4eWnQN#ev^0k$t_v`C9$l* z#t_5$LilR$c2WNcg0?evTZs-6`3}gX=BKkOKNQBQ7psnX#pet^e7P9IuJutiK4|f1 zZ3z8Dm<&JbGryK6`HU$vk%p^XPt1#3XQ}MN1(q=@Ua~3-TwCevWJgzLjBJXJQu65& z1sg{6LkMI^vDToLmKnA)OL8#k*XGhJ{trpmv1`4|Cl zDxMiR1>+1YA*=DPfl&{IE0>>n?hz7jD-dXq7~Rp$`IO&HL`*w;v3XNKXJED{(zWkd zd&r^62&tXqXXf^Nr-_1&`rmtdH(lf4++}vZZjasCaYMVq;^ib$tV%z;Z9Y#u^mf}e zD%@VS_w{7kH#%0O(fj?Xb>OoIJmuZK0v;=j0y{C$Mw-7F(VNBKEJ0dnIwFpPO~S5> zQDfpnA!-UrXMM%%(vK!o^x9VQliFU?!%2eGRxEJ31}0Va-GpvOfMsX0#BR?OkI&RKtEszpC*xi1u~8Ts}LFf zcSpkt4r=u%dYQZkuQ*7~a2*H;Po8CG)9bf`*mM}AIEz4T)k&C!y0Ap~uw>&9u>V)& z=sEEGJ}6!f6eSx$#ZABt=n|%1myRBH!801W zHv;F6lPCWgYat42+=xaFZkzC-!%zbnjqxqzHykbk^kSSPbmP^tlbDCL1P}mJ3RImg z!SbmXk>2w=??l!wf52jBlHS^p6k0s1LaJ8xB|{{0M1k6@(6;~bfc(%L7$5%}LVyQy z*n{6aDn_sX`82-}VwDOmFeo=W2W(8hgr5Hz#A1BDGynQ1#W27J_MmYnhTu@-w}*sR zKP3#aMmE0XK**~N+BuPzANXSk+H|KY7JhSPBf#=~B?1!e4G4HFMc#M6aytY~ z$1e{*vt=w%k`roDb8COz*@aDW5r&}okP3t{?#Jg{!EbK}6qRP) zmSs8qsk#+Fr5Z+V*H$NvL)Pd_vU7wH>`FBh5nb8&a$<5UEpQKR5V_gB6EQeNdvFze z{5-_BiRlf;h#zG!_TAirPe7v2s~~WxPWZrg#gXb8fQiG?(yGtO0V#S7*9GE74fnmc z=pFs7yYCnRBHS7diQ@{sH&W~T@EjL;lqY5GdIqsq@*05m6QA>KBnXdalac@#>d`AI zvSCeZ57qZ|!CSOYOmMq#*8`E|pgi8CPxlYpey3coO^8x)w*^S&ttQ&LSApzv!+E+x z_*~j?q5HO8&{E3X(AqwiaI#Lm@b;hxTfZX;YV~`5AP77k*IcE+aoJn$Oh%nm_m$@O zXLUA;U3^By#;MEp%Md;V2uLjb%aGwi*BpoFeBzv8@q0sbVS?l0BT*5Ns)P^A=@&n^ zKFC{GxLpbEYJ07#pze6nt1W%5bg%Vts&JFc^T`j-FLP-mO1*;k)nVk_i0q1MkvY(B z&<<{r&6!opj%JFl$JKgL;KFW9mJ=7YB>=${t{Af-Szdj9=hUw-j2kFjo z2|}U48&4*mkDw`c!L`S2NC5JSWNE%sEvWE^$SLBNAN3wj^wB&g8U=>dV(%&;+%!xG z#k&Cx8K*qjxbq2OB|f~Xzg}^EfG0{!fh-3oK6OuSlDYr^ar9nZDDijEak+C!XHq4; z8$FJ=#OinR&ZXWMsxwqxM{vjcluVhZ&VGyM?&KzjH7K+KjguKTl{g46eRqHSGpy9Y z+q%qlwabYdACsA?@Qx@^&E z%L5l6_jE;dDwC|WZYRg4Q~)R2JU`R4_t*ORemS;7{sXqHg>|B(s&#GoA2FpeC%^NA z(1wbW&^#!8d;HRKEOWCD{j)R@Dw|W;0Z9S*vp=G*!D~;JT)4pmour2mze5K(}k#Nqhnip?B-ef}gYH2UM0P&=v z%WfhHnL96ajU&wlpPdeVMEveRA0@ANyBS7hQR&d{1%PN2i^Fw#%#WKd`SR){(9s^V(>uzMJ$K1t<&yY`vr)ud+p*n|7G2Lx zdI<=c(vJzKJYjnr5?(q{eB!5M1Z+3fn1>1Mp3FeC2jv1g&|Nr_=W>aDJ*Br%it)fhDduo+XeE*V3)aHGp8Rz7qc^{Hj;a z7zK$>#V)vJe{S3w!qnG7C z_Fd?z822idVrI=8Y!Jl&0B?&uE_pb6!Iv&!N0xYF3lvNP7dg*d40}98u3}JTcVD&$ ztm3}7pK&>UNja3B#)_Yk!M^F{wLNEMbXQ>cX4LeeE5c}OI4BacSU&2$Fuy#r4V(B5 zLq0SQJ)T8k{(b8HTJ>kNK3HCT@nY+Gw;dYzs$FEcJ$PPoD$+$D2%#5|Bt%e1C>lYu$0OgxDTKuudeGxRPF}?DE!S5YMczJ_zK|qqr-pJP$BCQ+OB2 zJ1M#=+ryy-5Z&V4g{C&wlMxa$lG`2v+i%-2$H7+M`fm!6x0%?tU0spfyDS!=$0PXu z;k&N={En&yKg!9k;ipfw>3W~$vS9tP%-+vMIdr_cxC7ZW`X@QEzkl|B{$~ggUB`AM z(ozu;<`<*ab~N-P2!MnCVFvK;Q?UoBxMP1$-o-7^nIu5h-FcaVmsHpc8OxCj{4Kf2 z#=%DiSAK(M><@;0gPe>XH&EF=^Nt2@*^9eXNYzpxUaJ_Wv#zavE=^g9=PyeFUU!2XBv(@kECg|W&Z011Q#B2D|6uwxNx5Tm{w(#UA; z6nPOF{qXvXQ#4T@$Hus`^97QP*<$3Kj^Z+G?_j1MVwnfW`1;V^0&H>pd`yCDDYgRT zn5$HA%wLtUbiagl>s9(|*7|qo3T%zMuCvC%pIz-i2VV-#8!a5H-^{$NiOg9#S~F0S zaMiA_0N$`c4#brjGtAN)>+i{jCm+a3@?t&)`+@Nj6$FN?FW8<)-@I{nqA`#WgDWcz zuN`eoySgq#)GUDjsosP8_Te#Pvx+g&^!szK7@VLFH#Ol^^NR~Z#l(qPY2Rx566cXQ zAg;yUie}Fdw>G5(-Pn-*^Gwx*fU-g2#9G!*T4#3;M%H>SpMpN}veu(t)b_@3@>FDN z_Xoc8NPfI=XEOGku1PQZdWS;qW~$HN=tad9;j*iL<>Y>72{X`Vk@A;8veo&cy~~U$ zd8FR}m3ze$>Vn4tx7;4XsMuwz%Zh46MgO!c9`GTGj~P!vpVi_`Qgte?$&mGkj2R5g zyFb1y{w7(y*rp5R(xjW`4t#2sRkYtR6jOx;;{Wo>`Wv5nwJt0fN3z0?#8aL%i+yXR zK)jz13OrVwJ-+4YQL<1A7+f2z9^%5cZOhj*#{07IX7-F{97G2_h z-r2SJpKq{^a}2KRVN^AyA$d2b=|jcC?Ea2tg*5b{2-aJ{NUgeG;qP z6Z-7?R+HSx*Y_Z|S&I-QZ3?9p?{=(puG{ciZn!X|bqJFTjWdEaZBSGa4>s1D4}T+7 zefHunr30@=9^r#`(#~~SGT?kEZUN5@t-m$|@wNbpw;Sa(rN{%>_|+AcO{Qt^Z1mA% zDm+z8U-(K|%p>|6Y3wGGD6EV2qrcQ)YW?x42R4L#hstQ~({4msp}yu_(CO?}C>abu zDn*m7=-69N`o-coyXDopCWNBCq?!xooD$1(mtr4)S2M>5Rgj$bO~oQPh6P2NG@wVW zb9hTIy1lLUZvf(cErESho+)pT?fk2?J!zo8|4?P!@c5-IH*er!_~Pg z;#PAYpO#S4c~s-O5i04{d5{}J<9 zYrvs3Y5u-TBGxYwEJ_5Jx-zu#TdvhKUGSJ!sXAjNA&!4(WkQ8=3sYCrj3jP+0$8BS z5P_Zxk6tu>0hUSHi95M37@S5!ZVWCAF;u(;9j)}V+l6jGNGkBy!11>@)O`CVIK^IO=SszOX$SRN!e>@g@y!G?5z1k-hW#BY zWK|%tK|xWvDd+-`hjgKl#p(ZX9)jmx=tX2U+Fi(KNa;)xQBj_!goc>MeTPpkMN+2M z2!i_5o&_;|kW&lK^!5?bnoOjYyyn%Bf-;18|7^x7ikvBDEotVNJBqWCAKmae95Fup z!MAPvV?j}uq1d$$_^TWVD5xaKG-&^Dm6O_@V!hDNjF-nlDf!9-pF2}@+977}Y87rB zai};M@S?jFA+L99D5$_F{lS#Dri)mOEs=MwA0$ETmV{9^>B%uA>#QT~z+BQI>pJsc z-;j#Ux|0|_X<1+Pbxmq?2h5#repZf!g_&hx9%>-_~dG}DWGFSusj zugxNF!KW#ZkI(6aBLVvBN-KV|oaP}OPakyZ$iCIqD1!)zj1PK?Jgo@923rmJk)qrB z8W&H(-6}K{A%f1a8!a!k?%kHx^3uE#@U=+D^b1_5kMF#=yGU^17xTo+V# zGA5`LasN?`lH)*2fG55cym6Xu6lq^e8b!}&GM9PGrcAUPLMI;YmR19R)hg|g=j8Jv zDx4D-hcmuvX*ZTAiG*%x0{{MoTAvm{1SWUk=GowES{hP6VA0tk1C&|NQ}a~+cudW= zu?@R4(eCqa6>hsthI9({8K!Ot_z~B~SaMwVBdvJGmcMb0D5i*!P3Rhssizs9M4w%F5734zfZ91{yTl0^5=ZdzYt-yRJQc0z+Ln#@H)3LP(54NT{qq-Cg*WoF82sdp<5DnyNgd=d?;;U+VC|DP;st6$TKZTM>!0`*DWvX;Y1-f8BN0r{;0SGRT1^`FzG2v{Hw?sKO zs)?xOh*I-C6DginZSx~`^(%k%t1MuN5K+l)ByzE*(p2oz|esl}qEtz_+BU94= zvR=9|7)AQPG!>DyQSephv!aiCaDVh|=$&Q&C8g93U&q+xcRg5ah&FSiVIT%0o_HM5 zP{?IMC9ODR@b_n9XdoZEVqa0${6y8G@f$V}pJ5nNL#Iwv8ujfws$L6iI2Ou#oH6Dr zXPvL+zTYSoR69Z=y-Oe(nSj*f-*#RK>ATrH6hXDigB-8O$Yc0}pqB)7~}>kL<~Y@5ksejaAHp3Aw~}A}uxz;l7IZ z<8Z|&p)g@CrXy1%+2d7EB$q@{7I~U0M-hCWo(|X~e18kc*8xqeEZ=D!1@DXxg$Q+) zSVIO;;f<0DMOP80(npL&O6%?%{^t7{P((e74X{gMvh53L{K9A%uSqMAl3UA<77ddj zFxJUpgS>=@?56}&wy-f;GN6elV!!$JgKr`dTj)JuO8B9+;PiY2!kbe*i&bKH&|3|E z3jb7pK$ivzf?8t*Nca2Wc}A~aK@3gRYPIv1E`m5F0rou~n>SS}d0l(Y30KWo(78fcbdTpu7$QOb1u@C=H#Nq=bu>wVY&&`y zM$1-DcYGORF;pmGD{KS1W20EWx2yBME}u1Bzw%DvdPX;nX!9DaEt^qx#NkFMZ1?e4{b%!2sR zz{u>4^a!T^?okC3(Shjv#tQ|KSb#?Fj7C3))`h4S&UFf)oq&)Z6Vb5x@qsB_`2C}UE1 zQGs8myu_a|35TN?bMcBkI}+Cpln;n*;o0Kse?B3OjP~3@ynyeO`SdfyG^cM*e+uXN ztKfvPJ#0$E&X4cL3{4+Ph0MmGjCovTZ+{P34P+;j@!hH615|Ws9Lciz^Dt{#J z!PLo9hEepx?@C!~Zi~3qhME&j3!1bcw}js{LIDI;pR2p0wjq>vf!D8{sXg(%!jLz# z;F*0fJAK#0-jb7|{eri9OXiQz1?YnBf@%11|F&C*I9h<2h_kacS!jfGjG~O#k_VzzuK1BM%&^wy4ad+IS#W7YQ!GK;$~CIOHiJ~DT|RCQ02wg2HE;tcwZ=L zYHDh&eDVCrE$tcXp7)4)Cw>vR%_pZ&xbscx!2V}YQ%Y0ff<&vhhj`9Jn2BbMzACQ; zOKE~*#!b+TfKQor9!g1vta6D=sZ9BJ>6w_U)P%@{noYiLw(j>0hF-G}C^1{HKCw12 zn!GP!(_$3ymehz;lkpaDB=L4}N>ryxZ6%MNzvt?fY?OD&QYp^o*=pt`Mob{?wb`?J z;CQe-LAFZA7n=U~Sdvntn(r!8E9f92`DIj-R@0(PwRXXz7698vZwSp)g=2;-j8l)D zNp38CmeG-3VcV4rzl^?8Ed32ExBD~kCxK#n(X*&u(Rz7wUZqryz-BginMoOkf?dQ8 z>*%`_D0BsiCP{s1nsjIT4IbKW!|K$kW^FTcrH-XU7Wl{f7CtwI$CnFGobU00=@RLP zoJRKd4*N}jChld#CL@Oz{hti2$@3#(hSYX4(&9i7>D+qxazQJhRUtm9c9EBgXF;eC zpK5`WPFO!oKLJ6FZtHHC0EYl@*j89tIAa(qPAyI=8!Lkpy{6@o_G6dOGU;6Ic<$Ji z57p?@B=c-d-&Fw4#K=6&uz9gc0f*^{c7~3oh36<_t#!?sih1o`icr!PV=!Nl;V%pE zpLz8LJ_hOAdei|5Nea;le$&N+0kN?Z<*7@ocg3}S4t3X-hYzfuSczD_uu8I8nU7k` z*G<>49T_{maST2Fc&xdoHfMKSKfh{|#pTaM<78}eyRo-LY0teicdEY^w^7r(UswIp zF7EQvt~ebu7C~Y!U4c4p6KB&-Gr-|#ar77Mutob~C>6PUgS?~kzQe4OQRAuo>AALR zuJh5^-ucv}zRQd=?>XbyhV${c>xsoq`o2fULwsayX$W2RW^?Tc>XOdQyR*_a< zdx%$>SNuy3#FO`xcawJ~e_+R*&!~WZ)_9hKK)qkB-+X6nryr3N(K|s^!J=%2Y=vy; zu90qk9m#cLXOY|cGdR?*sEx|I<#X~Cr9Ch$&|3+cXafLD z)P`Oo)+N$MDRU1t`8Gcq5}bQ)_s?t3PthOIhR|KnC@AP8T2gY8d&Es8$jSOCPDKGJ zJA4+KHEsJylj8ZSDLRaLCt<@(EJlVPZXR(POtYCvjL%}9ho0j=B_fK5W|S=K4&n!d zi;1nlPcfUl^Bw!UO?JbLpvk4lp-Ii$=7MtRQ_$H+;Q;p9-NjGmawb2Zt@c^7D-erzV0$H_6Vzc!Y&tyAxIm>jCG%CGdD4X`c^t+0hI#ADh0)An#-Emo58nt@ ze$*OlCxF#B)SByEEVybk+}!4Gq`92APLAF$sc7k`%U6ar6l>2`FP}FrdfGhaIY#be zRPkutT!3$mLRV&055K83Yni>IaMnnDoAuJZ_Zjo^gu_Kv0W7#A*)$xzWhdsm*e$1O zU*Y`dTC<&WSt-~b9%02Hz$dF3IRz>vFds19Gm$Vo;>5A7${Q@*@3B&BKjz7E`gvco zu+L&dX%qqq%b?}vnxZiVuqS$!)f*@dKV1gzTGdEd95t zLgy3n%d@oz!gj(U5R^YB=u>-lhUDkHIWq)8)Q~nfdGE4^_+CAdQ3YL%P!gR<)9~bo zhLAwGwL%1`LGoiS<(T_Tzh(Te(z|%74D?=@4_8td6tAw1-}%uc|9-uDZ%@qvLPQe6 z9W^2%!WR~9bu;#>>F(s$L;>DfM8ysQ z0+a0b?~SM&=@|sXn@p2$%J#~V5}bNg7IZrLR=Ngs&KB0My&)jDojG40Eez~+2%Rm= zE$uj+d5Hh?;Cy}l-3%lq{L{tWjE7iRQif2_%GQ98g^rnyo|qSbkdTnuR^O0QPU!1D z&|lwph>h*-tvP`}CnqO5Cnh>8TO%L?2L}g`o)O5%Nc-A@*3QM!UdNf%(vIXWBLAc# zWMHRfYhrD0Vr5DAo34(om4iJGG4XFke}Ddx)4Ib}?o4a}8=Oe_p6?Ou8CGBC2xbN@m3FVMeO{u`>wzo9a){|D;7f&PKY4g9Ub zzp3=sc>QU89WY)5Zs6a8&x;UP5ZVR-!4DxSB=F7o&CxQvJG#L=+?f_(9)I?C+c@0Z z0a@rz^@K80KOl#*H=YH~ziQYEC@GCAOiXKZz7v{#H+9{mU=M>SBanwss4mCI10{gYM}9yE3kHJpBi?|%^eC)oQpF5>^jJ=(TL z`Ww~f6REZ73)0a5_xF@*Rg!EAKQZ_1#<@xtE-4PvACkM!Jzo_!epDIfp$~xiGL|2# z89_w-i?Rg*c&aQ`gl6i0E63ma_6!^qVzaA4^{TIbD}U$dI|jpBN`0^!LFmp>P}7^T zf#mdvFPFUC8}WREPyDPX_~C|F_WgxsecD$Y{&JpFynZ$1SbEPJ2Df)$dwnDEj8QuN z(`+T(si5KsP8pxDD$a_lK{JMc`;D+EV^t0wPLFr@(MfZ^Tfn7cpSPcdHEVVvM!m+ggB{%Pi*Nu;>|i3)u{U5O(RTpRgwf?g_bPe%`KHtDrGrp}7EG{mN6?>h2}|JMvI zs5aXSss7bKjUWm+_t?=?FxrVAT<-CV@HX*HxUrC2kL{Z!= z&4{ie0;tt@?3J?HI)CZ#8BkTfvWvQBkD0Htb6ua4L=wGvO-T;st_PT`O18rw1I29O zsW=P9tIaXX5pGK5{j963<{Wrv<-R3IqK!OmaMjY&3U9<a3G!M@W&MZ_5Q< z3(pLmzj#+%GTRUF(VW|@?IKfanJ&+I@I9Y;QsaB5kHX43sjY_;+`Q(5OG-M)BSv~A zk(YxaU5Rj>Tv--U9YHq1g`2T^7*Z^zJJr)Rw-8sJyzrtVQF9|315gFy6?N??=Yzj& zyDP7OqC5p6%IKIr--ZRFZl2fFXPhv*lF~wSi zqB5IwU(yi*k?YCNNZ5xfMmDdXaGiJhi!*qZ{d%E;i3ExFhCH}7juk$#w;tkhvmJWP zoj=%)*g5PnIl`#F&gVBwUyy#y<~GETjy|$srVQcSvNuNfE!J{k`_w1U@UIdsg$z%+ zwNnQz9P-W@uC9cw6iv^Lb*0~a`toFp`w}P+R4b)ORd=F!2{RQ#t}UWeJFDGqM$kKA zmgoG7gOTy)ZJja|o&WbUw5S#9mxr!7R?{I8k%;oVwg~gEPPP{q;mOl}+q{cQr!+f| za2<|clUy0}&&;3{Ieo8ma_a5r3YkCax^>%IdK9O&DbjMk-_C}Ez+PRyAzd&1juWB) zbNjug@@xYun6Pqy`fwCvcl`_NV&KAqD zUs0r%l?m8Jobjzj@e5&ZXDkw}m4JH6yE88mUFbjTIc^9gg}mjdnS93a$kk!-&={U97mC-dr+?5kw-i?!(96s?tfSp7ZqsiVPczdW7f&|FV6VC7C6UW5L zIV57CX*1A+Jl`nimS1;JKbnMOzXj+Y3tP1&6}A8-7|fO{MKJA_8|7rGnOK?f?724!A{)VV-{E%|v23c*0@8^j#)}rCO{fyHK zi~YL2II0d8bUiKBQcLsKN3?ZI(<0kiaQkVfP5BhT4=&5ZkUZ_~HyZ8!qB!qw9I7Lw z5%EByMuQVTE^^IhZXfDR$tzaJB}NY*>~!#|Ri|+`{UqnR=YTfvMXcGzG2!qC%;fQz z9}+khv{A~;an{SgbY@PcquZB~Xsm+W;XOyFLCw!^c$r}r61P|Y+;YBL@U;) zOc7D{RPn9k@;I+{b}V8vuOtJcJy9;qep@VQ<{rfMnm}!7mm$D5$3y73>hhaB;dcvt z7&?C5C*gj%L4Y@M1~N3*i@@RCteCrcn1W0n4;!7L*WKth(8{}?&;zk~kez6~q=w3G zE}_uQds5MP7WxNEGdHpm6HFQ(PT10ClpQj}y5;4yY#i{!@HjDGR%vRlB1Ex6+E=&` z!k-=uT^RK~?6}ht*oxC-lASjN(%Xn|MIJBmX41tHifjxBy>BIj6PKUrC=w>_(VpW$ z*4D2l&q%FRiarK1D`z&wTdWGSsgm%@_2& z?4n=qpdIj84Swz3jL8($w$gTm+Ih9=C;u`MF{X$2r<0%V1+>yj?Mg zsm=bDk&XPWYoBKx#X$*NL9xIYibT{8iK_D+ziM>{-mSXDsOBw;lAEG>_NAv0j45Rf ztm;J7M?S*Sz#{2opSlIN0ZN*x%8lj3u=UQ9;{(-U&Dr$~_!HJr^J_|wB-{E~7dXoF zJXv=-qUCV+b6_*i;qI8~6B0nZv?Zjo704S}*5}r+WiUG5_Eug?mB^)cy$y??r>#+X zbCS8VB3g8h&WF92wJ7mB=#T%)ut5J*2p`^3koz5xcW}VZscph08=RdqpDGg6FNdEe z773uY-*FPzP+rEqv0@8C0hUW`h2SZEnOb?pwN>wdf6%dC5WT~oVbOJO#fr9RBFNvbaUD7UZ)x$VA@1r5*;|ETEBiHrUf>8nvH zBCDFwdjQ89;OGk~1q~DXcZ<|1V4F#*XIBXYMV8&}m~EP52Ap2kl!|h)=hDT1HY+Ex zm)~OGs5Kcr8~8)mo+`4iFZ+0MatN@NzcZ^CeYus_w`Ey%^sN(gKOoyfVN}@^q08lF zWk|vW-OFVT!+$cTSXE_q>;X>h=7VyA`;(GZ@!}?(a5*`e!VIQK)q>6Zb!V`K>Tfa4(NBojc7s^ z#ORZ7`%vC?|4B1L8_BRpG_8Pj)6U|SS>I5nR#+XwmF)1%y!&H=PCXUhaYM=Rt?0Y2 zU&ybRTxDOqI?8)81_$g0yUsmSCWT$eOw#Y*tBQZ$$QSDQ)Z0Cw(m>E|d`e4pZk2jd z^!=CT&hdQywGa#%U0a8qmWkG$L)(#sJj&S8t-dz+5c#F|_b|C!cqTo&hV&DB_TEf- zne+4XvldeUm&LL^&2fwFH)3zQfH3?o*@?8LBOYfXjh+vRQ=)dtUJt~IHQFimMcr8^ zUoBI;&Gc8A$PXR%Vp%BgSHegc>}{jv<^?y1h30XV)lM1|BtS7=v~)pBWKgQSR1TzgEiUv;)(r8g1aP3LQ^ z8ju3t9~a|%-{c$Ztj;{(F+ro(@lP8DG2YfuVNbGYdYTOO-`{~YBn_0a+eARA4*1_9t=S55>WTf|96(Qw@<)%*zS_3sc>EIrcjRQqm`z8D4#JQRS zcG5>gI^Qwv6oFG0AJ7>u0*D0;VRE58Rvsy**#+D$(r+h&GRoHLB9@?T50;aaDK*^U zZUa<_NvP7kyPeIv6Awe&u`@hY@pH;>6F*K)s6;s}JBkQ~N)cO74)eIOG=DriEL)LK zDPHX<;Ncn=$zrLv(yGoXuEo2@3S&MPVE+B$p#V!dqxVcySeIelEdi zsmx^q;LeP3mNz^%oUWKnH^uNz4{?AR4NJeFz1&_}z7Ib&_DC}iKV-r50a~Or;lTrqTA8|lDH%&T)`txpKEd(*!PlSiU^>n?lKw6nayFNgXL7u`-@%tE#gVsBB zV4mjnyGS%lR+&X?7-<7u9k6$nc9vz(@v}v9Q?F+<|>Zx3skI^??ZH<$Sa>eyfME7x#p zPn^hAx&|kGXZ%#h@R7|jY;I0@R#2tm;Vi#5FK`+Jn&Eb`!BiaMgvIYeB>8upBC3qhwXwqLOz`o7y_KoR%>Me6wsM5*n zUCWW$wU*w1eU~!GuCM06ZxFOZ4P`t{<}m*$M=6aqpDTaKp(uL2YIe2D_pZFr?=x-S z2JjgYuTS<_k(gn}Dw1gagTMT*xrtmsG=Q6XnogV3IwM{MH}@NPg7!fTCA6h}=RrYPLdxHTk9}n%# z;oFv|J6Sy{d+noCJZqJbi_eD{3fjaoE-Sa;o+fEf{Uo|SO9o36!=3Tvcu;Iiw5OIW z0>U%&PP%jTb8gPM6|eDEUQd!~Bi(Z?9jOg1S9OQf6stXZ%V=8N8|SJ7-qH45_kCH2 zTJR{|*%;$GrJ2~wDW%{6<+OwxeWw86?jm$i0nPdx`muA47=yT6&`!pEt%sfi(gStV zG=X>fb53Hw-8VE$#Ia&ruF!%SuVYKerD`vAV=gS-{@#U4ZY^d+U{^$jvMJJ2>H=dqB${JFc=s{)U0d|w{r-_j$!1I&_FE!F8h42%hws1R$4n? zaMBwKnN+?B1I$BPdfj+29)GqLKe4*34QBG@;(f+bVwnw8{@~?4W4Ir@D~1`kC4Oxj zaBU-2o;wThSbi&m*k*)q|G=XJ8349ekB%-iG`kunv9ZxWv04I&iepX=yoEMht(NR3 z=odToRAhK6w_n~Iu3-wAW`93Ho=r~?VOEL^H_|^L@0v?NkUG1^^Gs~Bddv zalq*HBFpE~AQIM4*8T;eJK}j(-3%JSYq@H;K>Y;qPWh$_-Sm{gK<`n6o6jI9QIOPC zD-VvoI!gCr#sPONK6ULukm!NZQPhgBhgvw_=N_tk3nQKbsh_C$u$qP#R`Ls;v##kk z%h~O2zgSPkxi2d9a$GMOdNhsqb;pDb=vW3$xZ{0BRh3$A+putF?HTo&qrEDqzyGqE zb`!l7tO8xLo-PcE%oLfK>1k*ctrk|cnNBSxFI%FMsz+|k)P^zNhZN)Q3vk~FiC*KB z(eRLnFGpNeD|5SPI2R6uH0UoKIh+cHR@>|QPR9M3<2g8 zqVY04K_}sl0R6Vm#9lCedw&tv*jhhwreHg6LGrKgZr{>!U437hYMRNmp(<6ZdZ7Kr z4ig%AvBL0e)z8E-$JF98U^2bVgv@mlCf%aXBARQXW50c~S^(|JIzq*??drG)R}E%N zL0bUDik3eG#;wa`<$f*hINL(Lk;T)|TzJ8P*6Bi`b^k+>hliUJXEK?r)`5^JV#!ed z!I$DGQuxGdGl?v_LCNz1K12(B$~dAJy=IoFYOqIySp@7tSbiJVwzx}y<5$AI)>SWR z&gusWy^SEE#6wvcaCC23ul<*IryZGiTi#Y{qVui`#!Knr-`WS`XGMuORGVGvOgvI* zT9NRkjh^G0y+-d3c{GJx+P}GNkR|!zCQ95=J03Yt;k(BO2Jl#CvIYl$&pTTq%vJ^p zN)Ln`4;Cd?j?A_VFmLdNzPvQJ-qX$6`CfT`vMjPp&H|*&+SLo##h6N>jmtyI5B1>Q zwZG8$VE`Ed%u*)P2XA3B4{S!0NF_2EM;J9Ey7JK8${Rh8DmRW{XSg0E)_z@c7I{J1 zDWRRctX|@gWs=wI?ZFt<@9P^$cO%`KL5)VWV32{7#TmjS)ysiainYMODEmQk^HBC=jM50Y%L61nhgAy=c;-r6>~T@El6aPycYp(#)|D zG1fdne5-C`oo1V=&e?%Kz?8mHyO8I_*Eqk3Fzc$A!S1}Qo^^FR@F4N575K9xSn&R% zkL-)lCg9JVM_~x$5vtM$v-DYs*O)eo8`^Y+?gn5pHp!(OHg2xieVXWAyz!}ZEgz}u z7}X#5yr-XC{Z@wzxvR0f&l1&t63j}#{C@KaYXyYneTmq$ADp7I)p|lwDv0f>dhK%9 z9H|{pS7ZZLE_vC(b-&wAyp_vnS83|PCT6wTz;kbuyD5E~Zh&vTOmd3}AR6R>n$bCE z+3y>P9J1~X48bMd2W;=FtjV>BY2iNmfSa-<1sTe=YHq>e^Jn%*3pUqO@*Xzf2P9ezw`xyOJ4E4?T1DKtk9P1)Ddd1k z;V-z|o!2_+y*$Dyan0j4iqs$u-sFoi4dGLs{Zyme$9CCu@t~oFhDs~#>aOx|m_PSK zK4L`L_vQI=ae?3edcXX_&#AYU1DtdssBHTrpMu)jqzX$~f<&|Qf>>r|^Zh~71U~ls zx~t#Dh3lzqO;K1O-vTL(y@Fu=JF4+gOEUCy$&jHxHn&p-htG0gH7e>d_UOR_(y1*O zYp)PDa-F9Gr*JtH&R1?5Y*s`z5XdYbbYypWt2P#%xFJ{-f|^FoT4&6P6(qpPoI3{4j< zc|SBS&z@hNnh~xSKS=q^jp2ZI$Llg@Ff))+_jdk-e-s;(A-XTF$>5veT4%QE`9_1z z9n+)cA!vWm&qL}(@}zrb_t`km@d$}EH70L(AwZDvh*h;Yxb05cXoX0B?_9VMIqxM( z*2hs9FQxwuNttywIf_}iX^u8Za_DTzV~^+d{fr1Qvq5m8PQGTPq(dNBT3)!OCmNlh zN}T4xAOd5LW)m2%7q6Wn;h)%;N@0XX{ z33_65e6VEdH0yGelT$fF4pd_!XGDMUQ%eQOry(!z5s*Nq6|2Uxs1pC&eKj%IKl6p! zmv6GM;JvJhAZ8CYm|7R3$zUJC#T*3bh%bfJ`G(tP%z{b zoYrEUtopjB>MYlThC9_>utK@w;6IRJC$wJkh92_zX|+v9GQ;^jYPl4j3_bnCBq9>{ zG-4zgo2`@p@>57Nl zg%voHXUxRYw;7@-`8lb&y@Yrow+Nb*kqkSg{UhIT8$giORX%;8bZlxrSsa7T9E*fW zLM)2R40*f(M^y#-M?_v}-_O+u;vbH<>KRKT13$D^ZMlnAvH2JQgNYEs@^Qv;m@6sI zsC4d@X-eaL?96LJD~O9x)UDV#?s6OzM!Px|X73kR&n-Z_fzYiwK-N=UGM-L%D7Np( z&EfN0dJFYnT+-rc<~Qf?h@@wW*goCX{NXbm6MTj~W+GO7DWh{ZiKXczu%aGna0&;U zvyTIrfQG{!D&|e=dh=}CTO;*%R$J8+bq$tR zH3EAymZlv%#&**6Z;#M$D$;^$saAFCG0hGa7pu+p-(_@GFSt#5jCGjl0leS`X&<4% zPz0(+D+92I8a_^W4Q7c}9k*@WG?3?aCo6$f^(GR>x|fKekmcm@0_RidNT4`_WF!yd39MO8EHq35o6Qm){h)Dz@gb{mNH=TG?;>_qhilZg#JvFrAnl@5oBnf<`S z8C*eq;SqJ}hjeRC=VodMXWPS9KiSu#H@9xdNbj#^GGlt?5Zu?vrD4DZ-(uL;Hh@x^ z+DkkQhf$1KP_QQtZENb^ntp#CakM|kS(%j{bn9H|wMAw+-KKx$a!Lk&ojqj5a+s(y z+DMP|suHood+|8dpi!w3GW?>UbD-b^aXOY{l}q3b77D|00>;#eqDIC0CSQ6n+!Rya z4J=i|xyAK+)&|BaL0%i|$hp@Exc0ixax5ke@XXZ&$!vXT$cp1RX{ln-q)UC^+tcCI z%XvSd{+#i^$z^Y{zOr4p!~b-XxH)69NpHENV617r+^;JWGm`+O>k0EJm9aBR_U|Dq zAI6-7#WJfLD2a=#?9;sn$>Dp#Iu%`}RjGnlJz@5OoSQK4p0T_s6AWRM4fV8QHmHgT zRsH!zwORkWs~7uz_`)dlK&sP1eXUD{atpihQsTJoE{EmMiQM8tPtP**p6hnpi2E&P z+exow@I~lRa9JK6?@6o;1MY>CYlKhvhym@6Ttn)g>w_*KZ=Q{=+#kvkzxVrf%JE~> zWQaALyoZGMrg->~bJCt2nSm5tE{|+2;BjT{wAX_^(&bRz{A4D(N#4)zO8c=%-`7xq zp)6ph&~JBY6Knju0a%jjw-f)L>vzdn?pph|M(2*V<|42+!V8{-UD3EH@0-*a z6YB~C`oNP`Uv)!a2ga5{zy-@?)uNz!BkM&nSBx*@dJSex5?%Du4%uD@vnYXlw@7Tr zt;(+K+iQvCtHSMv(;i~J6q$ITU(4c#BAISMt)tiB6xOA%jATaXNDO3)IfyOjGH53U;! zTDRsLs>sZ)xo!`GJsPf4e2nENAdRGsyJrbTJ2{UD4ah}X`IhcEn8J^vTP=H)EgH@o zz{?S*1fIhV86(@(l@*8Yu#2u4xnj@B0I8KiTu$QL><_Z-okI#%+!6AER=tHj8mQ>W zks7$|U5BS8$NaV;4LeoiV8^(%^&Bsr;6;kCo-d<^M5kMp?$@1WBC=e1pNx7@^gd}E zGlmto(|8`p<{B#s0-WE>s$7*Z#SDubipQdo@F0v54XzCG(70MBM>3Z8>z=U$i?|3E z-AS}u&ymczP10f~jbk_p18(v?!W%DVOyO#JWXb_4h@4kKX;ZDNQEI<>v+c}it0?mJ z#x)?n4}~Evpg9ea@$TT4dwgUPc5MY+K|OLWlH@!d!T0VctGftVm3XSPo_w(4_C+sq zoa!`)skD5vqEZMu9A8bQ$(Q@Bl~r6$&g0f;rs=!#++aY$MD4g#)8p4gYAqFUTMY^E zKj*9QTHZblLt4T#M869M#DHt3hniF0y?UyQc65U`a^LLszB}_= zlsyQa!{YJrxj57Kx^`%QoaAfr>RM~0?!4PPVHw#%=iVl4NLBRl$)=eq0m85cZ@9_w zpz_r^-*DW|${1)3Vj0aS(#-0<@e2gkrR5SCJve=p8E}Aw|H||7XnPp@g^ok66nXF%^Fq^wSTkXRdRcFzI)xH^NJGCu6^sdLhX*npMeF{6H|0 ztUkkov~u>x5}%CAw~>t}q;KLAxu>)Z4#So$)l#MJy^bmKXPuXLvrK|R0QOvrwzVXE z4T*;22`%7&qu`!a;F#m}9Ib;&sLLsK!7jpI`=QAjB+1fW)1c7bwOS~UKHk;o3(?#T z95Wt__@bBvV%Q8YS})Heed^eS6kqYdBSBR&bHoH*srM|u+@f#A*H-{IvQ6!hFkWeQ zoZf}+z7n(8p&Lrg1fDhx|0oGhWyESXpzYYs&+s)3QN?EQK$pWB>3X}buv<+U)~z<| zq`f|+pShNF-YU;g$hjs96q|PbV_jCWP+9gbDa+fW!zsXon3dJkDqM5Ifa@;=)(KX+XndEIOfIZ1Y=4=RS!!L|l2e@`rUe+i#^fTO1HA@@70 zc^1p3N){I26Mf^IHe?Fx;XtCZ5u`dx+-3$9_5}@ck&cgb0&XWx( zz;T^nbp)E>G$wq{O$adcp^3`q?a{W!sA;lk-`*+z>64>6<2sc@qsd#WG;-s*vE^KIhxxAaOQi2r!*-uPSnQ5%24X>I!AJf4xQ^=*%h0dwj2 z)K~M(uZ6hZ)MZ>7gZFI`sbtg)C|UnZ(#=6-1I zj1I>)X^x_(-?xe-WV=Ehsx=Qe8W`<6FOe^smp*1WBxGe>xa#FQQb|^vX z2r*g0mfg0d9Wt+etx?-fsn9;#!kWr1WAr;b-&FZ!H}|+2UE= z*{0E6G*&Z=DHC@S;cVN8KzOEzn;{BESWg#4Euq@|9;ixnGw?pYKkrCYNs!EXk)3m# zfI!S9gr1vJsaQI1?`{j z3Fh{*MtG`%ebz>as=Zq-bg1|*wpwPTBR2_s`x591_j;vgT1TN?v9+2DtQvK3Y_e;W zp?bl_1bGe>_W0T*8|Tk|WT32kjdT-|!r=Z_rR3IY9cBDdnDF0lpPxj8-O{C2ty(jQ zr@X~8$mJ!{1CPIN9R76SZ+tBWQlcB-{wtFH-S(F6jaoYEUg{hg1A|S_c}ma^nsV~b zCp_5bSb+&xJB03*La!XJ0~C*|LF9Dgx6!_=N%cv(+v0ziB#U1J znq5Uu1p6Nu)Zgy%51T;1K>j|*p9^&RAESnX_6Bz2bJu{xf1B$MOBCf-qjc~t{S~$R zmlQrxuQta*`)c_4Z-)Ot$fx7g<}f$wntyref7!%e=#_jFJtO-6fJ0+y6Vg>6ga3y` z2}xhcfA^10{%^hih(TBZ0cGRk(UAB*Jdz0Yl{{(Ki2wh9`@moay*uh|{V%=$()Mle zD|sRvee(YWr+KXh)h0N}`!Bu!nzJIWrPS}>NtpgrkN)=n@@v1^2J*og_&+AhXX01# z|JU^YS>686HRbKN^E;d#Uoa;@F$}CT~bk zGn0FLg}@Efd=QwmV9>q1*r3P&SyFH3RL+B4H{lgnDmvA;t1xI=7{{~09TtbS(7X`| z_2V2ApSQO#ZI1_AKj}8>vV~U%tWp~5$jrR|kZx+IdwyX*eArMZm}b`e%PvBk3VQB@ zW@7G!Mp<1@mLMU!aG~Gigq7RrlIF_o(BaBxmi-;Q<&S?YT$GLctZ7RjUzIaLQ_8?Nv`In%DTaXvSd8=wA z_&#=<<`|<7;|;KC8>M}mN}uGsuN752)MEP%vUhb(e~94+2|9jCu#odJipB?a*G`a? zc3EPxR5TuDJ!()_>{y$a(SMXoWfhz>b{Vj<4<24`Uz&(XzIbcVwme=}wD7K?Vom)7 zS;lepSSuIpsEGMks*M}#kGjzvZlY~RCkn1|Lr?N@(?JJH$I}4xe;dYURN56~Y*6IUL3G zZD9K3q^vh(Efy%esn;6gOB3DY4CE%tFB5L;tmf9^{h#1BW34)SY?N~3FJa4qQAgl* z0pk5mnQeY5nRlo0J7U1@nGDZoR%T)H70)vw${aJeuvUT`Sg_C{CL)RfxCD}Hb(^3q zKnV*j$v}3v+M&nB{c+$)*q1ZJ+F%9XfCtq|x7O}O1RQ$118ssCw6rL0X@t7N8U`F{B-qy-$D83-{ubT^fcE* zw`{xRGpZCZP|_gOd4eHO+dJ=;cdG;gs&82*Jb63zLt`#K@XkYxNF6*tI zE0o_{whP&Nmp;&E8JNwP4mvq|P{jQ0DSv63^D*!yB0@L&k)8IM4GBo8+oM-n`}hl54b z3OA{jvV%#XL1$}%NMB?Y#yH6Ok}8n&T(Knn)5pt^Y*jW^vtx}&oZciRQ#(1@NRXMO ziNdLS*{c=xxaA${hd@VOT+l#29Sx+7fz9&uxC(DE(DR;YX?)^}0>?=oB|=ZQRa~R8 zoVsM0Dp3Q|p`%X8&;sa&N*Usv7XgbZRfM!17iFz?_ zU^!nc^pfPv#phztX3AO4WO-L+1M#By`zQEv={c`=gJi6tl}B={1o1 z1Y$Dh)F9^g8->C{Nk~-^0w3C$A1kITahy>PZ~MT0b`vBSZ)le(bkKfYPi#=#vu>({ z<<+OqvT9!7!0x69uS+cI9kD2i$qQpG6IDakGgMiZ3Jtm}xLVo*;_F&v-^~U5D9M;l zyrX_W&1U3tsGu0=qZs}*;T9$o`$PX%fPQj~K;s*En@~nkLEKukx#v@?Mqj7aP_Dk( zcI14}3tZD714(23(t<&z&cusc#qj`@kSI#YYW(b4)B00(&*YC3aR23t8$M{+y8f_D zhPNOJUTPY+#n5nl_y4f>m2Gi#*|x!5gS)%CLvRlSFFaUqcZUQB?gV#tr*H}G?oJ^^ zaQ931>G$+|?(KhY&$p^)SM9x*%(=##Ys|3*BiDhcx-~96xc9fAh7MF(!_6P#UmcjM zNLTcO+{6?IjXfLzumd8N7u1_Wvk-Sg0_o>xydq+g+Br1_pCjc?4+XRqnn2p^+f-IV z-ctH|D1KIOZbz(92X(D>aIM0ZEUng`TAp7-O*YymYupalxxP)|T&%C;8;yUKre~Ox z_iPpfjf|F|F5P0SpIds%TLS;bz;i)9+Mr$*I#z2L+bCPF{#ut+o>=c`^1+Xy!vIHz>w z0zM=Brc;Q!K3!?Ynm7?HuO>7^)ZN6uG_63@Z6h=)*9^!zWAeH$EoGdZL|-7J@_6(w z5-b1O;RlhiY_aEMVth=_a2H>oMQNg+m7hVjUS{-kyiz0nU<_N+tSiA4BSw*!5` z7O;vcrNfwmeP~~b$me=qye4$ewIsSvj=w>lz!OP=#N?m96r5l`Ph%O|*)l4kt!d*W z-1B`o2Jau^Qhvc(y=mU>LCrxZo_+KrAbHeA`K=IifiXvmomx*5p9;lyM;3EVRhBb=mnpGMO58vTl( zKa5*aRlDG0GNMs+(LrQ|%Oh-o#IUJmP(TbSQN@%2Z*se816;2Tl=+LnyIlD311!LoEJT>X0^8RgFoTq9(Um7 zN_Lw%nig#-SChS$N*;NfPQ+=qG8(QEr9^rcHXAsOPM$pv)4tQf6>m9&9+Md}XwrAt zOdF1Z=O~Q>a8*ZW%UdPqVqx{xzMw8_S_*RCw#l^b7fQ#3Nl%C{;azuF-{3Q?ys=Cih43M;CQ6jgx+Tc>ax*>ZCEZx zhz{^DcWP;Gt=5d|gnaE7t0o*g&!&AN4$n*WCIL;KCPpw^y+c06yQaR6f6r2oxj;Jg zQJ!VV?2oO=O;!`q0KID}5!u3-4&eCATr6|?-D>^b8hz;=d*(h)T#_LSR6c%MH_#UV(q)Y9w&K7DU3*AP9X0@XG8 z9HR)c%vQ-mCNXNkb@rlgOb1zG>_u}Bsq1F&FM|QQua8Ar*`vVdiPDN5LyaM|5G68H zYtex;6Yvc$DHq}e1l=p2_^}jCPbgXtFgt^>+U;SLEsNeEt!0FpObBo~WgQ&Hm_sDCjbF**YWW$}4V_~Vw(`frT zy_VkXKc?0Z00&9(f7m?y5bih&rp+7A8Yh#y0r z?A^oJ)b`q|FZ)4~>Q`5*GE3BN5KUjByUBr@>26TYy1TavrNkVJVDk4GHQnY>;hykB zW~Vbgvt9&W%PD|vg7>N|3(XJ}edg0$`H{ZoQEK9yv*$wkHG0G}Bxb58j(={k8D6c^ zD&HCCZgYG)q- z0K{AxL2rIR%KWqqXpncg{Z-4>*6V>0N;)IZAcu89|3vmj+eY>2ZSZe5SZB5+}zY-m4-(RV5nAr=}1+*<}~gVJM&(7<)iQ%kavlM!8;)TQmQ2t zIta|eV_^#W%84|mM}df8kghd00b@J8Vf>q=c{|%Bx%61Nk6e} zEiLB~J4Hv^q9+O~Ity8wnR_}vj#P>TDmQpeP`tafe8rUy*XkjGEdKqpo|l!wRdR@A zedM@ZFPW2mU4&Fyh5gUlblVP7dL73_rd2N(-IrV#RSzo6?iyZ_%|eq{ybXnSW#>F zFC)Zgs0YlY`cVW5r8_XkC7rochkk~A-XG*mTk2&eO+p?TVUSHQsmo+HK#ydeK;bj{ z5xJILKwXQEd|THVSP8O1o=_!E$WcP&1Wh7{)vMLO)BWWzSjoK zYfc<=wMRU0jmdn)x0^TrdNX);Md)q za(}Z$2v!J$04D$1`}6~EVzUR1UZ?T{X zu0137-RD3%VN)<^!9CV%Oyi0g$%!(*{ry~E(wC!Vjb~Tf&9C8~RUeNJ;{HB$;F-t_ z*Fnja{iuQ{8FI1Sg}8bJGwaG;ahZw6dDQw8&ytVeW>!n(g(IXds@D$@3r`H|3zrqm zu&3nxqC<*Jt7bb9Djqg(VwdqUl5k62QHjHREb)5feG33cr+h+L{dTZ-a(G$(OyYd= zwOJ?iA4tcgXA(al9z?mBfiyItA61xPvoe)$jvnsVOzxZ_2K2kL3c$Il{I$aqv2&T` zifR<=@xj18YCe{G&P0U~2jFQ;(JMwFT77bS9nnhWmpX^i;4ci1!WDVdZQ?75hA5|h zWkdf-=?9_L%v&FIx@*6$`jzW{jw-TA9Or|H_W_Cm-U&PMUtI5wh4BfghX0UGjv1kK}RKcrkbE6CPGqw zpp>wVDQ+amhN6B<7ff(kxnsZns3?+?+ZVM|P&LwNNx>VwxuOhS`Nc(LL1+vG#wKIOBAm~}65%v8$-1`2n*uUp7vB}BqVg)N)ZGbuc4lpIcdLb-j zl>HfSe)S?nA!{YfzY6=sOklP5{y3A?iYn<>(EwIP914LN#z}oU#@(Csjp5CTg%c!w7{MlPTNv+@3=InHl(bL*y70!Tc~_dg6AS zs(sy)7O!S*^LxYRrUvQpEmv}o)@>mu5HpPNqGSOxvlJOqYyOx8#w@i#u#o7#8jzBA za)JJDl>1&BR2*=1M+`o)(u3AbC!^UsW>;a%fa|$Z@p&#+JSj2Y+qYoq)6R`AMtA`XL@D2isY@dx_7k@gZx>qqW*d8!2P9AN|&HJBKM( z^%y>Wg7&^9Lq22PHBAC7v1&W1=vPiKqlERQp__aVi_2%@*ZL}3yaZ{vj^gmj=ha-Dcj0}B zmkCn6){@G`UPl0BW8zLKzup@+DWZeW2&D_P#`knKK!qae^L+NDk4dLSS&#>IQOH9< z<$+4ni7?HYzS;M|Fg3jZlL^0zpyTNeclg_Jzo+v$NX!uDM4A59Qw`3>8#IOJiTFQ8 zs^H+O_)hO1Ug{t61xqPGJD_(U%A+c3IigTtkc?NHxvM7I?CLBzn3j;5a z?^aNcR=Q}phk|Ef8Glyp%aDJnCoBo9g*YlD&6 z!sNY??a^d>$E79Hx+_9R(@#mo6vB&r%3_E2O~;$`?SP-07mHNP$SGYY&YSCdytWUg zd?Di0h%CHS*1Req%M%ECRaXbCqo07t@16#HRs0T1Msl$)vHs>kHKe-NmP^{JJvZNx zJCAguBsH0u;feA50bK@d!Kf}bLhpQvfrFQ1u51(Q15(Bc^GHQFSn&zxn?Jsd6Q#fI zB~lHDB>s8?R}0RDojH)e$_P%X&UaWsQ)j4&(!uW%&FI>2-g|}{9AV|3xRtr4Fp;EX zsgbn;T)T3fw3S%DFv>gmSL0@^HEC zt+jtz`H8ug)N~i>ZX{TzFoI5R7W*i44}`XI|B+J>?+e3Zyh^Doj(hKMR83-fG%7Oi zDTbNapZ&PUJ+_p1f#%50=Uu0ay}jHIjn7ra<(W)~cEg7EG}g?l$D0quzrg^P;^?y|8C9ZybRc@aljDn44! zOt1qgg2+iiZr$q3dc88Ubn0`(p_f8>R9?(xz||1K&E+4=*pC+dgswM6X>A1g*giK&Lgd$^35*2Sq01<>V!l)adQf;H5^{DV30t z){*Kt`$WudC>lDAYKglEBwZ|nY9XiU_@u)HD7$SrQO69oyH{Vm{9s)7|9p0w%vU-e zn9a{wdtff}v{&?c6<$k9|DjfVX;iI-#;!UuKc*dR+@tpK94vnlJiJs@Df=`PH_va{ z{!zON6;BL}Vv_&OAR5C7MP4o`V5d&OE-AMibq@r={@&hELHFIjn3;9jYO2K(78Q^_ zV}e_;o*i}RKgOd$c-ET>8pw|HZx<3+#^CVCh}ChW0bgYhlJS`K#i6R-& zc&exGW8n3!!6S{pW1DzD^I{y4WTe`ZSZuCO#wr7;*cQlimIc@k9`)$pm|H!X=V&Vx zO7yZ`M`!}Wa8xvldHsf%P?G_X++hyYl?Wa@;!^X`iZp^+mXZO)mIf9va%36;l9>wv zuULZ~RjvilShEF{4aY1XEoGX;Sl17HRAwpE1!k@wZ4uFHJk^H`=AnA5mH`cUhc=a% z-bcZ6K_-AREzM0#Uu||*@4J@Y^$DO;GfL@mo{&YgFN{g3&rgKe)4nMYVhn2eI92wl zP{B;7Cr}1w@dWbP$5R&ws#|K#){)4v)8Ggl!Kgn%4+=jr_|C5BHye8P=ocLhoV)82 zq{)?k4oFGMt0=!(vj2vUC^70cY(6VYK1dF?b02Bc^mz{neiV!kKWTa%$QRpZh+yye ze<9~*{~ufIV)zJHBff2Ja$>Ah%L=iIArT=|)e@LCGXl#$3cela(#UrdwjDEnyP9>% z5DHQz9XiPX%dW_`LI**CNJr{m1wMz}F27SVh|j&mU9#9FXbAMZ@A`jSpd=}$mZ%oP zBBH)VH*WfeB8z5jF)a2==eu8`yI5($!N9;=^8M)OsvKMy$CN^C`Tpbz*WSXmjDPwb zALG)XMD_o(p!jdNJkSZ#h^#6j$CKdS6YKAn%b3vz61de*!guG@{>QTXms9?p^3G7$ z)-YsZ{*N32v0sSq^o=6y!LR@O_y4Vx<1A4(dvIe%HD7(d`*ZHcX3OFn&mi zwD=eAL!AU7T`gG!r#L6)!)lYQgt4(PUA>tB78^7L1;tdYiOk%)=H-&P!SMLFYvZRY zo+`EO?0}i9o!wmwY;3dC?1 zyd$y)MYz_sWV*|2Gx;2QX&Wy+$D2TXU+8(X=X2)|Bns)6kp2bxOUMFaVRsUrT<9V& z*;HR2$A3WP;;5|5!{F*|jVv%Y7|kNwk? zy~{v|6NIU?<}*e(CFrwY(J?}F_|o@jbl|>hd?!LZdB4Le^mWtwQ!d~4VnUBBpFuq* zSS4kUkKTP&;zTdPg~g?1((R`+2!|&jw&gBI& za;>?W^L7m}F?&NVZ%)IyPNfG0CR{{l%A98Gj+0+8)6GYgV^1ybPPF^bv!Y9DjOLN2 z(|?TNopU8-&+8?~L0W7-JNxU-vEvf{@Fssz3q+5v@GqKbi8h2ZBf~6StBo%9-hbFloMFPDYA z-(901&olKuuOHZq@9RhZi6Kpm%+yFK8M23 z@>Kn86u-B1dwzV^QgMLev0eKqX90BL zk3Ugw+6gH{2NmQ-`~F2jG-gEK4{Qw3;vY94Zlsk}MrH_UFB{pj)O1iSJ*+E>ElSb#;q!AMrD5Hq z+0Wmh??oGGE;yw#v*xr!_pgUKF5iZ`&wwSDOKcxw#TGd)4Fs@EYXt}Ae=F%9=hS~D zqZ&e%|7CN$Ps9wbg>r{d62q8Qa`su~RmXJ15GkGU0ULWu>HSi(F|&|p4og~_AEz?~ z<0^!V?dzth`0W(cot3T$1%-oi{fuv?-SY!gmQc>EOU3F;NX(-b3ij54$2V}~Ulf#H zSu!6eM_RRuyVcWf3bhY*-S`?VjA5sW6~ zed>=VF~gAZ0bf-a;{u?ZafktH#yz2AxnE`{w6dVFkRZ|4jAP>{oFbH#whiGvh| zhj|o*9m5oNnF2?(F|1?~5SuUCT&=D#(qD-UO%O9>ATRwa$x`y6cOIKdLEenep8lrh z{5AU}ee+1R*5)KdOp_8Zx6>YV=~`@5b4*e{?yXW*(rr!c-O-i#qlD`O(yaY!M?`7P z+!ui-zeKcy9HjYe!hV{gPi)bhVXLivQ5F_GLALv*Ie6Cb@{BVX7xTH1EF-=sPJ<~X zd)M!w@A%B26Y;wR+3B9Zns0x0jX`-**6v%hr8|n0+Sz6~pUkdX!OEbE7b8-dSPj2zsR6eX$>_VBU-8DgS)3Vc<Yjr635_`y#tXKt{g2#yk9$+A(2JFUOOfAw;mQWkC-b?Fx!&kmJhiekayiEjhDb)t3jLzAMvBC1o zcbgGQ6uJFL?E+4BSh1g{F4&&dggvN_6Ekc-xHkN zEmxYww5h>g=Slhcb!qpXS{mW9|EWIp0j9N6jPR9cjmKkf1Mpqx zhx~@BcGgYc>Zg__dKBjqO-NUik~ys1-Aa>B zZo@OOqK5fVfmrxMJvyw}B&Dqbi&H@VFjy%4jPOqcY9A(~C}Oa}QX3S-f@wqH4td7~ zb$(ur4@tT!0gSCqH3`ER${lcSZ^uT@OR$^w-m!DO7*nmRLs_p>qk4L~ZOz69%4Un88kb1- z#C?vvy6fP(1tI8_s?5;qH=qqHJsSSK}xLN{I z#VV)8WR!G={%GXWSq@Y2l+qk(?mL7>`LZj1(b4iDg_*}ruk3f#)eRoEx&T=Wn{Tdj z=b$qTfQZ5Jx4ZQBVfgfgBi9vz_H4t5p1$5#D$n_$t1dr{pTb%$As-4F&fzbv27~5E z@NBLoaw8F&&yEp&TuM=YT=q+p!WE!37|bA&mAZfE{P>ZIvY+2FuYh-Ir_cXqpyMjy zvYUFgm{39DY?K#&wWF5dY?!^W^~EHjs3Hk|kO9x;&Dfy&L`;D!sb0eBm6NjOHt8Zb z>XR8Ma^&@37aBrO3&d;kYs_8~n39&UMrLA^voS<@AZeFB&!3Hi1UvlGDHoz8$gz^H za$r+gW49#3{~&3aHA!xw#~`p14}&;B7Y>?&d}Z_eF?J#NfJK9{xrV^M(@Hk|MGBt+ z?q2*9eeSa>iij)$Nk|WmS@rb7c8g7Uq@Pb~JA_7j=a*Yt3MDWNGD5$v1Y~9>Y{!|k z(1wPS_tlWmgSypkV4nQmb2+S`yfxub-j}ym3NG5YKfdhS0q@`VZfp)VUWv1@X9d;T6dM6M=!)aB4pZM?xAc6{e(mTulbDzJe7 zxZyvc`poiIQDKf5B#&XSZt~COCWiZOgornS3O$@}7@IV0^I2;@fSk!a=%<{2@+1d5 zREjc`9xj_Pk4Bq~rqyMhst1a#4f|Glp^-^XVuU}BOEo#_N}v|K0qOM8BPtphYaKGz z0D=Sam5qQuUcM~JW;#hjv8r~cmmqsH8-b?wHuwuvNQwCaG$S)}nlF#*KXZA{B&-Gi zYUJuMm)JcXG*~A(Kb94EdW>t$BE<81_WDyj%)H_mVyZ+5R~XS9OXA)~Ea~h^Wmc8` z)D9>(DL&gQ{*3>zRIjtZmJbk)V)(GzC>JN|GIR9YEQP(~qY3--@FPVaA8jCu^DW8} zZD6A<=ASP!tI;(&l+*pqlM6;J-_Y%TCPtT{5y<#)+gJPOB-mGJ8vY@q9?}ahq(yGt z{1s0Co(@ysMj2`YgpL=x+|Nn~GZ{)pAuxtBoBJ)dQ2n|* z$d}8(cuQ3N&AWI{X50e3V-u`6U_x+k94bRlb{0G#kFy1uoVMqX%9g%~V6;Xp+V4k`skmgHRODG9E90 zzt6XiVb<%%BQB?NMX0+kkC*V@;`<}=taI? z-fO-eo;)Zx=rj`uRo?)(Acmvljn3_f22LtN!W zSS_}qbD;{&GA|ijxDnqTFgAX@r6KdE1|>OX_bPdB^g)OEHshLHWzcJmIswPem#?Zc1eXEN33Tv`AT1h+7-m7i|a4(VYl4f@b@2a2{u-8TXw(K-@=bR zBcs(@&#wMgZrj2}@V!#hCJPCoV&Fqbiwb6$g1MMnQjw z&aUca-NW^mn=`&RE!TGWY`@0LoMuBCRejlCOmcb~Y6foGF!nN(c%}Wk*P>_;fvPU-pQBYt`+RvwgAaSQINNqpR8mB3-sCZyGQMX16mnJOkLM?Buwm#+80(s&2dMh+)6v+2V*zcZ<+JEf zfz+B3SotbxF}jvoG@@PvI}C< ziV&S@@c38z>qfHXNbGU2VNA05(Fk+>OdSiy$YcNf%3_jJ1ImH2u;0t#F{Y$i^8JX# zXK0%1ggcw}gV-#Gi`iYj6<5|lZ$Ce?ak68%k6NhPd-@)la-DyvM75v_cx(2TE1#D~ z8MrxWJxEa&LH!5{MIAyj9C_LkUB_$Ke#YM=LkSFQ(FM5rmxtFfTs9@t-(BEzkOIs$ zS|=^bEAIch4mbv3$sp8=$t1?2Kscg{knjfzp+NWUa{eP;GM;XPR3Xzqa?)(BT`>+; z!grWsQL&w4&Kjz6bbdwyNiQ%Be$u3;>et!iol3J=BVrRI@#mH!ZGR80=M@XyfHQ>ADf~?+-53UHJW`8CYIFC7_3OUN{r0{(-jB2t}=(4up%T$}qn( z8;IA%O}|3v&hO*q^Ad-|c4|AF^|$Yy91Jm5akd|x*4&X&LstfnzZd|>Z!}ab3xMmH zl$5p3D%gIvi%$5Cm8zYJDdehv#G5aL*5%7i2)*=yzb<~pVLsP2NFpVEQ>=y`HJJ1v zXTFX6#P_6WEdn2@GV?^~80!;Qo9Qy|(Z96AqKEvdg*@kq6p7sXaTD!#O|aI*Ba9_+ ziaV5Nus7xOV_T_hmCxxHv0&`G8_D=GvlN;!Qni6Q@ipAVi$8Lf5Hz3o%;X~@x>>2{ za$W=QmRO-#KVJ%INy)x$-&nphIVIF(6Ks*vBR4nn3jxY%jk3Is6?Jh88E50gWFI3v1%g;CsFzz88u=v*J=WKpOl9kTD|0 z*ym;BJ?SLWUM&ylrg47{z$Dl43{nhhuaaji{8Qg(M*+PB7_BZY;#8v2Sd_#!_Rv7Nc+ zsd95D2c@VJmRPfa#JiKd0W+Jc_f>{2G@VaxsrODo!=UmpLle}e^H)Mph%u+t=gww; zWKyY<37;j+B#v!L>bm@gpa{^nqd`Tjh^yV~8 z+Ge=l)e5J78=ua&yae^W462p^3bQLG`s|~WwrN=XM~`x_(tfE|07P`UZLSWqVW(9g)=E#wG8p8PKhwvV(9kShgkFr< zaYz%5bV^Trr6=g4hfi{6ZgQ^Ov5nrJZD05ke!zMYNy7^|Q4^EfV!c%$_zHYq3^;*&32Q*&NFzK7gdwc$j!nw!9{HA(=v^=5;Bvod{^)RwQ zdw(&3V&j<=>gfitiBSuiAcrE2^P53`DuP~T8Bj8p$tuMaSd&!C66LYxD6 z9DM#vHTpEz`86U+qm|{N0ON<2Yl~)4pIN$S;aRt^;ac~Ojb}B_hWJ~zt*S>$rG5T; zHs8|eq853UZdiV6VtEd{n4~`-qMc|({Jmbu=_oCC&hb(ryb!y=mZ9%T>?+`6^rCxI zVdt-3M(~L^vd+C%EDRdX<5Mu-XATBCczG{G_9;j~xA&SIq)nI3D;m=+(f{IK1}-4D zq={uz-D6E09utIdo!*oR^5c9m?1{LwT-^3(>OhX2Q3^QmjljqG%1Y_Q#Mpw>u=*C*~+7%`=ZI3u-5)gRV4MYyeB+ zq~62Ub`2XjsBL=BY`2piL)-`a*n9BIecEg=^cgqNbZ_|A^B|om|FZKn>~CO>jdhxLaK-k?qwB2+`GmW*Qbio zB*X2^6G(tmF*0@dxU4ltPH0XKo&{69uk56X`frgSM-HnpnWCIPJWCtunV+2#9tGec zMc9GwCO6j`9w$vkk!b82ubPH2cb}~;5^Iyz_~ACaU01wz11SCO4I;e<&2KqCcM7T+}t!j5fWE*j!hd|PH>yz zHs0yXBfG`4S5@5I`2tDj!Hw1(fHxbXH?h8By~oz4i?{V|UI4Br8~;+L0!#cUJxTkr zg9!hNv7#O22K_oc-E3dqxWsgGY`*JR=(`iPGyVz0|7&066oJc?dEbD=Ko)zBQFBw( zPcEUO^*;Y6taHt{xVOkA9#LFXfPAr@H>k&skKx-91K*B9%YbT9 zI+@!GddoFsWh9GM14-JdAtp!nSI}^QL@^(vEE2NmXMD9u9KOZps(Im z;B}#kyHb6#D|Sg^ZKLa0aJgP3>}+bZ1@ooO$b{fQsWt_wsRglI9EN6(9M<&BvGcli zn0|T#Uf{j~txEF{{mfiuyjr+fSu{e(MoO~a01p;%h?zC6!O??>p^JED? z$W;#(g`v8qzAb_s0Pq;c!w5H?d9!fOe6`hP>osFbyu7sXDMJ}t=Sk7s|3n}jM1)#1 zC)B*qPTF+p-0BH3wff60(-@6@qI0<`uof>$qV*arTU0d^0?CNOX@Bt3d#SV|I~YaE zFDI&c+X&N`oA#c*^6U=fiHT(SI)smFvScL_Nyn|F(Niw3Dh}fb z^V|1PjH751Bp!Ogkv*|b5!$}Ri0*ZEJ4%Epgb6+0Al>L+u^Eg;pt~h~;v%@X9qKZr=h0SO;Y0AM=js_M-mtRZVT}yPZ zU4FwiV2zFab)C?#T~ByP8!StgUn1}CCf6Y}Csdb9GN`O>RNl}&n(#qSfwuY{fIWfR z+-hlrY@#5Vpo#BNOB+@4C9ilQZ=56iDCd`o5M{7WgZWmCtj(#;&&F)a8>k#2=CYtmIQ$ah$5@p$TINnKU`kTo zv*50H;n@P|_t6{_(7S{K?|h3c{?UREeJ~fEfukBGfKxV@Ujl!rsqo#1pEESE1MB}g z#5d@6-W(S)6 z_bL!suVz;hj@#IH3wc!Zib2{j^V}u0E%I!+^o>;P?V0*6Ivva0@>s3`jRqUn-)-Cs&hxh&ZXb z6X!+Q6Oc+6oV(c{*I#|y1=AWjVi(p49zxu=(UL< zc!djosLDg5{%Hx!=eRsu#VrUH$XtP= z@aBd6#$C$$#k+B9t-5r;>HW;8&%tj5gwcr*uc*NY+rbPq<9sb)xY+4S8c@+GTx8Sh z(Qj!(mAaM5ojNjdq5d+AptG;UB!otrtut+B#dcutOIOf7%lxpH6x=R5=rbVBj}oGU zJ6lVR7ddK)nHfnmE?{5KJygKwrR3_6;i{v+736{Nn>f)>&)IY;gccTmBG-SP(2xD( zU_y+6x#!!$Q*Nk8vF;aTJBfeM-oz3hGY^Y`*dpZ=rnTrqukQHvm62*`%Iy=jzKF1_ zFj-X>2M%~cO=5YKN^%VKKQ@Nws?xGjynWB7o@8hX}z60mlo0b3hd|RXT6P8Be$VSpPgVf zT-n1*uEqq82!Q%r<6Pf@8!+d1e)JNv?BzMmDU=ube5K5pcFq!JFfe-5ep9n!RR|!@>>I9l2+?3+zPRc8UB+MWd+$3DH&kde0)ZV!?>Ze2~ zfk+9k1Nf-p@Q9e*4w~kQoc120$+jwY%hnj~BIE|x6+uLgT58Qv0^RiG92xG8jx!hS z35$uw_0oD(4ri`lBVOCq!#}QfL0f~MCId4>w7cd`;Z7xm#ahmkZMf@M+1ao$p8lKD zr_%8W+bpkRSF?Iu-mH<6cn-YjS=A8Il+Je3)({7iS(aETN9{0Ubse)Q*dv~^%Vqf& zF(r63ad}3&RC|`FtGm7hUuE8ABE`>t&AlsV0Sz+LxZU%$3TC1K z_UU%N`@g6;RQ_~sE<-#6>jL@Kq}o`7JX-6H76Ldf8*`IT+2~nn@SFRZt>;%<4!Bbo zYL@StKJME)>pBZ|WVcq-;2LVNjBYy=qDfzKw|@xMomC3#YZts1$8Xq{uf*ka?3q>Z!}Zc6Jnvoc-}T!1;F6i*$w73 zf=7AUiNm;kxmjOZoHBbVL`vcS=X=uLa-z82_hD!u{NZ(MEEo(>8RP2A;Q7Pa&pSS{ zf~F>e&x;ex&4Qwr6m%?*9B>z1UR8h-;_i3EI#Fc&tF&7i#TOc-tirP758ns?cQ&^WXrA_cKU`L%%^Q|oYY6aR27`jR~60tItj%bq4y_hR*C+Ny`WNH)=6Js#wFDrBYxZrT!XT2+43CM$%4&AkYLS|-n z^EU{>EnGY&EP@pnP)zb^It7L=vf^n*l8^*anLI0ZYXdxJHF(}scs2@nUH5zakK_IL9M3mp?{lxUX3fl+HNOdpPdBqH#!>Va!f>TA zijp4tE>9WwwUkFoIk#BK86|VL)jZAnLYZx9j05LFJKCRV6}VcDDACNQ2C*A>uoe5Y zj&0(aUx*~8rzadeXUSGOD5pv@aoyoV+CmTMq2#qc;ZHBcF>H+U8Z9F4N0PqKN0yxR z&y_u9EY_|gCgLChCk&AnLT)t@$#F)wQ7HeSe0%VjYES!IbPL~|Sd%vkWY~y~{e3~F zs??ql!=SVASx|uF>b$FBjirb*9D{H{+se>nL@3wfnmQPYa#?6%`A+2qX`JPI&h*_F-2jpstfXwTU^5IT%3*fstMt-^{F z9j@hzLE|r^g0W~thnm701b(IF^ToCrCyfu^drYz~Ks=YOhK`A2n0ZyAN~hI~+dbBZ ztk-G-{wU}3iyH4C5j*w58J`GfMG#&*JL}v8f%&8#A5>|b=i%ZLdQj40*Nw>(hMej1 zR^X|xVtw8U^;@`VeaG?BdCyC8WYlY9xY%Bio{ihe+L(LabqoM}gvpi}AMV`T#Qhvk zEkt^}v>2S0ohlpVpe=dFJhll}*1Sx}&Z~a>wBtub4@85ZnGTQhw3vPWCdP~O7aihY zRGr^|wCzH$dcJ$>Sy+5H88O2qrHH5IDbLl@@1dng4%lzG5PX!?otA9-XD;%b()_|n zp2xBy?7A@GaJij6lQZUgg0}L)C|oswRKuRoH7scda1#52`#fV-O)YGV9gDU>ow2uo zEIt$sb0dN>?DUR+=dM|^Abr2L|L%3(ocD`X0YC^e#3sKbPcyTl4I1TI%;g|PFICsn zW(d>=vFrQJullVAe7gv=tl^#RW;tphnGJ2#ijMPDP6=`-LFn-(j4=Qc1$3*|2o;H<`yL+1kx ztS&Cr2k7Brk)FM{9JDl+RBCGy4&rRNu~y`7L@t(`qC;)o@>p61CeW z((4bE5U1n_uy5m9xbp^W1N7QQW!#;Mtn^^}2Rr?%5m9U0J_rW;{m7rCfjZxqd@a)7 z+0>;jRdH46dji`O{_6Ngl-2uNoN$e;k3d-QlC!IZJ~V*{ya2thNj1sq!dK~F^rG&S z{NUzJfiwlVt}7mx&R;?7oo)2$3MS%k1H84`#v|lZh7Q*D4I#qOQ_*f%3W_2GKWl25XH-&Qf6=0HEwygXHnH$RrBdpdSYOg! zG`;rM*d_Gg)LOjVZ?U2_N@(b6{ITL*Nx!P!tCMCc%gB&=;<=HSt{~F1w5y;f?B>@-T9m^zI(xHu3hVBp}JS_qp=Eg1fJ zo<$lp>S;VVI#6y|v*`fCD1$r5Vn%3+-s%;AQ+Q1;zi*pPFZccU?bo6*koZg}9W{F7 z=!Y^0I#d`PF`G(8Dk>#1z5gb1FEnNf7ewBDz zS|?Q5#f>Pq(xXaW5lQ89qw^)N`no07p$x{blxF_-qvPZ@aPNX^F%cs8uF(e4c}FIX z3rmltj^BQ(lVc5rXdqeY!;M_vO@J-Ex$cj#q2|j>#0aB)D1fUU#eW#T!%Xc&{t*B5 zH_PIFWoSS$g+0Oje;$7KkP_Ai2V`nEfW_84{NaCp{?vjS>VJQ9|IQpF@a0L-5khnyUC@BUmG^#k0IeBt36&tUo9&CT=#`bndKXywBHJAeXwHFc6>NDr@Gky-hu;sVVV>WD2aE9-yzuYuQv(IyM$tB|jC0u;7cPV1_^kIelaYFc9fE9LC|rXlb@5AIh`T?}NisGhGCoBnIs zkJ)|rZ-I1`yXA+iKm%OOOu;eu+koZgf z3O`WgUlZ}L#RT}`|INcQPk;NGNAkebs_H4_Z7-^va&YUuqD1g7vg9PXhg)f zeMvmWZeUM6i!+Lvm7U!*s_qu->+72@&oSZ;jK&KUZsWxPEP>`v)sJAA-?vuHX9$qqTg)|tLvUz`fr|OJ^{NYdZIf2d2`MOK|e%Y zM7@DyQ|J%0{MT#zr*{comjq5D z3I9@24;r&E@J@w3kFWVhvG0dxz#`V_@8o}0yD#p)liln;x_hwGYgx(vYtTpWo|eDk zQl~9NtN-LuFnS=JY*om3=U?^eA3v3H2|ONk3FR^R?_B9QA+TV~)8S54gD-YV?50E5 z#V`TbKHp;)Dh_FQ9UwCEsc)hr9nA-dy$ShjP6(4}jD+_stgpW} z-z;viF;)3TUyc4?NX|Y`Hjdj-5vL^7-VyF4D5}yCWu~u~wSShekK=)W)qeao1Fqfg zll+6odZ3#rnaR$_jw(v}ZIH-E{?U3R1p$)t7^#L#v2Ow7bgF5adRdWG{*A2U;h;_N zf?fM;JAVTe-89BNqtdxl3eWwO6=whGCDB*|qU`c=rRz3|_%eRe&Fv*J)B%DrjWap= z)^KxoJNCm&0A|I2wcg-QkXkJZt@8-*izdz=9R2Pi92WneXy=qtE=XMsalJ*8e1dPU z(NNMrEk<9y46G5N`n7(yh+(w?%L$ZN2&XsIFy?kUvI_1ld)$3@@EvIDBxUKu5pvu< z5XXWwt^EC=^0Ge>(t7OhVvs%M#k-^m9KTWeLb&GauQ7UFsf%CYIG@3{#J*>LKoeAm@Cb_q6)uD9wS0mfzA~%!rXL4`9y+?uQiR|B zj}|12*II5?ujp5{g-2FEXM6AHM7nDtOASIbdQq9emPRBCIMMJXJi2X^zl0a;_;A8f zu7{E=3M17Vx3#Fe?7d$fXOVmUoFL6lR=2DdKyXxEGEZ+Bi{W(HQ%PqXT)CYvqqr1a z`>R+ENt{_(b#7l;Gt<@)V;JK0x8L4W`M*;Oa@owx%@?qK*?9@?hve)j2!*tmE9$ed z>6bMI5rloII(6#h$3WM6{6uyb^RSS|h^aicK=#c`R$}b;B#XwTKS6I~5;Fu|s~x?CSIzj5AxOMR5TXjA zs?@ZseR2MgzLofljHepnU$=z}SWfaT=xN5k&w4p(Lmg5o)LqJBVVYP$=J5C`qB5n- ziZyfV^g=SO6xbBj>3%$D4p!i^Vz8}ecuH+K*f@|Te4LKU<5((7845}!OTKJ}d(x_PoOH_2 zdxFwv7`Vc{4>S|q5?5_^P(GQz$#rXtIFCJne6RM>qcZk_U&UsCfO~%qrG>@MMI@Ju z@^EBczNCX4YhTunBtBYmrxP#tNQ^I_dBcTJGod<`s6Zg@lQt}Dsbu5$r7~Q};-}xt z+}{hHcsMfj8E1`o-`?Vw22TAw21cDt_d)Hr6^cxabGu`1mV!YQE4D$nG_r2l%99no zLkfLR)KAo(FNR8K+(5F(bRtTF>FHu`E%PWn=3m(@Ygeu&)#Q1a7yS$w{8SL*p^BLp zG%ly=zAQ~piU>qy6LD}T-k{{!#+4aA!`R_AC<~IfKdDqD=3ZEq$9tOpYBn0NB7kqE zR3fOf4O6*#+AWX7Ugt#nX$)dM^*dP|V;ebHoN|i+b6Mqgb;I+_QjPe8DBlQ(_}r*6 zt9{d?X<0bB9k(`4Xw1kU2T}F5jp2s&g&^j5Bf{~}JPA<=;r3>qN+B0i@B#rEC=aVg zu}*;jizinV`@X}U8)+`HRGC@md_YdabQ2ce!1|PHmm|pF6>WCZGdrFe(y$V+bvVpL zsPK*#bV|q4y9ZiZj*HkdOf!gqSCRI&OD!?uOWTE%XEq~&F&g!>OXz6$j&LP_TP}M# z?woaK%vvWuwxAmF7#(d(G4zNmO1+J#gtuh~@}y#DOZ^&6#%_klW&Le;w6eC?=+Ei} zZTrP+cpYrqX?%qu2x0PizgGlC==~nzh#2>Y$|=w?>g~}PNXibJ4$Uu-YV2<&i1nnS zih@4IlwHZ6?dz-~3ep)_4=YuX4IO3E5jWn1@97*c*7{o4UMv!7cp$Z9uN%kF?`MI^aP5b*=(8S5+@T+Hu=Ii^ zoybIUIuUF?F1O5InI&C}F4z*$}RI2y;YWdd8^D^8*^2s+k|9=Rzh4+bIc6 zTr3a}C@p1_`pRa2`kl0iqT2d*n>Y?JKrTTtkn`}=TJ1gUaXyqQG8foYWwsqofieQ@ zEgO|X9178z*_!h=i!aM&P+szQ%PK~h;j9<9x(nq1385;eiQYnr${OQF#B#S^yi~@d z4mf_>AlCR`s{4wvxkU=_>qdxz4tZab8f+y$V+1ZM5^8w-q5$nz2#HAoPTnCt=4YB0 z7b;8n>fS@IMg-W&{MK5t?XP8rWxFCR6;#Xg>F2$_O7f8{%69=%8eI7ChQ@K+^0dhV zbh)+rY>vhMePHM#XEoA#h~xS*jnWwh9s7LJBzLW^0-4qX3B*yol(S8nQh^s{g2A>5 z`)(+cDUQmwu9mCJ`wOG*br7eAAusWAO_bg@Fk6>eH0M%;c3)G=?IaHhY5da&sH#M} ze5xlg$%pAKl6}P#y${-@jQ_Z7b7f>zM99%Q_o-sJEOpyW;$)#od`W}q%fg15K~_|# zzIeOs6deYKbE*%)MlSt@w_}u1gw$PK-|7tql6W+$Z2d)=d&F%qISf6?LYw={^Czl5 z*FGycnS0c?FZ(0hbE$u2ly5U^US{%owf!8oryZ62J{2jU-S>U^T^V6-?yxQ*OvTZn zCHpNSL(}_y(GzCZE#%e9zzurskS2yRZ`m_E!X&Td3JWZ{7;58^p#{QDf5Udl z%yGAax zu$otvIs0FeX9}gTI>FK?5Ha>8{GhsOFev*l7_*;Dp?FPoYn-`8NPyhL0xZPM;*Xi8 z+Y+1tTn!{|@)KUYy=-kl`D*3;)%_zISM>x-I*6%fjSy5%tpNH$@sX!rn4lXpV?2^e zpNy1e4@U1iqTFd1{>}jhFUX3c9q~9~l}w$p;ideD)xFVcjqRaxWd3WTYntj=^;zLb zcbQiNscuC0^SQ(bsZ5~(whoJYxnGuy!_o`C*xO8VPBC=78{24i?N%-RS=%}glv#j}@)ogd)3bTN^&4$- zK3`r-XE$E%q#1sOO`#;J71S?Xb6G*mlByr}JG5J8J;tqBo{__tNb`~B8BHYLPXl2{ zXuUYr4wqQ`pDNM)y(7>;)}l~ZDuN^B2gR2|AC|9bnA8&wCZPAtJ1x$(cWU-H2V9}!Ec8GjbqOAHN81Q;?yWo#Ojso_n)vN(EHl$3bY=*>gBUK zGc%54{p6#FWh1mJCa2kMYK{)ZnNN9SL2UmlvU*WS2RVcGCT5-6JCdk2cOB=fHG@jvg6NaT5$8yu>&-PYXFVee0$9Nv^=9 zlGDMBjv%6-M$HkYf$u{7_2qn0Ph&JDY?R106aK+v2w3kK5Y-Aq;yIIi=tdZs8tq2y zwnkM2^TC34no4n35dJE4E>m;GRnFJ7J0L+HfCbrLFg)d`(y8h+TMcbnLr5OBh9lP~j@aI=BJ zNarM&`c^#$mkFr#rVXn@u?$6rpx2h24Pf#GsjnTIgRvdB>g{&XKD^s15J^i~X7N|@ zI{d5Z@jXV=1FB0f=`#b8Z@?ML#RW3AQ$@a)A6ThteNh`c`eN!>! zOj{)e;)+hT=%p%`exHj0Hn%{#%>nl}zYhrxR z&5l?uq(6N4F?_egSiKTv^8`&X$?84=AGq#`J91y5K||A+IRrxNngmX`KU= zSS1l$ILg{6iZ($#>{7;D6N)u*UR?L3bV>sny@eVCK69>4efTa>3zch2AdsCK+PuM8 zB{VoNX1O}v289$`T$lKRo;aZluru4NgP>H0oS|H5VST1?G z1$g)XSRcN8joWsFAH8qM;BQWg-hPGns}B<*>}ciCV#p?8GqASd`^S#}!N97nVhqt`|^N1E?#S79toQ7P;Q} z8U1iJiFN6Gi7jShK}e(c)u2IK@r936bWwJVuu|N}KrhQH>HVemB~=T@0$Se@*% zvI$x*rR;nn2ZROB;M_+yrh70yMK#MXVV#)IE-Li!ak4>nOGnDtI$)F53Ju4+;BK|u zWcZ+7g_Mh#*=4U8k{NN-W;tI4pN%T5(Fw9EK;CSPLl(u>Eq&!SIjxW`H!NIUO#M}C zLUQo1pMNl6T3fOkBCmVeYZz`&wgNOpCMfgzbLrV7%cme6BX%czy5C+L4?1dO3_lKP zzGf&~d2Kbv&x3u=HrLwAOiVo5ujKST&39B}^Re+*ZxeAHBC)B@6ERPz*E#teYFe5c z{tOv@Ct+(jj1uqJw#nOAyq;aD{e3-$>=}>DC>ezvT}LYvEiFW(k(c7(ie}P=8BmT) zq{M>iXEQDr>{e%+5i%DF-CtK6BBV2pu4QFL4c(A|MbRE?r;RVGUDNzW|B#TkVH*o& zR{b(*m22Sn5$ni!c^*=Ub9?4*goKFm4rMc}!b<)?gZ-x9cfj1P6MzWzy!1kx_=OUo zLN6S-Z>63#(8$M*HQzK34F~7NZQ^LyVFYEeE~HW=mCxK6jcDohe3%Jm;EMoVmx^j3 zs$F^kLquF;ontld<*UW5O z6)O239Z>*NY2~n9)@<#MZ_wP&Cw{~EMpH@JpXg0TD{(c8qPg-PR|DYu?I)sPRJt9_ zF)Uv!6I9S~qjUqZsKu9z+2q-5N4ms-)X49eG0fYVFs&eFV+s#GUH+G=9_(sfSSe@8 zkAgA=XPv4ny$#n#_IP@@gZH5BAu-t5dwl=?&D10>m!{%7F51ouAoZ;M(a#3(p%dVO z-x90*i>z2HdQ>ZQ%^^dbxD8nIlsVWhXU48r7q$2@BI}LJ!9O}+^^*XXZO@_BV@&_c z{%pu+A&dxfPa<^an-XNXEQ%G3q$$?<3M!vmR)CrXQ3(Y@98$&=x}D}`jei~7*BrTn zs@!Y9@$#BfDKj3L9Hz9u7BU^K;Nj4g_r&^-TAGx90ZY`nJPx;*r8cK*KwcS(r&4U+ zKw{8SIlTBTZPKd_z@lLOhJ%M=IH?5y20R?l$FOhl5J! zCTCMe*>cE^|imqa} zWJX#o7*g+XCV(e5mmELt-f|E{Lv&=u4m{C{-hWf_zogKfdk(;rZe@ zAGz%9sE0^f>VwaZ9}vYxW$Bu&Z@O)dI^xmMe7CopUjeG)uj?1mJnVGoyT-mgiH1b+ zOrwF5DF6~k;TJ|@sLPC)8hRwVz;Y5zZ)#hJqY=8bnfa7#>lt*EF7MME5TXP~7x zfOk5@9wcRa$T+QBS#BKqJxc%cJGtEOht!UJoE5NTEG#T%7n=nG{rz)0i--%LO_Q7_brkih{z%W@B+a*yx@BpVR`KAz&&LV0j8{|`Tw-qlMSfwgq{Kb}_-r&y36{2d)| zS@e&M`4<;6%E-y3rl!8WRgjk-UEgQ|cT#Jdoh2kDCWb~p80LHX=1pTqN5>(TR>FMcbCzEC$rKJb6H=CNBgozj!klCiKQD2ad)RhSCJTQ=l z>0NQg3ZA1p_CHdUVg!r!Cj#c86A}UfU?;r#`luOpW*mg8tE=iy%Uth4;>o-q`t>kk z!K2X5S0Bj%W#wj^>vnv6EO)7|ug~w`z+q@)bX>DFn2DsNr8QxA+WohmxqC&%0qKL> zrgTC7K{BPm%|-ZyV76X@79%DR#lYBSJjZkq?MkRq@tnwB8o~acWb-}RomF=;jRCLh zyzqDm#mZ&&4`n{}yzq*9OWZKy9>@YV7GH*c9ckxRy68p9PW*l!Ztxg*ciy zX-WcaCr4`OXX##SGRe#Y!Op7IfCqI3Tk7*fxwXuP>hJ;PZp;N2>B?wsetpdwIr1T6 z?(=$-Fj=G4gcr}RP zq>KBJN8H~7%=-_I=vpcG9g2+9jf{tvS0MQQeLy`S`(TVrXWF)UCde3*s&f4-CP(LT zs&q;^G^7`7ka0QTV=v)yK~4^ACkIe=lwM*x?))z+*8#G_{rq9LwIgs5WTDuI-jhhz zg(2GHh~o6-HXL~v!$=|ei_wK?%9hj>2etk$7zlZqd5+%Il-16K6Eq>Xj>T_7Pwu* zRZLlmhR0{0=JL`TN3+E~M|~j39he9p^KkQ(k2$cwaeWCVBQL+09fE-cjL9VC*Uf5 zxUV;x;x3Z1fTrf=icJ@T38Y(H&*{S3Zgysa6V~r>-za<6BH{B-n$q5*U{NV~x8a!|mwtxZuDf1N&T3s>9PdSIP*FUp`ThY2PGO?_3+D3NRP&${_=V!aOtwihOPJ+un~nqO|OPVk`i*F@lH~(e7Llr)G@4e6^w-|7p?l80$8A zmEp%SneR9F6%#Ug>8kFo>hqwVE#unK-0}r#ZSBFh_~cw}H{3U89efJ|!h~hYvqKKw zj5Vmjr`uKjp6c90{gkF+Al`64XDeOQy({ibq6CLX1M-(B0q-s3JU9obcps#W-y;gn z**kjXqINmnN;DKYPq_jyGBQ#efUc8oyi-$OWNub@KJX=MX|#LStkq<$WclUrxAx+f zhNKrhib>_p;(nfjTwztF)RqTuvg2=v$*wJQuGTb3-{wwEWq+MZg~!<^Kgi7;pg6ba zj>Vy;&b2Te#mMWM`mFMkjx`6uhwNj_eydBRKk#=jqmk7JrndBg?~G?i2GCEu@t^Gjov-+pTf{oV>x=CMzGp$km$Ef21N z7Y{R9hLZsW)D&PV$e3YI~QVO%=`7u`?{nhNTth>gKkKW+vI3m4NuztJhRhH>o? zt}|KOdTZ{5c{(kBk?}(!Y^O+eUSO;f&ujszMDORSUw7(q=0BV+fJ|bnp?R|M8Rc#xe5!!h>p60Gm`siu9bIW8$$>gjoi7(`&9TF5*3_qr<RmbE&EXTtJ$wNcEz0ynQ2*u}U5IAkAD=@w;vA;rn zaN2vVP_aURwZ$#IX6`h&o!m=+Z%PW6yDZ$#Vl=`IWCdQG?JxfL`LpS?{*>p?a6dEG0LcXo)KtGhw5dU6%2ifsA=RIwm;UedYI3>9-ZM{nLP+Au?T-K<(= zDWobBeP~vHPHs9?InRh7|0v{OX0VmU@yk7)l~eNl4BTHae5QKdf01W>bsS{-BD5yKe5u4N_@H)eCvvGJJMy1nuADTThMY9 zNr+|FKzLhcK{ex0Y$BY?XSD)vyEQhS*NGS%4aBLp_#&LGOSo;A^I-mixNu`?jt)+@ zraKZ|Fnw3Bl;hY8?IrG4G~E(?uVpN8FmBHLu-F(0zGUdfm8gg!Y05?s$7GVecRPMc zBO)tQtrJVm2@_acKDRK2-R^>}bxatlF_`eG*K(LXR7^R9wkspPV(Lu zG7oma%6!t*zOxM<8Bz{IW4T1X#0=;ZsrsPz3=~G0#Wi`%4_nWf;=XO-+nZEFQ{9u5 zeRH8K>t){8JX)lE`yzqSwDv&Htq~vB4MOzngW|WKuQ{En<0FP1h<@ca;*lEQt~FMa zzREb|>!as>(?RQ^6+|dZWM_K%!^i8LcIKZBVBtTiHf7tT8?zH_>l$DEWS7119sd#E zv6$X{+Zqvc%aYIKL#@k;rKM``Tz+iQ1uEwGwbxsntdSyXdh;%ZlW=n*Ut{MM$8@A_ zZ}kJ-<-F3=%7&V}ECD%^UTDtum2trA-w+mLp*Oc`x4w#8%5abmHT~43^LQ6Z5du$K z7?E-5Y5rPhIg8OdWsSlH#z zX>}E(b~;FXP`e>%tyDk~!y}LpLM~z3vFYznWkED$Dvgsa{w(4K5wL>cx~*UMnh*cVuG;LDWh&QaGMP177(Dw4S}8kQuoKgJuRG&7!&&281~yh+6X z7G95PP(m*|BOqu|(qUvCl<`z%0ub*?Tu zH0|YX^4S{wWFc!8iiWgpLWw1><&7Ce@r;T)yA=bR96lbQ!alg#Ssq&sp3vA5=BO28 zXOsigIm&G38uCT{Y&RS&Qw36JIkyF)-J~GW(|9?okrlI!frZ$Zl$pFE(c0Xc_QgS( zhF8?M!&wK%w&SujD>U~PYe6_>X6BUodNuX8(qZo%OykUqjfeWEL+L2S+Y?d;!ZL~F zbpd^UT7o{7RFCFcuFbYLOK;ltgXK24uErxYwel9~1}r=*3>n3P$m5L<^1J6?kVP-w zUJIbnynB=8J|`#*sg&Xmi5@6I=_Wu8iB6LWnU?Y#(#sz~K`8Haljlo>10CXL$YFl` zuU~^->7AI`uCm%i!&Pys9E{iJbJZ|$A?kB4>4lKa^Q-BMEw#2Dl5FwN=ds&o{Z>q`DzA6NB+S@#%)9u zMxQt@JzdRk-|M{3xWt&rZrUbh6Rya51tzB3dtapp3_+hKDu!L%KtQVykgk)Xl1Wz| z9Ok1jEr|}kftOFUk-xwR#J6T+5=0aXKoy>N$-mN!IO;>0JTX0cd-c4GBgTuLSG7Xm&6xF93#Q_Y`xTw%`gsfwJZUAiN>B?B#AzGjUo zmbkES{e-yRpD4I2_jskQot#paZJU>t8BvOj99~^h7y(&Ed);R`SD!|dI%ZS@_YOKn zwJjS&+sa+@hU+=G*~e<1(nzjln952j3s-zO<^;Dm=fi8l9%#^rEPxEgVKXuelGlw? zb=p;angzwk9x_!nZ*}H4Z=!9Gahz^EIYJ=YJ2*kLJ{xh(lu}W!dR`$r@;CE=#^VWM ztD+bG8){Odcu%p404TPjB7!w@nnS@YhwqpZogbqJ+Vb(XvAzU_hT2Wf+isGcBpQci z5TwH{J(Y4%NHte>gvIz^@#dDbN8P981@dYPnjKzlw8F=x9i(Hc9XmPYMVC`edzyzv zBV^!?{B6n;Ms_A(WN8GGVA02fUYC3-fj+$yYtXr?<=&~0+9hSa_l=bt)TZm;Ztz+#s?KyNt9Ji&7DuA*VX5U9 zx3O3{N7$#deAXMVYt%O9#$~}(-*x~uL2aY&6L_^oN^lgm4c{KDcH|Qymf6RddqL1K z9rl@2r)90V2;RATRdb50Ad#mKMzotqliT;G>{BOpT@Iv6fg^tT{go-Jmft}DBXYJ- zlcVCN$xCq79IhAkBwf)wFK}9t&q<;Xu2Jzka90#Ov%0V?78F2rzN@`i zaUSLpHp)Ue8>_blqwc;emg^FN1AJB%C&N>8;rjZ)qD$kKwmVZ6s|s&EU4A)Ri>xuW zTI!Us7vNgDB*I+QnzfZ*2M#(0!=aapQc`y3Nhj&wzia&Z{{C%wHM61%A~&e3&U##0 zd+IMD(fRzPlel6pSQ&4P5O+QU7k2O-1G*87P*F^6MwHpDkqSu;Ypx#t0D_=YYEOAo z-r2}Iv&&T}y*Wu^TSAW{-J};E;Vw*1;$R+R?}JAao7M`}_Ip@mwbm&&Lg5PKnmD0a za@!sH)t_4-X>e_IhQq&Z4n%WE**^`br$WNmnF{1fl-$Vn<=7^Mg}FC*wei?d7ruG> zR%_|U7j$+{p}#llVc4NMems#yfRvQk%An?-?K8`i zZFQZ=9L=+j&`f=|)jadxRB;uu(;4!uk5|>Xzkx~`K^|d?7l&Wi3Js1B)v5Q6@!Ejz zn3zP~%H8gTCf7~-m#YrU(A*&DxJB>QCF`APE!XsJs<&Cp2fsF6?&(}|H*wId zDEp<``L=Wi+UVux{?C;(-OjNN>BLDS?!6~~1M`U3UaX5Kp_ZnsmbX*nh*6DN_iwM6 zEN}iqxK{kLQ4s}A5a~VCp`YU(7W?xWm?SiyK=v?RLfCr%wE%iHBxW0oCNtftr&KjzvG z(w@x`%FT6`PC?{kyO<;LKpG~J)ouc00s@w6hodnZNPAx|l z;}KuUis0vmSU7QJMkUFt4+-Y7v=9+9rxq&6{`gP}fN4v5>}0?gJ|@gynRMFwL=F$} zx$17CzC|*7nGR3X=j>fm@65@YB+lBWgmpI6YCPe-CU3O?PnV^$S1fW$=n;CldND`5wHRG}E%$TXYgS8IF2ufvWg|#pBP2g@@WR-tDCS_I7;T=Pid79O# zEr5g#GHtxp`ZPmR_w&qp>Sc1uhHf^x%jqw^PxtO*LnZzm{R7?YvI4DsoF4mlg3d-qC7q zD2XJUC#eEYOEN7*qF?29siKFtAf)hwG_}ANYD`_7)j$V0z=qGBb>w(1s-?g^ZWz<*Kd#PWaYgCwvipSoq21*)y91ZZBG9I_wfwP*cLb!QP3o zfwh#`cZmx)U)%Cw^dYRCo_ueTO5@tTZkuHP#-4QpIz`I$it{6C%bwHe^vS7v*Ygk+ z7*C*-~tg%a>JB z%8j0|TM5#hnH!c@-!7v2^cOaOdtMo4l?i9iVbsFS}#S3NFX%o&tN;x+ITl*f7tmGURp54Q`QfJ{o4bW`T14iHa0aB9?Ikb$}Ghd=7$sD z6dOlL6Aoqdv^X|8!h1w^J;;&GnHIniVy+)zf>SOajugd~({l^tjepV+&Ei&#jhpP z2ii#G2e3<3Jd6&RVDKw=SrXRx``F)5|7I88sZRSM`^${xjSd-^E>M|naGa&JZGR{gup>#bsd&46}@ui*isUN1eYa*GBfVakSC6O*7MYx$vlG98I{GlP zA^N+GQQu_~zK_t)DgpoUyNQS39yY>Hi<&nt52nO z3o^^DjDPg`!;fY61zo}a>_hq2tux`dJbF&vy%oamf%9B{x|#(Lb0~)bc5DS07?@Xd z(k4@tua-o69i;?fan^}&Ss<32h%n1oS##!Zb(|1zf$n$j1NN;|9Vj<`hErIqbYrI- z$HZX$=tKU;NV4Dvt@Q4-93ryo#cB_{VEASZaBQFLcMyJ5QBfh;E*WS<2|M*R8q7cd zA_Ks47q=c|6O00Y?i=fLw-_FFzaIL>EY9KKVKD9(M;_SA0^AqC1jN)+ck;2bk(#PhU#%0T69&@-COK z*rQSO$N<2rl05+GE6c|c>K$I?VU zW?OiHW~dFhI*-EgSB`#@IO~-Mxmes;x=FA9Ash+y-{6FQE;GgbE^)s0lHqTV#J@k| z3KUG}r4Pz`PlsL#1kAwG7u^pk`d<^h8;Xj$5!)gXeQEz+uJs>rooiI${ z{~96kE}o{?ll%XQr{TSer+JDJ`0sf?4wh1U#|Ls@9sj*il8sOR0i5}@oZP|Stz=8WWXU?8n)%S-=cconW`y!4ps74q(#j#S&|8 zZ6%_k%g>3^tGiqCM$i*_F%Xj(8PvlW#jmE8^xQifjQt$y+f|E9Z%BBwSoRY<`fm%X zcPzr+2DxOHdG%2ca%ss&7Nk_hSg$;cM8w!&vpIrZkRW`=23f-3BYiE$`u%uR58BB_ zf`0~S2Z+Ua+YeH$v2Fi=z`-QmJ2CfX)Eo4$Sd zzDXuA5Bbsj?$AGCu`f@ynH;J0w6pjShsl%=kltKU^ZT}&-r+Fj)I<$~M{V_>)pL^V z9WI%j@RE>a8jka6>fIj7hCnWx4ISszi!{}dyY9p(`7i)`jLv)v@w>lxB0&P(kqxJAy77v-PBYmR-vt#j@)FKS6}a+GS%Qy)2*DEhwwml`NBRUG3aeKj(D0 zU|zDb1di6LVdl*{d6&!ts%GR$n^8dB&mPcv2ci5`KjMA5E?d``*p^&fl+%}8fBWsh zW%*sB*8^RY`woSbTT=Az zFdTnK0XP-Q!os4cOZs{P`>EgEshH9ZvD9L*WLKy%WM>&{|cv)?Cig$s{PxV1D zH?o19L#3#QCvq-Ng3gI6wcv@9?go40pI z%s-jWz1pHOLejtmw3~V7iSXb@3!4RcMwI5S#kii$L#eo)FE0~hRAjmpOq@n5KZpCx zZL8qGsolr-1dsQD+kQ(ka6*0l{CV$aP=bVutHu@F{C5bfAwLn3UMo8Oj2FV~1uSm4 zX^V$8zd}p|oRCZxmdXq-j4J0XxXGdt5fPO9Q$p}tHbrk9+*>a%vdG*ji>b&p9L$gZ z4|i`B7S|H>Zw7)TKyV07NN{)8UGs%bjheIeD^JxP%c&>WLYy z{bqt&^%N##FcNp7T2x93>A@$P*7rt-{V`E?Ul2VG?tJZl_DD6n4e(;JUr%(gyfAFX zyK)JFbd{3{@|}zImq{wvg0i!Fj18z5V#tIsia=-iADIOI(Z+CqgGUr#JAu&69FAvJ z)SIaCA8bQqIZ=x_7=ThBaoEdP#GR=!$4Fo?utQ@O5g|X>8U|&@32XBp_bWfFtND`f z0nUvcR>VEa9^_M3(RCO)3V~w0z?NIBk%Kkkmke+HNx!rlebaqa%5gSCbO>-Q+8 zWq8LM$bEAG7%$3^r7hfd|7VF;lGAIYXqLq0$g*>upU}mdCyljespHB#L95KqRh#^M z6}e~Y0rQD3U{DTOmHBWF3^W@61AUI4U7znqmFhKpzc~%AJ5&);6bZHbWBzCvFe%K1 z^U81IYAJMmo>RxjcGk36FfqSp>i%US?dY(qU~{_#>g{zKNRn-9(V4|^R-8nYcw^L8 zr3m)R6UW2`&*`GPFh2O!uxZn9V7cbFg*RF*vZf&HNY{90T8iu(_0Ob#3*Sa`hfo?B z$h(FqtAsg}${R?|?H6z%yj*x@Az}t~L&6qGigb&qUX*Kmj(gYzmLxY$oFTsQv!ukF zo`6Z8!TLHL^`oh&5h#|_bj}mfO#ta*D5KE4ecACyTNX-Du);e^HXWsN<1q{GYcZzJ zNF%Hi=SW7WTcpf9Yq>`ISx*P5u)R^Pw#IweStX^c@d0a_ehK-aEhip4^Q9r_^V-W@ zt~zunpu)9)mIfLx%n&@h!e?**vvA?JoqBWD&{Rb#mv0T&bahnOL3hE;raHmbEQ9E zeqU^E=(TjL;b@lR92rA$Vq#d`vM=##spxVyewBk(=`%oO(vEC$P{X76lw5$nhn3an zfvrQ2tpw=n(WS*SMJgXrJW7msUa74fyeoaw?st4zr{p`g+#mV50$u0-c%2(4xLH4D z-hP&18r^aqXM5Apx7=t%EQnY4esX!DR&nZk5XQ63I7ezE9Nc{B0MC=n%<}RP6YIm~ zlNV0T&O)0UkN2miF@)OIIn}6*j^1E$XczKA@Are zCqHpIj&GD=YGl?MyuVmE`)v=FPA2{u9r5~W3)1}yd#zZ{WbkqP2xav5|eczj?iFx%oGsP{esRv}zRSUXw+pRt1)vL1A~Z8GD|NVG=4)LE`jiekl>Y|J=? z9dr4^ZF{bT=lWDutgH)PJt3XH75R`^+ndi%#xJ+##Y?O^=Z?o9FP+myMg zO;^UtW9d;htnbw5o%K!p@$;ewbJJ}0`*C0Z4qU5SK@u(56x_EOCLvfvwe^B~sb4>g z#CF7K03(JdXhPo>(9~wgRKq|J`DmTm>9PrlAuZxeU$bG4#7x4T8L zXVwiJcK_|35hXDU=Wa6d32u92;O=v~Vy_q7Q-R1xtl8fRf)iy=-}~K@k+;<0_N)8F z-dzp7ipV3=pFQFJ@nSnnpH%z%+U@Tf7D&gKsb-5QLlw8qYjW^<-m9x$D7AwBL%g5+u3>{YV(#*`m6B( zQl!F@U%y|Eb}j``@sbIsF);(`Gghdlwqr{`9V()!)+Bv>7gTC*0xjZ1q8oOr z^S`<+w5HlPl51N7|X~@8FvoX_M6>U(Jl}NfJnwiI?Vwt{tatO|nx~e60HZ*^kYY?6HP}xsImr zQ4Q7xVmrZzbK52B6{)UCXGtF2c}5UooYmM4dOgGfm1RnSeouL)Ddkhbqvy>A-Ci#l z@?aG~Pi$ipnhs;p3o^3B0zdj)5>bDKsfC>KMl`UmgfE$ok_jfk6ZMWQ979O5C z;{bI#@m+!JkG-3TS`BnZORJ|P{%bF7!8T9}x@r zSj6MwvA9}54Zd=1Nm1gej zk=(;(lA`-tRI`fB!jCc-uMf=tF$Q8?rV0Xy*H8N=gSW0Mxw#_xBW`L-Kmn^p`jk8x&`9{ zjpej!ZL^*ELY7T2xd#iGAxaqFU(d7Jc zqm%i)ND5)D*);4MA%;xVt}%PZpkw{4PLII~4@KUO%oi@F@s7DK*+9sJgX zGb;uR+4d>mV5LoebJKNJP+Jk6?ELPX%zG!&cVFsLr-hsBhox2eVQEQ??$Yj%_fDLf z+bgYdXf2Ru5Y*~W**knS{W(Q`lL z?nzyT3CuRU{B$0fB)jEXuH;=3)Cc8|26qE(dlr89zZG2~ zI2g%%E9~5Sy;H>N`1AU3X6vcer#}mE^Yd_(#wVKM0*1Zq7B+oO5?ZmQik&eH0<2rf zVIxH)Le1;8f;pNTXBWLwkuHjU_`|tT6!CP*kqa^XtacMcJp43GG?nO z;r&Ww{Fv|6lxH%ka*?INK4e@x)8TrFpwY$JGHr`jx{pueLf zFKeNJ_AUyPE9aCW6IAzBWA523q(3MeI zGN6|Oa$nhCd;2-l?A3vefAV3j;gp{3AiESL=AN$i0Mq00{viMexe8lOVv^8zY&bVb zGr34Sp`p-8k>NJHC2_R0ls@^;HwJ9$Yy>B@ofUFX#V-Q(0 zEb?r3$WAmd^DAV%<(Gw3I&nOu{mFZ|^i%eU=B6tX1M#{z>g+Vy@$E6;q?AQzm!>DO z(s{h!UJmrT%T@p;1*6kye!i>3_tTyr zMav_jq-cPD~wuTCIgBDb01po+)%mInc=BCwgD==TD}852Y#>~xCr`f9rA--%+8dd7to zNtC_di?-xDKHvecB}0GQkJWQdG6KNMNp0dG-TncJtr2X$m{hnQ}XS_m$no*$zHaBs<>A#-`#mmQile74Buw4*cQHgj_JbzYsRCQwnPvx{Af zx9A|F{ywRctM*_cr?;lE=oJ@c70fP{%G<#-YZ7qf>X27;qnhmE4={PO+y>ac68;`1 zuS8re21h&{8=YSm=$M8I*x9K`Q&!s={7BK5CF{&mTW+vDpQxSeWq1D4l~bJ_lndzu zB|Q6?9F~Q60A2I2KGCFBw;g8=enBB%jVbphswujG(AvSXYy&FYpRdqsX}#eQzPxd+ zFI!GaO5Q**{>5#4c*}uA#pz^ecWAD)$;j6Aq8mjAbBK}ToBs{D+mgE2-on+aUm6@! zRj_Q<-N+4Wtx*jKUIOR^TGE+}^}+r%+hw4i_XXTaY-(Ru0T_H%8JaFVIGy(0;x_-e)_Y%tPR#;dy?(5sVh>_Q->Ust_ z^8lBy#N@#$S*86vFsEzLs*uzM zExV^#25og+j6q9pM+W=(-oCFqLk@KP6#rblnb2}{>O2{H*OxEA)I27D?!mgANw&|+ z#YArYHbbR}>&Ry_VU=p>QS6b8sw#PsLhG~tbR2Tsn;whI)f>k3vP|6OHjIm7f6m)Z z>|1hPpXP4Ax2_47jstFYZKXQ3!yuQf(6CZOD?(y&$b7baoUC9%O#P)3L%W*AndBL? z$q!%xJ5^o9)ivJzx_H(H=dLN%j>E@mQ#4*I_ht{YGau4a$7_z<_xg+DiJEeHe^@Pu zORxC5;s${?vyKAvOqkUcD(H{`j5ro~I^`GfID-5I0-iK*svS1gf2@ScG%rJa*X?dF z)XRJboH+(j)nfu@t9mGJ)>eCcTuB5MsrSB@UYlZj-Kq2EOES(y$V>MYJqck)+Gu8< zpjYE6u;#BlY5=ErQD5p#DVJ+90AupH5Xv_l$PH0D^*`#ci4+fCy-P*iC9twmQ&VO? z*bLZaJ}}?fmcm!JBaHg2S0j_+@dV_wb@$YiU@YwX`1mN=<4w&}tn2(1wS{d96rHoxjf^AOJp#BU0Dbcs+7P#D?zh6+eIz;~A?!)$$)#IiDP!ekFIxX@cI?z#H##Rc*LTfUa_=}?Fh9rl?VZ9UoFYVq z$#$P_AtuYE=s;AV<%Aw5IdFFfysNS(pjN1)$ZBAxO#{F*KUSv(EG)z*emF1@)x$(t z5l!tOAASC-GuLq37TkdjC`RTd>A%JFCi@*y>-0?$bkyRi!+EPptC-WT75H=H!xC`7 zQ}^r24j5aR+urf#SoTa#Oirruw_h)wzu-~$6jzYC?a{@fOq@PVqj>OkfhtCbApd9T z?r9h|ObcN%;w}v%hW2OM(jco&tfHc8^YUgos$6}~{J?wo(V;y-oIk5|g#TTfIBd1% z(+%X+W2LBJ;kU|z<2kp8i~(m##Wr;Uf~4;ok&4pytnXz$PBD>f9tAOZ;Sv*Dn|UkX z8v2RpNbGcQCkpdDHA^>^CxGq5q-%CGA&z^scH^O)lEMh!z)lKgdjCc{9&rTb5|JU( zHnk07ChlTE+cp`bsFV0yV}SU+9Spf7_r+qQor#-b>J*$RDqQ;xA3&dRp8~0N<0&1_ zQ_Rkn0h;cVs?Gu`(OrSO$;^jpwMYk#Csj@UZtpFJpSSPRLPW#xhO-X+K?8YdzBOCV zs^xL3X2eZKg`R09uD#R{KXJ;FjL@mL3zj!)XCNY5a}Z9&y;kF(MM~?^tV}a`2AN^I zC`m{lsUg$;%t>bO5p6tuVCO#R`x5a-!D=HU{FjH)FYx_pk%iV(Y!m@e7u5`3r5C13 zQcLmM>j%@OBVr_H3I;>RsmUoZ_xs?Cxc`_9Dy1dz2>Lcy62=l}QR%kBGJ&>h_DiV6 zOXGtl-*sc8LAp_42D*nc4Q|xzDrKOSG+P>&O1%tr9kt$W_{?fRqR7t{QlZMMAqM4_%{JYNAym^_w4oPn)s?`H_d~sRqv-9 z=%3fc)soGXAH>*@5D4*?`{JcSWGH+&?V_ue>@P@{!cql2f7ETfIX|d5E^Dc*sloc> zrhbw9NIpQHy+I?2(W&0Kzn`$ad^hj*rhETQ^>{?;euL@ziF49xJ`hI3#vL)el!})& z@dq@pwyxodGL*-C3x6G{>nf7lg_=$&3IQ7%o7LlJ<@p&cJ3BTkoLD@<#`s85Y@j}p zpr98d4a=540*9wLhdrv27MNL?ckYsb6(8n)fzpxqj~j0UF#;t9Nb#a(*2Eh z>sYJDoR%>U>J2@^*rIAW&Tt5RnK-R|R@k`SDE1U&T6EAuJldFj#;H*ZqDhIHvnkaU8Wj#h{?3mVzpdSZgD#uA3HY@bTa4)Xp7i({cO>nzlC{XOwD^z_8P; zajuQEx7p?Gm`@5{IFEsMWy;9UAOKrDJ zRp$&$1x^pl)#5Ms6JXSC1JwM2a*YL;yrGk~81zGFx;4Q9(#4Sz>pfH;+*F+6-cu4` zrq+AwXK&=kCnlP>rZshPBaz}|iGzbTaU1y%NZ=lXjL5tgs(y!!^@w8!cK`t)(fsH1D2lk`jMkg8Nb{8Qk1Kjh?983B9-T-uh-JQV+x}cR#qx zX~Fvt%|_UzM?KHE*&MaP`{aFd!?6H?-(rI0bOx=^4iMxztrtdYSKo1c*eCy9n9%EI z@UsJ`z{ybyRgp4~hDXhb;7?fF0)AsrNtQv|`PVpdTX$|T3FN!A3#D*@K%<*oRMO_) zsKkQXdhdZf#Au3t9x#^$*&D#BmBoAOI9=uZY0|v-?zDfzkO%DIbW_oWgjGPuWj|%6 z=dZZ8s(V=I^Rr7cIZXMWRY{?@|2%jK87W!B(se@f_L~Wn->v%mnz<_a@#K!x8*9`R zA)U0o>pA~^|Id6lEt&W4I@_(WyCI0Y^&%L{TRu^)DXHUES>ukNj8blusy?fCyn?XyW17nj zKdEpAwEh!AI;s-wPdS=6qVjlS5|#}v%QYFTn_ihtn~dI}MN2+LNLUhB^to&YRgrgq zs&Lr0r|&*tl1BeD5i#;xV!pj7Dl1vckh4-~R`^2XqCtF;OMFL#qugrb4X>03 zd=&_-XDsEQ2LPSM8SK6qUm64&8})!TFF&3|w55lpXwMA+yV|Do>@KN}euHAk_Ile_ z!d{pxv@>9mVFv=;4yC}P7+L1BAi%~?0gMinI_7Q;aslPz|AirgeR42GNEhPt1n#5C zxCQP~UV!`!TuVn!;-5n*SrH4h4EJU#9yE-Ul??Tkv)zrhM>50XG&C}|`Q-la7XBg# zd*;&j`QwMK-%=g#q>X_-?fxE~`d^OLvk3Z;hS%YgTUhNOUu8)72hnQx`-j?bAx?Ea zq7D3icUD^~REtNrD@x6I7xZ!liQjzUvnHzM^Bfu*l_6ewnoKxFB2YpkJ+|>dBV1rH zzD?rnWdz=dIIHo5t}`Qu+teu3V>XfcoD?ikKl}~vQg&c1soXFvIpu3w1PRL`C#pJS z=JII+cv2!0=wZ>h06JxR(PgU#fWD>T7bXIo|MFj8`#6Z#!Bdwe^V1;V4o`1!sIrJp zpiXZ?;m;dpMVyF6Gnm>GJHR%c3iCZzHXeX?)EKEa+*yrVNhEv?iLa9BNorf2QY3pz zyp^o(u)ySTQQ{!TWmBnzL|I&O%VmDlYdaY`%WpO{`~0+k@@~4HXbpG&dkjC$=rp(t z_1^#0@8RT*+GfS&4i{LrEO1^^2?E^B-L>l1Lsz%M;ws*699+Jv0=gq@cC|Knzv!+> z%)bdhSla|GOUewWB;AIN;W+`B30Twu0Q;#MAD0JhpHE=HUENU=DDEDI&SpuX{>aNS zIp3Q#jf9o1FuFWiHCyz8GicRN1D>w^!%S=ZiQ})H)4de&q4<)eCtzU4&?+znObz4O z{fG$#vk=n)fhOuD=`PvW4H_r46Uc7?Qr znG99pCGj5ko`}JU&`k|O2gk%>Mi&;2jtx<&qF;{|f`T+#%-DJ`CQ2J>;>BFt(GDhi zS~YCKC_UF1i+|msjx~DUOfnF)Am^^Juwa~bmi3F(*Ei&lfg#Uc+BNPjY#fguRj|Bk zj=MJfnI89zZxJ%xT~rPWj(~<$#@gR$o=YNqS(_k-JFqH#Cg6Uz^2mgaAWo16wBC1Y zH|Un1A38Y)&y(>gZPt$%7~XOeXltk&b^G~pvrK;3c)R9h(zB)IaZp#_a8XvtUvFv5 z5`B5+varZEw{eNoVWbW06GrH$QN;W0SMKp6(AjdKw?-Z>31>IF3r@4bi;X&NJ5MjN z=!Hx1yo+qNvwiVTjtkx273oMFjvhXf#4>GKP5K%|x$iu}_hJKf=dA2)az zY*DgY%6xYCK_V7-*w8dAYGp;w@3xnJm$)Uvw@dr^k>br)auYw?O{97Dd|y?Grl2bF0)R^y`#RD zW;NpLGDY_#MdoKG!u_HcThbd7t511dK1B1@BSn-;dgvtYgX0utBtDaNrYGVsFfx{0;$Zb_k2eCAMRcrPY`()G^aTMP zNk_n4SPb{zN&L12#07LT=i2JDS}*toULUa)dhh+Z4OY*kM;oz?{@Q#IMy$ppJHljH zICdJ&rgYdmk3YuQ0)@QQeKg|5VSu{bA3z;Orp6YPwa%I74g7I`fr!n(-xK1=BjL2w zUs&4CdyS|eI*as~icTk>u z(0zm6fxZ;zU{^S?^;#;NM;~oolYS>hgOt|I3z+->dMXhh3J%VEGO5{`+`H_wx^2#M zS|hl-=)6+VbYXZCsUewA{)Eq0uzE+bh`XwbcXn zXB~hw;sF(Hr=~c>o31pKjV2SCL+P2VY@dJ)o=Ag z-bIp$zBSeOmm*P!gm0krna(3Wm~RJn z7M9VP02rxLYizvfIe%#SZUtRyf9 z5f;Z~u<8B`qb{Q$Jdw>LLUyfWE!Yem2KC_yFWG%4d}&`uVrj2o-^Zw9h{%($ z!`eBG7#J9+q)l&UP5~opBqf7K?eehuni&DVYLZ+J1oz|P{PO1Na^#7;9 z&C;pf1P6a%UkZN&=GIGNPOFLD`ga~iMz6keT7p#$H^`Iz2|2d-mo0xj7SQm$=!1o^ z4~?(V{*ez{Ky{G%Kd!Vs@agi>V{f4W$J5hud!{1WG5K4gLFzzV+v%#>^Z<5?eD1^O z*A4f-ZvC)}TF{vY6X)Soo4O}0tTn}ChH+Y=o@TbfpqPKw^ zDcK%8#>|hl!yg`w+Tr%n@%C~pjuw{TRi0ke^e~~|Wkr{8O660y!y_Y~7spoBJ$z^- z10yFN*~mxJqgvvBTf!zHvRohFAtn}3k-)+CII-G8PHmlO!+89Tlz~_OBZcyK=f~?zG{bm&E+|E zKeuUb5)C>rhUf=3{P&{&?QT(1SoX~SuZjDY;U{nrlK&lF|LG(pEm%STJwxx>UyJeI zzJYb(N|5L$4AcLlDhN71=IU*n; zu4Y9s7p4Sl<Bv6p)xdK9PLD^)DW9{j;LE z3;!AoT~S|Z({fE1tdGd>0P71^(U&ux=+xQiLHa!ZQNMttHN0=X_N-TTjY@l57$2rC z9?qwWAOVk~3@jJx>C!Z|Y?-0xuT@d?N)(?E*3H#@-8PDOue1^Z_^)OYfR6u4&mh!3 zG4Db=zX2`%b+;%G*3q&6H|K=-PE((r8|TZSno@M$Q<5MGKI%rN7ZJaMYuh(fl#4xnHoHctB zmQ+S~5uh^s;?+th(@iWTsdv46P6CrubYbX>Jmti|ES zHR$zs9OnO@DMu@QaD>I5qM8d@niW%pJ7o^0>(sOlw#4Dw;g318Sk7SwzT}o?$*R^` zdGGscnivOFQss9~fN7_FKKkW(T9j?`#FmLJM?+pF>+x%}Z!x;}=>-cLeCXnC=^FQ^&YKdCCb)P|geyImLADc8^ z{7dRT{H{tA7BDCy2}v z8Bdn&uUL+2PGWm68AdZrv!83Im%9_!lF+Yix#EPAr-C=v=RrC3rbv^74i;z$Y^4{a$>E)`>E=W^+_F5o5 zNFGGmTb zZ1|+)3AqTA7JqMyA+j5)b4}D3x_e{gc)ca0`8vqK>6bwei(5{%US4jj?R}e0fROjO z;nneml)kU8@a8ZuPMRDrVXJlUS9}nb`-?D?Qy|t6USM!2A0nmmtqGqaPoaCyo#*F` zS{|Z$%V1}T!B$DjBWnQjZ`9jif<359up+0Gw`Krm1nZ_uRlkh@xP5bQ57?d8bU&9|_!OaZXy;4tQJX;d!tXky;i*k;;gLy_fWRv%zJ5 za8yL3GVy%>*vogl7mHE5y4SX%xmoZbH5^t{RwDWKSh(!?$z&osvhzQ+WMO_R6((ANM~Tl6Iro?%q`E-kyWoALJ1e?q5-1HWyCB<`OV-{?0D1|`-i*xcg+ ziLZ_|L1!gquKKa4UB$M*Vy-4qY+b*t`Qa2EjF6C!+z=tikia1Y56^UK%KTqbH1Rs% znj^2+1w$WrPwo57-cF94I#%wSsGPsqlyB424pBU6gxV9AOfJ^>N|R*ilG%*uYt@J` z>t4j?ZQKXabJoL83txC(DcHp9x5b;Yd%Oc##kW9(l7W^bY~W^J9{b6d2qZG|uMZz^*;HeBw^vYxn4bGhtySn%r-W#dx@eteM## z7GEN{yKSo}Y(+vgDyhtp;oAH#!|ty&Y*;Tm6mL%#wVP9tBWj4<8g%D~QXHOM=Pt$0 zU+coz6ZqXX^P!gcykUv6i52kk6X6d|gwdJinpdMD<<}=A+G(F<+a`()h2Re%>A( z8?-csC~7u=^*)yBM(N$0v6{Xq-Ajqgd}}9NH?@>*m3gfmy{UKDaR*p8?d-m^8}!yZ zonp7aTa1hu0Nvlp+?oxELs~tH`ft2H=pS64?ZQ%G3_O_BwY4MpoHth*w$e|uW0U_K z6nbzx<`S+h<$vJ&s!kN!{|(=xJizxj;r%!KsIx=2!4pfDhn34FQnh5oA7VkDs+ga~ zMQGf%(?G7jiIE*Hhi2(E-(LnLH4OoTZk)KqS|3S#gSER%0ISAeu*zV>8NVa=pi%;~ z_6jTf>qX4?&Ay%PPW?hn*;>al=aMJDKGrEvIh}PWWGC&O;8sL2A+PI~WA3<*IsCQW zxdECyaP`C2Io?_p z7c!7@RH@7TrnfXtQ+=om!OdGEd1*K8V;v>X_APL_os*^aJPYJbS`oZabFec2Dn&mu zYV=@|BaEAkJ7*wXVc-pf39RflpK{{Y#k8W@cG(U+uVs;%n+cI3W`@>TKTTzmb#@=0 zms_}*OydSTQ97=GE-*c2NH%k+BK$ORB#)6$BaxJ{e*dwJ2f zc7S$In%&GU%(ax9yNnO_;@k$iB;3lR!w10omnZ(qGl34Dx4)!Duczx_?mFEv50J!1 z=FE4yaPY`}awDs97}HFo(6vcS?`iw3hdlsC$h9||9s)bdODvIxUg!!#CbcMO8IhiW zzs%2QPJ6AJ)>l+iY|0Kayj|!n9ba_!J2DqEggsA>n^@&b>tW{7*Nf$smS~r2^lZa} zgIO0P5NP>!97YquDkkCYW?EkScaG^pJ_{2%9eT&D4lvQ4h8>TvBu+b!1~!Dxz$ZgW+)9ACa{!vAc&UyS)6qoCz&Z zie^35LM|0*t?xHjp+h6yW2D2(_c+(RvPNmLzYBys%&$9>a?GBTri6kLq3~5mRE3oK zQ;?S;Tb>JxMJ0G>Xxd- zXTtgYZb&=&Jz3#hZ{EcQjn5Y&g|N3fOljRBXY;FfLryuGH@9EQ52}$|2>A&Wmr|m0 zH~E5^n_Z}=6}@KBjt9waup0rKg!=>RULv~V6~8c6lb11m=B%o(;&``powRw*HGe!$ zxw1F8pjh6qb}2|o1};i-e(=x9R$*J_L$%#TjdFnEr3dNfcv`dWm?nNUK5hnmV$6;o z%BePFNr1Y-Zx(6!5KDY=P@}w`P}KL@F`A8!$+4o=P0UO>+1A^h`EZ_%i-_25vECp{ zMt^Dx1LvD6Y-ZV)p9{!tY;Bp`-(FpIlHV(3u4yJc26sdQ+6l^sy5OxCS1tCgJFQ|a zgoXE6Jp7EEl6@s=`ymjxX@^M zQog29WdkQQz2@(6YubGyqs~*VGApJmLv}@yetWMi=iCE6zjshtXUEJ7uYVMRSVr7S zJn@`6*Ut8`Dy$mOsz`GsR)#@P7yTBd}X2SAYM zlkQ08G}TowM5_y9*$x+POa-;|wd=s;iLAqNT3Lx_Y5ncypl`6~s~`jy z_0-RpKjCAX(}KI=z?DwT6)U#4CdXEBWvuG$k#s-O>VUY|HXp70(#p_GmHnMMi8Rab z#W+Wt$zN4IdHBK79$1J>w&zDZj%LCg)3xwOiQJk2i}(COqR+*k>0yJ}rgp@>wL0%p zYo}$=XgZwWsy?KegQ#Eb%$;310x@aC`orS-P&Nx&yowxS$UK&5kVB!;NDhy&#h$FD zjjn7H`7$|gfd1h3LL1=Jl3n7~hk*K9nDC{vq5OfO=P{3Ipo99A)V6>xdqPPX%9ae| zSDnb~%oH-J>h}U4z=C~LDCWZ#P&e2?&3Y8--#7~Hk>pCC33scie!QtuWf}(D(U^=+ zf50RTOuN5>rMUik3K?Q%#D1cF(FmQ*mB-hHWKMqc(qVJ1szO0Ws|&wWF|Juvd$iWp zR0=Z*bF>3=XZ-oxvhF*lW(4quFMg}8XrqHEI#;V3%b;QUfq%j`?XOmBr9KM{7bOdi zzyA?q(jBMNa!5uC@2Caa01%XQEn#V_vftShUJ5kZBYmG+)8NtHOj637ripbsl{|y( zT<`kB4+sSs1yciMZ8p^2)wDYKC#BW7gueE0r$i1zCC-R(D_wQ+*i9K>d+&W2T-c?H z+?1L}OT#gr!|uIoN(bOi?Q>tu+o8W)RyS9YKWM;z>gO5JDUDZN_L|?Qy`~*?my~eX z#~Bm7bZm&g1|XZxiDqkav!~`YpJ0+0l~+?|!tgb3pkD_l;@8SPc%=C^=4%z;@4KUk z+PJpGe0h6fvoROb#{J8lqt0$8S*c;@a(Da3Q2oS7@LO|+OpE1)rljsols9C8E)okN zl1nW^i`a2Lru4Jpdnz_RFWLVv!T&qFGEh?m++V;#Wn69r8KDd6mV~{ZemgxS0>9)~ zcU)4=E9NTfFWHV@+!C6cGM-FW24~t$?Nu}nt4B)n@g@=@trBFKOZs)y>I3t&&VS9= z;|fJNo0*7CD^y6e7WOPQin*XM;}Pn_48W(-W1d+;?SSL-(Jl0FSd~KVc!W2)^CIS_ z@(fJ1B?q%N%nY?XBq^YSKZZ}*)3#@#5&5eH6^+KHq%({*o=O06mF z+jc#lMV5uIYTAO=E7f)0 z#eDsUl9Apug{C6sWOQAwgNuq0){M*?@g^6|+a_v&@jmbUrsA5^wVKeNpqeTKwy0qb z#cCh-U)$X3y=>61*I-{4^Z}Z>$mi7;1*l-1kUl+vW?CA>UDVS0)TijkeE9oR7^5)g zyRRT}_TT-2Q@|7Su9{9$NXdx!%|@M6+OTTY84Tq%T@Wb6cD?*P@u{R8lMJud^JaO~oyWBV#4IlN-taxD(A~4O01yj#On)&cZCtW5(-f&xc>#}&Zeu~0_pBa%wh zk|Rv!FnYM|6%e~KRIop#t!=-PaX@dSqUy#Ei<1g-6EN!}L=Fwn1aUmlj=1@7aP|Rc zLS+xowD+_Uf~4v*EQ-$?lUT13m;H@O41Vf>r}EjcYmN8GbOmVPmP>AxNCQe=+lw)@ zptlGs7X}n7s=b^dTAX`IOrrQk^Z|`NALv`4dj3CXG@wvCBa3ms_3#Oh}QV~gt zPESI^zQLxKoyH@alX zrGSXv=_vgC+nAL_St@n)5rMCuLviZZgJr5)_-b5Hxs3Ar5;usg8Wy!kRRjOg1dq<{Y^C$EN`E!;YDkZ9b=%GGJh z7ZQAWocL2kJ^4J*0Nji=Gp8|L01NA*kqOp|FNQ})clCaL&ESHD`Zo}+#DlP7PH`|( zcc~>%z;L5Z1`1WIN!B+-y>wKh1<&iad;a>~L8`qM( z$1RBD%FmJ71F+#i*G1nKJA```z_+{~WuQ14GvI5zMX*-6tZnza`e3PG@fNX7tQ)Bn zk9c<$o+humI&;(NQt7~RN;)iD#JVgU*IDjY={!idhQVHO; z7%82f3?1(4)nR0uF$EDUJLN^cvl;9kC8)U$v###H7PkA|gJIngr)J}e6h|ewR{6BV zQUk)A#%gAUIQ{JY{@&hi!{f%H@|p%AQGlk45M9!ye-G3Uyi*6*7_9phYDHr@!8ahTyiilO@WNnfaF$T^hjwn~tQ!C;I?z+eZA^ILi9BgjCxXnK2j{&~B0 z>~^$CCuE$o&6)@DT)w|@p5Dt#wyRB5qeb&arKoG!L6eEi3Ngb!J%9mcZZYb#NTS$p z`?+;~4Fl_Aj&61tpxaApTzUU`G9_R~rPa3z`)#m6!1Gq~Lc}^x&-0H>mm^*+m~I5Z;pkWVF%kf zq+xst&JmnTD1#q@|MbWccp(W2-@y7Vu|9{?Z$G=Cg@u?}x_TS^*FDkV(u1W2r0n;H z-?p}MY5f}0=K(Vn-TEa0ngxA99nPEBEcGM4&f2b@eOsG)mNNCMBO3QdH_hWO-HJ4` zf6H!K+9uL*2 zN^H$|-I~aV5O>l-T6EfuK_cy?(`rY8tqbD8_qHejk#6&J`7$R0uKEq826>kEUdr$O zU+jHlSd?4Wu!SHU(k%i4(hQv=ZcHizXBX>#!ZlV`FkLM*j)_LSCU)J`$cKYJ`z&oXC~)u9Nr5~+ZbOz(eb?>}Euhq~c<( zjnR!dv-2_MwxvMgW~+uW4cYWjCOf`}J#A({zc{VbRo1a( zTRai^z@?Fk{@K$8}%kI;~(+lmCwHHOS4pC7FXFR z8)cHPLy|H5t`AFYygzOT;+^8GN@bt2nlPLUJ5d^RbGAEI@%^wdP~1G=2%{g_iFFr& zUbywEWxflox}D9FuM$9^V%RUtPp*l@4)00;Et)fbA7^cFkE0`v{O($u+NDvsitPH- zy&r?q85VHBlv5P} z@nfD;uT-tovH+b}&VE&!%^IBq8`nZ|bwJextHjH^W?xX9#(h%-?}Z0B9KCKy zxQ(wV_KOEFZZeewagU=I^ly6xZc7fGpR*O4oH04&J^Ep{(Boxd_Qq35%y0dW0Yk;H zIG%|s(1an;&0;D%>}1nB+GK8>*lU2$KtN65%(}kmV!zlsQ@)!$aSl(}52$cYt#dYx zO3DRx7(>AN^w~4ilSB74LUAHvh0g=9DPZ1db1ynY$%T%kV+c1qXSuYKr|5g<+~{|! zHj2VLA2@@}+<~`VDg^|PR352lAa)%7DErXAEg{JVuwC5c&1t5zYLz(Lm?t z{#;xup{xB5AKARB8&X+srVF%fQVJ|CQnPEc;u@?Jhb8c=wYR5lw^_H(oCq-6f}pkV53z?0P4yK_hB=CvAOPFLIUA zy^exc*Az%tjW{k?2anuNP%ub`pj)?=4nLEu36Fdtf$`w9=}Ric#c@9ukD|Ho8GUt% z=RJR+m;L3)n}!{rN5euvusa7h-^&*{{=w3G>NuB=?*l#@Teyvkd1MMflw$9nz z$=mWdtbd`HKRin?q9R%ZA3(V zsUaY?@s!mN$>H{0BF-Z5I}Uv}`WPdcTr43WuXV&yR`y|(7n&j$$Nhj;KMWBSUGDcf{W{_X&X7C?K!r1u(KuK7$0d*qQ4{*#!Kasm^ATmN zB+$PN{1Of~e2;L0ywXLzwCpRd&y_Z$$=y>#plAVlGuoXJ9VHzf*PP;?LVVVe`TXw3>blaqo%c|ba#J$?RbL|Z=-FUp=n^)i4Wm>$n{ErR2ncCUlV5p7{ z#Pa#xu+yEA55)^+8kAz)R>Kp`YNq;Ah_I^l)yx6m>-Uu3=nq;mGE9>C$!0fv$L~F) zbKT;32a)$n^GLoi=4vO9O@?*(YtaT&HX0WFe!RRl1ZWAbEYt`1m49Y#U%7BI@!o(a?ye`Dn)8pZVsrL?Ul{@-e_NR$B0q(M&G7ZsivvXMXGKd(OI2=D>{h>) zW9*=VNzO8p-6U><5kr00-xo&gAapp*?s&!VKhP356B_i(5SCH~BKUjd9aHI#nLaZi z*1pGf$FTO0QS?V<=_PI=H`n+-2-jP_fj;LgK8qX6+n+)IhRDp^>l8U3)EI4m)O%P% z6ONuZAY!L-+E41K-CYNDa4*DB>VZmMo@&U+jj8}D6F_*ZNqKF1tHm^%HgmV@c* z!Db+E&ZY>#%rVEteJmeau{v!_9(=`PE5mRq7xp$V`hiu^+~f^k?MdWpsyj+Y{7elf$1n}MQwda1%kUvH=KyL6Su zs@?I3dwu-8CWN&~Q~WLZiq>tjYu3Y7e@(^m7z62=6QhxOngJ97u04kta9C#qT)3B5 z>M@G5#!V+k9-k8@AK%2G#q2whwF&o`(YFrNKZVPH&K;C_kM6|pyjSe`3$j;qS_i(t zYPAf_5B&7&*Vpps*Nl4vH~ng69qITmuaJDbh0CwLw#=f~V;}`AfAPP)^4B!W%(w11 zG%h@MB)eMt-` zW$1tWakfHi$JX0}i0q1*{(LTKhx4Pxn+nl9+LlM!^UwACUU>?S@5qR%#)+w93R5W8 zHH-f3r=l+rQ+yVV`9sqF9!~Z3-3_t-VWh8cIJ_K_{p}eQ2--=-e+m2ts=Ik7 z3!5q^m0$6_BOQ6U*l^ZVoM@<&ZXdyXcr2gb}sRu?c+sV*A%d--@R9hav^He_lLDBv))Ke!Mf9g=#v7grK-b&W*L)wFcJO&?{>4c_@)=8~1S`@5 zKbFITwXgP!ZFXys^IOl9l7KsXQ4hUqa4)&$P6 z-VVgdLjE94-*A+@0V)>R;myRXav|qEaz3T?pD08S^EafP>TJx_cFMUDEqe+WvHe`y z@?g8t?Y-d{dho)G)9Tb%lWz<9d^q4OB{JK%WJcpJ=gMH~|s#e^wpBM044TFrdwCER_vsEECef&eJismEDGX+^4JQjDbOI6+AaV>3@&w+TP`C@uYiI1Z3sei_L5k{*e?lDg(MS+RrRh-MH3gf zmzEnC{adK3Z z4qA|8d9V_QwN%_br*!B<^ z^}%Q)S(j04CVoqyQb?Vop2rdoms4vHG{BcxU#QV0gs!S&o;WMmDQyT3Sf|u|sx=M2 zILj>8=%$jF=}9RS^2|flM%UiXSvv^m2Is#lk~u@#r=Rp$@pFR?PjUc_6jc`EabRYa z#?l|z(QFb$ZZHkA0^!We)-E?du3(;##!NL@SFgCk?+9nhee|!=l=%U)q%KDgVoTvu zOVIhTEq*^SrFnk2Wgt{DIHMe}6pV}i+~S)tuY6L4JgG9FxoalA<=rI1U-N>lrEioZb#OcSob~ML+xT5kO+qu=k+bJkZ?% z^S=5|eyme%soNMy+2$T_k`FV3FLUni_u8%vcWUzJ4;eP$?8_3Sk7}@1Uo@V!r2_be z5;8`_g5TKddAv0zyFN366nvW+Pd*?g*im6Le}CS<;gzWr#ciFSmo`1uv@kSFGCJ8Z z(h|M0XWAhZdAPl}oWwo*>AlNRsw-)y0`Zn+n5)GAFlLf-_~TYR4R%R@<%^Mcy7A;S zk-;x5)pr|rb>JOnTDzNyKT_&MI~HTxyZ6DmOPrh9F}qj7lm(kjyvB|wy0*Gc9@;e( zYR{bc<6oiAJJWAwtxSmzkL?A%^;iYbYUZDQPXI%*P;LV6A;MEh)kd%Y3S z3=Cfiei{}zSsvSwJ2X@G4u{_6<kIRF96@^U+G&mn-s?q9n3QBKo#v_F6A%&F-iHrc5LDK@s1$O50$Ti+pPEV z8ok;U3Y|i_#e{88W9mJ_AS3Qyrry`8*Tn5-@J(ZnACON?dCeUBN);kD%7a_UF#zQx zSGir+iXXtUI>|s%K?rl9bk7?n_|pN3-zu)?&s9Q>vOoLWlA4fUsvqkeoW{1hLmnLq z8qAg?vZE%?5No@;tYG!-lvOCmh$=t3V0e&GPHN8#91V~hPtu< zCfVsmj^n~bg!(PtD_r57kS%=|I!-U9U=4ptbC-U3HPlyz%~s`XscbSLufR^Q_~N)& zfs1OeCcvfThG|Ex2Ob>6K!anbj)Nj{ETBjSr$q&VPT z+UYXt&E4LD#cqNgv!>J)0mX~TeHw4YwbN=1r!o;Aup}j!ESq1=Vs%auy!;QdWdNf`Heh2`e6#>gcsw3MQ*StRHSQcdgM`p0~9J0NcERXXx ziY$cu9#uVDZAFJO7tkjASha^m#_^wRjxM)-e#Wfy_NTQZT6xP9JO2Iq3`7VmNk33_ zz%5Or1TViI$#rfw9(K~9lOJQ(EJDPdXiFW%8s~cTq)ovD0Q{vpS*GMxXz|VZoRn2{1o9RY+v8 z4C^h>+(2ak6J)V%T~|<__23shE1`H1VyU`G1M`3dp*-r;XKWSStSdDqL|D%b!_MvtVTWO{;(^j&TP*ShCUFi9@@ScJx08?IQz0U4>X0h|O zD)UT(z!ST&#)K2{MhD)SaII-Yu*wCmu|x*l)!nai zKnucttYy2GNDN8r2XeO6T)>x{PIgqb);7&B*A&Hpw8Rw)Jv-)h(f~Lc+~^O}JA>vH zvp&;6Bwb&pFn*F}H%O*pD;%9YNP84&YSp$Du=*K}@`Q`1awW<^L%QSKLLY3BKk#adZiVkt|D9l(dP2FMAv)QD%$zWhdXC37o?1gkK=?0`+~kL z3gvAd?B@9&U|pC5ZR#|sCg%~{N#oS0Gb)wQ2vwSG&^5u78`!3yTpd6L4hbwQe8hYK zRdX}|k7$fM9p%HHwg0BS6Fd@m)9jc$Hs(0GDNn^HJ9Rc52C#Gvx6H62anC;3m~ z5_$V>V`eHmya-X$0a!KFeB-1E<&5Wqp!0FQA~p2lsjfETP9bjB6E0EPwf@7gg)lcM z@Z0%jISt8Dh%3P^q3O$SoTB2&H?6Z9D^^qFaurhYB_?RKm2AT@wI!HPOIQ!glD4@= zCECER93mS*qe*}wt_9|VJRYt3_1;RH`EkIPyKsIT-;N^6zt>F(3X0ZoNf7tTh39$z%Iu@DiB zygR0)9_9bIUFWt)7HiF<>=O<>-xc z0Bxcc9)`Rmfj|Q1$+nyp`wx2_Y^~WSN}p;r>TM9N`_wr4jfTA)Zkv z7FaBz?j5~NT37xsH;+L`NH6%)msI1xM;fGIu2!M03M3n8d^G(T-*!xMs!{G_TQeDf zukWc4cN-BsZO=GnAxWmw@Z_Oz{{jKsTyd!+E@$&7`Lvj~n3S2+45<=9y!NQSEGQI| z2AAa&=$6gUrZ{3Vz14+p>(u}sR7jZ?K?REue0Y86-zXaTvaO_W+rghC*?(h4lnCKE zVq>$Gyz;1}(c2%5^EE2F%iF1^5BnZwRS^(CozT{eJmRk$d&0^xh9My|G6YD8G-MKO9`XKM*qio6Vy?M8aQB zTL3rxc>f*we+5EmKP1SR3d_p2#>3YG{zT_*WryefGdVdI6V;v|r+`SwKm1aENwlEH z2nX*(pz?3i@J|xZ#i9D2Mh+}-8VBnJ{PS3Bgm;+pU&k`SrFs8W+M`v)-wuf7gIoCu z>Ci|TDKC-B3rTgDoQ%v6qSJ)82*NnsQa3hcyGG!RTjhAmyNTuPr2-zmEr4l4UYFIF zS?@!=OGn`uM9;e1Zmy|rr;7<-*m8qVCzs(jE`8G;w1n2AIpz`3U-A7Ld|v0}_pEP7 zdF?YK!^sN8{O<;UJcUsa6|U%-^shIs{+F?P z%XGkm1#v~Y=}Mi#$HGa()oIEC)$}$vLjEmaM0M|Bw|9)LEE@hAwVZkj5f8mjp3ph$ zO%K;Gu7FGm^xu*Ci*m805pMJ-Oq0KM|Hr4Ahoaa^xDR{(Qv3e+^zTRn`~M3e1nK?n zlt7Va6&erYlG z6i9+gL=l!GSxs}BMZQ3GBET9SF^_aNguqo7-#PQO*lWND~ zfm;PtRoY;P{ujzL^RcESkmIkL^@{?REb(uVFu`N2mp|sbl#Hb+DeE&W(+@~o?-2w! z%r={+93E7^1YpDa+sZ&gdJ*_={yul3>^Oxlp=VUffB7G;&Ahq*(f)h$B#e9gPL%9V z9yo1VZj>^U%%wdn%~NJgqE4wDiCY~5dOb~qz2yRK`2p!3)uL%{%+rMxf8tvey#Y=?vYT4KC3d5MydjrN3nefL%m=B;H#j5#W}&D_0ZPpO5mz(}xKjTeq8yU(+c9ujC#G(c8@($TdxQfCxNRmzIMMNp^X9 zY2_+5YgoRQv>dwLFU+Y_?dV@u6IT#Yg#3yd{L@UcL4A{yF}x@*RPm%PkCm0%$76BX zbGo2+!oG>B)ZL`Nf_3>vPXGzdsIO|_%P>B2mVqE+=AyfGa=Fy7Jge@s6"_735h z%7rpqsz3_ox8{94$)2A+iB{S-{xi#(v2Khu0(t4?@-qWY`){nhQ*Kt!fL zX&8TSy!>c3XJ?>S)$})S0kwt~{;n|^<2FPf&(815eV)6{ha0f_=Xb5)yn$vjWqj4i zc1|`UP4PUIdV_Q@51vVB&e;r|9}Ig!h|?t zu=vLu!%D%>r%^QL-I!@nYz>_{X*hxWNKIVlvUTI8$bNcR7+fK9tu_Y^o} z^?Yi0Z@uITqhktuk*q>JpNytxs#y!GPyZXxvpl<{+VYMYzNeQ6twexKGFV+;F~UwO z_$plDFMG2cBsy2a=SbuD9FxpCsM?Odn+bX+&|Z=#DmA)zI_2?2Sd_Z>s5UzsUc_ZO z0e0i7amqEl6JW1U)Q(c<$H7Qruf^|fX^#@mEvcoY1yR@yp)c`~MKv}5gqEovG*A#9 zKRe3!hBP|0xB=nvj<9IjAGXdf_{xqi;73%vfeEA#0qynZ#1JkUMaUS45S7<5xZ%EiKmV(9vu8VuYrI%g?*}@w=ZS=@kI!Ai4UVH z8;n4xy18%C5Xc|Fc`S6c=0_|>oia3ZYP`Ez)DQP>sGB)a@5b)q>g%=H6tGWAu21BC zQ8`0-6{qkQ7^$##!g(}r-O^{)Ji9%^`631bTq$3M?`;r)uQgoN1$NbmMa_>uT_1&Z zedAHLST*uoRMGCko2;>qnh9+7{TV#bnUmi@&%KNTi_>B%u_~I#rxZ>p!@cM!+A#?M z!{eAqwi1L#KWu5?^O8z;s|`YEAvOh)xG;lNMmNjt&<<1~gTA6s-+tJlZjrNGtw?u* z(D<~+%3E>|=OKSocB$?HPtB?Ha@}0dtvYqf6Y=EgZf-;j3a9!wCt6st&Hi@?aPT2# z$1bZJhT2KTPN16RA~Lfl6lP^%6 z$j%zvL{yDucQiX^wT`lj4k*mbR0=+iRs$Pn10@T!_;iY^&qL_$$T7u|tYWTi=&@St zTAcxU-Kn)Vc7w0ag)0<@lA*Qtht{~Jzbs3et&-qOMcgO8H4CEabC*$gIfc=5F-JLR zFsWHQRjuzPgc~FjDrg*8#gdMTGIpze>}T8tYW!u~hVvVHQz3;DUgpOW=1(6$l|iE- zb2i@W!eKhfJmdX3(T-pTPccOlGj)n6KIt`AeB$j`c*ya2U{8wYMxp_J@?Nrk<{avv z=CKvNPT+d)7$`gR`{x47eg-r^6Wzv%MP@dY6sao+4HZ$-L80qWuWpl^tkb%M&O$e| zh+|KYY{RA3#n5HoBRp;napkkcDO87DgN$iyi-PGA>ErVWg+)k- z`=mav(D(HZjGfF$98U@Z=>mvD=~bKv$CY#uaUTbotFwc<2X{CZgpb31RAebbR&>zn z9=ziW=RCVBbl<#AJz3wQ`@y}F)0zHs46puLR{En_bKfWerZC{Z-OkYFY5Hc`B~K(j zD^kwExX1C{Dt5J1&1!hMxgFJ|HJIAYID3HU96-g;`9`y|;022UT7Cq^RAFj{$();1yQ1Y~ zxX1<+i2Eu}yUk$MVOl03cbc^Ajr(~c>&29A=VQkDFMVaSt8wu4uOG9_i;J}7&n&0& z<$OhLLi6NF@YSj@w$AclL=}LIyw9BlF~wZHeav99t<0da8V~ZP>xH1!yBnV1;{*K) zQ>dT7Ejta2>Lsw7fawEhQ#KaOLo+^EN=3<`3;pwT}Z>rf8}=Io|s5 zBy;OE^ok=Zv3qOzMAZXv1$_FChpVayESq4&M#w-t%R{T_E)N@0V+_6wc8!%?=TEo8mV0Vi%I>>LK1bX1i!)^}{8Z!1{68350zd7;gy$CJ)AmBhmUe686UG#X#@5Qr z;gUntFf%JL_43mQIH!J@PL|Y8s2O?qm%*$F_qqiL>m#9n3u%kpcEy{2hXIu>(oxys z`+Q+7|L7+Km7dwhPd~mJGJ?4zEGF&WsFX~-mwryP?`I@jfrJPvF&1~0ZM{*iuk#|a zY>~LWY03)1T*+zbuBNZMVO9GI#v&v*>%py`>Uux+u189|n^S_}V@28z^U}{SN~(|5 zk%7IL`c74PPS_frUuov1RK%B5HuaDXs1R*)l=s7(G=W(Q0NgCSeku$M>r$vEC6Bq0 zM*&Um5G^4%(U620W3b0%Dz<7TT}^RleaWgR>p2qvsR$&#WE#n1FVZu{qFLwx+b#9~ z)cb?nZraLi%rmvTn^h&%zwmbU=?NOLh<~*$LK)>&OvS%)DYOP zs&w(bH@z%uY}Tc0#^tzwFZ~>O4M0Af3+O#gQA*4I0(%l5aZuU^rb~783A3Dmp+5?w zl_Ecp7=5LoW?3?teoJyliarZPPDuJBWsE}6@=49~%(J7c&-+O_GGiNPV=Ma`q?M2Q z9U{t_lZA2vlGs-yL6ce*ZapObrRX2sX+4YQ6J$ZlS?C$&Y1}f`ioBSxGwH6}J1GWx zz2g%o?wBVoEr-Brx=vqAH(->leJUU9(L}Y)UwPixNWD`mwc(*xvqew! zvlaJR(vxcaRxr9) zD*zje_rJrs#dGl%WPCrx{(H1BOZ}ty&>yfqG~?*$^wTL~|SZK>qw$!G~zqrPom zIgw+$(cec`T71Kx-LxPVTcS_Zc}Fm|^bt;(BT6qs{Xcc_`-n7zPwve>J`SFnea|;P ziQpz;W&RM4?=Gu0v0BwaT{kZ&F!X4yvQgYuavtdbuT@p2M2}ir#PhKW&}-P|gu zC^%GF#pLQ^;9t;5x~&c$qX{V}r5=GFO#f(QM;W~-W+aj;lET0vQos+*6~t?yg~Fb3b}C-F5N{3zPa zuvG#d@vTqZIM33R-3vcxECh6|s{Ut^5mo6O4{Pit&oy%_AvFeLGt0JHQXZ;J&m-(G zeQLbBYU%;~X*Y6*I#j^UyPF?aUzryaj&!f34{wqz?bSKY?7tVfD6O(CZ>sQd3;K{R zCZOT1!$cM#zs9c}VcVBXkacV=SKE|2{LKsWaJ5Q`aAHHPWN?o*8NdB2E6B?|cZcko zs`jR!9FftMhcNWA20@ybx?WED7ABC>Y`&o0&(=miT0}4TFrZ*gu~5z3J-mfoZg;12 zYwsJmk8uUm#z!20(P#CzX5vgIy~0c_FKqC0%vZ;z|4hTe?!P6pXM%yBB=802Wq^>s z7ULvXe&f|Wv+=lT79xRNWNk&C5Y)488prR5C%t-EIi)VLQk%Ubb3Ie~)w+jNBIG|J+owSVi8YRG)v6x9Ta<@( z?h>r5qD7Bh90l^*pP&i}I{5+f472h?YPEBtDYoYvwTtnOqrnVjaXZcYVk@`%msvgC zRui*^S^&lr&;)k{i=iOQd464Ck9t)J34BIvYWE7qm}qYhOZ}^yyI3(>{FCK{&lbWv zi9NQ+%EF%(hqGK&9k}*sV|Q1bQEQRSfvp}WUWgtfMl(IUXZxjY6|*NNO+%pg2!IH;APmp zqrc)t)%YTD?t;MB>i3*lS5o|3?eg(=KIK@b9p3>c0sRVs|~?b_$(uHW(KRQ zs4wm}s3h2h@7{0in6y~`UN+Hb{D!;wW##=!OS;cKfuGng&^3Brkwbnb-a|Q;OSnrE zV7!DNXeoI&fJNxJ_|iB2&ozyrvZ+7E^36NfbiiC9V@;sZ+KBSa z-mc-*D7{Q^-U?fRh~eplcg;)#ehn!fypvpp8YZ-V>`6B2pHfwPdyajbc?-o||5^a9kQkpKaLZuh(aSF9jk_WXvDYmhC!M+SE4<*M2|7!BOuospK3c zid6>yTir1K73uwVHS&h9CL#f|<4L0M^;`dZKCh3sU)f~6dE=iR8eOI#qM4lh2I?O_ z3i3omN!2vpx$%z=FH;F0$E@7`bE>PsRGWy*$N6*I8-H>8U!SN5E)PG&JgmQ;>_1=Q zTZ0Iu3W3YsxbaU9|J~%jnEaPq|K-Vl1<$|I_1`1p|Iu^uvN}hZfykT~7XaWgm(u=JbrM9?aCX|E^}FYq^b0>#0jFmPe;*I0i3<_Wq7Y{Nx5VrC;ngI zlpbN1nfke7WEjZTxx)?&_NyZdjquHSez#3T0gLm?3L;%hWh1X|-mcr{CH|`>h3FVU zhjIyH0$p8?i-sb}rwfA+9qW&Lra(FDoF7 zrDGNtQhyQ3 zmaje&LV2`OU`GCx=yUBv{$)!Hq#_DM)D2GzjOf1{W{9Xv0f6Y?Mge?ICJINo46okR z=5?5Vv*k2WptNE4M(Emt@nyOHmDoWqNOt&&hOkL*a=vDdAIz4*YwdX3pmSh!_roH< zkOc}DWJd1FxHevFFO8Rj5vQ-ehV4=KR+#mlU_xLoJ_5J+ipd3V*GN8;28V-N^{>8063T=Ul(}*EtNq z`eQY9bCxR6B+1iualdi?r`$85`5G+8W4kwW6?EmQ(=fZF?QtiIzZF_1k)I_am@c-CDVk0X?6B^~erGqTUoWs2bZGQKGs4dw$JOPv}L7 z@+mDw;NjZFg)m80n)70)gAzUZNDvxp+?c?VV5JM7Np{h}nf%4};#Otz$%jGLsIs$m zYH=>F?{ntQ7XfvSJ&$tppUxP5-Y&lk##$!7CC9IO9OqN*SvKoarX3bG^d*`;HpVr$ zG?h&W(c)ZwW$^sLfNH*X^GxoTKD_Z<*>k8fI)>|sv0a@s&~x`r*oX7ZX15lH`+ot8 zUQS&oD1?GlSE&9JmW_D;a!<{G?99-Nh#gl#uBW079KNmqb_yP+aU%-^QapO%{c5ZCGrIk9x zx>Ntas`MUjStBNQ(twEle%0U;P*;eCIplkC<@Z`|>b1?e22qu4^lv?Piw?=&E7P2r znS8b#4?J;X6tu6$eZZi#VUaSfJAl$ID@hDWrGm``sFE(u?hZ=xAp&TCbjVHkM8MIgTM`uKS zlyUot*1U{0^f%4DnZ>T(x+Zy)-=3lHSx3e@dmk#KMywc1%}eSL zmBcym?k-4^dBRcjXKL{l`5nOY3XmU|las@R4|Fe^)?mN9DLW&gSYmTGUqN!SzU)&3MxMTvRku0t=af&XU|?B9R^S<<_Uw zV-d5h>1m0998xNL!}Ij)tD7@Kgfo01mKKa%TG!?O5e;&vP@S6;0+p?JbsqK#8|zn- zW2o$4FA&Nwhe`}d+0f$krWg=c%4P+c*4_j)f0X5`1}-2^a#MZLQ2$E=4*$ge)n zt-p|+iZD{vkHS;k2sbjR-{Z?NOde$TOhBIQcM6)q<~F?*TGh`G_SwMZ$z+s61G0d$ zqwiI3m7A!}cD{YX05xF+87J<}=h--A8h~yc?mHW~I;g7@Wt!Zt%nqR@t!1~%8Zh5__R+RmC*grl@PUxl zhq6jd>8RRe2Cm2Y==;Xtk6%n6?@o%^cs0u@k!J;i4i%u8gE)=DE3o&xJHmoTpWB|j z3$~vsbKKo!Q`e!gDMx?aI-R1r<^MQnX}m=5-0YO;d8MtT<&)_*y3b`Q-K1kE(DiCS zBrjeNOviBGaVlr&g^#}O?KY4E6WuDkNL68@r=frjtBtGI;Uv2zQSHlD%JGwJ6F7$a1>YiaVvvrtqjR)ndwKM{j&7whet;;? zQN3sY><#Af9L~FLj?2bv%U^H3!1kA}=EbO!vn;f}sFfGwht}fj3?q*hhW2H&(OC3> zlE8_99pMnw8IG87+fmaPjdV#r*oBh~f8TZScSMI{RH`m17ex@e*0 z0?LFHiXf|VG7|`gCtn1HL|2RW=QNOaco^*c13z;XJUy%S?)UW+R(a^34g$0^t(BYf zcyVRyl(h%tlpBURmhFxyB!TdcCtGZ>6WstdCvIhLp~lir zI^s1i?h>OqL)2azv8js3;1v0cEL$pg@EmA$?5n^Q=*ue+$a!7oUooQ|O?QgnW}m^6 zoTCmtm0-0*rK;vxGd0TtYjxqLYx(lnGyAX6gb%Ts-v;WoO2>1Z@ZKI88jd8(C!3DT z$}*?pu5peGlljv2?s;RBKf{IDBN5PJMou|o^%uUlZ*FsFlsvJFA)&$8p!P{}d%l{| zAlVR-({*BrBRG8Lo3q20X9^1bV$5%Cq@2DvhZ1vkF`(r0ypq?UlLSuXI!CBR6f?)y zLAz6iKW9@&7TV4=#^JB~Nz{oIJn3H68)7 z8mWZjPRP3xl41!k8>9w=Ya!byyh4i$27fbdD0`XL_F=1t=CEV-B509}+eiy){&>#o zhTLQxX;)LquZAeiciMvr)3{-)2Xp{r>9gjWtw~F&{nqvw@K!wG8 zzgnC8B$5FkBz`k0`4lFGP3&ZDEesh|yH?Wuv}~NXq%rb-OB{if3U)~nKjnvN+L7); zhc6N;A?Uj#+ou)nM2JWh6#gM8NJQICu4Mv7ejlHUNjZIpWST>y$DKhVn@0h9st#NPFkP5|)T5LtPo1Wy<2v)Q3TijJ&per_sTy#zxuLAUM@Y%B$@@b}m-V(2M zMerkIr#e~q=Z0$s+V8p6V*2SEdz2(a+ffpY$8B#A6C7
-o-Z%?B1232;d1?v;A>yhL$8DZ`j% zkC>M>*8uB6TY^a8B_I?8TmpWvl|q&=V?uAZYum4hL$++6fi zruPADKaAKio;TrA_q$vu4DqG#uhCy+)&OSiS~leC+b_=E(Zwel@Kg z4tJmPLq6vD=^^<`<$CIV3ivH!-5R8Q0aqTKT&{I(j#RP~zd0v-f0jVZ=g$jo#ECrq zL|e4f^Q`bhzltFx^*gxPPhxm*;;=;SWqhx3G`^9Kf%?B%0Ua+K2KQ1R?;KbI;oDVR zTI%A9^wnAc@e2xr_XPT{SR3G$VYPb85&lq|57LjBl*i7(N>3&;%Mzt$wl2T+#9>mh z|LhU7=TAvCmixP_dQuz`H;3!K;{%RVGTp;sjuaDbxhndvfYA7Rk9CxQ8Oo+(K{t)9 zpi{Ev_M9!R>9WjYI0Avs!fJl1XhI`)e5bC5yxbMLz}h@Pi|%2Tf=S?^rnyWr#}aXu z({G^0?hiklsNO^thExB%`HTFIv>giIx!w!z-4-4)BI>gsqqg|E9Y>H|goE^Tk5ylwDZNJl3znf-W z<#U_p0pw2uZv`2OYfRdGpOk+j^rZ8qQwV58~O2? zz7oakoq}4gfQo#K!jbKcB3$r?!^na*$nr>tDs4RBNd%gc=v#?p`*WjOV%~u{{jULa z@~2_s$CONpyTTY-c6%fV7xB>Jf zBzf|Koc?N3dMNA;IoCd_S-6Qfgj0Tx2@i%bd0{J(KuIMkV$PFgl22EZ{JNxvhm(tipBh$$}V1&soH&5Lz+vDB(X6x3RwS{PxP_U zW%*_qN!3h?YqUG6MLNS~V)Rb5+`OVAA3`2#03W3I=CH@m$AcVC5`7*%HnYpv9FN=u zHuh!mmK4Sd1($FUj<1iYdNmHeJD(FqZbcWrRI$|veVn3xo}p!*>cT@`I%H~`eT11> zm0BpGwl$_e<{mpjD47(yW!mI$eUUTWA5M27kOPNZz{a>iS~`wB^tSRG{^@0lN$_SW zq+pwKO10CZ)v|^MS+fg%@wiV+EQKJCco%vdHqM!jVY({nYdJ7W@>5UB$h&*JGUOVY zJ2HL;;a4DM20Xs7e^IEB780&D`GQW2k}s9RFyQZFvg1}z8(#x73!)Sjj6AluV65DU13|bF z{JQIW^H4|#U*Cm)|7L922^g=%Pp4FXpP54RJ;dhu*2O?E+%XZH8XbDaLDU5JEIRm> zfe88coh4Y4M~21H#yG@fuBU)E?e;nJAsN#-nsVfBK`2C4$ihQSkcpKY#KAtX?8BV1 zN(Iv_KLQ_qK15tFKd{c(DGQ)VKAtDDC0&+ddVTD?EyStd*rg3`{Mmo4$xH#EkWwD1 zQaV5#8_Rc-0aZ&x7u_t8!%oJ3=@C+x&12lHs;Dm4PUbu286Q))+?a zZR~nX8(rPWy(u+1ZZ<>at{BrgdJI`f-sV{5uOgBr@k}wf2k~7Ivxb+?p%Glg zpG~%sy1ZyAwdXn@&8hk=Cg`~Lw*pLZw-V3M=PmWfN&d#}DM;(vN6 zW}gs;^^WTgeDV%nj}I`0_el^8d{xD(ByMFjg*F4MBaUNj9&4dsl%d+QRoZ)p(TOg; z1Xcl>yGk}m=MB6bA=Kpug1Fhp-n`Kp>|vM#Q+F?pB^!}-K2TB{&>mtUA-?GP%f(iI zU`pmwWTkt0A5Q| zw!4r-T4f&fzdEB}Vx__M{4j2dt0zlICiq4a4${ZTukn;Jgj4SiMX3#MK~mk=cs{j| zt9I!5sM*94)Rr9hd*zv}$v)zM1HD?y)riA}{%jgLzGqbzL$fHP=fw4jD7D&#vFL*o zNLxRw1^wIxb{b*wI$sKX$@ zFiPODjSKcOjQbK(x0(cTI^gqYA@QF1D&vAmbs#7K4tYl+8tf(ZKn!+I0Quy>V^EX9 z(Jyjc4Q6{JSnqR@Xvk`}AxbBp4Tx<@JTPNqISMZZvGOo)FopS=i22@yHMofIDN^K_ z@wg9UXq}UdsOz)FixghTW|l5qNWd zSc=VNvV@nQfP*SD=bTrR@h&ijnH!WY3?mNCMmy1BGha#uf3f|z#&3J5^!bn4sorBz z+|``whvV9k=s@xG1_fz04)t>#b*b~Y!Ohz4<@C< z!jR~=jxjyNi&;xjBF*=bd;Th)2GyQDVERMxe`kKIS=0n!f2mTrEi4pJ9XI&AVnCTQ zfIz?`ExdRVd!KGAGKw~D;va=YuP8j6qdhscPWc;#Y9Ap!jj`3Wk_Gs^uzk}c;en8& zhSrnW5LB*{c*2my84&tL5VoEAicd88oV*wl~`Yx)xkhtr1irf9jG8R4o9RiCqS=7MP= zNO}C&9oDGOs&b`gqV!9Pzl*cDU)=R?_YbZ7@^~jZ85lVnjP^mc`2CZJB2%>k{nhao zaZ>rw$1gBqmHsoZtvLQTKZfiK#kDz8UHsHQzM{CLFIfH|8PyAgv9*CAfPRC+iZ7cYG>|UQDfXQ_` z6G!H2-Dg8iOT9dHe+}pA;*~#Fj>+w)KZFy=+B`(YjDzuUS&VnmfQBl@$-84_i_ZK& zb;P)d5R{nG&%4B{EpRgLaXsJ5=Ort-_MR+#eh@M3Q7HeA_T;yD<6B(aFa2vzIh{^# z1DN2>XLUv`{T%PBSYtf1K%DueST~m+{CmO$hU| zsA=Whqsgzu7djVJhpD~qKLr2%28Dcz`=@gylrDPbBr6k>}3>LlqIPsWtY!H-J zV{ZvHqoE>K9`s&LLA%;g$i1r~fs9t=RMxU>y=4zXZcj+99Ha6sM0Kns>OTCupWM_~ zu~{z^S%940rS7Gq@a1;H$V`PsXkT3Hs$!oc2fRGAkS+5fy`d|OWiH(LUhzWNc(THz zxLdDE{5E@B^LF^P{UqxGS*srp?i<;32l;2iD6Br>7BdGvPoZq@I2fW|vb|6HhZ_P5 zh&*alI-d6H3b+rjDa2*ELMqS{sPv2Hu951-c*_1R)nR7mTmrK`Ja?ms3W;|c;jDbS z^?*%}h7QY;hU_hiu-jqSTI(LW(Zk{}`-aO#;@Ju(-v%P6Zk2UCKn?qdWawE4jz1o} zyil#e-U`25D(d>|s_#l-L9b5|AkF<`hRP9LqPxka$NfK)~Yb z%es4#o|Mx3U>zfKiATB2*CcpR7hO>6-SlVSIX z`*ABj7-KD$gcH9k>{pK<^KhzvrN}QhyJA z4GV>0CGhl;$A?7rS&$&k5z_HH=9N}`D*aMgFmoJU%YJ4Y%3@TcXcOj%zG5Ib&rI6M z${K?Lbz&`p5$q zuRg|9fA(?Y$tC(AxW7<5MEN9mL6oNmJhE|8H&zl#FiQ`n8dO?E$Jgla5Qz=RsP^15?K5)1HQrL@Z= zYp6D$qBxNM%%VoMRqCh1nwBnIPi1s#xtYY!l{D7*ql`ewg75mF+aGXgvQqX$Sux6{ z!3RvWzpjg?jzVV`OkKrff}Bon93~Hm27i2RpE+2Z(ciwXq@B67@IMDx-V#l2amf(M zrRWQbqgIF{nF(qmA)p^L>x=|HmNW7*BcvxskwlS_O9<(NlQb!0r#EMN*V$qwsG+0t5Pb}K?E~+zsq88_ z%5t=PoWsu){oO0Ff_Bfu%urFvR-QytS@f}cmnbr#BGC!vR?4v+2J)OnamUh& zp+{b^Brn~Oropr&t?$C0aK?;kd~q)sa%c%|$;%(Dsd2o*yuK~GWMz-AbJQAjuoZC6g7LzIjEsqInHc-cv)Kodl;9=IMrh z-_?N_PDC|chEJLX4c!-FvQ%S{lD$LPnZaS?jt4(7R|O^kYy$EP97 zw%IX}ae-Ah!nQZn;`{IR7AB+E;>1FmvzS?1^@zoSQliRz%N17Rsd7TP2Y*sQf39YS za5S{$V+^t0l@^r(VK9FoQkZ0CI%PSGgo(9b-JC%+(D_9-(2&@LGpPZVJgUJ9hhdsC zG=w{?3z|1+{eLKX%Ydr7wq08g36&6}QF4LOE#1=HjdV*RNOwqgNOz}5cXxM5H_{Dz ztoym&XYcp>_x%;uTw}(X z#rwfh3X{2BpRFp;k?MPQPM0>3CH8~&EMjd;*1O>-Itx9|j8 z+r@_wKj52;j&_<*$+f?AQO8cvIsFl6mL@8)I+IB%Bcn0=GD^X9sZKuAm%)CWw1BVL zOS}GSp|%2@sgGn=o>WY$KX<&G}Bxu~=WA4_WhyC?scSAZNr_#Hoc8 zl8y1DKZs>u4+c@gjNw}s>Ek-dM_iXCA(nhQll3772ugb!nV)5r7}dj5+4NXvl3;@} zC3S<6TCv5lz~lGVJAPcDR14s@nokScc}OZv=#@0)%VvW($qc)wvZ%9Y?1)?KI?{%& z6sdI;-D~qi(IzMI!+!kQETw)cxk-6k7fZ@)*KE^Xi9_sJl@S?{%~YUn5)%MPQ@x#L zVOBe$jPCTf)kcqAjvX!UAgf*$7Hbz4fDA@HHi%vaf?#x7l)iyHx0z0tg$kaa)EM1Qj3&EMwn`izasMEOt}>3b zGx`~Jj}u3c5o`Q{ib>3M3^r@-bpdV_G6iEF^)2lvJ8w zzPNKH4Y&PG+CxR>io4j_0&*0|1-ry>>R5xBotPyguxg8pPhmYj*&Q>ykd)n>78ob)vkg6bs4W% z`5}k;2w%wzOY=1+UR|BFzb%hu*6lg#fN%MGOi@h=E~4Unb+rOY@KnhdPH?8x z^pk9jbHaf*0w$ow32_9Ud5W_Q4xWOal;!0rQ*uBD*6p6xh37{_Al7~U3Xz1pWfVxcicygKMX;<%*$}Q zG^S(fct5S(m2KtA9nDn3uB*bu6jdS-F}^>y?X(beEuJ2YpeU?6eN{y)ct@C9CEZg% z_XnOs!}b-%vQJ_@WZf#xQ(8~&5@NK!8lj8sVNoo^X&*aE-sGSsjG=$pX-vbg>3|f< zRdOGq!(s{VKq7Qd7eK~vZ2pl$U}7@8(?gpYW~I|Rea*_R*6yTx=x}Ays@(a9qL$Pw zx>NwYE-~x=^B@@~0fB(`8ad`TlMx@4+9{P9+AY||m2ot+3jPVNT8YamNo6xn8Yc;G zlNmniT`f@ul?_yzpPXEYTgG#(4-ijv` z$NQ5C^^wzzuyzE(G6%JlY>CECa>4O5Qd?tFq(t9gx+*jKUKT`Oe}d%)&)s9D*{KIn zMwE<~M0}igq>NsC_dhWf8@QKLRIqHno(kbCk1UXQ9Ma$@JQB1O9OA|8%|2GVq4;s& z$ah;IaPM;M_{PX-9yjb&GnVtQl*7)`aG|3t{`HBL#u zZ9DQTccPGr&?*;sXz4pDJnNa&DMpcZ7mb;1;f8;gNq7sNmd$1Iq~mKC&e5hK3bcb5 ztNL1X%^nq>c*d>WsS>2syu9YBOXe4v<~$g(7)`xuZXr6w_cxR$EjH`-9U0&@BYn}5 z2QhRjID1vUH+&)|cXT8_nj<~oLy()UI^3o)dj#TCwWW66x@gU>q z_xC(A)tD;{EDHZ;nbwGtIIuyyF~xs==bCGGzi-jmKu9Z+iS#GmT@;3OyA?}t`1Ftg zF)Jo7B?{oXcw?Pia*I=s{?EI`Q}BzS0N+r$f3azV3Kms3H@mjMpQv-Z!j+`rED1}? z$$?IoS5{TgNdo4)v>M-Y7I_2szQPfh4upnt?)|&?qL;87ZA7I!=13CLsqV5HoENXo zUN#n|blW}o-N)r#ZtM-wOIhC`4&cGUU~f0dg10jpH}9DvnSzGe78{rXH;VA zBB8<%NT>aQARI3QiXIk4yUe!ZLNUpqm<;(R*$hO`sX9r9xe zpG)@crrK3fi0?oMmK@7TpF3i)h52oj-i?zVZo-_<$h(;f{zP1H(FofC4Tb{ZEvoQX z#74Y6Nz=ydS7x6r@eka|eanqLIuwb!YoN5OVvqNc%#nv&+nj9~3YUCSrs-)-xpl7C zBuE^ONSI%4XDP?5nj`+hPZy+sp}juSh)hEF{WQE2q`4wPrpK zlj60Lu4=e0CO4A*&cb`5kseite1)qpR4e0)e{b~bSs*I;Vw6aas44{y+TawGoR$gq z$;e8*|Gt;ex4tS=GYuA@0Epx*zRAKE_1N2a6T2$j%iTMpDQ`tQTUOIl@s42FzV_gu zJ){#l-YGlkPtHS83V1v|P8L{c3AAdM$+zlr?0v=iPUB(erLJi6Uzmb+)w3!J@NP+e zz^Tr<%{+{Ubz=|3??{C2;uYnY-Pg^<4jmu#?&MjmdENpM7ROChD{6{yGbf&ksX-}*$8R?_@4oa6wnQ2Q(PUW^Z9aW1*SoLN= zw8SP_z8#biO|0X3;s-|DgzGbD{)VINH~N>t7IDDZOpOC5F5&6TcG>_uz6B97-lQxJ zBF!h(<5wT+ZY_|CTY`Lrb<`a4|ElPZ*=pHRK5j||HQiQ|ExU^d>N`!zs&hqh%(KSv z<wXf_1O@PHUSh~HC0B+%UuNYhAR}LcXr~Y zRG1hLq6%z6hBoIP%s4bjC3;#vn5BQRhPGgt%=ArCWEgGEZm7HtqU12EMz2yvztcpT zOIRSYZ#Ol}H+{Sw+$|iNgp>_8iX)}KTK;mbw-r3tT7cBXqqiLGQ=B=mDCgvKf~2aN z({_|Wsb5DKSLy4LTQqU!oM>`ei7qM9SMJtinsrtx(axhfxsKMi68YaekSa+0#9fCa z#Tq|}wR0Y%lGqyYVrYJC7KYu{`8uw&rAaP`*-T(s1ZzV3Lol5d?HZtQkaY!Lt#uO1 zBEsPy&ffjF18yu|r+7n?lJ#_kqoSyWBRUau0`IfEbY$u}O)Myt*ov@CVqBQbE3PQS z2r4gk?@vFE7X6w*f{$QfHut#{Hx28jpj}LzjhV6U%cIL_o4U#w%nZu$5IsR%!5bpV zE~!Mn9+{SBJ`FKo?ZV^=7U3ym($`_l9wIQQG*ZJ`iX2_7>-w!tS%GkjCO3{X5sRw# zO^YH!E)Vi6tkYKTtq!vfWSfv~YOdXK3Rmuhm4 zfbOBiBGK}w(fqY|U`|`**-kFT>zI7MZv>gILR>QM;z#6Wx#v#?PCXo8Zhu3nm%EK_ z3Os4WFxfSKeYuuYQkj%_O~@=+MjrSz?i9Ar&^w|+6BE|oq?@FHFoq<0%QK0)W8vUK z1x-yHPOgN+{2>1b_M>UN5LSCq-mW)IJ%{|#ed0*UhoGbj(Fc)L%VM0@IX(X24k@d^CAZ^VHMWzi0O+RPq?lB8GJ-`KliIdnv z%a?%DGefZRZSrBg3l=SAu&abQrghiKl#>j+4DY3U|(Vd#ddV$Z^*_6U?lOP3SY2$guAk z#QCsI1D^R#FQtqBlK7&hjGPsT`GgalN3E5byX*BKcRXL2`ecG6NM_n^6;**T6a7gq z7d;|%*LR5EkHo`<;u)sLH*vG@dkqo@9Z%A2+URB``h01tqei0Nt^$JcT4*PNLUsZY zDvzo4y>o#Jvs5`Z>B1#>cDoc!I7Ai1h>>M{mRkt~~synRX#3Cwb`2 zC#lu)XY4BK{^E}|*(Fh)bsPUim9j9f3G>zZ;oA05WLx_OLTQ~-ul)#>=Zgi5JogG; z1VLKx7|~S_uCEu&+)v9i`P2#zB3bv!rfX8*CeJaKO-HifJB^P{Q)-l-;2SPu0%<4T zt4QhJC$rC!vmnc)kyXT5lG(I=Kq@+OoyHBX$$i9)0u z4rM&5a*$5uwjE1JRkpPWDxKAeFoxcy{83C(x@Y3f5+h_yPVGYrx>}B2Md38m>|Dy# zsB@1kzcHRNd!ZDboK%IM^4Axx-afW=_#EW4cxY~aB4ZLiaaqf#*=!GWhcjlIw<;HC=~a8G3gfdr9^_T?q$9|tzx~W+cWR^+5%sW zZ!-SLhPC8#(g z#K;q0Iv8Rw>uoJR6XIt*O8byiPRQy9zh;?Mt3sGLh>FtB~FN|uJgPPebI8I z(v~!1QV6DjDSy5lbN&4|<5nqNwp3qYn&w>1U;JbSB@mzuMLh3!yqXow{H^^_k`?jD zAz|!gfFrML<~JQW21rGaTAJ9#)1s(wDHSn4XZvtB2O;tS2r&) z%ni3{Jn1fQ`&DrQMSTdOa+3uR*ajBY8I9X8uADW4-W2*ckvHdI%;RVy;NJm@$d=wz zm!pq>+~1gp-f}jaqfq_}O5E3IzB}S%KOYrjQ49<7RYaWln_3uswP3{y^UAl8El%OL zKtEuQeE_`Zs)PFdQu*HfQ?Ml_&*}njfTXbN-MV}MI-m8aCKpl z%JuK&VhiMNbmJDFL+e04Z6BK2z=M4W@NeQ}+D!&c7vnm6Urxb>(0_k(HpC>G#$anH zBSKW+nkeMZm%jtyXgK-C(xyaI!SG4cBB&dYYIrqfqzFUj7puusJ8Ftgw`2eW05t1q|HGZgCZNyx76> z(8J61k;2e@o%JDP%U?}q{pu2Zvrl5z<W!#uwqDW{G)9D`t*xe`q^I zkT5uYlZtNtnn7WGd3VFNHx+?GOrwP#z3E6VXt_*RnByD$3@eS#W1m~8(c?z!qYk*y zK>ybtg3FW*NEsYreZ-3_vMiHgy4lRmP|q zfLZGY>I*%NVt~O@C9=^TckDp^lyLdA>0){ucpE5G8K=1^Yr9=2u>)!I(9??hofLG` ze|@I`$dF&A3G@LgQc{5PNF=uOYorD95OGk;TeGO@2M}=D0-@;u;4H>>o=os=gcY=i zrwyC;2fT_OsNHSpTS9P%l0IB`wGqbOR+6V7$PBt1d5##WZwrM^0p%m9C8^ylH{MFI*pmg z*esr2Kgv%PM)eU`%qg#zrsQFe9m$nMcH``)>uNE-Cp2KJ_=}H}W?c%`#AAyqQ&3z# zhldBNU(;KPi!nJnjKlCJ6*n!qx{GB)EGTKF3H+4WbXhV;B~d=e(Uj|WFY50_$2nOg z`C8!~^HLLE=u@#fXPdp<7ArSL)h9=`SddwxlZqJa%cHWP;r#=dsk0btvZW~O4D*g) z9Y%cv|3zbD(HtFz8yV7V!&kHJkt zToYlt<5-8NY($Mx#BxFag=2@P4%~OJ_n@q%HbN!VxYbUMby5L*!f@91;mwyJLS?ml z&+7`+$|^H6II@)#kg6wf<2ar(=aaXU-x9sBxG(RI`yG{yim@)?Guh3XXoMJ99uiyn z9SzT2($?SHl)FRY9FzU_z~GsRG8Ylr!54wJ1KoD1*)3oDQ-O3hc|qf=8xJW>2IM8V zNSx>rS`Ex6`}*P02eGo`VLYXl-x2WPkb{7|bjddvp)BNc6*)G4T>bo|NBR1iVb-l>PgTa8 zB)%7@c2?ej!ej|NVg8rs+}BAQJQQV6J|`oXVDdrQ2Dq2?A;-OJHC9SHEorV3Av>Bd zj=c{GcoHAIxYO$Fw((BCPpcUlT0T##)Ozl5F*?cv@Xmm`H2)_5ZBG<=O!HEd(bu>t zjRrYUtOq%Zu&k~Zzkvo-ly$|`uBwd3?E#2!Y=>B85a)GLiT|x^GY<<{XeA8$gAiBLpKuz$`K3ve9&cBgD383deI@NIDY4 zFsLOi@WeqrGe%650?&-3jU!!retaz;)+o@4{J8<8k6VV6OR`MOdcnga^2C0e`fpzQ zn(SsPwWNLtX-Q}NM-hSBKC;i^{{2BwtjY@cqC}Rs6NbGya>>Cc+zi{hr)@O)TGfi8 zDNi^_b*D_i(MrABn(S1`J#CD)2_kEI77>;({gjTUQd##=l*fGXQ9BrUpx zDR&&e#&9jM$<;Zs02xZ=nP3<|c9d%@ zBNdRQwtj~5B!#3r4+FT-H@%Z$6e$MP-|Sa!#G7aQYS#9JTp~U#J9TJMm11n*ohBC{ z*Ohv;luldiUsg6^bpC2aO0c8D zczqE}RZ4$_b#>V2e6|4wBbW{5^}N$4t~h4Ot4g~N8ER&tjnO?M;bqa7;T8Uo(SzxQ zU$|V>+)ytnjh}ZVJ&0&YSsMj5=nZS*g>P8P%}dAb=*Blg{84n85R8;xg+G4lPAG;v4c z$SNwW@3+XB(r9+AU69(V1*^0M#`F_S{CvbR2B=ZH=(I)zL_^E5NKs zVLK`cy=|8;^c`7XSj-cfrQi{uLYW1(mA#filwL*@dXDk&B9|$J+ocA0{JitukYhE# zLcapWL-<1o^QdrVl!jS}9ce!<0e$Oe3um`&|LO7gY49ny`Lv1lCw?X(@#o|hj@M@_ z7PIsY!J3wQoJogxqsnD`=!kz!S<066kB4>0zscN5Ngu3;*X+u(w!z7ZHQ$oI*28)I zSM!U%v1hB>bKL<5mz50HiEmx_s8LqN*5j47Oe#$Ex2K0=k1lC=evKZcgX~9=*7`I# zhsy9JTk|d4v>Sn{Yb%Tv>SR`m6+KOk06sVVbY(I8`2?`#i2~wYs6V`2NK2KGy$pxz zipBXAn3g~^`ozqM_$~yqTF+!#bpxj)k>&Z#L`IX3sxIqkaJ=WukeLYq6d`P7o7Lx8 zt(xJJy)HQMSp*)pQ&HmGSYrmHN}Y8NX^j85NI;M$%sg?mY&HJL@T@)-C=JX_i+P`M8QK20ujFIqMGOuG>34YkEj#V%0o@k*dJ(=wrsAAU$T* zA0Nbw48a}WLmOs`>zXm)1@>roUXE(pxN|+>Zss4>(xQ~}wZYkpGk%q$Te`V^u2l)= z20^4tF^5J zJL$4jk)p9OOGcnF3;1reR=h{|3i6jGG&bq4d$?Q(W&KiAQp0Fqbue4;ACYUx9DJs4 z5JD*a4Y8Cm8~ja2V-Gw1ueEjmk2M^yH`z=+&umesfWY+`adl^KVr~S%JOclEhfp9g z>uhU+C{iTsE^eN?^B2DxEN_v3{>~SJ=?R4&uvZ}SG9o|xkt_*^cdp5Fv0jWw%BSoL zI7^1CHflZ>D7c2G;8WTm6SbN+5$(8}&X7@u2KTSjS1&~gd!$a?@CsqB2`8WoZkjj& zYVvnez`d>eM4!e;HOl1bq0gv>(Ku4dIX!RcpU}9?^6riEk}8eH$))<8^H|d zJo_(^LOGPY@7{m#ddD(rnT8B0w=ss;;c1kV)YC94r|{Xj{=_KmEOy2dq%t+^O|*7k z53J!_=&2cd|NCjeU8$+>#HrY#Ov=gwL#$<8(OWglE-K(WS5k*Zy~`{h(6=1 zqEm?Z0-Lh5_?beO4qM*u(1LX&rV7%>4uPt1p`6L4d11*rS9|7UN(RdgJrj=y)hHZl z#?7nsNM-Ax`;Q5^$b`wjtU5uR@irj+%UV^lRu6$)$m-4roslfF1l#2LlOMf)6cRk! zWY!ovU_T=3l7`NBylNL3Rrh5^Lm2R(CgC-7#OI&lv(5d zqc0W694+)@Ncu#z?5K2A&j**l1^dT{(GPQ2cO<$5IeW+v*@FENJCwRvDM9Sy+j+kr zQ(UjLlK9v8X36Nlxv3(ri`+8Qh1dQG7hK?#Yqx?{jZ1>?N3Zf9{9BDPO4B@RD(8{L z8uBUEwcou-2NX}de%JTV{Se0K9eo@03`Rn5zo5%ETqHqET*Qn+0ogz4+TDu`D2VOa z(Wkm;KJn{!nQToG+9o>o)};BPHlEePU2*m+%hrORn=>D8myA|eno0sN*#s|-6#%tNQfmjdl1bO@to_zM8cca_*&P6_Lg4t-HRv2eeH+>w=csE>;G4fS`>^tZ!LL* zW^yd#CwXCgr;G|$9!1YqoSLt^@mnWq|7#|$*WkxUCWEjGR+d{20VJ*RtD5oEN`@)U zDar`W$By5XdOen8PCGDo@ugCAcp{hhrlJeH$pz+uA3j8yThVFkG%;TUOGwB3D+0@I z!@T++b{S(jqpK99H%+T#t6)E$0}8YDnTpA{K#xMEo%kVxssBDw4UhWqrU$)gS3XG7 zS;basa{P?{I`fk@N#sB^EzdZX608#A8k#BF0}~Txjnh31dc%b}P#838E(nOv-)Asp z7R$K=>WvjOyw&2A_D-qKJ1wcbrPc~}%wTTZm8+t=JYfz3HEc#Q@!uDIn5ZWDdPmqC zE;ocosJzmWKkF5d4DrW)>%`1bnK{4mL*|e17awPC6xT$uw%&)4x4-U7VvE3zi|F(S zxQJVoZjcxg!;Vc6`mOpV+hFp|_+Ouq3B7|HNa0o*$MMq6m;26vnxLFKMjBqfG-UEF zNpJGkLz=AocAmSIhFBb$gCU7<0Vk3I#ug9vjPJ@0nl)!2X_dCWh*!*8D-{t4toeci zH#q2c!cCG3#l>x7n+ge@pGoq#p

ys5V>br+c;(0ACC=v1}103wxKx zjU4)qXol9A=6E!Fgwx3Oqi+|}jZ8PuaKpA5Z zkPvh1dzqz1iE9(l8H*@tHD}L z27B<5i;u7WyO^ga^-z|Of&BBzAtcyMEp>U!oyj4|ucq|3;tnRX;)gZ()bcu+7g56M zmyvjlD%e)P(bJw{-|BoTjae))IO!JY-!#4{+LWA1) zM=;3`N2zW^IZm`|hp9Z?Xtb{QxZ&Ruvd8Wn6ao1q)MpPmy7|b~elc9uMYrUvk>#{~ zesPq%a))MhH3ede=FJzFZ`tq3w9L#3g{l&i89IR2t?Yu0GPGRo^?-!m<@k%my!@N9 znN!^`y{hH-PVZx~%8@_a*`^EpE~E`qxJt-crS)Rc)NaTHel0iJe(L$boPL7oT(FX@ z`JzxfyDJQp_;%PoIwY@H7_S|StGy`NlJP?C%MX<^x&>~~srR|UOLRAnO4XLq*&>;O zZqbL?=HxOStG$WMNHBIs*1V%p6%dR0&)~b27FMw!woDO;nH`5ozNy1P?7Poc_at{8Kq zgM)v>?a}8S7-s%DWNnVS%7vZrX7!dU-Eg!uhI-wS`C?NqF?0p?icE9J%c~8i&dW$G zSwi!vM*gd7sYCm+MNC+By*TjPj1n1Te&AY? zDyzflx+NfplJDzJt!Ch~?Pj0Zfsfwsz=3q+mhS7|Tq2HiC`+T26q9ZKW+LoFB-SI6 z8#N9yT03$_VLdw#jb8gB4c(|U^6_%zp?sAsxz5-1g>BMWn<>?#zSrsku!Ovjkc=Zk zS`|#ag0HIVkob>m#@)fF9OKFi!nA(>HbvOr%wEH|&U?R)`tnjaO|ixI?wEw?s7dYN z3F{RGA}ogsZ}wK}>$Xp1K-L6TPyQhNd~ba)N;P(@a?Y;m$W&Eo8ba6n@eeoZ8zhl~ zjC=QFX8Cak$M5s6EhS{q8%vz2kixmNGF4J&7*>1{m`nxhh%z|54>@kD#P1udUZ1?G z7VFMECr7L{%ffi=juofHv|qH>HtM-VCTA8#>ul#OT=xWM+j`Vfzfqn9TFBy_Qi=m^ zm$1bNOsU>hmTCs@A(OTWJvS0De#xoO0knftc5t;LwJSg0BEqEHi0;G$ljWn_dZE0N z#6c$5@_8O$1d(gI_(YQ&C@a^7N$`7ve6;cNi;qkM$~21UYA^PSje5Ij1xz|`&!eMU zN+ptUJb`RwiO<-$ndI~JjPqxTU!C@jCSN+F&6F+Ix%Fy%_N~Y(Hj{)|B6T4(fhljF zb?*<8#^Ivw=QmcW{$;&GEw~rZ%c|XgAFcI$kw_M~AO8 z<(rfed;q+-fN@px<~)ib78yFUO{z)i7?0gR`|tsXaI2V1k%IS`zrOHm(8db$M{XD9 z>b1~~-Gk7xEbf5b6q8w2I|3mcaVY;*?BC0V{@{hu8NPCkg&K|V`(5tldP{_I_AHbjDEvM4E#B{QOK zlAfQzj>TbEjbzwH2s`XAO+W(^nq{P)P~q*>8HGopVZ5Yclb$dJUuZAt%L|%i2UFYvukUNjM5@DRSG-#b*NWu?;@ zRC`1>dVL4ef!&!uq@8JStJ&14VWxKcSbUM0)LwmbXeJRL#^3ID{Es*cI@9sxLVzfv z$dsOndA89|IND@-y7F>|uw}PWDU`9ZY#@nh8)lD$gOhdlDR1J-E9$UnOq?$&jsJaZ zKqY2Le63PK`ABcIaQ|&MLuV-1fSMN!u)Khu#XSC3&-Kq=)5*b1NeQ{Ez2QIlH0Tnb zlDH4_u+Agzffb3VSJ7JVxBt67umiS$OJ8fVjO>_H)0kn41b#CA^C_T_dI$UU(qu{Z zco?df`tKo$tl)m;(pcqd3jBNg|NPA%04&KNpoz2Uf1N-hkgomz_|LtZ8zRe)dS9>% zKK?gf+O7fj|8pFT26>QBX8N|R-^^=RFFw9$O*<*mslr&bh$bU(haBkAE|6h9xl}i6 z*~}~};due@Hd1zpZihemOTWRq{CtzxuM>OPH*0HpL0x)VXU8p1c;nLFyz*_|eH-uzdH*s%La)Y0a?!ZGIlHKFFczwG~` z0;K%m>9VeZ#Sp(tEGvTe1zk%&lw||-DT}l4YA2MjVM^c4M40b({gNE^ z)0z$mwH|+F_SnaynW^z~cMt z>H_pzNw3TQ%pN^B$(%sBFaR53CWkGx;eMnFpu z8oqPx=VKypaLCHUZ!jVCNh(tJ*g-GZJb~_}^g_56g9ECEWr1app7%#3q;-ve zHWO(Z4j7$*_oV_|`8=P`Ffz^aBqRzHuPG#$qr>10z*=HVO4Scz??x+ndc103G#w{n zTCD{ab|`%pI6<@EW#E6UCG%4`b?q zGEycg&W~4kOVlTFr7$>Zz|*b`04q#c#IwM`{zcUoKmbuSx{e9SZtaX^Nj)^a*bt8| zc$XbetEbnc`T4@cm?W8WL_&M|>K4jJ2S)U9M3F`ZpdqoeFfAO8XjTfZa}RRzR` zK?JE!>T6K!6ttNHMGFl!bw9A0j1tvB8-USV^NcP3ILaq>*)*$^Y1_6VQHWL<4Q)W# zWnDk8@nKDth@EP}!2+sDYOjEQg|0Jb@eZAJ*}*45&C6`Ea5x={#~$Cj)PH)oiuZbs zkaVxi`5E6Ci#Yiw0cX&8O8E+~YD9e|cj<&?5UqAM3&0) z`vlC+B;6QrS5g1*_Ktt2um)_;?6W?y0h=}OKXmSaZXN?3+Mrx^7OlOBeJa!*vD#v8d=goQm>>>(u_g=xeVd3s za|BB-ok5f|hThA_2GG+rJX)+{w-GbI_M99vWz0vohe-l>A=iV5vM_tgAYxS@P1`9!({ckMc7*9!)^YfV$f&{{!=sNz&})%six>?0Cpe=C-y}#Kyjnh(q?634^R+GM^R`bg9p>1l z*00a-={V4P0qYOnu0g()s<}&TT6NfZgWqGt9L%Pi<-7oTMhfpDe!E48k(=_F1Z@jx z>{=7KYbhq{cIiF;_{(-DBOpnN`J+->SKPY0%2&ABr_qR${Re|WmM!tYBo$2?zjP(g z4r-8Mgr_x$!9`4e_?#@EmI#Lp?-Jq?YnL^*hW!U;p+ zqF4tB(V{>jZ_#89fY`*C=0_Awd*8PE!dB}dI+s{CTCFq-OSJN62Va+rzS%$zM8O~{ z{&MRIAZ&v>@5T){k;2wdeH^{sG%t+|u&Qt%#;NS6j@o|7&7cA0@cOX>-BJOIo(|S| zR1UTA_2+OrpuS6SQT@mhSIqyO=EUuGH!l>arm)u9oq~!N*2E00sN&Cz#IwK2zJY&Q zx;&rTeZ*5fvSBtb(W}E|DAS)W7OmyAym=k-7dJ;z12t@}e%5}Oam@2|h~BHSN-13=)`BG(-&Dljpic(R)s(CA5;^@m%J-@{zi zFd4JtrZ&2qNuIX+Pc^|6Er06Ids2Jtngqo_48O!k?62fruKaunIM3Lf!M?W{`e|7d z;@2yg!ZF20q0b}qqxBU!1_|9~?fC?q%t zZG^b_3zvDqT>+I3uFKbcinmCep-AwPK8=m9h`wbDa`rrg`=k7Z?XS2vogULEOL`n3 zBVNQXc}^GzY0mxG@U~bSC-=#U#K>Lun`^_wZm<_aXqHr&pgS}`bmiV&NMN* zwV7DZKVcp2EQk8uJ227D-&Z<Mnx&4fTW1V=Ye^KJfU7|5XOxeD3%c=;K`YMbp=!OxyCRW*%125%W@^7#`hIl7z( z{O7^z8fQ!Hrt55_Qursn_XR#I{1dF^#N`)%r+-{|V*HbI$g07axwSdDO5^yA!_dDp z+z7esO%k+xJ}S##+Z~P^ib05o%%c-QKov5bXxUdxrY?NIW z%kcD>A%G)DbvQQfTJQ{}R^t!BSn?AU*&9^<(EmB2qarDsAi;2BEnOYpi_G7OTt$;4 zQGPB?tJ%1_cvjCMLUCM@W6h%X>7< zRzxPlQIFrwx3Q8XVVxqGV7L83gU|xZ_ED7+E0w#e z0bMOkV0sh__`5q0TYT|e(Pov>R${QbQPzP=kPGogwnTo{@}OF^ zu(xoklxLV=+~n=Js7-Mv&5obmEPm`SQ83qx#%sneZ+1Sll zo55b-LjN}ezF8t;O{zdv!ct6HlmwqdwvB&(9`MkQDku8aR)awN9SnyvdGRWtf8tvm z)}p2g%Wp>VKZKSZ1*U7U;v_YgK6WPW?;vU{X%l{P1bB&H&xz`iLY3jEhGi1Ip70v~ zKIY-U8nZ?Ch);tHCSvb&HCRd$i*mr|lu&DAP3%cwEyuqjkN-)2{u0Y#t@eFuefUpM z_s^dA&peqkl+&z&d0>R4+Ycn^F^oC&1ue%0+?F%2vT`QZSRK=MhNDX zh@mkAJX-HPd6Ad5)*I-8hDc=Pl~P@$jcLChx24X}uSY zP#ZS$$POmtu$NDYzQ%qpYT=+?`s;1?Tn zM(K$=d(-vj=JzC7Dwd8b?Gs3*)hhJ-$k34*79OUV;9$KxnN3Fdl9)~PQYXGo-+Qyn zMAmro@4tkWh0I{RKyIu+WLZ2C5QGunM6O%@p0VezlsS+|O8qR84-2b7qF@`y>DT;(kfI3UE`?L^blP^3MJpOBs>Kj3f!Bm`w2a5uQ#5>C(x3} zSn=Eh|KbiD5j?Q0{gG%O8`(XyRWj1z*NK6QPj1Yd4wci5y_``QvUY3kG2xtf7s~dW z@(AIG^9a?*j~LPm_v^Yv=uu(btbQJmNRuJ2=n>t{)`NQ)L_t2rGOgNS!b?>e zBq67R##c4q*7oox`xfzSNcEqAzaYgQfEu<#)BHt{JXKo%Y2TZv#gYIrI#f`pcrSJb z&0Aks^$aF5Z36qjVta{yZ1_G|Y3H16M(YAwLhoJDcvnygI0d@#O>y}@71-KN{9D5* z$xQFA(CJ_)Hs7?$>;q9a^*7IlMSSSI*_ih=#%Q8(!?)f67Je7`1#hIcRr#2yp+KM~ zaQ&;@W_&7p)M#1d6&8SOAAra^`zRy*Y62q@lEhWlO(8a_;#Giq+^IG{gX|O=Vk+g{dOnI z&d3c&F(oN}uZMANNyhK50>vUZz_qs&HyqWgMeCyb2&Fo2C8|wK&O8UzgJ?ifl*pA# zj7qA0cEWbE5v@Q5`&0&$VdAVy_6qvVtBF53917=-Ml*bV0$ce?pwh!ZqyXX5xIk3h zZ>TzR4mfL?A!{!~G_5wk1&f0MuHbNw*R|(eKSUP_vsD)M99@c@u3#mrN z)HWz^Itf^PpmP276hrvvQ?BK9G39?QC`;6dsE&Jj3G6U;G{b@B_Uzthd?WGoi|e&V zK_Wr48gQw&FaGe}y-6OvFWACinl9%DB1%9dsO|r>_f}z5c3sr4Y+AZYT0*)(*mO!G zh)9D1n+`!Y4T6NUAT1p#AyNV&-O?@6o9+&&f9)rH{_8vbj=t;lz=NB8_r2B{bBr

#GA>j_;vqP9XlFP)gCKv=xB(f=1T8@*REMs3+hmQYm(k8LuD{rN(`G zY7BY@dW*)n{tJ~=(+ZU^txFTi0iXfWh(x#EhrXFlX}tbjlny#9uIRb5LvPhn!p|6@ zpz{fxYn~t%LXbd+Suk0emN>V{M;T>uh3Zju!`Bv-wU31v0(J+$fMymgu_H!;_HJkr z@It&W=?}cgS+q;Wk>nqlsky8Tj(6wgA`jT-IDvmT5tMvm%RkS$N{C2|p}?$g7o+Eu z6?ag|jJ&)zk(vkcM7c3(-D7d-pp&FgiGP{S-XDXc8+$%wiJ*$FW`j;LvCY`olJzp4 zDxTpwCxCc%E+r%2J!latCm+oJGdo2Y2Uf+H&?=P?^zOm!*KGJ}^_yqMeh$Be z3Q}nq3e~V-;!!_4a3hc>E`E?%UWPXKIqT!<_h$3p z=dN>mJCnex9+k51e{+%PS$Ketius#%!xeBGw}XAhi=QYxSMV(bj<}~8g}expUWrH> zJ7Bt9G3lrXa`-y)qUBatIVk!%@B;tfpua80vV<9G4|DrSz#{-V#YmV9jaAzb77D<{ zEmL&>7GG9c4@kTZ#>DLJM>c8p>nxvOasUE!P8G z=+*=B{isbi(+i{pu^3(YMCdkC?LbIuV-UmJ)*@Oq>7byhl|et!0HZCk$>yC z%TO8hlDy`5y8BYD^Q$t~^g!+jDl5pU%-Mj)V#BJT8v!3|*|)u--J^h~-pn%^9#WhY zm+QZ0wradOZ_*Kv46T=Ut(ASMJVUrKFO7Mjqco`eP*m!O5r#d~A*-Ra z{JvK{kCKhsQ)S3TC#1JeSfbvdMva&G7?!quhmkKbgtD8lo{N(4fG-f8fMSXdi(DbT zo{+JU{>=GkXXe)u;ts5zvTvEWK8tTiW@?SE{s83lrBUEF5Z7lhKnXR%%30Ft8A5@c zP_9ECX2hDEo1VM1+heFmV1kyI=>KbhB$4@;e>0}@;-?jbyytAi4DoQ8a*Ty_q2gB-;>hMz*YaI;lSR#xt^I4Fvc1RZ_#2;HVWjc#$ zZvP{X%VqUDDr0NQD`ALRs}x2jlmhme(f~ox>m7H>yh~e3wi-|@m~3qxG@cnKa)ow9 z(Be_Onip+svtirKYzx+8-PBM~+8vPy`H1hY8u_ zA;D;k7ppqynfHLr=c3aI?`g-!v`Cq0+5k!z%XQNilo&=sTHeIo@%uL4lK>^jhHUnCLek!vdO|`aM}067Bj1QC4C~!Z7{Kal&{okpPev`~lPhmgV>POc6u-)g z?eD$qS^EMQY51pNL?F6hEMfEQ!Uqx+-e&Ggp<#i%essx3_fT^jH(S)G7Ff1a(gK-Q zDc&>qrNFq>K5+537UTQ5le^1JPnh=~_Z;(Tesd44J!d8fRk~yYpmK5WZR#PnyJ=BwnF# zSt}3Ae4vEqSRm-E`S2{7AGUl8*i;nfoGzSh+zL_`49jZ_yfdWyg`N}TS#+SNA@gkK z(S0ZlY?*MQX+GHpv`tQD;V`yQ8@!+Sh!wsWw|S@fv*j&cpf08z#?jHM%-WBVBw-rS z-6fueQC#7i7C17ecovRG|2!&a691ipfAVw}vuLO|m!m|au*7w^<8`*KP31g=(%~7^ z9U#WJ0ZEjyk79~N=>B9Y)xN<(h;`djiRbG6^_K$Sr>s@MU1|Ldq=SdU5qBoM-^NS15Np^V4{X`1Pb0Q_f7w+K& zIIm!45Y|9HotIrXWCwbqDB2;%$7Sd2bE#dENxP_M*-9iEWR?8-42$(LH6qvU^*-=8 z*){mR#pfud#=1&FFl?f-C8+5_{)3cQtV$Y~%6=iDZr^RWPB!?8RnVErNh17~6DCZI z%7O3T^foG^_+1HD%W}ZcnSxWzLWmNg?P~SA{&jQm*Lpd}L)`3pr>4$3qT=^2d?rR~ z*U#1z_-~k}z0W9Q@z3_Q_`=E{_hi)MR`F3*{HpYCWqdOh%yy)zx-w#iZdc7u_z8Ts zcMy;M=_sT~Q6z#>goY}d;mm1(+LTW925VPU$azVY=CqAOEBUneyH+hm{VsdvMaU_^ z1a_v~&dZ*h&jCl~`U(t+1`pO62i<;dI&2OIw#+APM&^gU{6gC_W$!eS3OVMSxX)mP z)hI&0t5%9f@AInLImQ(~*gIl1UTV1LXHdaz$ zr*C#xccac9{YVq0$fYp-5cy_sl#eN}j6bJY=Piy(C&3d0OIK94EAM%ZOZpv8D$6(X zigp^_k$h{FwYJ>@s8=`J?=jO&6n}=Y1qYM9y~P-;x%Nn0h3yDm^%NBaJui$wF;(wf z^eYt-y*j30@3=voPe-%z0cdh+42+C>?`_NzD@0Enc38bnGiIQ>yDv{OByIY8(^o5R z>JR&kolFlFmi3;&u~f94jD{bpDj3 z^-|V>`Y%!XJao9FB#XOZrlpvX^>CL9zAoJ~cnSp(gi4EVLW*B-z4a<2D}a9!c6a{( zkv$;%1}0xNRMwKFzQs0Se_*U-YO!>TNu9I{qo|ghY6c#qt|}0>~iQu^?^J!S7Szq#DGd2 zv+W*}+}U3Gg7`93avh&1{(&Y)m?~=WP(_WYOy>=zp18L>uThZQC5W}4IDoxr5x}?l zv$eLvw&_LvIsEbc0q8(CiEE2sj0-t1Wz5=V%owA>FR|pi=?Q*tzmv@+CF%*_h)y~s zn!xFlm#n$zO4FwHVy_`skZBd&NBAvIdWz0ZHU(-w3H7>)QKnw#k!%TlI{!q=bM*6p zVC}@G3t_gwl?;*cRcpo%Z^^w=?Z zd(^^WM~y31abX1H(SYKBJUIa=feO!ceLjW6GM~mRW-6*M8GDS!VzXs-i6=$VO7>Wc zK@7|7&FycR7$ik$I-|>S$CPey=BCud+P?eJiyF+MtH90eb;2wX`H_q7T1%8=CTvMo zT!GC5^`q(Z^pYa<4uqQuLX;7yxqOFV3v@#I!TQ-$HK{?@Z~f*{lz=JZ{oyMu56gsm zTb|vA^Vz=wLb=cPvfrsr5U)nqqbzhrL?QAu-P!idH8LL6OT!n+^e7HqlTBa|nDne# zWVBh>{ao4HI1oi6mcK>>#@w>D3+l18gQE~fyq-u4A)mlLrJm6Y5|EAj^8R@MVe?^g zZO6#qY=@-sSE^H9-X|OVH^t8Oxfa->py?(r@BZjHqo1X2i4q@FlT18SF6;k zfd*5f$7AEi>2EJL+6BLVxPMZao`&3#PcLMR0lyj8eY@bw}1|9ewIy2LD|@kJP;!kqy2;$KfKfp8tfEH z@uhE+KCbh5&4B@tm7;Ri~mR1_RDsdpfPy3chUC&taOaqIHPMMQ+tNX*=_ zy;$;L)`NM*n>7@@D~E9(lqq*DM^QkI=Plxlm(RCtsdkAki}D!>48z0PRdc0W0pVHk;|JJ>%y!q}qPP|XjV-8W@=eP+$A2eoIK*dEa?1F(# z^a5Y;P0`th3f_{Dhs{+g%moLA3%_#$<#L&$m`astKP^8v<>q}QM22tr)HJVNNY{sX zUja_F=SNDFkuqwPGOYfF?G%3iYiC9k(csOzIc`H^^3W6E8N3>}N-meJuJ4=yrKwS> zdF+W_KAkv$8zq`iSXSag=cZYsiD`uwJ)Y2g9A78SIfuSZ)%WeSz+s2y3bncKvT&?c zr<?v*MyU1CJJ9mUWcuGC=Tb2;WFIg4cwJ)exIG25CTc_n| zv%l~YMLy9pNpCjjxY$U!$NS-g*0sR~$J7COm30ac--F63Yw3~k&|9tyZNYox>N$AM zmbsBNGNw|U&$vfFcC)ewh%@5^OY+WNX65xDmh#)x0x3-6G@@agJw?o)KeK5CbG)Lr zcy0b8qFR-4IF2eYd#CM*z$4~lzQwnu6~3rq!_tC9+3`T`moZo^cNL+)%{fjf0ZUmvZ$R^;IafyWYAg$1f=VJZ*& zfM_YG<&+-ke!9Zi>?YZzriXIY=Z#=Cca)F6K-;?{YShOleK&hUsv6%fJ!ec2Yzx!X z%u2|pz9-G~JXU6vnNQejN-V$Uf^x&M;B5D$LIZOKP9I`Lalkg(QFt4_?`~l<~}=elj(Yw?frpSpp-(ZpNLMR zprvWEqjtDJ6A~s`ie9gBySn-t2C1WC=WzO6?Z*(T1XA9I6R%WL?|06n>IAOyy-Dt_ zaP(xItn;Ndwu%e{+&3+DrBdZjNyAPOi*e%E0JOjUl2wAmJ~j0w@BFXdAU6hz6KhwF z5tTksL+@B{|QZEq2UVu%f8=kN@4KJU06j^_#gCmOnS{h(_vIh!}1!E6P z^(V>}uBrztYYQl8FkGnyYKFDm<}4;8H*p^-@OW>r0E)!mgX#h>13-PWq(AR}(j)H$ z0)tj0AzJJNdY<9@;Hpqh27GQ>$>-%vz!Hl20BB_aFn=*it?j=T1Y?GH5IG{Ph^_Bm z&Qf9EQIi%SE0TpsU#)BDu&0Cl9rcboY@UPC2Z}?;mT0e0@x`(j$$kSxrWFV&w0>8c zW}zU1|3!}YG;riB0E?p?G0Y6qRDlEPvK7>4A@aNUH5UR{ME@M$15S>^#?x8vR-n2S zz<$Wv6)uC=feQ)*wFSW4;u$|5a{w+xTwn$CcVIZ)nfYc&Jn`VK4+N7%n_>tf0-fA| z!5F^qTEhS|{(HOEDSgdfe|hl3q8XjS!EjE8Viu6;dy`LN6bXI-YZkTN`46)Y+XCC0 zS!;zc(2kS}o=x!+de}>X#GeIyNPPuKthItW(2s}xSVh(f!R#5G%51{nttS+F2`{lp zwg~w|c6Nq{$z^BT1`5Js;V90(USHNz;ty%CqP8zUM^PR+0mvWC&*vIA0I@)WTwlOa z;k4)|(~^-tc^2maZVDu5G)gNNURu2O7!O}3q^zH(1J2FCM*o|&Y%##bx1Khfey_O#wmj^c-xH0H z*+$UAvxqM zL)&~AUp@s&&pBW^v;dltMK?7vj{6VK$=PJcc*n;56U6fnxtt^oDa1(-%LEEiq?mmGVSQ^Wa+3%Et)DXcd(8J?`^ z@WpT)bz^Wf3#H$7Zo7Zm0bZ}6R*zo(PP7B5t+G~#>to6p6|A}j-;0ov>M4#F_ZUat znmq3lwgBIH)NDlJ!GrY?Q6|hG#fe40DbZV}SS8B%#*>Ym#%oDo1Lv)_Pd3xZ2a=f% zz^@ujSFvEgdwA;Ba@YyiZ!5Z(01e6lQ2UV=PG8!|Er63w>k;fk((m#Nj8gix0lF0CAg^db%haL_gvQ4Po;_BYFBR~wHPfWtd_HTbIP zH{m?A`tBq<8NV|1u-#vi+h8r$Xy1s^Rv&mOKNal3qrj=3CVGHY{uCZQZt`+w4`_Lz zz&FT@bc0#|D|6H@LJA<2IUPNVq88?0fP?PJ6o6ukr~E7k@`*bQxa%Sa9pK;h=oTL3 zesgOldmMQldxOoEPMGu)*;I%i46o-BsEri;U?`;?gj4xkgkBNyE-5FmTNwjYN9S_E zisKWni9V&N(&E(zW|QJO68kW2euf)BpL6+j<=PBnEC6-kwiKgQ<+7Lv8s7mAE_X^5uGdl9OTI7lvYBzNY=2ra@y2BY`NI|KHlIFLrqU0Bwv@Lv3j!yLhjvy3(C+uyMML9jFqX3fOkyuyY6(P)> zmkF1@PT`x!CVA3%yuT-7V%S7WuHq>Z6Ml>W_jw*J5iBw?pEIs>=9xRra9|(sqS?i%Z_8!n7(~#B6uvJ0REmw1>Z;1dKdU;7Hn6U}vZ{dEovdH#V#`(g z)|ba{*S%XTyMy;v(@7KwA(1GzQ8Do&b@d0iLm!7u@<5?zW+Z7RV6vqkkI`mMrVnfu z7*F*9-{K9hEEiG^D5=xX*Qusd;O*<`&FS5P8jqfWEQT0eF+wAedlyw#JII_X43UHtKw`>)P< z_Vp6y{>2LF_XF#~s_S1C<#QCc!(S0HV%;mqnY2!G%)w$1x%~@R5L*4O4>Kq6>VR)W zF@|Pe7v4u%0tW)RGJhvbM_~rc%ufusOg<(=45m6(|FoU(RD%tfbgP=Oi3)?Sc&ceFJldG=}o1U8H~yP%9VH z?WNDVwQ^SD0`DxP1XHw7>7QSoXA)${VQ9K=-9hct66IXg{A&_Lf|zX(gas?vvd-je z#@>Sx^7W3#h^cglV2Cm#?h!9XHTgpou&9*WG)t=A$N-HtUn`s}Norp~qc@Q?es7i7*K z^`#+gro@=3{SR~=M1Jb{rH-of&y+5orI%B3XkOxX*KhKV=@ilpQFO&>3zf8U<_Lx=}e*x-XFo(BJJQpvIaKnqXax%s~>F94>SdXn<+ z5AYL;49F?5SmQSMvt?9MW=LOx6N!rd-Y+nONV`%P_dEK302Cm7sFu-Cy>=CamFgdS z$Pfq(%;_FJv>h(bs8(ok{__WIONeHv(PI45v42rmtPE3DA$Q!K(Vx>MB!dfSW9$6% z7xwvURaB4}N>n-H{(~)5)xnkhA4kzXOrW>LY-C{w>>xe^@^34E9Q0u1RqO%yC0Z?z zXzB$430v5pvo}5}1}>IhpOEhQrad~?!4eWp$8C)u$4-cD0`P^F&{5Ls2+QQ#i>OR6 zbtRQ%=zq9_hFm5t|7 z8c8oL<@K{5rNgL(-zN8ILeFuaXyPWiGtC6SL>wy$w!1n+YF}c-vtnGA5v5MS`(%p> z_(|eF?yX5K-D7F;XgzNA$O8|6HeP1Natbyx1N7d%fG@zsPLx70Z37^#v~m;`KUCRR z2&IoMX~GkoF5}aX6cwtw^rB1ieCY#eE7OqJ&U5|=%m-{fVCl608Ab#kamikM4^##e zC^Z8$$5O|uPFuLYP7{-x!Wa1Fd=9H#4!v)v2hf$@2RNoJUX$swL&t%33H1SuhhP7i z0oXkuO~wT3ShE--wixCDfVJ|_c+um}F2LFG8VPccu9bzN&kdhck>nN+$riL4*7-`aKQs%mS!(bsOYZJgRV?CJ_ae zmW!)IZ(RGlk0)qkJ*Ep&_-ev<-Oe5|Y4 z{V_EVAmhLgV%YN`rHEZnyb8;`c~CMwGI4DH%$94e-#|i7E=>OJLXSVNw6{QTxCnu1 zhmw-^C3rQRGkdr9Zc*QNduCu6&e8%bHI!yDyx)%=p7lBVkyL{er5fL(wV^NdAOc}P zX4klyLA{_^`XJVD0jM9nF0#w!Ul_{uS%BNB@Zf>>@B_Bjpbhoi7Y|&a@Z0;;rat@a z3m{PmC$hH=Kz;eS2H#dt1e9tVq&&FSfFPL%4U22lbW!4_o1)_cc+!}m0D&xk2n!n| z!x>NadU2r_f)#Ul0lDn(ySYDcGsEp^q1=1%oIds%w0p$@MMqV{0Ej|Jz5tmx9mmt& z$VxR$5*q2FT7C!dd!QPW^omw;Gx$~sO~HYX2qzSHj(GhhRWf`&1dWTJfpjvu>-`vi zAu9~;3`JxtRAH~MqY-8tD-+5xxT2*=#}KK#n6G0C{qPt-@d9$>r$!Az2Wf?&Aa-E# zGw>lQn~Pi^K)KqMm>m^`nnLI;p^5RgcQ1f#rNf?5>rReS-FiX9gn;Yw zw$>qYuj}*Gr>zk@!aI-ZR{{JrN#ET(ZM^YCuA!~K-$I83-0b-Go{oOdSpcyWE@)|Q zRPUc;>b33yej;J{IUvZin(R2s4_q332s$`&@BWs zkMGZwL; z?h)TjvoEb({1IAe5Glq;7fi{^Uu<~p8svX>Pzeo7I_p>F?j>8MMn+rylCLb$3U!ejcrj zd20B3#)hiYxz+W=2B>?xB4I-ELSrK4>wUGXS+ptR%Kg1gNiAF|erwOx5yd3nHQbr3 z6vxgiAe-Zv|7hef_6WhQr@ud#T@*S=1GS?RY|-ioYtJ^W6Z}ZA?~WS=>wcRQTa)pc z+>o8sclq7p#Rx9P!{!NM*{@>}GIeGL8Sy>#{Ekm0Gt7d2A;I=8?Z)e_oP{74wF?1m z0{+xCpYjaoaJ3%mt4NP^|3qEt1FICBMfZt?IOIS^&BjH>{nLrV`a7KsQ%fXB1|Vlu zFcWovTTXenDz^X0@BTuMClKN_F|;XYL6m%J`@P0OFp+ zIgF50UY zXfkL!!m0s@x*Ln8buDp~{^<8g-AerRoOuwQrKokPUC=QW2em$~J_GkmK0F4~3YCcC zw2+Hyx%1`q&E*Tr#l1mS0@qBUl~}Irq|ZiDT1k!PPs+#LCLJpJ7LAjItj`D4ni=>G zy3N>Z@4qKN!i;F;ES{XGIJLGoB7Y@L@4fkE3lI%Q%!GkqYTHEfxNrE!E6295{rS~2 z+1t3bY)&EclA21tpV^uJwy? zJ?TE8f#?#g$8~43$W!C}q}MP<3?qQ7x2KghANgNPm~@_dM2=dQp>%jzD(+JY&W9vP z?dRbdckRZTX(QqF-iQ9n}uY5TUM;rSMc{;S|H`;W8toEy_(a5G2=~4&^5W^NZ%4D5XeT%MVo@*Jy$RX;G1uc7cX? zyOdw7p*3Mu*~jQAy>jC|FAf%n=Vc zF|3)<^N(-y03qtm1(0>LM?>+po_YW!f5D)+g5XSETRDrCYRg+R6Z%MC-=)2RSC~f~^Ix6A}PA z&SUGa`wtyMQG(15gp9#k`v+9Buw=nF*TcUU{(<`pS^z;8E|mZK3u5+r;I1BMMUK7w zvzI554Cc2R{c!2W^9SIgV5>8t__8GF>!XG5swSZR(YbiRBcM@B)QN`wD(*0M^1{NRa|hjq8iT zNL?a1NDw1J!UN=V80_`p%Gh)H-GcYrg{cAHdW}A5E>xd|i)C_1gauL2m(Y2(V4!r^6;d zi87Yi#~>7#Q}|_QxDN=MP(VnFfbd%yYt$%SCIuVm9bEv%V?55{GC2$3+5(XF@S|nh zDOScFOZ_+AVCr;(hBpYwLqHjKpnO zc*qYKKOi&nTY+I+dZ;>4Ut8j&KUjMFV49wd(MgnwB^a6?LVkz9)gg{VoE@fNdk zbfifkCLP@T2p?G>U?G@9GmMwkYSK$zWj0E0jH)p@QA(3>4jDPRufB!3Pl><$XT zjNlw7sE>Q>(nh2l4A8HXu}d@h!iU^wJN$w5l5#pc0%~AS^E~$x2`dS904}>O}_a&o(;YCeU3QU7_u!+XaNG+ z7=o9t1jD^0P9~qW+7*?M`<;H9YnQsoygn+_Nng01>m4d~%PE?(w1$a?9?-{uXJW%o z!$fgqYrqisn#{&yw@845!EkUt6UMG)*V>s#NW;gKw%x{tWa0VY2}wP&n6#v3E@AS) zcjy$*j7pC4XzW0&jMsL$1%k1CbR^l``PBYXFb?qtK@`x=XpzLCHS+?J-7iqW#mfL=);A|tY`b!#1+;)5 zrBR<)( z3yr#Ys%>`Ycg|)q;DrVaA;v{xQs+LC(fPZT+;|EyAMzdBmR+O;SWry2GOxC5EXE!^ zj`~%re+r^WED1ar#@OE7R?m>Hm2A9dfAb-Fr7~|NDXYIT> z$*o19$*r)vL~LyhAES{FUYiMG{CPdKq*%Z1#o^pL+eNI%dl!8Sr|vsm2E(t+Zr{~oDd84W(qFl z1%m#DQhGnr`DVTwL68X)h`+Cznd_bN;Hdkx!o_Z8+l5xsVn8a ze<&ysnWtpFK-P+*#E$wU&mEO0vFSz#7KUwglOQ@mn`cF>A*5st!cw?F@$STDGh^#f zxEwm76WwewRulZ(^P`REknfFb^`=kz#>qNb#T0B-m1uqlSzBMFT z>-q388s+n9MxL9?Rq0L+hSIP{GBqY()#a~_3UFBTS(`2K80DDx)V956F^?kZBdldn z(&)1=r1pKALK%T#b{KQex2zJ(8_*IF6^vFvTF^!?GUyYI3tBPX}*Daw(M50m*XduHTv3 z_Ppl2HcMRJ+7IK?LB&cDQdV`SxXx4ykS*oe-n8U{6`CPsF1C>vzQxoXCTclcFLMdz zrk~L+dAJy?7VBq=(${e^-B^5Lp_>_HkgZVZON)`EG2@AI?|@~}XzlXWGI82inO1+k z3@2hJO4xnBou_V*l+>nl(|0D9R=U%j(F_FT-X#&r@%Ei)ZesIyC(xH1-zuXwQARUH zbmwN^64;P(@XMy6*)bx8^!5&HIjjM`AUA^*!Tb(Mm5IBiyFE_+<0G$Cx7c{;cW@R3 z;)&8aB)h%`PJXh6@6pj+zSBY;*Acobz(uPsjur3berjQy-VPLXU-J3OWYy3L*+?T*w znSv)xm?+9$M?fhj@^9gv?s~jK`$TM>Asb9xa#|0|O_TIYDcV^B)P0r-*1WLwpw>Yp zkJRs*I0ac;Owx_d`I?v3Y#x0wDiTI)VkAxRa2-LIUk0DU86YkT8Tua zY{3>Wn`hA;>K*R_k;BB|AH2(#kG3H~Xraovat-*H=Md;o%8MYK$u<+>A0eUKyH*ux zmG=d2;$^%EWr|&Q^E-4mSo5>neT&TPV=DMO60!>&H^c_$tk{^EA_B%Gblvvc1_8nA zMkG_uUxx9y=2eODYC-OV($M(OK-O{6KVgjdCkAa_Nae@HK}nTAk;$Mdu+oV4*Or6c zW`F-qy&VW5y8GRyga4XQ053u6NV{tMMEBp_3M`QUQM1+LCTzw|0iSEfjF(`UBdc*S_mrA zB7-%T^Y2x~%9J22GXFP%D)2@8AD0Xypz3fT)g$YT}U$nc{)ZC|m zs)Dpi!Jb0=&j-3RnI~m}&X$rnqC9R_t8&a;5v18oH>mONzs+&9WG#*R`#TtoYRZ+D z{%kZG)l)OYFFB4KQ&DnWofwx>QZf*5{!g@P$T0Y%PVq3*U_1F!$&X#cfv9QExQljW zRY;=ke=jNsd}GvTvzGsDu?JfW<$nO59P(s=7{qJC`GK#$J{{WjOy7Pop1@Qr^`$3a zWdjV4zptheJ223<0MENv{JDWwv}xeFaIz|*hfNA!RPy3M#pQ%ijn?F|eZPg6(@0n< z$@ZWJX2{KVN!IC;mcqVar~U7K{Ee7q^t7k8)%(BvqZ_ZjH$m;Ut#Ag0nJ?Y*uPv@q zzJ*GSc=Ywq(L4G2>78{xr4RYs;A9$MRwBrE)NgR-`HydXB3s|5db3|v?|yuVPjGIc zpYrvkf%8Jc!lY5-gSoHD69(gM&yRaoR5!_$V$uld=*3xS`p#u3r8a)>UAd10Gm9p3 ztBY>8aZv5tcp@rlt`ZnqTQRr0REEa4+%IDOCIYgI(Fh5yykFwkOiM6DcA=p!Iy4Gn zK3lZ(fghFZD&;tR>y5O?NT~~rBHyOzZ@3A96VBAVz)s^C`uqvzeKPaKLMGG6)pA;m z{>mjM=(?D8HO>f@xZXl#)JJ9N>vt5Xx}D|BL-go30Rk@^1d7X5dx(78P)%HwuX zruBvirO?tRgcMAq1d|hUb^RiS#m;c<3$k$Diu>N8UDeBqG>)kbIXv+8;SAH9c9NL*2j&^Fi;(mmfDwGOusqCzryCa>^>LI9w zXspO=uM@l|j-$nC5phm>hD&JQcn7NH=P`0{y1Gs#>H4579}mv$JWyBDBfE3!7M{-o z1zEkgM$HXANA{tw8P&w^af_J#o)Ef7&K7@sM(oD#RQ(Pp>;0M`+&1O=*$?5t%{xvro7;MXfmN_UBoP z3FExD(PFJ9=VKmAt$X= z5(aV{t;wq=J{0tkI*Fm5rTH$QhYhsu+hvr8iWCTRiC&Vg2+yaD#}!U(jnXGNtZp5_ zTIDsuPzTBKQUxVtVu~bOXYzfMsB!`&f09;_GG|r+L7fEAXsh;OiNov1(h;bviT!mt z*jJ5S6X%u!N}iVRj@fItv9YE-&3I^6lcCPG3Q*%DKqK#g&6y3_%6u zw;mqDjfw~4MK4uEzGE&%Zs!W@pI2<14Sy-Wd>~TyJV^0EUGHjC;|*aeO$x5xrP=-W zoeob#x4+N~kYmF0Dy=T`E8lHL8qog@KAOIw&7SQ=@L69zUI?hd5WyBz@+XdrISoU> zLYtY}Uo0Gw4^9djI3DmJUc)ePi_YLL{3bXg;(W7%V&OLNHCLPD*{h3vy+?j~JyoGZ zY%dhaos}x(}F|rjhY$zW?6W<)aJA)=z@MZX$CbNz-jZtk ze_S4h8Ud3<2xoe_6El06nx)R5#p_56meNhyJ%(Q{Tt_!@4>buUANITtfz7c(CICkXQB;1-BrR_MS9s0URka3JTt?NYj zM<406b1l_V?6BI+%xkgqo6Iaowf$261Xx>L7PyfD4pAmOx9a&cACnyaEo#qVsCKNE|+XkV^VVz7Kt++&fXHWx|4 z(23@FS*Z4cFd_S2>U$6$ZCv`|oqm#BFEuK*m-{BM>AAV_)`5cutHe^&tyI2D=3AP2F6DygPSoKljvQv2Lw0|OPBO(C2txts-bvE{|t7PyG;tU z=eN#@^}lF*3Vs=7b_d3rYkyy(>6fXM=7am&BNmb@!tQ4O!c%}KvS5cy|3C+Td}spz zw~m^Aw}|}@Qj?}7r!69?kSgOxhebDQIcOLQS0;{K>L7-vV!sLVp+#RbnR7n=+ z`u&ftz)pnnOww+4M1pbx@t`Sp!S3?@C+5$ zT0bF?i+xg$f`ro|szghXOte*cz7Kuw~_C^TaR@15FE%5JwqNYNrocXK&57Zxg AW&i*H literal 182877 zcmeEsWmKHY(k@PrgaE5Zv9}8C(MdcXx-t;4nBh`|O=_ za=&}OUw7Sq-^`k|-s!IDuD7bY`l+r8RaTUGiAsnH0|WC?Mp{Az1_ojE*RS~n(yx}F zxIAkZ7<61KadBlCadC2GC!o2NEdT~aIy62JSxa>Qw|_6;&HMLg5~8yE3f~O!p^+|C zm@zQf-(SCAa5ekbRi8!q8Al(dx*YLaJ$a6n7QzweqXYn;&txRFqky`9(e}6s-M!yk zH5^TIKK9)mT^@$XvK+&DQS*@o#_8s^dta2y+(d;V_7a&K?oAOKeAa-;9!hI&PIsqB z!iFvk=31q0nDb-pnlJMpu{|jf3^l3~16@=){4Fm`Bdsp^FtXn`3Ixgd9MQxFSzG-D zBAh67IG_HYj)`J?P5pN|?nS&BG8i+4a2k1JQL(g4?M}rIk2eV4%5RBD$AU#6I zMRvm2mf_>8rC?N{NGU( zn?^TQu4^1~SiS~~yu#s}j!fGul$3a{;r}VLKl)*$%pTg6?G&e4k?QzU$tcH37& ztZz7o<>Dv?!!8o4ndRPw20d9Ku!`_%^c8n6Ow>GB!t#uXm`89nb{W^CG2Sd-nzk~3 z#e0oTF#7J&-B{B0vl`u^PG@+OUl~jjCo3bZ+U|1^TMv)Pu+-ZyTpRAd2NnhV*UVR4 z)6VC8cR||K+E_1terr4DGzrM7)}rKLWw(_l3OU?ko$+&QeBezsM;~R$wA8i@B^Qw0 zjk4P^N0yZ9ClH9ye9eiwl#W4{)WHIlxT8_v>6utyHdCJ#ABk`GqDpc4L z5xX@?l(853fpmeXfu!B~uTgcIs>V!$9?mj)0}5l9YSwDqKXjADafG}2amhZrlhIx5ZcAX`2fWLxU>f~z0SJWRaTpdZaO*)$!# z6-$%Mod_IXnc}XU^nHOp$rkZ6VXQLMB65Az5|Q3b2!kyU&Se6bw_=YP3oMLDX1lJl z3~gXa3gOu`)wfsyKHiFCjKNY&QF2>Q?|v=YR#wcu2-9$Xg8henQfey<*&Y(d^Nh>@Ky-C=!S!%>PcNyBk&6j}HY7kR$Yf=T#{rHnND z`D+%cEpkhzu)}L&#Fy)Dc#&B?mu6uvBS1Hn_u*N)$nlY=UVQ%cn()2UyVv^PUsQ|Q zVp@EMKa=YIW=V}ABQ}XCO!*#{eCQiT9&zz|SIYVyl|N**iJb@z-XBv&Mf+^OJV)tO zW+(}>&h6Vbnd zLpQG68GT56BQQ1%QQm#V?fSef`+}AlYZArz1x+AoH)%IYH)3PX-HRRx%4o576#QNF z$r8iVqjVLN_B5ol+}JH&+P+g@h31LXkT=Cr$}p)27YEiQyZE^zOe_4P@+KdO1r0Q8 z!#HsyE3r^&euKu2eQOyQ8=!KMb&_)Y`8qkkDj3vr`t1AEYI8IBJ z7C@gLdbV6?YPPlTr;k}T#NZv80Eh%>-?xyrd+OEIbMD$`%!U1dP3K+z$Duw zXp_CyCJbKINw!b6U6v{TgY1kfUA#TxOZusJyEv+N=QvIJ6V3Lrhxb8wCS{wI-5=>S z7V@18@)IK`UhcQMaC;MY^E|?}Da99A=Ma{q6zddtD%XpHlodXV7%&^yRp`_&TGf*x z^|6^FaMlpm;7bvJ@iS>Hl}GRZt-*Rd2%PpjIf>Z)`A znsc*gI&nEUGxE%HKRVq%o4zpfm~|IE<2c=Phn#sH+wGd#KFAFu|oJ+bKMSmaw%@{+&H zSQwDi0g_TMtW2eJKKk(OY&r94Z zIRiMr7VTqU!;7h0De2$5c|+1-W1M3uyT>-cqqE6EZmx-)@0BU{2S6h$Ndj-tagGPX z&&{{Fc1yd<6P^`b&v{x^`~p*jU3N5+iCpeu9@?hMs)7HqCp=$CRzX}Ln&eP;fZgcPj7Bi z^+Vr>R&8H9fp?ZP*BRXz`85{Hms`(m=nF4plR?@a7WUMS)HQt?Zkx{cCT6Tk1!j3G z78(*76FRPE`Nu%_gYiRXLtb+sm6dCq%gW6gD}CBTteW$hwrdg#)Qi)q1R4vC3l0~H zBblWfCH5NkYGkW9^?;oOs4kyw3)sU>pibY*YvEc+z+K?@2z^=G&{R*gI=r#eXs&kU ztYyi^@hRUmYB!@s$ng3cdVLhWI;V4}rrTm@^PIw8r>HjPYjo#78sLLWgrQBk=#k{u zc=UpolK*_KlD=b=pU|^zC+VVEy#H$?kWWnHqfXTHSSgw956gWkdFvy70;ih%f%1dz zK#dNFP`+EqUESgVm&IF)u(5~?W?M4c-xm+4p}8vECbX$vA|te^K!Ndj6}Km6H5lBrY~Wlv)bP<@v*XTuySxP|Ds@a_ON#` zc4xMCruuu3-{VLCoK2mq99*n`_T+z!Yit4pxd>5G{x#9RKYz;!aJTx;O!m(IywIBZH`~A7>+k6V{~C;6*~%SYt1V$=2e5bkC7Lih2RobK zzvlTry8a{SAFNt`vcBW~ll70TKUn{ggdreAeaL_DHYc2C^{_3hznP&l=g>bqe7~f~ox)c_Lrj!D%#sg5jB)TI(+_X)1Mi^S zXL)m4&DeJeQ`}a*J#;P{oF@V&pVoM+&M&?9xRL;{c&N&LaBs3;5Z{Wz{%?<+m2eb3 zBVUt0{@=U(;BaA)R_9;;SGIqsmEqy~2!F(CtNe%i=Iu9MOFUPSAt{NeQR$=E?tVRM zDs5O-yAg?YdN_Sgx*QL8yR_K7|H#rs)7h!(FoP#2_b<_|B(g4}Xp#i&Ih;b;!t+I@CiJyRt@|Sq+ z{)tEb+axdNm=$5oQpB6{_++hks{75t^>Qi67XG*74Lbmz&}8RHCP35O0H0;;2I7O) z3@o|*8*@QtE}gme^dr4X>|3jvp&pE3QmpF6WMBr4V*GZgu^-i>hPt4{Tq#+X8?L8S7t#488WP84&&WH&Zp#9r?VKPj#HhDsP_<_Bqd;H z>KGH)c98MH1?RdL#&C*n7w+ipr~0xh^!?t*tFf0Ty}WG@pODUiCR+h>g(ecT4G*8< znD%~$wa%Ycy!XeqL}xeWE^^5x=Yzz9yFXTwV)17W0Otf*<9yqv}SGpC$U;bIX{);$9>*cO( z9^C(0$CjsX9$L?%*p2IsTt@j0jrRasmgO)nTtZ( z0LFXj%_S)*Px{mlw?g#lUqq&h!!{Fio7BP{S1599ubujqf}argh!w@14%rfKcaI-o zl?o#LAq;w?8pgSm2MlJ^8-qO^WV76Ke?QEkRk}gHCUo4uzg6-22b{;v(~9a|mD%a9Bwi;@Czjb|4oo{K#zE4M#E=x1lv(fB>W>zWnh)v8X>Kw-6R@?hkUAu5wUx2AC&sMQ2Z%P2+q9o@w%pg@d zSx+tlFdU@nlo9`LzcpO}0}re}9I5@6vl4}W!?tJNV+izGJoHPIRSUe5+qKad(0c0T z(ivA+c>@|n81}qiKyTF#*2&QSQt6xg6?RWun8|4lELXfmg!<3RQ*X~q-c+&+BC&s5 z>~D^NOJjNK&tAf3lEY(r&3K4mhDVQQ zE>YW{Kc1_bW=i;|cBiBYdwsI-m5MGddqMJ@)hw#Mr;B*3GEjIh#liZS)Qp7JxJeQ} zHS3V?mxFsp6j)4-*F@OBE-To>xLZCK!Y(M=+Lo-)9k@Kzl)xdy6&0P~PqW#!^wZ9E z8G)oljVat`;ckpA*Rw+P-pzO|8e4fk;%jQQ&3lYF5RE~hvm6s>LXS`^H0h*)6F6A{ zkL6hhzEqnY>&pD?(WWCrdzIdBIg{?n{(U@IR>1}TXmCH;NsPv;@cx*1X6n`9fy0T{ zjA4?D=G&i$Hl{TkF`!9V?9odqu@`~Qcu#XmJ9PKe3x*XAm=F;EoCluE`i_67>fJlu zO2;A_Dbc+AJmPYbM_4rO+CXxx)cSBvzn^H#vKr1eWv)S}e94t=K&vS-^a^0@Uyg8j zsO`vGT>9>31Le`9I<48ad?{HGHJbdC_VZ_GnLDcHm;enjt?5}p;VH!L&9E2%y3f$r zhhxK>96}c78IoFSSHCGydIP#V_2>W%7!h%0W6M9qli zdfzpE1aCx#6K+6!NBy}?rhRyj3?DI;Ib>fx@g04m`_M8~t!TnOS@{w#Ez@!(z5eJ! zYvcRm-7Knt5g%e9%4u#JMkUk=0Vsm7Ue28^HUndI0Gr(%^Zv$WyTiSYmS6IT4Rc}d9)^$WlkO)d zABynCJdp;VVIhutNyo0be(9M)tl0WLx;A9+y$nb-%09y9ze1+KEp`+7g7Ub?Yro6+ z8;?9NtnbdX7>;!f|ARJO>UPc(%q_cR26S;dH}`j@F0-NCE_(l9NnsmbJRBB|{c$Z6 z%|H})U$(QWmiD&mNz1!!r)iIhOWRx$!b7m4cX`c`xf&Y3n1}YY87v-{q3q*|&rSgS zT4l$UXxF=F#VWTxV!O0&GBW4FQd46;C`{=uITRBL6iNRIn2ZIs$(wwmcTgwM!gv;)R=;wS2xj<-2Q2a3jl%D`^m8cKEon1DT}kwk11=FqRcne=pRc zxvpT-`T^x`F-NI?wlxTOc0OJ@v>;*r8hCf3?Q$ZFoNG3Tum`vptejDB#4}PRTJo`~ zSyTx#X)*9@I4|oCnLU@5|M3*ZCt|W&=IVYGsup6Ph1~8pEU<_|zauJ4U zi9^^MlX3Gop!)2qUH|^YRf3uH_(%hv-eiK-As_OPp%)e(SR~{Sxvq}nJJ)}fg3*24 z?woBh!EeBtflvm`c60m2E>DZ5?1}F2!aAroCo#}6L9V0jrHzl|^<^{*oI)hszUPLw z7A1z;&|Iak6@hulQHP5qaNak*@>{_$p;d9!&=!*6)B?cMY{~PmmTzj>tGJkmBbo)8 zDQ75*G4;gvQkVN-$e6dh$w7qM(!aO%fRmkhCFLu^8npvmlm}?)U1Ju zL3gN+2&~v}LlA3WGCI-*INC`V#L~V7-aj#Ny`YL^h>*6-$q(%gEHqz#575d+aER+Q zi}6pu{K)&*qt|+K;0kG!Smrkv-7zQdo}x+;d}p8|i^9$7i3u#9r2I5^HaT_lWTpD8 z2wjLPz3-fFs#@X@E)m3}2?vaXC7^+cPsm2vM=E?;z^ZZr=_rx0Asc#=6+ATY#7&f0 zxK?%zv3@FBWj*f1nAaD?4b@TNbAHlj1>m`aD>c3JB@r3t_%y5LfX}#=8AL9TqSd(1;+=DuFG_nSIlOabHt^DJc}nAQcfK_e zj9y#;AvyLqKCi@1H@|0@+-ncSsAq8?@>!(w2WM1F4a_!*sXC0!3?vvA7ku85e!f&^ z(kgV#)V<#oxVf;w$W7%oo42D~7W*fb@l%4M5Y9KD{Jngv)kFzoi^p1%b&vQv0WZRP z_=;r>NeK8DppNHnj*42VXg@&*xf-_#n6Yp?aY&O*h$OWA3+%AYl3FAuOU?8gJ&D|yrf?U(7aS#1z7;}*#OP>XSGvmwSCxqI0K}(mJ~rN> zwxy?cWt%pz_#n?!&W_TYb!~9GbFCqCQJo~nU8J}gC1|8HIN;H6A~|$a}F|R9~^>D0IISJlmepxPX_NbeIP$N(kOmWhdIiCU%_aJd>_K!xWPXKk1g<^ zEyFL z4biOM^nMFzmjifD_IqPC3Gq3ngi9Zc&^hiL^4Ta~IxFIUpq zf_;}jj9BzawP3BEQMD7Hjml9vBuio5y$u=p%*c9C#Q`QWpX3@$dl}k@v5Fp+5WsB@ zdT+ivs&4M!uPkuC(_C99>Upb|T!h^9)JfLQfV8+Jsjt^Zdbv8~S`R%hy{Mczx2mNa0JtBUt4Km9W zuPCdvELk@RtvX6!au55W4DblrEinnL;66X_(^6aeBQIsZ=-7NtO-$>4`2h>pX1Vdb zGDXc$uRA21uKGdcsyQJK(yb60z_b$uaYL5x1#7`sf34q0Z9ub$h?9B_rxO-L9y3eG za{q-x&ev?%-boUi9~!emdN|uEYKgzGT?q}h*MvaU*>qu8_ys2$R+=?FgXHE)#<0eu z*0hxN7&^oDEJTS8Pyj!+;(Q{-#mW~L7#$%K-94vWjRq^_{&>3l(DEY7HH_I%(muT` zsd8I-M*VO|_^VNWVHvacy`r%-^;K$P)p&~DO(bW`;y9ZP~VSqda z9{VgpR6HUx8Lpw}cJQTREmssri&wm}3nmRthT!{p8P;Vp)q&l{>vD!Vbs?F`>_bBLZYcl4})5d~3mZ7olK9R6$A?b^;%9=zIZy>3Qi&>8p6n0qb%A4MU5(G594-^5K zW3|gsqfhu1s=u#lykW21OWP@&|G9X%F(ju{Y3WbBFB=JJsd8=N|28>a5xvBERpF%U z*(Ai@TrWP(d=(nym}lhUhrD8|Y3hRMG6iiQOAae#g8rBS&p*cb>Go!&ws(-w{y2)c z+vGRPK2i6z_j+a@juVZpsXJaHPVKlwGW5Q}X^+WVE4$GMepS*|jH{R$UO5Rcyn6+) zYzkPTU&=!@RYCGB>xqcU?8jp6&O;~r)L26i)$lRZTCDWeS8@?-{mPLZf7fIZ5m@6! zLhO`2X-&5JMqvfXYl zqs0%b2d21=`_K3yGW|1)*%K$S`qfCGh0EN? zxHQo>A~k z_%~V+u2^)FD+?%wY+I1yeG;}(6LbSC%5^;j-no!v?59~PxXlc+Mz=xY$x)kO5tl?n zOBK()M4bdKaFphk<{yn$Y873*t6h0w!8m!yZ^;Xn+7szGU_1EC97Xxiz&~;~Jwq;i zsA!k3`h3A`gMxxmbmJhX^GeKJ1-sm0$+*lQ+tv8c-GBLE^-TG&HfM$LbU1`y@glO( z>+Z@vs-E`zVsL_N&a&3CZ>w9(?jfzE^r(BHpxkw>HU@NKoO##+**RIVZ(B=ePJEj- zrSB!QeUxbb1u|Z&%j4qgDY0|Z8%)MSZn}gbL9be7EqBnR?*1`TfkKd!K6kTTh|hiR z7SX9tU@ZY&*Hwqk(P6kN@X;&MCe>u3{42N;(66T_BH&kkZ|iS-Z#ozWsU4jrT*^fb zNnYG?NdNopV_oXkx%cp8pzNQ(=n3002y;$9%bZRqf0yaDhyD;d33?=Nrwd2>_1GHR z@gk(A=3BntHGeRQt2f6GKaegA3_d2^uT%|trlCD9MW?Si2 zP%W^5U|wv4y@Y$+-9&#H-^&XgwIjy(+FS4CM&*$S-cRo~A;%}?gTfIc0^ik07hD~) z8Zn_=W*o*#4R$!B9gmF@{M%fhU8Duz`=^Ig=G|ZMBOT`)gB+8J)L|D%dC?+<^QeX( zw0m!{R!i@3n`-}XQ`jo9_~DTW&nD5DhQtNdvvFT&=Y*4i)90EnXEjl2;Qj)fI3V;R zEph8+ZK;90_;HnG?|LGGw5K&lWd3AwR%y%k*_&)Aku_0UuA}~t%MJgeqw0s}!@j`r z_wCXX$uRCvSf^Q|*_^eq`21_98Yp}m(zQ70@b&jqlp%tx@9G5&*VOM@b!Ahy zM_PRp!S>~t=QKvotlQ5n%bYAIyHg!o0U?F!XP57XgiX&^@J)DX0bSRK`^!-7dOZ&9 zZlwh>E6zCct<>lCLi@yL}8tSMvZmW5wx-Czs_t)>%) zY@Jm0y)=Ce+?{-efGb5L&fkDCojOgG6vP-AWiX#kj(ujc^hywz6PMG>R&=l8v21k; zRydi3d$00P3wqq|&-fZh^&JByD%j9;!Grjw_a8p{U^)to=eBJ*$lQyU)EYDcsWhz4 z^4Lv1HR(zj^6mK6-%}fx6Q&6^piX7H{Z69FD*0aT-FXzi^9YwE%hKP^uDpX zIl+OhMVvf8MeYdpYmD^8w6mJNe~&F!lCxsC5sEiGM{iaVVpU7#MwF&^zZ?65OaKR4 z>hgoFJIeJ_D;DrmRz3Ux^V#{u<67#+&p}ZlE=W9U{IGisz_3lu`>ONYXOpjs3o3k! zeOiUhGvqe`zpdVZ!gjjLBWo`4&k3Q>NgrV{Lj5zX^mHcz>^QJ>kYJ~zB-1xF+jb`l zC;aKqbLg@AlDUB6(B+#G^y$+ZYdSW(<7lG$rQq}x?y0 z(QaeaXGbnlpKDXDDpy;QRd=6s=JbYLVi#2&a9@3lYhs?dNig4%<_3<3n%4HJC)l6@ z30uit+YelKKTqFP)Ujge<&Cd{-W8x}+v%KX4>qfQ*l`=Tx%N(gNgXg-!{Mu(r{4C zEaB?&PqNv;doP8cklSmpVC58_9`frM5FE#==fGsQ!bSZuyQ>l_pvm6An4`bGk|+ph zD*x#T&sO_^Lj_w;i&`%T+`i~f6IG!0BABZtlV*l{amICWaQ0~ONb!Cc>-Fc$1Hyyd z;Cr^_Wb*DAkCbL!ZraHU`FNI?A6j~K;}?mKyPNu2HHwhq1YXyoL@2B?r$A8ZIexBb zIraw$$-ti$;0N1fk2g<`!;ko+Cnd~%6jyhp?9xj(D=KYtIT`*j*G;}FQ6JB)Vb#1V zzc&Rdbwy}{b7BGeM~+OsW3v~w!`?hOsj6%xLrJM@4Y?UU0=Pc;NWd%RpGweLw5X;> z%;kibefP#4Z6>6`)ksY;nex}XGZ?Pw>Vpo;3CwkpG!3pJa!Rx$rz)rWxjaG84XEr(Hv7&jBcFicei)WuOQv+ zs=aL7kcjV!6`y5>IFblAWq;?hW2h!Rce|AUzl~-Fb419mpd#@utTDlhdd1F~9DP zm@*(pt?U>v(03lF@+H*Cb}}@8Z01J_*IBgd!Hl(Cqm59UA!?-D6EAI&W(Ll(4B>Pt zp)GkfLaIEb5q;#5636TG@Qkhw%>gZygM8k@{DA~N1DRv1?QOhp|BvR5Uq4(Fg>^Mr zr^U$7|C3pDpi&MY%Uq88lKSr!3L}YH4G3{?Tr+Qxm^}x#{b$$nqB|1_Z1yV}z|7cA z5@mxo#--g!BQtp>f$4ZIaLw;+3OfT*`Oe0W33^n_fP&B^`W4L-Lm^*j0b8(~LnA0& zRg*`|UEaCw`fFu#p}FVZ2uw5p*MYq+N6hPV^Y`Tc$+P|olda?Z1tq$F$p4wqU8g4R zkx8d3b>Pnl&R85RxvDMAzF^b+jp`V%e`VY_D2@yNNFV!QzybIo;o?$i-B zd~{_WhVb@^2iq5Dl^w=&zTS3QwsS9A^lP8ApYKkbc7zlS_f9}Q6~&bu7e|%hC%&Ja zr`9fRp8BD_ZOo@oGT-Ng=ZvDt!SD(uMV1#|tsJSr=lc8^QY&%dy%#0+o!QL-S_D$EGF~IV*kVbU-sYM zPU3%5_dm<#w`cofft>!oZkf(~RR$5duu!s4%r+C|ri5+V{*ucw>&$GswP^ftnGsHl zXY)LukRC+vkR`y!-SS#UI)e9WFRNe#pyjZF`s!fV)@^l~b}55LRunx(Rg!|c6RKA*tQ9NlkOjJNsiDcZ`WFXo?b_<8ethkaJezNmwc&AvXnlt75QYra@Yw)pyPvC8 z)D66Bz2b=|%&9YcA;yJ!_phR_tJVqo@9j7h4A=K51c~+Xx-zY!t4>|Ch>ix& zuKc99!(X)k`6_bqG-CQ-M4AtSON?=Y*0b~mPi{EwHX)9&NG8uE`SUvESpa2K_2N@o zw|M7jhzEBV8I(uR7sxQ(UY`-QWALYf)EHiS38TxHG6)T`9l5Sw0@;Ac$QNDM@uXw$ z)>?j78aE7!rTMCr&`YNH@Wj7%rzjH6T=l($r8d zo;YA{(tE#o=Gr>qxB{Bt{DaRjbGx9!&nsiW-vG0}%2qvL=#ZC(Vzfs8fS|t@`IlUY zmbP9jT1?_{&n)6{_29A3>Fx)?nruhuJZx$DYkGc;*uP=on=H{8L?>f|Tc%-_;MkOG zbel9dal-?L9GCoqPc-P>4c!liPbHbb^bbs(o)-jlLu~jduKrDS$m^B`V+#l--F`pM z5@N5gUujDQ5jw7J(+hjh7|HwNLohe(&;X{5rd(S9Ye`6e6Z2das~6k8IQJd8y$3$H^_4(Fy_%vA(2uNqA^CphSac?FuOYEmL_bmV!XLC;*rxaG`91+ZQ7(=qK|nGP|4DP?nbp8> z*BDoVd2H0Uu==#R!*~I+-po6{b&Cc6i!jQ{#CszBrMrha}Ku0F75G{ z1;YfuO68p09ZBtRntyqW^ZCoD_2%%9Y&o=0=_KkGB{)B)l}=0sbICN{O6l7b9l93k zfejD+>?(s7SB(Wh_qMH1yVOUX&=YsSjByL?Qc<^8@QPx^?|jlBa^Yw)7mq!ae=JzjU(Q~8mbPO~9n zk0x^0>v9C~(LwQKbM@fD^hLxAC9>{Mb*Lo5i+a=^FGI3}E-g{j`THe`IFWY;kIFiH zP@NMJdr*7s2D$W+#6u#j@0*naU1xdHXo5=}P275em zAPzrbCBTS3t7Vy5;1dqHxqH(m4zOM1C+>u%vz_R?OuJNus+Z?hDY8iyGP)!*+vU`; zcaEPZW+`OYnH%Ph*rvR!t+yKzdwN^CV_ScbY5Jzfb@bqg$#|mk*zHtRkpW4ru6^i- z+V@`-5tF&!y%`QOZ2E`r-2n6pp;6SET<$q{b?47Z8&3`S^pSurdy~s=H$DVVc$OckmE_4{b$ozLEW74 z`W8o#<+Jhn{bRi^MZ7MRRn^j~<{Ol!8rX9yZ`yX+Zk0H3w^A}(eVwX5z!~#{CYz=~ z_pPIg=}rq=ACYanxMr`N5;sTb<@6ggcc>8lx9ZmE3O|>+DyFY~4JfYAzL=ASGmhKO zA0-1H->wz)E5#axIS&way`Fes9x{Rj({!ZRG?#D{UU;MqPnl3%=_tddM;Yavnf<9A zYy6_>$KwHdPeuSmcEDjkifk6$Eg9RT*4J~KlO|!wwG;=s_rWh`GK)o+x1ih2y2Y{b z`arDClv8~45&dc1tppWhC$i2PV>VXrVRpa#d+OEjZxlL$AJ)tt z>H8*$M#cpV&Sio;wzk-SYrqv7{j>bY(Y6ofXAqN-?iwtby@TDxfln%n*JC<SLw3q0p5=nNUah-c!Xv@xsJAGdFI)DV^w{lr<8HLo?l+Qddx_i+QUsWw zpb`hvWIwe>IMVQ9&djP~7T#+{jZaTB8kNs4=}_Z7c^OaV$2#oHKVjv;n|Kv$u1&d_ z4yv-WPwQU1>*DSoVRb(liDIkbQ=WApr!Bm!OJlUyV_;fxLi)O0pUraqd2}tP?N0S@ zET!2V`%dUu_|8TQ93w8WvGuFecPc~Gaw3Ol^ZrWoppUF9|3zB-qP^Q-{G1v|6@uCgxP+F)?xkY7&tku{h?_Oqws9@X|Bew;6duE^qLvZ)_BO(5K*^f`@;iR8_PQYGvkR86nVtNeMH&U-&ec&5z z`ry6+eju-y4ML_C%(VIzfOpc|m-rw(iu(OQb-P)}78yPGZWj?*|eyMqOf`V14g zF!I&CdUp6Zl8}0jhTBmg*u0euHjtFXLx~L(vdmP~Hc@$sl)->PL4@7Si|c7!Ml>d4dgNv|t}k{qv{Qmh&} z%-5_<`Et3fRPR@QV8lcpWlnvHv*+{ovHGzMNPH=tb?!H~dJEV2u;izWtaa;yYgfp7KdjvIp@_vbmPvx(G0e z)y$c}g^V;j0uVc|p?QT#vm=@j&Wf5Og)2Pf+SB}(DuUq&=Y{%1x z>+Sf*`O1kF=3hDxyy)p{cPe{yj1g3U`{X%ZPA>l08H=~Z@LHDKu@V7;?m^DeY#_+B z1vNMV2&tHQT8GhrTD0Xa7hIXU0GP!krZNL>JIh}Xq%*-x-a{US%=+|NR>RV<)sxNx z*nF9UHi;J}Pzc)7=t1@J5CQ^vf3%Rtm^yxtTBEuR5r^c7k|~pz{sk<`wfUfjKJyH7 zX{n%%v92_8T2F{-9tA`b1Os$;1JY{mhscfD0Qr<;X2Dtx--lGM+laQ}za%mhnA$j` zs*aDaCo;9VEFqN5>*m-;%5|+w5>?jh6nglUzjkq!j!g~jU#kurGjk^H(=&(m9XMo# z(0v>fC~gkqib2v{P(hnZzc`e7B?cZ0dxL*(Q@lctr;7&aY{0`W56k}}#K{sJc_CfJ zAajVKK@Byi?LbcGL7^eP`071AVqAEam%mITkD^B}SD^Z0N! zF}Y_IRq54J<}X>#UR;#W*?NFF<{b+KIng^rmt5;i#z#Es5E2uHr!qc-$;=#I*^d;= zYCLEGqqnFXihF5lR$YN@ZY+bfd3eb+b+LZM!jtM5ggWoQwtW*PX`k(Xnuk22(OCYh zyD5x3>JtmG-f`rQI4O;@YHlnR*pOYB*XVLGy3VlO~QE^4YT%b#+|o| z>M}+g-syXc%aqtuTDW4z^gROgy=jT174@VQ!1E^y=DCmcgFheDZy$g7y=*m}dT%S3 zZvecH#>PC^n5-nMyuyk#>XBMq#u$y!bi0J$mhO65bFPAZPW-%fky`BmYg;=owcdMh zyqktZ&)=`?87QKE^m~8R=deFL)*>*~Bw_>bvVLktbM*=BU92l5dz%?appe# zItCE+hD`kb45XD2VQ+I5q(0ktZwp%uQhg+a2L^8B6ktGy-B_Asws_KmE!cX86))}|`1e`*){QIlEcMF2aFf^)jJCrcp(3gl0(xjM zDYaSAUNzar_G3^Ja$-nNoW6zr2i>D7mv5B~KcUJOut2Z8BV@%vybV{Z8>`7hVa^s1 zu;*p}3;}9-2P$|H9vB0tZFeHwgFjLP48{&n)*UB$tJA|~W`<05^`N&Q7J(}OPe0bgTY3Tzv*AK#IY>rJPr7@rK6 zKx*kV8cg2hc4yb|$~K5KA``Psa)6ki42}UfHf4g@ChN#Y`ytQ4={G}paNjn*4y`^` zbo+pbs5|p}FO5q!Pe_70+jJQ0;NIE)1 z#++}3wKlCHF_cZO9^70+WjOS+EpjaieZQ0FTQERmC2|RnFnoGEkTmHUIrSYy+)O2i z7fp6xbVi+M_3eqs-B9DO>g6z^$8m!EZEm*%%FTytO%*p$^TV>nIHR#hLk9bbL*{zN zm5v)|bD>}dzG{84%F5Z}{`7ne!`ffDF-vUqLKdra(!Ulqc4MHi)gSDOB)4JO9T5v)+h&g8ZU4^K zZ0{hJEl^Fshp=h;RhLcFI0Ds}8>E5-HV^D5FO*r`NrD9XJjFgjAv(%jk-kiifHuxFEZdev*Al~=x- zKAf#wJIv&oK90NKndY}FnuCB+xBUM+MvKs3n~;|s%c-M zOLNUN*EO+4eUstdPC29r8z)j&B?A#=(bc1!#uGNj9UZuZNFc=IIEHL~AV;|l&5Eo$ zU~D!FRgMvT034GiK~JYXpf6I~1x_V+mlDDm%?xRN;`PHjCjrR0z1bbl^m@Qzc{Tcz z?<^vp++OrmUFU`?6)wFneu*m@X!_DtD{&C(YTm&M2~={4Gm9Vn2KI?{`smiDT4XU@ zAtFHi6YNcshl!h%z`v|7K8wh7Z@(nDwQ}wB_BVSBUBE<4dSbm-UZq%tdz8iX z*Sda@92QNgIa5*sQmd5{%0AwG5?+VB|3c}d(464!B;K1>|6+5%=b+&4tD~ZqjFMKF zGDSOICFvm_==4w{wY+Y57>&lN+S@`gRJ>O89Mq&<_@+`!D$m_?iXmG04#*)l;mo{C z+HinC#_zbcKl{Z@6LrHr%phJ+jTZ9;;+MKqul8l1phm}WF2E}z3Z0gF7{^R3#Y}wj zw(ZoZb6h5Xj$&xldM0!BE&p!P(Gt;{grWP#yvY$xg$d|8z*3VR8?)?JUhP_nl5)*v zQ8A-f;qM^ld9VpI;PU=T(GO%N*$jL()$kL*isBu z-=c2f&js-h#Q6cjOkJ0E*nDax7LBvr=EO^PKV#i~k_;{284N!+w(evh!?^KV1Vb<3 zb`z@JK3)g>p3!>OXK|boOYV@%votX4>Z83mqo7>ZAbdRvf!>v38IFxKRHC=j#DSLn z3`dU&sJ^*GSj79qxNPmP{MFs|D7NvNo}SzI^_?!dJWX>z8xo94Yj{*B(TBy3#@4#7 zcStIh;u$)CBs&3iSIhila;QY-u-|Il0uW4BYtQBXI1Fdx5N}CsQM0mJh9aX}u1Ln( z%**m6cQY&~WX4yLop&Qwx^*ull?ROSHY4ztRwu&Jo;vVGmB-5MR1ttqvc?V#7e3i( zMa+3|`_$IJUGM0WCXkG{lYlwqfQ#Steb1Ff<)!gdU9Q5%u`sUb^^bj*x>g{=_aE_@ zmHm0%iKOJjoQDl{2fZ92CJ$UUrI@=YAnhl+MpLc7*m!yJwe1w)=bdVg2QWHw0GgfB zx2xM3zQ`-RD9kfV1?_d$;d}Yx!_{~-mWs4LqmK@_dud2Qjfz@;KGBJGr z9Y66Wh@zAw6=^8$T~d}pW*mPlkyQ#cG&Yv=JoG@9Ios>VYz8T)2^=;l{}x%^E#8Dx81%&L8P)4Z=$;1qFXAoq4YQM|TR<_ZCS z$4LEDZW!fT4;h|)}J+Cp;kdQ6LJO~7zBQxv6G6}2@S{o=!)??^ zxH`Hx6fDdBnA@^E-wg|vJ6%SZ@uWLVe*m$f?dSLOqz{{rM!+Q28YmkgcYhr&cjne| zBdoTXQ_kbwFFM4c9sShcc}mZBDx6`rrs02K3o9WW|3QDzMbXHl0f!IlK3lN7cg5;?{PtKo*Rwxd?YDQ~yEe-7&8IV- zEE6yZr$Q?z`gZ2poFT2$f4MJ_l-N%wMIvHC+YxE=@V#_-uJoI0!AWepm=Q?F32lyh zvuA5LU1eN*3IlSjARJmwj#1zxtWZGlshWz5wkylvSSE49b{Y0_f#cjuxx;chS~LMkqa>^1YiF?G2hts!8^i`%d8gfx zw*=j^dm)LYUFLzwM5;fJP3zlV0t}lh2>cL8>c8yE&~31#>$| zEdb|^`cdm2^D()*?NAD|%|~K|x@vjO-%dngMEdt3YC4K9dD+Rl68!u*rUksm@V-#z zl7pgyxEv{6Cq#LTLH>|>NZDFD6;*=6#n}T$3NV|Au8pUHe0CjN%QU*N$KgF;gu&*R z-@3U!;Np*yhI#yg6JociL6J^1LDqyI5&7&Rz2+6TV#U!2G27FlYcq&;ZH5{?IjP{X zz14n}`pdLbD43h3!*d0PmPX9+quU=RV{t(P`v3L;%1U_mk|`xN$q4vI-2Q7H&eDSf zpV)?iE!B6f`?tRI4}8->{YR>XIb6xVoaFy0`SbtqS)edL2$P;F)&KYSzx1^~Z~x!W z{Xe$(mpuP{`@Up8)=+_{v!MKTnEY?X;ir6$so>Xepkn*CX8AYh#fJw?caG9u*H!&L zJ92@Szb8%je~vaUeQ7JK=G0 zBa4d268qv464V!U)zp%QUY5l`+(7cVZ;ls`!ZDbu*DSR5+*0CwDUof+vw)t9iI*?@d75Q>!FO-l<#-@gkyWLYv{AYfx# zx->iqXb`HjOC9BVBTBt%xd1LHlGyw}1qB5}n2&y4H;Vv%BOOgmtQ1!3h~98aPOLss zSdFZrqR)l0ne|+8_4(kih=_<>^`xzZ%*QNUr2t5_He5H?7ehlsz5}1(xyX@7^HYfV z`sF3?Asp)?I@OB6oxJ}r-t|`cIpK%u zK7Y^*@Hm#qI&+mF{EEd`L}x{m)Xan9zWwS z8SS#YSwUSje#~TqgoaY9?OTqfK0CueV8nR8F4{2rgukXtMw*Jz0A~-O_fG;WOCJ*) z;{6Ia%1Rk7fPZlTAN(I&keSH;K#7V9H67=@+IoHa-3!MF;4o71(|3=XNY5la~AJk2IF0211LHq&YP}$oD&~&r6 z@ZT!ye@Gk_d;iMNM*Y{oO^5R}q7(1%6YZu4QzZFJwErxZ4p`3C~0^*5v=uM;~ugx_G^VUM`@+{I=XQOLX}8 zU1$n{_7k?tp$W+9qC${^|M%uCn1(!S#pQVT?||^qf7Q`J17E8bleVm2!K>iACX-@Q z-5;i3PC_66Yl3bmG>4+MKhuP;C~C)KDa|^`IEWfpvqPrvYJpozU1CeD_=;fh=t=Fl z{LC0(G;|TZgMi@EFpE9j=q7u8k{)DbnW~(D5NVBDijkM2%{q|S+6N;CGnKngBFoipZbuoH_J#^P|1nT8!>TG zE7K>9+D8*aE55jE6HbaY%t(|3LV>3jXR;$0tGC8!b#u$@246(ROWoeF2P>LUS0)uR zk@i+g^zmFfaD5N1=;9(6Ufk$*b24}&%!r=_qp;CuTRf8te`V^xGlB4>k|MwjyWQUM zTMMbm@Ai8bV9>RWcJ+4GYdMjnM_Z%srJNm5R%<3#mCx?Z$^2j8mg<>hp_}~IU$?(ERE0l2GR3F$&_9Sx zY7bNbk*!Vn0VLFz2H$OwY60$C^n|2y;EIMXFVgD5ql?_j#g@`vpu1pC+}*rh9ts(q z533eqe~F8Np}>UO08v^aIbF~H>UI{$XK-1jk|MM>?fB3cM-TuAHl~4Qp^beAWPF73 z)Brv9%+7w_oCVS&DsZ>4vhterD8{=o4WJ2)VO1BU(GU z6&usqfrGS6VHU701Id>dlMfVL?aS%ZdpIPy3+LFXij>6@d|K7f3G#d~h(gwyND{aa zUks zyAH7Uv!gyM)fUCTnQSqzbdQpqxYB8;1Ys;PAuF{>?UfaeC4irmQq;0?zK(ilI8#tDqNDIVJJ&#AeCa&)THjZUzt*bHM`Cy^A6CdF?rJL3rP`8%6?!N*m@t7f zyMx@F59sMJj)#_0izGq&v!uqtHNtSZui;<{LTbOVfepXJSuQ05zc46!FmP-iS zuB3X~^8?QJ14#Y%H*8I$KN^a0OY!b&py>6V*Qp=FDN>)8QI!Rv4V&vc{*4B~D^ zq?2_%!#*VN&RQ_A-JhTRIVnCO!h1>Q>|=Lb zNH^HlPNdb_P_Nm+3kz-Thb>{6p+;_?~0R- zGzcTlnwIa?W22=Z%_VQ>%+gG|8Gs~vKGq3kQCc=FV&|y=>2u~^M#94uKG@fXIbO%5 z`m_$jp>qYWQ{J}xIeyl+wDd+M6Q4~iWYrI@8-tnJn1a)(7or#wtAdJQbcZ0UaGxF;O@=EdKy7u_GY-?u z0VfpQ*%U;~=`q>~31g)qVHQJ=<)GMbe+qsOsA)H!_R|aHZ$H)CrrW;Uog#!nYwY8y zzG%|g<}Tqn?HVlL=Fb!3rsN3a^PK`F0S;_5vSA_uVa-=5(aG_VnIVQ`YMH%3F&orR zUy$`iUiB?_?NAD*&-@hT;h&2=z)3PNjatSejZ~rty9{~O2K4vKg&pJg z|5)i-d7W8})A1$dlt9RY4<{mb3g*&z(7|yOLsdeB_HAgb`Rfz4N9HffQta=gTp(|RRcay`KQ4vUA5t)!MY&TNnav+XO zAw&9tU+tSmNdDTZ_ll@q;}@5mEQc{Wx_enLdc%FX>(l-3&iOsM^eEIaUDoQ0T;iN2 z+dU1tgW~%qJq|NNANOX2P0!dNveBkU5vkK!m(+CL_WF<7ia`puJ%}t-5Lo(Cqjzp- z&)&x(V8iz`8f}(l*zt`Z7WnCuqJ8d3@>laWmlw)VkYGzp1BEp*``d!4z_GL3!v&~O zAxpLy)AAdkVXxef0@T|>rX)I^?7)x&3WndaAtuQXTShxg{<7act*VY_~Ie;)F%i61CV zI419K+<6653k@DoX1h_HN>m-?knSy!bP>-T$3E>)SV}dAi6v9lmp^|I4}lidY1Gql z+j%_N(H9Yz6N6b(3vnRpn)@`m`H`0N*Mm#pVq1CmvR9RH&{3-uMe^R=kDVln7Tl)d zPezV2%uCQ!hefsWCpG1lt*ZjATf}u1KVPxmyRYQ<)v>E@CSw1X3RoI zIhw^S`5B@*lE>-$%~jo4_PP+rYij}DcgR}mOEpCl##wQAX&22&K(RZWgM%ldXAI`~ zC@m!ao#V$mFVa|E6P-tkMsjlohvy7X7i9fIIdqDn3qeixR&6JYN-SmGG|uf<(i-&F zG(VRm%ne>t=JIoY1@?L(0NT}Uf-c`T@Fte{RIo})$9{oE8ZxiDxz;r7!NHE&Ov&Zp z29sX-5nbmowC9#c#p@pOy~kUorl$|rolEohZ=y{=dC8fId!gPv=k)~im`uxoQRTUs zsXGJFM+M-xDc7p!6+Ka%?aSnH>MJhr_105!j&vrpU4v)xl@ZLA?eZ}%>khAvPxT_( ze%STNk_f;Kw`Z^B2W{=LqD*&`;_hKj76Qpjoa*>rE^T>?F^!Pc5AB#$X|DZ3e(Cr zEBx#v1?`{4cN}f_1Lo?df%U>TCbMYJv~m4s6I{zN+S{Ald=V=e-ZPiP&loOiDVrM} zrLJeWm#_CPra(t2==y_1vj=h`GAh6`zi#w3kGysev||2n;HAwRTtWr$Z0=RHm;l8B#{1ea)_F>Ei;vbyXZyLXCamt$VQmUhp{l>WZ`?sJ`;e~ajos5bO{|fKInwkKEC7; zf+MBtN`otI<>ON}bH6#apV}#_+sDYWZ-Fg`sW)TwqLSO(H-_lDZ&sb1Lk5=o`Y(L1 ze*p$^?Ps7exPmVkUd#+!p*K%6aQR?y+R)7B4>Wr=71VTJ&APSxa_Do)7oqc1T|+!B z1v7Re7ZWwc@a`-apSdSaD?1nCi|@Wt^eL9w%}`75faQ$0`6Emq;3L+M^>qmPJDV#; zFBgu6x$vfmG$)kXWQ5W>NO)UasMN#twQ!1T*4q(IblB1+*&3dV_Jx%r5>b-(cu4Mq z9_H=tA0H#;ynb~}1fRx}D1_+?_c&;S<64FJ{QVx2Xx zu7x@{VZpk86xO`mCtXbNaW=dK6FXRgoUo1E*?cCPuQmh0ap%81(+Sa_8EC)C^az9A zshk*-D6|VHM+@Tz!r4_Bo@086rIeEuVDt z2Nnl*fYq#1Fr(`Aydf~EK!h~~7WhS$+lKwo(Tws0h~|Rm!Fer8;;DK|Zu=>+7~Y;U z_M(EiVU7wtlJ`zUbG|T^xI)EUpLEsh7T>*r9W#^5g?Tj2(|3==u_i9~jUB4!jQwMS z1?b|DSLC&Y%WTZB_kc&Lu4bZ5w}dYu zU^&tARLGM9FntlI8|60-h;(!YuW$?R$4cUuG*FL0@{%W>6nvK>e!%jzNr@t z0fB;133ccx{u=pF+_ip$*P_$A;%#iTv0YR?{pAgHe)){g`vW8tT2QgXjsiHyQ0O-~ z@tNe}>R#QVd4 zg5UERI~qGV-o{8*i#x`y4Hz>r8jtR{v>M+Y4>OLjlXgBvC1LrIiUy;~7GCv_mcoxA ztFg<9Td`V$dh0bydU3WF4kd zBqiltAMS5}US3)T&|jQZI~lQ1p*To?W~AH-P&+Vp+CRu`EBFJlT9K1UtzDNinLj5JVBaQ%C$w;H1N`X9A*-BfE{9W`BKE| zgkuzc!-n_q>8=f>a@q`9#L>EKPNij;!>B(LHb_tTCN}e_s=qTEtX}wQXBWMQ$Y*!+ zs$z=EU0qAeIZvSYOSa<1UN_PUaz>2{XkTx@)+)aIWTj;45VIP2ui{Lh6)l(FAdWm! z6Z@|%5Xh(xe_XX#AXgqHLo?I!G3H0-UiGK}FWo^qcXB#@eHN>_zcwE();1p|X5_@3 z1;9@mXt2O|*?o+vnVw1AWDI2Atom(QSy{HDHhgW7uC|lVj<{%V8Pg})tf>-05O#{g z&0_YTo%QC>HJLkSF6*6Cl25{Gn}vxu2n}?(W^apnfg|yk-b#_AJN)MPO+TEFD7yCx za0*0?h=MxCH_B0IWT&;Zu+TRZ^?wn33$x|66l}mMgr|ks)kX~va#4Iu<031I1-vl2 z_BL<<(W+}JwInf4wV5znB(LOBn$c?HLU_5)4Xzns7cArswlse6u{MQk2LTetM5^%> zr39dQN1Z=pYI`tydTw#g(*)FgvUWpBWufIWr<#$Y5MecvNIgGyrFUfK8X?fvk1~X> z)m`y(%uOv-QHLSuMvI9{^X(w)!>p}2nLY0IV~K3)o(Qe-e1IWcAyD{e(7|X;Xs|%V zm8A7^nK)8+_r9)LBHvs->>}P9LegsAwWugFI_0$dMgi*92>S{X>Q+a*o*tL+37QzYMfu(c6Xc99G2ohEHKBj?;@re$r zeR2CWoKcYK4Z6EM!$+hR*N8e$9Yw{`wG!UQP+>T~kuHMOaIjC^deUcf&p#B|d7{^n z3VYDlHM!Kn+Dr>_eBY|@KQYrY93xa_@-D%^0|ue#Q3cKH$mc5s$;B$hzTNmrzlRl{ zp?|-OIt+7uaZ*7Sk{rv{iCNa^AEE+eFRW1-6r+}juqNwo4jduTkK4c@VIO!qSLe+h z9?Y`Cyl2j-YD-fj_7BZ4W3#jV@eA9|G>t7#dpzu_SAB7&m0^`sXmhrR0!Y;RsB$|< z0R5=xWA&9gklL+$)o6>xGJ?J|_$8aa0L&J*7;{Ba)LbkRqwo|&FnU4-CKQH<5A;7* zxk$Us)2f-nqjEGby`G0Q08iQq`5F7madCBd97YIla+p;_lK|cKZ=k)V2%Bp7a2XkX z5Rpx2D=@{J14Ltf<*W;$lA{85T2+NndQh||s#?q<1LNGvLY3SF3lzOzG!-XNzHOJA0ZtjzkuTZl;W$k$uJm=1pIB2I=}Q z2aa}nkI2ZvZ>r~rD?l{7Bn2dOTTyDvT zuqHAX`p*?6SkL8%4nb9hV?(J|ZJ^VWmC&Knri59k*WS{CZsDrxY5ZcurL`uvPutYa zg?zRV0>(~^sJ8Q6d>DmMiYC!7!(KW6O@l9r9trSH6&FpRJ+K)PWk3HkY z3{C9mkzwtXeZqntH$zaBsCl?fb+_Uww6HY!CW2kls4DyDr$k3y07i4BRDGCB z5Cl@Bi!*wpnz2?b#)^09fxvxbw@D6gwUHs47h%|I1MNZiu9ego+(D0RyZWboeDq+P z0rBQnUFM(s0^X^WJ1IXY$c5x@4R3+&D1tx}86%{~3v`k*H7f+L{{ zjH?^976}QCq1$=fySGWHX47}MF1?mSF#C82lt)vwkyR81qiCtxHc?L0kkoV_kLJj^^Ar2aHn!7vnrJiuwQH?|2l7J==v4yF1OjB>$;;KvwkK1jx{v!UK>yFB6d=PUCk>^gRaKn6ztz zfo#-3(%6w9IgPKaWEZbF`8^LQOeaqA-?|iO`a_dbnT9Z{4*1+o%i>km$cN+c;{d5V zyhD_InMUz>+$oRxWoh%+PB13xB%R$&(r_;qEez!FOVk*I4w0Nw>@Rfhp@Ui**^F!j zqK@a5Di5P-XLX0?6;##h@2*$zb;ifZh`~Pfr<026l@}w&aBzd5?6Xf|&{m9Yq;BO& zq~hM-Vt-!hDSYi1t7b+xP|V+|JMgUUJ+F3uNZsAK6m~A?Dr*ITsduE)O#}jB&Cm)^ zfLwi#Ojyd7=GyKIqDz1RNd4^#z(nhzsmFXKB3P6`5%p=DG!Y>*^o3L@nkP<)m<; zk5k&Ehl37S)eHc8Th8Y51Pa!jVrnzf8f>oTS&kgsb|oXu$JBKPnx^!v)w{jZ^yCGx z6@kSnFm)o29-2w!S|=>0JEB99*m<2(;UIk)te=1iv|6u8>j zl&N1P3$jy3&UYQ~l+DkXYxV)m`qX;m4$(IVZFOmA%-Ev(C39oU#XYaCW`dU7lL1(>W6%}6~yVJuNZ zE6_G<$ykl?my`lnDyJK%o{J<$2>BoQEz7>>N$(H6?cM|uGf?nD80DQENjgXg{w0Qq z#?8Pnno!M|`G>#yi>hst$d%V09AfXLvE*$)o=JbKDY@i0(j-wBPiEY+sa7Uob)=d8 zLDZE>A-ga-2sAZ2&*XID%c0U7zqa}EBw5C4CC@-RA|74bI(j8-Ekr7AT_b^mK#Tl@ zm@fj-sYx2clHu4)o8e=&KPs>GShBcFtV(+Y!B28lPmR67qR|%|*0Fw3Q#ZC*O?dy@ z1*mcjR=+`>&uBqr++p;(S!%FM>S|ZED-%oQg+1t^Z|{2;)PK~0G;&>x@Q9LEjDna^ zXR(j8T+c3p(XphSG(=+-xO=+N${Q4XU^!Dt<|w^pix@ft;hA<&PE8+k}RU+rCP;Jr;mxd1Mg`o%2nSh)2Bzas3Gfo}j9qQoL{tqF$1;0n;w5;R zca73GSpT{aAw4%eax>?=aA<6^V#U~~CtrOTaKIK2^l7e4GMByzqTtDXrU*1 zXIv3!jd-CL&JEcJXO*JHMe#UVf-@Ua_ZOs>5tEOIh5_f_4pB3-K6&yEMza~9}KYcsZ2MlnrqOC86y%zb2lL^;HYd`wVc2j(Iq$ z^HlHqsqcK-&Ba`vxxURSE=l7JOxID`_38EQFh7(dZUKGC3pveWSFC2ImrbsQDn2!P!Wcz=^gBhqp^$NAjdV1*JX%;D~U zfT?WW$u&-rw}V#6ufrM%%Z?cA9^)*YDF3hDVS;*LHz#Ih06A&UUp5IPHHkctDMP9H z4^J!4$~({sA1V>Ij?6B_I73R-StOgy4GoQiPF!)Tr|&Q2czuc#xO$oxz2r*`qE|`ls`r%u zR-pHG51p#Q;v~pgSfHVV$Mq1T(7U%DIuoO~t6JVUDz6fwuL#gLNE#D~dlhD=ZFOr{ z%-z}oXUFI2;vY&9Y@epK+DKrUV%)dzafEWWqV9H0-zUoDjZl#ThOulLeP4q0&CO`4 z3gM3QLR|j-=0={)8k)Tk-^DW0o%Z&d?q-&%p*G6K#4h^26eew^L$rS) z4=1!GKc$+5gpPa8ZG(Zl{}Iil4ejhb6tSq{V;4Np{25{DH*&^*lpQ<}uT}DU6{)4| zwap-Z?7&fdt4b7S(8!Q(MFR|s?|V9R%ZVhtJq)E6N3-Tlx~>X#z`f~Z zl>klT@TFG5D_^0e;wK;N(*YvPfGByj1DG`ni_ouBhZOYr?6E;moOw(S;dSigd zywQ#5AjJ_p8>?IwhI~ruad=n>{{&Cz1T|GHx|YZz0kGCtq*P*6OgI@x4*t9lsm@_A zpMP-)B9l0$KQsyjv_A&ITyca3zU_f~vR7dCIyp>y7@OT z<84|Fjm+WOxGg@mOI$UiIR$;7N{QoQt5JVFW zpAR@p1%fKQSh5@#$E6Yf|)+Dns_&jA!rm%*9chxE@XTZXj`HN;P7V;*y;aN7CceVusak)dh)~+F)>eM7u*dev;1BSUnMGBDr{x>LR}Ooq zG|7b!I7dg;hj(NArEaT=jkhBbZQ(y~WB{G4iM} zL2fO6nh4gLjYl^ct;g=e?xIRn*S@+Mz@l0ym%iwD#kiw1W^O~=L!8cmRNwzOaPWAN zVu$z?EhS@l<5b;e(+BJGh>`5A7Ru|xvDD=z_13W{07*8|vCD0h!0n(Y)A6ZNBiz2Y z8qaUSd^GBI$Q@Uz_l9^rSJ~6V5x%Rh$i6%-O@+tTTAhs|{J@R4cDZwX3iQn*5}Vnk zlKOM4GH*#h>x*8RWw`u7O`DYoS`jAN4ufnF)XU?5&;?G|!mI_VO&P_9a5{oz)I-Fr!k}?Hh7Wr%{u=Cvp&33%xC+gSTDflD)g#EP93(%Qv?*|IvajjIe zT|hI&ay%VqAuX%#UT^W?sGiorPhqO`=ren$qq_xj60vqb#p9qc!pn~plhWJLS&!{5 zQ0N|KhsG50FKDh^@uOGW#bQgLHzk(=l}pvMt0EPHTY)wcL1!A013D4X{^3j+J(@qy zG)^2#*b$_SyuaJ3&=dHE){sn91*;hFfB@-7f*1d$wY23v# z!qTzzmsnVxsnPt)pubKQVp+tH;Po5QOt>setGDeC!0Q2Vt`-$9rxiLBN#iN$dTvQ$ zsitMeQu`bz*)!`WR=`C|4!t0fcz~jZJ;tY-J)!1d&(-LJ#Kd|;nymg^*v*Q7sX)r} zeZAH8MgxPeQmXl&=7jlS&8}8I!>57Inof5DNAjooTy^>Lp1lr*I2sAuKe0}PIIJ>R z=847MI=bo_a*o^d3R&lB9tF7W#?=#_rNhP0xL~go%Nr9{>tJ{|&K61}+iTqz%AY!Q z7ZN%PLOR?*gtKlQCmttj$j0pxA6BJkp{{j)R&u%i^w-smxhbrudQL;#x?{JPS2tC4 z$IsFYg(yZ@@L%Psq0yDp_Md?km9j#z=mG_k3RV7E*joKjc1O+Y03Ig-vVi@P=1?zP z_G*8_Ol@a2)MW4I{H@+aa-G;ZSGI2Tu4E!-;HA?`Mzzh`cv06Ux_9Vk3=1DE)vCpM znQ+z0+O&7M{vpHV5N^g}+hVEw#7<+V3Q$L*=B58#?Jq_imw^NaZonqcadFU(TDdRP zHp8&Cs02iQncJ{$G4_)?Np^MDHe@Vnyod^t4UWY}npIx87A8mWQ1>^m$~2`}-yXoQ zxW8tqk9Vu6e3%n8e%>w-GpDaJzNmpE{k2o1;Uh;&8FsRuA? zw=Stn*jjXVWT@(@q4aJcn)^(DqdU3Zs@LA4f|*ozHWNiH*QkGg*?d=bYm~5JU^|3M zp$dr;dMIs_7^WElZi(xy8aFN2g>tnAL1lti7B&L)w7cmm<+le(|JMdTc&PPn<)8=2d z@u(i9ME43aF0SmvAG2eP>gH=tkP9p*04~M;>&Cg8<1=~RoyWw&rZz|QCf?!(pdseg z?hQ8S@A`WcEEv$;rG+1Esv6(LAhaD0yGF!TBxi|DyWfwdl1nOE9uA*E%ei@>i=tx_ z{8npZ5%jpzIa!pv%PlSYtEaBfB$h!(T=K5VvmtgL=|E{#%#>$_Jnd8L+cb-w(8c!f z=HEPp0O_25LZa*4EwnySoPIGFXr!v*%CE6uwLq%O8#rGy+Q3zhwAs0RD!NNe$!jOm z{DaF3m`QiK6c5$WePN6FIzi4wEf{)>tg_+w@NUfL@=k(J;gW&o)1`#Y=7UrHT& z;B;-m$nqmrx@p{RGm_fwkNKZY29oyZuk6DwC#q0uqwbyW0Tu7XL#r?&UeB+C`P=ra%`?0UYv#>BNUX#`Y1^xv@!vI1-S~aR9#=C0Cii z;-p4@@3&l*?pP^hjJCVOP~&FCOh&4S=5b{R_;O5xLr>hlmg0BPBqm5|V5@{pbKh5hwHO7T7A@57i@UMfSthgJ7mBpp5 zkAm?a+ll_%@{{dh7Snd7Ud;3SB=|!O*p$g;-OOTPG?3=9H9E89XZCV8Cl_d`@|Mw% zVQL|D)vDrZ`N+I~>ZBoSu%gXZ40M0WtA)x$rl_eXGt8Jr=iY9m(5$G;VQ^U}^b*}Z zj;dvovKTz<9F6}t8~w7#KoenzLXSN4=zt<}NC4dt`O)>slo**cT(%SZg6GLb zr|uR-7JZJQo9#B(UDFqa5t~4ycEW>@uFR<+P`se0h?xX35mjZgk+$TQ;AzWU8XG0< z-lYCcfsy8#n3RlT3;(YQ5e(2w96KSB(%AGpmyk`jUfq#t8;eD4pTf``dKKUjOJf-h z32RTz(hXSd3ff8;9BS)u8{!HhiWlx2`dA1c(=~~Vs(g;8>GlP&>&M(V+j|O<4$c`t zN#W1kG<%2`J?+F!>mr&=7kY*nt3k^^F67{ol3FsIF!hHDP|`2LyPZoHQ{r8kdxkZI zGM$!V?jfasS8UmGRhk`Sd=!BXVn{%37jKfXsR&;lw?FhLTlZbdImUoLuhtFe&)cBdS)E32ee!eQVr z=cktGthGhg4LX;oD`MxjR_4to>nED#VYeNT&m(~XVc$-@=u%cAMV!Jr)5-Uu2m=UP zc-Qn!$2grj;b?<9Ys1Lwzq$oU28DJG<&JI1yXeW2eFVUTU~iSWE}}|A2^&@%1>|WJ z{;JNB2`J6zBkhBsQ7nnzr*C+e{QPr>%lhyz9N9xlP~%)lL9;#n(j#fP6k{wzW%AS4 zQCBnD5Y#KMt}Xh4!c>_>rReprXvb>ylIFxUM@o3gwmQ>GOcyP6tg&mN@grNvsIv^z^+y!) zEmYSSDX%S)p*O24`^D4sj1}mJ!Ceo`_d*ra4lO6qPd?neMAen2kXB6uA61C!y3B_? zEgfv#GIMj$*yK=NDB|!Bf}`)X!*Gt8!h^n@xZz}+_AJ+h>pTh;E44)qKd3-tDB@V- zoDv#0G!{C{{G|Vf`SIXw`2`fA7Xj9|gF{0``3;`Z)H!MoW;@?=q=4;ahcv3(^xNOr z2x^h^J2~-rmRAI0?+!~Sj%;c#xu`ZB^r9K?k?8w^Cd$c;Tq+0pY8ZwOqn4kQGvN4r z=f%vn>l}XWC*WNU^j7jut+33c=EqJW(7I}1jEz?cphHno)s8~581};pQpss*hQ-7n zCT*o7K5S$aRKw)wf8BH_dSIHDsKsOX#TgR|T=sA)YOX&1EFq(mrF|NFl&95fe>PKV z8-e=%#*fDL;Q1<5s-Q5-6fT_ZYaA`bfXyyqvdT!IL^1mBK{&x$O@!nftT^#33)EUo zc;9}+_k7bgK#Io0si4MoJf6>1(rdMHJX@tck)QkSp)Pr}g0aI|hg*&)8&++0Fm_@m zD*i?ZSE*%?$9pSogU;hnE%PWDuj&a+WDV!!V)PZpw=h)B>Q1yespAu3^dSs^8fmjHzP1xwpBe5OF!$U0|mc$Utm;Ffq|Q>K(h z8V-LS|HUXW0LrAtvkqS#!)|py(JXqcW%bcoM^o-CjP)abXrbj{-O{G7I7B%~s&LrK zk4sb7eAPfv(2+AZOJR+?%KgKA70hE?Zi#NBzqxk=A0DmJHZ>RID(1Jz>_2V=|9tX& zK+M{p{($LE@Hf!(PvM^rf%Af3topXW7XS81_^F&kUEP1xZo&=91gyg`pB4IT^Z0Fp z{;h8Md>%ia^}$FjiHR}6Fa4bh;C~t2TAcTxQ;%deC-`6LdvB46^ATUTw9?-eu>aV> z{{B>t`~YiR-j~AszfF%l-g}cBvU&?j{+{;#x+xd+4gky=jHLWc^uKO6;NP3cA!qQZ zrbJ#|zJrR#i1fX^K418=6iHW=?SlfWz=#C}1QxTDmBs%Vml4uGMB`Pc9wgB?3;27W zm%O@q02~0PgS#!sdyV@sfu#Qo=ONo+$lwwlboWT_IH@%#lrs=tFu=t9KJxde{I}un zy-Di6A9SPv;7SP#X5fcMf=szf#frx23%v0X8$!K?_c4^!S^pv z#zzD<{;OkufAx+3z`g2Qw?oGI8>{-S8RO$adS3=vsezsU+c<+${;>@HFCkF{UTcpW z@z)%Idbj&SqsnP(M;soSeN$30U21A-`VbXHQ2W(qd|XaQSQwv!Lw%{Yrw5;iD6hO* zujSti2qJ+eghN6DUSxqB`WL~)G(I&o^wyVKjp^Ch`bH{bJR8WLfq}WQnLJ`*VxKkf z$OW~Z}=xVX54l8l{yixhBl zkT1-z)gN;k{?m_g!S(TM!ITMU^yN5wVRZYryHpIBBFtsB+A4=df+#b2%ZjkdCJ-4| zEHN3G*$T)Nxzf?Q(-qFB?gFZRkA$UA`^92wIJj=zU%$eefKR(yiALhggju{i-OX{O z#OJ7nuvXv=o~Qqwh}FS34a zli?JPaw0~m^j<2`U~m(;(;Gu z5|%aNncaH%|HwPbxV(0t!Izd&DDLiB+$m0rySuwSxI4w&-QC^Y-HW@syTd;B_Db*W zz907Ue(CQ3r^!h&naoW7lhoSH-8!cFtD>rURO74hA60$ z>YSQQ8oGPa^mt*SZoA(EV?aA%(16{&2ZPjk|NDr-eDlPyz|Kl6B!Z}+_j>$JnQTv$ zC!XwQny;Ukkr#VpX!l1g6X5Ten3(QY&fNW%mzM>$b!2`k1Gop0!1KSC$+Eb^0s=6CX4N)=CK*?xjAmQ0uYkzvVs@F%GWTo?`ptD%_vd0r$9?^^Y?UC;n< zRMQpX>InOmphdUZ3+1R=6_P=BT{X=Nbbz1o`zH6COK%b=DD8);5NX8+zT9oE@4=2V z#}>N>9?p=JTJ`JqC~p~BX}PXYm1x~6sdSkqiiS(iQDUc3nLi2vD~0va&jChxu2r>7BuPPwwFx)yWqv^N8c=ar-mY|6rt zE5KAW)%;3Ikmv1*c+?_+Iaj$4PD;*elxl7#yz>eu38hN1Ey%-FRTZ1H0C2c2FNh!+ z;5H5-?fBZv_SS@y?UnL)x1+8dio5gHiDP-iB3C_D$yDNlT2Q`^J$4b~`9RE)8)H-9 zPna!kd3^9#rFnY>H8Z5+$#zz42mos+PCc zr}t9CihI91!0E*NLG=GHF{T^U9 zL=KP`vs-$9ROd^sAJK62`Gtq18Twal8j42VDxf?DyUh1)o%Q}W?fr?H^di`8={%=- z@ocbyd1}3E^#&Thk#jg#T}F-bC8<~$nVCx6b3EkOCA9N-WDt#>R+%I4NLpEeAK|7H03I<~MD z<@&?6JgO?|EMvTG*NraS#Ipro$&;31sp|)Yw!05{;>Sl4#Oa$MC)xA~ z;h5yxJ%Nah4?FQIBL~FeA-_8azm{wHxTG9q7 zmky}lE_vCd*w5qCdUx75v#`HQHd2R*6YjNkaHN-DBb?3eI7`*k?{I#FTuj>+LHBlL zfe|wkv3%BCtXM8!XII;A{q}m-p54$ezvYzndwcLeG{FXlZ2mGLwCtZlN=JsHiueWsWUPPONi1q8j0JWUEKiI1Yi;X*!%H=q?VuNs}J> zQI=lH!xeT_tsSPkB^pw>XA%PekMq8ahjyp4x+k5i{<2*0mwR*yamx~bk+%|&|y@MQWGH4J@U$CDkVu_lonlS*&ZT?3uR`;b{WdgY(A zF79mBips4+BJGReA|WjM$42?5ycV4;!b4A$VC-w^;fAvE{Y1#u9 z(COH|AJy%G*O@5=$FrCTw6#jld@)sBaX%7+5~bUb&i}Yt2dmLL)N6`$64j2?u3-<( zwt*pxIO#!tn#wui^usz<^SkWQY|_%T=0T;#wIjbD@=`g=Bmo`rOFIKvb~$!9#FjwU z$fY?Cth%0=m6wWoD`}yOUJbi-Au7`FmI=IJ`Ll>NFIunye)m8l`|FESzB3E42yaX z=w^MowPn6XUotiXGf#{OXdg=?^HcVRQgBfz3?>!6m_@Z(ax2F2V-Q4HsIH4ODW6P~ z+zh|!!#FJM39jzbjqT1e9#4!<1+2~4_nh11qphZZvt$EOA?tCRrm|~lz?ZJ3Nk5TB z)oFFok_xX=l{8)Ey~46GZE4n)eWFMATU&T#z{rs$s`DI01LI&<>*Mip>XFM1FtBi^SN`PhO zhRNv?6iVE#%<<{6vEg>HI5ot)kas12RGA*~%vnXh#sC(l$vJOup9Dt1bkeU3xFGx6eL^%hM2b%$mL_a5z3f3LiQC#*V`irR6qa|G>;v zR17-^qRX+SQ2T0j*}oXooN?Op+j!@9B_)i=0u{Lw@5*zWR1?~H;U5NdrA6Inw+)lL z2T9a(jW$=Xz4OB3J9BW@1|SKfk!KGDPBEajc;8aOmXEK{_;Hk@wX5xkI)Rn;IN+h z^^G#Rm#D1H-+dkVq5xf2)&j{2CRmvW+aBVgS5RQCQ^ehdD7iu$eY?aFcNxbK0GMk5 ziDrnv#LB+VyCp!KRh+VzH!tYTV7 z*Z%nUBu%iewj>d5T`n))n$pC1oo>2o*aG0sD9h@u<>pOE#gI@9uD@ z*Lz%|7ZcKt_43}W9OtS1zP?q?;RL{)nC@Ns*f}BA@;o3J8Ch~2EB{1p3a2gG+IFu# zqH@TG7GD0w*_Tgz&?v2`9MH~fj~chPsKRUk;of>7qdfo3>5G8Y&&^sXAJd-ZbCZ>3 zT05>)*DdDwqe+c|fyw1MyBK1XKpdOYYoXq*SdXr7!P{yVuh|&v&iJ?IckD&<=h!ch zc)pD3UeXAsz_1`=Xos-t^%%9wY{Qw_vEznrIAB-e{+(DVoWFYGj>@+k)p*^*%$NJ_ ztYo?p3s(lnySP>yP2g2X&dUT%PQ@By*l^uz$rf!3Jmh;*J3Bj$r;U5(#hNce51`?{ z&n=;jPw(xkLt%}VXanyPouX>mpw77LXl4&*Ng^-f($!8Ge=5qssddl(^bq&W>Ff@I*Q7aH+vmuaN6+100<<;uC6@RiYHs zHpS>VI6RR~IxfoB?wyoUA0STaLcJ*$n=tit9H&MdRfY(0bqdXoBLgObHTo{m(Zjyi za6$s{b)MVg$%LS2tGR6)D9@YnD^DE~&vOS!OY+Tq$=fY%24Ygl3h3$EZn=*8C zY`t|kxm=AK@#jEWo;P%9C0`5z5BwLxTd8mWEQ?3us#O>tSt#d1lAS>evUYVjQ|oSQ zmfSaixAv4QUqcD7nfa^4!b1$AF&i_dl$*WLTmFpvLZs9)vK-D<7fo_c$DD$vmeg}6?^*$^vAs6G8_n3kJP}Y#D`Df@Yu-ONT`C0M zj-N?2Tu30N1VZ|Cx{34)Z4@^9jlo!OjK{l1%NJTZB9a2x#RXVgqK9){9B8lr+#};J z2w|N`w?#0&tNC3TVl_UF zC0!G1m8uNMMkQ-lX0?-KdzenYF*!Wyb|uu zsMG>1f-o0mF8g%o5yk!-W{;ZnrI{YIR;A^@o5>Hek9fj05 z5j_4R6_CyLgGE`IZocK$PW!^m8&K}JFWB1H4xWqpSZj|WP1n?eb)UGqn~1M2rUW%u^b$OM zxv{jqny0P|33y#On z^qXTE)2qpEzFA|X8D?9wtu7>w6oO`~$-pLhz^c1 zgaoys{dE`hzIYC*BS00m`^*5AldU?b?2Lc6~yb9pare3|#P zo`kmIY4yFYYv1ZkLd!WiOg#yY?#jHsufu3Rvb2nt98yuSq}CdjO<_@x<8reB$m7=? zyQ0PX59$_@s_CDNzY~O(k1Y(}cKJezlcg&EXPhv-GU!^IK5=6duf1~m8QVBC<}tRF zkE>q7;XIaLj*&G-unr`jdsjIpat2Hus?w=6(lBGkYa;1N9yV=pDA7+dc@dJ(;jHWo z(5lQ@jn%NYT58IM9Ay$0#&_;3`kLexvq-B4SM;I{?rcW-dPdkJs|?`JY2)_fKlFQ6 zLZekI$LR%A4zZv`sv+h{4D_6#8W0c`ZiqVGX9%G6{-oj6H1rpq8`AGMB#vh-2@w>P zFbZ~Jqzp{Xf|7OzEM0G)P2@16dM!qHfqZfh&KQMA;r74*MwF+vCqk(XmDUvfkZad6 zy!bEg&3`=L;JhsnxYql(I7PV5F1BWWCAD7c{#ZQHwq3mo(Mh~z-WR;(9>VM5pnJ4i ze{s2V3sRsGRXWb)Q+g)ZZzH)9*k*8)tX$9gw4RVTMjh*xKbMevzTT3qqoo*}TKb|# z=x|*(S?_FrRf%&}Uh1yCuPUEzrOB-@2ln5<7UP@(FlC37W~6I?Z@@X1M@b3o_D%Q8 z?DoM`UFtWZ5>g6pC%;lxG=S--G+vSXe(E>hPRO#X#gcGLXiBSnop9S-Q4H@uF4m^2ReZ5=y!1 zvAelhN_)@J7_J|lSk_+Q{S3o}50@-!Tw><4Y#!mh zrRH)oi#n=Ed6b<`KcoC+Vp3$|vy}ZANnY)TBX6pCbgiwP_?KG@wT&=&c9)-xrK<>m zI3oP2ZA$UN4$HgNfi*q?rdQJkyW&K71T$LM)`MEXz@s$3i%2rf78K%RQ`DFA3IRea zI1gh>Cv~gDoEv# zdMS`-G3Gcf-I2#dBcFU;{(7SVMgLr<#z2X)q!)>CbZp*id6r(UHPt=$xLp1fndXO) zwKH;oS2P_bok?GLg;N(F$1`F7d#D|Yy)2_w%WI~AQ#1S)P!C5pWWWC6%j6{o7QE~f z1?Qr5EsnSSMhYSb%CJ5}#pXZ!yH;O7j)1Uf=P~^D`M7d@HTo_IULm zcZRB7_oh5fw|#RZHN1FDb7tFVjIOl*weP*-iCK4126XUb3KEP3FqxzFT3*EvP39<@ zL0}N1xIQ^gR}T?d!`*!8vFS7LO2?ZDLn8_>dyod+_g;b>$=bb+WwQAatG;J?*Pn~~ z8k;2c^^Tc!{MTPKLpszw9;Q{sX7vZsoSEF66D>5iC1lz-1HK6jPI>a(ZfiIo(Ddsb zc?26*yN6Gybd_E%S>saUXhjSQv($1$Oqa^zkgOhPh+5nV&w!EdKacjGl7F?{20v|k zG6xtHG+(7{l87aE@&}_B=ilJ>^_h08xO?+PaLV^N{vHms=kK7o+Xe6w0s2}K%nDp* z$`v*OHs+gD!&SN~nrYr-x1$Iq2%!w{kGYNRxUVSf-D)?~B-N%{1O58gm@4K_F6*-k zK*s4fjioHE+U?LVTghYq6;`>h`!jmpIhsqe`%nkjIOg)#bmi@64Y6L4L=&ChPzm(7 z+_d}8KM85p6E+$~?VE4uN;a{=_XpzK5r0-C!JyH;o6488kR!ITvPxjF(8#`|rTb4@ zeINA4;yH<_-DcWMViPrwF*A-^X@^zG39;4$c>l!D7DeWbhA;eDxP9wGXTihCRNG|> zlt(Gfu)er$x=OhWO(5Yc+Ea#|{A29I{R;`NiWoSQHs|4~`eD(h zw}+4yyDI(nJNuS2qK0T#ylTOh7E1yH_d1DSlPEDb(CS~DRjfz=!eC)04TA5#@ptU^ z=76%`u-LB^G(5Gq(Vj_i+Yzz9pv1M>b?mWWqqo9(*=p9;bL_37B{-?HjAI9j?(4H2 zn&S|*w#2QjIvvfPurQ6(;5W({_c68s?}7QMr_OEjz&0E5Xe%aM2@4@;W)GTKpS2{hm=5oj@_N1j9oZBpuWKY@%3 zl=tMM{r#k+3KqH+K4f`;JF!(wSn*Ps+J2E=gm+EDWaHBw+i^ZW z%vB=~M_3H<2r8x0I^5FmDzc&)KIEeqa06y&SDc%s_Y&zhQQ-MR0C(-jQj4$@B8bD{ z_=vQTCb(utZ{Guz=Jx>hL1xTbHu7eXxm(qB52c(#!_z@i%^%R;ik6#FU9&IE*N&MQ z5?oAgxL%uT-ZD-OS)sEl<}FPIe`N^6GKk`p_64TBpq4`OW)mdAGx2WJVH-8Pt8l8S z;v}H^t=g6I6AAY{vg}#WSJU+S!TAyFOc?0X zfOm2tfNQ*OlIAzgIAd`#?O1ON0T+9^A)J^cnfQs@-pmBS8YD<-Sx6rIhhUXC3E|4d=_*Xt7v*Ti^#*Cj?18|r49?x<_} zMT7t}R9wx#l#9E0zlb;;<6XWMdTkhb4_X9aX}f!aeiV*+lK!&vC}y`;M6`4>a~;Sw zcJrDN=15(6G7o5yu`iuj2l2x>^V(mVEO5a_TObLeORu_mq1w>HCEY*5?#^c*?W~_- z+C*?^laRnl@*1flhv9Jfv_5DOSTu)v=#b=zqlfU|?U@$y=Ztn7vSuX%z>SShWyFvK zY*1EwB2kGmPp?_#FCT3N7Rc*CS5xI)n>VwCmWxXPS5{KqLnDm~%+Ogj@DYhfh zx$#e?8>ur2w2N# z<*G5EcbIysu4ZqnNo02tq@-N&pts?1zUuO3s4Ddhl^rMi`86-&aL#U!6L8kJhjTn% z`9WUZFHj3Q&~P;A%R z0JS}owD}F=u5|L?bK|nvLjzUYU}WgVPHmJxU9`q*#mC}{^Mm9{B0)`0LR`~$YCqMk zK*S0IHoj(d!zuG$#jhqVQ*;MXT&!jmo$k3+ zqiWk7QRZ6T@E#rSdlfDhyib8No#hIvqT&gXQ^7i9LHJ&TpC;!OXy1)3L%Kep-Ibc) z*7&}&%ObO!4)6qVdIp9{o!-y!IbXhfNnkJx+if-AIvBpm7}gsb*8P1Y4im)l^iT53 zN^a$B!XN7X;Lj<{2ZrOgOgkbmf@P6_@*zM7J$PrSUTdc-(U1SbG4Z?u!jvGP&17_f z{w-|0|SkIH2=Ii)9IpUqW;cI*fyL$an0DF6#ZPb=0*4wT@eM=A&MS3}BeV2n+^vSHyev2NNAH4-Ul7gN&eP;)7BN zF=izCO6U@*?x9;+Ng$*B+5EOJWO>R`5`z^syGO&dEu;2=>Ggl==y9{Iz1Yn%D2ybI zby@(5gKCL%Z!g7_-nPFx%JD`)r*dGssiCyoAbOM3doiHmMDnO2OoWoQVW@EA+nlat z@nWJ;qg#DJ;bNP~cqD0gc@Tbr6R_dTlxD7%k0m5u)@9?=e8a@)8F#0LH@@&AUp~2g zpf-2cVzuT{^2VeQzm_s5w3~wV2B}JAvm^fl^2}<*(7_~MiRr6`D;n|6O+ZLZh6aZ%fv#?3LP9_Sc(pPS97N!=U|4q6X2?js0;xx2m53@0 z5pjc(Ov`6YS$j}^V&n=XzP$+{TVb*9-$NW;Ov%Hy&NmPWS!AGu-j5*!&Qk{pi3M2E zkvWxebV!nOhC?PZSX)icKx{Oe?#D*yVGk>7 zw*G#$z z1C8ld4aec6^>}qH7pSj`jjH`ccK-S*P(lz~u;h=~Dlv(Ft!7Dr8I@PgOy$hG=9D0A zMukpG^VV{Yz(^3KY8})EFeoG1=JGjy?~io9^Qb)jctCE+-^hUcSIxlvv{NX`A}Gm= zP^$EUWWf$I%c<~W6`*&owkfM%^HeOh3p~MeGa66qchVCM35a7t1{q{U{4(WA#d)a8 zGDr^RLdlEV-PT$FfCZ)WTB>ViI&;;e(8iOQN{x1R33YZL?__K&t@KYKEU>?M;NaG= zEWS+$Aw~Y#u8bQ9K0ZeC*!|h~2qrLcAR*+nNFVbz5eJNwsH6iCMU`|`Q=&ij8NjvP zo8-#We$S;(o1UIF(l8fMTS*>lnHm3BA#x(an4Pa|TI)6W;pdcH#-?3&a#I}I@9`Ek zW{_2Q`{UdE+g}YKc|SQh`PJ>Q2BjE^bTx!ZU@N!~4W|wPWaVAHqT!$T7E@iLlje*z zV_l(Xpx5t)h3+5too+pM?H^Dm2m&pSuXf7$JQyeBqLsAr&3aN|!dlUt*W!TBUK4Y_gl6Co|q!B@OzQrab z1-U)lZUB)zG)AKcW>=~7Gx1awj}ZQvxKDAFV_^;DHna6qy*zieQ^PFvt?nfu=9!t9 z_lL#hH93bECdLc4i4DK=!Qg7|uN@(m>oWCz^(BB0kD3~W)8%%0*MZ$~-Loz}+Y_5!uEAiWwN-Ils$7J?OT><*_PfVA0S zQN4+gF+cyuKjwSx!D=h}bZz%9=Hu^wgLnd3GIw$qTTuRzkB$#sRaNw^Pbc*SrKL9! zKPHLZ0VL|V+#d1p@x8wOE<{2d5}tl6?4M8n8aq#y_lMZ>PEL)?R_^lhv32q|l2F+3 zo|letY2iTeT2z3h0szjM!$i}Q{+;1G=Wsyc&v7v*>UYHQcWD5H2ca&5;|t}N{+}4= zAO1jiu5(HuCgwM}{Ee3r!VCC=#ryxH2+!QcECo3^#(MDGUo-OeNXuW(UY_`Hn3zYX z%KI0)s3DX-|3kldf~G)BobQf!3;rdDe@o53Kdz$!@$!d{gpj`zXaB9y@Q;=GtKh{y znbyA#&9CQ-Mj)X*tM+3=@?U=Z-#Y%R)f_m4yI`NQ|099Fmjo=s$kCMg+yC5Z5EkGY zHXnSY|F@$5{c%DK*czsIysLi&^q;ly*Mlb}@Qp^VF0$XuzP~qqe>EGpI%2FQiAFs9 zPvR=n0S$a(nMeC~ANar3FvkCZgAxxs|NCkGTi37qdG?B9{o5N*pwwy&p1`|*&KwNn6Q~p|cfPI+J3+^+}-Q$Zw zk^1qkmh(g)l2K4}*RQz;FD@?P&G~Es{{YJV$6Z3eJ?~Et5D=YZpLhNeFfSNhUmX0H!r_>ZFtzJ1qvdwogD0WR4S zb%*Tb|8E@jedIg;q(^v?;9s1s5jQ9dHd_w*N=&CX=X%j6z|KpapVI*t3(SKF_ldZ; z5MBg$K^s5%gWZP|jEtz1l#(0HM@SI6HsDU57ZJ1mKhkT-3xu#&M}-Cc;{168i86L= z*qyHn4D^oH+S_-HvpCjb<{|-mMjjmI3gOe!%S>g})W{|G zi)#i80Y=mD6ymdhgLluv^Y(fqJlgNv(q4D^h{h>#BV6PmlMX!EmFGrTz1jXoafZ_W zZ%xoK4xB4j3{oh+J|1ovbegyHv&p43(|Gda6<;rA_>CL#I8Z1j+#w3in&=Y3L-(F5 z%kQWj6=Dm|ic2vJidt4-a5%tc3@6WbVGk+2|0-F<@7{x#_{)PajdsX8NJ?60YIjtX+aQ~X_D zKes(dkM)navhMKS88`P%*}dHJ<39_^y)SS!xpxkH|5eN)rq|)&;cXtm4RF+r1VQHo zYqR@u$bU_>lO*7~CrwU;SikIFS%?%)m%2jb#6L4qR8rnO6`%-?eE#c$I%q%}8h&Wf zR>A$L4!mv!c+v;d4s!n_v2XL(|EQq?0XVS0{e;p&*SEKuInAxjU>b8;?@BJ+cHJ^(2_8{BFT7%9mL~?A1B_7GL9^~88XV@Xm=d_vhLVsdvn3ZUkEQjzibB}QoNt~Y3t|)^d9RC{a z5Afx&o8o!S%A?2uAxB}`Ty7JDTrGh&BG^lO7E}&c)Ui$30AhLUrQkOtR3ql z9=n6Gmp+G3`#VU@U~hJZ?4A#@@${U0d^c@K=&iPe*L*U!Y2%e{PkZw&LUi?qxYT!8 zE6#a%r5<2EsShB582IOC4cjS_&U(Hqmpi@dgOv{(r*c!h>vb#eO3n6EA|fK^U63?d zJpu3m(P#gc*C# z0pm|Cg}{28!JbQ3!Xdem*K=s7V7k8A$u_n0K0%IVtBTMbV~N^Ki6q8+qFrJydx;Da z+_)EKI+&*%0~)brcEl+Xb>A|-wd$8MJ?)F)w%GN?B#ry6BO0xWLmv!$*=5g-1kNLa z=k=mjX2h61j1WT;*tT#@Y7Iazh9@`R8IsVe;{F=w(hsw@kTcDE(|j_EA*-=1+AsXcUFz`bq-mj`gQF;JYt!uV#8d0+S$-o zH_os*u3O%!P81pEFA35%-r8)i1#t8#ypU4ET* zDX5#<$xoZr&;b9u>JD1}WMnHFguVI#{auGw-4@s-)~>gGCeP3LvgiFQw+%5{VPCee z=A>vVrRIi%kSQ#I7J6;5@7YJFuCX-m9hJR(y90tRh9Q?#-vcg+fgB#PzmMS-%@zdB+ecw z($-2`y4AzjPt&z9B}~MW{hOK`a~v&8lG?QBz=qM}5_`TK7Ignhpm$qN{0pE%wHfw_ zU_IS@I==-|C($~D=Ed3@art20!CPI1gclUR|5{|VIWc$dcm;NBkL1;ztf+NBY&?*( ztht)6_QM5N#dDLKxZK7|`)gSH>w$i=|Hcl>vKJ;;Z+D9TKwTYs^C{OT(G=Fa>xX9?&qw5G33+NyOd_j33AMpBKB=<(dw`Qm60b(^j$xeq5>Jf=Xz^4y+x);lx?-d4u zGVBZ`wAM~(&chwJs-Qb-^Pct}o+4wKU>u-KBTAZ8&`{Swt*x!4q}JI`4>eyeQ8}(g z7|h$|K+52H3I8_wjF7zW=vttAZ)E!kyD3j%(3L9g!B^EE-k}&CnM*i1n(%_88T(Y` zN%t&%+x!L3i^N(^eGpA9&TmgfK5Od+ZJXdE6Ik=l+PvP3bSIUl? zCogrIT;0`YNSlGUH-cj6!?eO&r{CS$w{#p`R-H{c?kuw@9XC7Mb_dL(jE{Y!NfHIL zf5KXH(uBWY(&(>zY8KkTthj8&#WU5>6jV09l{kBT2g5KMipEaXH)uS*-@&3a4f^bH zJN5~$i2USjO+`vdtgnYp|B#(JGKosX)z z*@_kR8me2!OO?~TKiwkN%BXi$q$2xt63o5{h!L5GrUfkzw^|2OU)hEDL^Qr{xs7k^W`ZPOuwcRjtdEpY z%^OkKx)2n<8SL?KExe&9zJ2AmxFjK39*9RDolS0rkj<0mHp`n!jKib| zT+b+KY7fUz6)i}laRkn3xIhP^($qDd9=ZsU;T`HICLjd7gU5T%=Lrr6QckemDk~14 zP35i6Ucr6&LFaN4JmEk5(WIE$C;QmCteE9?L&J%s6u(Vl7sH6T3F58~!O;tAKbcd%T`1 z)X6S@8lCy8weO_(2q~^$So=b&-2zq};H&%BBSpstZpSLSukIq}kJ*;Q@W2$o-iNC& z7QDwT+_!+ZxHyW!!D$rW_x|c8o^R`)(G{V4TJQKfC$v)SogYgU&hyM==ra!{B+x|a zGpoMU#DU8(2F!4RzI0!~!{=xq81>%XvFIbKsVT0ut>u0*r=!zhL=u+e8)Z>i6gK)Z-~v_?j1yUDW6!yQ1;}c z&xtBj9YCMSv`hD50)cavl<#_Ap9rCXUEm-R`H?xOL?gt*af_2OD4=@SAbG;~We4nw zaQ&@xO_{2{$(LUK92S6Xg~{tBMvx8krJE61SM-sj2#&KlW%ybTQi&SUXrAQ4r|OmJ z>W}gsi(YeYuJ3A>8NOJia(jTdyL&*rpZQGDYge0f7)o#Eq>GD@<1am+=hWwZQ2{fF zZ+=RvZNfWKT%MtqEbU(QQF@VV|K?z#+HeH5%>DWEM>04Nf(eHAgzzrorSrFec8dp! zsk?XRXD%}gPB;T64Dhg&i9YRs%7zHHr$O$8d~OMSw&L0{20<-X!IC?+oM-lAj75K1 z>%;KQ03l2q+bVS}PE2>tNW}S~sxzhhnJ|ooR1%ApyZnUf=5}Sy$2R^c}Ci5IcxrqjgB4Bj@0z4c>be4ehFRYp`+G9 z=8@?iqwOj|Q7VIny|ty-GkpYC>D1*|#fJV?b0w2wvIVpXN_oaO={^l~XFTmKJzTie zMKcO$BOcPqs`E8-f%CN_$VXqjf)ELqI^P+Z(8KWupP?HT*<=l8$Q0&reVO(8;GU8JbXG`GVdz+T|}IEa0=B|kV6 z7qHz-l07|&;WAezVJ0EY6KK{QV^YkFk=wwUHMt3I;8;yeu7(~aNx`xexQwu1*&mD4 zfH4cx#RdQ+B25zr7d{=C)p*h8K&!+ES0Z{rs8_+|W|uAyj2G8nxCpmPJf zTj{RUJeS&b)$sjh^}+sr!4GO?p=O}LDHsp<8IHyJV`xa^d7G3w@@MZ}3ioH!2ODY9 zLOA~4lq`{DsiMgYWG+{6v|=>K5npl)eZnNUg+fs2q&Q+2kfXZoAC=YL327`GSk!L^ zFI%r7D$QQ*2+>cO6hD^$Iskkzvvr$`S;PsfHh!U#;+VN<^*ZY0w_g|aYl?A94fc@) zSat_v5(0YW$>tT7JeQ{(%}NbVO=s7)xKTDnu7rzg#X6CuK3b5KDp0%_E0tlE*VkGy zoeWkpH2Ees^5dtV&YAI1=7&yD~C_OqaCKxRhTgI+4DuQU#eeUaAP?C}C3k^9T=Wa)M7z51FsnhC7$9 zK(qg%OqJCWhP{Vbs5!=NV%$Jls8a6-Wq^_|x^gp?L@#sgai?1DWT=}&lr3AHVo8Z& zDM+#PFwxAH@1Oymd*C&$*C3=~J8pgI*aiEFq!I)2wJFy3*za9K+h3)v9e6j#-6`8y z^dUHd)y+CTRjHR4>aPrq=DDppCC6MvU%vIEOF%^kmLE_sS_0T_0GgT^G7Mz&1E4;3 zD-!8kCv_<8Z!c$7yCdlJSF!^CDE{?J{0=c;#qU~Eo2wD6D~yrRcu&sCiw+r%=;U7o z=~fo0l*aOcf=EbYRk71F^ZX}GS_?Jey_4>-1L_=PW!?q%f^AI&Kq52jX79jVap?%K zR4HYHkeW5<00Z*8!NL)5w|f7d?CN?L7SO@1A?zPfn@_~GFd7)FqIwaV9*;b z9i|gkJh)_YZPSo0^U`*@1qO?j!&@G#QhkO@Kez;y*#Gi79@>x$Bo)PyGBsaj#`-(G?4 z_e3PnRFQdKa13CK5j-`g88x`ig~hi!4hY{;mNnY8+~UJxv?PZ z)_Rbha$N^!O8_1Ux|LX6cPf}^#HbBXxu7algZCqvfX@vMq4ix~YBwDPKVzC4y>960 zm=a+^?e=;{=upze1Vt6dVKBg;NWDCa5O6kZuJ!1X3il8L8m{*$ZnqA!s>Me)s{3dbB3W7zE8b!WB-9A%j>iRky21_-;ez-dniK06 z)wWgAvk&cZjau3V%wmu~+A^I~C$c3s%nsynUENfsh?V&LA^*MmLjosa}8?^jLDfUo#IF{&YoJ&~^BzkKb#4}B` zboQ8q)e>dRXpLV$jvfsuU)H)vzD^%xzq!bgv(lSWcYQF+cMC#&*wtk45$Cs)dPtPK z#lM>?5AO9`LfJB}EiAT%L6NQLU1n|*NFIrcuDrM(ts>{RjXEx^ciAehblDOj;;MoA z0x?B<;1@~$@g({_$!C_`1k(~B*`syU`}B)Z*V!yP6%uAZ~K;`gCJdQZCqfujl~2#ImEk zdJVd59UNmk6?9QeI~hJoP#u`;2X2ty#HVc=ZE_32E1*zfyC~&^bP2?Im4ke$`FCRl zST1ztTWz+Doha$Pu#b-I1JkR*TLnYtO()@0v+;+gF8zcwJw(|#N z4U1XY!cZQnSa)v;R`LYQP}Scl3%k7%!YsitE5e3htv*eov-*Aylkh(6A?%{p*_{Xj zSh(S(&10=OoxuKd+T7$*&Ca#uhd=1ATSx{&wzJ7sS=qW3U^!@lJr$c3HXQX&lvZHV zjVueV@U__zBX=ADewd*ljj@ zl}NogO?swt)Fj4n&uDo6ouJB{O}O>*l%eC1o$_1EHd*ssqDto$H0}nP>bBTsXG4q2 zx}@Xj1+gQZE~j2#^u-9G&4eaj9!CX?Uo9+|9Pk1x?h?U1Z& z0uU%IFGjw!G+R*68*=IC>WQl*dkNnz0D2||cfNJ3t>I$SO)5yfz5f94Q>O{} z;%)(^?VRl=ZZ6Oh#?FKRm^cWhjRdBZ+3qk4o{oaRU8cnm375TlitjCmb{@4t@MBq3 zyF%;+pZ82QZkLNQWlKInn zT+A!w#jNtsIaMU2(e&9RTgJtub=Wh;ET2OXeL=-~T@A32IrmN0*dh3WWo6i{t^rQu z%5r(Zdm$@lpQ0Gey1{^Vg(*bq@U4sBuMZ6KQLPv!BU6ic+~4Tldr!UZxc0xgNDt2Y zvTAtf3+k4mb(63mlOxIu-v-41(5D*i0dy;cX?Fv|V2WSeQ{1@ceIu2OmAoLB^>@S! zxgIHCgz~vNIb}Z_v&dIy)Wctli8_keGe#553*-@c9C_$0LO(-xF#Ee2EID7e56)rt zn+Hkur{|CHC{NnVJ1cdrkN7(pujo1+^nTq&E$^$jI3(d|1N6V0qtSCWK!2sl;0!P4 z;tY!>A9f548SV?Zhk$WnolPjaW&ydl+S#Aiya^sJE#7K>y(xc{@!CcJ`P=-!Ay}7y zo#mCk$xl#;x%_J(r~@o-6H4auD45p@k{~#{B&OeMw&A^N7(6D+4fr7`nfd zrEt#h%NkW6JV6_?VG!b|P>8m$L3i?I)TOP;cIXgMvrT%2Rm$WU))*wfF0UvRl+KG( zF)+XSoq$A(k&WKAlrd8i1S$+m%6prgs==w`=nUh*k?1iargsWDcb|$Ye=xkOd(Q1L zS=RfxFg?ArV!pRt4?VJsae9reBRX?2aU4>$+*ID};4iFPfZ4}-N*W6GGf#i1dZ5YOFD+zhx z4n5=REM91M0b^E9i>;nMO*wQBll<~LoK-z+Es`pMvo|Xpog*A+ zXgi5T_rDnX>bSa=p4~zz#oe9a4#nNw-MzTGyBBY9cXx`ryA|8GySu~PJw5V%@4e^y z-GA3!JCn&InORAm%*OeVW`3SHG%~|n*z20l+WSu()O@$^8&VVD5za!CV$HWX&o?{J zul0ORgDpUNs_&D>?ic3C?6z0l1FV+)T^bKM*c{$jB;a&*J5_E1?>9T{rCf4;7IX{Z zXc@%_39_(1*IOPtx9c8h$H|950l8Q}j5cT+c3@ah6uo#7<$}7ou)EN@hs*gZj^GR7 z3S4v61{aH=ACkkvf)OHsN)(LGUm$qgN)dw1rJw@4S8UabPY6sx;MlB{OoR)n1 z+MVj->-M*;HQba|7fo=vdE3TmY%5`n1frgK5tN9lC_RJ9E%4*BkLHx|#bnh79mQrE zN}A{wR8(uxMpHv`(hM9`69lr+qcbZf2`-`epXf}npD@{fcHF_oMxQ|>W8Os!hTT@n zYjhD!8W39XS}!C|UVZ`am?So@xQ@Fn<$Ec|34qahfadr~b3wr(Z4Kv6_t)U}Kg(|Q zimIf}ccKKFczStVOq8I@zeY6%YoG^L-KooZOD;(?lp*%b7nY<7kkxT*k*bKmDBQ}mL)^kPj8)*m&tY*`(M$2$QTJJp{cM16I|KQqAGhkNcL-qT z54cdMbmXBBRwwdq;W!;r$n;jXpRU%54MXHqp1CM_5zmmTtgPU?8(-i<@hIjjxSLCk zn(Z2|ZZUdEUOBySxTh@Tl*F23KZw%<0~I*ZRxgggPC-+}}#q z95@;YDWI-=Sg;Y(>LI5^H&5R$nPIOCaCHm(d_0kT+@rIY4$^^hedCR3iy z_8q6j1sdg_t4ne59V%=K$CuoHQq-nScs<(%ObS^vAv%ZO6(!V2USHr^>lDf`*$CtY zCDh&kP^(DOxR)Ygs=L!jCIXlCXu*b|Xu3;u`<`%zLiKCaq-ma-#@;z5?U;6PqcXSV zTTzxYrGNRHn!Pe^J-)v+f{7yvpU6vBP|G&PZNmLsqA9F1Uefo??}+*|&Nq^9mt|Bs zIgDcYi8@2w+8jX2JTNA}(>uJTtbewce7QGWY}l!wQ9o(_W7%@m#o(E^hdewwsO8no9Tp2)|_-r$pQzwCxR@Sd(>tTNgLq=z2H zqOU%%i~|mnjmx+4U6cL!HOPMAy4`^DmUE#4?WCJWjW6QZ^qwGwvja)D?H={3 zxvPLJ=2xs`=##skOjoQzs6z|_MEN|Oad2muS~?4q9i6JRGu$x(IeMK|0~<>_@V*uv z|GiCi5+F88x%=!*(p>Ah7MA;(a>e6Po#cfLYqbt@Wh78W((xD~Ai^nWMA{^4!Woza zjgEzlrC*D1WB-#vz-n@;S$JQnCeGYGrLOl_St(LvP_zX<>3s zyEo4bWMqiW2p7(nm3jZIS7fLP_XWBxhNQs^M!PAtCmNpZG87_ERcH`ZUiZEuU{JQ)fq1?Ke^Mdp>b~Mh zLulNTg?Qu~>GVgaoUohGkpt$m+r#rGO>Gz_Ber=bHsF(Y_suG^ckd`UX zEnf2HazxdNTI9#P){F47p#BfvE!+gv?p%!1NkFLW2LhrE-5)-yg{E~qu02CCve4L0 za~^9%HRvUwEbe}T&~59vFK_nbx;Zf5dh#I~bK`kFS9CnGu3k9zvspUN7R+n@VB-aq zh!3*iKnr$(sgO}xS5#Mr3e5ZO7H6B! zaOw*Ig8?#eE%Z@Jd+BR8TA2`1qSB=hq(+m2e>g>G=Y+6|2n}kf z2n4zom+O@JroxI5E!fNv5e2g3iOhJqU|B2^L$RIA+RD*X!$BaNA1svb4Jj!uEiBVk zx%Kk;Z5_qsbWDDFsG)k+AjH62ravv|!b{aDQ=mI?b4!=$(oQ$jSGIv$VdA(DV-^F2|0!y{j?ry>&k}b?$07JYxlGcYbWKP91QpE?wg0QSy0n zaKGOOVK9!Ua!T;vr*DRwmeO9q=Euq$;68{82Y%ZBcEK1@povWzun-a65DS*MA`CNV zyX!ICueKJOFPld7r|Oszr5f8;BLplY8CORZw0={`enFV3Fh|7SQGS?(XQ!!;c(7=C)R$vdDGWRWPp2Q^%+n*Vzedv+GTZwseRz<8?RQWyLa6YqZ+aqfKj% zJF;ZO>D&3mcd{;@03Bk2{T{+pKzJdxMeSG8(`pzAWW@MY&Et0ZQNgu_~zIEOiF z6Z-?Kzg2P_7r1%%U?&Y3bxnWRm3~JpmRkLs%+1mt?K|i;xD6wQ%1$x3q_Z`dTUc9; z=)qzmES+lD)5EvQ(=pk^(%*;l0%}>Qc)@dI*$d5qYoawppvWqnT~cnMsD5D~!}acc zwq`sT1x zB7@N`%}j0kB;9XB2gL8}?B3d+U{X~oy53Ho-jPkDxsX3SA4IFQXZDawmwq@+EvTC~ zGhQOr)?U>e@DvMnsckx{XtBLpak-Ms)z$(mxXzX+-%iAS-xEOiwCcg>7xy0rLR^r6 zE0{JJWiqG_WCXhSQ7{3s9|}3pgPSq(M8P$nKN#3~y}GpQxYOQv#soZ`=cA-lPIA~DvYCKnOzwm(Ao>5Ot{qOWOybb zKUrn%`KW`c!=fa1f~*8J;Ry%XHLQ6Yuykg$i)v>s7XVWGQ-;XnwcOI~gz*0I-cD+Y zMo_BCNW0N@u#a49F*ps1DsC6*%V;^DYYv?Fbocs_7o4uQ9TGk(j<8dCe1}N1+feK| zQi*STW%do;{+=&6#t58|}+E zUmgbYIN;G&OHK?u)S5D^!5Z0<5zXPj=54wmb*@~p-R@+;pd6eX!^6u*0D(tr+`!{X zuZN`?DH|bu=Em2IlIfuuTy%Z(5hZ$h!sm~T-LiY4QMAitftc5wsK4ZSVt&0C&%C(nXJj#t zYCSWfz8-!u$R$mO`RundlDO4&x7yR>uK@9dMu zH|RCt4U?0h)gDyRi%pA@0P)WNsuzACi@uHT0wgOm!e=rJp0*`_~l zQP3ENeQ`Bh(*8u~!paiihExjkNn51i=isYS-yKKnp3#{JNhmC^;~%+F+#sg|ZH7xr z&!el`;Y4)dBAS256~>fSvc9l*_GlvJr^L|U20R|Y;r?Q~Fdg}?btY(r+ChzWV(*8c z9I_w3m?G(uPXyRs=~idNEIiQv(DiK>YoCt~78nm#7%ldb!4LO>GOTosj{<(*6A-w^ zH99yh>g+ZdTzP%D{bHxJ8TBLn-cFt4)p|_f79iPp_O_$vAHZ6lm5Cxmhe^@JpBKVW zEOEf*KmSIFovU!xGIku4o1z*!SUL*DPFL9UzVvNtVDfETBJaZITw$ke@L>onNa^Al zOA9IYn0%F&c8JAYnsxk&!bD~>paa^+GslX{at_&*c2DP=%IGV*`wUAp0&ZJ^@BM?l zqhr3SoE*ZnJGYMO#)pl2M@QAf|F=yJYq?^JcCECtW z6fG9c(%&vU3akig9rTxDD2_;nOk%5vwr{WZF%67mb$6`@!9%n_W71mQx4^oIef=5Q zgepqoxX=gapu>;lkJ{JxDnv`!twTyR*HvE6W!O^9@v@g>T5fcYP?wnrg}NUHp=Au* zCKrKOU5<`%ua4@o+>LhHf`Nw>|1uK=HVu#Jr#PcWY_p1=Gv= z8Fcy|=-vq3vI(W40SLORNA2M4f-fZLA@(a@YOUeFQ`sW4c+DB0v}u6!e0RvUlk<^X>SxSv44(*ozq>k4LqhUF zu|TTYqa=``KoDRVu)0qNfjlfv@V9BUW_B{a8FW3(9>c@7OwL_?knyqb@92P+8jT4h+5!UDTzXO+4RVc||3y0)?ES*S$^xSOvW^ZL|#%&~!e&?pFPrm8H>MI9@g=pG2E zTbResW#Wf`v0Z(w7-#Xk=rdEPhZY(JHU>Rzb)l(acVK}`&tscc^ogT);p0% zNaqJn*Lr5+NC+4%5Pgj#gh2e>ZkH{1@ALOp@}c2A0x3zfI22lhU{c!q`}=%P3$?r6 zegH~*AK3l~Bavyp=g;U=gfHS9+SJdrpJe7cMoiu!-D6YPp?mBWA>*l zXFSi3^BvBB`m^?@DDD7K2vG*wv~XbHEMF4sZJhJ8u_v3l`JXKhhSskXaL&@WUhMq) z)ORienzLcGFSqMeYT&vBYrW}oW(jE~3_PvtLb?v0lkQ)v0YP2BmYVbQ_S<4{iHWJv zQP;?@7Q?we&z&!Fj4Itfx3Yf{Kltmr5IoZtU6vWwlPwSA?=#RJ!=HnJbZwmkV_WkX z8y6_%rji|g!u;z`p}uzrS>nj64s>G3f3o!nlv~|pD13%g8JNgDCjhZCFTMn%Qa-=D zRC~X;OQkRk8QHmX_-H}p!2C_6GYgrZXDMq9RN+@`4UkZ4tnVVcF2Ahk!72d!XBY&6 zUpt~4)^hLFszf@MTaBi0{2HSGp^=8Jlbs~uu+ZNhPS?rrFjpTVV!(d8l+JiDK7ba# z8lU!aHPsLK2&!mRgQsF?;JAaFAzwvkF92(nacc|)ZJy2NxK8|lhfvVJ=e|A*W*W&_ z+0LDZ^ZOYL8VGMk#t9O)n!7?9kc3t`*gogsVe8q9`R}PWK10L|EbX{Vh#CHVurCVQ zEtB6p?$;f?SW!V+o0uwxduG->&}Z>dgcL>!Dx?WbW6`>TwD@Ate`C4E$_Akci?h4Y4f37P+kDnlG%5*fi0odb# zh?p1**k-y;(1!KmV|A9X&l>_h7>W`JV&frXXr={FV0_EW*T6S!OwG&~N{Kv8B@(GM~nXkye z@)usP-icb*<4g?#X*2X4st&_mhpzqIqoZ)cfvDtKs5Rx6^3)<^+`sdYeyfNC(G9D1 zxeC8k()I&#<7x8|z4Ni!RrCfjnM_hNk!V!!FCV~}n|dFh#--DxR%8Zz`5GDI;;Cm! z{{9rPJpind?SfPMJ_@P5^gowR+Lvp!_31Un`8RQTF|ht<{ODh?+ine;Zuk}8H3>2TOAFx{E!PM==I@Q6{1HGpgVnCyFwiSF-uymv@^A>aiJe$X_xw2ZY-K`Tm5WN?Q| zCekKfMPM?5ce|i`_^lg2xpqE5YW0YWo62LIb;#xs{;9l3eo;|yp05vkjjk7)1ZI4* ze?-iw!2+3Ae)T2k?Bo*w)(rfapw%J;YKU|4GP%O{-}VR|?Mp9mbJDPug3iS2a+>x) z?wTX_dkx7zx@uLT3#*jhk)Ashb`MOBLGc%);6&?^7jM2zeo8; z!{5vJvZ!L%ZY%xC?LWW#{h!WRK3^Cc)gJ8vmVaXXfB*U?-!N<-pIc$s>`P*Pv;Eh6 z{)67SIRRgAL+J*sBKF_Q|F@<6MGrg;=tjVC*pHl|LFgEX_(kO}lwvqp4 zsSyhzX5+-Xab)J70*XJK;NP$Mfsg@t1`(A({r9PB!Gd`{E)Le3Ox!Ai#gqN(c)&B3 z;IEQ+ys03rRWAS7!2giVe~$~I3Hrsgc8A~OFS-29(LWOFB>Lq{5F>~K|5fC^5CEjc zU0rGb=@cg7A4>BtV|x8EcrOyMoqu1MP+utE5*PDj6aTI6{}o9!*_H1-JiYuq*+fUQ)`D12?IErF0$tYg>|t83sBh zzJKEh709%rpMd!PBJ8Y6ps?pu{gpEQm%)k<&gI2(|CWy`vmek;Yyf*;GQ4Rw+HRB> z^GE&<_1MP;1%^a0n9buJYzAWpUlbw5aUDVDpTmRr=lxOsTCa5yFj}3~P@m^5{CnUD zrcH=QA>comSeGER1)eoF6Ev;6fOy=>ZDXA}E28Lz(%U)3p5N=q7ugAf5RZv8==TKc zKi^;ca(lQO_xJ^5>UhAz1s< zDd&|FKE6Ga3)ENI|6x|w$-aO+l&35&G%?WDDB!}io+iWy{QIh?f&w*C8`33q@gENU zTNT!wep!iALm1*3taXva3Z@V>HoAR93`MEhe{2RgYsJvd&s< zusjsTE)i#PPAy%MhrcN&2gRB<2!Hdc;<(5JN?F;monRVkfiLG}c zR4B#-%fguaZ91`jMB!b5&$Q_MdYe1W+a6@vp&l&#N8aVE^w7WuUO}OlS{=?UwKv*V z6)%Jve3#B>C#mM7h)!(MjgVMgf$Q{_>DTcDcN{Z@HMhX!&#;7k*#R(0)B?_7tI8x z%K1oR~`l zH;n99f6I6g=NmiUozj-()U+!yr>pO%hMk3-ON=)UU<#Gi2>rmD8J@HX*Y3n(;3YyC z0XqlfKAA~hH%IU`1*61v@FSSah{)##G?0xUg&BA8>y0dW_MEz6HowN|+4=r)C?3WK zX7=5(%Bd-}AQQYX{<`qnqdA_C_@P)l3!klw8?iBF z2?>sA`QdGm-kG^j-UOcLoUa;*O@`B#RmOdmMXb*QWxTWs~N+_!hyd{b1uyXXPs*^~UH4DWx2 zzYM1hbRwaRuof6QDXJjvx|~rDmC#(1~)Eb?w74a9XO<8uYkqE zq6Ud2x8Tv3uT)f!T1sR>uGp)Ju<|Q#4%;WLZ%8wDi)RYzF4C&5`e|Dj6Ds%Z7fhLU zz9t3)w2PR$s1WBhe{O~}Sk%`l3^@%FtQplASgfM5$>`hfr#J|El{@l7r}t7R(F9U_ zIjqqdO=*C%`daTQ5hXyK{@aIkzC*Shp)>Y%QYe>6)b{0E2w&oA>6}MTT$J6qZ+U|^ zihm|oV4Tb63DSi79F0##^tA+4OFB$@K#!auMU+@{T*H5VooaC8VA;r)=qcH!#SWEa zVj(&o(YhH%2YgUW__u3p7~ z&oxK|smp0l4?x6pxYM_KkRc9fa)(cmYv4wI?3N&vt%9qoeJf*dc|@1^^x_#ia+zH?9*iRjFM-2417lWkxX@t_4BX#m=-b{@9!tro7IU-2 zpSlZd_m`wm5@T-Y2rX*t2l51eCMa*sVLTv2L`{qVyu9R?4kKGXHmQvOH`RH@z~%v* z*i3kKX@SoY9FAfoq<5ryYR11@y|zq*mCz3}s4PSMG(``~B|(6GLERtCtv^659cOG# z?u2Fyt}L*`nHTG%r)s;-JZbhHnM>Q%=`+As_+fmB63Ge79rBQ`vWhSC^5mBsnE9@Jjh}jB|Ky}Zn*Lg7Q;E} z(kW^3m2t?EYNi{|E=a0szZagV-ot96Gk!~h2^+0182+H|NAHx@5wW>q}{EP z_m)bZrntFsd>onYpWG)JflwH{&_q>SNb|Ug*-#-WSn52rc9a((bLT_@fxF;Do#-r#{v?ulhrm_B1 zWGuy_H%Xt3@{ zWv(+tzp5#QmAB+y|BW}IA^C+jsyBkZRc5ut{kWTipAq_men@ZQoOiejiYv_w&?grO z+b^78qM~p`(v^;PIyUIB{J#)KpP4qQT}{LAt`_$5I2<7TT!a9N49Yff`Xks+lLRYF z{LCY5_kBGaLM@A!Gc$fE!?*zT3sTDb2O2cY#q+QvZ&hmJ-qlEa;XpB|$I&&^wj!o4 zL325S9QpZ85z>OmPBGGg2T$4zPF3lK@VNb50U@^c08!K3Mze*N4xbIAeSpKBse-KL zm@~==N`fX{fUt!c8B=HA<9p6(C+sI2`)8&N`J@RRc;0kuva_n;(|NxY5zA6GUyW17 z(kT)BY#!X=GM#yvMK~0Ixd4*oos@Ob9 zc>2xk7R)fi=$Jf&kD78Z@;l>RH~DofV5aTHW0%0kIW(;g2f9->b4(!C$vwBCGjtZx z(p^^-w_Rb|(bfDBR5af@4-NC`6OOUbtB#mXElB0Kh7qv(vqL>#4wWIsLsvk4m#~lp zT9MFcnMQzH#cyBoB38Q&XqLTR)~P9^%aIQLsmCD{=tO z3P63lPT`wan{TTq@qvyCPwS^dSj|buTBP6A=y*_-l<%(0B}CIBEi*TaeUMF5jhe0P z$)i%pyF#IiKus`986YFH9_5^@m1k_}EHke|wQNJYMUSuhkcuY#C49V~=7ug04@*_( zebIC(q%$&%5oa&n1=MHW%7t(xWF+8C3&ik%9W=|LRgjl-f z`z8^s$h_}Z6%?0P!>m1XT0pOypNt9Y~SQ9a_{c^9)5rdZ%>q?a;NW+kF z$)F1f3ZJGw!mAWD-6I4^iPkauFzAg>Ci!_m!PwmRt^m%5*M12-2XtW|-zV@FQ9GT%^PaymV)!gY4B(3mH#(S#kHeU1st zgJ8oX^MUWk`H=mQ$1}?=rj>nrmRX8Zvzwneqny)usdT>_P2LzQhw(J5lyrrl+K4rq zPJ8=7%;)MUc&CQCftXlGc;I3Ic+3ttms~c_d=j{i>3h3mU|G83$^6vLm+ZA36&ZJ_ zCFF36R1)^juAogCJxbC8?b^2YDcE0DbiVx&-Dt#u)bhw@daUJGwR-#JB^roXercQ! zz*=G2KoBv`&1rNifeB?`MOAOXI+?1HiJu{~(ChyUEERY40=D(~Byk(hnpjDr;SY=^ z129&8$RD~<&E+qaKM_()DMvFiIzr`QV@u0O2^m1h*8>THyf;+6k9jqJ!~%ui>HXS0){Crp77Lpr3W<;oouPnLifC4 zeb*FD{}8xwu*uW}p*iSwv&-?&I>2x{naQEADRCc*oEn}UJc(a zm?sMdGvbzueZ?gGqpFrh8Tut6IZ5Bpaa!YQ(OYLq%WvkH@@b-#U=lggL$hx`;`gU- z8p8e*=PY$0w1;loNAR0`%XiU7!H(5VYd;Goge!nogOabUMl4DY!F=RlmPCHNfNa87 z51V6Ey28Gft1d`MVxZQK1wzfFT#g3sAXg~XbA==JVFn+~&b%n^rj{vacOS0LmkdxE z?cxsKWv6x7mC0JMhFf)k45^iLZ8j<5s_t%n)$MJY6n8U^jje{Hq4XMRE|<*~!}?)} zO+OkLBXL8Hgb*yOW8nBc)j<14tCWh*Fkp2>QFbVnIUD1*|8b4+ExlleSDDSsSp>}R zA4tPUZxgp1Kz{t1$bX1Wuk2{ipvRs{NqKuBW##1Ros1_^imiClj5E`F#^;zt)n-`j zM-zvQPH8+U3a$CWiK4+fkf}V*EfAB1cCR3AH@Dav*^#}5EV=4*z>?*qlckCR!|jbw zhMHdY>reD7z6p`TJWf*q$uXI-!5Hr9uL)(M*BhRJ)m+}$wel*Qsqsb@9(jF0|KbVO zrcd^h=)Gm>*2H2-6}76)CE7+A>_jb#7|*%o@Os5w^_TQ1jS?hwx_rHlSC@xgdPD=8 zk#>TinUz;&kp2*gBY1f!E;Ps=ME(Ft1w!U-CFmVmcH>_qW{YVNH~vOREon>K3Ro_x z(ppJ@)FVkru?f zrwr#ud&J;k@z7ZFAs0O9x3Wb6WeJJdBg6gg!=@3jdb#P`tN>Tf65C%n>zPqDWFxPt zL*Hh%v+4n(u&(ZAX-tc0Ykg?V-u4s?yHWcu1fDvu$5)iH6k}(Wy#)h`3$(T>8}THr ztWSGf9Fu#jzJ||boz0F%$x_yw`*kEZ9ejwO=eOhRdq&NMsCFezjc&f#P1G#aYZq5h0T5_*^}U_}26UM*T}_7K5Vp#4R@I zWj-+-{x=h4>5eLtc2*#pC}*DeN;bS_rW}Er1BnhV96q${T$vJ9DCHY}F2eE(!gqs;GhrFgABtrLEpWMvhdv zKr2x`-Dl=LM($k>Zgemuvp7=Fb3*6;(;5}276rRD>QkLq+WCNxsUx7tkU4IpeKOE7 z?r=>cxQ=M{A6yuf%}TVu6h<$SL2W~psh@q^#7Dv@XuV~2oLU9@azzG8`Nx7)XH9#R z*Btet`)IuqI~=&SZnscKD{{s9u8)XArShvQ!!Vi&w=9XMxyItj*dmgmH*+}ztniBO zS8Cgxm~fqm2UD!OUsb<0a)kkEcr(ix`$?*cWckR^cFv4-v@E}@47a#zQ(&FZea5B> zT7EUOHh9xmOjfE|1iI{PNC+5yDSM75^y#{}8=^x$?!%e~L1bQA7C`Tnr+-9;VdWL131Z|ssm&GRpX}J*rA@b&fcv7n2jmj5jDc-spo%&V1BV>eIH1gCpKXo%b zOVE`74*Q*KGxyR2-a)pl}!si{w! z|J2_Q)jT$tI7sUt?nY%*ux;P{kw;@BK{r;}@TN9MGKUnjP!?cmpsZbk(_GtUsS;>! z93s3kxzGd{0oOL6K{t`FatxZHDgOaQef_zWZWe6?N!h{v7zj_pRyVR3 zVn5oyUl}de2KDsl$7CmqzwOB%M_w+X#wN_*?YU^9SH-7Cy)rZs27=2d(jzj5%js0K zL+^jwu+7YnYTp%z*>+3RJ0zCLTTSH_*;kE6rj@!>>l1BfGKXNxu%qX+ecZV1kj(p> zOBNBkx$!7OHqnAlDzoFAC!QZD_U3hJRg(Q@v52iq=MbmzeMQAvDVzJHAehBAUfTI7 zng?%6p474t=37nih~w)wM;`qjdVO;6xs~_@-r3Q`4AES)cWVFy8{l2L>U75fUW(8f z8YyxPdgyb76Fpki((9{AX6EJH3T>@$c&R2sEFfDUN*+XY_`{~(tFk>=;pR^T7Yd}w zm#X2PT(D#MozhcA5)4(tn@v1T6j3iTcO$GRDHDvS`wHGmQ>xPT5ZgIsJO~`3=NWoP zOP*nEP_Va^rc3-zvG`(xZR15@C%3UmQcJk-hVSd$=w4mAl4HkeHGo^J;zmN7I}`f& zc&eCbV@R4(GirE^N2nYc^w=FqAKs|5EmYiQ+xAxr7h^(p%@91^19X0Hr=n3DhwX6P zgGDl8zfj}OIk3_Fm`yH$>$}*dyl_P894y{72BOW1Cp}jzJ;NOI*A?Q4iOs8=M@kzl z;!0PV1EW&$$LBiyXK?m#nTtz)LCSXC)#8)N8ljb%O9r%ay~Mk1cyII|VYGp%%Nt#8 zw!?~0&sR71Ajh@|h1?(T3d#94c$R@yWo2P3Ath*LmOF2kd7~;DNv30ElBj$YGtoqj z@^l3oIK;jfDu%n7g+2}-eop5hT=QH2D@4%ap6!=DS=llr8~>Oq%K5r|E?c?BbLT7} z_h$tP8_D{8Iwi{Y_R{p$%mEpUatx(9rTYVqOOf}tOXfq|l@sl3TS`4Tx-b!4{RZ5O zWkah{vqnd9+6A8&(yRhWj@_->9NSvL7iy%_y_s1>DF=4tswk3&xXVZgu<^YCO1}s# z#Fe(wC6H+3o4rywNUPPDQJ>7`#$}FGarHa8U$8ak@${S8bqCy}v0O`qFs)s=IQ?WTM6*t7yvqUR&{SyOFuS+Y>5i!| zicoHI*BdO5vo%fHTwqDmI;ij-h6J9Lp=p>sQZ4%vd*rpuZ5+Q-1g>w?abT#bgNrXkGdsLcj)1GNh_G5=4eM(A(Ob+jmyyF2 zM~-6CGK;2!$!mV|BNK_MWsZI_goIUhi0<_SMZ_|0d6p3R!i4k;cA;DBSL&C(1GKbp+No_Xv{#6dr&zOzwjHz4tn5Cjf9X{3Opcc3YxW8cr^5| z1ztGuGMIRP?P-83g;Y0djw>yT>;N%PYs$lkNz}ygQ2HM2%zR*AlK{W;dd4j^BdQsT z=e3dFG^cJEVr`YVd%&g9ZMbA6a>g`!$5QPup3&YU74frkQtpU#9_NwQ61odOzQLF| zd93bsCoLZku^ok1;aU+0`+;R+HRP!J3H3cxo zH9Uuo>i;VJbRJ%h=6QRN$VNA_a}*vsA05I%Jh+)Y=lrga1Xp0)-sVHsK3Yewv0yOQ z*4aYKQhoZjL6B%$ZixE8-f|V9WFlsN>(s8%V3Co>HcN`cTI$?Bw+bz8z6;8GQ~+w`=0C2#LB+Lx>6vNHKS%MMFz-Bey#Q7c(K z=`?})1Xx6hSIHIJO$boK+UO_Gg^mP2u32LfVt5gjy#|8fv{hH!pz6L=%LM2wuIL@U ziX8s<#0C9v1WlbIx`O$<0%v)16EyaXLrOgncP#HvF;jnXQU*8s}MLSi9=B=Td<- zeV{55yF=?KVs)2i$(A1h?Pc6|5!1aiwghc9(~+QiwgRkPp!IB&4pj1Uk33CO%&m%` z?9c)5#M?YC)T#}ecnc$6m6X|sThuY zsWw@j@6QuBR2HA3>oh8(`=kxs7vzt2cby@QzMXq%4Agnt#RpFq8Rj5MPe2P+&mr)b zr8xu;IlRD!i;KKQ_0Xf4*g@00M-3AB5#|qmg^}hPIVwjJv?##kQ-nJuZb`%W(NCB2 zqXw??>7cMcUfWdU2~`MDNbBIfvGv5xTa$~eCVBENu5A|(ZJ%Xsy2#DyAm-G!BILcZ zFT{{>XBQ(~nQS;UTBvbj>mRi(d&)my!x{ByP6CE1QWvYd#y+dvU5mKx8h&G#DCqRf zaLl??c58|PG-~4BQ5{EETe=@u=el67V6^zA77V_m2j|{*E91wyHHqW-EDA}XSpi$t z=$E)=E^vi2$*wDk59bWor?MLHf zYAvkG#>H-905Uy~)~Ql;bzj?=dl2N1+m><#xYRRZ>MB7nRI9Sd0tTN{HD^jnRjpJ; z=J9LF7aoX6^+5YAjVl!G+T~mDG)MOyoU4ZE(r8G1=s7+*9~3>UR~TnzTNN|x2g|~y z1|#srMxk3X2bA&6+GreY?6T{T7YAOoB%4>^&f$JM;Y~e0!MbH1drb+2t z3PPlPEc5K5qOcY?3PV;1z_}UCgMlLgR$o+s{#Cu*Mr@mmy&9-ZiZ4)KH$g&QL^Ik& z*w^wl*ZX9|HD*L!ZXP>97XXNJ9j~lx0uwO_CYtMF7MrGeXSHZRZZda?=UA`Eh(hmg z-Sbk@2W2GN;Xe|dR>$qFNT2B;0)y?$cM%F;YCVvC-%#)sEqw2~Z2Gh?-EviVPK4ZL zlf|bZ!X$@(vZG1`Ex$OZT7acu2%VZiN7gq}(IB<B6 z(SV7)tn|H2tKNbd|6ooS%$`d0MNo%Q1?Cwu+fjCPgw@#wY{k)Mf$Hhx;@l56PEJKO zmQJneAxgSypE62DX1ZDSN@6$_6o1U$NiYEYhVqV5=x@J~hSYcrYoj;*2%SM2!yN%| zUA#281+-ee|Fq{vlTHxyH4SCks*>TXh?vAacD!EXc%c=Q+3ICMe}mEy@di5G!cdEP zimvmP!&?bJ$p^p`FWia{!TNGoK#}*PZyCxY6jrl2pXT}wT%dtck#>R$N^y55yFgjZ zR+c1*V@je48Mc8f(6iFEx5ZGXOM-Ga4Lm_+LiBX9L;jUI=CHC1Aow<}3+V-%Jp!e@UGT zL}k;eL&mecO7yQ%yxROTDKJeThw*Twr`We9k@UpRS5$9VC6l~{BdQCh+ zdpXum^x57M&`Gi1dd37o`)Wsw1ao_VwIeFcF31M%**;?hAq=cekk^kSVqx?Aeu^bO zkz=beU%QP({Aj%xHI5<N`&1aaZ^6@x1P7-BhaAgn9>WIWa!t^<;=RZKW3H;?b39 z^|_6cYz|~=k(F*C;K_(}A+_O2D(nf|brZ@mDQX8#H#b*VNMqIL0HPif;0nDq=bE)$ z*+>#K!AWrL1_ITNfC=;)QaQ?BF+?DO8pqEsb#E@y%HT+K=cs2v;Czm->QD>g&>)7E zrXDM_@4*ew-v*$BVgx*DZcG}H5?aR5jeA{@$audpM5(CecA3YB{ecclo6YB4T32FW zq(wu?{iNSicQqF!@Iq}VDHZTa#sGme7b&||+C35sb=o(^l0M-nW5j8XzwB*8y=2wh z{3!l6JP?ED3q(7YH;$s?2m-RDIyxywcO^pVcpz;)@?D@_w0zJx&Y9)0)~}xMX{w{5I+X75uMPaRR2k@T}7p~*UyyZ zZWc-?8JfuiU+M8>af^NZxJ`lucBL`mf$i;<7|gm|BXIh`^?AAdy_Nu{8DsW{CofZ$ z6nZ?@5xlxT6)y(!Wd$3oXd^rol>^sM*ijJ*m+MtOIrTH_*WM)M=}#vvNYH$&r`OpG z5zc>JC(}O7eCi?-!vZ=BV24tPtb&666PFTUXZoLWhk8HYHsfe?!^HZoCGc6w8LaC~ zBjlz-X>Jg32VQ3?ZfsK4rxH{jd8{)ph$7&zBK6x>?lVeK(kyYjIG?}tkL|l zv{&BHYy%1eBxqi#oJdoaP(cGFhY{i^RnEZ>!;Mc z`H>Xt%e;mck@7|X!M#61=!pzKZA;*mz7DhX6s#)s3ARlDb z(xl<=^PK*SDIzvEt|HMZY%aiCTaXDW&7xx9ZAr!WE`oSx$Kic@#y3M@$&bHG@*N@u z6XpobFq>-nzo+gB~6CT3aYL7izuH>5GX5?>j z6(Ic?#{|7N>+U&>fD+E1jF3?#(#2CtZro zG`Rk%P{v)0aYQLJqV@*{Q9|xJgrHl-u>WXH!dP8AeHCvAAr~@THC*QB>xhn;A1_U1 zh?Ov^bvmW{Re6r~g2A-gX+^V^FF z&_=j{+-amCdHn^!5V@5t7`!9oUHIw&j^aq-Zu)-p7> zO~g++{1@&G8TWhF)J>l`3^<;UvkB>EZSyLI2}z0t->?7NuNdQUSf-FsxW$gJ5uuTv zcCN9zSO-$7j6wE=zlSqZ$3|-c?Zsz@elC>flo{d+h4Fe<=HN7ygR+&)&Aixwg7wPT z#J=g+30mOFi`Zw%kY&stS=95x$VFHEg;=>mjUdgy@dJ)@9%PNAr}YA72UdP0->*WI z0AtrJ=mDPKnv0F?6@mquL1Cpt&MHxAX*gY1rrWb&^~^lxo#Lj!DGKgwMu};2%7^>M z+N>L=lC&S{qx!tAEUQRR z0mJj}5e7fV-kFM~+#i@PmH6RGpLpQ8O2edvg;jMUdkTeQbTiFu%6hT@j0S|u&W27t z#pJneD5sf+1p=mI%Rgyl@v_2>5wt6&jWB$q^q}t;wh~q&mRp~|J_@aoCSuHgtn#*{ zDN+t-GjCDV+drON7=H|t{Dt_amiFN@23`%LUqH{Rp}h__;u*b}PlZOP4`Ocfhacc! zhIc~SjMYRsh}bNXMHQyp9myHf{Xu75oQLw~s2TGZ=WmNGM2#htJa*671z>@B%xXH4 z-Mtj?kfoYaf}5z}?2Mnw#pVQp)pR~>j!_=kx`dCHT}bYi&kQ6v)8jqCHLrTeAmE+E zsMe+Kx5xcxCa=Vhseq*F`XZYH6TXc?TJm9f+wF8@MS#W03_BGEd&9{mdZlA8>#CjQ zZtP`@>u#e;Z!OYn9=#JQ{A;p1xuoJxc6{G_A@Eh+Y-;>6=fpOLFQDi-e?WvtY$R9p zeiV5k++4lQX}dwwX*LqKt^jdWRQ=%k?2avZbJmFcf_G0cRy}Yk`ntR{IqRbPJhe#s z+GjMBxEzOkW=(onQ#<}MYmEJSn7%Xuq~dOgh72<$G5?s~gIDwN#ZRh~USDI;9Pv&Z zBPQRkDE;@1{$K+9EUaO01&-e%YxS|9IvUiW|O{D?5Ok}|0+^v>kY%hE^zFzx`xJ0w|#te`< zL`M;QjVy3qJJrOi3@;)zK1&TppU)TWR`ncrZdum8_*qE1$zzh}PV@&FrL2%rUUp8t z8EA}!;nHG2%<$Nmd5mVrMdQg2kqZJ{H!u@ZH*GZQY+W>f@_>=4sg(cvLE`8W8|r?0 z!5e_K+#|SK@jA3<{+AlhZiRWx3SD%U4w;Lb(j`tw}1SDzAr4uxG^z6sUrgd z3r=nzC^aUfvcpTMMcEp z$WClfDe`9_=sBIlaOXTj#6eDOzg_a5W&6Nj$HgUv;2+dCR=G4~{OPT~{}QPb1b3@M zZZaRi`PZZGa{W#|q8e-f7)cn4|9aQIJ<$0FIIuSUz~#vO@Ba(xgL?OC>wnUb`%}Dp zE#iAU+^2#0)w!^x^_gG!;{iX7Z8w5wx0uX+d5=g+9|Irtnt^rx!Jhj|h7UKLzaJsG zI~69uVQ=-$Kx_%VfV|%-**@_v1r&&NK;c`1rIQbofaU?p3rUQek{Z%SI|W%y!IA5) zOw3O$>MTX92mVe#Y)24wHiApxPWaz8{kxX_m5dSrfm{>YR5bbaXZ0C$g6cml&EqdG zo!o*HcOg*!(`vsnB8T}uXDYuU;tsOwn7PAzJZEo>!E%!RQ&~gI)Q^UN#zfNmzl=A;H5-{gSEr^1%v?(_^i@1)U7`4cFom1_0)E)^2;$g9WJhdO&8I8wb|En9q z`(Y>LWijgLpE~|SDnZbOHBVa8k<K^FI)6QU{#3TUKpPK;{j-J+qKs4;S@$5 zz46lAmx^t-)X7!~eVEDRk=k2XMF{$tnIS5|LyGmXW4&u zKpXs#%I|9S-;#pWpcNOG6~qny-NrfoF@J#Baev4V{jW9_3@`v18BQ&3S^2*UC@2n; zp8$O8e<3GZIZ^_Utm1T9oC?+8Xb3F z3+}q>t>*Fl5)u-`-NQ9`|JEqL9{L=|?w5i|+MmLGw1z0~k7Sj}=Fb#rF!VwX0$v1V zpR@)xMchFZD4#_A&JUy5e@DG#6f=)MtkktM1DLOFt(o4`+J}Qv3 zF6^D&K&p0wzBflE=5JO0t>(W1>)e~@T`}*I#PGlU86-*aePDZ^J%FPf>VL8(Bv9OL z{~_}K!IwHa@z%lK3Hm+>9R!rhP|)P-`ybzh9D|MMv;W=zKw!TJ0Rz>?9A?SC>-^sy z#U@S3!Hd4xI~T3;Mf9q=A+_8Tk!jm=JQJWw?NKVHgDOb z7Hx+|opNJ`neBr?8OihdL+FeuhbtOgM$f)Iv*TWo6{gWIz4zEvY@9*BAxM}%fsL%) zmfMY){b>;9_4OaX;4WU_fO|Te7SvQX9gn;}FuE3AXGb^?j#hkOIN%~~YGjNS&+f%e z=)nmW9*_mym%IuvQ}j9pm&<-bu1t)(k7gYi^99$m2nWGpZFD|1=l8Q{dpU3Y0zD8)E#e8We#*FOrod>I2P_+4D&tYli@A{ruU0a{2I! z-X3h$Y9vCWGONW=)Y5Xb-w|Y@`m!@-vuPow!T1=0#Fd*Kf+Y9q0-GHJov+XL#pCq{ zy_Ow==qE1$cs0UCqQ8|3_(hA{BrA)cn2K6$1y?pSZ~R(O=w4sSvjGr0i{Rs|dGbh1 zYV&_&_xk*?k>JcB>`=ZkFK@QKSnR27QdJ#)s0R75rRjlDITV1na|FlawPrfw_Nec+ zpByq_x)0mM7b_BwWqPc|h6G{t1luebd?u)B!IZV2dZwIL=gYBshvJ;T{==5KcUL{# zrwHu3@f}*^Gt_DUz(x&yoL;zYT-mo|s)o$7HT&2R<$Y%(_N}wJlt``G0gsRsG$y%N zQL%B+0R~I{4Of*7Ax(HLkUn_aupbXY!Z3+2I#yro)2i)1!Bm9qo;TR2&X?}BP< zt=Q&g?3c)_)fkz9J#tt@#kR)l8ie9pQKRy3zqR2JJ)gQ*YwQ2wY>=X;(^NBlBO8d%-c%f| zC`L(FQ@4b*>rS&N)L=a##5NXTnY$a?DBPRNUsBy^F&$P;^?6gIleldE%+Y>{Ps4_> zD$``8(CmqFD#;o_SO06|h|$nTwBAa8_QQwK&Qbtet8WgpD);^?az|2m86HdZu3blv zWZq~?Y_V9Fw`>=yUKQIJM9jND6U7R0W_N+2*$q#p^EHTde1&0bpm~ZNf3XInQ0-wX zA5nmB;)^crqj?%y{0@GGj7ye4;R<%lf%-*7@enW$+EG?k&8OoGhCng?2NN=XPUoYZp4 z*dfXt)r4Oq_xGx@gkMAG8c;cietZ}PAsa%}Tn)68v~W`JJV!R#r4N`zVL1~#7{lH6 zgd91RtyUTILZ#lZ394rmM=0x~G8~Ig!hcP`rd#^#vYT6k&Q|WUdK;=xNOmHmQ#|mq zFf%Q>yDxI_yYB6V{yT41r2g>B3=t*Ab!WM~F<}8r8qdJ{Ffr;~n|}4=XCSie9T( zCjuzK5)t&3LBjSEM}HY#zuO~cU?RZNTZ+_?#aZWCh0g|zu^u7pn%`SP)}gP=OJGRo zKa7_Ee87&L`C91t(eScV1uO`P*Mhxex{N_hib+QRtsNJ25Wwe(ZC`gnyZZT;toVSy1|yzV*Yh&-Ke z+W6^yFIYwPoBDzXmMhwsZh%YVw1J&nZ!Ylas&y+i^LXtmoan(py^x*ZS5zlfzMu7M zS^hUkKJI{a5Q58QqYfO8;hIA`*!ZlHY~%5uDc2vEs$RDn8kw@Zk`e?mrA_Y69w5mK z67wfIIdx5hQ1m|0f-bG8xy0MMIBM)8EgHkgdR?h6kZ-kLvniO0Y6R!i2 zqZ-Kx?7Wuj*WYt*fmcG}b3&#&PLPZ5)!ZLZ!Nz^to@A9Vag7Pjfh zMpwW->`>p z4O6p3zayAE1px)GvaRj(%yCB9F}4|@Z9P|iB@K*+c48Aw_mfP!3%jX?xobyM{3=4dLDUq z%}Rc4^WmXhXTH1CDsvV+HkMMrWeb&LsVbGklhtsDv^`iCj#DwY8acf_u)Cz)(8>Zz z1`j3hwUsjlZTaKwuQ!-3W@$_Zxi1*$y~8U0ZH#vQrVVNJq{iQGdTlFo^batrRh)Kt zF{dsD+3f}dD%0}8M`v6_PU8AsG&GOPsXn2|pn@12nAEFuYJ5izV(}hxYY1Jll5?U zEfg$(zScQXsv|A)v#?5b^?R;diY#@=y3ZBYo%Nyv`F15!Qp-)|LM7)L<|4HLz&o=H ze7zE}>w68kKlp}B&2_hWNy*?^`6+OVm8i_Q^^X7MlxH<4X06;F@oxkD0U_4f2_P%{ zLX^n|pdONKz#|v{MfpyX-qFjqZz>}yCKlpuu~Zt71Skyt;88D`kY%MJa+PQ{zaUaA zg9f|+!e?h^hqPzAT~k<;X?HaJ1k;(tWWP$A-m{8lvphxd;^XOP9UO0rV^x1ixAQD#^rNSi*%8PBE2B9=FB|Wj4xlDbxD)ve5f)U#Nj@)wEyCmPF>Ry()v6PN^ zK6kS0Qx?Xj?C~OMA;q_tXigJ&!1s6P2Ok^nNMo%l&)@GWS6v48N-PE4)-j)gJxfdG zYEK~Ksg)!Qeep^-!$0>@riUN+fXoF-l;x>BI+B^N0=kl&!B<7c5^fcwwXX5)gq_*v z7T=_Kr`Mx?(Q;gzvkJUc*4zM@#Ru4{NiE^Oo4x=JRKJ5ZWAuEd zg^#^(ope?JoS4dVESGx>hZD%>YAGvLY%KC=(56KUkx+U)X+B?5Uz~fWqvbTyrz;5D z5i_sS`X1PSHg35IO--PyYQz9gi2`U)5)<5tS!prYy6G4zXIZINBX*Z`KP(i?k=JR+ z8+SF+#l9>kYTw>D_D~Ge!e6mlvqYK(4xxO{uYX0J1E^UUsiF(Sjwox#lg@=p>iL(2 zKo~9Cwkok=VN~L=*XhMv`jmXh4wVkA0sRvmMjiDgnvvegXfj|Hao1Jc^(hA@!lu7 zLV$MR;&u73E|XV)Dwp|kC?23SQ|EwyV|x7XOP_>Z(Q|xpa&V|$GM@hoO+ls)JmKi;`?$mjQM4@(OievG+Q+Ay z@&3!Xa}Y(Ln>}8a{A4vmT&}O~N6hoJg$nif2ngZZtM%P3eJ0gKV4W4`KtIGXqOov{ z*U2Bkf$sOME{sd27|n!gtAPX^72>lrejwx*I!#*`=TX`eCV<{ZiakY*T>e|!eo%bw zMi5EDMfow!;LKf)nkAR~ImbDX4)p#^nfW6xA6_-fk?8~G$t9F6`{j!OQgh;-D2GUWoHS;j({s=&* zsBDGk2N#cdo5k=Vaa#N?Y3hIl>gnFMF~?n-4uJ{VJaJqo?4#JdS1zcawg z_=UQ1^+|7}R8xV6V{oo4ICC}s=P8+UBWj1j8rDngwB@` zue?cas2QZ)r>sg(d$IX&a^5d$6-YA1h8z1TB?#qSuaxh9Xh+@}x+K+U z39m+Wd@6^IvH&(1nL2GdERj~o8}Fj z8}AEwbsnfaA?pXQU)n#5ccMn-4j8LzF|4#!Kpmm=!X->0Gx^3!`bgrMe(JPYHfD_e zxME(d-iW(_$YVgSk6`73g4p&QQ8H_<@(<--mhZph!<+*QuT&cxZJ3;!A?>e5_3FR` zG{5Zt&(rJoQ!i&5uO-snXNjYvNPgbS`&O)@3^;Pq!MgGejwMWUX;^+;rHl%1lpe8P z3oJBxrCYBj+@xIHaTiO^pURr&ljazERcnhM{-C+A#}aU=-HhK)qYeNbo_+rv@7x^W zAX!x(ZS`!{%F;H>?B|1(8{QSdXOpmIgUSlMhwki*D!vdi-#aKvMlYqS36nY>A~xR(&&+v9JaCndlQo!!b;@koJiuesQNgMs>riQK6<&(vXju z^Hl!J&z_dg^m#a@9U;k>I;i6l*OlYP1jY)K5=6mvumT1<6VDqE9wMW*TzHqlqTF$zvPQuV3V|f7p+-1w#?>1U^vY}K2^$%a zDoxc^Z&r;iymW||30-=8FG3F;i6s`$Y_Qimu!nqK*C7dl676M3VgXlDLva+%Lao%U zm;?mTclwN>g>tro9t4V8KBCFIEqmR0-r;;@&>rxx)FdnO zE~u1dCaSKK*w(By{kssqAKbDEN_H-zts7Z<&R9jONzjFFkh0C5`TfJMc6tbkX`u;L zz`aCY_hgwVA{F;^4F~$h@!R~kA+~Ca<`uEC{SXV)_8bS;f8ZwCp)xYX$Eybx&-)@# zTaIHn)(T(FlY6dYUY&TP3cMK>?2E^vXpxN@nHr?|e(!V=l~XpjhjET1EOt_}0$nRz z@O5VS3f9Cgf%W|rUcFu*#GC{Eytimo#EnF-Zm5ZEZ>06|*>(wq_;joUT|iRo>2vpJDgE_Gi-^&t1x1(cT}n%iOb^<6#i zgrD2|!fs`7^t#i+Dv^S2PywUI2c2GNW%k*+PF0e{>0u<8exw+a^{ehxP<{utJ8aX) zY;w-5f80DcilND*VJFW+R^sUD(o3W*x!L)&|47O5-YzlP^@3=i@Chb8iLnPPQ~JnZ zf9ER%-Uc)YP6GnRe%wta&$@XojhU!DTQs87jWCPx0lg~E#;b-w{0hIG{|@&UwiGz_ z3Z@fZHs?7;jWS;=d|0?&5!#Rb-g3BpF=PAF0aoO@Ke}_ecEy3iQW*15M+6bKx8I>> z;Z-`X$S_&^n`co$##wJzni8^r%NH7gbLL|;&DTQc zRLJ0ojcOX%3Wp5(WzxF4-)(Eipo*Mr-s0QTz+65UKm z4dkkdk|q4z+*0@_W=tbzJ9uIwC4loFu-gKw;YHH}7mnX35wVegXGl6IG}n$9B4lXmLfCA-{w;+Scp&`+_ENYiW&3FOq$oP z4ymxl%6AAj#1IMwWP5}+p)mK1@$n|^B{`;)Gj1Gb5m=3HwZSX9H`GWV=vkkq1%cXhXC#Q6ojp@TuCcGn{k|&$#9KGlu48Zii!eWg_ zsd6E63ZbDEY4D{N72$kX9F$CXAEIUi$|;#Qa}MuDc1K0nqLc zt0GrZJ#+j)wn|e>`ftt6p&|NPU+jEc7IW0Ny<1%^+r+vhQx`2>FTrWWI0a)FzutJuvqAUXO_V7RZ$gB)Y{*{EhS&3q z(l~}<2rR7^$no@VI*ilRTUe~N=l9SdqlVh~XsdWQA+RMIBfs$76Qsp%3w%mf9)R_VtsPt>|4E|FA1D=f3Yss7g$JlD3Jo-GTTP2S2D3$;KXIr zgL(nRxzqN!F`XCAYu3Sbm-Q3u7sR2)O9Vv2;nQEYQ;%XmL8@}JL!g`6$REGL9KYZu z@Je3=DT4XlRc51!j6>bm7hT%?(B9)_a<|WYoL27fdmTHg{}uH1TJLGkT+5a@0<<&R zLubFIea$a0m)Ud>UNIrvbmR9!32b)I9^P}x8|DX2Aepmj0L zo{?+5E4m44nDq>0_%`U=J+iS4E=|AAJZtfDw=vxGO7a~WigDWMzUth(C&<&26fyo4 z)Z(Bz3h7k8x+$06HOxNvsw@7>8z^EkSJ&5%9TG20C5|n#W}Oumo#U*T?Ax2;9VGKg zPDP2S@%gWuMhTS&{DJO#W*01lw5G&QJbsm>TvVQ?h>F}V9>UIZZ=l+Vh+q9fO=XY9 zcXd+UujBNH87x4piS!U`zuBj2^+;TQsJ;~!U&$IJN@+*m#2Fh>XtRJBx}E3oEK@PH z6l-2ixBq-cTVi*ImN->GbUK;3Eo$4}0VGq?H$3l^4Dh>UCwop&RiZ?fWp zNQWZb+)gTpu%jJL1(;e zimOeHLZj=gM4q7y2ZL81Ccqh@J*;#xF*rHwc$$b>ZnH(a8qV&-wsO^H(oKwMY~5Pa zPh&gMcFtpi$ILf8qE*rZQo^)jh(R)QmdEm2;&zJ3AoL46>`FCt$;ZUY-7>G63F~Li z#A+xtOlh<>SCuWF!9MPlNvfv3Vad5?WuMqAyxf`IWRM@eVUEeFaeVFnlq4rlCbbLb zeoc@)_lYk@7dD}K0M;fb`40U_E!B$3!-xV{wwIwai zbtcic{o{wFMtsd_)QP9Q(2|$gamCdfpAbDr-%ID1j4xYfW_x9ZC}%9vTn0mfqPDj_ zjZZPlOp4B%ORvAU@R!YmbR(O?4<=>EOA?GK{9bL-Lp(@T#K6W)x0m2sWmX&upfg?? zY|@C>3Y6G3h~V~e3x&PL&J~xUqB+}X^-E1mCA9oAcYTJ~hD|ji7onI9e4lwfMz=(S zyzvr`iKd~!)YhDo%4GH;_PBMM8 z4Wzt0FFeG-hUPIpWst_xjK$*|xNZF?RW?NTnem>R+DIY_%N`xlbLY*g#NwX#x8?Hy z5I7O%4cTcb&_~Zl>D{gLI2&p;LP8s+v(9eiLJ7wth2}{vZ*%-C&00N8@k7lqty2Es za(Pk3pQQpGxckk`4`JioV{PL`lD{x18t0UhgOx6(@EoP-7Me+Q?NCtn_(`&uROnxu zAhp?s8a^n07@|=FwNuLZP<;LIhr9>m5&fZXyA7M#!VD(BQA+6LBsQgk;GrxsxyhC) z>t&P4x-{8N*rtSrF}N~^2`jnHYVYYwiWYkeBH{a3Mbbw z0TnSiUZNyB8>2}f_ecEnjy^0nEiwk*7;U(JpzV}eN^`3vh*{-Qc=Q>)P}9na5_kn& z8m{f(Sizdo8wz#%<6!uB?-(B*Q-cPq3s-1}B^>UIax*VpQJ~HJz%#nZk_|cf!GhOn zWjwosZ=zm16pF(4SI!(cYVYDMiubWO%sN1ujKfPYwc@iabN?*{X_RD7hz-OLCbD5+ z5Md@rFZrmDs4%^2B6`Vq-=sB3EUt2$;aVd>FbiK91a`mW<&1hU#LG{=#C^~%wy0_6 zE6Q=FmuP9tC}TVPPv5xYr@znnP$-LmxN5{c!8dcwv6JUsH)2>hvYptm{fxTnj_Jx! z#VDz_6&DJ5v?d*;tW+ec6_t%VVPwD)JPCev_c+xwcHMIq;M?jmbT|;g|B*<-C~RYU zl$8bpf#q2Z+Dt5`XlJ91DoiFrMxvR0M zcsm1jZ7^Q0gP%6d`^$`20)sd;a)tjc>-1ScQ51@Rp*y0(U==64^f#PRemQX*4~hlt zWjDK02a5+zmj%+a%){(y(Horsu7iybe1Sc2;(h1M(;hgUVTHI8G9u=H!SOU^xEKx< zVyZ;|eS0h9+xza{pcnc#+aM-m@u(U{_`Sh5P+I*sESjy8!E(Phh6pKtGOQ8%OuN9B zg6{)u?+(}e$cdxZ_( zt3N7yKM=?Q%itGpi>7nX=t2&c!R6E+-}ZFY;TKnX;LFbhBn}gMMXnua=0?-oiqTH8 zb;MGf718!?E)t4}6*JPGc)&AbbanE3xoU-V@-u?2xY>SwxJ;OMd%os)%hmBaUq{Lv z;hTOpSBGsGpos5|XX$yG{bvVCs^}k(EWt}7oI=%36f&0ORrJ^JkxYmTrWA` zeP8>RXB&J6qE75uvAo0o9kfDL`wcz}4fp9vB zGynN(NWgnCr-!&<#HjH-nFDiInacn7XLctvy1|AGIH3w=_@DL)L~Hc8qGZr-KX%vc z@a1dlZM>;Q4~vfOE09dUuL9mrVyFpen)bJ84fcP7agWBG`0u28my8kw;oo}q{{Q4% z{x|Xixt$FmllcG4`45sNL=On8(f55Y z`LZ3h_>SMg{`sDbjoLPfS*or1-=OOV-?xxJ)IUkPv#j|_U8iSRIXOfcK3n{6zj@}* zgjl-~f41-t3BgBDas=QlE@l%pVKE?X|3H6#$6K)=|7)r7?b?X#Tx+?9Ml6flha zARD{^e$Ns9Y=YmuA$u4{gld}e2D%D}=A3^FHtq?Ryd$Njo~TRd@ToVvD-$iT zMn1y6s=l+QRtmg_e(R7Q&(H6!RI!?ohM0L27UIgX6`xHA4=kh{*^8{g;J?9;G)+mp8eUZO`thL;>zH!f0)^najna&Vu2j5SU z9_;RROuR$&vb1I2p5}FF_^Y;9;qq9w@C!T7k@veM-;|>qsRbz^6FiU*E2W&|z_0wg z(Da-N!(%L;cUS8rB#G|7(GQ&@V9NAEx-H+mZE;o9H~OJ1nEQY|{Cwewbm1WU;$c&$ zy&Emc<6x~@wA`v7`~0iI``kYb>}G)u)DA>%>QfR#k?`NtB{B(U{PN5UaxgUrS$$5K zH{b5KR)l(bGuWEtb>%`3T1&RL<|15)U1S`MnC*ZU{v(Eec!V0#&dk1{!V}Y%S6f?} zpf!#6yxt)IrP+fIKy~h|iKDlm9}Ddf8eC~F6Ar2sFxF5lA6|o9v&-0#tIK_UQBni8 z?h0;$gK_dAYp`Cmc4!83!s%j=?Sz-#d@#fG(mYjy2g&NHs%v%GXlSpiR5$!?ZaQEB z7C!ya5CX5^m(WG<;^ZYO4J-!_!>`Q){robqrY#g^`URzXeA8A%6qSUG2~=?dOTM#i zC5vF$&o-OSMxQAWTQNm@ljNML&>TDxSkT4Z^2{25i!NN@pHx&B8GNjJ4i3ReY9wX3 zbcMwc)b`$BVhFWE?b(K2Hc}zxEH4nt(*rl3M<$iQ6xnyz70D)mE0bC*JU0#_Qt*=| zY`(b3dqsJz{gB2XIB*?Yfn(D`?L1l)Pm_)8a25e-o=3h=US)k;3b4%?w>I27>9X#FN);(Sm$@VGfVUCbq*IIV*Ns#&9;J10X2ezD;p(3x; z4V{)XRct>BKcqUV7#@{JD%5at!4DJ=xKuUq$8NFJqx4i$QA!5nVwey7@^O*Eyo?}% zF?8w%-?jswGE#WNK!fB%XSq1f{JL4MC$o_=5Fq&ensOCN$#z;46AZ`3&qoA>ciEG~ zJN<5Y99!&9e?z#S@$_*y#!LuCUEIeV3xRiTw5-siXM;ZOLd|s7t)NAi`k}O8J5kmq*|PaA z?0-Cj;5~{%P>yrwz08Eyu&y*M1|HlW!0{6Im0*+#sjJp0+uXN!g(=+eFBncM@HJTw z?^fWgs`}>IV6%<3+SUR0_#~S1`yIxy7XUKPNoB;1r0!|Yih5P-OogdCX1z zaHJyfnz0@dES6ms@KSPA9x3|6rzy1nv#dAlOP&hx3N)vARNgjH<-2duX|+zQj4-x|(4^@sp(F9p2^sJm|!`(>%WsE`tRs6!Ot1o%oj`Ppg9ku_1B+sb;`H$d5jHjXS?C-G)QykMhb zibL2EMXLRUM2dD+E8^73s`%L4hBsQ-#cpFez4&~rI8R(-o^8!sN_4lvZfo+4K~$~Q z7j5JA@uh_Gv#^W|(rIcPF6|z<1sc}Y<%Q}xmFq9Pt4Bi>B6kFYw5!VR9Uj9YAGFw^ zKzwD-7qF<_eVm3UbV)HN90tph|%g78VEPs_ku=3ocP zbF3NJ=_Do@oMYVlLM*N7ucY7lTA0j+&RRVsohm-GXL6`$<5xv}<;z<<(sg%nBKcts zs%N=5)tvM(Qhlw?OOeKt|BCCH)%cD@KDSnm@of{v?LEOqZE0T6;=th;vFhdQbS%zm zuW#YIzjV<{As^A1{xm9b6t1gLyEf}oA`V#?daG`Y%BT!-+ujP2w(42Ib)5j9ay8z0 zlw$k1olLP;6Bi@?!-MD5VHTglyhs;N=OCblDLsBViO1dRU~b=9kqkT7whM7o)leKT z(()(4r!y*emT{=qPB_zkez%}f=o`a(H%S`fVp4iN)E|>CAe1~6ZO`F~wVR^^RXAqp zBHwS`oj`iN`-+&Lh7*cp<+?>AbrTzV&0l97ueWw)cSm3!0UAVXVAriz-<*D*Ym)3# zOkk#{eDVmd3KmJY8u57*?rX+?+H*Rz+VD-Btg^_4tX4tWTIUxEc_8-TDV4$@ChtW5 zT4a#$T&lLqBc_FGK+V>pWYd4!3eP0%OCI!Oxm2o8tIb}ljn2Jh}z%s1_BaoPz_ z?%hTsk(f?Ed_vNOP?%PIG!x%7PEil?Bk1vdih|F)+(q!j5$yVDtgUia)d`MiX;8Y;Tf3;a|)So6D22 zk29P@H;3bDH8l;6jv+UgEOmuUbvL;e)+m3o2+NF6DP>RoIXNcw?W`o%ggN|SEJd-x zWp94f>Y0s*`Uy3TRAt#Ci=;2t0c%#Z-2nJaI`pI@VUH-XL}~fw{{6U z3Fvnkep>z%#R^>}(h&*bI*l39zwuwD`c54agW;CE2$IX@y8fbQB05GSa2~9mdF}s*9 z?(NyrWpf3hD4$+df(DPTLU*jK8(xu}5_c)JCq0#B%20*4Jlq_w(8F*IldlRg^gQW@} z8t;IibuKX}8b9htHw)3zr5q(nl$#kWuMv?^Q3x&0t*u7+tv{mESn7yZ+QMadxP#==T&T=oYBFH1tE=+i8-{tbkbI{n0CH1K5Ckx#z;!o_58yCo0GCLk{K zQ_P#g4f87+>sfTIEB?d5w52#@9?pRuD}7G{`hh{8K|o_o%9=me1$Y=vpKAr$qmyfj^ z5T-j68af`zaPdcd;gQ0WXT3PCm0YvUB)q}pO%wC*Ar@}u*ZV5I{S2GdNm#;*-8k4( z+R;*YsLTJbl2irsKzV?GGDy}FVx*IPJ2a`|`-uijP^ksVS|?gxuG=K#iwb&b>>P`W zpn(p7WuKd|1oy78wFN9|o+t!Dq!1?Zu+VYsyF44U+@nZOIM?S|Le=tTh`3&-ofvh_ ztfTxJ=^?FfEa|cQ>Q9KMVTJvmDE1APXK;qfp}0G>M4SJE&ipaF z)+p|MaBHn+EU0A4UlH1G_=@^qS|J8bHKNxAbN7V!HX9<>UI2+qU{Z2P7X)Gv$pPHr zkPdClHN31;4|db13Ia}FZ@F{0Hd1+4q<$IakzH<`?4<Jt6?#bvW23f!*_))Sl7s_*D~^+tg@ZM5axvJyF2EoDAc zsPdL|Ze0=cb8wZr8jjziqFYsor>zX-=W@-5p6bx<4Zl>C$k|BrT!JQWB60aq07>YG z&Rx(dr*GF}%F*t-nY`#2`~`I}tut44@Rx3E#OqE!thh;RK(f~7{6*7s1f;_EhHlSz zi&LtdPkBC!`4A3YkNLdyIAw>T{yjhv6oFg8oorHOp7(E9vlLM_Cd1vCUrbo&D2JCe z+bLnQ?|m%FBe>7Xhm5IZN{c;F&mJ&g-ja;XNv|z(zkfbNRaEU_Td*9VVIbJ<6Lhh4%eEPGANIit34U>Qz&nh|$4sS>`rwQD7e^HAtJeT^$V_;f#nrQ5Eivg>6k zshPuKM02mdCd6UF2S%tcA0QM>X%;?xuR^WsuG0{vmJ<-&_h8Pf0k!$oFe>54p_A2YS4o z|B42ax6%DubE7HI+O6#Y^&825j zsiyIHZr;0xufM$i>X$y^gNI0NAe886M|E!+p${`&X(eix&88FOX119^Rpk9heTw$w zcx}-tP4hn~sk0b=%n$vtM(SsI`z42K5Y;F8$={wEtUV<2Q{WF_cOBU1JKjhH({P z#}e9smApNNT1|uzYFfmfVF;#*)26EN?f|Xeyu8A}R5rXw*!hSo>skNY65nt$Ko%Po z*!cOvMIL0C6{pFQ3?ahL^%cAE^Yj>p%g-)Na&cO^gG{hrq;t^N7|TcJoKnWGY^7`@ z`cX%bh-bZg^U(^W zHaP39j=v@~4GLfy2TDS04r*(z&ST@hVHax$;-xjYXtNt%9sF#p#KMY*?h|J_M8FW4 zka}bWWLwjmW)^h_?47RQy&UjiYyV7kAT0`mG3&uGsXQG7J8(N3n;&B(U)hCzZh=yLh>3YyB46LHhCgo(V52j1TL2 zJnmg@PWc4|x~)<=`h&y_7mo|&>G9PrJLI%k#0R6yI>Btc$CY@bgC5ju&8V+YG%AB8 z^_n$51dn;xu<#<`KDy0u#3OTjA)=jp%FJNngHo=<5nx~fj`gBd?C2e|f!C)vbqIvI z;iaFynvHpy%=d+gdFnn2t_I--PRkejImt@gJbk-#7jTCteQMySlnn@gUeJ#1$;+rv zRy?==YRh~_k5OM+_JcEJ5phH233g;st@)6*%AyjMxBXsd)!BP=W-h~LqpQ6V4w8J0 z;sw3H*L8Iop{I#|&!A)B1_!>5ZD3)zFYrHX+L1 zU*`k_gkfNJLkqphT>b`OeSfu6vq#3n^gmUl^e9mYG@Nkf^$$EqOq?8*X$(NxSdR{f zfs7LJeDIu~EPVJ1xRar;8o{L$?5)rdhU0IXp|`#Fei%GDc$r;Wf@%5-h6QDIGhEUQ zS9r9WC@AN!Y^^ATD69)4v25j5H!dB!CQSb5F>fr$g{V6_0jLOM`ALTl(xwNAP|_z zL!)4vAfP>zCxrcbKS|JKF7B6Fdn_{54I3LX=%(QdS)yV!;VGR|S#2GmX3S%rwJ%(0 zyQ=_TxDfb(9T|6Y5eEL|dpaMS-j+4bl?kY?VXNx<-Lu{593@FM;QYM0G(-*H5QqQX z7ic^hOD3@RP%d@1IG?nq@W~Q3V`ltH%8fSWd09?H!;&@D!+zN(jH(VH@mRDYza|k8;-T3F8yY0k5N{UXeU-p z)lVP)1Fz+to8SCnH*#O&kGpusPd)%kw=Y&Z^`ZzARE|pkpOW)8zYw^>^c$QHw%n;*W<2Va zi%=1z8RS_BS&Fe2QBg%S2OEDhyu@x*x0qxVN^aQIhm8US@%le_d&{UemnCd8f#47b z?(XjH?(Qx@f;)pla1ZWIaCdhL?(XjH`c2M0J7?efopXO)Rxj49erLM6s;m30u6nwf z>2nijceJDh?S)6J?;JiZ%xF_(9H)1s*~6nkZCIz)ccXY&?B#;DAJLaP9`hcjcV7Lc zI*oZvv=16gSt8k-^FeRg$7IjAZ3AaqFQ`{IJl~fu_1vk40$uyApVc;7YH)#vgIi`z z9EeRMMecZ}qscj6F_=ugvtwlh{2Y4rC^|_Z`p0M>+d{!QsZ(@<+M%>5BEegYes7fK zZeY+llt5zn3253dD7`s3?W70$wpFElMN~d_;tEOy>it93=MiSxoS}h0Xs2Tgg}c?= z{sUha&;tX$n?Dl#v42(nysh+YDO2-1Td`{J#xOm$8;c4LNNH$+m2Aj@*{a|GaUOxU z5ZG1bneg=C_Cp_^l|aN6t!AdTeMkI0rZX`&$%{)I`;;w-~^ZTB!1U%gr_>Bs?H~txg zfbCH^4h!Qt7X8dCzaLP;`?pN|bmbNtd=+UG^e665dkYU$SIl#$skcvY3 zr&K>!&IzI(P>EmY{Y7yCH7vRCd$zv-{}Y`_WqM?nnm3Q z!JAQZx`Gx$p_5`1W6OD_MZcn(ehHak+wHy%H0+yTGXe@Nm9 zq=)kY+-|wXxj=(Pb|7)1Nu_(IMs<*?`6Dp( z-zsd6=5of87Bwy_u?P^`DLJ?Se*F>&X*t%)nG4}o-oC9#zw&?6E8@_Ice`h?md=VA zWyR;P0K3!7oV}s6=o#>GZ@E6L$ZWD5ITg*#4-%eE)8_jaKg5E z&kV9^W0a{FOF02?hjmeTP^OHlS?ons&X->J8i3hK>vlr$?(6Al)X>3@l#&O2Q~JE- z$Q?9gh0+ir`*PNB#Jh?b5(0F6L7ZzJQ~Dn8)OVIi zf#N(@Up(ETf0EIZ;^s*cU-<-s9g-Do9OkxdKS%%81r`rp)Y)2?GCS*S!(36 z_XdyIvpoXs8QwqcE3H2zN`W%s&1%nM>h{`bda6m(v*8H+eA4=UUk)_N@OB)^lz-UJ zDubrthwUlT6{TdU%8{VV=hRM+_y)$HvzH58ziw_2V6Q(i)Cv zGPiRH567-$F-l4=lqKbZ;%z<&`Lf=5O(4IEJ5uC{7ufA-yUkaR*g!7{=_|s94a1)t zc+cZUGrY&v-7sKaDOu59ETC~O27kEAgcRd++$e$4ZDfq; zpNlHJmMpv;X|Q>xvp~42!nR-Eh&pA~OYYdL!MF7+JMOq5n}H;@E#JH6UQSS%BM}23#ZgKwG;MlyEGjS077Z}_0BjRUctl4ynhG4j*f9cYo+hk- z;4uVdmLmJnYXrdY1n~|9S{ABuoa*4~ zTBmaDCkoKgo0N-AkFQk9IOIB4@a&6wp1McY<$dcY2~-wGQT{-0f3riG7jN4>W=!=; z`S}&*q8#lJa2^}>G=94`Gk0y+kS{ZZbE{I6qjFB<1}{P6j=vxLkNpb_{7;~vZ>V{_ z_6Ay70};rfd!!}1YkNnM1{|pYDnou1+m{P-j3-)(#oX&9%^r1tH&sgLxg7#yMdWhb zH)Oo`O`f!h62H;gfM&Bj!LOvByxdXRufjIA>TwFkG>(hyCVlO%Jx+#czCY4c|Ddl& z!^g9-e9UXjD}RKtN92L80)mhUt>?{)(--SB=sOM&S!r9)wsUeX5BtIz3pRi^ zLvv=rpe4Sc*YBS8(Uz?kceH|b$DXQRLtO?@Q@qkd*@x)P#RqLXJ@$hS!!yYlR zBQw1uP^5L7dW&~1E;?-GRr&d#?frMCO9u z?ybE^&S8U`zdSA!*gSDDSTpNi6`fSZNVGMKs*L7C_uT3E!94v1!M3eOUxNoPan7>0 zO=*DO>8PL)aE;4dM`-b3^!RCk0Zj>C8su&+wosXOzDWJ5@|-l-O+!4h1G``H_KB$C zdV%n=3F|;#yldLHsnFpzg|d00Ye}T$hs9cON25y$J6pr{N{DBr@^i^i{u#IO{*!#V z#cbLw3u@G3pKIX?ai(3~t;}F%;>vvB+VJ)}vV$;;Zj-9bXo6s?`x5Lmk&BUb96QpI zEI`M!4QUhm&juD4NNj`wh#IdXe!h&$m-FY<^7+c!4z-wIXm`AcO}&Ss4k$*px4;*g z0>S2G{ya{tQBg|d1Z8@={MHZ3uS|L%mjT{fKA@W(d#SO|bgw~8v6Ay?Ueml-o>JFM z$T|c}OD*r1MsRC|OnAD${BoRSp;)0^Bw0{FwF(gc3Oh)_6Mm|c(dAZG!oFZ$xE56?n~~hskXRgGF@Le9Yl<~Wo$<_!{*RUQ3$3li&K@0fZ2X8!|3bTA)h+^viWafTJS9&%yc}JnSB))b=cGB1d&?C@gDf{#L3bTF zw$UCk#CG3C7!tN|J2I+URbw(n)(^UE9M4KMvJyg+jMAziRkPA9lre5abB5h3E#@zC z;(}(JiKMJuW*>+c9Ah$i4jTrSUoPX*&2XPfTIE=ilPPAWrsWClNnqSDen1xP>c?UC zvZR_qYF&4{e=(+z1m;nHlHy=WsaB}=q+2W0JXBa7jX(E#c27{_!U<1hO=sUx!ybr? z0OK7_(5d_q6dAfEyKf@o^>uBhBCObpQ)ueDqIyHcfAQw1m^`nUhvh z?EXNNb+rs04%#KPAO@h}4&hxM4{tb=r0$A5sW6l*l)R4~@=Q7cM(NYEFwQWgP1_%F z?;MO&m%GkhE2Mqwp-t5L=(#=CLq0m*<;S$kWPnKO_LauG^$AYYh7a=MVF+xuNiN|Z zsd?yMK3P9X!uHTDXAj!JFKO|0{iJg4?Z?zdMA&Jk`iF<8ke`sqH zwCzS-Nr>AZvn?1+!bv|pZCsfofocQ?4S(eZ2fa+ZN3HMJ((tsRNt__@B=1GwS_}67 zw7KZaQ3#r`-ntkpS>tc8R^e;TNLi2Atwt9SZO&JEBUcJ#& zp1O9&XX%ufh5g4By^lgbPtTe5F&U zGe!(#Vm`mof*bhNkpE&Dcw`?6iIg3&1#n4NuHA&#?4OMIPy3e{WXeV6kgI@sa9w~U zjDu6~Un)(MM@{|jW6bzwzF2J58{Gjg4_Cuc)q8F>5ovkOH3|Lq$CLP- zoy%tIL)1k7l+ho>=*;@95eGXf1poc983M3%W^Chx=s(*0hcu8K{fXZ&b4UBLAOHO^ z^KYE!|0nOTt#F(iF8@O`n4e&~P^V-z>9y}ZM(`04|Nkz&q(WJq&v&;u zFg$BVU_=2wK0y8V;uHM=&PEismFWL&nDk3Ki-j=9+XCedvFu z0Hk~*=@Zz{jQG{{e+!jh!xV9V{Lk}{PC33;|LuXO?U^DacGs)CSGThj4hjfAU_WV+ zeL6b$mg=p-oKKe)D{wd+JB<@{=3=5NPycWs3z8U;7?LUO_jjK<)A&V1z}g@8uzsHd z;s!O601Bitfd6=|%fWoIK8(7r+t4o^LPqP`L`TEeDSf#d!-b}(@P5VNnal20G_9Qcz!nUBW+SVb{75DRsIM~3?uFR@T2DIr2yKsMio#S_j!8ZuHu^(eXxKwJk){g%d%dc| z2d;87SyhmKefy^zFdz-yG#Z**XM}uJR~H{)?jx!!Pn^ z;%Y}~Jy$A`9qOFbzvl=9aFC0zGs+{i+uz?i-e2MQ-XF(HXz=IB`0%v1OHg`Y|MWGH z`lDN`PPLBvA!{k%8W9%94ebn*6WL)NMW-3gc=$Kp8-@s#IK5X8XI-H1+&=EO0B{KG zwlFLNMF*uOVxm_ zm-nq@2dCU=)*WzR|4(x=kWy?KAOjt%5m#4;aWHVpubnJODVAai3_vbGKQ1TZ*;ZCU zxi4a9OTqGnK=1V063~dpjN<49{1?t>Zj^WS+iYySMWa|7yaV7lZ4j z0qwRkwh)?SY2i=`X$y+lrjHD>x3Uvlw8){oy1L=P-wlGl0s*<#piT9nAk$E?D`|MTd~f>j*H`p`XgeMv%buH zX(0)x$6|?wa6R9$>D=O9eLH)Sop`4yB}X%CmH`KGy)Jw-{cYjrLhnkX+>gX-RMjldv!`i~mG{(R`4T!;g~Br8 zWj*M5$_F8a+I+n6uKL%I1B|sQ)tnTS?5DkjQp|Oacp6&T{y;da6F7FS7j{)(Y?$x$ zP;RtAU?%O~10lYVgH$-Xz5`d_grl>HDO+Vi)l|%kHvEwgws3e_lenoZOsy z7(G81>s66C8IMh=RU6e>$5v@-O+l0&h$|@hMvyp|>GcF9l}Otc0E1Q=_x`faXXqN1 z9UM&mPVMSWJNPYyAN(&J1OC^<_RYUdw9-e9K^yIvk1v}jjt5?lv#FIwT426r8x1AV z`0NIweV?Y}99ezSKBwLYwvMxq5;#&Sh+n}(3fZG24`b4m|NGs_pNmw9fhOK!aL|VS zxZKr9n+F53T-QH7mf4lv9d$9)U2qw4)aMMKNwCKF{@7DKIm2@;<2!jUcWT1Ten|@p z`_94Xgsj`SFSm6p=Wy}zf>yPzVgA0vF^Ks>y5+9>m2NYV0R6Eo*x8G2%m}yMnvSyVu1JkN{|aY>mPm6dq6@$qgl7!KZc<-!~O)6kEGUr?oOVI>z!jApaxjCbdOuWS0jY+TLFr=WtWBH)GXQM*yw9mTtRe*M(c&4tZ+&jnN9BG! zhz*{L*t6Q2D-yl~wfK=DYkn1A(mjyWWP&EjR}UL&sFNT41d%;X<6`7$BFCLT4{?+? z=iR0h%=Iqc^Ak)+lMW|r;{Vc`f>;3xnZlWIRsPn-DLF?U;MdNw<^UBm{284Z@BL8e(89mW|#{ZMA zNo~ou_^y`Ilcr+SNdYJGuZ#NtB^`P>fa-*_23ZQV^zTKt4u2y^z*{}i>6)w=YZZ2? zyt^?Ocy*p>_Q^MVy!j{{pOF!2?j3W-SSF{FD883VHO-Mrx%=k@~AKXbR-@ap%|^Ut)uT zLZwv}nm9nIrss0_(Q8W+?Bn9Je$<-q^al(p7FUwF5b5f)pe{;^-d3uA!9elF73fb4 zEe@r;Y26kG$C^)XD98Y@F%RlND&toWe74|-A`9nWo#;U1EYbm@Tl(OQ zFHx?#Zdr4IkQ3rECD)HoIKujub=1}t7POY$$bzHE)4*(Tba%SI+w*eKWbF>2IhaFo z#E!)DuDYa$ftJbDqM0hc%*|8pp9Z54vTA$^Zll#5+XIzjDQT1j9N`ja;e|`3&(3>X zJMB%MlaJX9JId=9epX|Z!@&&r==E*P9gw4qjTOgNV~H#_I8^DG*DR!1xs8G<%EVR#)theYo(4^7hNl*; z^Mxi^v|8ajgVvWmk=;R(nohtW;o*dx1)i8^rVA7VuNxRz$|=lZctl^5&b2n{hJVb` zf~dMaz5EQYT^w$FZhqRvZz!tj=5i+Yrn0`)OdmDrsWu+Im{F2*9UTz<+lc#!XiFkL z-!Y)G%M$%exkLR*wD%oyb@1<80C{MDnSwlexl)XRv`O{)T?$xeX8{F@w*%x1Fz1@7 zF#pJLAOe|cCJsx{-7PtV*UI=^BG(h-ug7y=c&b`Ifh}&$7}fqDF-uC_EMs;d z5gnDDz8dtk&-Na|w$nuVaXCb7kfxwSRpn+$t!SJY$V4IcB4ESr|M7sp0B}7zvqi0; z5;_|tCupAW4OBr&D;O{o};VlXZ zW4bbpx<|#c?1i0yO|g~yH+72&<&l0T(s`YsDCZpku2RzHb-rR$%1VQ}W}+XqK44WyP#~TN{?r=@<2!>&Bi74jXhWxXAUU>*{? zzWvT>?IcTb8n|2#*)?leR2u8f^n?D?m?hC`^__vW7-p8kh-=LY&-!f3Z&o1@qz{4R zm5vT8T;2TYayzK%*l2ep^h);lLf$*q(#Dv8_-v`U-|I8_GulWhJ0y5&yk>}Ru2FOL z@QIR`Y?Ym8|Mz6TqtP$M!XbqDo@c(!l!CY#G?Ov_bQSL0Ny)-J0q?@m2Q=<00@$XJ zhulbF#ZEer{D;e7gEQr)uh``Y5Fsn3?oawB@-TCio;Zc|Ln|tQAIYc zq-yHAgYQ;98cieH)Euz)4v4_4V?GY{)M8ZRDn=@H3;N$ZTeW~bh)t>cO~RpuDMg~Z zmMfHzid~%0=T6cvdQqZ==!s`)Fk@XB^rys|6K-!s)AN3juv4RISW;+pZBLz~p=Lyk z-eL}>_|>~W;BcDpDYDz^0PzcW*zD1i?80^_;hG)vd99hnD6CezJH5*VIa_Wj3pK2P zfvSuP2?8t2+~|R7t#!Fs?Bsz-l_()C?dQqp{wvpSObqPb{4N+uR~2lWW(~1-Dm-TT z4oJBlPmJh3N7JV1M+n(CJ+P-9txICLil>?|H;aghwM2b1=$B4s1(9mNV+h#YcTu&J zG2|{a`0nn(odf45ancpd3084p_sq-=J^%B)B(zWP((q(ZluatBjV3zU0DPA*c7X7k z-}Ba7pmZyNuT+H3=?7I_0*nSX7gn~thl#VP?{YWV1PLiT`?oQKGXiOuM)CB`6a>$c zr=qavwnWy*1*l|*k^AM{ZAyCm@MD&NVK3MsT7|>Y&vl34x`L7o*44y6^AP7{xVVC~ z3Df`#gcy_#D+JVcll#%HI8tLk)a{|M!&Vafk)aU zTKK~?Y7e|^AnfdF+G1Eo6kww7VD2MZXtUubBO|Nls;@)jtyS|LSCyGJs|q@G7uRBy z2@>Z>G?HgE^?G4API#>7tNz1THSaA1)WYv$Q$uXIotT?#-oULuCd==e)$C4^T=5>L z{W1RRY&4NSUKY&$1UwjA^alBysECWFM6_&!=ZIB)T}{#p933Cyx6hyUl#%XvahWs= zhq=87@-#r5Qjv}hQNP|f|FWhMZ7O7Ji~^FD6UN33zgjR7>WWdqz^Hsr78ZizH`)Eb zY+zTfq{(bDA}3mCK^M2XvAIKCCu-0q$-h)HjgT$VRbwz7Xv$#VtEt7h_hN*+mV!$% z^hqCJ&lwmdKbtX&&P^~&Fu;j&yq>aSpjoCHzyAX+6;0NsxG82FGts}mbd@N7j1x=0 zq&s?R72q;l0EuIlE)ZAd$kcCssv1LBMZRql9G{=NL>YGZ)EyL^(+smm)47fHL}>iA zP(am*4Nf(YZo5-8{5D4G>&=Yu!?LFz0{MMa8RAd9)9&Spa-k9~(H0Ey(IvD5dU&b) z2xMG(^I|v=j$sDpNLI#ZUMr};Q*k>iIWHaWh#&@w$hnlxKD^;NfiEXjO92~3+OX~=6dV4Gd?DF8SZ4cHmH zxa};G+3nw|6)70*Z4$gZACgsa&u_8?ykY>Xhsz#PYq3f)7I|i#FgMfFai|bww<3yi zD~AqcSnd{Ck^r8k5gheG9Nj{41r($rTiG4&C`7sClSvsIcR1}M<30Oi&skAB<@s^x zhUD%<8R`rW3_KMxnEG6<2v`}ZAu3I>ym$rrT?z7&*2bJBGM};RGc(9;xoo!=$mq}S z84e0PO&4qrY8ozkPj+R`ne}ID(I&jFkq(M>izL$P23z>BYzi~1*&_R@`62`|OXA+D zHg|q8ndv;27Y8ujYVCCTf~t3Tc}Do-@_AvGsFrmbMe(TS+K>FpCjPy*ov?>u2HqAN zA2+(^O-se*Wd{gZYhm@lLSY_Ql)#^xMiwjyu0R+6uEHtaXe%WnkWEU^N54tB3o>j)D3S zLN|=znz1*ERIx=#x8JuB?11E5#n>!QqNQUw5>0tKeZr^{FJs_4*E2fv_Y3&er~GKZ z;jZ(;YA?xH1f%`s)!d~z{R^g$E=G3u%JEJAkt0(cSMeb#8%zl<7A1!LYu`G59aaH& z-|?ZSRYgIG1`E(p+HkIFp0GzF>-m}7b*8eRgiS;GPk5m521+|eNyhWA5uumtNNFV! zk4pgvsHbK@U)8Qr+d7zU4zKjeKu!59I@0FWMiLZ-3APy8yEP=+fEOLpctL=cn+nXH zD@>SEw=C%Ksj-{AQ#N=-Nwb~4@`Z!kG;73S>qwKx z*Qo4r(4fN+xilZ%7#xwKsrNpuc>%1+IpHdz+{uG{ie0o&3W=%Uu{F4JB2B7aK-Vk` z2-*8REovThR}6_%rG6J;>qQi7(4RAwVDS z$q{6YTirZ0Un)^BC7m2i0{#U`gA4w7M}+9u_U!;7DdVP^me~Y6Kdeq@mzxFZ_ zEK~H`X$z+QmOY1+<0c&^2f3)^GRt;-+JVI8q=Ahn@?6uTzx@$eUdpC#E@?*IWjz%%o-I3zJ7z|Z#rnwNj=)>lA}qQg>9gTB%P__D&MIBZeQYzQqbS8IkDfzg zLPPdhd-WG#7@uskiSn{xBb^0QvhwT9M)~2toD~u0ksK*mFrmo_?HR&s_4E1re-X0v zjMBGCC%C>luA1{@1F$GlaM0-dWLt~5udJ|-F-TOFNpY}hl5;r|ne=@vln?jaa=6H4 zx4SAdXwdO4`{ACI|4J8i&XbZ#;gOY5&Yd-TyDB2X)ZUBPRy*q zDZ^IqaN`OgwvMBrr_H5f>krN+)x)o{)DzyK%K4sZA(d;?^Uhey*k9JlmRR*n4#O>k zWg?ekbFT6xrF-W_X9oGEB5 zqh!(C&g<>;wwRd1EzkV`+5-N|A$@E7`SVzNOA!^ty`o`yBY4?xqTPp2BH=<~Db7hu z2EJcMD8-zg440i^cLc;P!dJ@H!sUJT6M+5gb%l^rp%B%9EfR()!Uw!gL>omx#5G^@0*T z`f4OBCdMacx9FD2M3O#%*sjX3L5KaA_8UIL_-V{MsDxo&Lh!pyueb~3;ky= zZ|DZcnD$2z&!g-}x!bkVBNevj60NC?`3Tvy8XVj@SdwD#bsj3WwhPltiaP<6?n8-05>c|#*5!?3b4ts09FR>4h{#xeP3P<6x%n(FjN&ls~% z9FOeqDg6^VlX%FQ-`ktvJoI7ZeX`>@4Pb3IY%Q_+tt>B4Z}Ib+piS9sAS-*4nSv>$ zZRfYIDvp#6vg5b;crVNNjj4m1)My74=)!eNH*P2dp}2}EsoFv*Vb)_;ZWs*UV^pp; zN%`oC%g2Z2`8ABs*~P_s76Rl>g~zQFn@6%W%@}`R5fk>159Z@$tiqI6YM2q$a{y|| zHy&`kbB7FG3(bdw2Qk^ z1@)H>mk>%Ceh@V3#}`RM5evO|>(J{5*>uXs2{=UO+CgV@AFYu-Y}hbhvS3#T~NiX)6ztKosLZzug$6TG|sELkY)L1=bR9LO>KD(=x%cuRiFP- zriH1Xf7giQ0##lFSL8$W|MyuO(aHdJcRr_BVXevX9xUC z;&HF%(MY#1=Y{9i@l207E0XR1D`*3Z+c4{aEUgEPHb9AvcD&sP@pPy7+}e;3v39Q> zfHSz-&EGvSH*=K0orGuTIHFJ+LXnOy+7`!4VpW1MSE6+q9u=XHm{?CPA)q6~V1Ffu zyz`ZiLiX-qNbt@yvJPTYIBw^x%sFwY*rtw+p=u*F=`+?robn^fT5RhmB5Ik~Rh~Lh zZt4RwvbVLhqeE!1=Q~zG(b-#dZ)tKk(8jk#ys$a#sXz*yqP~ZEiX^P;q%?mEKIIgRJj5YFt+RSE0%1& z5SHnWaBD3=5|cK|5Z!raXyE3O*y&nqGCI5HjykRz=+ga>3!v?4rYl)INfcGfh27jZ zRr86BrUuagTGYIi?&yv+(zx{=imH5)PZzZNO*tRb-L-0WN@vPuG5u;s2oV;pNvl%Q z-M(&~rq8w_EQD6^>YNWamw9>%n2j{gpw1p(&VX*Cn&|7+jyaf45{wf{@^*P0_Kor6 z!U2KNhm)tvxe?dpR~y#f*fglDamXv!3egkHBvxjBzWYs>W-;f?TMO_+n6c4d z2!Pzm@ZV`Gd>y`rL*k7(f4k=^!zl2Fh|=OIXt!r*7TK_|NHnrV8>kg(crju02%e5Z z@Rf6pZ$2g%W^ac$mx`*ovs!hE-c3FsypNhhEgiymhroN zc?c)8l!PhVSKM31@p_k!(`YSnv|HxNR<10zggXmu@CkEnm)7LG@$z434gnWE@3GE0 zRza$UIDEO%ZS`C4@hy26*SPEV(dzpAeBt)kuD8l+s}a>BL#zdjKv*hXI#-LeBT2&= zx@x%f5cBlWQej-oHTutszfcfBkUrH@Z1ib!Z#Cbx zre?8m8!_P-ZRLxIMxh2p0$`TuoZ3A_Y?7V5Ozz`qHyIiKCj$GVn=o4m$~TqtOKDWR z35Z;x+u&N$wX355`BnMT|#1Qj_2OldRMbys3ZnL(=?;ZbUq6aPe6X! zNi>}1aFU4bnBJlwm}pA7ou<62k=pKHDUxFVz$dkNNh5mih$Em5pr zAu4q4D6j63vl|=LIm6_YmBXu{k@`-CJ`ot~DeIJ7NryLE@Loj$25m}&72d#0*D9w+ zD^YEY(L5n)W0+eL^xXAwvkJMQvn&E?dl>*M@4?8q5LA*PSW?DpWgk{pjp{S9=~0aK z%7v1DF)!teO8uzhXKT^eDrmOi&xT=yVKLDmy&*X*jp$@HEdt(*cjho+%Dd zneLB2b=doj>BKvSv|YAS%PhHKM2V%8TzW1#PqQ^yeCO|?Tgjv05!tx?_H(73OLsHg3#b$nf%dd*-sI5tG6J|_F+Fwgcu z&FQ>wckpE(^K^D(6=*aX5|=>@)$RUt>FF>tVheaf|9rxO@0tRpe}G2}8m{R4 z2L58EsQT^xRqnWL^0HnS7B=SAHqc3C<%wcrzro1Oo2N%=niO(-Im-Hxmdoh_71OlH%<<+a7wJR-Be-peKUnEL(OR9XAO2VtI+9-G1oafi>L&D+a z-2|x4JK{ADmJQU0M4- zuZ8t4h8!4wX^Ge*x1TQ+R5f5x4b)`ggY-L(5IQmp+APFp0t3@MaZjiOjASr@Rc&?! zVuBK#_2fL%CFPz?$j1aw5LF|fCi*<23T=9y5x4VD&#h9dM6`nJ$4N^Oo?&A6;!DKn ziSr4EJyV-%FU1+Kb2_nF9}wmjroEs(kKJ|kY=b{GdTFY0*Ajk7R+>ti8j5B#{-hfj zJ|NT}0-Zi&cj4_WUrB@&(0w@0=ml0U8#Pr61&QN_vMs`u=Bbp?hTc)1mS$PW9BZJh^Nz&bRHr{_OYLwh12bR^<$; zp7N*$LK-GHO4Puvwuo0cl5T4ir2dB5WGH}ArPt1xI{A4)kn_I2K=D#dB%*_VU1Th$gDoPqD#uW^6=cXd5cZkjQfa@yfIBVh& zO>Quau$~|EEV$Wf58FFY>su3SdIm1KxHD1v4_*yKl1we=k zx$2XccGqcy_j4;_!F#*@(q%gz!CTowEwr1Cug4va0)umFvEe-;HO*G@9y7r7eDOO* z1s61)yA6eCM+4ZsbO#n_`5|$8$>*)M(!|Ti?4Bp1uH1$p$_I4o2n9LX{)Fh7%~Cii zJe&wN>oy1^FQyOaOBp>~<7+*`hv(wp8u&N9V2!tw_k8Q+I4M4F-RKX=HFt2{>A^22 z(T(?adO4{bKU9=`*mRfhUCEvbO<;bpS}idnBO`CjP^>!0TR$yS8Er0?uh>%r{s~Qq zf7m;IW>cZ>|CYC>2|gg*cXA+2J!gqUBCeHolCenW%$2^1;jmX2NSsLBjU}~&H9DZ- zj`Hw!5=Hx+dp!Zo#9+*ynmlZ6JT!iO{YuF4N|by0(QZU~8uNSiiL{+t!hQzg_vifq zA}S5GiLXCt=V0v+`kSG6vDSLQKPtpl*@;lCu#u=R&BdX8HK=0Ofv`V@2x*Q)At^af?MoR%+406Rth&z-nOp%4kydk|IQ_Hfbhz!kWT{4^tfdpj~*K`>JcBbK9Z96MY6O1-wLw#^_dzLq13*5>z9 z?wDnjNuL_r`O-=3E6kbJC8y@NJ7f`FQQ$8j0GVe|$l2ENkVvMUwCCq29B)Xu#pP0R zW&im^+TP=0>#Mr$GJwG?_f3g$ivdRP{uFLcTZr7Z{yL%aw#a}jW-jaWCy+P$s0ZK4 z6Uc)wzE@-9{#WC+1h<1+IDlqax!8bSWOo+coKaZM*8Un9?@e;aNSJ4ZhirV$bRFmG zcR#<&4L^9pLq!8(7Y;!|L3*zjfJ}Yb$?&zntOV@<{on6&{$YZN@cfjg%}`m?GE>dR zmiMJ&aoFCZxce$g=kL6uid4Ih!ek@;Pc()N(*%><1w(d@&DCWLiF#U&Q-=NxX$40! z-0>nwe9WlRiZc}csKR9712cI=Nt`M?vGgo<+&Mir&g6Ye``lrK1{(~xAA^(AzNd|t z{y_M~LW*%F%ySt6FnKidYe-EY`3hiU%uJ?~;ZRoUt&@7j)Y5GcmFb>KgC*`O*&%i{ zmp>`xaGRJtN_T|o9o%WCWU%7hB8q^$kya%h(G9$BpcNLblulk55ZYIu;|cz&sN(T#NPYAJM3$wz2pfte!&vU00> z6u%Qf11Zf4CV%C>aY<7F8Kv#n+`5udH`+nv)d1kp)qH?_ayMA_UPy0T zvNE^C7v;|I9YM?Jq>l=y=r82s4WPk#55@Y#;3%Hv;rQH|-t^=v!qqXcrRy$5_>s*WPU)cI!E65(@d{UMM-Ad6Svjod%&G-m zmDI87qr~W;WOFTW6u-^dY5m;GJ%xhlCty7C)uz!4wp0RCC7tsYl0l_9qC(S>yc*V zcobe^W4^84ZvziXTdzy%6J;g$42`C@U!}#J&~1AVr+@G+9{y4#>32v*2hBMjPe;gz zx8m%f1Uz!4QBg&16mD3}iw;(56FgBC-qiwk5Gv$UJmI+meZkg5qP6nH5ew0?hE@2L zZ+uziiNJ-7_shf0wA|@q9GVp$AK%M~DPN6Ve5D(uoq4PM?QW$?y0Aze)TJ~#O@Ax; z&Cns*2Ps=qN9f{dVR^mcibQU*j(1csx#0caoOZy|Cl?rj0_S$#01u_?;w`PXgb*95 zF0AekU#lDi<mP)F@t2CwS3y zDo~9*Eo9*wR5pQ`4F^Jy48s@R!Gh0^$_+hcTI-8L&-+|NliM=mpgy09EOR*(F9X92 zSkr}z9ZyG8?w<2HF6pnum@Vc{rf2P*&p(oqf??2T7j{>im#qL>A!OY3yDyK|cjGno zDm_E&3UVxGK=iybM#n=R9rutS$lnW9=TC`^Db`jN)l8MW?Q#O8G|^gm>S2j{10f&E zR!%Q^#Wbc<#A$naj_6$dp-6g^l%L9$2y-x|3nV7>J~({I$zYYPoV;zk1kWjfvbaS>90*s z0$<}#0+%kWMF#Cr51cTXUlbF{-hEKS%Cbt zv&Q$goO0y^#($w*O@@%)FO>1Muw7{N`<8AGcSEb}NurX%YXQ0I8oVihNqg9;MOB8^ zWUB4PaF;NffzrTtIbp3PX^Sdl)+!$(H;NoneX+9q7iJR4* zE8$)2z$JFyZjUq$m-g*F(S~kI%|>c>>J}6O!T-AXH<)$=EhxyJD0+K}txTY{Ur^9Xit5h_vJ})nNoXhM*0gr~upUMIJ zt>XcHhRyjC!WxJGO!!56(I^R$=_TmQM5ddSDM1I;PG#GbH~{!s znw86-<@r0-8xN@B@*lNsgi=@hM95CVvNO3Hp-z_@?_)G%4`8S;OBbTu);l~o91aj3Zw?JI=?W_D3-Ves zYMKVFnxc;llR(wEfNnn*YGa3fIXWyDarQ(jx(}TkTVKa_zdx%tQOcl%El({0gns-Y z6Q#o5@vfyPd&^?~aT{MUfh+)1b}*G6=IPl80uHxOiOcQOH{o^13S@efvCoW#dAy6Kg?Hv6|}|qJQCn21=NnE zTz#!)OX5A3%$6IhveQD@!yd1+A}GiJ%bhF?08*$3=cwMdbh?lFRtvCl&f$CpIPlHT z$owz_ncVj7M9n>8Je^y}HR0kfhhW+aN{8GzWG9!Bu>5Ap`Rk5UR8$vZ?CTq&$;`7m zhD<*{=76BEXwmY#orQpcB0~C8wt&HpCJg|-(D>dhc>F1cBS?x)Ib43Pl@8fQz*_97 zN`LR4eWL(HfmiKEZqRCVx+`U>ud8l9UqJp_oUuPSt6H5R)L&!v7rggByB1(3?;1l* zaRrz6{B`fYVnF{a_!fKuG^JpXe&)Y`$*g2#0JfRzOfdUj_^4?LsHuxZ%FBoHzl`%= zg%nNzl==TgGrB4(%+opSaw>>a|C>`yf$_aNU7io418}wI;V8dAw!akfS3wkjt75wT zy-53u2m4DtM}Ytp-ugv<`0JB@7rMkYYBKxu!nbh$L&-mB9WBW3+y9TCwF14VkSLXS*?*6?L@Grr41^8rs z!pZ%gtg}RrIo$7Pyq+&VJ^>ibL$tA+YOM7FDQr!#XeUaz);Mv+=!0n%|%oG7&o~#hc zPyj3w@QG;!=y)c-jmqjol=NoA>KCfd_3&7&UUPr#q5h$dTPc9Ucq9{d{g+n${+9so zxEs*>59I+agB1YO0Olhe{r6A)eQ_`L;IH2O^@#qf!14~DUaWUiB7d>Ue|`0<0BeH- z@}ISTfA`a0y(>cb^q(fi(q;$qtFHfJ*a?6j06Zd4mb~FLscvaW3Hq)CJAL=}Z0F62 zY#~NxExA?0rO@h~itMK2idKf3iU*1keAMFt1(5g(`d8Sz3@uAL&pRt2D)Ghtvx(^G zKI1@a2foX!6MI6kTy zu`GiJxcEJhX~@R`0Cc2GE{?dl`D1f=m4cpLuvyIJ-d{@yp3^h9f-7>Bbk|nAmoXLI z=!iC~?>LR$4L71HU(DU1wLQpkELb|PjBE=EIvtn@@ z8n4goCHiEA|a!-V?N+BW`n!U2p>U?>2*Y?Cg zmYWSO%>4r=5Yx>l{rcyKQ(#6vo&w^8!6{CGK4XD0ha_vQp9FC0=y!PTkr#}fiw6QakRHh(HpnAL&*L7%Id{AGN!Rz(2i=j)?yosKO9Ng>U5YA5W z$cU(Mi@fi9$m@)r@My#gqeZ}`PLG;un$kf5;#ELe9SQ*rkcIN-2bU~&w1I!wc@wfJ zngSpMI6+_6(r*H==a#%n>dIm1jBjV-FdbU_;p~VsiQk*@DvG6qT4B0};MpB)VDOM@ z*V8Y?+!n?AYw5lUAXO~|>p;`063W?Bxb+q+l7COy0P95%cW9CHhh z!u&JrChTsIqudX65BMidAzh9P>C_UV35{n6d-a=Z0inqN5TgZ#H@YvAWBQXfmRjjX zZ6z4g^q2^?SZPP*m(a(4g!66$$vqlR=%ym(0e6JEj#ScW=SFBJpuJ^s*M6(BMVX zaf-$o2ns6hGd5d=S^&qbyW9@-r_3N& zvWa2d%2&+d7yz7OO*J)VQ+<5nHSWd}i&8lYY)DAx%53T$`;|fLAKnxXg2k#=LyZnE z*^H$nkaTn~0oO+FF-bKb$U(%`RwW=HfPjSus&`OIbVTF*LQHZH>$kxV^~ElLs)8#P z+Ch$5rRy`0q&{p1DfCoYc*D%n+6=wiRPB#YIqAg$kMHK+^Pl5iXo4C2U{T436<%W# zz#{I(sAX7vt!Z)GH4Jb`-9E|>N+Dt0?Px^p^nWkiS};}M%DlxRBUAb*mv_&~;}uV- z*%T6}X?xPu?bH?e0&X?b0Z)p=!SKl(uzUM{v823Q)6MiD%Ru0OBTp)#ZXbu=8`h~U z-p{UDPG4(^0QAQLAprrzCgb+kj9TDGO}Ok*wiEkUK)!fi2H)Z@@2{Dd893Q+?u@8U zCxH&I@WKLl9yN!Os~bGmFPMw0T;6oP-R=pG4_HO$h0Iu3RugvORg1-FrYF2fTz$8! zR!ouZEe%yR=&Ms)MOI82$UxMdPp)NE5y^~;NV>tXw{OsEX{=xN%VDs{;Ct!t7}Rbw zN!7uIz9HYk4L;r6Nm`^IGuV zoUFS-B{vBXWdlnM3UuWqgXQJ9R+fSF_LlyFmy62Ks$&Z-_Qcd{@wQ>6VXP?DI`GV> z=ZIQmYYZXpYk!ft7R|Rt>)jyz>Q>UpuFd-CjnNQ}*!gT8uihH<4SiBlNH#u{aPV<4 z>~gYfnAK#p;omw&6JeSsgO3QGgiCl(pm-UL&NwEtZ5o(%+OA~sD#lPe00;P0iII>= zi{@bPzj9ELV)(P3xf|FmoYuzY4?Wy#xNN6uqKJ8Bg||-T4sJL*!}v{LQ@0F#+%-{+ z&1biK_7svFR9AcD$}2<1pYj<`;xJ(P0MZXv)O@~C4{Jk2Un$EZ9c;(=N+_Ak0F{jw zf7Q1hlzyBcVw}B@E_a|d>xy738F_p0pvV+FF^qJ{35fs}910Z>A>M;gOS!LKo8V|M zRpq46kPVOOg-lMOUw46ZrQ2hhZ{%fDD&Tdep_*9_xj6FW6L&y1Nf|lV8WOEj@H474 z6uezAIf9+S0I^X@?{p&%HS7bkJ_0Gck`x+9gcJe64c%y@q@yJ;G8-NybwQXN{0XOB zOHc_Y!O)k*lhwx{=;m>JlRh}=il`6EW=4$$`+8>OL6VhTr%Oo#)X_S7NBr;9w$5*B z5)9r2h2zq<>EUkI+D^m8Ng=i7yTy%y{^NCn0BF8*I~68c%f=?g0kU@+Ua?jqKW>>v zH83sTyD!bblPkiaBc_KZkBr)cCBe!S%3o9Kn5t7q**L+#{GdZS7;bzpfReI8|Kxu6 z!`znHR(M8egp8D*KDR>D2yZDOH=$DdY-NsQfuW@$5?7>~7{*#3w)(7HTjFln@)G8B z31b`X(j{3<4Q@|aI`RsvjlG6bkinKMv^E|;jG6okT&_Il_yHCah%Tk_n;w$M!NNqq17;E_Oe`y}-xC}f9!^h|5q;8^iGFqA>})zR1ib(cjnw`3FnCVfRT>y; zCv@1mF896qeUT@d%C{XJX3Rkc7^?YvzN12>4CXD$M%sVjfdACxeJk=UO3*F^CZx?uO48=*(H+g1sBjl^gf59VpOQUH+PBi zsuG#vfg`qN^DgJRF+;1FWklmfcsNEPJnbi#r5X@<)VHhXnK7!=og!FmDl@toT8CG0 zL@W5xe-zL{qo~GQZQJDj7TO(>MhZ`?#EhlRcpzuym0nvjwGxlP$}Cl?4oC4UzZX26 z;uEf7ycj`c-$K6`%6rUU)}y~lpie;pLmK%0PGOO7>d#;WrX7e5SB#wKvl{^_6oq36 zMATz*4tA7Hsa!;eo}@x%+q-qrCQr?>Rg9IdN-F7G*K_;JJtdrvF>+~B2tJVCy(D&z@kq4n^Md(>1 zlCHm@9Bw)+C)n{B1)d(6RZc-wt%F;aMz@-Xi3{%1ZgMK;RXl-5GWC+Hk30Mlfhb_w zcbh_z6>Bx1QNh8GgorrbRbPC(O)*?dmC|GPrngcGz1p_n!lSwc>wO$Ysgt^Jg++w} zR{BoMR9`Yf=8FO>21` z4NQX|%6^Jqz`;eQJ%fM96a*d3b2mX@@2)T}?gp_?p(w0OgaEJ%bk+}o%L{QTYmp+k?Q1tQ! z(Ubme*u-(%owDI^XgeeB&W)|z{p~0QN`l$Zzs>@{3KP(!7-03AlrkHi=guo0nAg$@xe$O_T`<&DhQ& zv4iotW7xkxGg*2$fyF2#*7l%0x0}C2pm^>j~D+ceSlB!?LCMqN^Q?H}sT)y=ak0qPBQLd#B zxD z+6ci|gIs!w(=q?9LFnTIvpjAyaEsuB=ciG!{l7q%KbL1VKzzS>4ox4Zm5AScqOTN4 zgu6Ashk?K)b}C;9RqN5{)^$)&KllTfCDJxO4N;hFh7QzIlWyrgFh)m32|Ya2_)5Xq zxm)hmyK!5f{8lTCWJvRzeeTD@0-4i|1I8-Kr56MYi~~jjRfB<9f%Vrn38uc#}=WEz{!au-jNie_$gqX!1)*9xf z#*D#dS5H?PspTk=!B={kZrzgY+QJ6~SF_4Qq2U#N)?VFitLzElC;!0iJfQdBao@k$ z_@{nRSvZP(#icC1e94Sg{uHeL>MCZ_#w>zaY8 zUpb(ng}xBk4^j9}N-buYW*@5;gV{_=B$8{0{$o;s9wrdW(zZDM>3AtvYrEofuVz5S ze-cWt&5)McOLDHaUHn!XL4`dhtJd6?O7jU_+8`p8r62K}62w*_JtC!2Ug(iP zo{Di10uH!uI>vG=nXedT|k8hcanzFCVZ{)YzOaZ)6D)uR4~6E%Pox&`zcG4NWhNPAW-_ z+1{Vx~Vx(|B81#@4Rjr8sTeR@s^P1|~9wMuqy1ofO|N;jB+sYvDA~DPF-C2Yw6!iH= zrf9Jz?^i2iEw_75KnlBQlwhKI=P4brgrv13s`e>aT-6@DaOt$=a z$fnL?$P2q4>x}q^sycI3!8CdN-TA95dy%ko`|49&r_Zr%W1VPXh2l#93q3#l7ELC6i^V-F092}kT|_4c^8&#siUyu!-pA`tCkDzKWrDO<;fZH5 zK~jGXyM>sRC5$wikeY@G2b_QT*LEGCP(tVH z!s+?Q5_f$7wE9hey*t?qpnvDe1TeWG-j;h5^ui%{XAjyr+b{-Xr^#*Wvu#iDY#v%B zn{Lg~m%P{wqa3GH0J}tcnxWExy{-s+N4hOpllt*J(Gi>8141i5)yHmbZaGdm9AEu! z0k~={Crv+m!Qk6{@IX!#0&zRcTo>+?NI&!jA{JP}H<*v(^U>g0=fs_)J6*r?G_#8> zBN~C%au>(7$tX^!)?d-0UfS7ZXk&+Nbu5pn>$fp6s5gZ>bu`|9V*{dL9QEtJ^*ume9$QH3Nh|?kA&NimNPJ~u2I4NP=z@;T z=~Eav2^Ri%4O%<;6M6YvLl?dRvCqiM6P@jOZiKJyRY-`TK>3j$&0dYmR1^G8K8!&r zfQRtWe4v#SL1c#pk@vkp)A@phU191t?Fw6flPyYUxU4R8U=$(WHlMZvbzRkIjzeVW z9-W_Ew=w^sRoEItpnT$$yqhN9L}`Lf76{)HP5)NvKCEW&eZDnfGLN&+?gP_@hn;4M zWmid(IX-brXW08{TK+4kaz%^zVypUH;IhrT!&r0lM-`18p`a`Z9_oTw*i?7V4Cptrju*17wT*#0vKQ_*1kr=nf;=)<`N?EdTeMDh=mZM1LS%G zb?yjQJMR2*-)$z9DA(A*fdNP0s9?n1${`1tG>qOhl~zrW7!?}%PmXcnVOC0hIl942 zLGrH_>A|)>!Le#@@|&S_Df0|kIQgjlQFfb{_n?mB?~?%koHQJL=(=a`Y?+botpS=_ zlQmW=j(r+eZXFi9McoOL0x3v3VZ;0rdxVPen>+Yk%-SI?HLWdMl6WKpx2QDoCH{lAAT_OX}f{?^0vk zI90b$NKO4-0`;Y^B*PY%yfjYG@>T5m+J^kuCktDbR$0~Pse^6^fy*ujlu)aLoeB%; z#ry6IoG$cf9RH2_FefXiicK{{Z##-a^J_{>3rRxLmqdK~Nnz=&W~-_qM$OQh9Fg-b z7jb-2kMad9s+adxttRGXER7l79Z9Be?HM=&wR%#YVDuR`k&0r(sD!I4TBN))7x|fM zTWi1d00ViB<))_dXFiOYWH8q{ta-f#b6ZMJD)T%#Am4Rb3O3I=qPtHmm{WZv=4-}w z(iI6(zUYmWe}D^7`83`fO-As3)tC-#`@oHiSG>FvAvel=eWF6qX{JMUYf*5fWVHA7 z$fMKvqB;aK2W(HUErwsCB1BE+l_q6MPk@dQ-tS z&Ft2pe`IG0ZIZ6#UeJ4(7gCLBAu#=%svCG@y>Nud__dJ^>=yYCUYjk`#pPCg)mUy~u-yOPXoE~ua2{A;*R?rT#d|X;C;6(So&uS0oD(_VwL^C@q!BT3-+-5(0@xFY%=t~_j!x~*^Ed<4+d=+G; zl)XEvmi4oicd{})bIj|O_#uXg{%#sy_SP;xuIT(TzIO>I;$w$1|DEkd36;6aRUDPu z_o$T*%cMxt#vw}Qf>GehzR^vNUfd;OmGE|L)84UA>LfdM zm-UI2D4&p5p;k290vwUTU8dfGzSgGWMehOy7q&>bzsMSUT0@~#TRV;CBQgluvmA^n zg3Hl>%^UU1JN*sKI9kRg?-nGwqIFjWfhvJT1A@IRytGYAJc`{}WedUjF@?{x$i?2M z2S)Tr@cbF1_-pEN*)uibOq**0t;6o7W5MXtE)THibLlpr2v$|a{I7)CPr6@lgRPFt zO|5J;d$aD7k9>$up9H75blp!`jlS4zBjnQr^2}E?Lnu#J5qwaM|7gi!J{)_0UQ^Mt zXYiU`cJS#_iH`~|T*q#v=(yo`V+S!YjbPll`YX?f3gfg{`(sY%)T2g&@1cF+og6@& zS*dcMtJVwS%`@A<`V#!>K7agHa0S-cS-yToOw#Ay z^9D3=z7Mk6kV1dM2#qKS(=Qcp+N3@>_$YEn5Ffl*{Ghv$#h^tqx)t z%O%DA90oP3j4XNoG~XbfczSe8Ku*p^iK?3-@;R$38{hrgagjXhdwJBH^;&pCzU-4_ zd$4OpPFTEc8W{h#m}73TzKwzLSUDD0pW)|KmdWBp@L7edkyE) z2|F9GQdKTrSy0PQjV7ZrH5BJ#3lU`HQMkQ|H$AwcY3?-W3?f&o_blmrV*-1FyQB1X zmpkgc!aJ3^Qh#bD%jXxG+}^Dle(l7y*B=k(0gA}d*zJC!zsX9y4kuRZK4wcZy=y=8 zROOPRn}=oCb?N5svYSJ6GY@i?(Ch37!?>0R@m8vtWzaM#AkVN{y!C^)TeH=PV7 zt;1gqN>e(LLvn8g$dR|L*N;F5Hh|Cny6puH8>4MZoB+rL}S`rG&a;l^Nq`I16`BSX};~ z$nLZ$O(@>0<#B|!rCJQcEon6Mws#JwoCwvf3JRFz&SWm| zZzqYOG!@=5yfPMQ5`(WRc{bg3w8HJ#k7|h}f+Xl`E-IAlWp_tX-xbp`8(5@!UyMz< z!UTSv9TSSZ7~Rf>r6RzuDMT#2F4+-Dn#(bbyb{i{Zm zuOWIGmS=JJ!P{2B5{XyGa?;!283E*N5jPsw9BI&6R&!t#Wha`i5Yb`T-j;gG4=yjuZYoF3Gvx@skmg%PuP@r^Mrv*=WU5L9 z5-y2LfuskqpyPHwPXNy@&8RcNNfp&&FgfOgrqqJ9-KP0f7hd z^LLOP-)HSG7mO%{MYRJb|p`rhX7$}3Zi+Q zq2Z`UAFbHfk0^F2C=`^UaWYF2S8~AL9}N-#@5?p5>=(�W08AFO+eY7}R$07_iqs zb%cc%=fF4er}yhgBoE27S0a*5G>znFQ%7|D*vQQhs#(ICKQe|k-p}}W`3%nBG(+Lx zu?KU;?hS5cmqQyx2P6R%QFJ@QhEP8~%6z0trx}15GG)g-c>y>)>J$^G`$+(#3dLXK zSfZL)12StSjvm=lk+fU$Yhd3cVw1i zEW@^iU3;1gjPWRY&WORTq}2!W4;WTC4k4;)DIspn3U6*SncTR^uKhoj!O4iX+{o9; zmm$OM1L5Vz`81yhnqi&`RP&Nqrm8FXdw3UN>+nXbxoDMJhg4EC279KT`-hZAdle0GM-o^(nGcF-m)c>-x zils_3Ru#NZ+MN_4IqlzcU-79)3nqN&VY8K^P9Z#{OqgHSg-FTZD+0Ilvq?KmMP__X zwCLJsG9uacAIGpIlM?wo%NMd;|J8i!EJR-)N8)-{eE>FH=uaQsiP{ zfx?EvMXrr?{c278k2yRY@Jl>I=U8pr#tY}Fq{I7K-*a0eHe0AKRhgf`VANh+B-s(s zHMWPXCSWOTz%ig!9&dlfIq7SP_&uo#dqvj;TpQ$lQd}TM%RL=WX1n-ocI^Veqi9LB zn@D3@#T3V^yrmmZsFZTtxAPjSt^S4UnjG;W^xSkbnXaQ*wAqoaS~q_@t#JVzbn_D7 zDkZjaSxkp3VQY!weT}pS8{S)1IIsG${gV z@#r0So!uaW!h%R0ml#=aZOK!f+AK=o(Z)g-!I`yq2^G{srC)7GW{LzJ>ZBavY&b*iejkYAs=;Q;Cleh4T}^rp%jj2q?3~^4+`7PS#lJTUq=L&N zerGTpuwOlrW4NGcAyWG$azmfnCTey=TNz^#XJyr(uG&Yw5vS;rSuS?HzVgE6R6^Cp z%V-elja7kJ4UCxk`~@10@_;P;@w6rlt(gRp3xgQNB-{N^& zM3Sn(l73*cUpzufBLV|bX1KX~x8t}vc)8MB z%r<>8PB?vcQ#>TaDSO4pq(&h;QOd-;d}5x2T0G*Bs&ZeG^VXCyRPK90q8m)3j(K40 zq0TY=DbeHI?{iK2ksf#kBBwBB1lhryhgw5Zya|JJwdS`NsG!HhGX?DVM#8mW48N+h zL2@d%M=Vfqn~n8L3lMIj4yUlvx?Im7@XDhpZ)D}8kSQh4^s`}% z71cq#J=+YwxR^aka0j}b3elt%;ng{v=WFrUDJ*6Hc) zT^9MwdisQs6J)NptF2fmc3)AvH%#}PlS}<#nu*kf^!?eDzha`q*m|($!;(X`80Za{{7QO7Mq$P!`5W@FT@nm39$`tJ}PtrAG-ZSMx}HGugC!E&$HRu$s1UvTbU!kfT9m%t}12pZU|$3!w(_mU2j;Ge8S zF3O3g>uB-AN;Q>gW3Kv&Y9G$f-6kjWKkmD7ILI}59Ree;0tNk8*qGQAKxx5uU2x~J zJ4>S|Jt)v#>E04V>LlJ4Ic;C_`sl`+0J6Hpe)J)+B`5~&5z?86jZBO{8|FdQd^EwL ziwqS)r5wwz9WN8I2a&^WE8z3J*>pi*>==4gB?#|o&fa05MAOzQHuz=Z<~a9upN;)` z=ysKJ?)A$1`E~J2cC(cqkip0k{j!q8^WGE=E--&jw|%3@zBdkix8>y4BGKR8Vzmgn zQ5V)?*%B_C>JSXjzMmG$syIf%rPj7wK~;E6bvBg5LFy;3`-IU)eltN(2NLkroFk4f zKp##%CaDQDz@yoXQfR%xlRg=?YcI}**1x-EMeBMb^r)p!1tX7f>qNr_YPIwsNQa+FM4=B?L%Oa%bP2)7SUWEKK)y_rJx(%)axVl?;}5>rG6bwPxP3{j6~*5|BU)2sg79(Ju=L0N61xP;j)&5!+1w#me(pI?{6J@tbnI{9fBf>Vj%<*jVI+IDt@fdZ7fSnPqXbK9 z`UnlyrW5;%^P^2Q;irKK3b35k((N1H&%IXM=9+v*XJ|KwjSr51-?wcFy-I#{y(H4fTp`4RREz! z_DJnQ#SZ=E&MH6iE+rsDeKHuKMh^*U1p+v>z=-hpSrIV~S*906rvp(sWdC240J7j> z$o?_tfySbf|2HWXt?B}BC~5hb0Nx#fFDzQa;W28(VlYMlaP|K(2>yV!wSDi6T=Dzt z3zycs`V4&0x%pWb?5JmbimDsVvgZo7Y>%?zb7RqImcV3qwYRusGX}B)KPxZnm z?S1+~;>5}u4a?S_6J7vpOOwmxRxoc=w6g86I#VLq1S^Kwe%F=!-|dm@Qt|O@dkD4t zGs&T~xo@dTGRR+b1ONQ?4fM5Z4V3BPK{SRB%gkrcrt01^9{7r$s6@7vLy27H+6!{NRumxl| zgjV_b^xJ6sy(1%sRry;{py{WjP!GNQhmf-fySh@rpj3Vzn7=v>Xb^!W zpl>~>JO6O(zeESP?mNPFv$AcfKaIFciq`gYi4}0rXZJ(1{qBgA6{8|KJ}PS9<@O*q zKL9(&D(SuA_+3vJihuYbL0(|y|4ApD;P;XIQMTA7EoaT`xIBr;2ud^x&vQEsWg_5j zL2neG>P9rC-c4Qi{n0@IiJytR#W3Rah z3H5xUx=wyqIKvI_$+p$On5*y~eZd$2mVYOfa@Kmz2euk?!SxA9dRQ}sXI>WqenRMX zS?S9D^duJ-4YXrjV zW_!~_|9g{u69_QC0inGMD*X?$L5Ktx?dE}<&VRHH6p*%)_8pAMe;6$R&QG(N-0om+ z_vy99SM;9)!Dh6Wi*>P|qbXaQWhxrP`jiac;J$zssch+CkCx$a^=Z_t28Gt&JvBf} z)A;{*s`(RVVW(MwGpe|=t4nwKJFi&_Uq59ExMoK5sleQCbmR$3rpE;QSU3=*0jK9Ef*XL zOw_6G!+0w9?1=AGi$V;}rM}*KF3qwz`sU>$)57b$s_DJVwC9aHT;2UB5IDF=OH3c z?cD(;5_7tOBf9UkKTv@o-+s(0#5_)*MHhrNW77Q=%_|1WcxCMU=18MsZHKFrNv{3j z8gW}4YvIkQVS^Pg0hQ8X{V{g9D<+BggIGkj>=>i>xl^i=C#oMc!(=+(^rOgz6~hRR z@R=UE)^klsrKa!#W(%`z+F&Q04%|e!3Duf!==%_mco7O$JGR^+RPF6;^69VZ&37Q6(4Hv!Oru|qQbf~eAY2Of;*Mde{hWug}beo0c`{z?Z!27+Zu)_3RZz>~iFOL0psh$J#(m_s>`me83Ftc7xGgiyN zQ&VH62N*@>j6zCxf?Sbwz{opggE=ySVZm}&8A%*a{%C5E7`Zqm0b`5H$5qvJD5=h@ zx&&t&9|wUvWZ+tW-Y@G2Tulg44yTM&DSK3{y9&CLy(1_W^?G5)A9e8zxcFUKJ~ zA|J;k7h74$SBnZYmCCMO@OuKSYnf*>}3mrnTsoVWUy>r3A zW;(erjVJbk!+6Icc_qNsBU+Z>qUH*I;g{S(5OQsA%u*_z`fGDtI>xOZkDUJZQAl{$ zUjOt*(!QIxF2`lP&ML0pt1+YbE_S;(Kb#$rqxyCfN7a&|#^*%SqFVTOyt+Gv+_Rr{ z>>fz19J;Vzbqpb0Evm&<`_!K|6vG9kTwPBA?u%0TM3U8;rbI_H!@PR*U1wvJnaTD>tXb&qLA@7o~>;xRtH-K<+g0MJ2bwf<7g%6Wi0pBSW9{ z->De#G$NVVZ834GS6jVQUV@wLLmpC$$jo~k#x{f%*V^GXsIH^-o-Ep_JTlQp-Jk9( zziA3_mXKa#r947^q|s%l?blYg zA12+!s`E)J5S#4{cAtmGD`tsTwZWLM&Oq9UW%hKCnmaH);3)Y<|E6~ag{04gd$C_E z=$_{iUNxy;1w2EGVMK|vru~xPPW27f5f(rAc)P<}#6(tf+JoltuJLO^)+CA4iX?2O zD{4F`TE3d;=l2=wE@&CViy|pQ?lsl+dL?_j)QP>!)7RXV&PvC26~kIA3fCDYmJ5NQ z?OS@0X+EUX*U=cXq5|daAeCp!5s#0?`8-oEu}?G!wBw@sl3AGr0%ve6XKsjd#;vu7 zWu70fl=n-|O0pS*+cE zsbU~m^*@YC>I;tZj;JIbd|D7C{;WnvmC$Mq>O8CZy^4uUhIR4s!@E#0~?NKA&A*w2D#LVeMDvN^bcf)t-#$SAm&O*Ry65Z z%5HAYIR(K-_;WmeKjm{Ra;`$^5S-@9PuN5ELksTt@nnMCtbv_D$~a(oxSlO5l0UdoN8#5 z^ya3wZPUR9Z_QAuRHQ0JHs|a$_08ub3Fj;^P_i$lC}*xkFMUI$i_{_;V}-0qxwSx~ zoZqs{r3!2v>buGOD%72G`HUNkHvox=nO%&=?q##%vmv?`g)c-N#m1@|gO@nO?cAzp z$w8D#nlcLsZk3&{nJ1tS5j>PZ*H}I{XP{g;KY8QFrG5fQPI~%kvoR8Xa}t6z<95~` zeyA@z#8Wh&|MePKC?~63$2a(u*W`tO3uFJYg|0NAn=`}+Q z9M0w$u4E@G8^~;;*u5J4u&14$=L^);>S`Ud1bU+T?2%GTSeA3`*h92v-psyrcQ$JA zh%qDj(|5}x+0%;4nQ;HX<>-`6Y~A~%KxhyW1}BGe|I)rUe&?{zk4Tn_D4JXHk{H*}0rh!IV{&s*#^X4LER?QJBm&Ln1{6%dKPGwdqOIk*$1DIs{GHwrIeSo-$i97h} z&8Mxjmx*Qd82=tm+9TpScdst+Lfqi%ixxa};!3BD{zX6|43vS`6qWU-gY*qaAGF=& z&Pkb}_f~jNjMsKeNb?)iM%w(W!Ezy!)sh(=c4jSUyIZu%OL!cTl8DYY>}($Jl++7X zK5xA;V|th?7uQ^-IBx6^=5MC+9orxlg)!c?o2s1w!iQ2M$DanDP+DZ`J?Pl*75G`t z{K4&_BD^qksZA9z?z#@ zR(_UubpDC^Xy-{LO5}6l$l)W4!5akmt~Uka#wKNZ9Q_rXShm3YOt>>Yic$&Z?^8e@ zV1GISZG$hHhHu2uB~*$=1^f)}0%!CFVoXHhlQMfXRl_?c(jo&?^Q95Qx$QRk<0&o` zIg!UMUTwa4&`82eWelm6kd)P1_O+qx<_}J;`Xy$36Rh9QFB{%-b%1?(S9e#} z?ymh+)&4=H!1c*V${|Jj)+z0Bt(jIc?$F-HAulXpLn5tbDZG@@;?Lh7t7eQ68X*cZ z71C|=3oq6xF{YM2%ABBL(y7(vaB-mQO*Eb5%N%~ktZ?XO9u`+1m}EfHel25C(Kt1x zFz6bbL?Q+UyswM^fl=+fzqmA;kWds|UQr9cPf-5x!Zj1GKAzONiVG9clk(j}#4$y4 zx-Mm-(41W8b*0&`u*e{#F8+2AZeAgq<5p>@k0pZmO3h4z8(vH~6s`v68zfs1VrX%^ zWzX>zDv+exRZQGe2s6=8(uqaioWCMv{f5(+3z9?nSU}CH8+_HbmgDx|L$Y;qrcCcYrC~D`Tw}3TsF9 zxY5SKOJxHIQj@&Hox3PZ8BeJN2i^F7GvJ1%2hrI$VWSY~?+5)=xMy24S!s0K^80zRGA^IG*r9<*e zXCpo0x!mriuoEwcOgdF$5ygGlv;H3d;F7|<5#0y<#TK`VsJNQ^c~HfxuClHBFS6Y< zqkBoFXFqD)Q4=^Nr?qYCdoAl!Cceib5tA)@akXE9&h$o|rjxya2#yI`QhKa~diWf* zyMk4Jjt3hoFP5u%T*Ol8Au^{Z=!uBS6Ge@U6{RA(Ns68M2cG9258(5PSphG?%f85= z4h8;jyv-bpHW_Oh>m#C+R)DmUM(2@_@2*yQVBY?82fzZ=^(wz=W>(GX_jZ!B_Z9EA zevA9wyFRL~Q>{Ec@?=yR;6Uy!i+OooB0VlCMV-`6O{w5NW?IG-WZ|s$W{}i7l&^R# zh&I@7`VJ(l8+OF`di^|{=1N9j$);Vhgjp<;%F*-E$N>FCdv{FGKAE)ip8KWp{ga7A z9mTdY*ve-JkgS7m-=)>J9*cHpExGfefd1j4?AFv)0bgyI_#{q^7hs0PAXO+})$$OX z(LW+Fx9=!gEBtjco0d|Oc4P5|kP}gnjX!aO${owAS^uo_ZJG=bdMc|wHqR9+k28Ft0F;3>DcNb9}B=$yAX$`VZCy_!S?BYT0xnl@zj8XBG04BQI;nlC4FTj>qwPh>HANt$Gdrl0#LaxX09yaXAE9OrgpBAD&& z`g00xHa_>(+YAGaKYFEEO=@5A2SlAjVimtQ8a{Hr@5$SG(D-;gt0eE8D2=AOR!LIh zSd(2_2=r7Jt2+x*h%fQx<^$dct2$q!#}mE;m+5k(q;SUOOY}rNps2Z2cepb@hqrGj z!oUq(^P`s_j&byFeOna5@ks@={Ysz~}3KAEM2 z*n6pBCvaj(C@ek%j5V8|v3;HQSm#fMLl@3qk=L7evo8^=0hQyzkTB#l(<$~r`_l!(7J8F6Je&Jy}>zsj@cWMKbvt*|Db*G(i-Cf9IXlG zZ@;ikRoCDH_Gj7~()H_Mq55Lg+|q=CVI%1ACYtb0Ve1?Tcg_-rx+qx1vKtSL#&x=l zs>}7FiDX)4eZvP|1kLQoc*dG^6ijD9+_t{umpMU#jo8L^sHt-e_UzBRMz1cUCzUR& zcq-iVf8JYy*O$YCQwl*8a;Fap7e~}YJMNuPT{y3~^e`SmeY#k5%;F7iB2bFzdPdel#Q1|EL=Q$V_Da_@vcrmDP#7Ee!AUk+0}16v39?X zdxvlWVR+ZM8Sco_r@_{8#M!-Aj!^(t9lOUnsN}43+jTQzroLg;`Ud@UTd8g<-MCV0fcf27?DGt5B|ypFcJa5Zc4!su0_+$OF_v8r z9>b1$JU^u|pcW^a%C@Pw^_0*RBT&YBAO{ukG3IdjNVY~e;+R=l9BC53iPz)x&fUGh zylE(vF3=>eCivmId3-!&ZGvMPDa+89B>EB$L5HaKp@3vUdOwc$E<1(_Pr96``>?EZ z!Md=~tK<;(=z?{0CJwvGyz7D232WS#dHaEIJ)rmb)`;~Wazvu;$?1zJ`s z&BU0J4K##O)3I1#OQ#rNYs#wIQG~8zOui`H`N;JIeyB9&ZFCU!CjDS7XN?%AH{d># z+hVEHuCGXopH|QfBtx|ZcilTO^1TQ-Bj&F)wy{cVc%&6|Q6^Kfn5Ulm@p>AH_hj0u zv6vMt5A!zd`5vL|(!W|t%DPke@92u`ji1RRuaPe`H@nYjcIh|URhvFv!*0B6P{c51 z4E>GYZ{Ce5%>!oJjBeI}Q2JT`E_=>KbfYWMa)`^i2Ja=3Gpz0I~#F+Vd!DA zi%7TY;HLi_$okYv`|$OSi0$k?sQ$;5)(r)$hY!Sawoy?{7U@9w2!aQEX<2(f)$I z{Kzi{W@Hb{25wA1QQW|#TUdhe;;%sLZ+cpNhH~;l88ng(DY7#T@><`YZI7msGQagt zO7d0(`p!1_Sb{A@=o(+jz&cHkCawnsTyt(#Y$|h{t2)4$ECbbjl1={cfx9i*`NW|l z1zkEJt=23Lk<=fMTARfJgczmt#@&8_bwr? zt5sim6x5?U()|ToJji;(LnZsXv!JL{7Q*7{!`I_^J_(c->An6!^gjR)eO}~`lyvA+ z-lwsV&>K+uS%~Qg#~%2i5A13e_)0q;xLJ3kc8m_O*<%bzFCB6ZnlKubESm7SFe3&$ zNX?DdNlpBpZqy5K(86si3SWWr6@16=c@*VF|Nc7J6BvY)RsupfP*AO@NGSGX?_RP) zD%Z9D9>C^{eel6_y^A3r>gCx7p9tJr(aQu~0k}6XnJ$sIF%bt3vq zxy<}ZH08=AfialEq%rlb1P!EQnUn`UD#5AV(8p+DHRDk)yCiP!*!--(#1{MFoXbYY z25a>1FD?OtMnfwBV%gy%{Yfshv>^A=*24TtM=9%BS=ie@uk{0R@WT^50t? zPwTH75trR)yP*%EW>siKMV$=vo0*wcll9KMn(W4~(|zYFP-u?4PkX4w@e8%jra+Fm zeaSG!t!TYXs_JgA4wQ@IPcxm@Aa)d?@%ItTeQ$+VyZz(IQB_&zif&D2c6=4zM(6oo zgncB0;HgQUDs_EYbw$`TYr~rJ8X0BN#UXt0PBh*2$n9$~GI9jUL)YxqzH8e^=8k46 zLu&pv%GX3;)8L-&2*V%PW`7X(13!uToth7q5zVnG8C7Y&0rwdlp3pE$9m$_w=}@p0 z_e_5g_akJ$;eX`<*e`YPG(jILaUmAx#icvXv2u5uZ7n%GUUf~Lm9vdSEmgx#Il^K6 z3&QU&h|{b-tkP`7+urUW$<-CFHd6X}H#Ah;wR*{36r+-DXs@#N2Zz7*Cx?&7$YQrQ z5jJH%cyzfoI)f)@J8&>v|F&cLVv&Hs%ilZo(((O?UjyY7w83M5<7Yp zdSwV|IdYQPXj|B9jUA^*3D2u^V2~3u$Q4EYF#lBvcwlBoIjfU&m(K1kK&aDQNz`3) zb*p;RapGH<=qa>3R)*f<*S9r{HTMS21Yif8)q5PO%j|OD&NZ%m+YTo;)1b@#Qi^i= zfwd@$u(8MIPo05+`V_Jm6?{xhT+M0J z7hZON;G#^aXlfFjPJI^E) zsJt+QZ2_-PL!8629eRE_uYPZDYBv~7CW9ec&5oVhjFm!kY`iluwcri1q{Sy-7^$5# z8}8F`8p0lt8rzjs2v%BJS|kmvrlvNraN-C8o5a5zPf9VSkPKGNd_VgLbumuoNT}Ip zufvgRf`>%~T`6szh^c<`>|+@|sz;VmY=M{LYlwHIx8}$drjn|h8`DvPCTJTo@pVf1 z6(jL-)__X=C0Lm{GqZ_@J^Z9=RSz%I}%CIdghtkDJ~lr0n?EF z@<_bVKpbwWHbaB1$i{Qtzn`!h7Qmj@-up+3Xn;GY zLPbU8!x1mY)KOvUZwfM+&Js14PLgRnDO`J9i9(E~e3OP5STCZ^9$WDipp;8BWMI>$ zST6*cQVdDK%#Tt|32?p9LnL$=D_nZDoo1x0HRC6;%CA?|POHRL1zQvBQ< z$d%a6AMFkNZm6LzTOKQ<6#E{JL8;eE@IlvWk{xrlLpGfRg2` zd(T|%G*$ZbNB4D+F@DopQj%=~r8~WnjQd;DpG=^YkT}-feL}Pw`_6 z5TlWka22g|?mV(cb#O~xC(oR z@SCJt0MaU#%0pm;R^euh%niQ(e6ESJNG_xtXDS)QD4o;wHd?XO<3T}`d1#nxlyh+6ZRNTK z`Z=s_1pDH)f!OUOO|(Hkqv9w%wL6I2n#)vyPlkMIxOV<~`AsuTonXH1i$B%Za)-66 zI*PAj^FhPQ9}}Y7(9cDQ9F!D_O&EgvNlZb~0`Fd;OOc7TEILOQ^-pV|YfKDOPvX z7i=j|>P|t+m{nzId=oZDrfK*5$pP45Hy2Lms zGSbd`@&YNxXi_ZlW6OX$jH)uf#nKjbaA^DEb{@3@*y`uS9?Mtg;pXa0n7BD`Q$ft< zEjE_~TX~&QrKY=E%A^7#Th&^*6=2!gMN=ho9*C#A@S8@okqS7wW+m(Cwz!evj3Tho z$Il=(c&(52TT`a!3Lhc4mp+y~9rkAJ4*9o|4a%4pIg5ji2`m;_G?k>X<4MN{bCi8< z>^CVIjD3<$59lQXTeVC0e&HLquGkExw-i+0j80HG$D4@vSoUcz1L8k`_(0dAHn|xF zxNY-=jE7}Gl21KxEi64E{bl=3?hlTYmW$tp#jX5c19o3!PS2T>F;0}+fTcvi?iYd? z-$qs}_3|lZuX;ksUyU0KJi%~`kolNRlkY))EF?4o@n}UM*03462|R0HUt5WLx5d2`RhM(YMIVkykP!YTj_hNdMu~dbKt+ zhWh;zr}x86O@^Hkc$}*VX>jxC*HJ+}9Y797&U8R|$(^ok+bb32_CPen8d?C8P7yZM z5ME^a-9)D7yPk$;2o{fU%ef`Rc-uGRe&hCKSKR(u1i-5k!xOeSIcx`9lL?WX)5Y>flKUu!s!z_+G3 zAs-z7R<;ddm8upAiz=#YzX9#ZAKQwB9k{ z6JB@Ku)T;VyLBBH7AE+W%!_n_&;AugTE33hj7=^~!BMggsu~fSiyq84NL@Mnm})E5Y)ubz8F$dm)obu}%SM)sN7$PDdE! zH&~WyShJQVN-ejSwG*{IpIi+6a21p`D=WdRqu5Wmc1GEkt^ok!0MNl3fJcnI7Po zxCFim-I*|iDAjYsAWnE(q&gR%E1wy*24OpWEaWD#knwt-bC47op1_{B(sM>9e84na zxH1utKL;BU(v=tz?x+uGS5P@Zz?K%2xnc<(5YDy)qm1daa1bD%AG+gj7Qz};0k!Zv z59SJl-k(HryCClCE?Pw|(uZc|jU4JX`vjm8|+ZZ-eq)96%jb+&3_Qxq)Vp5^3U@WkY|oy{atF1mh|KLeAmJ z`Ie=IeN@qSF1j5vWG6%PG`>;^+7KOZzV8|S{+n&d=-`DqziFUJ+SI&jNqMF3>99>9TPHXuTRQ`v06 z(P^}BD%=uft$_ZFDR|!oQU7-@j`lrtMMV9EN0G)nZ8S#l8&0O(1K_-wb!l*+rT#cT`h5HihStXQe<%XY%F6m#=55b#x@v{mK*jdkM)fcMUk5D! zlsCutf`j&3Sm(c{L3{hB{5Ivd;=kno*FXN0fi@HXqGR`=2MGS2l;ST82BQ%GEQkFg zZsc!P8b%LbRs1h{bteA$#=mF%=e>l=07x;>-D2hTKkxjj2i+U-%B(ON7w0FgtRw!pq8V)!57ES~iMQC9IZ{$WP`HIkkHIGULtbog%|`rjtX z6L=N4{#j6BwYcH$%K4jD!I!cF%W?zC#^b+EB_Li3aECmvF2(;o6e#bNf707vjXeK# zrr&`v0^si{-i<%G{NMJsKL;Oh_YU<2@8$IWs%W0TSb&){&aguLAFX!*6!rhdL;T06 z{?zq<#6!?nJzVO$T~7$#-)}_#xN$!~l#;(bJ-~SE-?&Jmup&CHxwG_z<6P0%y4w?|2m#aJr9-@K)d7e5;XxX`dp`@tO!jBI=HWECh{p##U0r}uvwr^k z+1EZ2kVk%NGFN>6^t6wR(=q-_B(pX;R%lCWo+)kkWcbA+p3 zXm@W}mzfqk8xllHKWjK5L$k6cpD#u+csfakr#;is%WYcdhHcm#cBYxGKc<%vZQd@? zU6hH^_Vfmi&z>i>ylN)}TX@}?XChEWsDdA(< z$J|GOY)Su;l@(8>59esq&<-ySmh`9rlMu$I85fv4E`SJbfZw3wUk%(9O9+6}Q+U0CeLnF*{54+scPbqe>H|>>V`fxtP+@A=k7p1%9^aZO$+@6kmMZ!WLjq7EQ z5<^(lb@ptjq&sCaKZ)fE zpKeX53^B(*b9GH>v^Y&Hyd^PWbn!CM-K4bT*QH!j?{ER0i8VDfPRv)yznP>4ATS}3 z^^w3((#fb}#YMYe^~eY&+^_dT1_sa%`eUe;UT&=ZB?f{0(i({DdJvHLQ`gfFK>{c07?>}Dp zXhxtr)@vVibsk8U((GYGSG{vJgLWJB3t{>0IZez+K{2>cpG>O49JxojLw`b$ZLVL+$m9ZnIYs4hE)@ZWo)s2JAmxM zqK`^8=8dnG`^w;eV}UE1Pp<*>1YoQi$+ACyR}HGJ?_ot*C&*vRZx=STRn4>$2_fO8 z7@vLeWz(fm5Z3H!%q}n6!zIIFzlvV4X zQ``odMLM`INPk%^iqNG+* zFel(g3#ha7n6Qo6x%OvAQ;^%|C#@ET0<=jT&S)*m4z9u}og_LCkJLx|9*AMm6nZ=D zIRII`V9^h{g|s~uWdgG>;iL^wr{>T_BK0HV3~6VQXb(TFBR}1ZBx!WP`UwQOQdg@g zzW}IR9p22Z*I~6*`a32iTF!kAZ2mE~s$a$Yy+?hwfSJfx-)3lZ)`D)V?bu`dZMLn} z`;kc86{CU`pH`;wOeNs&q+BqfciN9cB*U~XOl@gY>{{{lq71LI;iG6Rbx(@NWu?N^ zhnpM_psKexRZ~d(rmu@D!J13d^AAa5T*TmLs#UD;R}A0X2R9XI^*dL+x;cs}-Sdsu z5517oQ|~sF<+YPyy@rLS2v&kepJwHPiqv{DOuDb`?TY9n{4}o%6E2p;a(ZF=q(x!y z+=t(bS2r&lJcy5WB-c0EnZVVswEAt`2wNYIY&o56F*{Z$rozGT^J$dc)QDBYjhim=$s{6pvW61Z;gd3DJ=f%)zC#CLd{im#W zE)a4U2ezCfO98}n?Bgr#--GsewY@r>)ZyG}_?GDpjv@k=R}@oE)Amt)SzWWhYirBQ z@4g)^je9(r4r^J+iV;D4E+aq6VH4)4d)bmxSWrNOViQC^EJYoSXtaX}P648J&UVei zeww8cOr)^Nlma~5z?0_rSf$arYtE!PEMyorTg&( zt(LG@Lmy=%(p0_8$B&O4>d0czFE=FjwYi1_F$0B<;6Sfdfj7MwEI=uT0&-^7@YIjI z4k#pEk!(rPb`*#&E`*Oy0&M;*8{k5zHz{8VK2|JxnjuXOp1CQYO{m;b797o}GO3<3 zb6sJk(p3BiK{A7#dZ*jkfPQ3pZhWl6$zT9akJbzvcW8$Ik~mPxvx03g_6>kFKl`X@ zJ>A%DjK&1?q@8voCtS7So}2_+z%LYYNw=-ZHZ3N}Qo5HY(xRGm0tm7}=W9muqdB%B z59u6NZkcuJgnFZA7_5k;WsmQTJ!`2x zP4sI?PJR#yi>+_!xtB*7I%l zI}Xa})fqvv&XFxQAB*fzZ%k0humnal%&6Yr8{)`^v#Zj3`gi(~SumFi5ijp}D2Feg znu4Oy?JaYDc)r~g=J$GV$y1xGA_hLA*=&)`32{b3Fstzz><_1S;O+D8J44I=3ln*E_U#?cOgrgi^^Uwh8mwij9Zito+E;}%dgFSRA&OzL z<-MEaooL+OAs@hwUfUPyUWouRGk>GwsohojQ#1FD)<;j0a{G~KC0F)UbRwj<*Y{&z z^9a<)SdY0jdzB#xrWLZ}y%A^5HHkW*-hIW$WY>RPGku z6PbKD0p#qWM^)JL6Eq&x`yps^o$+#awt1uMpfinpwUbwwcA^vC86CCP+z39C=B$TT z=kc~A5+0r94tISWSdESlBEg&JDl)#JgncPTzm3J8rpdKNs_5k$*j zM+9j1nDx5+a-p+f+uAAkYJKYpNIcQDy(}r!h)PU2c#prx#+0i@K+$&4cd(U)U?d+? zTiTIhmFtq-VJ580?LoJg{vuhjOKnJKSo|VJ$jGsNJ$KJW=A_Vm-k`HjGqFG=a=q1Y zPsc6)Go(2`<4$c$0}i=O^jC zaN1$YrOe(sVpCNQa!{ww-|!W0DxZWv&EA|N8BTj=6X~Hz>E)Wh=CiF0x#%`QYW8;O z){c3PKQ0Xcku0X^!o*athx!|?!gQ0z*TbRn=QeU(nS@SEPF>nExT~ChZ2P@d!Gt8j z>W}zFbF)uB#yDwd3pTlaHm_Po6a*0~eX7(Ar`#veFAWJrqd7ipZHmyTRt#!NWH}a& zqS)V+z^4SauQ>G#lyA&uR%lyXS4CiI`;?`rHL15Cm!6SaBZ(e%zs8$o0Xm2>p?`vK&mXYtoU^1Bwa{AT<$nJpIkA9Y>z@Y z>>NSSIm$=X>`15}p4#3!wu2D{1c>V!!nVI)h$2;{M;iI;k*$Hr7L^c`M60SbyePAc zZWqlg)DIwDwYVuL;=1;Ne>_nzh!${aoS@o8*B$60Rc1YA%yj_W@Vq&;t6BDIDb2_r zGu_`Rp%;2vjHX0#mcQo+R&>;{|A^&ALDBY5)znyw7z=Tyok_7zvV($&95BrW9YyoF zf938_CI-1}Ob|egc+=|!zsnZBZ+O-o_+AfRH&d{LbK$JR@&7V zGD`E?Mh$RM!*B*BA~{Ffc=A52$j;uus4M-^yR0ZCNlF0yRz=`c8Z|sQk`SFygtle7 zq6U8=_jpggy|Dn3TlZaAj;^4)ivQ#OgoY~;Hyu3N14j{w#pNIYgO4ou+(uPJwMYe z=;ArfcMv6n(4G{gqu8n-(!=#LcE#LHs^3nP0M|mOofjgKlc`WzK~QWuCHKR_z=%6i z-vI+Hi(w;%wJcvfNuD5;fb zIpiVn+`Xt{a@T+)smcZi{12OnS!^40cHsLyL)FPguAYPIsfD)W)z=5>-0TyiYGpWi zyd$@3MxYtTPPXw#$J5E_-qjpTdx+rW$5{DWS~KA*s5bU2+n-=NG;h0shPyq)loj1 zKNe-ed1yv6M z@BQTr_{&kI-2;6;ON8A@~zxc}BhEDvJ4t^L{7x>S~hqnJkB zhskoqi&BhAV1b$f3V){ParBV=z^%~HA(^Dhe(h0~kjhz%fyea0MrG(`VAvgPw~^su z#&_Pc)7OjKM^0gES>Vo95$vku_VL@fC}4Q)6HPU*EK>G00_|=rR!A=>KQae>yu!O( z^r#p-wMUrYm)<%m;=}WNA^}bX9J3^$va{Mk3w6^C?!L7zdLUi7J@SW$YKHRbF>PaL zRih4#WWCkoNIbtCr^0F|DmJ}&V3EBi%Si}M6PwT-$l*u`7i4^i6&0V9NV1#O8klZ8 zNXRvSi`CQmVv|7ig`OUlgsQ}@VuE9T_%q|GSkf?k%ruGstON=lpUj(Ss_pISQHzZy z2;O=9i`kuv`)qaFQN`HmnDeY!H3{*?s22;N#;5oD6NJp40<8{C4Pp_z1GPRFy=cEZ zO$q3})L@vViP2$?LGQ6%klQU*-J^U^f7rTbd=n;UE7n^mP)Ec(PB?BRw^nIL4OAdt)r&i=B?a1B*4?$4 z(Lwbcww7?56Su;WnkG0QqXAW2Ids=C?#1D|MtoCE)nw;tW|I zV!ks@lblk?C8T+IuiXmcC%1dbglg8J>V$aE##C*kvB#}xF;Oja% zYZ=c6yfmDDs}~d*qOLV@gnK2dRe>6c&>s4t^nr@|F=A}Ho zfdaOmmn8KV#hf2G<-=!rQ4D09Q`or2f&M}f9Yrn8vXRx8lwVYRHLB@`D1;!+RSWT3+7HYn@Tj5zMxt)HwQn^JPpQljV! zv|a9kk-$FwM$H$&D0{4H;>`0#Kxd8RPe(os8m&7eJ5;p6UeqeG05Q<*hV*F-X*hlv2pt6kbv`u(^_@$sat! zeCgIGL{mh(9-|H`nJ;X?SEXL*`8gJzFP~t~y);=Q?pH1O-%{u!0uNG_M;LAMhdDIm zb*<+GXrfq%RDCi0EDW?bX)QnN?kyY!Hhf6V_Rf7%m`E`tKOA*EyS=Q}Z6h-q|KR|` zcF*|hwDQL|rc@2wBAgHu7wRxEGs0%_BNNeP)7DYY^k~gB=`)EwK={XVhOEdy` z<^_3b3t}C!sH1i3`ay~rYEqDjm|%DPXT6_F_0Uvd(-z3@Z6|S^7=@^bW2rlnNX^46 zg5=RQS-LHS$E;k-M}d#U@VAUIOhdVqDdl~+wl&=d#>R=q<6!|+B4Pfs9JP~B2A!lz zn(?}Au8B;p3UAx1l8SoPNvJsNI9rV=erQ6?JECu?q4nrIVG1ir(SFA?`MTeo5nuXd zI*D$4EIS1tbwqyDNj$03%znnEp8dRZHFgK%BXjHoW2MqpLT=CFFIfy5QR906UD0vU zhuO7Jo`DV?E?P@4@FgT7f-6u*bLAQH-Y;t`15xF?vsGmE;!|2$Qjv7^h+0h051;%6 zm*)d3=%_DtVkKdF??h;TD%*EAx`pi4M-YW_)TG*K@E)AWN-#}XsFj9Fc8b`YcHgw| zI9!pHsF9L5o5%L^BgtSaRcGUrIjeyM>PKoclPjMQUURWMy>k4p>1->m!iXr~zs)cT zvAD|NU2+%C3uS+3o*C*eS!3M#&$7jBd>OTt1smdOzMFksebbZ6H@ZpsdIji<$a?5s zwJlOAOLxkE&4s&3COggBpREGsOBFbvrrtiXrgYub`a6y`T-3ACAu*<&?zq-{kXMJ3 zxZiWG(#!vn4jMWY6|ej9rG27FWoQPT3nENVXjkJ3MaFhx(hViHx$O4r4aX*x+&28= zbJM2aTw7}8v4_=Xlo)Bkx^G(T(mEYXBm!S_1|OF`u|PG?%_bf7i5$qfOGDjsOvnBZ z>YS8lX~^sd43T-*D8C7#ClGnD$*|2%E>UoPE|6SVB)U1%vnqe1cNk;3;@)X%O!Ape zuuwtpS;R^QxqvuZ`JNAmQp#JKQvoap*nOU!<PY`z6{)ADp7~ zO!OGpF0manaGLspbyC6BAl5?#$el66(liV?wOhEajVK^ofioDR5$r5*Bcn z<{Ni0hesz%6KKP*L6&ks1)>=Bf@Q^>+{0Qt@Eq`L5e&%X<-@&GlPe6SJ~fZ2lbt5V zeI5Am#cN_}t&h%7vjp*I;e_0?R9fR*)AhI}XjI#AYTv~>CdL|nVA{tAzukLGgQ9}v^_d4PFNNBPy%xF^wqeuPv)>Sp_^ zBP?(MbI4^{Sz7CTw5Sq23iv<+D_Y-91C!9+yWXY?TVE|WpT>-@ z+IP$^%Zx@IapO47z-qvWMpDKCW9O#|sMiWD3n?nnQVaiFOlkFOgm}B-5w^@(+)?p$ zndbv|@EJ~1pEQd9wnRw<8u^H1@3|L${&oO@>80?&Mfd!bJzkZqz87uDvk~^=5$lW9 zkY<+v?NZaG+BYo!aLT?CSr(!KNo<_AQ;y|?Yfy0e+O_eHOb&bLeRd4!@7c7fp+OG= zl6;G0dmZyc z@253e#qc#09_1}dOOB8jammbYgi;7`r!EyXCahxUjj58L?z~89xs1R-u}EIE!u93c zSjagd%(CB|zk%bVYI&0@t%I-j&-=Pe?#OCy>m=wHe;J{3Wz#KBcDsRC2YuFDlCQ5a zS3abrBRcTJz)jhRj*BAa=e!_-oIgZl0;QGCJfL4U{GP!tvqlC>SuCoSA7d#cF1%|p z%)^FGau(i4o>|X$&ybEt@&P3nUak#$1}7P^H`~%&XvwgTh)J2@7UhGu3I?t{ly$-C z&8Tos%obI)**7$_5f+nhY{pC}|N163yeA$`Y-?lW>-Nr?ZT$w}Kei4%cwRo zFe%bj|BnRJdTAkJo)obgc^}3Lfpr4Klfpww(*su|PD(6hKfq4%4W66kTfumHq_Tl;m3`GO%0ftt zbc+ZRj#X3)5cjcnj5Lx&03=$j-IdV2n`t^@$Hrkm5q*Ri2FQ^Ra%Wfdadg-aC^|YWk{*-kjzLZ+UMP@zt>2tWhEH|77yI=@ z^^+*AP>!4Di1AhAz8H_SvS?B*48FO#XM&ZX77q?{wpSMc^lS@u2`yv2u4@8 z=^Lj~8oPhjCPSQk;WLP}y$UP;(FD9S(@l*=<9M;kzWysTvP4%IoFk8t1t^OU{!T;e z`KxyY@56ptLQf^<41o~mN2aQxGNX$$aT z^_8{1x?CAYcfS8!gm;imA{_y9PFEEWRKJ%h{JZtz7V-3F!N)-<`n^E-zb_eoh8#bi zeeRFs`iFx2>(_HWV8)h*^$eL@12JB+Le-LDEiV(U;dlQO=jQ{sBUZ#SnNlMtdz706 z&THNDe7xba+ZR+%vCkReyjzR{h5x?suY#F>{2cM&Ef(K2!Yh&!|E=KJzeM<{uiT)l zGc^yPs7xP!uZs4si;RRojR2lIA3;UYzYfv=I94aY17WQujj71W|Bu^v8GQEiuQy;+ zQHcEyf5xviGae8!HcJ2B5aSuE=qQoF5R1b5=6{WdNQdEjUteD*L3EcEXD}kae{7=u z{i`Q6VCc-8Y5%vTX%Papw#u|}|DmS;YGfYC$X*nuPBipCkCOkohB4+H*D97+^=AoAF9V77pP8vQ0`O%N6=yKrkq>}zA+lY6^>&w%Ki;$2|Qu$>XX+%;I)>UogYqQmcwbIc1Teho;-K5DimwBinCsi1sb!kYNoTE#@E_=TK78nkpU(UAr|zuB zcwSVuPMMK>|7GtwVug9j_8gw?t*fI-mCLmZq@fQUNLoMrdHi6c268@&z0*FpAvyao zNlSV*aj7-p^XJ^Tr2=%@&E2;E|JT4oBSog6`uX|oGUu}R-B#sGR(_{(yETla80h;s z8yP{61FmT<^ZhfNmcFSgdiqJ%>~UIFm#b8Bt1)+n`};;$TnpGIa^Qce7b7@eVPN@C z=>HOxQ5~36I*rjX2LS`a=v2VixX>Aw#hm7Yb1hG@xnUve&u=;L@;1L23!ZGLHPx4m zo>r!?11)L!efAc8IvRipa(fp_(rFCjXlYm zmdFDW4d@}eKepcEasbIw|CGGewb&t+zP6%e&^T}M=;VB(JMzv9&=6lL{V$!v3VAo@ zWJ*;P^UGB*P6er;ppbA=R#a5ApjfWz;4c;p7<*o5Vgi=ts5>KPqq}3Yc}a&~Yd6F1 zr#<$AA#VQlFkQz5zVwsA+u7M!MHC_bHHliJ87tYfu61+R8N7e>1?gvBK)>t$5X?UO5*?>O6$)yfuMn$$D#v@i*sZ4 z-aOu3?iyYnk4#H5>hf0|Po_*!d;ap8tb>5=UnoWJ6%>|~2vaK+#(JtK7fx2y$dwAJ z{$;CL_}0&P;=@VoWkxdXveAzBE({~X*DgaVYYF`AZh;Hv8C)NT5|%$?dNFN56+ zC7r-62?T z2<{f#-QC??776a|a7*O(J*&F=|E{1Yc57>PUe9Zp?$7koV(-oL26*jFlhj0u9AVB$ zVMn033VNszGqL4o%JP%2ItB#u#9u-Oj*GG1a_U-vqlfL;2O#M<1Mdsq$k0d2*R(@L zv^*9V=gh*+Fc%HYe0U21eiVj=-icNbovfBTWkcWa5kJzeg;rJNd_*x^j=KnAMTn|| zgqjKEcXQ(m2@O5pNwL;j@9;GNw0XAvs`zK?S=d2G`_7yU`oUYSo``>$*0CA?WTp+o zN!(hUq$>f+;Q7vHVS=ZwTYrVG{N#xF0gx(VRu176+~JCNP# zXK_=mH!(mhGejx4gAdJ+?v!s$0Jaq#rO!?f1$3a@*^E`Yh^htj*uK8D`1R{^st`W` zsKK5l#;EN+`h$seu=@HzAm~l!N$-Ff8XBs!y0NBvJ($j;B?|prJKFC)qLI%D_3hgW zRW96Lm|%F6a~Lov2Zbsvha_lRYxr8`#9w!wY_x(?S%;%8h16j^pX&Djv*uq{!X!19 zN*I1QKwqpSVtv7Sa}U0pNEO=31DY$PI^Nz6$RA+4mv<8{A6|(r+aVfDjRq|OqQ-~~ zSX*kZt#iw3e+d|(pZoYYLQzYKSEk0*1;#=ss``Veaf2M6cFxYCyaRIPUDV|*-$F6y z4|-qEBfWJ7qKLi+2TxAV_%uJ3Cg;!TCjK*9aXyjd=SmUM_9C2^t5UXG6)dzU>h<3K zk-Ya{1eSo1k(yjg4CAVe)Mh;$cmRHH%y?L@FZmuv;hh9H0E=^@nJHUTOjsD%SH8!r?6?-zS!CUOB@g z27ZZuy#U@+>dc>CNeLYq8X7mG?ct!fpsa4J(|N!U^sgDL!3CAxxcO?WCR#_+@nqp> zRR~o*6|e6grL3L=0szU9RT8Iu1EhkPQD&NL(Ill@eZvQOMlLk-pWY*?BWLEsX= zQ%k9liht&hs|F#Hd69v)FPT+XYynta3=(oisckJ5je&Q}j)V@5mdd4}y<)oCZxdPy zrc|a84BVPD(%b@D!*32mlh9oz{o94m`uZ#b7U_*4BA*|5F!P8BUAF~cFC5DK&t6m- z>~O(l>#XYJk|Rc&@w;;v5A2@%D|F9s1~Al9oFhCjV*;;{R!e)zXt7k{>hN8=498HF zLb|3Hq_pdi^m7a~OCx9&VPbZ}J|j4T$>Q|{I-07y>efZ+Pr!zTba$itU^KI-8K#UQ z<6#WlV?llng|6q)%mWUhT=2L^as zeLe0GpP44+*vc386>bC4K5hpBt6-bfoC8^HBi&haMzRu1iYK>=?me;)rRO`iHQDi= zKFbV{)ukM%q1OBQI~{Rinjc=mbLRUW3rYkZ_aGQ-_uvZdO$q8+UegOM868-A-~-ta z8X!o55PCCl$|iN68>}H-9@a!GmTT3I=!(eHuhJN-P_2p#apse!Ki}EyV%!~7b9+?s z5r|%c2Q)>$XD~28KEd&bQB;=ZEeHC)aOw4FS-xHhJ#kEDQE6$ocv|&9GRgP`>OStj z?$cxrY$Yk2PQRb(eDFak=efcbQ?b7=JL@?n%HP4{%bc+%5v=uj;E3IMc2tsKl2;=& zHUa`n_mZtpG`XebT({md<>$Eg%sC|LAK@Mnm}?pf&Jn*#x(2XJ)udC*O}*&87>7>B z`iJq23lmT_)EZCM$?Xupnb1i?#OPlEP7^j zl(92);rdYx9yz9xg^90tED@bh+vU+mM&J7?72<5R@O8O}UcFW^@Xf!GgE*?iu;mW& zN{2R+5#|S(eHe2R-u#8N(CW(Mj|J?9nehw`-gZk0s}QTCq7~P~v}06cIvD{g<*p0N z75Y&L`wv&RFLPdU=#0Q5KAsVNV!p-$JUe?lRrY>dxO^e?Ph0T`N*`u0Fcm3Pnnl+% zkm-eb^1NhAH1`Cc)Casm$nw-uTa4oUTXm`Jl}khlHt6 zq&6QAU@^w6%%W7y?*kW6A*@8>u^<3Jzc=M=# zaxB3&#Ydgq5dk`S;f+`y|AUE+LP z>&Rx5LM8h8Up3*02F%BEbpq{W&boRQ(CAPZodJpJeY-splC)e!4-t8ONz*-JEqK zgi)JMrE|!BvS4d+5wvcN{SJLTI|b~G%VQ75Blzgir4^Yd> zFZiLQ({7dCtabR95fCk`rOL;2-N4J@^nDKjud~$`?zR%cpVUB9qScB$&V3n1(W@Hx zH>OKQ^KIhWU>CR@LO7mvCJQ+0o8lQeSgH$`Og@t<&aKbuaUBrD%9E1460)(;EV1f{ zs7H+~sUWqG%79v)9eP6K(IaOnii8sS(W{}9*api*@w0o?LQP@niwA>35|z0j(h@Vi zB$KhO&J?lvkQOeAc_rn|NBbsT%{g5A9S)sRt2Qv5t0L|&rI=V7mn#Mut;C>>>QeB& zP3A7)eV3V1>HY^12{>Li>e=taAcwqagmbM5KZGaf8z}nd7HFRC14(+#JciTSkw4t# zCBsG6<%X*WEn@$`1cu5creH_;tc@Yf$Mu|X@~Bq{(^$Riqfz^zm5j#ZZPiLLo+tE} z6(>lTJ4{JL&WknZ45Ee_(gmFn*X7h7HqQ_88XM#*`39w4*AE%otO8X+bV?X*R9hr? zQTS$X#S$aMwwvYSERdGqn5UKW2WkVeMzx=?4KJ_Faw1D+5eidww#d2gngE>Wq3Hwt zzvgSj>#|LPgiADUNr`E~_g}T0cS%&9o@GWxDkeCZ^bv;A8_<%mWT`O`IY5`|!Y8up zlwV~qnH=eyEWK17q2RaUFploTyZVSk`{K)^`w^iug28IqA(WMkrHF}%N1Ed}hwT%{ zm*tixH_OUS3>YK-h3&yU)-tTMuGtv$u-ByMIw49<>^wd>WMky`W?d-fA>otKlI7jC zdGBzT!lhwJ6(l%|2d*6 zOqsk?sk=-Q0v?TA{?K*@cFaU~`=FMMy1lcBMpwE9KNu#%fuYINwQC%qdxwU>0j14H zy`6@!3QrKu_>k}i)Nj>;^37B~d(zMs2g4ohcx|Z%#3YL(6}7ssFDItQG2Gfh_D3#g5_xb?9B+I4W)5LVKJ zG+txjBcVL7r;+38?*xKJ+%QL7aPaX*-;IUD<^tt68(Hm!wy# zOzm(^-My&{W$wfLet^5anD_hxxVC4jZY5nIYVUiYrF~j2d7G|aE4MnZBhn1h zu?D8_3>fV@*pJ?=uz!08jZe?3n+|pQ)-Ord#juetht)u>Vo5VNhY=Kg{@wzz`ee|SzDc?sbZFIpb>~peaVlDQ=Nea# zxk^A^6b|=YkYX_%g_2D?J1k3&G`s1;!k&qGodl&jRB5hd5o5eXU^ zA6{QQz$5hZ2Cw6m3>~4PsEF!3&Jmu%-}Va^DE-n!%)VI$J;&hu!G#2C>?s=D&=OR=V*yO~Pp@FOF_e{RX8>N?r|eGJU(J^ObQ5&^^N^G(HSS`PfG)G|`4 zj+Dgc^T8Mafdq9i)R({qiN9Nsbl$B%pBeO0#JR1)PF42;Q-7&KE;LC#B zcTb%W1U=rPVR=9atp;nI3wSnJTV+`gpCvaw6ow!Nrswa-K}I|BG;`zC7G4hOAf`ek z=yk4tOl}b)x>0MT;z#x?*wYj~&g%~;Od4@{Gc(^w=j7wM;C`jMA-m9TWP)>OPIes!E(2T94Hs9D2SEX1HuFa;e*FVN7 zj;d}S2|#Q%SZr&xGh0z@OM?^NO)29%6<$W*AT10t^;aFrdA=gV|j781uozIeAhhH{|S2! zJEwVe2vy6u%vWN$7Xmd$M+b*2NZ@x)C(Nfff#>mRuGCzWuC|utRt4dlm~xnF4zjxe z!#gru|K;7V@L-OMmoEBCn?u3qtyr;AcG;BHVdzjfgg}{rdANERAKsTRMPEzHE7MZ! zzLKV;IVWU=M~W)-!50pvi7%CHhQ|$QFXPziIqE&-XOG4|&O!?gC+1EDcjN}@?~Z0Q z<8RWg3bj0)zWIuiP9Q@KJf?BiJVtn~sAfdsaRm;>P^9Dsat=Gk#YaW?s8$;#Ro50i z-Q21_x|AwBYqIt^{M#D~f|lWjr^tOUmJZn3g?dO&`iKf%qv`m(QSu~NGR{UW(MNU@ z#6;Aungb_Wtfb|0aVfX=fxan_S`h+jJLrr)G$pI?%T!mmn5#ntN)C>k>sfIgW7A@B z#;c$1O3k>!rg5C55|A`pY-ynC#Uy>pCIg6UM$=TDepX#}mMK?mUMe(fpJ0wVJe_=$ zah1C$slt*uJ#2H&-SNL*?&$6xa>cnEcj8&UL{^~~p^6~v zE4b%^$3sSZ|7J5&jo-KcJVlRwURj*R<)heq(XCBAB6YXjflqf`#%-kvzG4Ux1iNd= ziE94?apkamL?Mz^RrPMUOihc{99~bqNml^Ythik3moR6{Tavzm17x;ZFkWuU5e|pe zWSTln+dVSX7a)w8`}%OCXFwnV~oXW47E^ z) zlPX?exi1Dt_Es9JFZ#E6foWyCSCHg z|6w`($xPEP&04m9=1Q=&iqez`Jm6rm54a!cZVk-AestkKR4?d*qM;5gRfxdqrMJbAjt3Zxj1~{!Xw!4 zB{@56&arsV9SOE9dD)M#3P7)|w9%|n8$~``;jpP>`qa2(X`r@qlI(t5qT%^?B!xb0 zMxemd#Dw_)99(ay#`IyePcu`y-3yb`ppk4v=24McSLCM&VV;HefU~eGZxqg*Ok2g9+f3;0bUdSG0i`?vnt%9+1lS z0cD}HdrDXL+Gh(Z(h}xOdn#ixBoG`oc393`6XBH!EoB;7^{Y-eCkZ7eOTcxZW*CReEJHP?CMmBzhArGOk_?+jJYeiD`!WHvd5Z#m=~1R-GFd z_n}}9-dI0Ry451LnA)oeUCsXn|pm3FB* zrfGs|$*qt=pS}A=-5~wSU_`I?g%)1c%+9goXunmeT+Ha4A~2D?#i0BoD0^I1Y$7eU zglvmAYpFHMY<8qCck4>r*Ja!NKc-*ZKIFXAq9Mq*zk6SHOnMR-bY5Okdk3Ib)UDTf ziD`ErE_EfRu+00()wS`z~W~bJ#rqqnLS1u#tQ?MoXV%o8w`7v7E$Wif(2#hk$ zGX<@*a4{`&eM+>$3_zI<6Ukx7;?=jJr(->6iu#-X%nw|KW~zqCqj|<-BYPdp`k z6A5|BP<-yh3m4KGQN=4yyn11TH1wF_=?J#hk9P>NO)$PJ@4WMp3nA%IHGXm<+|H4b zl6MN7ZKek$I;MH|Ex>q@0w)2gwR^^b#3H1-BrYYI$&CU0Y8GAV&=-E}&UGOV*eKQ8 zkCAx$y@gClkg)PY@L-jAb^Jz-B@80Ui4>*m@>J6ihhf^Lqlfp_ zBY6w$k_qsDLK%qXiRi(dxl=i+=ab5DXY5-9mWLq1n)7)FJ10ez?`i_Iv2atd*7I{R0G*X~6YBUU zD^iVXr-=aok^WY7!(qg7ru>nEV`f^aQh{=YITlxbs!G2v4+qC1j;X6DiD*PmIQv?` zGwY!;M=vl>=PI8u?u$x%_>U^|-QmxiC9`FL_-yG=QYb7g4mFm_VXTTXDvK#9SSF&P z@)0z3SmoQIm=s^6hMm%8$lc z64HCPPL7|tgjf-3oA!@QQyinI8smXb-|S3gQxmrDF;|Xyq)jC!;qQ%80iQ2@+g+E2 zY8&Fv<1Zj)V%RoR;WWfTtEuIATu}1K7iI2IKfFN{+}}UP{8onc@gjyBK75zaN6Zn&Ldqobn3!)|9i)tFzu4Bq;|(Ch+> zX?^zNJiAq|7<3vwEzX0*=<&A4GgD(3eAe;jml>}sxim(9i+UZ~i}0tYnR%DW`uY0$s)byy7&UQEG-`~B;bf|dJ*Zfq9H&>Sk`(ph;OF* zXg++%Kn^Sj+Sg@W5aoLFPSS#raPV79ZNH}Q2h80l){$sF>hhTB>M1205!s( zARsFwjbstjkH8TonBE8vroQObw%BKRXlZgN6rsyMFQ!GxxvA&KgQ zl#&uRwE|t*@hxzbs5c=cLxIdrOBI#$;wX5|POG%en^~HhCT~cuRlEKbxDP$bI(r;_ zB)sGAQX#U59jJhSz$ed#nnulg!QB%wId_m5EyxrNRkq(LdTIWS7kp!a+dAlj)>&Sf ztUZFVa;j@ChKcerM7Si zE*K7QU(m1#Wpc}UytKg2{hXDf-yiYG?$>u!JlFA^evldjkEip5Mnxe;Iz-WjaleJ&K41r;9nb9tV58$Y=5rR-Pu1d5E<&PqOjlq znOxSCtnBPRnvxLe^AuiGQZmw#>HPU~z&#ZY<3Az|A7o#Zh9}Gq$onaC)YcTXo?@3f z$Nq7iHn~80>R1BH^o@l1hZFq||740o+1Lk=_m2KX(*AcJDMJNLMU#?b)a&m8{aL2} z?k@`^5VlH2WykrW3IFPbe}h@z%Z4w&6JbudVJwg0e|`F&tNPF1iJxz5@0S&eKPKvb zoyWSw8+91RG<8JrS44mH@W1B4AM=J%irZHIi=zMMdH7NX0F_L6NUS>JKVSUMzWsSe z`i%5TDG_v7m9@% zw6tfqC)X&KG43zX3M>fN0Q)08opmD=6cw3uDJ`P@=f>9H09&fF3_V$GCShT@8ro-Z zck6xAnrvj4Iztk^En>x4y%IJ_^$GFiva|zt?;H5G*7lWJHAB)FuYO=R)AC zTl=6XVsdA=0VG&k@g;marXOSntvAcw=$n1MvW_7U`e{Q z4jR*$CdQ2GT&RXYK-HjvUb&c4k_>wNu?a2#K2O`V6%`XSk}pd|Jg{a848PuIJ@3Z_ zQUbxgf3_t#(Z?fC9^tVec{jYG+W2Dl#TcQX3B7 z5eg@c{c6iUCM|=+=Hi$5r3f@IUNTyhkdz!fY%q048Z3U^w@=Fy{Eu;22LU<07oj#I zn4fBObi9Gh%>~Z;{)ucHh-eA$#yB1=OsY#Oz(Z-Uy_s0HD~mr!UIzx$KoGC%K(FUE zr}Y7SHIrtzxo*{9CYARaWEDHPAPIqUz1IA2$ z09-nDkg{{9Mp2*RKN-F|RNs&g=xSa?MMbt|tNYj=U;h=1frF|Mf;1+@d4R_R-AK)W zHV@Ki>H>{&a~F8(>YsboMwXxVY%r&#WyMoq=f8IbE@?hDuz5T&uB{-@q`u_jKr9~R zy|MitL5%u!05{qxLD@4u{v&)fL=axT+RRP^c7_|74ehzOH0hxw;IKN z8F&_Q;D=esHHX@8!5SL7wll}r{zk*;K6Ml2U%$Sgx2wBcLLdIT{WcUo5n+buuZ@Eu z)a#FT&$ocBhr{yn+LER82MxmvtztrS!nd;^_||ZEG?nObxrQ8>ff8nn*9casVMIbF z{m(*yI%9#LfMbmQG3WlkWZ-mMWccX>kGcUuL9dm#2)uWg`0i%{Gy|OLuI(DJS9RPN zqcgOPI}GuBH-z}^M~sv69~O*NQJSonRFeN*Tr#CEFxqT6>w*~=8?(ye$y_3xXaMtA z*ebA^5O?|$94m97VShWi zIv+;%*FC(e80)g=o=S5g0;(cO(9vZ64>!jT=!Uf(8MO%eVKSPW+4^$ok?xOMudTj8 zyPi691nkGGBaO`o{f;R`Ig zxMy(t`~mtm)cj^iJ`?ir-~q!@m&;LhMw@m18f(CdU167#cn1a4UD-w{H$i&_H(Eft z9&@kWN&$q;tEb;2$-=Y*9QAE?8Mh|?%_A41DCSynfoZFzHtZeA0LE<9WU#)mpC1x% z_&!p(b3Amu6yh)@eEe0bzUS_fP9A4~uT|}eOr&SEI!5wiy=DPoV7*$=-gXMrdXSTr z<M6$VfQr09P^DIAhE{T8#)(zm%@Wk}k|5837aM#5hsAilb88nsDq8K*R}v)Dk<* zLOd&vpgCSR(vt|dt?+qnB01T#a)mrSlF9bz53J8=J{L&lPSBr8eeK+GZn)7ipOrYL zYU6}_(Q8E?4xzPTHJg$;L}rR-3$R@t zOfBu}^>=34&@Weag!usD`By!#rq*^r%%IzLa_iBgQ}KO60C+%MPKOs}-0w4= z0n+AlXBYNF4rNV7Ogy64n=w3=r1d) zrE~?hoi9<_-X_S#i9T@YM?v~{k2&& za*@6PLPSbE;P`NdNCNA7%M5@dUs&Aar1MAlSsUA}5>4AGD!$Vw9@h15-wq(QL7%m9 zYPo_5>6i$XjA}f>5~d0{_0lJDdiqIPQ~%9aXWr7h zJ)9A+P)P{9CNRp8v+6eG>B`WCmvhcjbFfn! zk5H+$y1)^Gh^OI4!c~3V*+=7%m}b0oJ^h6UR^IkjPtXn-T-3QXS~ucrde@kDo1Y=2 zsYu$>SMKHpNVRcnm!6s|1JrYpPt&M#0tjGnP?283DgO*D8!)iMa1xyLD zh6U9-li58^OFDV`14v%LIVJDC0R->rBOG)b2m{p1EiVg*c()#RjH)Z_GV@fWl_&Yd ztSu~a*1R<1cN`{6C}%jqhFP`3@bKcw_Yu0?o9t2ab$ur`mnu>?Na5I>jE~kS(bq3Q z0}2js%%61!3JfY6MY)^i^x#Ul>mW{z+rn>;d9CvbRC=zCO>b3;g~{AD&hz`S%|jm~ z9iP540~y1Pc>W+9@U2MdF=E>xJM%vIpJf1Ffmfb^y!GF>a6D*@rFwvsAAVn=0215% zj@YQF$NeOrV*7OY?A*#RxAA5V-4)Mk&HEkr(f83K{HX7A2EO9CMa&LVNX%& zJo<$;n;+R53Ul~0+T9k0^#1MKlDT|k`QlD(G8&EppR&vrnKmlh4T6{LMo5A7l0Vcv z4PlQN8wN!gSe)p6_>$a+@17T8S|kHYENZ8u`zwqke@i1dBXnkQlZA|EYn*u$oZ|7@ zXKe!_u4Sg{=^2i}&a=E7(TK3_dK~Yd&x;|7Vi+nRPb&^1==qekbaOw$WLRryb2O!3{_P9ebRL~^Wu*`n z&}~`rvX^_mKPFJ|za?MOQ)n;x2r*6I3KfrTQ8f}>mGgLB$<1Eg?GuEtanD%)sZ2LZ zrknd7ZZ3D^bDwbtniPt<6DmRZYs{y4oz3j|^A1|PTHNJgD%mQ+!DeKwe=%r6+`WsDP$UarBKe&g>Zc zs{G2<7t@3^mEx1!u6F^3laoTp1|J+8{JqvxiY0-SpcH!N}A$711*!b3SrQPvEUx5gFmWWE?hj>czCFXIK>VvNDH(Ma@V_~6kbS*SMkx@2} z9+E-}Wm{qTk!rpIs&ykUMcs2!pyVs%r?6x>^pF7a4Brd&w=9l+rR1ci(?67AulkqS zLIn%Xt8i(;RGM^!%J5P5+o3N2p=CWr!xO=C>WMES5;8S0B(6QgjFeD=)A?I&6e9Y$ z`fvDFjSgr%4~w`(N+zE61|NW$iz(EAZ`-{fO-ZUb{RMe^31_wG8pV8sjL?gp&w&{% z#e8MCJzq(oU29u8T#v^H$|1C7029%adcC@~I;wGAiLbVZrq%n>3@1mu9pwE)dB!Kp zSjz4LRRrDRv4`paSH;?lTpRgkye2~fxZ$JLO~;|zEW=ObXrp<{nKUlT(IxCa6O(`ZIw z-5Ptm-U}rHwq-MQqV_?cb9hbmETwVc7E*OP<^z3NdAHXM09M*)hjATugj^ z5c6OtZI{naCsOEgXyM)!xPoPy$ly%$!-z5Bms(*Va4j^KKU)XAV#I*zsEBodMd65Z zpIg6yqNWLuQm8oh6V=3N#?Fdd+{Z?!3_WZibDohyrx6 zIGV*19bXLdd-_I*9o*kFwnDN)|+ORWxS-%X`u&dvb3l*&)Hs3Zo@#bFm4 zIoZ{%?28#jkJhb>yKG`?_C=+7o093*hzrJ3RJ$pyo-h{6E4xa&OM#yeN?JPR@SC$( zeY> zKc(Z4c+os8)*?!V9rVk(*Kge_U>qKoc-nJ`&^C_mUrC!|j5sz2pLTtgh3{nzDIsY0 zK&Un>liwsM7^$JS18YqomNx2@Bsx7|!+_vz&>C|HlPU`_?@#!54|urQ@m z&+aV9vAbe!Y`J_h@}*fg|e2aE!tio zDjF!9Y2z*@M>am;$i(2V1AWZu0X;cNDeb^Clqub`LKS+oyq~#u9fNN6Sv*^nr1t3G zgrR?7j?OCzknAqgF89%OFX`$(Et>v{ zQgNYKxe>6cpkVSV&BaxLf}2OLNzbEt?7?tj>T-HDHCG4q@S#{lL22!Z3N;!Ui@Go)2ru=<=3Jyf*bLAQk_KVOm#|i^Xs)o* z!#?pON7BQmP3b!#B%WOf&!=$TUE_W;h#{{9qRzGThPO}Uis-A>ExhC-?!A3`Ml1)% zatNg4qWglwG8vQIJN(=Dm5qM0RaD5xJ3PBO4%MX-6^W)R(-9)qEH|DKND0DcuRe=F^pLF=e{=BYy>-oq6ce=g z06wQIDtl0?;Pb`?e;ro72dQjMrz1rdcV;Qmf;#7$R<}ooJe(O6gEz~Ob!0^@&H9oL z1I2-g!b=2cQR$r~(=<$q4D3l#<`v)=f1>2cHBTYwSLF(0@SC!+=k1MeNy4#Q>%CJc=l$7oIJ}uRSX|&Q55%YmAyhct}5|cuTUKsW~d^? zB`EH<_bER`A#__TB6L4ER~lO8JD+l$hy=~ISGgUS!U!*;>HSH{`haE=s9|N*zUkkrv#1cza-`a`xPywwQ~7 zju1C}1pU}$3R3TL4$Q0UX=e;&NUj-Aj26ag916b$VQrH^R6Z83E;Q%Ad-Sfk3kG&d zfWM&O)#*@P+rT9gT@4w~={Gpd{XU9KyrL#;ng6`h7zgIiq9#v95Y!`s#3*w`yO>t$ zX#k?&>|mAUodyjHF5Zz31*~!-0V~@KhXp){Lk;Nh2>whOhkjWF`rMpaOv5!H*O{-S zh}e`Nsu(BbhVbOy!n?Da@@$~J z5pjUMI1^D&@XdY?(7T-nY;ew#B=f^Cf0ieAIpp|DaiswF|aZ;0hpksh{{%$zJHG89Li)IWl7O|lD90^ z{ji8f+f;cm9eZx`0xR@)DjA>Gmc9NYy&H>bD`@h4@3S=N&Mp-U15Q9{VC=3}{{0EE zA19WA@k-pKjMml_W0AG>e7c6?*QbFoT9rl`w8i^e$C5%c<%d1HlG-Y`R`4t#ooBdsc9i;?Ndf;5nYVk6Lri)KH@dL8KWy)$tlZMaVn_5BI`tjb; zE$HdVuV)VCp$&#V5h@RnXW4K)EU|ehCzLm-&yXVlYgco}g(qk7!A0vDx1@cEOIf<> z7fW}FbPOsQPS6@pbI7y&a<*rF-9kOFbP{?=T$RT2)A9oOokIyVJ`xUvff~CE{~B~y zizg5A50Q=dLm`{1VU3@~WpR4YS6vhjj}DOqxKJ9DU^PMQOJ!EB3*6jh2+3CFm`P}& z6$(jaZsuWweP?;R@z8^8uINN*48R8a4f;n~Pu6|fXKL|PHc21P;ubXBsy-1UHY3aS zh+-cPP3+U3U%h8`e4m)USjrB5)rLRs0Lh=i)@kC$GvFf29K&%lF4BKF<}gF14qAIw z6>U6k?0t?$@4drW8hkVXx5|AtTOv5J8{R-Jx4TR4mW#i0u8eZjUAt$Yoof5Hh}y6M z_RBeiTSGH#pTd|-QK@KcdrX2OZ;-9Vacu-pNPKc~@X?o&bfN{SMyy-CQyajNchu>h z;*K*7W?m#~mXZc4KYcF#prX5Hsv1Opdp=~f=<_3Lj%ps5 zCWgx~^O9h`4f=85 zIZm(ZfzxP~D~yJ+oJ}|*x>f=}+bx)rs`=8b?CiOPW3D6~tEHI?e%Gt@sn&Y&$J3`s zZz2p(aj`Bu6goR7!R*3#?(IgH6t^x`S+V((+6W=G3)`{ZQg6rF zZ%&kTdWF}5tJ&AzK3gDykwV(R=a=XxmX#&*n3JpNvJueqc+%|I z>{otJ!6(U4+V2@BS`!l;!HK+ceHYHx?47$WQwmtG$^R4B&Lrl)0cB4~|dPnV#iP%ZyFqQ~d zng+$vzDB9`5k^v}1;HrBiEGxO*VXwinb*T@Ii~kWNMg(KCB#1b&`>NEQ}hH-fz?vY z{n};YWDj%SuDHXww!S=HPAOk$^R=;B^o=Xys};)nwKz6k8<{wPXr7NtUZ(|UJ3uxi zDYqU!WU}s|b8{~lFD~cW8dH{X*)gDU52xhGYrQn+y}m5B3Aism;#t2&P?oa-#AqN1 ze~arkEa-VXn@;#}ds?n;-8wtXXdsfA4|P=mIHSHEaekd-Th6W7Q}@QWDJx0s3eH1F z{Y4P`5U8c*EY@obcj7hA+DA{USsz}z^fWi8bQry>Rj_9tJ!f(YQL4IJVgQF{io?_* z;k{y$Z{?U=nK>Fw@iFVdaeWQEN4d>UL$@r zzk7MjoSh!Nu9K2!FG4#3`h=Rx@aG{@h4@n3>hYq4W-=iP@3pH6Ph$1?wJT=t%wn@< zYmq5|okubcrE$SDdy(kb#t~c7Pgmk9O#t#(R3{D9U|wFgR`UKkcxuf{wY~LJjqBPa zGzqBkpxSY#Z>e1h9-YG8#%<15d}N|5FR-W84S~`j3fCoTE1ofBxOj`x^j`~$jt{%b z6n_eQq%i*@LkBqD^;_ebag*AX^FEwwV1=x>rG;B9zQTce4;|OY?D))E^r5}|_%Ql$ z?;O2vK!hD*kBw*T$lJq-seJXm?qz=%!(nDt{h%h_2?5rV*5E;$mON^0L zwN=#u(m_PP_)k-7K@2PXyA`_|@I@R#Jhx|Y+G@?Av(_&UXIM>3A(`Ou{oZwgah>6G zcdE_i`h*MSRP2{b->fvxu;t0Xh(8=5_(dNotqs(uEN4}@7g8e9gv7t@oj5-5+3y}i zJF5Y{lA{6g%w@-|?Pc7BsnlF6r>aH5W(Tu|0*0)sf|~SdYc*t_Kd~@|4PsG|V4}iM zoB5@Cdjbt=sUx>qHiZ`f_IobNF&gcPO2>9IgX%bA+1pZtK}~htyNV!45fl*V*ib+~>AgsoD!oWiq=w#Gh(UoD zk)kx|pmY+NgkD8KdPxW+B!H9vkzPU#H@@ZjeR{of|GIzNnHOdldvJoH~f=%93or%L&)$$pM6pbz$ykS2kWv_~rPU8}>a4I=gP`=}!$ zR~Bt~k32H7_GkGUzIO&!cV6*MD8OOm4<4qUNh}xGyJM)_Rv41Gi-zf_#fqsxPa_3o zSXYXZ#1+FO2@MOc@7B;L@x!UgR~;=nD}`iFbZeImDjK9r!$%*PZ^K!4KU*}SlKp)m zIhqy(l4{HuaS_p-wf#)SR(WHxVC_FEtX9CXZe zy+TYqCDhj#AZY|3sNiKSFTd%M!ar)>`|7_N@2XtktJk=mP}JW1)vqe%KK{&~|7}r? z-GUbNooi_9^QER}1mwm|bx08?tDh(Ihy-FlgX_lsz#`?rGJ)eLHgN!P9-$l%kML zblTI$Lb!|0N0kOXy}k|y+|f%Vu57ZdRn>QG%qz{Q1_*l5YgT!lWD`Al^;V#jN6<-@ zD~d5ClE+i!fX&a0K@z4@teQRtsjct~6;L_z4Pir1k6JNz^YT%5Q)bGY-Z4U6>Z7%& zqT3oHu^9#f_q~(Oa~l)|C~2+*-cao(OS3J*xr#r|X-CgnJHGC$pgK$XiS*%a|G`*s zfa5;i%*m`M#l&>)6W?yH+WOGvt4hKhTPU#}`2daHlUn?n2~YN}?h4b6MAkGHTk{7? z?g)sX0?`nGMtrHc=*d&G3|1zFB{BD$#c4?)2O-8~^wH*6OEG+MGe2GSV14%_nkeys zl6nVKDZW?}E91>Tla;sduGIDY4~O$Jp+Lh16@Vtmla?l&?}1%HN6Va=b!hZJum==L z%2K`8x`rTge+)sL5?o?>dN-H}dnUbxED|y4ehK7fN$C{MfU~Y|K;40w>&^JAl@%BI z%M&cMHti%aY)-82pP{;VNs76L@>e(KKed16wd!a)5KHQNy+)K~$-eVgk|DwvkI{x~5fJt!CL$!>L zQhCPja6xg#C$*^|-}2WTl~V{ND|*1UbW7JrtO##8K6V!{C7hhzF5&gQ1nGuPNw<`v z7PC0KjR&lnU2c&FX_Dcd?sifN*xdqD_Z=%+zG7O={o*ir_?8APfBgO8iT!YEEr))M zeQM~u-sfBX#|q(~6EKH0Zg6s`R1NoJQ4rlOl_tjD@?c%A$?&Let>kUWuEF+PH3MkD zdN-Q2V0?wXhmm(MPo;Vyn@`F5aP4Cc+ZGV$?v$f%ueO|q?bj{J*nlaNpACN6*?ri) z4k|n3TQdak2p5bNyYC?3vjF>*FS=ciX|EF$#pM(4&^9s;UVkS z=q=*j4d4ygdjdQKGsb>=lO=rWh7QEa2ycF}@4wgl8B(uJP9tI|l99YK+u+u%nRamK zzO#Ll;s{I}@DlD5z1u^{NY@z4Z5%05p=`h+@DZd)W%Dzv(4?ikd?d+SEmA;(sV3y_u!=dzmaF(G@X z+V33{w2=K_Ppg+tN|TBSq-~NV+oJtkuyCLEWO*z+X#W&bo&DnOZ`;tW%K1)5BFr!6}h&KE~8 zJZ(5$t*|7-T<<^WTs1#V8pO4^`=z#}+t~!=s$G>}Q@>2i_GRQ~w@e|Ke}6>IBY^&@;r zI=*gKRFNKT&C^`&Mb1#fC4c+wA8%iK-zt0^#6DiHCR*T!T(<{$lRIwA9KZ8j^>P(i zAC#^rd@QO>AUpwjQ)#iD=j;6fd%o6p45@qvh)r@lXoVFo!9qIA_y}s?-lR2cD+w#bWj7LpRkXEzE;ck zCUWk_3f{T*5n|UUZw<_s!vrg61E~NGy9@dQ%0S|kWmbr3ZD zHYn~@X$4#>5Nqb2yYk>XDV<}j!o3Y-Vcc@_3SGcQ@~N;R6j11*@(*l30O~wfs3LJU z9tCYiTRR?XE%fyE!plJ?fN6(nZnATLH`#B%wGrn}qu)_9sU+NNmcFpFrjwLkM&Tn4 ze%&|3I$WsDx?Xaqtp<2-pt>-E;?HYm`ODM(PUY{P#aX&5MP3~J_9fc(Ji5UYR(z2p zlY3}Q5twPLr1Mfi{EDN@m5}1Pole}kCf16sQ52TG`vDZvBs%!@!rX->m~%y#0+#Y~ zFnJUZghjso_}8kG=*v+TNF$R~Lu(2V#7#0Qx8)C_I%8Ow@E%9o29Vu4vNvbJZZ{QX zpsbd6OD0c9DGU4VCGF9QLQQ?+-1-|$`~~V1zP#{uiE+|j&6N#WhsiIslP6Db_g^jk zVv^z9OO!|opMvM`jvQZt<8r2%_(1rN)$ors-p%VavV*3Y^A5qiZ1NcNQr1^&kqvvs z2+D#fRw<|S0$l*k+2rNn&K+>O15n$4(6oRYQf$^=6*_TZZWG#<-Yx1ieoq*m8CbuM zl+8`mI++MLwcHs3t%S`U)5G3WyizEnG)>?$6});;j>7ylZJAoApYs<9=6?(upYwe8 zt}XwY>|@f%+q?i?MwID$A-49W@9GgopADUk+rS;$7q%D8QgLOH}6gY7L!2jsaO!)l~ofL~+u$XMc^7$eFZEGt7`k z>lp?Y4z!d0#(Vhuz?H9KWVHl!T@Rt`70Z3DjW?NpD zm#$jddqcYCz!S_4*|nMJ58}2}%(+eBaU1`#RGqaUQo*?8l|vf7F_rTQDcw>7$;8A2 zao56@(NNG#^lrQ($nkpv|9ks?M)3Tj!o4NNDb{*+EnQ^c$pnuVS}Ia@++H?;XeN46 zil*Hkz5W>pZ@KksFzt?H7-9s7KK)DqBu3t&>D4PCHq|9%|^F?vYByP4Cv&Y;Wv{;qZ3~{)JGwb_%%*5R$|JBb~oM0<)I~;;|bh44L zae;x3x`}8`ldx>7*xk3{<8b}}t$ATX4-{pC z-Lq#)9klX0cCf53QVnkHQkzi#38XttZDU5O;rGDuu} z=jZ3cE;NvFUVV{`E~_-W`Zs&fEpdTowjWjN;wE~6I;%*0+8qRN%zZ&uh?7=GLF~2g zvBo6$$4KK1!Jj@ofK^xTV|MLjDeUd-4`^EnKlJ-D$~Jx z$jisyXW+0a?wRHO>lkMjmz{p%bFuu;;^N^-+pdtn2x{i*IOf-6;H;ZNy~@dfJleVq z@2kmvK;tSVNlHp09wd;>!ou>_Tp;{Eq(QMy2JvrTWMt%#m*>1p8kBJcT+89F;Y9Z% zxD=|$Agzy#OiYff_AN|Iut(Jd{oenXs2R&P7D<~JF5*+Ndq8s~P3cB_Cf?kelw_5j zYXd1K9{b=Q>;LIde}8ZloJrvOJpbhOKjHhQWBl{+f4dZ1`%dQjf7trJ`^^E8kYXmW zosa&p+J7ACN8g_rxHhgNL}vcBv0C?eo5j(T1m!=|_@`9;{Q-VQ?Dy$b1^sUu_lWEU z$YxdhAA|l?_WE-?bOywJwK)8)|1-M({`Da_@Xj9l6{(Vf0`BUcRpLKgpdWLIi;MH{ z=X6=$JLoVwX-2g_J0EM&u^KxJaP&ii68r=#ERAUAbBKp$tiYv zm!SD$uaO&5pTn4rO8ZYX8Z8fBALX7ayR4#0zXU+Hn#3VBPUss!&@EN{kDcNh(fvV`YqdQ z8_CovJ^xKsM21j*)n<(!J?L?I;$o~XqpN(a9l+F-9EEsdITLCFvAX_>4X45tP)@ck zE7&EqaBE{R@4-(gD%bP23zv$dJL%x`B-3YaYj?u5RGHa_L|$o~1wTUvlVbE|>~o`j zG09(c5hSLU+x?O^el-}eRe_R%E zO7|S%{pc+tUe5tWVc)|g8B2*f+G-camMSd?hm03{hmU8O@5e~MPYr46e8A|tMyVCc0FZ!@7WdC z-7)!CNIhJuowIO)@2w6vafl6EjY`Ro(@J?QZWpUD##x&rNj~azUV7x`Q?-;Sz?dJ7y{W4Vk>pY^6T;#Ol+dn;BqPFAV zqcxgd`|-BWG!b5F?}5Y>obxVxI&nGwT}ov+VQk`@Xdj#O2Al^^Nf^*g#9yIz>U<+K=j-0-}=% zxein5q?k{FlD{ShvgTZxx)_OvU%&!d+Pk|!!J7HVRe)Z8kdvcTfhtYU$owal%nWy- z{Cu7{$G)P63Z-#nycbEgM!bB`OCm|%y_U3%A3Gm z?ds_f7lX7(t`*I&#FbT`S-5ScFtREBkxGLRG#gl&3k z@5=llpFHR}0T={xyBjrJ`dkovySnf$DJG~VDUbaZ;_)PF@pO6w7+O8?$2)pzDC^d|un)H2%1N?|2*2X6 zvdh02e1|bs^lYWVy}^>tJ5Jn1HKm_&<@(Jl>vcX3_8A|xg`neol{KLhQN4BqY@ePn zzzH(?3h4TR9(HsQw`k&g9JpT&052zeSFD}mMTaQhTa4z|xKK;2Wgk1QEFH^bJK6Qs zxulh)XRw#3`DIv?0)PzDonjPBJ$47^uNrzHj zQ~kZPqc4LUOGcfyL&X4+fe*4M=M1Im8Ur4HRrkfxcCp$T5YPrG&p~Pdr?rfsWJ`_s zib*TM^fa)}Rrk~0$dpGA=v3CkAop}X{WNVMu6r!diV{+a6r85sdAdU*=^HAZn{vJ1 zbpE1iZEeHO_bH;A?Cs|J{^BNQ!QW<2NY>{b!q0&6Zt;kvXz_25yQRgg_@kV6dO}Z! z5SPB3Gh|z!)^#u0Tkl?TkKj=4W_TlmM=0b2N_MJ2)waqP#hNMSV>p(Ar?Y&gx zj2e%(wat}i9ll6KO^D+VAqz)aB1RRq)0MLg(FfCDH?ZcN?4gGhIv*YE z`2Ybe%giRZ3l}%D>)~4`2@l?J4ZN!0(y^%CISv6H>7V8xYJyjJd?$C8+6(IJ!p9hbCC}mzByUBY~I*0`@XA0p&9gbS#UsP z{XCIvpvV{4~W{p?q@qiBh>tlc0)uks?O4`BWWciZ65YQ%> z)#QGZK#)&lD6G<)9CuE!rka{D{rT7C?N_^9e38y>eUh{f5_l17a^LntD+GrfBV8Bh$2o?W6%PWY*Un?+R0luNUE{x>N5zpPPBgft6d^dR{!B!px*zvFs z;6WzZys2_Epzc%UIT4md7nw?eHh9Pil)GeWbgH={}bUO{|uvk_N3YEa~2Q zW-zo#WsG_m`psZVYp`ysBFi&SB@nzVf`e&;9ko&V<_6CGp!cQLQL=0>QSVpfAzpdy z)S~?wThetzQxz2$3#QdGP=5T>^%$9^A!mgO))Lm~HvA#!8Q#iqWQ&hIKpLMSGeSqT zu2g+mATpbif5l=<(8`3R`AQ|d^~O@xKJ#8{c-FYWY-z}Z@MFIj1@t|mXSu-f~pQ)G1`%)U7(-A+t~{IUhr zk|*DB^mosc#Ph%8%+=O8X1!zUV+Vstr9ygNzi&qrja%io>xZ`u4KL0)zdE3o8QLjI zzr1vvNsBThIrUmzetW9GZSoId$N?A2$Mfs_Mh*2ND5{+s1MLL~3LakJRxF}iO(tmu zZsJbjy8Z5}iereYSPTV&1SH^jK_k!9HC@Ct;tma?oh;*S_u6J>Lg0&4p5kVX6REr! zD(HX8!+&KF>UQ7`#s++*%gHw_dWzn!BTfZOx=uEqogDSU&!6lRTbeU_n_4z-G`T_S z-#vXLZ<6yVW>!h#9riwB+#n*S@*s`CB#inn@koYeklFy2d>%Ua7Eyb8^iccY z6agx*Tui$tH0IZ53V-1loh}f5A2Fhx)?i_Tlt9 zYf#R}m%!_q&!k%v5|C;BP%};B1_|1Q=8cw3s$4x6-5potO6!-44Q7QrD8HLS@JDHw z0gWpmqcqf#yU-(hN!Z#Tx6x71qeJ~0goG(SHHHEEm&8>u1)bQhYwZfstv=1ola9|L z3>jzOX@>37(M!Zvu+=)7=mEryNbLnyp%d`;TJnK)4{w1@`<>_^vjz214mt8?YTf7) zZqd=CxcgH3+oddFLbB-mjyC9}1i+?@d%;|m+k%0Go83xTXp-IPx`ht0 z0Fhy+uJlvpNVnukg4O0MTS%cD74O_L@=OL@b$E7T+v{)z6RnEt-lihy&|=*!WuiT> zXQ0t8@z4@)J}6leOlXBsNL9<=z#)wnu$CksIj5uvoZ#t1W2dRKoGJU!8>r;^}WUw68d zF*n$ve}eZEWK5gIY=*Lx4u@a175PXt`nKek30GOw=yNR^4 zrlp&D7YDs7Y*@~71KsE0w4Oaulw!P&v~8(VCvwZ-IY#rfT!VzxN$nt{R2@26>tVm?t|10 zXJHs;#*HgaHrs!2EkGk1_K>0`j5wCUS1=6#;?$zSK$HFHxYgR+B>KpAn9mX~S98jl zPjmLduS~VW0N%B@2BGUNjRC-gw1(DvDMx#cOa5v9s!~^Rem9%Rrw@Y>v=-_(&OZ!!Yi9GiZt_?G_FpZVns$tuJCrw^#fz`WWH zN^c>}Y|jCRNSk?@}l; z-jf|bava}XS>tHDVT3{}G9~5~u#;+5{yIxPoV=KySWAVK%m1pGe-?6=xQM08f3N)i z#6lRdD&Ygs(MIzznd{7BLd{U+r;y`U|ZGiM#i&W;3#N^pV0`_3Oi zztni>)FTuET@wh^AIwW@O>iG>&~)E0vLu~x_%6~1S(Dtt<&?)>IE5yR(zn<{J2>-I?zn<`? joc`+x|94JkJ0(|(^%Zt(oa8=3{L@g;Q7(I66ZXFV2oj40 diff --git a/docs/userguide/images/getting-started-modern-look.png b/docs/userguide/images/getting-started-modern-look.png index 34dbcdfc80201f8e12b469f2e12086e475dfb9ce..6cb62718c0388c01ffd7384c742908da672741b4 100644 GIT binary patch literal 22602 zcmeFY^;cX?_vne!I0T0f+}(q_I|O%kcXxMpw-DUj8cA>h1b26LozD9_@4eqycV?~m z1EzoIF56Xg_C9@T?@!fr>)5P_-;!P z5k)Bx5h6t=doxQLQ!p^e$ka60Z|Fx@KYKH86Q&^wCE>bByQSgyT#gJ#$pS+@i3p?C z5jV6!SPO|kr9kUqC_1P{RYBJq7^2k$xC&uGyXw*{Dtbcl0?)kdIY^#6(Fhqwwm<$$85^z2?HdLZ4|99Ps3zGE+ zyUdBf=ZA+6RVSOc2xu^jCkO1+kkJ1ua~ph*nS?bpFH+DX&T`ZS}O_b|h5A`02-u^Q(PnY1D!9A!+m==5r{q zLJ5Nflc{S!$P-*Y@y)pL)bkXJ`YATo6kVeEDsN+^9(YoBMStK;&aWFo$!!xRlKo85 zYvg?Mtz#ys8qq>Z-@Hs`XFRRx2zB6i~HTJJJ4!sN zcy-7&5YPpHQ!sBquI~`A{b&w|IbhYBh;3js0r&;jtKcYos5sD!eNY}KWkdj=kVynY zg;(wT_k8>Lq$3a6mlUSNyO@44iPa$xNpd+BCgX@)0T%2E=b40=RyP1 zUvFWa5sM8zRe@CwJYO0uf|m_|J3w_o$Op}Cef~qDzgC>h3iJZ0I;}JF&E5*5Yk}ZU!%Pq>ECYk;{Wv``b5#9b|Q2YQS1i+%eq0 zEX3mv`3}l#v0tfq5c+)1i=P@u-#)oIxO{swf20ng6N=vy1rXQ4Erpzgh=jNS<$zR% zQB)FaL>;K45hH_ggDgg*S1eb=SJf#gDJ?0*bIR0t-)g>P&N)_8Di0{OXNs5lWZ*IlvbB)m3)xtO(Onv zI5KUjHoE&OWi%(Ho%%*Oji{3GgnBGxjYyl=Tgy$*O*xLloEn=XokE>XozY#+PWB6B zE#n3KRN7R!0F}RzUr12Vp&~Ce-Kg0p@u=zOcL=q9!N9_VD#a29*+L0JVI{ra;>^;_ zGWEh&RokeTVt>k6zE{kh&7seA&P_=lOS_QA&8U@%m->~Wj7F!drE-mij>?U?rwCL| zf9q0J{^s_h=?AZ}SS4O1gQ{+^m*8E)@t7EVbPjes7A6CC{b3JYm01;5S&Q0PfmZ8s zNk>>mZHJ(5{* z;;3ic$~@&fVjarh&bpSfmW3UcG;?W`ZG>qwbpGL4;F;%H`BXX75xs+Tp|jfjm>pUz z_G5@R8aC}Z?LEyi?JUi{DyCXP4O6YPdSsq|9>02}N`EC|(ZL3J5ph}BCfKHR(QVnU zxv>>}nSD8SxE;<9cRJh?fm9`Iez8`Y$mhBC@R62TZ*X&HX)w=qNa~4s~#?R<`YIp$n zviSHtxIJqgPA`Q$pS&==?mWi4CA`wT1@3>}OI=%DW?nYm>7J}?ge zxW>Twdw<-$r$b1BZ-MWDD?r3Th6bJqIVAW`*A#^Jd-cC=&ZD9N0ZW+IRC7dZe7EVP zi=~A!v}ycEjfmRV^O*8*`j~oz@BBbgBk#dr$pJ}66Y~_=x$Ey8-%)<+{U-k{!W?Zp z|8q4$HFj^PWoT==XxnOsBHfd5rP0Qv{p>nu&s`m->X(+IZRzpoT&lVHNR?3yH*S1n zd|Yk(2N2P4o{1722QC#3olaq1ZyuqA$D7kTX9q~V#Vg|?MJM%H#z|^9m2J{>C(TL! zn%8r$YhlE1M0JEvSy&mlT((@ioTGGWc6(O-X77pmRi=_%&Aj>?Jp%v_C2}Nx?&nd2?XJW)OA!Or=1|K8{Bb@esz z!l&1oDuDqN3(>}LUHOjh*?awgPrJJHeC4@1LD!@ESJC&TLmB4E$7hr@fs{9Mi>u&XF+Y8C33s=n`u4?70U_O3FqesV`br~Tu> z3MgU($Il~Mfwq`ZYadEY!D%Hx3_D zSgHJWbkOm6eVV!w*x*BRD7q;b7#UXaDyPY&o(QE^lyMsqrEPWnPTx{}(e!aN>2`3x zuRre3<{ZgPEBslxkL9|*jj9w-OBmCzOBFQdHsoHyQP0)^+J7Xx4qOxyI<=& zLTi_uZu>-=?~eRsZck^TJ1lG(3L;Vi?9cPkb#GsRoA!-lJyT@hm!f(Tjm%RVUOR3HJ>!}>0KtFKZ^XpEYVT2 zbgL1vz`!7&EWc^EXvoQO8{6A57@F7{nKF3TI)EHqFfd*ZZcx(J)Wwj}ls>=s|DiO!`kJ|LsTA)Y;g{ z(!s^j-j3*RzlKKkt}c8eB!36`U!Q;GY3gD5zeloj{`ay#7s&XxhLM?piShqQ%*E2| z|3&O?%|BxQxvqbP(ViYv}?EOb|>;ROp)r_*pJ&28P)3&y5LCHX%n8TnrTzF@mTd<8Cs?d44K~&zbjb zvdWwn(tMKSdjS+_LLScZ534(q|ND{tW{m}dN-#i9*bO5~U86YZvqyRt#5haKS_}&)-P9|6M zH}|*jd*2-Yf2#gw1_J`%$8iK_$o|{@uQ23)Gyh+O|A-RN%aKjEG)sSs`?@Ab@okf14^r8>2d&(}wptB`4>SBing^PP#jL zNlNQ1eC5m3OtL@LS?$P{T&Ebx;Td}Ep-wL=IZ{g!xU^5Y8A;xol;BzP7$!|>af~go ze^iNTS!2+;?yX73klCS}dO7(D{Ni!&z$Z8p1z$?G1~6~*QynIZCObK4B{Lq<@jlom zwM*Eh*UEY`a%Ps9;iyfo%BPT?Z$g1^j)QJ}eTS8K&e|9?RGl{0ms)9(Z!q(*xj_Qb z`^OiTc#LrrI?aA)(7pF0acvR2&B{{@sP)6%bfQdz^^pLR?1~olY2i)m`>$T zh!MCY#fS-fV_C?O`y#U<{zGZKjIiDtJT8zc>?A} z8#`k@m+rJH8smO-g&^x)gAR$`Yjr>Pa`M7E!4_ee%==kGN}p>3(1}QW$f_Kr<(3v> z+9>ClpYbA7@~bOZjKIBSTHt-O%Z2eFAi89$^FcbxbE@mxw7EcKm6`8D;e$)*{hRNy z|4mu)MS56qO=43J??-9dX9;iY;Pv_<-=B}cK z5{Sm6h*Y*UE%=rVdKYyqDJhLG+RUXwm*!@bIX{V!l@kwAjeJhV8A9L~3Z&&_fA5$o zwS6r*oytTO$1-4EJgIjDZJ%5wd7Mih|HMRw+NwAC$j3X%gph8LDyYvpcimmpr3dp=RZIHXiCGYYQRZM1L8Hr5%L`v(HqTdQYM zy^C7A)=*HkFELV{=IqaJZJg$-DrkF1n ze6I=D3Z*$X>!hCz)3oP5#Umv%$B|8wK96WDxthgRE04fy=k!_$tA&vk8o;jQ80Y2m zDY8%>UEh0s50{*u%9l`OiCQ@&Iuhrac-p?@F*z_M@Wfa+qXbr z0Y=OVd*F)V^4H4A*O5%NQK}ay9%X#P$0K})GftLY1&Q{3 zUPDaiIDvzxz!HO>#A*i8T47R(M44sdz%%#O1=^SJGWEF{b5r|Dr{|_uxnZvyBJv6C zrGsCYkHSw~vYo`D^(;!LL`;33era4MFU7}bOAVAIaUN=nyt-Po`^ezgTk;|x#U^M` zP^k;GrS7tE*rtC0cId!(6vmbc@hFB{p{LzG3!FM9sxNn_Cb7O#&tA;K$Kb_!-=KZe z!DHMZAEys#H>U@!zu=kW8=uT?4uq502(U|I376Kb2%-gB57%zMYZ&sC*S<~M2fnVo z+tn?N-k+RGF=`>;r8^p?_n4}w?v^84tt5$SORjICmo9oRRUPzsASvEEp>zzwSF8@y zG`!)r+JNe$t2hK7I8o-XS*^wOcrW^x4$&2O&xhtWX74B2+d33Q2 zV)uqsv!?N45v;>9V%qA;-qW&S8qs)eY-Wg7yG=3L!30ZglC!qa zT=#i>xlN535?G$~aJ)1~VY9Y;e*7fGYPz`<2;4To_<3qCK-KIb$9=i!xdpe*k0cJw z6JK{0j+tY-UfJYR9FgJ1Sgh3sxTC!e}n4=9V1(5h~vQnf3`1nRPwS7EvLS zfh(Winnq2T{R>tY=kNT@P!EL}j_TAddEasG^~LL;F#C1G6OB{>%#1`u(tR_W@A(d@ zSf{+>0EPiU8ksWVy;xoamVJLpF5@rkHATot<~n9amFb%4;Ay(S4<@4sEW< z+oS!-|*sJ^m&zUI0ga)-ulKGMU}XUplTnB5BQ3g>3s5QlQesYRSxa486 z=-06ZM!jl?GOIwy{&wp=vTxU;N;2q{Lv zp%}<<3tJBB=Jj~Bo8Y;d<)P_N*#W9xE;cAVUvh}K2>JGt!q;XlP?dRMU&*blEIq}< zH~_A3D4=zGRnW;=KsgMM0>FWhtGaz1SSQ^qj?-jh^32y#7?_^mey$|wjPxZsPI z&DpWU)4yr(abZYPlu{_6?Bho8-7U^98%z2RVXKJ7_#RmXAbB)}bTPkRofC{{F#n{n zY2u8c1$G*wCvrfk5P!zR`V)oy%|LB%FprvJ8JAJ_J_MU=r&V91!XvV7disZf4KyE2 zc+F6Qhp7Qm z42hVk9o|0e#Wiv1cNsNBkr*@Ep|#{|ak4PCZ(uKXH46AIX-R#?a66;KMd)n}%HFB6 zBwT)gJt6h|Lt^>3f0h%Msk1`j@ZG9#G2FD&hka0 za*SUgd2y7E?TRb;3xd+P_otT0vffhkfxPFMyHSkh6XJGp=DuR3V|p4}V<1w8b*2`$P4x9XFDFb-F;J`Fy)!6!^?nfnF%tOtu^rBO3Y8%bElm~oc_U+_YyNNP;Y$#!`Ih-G_G_lc>moC;u5#m`6*RiEpXZ}#GyrE0>I4hA znWY4R6^uTFJPRd;?IHkS!T=oop~!G7q*SP#jloQZz(~g{wa{oba(cfjjW$ciG5ZYZ zX5FTGSkC*i?XFCRp)!TNp1eq@*7thB(TKRnN@6S{7n7Rbr?av6aq=lWW@4c$4ZS{V zZH{qlcxM$!J?{!PpW^EolHlPg9U#Akb-X4G*cTmtRVm#~aW! zjzf9Q=^5^iX6liEu|0u*=K2tcs4b1?9EycVEv8G9ilSssX}q_i*KKG{cjWCOWV&M- zdOhSga(!xlhs5H;Jy_;M-n&6YIn?gQ@opf88T2I=OTHzsS)R!1a{__q636A@8D1~g zK$%5=yRQN~D!w;IrW@gAIXUK+eY6jHx2J4muqHYfZ4%Y!V{;gG zLFzF+Dt=eUevO11jQFN#haVA*vBPlYcZ3FfeFhzR zeqX8RTkx;p%yHI^K(tUkSanNLL&fz%XXY-P!Y0RM>eHDikuq(}rVFIUYkS%kZFlS|OmxVG5T4Iw=G)f4H6`$k7{1mvV;doPts{G>YAcu`C-D)No0xyOJM=2?);+P`iMtDMY- z9HPK+2N!<`*Vr0PQpLyWb}+pH|=6P6?JCqAcmf!I)8za`1YbR2F-br@aM=P4H-!JVaT{{j7MEFBTIJnJ3^O zX4}$qUq6X03zSB>$-A(RAq@O_PK5oX3Q3fp-lFo(n;n(ET(^WY~_ueBsp{$+zd4r)F{H(3%y9=6@l^0 z0TR~|87(8-ns4foSq2d=qunn#BfW7T!F>}WxXPEASaNH2o&gI~Ekv+Dht>ke4o??o zo-^Zn{IDo-Rys<>u^Nn9o<)}wN4IZzy&~uWg{(pv>Cl~Dj2=cPHwLFx1b`jHOt@eQ@Cy zq6%Zf%~LQ!Wrz5QWlG1W%BsvPRHf>Y0*#eI)Oc-gkSkVITHnpiMLV!TVC7=8N`5)@ z-gRnnjvV7N6`s6CM`-Q~j=IA|!XND#h2WF^^ks0B-Jt-^V?4$m@F>xxHo{68z_vZh z#%;5el$Kb3D_z9Qicn3MBz+C;)=!L|gp&=p&e2znjKI>!Vl3zvd%EssrU#(`S?EmW z-*6fI_ovJ-Xp7rp@Sy}=_Iq{B*@?uZi*%RJ>dXcyu@3f)WpjQGDtjbWSr?DXg_W60 zv_EqP5_~t_cksjoWB9Z!rj|W;X1OXFlQ6b+p@YvExV5MeU!O6mM9wbaZeM|^hq*Gs zR4%OuupgM7i5W`kaSF8UOhEW$5ZX*XM6rQ5Ko)Ba0~4H$b-j%S$7!ExP*9ULKcvD@ zJ(N9MYsmUFSmU@X`J8?Jm}acRd04>uYn^=n?oZP*ZH8Xy&$}5y`t2`yq}g%3191tM zvn@yB4ynUe@7Cg!_=cuCZNntt{Rc?g@_3#)f7XA-%(sk744;LW4qMF1&bmJd zS(@T({}=?Wo6sTfKo1O>;~a$*n9MQfRy+?(Up&AlUSu(V4+VFp2(q7rb59@3vea9J-7DVBx`Mx*l0|nG1GD3P z;vdmyXWG?r=iEsfX5D(kTt}(;Jprq$Gv7L1z)}7g_cO`%poPw?_@KG%*IyXhXR~c} zN1aXj9ZTkYTKDR;>1snBQZv9ieSwY3vYXqBAD2ww!5;+92i4I_R3^C5X3HwF;A4ER zTC<$av}bYT!A)=RU-xP``%{yGv~j?eae%*FdqRMMU~2#wsC*oEy$GC`nO|*+I3)qu zlNJY-p~I%(E0YPi5d8r}vxYnJ!&#<+;koF)z{0=&9%h}0kRmNXZ+8&N`JuIE6ER@R z|7^B{)iuMWY*U+}%Qw_y-=UO(!zC?Lkbu1BZNMTz}Q&wtD99X-wqYuS&N}wgi2QBn*?2WoiUoX21JtxcY5rM-u=C ztus8=IKHQIJSj^%G~jQ%#EjLT+t&B84pYiLHR)XB(y1t+$nwD@o;|!wi8HQh0_8AS zl0IsVZbit7Tm&)9yp2(&FuOp`LpfMHik+h)acj$SIK~=R$j$yOP&4d{qbLvP^n(2l z?#<)wQUDQCJqvBOL*Q>wW8EW4+`5)gB2X*j`v1SAF{ zg&3~9Qj2_s__7X@vCBHGg5OZ7pMnMD7Ti&vKZBa@&5B9pQ;_tVS&a?1a|i~pN0EXl)?n(Vab|3iI2@R!IERS|*JGE12D zU$UDp{#Swf^S?W&{{g*ZNPlfmM%_g6UmL`LY+zzXP@Vm+4Q7ZEGV}8pmzI{KREVo1 z{w;MP3FvyfnG!g&zuBJ{(Hw!Ar#b7q=%GFOT^zoh(`T|6gTt z*~e;o$xSV>cs}{bl?9f)QZtk3eO9Hyy>6F#dwU~QnvEr@m1;9xp3YJV z3Vg7p%MGSu($g3nE=SuAQb+W;+u?+M36r^CQnh;B z$GJgeZxsA*B{h4>8!yeReESpGlt}m-DOmJc9t!1ieiT_i``))SWfX!VLu`62GTqh_ z8cj{j#H6EU8lr^6Oxt?s9lNy-RpRj7Zm}1+>lV2pYqk8BX6#PalX@fpaBB*=aDs zWUfQ5VOR2+n9|Zko+8{S3GHMyZICrAkom9Q)$3CV9J6bSq#}ZQl$V=B<@`~J5;TEo z+7KONsfI&K@DXxRhPxmYKkoj96iz`HII)(b){ZUV|ME=6N zh-~fmdi8Vf=^#H{hM`?FPT<`moi1*rDZ-Opvq3bCLD#BW+~a_(f05H>k%;HKt+={& zB|all4>7t=*L{uLzUQe70~>pVZ5*8EW}J1eBw4=U=er*oM{xr}ZTEc^ll^%FXn5zq;<;-(DnS@b0-^orhy^oi+nuDb6fbGoUGCqorN}kZN9+pO*be zj)GD66Ho+R6_=YVjiJpR&e!$=Ad#7(5nSXY>wlk)f#y400~J#CbKA?lxhMko^>hUu7e$?Fac4E%r) zVgbBYgXnIU>FWBvs)vX_KRd_R^uFCYt=P80$z1k7mdWSR|c;OklF0>)xC;h;QFTtWqXhZ~4Xhl$o|^p-Pif7NZB+&k>ExkvcT(Qf>>n1>+?yiEq**6`w!t>!A{@Dt#DhsXWX~5 zf?(u^x6LTpnmSsfD0ZEsxkTJ&%N6WOmzfeNx6ovM-{(c|)gdw6m(&~kq=Xr`#$mdviVm}zAu6gXlHmtd=jDU>J2+~23 z&-Do9e1Rb9Mcn|h({C|sO@#?<`)@6s}!VZ~C;} ze81zOJ|)+NjG+!D*#vU!gL;*Q;U4%4 z>QuPSCBs4#k*Ov>6EzhT>h&&H%c_&i7z!2kJD9?{=RxjRdwU|>`w87Fm-D{t)7!&F zb-_=-AkN^UNS?vbj9S+Toqq(=K|2jSlfc`pNW}jAbk6sMg>^! za4h~xcxmD<*mQhLhh|5CzW3LgDHhvhHUuajmI@(>pV;cmUhHO2P4~T4Ca-6MEh;zi zULO%!9~jDXm08Gr9FNUp4i^L@KAS}X<~|4dl)jXdhn(g8DObzRjHbZ*qwy>?R+cGr z=W=H|%g__ zBMl5#$mP}|S|Lf?8dsOYuIEnz_r;#EuV7uAJHxS!C)@*-Ambao$fIEqk!_AjEX9PP zHkd`KzVL5D>li?hZ^1(02!A3T_KqkN^YzF_Gq|)0A-kZ3Krn_9i7?fAqpc=JXDa)Z zoWb~_@Ap)C+Bn6p7C^H4*v`^@C*Jp5yF8kVggD+zmhTj1u0=Rj2k``Rf z2b1+g#zQ1sXgy#Ej{4J#OssskXo1NJ{7W6JKVxu>Qz9WZ(Gk3jJ@M6zNO9w@)Y;ogZG(1 zK{K^b?cO@Q#QGQfKc(*=!J)u`XpEoJJ_%s(dK?~==i60_^HNT`F6f%SdeZW5_j83%dZH522e0pe)1#1m^o zxGmrCq~g?|xcX(t2|afcGa5=~g;sZ(*aXE4yyy*QzScb%!G!FiNg4(zMPt*qEJyso zn4KwgE}vvsVH#MSC?$0}+tfP0`+z|Bot%g&I56lOZ~`xr0B#Q8)lqcc@NNA%ygdO) zf45|w-)uXDpq`rnpNA?8)7It?EOe{6+HOc)u(1j84the_e#mnAmQ`Mf_tAY_DE5w@ z=@AaAnRi%O0?6=8*mEg{u z59{8x>*wV3>hS@7tp5Ez_&*(mKZ!$ZWfBcry&zEP^j=*!SAAnd6(nK?5-Q-OQPfBp zg#r}m$gA)lal6pJgn6S09j(@0vOd%8X857z?{%P4oet=)35r#50GU~?US za2%`P3c)DGcWS8-%|_tcNFj=NaK(nc!o2vvPoZhkI1Fo&UAQOlP3M^-18_`C#Qs!S zL8mo5?u=NJ*NDI$gV!z#9tZVV#5yf;phxyv?7OYGG2cvEx~^L$bTmvipQczRNq%6|L)|M2qS2#^Kknx|CS$rGf|er$|6? zcI9}Xaf*3x1&Xhs?w)6KdAeN>*hVW0blD)SM0B%qW%=+t|+oLwR zUt#)X-xIIlzQ3F{0cEEtx#)siy4?0RS1i8O?MymaIRE z^~ScwPAH=50a6lz4%gFzP}5kTJu;1f(ncOr{~CF_lWr`#{5Yf?a!Cc_PQtw++)pX$ zQG^h;zXT$jMT>cW!3@g`8#D->%zph$ME*RtY>~C3--i$ zjfhSH=es2J_;TfGbQwaRSaZn8x#p4#9Tmum1I^@w7|i#u%8Dw;Xup#yw3&qcn(EEi zeXFd^0D(6EbrOZP50Jr_yP4!+WZH0`L`&L@t`EKnAR5?4R?% zx&|}ry7(+&xnK4PDi+=0-Ujmnl?uwq^K#T`8zWK%y8`7=&!2ta(wGzg&bL}(H|~e` zrR*DSnfQAgSbRWj{`4r=Dx9G^fly=uj6fAOUJ|l`NSklET5BmFWZ)}+kefY={EUzd zVse8~Qh{)A4O3LZwJms>#d6BR7wZh&Hkn`IX;N-yif5G-O-ACb`DU58SNRkgWf7 z0UcD)cm>0~P}7OM9xW{G>9>9|Lv%{wIpcwiMh74RVAC9YFXlP8hHu^T-FZWFg1hMn zKzK|nM>pEKj&jTM*@QJv@UvlF?hAAvaxGXN%t)m40BqAR6|2@U=)^bAE`*v(&2!I7 z#GLG~l3RaB&3pZM;764+ps?=zR;C9qHR?j0XN156j}nUles0AvGo?v=wUmK1BlG8L z4g*1z`|N+9iXsp!()J<&BM` zE1qPo-OFbB%)XJ2+DAev9uF6>NzO8=EGf_H!4&_2^HnxmqD~_VPQ&s zYiCcaz0b}P+F-6o=4wniD zzfhPZCOR#A)o8KF99r}a9OCHtc=x`j=<{73+Taj6fUu9dDjA!yHSVIf8?k_0Zl}N^ zGQ`Y*M!{+Q$l#b6kpmp2&Uq}RQJ?)D zw;DG5UY5?*y)Wq9R~^IqUU!84hVfnR&nJIIkK1X_mnAIM-3oC6wj?*ah z_2W+b7%ZU=5oL};P}kFbc3}y~PYuy=`7L%0@@qz#7xZY;^}H(jP~SqBctPID-Y~v> zlP3}(|0=wE`uY3IMLGgQn;-+o32(of*Iu*q1bMKh*gGPW5N>*2N90Q&e=)R0v)##* zYUq!;zU`Dk78|t-!;E}M%jOdGzzaUeA$~ox_fL*QrxYLMuv_qZe==X0JjnO=TfIh1 z|4katOG4;-tF*Z%x$w&QI9sFNt9MxIzUG?#8RXLaClp5*?L*>RRkT;1yxvJd{FynT z2v;rgCbS8nRj3*0jLz8{wk6&V=hvX&H3Pwo-yeEEbkD-OL9y{Ewp-lS?FgC!c9%m% z&2Fz|HjC+kQO}Uhs{s^&6x)_1@$Zyu-uE_tSAgn*zGWee?vMAE`(juPJ^zoFjcT#Q zR{ISnP5!6dWVJ;d=LzK&-*3w zvAsQk0v*5@LO%j)*s7;D>VSSpi-TuisCP@LOuAO|-y14jsaSl(ZN(N_gj!YMFOlQg z41g^0eYsbiA{)&Gjs39;;z6x%uT_ncH0j(k%}#I=LTyc;l|HY)LdR{%6x2tr1~k0b z0Vv2w1Fbi+44g+(GV$oapgVqWGpnH;=z*3N{@E!)$N%jvEwk~Q>}MO1qh_<0CM#fN;J|~YHRjg=w3@9jxx3F=R+hO*1s$M4 zEK4zq!`7;n6wn{+^LG1}MX9Rmnud}u)G<+`#GnfET7&px_awh3@BN~2%R1n<#t|r5 zsvq}jU305+7+Y<3t`-zKyzwm0bz2@`vBTO%wu%N3xo^LU&8PC5Ud~!qZVWsR3&TgR z_r}hgiT*OUoVv5txBHbbkiTX20`N6Go~xLtP@$|OItB407W?(Ch=nVw={&o)ZI4!V zls}#B_Jw&(#rY(<(d_hRqglpUK;1KtS*=ukOAT_ zY1I~AA`6qk$Kt&l5sAT2v*vIs!#zj^jzjjIK=uLL4QqYjajSX-VU>E>RuFkq155r1 z0t-vu3KB^rM%xeaXf+~o5uN={s#~F~Gq_1jUhYoJp|>K?NUMed{zS5DmjA^NC}3?j z03E+MZ1FCT_oTIj1Tzsig1{O-WfZKf z5KkZ{!+t>vRl3j;c#z%u>r=})LJV+Mr>}_*qv8z}vBtJ9n5Fk|8$q+dB(hqBZo$&O zE_{1!em7DW42`o4sSD#Mi<97GYortg-DLOc`BhHB4$cYG0%qEVVK{*qJp&Xt#5kH7xh(Di`7%!oT7T4^sM6%r zRMYA-4P2O@+rR7~t&n!0SImPbh0tRY+wdQVsdKyi zWDtsLKMT-H9EWHyc)N4%p!eggws{aOM8mR8C%1s2y*~ECp_-ML0O3#Gpaj zzLDYpt?lYnNc8(p3<9IVU^~xyZQ8AN_cHucob@fxIH=w{$KQ*0LCCVn7YbZZum000 zLKLh(kB5kF|Flxm2}AD6aAmcwU*zhw4Hav7p4SiFx7*p7UVr~ew#)MXdg6d@AM&Oo zR}cHuppX)2triQyrw73rwiRECk3n9-;%A#&r^}JiTI%3p-Lm9GlYe>|Jp}dwIaKhb zA86}5IrUZK@Y7h7Xj@IRw=Pb)hg25_Z|PtruJ0M+uq#(SQpCGi^UXQ89~O zZsOuBMQoPRMc|P9G|zDi<8$*zd<4f|wF7K|Q0o#m7j34C{2>z__Hfi#x{xRU>inhm z<3-@)*v%8h7A*s?2!eUT9d){RA)i9T5S8?q1W{R^xzvE%&?r@mIzN~^p$Kah3tCV{ z(|JAkBj`sn7qX(=*7D7}mY4JGi{g|Ta!D=IoT@BAQbfuD>4nnIEP{2k#&iX4-Al9%YMBRgqb!JXcz zLQ}Li;kvp?nd_32V*Yb2+8ZOP^bOb?JJI(l)_FeDZrgU7YHOXYFK64I z|9GM2eP+6I8w1^E^%EhWQj5C&?`9Gm=oCFqy*MBct})z^l+N(DZL1E?v78$S?-Y~F z7H9BX*0F6jNv28+BG@vjcrdf#%5eF(G&wU(a`x+kf5er za0P>`0S}~Fj8{_orYx7xFfpZpn1e+RAAz}&lu{1--KpQC{ ziB_SNMSH{V2d0KWALvAAG}d>#{$kWw1~J(Uc{t*CfU%S8A8T@_UQ!r%w0P4VVu;UT zfkJ}3=xLNuP*=P)iDCV8RG6rUzqbU(qrjOO_VeC-TWioOaL=<&U(`A39mG>b25XN{Lhuv^GrWpYG@xb>S!r_< zQWu@r9xy}#>_Yc`0Tf}<+JqR9VQ}~${=f;je*uqHl}3ycVrWx$T;di#pJC3zIzjA5 zbnee06#&f{VZO9>5=$u58)Jc5IQ|iTmIoCJ@a8bc$4hzl&e(aTgkA57p{Zw@2fc9qXCBn`5lW^TIT;o19%dGx()2eo_7d3?S+c`xs7_m9}Rl@ zA87fE0pEJnA}0!O)Rr2i?&VA^TFYh{q#RmJ!4M%$9^0uABCA!Mb|(Rb+c~ndj?Q@9 z?2y>}xX=uU(@H<^AO@`>v1uo_uA;+~9(hiNF{uncD0L5 zt)l;)*Z}M`lpXjvcD0Yv!GuFdNU?d#oCWyAFftS{fT_QfQK5pb(Kl zsB$4>b9_=Vd5woN?Myq1{3y$OWSbqD#oM&Ths(cs7yHNwxYYqpO6#rY&97(oFA?3> z-ZMtT{H34M@1MVa@B7^Mx#!;VKJWXykH>v6NqR~)DpWJO$&xWRwW2@VF?$1Oi~`3rpAeiC=yPTLlBvH)6X>kK#E@ zeb}~Aund%HBSNu5uf$59!cFXnKwnJC?M6ZyahCX?^^M`8qHt|#XC@J2tI4DX3v8~& z{Q_=P<<+FKE-_&ct)tebRZ0d}qY#tZLyl{i8&uDyz8fPgAaXM(`onqcP3Tpo>2F25 zVb-^sUlee|t&r(*wiqkWnvz1rD^97TE8CCW)ADM_Qqed#z$HO5e*A$QU*^1>K_-KO zGgneQrlmUQ0GgI>a(o`GcXbQu6Q52qUaZGc^J>;5uNfKKNv(JJ(@)@(j;V+d8LQ;i zWme&sXv-}jrFimyFiZKBzNI|AWrlcpN}_Q1>n2V-6@{hr zynNOx>k{6UDq4n;fYF=E6hpUk#W-?fk0}Ku@C4*1tWO<)pRWXsH)w?8e`FIeUP3x) zIGd)saL+GFUey5>O2{eosSd3-i?5BvTk^8vjlI5jAFL#O4dg#M$h)h!+lI4n2%ZS& z&sKUP(EK>qU@yvByzi+A1t_74S;}s#PQCt1fMQ*yNT8(diIITi?c`yl(ukcSs@{wV zHespBqo_itHPS*>ME1g-WEuySy~|~bOciEKP8VQXZ#F?tjQJH|zw~!Ij+eFrmPz<= zjC3G+1%F&*1-74IdnxQvbSYvWPubS|m2Qo6sg|V+>561vRYH{=>LaaRRM!2)x-QB; zEk_#y$>VWcDk#&NU9oWg2%fN+bNoTGd8P6IBBNs`V629a&F=eQm)voZmV-Sx&XbkJ z6{uf0BshJJxUP1+PUYQq)itiE@pcdxV^uv*(YRc!@Q_EMrafBDw*N-ZXWGxYyj!{R zch+a@m)jQQ4aJbM!o+g6G+-8=hkyb-^tVv$Y6QdAFdlo3y1GS*J}Qnr)to1~?;~<* z#fK{^xFuwL=)522v796ZT9B-6ui$JZ74JLFIp~tE-mrW9fky-!woKQhVQ%Kkk$O_Q zWsd?0JXGi4l_-CoCqHGJB(7~L3R2C_xc@!;k-URJ%k4-*7m);`I#V9lc3I*Q)LPGw zw^?dwzt5<{!aVia)s2{?a=F_nu-4jdK5betoR=#CrQgp9B1rM~me%Dv$-qF{50H1& z2p)PZd%Frx@T&(twlNJB?3=9l^CAPS%dQL4`ihuZIk4C zM70%_hBq^Hv3E@aU8C{n^xS&kaJ6hh61$U)wM1k3F}HQknv0(3&s4p~cG4&w6i@`L zMt#}M6cpW^%^@IxSvQxjM0h)hXvI)_or~WM8{<)S-SgIhZlUT$G~oVKK(7IQIe7ob zV2R&Jl53*Lv!J>{wN-!|Hig&13XR5B1wqtBXvzB25RhY~Fun-Y9X^2E>`%dSM@@>f zzxIHaB?E7v@;z$fuM`jg31-jbse-v{?9`g?MFHQaj>Tp-rZ%x(djWhTqx*lOD&Gh9 zranqZ7{rJ?%N2LCyk(nxNNw7FZR3$?V7(Ek-Q!n~{8$>2Ws+e)mnm}p0de*LtYSd4V2K2+i7{$|YK&wArC(<>J1$Wzzxeir! zH<{Pg+%vn0$YiM0>wcXx!5hXJ>eheAMUo$kj;arm@X628k4Qhd_UDj#vU5p~>5uia z6-0qMg6USX=O~X$(Hl%xsXPw-=v#T-bXk7XD%Pf-F7(yu@wU_SjIUt!#vJ30MZ!(8 zY*L01pqL5n21%a!kq6oox7XY3iOiRcx8|WxU$xv9Xx3y^4(Y#yKE!_qamI^0f+GDpH+6J~?@Qb}@*T0E+kzZz&cSC|WFm}oojQ4L;#XGcG zj(o35_uZ`(WHI*FJmAb+5-=+_PL2cbYBx&);>+($dx?<4WF%!mH($M^+<(6Cxmz67 z7na!M(HzDMB}FQ1eGkoe)7-!n$$av#wPil!{`~J?w#FZBHia*kXc0+j{gv`KvSp)j z53AP%HQ0eHWZ&!%m~3U<-lZ&1o}qS~!Dy zkF1bMLW8JgoRP6LK;(D4X*()T{Xl~p8%LIN+U>^XJOEPFD3u;ry*pc4SSFWz>-}b; zF@qZqe}ft~2?yg&CuRd2LXh%hnMAuiU*;7K-^BP0R5p>&%#M)CWC)u01Y9A`c zRGVgOS;B07dVApb-N9EjVh$hJA1fE#tIl+ay>^XSJ$8Y%+q}a>4p5C|JNJ+mr{{b8TB5(pP@~11T2Pr2Q-Wq53rOz+I*>KH75}9TZ)!@MrHA0 znfE}lZ`Zsi5iKOP50`9}lh0SW1F9Fs>*+5&>abjuH)!^y0<-_JJe%|4+`M&f80Ab) z7VuVXFznP3U?T8p_5Vv9*ecx`mdvsGQhe zn6C%CAm#=ik>;o>PMuCm;7|T$*OK;zz!&}s0;8bMy21Z#8TEZID$~4odutb z$w#$sFaai4Oy6o4s9fV}_`Lki!}t6%`+KtcU@>3#O+G5&XxH#`0vl8WwL)T$m zl9)#u{^MSVzf+HJ$(Q+G11TZYj1aB8{PM5Mv4DfsC;{%s16_9P5btO7YAQ$itP{_B}4W-r|tqXllR z?ou%Ima$A$PiP2O>1f}cC~42~bTrE5qJ~NkJy3abiHxLCmNHlA|t5Os^i_nU2sLDK;0@ zR=oV4?lnQ_e(WI78Jy+!;@vx{O+{Zf-!~j~0pdnx?jfv*r5yKx8rbiGMa9Y*>l}A> zvaL0aQFFoBK!suU8NW#_>}4&yqgd7gw(sfSXrF8=JN@7b*|#;AYQ*AkKc&y!0r*_I_A|_MKRtxJiC~S z2s58yTkKkVpZd;9&;8xe8f+tC_jgo5CYMxxFzk4?Qf%h&@f5f&?ZGe_I`GRf5D!W@ z=yI+(@7#ozxiJ87-N9cbj}?Bihms`~X$L;?y-3vk1W`QSUXyL+Wowjx*W>-yrwdBc z113@cJRVc$)t@k*KMQ z@HtY%!rn=0zkDA%qX6$Hgr)OsPx>TW#rRuf2A)#Z>?0NU`T_#&n_!DyR-a>>C$tq$ zbt)f-S-_`i^EuW_XI}o{bMkxl!h$qG0hh{+ry=q?#e${mh;0@SGAOEz&d|2LiuwLetul1wcV`*a( z{$o~ly3h!2lNc;2F$QVIMNfEm%f9Q#Gcse8$>9I$N3ymU#>Y7mB3x2u;eWKl6P)Tn z2>FTXjEd!>$1|{M-KVn&<-M3EBLx4rJUG+#EEHo54i=JdqVyGg;74D*e2i#nlVDEY zn-c+Hv217V_3jSK}u_5 z+pNKZg4o@&9b_83TJ=Xv7Zq2)%J^z+*O5Qs=t$NSJo%VcY>e=1g54ToJ&ypA)fMAc z1Tn@NOus2-1)ud8EytR|6Hq9W`|kW421fu?{uXx0 z^ldj61C<7rF1~8L2r)@pa~fCw&@iJCIiBP_)ov3$HjZa9cif!%qOP|-2{)1>EJAsE zYbzhN+-=%>V-SQCvvBUqD^TO${=PwQdq*@y$Vayi`V{%#nEh{Vx)~XVW4u4!1l&q9 z{+{&Kg?7q?u1rO=C;aompz%oRa8dDDZ`y;$(=_e+8uBC*27Bz1$}Ikkhd6?gt8#g< zw>UUqoMZz$=ag1`?Qrk0cT2fchd=Ci0%2c_wkd=k%BJdTynFIk)#|tpINnG~BjE~c zM@6M!fP6DWPKnr$ahmIkrB&p zYEs5$4P-N~h4RTXP=pp&&b)N(%a0I5jTRk&sSW(tnnHk?r^W(!fNb~a9`XA-yMLEC2 zGJ)TNe9ESj!a%9$~^Wsdm{kO^$ zdbDLlQD(ve9kb5reey96H~J@d)y~WG%EmotZU@nMot#Zb`|XVxPM3+jQ&UoSRta8MR~x(lM2af$qiSxNq$XOnxU@ zy(5j=tKW@hj8&Y6?@cZBo<0$*1P?DtOO|HOk0kwe~mKLbG7 zCEVW!TWpe9nmV7z(XzCh-?{q$Rh9d=CeneozBj`OpflD+HI*!-9unp>TEbv$L165O zZEaece6Ep_o806U`WrKfnMhl3l5t2U#aK_;0}~$w2;DDgSf=~0bl=W(RY;8DnDBsh zDUs9wh12Cfoh4EAwO@s0kfeIPR)%$flPwHpB>%y8He0gWm**S)-!&xtyCHIR6S_e` zb!HyTJ$CPOx2eJG&qTW&WsB_o)uD=`qBsZok`jB?o2}Io3a4FD2R(mUqHOi%{{VW+ BdjtRg literal 98946 zcmeFXWo)HOt|*#x(qX0!t}rt*Gcz-PX4#Vv^d(NCKy(gU+ z>HfS+TGCflcDd}bU3R&`739R>VX$F9KtSLnB}9}!Kp+c2KtQXYApZ2Q8?_*TfWTo` z2n#Dn3JVh`INF(6Set@?NQ5V+LTV_FVhkUrpa}`ViU>%Z$j0dvJ;pfKASZz24In{L zxtb{UHs%rqpzEU7R(_3ZB*@p$06%w86frf`r7;jZl!ZCD>wMpOJbFFa(x1w5y7WDo z+L!>z1x}+t)hUvKI6gi1oe1EY87VO(-a`_6K`Z?NmOE;64Bb(X-`B&Rva1b(yj`sw z;q+d=?Mpj`YYV^uA%StEB9F}md*%RXA=4(9fb^SzzJPGL{c7X`si_L}^@{*WB&Y6} zmXTa?UE=^b+uFA}d=L|=NKzR{0l};s%^tZ>4>a(&%4b{v{w=}?;2aJE(h>1Ml9RKZ zkXnf_v)Ct<{C(T8IOf=-c5Ya6?VBXw>&-3rYK6z=vHjasLLx1;R|sFl0-T{jL(8=N z#)Ii30y^_TOx9kBn23;?|M&3W_@~Hcy$}itxg-9bsk>lf2uzSJYlLxnG$vf>B*L+X zyOdg5X^QaR4Nhx-5U^;eVX4ain*oNur7=GX%*SHgEsmb5**eP%e}jy zn00^(`I=TwWUOBWNGmfvHJQrMXDLHJyU~O=MFfTwThJSwEG81|@7@Kc+o6|W&00+q z_+N3Ix6DR?g|!+)?DUM*GB}}U$MlPS4lQpS>1J?KbU8px>u>^YsiRn%eKSZg>0vDH z1a%~4jP-0p@-%1M8uIjtIEpeKYmGR3bn3;BeFC_rFZ?~=L>kJy)^X78cwq2g*QpJp zAT@qSgJ29XD4 z1_AnXkzll2Yo?8Y-)?>k29_ky)NR+hi}v9sF$;2>_&b2sZ58#Md@$l~V3xb~c-y;` z;#&@5wUE^eTo}rCILNQCLjvFR@_;&n&9!eg9!B2VkBVmM4C?lAWfFMHSKODsjWM>b zhQh$E^7uWCsB4Tha9k1Eqq6(3K~T9PS&c4MEEr>_gGv(886Fyd;Y~DYq3lP-y5^g9 z@6Y@{rV=QTq_)^cj;AKS(L-&o26zbRd5ZDPOJiCv_ zeQ!n{O15j-Fayz%%42-bj5Y=788ru)3GH5m+v+)N#PFNXwvMk6u^RA=ta_YfKNkJE$+x7a~C#i7(8%rRILPrJe{HASnST3J^;H(YY|zknKHu_DHy2 z;djtDAn5{r=Av$ZKkjavfYJ97U_uZ>1;im?3yHHJ=?*~E3RokX4}jf>_r(E8pd|(8 zkoky&FbKxumDO0a2;nI)lEE0#L1&jmZ7*z(vTuEr7TKt40H6q^}AKm)6>)6 z67?zPk@pGzUi60iEPWe$$giYYdZeQN%eg$PEu$@UO{P=YTe@I2%0jQfM2pXcwKB!^ z$3xhIpnsJ?5mH5uqDF;6r9$;g<+YTe+^oc`wnMQ|o>A}~+yEQN_I6V4nnQVA2bLSVA z(>6dG&nA4Exyz?XIb&z~>V%XTwUdIpG`)m;VY70zu${=Z2)|sn#AnTiFj$0typs;SgegD@GmypM(gQ%=%rYJV7MyyVDHbyxHJ=+a~w?2_gl9j@l!l?s)%E^U! zmgR<_`w*z|q>oR*gcKMeJ3d?vp%+BfWIS~s3#h@>4bh4Yu0&Dlto7d4yu zn`R#xQ-`Rgsm7}YF8&-1NlYZK&fH*o{@EDl()8Q*?3Im*jgU>0O_t5hdeUaKX|aj@ z9Ow$_8hL?zp|`HR;&joxy6uq59mGxJ26TAZJ2{|m<~dloGC4`wYZyFjsxNm+x}!Rl zrUU0XbdBvWotc9lPMS#~pTy>h;~G4L#OKfgY? zS-3OtSaRpPVY=RPzqs+dv^mN?_3n91j%|#cIS!ik(pTRO?wa&T)6dl}(+};A@Xhi~ z{wx4__q+FN^XnA|?RoZ}6b#Cp$#oHI4r~lu?QQH0B$OkB71k0i%VW$_&6Dq&=npcK z-37W!JiS~)B8wrvg@s5UVd1v&-5MrIs@N{rDTgZ;6syU5W7wc}6135V0GO%Gd?)NH z^2e2cJ%F8gH&p-%!R-JyFQX>0~-G3eyLqEoI0^hsm!b0U1a9Hv0`- zrwH@X#oHN%OvaZ{p(he9_OSNc1QbJ=NNz)Y)YVcMRtQ;=VzX;Y-JHy`- z_6JvcPLJE1##^W7H|EFY^$Ocds^zbyuO~`JFn6AB%iXJ)1DTr5yQU*1)-qW$vg5ot zLbDPRoD!=0ruUksmeP6MTvL056o^hnT_!ivxGCV!FGq!M%??>Ro$oQx%KvVcG2P|_Yz0dYEw!}O83JO*R;#)Sn@dR zxYu%Mb@g`7hC6Zg=j>bGQvnePbQv+Q^ol2FvxEH|^^_4j)CXu}44Zc=aD{ zA0N&mx0bceRJ7amtv)lj8st=#eGOjxrviN-aS$~DYaVG1E$2`iL|nJW)s)>^T-crs zhiP}U!o$%qcASFzidwM?(?9X8M}Q|5GM49DSdMi?qm`!vc52-hyhU#1FAZy_tmYKv z5z|pWXnD97Xn+8YRG+G5Q?>E;yYOSX205FH79`Kzxk10kziJPerz`y6JCIx3D|%I0p43>TPeN6F}ysthgT|1iO9?&0lH+3+1yS&*|cdtXD zLcZ$3>c@6z{#M(+*m8Tg(hA8B0l*)_#dgrY=iV4@iyz0@2J;-}xG-?!dIuBH}O z=jr1|9Yw{!Xb7d4Q2X^p6c>SBo6&?;m;b!SK-kOZI#)^|0clARq!Dk|KgC?x5${h&n2&FQ5E@1Tb8Mg;2nF z1tSP5DmS<1#~GewEobbMlgMOiyfHLAu09<`!I zfKpjR80;$^R{FNn=fp&II(I+Z1i_M%JG|3X>oLzU=hdtECFeBf^eh}Ek`)LfSr2#` z2&%ys89!(S(Eq(*OSW@p=0OwlZvp>nPCp4h__^sk*6aFya9t46@$QzIx%=8~g9H;OZ``_UEZ+aPv zWDwXOUQ?&=zbok9WgEz%5BB%=|GK|B$X~4E9-!1P#{Ne9f2V03cVzYNna_W(hDYd+ zK>&Kkgwp>biT^Po`2S}_|F?|j8p)sTI;R%PKax+VC(!p=0gL8=U7o-lZfol|bX^@A z5$zkhd?4umufTy0;2qjoViib#cTRqxPz|Avcy7Y;ZP0twD#E@bh#_QQPpqbk&M|>* z>Xj-*83m=>o)x2u^UlQS*(B*9^`W`^4qBo|c-LM=RNu97#4nD%mU0&)6pD&G_x`M` zE)7p@GLD=XNt6N?M--ad1hYSr)y-XO3SL;5+gEa7rJ|PKJyHMc|2PMucq~Ne7G3qZ zn2`(Ggpl><&}BdQ@*+52)*0Of!JB)74yEIt_Y2MbrBoI>MuB(+EaQL$_}#~!(44YX zS-Rh0QoaWtDl&K|v+5ZC){hI(0*MVR!?x4!fgNOs633+*qy(W?p<(&A(EEvJ+dClF ziM_2DL^zwB#b?V|_Z=K}+CQ&w#wDHZ(EeMqT+hV-S(4cElVtaPixyZGt$&_7q=M)= z-B-79r!srFiNBlI%$GlozU^xkxSIdp{MDpT?j0sj8Q-s1GWb-%i3~ASy8^U9GTDjK z=?s~9wkmT&G195jhY;Q+RTraRWCrhI?kJzt#R#_7{ufx5cB9&w;@k2-jOe;8yYj^3 z_1QY2YC9rTOjE_A{^!nDS|u{x=-SbDgnRMuYZ;o|S>Ho>qIsLZ~KIp6Yz-MHfGNf|)S8RwZ*%UZd>ue*KVK+xOX9O*WZ7 zUIOmqmcWPnC>yGlDo2EGYssm)d$@JkdN5}~X!r0F-9Ei;E5JX97jAkIdJ&knqe*^c zgM%C;*fMB=&d6iVg>IcCD!S=fXt)we#a#UPX@Pm0(yQRQM3k-Vx-m%mi_-n~SwWQ& zdG8J%TSi|*ONyvA^w_K(KzTjqavZ!L6Cn8Ut$-^S_^^O~FHPBnF)o`v@%RJY(l>t;}H>po#3qZX2Ji{)@fakmK< zqF%P0g;01_BPDnMs(HfC6GR4HRyo6{rGoN3l88tc1r?pB`~ae)?24c%AS3CSxPl1W zW#rXXQa-X779r7<%4lL%??rOsbff^Fw+d8yi+v^~^g71V1pp zxQE(92uv%E@uhbV#+c=h-wiFKpmk0>i82zn`8A`LK5+v8KjM5-)86u18)y;LB@zf4 zgPdA$&-q%fS(Zz9?Riak*VReuHeRoeFwFeV15JS#X(Q*H1hGC_Bzn@0gpTddFiQIT z9jDA@yt;Uw@NHSem(~b1apqMGTU3ku$!u;{=b7^R=fyV)n#!)?3{EN?oGqMe%h-a3 z4nw^Deq!8kl-O)qTEYGVn!zCQBBQ-0iKK=Pz_S&CHo*Du2iupMPA~_KN565;Hf{9j zQCLCe2K+G?UH)$Z%C~GP#I$>;khznGFt{VU=YGCWD8rI#rLtxBP7cl>)jQx_D@ zzxymD@c5?w+GW}tfkm>nI{U znEkQA#Wq_&pD!7L(kB_{W%wP%n9g&PIvw{4C=26ty+wo>6nW;itOk#-iIb6AC^UiH{9o2VlF75`Gojg% zlO&BD<_F(LR_uF}Ql!0*)8albi8>>1Tpn07x)xhVN|D2L8(}Sw@pAn1HUnp4s;KdA zGu%FgjSkLN%$t1$6{t8;UNB$c;gkEG^FIv&h3T!eg2dg#Y&4;>81y5UHs7m7u?tb> zQwT$JIO<3Q?BoZHPn%^+= z+jpc8o!x!;kdtEz*M=Q24e9k$2J5M7_nT!^Q2t6nFeB(nRUJv&q(%6cWmWGgaZ^$C zdEb1^*}A+ZDav2l`mmG043~|iPIRV&nVt^C{<2hWJghXtwQqV2D8G+K1u{8AWD3H4 z!sh53Wv`giF6k@Le0O0Nd{1^hs9v}^SqKX51$yyZA^)hl!N`^&_53PkvtxnzAg_{c z@E-i@x0#BQ`lgHp^uFs|6oE8kI%k%ksN5Ixc*Si`S&Kg|Nj2E`uN0t%8GMLVNBI4{ zW_|lSU5S@u5zI9qX|Bc zVfN4C*g({8i5cLPV=-y588cYyqE(6VapZO;?;ZRi=e=_=57Wg0+jLZV7UFdkw%>`9zYvH6^rKj4)bnNZGjbZ){L@Tc7&X`gN|>f_F+x;%dH~M z+cAf3y<`${vqrTYC**f~HtIbpR;BL=?Bpa~Deb22`_}1}dWy@}kZD}Zf@o5J?pNW3 zp9wd*X)kjtJGQp$F-jA+WMK6fjBABwu?**<0cP$fgAD;>T;XtY+Opz<@PD*6Y0B%b zgl9+bi>G3nmT$dyWG6yUtX>O1c`rajmOA3@dbEq)q4u{dW?EJlg=IJSw4QK%Ah}^U ztk`Ms7#fe;dm@B%1{pV(B*rmLNJcK)ikEF)w@eU^sJDmIO!wCnHQ5?ta1~@ z&95@f@PKOhF*bVMd$iRiWAlv#S~yUX^+?Gqzh#tAV!I0^8l`MdZ_!JyTQRH5)1`ba z+J_u!S3;XTW(|IBMK+N$1+hTVZYr9-$CC0q_|ss)$F0Z_0^fncDZ!BLm=`=WRA-C0 zH{4ZB-HtOClf?leDN8sZ)M8_YUBQXwCO4%Q#sFG*{gCFWct$M_izc-hD|f1|#F-{h zON4fdJTzidj_JUOh*-Dsv~Ak;dFIT zH9I_^VV9wcY2H(4bR#)2qZ8|~Re%|l7|!p-Lxsr<|T-K)`ziEMqCY{4YD@K}EEbB$Nq#n1e(pvW; zUxaB(h1JN_$%c>)zy0flC%C{oEokL>#UOg>FHgudvEVRlOe((MOCemWLRG5EVv5IG zFc#-*OghwIwr?A*F{6%Ty8N=7^tO9NXsGIzdXl58RNjkO zLN1L;nL~C~jdLKHzMrnL2|r0weLgX^%Jhe$bSRc&hA{!WW%XFmVK(F7^D-w5eJ}Aby}I zO*#vIh(Pw>Y|D6)og2=GQvkmmSNkCFqc9sE{s++e0-ZIBhZ3vsqHJ!ABRJDji+)wQ zFsj5!TQuk49uA=+8$kohFE6G=6wEMqQ)HlDA_QNr+eQRVr# zqIl*Y2yFMZYaTF?u{sa+jqQApZOdQqo2aM@scMTv+HAj-7rP1d`sx4ZhNhp?H+8u5 zqp=?S{`S_wNu1o65q+0qXS8?@X)PYV!+JpsM&TpP4akmsNKock4bc-;aAp69%Kr%SwTHth437NdLYR%+yZA;dTiogo-ktT= ze*cbUG|Ue{JLzuq{WwpN;=d!C>IlD`^30_a|!yEbEXA&Kjxi95`>)a4q>=1oFlMfpx6)(5g z?aOw;+IW&RB&Ye~ewc`;0lKB41NK{6o*ueOwUddO`-FIcg$-m5Xeq7(e`Tv4 zjG&DG4YdpgLK@!O4kJatbg)_>IG&o)`)tTW;cg&qwnOx7j|nFduzS5*jjZJHQD|t2 zoS#@=azCGtO&0bDLRs7hzUbAB%_gju*5(kpaHl zGrV1qYP)p?Q12c6$FSY7XVX52sqGf20j<^d$YAvtbV#Q=IVZto+D>yFr^!|vW zOfpM4Q~lb1*}YnIYQ=Lo)ka~3m5flW$I{kLi*=kVD9=s{f6G9z57ZW}Vu1_QBYfOj z&J`yxpkNUmfs%x9>i;21H`%Z}Kp%7@=KCkp(VBRTvMsl$8CYs$`F(^a@WJ$xYm`4i z?YG^-rqu3M{7bpYcvD-F>b!=y=V-QA>XbIVgX8w*#z?2DM2(88ck9KwwK#QuII1&$ z=&fuN)cwymb*^M!|gS*)&=gRBxK>!?aN`9DfVOZ29ei-GLjj z(6BY4idhkDQPKU!v3M(%1Gmd5S3?vJx>h#{JwNYGi;l8GVK(6FC-ZRyR1&jj-|2W-1B$cTJ|V+l(g#smQ16 z;XD$k(6a*7qB&5z6DRft?W=&)&nfa!l0avJW_yLRzJ=n&Vj3Ywica4pw4Fm%_~u96 zQEeaC2NUF~alX6kGcm1NG#hY~(072_mMilYi-GQw_tGX5{f|c*ler9qBcy<*Byc!9 zWNNYCdoS>PEp>qwS*`i*I$nH&b`=k>G$*QNx`!2F+}`LXF*B>@h8;c zVlu`19$1A#e*I{bWo;~hSk2K{MD6{v(L~;AlRx7l(GM}BgK{&N-V@3G*|w){gl}rg zVzE6d?c96UOD-eoryVF57C9V52)f)-g})ckIn+F1j;o=Rt0|ypro4kELby%}7n(k; zs=~JBf1^J?oe|%~$y4@uajqiS3hCL{gZFVQ=GR;&Rmw%Aov?T+z!oGple+s{a&5fa zQVc5Yn?XSYNh21XPq++8WM1`6_~rpg-X$O&1{o~9Y-^4#?%z$&DvRW%98Ny&d%#)uxEMJK)YE4Ak5Chz~6+*||a;^p<;9sM@JZJu;T2)w} zj*GlvyXCL^Q*FO41DfPJz`JenE-WvL;6t}-f`Rj&PAZ>H;ogDOY*A)Vp>eQQz74<7 zLfH_fLaLX1s;em;KfcY79q~UMM*FTh?`Tsk0Biu7pr25yJGLHia48?xF)fJfG!dc~ z?eq4d>A!P3*FnucqN!OQ1=AWX@VxOmMhJB6XxFEFGC>*V;@b+0JowyJC4o_FH_#%~ zo~$+L66Rc&pgx%g&B+wsU>32 zwhk8peGR}9O5WfDm2PY7_k@&*=gC}3v}Yna1fL7=+Ct#_BB%Kx(*#~8`2{aWPU(&9 z=j3E^J|f!4$!t*6x}MR9qNUMS(WE9$A)sI)(fFY$!5FDMGVt&=HPq307YZ8E?)R)D zqHFhkde-p`8T)H^tU#K0`Ju5evWb47RA;WN>7V~xqfCgB(mmmTC(2(RkD9iaQr!VuHZ1mX0*{(_O?vdqW7KUugo+8a zNm6~nKWpWg zzh8wUD0()BmG1gBOgW0Qq{$TA)xJen5xbpUUD;?1G)m2K_Bo95E9onD1Cm0jV)Yyv z9vpw{-xFXE`Y2_<%3iDNsM+#bgnK-Tcf7Pi+^ge$oMIxOiy2*8QP$#6V$2;!6Kw@;ca6?XBS&JUDw`OmOw*hk~z7%&)4__I_FTNqoL65-hxml4`;bM2ls3MphO!PrZ2N@3L& zsSb)js<2%Q=T^beR)hwUW=<8~VEhqe`CL0Mhui>Xf-g>Udjpei?CKhmeQf47RkVU< z7^qsW62BU*2%LK;;78zprZHW?%g941%VJ`oh9)U4)F#lmR0Ng0^V4AB8%p6|CWnP9 z7V9SMB4HKc04QrrKQzuu*z)J9#&o^8HFx}_DfQaGL+U+_RPz2uow2G|jy zU>R51>*MA_CMN{Dz_h;>T^Vhp;bMnht}s+&bk}+W;tyq}$A%+@za{%NT=8Yj@k%pi zoFYe_7dZ{Q{8myOK(rZ@)9*asQe=%r(hLY3E=LlzYI+1<`on8a91kYHj?#27E8$Cu z9xQUtI;lVoh){6(QYwm=knEv|6WSdbyAQi%c-X+!gGiwU79#gwFFQC5^nyePcZ~jZ zNjoVa;Jhd+rb@Vw^91tkPF|WD;qy_rofB5nxFRiTNpQ*gnUL;1b}68unBC}N^7@qf zi_iNN3VEsLru#SBwC*p9fv))(GV>1XcV}4btZTD@?)ZfZ>zPmG>&!IYZrs==pdN zJOiSSEv#vBoV_vW!n!y$D+Xm&ts5v}ydSotKEB=tt?hOmIzx1K<_rmN-*X^|2n7AY z=-3O<;Nyd<_NEmzN7%d?>ZIDH6r~>Z9;7B7MQj_jnj9(%Z_HGRkYmf|xJv;i%E^#L zP@s;dTj;YpBQgh4x_*dNDk!|edIGs{rOc?{DO8-BE?K1|nl!wr@l6X~li8DtWx

&}nra8aVY`ocTStBtq*tl+3i^ zyPuA+Z>3}QPt!YR9T0eey!1yQhAfIWwybC0j9*pwU!rG{$y+knA>789#}4iOs<8uS z!TT&M<`0z%i)3lhqQeAKHW&(zI$}npC+az6EgFbxxSY894)~yyJ8B5;$;lCit4w`| zV3J+ZgMWLPlZ$861qDlH#w#*P;4>UASX$qyQ}brnW6B`cPo%lvt=Id6k$N)mzXB83$+5(>eLQiFc^j_z*4;H{S%4!F-IdT zl0?1+x}V|Z<_iy}rCk4U5>v^uYjQIy2SNJxxu zuw)m4Tv(ja^?LndV+7zIwmd_LpT8qI+^(N8pZ~ZYXE^nz2&*eKBqLXxY3stPb5QRe^RVc6%&~kArm4p=a+3Ll0;j z`Gs^-f~8BJjjVcCS?UZM{Gbl9SD|-aGj=B$|7%ViV;c;omAX+lPb3?cDYls$7A5xP zZ}R$^V-LH;q)0hldlhsfA{^r=HW(`@y@XlD7Swlj=8#Z>-R)0`wvp12@ft@%Lz)ic z?YW{a-L5I!PgNW8V@g(|bbfveOk(q8RWw6G%}WMW4-QY_!aRmnw*_Y zOIH0b%|xa4<<2tT1MyG6RXx_%uiV9|a%$7!gsly`ejI%20by^za z`(dxcOCP&JDv79oNUF>ZrTJ1c@G&O)1a z(Z^?&Wf?W8bx-JtjBUjnPf4 zQAfp@rokgnIzIQ<6zbAeVCFs7(TmZ_suDN%lwpBKy_9nqy_=!J^*LsfV>aloV}CsC z``m>1hJx*OIGJ(7E=6UgHSf=+l(h3a`PkEIYzgKGO5hi7Lk`Q|I6$@X)h4*XV3Rnq z><*xsSFBtiD(ew01XJIZ6mOJJ%RM~YRFp%aQnTMDZ)uES0w8r{MyIHFE|%eY3aqRV z4_;w<-;K2Y4lTohmJ9qVwC(vPxa_N1LLB~0R4VWwAD7ZO z2|KX;5bN-k{jUcq4H{o&i`{@3G@c1&XJIh^|+^38r!$CwehE!}8>xwy7 zT;rZ9`eNFafhRwKJ!g8@*DtH)6qMXx-6P;KFL!86d=La4M?B}FP4^vtED?S}4i42+ z6~mO6c;5!M*uNvY55nMlfl?w2N>nI7CF!`*OPZ9m56}NA|s4_oCFAGh1i#^CH z>UHiuU=!iYX?N*GQ7T0cSjL}!Nfsz%5iUuQo(LSRA%p{N~$X&L0tO ztkKLp)2vUk2eBReP^7QfbT_d|+hk;+);f!s-D!=>bW5s7r;j66CffjuHK^fRLPLUR z8nCIPA7eECdjV^602$>1iKxRYb1&N1rnBgy^_O58ml|eGp70Wr`3qcywA*JF55(Mi z01h!D|2`{PxVi>`QtBrpR%8hw+X|=Ts`L*L?ADa5r+Xoj%au^2Ukask^t~}roN2XX z8fYl-EExGMxBV-%#ITy%s$ndpm9lEk22Zh%A7?j9~= zYUUj=i+0t+>sA)KH>1N3xTvEh_K)Z=p*uy(gzykBI^z1-81d7$mB&=sx z5*2y=#B)Gf#wmLYQu@N{m?F!9RS=9D+`#cVfOR!ux*hX_bpd&)Me$1v+VweOM!I8H zh}ix-P1;qEAQ%;)!vky>YH{C8X=V4?gj(&Sy(I3&75wa~--RKkSfsXXvA!3Ki+WP5 zYfsUuWD42$Q8@(QfGh$4pFLW~ZQe!P_b_<97I>RDqTUimp}~!wc-$?;KjB#M+NWgwkHUy-V2Cwy3lWj{``K%3-2T!t(GTgC~!`2$6 zP5ddQB{M*%@<~V-lIsoN!;;vNmph(eXceVq*46>}%?*e97k8rcHFuJDkxfSUMwPg@ zMf;1>n~~`sfR;8p&~n&m2}PTi9(pl*-ZPn%!13WCfR(I70Fb~f>kOgc6pM(AG3y15 zYjMhU7$uAI7lscnAk+@BjHSOU_Bt|}Q7aERI~G=2Kj@>JXlkn%a$5TR=8-0P_QBbn zY0I7eL=KG_B9JS6RguZDnN6q$Tp4MrfJ_^!fVMuxVD;d&_NNRGO#w=3ph2W{SujHJ zUBBi*634hfwC@+qgfFvx42;lR=@v$4|7!@Wu^Xj|;Vb`AxOU7(^6{0jK7Sk5FUx{& z9@tWmtXlJTake&5Y9uY;aP66-_ZzYAW~SX;Dz zSQ6s?Gm%LHLpg>+81JLy=qVA|lR6HN+h3cH>2)?j3ZuU|TfOkDh81n7&>urjT` zCf7ot;$(%7WE!z?G=%mjtQ52OaGfY3{o`ih-ADkqmEY;{{YS$M^K%n)rAJ}UrAN?T z(02t)Y(~Xr$!?Pecu- zWpPD8$Vr10UX16FY7Nu&?!^b>rNF)X{194>SarYp)wo-lRg4Q8BiGlFjKi2swg5x; zIeCZy21X(uxU|IP=tj@7=3-vcjT@Hph)F~tDLd;~!NCoIwa0o3txNvdTf7)Kp!t@6 zZT7aD4>!j`50H=bMBp?HaEQuc9F7^-n~<+D{7s$4NEhDG%nf65&!o?e0WH03EtGyu z0G!9jMiYNK_?oYyIjkAqDVfQ4D}%fpMxo^xDh3sQ7EzN+03Iwxz~=B}F%$0g4xmQa zFHbrphlWM3Kf;mgSu-j4X;Ixt-RUzw)8bFiAQUb)Zko3Mjj2o!@6?c zfl4Pbg8rDN1R6%~^EtrMj)Y?Vi3dI80j1a{U3Yun#lP z_zcbXiKrEMqrLm^coFh}0KukVHU9d~S~uVeUqKGzq@(MWDm!nJuWzjNz|!tqN|73~ z*`iB(gU?S3rD(eij^83fE93eFY}LDzsv!Zi2R5QpBvt(uXawGw=0y5~MR?NK3-z|g zuJhQ-e2m@AXh#O}kCd%7Xt8c0>)XSe5|YeYMq-&_=4ZET95U-Cfwp_cIQ#;9)2yYN zZEMgjw+gR~)(dWNYfi_9xRzVmSGgwYh|igj+o$wx8LNgb4Gq0@wd$Cy9U6zcV{ESx z!I=Ys>3#9-V(+tT{!GQiP*!YNN<*c#>Q^gaMypdcyau!1of-upzh#gtef8+5TKYQY zvp0}u1eq|i8<$;MBiOZCZCg}DLU}Lc=(H{-+AStN8wEP-Z&v(}2}bX5R2-L}1AgT@ z?|>nX+bLw**3G$IbC8ftCQM#6Hz6(Fi^_zTY|e9(;y5Z`evVH2nWI>@Y1jWaBseZ~ zr6djI%r}0Z2#OUa)mH+pDqys)WYcur3vMVhWE-TUY&2p8@IeH@L|LIQe`zGXGmh-%(L9Mi~HB^ z%|wA4%?}gGP*fL#IAPeR(YD(6^HiXkQ+XKA1W~eCl#iB{0uYSXKbUUfnzC2xP&4V| z(|(TiZ=h?IYu2Z}&o4C9%EfgaK$DPeN~1pOF|M;$pi(}(%gmb{4kheq7_(=RFn5p# z1grP|v|%*-9h#OcHQof#AY`fu4RZ^tpri<9_bD(ClNFMO2{7OsogQwVMs* zi)mM0W_{yYzayXo9TwiBudsZAQu9h*^Ur?l$8JM2k4F=-ff@!xzc{jLCIDx|0(u(0 zT$$+gu1%DM<(f9$t0tGuc_k*UbI@$nj2w=Z59MROZuY^=39%v=Ku162G&mY!d&mRFlGYz?lC|4?)>LK;0r>QRF;Jd@ zPI!LM9;8D5CJX%DXS`BlFH^8s$&s|5TYpG0#Tp{{Mw~z`=#9l@3TT?SsJxi-nb9TI z@fp#Cs%sX8=UR=iOWq^m4LZmZR}-)L-2BjJHAq_#)U2}!pSL}4?#L8H#A8AViXI3_ zW=5{WokZTiXV%lPbF?60ObD&u{#xPx8eSF6YY7G^;W|0URU4FnAG^}YR)luYwMnVV zf&5q4+!75k>1c~j>qe&c4*I8d0nt|AV((Wd<^oEWW3NWdPTm^d6&53wq@$8Am03xw_UgBR7~`HUI0&_!2zUy0xG&iB7i7I&yd$dHGd z{-}Fw41lhEpAD~Z1;|VwwMJfWLu$U1*)(#o5!3$EcuCStpGA)ZvB8D@3jv+Q;OTM0 zql{nBDw;hn&r(?sn`BiNc;C(|LeSR!9Z?l9pgpx_HMVSM7w+u+BDNt)*K|Rx)?}v* zM*JM@VNv7%rsb_{H(mx?^t>H*m3ki%p7eZ&vugkQyKXcqqp$eRqg#kndotv;T-9^f zX63KR6=j;*-`z#c=4))Oux`5ouj@dvBLgN^c-8N~&xhI>I8CVPhUMJwHen12tH(=y zcUc{99H3aGQ}6kQIx6-BLnOHg7mWhn$)zLw!S49!&L$T2v*NBZK%SI_WlI9jk3#%7 zB4*RMpm1>YU9QFOF{!U=e6di5wfg7x9o1v-1>IZ(0r4uq($E?D6;92`bSe%dx@fIk z^K1`6CaOo`>-x98f&x&;p+BV{vDUZAf4+Q85SW%YZLYN5mTQ0S4A@(JjR3lr*5m_| zq_37kyLru(?Ud6!+Ho!CTDnPk>=lG?d7mI7gu)sZcTee-?_7`#mBI4 zZWi+j?gQ4@a`V1z_EXR;D?)Ec=-oqj^d!8x=};zixO8%ID>gJHU3dcIt7{wVT8YLs zEx@>D>Wn`?p$HH@x&l-+5w_TOrfOr?H<(v*B(JRFjgN>#JHA?Y+mvU<-I;6wNa*BH zJ8{)b%=5WS(Sk4>;Nd}hC|qci5_3XVHsGWBD;$uA5;6|873<9?r%#2z)hFgp!EEfJ zeq4iykqr@s$w|oEs#q5{#vhkVspz8dad;vnTmt-R;shGdEsytw17p|s$Q%a3<_Eoa z3@t9rOfc8&i|5J}(_X8d!pZR;U`K2O3~(!d;>cQLU!*aO<~P>F;wzuGnlsy&RJbb! zE=dDXbApmUjIVA?9orR2`Jg(zM}r|+o2Z>Vz0V<>soyaU?}N}cV4Vvxsk=A0-a$67 zNwUtdb)0Vn?P&9gE@QpYmu?EI)HU$Ess9bBA+k$8~S~?^>&~^MS{rpBKljFg7L)wX@qJ z=dSf%hl&0VWA7YY*_t#CcdU+W+v(W0ZQHhOc9M?mjymdC9e0cq+sTQ|UuNdsJ2UH@ z`>pSM1-`wMCn6(@!6Jgd(D=L#tbdn38!JK!9WlLO=9+xc9=YDXWWc zR_~j0x5V|M?$S$Umgl<~WfeeK1dgNhPSlMDFx(PkD`H;)4aUFf41PtXi1~CtlSseT9-_aL?kmz#V%xb>!E6_73w$1#~UiC2QObDg#4kx z`_61{#5cUD+$pCR4!-`!3X59(i}v!9_~oO)Tj|JCtAb}04y_uxP`XWZkv;`UJ~^Ky z+{-DfqLTW!r!wWQd_*C}SKq@w*TRPp95t@re{!k(D4d8tB?ogwgU33Oh*6s%K4+M^ z$rF2qQtEaq;Q}_Tw+V;4GAAa3x@N(nCi!#N0f* zjfo)0)bcAzLe7ALAJGFK*ezg%UJl7VA3DK-Hti~f2P1Z(HUk&evPIXEd5ez9e>>R4 zQC?)1>^A!D}e0fIAK(B;i<#M>b|h9l1*$*P@LtdKJBDx*1w-JWQ6YL41@ zpVeaf;TPF>K!WN`n6=ySbxs>Gp61BqXgB;_N8HPMzl_>Y4QA{5wKfi>%wB<^vGfxC4~vXl;ED#O;4 zcMM0-7Yn(PyiK}H7wKDhV_iLwaxRwbknQ^H-r$Q7nCpa5zoV26{Q+x%nUp$V>}RWA zvmnpVj?A^@BkIXT9ug<78^ykT;Ya8KQF=Hzwvx=XB`CqkWr3e8eg!f5Q7@+kmt$=k z6Z?DoTSRvIx&-KLuIL?5E{43FU%MYzGkjFq$stWpfr1pW1ZRBuBL@5O6VYcXN0|qV z4YfmLWSr2UcX^I+l`lzp3~&o~LmhhoC=#BB(s#xo%wX&)P zu5Z#gQ&MNu+}o8*E(GBg@O`n}v84BaUQ0j?{>V&G;VEa=YCAqHyD72VUPL4*%zSDZ z{Di^EtE=54S^7WQAS@rjea|@BkJ+>TdA!C`%ZlyK=4>4jon;#l%#fiY5+BzI-?WRD zMuI=*&N{Ao*G7zC7ol9#T)<&uP341Y5r7L1Dvw4^*7~%eH;cwaqk%ZimCh*>Ce=MAE=8}Ah zBE+T#LOQpvlL~WdJ8(?1aVmoKPdkkKl>TzDlHA(_2fwWBx8T)pXIg^rgWT^vhC6)FYEX41HJ4t>)l zWxX+{#>FsuSUp=qMTt14F1_d3g6U700~fz+5gb}N!pd$*bJ^?rk>QZ)KfS-O^9F4) zS}8E0jCPBa`HdkrRu4Iy_GZe@B6l!MHVwqBevO4^pj`gmH&fQ%-CG>?g^7eAc~yRh z$PLzyAOLm%%6*G4M!jP4@a|kpW_RWnpO(*g{MxEM;yo}IQ0H}?v2gxstb*Yw zTW3ww^~P3Dl_|TF0RnfxXV4+}Z1SNvOeKAPIQ_RnGf_Q_rs_e;ymVqCQ}AUE3<3}U zzo#!Fw4a1nb)KV;TK!lmU-_tE~-*v2$pia8vVxDk6b zEr0738N=}k5fzo$1banIkMb#1ILlmh5^+M(E)(7x4Hufnx4vG&U>G~04=B`H6W!X)%^!D)U% z?{!baEyV8s=|^qzG!ON}9KG3uQOzG-E%jNbN9HI_vGOxIezIBv(-%=z?3UQ$g@wH-T51I9L{(zN`eytG89<3meLbRg&ML_kXB($^w;?*^-H_un6it**@!w& zk~R#SchVJFk{`!-3#PE7{G2*3_t03*Md*K~#bxNWK+1YWk%7jx#Cnobs z1zN@jeQZdg61ql64s2(woO&}&(cabrB7(!P;{;&|CesPDaqTLLOvN)5i45=(=o=9? zgMvrqP^`488nbSi1Fc=WDgu;--PpHvBJop6`79hT&0jEdq+*eSrXI`|Q)&b+oS4jx zA$3ndr2K6TJ3SikBYetxETv8yM$FdsnKbb?QL34lrO21)*Zy#$+fz_kee+5C?P8ko zWLv`h8oc1~hKe=9g_I}aX4*mYY~jIG%EW>>QYYlJh{u^GrOBa zTyw!i41h=vxZ`6qJ~x2u1`;o)rZ-mV=@Vtz(rs<6nB)c`l1$fG3dQF>$f_*ub8E(| z`mT8`Pts>0I!vF$n+tmvF#DT3ad_;~gkAqo4HkA(*0yDb+M>2=a4^UqevEsOd6DMe>ue1J|Wc~z*`zsNM4`NN2X z9mCd}awnwnN-$b~!G_dwTBc;Cc!Tl3am)pIBqZ7T1OJU^I2 zxa=x`%f>T2L#g7nz{L3?#kL{hozwZOkZ_$^`q_SIQD{Be-PAJa+a0I)nhys_Fj;>U zld#{*DS&xDK}@s7mZBMLnQ`KaTa!VqXK^Vg`Chu>Ll;GGXTWz0houc{^OeKG8=5mZOMN#pw%W zCoVL6nIfv-tbbUBqMnq5Q)x@85Vv_^b_Gtj@b!6KW-$gbrZ_{(&htp+6y1R>Pq-PJ znHA)74%i-6Wf`AIBQ@eU+6FVaq?aCx^z(fP#qam!NdgUi=^FN{aCBaFtp7eI6a;O2 z*-q%Yig|-hAYTbO{-mV^+|);+WC!R5I#GFF{1g}&JcRx3=giCg?eqM8C8R4-sRvDn zqIs&OdD+A*uT(KNN;>nR%Ca;l z3J!7eBjW5SIl=Ij3vLzO|iw7n5;< zfywD$4J|%{mgg8)Q~K6!)>!I}(=@k9DtJxbZ>?s+iVv3{%u!J4e%j{7&^AaaHIDLh z-z`RWaOIWxvLW zw|KY}kiVD^jmJI%Om@PWdbk@H5mdfu4Y?%-QgHxco7 z^eey{etSTv8O;%iKr-;~1&iE@*(;VcamRGse&Esa>D81jsQZud$34^w`{*kB)MKmV zb;EqTJt)BZR(cud*+*m$So%`wg)BCnR$KFgq4<3_&8nXEBGQsL7$)L zd&N_?0rE^P?NdnS3qt+|b6a!Rm{)AlJSVdA!=(tHwn8@7C9^K5#3{t5b?y34(ZZ<5 z1Vmd72zz09;9qQ%0EPD!J4f*2{Z{>}^^1ma-?{GZE&3ecS_$ms!rbM;_6OI_^hA~! zwUgJf-JaA^Z%M~v^$=n+`LeMyK{X7Cl~Uhg=NGCjdGW^iDcx8|bZ5Da-8BsYPq$WX$oA;auqQzz4^+6}7{)ET*!x3nVUmJJ z;bPFVB15wjOTx|#qjx4YUgSC$XrPA(*~i>w|)Am#I!LrPI+4gp}MLg@uLiyYCJot zX?k}&I!#*6_wM|G9Oz`IKNIa;dB)(FV&h;LrKdbG#a;8(bIkISr{r8Jg_z%|WF=W?sS%o?p~XV^O8U!)lpHDZQToo$DA%!4p*B3$v8wSy!)Of#MpI=H z4@)-)(C2y4++bU8OfrF+DOq`8JDA{=+`f4!&E}=>kPt>%U=;~bokIMlRY~BHsJUaD@F6m9c*d5Eb}O8gBJZ*vOeSo z=4<1s@CN231FQ(`Clklz{t0uJ?05zVmoEb_V3ESwo)25nU^W+iZ@zt0_NbjW>SMx6Sr&fFMILA*BZrY0Zc+HklL z`%{=jl!p5Y1R~6Kgn6d^M@s@aD=qi)5e0S;U;Gv8_;DJcP9}lK_<$QWWL(E;^VXrg zi?7V;F-uSfG_<%I@zih2UM%3LH-LZtxyLcnyoCq%xGOA3z5xr3C42nr&b0~3kV!rk z;VtKSn-tB;1`U;Zm44DIj+6Y4kPZxVDGv{gQVUXaO+m(US%nBRg&;9Df$|>6Draaz zKe0|;CTfA!O)8Dtn?NGfm_$VyG}-laUlVGL4U|=0lh1O9Xg$7Kh%cmQQDxC3Use|B zi+MEX)&%=4QSmxHnK+?9qK(fYMJY8)RsALE(HiOgrB-B161|wE${>ldrOU}=;o{=g zrWB0BxaTvJ8^BJ$`(uwiO$#10VMuD0rJiX$u`h~4#)6oA^bMV_3h|=!P3750g_b2O zZmvHh1nW}5Le4-#l||;Z&hcO@sbA><7}Lp9t-5t(seM4`d97RLgnh z_gQjoQ|r@uctnM?9>y1;Ank=$u2RmOs z&2gY8lp+2YEg1Oewt*uJUcG&dsZX&#y1c%MVtbPFt*^D;3r^hZc2K zmrV68QW{tFe0i%v7$*Q$QHgP)PN;P#Do1f-xMl4|R|r5IPJEj!F{N~K@X z;UPbj9#Z6WXqH^Z69{9EsQ}{#sa~70f`9eA1@s-KV;bF^TFB;kUFQlt6*D*U`XCCv z4@-)Q-w8)vMUh&~IltMYTwE>RF4k?q7mINy)0dq{Fti%1M;FxbX#(P4#VH8 zklOSt{VRaW*Me~sYKJ1sZ^|l}BGXv2KoDU>;DYe=e(f#M_S~?wt)7v|yx>0=$)Edj zrLT}?O5EA(5*@#NMWdi@2?5 zzk^6H7+p4Gtk%WJo4WqmUZ~IkI@45M_2c*3JzJMGz+@shl_@)=S|12C#of(O0VquM zk_`0*jlYEsDnGCUZZVZv=>fu-hY<)mIvDOg(K? zLe(gd=~<*+HIltEeRR^fM?6^y_wVlfIy=-C)AkrsiQJd_qmGsxR3qCDeuT1Rgj|@E z8VOaSJ7}7fXP)I|uw$NaY+XZPTW?^u{3T?@M|k&}6uY>Z-A%t{4zp0MnjLjL>op%5 zTrl0gQJW602f@?OB6@u7^0y*KIWI6hLd@^Mbn-ioPM9Tws=QDm8e6 zh5$Kzf)r{GyP38(Q}+{{5yA`q>~LrKSO zN1gnOO>r;kyKu>AILhywX9Th=)@n+=ep`)3kDAkH>%O2vr%A)DSY~%f&P2n?>(4*- z$YQ`~t?N$W+}vei@^Tn(9&DmpOvJiaJ`P4TdEj5tcy0cTSprHeCK zNHGmn@>KEow4{Kb^d!$>#EKnJmHF3*fsAJN8btJK84;sVUk3#sY1upC`v(N3M;)~- zZMyrC&CY4Wk*QeN>W+T<_>`S_5K%A$^OGv6DFqji3q%3GX;&Tq{d`DS1r;+v=UuFx zs%Dyx0$}d^)uPIO3W~}2>>}0E;2C`ni z<2+fM+mY0I6oA!E1k!~p!o=-~4o^Uo4wD6k#6b=zRG(l3C@tVjd`F*HXd0Aj5hJA# z#^E!iA8HKPZseSSU4Mg)i7rYwitI>=OsY^(N)xdGp-Wn26!kc#7-z3|!qI|{|MVjb z5c|x^y;nL#bUD-%@V-7w*Z9)wERMR;{2jw8CcQ9V#pR*qhDUX3Gb4Y+o3thX4Rm*< zoX�m5#0+W#i#l3dyvi^y__w8i@S)^1{f`_w2-fb&=r^ZTh|YK8!M6hNBX08vCoP zY7q9KJKHQhVQ5P*A2K{ZzQA#BRd@9wMKtqqOILhk2hq!}SgGcOg7d8Ct$&oeTSCZ5 z;%T>N#nA=_kR(L#>e6sU+^K5FA*JHh5q7n>VaQYqbV0d|7l!cAJi^x~54Cf+{cJhT zh*e)SaTYj}Y}3elD-A+CKB}4bQUa82ErKnI+9g2D-63)768JgcG%t44a?lO13>f*o z>A{m&eJXcYTw|>YD55+@eb=*qt#qL>x}IUUXYfo6;*~oysd5KFp7L6p4{}=x;h#B7{VI zB{N7J#=+3k0bpSug3#}e7{Qs!|I~}6=e)oc7YlDloX%@G#sxCxLl=vVjME8wzc8_P zD@)UVX|n6zi3ro3Q$&5`%_TCP0Oc{L^ z`W`gfwoJ0go@J@9(=bn$gSUf=%8NI|?JUU(`-+?8)k+XR3X>!%hCzM@kmH_MQ1%JX zA=d(3aTwF-lMv|^dyG%LRA4E+){L3^gZXWlz7~ch2<+S2D$in_FDPh; zaXsgW$X7JqIM^TPkFG~ii;^Sjg|)-|+h*|HDRDUdWtza~cfV6SL^Vm};(*C|&31RH zjuC`{ZdHk9M#9E(SJI^|({@bqDw>hrAFVM-4rO-czT+%Q*xc|v%WtDhS5{VvaQw))CCkdN9Tl1`CD$}L7ltPYajj1%ggx)B z8x`-b&bmvfW=L8X_s6ILi`dLgJ54D}YKPT2XZ5vPgtiq9)j+*!<2rFd+ej7fa|7B@szt51xREKN3f!SEf&7nNw~!K5%Bz zow&OgR8ZDvCOQ^BCRap0YRcv$Ci0sm85vn*_V)8SNm-gV zvNf(I?h3XZM9}NmA;l>D(sO~zS^mJU)^jO)#PXsV#_B4f&?|ZuCL22hnu_)H-8LQu zCoFLaO6fsMKltbdjqQ=tnGCgK0)B5~cQbi(_~uk{h{fhNdhh%Ufs+=qqKD$S82mIQ zbjJ8JoV(7#kO5~}ggwsMmT&!620-*E3zG#L5BA#2Ugx7i$DB5#<6m&{&IS%i)n5vI zB#208Fh*_?b2*(rlaF$tFBXb^kP%kx3kZfk12MQ_dE&bABm*Unf6V)tqseZF6Qox$ z(im5>0~bbU@X!A>VN-Ai+7(0BZG-NBFYF`dZI_KFRzsVIIqU;+fy<`v^y{s3@=zdC z|9dUos{9GMH+Qx;uxyZHIQ~LG?$$Mk;!(r-diP1GRb{`ZX_2H2cCGA0&Pw}j&`Ou) zMM!zJ3~G6BCJo2 z${S@Fd=FRyfg6p%cE=DBO&J|Uy0!cArToa1X<;+)mF^cufS$tEd>oW1KIr9CM+E)N zpd=PEfm4mCK8jIx3C)AqOeu9 z5~ks9sLU0W>{_#p2w59OT=|s~Em!?)9pyA%SdmULDN+O`OF`>7(o*itua~dVNkeN_ zXoX%W|1veavVx~sCC&1JMA&vfKhRCWkN23!E%edJ`X6$cV&)V}nXN;|p*?NXz>`SvPENwij0{uAtet?88OwH@bXy1<;$}2Uysg_vuq!G5I0oy) zLged)M=xwcmMrFm-GjMv_EUpdm}n!!u0(x0O$T^p6f19W#};MuLQsa?dj(9Zqe(QA zj9^uZI8Eqy9wvoRU>;e!C2x~VebMC1PnNqaSgCulX!RK>!rlV73 z6^BDrl7V%ubABUC%Cz6WqDM0^vEY10haII6djuilprJs3aqZfP>^6*D0H_i<%qsI5 zn_br>6_tw|g>z}@5dFNp72DoDxU`A441Z;8sF2rq-cJ z?U|ALZfP2o`^rnjYs1E#A&KdsFmkdc3M#TPx z0Nx0~U{E7GvIR!vQE3r=MXt=Be5Tz6Ip?%prwM?rw85>YQInrnLBYdYBlG}IT1a43Dbw_G@ehWTb?Y~QACCTL+x+{LB`UHAB zriM;6B5)e))K&ix8maEl{ZWM|3*OfAe#B-;s-Qaq%%1zTG;Q9rQtA+Hka)vi#OMpA zro+!l*tmQ}@I(R%d6#T_62F~3&|pi60TC+^QASX>)Wr7lp*A9)$Anzet%YZq?-}u7 z2GQU(>fZ4U-X?^xl_swt98y3!19wKH3A##hLt;ay{e5!1rAI?48z?~Ofg<@cf=m|_ zhC;Vb?lY`12n3ptkeFDVB(3rE(~`QKjos_>{Bo_fjtxD{GU9`1h1dX`J`s8^G%QKF zBQk3*bf`}tIEtjR^Td0`8sEWbt3k40;rWaI!Rgs=p7Y=Q?G5c;COgh=WG_{6MSj93 zpZUSSG)}mOSH^L^J&^iGJ>+|bY@yPvX(3jW+Gj7hjDGL2 z6S#Y_NaXEde(c>~Q_{k@Y!h`|x1UEiBJw(Aykwjh^l(+Hiq_aMaxcfd8u2=R@qpLR zb-aGssS+NITXdkrWeBl$-|CX`@JY{c$JHC4#`IA0%m@*P`HE~il^FM~b%z&T7pHoe z!U`%N8U0gu^-mU#TZx4asn;W6zW`Sgi>zzmlCUqcNpue@MGoQO@kig}HF+5Dxs6(!!C(@Nw4(l&>zG0ZGEchYk}xyfwAFM7s5nowO-l9zlehcFskmx$}Qv?{jR% z)Afo(iD&+bG%y*bxz}rKyUFa1$Ly1H(>6J^#05epm_P$67idY!& zM5ENnhg(-p)A#bpw6X7P46O1XtMYzpHk?$3FJ<(jY!C zVgj6zVdf4^w?PsbG&qom2s)b({A-mx6n0!2emPfK*y5XCe@!fK_@G>1TV6ExaU&h+ z{bYsh2a9(d>QJfjy_ zeap#-MU{8+WCys~*g=u`J;D79N*htzxg^==pPw)JR`QPtzle|xtj!-vlsWES>q%k( zCNnhe2TuG)EXx#KR=A$|<*RWMn)@3x8}1~tA5o0i>3fb^)}47UWm>8dS-mK>d6MTp zQ)kznpeXP8!d5Ij2*f80y!eP$bdeZ#%TJ<`i{?WAF=)l7x9%gNb$W{gs6^r>0_ zB!q&%p`7?h)JIWr-1FN7R1LNI05@-sw|Q~~kjsLm zFg#iEi>Go5=n_0`5Y3`Sz^52zYKQ#C_Zq{912^m{*}=2hp2_Nn+IHd4PGZL>4@F| zN(&}kh}q!B%M*Ms3TOO3J(rr<3J`!H<4c7eD3EyB{cJTycs`hHJ#w~&cPEhV6<^o7 z|9q;)MJ?LdH7mt!u!4Hm#OMS%rc{(K-?M2IiNiXlc441-#_hUdW9w%>y7y0Y1rf@B zBtcsG<}C6vel+=(>SFr*B1XxK85WNB3B*6lj}i^N%Z@D6&=AAe%joE)TwUbiT5o(oPi7hQk6Lm$9c~w4$%+hQj#14QPC4=(Smlv z=pNsh?W?QA7Rr$`vx4_eyO?%SQHB1sYkZ)ggmf6D?!{oE_UlgM>bF0#RWqR{*ifFq zX72r|PPyjS=&uGkZJ1Fku1D@huBs|&#?5i9_^?r@+HxG zUxEkfQTy1-PrD#EFB5ho-!6fXd%sm=oCO-Y_8ctb(wlB8bEhxy6cqx=)my+8V!lf# zb_yMv>pUZTPrsjCFoZ_(m!qT#C~{ z$(F-qO1EE5nDCvAZO}Bva$@HG(7kDkJBJ{Y^=I~!9->?Cb%Ojtmq`lCmD6P2JEBV^ zjpNge)~`nU7&O%8Y_BMe0D+YR8BX=Uj>Mul#|M$|q7H8SgnSN|JxKfScUc3jZt-jj z4XZMO$vSITYAPRzZ11^y@a1c#8nH=}V}()X^GOeqEC6kn2!Z))TG|Yo8kNSwAeke( zcgIlE4}XuJfVKC)PDXm?m8+!%bFvYIwu3b*l5CDQ^t)JrzL{JP8CgtC@i)jc8B3sc zf1YpwI(=c$PaE)Od2RVSqQ|ne=XlN8g^f5<6d0ctYS&6>@L60szEf1AaJ1wU((s7f zFQxc&TpTlMPhpLQ0c1D62eQr_ryF?2`0yv%i3O`4{Ujt65@bICnO)Sj>gUQXwM@Ja zSWQgXE=?SwdlFAq>lYTEwbUUBdES4AdzuKf>U3);R zWjJ`n+f5~yxz}AotL{iTx*V^-J^wfe$~rjYY$E(6h5DlPh^I*AOWURSd#k6tu3E{{x7$#r{cl(<-d$j%%@~3FRoQpb#!>D5UTwLs`SB-p!0~xEPP2BWp-4KnN7$&q zdhl$PJLgH%BAF;@U;E@Ew0Kp zFIJ`Yd^i7rmDqm)y}R!c(?Apm(+cP} zqLa-46W#R4i50Do3y*01UVN3B9#qEe7(Fxevvv0!^wuLeNA<7iMz_oK{9~1?7oSVx z+EHZyXTqtyCBG<39Qml_?;KIO)W6z!W8TNLj|gB_H);Tcl?Fzk9P8RuP-ovNmAup$ zAHM7GFb>9Cr#X+;^pCcufBALslB_B41-p9TZ24l}<)_h14pq5pv^Ow2-G$x@-la@8 z0s>+s`+=rVvN|q3IeAxHT;r0v+V6Vcnm=R}juU;$vj-=EFpot)sd1S8r3c&QNMOCS z_8c$lwR*)$X>^2Tko!j@@#ELIBmq=xzsgW=f?&T_N`~OJx7Y{<0vzD_8dOuuH=oZR zox_xBWs!~vQy-2Ra_@-}i#m2|mBeXogtvQV)wj%?kk* zZ%8CIzH?^p#)}yBdQ`Qb@pnaXyPIt4z#%E|>lO0=V%wOd1@`N=Nft}Z+AF4dEL%r`u{D;OQchDfJFPdaw&*O zYEXcS-65AQu69^u|G?tqp1rTn4S0e!DIYCn>#OtD4eZZ5uGObuo6PSoF#mF3KKz)T zN6~!vLLa@*!$yQQHz!c~Q~9rj_6ORFu4$*f>JzH$CmAl(@Ss-nZu>g%q*YJ3;lM@y zIl@JGIER$-Q*UC!BVIJ-P8X!{dKVrkFP}B5xpe>Sy_q#ylc~rwZ@n32qHc~hk1;{q z^(*i4feMpUPG?UmV#B#`np-A2Bl&~6MeYSRk4b#)j z*)Nwl1(x`g^ywcl|6|t?M6$$&h9+KPshPd+ zN;9z#2qu)r3ZEmpmNkN+`_MUzt&o!I`tl$f0Z!IY_5WJsKaBea1Xb{-H%O&^=kgx} zcfnd@RQ*$DzdynjTn}g94%1b1`G-&Xhim%R#{o8o!RfkJO)?rIv?rcgepV`j0q(LV{?zeu|IJA0MHGReMSLKey9A zU5_vlqEJ`3PR9*^H6dNWb4T*|$LjL31lrd7IH8WdkH0=L^^v{1zDI-&PFpU5Mb@$qMeogJMYkIrQ zh1po@(F^@wJ_ccg2O`bTp9V|0LHuPB{*%}b_XUDPv29+(qs^`NOLu z5S&vpi8ZYue7&6I7b92xAF%gh1NXLLu7TsN!O9$env4Gi{*P~6sL;Dfh6KwSZZr$h ziwUP7qho=Y+C&sEmTTCDi(qNZjm7Ta+KT`IkmrfD39KdL|B|DBGC#kB=!4xdt;)&@ zfA<{AM`+V^aG5tv&E#!iPE2jFfM@K}JbLg-5hP6H|8Y|$F{rR4M}G{78p{8D-am;5 zI_Ct%m*`1mLpq#-iHwG{^!ng3eG4JdHqE<{S| z1FHXX>Cg2RY!KdD)Lwi{`AbOtx;wbX10RI#UOo8V0`%`|{~=ZX))&Y-z^9+{r&%Mvi{_QV9Gz#Dy4@;x?dunhmNBovOFUohSD4ZPDcj7sn@tDo=D_xnusj&tYG{Rsi+Rx+~w zC`9DIPM33R$fyfF7p58Zz)2Ks>-rt>QP7J27ij{?Bj1a;W}CZ(UipCfb+yS{Hob3&m;BeKs%}GH*lGCG(j6kN~4XRyuy43+$*0nYhIaG93W1s z{GoWVs{it1|L?~1Z}H1tB2HvMyTnWo(lz%GZL!~})CW?}rJsudYt+iu8j;;Kq`$1- zMi;jVi0M|LmcQM1mM;N*R{~-yQ_=#!N%aCWptEcHRPkzbB$GVh4SEM;?CtU@5^#!gPzDz#vObjT z3`Hf={*>%{xPc`dN)l`=1s4^TU zB7TMP6IgwZS24sMZLj+US0hi*vlu=o>o&967B)Z+OU7YWn28 zyZSf+9rYrPzIf8V#VTkRNfIllIKzX8xU)0w1&F*>54G()93uN&aD3Uq>8ZcT-*nQ% zRT$D(Wo7oRhHsnkP(j%H+3UNk3j;Uy7k_Wc!O|b`5j(<^#Vd0~I^EjaHbSpm>YTon zTzNZ>wK~@n#ZqlzdTawZk^F5r>QjyCe3f16Qm0Pp(Is+-`7Vr_-0mi-tb0;K%{H^K z7A4v5a2v&JSiI{M>&aib%#da>8j#tRiKe*{2Ht>_Jp}7E3!a*734tXZ0Vwm+jnZ9E zY1WN6dD-Wd|X zcz-GP8FaCk8R?}Zb116w5cz`=yM5j>>F(fZ9|FpZSnn4_5`0vPjnK0)fYCY%alJ?| zU7})IrtY_ab0Kd}ZjBU<_SoTwM_wK!G#9b|~xuInL z-fIPs!0EU=3V`$))(EO@(>R(j90lf+2y=N#>~&6&@?%1}=fshALx|;vXusY!H6nqJ z2=ZN=@7b5i^?*0*D5)%^$I-F3vEl zdrgJ6P;mfYgs#%Kg98;^I@j=_NnQ7)3x|!#^IKD0Evc99j)URW^8m|X8Cli2drH(z zHr=b_BBqNX(|5t(4qEzH9pg>I_*YYMJ$IKtlRU-~%Qo5b3<$V9S@#dqi^5nxr}Ym@ z7~~QzxNP_B{q(cwxppkfJsq#bfWHQ8WzAN`9H4+^4pkaAf>5CoN9rdUrMf`^xskSe znD*~`@tXC@yvlkm%mX`YPgJ_2sFz$m7#$%Qt+PE{BGmHOAkPPooY)$!4j8zD?s!s| zHODQnHAS7A2rdyhI`znBsk(WQ;o(vHk(X!G0Gf&!yw*7+n&|VS^!-)<-6F8l@PW&alLrlo?(C{ueo7)U{b+&kXbIU6i zxCVX_hChv?uLbg6||*h3eWcdMrsshD4y)+PLLyc$vSywsd8`NA|mv+?fmiTKIJ(1LPDyC?eSCN{F4>TkXOqFpJldaC_&QEgDATqRrfsFJ>x4 z&qKRs+xT8~qlbkWHan2Y<&IJf^Sj#f-QjvQt#UHA;cz*&r~90m=VMn^9o4U`Z~M;v zavBMx-k7C3Z;t_@rz_oqCS!=KdbeT?|8@((g$${dS6N2tVrwMEM->&3+&> z%>nVnd2a$_uCV~gBlh&#{t85}132ZR%@G){NU40yocVXn_EIxa`FB5YN52i5C|g}V zUJ;S}LQ8bmZh$5$aD+pKVvOa@eOx%%9JdaWA1O&@r!-8i@mZvY#W6ouwJFKImd9D{ zTsHs2agfbGcsY55yE6Z{ZG1-}a)P6kn%vg|;m5ahts6YdlUndD2}%4Z24 zb)g7I&xi0PZ1YgvIwZ&k(~Am77p`=&XJ;Fd{mbV?!V5BgWXA1SrdQbBMDT4i!fn&= zjW;ufUB0Rzw6SG;jIG(_2E$cv9)8M8khZuzLKu+H@N1YJ6SLpLeD7Vhiz=tpK2CM# zKVDWI`yA>d!&jE3=x}@XeYpX&+xrkbZ+;xd3)la#=d2E z2W3h1yl;1Fc=C78G(wIh4{ahcfiq zbcj5#o&Sm4Lj2VK{GvnO&LZ9gAeEq;IC}hDd#SOz+-<-mp`QS{63}y7x^e=&!b$$~4f@pK zePYF!E$eo)9Xf4cRLeIOXpM?u>$a|)-9870gelCED#Y{cGn zL5~zl@rlNvo68$zFN-fiVvl!?_HRv;uOVfi8B2|gW@}$d7y;bjP00rjTv76);M;fH zGdP`gyiw{Xg+aU7dr-?;ZLUYKgy9YvsF-aAXIUd5HNR?js#ja@)KkFSmw!n8&fPye zEN~ple?DnG)@C_1D02XNS?OMu6Miz@3kb1q;Hqm82z1OZZmSLKR83q%2;Nk7@2K8_pUfV2YjfVs*y^=AmZA)uV0QxnC*}pz2Sz z_7kxc=WroJAEYs+kjxEFo^X%*zTGoU9b_o}`0|SJ&polx61>@XT|~fU+Tx2$f$=wd(zuf7CGKE`uMx)(Rd6LynJI= zn0p^ovpqHz1~_0lCK3Avho(|u-8n>e^b^1pbcauLD^&uT zi#~6<#Q)HB$%|O=QX_85Rfu%yTzx{BHOjqp$^PVIsere9-L|hg&Mok99+Uil@<(`< zi4D5+&HcRk=Wej-&<$laR|hU3-7_U@H0V-L$KtUPH~d*=guC8AMGv74sOp})!C?(2}@ ztiys#obJx^1oAe~$X~c>*O_zeKW4H9KJqvRvd7j0^YwRT+_t8JR-$6~f(S|dyZoE_XP87c)8ZoD# zy+DZfL8+N)wNkbLdbWTC*&`Cr^K%>SRP3=Z!PT-6A^^luWk}F61i#vMw44cJKAE$6 z6jhkfV0r9T+O+BW0f*ov1)!n#3ac0c;1c9ai=SVwR#>t zdElg}C>?gPRtbS3)Csv1k?*+Io2_85>upF(IF|VejQ08!aD8Qg*qQvdsxtq0#y6?F za$ab4?qCskH#NjllX&$BO_}s;lOd}Jx{Iud)B?(XO{N5*{j!J0=QvDo7sPD$?BMYW{E0jcx=SI@LvV6+pFhOMCx*CHxr@XmLUv zVtf_D-7mY>wkqZmkLIR?Hs?ehcYz<37ELk$M&)RuvJ!vIWSH*6Fxusk%ND`UW8JA^ z6rA19ci4&UT4-@%T#5NHXyB|HPN~s!t^)!^kb*5rVu&_|vPDCTZ-|UII5BxNUF!0N z%xSqVqKDM7#h&>)g^A;Lcw{KW=M@@_dR{ zV^xv}))E7mCy18MXA+XH-oe8qbGChx{_i9K+)YdK2D9Ei(A0mtGi$@rOLQ7?~`MH-i8#VSQz-!G@iUyQQQENGwu_YCZhSu zgMcjl3xB1%)6@ECcFLE(2RCS;2d`?f|JIb$EZg3%y4u)`w`kYAd#}rh0V7Bd#&>VVgN^kbuE3xU9UqRJYc+9=6@Wn$ABJ~~&4_NLWWs|Hc}q!T9`XgZ%Q z`$NPPuQ;22pCs}LXm^ph{(VtAI^6TRMvd}?(&d#xjf{`-(nlg%8cwlS2H?3KC~Y)s`gl5^4QyW7^( zs6x8BXMUu$g}PHf6M4kVz-X3}-1qZfgl@P+m;2^70%MLx{Bb>JRF+N#jGO%f!*`V# z_lvOXozlNBw&B-i0#R=qE}>3w{#?w_cj-)b;>%52axaFGwOk|jK6HG&>zvYWi}wjz zlSAFD8NV+kb-Uh2Y2us4lQFw6Xw}QAE+rA_ zOuNFSm>f9(Gl{@w=tAPGZ-8RyXFMhxBiYYaH4LRH9!X65qbktIuetj=GXBR;>TSrg zBX-GRfN0Dw^cokvO*<-6387K(H-}qxU76t#?iZ)4E^Q^qgBu1wJ=mR|$F9B-nW?7V znki>?y?X?;Tfnv2{s4#YQ|S0${=Y1ds#43++i=#g8C~gI%vp`(-65soPaTQt@ZjOq zmlnKwCN2(qmvRXSuZ)m-8jYpxEU*%~-Gq~usdE)921{{%HihTAb&=faT4phQs=8i)bWX8Nwmx(1Pd7Of+ZMvQi+Xx43<{x>17JSr4^>mNb_4Ws! zgMSBkA{ev2Y*1&J*>0jmbedwQ z`X2MUr?cI-J)Ai&b*_-w(V6aZH8_|DfH1yLc&;sY4lb&u+zI?+viwS=E>CqI&U6tpye%f+AJ3CbVa#W)V ziX4XpVJ_ToH-JlrR-$YK@5JqLRntFY1eTn}N_6Z{_BZZ&&V!TlUpvD%q4P$tKV_G; z>|RL>H5cMQZLnc0;cJ{x$BB0K?rRT*|8f;n9#xyUrd?IS)ZeURhjgEj;xhN#zgRBP z52Q{l_Ngij)I$HE30!lNAKd0dIX7grewdNI5W91&j#fO{Cy$lsk`ris+U0Eb;j-i$ zw9SXFA|gWfy1J9V=TBG`A%nto3B9UuY>o5ltY2j_9g^Dc*}7QsG{KlHR*UF>#tm%ii*$ly=;gntGU#HOo{M2bH|E~=*PGiQZO>;$ z^!VGLux%-iW5gWmbb)!febYpN zXkjwAO4xEbw^Po2Eo#ubELz^(DR$fAX2*<5KKG>gW^2serlNjtwz-EaM%AlC zT=j`$0aoiCejN^$&_UT*4ZYX;Mp=8*XHc8Kv<{Qxb$PMl8b4%>T%7f$7BA zl(ZDkRYk5o6lH`^>Bso|6Hd^_Ea|#-N|N9tYwNXPjju9o$y2~L;{$r4EaEXFxi_wk zv*BZ`VbxS+!vgJ(~FiyXQ&_7L!+Qray@Z1y$9+^_)4+FX&5vB zb~kT3c_)s)vc^I9t8qgaGF74_AfEMwof?_|lF+-{NuD$0B1w`ijz>B$ZW=pa+1w>q z<0ZZPO=_LpSt^gO6917gYY>Hx>XT`EcGb;r%IA{!nbUx8T@&!N9YB|`-)~yzY@vY; z1g@KA$P4xJ*IveaW*5F%y*CAFl#{*91+z-CIXr$FZtcEW+?2SU5KSTzNRBPmd_iC2 zOA#$->LZ+-b7#z9S|)sf(~n(!xyfJgE1JQV(6}Ke1|vuSJDjyK3CCz<46)|LNViyy zFLtAtL@WyW(ePhWN&-s%8yx^c_!mPP0>P#?JYrI1|4i8;E+>TY<*2DVHZ~zlV+t7F zlD)onuF9GBT#w5Lg<3evZ=K$5voZrjXhs(q25C>Cti*QN#3T4g2?8xKYAoL-pTt%V ztWM^GYI{>gPv;Mt`hdL}V*N|*O?^^W|G?3k`C)2T(Cqtl>1Ex-Kqx@5_Rt6pZ$tY( zMJobU+v|sdtRXw49qjqcSAKqRJs;wKYPRBv%}|L*(5|Pec?sK&-sZazo{0>#0_K(g zAo4713S~j;Mv~A?W$Hsyd7#KLLQ<>0P@8)kosR2NiRAi7$!)J* zG?HlE$K<$=(@_K{o9+LUbIOae4l9>xt1JKbSalO6dssJ$%9^Hg_-D7BCSPtx0`gXxwk*)8^aV$Fe-wyCU zgYwUU--`%_3RF193Mub8L!oEI3phN&)|7_BI8H(80=dMEBm(|QBvovM*+Q?7Le2rb z7y37m6G9quH~7^ElJHS1Pk{oTImJlprg`KAcyPU!gR9MVwN=VHpsUx$e%*Z4`rmLW z-xD$C)%(icR5jIY>q#PWuQ76rkt=hTjp{%3ueuzwYf6o;%f%%R&ql;7A%EHpc`TQ- zgA(8lX8)$OQLg*5PEB!`kO<~!youFgPY4g3T%^y2nhg-oUuXoSq2gtBUmVwO_P1yS ze}{`7yqh7fASBVu8+4x(K4K{wloV4tm-sy*hsmsNCTQXi0XbngMw;cGS#7l;s)HSj z`O}nQX(is=<7o!+;l>ud7-~bmYr<4mem0=ZcGrb9?pX-4%%Gb0pNP=~N(a=o} z5dD@5-V4QCm-BD^-UQ?KdLPZ4`^i}{NO`f%<@;3pr0P?c5+jSI{LI@uOq=QEU~IbJ9=HqBgYmp%>b7wLCQP0)h$cdeU@+Afq3ravJo3MG}D!B1fK%FN+kUEZqX{b#jc z(1+{aGOzw}%GExG*u=Ew8~N@+qI21mYtY z9Kp(%I*7h-&lZ~As5`9?Vv+}*nZ&uN&ELG<(Q;zRb~iO?hp%~6O54|J>(>XMXQj*t zQ!Vw&xl~HpBdKpds2WstdxpYS$R`A)1)MCYCGyRq8hj@?01RG((L6pkn{ zp*Jh^JgB`E(KL1i7fpXv^mfe13wZYS$PmxZFXO4A1l11t;=*Ut%#2#o?;{L`Pg475 zX=@x@YRkm@?2*rL(@P6+ocQ`%>Rk17kjhxhWoG=Z}tZU(#|I&W@UK#1RXuKui zXBO$ooUmAC;~tvT88L-fnUVK5C}nKKOukF_0_Dn^LvF8qCPcKQUa^kseD6zZvZe1>RFMSmH!3`)3f!2(8K_ zXcl`+Bl6yXXis9&a!RYN<=@QJjXs;sIt$*m)oDCw*WZH`;} z6SB6COx;*kD-Mnh9gbLPgD0WZ=5xV)MCT~p<9V`m7deY*A|A_9JohYhF(U$)!@M!$T0{Pse*OiwR42~xjl@i0ASVozY81K9M24V^ z?%7$d2)9Nli`SY|z8uSof@!0pNv6yIU77@_I4BKzriUL;7k)Z!0M}j{fKR<9cE2PWor`Hk4t?-23 zelXQd)u%wd+j8QLFq71ZsqN>^l4is{gXwZAQq@#zyAV;+KAoCcgJY@J80W_RVU?Qi zg_symfm9N2cw<>w!wNA6#abv3Nr^#n0m8xi273RTglhU|qWi&_j;F}yYynEy^L8wP zOL5lslR)oj@Kb6*WMgqeJD2lzOH_=f-gY4UM5-}=Z_zYz&@Iy`uAEhPk0;BxK?$=< zpo^Iwe@AA?`^a2p2MG>w+_-_2#BGuOug*3)wKBl=N51UefeY@NRSrfbiWb+i_O2Ne zIxs*dHup3$m!dc|g8gu1+|ec?)GWI3BdOJ@&9IV9o+$woHxBXMK%13YiPqtrf5{#@ zb0B3sAT02f++^)4LrH%GmogXe`t@Q;#ON_)x#c%NTFC>w*&{wG_*7H+sv#`GRc(Pc zn-yEtJ-GYh# zY;X8F^b767YRFM$GIKcsX&_6QGmSptvh$B-;H;{%wfi*6&s<7?ixTla-kYdblROt` zK6VaoFddLn5~fUJXWo;>r$@c5C@Sr}GGVQUDKl|7+dkW9WcOw)Y{M?@l>|ENG?OwI zx8ewbevVG8!Zj&2+8jhNT`&WaKBs5dAr_y0_xwF2~@Bq)jvYP5wss3V6>YB3N^J42PIh^%B2kbwM+=Flq&d#jj zZGSK%eoQ|2cbw|>czE-R%3!EK5bH@3_*oJVGff}rPCf#!G()3vaiZSL;7}g{DYd=d z<@Ay{L^EXU*klCjc0Jn^i{oZ{;%dA-;=o>A%y98vV^wIP|CDIyuowb~Z~h9V)hz!L zj=D}sX&HOCR}JXmHrhBhKLvfmY8VG(&$TE^4opY7$!88PvSdaIWggexlx55ehBv5R zbg?RM>Xhe!5i*iy54k@J^f_tdvuB_aN=amdmZWDPy|h2-zNK+en}hWB1$0(a8|0?v zP;o_^K3LF$(ZY1jgs$V9u!mZ|rmc17d?9i{PHJ>QQiYxPmes9qw1uoK-#iSbQM%5_ zBXI>Z>Ydw|pG8>;Vje`K%D5)<=o{G;UWAHXjvyuZ3*TiFvj;VyxRn`U^Hq;T>0{D3 zFIaZk(Kj3mCI5J;TJp7NZARo`Bo)J5R&NX9LOYgDR@0tqlz%>t?v%O-e>kw>qoKr9 z;1G~04@QHd?))Yh_`i*hSdM%Z)Q3*z#`ZVu#$UFzhA4H#DPGQ&N-3jN^Y*4ejy&=G za?4LLgW(o%pjNs3rwZ{yY4AkbH?HHkK-Eb`2A0h!;{8~S!8#RBO`&!qKDKhI+4(Il z$x^J3bot?`HuLoPfNy6iGNI@p9Mvd(7I;wv0hj*3Zecnp%(bU|2ga+o35qnt{gm;M zl($P8dv9b9cy`tP*m&JEx=bD`2Z)`jS7GZ9SD5{e=Qs$fU2JQ>R!7Tv*G4(Yn+qOG zIi|BE@Uvx_2WKuFTB=Lny$a{3_n5AyBqM$9=`M$`Q*y?_P|CbQI7c$!Wu@`}v36*q z$uXt0&}NOluH)eoRHVgbvwSdCRQX%wb&W9_*ur8eQLGIz+UBxfZYA^k*ICsK-k%N{ zeL)DHH%iGgsTwHhbiO&0$d2e0t#$BKW(pM&K!rPElJpe8gs~9(+TY}`&JsB$8c0yl z@Yxaiz+ZQq?;D)veoO2_aUI_`cYN|_y@=-OWj)<)gUrvUVwd$zn{)8Rx&?`>PDP-K z&~C~r{f+#np0QV5N%Usumh7i|*hcmj_bxDA1_;Lrw7a&Vw;aw0v^dhLLCXI2;ER3E z;~gcd{gPSM|Nn>#zx6*)CgmmRROt5rw_yS@WQAm^p*{V5a?Q8HOcExVWWL7%OINv9 zr<6v2y%f0(y-}TWfaBk10efy@3%JIb73Zt#cvD%1omYZb@xB6a)tSf153c)R#*74N z(ZlmBsy13deCkJ2inuY79$<)@T7e;sbV7{D!g{u0Drgq#XP!v z+xkVYfPkYl_l6I@nY~yUPD)k_nSIp&sqQlkAKI}CEYC5AuNuZ|nbJ^C4nWkWa2*r! zX=qt7q0pWH@O_l86Fw?WE2!u;VFnBzC~2PNEin_ME>}dXXHub2NVhbRo3>ms>BK0< zX)cXp`V*1B#fH{N!Qg_2seqJN~G?1*NpjxtvCd?~W|oHmdou5z3v4A%_5W(KG+gSlFM`(!=9*DA+;lDp{9 zeypJ$HJfKXW|eW&>!tHw1k~>v(cjO34Lc`{>~IxE`%gbmQOL>pr%L}jHR zl;^=Z^IDiSsswy6F3Q&wD4G@*_G>-Lqtm5o^3ZsDW@mNOi=0elzi!VnGPmTlP(FV$&?)>Mec`xS=IbYi z7S3WSZt@clu+~|2u?)ayS13BQ1^z3zil3EAW~x8q6<-6+PjtVJq@bp|l1F!^y^h#! zwwWx%w-{;)dEy1e0Q-dlq>{1j1=f5hKcv4*l z96ApHSdeP~{{ow70WgqmZ7ZqUW?H3a6T9Ns?SV=Yd7DTtyFV~OS+l6kkq44?4s}k@ zw` z+PK?-^qXVi)2fe*D2?03snfK7?yD8s@8x91gjnqhcij60X5r+Xr>7Z}+f}q)rm!r@ z#}5iw?`&2jpQ~`P(MH+H!8=x;z;vnuGBP_lVn8baaaw=j4{eM=UEC=%rOlc(BN&iP z`Qk;-{3-A4e1|pIZm1z_w{f4o!bDVE_nN(K?BMz_)_<%ONyNVvss9p);MInsSFgDS z`!ttr!}bFF>b=2Xw-y3!9V8F@jqqByKsc2AQP(UCdM(-U|LWdn!7b`z`TF>bZo5Cb zH*^xgA4d4O$v+mrP!WmnbzK?uW?B=fm$EL*23awc=hr_gxb@=^*$*`V2&{LXX399e z%oOw|x_f5l)aL_K&!7+)9dE%p$)R8hI9L* z(}k(`IC&DmC-?80>kk#_Xw=wSmxKMNMR+#xUjzIEcbgmAKT+NXUuoL2I#hi-e$*D! zd8V(~v=fKKBa$KKFZh9R@zM19+o5lTKd_0>|Wrx z3NW&diz@cNj1Y6r&vnc>$!VUN0r7C3A`Z&JmCr@+1ca61+pHM)rKKb&eXrOmFj;0u z-&}dQnlZXknrAikUo4{a&r6VG@5QTA;O@Kn)j}$VDJ3DhT`yRP0&jQ-DEKRJA=^Cy zpu$RN9iuhR!)s+TE~x8HB;!+s0?dNiud=A@ull)#4GH=0b8doK zDzrLjBNcB6QUa&9L$wx5i6YZnY(;DYEM5m5h;?ef+tUo&@L9}XQlnzauCl)N%gr~w zAe@&9m{ToZHz4RDu&`WC>LH1F$kmKwFb8Jx2|UEvZ}m6Qk(0lM2ye1yky)XBBz$zR z`}`PX-%L?7hTVLg^ki21EUPK_(xCB`0Ma5}_#>B9(jt2L;l5b><7D6PY6q(qjGG}_ zgE#Ges^VZ91UO?}rp^z;U1s(Hj+7|A_Z3S;Ezd)}zQ53+wEOqJD$p*z+W*vyr1pj`M)>vPOZl}s8DnGc4;DRytm!bZ$sEFu48WBr} ze4$G?dI4YF+TifC;~yYijD5kyoL7>Fv3%J?6hUjm1W&fK8joBwMTevmPE6MtVaP9$ zyWh(Y1_oIO%NMbXdgrzGwAoSI0i;TU2Kq&wl1T=c)f5~lI|#V~Yh`lMR5L;8r~j8$ zIsxymR3ac+RByzK+_=hKVwjZiQOgc=IoA%1^Y$?KLu=2h_&wvt^VFjc5Ex+g03FpMwr)oAe!NY}ti+44>TD-Gu9kCb_|wk8rY{u{AT!d42p*oQS5OrL}fd;;kC3v=IA!rV+deNM6-cS6xt+?p@4%qHc<&%j!fm9~J!u)-t(ar$PH z0>qg+d^%e;-KuH9mhnr@SYa0M{~bY2!1{An*6$xVd?{0nGl=*81ScV8m3t}waN@=1 z@D^yjC+qWpwmL1K&ZszcnjMQM?$$0q=YlWFV-HO`7eoGaNpIR}28LYx#{MnuZ7b@U zC8LS*J6mJG%;QQ>vF}|3?Y~uN^YS^VkfoiluIe8@do)%*3JqjUMJNw(lpN1A?8QWe zB=d%#m+}0z1X?dqR%q4ZpERHL%p6-P6Y=_ur%r86%{c+Gj3s++T0*)SUaair*mmt# z(BjfcTT?vWoN%4?6=e`D&J5#bIQYxr1udJv+cq`H6;wYPqOFhdH1kQm5Mmm1TK4GX z>?*n!0T}=hNji`WF}J#;*mJIG+1-mk@m9tzPpJ*z&aCuZ{WkyGc

BRtwgzBc~$!>UfYc@^WRxj$q{CRvDRGtEm2`96@tW2aRwRWw9xC5 zk<2@)R~QboT(KaF3v=4IhIuq-VdR`g9J)MSSqX#RP@+BbRM!gtyOK+5e6@_LB~&}d zyj62C;)^IPv+m5$BJTN)O_b=SJF{M8?`k0D>|07`2ifTn`s+3EDk+Ssm8)LWo4dk6 zr1{JcY^mXp63OC3MHn~o)YN|xy3%B2Kh_#uM}IR@&N)q->bi71$h;lSGJz|VE2qEz zCw{=VW<_iLtfe5a)34e|wflpzG=Pq+AH-SKITfBCxACki?@&xE6!=G?3xBd#0-^Uf zW2mkfe}&{bzZq^Zknq7#U;mH*uU8ttR(E4T;Ws%0#W!{FuyYi}~5GpavGtK&s@6F^% zT{U^jF&bED+}I3xsPeO4DTcS_qR$M^r7d`!ZIMj@n;l1mk#Iw3&dO_WEVHZt#$<+9 ztj3>It~{^RVm>i}u|AcHBa#CmgKWkx`ognUQ9(O_Z%leN(Pryy|+c#mm}&(7L2*8-R3Jv$AncIomm z;OQkvO4kUV6)leNmC~!|!=hEl?CieHeNG*l*T>?{F0!s9t!W-St?gZ|cn8@n$5Ooa zUk=N9(3~BTTH?01`dTX5PVdcNiw0K<1P1tts3)puN+T9|;gtRN)amh*-_D;;?9rM% zB+-xB+a=j*4pr?Ax92c8GRREssqkSa(##IIMe?0}NW22^vl^zFJE+m=t#puj>lnbgIHr+#-FPGp{~;;Vm{X{ypI!L@Y+NLnxk=zP z57gEc*2Qv#R4Ng!b~MMIs&9A11yKJ@djrAz2f$#P0|n0tFg?rw3r33OijyzLQ=`bm zHO{3(@h7sc8Mw-pkmBcPCHq69`WRv|={Hc@Q;?sWcu*$%NX7wc6qMw4Xeu1Sok6IvyNUIsZV^EtgCZ266z z$#$+Dm0I8pMLQO)B(NV=rY{mu4r+68fk^7`M2O6u24@lYsb=*)y)nXy{B(FMr7i<{ zWU6A>Ng}uW!oGDmqX}Xw2~VTN+2&F-Dk;)7?mszU`sP9l6+X=92HJL^_neddiGg2; z#mdy%iT5EQ+m%eu?3%!lKx07~FW}B1P%~vigo;f{RqYU8q)ObO9V8!H>t}Fzii5BI zO3}LA^7tyAVA8GRg|A_0ke3%m^?2AeyJ06dFp}U`e}2QjB-|nEI%|yOL{d~`&boM) zKZs3ecTZF?(VCmyfm}t{_PQj=vm!F*I#v#1MJg8Yfn70$dWHiMfP z@%A(KHoONv{Ho2gCTav?xh}g&Hz;7^Mm9^=-D{JWRE`N{m2SOF{yLd#X1F|ox3_hP zFuARA#B7FME6}Dj_nEwbj@lQ)-a_FRgX}2f@#omP@h_<>>i45$f)uFJRTJeTLU@W&tipsQ2E&?UmG>CrwSzNoWJ;8rTdM<7 zN-barS()uOhUk%+hik|?@{27k;8y0cz{L;DsrFiLdPJgo9R1#v5|=|ox(WZ2Cg^_j z$D$>vOyp!M5D4s6(~+?W0;Lc6tw*dCH<3&X2tO;{R6Z23*h3ul)wZ4p3LW1OCwE^3 z(_i%x{Z6R*Oy}beKJEk+QOMHZPYIJD+^T;Zmg~N~baBh_PSEkNa;^{3Ka0T<$ucLC?jx%2!?GsKq z>GJ3jE~EG==)HTpJs@~6D@+Or#t1K>1icX%#Cjsb8O$T_mJt45`?m3yj|opEH_obYY22psII z)#1*N7y#EAGfPq{y)M9Z*JH`7Cd^D^Wi4&l5W*-{?yXkRg$?6T@A@VT9yQ=bCZFVV z$u@NBGsI3_@~SGKFDT9?NO%Vg*%)=JqmPS5c>_iAl#JlCPpr+XlB4gkQC= zfz@b+j!nx)Y1oJOj1C4ySSkL2Dzfd_f8zr!_9L6VKpyo&D12b=y}8h< zJhmy&KPLG?cT3!U(A%p#QLZ093R4}K%9m%`7av9#++^nGEe+cqSr7Cc^QaZL4hxrN zXz3mWC!^PSCE}-p5`4=mZB-`WWJ)a+(rK}`UZ?!X^_(yz&>jOHD@}#hF8oVxZ@25! zh=l{Px1-(IQTb|zopF*imA67g+oBL?IpICIjlqDDa8I*bSoC)h#DIv}v84X3M?17~ zA$>--x<+;U?odEF^k}EwO*%6SF?{nOlW7d0vAJSi0+(4F7e(D#iyv6|k>BeJs8XKP z#tig+#0=@uUmgy0fJ09BMAzvd#u6$KpsNuy!~a;j!4Bh)zm<{{pt~|Rom?HojV`F+ z^syLIYPFLkj9WXG&|D7HIT$55uQWp)J%oegQdF|F zg8kryz0uT_c&T&x6VfAvV#8SCEV;^acadLjjhU_SEl0a=cLH0RH2Y7R0=w`~{YLB3 z=ZkJe7NG~vnLwH6f4wpVACm4jnkjSNRFRphee=6xHgj9KHcg0gnImY9HQe=3C3Z@! zyNiUi#dn($oSdR62PgBLIi>t{3e2K*E8mmXWd0$yJ=sXi`0jwgde;DEZh z0F;ery-9JXAs)FHMrYL&Y+HfW!D>m~k1#d7L9v^Q(^)Z3@&KPj)#%}>+p$H@T#vCH)QxN&lfgQ(bIOQ@bO?+2TXB=IRlTyJtiMV6m~UQ3OF zm>x{`t-xuy(0&o6S^^W^v2C2MmzAO1pHV|F*D8!_X#~jSf-BA?;!tnMzgZ!rP5L4k z2b?F7AK-sp<*G;ABL6gpy@4({S(~{RaN;IkjV^iT9%7e6jxb6>?sE&doDAb1`OcJL zlzXfOqS^2BYPv7khDGMH3)GYypJ4gBh9xSPx`rNZ zX!Q}CSEnx+3&=X@25DgVh~KCBm3{tBuN(HRsX}jwzMkEAw;6{&ny-6JKR8G!Rc+X{ z2 zK@%?;`*4RRq4l&SUeO&_bI{2gk&1a~7%ICrOi02N znhkTP$^Kj?KYD!}Q$b*4r3?!xuKZRMcU&uJ^=OaaF#rDNI`o@En3gEl=zle~Cu}`j z-@SW%V1ez6K)!%I%`gu4)14CnUC&v2Mh+j?hR(}}J38}`jE`mfMt1rFLh0qF%e!Yx zy4W!BmD(NpAFi>nF+Mn*Q{AhLXUzvRD+2ynYi@m$w7_oRfm`5Aga*63=0I*O1a5aU zR;7Xe`oPivc!7N9oCXhVY3Vu-$hZlSn?xd)F-1`^*?!ojIiB=xek%k4Vd=!>o z=#gd?j4|Lza${P-+b1*g4iK%P5upLLf*GZu2gyK!X_xTfTPVJ4^T-_+8<>2R53$ve zMk-WHw(>S|ea$gaBg4crXMh}Q{_3mPBR%W&gFbmhvU7brPp*$k_m@n!;b}7S8Y(K!JWFOCr z(Q1BfPG)lgRZpE&=BE9Yw`{KPF^$x03Qk^zcJ}8ymYO;-%UUQ1DGApWa?BMxm#ZmE zFZm~#jp0+2rd4$E)=DJSmR+3D9k>6GQFxQYkKUDB35jh86)@ddUJdc&-u?QFFA?#k z^%^)>4sk^v#8t=dJewnfc(O+iKirVOnf9&k7Fd!8J%@zC^2q%puhx6wfVZlM^1UCL z_+kb3vTI7%ZWhE%#0AWPqL0cvYYIFN7&R9yG}1)M!4dBIBMu@d_k|8yVodfF?^S{d zJVnRnHiZoLG$7k5bhGJ86oaJB8qkvj*rkZQ%&_X1pT#erKBrxK608i|1fcJV88+57 z0|?N|e7+wA2JgC^@3lFk{oxVS9fN9=?<)y@7rR8(NVNN6L9?^ZiU#hXG3L3Yyb~3NlXrgv$`Bd+T zk-X(N*E4UL!B>&Go0sN5+yI5?0^qfpr=f3-&0|(Hsr*y1*gnFn#osp~4IJN2<9cy+J zrp{|Q1%1)p`0k{hb7m$G49u8{pAC=@mm_uZpNMwKw?Vg^hs=JxhynqTJ3ZrN4dz|Yn=5XDy%*s=IVIi6Gn7QtE{o8TPrXe@lF|8_9VXb56b3K3~xQtg!1h zaBS}?cSzs)bT*r@671C{%Ci3lcX5fhjsFS2z~c_{M-!brJJQXDc3t$|R5y0jxvlo8EZiKrrA5^Y4Tm+HO<4$WdB+mK z+)P2{zfvw@m$WS7<`715i%?(DLw|hAS=VmVi{rn}VITWz*{p{T=a6m=PJMRk8QJIO zAN9Jl5(j6~IVEMBg4Wlq4e8M#CAw_#T#OiX%xiy2+XBbeF*j<65LJ67?rir>WZ~iL z!nNL~?uaU<_wNKJ;?4cYVdnoTVO*BrIT4Y^89PEEcgI2l!F2x`kwKTYafiXxPo9`r z$Q}gvTdCXv6$8sOJC_R_+y60t7*m`C4Vt?Kq>HmzKA8_wdX2>)XFzUd5Jcv6M)(Br-$f34%f;+x%E_5VdPoa9}yqh{D6nfr!?oy;#O@ie(ixd5}g!RL@KjI zl|0|=se5{}J8Zq8YWy^_Tly3&3x`e`7b;kp%@too-_P3$vuD>^`9UkSuNMce+ekrJac61dvp+ z5QLx4-ucm+<_{3AyznI~T$dAaK*eA35Pd~med6>vxsEckY8s-%vGXwT$lJfVEj}5* z)YJ#Qdowxy6;x7=H^`1pW|AVT4X`Mkxs1oHGoRv!5??K#KSx16=WQH zZ!VIPDewYa9>cb=;L3;2y_0vfxE9?)CO|61=k`Yg$BIxCQ8;0p|6|*C+hl|O9DR#h z1OR7^8rvKEtNnI4Y7|HgAKK;f0MLMLD=b#l?y#VhYD^iFMiDR2YF`@w$5yb=CfD@^ z`CrxEBMA}EJ1L`{(hxYc_6E}53)ZS_+3^iF`jywJ5!g+CLGJ0W0gH+t={!Ie!(sdR;lLx7Wq0xq?%Ju1bhE0R(a?0ulgre3)eh)9ac%D za*D%CM~l~UHV2u+tK(4k8Rk?iMEAhYAF3-aO%Gfjk>@_PNkp`@il&p;fgzaAzvw_F zV5xsHBXVMcgGHQ+NaEuu578Co5_*y)@3tjMX|b9W8*V&e@gyXy=YMh3PjX=D*)ya? zRw`QJ&5>K?i$lgp#~v2M0{fGSSE@dtfj$}5fxwL(E7W#t-IUxSSzH{kTX`NbbLIcM z0Ju=fDfs|SIrle-R%AjfT%D5lVz<=gh}P87d-RJ9FU8n=710h;Gor33toXXx!<7V_v9}@P8-Sg?ejge9_Bu~Li$;GP&1vqHIsU? z-R*haT|ah+ZItGs-eg4{9j10L8}M_c`qhLdr^$gjTR zwbNtI9CoT}Kg!5iau3-MZNlj6l8f5pnH#`GX9D&|t2-pRCVSxI4HkRW&8kH7P@9;b zFY0EQwxO$5>+%F z9Br&rqCOK86o$By=NLM!lg6cZ&qL(`Ai3zA#oiTU!7+TrZoI{2s;)6({o=nOyzSCQ zNS=jlG4X}B`MY60Czo3c&3EvhCf-w zr{Hr~>YeW$+n(=w#RO_KWqH8MQk=V%N$9PJ}^>z2+j%I+{-+Oi+X+>@m zVNGhPo(?&+EfjK^_2vsfVs$+9MA+i>WUY%49}&Lbep1F|DW0QNX;)*J6L7agY+uAt zU9goEqa-0z!g$)on`IrGh>T=hU0iY|o&nt;LSx3AZ}yt3d`uiV>_YvGd&PNP^YZN(d zn5g&|7}cMXdN{xQ)gMRs9*`rl1sT2%=EVa(ne9y1p}Kv>qH^3k;;(?WS?3SK)HoEU ziq|hS_^rgcK@&lrJ4HrKzzjj$kDT8p1$agQ{Z0T_wirb zT*?y;JJHY;zs&v6qpVWodK8qJ2lncjvv=yQ#4f~d5(?L~J3P)k2O=C+rI^J|->v92 zeQSwo+g;Q9^HYMa)?qV8yy_w}KO4O?Ecd%LPHrC?r|uB-tWQ>4(s!k%IF-8ZrDHTv zR4U}F#abNu2OW5sfNEBDdSBiDw@tmowPqpXedpG^0gzgrgPHN3?Ni zR*7e^g+=%|$MWCoAo}oU49`IO$>kGuw8iDcEL`tdCWAUr(+1Mh)SO}$13<(}oV2vW zy;!RfZ?x@g+)pU*Tthx_^|3x$hswBsl_Kv+~duo$cwsx=S7kwT~F-MmRxW>@F( z5)tcBanuFxekvyGBAoa?;sxR%`KVBC{Tw0dL?eP@T>j6St6p~eq`_6w^@=|;060{w z-Ebu4s7DO(gxnjt(;W7Xx}u8Z7y55?$l2-aB^IFt>kxg2(qo3Hfw=L`F4OgFSlp*% zqBmadWNtulzo9#GqoOU<8GQ%Rd$VDhdB{Ggra!BQ20Y{eUsZExy{AO-SKO-oJqj}n zp+hk_q?s&T-2PH_GQ!ps6`Jtmr17d*zHU}flgH4qS6y(~Ad&u*xOWD(vrDN;4RwHO z@Nf_`Jc_(<$t6zVLAvIMOi^>k!j>lR!Md~GVKnw+H%I;(OdpB95usSKR)7Ms1&U4Y zNSxnl%)X;{V3Ak)+biOc$Zgxhoh~n=va9#pI1AtImxzy8Cvd*Vo|Fhv-Sx->J@+j< zFf_?sF>k7)Rri$qm>Hc#t1NF42j8l;-RR(P`@|vq-0vx34ql)~SRDy^2pY6vy<G>>cK9dCGQ6Ur2I<+dX$~ zur9kEskKus^bGbeWhDH(&OS?t0}2)x>JjTX9zCufYCoq+XFwm<(3S zhrcTSHi*ZbcvTNCNZ=%rOLbazh*tg8_?_gW)pvnU->Ln5`EbJWa6?sYQTc@ zFs$d?YDnC}jiwTGUlaKTTX9~!kDa4wDVr2&LE5!OsTaAVN_^UO8*n;WynVYPzZj0& zStlJs*Tw_qF6AKB<0KhtS{2HcbmW~1pTE9S@?n^;gZ*BttXz1x9pV*M!5AR_<6+Lm z)e!@EB?f3I@&odZAgRiWVAUid@JxD=ccML2&~wY0sM!DzW7dG{Y+ZN};zfOtw%2id z$V7y*>!V7=%@yhX{yMJ_(Fw65`$(T2cb`!?!n2LuRss5M6I=C&=#*$^CtGyjyRC6I zrg5j)aVTR5fS#Sc_fhl0tgDECjS(1@Zp|+2_qp-3?pKu{&~@*PeG}p6e(MK)yOQ~6 z@s@|@w1g~UoS*GpR9vqYLpZ7u>R+r_y#?wS+{r7}wzX4NHff)JRx&Sg+fTa@$d^mk zP7mGu#vJBfSeR|$xT%rKg<3yuxBmp5Cgg!)RE()c^iHkv0WSdWsIpRfsh3c}RF5_} zw=&ST$J(vemrPleUWzLDPC~ZC`gr!%D98mroCuxp?3|X3SPSE#JtVJL>`cQnb&SZi z*Hk+rKakoR5h=lzup5Cy8`kk7gR?1#2`EfP3kx@Zeu}MEGK&(c?!;Bz7+lfDzWm>f z?mK$Q{#Q2M3rr7#8XH3e?&-|(s5|_1<9NHJIEPkif_&ip>eXwz*VTzW()$W^@OS#e zFS&)cF(DmiTbpp6Pd_wiv}s;GVHM)wtXB{?zUZrZ^!U5OVl7?x!EM<91$A}F zw;1wDVN?fJ=!4YOZs|`LO1_xo8@Q>wZwo6XeW|Q4&N=Y1_{}X`zrojgi@&BFHMM|# zEYK_4*4I-1$l`Ovvk!%h-hGin-Vb4%SV!TP7^6gXcTQQ(+e-$NuasZOA$I}yO0!1f zSi82>Bq4p<_hRx57I%QUW*D=&B4uAhu7)SP#%?OA(i`ehLqIxy`!OeB93GpPL(Sk) z<8S!?X!;I!Huv}c)8n*0)uOH1M9*<(RZ)8d?Qu#qRa#pRm8udef+9iHX;rPZ)Rs_t z@4c#sEoOq+At6>GLSp{X?{)pI`~~kP&vU=;`+hCk(}bZ%H&3m9%yDqO7yKPN5d~xK ztz9m+2Dq{lW4#`iYE*jAz%AK|#Hd!>0}*v+U%=jO6CKAwdDNify8pmzhuSZh2^|mE z1lWl7nD#hnMf5`#MpDKjW0He~^f$NJ!XZ9Tv!(p*NY-<kkm#9L08D8S)k~7ehO7rp@yRh_v9vp7;|&DSg$?S!C5wTS4g6%EOkUMv z!Jxsy<%q(%bt{L-&+SRJajM!VVf|-4Q`<55xtIVL&Cbl=v9OiwcC-tKM?lNeA-)cv z?K_%{B)!5YtvGE&Xl7`Vh0W8tdKEP&MrOL$?BB@+>^}w`dwX8y0_P=8?jim6QQ9HU zHLs*kg`FCrg2**iroK)k{2GBdU9<-Jb*rVMRNm5652*uihWB(QMem>7AiYak5d z+}RuysI%N{2T)!2cw&pV!gS3FzJtJ}MRDGYUR7Aa{P237w_tXc;GVc!pbLhFUD8ub z9^m6hCDsPuU##cn<^x?pJ7X<_leFAmhu;^p_8l>)`A0?0<%1_HC|NX{xa+sg`Viy4 zMm>DpwyLmtO0h_-QUvg8JPV^`5+5=EBZ=W3P5h|Tx0gkSOF*WFsfY9-gir=Om4v z(KuNN7$T)B4VR#-zlU>coyna~QQVr&E|YCQ{aA*aF(AA<@Ds$Wa*bCy$vX!0wB!%*ilFD4lk06sF!3*hszTsi?Kuv} zrslo`cgob{{xbxzaA#HLw8A;`Fq1=cSx{MVID-J1xJ}p8s+%W0pUcE2R31Bo+8l`; zOc9IgYb%gjLpG3Be+utR*>A|(kSLE*HG=A^QrN)nI(}KqVa__av<^}J2Fvr<@K~6| zAd_7=d0)8fMyZFC4z}nWs_l3gIg9jG*Ozk`M{Qn3CgV z!S>{y^z!A+*59Pm0O@b~@{L0d$1%h39~|*$rtr>40VU|hw3>fyUUA06?qQ3v; zO}FDMnb%kluU7QJ;a$C4o~eTL@0Ed zGhjj~km)h$=h}K(K1lA!Qnxh-)&_2X0a5#h_MO62_2jGN&if`%?_STg=>Ujjq0W>RP9v9Fvcw{8^z2QeG)K{*mV1a_ELW5+6+ zH2sH5DnyLSYva8-jEhIT*!Q&b&i-D@xxcNN+Q!>dFT^8+#Q^`%3!6ia>O<2k0;le` z;CWxhBFfrtW5UoOLizq{b$jtQJ(p)Ul8@I{3?23cRq2mT=S4nvWK2VS@zyDdIXF-Z zBiHK{seV;3*mfHum8R1G64F6IDWkzg;%+44LPdgz94)e$k{YG<>tjy5rFmx+4ua2v z?v$zfdf87d{4kA6E!YU>d7W;?>%Iy~Sg=-SPJogcc{i;JEK8>K!R8 z4;9j@*vHz+=S&MQ-5bAfnH8OsD%6W;$vJz7+Hiid;$`UH7i7NB<^3eo(Lw@Ao&0Jm zxqc18k{d&GUw%^RVbUgdwz%h5Xr)MLQI9p-#8-4|bgZ2Fz0vzV>85l*??4KP`)0_< zRotP5IuGo30kZTIaBVT{BJ}4M9kyRm?BvZny~pBroK`R6Z(eUNy#(^^`W^wLElnqA zLb7LIlHCR=`!Z$@ffPX2;dwABP|nUTXU)2^ao%L(H!pk&Nrlnj8B;v$KEVvr5l7vE z^|x`vHyTR}#+M(@UY9uBWJI);=OcQm-w{NK0#C|;8`<0}aP^Aj{I@AfyTB9(<8u{7 z-yTlzE#8u$lL>tDlMnn?apzRso5so{qxeC^Kv1z2m%hS-2!`85g+!!zc zeF$?PaY_5}UHYhF?f7#fOIU&)Z5Wcv{01jEb&5$$DXE1N)Kz!vg*WQv^!k)|<~n8* z#vZ)X1qBF$u%D0jQnWzH6syZle@ipF9t1~2(sE|fFl~i@ZeaCMFG?hVcZJ!;z&AR1 zxd9=r)S|P!ivWan6DoDBNAHxj32Hn2{um8qIw@{@OpOmhQc)|z!sV(kp4dvcX?Yrf zijx|zS4GVKz|F`SLfWni2dEtUUX_6RfsLD$Typ{TXEv7KemoEd&+%M_NgC^5<=T?_ zKTHNJU6m9ElxJCv3s3@#%cVf*)A-lE?skzw8sx)Qw1h}v%Y#}g!Q17zkU)whlH99P zzc^jXVS?U}ePAfY*u(7a<}mf2U>4%@2nNfU5rc$5V5m~a>w0RJ21lRukl(&$_uUzy z)#4og6p^f@v{~?5#2e1*g3J~hILG(o&Nzc|BqaL{LV>CooE87^9};fRa* zo`h~Z`VXKHhC0bO6w!T#2Aae!?#-ksgckKoV}%WikzX6u=5I9SufoH44OmnKJfrUu+tl(az)ItzFlSJ?voC1RbSM)REBEXzD0!fI>=|QFEW;=Y54Q%Z0cWD z(z*!drl6K}tUYh#OX52TCr8}T9rX)S&hD4;T%1LV8~<5isQH>f(jATnB|Ww-1GSEu zx`T&#r_V}P!*NrAGia!L3+YcC&V7*Mi{qrCY0%2##yG<~)OA6|z$#dzAVjb3`zPZBH@3~uX^x-SM@`fo+67{Yj$J;!3 zlOcAq?Qk;`+a^F#gsJ(7B(GJ33ei6ewEkBn*Rz{RU7s4G=@WI5Ab0NK^e$z*vtr(V z+_oPBj|2N;J=eAkJzoOO#eY7zXXWsD5~SPY`(j(+z>mV#_DE=zhg$;4y9n;|l4>Zu z`Tbea{_|mM9>9nCGf-i>>zNgj%$`1=$8T~m zW_N3hF5kuRXEVQk^g6a^Qz4Y~uU7LoeKAw>%dD-Im@q+Nk1u>V11uhiH-+qeR_)<& z2)P{|=&{@N{G?(P_fKv21q{Kx%W<3OJS(a{2}*~NyyM!ch9^dCAN57HF1HnG%1_#s zNCkFl_K0B!d#_`Y33q+C@p}N{m-E|0^Qsmm+8bYx>XnmLyeU3`>_;M2_^YMP3F37d z__K4VlY?9Sbe)bVf1I#GqRMPNJIn`|0|LIvvjSDx{6Z62lq9e!cswn8h4nD7#sNvN zt%mJfI)r+@_5q>C zrw8q4Bu+hM$8qK|9j6z1S}i5vxMoIaTU`2}UST>9ah)2S#sD8ST2@=)9pfMy$!d7{ zK5 zGooGfe}jJ*2V?zqQV=k``u*K6m<|d4wO@~F)GU{CVkwhGUAj>ekrKft2w$V6N|TA7*Dv@A3r zV0_Z$I^B3MLiaO3&puWnN8Lz?Ptsak(=U>sEp`&~zUqZ8xo1n}hbPrVFV%}^EGy!Z z6eA_ydGVNT@ge(?;93eZwj46Cl@Fz=vA0!s+K5Y;7v{QXT&hH8@-H%*o zmY*1wPSp6i19TmTqvgz_;g`&g1k}hE0`Em;5DYz3)k&&2Hw2~S-OrEBxt!(QI6tK_ z%M9Bfik0n2jZ;@1#X^h>+jq>F)mWMy9ZkBv*@W)xwFef|ZJtZ@k?}!&yR^d*a`oB& zX3x^-?FTrlkbNqua-vTYN~fF@K6L!#>K zvmtCjx{&?6x=q^r1p(xz6C%f#y)?zXo$l??;^Z!~K$ynbcr+qzOJuvXx5Ns+l~A<$Vf4}{tLA?gf1@<53!IQ7H)e6^YI%3D|L~}V1j=hLz$;sN zSlGp*vWEx2I9rJ~Ayu|tVJ`88GD+;gxE-@G{c%p{_N1Vyi+!nbr4Rwo^08g5oMB23 z(S&^4PMN^bzRXF|?8`x=qosIC?JBZ(qe8$cSgz?MRUC?Ip!7%lRjphuhwJ}Xe7P-T z;{9xh1GHOc>k${trRFgmRSmFL3RZmu!V){nPBHVNb(| z{EK$WK%&7{!cUpdI;ZPs`^D*o%@u-`37l+ zNO};kj=S?~S`8OKs@9!a4=gu6)8&BBuJ;WPuwjO`BQ&y1CDB%yOOQlh|wZhXzSy{!aMw?&#v;ONH5s>aD% za>ySXU=(pcVAi0?^Zq0p_3g$J3RDYXl8}D}#cqRJ|kS<&?V&)k; zrKJf3+{%rNuj?li=$hT6eF=?(AG&o{k@!v=()Qw$XKvb$8Ea!_%uj1cZPMV=XzoY4 zzJaZ*$l|vBXDo``(_p9zjv(v5R=VPLO8EGMzrnzs1|P0)mP zR9=xq+!A~@dqscfdAVLiOYe(xHsrRq4i1WJR4Y3r_~O`E7^FWK9Xz!|i7X}3^9yI< z?}F*on3GNJGfTXQ&zp`zQ{uoV@VY{rMpmVCA9_7GbL&@ zDJk7V(|C!d)otG1`Ao*&M7U4p=O(G?5CuGEJo?NI9C}s)Vr{pFBrtOA)F7uv8Da-r zpLN@wYqKysEy5RUUU$aYKDnS>(zFz@3^iw$_kd`>*}=D+ol#B-E4BszrLUIuE45Y` zitR&OHS=qBJ0i4eq2&&3eHK4+0|#Eq?n@nY=(YZCb5xotSx_J9ly3R)Oa#S07&qHO^1= zH6G$$ML-Y!_;fm2FKPbU!pb^q`yjS^G`x=gb~t-wlMIv16hkn zThE`>SQzo$5)<%RZ)NV4`xne7fIh>fj2c-;19jZ&j$J%-*9 zTmI**p>9Ksm~xio2^e_rL5chmz2GVoUT3;|jt(B5I!Jjf09Co|-SVsRr-{s;e=F!9 zcFPWRU&r0;cY2m`-+_v|L312e4ZgKD1cuDHIewVOcK_nVjx@$_RlF?Kaq=ybnW(G+ ze_Q$9wg+5MCjr+oGh{tcH9=nDsJS;C9NaUnv&Pef$npN)R89utze=o44=M+OHP~^^ z`%WJMxfs7&fvLDK*?AFF&VrED=QlBxyMvgiX>C;1`%syq0m!LOT^Mfu?b{{Wx7Cy1 zd+>Up&o5(hQ)x>CP81SlBe@xDoKg=juI4i>il$P{*_$FQy77?*Qu7yV%;W{g5IKdw?gCeET%; zi>|_h7(ZTJ)k?(+l7amWsa3K5!~sT|FX|B3%?k(A?l6ANaFlA*2DIuvi))EpNwkK} zTAdpf_=(r@EFF?TnqeGakkIu*kKr#e!*XXN#kGQaCcg?l`u1Go6CFpUhP&G8F7O44 zPG447U3+1L|Hdzov9j9W9I61^FlfQ&sjD+85b1$86;5)V>@W*-DnI-=#B>wuA1kA* zw7ip1V2DNGfITp^8OyX432~P;>@xS4DeCAz!{J!B#WQdCW^3Z)uKf(07Ad^ z8!Dt7PlOv9H~f!&=`r~9TK?(eI~mn{iJ&ei!7bm&7rJ!YHCD}4>vYBncp^8y_s0$ z@R%Wc-YhgaMjPtRI-kGWU8tK#LNdl7u`v&T&ch6xn9ZuJ;7xKg_)rcVQmjKyc>c3$ zp~|eRG}*Lg?N<5Wu$k4o!|nGqGX$Zc<6cys3-8OA0T$q~U!~tHQB?fI2)Q-UDNzU7 z@55E@8^zeCR^`Geq$vc){4rV(sl@2=pe3+h*O8)Mb5>D*I1PBOp@IAZ9i_l?U197Y zA)MPDOAo6y8xsV$eLuCGn6Xomjl)&}zHOE+^VRii{^2qCeCn=$87HFgQh4^O0Y zd?$$9pRg^5#rry^#X~amLm&$M?rBdrK3W4D0%%t?V-;3 za%X)MI?&Yfp(f`^%r&(`wS0kLhk3xA6JoefHK}?bpKz{zbRl&`W#g24&gO92&?(<@ zcfqw?@1J&x6!vK5$R)D%ze@}B-*`)tSBhojYnHY0hqur5EIL973W)s}Uabl~QJ`XF zeQiK*#Q;`Juj?LkTj(-LH>cC9*kW+vexhQYJTX1r9ycWxiIGn{cDTG%w})hOtw&}X zy090JA;t?+b+;OvFqcfkDzkP!^i3=fqTN2t%IEBo_UknP%#@aQEr zrn+I>j-(dJBWO9)6>Y2_RJ18w9PL4&U5vBYx%j#+pbCV9Ul8YiWx>8ZURkVm1c(8E zD~r%NRG5gM8>%CP^YeO;_r0%uW-cSET-MdjG4kases|$& zMVaRFZjW(-A==?%ZDWI?4_Cg{k6Wm}uiWfj7*h{H*wC}(lR-giQ~>3H2EuEN{`@~; zDHFfq$j8atG$T)G9OyNdEV=hlpZE048=zK@x3Mz12UupoVQH{`pECXF26JY&U+2fh z{u9?`%wamfZ~sjNNgD)cR0XKbJR= zHiGg?VpGOz0=1jBFj%hIofx5J+wxW+*rDUkz_o#mx1t8AG-b65*!l^LjF?c7^y~SJ zM#^4@A-_-c5pU%@W5Ggf(?gH=dY9-{p=A)Cp*Ul7>1|M9C1h=W7TS{@<>S5u+Sftd z{r+yZ540~c#2)(Zb3(O<+1z?6FmEmZgBmZLKgFB&t6!&EeJAXT_{0sT>Qr?t0^L2(pWXQlM`Z$h74u&)XwKM(%fa=Ez&FSi5JOK~A}ZRD%% z*)~y2{Bk3g-rd_3f|;=h$@QpupU16(_3GG~=d-(`QMI|8YDd@m^JiL&q&N?yg1x%y zWa`z%jKdH32aP|f^z6VSFp+XPu~QMBj;>xh0r7SFz1})OWKLYwxA*Q^4&ylbfNfj$ zo7Iwd`7TysaXBKmPru=~zN#11JBq}YHU43eo=bNb09-D=867+%?Yv?mDwOSEm1)uJ zQJh6fy*&~n$I`Nr)~UkWzF@supiY-Np1=t$>HYLkQyGpX)Z|GL#%0;d)O3gD=E{`{ z=45#Y;~4yyH!;UyZz2cHn|kGyV9EBM0dj+$Z)9cLUQaoU96Z%4RW$;r;#i-}W3fS9 z2deI{44?U+j2chRG3?3qJg)YkjjZ~r+%$-4OKXs@twIY`YERa2F4VrM3SlniUFE_t zkrn%tHE^?5c_5+De}sj<>-1z=v!_(ZZ5DLOcGa*S*M%pc6lh6Koa3>>U(hJuz|!i7 zHM<1*0LSVe*rnr{ot&<2z(|K6J!A*DkY+($?c_yKqqz2lCrdg2K!miK&r8q8V>$u) z_3ghKQjlGBdOxxP75HCmaR#)t9jttIxmTWXs%iLYSQvqyChI|D;6qL0jryW-56Mc= z5|@5qS^`}3hwk#x4c^O6G71SA$r_HEVq(43Ssc7Yx<0(p*gy?M+uGo$kQGOhV zy@(z{wJD|8Qd(DACXG@;Mi_Rxt#Q>~5rhapXh0C=iY)w#I-U5K9FHVTek`1cWu5%r zZs<&Pv;U2tN(6>8Q(+GP^^@JI6xUJ!hrvI25!!3Zmz)Kq78+K!vRrp&Y62uem`lgD ztH$UHxlm|%`Kl!V>7@ODU`;g!*hP;(s;-*he@uOd6e^Sye2NzjPV*nmr97OBx6~n< zdSv>#*C6gdv{|NGwJFgSY3u4MJ4Opn1{uOoCm6w0PkW%1t3t8nShCp1Nj=2f)*s1% zjo_7f*^)1Mum>I76ofk6k+27Zp!P-$>8~AWg+>6=7d+7iU1=e`k(?KqEwwKlCcdK% zRsvzHStnpNI?0|N0!w1}9Ie?zh#eTjaw9EfV1#Tk?0ZA<1}w;IElfx&`*)(YmP03C z(UGbyzp|0_xe@v1Z-pM$cp`hVMrRie7`~`Zz(iazN6ubhe)Ory5zG|&=xn!aNkZZ< zF>j&N+E%p~ND7p+SjGOf%4f~|H)5EZw~o42BA8KG?!n-Tpyj58#4yHAgJ>~5X^Nii zOK@dMIFH-^;-sY{f;{@OO5qfkm&Ye|(nKkIa$I6UVeqq7wG#Ak*~PYSt&nxb-Pl2jt)jDdw0 zPRytjK4%Rr8v+NW1ukHdcGmlomPL=Bp1XZlca+Ape=g!2=lK}@x1RJjKJ(vZ9)h*P zU!QW_nMAI8Lzekcye>zBgSL71UNPHVO6KjQ5Mf=PPsK#zy{ZPmwbd`#t|MJvK7Li& znh4vCGKnvwWpCmWaYMmx}8fDmeU3XHKKPZM-AbE0NCf*1y zQPeJH=YML!f=Z8R_8#fY4)|eCrFEA&%-cSN!J7TAbx!Z|(L||M7&X$lI5$@HUDB~! zw3Mch<5S{D$6ddH&9@q-${M&?y?w;*J+V2lRh-=159BZdvCS z?N6NK<&v@?e%Jn?+b90@r;>ksRE@fA@UU0UYeQ@dY*4NtOiKzo8z~t+U z5=q*N?P!F<$@BcJRDj?X!5wd#8tC&mv@ox|3nxMfs`oWnlF|*K-ES+4@WNA9&Rzz! zp6;(-Qnp9P2+b(5lRcI4;T#4f{_Zh49!sm~l?X;IwWIIl=FE)&IHeBj$k(hMHM3Fe z9N&_t;87~2wdr+B{hR5FL#HSCHa8VtzGQ_xZmcO#$#;$TUGY1#^g~>u3iO|w|zzNsuLj9cYa7@ zyP9)fPdzMSzYqa~Zk+d6oeO*K*?>-~FJ< z!0K~`j^!u!cD?iejz;j{4j(Sf=}X3eV^gMvg(a*T{g*q5FZ=R%%AaZ>3Y9#Rbzkgu zEDxar9WHC&1f+$4AM_a5zH&TfXXRSepi{iWJeLJrZ{T<-1 z&wtpgC(U3_1*rQ#L{((Es1J0+JTprU9CO})6&$fhYS-~!Kk28np<-M2GOHKEd&1| z8a6RPu6o(M3B3C9H{z$dYX|qqoyY6k+4Ch1yD=-zCYQMT8oZt>)H%JP4YLfmbm!8} zlTA;k2HQi|fLiK8{_bC^Ew}lwYj5A#u?YYZ_d|;#vm7!8+Rs07_jmh|oc7c~JH#EM zQH_sA%*Xf4i@Yg^^c=dfF0@k$+yCWr@j`);4Ozl`)-cVh)xpL%oy+LJ-6rqLp~ZzT zlw9bhg!kulzDH068t9Lvh0(0oWUyim&?9i9qrGg1;7e&+Np5<|=QMyXg7o(=6=fGU zK5Wi%^fj-R#Jo0%o_h6KA#l5I=R+AIQ#ZDw+QG1*xOC$#l-~A~pAEM-{@QWSxa!V@ zHZ4C85`5{PVZXen`C5~n`FIogL5Ha0_xRLbu_Q90O`(AkgT05!7v zVkGQjT%DLsug5M(>n@Vy3rt^ zc(Bys4cgsNX*nQg0)`9Nc{eefY&)=hE|77uXZRq#+%tVo+==bQ1z{B@DcH*~;j{>V`9GACDOA$k6hV$1v)PYNx=78a>iTCmg!GH0GvkmJ0!iiq5=z4$_4=Jk+a%G1@e18Jz&zaFq`q9H%S0m8Y z#16iz%+|l75(r$$bVv{1{bUw3(^Y~Z_2-nPQ|&iMKt-W6S##~88>f%6<#%Z3Ue!d) zYIX&t9Q9 z9YqM>tyRogSO>D~a^pII!a3&rf(?fJeBE%c|)##%&z)ozrJfY-bay7{?%^YhwyKH z$#>2Le7MuMy3;Z7a-^QWKy_I4pFANH3v;60K1IG<|L<6w?!Qb@hF%q_Z$s79GBx-e`q=hA8(MsI! zt7~;$l3Hn{kZF_OqIAN`?OtlOt`fN~93r}_DvnC#2x14F#HDsxnP_di!8v~O>Qg5; z3EVmEo$4}1zudh&Y0#Q|{aE$!3mJ95$zR1l=MgDkRP*8BcoJ$|qQ9vCmr80Xikqct z(BFjSJjWr`lDD7Jf+{DKA>?PYOsehiL?5kMH}Hw#*q&KWHI*ks=nSnjd*3!fKL>z+ zdC?uz_TqK%aj8y))Xq>;6T`6(QK%Kwe*Lvqx*W0sCte@$tlW8z7qfj-Vjk@DjeaFX z4VOiCKMtt*g>l8zeTzYboNPdF?N^t7tlJHR{|n^3LJr?9e#2SLsf5Q1eVoOab7X=NchEUR?P)#-$MSU^{8@iMiR<16jYoo zhY0l8sqa=5T;n{xG_rnQVIk|rLV7UwRUIXytSDVjvJkp;E&s40u`qj1)Af=baZn@& z;yb9yN)p)^m`b+_1sxZW?OH5#<q=sw7ilR>z(He#! zAR+44`nD+=5<~=IdIltI%nFE>Xyjjo z`-?&TtJ4D**61^Png3G$zZZanJqi150X6q0(N1)W_KPYAoKFprl;k-F*<<}UeZPG1 zvUhhP`ZqeoxGGkx0nkgescz9=H*K%_4<;P!PwuTU?)+EjvA$2SNY|+}|4Gom1vTbT ztIPxm`oV=LSbdjO$VLLH!I70+cow2{)bPAUURWClu`=~50aKI=JQ41tEBZ^3U(M}q zl`kPM-B?HW!ErqV)HKoMVpDHijnq-J5y~&-X$Wt3-Mi^3W4+$m_=T#lq_2*l4OSC` z`3Om}wTU9F<47%;v8?SEy=u-S!1%Pkd}Z970K2GF z3vIH3aI+%tuTpY9T6MjUGk{5*bw=xcYOLGM?K{x@z6@d>Z6la)(4wz;4d8`gS6Te5si$AiROspyr1SUy3>#I3;PWC-?45H>PoHUDwT zBR)uq|Kbqrs^6Q4^lc7q#V=ZxkWHQwR;1BOw(?S>=585Xu?pyjLNa>we0vR>> z!vSc+jG{R?+>i{^o%Srm*ZqWwaD~7smw#H2s zhcB;vTYAo(LXs--rSb3V1|y>Ev1L(+fcd`*e~KoBRG5IF)=gJ!e)RB&X$KuzSJ@C1 zreBu0LKquBzl{dL>Y2Iz7E&tgQ#q74gfg?zoCy93#4^V)Dzu5D{8*J$O0V`i=?l8Y z#`I{_A=bZ~TD_UNBh2l+IdMw=fKFTpHd-#DY0%n4J?l7PuC#?%SF(Px` z>dM^x_v_W0#4fJdgZGq&3w#$|?k4$~MbN$gDo1moM=dbSYP?J**7k>B_OlmjHkVK% z*JR04QGd4i+!doc=TrkUAM3vAXYqZBUY{n(B<^t=47+5;N??1@UFho5a9-Vjx_{;C zns7gqzN4il1t{njk3$B*0W)vI0f<20zX^K0Jf~L*8z=Mx+=n&@P-BRXIC2@RI`m4mY!wBMyf~s>DxF7Id zchz^U;4y!rKNX%V@^iKMz3G`;<{{^-?$ICmz_oclHC_1r%mHc9*l@Bvp`Ai@Alc-b z;Snb2W&P^#j;03nPkrHT>dL&w-wh9)H}x-{{^U9>)A04+ z?i2fdE_^>CpYXr>FTEYACbx99UZ&kdF^6f!;cxGIsk*PN8L@?KqVRM`+VTRrZOKN$ zDKB<#X*`EyAT9)pw~nnf5_7-({*dZ1MY216-1l6BdL_zl+Z8*O-JBP%(WOpS6TY(* zrCO2@mNwPDVzgR+i&o=?UuH{Eyv!HTw?CDqpb0%XtNYg~@gmzg>id-Te`7nz9+tld zbVGicFmtghhCCP9o-ygFg`DRHL|o?R#y_G$0}SQgROSXmBj@Bce32(0NmVG0X7!lf#^)>NI589^dm}PWl_>1G7b{QBRe#&xmGpy*6Wi6+TFjj*p_?DA zgx?4^=|FaYJU@o?!o5DR>69uLToyPmB}p3)XA+oh)WRfJqdpi zzT8r11b{4hg?xsF#V-Yr){;e)0KVRc-cD{(Z$R%-c&y$jQ7?qvEeHXg37=Q|)|r1V zbL#szUTlT-DZEmLvBV+^_h+fB10y9`NYp5?)Y9RvaNEKU}ej=GKK=m&fY1Ynl)o#R>Z7p}c6 zf+!XPANNq--!>&|z5fSUX`1Nv1%-viVe0<1X%;iXmCyu&icgW7_0))C_%B=yxILrm zQb)c^y|MfIrBC>CPYBlw!NtRN6$dpnIJg&jCUc?cDY`Ppvo-70^BfQH z`pp9;^Fcg{mjsy0ZnNDdEH~Df`s9%}2pUy@wXqyF$Y3F_mQec=f~@|?eb~Fk#5(}} z(k08qn?I)bI})Vh76RzxTWY#}=Ms4}KcqweMojchd`Y1v3_`UQP|N!CLdH~uI&Yyy z?<>l^t&}96t(5WTG)={8+SgI-g8zsY_*cVOpMyROhE-OHb%J!2mgCtl5+PM>O$g&R zQRcM%dKj^5G_C+;eEyjrX%>4K)5{*g#n^uk5q4kP*;IsaO`DjS{Kvs2$J}0={ORVR zLU)WuaU`c|(y_Aaz9LN)_Ixc#qsvUeIl6mPA_#AoCZKAyIbEEh4271|sRC9PC-BR1 z(^g;-(igm+wCwB9M;q_TKNuHO9Mi!l;eqOdwfymFayGmQTQQvI(@4P(3S*Hc8tn#O>HZEkTNuf3LlfyTNSso~3FdQ?MoPLF6C5$OdXr)&UQ zBn_3JF;q?t)|L%}gB870S7l(`6Jz6?b?iIjWn>zZ5l^~wcY5>lb^OYsm(6%m<>^)7SgGk6fLwq5tT?puo|4x@gWrg zI&gw&866O9=J$kAd$ZjP+U%meL4++$Xkn@^bS0dmPjPIh{pyfsv0Bl$05!h@HdE%u zme5Tgtw?3IBH40LM3BcXlr*dHB)4&)V~8ap-8B1ZR2a#|VK2+quoC`@N$WOYo4JSd z(#}p7&eB#=WBtj^^3?j#dN{_5-U zSL&DKnVmw)y8FVX(~^i7%<6RmW`i(@l3KHt@zDR?wH6cn4V=uZetyD#AJI~s##TcKXM7h z2HF-`<(6+wdK`9nLK?72BQoqh8*q+5zi{ z?s~$rz`$8HTuoj^zhOGPKXA+Tcy{upN9Ylv1n9w5dgnM?GL$%7=f>zJOZWr3E1WUA z^Kh)eoCnrW$8|U>w$>QE-@Eo#NSe+ShWXBz3N(Y5vg`<{G<3&O>_iKXb7t-l_Qvv5 zv1n^+1VnNyy3#qVWnPF%aFaWdnoB&X4d}9gg+##}z5!Njv>C5T?FZU}bkxXYg>5i9 zIX%ihnxP|~t+pWa*_o$lV(sR}(dSZ6a+ife6s&$-gFdz5z1hG2`U#fbbI@3f4&3-> zKz%>^Tx~_16WR?o#2*L`>+@=j9MS{d$A(`Fm`$d66Mt!4(j-pS46Ak3KjHrnmvH=h zRhlRIjHs(=_r4M16;$&CrW2PBvi_yKwE>fUSOW<-O@E4#z@=2J-o%;e`5H`{^7K{X zA(y`WTYAJCwY|U{c*$jXyw3q zCI6wE`fG$-qGMcx-V?@G*igfyeC__^LMo={=SO-iy#RuDEkzSb_~BFK>#vzj4!@{) z8|NrsI%Bxaoxdk(?EGt*# zM##L<%0X#P94VOtN6sAJ$dsIzdt;fJd*jAj;NGI5xp0qER8m}DdcA+2slPoS3#Z8E(m5YS9}>A zB{hXYQix_$yQvA{oCcsG^S|IGodkI}?0><1nj3;J3om^>*KBW?y_$oL-`-52a(72*V5K3u>g3w3YR5SCgm&;z6 z$h|(nxzK&ZRMxd=>2E{x>ho94L|y zT`n=8-IGwY{-$_p$#d`=E@Dzm5WTa2fga8zGmSE!IMRgNw>;lF+;asHX()QNH_#Y8 zwC5ZFDj;?~<&-6ZCldT7eZ1a$^L^CKT!|d?c#yPywYNn6cHw^0b|WjoQKsA^V`=1F zPpso{g}83f2ZzIY#)=K=y8Uh#gI*3A)wxG=V(UK4NAAum7(i`?;UO^ZIeB6wvU|^Z zHCzp0;!_ztrFcrV%Tx5vOZRTQB?4^kVV3` zzHD^s-H>o#rx|g3svW&Q?Ql3i=6@e*RTyB}aAw39TSL;?T|fTlRi*%al;H51Nzt$V zAsYl~dyIj(Zl3$@dfYWT!o)10qJs(nQt3VqPQy>m29+38_Zo`rJ#x00*Kv_?r_K+a zX~Br$`22cgz;^EsKS32k1T7kGiu0o+tppO;DN)G*4{{Da`Kyh{B6f8gd*#-56YE+& z;!34YENqIzN}!!0U~)9?D(H&>fg5HNY3`=gS*8>rzI?2 z)x^r?=uoZew+cm|pR9_0k}30i_RDGaZ!@5vuDud@p(TfOlP|R>0d7I z(ghD!4ql^**L)OaWnoMNX#|_##LweB5;H9y@jV)GJf=IIxF2uFnjNj^J1+f&b{@8K zfIK{06sI<|WG44M&U9zXrV-QjBQb|v?L25D$wk#Krj8*qys`$pCyj4sC8T#+)V*hA zL3fKmv0b#&?x@KNi~zmGH%IRLZ?AJk zNY{>IlRvbYOadOsshWy>N<5VQyDQ|;o#*R6v6?)d$uY5lc`ZJ_dd5=W>{y4=>B_kr z?`5eH9>A(gw={*?$x}cA!R;M_9a_z{3rez;YPu?Bi0aj-x1vQJiwTS2AOz%!e{UjG zema`>(QJkg_0qGG1;^us?x~|+Q}z3u4TqikL0b~Xvl5esM@&zw!{Pu|fl<%0OQ{E+ zPIIJI%SRVgQ-w(j63|8B^Zc;Ih@19F4Yy!8o0upp&J!$t}=cBF0L+}%Ef^l4AO`p3_Th?aTu5sfryIv~Vv}-<(4bSnRwuDWZjy(4W8!ctXL5e-jg3MvGUar4@3brsC=XC@e{AQU=uUKmd3c2O@{O{OSwL}U^Tzfj(1v}NK54(@>yQ@zWV6$AgYnH+ACo?_^ z|K{rveSk`<<#m}&LeO|BUGpMbTnn5k9s>3vDgv?yG(8P5)7dp(_EelbLuX{qh>^Y7 zQh;CPAB!@rfDaUSQ2g`OCaRY+v=5i^WF>aXANHo`L*-%KE?WC!gM*>f-BcMkRmTEp zj-M^?A_Clu-H3~ zafh4M)iP_o$8e$}j$jF>#u2c48OYmfCL6C_Ep4?Od zLPnVz{Jw-U5JFX>E1P{ic{6@%I$DM#-5$BvEmY+rOZp%(cKC9(pnU}U=*bUv=l{`+G1Q*IA(AM*FV3VUr*ItCIwZY(*4E2lEK#m`zA2}Ch@{mRK#byD8lvm2j;x3vW2xM zHXa%8&Ir02AMX`5Q!5j;t_w@)aO`eG{6ha64ym+3BSDE>a`jb;@S7-ycYM2A>{X_loKO6754+Ca%Pb(47y^P z`!^fNynArbN#4L{o#Gf-!1LR`@^u5BqL-_9M0%x>86sd3{*dk+deBd`EGpYr2Ww2L z#`3e9u}&;)-#FdT5Owr-#pk4sHi$cRJ$7aF8b$36>-V0#7-HqmSNz4#y%Kyp03sJT zJ>ObqVRda0`fYXWy4_Ki?XSLJW07=8hS_p=6z%0|u*4R{i62sOkD^k&I#$6>UqoR( zz%r4BWcue-!n^FLmZhyP3^ig)(t(|XUUxW(-hzc3kLi1_(TScCjDn*#;SqCh?BRQA z@3Es-L!Fe(?#duML{HRg!r~ia(1oRZ~w{E(t|DBaM*hs71&p4CHS=HK{oDimN zt6-cy_cZzto+*6{58qC5GQ2iI`|Mae0qC0yN|iN!so?818*X4hyF8bHg?MexU<7*r z%(bjgGqCUJWqmUrdFWc745F<>-m%r{zO+n9y6fiNl=%W@0}%m}+}co6Y)i_ItN?jegpY2fA-&GS|8J zp^vq_O>m0MJwK&i0M ziAxZxkC|d5@aLovZ(nJPo%*O!a1KF#`@2(GV?7<|B`vZ(jZg#o^qzN_Yf)7pW-Aa* zjy8H@V2+y-mJP>@)#?+UkVGh4$X$^qqVW{gGa_7h1(%%wWpdO4NGVx`UT+!$av$C! z0``}dYMIESI-T=uC=YFqSsqq!l0xuliQP!vL3rLSjwu;A8OR4(FGCksRDw@~iKAu5 zWabc4A&rfv2ar;1F0m(?Zg?5G!=3MG4Qe+V&`iyg^5DD%_LysDQKa*i;Q4A+RB~9l z-Ev38!aA7l@S_A`pKjqs9D05|k>9(bA9wttOLF`?!eXL|~Zd7ritN6n^h57h{V3+Wov?m-)V_|t7 z73j&~_P(+jy6vmjEyRTFp4-%mMmIK-QceJxl9c8_DPM}>KsoLW`M*nT*$#>|_}ppS zhrxtz*|L}!dwMS?)l2yW7v1vJeb>c%NnxzqA0v329}G3GnSa;S^1Loz>{rEjNNSA% z|7wZe30E3V8=ZpRjG#RLIXgQFwgTxJ`ah3okUuh3^#`;GuS$dPNdZSG`jx>SKX3hQ zRT+QFmHpg4L*gHiJL~w~$<*)}LXc2;4vMHrF>`gG@4Y_X5LhIuV4A+YC^T`I=EqWR zc1(+RS&RmvuAWu0=S5b!tKNMW@f~UNF}#pDagtQ}FM+3f+dwclTM0ZrFr-tMukE%i z6f~-B@pessZKW+mgcGh|9m+bTAgr$jqS-OXfb0B=OCcqX3Yn(8Jn{g*(j0zqMw#dp zF11B_^Lr2mMNdM#k3O2Sm%78{a#nfnlH-nU%`rqc$lW7Dw@~$uvZQ zd$^2}jmC)#??;8m@#t~k#SiOV9KQd5n}v>xNs&&~_{}Vi0di`=Dr%L4evn zqq;bG?pp0$@BKX{!~wid`@Ssf8Rm^3%f41bXWb|5o_^ZFQ)$sIU~8uvq?C%`XDX#m zp8?bxkXj0T%)GSnAN?6m^C&%UvDVGWb^w}+AG!rvRffR57o$py&mHD{YkU&nOWtjhQvV`coz!Xx(%fNe zrZdZIVN^80NYSz*Cvo>0YZAVzJFrAdYF@X7v%y)EE@nLI1pSc_UZPMWCCAOJRO8O{ zRE^32EPVcw0JE9H>taC@@rBXyk=WIdYkvxs6G&-Qg@y;}bzEBQo_P@Ugo3?z*F0>T z{qUG#!yLsw742xJ;`@5~%l}&Zv=zv_9$>wqnXqD71{RxAFTwAL9dK=2mERW`3_!00 z+5+5%ZRV%owIQ+YvmGvl>?n^|Gp3aO>w1OFy{t?g`jWW$1Yd(&b4|=`lmb%qgG6mm zN8B3nH>I8XLwg#AAEkfVr&>r2x0k3G*QADnIr)*gZ^~?5g_4M;yKB-B7%YJKmDg$S z0{2c&VI*6A8g%6gKR_)(Et{4*JtYd^2N5L;d2E^3DNkMo}(#w{&`pzb5N_zu*U@#?C-0p05d50;>F&5 zE>(3HNY4HJ1fYGqX(}pP!fjq2vjPW6^%>Qyyv{A$u?Ee47o@%bAzZPHyaa@g_y1no zj+(0f0XYp6suVQLVqdKGL5=*vpEg zDPCFEmo8tj!w;28=nF|qw=M^gSx5Y#V`~no{rEbByKur_gaX<fVkt!@596YQs5h zKXxr6IF2am*Kv!Z{3AWv(g!XlsiowidIvJw%AWMdob()oNp=g;1<6NTw0r%g*S{fC zQ9MZ|1kE~YtRnG`mxE7<`nXHhMe&ly+d{-B?4c%Dre%X2FQ0lf4^PxSYOeGz0{BGd z*{!RZ0M`UU<6lqA0fAKP@9qYVWu%zMZgj|nisLqKCtKhO7%i`bTe3P_lKkMCz8Vma z8}AWOq*=hf<+Ity+FOF3eH<^4{>VO_W^2wiS$na3MGu*e_imHNi+Rs82}^4^kAJBX zh=1PH>6svPmyrb|WT!W?bhf{Dd}E)if-48Nfc|YQ``(}1uDxz_sCQXRV`l(D5({f& z%F>I;u8yesSAmOsdCe0(?Q5U?lOZT(8cS8~<@q{#2RWvjq5vD0_O@K+2LTiol7(g$ zu3bPieZ2zpsTj`Q=F^#9tzFseY0PjitS#phG(u;aM(9Ya>sTSffU^5Cvq)*wSM_YN z>z@}Z{HzQjYp>JF$A0EIpv{NEl9H%0`HJFUop+GxxKS)w|1`O>f;c3N43Ai~K<8A~ z_l|ekRxsVBKL`CWIz7@>f4jg7FML!S#oG$S<~;=rS;4_N^qbI#`ass-SIuzQFHuI7w*>bxGsefeo@$WKK$W^Zb}m?= zS3dwhv$v|EcHrSWG@-U6(+b(Fj)s;LO37kyMfMj=_2Yv2I#AfxGUL<8Tvf6(sbjY3Z&>3v4-1BebRe-$F2ImKeOyd2Y;7!oy=CX2oSugI7A|>;_G@-#gx@dhYv%Z@`Cx}xSKR%hiCGU=ni{ndviBV>>olKt`{W-^ zBr{3Jm+-=dg?`5@v((r76lc0ng9}`wS`iUuggpO+fJ?jY76t*keOp01N?SVdB|MB= z=LOw3nT}~g{yXd-r_G~_uCtiM0IZ>?&kdH|9u({$mwk&%T6v)T;q(oCHDgaheYX~O zaX0%fp?Tu3l`MO{47;gjfnv0xWnr^w7B=c@VTPALH&K6Tr_e+x3BkB!VNoe_81s0z ztx{Ii2tz3e{7{}pcBtaUKVKwO1w+KCsK){9D8w@`0=}KCL^!nVE-Xo;a=#_`eWNxe_m<3D_affR<3D^oX8s~MZY%96RBUF%za+L z*`RHQMu!d#yuxEbn5v2riwq!&C_2^jqFSzf6}YMs_M-6>h9Qc-}RR2y3NCu=Y zt+Dr}m2<}7ayN=NRXPEVf90G%(JJf(!eG+)KL^r3$s0baAGmnSww`P^OBz5~1w1r{>bulPq zsl8Rk#n4l`TSybjP4()^16YcMi0^Mb_Gg8S4jSI`XxkAggygFe^C1clzdqK4Fn9s2 z_3R>3bme*Ql3C*~b~Akm#>WKgsN3ddt&d*`STDRnyaW)ubhCS|m5pRsNIH&vL`xJf zdmda33qu3#69rDRs~ODcl@3vzpw-AHL%KW72#8vZqQkZWS9@1T#R_E2oc^P5eEf$(=?EBmguY`gtn zo^x>7aM(4&g{IMJ&x*DAoZh-joKLyow>SMirOtcOq92$dN10MU%=XjW6Ai$%pP4RS zG`B6rVfvrv11_OemKV-QtGW)4_=H<@5?U9^dLhXtv1=!PnBd=q<pRpx0(P3s6B} zPrkx@RplD7PNpj-&?apOv~`L8>Oc=w*;EGccKIvmVn$g+{GmXlug}A9o{n&Iu*9i|h`qsF1_JgJi?k(i!*Rmla z`VzS!z)Gpkrt)1|=`ze{H%vDPua1~CFDi!pQri?jkRY^1mDcBG#K0rwFyztrA!DS$ zXFJdAC^zv#tMl(wmNf~c4LCcG8SEfVZu*r3-*G-KWVa}+8oX@hF^!R9D4p6B7{3w* zFLQ$$+@6gdxpuE+ls;PSnmZNOVH5dkC;db=D z%S@y264nt%Ae;BpBf+}=gzHt$869MO#kcW!+m$@RoXcmg*QIh5DYVEqo~o{-Vw2!^t z7g!G8(o$3)%k4&1uKnVkvnGr-7Ii}#{EBe7)CnFVNWau%oZ#CE-i9fE<@+n5!Wh)v zjUZ;p>uLg*Dt={lAic7R!3aP;nV&S>mOTy&l=6wQ6(VfO!$R2Ds3y(YBI{eJ1k>hG z=^)CVxzyFisg1>x-tUW9)DLtd>3jS&i+QJz^ZWBPw=6Z0F7?AMzw#!TOO1I0ItV=1 z^HvC_%jmBUf1}KSX~UJH@YmB^90Pm-tY}!UQ4MDi>*DoP|IqHif?n7E|tH+#j*?}ZWn(W7x#~3v`)Bos9h04-G zg1pD0y*E#ENL8E51{ZtdWN7KZ5)GMoX$k{#m1{;`wC@&=*F}*tdP=)rndCnDpP|_t zcUpQ*GBu=mB94h74A~AlDGx&B1}L#Y1>N6-h66y6wPXUQWeDIRS-dr)S6JyaV0$7k z{(V}`Ol@gf^vdzjdHG*)2I>g6%$#_Gj?5+A-l%XZKN;lpu$EVqe|8P+AG*Ko$xHLO zi}Re%sg3{Ge7q?zj=)LHc>vDWEJ$b`+?t4UpeRuiQ1P}~SF4SDdv97qR&v6Ig^N1i z&7&D`CnJ3JkhHzC@liqd!#IJWF}AVQ|Dm8SlB@qbZE*crz83FlrYz5`gKAH@zwc0B z5?UEEboFp6rg8^(uG{{;NlvHNbV%e~E2Uhr7-z zCoYCtcNAx+zWExB58E|oFR94s1RveQWNFcKg2cS~^x)0U(5vhbTYL>XFBNDz7?396 z!P18;*xme!7SloXt~ijCUtk(_N)w@X4TM{fJVr?h6()?*9)}w{pWMS(L<1-Z$!aT1 zlt%$K!v5>#Ry*!Zby45fTXBdxP6P3LRd99z>Z#6ZcZM)T@S^CrdMl+=rHH5;w$mj` z3eFL<>F^@jSh3G5|5BlONxJ;{Ga8&)ZFI>pHtnOCl!MK0zMYo;ej5rd4%4l}Z8ezM z3!U44SV}VQBf5>Fumq`RF4!NTg7Y+bpKa~+#VZ>2BgMfP#3*-lyt)j9gTcdT&@kW; zCZNWZ$~paXO5w5*Mp?aRu=^!HCl6;;^To}i#rx?lQh@maRH{Q9 z;=ez_o#Z4x)#PsfT^G7fK%#j)xar* z8~;=>Gc&QVDUAW)$mD{bqcGXpN4@@@E+nHZ!FwL{F4S|~yPaEQTM^1>!f*O#_H#I9 zr{6`h{^Mgfw}|sSUifR&jd~bzc(vQWYg?t)pxeKy#V};c`jA*TZ`FPxib5|?ZgJ3V z8Lr54!S0@1&viWXrm|HCorvRx5{|>p0TCGRAOabzn%yGF?U{4wfQ zD2PORw0Pkx7Vd)8YE}wL zOM7q5&=(S5?wiFbCMc2fPKi*2f*jbdImo9lYbwnA0>4SElN9vBAW5`}sA~^*!h4L4 zM?S=qf-K6oXv6jYN=NMc@8?eObXextKhpC<)A+{wM@ZV;Mn%aZM$}BcdYNNp2bQ9D zC_0tN?Xw!`k$H>H2758=;(zC=zD%EQN>*M-5l&+oE`4fmZ?1cOy3#^8o}_t8YHOK; za;sO;B^G~mN93Mm4h%(~%ahm`0++K&kY;gD!f%Q0X0LCVPpV55M?Bh1pWfK&Z{mUp zNM-I>u4R8p*cQ}U8cn)4N=yJd8F-V3lOa|B0JylteX3Hj?`f}lAx}$mlJHPak#K<} zZZ9~zkg+5g_suFiZtdEtF?FSLFJhXx#5kpf;uzn3Snxqp6*#5$b427JX>9~PT2^_v zdGz-G5T#E0d{f^sWbFx24;B)8+uu1>y^k=1`-dN9?ot&YSDgc0v(FHjKFn=ov%=hqM0#H2S@pS2 zz1}c_ck)%=ZIIT-CP(D!q=vHWTCleE-a9m2s-ITE@KXVK z5IH2ad}Wm;_A;`e?6X0Fh7}{{6RVZ`shvn@0%0vWX;VUbe@>-y(je-cK>G&pnu^7A zd^H$JO;J1Ry4TX_==2pby(L>SbeEsOI1{Rnnh|`DYrBG;Lb~28Z?te0wA(qc`+>tO z+v0M7lil!b1k4xio});tH1j8W)u?F&L;j44(uq3Dq6UAgUA{AITSB3>^*dhBb1tJ3 zR{u-vj4PAFDJm1E{s=e>bA>6<8FlCDvkkCA0bpcdya97+18Vmk^(i~^n}vM$Piz0B z;2Jt(|J~V<`L_`s?vwn2zS_;~&Xgpi1kr9{t9kV0uv${Z;VrCm3r9ybAJ4&s^Y1-g zN^wqCpASx@wmjmH+;@h7TsIy4W_FF;`^ z5X&L`%}Qm2BM3OzFA`K9h|$2c@#6CQHQ9e^KpBeJMPZ(R!jd;dsYMMf#(c=Kf0@#Z zoKxO0rsH3viFioeM5vX<^FJ0tDMl_^@Y49%3R>Okl)W>GXw!}n^=5i)BhHwITNP70X ziW&3*4xK!5@63^D(1<9RqXO6;5vI#q5P*xfxF<82_D#MwlT(cA7jCm zK(F*L{q0Dr!z4kGJj-u1@#I%DLLvI5pHou_*9SX_*t~&I#VT4}@vL87J=8nDthu}% zc@P*upA6t776AspcfPwwwqf!kp38Q&Vpq*ppRn?e=b_&wWos@W&6X*l<7uvkOQWt} zC)g+6Xa{ajifJx*_qk5Hl{OAAUWl(b^uvUE==9!7em?%7-<)m8((Zmh7Qdj~V+@r< z|7u@L+hOf^?w-KTct0j2p%K3;6KJ+%t)%gyoh6WsTE6=#>pm?eQ%M`m$s29Vc$2(@ z;rXeT``@@x&q6=Ml1H$^?waclOjSagipBwb{nFb$4vi%tR*-!kK-AuE03zzq7jPe> zKhvpT&W#ddg+^uwF0Hiiw5ufIl}l{aMAdjrRMXbgl7J*#E>oH&mCn{sqrpqWl+w@P#{MO0)V<1*2y@)CFp=>w zuG!2y%J{WuNj=M(YWyI-(z3nMK59zu(S0p_aN%f%Vl+Q#}de+#xn`Bx3GPO6`woyzq$cYZgqLOZ@ zALLkMi_aTm5wd~&ryKhEOAcfU$mWZ^q{jONH}22a0iM+;f!hql`9hZ&19<-MmbOpJ zt-FF*g3WHp!7cXiCEsH{_R59BSsVMLx;o3ouxjg&Ulz|Yw!0RK(vQx44V zCGAb9d;6esTiN6SNmM1?ombe}#Ka`SOW);*!>6Que~wDk#^j3v$~^9$=KlZt)6Pys~_&8bPZ~!9#p5HpdfoZ7>q}Sw;PWQOI6C4PU6(k z%Y>%66%^pu$};-9gMi2AmkX!;d#*)kXr)_oL;b{)%L{A@eePFi;v5yvzNgvWo+8QI z1U7_07Qb_0rFWM4Gn_uc2&zJB9;XQ)Xj|>u#u4Z8bv|tVpnK#9!TJ)T94K%tT;R^$ zsCDx^MrH~7x^uwsjiTsdB_JU8XEu~lYLn~LG019vQ=}V_M$5T#*mPdTc=_DCu)>e# zkE~qv*4$u+n)RH+>ra%%Pj#S>#Habo4PqA7-E=Rrtt&rAAI}mv%^srLtEdrD)!?O? zD!Q>dxL0`k%4dw9+0tiBbiD22Kbx$9(4hNPgZC*P+2^Q~A*gHOUaubX8qV~#!0BHb z3RC@z3-&6>qvH73`S+g`eAtVB&c*Uu_$1sfP8(uvRc%P0`(g{C zEo%))EvvEZu%PGMzWH{SS-Ph7sI@ohBc|@$is!KS9Q`9y(KOQW{_XJ}Xxp_Lq|#29 z@rn2^)b?e5S-k8Ng#SP+Sn6nT+)-#0#!7txlHDg>wO{l(XSO^Yw=r6dZfPBT=2qY9 zeHMIXU-_qm>l~}TqcrB9Dxd4K$Hm(%pJl%7+=+HrN?aN9akf+&54SCf+urZGa)X%k zO=7zrm#CIlFEYNE^vKGw9&PkS@EX5HSL9F9F#6%c|AeNmRHk3v!ft@4c|L;HZKa25 z?H+K!<1ER|B1}u!I8i2lUKBBIp7?szPYvFd5n@R9!m83yZcot)1_&7k#vgZ3i;9s{?F5rm4v#ai^F z5B;CfgP6(1(#pxV{s&IiZhvV`D32Dz$=oEYU9na?d-z0c+Q8+6~2obuC#o0+MR(NVC;#PNigpyQ~@Dzc}Div%moZYIAD6lOFim7;U8DuISmxCj|OuG8c(aYs!iF&)6enee;5Hb$BgH^oN%|b8-2YJ6}1s%X##(xukkq<_0rBA-ZUF%tWb&v zj&s}luO!$h{XGSu>*;9^=3a^5Vjwdri`&a(74}HGhxWp|4^qP{2j4NsGOo!#M;>(P z1X;obsbL8A>k`?Y?%!Ug|EIaC1KUop0*dY@ttiZyNIfy_v_UTzZj_pjl&sNO6)3kd z^9xBlk1c?AWFpwb)Ojfxptn1!$#{X?<$&FxOwdZBaAt~Tj+!A|3Xu&hU>(!YP5|xO zT|gX~f>~|zTc>RxD zR1Ugm@yg~u<)AY@Uo&=#>1njE$M6%mY9E8a;Py-$``b81gbik@0Zpt(b5Z>?h+w#1c(z#gu?a^Q4^WLWyOx0s&m!Vhp))G*`9Vq3z^B; z?7(>YW=?=djjvrQD&9nDe%wlgzV5`DB2TEOrw@RDWxXHR&U&!5St2FVw#{YZrM%#v z)7Z!0ztN`mC9VxQh76Rn%e?=tt z$0f-JT1k@={c~TWtUJIYsqgJ9=LCZv-AVBMks;vu9e;msxy=?mS5m#xyeDo*j0>@y z5+8fLD-LXF)+D6_i^U(w)m0Hn8^yH*UOo7Hg`Xs4A%xvihC0B%q4pK9kF%H&?jMqM z;hLo_Y1NY%zU{HhYiNA{X=BFn3njj6wBK^998FqTqget~&&JPMIPX__F3;MpW&;y4 zFLPxBxjSTfAH=?r()E6cWhYekomQKxO>x!^Rv@x@iZ3nIsZVV?2b?+(lON>gs@bg<;oXrRUNUS{Z|SxgC&uyd}{GDal?2MZa|GV zfiV6PFPPQr@z}FV=p1bPKl%G#Ws|+`XxvTNu!U8X*9O@S*=L({yC6x_0SRf zwdz*)JgXpa#>dR&i0~(&60#7u)Gy(B-J)ntP9&wy9776u;j4-!p5ujism05)tJmI*M~JITMO>oKt{~xw3%t-Ai0813iIcWkXEjqr zVehh^E~c5dSQP+_fK$G+i5{w)$97Kh(gIik9sVq=#^x2Gy@ARQ22k$GJsBPYo4Q9h zPi=TSN;BiFvD;?BzPsVLYFcSwg8i7B9DLI0g-!%l1KL;bEBkIJOQb ziWZvB%Zwb)gv3Kk++<(}=D^w6V322e7<}8;nJ&H#sgy)8ue=+F1&&Vw*+Nu#s{08-uP9*oqfyaeyeg0qJ0mtVQ`cKr*bPi z;sZXy0u%U?5`F^$R!^nFTxl2h56k0PyAFVALVms!#x!7U+NKVEhl-d`FG&ZSxXv{|Vl2twscM?z-vQJB>6{(4 z%K11Q9P(TLzHu>|A`i*q{<&b3_K*|9Vt%rL)!^J z$0$L-FlC1@{_9|F`cAJx@=8L}>{;jw*m&`_kwh1vAfwaC%{9yjI$qZa^|VVy`d@I1 z>68h2GN6`RHGfx}TWfk|G#^_seP#PKLGkW!4rP6HJHQW=!2=h-Bni$NVog>8xb>kO z_@aBLv!jcjV-VS!8T2bz0e(34?*V#>vBQcIfXSrn*zTYjzql1n0hX z8oYdWF?mzR6wxL3ga4@s!Om0P+b&U~qfo}?ez3$HnU+R_$0iIX${b#n{w(78bSjwqPtOE|`DdQd-s?X9Rv{hbxs28G+Tt5{8G&m!%0C5|9ZeAYPP zq#ci1dHSj)XZJ>^Ty5gI%bVEyh`IspITqeQwXra2an&@28t5}U7|U2C5A$SE zn>?DknEk+FN+v2>A2>W!s?qlqR@xNo;wPH~F4cxvaxCh=|fg>w~u+A^Coz(bVa1Td^NA?%%#*RU5Dx@I2RVmhpo0?k8(LMI_>%!akYssEq}JXNf@& z1iu%vFs>3b?^l5-EN2Msnp{^kcWV*Phg^e{bpKbWwCoz^j?acLcdR|vlm!%~$WERo z)hd6BJPviocHutp%kP0*Cg70^x;3{iE_W8@dD4|l6;zl=XRV#^ja)Q&P<{a< zg9D#QyfMwEm>4#$f$~mmQt?B>j6AL|K0Es}&wtywkoCTxRX^;zDtC|g{MC-cOXuSY z)y08R=8QC)?^#KRF?xj$5LrgL=D|!!`zg*f;#!bG$eeMhcv@#s-nw|TWLhVn1OdEr zScQ5e(nVOTz0&7#)vWR@!+2CxuvCz0vrxa_q&;&p$px?5%G1h~-h@3^DHiH2 zC0nM+7>EqZe6gCcfxKdr7V;IFuEKYf~4{Oy)G?~==)f&u_ttC5`ea-6GUqG>HN z7ce+@C}%KMVsljGX&(TQmM8>DEM7TvhDVV{Eq#K*#|uq^H?TfhP$&`>Vt(j8>OhSd zeacTDT|dqhMnB@2y`ZY9S|6o$bzQ6S^1!JdA~dA-4LN; zCCY8f7(r@vSq|E|e93+k9q_<2=0e#Z?|zF&ynXNOo-kP)#5p*ya{kJDp`T7`xt%c> z^v%Jen;H^=PVXp?qD9kZs)8lBXa1bqHIs-@`OC~iC^Z8IFV_}qtER3Bo(Ekwy5kk3 zcH`379iG8=#?@vGRX>E>h?IqI-@$)1KIP&T>iW=;^)33W&`+OI(eg%NXqvRd@Rh&+EbuG$ zLu-{$WdRiW#^cGj?w_gpTmL+|nNHFd9{l3eZmGcaaJa1bV)A>6b2ZIsT&(;7rTsbA zINQof?UPU??ydAxgSk_d2QHS}?r&t-I`8msRb?fT)fh$C9BlB$}l z&HXUuwDryI`V*kVg4_+UPgM#}*!WC$`eB|zxCgCvCB zLJjrC-@5O6KfU+<12=2sL)JMtbR z4%e#B#Mpx^N!iSu=4I%16`5dwT}8cM!Nu>-5$%h`ect^L#!I+-qE*pQT4y<9I|_h27k;lEeYPnP_BoT4<6r zAE_96~IJzj7s|MA9c{=jESg96g3u{s$M_zw#d^VO^1sU#7^*FNzYdt&$Bj_)AhgK$?% z@|MpEvROjm!82kI4w1u6cEM0O!21AnZZaaso!d%w+;MJCF=jdQ=rI)?j)kGXTvM15 zT=V@2`>cMPz?ex>r3`jDhva_pLmYcuYe}ay8N{JY)7%`Tdggfm-EloEqtxIhWwn$? zNtp{4WAqbgs^c*^$M<@q&+vf$M1QsVBFXWek8OK?eomtnC;SosVJ2bI5Q%gzi~Y&3 zx8t?o_G85SFV=yj+hkU%=^MhL48xwzO*gm*e(?98JyoO|jAnSxq^75NWUa6}UNAF$ zHl!5+QeR}XFa*}9+9BNy!)Sz6Ilo^bdXmcs%Ycb-aUWDvRK^sXk3Vb#do+9@r;y&U zxpsE1RpmX|?um;iq03RC5Ckv#Nvi(Ofu=m`@Cz-qb0JuaOcjQfNiqM+xy{Snza~K* zcHpS!#@+<55hi;<*J;%jl-%7O86vWC_RRtLb5qmj_E(ZgmIkrltM5jVj@JrQg3d3% zHov&G40Xpvyg=zyQGat@>JvkBl*bBq*-ydZi>g5Qk;?r~JjhtX09kt-)vPMhKz5{) zC?2`Q`Qa+VcN8^2a-TBvZKI7r$!tr7Kt2e%f+akT@LxWBI2>VjBgMq?{Xbtq@&Ab^ z2|qga|BzWC{YdNPCAeFKfMAifuL_Kr_)h5eDHDm}mZmO>5OtJMQwhR30+d)XjBTzn zh4=*oYtU~51qJnqJ!24=eKj@ngXpN?tE@>Duillt$}h2JBrl524}Zn(S8Nz2SyQ19 zb<)bbVQSaTMGlfzh5Z1L=~kbMwefg*Des;)v6{rkf=rR&Z50jQ&~3igDdA6gf|A_K zTFQXqEmp+F1Z*DcxAJ{jw|`75fdX@i1cQ>7o2!K!Bs;&x{)eX6^rK1;cGq z%JfcgX&(pZtZcwu<7LpPB^lbG4J27<_|D0W-?kP|?XCK1 zUc@LEa5irlXXM;?%B18Ap3N)YO|A!Pj)Gz(vh+tH0^Ie1+@k}$yGF74i$IX8e8_{s zWrsL~>NiRf@EGr)ySw{Du@2uqu{F-#mr3_v60n8bUlJN}E8F39TK%S7O_Cpe%xz$sD$59be1FAOhEZbk%bNHHB3THQsg0K>l!+@H`h9LRVv5uSGTk6 z;l?`d%4mQfHV_{184~>$?XTkdT!-U5qqhLO`iDYa%gG$Ji`jJK%Bu-K&65Y1nzrON z{#2{iQTx4(qYckRKhY~CfF#tGwP`Ub<3g{9a~3RhS2m;_n%5{057AT3^OJ3QYENmF z`X|vEkWvLB&8~m^Z@|oj@v}x z$TC5ZQZ?Hzk2VZ@2x#UEVQ*A-8rYw+dG$RqVohf&Z)*egqaP8)RjR+&qBDt0n|W)z z+qh$&VHCvIIu>xnpBg1k_hKBUYfNgs%YK7%+VHtM zb<5S~TnQY-n7GX(Q@YC|M6AMB{D!_jdcHWN;3oV0oI{WS$%9j}2>E5Fn~%VO~7h;C`2qA_+Z!aBu-w$mv+ zfith~Q9~y=s9(;+$>qVKhZOuMAotjuutW}u)FAh4nhQaTtR_lfv+NFmln`FG^_^?y zRF1AEQtO0+&0;_OJCx{)t4`Ky37%tP9*v)^6P;$ie7>Tdu&0cYlB?5y7tX{hRnB(V zhJ_1hWzy;K@n-NgMudefi_B8m*(tA?96EXonQqKPND@l+J=hu4iX`Ra>6T~?k9&|Q zIJWtUB$m_gxoomvoU6*5E(LzE|EZj0A+uV@8y{hrMOo#zV4^-edW?jck>)-QhQE!c z08XuQSzyA07_>8KpjMMY+a!V#iBc8lQX>WTy2(Z9iuV`uGJoMUw-kS^THEe@aAoTI z5|l=1r@Pc)hHHPeJ;~<0!#WY5;@;kDCQEpPM>A)?ikzgd-$kN_y)Wg=3@9ZF&lQ0drX&JPSkA2sxxSlZ zD8ZXCldXc58F1aU9GnzM4(7X>_Amk%Id0Yhz>9)qRWq*B1?$-+LMli5zv2-;E2Eok z8cvM>i4J96VSFW0MK>13<@?Q7EQBPfqhd8u$N@YMJ#=f50X@gweY<@AKq_-V`XBdp zdtn-E`+yh#nA?H|+gh+W5c(TRa6P&Tu2<(@yURy7_io2bN?=Bs%?9h$7B(9mZzw+B z@ml}hl2K@bDMTdA1QWf=5M%ooa$ghv!grdaspQyOgNE!dn0C_LX@T^>!E$rpaj}nm=>+*e;a`(z-zZZk*G;u|!xQh0JuLH{pq``RJ?A;8zo#qC@BsUFD zt~^|h*XIh1Y4sMZ>Ofb-)#k8AkVN8*52k#|B11YN(0x%FNqq{Daa_%rjcy8X{Tuf) zFsndbVDve*6I5sw79~UcR(_dRQb0%WFE+2ds+Ow>!sECO&XE%y5$$48|AN02OLX9q z>rtpbQ?|PWQf?UYQ?9FEa$fJPlM8ZRdjR7f>f+BYW&h(&Md5Wyl(|q&7i<)PCi`4q zp2au8pRSCVpUW$AsE(i$u%VKCKQn(*A&4Aj`>;iV>PBiEAM4^D>~y@M&5Z74GuBvf zY=eH26hDd}u7Npd#TnIwysV;?><=tIe#rM}qE2(5uP9i`tY8rjh>#m9nLM_;E-awE z#J-}a2w0E-E~~P}i8c&%-7og%&P<^OWl@6~`-H^=h{b(b|1F@YFVJZ)Sf#Jn#tt(M zTr^+#p*7X;Hr=Qk(i8zviH7NXzRV+wkea=;i}bomTE@TpK`hFfv51R*^!0mS=1Bcp z_LV#ZMm~HeLpwwngO5?>Vav)YdY_Bt8XQjN)YTWulCUo#po$&-3o-)DDpEjBL!MBA z7a;xo8W~mGIT?UKOF0|SL=h?yd)F={`kQB@Xc;CuHaZ#vPH&%t0o$bDz8piHySP@W z?pk3{(Gz-|WB{Z}Ia%mHCnb1~6FkgX zhwI@rPar!{R`7gm<;R@(K?4HWaxxN&E!Pv*UGmzmCF@M5J5^{DtJ`;`R$z+{+h-66 zq!67)kGY=(gGpQ{Pq3(KWrp`r;G@BCP%GbClC!V?4_)FgcFDq7#l;z@0kQj%Rjnb@ z#yojA3Bt7&&wVT;)lg&|y?%A%@+0_bD<6}rPJ7_!v4xfn9YmiT^W`SR9BK}P5ITk1 z%^ek)GyW4|y_ZJSlHFkE0tFb%b+V_*Sd+#<7A8SG>OTj_5+fvIlTJ*9V#Nf;YPJD?q-BKm-)I`;JGSc;q zK2kE@^>>g|L2|4ZV51_b;W7}08>ZE%fe(AXglqQ@-|VYDJ>Pcl`7<`(s47*ha2||4 z1;C(>cM`}hVpI-KQ8US!vXX-92f63ggbHrFiEP4}`_wqrNz{g+8ZW7R24ifmhhk-M z&)t%}HMDnSC_wg`~X164~9+kHV7A~U)+dvlnn}!a?yq|s>=4Kw3Qv!mK`=D zCxxL6jOw*qWqL^e;?yP(mXO7aWZ2ja7Jdi#0*ih!X_aP=XU`Pb99;1?n$zAs5F9Kv zcOwR>n@$+cm#Ql@jDH>*!9_^IljEzEah8Q_L<*BYc5K>03wEPDF6&&u? zsZ$BA@!b|Sq!Ll4dYb~48Z)UVjYL4A|ES$6_UVo|U-mD3A>~)$6eYt9CWEbnC@`u# zx|G9Pm@%K;$UM%QFRAIp0*%KV6`>5hEOopL8UaoA?+0K-=G;*~eC>HN>g2^K`2MIA zcIUqKije+Waja*u@Tm8R*6*h6N0dzxy!(>NEnosr`ZJst<`eGyS{cG686J$V7M{?m zvK$qI;8^-E-4dmnRmBizkdey~tii2C#N=9ujU=-s5+GVLf44tXwSadiF^=n%q--_> zUTM)I=QU*KYrk8EF_n@>?rKGdv|MiVJm+!hQ+L)Xa640aPPQ8AYB(RW7fwX1|2IVqo z_B$!O>`4$$Lp#s^{t6MX*VCELJB+bY$>3t8D1T$l>1NUcd*h&+s6u0%SSMpd1GT22 zSExSTcPIEq@@RPZYC1jN#(CHIcoQ4XVL=1Nuf7S==RBN37Hh8z*fJQcjTJ_6TE(8P zzrqC>9#4z0s2K{&(_<$X`DPWrnMQxMDg#em|e8a$ULtgXjgI<`eUu0a!VbN8>K}sJl0ge}^ zV!Sq3gq87Y+kfX<6kj5Ku)k7=;!=jPMEwnth>$uuU4H@#u>00q`JeBrt)MdjFzc(- zJ2{xDNTk5`0ga67=LWcOKKH#U}@|V=4`vJr4_s1O2r<7+~N^|e&UhGw7T4Rr5KNa0X4_WxlZO-(%0-xuAzFmN^UAtdAgZ@u(5D-FfOfGw$7&=Pk@6}Frj zH-CZo640$axF8&*I8)CS1}!;$j>TS&D|c#Q0Q?QaZRzAMSDhkd9yeLmNFnhPhmDAv)X@y**Kps@v$#k(Q=C*_wClEw$tfLb6lG^LSGQX$U1xMsL+q}| zVRg+Ytuu8V43rzJU#+;LBH`Hh%HZ{rAdbcyM0ExQ^co|-a`y$+y}hoASRrpeyGnPcOy%ql~JQ^R&*S`=_X$?dQ zug2q%7#OB5w2iVoWAqSl|0_pjw7I_BHc_?D6p5vapW2aZ2!rUs@);(&Z|Sc!JCv?u z=25kHVbHMce`(!Bcd^#Tla2?}9vuUZ`D;{C2vS$xZ@&9#Uguf|lrB}RHOc=os-W#5 zT|k3#3a0T$s|g`xR!(_)_KNImA%cs9%7ECuqJQACKlL@ER>_s&v4g>Lr+D<)b0w7SAuJT1qG_i_X+n&>{u>~ zoU+UEp@xqE2PFNjlK>h=lLN7Tt~X*bv2@}E{ktw=iTOtlQZW^&D$1C#*Fnzqp16SZ zwWyClVtIi);Gpd>)(r{Ljd%2O|KZv9?^g8%3wGc`X1@!WTng}By%*=6cMppdk(nn? z50+A9Wmo%16_;FpmK`dwlNI(zeCL%|$bB7cgEupd)T@0wk0k!T^7qc@ZxS<;4D7o_ z3Lo{1^3~8XRBQ-Fc{+4Oces0xVms_VwDKttgmvLd3;QIog*6RiN<&8r#nhb(IfYB8 z)TRx4VsIiWW$CZhm@LsocZ>=qC2VSoG8uC?3SmT7-+hsKxOpWJt)(YF;i~qj*6VN2XXvk{y_^{{l^}FM(qm;26o9$^@@V&QBl}-bG#4sST@uh}oeSVJ zeOPep;JAu|CvEkafWVTWfG({0~B_ui4G`nt+0VE=6xvqhBuOo%YTy|7cjF8gDH=EJ*ZML5(JPvK(hN^QJ$Mkw$f z#5B;FBu?ZF$aoPe)|?g8fEY;A7-;yZ7l7>uYv?U5Wk2%zefeGNUJGSHjf+H(_01Zu z&t7wzSxFyz1$ZO(&nwe&d;Y81Qc!=jB=D^l|0)~6ah(BD-(q|l?4jXdI@rJ%N)*x- zD2v9nz9%_16fpvnZl3%I{11i)3n)G$VAAgk(WT@#kt;A5`8G89`p%W1WbpNAG zIKHY`uKS7iN1NzKI;-dz`fQtdjathYX5Q5HRFQtaPci)NFJJDZW^Y#m6YS3A?Df8S zkhjNt9ge{qWAFvb+V>DZ{|*3N6C(KHEI>$&5whMZxWQNq2@~SCxHV5d$MenS2kutq z{nWZ1gDl{Z&>)yWttxtIQZs?&5O%Eu!K@St)|`#%0hWxJ4^1jZ!Ij+>_0J>KzD$IA zzH>qsm+xtnKPw_oYu^7sDQZ4(>{_zpOXcF>uaOADNni?A_%b*+_)XFSczZgTC0$E0 z_^s)(;sH>g2Ci?i_+`(dHNkm$9&lBQNzdNfiJYvWE5feLM0YDQ|3KFjacoz-p7v;-tIpk1^*sVjhZH9t78jWxY~|0 zjTMNJ&BT@)xFea$;c?^MH6VC)*m)h4RdU$m9v+#wDgG2xDYI4T5)d@5B*_k-R_7mFvJC$Fp)!P+eJv}WEiWR}zMe~}pr zzWhbdhWhPmEtSY%q$Z__g*wT5*HTlBMqRLF43LF7{D!M!b1rVdtuIQiDe^NNfe06k zVLAG19Cp#3J^+UWd!p_AfahY%?ae<50UcUipMm>O?7v>cvOq6dDL%w=e7O#Ktd*E0 zwVwA_EiRg;QVFr2*hdzV)X?r0QG5=P8npIJqs@*Wb(jfgGFuBFyK&MSdV;IguoYa{ z5dkOP(*&OOfsZKv4htF0pKSKC^h$5r6uwi)Kyuua?I zGQK##b^1$Zp;1ab;^yukb1HOH?|NUEQS&#h2|Qw2d{$74Qm}}kO)4mLLInBSLTefi zu_EFyxSy9vo4xrXo|sT3Uo$oPML&a;f2R#=_awLJcRTMPUPODI@t zUADUZpVx8;`6p_5owAbff8N{wzn%ZD>m#F)>U}YSMV$ZfP5QyL(Kf8&aQ%*_g=!_FD7(}DwaJtLs*?;QqZ*t&e?&v`1 z&Gmn8R9zQ;sx)yvF+7&Q3dmH;!(1G1<dveX8)hEeH2J`Y0 znm&tt%jm%fUYC{a4Z$n}xHm#vM2WEq>6|$ciA-Vi(Ayi+>opfGwvYAvpJC8n9s3dP)y zwz-{5RX#$TK5(E;o?KgN73XXV)2`>VQZJQBTz1~^sMC5)y~l|y=1eOTglSTH=Y1ZR z@xI6kQ;D8d%7^y|1R|26f)+mN)vl94&Pv^@TB(awuZK+<(}d6MlimJ8G&K@ZlV$+| zT4l-204l9ULYf%`5pWk}Vay;STKBIv6ZQ@=ZsO;r6o}J$a3xfdwf5c*NmPUk3|ic2 z_n&ko4Lb-`F5Sd5c9j>$OD2FxSnJAmP%XTI9v_O7rEA-vpbwF#PafOqtvAOAoGN4D z{=>Ric;PQ@9a8&iy@Y1AGuP*zuvRe7t<6OqW5o^XfO&w8loB z7aF%KA2jWY=-HwaiYEG>i1w#TXE4c~TpNToTh!@$oylFxXTP z<#sGfivscJLrgSrA1k49G`B zPg=p-?-25W{FE<=G>!B)&Nk%SasG$0wN`mFky7yHvB$+U+kl>5Ue1%K8kgkZ%%`5f zq|b=OcXRIaF{v_5?$IpauMIn;?{i(KCY4g9xN9?~;la%${h^;4N?dh6gNvTjwc!jR zDNGn%$#oyRxV)**w$lQx?%-=XUJC0Xzan6(B?*VxghK}wh0_LWblzC^x&Js|F!3;& zW7Q;yu-=fj@x0k(Ku0b9?S@odcK&FGQ%OiDl3i*(8p=7q}Qdu`v2ELEiBOfmAU zzA+ZLC2q5P7Yt@G^l0Sc_2r{PK``60fJs%I%y7JYAA zmDSiLDx4=bcG@LO-lq${8w{nk*u5e{AEh-`wS2VLzBz=`82G(XvQ%;7)$O&JLfz{z z?=tH8#oz4mSVre)6nz-Py_S!7FNRgijFICPLKgI3=h1vgkc9_J;q>uMXHlfL%nC1M zquu@PUOrJX=G>p`1c-4YaE)TiDt_=7Cc&sgbUwqo@2jz`dGWk2_WmSr-I=!!-S<_x zr0iD4tsl6oM48Pu*Ed5!>LVkJ=&^$cTePd*dA>Kg$u{z)(lQI0r=|cdcTD_erV5dyZC8bcz6iice}rN;>%eP;Hl|RW&jX!dJR&+v7<9V` zuZwcSnQ5{p*e$lBBS7#p;d-M>F>KnJZXB1!Dtz{foE?drMS;D_)vQ@pMr?D**p!!Wl@nERC^B^ z|F+i+idZ==c~)4IfEOqvt`B$>I#c+Aq)O@x>z@G+^_VMA zMfV>JpC>3;jJNBB(h@J?aP{?XWuLp-N2_7yynLviAtETNgXjdjeh{05El$g<&zES7b%Irz?i8*Zqat{KQeVjj5lF6NX5x#ct;}-9C%|yv!qh^LO(9va=M~j((jP7=JHTFpWCLX<5 z?@{NZE#hV!s-UlrpG@ z?n7!Fa%yzULaX;OsN`l`W5Y%zkxZa+iu3?PccyIKhCY!!CKPtz>UW%TK1q!^^t|Z* zRf=b!)&2KfmOLt*>9xGe;CL%C>@P~Mrt>uu8v#lqg(q`hm*Egw9YEYaBeBJh(27#x zWQpL2x3MCOn;bMNA$c6RlO#&*ul{<}U!BEqU*c7(QgeTV?TKnk%z?}Jz%6oOGSb>P z)Sb2PbE<;>o!zI}8wU!9m^YPgpuDZur%?n7XNmCli9t0&q-xj5N~EVNTjUNGizQd6i7fgs66iRb)#`DbRG$&F--3K+t_C z+C@?R)Pl45c%JgxsMjM2v4_*>6?iA~ztV94^{&o!@efK0%L7^nk6~n+}<_ zJss}*nh8nhxf6~}+O^-;G(5>w6)A@(eQt4RJ3^00%(oCIM75%#2Uc9rjs6^y1tz@a zLyjM+eaF4(Zo_Kh*d&?H4_Y(a^V5pl2YwW*7F~V6ZYPLY8t;51Q3=RA2F8t)8zBg8wqreN~4>swihW8hU$Pb6nzC(dR%y`2#gIkJP zAmyX7G+e#vJsU{t4rMZM-(JXL$D*62J<%$$g_$e-&R8hQcF4!;iuUX=wq``Qaeck| z^#<$<^&ij~gK<>eXglX&OTEDHwf)Wcfp0FM6etXOd@6(tb1vvtzlY>22mP2m#&3B3 zAwyc)W+ZcVhL+eb*mgL;JW8DJE+skC5b83OsQ+Sfy_n=QX1m}*AaX9banh&RVtj!b zqXkAAE~T|c-gSLx#7tT8K?%)l=9;lm1klK`Xfh%g^HqCYbZiJS_zSeOwu0{c#bTlD ze^E?)bHg#7z7M)X(nH6WS~6b9Hxn1{b5dk#v7Th~aw%NE59^YioIaBZxHG)Fw2TL+ z&#JWX_Ze>$Ciaek;~L+?;_Fgc9j419AV{_5;S6=wQ4{gP`S|c*ySl;E`)m9CAdzBS>tI^cooVsXwWT9wTsDK^z0jzPCcxZU*|OaciLj4GKHnVR*(s(>Oy z7Mn+~Igo2W(VsrqC;ZW3hXmJlR+??rM4Stgq}r8>xw4E(V7*nzyiHni8UOi6>%QE8 zWi{DLMb>k|Ue9?`KA9o7)=1K%`TarD6}4g;fly)TN8Co6Nr{u%2zkN!n-_XVp#y^d z)#{aaSYU^Ac(%bo2+#_F+QxXO9--G80c$v08a={@LSFD{?+J4#MXIMgfRDyOS~RCQ z`wwTmiu(5au*}9eye*8K-5ia_q`n{IusV;YaI^)s z6>5B{H6%}>^XyD>M(4;&$A>V5N}a<$7iDIpS}ZrkSGkRU%kt{(<{Kb%W$OQzxG_pT z@&GS!NPGF!W2h~)1ZOz{YhY;<<@cF9f`^f)CEp!&@lv(P$K9+p8KH-X)vDV}wQ$0+dWuwjXou%1nt9xql33!o@q{USxBh%Tf8k6xeQ`%%b`&=JeB2Pv zTi)c_-+h;V67@!*?4Pt$quQyLRA_!iOS4Bxjl1zv`aq={k3(-Qbe(29nIQhl#F)QN ztF6shk5~OHa&9(Pi4zeM?&I9Q@)NgcUG0;@K7PB;(;BX>Hz2fK{Ie0>db`0rOJI>Y z|AZsSv-YRn88KUgeIJLokn54r>rB?8ZvzAUg1U2g=LI678-AY<6V{GbGP0zbx4W$(|tM9FInj2u!MA0b|y?>Kl@SV)Xq zbGYBgB8J$6?#K65p^nS^QaLqvI|=0=>FFGt110(pu2BX z7U4Kv!j*Tm#@u)^@yl`;TsR-AtNY(Yt4gOi?y$j>GNAe!gk#U0v^+6habL;u?p@nS ztx)dL7fp+Z(bN?^R_S)%2#h|=tkJ{U<$da3$G3G}7Bd~PGk;=LP$TNOPpmRu+C49B z>EeF&^vbjvYCDp{nUX2nsXbWZYqZ`f(mf*eI$Tl>j!Y?Fh;@}NO*C`;>%K2{&*(b5 ztQ~84r`-0Y&9P$Dbd|a-rMv z0ZbKi`IY!#E}@KKND9Rfz8mi&k@9(F9f`6SrT^6n;3lAWp;z$a=B=QB_-c{RX0K!E z@@r{B(9Z5q<8?VOWa0Ulp(q92y*;l4D~iY$uC$RkvdvdOxMeCVov80BdHGpr)1b0U-!>>t??g)4 z-`4q*>jr70DjIg#*0ZwOR7NE!X?w?6>ZHW zmBAsBmBL?sXr7b2#3qXZ+o3_uh!_)NH<=)!?df&r$f`SEC%$=I=s}ql8Ny;IX z=c}}W{ODYq%t7BC!+Eu|KWqT92XXS@+*Ds2T?rd`4XD%QDUx}A0`LgG!9=ht}U78{f5RuU3>lJukIW$ z)t${Y&K%drRMZXSSW{4c^j^8un03gA7d|}EowltrxRSZdt>1(R!_4B%_V}GtlDS&)Xc$qaulHV=N(DQzB!XKrbY}eK)?%yfc z=)IB`;w5;jQ?Ku!#Oo5L*6@j5DDx5B+}wZFTaGu&ZuixKS7ltoI{YF76XN#<`D%vj z=2Lnfqah`uPz}-OAd+g;E!}9M(palI5(@F4fj#-ie)*Z9MzfndR9VmoGGx&zDP%u? zD1GC<$f0zKGE4L)3PB4eNC~4-1pRA781iHFJjHi2Dt^x=QuYVAvJ##*l@G$N%k2v> zPbbE{yB%*Kh9l}VRViKn%pXo=5eWoQGy>5G$Nn$wmipS-tT}8WQ3VO91x>-CJ_^R5^h@;@gh$k@{x%e;d zK^z_8SdDPc-=47(E8Y<-RerswKKY0uD`J7j8sT*8z`fzT+>%uBRlev+)xFu@On!G$ zD=0OdCVrkEpZuhRkQ;o8)I&+UqVuTaeAoxe4JSy&h=%=&QnXnWm|UFtBGWRzc>o{A ztPuO5eyuVk%g|T-Pbw#EBRzVuT+{?<%{tW_In)UKdir?Muu@ll+w0};l2HY-;BCcn~TuY$k72R<^-UcN|=0SZ>mKa?YBWQX{`><+aD zcnt)?U2N`GBCvnLc^!z?KZN`MJIgJ*EgxYSU-r#rmd-m`4xZFRqY9QV zO1p|TPvLQ~9!I<W%RdDbm<3IwyI!O2B0^u==&`PLV#N(yZueVm<4j3>8K+Q9qP+ zxa84~7wv=NFJ6vrFX0zTrXwC!P8c2$9T@TLESp8kEwXcR#rmhN2(MzMg9;H^6v@8H z#>laR7>E$wm7WW++e}0D40EuYarMoO;==Nc;)Mw==9|$L`%W}rsa0Z<&Y^ez_cczL zR=~wuUK7t1+UXc{hTubPS1u%M*xxGk$@+1`^CDu}TR7-F`r)vU9U_y=!T16@;r4~p z#-W-!-#mX(Hp?*L)!S^gdXbLz1c{=y^H(n>lg^f&T&gy{_7ZwgOr6fx@)=sZ+cKuaW_m& z;a$eYbL(0BxX*^K2uvXQ4y~^$mzX|rfmXn?gFUW&1Mc;!Ebz~cpOvUeC#Pa^)Rei~ zl5~M(!(&$6xY*HDWsRZADYxL=yv4fVY?t0r(uXLtg0bx}8KI#(gS1}_Vc4B`MR*^l zqt|vaG6$eDu(4yr>ag)N*$>-GXzAhKCEE4p2f0!+!XMBGITuD-zcu>>3B40VZ=4#_ z6IV1zI0DT8`rg#swau(B6g_JkyD&ReKDZjLBnEX+Tpy=yI+Wh)VQfASRmzP~R{Mt; zQR36agfH$|q(Vl(uD?oC3TlIGH?kvNV2!t3co z39?$Z-%N@fN|Z^NJ4l15pAR9^q|Lk!W>j2Kjb-(@Ck^X;6VKuuS$%Id|BNz&K?V@y z*Pea5=&b}=CadJ~vfNnJJ%(^qgnP||u?tiimU^u3&{j4nSUYiPzdh%Q#hn=fVzLFn zGqRBF?Z<+ySGhf(j3)oYD^a8ZMevpOMmL=a+U=C|bj@I4!1GYeNVu3lPqesy*As!BkI1z4Wcq%v zHzwV3Q&|p{kuJt-ug|Vk)@(AfXMZytVLBU%1!jaE27}5lQQaGA4sl$X_5`A=Cyo7-o5KtxR8Z7X{fK&JMDaF00dT+IZndFn0Q` zWu!3iqMkM4S?lnLL-RSkFrS!8OBigUIoF`ICDAJ~*}k(rW2oA0J1;*m>K8;~Q!$@q zXNS~lOf?#EKcI(_@jU!^!aTzB3GHFjn3mAgU3ie|?nCkcH2oIicAvc#>toaxjQYCv_waEqftwT$}e|Y@nn7;#Q{T9H#(bOt1_NG`Zz4f)#gl4 zr>AKHyuaF2IE;Plg$Zh`HY`Y{jR`pcuXFRelWnLZwY-PX+;gtpih%B${*3U_$))w|0b5A|9i2+8$MXNJ#ctQ z!biz#7aFdRRq=ewK;M2PIc>QopV~kl^<*kmlP+@v?L1a!`|o@56$0r zoCrxw3D9jLy!_2vktrw{EBaJaWZ3cUrrPkhy#{ALMk|zk(oFa|{ezOwXjd<4&?{;k z*!1wPLn{(RMJ9M2|1r6C#t_4QD4%q({<%7t53kal=>Jl%P1${=gpyq1T3z8GX}wM^`9omR;=IF&`q|k! z0eHJ>*;YpC`&9>}Wz~Hph=&lWb>;i}e2Wl2u77RZ3hwTi!LypuxYE*dB9a`L_@yk3 zPs>62qp?7yZaCy%<5979cQJa(AIN+{!A8&H{1gP|Mmdg4VD6>{j!Qq4Mh(}ZURB1U z9Bz7lNhl+zqAK)^fy1hhuksz0^}CMan!~YBhiDL6 z8n5T=3Ahs;oXD5PHD@s=)_A_t9uMcE=fgpCJSY2FeuD2N_UIS#puH?gBjQK!SiWZ6 z-;(VLSjr_((7dJcPY8csOV9q+sTs*|4UU|lI$WzS+(C>?%Cp9=x+1R|}cAfI! zzDjrr*9pFeF~5GP)Ch^oZ!m~HmC$Apz3of`z0WV35KXP#ds&BfCW7~EjkKUw@NAA* z(NFP>rV=*bCxacwz0ud6ZM${&WHvp+f4x3g8*W9V&zUR=JWtvSE%sEZ#e7rz1=~xZ zDlA>%5Xw+#n`1BBHUkPRa_J^fTc}PorQ(>IRL9();3(4ehF&(#zayz`qz*5g86cCj zak9Y4ep&&=u!( zZ0B2`K))75#zmv(3J0hvjP|*$T%#FH`Tf0w`&ZP4(uGx)?P{~?_d>72t8)#CDbL<> zS`iYRt?S}B{aXL?r0<6Igi1HJ*zdeV8E(D$M1UbSy*P8V>N)Ag$PX?M>Ply00LBpg zShr-UMw5J~^E2ZcG*}%rt>{ugWVJF$Fj|^j$9pCBAT^YP7561 z9*t{_wyrDMEbt);g}aY`X{eH;+p)Wmf9(Q$jI#l)?m+HfSl;i&D8x7#MAYbQ#oI)T z$~s0wj!Yvm_pSa6jid24r z4RSHSu(H588?Na4B>TKuboc`Dg2Q{h=&i9xCNHXM<&!kzvx9`B6^UQogK-Inoq1{4 zz~6`Pj_0U|ay`rDR{fclQv=L6_=J%4Q8M>=!9=%txcX0JF$Juy_Mg0ihqGimw z?aNDl<^jydb&b;@83ETUB#nkoE_A5(d~H*W&g{;@)9zQ5IcuhD4%weo<3^UoD0Obq zAj_8PH}Ca7f9BLNc5Auu7?e4IQcjpApQM6SMs-t1iKHq-oF$y@=9pYA8gG}eSvmO5 z`>9jf_GF-{hms}wmVux4LRRwvsR8Ofs3||GIc4ay@qS_xZ79HbmKv@U6bC08m?JNZ zxYwMhE%p>?dy5Gu4uT`2C))y zO*Z<5B)462!NaD|rBGU@C^%xQ&i(OC{LfPw{dyY}vj^;VJdcN)OR|ow>1}u8J|b%f zSRa+mv^F&LQg|8)*hArf)Ii}qxQqQ(xC#+^M`|_UkniKtir_7q8eCxmq` zTzcl@91Ml;G|&Q18$q6kPR6o7ml!SkLW!_1e|g;YN)zr=TSC_;U9EZx_h!YZC5!Ey zq%qrhw=Xt=ZqZB(0oE;_3O?kAI|CXPtvfBKJ++7JlUEzrR){Z~FcO5CCa%-`r_kJF zjDz4+Qjcv{Ol@Xw(|lvH_ue7AEGM1@1%6V%hWFN4u_WxGC#0@ zuHs&L25NsARM_^h&exE*IYqMBQox^{80T~;gIru(j;*&RYAa<+{wz@|jgZ?ic+F|l zt3u|etk`HvuN^V`)3Md47bCmvirjPIX>OKVi7qQ%NB#rh1f&Z?sM0q_J(=Gj3zM zvDMgYoHn*?n~l|A#%gS%v7MZmcCWqHbM`vt%lqy9J>Two7}vP)zXmd;H114HHsfY^ zub>@Gz)=`6*rAh}rcS0vUlfwcyeqlSs5~S}DltXX6&$i$ZhACst!fG!pB{^05)d+I z%Ro#?Bl$vik^JmJiR@)8F`^&vDDw1WK;3uR+8$gL4HuJJT4bX*O1`7=$E4*>>0+18dmJ}+DT5dRHzTvd#g2drnQoQo^Nm7)7k@;!A|r9Sm;35mHNK0Y0Dz*( zPB24*a5o}$%=o}shh2ICqZax)luQS{HdkTy_V9D~<_=OB*_0(j6|Og%K&|12 zU~paSrtM(SZR;niN9AQP)A-I!j&3?g?i=k?^I3f(<#WR_Q=t= zgIE_vZI(qkd+9Q0)>-q%{75>h<{^$@i)HhR(eR$D%}_>u`fE3d*d`Rf)gdEz@5-`+ zD|-2W?-=M-OenD4Hls-&VI@M>QtoNF0_3t-kpbW+@YAKNLv#%wFWeyu1nk*dBzbTb zE6k2%PWqN>4`B>{1n#`&F}f$!G?q9Q{uOc&Xz~=Ss5-`$MC%!RpcuHt%3$tz5aVGt zOFW;{+R~Y?*=ERTZG&q_DZM*%3xJxMQufXg}<;K-JiRC~?V8>ZG}#uc?nuHNMyx zF=!9UxL~_&r8WAf=hXCg(N-zCP^t5jH!QOxjYPd$F^o@O{qSuh{J1;Y{_cISN_D=& zb3?1S&bMt@9^TEwL!T-C05+Hy?U_-z_g7g)dy}MlI1d99A%~= z$Mo-(6xfAYVo#9^Em0bMfJW^(%yEim9J4qu$-fvzKY;^ zhkze*MQE8w3p&pm&AbME2Sx~_+Goi1Z@Sh`emEGZsaen<=2d2_ET1FO{lb5F_yeF! z;635dyZs)xNq*&YKDU90tLw#mH{`$7$Tov=>K0|eAid;8z0+I1`WX4X#t2TXJT-7q z-bH>zr&immon$n`LQ%Ej>t&ohprmO4EuVp9y>2U=t3Gq!9Lpu`5;y7*Ck&wW++j0S z=ZXiF`Ivsu581?d?e9bV(bE4{S)VCx&w;i(_yV49fTY`HMa$NNu}xB9UAD69i@iZiqsQo2?~>)NY`%XF-m!E^41o1Gj+3Um zwlKil?P_A4Dq(LU};Mh&pvLSeZ`*mX!ulpF^c?rFI zi$+BTi%NlPIt{A#troOwcvpTVH4gEr6l9b2dbs`kAtfI3%s|TSu~~#nNTHy%?-n>> z;`+zk-o5S#)fd8Kv^vA|B`&*y*4FGhLF=MrBE(U)%%J7C&xiFlo|=%FM=PgGmQD7f zlRiA>0S`vk`J{Q-qaFj4y$Q1}hQ)R@rw>Y7*J7)m-F)+`YkA!t(30a@4G&@nwHeXf zF*$MMhFhhry-xw^y8HaI#mh}P8A+bTn|2%L5|o;Ix33!(qY%JADCj^3UTRV+?^9s7 z{ROQ`jECIk+~j~}&+~C5!v3;IR7}KCoG)=@ zq^-tCC4b&|aBEX4uZNf9XLniv!`-c*A>D2ypXf2xk#$vR`lS-ft@z!Mi1yY=MmMGU zf$=EF*@$-mSSkiyGVu?a>fCVji%mlrd*WkyN^Y014jFi!JIw~rxG~#K$uJPcKO+}A zx;9DEFObTmj>$gRJB3TP6Wt@{<;oJ!v98|9?<9WYo>}P0uqy4)6`a)c8Lf}O?es_GRe%{*I*7^}wRJa<_o|?$tfB)k=woPV z$rCUJjkg*%jX!sI)qJ_I-Z!&OU2gQqC);&;3%^-$AN=UpmxK`&c6ZNC0%y(oxNU#b z1GgPh%8*F9%{pIq47vt=$U8>e0pjUSVKv#{Zm{oi~SEWz(m?`ymDnM zW6@NfpP!!V_lDnlB%(lCehq$4(< zED&$5T8u{EPH;s#_(X(k^0Kxv8uT#XlL?!$CrL18Y|?#rs-J{`x*~^a-o_;1kY|gx z9)XJ*Ln_8tJay=cHidMDS_Ha-z1d8$>a$67nG__K=k=IT=LW8^S3fPLEBCJ-^q8(& zB_ri#l%EJORQeB1y~$2wnnuFzw$GpTQS&{vz?)9vx)inVBIvY7Ps)O%lkTdtI9HlC zyLhkdF3NhtM>IHJ+yM?=hRoco=a6n@>tSWqoQO_HX;cxhxF(243;Mvcz6H4Ga>MOX(JMzSX0rj;~8i!)lZDZ`*XTD8Gvqh-=`?V6l zTU-u%p(XTiNr_Tw_%V3@v07{>?d%vJ(!9GtF7^u`??3GMY?wR*h)TAwn!RW@gc>5G zVCO5DApjZfw~hgKs6e>_HgC|5gj#{8+#H%;B*3IG6#WnDL*4iNbJ_X!ar4X@c|E!D zJLPSXjgIok!@TV}7*=JmXv^uL=F_j~Yd#d)1`7A6k8IY0=RB=+CBlWG}~ zO9WkLQy*yjRKZ=#ZWf6(F7~`$DmGvSx(2{lAXjTz#9f_(DEvYG9)acLE#M0J&Z*<2 zqpjs_WJ&8q--}FAYcx2EFVTl!oW;)^2i7H^WBSOy`s%XsvSQGw4Cd>=_`eA(K>Q*E zz2r#O7+>c6elJ#$nbuM014q%Jz*e;$RVa>TMmbvu`=V?d(OZfrK@^rBFZ>toqsf4a z1lEDHVV4Tp2!{v@NPZ>(obOhIZVd`$TvjLXB&fX3wI=r+p_Pw_re!~G}~ zo0gk+nu~IvcHNK*2Az{~J$&^Bq@~ti~X7;0j-$49s+->KP zUwUSV<9u!<m08)1yJI<^5c+22 z1OmJfKKME#T<@n=_UeZ%bZl4pzFt4;Ax3i@!uz)dm1zrzkb|#E- zENsD><}N>-Ej{f}&2fa+%ImSOGHwH)J>oVejHQ@L)$pOCIM{GFgI~@&vm7pbR~6Ii z8Qw7#YyD`_(DR3Dd?NgmQ*(=9xuEPHfC0CasqiHSuswG=EE$JR73mFxWR-uuq*2pZ z^cAhHs7s`ugp#-#WYqR4A-`Z^mqQ0vqz5X%_I&ku;2ycTlD35mc6F5{kmTq8hPirz z!b#DA(y|`mZ$xEqZ#u4%0@OvV@dGZ^F13Z;hZp0e}C#(0P$RULG4Aqy*^O8hIiWg$rV_!REKlP{scR$4W0{o1TnmkXs z4&Vy1o7o9d5vQ`}unX&gWg&TF)9VQz+Dt``%7;st0gI|W-D0D{h1cmDTKed_u(Py} zW0kZJ?MgmiUC@_Wdt!x+&oRw(Q57yMy;q~cZIvz_#zuN?j%K7ba6Y54pfWB#=nbR2 zT{tWLp!MeLejsr#D4B!g9X@G+Va!MCvTdcv@-VEFYU;|fIz#1_KG+%6$t zuaP7SNQ7tfw(tI((C2sXpFBa}SbJC`pREJ_6ZTiMZ$BKK1%RrG7kq&*`vC!8RNxTzr#L1xUt(9JWxd+|E9%$g z|H&(w-~+?CtQmYhR@v9n&ztUQWM^mdyQxHEZ~1jN$QT%;|DE`E_-j5vHn^&NNw!3U z3(qT>>wk*ZCvD;EEN2Z^LQ2(+Z^;=#CE^uv1d3{$b0`mT+B%^ zA_ig@3C>6SKItc76pHPG*diKquK*PyAuevT%yl^ikBD;0l+)+C&Akp@rmtT>Z+iAp zu6<{AQ)4TJ=Pb}cMMm=SBK?7*oFjAwQl@^eAe3;C)Qro=F%NN)h+u+(71}=-lSyKR zw2HO|@9P{bBD&b|rF)NK>#mSR-Q)TQR6 z+dLf7&zalcE9TP-$P^rf{Dz$RZU~7avi%4MFe~j|1t8VF>h_+a!v{#O$i; zwA|n%3K-Gc);U7MYE41He@_^Zyf@CG!$6{f5iL3E`lCB@^LKVUFKWXbALDgxYj{W3 zRH_1TWR~_EAtDrG!>z z)eq`_h{96#@kQ{*z^j${hcX*Lg#W+Q{f&jZe*W)Z{v)aQ417T;{LS?RdmttWdK!Bp ziPlTsYGKENsUhZEU|QG$rrsaK%N8wepQ8mCzf~gEp)czEI>a%z5$n^wYB)goY#}-%0mxXCpV2!Dheg3jL;=`)w!Ww7{}NiQ zAXx%mDbOGbs-&dzjjc%aNsdXN0dGHY+a!#=gBG2zZzaRVkW%5()KsvT$DmVCZAQ;N zLHTEBq(q#^gGzhdPk~7=3>7UtR5Yn13b+hZeSp7KXQwS}qYVXuDMh2zAIZ@fgccO) z|Kg5i7lg_~fVt~k>>7=r`?p2e1p|^oX|cqKID34N4w$`1D_!js@M|8kZt!27THLB| zcklg?$B(eEq$wI1AgI>F)G%CA9hm&n)NXy!SYg=>tS>?q z+J>=m&UVEe(zJyki1F4{TAa`y{Dl+0dl6xFQd_XWQ1B*=`2(!{n_NZaQ9ACdHWHCY z)F_hCQoEf}CI*Ge3F7Ic+h1U#j#nt=;4oV8&a?%(4(|%&nsHyQdKcAP&Z$Pjvz~AV zTI`!Ta81W9*AC}}!|*u?k_}^y>Z?T0`6Kf@e^x#+gm&-l)Xu5tUDOV$vx+L&CH1Stg=%7m?Ls~b?8PG>8E{?hO!`t^Dor6s;jBS3l z*Glc~27B!^uP1?)AoMft{IFSn*?}`W zmi zqH_@KRqY}B-c&tu6yCTlCSf<9^gFv3$s`MU3d4X`0JEwLKL3gguM;iiwRI~L5v5Do z4h1aEJNLY6HM<>Y%zMvE!Vw?PV&(-cX5vo4K#;`I1GPZ0Pj88fRh066pPen~jhGf# zpHYOr+u`1uNKrPVHR%2lYhWjI)f&SqS7D0jY--O{d)ikx8#*{pa~f$lJ1Vn?E?apE z$vZ`&z)WB&DZ2BuwD&#Pgk0b>>;a%S)_FSgEh4)3W!NuOFFSGBp`Pgto2;9(y}TLo zlUv=kLU`9A5iVKZb!3q0>$)VgV7?Z*$VHZKtmk0@8S{Ach8_%$Z-bhq@JLQ!qW?#c zQ4%m*NK^ym3;HY(PQ*Yn{=4pIH|yBnjD#2LyIl3z*v1$Ofa+(U^72Lyzl}a@#xj=NruW4MzMMnO3OPRJEYs zU#5*b?+9%2!n?G+-8qYln#Pf!dxBSWvDG(h@a{)l*2AvSJ`ZMvxN^NCSbkDnZ!Vi6 z?nmQ9uJei5=A@xUSC8!>?S{G^Cr{x_Zy86Nj$ZSSltQd%zShXQFSf;Zd~PCwphAih z>>S$6Qe6MoO@tIUEHS%QVwZCg)|Fr&NkO6OfbNgiEg#~)m=^);Tx0oB|62eMS^8QZ z^54-e-Aq{A=GO9kZ9Y)MedveP-_z`eA^t;q$1KUk3Feu` zxXzQFxlo%A;8!li$me)UZg}zB1gg66KCGrKkA4_lZGe}wnTKlyxmWNPt1_U64}(7E5xE)fas+r*>Bec#gYwPz}}GdcP|V0T3n64~Bv;A_*V)6mTNn=z;w!#lFk9Z)X`% z&X(4`mwe$dZ7Iw%J1=wfyaQ`6If~3)mUQNZx1S5-#9!F*4_IttbQNPJ`P5_ zWgabdcm-@AwbGJh9!L=ns;i3FPff!o2v0P(Qya@U@Tk1m9O=1cK)n3nE_oj+w$NxP zjg^`=ERqIOY%&p?;MUrP0aRDe%ya3Soxf*sZz;d-xb1N?(oO%C_h!T}4tFDI1q{S; z+)cywf19X21)XzKHk*l@3Hk;;Jk8pe{9TJjHk-OFa-R!&v4v=Dw!92dQ zi@5IRN}yh`x^hI^lbnz0rR^n>8hUWB^Z{}PP0M%NO60g_n!`e$6h-J&vbxjrT9ufs1&OfOPS<{{mXbmi5WmC#wMh|#srrJHvv9k8u`X|b_+#;=v9+M`#7f_ zWo}{=)*!HQIN5uVLx`yG@KGg_VU8;A(zWbte&b9nM=1X_yfkuwq^kh^`q{R39Kw+o z^5ZJk>~B=YHw&EM;WNHh6Yk5+*4x&}GX^ih0)wa~xyT|2LM_j3 z;)~pfuQu1sg>Vd(Q0#J1m_JQnVDmiFYVlIupCQ$YXjR9`|HMJA3z&y_ig??7$igZK zvf4VSz-p{3?ioBIR_jiHp{6hW&zxcMUNwXQiiDrBbCd?EbKPcFphZl_azV{0h9|nO z!rk2SCZ!%HMSTCRH%w9Qw>tG>&{28gvjVHoV{i)guJA}$yTbZ+cI7^%XII0iHXUv_k#_OsQZBU}xy_>Z0ujK@S9)XOO_x?ZljhVx7UJBf|@)3x)~QK8p1W@K2YD^XZ0 z>DMo8F%U-a)MDq>_N)Ido9$JD2!a6VX$IMGO_9H8PY>^{daC`VQ3@dcUx1qr*aRtv zQZC~l9R8^A)kJHh2VQqxzz5ese-Hk^e_1B4*&ku6A`v=x(3lx>kD3II+Um z?j3e@0VCB+7?o}1ma$cM8SX1ECWdpZj?l0eN6Y8MZtG;g0|q> ze`8_jrT`;5 zm(lSC!VhJQu{0~G5$Siy@Vd;ek`eVp>^VfH^BMu3N3ZKlYEHFBZDq&v-0) z*JF^Xhhz-q&aOUAn@+XKZ0WoqW_W%z8`{n#%+$Rr+cWY=rk#`<}fYoYh zz2%UfmEJoD&RR{k)IUnXK;>1d!!B9CexuG7Swx73mI_&)2h}2+@ZGXekl{G;!4CI3UzCde+)Z)Guz_#3JGMT+B~mI%EIi2a8srVP+J=%Z!bN&1H} z|F^n-7_tAe!PJV~+?3d=!8*SA1KU|s=2{CV8Y3r087apgC!T;p^CD7_0|mf&(1L5k zL*%gh(i~8`pg~X_iQO=GEu&VSCJ`uov18kfj}jQnYk0It*3+8DDi|G{4W>@-7ZCav zhRrIO+Sat_eSaf?(+h~QvlzdNkvZa9!}ETv1s{^TRR&E7gdlf8C;J(xiRQ6H z4Sqbq98$HJIGqetzLRXiX1xjw5|;5h1-;cW8#5?K1J|be2!BA2qvIZZ56_sQ93VbL z1~T>yUFeJ9^J>N)ddDhPa@O-Pi^o8CYl0mJP`%NJrZG&YTp>pX<)K+UwMXT%=+#E9 z+#8T}+}Yab4c*(@>%6TVP2d*xUf_XI3wsZd#zsq=@GW&G@$^=dA0ABX`IUrnJgh)BO%yR6e#qD9`tgU#Xs;Br2JRw+^ma9^S?O`>{kYmVA?a$^8bfU zP@#i3oFrVpe9ph+*uP64aseHB6^z$20xkpX39h0w3^tcNV?UAvV`P0A+8%fwG3=_%b zN|Tl#IeH)T<*NORMje>z^;@V8p}?w^dM>;c*+aKu^}}C{2&I`C5q`Fz3YE*)8;;x& zo<1)CPNbPnK%Ey(s{V+ST=p_grb$Ufb$kInpCwJ3?kzS?Z-eVP!d~w~Ye9zt7$R~A zYA}jk5B%ejB4Ks?@6ky~s=p^23+%0D$F~5Y?j`WwA_koD^vt`guSNqIB1#7!Wv6$O za|(v0eX{#`xuHAdm3{U2wltB>9|EvGKVRnB(T-jI zS@dTioPs=_RCENx6r+|O_d_-2y@12E$)T<~-hGG`sjx2rTidB&S%pP)WrLmrYQlkY z+Jdd?fq=fcOl>4Ddv0|$0s!5j%IS!%XOglT3X<}Vl^{)I?u|Kk-v8luX9 zbKH_$G*`vZ!5>@knzk-?2UMjckSUxSK+Tt5DFh*J-f(qG2!Bw9)x;P`IHMaO{?k-u z-&?Fj-D3~{E9jeqUNzMbVCb2BKnkKAbwOUy^+Dr+tX;c3N1%GWJ;ft?Gwp34VfIw}K1Sg7-tO37fIdZah=;>%R@w5s((@)mfzm&#%4AYNw z6Nn9yo_?}Q=X%`HIeZ*jUCSL~5OhrSIkwi@(8bI#nDI{nu#cUHgqptFFe8V$*-+)_ ziN)aOp`JvB3HD;BXxlf5^LQYT&iv)-HvlmP>lN4>LD*O6RgW4jCV(;oV2O7ZVs5|a z^jOmUw8kmtsg2KNHxmE@h|Rv}CVSkOXZ{&rC}XqM#yFC6hiKd%)86#3P;ENvr6t}9 zvzo4iqSXPe4Xkpw`I19q4Lrn#&`EDV=%Wlu4>~0A1fE`^?7r2g1Ctwu&KU@?22zht zJ7cxHSW&K^0Y5cxeV^?0ejEPd9G2JhMS9Elu0=X=@MiT)M~+};ghsT6Ro5nDYz$b4 zC+70&tHs$!M+el6bY_8TibNq-!OgK7Y6sxFy2yfD$Dp=&!@>Eb^~CT~_4h8l$X!1u zZ@)=x0g(xTjut(MUGYo2ZU;pAueFFD9}>z(ztUlxJx2GrTe3;*O9Nfa zDpo&>A+C5?!_3UIG#ABvvNb8mM=sx}4y#+(qK(%hRXJa^(cKMZ?= zDXn<#-hO|oGa@>rW^a4pB9bLEn0rK~Q(94-D7R4_=tn!Yj9XPLinT?lUqCX>EKbPh z!d_M<92>v;On4@Zvro>ho=nJen!9KRd$zag6shm&e?DiAr~OIITysLc1sT26{HzDB z9L}oPqg3P$V?E$tR9|e`T;WFYswQYmR*F?vQLXyu%?{>V)kUz#+}vK-IgzfG$LLJx z*t}E@V89}$;M=Uf>J?W8YluRdcY{YMH)818n7&wWij+mR)W+06^cZ+N1s5r?Ge{8@lHy5Yc5ayL8pWlkXI4vWO!!aqmHM@BWL zJt*lnOZP`>bVL?s5LIcK&lsoez;L;G*S=6a^qfmrq~TiFSVeeBD223N&&e0Ke@rBX z{Hd)GUnUS?y+4|ii^!aex1(gTT1DzzNr7rkv372ER0U#{YYJt*LiL8*p%u4}kfKH) zLYCJBPMlxZjGq(W3-N?8=0YYe0^&eI!@KAs)j%n@HM{cIE%pmi)8a956{ljKZ zV6KPeX(MaDK12DBoqNyYx;(>`2{;IOdV+?B9s|{=?yx}>#svYw$=$=K+cc{p6wJpB zW2=h3T+Imgb+PWV!+7dS7|$w?U(lHG2}@YYdJ}0DHkp))=0I#pN6|BbsZW4{S^6*V zgpO`j{rp`s-=W~rcUvGB+lNi$+LO8BU-@k|Xv+tS%_9-phk zsdrnt{otJ`WnNJy-?toCU)P>u6S@x?g%?B#mCnw1RL5i|R`Y%Ua<_hQ*?<9~j~abO z(&@D*V%P0^t$MY3S2>BjPqtU3h+i^vHd=Gj{hh9$s+^ydjZE{1)g@^G@0)sSdzQB- z%4iyHB1&WhnY|9LDAyakm<>ga_$}4>rPxSq^WxLee1BjMRiA{v-yo>CH1AQWbkoI3 zQA9b#R4tj^0WYIp(_ouCX%M)r@vM&^> zEzFp|=6bK^LzN<%b__pglIYYuMh7ue zbG@{`@u^E$wW*#mXhfRU`ybf-m^I=7bN_Ys>ugKHdm90AAQN;mtt)EDA>rvKy1R)3 zez5o>*YEaid;o{-3oi@LqJ{yxKhj#~Rk3KWOk#cgZHCQ5mln%^O38+}I=MZFt3!nP z&QtOQv)mPFf&Pha{y~uLq;aRTM@M&hJ3Ta|MyksAgjxrO_6HOu8HR4S13c>b8CPAbk5d_Q z_kGTmE3NMzytt=EK56mnJ!Pb+MnGJjTlQt#JZcLr+HN_Cb>}{o%wN+yT~A$}pN%dc z$wa4=@&2-|Ie%pJO)cAVPIJcZ8%sMXq2Xu^5b4!Bw?LNAn{w3q0b|MIIQCXpiiZ8?Sgw58hQ;eN9 z6V8I~mK!cq*J}lN*s{DYmM4;ShX3)0y(v-^7^A?>-l9aP+x@r> zZM5l2$X!y;In$o+*|m+pv9*@{^y7L;QV3EG3EpM z^xY!Dp`Ei}EQi4Xmk}5K`fTKILN`v? zfuyv+jSaBdBc(}I3KDL5IM(!S^^Q%S9}3m;8Ie`x3g(b{eM?{3*E8}9BY7r>@%FfB zyaxxzn5LB!dR-VCd1WIzu2M*=0wpKBLqA1z$G=B4DO20FBvA=%cvSA7_AFYm5$oba zTiKDWgWhgY>|eBiYErb^%bb>0 zpDmvHqbIc{_6scC%DXCM?hb&o(J#}PNMAkH@2RO5OCVspLPN5cE4O?p2Hrw8G)(qoy)BU6{(D7dP;)V!wqV$`ay{!!YqqS|L$--zzL@Yk; z%SF>ll*2kLSB&;`Qmsii`T?OE_R$8la0TTRTKOD?a$q~L=~vp{hHq!ptNY&aa_JT5 z^VLTZe}Kej<|cod{=&~P9x!W>M~V1GiZ)+X{9VU=dmR@T>11!>Cn;1F7BkMJ4NJKf zYT0HRt}om~tw+}uDi*f{G6b9xc7?nud>wFvgpOL&`5PqME!-0m6WMpO(|5_PCErNH z$K<3UA=&$BH#vBXD)S7xBKi#ZS(d*&)rVj2qr;sfTrnD0X8Mm+T(haqqcskMfM>1R zExa3209Id>6GbXP-z|1*2j$_{r=2OtPLi?O_d#3)qlR)@@O&mCqoCYe@WZV$6??!_ z506U)N=3#aY{&cKvUrO43Xh~XF#=L9gG?N1dt>7c%eT%G4Z0uwKhcC5ilISkNCkzw+z|(A_VWVIa~Yr^keF>?`W#R;bQGeGy4a+c2)^alC_{1#4f? z=6lg@B%?_SypQ3N5H9=m%ZF*s`L3YMf>?VLV2D-|o*G5AjE6a!TV6lJwCr}F``u?p z@1lCl*JlKoO_gv1n?gEOm7IW5BQ!yE^OIEpm`_P6->f5V3*@MPJ73=GtH{g_r3e<69KHYH?ngJIT&eQDo-O z-rOyxMzm%BMe`qFR_-MRMcG+YRajVnKuR`Z2G{EkK5!9}Z-MhWP;6#s8el_P}NsWQ-N}}4a z+BTG-@6fA-Mq_P{J0-@Z?)JT;PXYP^hx!>!^#{U2L4y#|X~v@w8o$r0b zse3r^eAXKp4n1vw9vsMW0kCQlB2>k}P<67zq_S~5!XO-j=sQRm2r56{S$Wl?k-&0L zhs1^y8bF7l?t|)w*?s9KD3xxsl!-$T|)-vk``~m(Nun2qEv;@&kU%1aPLM_wYZimDA7} z-s3IREhub?UrL{QM9F+o=0SkJ=c->fYME-HJ*_{KPgM!}M7i8rb4`O<2}6;`lbZW< z?V_t^r@yABIF`xpcqu|UIf;f5N$NGJohr0Y1Q9v*K22wxkf# z3%X^v_~MKJSB!e^#AnahiP_Zc63caf#f8DsyZ8}4fnQL)AZ5Le_d40wC(ySpYHf$d zB>PsM+cseo$~yqC)2zxKzaF<;#PEMQvDubKZ&cuzseEyxpco>rzV~nMp~v@ zk>A@>n_BRB0{S(Py^ZL&umHWBBldh51i!>4Vs1^+jAZth`@}acU;)I$3C+u1O9joS zEBoVp&~>gV`wYj@)*;VXm8Xk{L!Qfm$h8$$)$%mFS#u=i9M-Vdl&k`%vz!gE?Rl3x zvOnb?@x_2S?-y6z|02Qj1Xgv=SBkIGt3qY&W9hK$&Y%ES8lEYi(N60ozum0Vsfr1C z-JuZzdB*K*QD?XbYg>1=#h3uOZ{(~hYHV`rongKc9EIpx9drL)d#^soep;nt9d>xt9iS*bZtL}H??p+5s0 zOv_s;+tW_!Nfr-Ltt%HX(0S?$gi>NXcl1Hb$^L8&XsW|~ zm~wd0cCg1_>DVI$I^jvxil}n^RBLc_F7p{zxGc9Y7ysz!XfI>~F8grt#BQq0%u4X- z8dA&~A|G*`BmBUe&(j0LM-~-o)u=Zf`6)t4$r}3;fW}GB)5maVX65U)1-_WasGqko z?{}utekg?raM&cyvc`j1@m2l5PATn>vGp&j|;l8)a|dBA=W-f!wb7a*?E5b z8%OK^;iCaWis;YjJ0mzT5M_Ij5VpaXiq_ro*SE#9R(C{mIUiLR<*j)wP=jNG8Qc zQ%Kjh2=us_)j!zpnJAb&`*9H1W|4P^*DJ(oYIuD(PxUacxN;GXd&TPfcGtakbndi=~2nZ>W#a`RP}6TK(2}o zKgWwldk$o>VfldT;Wm3j*UpvNjdQAD(#s#2KMr=xum<0TIm`=MbRdn8oat^)RO-}PEGMAyi~X7u%#EynDOjAq0>6GqKP0 zjohGd{&pcH9Mp4Bqb`@V$bOF*+9n5i=P^q+;?j@~+6I5g!-lCeO7-Krkf!{a2U*#H zLaN4fg_Dh&9)oWy69-yMv)uZ8VHKtIgHzyu5 z+8Mtdp)}jiuX^;+XDr5n4r-cLZ849o&qET(dr4)kkSuzGz0Ga7r)SdCYFjJ}y~~`Y zxuu(kpDnL>^NSsOIp`Qh6)lS@tq?IjEiT&XcZH_5zAGKgmuaf4@|^wvn&+^-`pC72 z)Ek2UZpM(ff9>&|cy-IvB_dsjy~=)R->;Ww4=I~JpLn;4%aNpn>3xhh%rGLoPMnYE z$s_xWm>bYHsHsz=jP)lHNEdBl`Sn3=e=7!bfLUZ{1r)nIe}tewV=U=w zUtATvinW-a@hin1QCB!Vc--*E~xiQnZK0JCZ^No>lxB`@fi%K>AS*F=WYsXKExo+hGbLC6}f>50Nsn20b zG%vTengMn2hGJ`nqXH z;gK^sd>boDrYL@xruh$Pxc9=D1eBvWs@%mv4!&+oyI|f>5W9c;H|wvbIy{i=q5i?w zW(!lrs+b7=*M|AOdGFAeT0y?O0LG8U|Lqd=0b>9mB3dXOh5sGbdHQPIw?jAm)8Vp4 zkZNly@z>7zzcx$!E~FdeE!4jy*+Tej-u=&V*FesRZt^ad-zwzaJcXc7c+kPJ!1d55 zp8rwUpM*YApmQnz+qwTap#PW8T&zVW=)J3Ug3I}|FM5(f8a4JdXcybHmK@@x$uap( zqTt^=PI5fv0x~lA)d^(8l`zvRD?G<%0trk%NEu^P^;`1o?Hz(}R6m)xdTKs6bu-^V z^>jwNuSqPe5!6mIcy|XM66eV8Fk*gAqHQ9HrP+6Q7HlPbmfW%14>WBwG0TtxGZOb2 zrkR93Pm8CB$k)^1Fj$*A%Z9T2wG%vfwE&5$0n}UlQ)PCa;7}b=ey2!!w5k(jDoHDhqsm>W0%CY(r zt6+!lSsUkaa=%k$ zxD4l@7Xzg?Uy*MQwrACFO8o_J5Y%_qCorMXyX z1J4#5#s(47|Z#o2<`1I>o)c8{^2CckGON;N9!S_@eJZ}bdW;_8_kY!qWRs4Q!~(y@UwNN zSV`)Z4(*M{S4fb^tPZ>Xe5s-2@Nvy^N-Lg~gbHc+u4i^mDj{A?ChLu5baVcG$$=Lvc~b@4S1Q~R!+`4+h4XARY0H!nZD$?r$2ng`w?0ubB+ zW=2!MY~qANp`Q+LOr9&7UjBHBF$oEfWu68Cc&UUbycUPBl(^EJH`Rr0s0lNo%9T1n zW+I_>jY^(<%9WTaHyxE125g|gJd#P$;TV&P`hR-6%CI)JZe5%rg|^6PacB=-pn_YA zOOYZ4iWk?0;1b-mEfR`bp;&Ma?uAg?gA+V>fCRYdIp2Nmcb@0`zVmB-%&3X z+VA_Wk(u-7{zhkaI9`8~-@EKNbeHVhkp93UfV2tk1Fib&jpw)6&z0@XrZcc#pWh6y z^k=P0KQa(T-YPlWD%80o)@l?Z;UpkGW13wP*At4G= zY&VE6G?6O*+3Ov*AC7vOMId%B-0JI^ia)`8B>*b2`X?cj7sqg zut!kO#;bR($SZoyQ;I;{9%gxn9gZDOvc}~2ZqO#>)^IQtSK}muP>>{27oJUgLZ4^% zP-5*ki;=vfR=K@r!82vf@|v~;T-@9m-yq_4a{ctXw8>@&fEUmm6~#h^FDZ1P9@FN5 zLH_}C;%|e*Hd-4r!hXCNKj`WIG)%iMJP*2kX6N5T6I->E#9OO!*txXVb^L{A`in0U zZea4xq_AEqofc7#Q`cuBG5W?NSYee3F)w6K29Yj~uWDRtd>x0XaM*1gC zBZUbQqeK0h-00QMgeU6AfG&R1M|)y7_jU?C!a#e3fWt5CP}Z- ziY^nZv+N|vUYqKK?lQyd(2`%I5jmfwjcC9G-o09RT06)b-ss9{4BBB?ADnYNcdc7l zgx-eD34IknrNveM$n-jImPxn$BTyqw;!@3P>f!!Lv*_Ux+QW3V*L#FD*pq^)@3?uE(n$0j%i3bst{=#sBis?&`k*E1% zsL_*u3FnJGI@7MG^^JyhEe>7rAk`wSYb`_fcv5_xJ|PqU2ZG0{Xv)J9s`L*!Ix^^F zpJSkFbumeS_x1C-oL3^}iK8GmqxVgnj>yED(RVUUH1hRo4}O>sHUt;zrL(ONE7Dp< zr4YnRHEL;RGIp0B*)UBVUODV=WjTD2zNGZpdqka)kL&k3ku`QxZXn{mSl3w?zE?(S zzTelSq>rr%836Sw>B_Tbyrk{{nG3!KEMZn zDLx6=rlB|(c_*@pq0JED&}CFv&iH|b8_Qz)@~BZu(=VSfsVZxj@~pyx{?x?BTLVF8 z+l7I$aduB|pW`yn)(i@fYo*+hshn7z$Z17gb=`0&4kmAydg8v5mUhMez~$jQ8<9e^ z0tfVu$H;~_%OMPWA4)y-ZE@(UtcH8dtJ8;x6mODCP93U_iL-mtto-^#@?=10 zdXYRDlc}Uv!4e!paZd z_m^8T#08-at2Rr+lCDo!I&Uc~{MeA1Ip7W&X1O0P|Z zydA+0S(y{UI-Lht+j42<*mlpEO>d(gi`+e@|LBEGXh~vHX7al;``Ff7eM)Eqz713^ zB|Y^!syqn`k}+3aag$U$Mc>3HpE%8t*Gsz#N?)(VN5s*2;lUJEfM1N5F~FncR=j|= z7F26485a$lx*|-|pkuKp0Wyinx)AQ>TExDR>2xbdhDLW)GHwGvcQ+%^%s@<otM-Tdrk}89x4Ir`xRRUOB zT-Dw=VEFL}4M)lvXWzV6D_oeW*51<89yDhcG$7JUXcg2C zAq)_wzHYJSfbB0X8G(Va3!;96F5`*gA~Zg@N+R`nZzkrP08_+^M^oW?+Wb0%W?d^n zaM$=0UDdwnidhN9Ptx?$^C&P&+?&ZZ*a45-nEye$$z{<#!_RtY>iKy$w9iyc2Q*v7?p4u~hNi(K^|^)4ss zQ4^yK#b=Or3OpnSqk`@xS?A@m5|JOk>iJCDN8Z9JM##&Dj!A&A7d3%oWPlP#(gN)WmOo0X2CU)^q|_&K@0olvN9&h?5ee z_A0OT7(rI%Y1-L8g$^|!4#dH5k`0cU2>YGdxXH=eVI7WHzTFmmiLABz_Z49op^n`5 z%*|@iJMs>FK}}~ryR#;czqoiVR~*(G#hy&SO7;q6!)F3@o~OlX3Q#B~7(F4XI=Ll$GHf*ed0aqq;Z8%yS0-pY!&z(<(yc?Yh9rpq z-ZprOxrxs_ae8hgp%ooGUcAs2n~&EyW*Ba{N+D99SL=J%N}U?v*Tu*=)R2k0k{L~e zX5i1Bi(GD%QSEQF3ep?*>(fYza(TG`3}&akfgkC0_iFe$>{$`}q^5K3ro1lo7?%Zk zg|yR7JXvDdneZ0Osrt?;jwH3ogq+$i&|@zqV#{C@nb=|gE+=A|>ri(wYh zF{fq)T|fN^#VaU6YZPFSRao7W-Uw!myM%)z>V{s1X=R&&Uco&U)w2v&9&Rkex3*#wl0VbprUYUNDLF2iK+0?PI!!}O3H?eA5qT-I)(cF)EAJNw@QC~y2rRTFP8E@e>Dn4@_6oSZqI z9T2@!SQ6D+@|gTIuT6@f-hUAtmt;;W{D2NOrTeozSNDQTbju*f8IG)N)(r!1xJ z?4Qt<9VaH*JAvRKy^2+{B0eA*jsBbo3`b}#1b$iZT_pHZ-6-Um=zHF_)K2C8q-f1x zTUz(jV?o_WvBh~!-V)2rq)5{dfyF|oF1dBkGp~ErU50%cxGUY}!=%RDlA2vp(-iL) z+itO0Zd!V@+$37y+UDWTZhcO9rH(#4*<1T9vb|1bl7kr1lki+3?vXL`I`D|O4Udp& zm)7i^cS1-MTuXf|H|smM0q2#N5XUrjtuE;6XF56a6F5eRhDZ#x?L#^nJ`tPY8EQXG z2)k5wY%h87zPY4Wu-u;{2{mO_vuaUf@HVEk5Y%F|<~=lSL&I9O*phcY14z^5O!|I1 zq{QajT(0Xzy*qD#tAG)-=udcscRcjXS-~+UV?|ow!Ll;DM zI7sC`X*?vR?r&%$tIDH%>%a8|?Tl)`3*vw>)!Uee*_0S=S(m+X%;5O;@r}~}{Y35F z!&>;d&J6DbQoZ@*$)i1yKVRQhth13+`v8=Yv<^wJ&Qb#8uHZXyL-D)_LOFP}Z>if& zP|tw{ba#N8rZ=l@dhB*pjmF7Wlb+jnOnu(?*vWX-Vn5j5lb+-@Q}6X7y6?ux7NarM zqAL*1CcsO1@jG?};LDBEjutLD&*MhV^9ZjWd{pIeYJK$ZTHEU0o7|F-ewM;y_}^i@@%|zIX3Ye3tIWy?uYw&slO2SS_m~cwFk*ib_T(iI|6purtYB zUiQDoP)7nr*?#QRenc`^e4GpR@>p22<#u-Lj^>;67A1Va*Iq-3UHjoA2#xmmfUPbo z-B5(WZQ8s^$EH!{iOxp4GhwUOD!Ui#d6YEGrc^ay)Qi-T{Uv61mcp5b@?XE$mckv8 zPrNCW26baqGcD9~1K>An(Fb`9E%qM}34k4FHYf!{fJ5{)t&0)lsyO>{A0U z!iT*_KFlOiq@!P-?*BDeT%33{_pDA-eDFZwuC2HBM=^4XEk zf;2YXuD7`KG~S;Q6+iFn$hJpsr6O`%Hr>gX6EuU!OV(ctA8lQ}4Yzz0kHKc=nI4Wf zlEHq$lPo2}-o%QQjPQ;|D1cwLKE^F+_tW3mVXPFgem!@Rr6?7bvZ!dn${vUkMX7H+jGG&$r3%9SEkTd_~&k-$%7jzbdjP;z`9& z{CrCsM0tDKFW;lv8$0?8vpgc8Uu3A2qgY>i08rJ(;KtScOe3B7H9i|haqpl5IN}%z zJQ?HHUY+Ya@d&Apxp?1R-x%#F32iS8e&iJCHko9TKEvd+VUC{o$z_jLTr7e$$Kt0p9x&Z>D35M^%RZVMpUtvzi@6MEa?d9#8p;!kTM( zU;Ay=^>3%c)xePpd7MIN!Q`8hcN6a?8{~?a$~uhD?{j@PT5rRzTkK!^4SOFUX8fwF zqe>=sE$);W9Am|V3kpg+_s9+m>CZg^zKZ5uXgU;$M@&{NaZGI*@KE{3At{fBWTHz6 zzcfc2A7Q?ScY0m~pEt71XVf_a{NCKG6cA>$b1h=h`d)rol8J=a00&dd(Sg@s6Y+?W z_x^Ot;#s)H8CA{6%G|xxyS|HE?!3POB_M;&))8WGkTqVCFGUUvwE04(qjf9YAAcl@j*X+PG@i~@O<_hNy+p&E?wEdzPM|m^zZa4au>i@F*u1S9hnhD79w44Vk&&l%eftZ7+B zZeIn*Qweiw<7fq8aOS@XOpRPR9>*l;1IHH z@X5hES%`|i-7C^XNSW9+>;@|9ugZb_5EioyFTnvvRh-**2ZuPuQ+T)R`A4T^)uPpK zytI{l^|_)Kxqn6h-vt1tE&zGdyX=U?A4R0v)S}HlWhVheKQw=EfQAVw+5%0Zy6H>Pr`$GiyrK(X2!P~QuyfG6-S@QVf z!Nvx8yH_vz#Y;Tm*LtZm7=5f_=*kxJm0QCH&jLU|2n_5%k$9q@+n*!R zqb_jhcC&q@`D+mui?<%@?qi=cd)`ePNQ78hQx{nS#Ha9GMQFp17_vVJ=6r$~(9eB{ zF31h5-Bj_7FPo_#4|j*iz79hcbV><1bOEfbUmas{k+O#G$JoTv{0X!Vt7rXOBeOvJ zH}u#ZL0NH@qp|?qPd=Oenw}Y28ngV2`Ha6p$xlB+G&(Q@KOdY=s_}4aeEf6r_s`)R z{nd=<;g=kgj=1mIT&513W(;*sRR{V92j5gd8Z>GwGcO-`<7B{kSp12KP}-+5)1zJ_ zP(055A$(ZozMS$VzJ>K+dDXY5wJR)+n$yOqmH$r&^*20f3dWb09Zxc=TC@6#Lh_q~ z_kUMKJpavdFO>!}{0q$5`CE|hD^~uWS_S`gTefuK?}}rV1f6^T1RDQpo3a%PBCpH? z-u_FQxvIYzRNRzS|654lFZ$fyCIud1L2KfrIQzfUY5!;B?+0T`3}98R`homn|84$% zObYp3X!OF}@b8*R|3JJ0IUZu27$gaq{hLtz50jXEvEFyquYLQMHf2+Pt6X)Nhwl9a z{r}U=mES7YR)*<+>2K!2-%QRbTr>B7*zvcU#3oqp5BD4X{FgR0|HL|xNKITV^Iu)^ ppHnPp5?i{|x$o8g-w?LnQcOW3-FDAx`R-s3B{?4=^|+5HtjLm*76QOCSUYF2NE)a19dN-Q5|S;O_8- z-T!X(ocHm4d7M6TF86jB*bw_!R0joD={ggIAmRXC41HILgX?7L)=n77qREaF1pOqO72e}t^1yv4Q`9R zgM24~Zu@S1X;*`_2+@e|K+?gch|;U(z&0--3yv}e?s=de0;YX4N)o3g6`~L~Hx4Mp z_g?qlfNC+!HhG}^`r_h2)zSJ>7%~EWxII9-{f)#WetD+`zz_xD$D8)z3R(&FHgX^n zFb06zDAXq71mSH%bGkL1q@(J8hQK{aklt>B9*Y3V1G{R`GNFBt&DDeMCw$Xs zi#np6;5rzr_>I+q-PFY|=nAa`e9~_`bUnnWzDvkI#2jNj52;AjL;T#3*W!PY)_r0q zy<);nwUJDH{4~QH_M2U%STc*wJ3YBIxPB#0`oot#c!y1U>g-MaSV98GP!Zuyb3RqVDMC7YqDkXxF ziQ7}cS!OU+E%pf$*>6%KK_iLZTw-XR-4AHu2T(#J5k(~eaDC$xT*jRD=Q~6Ng8=OT z@qWlPAS_@DN$FE-0CFa97r|4M{|5lI1=k)k4WVcmvj(Bqk2I5T9ud14hX|Ri83~I0 z9RzF@GYJFaiKawTm;f}zo<=jRVIhkfDly|@(};OVV-^MSN=PZ8sXSGca2XyNw%h_Z zWBm@?7i$}Sd5Ut4`PBfg5TT&$`p{?^@p~JhJyJbDAz%zf_L6cDC9#F)@NErpBf^s3 zL9@gm1{4ojNtvGU4Tfomqo{kfxRS#U$vB*!h^k?XQWKdZZ})z%j-_B`7eZ+YLJ}Qcfi>r$JI!QI}Cks3m|QdxvbZQ z;&1gvUU9tPkS!BGDqO)KkebNl{E;`lH~wtAZhYv??>EjgpGMVkUgh}YVE0DEEyVNp z2KUPMy2XhU46D?uDyz8WSLQ>Mr3y$2SXFhudWfEt|L&7Qk4PgddrrVAP`1@bQfOBA z{Ckz!UZz&{?6+Sbze;|IdS_fqoh6c}V7Wz_L@tnQa(D7Dq!gz>1{P8_c{0ZEEuFO( zi$1!3;LXbUzMe}nnLqh^BxRI$_|y2{nC+;~H;HkFVVUunqOm-#tb#n!Z*>aQVi%1R zVnbq41=Z>$vIl{U{yvrW&+pXkIG&h32@(4w7T6*oQJ$4*_{%U7W z>hlAg`Jb1m!9`N}9pDJmgyV$!1owo!1iQkIMH*@ZYSl$OlfsjvMRSGvb4kLnT?#=neCcWpT&Mj|1wAbUr@)T{iVlCTW84XWlzr_L)&)H zSjM2)Aj9Cq!3qx$X|P@qtXkT6uhz4&7HP~82>gTUhq+UNP&BhgdjeB@l_*zz#>@aLKC&KxZC z2;*>Wo3B~Pyp+i0Bbu-0!`XczKpGK-xQ?g@hL- zdqi)9W<-J`!g#W4K1?-oy`!oFwvxT_ew8-Soo%kd+PQY`IAGmPov5%|%fTk+ckg(- zxq45bQLzAV)Q6}~B~cHpn1++=bkB&;;?bTlD^BW7VpIuw@_DAMwlcsVvd%KhGGwxj zGPCjAgD$HHj{3(C_x1Xz9-ki79!h0#<)^uFxvz40b6{gDV+tqhR}8nZ1w3lzMf=Z^ zfapjP+X~yBqjW)tty;J*w7~EClte?aZOgJQ1&{2%TbW61bn(2kQZVZ=J*xOs5m`}f zCenA*b7jfm!D3~zDNy8+I*C=1TT-%!U?V*}T>IAC_`Y*QXK9`~H7r$`_b$aeM*Z`J zt<&kox!2k4{B6vESCbWeG%LFBfl-S+tMGXh%H6_`??2~`%7zLHhZ=t^eQy;QxJKrin+eJdWl+71EMVs-$zPa zpUR7*sj{k96`j9n-@hAiu-Eary&5_aSrWpv&p!Fq*3ain$@&q4kVZ;S49Aa*5%iWAV}8m_gMq*sPs8 z_1>1-Iq7|fi6weRwT@*Gi!S&1eG^<$X~ka}_w5_bLKY$uZ0Ghj^lf}?_RDrGYb|{% zil)k{8|-A3YJIBjF{YSvG*vU({N|=W>gw$mOiMX@3lDHq$ZC$W^y;AH^l+CadE+DNS5#-wE zTDA_=+aF6P8#MHuUp~0 zyYbN0C`QUCFUQOAGydz7iaZ{Dd;Q)<5^tM_=ZAYR=h@RrKL(S*PXKz8mJc5g>iIDd z_@5)ZVMAy)b*eZm%&figO=$LAsde{Mb43{c^#o@I(NCWhfq;t(*m~TZLL5ppk7#Yf zqWKU&=V%JzVdZ9JrxHd7fj|&P z6Egv2$yfgy4*ySx%EH;%UVx3w&CQL~jf>UJ(VUHgpP!$Nos*4|lLg*`#mU{)*$~QN z>qPxGk$>n&nmQRfTG~5X+S!60=^7f@xi||^Q9Vxd@892innErA%w+5IKe6BfvORub z<6vcH`#17XpVD%(^m?Vk%I?y)URx{PpurMRXZZ z*2SV{tR6wBp;!kX+Yf7;NopK}(f3SC36`B5ra{k09~PcDD#;4S*4SzY76sDah-1h| zKV)3Unk8HFg8dhgN)O!AO>%vf`t7RfoqG9%E#He%BjSPnX@>%UMm@Jqh~b}CAVdj2 z@n}1wKW`3|0r&xW9x(UW7ovcF8o2uc0WJEU24z4*7h`KUgxLHUmWi|G>4zl!PpgkZ z2+mB@gQoNT8Kwk07WzXHp!dd4d{~wZqL}(;7(LPz#lP%=5ZP!%!CN_m>ACX%asp@0 z3;SPAqWu!_GI35vF^0xy|B(^|XRZ!v-3seZ_>D^ABs}>dOkdR zJG%Odl&tTi*yGwf_ov+SrR!nP#F)!hF9GifIG6LDOz$KNkgoS9k2#+42tg)a8``|& z=hqzk5)q@E^CtD(OClf8Sl;xeVummc7~IjZB(j;27ZwOB_nJ|}BOsu0*_n)0vze7C znssUK>Y{r$mj*_}vzG^LDkklC>#!~~ScO_I*0ih(bcx>?RMqFlb6bzMGm9U|xKd7< z$|iPyveBmDV0e3dzH?wM`4ZnN_oT?`dh0j}iJX#L4T?*IS*&C3_ljT*C6J6pKm zu!AyO3CdVsEO+G;ZY$QE`+Hd`s#XRht`WtIE62{0Wc41Qb}omav51NtQ~Xh77IG%L$lD($Thx=H;r_w#XqE z4HLcGZqO30C4@-xv`FvXIbC#w)`^BStLu}nh)Fr!N4su&MDEVkN__Xa^{>C3)gTOI zE7xmMdd_zJ_Iz)FX~Jqe&Z?wItRa}M*Zg_1$+(BL4^PXV1ZUx7RZY>HO_k`aZ%m+>E(eLB^48~va46IghRo*yKlQjjor z$j0H^`#L@3d}(~Wg~=Ic zjOh__OLyy!!W&%iT#_?gx9GnShbwK_-fTR zhkd0B5uxb_2wY$7IY@O;Uul}#uaRZkx+q?_p7(63=fBt8_I9H@33snE^xRGS^3!ff z<~(>me)C>P94B7rV?j9Wv=~iLf42cA zYwG-D``t&;P(S^{Hpta|o!wd^B6jbpL?dQ&T{I_;VCpyX>{NkmarxD2M z9ns4x8-q_NSDv$IqvelvHr$85NE2aWa=8Qqx!7+;>BJ@!Y3)>5nV#jxn`w{XJj5WN z;gbLkXJ;_5?Uxry8d%l4e68|v2AIaWU=0++xHJq*7` z1Zj)78WZ17=CkCy$t4ssFrN==Z3|8vS1X!JIrk{obeQZ{H0?gj9e~&xfpKD(u&~$r z*dTQDpG(6T`d_JcHwkEUAB`5+bsy4=j``o--sWtwG;n?)-`E_u>xA*QpY!J+FZgUO znAIeUOx}JE@Xb4-2v{AcUSxg3y;5b;8zYM8s#cIJ#!vT804g;n?}chcxt& z#D>@NVWIkCbR{|gY(mNw;w!@XDrN^mz~757AQ6Bh(?lHtq1EqCV(kdml}5lGJ=}+@ zU_Uu;kU@O@L^=0Tp*uzeGl;#pezIt)x&HZ)Vu_@JjC{=3*H1C>XHbOf^}pZkd7Emr z5aWUT0rCjox%mws?Oc7}%e-&`Cc#0hB}Cu?h2V3`gbC#`b7Dy#a~&P46ort{B;Wh_ z@%k10_1<`S&$6=3e$JqzqJY}vWt<9T29BQkWBoy-Xfvddk8kXOyhQCH;`>WOHdfZRHfXu6kAfm7OKhIafSFQaWtx`l&LC zXNXdx$eBNt?CK+PW<}+8OmhH+dRBlJ7iI)Nf;F{TW4ckv z-E)5D)0ou#(r5?9y52xUCFaRFq?LoM2}GUY`*vC0nOD-6!q+5IhVoa|CW{%*^ivW@DaF4Tf*3$6P2byC8sdxi_QSDarlZbQ+crzB9;5B zx?jqHYV;_$)I_GwRKwScn~_4t?`C)8lP1&UJ|6u5aJOsgA6(*{v0m?#jH1$Zd@<51 zRNdhXnD6Mo@L_k`Aqqg?51gyE8Ia|gPe6i4MbAXRM3{WhMBmqT`1Ln_hZSu7K*k9? zamEjf9T}nRvd-V2)&}c@y~dB7ZU{X4&Bq>q{gqm>02SRmtU$dex{4V2eeLf{^jRRk zE6%9v&H2vEvG0&@QLWojihBPX)||13dPw+kr+jLU*Mi$n@fSwWJ2~(Q_HV493AOZR8M$b}g1K5_1jJvuc zQWA}sSBr;gg{&w_h^BDjy(*e6b_^i{LjC>K0eRskw|&$ER%h6>T<<3C>UlJifQn2NvmP+Yn(8L%tha=*17tf{SDTAt$v zc?8{+SI}jUFdSInE3Ts-ON-f$}KgVf{_zKd2=rU zR$I-TeeNRplHW2ezi4&<@BNq}cOxkqT8i2&#z`bZ0SI5W^!(J`Z-)J_9_m?m^2U5F zCW3&d4MS%3a;0N?d7rdRXl;VM5UUmK2RqZdDr-Hr&GW}o5Y#-wW&V-9qP4zO$Qt@3 znk}qs2X4tY_fVoJk8jf?`aY1fN)m90hYhM$B$FHl5Uap8xHGwNMAHJnozLp0{YIa2 zVlqdD@4ugT|5E&7QlNfCh7Gu*R;)9jf;cy|e%9ber%f;+j>~jv_p@UOI|4}`gA}nE zt)wj$4c zslQ;yG7A!pK=m=B!yx^BX{z^P;}>sI1vs#%NrWRoPxo@3zp3irZOyNfaGe+Y5qjqJQ2t_dUY6D^kB)#eZPVa>FBRyO=%c{}4ks>eZUW|Mmk zWvqRj{LGhE)3{g4bJ^>kny<%3@Z#--$2vDZ$F7yc(yc|szQs%YoMx$;GPoBdMA!F; zGG4^xu6C_|hs!37;~51Z)7)VCU^%)?iLk?bWh|}5RRB$HPKxog$9ddX3dY=Y?(k#@ z-6yp3zQNC9qbBP8#G1GS$?IulLop{u<;RlWW@t}FOs1$3WBqQ>*0yn-_7Boo;F=We zw+Sp9r(Bjea>#D#8ZGsC_WHH?XFSu57Iv8lf&tmM1Qak0+0L;**-^g?|BqH<(KCVa zwP{0l5$D|7>1{2BmA)Hm^8_3}Hrpk7i5=e0dhz+m6SzlZoQ^vJ{K-ic8+YDbYegG2 zIhr4o&3uj9t|5sZ5NM(HT!`mUt&--?oc~poS^^DsNBhnxdG!yTO4fBKDh(~=q_HVWu>6&nI zYS}E;+5`i1lXr58tK{@~vu%w-m!(H|_wF=2`8_iV*B6gHI61@?RkL`kPnI+Id;=GBfwDX^{&~nYX#={sTqw@Kl9$-w@Q^S<=rE#6eU-MWn=AOMWgpEif&z71k zkK9I~*DIbMls&KY(k%esP?hTc)Z+ZQCRT-ta%avWs+=?>3(CuoFeq&oEdj&Sye4_P2_>ha9RDQV9fnoR`|)x^8W)rV-$ zU7kA3MWKRWMn3n)(nTJ>Q%_^&Dixu)4h;?!(a|YXPu`Em%(j4)WgmpGm*`Sm77#qC z(`fy@K%!9w!lGt`aQpQ@=KuY-3qvjy<_fm!8!0rOk9F|{TQBLM7O$+j@kAEA^Cv%t zT1|4nTC2~k`Q|`T_O9(dmie$=!BbQrX5Lq3TiASv!<*T&}Ba=B7iyn_^zqPC0g-cr1ZfV*=3r!_K~ z(g+ZYZZ}`~#1nanY^pM%*vYh}>LsDN_;{nYzBi@!?DvW^`8NqXBX2oX=Q^=a7EyUl zU#-ZV$yH5mv;1z5Y{H43j0|reSBUk?Mbo)Fb^k?I^_K&9KtQCtJK9rg{CxZE%2P3y zN6p`@e+^UbtN0-)7ELSfP85gFZHCQof6!qmvjDgS$Ws7?b)u`T9nE5uzKOkE{b)Yi zZ*nV9tVvA(lKlx?)7m=-EY;lzeGnRu2sGc?2v?OCX_6#&IrYD7M`M|tO+ET$2~{Sv zAUd~dcuvC&!N6u>R%`3Pk-L@F~kWJB!c)PfHN@72slKe zHBeeU$4UI8uadBMW+)OS+Lv#cs^+ON`AfxvepKrqvILlTk*_lVZ0@;nO%=zo|B<(A zaES19>9ksIx~>h{zib*9)*F#yGL9&s-IRxR;R{torS1id;{1MX3tpr?5pYh_+$&Dd z>JaA+wNot44`p*DJ7i`ZUdc)%`N{77;gDGy1sj$k>n9WFC-w$?iP-L)3M8;k<%v-@%SVXsBFwP05y(J2 zHCztiwcK-+YG@^$Q;_)PG^@{oA#lOIsJu2lp$v<(XE-b)Cv-eIT;gAMhUBF{QJQ6FtsyBtr2h7uME%2%#DGd z_juMG?!xnXz@Ot2x6x_LntYViSM|Gssf?)NhCBY z*#qn->!T?5mWs0aNdn%#n+Lf~QsK`c1AHZ4_Z-kgVbnVVVLmxiTOm7+$x4xDNjj9Vp6RA6v+%J?E8r}-S@&|=dIF1`@=aJsyBaQ5*@10}2?}a`o-};>!l=r`cbNg@FiOWpACF zCU93mQ4c0RI$#f=5I+nD)7+PJ`#=uavk{P6pZl__WE%{)uJx7XrazM z7Rtv=tJ;Vq`#DtwRK=X?lN)k1K=*FV+9+k5X`87!Pr6XMRsA`I+-HfhyxC7t){qz~ zN@oT}UvkA5g4eNYepT;&CY3lBZn5#H$WJxC-5fJfv&bfcBr;BL)<@SotE`WD5KLoc zQprr0eG{9~;k~{nAoa0&bmGVf9_=>Aiy^GA>qwymQQ_U#Xi-hkg&B$!X33O3YmJEc z-6QS;YVF{jLW<5sdmBG>D>7A7s~5h5G4cV2r9Hg@tdG-V%;T&9a>E3EqEyF}4T3r0 zIJ)jXOBXE+WiQN@0A{tOy#idxH?!~u+;AVz2;zo4oBhJ^Jgy*Cc6dw9Sv*BYb#Ms` zSmiNf=jE4Y%qO(h7(=ksnH}0icQ`+Ry|C0?R79D?j(*0tVYV;Ny~BP#IDC#HdQ1)>bxpA(stGSdzD92XWz1NfOGw3Mhi7jKw>QX$Zo1CT`4$g`FQP z$zSB~bRAZDU>>|>)5}G_2b7@=EglGb)R44JNgG9uIkM!;*38t&u~|^jU8`+cEizNF zrcJE^^BQ7}pS<*O3OJI?79#lrV06%s=Cj|we}9jxvp1uPZj3OnTPSDX@x7mw1-+KV z_^TM!6Y|As4${istj4uXA>MB_AvWsSM-(Wtv7*kYj3g_;z#!zjQp^e7&5#aKYyMl7|+|IZM`XzfxAVQ?YiMQoM14=oLnradkt+DH?5uChr^xKL8TypT19L<~@JG0l5B0Jk=j zo)vAF>p@KF#dTojyt{xg>O!s*u}G1TLd@A)hTr6Ju_fHq_8aMvrTyKPqCFK)Fp+RUcKtiLoU-&ID`plW{I zkx%6R;Vwq;(m#B7fkZ2$C2+dh7FVp8D)Jw!?T1v14?une1kjV&#&i$8y9*vJe21QC znEq`CXH-fUGk=yA2{lof4w}O_pTgzWQ2w#PdVMF*WlqerRyd$lI`xvT6FVC+K%>X zw#oKr&SMQ5+l0;dVUTdYjB? z8lE;~{&egy*^vptJDmMit#w_A^HD|`Zbj(lkq+&@J=|Y3;o;-Ip!B^hi(|{UXI@&U zbL(4;5@F>sAB@YA2-Q25S^4lL^eOqTZ+EGDcC3AgY>8A-my$8EfbK7F!VraKtKiJ8 zp7JN~)Up@2)MZC)rouexBQaMe7%<|{7J?OtASWkBiEw&(wAv|KW7vkmpjMbv`F`Tf ztB*urpX*9AV28pNfu0l|tF`5pz|rsWr0yHZ=4;(C)UR~1BgFzyde(Yk*K0S^xv~~n zb$=zD1P()-Ha=of3hQhPeqqAJ#WlOSKHFKJP}h&IUhv+Z0D+Mj;}T| z`WD=lY$oky%B2=Pc3AS>ehoR@of!-3Fl-BvF)+yN5rcSNSAJyz$^l;yIRZ9^GT1B* z(mnTMrl&P#8olejZE@L_kx$al(UEcxlaX0pH~SpE6u#N5P%cnoaX%e-ZMxLxy)j*i z{nsIY$oNr+DUO=X!Fi{k^CJ`0*VlhWGMHDPZPzdXEJ7z>B!a>7a{OYK)8&XyP`X{F zbj{6RFn9pt|9WrsXCzJ#DhFQ(4i6+08k||FJ&~_!db%}28-<&VMD;m90^D2_W zbTCJ=!t7Pt?8Q1f3WDdC0^s>2x*z58kGoB+)ZpPFBQMXBT>!tWPQI4PLanzs90b>6 zl#tfDnfAuT1O@d!nViad*Hy-bL^>-u($j&NrB}yeF$~gvt5xf0N)0IUmX;2i!RqqQ z{tVXu65O!hZm0Gt?ne`N$c-2hA|#)*2ha9F<3!;*7+E9kld+&A$?32n$?tyrEltRC z5^PUYd1?EX<%g!gg~~;%@P^MCh39wiwAOpc_n`q7N~e&L z7c`p{E9+e+fg~U5tdQB?#?s37u9Vf!3)hG|E@%x^^KdB>qt0WB`UlV;i71Q*im>E; zq3g8UT}#Smn-<5SJ=t$;Z>e&aZShU(=lg&(F_q&gyQM{k;s(zPUa%qXRZxtfda*0n*k4%hq08V_?K)_y=i93U|vxRu>J@)7|l4PowpJ{e!{C2G(TYk6CXa++FACNxV(Vh zJtUSHccF)K4}KA(JG`F3x-n3)U{b+6pc1cE6Fi5PPm#Ds90JATvTed-fD>+u?pvi%Zqx^TpDQV!n?1fR&QgoT`r7H6G=8V=nSj}=Blk~V{w`TjfbW7cpj8vj z`Yp8|OqpGSD@3t{G96{bdal|oalJ1w_2`U!_&8DD$1?psX2J31-h42P;|UKoF=u<@ z%b_uN55BID)wbzC93Qx)#UmwUf_5G$irksBe=i8Zrhw3kJls}{7ix~}-VE?9Nvo*D z8NXw1rrtS()}>))SHW#Qr{kKm`}KBiB`$xBam=a54H2aU zoC3{S|GK!mec_ku)Lbx8Y5DHx!tKtb67EZCf9DtU8&4hHF7YjSjREs^6VwYeMjX)L zC+JJ^{rQ|-j&7antL6^4txsnk%~xfj{yu!r8_#44Kdqgs(^WRwV;Ns@ziiFdRv14| z=ZBsOIByxG^N|q~Tb?^vFLNWdgo_o|x$KxtE^Btey)TcRJXzoE)k%(8k(PpI&Jcx& zkIr)B?r2Vgrk`;z9Zm=@nEl&v!YZ9O@qK zZz2x^p{-vRa2)rRnwrpLC3H+TzqEZ_UJkBXPtcaDd&vrEBNFEoY@4~ki#eK0-Di^ygM zh1T?_rt#XOw70hdDc)AQ?rBlKWGQ<;*Aesue2NoZRqwAs3HOYW#_+gezIW$e+TM}I&FHlQVYES&0Q0{{(O4;B}IDcMpHZ@NB_ zBlCNo-|~~m!mqXm9CvD#-v&na+1CF2QlNfAJr}(iS}zdB6h^Z)DW)Qy4w=b$jiU#F zGJ}y$jBw1lwr+*c#{NMNDET;c=3ht`|0!^39(Cpplgl>n-^?Xg^Q+$l9rFPcY7^S=_qdtAVw zkvDvyXeBY;hLH(DXF;Ep5DW>#nj@-h=6K=fEv87jn&d4IoV0M9rhsCT{^$waLClyX zpnP}SY^lMeKx|=)AVWz>$po`fA#^Rr6Sl+y+xyy!DP0 z&i?u}l900x%>nVzZqg%8&CE#tRVhe8i@;_OMIrPU=f0{J-2%&DN>ET>Ub!9OQ>okT zPM58$u2K^jbsU3!Y1z8=Uxx1Og}6hPhY2Nh;p->ofb590|9rm}3p*nmx;0$A}1D{6RN-&iSHx81I z0X-#}#fRNzoAIv#iGFt`C+6Om-N0uEj)33%1@CwqS;#DhQ~SL!0478bLtKiP>(+~_ zIyiyU=D1<&KpD?bowMz{`(}Kw@n42Q=OcU=A$9v1oP;_OBEFfyyfFGVrWMEI7jXYF zFA2YSln2dV{^PLV*nk&MNWyBZ{;^B;4^*?If|t3{Mq7vc0Zr(ni0JUk*bZp@qxgTf wWm~HV&_?uaZn~B5xe~~+UU@-9n`)o3?KGuE9NGV7biyH*|A0H0qM*si- literal 88835 zcmeFYV|1m#wkR5QoK8Bn)v?jBZQEYKif!ArZQJVDPRF)+d!Mt<-sg>X?!EusueZin zV|-OL{nf0Rb5?y}^0HzGu-LF5ARq`5;=+m`AdsaXAfRi|-~RR-_*I93fWV_$2noqc z2ni9&18q$$tW7{b#KV$OpwyMd&_|AvQ3VCzg!v_pWny)Uo}wLVk>f$~29cnDIvXqW zHRTffqv@d4RYAr!5$3C_L!3J)2%DJb(C7;s$iN=ob$x6-9ljlI=}l!iT>2bNZTtqw zHJ|fEu^70l!gj4Bp5$w1gFlprlD+7 zebXQX+Zska0f_O>2r_9Xeu2y!jb7OhH&lq&sux^*f?LE<{BwA8DB$;f2~N%iB5FmV zjAHK;ijQqzarBXK-Q0-A8ioYX+s!S+YNgxPk=^@Md;%@DM=)>Y0=$8IW9zit#-qt3 zA{z5Tbmne}sIZ`_pJ&)e+;hZ>ZZIXK>>*$8)LoF#H%yRjYs3k9R3==hM56KVyW~1r zDax>*Pjd)*J`UC4vi{ZC`ge0s_Gv!TNaof)gZfPB=T&5*PTD98BzUYTmU~wNQEPu? ziZ#vNh#22WkTzy|YI5bnuTq8qcEjIdl;P-BY=Q4|GMGrT4}A*`x5KYN8g&{!5Kd#e zZkY`O3hUH~+36XrrEx;ej_4PC?OWeD(oEr}=yJ?8tiuR@Ngl=k_DrEfrADxR#j7DP zqpxRur$}|gt))n-jHN8|wpNcNK%-s^-Xny62IK36AXZoEvyO#v#REqGzfNf+1F7{z zDg>viP1G1B{y|FX=^6zZv_mhh9m|e?L}GE^4`%+wWRs*zE0A8;#Q!4>GFxD(kJbMB z2Ez9MHF|Y`z1fBdO>`N@qjEmqYz(F_JYjm&nZD5CYAr126(3-m7-kw;Cy*jABM`q| z2MJcIt#;Zl==~;pD4-;srhdD@RivLFky(J_*v}rceygbe_>+-f1GC(@*UQeOl)!QX ztChTV@WMc@(_U_c9m@PeH_u#qsHN`x#?8=c`$@r6jX}*WwoDvv`Rdo@gAw}n)o>{I zRUV(aA$6^hI*v19M`Tt%HVDeE2v)<36${3g>A;fsG=|4U^RQ-`)DZSVBOS9%+m9E% z?5TJvB*`uI(W9wJ40`D8Rev`@U3XF5c^vP!w%_`^>y|&}m)3?sL2jOOUSC`%Vm(`s zhm&lZH%vjaCG!|RGNMdCddJK_W9ltfQ*&z6hSbwZJDU5``95OGl zAUfehEK?zFnV>Uq(`e18#6B(%>qPL9I3~_}AK?~eNd9MexMjicvGD@dgQ(D~y5qO> z=)?RVbH;Y;Dq*V`aC07a#IEoyVUL-VW2A2kZjpW`2Fa<+hY=!%W9r!CgXjiD>X51d zc>U=+9o^9n`rs>KnW6LccO!1qxbpm zNJ5j7{+NStfF=us?Z@wj>4$91e}x_pCXN$eA>!(5N)!G~Iz>@UY(s`m&W6$v+BHb@ zBdk!Mp0F)}Sb|28w=A$R&C%B}c|qos#EWnu!D*~{9|XvhCPzoC7WwBxJtE;QGCE{Jq zE$1EPS@e$lB6S;cz^ABEdZ?^->R2Ayp5C6aCfz0FB~>sRX`$O_tjP;ttx9&zehhsS z@T=A@LaOXlP_LA)lCPPmx|URsofV(evM)BwGYr~g9I^@rmjp@U`* zP$N*yCjk;kk{lA%sIJtyE8hi!3JoiFYx)(aR9B0Dx1CS5?($7SPVzD$le)CJfNIUAHH#+vZ^I0x5X|*hR+wT~Etomv=5p8By;-%u z{ydmXl&uOm{HE~6CvIPQrdF0g=)to90(T8l4aOvPEDirN9 z#&R@Su8zArw8|6O)S6b^OLSGvRYU;13x0s#qv^%n8aNj`9(|T{76O-<X2YERudU3hJ7Nr^?Tj6bCKG`1eui8%`@NmBdf%Lv_0q6k& zLOKI>1CYT^!B3I6HXHiy{lc51D}^(KQ~Q2YlMC}K%ZOiNsryV}d}XF{0IBk#785^{tOFzJ zV3kyrIF*3Kim~8?1d5uB4YrqxrU0kr2b;4uwx4W7Y$9wjY_`^ufYs*3X7+P)XHe&e z3+xNsb*&YLi{?Vop#_bDB@_gAirj}vzrhfbOs${iB#ejZ8DL0}N1 z4AGTn^R{!fA9mn7eXLK;(M|w*)+4CMm0FdYchgm0Hy>Ce|O))b^fzuv(YTH5GlisO%xq4-KAwA(fnLbHh1t1^3 z_rC4Eef%N4FMg8(fw?oeP690fO#!QYO??4GvP5t~nnGoHjCm?~a{a#t0u5yTn7fKU zzg|Njiz2^=28$zM;kNPK8YD_6+bq~Bg((#jtIBzy15mmM+i8RGnW;^Ee%n>bou{w7 z*%#aAw zIcj&9Xq%qjm>-|lE$k?%k-M6{{#`nXx$|;c?pnhfz|>;aJstjgErT^ZE7pr6Br_r2 zA-<-6dbee2DUHX)Ii*)np7?moX>v357bQH}<(SZ|=|1aWMSqoS$Efms!m+)dn1EAX z2a&tgm|$4#{v)vEU|ns8+LfA1b**Zn z^VW*05P&*Ku;wA0&o(gfUu$8tzb z&35mGeEXlxVGSI5wG}n%ZQ)hYwFMCL8`U>ug01`}lY`_ZEl#bD z7B|4JMja22)knEsuD>qN;Wsq&jI@>NB3di-mm4;3I@Z1IKZ~4W4zufd^d4`Y9?v7T zmNn0mwL0{yzS6lGWtEqG^k4m^0=%JczH8vGxux2-omHkPwUSP64WwlShSrw zHMcKkymwtfw&ff-oEP*Q+Lu;N=2jP2i_WB5%%0lLyqD>>pu6oKOa~{cwd`9iH?qAu zju4NgB05%G^tP#6*?~S|;Qaw}A(G#z@hy1DUk1)&26&=*N(kO~Yky$NX<2|HR~`|Az+uO{4!b z*MIc>wHGfeH~qhC&kO6Nyy5`@!Ve-LETHTPdY%QRt?cyr#RnA`Ic?3s-9F zN;J38J1J!$YPyzQq+!F?(hS^O`uu!1bKchc8m?X|w!vswI2TN=FB8#>cN3tdl|OrPVE-UM3RanW2=4cPqV^B4PC;L^1>L@>ET;cG*Z&-$E`7oL zzsUz$gQO4Hq*m)t@_!W&){^(z|E%P{1?i=RP#3sBJKv!CpN#QuIA54r|MZyu-u@qL zcnu4xD(?aL%Vqq3W8QyJ_-i_&|Kp4J2ju^6y8mgK{(oY+XHq|WXg5cc{uFQj+76os z2^fu1Hh#ie+0Ld1zLo9|p5NgX;Cp|F{&O1eSCHgdIsItp{eMo%+#wjpK%1E;B(U^Z zdl^W0G3SAmNb)sBl{^nv$1cGGA{F%9<{k5f5Q_U^wvI6X_B4U-pM8xaHYg(3DWU7{ zt)b;Ias`i>lE^s{u)%t7{1VtbGjzNpNfZ!a(zsFgIAS|%ygW$QYxuVT<)CWRKjl@O zzd=Iv3}l~oQQin2eO&;)x$r~5xFV%Hgju0s4g?DvFV*>#ih>hDgcsEK)xE>pHRlRo z$;y);K^eT$K!2v_Z#)p!DNzqt(8>`)gvtiz7VNz|+vF|@{Sb}`nDHQ-sYB6c@~P^A z$m9gs`;#Se#*!Lc2Feb)=`n8)iD~78V&C>{&Ex6sV zQGRO_Y}5dEECcoeV)BG+5Bd-=F_cEW)iJ}h_%Y*=^MEV+q^C||3! z*k=x~UbbdUs$u0IbJLP}#ZA!y1sj6nLP*5e<$tPbE`Xhgt=jN=F*$Q1Ej7s4A(v@} z_AMyWx(jSx)iMx|Zkle#X$FmDsvj0V4xPECe*GMAd()H9I6s6*$%ETrH^)p&8w`HV z59Y^Yi+c5f8}=$BTtE{~a+#Y{-Y`b46-*m*5<}NA|*S*ksqMV>-5I zaMC&(RXXHaGHWM220YK4Eq`FYnjR#KRul;tuNk@C)WL+-x)HPHb~d7t9Z4#j5x^@i z<{Js45|i{JQzp$55wpSc$XtxTo+fV@0E&9JZrTedFX0`dVk>!1#&zXjEf|lb$E_sK zFonizA(5&nf>vY|L$hvu1*I>W9=xTvO>TmwypGq#VJ&Mef3Ljlq;M@c5C_JoTvxdW zncF(C8@ECmty-kdw1GXl1S4Tdm87N;z!MqZL%e2HZNEB`FvS61t4)wbT{RFLd36b` z_U^_bz2#jj*=2d1z}@*fl!)GUCxf#gaeaF29#_m9E( zo-vqkJss`2pC3J%<6Plx`7&Z&Zk(Hk&b=M=fyA7&cmXv<8gZKTS10y)`|#c`CtCYx zDz0jcrVsc*gM<30M`-m}pdnOJ3~i@~Ql99M!Uq=^F<0n+;2rah<~-gF zp}edlJro72VPq&Rmk`!7{MXu}3FUVi)!JxWFj4=y-GrY9-XZ>QDrXarT~)G(HP=u| zcjEjU$J)SwJd=o&7++YWNtPDzvrqoIi)#E!E0+KF!ol-fr?FH_($LE5=bNkTfOE)G zUs#!oq2w@X;UM<))c8emJFXF!43T_$P@<{Uf|WBF_2j1!(LD|+b*)n&l9U#h=QVUk zZ7qeW*J7q2cbr+YL*W4obV15IBeiCO2OTsO7W%>c0T^Zv8Qh5yg*8{=)~f^|+?j!~ z0c~)oqoT5p$hh%35Lo<9TS(hTSwcVK#s3JKp4&(#kTA7doJ3Z~V9hIk4~2O#zPdEm ze1PuEV-D=C%&hjew2=;Z79@Y!*?nj$(!5?$wO>~KXNqyP6pz-s{)PnxTik{Cd|nBe32m(Ji+;&&CZqg)(LHC_7c z{}r6|-a)*6;Nzhku$)Hk-QrmBY@1nK2(UC;ruaVE<0)v^tv)COnh;V-9vo^Eks0+_ zwcgu+uD#@lUBn%}b*Y~CCuAavdqU7_QI*IYbw{m6EOS;69UL53`#=Bbh2WOmS@vQ$ z49!7Ol;#7^OEG`Il)QOiuo=I1eX1%CP_hzFQy1@!o)|swH-a>-z*e$CQ3XofcmPlG z)LEBN<4i6!p_Rsn+qyiUj5b729+b#I-Oj}SobO*03{cDa#Gy7@)U&q4y0RzvDCl5* zWt`wDEfuuB)1LAHfzf!M)TdUXLBo`@LEkj2N~8lBe@S)e(3aU4i7kg`?AL{FVn1;s z82OFkU^KZgcsJrQXheu@iW+UpN_w;AEM%K2!J%Fy+2{VS;q)`@s>fpf(O-y2Ep=CS zRKdgHp7#x}{a(~j8h&@r5E=hRv>)R>QYTtaqnO%m-OY_@3U`zIubp!!)Ce-$D&g?k zY%Mo?x_aKNU~mdLBAQ)IZN5Tw@0D5kF}$>9%!!hP-Le;Yjz*5!t1+c@i-vi^t|a7C z-!zLn^>m#-W!0T)Hs))J+=NsmB8=r0R0sefmJ2!8qcIi{#wsyJorUj*c*FE&KasFm zkqT_vAa9U~#K+Y`e+saMCrmeF3?8CynePnVMl9@X5LX$8Hz?SxCacN)mGEPq)h%r_xn zMye&tCg)(3y8cd7WCnTs&qlo;=cHvSM#LDz+zL3}UE zI`1Awl!yQfPm!hImnC0L9p&;`ApoB27b((;5X|bz0Sw&@lNvBmTU3gM1O%{owr0S| z+3B0MdD~LO5Ol})wJ_k?0K98O|M^u(v79XRl+wG;Q1cGecPTmrazajzwVFpIad!6 zGDaT?Lh{Y5VT94V!(?QoY~e==dCU+3l0STXvu zNfI^-h(ViMaVzh2kL?%=_czLd2lHRbA1j|;SFcg@DB*!!ryr$TG>kB={wx@!Gydz2Y+1FZr5 zJ%&W!xal3g@R|AvRLa2TK=_AO({gr-*9IF#62+ReG`Y(IRWnH)(g)AX7-^62miko{ zcMnb=X#{ZXnS{#b=`wi)RXTx++~rgkx9H~HLPOv}I@p<<*>)~boqL$0OyDi${^zmy z^3FA=vaCqkSz&YLfvGcNKCWSIlUVmM;dG7dfa?i664&gYS_@8Twj`chBh}b(hn}vA zyxj8zVVLyEr3zxwyrExbrfPnsZ0C1d9zG@A;{o~bs0h=YE?#=WdH=%U7~lO7J2^$n zq>90%p_aX-jp2$^$@?p*hkFWsJ}F&YO-#zYZbLDU5;>C+rL8HJrEU5G;GN&KL?WH6o?7E!11Y@9u>98z1I;<{)c9`%(K zaz+pNE?J2HT~+BduT-Dus^e|ujd#(CvZ3*MLC-b|THW=|<;22IK1Y`1E>Ax9d{kTB zIwa0}=>)D1M(J)h%-084vCyeU1x;)Ax2zr#W~t5N@%DuMvKalfR%LCmiJ(p?)uPhUbiTll|SFFgBII>pIePJr#Nwm&+pp zopVlDr6XBE{!fgRSR;Um^}4kAE+Ey}2m^Pm9{_rV~{4 z6+u9#{A(Q}<}sIQaK0^HFE#=@1{;s+5`U*0W8&ei&y^Q!el(|PZZq7#`-dc zSG5Kw9u_mU(QuSdy)n@o-n{8%K*VnNAZQ_3HxORSJPx^?CPN4i<%*0bvUb01aKD4; zXmRN}Njni|fdVBJ*H25o+dC698j3K|`W9kzXXSArIi3+W);I&Bvf6B#paHdBOE~t+ ziYvbwchG$?L;Oa)m7pN_5$uA;-vehi;7a)n>&s+m5qyLISgiVj1^z5IFwmHMbTuZy-8LV;n)^GX|t(~3<5&so2 zZovpGpo7Fe{_6YJ8$ZlhBlGFoL@$Uo8s&Z)Q4Enhlx4iIaor;(?8kRkQm`MVjU^#* z*=HK>6D?6qY+8Fu%_Om5)8hn*sda|m-0X5Oo)VFAqwgK@M9iYN7>%8i{e0???6O(b z*LRfTir~ssyEo_lI^rXt+PK+kSh?JXtl2rdm#fq7t2ll7$~#fNndT$jn%$LJXo{Bg z4?T80VK&{RhZ697Esf!Xrz7oTtg}w0 z?B!p>JZ4$&JBbvKR-@^2;F@Rk@vtW@(IsQlvtPo=Ci;{5_=C1*zG+|g;3Err{aUc@ zvM$QS-QUrDV7C+(?+jdN)aUL}^b{$A(nN3<$h>80htu&{XsYDhOYLnV>|AlKBxW%? zVlGL@PViw%3fc5f_qWOTcciC-ZcJr;jF2Bu>k}=_$Uo=>GD9zt} zJkxEIFkvgN2`bjAsaF4YR11+2klQ9Se;G6(-Xy}TLpDBMiQ(}uD)saEX9q4thRBuS zYgUJO@nvL!pruBOL1F2=FjjN*;%NYYA^Y=fzBcm`8Iy0%yJ9%P-WPSjO_l1RCL^RN zr%*hCO_NM&mON^?JudZ)K~ozce)t-a)-;XB35=>V0g1=`r=hrjj*zQ!G&q2GX&(V!jH zfQ-1OooVJDrInzo^mK{FSjUBj3rEX_+2&|^*%2Yk*@`ARwOm*wp>mLTiD%UVKufIX z)8MV(#WM`Tbo_Vhz-QOO$eh3``j79r6V1Hd9VB~O@Po^nzMo25BvebMph4JSXlF$- zeV1rYdl$W8*I(v+IByY>)}BA+Y%_envbyEd8!cwoDgLWuY%T;rx{N<=3-}oOZb$Z1 z89a+16cQvwdQhpH`c8S)^98NeL!uXtc8_gkuJ`=C3!!g7OmeuwTSqK^es@{^=C+_z z#UUt<-3cog(E&Y;&Acz4z|Lvfc>(nunnc5bm<17(eIt6uSW_Zf^5x-^w*QhVT&jvDP6An6IAI|i<%-OTpl`X;!J0njbEEyo@oMAYYLx z(8`JP!+PKIfk$GcJT9PuA?C-`VL>-XSCz)*++2T#If~@TfLmX!H?VXmn9)bmL5q={_?Ayr$pJk?rwKhat=l&XH9kOMQS)8j) zP)E(y?)YXg$4r36oM`Zr9JLbP1a)M=+`3M<2n)DbxlIZnjgy4ztPnDJV*;{qWrGe=E}pnD8F6k06Z(dQii^Ka zG3sx5YIa27t0;VKjvMDFj13Qd5XCFr$Hd?iYy!-;sIhkI@}YhmDlYMO%W!aWUo$@? zEyI2qHk~_nl^0xw&2?TxN(DXgh(hRCRMoLdNxU0iij^fAoW2E5%s2Vg!a;kgl-4)i z<u-CG5gFJ#$)g50A{a#W*$n?_sIwPC~7lV8r3~AfLhg{cOec zRr(JYTLPY#abl|?YLhnH{M!ARo`grGlS}Evn-z8}{d56D*d!a(i#t4koVK7U+OE@v zyuas*#*o77w-ebjRpkPnO;()o6H`};O?aOVR@jJXA`Wl(!_R4M(pf{nJpvEdU-f`0 zmh$5lG=tf~%;I*F7uTyv)|GfKc%m?)>m8Esgh4D@RB)e=FUR>~#~a^ohS$Cy3xHr| zI@2HW#RgwrlXAbj^Ne2aRAeIP+kySF2Je?lK6532vy88{rCuT7pUWwin)KH}dj#6L zoE#sJ7pzhEK9IP5IM?R=$FE}qj)h`&`>krqs5JoY)xr;tDGF^KIWj*jlJdS1dG#Vi zMn>>SwxC1VE!4`V21&OrRdg(tP$Rg#olOJPN#v{hm%SVQ$OoGE`T(fwaerk`G)jtu>w=U>|f z^*<}a=Q2P8hC+B@P2RSL??uiETVE>n;lqz7C(bKfiV8>fXOEo~KWK%gV-{(WIGOBM zD@+d@O>XG8Z+4ipz;WZhiXhkP080_BZlXUH;Rc`i=!Pjc;Q$k9TGl+sd2)Ip>h2u0 zRM+u4D*JjID8mF7ve~!Xk|oohsL(Ex2_J}084w2FHI~LLK`3tB^JOSDB{Xb~9geLV zfNPX=sb;qJQh&odml+Bh(09?e2Tn*L?pXBdhBt&npyua9YK|DJW&A`;<|O5P0^SZqxJ`~DDB-A(1PA)WcE4V1gkoJu5BZZqtSe4nGpDpGfF{ z-zgAbcpgyNND>{_s$_dL7i1b)*<6hwvV)E^8g=+N)*s*50I&R?)?c_ds`Mkm2kFM; z=_y@!tADE?5BJ7hx2!`A^~a*(@5Tg7Xa!&7GE{Bt*Q2hq5hR!E^#UhPQq~hFHT+zW zX*N6g1ae+4jLc243tR4J#IM* zLyOUk5k7hlDv1`f-kZ+z6BWGcp@&XItQAQt9+pZ}J3}BF`SUS>UoT8RYe|l+8C92G z-f}ew(bK6xMQQuDq%}xnj=wPuydy>S<3+hJoNijJEE8qK#v>5-+f6a>Q$L~GUUMCS zJ|%B?hv%ROM5`Cqv)-0@1EDZ#gsVq0$*q8FJ-#Pj8MGQXfe5%k!WqeK0skyn@M{qh zwm%XU`7)96v_01TEh%!$ZGDf|`aWl_z@YoPPsHP(QD&&1bi5NsWp0wd#PJise{8O` zE_eIWTd%lO-LKVtz#EQyIx6F3wEyRBt@=(_$o6K zl?9?tf~T?pZ_p+8HT4~WS~x6%jEmA#7C$ie^VTck2A(#WQjPVfoqCte+x|OYZ39ix z&2Ng<1%6Hd8RJF51U>KffDfSx6=bT@KVFJH=iANW7H^+AD{NWcUlU$bgIVZUb}G$x zNm^wV;FXZBGzc1%WY<+`2c^DmMOO{&3ZVvtvT(sSd5IIrU|;*C zwsQNw2NG*>Du#D&q+gq+CKqwR;}#X&^0of&tkg^4jDHW{I&tVXM3Wopp#|SthfPkn zf;Kuvha!W%EIK=D5;5&cO!9_}^f*&a7qAzuSY$loXLe6uZG5p<@L$cgh2P$AKcaZRNZZXb(qBkvY z4U)?Z*FSs_nVeU+I=XYYNj=&Tn(R5GH8bxN~OHngC4yViZHOSN^^W_fe*3$E}UktZ>Pa#0Z*#R7B!(jtGZ z^#@MQ>}5HL#|v&@$+jTuy_yQ@{ysC^9gkO-{UGK|5{JFtIDQ%`tlwTn64%d>9xMsZ{4*#5S^G#cWTIgUo?7?noz#fz+t;ti;pV&nLIE`)nldJ z%T;vCuw-rLNC2Qxk9)wsMeB0;TXq4rM*B^nj>Oe*4Q;mQkNWVee(|gDqH%R^bT$lg zbkX22Ui8JZWVj7`=L?! z+tIPj4}HRMtBip`g32yV+1zak?oFCbioVIkF3Rn9qe#cOoGz`8wEm>ovI!G-LG?f_PD=MaRzv6 zIfbfc=)2+zIuSP)=$;w>G$!Im5`EB<5 zOYn@G+hh0$qxU$=Zy!%0be>P7;>a&NUT&Jt!LwNIH!5jBe*Lo2UKSgpf+6s=;ya*< z2)I44#iTGH_gPo6O1+d3QkQ>PzrcSads@tzKx6<72PYKzaJ$(q+iI`|E?X7#_mDTvJjAcGo-_LRh?)Mm zc*!@`AwBQXSs6$f-q096)K_@fWRh_gh07S@OX6UDY3^3I zbrX*p=V+DW0`npA^U)MB9N?sW$uw(p`n9Y3$l0i50=iZNj@d)r1?W6sqz+h*hEGVW zzI#UC`{$*`E~^WeXnpGF@dx87kAVfj0*wN+5qSD%PZghd&akEH-W^#Qi zdOuB;)V+$lZ?!wWlQ-Py;)Mr$quJF%ANbWj7((Nn_EfzxDEIeV`^R zvAA0b%O{aF@%C5*Grq$cnAK4Rp6Bw(NE`ctKAKY@!?vF>$kr*phZer zwnkDz?KWOk04tTVlYvfB_*k})tsMEDm`T}iLTiKTsArI;X1LlTH@4DZ2KMWjM1cgp$mdPICcM`qgg9~%3;Yg^s6fOWH4$5-2` z@L*zcd&*(i%*Y#~A4pmJ6?#5DLd?i{3U?0+IGu**3Szlf@kn;71zag7`IWApp2Xhh zJ_=h;)izC7Uhl51%nxgkLZVfPCES9Q0XZmX|Gbmfs0p^eX5@~d?Gd_%(1Cw}dH}rW zi^-xS#_2EPRgByz^-Dzdcg|~6O$HY+{78xqPQsCbQGSv69?m?WsRrb4sC;l2(GnZC zU1e&oo0`sl)d%&rA+{>Z^^3-kg3mC}z*T7Y(OuV#bJ!7;^Uz&9gxgd{=oXDn%1+P| zICKwH6EFgxS zi+(L!FxtKBT8u<-jLxoV^`ZervUlNcz3`xQrWw`0Bz&xOTEJ>%1+UYE;3Av+Xd17} zjvsa5O+>b>yt6y>=N9IpQ&bj#IJ|e8_RufwXdnCRKL$l$TzJk{m+|8rRj|z(D?MNyOxGRv|95){0#I4B$7F9+)eosKwxvinoJ=~|?GyX9Sj zTg3GFVrj!98s#FMvXNGH^QkWJf?R&&alxRw zRbkaofq&#?9(fmRH4LcECe;zB7K`}7f@i;vt=_E_F=}9@er8zyO(K-mdEd9qP!~)^ z4~M9I7c`{m>_lO~27X-kR1ow%L+PZtF|r?X>=NX@&vDVs5p&|LPsouUys?*3mdFq* z?{s~=2Qo7MKtkObN<5zPk&9ezMmL^VpJA(e# zWwaSou+J7PZ4XR2Z(r&*vnF<-aQ%d7%L4EgY($(6O@k?5^*KCSij^v9W5jCuYK;=p zT1-LM#c(z$eA7%C&7h1V7=qw}S6vdiRAfRrhEA$7zQ$&5@)xZUnj78DDMkm*eg}P@ z%zJugjg&lncX;ve^!yv?sEiSYi|E)ghXN-G%OgnFlpHR>OjOerqKftGM>D<4X2nJ zAv<(GnzS+lL4srpwzSZ)8+$QGG@t+Nv?;usH&9Yh{!JD$nu>&k)IQvy!TwrWCLjat z=8)8Mze+q5T6i4qDb~OJ1lB0S{;1PetwlG0Vq}Ea;8xJO#|dBd%N%?m|*Ee zOHbG|TZZ-mC$7cd1-wuJW1viL#%YQBcT)#)MV?3cC(lrZ3ZCdxW{9tp@xXq~NH^_S z?0V(iy%dcmBYH-*w1B#!577Ruj>HI2f_t4_%*m+Ec!1A5PpqyHwB+u|XgZ~%_Gw2U zv!+~-?4>w5yD46EBf13;-SY2i&m$0{O=2O1lw@BVbUk%T_8LvNT`KtzhegBrdZSJw z;)-+ew%ffbCIPo&DkVql3yP=y!rjZmbZPN%M;C$NkdW}asky!0nY9?ySAf8U|8L40;sO0!H(#`FgCo#z;Xscbx`FJy% zQc%I#Kmo4w9+1#EwHrnR$jngM}

j{+&u3g zV%lN~S2K);a~Tj*m0k=BjO4HWXmd@0`{7Y$URladUQ~ff*Z+K@2=Jc~EHpi6JT`hY zQskQ0@&TL?==!}5H0tjTj)cN}M4!4Vc!EY=)zs21?`k=Zn@oOaY2WVTf3R+&04&je zTS0nh3eYN+jk?3ReJ>=GP~g%`U}|-TGSpcO+2z~MDO}BUy;TxzptFqloo0-1MJU6c zVbd!;w)IND`QTiCTeS7?qTcolsr5ClDj1X<+FuMg1}%jhq1?GXV*s{dyvlFP<#Yj?l^35_BNqEGOudr1e80Yhsrg&zMjK2xrq8+#g@TBe7My(XGIkAo zl+1;E5(Z5yG2@`RtLUaJ-%PCnhx6kp9N3O(MUd@>Ac9Z?cV=DBW05*S^Pc1nDO0ErKu1QS@t|xj7i)M<( z`>kgb+dVRxs_~Pl0+d|ZafUrDoRuts#k`~G@w23LfJ(K)obd z1zVsb6b|IyXT;$BEExhr(;y)7(Per8Mi1|6)QxKBQ7$F`@cQj8N-6d4u*fDa^{%E4 z)gI4*3?E5f)Ks<+E>*n&6MW6nHcQU4uLrJ&zX?OUBBIphD|JsZ`Shh7f9+R)P&a=_ zR{t2Q8jU+Yq$(ln^LQfvg*f+-g34(^oz(QDSoX`3kg?c~%cH3rsQEjhhfeW*ynwstP%L+qD`gCHQKX4~DDBu63?#e( zyah^_|E+qOAc#RA5d4f#^GZdxVtMg)B(I}CXcFqc_ww^6u|X>rd6Z}%Nzwh?d=lzU2Sp!_ng$n)83r5QCLG-NvEj`{|Bw+XXs~yw=$%mih<%em@?mU77^@{``aHKA zH}?0dfEg>AF~Ox?@K^O0t4q=DGLJDPU9LhKg-SOFe7co0-ses0TRa&!x+_oZH~;*; zMh2>vKgssUZ~4Vu@~r~vepjQ6ZuDjUwr_WF%e z@83yI97S)O5y|T*fUbf?T(Tv%G;f#;s#XavRfttyn;oiBB@)JXR|rXoYx1V(F7imh zLDP-`D>a;h&pH{uDuo$DWppr`jLT!1BfiqS4>)P|1^W zEhi;^hOzdIZN-`s6CyqwHhiQg(em{xl?9?PLVf@#pJZuo|)1o7Xt&a?>u@Q zarK*klha%|D-9=SRT9K<7Wx;a>dQ9)n|>cc|9I4#$cxop#= z=EI|z-OVB1%602Fuibo4=b?rk)~ua)oXRvTispNRnM~`7%f-Vlrt)r zpW>a%QOqiR8Sgf^IW6zR+1TFo=C$!CNh`^u2AatW)r8X4n(x$vSR>#a^_PC{z zx5td7La|Lxs)j)!!^dq5{n%)qX^BdQ+$Rc}VT8fjF-9CTm1Wy^sn;zS<@Pk{e3!8- zeEj2F8c{0NW;8b|56T|<%-qKbZ{06shBcEa8|LS~P8~1e-6{*zP#3~VPsF3_D^z3( z2QQgMZ&hKE0NMJEVSS}WT+yN3>uqM-Ez$>vWQVdwT^WRvywoh7Z}^+BR!NoN`NN-> z<0i1p32Z2i**+@vvvye6darY2dLM2PJ(EgCU`;YbA*|97#8|Rdz3%g!MG0MX+aHp; zogBO16C@E(jOS|_1n*aFcLAw*#3I&RMRRA?KXwaOp&|@99K(btI4N~U`)|GhRCR9` zvak0Oilz;?ANGk;(^yxuHKPM}UljTgv9Tk1ZxmeICN~PO*gIvQ{}F=D!I@rJ}AQ_>* z)Y!AVQKo0TSn>ft!Gy0m{Rv$!;Qst;&P?Z?N+ke~7NyzRWaJORCDk^ZAy(=P)tv3% z@8`6jKZb!wFq2Bzs!$DEsP|o@o<1|mD|s9Wia^*Ynm?r_N*o%|#u1Kb1@HC;k8cSy zIQ?<>E%XI*H&;)h#(oOrRShZ7^t&BWuYAS%&`J?ou%Je%^1boT13F{(_XK@Xz?bA2 zzYlc>l6`;#(u|y@CrnGL3Q)M0d7Ba%GlhHi0UfGr_>|3j5?{WwR=zLQp*rIHJ$hSZIcT8pAADB#V*D9m;1Z8M=9Ib} zkLi?=L}}X=C@eI?{z-BlsTxS)0>*U#`c-7?qVxQx2)()}fbr-gD1KX)M@B7WhRFIz zk~#;v(46QNdm%+ti-p!DgJT#b$_L4hcD)Jbf9&ftX#+qSDh4aci3|*g(fA= zWVDH3^Y)*tLLFmb#1uE%h<h(I$my5E|GQtQ(7r`W=5KudIF_xb~VjLV9?i^i_BdpBYKWC9`VxSL@%bE2Tfn6A~^ zDRY+WnS@H8{q|kV&%3vzwQ?>RH^}Wb?Xc%S1W?iK(33bL5(6eH2X(OtjHs~DTQ7#O z=s!v_&Ka!7O%s#VriLcB(o8LLgftZ(jpY=4f1+x$hF7J)2gHsMFw!NFp{Z+ENut+9 z&(mQs>-mBhtiwq%V($?s1+y(EC|ZpQmYWZpERD7LNFGZf(dbqP$*?1U?9Pnt%VYo%^gHQj*m@5p{Fi>I9TaU zLJJ%D1=H$sFUd+jfNbfS8yP9;w0}xWY7I;lBllI+-ypB+{rH``L$FFk#qhH%uI38q02Jc&=g2Iupld(C^3ioIGbF>hX7AmcuQV#~T`<2s- z^g+r+%&oOP%OUFRk22-c>myT>Vy!KoX5f~OcjE_I!6Uh$iTBmTH$lYN%Zjgbo{N$Y zVNtJ`Qq~D&txGf>OKohi={{KQ0dPBrv*LM%yrjl3L-V!iUpNt1iplLLRQPTG;pOv2 zW|6O50IbRI5&4s!mooPxP{7lH=^>ryORL5!jgR(56CPsm^B?L-(ODMb7*>IKu=9+% zI`)IS<8>E_356KLe+T=|%zl@7mN8x7p{90#sK!aO=EL-NNo;+{EG8i(j}Iju)2x}Q z)h9*(msOY@nu^}<%aL{h65@PPP7#?Y8)MIfqmIF^rKj7ySmec3kKELr<*H>P!v|-r zn1W6!!(|5XB7{;BW6@!2mAov^OnSoYL{hF)L6XWvN zF0YL9d{!GiPf|P}+vle$kY(A1f6$sMOw&o_!LU0x_4W^*l)$~q;>+5&Vi{XyYXPsF z>RW_CFy!HAOZE-Tget$sdEbFx0IcFJ!GIaZC${oF=np?#evj3~gqt_H!v$6B(oG3E zi4l=74EJbYvpkttW@jS}kDuuomr~okdw*Pqb;5-UGPddq%*V`YgKmj1lD0whdxS6Y zaon3%ed=#2Dop2eS3yXj&GnDmTXh7|tjr2x0zD>g_aaZW#;T&p*BZ|HmRV)6nCVAU z{8%E6e!@QBU|~i)Z}FJBsL$a^)+MIkiP-4oDz)CS()8cMQpcup0wd0q+qx&FWHpsN zG0xRvu_`p^6V9=rz%!HOcJ*6$4O+ivT>mQmI zW+x1KUnpiKZJKef8+ve8Y+$`>2ZN;MTSW$U(4BhL;?>bwZJ_v4F1xQVt!Qc=YLp$E z)W9%uEl_vh!BWZl>u^RFh4RN;`o*KrX@VSakjXV{Vfzi=6PhbBVg~Vo!Sy?|AH!F=7PI2&)5FqZt1XId^O`p+g00Hv{ zMy&!OBvOnH=Y9F~Y}ra{2+m85jjT?oP@Se8gBLQ9%rI0Zytb|dhb%uDrqbMYQn+T< z_gb^?yE}fbZcR-D!zuRF3p1Ba6fMUvJuzYtXlMe;PlgTDy|Nuw!6IwyEcLl- z5QaWX97@ytE?8p7sEpUMnD5ZQ;g3`BK>J+ZHcohLeH|*XwiY*dSg| z5ooVGLj5`r$B;JHJ&>m+_GeqJNFsq|cfCf7=~aL9&A5sl#%57ZWQxg(7LT%Z6j~}Z zY*9`pS7hP9!=~Keu;e)WYLqeDT{Am|Z3&<0$c>6DGwrj3VLgLBrLWw2yBCtA`uqlg(p$c!kTLin@0lL?+^V?ZW+_$yyHaBrLdw#6uS9= zp8z+G%l_>l{JUeBT*QK3_}{wq!*i0{E_E`L#-HEKfu?I+1#&fl8PsnL@{e zJCAZA3Q-EL3^eM<`07?e8L!qEj6;1UWx*mCeJ*wu(gRJlTxCv>Kpo5X?P@jvcHZ@T zNO{KgAC)&?dsv}4V=4Uw`PE(X?IpQ=P&pqpl)1jJ=$Ny3B1KWlRw0$RdJSi-8~Z$e z|AfES#RkZ~P&l!-L$nq?z8}jN&+u4(z914uT|%22T7~;w@U8Voy z$L~|2%OKh?%P)S8(b3^W68_{9WUY7Jm(_VMosUsA5)~A$FXp4oX9QVEp73qIGpO)P z2CXysQrE+PwhBE;iGtF7LTJUo8tDUYDruyF`4Tu3IYjJ}8pC)KZVAt{GNOB zRP!jzY2jGHlP|YfZ+p@c7u(@H%he2Llr5^4mMvy53JUjTtAC!kQe!_d%k@rNBGm)5 zuS9@Elz}#t9eqf~vO+lTEn7A&=2W*JH9UB`lfLhHl24*l?Waoc)Ikf3qGZ$qVRx(Q zZeyDnX=FQZ2tixwHE}Zrh}mw>>U8Z6QKZPK(aD)O;xWj#aEVb}p{}XHAaSm-TMVBY z{|6`T+Q{%^P=t806{?bVC4vnet=h{XqGH~V+72!qJCAW-wwJHCI-4xWwbEL^@DUC2 zhv`UIZT$|q8*=1p^9+X(+vkW6TgwHB!)*#aDlgz zXd=@4i{+k{SK2fq_G+gkSPah0#IqtyNJ%<`yUdZVljcmPqYIjBd3g_P;HT|2$OZ9B zqJ|L~>bk+wg|ssDNGxf#yx{(Qivj0@?&Pf&n15xVRH5#LUP0aRw6JnN`2(l0RtkEt zragV3%a_)cDnB3(&WI6ME#nIc9?v*oavewDNjp_keN^Ccy)fSVg;laBwfPs@jl8se zmLIboNNVyK3o($h;>{{Q?rUm$z5@&5rxMd{kq5#Fhj@Gh!`-KOWKvkR^Sk%J<%#%L z(E6O^lv+a&EnO82BKiD~zukt(=v}0bW~V4+T>V~HrX6*_bu8LQ+g|6qjwiyACALCw z^K2gCOQLv7z8TRLalo*IX{HyFuM;Zb+lK$er#MeMJ1Qw)yG-(D%FE!SP2;t~FVY2y zRAZdsWI&-p*PSnKFvN}1EI(n6LGEoPS)f{tOmB^lVdgTfkr)6_R*=s(K=$r#fl#GQ zm&U7-xY_)H39b8qeyEbXHrDmX%Fn0EhL=Jzi9L$F0S7~y~@t0a+YIQ_f#?>3-#wxP7<@0jo@gm(ua z2vV;!4BSBV*&h%lXVeO0w~Ju2>A8L`uj2%*p^b+#RC{36{p>$U17)3b&Qc}EfpJEtWyLY#IXsg#l62Vnv)Dc)+h3-aW%StplwQqZjgTQL1zZ;UpDxw+H z3eBmWu*zS<-2<$v8~DF=L_f;LWzg6o>=gf-KlMh8R%}&k)+N)I;N9B=<3|$WFquO4 zOM(`#8e<92neLodU)ah45u6FXjclB^kQdQyl8ras$ocm@VwgG%*$f2`K$UUlQY`Mg#Om0N zMxz~})<8k?-UwRbxLWUqOqJ)U&9U54?82V&pVob?C(|Q7EpZ7sR7PDki4jvZR7mQ> ze*h0wQk@V1DWGq*+}fVx&;}RWH(k0xGyLVxm1W^=6p+ENCbv42M|YLW>k+$JEtHR& zRk>XfD|5TTSDk<9O2a_H#UgD-k4m1)XhpC$TXVFk2fs{oD)F3-My z8rpgqqmAP*He1TpMllZ+*LtomCDLBJ!K|b0^kLiP9OjL>TIV!mJL}|6jF}sfQtmd> z4;DW033k?fOUySEL+X)vEifOBrivXxzS|lM*q6L4bmbNKIB{5Sz5@{vF%>d4bz3z* zU-O#LUq@}FX5@J%wA#pwkrZi0!Vru|PFNTI0?hi(zw!+tpUmS>7Z2iV+}0yg52%ry0d{h8PB(Vam4V#P|n((9xEb)5v& zCPI+tDqJ3~zVbsGpm{ric++;m+2!#Tf1((G4;Ay2o3-)x-(gneVSrAT+L!q-`6uu@ z)%ObdIMn6chQEEpZZ(`Gl;)ZaE&p+Nvm}MZgqImKp5;=M3F}-SS$6oORWT9p{nUpi ztnG)`$oGv9;RgYQz{~!ec2>BHW4AT&aCgHC)CE+Z%^uiD%e>|#FQlM>eaqR9C9+fT zkPaLRJHYbyjQoeNTXQcW@)u1du=3B`g)K;J?0J>CUD#s;-?Vtck@r)nJ54s#AT0*0 z@YI3aV;^fatYYq&Z!da|2QcAqb8A8(rfCEbY(tV>MbW)I-f=xihAoj*Mi4$=N3wWg z`n;`7PS&O@`V(E6K{PyrB9{Y$v}eL#_+Dj_BVrD^AYR$k(LJsQSm63gz^jA8urh~T zcNL-vuly~Rlo}NYU^ZTil!BizL++o2gL%WVH&WdaBJ0O14@d!c4b|=UMd(q-Z>7jG zX(v8l8pzpscj8jlL5!i)Q1_C-2xT2q3S!7QrshcH8oaY#s|#8Vtx_=R0&V|q4|_Jh z5hohJ9SuxO3`4iO>1I%F9gLd?Z+}|KQte;^3r6&he;&*KGv)XV*~}Ug{0+>ze^1;( zGlSlPm6BQq!?%@=R`RJ=XrF5}s7*T&iop+!@Tc|b77?xkxpWULsAQAjiT}kyqLn!! zA{qsoR;Ad~0ev%Nb+5TuTEyR2uzzd)SMAdl`3$dkT(5gAx3vM(<_K&O2F$)qP-U?( z+S??kXXH2f_+vw^z`?&!qyIW3{`+|~MDiwcH1mCKH+kjoQMtoj2rsk#Nd_|s4=fO0 zL6>LzH|i2Ehvpjje^bx@(+4EKT_F>MzM5eI5||&h<)Uw2If@EDTr-XI zfwD&C)^IEgmtIgq_|OxSf1zP}njvfa*P0(8r279y4z(On0(Y#yeP&2PAd6NPb0Ze7 zH!X~A9SG%B;~TOsE%J(d>72KbOC96yIP<@bwivXnh(8n)CeRh+&1`4Dor;#TwsILH zWi;<)-y0+1E`zoA_gAZDIH1g{(7yP;_51h8{%y>DqL6QG*rG3XU-xpX5&noEtq*zc zEBt?2{AHt>xL;Ip&22hE!2hku{_8z!;C~55y^rMo>$kr{oB!(_4V+(ud^XPQkzoI} zGW~ZXe+{sI31Yv-iS_=ED*li0nK^&4<87Y0U_wv)FM`;A39>#C$N2wu^WtBfm^uCW zciR>(n9x%H7eUs)1g+1-@WB4*CH$Mt|24~V77>4fIhU^+(=hxmg4SQmfzInIG2Gw( zXRG+@&KH?m&-YW+=JB=g9xs9o0Qj59JE~yKduqnPYRZB2|F^LwHBhD;^p+(~pd~o4 zjypdjOhc$KhA~47|zB$>~@al8}G>6dcCmA0U7P z5jQt&f!vF0{>fc4-GyP>4C#mR3@er7(Izgr0wSZ**A!ZFnmI5Pq*uli{L*EkBo7^i zi9jTdNDnR~rzp=yJ*@M7$qCk1<5Z{$do6_)c~Hf=8+7{-htTF!6n!$!1^3*DiifS+ zGo#*Y*+G8-0%TIxNMFgKG!sr zRdoAC_27uOJm{&`CLq)KVh6&WeiDS&5L((IV?_+!0}||HiV+r;RCniE6WH$`T=vlz zcgT9)t}1uWx~(T;>3>gEW4yz!#CjcfyM8wL$Gs-|rzP5XH_O(lNN4j2s?LS{SrWI9^MSUsC`~A#l0|)}ns1O(259HN{ItV5?fBED4&W7d#e2#w*HU zOEsAM)KinOruc55gA=%7<3#MWb>Q*^)Ky{_uQU*m!~ zFPmSd3-i4c*?nj&T#b;pLKlIK`y>!)zHCRBOhf2Gc(%_g`Wn)T``Rq+=Fz@4lBd8G zoUvpzk^rnG_`v!SIS>TR;)P()#myYZL5!7TovxZ0Vo{!hY};2TMpq+fVzmrQh{ltp zQ1^EOybI*YH00(%hFBO8jwOvisY|r>=uCe9XDM+GD$-ZVzWkFH`Qmna=o#!xbLU$J zjYHJ=^b|jRqxtu^lV1dez=C$fbeC!2uvX5MQ0eo6c|2j+*in)hE~3AC*#t3|l8O3# zcg03FjSNxQ^+*tYSeE8xEE#@=Sl;w@-5v9=L%qM1&$!-R#p2`&c^cE9RnWgxL#P&# zgE}{sIE4-Tq|u=GI?OM8t+jbD$$&nMIujercN(Wl(YzJb*FSee$UEk^3gD>RyU?RW zIDYz(;LRt2e!*}|J$~Kqnyo*1>s)DhJGi*b8Ul)A#QfA;gL%tx@#eq)C;Ny2gs&i< zaJ8)^Gj_sxTm4Gasy@SR`zu@8Tn1}3(D^G{Q*OOH4iv%F%RlLdN1c>tx zZjRBF0Li=FR2_ck{f3U%Okt#1r@d6BMI<>t>oV}n{JZ86ad9OXrx9jnkj*Y`(!&+J z05bzy!yk}fVh#4pe=OcTK8Qd!DJec)S{5P86cx^pW;N`;q(*z*nPYs-<8a&Hm#_VQ z-o03GH4YcX5@H6uMak*M-8Ko>T&5%Md6QkseI`8)AK~GI4U|3O1hqF3t`Z-J62t+Wz7O1M zE!;ww0tp!aF@8Y(6i1z0wU5k=b<7ez=cz7$D_vzY@loUxWWPRNAYa^iT7!`?bg8&A z7r@|xCpfkuU)Lq>XFqKdwKyu+*-f+z$meIL-Cao*3}k9@pO^8`!orCO`iGu;ZIQ3T zAb_?-_wi07y?drM`j3@9aGPrAL7o__PgDm)7GmbteHZuL>pBX#Y%AYkMWxvkJT$|u zTvyurN_(<0+Y#}UBBC@N-71|sXz5+0KY3#z@z;lKpfwS?pVu|qoUqYoz113*Qx{&Z zi-Ue3;$lQ&`shZ|&ZpFNJI5t{DMUz&kfV)!DkMP)v&LWZA;*d|Y^$68f-^z)RbCoO z_I;!NBgV_9A>=UPkMgp+n2A&Htp!|~PD$70Xu#5|0Z}_t~SLCaDD9H{a5H44_ zDVq16HIg( zC}ABNLJ9G>rG+53YL#w|*Jsd}J=vo^>VTt2h9^ayVP`DHQ;rvp?^I^h055|$ow{6C zjim%#@df3u?T9gkYh^8tW9M;d45oCI)XTUvSS;zo3K$Bx#^6l!huX|d$Fkp9mPuxI zo^&_)8M^z-vm!U&Nd^+S$%Pae9uYO;Ok?k_T^>#!+hFTfr}6<2?TO%-I-I8&Jd3W04{g@J!ZgNqixVB}KRlNKWvN>Zk_PPRS6 zPtA+E+2Rizz)qZ^j|U#t&vl zwEXhUrNBW8E*U{Uy`pvE=m`xNamn$7BR1C3J1y5OmJ!$t+29q9%it;T1Oa2Abwv<* zKN;y1x+f(_LIYJ;w*+dCH|lnJiOk_mDWiS~AdkEcWY+jbI~Qh^=9FZh35mliGEe*3 zZQA~vDB2Tlz)^$VZ6(G_Xn{JGI0}3qia)${`UpkaG4Sw$$ouf3HtueXJbA9noi~j# zuosLFDN?|7#AFm4me%9?Ju4t0a1nf`q%BBdf{-c3<9Br|yVFE|zOfK`8(W^166>@t z8?7-KuHzWt`2)+uO|WTtMqO=lxYTz z@$AWU8&6C!H(v=KAgF*MzMu|xlc=Td)Mgdf$T=|gsO;!og`1ZB{j@?SQB|!{ms+At zMwoXWYu`C>Qgxl=rkOSC|72{_G%t%-zwLe-x#exCr@h&b6=z!75V1E$*Hoz&;OemS zVs6zmf#tXEvjP%zs_`VSd-d|n^X6>Rq^DgUKg*l_FjHkI)?hJ@D+AiebdbX84l1fv zPECA{to~8gN@*}Yfxq|Sv`V6|me_q>Wo51VKpk+v2%V7<)qz(h3NN;oaQQLVHie9@ zUuEW4EZ#Y^v4EViTxLPS{cr#-oy|MkOR?rnYI#qxF;huv;q4`UoABz=fpE5+PW~P@ z@i6}9w6Hych6{d?GaQsXoo7qY2aEj!XdvrRyO zhQw>bX4vMnl@=t9{iME%RyFnAMN}CsxSc2$s&Q@STo(u>mTD5f+#^oPi_+TpYUdlK zFk)hM)LZ=etVCP1Z&k&6eZy0GbvMd*l#GaReeZ1ZA1uIJTbw(G1U8p<2P6Q$Gbp9s zD^5PyRjbnm!^;vqWAkqM+jL?ZmATTbjZ~$}xA8-|ptA={ZI^Z+;u-1#8Z;>`K7t#N zZfF)k<5GMqVn=>_ZN8fFIDx&Xe1?uSffG|B3c}Av8XstmD%a$;_J=izZOW55`tE_6 zEX_;TN>wlSaj_nEt|a<|V54zx99Mm7gGlXo$%@dH zxGnPT zSXD>kso1bnXMW?;0hyi^iqCGymf{?BB-dPnJq!EO9?%f7UdYp7GW__CHC?@h<}yY! z2JB`j9$-t9wji^ZBZS7W)J5HW$d9m{u#KDzxRvixZp79|1OMj*2TU8n?avo^w%0A7tck_sz7?2Dt=q#hzwK1O2!FbB zi8*a(CQ5w8!NMsnj5WvQ7C<8>W`!b9g#@xR{)YMSRxS|RxgcFUG%jhEmgQHa8v9-k zfgNYL+KPHYf|v0?Qa2ZWKEG5=RZR|F@j*Sr{TO_f;gZ&H2i{I@eM8m|MJt}eRf z^OX#77LbyOp+UAX&&U~DmCrR-D!YD>P|nQ5W$|^l5SJS|ZU@vr!fYw^3w$TEmL6sd z#Np9NG4N~o*s^Q?Q0g6-D~tkxWQ$}XDKCm~82{dkCKEUw1sQ?mTEItV{X5+3e-eNlHD#TQdZ zDTVHc=h#j~M|lAk*uvy%xV+}6N;L~onuK?gVrZ6XA_J0USHRs>gdI0o6`rWvE3&9d zV_<@NR+-LyE8b|kZ4XWLLNiZM2Q#Xd;-ZMF4)C}(Lbx@hvL-79kcfv3BpBZx|FT#Lbe zUtXDh^7@hf(5-cfQ7EqI0VaIza&X|oeUntwok+2Gx>njuc(r=u&~BR7gKsY3Jep>a z2J7T_;RiIxQe_WRy--7+(0hUY+6HF)+!2;@8w-Y>0-@x(9c^$*eBC$yqHM#if z`DM0Fzp_F`o9y9iwG@~4HfMELFe*@E+I*%uw!8v;Zo4OKdDoh)s?wua+FrKpi?sj% z4C}iC&vLmN5A?L!an0`J{Ni0UO}%*nVrWAqPiJ{U|BSauQC~u1ipnrXxe1YMS)i9G zitWa(x#I{hp!SeR5nbbH;uET?oIyu*P$ARP$VN;+8lAMMiymPE#_g3?%RK0HK z8h#Z-zz;6VW5sr;`a}XARx#eFZCOd@6-Pg$e0{=Tlr2Z^NF4TZstonc7E*|~lLmt| zmqDW}GFskbv+Xo_$S?gK;uanF_Nz}WO5zvg;zN_|uCm7mep(!R5=O9FW+fk)7ysCz zY+d#^kV6wLE6}04$VEqrHv$>{)4+`+Z+B z+vm2^E=)$XWN}S#-le>S=?Qx1=F}3y62H#2z?iT5{p5!}T5I z9m!ikp~5P>&s!8^F=+uiJ%rrnqeO)gm1f=nm;UWLh7shkWZd1o&@byJ{lrkRrV}i~ zv5upe;nZGq!-u}sU)HPO8qrljyv?7$hIMnZ1xGrmYzL5{GSf|SseHe`svrV1N{0ky zmvAQ1Sm4v)vxWN?E?b=6*zYAQ{dv76TGmF^U?6Wk7ce;hlN_}}XHLb+{EB6e#Rts| zkmcy~iESo(HG#!0?O=OXt+3`2unhM;#fH|O*&~^lx(M zX)85!z&j0X!U`*lprU%??9_7R%sw=1wc-s)?L@iD;tDGWKn_<>NSA5V{DJdABKqQ! z5mWenNBL}jRx1y~@@Nw2^a5Paau-o=A4;i&ve!!t4^WQM@;c__y`^q?95GqQY#AX{+DyZD2N#)C@qF(%Bn5;WC4JRJ-sdw4 z7vk)KNY7Qj<6;|mYLggKk>*+MYtAeB4H2+G4+mXCDQVXjcq6OSv)h;E$@ zrrxcsuMjG=FWjq|tphlX!uK5l)c&mF$5tcqzm zU7Aih|E-?l%*V<4m3#&bD^ z_SHo*Wv}MN%e)J3QA49?(Us;GmX6v(>ODihA0eJhk+=7&#Y6^qD%7f5k)v}{ z)vS(6V?m#8N^1%CxQ+YN4^_7;Zb}Lbk_j#<`N<6mq|&@Jj&sD~X7-dwX|C}fqHFd2 z&dJqSG;Z=<3VFy9g<6bExf0JW5;jush9TuTNv%Gr&YYHA_KNLk zQuTv#a-Y`GW{_9U)%P0P!+#i`c9(d~&0-l*>MuV=mYcPfktf?P_@}6FaF(H>;^*Q> zL(xi~st?kKZa)vH`FcTX%9~nbY zZdC=hQArHu7eb`6@IT(|-g^r%AR}rm3v371cIQQW?o2069_yi(qXxMZ-0;z!kdOG* zz1kSBbPl$Vl~HW$OBK*leSqA~uZfPh@aZpd^ZnXb-djda1E7OjKvjpdA=$u~xc*9i z$2Rc^%JNg~@=e!gr@?LLt^0|^?e}tmU$eWc5o+6BQZB@}TlMo-$KHgo*X9lKYAO5< z^LVo($4^4}v^_>Ki>-Cfj zZ`~Vkczcp&x&0zdhR=@Pjyef1kZs;U*E#z0+u0@Y5#uF*%t1aJRW7FY9tV?J(`LNx zh{5DlVqVoWp?s#uh%Z^Aczu&cK2R%O5_DOJoZFl{ZhAKfcYK!OcP%9GkNBCYaa8u$ zz4Xwgc8_q%47$w_bRVWQ#?q|M`{^2+E2Uq$3$WM^m{CB}#vbFy?RqWb)Qc44SDVEQ zJDAzmFVD$V(%G?54{6`HCXNTywh?&OPr)Qz{>1evve8~9XKQkH6Df$nvrk2 z!i7Pfw8&1l%kxXFH;bmHAlkOb_}a@|3>%y7F*)C0$$H;UruC&{kU z266OBCW-Rsq!9Kv==leLo9?C8v9>4P$(!f%lbvz-4}*=5%JUrW41 z-;vgEoQ}rX=>=P<*i6Ftr6_|Ft-JPDUmy@=Z5e;4eI_9(Tq^&PGm)W`h&CSi@!0oxYZNEQ}8JsbAc0G4S)Pv@Sg;f4R zYXH_3Oxr32o9i}K=miV(pw_NRI6Pe;=JsNxg5JLWNBSJ2_7#fJv5+U>D4=Tcqoe> z6BUx(kFUJ#y-B;(wHb+W(0=j!-D;Ih;3Wh6n5gecB)ZxZYj4O#rqkKX&Y8YpKv9g# zcDXYD=8HS4brkVZX8%E0qZ_2G8ZjTnS%u5YUkGU3PbKu7JH;x=^`aoP)3P&#Urrjb zWcf45F{QC)EE#pWx?edznI<6QrQ9Nl8Q6qau;jrOl-m%3%&8&J17T+iYr8DpYYRXv zc&cJKL0~MW4%%yP525y4`3OjAHznjo8xK@n24oK5Y0RoM{T4L8d?|Ja8X@<1JPh^V zwaZLE9lclr6@cQaPDJOg$izCgMs>t=dmJHL0#i2fzO_QdV}TaG!0sTpIttAz3SP|d-Zs_CpB(0yhTRqsn;Ju0 zo7U%jzwsm*s-Av%^4Eo)M`XV{EHir-q=4r~pE;Mo$2fGYSdm_df>H(9`czq%n%@W< z{c!b{1x`v1-F`NL|6IKHAnz+xMkENkdpnX#vs;5?`pitI2I6ZJ&LlLc%Yt=m6mC*u zrsZp%^QKMv4M&)SDz=(~x=Be=G?L=y(gx|R;@xJaDOY!c`)f*y|Dny@4CRA)qtePC zbp7V#9#Xo?2|0bfRP?R#&btt*IEvtG+l1TUb2}$Z&%gqIgSL)yGwBM@a7gAJtp7IK z2w?b~ymQ~>Y6|$;f}Ca_sXG~;eXuY&Dm`xOW!Ni?y}7ZcX*c!3Ni22{e_3iAB9^P( zr359GPcMzZO$kS!P}`a!a+Y^YjV<@Qq+GdwWWVEc>y-fRp9X^8Di42mo=vc-DxIsg zuUQM8m6Jq|1U#mD$qGi`AGeM!qZ%|R+J9=EYl*QJs%)A*L~>m}u3wq?d?I}E-5lO^ z_lqOSs-+YLqtf&GdSpG)I=y_Sv-~`l3fpyl?xf3DlC`dVedK&-=)yht)r>nlHc8e@ z&Gj@ViDWyTKAY?3OT87)K|~n8fVSNJ5~Hh=hG~AgTy0n6jGOediCu=<65dB%&4at= zTGT?4N!mMI?wrZVGI94x+v^y* zGDPWdO#}gz(g=snMRpV=x7T+_0z&W6lahhP>Y|L;kxm>QwMPpSm@;-AKugkn+Ex<& z%u0UiiQ{cgoa<$Z+#4oGRKK@LF(^p(WTe#shW4YZ4&A0DEhWM|Flpo6v5BG%z46`6 z@CVDc(8ltX$CFjSmAYCoAnrecjM$#$c>Z)J$BJ6h11`As!OMtAjaHTWf<^RUOiB95 z6Ql(FsFutfgSov0^Q5tp=xk2?FWzeSjIw>{Z{~vIx-E)O6vA5ekJ^?MdlRbB(S|n; zciK_=WLx!HmfG)CbA`~mtb2Q(!D(us5@<}nvdvO2;j!|sb4Cfx0-3T`LWPoJH@o8B zq5#3pkpl|?zfNYk^kZnoGn@;c;BfC^elJX*po}j2PSG>#D7b1#Qb`_TkCfhfoKriB zup9E2iixyyCEH{dO&+IQ5kB1T12Wy4U^(`AX)-J+L4(E`jj=8D&ES(K;6FTfdT=VX zit$3%Mvj+w`J-<1aDbO|igVY^Z9owShWSXNHQCc0NEyY#j-dFOgnmI)!pb2Rm+)DQi-zvqzI*!i| z4LKjXy>Nu9KVHvci_PT?Tc(8JuIp_F>5;BN7fYGASNBzHu8a-&@HX1MgIbH>Utdhc zoRKTHuyryk!}}nrfWPrpf*MoetL%a7xH%gqDuKxdCCFI{r_127S0A&X^x1JY@VHJ;23=T;#K;n~>_KMg;?y8$A0C@gF-KZv;hL+F7{lK2U?Cpg31lIF z9we#D03P^?scBY?*Dh4jF50+At>8waa)N017tm!w3pmoe^muk%7xZWzQ!XZvs@o(c zOegI9uFXrttinlG-NC2vLNgw+roT1j7Ott+C!3W~EJ8JNp`Ss;wfl-kQ`dNTBUjmm z7I;Sr{lmN41_Bp;o&!Es0O(S9_c6vStyT0HMKv>gV*yeuA_5c>VXd@jxv>nujy zuj>RQONAM55N_QKNeAQu^s||+GBUNWIB~4}Vj)mn`@sZ*TOY?AOfv|bcIO4RkZ2dH z>ACBTEl9B_Z2E^o)OwU-?}znLU%{8t%^hOu$cgdTtmLs3-FmeZDaSi8#AQ1vX5$??7F3xwfn1g7 zB}tdyq28})CSSB^QR;E(@R)e@3uDK=HWefBXp{kLcdU<{8()~cav0VKZ-Bk}@Yn4h zmL=klCy(&&{bE$EFlVd0&m2Sua#H3dZ*!gNZ_+R=<#iW#hR53laq9#Pn3cfUa;`ji zmUoxhdEC582syTOcj0wKTe3DMQSL%h|H&wil>__5#z&fDTBL3vq?T5 zgDwLm?{2}~+)f~AjsSV`T@=ZkHEB-Qzvm=g{Z{30kmqv-4czZnaK%gLSt|~pf32ff z^c@_w_tbl2W~!{{Ij2iDb%poBckJLd>tY3Oc%$23&!EZ}&3Bnsv-K0RaZR$Vh7nz6 zUx40v9Cx=j=8tq7xHnsm4pzkrj396=cM3Ok4Cg8~E^oE^+S0&2)`i@O_j8n;1Q2-qBI{$a?MBPs%yrZ;uI|>0x_Ma)MJp z)CumJ37QBd_?N3z>IU2dN#L3r|B@v5>4mk%Th>(5MJ9fHB9*6okM=f=KGL79 zpj5wKN$Dwo>tLHB!hi(<9EKul|0SxbwztOJeyY!hK0U7m(#;;bisal0%U@Gv*kVO^=l@r z%2-$>^d*-j?39EDlen~C2Yu10s^x)^EGD}!u@#x^=u(jKk7qdJ72?JQ6YIYs9JVuG z*-gq#f>r14wDqhcO&-bbuzSs%cGxppF5aj0&kd10jkkJQ@U}8@z1Y>%KSg4(&>Jz< z!mQRI@&P6WF86ptQ!c#m5btCK2eU_pJ3mSz;BbUu-D2l_w{pO$6J%vdH!^ip6StUS z0~cU##*%$EYgrnABgjr59%$pUPox0G{-RezmZbQdP4YkK%e)JYKaX zNGcWYfc3y&Bka^TcH6DzWCCnDWAJ2{13-I7=ylR>Cwyz1CBzP{(3m=T&LG|gu*x<) zf*`(2eQIJ>#j8Q=K7kT;h}uG}Iy> zPf{#YC!9>@#bl21%2j5ukn^Pdy>=GQ@D^D(G1UASv@X0=rzXoNws3Gcp=v71!RTx! zzYY4`sUyt5Vm#DM(u3zD{)U01FMktB@p~=p!E#y3{exqX1o-I-#urc)Ea%uyNOEje zHsHHUfCC%qcRZaiKpm8RDs^q4sm^hHkq@oTZLUvKg=)iB15PJYO`iPE7O`%Uh`T%* z^=hp0%#;n7R86P^9dVY0t`0Ws)V&YqXLI^VrmBF}&6=J{!lx&QvDj^NJU@`WU+mib zB{a3yBpD&pyd=!eS;Gy&2HL_$Tcv5eKc;E~ji$7C6Uto4%0i_Lm1@`pB3HtS<&=!v z1uD$LR$s#`HFaT?Ch)u7RiqPfoP{M-t%y@dvu5^2bmJ!p@wFZ^iS!}&6_B=csB{w5 zsp*0`wjr_0_PvL5?Mj5tC^x*|y4L={EU9Y4t{Ont)W%?2qV zIqYsNa20tCtq7lq=8cNw5su?AAU9s`fcdJ82Hz@oUMinxtIoRWed3)3A}*^))!o~J zi-cU#BB+%D3~-!~lAZ+;5P6-*xM!WAsbGpQ0{b+#{ZO-V45i5C5_$B6h=b*>+8UWs zve+q8=g^lD8YZ|(HNKaLYTp^1s$8FW*s8%A;c)2UnJjcc(8@~_3Z*$}nk@Na+$`&j zg*bu7I($pOR%HTf5v@=Tf`c)+ofldTKj}t_<t%o?)K2&tMG`pdQ7gjPs zAXdCOhoa9W%R<{*$5($;YFbraE!PR2*py^r#>V>Uuzale=CbPN;}hWjwJkR`S@wuh z_Sz{URSZ?)YUFu&qjaym4wdg{4yt6GF|xWWe!22D&jb15W7Hk#rTeH3pN;a3<_$P) zwV?zjfl=8*nBgM=z2fQC8&56#GUXQ!fmh?-DZ=F7l}5|*&x7Yzny8ZHXP=>+F^IjY z54U@z)!O>QuFkCJe*WkSy>wIr?^UcytfuC#@6ZOHt5Q39%!77itq>LnPZNUWnYVzV z%IPS`@!r|(_J7PiEH@#S2j7Tol~gECz8;OZBEm339mS$6JgX}YWa9lRgyIW>YsZT*claCXdS<9)p@gUnGjtu5Bh!0iFk?Z_9_}!0aufGwnD=KVP{ z86!%=tDhJlyQ3LbE-RX z+BBRH-+DbVHDbjvMn*v6xJNQf|D18>Qt3H9@FLNFVC{eenHupG9eaG1;mzkZK_Xn$ zrRF^Aw%z}E?A4l!Hud*2DSp{V!6A4p%+2}>X~Qnonn$4n&H4Q z(PzJ!l^mpm1QuxsNj?;(9Q>jk6!8SDd#i**8~ZuV;E=-oomGjYfGg+^9m#7yOS;wgU3-qpm*%*ysaN z5LCic;r6)(W5m;i#$%MAL7h?6|r0A)j#avkqQQ;Kb_y;)S zO!UF>#?4!x26k!Na6gq>$~>Mr8bVkps&{UfaKZSKu9aj!@1TDD^uFvMB15XjAJQ1Z z_=4-GFeP<_OAS-=fRZ1N0VO(f(168kHY34h?=HHzQ8Yf)!3IV5%y>ujh+VTPcWw2v z$7NMO$)-|!%2#hauPTiVy{M?&tC6XR9mk9I`qMs^Nni|42uzN%@_S6vT7=E}W*br_ z&^~4j6NX}B2T3i!YNIcz&LQK-;!TivF3!8SUTz$5natpE6_LoDg@KW}o(;V+`;9}h zV(i_TD=H!FUV>qM#%bC~PTwWV4YBQ};bE##pTjf&l<(Y>dn)i`ag|K)EwRhn_%5lT zlhTlbTkR1>^I`ERc5#ctl4hPYu}4DWvPVpK=jO#FDaDJW1~$EPV_I*Gg|C`0M0eE& z*z2&sfq6R*7Z;87#;S56iPU`HoIDLfWrvJ0l( zZgg|hdn@x3f<|Ax!_39cB>XS;rQgLDzuyiE7~H=swAsFnUB_3KfeyAaV++3Akggbv zN;2U;lZUPbv(>}r{1AJ)!x^+@f^U6Ap__1pL*#vkxwjdO52oKf$IHuLVV1v=Zo+&F zlxUp=;Y)c3!%cAQbd1&=_2=u0p>CQ6uxoo7B*b!;%xbyr&mavJ-6{ulX1SXUj~^ef zC-L3eEal`^*Ots1(D4{13ty7Rby_Fi0T>k0Bu){^`@Egf_ONi1r&pC`+%b5KSO*O; z*hYSEHt5%5Ga}?cHLIzU84-<((*fbi5$(I^SdG&s`K10KUb97{-ry&ogrLkG3#kK1^p5|P% z``9qMPzJCNt26F0As;Pky!;)Hw<_P>br!_^GpQdg#2!k8CPZv?Caqb3d#2t^cOaN6 za)r6&4j1nJB+ZvVU(n02m1Ri9s(pNNsMGRw)Og&BZHk=6>Toxi5r3j;uQIR5KtQET zCA8GqTP+oI|Fq734@=87e^gFqvc^!5kn4-a)7z-G3gNb>qTwdJQY4+7cZCK}EebLG zqwvLwulgr0QZNe*W`o5wdLY4Tav0GL7Rp)mRQwU!+;d%-rNZ;?oe|UAYreWqRTJx$ z2RKIWnuTEyA>YFP@&vj5I>jbH->1LOLw}s?Voilzt{tgdDjXQxj~&U=m*-Oo7Qu0c zaJ5-&*u5Cw=VwWQJ?9=nC){3$72!eVd{^gfaK*`7yC*7Bp$B5c7TgVtYJka_sF}r0 z(h?{hSKEa7m>3VqbbOrbLR|sqYkAA6bhENh5fpgtsU>V$k~w-`-DM>faz~G+0a#~j zU!8=USqhJ}yz`%IL02!U`_;>qZ5HxOL_JKK57Sa0aea930rx>~Yl9iPu}1oUBgh&c zvA_qj2gEt@nPf-iOOM?=)c|f2^sVGR)_tmfEVP2sBsrH+U4LaQ`7d(1ZL|el4_WX7 z#g|GEOKYn)6d0aLv^KBxeHSKfi#=Q@$A zPL?h(>a}=<9Y@QEse{-+O5rj)Ib`k@n@|3922~&X3ebf?-*=)h<}ojrr2b0r&5B7xR?k0)yzzP18LhI@1m=n z`pC$sAjxXD~5mMM;vAbb4Rn;IKcW5I&awt;^3JGW$Vky!S z1A|*+AJ3(yCA=C13?CV_lUgJbW~O=+n>8#?!uBdU$Bk%f2HQvo@k=X+#b}$ZWG|WD zEBfQ6UYLyX1{(GG?k?p+iSx0V;y41Aq}b`eiWQJ(wOo~`RQAW5mnwys;w-LM4L!1Y zrrj{6oHg7UjdrI+v}}@0xL~thOkg{?$=rX#rxH}`-_MYjpj2%>6OAjmReB)E?mNSRA5(?3<%5{1fBZD| z7Uq=KmTRFv6cO85vboT(l^)s!uN8cJ#F);t_LzKQK9Gf)}?Ird+i|^O! zjK{kcB?i}$L+1FNP_?DTJRj5Ln%DsrflCH7sQKzOMkOYfR*uU_ye#%UBc+TN;Y{bS zgqVe(+OCc-X-fR+&n~;+1J?gx9eLb^>l>EZO)551@TXsXZ&+OmQ_*hOh$uc!t7(o2 zd5Xm9S?N>RYkt0bs`7!9G|?awUgQg|ilhtj+VmtCMfZ1EP1JnE(*0sc^|_@|3jv7h ztTyCeUu~j*mrsF90-=hVty6abu(a4O(|O}6lV=v$uxa4h##9^MXg8>8?>f%eD3MNn zyTJ}RyYJp#VFB0}5q#ODr5_#RyyczjQo&QQZXX%OC$P%LXuN=*YW!A%L_F~rZ~dZ8 zwX1+cUZnnWCmSadjW53mBvYwHY>U?hWu$BiI^NGaMA;QpUi*VDMgm?=;&efT9l~4-X-1i(yLcH{6%tTJI$A`2vE><6 zwx*towCYn%0j)gaLVJx~O(w2Y3z?RZP(SntQRj&ne0`KggjNZM%GAx_26{R!C}5(e zOal*dt$%k4W6$>~9|0vkh6D>W($JQ261e^8*XB0=4DB!aW%3^%CSWFN-eB!lJL0>J zPg?7fMO)%oG@snnFj^F}kDWBOU#>Z1o_~wi&g|d1gh&P zo69Citi}zbe^cSQQl?Bin@ywO`Fk^rLt?v-Dybs+Nl+gXOwgZmWyEsLL4yI;(-Ew4 z!t^KUk=Fi{OY7bi*~8eo%pl`pe*J#T&}ESwkF-%kyKGFG^VcZzu;%$+Y1^r^h1F6p zGnq>*Fo<+uxEc4~+)E=9CBiO8o-{4rE>t>ug?K8>RwoN}+np%~xfyUyf@H2zQAga| zxp~)bn7Ey%BE?X197U$6*$sDUXLd4asH#Vm7I!&hcMjGcldrn+Vh98dWqwTpBx0NN z(MYAB(2QlN<2oc`@xY3vFtJQKU&{5=eQkLrOX@_9L&nCu+?loe9h#XW(cl$~uJGrR zG~_ovzj*gD*QZ_~Mp&GcO*xZ<*er;HFNvG}N+j^;C92)Nv}T$7 z$l-=rgil~7f-b5&+>%tF1QtabMcukl{b=z@hOX?o%V6@%b-aqcBHVgw-~hA=p>WX7 zDBpJeJV&dy5npBtKy>(dK|s+8sl9e9C(=&x@-56DePKZN5_qv)ns$oM#$yl=+!8JGt$u{3G?K!fowQ8XNcQF zNClHCe`xNy!49hF!i9_#US1>*mGW#6Dl?p`6gBP<-ax;e)`clo3-ytV8B9AiL+I6r zL=QgqJ7*s%G*8&Y{p{YvirH)jr7rbKLSD08r9L=mrzI)r$tnU<`rY!tqPwSr-Z^oC z)nst~MC-$EU|hbe77!r=FIT@UXgR}l|FlTx;=%BHk1As)=&VUF0wT2{Sy2E2JTOz!MhVtiH ze2h~!2Ig?{g8Y=k5CJ5R2O#rlQ&LF4Ne!v&NS%dlJroG^22k&n>g0u~cknf105;)C zAM8oLi;B;FcQQ@nqH2@HOW3FigD#3I@Q-Jx-JX7wy?q@>Ons<@~_Ttn<=++=Vv23b{M?dD+_Vu6qt z3cV{DuB%nyjElDY#7LsqR3&+SqOq$*mn;Vm>g#xipuFdtV=6{Nu#UA);A;E^K%Zi0_kM4`0%NE%7;|t*<91;=GjNlM zItvDjv*{0&<=m}}xFN}8>EPyT#n+sHcTG;;D;%8>!=Z^Js$qG)l5h_hfeMm}!ZgVA z)v0zGULvR$Ofr~dZ66!f?b7{aIK}YWf<|FRm%}9B+FjDj!Q?Xv;bYR;k@r zG(obj^p+1W55IoVUjqGv>xJ{xgY_3(u1=p~;9}T9Q9frg79ZZNX?JL4tc<0=l!rsR zY6o?XzzmkxGKsCSox+M!-~2?JZFM$=xHyX(_4APB$fgZC_Dz%anDwEt6|PFh6QR8a;n!naEt-2V!`-6r*d{j`1n^d2b(WKYd;*?|z*rFo>?3=U474Jt4arqd zr(=mly?@LvkIhYZeB?;1_YivpPXTqp;jI=u4(EG0MGz$iDQ44iB_Pac-hO9N8pg}TXnM!|jiGSIhI?T~(>c~cvcfk7KiI3dS^K3Cy$T+bk~ zz99e*HR)1+vxQHqBzTlS3$koiLC4qlkW6;*iOQmO)1}r_@qrn>N(GD(E>#j@btMg3 z*SL>=eavlmO-=@hy&jB+H^OOx^utxNo)4p7-xL@RcRVEpbH~gdDGZHz>E8 zfAKpburhsg+Vk%V7{g9O<+u_@=`~Am{3Pd!(oCo(BC}wg_?Z>$hh)OkW+0CV3CB}{ z&q}diIbhEdGc(E7D1(Vs=-euVJ6t&Yu`CU4!enZ}8?Ce{wi@M?;a4v&ur8S*<&HK5?(G=8ykS0C z$lhwJRgr%}t9-^}m~jJkMD`aO2pL*Rmv3SJ9MMw(QMzRgB`CqNN0K05mU86oHJ61f z*O=wE*-Uxo=iWOKI!JVxGUy?`AsF#&lnVcrPZ~nqSb-pyu5apldr)Jy`q0srxMoTA zFZ{R*BRb=2NT7H>a>z6(7D9x{Aag~9UlJblE@80q_2Wn z-j6#MjhoxAg&ar`lB1s^u69N6`{ih@oi6FfFD~@e1>fdU@~Mo_7Y1`#XnwNpcOubj z%nEnIxSgN`V^(|Kp-lQ1lTyvT(`_cnj_p;Ida^AD1$395UWDdL!Q6Fz(X)V7%d7jw zAQ{87JPrtB6{9bwBo9r4-tW{bs(1?xjZ@ihA%%A&X0$%_#02b5ZT*%5A1eAFTt$xw zpWFa1?~-Lh2TwhM4eR{OFHhg-XkH*MLWJ55rV4BTKHHDyEwbX0s5vS3Ev{(fJ0yIi(gGnb9N&^T0K3#}_)6 z=ZJinC}g+4Gkl1@uz<>whfcFp!?~1B6qQF86N#C9u1&!FoK@lr{fpr*`0awuv$l5(v?+hvK!s_=wbrYYE)OWPtnwCpA66DT{p70jkvMnb#`Xpe30`{cjG} zFw3||#=`0NVnPYB+Hlu1bxqC1*^KiSk~4De3R8!KH&mHi2ID}&{x9+g(Uu_!Cp@`p z2G}L#PLWE_5ob#DZ2wJMgYx4nglw?Xz8Pz4+xAPE|J>Sj!ui7RQs`4^w=;{V0kE~ihiNB+geMd_Q-*Kn__rJ<2wWgcJcgm1g< z>Xv8VQ-7`<6zh`s%~I3ZPWdN=7Au@Qo0Z_24@NTreCdF0ux*et?t`7gKMpO&kHZv? znt%i`hbo--`0KwYOMhPbgZUTMqqn2p)~AOVcekk9yxB?caX*#K z942lIx5>6-R@Uc3Yb>+}CuL=RU6Eql1*mARj{DnqQU` z`L(=*#{K@M*J9a>U&PFoam{G3QjGcX1&YEE^?|JudZ(AHB5jow)8r!xb-Z4XQ1>?d zi7&ee+rLzyKAKPds+$(gpb^mJ@@V5%aBC*GGVM1LKg`b2s z;At$J-Q)Zg1tY$sA?s#+r|Ifx=l(+pE{Ws@=mJ0!qJ8a>niJ(7t>G;Gd|m&mvA=HR zaKYl;6N9xie|y7!TY;V9gq$jAMj00P%T4`X&g%bl#is=~_2;BbR)hX~;s1xh{;!0T zKd!!MAkv=Ap_l)l6#t^tkH*NeqhO8E{+p`(cX$8kfwxHcK^xMbqs9N%v;6bzj({)N zakH*5!9V@?|7y@03`MT(KM(eY+Wu$6{zp~*f3IWsJw&v$BsE|DdoB3aU#6ku{MG%x z|F_xxFJ~|R%O8l!w?G~G59s#Kv+a-B%un<&FCqQ4|FxvQ$kcuhNZG!e-sNh@{~jGpr4Cb zFmC>FP5B>~`+M~Iqdz2G8BF~87a;c!jN?5r5(PkT?|0BKcQn=>I|Rhf?rY^kgUf+qaGH{Rdd% zStS0O73Je0vOiw;e-!Lbc>Rxp{jG2RQLw+K=l{0|hR@(FJW!ecdzQ?ub#7GF`|HWv z_egpb`=>qeWN~EqBALkP1PY$ePr!)O4j9FrNCm5ZR?w2LT?&L&U&8ZPPYA+Y~zu( z9-Y#wLRjhMDS5o$ARwOQet3?S8Y&U9nEH-k6=ioe@wBYEZJk^p&SSCzFKtfVN(j7! zw$JJ0T=$?SGs-@v$8jo43rL(On`S8R@q?MjaX)ZK?#;L)@lzn6pATmC5?x1()_pF+ z(IPz~KlPZ)cfPhI=v-0^Au5^_H|O_`ar`JdR?w8#h!JH8amS-RV{QpDuQDRpd1|w& z@Qq8(*9$5Q5x>6Xk7nek6^euqE1{1x+tBkLwg z4`6E#U%&_eP7c>I7^#ij-JVU_rKQ#cepGWcORpy_3uQTVE9J@(^Mj(Ty4lk^om?fl zkN`Saw2RWl-iJiMdO1bcN5G;_+36sk1Y~eMAKdT@U9@9F<#^pQV$cD2oEN9;D%8>T zu@y}*2YRqiv4l+Zht*N?O!vQ#A>s|fka)yGHP7E`CPP*C+iktQca5&&4QT}W7CezJ$Sc!)Ze~nQ#gBFQhGmMQlDs@ zL=&}0lLjGT`sw+%nx3sjsf4XtpzX@~xFWYaJ+Jdxy&6ZkgWpGE2N-|X9!A}`Z$AFS zEZQY6NN>LsJ%v(_i^5-(W-;+eY3O? z&ru{Q#xkdCR@D^AnVVX+=c#$n+ifI)5;qI0=WWTRzOr+*odqK!6v9vlL*Mj(XKcXa z+s{m=b@VO{-#YuErj97>JQMd%>p-Imn5%w6I4^hX!F#Moc;&&nj=8a!*K-eU<-v#D z4g=4{hGUqHH^vBxcC($M&^;^=gLXDgaOMx9bs^kac(1}|K5{_yw-z_*9b~E&8YkJO0=Vpxw!NR$0Z4JIK3I6%ET7q;T=Da5)#p2O z`xK-ye)<2hMMvIgC-;MNG?{9tT8MDgebt%ixCoi1nG2PI)ukjHQhPmYnf(Pg6#VK z7a6L8dH|imc0G{POcWKLC_*dCWqThIy}(z!twa0bCsbxH>&3n1#ulT8jP;luoaH#& zXL_H3N=5*Ln$5%;yX}y^iSt%o!G_YZVMkK~kq}UWCRIpE5Nw}h%Nt%eONTi8Y~Koa zqSK6xNH?v$qU^Nlcpkwzu{xYp_Z`7w&sfMO@Y+6lFSnfYoAx`Hb?4%(a8SCW^#ON35qPAD-fvmC==FMQ!hmh{MOpuk7syQ?9Nhl4l$(@Qh4MuPgG` z-Orjjir)rd^Q;G{HF!oOnJ_b$p!Aoj{e~@fEyJ(t4OR|2Rhy|G>AY;*3X9+-<`NV( z9_q+;rcMx_19z9O)_5#SH~S@jL`=6xV>2i54WW`o_r`2xr9S{J;6pouuZ_PW{;_ZS z@fpn6XQBFIK{CHpdpe-ZdPJaEyR-J1D&wO0K7x_y)ZkSL*M;3mTSnl`9tgiME!G<-2 zo?lDIyjo|k&A4!JAq;S#LY_O%oRn49t`xUHrtQ3|@RTfP|ufsaO8o&JVXs!Dh>c z?sx1E8?e8_HdWc95$6$~*IDpjI^)UIkxFAux_kS@nbRI zYQakj?)kPeBs7SJWz!Bi%QK1wbdx>b4>|a+G@mm4V0+hvAQg? zgYYItK89bYelndT{g%15%0Ws^(=B0jY?2@6^Zs!ZSWd<2O7P&t(NAdv$PSMN`}BL< z=8L?0Ay?UQLxmwB4vYS{)~ybvOdWR2iB6jJ_I6Jj3(ZyQ+t2YO*f@pKIa6! zpblM?YF+(D=297-Ft#($mbz#k9^;%=|7ynK9?bn#HvICGTE~sfJ&Q z>d^Wq&IaOjZX!yB*V~!)g#=W1i124PFL=PlXBQT z(A6k)*KDYJ2z?8ph6j*gqrq^}bQqa}N7GGz<^=P&Vdjki)OHqUc$|Og5?Wp>P&>g* ze(BX=n2vo^^Q^$Z(|E@+Hh10oq&V*S%(GVTv0QnMR0ZlYU(iS)G<4_Bf2Rui(|^_c z04=nXrA2fX?`6%kvHFEyLxC`TI&vRU2_N>|y$jMkuHZ z*x|q=!qnq_YQG+a&vgT6?SYvugA4FFEwV&qy&Q$xHtdGr{V;kSE`nOnWKC+uer-oK z*M0MNbB=joQ~@(K!tGu)vmB~rQ4cO5S?bUag|mu}6RKtSC4rpdxgs{;L;S@BjKq#^ zMoIT^)$_=YMb(g%o5=%}%!O4OmCHHA<0ibB8fbOSLa%pHO-(YR*2X+-+f{WCXdJF> z^nQln3JzhYb(_%7B@+(r4-vNcE@m@U`fuF7f_}YeBrIe{1Gl6KbQP@wF0^k#M_|sZ zsNu<}6os6)ie~t>pyyF7;9a9%#@YpA8R%7}-skNORp~4WW2af63>~Tz;>a!hhwZ}( zp}g@jn%Mbb)v0?%IV4FBEaDT9Sf-S>tC0ohWeBd?V_4suzu}ZGaW-4mD+W890D^xC z(eicSV=_H(NoFH(YL-p#@8NLEu%2>%`!0Glu;PSZ{z+5^U3s@mW|g{V(EgmShRAoB zM|2R?-4?lx)ijc|g)4PMV&@w3;M&p)at5*Kp4!AlvCW-CO{z?;csw0kY^#kQ|M!~| z8X43HtI5E4@cUxPXnSy>7e27r0xQTD!)*DS+I%dDDVpaTI)lxwuq#7TG-B!7oY}H? zXU|m&1Y$%SynjY7)#h^e9Qr}$T=B6gvWvE1V02E#fYP{p2!rqdimG4BLJ!T?AOqBUQf*0?cq@`5&Q&$Myv1BIBDTd|ngYgasYo&SrBxr6}p0 zfbxqX#N4uGtAd@~s>i79c#qev)9MLHI@1wuJ0HqnltplznSRjW-Jl1El++n07WEEA zV!Pq*3*n4pJzV8L-nRPeK5Xh);-WZ+oF2}PabBV6#tjO28A$cM!@NCH+i*d3IXkp{ zXe9#AAATLxYRG*x_{(s3b<>FiAXg#oa&v*q7QR+_?e=FB)`(ax=#6?;#BFLk%?z~~ z2XA<>gy-q`scm*O{eWkVn|AL}oPfHu`W9&>{)U4*SuOybg z@M2<@3%{-5d-yeAIMP9em9Tq=R;}^9BScqm@6iV`Z8tSRvEA;fq)B|ihqdp>&oI$A zYsWX~SjtJPsV`lrnflh);i0t%)zI{cDG4iO6q1g}8s2f(7_Lm3py`3P;rc==jY}$WDZ&$;QVUpZT2QKvs3v@Bhb3SmzxZ+VlaJ4%>kF45 zVY-{X0;$M&{pJ!x^1~9cC$ocGf2zo8;%Z~`97#jZ7VbedS&bTcL_z|EMl!d}wt2(} zlI5%*b}*cFs!?dgxS6W%4LXEstv^e(?8BJMiLZ>^BTsg>piY9)ik7pBxc7VUUm^Q;kP!e0>-9r2WG0ms;$-u4K1*VOP{2k+;psv zrrZJ>P8PzxC%_ug=$dbN{u;^^l`&fGXSGGel=x!<&I=ZMZ^EMf&R;$}+KH{aQy|IL zYltMbdXkmpxs|3;;zjffez9;D-Q`>W@s6Q9jh& zU}4;>E~_pNmDs7qa3Ox(mt8*hI_&gdXm&aIj2F(8+<%h|Qdcz6O@M_S%;3m8|2egA z+#oEQLyMX0v+{YjxZ3a)EpEm}(Bs{kjy>vx=(=gjj+jt%&nF=Xs;LJ1Yp0E{^8*TujWrQv`>HIw`~(H$p=RI9MVXj(1*b;W0a5^YpV?L4g?CXTYO1ud9HKI9}qByq@X zjiPMSz7C?r2hI0nsO`f=NGFN(ni0fT z#fPT%9qMxOTb3yqhXXsO`>L(rO`G7eC-MC}NLE5i*m7q0%kL))<~5T8B9}M&30p6M zMDwgnILsw!UQs_m`u)+^U}8BlXv-vYV{7Zm6Pr)9NmekrqojB9v@U5?9%iRhsCnN$ z484!qlJEQ4KGOc(!Y$x>^FLu5$0q1(AuyhB$flk5q^L6)dWv|;uZFcQiA8SCqK43| z6{;DK4ReX3*%2+62>1eAH->LyiqRqPD;Zmq&?`uaiyz{-!RD50J%2C zC;Bbw&9l@NvJYGJ(itD2txf`4y}`I%<7O1a#@({%6hzNg(D4+u;4FD{Wo>kS&dgdh zLwu{x#W&GLsXNr++f~@xR0fu-`;0xU2bm!5LSG8VZDdml zv&>|Mffbp$2^w#^r&xQLaWp_3!N%xza9^~SoL%O2t3OaX-DrTnc8YB-wG9i2$H`wm zWMGb00|CbEHnzIO{1jGIWJi1bNUCd0{HQlMcdXKdQ2XZd^v!b-Is4Z+{$u({&SX;S zL7T}(T}v%T3#Alye3t>YmkJVFLSB^v3o`k}$FHJ0iZkRAC9|~^dJYrXv~BHX3IQ$b z5Wh)GGQcc&;_QL5OnF)0%wQAln}O-5Y&-rw)ZJ?w!0L4t5Ur;@RR%#|&^@rjA*yi+ zGxEedCGeV4N)ES&LhBfZQY$b+axh}RCeMXQBWa3SY#CN*Y|hyuO8RO9gXKu(F>K&y zGM&S}b;3hSGpmM^&QJ6MH8wfGj83L1JH^L6#~T|gU?Zdt6H=n%R+ahRiyfCPt&yM$ zMwJ`AEl!bCBy5)RTY+HX^<0lXmtD=p`K0hr%%h3{CIkzD$>T;7glz?kNbBwcyT=KXV@(QXnOPB9-;Dg(Y=nq0R`cIv>tS-^keOdgF#J zU~OyHxPp&poY6?cV6gR#d&{bQ+12q*Y#iGLkpzrPvrXuoT588owh!7Xe^(-riw`?E zIEwA#)bL3+#QA__J={I=#Di0z_qLUtU6(|+JQh3__HvMQY&D=%vkI?+*;zWAMbQz7 z-)F*UOxf{Q4q6r!n{P%xtYVH)quAk<*mDE7^I_1urPr*H)5c@Sw__-vS8UKsU2U=G2L^Rq98pZ6|`mO6|Xa5EnAcgsM$qC-mO zZvukl%F$YSI~OFb1{ytia{6>?yrQwXH~k0aC-rwHU0H+-2au;1hG2h~9i^MlySCuzCxHIMnb)ZK5N-K#gE8sRjRS3VCHFg#(e z_mA4Y;$pu1&;$$^&`JEC>?w*}L4NA@lnTd}k}J=t*DT;QYIkL+m%aJyOexo^H)JZ! zsdLMfD9FomcYhuw!N(5#u%*lT4)+_eQVf!}pAKf`bn{fAlAPvn*6^v(AUqZtGO!g6Gs)O!N8h z!OPcWJ@}ue?MJM6=dQkYs#d+bn|jrSo%sa)YPEv)wI4K%VHp)j9|4ON$H?TEyp)Y1 zV3KF8z+;~@BEdp!VOd9x7LEZZ`lFHj7rnDFX+iIof9OaxwQ?f-!%Yl~t z(L#QoMfW#FLNuZqE?(iiWOM;8bvys$i=Dnr+kWYLl}6QTX&vC)nY+onHBcZ2A5V5u zbU~8#C-pAh^1}%j|KGI$)(GBrD(^Fj-$b#oIsN_2T+F`LRY_`J3*O(_-{-IaRujKi9851rfcHLL^H=|HN? z{k~dj!*^;bSg4E*_o`i(8(?5)biVW|)qfW)Y8e!aoLiv#p*}9yjTWL39Y;GoPU0X9 z%k;c0D7!gFwV>kEm9TYeJ=9*dT^D(G+!Hj~bf|bC=|G7tepWSZ=&=pSbN3^&TPGWq zHaY*@>yVa9QL#v)(yR0-Z~Y3Uk}R)rJiUV6{7{Uodu!uU11B$}n4dT_zAyjmm*U$i zYApkwBRATCkB-`SX~mbxZm#a6>ElZAhz`xU=FL)TpR}J*YYJw_Ecz?r7%?^(+IVhx zomn59_Kr4)^o#DS-cLiYP0Xzg6}JA~V7wSR?vkt|N!8FGF)7HTRG~YCn*6o*ZnMYQdslhi$dq;48=Gnmo!0;<*5W^;C;5_bcMO?_-q+ z-JtzAVcjVm-A22{cqpdcIP}1$z5i|$H_tB$ zmgD{n@#I?^UbfN<0TZqr*MV#V_8}YP50)8w++B>Kl`37sRRr&z z6OU!jvC-+4Lu!)n7K?YuYKr#bqTMtxmEta&#w)e#yc@x(wb5K73^Vn24=3qZ_X96< z+D`A8_owIXsU_c|c_w#tlI+}16-0fC4+d}XbkqQ)(ZAfy>)+qns|#P3Gr$c#bO8jc zk^e#-u)3&3dULxl_C5`WI?t!Y*}SAXX_QoCnX?&v|G^t|k*3Xlf~Mt=Rri`}Bh&XL zjmIhMV+ZNZ_*?(lEDdCeC=hD#3t;*R^Z4kYM2G33Eavt8_|TLYxuXMu~Fh zN~You$?Q;B`bZGGyH&(V%;i~)L+*}kbKVSdeVRLQKXFoG_(qC;-uZnkDZHL8=F(;+ld<#C(Uk;ux zEUY1a@3gwo1U{2*>vTxh>k+~{||fb`PO9DybDVc5fK#y0RbBzA|TR3M*-=* zHx;R&L+DimRGNT*^xjF34xt28dMA+3LXaK;K{^By-uUdjkA1(#bNd(U-4kR{nZyfLo4FLtgj+`62wL7awg14L zDWVrYl3A7p35n0xff>jcu0F4HqPcaNWC&@o{jq~^&v;VS!wel~ZWcXV+=>^t0u@ME6PVb7W!Z4QiY&GiLj;kr zcUg~&0$o%0yi-d~6R9A_o{37D?Gpy`Ca^Yn+IP4Sh$2ON9gS34*&p{XNHekGyV?xd zCAfUWLL0NwSB`@u46L^r=b~0i)#l~(HuG7t(;bKEtHdfSd`$-?oO7ktx2+BQi)Iqm z>^0g8rY>KYr5%Og0VK(2uT?8(O;=R_i=bCVyBk z-r5DlE)JL@eE2EjaXDiOo4|GF+MF2CWpG_@AepBf20h*fRV{FLaaXHEu82 zKo$9OHdD*wCD4|r$xX!H;~N0s;46>&MkW`jT-VQu+sqM@6x0>nJJfV+^vRHFN8RVos7bHS%i4>oBGvySLjtJ@&-hpt+I8p{3D@1+qx< z%rBIwl&Z`tYxinmN?N9reGQI9?-ol-H$B@o8wjWh-A;rCpS+#?HMjWzXxSMTdLU!URz%2w>oMk25fdgLY=_v z@$8FFhk4THQl6gb!`VEjf%e~O9y1` zCBU2ImAM^fc`1~%Og*@jq`DClmhAyb)i<6FvJC$4rsuG-_vfVtA%nEa^{WNgD|)~?V@^EdBSKiey}MaRkR6-7Y3*PA|L zeRsD6chzmsLL=@`Xmw!%F4H)=WbbOysfck?jmVnoIs!2)e9lt)@jc1`WjN2MLc z=1*%HQfuQd`~KX+Uv?|THKM_Blee7?$!(GePpVGdrZhi2tas5ALBks!i=s&h4iv4( zvTX%btexs<9?}v2lM33k<8txT_}4U(M%AR5xsk;DdyoA!YA)&~W(JhCR>^hPGcBi~ z@q%`jPbqUHuqWb*VzIy5T8op4(+%&{@_S#z(2BtKx=$p_5A8xqHhFvOKVeb@7E0Vw zxZ?IDP6ZOcJu?0l&k0p#XH3?2$SAMbUnU1hWmC06o*gu=S1x_8GGN=gnl0bjO*lH= z;MjxE%&fWm1_6caqHU%9<4=t0HOm{DyEFzLCI0PBh8`r&f{A=sYK z7TS-2=66;Sbt6muX$gYJ86=XUM>$fhv-*`_A2{lH!|J21$X0c#mp`}bRNpzlYMKf2 z5G{p%JPcDIcqRC~UbwMMOJQ)r|Bd%xk3Guy_CR@%75u`BxV@!*=8`z=hN`Tn`a-|$ z`30TT8v)t3O3KqklzOO4r>ZSiUP;GACB&%ErF%5;6OhJ3`&ow>&OtwfxE)u&{1AfN z`rTNG5d7ZDv3CYz59?-q=Hm7u_euu7?pl?y+pVDW@7flla;R}+Yi>9R|Q!- z)#<{rG`Rs#?9-2dyYUNzyAqyGA(>oF_&nk5-%a+u^|aWwVbF%)TruOeU8%BY<%~Mz z*^!v?gZatHFTIiaU^7bbi<4%lDczqkN=ZQC?BnI;X1o=o>lv|nB0@2ra( zc82Hd^A6UUI^GL=Xe42DI0L+D&N^MHZ3qSb|9i;^#fG`%@|mbo+7;!Di;CBNOW|-j<%ZAX;-{ zGjkb0Y_`>Bb-(kWe8`%d{LgwY}zkklRw@{GRNQo@jEWJtsyMO=^kGR{S^ zB~$sATs&H-%N#8=)*^moKPN8FNeXX`3-(|2)3ndF%-ky@iv5(xYxx-~yE?-!A8Z#? z6yrMCd8^eC!Ch3TI4AN5?}o}Mz}*mFt6HUjxU263<18hpp%X-$;1)bCdwFrl|B zI%YY1YKDdZjXDZ%c!BK>TANJK?t`C-IuC* zjl+t!?Cln17+d0_4t2?*&fe%kq{6qbq+Kie47%95U43MMTB91Q_^9a>a1tUw2pMqX zc(89EnX-6Mgs@sK{#K^_)6RcB)~96fc&Fgtyg-Y>o*r%<5orsRu%%i$! zft%8UDTQu58 zvRH%v{MWzzYzSOSvIv}j%@mS0i2vCo{@2gw6gg!nYXI$M*}n}?r@Evq2B*`izy3$$ z|9(tZH{)G7)RbB1+201(K9&oGrn&f*$NohM;f4!j8{PBd%kh63phreNG350_&-q^j z_#;$q^&cq@8SjStZ9v-PYq>7Ptl6Y4wSRv|EFVeA>c$Hve;Y8QA9?{Kg!-+|`fo7& zSty)HQpUDX^>X}eKrspI3`}In%zx?Oe+eaLO-qt;lTVKLw*f-8NMNgrNlhyKt1`$a zS5=A*UC*Tgd1dxd{RL6E4z17&^&FQ9 z{wn3z^}BLxY<3>aTh!kl{Y?ltFUm{W$~|f3|84sJTc|VAfYY$2pZ?vh zF5SJxMzV`BcP^&CK}9A@8W4Op=KkN1dZA2G>i@v-Liw%?VEQvHNmbV<$ZxS8Y$oZ| zX>NJtR#rip{h|K#F<~BhFa8_lyGm47TP}cf#$>?L4MxC5j?u;d-pZlGn;a$k-ZcHV zDOK4%ry|@IL#5vp(k}K<*bT51%$)NOSGXLrG*R(fw=|i2c(ySp&G6P%GHBr=wzRzs z|449QJoag|Q+)fZQ7-E7(=_gi{T`)96ejoGZqsZISQXV%DJF~bZw9^taGC{##MW0n z>YFs;UBy&@dG&SYRr!X>`DSf-*Ve~a-o&wjf$DjVVV@GE!1KSG4P8wjY^Q2NKM4T) zami5PNlIBX`H_mU_Z|C<5LJpv^qEVbb+DL}jmjV*6lbB3GFH_q z5|aWnB3@joHV4A2zzRL0TcbO-+4hpI14Jb=&+aE{(skL0{sI18SmL`kLsqrQR-2E6 zls!gDBA&q$y*x$^SrE;AnHtKa4N zq5VmDR{Due0;2)Jl-jgcnoq`(>2PFJxLQTX*+T=v-GLKK8K zRio18Rr8B;f5)%$(@QUvQJ|rT#tGPAwTs>T1Xh_Q^&=UNG7nz8%_?khdtqj=ZbR>6 z;+Jb5K6MlelwgTe0;YahUWYxUi3a|Jtn-qiMu?aCKC60@61*zI zG5h4wKF`E=Kc9_=sx|6#2MsmVjKYBtVjJG)()nswy+>}?c)kB sZBPbIxcw;T;+ zh9N}53Rama+p5)U)0wiPsdc-EcBD^@Pj@;vVrvMH(PUWC2K4>Cd@*p(zj`ijVm}k!+UE= zQ5|7t@%x)tuH(Ajv=S_hNdD_7O1bisy9b@vHGQfQhVjZfH@<%gVcbBa2Ae*2n@L($ zZIiIe%(k!uN%r;sl>B^jP>_yaZx*>&A|0K|C{@6$rH&Y%VTYdyf$vmlp|&WGoYTOp z*-cO7+yELXSM>tu&hr!q*ydkzRi)>z&#ygF#=2%`#|<-!F@nG?N8M4j`9|>gvY!`P?0V_*P%r z+bW2EaI~nq?o{Y(zKlvO8@9l%D!Rb=y4rK6M&lXNSQErIekRu1(7auKfk&f$Ra;(- zo5H+TaC3$Xr$wbcQ7Ni`#m}m0L)Mv`)CbPkbGwd{9n;WZv+k;4)g-%~Dy51_9Ra?fe? zH;D@IG9eKN-?&@Ztfn^EIFIk=%fap?^K&@k64XPBy;|N0$u_VG5Y`ZQ+F&Ux-_JJx zkSW9s9EUkfi7Xc1do-DvBfFZJn=K&*91Oj_k)90^EtZXGYZ0>_Q$E*n^*_w(A5oP) znR!C!lVZN%g1iU0GWaqGi&NX~I3!i}CMC^#24Y;qfa7I$Wy=2LjTJE-TeDeq!y&p9 zxYLsXj&aGW-Gzha<07(z2uwOp^Ro7#9>2&vuy^;T^j*l@R*G^h^n&}kJ(xtUilL{&^`W!-vj%PyHkkp3Mrm@dQcw-q6|_} z*+-3deby1T+9{TUEq1-b7&DU$&soFiOeDTp zDj2ZWn(BqheeFFqm~^k=j{JoHrJ?5ske1{wB?5ud&JEf!%qDB)lkM}--=x!F5T}5-34pG_wBK;u^9X zc(LkvP?f5AM0yjU%j&$_`{R@jxyY8Dup(Z24b?G5(lLbvkvS z*l&xbkD4_SBXhojk(w^nsjp5o+l<_9?=LtYA00+b#U)HfiYs*s&Xj#a<@2$_PrB?w z@t?+6 z8^MPFHEfi!K^5-|6KKufTTldae)2FlCQj=W8T;`p;%x9EGOnFV4A`l~F%$R5>!mpz zVa{4u`faIo`vXb!RI43Vl>cJsH-`B}f~WJh6!zkZU~j{PZEtgW3%^baL}F0}2V{Ol zd;BhHzam~EG$7r-h%&_ZiQUibFV;nMDy(~1o$5fP-msSws8sp+)Dd8_>rYB+f#!Ws z*0i*?Y(GMQ>|%dC5@4xTlIg4TO1aiHRh~(oYL}w$#{9!QmoV-g44ZPrQA}nJ=zPLx zQmB>kyX9lZ4`%35WaB>Vo^G#p^W1Jt5*pv?sq?@WN-C1o3tuS)Mxk)R&y5_}dnrWvut=)5yEEO2aK#sD!Q zwf94kl~$>fOV$S#-jt#Aw{+5PY1i-$%khAJ6e;=BD@2})iowtm`DfTOB9-WKHJTq zpfOv_h;VqI7LezVG<r#kS%*PpEm>kF6w5)ih-aFbT+>eyei1x`0 z`HJ*>UvA&w*T*7)vu)ek2uk*hiVN0DrQduVXE30D$L(ZY-3jxGS5o`b^hA}p%qtM{ zpEONrY)86l5cv9_pX-|b0iFMe&-+MvRYcIX5mhnL`3YiJZ>IlxEkvW?3F~VzQk)~_ z9us3-r}w%=(M+mg&olFTkEWtwGvwit*XboId#)RxV;zpbZzeuYZo;y=YTjmjWYQ-m zN2^x(L@ym9I^gVgR~k5vJb#DvV1q3|$RmDU@Rj@+#u z7VF&Jc7Z1>MP>LH5m^z9NyRzi{2dni&rNqv7%gD;-A*T*Ic;{&Du_Ij>(5{pK#FBV zBA!vES*a{Du*v#3C^@OgL6lnIPu!MASE@-;KVqnR>wUPEg zmoM|wtnFL($y`L%D;%O{|2LWg{^2@3)}EnqMn~^kztlJpPn)_C1g8%^&WWc zokO7_MH9QJ=Cx$cBXIB}>r0m75dCETv}vjQ#lwo;>q#!o>|s^2+`56dTL0LA9Gq>q z@r+Ly$mAZ0P8qSANJ}~zzX%D`_~uuY6>Q_Yv?SbQo!D*5l}@D3%Avp$GTB!3bMf4r z`?Ra4fh_>7q^wQ{p$DApj=_dXz={Liz`1*b1+%_WBz*CtZWt{5WLk4X2$-O<7Xdz0 ziFU2uLN7zZ;X5=?$Cpr|7m2HI;ILv8T$_?6+hE43!Tz}zH{7yobLutXiEa*u7mFM( zOi=EP1X)=(`1$p0!=Bm62VM;cs|nxu3`&nQMJFrbePd~^L>xPr3J&-uIH(T$ZMb;n zvrs4$3(Q1uNFW8=GK%@LMszh-pTf3xRNKx*UgJ|Ma&+v%R1bErvS7x{;oi*Lyf&^< zyB1;KFDhCH{CoO4IF}o-QMrdC0S#f2)A{QO60JHQ^v$>P1i!}ww18J8=xVWP0D?O) zU%Uy)W002muXcB>M{hIyjyCFvA*wo}P}?+@_T(bdQr-}R_^N85k%5%+$>I+#y->Yd z79VUFzu=|I>O;Gp{waA3R9fGQ+cxa~v}LOI<*KzXH^-ZwU6e=Z+2#XsbtX1d=-m3#_P8I28Awp^)dPXoZX$Sbi<3`GVHCPQ$ z+L&EfF|8KT4u1$FyO__};T;nr{Ew|vU@-2b^%MOb%3ec>#h!wA7uH|8jiY_fHGJ-Q zst+uXv5Dm6_;G5@ic7|S3Qs?khv23+`Ch0b%=fDyyRzQ(;AQ6)Xy+S7Be=cCR|x9J zyIg&{HJ3dF9jlnoG6s6OK8}$y>yRbD`g?vZUuP=vqAW97uO&%IFe5^X|M6%D_9AI7ro&dI-Rcx*S?zR6fk1n?Flz*5L4umaPmac40Lo#GUnUxJ;Ty?H%7U z!4FmU8CtG%b@{s;9;I(Nm$uofWT)&)m_EPnU)y18SNieNmjFP=OJr}@k2+r!1K{#X z^qK>@gIAwmw#?(1Eps{^jG6B3>`7;G46=AG#=Cfq)Pahb-Io`SS3JmAUMP`1KU$k>4H=-NmBr~`Y0&LRS4xb6$O)?orhbU`-OW{ z7}A`acWrBqdGtt}kLp<>x_V|wmxz5O=H;CC6q#<)eRewDR|0RIrr=xNX{_Ln!L$}2 zbxdGwaa@bGMPl2^Gp(n~u2y;HmB#syWbn5ok-63h=O!Lh7@rn!rh?uux%MCglWj%4 zM{jb=_Wo!g<)>g{or>MfnZtUZUyoJ_(7!Z6!>X;6t)1!ySDH&*rIkKb;p%jwt_Dq5RVd&uQ0U z;f)!%@kzTlBW`#rU^|0pKh+0U8<#U~0>up`=u`m1-|Fj>7Uf76a;LUBbE8klV%4iw zL}T><-aNMzNC`9e#n3XF=vwOy9jmGM2S2F%|Nd-l^WC8S!Wc(f0?}Ga5 z{Dayo8uAL((ujsAu*{O~Ma*u69(_{h7ZTBVBbOo7mI$2IlG#7->u(7szR9y=_^ zJAXyD5P~2Lc56f~zY0p*@ucDlZoN0HJ%eI>~Rq75N zqK*g5CQ#D?9|UT-@M5ln0MoX$+#8D;c>}b`M+7_k2>v7)M%9kzw3)A*<;uQZBS3sv z1b>nCh>`r#&zevNH~E$v0HQp z7IbEi=Y6c~S$S*G%RB^LugJ%W{7U^Ax1I+ z;r`8O%QlTrXib)ZpQ6pt{q_ZqKFvLa7wDNCl?|3<&45$>t%=!6lQboajI$t9`EaU> zlc~kqlB5YkBRo|}kV)_Ub$kWcN7K6R@Nz@bBb3aow75(6Pob*3Vi(gB<@!GY;QKK; zCkn#wc5C8zmGB&M=s^moD&Hf_H=)L;mCSCWJW06O)NMvp*BxVr+0A4+ zm`X427>+z2)ScgH?7hsKS~W{Z<~W?{TXG!3 z**iEQ(LKm({<97=M8)7YFp5TMD*?s5kFUxCNvRo~QkQ_=e`o#BOyTD{`KHX4Yn0#G z&E`nj0Jh_b{V1k2xwV#MK)_tlLT{blUfbxFZ)q@+NxQzgnmSOceU4u%^2R!7j0$M2 zFPY{GDl@ivmhqlGgdb=@Pc%jZ+*+SBIJIY=oxZgIb*Zsz;zBANQ7J)Q2cW%!O^SlL zsf2W1aWGFh5$o`pErU%(c=y#u8R8M0>B5y7N!8^ttGMQBKZ_6Oxbm(C$#D-nFaEPk zm#azc?Kuws&tKwgUhKFv!z6s{)NgBfZKpR;VaS+e6RkFm(Hl@O}pMfb5h)0k&HFd&QruzkPl~bMzX>0 zz3pg@+KXUYS&8e&7YHJ7%siT zKejvR4IIes$!2?2nuI!iD;ZG}sNBd^9EaTm*j|B-UM-ykK7B8@$MBN5EZTFEi1cx7 zSA>O}`3L817euGQ`o?Ado! zQAdif;fEKm`Wc60LiOp*PZC|)HaVr;e%!b4`4qI7Y`D?qgHAdB)mT2tX)3P=p z!?^YniwFnZ2Yq-@$UzH2Lht4f$Yk%I)KIXmz8i(6vtq zswFDFv~N>h6MsTAC{neTdHAi;+OzZ~DSK(g{EzIVAk5T!TqJg*tL1*bjVWwTneNKr zyYGc>QJ((Xd-kN;BTS{Y(FIspTEgLnxmYUv>>3sR+rv3SQdbVe`Bv7L>TCJb6h~Z0 z@aPYq8kn}HgXdy4OAbPFY01aI+oq#ZU2n|^IUqZt&(x#n>Y$TQ9MXhTy~{gLb?%UM zw+X8Up>L%A)X~iNrcmPYSC=Qv06!=V?qP}Qy0P-U> z-2y{T>ybO4S)UH3(BDJ!zr`R~1@s3R{V0q4Jf8VD*Tr&Gz2=k$s0(Gj+!6gFA@i!> zX%?xX16R$)ce22}X!4r(Z=iBUg=7TA2yilZB#Z zqr8+3-6vbfX+rCRfARVIrV%Kgs}3(gaZPU7xJ#dnDKu64`~Y%pGs91V7HnAXJJF`* ze#eirEmf+UDOOwL?Jb2RvE)W>{_7u%Kz=I&h8ip;LBhxH)#`qS2kd`GwwEZV``pt) z7qeq(wkWTb@ zyWvkNYH7X@@o^En)TvLVO0h^o`r8MZ8v0uBnnx;p z6Ad6*u$9GTkVJ0CWwP#}SvBCDx>hxUAeTV**qlp`N6J1 zQBJ8+6!oHynmg23;s(rD19e@)ZLsr1$*g_V(W7n?%hm9F_+q#@CAu zZ>gI!9eLkO|Ngo`9I$8t!6m)z@4UGA!!&c+`u<_rqY2Sd7bBY*9x&=&Vu#<>7_Mes z^^mPt3M0O8+n25Q{%9suqB`#{2mghpiZ6`>$*nmfke-N)pdy>3mw~^>WWlv)T2Ygi z4qJrafl7(PP;PPQCC}5o$U+x5Xl*KKi;5+ncV|y(ojVBlNQ0YB0t#acI7Ooyk-_O@ z_e0_=-CE6e3f=d-`n1lVVxQEIDx`e17E~5IyDGIlgmrE^J1K&Kn$Fc6fR9ueGEjsj zGht`fY`>gPvE%lWTVPpVrO$>FowOWfUhmdA?vRqJci)FL|E$lrnWkhI_(qSEh)COt zw0?W1AnWoh-^`+5P7Yh&$K>*d56fW9q81x%i~+=f`xXchlz%>~+wttSl(Bi;PJoXa zpez~3GN!}r;Yx7vcC@C8*B7k2gg{obb|&wsBCGgTZcQ zfsWFy9%wUk8K8|1Z?7kBclhKp_pq$=Dfn_w4xW8$@!16Gi*szFQ%MfYc+CbmYWG3F zbJKB^@>z?{!c_F`db4Do;-% zfl+pbT!_Tn_RB(=tA~Ic51X$S4&wT2(jYl!99L;;2NP7e2RDtckoq^iQ6(mNI0-DZrCF~W8gI`B8G*7**TELHP;Gyt&KCmb76BgbOSgkqKw%6eW& zcZaL}%5iik=V!<-QrCK{^YJdlR$1?)^1NZtGy2y#GT(AUWHZU^KHHiFzaFaiGP|W# zSm5=gb_wK(MBu;Tf;L4X5fi3Ynp#$;>JC~=E3uXnCOv20pKh#MW(iWJw{>L4x;n-d zJ(Z`Zd53We;0Qok~6JMiGfYkZF1HfVLY&_^f=4Zc3_cI&JM-gsY(hGM}FT{uu4j1 z+yqIXGIE#VuUsEg68rQg&Uy8Z-EJibWim&Hg^sJL)ywplY@ZPA1QAPQ*k$mHtq=F- z;irMBHubM|$Bzp%YvS&@0#b+Wl z;?3vuMl9!^AI0=d{2q=A_5ol} zHam1?I9Xn8SGE@^oQVirz`mw-Ks?D_!!|!y2Q*i#`I`0lF{&80E|sQyo$Iu$+GOVQ zZl8c>Thnb#H;e{X7l=%XeJ;nDc&DNAZg+F|EGnuODjLM4Q7frQikIY zFwPbbf)@?cBcv<$PnYXlo_`#$CMLP>kyYhQE-q>2ck!#U79h7o#yvA|N~rRl*0)(l zpGm>4y2J+C221FflVp0=G|Z@vT=764AkAylTd(?{cc4(l`}&8F26 zdNB5&5Ep@lZFxd~-Ur6+Rl##HnflW&8hy=!lOy)#cpgBX`#U18C+E>I&ahmOL)LbU z?N#ZB;M$Ddk#vDkN=DBHknj;HNZ_6UrU8a&43q;@0(wn8?oxbO{?$AD{vKs|zFZmO za5G{S{JA910T9qzO-2jF(E8-SE#mx4ec~iY2ijmhC7OfLb?Vs0l?d@*$|nk7u3`?) zupsN!1sUlho8Lkl*vcON5rw$ahs(}%w)?=(r_Q!BtfqC#MTriyR^yE z51-$c`&{;dc8zH0%4i&Y@s2%;AeDt%&jg)NFYPx*Sgp%-6b%Ki`czH!>{*TWqi}4E z7F9be8^(5FWlJ!`nndwbc)%{wQLp{9TmOwmF>0IG-XrW2bb&*XCXy6_Q$F^t8mAqh zo211WnI80subzA9QlB=?idnbOXri~9{3dNi;ZV@vPW$w)bG{RGA6Y?7AzQ0*=JPuR zv#Y_3L}gNz8uRQ3o6ieypwV?w_FFd@uYxz%KsD(FU{2qFK$fz|nO z=T3OwO96qtiZe0s+Stgqb^0E2_mVd&Mu*#MX3X`Ai#R(Akf<7UBok{ZlgvsH^laKy z#Lulf&L!ym4gKQyR3--(6$;ANvvuQTwra2I@;@aqa2881WY7<2}bu)8A{br;Xj3)q$}i^BSE;Vnj z_&TRuR8{RyKO~{xjnzS4udZW;=woz?Mg_91j4Fev zd0^s%A9eH5x;a#RM4Z(1k?diFDr8N$Wqb;jymvI!w8w<8n>O%qI9dr=T32{ELqK^j zY)UtGTHgOEglDHS4}hcu#Iw=PGnbqP`ll$-i5n=V>wT#QT1|Whd&^D3{qc!8*%-%L z*p`OwKky5otDWCQJqrifAn7=mb;7%9*q59bJQh;&6 zGy0?|^x_~esri>hX(z-w&3eb5E^@eHae;q}Kch-)&5x+Uv!zt#gSfz!yo%{AE1K!v zn(U_AW}P|D{q=v&0$_!0f8bhgjI*{Q`BftW6J}DhM`{8wuZYDJnh31=wS+%`gKH5$ zx3vZqxP&}s#OXm~vr=7lwg~1bYi8L!kncOu&HL4_*eIvsKytL-F2|8+zj<|ImhYmd zZW7O%&5NaUuLEZf{oi`15w^0x{=p@ZZmnJ|erdTUM)0-V2bQR@R!s2BhO5Yr4X94SvztD^aIB@j_wUvWK}g|4>2nPfQsk`UvKB66eGFsn{__2$)NEVTFtBbV z+D&goW=H$0!x;&+pU8b}+CF&oY9{+~bwIpsEQT|uG9%bM)#Y@J%}~za2w|t*(S`Ft zlw}FMErzhl^h)%x$6@oZ!3TB3v!AzS7BZk~B5fy~z;;2btM2N<1D?~y6efL-a+inM^ued3t zr{jE=S3+m$v~WYq&UxWLz`6ji)4y5kbs3 zesNmfppjnyb2_JLTk6Ytw%_^wfryMqZ;i^wbZ>t#lxSUe+{o`_3Cpcbr#f5(A7D?U zMbYn5*;+)9o>%e`y59C!VK4FLO*@JHqm8_(%%Re9TdpGJ0;_}3oQrktUh<3P)s9n1 zBg>u4(9-BC^U2iLs!wPimV&E}!8Zta?t`Jv{&dg|qGkQ50G$TC_c?FpSdEy4%A`+D z{|hs_SR@6^Pnn5bs1rB*eHh~Lh|@U{0`=ATy-??Rvb=QAf?dOY&(vw>2@Yuiu7Bxl>k!bnZ)vn1 zX4O{ij*6USAVl4W#4H!I9BUbrEa8ML7|)Cr&dlm*p;_geKPf3$wC~Q(jUEKuSll>e z9kY;Vb3uSogDcI#Nfm~)$t71-WeKyAeJ{3<#2WnLIkj^DvdxCWf{0aIJ-%@^g)BmD zK|vd4fZBis>*z)3I+GFqWURG|;fS|Gr^w*W%KmjBktHamzsyk>XDn)>%#JZfl3KTH z2`u6%w8HDhs1H@a(O^7F-ku{WsK(`vPimy?VO4uM`b*3p4|Ms=&wsz)VPnOpgw&Ol z%K3-EAQyi5q0jK>yN}8a9=4x7v4xZtlC8D2v6uz?kmIOAf-jiVlU2_}+e98mW|DsP zqQNW){X!!@ltiP@N_wR7^YUxx{!^6SO&lMR_^G^{^Q+6VMYHZQXNA_pq{W-tmo_dA zHRLPI(q6TX7mGCn-}o}$P&BwfN936fkUJ^n^s-@vG>L=k;ks2A#=SGAoUr7@BF6M;o_UkWDfNlf@ieHiXkSXm9J+D%z~ z*!~9Q2aqygX4AEZ@1-^o>V2yxnq=8Ye8yR?uH8H>mN*#Qt(&Mf3AOo5`|$#g!B>y1 zrn# zTCEOvbTyg%Nkt%;eV{q8R?Dv)*%!OpHs1&Yi*AbceA+eKKvl#qT{I(LO|38A;_M$l z+s09^mI=lynM)Rd*7LpZWw07)OZ+`{ zI5tNBdxR$6{+!$1V`O_j^rjg)p?t}O+Byk>c+K&rr+(d3@DFM2L!q3XNt!ofih)Hz zI&jY0`9|_I*Cqw&6m43|MBV+vW%bEc!`Qx>zj9Mj$$}waA zGgoh?g6H_oRvU*#wA0A?G8~H8u>452`jmzQ{=YGx?8Qlh96Gz%OFXHVa4Ix5uDIl!4Zl z)z%p)8}PDvk2uGILmG|3)|(Xn_9tYN=|v<;oNe=Tnee~E_lG39zcqS18+zkUwEu62 z4C#^(uASS|XZiO>T(b}S!&igRJtF(p`6MFhlRvDwfg#PJf7T5D@!DbCOe8wm{~JOq zW+;H8qoXqv1RqiS1+P%Kn^gAlY>G}b|85&3J$xe}I?MQzhlTh+fv<$w-!KJfvZntWQ?*1{TF2+z-kn(MSF})z3)n9uLUk+J@|{d+ZG!oUp~} zkbn9IPhL(gj4^7Edm;0Y<`aJYtGtb^iI+99NC)~3u(tKSPEL(TZX z`CbkkwfTjFl>UG1z4u>J-_ka$D59XEAfR+9B3-0+r1##tARxVWLa~5S0th5RXwqxw zB}fsG8j5u3AcPVKNFbDi@`UHT&wV`a`{fUKKcB;Io2=|TYu4B}s5|OoNfB zdp-=}9rt`t5Lr)XT>2!!@Yd?dVxh0JbP+pX^{+nnd(H%W&9+rnZ7|8A7O$#GBbDl)sy`o>?k{EsMxKQj#v-e4Mv5tjj; z4!Q6vn58PZV!})AanBpy<8SMhq+@+a0ABoak5L8?;G*PoA@e_hw;$tBQYV z2Cs@A-R2)@YQK3ldB}+SMwe!)z#A#;e?LZ0fRKBxxH@Pp_W3q@`=}T1+QZVPqh%DV z)2pA8Q&P)5W{}b9InnpSXL7*}M*2JtLry839Fc*4tW#T$L)%ujxhnXU799z#1bHWu z?HmkDPQa=vnj^^(?9>TUswmSmSY{{3UB{ub=dKHNR#q-N!&@l3vr+?~5h&kVjlyLv zcdcR4+|Pljg@48=WGw(;0HtYk8AL$lJaj*~(SVo$R(Zh_^fzm;f`A3m;#XF%dP>@# z-!tr{>Fi4~JDsrebY(|6gu!>6P=mVM+@kt1$26;!Sl}|Js5e7}*}s7^mmOX@N^Jbb{@KXPUGK-yRCE5Ns^}G$7R$D3@qY6}j{v ztEd#)pySnf)!Te}Q;dg@10p$aY=Ljp;hrncKj=5Tlb=W3k-55P?Kk@7 z*+LE%40f!VFyJf`c1=Cz+&a#*9W%)Y$%oeKJ|w@p0l|C~6#jMg^NLjB@!aiPr>IV* zK>$lXF>H{OAk2L$*(uGPcY`K+-ydq(Eo}9r8E2W-W`+?xtc>ouct?NUBnT!sbZ&3J zVGLftN(O(LJ6kQwEFtGl z*6*k`f*dOlb_T6Ui|QEtd)+BTI{{BA3b<-mp4)3dV^G>uhtt|yb{PT>P<{!2q@cT1(wopFl3?I7~-)lRg{&DvcS`9PR9`=OdvVTlIwqd<{C8 zY4Nfz2^FoCLkJ8VhWb6k^)I$=*wbmz=bIWruGB5~f7yuuG&%V$(r9eU8ZtnhGpVgP z1i0N*MFiT1-C0~W<&;u61fuemG9>()2>_-X{N;5w4v^VaX}0q@_+q<5PNxqd;z)1J z`0H_y6b5_inU$>cvW4{D#~Q~vteYBFrafIMxH3}eQ`?3!rEQ8txBW{>{IgBp@w@7E zS`Jt&t<8Uv`qD=+v14C!{cd64gkObSe#jcp1a^BTF2z)1ubdDSp&Yh`^bV;}wHxn9 zBlBQ9*)cpFk|dxE|A_Y(_@3?);{su-tr6S#8_LivV)*_+0YGLKMPDov&7i9t+bd_i!&RD7Crvm^#2<3ZNwfmg) zg3iLppF`K+Fw=&7W7g;8ka1l$f8gjAb^Y+K%uE^YaW*MtlaBs*Lp@1NRmxO3DTz~jMM#^P?){LgGE0fNUYEVn5YJ(XR)$=u!IvfOHZK}IGH>jjPleHl_f4D#HI`~~vMJS@{Oxn)D;o?hu%v490cnBhp+WgPO$p_vJMuC)j)dWr&=7fJ;@cO?xPa!=R-uMq@5)**Tty~xQ+?__Jm`Za zzo;RbYMkW_3)9OrFK;r%nb9B;eRHdqvkktJugHct-G@Lz=l(L2<) z7{^@K59@{!!PQ%UjUVp=$p}ryT3ep;dcYFCD{)w3~NrC|gJ3#+zu&2@1e-Hv#gXs}uF zsgP>Fcg?bg<%{xcfjYoMhnX})J>N2*z3HwVl_y%NbV$!yeqJYW$k$0vI-ri2rPN1c zLN3*%i36(SIb{y3E0({zKV>mnoa`Hit$^rtqx$MCoqbeYGfrGP0*@`jd}4E{AVx#+ zBtoV1V}5FaV{m$kbSU5IhIpvucGyeCW4C()8;gX#QIS@yd%FtN@~F*ezK|iqM6D8% zIL*idOblXMIwQftQOr`D9qyC~P#WxQWv0}FJ0pY-c__o4F`n<2)(q-ataNq{>}bTe z@-_``r!zFR|Heu==yQ}Vn~mH+w7Pq4C%)^udHvqgdlCL(JgnCXAykIF($Mlm3SYbD z^tXGz`18X37x?g{iHU8ebCoBi85L;eFnhsgsCCWY#dV-$84~2+^xFoBaaQS|q2?lfrPh$(QWs4F^OHsaoJD*e{IG?p$!?Pz z;5EG-IQ?^iMS47^5q4Km3lL^j6H+J$>vq!YES!Rl*~OP;wqxV(pZ_*>)RIh+nlNIW zoOJTNtF}-%QChD*!KG!JgLY_8kScj88W5tIcJr%me!3wC#Bj18-A1xnw)N;m3ozn7 z;B-Q|mcwq%fhKOTR!pkR$GkOxLxirOnr9pyhO_OqJ6C7{d&Uv#?lenn_o>e|@A6_8 zk7sT z4s9rQ@Z0i6mnGs8sgXe=!0lQl;I_!>*9X(w3%?0lr1rpWFWi6Z>xZhhmZJqX->Rm( z^qYfZ_BB>d0GR<^-_~iHDn&J}a6$wJ1sMz}K?|)?f*2(s!s^&k0zqFdIDzC*&|<#j zM)VItgTc9R`YjS;#Vv+fxmzYaYNhrpzIL81MKEN3se0sbiufw~O^H-R0HT!8@U~Pwa-)6;K$oG%}aJ zPftm*d4RK?+EVmEHXWU8e(IfW0U3Uu=O`gL8v97Ym@B?_?~IP}mpq3#$rW=Ad!e zMeU)2*Hsddc zB@hN`Qeycj&Gc3L8i#)!wUhITA$;>LtJkPO z&>!DQBgsZBh;-=}d0?}o_1G|5gZTOv7wD>GE?by3#^+4#*S2$s?AfL-_MrDq_-vM^ zShnZ!M5&?^X^J-hN8|#1rEdgJhgu$YDo6^d;;1%}UWcYrbBWlfS;`i4`#$c>GiM~;Hc%9tgW8XNDpc-8J~dM?+P;F~rsH&6!ovyIB<+HKyt z2!Er9U~d1qpjV|QCXmjGbTo&_@?`MH`NnG=(p3HKAMN2M2W6Rxw)sISgl0gd zax~c{HAnswt+by4@R9IzYVMJ^1wn1DI9jA>`SXtM>xPgRDlE3Y=2#YgfN*hG;73o0 zf$`mp=S;MtdgPN6rj9EyV?k#23*I9+V(p&8%OiGPYZLG5BN$`I9-ki9AiMVQtPJTGRX)k%Ig_ZCGhAhViR`_E%_~X&TcLTQu?!Zl8K% zox>n%C4){;%MVlegYM1-=-yQIM1Y9RQ^xpWBGHL7ssUZDrm8?_=$uZ8&-tkQJ3K7;612M!2arvmh? z_7yy6Ul^Fw-@H1zbbrb@B=4}quJ#3qle=csTm!xqSDX(TBz-=(`Ygd_ctvMg%G+M% zuA*PAF3irgDT>vw2Zh3>yc-Q`NO5U}i5gjw_A{ zvm0K0h-)Z8FG!z_wj&J#B-uY$F|UK;C+ax9nK$a`*=k94wKBymz52SEw zEdSmU{W?K*TeFAA`4@`Zg&EJlcq(=-!YJuUen{8E@^+HfkaP;doCSmG`uYFxTIw7C z?ZK;h&dQ}2ThYp-6Gvhz`bUkK1ah3YP}Lbls-UEOOsPIY9lDOf`v-#x=6-^E#>aBD zQS2%@kj%HRqxh$+W5v@H!O5a;Zeb@^^W=rB%85L1ns<~&t!`(~f<|?D)%r?adFy@L z(rZb!l}nwiHI{~ENK$;@A%|oRlzOJ%g7hcmv{?n!>Y`Zh!YyNLOhE&}^Z@}1nW8I< zEgz~Du49!(Z`5!bK6*5l4}Eqcf1)SRUAR!xRhRxmqoS1fvM)ZZkSJ%Nxj)PXla$gz<&aAuLyqB$6 zZ2ZLP3{FuEP<;~PHLk`-&*gFU>10ojs^GeH5((ZB_Y(470ZWKJFOc;m4O$yXrsx`= zx%Fdyo8_K36F}v~%fz&aCxN?}U5#Yp@DZ|IR*7&fE}Rt-gj>*{V~OXc1+~UJrub9y zsMhORuGhQ`s6}b8m~mVI=H4NDtRGx1;23dOP3-7y#zH##p-_E*kB z!5~>Ik=!FYon0K~=#6V-lSVFjHl#|oeXLZcYA}USk#;lX9E8fg8MC84mh|fDo}0jK z?fpHzCAV-fkwO2!o8N%{VD7&}0wbm95h3WDJT4lI6>4T@n|1_mGh(UZ2o~gqx3asZ<(1)!R_wpX7)P2*#%H{L$8VG5sN|n^^{)(oxm8GW-M!5ni;VFO z0syE5EsNf1+X5+J)6?1Ct#nIEvw!v4KF%Yk>To31xw?i<O!C_sz z6*h}=05t6OX7#D9D_Zch*Yo51f$#p@@PTAvCik{dU5;e1irRObm$E@YJZf3}dZdG# ziPC2I1mgfXs9If`qfuu|(xvr}SLeRU*sch*+g*{}ZLcHYD+HX`fJKQnh%?gQ0(IJjHl zljN#UH;k=lYc13Iy2s^RbGE2wqiT;%hfwRXDR6A(T| zPJVqh3Az`}(Xa6*XM!9Z!v^f@c+25lu5*&mXBRwEV22)Xu1km7RTs@}#CPfzk8jTn zR2f+aMf?g#U7XtU!c~lo?u_YeV_xb;_BpS3rpVQ)#Qho97pcg>epx^G$$u|7>hQ2A z%&r-+<#)Q4_8wKfD43(ziCur3-jfMarhn zCc+V>%T6FvGDgb@HGHv=G~HexD^+c*P&ek$EZ*79b}zxUU4f&qbk(^cAtNy}b^19r zYS}n1w&yqWRCr97F-mb2j!$%du`L&?mZAy!!aR|5F7JSiVn(K zxArQDyh70Vbn#5og^y$4#5IR*&XJjR&a>a2z1FO?lf)CStwc?t^SF30iA=lrsytzS z-M88UEt<^PFvBJ$NsOw&{FJ>(Qmr}izL9SHpo>+lmCQ~t>730J=lV)|&{wXNPUQ<=eC{$m`xNC?5sB8H2aCZJ@}GRT%@H8( zh8wy*>U|TkGka|IWKwt?X9*?!3Ng(BQD)r_xUHrX|EMHW%!p?P9|#gZ!T0qU>>X1? zL+uB=M$YfROIxry1us48RHwc~Mw$-0lilpy?ABvlegr;k!5-D;D>Ce1)7GC?&>enP z4KvO$Y)Q+X>dG8N1h zbda+g%Xrk3tCg$mti9se&}7UBwh`Bo%A31kskK6I;A3RdRUyrAv5(;o70!NhvtQ`y zxWBDH(||ou?)pv32N!m)skZd*)YP9%W|<5fa$v7qh4}=ys3;|DI$^s?@ezd-H$TJr zdeYl2{t?5_S``d1Tv#COJ zMV6#*x}y6~1{!g@)>4Uj4z`8AVH732Ets?(@^gJn#38~u8u-JlOb#DJ_pek*e?rQg z-`|a@F_9OmDf_uI&o9NvVb@*G!PI1LQkUrfcqN}%^=lg(kAxplJHM(ibw7E|8>El9 z=5D3CVN?4>x89;~E-r^u+;H=-mP!?RO0{{)QRiEo+b$W8b2ELt?{&8qZc!YBvxo7F%bfu8gNC-+ zN5P{~{Q~ehdCE~;fRADcls>2+AFFMv6<2WlI1x@<$R+M$Z>*`*WzaJ{K@6)hk$#3b z?4l1BvAe&a<0!$@{<|9HrH4nrze?81wx#Jjl4C-h0)g}K@jdS29b|Q10QpvJKkuV@ zrP(V=B*s&3OU`v5s}iQQA7|-^*40q!m*i>{MF~5}Y0kLeQ$r6{vUsJ9a{;Yg2(Q88 zDrQ!D%!2wZd+W|XS=!t868HYt;B#^vZzFS*@mm<#Yhd_#9HlZKK2K2Lx7jCu=@pATTJ38jG|+;r@jg6GTkEj`G)pa$*-sP5Iq>vk)&xE1 zT$o@veJHERv%tSr(~s9OnMWpD>U8@Y~Ea#b=fJ zLgj;BzB-)*Avf)Cx{@LfCA?MqQjJ)Cul1ra(nVv>g19@-{g4h5&~KkA_F^faQtOS+ zp^xE?w_pQ@tv(OgpMU__mJ{QfQ3ske4!(WgmE!DFS2{R1U)90-cN@2b*}-tvmBEG^ z7!sT54zlqo`@NE&mJG$nl?Ci`0UFXCZwCy?)jOQjEA?C@^@y$;!xath5U_^W%ypCG zT<%Ywk+xMXM#XZnqYtw|kCyd979b|uOkAr?;kb)e9V$#l$P_MPNRVG$&pn~A=IT57 zdCsKoCcxdm+j2TMtlX z%yqtptX{uHEos$Y+J3fu$Xx2EeVj4FOjq=_`aIU+o4>B51eCW%p3vV&%(Ux0w+^Y= znBD@orz(Hx(EzD@m+EB8ALDXZ|Lm@P0% z^A46V0{MFQ^7#g1N&A1;ArJPW3^m=shyz3%I?g%nhjYh^V=W_LKM)nAMlqvTj<-zH z^Tnf$#K*SV9LF|yaXp|-s@@oXZV+qGn&U>$a_v^Xs7O)CDui?4{5$b+UtLf%$t}Va zt4zVo^!7-5(Ng>#$s>;{pt#KRrMY!)b(uPqxChrgjgPt9G!oKW!J`knWb%(cRDw6C zrqa2R3Y3YGI?y$mEu;x;`+=2FaL&x4;_oS3Zx!AfeN)yM5pH&2 zmv<{u@x&NtHf;k|f9}}wZ8jVZF%H*zGsbbaKa@$6(2!e`(u?wxtjNs`+i&n{+c}F#}PzJKpMz&xA1^lklYpvd_2SPg1Z=L8!~mrCG;5q zL`19>l%&jgeKUGp`Pnu=-^m<{*}(@lvSxh@%FC=QIqwVyK0z#U&Y>}b`|Z76D)S4- zK6u`M)#FKSXyP5$y6O@>${Vx{w8>%f-kNuf-GM}UvS|Myi)66=;^;=Z;LMPoE`o@_ zOJeLP=bah7IX~ey)M}-6KtdX3RB@bVt@=nbKf~}aA0vRn!6&Keb@q%3z0W3QD`@GR zK-d}e)PymI-~h?1AxS~>Z^$Y7m641XncprxWuVX9F!z(Op+2qqbL9yd%x0m%J32hY z+;*}^JXQa#`Gz^iK`L{3!$2H6e|PuBVF8Vq#-kiy>YhOf7wROJb?&O81eYXzdRU`h zh}um0#Kkf@?tZ?C-wlBhBPsCvBhG$lIMw=s`8oZJXoIADoDK(mq5>6^^+!?X!glM!ERQ#?KRh`#h1f>G@dkbJ}reB8S$O?dbytx z1{$kn-Je^4uRwW28An<-1g=r>!rP>R4Kvl}J9T-G&K4{cX9GFOqhyMa9bSL_m>lD2 zF|JO(BeV!2SHb9TTA3}aJk5c++Z_k0LS2jA0ZQmE+6B6SV)w$--w`zvylVGtr0&F!Opjr~L`%7y^d-;0MyM!LnMV;(nwem$hotH*##J))KgzqgINkK8 z!OKg(gy^=mz=JVHEU)tv*(;ushq>kpj2jlUdE2yacqogV2WV~|FL?(3d4*()P4(^V zLPYBnx_~skw(|ob@vO=mBOQLamZ(Y+VpI2?RylBN2*R$qdTJdCaSJnAHO;Qv36Zf3 zDb=Ds3IvCsJssK|Ys$-=1nAQeUZmV8*gIl99*&u-#ti2|2@3~&iTF=W6m$U(+nCD^ z_-kBBQL2JcXM4#`ST(k|lp9JbfnT$oXTS5(3xXe|EQp&waob%14+9>%1k=u8RFATYu}Lv}-M8B+7-G9SHh>XH)!tSOv&ZuBv?AoO^bR4d#Ew6KyyI1iJ|6Ojwa{Fp z?GP>v57W|j9Vos{n$uFR`Y;^D-cmZb7wfpcYOPD*f~e^RdC(xL(bm}~qn@|ZSn;M-@B;l5G{UdnkjGP$mRyn;L5DJY$}QM};Y!u- z*f)IfD&W`2eRr!Qty86n)7$FY4R!_l;*nadA2X>~- zI9*_{_vV2=n`-~t@H&}bKt5LmC%8!&=$azy_{to32Uxr>I|1)6VDH@SsPY#=4Gh-% z7Gwm!`Wi1bW4ekzx!LBy&uy6&kvy@huSs9>a3@Z4V1i4cr5xT*OyJ`ZcVw5EG#(&`l2Y|U7cY1wJ!M_SR|IQ9xlx*qXtA2S(R$tj( z(()4V9Zw=yi_aamb#4jF!c{y=ZnWd*tKnepsm9@Eijmo?KVu;K?4r6t8(MpQ+7 z!2z{YOCfl{0ryXWMyuin=m@gWy#0U8?_ZY>fcU!N?~a^KmoZg6NWl-tancmJ@y}1V z_mmc2HT-_maO}Zl132&l6voqCZvS&>Go!W$zC4Y9TEPi)LcbYy0f>Hr2a4mEVY7HU##MX%rcTuuO`3m&I4 zOLy*{Xz7_j0k?9U&ifE2-)5+F|1Ot5rh1yHFL!1HY3y2BTKaKcXlF1!5^>130ABEI z<7Fd~6Y_q3D`Mlm@oGha8E7y?+DgcXy0p)$xa|&?(-y&;zVP8N z0c-Z(%yoGWo;F_b?JKut`CqO4%hdkoHIQk?PboV7&1nAjOZ0z*0EAy}ZpY8~GO&Lh zvWV}5bmH}8zl?QH<{Q4xv5xi5#lboMY?aOUel%1*kKJDl5C8czV|>eIecsCp?#=)F z;D0W|!FU;4#`0Y*vA8Q&)$nEy5>UTPf_r~1WCS-Q|JB*?pYye5mkFQ#6nX0s39b-W z;$=M01y^69u0000K008(U0uK6D60&_82><|%YAz@!CoU+6FXv!uVs2#& z03a5goC>C0^0@`3xF8X z;Wt@qHqaXzKpUwh{uG$s9K;o<<2{Ih516_#I0zsgaU{F;goc4kazpbF8Ou6a10I0U z??@6UFh2gQT=hPgPs9Hf{(j<;I%6EpA);!n}kGaOwSOWswHTBxu&*RyUl0gX;>7-rI@V!QV}5m z6@Rbr(fHTMH=Pi2a+zb^zL|$$Lr`>p9xK>MT4V-n$s~e_h=-JVYDx0&;BPZvT3$Al zk@A7H`G!xkU#zpdCQ*!S{rU}Al&@to>Q>?SoD#>e)(0kFB9fyRoC&J%jHnygaAavt*mY#- zRdM9yK2~aRcqo+1AqV)-uYkOLz=Udw{Z?@hZa6?NK)0z)Bmi}O@I^p0bxGGQU8EyJ@I#b_g~8@ke$?Xs6$ zWd$?)(#bc|8g8xsymL43-g%KXQKeJ0iz^qyS-Ii7elkSexfuxqy2*Z=cfR*|0!d{Ifpt3*hcW`~A&rGR~_NVIK>{pl{q1U@o+G4SKups2SC7G21G>j?ZFn7!5EFK)8*8$q)APg)Z2;0VJjm#_g9c zJRl)Il^7u7UYV&Mc9{pP8bC?_q8#X-fap9(E3nQ!9y@q!5SU$LHZYoi$~>e^;FrD4 zQy|)Yd~{GE@PIgYOaW0QcK0aX0SIEEtZasd~@ z=CRr_@k49}j5C32!q|A9LzsJrVY%NG5f+6br$$Q{Pa=ZzYEGaTF~C{<3tV;4k8XU4)G4y?d}ei zhc1)M|>r&m4-jap$QRX^LMjAZU%+)C_InQCw{Qfn1#qd>q@@iFb z)pE6S)wdGzGV@~dn)W3I`3AxJ^uv}BKoSlTBN9ClRK>y)%MxVCHk2?Fi^Jyo9q!9@mD`?Uk|6e?@Q4m!oDG4n8|Jx(m%7~ZU3fZejmWfldPRTiRTS(iLvPv%s zCl#p`cq+Z+-{OJgd$sY!^)iM02l=Em<~8ifjxon9(@+^eNXld#(nhjW*=|nz+|){w zT9g`=J%4DbU8)JJajy8R{hv*)9@c?4pmAukrLti-Or74H&pL2BxVB(AOr3v>D(Jh@ z*QO*)C>`ZwC27TEi&_`8~HQ(K?6|(`31EH?FKDJ_m%hh*yi|ie?V|DW;benO2%c9z!tZr`D(@tt!<^ z*)6X1a`bhqeWn4M?V5Jgt(s3WgwhTf!gcdNVC{lONediZ@JNdt_AmpV*Ss>Rd6(Q({~ z>-@Dby+A!_-MbMP2yj^TFS?ds0s z+WI*A%)9R+Ikq`=?j&f|Q&)8-xM$iYO*c=sTsO2g!Z*t|`KJ)z%kR;z!>^w&wC~M- znm;ISF3*|2HLy8wt-rZHkU)k2N>D?vJfA*aIbU{QYA{G&de6*F?DhQ?3_%3pGb}_5 z9s|3b=UzWaT*+q1Rxw<$utY`H8`T=A8^41(1ecN0#COWBO7=2i^~1izzMw6|ZTR)< zuKDf;=@W4R$pev$j7F*}qbPky(n5-qWR&bi95>^b*ZQET=L~jHvScSipTY1tYLb!J z)MS>6ThboY@=raofP}!rchYQ?msV<1DTY0qrL)Osd!Ms}PxTWD5df@4DM!0dkO%%5~_ zSC`a20Xf3cap&o+G){78l{N$3HMnjAV}Zz*jdwATlKtFy|aK(sBW}ttsp81?WKlQJ^Q=;9uj}aXX;|AX^nT! zcxQR{`A%bq$&85R$W-K)Z{$}+?Qntcy2EFO)}sy8T}n4f4wd!l&8~Y(iqc1kbZ2$p zwG-t_WmTV+xAyy!`DOD;&OdB5Yb_~lDZS5sIA)zcCXy$iCOua|YioD9-nvIWAUNqS?J6qkYIh(XSJ=dOP zIo&v~FQGTpbq%!?>m%DL^;R0U?m9Po?7xd$VvlngxOJcJU!E@`w^uYSlr%eaEq^jN znq-t#eD&V_X99h|u;A2j*WJ_X+b+S`2s!RgYAJfRIWRq%j?y0L1xKS}Y}xsF`I5r7SKvFdQ0+$E(kVY*l)%xQksY-ka9Xm`%w|BW9y=sJS?osLXKLQhjP# zja4SU9>Py-n`Er7+TcC*7KZ&IPd2(XW^^2Soz5FBjuKU~YMHd0yEJyL=X~~ELw97I z*j$!$9XtN4o-M2`F&AG*wVJ-PU-+!hZiDyOKbZ_o*J#?eUT^03be_PT%tUssx$5pv zwy`?+jspz@E`&wFA650`)Yeb4ZgeyzPI+&UQL9nv24wsbLgJAc~N_HKY7fqm#e>Bjb`KdBsCZM#0- zXoM7m;KH0h$9BE-x2z#6&C%BcR;w}`AAOi601_;vxlLqiYh>3}@!om4!z>4UG;&ZHd+$5tB zY8&0rCoPF_fqbq1gi74AWP4m5O#i!3fUpx&cLV@HCHd$3OI(5Y_U{@Z+gwS_NljXc z!_d~6M&HQRz?jC(+U_qJ0D#Ml9a9JI8quC6q$j5M|m zrnL0z?Ci93473ak)PE7wj_x*2`fk)Vjzs^X+Hl$ zNcfMT|9t+(Ph&Up|5~zf{NJ$t21xtQ2rWGg9qoT~|D|&MBju1YcQdw96Ee3pwsHJx zgNK=wjq6|d|KG@eE&d;-`hS^>3@rbb`F}?Km&rx@PXPZXp#RC%zodWD#RJJj`=8YF zKu*7FApijI0f-CnE4lr;%!bfXQvMkAJ>4ZICocnT3&c83fU+r9(=RSb$?&zNXVjch zy|Ql9k@jv>s8pqFbQqsnXsu#pZeEa(pk8s%?T3+<=U+n;ed9f`aWpmd!@%BU_X_d6 zR?mIlKH2`*Y}C$GB$Gwy%SrztJ=YcosrUc_k$`^!=V-;7%u0x@llVE!<1{hZv#Q45 zEmob@kJP7p{ZMAQ<%D=uO*BSmfJmqE*&m8QxCf7?@`=z?ft@j84VksJT@OF)SR5Ms z5%B6`e|`HX+zrub0mLXBS>VqgE)0?;tCS_dGcq+MVBm&!)a=>AC*)-OMcN0P27sgo zSc6!0NT>Heet2j^IT0|2K1L2UUa)3N8~KxvtBif*Pg5*zp1Sn9WEEX?sU@sFS4`Tl z>|+$)1Tn0ez~6Q@P$r+8r;w54B0g>Xt2#cD`r$#|IPQL#f-Qz2|5gE6T!%d_33M3E zJfdlh?mtFJ$n?nVmKg0fti{xysLz*SNr(BDQ-fOa9&Ny_1sX4a5#T(P4Hq_oAEL3u z#3%WF6<0qoK)mdy?aqj?-;sP;CUPYV;4>&1CEhC|l8{Lni)B&rA_z51A_&b&OPn*~ z7dVC=UFa}k=92n^V>R36CG3(l#2LjiKIJC@?wL*R#2^+;cm}>|OOA`Y)R{$)A{q|< zPdcRhAd-Uo428>dyz>;9YO>j2ck(onLf_{~3QGVeT%aJvq|wjv)`i)2*OQr$<$x30%}-_fG@nTc@(XO?0Zh$V@C&zjCbk?zP(mz|F>_!-{8B6N4F+ zHiW-B>IiGZ1dB)(jQ(4|n<7%YO942Wd7%h351fUw-pB$a}*+}!~g z5s%eKGWIn`$N2b!h$YUCyu8`1gjUU;2PUKsz(Z_Naa~^O zPOmh)yQIk}YjTRee>cBvo^nK*a6@+FWHa`b{fT`b(0do_l$HW9Mx-sshL}`DS8`H7 z0djiN{E-}T;JQAyE>o+w_Ynz|*c*1KJm7q&HX$c>Lf#H3B*wtNiS%x;*ozC}oBX=+ z;1`L)O!UvcyFghTu$D>?v4AO(y!)4i-V4nVL|Kf*@@HA-7+P6XRGoGyJIhLq_~bQh z@#4?{ERKD*tuLQc3=K@8J7hAF>Vj4VuRPfpfG=;x3b98W)gj}*pc%W0rIa-*coKv9 z(Gr3j#74OT_lLH(8_B%pfF8_BPY;DUgh0PlQ#|Wy7U8qQJ$8l=-z>}7Pn9bvMS`ID zgLKcvRDZ*>A^p2k=?L|mtj-%+_y$cHyk)TmN_;#IoV?1P*SCQi&0*u{TP)?_#&(dK ztz)yUHwp6xW-{fH9032;T?5H|6eJ(xk)6PJssca20>JB)Lk1Sw^Qev?wnbX&PWl-& z&FyP>+*(a_hZk>0i!(_$f?@*3?>eV8Q|w0R0CwUl+L?~8O|rLh`FAC4Fn{G1ipHX< zBXpQAIE?&T{I{dp5&bfjnvAA!Q20MWaw1@8STe5Ec)+@}|0|~Xb&c?whCOEVzs<)T zP{uWd=Arli@ZS^b@67Lm_zQFZ4DJ3`%l=1$|Gl&yO8&ieuNKF@^Yaf17t`_oi}DPb zaQ$*P`w#OM8E~8E7zFmS!M{4nKiB01>o38OclW4!Z5bMz|LrutNOwVi6%-Y_`5+s? zLnKpa(q~sk{^KUyFF3?o7U8jzp>U+nYI-;oHnQpe47$<&5>!w~c##-Qp#M+Hm+A`y z_F7n6Y!@91^kX;wuhX6ougGzCI(KRe|B?AYxWxe65FN6&WHJ2Log-j1g!_9)gS-ER zGK-)mJmzS{Zu}o=-y}pG;o%X=(Efi-=MeQp#GR}d5r%9^KcwN#%_JGbG0B zsX35V{ILovBkdQC(e*%Ru(R5cH_E6ekgp^M#*m~noheTOKP*0&I%{mpuq=RvDZ|AM z0Nv|1GCaWig>=d&M~A>u=nL=}Ej7bzgIz%mJYiKi!P|~0_yH&2(Q2&Lc&oo;r*Izd z=vJlvP5sB_8|dz2!QT%ch}kBV9}ar>i@PwwU2&p6KX=98XdUMD!iY<|D#=96Q0S!_ zD-d)uGGqpL!H8M^>#_fol^Q4VrE1{78i*P1BxQf3QR+!!fraYB2TrayqBzteB{z1r z<%_<~l6zU0J)_R@=wvmSU%uLFNiib)S1hcMTDaz_`4sjmx=%!J*qE#=nlFvi_F*XI2R)u*W;Av|IrMr|zLmI8b| z{tLWGR4&v63PJtB-TR!TB*DtUcme(kdh!)cxz(4B4;m1WRtNbOaTbK93U%M-lau#a z8a#9c-7jy=<(4~&ioy8g+EkBBii)UV7~iK;5idGh62ylkWC6N6-X9SqXT0V7DZK9b zZ<|9M{?BExbZMlXAZ>HQG}YTqw^ffpp*H9$$@;Sastv+ zjX(sJ5(@>8jcx|rx)G6?0UdL1B7cY5qjOrvhe1-|MS^LH>Ms`Q+`H%hFy5Zo{lx^P zo^VC|QKmh(fFm8Bz$n))ww> zWgljT1QKZybk5{UAFDz#Ik4z(gFW}OQJMm1f@(y1&?2??V6VW)B);M(y7Y)WXOCHu zSd}-r66w$1@r~z>+L|v^@&ve?JQ!=nzk>JSChk2KdAWk7|83Gy!qei2BW(CWh*+jD zbbAe+lUT=J3LLC=8dN&hsLZW2(-}7X^94-VG7J+@A+*{nCdxvf5)qx7us7^Vs8^Wy}Y^5u@~OQmsrFL-yjE<4?gDoZ8! z8zz4_;m{L2Hs&<;dm5A=X68Ug-EZr_vmj7+Z#lEYl_Y1bDHUQhlLgEg@X!s8`-`{- z-H{Vlo%lU>|91VJdzGm^F{$u1)%zT+i~GeBo3kBZviO>6da}H@?JkQn0(!_cHZfpm z>J7Tm*?}Wg^oY$@sXXwPT9*wnul;myX>PuunvyEhoau zlR(^;p3a_!#|PX53h!XirHfRoSBATc<@ZlsKO^Zc?7J%cC7BFcDa@Spn76_?!ru`$jL@ zts(26cKZ$vH?V8072KF^d=LedFqC9X%#`&qM)RJhIt>dE*x87(BCPnn3V2PXK40R-^4YC zVF4I&luZa3%nlC#><3`+3aVhq(rf zY{*rEPHWdC4|lxwfU?&nF^<~3f0BSZg;+GtwYf8XI16_vES8VPoD+s&^5fFW&e7M( zm*QryLZy1#Q$0)!1|u6QNa{h`s3zl6$MI^kmd8dL(4^JVTl@xBqQPem1pI8C^N0*5 z)hRVafY8=-UNvz-kXA2ei?_p0WjK5`P<3hULYB?#$%x8mHM4c#F5|hUkF8-ugcNp7sm7IauiG9ce|OI|K&4h_cOzTB|n7N}Ii=sF>(t#95m?tfbIV zCpDMiX;wY)_M5Y0aDU3i5H@ z*u3C4qG@Sh^E6|q9*a5Nm|fHb2f`~t~QWM2FQmw16?O3C>6UXtT{>LfxasVF~3P-1vXGy26bTz;vHdSu2R89 z3Jf+1$mwxP&CeVSzMP;ni8l@EEM}doELNZ@BrGu$d{ct2E?UK4N6L66)VxqtdU+u1 z&EM^wuSTv7@A}7F5>EVWOZU7HC<qN<|Q-R8t)228AybCN|i-9?j*ae7@?OlnKPh^NWi_P)l=N}z$#j>3nDT6G2* zme2c&P*K1ygV0KN{7qbrQL?vN0B^iH!j-@+k-|1Um_~&yO}E^S)2m-^uZqR$qNCzm z1aCK2c{FA>%A;))KMN`a(_GS8^s0nE+B|Ntx*oSd*EV8$_x0_`$GC!4$fg6!23)*9 z2!B$aT-?D#o`xe2K=W$?IoFqisMTJFB`%eQ7mpTf#w5`<$P`WhvEOV+r3Fg*MqExe zn1L=1jE0v9;Q{Aw)=uc_uBcOHCerKG4Oh1boCNdSPwbQ1SZ=2WJS<8VfPEFJMS7oj zIKVV_YVU6sqtNO!5_kafGPBs2V9dkAkkUg7E0hw2N)lqXz=& zwVjO%x=aa5-#VZtai zyG5R?3w9ouAbQ%LxF|cWe}q@M%^Lmd(;lAXz?T)KI5VCHw92WU+#lt&w7%G%SKC=v zE#Z)}e_s>+p?(FZd|5RYI>bTXgggjwNxtW3cz1roB@{;fNvL;vk5rRjX~rH{cKj^$tcZI+RoGACO~gK z$Ah|+sVV#CMffTXAd82e)^LS(e{9_2bdC+)+%y(H{TNPx=@nFo3}hjuJwCE%$Ou_3 zuWvnxrW^SPMeSHKU8kesT{&U7obGmIHwS|2^(!*=CvN*2auieFxiCNk#43JET9*_%FGN%UNl<{H1man7HiE}WwXN~_Sn#i?jgnwq$?Xpr-x zs+U|1aXS9lAmf0>f)J8!p|7{{v<+`NI;!i7chjXV5m3k)`4KqcpNFh(TE+d zrE)D>x>74v4448a+I;q6#JWIosB%y_C$WtUMl@;)%M5YG>j{~4)%`R4G&)!QK=1qQ zcRs$?&qrY5a=X)Sz&Ua4%Y_rc5w1nA<6Pv7oqLj5Ew~^kx}#Uh+i9VZpdm z8sOZR)2I|cWt2*0RVzCd$58gCEAvgq>D3QpG{91vEl*36@b<3T)Hpxsr`f@EH!d&v8H0!#!^={Fku?4eG za{YrcrpSyHo7!LFi7svHUPThh(z?8g%}A#`0J~X(>M;xO z@Z@+uYgiRx5pd(%^OKcazil zYYl{&G_UCK37n2#);@cIB&B=Qviz=P3(UN{9MsGH$Rdfu_b%T0n&&Kc>DqA9AzMZ- za;pgfsYrKJw{MRz{ikZ2H>mFjMgM`x9{aM4OepNIc(1S%P)^;Y?UeT_3bU-ZB!^c2 zsNr?O+wfF>*L<~Em02r~pWsLTj&Bm)DU*0d>2t_wtpB3vF3tHlGdU|DlC_vY*?H`e zH5B~^RxB4y@G8sP4!d4MLID(R|CV#(F+z%d!v;1JWKkYeLe~ z5*tAQ8(kp^Zt?y6PQ77V>b0;{vb!n2m<79BiVJKX4USNoOY;N)0?8tf;?_?_wa;sg zY5rW(_4F&X`)7l8Q&N5A6dRk^dTs#e7@BmZG0k`n(X&ZQN3Pk6uz6-yc%dQ72k!|Wr>P7Nn^06 zR#3QkSZKYlCX;9icz-yedl0BEM~PPAWCrhI5x9%=nG{i_J-&~DG9IZcNi})Yqc)Op zF)4moSU#W2(rF7#G_HFPhCnYMXM|+m@PRjr#_#7(d&Vu7#tUz>@eTGw;0D>$S6`LX z&NA8$ma0{|7@SR7ON`ds@D#I9wSFl#rsQWYIiiU;3INudk~zm8UJd3$y_HpxpS7P% zMZ}Qn-tT{5IEnUrByd=y#xJ(Lug+N zpdTKq`+Cp>H-)|`=k|4h(*YKear?tIiKe6LaCW)^ZGYG$ZyvkS^pALQ=AHDZ(jDLe zImA>Kpv6-wjEDAo+B((959_l(KDq9XlB^18Hy5CRHkG_x$Hx|!Dv=+#;-Kxf9%Rz8 z?pNGOY(?Ap+WO0L zpv6!^bqz*AgP5SAK>R`lys7tj6kE3$<5P~Z4AhHq9)Io0a%@I{nSq^;1oQVp$~HcM z{Mspk!XD}#d5F)FD4$1-cktjSE3h;edH4bsfVUu(fQp11l27Ib{JT`7;*99-(cZbH z&b;D-RTT8)HsKQQ@{r!UsP4f@u5aI`xolaClW0zGORSf~L)H}O$C6HDvJJhg)Zoem ztHIX_-n?8K`=)2?W{B*|Z?wdxlLpfqDP z{^XwoxEvYdzWNjD!D<<*)1gnHji3F5-Ltap$|?2TTC*7f;DpVAaA4THK8Oc)MA_xu zIwOJUzS=k|MgMl{qrGk<%^9U=Ug4#_+N&vlB~V~r$x!6#GD*nwc9q1W! zd3+NTnvOR|O*CjOBO9kOnlga=Qbm5Xhs`1;_=m8T53|DyBAbLnEDKAnmb%$|tNVNR z&Pd~u?*;R>=$3}XkA!znXefRjO>*HJ*tGj+!*!8ZRusaEbe10{@n4qe2zC6{?b4!m z{yFiuuT@}=tU^$NG&eN%rlNd6kR-E^Q!marpN&k$)gMOo@^CggD&=rn9wze@)P7}c zB{Z*!e3vT#aR@|;SEc9RdI@9ddI=|;aAaaz2AY(qOd%I(R6N~>HhZmrB2LcOwCl}{ z^qc0$PV+@x-65`4EvOc^lMgdP(^DxZyGH8uwmnU@oF_^hPY?3zt_NH$MrVQsneRLp z41;MTHTSWqxwKSIK*klk!IEG_`p4}~yPLVvdOJlHmabxpl)lrookh+tOVW#13FCc^ z+acARy&StI23jtkb)NI^gn(fDXO|~)1Ku1r${(})(Tsq(kG0hKEqxvN)1BfRVF4ax ztOCKXedGm9gg=fBfEQ*FX>MSROy#RxIw?$bA6pC9aFRa*GXis>>A*E`7z=gv4jG}7 z>F0?oa33v`?%|ndao;$P^2nVC^gpIGw2ppULpREuNQ85x-fU9t?qiEzHL9@#+7;i) zU2vt2%V0!uor8tw!rf2_+^J3+bT}6|y$OJ^7&}TL$B;$V9aL|8nXF^|c8z$s^GeTi* zWEfw_g`kHxXbkSR4Rz*N;LBYBi>BmENJ}+2)kyTBRdK$ zgdTES%>b{tlZe+USuNq7&eraxrWXZ>*`gn>fe-}(z zYoynZVlOYaE*I=bM040PJ5KlCrlRJdrxY}WelD8ijJUw9ruTvbJ-ZWPe+pAB- zv>Haa93v>BHV&X192iT)!B@&{DWUXK;lMQA6D9Vlx?n@r<&7NlY37KMz-51Z zm~5TD+AHtiBdR;!^@5ICAeB7*>>AbpDpW<&Bc=`(YPMjB?yH^WevKogsy(AjwR{RO zbmOW>B=*wVC^cU_gb?p9H(|b}+GaB#^A0kf{G*ov(CbC=?DGiULB0XSM%8`Bq+|P> zcZegrf!+0^$LJ`h`(yxCfwkO9+1To)x!qwBc?s_fwhpYJ^ZFjg6bN@=I^)N{Kms!l zZEMNyWQ@Q=jNLyGK?CJ_L|kNC^o-B+!D%DRUfODo)cUbmZh>%|7Q7C)k(blFFB~sb z=Y0#cVpVP5DrDyOwd5^`DZ$Mdj=D{%rJ~9+e;M0O%VW7`=}Gt^B+Oh@;_i&|Kp2CQ zY31{pDBF8tUMbIcZy66+9~87wZ(eDUl%l=9Fx(R;vuJlLfZ7qdq|{wxsI=jMdh#qY z)oRggD;>1L)XLv2TdY|y7mo}?f5&}uD2}OBpVd|oGA;fJvNP5J>`XqScRcykq));e z#Re*}B@+?Wbx*JVAY<)Db<_tdZGW@a-OdxC?WvRTHcY~9!!t6n22;XLn#(4rDi4M3 zojG^hC_)?tMZ9OLU}HGnEYNWF6WR#2sNJ;&eU7C)qe0 zN0H{9dtk{ARn~|OM0Fu`a^zwuzb>d#l5Q$ADfiJJXKR-^lYRApGQV6jSu43x0&6I$ zKnt_~lknMiKg7-FjS*M4WU1s9+vw5CR6KkTD>%NSNc0jN)Os0Z(u%x0hUZI^oY0x$ z0veiVk>@Ur!9%Y?`w>w3{K_;R7$)r*g+}LNVKN!N8Mp{!Lq0%h=T_&7PJp|fCjro? z61d!dfX*(9z2r+Y3{!;%SL^+^35AUF2AKW|ZSU?Vp6^hs)2Hzlsdbs*+iLKuJ>#1- zPgS=TN>Lh__)GZJX%p-VRc?8;7s4P8EeeZ}A+B))a$B0ICyP~rVaQMc))lcfw&9Py zH7`kYcRi^Ehr;P;h{-i4b7|o)Gbelf(cY)>1*?KaiDj{ub_e0Cv|U1+Vr?1u=tNY0 zMocNE?hQ71ZbP1O^B#oK6G~_8Ds$=2dUZP-j%#nrgp8vS6;Dyv=9ad*zr=PvbZq+V zimgCDk)VWrX)j_$oIr=1uk zEO)aY1`E_>1WQNwkHH79Gu!%dq0Li!w!oGU8P2SSelR5(Ns3acF7v~>Z>CYDQvDT0 z1H@rMAOzW2W@trwv9hW{z>s7quZELZ{0&d=pB?TQ3*{U)uaDYIHXIw*a{-tmYxLi2(}VVOyvGCe zi!%kNJG58eG;?*je%UzDP!6>#58>~Y`*m85w zH_d9$AP01HRw$+Hpa;qX=A88_8}(*^uE4>v8cwVvwDrOr|RQC^R?1zw(iS zV?Rd}-J)ZvD+DjXUXP$2r5#+UMYxWFSxgw??L=r?CXpNgA94X<83`|S$3&gg@-MNC zt@ALmkk8gYbj9OGecC^>S(I=?vPN~6uLmm_r*64gGar!QMykJYB7F*4<@u~3$^E0^ z2f|``EGJ%$iWwYMrl-(#pIrodjzhb@dlZirr_k7y{&UzP7ZiTcR=X9$EKP4X0i|xoUCRs5# zL2GmTgev@YLdeaZc|UUom!YqS#fX|kl68faS7loYPlI$vswtMo<`;O)+5XAoz_I6J zI20|(5&5I+QT`@Eb}TbPf#u6hC-m5stNa{`Q7p8U-QbnOj~t&|d}=-fs*&Aw_?rX) zymv|)+7RccxATZ& zB9@{i*i!cteo6L)v#PTd{#j8_@|YX_ZHu=6me7tM5?d){nL@fYSHniMX+QCZSkbQ6 zY>DOe#ZZafoI;obuKH73ud`)|xI%|C+6?hp+SW$hITR|NJ^kv<7bg|lB2e_@)I`DA zy-8l{55xr*>S3Y^Tp`<5gpN1<63P?1S33IQ9h8imqKvp4B>WCVI9x8X2hKXjR2Cst zy&2ehTE70&LXzQ!^ZuPA@%*NG?Hh1r_DDnib)GJE$u4~;q%efq?kEh63GsnkuHkLiqT zL_XpUaDmDIZ%ppoJzLV<0xF~jryLo9gSbA}-nR{OaoF>ztUfoj zW{#^b*u{2&G^VeI$`FX?42HPDTMOkhM4$y~(Tl0cYDTKySjV@Y4CiKs9o~Rh2CO4! z(okPeS~k+TeB3vFZrPXru7@jcFCZR(WTddHw*<{u!#NR3sgmSQmcoVsTmPgAuh-io za`A?F7;b1#thKKluaHgNv-5D)PD?ssi`)~y@Lw5jv_I8J?-pM45DQOxmuL*Stm8_$ zhxUw!SUci6;)eQs33HzPsgE~d)pUrr-|{-1QXx51X+q10qZ7ZVx5+(X6k{{RE;a`; z4UU#dMm19y<%jFRE|~ktFjF_Rf3A>N!Ir)(tEG@U%<`eZSd!PUk!rs}KxAHWxed&d zO_fZ3+WtZSe}9MjEcE4k_xP~)`d+Z>LL_sa2OT+>Q*U)3znFtuQuL5IeRy2Wd(>gB0{+9Q?MSZI3BJ|Ms6D2&?7y0Ua zEY?(s7WH@-sK(;l6cHVgzddlEy8jOMLJWgX;_!6pQejH}cS&8Z;w~mMw4O^WEt!HQol`1x zTtsE&ZmZ_P^?ZeNqro9K2&ycYk+0rXadh^%sW;8rt-Z#Ke!5tijHTd29lnlpU4Zq9 zs;(}z9fnq7bZ{pBlE;4Ko|Nu|Y?M z{=_G{sj!8{o^E>g5D~ntU{?<)dIh)MY!`EEbIAlbn7lVZfFyeGqKYc{Mr`YaSGkeq z3OpnJilAs_D6*z@T~Q5Dq}JkfkIC>6Gmw{K4R1CzSl;V9Fq%tw z`MIwgh06%v8nPmEy}bB(78whlS|%a76SHOLgNQCF5;Ic1Ymjk-9Xu zzk2(u2CNX9p+gcCb0rs)zls0olZUgP0)E7a5n0+5F(itY_>xb5M0htht5$TCqJ!sM z?Li)x=~_fhIQ4-V9_!U?QD&w>Ed20XR2Gi07y)s%z8vBn+0RI4nz!s+B4THUoU3g= zj$SDdC|s~eW;=^GrK<`9H_B8j&8c|1LQ7dUphZtZqUx4M_lTi}=UG(U{7`ovy%P8Q zigdczf$;l?^dPob@-Die6dA^=(33GandgY9>dS%I%huMff|&?@xlae3*$e&}^Up8N zo=;7O)%Ul|u`ryNPR>OglSh)*A)sD8=S_NZQxk-|wd`!1XORjD4qlb~ZNvJ)rnCY* zfq|OpG4plEXhF*Y2Y#NKEZ#`PCC)1EXdPmggWujQ#gG}osQ2c0Cm5d5w(W93*xEMV z(xLMX*TScTW?YJRmm%dWr-ipq0ix8;Rr9n6XpGSf$fj)1d|3foyzGN>(O ztu6bzMK-85#qRrM*am?$zE#@6#?qkUlQSz)g0k;x8NXiL2Ol_$Lu|siM-Mtvc}Kq* zgHS=FyxUT7N}3dIs$txkODp)o<48|S0Ou*A-9aO7sVgYNIK!eRy4zfT%sLZ`{%(gV z;Z7=k6vuEo$&P+*WEjz#0VA>s(QaZT`KY(jF0WSWmA#7Gzz;3F`qs|4w8*SDHc-VC zMFS`&EBs~#r0uTPQgJf#&4@L%Szb_}{_}T7f({y-;-(?8Dp%Yhto4xA`x^Q=4Elp# z)u#4#Hy~7!yIfJiZu@A5S-*Dx=fN9+@4mFLZ>IANjmYE+nOL_W>BDme^0tGjHTAD- zI{i>Tq+;Y>t)64rGvZ^QA;eM3Y+&rTWJo( z5Q|HgqtijiPFX$5AvyXbS&cAjFpri+UCBT6R8c&g{6yNc7Hy~0N})Uy%`uODEi4A#X|E_7Y*vdyp`^(#g)}2C z$=!p`RXMT}5eHdWe=3!kM6U?`zUUhE70DAwNYOi#c-*;mux2^{9@(OoC(KzPULx{A z&rF~iG9yrcHzF9CSZ6S6O!3~Y+dHzyHYuwD9(ykDZLhmgAiewNfm|*K%3>Y%DWPRI z3wW2qJMaphCc9ypwoQk7v&~K>$2T)K07+a#Xkn6H9Z%!;#XXRWswajSJL^@^+mqA~ zIZ6$$5R4lJZ|*0OU?ztrQn`%|hCoZlJ1}IuYvqB|MQfCmQ^(;PL)G`xliRz)oQK~C zP(7JD?Xi?xDBM%I0`KZ%q#c(v%JtGy(l|kd{@hgeYNG`Ws9bGAbU3E}FjlPoQ;{0h zkqjZh2&4-5%#r^x8P6V^e3_+A*6JokW(CNzJqs3_moeW{1_WOx_h zb*8PfkW|oDsGZQuUK+h=6oYSA&){QvyJ^X6(5Th(mHE<%{bO})ge$o2mzxszJPuCn z_T|IUq?^JAaxe`fjJwE-CnVlngOjLgLw5z@AYXG}vWT#i^Ymnv+n1VD1{0>de@oBE zd-m<)(#w2n94;=ew)1-GU{6{cXaC2^?o!rW*2jxNv3Hs-t$8npccg1jU&;M7PxKQEG3XH~npItn7!~t{H~7kb0%~^wZLLCFK1{+bO10R>@3qK+d5CWiOvt zD2s{B=@ikUrHc|>U?xy4sTG+KZn-y%R2$ z8|X5AsYs;8Q+M?daA?~Qmc0}k9rypo-djc0-89{Ufe_r?-Q5Z95Zv7@xVs+QB?NbO zcXx;2?(XgmbMk!O|9RhwxtcXsv*xzf>ONi7zpn1Cy=xz_ELO9H!YH*+@&}g^sjeMN zCP1D|@_CxO{S37aZh_LKem;b*!pqNytUSI#CSSfZc^G!q99o4NK{+D9>m$)pz`Ef+8 zMh|2i@B4m%18B(cF=QyFII6tlNK$A`1Odt3iWJ?vLIu(3EXF`CxC$uWJWh^O+Y2Nt ztYG%Mh@ILjrR;aTR8MqFWdE0_uXGP`RI-}5A;6l0OLBQXaw$(&(Q2oExz7T}C|meB zGo}-q%>RJ+5q;W(gViKA?4EAYn^t_;)=W6}c# zDnD;l23vI0&RoXtC-1BH#s+w08)dEM? ziElT4>$K;diNLS(A25r+*!+aZEiK$x)nG8N7WzixQ-aC?%lk5vEu3~x43L7fP-fH9 zEL?-l*KPLQ75^OE1X%TT-mV!+6-fS1DT^-*m{+S)7`+`)x_CgO7XT06!hlu`-(CG# znxA$LqD{#qC&1L`Sn0fgu}JkDMs8yBf|bX!RhE#|<4dNO8zWZ}WQfMSJw87J8B`lP zAm-a`SC9Ll;BwOc>{A};?s?B9@qyv4M5*Jk@Lwaw4onPRdEF|B*;WU(_UY9zUl1-r zS#TEh^@#9bHQYH7l|@Y!Ef57iHIS&?9giZ_4!Z)Ae~e}Rp;dH{B~9-QVzo%_^nrwh z6p;U+6Sx2$+@;XD7TL3X#Ak*&@qPzKb4^wSDeL$5*X4;pb#ov~$cDLYzFiP}rg)5s zQ-BFU$o0FO?1xqPU>hY}I3xdV?-$l!GIhC-ukfO!_nQJyuh!?mHqS^VPhYu4LHGU+ z!JY1O9oTpr^zr_>9lg3r@_pacYk)UppaSH73T5nYK&li2*HlZPe@#`43+F4g&HxfS z-O)d;UkvKYQzIL2c4@xg$)VS`mL8b zRBc2O-alm`1+u^@9ArX->}P`Br&l#`)dkM{q^o0eL~QWu$nnw9{0o043SMyQX;NkU zq?Sa0#P1%KPf$c`%?vQ)AXJBh_Q=xoi=Rb>rz1v3TO3Tv)Be&U_Lvfq@=#@KaXTKS zD^BBql8Z16_PJ^^mST4m64uJp*5nhn;XIe+u8HALZcKg-d63^k_=8d=orD|Gm7dJb zl$+U6$YG5(-#J>rQ?3q+7z{psmJMkNF#K^lv=1b~%IdsA4s?y#o-~lZj5bq@A@9Pb zy*4T6H`+}iF!)#zIygJR5iw(sPG`jJ&}5q-pDo=eY^TlFmhIopuvZtNi9G4&3;u9* z5jj1Gg;YH#s`t6F{&N}owT`k=U=Uy0TX#_@Cq6I7mb%m9p0nJUIYx93Pw+Vs&z?au z7-F?N5ZUDIJdG^*)tU&UQYs(=x>PwjHu=h~{F)u`SQmVB-gwv(Wgs&@Z}p6J+T2yw%yC)eq=Nv=qODkTxz z?lXRS_`wHjYj={xAU4c*B;*Z$pQzZoS$ij+YXgy!H?lGSB(XKFqkISto3}WPxOL!* z21PbMLSO&mVYY3Aen(!APJGR!l5MuyXGJoXMd@xxRAQ0ok_My-HpTQ~PSg$TB-c%b zxSHocXEP+jAiIMi_18DyxyHuul@%UGol_%oXL*#0;@g`>tj!sAv{n_HpXXSG@nf3O zP5TUrq$XAe6p4#b@>jQJ3B~H7ri|dk?Xj}tGSGxYv1S7c;qqSw|GYs8uZ}tHIrW&7 z^$StSP}noYNBQM?iP7yki=DWDy9C?16!^NTOQ1ZOgR(H9ZdiPKE+tFFB)#saQxB!yMsi0 z4O8p-`?oB{s6M+XdPD#<9K{NN(vKJ#JUS)s28qIUb3=IOl1{B@#@|dTtSwZ;hCN9C~Xp3bvnx1Jkscc*#=_ z^95#A^-b;hUDaOCO-uH~-+Fpv5T_flZklXob9;22<5u__uTd*x3UI^v-X1rG4!~M^ zzye(ct4)XW&74T+E}P|ahbF^XhR0=k3X~R5Ui+?geg}oZ6~U-tDnU2;G$C(RynjtP znyZ?qaN7!-4oyIP)`v~41y#`{h;CWn?NBuS_@}h(7gRifXtA;dD~wiBd)P4zZAj3} zY?IM|_KWul#3h5bM5;8-nm6VPM0t-Ux1`Wn89_=yb~%aLXOMkj8*kC&fV-j>`z*eo zhvUcUP%--C3Z^YL- z{;o)?p{?SP#-CRvRsiEfm_CsUgF{X8H9TtM4jUy8Lg}KbG|Sz}0d&LN_JX6mRp>N~ zKRrJywB%&y@hmZ92UeRd$FqcxyPTa@`afC#Lpw#SQsF;m$;H~A zEAR@U_fGhYq6@)HGQ#_S2XeLc7rPJK4g4+;{;2dQS9}XOrpTk$$&n|YTdBlt5u*Po zbVmh!tEeGn4eCndG0Fqe5Ru#T9f_D9Qh-pk^%LZk%X$1=Eb+==R`b}+aH-As=>sdk;86+HFZBgcS)2; zJkem=PawKHQ=otjNfXI+xjS(3l>9~S4b5_z_Ffy1!^hP){mfZic>dWd1m%DjdBE64 z^2xXc2wAg)vN)_Ok0 z9U>c}|2StV1td=-Rs3^HmIB=P~<7eb^ftVjV?#)>Z6v);80Q=fkl`*1B18{+ShYrLWFqYSz<5BLWeI-qUVq1cT04^t)&4Af_%ZP9KK`G@V z{99Vwef2>DjwgCQK2FLzBBhEl$c?tmVH@g}h>%@fkYR|1^R0$3(oD)`KaV%J7D-}$ ztl~X!*uYF199Yb{q|$o=pLg;XkZuXYU|%Z;bM~t%Q;X4AX_Y0zgA7`v#=+Rmtz<>(G##h zclKvFu`^0_1#Mrb1y~6#B94yVhicbq9F9oe`e&y@P@j82->a zJj!UvHv!JJ-dnjxM&|=vCjQV@cO*s#B%0LZktW%;<-?pyZDi+geFvZ`oS#q3_8-NRD#<2{@K`A zC2-fQ@qp?&M+|e{a&LHfK9A>ZGamA!f7c$yspxCwLa^qnn>hce<;;xc9IpCuk;f|c zgLd~pe9R^GONBr!n~kAqTD4BnHcQt4rSo&zI%2n87EhGK=1SbWAeauopNTSm>N3!} zuxiFO^OCaS%b&LkfSF#XF0vF30sQ$UN)%{9!A|sV$B~Q^ecS03+mT!TkV_w4{|jOB z-gJUmEsx&R&X|llBre!6J4~$grL6xpgGM~ zjY_BS#F&g$70e{94jyXOLsfeRRxphAKp$2!HfFO{>8<2hH^?0buq+YkoS{ z5f&U4FY-w21h=8W&AW4d0hK*yR8s8C{ayBiov0kQ`1Cu8;EL(+Xn@>5H+f``OT|FR zHbpZZX%QmZgG^*9LUrj<&cl+uh=fYLd*V^$u0-bY#1Kb}jyzf#a=5;5!-Nfue8=w| zTu~l$M`1SkQDk`%NYtI=d&W+5zU;7GqDuZZX1fz?dhZx|73&xJFDjU=k))zOs#rN` z#BzKtCiwAZLq1_x5<7y;Ryx-a*FXa@Q-%1o1p5cG;|3?GojxW%s`UDA>B~3j$NhBv zsd|5aQnnI>Jiv#0bz3_-Davxvs(=1&lh~iG4P_i2YL-pgR%EN!(lYdiHrsWH-A1Zg zX@-wo%n6_mc5tD7;nD+qj1|It-Irpf@j<&F;GT5H2U(w*vX(^LN_lJAJ>^G1;-yri zj-ZnA(iO&3n9$aiv~S2{M%o}-XORk<4#Hi zC10W`Z1inu_~LOn_JI8Rv9X1=NXkk>F4@lS968tT*jQ~)qBkOm$ChfAufpFN2|{~< zE{QaZnNC8A!wRQeYoQhVMNaB#3c02`hEtZqw!+?4Bhv$1Ny&x--^+BxH(w!ke2y1m zq64n?o=PSX2#Jb1qg*G|S4dDd3(EPKKQK1u1d z6HJRSvDc$xb3{W+5lTIU>7RSII-YKm*SJkcQ-a%Ql^E_8U0!&7oe%Fp6UDjD^=`+g z3iNy2tPZ|6Vbq$yeDhhrvaW`aRpK!kwV~^|~7-riB>9P|q8ex`Tut-TIR#iTSEmfct=c z&Lb!?HlTWE-Ebi*pw>k4bbMr1{i}suT0r*R8qDqm#%$xd=~@=RXiZV+!m-22OAZQ* zH^g19WKo9k<8mH}>_G?M~&6YLj7L>BG7r9LE+u|6e~PrrQ#jK zxN5wR76w|u+MNx`19PvYJ()XOqh~wl(4!!=%};10@CH?(0|OH8hE5^xR{bH|$nRU^3I%X2uN%|;qE&| zi2A%Irs0tEQ2702u4nVq4x056bD3dQ3;(B6`}>3I%`didY=ZSigZA(HaDS4o!3(G4 zxMWlOsqQ=v^CoLPUaJ^y2ar@vR3jYWn`+hTRix==rRZb%>#Zopudl$3Lw8A7r&ayfM= z1bA;T&2{X(9%0*UpBV$-+q|mVx^{YQIRlN;%0uTQ<6VmMAHbpcR8ecb$pC`PGiKjS z?Jr>Ve^a3>yj1KZIElK93g7uh>n#@)hEF5X*PpPzRjr{0OoSH|?z)+#Z3YGOv-uww z+*1>=hQ^q*sUW=5j+aN8wooLMwyqFj2A^E{hLkkShf$eTs=@>S-WZzDGDmm;&(WPp z2a=hsH^mD=%OxPTJ51g~Jg@|{1S}h`6uEsS738F~yxul}K6!(2KEFfC+qIJeGljSX z)Yz~~=;udSVKUR`R|+Q5Kf!G)&Z1p|p+#qX(QD+4%+FAU^PHqL+!+-+Qk5ink|rZT z$Z7k8>2S?dMJv9#9uhEpVHsM_DW{!FnDv|2hZTEW8mg%`;27t}V+0Oiq(VtawJm!{LPHwp|7@=9+I3%mRHTPqn z`sTzkzDTh(N6$wmAV)vS!?AiISQL|V1vj|S1=6RN9u48ylxWPh6sy9c9QW`ZrS#I= zD~qs8u?hY&h5&3OH)vD>;mdW=5jDD}QmZ=rG05hjcw`C}k~eqLFJtDHxSJpRbxcIZ zRauOtGq{Jmg7gRGvT94(#->=u2k8Z$!6SJ-!Xhz9Zf;X}%?%p7V5JE90kKQR31TY! zJo#i`}Ne!>S6T5l#*jmTfY@Ahd|yOU}5gx9|{mCx0Se3aG}&f(YQ%i7*# zn2ccBS+h`yJXax>T5QgAc8Rac<4Mn!-*^`^0d3M_DRlolUAl{;l8*dupoqUr*LVZL zSg!M4nz>{zs@&Y74@^z<1ytC*@@f#FcZ8XD9$>S<<<_gvPq_w4a zqMk@R?Ke~>??~xo(}4I9vt%|djgU#bn7S3Y{2-JFY*s*wSlBi%3VWvy!bT(3u7h^B ze0ZC3cv?`xBy7LX#kf6egg5Y1wS)0I)xa8j&60UMPjmaX7cZ3D>XvC_Gr zE(CI!+Y-`{YNCMVr3nMgOY6&UGy&bu6c9O6a{IUj359hrDU?UwaqZu(LpanQdUl8j zh5^P>UyQ$+L=n^hq6VP*u>xjkd`AFr*7G=L7*Mki>zduh`sqe0h!Kp5t?mi_YWrOm zd}x}Ogh>-aP!nGu2xXG}TV3R@<^PBfb+drE)z+IfJCy$O+5T-8z#{Apm&Yn5MgK2g z4i<=2@$@Aqnf$9}H2MYDG%7$=6Z&sYU(>(7#HviE{tu)D{uj~$rw$VZ0*n7EQpN+c zmT1y$U-@4hBtK>WpaYoYC1{EN?YV{Z7YhugDH{D3R*MJuix~Pz8Y2DM6J+u))W)LC zsq(K$*|5N-VpwJ52%xk6S82&D_^+ta_Grm}5Xt|0X8;ADVAW(3{zW7yzXCO(sJ|xk z6aS}YCJ|7y>Hj^K{S~K@p7}4I0b_OAmq$o<*Z2PdRed4;%1#M3r?dXYL+gL_sxDp( z{!4lb0U79y0K5N|ziRv2as9q;=0AE>_@qD!AhsQ5{?C#m`?~(st7mq{Gf9X~I0=gDIa7^MqdQ}@hXOp5#Y z?`Hrsl16AlhoAPp1i=LVt~nz8e@lIF06Vs~`KbSw3R%Eky9u>rQ~xu(&EJmy&m6|+ z#%L}3LXHAdiJ1bBQb1IZN?10`2VVyt=&&=<4cnf`x?ijfsib zg*^L57m$(&gup``J)RLR`XUIdQnw?#&UBKPfngG+z$iA^*AgsJjO1j#EF_i9vK8G= z_@5;R2l_RK7?cL42L%NMC{ZjbF-NUZnk^QEU93F918u>GDc|C-Un`HASQ8J`KQtu8 zDJCW+DL$IGp+Plsn=x_I~0Y(@hdjg@9oWtY7EGD&GmVI$sEm`1@6#nP?W8l z8VA*92?+^cwIV9v^%f!m<1{yEFoyEC&=BlVje?|rolthFcxM$NWW4#DoE*h86*SLn z0(^X3c*!x*zk+aSkjZUO?Gn_91?ph^UfD1h^gkr!L_`Ab#OOSN`&Zd;$mJ6uL)mFo zDv!{Rtu-hmbFCxTCxZVj$(AhW8p)n)DhCtYHMsY|A1n#b>xFVYk+~eWYr>k3brE|` zO9l$UmGBMqtkd^3gQi9HptPfL)DDqcnFvnX+^8mtc}a`0i{Yf%f6y~v1d&}4u&^j) zWop%Iuuu%E)NUaj|EhS{8(=dhok0 z&9j%_i>8+9;0{zLAE9x1zp#pEnTihM&2hp3#{mP$BmvIJZ;9duW{vj7EREMF6f?aT z7BS&UeJfhv%EH*MC)&SJP*?gd@1Zh1H?)wNKP4qaG;GiyMIePJyV1I#A_=QULmoI< zdn#}z=<4u_V#uBmj|W4=i-WE;ju}-rq$GEb0~O+?#;d+INoLy!94?4(GX0g!Yqs_j zB&&v$&c;RF8kyNISDc3`%vCSd0nD`})#Wq3nG5yY2mmk%24?V$j{K{a?PvtbDk{1i}YDz^=ND0?L*2lZb2L zGz+mq>Ao*8j3op}-bn*B>YOHt@=y6x38u2)QbRB!(sdS&1D0Hwa5Rl>;e^s$kSIMQ zMJHAoAl*~GJJ91D61vbm2uDAaCoV!BY9h5W&DENW$D1ZNp#lB9JpI} zQp|?OTkF5Go2hhp#O|y`b{}Ir%&LN#60%QR$x&^ub+0*{@jHH#wD@s*RMuUD?9-zb>OH9;={c$m+iiyH%&YV{k>NU91+tKdPxuC z^)o74MPr+4rlywHkm=v;LCaJteiKJb8q%s)e_?3961qmF5iEb2S7P*;P9ZLkKaGv4 zwihZQ9%#Yx^WGkW39SV2w%Blhi_eb)P^@gbgTI^(pN$ z$H!>ewuB-3L3#qAmm0Cds$23>_DvZSb*&w)rqU82Iq$MLI#yT+N&uLM+%I|mk3xPz2Z{dBb8As$#y4&Z>3g;kXpxUzbOVk= z-I^{A0=!v>Kv9lu^dT^C+MOkzrzarrJ$)enyfJx6jC4{J_I!Esv=S%Ww7)Pk(X1#g zjQ(0JmqJJw-1m1X>TB7bOYs`{$5L`~u_42j%HkJF)qcvsxWJ=aIAK4$I5$ZYQ_Vvw zy|5_%>og82l~Aq8rW*gw&M$jNdu)w+o+vgcQP*FIp+DpHmHO8A@-$UNVXJr#UQVu`JuckWN87EWD;7dr<}d@UQft(N@sK zPY?n(+2MzE+=kjD&pqC(P*xgO|v)`MDaFIXog+)S<6kWt=u zA@(5gDk;R_l9_&aJwb+&pz^8O6Pafk66TGwPH?mTkio#}8-B{hCUJV&b-jMC zINXIT`sjSpLdDjd6oBO}LeX8IzFWyg`mRxf#!|Eqmef^^&%M%M4yEfJ$fsks$P%-) zGx4H}q1tQz4V~YW0N?8rha9ZmGO^u{d*1X-2OwHS-%XyyZ)ln3N%8aJnZ5ljD#1GB zdZ7J~H*4FKH(*omtU9_>=s2bHPQ6jVdUvya@b>xXTsXNyA9SP3oK|Iq#Z0dv*scFvTvEMMzrC&Tpdh3&4U?Pn9*uBzs4 zeT+~hb7OsC3OdT-?~N-)yYB*$^5WUzG6)@3LR>>$@;$+-j^m=2H}RqD0z(zjTFdDW zEp$k>T&+)Af0i)#AX1iz*c`$zu5q^&oPB`bsuipF!yDY@whS)3vKs~afwK$w*q5ru zK!oVoIv}P3l~VjL-DKtJp^9x$@H3gAZ7Z6%NeV%;c({m$p-vno2w@5MAP=3Gume&M zKGAHC1DHYXpO{AlJ?};({AA_h=#Q4`ie4xgBw=pxGyOkb?CQj(f1AvS6%6fxH5|`; z(`f~3tR8Fl8m|-=iEip77{_ky6&K;7BVuXfHTOfYtC7O0HFDwG`D)Xot#;_#?IeH9 zj$xZAMy{PsT>^q(^Xh3Pyp#W&nbfBsuxLx3fDJ!4#5&n!eA5b^Tp9W?bpxTGNbXZm zQVtN8Se7P^PdInBN56l@- zk;g0*gHB(ul_>w;y(1tGDSd z7)oP(-`Erct2bcyVClnz?=9}(odZgQBL=M5(E8l*(Jlb<&H#psHVeYq$fmidjIxcP z4p)AY?;4ZqFQgs-I|eQsX5DWln;m{37-l3KGT_@apRWO_;I}a7wz`oeO8Ck)I!D!K zE!;U}I6ki^%?3y2gDH|W4L*k{+?U-vo5SN6v!4)U6P{Qdbx!LxUN@6kUsslXZoxgR zUW(;@<(Sd&>(E*>JO*?M9`@)cZyRgB4HenfNUD@)g>5%=o~bMyXtv+f;(h4Gw!U<@ z-~RlQ!a|XI@?@36|9&iolu(vXZTeEIie2A(ZvToBW4Pv?@un1ufNEghvuS7AqnNd( z$ird_Q>ZsBK_fn5tZjD=*X@7E`0&ui^i!VS$)Zxmm$#aLfX4;mg5fSIuskgqV2c?A z^}H}E^RguUiuAZ$(k2EjJ$C+a;=IOe(#l0UjRS3y5iLlAFGTT~PWgB=RT7}zqD6FU!kv(Vmm>GErLI~UB@w)){5o>d2;-Am3^mk@#@vj z@AW{th1c#BW>SB1imKCDzD=Idlr1xJZq+u#V)xTLQ+M$if%=2t%}cUnW~y{dqglxN zPtGVS_$8v#JYste>JbCEdQZKmAhCKE%G zP3s~UKpU~B`)T;+1Y>{#9>l$r0{-=>tYvw*xs@VKCz2DUb6;BE?LM6&>aE+p3)XUc z^hNIA85f6|3$zQt!5=o^$3z?0WAw2FVyBxuJt+A}_~H)lr*Hg=DL2zF6f?AGy59%~ zb`8nXhg^6^QsS{Y7}GT^higsXf}sc z)pEhu*a*^TcoOp0qBMAnq(I6w{H7=b7yo8?&7#<5PkDG#1@)_vU8gjnBPpwAw??Mi zz=t^dfDtI>y|`PZ{f7@Rmy8#JoTks!Z)Yp9!|HDvXJA-lezWtrx2+oqvPy=_G{F^6C5nbg0RQz6cl?nUx?eC7aeJB$jL8ZDm9-xTL} zY{t&mK^{1*{tVT-7>;&c8s@p{ukNgnzJE3uiLU$_{N${$^e`{(Q&qZ|5DzlL4BRB+ZV+bD>=Q~F7Q0w=iYqXEO`D&C zWPpEvw@t4h6Tu|@h-@CeHg&M9k*{`QozO#U^e7p_2^Z;_vQ7O+!b=U~8{ z;hCvtKLUcw=1}nT;JE3Om3!avtOyoOh2_5?vQmP{(tFvS(u`#4-akY&cul>wG#P{* z702`9iiX$6kAY6qp+J(KpASYCAH4)gCC`9V%%DeoO7{KQ4Anbt`VKInjm1Q+1L1pJR4l@`77kZCP{&7})($+Ftwai@(CvQoX z<-Huw$YRj-?Y^AFW9vwE#&KMVy?Ox%QSDuW_?&v_<6An_V#&Ga_RATV^JVZlWIetd z`^-X`rACMGMzolB1bp>nSTr>BQAMR1?-68v;V5Zqe(fM_IRN_7;H^g!!m?Nwv2Cd& zuNH~fWPi3OQO_m(Q29){sYkt`k1c26%N^_C@p^^%FxK^#pBpO}HqPn4_WAi5q=qxr zFe@7Nxq6%%#G801IDFY_EOVr#v`D2MZF^E}7xdpBajMO$T+jB7rt`8VJI6oRn0=Cl zg~EvUi>+g#f6}DXYg;pYGzKlHd*HnUQ}30@0@jmc-(fy(Oe$-qd(qh}YMpyP`FE$9 zmU2`*SPEanX7$pA0X?!rSQXr^s-Ql&>G>IMXKz#7^OP;v`zJ7K_N3r%dikzrYmF+H zUZn)_Lww6I0sHiENT$ z9(Wx51H=hyBC9%eFj@$>Jwzf zn-tn^;PZBZn!>l>x}8ecUPNf9JGx=|wYarl_R+p8d zq&62j^aK$uCw|gQywd z&)Zj6?eu$NsM!!f8dm>kPs#0F|whw4c*&1VbJ$`tKIeM(K0(TjT`fva>IpOt=xW`K9Z)YlSBk=a!~o+2_H29=#)t@#sf| zR$6Cu)-y^3Tcxx0NEA9TN-Oyk4dAD6$j6vk@P($mdnK|ZRhe+W`@Cp1pzD)b+fIxkKjj0**1R2C zs_6PD%8_K0x_(;>N8#}!YD$hlktJ|DXb=5+N7~ByrDL#-&pwN`YpX3j7Z02+RY6hR zOy42Ng4ew=X~K)i2$IKnSzmKymaFr&sLrh2_@oW0*Rfa@kG_+f(LB+|{jtv(y^N}o z;ql<6zg}EEHa6%Q8e6@Kgr{M+01IsAjZj`NS{1!u4VUxt`!b&`h|)ky+O!YtLAxVA{RP??*z|RtWn$1FSZuF# z#A3+WH`SM0{Lg1zPVcGdF4RHWI1|ZtII~TjS#y0@L0W920fkqtxTnlqKLpRmptO@z$o0G)0B>w7Tj{z*!o-!(=QJYL(Q>7|zVsFt-_;M+eQ{-;@lbHlGk*GpK9# zOIT`Go?ZRWIY8!i0u5W~1*!#sJG)T)qk|9zB>YxPeirX!N; z*?{`pG_V<@r4iBitU_`W_lptp_3jw9I?AgSufh<~}$& z){_J3>@pG^%tqgMLJ%zOpI5zMVe~x4rwS0EOCKZk;I407(RYFd+Wd{*Ui`;A-RaW{ zDh(O^EsS!Ma4M{vEtQPKsqt2fO@+^noD!$3o7R7_PErXj{)WZlnnM<*J`5~~+i=@D zCL#9abHXxv{}^B}7|an!b+jRa=3h2sP<%nl+$PCNP|ljh2wXEMq~Ug)GWj@b#Bw`` zOO1>q&#UST0_-b2Ikmm}n?Hg(KjqqTP3XCgE8fY*DhXTqP@~{%$2dM14&`(g38rRg zHxqEfx5bm}t&@rEld^gN{biv)naqu3fnH>ZYq5)5yNzQo|uO@&L?d@T;Dd$@X{L zo?O$4%gM8?3oh)4Ti$(sS}-M?j6JMr^6H#Klwf3JXH4h z1MX>SVDWnXLqNRfnIX6ru(m_A#(yHG-pDNKuj!HTvjXq)(qRLx1Oh}r%4SPQxuHZ19lMcPq&wh=|(fn znVkK?o_|~k=KbdE)%I{(O-~=~;BFT|R1-aRh^3D+yaSGk;c01*oBQCK?`-NVfEx{? z0oEsq8@>w(gST_dE;+Hw4uW2n3#{q=0MxlE2?k=Wy-$l_vK#!ILCr^mV5FklESi zx%KzFf>dnU)rj$g=VqHT&cSz6u^ukzHILJZr(mSOKW2F=5-LM?YI~NQeb?J&rNKcV@c3dId9#Va z?z)2dCu0H5$QIx4t&lz*Z!I8$+o!upD#<_1&N)VEx~b)XBU?7JbJtH$-QyEfui!*+ zdHbEw>}DO)>!T;ZdRLB3X4Sgt_CL-HS|+|}vNI0w7eT{Sp8BKvmf+|Y*!fN%sg_YPv3Rqb4+&%o|zJ=6hXO=a8n=PTtn`?V_cqTMkCDMuqd_W?@>LsiS-M3Rja8Lur19+DYj#mKUH?rLT%< zEp5XAdwXEKHJNuY*LYtgY!G;>b{@>6I3 zbdqLMkn%bDrRtqWhCyf=y6|aSTo>?BR|0!Wuzcc9VZK63QWtAl=GA0Iz8H{4jmup67&KrislFW-1_?rId=Uxj;S(e*Z~b$+MAS>>bXz^jps!DfRl%0O?o z{8iY0B%PQ#Cs!=r@*{wTjdzB4m~j)B`5XRh%HA+k3$2P7p?5Iw&Jis=&hC@eX7WbL zZ1ya7A*6)y-2E`R985=;x2c7B#c{RXXSYP9%y+09e8X75=t{9efj&gjzsa@{bifyq z=b^^TwqQtn?07*h%IW>*Sl)$MC$MiPW=ApUo%izPfY3pw@KXTgkRLCEyrP4$cUfT; zE354WcFS_&=V(Tnl5QYD(`7I>FT`nLxMH8i%}Ps8=VZ^mpmI& zf!39pPqlId@`7=T3=q)Fj(el=`Lzx6kWez7;G*QP< zj=$2h(jMH#U$#RCc*2zAc;`{-Zjp|=!hqZo53%5*GjwR-VA!6H$Bk17t@qqhxHV{z za84Qb561JQ8l%h|(=6}Cgw&_p7O5J~RlfMCu{=;-VQhtnt@|1q+m@L&y<^_eJ5^QU z773Vo+r@VD%T{N$`T@Y_gN}vfNYtIvxvhXscN&%;Nw|w`&qRO?t99x{OJkmS#KQ0d z?6&nv%3fYq{Y=#7Ybo|I{l38J@C>)iC5879ZxNedY&lGB^ldRVetV5AG5LK-Mh81N zbW1cMqIhw%Z?rSp8Dv2zksgis4_Du00?RZJz#9=Fop`9`$6lP=&N#=WNMdWQ{=uJ= z%q4gv7pFfp%SfeHIyVc1xJ2BHfx4DpE(Dc>!Vzog1@JlrNIcx8#f50GC?XtzcQ#+& z_Jy1&G*MEtOQ;g>bJBS_UanC4!3DEHhy^TzG#jnL(ri1Ir=cu-Ws=A<^udOiS}x9v zWAcRZ*lpMtOZ3jPm2Q7P91~~kfhpkafX$g@%*GmUo3p2Ib}p5_KyX z95j3ax zMHkB|P5gOpnH5U(9JT|-v}BJTL4taSFlE)L5+cOx;^gQ)lC=hzj7K=Jh?-ET^G*@W zeazUEMQT|%zkpu!612#Ols%m);e9mAxJpqG4iCBmDGD*i>PnfhdZ<)aNAb0ILYJDbX@2O)CB|)4Tt~^k@E8diYxu!#9i4)aFe)k$ASgf(R#N6F zLeNw1DHk>ojo5LD3?_0OPr{L&+xwQ@BRDp_y63 z!AwbXx>)EBTY}&P!}$Mgsr>g46qdhi8@jj7Ki?dIBiay-;^8y5sg}>jG%L%gu62Oa zW@HF|NPPhs-u|@@W*fY?lYg~Ca-(HPqE5=(KH6dUH3=-}E2xD9iGjCx{l{6fJdhsPIQ)|LQENMP#zs6A@4`$vQ{O zH@d#r+uMuz7+d{EoGZ+Dinm#{H=jY1he0}c_GG^mjUJ+&cQ~ zr=e%%D5uqw_K5a)eAm{7U)MZevvLs!d)D?)8SNjA z185^#Mc=c*v-6bf7k#LMp79(XBk%Ce`rOan2#GB}Wm}5h*EsaQhYR(G#HYjfSs9F& zmgtzilMqD6UMN5JS7T%E#8E@_4QJdHdc{=;>00g_?_@$97iTv(jZCqXJv$)*XB-S^ zr^Suh>OYAnRZ*uwJ}Q$5<&VOxn7Q#fJWhN!VYzn-l#5jx1R_2Ysm8gg(EW~?s=KRi z!2CW$QA*+Imht6iudB7wmkG-Qd_`j7uwaoyuE~PWudj7DufLdR<8Y2zZ@}w4yoBYb z7b=uEvc{$PfjCaQ)i+ODtPKUKnVSQFQ6O;bL9oxLRG8HMM-xvuT|K_jPc24^FnDz2MY^DilKCW+!ikbE1B>h-0x0i!ey!K%U;C1!EMdeW=M=dN z7vFz|=oue&RqyD-|Eu@^M=pa6Jp9Ffd=^+kWNXK2qk9U-nPYySY4$Ol8&`Uh{82?W zLcuM#W$pgbqSl8e3Qj@?QW9jd-ZT_$HC!1vQG=-BywWnq_x`kCMx>KD+Gs(a)G0kC zQs$AudvbTFfMGokB@C-MuWjIIrPq-73(2A!BJkt4Iq^Iv*?C%R%8uD-q=6xl`DG-x zo+VmM9I$|Ei)k>=dU{R^4qBS)?L?L=0x27ETIrU9 zEh9`jOGzP%Z-s>g>r=+(1gQ?)#a#B+ZHvB?Sv<(gl3*zPz-OAeNvosUJ$#+6u#GOo z|4_;eD6bF%=*tu(rh>>XtYwPG6f6k~U6ARB3p4(f$YZ<7=`hJ(?=(%cC}C@(D3jNY zrb!%`kELKd+w(a;h_H7orV%}BA;io?h0aL&I*9h+E=*)wmhO)YMq5Rn>9{zg!Vs|1 zoub+)&czajeBHV*F3SZ!=f*66ghSJL*mjm{&xlikpeyx?n|XrKCaqXT#q~T8teHD<6}6(!PbsgrP4<@WIAdImPd(q#?~dgz()`{F zxu0VAbD4O->w|VxOw*nxgEtLf!MNM-^!2kz&cwid^L*vkW!%;B-Vp;sBqFOw3%67w z<8#+&M-|@LRia)3gRv_Z5>)zvwJh7dmP`F@c*pwlSNPzAS$vvubyq`o3XtyQcGtZg zh8^b}-hB%_knT`C2zj-G@B@p9_3QlT5hMjl+!z#tWM&4^RK1$>Pg>#u;Sv<}A1bUI zd>P5}nW6ez%}Eelq%W^Z80bF(&s&>4x^Vk^8W7viQ;U78vfKjqKH|XzZvvq=*{tLf zNnc((FmC4de}rT_O6k_zICYJT-3|RvzP_T!rP#HY_TsDq{$h$Mh4X>sEhpO=AI30V z1N@9EOGBlq*&8Fe^wK;?)C4GpE#ofJuC64YANF~39wkhGQXlsk9IT<#FPfsqtn6AyzMouPS-H2SMiB`wpOM41wor|=Tgf7c>EOPx%PT&cdwwr_yT7l(YBE6Yc zN9tbQpNvi-9qVmm1uCEE-DTd!@#uQ2#b5_WnCL|%*!Mw-P9;pW)nt;#5nng`R&&F_ zS7BY!y96{%1g1gDef)Lk(eY&Xmn0xX+s!U^ z#NvlDP&z|**QF&)MZpi{Vn!2NS=;jhTX)Buc$5Z~aO+|0$o(b>X1$%7YM?ys$4U$Y zAIDI}%g)?ww_u^tyxtjo3!^OmU|ec(LC4T&l~JVP`lkk}y3tDGg=D8Tkft^`WC)ZYv^B=$cRstrn(qd9?5IcOCVQfDs zU6>-;$aX55ZaZ(Hs;u@di1gucb$-l**UDVGB}XQ znfY^Feq2C1i74I0_}wyQoFVj#TK#n#dmQmjEhfw)`{dPOUe7w(r(H;rnxzh{;?k|u z4`wwtfzI{$7>HbU47LS}RM?64&GFI(o}PJC*&rJiESKI7LJ7^5<|LwZE6L@8XCVEW zK#7YU*Uy9e8L&9fPQImE6iNY_>5Zy^Q#(C3$LT|XF^{A!J@4@AZ)z&h8CJ|iQ#eap zjc6ja7>T)I+fQXk5O&#yAg(MUzfMU3?E)q=+nLN^9-vl+V z`2b(#TGWYMi2JOh$TJI6CAo|1R;rNuvPZ!mOcANnm%shHDmpPh%=!>z0Rt=@aqpKEb^&D@{$8cW|16A6j< z5y)n6pwpm-GJswv2B1~R$q>u^kK=YidgUdS$tuM^b4OGly0V=_($4T>y_`1i}c=S z`?XdAF#GCD-Ech9X5~8y^9c{PwG{oTT1yyrTQ| z=iJ91_j2im2FF*4j=j^sc=uU-7!G$zUC*^-Fw7;4--X5Q1{DP&3j-1GgxBh!eU=(} zx>qLk)my+NZdCs9+c{B21#K%aFMuhW3xMp(8qs~DUp2tpBa@&sv!hPdniwB3fA~9D z`ScE7CjH=^_d$K>eBF!(^XN`eoiPFhA^R_}Da_#3R zpE8tzM|X%0l+;_a_^Kk-QA4;%M=Ehp+hUXWr+2ycK(YK4aUw;qqx{`n-Q)O{U1!gJ z*k79tgb(9O_>z@zo(+wY+dX$VY+Rb&xnB;=mEKizKN=!nUG1J|Z|iB7oFe{JNjUe| z;g+D8@BI_&Z9*SMr;9yi5$rF-Tpv+Nn{LO`ov+#piCO{W=g2Kah>~=`0+*0Ts+CL@ z)rH?K_I2yJK}N+PB#3mkZNobE&vHGV68M7VG-SU!Wyedu*$nuMY{=!C>+JYFH5n7| zdOO@af&KjCD{`yQFJvRP4B0t-0~8W4T+*%Lw5c76VqN#sP^l8&mO72`-B+J*qWPT3 z<8Uh=zYMdyp>muu-%vC?Ua05b+y2eu(5_5Glu7Kmg7^!@vg^D4UuK>K-wt=7!NTY1 zqOVWUF&VM5`)G8Rg)Q2NMn?>Y>e=oz-)hhpY7PVDf$J9-^V+TKY!yqaq_iLj_>pH) zf;*bV{jU|y?>HYNKQUZX)ynso8KVSIsu|d%pAtbtaB22I@IKxK$N4(F*|dln*N)re z{n#L_9R6kc)xF1M%JQU?9yTo|aVjB3k4km{j$`!(Krqxmr9Hl`Rr^Ni)?u6O+Oy7#p|YG$ z)^YE$%ijc#RNuC_sT|7Fz6@+oZEf?XFK8h`8jEj|P9y>d^%o7IC?9k|yvhzj1`2qQt?fNFe^XQ#|1MtvTs?Z0BP>z> zehszb+{|2p-_mt)@l?rbnfB@Cf`YUP?~R_oDSOqA5=wsWY`jP+fBW9HEp2dZWHQ-r ztjM!^f)~*JQ5_Q|ynyZ!`Ru<9m+`@oT~8}1B}g8-tMaSfTCyn-g?t`NaX6s!!r|836!$mB$4~ZCI{LbQN?(^)*vp^u0c;8R#aXD`&5~oYC7M5pOtq2se_le9-aF`cLN9>RI^8cT?Z)J$2XwwayQgNf z(s9VLHKfnh+m^UWzihpWKoy%V^MX)1<-*bDOzm}%=U<&Tv~>$q{L{035#h!#YV&`E zk6Xw8{^DTM??2kfc$8b?>ha8>;m0BpYyqNUN5G=r3^?Gu&0Q=iTGS3b*ndoC`5`Mk zwmf*ZA8n_gXH>Bm+aj}jiaYZ;M%cmA!?)e6dcQ1V5y)TLv%#ACcoB8zH)RGQ2Tg+nz$UNSb z9jz2F)4V|To?k^&CYI4FE^Z=Ay7y|nOPXKo4ypIDP6WuAr7J^~Kf&Z_x}_urc=mt7 zr-iN`T5h~xZDca9Zy?Oz^X+UKqLdz_?v)^aezd3FE>=rBUpiM)zt?yFH_tBy6$s2k zU(0l5Tgr>A6e_JIR%G!m^aE8Y$1yWxW44mq*;D)4JpFXp8}O)Wyk7DhkI+Nj=dT?; zf2#Wpm#}WrfnQVV9IAhL*cUJ}W^TLmMZZyW-=f4aF`pDSpA{pRv1t>ZW+hjze!g68 zdQ|3cPwugBh41ZP4}~|f1)7yUyZoe=B_CdyO4P>xj|uXPfA^70Ws-c0JN2xSl7pw8 zLqhmLg;0tUqUmY!NL3Og{wQqL&c_VV6-!IT?(cUjAZTTvknY=T zc%0!J*TBegjxAuEI`sKZ>8HO+djMRYn78ja*I(~qICMSc%Nl{K%jgYMEZHSuxl862 zjv}*>1G9o9eKp#4&a(&CB1uiJmoN#vKisUbd0$Vdu5A%1lgQWj}?|CT?)oG2Rc1p4UboXz0o(;PZI z{8KNn5H`P$Q`Ms_EnJSp%3)dYWPu1&W&fP zf4JRAcS65(gK+6PgyD27dCFqxho$eQ?uk@ZBWNUz7hM19(nv54V`lx2l>>_5dEc$| z7bD~9{}oot$}%wB){eS@(tjvpj$3&44$d%YY;v{k{-^LRo^Q7OEAH)|Jj5S{;>$X| zX@1I@*fXC0xaD^Q_$&jjELHNKdG1eJJV_tJ;^QUh04e^j5YIFnZ51Xytg5WM$@rw= zWsGt-1S>gFVco%SG7OM%PqWW5a8W7@1a3jhr*j%VE{w&v(GK|<56+G`=}m)BpZ@7` z^aX%%YluGA>R8;yYl1TJy8Vs)0FeUeh_^j9YV?V58C9421) zyV9*Th;%s2Qz#6a_#Kd*2%GfHU|>xO=`rV93-ZAEp}G{S)`!`+ElDZH${Y*j@qeTc zADgjL7@a2bBc*?_?I#>L{QFp)97bk z|LN~I@tXgU2t=)<78J~b0M$K9fe+QaQ5f9X7=o0yQzxhdHG`7bvJf0}6I>vqWndn` zq+GU)y?B}xT?U7_*$5Pg@yN2pdF9wIaE=O@^~G&ceciSeE2!Zu#$WZug%6U1hkNw9 zh9r^RF4O(rJXYsZ$yB-q{?Yn}dj$Ev7*NxSy3^{@8p4~UZb(lC{$bwHfH)jrcLHMn zV8nEAtKDNl4*J$$Q{!Xi2yIFY_BopkQU~GdVUl4*w~K8TWAB712auqbQ;si$PKE-^ zr@4kVztFR5QMdJR)9iikuk?~b_!iTVXUm|Cnd1bpcFw14NUCeJaI(h16j(tdK zQ=wp@4Yz_^#;I<5mofj=_kePO$x`9P%18(4Qilh^2`A#q=xp0ednoQE@ObuShcswc zd84iepJAx$JYS9ZL?5lNf zUV6~bFDG3K0eX-*Gt1x3^QoGuL`~*HOcXagmu1Gxgnlk!6VNZ73tqLz}S0 z5Tg~2^PX4m`O&+9UiU@NF3VL^|Ia&B2<34oXtbsVhq<974_)cxb`CbPd|k3XPz)Iz z*Ama~0Mc8E>+{>Hfumsuo>4I+614V8sSceZYxM^V)%;i;M1%!m1J+;5YjdwI$N15N zZwERu01M8rL(nD!B=w;&r8zAZpxSOcL;H7Ti74FT4C=9twjBbXBu{|T``!hDiPloX zTC*As58$Ja$`s62&B(+C3{>Ob6c4`%^|d;{k1LJ`_thT+GUNIlR%RUJMn%)Nn}m@!(B*n;X43G z4*|h{s~soyU2Up^7!+nN#;hp6cWp}@EZDoJQO&?J8IbBnf{wHW;Ao46l`vxm7*EA#61jv;)FCN);uN*z2cK# zDghTZY$^Z@71QF+>Yc3?A;XV?m^+qQ)XVA|7#ME5w)H@Dy#*9!+?8fAUDfZ>W?{Ig z!c#Fr%?B?~`MZzDp;TWk%h>s1iqL5;KtTFR=009giktOf_6XQW08b}OMTjQG4R`Ey z{be0P#v1S^el!0=j%ck|Y^DSxP9a1U#&0u{?JJmTO>Tzx+S-nonc%finb^hxHn_IL z+wle^(W>{LBe)rY3hbU@^7_XE$Zq}B(NpDGp5rrjjNTI0)Jh4-*#w%=Vf2O|ZUURW z4^d*+z`d^;Py5ZF*3zEyUNf03k?cx}g|pn%k|%K6;f-NCn0qmc8Qpeuvfbj!k?&kq zQHwdq?tuWugB9X`XAW_KmG6uoucV`)TDj_5NL&C{)-O|Fl`9dduUWsU{ti4w7)Ng@?LG6G1bYe z)tB~>88~@5OD6*9#f$1!oblB`T*r7Kta-Ai;Q=%YQwoyad4WJhT_{GC_uq~bZ--}n zQ}DCf+p;YmnV0}crmx}sfv*2U;ky7SZ2ib4;Di%Pas2I_57ZYS2G2=KTJhv8!QWt{ zK!RTPX+_u@!}}oK8nt*)3k%R_Zt7)47#It195wOxGw{%z zURnBd#mP6oF|OS}{0<$)q*pv){M?Fu?+3_d`n~777)q+r>oYbtqinF=2pf1M3U)}d zFlai~Q>+uh`Ye2&nj5@LW}y7zf3RoHLJ7*Xw@Wc^QQg90&P-1LGSp5QH<&#%;X3Vbw;?pv9Ocf2`Q?K^G_DFK ztg7Ot!~fs}q)b>6=}(gMwPGEAaNAo0XIeZA@J3(+&9Cg!Lg1Msc45p{dXP{ffhwFp zf{7uh^m5tI2aZJfhJ=z`iu+{2(Z)z*K%KeB6wAiH@EiW?Rai^p(*+~y&X#y{3zTUw z+;M2aMoM!(Px9rr_CEu$PT$B3=$p)hr{K*+Dr-{UW1SGZFAcU)VVjAiS=e3?%KyQ8 zuN>^|j^3f{_*Z*jj0B%4=8jje~R_{WI`*{b6p&s{QM1(NxS-IAlLe~&gKm_B1qop-UBpH&OT6qm#k6pl zkU+!)L-q#jp&A;q1DVzYz()e$NQ_sOH3{qK@4tkzScW+<(e~HyKQ$$gVx|1^i2nl< C6or@o diff --git a/docs/userguide/images/getting-started-add-monitor-orange.png b/docs/userguide/images/getting-started-add-monitor-orange.png deleted file mode 100644 index 9d5e227aaad5c41f896766192151acea90d88b1d..0000000000000000000000000000000000000000 GIT binary patch literal 0 HcmV?d00001 literal 86795 zcma&N19WA8ICd=u{_h@Eo3MkKf78$BR z;TMqO%j>`iKfbA$f9~#M>6W7iN-*L#hhV&a5oUO4p1iB(Cmwh z^{WDEXQHDbRX+MIqaS25oDw6CK(}HI`kEfeaPa`q?X0>1g!pTe*N8PVtZLd)xQ(7@MxHakQ=W}$R~$bvG1@CI}cp|#rU zW(|WsZgYkMOB1LYb{gG92Jn-Z1lUjf9e^7E#RDf_4ES3=D_r}$?cK`oEk`liNb80! z4dl8UpyNi483=r6-?FW)$HTS#c@}!xvn0K(08s!!a%R{`8*A& z>WtK}UEw>UvInq$P`Dyl3@_I#7-DCGN)yuQpPJ0WTd31Q*^Z2K%(m@5U-@!o5-1QQ z0c>N(Gt(G!P&?}Z9)h}_qP&aPKJo2S`n;Q#$crl*Bfvnn&pL0f?vrs|twe!C?%LJRp%aMrJ?wk7xQ|?*{Og zJ~($^Uqlch0cvp&rrk0#Kb$g8cy*wZ0AzWHm4N6xXluyMK3;o79B{ZlsO*rm0hM_u zTVT(-TPL7&{RBTDh@k@F5U~Wsm=Se`pz8Upk<5lbZ^Z`U%t?Mo2rMA+5(%OcOvW)5 z;gk!y5;c$2j!7KgIAWd(UJ=E{`y9aC{TP;~tcb8I962#w!h94Jnpby*$cQ;A2sUTv zz^WFungccG@r3V=00{q{OFcn^p!bOKKQ%~6V>*fyF&tONA{|0EC{_no4a6PD_|w@F z^QaHHCYBYp=s;@wsPm#=!)ezbK!Xsrx=?v>0B18@^5@;Z3 zPb89{R^%-YYD#zZb52>3IV1Kam`rpTZ#e*RWK5T%B~pufPMnSF9G@L0c9e7!b*yoW zcf@J;aI`vbon#r;Njy))&L>xrCcjEjmn1czC{Az;bM(LSyHnNG)zt%t_*8Jq`Gk8F ze;~a|-NhdADXNqmDeIj%SA=zBbfj)bcT0Io70yRl=r$Q^^4hRer?}=kg*^%Q*XS1` zR`n^USIJk)*UnYnNGizAi_dF0lo;k42JbNpTSb6MI!ca6_DE6}i%2d@k|o(c1j)Mz$uSTy57jL@5cF*RUX{S?D&{h3Q@E_ajDmtE&LkpE*F z1yCuc{H%Cfky?ST+FSl55m>%k8(&;6TPU!fPg-M9!=d67bHq9glL3mNLe?Q;EJvN~ z?!3oCqdciirD@f(LR;-xO=yFA$#3KTWO{kO0m=!BOP4L34aaHb{N{4nf!D#k4cB4j z@@-tf(4D?MC230KBrhjLCoWgis#GgvC%hxfC)+FjUH2sf8sXn4kkJnjh#n{)q%&wg z2p-}R@*H&#l@-kx#fsUC+0DkvAWN@nyQTjzAiPboRy0>MbKp-gy|l=@+BEVIf;m66 zPCaQ|sZq*dd8MCYpljnZ4bp7i^hd+G`6NR)?SL_yuiSLOMyjH?)x_T<`_PCgL?uln zUL|n3ay%q4k*qdzi}kg#Inbr$(f0hEm6DZ^RfJWB)y{g_X1!&(h3&%J71%ZM66;cT zQ)|uXvUPpOA&)DFi`vcH;brgSfZUn;VC~xYBx$c{__U?5!YS#V@>q%%3}`TADhv&jA8=Hzzi-q>Tso%fdU zX3zcd*7M5dDErjA?>#xTId<+iX!f_B+D>rKv`?B|o?f|LXm5mXmT&TRA<(DagI|YV zKYwW7tN*k>P~Kdgi$H5&bKrV^bAKSAEFp}Lrcil4L%vGB+`!aekb%suxx4tw+YKa= zDAGq*h&Uo9PCM_NL6U^B?UJ2RxKd$>s+>2v4N5mb2Tceb6P2m&lzo-lMaJ5@Ly1E{ zTZ;Se%js?N?KR2=@&t+}G8q}IbXP`E`jC{RH0iHVvTF&vj3Yjq{idE%_(iFboeTp; zqpPS%CKfZ(S#BOF2Xw2IdQ?G4!HKV=*(z~WI4g1%b{DBLg3Z+K@Xv((;q|`L;|{0E z_Swa)#fe4TqR!G3E=b!SCU z`XHI^q9L+=ta72E=F{@pes?^-Y*ERz!d|o9lG2va`?SJ2>+(L4JP9-Tdo{GScBgMk zzGHWLL<5^nZB5O3M|hoNV@U~9b-iuf{(fURx012KR`p#OA5hS2a+vb0#i7;N>S4px zr1Sgt`jZ@&JJ;0(?3RX}k+xEOWLu^FYUB28=cbRtSFvmCQBDJo-qYRl(?uj;Rr6d~ zt5eVFJA<=HR(aJ||IL3U&<7G5K?85YBh8`h0*al8^X|Boq8Gr4<=J$Yc3&?v8XaTD zA;71g8M`!FiElk-eqteQdBKV4*ibxPeL7^P+Iz`U>{jvCv~kK}Ms5}{8n$rQ`2gqI{A4Yer(qyYjfF#=()Qv>=${w*|j;N>)7jj)^L89sFqdBtnJdJxpOt= zv*#ANBj?QSx}@jSv9fl$u)f4nd@kK;_S}B%vq}em>T!599h$Dua%jEU%JJzuhCiN( z>|A%#+o5V>bMzet9SB?ql|-Pzv*4+C9lVGgUiH>}A9xxr|ML5q;Vb=Ie^$J4G|oGqJM3-gV)SBou1_bUl*0xTZ?mR^QLBaX={vXYB zL*AY|ugLcl`HOiNG13r#>k!0l*k%Bd(U`cL-1Pdr5C&d&CnbaZZR zZnSPpw04eWbPOCE9CY-Ibc~ENe<^63JZzl}+-Yo`i2qZ_zvKv;I2k!w*gIR;*%JIi zu7RPQi!%=q(LWUZ`})sunz&p1mnK`Mf5Q3;knSHnbPTlgbpMw9mzDb;t(@`}?k3ji z!WK3rwoZR_@G`K_Gjjh2!~fCsUn>6_tHyt^GBeWuch3LT^G{B0x_=<}Z;1ZWT>sJf z*IvBP+;so8JumcN-M0r25I>NFuz<2V@I^L^wzA3BHy>nZWL{nYkvnmIA559CJK@4s z-<@Jce0qziMat%Eb+vYDb1&a_`gZF|Z+&G;`Q|VUOJ`iMwJwp(uT>aL1OGiZVG(d} z%%AMv*X>jEOj(#SeXy`k-d+qj_gTlUygSFY4E-FcI*S&68D3< zwhbCD_@9;6?Pk~hpKAFl3FhDgTv)2^v*>HM{0PD8mrR|A z&3hZ0Cv}rMkznj3XB>8VH{kRT6*>X}oAE^L@xf52-{nxwT_)dS(eS^qIH$APN7)*; zYPt&|+Px)?_q?aq-l@b62;3C(aA4WB)WDRKgmyUSdtS?KhZM;%|5&AEs>9tF?*pAn zs%=yCXE25eqP;vXr_2EA*E{n@8(I+jGZpV?!Y&la4;xg^MDU^;(6*0eSgI0opOMRt zh?ox5&%b(qtHa+M${dCRns4Tt=MC9+airz_gM16&cJ66}1xtKYxmU}thUc^cWXKXU zh#yo(tJKeki{R*xS+?d%^Gbge{6x&UV^Q2R?+!aA!|{(c-q03oUQ&yWY);&11G2UN zlw27n$kDH2pIC; z4iFVo*mMXdfv!yGeX+Vr#U$uHQ7}}hR9vdLf_tbMjsyc!I0-8 zUV~N1-z*EyF_v-6^KL;G#Zo&L&Bo@b3H{bdrCm=7#s`^@yP}K_He^CO6bL`xl2o;> zOQ)0+^iI|yd$iVX00m@BZvrnQu}@jhga^akquz)cnmlmnw1U(eGN3AIKszyr1BIvP zi7}9ZVVR)*K4w;Iy{mq*#?HNNKfoMW)sVMiF~+z)vd+p8=aLUb$Xjdl*q~Z_Wcjw~ z+T8g2aW6us1LU-m+EMycupY<@1Pm=k1WL^_YzpBigQ7!byR+rr=k?AeI5+Nsq{VC; zdbFU{xL4Xl3O0klh#7vNf!3BPR9T)@Fz*Q}5c<5H@{NttIcZT%(~*PR-ujb|jR#hC zhspJz1RDJ&6o1^Hp!>qyF|`e@WG_%$q<7M!zWeYIc&Z4*6GKd9N6!EC9)DR;fVVoe z4F^WdVe%7%GP0iRJa6(C14`8Ej{M;oCC2r^>sadebuV1|Vr;G42--&JtRoY2(&(Ry z@(mS%d6rtSO*iHsUQpD*E`L~Wib%g${9}2_ry7>#_D3bS(=NE`Ml8K6J1~jInL>n z`ff7e9e3zyW(+|xEOmG+uv~^j`Oe|~=eVK{GUGF$f#MAQJ}S6t3a8Y)_}g$OhrI0a zF0gmjQls69Y?%|!do?)OtiWF0)R3!#vBdW;rLYa)SZ{2Z4Fq4rTAK72f_*}6)?JAMHi_xmoG1^W*WE?Y?usJukl{j*2SGW{DjsW(KQyK5pL)#se zjC~3d$ZhOC3svF!>BTd>(=L`7%YhMx1~$Q`gCPhWnY|C)5cMft80^)o&QovR798DktVyTE-1=Jr|PRjn!cwmbQX!KFKO@>}5VoL|)o z`3l&e1v_FA20Id7zZKmgGBGtBo{hU;bG_BHiJVq0Rkgiygo!bmjwv7We>hXOorE6Ep@s9ByCxoVLa3mJfE#_9SAY zgsx|phk}C^`6kyC&qFItB1_pHudh#uQ(K}>f3`1`wi-wGdk`$rtx z_yp&;v1G|SgzYg(_w9pCjF&wVVUFt(+G#UdwvgGWyjkvo3t#r-Zp;`gUBoeO+CErA z(eh^mR3`3PR~o_$J-4z`DY#vrVjjmLgv@mk2Zx>RzW`2|)T@PH z`hCuaPHa=WjKPQ64k!2nQCaiq$Fnaupl=C=!ue}rwe2&TnJa-hc0^CrVy zW9eS!#97SyvvEuGRl;5;+$u73VAop>H>!8l_b6xtAmwr+v#Xo=J&@#;OyY%^seS21 zMI=ql9+I=$2pT^lzG&jn;kMF07N@Ed{^oF{{tYd~M2?>H3s+dR#AMWTe#ZXq!O*qyYh{D*NE%&KpX}K5&ebEqbXD0IDu^Ti4InV_w4k$vV=q2*!&y`20lN4{A?duSbEMaaB(jM9~d_y7ykYTbbl^Bod6LiF|5*~hr@sJ1jj!5#q6bvk~{SIgHX8!Cldn@%+`oq zV@NyS%C^ju1N6DoVh)|_g<)8XA(V(j8psz=AZFxv18v!TGf+a|lHD=}nf`BIuN65?aB9d+ zMRXd}wz{QyCPITJM zQ=2TRW)RN(u<=a{s-RQe_m4Rf9LP=)QHkbS$!EPqKW0p?1z+{V7-)A zo(N3){f&FF$+N@=x=vl+MS{S^RyC4|{ham>?0Dh7YI%aL$Va&3X2sCE7fIy2kx}e$ z19*7^k&NrSn^O)R7}&Z_XQWlo}YG_xo5{)rh`>b(BA; z?<^}O8oz@#BYwp6qA1y31qEiV5Ny8r|Dr@|9CaRPc|aH|!Sugnx*Cc0E<{9^<|`mY z@#ae<_~yemN{$I7%|xH9B;fH)k7&H@Mc{@Rcg0)Q+ra>ALE0r|r$@MT6>py4;jthW zjzkF*T+A<`DVc7?MlL{K`WS!qIKpO{I}p9K*B6~po{s+dNulH$84p@GS6=?vEUwC0 z5`|B0cVOcQ{th`Srs+&R!p)3|y|ZPcrnn9#R|K9=Hj$!&P2F<%1}?FKsf6Tk2()6! zizBr7%mE{s_#6L+2U%LQLF|X@y|&4XbP?t|sdR(@x)z`IhBq_Z8gA z{_{LBYY9eF`NO4bjN{}@8tiqn6j|*8UpuSGlw*m1yKG1~3NJnkuq}v$Q>LB!OYGTj zG1H0}FU|sZysVnx?G>GqA?cGj665k(*CHS4CH&+#>IZHrva z5j&FTzAfg)A)dXsXeMwu0M6T39$}_3pF^JReeEezKKBvAT$mh7&@?|Jc9TSTT4xcwHAy6{V^PR(2S7pz9b) zxUIs*E$vtAP&u3e$;W;r@YNmborhqf@(3jKnQ%JxTcMJt8^eqkQbSRRLCkZ;> z6KXTS#ynd!PrWOXe!FaVmrYE*5zb7|AJ5|(j|rFX^eCZo0rgJD8pG~Ts(b1)5nEUu z5vQ@*;KpC>IeQe`d1Q+r+fCaEZ2Un@2HT z#6}i6Jkh+)6~3K!W04P47cK*(NzJ5xAF{c4OGuab1g3j$2i~rR&*hYi92QlC2+lnH z&4dZ4t_7DHYqHE_e-t}I*ZDSXgBSo71ZbzK7E&PpLwb1-$!WwwG} z7z6)p|L9|^MI(;oa-S`p`7<(;$XwG>uwXCWc2!)^5LtAm15YVe)4*+L-1ZAH&2ttW zOM}K)QT%)^`zI}?lS06B<>LrDPT29+6V6%B$N;_ThLGw2OkFPQHHRvPja^#caxU3; zWVfctWM=ePZF5{1B!i-+NXpv{3r#>KhX)QO00oi5k+ERxCdW=kbz3%@7X`&=GtUzn z6VMDTepqld(q&lHbXr&z{qQ5^;)p|?St4)}*IosI0Aa}z1@&`@KjB;lN=M8o<$$ww|P__y- zX2{5d73kD}nc`}iTSsW?_)S$2^8pp#Wr>6X+M9VLsJ}yZJY$si6IKA|;jm zhP{pW!Z$hJ()h3?R(=FR>E<0Z(f!+4s2y<&0oceiubTUBiIM+vA{zjb37fTNpRwkP z4gae(&VbMlT?3atvI=hnsXCiy^;TpJi_nCk^pAR!CVD71=y{tM3?~0mbilzF?ZJ(q5VH<3x3GGHL z`fBeLlziulqGDFpZ;lo@!Ujv9?mYNlS7n7Ii@O>*QzaG@>j@S@gp67jxhCd z@hQl<7TaFqtQ*1e78+PQq4!W)r^DxJ@U*zIHoFE1jrJTGa1R(mBk+h5G%QRFT)TjSDK1maOwx~NhcQCARCr0k&U2h&Vm8s#vD(9kQ zQK-D(4pr_a-D5Jr46Nr`9ECho7bFJ|MCBIX<<-&hnQI?wE_0`22nHH6CkjgLjeAdo zRu zwhxepb|wjCuuG}jWrp!dKYUsyRwUVdj|mTRYh|>;d~4n_FgnG~qpZ24G2b&tV~Rv} zj1&`kKl#$Hq6Jp}b;muACBj3QAM`mt@vDeQj*Mfl%W%)H3BJD0sGx{rKi_k+WR(cy z_CMJGV&NQVWw&k1LKzD?CnTql**<1l>v}5dNfZ+W6(e0XYvhMEA0XfeiMu@Hcy45n z`zq0pH5Hbpqw5D=28y03aR9Q<=%>lWlD*p5`1$OZ4bQIeM3Vx z4cDVe-=W`Pv-#XR8)?#^+OkOM52-s7$K~#79j3k)B5&zpAD{t;q4w|lF;Am(M07t- zpU0Jhv=4Eo6y`l&WzSPo3TV3F(j-p_eYtoJeBWvApl68aT~STHXK_g8h>VSLz0fxq zZMrQfPr7jkhh|`Z%xLoKbkf zEFVbj&t5@NDXcACvdKz*o$!YIvbl5f9Q z;EpzmDL5^utjr(Gm1$;0ligMWo_jh}v9~h1FEk?Ox7|H4zO0X@byZyvu@{Sb&AA)z zT#DwHs9lg}yB@_ZJpPzurVngHCmXGv6{~mI#!l}xH1Md4#fY8*2<@Jljn&EO^Cgt% zd0&`}lQhtZ({VtHQ+XwSy#of9z^x8!CdCv8?<`8JO-CRdRo(Z*ojJ;Rtd{P*o6Swu zfA${0Mb3A3=|krD7>8FIA)S7obycr1?xS_F()gdf8eQO{@7-6uwj5F;Yt4qtRkl`8 zcW0sFS`ZFXk^8uD4&h(g<}Bb$l=gZ{AYNq`4n1Bm0T0;T1*uK}$v!*=Ns~>Fhi=Us z{Yn3u0U)PovbZLcIS&cjJfSni^Aer229^{orjF%=M(C;>V6%>IBz z>_IY2L6se)1ee@R^(m#Upfth%PStTouWXoZxA4xz%$|xVFI`ko$BVMOfcF$E(Lw1t z=Kwilk2=P(7jblb+p!mCJd5XGx@@kE>p5^B2{}*w6QdBcCHEE8)E-&K@J_JaYQd0M z5UAeypg^sjOGSmu^Jd$Ym*8_)EjgmQBlLvK>tfI5-Ctxl-_ZQxb>CZWFgQA~vr=1U zd#D(t)@wDb;>6fWl=u}%AXd5u5h&tkgsmvUhzNd{ioBF0SLduUS2zTH_g5o3oI z-#x2nV3L`xaKZtW5a9eO4zs?k6U?ygA9MF7wbHU>u1Rt{g>)JZJ%) zoBPoLnnUOr`jcwn6*dyz19n}tG3vS62Q`*jJH|Sk15VJy#tT#Fn@#Bn9r~0HlerN`v5%^{)QD_FEPryN4DGz@B4Wn^+A&KtPfXMH{PMP7tGVxvnw7Wrk z+>;k3C2P}rMTj-tdn(X zgzm`T#Z9>h8HR7P*i+PvD*7}_+vo6C+J)Xob;MXE9xqw*=$DC=bF1A>u=o9^K6kp+ zA;CcakeSFn{%Cf>aAv~8)LU5g{C0~ap04)+tu<|&ZUK34@t@lyeUr`c;iV=?g}}lwRGMN%ucuX(yOhS*f{W~p+wIK!+Q)~2^j;?9=|YH3 z`c=S*tqNf%1itRJLe&A-Fa0C;O*fdzf@-72(Tk2@!pZRyj~oLm4QyWDuuSldfd+)+d6)pCLsJ;A3-86;5s@SFrR{;8* zv#K(p;V5&J)UgDrsW=7c(P!uG9YC>QhsOn`3-5iTUA0s--?h_&KQ-!l{(0cozgO_5 z7uB>r0q9p4-=G=vw4?csXbSOBcdX{NfoB%mC7{p-n~XN@N+Wa}g%Ou^1agc2A0gR3 z0dAJl*);_MjUBi!*{rZ%R^KwBM{GAkOUeelJ<6)sq_b~4KbLlN?zAshQHi+SpxY1A_mdB*7o>oUyXjk824X^VjVn?4&+q21h zQ;O{Lrkl$y)bXFXF^{w72$+fO&ghCtc7^`_Y|OCVsEG`pLS8)<#4EKsVKTYC!OgYP zqvRHrB~A3#1D*BuMmeD1*m|u|+zL&L0$vTB{Jf}JGfxq0y(E{f$BfbH$-yt?nT+DU z;3Pj>vO{K22k*&F(Vwrw^IZeQHahHS{~5UVUlIEo{KcoyJ%1CLnw#CXvsH+G6xH5- ziO7C#WDTvnwrgOQcqNlrrZt|a{s2bn#Bz;AdA14Sq)5sU8LLzxUiL^`{bM<@0O3;o zwZ|ld$vWxKiN%8#pcYiyR!Bh9mBQlZ|W z7@o#0e-F~-Wgtr zGjb*IhqlBZ*=LIn@Ojpqkb3jXypyv|e?t^PeC5V{Wn~ehex-4HKgisCuo^qnkGqo5 zcgr1u%hD+vAz-&6VM4Y=43;rAr&m&F{)(cn^76Bk)K4`dpGk)z3=d3%bOii$7&S^E z0~*)wK?Q@^BQ*v0bo^PCEl~gldLXUkSmuhx-^{AnrNrpg0x2fpv`?_e4%-sZkX}r= zNs>V=1QoLsFlR3K8I){krg^;1aWwQN$`T01cu>lISKTVkuj_}*sX#t6`OZ=9wrk=3 z0G6`PI8%CUc^k=)7(|F^l0dF%9mK*3#_WK$Pl~&cojqZBCVc1zE6>2o3kY%^!p2k0 z2C!_fuBjVZi*87%@%=xiCbK+e2qN4`a((mgH?nS#EhIsIp`Y^6{b`SD*nQ6-q zWL#sVITg<7N`kZr&0r!@afM^a(@DDKO37uvxbb1+TdDYha7A`c{nx3Eii}_P{BnOewIpMI z4%-mo1hm(FI4iipyNtU$QRwu&j9NKIJ~%8N6>G$SM``95ow$2naRDjgtJYHu`)#XC zp$Xx`PX1jzMTTLMC1TA?#YfUx@!{bV{g_#@z4&ZCnm%KveV?q%z?fRhh7}}anBv_S zr?-L(uS>?po9pV}cvZwjqpJ-;^!Uj+(sB9ynFI6B&Bfm{kHk5!vZk`dhUk+1!)@9& z71piy(tDXP9bn!nl~ObC(qrQB6rX3SyimS>M$S1zDqjHY^f6Si)<1kA zd>nrtgVy?>%5wHuMP>D@*ZkwCq%{L7E*&1_avih4y^CZUx&z`!?qQWV7>V(o^tl z?8-3DPNR0O;)dsBw*UYI0J7c8>2zxE>%})#YVNMUh zl4dW!6FD%|d5+kogND28h~rctpM2ES_~P}*P!dT{yaJ=aMd2EM{WwMm&*@Vz<}4o9 zSwl`vnSHvUomAwL_#!-?20Qra`cpM3(P#Pk$<3A6Pc-z1-#J|<*e)Sl^(hDOU!oF` z6_lwex9f;SQN2o!tobPxJ$B^}p8~R5j$=70khoZ;)sIV!I+iV!iv=hPf1)>QgRIaHO%ol07{==9}fQUDdA&PMC1KD=(Z_r_+P|g@@wu zJJBqMPNe@@a8;%J1gE5Jgu^h)dkNVJqAi*KS}Pp|)XJMZITQx*=X@?aSiTH>b^UQ4 zzvl1aGM~c`#}5{tMNmWPjuq6))oQD1g=WD71-)BiyRuuRGH!b?;MO=dEq>q8$f^+O zN-brT=Rbl%HmiJBtUfEp8R-7YqX7>bo_+(z>u8b|SXH zEl{-p_#sz?bx-#_Yh9+8fGzcJoe_U=XsNT;o)xQ1bm^3o6-}H+E;77FhdEcb9v^tqG4&bt~oPtI4elCpq5C9QB?}x?+^8 z$E~_VyW`hEu~Ebbv9Zj5K0 zE_~;l)OskWNW=$O+{gV9FPtMx6O_fbTftVgSMK-ldGhu3x3DG=L^0caY&UVI^sX!x z+*=w>W@y3IeuQDy_`%J`P|`7|!9#mKy`C!Y;Qi3Qd) z)~E4SC={7R&#pv7)yVi(kv#iukm`K-uG^-mVisKc(^IW`|7y}6rB^ifoM=f>39|Xc z<1GuUt^9gnocs-)Y@(D{*7LK%Hp3{2WQH`}UkkT4V4SxrQl|fn>oE2Fir7r^bpc3i z5ru~LZLASW!K|_h?$CXr zwac+{1QBFl%voxA>^6V;-|C>Hh)9-fzt*n{izjNUOClUs#@_zhILL+MZRsVrY`!(i^k z7Pg-gce`&x>@$7Lx}(@w^+L@?M2T(pysW#8;AL}r1N`6(px_i~@3*FF33x_JQogcp zxauDauqfgd%Jt?vMsTKDe)m-sm^Jro7l+z|hREfD_DUT%9a#+lWUS)0i_V?N(5bPb z;but)NgC*aHQ%P<@1v`7E<+1D=GB|7uABI)lsAGF+u!ScAH!d8*rOg(Qp(HL?+}|& zk6JAn+6>>~{a5ix8c=YWMJi%G9$(C)U9GFO>Ur2a<)Vn2KEpQ#G$B(~)GR6&R|7&Y z?R>_#MbPPiL8WL$okejaA}g5x1aTe=2waLlNC=h9;Br^!94{xBV9-HORyJP74K>m`_6w}9;cdf2e^u)~xM}7~!(_*vHD#v#X&!K#Q3#nZvNX=Ek{IJ)1 zo8=5WFTHggvoI>q(aPoa}jRw|AHPeEaz?t{oIc7pf8POz}JwOh9o@ zib+>wR%l{e9+pz|yPf0X_(VqohRt`}?*!3nLkf6;=mZNIS&J2xrtAxPeV;mJv(}~W z-Nb96T5HSgw8%pky_V=}+hXOLa474v)UddqdGQg*N1@WWL2V<&qfB3+jkQ%IiDVh! z5~1T6`n13GL|#8J?RsOPIih{DVhcq4mY_KK56GvIupAN$l@|0_H4rKQvDVO)i%H6^ z>fS$2wv?`NsrDf?T?R|PWLY{ej2?{^>u7s>TnTZfdjub29pL}{PU_3?|6tfJG{x>! zC*s;&PhIGwQ|)}?H$FuAGp7Xz+Mx1evCr2&)KJ!IgU*iza6W)&I7pjSd5D-U$Jh~w zN)dW-66z}>N9A5MFq4wRC}F5n`!iSt{@VG(&iSJjn87rz_dNfG%|H z90I@1pLnZdPdy)7xp8Pw=JFgrzKf+ms!cs#8<>-Tc{)o(%=43i32&rm(^k|u&CnP= zT)MBx>?`KC&u=IzUGD^d8IIJwv>t9N89oJ_sP4SVPiHN(6F_fP?dEr5&11-pJ2tHX znT%6qH0Yq}Bl;2^=8xPoJU=-EO>GxgOQu%y2=g52Gm7=&txRshMnbslwWF_P#9BQN zfjj?mZ#u85ZlpZ{XbZ70v?lVZ?3`L1LDn!m_u0|JNz^fG&vX&28IctWtMTHo+Y6B9y}rzssl2_ zOWJ3p#D$&3cphJ7+|W_qorYcr1tQwSfts$YevfJrLXlWnZw9S|(|z@SOS&y+a$9*M z`Jd&A#G1{E?D@Ek!vG9SR$a4FS1NS84MyUO#7MVGZ72=Zj_WusNT9nH3NO%B@RXp2Qw$@2T5J`&o3 zY{c#A=)9u=3qewyso)ie=uX$GWLsRwjBez~v;z9#2W?d#~yc{s0f$A zb4JXkf`H9WPmN)rYr*=R-{hRSoMo55HJy-nv}^kUFI$!|)3PwlcD|C|fF3(C^4L<@nnMB&YR2jQA;WXXbCRz6?i`T>?kp+J*bbyjgb;5n@EZ#o*kr}h* z!Qs2&12-zgypwpUE500rj&15#4h2!E#_->T8H&3Jb6N6P#&p?77Y+iF^ip0q;3alD z1d(q?$)*Z3p0Gsq7tD)WMZ{v)@r!=?>&&a+&Q<%)fpRDuiKtB8UL&-!&h_DW^|Y$f zqPT5(-z_PgLvO!p+jUzt@)*65o7Ck4;^z5b+XXu4C2!JUM4u1VBjaT{hhz5=vwwYHrz z4!_Z~vaEj$x1T4u*g&^`2Ea!}>iI;9%NvQhl#Hx!Rn=XPdFOQ*kLPF z&DN+ru_v}|+qUgwV%tt8wr$&XCbn(ccD`&p&;HIn=RN1T`d4>Xb+1)b-Bk;B)iyEn z1~VdQS@vld*JmK2KGaiYz2M#@jNz?w?0L86OD`u9{8THGq*Z=ZR8pc{s2vHgXZ2`2 zTly`5g59riYnz?$io}A;K#34g>+=ewPyzDYlPXv58=nH|7cbIQNvc=5_amuDHNp+% zwOF4fS2GtT@_d+g?T44mnZb!BoMXSrj(u)3Xh>+E#*5P|9iP}H8TU)8y{#bV4NlX} zSbqM-K+xryjbo%aRhnHtWyv%S6axZNAdqz#Ilh#jaxWM59bjZK;I}FJgdoT?XICGY z*4(H(pm^kCnv#I%mhV0`Ew4LpcEWxI?I=_M% zJWAS>9sh;>8CWaALnA<<&_o9wbw4bLthkBjz4wDtJK4`L(Glz z2}^J`;l_Sld7lxcU=Z7^dP)_UCC%v{$S1e;L?$7C#ri0`20{+>A+>wX)cf=^PNjUI z?5>#L4DBcQCC!eC&{<>ABhAdrprK*vxm1L<-}9Mg#~pR~Ii2zJk0u|gfnx3!f5L}n zwTNbw>gnoi!s3LG>U_Z&5EinQ+FN>iL>8(ko*G{%i)b5MrAqI3TPoVVf2gJMWa?|$ z|0f<5gJc@!;<9tCZrU_nU_65xT*F66rt9O%w8g9(A!ze3)qEfLR|Cg(skDW*fz6!~ zC5ydu)g7qUoHk-0xS*17dc({UPbrZ3@XD0gS4*b-8dz7l+j6Dp!YGl5|||lrCuF(kfcnB(TX4f~qv8^QMR7-=6HOx;hW@W{SG4 z6%Cgo%;mL9AnphwME>~n7G363fBZFsZ(Vffa+)EU=3FgDZtUepP}j!?ek$1tR~%$j zT9|UgOL293X|)71%OUGGg>4)x!q8^&F~XeRULcTJ-||SX`*YzuhpOi6+SLIk=d3~~ zGZhI5g8!%`ZJJv_Ic^zy#k#nL)NqygPdg6bws1Ej5dB%}i@la5VJj-q%x;uP_}DM- zB0cV~v4wP%Y!=$M&{;uOyG;yAvOu*~J>0lMB0Q=ad`lf(P>(v;ZLLOJ_YJt{fMdGy zy2!10w{E5`fbulD7V+spZC9H$#mD zpxc@cK8Rh@h4B_MA7S?`e>Pxdry7&*%I9TJnU|TeuaJ(UtRxy=K?b=9^Q~6Ab zaNqG)1@aAg$s&bP{TZzwY9IGh%pIdn$8+kfAl}QZ3ssJD&St+gJLmnmOa%l5;Z|v6 zeul;i5(klNg%unl5k+PO#_cMyWx1pYJSyimG+=O_tX@biRlSgKH+Yk)h$qg^C$zns zb@iX5+8tlwh99xm2wip&lI5OA{@E~qM@6S-mebG|5-ah{O-)buV%0@`e7Ax;S)bW0 zsHZ^vE8S%q85r7yI-uJe3{loQf^tO~qSYQvxp;KP1$%%E22&Vw^*<}-cH zm8OtW8DhYnmOCoaA^EKOvSy#(^T~l-fA9A;t{Y=fQ2br^ir$zW_DPRegsf7Qzq~z~ z?s3_kQqI~>YfnnVImF_4!c+i!{0p%v^Lc*B`vx%|g zNJPfo0D7ZD>g@PC@(kBJn!56kFp!XFl%y7f`X6yl?EXPZR(C3d;L|oFE8+W&@486c zoyah~<`0i_=-OZt1%!X#c7tO8(m_25=D{KbG>auGPpRWj8E|+I2TP^rwu22Fr#O$= zD2xsKl@zfv7D)p{G$9a)fc%x!P`sQrbS1c)69hnK(jt$g=snG1F69LMiIs}L5)&1y z@Tn`xEj4_;owollT4Djv-n#Mz39f*Uv8HX~B83efvk`rJ?aS;S#Kc0BBQ6IO&ex>E z#|pSZEjdYqF^~367C7YuWOzU!+2a!!ej*MPk%_oy{9?n zw%Vr{X==e=!I|w;l`m{i)|L%^C0JCTYFFi5A@v9X3ltvX5{Xp!engyBg^nvNibchG zR_*iDax7`5-3uWHK777NWE?vQY?q8x|HOwhmS0w!*J4U=H1mDw79)8v^pz2r%D!Bf z5iSktXkTwbvDg#BDr1g^7Q*1S8!Un7JMBm(BOE!JJ5XC;NlFzt+O1WG38nMxJL@Nw zJO$M1@!}b{T(#Ta;R%PK-a(!slNZA-<7HOiK%UH#uGgsj*39#Qtf+%(D=^ypg`gI~ zUrBY%QlPr&IIH&1%J3*FXvUDwRE-GXI89apBe2%-VsJ#n1u@LQMQ_ERd8bs_<5Xxy zMe!6+lm70cn=m=z%&`xTg+6vw`X3@AoU45x%^r5po|*Ynj;hKUY2#WZ!>>q ze9CQfDatqvxQ74R8Q`mmcuWzPa#C5Q7V^FFx2|hb-nvjU3c$0SWzxR&B>h@skkf5^ zVhkf)#X5ne=%VM1brF!$&~RW1E342p|0 z=CmN~_K5GODtYMrP&?32S#HmWV!p;RUDSAZWr3gMW9m%{G2k_|X_G(2+^JX#(dc%R zNFxDN8HJLADlx`jw>6upwbD7?oilJS zSB_oblm{>eK#0F-J(l$TlUkyS)eAJrZ))SI3?p{N>nU##eS;XH@C9yR3pjVn^`jHZ zGn<&F%~hn9@ud3PFV3w2&$IFypaUk4VM=%j5dKNV#H+coa1$WaPU5=62t1y|HznpG zZjP=(oe`+4M9Rj6QOn&vXWC_noLHEEf-CGSlcgBSewOs>w9P0)7AJ_#4YCNnaG<#I z)GKH{;+5cbX+re0?e(RJJx>0aWvxQwTpS3vlq0j3_$Kw_?t~UFl)NFPY=0IT1=Qe1 z?^H22e(|ox@zSs&3O5WukBPN3jxFI+zjW{M)41CYqSS_MM)WO)CEUN@4T-84Brxcw zoH2#cY*}F-*b|=aL&37C3r<|N+fVU*J3Wfcz%RF7vHk<5OVfc)u$vp#WW55f22AYu zO3U7ftERIhEB}>rPN4oLbK&8@t7}=BBs_IGg4(wPYSZD6`oKz4@R790bq+ zvyGC;-UloC`$o8qXoOwlP6wc7Nq;&@G2yJcWK4D3&FnUu0B>_r6JGta8ZHT8p-9-f zVH>6_GJ(y;&`HScbR2V(NtP>H=p#b)~$1~X!m@wyy89E!(Lq<&9jVm zEK0I+gk%(C<1o8jK}6MirrPx&-TPT8lH0XdT4x7&CoIZ@_V1z;nbEqWUk-n4*|iMB z)*UN6A0ctn%eWjYN{IslJdG2~ommfeFB-ub!&;eT-9cf;b6v2o6-;=&f-zVYLe?$U zTy~R=Ez}1g(@Hah7!%FZ>jHvnURNl_9eY(pQ8i^_E12O3vxD%|72IXZx~I#`*%G3l zysq%CEKF1x+{~jtaD`RQ@V5igvH+{%JRCjJ{1WMK!QU}<&D!dffT}8L`0WFW98*EL zB&W#Nbl%B7Qv?~?gJygMc%Px=k*TNbuJXFvU#}#gzM{Io03!)Q-I!`*!@F0BbTy!v zC(em-FgBu@_BX5u|5yiKCL>@tg6D&h7sSin%9c#zq5qgvAfi6x2!ZBOh!eQkUv1oy z!%axD{w!by@n#3Y4+33)mcK@4glKH|QDF?3Ds;pq!Yvd&bGbyPF)GT9uc$~k>BtCh za@2dKpe~P7cT#Ov3eB#riK)6^VS!A*IhUHNt$9P>9z!|Hv;S@GZ^)4=k~w(0FL2dK z@P0K6yaQXR)5WXwl3;OXk3_3*ExFiuZ;jhInX2Q`uwA%u(oT>SapsoY#BgURwWjQn zVUn{&`OD8_jE@(X0wHJOo&O4kHYNJUg^xFRt&01N+kA2rL$kW;j^_P~Ns?t4W7j0t zpdU{w_bB5u-pL_4uu2@f;|?D9{=A^ctbaikrJaRw&B*G4GUHF86K43K=hdL`?QJvD zNmk@2t)1Hwnj;!MIy48q?O;3Ixn?9~wzv5lZZ0XhHtD3VkBL*xAG0%RJDCiM`RzY- zj?)lh>mlO8untvfInyZ_rW1in*gf zsb=>0wUp>_ce2nTZ{L<%F)SagKlcFfJcKzGt9Q_YgvE>y{pC#~GEjzZJPc3luu?D0 z@VaESZApnC+kFkV`#u)iY{ObtlFfPkhK}X8pU@ubJcS*?9PC5&`4b)E3Tk3&Nr1}J zn|pDN!`#qA)MfXLeM03E?}NHxtj=RA*PCdQ0kV061A}#_aVR)idZv*ih0&ebBO)Su zB^W;fjn5o-R-n8d-&)P65CQw^1ZlwciXXID?3wEtvj6InUu29>#pqZkN}SMO&6GAw z(yCCWe2pr&WseeEp#%{Za%wgjR4C&EE1gDQe2QqwQWR8%_J0b2M=hd~6+{KrfqSU%L%Lz?*T|=CjiNyegbz`z)%ptndyfui4{=8NRnH z*OTw$;aBY?{`ChMn5+y%%rijfED3+m!&u}|9s+Eayl_%O4znoO)?i;%jLnTX=A>H- zd^zG^>X|vs0X|w7FI8nBgML2u9v1Ap7}hFS^JBBfvHy@gmMHvqOfie0x5v2eFQT{6 zKQI^6Yp)Ho)M{6otPhIGv@wHX&=C#y+GUUM!Lx+zbj(nGT__UlvqwExd2NV_hGh;W@$x++i3G$_tozU^9F8zn!0@H&P4T6&x^G+-H`V2 z|DdKZz9`iO(yqfUQELxJQU8$kVdvqH3n|ydb(T{wX+oBe?!@4@%t4n{cQ&$U;__4I z2#A57eV7CFhG24yz5ZcNlO#|OOH5uq?VS(C|xWyyPH6OdUP z%5U>SG(p;As*fp_G0&6BI8#!-(5?k|PHM-e^U)Yl@UN!BX^Q6P4v^X{dvNSyk4i5F zbT{&f{%Dn;hfW*5^G|{R8OK7jHh!^B#(h8_}mF_g}cX?TJ0PNdxE6HJeIf8W-SQ`UL|G>(q+c z;L0j`)kZU_CyMf;FpYSt@`jo=uDiaBH3KX%z<5b zIXn!kJYGaESTTPXs}s=y4rFh?)s6NF2d1X)uX{fFq&+1-d9_FLsF9vj4mt!`bdTK= zx1W$`B`EAb-ohO`HFDuV9Lr2ZSmW5{pD@%d`%B_0F`OgDzbP)==70p9U#*0p$f`^O zA)>0gvw2(j@4)g|lDLn1DvWwAP9M(`wp9GJWSZbHIiV$wIri1L-^PwsrrCS- z9Z|>3eD%)szY{SO=gXjm*xQ^9LDn5*FkCK70nOMLkAS!Y@L_blzM%HAXc{9Cc4*OU z&oJ#IC1nhTs(^kPB^%KW&CiS0daKfmDyPT#$bnZ@3IS=N^ff^gKY95TD;Be{v`JDc zDe*Iej>&M{e!25d$f=YvX_+}xAMIS+KP;=tN%1^7jqrIv6MR%eUKZWz8~O;GWk|as zrT!cQCW4@zU3!N};XJXfnB+3tp+xWhUgDEmQc+u5FpDY39GNeX+E}=sFTtDoQQx6f zygua1ej6qxUq=;`(C7y1DlIeopHHZ6e-`ocGfy%?8yZ5LO8KaWJdM2&nc(+xZ!Mzl zT2!r$D7a8ViL9dYHcFPa5|wLQs5KhiH%n6E&uv(VOcp)w?mKOi5;|2ybmTSXJ&vKu zz3nJIe06Dw1gYQFuzdB4;qwj3Hv8`iw}W++Di*Op&Nnf;5cz$H1S3O?ilHGKIpE*pw?&aA@K z6_f>qy#0OTZ$Jwjz!m8Rz10sVX4TWYhMkYkW~AFMiqU2eYWwyz-{(!}LAKXBt&obUS;OP;dmD z+c;}1#??`*N2LEVey3~6CD)q*`yv0Uyb6in>qq59qV6)dwnkp{yzxKjBtNy-gT{`f z?og_>&qwx##|mT8sxm7??pHL+V@#?V*oqp+tRoFu3cAAx!uYckr=m_OxvzCPgZNVD zWg(mtg#G8Qx^om4bl@(vr5K@y4ceM~p*y}rO*(bWYKQ3^KW1$dK2h47HADDWIhHcr zXZz{ee9VbZ9bda6I=W?Nyb4I&1aS)zIoyc^z*UNy=BIybqGM!O%%%Zl#gu}PCEEpl z6Q{Iu2aGzC`CKVbKFmOa27}a#d^IR7C}{a7FKKH}7nsj?tYLzh|C7M||3f=9umFC1 zLT7&`#WPc%rn1LJ)X+HgC?uoQzdy@|NnZ+R(~SP3F>U>PA2Og&%k1PywvB+pn)Giv zDhm>J(GgL0tI5>NgzR>__xHcdwW&JJg=#te$^`pgFi2@)cyeAxL&7=B%IdS{Kr;Wl zX$tXIU;7cd1Jr~>4jlVRWNOq(g@nDq|FMD;J_Cpb7&!|K+PYHNl`P*!+6Rg=HbEdMR2DL-IlJf08?ut56{o`!96 z>JtJG)hcGdH-1#W9@!UFHAQxSK-Xq_j;(7B$qroBMyD)R{g2 zFJEt-%Hq5H4>$Y=M%NMgJ-j+kENf`~XI1~}%JeBj%}(b+w!r28_GbTG)D`g`oosI9 zm-c_F{67!=*Oi=w@A2VL&KtP?_mtqjEBk9Qd`aYAn(xJpY2HDAK-eKIMg#)~J+doh7 zQs4Zad)YsWH&6ixjii98^`Niqt;e65B9tv&HZ;+zf(i>7%00B`aFW`{ zvw#O)efW;2VlZ>MQ)t_slpQP@KQLMU^J{gb_q)zbNy7+yuf)Y`9}a)$NKy{RfdwEv zUg0>>xIAEE+Sb&L47-(Ndl>^TG`{3tVV>(Nav}15|2U5JtQcFK1J|2L z;cx-0I)e*1J+;^3@IV0T-UvJQBv}Vf>E5K+{9IcE{y;eS3}g88bxH;E={!pI*t7)h zSi6=P6wc-(S;1JJ!X~MH^oN@gmu)ocv0TCtc-!P#;(_CMDyU#l>LLt?y1-|_6tNx- z>e;4G(#AKID*x62p|0O_FsS|bh$({&^T$`3L|iV$CJa4XUi&muFMIL;od(GuaW$&OH6^Y#(>t0v`DcMUw;_OgbQbF!4B&b z9ue~Z?wQE)S5vmfc2&`fFfTcEG+D^0jTU&|Kku{V?__55fkp#Gyy1Ng4|;zrsnQ*G zbwMKT30#y#h!k(j?qGsiihuczPjo*bMXEdC3RK{u^2Y3JBvMj+!#XNltqIN{ibYiL zt!_-Hp%#;ky(RUGB(;6MtkefGn`yqh7r$N4Ie6Pzf9R1C8z%u^mweVv`AzZi&AJ04 zmuNBOCZ1Fe_h>eBVH`tX83CjLH!WPRxIlOikM#yKCO^O$*JjDjgW2;hed_(RKfA%) zIPbdwo~It$06P{UfRFK+Nb0IOn~*dDESGmv+o-BHZl!cHD0lyj}{0VwmbPZEC z`PVQo4FvAR?H}!y7END&qI2F%Q(5*yQE8P3EjP^*4{1|yrNEKF48~iJ2pg6U*(crG6EQ(Aj-2_^la3FKA&n{M`+JD|+)NPpxkU)id{BSk*t)+O!jpw7d- zEW&9kf`F#Q-48O97gvT34>xH0vuTDLi_0I{4sU%sj1Fl|ChOfBW@ywTZ&?LU(9JuaALv(%^K=d*Shf+HBeX{{8n!83>qAp67@v;lvC5v`?^K;tdBmJ&!p*&rCp!5N<9S z8G`nnluEIO|FjjtvtzQpF7_YPdVleIDI>kYF*M>Rn_hoeI;@UZFaJ*Oe(EzDYj3^h zSZh)wy+2(6!spKwLu1DF!E^%K^l^t=JY}+Cep)g6eB^r2MElO}?gHPM`V1&U51iPd zwvL5ZhQF2w&!h|Lh%%ZO{*lJqEuYJF{yNe=A;gEqCTCXaNgD`!DnzkNLM1;Aw;%UNRw-JkZJaV1*QnpN1WF3-8z+siC-lZ4KQ0zr=Wigr1g-WNma0obxJ* zAvO)qLud#cpvPo&gMeQBWLX=J2CUbQh39*}{)mGezY7)T!e_|jCKGSXlW-u|mO5Gz zy%o=&JjzzD=UlV`g8hE-ClH#&f#$J*y0SISeA%$&tt);j#5gT9K!uLOqf zg`1V4rD2q#Q0IwpP?e%57D9^t)!BVn`zDot2o1lqW%11f1Z;YVZkaX9?O@rEY$tH8 zr)_q6$O7Q%5tSz`9U+xg8tf--52DydM;5OcD>xdxS;%UQYU`KIy=&5_a^}wvS?2z)%iICwp;)U_{j@VJL*9IwQdh^ztH=D77bpDPNv zHhAN}x{0b?eCE9knM3r*4Z6I`j~~?w-N9!F>dBRc6hu~YEQ*>lCryj>TwVG;$f>!J zn0+tvFMFQufgO+LoOj}gyvPg{e0A@12o>rx{+dNMKmyLBy!Hd3c?+hv4P&W>M{k!) zfAJa1q|V_4kZ$^?x{&0Gk`k-rmR6vN-a*;bhGA(H>>tUVU1IgDMtUT8y)XjCoA3s} z`+M+J8MR4B-evUA7Sn2sKF=74TMuFwBCFT!N0uaj(SJPRgIkny@kw4>yt{(17^AMD zG;D=S3?R;3@pWHzv3WEB{+YiXS-0$HHV2xVF^IGvM;lQrCTKeSp|Wx>IdbLjX;CpT zF6g?Onc}z>8FGpO`fc%DU`WUq`T9D~gm6_JSQ+}t)zcLK?ypG|=)nt;2KVHH)c74H z#t#V@5+eMkVSoUcy7AeJT$u`YQDfZ{MBbD?fWTCmN&qN9dPN8&o{5C2P6!;%Fm(MY zvwq!Ua^q@Zf|%&bEo*-=mGSH{YhgzpKr7`=Iw=S#)1jV@t&v332v znR{eM_ZrlYx7!uHc1Ai`OcjCTI zUd$W=bJPZ_EyM|sP6qN+CTFC<#S&V^b4InhpsrN&^ak9$Cc_mi<=2E_DTW4~>cPZZ z`*gRdF`>;LCkCQ#b}o;DPEKVO5K~^AFpMUX&Ge8iTH?5z z=*>^ZzN=d}@$dU>nKb>2u&AT1L|3o)EuavY(#0c)HUr)LibULNhI!8#d>vceFT zIrla;kO>P19}V%t-@)`i2va3{dkgJ)_@HQj2P*I~39jaNw^-ShCGpo=8_?Aa%A=bYQs95x zE_DP`HJc>0wZU+VE|Z_cRkw@O?`j^JR2IJ8$N3Wc;xeLyjKK5-P7NS`S^%?M2HtkJ zP5tyyEhDud#%yk40X`}2-yd3Bu+4~t(DZ`$WobF4P_=4uy8=%BrAhJ;B};rcj?WENQ&h8pT0K(^a@P-E zWO%21h9}=V^TmQ=(9p|25fwWMzizkJJo1{1EAoHpgzp#x5wf#@q(?fRKtx_&wGrMt zt{z+I?TxFAo@aVfChzx;71B&D9QH$GNe+~!HmuAlL_xsM}`l&^1%L>wb41ku07)etrA z2Nq5~yLwpA9T@9R7T6$z2vQ<#8-k^cn6!3l9guR#u+&L~u$*p~ReV^YQaswZt|UwD zZ%~gM!wsG0C8z=zoP0(UDaH^`wa6;dy>ExPacefHQcT-`nA6FQ@(#W9;&%`2$7M4F z-h4lBrE(r*WrV)^v}ANf`K03*85i~l<^3& zNUIl1)lhLHS;rlE#O{zUsRT9B(D5QOieGbaH-ZNbW9QR5j?UnZrTB@xbo*wg-62~V zY492~QGvkr-{xWgF2$xYC!iMRl^&(w`1rzMo?klRYrbJkwE1rvSNWqwtl zuaoko7e!UQtr~IAgo{l3`1c~~)-dxRQnX1f4(I%9BRVH`cWnf7q{1vc&44l(GwJZ? zMk$D?LeT6g+S5AV{n@F}IrN?S8AT)yf-O9qsJrTL;{CwJaYh7tRCrH$hgJps@j<8m z*x5LM1|%g-jakDWbizokh?rFq`Jq{pW&<|ONZBdsop4Ai654Zz>Fk)$B}VG=L(Ctq zdUxs&-#Zq0hp8qZlHX${BhUl(yK&$Qte-McvBUa3nSw^Wq`x<^_6!xCBZ%W%yBmqx zwuP6?qc6UO>q^TEq614c;Eri12Nw);bM~lj#f{xkPHWZ&NxN@!ry!jdZvt!S>>{Ol z&W1mTz9a0bBz^Ygmk5xOgcCSe-y+H~TP^{Tr?odoFKMAkS%x2Cx>25THC}&+6KHIB z`OwgE&3zm}sb{P{|6Z4UySSMgY2+dEshd`$KH)fl^@2kr#T-Ie%Xi}*jg^jF2)#;Z zMThUuxD?JcpJz+#Jj-f9-)DMaLz&n;E@oE2UYbH4AI^k_{Z`SCd$I@g1KvFioFm`0~K z^NQ`*B!x>aqzGNpoeYXMyGgEh3In4C=z3@?WLjGw%%SeO*Cu-irBH!XV+CCiw+~MG zS}m*sHLGXMZAhLV?XJxt$P7wXgjbqDJ_1G(b^Ahj%`mm|=j+B3RD`6g$lWHa{!RlT z8YAPJSpHW5HxF!dF{wG2aC<$S%ca0Mmp6(ug2!%FDB?72Df{cg+@6N63BAhat?O&nt11EVA7#@}UimhCj4JZr&d7`zTx+>VaiXdpK{; zAeI|%`JLDLd@EGj)2aWLnJ(s96YzJ;qBN2)ku=<6<#@e)0_bb8J$$%OI~Ov&mq<84 z82I3uu~^I68>G-Nj}}tyyvNJ|qOGL{uxOUMED~{v;fs57I{02ya&@3G`l1V_Q$@zE zmS#d++OUl{4VLC7i4hhshGc8!75_N%ZB!h~TB+LZGle2j<-WGa#E2#=e`A(eo}7LB zcp})2eUgG_EgLafWzna4Ms5XyLnnT}Y8b_up|=*15ye4CdSRt_C?BIb+%bWK_S(kb zTvEmFyHS$gHeG&>+KE`~m`MhoYgY!@9jnA7&BDRf%>>d!b!!>F&t+V#Pb?i53@?e7 z>-6zAwW=9>F@BZB>=-8K^((j}c~{Blc?pna4nb#FQM%jX_3um>3$vKT3i? z+a2p|{Z)B*ufA+f_#-qvrHqyxb&Tz!`6X|r^QxP{*b7&1i2Jw4D{-#;sO`9yX}pCc z>nh@8{e{?~J67g2vh-eDEKNvK=~4AS;pW_sTeowk0bPwz;X#Ef=cACM(^m5N9}IuL zY7;%Shp`DI18GI3I6G&@t3x)5k8SFF+>!~{D6938if9(0e&Wz+?cW5?6;3F8un=nC zC2L)~Es}?h$~etK!Zm7Hmr70A$Co-ub<94IwJ5Dy(#O`}l;t_NTmbLSM%oUo8`HxO zn^p&|oN$%DTyoo)S0U(q>S+KLzD;3f%!M;ELIH&+03J76b}xwZstCH;y&EKPi=Mx) zIa!sd6Ctdk3ZaMnKd;T`?`WV9scm922xwhh3_I}hC?NV=ya$v;{G|J%^rkDHK$%IYgMd$njLdB za%G4EUH1ou@1RtdNT(rB`%!p5Z61Ln?V22amq(w{XxT+cMz#g2_4x(>@2s(fNVKz* z-E&jbpm$#_Om}tQMJzq8LXqoX#zXTZogg^AB;06-Z%jpdwRZ9>HF#6JArhifu+vq6kTw+eypr{KX$|*?vF1 z;8Tc|$c-IUFPpDnVrH?n_CD3BP44x&8j)!Xz7fvV^?RB4Fy7fpJ$N8#zO?(fmBul- z>-unNNTXp@me6Ab>qXNaJv>{~JYS^cD0D>ay5?bZY}JpP8~ori;j>kO(PajjcO34I z$2qH7HnA}))x+%pO!L&+DDAOreI{8iXLkY!_#Fd|-9xkOP~yFrfm7~VAXW#RJAqc; zmYE@SieJTn=JhKlK?*8AzJ9p})ufw6U)6cysy?5<-e=nOM>^11?17$65tTtxS-5(g z4T*8Y@JE<^8oA?>Tv~!~CDlv&4ZYGCew{ChKfFVxXYG4qLKY>|Zvxk$#?1X5>Fca{ zNnFJS35krRN}=4@*{cQBgUEzmI-rt9c@%0U8tk^=TRGCO(4B8O?`+({f+=4k2!`zg z5Kf-Xl2Kli-jU)CtnI%Gr>Ild;n$+OBX~<{KNj0F4cc+Y$4%Bw8ke2O1P3!jj%frw zjGC%5({`e8s56{Q9TjmK{zz!@UM=T`KWdS0cK4xNO6}hVsCN^ZSHKfuJSg*;Mj7b5 z`N@a4@g|=qnOy9La9d&0nalP?Y3BGVmielpV|N^l}D9OKfje*kLPq46ZSS% zhIeGq0~xfT2}p)a+vi&(E_2y@A@97sM!Lt;El~qrmbBzsaI2Vbk51@92LE9wx~Rk{ zj-|yw8+}aWmA05tvc|tXDQPV={~WSDG6Zp}zS+$WXk#7rr=FFO)^`bCNy2gvK{^2( zW#nybhLk-8A$ok$j&V>_o?+R#WO2JrDr;M=x74rL_j$=`MtiLBcNoC=a?wy5hjCe* zT8WYgL5Zmz0AS2(IB`w2CSxSb?mk%LoeDY0@aG9XfIz?l_}AgjXCAa{r~DZ=MYllU z$SPyO+m0gJ_fDOcO12x+^(1YZX+8%+ohVnz1Xix4K)U2s8`!Q3oON5vfj~8P+O%{A z_Ja9!5@vB@IM)TpDD{f4uzzAx- z`arhnOG+)^Vgh_)*m+HQ-u?@QJbf#H(&zC}DjlyU@l2-UquTSLhMy1$OBEQGM>e+| zo&G7Za5#C1cD{^SWklL!zP}XBC@6Vn>HB*>E^&DK#Z2;xxnfBsz&exw4e{uCDw|5c zg<9;(MZ9bCeI0J+)veyiQuCL%p}R2Sqa@))bDp>bVi&qyLZrzIgrMbb&k?gCs9n_q z6XZ6{cuQTFAtQ(q^(_pHAYKSq@-?d6$4*8@@Hs*5{vwY&6rZPFUG;!VjhGu7(k%CL z8@UZymRejK1oVQ1#EVa+P3a1B(ChE{0gxd^?};GpxD&*N)k!b5>Z|_o7t@0M>g{Sh zN^U#x-CU}x+W`+Z-Xa1{Ky#E{QN25ith!k0przzWSE?F;@aUR!zzIcl`0Yc}f`T9O z7wso(RQ3GZ{gYvIkjFhESo5)0MbmPi%ULu1g>?cO0W3#FG&_Bz&#wvTt|0ik(y+H? zeO{hnRSjm(MX6TYtM2aA+b7tYFT|^^Th0iSTn}k=0rj_4B(C@07641iwk3P@l*D1p z+fORF?FaKT4wltRJq%6x&{IuwYR!sA&VtQ6Npbyahcu4XMB8C^v5G`OyBymr%{Te7 zPe~eS>y;K4W*bqXujda-uOIwRaHm6Hs@RR>$K3TFUmI^w zTW%vnTXr@5Pi~DrRjZS{KWp&io)9%Tjbujm@eWs={q#lmJ03%gdom0K%w!Dr;sFPL zQvUuP1GV^FW8rctskrokU#y!LD)5Qyv3qkp;Vkr-Z71N9o+ufa??n)x46P&{fYewg z@`>Eu6AN83^Xd`%m%OOqzteqFvR9gv5YxrlZ_l!$KE9$HjZ$&{ZRk*v0KABQXchTv zTVQG5zKopEXx6-6T}Zwnmx!Le)Zfz^Z@Jjf*En2vOB}tF$>z)l>1VyqD%<~!N-mzx z)4~s-Bh>D=320DdFr^YDWAK9Up;h^OI9Wf*V*Si_!t-j&d2{0P(W&|@cF6i1V+xG> zh@O94GWo|OAV$`5h~D6)$5Q}qA_%9SFEHql)kdW~(YsZj>wvA76Xl1=eMa;C#oi^lt?3}){;yZwu$ zDb`uky#5vhxq>V(7@@llP)QB9;>CnHA-QgHNm!fRM?-UiVf!en<^rfmO$v`Fwy%A3 z6^$~=rjt^OJge%pSPEsx3Ad=J#e31_>W4dMo&cNmLFdFpH`;(3%e6Y=;77}nwW{=s z)GT*Z7wPnm<40n(F3n2AC7~yNAS&gH@JZ_V3EhB7?<^Y%e)UrmayoFE`@uRqiaxT$ z6km<8a<@5%s%-^NBd;c=P#qc5HUa%N)T7>HMyjaMo|ppQ8m-?@_E-$@kEtHa=l5%(LWp z$fKQ4SA_IzCLg*ik)3i4ByTmKUAGxlzDQyXF z;*8>ZNrBF;-wxpojHUEcjEfHUp?J*dRA&2M-T5VSwgn7Bbe9+Tx&+|0?FmIgwA?L2 zee;1H%8#CIkU;6IPOL3eqLf2#bDcOl4{lFdyaIVogGNEsY}uUPYWH{ivmFA zOrC@q^b9>i-m-_J{E*F+17@(`7JP2c2c_CIybTc_^bpjfs^=(za0UcrYcLCgod+C8 z3#0-YQJ&rQZ5vnKds_?Roy_Giu4$#KQ1Pf{~1RXYA2) z?lBdOPcR{j6yFhM^NVyJ+Is?IQ`tlCVlb6km)y?_UE%j--gvp0a}>*nAJ0oP$~!uT zeKgnZSCHdBCY~k2+7PBM^3Xs2BpO5q6tq!B;Llz#>ZHSQ<0RRh0Rtm!mB(r;f?fKQ zh`Q_pv*`?B<+2phRBV46*cW^iS^=*Oe1q5;3S~V#ny-rT&NLmP1j)a3UAob%%8vg- zA@(vtFkK27dGFD_zs%38YuI9MHb<&HCr0grKI)R`c<1%GB^VP4FL$N^-=)isDw7>8 z;?#$&x_WtPJ!?`dKgF5 zCEk#N(I!qN?I-n^$JdP6uj2t`QkLR;!PHIowKZtNqd)HrbqnHe@MRAXKao)lj}B*u zXsW9_VoJ{aHK4Ne|FQR$(QPeD+u(`Wv15!GV~m-ZVrFJ$l$qHv#~d>=lgxI^F*7rR z%*-Ui=W}W9+&gpL`7uA=wY0QaQf+mwXFt2DyQ;bxgM)88W4x=jd8Yd0w9Eb4F5U!m zVG{W!s&DNvb;~Bo398eK=BN|e<2vs&^=UlqWv_uwCgEXq>u3m-ST{x0VPPRH97;AN zvOLCk6B!S7CW~lJ6}(#Y6V3u#`q<6d?&r5QLH)WP(GobXH2eBq)fEC2Z687z`sSNH@FD(u6AvU{CKH;ji#l7Z@=DP* zH!CcYQEPhUgs#XZl?Z<86WBWNjj#AU(k-&Dy{TbtD+GAV%VDH(rlq)^RQ8ldmD#w= zVy?~IofGg$T@156O~w0%?bo@5qPIN0@x?sOq^kfNq-6IR${qmaGWsK8UWv3AQm7%; zKJ#{L8uRKn!EK1Zy>?oq?XRu1QA>)z3e5~eEdRAl2zX;D~+hNUu4?= z7S0EL0ZRkQlT{2^rq9j_`OG6+hxf|03SEuXvPj6>5@j{ck0LlsVsp*K8-7sYUM`(Y zXy{kMb^3NVnsCDFP(kPwsjHV!E1fm#)+$j2=F?*K*FR@(Hh7Whnd1Bc90?f>lp5#m z(`Q>Jb;i$a?A3nM!7qSu_E0HlVfN2c%kA53r^3rh={DjU1ieKmn+`Zk9jW0>QVi|u za4`=RvA_+IQojYIfGlYd(3=La#$n!F`wSn)hl+|mJa`&w;<_81N}0()(acwGmSrEd z;yx8?s=vnlJ*4){l zh8cOkEXurV-yh|w1le|)`vaK32FKy5WsQo48c6^X`QbpDlu|^kZQP-rD_KnZ&&%)h z&H^pFs*xT?x(ultA~v^2`S8tc8A&;$+G^XPx0LMa{roSqV)sc5$Vwr`XTm%`FGDPN zpPV?NnS#zJH{H*fk_|@FilURDW4%#*OWi`BuEs$N4YO>44B#l0LpkpA(|Hc7ek~`+ z`isG31_fpy&CxKS42e}x=R+xh%bvMh_#PO;HTTX#+hxR3b##co*MWSY4Q8QHZGNCV z+QIWh8-zPY{(K{;%>zj&VlaxNAyz>8BLh^R^LtrvkngB|&P3vug)Vtw`&o1bO0%#r z6UU5V0+knznHhg*kM}9xeOQV&K}gCIo%5D=xkx2ybkD17N$|>ax6q@bc9tHH{CF^O zB6qI%WTKJuZ9OPIUTI2Y^r2ul(;Kj`rxg5NMP0F|j#{(a4MeF6{!$~JhUuEmOr)L` zBfE5GUeDq`qkQ+oRhJhEMGfcwk-{*(OLYmNlV7hxTo#>Y#t+$+bigqPXQsLkar)iZ z9%H+H>|_ylYzpt2cR{#tIUsGXI`HqlWrGUC*cw@rgz8O0&%KBy4(gVxwAIu&v`>dy z-(a7<7Du%|S&U4XcN97}(Xf67K0|4Zh zfm%|ng70r)E&EkI@W>N7IE?%X!r31N8UzJWk2GW#prmy2The$2@_gKwf>U?V zzWyqfwgimlu1=@~f%Zy(1-xw6mo4hKtr>v$fTXfgtR03No=E74AMj}d`&%4`dCjTQ zdP)yiZ38-Pm08EHqWt@HOtO)j^H;LEMNeV#3i5u&s4c4T2Fa`=EOLd2OlPMpHne6L z&#d)3c#j=|o|WMYP1e8(e##<3t>bnz&BtHU^f&xfRu#4(oJ*s%IMpZB_Z0Ov4b64; z2X~W<0~o^QpJZ2rBAtKGSrY+`VacG@D1COeFm?8rR_Hn{@VUn`g(FX_P-m2&_VpiP zhsa!+%RqM-kLP+zG9pl&vMs~g*;=-7Zniz6ky+nlI`+cp9>%X;*UU;%eA>kVc8lJu z(tWwR-|SihEq%0g3kJ*q>m4tqzKxlfV|T(h5_ap@KA}+}am;GDqoW!@N5yq@y{j?; zk7bp7{YdELg4DxZ1Rw5`6&mQBUi9Rkdj44pK!swPehJg)hVhlspGNSTtRi)S)5)^c zthkJA!O*6gXa?fZKxE>t^Lr#9j0?uCssN)m5doi2Ao3zJDYT`VH|L`y?n?ml%K~gr3y^5#&j|!ru)KYCF5n>twfDin>Euzz4zvLl#NkW zQ-Sf%1+@f(CXwBYs5X^Aw?ww%J{hmGTe#Yr@UhwotM$swVUb^2hmGWz`eC@w*p^{>^$k9KF|O`H zPOOT9^ckU59R9I5P2T|iXgAP@wF_bGK4E~3!FloRqZZ7cpi!K2)FZ@1S(MxRui8P| z46LnV-$%_`R}FYf`F!ED)0V##-sr7w4|q95{u6Ud47+X+Iy;2>+r zJzRvBM!fCl|BQFQ-YI4vi}c3Uo#RtZi^1^4obygV+uCG&YAb{p({5_OUuri#KgPQ9 zIUnu%n=W(XxneCm*~5PNNk!|rcXWe@JH_(c!sS%sHOy_c;uJAGl}sX_0Mu+DTJle+ zJ+g>I<^tS2?7ao9Z2h8zy<9_yM`0k06-_ZS8|4Hy9dxJ(h{!#=vY&2`RaW%N>E+h8p@`_xn>>5a&@6RM=ZBJ3Lw{ql>> zFPCzU>2tfK<6?6^n^wG+q@H*(6gmhDJ5R@L8_sAv>EkgIw4`mXIMuA5_-}kU=K8`X zwv=V5;(xeZBS*rKRNpV&+{8J^nbkEw?&KHUR?d1Fpa2s!i?V-Nk*rLnoa})Y#4h6_ z_NhjS%Ay$pus-tKS+ib+CnxUOW<9E1qBIPZ?cur#%51DSzwLT2orngF<#LV{Wo8lY z^$Q9XBt)5Ll^_%L5wHZ^JxwJ(R#8a!>X?9wvjg12{}J^lL-C)M?#Jg%VYf>SROOQT zu>c3s%MLXpd?L=>Mn;WOa)-8|O8D31DMYE=ya`!O7NV}$+;(}X6r&UEBbNocS?(Lai zw%s*2c{@W4Z+XaPz3+(i{0W@ktjXTvwRcO&dW{c+8eV{8dF7R}QubeqrQ@uikFPhB z64P%AXa7BDdCf>K+A7f!SB;tvs)onr8O$tnP-6e>V|zvSlnhnqe~u%*g-T~Av+uPw zoZQo&*Ty=VTs!AG9}Y$G?<03dacuJ8RnA?f#q2nasx7+ioUzga?IG*@r~%7tnOo@XtCz} z!AsatbUa#29h6`bORPTHi!CHn=x16H2W~;bmhar&dJD6Y)j}?ncPoco!t_2{q@9cu zmtC^a+qo{NB!fUC*AVte9MqzdG0T-R@ngq`e;80Kg`|IWH?o5hNpOm0dB(&?*NZG`vjb|0v~}{ z9iwef$;%it=Fs?SCZ;Mdmnp2JJ-L=yf%P~%mtRz*nd@g`%)NYt4(oOGA(=8mhCd!T zvJ~#yRe7PJpQtJ}PJ1~A_JH0`rK8b0goMR|rTm`RA7103_0o7yDPRz7gMtU1M}K`8 zmsMpTx_Mhl_F|`03nOS)>5ERIh4I#h8o^s5iavu6-~{>xF19B3g)3Qt1byN#M9RW( zOgpV>)2Ji(YM7fXY}!P2U=8~R^4W}LZ1?wn9J<6W_MK35@@y@BU05tHr$J9*>c=sa zUY~e5Wb@&Inzta!#uzUC-ccKE@^+&N(%u@R2ZFd!~EcIvK%J!ea zGE5XjH%S8TXN)qLJc#U6`KZbaw;l6(+?2S-_v(n{lii$A5^^js_`p$^?10AfqX)Ki zUUm*EaNKj95O}k)g7(^pdRx!m;98q}Lb{D|^YS9FIy0}l`!swmq97m_Xbr8*JW$G9F zJ%heZSk3Km+ZYe~{;YLrP zhdY#1|M3VLv7?&Htwllcg{r3XJuC;E2wkVM&~IMYp+N)q%&ed6mTYCLACk`~Z>=67 zQj^;@qGLSjCM|NIsxH~Tx_T$jHFea4CO;}$Fa%Rc(93^)8IL9@!FK%h{IgLjs1|Ns zO4LH_Qe}7*7xY$be4NC+u+2Bh&wJyV z9^d=)AByQLMDLr<1|O!B)Ku$z8P2P-+cq2A8!oVBRQh2ZqBGvy!$|kcu8#^m$fB+3BJY{yIxfOVV#bTe;hjSH4#pp(yL|CP*wo05O1WW8B^xI8 z+aU5kX=c{YhHfRPKDk6-+WmqqIhGk@JhsukL+yc)@qKv_GOtfxHbIuY$_d?eKDOmP zJ}NW~H(ow5qKe&npPFQ^U-C+F)=KBSJVjHq1tT(k6~Zsoo0kz@ETruM`a|K{Q7P`N ztGH%hmFxiFwO@2mC8bPss}*ToUV3N)hw>@hA@_ z;X7`t+V$mRGVIt%vT6-pqUALwqlA$!-gcEM0tnGN9#?rJ2>cv_CWXG*I(jS{ww-)( z?1Sy6zBL|{==i%GT1W%%YhI$SL{CEDsxPHAH+-4}!;Z(4<5Hrve%vgDq5m}GU;QIO zB6BEkE#ou9-Sc)w5x+@*V zb!U}eb@lELj4yHZ`XLW%vE#l*kc0tO!yV_h?{QcrUGD@Kb2H2Nz2+cr{GL?SYdWkWtnQ;w z{GXeEPHFN9lCMmPQ1_kl8_hse=tKamV#iphaUtA6OK0S}KX^;+oIEp`ZSasIv2lFF zDxAS>NrC4sDN1}@j4a0WmnpD)Vu|Hsl1VVa*%`cy!u|o1XNzIDygO7dq&n5=pH$y-P`B^xNH>n7xi)2Z3ho>!5_qKEzUhHfq>kEt6 zRPHt=?Lwrz<@Cab=XPs2W-DzI!VVIep%S$N7*5R054P>dOk*PRGxc?CU~RO_*uG!1 z9_Mt8L7MH&JRiutzPIh1)eSq+#&#?sSp>M@Ogj4X)`&EDjqRK3vf9~V5glJjDe5>Y z)VHf|?{cVlT9@FBKUD0OcXc)Y;W~QDUp&w--}*l9&RqP}2}h-imus;?xoA4JdbkmJ z(%vT#S5+2%Z|A}vlUdvcI_{uWev#{pDAtqicS3&}f-pf-^1?%|p5~VL+|^oEUgcQn z;&fO1M`Wet0p$lfC?n51ncGs8BRWBqo`ehcNzT-q=1MR9gb#}B%l10l$leT?Ol+pm zb&css!iT;(dJjBaE_TmsWmGm1`6CXGkopjOUTDs-teJD)Y<@*hZgNuPd$OUn42=9{ zaPk||O}dzic|_F;7wbRJKWeophe|dTb2v(&K#VDMin1U-F0Zyab}Z~eoe{CL_p*fS z4Oz07x-0ntu@qR`$18!*?%e=C=ujhm*PiC6BTZ2dx9+S@hw6V!eLZ-ap5kxSbTb*{n8X@Z&|;U&9fE2ts-@^~Q%>WKpVmd1V2eAQ zu0*?ktLp~b6Lba|dzBzd6WxAh;hQ_dIRbG%NT3sQ?lmTxb`viwZ}631iku}mCh|1E zBqvWSv=P2#T(&W>7?1e4Rjs-;j2Sn}%MpZty4{Q@tHO3W;;%`ZJKOrjJK<{1A8d=? z0Hrq-Mj;W3&&9pv;B`uYC#PDSl9miZU-^; zGi@Hzpg`aw2C5Wz>+5Fxf^1`gh+mWGrD66jNfG0THfGVD*YNqO8OS zu*;7daLOE~W0J#klLql~XMGPL^Dp zmzFJj^RK=|+6DICbf|iL-4cm+4*@@J9{=3v0;14WDnHxkaok82@BCz^<8UiEn@~BHqTco>cheac8-9#y;A*5#IA0Q66ZoY%E<$MshRqXx%R^? zdePz4D7wOw8Ez?{$D11VgR->_leUwb8b|V={xshY$us{HF%lWI?qyt(UkL)H;oW=m z5ek>}aM=g~7}u0~P-9OmNrR1i>d)4X8pw@rNXap)6lte!VT{^|D;hyFkzD*HxdlL>1th~wp#tml%lQ}i6XpVF!?zWm@fOJ(-MdoJMEYccZ_eNRvbnbaj; zgZZ2V1&m3?$*p-R321=6P};qA{xE?fDd!7HWj{dy@i*glzo3;=NNWl2EI$p^Y1EH* zHY?AlxSi;o@`!7CPiG>VElW0^zux_@fPeY?o&ypm8NN#SY3-~vf@F354(k!EYrrRO z*Lap=vBS7=CjIVbCxD7!D0?zAw5K*tSuEO|8QjHe#q4vc^VPcZ_YcOtMp1?|XRW{?;M55$JP}0SOHbB)laoFE-X`ySRe8nH^Sy`A4xVNd1WIYWqLbOf=BcZhJ>EpZpE*{ z@}E_c&#}@Y?6nhL_+tN{_TN<}5xFB3Zb&BGW2!AWdeqqKKk!&XjJ0S#b{5E}@`NfLr|M19SOf@2)ec@`gs)BxI~Z+`C_;Zbn+i zv=5Lx;fpqJ_2~tRqeL=5dt{e@0d?NKO`5|>dnvf=abWf5tNjNvJNq=DFLwkRr#F6d zF1WQC7ctpgxkt+qM`f#S=DX4;g;P01%dg4JelW_E+F`u^ObtVWOaK0L80rugC&Xc{ z$fbYa{a}Du=$m2u@DUSHlp*Y3C?K&v`->+a{pJk3?}Z@-dj7aQ8Qx)$k_E4WeE0Y} z59X^IcZK;FcRv;4Y#u6!^9ODq%FN1nzYb|_CV8>?4YzlGJE|>B8au2vc+n3ebbpFb zzKvQ9=O4KGYSFAERh$gfP4TnUlYd=A+gh`Y<%E}7Ur1M_i(mf{NUJRZLG}$oHSAko zClMiUT%Z7U~>+ zX}gQB(GcruMT&is+_WP5&F{yi$2On(H(Y;5{Q-S$`;Geb3-me08*WX=`w0K_dW9BUrERBjbS0;Tv2}dtc>s#@2Vb^c9(qU=lW*`K}{$F7H3zdH~6qeu>JiX?0x9t3lVg0#_H#yzr zRI@NB{*e^{|E>E^N0VC7Kwkq$x{Vmwf~Oyf48amKD^(T|4*X}xVM-#)BI0J z{*5~CKP6_p_nP>MR_FiMa#Me@g4ME)_TP~DZxH{)F5q6uFKp@CU&~pbGw+bR)_s>m;X21{$+yiJT7y{ zT$1{0x%a=@qSBx2YxUA@!41JX>GXQUdZdczq^}|5goU{W50v zzIQq9b+fIsa%-KXI&o|FwIP!shM!@Mn$PbeG<2wfiuZVliAyh=RS+PZJSVqKp!weE z{PYsBfw_8rYiWT`S-Ag4cUzT$`!*E4ZW)qJ9JgAGuuyBGMe^jNG=!G|>%)@tj^Z4- zLO3YcV~~OO%YDgeIpfn*!*mP;zqpH)c?{Ne`Lj?4r<H8GOF@<_RaFwwu$_8my8Q z+YSucBkHx8AtWr9`xTdgN3E~SH1|%-wi!y-((T0e-~p{?O`Lt_;%#s&mu5c+0DP)b z!R7UIdRx5#%BrFJl60vaygYofvT%wIanB>2iZOmXPV@V=c3$8sPA;4OR?KEfF}KS@ zt=fH~S84eI@d69OgO}LE*PZ>qg)35YY!C`oY6Vb*-u!Z*6>MnhU-)b*Z*W@Pv*onN z*9mF-6gi+rC;9GNyW?}d$H7^=USPuJQIDx4w|s+|XTV4DI|rNJKV!V~k2k1DwOLLW z&1CrREm{if^HTT0&UhMm7O{N0j?8YtMCWOxK4kOrLfcm?zr4O!?;RgE_LLy@hR}OT zpBUBg0Zj0qGr5kllbU&rYPX^!tt`>OHZg0N8k~9|YdzJicqDQM_`E*&yJ*}D^U{ts z-gq?OHXgBKgZ!A01WMv}mnPP>Jq4VZ?9WGV5azeLkboVwvihD!e1JXPWBkl0P6+^-cMip++erm$0 z`s{(143hVACtRA}Z}nJykj16%#py;ryUzDLjk#m5@=^ki7cIX(>YLk(;I;sm#&iC(#k~!3k;ct;g6Dw6 zHJWAe#b?Pwh!-_gIC~>7%%|TdJ+{V!u5wr7(z;GzPAa)ICcmOfSQr(CO5QaqP-(+-S`g6w!ZII+nD(+ z)byDXM9gNWCI>>h5!_mjvOdLv`E03%djRJQwx&-f$Hf=py|4C0KXq2*^@4))S3Gw7 z*r42ZF$8gP69q;3dF>{K8F%URR%|P)|4SU&DPZq^;ZWtDs`GP9a@A+0_2 z7}a&_rJM9UkWx~g$*Ie3AjB|AReevSKGlsJ8>n;$xG}Hl-QP1Rs3J2L7?9$~Z6#Dq zO73!gq{9W9yE~Czi&gVGbMJ9*zo_Y1$_x}2aM7BUojCoWSL4MH#MoW1M zmbG@+;Y_UpTFDpR@rY@ly4z)(7vR=Hyzv!-4;*vF;H<8QP|F00&HV*l!rEgKrTX(56~C`5l-MI`3(Z%`do$y+$PLnW*xaG~G8fTFDIT#}%6V(C#(z)pyBYTp z61jPK#PF4&v8#U{4R&I@1Nx>s9Er)UjJPgya%SIu=)Y-$RL;65byjzf$28boJ=C!A z-^I1Ea1Z#?ssr)gbz~hL7`axZ@ed-~tG5of*WaG+Wi^xY6`s3RKF#4kDuxAi;^M~OP~^P498 zF9E%t2?p%lAGLRnl~w#fl*t+tq+%{BZpR^amCGa9?ZVOSNAy7(LaFsoGhg$O2AVp; zTL~S&0b=8QO-CVJf#L=i-&t1*l*wr{xFBCBJ3z`0wkD^~R5SwSVmB%t5Ca^qIPySe zW#t&VnEHCw7~jtV4~k7y`q7{{CO1Q1soY)xPK>Q(Ad^wAK|w>)y=e0ald-iQEgy=1 zXh$9I8oCgNi!{7-ItRSpy5}k>elh!YF6s=Q-d9m_#I@xnahk`v21Z}RkjGb%K^8xA zi3idI76i|~&2)rNCI{*$bit%!O4*6$K)2M`nxORcH6m`8HS({7q%(HR^1&B)y&9g5 z@L3*|8E!o&Wm}O}<6mMnCt~=ij9gj)8+4y6*H*Jgr|%+(f@fU4*44L5XeSI+HzX!< z1ApNSL&r~Wi8d#w-N}I3KQiALMSq2r^>zV#hZr{+g8*#IYq5WAD!xDAqjFN>6=Yofye@ zcvi3Wom``C=V_yw)DFMdrV~bnBaU}GKZZ?`8%Q8ex(|Cm)p)HXD#z5b@^XO^RTINL zWSYS1IT-#lYMx~-yLyf@fsH}AV^s$DF6Ea%DCtI~?{fIjD2)?Fd$#$ZybQ$OIo1I15}?DH~D&ss+YltQPl7X;3X zrY#G6vAY+0K4qYpx?E4U`TbFS)L&a&r0H^EtNHT9CYv&QSUc2QOs2+?o=?CE)6+IR z+ThGpJ9mpvqrX$BCfl9N4h!>bV@9KP>~>P`0epXn&Y`S%{_Gu>KB)^uQm5bZ;-k%j zQ|g0%)%b>I*U5_9(7%4_1vD%b{xxR6{paMa1O+MpcY@nsaMOKilf7T_5yIiVbnD{v zqsk9tEUi7)%8*=jX`-qQ!Nk+-=|(PjqqXn%lMBpj*U5Q$q0Hl7CJ1}kBV;~SiWzk2 z6A8oax2c{I#f3%@y?&xWb`_a`BC@$xA1Z&*ncbU2{ll~wHZWURBxhB^%+NA0sgfx< z^&WgUSif4nvd0%7;QEXb^TZ7AWP-j2&|M&xnDSZDsM-A$N|mZ7@QAU@;N8pBr1iLi zhrQ2Ev|4u}FSjeE+EicctC!ob#^&1q96%Pm>KIE=%N||!2PuP>_k#+dHOxJ3XQqcb z{cOhiE?fylg-`FjyO8h#JA9Ux$9a%ftMac!4CD(;l!`?Tt!J<2p@VJRO%GM-D`| z3(E5Jz03CX$BlG7=EdHuClAFM6`v}~C~?PcUu{F&Un)yoGxACOEznD}d&s|ryDlYN z4bSh(Z=G%|HVm!Aq(&j{^ID*{ly4ugSw{II%MEy)HxoWv&6pk&DXf?c7XqiaDjjAi z1iM0C8*TR-sqw#MO~})axtoH__qz4b6rjep z>prOoio+1r!L6xAE^2+60)oHE_}!`^TB^%K;{Z|Y#;ey(v7b-S+Nc`|G995v&3fj2 zn9OI;BCC1nzibrKAsLvB(^8RiCS5Y9u?N3T{;`TWp41T=O?^=}w4&v0eDIuT-FJk| zM}6Ofc`e=z%tM?$pwD8Ep~?GO0=zK zf4`LuEjc`oay!vj;t|(G8vd1Q@l2}U2^+Mx<^Fck46t|2xoP+?0-?O%IoskK#a$j> z&k)fAppenjdzKBmosY{C3WHZ^31{Mps4)@&Q$Ugz<06-6?{Kt=SQ5L1CazOz>Um|~ z36t8IjX^F^Jfj!C_rj#xXTcvQx@;tsiOO#dL)rj7utxitJ9AIkn^fDCe_z4a62U|K zoCK%X;A*`~ftGIczkS`e4h>P^4-K3p*|m$b%WHwN zUk!e(D!*N#Q#|&kWFn^T_bv9qI(OcN9Z@2L3g2?4+lU(Ex5Ql&e_NwBLZO9mvg0!klZpz`E$$d1TcFf{J?^*v2UlMV^w zC$ynf>IhG@zhHh&Kw%jN zG^YroCzXZ0tL`?Tb)%VEc#L_BIAKg^R zSdg7P_7Fh3qEzu3N0A;>tQq3nus;dF>+!j+-zB{2Iy5?Fwi_IxF$}oM5*Ei!UGSRR z$RO$76(`}TvQfZU5Z(}f`;G|EM~!EcZo5kqdM~4ZXU%5txj*XYxNNPlPcIRhC-SLz z3{iFOMm@uI+^vmog=9t%uR1zneIXW@7P<>?shjf@{=n{MNu=+{{-!*!pleZokM3=# ze8(G+xkNvNsdd{Q)xocM??KRGC1eq161#JmJ7dFKeaS%AjpE19nVYD@GZ$v)VSrd2%|k;!C7uIq;& zhU8Q@qVsHrTHM?U8q_(_3dX;j0XxKdeHIvCJ9>!ieUuzfCR0#@I4imvPSdwI99iE- zV6ST8Tb=QJGA0XB3%iQ&;fK|>Ualdve?Ouuq`E2Zcx%4KHFIT6pYR$}v3q!YLcAXl zSPONOdrgX<=IM2K}`4&3~Cn2ceC;lDu7_ZWXh#vuBa|0 z{qi|YBQ>?gLUqt_%<@}v;DMDjOLP5xW3H=MT%2_Y#| zAS^0Fs}6IUeJMPQoDcjpGbPS4=-b`3ypi#f*TF78bwXP$i?C16g%Gc!eBhc2`&Mdp3L@@?zOVICaW~V zh<%1`7aw3(Uxe9@SFb~*PpjSo-|E@*pHGWDL?BE_i6Pe$^{%J@*>87v$5>x08Qb)a zYniA9W-I$w(Ps0$35Dui^^HpH2Xu#3$%89YH6I^GQz*-5-}3=NhMXKj>Rzn!H+a-K zf|=xB(DH51gDC_*;hs))YBLHQLfynQMJA4q=}6mC!F}nhb2PnlPrbkZf+N-vWYS&f z0Z{w$J?zVoI6?EKnZZNeMpNPLgEJeI(?^Ifn9@ zV~#U@T#Sg>1#Ig<>VnoD`CM68j`+sU%N5{ESF}_eQ7Uo5?YeLJY_J-%uHNrErE_QakhLfvwK)$*bWN zdhOir#WptRX73F>Mst0VG5b>$_CFhbb|{Qzm61gM@Wh*Z_ZaL%sQNU!sxQyOf_+FZ zTW|@3NQe?+6LKZg7}I{Ih3o+p*k_X4Y^-;e?H6jkKv0)zGW>Ar(;+M8FjF+9ir0TRn(g0(Yh{g}Q?;9nVKPkvs|&Mo$yN^crxkYV!5ZFx@XWD1odw zt9!_rX%tonyg80K9msSGW#>!8vyT)~@<=CEG|px&Y0l>lX?(NNk2Q ziVeyQw#X`e0era9#Y=*}bY_OSyqw_XK`$XNNxml7oKO<_Kna5zY3`eUMM;Vve`K@^ zk-_hFP)rdHRi?|f6v|S57(FcGQmnQm8Xty8bW%KdCZuJ*Ux-($$8`!dM5DlL4?#jZ ztXo|e9$H8MTvHhQ3Vn=Ca<{mHtH>~lM5JsoETlqGI&9(dSNzb4uZBt!7a=OuVsT}T z7eH8Z{kmH!J|*&5D&}10T!l6Gps$#WRpg{nN~(&1FGHsp)nf)MT$+G!vT9+e!f_*W zRUC`E=l+#Eh&&z*JWSa{=kGJnpys|qx!dM$`Nh$+4K)c>%y6_^!!eMVmk9V9y2=%L zn0A50?ek~L$0j_!xsF4vJH%&?<5J=g{(!k_U6S&L`q+bQ{PZ+~-!DlMDYY9{S04G= zOkQ=d+RG@yVlAU%CJcJUOBZ=4G<4bDKH;qj^G5{8Ztf+KB1`6Uqb$;(`=6XxH+9+! z>NJc*NEQyNw~qRB_<{!2sfD<*UXH%YN`sCAv(mn-M>wKi%w5n`Gq4DpV;ERqP)-`& z;L~PjZcX1cUJUA8@rvD^hnXjzDa3FWm+RFv&LB5mBZt;LoyaV4hDVrR88N>|%4A>i z?u};de{m+dTt$m)Y};(M3);^uIJ1W2`+MB)6~4ar`z59@4SVZ^hlVK|%Zv?n3-<=- zc^~&`DPDgYU@D+8sw0EppFKDBuWK?JpM#JDB)yFu{YdCj5i^V6P)EX z(H(7Y(%!73_EDd8Z!#7dV>yGQ)>NFTNozslu05VPzN(JyBf(PJavtmF81VVoc7;aI zncI>Kkk)qttmg&qGtgxfHk|4|Dv|wktFXVFLDRMkMpJsypw|3e83Lc0d0d;ZbqQ%Z zhe?ITU0RhT+k}?AM+J`9uW`yZg%-Lil5hmNrZ`k>RsnO))jlX@yo`k(oUZJsd8#0h z(vn8@r-(NTKDddAPM;!nVk9NFWWGWzIomKNMP`B!H6I3PR~syg8jto7Z??Jo45D&V zf!Vy8V3I4O6Myer3Ly7M9)qblEpmGZm_3^Q5uF#ZQGUNY z5oc;#F{;~T=Sgeaw2|)%4L=Z=v08K5ck*;m?8XX4pDR+QykTTI_PBA z-lGYoG3s=k=`UQ&eFMg$JFq+Dq^+&?TM$Q0M@}w2ayE7lG4FHQGJOBZ{<`$D&rU4Y zGByVg70jb!8EbWz^D*DWBTrC+s_E)$E0g;(9LR4H$4*=6y6~NTGNgoR(!dz(q4=Hu zn9u0GS+I(N-8b2aCLl5%ii6fjIjnuG*wv_p0-bXPKp*dat6N4jV^XJH+PnlgR4#M_ zHWx#hH4f)>SghW;W2U(aKK7AQ>@ZDIJ~NN$zBAn9AjgD8T++9zdHfVXtxpjp>apmg z?#V3|Y;Pvtp>m1*y>GC-9MW<^M!oFF-;HcD<#C*#cDuyeoY6pDNVj-zDV)pfGuMm zCf$WUAP5MXp+GVO%pPYuEHxP^(#U6Mp-u|G7BqYF&@8orl{?nCA4dIV6 zP`8-W&eTt0Fs$=v$ID~S>Z-Y3-rEQTa|378`4eU2F1nmhOyC87Z{xPWDJF9iN8Y$M zC%D8|oA@rPr6LzT6AV&(1Ru`w()ztv@^VCq#P943E<37L^oQB zYSSn@y`8Kfcz@nqx_ARP5yMNueFzAH{~)OF8}e(3I|N3J!tSNSWzZa~c0^@mV@%~l z#OqttlckLf0C|2{s$p2UTmw0#QK=I1G6?pwDC!5%@h}t#;tvp#i}z`3nVG3$Crs(4 zZrAA(u*}8aEUyly#Zamfsh?>Yh2)3IC5{r&IY&qeQBd2oPuwLR z>5Hd2aZ!We;m6Vy4f=DK2wfU<@znk1kE!lc5~)NMvWAC%5!02!WhGgAJ)0|sXM>fW z(so$mp;Zsok4M#a8AXl2an=`f!;fTkCL2_^ez@ID(bFNJgYtx+_6tbt*Go-)&SqlKLi?eb?&v$O&-R9f7Cg2c$#Z|7MFJIZGIXNvE zTK=^Ot%(QOA9BC$@Y!Z`>xG~v7H0c4A^~d#r5ftW-`LEqkb-{<1%JmjwkNBsSpCtR-&fBDZ+eU5d~kIvF> zR74y$2@7uxUHJJ7X!6PVdHlcUmOy%q4RGT6b0&{-_}ZyAir0QGSL91eBkKuiq@vTX zS5HWZ(zaO)2z~+svG*ZZ8^_PBJ1L}}V4Yj*MZT&5Ryr<}TS2%j)iJ$J;_;Nx>5&(v zY(>3ZvZ!25^%*U$TRqXkSa(7|-^;2lShc&$*rzDF)8-A##KD^4rI;QgD(ST^*rkK; zaw9YH*jh|vn$0S&FGorv<*woQ00bE#-({S6M}9wXz31eYjtf>CWk9P!<6iw!i#@*# zCq*InZGjRgE}Us$kil$L%XA8GglGFC-FyArW)JaHRw=TYXWTfI6@|u;mqVIL9$2|Jr6^*GQ5fJIUD4h^MdXI>LbdcUvy7ZP1N&xA-CqO9DJE50^kQ2{2 z?|Ytd-{<@O{I2hM{@K^w*WNRGX3cMvS+mxR)*Pmv#jZN4#uo+c)-vYGoQ{vafyjW` zgb&lM37JdHd9vk9!M%sH;gr^j2G2LSS0;LUPPUX}+;BUYAkCy^^(<`W;r-0GT1au_ z!=fb_Tcy6}4YH@ikCzXmRvl(JjA^}Zl%AZ$gE(qE2hmv(zI;x8YtDo7hi^jxbFy0q zw;0@ogk9Rj z%d{D{n5n%;+3Hl+uS;eytI06E4(%w3S-0#RxXVnBFkez=Tv^_FXIwo#ec~n0+=W{g zKu2$m0~%tc?PaM+p@dKgyX)Bn5TsYic%N)H)gdLbFdynooABwpT5hlGrEa`)ETEM| zr8wUdHo@@CF;1Tm6cH6~&YvQ9I+QJV$b{cTF36pkIg3Jr%2(5{9Qtkq$N$gwuJ#pt z49ipJh%lEKWPv0R$>68BP~W_ZDq&Zjl<*GcuZasczGo45IL_hv*cF~%L24~FcNY%4j+%pS(um~K2oe`Ij_+VM8VwyR|K zTE}h` z*)j9!zTYMqDStFW>-VNB1Q2bsHJ6AIZ0LOt<|!CRJS4hLq0n3|vD-OsU()df`l;Pw zH(L;VHgFsDxGaIk%n-;hxHuO+;_7LEzp<+nlqK?7Y6iAwG_u4SbZd0jM?-4MV9ldS zBoF+s-_t!^%-ux)otEAmkHVRYbxJ0~=996lmAo<&K`B?&wxHa0vWBG$+S%~BXYL%9 z(ad+fX#+@}ZgoLPUz9l9iP9?vr$P8nlu^MO2OG3~cM)`~v2z#H2fjH7n4gnjigK9^ z)%-kMc;m;TXrap>SD1G%S@M2m)bx0Tu92~EZc$OuSaZ_DXR(t>Ehc1~0v6YyOjm33 zPP>UE<^*{+OClyt5TJw6U_5^^z(FCQ?>wFgAn;ClHK16BO=NX?KK!mB0FQMY^=M9_ z6rYaS@U)+TXwI2lL|$y$Qod3vRpok3qc-K$ulQOD)PxH;%*jyR&SpFx~X-a{~8@Y*(TBxE}K5; zrZGnbJEuKi_(gtzGtPFoF8TO%7TXEn$dO|nxpa;k0{?!Rg*raDFx=% z_grs}OLQZW^z7fC?>OJA^vbooLJ&{!N zEy!dlY?Cx2+re^BwJV`;^MS07nzo+w83?%WYUSwLg-o<_XOo7P z3PRQl~Yd(ueiQb~M0M)EonQNos#LH#rL*%dUJ~1z z0w+2X%Ze`OolFSITGl4!iI|86n6&#Y!;uWfW5=rm`!~nA_jsv5QO%OiYdzO3_hgV3 zBqr>h3jum)F_u1ia6Z{!3l>!+;i_hhzm*|wN;&=55#1lYTE@k+Zw46JH5=tuIm$1h zOhmXlr_I=i!@C4I9|g-8eH%bVpZ6kZ*2$X<8JbK^$F%Gbxbd6v*JC?zPYjlN9*lWi z9J?YTI}SKdP>m9|&+qvhiuV{8y_|z0m3jpO0evfM+73f9y420zohSKYvHh!6NtZf- z)n_^|pC9KV#g9{SYQ1SpY`|y34-cKwOYs+7ZiU)A+mBqMAbuOuVgj*r@oHIq>*w68X5*I@DY~OAU)==`%OK(3=!5Z7Ybf z?IkgEna{)wW#>!3X@Xad#gukaHXkQid=tsyvN~z(X%5+yx_pew%yz~N0y$e6xhb8+ zUhig6f1l@Ga%O zJk0lzydcV`aI~>s^~%NfDHa5M-hJbC&wy=90O-ef+OfXl>)_6;BIu+b$&${ciuSTM zG!?Yr-(>ofg~*=Z}CSz2Y)JU;V1KXSgR&hk@_+}h_|W~a7x z@)@0sCD)ALRKUH3>c`Rd>E*EaSKnTLvh+`P?zS`TH{-VmR|7nL)$((b)3{nFtp^Au zpC3#K2n&cwj$qtr+=PM!WSX>FETA&#w3vvcvocj$8ii42_B+0fQ;$uR?>!ue$>Xc* zGgNI)ZebpRth|w05;)gQVL=QFPksgXa_?#wOP<6i2&MW{$qa~%l9B2=h&2?+u*c^1z zSUb$t+_Eeyb@7ck!r^&Y35XlOmb`bDYlgsy?*^&2_IWX6oWuU` z)P&|grnu1!&K3VvS97lE=X+CZ&hnqjytR@_QzeInA$bXr$t?4`o@@5$U3n4+*V-Mg z^V$iPJJ4^~drjPpoP#!`rr}9nHNS7opL>bJ-*IB;r@iAZ(@1H);Hm}UR7JIReKGpN zohxkKM;=ju>UVvnX63}(nb`R&J$o5_juOE=D@&zDx*lxvNGTA4Q`v9D>6{5Xk{3M^ zBMt2r+7`ca^3)?8px&h$DLFFL*_7ngJJl6xqD*?zoN)RKgQG3?6Q|xHt*yW!zDnn= z_Hup&ORevH+x{i`-Ckg?7TQ0B43;8XtXU&>jYc{5^YfY0V?&n_)h z+NfE`rIkh6k<{AZv0AFNR=h_4~(_q1(H9*YUo-s(5J>A04=Xcnhn{=Li9 z-g&LkX*E?}NXf}>)5GWN1RyMM^t?Ai1s|Orm?Pb|=K(vv7=cs{&h75I2?T#Yf#a{QL~`DERUy=DmQr+@85gDt?9`QDkBTkii!=J|2JWr5nDC_ZeFTL;QJoS!i9>(i3 zS#FPl^Jg8ggDGI6nyp_3)DaB1(sj4&Mkbf+nL_jq)v6bQ z&)Q5=PWerlemBn51rn)sZ-^p}fR%sDuoGt2w$pBO`QI99%@D1h2_o49g@ zXiATmx5fEzg=5gRgInPr#}tQ11`Q%XTHMDcOkCQGSmV+R0OWB$y-s&~#5VE==IOzB zP8+2E4oJ%A*88l8%rym|01_UXl3t}NN~{IqX) zzUs{K)2f55)(k6RUfOc@-Lx$cS>>f{ip?wzxinGMK>Pgi4=eLr1r_+9AWA}V&tjAH zAFkZLueHwXwVTk`pj^WMqIQ~P1D&61CD`73tU(BA&&zGcEy5c5sMElG5Xq_OM*VQY zVO9Ayo?lLST7Eu$q(a?1d>}k?jdygD=!DXnLg{gK z?!qlYE9WT_e!|(joGYmcW?==UX`7o?U320+LxNOG?(zCMkMp>=?A>G|6O+#G$P)}H zEkTQ#g4xL#z8#xmxu*QGmpQ=A@rV~@@2bkb8>c~3mZJ6cn{AQ`kdiC==36fWgthO= zUkUm|{54=uwT@NhDO=DfbK}0D2Vt`K$1MA|OVIKyD@ARQ9$Pl$zj*t?q#Jg z6#aYg|EkjEKI`6Y@2{8tspEgq=>K2z=yqfBi&YkvkYHJ+s__25jWHox@SRic^S^}J zAFQ3>1zU+!M2eQ5cAs-tCTV$kE}|D_UnR;Q~Dja}+WM1SAdU$^df zQ#!ZZ`};2zX;}A|CFpMaJ?zN@<$udGl579{7hjAC-I=lC{Fh$-!y{|sm7vo-akXcE zN0C3BAws{8kNevXt_1B7U7u@1Jt6)Zq7pc9V)E%gA!~@xnvbLOPHOgxQ zMTuYh{(Zv{YY>y1319Ie$$Y3q)n)y%k7Qo}{H&27dF#C3W&2AbNrNG}_$4Xln)UbC zbE>#wmM>oA`@@dqf^r%Y`|LS`_cW{(PtV+~XLq=!i&xA~v${Jcd@oC&`S*0gZTIf& zGx{Zn4VDhMm>h?9OU}~lbo!v4JiMpT@xT;6R&S3x_Oi^obb4Ug%DR8M^!Su#1&kA# zK7n~l__J2|e0EFME9{7iZ`Wq%JNTNYp`{nDM!t=af6;*P~^aqAS=UKVJ!l`$i0)8erRTPN9XKYY`Y zHJ2y1?*X+&{0KS#&#=v@_c?MX_#QU%0whdWghv@2@1Y~0VW&B?{daf4q$d1XhnK1> z`JMZ3+GTj~lTF3#*yO_!w}5tGrQV0`Mh)I_fjW(NxOOhTyHU5xC14SN7bkCNkkL`m zlV$6(xaWznvs^8nYSDbrJ@3^# z1RS9{5w^$!VMlyVeZGwmRH7G(KTGZR;fVg$P(@|3*|5rzD3S=gt6svlhPW8G%;C1xeqddz%vcP#fbw>M5@kI@5yLJmnnfT6 zpRroMTvpP+-$t&{6C`J{PUWtz(NM%6R;|y(A}i!OJo|EdFV>r7^w>-Kp2sT9VXWpZ z*72Da$6G@9Ce8Tw+LN^?D)cR(>$6eTkd1UIjf@{CaJrC{M^A58Z=5VafPYITKIzM5 zF{cHrJ0*OxhMHizNzQ-yE;OX~DW2@#s9;(;yeT0OyDB9dRkpGcN<0K%p z1Kg?HWItx7%G(z_x4zp6`uY;#*!5yuvY@rHT7^6EZG-hMy;t+XHj9_>GGcQm&%T)F z!MiJ52Q7JRD|7aty&J(1c~zq37@E^j2->%=uri7OaY!H`J@>`JoSE{lHtKzIM;3)lPsDverk)iKpWp@U7Y1aZNf zpp(i1LwjnU_%5~C2@i?GxS^F6^X+F|py;iS5}a%7{NN|+PW>f8tHP$)Rr0JdDRb*1 zq?9buHc>?|Rab###LapJ?eL%NZuum+JOeeW#b6VZDwM=>SHvL>uh<;0aErjMqU+2T zO#uwZ(<|=fK1%rlu zC0Un>^*72wEL|aV|181W@jYK#8uZOBkv1b5dBhEsITUdn$vS<7qwB>621b0gQM(*Y z(BjtH8w8W7Kz^^@JovE^GJk;Du|l_XKgI(O9+11X6jk${WNF4t4OKa}g0JW$Xqzac zv0^@D(5LI-z+v2Z14yM->0mp#Lu7#wRrj#z_{7{p9Xtoyz2O?FG8oxVV!u_Bsb(bl}Zmg-%d7~{`fHNl))s~$d{9!VGuF#2t^2Hqjo2T_e-3iBRH zHDZwUh9fl4>M8H~#-_IDMA`uCyKFemE|%IJ7Oe424wkPOTiFp(1%)>->La097*B%Y1^8HC;;;lE7e#s^N+diZJlS6{#$MQ2F*jfMc^C_GOuu4B#RwwXj%j1@hiQnbI z5uz9^!9RKc@Xu8Az~2C$ranUz1OS6)AU(ccouzTjr{i!H)8LcY(u3W#hUF*^zvaw) zTor7>$jn0}NKNWzvx&c&{p9a}w&~J?;uzyvEu*Y{$-_5v-|uf5rKhb_N#KPDTh1@D_a?^7E@1Wevjak#G!j3t+ zZ_3=aAH@T?b=r?A+A5!t2U_lhW!mV#u^n* znB|DPI;a(NQ16wqx9Do_|2<>91_bGXBp1#qTQ$pMfXvC)(B;D_q3c}_%8`_?&8y!j zi5k&zrRtrHHmW~bOM4^Q-O^SKjjb7+(G#n5S-2+efM=y`Tx%DGdZnirul9yB+O##> z*6VY$cvY+4-w_oE?&A!mRgMs>7#e!XH+LV5OJ6cfim2ALFZ=Q$zd*^nq-C0zS`>LRw~U;zJgq%3C_-d|6k$u;~&)4yop4 zSDgcPmqE2qN-BU9I)4Rmo1^@$Ms9v9ui(9*Js)2I;b;jQwCweAVeAs5-7%@77ou(M zR9l{!CQ$2~^~vKjxmYu1qN{{G8cDx#e>Px>=G^GlW3@Us)xN(+8KfYvz?o!d`7`|k zmiz&t&l%-yTlZokqwTl-GRx9!A2Py<@Cu3x>VvBILGgOB~R%ORC3Ikj*DOBeh zs+S+Io3#U@E)GSL@Aji%bT3Pi=@b__Q;n42YsDY}& zIdHX?w`J%N@LcQCQnOmj{7I}c@sTkU9qTLuQ`a+g17JKIjE^G_J4d+mCqG~9O4i1x zmXen95%BNt1tY-ua<6!*Y;PaipGPIiFzxOU(qBHbaL) z?rHvH+6!}>tOW{H4)}Liw!0JiWl@ zT~al7UcgD_(0Ug`6xgyuL_3|S(36tWuX&jJy*Tkl`ScpVr_<)5*7trEsD7QUiTU!r zaj-&-eMp4KwB(#|`IZw&Ck4_2xylmxYKNf)f~NLLr!xe5ZIWJk8U@4QJ4g?wQ=Fwb z{-dg|IT1fnlH86SAAOm#td@H3>syOqJ#n-iNNMRT5F_*)SNAR89Ijw~n4`eDK{S24 z|90uh#jbC_OVPY7*xFPvUucih2NLgqATRPg=gGo>;ZKCQBd1%mCsxLN@NU3El`Z&^ z={|`ipAiaIm-9nVG6c|=T{c1rddvLADG-$uoTcCf3a&gsZ2GuV4VsjJhLN3n6&whE z>MV_HmuU$g`qy>0S9-EH1hTBiSclt)C9Nis_3{ctLX|E}xBXsL>ZnFIijNze_NL9U zUkmqp`qrpKmH?Ubt6j@a^Cf8^#y>l%fj+4X_!rKhTszQl*>mKY-cH`;+iOI%M>^g5s3&6)~0QOWGDBAxYkZkPr3J#Lw6 zo!<3PrT8>2?ndJ$NX= zta(o>P(5#~fZ|b-AwiC{ZPz}WKIzV+EcYUrtv$J%Jn+Y@`3D}>1RkxCqPHfPOiymr zY@p~TY{Pl#${V@o5*gUbpk6S#Ld2AkL#e^qv*j#3l&|a_s)+5GSLwNFP7wB$ae6;| z9HZIN6+PBsoa1NaqbEOyEs+(iAe|+(6M3Luvw5}12i4#q_w`zNSyjybsnka;%rm*_ zE$izSqA_!9=VzTvWlPuaFM`eUlyc`b8=dE70PAzc$PokN)wIF6fFp7c9-xN8oK&p< z8<1eYJfV{kefd60B>-o0RvcM7+Z*>6$sc#K-fiu~8YFGfNzbK$aG`o&=>R|E)0p_V z!6lK^5`qB@(xG`KrX-}3975excC zfnOX}*A9?wB_#7>?CWKeZ|4x939Y0Lj3#5<%2fAFmAQCXko|OF1Pky5wH=C=h16Nt zZROME$L>eID-nU`9K*GJ2P9bPmu}KvZ2^LMqxcu~=8f;^JL4aLnCne0F4{6V-3sKg zUXga~^#(y!0i`_w{a0Xi?x~D=4iR=9+sU5=ofD*x#5YGqIfoFs-PXDb+4g)Gf3I&= z%&9(Fi6$~e>4hVFD3oLk8yT;u*}N+(zwy~_+&h>lusG}K%ix37D+Mpx@^=o*ha|28 z+vO^(8v4g=96ox$Bu~1V%8ksGc#F4rZsqG=zlIfVG!bA%vb(X&^Fy$v8T+xj5*cC`E{?CzDIk>`dfyf1?r%jAa*h(1D`?)x@H}ez>XwA~ zLCzdr?^focMIr46bdg0<%iTTC5+Ase!Sl4pO=G|W zkkt+E<_lJMiFg3x{DpvhtZPu_}VPI*GQ}54j69(`sL8kw>W!} zY9{(1=jgQl;^ls1Mv3~)i>IWF$4vW;`D;P)SEjKaA#HHI`Q`I)c+Z$>wc+^}NDsIG zOb5r;Zj_a)Rgv3TIERW)9Cpeq2At9r?}?o{xXHYC8narlO#Jv~;>a2pL{aWYnSbyy zbtmh|)9JZ*^M}60+^Qd2eX%bvlxcrd+0j3%vfsF_NMY-368rfHhvNHLyrId4L0eX( zI&UZBeU=!m%~tpAaA_Cl^!b5J1aDn)6GeLg!?{F#%KBx%g=$Q8i4uZx$eZC4YX_L?o!>vVJd_!fvLvfQ<7*Ha9p1EdNlCjKKzbZ^H*GXIH1NzRxRYduW$Sz~o|`xO zmsTnhmAeEj8?56X%JQaF&p`lOvlxkvZY5;qvS^L#V;Cau&vMUMqa$p4 zZ)75-u?Uuu_gw)Un=!*{xZm$lQcOgCZ*Bk~kK(>L_tQN;7L~+#4l>>LCi+8xQ z0gv2s#Y_N-(oN3f<5Uy$`6#h(+Imjv8aDHnF*UO%Aid~#=WRxJ%Gdnk^cbV~LpU#y zrD#iy-WUaRB9d|tc+!9SMt%Cyd4zo0O+tLpyN{W&Fa1{C_n$H|5_9j)v(7a;kUROg zu}f`!d}O&bGCgt&Zj-JXll;;-ZgN#kvHaA>Z^}K)+7fs5kc9WCAc+10c-=K_DyBhV zVPcD{2ev@IfBF2{*~xRMEK)Nbz`QVv*|hDewZMRCy9H=zX#ICZF~rbu5NJKJrsnBmp#b*{+4}Q;4nQW{AS4q zyp*{^X)#Bp*sp=}3vk48dRIHste4GOij_5kT9#>J>v#zL0>;L_VM!dNwsRn%5nl4@ zOtMKKsbrsYG%A&caYFDNYe3=t_iXv!rqig}4aWK`wr@edsmo~4hm_~~r#a2`JLA+D zwc4jZ(5QulA+U^DgpY(i2eAf3_%GE$Y!U`V%z*RhL8lPP_F}Zo!2Afbmw)11m{H!E>4^~u)e=%czv^QYxBpYDQ>1TIfroX29fnS z`!eh?f40`Xi7Uuv!W&(~%*K&q@{n|MH#Xz&=xWGF&FdegRR=2W=eY_5=Yv1dPL;^0 zjNmIec7nMu81hR95M4C*c_+zXf7{5+W=C!{(>Td7*#FU1FL~nQqwqJHO?f^s{xxs^ zw@?4Xe5b}izM*#MgChv?Gg2{t+(ka_#f>5WR9QLHu>_c8O|NU-WSK2myJcnS6fdAZ zO|cGwOiWpR`mEHp-|CcIf_&(0p6m^7>&(=P7yaCn`zuRrY|HYK1=MQ8Cbi*_zEPC$ zCr?b!B>6GqjUN`iM@jU2OgQ75h@-}kL}X83dbw@dxP}nA=Xs{AVZ3FK!?JS=^t>aD z9x^0i^>Wg_^@jCCt67{4o`TWIa3TkEn6K%aN-~j?)pul3CaI44K`EVL2boCnGQ6+h zk+NE4vTA*gXoLNC>IqLkn9Yy-_vUkI>$8#I%$tSIehC}hnL$e}mzIT)Bia5&ZIOfo#| zr~=`B+LUX79=&&`Z=}&|e4l%=XgM=ft4_An0Ili4XvYi5Fs~KH) z%&rprME>vpY4yMmtHC{^sW>Bdz!-NRZaC&5A5DJxcI+1w%*{1%`{rt4?fB{LS2X;s z=nNwqRp;4ou~52GRhV~J8hEC&P!RdRz^bN%u?YxD{Ok;V)NDGjY4@7P_c@-?$H))= zv61PZ25nZOzACLR7?WxKDA-ZruvA^$75QVfm9My1VcLt9d{?U8(@=+Ca7%JO86G2c zjd2-&eGIRD3A6w{nM2x(P@oNJwPcofh&z?BITI5D-@=5pWU=xoHLw%(O}i(c0_J&Z zu3eGj2XXbH8`~?iZ-6~}?p^JOnbe@H@?;=7T>=<&-XdhxFLuDz0|+#jJg1!g6o+4;a)&0a zPL@a5?kfbX>K!cv2kx0X?kCMQ%E9j+GClJe%3W)BySRIK`{(gYzz_JNqbfuQe*Lq2 zKE}l|3xT0z$c6ArG5KOQpn}^gg|e@pdE)oQ6;H!XkDj&j28B{#-b`XM0>7O6cyt0Q zy(HLHD=%3HAuGe=L_IK`osf@l)+R)bU3GQ81|uyE(rU6=JPC*A#h-lcE5Y&PpE*mW z(E zEUX6nXn&1CYZ}D?l(nbu*BQ@}RBH~5l5l|fCHrFqJu>@rQ+TK`t3WqlfL3gJjM7nR7`{;g~5f(ptBjHhN{?kVc@HZAzF9y zcUacq{rv^|g6jn=N6e_9>a}i7&F~!b2veE9f{lo=pQCd&$PclvsW(*9LEnx%-!Ux< z^!Er4{B~YJy4+IjMVfCHizzi+1egX-(#`lpH!E75(%`O~-MXwbIIZ(O1-_Z9MfjcF zSJ#tWNN)MFRL=VGgISlMZXRO{JqPDIt!cvAN_@4-KdD|P1^Q8Hl73cV!0>RGNX!jGp2 z%Q<)?oqM+A&*uVika9*ndd!=*Q2(Rz{K2aj`Oa%0`h5xm49lB&MsAZxAM25N8yxKe zQGCL^z5u)?KZj%OLO{G|g~Th%T$}C7Y5TU7EwS&`Pec}+V`vMd$M%J^&TyFUhmt$N$CqXQ7HJ~4+P?kQ(` zZJ`h@W*M5Cyj%ffRw43bmk;dKZICVsU2D;+@1(^h?jnn{hXc-7|bN(PXqRrqTm==|O_#+Xw;j z>yyzvQ)K@-W#PFM7<9Oj`yC=R8lq%aBjf)>CQHT{rzB!fT68mFrP8q074e(U7?7c^ z>~u=Ww*~>#^b|wKhBt(%MXT`Xc%Z;DuS}1v-HK;kZlt#dNTzIgoc{kUsUmDb%RWLAYO z)A-u^Ch1v46yO=JoAoi{lu7xf!=}OOq4em(bAoGhz{dHknct(;K5L;Z7>9ZFVZz)u zWr8JtNM!i|@D&_~X{FEf2@sMUh^&7{u&|itQy!6(>o9_J^GmMpMT4rIbyRNv9&3p|Tb0-OG65Ag?&fn4L9jej2#opf^*{ z|B<@sT$`j-hYjzdiK!`f@UPV=fvpC3i^VQKxnD_4rh~_WR;K)pysmgjay3PK1eK#XTDhIHRV$X(7Mi6esyA=Oz1Z zZkPTJ#3V#{rA5T1npo1eMHf!LjkrC6Iij#Eyzl?ji%6aL#miOGx0EgRzQEI{*vGo@ z?AJk$yQXgLr+6d9rwImL6g}LgnyPcTk<6!o)AkZBA=)sX4YOB>LYG)_u_e;MRl38ScO%$2e9B<@;^jqg&k9)a7YFk9nK*Qt= zBElSFIU&S^fK=rh%iTAW4V(i7j8X3zo2enj#bd#yK9%F0E*Q!|4GoE#1i=v;Vd=`K zop}qzKe0Gf+t@z~u43O4$Xhwcp*IHYBxN2<@Ibn0Po}@!*nW>?vj2tr;e6&^EN#=V z&QwH2|K*}l=%MQ7R3HZ_st}~*H1-uJx(Hp<%WN%oX#)-SV7lw%%QbY(g$gEsQsvh5Br?! zU+#2lifKt-E9q~cDP$M6c#aFGahV`k+x5 zHeJ8;U1faCvKpYnW9|!w@ezMkZC`uC)X%rf?=N5QFpIUlnsO;%^mYywW1NPr7PW-x zM&0ne+%a|-&@5zWdeT6yIsmT#H}PJ+Ro`No)`OdEJ6;+f@s=P2Zz`=Ug1r=O#jh$S zfGy89m#^9x0rr&eaTWJ&a;8rokxVi>>Ytg*d$|Q26af{ z^n8G@+i&zUDhnxYQs#elxYpyXlz*F^=8X->>Tpk<7IoUd7UL!kP^Vrh+9^P)`E6_y zgmPk1q&qQ(qB5;wsu8ZKXN(kVrIRQtN;WLtrJ&%+DX^0N?xC4S9w&Pkrg{k~Jy$B96o=ySHCYhUBh75V5!V+!fZI-qg;+-cyVf6J3)zss0O zqoNH3RxGin!Xnv5=k_e|Ie=TO3^oVke9`!$&vb*ze||3^@Xj$(Z#NP8^tQBuMr}UbTB0r9 ziChXJTH%;sEL-Kn3>Xv&J?-dQX|bf;#F#%M-Axx*J(XY-;j(94tlIR*1RpZ(2bNG? z+1^?BEa2yyDVqYD*?(_H=Tj!8Uv*IFnoId7JVZ8VQ5aS~+Ity9i|8v>CoQ?FlpQFt zJ~ZT5DW;glBN9^~^TA_qV7T=TVX&2%{%Nr3>hbPyse$o5Z7T@qCUOA-`SU$7SRjca|tN+ih^CRu<`$A-HYB-DIkc`)qt%Cd{Vj+8~bs zH8B}%7$IHDxs!l{1_^j%Y%hnlGI{J4_fh=SXyo|eO1K+I_eUOvk9{U}C9i1&P~5bU zj}z}U$v8}N8++~~-#^A$d3dwS^kFO*lTc87p=Dt*;Sg`zz5X z%;Ov44F9~5qhQu_%h+0J_S5(hynLv}`)Jk0*tHUt zh*Rx=Zx6ip&;e$_Xy=Ubwb-$V7qmwk{xZ#zL@P$9S&?JjK`I@yTxYh~pNGUsppnmrEG!fZN`1ZpP;c*bon)3r-8AXx3ZfGw-~Epy465N-6t(vhUc8X+8$B@ zCcixVcIsfO+w-w`oH&gO6mLvZ5?3jfC!EJ^ZbX0DE8-jTz#nCJnDzvs)p=jJKOyW9 zEdiUMjQ@nqR2be$gCL0V8%N=;=n}Jo&^3u34)VbdXH~v9vZ71E8XvS{ft1mZOCs8w=huYaa%HiDRV@F@v;v804bub;x9k}Q z>>G^+X%LI}me(j=9(hMSR9q7BxD1u==*A?AZCUkLBN{m&b|0?|pt3 zQeF`ZR9R*tpC-+o1m~~W%4CNCYR?Awku&#}Uo~WT+FE|7(!REb5qzhgPYJXQDbcPv z2&=Q;W+%+eRqj39|8xUSoVF3zNVQ}QGgYgK4E7tW{BFc$9wGc28 zh*!haIixl*?li0*(O%K6_fGV4oNp&)vuHa4Z+2x3&pY$kA|``eH(0ApGS}X!ao?JR z0G$JPIn~za4#j}4rodqZ>?ZBKN!hn=&Gr(#2QS|43z5n(Y5Ij;z| z_Tg8zR>5P-8a)xQK^=OF^lvPm8y9RbmD5kkDia1$A1RQzH_K=3q}-6nS~SBfu(z#+ z+agd4!MpF*Homr)4OT4-(*0DH3gsZ@s^4v@Q9p3DFU9WP9Smqg-xkz4#X}a#q zd_V|4l3wedm|j>Iw-6v#goqSTj{(*`*m^XEf9#N>XY#K4HffHw)D^tArtdrRV*A8l zz(jp%XE?37v&%4oVkGpz$#4DkakUq$hr}ma#*d|%@0Cv_d6hAv6>*{;W*!M=q(Nshlm*~qXw;5hP+MJWU8kQgI3W8LII1bA4lMsy7e+bPc z=#l^RNSH;uC=;K}c~}Lsjxxg8c&XLyOa!{+_RV|xT|4Ch+;wPZ;Iz3%XeL1@{rlyE z1|jx7X_pKX#Qi>U!p{wKnrM{Bk!H=-^qFbA^U^1*wV4cj3^M=T znE%;8d7GQVoqje>&@t%MMi(Q{X~$$I&F$Ebwd79!*R-(_@Y z2@nz>R+jnxge(8$5VEEd+i7#ALj|@%{<;?gh`AEd8y@l42K`N2uMkb~5&rU@I{q67 z|8M9K)R-VB6hcf$+Ua^iTm9cf|Bc46fkflp8qJ{RVShb<1ilnDAn*~1vvhd$-wt6Q zA^&8|IsFa$-@xEX&}~98O;#&I%ny#gfiqcdHi6@gP}~Xsb8C~ok_W88gd`T*z0REV zf9uA7Rl31LfC>(BgX`}Qd#Bri05`hE{fCl&&G>}$K+KIh{~^ggk@!C(`8N*w4@v$* zlK;q(f0Os!7D0`-1sclNjZfXXdACk_n~~^54|Px~TrxrK7IDbYK(YuaZBH(nqHu+m zQ!*kJ*QDytsdOcXnX?53B?WEYHl45{>|yjuzVaV}F1j7A#^^V=8@H{luBL?RAV=BU zXq*z8cI=@yg%YzPaOgL8s^P4x!oaNJM*OPx#0lA^_N)lp+zeyYXpLxab$UJ#OOtf%4GGN?W-fFu# z%ySzZ)*DB0^}6p*`O(29diOP>oPu4&*@iiIfX-=onF))#^Nk*+e>8-s?su=ZVEv9u z;m5C=C9z>n6r9YGx>|EDOK)fags(m9d#ly`q-@&EARziTHuB5Xd0ma(&}{`r@$|9m)0 zNP2C;Mi~s- zeo}YjPk&U(dXtAo!*V5tVm@+V%r7^&Z0!;UI@m~Rs;c-d+xE%osMDTwa!{2> zr%BY*j~y?p6h-%mDb`w7p_mW2-x=q2WH^9x1RpY=&;BeVZQ^LFy4vA75KA;=R*qfI zAH>?#9J^Z4JRoD%;8JwO#VL*ghh%;B;%9}tS9@wLRr6lNoO@(T^o&IbJzcrqU8_v1 zs?sGZBe>(4kv!9D6IG4AMY^15EoGf5CR7Hmaus9zAMJf-Sd-27rZ0-9h^QzCNKuqt zq=|G;DN?1EP?X+6gwP>GumIAO4xvh~q4z4%dxwNjq?d#eNPs}txVzWx>wkZK-7mZO zmRu*-%robnne&{v?=v|Z6w+!nAV&{(w}H}9Ih*ipHjarqy$>FHTM&1vc0ln0p6mYm z9sEY6&gR#h6*0s^`q@679lzN}p}!DRt}B6B5UZE+4N^@-M*5!IPOPAjjlSZIPVvn` zJ)3;V$6wxlG>|c^(4qY-$z0#YA>INLEHc*bw~$q|FnQ2*7(np1T)6|R7tNiC--eW^ zu8CE=4zLuMA?O>FNCzrp{?73}yF%8$i0}P1gzF_BksZ)am~R0P?8?u!4%g?&_)vy`9Kz&R&+2Rw#Cu=2!m$6m0B@Zsp8BDw>xE69#`yGBt56>`ubOD*;!t29HwgEfkj+))8>1r z{bZ;qlkm%X30@}IY6fFCZqTefn-xqnI)~YuODAZnnm&o++^|Z#I^Euc&|namhT7lk zLayWrUaA-XGEu%GWk!n3rXEG|&)l+oKQ8S_D5sujGImDZdC@BIbs~)B#vxM!+Pyx~ zd9yJRf%P!2@0)Jj6Zu}^h3V~0g)3RivwbiUC1hLeysGriB0zkh9oL#J^0 zfP3jxDqu>Ln}CnA48ljlx5Pm`4S;2ezRZ`Sz%5~jU9%dXl&|xB6MswA%VtQy9?VtF zc+&0-%EK8S%b!rAVeY7&_RMUEphrCP0E8NLLPp8}wEWaAJ2q*`D_=G|g|#owi15{- zmQ1*?C#(r`b@P|Np--isWllts;KH+3^CmxV>(>1x1P!5i;?R+LitNd45@gn$11e8Mb;Aa^@cab816^Gc#e&ABr1jbMhirj zm(cZ5Pv@+y=T6C87lT{x`Z|Z0$UHKLD-K;GX{d;1@U{_wBGcDbU9)N?C1kQR1EA(( z=-C=*h+3NAck0(3J*JxDJwFCv&y;PQ1x6rVA!Q(BM5Z4~_GC*&C&N2_9TOD~C+zK# zvhqh4j(1VvLbi#StZh=3=&Sqynq+reM)_{WK>4H2pEihhggkL+oF!5sRUc#*M>~R8 zA63=J?}^RLbjr+c54%v`(#L4{kmkTHw3?ZNnt%VX9jacHHZjEV*bzw=HlxG@;I~e5 zLioZg0$Mv5n%s#I zI7ptI+!z-2kM`*a4(R+qZrV~WeS#bpmjj(nHr5=zw+zVN-PqsB$^2;~b#oT;kV?>; zWxJ+?I&dR}p#GW{aj+1kuUU?-D@mRY%)V9>tIQUpd@D+*Dwk-GS4~{n$$3nIvhz>IHmO zCdtbjl@6jhu1>~LJ$Uova)1M>Mrp?QDT8EAWVQOQ{X6VVX2xu59Rlq;JKl9d?uK+{9N^I|3=IBLd>X8opY=HvHgp8YHHH9VH>uT z-yOs8%K4XL`pBs2<1ek|n>Xk=d*_#7k&>UsMu8`a>gIK4+b^uXVzxTP{n|uGd-OjJ zyr|&4px&Zb^KLdR?%u8_gIaG|zH@C_K5Ai6xGvFUAY-(qO2Plg#MDXsLiSIN#1`1w zN$D*`jqfO>J9V`;&xcfAGY_o zW;a!-%NSOvVvffB8e7au2%Z(Erf`G04NW*zKWWdywf@07X2-}%ok!TS^nW8`^H@W8 zS4{#lP4>Dajvw9h5?6!qCvHl>1%*vFjMJ~P9Z@{?D6NNpj)%%_ z&FO@FHCPKocG^)*ZWv2Wt#8Vr#z}<^U=vfwdQIliD&PAOiHpmWCW1Nr-|QD#T@&x( z4Bz!L+zT#msqyUop+_ZzCDAz6L|5Aj%=Ql{9ha}yY;P}p-}Z!6q59IAE6sAG^#m9% zihiQFUL12S_2H`dTn!+D21(&L%N6CYvu2UxNUb48tBKqShuNt>mRi{{57}cWUaY=YNNWd z6~26@y}6@GiIcOPB_JMn zqMoc!=GVuebGtrIQh%50}PpK&@?XcD17YSg@aG@p%L-v{luWnQz18mZ= z{;l~i^QY{JEx8;nv77d3T^0NfLAb%K*!ywY=Y zx15g+e%zhI_eF^kR}PsF0zcY&2FbY?wfVbFek~AI#snm*YJMp{dAr@Z0AOHgCVo17 zqgOR1O%(@tj1kJtZEtULBoU4nwnxJuk;3-{~_Fv6c}mw!@t{ zcUB^dM09uwvu#GGD+JmpW(wQrQe9FIP~NHm)W)FR@O!&<yEmKN0ncx+0 z+S{T0pm-2!l37m~YIfAgZge|%S(jOywPeBRXGir;+)j&y%srm3@NjI60kfd`$B_2R zA%6H{AaPZLOnvZWg7o9)ryz%KKJ!ugD<2WNRaG1}gpI(ekF(Rq)pS3_)#K~_dHMVb?5WCC!ZNsRxL`dHhPZ~h>po(f)6TU1q_(c z=CbzAF@RsraRsK%zHGxk!~DnItlqknI(&yt6+Qu21|iSX55n%5Gp!+6R}tC!plc8d zlj3axD$J!Lu^37I0}U|ob(55)B-P__zHMmjm&P+3t54ha?X3XbbvZ_B@)K%}5n$br z__c+?l*DOFR{t;IISTqv;Yqn8WwsSiO(RnGP>`TgzJLJ)AD^*mat_0rsX;QhMSf_yk@;AQ#LPh9rKzSD7;i^|H+ioIL+>12&j~5E z#ja7cr4!R{K^kzoaMDrTL{i&2&(~<` zJ(lsblCd3*^@~?CfnLB;GYv+DRSX}zCJem=#lBs!H9dY-oJs>TUQTl-u9_%r1i{!Q z%EeSxw)|N14%0N}y<1)}JcPWiFIQ8fzzEBpzEe77c{f3h83*0-yO;M!*4gAd*jgls zwP6ifqx=D$eoRr*L*Jsme6F)iQ}<+57h59~>Mu5+x3nWq`)1_~Yid=eAte(n2 zDq0cbSNh;)ow%X(t5H`okHJh>MZRaz$4sqt1)iPjf;kwev@Ywx77#3We~v{@a6aMCMqHeFN6#+a-i3w5o} zpBbP&gT-CS8}7{fj1X{~^td7zK{wb&TPD`4cscAsK)IZ{n*akI@@pN(hE> z&FE1Cr)0Bp4n*8Wea2$-v#h1LRQKH?ka3kE&u#WhAG90M-t5{4pUA~-Pj_)o<^%e4Tp`X;O0 zMq@F7A;C9424=4(8L!BQeMt6~TtG{j2=SzP(WEmq9oOZ%xIO0H;y~*gp+%=6ssjns z0iG<9V;2D_`QmC%w!YJ(_xI0*>2iuP$0W{dI}5U@%P#TyGlZ^+ukVeohte~By=r*Y zF6l80pS)C*TGwKVuk

D<8K^90>@5t_3;Qca|*ge#Jc#1{pHp>zErXl@Ndfxm2TP zjaNG+R{EDvjZWX-bXMAIOj~YCU!-o$e&@M4#pWx30NJWgFTY>2JKYG# z^vo@7z!$=-8hWVW8r|+Yf0+FM7*{-Vgb^J3U%5Zuo_AH+&TLc#pQw$6rmDAW8p_Aw9a zshh}1%K+meZP-1RWdG}_LM#=z7G?W(1vQ)N?dxeoN}Jw9MF_B+Oq3%hIb;)-tFzL7 z;MLTaW`$7`r#H_Ttaku5&s{1K$V!tds63O9e1d|yJ`<){HIvYOHm61y`ksRzBy#XN33k zGYw$-*b?M)QA7z?hYTys!-bzSfJ>l({u0st%X8j}@GuU=kAM#eOWY-zccYs`SNcsI zrxIDqL|4>;a56yJ5I**|agfHQG)4F6S-xR=jIMo4wY++eMg9T^Z2@$s9Hfihl!zmK z_BS`pQ8$1+J^P@6LJ z7v>Pa4~9<9v^B1=`r?g&9-xLnU#*JZi{XefE5(Xi9ot;C#3}u;hTA%WCX?+IZf^^M z8LVa=d$F9$h*juv#J~!woCh8P#XxP(A@G*@Mo{RvU7E1*+#o35!D|OV^v5eR(GUH> z5eSGO9oWYxq}qy}jHWpcUmUa1%@@s78T%)5O<)6_>I*V{BQA`b-p!i>UkptY;HVx? zTr@fNus05{C$N+C<7sK$Fl#{-O92jsRnG~`&Z>PQQpF|OR=qzyElKREz?sh=xCJQp zUhRoMr#h?fPw_nKA7-iT3Qd_+nZ?M!LJ8ISxDo06d@8j6w3riJBm|4(|L!hY8)j!NK))`vK;rQ)77@BD5+K9xH?YK^+QJ8;SwP@wd9`;VW{}cc z#ps`$S8C!FZ$Ee>gx*W3@mT-n8R2Nq2G)O1anDYR=k(rj8sSh~`| z8K^*7Y6I`s3Fzoj=b{5ei=!niefaWy1^TIZ+4({aLg?}3J5zY5+w&nW=6oBn{&sR9 z!GHtAw~^#FOmN-1uUog!(zyaH&l2db_eHfL@Yu%`^kc&J$4Xw<(ws{e_bX2`#%=1b zIK5MBgJ~U7Kiygi@;O`stuT8tl6EOuTQ6Sf(-8^CfSHTX*_+iBY{VgEoOu-4BBtXz zKAC6PYh>{p0*Rl1JN5^{^iDisY8RTJ-JXSdm;>3tUvc#EGuo;m$HtkcVx_Z~P&M3B z>GM@roQ%&7v=xBezLAcq~6>o_`>O1jsL%NU#S!Pjb*M+k_TMkrpHnNE{5}^di{jl8HAG>%Q;I zRO`-P)!xPOb9Bhgu^#-y&J1`zt3M=hh ztFX+o|0=+;uTW1X3kfb>2Z()#r*XJtjS|L5ZpHu93@N*^8XZ$L=O$^{iS;90w zwbDWcOgq$c4i|FhQ~X}7J;_E`3IBTX+a7t;D#Uwyw(d<6d>OARylNclTgNSvDq9R<8# z#YJn16j+w6u-gG~TSa3fq`Ig);b*JQ;=0+s&DNZMKA~{4vI=oFa^hcb611J98xvT_ z!Zdo-H0*vaz{#s`W+gsUR2@iB4sC48my}@GPH*X{9X1)IX9auoCZG=&t#q2tB4$=gA`s2S$pwq~N z&xN8X2sLhpoV>4Bs{#LbZlxW1;aZIjA1UhV!@N_FRWmaU!;yubJUCa~BcY8Ei3+%) zC-H!^2Rsb+WQy~|D(Mz5di3!LPEqo;LH}a^oXipeaukL+>G4k7Vh-u5MgupKo5)Ca zM};WprBDj8b4thI)B3E2M$p97p&JT4%7fj_=?o)g8-q3O0eKlnn_L^U%TaE&DU8v~cQ7E=~SY$gJ0v67M?anw`VJ znsTZyga$H}D&ATPlshn)wI|V{qCMzqEg@i6t%)?I9!OAV?9;Qw5~`bmp8Z}DN{!$8uc9jLa(C_y4ePq+^HS~Ku)4-XdR%yf;9u6<&T`H+BJp%|$l zMT~0=|4;%bZl#apu z37QsCG5pt4dFSO-!>)Fz*C-$DwUziYc}(ih9*x|!5y9T~Hn}%!8I*jnFm!#jH#e27 zG{61#3rztC+M>kb%RS#>+2cQYOu^^zPAoRI#+Hg|Ffetrry^fgu+iEfx0!JAQzgS@ za3AmftgjU$+xyz0mtJxgl}vgv;?lbLP~6QnzPxWISDgNpy!F%*0 zl;WFbn_80US;g{5^|}pv+`woCiyt8>vAWxbcYKhss3B;(>xI}1p0-1S+75r+f(TD_ zyD^^3CbN3E0i|ZUiv@3?xjaN}k8KHa%IbZTUI~--)krbo^+|-(=!&qfohUj?T}T_C zO524vpUix0Hc7x^-*a=rjn)Bv_`E#k*0zT?9Rfa4x~c9LjwbkvSv|aY%uM6b6pIt} z2}lf#>AHV2o$1W}()}}+>k@PbKD)hlu?B6V)0c*>l4&f#AI(&$^t7b8%+$Q-=>2X& z^KtKETZsrC$YG?mPNY}Xesbeh|J}O17JAL|g}Q@M+tSx~PsIFcCj0cUQ`;L$hstsW z*um>Us7&N+SwDR&^HibqjG}G4VI2Jkbe_TY(b+oe_6~+A;;cC%+Cy1$L(S+ z+y2RDgKMV&%h|2=_CXrdTe=p2lt7^eh<5%h%g?RMZzp^zPPdoC0WIP zhbbkMLfjSB*MV}eags}9ML*&Al@?t|AFdp84%PgLIDO)_rfbaMRrETw>>sF|CAM>v zuBF;3K5aft6=pdhI}3`e@fs|frN5ryujxC87|B?5=Q)T6XQ`;$xC4BXJ~Qy~uK7`| zIHwzN&Kv7asG)(((I-%lgs00L&b0;PMUAf&#z^P=CymdVlH+KlOFM7)bZVH73S(m9 z4j?Li#CV%84+)%Ihd&tGAFpaVmD}qKI*G|IXc5Rv%f!8qI}mqqos^<8xlm{OGR;F2 zM){~H(cEQJccYyV<`xZG^+LSMFWP7X&K|C&Lo$YpttOHkt3eKBNP8<~C{p%CMOmJi zgroU_9csA1SLInHQ%y~8bA(7q{G1!+KIa1#o}O_oTm8*{gg>b_h6Q*I(Eo;N+_Zx7 zYQy{U-*4f~Vz=oZzL$GNHi0PT7d==9g5%AbL0mhj4C=A217yXil)}L|5q8Y7nIxe4 z{Q=av-#}%Nc6lSG*kz(Zye+1sdjsJ&h+~{q+dUW+uh)WY>O+gd?<`o+{P0DM;C1SlW z4G?8=vmt>EXgspXn*fY!eC8{!=_4~liXtlHBK@k>)oG3q=?R$!)kDd9R~OfEYT_PL zfyiX=e9gW`lR{P>FOV^l$H5wIAyHB#CL>^oI3`C#hg;?ll#et3nd-oA?_6|KUCNCl ztIU*5cy_XM&y5sE4F6i>hHL-MWTc%eV$N(2ON66bkSXXnS{!yGLCV@P=hYFTr-hub z`VSh$KFObrUa+OWC3EsE=Cw-~+CT^=0Yb?Ax0B^0mf zVH5(jq|ZGN%Eb>|UtwGqqf%XIzlK-xjit&u^EprjMpP9eD!}>R#kGRw^Kwl({~|6@ z2_w(d?omacQ>7C}3`0en)c%{){s(Ep5a-Kdfic=2-<$u&r^1^GO0p}LI9{8>DdMxg z5ZVGLebD=r3k`|LvmG;rVPp@=!3~5^K3=v-jnRDXanQxA1ik-Z@RJ9nv6RV*p4~YY zNJLcElr`tvaE+cQ? zd4~U44mjm$V!}!e5>eGeh{4%%3rVgvP`tZX`$Jfg6CqoW3dncpaTq_6rI}m z97~0$FVTV_v=;};+T_nBQo#}l4H6Z*Dkf0ks6vwkS$#*UlPW~k`u?e$Zr2hJu|A!; zJ>dDGJQ|TDPV1;znOl{eCqhp?ix+;@-|O$*2tX2Bz?E(ps*~|0G-xgCW$PV z7;e_}Wp*BJ7UN%^NzJRzaoghtk}4+PXJ-o<^y}6VT%^xWubStIZ*F47uq=r56jhWX zYNA(G*b!5Iyw^Ls$AtrrMH)v3^^1c;63Yiph$C9-A4N!;n$Zz)5qVtv2E2+PZI+zD zT{o_Tb@0c85+Z13$Tt0$P!ui>A8`rLUTm06Ja9`J3s4V7*jVgLp`2)q&!#+e z+F({@6ZJcD8mM?lSf#n-jDb;DFu*~0(@opby~-iHHh`Ol zP>X9G-x^Y0{~qBXvmHZv7xwUwYp}g(AGu>M4xP}MQo1Z91pXpazK-OrzM;?aHD$E(1o zM6g?V-ow;>rnJU1n8Ns@I}I_@n4Wq%l{CL5W62#+x~!L zn8NPelFpy1-zS#@8(5uxQyuiVAc~mAT!-_I&xhCDy?~ZwnP?Ux98O329Q3fz(Ybjd zC8lnLcW{W<<*;qa_`jM*P8Bw!No)d!QGAk5+wtb4(0FYp)8wpwK+>S89H5Guir<^7GCHptv*iRI(je&5pvK4n=RnuXAe zgPy6e(K~)gCq;v^?j*m*V*%yNb0=|W^U^}V=|B>hwZFOb7modGdyMZS+FHD%UZ7|K zdfKfm-Bc|95oOyVt-=@J!K>%&AaOs}N4FPL3COM-pOqR^*^EJA* zCaWWt0MI%>bc&O1gQsEnjf$OaPVdImz_F48em;-4Ws-f@bU^$iC17-eQa+@z7Ew+| zcIBg1YrW;sudnp8Z}{fSOtU+Euy|c*%PsEWVp5XU`1&6k)bsOKvwZjYJsfmG$RH!N zMNp~V*@v0i>-10LJ+P5V9{>22HtjL9y3eu>vq*87 z;U96?)w7_!#l=nV_~m~SqyL>oOz$UAf%|4J-1&p%{BQE>O@0z5dC@`B;ltnP#IJ2g z7S_%eNM|^IY352iDOdTfilgeU*X(dskSv76E|3oR{?g1xRgw;>77>m3FI46K{WZpj zWRb}D{@1^#>wn7Pemo}WlT6UBfd3wXKRVq@61z3^Q_1c9dkFsM(jtjo&0K=Zdiqxj zYm(T?Z1r;bU+-!Pct?^rQ5*PbGyWe0{{PwE03p)-NCM!CuciJ<^R6Wc5Q7S(^Qr!7 zkx0^O#n=7A$@~|u$g!G`-DUEE!wat&IKGArQ+jPwn2mmBj=T1opzeLCFtSz8J|dM+G5}H?uS#dL>}7d|-zQEo zS8LZ)@ux;AsQ>k=>($z`UbJl;&QkK~J`v&2oU(UQs61LdWX0)_~!4?GZZ+*ebdK=O!A+_R>Ax;<`xGR88C!k- zuRs2Y$mhTBusTpzBmb*K;2jd)vYuN1F3a~HA@|XY1p9SZ!hiSLf3MQTJD*!x#i z-jycO>>Cyny!-Nx$?&hox}r^LeWkm z-T&Aj)|*+R23f1PDE~HgtOulZ>Bam{-M?#Fl}QcCJLvpHK}-@ttdsB`)Ett}`k%** zWbu{M$cOP9-oH5TLcs9vYsw%rI`V(DU?nv|k*{v_pP!TDvkW?t|4!I*0{?0ue~r|L zHmv+#!~OpNNdEJ1{C{Bl3#|Vi82@|C`@aMXqO4F~75wA#?=crhpH~VRFH4@k3H)#T CgaPaT From 2c3d72935b176ee8e9f47f8841aad96862c65434 Mon Sep 17 00:00:00 2001 From: Pliable Pixels Date: Thu, 24 Oct 2019 15:05:45 -0400 Subject: [PATCH 768/922] reworked logging --- docs/userguide/logging.rst | 16 +++++++-- .../options/images/Options_Logging.png | Bin 85677 -> 0 bytes .../options/images/Options_Logging_A.png | Bin 0 -> 71916 bytes .../options/images/Options_Logging_B.png | Bin 0 -> 84867 bytes docs/userguide/options/options_logging.rst | 32 +++++++++++++++++- 5 files changed, 44 insertions(+), 4 deletions(-) delete mode 100644 docs/userguide/options/images/Options_Logging.png create mode 100644 docs/userguide/options/images/Options_Logging_A.png create mode 100644 docs/userguide/options/images/Options_Logging_B.png diff --git a/docs/userguide/logging.rst b/docs/userguide/logging.rst index 4256079ae..9360eeaa6 100644 --- a/docs/userguide/logging.rst +++ b/docs/userguide/logging.rst @@ -1,18 +1,28 @@ Logging ======= -Most components of ZoneMinder can emit informational, warning, error and debug messages in a standard format. These messages can be logged in one or more locations. By default all messages produced by scripts are logged in

NR*1jY>+m4FkWC)uIKF-88c0R+{ki*@M)B%DxM$d-F*AAF}5E zkS9&U{W?{jV*&~R9FaR;Lm2FNC_Haxg@fkq8noKDznZA`(kfw!i5SlxRPz&(!1D%f zGv(L1N-62li`Ou8J=Vk>QL zIsN&2P9EkQwhhalP0mj35CSgnxvq~(u}|NAV4sOE&YZ+yaV@R=fvV6&okh<+ZHIwX zokuE#X#*bkuRSst4-J8cmi_7h8df5a$OK?231sg6^^!IQnx z*FE%XjE`iQsF{9>$TEA%Ara>dKTv1#>ir8J$BE0eCF_Z4PBlKH$BQiFcR-){{isd8 z5DIe)tz_!Izcp_@qM+bROs0Z+XcF?}SrrV;2f(9 zB0uAx#Br+=$$}TR0^ArZ#KpTj_^`F_oKD&5A+27_8x=P==`drWOTBS@UW7Bw)#8Sp zQgF*j6Hdz7P5+IZLo9zo>kX|SQV+@D(WxSyGsCw=$rHGVnEK;ykdy+1EKh7DD&8=e zK@CZ&=CfsV=0zHeqP5zW0jeucg+j^IC3fk%PO>T4YL{mv&s%R~#`T%6T%l)Oz4gvxny zXRc_&81o{qyh z8y!&R({RV_IAF-&t{$h8)fmF|oN;U=*?sTAZlqSb)+gNMg3n@6c}R?s*a@5eWHmt2 zZ#fGIfc17D2bvM*s8sgF8?KBrwwDdp4<}7TgI_)W9C_tBy73R%FLlCK^XMkPB^%9c zlNefCQVvG!HKhLYvWg#+YUZYd`CL}}1T2{bGIHPTtZ{T>ps(nxeO4s5_~`#|#gbkn05wj#@0dfi z4a=?3u!ZIhhT#` z(`S-!?-CXm$qY+>V{j7Mu%gKq>+y%0TLKcxpR%;gW+A!RMB<{CaEM`mOymup+cEuF zgTl3DT$p@?RB|>R3lDl2WW-w~y$9m2cUpfPPzPeRP}myeS;@IX%VX_&{*cCJc(*7qo z&f&5u!@Cm@p{gooe+xS^w^Xd)D#F{s|Mr?ye z;cvEK@>}96&>PJlt+N$e{t!6v8*g3^pPJ@QyGt=K#z*NoLiy6ZZItXMx-`+i-Fdr9t=P%yo++%NNF_nUkBF3ISW{7qN+l@jS@#iPQUL8Uz%>p2Mk2d z)Vd`kkmgL;Q~0Nxjm86zI^u<{zg_X3#~I9rF|=FpVx~h{eC`!9pwAPWkLMx5V>jmH zG98S!Z3GMHEWqq0Gro?GW1l8GZCB@J8VH>64C7xx^jQn`6)dM)tK;BB%YSo3-a00~ zu7;|GJ z+kisY_)sfN^RtGTa2(P9rWzk~>W3*Yo8R0N7n(9RJd_!cD@*$p+@p&fR*oCL(1aQP z5REx@ye_Z#j9tnMw>g&___TZPc3nLQPALlv!GXHlSOz$qyItN~{*jQ9%uuA)ia%G4 zbSJE!)b(lE?nL685H~p6PHS!P4)r(A(z+fGOM=)W+mUzc_$uQ8|I&;Qm+Xn`#nj6m ziE!xpk2f5iOO=2Wn8n?*BPpZSaWxlf#U!N^mM=leSI#hpnM>L3^-=ObBvgS{q%5B& z=7_tsB5kwF^YjzvRW>^e(~#>hk>sB2q%wu5Z!$>J*t10&{-k9daUEVxlC|aCH#Im4 z=^P8JeYKP|KPPK>oCZsV*KDP|sv5ejs&$I1R}NK30oHy{hUCwzV;H9vgc#;q;sgwZpJMS48(Zw5vHH zEIhg7{8!vSz+FPEy5br}PVNUhXb6|9{1w5~bJ_M(A7r7f(@cakX0q#Y$37VjlEq-p z_%p$VLL}k^3M1Vkf81cxNamS!W<3=y31u)uq+4k@W3|_aEhPRDRqFo()|VLbR{4MB zZp^=bT5Llb78S=MfQIi6lm)DOtUu@qJ?Z>f>+fz4jmM44V@cRfEFMo%&{C+A@6_hm z8qx+mY{U76Jzu!J5cdY$gCb9cJmb45^v?61Z4U5VaSj9?Lw`;&UVV2N&ji50;#TXc zlo8Whz0hWxxBnFO3H*Wz%4^+nEqI55zspd%ru?*_#qKPQcUVz+BS4iKcMa!uy*A?y zZhf?5$`Y)tpJ1|HF7dtJ+hj_&@@Na$``D}x?Z6BE((bkDcXFtIAaY@qBT0eU_x57l zVC!Lv>@&4|Pc&br0lRUk8_In=99E+AB9pNJi8@CQm7W*T;aTHhEJYY=R08xjPnY=P z7^&MbI66J|)W*r@u$Iz!W0Mf6a_AxyL0?VA$M4%7QZb5S#mw&!g`j*x2P zRPqI%<-=vAJqZLWf}__|fh*f_J;(5lghJ#QG zZv^fdyoHz}x3&}41o7sLbkrLQ;nW0oZu=Kg0-?Qpg}NiX<-%1HZwBJjH))%&k0F`> z9;9ff5q8)2Pa*Sy$xp)soY4jUm*)TX_b#b@(-v7@85fbw!6sIcOC80bZUcBpqdelZ z8zF-aqeM4T@8xk5QREXdl%XTG|u*r6$kh9kNXu%M`Jn^vVV$nq{WB@8xM zMpO$_ZMEnA=l=`43;y}fBt&0)h9%C0+6xWBEr7>jMn__tMuTf670ACke`ens85aDL)6A# z@kBKPboq~BCXCI)4n8pPyuc$809(~+e^x0Lu366A{R(FF#S|HInb!65AyWBe`fUC8 z7$)<`VhUG35`}XtS5gY6@c)!d?`$-Q<36_FWbKpt1S1R#d*=-S=KHW_wp0(Nw_w2w zKELq?nQ;#YjLdo?yp|i$Z);D6>yW)4qR-q_LOqyWV*VkEeIaaja7LGBlMX3YMWG~ydK zgs^(`@B}~xGef#I48|fniFlPS+uP8AC4%YhE%v4Kf@6nng2b{^G)AM#7HJHAK$kNdL)TwS@^rGFJF~REfb9?7iq^hVP z&xjL>6Z)wYf&rc^P3Nn`!5OL-*mZ-}PKbL6z?L$oMD-A9dgQ>^DoTWWv>-dwXb7i@ zf3LrVS<;W`_WFenhtKb{Kv~B37Fk=N171{*XfJXDd!x-X-;7=7^Scy-+ zkZ41@mYG;d9)Fgm44BQe*qqch?ok`^xD5FT3g@I%ak&$w#lM_$3>}7pM#}R~%f%-MV=jpLTph>|GQwDygPVMU z?2oIbL%NR0a0_~Ac*SjkkQt5YxG8jDxT1g8iJ_Cf-N z(W!-wLS-Tbam6wYdY$WY&4ioIB~pv8Svv*ImFtyOAsu=|Pj43u?d4Kquw$#LTeh>DbSXMS@7; zi=Skr?t7u|?`Ta&CP^1^vlnFQ3^=da)JyVMj#J$>kpuliY`JdWu}VD35QEDZAFMRH zq>?5;{M8q74hsxFmV0@_LBb{dik>e4V% zo$Ss#wYQw~7>9YYxNfpiSq}{k#{bBEU*y4m^)z1(Q85=XQ)I&j zBDoJ|@u4m7^jfqM4ea87zO*~&1D5K%Q-|(Gu1?!-G~M1OX?h=#@cww~y5ZQUaNz^@ zee|>?*4=H96N;7Ezr#bA@AGr5R^wM|^Ul-hw0mZ({LV5L(0y!X&XMs3dYEo>a~~2z z-LCuk>FamD-#ee+KDiuHN$H9A8H=a`ZXzU+uV3u|KLk43rGTDS8jg!WYDZm{r+|w$ zQRuFo*~nbeVB^jH`KoVnx!h94J5z0sQHy<8`t8}lo#IR#eCkgDg+0qU9F;{pkDu7R zm{-HUh}B#7POR>R#Im>9xEqu=SQ40CF7b6`Yx6IIa!lD8=pUX{Q#*NI0?*U3WfIkz zq4DcCuL_P;>_U3p3twv+&D>7oIrMa?2y7exYCh0cyWx{JZF&$9p!Syko(0dr*8ZQW z*6qnP$z1Vh)&*lSNm5|37v6PZ*edGN<^u}j1>;Wu{$YD^_9H%bUP4)~|CeC=y&{qf zI@H%A%GMe?yVlEa+Ft3?H;G01PWf{$)0~Qz*Kce0?9Ezw+;hPx+;0wDt@mZ_GB~n-@mQ)~!awf|KU4 z#@r{?=VLpl6iTJ}^}b1)dA?IJR5R=AEB})Bq1~;4mQ8#cxM3(s_|hW#31m(P2N0xu!sFRgF6m`1@U zPrK=-kB{JwZ%>o;n_ZE=@r`e1?RAT*9+yleA5t9;^LR{_9|8Mx0Ka{@-M^rFAh7VM zx-0G*3MqJ>>#5D<@-5cEGebv*JWPcwO1g-6M-qFT< z*2&SmbP+}8#)h85>a`yn(9nUO_OtF@h5pc7W1^8%V+@Dn2!__os`Ix}jT^I(4k(A; z+}33cP{jY?xkq|3m3T1Vek#jxQ3GPC@-|Ae>aw+Vy<~Q>5As#HI2vSXy9`7jw6;e+9?!vdmmXQGiP3HQOz{`f(|Gx0X#8n2y;+qJk{ge_=ah#szfR*HelM3| zW?>TZ=Mb;LCAD9u;Pj_=MFcIIbh}7GPg&3(Vhgs>EJ{9F%8~QcJ^WBqJD@Z_{bQ${ zuMPqJZe{BW=D(#Jp+$Z;_0WKv)Msb;=s^V>!!A4yP*$$z5#-Cs>;5!jHj3ofa&b8< z&Ia#B{Z@E~)9p>rZxqO{2m*5MoF03ZT|M4{F!wi#e(ySdFX2xnjB$c<{yZ60bq%3R zj`Vi_>s_Jp1>i*(*E>7aPgD7fUs?&L(O6k4tybQjw+3w}_r6x;@Hn(fz36Qpiy>7D z9Fz6W97_{W%|CABu%L+9oq#DP@t3~~+X?V=mLHB~pt2M^C4W8in&m|EDxax=fKJ=5 z3w>j&7SmBKsuP5LLl>t_^h6mJTwpbjjr~FXsQdQiMbtWtu`GIs$vwM162$^eUJ--5 zXIXZ$s4w!|T7pEgtVZ{6K(QSLKDik(cM`nJB& zzn~y0SOAeOAOg~RFVZ`LNQbEO5<>4JA_^kCM!Iy7-a-dKsi9XPKtMVn)Idl=;BwA+ z&Uwms&pYndJMQykkG=QWd#$zSp7S^7T64|07=Jw-p7p5DJ3`CP4mjc)T%UinI5mWiH5bt)@Va~d5~R^w2otzG+qdA!>yw$0c9Q4zAWA{Z zT60rXcv=1LO4es(ntRa7?{^e!E^2jo${YA~@3ySAm`^7A)}8E&+sLr0gAe+Fa1Zd91qgvqbSuwV;CeSd%Qm;VbJAq_b@%lZbzrr}4c@$e2`h{Ue z8jcL+1C5XOzMHAwzvflPNQNa$qUoyBoZ;V;1k1WF6 zNADRkD(40pGp5EyIP_U~p%)GMF;|Mo#xS-~nYl*x?T3Hn0=P{J#%VWy`_|Zo#6)5C zvdgSR+n)+{9#-1&Y<_Ei&~0CAW2jFQiF|z-!z*N<&51dwJ;eTG#e-EaZjCr=cMLx~ zH3um3$pHl9Iy)hqzQd=d25Tpjf&m~QU*#;kePWwUhmgnz5=WcvAB`WFvDjwJEw`(X2v@G3ZaSuz;3Kp@l@4bqRB?=5gxcJL z7M4!7`qmfm&IRw?%KPm zH*K95{CN0;ynpU)@R_Ay%LBngo4UQUy*x)+EPRu-qhi#?-^t8TQ@=wIVB2$Y+Xep<`S`{Boay;c$g-dI1^!%|hL0(pj;{eV~v*~oQXY*h%DU4If9bz%qPx*5U7 zs)P8MEH9~v6uP_|9G>ACI_+dvY;up-&+B~gVt@*Rw-UIRzjz^<*Z8_cb8?bvKqL1f zbnmc;^r$DSg9{f*eV6q`xaBaX_ ztb}Y+;~XvZ`~n+~SBKq?|733@$JWHiLnWcs75d%a;p}$j@nyVE^MUsEgyfjeZ)-*j z25|Q4w%dM!1QmK*ea>3YMRG!bvN}(aN;#hOSNs;>Qjba;#TajDQxcmx<7aTSC?Zy4 ztAt{#6}3Kg87wE(6RLy^34I&a{|PdoZU^k&`wqh7cvXh7o_6Gc?2!f5L8w#rjKZrh z-I43^KB&DE6=Fl{flk#FS)e@pR{d=u@74K_Co6QUucEmr>siGjp%+8JJr+<=5{g5c zP#v+-M&|~0cc_iHX|0>LVLR#vF#Qv`&|Bv%ecyPu8K6eI74;x9{#M7qrR`|^j;xl zrYb7L0if6hTV zTL^=Vw**WpQjln)2aqTc`MXL_@Fm$F+@Rd=jeT_q4h@030ZyDSy-u!CSL=~&+W9R7 zjiMFCHh3-fg3ZD71;X|f_-EW!EC zm0ud25?-t%4<5VRQ5g3PP5sMaAffiAy_V9)A}V_o7BH(9M66ep4rL7xSvCb#1G5HoPrw2|trnRTP`{a}?M!<+*b6JNM<`Sam7-{j= z1R@qDpP^r&^(8+;NxJo9wa!!)Wb-Sp&aZEfmIGziF*2VvN3mkrw($pebZr6$mODva6+&$ zSU8Oj0o4t1ISXw0@=kzgT??ujfT-4L6BQc~khIxK)=Q><_q{G}Ce@p;62T!xGJ}Y$ zG@URBn#TQUfws}HMs2|Hsrymr3JkD2C@Ts*8u{f3}LAU$p!@WYm7w#ERfzRe{_D&U-6m zHBuP)hTsj$GAyFX>H?8ClL4roBU8IVO+`|MW+J2$K{ZLtG~tvL^T z)B3kI{rfq8-aV7S0TGG3RqZr8dy-yrKT?v(_o2rl4Gh(-gO`+&i{;r@C>`5;8j(d=J z$L6;){fY0kEVk*D!!s1}^Mn6Bl={cP zPV@DgfvbIe2QDCJA8vQSdhyZ**`epxc9>Sb}l_105#T*G`^31lo zf!16%;Ny?8NmSqeotyu`(h)Z@AcC~X*#1Su3_eqvfR-%CA#Dd_gT;TBplP#IZvj3@ z?o&ag+ki)(%pJD}ul0_b4sMs^3YwZ-4y9sjRao0`wdaQefWahjp7V_wAY;tcyiM`- zrVUZfVZVRK&A*!C3mcU!FSaM{`RuVB`g5})i$>MRduF9VzLo9jb@*e?7`^zOhu4#S zF#HdR``erB*E1N`a<(aDaJsl7TDmR7M3`wN0t+YXU%avb+Zz0OHuFKev&HfqWzYQ3Q+1=fYR~5l3>Z5?8SN_`ceIsr#PN@}sNi(;UCw*5CG} z{r3|Dt3DiE&61^*d-wnKMRDd~{_E?* zQT`Q+=e;@;=e@$w-EnO1-l@EEUAorI{g3hXKRHEd@P>@d{!`Y_8kMV^+O|DyTJOk| zm4z&%a0D+YKF2WM+79Y|v%Q3>#>kYZ1m#vDW2s=KjlRjV7laQfeOxB*#5DUR24(^~ zs3TOM6_JqvZ2!=d|NZa(^B!9m6C_jr0MVYeedqBQPnf_2W=QJ@S55S?=wbuRE{2jb zC3KMHUk~~gy$fz{Z9AEuNE+DJu&l{@B|0cPur!bx6>1zS{WLXPJD6PDBS^z&Zu=zq&#Vv1axtfMZ2D{Fc0@iYv3yNEzZ0_MofuBgPiWuI zd0esYGZ3KSA^OIb$^~Y4D{};5sA|=zm zZSOw|{+E>hNsE7X_WxH>Zh4tOg#N?E|35>?e@JzL%eAEh{RZxp|0~S>uaN(*kpDXo zy8^`j#mj#O`~RsK{#W(=mWJe2u&u{*&gnnrS+AszwMCxmMw*>zM12$zr zV7Toj2XPB#bZb%RHZyK3*?=^0_h~!fG<9->FGV2_)fJfCvTv|vJo$q~eXW6^8MYom@O_F-T|S-EBLiH>^^unFOj8vw3{D{y@I7 zhp%jF`a$Dv9$`AqKJ|rGcfSs23;LkJeYDDqGq&k)%LxioV&mnKH0$t+SUq{%1ga{i zQ1k1!C@#*vSeu1bX60{x-iYk>#J0pv2|6B+3`AR|-G&OQ$rS;4hNvUr4aLX_HQv3W zuqyR?*{%MMt`&I*Sy(kx@A0l$J{(AcAS^8Gs$Ol(QdbvnXxzGWn|(yhn_!Zy%*tQZ zhfjwGx17Gck%p0L&+)g!{RR1JWEDh)DBh00bmV6(p!%uFF+{B0ucG%_tCnXu^%nDT zw*8zaVDS=&hzYEiXZ{0_?3I{Q*jl)hx^M`Qn`TSry&m!M3z<0`;K5n>_;!vKUX`pNPI6tudBS;kvyoy;-XJWcd*e{upMwKId`M&5CY}R(#s(gaDcDWFn^Yj;xCPhAWD`Z>x|)|pP1{N5=b6yhudf3xI$<(51lJ*i9eR4y zm1RahXQVAT@ig9AQTL%ZeOTH88|q;^^jlB&X@!xeZ;>0e!stnSxg}e8fdF4Ey5?4T zTYqOgDD{u5oh>>b>Q(0g3@uDA5tw+NhnX*vYt%HJD(xEjSlO2OC{i}Ee<5P*I#S7g zSSDSDn@MZ-0A2Q>_wzGXyPm1%d7fl(j@O_l&Sx5D^S@7j8K+w?tFo z?BQ1MO?#%|%Ui4XINZ!UPn(0KUpcfWeo7NfwwmGltNNQ=j4>Gd6sH|8o;X`-YmObS z4m-9ex2V-GzHNe3PH!1z=f_q$77=Al)kil4g$Pv_aT^4#kUmG^a|5cso= zezatKD%enj%Gtn{`S3nZQX;Knf8i0R|A#Ub^Q>N5Bf1>WZ0rIy=S5hmyhM}Y)I=PV zix!L(EbzGZ-dZKQu8(Y2f@6gfpI@&vdwh6In9Pk$NI&Vi-4B;W@*QheCgZ;ydc zLUO&=O&FKUMFiiW2%lgelZntqa-djts%+t%Sw0ezbGc>&uX}{d)Dw|1w9&u##2U3?C5M(q&?> z98ZWTVmy(lLH>|jyxQA(_C}R+;!>ynKQLn~na>BN~ySBZUR<=}62BDg`I(p^80r zsQ5?q?xb!W*>~-Ti!AUD4!ahuwal&X$6Gy)#ZumlXH;=uc(cxbe)4Q7E?)7=vdo3> zrnHOOv$td54p|ueiNzwnfiANE8yRIoK(A40w%B9#a}MDy-^-U~k#>78wI?1o1{)=< z2hD~`axnQy1%M8NsLn{WpR~udY;%bH1TQ*2Nvg>8`PKO?pm0GbFe$|LObIFyAG)Ht zW2H{MBc9bKWzrtC)qJAbBUDP|aG$+$o4c=7ZL-R61ylCz&wX=G#OvTSX4_%c%>my! z6={Lea`Q6ZD(S?Np}3Rof`LNYj6R-OxseYj@p$UXj~@vumiq7jpu z%QB@rlCq;5ycoNqx-K*GO$*gb<$z+_esFn3x`qaLriRg6G^4}2yE(dMQWCWJZZ@O{ zA-xl0;IRO%2#C^vt@VTlCs;$Q(UU3hN9g80ukg|}1`Y3P%yFR|F5lOkykqU1i^o zB^uIsWv?tm9Pj#$KvS&h(6y%*x9G(^9fo?Hc)RstPeiaI;a{d$&}|ljya+(Y8J5b05AfjNj-wu5p2F#7g}5lkxRz>8)EFy%k5$&Sn6y^#WgBlSL&V$17`Xur4u& z=PF2KhkVOo4Cv^AA0C39;N;#NhxogTiVQN>UR?0NdYw>tTN<^6!t-(NF-3V)Jig8^ z{8Dtnv1w`G??py37E}!4*)|E@RwD;L^JF5E zwED#2Up8tM$1)1g9_OT3=LvXby>aXc@TWVM8vks?@p0V&3iOvy%-pR}$T+GKaMK7d z3L2%@9O=dT(hJ`b=nuvuspG?&eZ2r>2mw5Kt?hX)fG_d|Rm zR)Z9QHiDA#32etEhQ(6W2KX1U`fI zK)7W&$4(sN2X_fJy*)lY$tzhn9yW6K2(!EJGjQOXdHy5NRoCVhT!$jN-Jy~1B4?;l z^qCsTIKKc-;-CDtM90prgPT@d1N(UoW!iR)A5-yLK7{*DGRZ&PYCF$=KrdQs)f>ZC z_sYe*OniD2y7Dsj(>yoxO&Lr{9XRjZBc)}j`%ZJ1>Y+;iwwWvdpS`{P{cW|2F9@b~ z<@)|VpHX&(2MzTJ<{c?1v57}V!bT=;2Hu$OX}IJ_c(SZff;0tiR53xxYt8IsVU0tJ zTw4+6+m_v>CrI90MnmDMsw^!n&l-gWb2o#=Bi^-$Eo(>B2-b|G5N)Pg@2_32HTeMn z(^*Ma4aP{#T!L+zWZi9pJPuN)9oC&XbRT&ddYF(vLLX9yRxaa*;=5AfI=CAtrhMPFRaQNwRZmxX;LDj zxXK$_Xrqd|!TQ#1oce|HYjd0%4V!?r(mk!Y6}L%N(?K{nC*iX7TKxU)wlaD2nhSL5f1N~p5 zM#K6!<2rasD{^CCm$4$m4F+e=^laU1on>iS=-68Wnei<2iXO@3p+JHm^$?S3wj5*G zZUceV+#zjKJuWf&L0om8kM6#~$V6U4Gy+Ap6ArIoArWGWOIq2RAuoU5c_$@PG%Z&= z{$xBmmy#u$<5-e(Q+0|tI;W$#Vxl>u$nsO1v*(dWToJHfE`zR7O@vq7C^P=nz7ffK z#DO*i6{lZE1j+2tl@JV1G4vmRhTf-&@JxxC1O!RkVYbCJPpzA= zakGtHRO-W8tAeIF@Uv@&x2@w&cGB7(Pe#VYPAvLoqPN>j7IR(|!!CLWujFb?+!>id z{MnZ#hBO{Oeo<(xR9W5fZYTn9G+RDx-6N(Usf@FKb+ol8sSPQJ?|`LcA8nR^dBqJj z2S1eEdLrofS?=;Y7M49a;5;o5to~7f^xp2q0CqTTEJ?a!fAFKaEv1uW==7uulTOOO z`y&6rgKO#y!)=ST7n0ciAvN`)SGEmu^{2cd{sHxSt;4UAv7#z(9)+!{EoVcA=gAX= zz0>-$ZOJ1P%HD)h12=gy*ZeOH1pyZ`>k?_!W#4-e*EF@(Nz7kJFU;_7?Pa6ZbB@ws zk_8X-+W-+_Bea614ZwndxJTO|ktf5=*@E!e+(mxh*p(qQbbM~ozKlY}!LN!*=GgIh zA&HV$Hc#qK#OcfIlMwC3I#s$erJM(Rl`V|k>~%&h>KPV&Lu!Z>^{Xt`xF z$HHb#-e#e0uhq`C;_#jIIHl3NptkVvB+M2rZZev7!eQF~frwW3oooi+1mY z{_I%Fdw{;<4y~MpMjCoEoR5~Frf}eR%ZxkNh6QUKv_jGbaSAV=UwAOi>A&p{dD7D` zsf-=O&vhncGGVbmIOKlN?}g8nb6J-03z-znoBfJT(LT1136m`jW%WZ0E}j1VVgo@1 z+z;fKE*sV<=@nnU_L#ypwmX*rkr6hbVL-6cufPyx(LZ+!zsK1&Dlo};=FN@Su*b_u z>)`EOj~*!82-V~%QyDa4NC{}JpS)5pC6mI{s<(EyNN=sU>U63!x0>77)ae!rmfvO+ zpYA`ZK*pW9y%zBmSWyxc6{N=FuL1LoU z?5_hN`^)tW)#EzD@irFJszxaPide*)f;9~me4nOtF7KgVS z>A%$vy0(g2wzGq&ONp;=q1Ashy+!Tuy)VCEp)(fdbSSM>C)xQXtBYFM!J#xdQiDx% zQ~hPSA+;NQ1?TePA%F1?is-68R{rYfkG-~22ShK5N{S!9-d=?M zcU=Ycdw+UF{NCZdoeSVjLPUd0V&{%`>}tTtLQ^>ps!@}WZ^nuMuJvA^bv-iG-cx}$ z$tZ~93I+y}!KB*uGk^N*Vt^dvYofLx*feBB=iEl74c}e428-e^S5~19WmTuWajUXJ z&)_nHr;xXLS|+#kCZ(st}K{RoG9&G@E6R z-LP{~y1zXAaqN{TEc14h+B}_oKd=PWXhR{sY`$VLQX#@nP{AWTQR4AVuoD)r_qz#M zQ$HhR0Z#9yE*|Q>609XzBN$qhROCvq#63VQpdOjPuiYVBW`z>!v-1d(ONFs_c{dL7 zMR){xZ;3li5gn}8#FHe=98A+!X5kzVp%yX_;#sGVq6y!6#_U$^)>4rNPOf>4HAa%$ zau$xX*zIa0hDKkq$!N%opY_qP2LWB?-@>fu;LCz)&gz~ltc0hwaYgxY1-7%Sc5UdD z<&gB3*kkUy*Lz|{5;N2DWeRl*pJ(&T`fn_Gtx@TdHD-0=2M!uiIRZoRTH9ylwO&h_ zh>=}ICthZs?;|}AJz6ww>DVcI25{(!m-T3-{}ja_x=#06;C53*hBnihZ)7&gk~4yG z-K?5_%(#BsQu(WM#EyPE;gjT6n}o{hv(~NLGGLkM^a2m5S9tP-nY-UYNz%Y5nXNMc zb!f&qiZjnN?dEWn<0A3Yk_+|T{cy~rDFUFsBhHk&OcM`@4X_KfSy&ZduIVvKi5FST z^=R(0ntMc*%WAXV*E@JWe8!Q2Yu+YjfK}Q6tYH7*SJIr=$|I+Q5vT|nKNC_Aa5YG5 z@e^OYv9xnr;rzllQMYY7SVUxsoxj%2cMV&}-rc~EQnB}5MG}ra!aT+9j*a-1kr-@l zYva^9@a(R>;G2bduL1MQr;j`~tLEZ1^lBFZ2wg4*?U%4T^YJkOi+=OfEqv9^=Bo+C zl;`nwJBlsZ4v%hdk4FMbK(5hNW0FP3U_%lI5t6>PcNL6H?ZH6G+8RHF{Ia$`^j?Im zN3=uI#GaPDVZh>dI(A;z@C_sB-HZ`zvLUUy^5oQGP()HXm9tgz!ozUky9gz?HK+92ijt{aCzChg#rS$rZ$NU}K?bn}Lj0(R-<0KLgI#J}I0S#|(6gDpSILu@U$&-WIPdAk zDkBNYNqip4y&So^5y8S&4Kv4$8PPMA38f`|>Y4kro_i!y=u`4MMQ4?1T7Ohui)a^P zhT(0OI46k{XarAY<`vboj&RZp|4?G3_YCLns3p;y%D1y`Lhp3N|!8OwbipSV@`j@@_e*)4D=+E=5H1 zF;~T=YRtDDZ6v!%bP&~(q^g*k;)fKKhy4?60e^y_OX3qr@gfCTR?S^^*k(MGH_HSc zUks1>J1A7n&%74fx$d{S&OYL&}e}H)ZMHZ=Z`JFx~2woGNqt$dv9oJqmjc^8n~@ug(_>TF!z$;5s&g%5*n~ z|6%H^!l&BO5rP`Umw}s1t0aLUTV?8$4I8xXIgQ#Da!)>i+N-RAJ(0_BMyc)# z^`i*I!ONzQxbcS`78>(*8U=|`>vt3Dj!77&_GEH_LLxQuA5PI_GU?w><%D%u9%%DE z3uCP!u^9!0O4(=OhRxA1+1lABWv%Y3JhJ={E1P?yGbmX0bIcXw@1;9tTFAD`9LYAr zIE_S;{Fm(C7Iqj(9y^#f3@>q~W$+iVrARF`FS^Cc%yA@~%H@T6Z_`J6?rV;cy}aj= zW2M+W@o)qWMb^Yxa+ut3&K5qIuZ=ERo>=Kcxau9PF+gQLE`)iZnCeyvo`VnT6+)J3 zUa<&uqVpC7z={^8E4_Y`@?R`{qR?GmHYGb8+`Jm)E`6jxLSDU0^wdF*Agyj z@5hGfG|2*zkKX)Z(8YwHmpC;1K!GownnogMD@M8a%rioB!#oiCPNVOe`7;|PPg(gA z#_L#;G9tF~hI%4C*4a;fqBUYbms&TrQ=Ht`&z1J-HVrYL3Gw_OLGv*uXX$a-Nw5*= zA6gfMT~6rIg?M6yQYnz&66y=sl_48zYQ<;Y*{Nk*Bq#;EtH@m$Ak}xG>#w zi&B~ZZKi1ZfGBA1yfV+U#UdWR91G56!i=3Uf3|WYv${3iI&&G>uCsSc_96HXh_pq` zRDSzov5lN#%HIf1s~n^oE|NN3`|6|U`YDDbt47d87B}(9;57m!zv!=YM2Lq*4!YU}SqoXaB+T6f@bWUHM!`;u zgp-2v7QVKVjowX#X4+k>86IWU-oka&M;XaHHn|=0jD0LhXo_(7N`5^ioP7N&#~1g- zmVv%ZR)5`Cg^W14H<$`eVXpCDjR%?iQ_n&L1STWaGY$}g1jX3jm}oeZezLd!Q<%xq zXCjprqyC2}o4F6irD8p!k1qpqaL{Pb+qYmnBl|9N}KJY=!ZvJtxm z?Nt#x#j*6_t)5b2vcG-|6UuODKmQ`?bPgZ)|$&}dO`(pT%TE&1&YycB%GH^U?E8m${hn`!OEG%DqmgZS> zF_@nP4lgpwrJ<5wnN`4LEm+A&=ojRe;4zGO$b>A`t&u`4lL`czN-W8E+31JXO*pHl z37Jc&P$Jc?1>?hk1v0G43s3jb1qrFdnEfqphf-{npixKisOaz?N1h+b`gyRUh-UdQE>Yy*k!UjkbU! zbw}DrX3qlHPHBAL1bT+@TjE>gXbIlqLI!`e+HoXXs&NOV;3<3Ep$lx(w&FgIqKhFy z8UieNARo|8W2P@XzhmiXM(n)ci(nXq6){aUIwc{15y>GBKb^hno}*@$f7>+UnCAA9>q z_asNdNiw^EAmEwWu;bQke)6?;Q%QJjOT^gEgO0^npRxtb#tFmCiTM{Ccs_#+aI@Em zWS>*GPxW}SO)ENwGxaOYvB;nnj6h$g?3 zln=1nV&ijd?MaRQ2HdJ-`24xun1=)&C4BzI43QNwGOL9POC40|vm zpp+>j^&KUlI~cZ#v}K>>GvIW?t9H9S2DHCjlg$3sA0; z-?CeaRd2Ln1g}mk=5Xwy8P{Ut6hvl%R0R(Z)w|{teGbqmM(dzOp$%>HhK?JhdDqEV zw9@w*FxQX2A}AS|E*XkewxQN7X$B`VYBHh2r!wLviQ0yrfFN{rJM-ZZA`xWQ1RBiI zL(RztsrZ!;7dU9yPpMehk8>7W7L!yu-MJ!=566t& zw`KNE+UC8`KQViJw_+^n8o%*qHoy0#V2aD|HyOqPINj91ldFxQ(G{j{+a|wshO<9W zl(D~4QlvL`_Avtz1kn0{^ShO;Yh=xQ#uu73Rw&n_oDw0l6BL}7X-PBCDCyWoqr zkyMtX=6A^%tyk&hX16~e>z_Xy$>LV2>;%AqaB<4F3Q|YDiX?LB0?(;i{R{mNJXHKx z8Xk$OO`k`r<#)%Q&H=PU0Xbf$_zZZ~d`xa^qvGiStl=KHxJdK_rpPP(W`Mm-+{<73=Vl$eu1ATsf32 z3wS8aSP(sEzirSL$vR)-#~Y2Z$}gp(qPHigewqVfEAldZr)};Eu&FSamWx)~#SGH50Y_11Bjr%G?hJAjQ8sOs5 zV6+Bu05h!RsqpO4xN!>O`#0u)<4lHh8{6tqzYMwN)vbXOhsofN8#P)^Qs?Q3%B6VR zozhGzW{Xb0d7{_iF&3AzL#gLO?}R*bTh?>99GXd{>K|c7)brB2wq^d#Oex>jLZ?g| z&eU~}gD)zj$uky1CHbLxt7?W$#DP=AmuzOojVe^{goe9jdplk{B;8EE;-! zFIWob+(jaFD%&1sYJXDCq91Y(Yfq1|Ig>Lu%2*`4abVB*WpXsaxJ5X%Iyg)d9oa(* z(*%=ZI!I5+TtpM}3F%?NF+V)H$3R;&=5_8V<-}1L^P_+YH%Sq%hZ@9g?a&Pm=Wm&P z;V`ih)sfxx`@^Ts<9F9z)}IzS;dot+{*Nv4xrk`s*F=Bc2Azi~;=-FyFTw+{Owk+IM5k zqJW4($_=qwktPE%NiwBWHW)o|ugmX=UdZ2O_Kc#1Pa?eu@RTcWunWqfw9JydfpP^j zi&u90o;+wcTx)0RYvL;@QCw@J@4dLbchuz_UAR=k*rg_#$aTk^w;i&$&%C|pz@-8T z2DmYYhqR3bjOlj5TZYbq>K#ZF=6MjOXU9v6Ez;T-4F>QyOKp24)nTnL-5g7vhE#D_ z|3-W|hiyY!u3l#rn9g;xKBJRD)rFYmzXqG|3!DkiY1?Hb$8SEgVxM)f1p^<0Fn~*9 zWe1zUTbKqk1enmi^6af+vO&p{R9`0i`);DEAhh`>Q68zLDvEkq2&3Ymc76d%)k)T? zszV!Vh7#>C@emqd3`*n9_ec z$uuTPdL+pSZFr{BKeH0=UldO+^m92#TkklbGf7`u-xi@fw$D!lcvdz%7Zv4ST@B%0 z_#OcB#V$TOalH^ID7lkDmm4TUV`tdY)I_eG{$$W%jz^ZPsC6nCvqHbT5`Ic%X|3 zTAs_XINzvQ)8Kv%1enGfZ~;ywO+1DI4`9NS}GgzCglNc6)WBl!9=_* zrNnH^G_BY><369BF^V1*F$@Og%t;*WnpzAr;ai`eIc z>K&P}zQWCIeR9rCj`C(7$5hnG0^z1D*Jsk(bd^t}1P}^)Tty}Sk_HF8{j`j@!+)tRnTFUbE zO+eX_0BP?(a{&mRwLION`n`&O+9d8t|E&1mL>Yr5aEko4s$#bE@Q1sh_^ zPGX0f_C0gcM%3YIQjiO^lr^cT!GRBxz9Sf$3#&ubjzJ z-Dj>*kgE6c=HiM=m_HT@&G&8zL|$&u<{WBU)9EGa>5@eNoOWyRqK? zW5Of*gBvKt@p9pjA2$OJ^bsX&6B;VscEOlg^d{C^pC|eGA%lTTqCTf}U*6`v|JB}E z@1MV13p>j9IB!T^+HO?5e=H;Ma3raVW}2;tgYq+nk1D(#SH})#x2XqVeEIvP5w+ZcfHY3QqzF~$) zHePd-4J?oUeD0?E3o|nGOFGdBpSH!)H)z`Okyf_C+mb^FePtc>{f6He(l%7kw#}IL z3Wv)N zg@H++f$xn?Gl-=dGGPMro{m=MYM}uQ;v#jcDe#k8n*7OUdflm&Yo-wSbLQe1vcRpC zj05Uk9IXhSyQ#2YxC0qU)a`&FH`*+3*!@$#zzbi<&lq80x!;GCVi7t0cBXenWNK_BaX-Bc*3^ZHykRSum<*~Dh9_Ef6n1WBEz)Y2mVuoswc zFHt?&q7#(b;P42!Mblpxy!l(i8{b2PtlIJ-P)9JbfSg9~ygp}yAerw$vU|#uTrqaAQpeQw2p?5gJAAB!{?VXZa*tOXZQ7e|Q;#xeC zKY26O(d1cgvk#PBwqJjgS!x{+vUo;D>N2gp?Rv4vrXB-3(lU?^B)oGwbI&#+%uvS=Ino>BZ!DG#=;hv1#$Po zel}RGT#Q#T=I7I?6Kro)5R5HH537B+b#CIHbO<1JFhoF zldh)i3!fjJuHJ;|B%<7?g&k zLHnifRM=6u<()}GcRxg&bnJO~X=3QlbSbU}ddLSxpVO;!xeL#3v+@QWo&{%|avCMY zCrv>a%b5*&a6!wjAJ19}8M9ev?U6bnKVKq6UXz$sD6mP% z^eEfV6SM`Zj!E1zl#LgC`1W3y-HqM&U)sZe9P<^-J8X;OUxtp*>FWiQEmfHVW$A?` z{P?w9D;6%6@!TMRCrqjOl?l8Y#U}IJ-!j2aHZrIA1_^+XW=;3CO-QHW4A*f=c0IHza5~jAO5!7Pf@QkGI zgObQ*<13b%#T*tarB$V(6PY6PzRocb%GCVnz)Tb(f-ryA3d)-gq@KGt5E6;00k{)v^8>sG~57{&K6Hb-J*|Z+Dx7z7#&6vyRTCL&x8B! z`^0%M*GqyD1F5-WpAk0ueZ$CqWFzhQ(+{iD4lBGm3U)i2Ojts{E&T36AFZ`y_nsL_ znF+m6za9tK61#aPq+vINK(!t20=R9*lm$;C{^UG8j|tVgG)q}sg?;n3aNLpVj!h)m z&rHa=JqMWuM3`Ught(&GO%FWfBEe8o{$bXr3k?> z(`|fkPlnFYn3+Rb#BPXk#TkJrg0W@wac6qOqOWBgypPLEDX~S@o(u$DIYus)k<5)? zesIRlCkwoWtQ|VE@%LVly}uk^fxOsSNznq6f23@B?ny{_{Oq~g0_i>Pu$WwGmWjqs zH#MZm|E%+JbW`YV>Du((5iL9Z&s_t?6b%UPFN+SB11`RR2I+os()X=+_%xP~pOtp1 z2O7`A99Zf7erh6UE;Tzsyx0DMZZAD;C$5lBEG<24_1}*>n|)X^v50tRwiEEM`qpC@ z*_U1ydP&JaHplqy#x@M1774dZ}ZEnr$@g54kOlT=nL$E zViRv}pO!g*<-!=Gq{&n>q0bfURrd3e{I+`6I5&q z%mYFQIZPopzQu>2G)~D7y&2mggNaYIH8R~STg}vCGu#PJ+h|O+a7u)NeR@4xZ?gV! z@}bWsPtyZulVN1J?79s;PH3To5_(8N=%JT4_jA7YJmcqju&ob1o70+$a0A)kT$aR{ zN4(OL{dtA#aPE}5QqZb-oY%IB78{W(%74UV-tNFUbk@Upq17-y%q!XgI4@F8*(|*g zjo&<7<@y|%a?xIOBD9`;smr48H8b_ylN6&zA3lD2-~FKMn*C7RvsRxsSLK-_)LZl; zP{}+;XyL{R#OH)0BE;U>sOVsCF-24`pbC%FE6@@?#BmvPvyP-@KoGC<`#adp?6hpD zqKVR{R;ipBA-X=6>@2vHOJ2$ca_arhwR7Kzz%(;B0^VRks-Tn(zIm~g);6{aiY#~@ zG@mC%tDQ9!cTv+ZOidpQ9b7y;Gv;}R>in@OLUuo3daVL;!f&Z-&jra}TF@M3&eRnv zIZVaqMZ}|2vc#4(<}+xV-|u-gFC<<-CNgraU+Xy^FF&v9u>;B=9qpET^0H2RABUf= zzw`TeqNdDQFlw-7Unj-S2%mLh*a!n~>#s$>fliU^SP!}jq2ikyiv+M7Cmr_ zs~1||;&aBx&hu;|URg{e;W>S)A+mJ-QAtGCy^{p)W zwNX;)|2$q}GNKE>F?3#jCqNaZ{nF_pvN6L|tfl;0LGu8EJgW~xV!6H)z3-L6Z!QiBJg9gXW4jk;^OSUNr>#>$IcMhXnI?Mdu)Mk7Ru^M z4rs$-pKx09*T-)=y&YHJ85;eN%Wlpa#Qe!Nc+pY3P39$j*F}@p#!(|OQ_A$-dB?Mr zXTeSvFdkOIu_GcSqKAlM{VKPDynnG0Xesmu#dcZ#Sin4%PEmQArPIK(>}qrS>v z_#B%e6ZaDm7(~L#5WC?oz=xJ)Z|M%p+U?b&wR%vtH$ps~PJ86VmCan-9o%h*Cv(1T z|2p6d{-7##O53Vx)|AWcjH%O*(|U|}|A)wz!)CX#dqg0J@F4_IJmr)O?lv;E6;-p? zYWh-}@A+p|%Z-t^q1kH8ozKYD*u9y>_-~f z?e8e(7msP8vio%RWado*ZZ{hg|8)C>(K__~F)D`_-nYu*er;M=FDs)D-q8ZgsQ0PT z$48xXdMX*~`G)-)eVvqsy=5pkJJm7F#k2bP6mR-dQoShH{0=4zsMuv=X!UtC9qq~Zymt9>2@P)79WLBmCFaFd*izW;uYtWYrQ+B{(8PKoq;zH zGS=C5tFR(sdIo&zlauJ@Qd?)}g# zFCw1#4_@$Xs3uXyZnoBY0Nw3lnLsbY%g0GL0xn62W&ich)=~^h8&A96Cx3Kz{dCAP zIjy!})9RUj)~@hN?@pA}ivP|lb#x`^2Xngvl_BzY?VWnIJ9jXvgvfBklG69?%&_2R zl^kEVAQdSeMmP$Vf0mliRGqiF+AEv`<0H1;HRBA10)L4bwJ5SwzC^W&3OReVtQDNR zb#&{@NS&8>;?Z24fe`3!%0kHCjAvVBRVFZl?n^hdd5*`@nznzL=UWrYm(YfmZkb7?!$)6k`Fy2wJgAL|u;M*F)K6?;G}~G&Rdd`PQv~ zvFF~cj;#7Isc4a26r(2Jj8FO0PBm64BVLC1^G`nd($ePeG55rwW;Nh`qwacsPZM2i zNz?F8l4*Z|h21!D#La`cTBYXsNLr7n#MT7iFyDNj#EG8<(|%e7ae99?T2(coYm_lV zBu)|4C9$3!;-9gD%Q*F^Z*@19avoM;mdhEe1;F>}*@u#uw6-Oenj&_`#J7>JtQz@F z)SBHxveJXB*hBZ0tq!+U`0do0q>>Z+4O$;O_p5iu# zzFP`b4%jGjPujAdW7fvbvb22$(28S{)q2k5*9+`pWIRQxs0}T6cA0{PQ|_b;^>1MJ zQ&-oQDLTQ`DkIF3mD<;n+BA%S6E50r}CTCP=%v$qzc7VaB2 z^Ln(*8G38hWA%`UFP46)|G98K3wQMpQLLI$|C_P;A=M_o1u+)eA1Yof>w?!JH}45- zf3LNBfH@CHCvNy&)UUhzd*jKIs zrW{PFb242#w=K`CmCuKp@O(dOb$s2qS(y>4>?JpTGDTyYL9vGEZ0>MLcoOWASJmSA z;igvy#SVmD##a)5cc}&QSN5tWus>4b((J4qf4x?A_yWy% zS%eMa`sm8X8%LEvKpPSztNXwg_fr?K9vc|;jlQ-t`OuHMBNdZWnDD)6$Z5)D$t!qb zx4iUiV%1P~zvS7aG?WP`%d#s~^l4?(fDaeqS$jA%E_qviC)F&&aD&p7BG z7|8ZR@bC`ct2qHACWtfl`F3Ne*Wghnt2*Y`y^mRXYX13O+yi49!mD^mx*WNE5AxGN z$FjWo(oj6{)#5wyA}I=~WoZRMA@(G!KOb$B&GYx9MQwAr)06sLA}2HVk{Iof3Sae@PopSrlq( z`{?&WBNd38lC%us*8T_VMlz%$%-Hwu-~M00{=Y8R)gUwO>*Uz^cJb@xFYf+U%m2U= z<>C5C2s~9B-(cgjcg3grH;MZ~Vv$#n&d|t&%C_yUs}wfV zI?*~-^K>@WFSWGtd>%eKfQ` z0>h1oEU~fP((L?1==1$H^9_z4_iol{F56t|vg!L6@1{Db!szT!6$p~_h0S@64UPs* z3Q746&zx;u%!Cd$RJOO5?{{cM=<^{6j*fANp{=3FCsQ}J6S?nYbu1Y>Ip zuTz=+DU`puio8i^h1w@PlXdH)r4fB=VTyhc?_8_%D z5GCKyFf%h$cMJV@63D-D4f5TDBr5mgKF0kI0?%h653l zEWeR2{!b&F@Iy!G{;yd7KNRby3LDAfJHJzwLEA_*cgs$B_cYVn$DJWT5c5u5Rk*oj zTWhtHi{|F?o2y){ysVM#Yl&@hDYf+aUG)Ra1_0Tn2!;7bV5Q$II)t~sWKcgrP;h+| zNDS379hgn};~FZ7@VCsH%z@X8JGbUWKEvI7CH!=b+F0H@4#2AC)1VHwZTQ`0Qae`C-6Yg2p0wwRMj zeYc5V>^jF#nWL~%i`0Ct-BpWK9GQ~&Ox)SUI)t4W%P_Uotii4uY+!8UqWj%~*Gh*a zgI2-P(6ZW)=RPJsZ3up}CkX7~`Khwzb;2(Cf}uAgSSF;^QzQ1C+!);P!)RTR*3h~{ zezG6~UA}>#f$8Q=Zq{aV4y^dOcqCpfgq&5sv-C&{qK=RQWG8%mK(sS&7GGZnLl~|F z5HUiQy5DcaTwl92v)+ICZ;bmN5l%pzXuXUb6Wo4R$FSs<{o$>Am^etXf>&;9s@A5e zB{;Z}(aajp-L#fP|L~4wUdaZNdEJxU+pV+JD?RyH8ngQ{Y_S_t?Hgy z^%ue-^=d^<%HPcK&Z75%;KPomzkz^}=Y$mp zHCh=S5-hNyI8tr2&30Lv%n1W8d!wh&dDDw7QL!neaOk%|lG{o7w1Ej9{wfmu^WLlH zMBEMD&)dZublSi3GmcfCb<%ETq4>g0cil5ikcO-hdCo3}JRS0;H;S|qP8#=nO)t>B znF+U`BSBZ+nu#Q(6l|QIr`4E>S?8n==?|QzHeb9nu&ac~IpU5A9sOUHC2_3A-GXZ2 zl}vty-S8*ZlYf!hpxQNPZ_7fK3d8N1e4fs5 zxW=|+Z-%3gjCo5&_vqWyAxUr@xyn)N#p!uMiWI%*8~_PVxgGhK#6({T~V_%j2s;`5?wbox>qFj@+0V#sCS5IXBYl3 zZsrG;Pp`Nt19IHoHsYzp$KSxL_k%|f`=czp1SEq>kxBQQp?_ZKJh)~YODCX=_tJ^G`FLYLcpCJY~^U_>Ft&SN`;@22R$;B3i_IP!tV(A6W6R z&#u3+ph9nezS18R%;#=m1s3J?{T_N89evPD2^!hjp`%fIikAvk1A+a2x~hL!g@5>$ zPjf^XtE0C7!=sww0qBxA^a?DniD69aZb$xU1=i&A{mZbv3E1xTML2e5s+515HXcFK z$!-DQqWYDv5V>ZHcP@O<+`*6keFh{jOBfdJs?%U$3JVqT*na>1*nd>|qyxEnsIhS@ zZ5M*tdB+$&P#DLKx`hwqN+09;698H^GoIjGZvU+1vD(K^3TLi(oS$WR1h|sFId=2Zt`X(({Km1P+yClp#AH`{;y*Cl!*@m zvE}Luzf;RsU!UN?w`?pusN(mT!q0nnNUveJ_xl{*p%xDbOy`ab7=HV%oF(|7w&;)I zzY`I&Kr9~7LzjP*qJKLpc|rWp`}!Fj|LPk4j~9wG#jj8ZjX1#YcV>8v@B^2Q;o#ta z@b>=$EO(1R=B6)}8zMsvbPpn6B#> z{~<1K^e{Zare_t!BQiDNYx}KoDiH)rxMmHHOF^c|I3oo0)33EZ(LZwWf}s;cDa_`j zw8_`At0z4!Rr4eGHrnak!|y(MsIUpqxKR z%zNhZ5y*d_v9T@GF3K-V<>=u<=$BK}=~>a79RQb0H|0s(K{qU5?Aq*i;qfg(t8`dn zWAT-;V<;HVg>uys@N@Z zy~(OF23isNo&UK2O7Yf z({LN?)EjSfr9m5&Tb!QYuv<9-+*eIWO!4qgwMIqdde3eV3-a=L>$L zKjB|?T{^cvvJF>>H2#U3$(|%Z!Sh6XYVThnE2i@3%?xr%BtXKmF0+?Pb?_F~f(6jDvPQh5tEsPQyrg$hFh|UKp<;+fbM^^%jQ`f51C7RD1w=a=3M~t` z*h=lndYU9YF`4zpS%;NB6YW@H0BBgqD^ucV!;YU8J2@39M6!CLzU`zFNd#!`0*ot% zE}uF1Exb?6w{hRup9t=LJnv(gH}m3|avLS4_BbfeZF!O%xc=d7q`wg);z<;Au+1=5 zlMeHM5j(`rEL+T9MaMLrM@)qEi(Q}NPmJ*)z7dkJ`V8)sI;W?Ju3XQ!l=U-fv1#E(rtzLo**7`R>g$-|L!D&2> zp72n&0Z2*{vEoZ}WA2pO4@^1nYK1(f;WKPuToNU{FSKobVjar*ox8BKU+w9`yZNLk}_-v+K~~kG}`I?>=K+kTlhfe`5o1{ z0=H8lyn(jU3)0N1KpIsRwi;FYm)NAi%y3(5Av^P$r=u(}{s}m>3>vqr#unMp6Duoo?NwoNK%o>)$pKm#br6Trt!OF9++G$~Y+a zH-W>(973!1W+6)A0XHJ}kcg&h{~=5((E(82Rh9HsYy(cz&A9$BLU z*_Axf+&GhLF?h#gA43b+@|e=Tv$}EO5r5wOvU21qEq3tBaOC{w)7Q9gST?)pLkZf5 z1dR+w_s$xM8->-DDU#83&Q6wPOqLLn_yTHnlCa~EF9A&SjQ+>LhURar$d8P(N%Dep(Z}w%WSE;w%-mcexP9RU3tPGdpkL`Z5eC zaHsV@l>0@k-|Tm3B^t7MtPDBuy z$}c=SU>q*^iCKs2~m-ZUMT=RHg)681k~fsh)qQ$74@svsd~r8WBx8Oh(9Ac7Ycy}E(tHvKzUUBFwGt%OJoz;*{7D)_r`oDr5x=!k zda#!Few?@j++kbmVJ3-qDQMgrh7Mym-l{EnS{By7XKXI@t$PE=4`E;u*c89^BdVJ; zZ>XUzFkl$AFPTuIvDV#$clsrs;1Ai4!sp>c4hcxYKn_+dkIC$00fF z#mpHEDs2Cxyu$iZ`*xXOOe^W~rASQe>5gSP)zOPe39RP6A7+iWExgrVUG?pxg?D6l zU70mg1bYtYx9Z%F9Tk>sXJ*1_d%}GKNv!t$FiBwkTw%z(g49$_g_TbM>BAfpHU+}% z4x=D=Rs(P1iEU^+6e0KGo6Z#6eiJ*;;yF=qhWf8ha})Wrx)Y!x4PZ- z!q21(E7sX%-CmE@ECMcKw9u~5o4@d9?@3~Vdj`LbltmoxP~~}^w)x+R2#P&WUjOx3 z!z#}>w{-T>%Vc)!X4Nn&_~qH=T*Nc!BaRs}L$LLncRro02N357%+f3d@B-eRFKFlm z_Ehr?;+{S-AzMJce%p^ar!g)#Kcksq^e(HC|Fl5>4$Mm+RchwV2SZxtiqk04_JTX$ zp*wMxySNdo+1=Av>-Y`ix>W4dQ{Iqq!dvoZFOhM^0aia3at=A0yn@%XBRIi_J}%Cv zm|?dWIhinR4S_b`xFZe*^)Nzyym6wW?X;~=iQ4j%qpdnmX}gH19v`>9BAKcm-n=zI zhL6F_Uu8E`?;y*5eQ;(A)6CY*j%xFty~99qgOyK2U*1!z1>7iPXr+4hr)Sww&{QXD#>lLPR8q0!Z5RJi7>FuzjD zUwE6G-wOke&eU)<&-ODPgFYLq=@xfBZHIyxh>08g&6~Tfls4ECT2BY#8Q`g$?Hm5i zru!L~OicO3pSubVjF1c!Fq8T(92E23d7V z-Q9i(uFeC)a7I}dXr@}Fq2bXsYG;kXeQ*XbpduVADPj*t8uX~OxF^(@nS;F4_tIde z6Knyr^M!}IDOd8Ag=beSY!BkZkVqsYD&_s_QC(t;SmALqAV{TMYo_p>B|9hZ3SA~G z`1vs2sv&CG7bki5JmI29VcT$ZtzslFGWgO#DJGi_WB|HwgNO@PWL^(Yvp0GM8)$n;V>dwdF3od5TvA{inf+^1DRC@fd`4;+&chqD}tDdbaFH#IW2!>n(acht_IR z6hoY$d~x+lnguSIiFRmRz8^aIF!HdkrhK=5xNPO? z>dT!UE_lt;)tpHKuQ1Kow6gchODfd-DX?vO>tL5N1n_Z3VnFzF2s+;4y0X}pf1DF$ zL;5Bhro_S#>3z`|yij)`q;DM)y}p)e?97UWBf#_B-JsanF~TYzuDy=65pjAYQ5bLp$D;Bl*n0ZNWnIAP%5E zUv;xGU1GvUGGf-*jK9n{bnM<(N$hKuRGGpMDde@WyYP!>V8^dDa{al6yVgn3_L^pQ z-%)CB;O=_w8}+bGx74u7R74;=Z((YpvTlrYp27=bqOdL{G?33fHSF`3MMIPjmzq0- zw3%(vXyt=@eIHu6QtCGvPF@=5B7vR`2JXbzR8>$;7P@4^+#+;PBgJdNlvluwk!#n- zTm` zXs$9DWhFkBCd>kt&WGQYD=)5lZ!qv5I0XuP8x8UHHF`Rb8iR{Rd*+kR3+NSUgPTDy zxk8#B;(3NMy3T({A2y73m$&P00(f&mLg&zw56jKAJDE>57AlQR^mo;_B6Z#67R8|X zV&ISrKho?WWA@t##m43~FlXYO--##zz zs;Iz~X25ady`Q?$aR-+G;KkcTgZcF=lsO`8dH8Lc)DT`Pu4L>J7tkG_Wd~-iKWoex zhKz5dylBil>dboabEbNOpzlvpQY=OOLGpw2p$t_vQICaB!z60CD1*z_Z>^%2sL#Ad zMv6Lvo`;MV??gF1{H+t6irBC8`bk&QuA0HhkfKvaIp^magxKP+UJntg`bSaYHct}T z_;Ok{I75M1!K9#xs9=q?J$(SJW6=rMkkeZf3WUhI5Pu(>=ypi=vSMS?DWsQMcdI&;qJi3(-nhj-Co&)G$9B&65@8~w%Z_onUyo( zK~yOYEB<=?<$XK!)?fwo%z$`F%_C`vwlKvyZP)k($d5}MNcayK&^#f!+EH5_cIr8h zaxP^dYK@`8ChtWAjTiNu*bl#d?jbwls2$shp4ZHpU$s4*ZR|!GLk`eMH@NjRk{95g z0*NDf7Miyke1gr6zXU6tb}fEF<1qJ&pA_OaV?rZ*EUsTmL1*Q)Nv8y4Ie;`i+{?=S z`4o|pWtiLff$w(PtynDHAnq~bUuPCjT+Cf~@C9;KO<`;)5ZHe>-Apkg>Ox*k2O2T& zCbfB1d2H@<4bCC0+fldAeYnt|T>Ex_C*t&ZaAStPy1Ja7!$1N$zO!?w!u|BC;?kM| zIRy`2?0NdcnRSS822&}O{h$=yB)+~ND6rmoXjJW7rDdoXM27D4bd=KE6iMfgc@854 z9XZA0``3?v{j7|jO$onZkA*skJ^MVNJM^W`KLHi(yx=RoA?s<24~H(E!|6M`7dtT@ zj(%A1cs(Q|;ggkvBoEdag#(*;OfulX@Y}Sn?zWrLY&UIhCd-mE-z(Y5pCI>~y|x0U zFF@uc|H5+u55p%(gN9bbzCB%&Y;#ln zNWb_@V4ZzBVWh6r8Fv(QVj23T-u6-LAJ~*>wi&aIk9~uKA#gi~IdxpwL5!Yz){G(F zX@T%;=(#%s$ra~94ema_swEVz*v8zU+#G%-b_XRuOwPt50FnCn$ET0HxJ|yyyYM)C zNf#J|iC(`kS5%7%Wa>SYnf#s!^QBOZG4R8)GnPWeI_@OW)$<dM@* z?h8#Q6^QX5(f4>e42C%i>Pqu1w9Jlb*iHx54z0EdOB-aJ7faN((SE2K!aUxZ{Xx@3 zw+<63cuZ~DH{{Sp82YK^z69rB+=hDhov24iWspXSegEe@lCX&)fL(lIBBnNfI(cO_ zka1j*VxXb5Sg$dj+;6IsW+Nh3rm*Me=Ef!0nG%B#%GUk6jJpS}yh*J7j7KKlx9x}G zRN^)NKcPVrA`(H#EyNYy;JfWiQ4N5`ndDU_TACGNEt4Gyeyt`Wb9Uvg#F&!c6<PAY;L{%{vpTg-uiy<$E?0Z_ibB$ zBj{*b?BLrU@&}|v&vN)0t~XtHCcY`HX9Ng+wsRRfN!xEMZ+s>_#JSpAsb`$;2%0)w z2#6V1XhPPl3PWoc$4>{=2O9kfg0+s{1+ey&0B61}s$7uD)`~}=zC~U9k`+i73(8wf ziiFLtCp=C>M?qV(8y%fyi?&XFdRuy%w@W(0^#iX~mjcOFsil;zU24^9FLjBN>m2#? zJw`P?Z#7`{m)w_vDB9D}&r3%qLdpY&sZ)+c-a%aha z(LeqWd7`TD)PUYs7Bg5n#PA1d&q? z_0?kjw@m=xfCG*vVVsqj5Q;|F>2W9xdfb%`_TXkFQ&6q(?B^9TL9U{TUrO_h#oqmJ z1y5!F)pl9*hndxJ*+fXWu@V2Mv6x6dUEK6^ojhp9_VT0?4G2-9g!rgQ-w>9jH4+s= zZDDe36Taqb5{iLI;}4EDdi2jgC`9|9$_VDZ;l?+^c$aOdJ9obfZ>jVh|?~;Bnf;nq;`gdg-Oqq`|ZPcTM+(WvY#{&bi)i*CWci|^(tOD|< zxorz^S}DOmDr{@$_NN;f@@+G3!aS`ks~PmqOa*kEin>ZYIoBk67dq82&&FSsbj)z* zzAvfroxNb4*8~fe%N$P3Uv1wQZzs?X1dU=9+g`A&x6nee!a?8gkkX=02;rTO&YxGR zxz3VVvyD5-fx53-W7$?dB2IYq;?K{FUVvpEv)TPcQ=XGQ(#W{DtG!qe$|PHvw~jE6 zdT*zrsdW84ka~0g|`bw=Qy-6 zo=g#rYF|YG`hT``G7;@cJf8RJ94)sddadgoKacfMrWX5*eb41xc20k_Ko65Dj1&gu zLImfjgtdkxZ;4%XdHJYZA%r;&Om=juRqF&Rq0TnFIk2jY_;^w0h;!|5nNs(1L4DTQ zLZ^9UZH|Ynry~n@EUzB<5^GsTd3ef}huSJl(EPHKI6sjvo_^KfC^RSDLG<7uLwU6< zJ^`8H*E96b+qx_a0g9}}b0w$ls-FP!^8rF7=2GaP_{aWjO4mc41id<>#vR5HUkb`f z7Y_w6&F%M(9&l%&Ee)s*dYwrOQ7*+b}>awiB^2x5c*FS5?REyE}oB|p0dM+9em z#i(R!XuN85@sn}B-7-lykoSG!mH{AgCn}mpqv1fAfjYO&fYz=S8HsPQZ4&iftw2Sm4=+)T zQ4SwgE7Tf$a%qRln~&m78|AAjMk4AF+G-GtrHX5Le0jRM%J-mG>k}Ba3+l)`=>Rl9F`dA)!a~ z9jOEP zHZ8PiS2jus;S5Z&rJ|F57g@O<^o^KLhUB?YvPO}k`hgJ+1GcgjLi&NwSK8fO;`)`+ z&Xv#=m`*k-xngh%Rx8|kIGP3PKf+hRfltqjF7Y)&pFeAa&V&^cNe5S@W32Z3A|xY# znMW&WdB(LzC9)rQEv!z)nffa`bIr`~2+Ta7n&!v37JAT3@6Y_tMv71(kKGVZdUd{= z(-zn(6DZaK{Sr)rr7-3lx4ds&sLIn=#68XwgDhLfjunRL`nD2U6;>iq(&h9KVon4J z1$RbM=xTgWy8AaLjOy*GE2Z`yXEQ~UU!WNdHWn;9*R6}2YOFs?^VfrrZ4Te{fGdMJ zr)C1ZG=Xyu`)zIWJ6;ns*HlxQyPfxvb>0ro26 z0p_*VF8TO60J%?pMfa*)d?(g&JeJu|?Q}1Jrw3mK!#d6Z6Id*t^aBr$w9t@zIL+>eBXt%U$$8H&+nbA67!+e?|1Zb8yC2 ztMl8WlYEP1{R25IHS<9;IsnwwDejy1*^}`wtGuk&vmMzOdu@V6n0gGA<@s>~rlm9d zWNh)l9=ox`P;AVH7i;5(*AL%zxH_kJylZ2t04f#+Gd3IUkY0p&?$O?9z%Jb4G-gj`I>QL8uJWv>7M8ZhC@4-+yycv@G3Kgzpz={%u**bU(#pHDoehbtH?r z*yt_IhVXSqz|jv?peKU%_2}DQd3drjaZ!_tKD4pX75CBoYp5!7FAK!+5UsSKe`i-) zH{Gel0(jo?0&dq+)QG-b?Qr1wzT?IX|D)LM*M?K*y1i1qJJTwHVqj-7El1fJ&x=py z#&St$g!xkV*vS^V^agDoH-s%iJtK3pa}tB?>SY6UvO}&sS~)XokE#w?A8_VcZ*@;Z zmbYVHdD+>ZJ|$;K zf0;m^w?6Zj8hGSdI&`o-S*bK-?IPDc7ZQju3*{rzhJI>tyhDD4o9%v`?fU~(!2Bic zMLJl!isX{=SD7-uz4v+Vi%tALoAy@PYtA#2CC?Vx%*oYZMEKI86Zi4Zb>x=3n zBJRqL4$Psw=lnwlE7HgBj3Vkz(_oPP3q^UU7@AGMG??M}p-RiXaWkr^ zjxzQ10Eg5jE)~rO^IOnoeUl{4f6b1P0+i@jJi$2ok(*I*I2aY?NMo(Z=h;b)P2kKH zFa0Xf^nR|sOB!1pKHgsU>Wv{=S|ZuvJ$6}l7R7lRm8~clqzh{v*7vbyiTWQ!%8&Bg z%WRuv4GDcRMEND_W$qH-yDWEZ%AL^iDM8ZoActN30^^G+?!APA5G8~wS$I9sE($!)8 zG8xuQ>6`3@)=uz%FV2z4gUp?C7V=$odt(V8?K0NVVHjcg*wCe{`leQ(c{!a2ACJ?O zi*>Ee`e^sMX!%u$XnnhD0KP(a^Kxj^&~^Vo0-a?_3A?+c3-NVX+0sT{KjLQx07<^9 z#w_$aU$M1zhtNkmzAW|}A^#(G-(5*So-vanj5=2+WTrj4p{ozj$wU&Lt7Q^jYm-gZ z>1Y@=89ny!16@g~fMqz(c7%U#*R_(Gr_DLOLnR|B7o#tLrE==RAalrO{q?IMo*e(@ zw-jg3FCAu%jE`{x#^ZCiZ1$_^@^U3T%zBLN4c+P!C=ObE0#tO<*Ju?$gBAv+Xj9#`-t z8en1JIr2rzHtN#r%WerJacRyFtW+LVBN&)Uv^;X@jbqIUXpxV}_Me$+6O*7?5dIt^ zL_uKIUA?$5`D;xx(m8+swJ*%|ES~ppVoV6SJx3kl5@gkSg9;G<)0>}g04>icBSwKy zC&(feCuBvyzZ<|^D@R#8G2*SSq$p9b@OJ@p_8$81$lw0Y-q2RZx`u$ zO+TmRwGVJP&a+V*zF}Fb*j)VuJkd^hb4^6(tZTmX^>E|qHx3%OzP+Q#VDzNJynih) zOdIiPYv4@gE*?Qx%%AMih~}!pZqU+*B+je->WM_;1dEWXl5^=ScKvKrencPB;ZXUN zN*JSNUbbgv7t$f#S0%Wf%uU(Bm{o%OP`v*$=;LjR-ODk+%*@|fK|o&{r4pm@^u;U2 zP~JY?^c66w9kD>KG#!KuZOx}}{ep*ZBtOV*Cnex|(esCSK&gihPXb_~?&v{of6^_t zlAH_V$o08Fzj}m;X#Mk#(#8!NJl*oiN;0SJq#x7VlfUV+s>e{?qhox*zkBWpj8jlE^*s3t;6GDT)#l5wAyMx z+C)Ean>=nWzfhDXO59*I&((o;Gkky{e|bS|NmBANgY(BNvGD-nX&!8ji;!vx`@l`H zGu$@uCi%&)1f88Q3ppUK%Nv6mt#1NpC8~*U&FFVdH9eX99x?au1QflawM&j2$j0s9 zVqc3ZXlxK`-`|KPaYb(-rt?|@bUTe;=1s_Zv^+G{>7Q%39x?R*J!u-3dS&P%pW*O^ zP^ar?O{hmQ2m+haC^ubsO}(;`5N6|a&u6&UhCG~bU7F|ix0~oi@3_#A@#9PJj(=Z@ zj~?)!Em46n9*@n3Ed5ADREKdKj3C1MWbCC5&=Z8VS4Xez0AE( z%&6QZ<7gC<0E?z828Y8nw)ty+K8fa8tq{FNT3`OiosC2EAuVfC!1lB4FZ(~ku^5XQ zQTFs^2fG|G28oh9(p!3ll07xCSqWnEuG9Bv8Cskza{yELFWCWJO4>&u6WI4|p0Ag6h1v8gTE2d4z|{p2H86Auwrk{* zg%(o`U>Zxh{jnV;0ak?Q9QG}UDA zE}%%?e9kDTW_Gg-Z{%Tvkz*>m6fj}H(lQDy4h{35C<$a5T9sVyqin)veRnzgq1e`C zpJ3r0d$5D$lRfKy#fS;0t4Z@%UeS z9syeW4wkyFTNSUQppMoDO(ikC)MieMz!#Pg4W-hLPR`N1-*C#^!=BFc?7@g-I14YM zG_ww2BpLAdB0l7t<9P^AQoHumacsCHTuM8~j7L;Trhwy?b{Rjq*SN}MqOHtPTiM;V zcJa?WK}COC7popq?mCCyHijXjw^nB=+ncRQ8>cSHYb=`;3S}YV+7ZVu2Q?z-AqR5) zrl(9-d3}o2f2z$*!m$gPtfw@$W`DkWqx1Mh^{W3S!0TE2b_;>fxxHcKDz)hq0iNIm zg&2PVjyvOzy%>ea!b*FV+fBX|H8Q9ld;{^Tw(vR>Bfzp}rw41Yw1hA1sAx7cZO~gG zKyQ0?$2-1q>ItCI_V=>LpQJi=-z34Ymecqz3%ib>NOiw?42V;%$ zM<_HE&5FUdpfnys6I$>4a} zM=vQ$q)U_I2>io=SXAI9m#5~2{lMD(W2vQ%$CYFJKNBD1XMUMFVK33}%>dMYWt=Ht z0{G}%%{W387dm{B#grL1QjI4n8e#zvMOvY^Zf<-nCk=kBpJ!}nTv6MlRE>kJZ_lX+ zz_($M2+#-?AzKuhKp2?sQ>0_++%^ zR`61Gn0~SG+nCOOA{T+rP@*6Zc8p^|M+%H*^mGHN{}~HqB4wNqt|-+fGA*Q%J9FS1 z%FG`S&@|XP{^@1CQ!10_5o+HHKqTBmbw?h%J#$qWhI80~AD~ zWF9IoA?-}^ENey=Ik_XK&v);CwRh$5P;PxZ!{nk|NqL1*41>_6?72fBW8Wj&m8B8N zGKOR_DZR?R4zeWcAc`Sdk(*@A9uh6cjOD%dCA??qZl9E=&->r|zUGhl%rkSI=bYzv zzUOy-=RDumsi>5r_fW1YHupSh7 zPgbwoc^*)zVo;W60`O~Xf_|6WA}g|;NVB~Q;_U&ZWhZ6jW9-~Y+LU_Bz8NxU|s;Q~`+?OT(D|X#Y zagNnljGN$PN|xu&Elw9)W+Z7O{bPSm3*lr$;)5J>E#;JtQ=?BSTSs=T9_JRDSLL%x zEy__7-AC$V^HwYI5qOfVdtqlt;xqWKQwrQYvI9arGZLd#qxgO3i9Y@wCCaP4X%0Gj z3mw$tk2$-VC^)VycmOuZXyW>h#MafejP?=WPsIq|dJ1kfxLBw&w=uuJDS9r4+~UJX~^A=K(Y{QS3`}gFJ$^B2b$V!ufxc)-azr`r1nh2%!P5%)E|cl zlghg{50C>aA7xCB-CyOWg!V;_*-j2;zi`Q=l94&u z%j{agKAwX$MK!z~Wx=?34B2mHdbnpnFYuK}dGXd2r|r{!PpX zo8Q3QH>HH@G==M~3dB2{TwJYTPTWde@u?`cXVdW{^5GoABCc(dTwEP@-e?#<4M~@t z!&YD=qvb6)F+=HGbIy6W@7k|%vV$ei5HG}SAdo{{x_BRz{zy1c zyBPZ?BXl=N`uLd<`V4TQ*KH`2hrZiAM-BONa0!9=y>Yd<6?m`1nCB%{6&BVOR`~%1 z`+G)zRMVA8KB{psz%*>FQl<=B{@yukSH1fVyq5WEs6ks@{6mwzHp!==Ieh3(zF{EO z1dn%fm!s?Wi%ieq+`|#!zYrRKl94Shlc!$pIGr_P=NpU)n!QJq{B8Re`k4)f?(D?Q zRfVt*$%Bk32QAIABrJ^M40QxlQrTekoZ-o)Ne+|CD%s(TFgSaC>Eo8H$DG-SdT>>T zM3mBK>*e+qX-7(8#kSSMI0b_Z;w+Q{Ou_0y+vL!@v3P9%^JE}Qs@ zUuAyV4xid#cUqR9x4vVp$HL>$?f+Op_!0i`6CugjY3|t+so`f$cN8BZ0mwB6?|TtO zjE&E^OWx>IRzEEXM-d)%y1;=<}oGcV|C-&)INE2CX zMVKqBQqdValKZdmv2?G2zASNag)b>pHSAe5J;EfZl6n%Jw}vkoo9h1gv+AIOzq$-} z>9!p6SH=cldDhV@TS@ufD?y8mTnvJ>|3$IDJ4`MvKHN_gemzuXAbi6p1BWg542b`& zQgHZXtp@KnuW?+~;>76|b!4Nzr(A%c7j4l6mGBHQkD5o|2`uc0`gj?j-m@v z#3RO9c5~hr=w=TW4{}IlgQ$SRDz$dc4#t*zEqVLWl@CmQ(>W1O4k$MAXo4=evvfew z{bav)sAsGg(R)EI$g~Jr0B&jXDma+6(m<;>zk!{JD;6zxRDF&-{CYaWaE*P;GJ{@4 z<1ZV2_0z>bRECL+DI@9a{(l&jN{Jj3BNK_ScY&4#2)B7Bw8S=7-#H`#!)sE;(T@jY zr2Cz8{WMR47$N8=!_!T>6EHx-VK}R@(;I-iLyif%OKrdlg zjtEFA`(x29$-@OmYH31im56}b8Fx-Rn`?7aJG2tmD5Ksp=pAt{%vt09dzx1Frtdwh z)$l2|;$RuouHj5>1+1YO)9xO`-Si?mp^EjE$OZ##2)lwT2El^T^w?pv$+`7(MXQv+ zmSF0_ao35<)L<`GLGGtKiO+vM>9C@jH68!%X=Qtigv02I#FvW92BCW0ZC6(3xeIK= zIIA?9-03LnQ3o!-V0)rQjG6cH^XuabqE!e;dI&RM81Aivy~E7gNWqqv6qg2D8zlk+ za;Q{ll(X|oi7kx2tw|T-QQ92<{=cS9GPbakrRQ|Qz%q|5@fUqmL?nk zfvUeC3?WQSYaFb7c5|G5`jwDI(^fN!#&4Lu{|=zf{*Em?^GB$V1)Rm93Os}U>E|FD zB9xJUFy3#o+2Hr{Q;{@<^b>R@gx{q#jv;-F{yU1P?gH{?4iiaL=<50Sv=4j%fv+7R zZvt&}T4AIx1PW=5qr)t3H17t}qV#DAl&;5ULHJ2pYXBq}A*@}mZ-d9Gh6-y0qAt-1 z&4M&nWBu{RAx=7lyy$b@#l{crHg-)ZuSuJ)Geu=pwA2F4zlUzD{Tw5ju<4EH1;TK7 zmZ?4t(X;RExb`L=ip%rwO3B09&lR{|G1f{j6*jW9vrFf=smuk@kb3mcd!ltKuUxJ* z@9|vz6R-2yA4tIr;jza|s0kS}vo-cJosy5;DI-^_3JMA&PFv+j9^y+v-*ABhgFihy zQ;&F%|SQqqK-IRJI*DhVRX!0J@q7i9+=e zLeMb~76UVp0UJO$b3O{nxZoBU!Q&w>o4W=G$U&RR0niqwBC59?vS>AdHe0{U{+}~z zHt}eI0rCf^ycaa*axr!re|l0^awp_!j19>JpoQq*;9!7so#3i;7)P=Y87eghfR-BY z$Ip+#;m}2IBLK9_CNx~2p%qDUppx3k%8*6r9GL*LOneP!LeS0KZK@p&THlk32~}+d zptWVzEwgT+b;}8C`PMDp3N^QEBWz7s|5cH|+Lg?Fm%SwTjqBUMOG8!X Date: Thu, 24 Oct 2019 13:58:32 -0400 Subject: [PATCH 764/922] path to TZ setting --- docs/userguide/gettingstarted.rst | 4 ++-- 1 file changed, 2 insertions(+), 2 deletions(-) diff --git a/docs/userguide/gettingstarted.rst b/docs/userguide/gettingstarted.rst index ef64f661e..9feeb893c 100644 --- a/docs/userguide/gettingstarted.rst +++ b/docs/userguide/gettingstarted.rst @@ -8,7 +8,7 @@ Having followed the :doc:`/installationguide/index` for your distribution you sh Setting Timezone ^^^^^^^^^^^^^^^^^ -Previous versions of ZoneMinder required the user to set up Timezone correctly in ``php.ini``. This is no longer the case. Starting 1.34, ZoneMinder allows you to specify the TimeZone in the UI. Please make sure it is set up correctly. +Previous versions of ZoneMinder required the user to set up Timezone correctly in ``php.ini``. This is no longer the case. Starting 1.34, ZoneMinder allows you to specify the TimeZone in the UI. Please make sure it is set up correctly. The Timezone can be changed by selecting ``Options->System->Timezone`` .. image:: images/getting-started-timezone.png @@ -44,7 +44,7 @@ Switching to another theme .. todo:: Fix theme text after I clearly understand that System->CSS is doing - + When you first install ZoneMinder, you see is what is called a "classic" skin. Zoneminder has a host of configuration options that you can customize over time. This guide is meant to get you started the easiest possible way, so we will not go into all the details. However, it is worthwhile to note that Zoneminder also has a 'flat' theme that depending on your preferences may look more modern. So let's use that as an example of introducing you to the Options menu * Click on the Options link on the top right of the web interface in the image above From 30730c80d3f4b0954ceb825ba47af598de12ebf4 Mon Sep 17 00:00:00 2001 From: Pliable Pixels Date: Thu, 24 Oct 2019 13:59:37 -0400 Subject: [PATCH 765/922] understanding console should be above themes --- docs/userguide/gettingstarted.rst | 57 ++++++++++++++++--------------- 1 file changed, 30 insertions(+), 27 deletions(-) diff --git a/docs/userguide/gettingstarted.rst b/docs/userguide/gettingstarted.rst index 9feeb893c..81e357c64 100644 --- a/docs/userguide/gettingstarted.rst +++ b/docs/userguide/gettingstarted.rst @@ -39,33 +39,6 @@ We strongly recommend enabling authentication right away. There are some situati .. NOTE:: The default login/password is "admin/admin" -Switching to another theme -^^^^^^^^^^^^^^^^^^^^^^^^^^^ - -.. todo:: - Fix theme text after I clearly understand that System->CSS is doing - -When you first install ZoneMinder, you see is what is called a "classic" skin. Zoneminder has a host of configuration options that you can customize over time. This guide is meant to get you started the easiest possible way, so we will not go into all the details. However, it is worthwhile to note that Zoneminder also has a 'flat' theme that depending on your preferences may look more modern. So let's use that as an example of introducing you to the Options menu - -* Click on the Options link on the top right of the web interface in the image above -* This will bring you to the options window as shown below. Click on the "System" tab and then select the - "flat" option for CSS_DEFAULT as shown below - -.. image:: images/getting-started-flat-css.png - -* Click Save at the bottom - -Now, switch to the "Display" tab and also select "Flat" there like so: - -.. image:: images/getting-started-flat-css-2.png - -Your screen will now look like this: - - -Congratulations! You now have a modern looking interface. - -.. image:: images/getting-started-modern-look.png - Understanding the Web Console ^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^ Before we proceed, lets spend a few minutes understanding the key functions of the web console. @@ -98,6 +71,36 @@ Here is an example of multiple run states that I've defined. Each one of these r * **O**: These are the "Zones". Zones are areas within the camera that you mark as 'hotspots' for motion detection. Simply put, when you first configure your monitors (cameras), by default Zoneminder uses the entire field of view of the camera to detect motion. You may not want this. You may want to create "zones" specifically for detecting motion and ignore others. For example, lets consider a room with a fan that spins. You surely don't want to consider the fan moving continuously a reason for triggering a record? Probably not - in that case, you'd leave the fan out while making your zones. * **P**: This is a "visual filter" which lets you 'filter' the console display based on text you enter. While this may not be particularly useful for small systems, ZoneMinder is also used in mega-installations will well over 200+ cameras and this visual filter helps reduce the monitors you are seeing at one time. + + +Switching to another theme +^^^^^^^^^^^^^^^^^^^^^^^^^^^ + +.. todo:: + Fix theme text after I clearly understand that System->CSS is doing + +When you first install ZoneMinder, you see is what is called a "classic" skin. Zoneminder has a host of configuration options that you can customize over time. This guide is meant to get you started the easiest possible way, so we will not go into all the details. However, it is worthwhile to note that Zoneminder also has a 'flat' theme that depending on your preferences may look more modern. So let's use that as an example of introducing you to the Options menu + +* Click on the Options link on the top right of the web interface in the image above +* This will bring you to the options window as shown below. Click on the "System" tab and then select the + "flat" option for CSS_DEFAULT as shown below + +.. image:: images/getting-started-flat-css.png + +* Click Save at the bottom + +Now, switch to the "Display" tab and also select "Flat" there like so: + +.. image:: images/getting-started-flat-css-2.png + +Your screen will now look like this: + + +Congratulations! You now have a modern looking interface. + +.. image:: images/getting-started-modern-look.png + + Adding Monitors ^^^^^^^^^^^^^^^ Now that we have a basic understanding of the web console, lets go about adding a new camera (monitor). For this example, lets assume we have an IP camera that streams RTSP at LAN IP address 192.168.1.33. From 5443d4482a731968897085d204e63bf575f7c26f Mon Sep 17 00:00:00 2001 From: Pliable Pixels Date: Thu, 24 Oct 2019 14:00:01 -0400 Subject: [PATCH 766/922] put theme change at end --- docs/userguide/gettingstarted.rst | 58 +++++++++++++++---------------- 1 file changed, 28 insertions(+), 30 deletions(-) diff --git a/docs/userguide/gettingstarted.rst b/docs/userguide/gettingstarted.rst index 81e357c64..ab1a1d1ec 100644 --- a/docs/userguide/gettingstarted.rst +++ b/docs/userguide/gettingstarted.rst @@ -71,36 +71,6 @@ Here is an example of multiple run states that I've defined. Each one of these r * **O**: These are the "Zones". Zones are areas within the camera that you mark as 'hotspots' for motion detection. Simply put, when you first configure your monitors (cameras), by default Zoneminder uses the entire field of view of the camera to detect motion. You may not want this. You may want to create "zones" specifically for detecting motion and ignore others. For example, lets consider a room with a fan that spins. You surely don't want to consider the fan moving continuously a reason for triggering a record? Probably not - in that case, you'd leave the fan out while making your zones. * **P**: This is a "visual filter" which lets you 'filter' the console display based on text you enter. While this may not be particularly useful for small systems, ZoneMinder is also used in mega-installations will well over 200+ cameras and this visual filter helps reduce the monitors you are seeing at one time. - - -Switching to another theme -^^^^^^^^^^^^^^^^^^^^^^^^^^^ - -.. todo:: - Fix theme text after I clearly understand that System->CSS is doing - -When you first install ZoneMinder, you see is what is called a "classic" skin. Zoneminder has a host of configuration options that you can customize over time. This guide is meant to get you started the easiest possible way, so we will not go into all the details. However, it is worthwhile to note that Zoneminder also has a 'flat' theme that depending on your preferences may look more modern. So let's use that as an example of introducing you to the Options menu - -* Click on the Options link on the top right of the web interface in the image above -* This will bring you to the options window as shown below. Click on the "System" tab and then select the - "flat" option for CSS_DEFAULT as shown below - -.. image:: images/getting-started-flat-css.png - -* Click Save at the bottom - -Now, switch to the "Display" tab and also select "Flat" there like so: - -.. image:: images/getting-started-flat-css-2.png - -Your screen will now look like this: - - -Congratulations! You now have a modern looking interface. - -.. image:: images/getting-started-modern-look.png - - Adding Monitors ^^^^^^^^^^^^^^^ Now that we have a basic understanding of the web console, lets go about adding a new camera (monitor). For this example, lets assume we have an IP camera that streams RTSP at LAN IP address 192.168.1.33. @@ -169,6 +139,34 @@ And then, finally, to see if everything works, lets click on the monitor name (' .. image:: images/getting-started-add-monitor-live.png +Switching to another theme +^^^^^^^^^^^^^^^^^^^^^^^^^^^ + +.. todo:: + Fix theme text after I clearly understand that System->CSS is doing + +When you first install ZoneMinder, you see is what is called a "classic" skin. Zoneminder has a host of configuration options that you can customize over time. This guide is meant to get you started the easiest possible way, so we will not go into all the details. However, it is worthwhile to note that Zoneminder also has a 'flat' theme that depending on your preferences may look more modern. So let's use that as an example of introducing you to the Options menu + +* Click on the Options link on the top right of the web interface in the image above +* This will bring you to the options window as shown below. Click on the "System" tab and then select the + "flat" option for CSS_DEFAULT as shown below + +.. image:: images/getting-started-flat-css.png + +* Click Save at the bottom + +Now, switch to the "Display" tab and also select "Flat" there like so: + +.. image:: images/getting-started-flat-css-2.png + +Your screen will now look like this: + + +Congratulations! You now have a modern looking interface. + +.. image:: images/getting-started-modern-look.png + + Conclusion ^^^^^^^^^^ From d8a47d436e5e19b70b0853d2d358ff542e22df6d Mon Sep 17 00:00:00 2001 From: Pliable Pixels Date: Thu, 24 Oct 2019 14:06:36 -0400 Subject: [PATCH 767/922] remove extra verbose docs --- docs/userguide/gettingstarted.rst | 13 ++----------- .../getting-started-add-monitor-live.png | Bin 313269 -> 0 bytes ...tting-started-add-monitor-modect-ready.png | Bin 88835 -> 14600 bytes .../getting-started-add-monitor-modect.png | Bin 43495 -> 0 bytes .../getting-started-add-monitor-orange.png | Bin 86795 -> 0 bytes 5 files changed, 2 insertions(+), 11 deletions(-) delete mode 100644 docs/userguide/images/getting-started-add-monitor-live.png delete mode 100644 docs/userguide/images/getting-started-add-monitor-modect.png delete mode 100644 docs/userguide/images/getting-started-add-monitor-orange.png diff --git a/docs/userguide/gettingstarted.rst b/docs/userguide/gettingstarted.rst index ab1a1d1ec..27b58acca 100644 --- a/docs/userguide/gettingstarted.rst +++ b/docs/userguide/gettingstarted.rst @@ -124,20 +124,11 @@ That's pretty much it. Click on Save. We are not going to explore the other tabs You now have a configured monitor: -.. image:: images/getting-started-add-monitor-orange.png - -If you want to change its mode from Monitor to say, Modect (Motion Detect), later all you need to do is click on the Function column that says 'Monitor' and change it to 'Modect' like so: - - -.. image:: images/getting-started-add-monitor-modect.png - -and we now have: - .. image:: images/getting-started-add-monitor-modect-ready.png -And then, finally, to see if everything works, lets click on the monitor name ('Garage' in this example) and that should bring up a live feed just like this: -.. image:: images/getting-started-add-monitor-live.png +And then, finally, to see if everything works, if you click on the garage monitor you just added, you should be able to see its live feed. If you don't, inspect your webserver logs and your ZoneMinder logs to see what is going on. + Switching to another theme ^^^^^^^^^^^^^^^^^^^^^^^^^^^ diff --git a/docs/userguide/images/getting-started-add-monitor-live.png b/docs/userguide/images/getting-started-add-monitor-live.png deleted file mode 100644 index a1d7f4100c2114368ad4e6252949205fa2f12900..0000000000000000000000000000000000000000 GIT binary patch literal 0 HcmV?d00001 literal 313269 zcmZ^K19WCxvUbvO(lI(_$F^ z_H#mIq=ca%(IEi<0H8%h1mpk!fY|^5fOf$_ze+NXIvfE2zN47(^UH|x^W)0cSsR&J z7yRQwGndqnRDqCGFSx0^d@M;!out4cl0{=II?n{pJ>3L699 zC!`%2adZaIGYdd7kvi@;n9nrCIjH>&h@Kaisvi5X|6Nz6zIn=K{lRbo2AO_7Dt)&| zNPtht*CTW&_9^^XD~NX5s8@-|Q(6cwP;0%nXFi4Idd0dF+yHmQbEoFp{x!vvU` zn?-4`q<3Ye_RR#4d5YU8g1)&&w>F*pX$4-toig$V+;_A|hC3HsAqzhR;#IZo@MxcM zfEIdcaw3Jp&tjTBX1#G?k}wo=rhqppNmMw>`<{9Go57br)f!a<=-)9NH}rb``86u| z%+$0N5*Wd!N7M^Gw#{!WDMsHXsj^H|EkbeG#SWt__l&@V#D~z>d$nv;gd0O*lyPmg*_J zz_;tn0so>nirTF@7r|bf1bSYUV_#dq+RcLA;}2S#b<|R)ZciKMVjQy}v}U5}{&QXF zc3bIXW-ya?tsE1Lfu@?bYgawbtw&iSWg2Chm=Y1JrAzjUdwrCx%fS$!%N%YuJ@RUO z6$~eswup>gbO1#5a7MlJWmDSdseq!m6q<*6lh8(r-T5w%*i-XII&IU z;iJikAJpJmD}JtgT5dvIa~NK+E#o>|Yi0;@i>rfx0N0P2FV8MxF&<6ugNfFS>qYK$D7ZsEM+%Ew!*JEG=su<$+6mtUesrwYKJ*R5fDBn_m|5Q7vB5mry%7J5iUVkB)M0L*32iHS zg@E}qkO`+7Oh?$Jfcx~XV>nP6*9hMe-K1pt!*D^p5fyZzeiYpT6%ZwVtlre^w$7+~ z9iV05^pH7QA}fd^V>s;Kx@!#&_)f^G-p8GL7jiEw?+DmkZ3qTGlpeorF>s=v2(u9O z;DiB?z1Y1Fy&%oGFW`Lw__4eUcx*ilDFWj^Cy6WZtq8G+m=N1SI{NVtLi2fRaa-c? zMJeRCN&@Or9DE#-<|Tgmh#j%dc8#$)7=$V-r1B&diH8Il&n*@f8o-uT=oX=!O`Zwh*qa!7lHdKA3D zKa1Z)A8^Yl79T2T|8^)1X-#eYwJOme?kS!(6Je@VZ=l9y$ykx(l=%?y!0TJ7Qvg@q zEvr&4Qz26|U2!EQD>WlBqi$QMm!lWBOFLj51|()DHYnC9Mo}Orwjf5FXhjZ9I+tjf zK#*vkpiFwH+*$s{7nrYCzFXBRORBU|V5e2^D{2P%xYL2j6U~$P{ac50VzF5+dU5&IG8k#rGEXbor`%uKXWG+I{cI&ZxK8$Xxxr}HQGeMu+g=NOji2k(N=X2w@2 z#w^NIi&)JrbTW0dEWIYaHQ3Z|t6DT1rwSzR(}i-E7|mLWmliY``Wj{&=#vL2CM(7& z`Y)7?1jWY_SEa2pJ(o53J2u{1oxU=WG2t-@GD$L7TTEE4G%hqUpP4uTI)$I3pKGnD zFWa9tt!&w5vj?zKIGfl$?H=!wIB@JQUm6@I?A8yQG}e{cC)|=9iBkdp!1*;mRiwey z%GP?=hVA&iHZe;%X4$nCPD&)-EbkvDeWc42v#apKwini$;>J$)1~<*u!~71%l9m8_kuU7{V_73Q7po%opt@a}Wx)9Ta1 z6WsmmJHZ=}J)P~y+vMNiztYptQ1FK#A5L^wozDT+Wd)(f@O83c8tNmEZ z)ZF^q=$ux5TTzwt<-QlX2%%*!XH1V`@f>Crfa8e4Kq;Rqxbp z)8t|br?b zrfvS2%2qF>u;i`t;ydZ@1%?5uioNQZY}NQb4VKdctT-VjMOVkx9wHK2KqS z&GO5uvdK_s?ENd@54aJhtJ0(chURGquiC9LH0iNL04ltou}iQbye3I7$VrK7L;~$r|P}Z z-ub5U!=+kKZV)!~(f8i6tx-7VpxXv-`FE>4`3+mySOoA8xig;hD)I1z^tQIINp zNe1LTJz<3ffLBJ;0QEncoqdj2!u;;u2uVZk#!2w5q$xP_M8gOG+&ch5)W7kduIE|! zFM!h_Zw{RQB_8JX%75SKJ3dyo1Q3w~@PLnsin74MdauO@>wx01 zue@6)rV?l#+R`N|jByTiY4pGEy;6(cp7I;^N|R*clkH$q5Mk-Tdo~6W_$a!G?{R+S%Ee z%9)f|!M{oL4|V-j`lT-} zNDk_M>7ENRgY^Cb0DuQTRDf5(1@J5bLPK%kVaR)5P$p&s5QG>$?830k|n}iPp4IoiB@V~v-6d^VrNp%4v zW&H=~?|P7cN)9AHpN9Xv)&F#{ehvKH`3?CBpNN#4G3kOB%uilN*y(IpK+P>ZMXK!I(doYX zy9XxN&)Q;zs&@^wUhZA3WfjH5^IN_!@D~jS)0lJZIOic8Y2Hd00 zEox4XvdV3`9af+eocEn`@aD!F3jgGBl60m+@&8gTgef=NCYM5ejSa<~^Pc&R7OWC#}3eRJYzkL)Pq0Ra6-)$iSy|7}w@`O^&vef=AJI1~cy=YU|g)(+MOz7~$t7Ul8%qJykP zjKI=ErHkczVOOxPuahSUxhM+(!Xow1?8M!3E#xLDgDC>O`a<0(sd+EXsaDs4eqlMC zohzd6C~CZ*a(uPbgz|D)au{EZDX}v!sB`bO_jf)SO<{TCCS0Z1>!QU#9HLKSB0deQ zQh{BJquuM5UQ{Fo?2wkZ*Pa3~w;iDr0K{f>aD^x1^Nnv|Rq+rszBh==uM0yVlKC&t zc6jaN4ak+)ADA6{SphQh9R2u4*BZEHq*R_t_fZlZkW@8|j z@JpIW;Ai@VauZTXEbKwz*%Zce^@jY4uEZ?bN#fP5Vp}ZOjF~5~ViGVDmaI*{G7uIB zLlXqK&td|uF+wUM&3B~*>+klOla(Vt74Q1APX>RhuxXW%EwJ~5VAT37L0WC{$)0Rh zdV!2NL#;A(#6;bPYY#MtUh0~ZiOF@YSJLJ=yL!jh=iY53Gn+Hck~`vS)zGS@zhfMB z)J7Q02J~9|B(~^jgLtKVs9>IXMj>Yx5G7;yNRTc$OeLdrGgxEFheFRGU$P<3`j+Sd zv5xe$7#BhS$k|F~CUj(zySJiws2<8w1FMyPg815aHe$04EJbY#R>TqfgbddT6PTEH zkw|Zo<3pr}?^6%fd5zd~${igTBB&ROqLGO9La4~7(m8*n|9JpaqB!W}fk`>LH(lrZ zfzg;w|4P%QO`TlX+j%jjKGo_-Fqy?cO&qMlqd=lj0eOH|)fuf=dOhn(a#_OP3yM20 zTy*%%F<)kRI;p}~l4f(it=BqrozLVKl`GZ+iQv6SWXR$uJf;2us;!N!UNW!}`a~-0 zfg`TOlYv*RMvFqq{RCy9xOYc~P^>z5lPLSw zUY!NFo8%d)b;&J{H-?2xpJ+RDw?@)z$E!p_k|q9bXDC@QoXpXF!X6*j*G3=&YvrFn zsZGG8DpP8xzmV!_!rf9daoJxxs;2h*oAcvlq|^+=6GhT22faWO?uh=+E+>X3Q={Ej zz%aS;wXdv40^42R4$Y|4JpwdE&XuM@jRcEG_HfK>SIx4r-cZv%bOXLEPd>M^4_g8cGKAx>+$-DU8j#w?P(`m zBfQgPZrr$&A&3!scZAX(a!6vP6dHT8NM0kmzdKKTtruH;{MiQ@nNGNrciL>j*9itx zZ8qoTP~)#|YN>V@E>;>9KVV>PjyX0v>uNh=`i4sVUJQME$TJ{pSU7X|hC%#RHDuMI)x+X24Jc_;d)BeF*5*N$MupUrZFN)(Zy z-{i-S@W%FFp+cd}kLsoM6i~h&6Q`l}UEpq%WSyHT2tlv<{tBV~QtgE86TDyOJ;6Z9_!AfS+tq`SLe_%&)Nhhp|VK&Adhej^c~B1El8T_yHPpaE?UMzn)D{@{&0os7v) zDXxD!#=6FSRaLKt!Tyil?OhONx(1SFHx!7jEFr)SV#jhtjL1|_yl(XxJzD&C2ZTwD zVWeL&3#IZnkw8GxJf`C0+2~W_}?1#{`xwOO{h~r&L zDY;^pE%<87o2yb#Z_VJ|JKkF$$Wdto`Ao`;Ax@})o@|ltCdTrkFgsAUo4_F<+!{dN zvfX3k8OBtZgz9f9<56iPQaEm72VsZB@l)>mEn2=+3tkQE&VR?I`xXc#B1O&YN&QX8 z<Bl+F6=j$ubJ9fqORXz>(zYEbfRNAX((U9{-DPhNHpTm&--xU)RuorYX4 zQ?$_j(f)MZGywApCfc#R!-L2-DPxV`ygULk*OwWW2j$C*2Q&hYL5@>bg6^#sH2tZk zvAmiD#^8sb+*&&763($9>NMw22q`@HTKzT;3l~q&-Gfly#(Kl`l2?ItZZ-u8u9pc7 z3V1RQq1}~9<*O}J)tbDLeXIv*3GZSerO9`I8%QKcs%g^STc|&XNY%&bj`!Veq|Q)| zdZk>heBl^h=O3;2&L?_nLAfO~=@5A*XOkI65TjxrH3w6nM|<%a$hJ4(<&PrxW1_U9 z6FjxIH=>(P-=3U>qeGIK^GyfoQk|Wcxjc*+;|^Ndn6}s*ND3t)WGIa%EnI{5e{Hc4 zAld(tX28Hv9qJscAF#DUTzp<_Omwl;!q>{W_GM{;ij3%wv`lk!Z3`CIJvai(@r~5R zRUK)o-mPPCDzhr?>o6e0)iLoSHu?3od zx3184up>xUj#{42b_V{emVZX}>lDZ=*H8H&QbQ0VVDae&(Mc?x$hm(lfIjhW;HOpLu5ELdgP8`j_+lPto>-#cCL$rFLj49S`H%X&xTy1){3 z%{phF#WlVP+-U?I zOl^u6MbQxTP}gpv)G>)k6{O_ztNtd>?I8|sM0$i;kUzIoVq80pz)(=32YRhtGoUTA z-1GR)DU@>AgPLQySAfmPho0BEmlRdBd@JoR=1v;rh-86@!OG@$u_C3RbwrG-S@*Q@ z*#@Lp#LmHpK*5kCXF3xu6UbgC@~{G6fhw*LXCZMIU68~V@th9rEu=vlDtPDg?8?>?gxGT;BRSAg44@K^@FE-U5L`Fb5hI>&^#kR**bNQRcj7AVqY|bgA!@T8 z8bsF5!1i@M&Y35rNiz6`IPv)`C!BDb7+i43OeJYsgWOG~S?rsrti>I(?F+Kcm;;_~ zHKfw7zJ*G^I&P@tu?NPv$nGLktIJuFq%QKfv@IjMc5~~Vjt`ziXgCo97w4xeoOZ3w zm`+RLq`q^7VAA%M*T@eHiO%GpbsM#K^!^E!NiYECss?Ho_GbTzYug}-y)Y~naNAT2 zZG9{7Z5)JY3?aj!o}T!J)92KU^{lnpRJTNzdAu8Y7axrYv?e2d&q6j>AS2C&&!CQaqSdgoYU6*MlM!&yto6d?$iMTf? zIMv$pbT1v|Rp}H^NwY;7)LPj%@eXz(yQrtDKu!d2rvT3XikvnccldsaK$7Z?qw&a; z1T_Yez+=ryERE$0r%M`63zWu{>H$67i z&pfo!_G|AHhSJnHHg)+er#`U4#?mYHvzO-{8-mmjVt@U%;ApzYkYCTBe*m%VYRCQN z-gs!QD~(N8sq63s+Rb@r{|G1k0-5xiQ>6=-xdCEyM_0jgz^B%`Tf*-RTVSn_-=tLb zw1@HXGgVu}MY(Z@x=Y^5Il&gXcuYL{l9wM463U%7zRepIGE_FlxQe_n!+Stlwyz23hK1i^-$L?1T5JpZe}+kG8vsmv2Pe15Qae zb2^xvB1FNKm|ScPz&|>KTD^%5N|^^cxiBo(DJgyD#hIg@0(A$&`Qf%NBK+>Qt|rS3 ze>WpRI-v_qCEK_S%Dj!%Ot@HHyPZ6zdL-o|ah)vkvVTNXsO!qvu>|V8jY;QabX9w{ z!mBYYRw#IdiK59rTiS>JIfFcb>!(`VE`L9VeZ?omD8K;)Xb`nOSwUVPLBNEq>t!U^ zOd_2Iu(gEFR2b0V?e`9}@@PB-L>hE-DFvv!HVBKI6X1fDxKcwdD1YOcE-@EknIini zJs(CHUZGKH2x)OTtX`3#)!jSP+l{%fnP3mJ{w38t>QXW>KyWFXwy26ar}SiNt}UW+ z&p{NX7q}ffm5G=rHQ=N`NyQajk?Sm+%E7g+>4`|G;COAO!=#He8$gMkr$`vgE;QvT zUaZa)bn zR}pue@Vbs@V(a|f*(JOi!L;717;W1B3X2oyNvPL zMI~96e1a(ZXv~?eX4_F?U4I9$q!SAU-^Z20jVE)8XH_n^y~CPsXow~>&$Q<#q(4cu=+;Eq6jv1e z%D_!N8&20J8Tm&$`wo}u$V7`KIqjwV+9KZ}w3xA{iRd_ZYvX8wKSO~CXC=>N6s^C= zOp$}shw{ZKGrI0I#O^HYfKp$m$1OuP+K1!Rs+}nJ(~Dc5WSxQkA|bw%h7l2xZP9_y z9K++7&!DAgdbCJyI`z-M{+jrc{9~C+f-r!u158<}e{Zj$HjdvkC@OCYUoc|9j#v`V zG66GXG6T85ODMf#O;@EEhjJnAB2W7%9938hhH%~-Ikb2h=PHzD5lVUo)6(<2fa5lS zFEuZFdJVm*_`rm9d|lL}Xq2cXg&8Zk-ln543A12oB#hKvG7Iq(VUhG=$K^3YxA4_W z(@*}dq;aCqcBYtlD2CpjTyjFZkAL2cQdT)*T%DM;po^s9q>RIfG6m{!NHr;~8B`ez z1usTM0i~Jm8rDcW2#k7 z5fl@#?rRt;>Vt?j2b~3nl0{cga})4HEYe_SM=Xci@{b$o%6P24Z+o3DFtD$q=H=(b znVta@qWyN8;Fr900|kbZ0E6U*5=d;V@j9^DZCYO}Nu1!MO2e4j` zFQvJHDJ&`I!`)J@=WXtf!3^NluK|D?}=S$m3YTx$JevbxCPz$aivRMNSQ>Z z0JKO%dUY0@xb2i#9ERD6yCd_~q%|>k$9ZI|5{BkXFnw2WJ)qj)-n&x{<^zS!D%#|m zFffiY3Z1_KO_c=%L+67YyotY~u4)QHnDIQ~MVExd?sa9&DAk7iz`y8dDQx=m1-ibt z1BZf4*iSilwdyDV)#$6W$4B`5;+XoWV zx(F?;6C_q{nSsf?JyIqPJBt1gS9Gyek{C=a0@+?N2mjc#7U3x&R>#jyjXJ@0?Irof z?R(X#aPKtf{ZuL;M5q%SE5;y?HQ+KrzcmKgJ+b~eFCfCwTUD95evzJ)ywbRNQUpXov!kTI)tKw}z3L3O*J(6AG5uWQv ze^>Ein7Ud z8I@QL26w|lTDZ1^92f zD2IHVol8iwK*4yp2^vX>Os+5jej3^l<0gr<-eZ#AImmQ5Fw+K6f-@}at6B@MoRGmk z{MwuQD~o=tfs3~3C;Uwt*DYOK-1z&CJ9pFCk(YtiSULH2&r|hC#R55-UyXOVThc`< zEbg>88y%bp6xXP;jWsJRo1)Mi0xsQ4{Msi@(tU6a*`ZzADveiD+#~s2Wh(+|rWbBE zOe1pqA~vvn-)>BEo!Qs<-C}ZiS6NA1j{qH?M;G#56$dl~9+SlCn4$w$hz1PY-sB`A znp73WMYuhaxC9L*c2Rw_a->91HrI)9@DCJO)aFHmbIT1(*Iwb953qU2GCnhHg5Hn< z@!45PXvsFSUT9$0ii&J^?wGktyq-ocMMrdkTw70{vXVm2` zytQ5=5^w0%Rj}Rriv~S$R351t@Ul~C3uNGP&7z`72Akm5l#Vk+(-9Lo6w|de_bv8( zJmPLQ(oVf*bqdrio z^0%us=fHrnqI=gv;~c|3kY?JK^vkpd_*hGL*{Lzt8=;^5a1i9|P;a8*Vw;ilh$^!+ zgnb zQ?JrCgUW^`I)^25Cx&%dmRp{;QTjz_s;+cuhG;nmWs4V1G;|Y(R+0?$8=?+&E*(-oI)8Lw>MLQxSa81p(SSqmgQzz!j_k!A;!a-j^-yQ zAE2(^r;M{R#fIec?Bm=`VvYf+4Pw_h91;tXi0JG}L`{Oly|-!=x2j4bL30?eUz;-! zLV&GU61u6N$%P$XLlPv!ouH+wU8*Mo{PTY2-ME*lYPh>{{S3<@a^sH&1Wb+udW9rR zzQ>l4YZvuveSN&>lsd`qb_8k02#nW+d=`=#WOjO}>$##rL+lIz!r=P3spghF+Xv(k zK1my?msz6%QD&Fb<<-Vv7kN?zLgAwzz^g$gS-{2RA&s5l^Jy9NOI2J8@3JF60rmL3 zKXIY&nlR7pQ7&D0-9_5k=eF{YMnPhr&16E&3%h^?{49a1Tw5t<+4k@2|{JSCt4 z!)UL^?t&qgT0^lAJ=T>AnpH5$Wc$=#tyS6*Lw@5lMWiJGNVo~~>bgGXVtSnQyd})M zWi%t#PzdqWSA%UCJp5XuYT%BH0Ud3~PY?&2*l92{o?*K6R;%L9i$z?r;6fv;;QC}X z)ZKYJHv>q3+yjGC(aFx17rzlQ3Y#=QXxWKRE#*D+j3dmV3$G(3xQs2M)DgtEj9Q>~ zLB(Vt$k!-z5+*9aDxj|IS$$hRjY}p`OzifR+Y7cry}iQxuquJ{#O3$CVBH2+y&*MG zN|Kw&969FH2ha~w)uhr?sAjhLi#tdJIk%mtQt8@SNlZ-tn669(IWb*Rr2gmAW`to&welcn>s$> z;U|cys&?ROrBq+x&pJ?Bp7s_DxXC)4Bj@_gt^;D4mUoX?c@kLz=uyMB9k%;S&cCws zSr~ur8Z1b##m>XkWGd>`O;eP9%sCChIIiigiocgT3G?X~*IDX_U*_G2A!%?_sNotK zuId3H8JtpA(4rj9xin~F`^Q72J9PD(S^JCA{W+=52)m;(+(m6!zn)7YeEie6TW5a* ztnvVdLhaf7t`MHqupK6TbTj=VQdFJE&g>AEl%o;P+Ybqg>Z={uY2~&rJKH5&w(;66 zx-w%_vM}uNrI5JP@jMqa?J8TuBzh!lQMqsaF$e*}FS_#Q)^*ZRduS%>r#VaxkYg{! zL*ZwZH+zpZ4~3<)IP*B!&siy|LV+9+Jrk@IyFCuCIIM3koXf)Zk-B7*1C?`3HC0uj zG4bzLZ|Sm3V`_^P<+tHry9Wn&zQ=1b46-HV4;5>+e0@R;wh~35LOWJx;%HGKSmr+M zNTx-ww=YyCGwWFDv!)1Xo+u{UK;HDi5ppMG^@97A@ygpOZKT-WA7#^;ZLOd-l^z%! zAq8BNb;R3g)TahZLA0|$ECJOsof}KKK72iDduy1GXm-y|#O*#Wz)egzGZlA6F+~Sr z6F7iR&Jg4iGIOb(ZDAp6O9F})NPvCu97SsuyDi#GIc3e5PW&z|P6fTON4hY3OfNB8 zV4VXTO>>n8$R-+W0Vp-#OyY;)EPy=TCB?-g0_m&G`=sRTSaVf_!4$HfVI~2Oc|W8& zvorkVythI#96ylCT(-7^+B@~Obkwx!LeDs7Yq&p%^TBUbAT`-i#+=OF)m_vb7fBOI z&p&nRe#G}liMpz(+U*m5iq(qsq+#B4Qdv7R4=CFbahQ7{_WR8%CfR==|dHJq1Z zlE-#YUG&bc%+^i+o#-DSyOmXBKUINQFlB|S6V_z1|3F_o{XnQ#8>QeuBV$>*{gF7_ zJH6bs$IP)n$R~_qr{~`9u@W{Nn4Ro)I^eu8m8iK9=a}gQ9u_xS|J&d zxEe+URUK;64IEe1;@2Uyr0ZtSws((ekgAzu6Bnu|pQRv=b5Sml@ZCmEYn@oC=g7Un z60jDwa!^EYir2abi1C9pBIU^TjfJ+LOTrE|7x+>uUPePBLVqYq^&N}TCMIcGM3?8z zYm{2(`e>GlMs>((Sn9{dOqF!@Z2C$K%PaV%LdR+@ix@(-r;$7#W9R*gFM}u^c1Zd~G z2_uu`YQX(zqj@>sr2c)cquDdp9C`MssTMj0|@u_2}2iey<$!}LNSA&J+*BtZsyQbY>vuvu0C!P zvLJajFXv7-TsR!?+={_pAWPAJibal)vI`Zhzx%Bg3c~UQG65u#aRpw^&AU;t6aO>S ze0bJ|f`F>P55c;3dwj3d+Q6te(8G2k;-4H=!P^n2jR1A0^6HF^BH#L{r&StV03_>R zkGzR4v*SW7aVV3>XC`wfBc2?$xID{1ZfJLwi;-8i1`jA2EBgq4ezOjQL+_EpcfxN6 z)#{ys5+bO#)!fg==}TqRN479%xkeduP&6vpx42sY**9yEPHwP?UvI)Gq)IWBN2@>Ws*C;c%m8|C2IO4Cm(F@ekmN}g4P=IA zFbtGvUBN$^l0t2)dqxjrn^gq{Su1z7XN-fV<%x&o2kuCY{Y*E{kJst#NwjO&4Nu(> zoWr(=XJ#A5Z~_nGTpKb|>cJM+#GE#4Hl{w*F>NeDvdayhV1A;)c&eBm!55Jf#6-jn_^Y3->YU_v4vwQi7^1H*=3Fb%M=HsWL7A zw@0qq8%x$hjb&OPsMui}waA+5!E-T;XR6c*D2?i)ouI9{96URnLPUO-SnqVUD zSG|v?HAFfw`zAC_RBkg_j;KBrw$!Ex$n}JJRX?sb?xbm5a?xUgGtXFZj~^# z&I?FH0^)>BG;CvndG4_aVpI=h(mlVc@3$yr3A3Lh3(5Z=b}EjyssTzp>w3LFdGAc` zg?sl(Sb#lDdnvFinpJ7hjdlO2)tG7n+ccGuFX(w*QpwTC1;Bvj{<0;T{2&yOKP<8p zX$a+Ho`$&hl|Lxq0pbvKj4!UF*_o7D_Y=G`Mn1Oupy&U2Fp;R;)or%|3sHheb5KHM zW*gj^aXmZT;c{zkx^CfSjqLYJ0s$FaD9?#voyT|LG&WUy`3(YrsZ25rzuxkc-t$f3 z$f>`c^R!lRby%vq)R~ef-flDd*I@5fQk^o{-ZAgzh`p9OCNEoa6CbK(5KA!1>s8){ zOnnw%%N_zuWNXyGFh6|_5pTPD$g2bGzO0E7xy?2>c|n}NIj&nA)!wN=3kj=%WoeDy z4RX0>LV>74KEE-U1w8O4Wv{j%pW(1UGv3d1oo)p*gR+{PmND(RlyPSj} zBS?M0O|wVA6Pne-d>h#}{D91V;7SPl!~o9K+)s6&F6QPx@>UjRAd@We6k(~0Zv0;R zM41|?@nF+?JvFTYvN2_XgE$F>=M+`l)b~P`om1X5cyQw=u5pMJoA1pA368Dyf(MOJ z3{eCR?JcDgU8W&e7kk!u&~M}DGGKI!+v|+qatY3LCf6k@L1ZvGWotPUbyE*%U1)5H z4^mk%K(;muUwkNbr;+KbKJ@Uf4hId48Kz=-XGunf(=*DKP-WVuZEh_?^k1E1lsF(& zDicNhxP38jfStz(-#lg}gTy+ZP!2yQ32e3QWJJ^TeThHoz92Y0Kc%nzj1phI^ClV# z3lWvZ>(;y3V$l1J|BiHxaJ}#;MM9jKcfJvgpP3Qm9druK=IrqMkz%vRQr*%s?%pb~ znj=?B(^Upued3C4Wba258vP)C{|4LANEN~0l&asb90h}!xm8goX5mFXs^tRu3csYo zdEyd<$+Dx#Z|2Nbp7J^Z_4@jya|J9v;}YVgT>DmiIt9^&fVMSiCH7LEmz zRfgvUA!8Dz$jkz*%uQL&PsPm|gngQ)?UbfW;o_$IcYnml&m$xK)exD;;X8_06{2T9(#uyn1QF1&mI|!DdP7U9es&e#|STTz#yk4 zB{B%j);SeS_C2f!NZ6r(7X1-WVaPxT^Q-e3if0M7k zkdBY=IB5aWW@Cx3ZnIf``?BS~V*0HOZ8#uP1)xb0_<| z#rtr%_c*R|98#x$U3NmUmmA~+pdTN=ehL>aQL2cG>t52y#ievQt7=EkuB`CRQ8tcLbjfw{?dZ%nsR$2_M4N_Gfr2Bo{;Yjie+S6o-)%mYSy9e^TT%gVHd+Kx?{nwZB z1?6N-wtDhv>lfu^bNZ{kmvu@1Sa%MiPw%fgi~nTPkoe2Gwe)-F{|AGNgkN+sH+>a~ z|FHaDQf8lhEdg04BMtxm&R}ujAG)OV_wa%LHF5q{QbNX;8#+1}Vg8@m{fpZ#8+?J? zPa<_|{*(DXJp0xn>Ie$2q}W3L9}K1$vCfKwg0ji^V?x<&44j3PHOF>u@apQS+3*Vi{!iW4f9Wcx zpvU%~l6c#HD=8^yb~uT1Nn|u%44@(HILdUF$rFO6rNU%gX9bqZU?YTFYj?H3HlYz2 zY!%9@5u@HcoJfOvfg22`i3*@iNJ}IC*l4!pKWpRl2fezzEt6wy{#XBQe;h7sWGVf> zw}va`pD{^EL}aW1p(Sl?>;VuZ)%`rlm{5pHT2@!g?I(&3qP;5c2^fC0dD+|CHwLE9E2SNtOQBy~Nl2+_o0vxf=TVno>|UW#{+r zu=aM2xBDe+?=tiK@D@+tfSR8wkPwhCygTrys3cL0y5kV~(LjIO%vW91hmy^T(DLG+ z3!&Q*7q{J#+x?+@*}g)p;VYwF+t2GlZ~g3yA+S$HF48@VK6KOWH=(Y$gh9`jsxyH{ zVGd8h4lEAS^CN=hL9M}T0EJ%(iPiTX^R_hX&om38Xd3(5a@nbH!^6XHSkaJe`ru>V z0}RQ+sO@%4o|Ps0jc7-Ccv`Z=kjLx^J8Glc^o2yn#>WG)Wo{oH1{cbdZQoxU!S$=H zHd+%GIRABAWD9(2cPJ3xNFVuogzZUUTnUaq+;-EY&d?vT^+%XZjaDTW5&`Zcz=BdI z;|`Vi%J;J5{?osz4Ftjc_~r0O^kq19KL4=}vi*Rq@R=TvTD{Z#1UAvMejQlW91pj~ z1oQ>N5bPY==4%i4JF3>JHE`^l5H)E*1VjCFr>m923srdLXjJUU|5p$&*45b_yvc*B{`lC zjKHAnmNNcrwa?t%MxNL99jS|riK2xn;eW7Y2Pb!}klmDOv!O0c$j+{+*80VBogO%c z0`mc4ay&_)RK#!|#n~{@e#+y2xBnZ~Y%_7vy>s-(oW{YH@RZ_0kta?lmpYG#)V_WHw3Q%pLk&W~ zfY!5rCH1dm<%Cmfb_m0dR2Wn3`UQbct7JGe4yR8M=3`8v+E(2Kvw*#Y943&-lV1vM z51j@r-^RUbclu}-(WGCFKE_1JZ=aTTMH&-P_HQ;HrP_Iwvyh2*wMVO?jJC{(bllib zV0nteTjvLs*Mgm}CDS6%*2Vg+uw!8*Gsr2pa{0JmWEDnToa?t+SN zJnvvISIbNVFvsS?!=1H{1KQ&dlv!M}F_H#m@#@v~*ekjy6ztU6H|T?-yFSY*^sWc} zf;E%M0fEJIe@} z7sZM_DR|RZiI_(5yc<-Dd#qqH9~;l`Uo4lCefwVYkS>QG2Gm4Tm?YM(L+=$02dj!Q zmdcK4ZEa18xuy0O4Zp&8wS9ctd@s_5idShTC)*s0x4jow{L!nZdar-c$4NXQB$8d? z{$muBif+oFwx$&;dK>;~0CXFE=lN9O$CN z7|#r^SDrqh4`}1}y@{3|n~8a??%y^vjJF{t)*7LD%S|9eIv+6~J#N22es;$zRP>F$ zpUy`(Iew<|NAW<+R4}!vX%Ra|fK#n>I3_!~BNiMn8z(`_#P^m_Jf|Sui5$o`{Q6DV9DhEuo_oBZ zP-in|w`e6Y5?$S??N9=uf9s2}I=Yid;qbur^UG-CV`*gM8B$0cuQk1YoV~HF@0lx6 z_7P8@(Vi)i-4R%Hue2V==r-rdtH+5WuXF_phOQpV%P3NRXjQfjnd;^Qn4%OEr-&r&QC z81q-3$TH@52v;>xhrQ|&Ba3aar|%tBg2v_CI7-?KRQ((lxKDY$Q}Hvk?&|;$D!q*Z zeu7=H^zQMIIAM!Z+yln3_h1?~=**{7%N@>X{^{o3umpu~hu z^_S=g8RH0SV$)|CNNV4o%CB^PcBUsLCx;nIpzWJ3lr2TDf&XhRV?)|2Hzz~hWMI5l zm&-OTel^Xd{FZQj5rJKW9wf)EdSjI2w#^pp&K0otTw7sRL9lp0llhJBXa|jogZxO_ z6n|1g*Je))ii4k?k3IAXZgYt--7(C@Y&_+ z$TR8{FSzv>QmWuZt|l51=Lr7V>bj|4Lee9?+-YqDK#ic!iTjT7Ug_1wRW+p_I8U0t7Wie4{zXXh&=6mhp;|471m8QIUk^qAZr_jDSh zbw>oH8~}SjpJRwAdI7Vr#QtVjtE6eiH2?+;4Q->on-aMFaT`;uubVcS{}_EA}s|g2fgjFO0;mu>YKK4UL}k*w9T&GsH#mC`0Lj#LGq91lgm&%Ze$+5=b zYTz+4D%byJLJCE< z&6CjAAzQt%SGsF^3a(*mez|kb3G3=7O3jritRg1)bc1qW&8AD`!H8qb9CqJ-?*gdQbTW2$ zL7;jeLc9bRXB7^}h`+6@tP~N8RtPh_T=jT$qf)IygxnCZs2BcE(m#<$84hi^-Li_; zC;gEcn73oFK`J;PGX}kec+Mxt0f^8HQ?yOUm`IV0s$(A(eCzjxU=~{GBmlDYv&9H8n0pHgprK zJ1?6Uvh30*?=yW%zFnFf{akG3=S#ebc8P&ZS>I^2PdR@I_Ur{;F<-u=0wgO{Hf&6G zU%NS^t8nNQZ4y;HO}}a+&htvJ07)cch=dWs!EOt${eOsUN{PY*ihAlS;u^ITJF z6;o2Z6^i_SLQe}yFWt4WFV|%sKWH7pV2B~(4;;YwX2ogFxYqC4-PVg&xo&E#UW&uC z@l1b)$VNu2E_lq#0r<^j2|G}=O;aDh1tM45cEGtw^JINa?kc^6r3wn_VV6zkyPX}8 z8S|OFo)lP~SU{INMd>>{ug zrX2qG6;v4Ga63`g_fOE)t}dS8@58~(l;PHbBOeZ4e?k0(_mi$c=^JZJDlP}dS;v`k zMi0W40TGI33e9)@n3+B)Yrwt;*N@>iygWXeP)OT@qnwV33?Lp5wRkwyv&J`|ZPM{` z4&l^3%7mQMU|rftKBQ3KUPnG_k4}RtNKXcU*)T_;Oh@c=hXHb3dSZxojF(!>osFK< zN>7{QK@XuKPJ@#jqd>L3G4|5R^cwbIi7{M_)|C{!o~o4ebn@>}ju}nuj@@jInD~Ns z8Tl}^dodXgmH1J)sv~9%S~}7Zji{UGq(EPM=lBBqAJB3@?H`RBrtl%>>J>k>*bV#2 zzveeUkHu)qh}H#{fwa@@>c2f^Ps2|+D;V~z`FzBQv;_%pvR;}pKH+IG<`HOrnZ`HN zL|STo)BBk=Y<#-e>*6JP{KrLonETa)aD&509rQ|h>jOL_wDwp!+(q~&`dx;9`(Cju zYQ`6>|6`U(*9gZ`I!IzCYV>-9iq($&rXVB%M;!iu)?4+JSgKCC3^ zWuCc4Ok8ZK*S~A5P7J)W?At53t(4J-S@z_(^ig5Hohkc9DDW(tfqUHa>s!YHW+|s} zEn=zPw|d^_5`oLB%bLmH+_Wctv?-5e&&fG^R+uc@eJ6)#T9i_+pSfz}%>Q%|75sRs ze5V_rH)j2`94BTPry;(6<;CLqtWI@`}L{^KNW6pq)3(eK|hXYn3$sJ+=eU77NoB#ph8ev^; zZQ)Za9<<)xXV%>9>zQ#{vvXu>|w zSjH_P^~+)Y<(zQFfh4^;*LN~034kHOFm94XpSeKycH|c> z!{nO=D}XU(`3BB4sqYuCQf$zqGe^ZM3Kq=!`J>DJ@Y9}~gS$ti*iU58hCLjZYF*nU zLv$MT&t8T4{TVBY-5V^9f=W%ckM1AEf1SPl6Qy&$1sGxS)>%f2y^I{wERCyJ!KXB@FLuR_bD5{2al z$AEx}cS7Y|ONnGw7~ZAX)D!Q-7g4yM#ue(6AEJnbKVo7A1OS{xBo$A}Z@%i8jG_OY z7Q@s2lYv^!eU~DtdlIhpD@oDqYkw=z^`;807b)(qg3bo#=5_ZX`#^(<{U4=qX!yv$ zoOFWlQmG!tn%tv=8ur12Ha2asIcFeCJ9-(ZN*)?m0LNJ3YeVE~1m(S+x-yBSc=3%% zFw5N6PJ*1RkDaXAr>e2@4N7G-uUD;$;>EHit(oqh-~B4|sqx%)&HI$uY0%=_!5WBX zI#_KT@&xkLhsCW&jigGVw%MNsV#Bnq1xdmT$Gm0BxnsE>43g9L2HkzOjay>tKd3UV#+L$ngU7`ZWAa;RY(?- zvmPe>$R7Z|b`$rx%45x6b2{(K_@f5$L3s= zWk0g?fbp&H%9#hP9YY+ZuHw1J)EXW2i1lFvN?~Z2CIg23X{c-mZC|c*w$BNsk(l^|^-9qc1I#|U3yGRO{*L;JP%q*25m zv6RAMPNrvV;Wvv*Tv-{1)MkxAK8D&w^sKJjw5#?gEsV5XAgpk{!pQjeQcS!FOJ|FQ z`4gMvTZJU}Z+;^Y%p@U*mjXi!&d|)3Xa=SlD9#U#JU{{RAExsk)5@l^v)N5Bk2`#^ zO{pkDc1NLnDz(~eh66{s2jL>t-WTdjEU>0BF7?ioLYBs>wI!ynByY<*ApC)d~z_Rjl*G|!kHdu7b@=gRdCeRF7pBYmaJPNQmmfnwl87$ChE)*xR?fI8D}S9kXE(! zDa*c~+)>Mvkk`Y?@Va3J$@SMeXDA&xO`_@E4LCy8$Tmq4DYC=gr>&Gz*IVP^Y=2_S zA=);zJZH7UznRl_Z;`81y>(IsUl357zb*z+B6D z4S!T}JccR?1pwo4$}W}Hfp4xZwlH;xN+&O40~FF)W#2sGDY%X==j%F&ux}T0N{Fs< z)GLZQJC~Cmn6O>u0G-`I!)6c+D|9F&%Y8I8yThZ;I6XS08~cq$W;&*`n{-k z8BNC#y|ZN)ycHAg2o0#eu@2rPqB&en?g^GOMLJxnh%5z8Ex~Cs)8a10 ztIDIH4mOz1t}j@BbR5A!H`&Qxv|H{A+_ym$w2(C3#ZEmXS{aoLiXVbEOHDS3r8cN5 z;a}bFF2ksbSf`vx>B8rK_)siPZ+Ezxuhkb$vP>AD#JDf`Yj)d~tXwJO&!Z zlaXF?OaJOm{w;noJC;BtyjVWQ@t%c!ezf+UVG30)bLcXXukXHl^3Xc$Ta=7 zo;8aKrP6--^Vr;+;{eU9i0pV{sxPv_&tp@mP)~ z&0OdHS2Mg33+^D@f?{h&2&v*n=Z#1rzBvc3E8(?fWj)vma(sd`hA-?41TnK|ox{8% z=OWO83+I@>%0;p0LBm|01NbcSZz@a9#cEXD-nxJb1IjKpv|+piMyI#7ui}L3Oe-GvW-F zRq8MZGR64D<`CR$&|-2y{N;zm8P8AsR*nkNGioX61$=T^(#&vGL?LF&r8PfqqkE4R z-}?#r*op@Ij6x)^%RM)ygwyaP(HqTb#^%H-%bC5|U33zPMQ&p)3i6LtT z)*VP0d`Hu1TQyv~5pJWD`sbK>+38)%Go9HDPPa!rs;s|opj4?}2n$yI2ZmlGp@g$@ zrF!89oVuolVM>utpMB_AN)FIECM`6)bxW)KE{>8&uXuXl<8Z{BA2nE=$gGboXg825?F5PlGZ(#|d|S=ss_H?A#DR}hSBl8+V=#<|tA<^Z`< zZi)Y96pd^YSae10&>g+=%6L2}y!`tOOu}aVbcg;;o#iS{`ae@HB8O6J`^iBsd6yi9 z(C6OeKgQiT$TBdfOGIs|Jg@zQi3Zn42M(d_=Q_~k{7vp?1<}gN)n7k{My>~5~{llF%#nM)X}MG*?ASw4EFH%D);)IJOD z)bm_5w2CBS`WQ#$Dhc+_nORNS^6?pTrS=zjrFh_R+o!p&`z|&ZE8n^HisKmOqQ5cz zsn(|6{TtOGazN}3k2d-gX{p0=an$}R`{zfGd!#N^2cOarBePoYC$@K+PYKaJGZMpT zR|L!Akc+pAu8_T6}Yl)y3-DL)+rV=GD+x ze3vLHQkIH3)k(3%k)fuxgKE?Gtm%*8eB)`Ro3nFThQZ5ab;pw?fR%@qLXlGWP*9&Q>YHwozF;9U*PtopERy5lr={O2|-uQ0N2 z>$9&&94q1Oq^nT8F0}8hsmF>BP-`{?gD9UVcY~?qNumE9pf*gwULDN9-lnrki*tIS zFsJv1aY>%XR^;UV>f#LCJMi+ut@aF2tk_FL$XmR+{TXU*ZG6Xjw8j(O=yz|j;C+6; zND?e>@kJQON~r1!{81PpGrDjW>+t(`+c%_Jt_iG>AHk7T*S~Hi<=G`M>LQ-O#1c+= z-UUZW?CkKWIsv*5cbR)u<=m`^Q>Plhn46(8-N_lHc^H@Xb$NEq)xt|PqpfQ&)d7A< z?t8z&E8ZVP7t-=o^NKAL8ksgYXV;QnCyF*hg*tt1-Rfz}b_k22M{sFX@y6W7m#vYf z-aP&g_GXqQXKj!6i`lpJ{rw2GAMrK=`Re$KiocNyrp~w^?NE5nkAjh1vf^9-VDKtk zX{d@wa(PM58BIRD#7rNbgaYM*(1TM>rsr8Z8-KzLVZ z6reE!RT6dkEfs(RYKpqy7m$OhwZ61!ai1Q?i=ab zf`BsjS}@q?h8m?~i+=wKeR!FM)}?UQ|8ZE&nnlO1ft+ha#1sI3alTbFm599`B8;O- z=@9y!*@}wwGxsi=HXmk$*!@fC!|B-r{->5hcGsst5~>xa_@|-L+}c^w9$YZ?G8DdQ zWEZNow1dsyZ+q~M7Z&G_dKFsm(c;M0Aeqyk#8qu-4EQ!%%y9nY3oU^wGbl?(L%g-h z_b_pTpBO3~fL#6&Aqt1_w3D!(F(o?|C#IzgsK~A&1g*wkYce`EQ|$3nH;@O1cw zt^*p*-O=880A~?QFV0-Do}5K7NEl*({c}ZXHU>LVB}C+9rdfu%ciy#$v&`)hX1f{M z^G%DNbcGO>4guXq6VLR?bxruI?1^eg7+=_*-%7n$qxGR9V+Bp*?9q9g>d%s-|8;Dz z-s1Pswl_4iZp?x=7;5AE;xcv+7EeNoE>=KA5Lh34SCg~Jc^kXtHphuW>gUtN`L(q4 zD0_)fwS&tyUxZ8pg9)8{7a3@T)UFD9T9-vFqyUyo8O>Ff)VqcAG1g#V zY~SM9^hX?XUj3$j6@1pm06B4hPck}@1o^rLDNf{DQ{OeRtlKz1xi=UUEd(IK?l}H< z{iF}F{%o9smfm)qGM~|0Ow4B_%E!O!5*gcYr%7@PqD_EiHI~S8qS6R@g4^;8))d!dRV7DRMrm!ombY3es*hRZg$F+OYF< z*2_;W95GBWndYxQ1if9tyTqr`_`WJTmd;tNHz+lg>#B{;lUn$_B`wf?S?eX-{tW(<_y*Js) zh!5y8-UhQ#5odTJW)KEfo%VkbBa9S4JzHCAx^GEQWVN@vZN6>YZY{bkRFpR?pIXT; zI#h5BaB>h9*Y6GPLGeBGu$Q?jAM+qmlSz%t2fQX#>`IRzJ&rOD79A|7qQG%C7~NX+ zCQuTjsBvQ1J)(oBV~S_uw2d{cbGdl;3p7R8d-Ijr+R(oZ*S4XS%4fR!02S_?Evo5}ht-qgMJF5aP!0_-&-!5Eg|Z4|=a3K0**xZnSzJK(FyLTj zlmzSh-L++vt@(?7tA|2MWYsMYm!tcgU&_xxsP+dD^L+V&&6$kB}Mn^Pk)g>IZX< zR|O|=#I;>!dsxxwao7EpUAMI84l7pkUeb8ZZN3@Aw2HnimW}#>Zle10Cd~){5EbaQ zn<2o6$z?*gbHH+y)%CgGr>p+-t*au-dFdK#eyXb()|e^&fnpinfz~h9okZPEKTHj* zljhUbcbm-0TjRQvKY_bpwY)%06)y}Fw0}s><-GG|X#|BllE8&yx$SPEqG3_6lB4xq zvr2m+7io$5%J_)7Y4GLOzF4bnaYtBTJ3HN4alO7U$OURoR@bn@=|%Wx{hBh{*G1%C zm^9d{*}Rqy5U6OKPCj>v7aerX>>3gj028?KQZY?^?ThdMxN^7YjjBu9d6LQ48h6X@ z!G2@zRLkeP`r7BZroPt(r4Zd(`UR=@LERZm!!W3$*H0`-3R7{IiJb{F+evBEj-haj z%NvDLHA^*9JrUC~++n?}hg~9Pr&_crZD38&aC7p%dO&GqYwOqclUQK`J?;5{17;ZL zZr3g&drCA2pb1JW1ib#PJ~SGpDA9R>wKU+lZpk5AUTl{N_EDY^-!<_NL6egf?|PsA z00}e$GbXfYsVE|Z*1Eu&jL;7$Vc>6~*P}4M8oK`Ck7_w}7 z)OQ17hNZ%e>y@~b_keV+kEwm-lLW|!1a3oVGOxwl_p4{w32kk)__t-20gfJ<#^9m8 z3-^li-)9Wp6n9F}7)=$Px}TfZo=@-wKDy4SJ0ij0+l~KB4(4nva@nTKoBRs+OJ|&P z`Xdz`%fB9W(AY1K~HrG z&Cnbk%w%i#jT~6!X;iT|u?EqCctT);Aw(7h13)%Rx$}=Zl`Q~_Ep?Q!jUffRURqOY zK5g)WyBW&L_Y>kYFN+FPH7^G%?Qa>&XBDd>R~}4eM<~bhk%f=XUGCZ^gX)-EW7*(70-z*tE@2dQZgs|4 zra-!0sNvL+8`%;#6EI@iwG;q-yX=}sJ(qU#a>i&I47xA2L`oKa?S1r%S#4d5G@na< z$~!wYO+efn+fOq(Yq?pZJgOe!;&;2In97qxczqgsT`qX-kD}%H{a)c8JpY5~Jh@%qt*7MU;Y-ao_qdJ*gu@EE zAB9@gUup-TqpabVH9aL|}QP)A9~*SN6Fp%>a5|(~^S|bb_D=kMH2}jMA?R59K5P-ou=B<_q??bS3RGb0EA_dx%pm@#PGo4vst z>+4~1-| z5EhLh2DmE3(vfW)lWHQK}M!nhWf4{<$*t+p=g;!fYH+is_dv^6Q2m zk|VZ!=YU>{Kv`8{s`;>kR+eb?#X_be)pl{UH*VxG%M)sO4S;>_%I> zic|$(RmDUOx^qj1=XRS|QlLqC`i^%SMG#=Sdg~om{#`Rnd-%=W?^sH9Y$lJFC#z-a zKED{L@9xS2H9Z)rzQhq6HX?O#xtmLcH5|Db|H?I;3g9aOzT53p%30Peh{5$CFhW5S zj)f8LrNp)iA;N{9Wsg-F8KEd4Un;qdgGwF5vh31V3+}9T$C4`JQd|<7*)?fmalXNUT<80jKu)F}MSz?gW=#6xRKtd$gJlu+P6MZ2XFULCG%yo zD1N}6oo*4X!36WS{E6tXd<|}@8qBjN=*dZ zbXx_M&6=sMYZMi=Uz(1OXBUbs-$8eg&z-$p%qG679v9aYCgysNXRll?YKip^6vE=` zAU`lMfrk_Dye(zYB>naLEJl%&76fb-Fv@bTNoLb%tP1BmLS=hAs_v?t(|}ZD2`l7D zGm}G#h1enp<0Sn{<^JO2AFLGWfi{&}y~uNzkt2@A64moN!+uDF>{`3D>J5Vb|7c?KJjf^t+%~g?g zX~L|Jy)>xp#s|jSPHe%kvQlu6nOfYPIJV&qsqNNAM#b;*^~I!JQPo z8i6Lhb1Si|lYsBIte}yyy$aWw^W8< z>b%+>+o>l@?d4bSpHU&Y7w|`;IqeKS$^ZLWx-?ELOM%L%I&(LU+st{UWoQ)%ks+{L zi{-+lpnXk&)bB?f@zc_8sQ;5!e;2J0@W>>^zti}y8?mrL1Cmi^8c$;| zlu~MSb-E(j)e`+5$FsM+z8{3f=ZB>IH@4aEqQ7{P9_Mz}0n@b^!404umo#p+36-EW z5#ECe&y_S@+HjURwL7V(pm#i3wt9WO6}C_DAw~bsE~BA@#={Kq^%*%e?fp*#v4~NI zlbLC0?9L9^B0kqNi_Rcb4bp#aEGXTF!Y7YoTo96&wP1!}`dZ%h@*vaacDsTpKH3re zN2ULg&=B-CK7RK0epdd!ywD2es91GA^uuN_@D(O-tGQwSJlKrhyQdYVTWdcS^am^= zPg`zRE9~|sfhX3;@pAv$DhMF6vk47N2}=LV%XTa$PtAq;Wt$b-Vw=`b-$6C9~=~zF(`! zR*%Q^0g$p_7!6d>9RzHM*G1U|iU6Nu2bo~ti%cr<{R61Y^5rx?8TYj zjWsQ6G`L$@d%*yBJe`Z6jA_0;%)#a(x1b)QQz{6!A3zTHBkb>@_>(`>si%+!}2yRj)%Q${?@EE zNNnvg58MpvB6v9q_@e{D4~@3FA1+cIS6R0x?_rmsZarRaJ-`qvi2zY?tt%9_*O%Ki zf@dE!((r(Aq}Hy4e(#+L;RHpuRGjm9+O@&ce$O=B0I7kF^enG{P>}Idp5pZ^y>MR& zt8FJg3MZPeF+Vx>9(3JKl5A%v_Eff}!DtG$_KoW=ZiC^(Psg4SY;dXbw`W}_0m{_| zf}l}!Ghc;WL}z2jhZ-A&YW&>20$`j`fAq_H?2|k2`)JgDBlTFQ(mz+SmC7{SpUgdf z+ElV#wU)Bth$6;MNjFTjS7>-RC=Ph=y@;c(QMnU=}) zRK=0fg)1iIQ2H%xB8)B$(SI0geCj8T=r#?%L{nb3qwc8Qi9G-n9E~#)DVxg8@fS#q zq_~fzq4~Qmkm6k&43>yvKFXvHshM^Q>kNmppI~hU=!ujcWsWp>d+f2#-H;`lp>Ez0 zyx#Ry7)@jWpNA5<-^E!QhT3ZEx{YG2Ux`}_IZTno zjEnM=42LuI?_h95Ctl_Vb}e__C{|57Ht5CJg#hqg1h}rI8`DH<;=tnDxqXt~r#5}4 zwut#zT)#Rme89i%BhYlCp;RB2lj8?f%AboU2$Vl14A!z7T*UZI3FpSH)n!JF)}XbC z4H+IPBnVR~mBng+kIz4ae$R#ePp!de_2I3_K z0zbf7yflbTuaC7$ywO1|=ZVGX;kg(#ge38X+MdLLk4tL+joYRDhi?vd z^~~SupfF#-?i7~$#_%;V(}8Uf2N#ac)$5I7l=hK9*q;nMbegOGkdY`Ed+ z@h28aby)o7dOxIzOzXBUzKKK;WAMT7YD)1aJ00S_OWz$^df;lD2P^tUxL;*kd!Kcn zxYN?zASo%v?LZ zAhc#aTfW{{%5%HpVcK9-NV9-_;YX1yOnCzQsR-7Y5AN`ka|&fu>kgG%Eyw(nyxa{1y171f7v|{9uj}mv&uTdFUFt782reZbJI|i@z z?qB$uNO*0I>G3+{KOgqZP1}!q3q8b{(rlo+O;xGBq_a9`7Sn5|#ml`K`miV#FI{0FM%j$Z+Ol3-m-AfH5VgmrK~Wuq zcQscDg};CA1xWpDZ>Pdp_51RxWGAn*`mt2*UKC8}sB*C)OD~a~DX98K`*GHXOSH34 z+0fs^Fzqphqbc&Wst67&?xuPLQ(+P1wj z=L??^OwQ5uM~q&d{w-c0DXKv5E&#bPUXvv*E0a3$s>oN91%pK{pguWvP;}{7FC>0) zmRcHKdMRGPeqw8}ot62J#I@YEV=|wu-HC39Uws$0rfBXPsW6)yJPo!b>PNcAfYstu61r3fE>u1B-vkMIXj*Uf*a_<0s)=}P<(+-3#tJcEcL$7;!I z7xxoCsL)UbENSU1%K}NIY`ksvevi<3-bX;70Wp|;Q2T$vAWSu@j-Ty1Jc2ZB{tQ|b zMx9bYKh&MJw-sF?5HhbyyDS1`zI1*Ault~cH#0`|tdEpq zlZZV)(IR|&M~8vW^#n%gd!GO?XzU!D*kgfJkoc~uAOz}j>ccj)OZs(*pN9$VW@XB~TNKAoV>kmLx`CZwOD zbfH-C>knQY8aNFgi`4oa`{%ORFL2O%!9>ZFvYXa0Z4d_@NfM;uSXkPDuRQOKCuvim zj-b4L{@E>S^q!~J!E6K6bhBt0;1EZMKtP0oGm7c(p;A}aoew$0dEDwGYFtva4>8eB zM)9psmap&+3b5iYb(RkKw_~|@5qnGL!Fh_gt~x^+11BT_?t>BIMH;E^iz|iF<+L0m zE5yCICv3~2g4t z3K<+tidJl>q}~Gwt^i6(rC1f~oUty-f(G<-zQSb~_6!Q~o}W|*VGWp+o>>Rbk%G)( zli}AEr{cy#4&3kMQeTVJJMzV37accR&NY7w0bHZ7Es`9JdqKx*j9o~QXxvM`RMH(p z(lyp@kIhBrL=_VzAHVc`GM`aC?M*-3g|q;_m5H2+s1t;G?~4a=#ES2810YjjxYt zx!TpvpUu{{+VABhy?h5+U;c6KxEI~$wF3kRte_ETy-?RUZX3tKA_^*$I%tWG5W!Ku z@g3%gTu*G%Lws1+1(ifPESeK5AkfhJJ|v&>*!a_E_SdWX&*^sppv;{QPwJ=6ip$EK z#Qb*$_@_YOWg;IMvMm(uCz0*A_;RzeUg`OPPLyY_R|s^tE(>~dpX0N*3I}NbDs~YnA9|J0pu<`1sq-DczdxHpGkGmmy@+Xc0Wl_Z7Kc1P&%yS9-pO0aV{V%(ZdV zK)+?L@YtUuO++=$<&XK`+82&>WeuuGc+n#7i^iv>65;Wf*QSM|bp>~TRo5OA?)IfU za2|(fu&p@CvTgNy;GeFo)a)`)_5@lnn9iWhN5362d0}$%`?w$63GWt+qCaGE5&8%h zh@_15Pw7cr#r7+pmM>CxQ4)!}K?$vFc;(vs;`pH=GlGU7(O`4QB9Gl|+MxFf{8 zo=%8K4Q@~5{Rmqsritk<;u22~8|Y!W=d}kG*dpyK1%GhgfSO~rn-(1h9|BW~ne5gF z)?>X?Q-HYvkav_SSiVkSZbis3SJZh%))-^7OKko6fq0jRauS+&XE#+e8-UxO)*7zAIy* zTl6N9Wr^EUz-KdyED0=l5e;7?{-*C!+c#S(G2vX{z!5KfjmKHViPKSHA)eehZo$u`se<+%A=s6_BUx`lvWr8!LW|g!<=Ix=Kdofq30_kt%gv)>TJ3U zZtr{>p-ty`Mg#94eHOwTVS5Cz4dTrlAPZuME!aUmT z>pPM7i0>FbkRpAVy2vt{k)_%D_ z#bkAfgapmz){vpXGfvn`IE)OBAuvDE*~}g}#D~K5bG*yIB6N&(H|1*tQwY_Ofwp46 z-rnV()3G})BnP{*0tDufWsz!@w?{MO?)LK#|4x?~d)?{X4m80XkDAEc+UxV0(dMbU zqvW#kWj4Wc!Qv72>b%~(x5ZYFjlSM6SFQyRk`JDHt4&VxQ z-@8HwG}+;Rvm|hR_i@pvRTdV6N7)PK2&}?&tlpv|AAQ$s+g(l49sN z|AhZ^J0R`;J&jUWF+_~R<{dS=ibBbHp3aPK$foD0$3wnH5eBUW*6}vhTlULghE2W^ zQ;o}{hQ#ag*N5`Tu@o5Fof342S$!ebf^pND2;7Y!DBd#V>-C2IZTpUsZKofS)rEPR z@(`xUD!t!acirg&7+7ECLE&IS9*<=fbfVKcqAdD(b##OO7wU;>4=re%XfvNLiiF|8m}j zwkkU0s4_oD{uZ9FTWr~2a)$#u@_1@8J|L^;_oobAhHq>m*suc4r_uVYib1I7IPwa60CL} z?TGpW1Xt2(Z=_%alC(6^yT);nTKxW5V=r+21$3OH-!W-xM7b4>y?j_)>OP4L9mQ(3 zNmCVP)oe7xTQmb|qddn4$F;cOIDbh8kH3IG$$cwD9m!T39JoKmb?aJ{ z6AtC#%syt2;~25=3_XO;-4N#{mlbm?ChurCoPBF^v%}a$5dvfdL#=lr=;dD>_)3X( z9tIu8#K`2-TK0P1UlCOoe6rV8??V`1 ziZtrNy(TnpfJ~XOZe1toAMGA!pjg*q3^> z((#YNs)RX!O_G>NdnXLHiRt1vT*Ld3!6F-*v^(e!%~UO%i``3I9{xrMz~}shmZR)! zT7)^!uLRnJ)|{hS5z~cp@9)Wv-bM=C@E`_JX0?huJFx1EOWrpme<{41fTpcY|X&__#u+pbb(UW9mx~X z!r+6w$f}m#C0Jk8D~Z*}&%Cx}^hT)E>7Op@x20OSYb}*nX7mWNw=YeY<{ZQjRS=C& z!^;ulaPJ~Lt%>1P#02k`gU#K}3>x(8IsK2}mvW^BOM+_;1YLLA3zg;PgzSW~q`e?w zk3%zCuP^qDwsLNYbB~&2GKED9E>>_#e54+F;AClckSvFNBWxQ)soVWx)m{STnC1lJ zTYS{0mNir{n*P9arKyYpCfJN$PXlZ5o5rW?yP{o%+W!07>jJ?r)(LeZ zMM9fKy(ij@~p>eroNuik#$t z1SpYm7n<_ukk24K^c z-uDH{XlQ+o#?t&|Jmsyxe%BjRt{^6OKUEiay*?nk+lDbl_E?czwowvPV>ji`4-hBW z$b7+-tsH`}yZsTBjunhy-EYBcmHq>#oISx2!k`D3NRCzcpJZf-H!FG6<$QVx7^7YFp&b)wxjGka?ezj5*U^S^&vad z8sbR&p-l%8^@#5tyySDwbaGy5 z^Ol8jue{_UXG0A45_d$9MvwgeSpd=QM}WXtzTKi%&*PJE>$d}MX`XyPjSME!`{TTn zuIHYXtgi+g^9_w#GJTcO;*tJD|XI;VNc~TlS z4c}($JsE`PL?7Ds1ZV->Oq!sk_i^-FsJvKSCq;c(IieNC@+7qDgai35Qt3L~r)#tY zm3-31{Waie0&#$`h18?T)3Y#>4k0T|x1|cz$MV#OoqsGo9Od22 z(S@ND`FJRYDb4S+is&7SlRn(Me+%!!XxV}mIpSH7K^m#I?OvfmE>ZB5?;;5X<+?HX zs#_}AfsZ4zgDLN6x_b8iV+b?518S50uO}ibD4u-@`vWT~$0X(?%vMdV{ ztBXmd4LeS(gXahtX$L393V}u9mf7=TeSh6$1To1U7t*U({D^%*LYN#PR^R{vfn|SZ z0(3#-0gMLN?+}|FSHc@kQz}h)sS$2QFyA=8b!TXrn$NgN^{NTSKR&!_m6 zhcv5mDg1YB=*HtxyLc(S#j(ftH@rYbL*w@YHsT~cB~*-aF7DU%js@y`c;{w4#?+0E z916HT-vMwSk*)Y&|HXo0GM`#Y_}-7XPL$&8Rn()7RnE1G>CupGK_q>Jl5s3T1L9xm zEn#_5N|c`7Hoh`2E5)R)H`kl9U%yg~hXC~K=SsECKetSzEUvs7bexbNM8{L3$TFc9D zqavXkYi^;v;f9OSD&acpKQ`zbRUW#?gE3lT&1Sq%GVuDDa_4IOV z-$-qr%}l^ve8?l@aW-ep{V=^^Ms;dJq#K^3f1#NZxx_2d3rQ#Hbe!0&RDUWf1+Y<{ z^DGvjgcoRa8w-k$p88}`z*8ztC%iS zVRkii$Fk)k6B~NiQPGevuDfNzGP5*c@>%-imDOT84F-CmC0+s>p{HB@G`Nv*iO_b6 z979HmY+?MYXO^chCpE{8r2r7vSoEnVzU_u$j@kp}`^@UTt3kh+`|H})Kb?*IEzPiG z0mMpl6XFP34=DUxRXP2j8fT;Ly4g7&TTdu2)!cn={7{ik;tXrUHH`U6Li(K)z;=rc za%n$9d$JIgk#n^B+I9Gg4WA8TLa=PPKj)3Z4F!=F92ElC_PeuV8f@@o4*a5?XOU&b#e}fm{M)!!Z+M682rRQ(q_inb( z*doexVKt|AOpWIQVJHP-o0 zM0PtK$T;+zGX}D+Txi7xfgVj7djFca$Hxs`!N=2GYP+6SJR8?n1MyyJ8$Mk7`ep?k z?n*_Nt>bxc5wCF*#bCOhsGVzf3}OGT*QB#XDStg|A$1a%5mDTudxVwE^4ay2mJ3dp zojRC^17yzej|Gq3#teVHgDWjcR;p+}$Okl?S)8`*Ux zs^bIGJf8;jT$Jm>(~7=Qi3Rca-hTJdsGr=rpXO3M=RPT;Wn*2!KZ);^ z=at|#H^AR|TH~8Q<{#1Dp@8g47u1XM`io_zQx}lx4O5s2bP_zpD{EW2n$moHLUTo0yN$^yW?p5w2&?y zqn8^N7Z#J@)ySon?SL`HO72xRt;fin6E7X5NZfW$m+CZi_PVF}C?34O?U6R6D^p|o z@yz;}db6*UV`3l3v$V0@!?8<+Rc1WO#WnBlW<4-#Uzg-V_wqX{=0Eg@{{~)eLwIm^G1IRc~ z?zA_eXW}avbwY<|=C5dTh7K)b7u&{AD-&}CkQin_cegJXb-y6ooy z91-|;D7=RTKrYRUx4f;Jd=uRF>nT}4#6%4)Mq;H`18Ex@BUd|>)2*Bflk#^Ha5Z*6 zSiVt`AM)aP%+`C_H3HLDHhyEldOdr2I(efFEmKVuX3Rlc8{}d;aX6=ty^9L7?2nW= z<-^3oe98M-KUtX@&bWNce_+RW%?7Kx;_-XrQUB3i6_sF z-y#!QbIo#Tk-yW$pd;Vj!fbESrs~q=;3uG`92KDK~xskad z&zec{&?Kp$=&+H|+S$)$5=SaH9f2~;4!!zS8ZnP@_0e`J#7-Jko7EM-x02pYhU@O9(Z%*58QH{mRR;~`b1n!Sn&0YuYXS95qb?G_d)$eC_C$MRKcKw`hw5%Ttx=fdYvWi@>hoeBx`<00P9 zzmi0KpC=X3@X>6pCc4FjjkXZWxHN{{EZ-$a0o85IswHd$mqWb{7g3RA)le6)r8 zakL$(=w^&90)3_;!8xR#EMnS|i3mo1$fwA?{NU#3b*X{nvf;l%Al5asuwlFNrquM)Fxj+3r)fB8JYH79O2TVXhzowtaG;;02~v3r(A-7x+(gExee#_KkZ@@++Xn6H(}COWp^xL@c%Yg z-BZs#!O0=rWOc?otGAVUQ#5+h3R~OlA@G^CB%x^yC)Uj7EZ@51@{tsajL{9sZGsu+ z<{3qlmDsC3k$ckd>2#KBybfT^g>2j?@{dl&@Zt37{;@T&J|ne+QE~nq8~kjg*og;i zI1nJ#E7Cd9IZGdHx$_OxtE8nL4Ho)n9K6l(Ejsh7(4W0VNzUiuzqsHZk%+rinGUzj zGE-j8{h*Rw{PsH2>hZhhr%ypfkAn9TX)dSy&8cK6_L5Y-vo54H`0s}T&Q>e+va76) zIsywB+T0%@(Qe@;`4LPx(vo7LjgB*h)HTVD(;o)4I7GaQjIxe~^Q7IOA6JGMwJ-Fu z4Hn+cl`;ki@aO$gsr1Xdi4)oe^2pA55E0`bN(ufWl>IKn>+b)MaW$@vCbT=M`Bp#f zIU4g=ldMr?pj6>w6v#XbN!~Y1?{~?p&=_+J4d}=F{GihX!gkK`Z5n1%xHX9)Q(z}~ z_$f!g{!2pbe^l(2pheTQs63Hi{1?NshO}&Wi^P%sce?~Rap7U&RO|2URUKr}O%cwm zhRl;$=dN+ag^>&h%fTDGt$UxYB^gmx8T@P!-`^ssH zmXRn}GY_Sb1N;9^6T|c>|EImpd%JBR~b!pAtK0sHuwS5M1sjxh3kUKd^O-E1Ebs3Y# z1wLeh6E=(*-BU54NI{d{wEt2{t?=doOP+AxZ^s%}t-To{cB!SVj@C|?jVR=78z{Xh zfe~_DP95cp`K3Vl8)HZzx7ylZ%@4zDL5%Q6Fm9#-+VI5zg7A& zJ~3KX+3iyV#H!qK%-kEN8si3Io!KR}A2&ApbQLV|K`Zo98}GI;G-$hfCr+19yjj9* zk!t~CV_~1N@fsP>UhWPs#3vd1$~4#-drQ|ors*n#Fs%DBKnzRnFHq=~!NbHdBSS!> z7`bmOkyowe#<~T>_;BM%B$|oTo*D#hvqjt<%=V5P|ByO{o&rwx)C%yx&ys&$wL)pc*||(8M*}85cWQx8U6F1KJ8tUD7<&+;-=;vm7ijBVsF4>EN2YmzG{J9z+so(4@IOdou%!k zgZW`hlrHW#Ef;(iX2Bc-l6xWa?NaX;MVud9sw+XT`C>uAmxNhN)D^Z51@2R5Li1%0 zGTGjiY;Yz*e%f-P`rh2U?>7cu8%g8mxQRgoXXi!dJWw><#_?lNP!W z5DyT4oOv{K^Ac>i#^l>wkP#^qsQMQxcr+22U^0zq>l^FP#b?9|06C}qVks>*Cq-7S zkO4aQdl$Va4U|2$W}g!ibcU2b)Ju2>%pJc51o^<#fT*wyNlO6xxxj(*Vy#xjQCx|I z5tDq4mf2kV50AG+<-#>;8B%2t=_NVo?OT*GxSx+YjqBzu0F4qLs$`s>F%E4SRT$eCD1QG{jGpH{F`_-?`=WNT2tO z{X*rC?tar_8p-x)x3%4r<_=!iOaoGt;VJZliTP+~9mO}XwP|Y763>=B&TRt9n^oa& zb3wpnU=_i{Ej6zoq11YiR{&uaAi3ovv5kwvS=V)TQq_5tstM5t{{6F>pqS5ouQMhB z#oKni6~oi%l43PS?Lyp4Ft(v162tMs_!l#Ee%h8QQTm-gKUQJM;6MFRjdr= z`l$JpS#PLQ2tq|23G>5dD@W)k>H%2*?*$K+4ZZo_9t8JP6t~J;CJAhG9RL!4^)(-a=ErR$j@Uv zuFl6Rxwa*;INk@O2}y1)cx3X@@nmfHeM0p{(&R7|;j~iO_4D-D9eLA(_KTXo(hJ+U ztx|G%da~ziOHXIEbj}x>vyZ3tQe2MQD^^_pY!b?)9p@SbHW;ggA>PDuBJ;SkH1O@( zCjjV8ox^Ub&QL*Zvh+1$E@mjjD$;J$dc^|Y^rdP*5ZO84vQQw?Fk7_d{l>_5TH9=yG4jW11M zm{y!gn$g)c9X38gE5Yc7`_b?Db*u;=@@bPVS8wWQq$8XP$;=YYCqwm6gTngwRzWEs zi-u+h1@e6!8kHVN=GwpdXXW=`wx#vF>i7;HE5~u-jp{~Lzo86aM~!*PIw}wz{M?#T zl1yG=j>SCj3lu#$oIbk&{^5P!=!zIDs~7#ZJ}NoT*(ah_?Qx>LPa&(+{NiL2G!r)e zQJYHYB6=Czf_ZnTZPkzw%O)114yLNV6;@X;UB9eJd|Q^E z&ZfhbYp1<7j4!CtIb)}zy>r}8{8)yMZ(A;oP|i-Xt1gWjLFRzpmlXG72a zl2#kOI6TzaIg}!g9z}wKc}`q|Bp7nJ*9ezMDH{{wyX9(oyOmX_4H%hH0ukE2jH+di zi>lhA-(SnAO_7zu`?>3dSjb6b<>g8H?l>mypf}qGgJX(?nB6b9g3UhZ2Hm2|;<3FY znvHp|O~M2z)xke*eZZk1@w9Pf_U;HX;}GJt7@w%oOkjGZ20P0FA5rfY^Q|pB=xr7K zI+E^;!U*CB{2)6+*?Mrts+=}1V-upe8#>zedW-_=d;dR1W+z4kSR!$dr}vyHEX|sRUD8n_ zwKsEIDa!S%%}kpr{bTW*S&Xe@rPW{?e#OSY``IC3I{J>{j4Q zsJtYKE>x5r71^r zjdKC>$K5~%k{@`mp@kXp3MqWM&*@QjSoV>^n*~gN3$^Yo^(q2GJ{L4;97rS5>vS!G z8xhhHLfS26#bySacc(1(N*dwmuNf0; zpUS@n$$CQt6U3!4cXi?CJTTx2tU}&cs&S%kuzjWEuVsFx7e!XZ4?d!&?de+Gp22a6 z@9fqIb`gDav3V}c-SJt`zEDS=;GJ zU6hTfU1pi4J_Ebg10$p*_K9*7|EGQ*j82E>pk|Qy;D}Qp0a&D1dM{{b5oQ$^NUU=U|={4Cbj&Hv__!mH{%4KTK_7(9u!{$wmw}a6n zwRB$ajlMXgMyI{RK9F~u-k-3_3lM)D`5%RYad3qM1Y<7J+p6Dq= zL|a6GPZ>I-R_|^olh>V1T~F!S;1%=v=(h>mX9j);i&9?>;Hu#%b!vUt8-&Z$;u@ga zdV=f8+*X}d#-3ek_n~2kMex`tTOGj7b6?hq_$f$NMYS)c9+OHzahs`wQ`{U?dSc*M ze~ar>J(zRK4AEUl|0*g1=K zJ!>4lZ6WsJ?}t@(+E;U$4x6OD&lBM#&jq_Ez~OYrkIB7Cxj?J1=Zfl{llpK?fdR3=c;91{ov0kIT47&b-E;tFK)s_qC14<75=4F{0o*?pcs|=UHJ}XrT&?CP?8S zdOZ2Y&-w6!X-dEwSb4nV){yxX;9E2KADCrMIgUkOpX%%d6svtDbef+8|_3q1vxp9C|ii zJXhPk;GIdUE9NnITXlTQ=+?D4;qSfNTmK}krlqbWK6kj65Vy|S5>7t4E`IMzzwe;r zT4++?$jKOvO=GovYixHv<3~<68K*gM4R6Nh@%Rs@dIuiy+vMu_$`!$YXkPH65{(9- z$a2^~`JLJ?B1f>E8Nh(pdVyo&g8*ZaH@ZW`BjfiIa>M6`Wlgi#zkq{ZG_t;zdiE6j z={~uo_X91NjAoK>dB@!di~Vsn(^KmwzDXL=RN>s5a!_wm6P!$G@+OH=`l6G7zvhS@ z>*5`%oDw?#t$5ngOb+9#O7?HTx;V?*$2S-#6fCdRL)ZGsbjHcc6%-bPMUB;-s};Qh zaY!Xc%HwWg!v!%K@o=+7QxP^wzF=QRqA8>@@=BtMEG5vO31UFG zbFt%M8b=o(h342;_GCg6XU8Apvzs{ez9q#HKP%ybD#FUv#vWv!tg zp^r&CUG5yFj&H^+s}`xno(TKblZZLb?!T>FUc4G9qKdhNwY!cp-)vF{H+N4RS5(q> zf+c^)gb`^nFVu5SWu|+EN5+{@rMmXvJA7@>1%1h?xpl3e^?-lIsY|>020-)SrO`2&HwPAY&L{$Y7Yl4PFRKV4~VJkml zfb18k#pz&pS`FCRyfw95Hwk@$ohbM0YH?s}?3{i-yKzYM!F3lUuTzvH5FntEaq&JA zkQXiE!2xM>95e21fq_~G6`Ndud(eUO>EPXF_XS5A%jJ!C8gx_g`1Z#}kvfur8 zu^m#VY~$1^D8(s|7^l!J#Q>8M8@>AbR+K7|sv?%gz#+ z;=9dsmsMbmJ6J5LEH2Qxa%z?>Yks(k)XQ(BusqlM+v?hy1-##UUF_bMUi&Afj|4v` zDHWy0;U8AGYT?9V3@=lQn6#g!g51_}-34GydfNX`ShU{{789NN|2eVgiS*am!UWOq zE*AXuI2l>x<5kB#IAy>XpWSCp zIbWwv$QE_7w~0`Di7-==d2*v@eDVVX_f{aGtdJ=fhDs5lFgb4VZgmyyoe+R} z4A%D1Y=o~R)$vHA6}J%IC$;$zWpS!7k{OOCm!IgjBroueQ7eTDcwG<&OnGvBFSlJ< zp0-%3wL%ve?&Z2P`1`;7?Q-IR$9kS_I|kSs7K~t{4vA+a_?@g=zFF|h7vV3eKG!eE z$n|pd5qaO(w2#0mDFzv%!@KqtS81G27j$3)YP|*Jx`EtCwOocD|4gdyyhTZwB=>-8aYnB%q#vwR7e_z0I9! z5FiAri+89b{~{$PP_sBMC=Y*@&j{wK3K>@d#=%QtlHqFTz`5a9Y|zmgIet>op;~2W z05%q1uNPbiC~_05wFJA5J%@lB?_h)Bw{&wCMfwF?A#J=%iVF#qE^MN*M*kA=+9+#S zXAQ3&Ut`v-&q?z?FfADm3qVp3e)s$hqA?zW4?f`%+L|%4k~?;JLYk<-%_MsaW)}5; zCiPQ2ax``)sf*?(3u_uzz}vl}Ovw82ZndjnQ>CC&hTI<{YCJR^@N9fUmp1%Xdzj#j zDL(7)uT;2k12u?yAJ6eL_251a@(o()gN~D#B%vxdo#iRUDDlIGc4#G{bG@nFe7RWV z&A!77gcpm2@X8~psCXQoJ$&hZ3KvD6XnL1xh`kDTQ_DCCK!j_QX(C^jH98VKZH$)o znsd6o?29=+QYGeorbGB8BB#dqf^^Qa=XZArqld4e7CCy{yTI94f}>pK{#PrgN@K+Nx8GJhxTR5ou0^-zmEeD#ObY=K^I~Vm!y4BCEuq-rFyB)MybjkfLvp>w>}$- zmm4RKQriHDW>2=b=jkOrnS3v+_lD8W=e$dPW@~_hAhEVPO|O@JT++z_)0{#q(`V(; z>KwxnL`HXtVjF!NNY6fJ@LBdc^@A@_q^xH@T{^Oh>lcv?`h6ktrAX_5Rineqq+hDk z*LR6oz~5Udz5e_ zu^zH}uA2*gC^ZYJLiKf2{8oA+aT@!6?li1@M`qKsz0ALT4OUqt90a*AF?v_X%1)1v z$yY;#uQHg_}Bt=DLJ@3m`atsgephs4P2WB6OX0@xpC`N?}^ zbKXCHkSYbq3b?g>V2TZ;^A~GLew|S>qzpJhV>={{CQ`2?r7eO_e9IS zyzJGkUIOs$KlPE_t!xQ5OUdJLrLXrKa&G^}i0J;^bvU5VN?aT{sFIX_weMhabuvdk z7P$RnLphZ)HQTLQN`5CwzB|2K8>&hJ5 zX&te7q8JydQK3+ZQFb>_hy<};X$~3wY!$AfKeo7-3DG=%ufMQS2OK$n;g1{Auz$K% z!yUr&v_gkF$;R*VF?wqG{VEP-`rBI~?Il)in>7A$mPP@?9GDOrUDRd56wJdbJ-FvF zD1H$er0u@j=wH+02yT*J;@PERlKmh-RvA|!d(SO||hHe+f zZi}Kqh9xV%c%X1AbUq0g*}WS4XCRW&*XI@-P7`VENeoCpQO20Le&H34?QJ5O%9yp! zR-Ssg5}lJDmE;qK?sHm(Gb=`=Ejib9iBIkmeaRDaD@#X%W>;BT<3b6)TYAsf#DBc#AK(mxyfu* zB55H`STErq%9gR?l39ycFtx;p*L@~Q%YxAkcNW(`mQ|DjHrsa3tC2DlbW6nH>V{nd zCut8I{~%b+wyJc+m3Ail+hx$7W8q`(bS_^Ib+Q(W%f%XIzXOl3p%Z_n0dK1iSGQyJ z8#1IDvNCne4Rc!UvY`)&2!!2o`(XM!8AP2ksHTYr!%51amlT6%HiYSCW#ba|&QHWA zsG?+XP!|y=(f_&mezno<-Az#xw&ly92-6E(XIvw$1|cG*c^!}SX#PQKkL@f6)$V@^ zB;ET92Oj@o9f-jTkAGsV6>We1_~L;KXXm1z;m}xveRI)>NWb6DEwaC2-SD1-j9mtD z!*+i&^uv3wr7NQI^CdYy+=57_E2V^RSSX4kfq#-Bub?;zRo-xrH`JA7l7zqAG97!r zqQ7iHJ&$7{G#HPNYcD(X6O&~oA5>On`G!w8$#UqJ(@Q`__#K7Lq-AYzYPC58jOOvl zqtVPflHD6DNRcD%9WEeeYX1-c^JHPxc~z^HuW+|7{xY1?rHEEUKAcHfN4JptO`X$- zOmh4Fe!mPy{Oh-N7E5a>Jr!p1W_lh70I$!~Sn9hMfns?VVF_{&i7!9fw>b5#hZd55 z8N|y2P<2k)_18^4P<0V6_W>7~?l3hDN&Cgm9gI!)$lI6_!Gq5o3%NBoU^uYLi^b{z zy3NF_zg|5N9PYyiUOirEXvd6NR|)dyU!X(v#_s6{%9}(dB-8#pe6}g?Zud!z+rV#o zyz#J8c`j%a^7pdMxKK^Sxa7WL{ZzQhO^}BA=|CX@N%$G}&$Qp|yrH4z&wwe^5bz-z z8Dw>1+b!UoSn-*&D7I)a3|>sP?svTnlDMHjArE?9AJIbFa`Q#+(}~yYK>|Uq-d+o2 zvb!lRI9HMY=pJ!}%SK0Ywt|maNMpuv@ z(E4;*E{kY=@Ua(96Fkq=Ja)Ey!yo9f%ll#1SyOwyy5@`gHYSgKdD1k1XEkLP*)PZz z#835jg4Zym;6aS4bbpopai75_wbFs+s(|Cksd!=-199fslDluYUhR6a&{r}NK|QzE z7+src81$c=!LT3)v3WePPPWm~%OeURCDI=Fr&Z8lq;k}<`#cYVhpP8>a&$O;5bw{g zv$wsuLO6smTizRL_JvH_TiyKnlN%u{^zDiHa zo|QqnaS5g^kF@LnowG02CTybcT?mavS(*2HMp=6f7D2Py?XujZTCjtRpE*B*IsPP_ z@i;hGm>iX-DOse*49MEvC8SW&*$TxB^(zwAm~hZBwZ3xSXb6$R(0ijfRcm2H@BIml zEg3y4rmjjWmakCmf%7OG_a-T3Cx4@8aZS!?Kkh1F)mr`%Ol0d(V~=q@N5>>pRU;dR z&2e3cbJMyL29+y78Givg#Qwh_Cv5pwRmL?-GnPK{EkV%WfA7WFde0+aZv$&f|lAAO?X^%(d7QpvmH;{a zz}>ZWTxmYh_B-<8erQ;YB@c(tTG0*=OmUMh?q3K7eApmQ?07yV81_D%gpB@j{MW!8 zOJDynx!*LDj4KBX|Dlp;78^mQd>e~;GL}5*P$1Mjw2e4;i{+}N^gT_O^OcVDv zYOEfxM24%^)n!oqM?K!{d~1=G8o|Xi1obvoEp`b(eusQD=kr%}TKpG?{d7p0gyqum zX_Hy-moW{l(cyT?o6AagMcqH}TmG zSUlL@#MqZqXC9Hggoj!9Y^AMTL;gwycSZhoEl79=w+1Y=`2C0+xCMgLc30KxyUsT*dh%$&2=u6E)S&=Q|MD&1YZ*TE%x@Zh}xsN+5_%1 zNZvW0*DC6w4HICi{CV&~wdJSOV~)D5=?sLN458stI|P>h+6etv-{R=NL#aEBmxWMr zG1Y<%(@NiOLd2qcA6o>Lvi+ZK)0Uzq@Ov$Xk`3weu=l`Rt6N#2Ze|D77~UdGW-K}P z{TKW%0Vpo2Xcd}+P0ZsvE5un68C9dnX6W_s+d?}Pm9cm_koNouG8`xgO+3NgJfts- zvqTp4;qt>-VXP(ZQL4)dp-f$Bf_bi5yN+D^4tkFS)#j9q9yL+B)j2jOqPU65+)*}| zMF&x_>sPp^8q(TMY!)ZPCqzt7GFotX`(#x+r01`vj|3XxBvoX2-;naFGXDOE;vsxO z^>HbljIC2Rn`$PU5!*#+tQR8LUdu7bW@}y=;beA+AJ*$-mUue*aNAjX1f2*@({W+a z6B%juJ=NbaMprJ)wR?ZDn-l8UA=U!96}IZyZ{`p$Pk!>w+CzNgP7mK@*C~Jd9`3ix zVY6IUDu2K(r%xl!DSyT=Yf%x*BqE76w18>G6^^F})omJx=_WqYEoq!C13TgWH())? ztexd1BRgCx*eo(Cz!W)54wVG>HSiP=>c8N~MnUoa%FSB$=eGV;hVOR{uHJk3!E3nsTfOPh_|D})h zS&@(}3`v&ubl<;17Q2Q9L9vV5bvMEFw^Mk_~?~^n^fAlSS&(~2*vUWG|cL3cbNW#Brkz<#2K%L^0EbK{1 z79JZp!RIyMj3kwXWryCrU$B+LB;=x=9_*0<20css7f3`;c}M8geWS)ZnW1Rav>`*X zvKBmshv*SrH*oT!7)i^EZND5Z?RG9lO>H4@IJFFv29H{xw)(g7XHdjTt}8>e=^&QKJu=dOEbxc zmq!hFH<8eZn8@od55Hn(sf({;wo~tWhsz$A+p5rVuupg`*PP~i)A?<7{7Zg$y?^po z{;3F`NhgBOxtF+!No9aoHeM@Us3UE6_xGS?)zqw9aE#G%@yNo@34c*^t%3jLm*6sA z%J~W(!kve&Wv@ zLDb!E?(E;{PG$UG`j;(dkLs+~+8)QFN9 z&tv203=XKDXIRG5Zn*-lUejG9xZA*DCtgT~a3_!ux=V8}l&iv)E(h4rg2 z@QT>H*xKLJ*9RNRnEHR7mp2uEHbD+!yx_YMLTr2`|3s*G#-exkw~89I zuKSsH-hX$r#R`RXk~$w7+y8%9S|$3JOn1rljya6~DE*D!Zv*$24k|T$-q_mv#UX(+CdYo3V=%#$SkOs^e(#9IgJR zxn{Z8KVfREa=-mj6V;4D8&Z^F1`yGu{R@iPEc`?~6_QpRqAv*>6da(8Gf77czwAm~ z7KvZ5n?UDF%jaTyC6dh4EEzvX+wK@&JS0ZY^U+g<(B-8pYe}|e6EpU3!j0{}6s9(| z*`0}2G|fRe`)Z0eUhmSGeiCqD$efpPMs5j77N3n5fw^eJqBi1SfKCp^pomPLo+8yg zUXP{`{Hs`{044aYKkD2PJV^)WTah;hv(*JB$2D5nk6PxE7cqv!2Xpn#WazfgJ-3oM zX|RHip=R^@MI1lA^hx1ov=nSj0Yiy8U6%oIA=h5=I+qt6Db>2CvCk~8dg)Gd#23VU zPSV=NHX?HiJ~3s24k)v$OHVeSCrHQR4$k0Nsr<#m-6LxOE67q_F#W6^tNud8bq>U! z+gv6sqj-<9)66Wu=Bskz8apGfI9}vg?V>!jtJe8)dZpQle*W42-ql}b-~BL)>2YY1 z6~mYRV5+x};Z|(u#Z#Emt5(uMAh=KIa4k#&REm}HEu$s%OqE7AA=Y=*c6Is=xafT` z!2RzFU@IG|_%hCx9carhi;iILMynu$-Ca_?He9av_QeFXuw1%si%F&$U?n0zRIe-z zlHC4oWoxs5v!fc;A}lXBH5p^&?X-|^T`KLew20<@(4}b!k%f>(7|wmEb<^w!AZHN+ zvhU;T<#qOSE-(w53oFWRS`nQg?;l5XC;QbgCdk@mfEKqzc8fSMp&K%qCrUxkoaDM* z36125Xfi7>afO6*x2I*i$}*TKX#3caz@R<7ZlIxG$FM1U-Rw|(7U*GsSxHO0*1Z7oGqyb{$rQQz2PXLiuqPSdXM_Em}-&GI!z)iw26`T2La=~w#o@`T6A zTe~N{N8!Z~4aMjfQznG4FTOYP zJp^Lu$Y_AUBiMj!&o3o1fbUbmS;2${UD${WJLI(;fcGt`#A z$#p<4l_&1zV#PMvGq4(hR~+T62)S5rwfzc}(!DzV4NqSFIlt8A#BbGaeR?zT9{VWt#fM70M+Zue`_%ALl3nZ*8s}LONvfo>Q%mAvj=}^cQJ^xuYMtTrUrL&1p(W<)^#qwwH8O%^SJ*clQeX+Zs*iyUmUsU zi@{AWn2U|-$$;+-cR!(Vi>amJrumuvG--<hh;fGlAFk zV0jUNS7M9iBy7oqWb<2;I%j@lD-OINlPfOn?_jxSJDQkX)amKH?4j4XNA-Pw<4GiY z|0caKZr;@qPzt3VLEm!n_}*hxPk4vfopJEWF=+g2Z!|GJuV^o0?hU#4G&SAL(Na5( z8bjB<*;OGwIP1$+&?2*U6UtP-^d7f&mXu7>#7Mz}mbK4VhhmdQ!!0E|B0O(St*MG} zLm+;UfOPlUCy^*!qGm=dfuQVXuj4<|@%Z(jww2R2DZeymRt|I)+`n+74z{-?7j<26 ziR2AZ*Dh+R=4d5SZas8axoA0MM&FbB9ty-`B}GNeev2*_`O3vyXxA;-5rWPfaLrF+ znpsv}dDN#P_LO!t9(k_j7QZ^a(Pw8M6QNlr(6nBM9Ey*ciXa?u_0aJ8dVJ_o1XW4BR?@K<-wy_nA&BsSQq_t&bs!h<8+ zu^bZil~=G^A2BIDNg1#5I6iQwip4LcU3bbRZ#S9fUBTK{3fbOe{e7HAAvi7AY!D7t zQWy^fY5kY+8NX2NC8cTyryf9CA~zwp(Nl_XnI}?3g!a?^wGb_KF;sfyMD4b^+-&QW zfcIel+VkdOhJ8@Q{Hw@!zrK}VQ&Guc@#>b^%nOyWRz+;5eFU<|Dfq&rJX=Za=I>kX zdLG)843OOykB5AM7R%;1kxz;TX01BJ{u0UheuZ^F*XJ+qwtVSwq~lw|=I*-|=#G_)x^x8r7 z+r4|T_tX^SbTuD6BE%Q}qZkvK9#di-82G7{0QP{S<28d@$CyAaUAKE(fbSE?C>SOh z8Rtrtx0#Sj0p`TPup3eKc{AYr%-S{}OpPiz(fM8E3XkLd`+FR|O{}`mJchQtr<$fM zS#aY~5o+;QhHE%MN^xwt+|7H5coH7JrwpNND@5#~zA-FGDBZkCd-+|ow(Cb3>>_#c zJXWlRvxTfN9*E(HAR2Ya1SI$fxNIh=q*QevQ1qH)5$SOYq9@Re6lG74@ zJ&-Y>b2qAe%>sLjQ_&yiyVTl@x-M`QNC({G{ zV^`C$TEo?!pQt+4`=^ z{LHXJn!bSyc2qa7CVvs)@HHhDIp}`w<=OG7@1=QlEXYj@(Ri(!f0)jcax^)@KO>ZW zGk>bn+{>0;$r>O|!q9DMKVcIZaXTaI#-`3XrK-;Dks~0E&J45zi2v784Q~69uRFgp za`42rFo+DjY5uQ6Ue}CrK`!?!qA%mjt@*rS(%p@F$jn2Wh(O1ft-@aDzZs4isiq&h zxu)qFu0D?B2~}(ytSaOt5Ph4^`*9Z{v; zeEZg4Tr&6J|8}qcjf8#fZq{VbKo4A;jrKVkA%2GmxFj6Q;EX{QR^lFSSe@ za%6{}Kxe!=vq&P2WfSAtJuPGsY8iI0nDYMWu;X(b)w$HycQi;uKC!#|XDs@>RA(0T z{tox~-T!bbDUGT5b!bceuUE&T-`k!aAcZFjXngnm+m4jMjBJKomBsyYc_YcFv-Ufy z!@1utIm_-#zD_iyj;c4pS0n37z?ltDoCh*pAKsAAe^%)|4}8{`NusLC{6iMs-3cOg zGJw-OE@~<|9FHXy<2YGsu+np1pWgc_gHa}Cf4nEJtY1Z*Y^ZX`#Eajb@AAle;OsMZ zSw%&-TlA*m#KL$EgVW2|=SXKdKP@xI?>$5D?<_Z}97-^H&u3n0N>T;Vb9t^^RL(x^ zPtKqJn$7{{bk{oDnYz`*a?{^_;~?()-45w(Igp~eVOWh6x+pd6F&~^U>LE!+6|5OZ zQq&P^ugTQZ-gYMqQowgWh`;d>K3Ztqx3$7EiQ| z3MW5nC{~2t4g{fCM$kB^(AAYl|7(y>-*!>b(D=x z3oxazmj>>NO_OTNEXSN75zC4XQeH6ePNKyQ?iaWp!I4W_I-65j{bZ9W?Vj*_N$H*# zyR@gJAZ*})7&g<*G^I;~jcij(r^gnso9rBKA%hsJ_?c}wV);Aw3{C9M`d7QmR9d?^ zIB~1_BKkK?N`dk8~+x14t%{m?m4HDroX?WBssA3+nXDO(_Z~F3`Qaq zR*Wn3qI}TW^=GF&o-~Oxy{Y*TIWnN`|J;^}crkUeTnd!JBLjaTq@HYR)6< zH#Pt9FHewB`||kG=g75!Sf|kD)2hcd?u0b}FYHsNrcnirc#<%uMO~=Ve`V6$w_MZF zT8p@eJH6}ik8za9d=&j^WTl;fz~&J*hrBSTH@woIuOD=*lw_0DsyQ34;bxiaVx4~^ zFPK-n0-ZSPb}OvpJc&4q&m@)Kinh%Kmh!FS+*hVO`as{dH-AmoR@9rncnT?GKTML9 zX=8rDFqwLo*)9T{OWt=Sl`A`c6s}gSE+N?Btwui_Y%tRctl^d#<-8B6MjNJr5vTX> zj0DV|Ff)kGjBde>F*A<{XO{`J-v;0_2~-PW7idCdc3dBNEfsarD5)CL38wqKj@FWN z&U%gB@z4;z`Jm63xaf36%f+`ciB>e4?Hyrvj5o2lz~fE{SNm(Qyn76wmQrssNq=)(5*TmVG@Si7b62&NV;9=`yQyELErz&F zoK;&%LQgxc%Emb52bQ$DrEqW1V}@cYBw{Qb)?$PtJ(TYXACzCy)Rs7Z+fCTfBkv29 z!oPTnuiggWx@s9(P1Ua#mCh}F>^k~DYn*A4%d=2gl2Zf~R?j~hS4b-Fg~aGDM-#X0 zatO?KhY}%u*xMCgB9DgUx{`zo$E3?EbxcR^vzAJ35dg<~x$mB(N-GpI`Z70U!mve= zsCWb8)q3e@f-FtvE!@Puy}0Khaq}@}WGgzGlvGLlYUSIA-PZ+!hSIuAe z%gSVS^isZHkmM9GPovaC8%h;$)T_lV+FKtfWV;P~yI*4)NZct=z1&WD|q~Y z*H+btRSV&NCOGvB-rDKqq)p*F|R2Yz0-yFmYF$@v4UIl8US)BWdUJN0%} z*t@)nP*;=^PCI5syX+~$OR)kT1bJ{yPhw&l;(J)aJzB>&7OqL+M_(RDIln&b*_Mc^ z?=gRLF6kxylIy`DjfnI>UNM34X}GWud9bIX=SDE2@73Y<{*RKbVT87JxzDfB! zzeYWsF5pU98*R2TxjR>EC3Y$`Qjyv)Gc~#s5Jx1>$lNe;GB8Lwr0`PcDCRL90DylN zUo5~is<+B8$y)yBp<_#rt!H9oRSBne^KJgH>0Y2c`h<`r@OJ=XtaK7cc+GtEqt*6piakf*b>3Auy@mxxg|Dqj<4s zhW9s+5@ht=bez$aI;%ZZSaUSlRUBdZ(61pPrjF&rTM-yMhI^PIw&+#y2syz^#i#&3 zN|hrDI6LfR&l|sDll?!@N^<(y#8+o5m6N_Z_(s{1F&scsHmMvp$uR?1`~XKKUxV(e zjqT#k>A@A&ZB7(cOwqLg$RiLq*wFjy>+k6I| zb<;R?N;BC$mZasr%#2m;{n%_D-_uq(`@kr3^LN;_nZ&4q4%IeI=ykL(>OJ}D4m9$G zZr2hIUjLEysmb9DtW|7sot5v2FNGZQwRX3xE(kKrl)@Q0|e z>*p~v9`6Fa=F2=?c2TJ01e|{0?9`|#TErA9s&xFgxdxC_yj7+EPV0@(!g}epPl+2f z{(MBRK)oV%S&vN=;!90@<%7>7`V{SRGUr#EYTTI(rsFlKc#oN3SrLC0cG`CS=+Z{^ ze?0c27u2Gt`z1X(05)*0D(x-#Vz4c5##WWZ(4~h(S__()m66Px3o_gkN|(lb=o_d9 zUsg3YK)&$jhE0pPNw10v#apGB&dyY8`O!xTM{b9owzTv=oVy_a<}uChBvULsxIhe& zlQ~6)k;vI)^ImY%3ni1a?3h`d)6COI|M}C%z_c293KBwX9aXa~nc#y@G6aR;OSxTD zQ-H%ZX6{&@9;hx;Rve#pSd0(_;H&`fs;zM?1Y&cXM9w^l-!jxw$ol8rp|Wm+Yz(;* z_$LU}4&ZWK$*{$I28r}5c1e)=>4gZqNb~I!RrYxd+ZNtu_3y7O6lkEXPmfY)4(P_j z8<^Qdg-fyxuIoByEJMMCK-WDVsX7h>0I_2 zk(kF-yl#rk7w@}SR17KFz)dlQyeo#`4#h5%wJM9A=6# z0uX{D9T~KlfM)+LIxiRD*_E%$ONb4Y6zF3{WjNDQqU{P(^x#|OKfRFk&trdAx<JfKW?Zt{< zR};xxc}O51Rv9P_{ys5d4&1-=y!&=4yS0kOaE)YYoQJozG4Fty$5}Enuk*|?_f10$ zr(Dd&fIZqqOK)$ep3bIUa=lSm`O8>BL;tRqJB9N6)4Z_1!O85#=V1*=(e3tY$I*_Y zJKVhISIEk$$sdi)|12~iHCo@mbVytT^_%^IhRYi7;=58evmPIP2v*xt1x|OnCEjEK zw^6P;VdDBVXM)E{R|aTC=aS=-C~Q;NymH3S=BejX?gO=D*Fmj@xQC~T$p0+ABHfQa z54E}9yG*2EW5? zHp=Y{9%S3IgVch`A*;0k`WBAxpC@?Jt)O<3j6SwShtXH?j?X8(5_rwp*C&!P zf{0oO0w(R^Qr!l|^pcwN+$+%VvW0HKC3oBjwFBq7A{1*(UC<>^_q^An(QIhgtCa0qh z#pLHyJM5%-!r}Z{nL&Bp1+-O=cn#_{$m=4|t=qNVi=`U+P4U|CM`W4+G)Q@RepX)n-1 z)4yx&KY`m_9TQhcEg>B>C!*#WYHdUZ_?3&V8{Pvqj=>5{koLMnGw*G0h{fX+$@z}A zYKxci%7-jo==&*!zGYE3&D85r6+~Xbj`-@PXY^Sg2dtW=v~dHmAqErw{dK5go7bVC zrI;afOt)t|RotVWDyUTyyJBN-y~JrIGODsQ#kRiR7Oy>L(4Z@7&6QGQ_3ItED26-f zED~+iXnM+Rif{oOH-#|<XfgR0f0S{_oqrbrG2`q=Wgze-NB1MD_?Up zz5+6?tC-?Ubjav$txVRS!7sFoEX;lL!2JQR*5+=q+fvBGQsz-A{FA^B|L{p1dUoul3w=8Aj_%9E&rjWB8Q`k^Ty61|hJw zc?0ri$}C|4iR=-jwknJVI<4vVBPbbq*BHYq8~jpdjcZN7M>T{kVRUrnS7Z;?<-6*I z=VFjcdLgUT<1A+4pW;}+^ou$3r=%y|#g9!lu=<%2PCGS%S5a5JaL2k+Gq*UyaEnwI z8uXEhX*JS30?o~b3UQ7XK^)eX>NcOC^Hfi&^+Xm!Ny+oo>PMT)&nJ{*V`F|UDErVg-?qH!(DNiBnoO~GM+&8e7k*{a{ps)$Z2m7yR=CU zU|Nktvl`ELEt`i&jqHw%J~c(@vg52QLcs*P@H~oW@#qB=hy0X~uV3475oQy%j=`3n0L1rf4HPv)YRgIFTFH}>i+AR?}|Mz3; zO>aJ_nNQG6uqG{%roMvTD*z-E-``tTmbO_l54;3f)FTh(Jcs?p{6NC#@#+9L{(gFwl{u zpLHc<^nN^E`2Nqx`d))RMUQTz`&#(1pkGNO1E@9(?RtIv@Qu|3c(vv0?WS?96tec# z&Ot7*Jn~@}yzFXt!h(?v9~~GT)I+3X|CLdcb7AS!)c1!9KUOhLpZ^H>(!=J3cWR)U zGk40r{HNfLt-?GiTDiH>87MjVOi~xlNoh4KO1<8heT&K9D6Iqmr=`1l_|HCPdw+Z8 zgbMSUqDHaqH?*@|_G}FLZzJuCPO7>u-<+4hWy_YeWp1j$6PH{MCgFZ7#VPnR$A_aA zkRF|em&~FAasuC95?zSOaD*P}9^UZ7GzgZOoba%2NpQ%%?f#^JYEJhVNW%|zu@Gm_B6?dFO$*(NhG-U-{#?$9Ca)!u{K-a&J#dLfNpnzHum z$3pH+f?jXF@z`8aNR3@6W5w}2ZYG0|{tVDNSWBC?(KAXz^O43(A77jMiOMm_SPyYA z8;gTXYM;4;N(~N`24t<$Qz>}7kDsf6awTOu?1YHUJVP2;VOH70{c`Hat3Of3Lk0JB zc!eq$u0GiNPALRSRzqIh2Ox7o+=qjMf2-#Wt*YjEDgRoha`vJ?ZpbbSa4%o`6989AI~eJvit%5p8n0~NWLrp(%fx! zJFf5ch?Nw)Ezo)qNr?wfERd2RLR7F-U%jpUVK}pZNZ*>04(8wsNJ-v->Ry?hjCa){ zPBMEDf(w{oWNY;Wu|8AhEW$j@|1oUUbVSeHQu=DRRueh?_M7D9Z+E?Qy*i;CB}VX- z?<)im54tyG|5YUa`lzxpeI3Jg6rox2Ikyq!)v%(s)A6fp3fMFgMAEHpCfGBH!(TrE zx&e{Y)eMJD{;73RfQcJAh{X>-9a1=+CQ>`pwAsX#UR&=b-CP<$J;H=h#^VVvu@gn2 zwkY{8op14gxyEdv{96T68^7C$DW1ME11uH$kDGBcMP59l7sNLiV<#xOqMluW;A`fc z+!kE_Y#tY_f0yTZ*wkCxUoct2Jz7z={({fbD=Ss?(6jsO9Q|U+ZPOPIS(dhHC}t{H zJ9J~0#@nKk{vQsTuEtq{v}=zXx3jvTP;%%}!$=2S;oSA`eE}9`_^)vi~&`EeWH4)ek6xeURR1cY0E!pEMK}qiCgAtM2ghE6PFJxmOqQ$`{^PU zaJHuUlL**@_nZ#SKk-?Zu%xS+0ZBYFTI&2x+&WAzf%T5Y%at8Z#$7d2Zp13iSJ{DKnZ8>NLT#(mmO~vRmJJsmOux<|U4E`7;DzZ+D1*Z0`_zKcr_A+PI<-XnrH)5bZ{N>2b}kc`mHz zgTud~3Qgf<1(WAV2d29pfY5xZf4q0;=YYx3-pZ|{j(wc*2BCaU9ARQ5+R$$E z(5uQ6`%t$`C}KMD4JuZfX4_h2Ml#_Fv%^lfSe~YcH0T-k)c4g8tP( z0SaBOQ2yY8wboUdRj#sk5wfL(=ad8CqjGi!bdZbo;^ul++ZLHBf%#hko<8Rz#2ic>sf+HmCuSC zC)&&N;}SfHToyDPhk5`>a3X#@byYm0O1^6$n1ut1Es7*+yopbfpAR_>JcM_2Z_i@i zPIamgPP}f-Vrc=nEVWL=@zY5f1`PNPE>*$!hNNV!uTKI~0A(-kUuA^cVN-5$$r+v) zeK|pK!%doR5xW2;Kg?%ALO;ajvsnC2v1VvaPwUof=H_WstGnqYWdOKLr|hDhordb* z&gAd?ey|e-?9#9*k9u7rH_~?c!tt4>rtXuV!58?CjUNun-QTia`0xrM+*v;+_@G?-tmfpZ1c+?Rb z7Opn-IZ`&Vz4~GOggnEc%7n?JC8GIIl0wek9^D$RoqTT4(cko|_IYTdWL`w1=E2gV zRo~n9H_cAjc;UA*6O7EKFU2riW5w`RZ}hdx5O9oA!Hc^I;n-VKmPJb^K_HE-4T*%7 zSL|+4Ot}%{neCR4Jlk5QwQZVEG-i!-Ua1Ff?~xe($)ldEDm+!s9UFRFB@=6l+@C_1V5A=$LHzM*zmBd;g|8GBv zw1$e3ye0oZ9~&_ZKH7}h6P<8`eIggxL;!fAfuTw zD<=@Z)l1=@R7W=#iw?luXaK!hw&tIrBqh2yxY^a!kC9r1o%wuiWQ^&+dWGG#w}DE= z@8U;Dsb$D#x<*yo*&OA+sa~{{iQ93MXe!=_*$LsRPH+qdO7yL@hCsi&zEc9nnEk9w zP8k@yf87)=tL?fcoX)`+9ux@O_*VqGc?k<`AzuhPv~{8-QS}{W$TkduE(VdzZaZ8B z@Q>$Je6$(jYBC51cgak$Z>^6Ux?v~7trl}48#6vQ;s6TD~k={2GPp6mb$wY~heMcg(sdh5Rs^3u1^GGS(r*wA1 znwE~>4~E5;zgP|raLsEYZt~CD)(GD*L82ef@6(5>Hbn}zeo8!~X5mL8Wo|1jL$opX z$*w8}uA+xtQc6wb!oqYi*mz~FFAdGil)nn7LWZ-L#3?VUT|P+jo!P;l9u5Jv)Yg%P zVR*vTfCjSiMk{qX_`#V3D5#BJ3&F8+(EIV>i$SK_?pt}2dSRFClgt}4plEIA<@>TH z$z?nb9MTv)*AqE9tzEjWBpIC0>EW2UiNUZ<7Z$*NqdUp@e@OoV&FX}^M&15fsI)u7Sd4PbKDGfiO7 z^7a{t`&W_Hq*Tma)sT_1JnU>Fhd^@WG+ugKy4u%1`qeT6!^`hK({SaP0IltK5$b%F zc~>ze1HP*`hp=1em5@GMVH#QQ3QMHKn~bX1#Ux!w39r}C`xIF@AI)KzyOw zj}czUJ5s`G&Ti!uY1bDv57w3ZqlYRtY*}p$RlP!tuK|Kgj||^Krou=%lz)-+uXXli zSzNWVzm`u66(2qq@5&!7jdl6DI>IMn;IiWU_14vg3=rVC-#@-Hvs07zdcsWj;2D!= zF5YG%yMInL>s!b*Vsb z21CX#a)?{8+1Ed-q)LMKWv&>`AD%wMm5EIxj(!T;_HrgPD=Rf+w@kswYlET>lJ@uh z@Pk7d!(-2h!>w}m_fJA`$0BtxHGvWRUNtMQJNRyA{r-z#x;ArZxf~Ke-dWFA-|wjg z8T(E`AFJaNuth=+)!`l@<&X-#d$j;PTEib4dbJ|&9N0~~A1RG3h@N#&i(0nT zNARQMBfJI7jK_f^O6mW*=sqeFG}l!mT+R6S5>G@l}3!03WcR2cngviO$s9Rz**bF3ZUM0)l>w=cToxo9`G_r>1Yxjvjhthcb;*=#F2Z2N5yvk zE%1K&8$N)+;FKzAC~2DG;?BpAiG8GySRy*G%2o?886&e(HX=#R%K4$>%`3sHe6pkJ z@z`y$apZ)g_7v5=&Kcgqw6mOnUt9^|XuIn>~uKRBi< zzET~LP_MIUqOm+{Np@^924CqmivE)%W618SV`0f~ieo9O;}68H4%_n4RMSScQ zEgJ*`N8V(STVwR&*uG7Yd@<2+IsET{m=&hBt-!@mmf0jFsS$_SQ8cZk9+~*7(MQ?+ zQ_2Z!wLNM0CYxQn;IKyPlf{O3owQAtP{CW>3Th6?>c#!WR&UE{h&5eStLKo?_0!q@ z!nd<+#g_~5sdm6amAY)8@JQ8DC)^6ev(%^&09!q ztUVB&uwh)Y_HholFzMG+RWU{WDwSTDT}4J3R|a0VV*a!9wRnxqJDe&ZM~#p(xdt5n zidC6$d*ba`c>IVJe$0A6Kg-X!znKe_RH2G=Ic>SBhCTFj=<(^Tb(Hzt^p{PM+3bFq zjCy&~Y&|X}QZoGc4G%9_&y0b}M^K!6(wv2MLu7jQjBl0kwl$>iS@2D=7bqzn#4PMl zB+&hsqEG!pPndGjEc#aB zhea7H1*5#fb#Pu$20}pB;Mf*VoO!DlRvi!XpCwRLV)~XhbwEyKO%IM!Ee8VXI10BY*$){d!a* z+4|V%nJ4MP!~^ZRyVHM>D_?{|q7J8FLPCuDyThK9T|vP5@MF{7UTnoQ;gid&;b^z> zTR+w%U;8Wzx&?kn?;2hkSJ;R813LrPlqGjJ9$SMrkNLr&sCt|<{@s@pB%Gf1piyFR zq%EN#q)KH&EN6dE#Z@ew`e&`|?xa||OHtPv(RInZFNCnMS4HAHyR1kGTD!9N0BJ=k z{od>F;o(lZw$`U7fTCN>Wlq}+DZ!>Py>$w|MYpJSjp6)Gzwb;GdKjiN0@M8B`N(Pb zRRobeThH>o(1DteI&V+B^0W;8L}3?OXPwJ8`ss@SgVa4QtUFTu(ugix45FwG5o5@Ld% zTN)})j9U{?yi}-GNwO)vrJwnAmsG#u^I3LXCy4u_L*`supzA?Lg;w^gZCEV_)wfd| zt9xVoNGm6hX{xtzfJ6=GhtrcLm&Pou;B;YHJM`bsK>XA)YeQYvVDTqgLW4Y z@hEpks@7j#N>C{f#%@=)vEQm~CDQ#JAX9R9I${<2HJgquZ;F3>kbjZ;mVX9y_p7bb z!p!P^Q4aoB zv!VYG^JSNTQM$AtY|VxDo9;@s9rJN%w=$N~$=g!(p|YWlr}zM_^5qpaG0;H$0_bpo zLn8F-_;cBFO%z3j%{Mp_PB;VyH|(C)1fk2n9WifZ$<1~Xm0{j2VK^J0n$I#rmpP}W z!2bf7=*`3WU`2J)s}~XOdATqrD$@iIP^#CF$1-eKyFvaUk*>C?zeuU1q znVj%WD<;WVKS)q_gp6P)EM52q*!7rKnp zkSOVL;;QkArJnEr>3-_JwB7{X1P5*eAJv^p@ndZC&v1W--WE{#amZxsTk6D;DZT8Y zs54scBUxeeU$%G}k?XZd1JM?Fc_{2RgLF7=x@61M(+`(NREs<>MKzo;Zx zR3Wp_5~%M+bOP6?^nX^0%D0-vBGoX@D|zJB#VBjJ+CP*KTfh^BBod{5{LXjSEQx!- z`5eI2sF?|d)qRh^^u+O_>4>&5vVi^Wesls5$0K^Hg? z3w8ClBR!^>mw~FzPqKTfP#?}pvbI70|HEE|-?MdpeJ&U#^86&5IQf#OLFbpS zW~S7$@LG^@HT+j(g+v^9_te_u6pwBnzPjjcax;rE?1A$++3SxC(WY<-&M-&5*`@2U zYOJ{BzZ_{Pz2$GyB9=iS#j4FXc701Hs6BBP@d6EafDI*;G6yg) ze2t*~uJf3%wo;Z@djw%WR>>N5NOYBt=_mjzO4cSy-5)DK0(XTXW_9za`6j*y@7VRK z;ybofROBB91Fyl_WQ!@3O~0sRR5gxlxgDC(2tq!#o1-prKAf2z+!VflL_xVC+xZ<8 zLj9Efu;s$cCxjC%Pj;Nap_RJx4T|DxlI^0ouHDw*89pEVU;M#EpseBc94}!|1*U7Q-jet{%(v$Ncp=HcyADXX3bSJSt~yPyR#72@Ha#xd_<6R2 zVc1=kpfKY$_wPp@1vLcoJ9Xf!KuQwoz37OV-*2y;{Sq#%vIrxSISSXIPTgVlLf>8; z){OyDdzWlq$y%$vkJ`(;#rc@GVFn!h##)OyC(V`!<&mPkw??G-Qr2B}I6aCMHpL7D zk&1IHo`~h9_#M_0M??Kv?aQp~jq~b}?d<=OTFtE5H;jOXj0Xugt)jo^Od)J#xy{x_ zx-~&_tH7y|#M`Q>w0z4&-n|jztK!Zcr&*ot9GPc-c{9Le{9GyS8609$aVhjs=kMJQ zl!nG9^Dx(5*BJD_?ms_t73`)25){-;$RVQoorWYvCVg$GCwJJ<=>GFB-J&5BZF%xx z?Jn3k!HSo@;N# zdqn@{p0e*+BKwMUDBz2a9{teKZ}%yytfm(0)8}5(G_@|of?Mlt9cJ&U#jd=dPAU)G zzA6NN2(PB#fOHSws`ym)5&ebLJDkRx#Pn-Yl54`ax9`Hr^zo0SZqbz`G4>hJH)Q>8^;>rcUAA(LE+X(8^L6tWq zx)_wwvTK0oYtJfvZ6?jfm;Lg8#NgY{(^m$5mupMsHG4EzW5EllEnR_c+;9CQ{3k`h z0DbViEk?rK-wK$I{kSb^U=k7SrxhOW+WR3v)Pk6yjxR3#isAWH1pGTlzyN((v95&M zMhPNTRXiJr&0tHGjMEe!_lHBjm+8x(dtF83O{#RW(A2dC@6FM~*0}*loH2N%BR zap5cX^yF+ynX;MOS{5tmsS|>i;w`*RjYy=Y^L@!8_XP?skNUPW|NJGJ>VNMss7D-v zG^`_X&QMbBX8U(b9Kr|^X|w+x@f>b0<>oW_9(9~;ldT;+{R@o@h9e)}QFO5(Dg6I$ z4kT(x@X_Bx&;4v#fBNqv)^uQ0U>(QU2yB8A#-)X>WLt^}EfOfwFy=4XuML_1aAHD2ruE-S{TrXG-WzQlY>r)XN+qPp_5{rHZzF z{ZfLl1yfKVb+P9jDYJ#LuyKjmKfGZK__tg_@9jF*n88wD^DuGzS;*+5fW&$CizNkS zaz8Y%N2|ZzelXz06DEY=HRw*3eNR{O`d;Y%yO32{{c47~*@rYPISBXM+~+{7TM-PS zY{6scGRU5~GpYMAf7J+leE+TxVX1~5wuB&MT07+{v(t8Hp3>cZeWXUFWp{Ky7DN3E zqv}ipc*^t))LWkq{7K@(R)}{!k298EHZWXjkY+ocixrO0*a!K(3-D7z!&Y?i|4-7H zL>cgvG_@&Va6}~N{2BQ77mxgD;6HTYUm-=?m%jB0PyGCatAJbsGWbaDiOl1{<;*lv z?bDELQ;$+OT^lm7ccRRo!p)EV{;yf1_=*Qq0Km|{D08RmcRshSbR5sIQBm#Y$0`T?geA7=TSD6 zSzjtguRe{=r4t`5gJ}QAFtcW@@VABA=Ts0yH%5DQ*eIo9rSvCHjpzxiM6_WOCqpZNU?7XN`EQ=hDeDdQDGAFtaI-Fsa z!wctMCLpR{xs=1xmgAEQ!z&E?aMQn9X&}-^rseSlF=_lNod6F?4~e$wci8?NMdiPg zsQyfP1s`ag7_36%gkFV9D$KxLubRp<&OglE!pZ`fv`=+M17`C`6txpeu)kTl zt)!o&-k;)-WMew1`3XkW^37Inn=Bz4cYV^}h-}={g}zYA%)+JC|3C-UrMf0a^3CxR z03gOMdy#aPvq#bR7#}jZb4g<{v^j@ME=!Jeo-@04T8Cec3Q*5RyN|i&dgvG?^UZuU z2EuLnbTs<)_5=zuZ@Ca*HgMP3PJS;C27Jcw9X3@#W_%R%Xt2Ig?BXS~Re&twwoHU} zXPEu--}?hJ44z=7><^YdP|sram`6rhBLuob2nhPf%qc0gEZ-={e1~Ty^}jL1`)lc0 zO)R;N4(+-UXEb5Iq+KoM@5TO8|4h^9pk6I0MHTwGXy7;y+FehCb?rE?lu#k=;I~OB z4LZ(d5qXzapZMST-NuQ6&g-aUNd3|Ur9PU(8t1;5>YmtA=j?4cS zY1)R+zvhX2F+Pc!UqsT3Ni7{g5_+RSXSmF0PY8bj*9&t~e5yrd$J|f!KsaH_VqW%d z%NHkJr{BW6P9}*V`6+IQkSa;vnjpAUcg|1eTH-91LdHyDd>O&^SiACG0NC~MmS?vf zIEJQInF%PuUnmz7DD27XelLVvMogWBA3x$9i!!xcytWy_lj&jKW3%_~vR1puWt!b? zUcf}@h&&O#=63JosNbTJpTjthFSHbnK`*B(JmyX1{tw(?WGyeK@r-m5^%%i{$^$`3 z%;x>KWeB1&pCxY(oY2<@g=4nR*-K<=+CYlzsnT5Q8J}M3$rkp{gVe7~ZPItwC+^Mx zn&K%C&#CIb{2_5NDK`Myjxr-1#3IGDLm3Q3I5}3wvxKh>mvN)Mku4VZx)J!J=?u4s z_;~VVwsbOm0lNwA* zTcv9c!0fgE;j~NT47lc|L|uya1SLa?vb~(|?JhO>YY4^1;chpbLoh*^2w*QobinCy zv*3b{uEV5kzyE%VKR13iXIYzlQ3tKTOv(6PlaFr6%nc37^6S<;t!v|6y;6Wu@ zAD!Spkci|VVWzA?Je-B&wqwGiI};|q=$y-EHRtLsMI&Qr>BcTfH@#YUWUV3^E@;%5s z6wfrX%XP;8uEU<1_lEOZss0&0&rVe&6YiBwzQ`Wq-{5}M7(>_xoUXaRaQ@?`3^3p0 zzEX1{&=%o;6)Dp3fRq<7MIvJIQ-jua1FD;l)fFyp$1oKvf1?}5&3lb$Os|xbCxB)3 zL3yQ(#@&MzxS=~$mu*0cQv$^lvZfB4QCnkUd<))}A&`;Qx9ux)MbaS7%ho)^@&W(K zvMplM4N6WU83SD}*jBcYDe3&&payf=VdYy5nS8jZ{Mvs8(}L{&l9zkKNar({NW3OZ-BuX+)*|PUBjzd<$IcD}s5wiE*dsD_CdygFJ7{~Y>@6Yf1@DDiW z!F^x%^}4R-iwS(1SCLfIdD6OinR|h!fcU}E{oGwq(sL^`uG$2Q`_#-=Kedyoh&ESp zgn31H+U(DcAATt`f8&PHtI+wn`-LXSd9Y$owr4GQg;3OCjX4)32)XWCxl6<#dK(vs76 zErd%_(nzIrE_i?6mEjU%cK%&!F-JH);jB77Wp%fpIWi67(B2HlsH%K;-tPV)vIaiI zYVl8L^0)2XIw7<*_b%R;ldBRz>}A|YgyoC1Bc!VD$htDu$=(w-f<>aR@R8Zj81BT` z*I4pYII)pHkkuY0n$^60FeLpLH7Jwf!4E{-RwtfRIghBd97CB6FuZ29&68NCWfk6V z{q)H^JQp}MD?%!d!INrj%ovv2oIre-z3e>GmuApQ@a@#kz`L! z%ub8dm*u`d{h3TJJfhn$bs>=SOvj4e<(TZUBjJ09OVn_QZ(+^>Fqb?4;&OA8OS0C(G+qGNZj_5U(C#b<(z`-@SE_ozT) z&zI<**3~@foTI;OEN-Dl`?F~8LyET^pn}30_mgy2;Y?3HXKc6S`#r*=y7#euNJQy=aGr_7?^W zu|G~ncX$39LEzoH>zfJb+3>z8`}2c#5I~pN6OdC-4+C*W9kSFSf)Z;Kr9W-?WQ|dC zM}2&Xu8DQJ)y>kQk~%0(L16M*J!70KqFn2Cmir)aj6~L}j_#`5hfSvk2iriN*9W}! z!A)#~J) z`%(1C-I*>4bdDqKO<(Zlr~Y%x@8ix&4@Rl_h{Mk}v(s*wq9ZOjOd*fV0S6#n@YQ3z zwmeEBizZ=w`FWdGBA8r8qyc3Hz8{w63RX*5G})1fdI=BP%CG$KEim_6WZ7EP=yC{c zPe?L#BM@;EU>5P5&|hedk07Y3QP))M0Z0GV8oS@dufl6LSnI|(CxLK7`|4(F|M5MU z6d%9cAag>O_$&us?r25DbRpAONG~J02LorHIyqy^5SIoupVqu!$<#<18DEPdjWQ<_ zYVlloH4-++^QvU?CU$W-2}N8^=xcrtgxp&uW@lN6ea2<;N#^M7W-Ml;`#~r~m?`|p z_>{g%RrfxPCy2nT$*0%Y^gnHYzhvod{AP{BACK&hIPKCBFJ9h)`aW3BiXu$2w@{IC zuJ_;Q^Wdx=>n7T+{mK;DcOvQ652$z}#2)*w&?S>zysMnT;1KGDcs#oHOvflZ94J%#uDzOwFT zm1VHMPtRI0roCIfXk|9oOIYN18o0(3(5J**$9ECHoO(CX{qKo6-1~`vLcELEgo2) z^oX`rc&r{7ih4{BTsV6kNkO*Ks(PQ|sUqmW|8A_($jgdK_YirsCMaDMEcX#|$MC|6 zHI4Uc2`Z60cUmT5_#ryptAY}K&q?FadEn(aPwJBHDz56nh_dgN3b0&rW^4Fh4O>Ys zSDe(BQ|luB164W(!Jn;wPODi{)@=FEvgJG8SRp=Kl-K9CZfvrIuZbt*sr8L+>V%=> z7$;Ur&?{ewvn+;gek0bsUG@Oo2!#d*Gu&PKU5NcXf^`Na5L2f>{PDl(bqABFO(n@N zB8au!Tzmj4WZLfH?~#&rMo=&J$jPo zpDsQJ%N|u@Tvg0s8BlQn!UEqjFlZvNN)7%Z%F~GrNC_W&>oB*6{>`3EE9|GCV{N z>?X3RTdWuW9lWp#kSx!=*&WL0Whr|XBES4FVv7xci#iWSY;iwFI1f?N2YF~7flGd1 zadrz?TCQ9s37-ECFHRHn!keFHro97&d*>0MO`FAcSnTdfk?}xAf*+;Iv|6p*lG=Jq zc~Ie+;8OqVf3JP^fEikhE5E5{V~*-{BV6jnP#jMRcj&znP{UN{U9&@}*KG8aDFCK< zVha-&snKLz_AU<-GpkEmcLy41(U(Z(menS(Z%jhes7h*cxe{VYN0f+=-ve@KT9S4$ zH9w3asm>k#wRV5MWj01MeH#11zpI0!t|W|*MrubVr($8TlcwtdM){q!#A0i|3NvoV zvuWI-XcIJw6WSz}jenXBr@y2Sr|P9I>vNBiT$#W~VdcF8$Swdazg-SSeC}Z@Sy^Tcvy{2*IZrw;C>}!C*R6ptY_^@1~T;rl; z@}QLb`tuLvnp}agq!)d+fj+UoU#O9o4vx_PcJmTs{&)~cFKsMfD`1!qzM{jvJkq*- z9-*~a+6t*#@>K{mvBnTJramQ5{YJiEBB|L3{B zQEjR86nhPl4ZXPlB?p#RK(NgI&d{oe`J9a7%)n4_(AGpRyCJMYRkE~E%Yj`rU0Jf_ zv#0N-)0T{W6EKA}@VVtmD7Z^kk~a6n*>_sNFDKe!nIdTjU+n|wWmjn3PjL0FMv8?V z+)Fs3f=4pvYOAk=!G3Zh(8|GYlhB|K<^IG4KIirR)3i>)iUw|;Ic z!R(5cREMMt{zyoyyc3C35A^6WO+=jAjY-P3bg`*r;36Wg@%WA9a7XyIVPVYCDZZD7 zF7oWsl!9sJ>w;PXmyd{|xZ-%9o{3PyCq28rW#HEvH%6F&NSYrUF}Hitu{t(idbGP< zU;TkzzHY~_w<7Y>j*8k?;CmlN*?dRoQ_%NeJQ#X+4JZ^eT&XaVj9Ena1x!M^tlNo# zK+-P~6Bh`E;ra7VEs6tshLn9e%oy*Z3)xTYDOYF2?L1Z;cc>CZvvxoGu@vAj8q;^3 zF`cJ<^fqM!_=ZUFP7lCX8EDgmj-L}k3ti;Y#WS8|%hG~(tDJyI_(I5TMP8u!q!2NAkS(9m~JJA$*!;xs;zq zPDWXJWi>0AS~T}A3_)6ff_nSzA7~^%hu_BzlBQFOU+~CE5VZC`YrekRtEQ*EAiNFT z&BV8I(RV?!Kk^_mW7@$}W?5_&U8QyavnD}NG$rym;WG647z#c`_u==(%v^A)@GyN2 zrQmS7@E!pB?T6n3SW7ZIr3+=^OsP=}weRuBZf7c;fS|EiVQv`3(A15Drgp(?;6*9J=4_HMw+TieZgvLV)ds`zVCys{13GZn`}*_vhg&HjekV6eawdw2o;rBgPo0H+aFdU1fO|;^ z@rF4O=j*}%ZL`Mz)3DY+w@HNwCH~&9uPaOtERW0syCbhXQt0A)*TJs2apLF@b22x( z9j`m<9b|620GA$PSMH9GhZYf927RC5GYXeK*yzd6xts6EpGpk@@Y}t<4n)&Prmj7a z>j+sPp`fATqa*XI!Qlz2DpYa}k(%Q)cq(8SQ z-S9%*3%|-$T`=NqxdiQbojdPJ={MIy@f?r)|9uKeDa&8(o?Fcrb$ODm&}SQ$n8daj zoBw&7G;9GMBR>LXA5n!}$cR?+bTei^efQ5+hrh|eu!=MO^4_OE?a^>P;;NE2y6Rs_ z_AS#a%ZDG5#@^?VSO{>iW1B3d%B{Jt{XJ4*=JZ~;pR^V<)h)tc9~H~g@cu~tYFQp_ zL+$&0fg5VG7)KgLy|Ms?tt#0H6Eo}i#Rn%O$6z>^KV94_;9MJ)tGRFoo<-+9s%Snv z2+tv_?WnvjPs+Y|oYj7FSsaEb7?BwPhPvzjsoz}uH*+9c|6t#gvdzGBZ}HXcwVrLV zF-X$`-I=&}+>$l{OJMC)e**j#O0eMag?R2TZ^ySeK~KT1G5w3Bpy&x~qLEil+k@e% zJ8V_uGRLUM`EMC#;Ewhxry7dK_bad?5#FY_uj#*;vw`h=*c{ggkJol(sk7o9OWke} zi>osX&$NFOv}K8)!Nn4ge!Ju|Z&GMr<}m!A?GS8)H=rvBQs7RQ)7KO$YLw>XLpk^Y z@`%s#4+B>Ak$29pA{p2(!|;6t^9PiMrnJTEtK>f{j53(BHOGjX)i!SBr4C?h1u=A# z{1-f6-vkQy#?OX^_~Nr$VSMV}^qa7Koy&}%YUi`XEX}27hD{es2WhMW%vcHWk$1h&8ahS1ODBp3oByW)w&wJ*R{Z~nU5xk!mOi%ewNKO#2og6%qNucD^>9K3q^&$_urm@2ThW(VF%aXWewiUNxY)&f znM(Jbeoz1Y$go7&^xJXELuz(O^gsxkoJmujZze=_W(0^Eh0H{>Yll_z-Q&|sxHv#F z_Ble|jxKYPH0SvStHOCaPWxy|TR^L0RoYb1ifu%G)`dL5umFK5T}~d&1(B-}9ks*< zx;-{`{Ek=g^42nzEbUMsaOJ9AEdHwwGB{?g5y-d!G;edCOt zIC;*ykACy7N@%jk-QyQ}oVq zZqhAsHG8gm$r?V+bTzx=Hh;MphQ#@ixLx0fg({@NMa#hM_SG(;6(|kcC^uMFOufyvT)}+k zMzmLcYmbP1`6#befqoy&8(~(77O)bC^T!cTYj6NS)Sqs^Kv>c_Xk?Trl06$ zy$%H!q+4eK0K$JUhm{Psqax+yi@#7=JS0lmLP@|{v)fIV6r^k_1jZDV{y12$W1a9-4RXC<j(&S-w<*;pc{Ay9owrCU*?y=J(M~ zuU1B%kT%P71o6<}P35kJ`M}~)e^ta$J;nSoXq^COx2I#w_?O%1EA8iPA{wmEreJQZ z^dIgL2>#G5g*;1puSI+w+M8 zOt=WWT7{zZAFxw_J68%=M_RPM1ul`Ydg<*1>8Av3m4Pnt1D-759|Xdd(7Guy)ygMp z5-&5Dt3k&-+7W7cQ9HNDKvyrV1!Cnc7VNgO8&dyqXmz9~9>g~A2un~rr6cy{mr4@Q zf@6er|EJuRV|mf})T8s3`06(Y{h3bHxd%s6I6hP=PP@=l>T-?6ZOpy6G*`um2}$aO z^X`Npm9^(DMdjp(=Z486dk~Z^(L$5w z;v0=K2Na!q^l$3;St0(#>|dtH>lb-jTSIE^ONKz-exM)XP1Yr~t17oUWm@NH#cLd& zeLO-h^U{c40>2J#=&bLyeD--8CBTqS!Q1XB==@>N8$Sm#@hX2$c*);H`s?xH5MBOZ zqx7g26&rPl7L*npdEY1A^e40cP_SG>S3YN`JjNjN2P&<}JWeQvo+seN+=4uVf!`lu zsnhtydbtX=cQGJdX*Fx7k3>>CDm1Pwvst(sC(+qz=tu)P;{NlKmT9$S61Umsh0YSO zSrucAHGWg1L);qE`jtnB`#;ynmVBQMp~c#+OkAZD;Q#`v{ib^(Rn_O)a;lYQj-w!P z=sT*Vw(Oy;_KhgWAk}1V41G6KKdVxAkR9=b{1X7t=3Gki0f z-Fd8D=T+0G1C!n_H`_uKeaRl0eBgxiLD7mI+r-c=g=JW&H{Ph(}%q=bz9t7+|9)y$edPL(Q zN_D4myc_D&K|ejB^Dvc55ex-9E#i|~$Y#m@SuB(zKRPe!R!~q_9i_~-HBQ=-vlVa; z=NdNo$xM@xQSpIhZc?~^@kA-a*Oj8Gs4jb#>P0Cixo?OUwv_Q4Q1x~R)*)@u+OvGB zXR;}xw^rp+HtV{r-N^nq_ryM;aM#`W13OZZF+R-<8?iWf)^iGJ&|TS!vDA9O->7j= zS=PJ^xltc>?Da#_+)f9yJs_G|6jA8atscnA)oiBebrw9)c3Eh%I&x3Q4*F$K24*He zLB6df4{Coyp@w9B!fJ8t!?jf3==o>+2gePfT!x?o4DzeLWpfIZn|2fj;(5-(qJL zkN0QpT&d3ly?4Z+=5Fsmx_A;q zr%}os-=xq=Qpju8D#dbY<~_21Xh`Z2=O358Qw3OPPnM_NJltK@@(t14PgnxnDdm>O zZY_r*jtPYGtwV`MbL=}UK}XJpwHm9QMU~f0-R%-PEC)~U`LjWhl>Gz~zdZZ&>1RHX z-MB|X)JJhQJ0o`!#}cd8>*SS4Q8m)RKpIsfK3(`R`5njfJbnU;@m zEs8Wd?>_DdnSMsLZ+>{?1ar2&@D2h@#}_WlnwQhA+p^fr!ku{=8pJ<+l3OXaQFV-< zx9=)6t6L!`3k#K7O8&NlI#5%4TS`AuN`@$9NSX>U`Vw|$XKke`%Cz=tx;@*QyjJ-b zo?)7+>%30?;sU39lBBIAl0w9xIAYv1m}*BsyiRbd+HqE*k&}&2`h|yoyQ*8qiptmQ z2K%i20T=8K@b)G?P2-BXbrN$Di0d7ysermCM%Bh|Jp57T;bMY&x3^~jM5n%= z=Yu9khF9Yq^Ijs1zX#(E$lzPg$N-mdpIzB!T1XN6pqAHCTw1Rg5LFKkIw8Ufxn=6K z{L*dDwOMlucZA;UEAUG#w$4>00pG`sOD&?nph%ZCOka*nbWdaw_Q}`H5-?KrDnIQk zO9!y~K%lE&DR6EH7J?iO))8;$VGvjT>hTQyMSg7Bqa7fdVt?*S@@cD5W8mjOX09=x z{v-{&t3y#E<>V#iih{B%O9>K2Vxo7O?RDdgNB{zWuz${4(i|uVq%0})s(korHin$% zO}fv&wczi*_k+fHHt=Z0O@M$}`~J7r<{yYCLic>vrFV~RSA9FdCssfBIOA(sP-~A? zjc;q=;O3gs{)}sv{e@aiX5owc{&6tatgS|!bZ50dQagQNTUo>WVy5}h5SM@3nIq|` z5sda>o%*{wWb2gj@fNdD^E=IDNsuNTe@yH%Ap^o^G_P4;E;?3S`j>eX8=P~s3$euyRzTU2M#01gcpX z--zN`H2+j1kmA&h$ zy%hFy9#;Go;Eak4>-&qXHh1k73iyhfuC_X*9TB!_Z!U`NDG_3-v&4D&9y5MDzlz{4+!-TL@MLiq!IL`%8%i6Yz-I&wjq$rh}Bu26wfcamI>v% zIk`_N4>l98R$%GL@a~8~$qh@nLssx0c$d)>VF$(sB^*&LSvUSp=oh!iac(Cr+Rq@Q z%&nR{N!r6V$+RE^o9?UUU9vQmKy4Si)nlxL*DT>aefdnBZI zNwQMNH>b>imqOv2zg!q8>Si_V|Uy~O6a6YMwY zmq$F;KhDY{0*)1)A_2Sge7~h0r!cHNA)ND~t0iS10NFw4a}0C?>tC3l6#GdMQwuVKQ4p!m)58PyWeYB0QYox%!j$k)2?zB=na zNlsh|NdMRx!lVH^CS$)XVI3z>49_aV1WNMA>8&sWGhO0cZ{GpAw65Pz=*v~YWm9XQ zR}j`z2DKkiJw>4o=L4 zlhh~bT0WXg{4ZF45Gs^U;%(kNC}vMjZP%gcTce{-+I!nC<`3Z`k~&Af!<1bCQ0nZ$ z_QNSbP?-%;bfk74=@MfZjPrp#-QA7Fb>r6S;p+?S?Cb63tL?8X3p^?sZd6#z>$^?- zhn2{kQVIaNMsWe;QX|>Fw*IiI})~}LOU;&H_Rj_96AzP zv2QEDBlQzsFm^5iE`3InX(xXh#%A?PbZb!{&s^<*VQE#PCQk)XY~@9Gsw1XuXL9Ys z@?7Pkn?g_N&e`_F3HbohA8`KUAfQ);aQ4*~K(@k6u6aFxGqg-oR)`&4(qHpTwx<&H z7@zZML=xHSSKvyT$I2hl;A$MF9_TJn;uDiamj@3Rle*Llj?@KVA9=>!Q}S`iXzq_^ zTvhCsJM-1Hs8i0_<6}=5rtq8D{n)2sWJ#;I*C(174jv{6210rH#pfBt-(E^e9^jLV z)$qy{{Fl>=)_-$#Ie*>Q2wKr^K7Sn>9Eo?Xhu-g5(5)_FhLCswkFJJ)CcV@gDnOps zctH`=#6%YR_?I>>CzA-LX~bt`!G!`YS?_&j&}e`bf2jha*@pD0yAW=}{nZ)#V~w3O zwlafxC}gf7od>m3h_dg9c{g1v-f8TFYWYIGf}8PcR?#Oe1RRr7-S{y+PRuV1$c;q{ zoSt+Mfn4G`l{oFYI$k#{Ohlsg?fdJW|En^qKeBmFmEAZL43n_CN2lM~BOjj|LsYah3F!K1XEF;z?nm_IZN!7Rxti@c-3qCEezkJ>RA*KQL8ASg zZMfvB3ifX^daYGeYS-f1bVE;&g=2gfqWDMUhnz^W(no9~9;~^>i`{Pe6$Wz&?HVGr zb5nO+cR34U_#XGK%!LCz{wYB&OP|n~NOh@M|Lk{XHdwgc2VIvoIxeltUwio^kODpN z=TdzjF&Wl{e;NM>@WbWzt?C;+7C&=rJbn|~8b%HKnM!w7-;AsOn%JTmLw~XIXm10< zsB_AXFH>G@QBg2hLw$Dt2&5%IBk^HJKA94V+IfG3m+VYA-H%vX(kl^u;AgoAwJzhJnW0Yhtv^d1f274ExdCrp$h<=Z3VX0r)LJ zdkdXh?F#Ks7ehW1O7deClBF45%TsY46WI+Bs$b1?SG0bF36C=4bj?}&hWhT={V*ju z!OHc|*4TZdoc!LD>AJ(h7K?Zw-F>u21U=JR%(rz0Vcn8)|ARsddQIoOuCM7ekcpzV z2%~?aVwL{I(x!$f(0ICuKcs#vi`C7*)NrKk4cSoX z*}rA7x$KPpJY)W^lDkVO^~u&$j&W~z%~W~;A6mYv;KIFPjFYdbdj&Zfx&JL=Yi)ZI zbbqDh*8Sle2n$6Kvh=l39saw~+zex#5^M)^ zK6{nL6;WzJw9DY+sP|c#TmcDwF$0Twp$8aB;LbLsb5Vra??tN5#D$Dk*#0!C{&>2Y3y;@8x?H!^n{Rf z?!&x1mj;h4k^Wy|!`+rMQTSQ9dH-)8a$|#&S--02ChTy0B~ottooe%7&175?>#Gxp z$6k2#L33Nye4?^pmo>Mh~)Z_7=MBf}k_PiP?2#-jw>En#8~buJQug$zGOwS%Co9mb6lGiyyu|&;O!s-Gba3(b z5&7&o`HRM8Eio0>ozMyI{42M5JS61NjS&7Q;_?aGK~_@JGlm3s@mYI|+k}&Mc+Ec@ zFg3VIJo{<6#a+j!KjpDUl0OSxmP6+}5NUs&Bl_oUm%6~f^7=@|7SPSk`(f3tzVpk+ zQIW9MiJsz{BcoRI;6|YLq=ESeevH7IN-YWJC-G4;Z8+a5m;}=tZ*%m7qQ=>Jf*D!) z7$wg3cgi!W#_u&ei$kQW8?*D=&pa03AHh}LHQ_zqhF*K0PEX+nJmlVzl?2ozpc1mQ zEeEr9Oq7W=tSgJ?x(!2vS`SHxkz;P636ft3n99q*o0n#Kv2iHULfaXdtq^u265jh;M0x#BAk2hB1^Z(1G%pz z4oTl1BN}#|I|iT2u31%fmFkf0g`_qKbBp@vKK&}|Z84l6dX9GS1a$%wD| zJ_`CyluIWO-6}1);qx@$#67CVUtgv|FNRUC3y+&$ZN?AI@P5}Uzz-Anl{gDE-}8e! zLk8{we;3HZai!esyUEj}%d~D$)UnVH2E$b#P49jL-eaYpa2pT#%CBkr;=*jFbolfR znFV)qOv>?e#!u`yOW2XC#j`m)W1(i4w&z6aUxtevzo9`wKB2ubbkt*3leo(ia&H|t zG$$2GJ}dJ&El~V#Xd!o$<3&x0unGy|rVGNB`(Ktn(=faS!S5QxhU2e~gUfTFTr7EfR3;7Zfkk|Tgl&FiP+@5F;8a;;~gOfxVudXg` z_9WMhReKpDpwbI`hvsiwY|t(3K}a~!UZOAB^nlnn$%JM1CFvbGElx~0Z|Vv@0xXTk zsBhwxaa+^LJfeAYECeYh59;RyohPd8!&w&8qF#=4Kcvwzl{q^&2+oU$<$(R0?k`TT zmcG*gL;TgbTzR6B}QfI-vf#+tiFW#IhDJn(3a&br(I*XmS^xj1*XJ zdTLttSS7-d4yPMtgLNFp&@J@@N|zP)up| zi1-E*krEE|t&5Amw`nUczaHVaNY?cB`4`NVl7q;*x?bNS4>~E>%E84ieMwe>Cp^;U z@kqot@Yrj6*eYrS%LIVgQ$HZgb!3BR(6euhkL#GckGR=V>=g#NJ}~ zk@Qo(Lt)Xb44cj3`p2L0%aSaf>Md40Z2wZFS8<=NQHK$3KmF=RYq~u0cK4eJg09Lm zcdi6{HfndcD)M-8y1~Ks#lMFOX$23f?6%jdE_Cg7M7wW1Kvo2e7Mk$hhmXe#u(1%& zWp83$l@>DU;^QzoV04~_C5{&TRYfAi(^vN`d}>c)@-9%o2M_t$8K^>z)`cho`I92_ zVNM%#2P3~6wB4rk$>8}ZAG=F~sdeW>Uwg-s1VQDa)Kenmas{SN56jD@4n{$8b*Be` z{hnHwV+QLbm9NF+FV#Ld#Sk^}NM_mw6GJ6>gVKA7FVBgZk6*RyHjf3wYt2S#iv#JF zNeW5QMwT+5#$n5SvFzlJCnWC8*!?`~qdug)j1b*MZ-ikLpwq;1;{h}JVII@GU*m*u zSd0Fqm95F96_D;fNnF)ljY~$_Ol8wvqWc+sW`6G`NL|hRH&9;gJr|m+Vv8WJZMQY` z@c}V+$x&_h)rOLtBi%niaNlRMS?#SaFy|yNb~wxUEDYMEEU_lAyluS_{5at`B3L)n zOd*D_sUwD-P4C<;&Ol_jj-v5ATM#l4ktCW0$PhK4!D@BnJO?Dm>hd*S;JA!c!{<cmWECZ`{=#ZOqpbr)TRSMi`mv&~Xp1;~8?{T_0_*Mpd zC*|Y5_(8)Vk>5F3CDW6&88G;Wa8gdJn|@9zRPJ?kIB!m^gq5213rFIob#TLfh9 zT;4_BJFy6Jsz+y^)Ggm#2yuJCb|A`j9ApJ(01$MobQ{muq)jYR{Rc4I0Yi2 z$zFTeB3i(&D=y#32 zr#=6G-RsZ-p)A+g?^*xflaR7`PT1v&`A<4_(Nmbq){h~T^cv&qOY!zW?Xc%YM zOJHTJ-2HYf7urdKuA$A*&a*Bb(CE`JMiNXDAI8(hkod|5c^Z`%>$cUFl%4OkgU?W0! zrUjFG=67GoCTdF|IV=4KfY4{89H z^>MWt2BBYUCPf|*u6v`j51VxD>2Iu6UT@09RYhc5J2i+n?&Ih!{l&$Z3Xb7WJ$G(_ zD)IP6+a{%Hy-rvfcnV?(I_T<(+GcXogHR}dJh(M0h?4U^>py<7)Dhk<+>rhqzp3Ef zRn;QQqsAfhx*}m)eOlpMuPeTg)qM)_q=ySZd&Zm%F6!l&7CKcn#Qo0tMc3Ai;N*=) zp4<|ZF1}htYo>~#3FbVi6f=U*n$5lJc35a#G-dkjG?^t<)RXFXu!)Hqvrl(WgwBy- zL)l8_uyw2(Go!seX+^2EeuwhqR)=M{jDihwH8q>>QLCyq`l7D)1}5_=z?>{sQcbU= z9j;Q@6E29pw|^8(RxGjU-_u6A4%zl6O}(lN>WzxB7UB(XayN!F270f&r*zxpgNEWh z;fSPc9s}FM!pN!-Ls3l&<(-!g{1iXeltvEz zA-a5g8chq&9=?3O=-r)Bnkf2B4DoH)R!ucD8=n14gtRJN|Loap{#oLO3G*=_T)E#a z@vzLt?ClNn;IKQjeXkt2HvfuzZW+{_VwM;;WNo=q$ush%@#71t-?1)av#atyOU?>rq_^1t3&G~LS!tSlM(YZ z!gph|a2u-c&Py{015+VGpB`@nSM6pKdHZHP zGr>(BN*Wc|NiD86jj?k`TrDHcOWTTnO)yL%*t1oiKF6du81s>YD0r44---N$Cgxzh4XG@X+YLksb2XgQb5epP?bA zE3w*WGS+KvEeqG~H7-Al;&6_F@7#+!te30l3vwlOt${g{QvAZnp~M=;p>6oC>zG~+9T67zl`CDSyHg}*NUggjg%`r#@nlOu zTw-Ojxh$I%t;1Mhcb-VJQlAv0g|49>RF&_WnB#?=D$Sc38g>$~>7pd;bmT?Hdi$Bq zGwAjR)IltlZ;%q_9i&pGWMH|>&?+e=vUT@|>{t2EOuDl8{O*d+&C-M5M>@Fax9i2U zREUvyjo@)4Y3TM}MDM!E=e_wFWlsiir=9_P4=faLsr{zLHP@!tdc0tY`R&Oiqvlt*%eW&ZdZE-FOv7sM#1;ZrfjoPGBT**q+*KaA!1C z9OWHFE6xyVH5^S5QdivFUuqa$3GSL|GmBjA`}Ea=m1x}^VDfHl6e1dDm0n+K#az$c ztO%u}$>A1AxHsS5>0ZMRzO3)_q6#rCRjD;l*vo(u*Wl67ja@~><>e<=SCSjEw>@bI zEGRrV%ljqL$YcgSe z=aajO=lE((Jq+LXe>?|Uj@%xk2mH3SKHacAQY5wvMlnh&~Us{qth6ek75xgdu zy@idO61w2>NIhE_6coRRyv)gHBnxK$ew4Y~5sCd?Zt_PdwORi6M(&!1+*&<+$kTu- zEi|9~*TA?T*|+fW*N#nvBJxca9(0o$+>H|&mm96`WI!^tMjzGFz5233e0yZcgLNY> zHV4{EFTc6TruH&>VT{U^^dDb!zL+<8|M_wObDbQj)L8$^tkc;0Xfr?vC+6Ju7rpui ze7zI~ANB}GY#YwMLv&{+duKlKSR+pWH~RgiubTiTu-Z*H){pK}i2v#>?_7P*#e%)s z4`1t#J96ti3l20aP^^OHF^+~+vY+*4ur_}id3UB~CYDs~=V3m0mSm`X+>&NK=e??< z-L2oaLNpFabZ5_#J8Y^Ha(=&oct{XKyo5Yq3Vwz!xXviW%ixEMcT$0OO#9y)__ztezCn+))5hn+|{ z`Hb%WvyT;j6CHTwp2j-&Hd=f^d@jIi6t>)J!Woca4t{cB9&dMQ8A=w2556L55KiB! zdA)HbAiT9IfB3XRZ9ecBfPvkE#dj)YU3&eI(uLO9_~Z<-axFHYSmJQ!Ne6c1!yMkv zuU$SJ1Gob8FAjB2WQJll+Y^sBAHo3|?5TfZwJY`Z_?J!-w|f#I2lQoW)9lr?Ee&Da zv#vcIbRsy~kmml(djP)>GE4B?qO);*eVMcix8r=VvJ)p0>dxfY_P1^Oqwmnw9X_|J zP-xHVX?dL0wnb=iqn>b&eYw-puBXHc)|}bF!WoUbtVolCg0+&R9c%RFnzg;t#u;{O zNbZfG!<6=chCYq=Z@H0FQNQy1McV(>aV!P!i;|7LP=qV==;NE-G5sjA6LJ-L!(+~@6*i;awh#X5#&R`1zO5A z5uMERICSaL)hur+ITPF10vH{v*t+oIKlwRExD z70e*QaJGIvU?v>ti2ydb1pgJS?R6qL$oZK<+W?FbkKfi@NKbP!93Svp6W{Gz03SR; zIy!G+nB`YD5A|wgYT$%L(Q*y&biehJ`V$i?s zZl!h*8z9CMJ&eFl4`pyS&iOINM$UYD#3Dg^q@=tT8|C4LfJgwmo5HBw$Pd7@R6edr zRa2~T-i-fCPc!hzCN ziAvVarOvy2{RIfXHz!1&b3Bpj+mTZszEy-Z9gFV|zqJw^xU2!#EpW1e{{`lh_L^Y5YJ-88UBCfnqIFkPe_&V)HfwhpLNg7w;?lDDd^`f zJrI)Lw#2oyRp(TNz)P#(bVMDq^ltCP!4IWVwPlX6I?WlfL5#o<(e0SQjlj zh;2mA#f}nI6EHAwIWsSN{h9~&gAsOamx2)+=p3f?OT5_eF}Xc8zj;_Z^zrAM?^N%Z zrWT}w*Qy#)HigY{+Sq)j;UUqxD4JnZJYA^q;*h;)dhO@ES&h(=KY<;$_2?mz zbIX4L4>GncvDM9uL)48J^7(436@UFAJE!;Mt$7~DCHwQC$$gI=LnTB2%$BkvRxaCR z;8Vj#ovr)ZZz-2QuS({Lrv6wa{YXBIlslX13hDaWhr?!jPTYIPd{f{5NSDS&>7D{2|7vcKYrio<^J7pU^CI+CHsXv)CIx(8Em}4>AQUN;Borwpobs5xFqm8Ps9-u&?zTW2pk=ra@*g*Z2e6yKCPLu zo)B{Hjb)TK%RxFqW-R$|Z?H=Zg5{S^&B;Qbj|k5T@2>9VdYnr1+|eDHY*^`pv7C3{ zPzlO!&u88T+m4?(U6Hh!=wF_IuaBy!+G?wfk&jAOJtC&}a*>5*RQduD$j(*Yvkj(B zoyNtC2=478TT8^{B;s=CCO+6^*IcdQb+}p#ayxhfb{G(Q9r!NRXY_-dg|qioO;w|B zc)JFTI|oGQ*hF@1Ra~FZVWeM!FQf>)@OtlYN~qGkz|+u~cN@P5su7pdo>z94=uk;e zX>9dw+qQ2a2x<=HY5yRywdleGvil5v#SOJh$L*oVLI=@nkiuru{@2A$dTgtiDG={N zELq}**HEFYSAne|<9T`BADCUKUG7p+?gMOHAcvm^7`vty5=@Yi(AZ@qS=_sP5zwqh zw(7o^*Gec;r3?fjFXWh#Z!xj|__x@0ZErQrtP}?OpDw_9Uk6+K<2uiw_sELyB&aiX zW1l=Lm;2M+&Dn5mvMcTIPsW$Y@8c$Ka$$;vxQD}l&u2H?=|KcQ;L17=_8kSs2S7qW zZ1WeVU7*JUJJO!9b=%(LF~wxEl~ucFleMmf{a}mqN9ic9#0lUi_moIFvhZ~6RLiu$ z9?fg%oj4(SS=?)S3bc|tIul%6$(ER%niO$7vVt{rYR@G3uIaV9q@)e`)VQbBBh$$wbTipfS)Q^o}GOwD{=My$Ms0#zcLjm_#N9IviZ!zM=aoY zyYMQqRNvJRrTKqbh9*zyO{)Ba%oBBULndxfwua=9u4k7_op!|zcCwgua!O{qvUh#(4o=SMpH2Sx*Yg=jIyY@e02iAb<4_=&mD>yoASj0KH zZriZAIc+YCg!0jRt-AvkJNFpo*?%yEYL2GK2-KvJ!fE4P3U!KGX%F!>HMr5jZ3k2} zSJr$x6{*$!{T~ZJbofo=hebPYp@;IRvU2d4>6d<+^N`}Ak3Rp8rZ105GV$J@nLd+E zrcTool?zi&IWv_@rnth)IO#N{OjF~M3#lcO3%D!FQd3DrX}jh|Wl6a&xhtfIXbNO5 zsHi9kxZnZ^0>76!vBtep~+`l zB{OAYwPvvS)Esh6_VZwnG1V3CH=Gr%QMbW=XSmYP#^LHXM)Lv1B zAuV3amx25^cXZPmbaJB7Ds(si(zErCB8LZ7SlO+rWEag3jT(;gqjtA3M#Z3GR_ARY z!IT+Z-TAQULY&OOs!={-1I1KWfG_!P{rCPPnwKXHOkQ%Ca|aL?L!&c*ls#YhXToj|3W!w2q~Xz)%F?jpzR`x_}Oq~?LEOEIb^ zTcAvElIzI&8$Wc{dTc1-Q3`Lj%@cPtIPEdnVK(~gXsW6Z?~Lh5cTY4@#P(apj}9VL zOotDw)EbL39Oj7d&>>*0zey($y}W{+9$g|vC%0wFSV}o-qZ4or+0TFN>3Doo;yf-m zz|q4)62RjAet|qcNmwV9Oxyd_hF|neyzIq zES5oFS&=zHYO-T{WzIr`TXP3e;2ZeJWYcV6HhLM77;;8PoT~r#7)%u%nfnMv=64kD zEB2H5?l`WS>uFY{_M9aPB>B|HN0u0^c#MO-UFh&Cq5M99SiAqdSCxFyC&%Q@sr8wN zx{_P&z?RtLu^_caGWZ9e+fy?6;r*n!b1`w7U*w5Ti}!;=0D`V7=5>OR+8npp+QNle z8f%T2s3eN%bErG4eRA)VrFZ9CKedBHS(9qw#5GdU_r!wfV_W?>tu0`{gSv6K;T;rN zEmW7+vu#=Hyg_;&w;((J1!AJV3@`Ge5$>9}jRqt3PQF!^c$wU*R>-P{y!UDP*+$El zl|D@#@*jl>ZSsE|<<@rE?l00oC48ExZOd4m%W=(91i$^_Jw6}c{?>b_*RS7U`w=iE zG{*+Bl%GobID9TX>O~)1sEz;<-asY3dSXjOpZpj?)pMv}uX4ULA4~eX?uiBK2e?d3 z($~~}DFadD9-NfhSn_x^mu~gMVIb#p&``@o!8s$|pAO&dBC)K@r;Id13o%aVcLfRk zO>>cv7F7a4lX^X@yzfs^M+Bn|i9U;|fHvirX`ht=%rSKY7)MJ+nC>5&qKlVb^}a`` z$Mal9t}Ek?Zakp2X=3Du+9K&?c(coXhLJ{NvkL@1B;gDMrQrAZ7O6inl#lxSvZ5Iz zch1}xDJ#fZG`H4cBrDFm&pm!8JNB<61k!@ChuA)$j=(0oJlCq4ikk<%7#AAs_%kM@RoPYx}e^iNHaoQ0&IH}C8wEV|Y~UX{eN(5=>-@aDYE@5)HZa61IH(YWo50m8;5q$H{_H_!lKt~g`R za?yK=)?gSkahLw~^PjS&zWgxFhT34ts9Q3*Z@MS1*32NRC*M7bzeg)hT)N!7O5|Rw z^*asvd{MD>y*2;bXy|z^TQ|Le#2(d~S%7dye?}l|Aw>j(_h$7Tvc(yd< zUy7@^S+we7PnLy9lkD%7dXq7W6!UTM!8=nt9- znY^;+7Pn3{(uoU8KL)l(71Bt=1aLeP=itfuC^f39Uo#10&3vNjY0}0P0%3B3+(wMH z^dGiiUWIdKtb8nlxoKz7NjDsprUzAun~#xg6RvO*6F3n({53IkA-M>O4lAK9(3p1m zHfGR`Os_XiZs19dth@l@| zRvi7SqUfT#K1j*6e3(Dk{c%6|P0PYiC1fzCU$}o+zUB+e`c4}1yZG-iRYX?QC`ePW zMgP7j<_fj>n4S(7$o~%+?s5HKv;~n^d_UyMLd4TSBH6SAkvO{0^-(GN*2cBJt~pcc zaG5Ld$0e>yzUwn+Rvs@3W~MIGVb<$iJ?gvoF>6U4`yT^WBTDgy6C65ziHp~wOD)q; zt>Qw^-LRBzR<9X(2RYya?u_4wFQE^2`g#vvlY%a;Jh}^WmKu7TiC0SDh8_j7+JWYs zhst`5ehPqj_K+`A~>I;u;F+V<-P#U*Z@#+(pE{u=V^ zts_TsM^XWnO3vUYFG33=f6Q>lIlL0qJq*7@vWM(l&roGYuEbGIga`VoW$^C%?56dP zEq^+5e6#o#PSkI_R?K24lUb?p&5F0)oqGbal{Yg@X&j%BC+oHShP!ZFQp=3D^UD|egSm?ZBVM9h0Q0!`wpRU#`Vne!E zix*HMocB8??bN+-{i$PdZ6EdoLL*`<7ww~7kJJ@}&EL&J#$)Q+`TzcsJ;*RfSIvGM zNI6bpQW6kiMx6r^SDZtfdIp*wy|X7U5qp`=E0)nj^pn}s zXpuAQ3tm0G?GJBum`rW=y>@?hI1dTdN6CuuL`Y)WO4ihxJ|}EXenz+m`td?_U)`~> zmVmg>#6b^e@+@zL?j2;JS)W8_x>}R^Sl)!@{JkK1UYAaLT?h&mOz!XvlqH@G$<3Ki z4`>*3;te;o4^Fixw7)F9W#Nsu%Rfiah5GC`4wMZ&wCyY^;MM{cRHWZz3r91oF|}s! zM}^+*31AK1Ya?mLY(H&kd?BB7q};8^^x`GX@UA$|m$+d+N^(DXL3)gZFian(^-w*t z=Z63hNjEkQg4rMpHNPeDX%IO4W5ChP6)(0+S!>eFE_{J^&~MqvT<5AO+qK0A%h{~D z_}67%saJIGSQ#Y5Sj(^B{$_he9cSYimqxz>!~X~+!*t!^yKnkVKeN5~;A}fB5U;Tf zN~5RIBeeXP{Gk5+hcSmZ;1bB-Qyb#z{e)r`c2D30Q(9pliYlbb-)C5{6!gWe0_FG~ zE%7Bqo86xSyWIgfC*_-l*s~l^KOemh<2>k`m^V9-)Z3KXP=&G1ZxSfSh#$(E-5yG# zI1T0knROsG!NSdM@>MWw0YN5?Zh2|-(sp12y3&`7s_@pN(39Z>gGJ1VG0}TfcHx<|b;Vup(CcCOw zt(Dq=MsQop&_|;qzyvv(aki=Vv@>{=qn~zqHKjHwZ?Mg>4~IBJ3RL~cla0ghxL1jkGYQz65gr@zk3^>BgQs{wOnM{_a{f*EBct}pp9wq4J< zLquiPgk_(^s_OetcVs=+hB8OSt=oS96%oN_Fm_|4V^5*U1z1GcCF~Exuv%!FE2|Z% zLeI`j+gBz@0yn80!4RtqG;NyE>q&PFD90Q!9gDrY?Eh3N>5RHnHnR98f?R?3zJor; z${~+B1%JD>a6Fb?n-Cn;L($Zui58o$_I44q!NqBcp%(p(sON6Bchj^7xs%$_QTG)` zO44*v;m zDK}uEs92E+Nq?&Ae_Ade-3!0`u|Bo_QKQ3oVK`6veH5lq3|IV*=iwtnWIVHQ(Q;R!*}M*$oMH zwBe;x8LOqMJmF=|XY__^nqE?l{vI;9_o8;6i_hg<_9#`)$!z@<823D)cwgOT-SmJ} z&62O{@D^3rT%IayQCP~K&(M`&lx9or%)P`+K4FcQ!+UYMsBNOoB3^|KEs~wsWD>IL zpvrzqo|17^v`9NkpFjpmvl>}5Z@BlYrfMd}70oM>j)(B09CbrP(&LB7mQ)RGA+{KX zNvQfWD?4jelHz5q>};pIg$@1B!-ywrezBjtt>}xGUj!2nS7V27qg%vHIaAc~t`TV~i<&BcnjA!}( zYuU=Rj&N#6LT)Vx=!V;=hF@`O*B-}mKgK5P1h4QtKtGZ_r@rikUSJG%-25A1<1rDG zdHI|b_mrN_q&TRHC!qPaQa*PCU8vjJ;E-i-9SR|DX71E{pZxtuUS~{^5z*wn;2-kU z=D{`<+`;?hVxCKF-mLOvU`C%;!<%%|S{IAbo6F@|`bbMSD@Nsi$L9U&$#%ty#axtJ z>&l|H3kHM}c!nSKF5VtY2*OmAzpzW5))a|dXD$gin2zm!rg*P=}t3&TSp&VKeTUq9Fm|&X>d!%KF{lMaef*py8a=$f^lpiG8~CF%o1gxdrNa zOGal0O8)kvxFS1+MY~J@Ee=^#c_-JF{99+AgZlP zW%D-&5O=&@mXI%E^=#?y?C3 zXi8;OGnfq<9?nxQW2z|Q$r>>35ARU$p$Pr&)8{2S?W3lI>dw2a2I_SZB-qBKZ7#Mb zcW)>Ksg5>k=&eja5RwDa3K&$gJIyhyu#YpnyQ1C~dP!-8eFHvbi>QYN` z_zAdvN)nzYwJE_k2B)E?t~YH=pB5H;AQ-3ecNarq!YA5qZ0-U#oK*~8MkUkDU-RcQn0kEHGdhWzAO z`(bIFKFCNThp}M={82lS4q=bGuQ?jA$mEf-)VVHJg0lDaIRD6|5|(g3!0+f(n%Rb2 z7%gC)#G0>IL6p696m=gZs6oVD0~SN5ue0b~lu{NU{&F@eZE)FP?z+{|jL+D7=+jwt zYzl?xybHczhugmFA2wJq-u3{j9pfdsHZ1iJ7AX;=)%~_{ep6J(g)?-lFFRn>YUC-p zq8rVUoXJ<9$9=}ChKn$g1yc*x=KZsSOgwh6^QQ(>(2nE8m$<|gP}ha*=9uMt;`${= zHhN>*ip_-UEt+Q6IyrQ4syLyq|D3n|sy7y`U(N%8Nz%5YX~usbfUzz+oxS**AnYm+ zZUt(w*I;Wffc+ybA?N$TH6b^odp84CyWTu^VW#yznYsyye@<*?(T##B#=HZacdzB& zK>ReF8~P_OJK zDmkXZt6LADw2PT87tYnnq>o#XxatGsMSu4iSK#ctXcFX-mGq*@oKpKSPkrPw?W;$x zD5LBfFs(t=RyPdRl?7MrCR!KS+(~o|k&47os!V50={4i-ENW4VFahT8!=Yz6FyPIV zV`ZT$`3*@bNtYGV0aclwJ(@Vv#lLLNf@%f4jSKS@9tq~sz19s5?5G5fiSXAg7PIMs zgeUOI^zIK{vakGX#?$|q`oY&^@j5b2J&lK?${TT;jZ19b+a^&XzUn^`C3fM^{;0sB z1yYL|~OB?$xv6Z6U_I1^#OEsdEP(|v_zl;-x z(B2`lbcdiNyHTU1a+3tk!@EBa^$SLH)$rP%qSlM)k6U1eEB0`RkNBdsT!ayg)IO0N3aC9;LSgzSMpo- zZTdH3JMP0j1|^`@y4Twe;~~pDR<$(LukX$)LP>!!WRP0peId|f!yfT|*L63cvT$L@ zWr?xzw<1702CA)JM&++2Il@=lUI3YgxSJ~*dsYj0{OI#RobT15RB&92Jw#Plsk})m zYNM0;-O2$oA!SRKJw^<#KS<~S?9kUx`B!i_?|S08Ou*kd+-OxG(N!1N&@WO>1b zsYuC!dnm1J_~M=Ng27h+fHx+&ff+d1nA@JUZeQecbTZ4XW=t|`*y?~M5aO5@6IN%? z9hBUK&BJ`mvGhuPWXpqb`TuQzsGpX-sZ9{jQpFZz{TAzPSBBw%bbxLFG@Dj4^GnCt zIg`B!b6oFhrvG9;&K$m0hy(q!Y4jxw)i!Z;pl^rC_vC|%Df4&9Uv&yofI#kqf?qY# z2vU>Vt6ord_D%H}@5RXrA+4<7iV@C!!8pkcL(+P`kNnks<53lV54}neh0X53?$}x| z3B^+7-j&AEf8Gx>9A)Wh2a4_NF3ZWeu@p60?(oW{Qt4n#z5ws<&mjl3Rw&;R`F-G+ zL?imOYfSXQ2H=3Q?xcAm1IUAm;aawB)o=jxqBySHOIGJxWGsXQ3oZ#CsMp_3vwI@6 zEpNsTSGsMY#7P2cp+~OrJb)XV6C*U4Ss}x7p_yDUxm;QYF07FCBNx{jv?a)*WA5nq zH0hk2B^Y$%+q(vf`L_v&K>fk=l*PSMGU(H?aH|amZ2O2ib&NtTscb$h4l5TX4ZUSc zAEB1sbd$QK(8y0a8Jd2i_H>?R2g?2r`V!2YT5XeSlEw1RuCab$d*A*TeBOQUEz7#q zrfAyqIRS;PaO@`Pb>~yMm9naw&0v4XFFQGRZ@SHyKoqf>3M0Fae-(c}{zT47m5arl zbH&9C(5x9gzKYa}5_cAlM$(L;nmnWLMuDqd5J&5><_d}Yam)oEH~JicG3Xe_0oKw< z&{XL!&JYfPjFRP&2>3CxMvQpz^;CQ};VVl`ffZ}N#1KMsf;D8q&|r2dXg+N_^Yr+fp7vLe#_`ugj_9gyCPIL`e3mG#!cIVt0;wUWxc6D>Q=BYTyi zT7YTw;@F*6NZe&)%=+5l!$BvOS_TVnMYIqCejlQlbrx84Oc%cP-n?ZrIA=LVGIAm+ zbypJhEK1-K@;z~Q2pnv(W>2vfsc-Yop&NKEo|3WVCQrIwO|_X{B*OrdV)OOD0m%CA z%;aQ?Fpg%vwD4HEgLk1iUNZ>M45~s2n|IaI-)SRXTFv&RSRi!?l?%&$31!nG*KDAl z#@l2!j-=s%O{hW3DC?E%;^G(FyI#2dx_o1^Od=o|kYYFELrI+c_6CbP|7$;su+7F! z9rZ)VuZocjgPl}Elk;jDtdbxzn4PEj+PD2aK~d-E;%S@7cqAU3sMuut_w!W)+1R%h z5w}r0iAx7SxU&=ImeX#_%|`r~ihT_Vk=Q&NEAKZi-0|~iXgX`a)w#J!(omVEVt$SNIY8DQZ zS4EeJReC~O_=$p4dQVoqdl4+5VCBqe zZe>O<>1aqWnw4eW6d55s-i3O*f8kDDg6)LO?F�LVJ==;WsBu_f35wwApO#!Fnt$ zz1)E<%I%FF)MosVx?G)LehqTj94=ny>==B!g(wf!znqMBekX#T1y3w=<~XV;N}9_j{W1~X`_h=Lt{M+6vF(3Zs166B^qI#AM>`Q`pQj(zw01xH4 zVn&lE*5soLf&D{z&RX0anD?;lZ11fK&1;mu_$ls7b0A-s5J9XF2^KnUu`oZm!FtJ_ zGa}R=A^$jJ_IZeyXjfMfp{biFUVIwAI@Cu{Cj+H#PG_;CL8BFnwmb1_nVOwK}_;hceuNx)RA%dtTTb)DQ58P7Foyqx&@45_c5zR36*A>#-eL>k( zYjgkL@=$$+SvWFI4o{&>E#eQS4aErysQAisD@WOYt6y%PA7g!Bs3SK4yjg(g&WHS# z-i8u4*)=K=xNV!4V}{pj#Z~*+D%ft}9^BH^PgCj%`E~ZlwJ0l6BjzJI#t?n#*$A)- zD!BV>tajG=V}?Px$yVv1fA<35CWbT9ytPxij+mOa#W&?X7;EpEznOuIO08ZS{91Vj z@$GG+1i{OP)SnsB=QhSUT<_bk%i@&Z^d8U;`aJGJd`b_?{OiVPH?|Z%_iR|}YgX_r z1olb6+IK%pc5R-Su=}cRv^S+0<Mp>C|3$SGs5GV_gKnm^& zzbQ6l%0(<$MyuMao6V{WSA%KF(sF6=vM#5l@>4>Y^=+?Ms7QQf7}o0=Iy)8%7`$R> zYTaYq?O98({RXf#-!KjkF8zn)fCRH7x1^svD+xKce&okbV}4fEU1Zd|?ZpOXq_$7i z9sozS_T^1fs|h%<%?S0b!G4*tcNwa8)`4RqXOXzqjRt#v9FCYu3+=e!cb7j6)q|AA zx%su<+h*x+r-VR9e5T)bdhPTB=`k#`S3MMRChoNOR<`Q9%F(&_5@bkaAppKiJOA&f z47w5$Y1HS)d80Yec4dS2zj`P%uvW3QP@+edRlGot>V-N++R~|1B_pjwx6f0a8kHw2 zsAw;6wK34_i_k`o4bE)l)$#);+53k4jh)s$uIhAX{%D0MRK~fG5&l9b91dTyuQS$-3a~u?s1AF4}}M zfpLRABu~w2E79UldxRb=dfGxyjG>eAA@v|}=h1H?YT}w~M@^$Qov0;-@bQXJQuQFf ziz0Lh9CU!By|pbMX>hg6k|Vm?`?PR7qS(CyeYXD&q>mEm)KM5W7gf{BJtwdw{-q1A zp%$uZYS@cca6K0I(^JBAz7+?!EL58zyIl-|vyPB^nmbSX*?4b+{|lvW&rcZabXt$L z2bSByW7a|X3Bt&=M)s$w(#YNn6xg5)TIK^H04FED9F3hxx|S54Z%hQl0Y(JTw<-;f z=chK!#onGFW*clLTMuE!mCHz6di%t@)xMC#e&WAaRqt7nE~{;=b=uEHG;)aU6P^8P z5or{ultOe;I7BPXW;Z$y&3kqMkI3E?8!Y}j`L%3%Xnf(WvyEqv1AXD}vJ6ipB|&wu zJQ@@n6MFt33Un5ZjYqw)U1%DSco z7T2Clq7Tk4bcToxn5F!|)*P3ZI;03|`f^#k~)MM(E=PD6x=x3U<`XLp#{ zxX%}EQ7>L_-_+xnbrDRrgli`ch=E!v&R=+Q6{p+mgO(#x-ext}w}7pMBLCxrNAL--O*EQn;xBj{W=9u<8 znYZ@TUL;b^4nK&Ih;|X&+p08Lgl=*f%~T~uXTmAE@fx{hWo}dMDOK&@KEX=(lqxwN zvzZsOfqAS9$ckD*|50Q=!P6J3XlpH;EOQPFvW^cI^x+X9r)6%qrfvhgN$p*Tvxup8 zRjr}MuEbS^Cf-f7SSNwxoY_`=$9Mq>`c^dgy2sF@F~adTM3FHu z$`&a~8f=}(e8Ls~$@6o%_$*bae5SCLvX?}2v-?B|pc(bW{jSZ8zw06D{M< zzJg=LBOzw)ZSez^X;gXMCDVfqVG`OBXr(F1I@V_%y#~OE0W2+pq6D$DdgdmSr8oF& z&9Pv@LT*qQT_w#j+2TFlx^oZ14RTm(vLrw6lFRmZG0 zhYMJgXN_S(aP7Bi#&_)h&E#EbURi1`zlK?4xJLBK!iIIq%iP%x+%1viwg_rl+IxOM zBX)O|c>mCwXcD-(IQ7_Tc-++r5BJj`Z0p1Rv?FCn=~JkR9XHp_xvRb#CO8|o3{=yzbj@2 z@HmYmqQ5F&X?xrM#m;|&kH9F+X5lD}x8Ixds7guk)|6Kf&b0{AF$*b>H0nv)X2aKp zFYgEo1_ZuLH`_;=(CLbGAzFGY}R+s*~^T7FNt5BG}q_F;B|oQck) z^q+b`cKyRE98;`;PVXHxtWvd5hC`>Ih~Z8@6O9E97k#FxqJr2q|K-?ei}PTx>{snp zqUw*VmH|6qpqtwbD5~;`a}ZiWvx=x$e~nV_Sk24Aj(0YBkU6mRQED-Hf8-The^pcU zVd1Lh0CjqTc$>jCV;1Q9Cq1Lis*Ev>Z0&_%>`BYtAlx8g{@H|N^kVPWM|~qX+~&ft zx>=V1P8^OZDzKRxBmd6L>p9!9kJ1-kP=Oiw6t4%1c+eGM-Q?0%ZPyq-(+iP)rahN^aKnum-+{3B%L?;Q^CUjN7IYNAx4gv=UOcVF%!q89I(D+gl!nWE;n-w;3$B# zZk>$iZe4q7I%w6#3;v(g->0!ONv~%KXs$E+U{=1c)v(UsbI@G-Xl%!0n|_`cvEC~R zuI?Sg377yc6XhhT0OxZ?Qh+}N$1HB(Pf_$YW!yJybbLyA{P zQ642(pOiihgziu4s?t~zn`ENj;IKMwW(*_j&ziZYr3nmUxRPyeu{EqXr_6NJ_We!@ zp=tAsUt7{RwBIOs3nJCYd`f@7e3noGDL)nZZO&cd)bnUGhc2NC9iKWsBnVxjo_o>y zt}r}n5{Hi_cSBL1n*-r3(Xpdcrk}a{|L#=`G^yb4%~Lz!!ODJI`D(xU$hkxtNkx`g;8xhCXOTw(sM^~i{03)n zZJA>xKcLW`Ja8NKWV zmZN0V&@-}k=M8IvFG>!W+CS;{n;5E^?xWwC-GZ!qZ0&A#o;A-mrd$v&-Ug6zXmgaG zZGil64_8XlF?W$HY9~HkyZ=;@4>z{-aYfQ0&PJJ^$qw+CxIIEsSAuo{S=0Die1u-9 zbp|1NYyE-r=QCDSiksPMs;E1;sR7n>%Z;!=VF)TD8c@q3pfR_$U7! zjVF3t(5Fj1B@vTSgf;Pv$A)j-CJgpwmp-)FTt841M6a4v?B4k(J55kfWSo`z5AUJ$ z2pASL8QNW!1Mrf0kw^Nvaaqwb71Oifyxo435@btrWh4=6FRTe*KRL!`TKO(6PWuB^w1!lVT+?e3Mm_;{l59z!IW+$>U^gHSb^k@mz%RjTEj{ZO zMLe&FY=y`_I`IeBtoh!%)^}1zm6FxNV^GU<+gPgTU&7FdAA?#l?J-k;0H|A&Lbjb! z8^%DKR~sJHEy6Tq^_sR1uaT-36v0Rca{gkH^jF6}Id5W2aO2CC(V^2uVv)=ZjJ))b zM!42nwSR19h&Ll=ChT+;fNSPQNqYB{AGwAx#MIV)zkikF7r1aL@39tv+CEDD*<93#&m;_ZU-sjw?k3g*d+t$Bp%ht-KuGhgy?Id7Bx( z3GMtt4nNXS^@JF?0UdPYqGOkDmGn8FsCqLa!~a`PH*=Vcy-Rl5vzcNa$IX1eLCR)f zjsbIL3Y|v>a@*fU;m&V4-so$`JG&HTd>l>ary9e+!$5$CH5il7*5PNeXcK@Fx+tsh z=XSuBj#>Z!HbC>vKv>J-*LCL{#0*HV!ycl$o;7FDGPn3VDlh=HbgeHVWd(4=<|ib2 z@d;IY)`&r3O@IfBc7SxLGT|=vxdw^1Gth0bGW~brF>rWQXviQZ*|nY-tONJUy1=2j zSmQN3V`qCk6T@hx#hrmO8lGZ4yT4#s$DVU0ZU%})<|ek|c&iYMu_3ha_W!~5;{S@} zyzitLrQbaEfL+j9P*2OLL#^*VfLavu24i3TbesryiC*~FI^D4-IE5ayzUm&^^4Wey zsCf2znNcQDp_aRpu3~s2mkN8TsuXEy?(2Uin*h?Lzr2NvuU_!O9Ax|LMYncL+c%n~ zOI2O~hW4X3@lvzIGUs}wOAn2s-E265bv6ekSokym;m&5HMc4gSzE>AiAC%#6 zur0K(8%$gRZ0ZHkawh|g+Je&}GR<;jKY;1Rfxl~TIay#+W7onYRPPU2M@^VkdbuTl zSYKn=Y#M24NsjylEw#g6ex|B9oRgjT%W&KN(u6QyPS*jFiDi0CTw49JM6qq@ZX_(! zeq6ZconqS1z}xz;`i;#a3`xC6ML-BwyayX&KuL3Tiue_B0+{`aHC(lDgdR||V9&2p zLoHHUhh-$;pw&{D5w!-Yy-~4t=8GTs4c>wAh zG|@7aa&4LP)jF@G=?T{@Y_%k5@jZZ*K}GrfuD>Tf0E7(lXHVkEic>pqFlX6tQu}v0 z5gZbjOh)WgOs8G9jBoz~q}kl#A+B>w_2lfb*z`&C#Kw3eG@k`KodNeiQiRCL4>jgM zI&if0qPh6U$~P<`aC?fkHE?E}I667OXT93rBlnt{`J?dlcn|MRGxwEY0+Bl8<+g9c zVLVRpCJ;Hg2#<;}eVl`f%5zEk&8oYmaNULx!81=A-K|z?Hl}oWU%+ly+OczT>@ZuwnB@R(?H zmm>M332)|!-wssRyINR!+yP^FBSrRt>T$*fIcGo#=def z&a7!qBKS{Nv^4Fsfk6j+qgLk1)iCQIDm{Rl>aJWFGvMyIZ(~lpq^uZrX}fj*`iiop zh}b&(E@L$w#m~SizVCxiwUk#(pbxKX2ZKAeUnej3jyw}?fla11E1#JYbVE-`v(PO3 zNq8V8Rb&7(=e(2GdyiF++IXcEW{HuYKjn!|=Hp2tk92diGm~F5q0hLLHkT~qxGmE@ z2C#hwnZ8HcTZZmHIe9_oWfRvigXHbui~OrFreYnnOVT%218c&^PQ{`-s(t9yIc7|g zLiXqm`b8IUqKZG-F^T`Ma6P8j%aikcrNJe#az^0VOK-f->KYG6NI!*|)9RldMQ#TtR7PLE3@NHS+Z8XEO_XENwF1b)xRM# zf0e1cv71Pr?Q$i!4`M2z_`#=@s>7ZRXUvsHiz=7<3_`G>Rgl`$^+oC|40I}|3bhmk zsdks|S1|m=|8xU9*jt_~f5E4*_o5sAB^&S~Db_B^ z|7vzwzkVlu-}5JWllqlwW2iXoem1EW4>6xIPdsP6q}BE&o0Nmh8;FO=5Yn5HTXvuO+jyPQNPg z9ZW$}68GIy^HmY&V#tI0OPnuS(C>Z;8#-2{DV#FgH5&5ov?u0%PSrpf|5^6Mx5&9! zbSKid!I`+Xx)yIr@@mD&K^=X{!_|5ck^nWV2dkcAUe>!l@Oicy=)mLV(HliKns9`?0FX1wagx_LmTUw zD-&fePeR6i5FZ0r>dv*q^QXSpW3lIWp*3iRZG=us>grLtiC~2_KyQ`zG8&uA# z6ubLj`GvV-%xYz!a*w@oqUfB?A0=pRK*;LGHZGiws@SNoTLj0YJ{4Ms)7iy)C@#eJE1X$vFLcve?J(qqcv$d z(WqU#?5c9UV1T$a+frIriezazJG}6_6CyqZ*dAoJm8!5N3%=#L+!SOPNCGF z7fTzi3?|UO+L2U)dj7E{({(GLTP*Gv2s~ft6co4l15hWSmpw;;Q#rYx6vX7k|GWfB zS3h6vP!)a<_6GGP2EXfXJ&>?#=6mkR?t+P%HHJT@24A}P;iSD)fEk$oW|v{#+SLi~ zM3C87L{W8wHy;O3i0FjHUH}w(wx1x1UH?IAg_Bs7HIffj(kFLf^T{RQWy+?C-26lQj{ppuD=iP>UjGcNpic=yNL8$MH|PU#{Y%tt6WY zk|3=|l9A-5oGdzyI0zK~ZdB+sofE!~?v;BU?aQD8f4&*@78~z`9!KWrE*lp|1?$zv z1iMlf7^U)GdqiWW7`z4*Tuq2I?|unY)t?-=$iN)-*LV1;G=I|rm8N`7wBQ-l*SK<<<V zPzeV#FRlkpY_|ZyRU^knFrMHQkGY}MG=z5Heu8ZJHKQi++XNV-y!-d`>{AB1etaeP zo^)3@_ESu~|1YL~LTWZHEfFKs(H~*!K zz7C4*^;Awbzjg?^6}+~?QPz9zSXkNTWarW+4*P)Ybt?bv?R4!}&Qm9dn=)_pPWtZ| zTeh%~phM*0nJ@9CpmwPq_+tXyhZAhfdm3KN9Hz(GTkbJV2W8ah<{HXcF3`(sV%T!G zz+xx=VQ@_{PHGD;a!-kits8hnbbcTuNMqXhVSPS;sUf~=cuKmo5J0Hg$Ioq;i*A_w zK8|l=ke<8HMKU~6$r_7GUFbKZvDD|LmNzF*+eW_MoF_s2A)S=tCqPBF z6xu@j8%tB^)^KWXVo%y)-`g5E^?p$A!-o~7Aa!9j+5JAE8>$O1AgaZJY9;?P6yBdy zd3CnfU$%$N4&p|KPc+{&X0*{}$o13vGy8RGskd|tv3Hji{H586S=J@&`eFs-l1sg} z4{S2D%=zi+OF?RJ$mLlm+pKYGl6U)s+eu8@+t+?+04@-6jLDBrk-!_@D%tGJW7uy3 zn?DLo274;4LY}=No%7%zC(A4nxL>@tZXjovm!ME<@n_mqQvCIPE7(I0y-Q5m4SeA+EoA(JhjSPa?f5w$#zx8ysFWNy$I#U zLYPjCF4bPT3Z{Ae@|0F^@>!4j0FTM8?SpiDwk$|%Z%J1p*+pyQEEY&Tqtzg9Yh+Zq z_v$x|NY_uN7Z*TtTXoe@e>WvY!fU%BWog|&Oo2#_dYw;40r6*n0`S16yu~eUI^InL zpsYWgKjTiaPm7FqE>@ihX8!VksYJSV%Ea|nTW}*H&-*K7HCpYCkJix|tHH?;T;c9E zTZ}4e%*@?w$xpsPyMdXX63C7+L&7;vTdDQ+x25=rG*1<&kip;}H-#-|pNN%JE>@+5E8Q8w-JD0!|+PIxsI z?umz2RYrLqdTI@^>Ou6J7j{)!;sZ_Wm1+KGQpvOvXg9|T((=^^tRY|AoC>hXKCY@1 zv1{10^=KPP8?#ipeq;sE8cvp+)!ccy(d<5Oblrn~!`0t@GdHk(`A$`$8-xfN$%6qK zdZIKWVYQEecOfo72=I6g=2*W#?-_OI_{oLyU|A{RxCl-RdaE*(rn1swxV`8Ys7y4B zwQ>852A>bn5AlGSnfIp3Pxts#wPa3|hOE8dvsTmh$q#+Zy;VRgo37}Nca|yOwdSY= zXe%sfh>VgLA>3JJuJg=F{K9G5+}S3}=`z@rbL*$x#Jf+K#Ee;F`SjI|{p|_smFB_! zoUQ73D1RQcqDu1PhH{ceY!7k60-%G(4_izB(}@P@de5!C*B0G6qUew-F@>NIZC$K# znxZ4pzzl=28{CH1byhH+T<5yM-i&F&-b(gw5l{&_IF1Srb~I4(bVeoguv6_oS)Qkh zoW>O-Jq(BlD$RGrIoI^3E=)jm-p|JgXa>^Xxe;BCzEViXJHum0GbXPyF|6iob+Vx` zuQ3%gCu^>o+GsU4kOc@)XYz#j+II~5BOP66(iCFE{^bL9LDBuf59tz1dnrP z7*l#w>CcTwcBLx{2DA8c<(1N0jU&Fys6Hs*r@I`c4Td?)UG)fq?R3Q@XHuV52I5Ch zrPl~Ez;S8hBsidVe1biptBF|XHt>||ID{6(vqPEW%0)nM3%ZjIg2mX?vGi!F&-ySJ-teSp9G>~)Q|e2p2#OUB*u$H=SmJE`i%xYhYD z0w(=n4+yeO{?;DZZO2NG6C!;0_G|iE7wjpfeUIKg&dhZvehFAw$i;PT_j12Yyf%;D zTqyVhH`F?gg^vtoz|@Xo(=~Lx1KUCuA@~BY#!+A$qmVpetae{+0biiQO52p4wx072 z_0d(U%HnNSy=CVhwC6C_AAbbu533rHuAH`%oHH6~>w~)AS|KgJS7_w}16X}CfWHv^ zPcrN67Ii*X)898mTx9GS1#~!XZ4m6&JyARozy>B7J?5967>~2_$c%eV3C$%xuO?MT zhV7Bd&f(JLytiH&5co0_HhdPGrw1!COmxr`L6ub69hNMmewt>et0+3SEYq|ji&h-x zSZG>OQjNFvc71N6=|f}YsM1EU26gPx%YZGP6ZOpU=OR#p!(W!VoL*PxYfJ?%(3{^p zoY~@mwrj$u=L`xMQ3)7iqNm~#gD07(&ry;B{lf*dNUUeNVif4I583)v>K#7{ZkVSW z3Y}&z226sIz<)GX*wmCN-bB4OA)OtM7RF(}%Fj-3Wn6m(E;=aIG26P> z4qwG}DXRmw%;z^r<6!{}|Dy;qPX(j9(;>ftd~#vHN>bYc|8JY$mcDJdcH3y~g*46H zvIqex2FAMTtiJ6N){_Pb|LIAu$TR1et1m1^)B>fXGgdzodZa9;s%pGYW+8K2s%2Xn z=$o!x0feS4R@CDdljaxM)`cO2N z1%AT~#N%031Kghyx-0FnB2(e4vgKbJ^BjUk%Gnvs6i$2ZvtsIM&%xfpm)%6{~(eDm-o^ToLz z(m@sT&|lFf8_V)fQbnO9Ifob;&_jxTL5-a>WThakKi$VW2EO&U8vDMH-77MPj(l|8 zav+C?beGy_rWGG)SH27vW)K+or+<#*Z@UY9iL0Nr zSi@g1R`Tah@os2E@Btjd#YG6%sI~ai?)VJ}hVWoc8_d;W=c&p@lLmIF^ESnbzX`!3 z5_E=0Pj@gXOY3fpusBlRCB^C0#G&;1bCuxSf}ZiT#U3xj4!W)}i+w>s-lmMKPITpt zY*#3i+})zjs7W7f`awlq*|Q|!<>#}@X-J97Xc5R(Tl%gYN}efnwcjUmHMh*4@tk8b zj+@0Syi3)=k*w2cy3vLG;sN>TjN}B29gm^2b`z2=hD^tUGBvKxX*cqV5#sy#Q4}al z;cr&(wKZ*kWybE=O(?a0GgU`8Iuo5O{Y1K9DtVzBzjyk^Tw3Nj>S$BDzb7iPRYnC@4;!QA;=OQHs2q00Yfx`FvG88bHP~25%PFiwIaWOOz zE}l@9Z?YIoYyBz^38RnXEN(ds=tcuwcc%S(@&*(#tsM8CZu!*>ETTP?nhF!~ivOr> z2bjauj`E4wCCCI0eQ4Yh5)EYpHhM}+ zLk;}ihLCtt5z+r6n*gi3L#z@LZGj(+I~(WUSJsQ|`uV76-Y;m?5>KT3UM;ryhn7aN zq`|sAvw6Q-YG$WyLR=n1Yr|#4$5YdiBOii|#Px5l-`~gWu(j4R8&lW{re&uZRraP^ zqwPX}WO545)oVP0P5*r`i52$5tHpQrkrv3|Xx2~wpI+QddA2w_BK4@hSSDt}t{mbV za&B8aB}Lg}x039uEIV5zQRK=KhgH1Lkv{M2T9@R!pXs-Sbrn-64n2d?K~7p>&Iddz z2=>>prjSwx{0C(76XHohFk)L4mSN|Qx2~Z^q#r>Qz*zvBvRgkQXAx7;T~1KNk&!PB zQf1mo4r2FOW%{&7 zNFQr)hbEwW)Cf8F)u(1nJoS0tFs!OpKV#Fgy~C~-SxRG}$}sZY2kT%S#Ixn4>rVAt z@B<9=iLvI}kiw4{bJ{UXA5G|zvgWfbOkQ%<5*p^$sh7l8Eh@G!Up`@3nc+29;$96* zv=OupwlWUZ`EIcH9ppGY0;m`znNNLuvD&b57SkUPRut;vgM8!wcOB(h|24ae^4+-c zeGU{`J|Z`JV2l2(GV5KBuw)l;UW@-Q26nuf$8eb&`rnWxN0RK9wEQPI_w8cle104v z-^Bc8lku;~6{~xKz_S^BT~*O5dl!lAMIy4qRKEO_MStA%vUUc+TuJBmfn9;-S z7`^qBPV+M5#Uq}P536mU+~#SuLo!FP1`+G=Ep5BPIVEIHr{h2o>g-LOG%qqhHr6yR z_zzY0C2XdKD)kSb264}EjF+_M&aOsk8np@NKq#+JBO3^UnnbN?HwouJ>T$4jt}K#@+1M`=ex$ zer8wUR3w2t3>-=8?MauD*5|P+bf?wPzRtK+f1B9$#Z_wF`a9utl^zWmSu5y=m=AY7 zi`1N(9vmdw2Vyy?HTffU?9ikBMG>=*BX!+ImHaq2oe1!WcY2=hd1!xEi1n`hx{+0; z<4h+Q%{AkBu!@0|^Q%^#vt2e%8t4kHre`d#n?GwSI-N`_{BwKb$c!{_(CTIs7~X`4 zNSjWYENxiU>u}WV$gLUy86j&|GJhZH&D6nx;sC&M zW9Ck$yuFRn-ka9;=7xs$EsH&01w+hv&JT_K8f5H-uSp?Kmy0DBFwnPuxyfx;hnub8 zHtlcY>uzpw__ha!pNkg8rV5;@Prt1=ThfC3&bTEjee`N=#0W}S?TZe5ywP?)OHp82 zD;8p3R%0mFTvFX44zjqjt1J*4lC)8$^(78)*%A+7Hqmbgue(As~DYj?(v^wA9cIqSyCCKY4l94BB- zJTr!P*w=o6BJELt#kZ{;=YbELsnlZeis$t~;qu~Yo+<0mQ(hH^A9GTC-fq6@Q)^=N z`OVOHpzl!JPFLCC*16K-)|Nd=(4EV`Up+_vas-T=#p?ST8jkfzlHKTUtY zP#oHWd@n*WN*TX@m~$u((~c=jr#_b&K_&9gKvMsE52UOQKG~KeF8Z5R-Uj{-sW#4X z44vs}FAzAFp7;zR4{4OYnki=Y62F`tjx3-i)q`A=g5f6q=X@Ou_2oY;??eyq$~SiW5i{PESQ)z+Zd10v!Day`JYH=Sk1HE+h&?56GV_EM^<8ce zSnKHTPfg2z!rE1u%97S+i$TCRI3>7M(Ze^!Uq)&hH0V9+y=671k>k#)8xLp=s+4*~ zjG6{W8@6kYhqA4wO@>JkAnRx+ZEM!<(rV%i@-cjd8!RWQQ+5icb#VZ{`)?6)UxlLP zJ#cGaakYPM>{Q5p#hfqJIjC3$O80f1o~xR}NVDoCug<7wK$m{VmEggbwzvIu;Grw1 z3itz^8w}(UeU@F)i0qjX)HzrhjvpIvs0SNa8eUWmfrg07;}H{f`f%M5n!dUgTHP+! z74_d!8}+})8&!sbq&P#q1ufoZm?^8pM+iiUQtgL3b)N03jMV!2S4J30#I6{n1Y0oY0bTB%<5j)<^ zRe9|C1aF1ETGp*lN?e}Y?BR5T+$XJd>{+n?g%+MCCx4w3NPJ=n~8hWrJodnsHeP^`)IXP#2QTv~_tF%9EGx(ea!$*9{e2{L*itO(674uGhwo zAfZ1_1&a=Yj^-PrcPv2%k7R>Y5wrX1Fv%Xhp00YV!#V1eqO|y;#H@MP>4F zhUIZeuc(paUtDWTx&u-BI+RoP&QunI&ZXLarE7k;8L!7y-OQ$fLVorFQ-hbN?E6#J zuCrC`tIxd7M>`&DI;U>2J*2%jXpYuaGwn1zCS~RztjukIyrxk&6s>ntB#G@cm zfpnHrL;9RwgOV&Bg+7v5{c?3zw>*sS4R~1L1l5 zO=aFCtNe8k3BD=7BB&8W9dEDXjmfwwv-WR%q%CXX;)7wIIC##~;is4z3hh%?b?R$M z4aT8G)S_d*ipwqS5 zc&Sg(XD_jnX=mL9n}a{>_!-~CJ1Yefp6$v_a)O$R)5H2f-ECS&dxaums)5x%6A1;V zr1@(2dk?oBP%g|pcjdjp99)aqHi&kAHg9z?1)$mgv`c`|s&^tCcud-bIe6^D3=VSn zJ0wqgvJhVYx#wvAmHDG3T3Hm8;Qfu1eM+s+DrTbQQP4RV1uu^_JMBGJksQ#?($){F z-~Bc6g#+F{gxOd76k50oXUAECzc^X>ttJQEkvGQKn_-OI*jh;g(HLyoFST^=otH)XhO>Ol!ZG;9t{|P(v zqa*MJDiiefM{3BA0+Pr*`&>?k#`tR+-3Hk}p5WJx3Xl^e-p^=wRn4zD z$`n=bZ0LtptlSW7OzG#IeLl6W`;r}a*wW2fKkQj+(GVXH83i$oh=A4e3`q4!JSAJqk?-`j|OPNOJshnbiBP+BVHmP~Yhn zk`ux(Z?e@geou;s3tZgGWG-nnaxz#Co?Et<@!&$MEfNnxAE`PR#vUI_R&wy>Vk@4( zp{XL2yGP=Dl88Un(|AEeEB#uC_{ExfK9o2KnUJ%@pP^n`?rpz7KKp={d+a4mU*0e4 zug~80J{3_hr#b}qwYi%)YSKVSXkiQf_l3##tM>;H&60ZJD5sFgi_DG60UIQjMR6d` z+iT1J>fv^nr%#wnpx3x-+*a=AI)@vDXot<~(8Ff*Co?*d2n|Xxr!vh@F`n+%$0B_= zk%M~f&5uX)b|c$RE)Ug`%=Xj!DT*X*74D0Ys)o;c%LIgW(v0>DQMyPrUL{N1`PqEM zjrpng8jvns><3_3sLskfZGHMKB{+fpCoJ4aPoHRX#2)2d{!TfC)YX6JFdLbs@R@$W z&nYKjd`9uFggha|)f|yzo^zn87j)$>Ks?~(mSksf-uq-P6lwxAYQ$9lCJ)%< zCc~JffNs^Du>$NH}AQBu4n@6+e6UpkQwnngVu?~lM z3UIA)eC@8Q#x*sQ*Rf3|W#G*=JzAi7lYW&U64F}W^BpnO<+<9H5$#{0Ir*YNczO)e zDn)_|aX$OtyC&kqi4__FxY$fw+cIu^Vc3aUd7|>fw)v%a$)Ky2(#|h}kp{_uOW>PI zWpwScb~&}e?|#?}R&%A_qy^C3aZkCQ4|z$MkcphN<;%^b!l1ZoEIoW%!CmIeMJzM# zTzXBLT0t)Plr+?Dzsv5oOa*hxFxFR+O98{f7V#!rBn%?#A*d4;X!;!@xU{yj6xAjI z(lqvA+UIx*O1tnZ=T&h@zxp6b_HRb`Ka;ygp<=3O-UiP5_9dT9{Dbk}hKHN`N2WvV}C*^9nOU@WYHrj)W(Y0qsDjs|(UCu!kn1ELe zBv)$jm;s6Up6v=p^5@-g>iXJo#^AV}7CMs6hp%{&PFcT>IW%)1Vd4rIuDu+FR#W5> zX7=&~hpf8kbh51CgtYRbppGuZW$)#wbF9Fx74^p%pg*@-UuNE?C4whduZ3?-IO!!R zn(d!wYWlCg2SEooofF?{wZ%B$Kk{LY>@JCXh2^Lb$OVm`Q-cOPS6x};%ZXmq8;@?> z0{f1Bu(Cs^>zYVso%Kn{0)3T=7osA{TTVwnHKiTThNnML4Fnf`-T&uz8{L(milM!i z!jF6hr+yYvCqu9WO-#k^FUoHf9Km%PI15)m0eEpF!64Q!2tXESD?Fxee z9)etxMU+S_^{Mc+PR-@%oSIgbWGr=?Ws!CI8_D3FNMeI(Ts7M~KGt8upAPDodQciE z_R3sjX-li)M7KvQaG&eDL?|c5Du!2kK{8v6DwsvHAi? z-{qH4?xqq%aZUB(MGGdhsbLf98iCi@-_MSdbFZI}l6RNS95{d@o@O0JN{a-Y-Of;i zyQMZMe(Ht@+kjUlXSP45R};MBbO{wJ76LndqGir|I#6X}pyg3i_;&flL?rFmczeJ@ z`?x&ovPklC+K{n}yvivg)+Iisb{=)S+iKo*LSZlbrSxz_1z=YGqqgc(XX9$FsN~lD z@)pSFzS?o1CSuj3)**e5ePf3!MWM&D+GESLUV9COES6tdRKMeWBJ2$*;-lm}t~L;$ z#%wzUJZpS)?(C}G3*-&rx7pL**{ioKp#@tzXCAFn9>IJLR!H$Shjaxspa$bH-lKOjw@O?xXL_52~V*$ z`Y+Q#sJIEHMRe0LI9=YrUHZEDq32^>8UJv$q#2I+s~U}w>X9yfR7NZ@tSyUAH~09K zY;PMacoeNk}(l4=Q5Q))G~|Kz?v|7i`S(1WKL2SXO+Q)Aw_!qOpF zw`&et?mH8=_T8q$dw57~G8FuOAISy&|0 zX4g}2^|d(I1L@LWwo#$uqBgPo_(yigy)>0z#K z19JN3^qw@sRp2ei@O=84!W5$0#x$x&KbyWR2`1dVo_lK zJyxuNg}HNq-;#a2;LUKePCg-NH!o6W{X$lZ_G#v$*2IfgH>-O;F6U(Wd|Pp&r&q`x z{kYML`i1Mp9Us7T;)DiJR{JLV*%g=U!+y?BIBCI7O6TPFr|y9!18_62;iD<0rrXpN zV*7(b(NM6Zd#)wdEMO&N{J@{#IuTRf5x{NETBLy(t}J6#Npnf_!bJl_QqMH=S)IQ{2;;6>tJDaL58<9JmvQ@JxDjnv#e;B&F|hYY>_a3p0~PP5eN^4NEeI* z_b-?Z6khF*obYAD2_Uh?b6tB;@~l0-n;10GUj@8b1kzoLqt^mphd<(-5v&ibm^!55 z_#Q8#b?6I#YWhz$LO(RtBkH;f1<^h zE1zGkLD_whqg7lBq=Xk(jr7neU%VCo%o-YPIZA2Xl3R z@$;fBaXC9PHfYxx6e#V_oX^>+)IPSLAbcsH7@mftz;sO=48IsA^gwicvsK)-vLF&p zkEj#{%tYt8h6_O*7Yaa`Y-327>G~%IyYRwvuYu*#r4eudg z(y%JOAZd|G+WnZdeKB;Z1Eq;=e4xRMWDu8E)Cu;^hf6KLrtui$Yx{<|qIK$uqpODB zMC8YF#LdeGx}Qzf^&8!(YefwVBwrFdSH)KPIVpBz$TYny?8>t|+b@3pYXo02?!gVO zfa;wCypln=X;{+{r>Ut?%!|77o9RM^pi@ZGiSd)ykDzNxSC-b_MF=J~^~O|J+7s!d z_&>x&0Jp3VG-KgIO;~5GEsnKC4$xc~`S=`Ch|BJLZwPY8wUIu=v0Xx=t;hKeu85KT zeofL}@+kEZv48BX{ARP}+N4xj7ht+`1d+>DlMeJTRk&!-)a~)9HsmR+ViE{<_QQ)C zo}MTX@p0@8JFxZl33?3_NR?DqRPkRsA3uY%70NNWrfv!3w~ic>Eu`NQKe&ckXJQY= zYW6BHyQ`JUHP`iFnN}f+mbWX|pFAcDwJxlyC$8lT>rt+)=fqbb&I@#C|4jFNHZO5w zes`Yh*%bGMNI6ELH!NBx^g84}+w|e|%1|Ct&aKq}x)B@|$ARkJZ43E!)I6&7-fl~h z(sHt8RO)2ybzYvEQTz$G5gDE?@*BS<~#a5Kx&0Yv}vXr|*Y z+-R0}IiON^n)zEKtySwpe*!bZ0Q}|>?J_^A;cPx^dALgA54TXCeqy9rS$+PM?Y zLL8p+VboL@FF;;WqM=!lL#-hVBWgfWI_X8mXpe(o#?&6Bp$8zvu&xwcDKF*zT=g+1 z&_2X0f5qH)K3SH1VuJ#rfb?c7y2NT%Pm=1AT47?i%+9z z3sAEB%9fcaD&gT7f?=A@q^^Kc1Pu&X{ zeQBsut4mQ#(Gm~~D(Y7#t-rLmuk~uBaq!NN1D-n&aZ|xJN=kUK-69G=-?<9|&&S5! z^qT~Kpni-016AE~I6*BZsrGLvQw&GLXkvK6I>2L*<_B~rP<9QwNhhN%nAZzrWrQpI z9Zu@yz;^X2LhOuP_%J5E?9U#okz@8WlDFVD+lhwW9ReEtJWnyYu16o_gxfR~jX-~T`J@@Ag^q$X+`HaNNw5=H#%0UKY zW!Eq1Zofpt;lJ)B&K@zIn^JPvRTwLmVEx}SUq=auiAy}ruMQEMnhGmJ{Y&ooeyr+; zO~yaV3Z>eSy;8NF3s_%@*tW)DWqAu4%4$(0M|OOR=m?zMUYJDub;5Im9~o4bg1itq zCd;7)B|MW|e%`M1?c9Tz(y~AQwVK@rZ%ALi3Ao+SH0v#|UnH=Zd(B*5Zp2t);ss+m4)vga;IUl4(M0OVV<_Wa`nAoD@Mx7FiVZB&qkHT6Uq-K!pD9q4s_Wf6 zYd*KaXCtYn<6mAPJ^0WImLK3}j}grFrK0J{P(PdfsBMcahiD_`_=iE`5hmNi&er&# zv{;UmgpaD@R6%LV@hk=N|NY~lf_*11(313?FhTMfCy{ZnQ^bL)!(Pp``3BV!RxBAet7Pmz+nk1TLwA-+pbym(S|V z4y5c@BH^NZe%hIW+CF~vbiUb;n?8vZ%&$T)?f&;rdd=A8(s;A?H;8}x9}beJfS~;C zJxlLNe)Du_LTmkeIkA0+ALo8CnZbN`Q?sKa7W(Pi^l*540jfPfHM7@ZYLb9PzH)|9 z?jf8p#zjqQIn(&Msnr700|^-Mq5~`gxdN4}h#CPXVc8#*bg>&XyE#&~)g0d6NhX;Z z-&`8KNh@URwM4a}HLi#v-8*}QGEvv#aB8pE_isX9u_ZI9->g5tLWz{mV$3|MT9ZJV zJE`AMe3zM-^TB$Zz$7Dn$4%K+4xswBKV!@N44Kr6>a{1bnAuc_mQD_z!h@MT=HMIcpuv_z#9ZTofnTmX zdUyN8alxujFTlvZ=;5(KlP_BJLvBG4VI~?#%P-T(Z^Elh0n*biU$jbYgXs4AnT zFBl8<(}=zo2YZCcJZMn4MnV5mAYQ{bgeh!!=qu(HFHT7U&~}*Z3M?OyRy{+e=Dw}Z zo#Oc1oypFy_FMiPf0NZeW@Bodbc5DEEB0P{*)f_Fcsq_Wh2yLTRI}#Mm~Y5|ZK_u< z6`0Gco&ZeS&viu{?W5tN|G&F7HPfpXGC^D+m71Y z%$r}p1-&;$z)Fn$mq*S4kv>-C6{n7cz%yoM28B_P#5l(77u0}^SuXa=7k|qX*Kt2m z0501KG6804jxdGdz55$1*Ixnr>dC>4qZNJpQVM=#N{#c$ZzpVQv#Hs*t4Yg!n_4RM zCxuVfoux)Wf$FMh4%9>`t5HxfQ2kn9pk?=$*~rC6M1$hSUb=!Cm}LA{D29m`zh}5p8XZmSM!=+=Oa8SljA-q`>f$d|2SfFHKb2< zc`Cnz-8C^k5ffI%XsnXj~yigt|K)l9ZY+Uc~ zdMZ7-R%Ae^Y5Y`%f9Hnb*qGHGMktsZ{zAqfoRaZaQuAO<=5@O!|I;|5I0JAL$!edR zQ_nAF`wC$#lm+LDB@)GPYv!h+fk2pUYal7F=X9X?NI#^a7-YF-p3Xsj0S{vov2O2S zG?=7wGDWchOHHZUJY(T}l@mb-pv1}Ci2*>7g9{+#(6u^}tyVaGL{s<=S(vid##62- z$6Dv}V*@hygJ3tb8P&#JY6UFWGvDsG5zPM!`fRdq+^c8vD`$8H*+Gldp;3E`J9v+w z-gmus`|D#mWxcT| zQEd5;^6lYF2o$J0d0pObXDxe@BGY7b5F3>R_7+KeGI#QyEwxtL{lx+`rDt=UDbbu4 zi^K8iFQdX?(F(YnRkP5j5e%+<+Qe;3tGoR*e;&5G{f<^DM>cq02mu<2i9M2!z!kyD zxA^V9cJ37-`aCI>t^P^~*Z3?s2coy^g1><=&2Ns z|8sVC&b0?Z-Oa4E4UaK80>Q>?>enh42QghckEgSLxEO$^wSn(f5k-b|5$j8tC0lB2 zhD9Y{)8!MpOBZo6MGxzNzO1PUcJe~apJIg1@+}1;bP!m)!KKjs`}nD#b0e$y8;55e zDX2>L<<+7moYB;@H#XV_ZUnRc{&O(dC(iNN{Nj!IljPigl3hgw#5{kuKF0h?YF)l# zfGP^NklFI6_$^+?-}F|b)zbT*XzQ|U?HMs#Km+tsw*%hXZKeL0UdOwnBz5SgI2br9 zR~WZ$KIv5#B98O-U)*c8&+4nYr7wCc$`H0BJYHHa-l@3C-_SRa`B3nQWuek$*Yd}F z`!Xq($`f*0|bZE;U!Zv86o|jKP`w(63%-??e|fMr*l zSr#pU+6D7CnF1&G9i~70(oz|p;{aZ~aR$5<$G0E4l85yG!+NSD@rn#r6z2Zcu6yZM zkI@Gj4&;LloH8T5X3NG*his7)ly$d;d&XBF6CR^!QXWKAkK8WUSqKCPJeky>bqT0) zC*QxEL00tMZ}?fMm&{Zt5%9dqs;~;U8=!Fc81&CivPmmAn zuBXS8s{t%zvsY-U>-|tHOm|fa>Ao9RY2T}Wv>a%=Zm6x1Mxp-WcHqIMijd&XP+T4X zBi3RSN+;H2DEuY<_m_v#by-t`kW)eZIht4fXRKP`f-STVZTs?f0b3Vs$RTX#6E#e`3ZJdB)!JI z%flKz^>9lfp3Q!4cqnF2*{c>rkI7c`9^SLA=!Fx?HFDi~78fd^nFyn2%Nn>CzpL>` zidn7Z_lliTTy(g6g>CuvTFFuWz-6Vy`D7E2kF}aGUI#rjFBI#EV>xxs4m3L$fV+bt zg=$mu?9m@8^p`UH9%XS8Dx%(vAIc+hHzkM*^%Jg)%mXpB6qXiLR3e#3Nb3(+>>4^; zRNRl1$6O1U_^1+ppfs@4al_aTpgp{vWrz z;vP?enrCVpd1jH>#vkp?p1YlD5s*FN*?*3MWGs|sdVlT2mUp~!0tGEGJ8>4TR7wBl z-O+)Xt1Z}e7lnqiP#4V)@~FhRJ?Ds8dOU1dypzt2tA*3Q}L#g#W7`L z^6-n6`oMF5yYcdps7bJkvdNP8v}S=eoqeC9=g9P0r?&BP%8YKZcDlgi_YrbO+yjbk zJc>-_-nvkq{P_yD2OTUK(DvN^Ibdl+(rpxac>YWScebEcPpc5S7h4d&#}~)1*~Uj% z6xB-8xYI{)fN8m;sk0U?+4SCTdgRFDxmwo6XPcy|l3#nw?_JZ+bof&@t?B`YTGEK+ zT3lmuZXYZ$ckMEh8vQpyW#aQLY=q><{T9P|?Z9RKR4_V-&6$NZ7FR0m-gk|&pHD@cro_InDm)bMZJM*KNH@-Xg8dqoif_|pnY-< zN@(r9<^g<91sAW&^=>F^Q9K^!@E6QhyI*O1$@yeS^Nemuo8QR3c@RNoPNPoQyjdU_ zn58golb6+&Jp?<*Vy%DSC+~n-ruZ&ZZ z%#PnEd~uf3)_wHUC!E|l+uVogpT$K|eY~jmTe!=Z&>;Gz8gb2~SH;Jxmv5V)i19nl z*I`lJan9K&0tP=j(lsh&*f)zHP)9Mff8hz~ftRXwR9`Z(nZ977AnK~jGBs02ZHHv> z0U1k*C#&a9v`)`UDdW)qzVi?p@KTB-z;|L`(6zv5@$)$?{Bu@YYQd8d6#b=cp{l7L zBinOM9&kcOG#QtYyI3e9S?9LYL!SAbT(sShXT+|IxYh%I-Mz589z^C4dTjkiTn`S` zZ>0(ZQ-o@3UnP5gd|HcZ8$)$3-zbF+ksy|lkBN3#sm$E1{cDz_;sFOQS8R7SHSVeS z&mJ=bd8o@Y^o)rOGk^#}OT1u{dter%Fg1>dSij85gto`~?Z6p=ao6i98-tTGk!23I z;TJ6bYmZ}#l>O2#cD555{&h=Qlgfiwtmw&~pF3Sw;2`~|T1VC-Usl&8Ioiundu3i9 z$O=8chc>XckGR_jG8SrHwoI2E42oV{aqq-uj*?i~1!+!h7p36D&*R&FS5!*%`zuV{ z8&Sh{=Dmh^f;cl?UahXJUyGU#(`s?)P@;m`xcz<;Lie;jFqw z2RytOJ_Bm=A~lV-{iO`x^gOIa4=U=j$E2^v&xu7XJN*p`RweU^)4KC*V5SFwF|S-> zekQ2Niy{A7mE?zddIcsY*VV>9h3ySdAP#%)jO$0!`AJKG!5p$j202~|MPJ~PbWeO! zu^<9=>lI3e=GiV(6w?S}BZ|2?(DzT%#a`jf5u2{cOBoW$*|TxT)k^T23iQ@TP$lg?;h(wp4GyZm9evYpV>Z}fB9cU6evzZ zFdqAy^A78H=dy0^$Cx*t|HvN7O@7p5*tzhrFwd#>s0-fO@+*R0{N@`Rd#%{~KXEfW zDox;$htpu?Eqic;y(Q(By0!J^J5?f{=!&laIom>K4xWufLaWPD!w)uNM}DNUnt!z~ zmJZAcomO4U&XFThAL+xI)VlX!p2)2y^YuyUfiFx0-BJO5YpLes1n=^icS^|zvI4bS zuj=`{4t7g&?M$3|ATH=J@Z0{x-n(ILNOQ=U&O7LxjaEyco9RZpu2*<3E4(^u>aQ`^ z0(bkRih?;+H=TUV`k46GU6JVcjaHeQ7H4h8Jq-`#t!g4l3)<4kr?58_j_H&9W6jmg z6{0fmvmF!kMkG2$NHWOpHJZJbXJoq3Y%Al}uyS4ippTA;D(yKp?MA*fjbp_aC>QBrnddLDGht6)!)+8zOs681~(9 zvEFe<_}(TF_dINF$a1<|9r_vBQD&Y8FFfh50r4|^taeX&sbCY^G`~@CY#p4&T^Y%U zPoFcAmlD?T*||+hRZxOI22?3J-`?yLu_Obvpm}%EwPb^Lyh6V9;ht>*O&+7zyqE}$ zh4w)&Xx(zlxM7++VJD^#l~|p{$ZLDbf49sy*%IkD{PQt6V>mMT%{w6fvej#-{aCbG z1k!tNId5Xkb3%^t<)vq1Y$3qQZ6eHh?yFmWUpcYy7CNd`G{e7naC+}#9P2k{LlAE< z3P!aJPqe;sm1NaBoUE_QZZ1@(L9a)MjVVl&g>9xW*7EGfrZE>9C9&e6J^qH~4)X-k zc`f_$pb|ZnqG{Q2sNj;pgV*4jf&1q+Cs z-tPAEN@=?!ikJfSgcU-#@lmGh*^bZBYx|dJ4~bob84GP1dd7O^jrX0l_*W?AZl6#& ziDuvNhF@IZlIY;f=-@}^5&4&00l|({%j%kvyKVgI`ZyIxxwRnjiHo+o60kfcZtN8S z9|8KAuvV-rGP3&FPmHu8*`1`)B5mpUxAmxxUeDjj9T2VZ@Nbk6u!_z21#1uHSx@=S zAB6;AYxad3{U}pEQ(x*M`)QN<-qTr!nMppo-8+f6k0bkmUlpEBtDp;szgEm%Z2o>_ zA@TpU0Dch1oI1B6P{QpF~D-c%on!2GJ#~K;v z+r2zuQv&_EHeZ!&UND1{XpH4gQ}vq6FgR34!TE{>=MH$_&Sfgo*fMZm5|JM6aMl&M zo6~`lz}_;n z|0Lp5H2j!nu-6vFq-Qv=J;}&&^;mE6^RVY(!2i{Z?GNdom6GO{=FRWAoRUZy_`VY# z?*h`JFN!(P9by+QcM@l*Xo8(h0K;%WE&|!J7->`7FAkzMmiKI9A)D_t7 zTBIAxQQ&BgDEDbhsBV7KVV@DcY)xHO@DuAf`BgC{bGHf{mjtAp&^!D&X5LPaST`t= z`Yd-CZHG!7G0{ET^Uq4v^LRA2yOo8V8X_ntt$*?Eg-QBWt*R9w?6p#Z{Y;m3+&Ug+ z`ja2(ddD|AQ~82f?C~Ugj3z!Cd@UI6eUsO%{ed1FwZoV!q25rY zkM=hwA~moT3z7FVuw79O(vnMUpVWX$I~~6igv0~CPe>Xaxx~4w1~5A5&kM1`Yn44Y ziLVu;oPS@GKbo&-spjgKY#GZGlT=^_vS`w0o>=+4KDEMz6qV_^__~1vUGLR!JNZnL zAp1Y#g?_|jsyr@`ejxZ_aYqlF`7=&tb6C3JkT*hnv>1)?VXyRl!8NEdh9(D})=%*l z3#JL7*+#q$nEd8avF`GhMgEdNa>B!pw6i=8-SUDgPcvISd*@ zeA*sLdC@Fa2jcg#!qct`{gm;By2PKm19z`iV0M`x6jg*Dr-WB5lr?@&5TdW<@q>;o zZHw4^(6LoBxAtd9Yw*-C_R8AJ%$fI40@!A&tYPU`pQgy~P)bY8VFUG+v=Cx7DEUhm z_0h)hUELC}0<&76)03 zoNwg`nHyy-44Oi~GLB8ENmDmLFz&#n5sA{`cST3*>H*v*d+y zn7VQOawhJyyEh+$in6>&JUsP-PLM6o(PkyJL_*uBl^rkJ#xo}U#?5v7D=P$mI?%z(mMTyYe^V+IghR;aw)pKRS8q=n#TB70mQn( zJ)3I6q8iJof;k2nFT4Mh5bbm+^j;7UWu374PojCkNO#?PKo4Y=+A)JJKn z>{L~?&OTPz`*HNKG)D(?33~Z-BiP}9{ZA!K!$SVtUkrJ>mhzr5-ie}9?RMo7WFevo6kV2_tiI9$^{rma3CZVF|} zT&dS_e)>10^>1_pr$G9}W%e{|Ri+Qi*`@~tCO3BL5C6(8|}QX<7{*IqE(gv?W5LZeN- z5k$>2W<_F5irqNiMGDvMl*VPyr!;AWHB!`%9etT80Yr;*s3#%{Ra)x3dD6ovf}8;C zv_h%b@|z3rgK>qIsNM_WMsMUIKk-PGkUlw}FIvA+p%mJ{$*=i5JlQf^(7GJ4>0DJC z`({Xh`fAH(T!j_j4ATf1%N5OB61*#5WOwomo~Iq~HN-vK2{C)Js#M$l6yIjNpQNzA zcnfmVE3<{_Vqo|+Km)QEC-zr30R$;?a(9|Y)mx`JfbSSv=Z754t8u^CyYkt0*Dw_7 zC+q@F-K~0&NwTPUM0F7Fob^F8+O%~|f~fV}A_;2ltGUYf;yO1CHqoNl3FTF*Y$Huf zGIQ~hn^Y)oU;-e>l5`9@$s+8);*NYNw_khZSqtkk@^W9t&V;s}krr@*WM2hS2&4FB zb$-MQg$UIH9qV*?F;-$kqilC|31?%s*G@RKgaF3w11@mXZlF&4_zTuQyeczl7fyIf z0n93g2Gb??+k!b1Qyg#2ltFc=hFAAM(D5_pncwJyf58Bp;dGULFv`hivib_xx@=4! z^IV=KBsd|`PFxN4K|e!%HA&+dN$-~H*ahpQL!P4!VerhH{cB!adUT)MJ`#itUR4&u z^~gF)=b*9g%+Zm8lEt7;q=X3Lriy4iF>A-KH|fcy&auqV%pWVP$Zc}YoY;bHGc$as z_l0(6w4~5w)tqXFjmFUEVLboG3##|Q2u26=N#y4C@z!=kI*&bY(=mNw=z{^^ja_H4 ztYW~xOp$QKl$hIM>kV@dX&p0V5sm2B(4;)WGd}HIKdSNx-U<88{Hcet-pfaBw$3nT zIa>Zy>gQ55X8t&GF*=IC@J4#ab`y%|613W%` z=Tdfivq{xYEsm^x*A06nB;=>^gN(ly*9Vlt)V}V!0kJzhz|?Rmr!@rQ#gFTd04i)S z++@k{<><*eQ#bEu?ahhZ2_O#P=yJ~a9P<=WgxltE^d21?NUHS9doGrl3aOcWOn#i& zaa9qN(i->2@o8O(rAT?%g4>10>B6~l_cV57q6g~h)jnNE1wm%y9=3mz+xX8$?8g$- zLsC9fr90Qnm)f#@?+$Pc!O-|d6_9Ty_ zvF5RilE-SDsNEH1A=O_Sggr)dnzDa+2(ZR`0zMY+N1pT2Ui$;b3j*T)u;zvRC+{$_Kx=7WO97 z`nc@Sv9nXRd4{`y&K)|gv7AP};4R($`l`^Y{}rpO=@ISSUzi^)X06UV%LIl%F!JO~ z^=#0{ne&|3OPU#j_96g90}Ril>UwnD^+T2kPa(8QmPNL;)pZWLBvn@YQ=WUfd2O~S zRcTL$%S8rC`SGaa(4nrZwxfuNC$n*uFbVexoBIPZDGt` zeVM15TgWD}uqeA`(gfX2bui=Zz#R8=9Y!8y9X%!4t}h1P`dL5Dk`=j4_niJLv zans$m1FS)PPhlv!SO&E_MVxWQ6zA1U(VV! z{7<~ozb(d5ChK3aKeKrK;D(-yq6F_(CoO>h1=8aCN3y(`VD`EN$pP<$Jen?l`>_AN zwFW1Lc8=wAlm}53`$z#CptJJd6Y#gRs2j}H_FU}Zz+g*)WQdy@DDp4W5Yoc02fzAo z{g(M7j^`>bS~Y@s`OLZj)xmD)ourv@=I*mSV^Ju*yEw_0b4?5>*N5Cz3x=462Jcl0 zI2Eek!V5SDDzz>aKbBTmrDJTy{V2}{Tu;0;jM?YNG$4lByZX!YeA_v-c~lJdTpyI9 z0n#zY|1xLtI9QS&$D;9!A~u^F5cF+qrf)Fp^#)9ESk#>KFHcYThQJ@gD>%GZOUs4; zh}{f(F;FNvPj)hB&NDN<(AATdjs*&MEoHk$Yl?y@9F=z`H&dN|>amE+p&O>~&KMuJhSj2GpEXTY)1?V3&0C6uH4yA? z?iv-i1tXi?YazNAqUTe$)22wj=}H|&;)^)+RJm9ptaX6HjJ-5 zx`${T(j#!k#*8rl9~p{w@7>+GerIQEboUWoFu(8V02F_|?m>JYZ;~zx_-jOZC%&T; zF5zEx)e%B%b6g3ew*41W?vvdh13=Anlz}=`@u{RB>bL%n0Y%KSN$N64iqCxsZ$1DJ zHv#`EhiM4F4JP?y$+6nqp9Zvl?x)^1^FqE2l7FFRd^iwi$swM;DlWe;$EVWY2F>&W zYG#(Mmj)iHszRQ$1{yW}P!9F`Lw?i~a0z`8U7gR-QgU=IX&^C470>xPg@L%^Z1>3U z73l8cheT$Fh04wVzy*x(r zTVLt&&n44l+jBi|hMHyVe>)4N3HT1=BJVBsUUOPk&D@^3;QR1hNl2^b(Yz58xAB z3HF7MhSN@hf+1X5M-hk_0UC1cJ|4bSPhdHp%d|d64v$??fhZAq3f~Hg$|ssS2?)_7 zV*76I0dX;bNA7oG>t59Kl(_XK@L()6@!(>hL{Dc06^e9ZZ zW%r}ZVu|r% zol?bRTvnVchgj~YHHK-h%Ot-vr9 z!V$ojaogE7fg;xsX9zy?qD5+uNz}TTZBjF$_l)SPiSVG!PFlEOy+T=Sio6J=*8o7~ z7viXimlFc(Nq&d6fyGq%=MG^w$x)sg#C9S!X15U^cIj$&iVHRtAKi~piJhkYQ~myW z4{-jgPS^W1FoD8)Buk6cTbH(NIkdk4X-P1Pk>pl4DiAv%|MW4nren0qU+*t;Mde+1 zPJF@5pK(E}p5w2rsWPy2Avz3W8t=0+!cCe9Hx(a0YFe0Ve!bMKA_0~80uLi@I1oAF zrWlg1L`1k!bMjGVkg7I;s*o*Gi;XQ0C0MRV<9CMM#6!@mw*TSw$v=!sInU9jXXG_z z&#m3&ej-7B=(!_j!?5M&)FHHYlqwSjLeQ&YYQG}lD4QGkj>v!lyV>p3h zS^hq8B3Wgz;=cy#{#b=DeQj4wiOfwtvAe-#VQrY>YEd8WA8v~pq4?kLQ>q4CoY_a$$APPo`;xKl>-+{htNeGLUy+pWB>{Ip0G0jN5 z=04dF9T_gng%0e_@M5mF4y{_JiFWlBlCpRNVr7>X`-++7r5UQU?(BAQkP7Q!giqCi ze|9hNxBpDSo!yzygJR-dV`umjK9xHePx6*Sdz#Ne01`)uwcV$&@1Rra%)##TufpTBCIXZcj|z8LJZ?V}29x9!qD80Pc&z z;h1z$rI%B!F07GUfqVNM^SqbY?n{q#L5TabzL?Az_%DjIo_Z1`Esf_F=0NT96Ixem zAJdX2KTt9Z`V{crw8l3+5M)TTMj<`l9rnk6gI{ptWvOTc~xAM)@CQMv!h-WNp7ql`&p77pG+Pba2Z-BR>l z+5$ff$H$3^)SCIG)ts(Hf9>g7>}52ha9k$g=2wM(lY970;0m-&oj1kiuxw{p9ON|j zYx#qRD_s1zhoW`wEAE}mk=3{-7e9uJOqVi7{MKXO*j}Gym=RTJy?67Sz`ZY*$3gw- zIF?Mb>a+EDCF9gUQ@8kv_V1{VpHKyWSW-t?*dMb~7{gH5hBm#s)k@IEbZHVVl!7QM z-HaN|1Oe+ClF4WI0F2rglZDN7L#+A1ZU?|WY$rc(UVMS4t==3VB$so{+^ z_H<$w?dGMsk37XVx^;*>o}64(h$!^(coy4KGlfCiN)jgB;GPsRZ#FGsc7k9Y8U5|? zT%yOX$v1FV#A+pRGU=m9fiVCQP5Rr%Z_bQ=>qx+B-_Ik$T~+?@zBapbEoFR4XuF5t zQ;GZzj!LLmN>cN`U0E8V{)S74Lz9Dk9p~;=h>M|{J|@Cq?w*SSf2R()Fo)%zV;w0L zO>kG?9x;0PV@(@!zOAriz|z@>3+PLwcA~Bw*S23RidP2v$zsT?-zUc#AoFxzBc6kh zAkhA>c<*glc(SlUOyOK|0)b<8vO%6+U>j(X`cJE{&=*;9{BjPTT7F9J9j=lZnv;KC zg%7lzt+oC_wGTIe&##>J1{a>}g)i%EBnGM4UeuYb`IsoOIMA;mWYP168270GDwwcu zUk#`Nu0AQ+UosgskM^0P*3NH2B;~8~XkXWaVdL%jIVSFI4v6(^T$rkm&!&Ks|LuP0 z)PDzg=Rj!)GiQ&1`s|g*f1#J~$GSaG-GRn=U06X(LPf6L^z z0%X6v1c5P^^!U7PKwC%_mml+OJu}$rSKla&(sWNsCKvFQjfu=Dta7EM1xAL~%I!pd zQg{JaeZ$q3oFTlC8NyPtZGxkxSTX>s8=VNJremyO3ta%b-fpP z__Djax6{Kj@>6p;R#R$CNoBM3gMpp6C4J0w-cCL&>Do(4j}Au*>#0I6ZCv?pv@@|r z_4STiICu=GZmQQ7IrSQ4M_lD_d|Sz?L7Tq4-PNco05BO3dbF{Lx^73i^k2}f*%owD zm)dV`EiDKk&|1Z>oQR}bvWGE*#%nq?BVS4}_oUpMGZKFKQFtswLA5w5YNa;k$>=S9 zil3E0BmnS>Huq=hpmkay*ZbA3(sRT^&y)zeQT+JR)1n>nZA2ze=IHe@7l*JIpOJtn z@_>UzN^o9DkN#!e6jd)Tjx{ga1y}FzC6tFJ*_y;Q!F$}@hz?zIE>~P}CAi8lhtYbmID&`R}P0k~GzR#$EUz%Igr;~N( z3yCpwAf{7^~89adgx&o3n)}9~ColOP%tW$H*U!Ka> zjI^1pMDuJj3`5zjg#hM#nkUWAhDM#7ys8uddCw09{y{ofOso0ZQcM;LCc-l2LnQ)b zC|V7+a=KP_73NIY_-Xb(&8vE#DDe8fHnz2Kic$&_gZ)0vzynqKeB{%#kR_a5PxI8! zb{U7Y<}!%c)ODS-z$w&@wud>S-)Bb?wmM$wXu=&6YWa^|S!uE%1{ssdx=YcbbLu)M zvCw|`RmPvbY_*g9*31SgVRj(Ny!LUQ0GwXyyeGC4-4lrZ@miBZj@-TkJ&A^YtaUv) z4U2KlY&TA08gTlP%8W%_y)uqWb}v!RW}w98LCl>T>gWZiijd0c>zQB2-^XCTPM7*@ zO#=enj6IwARpzn;Wk3Ds9CjV}vR3!69OwDIuBpjw7)O0xUag<9zrJaa3QF1Dv~b_I zrTwct^7u$u)Nhn{#aLTkQ>LOsYU{vt`(JG*HyGy$7CGCYDs=QV1fPzm5{3{-vgNyu z6#}IK(9M_&PQcZ#VcCPFeLUzFp2S1bvYGn}XwiJ?z4z9K%Xf_yKP=4T8mc3TjR?|~ zSH6UNRB)klU6k+a2(0Rk&K4(Sg$Zu>Bq;7$_UNFWv1MN9+~0(@gt6nPEf9t(v%x34 zp_=#d?omyuHbM+PW!c-BOiS6mqZh}gz2)Tw8r={qu;o~+x4#4-%%lXArJ>6>6Dwwt zFk0=D9fQ-t#hGhxA9u9BjKT_WaV~b;gRKhVTt*#=kz4t z!tgg;XtHz?H`jI?d+jpqKpkhi0zb!O!gu4jk4=k?U`(z1LGF#N`k{NqlULBxa>+np zWS`5FC|6PO-d9D+WgbzyELb<32Ltk;T`2bTcqUgWzZ=duV|Mk}wMwfMG0~N8RpZ5Wq$odd4CM(D%NJOE{6d3$2D2iSVcAX6=JFlhw%ty>^_ zLQQBbHRD(b|M8q8zxYJ;Od%RhRWiq!#u}pYlTcFfLZM5O<1SmgvAO`xhT0s=AIAhv z;>}NP9~?eO@flK8Q}N&Oqb<}2>b9Qdiy`Q3%Yqr*J3Vc&Vwm!12yzHj+ET=58;3rg zI5pBjkTFt@ry5{WVZc7R=Y0gQ@5K*ue;oN?#G{yP%YRogGN@$`tBcgE9Ba!kh{K3% z`+)d#k#gWtCL03RQf-73ljc-Wv4ThK>n3o$4&CLuB~1OIBmRnNb`CR#W1t0d!i@+? z6`p{RIFZ%tiYoPY+V{s(r2}n^FO56&@&a&4Z%k~zRr~-fJ(z?+O`6*uP3hk7y@wfjs+azY(%?-(jRue*6&lL4U z+nQ9f_4&~@KMAQsbxW{+6)hv6VQ_9X9fBbOYon}lCM+$!!#Xys8A4;_Z%5J3LtoSL z`GY+&;2i_oI5W~KqGk8k;s*%-ol;rqBznZ))A-|bPmre73O@N6i?nyj?qqFp(Kt_N z05@YV)_TP8qewR7yyN8LHbrqCO*_mg8~ezu%3O4l4; zmFVIE_Rx&3kduBjioaqk168o4j6~^c`evg8aj0iOl-0Wijif<~{e_NoX&+{xz|X2P zyb+*%&rVtb0_7e2RO*G?D2Sua%#8_tt5=dC^4&K8_qJgB_2PW6<kF(tF&vNOknzr4D}gXrDs8F_73AZ<=ySB!wBP8jg9d+d5dgEo)y?f>;PEe@GTgI;ar7Qv=pVs=X5x(+l=&5&c^Y*~=gG)RAF6bBS zhZf$REqJSJ7)>|g9OZrd#Dcs>AyVi!6t*$~P?NCeS6Wtt_VQaan~id(0ud`e&+&eF zbfNxKQ%!;t$$W(3@sCW7jZx|jJSX&Va5HnVAE6@jPxR%>X+9k}mAOT2*C4}5f!5Ep z?W+u|rX)5rJ?Nz}`2P$G2(b9HgsQe%!*P~J`6k5m+(?5ImG#1t_HKjmvh`eMjeN)4 z;fu#$wz(MPz=4LYsA$=_y=p5}LLJ6SQd5k%3xNLjQL3>ZRnFI;RU zJ7@TT3cv~zrlGH^@sF*lkwwR5cw~_emZrv;e+-CRdk?yN2hAeg?N9W}bDq34*G(m1^m1gLt( z^EIes7=w*CnGJqZe9Y7jrR+KvHmtpnSC)sYiKgx^&Um@Gb6}^^FY1A8olnJ+cazo= zu+|a+-7QYXDO^A`zjC2YdK{mjM+RTCFQqU8PG9^a3E{)~gvD~yv&-Qk{!0X9uo&%g zDrwVqYAE0kpZJM*EuhcmIfx?f;HlV*FIkB`fSx{TB}&JXhW_sl=xl9N-91@AwuFFu z;v?m#E54+J%QCR|y@Bw!iqCgN6@?$sS{vTlSf_&;^h1{36;mWp9&Mj`{5<=$PW;9* zMTKLZUTLIXMc-OCjS<@-GEpksfm4~~9ISQbbKWXil_{v%k4 z!x-(lK@Z||%k0}1`q{dZSLjy~)UQGcWg(qGU)a;oHC=Q*>E+{+dRH?iTIB+!dtgI5 zptIc~m^oqxpmn7|YE@V_jI|W;-PFEnR$Iq0<+@8FaJ4;==bAlL*0T?Tm4;88SM&Ni z->+w;Y%p0Vn7QK`RmE%Uuy|i=og{xh%1bnrJ?z1H5rtAf?JZ!1l zacI@egt;W~Vjx$+doI@^V-f2BxMBZ|tbjsV$~Wy{822S_;^N~7NV16wdqDsx@&$xf z67dW{utI4L&ld>QG$xQo)nJ6^jA zk<(qdD4y}KU*0wol6=a7%o0bS%rg0i4P%eZoJBJivHTyKZ9x};n=)N3^6LnBOev(# zluzTJFW;C*iZ96=4f^naKO&F4+8%{{cs~}&Tko_c-m*7c7bkxev)qIo4)*fk4i zR%ZuY`!z0e`yjRXB2W#FVSk&xx~xZ7S3lYJAj}f7Frz%ZgdjcdB}2Np;9Tte1?JUHO_PM+gkj9~5nH z{8afVyiuXG;_@(vNlR#~u~VwnH|+l4DyRz#4j5ovvx1MLx8{fUN3i63!i`y)b~M~# zD^Fuc|L^T(+-qLDaTaF|64I?#+Tjnx;VXoCc%z{UM=*T))12$wg=7Mwmm{~H^%!Ix z`TENwX+*$-osQMVba9#3xDE`Z9=Z!S5n_@lyRn2_?mrdf;#rrisczu<=kVP1Z3B7`;0UNagFnWqkY_sd@Z^RC(^xN+SPPZd0F}+blO<{G z%iH_DGZ1TbprY@#_kp-zpqq~dS~(CEd_E;uUC5REGx#gAy2^unixqS4oT%CTi+5D7y8w2<%;N{5&xpwUVs7oV^Jyi(Bt77P9v|s}R$%+X$Tpwn zY1C{9FUMy*USO?@DdinEj1fk7YH!pk_x zJDFu6qb4>cZ%oqfCjLtrNufT-6287|8S)(-Q=IXo&ar?mxci4#tJuFA?gF3wB(kFY zrolo3B%+)NCwS1GnIqt345nHA!N4qAUZon#M|pxMt)(@U@xNe9JS=4{ARFG}uo~a- zaafJXV#GmwThN2cJdHJ+nd_yrLM>M4L3hhAxU%$^Fsh2uW!*FfxsqekFI-Mz7pu88 zzt?;`-k}U&WtpTlG6Wtp`h#@g^843dB{zLz-`52wJys2J%#y&Pk;jZe^f3)ndMY=k zCVhoXw3hcs1J%Y_r)Un^E5?_rqR>oPkcX08_pn57s__h{sm^bp*9sXB+sDw_^tGd4 zfBcJH?i`(!rQiYpDZ%!qNVVru`D*UE;rFQGlA(5UZF{rCiFM3|1q+J>-Qf?GE`;6_ zk5zajTWxSzL+;=TeWq;6vw!H_J|Doh7(=k?F`GKa4Gcxj#<4G%sEOqqGVy-pT;QJ)J^?zci zou&Tl{`2lHTB3dz&TKq%p9Cg)+RP`Kgks_BKu*w(I2aKX9+evy*N;n=ORbARkw8B+h(k$<|Gsrj>2>5MaVA+(#o!`8+0+P zac}>00oX4Zak)<`DjV+!yEmV(xAltimB2Tb1eJH(?~}g~NZ8;fX;mEnzmI%;Mq0Zw z!V$jM-t+FKbj!po!t=iKVrF4m-;QTYI_+$}39Du z&W?aaUfQvI`{OB3Y;de_Y>;RO;rCUjAD6fYvvZOxDq_9?{YN(cTFlfl144Bt`<*yY zAY~#xru4i#bg3%6?b-x%koz|nK^cgRH&~cenK2$MYVkM)Qm3C8I&)}S`{J`UujKL= z4Z<>S5{V7-*L&WlM3o5tO+$x!zS0}3%e@;`f^5AcqzYz zNqW+$tnz8-7#KFhFG}gu#wP+b*e%1G27=q_c48tmD=OoVti5IZ)8hlwpL7{0Ih#K4 zX78K%GKQv=k{1Uo&tp9YnG9tn1MZk7xy4rFs%s(#c`TRg8Wj)tOK0J(%=`PPrD3*n z-UHm-V7vK$4Vs$N7bQ#GSNqT%!}usZK3|YT4@L*-^2CO4S^cU@j+1A1d=Jr4xK5Gg zragxu%(UzJm3#?rG8vZmfg|EeRo2X`iUpI!66$ns@7reZSM#`Jy0)EV#E(smQExo9 zJ73eLnFm*20!8-I8v2Er4t2|v`yrc})4GmQQt*4)oSURb7%$%kqFcG)qceh}W4sKH zMv*Jyu)n64^NJPP?_vZ>?dqQcpBr{ddH0Pqm`3lE^NlT20h`&*ni-VgQ%6(7ISwzPecr? zi-<)ScdeOPL(Cgj6eJYGsR`xjLAKyes-kYUc8aQtw7xV4@{ENX<_TJ=;MSaBZd}Sd zq`sWfbG1++P$O*|D*^#^S^ll!yIWEsGT#16 z7o_L)`A}7=9vpNhf}tq2xnOZd$+$ zd|dQpoTg`dJ;HBKCL+z|We3RrQlyEYU+5|{Zh<(ZC?)aty~j?yyg)^_e&EgvA?8j| zZOc+P4|A-mzAx3m0KBgDmBVxEiL1C*ecRPl0Nc5ro^)YNy5D@<(=*1j^k~l94A(onMR0O1*=Yct9W< zRZrl>5`wjydr{FHP^gHG(PT0&z}pghOCbIA2%1OCecd)x-HRX{qH;yx?`R$E0LOIj zEm_wRqv{T{ng_}r+xS0MuYBP8N(-RyY`VLatFG2lZF80x33`U3z*QezQK#ff69sN+ z%foCQxZ1gY8eX^gz~P*Q_ZN>p*8>v%;{Xzdn+uo9utROK(!S>N3wQ4w^q@+q(cZ`B zp&o%JU;m0!l^;0j`sLNS6%R15Cz(v0P)}FNB>6Pqx%l1~ z&spG8=_RjLc>%*!h-3h;(|v5LF}@H*265GRGE-G?q&DPkMlQ)wu5}W2n zHv|GrXhGT$F0u26*>@!Zcc}WfpVDdrf>A-@V$yILBT~S>b6~-sIaWBO{(HD*&GHn` zT}Z@|BWX6WzLiG5SEIJ_4l(t8`+Hs0ry#yjIggQReg-KlA)^Kw1^Pv&tIG#tb8_@* zHo0n$=VA)gY>rCM8+FRG<=g4*Gk6J~6!rqVfd!ZfeV&XjW^66pHsDZ>+)0+p0y;4s zhObriM%q&2^~ll^VE4r#3@la$);(X163*$Zdv}s)IX?xo7K+hB{N<%-mVESawe%wc-+-9vB~u@_gwP)!l!U*DWXLZpBU5p%g-2w zd0T1yD+z0r)q)E()%=bH@@4Bw_?TnGO#Ex*{_5nVC+wD^$P2IBM;MyxjfJHG>hYDw zj&fyA60|VevEMVfJG7DdJTgE<*yL)ID$fyzHC5adDg+#SYL~)^b(nFe60mzZ@W_6EjrHAr#C)r4hizBjer0Js@3QA6uL zenn)7VGd^mj}wlVK*G7f1d!{$rUSmxi@h*9ULlF82~4Zn7i-F>sfMjvV$ zHHv@E2=2m#t>I5nWI0Dy=^Z5Z0Y9X$)P2>`w6|O(YGqbLj%nqXvjX*{r0ETxEmY@Z zqw6v`87uPIb5*W9MXBD_F?Q*`@8<6GTJQ7*0J89-we36^Refo%%_1smek_$rQ+Jg2 zb2alk;jm%uOPwIcgwp5iZ{zCZ3-T5tzP{jSLg=SVs3&NRkr zy|s>;LDX^9o60!zqu#ce9i7dOxnL)IE7QVZ{>f}v(wpH99gAh$=vMxB$ahA@X8{lu zvuy@5n%*dQdt{Z1iTw+?^%s4V$E?v?r#gO#M?-b z6;EF+HaK9fjPp6UlC#0P2ao@aYOA|vYguFSx~a@}VY%?GT{I&~W~mPsm-rt*cy&30 zTYkXN_EvGsU{sxOR}o6#aAbdDJ4r+Q@S7yO3t(+WxicE)%iP(|U94FZGSBcYM&MNW z)l@bo3Nnt{Ekaj{*9!r(3>nH2)r#cUgJTVkNQT#<8;@&VCnbP#-S*pGiXyAK)KG`T z`x3%05U;gKZe{=##Y{PVkk$V)DoRqDd#jO8pq;CJL9J(Q(8dfh#YOGE`kG#TE66LXK48| zieS?IZlqa6%4wpK+HOeFaQOV|t}2V@r{1ht=s{42t!b-sLHZP+{NO z{i(@rF2s)3xZrR7kV8*^LGyZKbE0m{irP?Ijj125c9%BTRrBVoUD^^opKz@E4EMP4 zACs7TZPpEB0nrs{d#RI6Wbb_WGi0-_-$!hH9P$|i91o6l1>JlQjyG0c(f00i*2JD2 znPjv~)!RSHGX5uKP)T^F_nfGkjEX;y&!HzE*=o&Y;8C(tM0DULFc7+%#n8XzdtU_# zUHgTQR9L`CZTERG%%FuYyjqCF36AQ%8fB<#>9#lcqsK^CbMkY91XPJwQz3EnJQ>|tohydmgrGI zNWc;v1Wr?1jsOfxTj(S|V;zdh zFKq9?;;uAV#zv-48AjISt9i#C(EJjfU;C1ZgIi4qj)O_VRl{z}0P;6@EdjQxxtL!6 z?gCMbAbGnaC-}otjx)3KY2D%vU_k`Ef2^htVG5D0u|Q zz<047O^W$3dm7?jw8c_s~(=dnJyE=acgz@cu_1cvsY+E6ouy@QbXcK(%ne~hBFwJT++szq*vp*Y=d_c;Yxei{ekTY0SjIE{n~b)x5nn| z&Up%G%+00FIr|s3NL!py)s*nB`ZQVQKB0Xy*}q?E$dq1TN;|dH)xYsO$SxK5+vCH6 zvw}sMLZ+lUf+2!R^YyHAnD!P0_|SDq(C%$Z<0kYy>AwDKdKQ-+s9}M1wzbnS7nRa%OV~8b0IC* z8Z~x9^kl~ecd3S2mE`8@7|YbNN$_Hd`4D(+`W>%7KVFN&)&Lb2V59=ewZ)w6TPA+V z8tl1Y_)f|`+5elM*KX_UN@IUPB?fIzAMJ@7_VVo7?D#0H&Y&@z(khPI0c)IiMDTZdw`L=ae!puq%t~<;`BVr&)!*g+(EVp*+syV-7Bs} ziD?0Ik18qK-jf^Cs^&yByU*?f?Lgz*fe}NBZTJZ>kj2t_HGokP;~GcFH5a!YR}KyDSMt3(_dOrwJ75`yRPi86 z-#FIWUEH6(_j{5@?67U>#z(DgWn1d!!tGqDDlxN!iwF<>;c1Lyt7F@JhLItcEc-Pf z+i`^DSL64#L)j&~o5%BY;oEL%{YwmAHiGv5vjCp?QkwE(eSK|9BXCzHHT)w=NVK?5 zdm&Bdv^uo51E5P!(|uD}X2PCR+Z);)D@Tg*%$+HHfe#;3M&PBe<8K20THTwGp=y^u`HgrPz zWXa(!3L3p3O)?}WY+|T-s`p^b{c|u7jVe9-sT$VnrB$GbR4ux~S|TOL8Y|AWtHkBs zCHjv}LOmRws6C@}k+Vy0#;H}Htd?nADghlT_#9Z_Q=cb4#=Lxoii=Z=n5gK&wvS(3 z8XdYN*-z!D@09tI`237Qz$pCky&A-F0&uY_kxyywqtfih<%C!nbX}(;aV*&+c?}J! z56AJs_11GH?n-Sc+cBKw4_Kc!=#il27vuyi)y%1$+I+tm<4a_LJkOD*`koMCV#liX z-jA%>0zxOY+5P0Ek-1;=R+{1gvj*;cdpDQKaLVd-mcP;M@fU&OM+53r=7+WKvH$RB z?!AVMu1QG7`quG;C^i2)KO^Da`14UiF08O6_x!{!nWUe96Te+bnq|B2D=OAyZY!Xs zc$KENB~nWbENpID?F*jUoM*7Nkcuawl#Ur9U)*o0D>xA%hs*s0)D-lbuj= zTc+fRKcg*CS7XTNeR$st+Zd*LWwiK8QmD_GI4AGoa$Vd@8^*q=!+IQR^`)rxEQRbk zj`oYM6=Po%$pd0!h`!|hxj|-boVI#>f%x>)d__VZ=R}wRcxGt zV+&=|{F&8Ey$RNn{m2v*v7^wy~pji zF1x)sEBf-UeixC8af{o?oVEZfHda&1-Otk#vno!Eek#||@G7m2sg$&aW~bV~OC11j zLX8Rdk%erA*0}?PUA4t;!=FbhsJ*iiujCK7xK^?bvPd6-m|8XRsKq1`#gc&ZV^Eiu zL`Qx9He`DFTi))P4nAlaYPQKJp#n5ca;me_cswn9@N4c_>eX7YsU9HPC>M9QP101m z-OnX-P?VYl+5sk5lzNiVO#58;#@QKNM%(=hW5#d$?^CJ6C9e^ z@efn#1K5KRbh1U9)%v4#4%J}xjT2z?xbJSHiT2zpOVX$|k#(hwtbMepmbdj=(6-0srPALnk_i z=3Tcmy{$kAyBx-m*U$4W=A=JB1%MFu@k0>{DyIp?%~+T}MgOgp8eUYS{jzUHiyW)e z-y<|1q*W7X>bvI%Uj+)Z4ua=0Pu&l_s8^DxDGUM`W*CnS(8P5o1R9L(25CDW?fEQo zLmA^l-~2w#55WFLq0of_>f6(jKM=D3WVlfGqjr<)WY4tUy3G)qyx>`Rb^n1J_X?pD zaXY#Y)+J6A`N>JWZ`grTiQa*4{5NhkfypLgF#lCaB}8`L0fYbuG9JXYtf&2ul=W7T zHn!?s6#98Z(`U#7MK4Vw7QjL9T3-{0LXeQ(5evR!B4Z>FozD=+3=c2td!6xc7^ZZu zj}fm74c!9_O`l3_ystaV!ZFro)A(24b*UA4m3-`K8>`ePG*WO! z0e)3}RfscV9!?0TUTp0DWPJ>9)J4xP+x-$6F!rv@pd}dO8}OLq@XaiTE3nh(*m~AO z{$h47^`=wH+|$Xx`Ylmu^QP!vjxXw*hgQvEygoTxH1-&UsV(G;NR{Z0+Y%xK-^fFo zAf0;WB(rZ@1f5#dewmw~M4giVTq(eCBwtR~ZkusVj>+M+AMl_g^~O4`HEAM>>`ibD z%EPl(Z0|JPZQ@pZ<7-fyy6>KEE@q4q6z(}({qSHsy1#;iQrd+UBm+G9dR6%0JCDh9 zJfygsriDI0PV#@2OWx)4!~4_Iy?NfDiUaT>*Pzxd3UZynng!!vvP`Dp$SFyQJ7-i< zx)G8kJ6p>JxZu9@SdK`N_<%sGnEa`kW7%HSH5&uy!3zW!~5CzbT3mf-6m*QKQ)rThQAO#l1& zV`D+s_tnKnC6TX*}H{v3=;#Tf6Taco#Rm(yl2(94b z>thKFI)NM^X5JpsgmCEE4mzLy_(Y6vk??+B?oc>UmogNQFDr62RO)-iN}%H@Pd25& zppX2gDcRwnLzYMN1kv?Uxr)m%`D$_WxVH^*L(%AAAnREB<$qu|US}l#;m0dYxfnX+ z<^7?IsOUV+w$tAC%*}~{5rk`sD%bSvlOB-WD~VQklM48F&VO#k2RQ6C^Kaz0bkSNSrhizO`+EFn{DH|I$Y(UC`h?4EYb{m*8#D6KW*3s_8mAB9BBSUM zak;Q8L+ho2_o?IBJUZPvl54)zS7>DLbOCkDM%6Xt@ zZ0iB#^`FG zSAoj=a`cioBp^XG%K%$WVh^&dpT@dET>ZN^r7GCckO4zi2ph!B z;=VMC79I$+o)rH`sD_~Yen@9*O&{8QqZXKMwl@9ClY_yASZ+Z_9Xx zeGt(7d~DL+6h?}adJDr+&q0vbl?S3bH~gVv^m)IyxV>g$-{w~;?sMS;=570gt@%@Z;r0AD7r{gfL9_U1>FMNgGpCj& z5JdQW_~ss>FUyg4&@j4jZa=jt5m)o>#6r>^b?k{kh1+`gSYntuHK6;&gL5>epWORO z3Ip991ZS(JsSa~#`!;CFzABmyTjL_Ym}b5qtt{$^Q@m@U){(KPTx}X_?`A^YMm8{1 zFCcMlG%*#m4c-Mr{!^a>P0QJTzQ~4r$mUVl_b+w7yUo>a-3#xR(pJJo`tLWy89|iZ*Nzqngt?_-=&x4Ii>`amtgoC_2+3}R zC%~wyPG)UvlV+IkErcyoapgu$Q;>|Rp-;gS%YdE~iwheI>J!cby+<%Qs3d3b`1_JDDgJ%=E0gS#13Uv_T<4)O%-io(aV% z-uEVdK&VjK#Lx#}oB}{wsC!3HJWd_k`<8-!>o()f&)FAp%n*jbAE8$B(cans-Ojx+ zTZaZm6db3ixhYA9`szWo@{%q$=Uy&CL-8)0eX*xf5eFHTY?C=>vz><3{}LtP?}hPZ zYXDt{dKBUStu^pLuLM3wNmej;SV_kG@sjM9tW@Ak*2yrXqOOl>6hbWPjtQci%@K=$ z>-u+~Cf34V>;rJqgnB>Or__5XmPwLHZO7FtKtg-j#gK+I>59C813FL9jm0%yO`n#+ ze&}1?zG&WilUo*uS?=c#5UXExc)##)eaiozaXH5A`S6+Uz%j$)XoExY+z}gD#C5!8Xj7+7Bb+}mo>%BM^ zixS1LNVoAzPCmVZ6@PS%J;S&Z)o^-Vd-jlc6zqpFY<`A>r1UqTlBdYqTjMLDijw1C zrYmz6FQ>ymNwMHGE+1-(#q930DUiq_2Jt{m-6HP~AE+?m(<@qu@`)_wKc^+A6sbG>{ z^AVilhjL@c@0NxPi-)^*f}elJ?sBIf5k8nMzHHqkmvM3|dMt05piML&4b?YIr=yXs z06{d*ZxlaI1OGdQ?$1aDi3ty9FV>3CZ` zB=iq`(zEy!ZhZlihA^k^o5=MReoJjia&|Rt@V#dTN1e3yay{y$mb8q#B4{eO`+5ZFF+0d~9Fc;~ z6S2Wpx309k?kk_G6l{r}gj!ZC)(m;(QI81#@|v%mVRwUCxnd)hleuO z8Y>p_<1B2bdpWVk!GFi!!A?XAN`Y*g86S(t%liIb!H`__J5Hx^J7eZQef96c5UVgt zpxdQTw@a#(_*J$}JqMe!<1;P??#9g@jOdotjDbt(lr0t4p_4D1_I zRje^?(^z|o=Q#Rrm%iUPIGx?I`54#1*%_QS2raL1n@}aPFF3^bPFOXv%?k)ZnO$Q} zw&*|pW|rYrKGs;S+HEgRInuqm1)G-z@0RyHgc|-oNDS8ICM4=(oTPaxpYAD@ln=!M z$%(BL?@-Gs0=^#L=k7zVU;UVz?Y@ z9Oy~h=49cQ1$5e$uKoAP&89DgLe@X&0o_ZG=azsdBZ&O9$n@j3zGp5;Y+J-<^HUma zu@U)k9QP>e`E9QJo)0-UD@!#Ig^1kE)mYM8N#NGRa*;Y<>MUt9!TEeuRn&GO7S`wTri4e?&N#D=Zd$~2Y7cTwt@tUD++(OB+OXD;#ZulIP1_o zTe}Ccyv72Rq_D)1TN5pEF)0vDV|0My4Hg4HQ)6MVo1?|%1YIdu$UI-LSd$y|^FH-E z^${BRf0mq$JlX~gQM?g_45zE9d2Et*_j$nP*we{Ze|QUtUSOQxRU>{ysaLaostoVk zYGh|xv8>yPHfsyTaD`N67h%Pe-r;(JR5kg?ih+m$x2%0_#ZHdu5P?w(8wat#uQ!sH zB>&A4=6XoZlKT2t8y5v7#-1nEn0pweCRHhLu}mYpeO`AveHZZtd9VBFzMx#@Vwm}h zM&BoU5Smc|dLnsdmzo7^k+`e&W@8j}{!*L_BY zeZD?~;Quy>jXw!R@&nSF{0D~W7=f92M&6%c2K?h=q2Uygrg;ByXR}MY%X|#lu1Qz| zu%^3_FO&#+>e^#-N_J;O&gN>X2XmW5&Aa|Sp^@fL8}OwQG4e;jfL7<9VdWGsxtg1P z@IO_8+s!4+8q&Hn#`xD+&Pioh4?#LP*n7LzrwQxhF-QOT?`%Fb0)qp`$9t zMLiIsiZzqYe(0p&rYCRM1CxD>K0d849Iu$yQuxlX>F?w}XFCDyiP!-Sa)ImrSJM5=`fvqj3vK!$k_aU=sQYvb++i{QHZ|9P4_k95+#o zQ`WBpRSXe~2rsY}9fLFoN7L)us?y8J&DF+Lh!DTEqVT|P|JAgP?53=6NwaoY$N$eohXEg$0LBzTAiYE886)RJ*+^?tMD*rw=D{=Sw(%^H%vy1gTctv*w( z-m$}?I zm&;^z-O5SCoEh}8Llx-vhtks9%w|S`>Fvp`VxmozmF-C&vnUC`NV)D0*IDKy#I!$i{>r5`)^xROby>Ro0G;^rMPoCZS!N;Zz8!p5$Q#t*!Eb#bCw>rZ#9vp;i%88_?*7md$`oasf0vQW zG$E=npRA@6Hqtw0wlDPpE;$@R@xr==4o;7MlZGY?g0+bavqcLEOfe#iGgBO9+=~d_U$vDxkA&$y zBxx+Z)40QVU%BT^Kfdjv{@@+_LjFqWhnH@a#I*aZ?n;=S10VuaPU>Nxy2j6;!|P0i zhP5(RyPr^+pBg63acL-$|0>98()8V6d}{&>@b*BZR21oLifE!N8^f2pYW?MY zdO-yhY5D5Endo2XJRv?1Q$Jnrt&B<3<*EDW$}{DXkYWoGI3Ayp-H_h1H18Jtk>YWq z&OqNx|KuO)WQO=VmQ$Q4Dmhw^>|4h5t6&t|<4>)D4}mM1W}xjRz2gBBW85!zc{Tp* zz|SV)ui;etDdX;FuV($FpEYg;t3HJ(>i8Cy(C;X)50n3+z;z%efa|(}4U~W zK83t^%3qSm!ne2-RT^?@v4czMzW03S0m;F}YT_wU*i8NLFNt6(FTd_#$bMPrVc01dN&QxPx79-s`ngTWb$3t8XF~&GaZ*%| z7@KnL3fkjVr82Pg^*hA?FT;Ht6X0>{s}6!Ff`4Pf#3E)(oZ514^&!%_(LY?|E{v=# z^{gV}H)AEC#Egr5B*Q{_UgG5HIYCH!C5jgBN_l>c>3UUPlWPycM3a5t8kR9=^iBbW$nM6RrWI=prcLU%(hoeDx1?zW}SfN zO1b-6H@niL=?~(-ObB~CMLmq*!p&%y`QM5RwGR)dQs?WpDSf8C;yBG;BE<`hVIrig z??2&^7O48VFwa7I&>)uaXNh$ci7RI={S=`7fXHJpvm{$D#3e|f=$pg^M!l7@eX*G% z!DzHO3;D_-O_)<;N;`13b)+iw@c@{YL%x-@N`6@a&*4z4Y@x7G{4ry5#)#n;UFA5m z9icuhnOlJ4@;!qr1!J+o8tW{hplQU23svxF6 zqg(7(wcSasfhKz-IH~W=3XvpIsYVQ5QamLln}lbuoInvNby4ecJ)<$M*_TQtvIi;v z56PCcx)fDZ2~4byQ7w zSCMJszDGTU5%O{1`S|%oUQ_0ughK(@7Y%mcEM+J9*{6oJjm*iY%LaE z)U^QxWdW+I+tYE);DvWvHLm5^XK3nY>ZDN5H(t1s3_s@||zpRTuAL>~4 zAg@juPX37~+hT)QbkR0$XB++1KM3fnpD?jUQg?PZIa%Cy^fc#x9=DL7Gtx}PSgkKQ zh?gag^M-7fx5}gTNuCT%GXpfzB#)uhNC~$s>yT7@PvG{@KLOd9GI=()XntC@z!=WT zCxA*UvN|;(qC-HpGLiXenDv38UcWx-!7vPrQRc@hUQq*C&Zk|JPWWBvy4Eq+2kNLR zJ@U-a1d(UVQC(9VZ83@6o1m9;)~hXC^Y>&OuK+Ku?j(#_dI%m+F!LS4@u8dH^lgE_ zzeL~IS^Ges@}aoxk`G<`o3l+^D?F#Cx)tx%tQ%+NyopmmILzyY!zv!CZRwHHPkD8F zpa&=WHZQx*Orsm|a@?oPbvg}k$t#HThv6FHgpv|p%l*ycr<*l%o$hixpFXv^Eb9HL zL&R2LIUBX+0xGPK4ixZcbZ2$E(G0F~DRtXzRdlKqG zMZ$(gI+YLDTFOSpWP?WqqKROcRs$-Bd{MV<94mV+O)t*{J@KrlF-kW>ZNe&(WQ`AR z>}6j}n3n{j$IG;4w?LwG#nQb0KT-{U2Z=JEYCBW;0-Wz}Ha{yI>6M|5daR*?9;r6J zVIyRJ8p?15GP`U%w$;spJ%8N8sXcXD^TY(n_mgjttIqm2j|HY<6mxR<(UQnT7Z2Ti z6+=>lHzC7=_-pSH^~fo%$MhPjf_)JJ(n<^CJuPK9WJld$kj}0O^foq0`6|)jne=73 z&rH{g(QXg6yYi;A%GOFMcIa%-_d}@)vg!IMyX84!f_1AtS7uc+1bX{AbvNIWq(AFj zRzw_LNS<>|&4{q>CAUBCeYg)(Y(Lf0^Duu75oR^HHob?xJ=eriJOmvYG->X9@w8Ho zvkH8%$xO0l#=Dv{2*+aVPi}5j?eNPcB)iYFF(DIQ4>-+qHFjluX&Kng>Jz^$Y;>BL z^vdqOIWhl*osKeeu_H2z1%YVBlEmhYbkCTI-Zg5=A__{Y?>pc_R6a^|Xr|l0$2#wI z@@*5_1gZypf{k-zy~^q8 zpVO�!omU3*^u9m*5_7%GqNSuzU_?@yFlqPf zsIwK`eUZM06F>u}3HionFKzG8r^USxL^OB3H2s=P*57r1o{$?q$Oc-r1;LKN4Vtez ziLqY#**nnTr_?|Wg)}Uf_wg#q2_fyzN$8q=B;o~j+Ctz+@oq<4vvq6N{g|j1oolFD zM?6%FA{)o>dPKyZ{gQjY(N>_D5@D$Zh{{va;Rts8EtSs_)tEM5d(^WGS~H-EeGhNFJJ)y}5~Y5GlWJt1c&8hbUZ$Nt*jVZY(Ssz&6chT3?y zQbaVHsompOTSvvL%!ct(p#jN^QFtA9G9!5B4^g<2a4cBs^+NHj*U+_R|a|nf9(Jz_{vMX-i ze7DN&yOhst+B#qtVes1|y)pZ*#coDA;#N@N?2TrqN4Lv5(d z)i1MxxeYVU3Pp!3vDBeoAMs95^qxrAcZ|H4m(Ez9Rwp&<8- zR6KJGM2M2Pr+U6j__q^k>Cw{ReCBCQWikGNeREkeZFY8zYsqQfhmZzTa%FR;5|`IT z|LE~mM?|#mJoNAKv;Hx;p@#FHx-F6thDP#d9yc?UKEuILcuk1p zi~NUu)k7Q8zN642F@kj@s&SfuByVQ2-vQjAv-gbLK?jJ=JWqjg+-^1yvW; zoFabmPC`a{H3@(ud_-tLEDzF8_px(_ zwe1@?7mEHxyEai(3yglyJARt&B;6Fl$w){rjvJ*VbcNrvmoQOm!pUaL-mJU_P93tG z);bF~phC3NKGpW7ByT2Sku(>afNJ28Rl7@omV=W%e}-AsG7}%H9&yr%;SlYzXLuFB z4OWMT^$vlrqV3r`ixWmS9I9Dvl81qyGghJFYqOSiL_bAd-6bA$%a{GaS?Ug*py5M>ee->RqsU++~k*)@{2P>!g+6 z=|s%<%36qmLh>xdBuKb9F}$P)=E=6Qv+3!O1B(Ok2itj!+k&5)ZtoLE|Q8a zb#D<~Gb$mBtlr*k8N!GHhZhw1?jQjodXF!6zOH`v z8iA_SO=sZSQowVeN0U0wQQ=3|{b2EmH=M`4Eym}LkKh*dvP$BY%{{d9Ub(H%hUPJ+%j(k+YuQP2aSg)77YIp|XohzRn+fHHrMp z9uTh1U-rN7xJaelY^NV})=2>yF7XcF0Wh~q^o0U{L-RlAbn}?8c~@zhppJP|+Zu{Q35WpoYY(9U$ zn+sQup}=(@Z)?5ycaA@DpZbM`Yd}+hlYki^q}obnvHTzC)nw&E-5&mA_Umth^Xk2{ zNlS)m|PC`_0|uCFLDTdT{|Dx#U{inGJxJZuXJ_yP*4DN ztx4!l!t-jY3yAfts~2VGVJ~iQc1qSvy-_JcKM{~aM=CsnrmOfBW-t{eI=A7b+;hRe~Pe=ndpCGK3Pee{*;c5R!P}en`&lX{x?HQ*!b4~-DC0E+t z2TY%Zm~|>6=Rd2db1Cq&dFI_;oufGc!hbnc+mOL?9O1<`ra@a{;aXvkWojrolG}a{caau^OQxqJ8@ytb_bWaHbkGEP0 z((ZTF@2~VZ4GU?-Ifr-KM7;2?hD4b@>qx*pz%S=$pSe{U!)$Yh$sCoQy+h|vnCP+fUc z*1bfDr9lh@44eceL`shje`^66I_b3D6HTGIwNyv>0UgUX{7BL<1-_2?Z8iFPwS2R& zUN!#Ud1%1=Z`8IJJJDORYL2J%+>!s#f(&xB34`@=m@&-{T;VRthgQ%{7R9N#*f7~= zJO@{hi|W0W^&g!WW2xWckC73ih@duRv21P${z*fc`c4!Ld61cg*F<#wDs(wykr?OH=gCacwgfz{$<)*K14_FHj6g!&bjNr zawJZd+na7w;)3Hv7hcRhNk0Quv%0n-5|@_#St^!l z=ZO`!a|%Uc;H9qz(XXPLAfDrM%|CUen@1cp27wUh76U_tri0P?8n`Zw9$RMV)>TQE zd5*5jTXncFHB}bebbQ&FH$g@RGq8+a7t};h#dBAa@ikR2B-4RDcUrqeoj+Kh3B3Jl z1?z!m*Tx(22i#=i8o zqnz|rDT0_?;vEl8_(PRGcxl;VF%(EX7|;9WVrGwJw-u;n`g^UcouAlLXl8(_QTX; z>(@IF|4DtmSLHkBoQB7Y@9cZGC59Dfu#ownrO`(l#gosT8cTz^|44LrGqYiH{!DyR zulW~HO&4TrbR5(Tc3CTk<+fmfLVzV${SDnxth(@CoBjhe(X1sGp7go+rw>PB+1uY{ zC;J}O4@tCpo|{?MYS860xniqK2OD2TY{1PYX!B>m^TPjR`=1Y|y?bYDK{mE)Y2lI$ zw~PBc0`B4S_0M4e#J63ee8f!x#HPC+9B;L+GM{Q zYsSPvQg)*bAaivj70U-H_+%5aTE$#<#2IF~M3i-bpM_IN%Up1_f%?_O6aSHuQ|#>w z>c@%f2CRg%CaTb}EaCczQ?x}??L~0PP=opsN7(C%QN`RC6_-_oUTt`96c|o>Mr-J7w8rj z5YEmpl1)Yf_}FgBM#MvQ>hJ6d-Dog;>AWtf`*QMLiEV-Xql(c1#$f?g_3tCoYjM7B zG-ExFb&9RK-&y8Qc<32v{))ii5RopfLFMM|D>=tILYv>oF{2r&qJGbymfI7`iR4Fq zbYY^X<=j7#w#H(oG}{tKp9233x@Uz`K!K`jmQ4Muj)AU|MY)>u#4q~b z?B(J%>{aIw);g+(i5{A>`&hngeB&PTG9AoWeF2yjuHrrSg=&F+mf%wOT^&?6}qQE-N(;g(S&)VEu&1nP2JZ zc8L`3^}?v{s^CAL_1%3I9W_2<)Mq({%1uhgP;lx{FnaX&^jBVY8n;!f6hhcd4=j$5 zg>Hg91WS6|KY(hT3af0C3det18VcOpb7tjQl=@<9j+=)ADt9AF`_)njoa7!!^eoSd zpBc$2ofWfAn7JFUj~f_)fIvvv=EVv6j+wZN?hC(|N~0lXG|Y%hNLAnq#5u96i*o8K zKVIIi7he#~bLMQe$%w$nt~d5)JR}_%mHlB}OZbGqhpCQL6N_=}jDB z+@0+Q=~I2H0`c6w5S6S7d_HS)HqfF5Ry+UV^gg#>pM*zq2NPFgjCRoF zxE=fr@*gCbb9Q*p8H1-?-^fh|z_Ea1#xV&mwe(oMY&USkrc=E)ikWA5s{+0m z&!u{ryP|hNe7f-Cv3`9v3398>T5J)zTl8~qZrnqCAxvk~649&SXfzmMtPmMCUK4is zA>2GGyA~+9<4+d`>0VM53|oe6%o*L<3e$|YH?K~a8Vt+0eMA0E&0+^_PlOR3L==^* zJ}Q9ZW2^p<-7tgo^^6Fp1A5;}9B=k`<>u%BiI^ohhxd%3D{7%AR;99jJmcl&0eOGp zO!lkMeAh5l2u}3x2(R~x#1QZm$)9Z=hDD<^^a>?J5@u>lN07~g;a*5`;2rYUmpsSg zo>9a4bysk~=qMD*Xbu4)mS&&exHdD?$KC6UJC$xTUzvqRvmf%NxImUx{Gb5y%4@Cn zLnrGCZ>_ozkmriC8FnH+Iqr_oA1+J7*ebt`i0Z7&~px zj-@JEXXWtk9^FWFy>v7R@7>o7U~o>#;kQo1b7@a^0muovA_gf8PslEcX2dDHlzGL& zbYk_0yqXHpZD5dJH=B{nJ0kmuYe{#e-?wo&{>2~J>;Et2haBARCZPon*Ca_Z<5LFTfywxrtp9~_3m^H zFFQDUl=%w!{&V@oQ42npVB!?VBI_~c0giF6QvoZt9m%XGub{-g29i?>v)+GhXu zr{kEV-?cyX2YxYTd-u5F5`E2`zMzfT4Gj>ci+;-NrxUV-o%=P_Hv#=AWv2Jw$|D5Y z^fliUM@3JAX3vdq!pzb8u7ZsuNw(FH{c@7xz45Gzmnn{QpIgV9kj6YQ!?cd;ls^CZ zx=v|C5X>uWyeT#6UnRc4)VFVvqh!or!BB2P+xn~i%!*YFw#C4w>*%_~x>t92{@={B z#)NOak4{)b>*r5_tL9r)eQzCHjEa(Mz+Nc71FO$hies%qI+9q=^WYuvzRw2kL)NFp zn$&kE34c<(77cStwpp)o5s@ah&?NQ>EM*iuVT48$X7P&-IDD>LWpv<(|)0`9Gr zWQ&gI0k=_%PW?YOo8GN+=>5;1!#;7dc%2Q4r~ZN~tnwrF9o7|GIE3h^M|qsm?>`Oz z<279Jvg8vIqsscEpi25SedbC>Vn8GnYMBIj07vCD>Bym5qV->9xAtq4oB+U=J=sT~ zyP|VmLf(EL&)N4)(-gP)+1LgzL+=kzO)N1J*Iaq4#&d#EkC!s)3VngP)j>{P35|h0 zj^=jXO)>*utQHhXvH?rjx4NXa|F4{uFH3)gYKy1<{J7#ZXd3LYGSG0KL}cbkzrTIT zr@LpTqYhCtPdMI}!V}*&xD6s2AGWOjI+ig+nOZ+Ys4ZFg^+i|C#)pNJC7+8+vW$R; zd6xved3rTn!?0FUJDqD1@ij9U;jTfjjA7L^@%xbf0i%sHwsgE>FHq6#J7>pN?1|}r zsLh3_)aghwXaFp;6s}!k&bkbJnS1DjGQeD27;4>9QZ*AS~V%mMIFs6qb1+>=Q~4!St$v$S1_{{ZXrK zfb}h5aj4Z3qN7KDS;*DK8Hy-y11<=MSkOH)6mA~k3DcifgsTQ%G&c)&!SovrQ%UYS4HlX3-anN=zUl+b7yC7xB_ ziX);L7%#98H_Y*W@zPl zA1i(-)M+20p@M4;2qj9Qy^IM8O!KS}iTstI4P&(M8n;@bGaEZ8GgJ=Iw!lMHPa_0f8!Tti+Ztt!qilC?Kr4eaYqjSjRBW2SDm4(M=t-XH5=e#rv`)--$SEL;LTMD$EJ>A!{ zd}Hb9zO9&nl6;4J@v#QYY)%nQvp^hp8f1ogJz9{y+FL|!z-OcItM!R&TJJrwDs9`w ze2L9(q%r2UBeFSOnZ|C18bq?R!FsNV@~N#t&@cmc#p3V3{$CbAqpqtokp@z~E#dxv znxh!*?~S2-G`~`N!;p27xr)*Wa%rR(f@%aVpR!R{&wj}FR0nqHt>D6+Ar14#K+zEG zT3Bj)k!$>FnZw|{L8txEY@^|O$5%1sRYrC7b8h;>nL(j@87QQv)FlHNN>5Abs{5 zhshTbv2_plhj(ZXSi0-th>D!9@I+-;6tk&c*qhD*)?X}fE{e(%v~K3fi)Ov)cV1Jo zRYeSydoCi4cf~6kp+0e7kracOl7w2dVhcCa;%yMjFjZeL8-@dVJMNv(Z}J8DbvwFt zTD}gMi*-7mwZ87Hl7CY`L%%VGSaAdmY(r@K(Ce@-JNB07B{AT=<4%@j9hhGq$Xnl~ z5ZaT4hkC1T#$x|qr4>x^$tTznqRd#;8`)3bPRLX+XAEO%6y z->zWXJ`v?5%S9VFE4&dU{%&I}OS01msy?%v{R{5y9{QoWZPh+c>ROr5&M>N| z9P`AlxUm5bUB99@Py}tDbmpqrN@Ae?bX@iiD3(1pM=IDO=XGa+(f zvX5UB5mq2Yz3O=&Km66kFGusA7pRDenm{ZnU=T1W*Pk$3J=WZ(9^FI#x~6_%%EQvz z?n4d8ny{;nM8-TJDtDkMmWZGow6V1T2eRCKd2K#!F*th6XyJuqf(q*o&MrrO{k(}e zpE5iXF39`{jm~Jk7Kk@&?caXh!NRRtEHB~Phx{F|m6dR~%Q8ITEH&<`GUesjXR!cq z_j!T#5FA|RXX$1g&?dE`Dthnj7!Wix@6TDDxP)`*x^FC!6}9=6{mr&f|B=bKYdH#>SjYPk&9n_)Ji72+4tQiCO9 zBTa05>vBiEhjTq0{A&H1-26I3uxxWGb?HFoYL4Mg?wD6n!amM z)P3gE`5AJ@a3|lYId82ffxl*G)jfL^BOtji8|48!h}zhu&}f*vo~Mv40g$l^qs(jO zb;ZbabQIy5uf%i*&3k6)Mm@waWCs>GCCx>?MG#37`6=<|AR@`e?%NW#m%6GL)`jKi zo(llCG8{f7A@>>FgO@aYMs!_e@2s!r+j*FQQW$*^&>zb+s&okm?U0|Kwr_%@~eV6N@#Iu`U&sTS0m6 z!2b@Msxyd!F4vRsy!Z75W6d<&B|+*-#L?+@A%xsZ51>;@?3wgK5;aTm7!QSUp4PCF zm3pNql>Q=;{_8mcjG^d1kBEsz2QN9&=V=9U4s}2qd|_SD{6Bs(q4oBF-+)t_IEh@L+Z8>p z85aSM6)b=yBOxVFc}d*;3P9-p;psfXnm*sR-_};zB2a%0HqoL`3o=9!!bsXuK`TRx z$|f=-$_`;lMlA|bAQ7T65=boyB1=Flfu<9XijDsT86 z$9-SdeO>4IIrTQ8=1G7e!(pD@9TztU+7`AqsEL)0X_p4eB+_R@`%r>=BrkN<2U*a( zzR(AXjIM?05429UbthLNm(U;X5_X}d?F?coAyeMeq7!+{oZjn-6g|FVGZ)OLf5gWDCLjzTKuDsd+clw9%0 zzr}f)k?P*^h5sYMvCaz;pH!HoaHmj_J~8G8y)P_W`>0nl=Q(w?7*OKG6&PJ)2L^AX zl+9~zf7aPdJS}~yk(I6Irg-_lKXP3&a;m6ZMXyj7jcx5*t6EbOF)b-#Sh5+ST9j>^ zu!Vo^(G)a}n7Axk?&Ymtv7dHCuW|-(Ods0iu$h)xqPo4np#w7M`2aMIhJR-urT#i|=PcXbcua(U zBDq?Hk8_qjxNH!(IFVw0znxGV;up3{!L~rs$sbC#e~x#350C~7Gqq&h?>rQRimdk7 zLD9lL*q7{ur0l)R!jFCvodY_f$}nsIEgq=8n+Ryk6iwH80p9zrB2Gi^OB_)vjewX|;v#U$#aLo*^ROH(@ zx6QN-N)zsx8fhz~{jgemZ@R*9YG4gQPUpSm8AR_Rs|6P+1Fnx?TQ;R#9{b&=D(-ZI zYzeR<8oTMxD1~jWG;}fz-WfoN{7|SDk!vxTrO}D^H^ECW*S z)xD&k^bkFzKg!L-eaoU^`ksn8!pfD*B1d`DFtM92E<+;;{0>NzGrxPGKXGz6Cy;Yu z^fuLUGIlt8bHOmsa&iM$&yYwJC*Xk7COC`=PSdcQsg>jILi<8YkP8OAgPK?69L&P$W3#KFWXTAtNUdlWM^!myV(d)tzs~(o_us$#~tW}d0wjU@rnOoEw-jwY1u+9L0(`Q zP70|!DHA-fZ(GI_k`~tuC=F$ve-{Q_8HT*Ri!YB9{;bn#vPy1kvvl|NgxJQ6nS!I9xb z)Q2+(*HG$IgZb#VH@G;=FC(r)S*o1%Bc+(%<1A^0heWGlxzI#5`Qz{l_RlKjcH>{+ z?hqx!^P-yApyDBHR7diWBTc#%d$d!2Ey`(=@H=?RnO(sLlAXMd>1@C-JV$NbVPcXW zZD7L6H$VK@q176gg79!sk!WH?!z(1YH(PirhrJ-;5zrkKv{a91M ztj9ewj7Lk%?Buq|2iiy8)xi!t3N~zX-5;>D4e8%@7OjZoZ%e2jPabSn(ciyVp4~Rc zbS2Q-*1lHk{eb@vv3nai)i^yPibBnXj3buE=W8HHKWOpwP#E{Gl;!40z9yDK|7{;J zfB`iNZmSKXsprq2H2FrD(l zajEhnOZHA)Vz2(u`7`9r12Q;{!TCW!7e62)f7{NzwfU5@Tm$xODu)ia?s~`osgg6v zm5_QM9?ZT`oOixhlD}6F%(p7HF3$H=AdbC!noQxvWe+;}92ts#G?Nnrk;m-a&8PzR zNQb1Gj{K?{qr^Dq!VV!4FU=I4{RJpZALX}V>~aE#l9J2OD@#oY09!a%nnuf_#4`4f zmv2JT`|9nLI69@`@4ty1aD0=HKT2=*iVt+d{Or_SZrls5VmBI}2Ub;*PEG!&! z3J)H+NX0Mx?0nXjBlkpamGvyW>1!U+Wn#7rwWFQ{3W%3m7BJBy-mSl^rG5r zzmPq#MPp;(gtO3kPpr{2*$04mp(Ak;W64QwP{->cB-gr@V6NEVqbAOGMEz=g&TYb? zRrI;Jr1Mt_!}>?2%9VDN9I9XLnl^0xC&uV&jKt=**7!c9y@}peHX=L&!4C>`I>5#? zf!Nzq!C}gr4w3C$m@#%y+WsVI6e4ge4<`V_`vX?|i8p&<@ZM`P0woaw&yyLxSZ{wV z7Pp|5tU!CdDO1Oq9TtSC28anL&o7#Ys{S*0E3 zE;9LStRFD<7rnIFouB$bw2%!g$i|l(C&S1ef#Ie8JYz@%|46}E$}U+d&=a|9n+A< zI7^2z*Vgy{SZnJ`Ys#0u30jg6gC`iCvSy;Ozr7qzK1*JIZm3IUfyVlBNF-z7F1SpB zNd-kilEMl2YDDd&K9{m|6TgJYFjRoqapwNBASUmc+NJc#8|*FL&1aHqmz1P&$oTQI>U+r; zt?@;CY#)S+7K*M!ApbPq8p%K&RSk`FZa#*LM0H)#tVto6D~UoOl$@%J7Q6G?Zq*vq z{^*i}Pt~Kx(OydYW8T;+;h}cSU5+;hy&c%xpJ{rq)iOD6sxdKv@z~BcT}vOaa=$4L z^dDLX)ZW(AOUb9ac7XeuKN9YMgWG?t_GaeUY_B8)DT1E^FA|H{thgf=?)HdU*?UoJ zy~sszbg*Z5GbDdfk7YL@nDi0}cW=JR5W;-!u|Z?zjl|Cs*%Evea8s~KP=B*sZT?FqGNW171;U7y3+9_o1@;>sVw9vIBb_(@?zHAJ z-SzICrO3+MS3j-XiscdxNxsvL?ifVN-oH+K&DCTijhXEoep;R6F`wTSAsBM+g@oU> zmx|5PBeHv0yp+>uW#Uf9Fb6>YPDIR&c52Z z@!8*g>q`6ehnkih0X$&lP@SazAm6WR?OyR%)6)r~1jwOI{-R&H@DqqL7h)GC_VV2) z7_OcI>_y$wB@DU(#wQo`xJQk^9G>sA;0VMeHg@;{hj^C4P;MPi8aczxdTkzXdw%@U zGRkRVqnX0~telmvbH&*u2A&8;QjPMndd#m=dl5)ufA;WwC)EF$NwX| z4WY?u+OOmJB>DwLRW)|P;5KS=bA0!J;ci;WsU!_sd8QF8Y8z4w@<&$QD+#w+4uc_K zHQCFOJ$$f%zeI`rrFtEKQJZOu2fWvc!$W7`cc&RoV*eLBXk1K05&yeXiNd?Y(IY>8 z`e)}uV}Pl&H01|+cvr*WC#}iQ&{cdn!g7_c*4=a;7inHk*#v=aPFt|-`JOthSA)ja z5ril1q_2|0SDKN8cWk%0a2rHW64=#2y0Vndp=(#T}@LpN4gQL zlJt_o1v&%|5V+H2cNy+3j(>Z*mscEpH=pM>E$@6Jr599-tieK6&k7@}sKz*&jH{*T zuSFT~3*>1zV+2KPV=A)=8@RaPK6LkkXfxqRMXeoMpIuD7v$4`t20N3Zs@yhsLs|pd z{Dw4o{F{SYZKc(+rr!zCD08>o#X35ZzE8ALbe*4?@WGR7G_eyo;L zYtS7ajd7ceT|?bg7b&66n6_-d_neEz4Pmmlz`E1?n(F)Q_1VZzx!8$+zhb_ydQImO zYP&dpkit>wWeLS{fl3(0Q;P{l{W(I+q`HDk59hXy1?|@+mEY=w8pIY#C5ne zm|3jvY+Mo^Qxv*4$KIa-JI&Hsqc|%*baRI6`2=?ytxJx5s5%z^be8glY&Rtxq8w>z z3#Hmeiz7Wh?N#(o6$>L1n!dI7{i@|_=iAHw?4D_)GxlzmNIy)vG9vq@^WGT=?sZQe zLVx#0Dm|0N_J}+Z?fB-BjHfakfp|OhYj=I^`>8)FKHs&?Ly6vXx{y#!RSGxF;zOQf zYN%g5rN3A0b2P=p1yX_Qn5?}8U2^wBN!?K`%H>P74We#*aVQ;L65iH_A`C;~Wf2YY z&&?C^LuB$B1x3p=7wD|ma@8qPx&N_pLg%x_kVZI$2HQtG4Ce1Ddl|{zw0zYLR8U5| zrm(NN;YO&LuCK3Jx!A%L5Fm>Dl+z| zul;bNOh22yo9mAoJnKg3^0l9cd0rxY!Bhd7p{qn)B-1rUDsB9^obxAfZ!{X;(B8hK zVlWlIG8OG6$&K!)U`ERC+;~f=E8foDmfSW`y@P!by++jd=`QTP;=GCUwRda6OG0#n zJZQ?qFFahfA4=Dp+WRU?*fiGApHzid6O4TZaT&(~5!9K5eXEz*t>IcIJ?U{@$e6>b z;k3PRjP0kz2LGn)8idR2j9^P_^j`~Tl()HeX_JP9?RIAQHMi^>t5tR9;LqUa0o|?U zWhJUXk|3hyn&CdaYWG7jFt5ZO&nsq7xHOLAlnz#(P1i6l6NgQA9s67?(fsB;HMEMD=Whc;)*f zaAZ-Zh=7?l0uWQoD8}0;N!l?!h)lPR{EoXTEUpHlZu_5poipWzFCnqw1f?(5VS_X|lre_04Xg z<>H%In{2n5ZZ}Ui?#;@%iU$SCg@z?!vllXOzbO72&*@Wp%OE#Tbt#-IO{+3GQc+W_ zV>Yoa`0FrSE7z>Gw#G9Na@-su8P!=!RpnS9I+v7Ung<_is%bj@6kT^WASaHX+UTU1 ztwm?vRvd%CYK9vx6NS?_Rzz!<4yy=RRPT zb!8Bv$nt4wZ=v@r{o~?3~2yo)~m^q_U7CA5`hIpz7QA2Zt1o{Rxxj| z+icBy#?E5ndl~d3ppC16NuJ+%OhjNGcoxdy@qCCy8opqia9YJ`2&KK_!GDvZ2iH-z zkc;yhxkH%SZj$d=4|1ZGU_)(Veg?KoK^`6)2K-yrn}Pj}swHJiRySHW$I>xPks(ts z#rWjHqVnj^Nq6=BMc#=CY&j3K>v!`_(4-vA;rzRo?4XqKeF3x66%Q~(Q{U_kot*AI zx1q?X<)?33)e>cIcix`ZGN_5hk`(G+?_shuG`OsTcym3-Sr^dJM6xrmBkHHQzFV@c z?xzlrX6UX2YB(Fde?p%vpy&grTkAM^=d_ z?ln|?4C^oAtQSm`tfqMLZYT#A6}K5aXAIl3=*@5i2_LUs{0kiYG;rOTDR9&v&*;6< z*Yic*##n*S%0^Rt#{RD(Kwo+GxSVH$i(_CTV~^Uu>kZjEgl;Y%y75fnZUQc$ zJ-9@e&uK*>C=fRnv`FYqF=^723p#`F;aDUM&Hw|)@ z6g=X%Ok>L)b?kw{zcr@^2|y}{LWMHrqG;QTptos&eGUIZH7}f__T9~IPM$n@>eQ^l z?x$bmy&d09P0)b(Gr}tOE$LR*!iZoMUR0n&U)$$s_nUuTQukxUEB9?ftXeTgwNsQh zoyQafE!LBzpQcXDogYt{n0JaBHKryd*Sa3(m(^Z6XbdKcFQ?V~XdsafEKnLNDUpG^wjNYYTL|ob%yxXY0wSZ4aMsT)H@~Q0H}SP zY~f*Le64WRbTwj$-ultH7_)Blf+$@EvItBG5TNIVVdae8e0kPiX*Yi{voT6el0BR* z{8@av{SkAFaxKF4ltJGOEH78j+(>uCW`GvR_MSl-rF@M)jixsuj5oWNrCr!M#S_{vpP7vLLvN}ZdQptM8=^EBn!jl?B?*&&0DzT z$wbM$&m~SwCA~sZpQ+Gdhwh}AeEMaw`{+hn48(e5gUXZq*gXDvHm%Lp{+3y^;l6e# zW#a95kP~ogpO>a`lh~$4R%caX7qS)HgFot14J;<&J^p4kay%5Z2(6vx@}91r0vY>t zcDWAUn-irHWX{MZa zb1#KOkW9fd`~M4})^d<4|#;Hpw?if3M{ynXRUEGQ%F7ud?`7&#iZp6(H)M1w8f zkz#JI^nCg(A}TR?#$i$9o(L+_VAOZ6I6hV!wS^lOLt2Q!H*Nj*o=fh3Cy&NMIE{{ooeOjB)ou^{2Yvo3t?Ibpx3`xhz6^^< zV1QBoYh{dFORBA@w zaOnJa4cz0vaIYoAh!R+0z!z)at-W-oo! z@{)1Wz5Qab)J-Y$EdHy2+4?DVa;o*=?v+E*<@kngWY$M@Wy&oZ)~sV+S{rQm=H1lt z&LS0C-rzc$`JMUCi<1|pwCoH9VQwkp2X~ltKv$dFU!nQOMdg z6{0moZNP0CoX}~qNgt<>%arMl+mwcbJKHhzL2|0%XDnBMdhgIilVrD)adk60J??q}7X z)U3&uzH26=SlB`XM$;n~yHBmpA2BD#Aq@gwM;EimT!`>3NViS% zV3nnfg>kJ3{tP)mz`r|jD`tyUdayN_VT1Z7$j#fTNB^;F0us#kFstS!jF2kShzh%+#^-YzTNgsN)5zu2Lu&^BrRyI(0<$qK$7Vvo+#Jg&bMf88_qqli~U8bAicXKfBi(Y1u z3vVoRFZEt=D3Q8}EJSA-pRkO!q?^rh&pwlCp+gAKr}`kldnE{jxq5 zt@%ezgu>KWT>_zdHQ9`!_x@C?({O3CIPUCHQfTUMk%$M1?>+?b-!!aYKHaZ8MlgE? zT@ftY>%pSrR^39MIMeik&U4KZ3uM#Qpj=~<&_+>2XAn7(6nPg7oCDHIHdvqJ72{ol zd`rw=nU)k9lIWTjZ9i~_Y^vMh?*u~Ep^vGzYQg0?p(4@JU;?v2!bzut#1lR#5xMEe zvkdxa^BPK2|BFIv9RG;>erZy}gS87eI(;=hEdljcgU5}kYW0=~oiAUgvXhpwm=DpB zOP$|v3SASL_Y9)ZZ>^dHy9JJTzd00gyhb43nEweBlpV+>6$M29h zsGA!=jvOI%ZC4omAdip_X531Axj7g9(rbH%esu2$juu!?LIPhnvUgN{6F+KF z=Je#ZYd%09IJp})m*%gY&38Z23)y7>^!bZ3H7DLZEt?i{mU|xA_kLR92pCJhtjz@S z3vA6;_pB)pd#$@ycA#H|Bu2g&(M~KRCtrk(K1J!6HBG(3=W? zS!)O!!X2bx*YwT*hWt|PnU_rS=i`p;oRki@qByu5j2ec1mvL*1pq6qp4I|=&T=lY2 zZ;jZ-U_{G0^u*-kkK^PCscZW_&T6IZmXc)YO^9oSaZozcL(HbhmD(*4uBc=4ntz>@ z2EEoHIY8s?%UgE*;x&&Xsr!@_YXmw*Mt&2{sDSv(GLnsmvhkJlwU!a-DdTb5;PKos ze1}vk4;1Ax3wAmlC0z-Qt&6Es#hW>JyOP2Ri=&eT^{&PswH09Xp$NQ2@ARgIcl=Fu z%eNYg>|)Qa+!8AI*6*ewlwe@ZV=*}>&y6dUW@8$xHkV?JxnqX==bG2vkA?nw*=T6A zbd=BGAIW5;ZBuU}lU}Ml@?#s_G5i&-@wdgN65x_`vpDB0lp0nSYh!Tm(Y~y>G<|X6uH}P|(D=L7&vvxXY%iM1M0ne{TFHVd9F~Kj#SO=FBSP`4| zyFQrXBeD|hsK1A(&t%p9%zDs!P`$O|o#VJ;C8Q6lhSLy-u)2DQ(A_gkD#fj}yoCH^ zeNt=Gq(Cz|w!`4d0fJwu$I9qiQoky^(>+_}AGwF>4s*FN*pv7VzR-CKZrj*8ZBx*) z!Wnav{1}j+1ozC28dl=EvwkiW4U%g@N%;Ne5v346lAmjTws}_EoHWJub}?H_9;uzT z+YO8x7#6KO;6AR++wOYiIbJle+=XQ{?I7JkdYR2h7a3!v6F9m~ znX(i};!^r|NYXrh*TD8kZ7R=dg&~6{v5rA?+gk49$y@^(alvXoxS87<#q%KtAoXjb z6lE}L8`=t&MKk6Fi`Z!$q`@2C)f%9BjVU_UnHADB=s=R>jB$ei)E4sSboArXQO z&nFEaYz=K67eUw=pvbP_q0H0lptL8mTJI*1-&64^3&~nDbGd*O<2*~~_$f)>C-KDe{@~8kTNh{z4PLl8^fj1)gKC=DUD%MYBMQo z$)8YbJ5vBf`_iz_EvEUoCSIOtz@AP;tC!9plKFu6BECNTu%KzRC)AJrp{WvOqI!IF z%BusxEuFb+k?*i9%u|xzKZRT_n&2nF)zXSBn_{GGYPZsTj(TXn1 zdOQ0y-8M};F@k#d_PH;S1|{h+Bh^XGwAsn`M3uIU*k{9XhZi%jqT}copIPj#k#9$L zi`D+8`r!3@3ud!f(0JMUKURwQ&{R@-ME;p@j?wPt*b7MD~tVM6XS5D8kYnsJ?(=4^{hO{ftP3QAfY zjz|494EcK3iCOkv?csaPhKemc|5ja{a^sjX9>*W1v%h?RPIJ!NckQ}M(25K*xc^9P z$Z6}}HKTdQ`UCSymD3uS1>Q|eBno(4!`;A#2%7bqiWq)39-URs%798ESRWp+-TxKl zw!PsUg}VnVXB=Mj*cl+AlkXED{)nM9%Q_8}Jfv7qM%LHkM1}nYS{cPbbg|iN_p+9g zuWlIF&fWcKwd`KZj<1S5$Ga7*>FV!u+f;&;xOyM+GyaJGxj+6#pj@Hu# z0mS=-U*2ccE6y8-}O-^69*(la6s)5&MPHEszIA{y@}u&eu`0qCC~) zi9vIPF4o{!bNgbF0bK;lgnQjfeuwGXC`D@~$*-Sjv&a&5y5QGZJhQ=j2JcZ9HPc+D z)d-sUz@MJ4rS%RHG__x<{jcd`fnj@X`d8>LYxe)=2MIMpS=WUVjYu2KWS2xjZS-Py zLAx|V zeG~fQ*_!V*{^97dcMdi^Fi{DAuk&GoFbYbeJGoE>+Tak2ena2jy&@hd!GEh;F!7*w zwlJe-crJGIufYAm`j)hJr4#_XQ{)cZ7yr3=?qSsYl}G-DwcQ^VD))oJe{d*{2zpmK z{7*sjMAZe$wvqLqen9?alP8MP$DTQ9Ou&NgtCraW-Czghir&?qHG+m`MExGz=EQ`U zig`t*x~QP@p(=*@$zVZ$_rqxIvk+~M=P36DW zMpR)5sAxXS=~RRv#`ft5Z;}YPlXMFeB-3EJH1Ky0 zyjs(j_9;gm4r!9cjabKO0$K^1@#Pj)^CfCJlWUefDtxf!e{(ug7qb$@1|XUMyhGT zD^7|wNAFc3;%#xu2&;|G-5Pf5yTALLpmK{&-%pyTb82(-0h@W^oj;C**2%jayWbOT z>6!-wH!dE^G~LrS4mKR~wwDP!4~a^rExkd%q)%Ti;bm+;>T4=|eY$MTcnWvK<=o)J zU<38{n$6hH)^2^R`xvh!dkKCpYTuut?Y}Ih3+9017TqJx0;M6!uO&>oEPQpN{WEcF z=XBeN?>t;>p*v4C*kcZrI>{QRm#a8MbuU!Sb!|_TEx)=W<{f~+s>R!b>cLxu(a5BX zGl0gq1v)S&wd*+uAFITiqu#`!as?%Eh@>CvV$n!?S+(eY27n0GomPM4vqqOwC>P-p zCs^pkTeN2b=Iq^Ox^>u6t~o}2Z-K+Fs7Q$Dd(p=F^@t-NK4J)LQ2mi6=mV4@)jg+z z;sds;isQPo37Snw`i8(wCHKZ0PfJSLEUS^9KMG6jcb2-d8Zi5!`QlM+Cs`8a2-$Sc zj2yfdR^MNSrM#WtI9#*C;EFg^wcIsZP7;A~y!Rd>ekp6=_o+=QrvLWDPGR)sWqdz# z(-p>G%f_0<{HB9kd)KVhm6O6fX~V{!Nfn6M>tozatPG zI)7fr(6|pvD|zD zkB@TjB%iIf9(LF7uPW3^Y~z|~jAT#h_(A%jdDo&`UR|*F2F|#=4=i~>gorV$;gZ42I)2*tfE4XI!QK4(cuGb)|^{_$;+mSxW zY$<;>UGXBAJNHka_-C7CZ+ytcI()Eq!Z5*KmDe^<0)7f|!{rLPNFmAnKB0jkv5bjPL3fnVy3>hM z;A$qOjAy~MauUyjaAc{SXRkkO#05~wF@seFyTE4rpt(-A4h@j-lfR zZZ;n|0Fgc(gy?^N1g6?*iAJMvLZY3iENbj-lArpNGlDbcW(9V&t$#)}Ql9R=5|Lwi z(!A9D=P{BO$W%~9HAOi7sh@hVV$AXo-F@w566MpaKX~sZCS=c4RWuJ|d|sa~$kI;* zhm!qCrr-A$SE_tnw-E8_(llFOgL|8+_@vS?7wf5!?3*X~`9PHQ!_F~tCX5rhdPnnX<6_b%9#pp2zVGEJWv<1WGo~RaS{s6y*K>#gE7Azhi+WxKC zJ$-lj$`q^P&CRsl`9Rm1f}tqpGJMy_|=hk4?voI&qTagZbeNatW%1f4k?a(EWzW1=^gFA z5$Q#8|Eu7P^3s4GcMX>pmV^Q6evA-VA!Ht;JEJ`aK4zsf+tngh0{Ei9=A9R2EEp%I zj8Q|m%{u{Yk;N9Ar55-iT@yG=rL9UimEWG24OMze>}r0}?K2KMQY*M)0Et`<2-x_0 z$*3!B>fjwoqR0D#tjB^Kq6hH@hMD#hO`0)B`{F6tMz=x*aH>(QL-(X*Zs*X@+$QUB zv}M04Ml#CQ^#@vQ$NuRYJsV|_o%jzE6Ld7Q9WuF+MT7%ITnk7~CKRzSW`B-Zjj)Gu zWMNGJk9>=X5%Ed)JX4~DG$omvRMyW#)K{Mmcdb9p5)EJ3LI|D6P~Xk*D55Sryw=&JmZ*l=G1SdV{ob4r1{&+4 zWbZ*~k*;-0j|_Ex9*a^H_I#u^e{Ucj;+VjseXlI_lvRLpU@W4wxX6opbHKcoYv7BCkZCR&k@MKYMDQ0W# zS6maa47pFIOMg+6^fy#)&Lp2lcYfD8ZRD=dipC6^k7b0Bc~}aeF?b>AWTyas<9LoStX4 zKOAg;Y5&T)Om;a*dJ{jdDav->d^;TwXU|DZAx>6(vG(c$tb`X4rW&M9mB^|Ncj%ML%+*A3uW&w%=qCMn?`kX(A1@ zPd^p!eBEl3-THZFg?|S^OXh=_>p5`Uv39c|YGWi?CK5D1@ZEpCkV}dT2EMKYn448v zL(!$%>7UxJe1LaS?Kd3WF#T9A4#W%eJs-+eL`z&cO4Mnpd@(O1os7wKlLWqpHrtpd-116ESdH z5PntEXE;-7=bzvKz}V(*BD8X9jqnjea}oV#r{uczQ^D_Bnepgj95WTKh`hB&oi^vZ z!~e0Lzns|XL8UA?bAOMDC{?_vP-yYlqHn014Y>ZV{!Z8K3>wPo&mv$Z-Ozhsvo_TU z@VLm1i2fqi@u3ir)qs`up{|;I8T>Jd4{vNWC7&_hdfe_p4F;qAtiD^-^$N0~%{QfG zuZ)JduT7K^y~uAm!1A5g{XWl>8J&(LJ$U=bS{~kkn}^Hej$R9>XpGhSxo78}2*#L` zSw!(~CbK!2$X}4;d0*f8-kd`kRuEAUhwDgIqmti)vw91SF;}XN>YJA}hS5@c!!ktUP@d z%ZXsnBpMVM=pJ;i?aVcHD9YZ~RR)I$?^Wh$#$oQR(E3WlN%-XC*Z&xUXpt}FhM*91 z_<=O9_K~mg8q*Hgd>!fZqs(JvMDRjhv6*t`@Bz^4s_*bynqh1e1>|O2?L>BOv5*|5 z(rBr0PIJr4uL81LDDT=I^&L#h9}cK|Jzv!={#5b=K$6!Ta|9$%LM-kf#X=kBT92XVaUHxC761^bt#_hm{}k&=4YSEM&+zw_(-cp(&>oPXK!=3^6Y zOyFGXbAlBtfAj*`%q19kqh73@>3xq#YlOx4AcFqdK~NR z@2RvnpIYfh!;a;iiHE&zXTRs51cObMx?a-m-U+So_XBC>#MpxTh%1e8NcGFf(!cwg zFq|2NjV>C=Do1q_uemK9J56j{PfV^0qeJv;gKZmP2I?iuAX^|5+jgF0xzS(mH^0CV zUkFrcQ&DBB zh1kY!W;IEt31&M!3&p{)gm)lyJiMLo zJSxL0AjhY|&aA9@=rOt4$m3+i!StDL$So#i>9UVbfW3<<~Ddj z1hw%!A5N&u?=AxN3wHhhWkid5`d3WH1&Kl^{=X{;&q*S7E3c%=FCs0zI*&PW9ue^? zFm&2zH1w%!UAXd-El{IgshjQtBQ!3e8Xhu?T-Hu9QVGOAgC6ylx80N=B!6F6?gx3J zXqRbY+1EunE;i zay4&h3Z$lYgnkA*B^x{(&@uDoSf&~v78D?mzRe*z!Og_hfPFzvcBUrKFL^#>*a%Sf zZ+5Sc2;Fb^Zm`K_A;-aQ>mnItES?|EC@_V^cJOkm5R^w;&qL=npJ=Q;U}M@QUTb*h z<>N$IuDA(CbMMnwl#2otb2KWrZtU}d;Ds~;sqvL@taGs)H`+~{IMB;Wt}^;zibp{L zdpB}wZ}|7yfoJcwNSb#~nFrX|u(}LYJ)pJ((P^?D73@yYvirz%(x{QS?2fIyNxuZi zD8_2|Nk~C34?}iZ5ZQD#dCG>U?M#Lg*=QX0eeAv`FkY*-&7*(OjCzZ zMpYc#S*7x_ej@f7l1;kpcb01sjeWTB%zE?6S-yNDeAEaQ%TF2qf{i+CwOfK@ul@Kd z=nkFK!ivTSHS!IFrNJDTx}!+~rdK)ski2@UlE`O<2Q;y!e~eM~E!95}zuK=mkB*3; z%~;$YE!8sKc9!7I#?Bnlt{D{7K`}f&B*{xO{8m04BJFL--dE^p{1NqBw$!eBR`+|c z`RflNBFHkfzM!v0O^G_ZTvO$zPNI12NrDRJ(Fa$aRQ=e0yoEe7uA!Sr&}aFVfm@IB6;2#D6P<)Dhjo434)I&O+Lsl9(ONxaY0L! zqtwLuBb|PAc!K0--b?mmcvOU8-TeK-?(`ejvW+9rdR`LJCM*~To}71JiC2KeQKN2zW7w_?G*CWESq=8MZqaM(4^aEec#N3bJ~c$xkT zJRtQas`_G@ZBRE$EQYJ1NlH{|1KA@zp7tQB5D#|ZO(Om=&x>WO(#Y;# zLGF5rQM?3VZ`Bt~-?o)}`^LKq1~jEo5Q6jvi3dh#7sjZE{+Q}{x;$}HB#WE}HerTV z)4Hg$pFW=)zqQAW0(}+{Q)|tMnS0i75*AA&p3>LF^dl+bX)4o_Azb>-PLy%$tS4N7CbNpk6L6 z99IP^7yUA)&>vhg^*v&Z{B`|&@=Fy=LaNvFvXZAtO|ohCBYHM0(V1Drvmwr|&teo|{gBtg>iCU>cFF1QTPm#%*^#wf*gJeTzZ8?ls#p3no@tdlXx# z6N^eaAiD8C&RP;mEC3^+K`%SqM!zA`L-6ioEGkHvrlw$aB+5hf#dY@s0(fOl48e!k zapFJEMuc~QI~()<3>nm5Un-9ISOD1#%Cm#kc8Id0O$o5w2AD6qMf|&1=a?}%8H97U z0|pgwfk>vNIsHt9J4i%;(qJ^c>AuHa5jj97zF0Cmz(%YT&VQBXGc1MwDv%^cm_=WP zRj-$!}< z3P7aAEnJ)|1GyeA|V1DP!JZ;-yO}ypma|u<5>;ZcbOZ<(Y0gb^TT$s7m<62U& z&-x^25q(`k{ElwuuYnmRt7njlAW-_WnnclZ2ZB=?io#*LlbKX-2+iSQZ>Oq8F#8M9 zFJEpys$3ffeX6_aYd(&VmuPf|?Kqub{^gG07mH;ZCN;rovM0xojmNoisA3N)j80r| zRMD*w)#P00&8i>e*Bsxd5-fx@(sNbFcN}R@KS;!zWw=>?GU`74pn4zP&0uHX^tO2Q z^Y2sc?r{_)Gc(O;NMkC|5nN9O*WC#S)P@rbLS-?WdiCWN$a!asv_89U*rrk$Xqz?W zK=uKrX}U)n4BldjUQVQU1YR}UaSNGu=6<`YbITFBvfvk-S{g|&_G43c(X5vTppD#D zHDegH_ux=emC^c#5hg?*d!8G#S!FW*r&M^WKMCbR?HZ5$@wnZd4~9V2Cs1&84xKI_ zX@l3enA{7PliJSojL^rKU(qh}uJQnAVRv}yFgZJ#yCYXjeUfM+%LWg6yh zj&3ExI5x!xdwx{)4*-l&6MKu3MA8>V%(L>Ng>}IblPmd(_lNWLH1MRwu5vf`Y)`+o z36F#^ScA>{Qvg(0VNFXPtg}1N+zZ+Kwu8|x-%}G5mWT>x|ofxbo{gqxKJ#oVAZVOH3esT-`*q%{}NnU`PDvDalPmnu! zcl=7C)yG33uGF&L)!a~Sd+IjkPBYnFGYxS`<}Noyw`#!03)71%vWSU|v|+jp3{AD2 zKmCW!ZE@q+PMqWF>GX8Hs_6TVD2R~ZyJwVWhtr9`*r4bY%vuWDSD2<(yLr~o-2S{q z(po!KeoF?J-un`4M**>y-h77B*m>wjRSuQeF?|mVjvL&7BqhY%1~6O9QbkvBh#&JE zKAmU0&|8n`j_kl?2;b_b!3>)#3PihWyENJiwQtB?deSQpgiCioy3osv;6N59E}N_E zWc}xn+L`h~UY*X92>YyA^h5%J44=>JjmreR5EfB65*x0#&D%*x7L zr>V3ilgv?EVVWkbF}0?}U2-qM4b2sy#*)k}qufxboTPHs+!aa$azRp5#Elfh4Hv)# z5b)2;@A_ZY@AuRPJn@|KIp=-f_v=n{pVjtFM8?e2c`<7)@T9j_1=JM3KV&}>9%lgd zMC1)PvtgJJbz^Uv!1mr}O0m*@{n)52McZH-UWC|E+uD0U0lx#v!W6y_5iWKc6>L<} z!R&g^$7f7+!v;M-*LU2(JCSrsphY~~GPm5~cqzrUKZDM@d1_)3XXnlQ1DaPMzY*>W zmvNtV#1%L)e~e{73_q3QXxxRi%|q;XpDlGg^P9%CACO;a{-vg7^EQWt7+6o3&eaZmLxNx>FO zJms1#*0~Fyoq*MocTGSIcDGoDE!f2^V3pRK!02k4g|#(b90_8aD9pex>0wia6p(MBB2{tv_1 z!MKXVhrs2*S#z`5yM0CpoIn9L{He|E@F!Wvl8(#H?*s2BQ95a+kVok1o6!lw)X6)V zalFeRrddE;fKCM%`UksrKg#a8K{qLrBR!nY!95vnGEMqy3TZ|Jn*gl)F53bAoF7di z-%|K1l*M3+>2x`fUKtNd8VyGt;v%kjY*ShU~uaqCb@{9_qp?vg;w{VYk_7`e^?z?~nNVH!iXIUsbmY1^IaJiw!a*`{(LnUIS{Dx5( zn#Lxa&}R`69l9N3)o$l(6f#~kyrovuzs=PLNV7Dug83|buLIvdhxASx>@eG(Wmp(5 zy(Xntc|>0#jC={|FiO((<`+QBdN3~0gnYb1(>i*B-8b)DXan;5SY*~|GQ!ok;4H+( za~BLce+jpg9E#w@f$`~e%^E4rP?r+$z&`CB;?nlPDNu>?f2)!9s@<7;>p>IbTiwoy zKQv^7nhuhgC*5;u@bC=R~P*1GM{v00@%YW(4Yq0dGNxUTUqg$ zmF%M%5q0Bx<7}|DEK^`O1J~;BGV#t8X@qTE7sLn(k}M4iIc9TQ#NdfuaDrvLWsH=O zYmgJ7={i-bG>)I_i>YbIvJJP7f9Va3z}d%8UEg)vpWINnLtcBii7{kP-uSc;wigaG zAFH#b_@CL~1b=bbyTd*Gy2&W%$7w&R6Oc_=i?fjJ$v_(>h#S$wQ)_QZ<(&_{bu2k6 zPMdz^Jw@@I5HPxOaYgg?qh33H&+5+)zmxu2<}@O>lsh5LFxuS_9|(8VbPa~BP&`3V z(wRk!E*8*_S1GCKuE(gf=)52PcYeI#tjm0`;1p63zE~a}`n_%msOp_6h?9o##o4#> zd-3g(x=%@K&MFY^8yPIuR84bMU%G3{VtPv5aGu+cAh#*?^RJ-5>BCL&R{om($~pF+ zZXxh*W-WF0FW5xB_nA5;1G-A}s(Vjq0%i89V#ao4>^Z~LV>8}a(LMbWbzk@ScI3sd zj!~;X$ER;fHR%bHMY$Zo`KnjKY{2wW>`sweqMbEpITp(=lU2}H3d4lWt^A>)XSyLc z7`$~oN}9E5$1VrjHqT%xTMeOjs8KN|)eXa!Jk@qw`~2lO9?UUkt}}pkv9q?xp4Y3u zGVgj%=vrN-<}pyfi6kH2%8HwS#V7!s{ENE$@OFNl^;5bL8pcWTomso+SAT+iZ(SH! zH1K}l1o{Q_Xz!LU>Na}3D5D_@JWf4nD4v-KtkTY$bwHNRx&5bc#9fInZ@u}o^47=H z6dv!+gwX@0G46Rk&%ac#e?i%sNoyi(RBpgYuE|~EPEA5hxK3--*Ks3O84$>_&oaYV zk{fD$En{qeN>+~L4_owSpOz^Jry8^G65p+$>vyx*ryb|67%K|eCI6(WHxHkQm5M*~ zmg$t8cHk7dn#dz^Ybp?zv`gTbNewq;g@!-`#B% z90Z&A80z~$!n`)>Q7x>wwKEG*%#z~>qGC-Y2^{r*JgQ96GZiEDdQEDSb?q$v)yC2( zN5x2!=%wChVhs=w)$ww{s3PEkarRrubY$f7cBx?8OUo}E7tv~6GCEu_k*=ajW_}gl zQClkyBE|J%d`*4hb1^E;8z)tw?0>5raC5XUcWkB(uDlAVMuXKf!5s;!&K&6~}R9zL>;FJ}&FA$AQ+8AOEjo45d77Na7>lDY6A9xUy zLrOh55TzHpLBnMv3q!4xUO1XtuL|&%E|oEw;O zv+JOCO28WQV#=y`IHUX6ChKdsf3WCj#_iYqC60_+;KEkRwUVT*UQFd(q_`1;FB)>U z8_}AEijwaP%{u1q&z=85I=J}22YJbx<_YVM98Fesi2DG``SVILf{*x`G>}ps;Zm4z zC~h$X2RMjEG|qI@lkmkzE2+N`gYF9o?_mw8Ld^Vy1dGJ8kPuGZAy2Eu<2mH+34 zLT<&O;`CL4pB^ixmB!EtNXPKs?FoGWmGpffrSy_8_YJ?)>G410nD^aA0AEm)B_@OA zX*^p{={=P0;{0q?t9v?Mr3l$Go}NBp)#1?ZqLu^t+kRWANnG-s+_K}Q7hWF~OqNs@ zG3KBZwD|7M$LZRsNa0yd%|hnzU;@6Huz4(b`+45;k&@bxjYrwJd)cDHUKm%ou%N*s zOBv<}!`I;Lc23!f-q4A9%9<~%m&AwUZ|GttOS@PGBD~q1UTJo2MOL@3m`=6;B&->m z$4=A-q<>D=g*-7vu0445N*G;H`5^5wzT3;R|HPK*W1^}Q0wAQ9 z5J7*Y0<+&}8Ack-UZ`T*U@e;zN>|D9MXJau3)kx5-KN!1o@RH5eQ}lZ5)Drrmw01E z7p&iq#-H|R7)ZKk6xwU_@5Hh}L+yK|9Ah3b?Bg!(I&%)XOAU~0eH;KPsgjkc+YM3L zcT*jO8>=0LKz9re(OHI*n{UHUD?YUFAO>yAdam9=iWL3}K==+TjbZWTQvdgcovgEJ z$oCh_yd$-m6?T|KuHbJmZyX6UJLyx~OGPAp5n8Eu%5P zKQ3aU20k!CG~b+df!o34p@)pqKMx(>wn`8;n}zP9kY8YUdMAL8jjrLr>hhzOh|&D= zjc$i}P;285YNtk05j!s`wqC%HP8*5?yWPHWj&+z3?`&ey&|?1c44h&GRpz>TsSo54 zn@PLK_SQSb1VT@EG(4|P{Q2DTOprI6+SQQ)xlWSY!28#Mk4c420DP#A-9*$q@QiMt z|I@pd3P9z++1%LtDV8>xzhyg z8=0^;=jZPD!@{ZH`}R;|5!502((Vh^OA|+VYMgK1>1KU za1U!X80JK9sCjJkV=>hB@Uar4AqLZZR8Kd+x`nk^7TO~cq5s70!rjTfo^e;hp;0ht z)Ms8o9}?iSm@sjTQ#O%w4@LRi1jb@m8}j_HGo*Wee|>5er10 zczyBRr)#^^4|kaOm%D^YX91`LeHCgv@0&)>OQqY@!sdp{^^)wOO5k^xA``D7)TYp3 z_>pQwE#9@Fg3-hj;oKWA-StB!xJ0xT9M-prAh zvi(Wa3(KYO(7q!^EuITWuOigOS0mx=t<#=@+uaRCnbXdNOUDy7+s>HO@v3po=e&JS z79jHjPeK~IXL`T-YwSh={_gna3((bOB7r}aW|JC8zP&WT92!^6+FT2r&7XC%Ykj=; zNLEjAwiPYUn_a7^S!MsZ7AyJEdwwr9`;0$5b}++wRx0ap=I6bsi3789?@tzntO4|7m9A^);=M9GUf3$&m9Y@u6`Nuu4?g%e9=jHpcK?#a>kc+oc+ z4*3y3hq*^bGXVXBSG8xhtgy;_k?{^c1Cv&+jhhb2i$L&Pl#Fh>ahMMJ1xo4zqB5n- zvv_-KN8>_BNw>jFP3x(_t=m`kjpSPXsDNF^D-V>qW1^>D9U635LclG(R1VdkdH||F zPHDFKAvo;EtZcqch?A+KUdy{J!2Y9PzlY`gS< zh|o+p&p%2hl@xvqTOm_@BHA9fIc_T7PmTS_7am6}`LaoR+o9Qc<{&zD@w_iTFsk*j zbF5zp>k;)x_tE!R_S}bt^hQq}-4*If3!rY?_dLzCLP1RqUbkQN3$5hMesX}Et^%3F zBEL_ydtI-hgg`HDTWZP9_UYc^cazNU#a~OVft0T+mrQP&F|J()Gu-(JAC_z;4A3YD z5DYg)kILRBSqM}*iKrq~c1!zD4=N2ts#{2Lfb+XmsvJ~Kw_8`kdcHMEno|wuBSf7} zdek@3U3%Q^Ebzoyp;H|%iBdjLuyQXDepjuaEh@%Pl+QNn?t&8dD;rydZ7w3E15LsO zF0be44gGoDu;m?H`;1;Z`kCBYeXUCJsKMVLmh3`^PHed%efj70#3j_&e=)SX;J=$> z5r^Y<9lnD})P9SAIauPtPr|MgYU+d^YUi%iq;4^?2nT!Avz+nR90~x_YcURg$fk^> zI=M};KKY?PmwAIHmD|4PUrz^lYM~DYqf8}lMm74`$C{s&i;C;aQB;+~$H1~HmV$NL zkv4=OX^(5i6R)E6@X+o}2Z)KyL$__-k$tAA=>4rTG~GH_=YyL?X_yMEPi=bB+-3A_ zni9A3;Nl8pJbfP=I2PUv$?a6v$R703HAZP01Pgd#Gd9hI?h&6_aHv^l+FHSS@~dF-57Av!JZCuJ~5RUko@W^&7d>w5*Q z(#|M^t!0UunKoCqk(57>E^3xGBYHBc6E{^JkxtCz0g3_*M&!}Ch*7%Ch7vf_gwny5 zx)+L-NPOpnh1KW!rkZMx0uaF(ymf1mi(yD<_LFPuiC?+15AKCleXh2BMVY~x??r9R zpwY$94}wW+)YeN`I<;`;%`($>x~5z~d5oLT!@X_qE{Z0E&3GS2KgerJD$H`E{_Wf_ zNH^Y@`5L(TcOSVU&olPSofUXW^0#&fy@`g8wDqWNUS0l7uS(UZFp;BopJSHReY0?FeSYU9^l}Z z>m9~=4bM*m#ve#Xcz7|-qzI9LwPlA7NfN~yuS+3}mm%9X4r-*mGQlvuSg`*Pm zsj|)eL8k%96W-VA&d%3ozz|Ip<`EU<(F9r9>e!88SIF&cf>OQ z#SCD?X`i}RVDfmU&K=sjl>Dk!BN;gHR{4Hbx?7PyaL$0s;A~6}s|P5>xP7z^B=v26 zcU)VVd6=yMgMctp&XCcGVdnn23ZYl_lcWB=#;J zz^|Wge`kkz<#|4>){+L==9I$hW2ED4zR`-hUdS@t~;_RY+Gr^i_;U`u`M z&7IzMhTueqhC$JKOr@Ijql?wqrLfz7j0ApX>;qbuI+BOe>vM!zBOhl?Fg@+#t;yg( z;BK1V<6C)<%=^XGNm0Yq^tX_?Q~Fi|8fK^uuKDbJg85f!FKH&_b(8+Y*U_=6v@|XU&UgkgDK34$r=ocYxgptdwMq! zdpJJE6YFMX6kC@!o0KJE8YM-V9jl$oM@S4T!S*o&7p(37X}d*@?0qNb74ob(cF*Zq zV7U^#JF9_FI_22!oKja~uWvn9*g4cpynJjSI_~D$D2)fsKu7RC4hJ5x!Gm-_@(;NOMIkmKCksJk>Y3 zQ)t(=-aO)b$HM#;LpVe%7dS4_4TCh$4?0hdJU^p!M_bv_QDe_)+mw+GfC|9K8@RKw zs#qc8WZk%S@xP_ICz`5$WnN}F0nXX|(1vWy65?@DU-NNGXAVO4LaV%c!g_KAvnk1q ze@v%e1lgZ2IeAwIG!TYR8{r=y-%u*kvoONlk{1B>b!{xMtm8vr0wN0s;+a z*$~3CQCl_ntx9p?t4GoEWjlX)gKlLU8}W-Y1jtJ+NdC!ol{8p!7fTz;z*fB%S_N}g z{~J_A9x^PrU@SNm3>Gccr*l{r;bZo+&NBx*yR0Vz}M|b<~ z6E#w=S~AeU(h{f^K4^ihc8-K(Pkwi(RNSVY5LKV>Sfs9@X^aB8gkR0DXuZs58XmWA zrU8iJ5BATur0U&(6!=*?krG^KTko;kO~!)G^tnsA7(uvp8%<5uT(uHkaD{fg6vPFa zeSKN8;$Vn)wz{eGoAr&3l~)Pjm_q%&NY;WEetqOo)aFQqnTgf#2^U9DE$t_JeTcKk z+ynIR`lL9-vFflY2=03nJSmd`355O=>I8GkkCX!D8E85ZR0-^TLyaKY05MOah{~!QRPrRNBP~d-|e=FQ`(2 zklwtYzHU$`esm&OV9efTX_n^Kmvtw$oDHMBYLRmvFBE$7vtA&|PkRW(UA9ZBEgu~f z4Tq@T6Cl}ZjJrcl--~&UDAzntuM%J-qGrubql+fx(S_x)5A(#W*J`V1Kd!h4&o#kK z=)%7(1oKd?)QVqdwlkJt9VA`+>}vS#jm5BM>dnf9%KFW~T1ku2Vj{Y&E5I{(lD|yJ z{h%U>tn2sbubHIoaOyGj=>A7ObF413u7luKO|N6?siX>=YeO#j)|t5k)ze9Gdo+*4 zZvR;*E29@h#|!r}+WkHUl#I(N697B6bxLniNmB`p$eRmrltVb}V@js*v~gYJGwr32 z-rXk{TmAz;S0vnHSKxndyxYdf$mllO{H+H#WtQa=YWU|XJC;j<@z{Ly1%PE}O!)5c zwOc!*mxOmO6ec{f4T^ZLZi}#P__mjrOUQ>8Eq~KIeo38xp$SU|Cl|x*cDl(*fO14w zPhS44aLA^Z^~gR!bW|gNY}c&wGO}z^xjTBGJ?j`MiM8BM$!7WX&h9;3Ao={pLf2S5 z+ZXJU@HK`Ov^hPeNv|I5Em&}|U@e7Xv^cZ>0-P(OR`z4}&zBMLcq#Bie_*Ius= zOSE0e+kurZXNYz)vkIlF4k5v=jIyFW` zLy>`)3@pU@BQV7M~!ZtUp zTV4mQ7GnJpM!(31T6K>C9ii#=F(D1AJEszas73EM+W_4tL9Ecl6l+giM@Hp*ag{yc=G!11Hk{abMt|8 z$r@_Urwam^F8F&+*yyhi3x=DfXajANQ@fO9S3aJk)USucD?#^{_P311?)9~#haQ-# z22=e?x(BC)L)=+iJ*51z+19i42tawEQ+)G?bfGyP(-MTQzSlw9M^`#~R zwEAtyF~=pEleQ%3uKtlJ+1kRml`e;Q)Jnst!rnk$z&{m5>cwSij%KOB&zvXRgdeYy zW+$6e9HSTa`^Ij)Y#3kR2q$JkIJ~;;KARC-gX-ymd)G>jMRYXqp6N22Cpa%Fa8pgn z{~xug?61m;meIxa5ug~?SMdDCvvGy7=BdaQK|!o7h2?G{DriVyC49zfg(zHKywI#D zOicK6P0_5xoELwOt8k}eY3zv;O4nc8Q^aZ&v(jyycF~%@(hmI5=mEkt@edd*>Y+NPTGa8 zrCl=tb{Y_1@js+i>jH!8=WIA8_+Dzb=G2FT3PZ|_CC^FLQcyB{lEvNF%5NNlwq}p| zF2a@D)boW7mVdo=#mx70z|=G~ZY#907ZNPHkx}3(M$8^@NT{1UHTiswKGkYIRU4~p zf1jyIx;-Vj3|1DaGz!A?+FIsH>At6V%3)?=Yq*fheZ`Of=}q-TM*SX;tOGmQSnk!Z zbssN+d^w^Tvbt6?dGFuS^zWDc)mW;QvShT&ee<2E{riJwY6Dk#@1a zD(BMP=$})9`UpydEbpdT2>kH_n5 zb5LDtPd+*o6h9dR?wgbKs4_=njpAXgaOjz&_U&(C`#t{1H4Ilv>ouHXdY&-_H?CKO zJ*H(`rYm#~M=#DH@QBqpU8G$bC0-feTE9M`*IlUD*8fg&P|>$z(%)5$o9y}$2N_Yl z!3nM9XVw0>h)*f)c3SZ<&z1X)*PaX~AnFDnNkg?qDy%_dTD27e;8Wx(-e8f+XR}wI z?{$z*mPLs(4eRME6tK^KW|tWKYOhAz{XH>$s6T(f@l-=vu+^D#=M1b5cse?us>Q6< zqxop#z|qhpVVfItSbaf$H}|Y4 ze+lm29{@;=x>wk6pj1z+v_fXIJM30RFCYfE2XmVCkv@_hy-@d>d$|eONtRtluM(RG z_T*ewMXw|$+uzQA(`A^)M9BXbH2hgs58kfdaQ*=fi1kK~9%bqR_A8W+rufOxZLfoh z{zq7ZCBT-tXnds8nDQK;ycr8ml}D&a4j+z=T7K>(GI3Nls(Mv<*sStL5!8MKIh}{I z=xiJra|KWX5#1pv*`s%7G&O>m2vEm2-In0?c<~UU!(>?^1e1;jj3Y)nt{?zryy}QG z$7xe!ni+l4wp>IvFp67t&GuZ0p~W_pH@3-OFp%%aouyAAxZP+!D(YBY7Aj!l*VW50 zItiJeHiW3w$QHsnlv0wFyyQ)^=<8?yBwYH-cVFw2M|8CPp@8fH*}Ed*#M)Z5pCvsl z*?IS|qW;Tz_k7>r;sN96Yx|mwvWRnBo42XtN5yLWO&cco{)Ek{%ZpPsC*6?K75(2| zH{9K}L5)}6ORz|6tWO{16$Bvh>?;%MYUcN@;#Jk zqGj8$fqVa$Vzb-ni*dPg1^joSlGw=3!swXmK>-fDw2XS=UISyW*F9SFx85M3`A~Kq z^MFL{ko=TCViN9*9=2J{_ZlaINcYKk@(UZBahoLy$PQ5wK>1hop4O?V*7;jP-zFddY-e8EV>b;Gfm3eudnQ1UyD$)+AdclFpIuKDQmCG z#`&!sb7YumTic=T|I43VNnCph@S;gYGpQBm1JH1(D~xI+H^|O*pQUGCIc-2NgmC=% zQKYXSH03#%iLn38dbi{uhWaWLx;eJ7{Er3ERm<>7ujuqXp4&-#5lHV?B1C&(crx=@g=3m3Q(2^_vfBH+)W)tJC4Wr0~jpmFxPUtQ1^ zi8EHDULa{S&FnqVXJ}wu)es|o&BN2nH~|%|+4D1Jmt3vAMpbvt{s71btt(QJhTi`d zcw3B|G7{ab{7rK_+k6N9(PusEYN4(WSs21u@*|Z6r7(EAhxEQyEK`jFFSNoO7TDh_ zixex*Tr<%0Yz-^2uWGnfC76zDDo%~0iX=7b{rWe^(Knqwy#50dpJGqo9c;5Jyd;p=sQOnA4bqzIOU zuhi=kd9f8Ei5|7#PXP^+OEedK>D-Cr=uYD8zlUgQ8|7a-`dvSn;dw>?wiRoqAuW zqyZMMxdD>5zpX0MCp{_;MkDb4ocB-aaS1E#s;f2RJoYrk*(%xmm~Ip+#@JHQ%-8i!k)zGS2RA0xsHQhS<3#DMPfIpUKQ{Q29+Ngp@ zwQO;=@DcEu71NPtx?1$AtQ@ybu>-vO%vGWc262+(Sc2bI=41PwGQkH|U=Y6_hIf{S z8z}=6gqfORU>yUEq=XeY1D!MR%g+}W0>B6%T%?8}$Oflpo#qgqQ`@mLe|$s+U34i! zvLB+CFBKG=E)Wg6?k>)guJiGe8ImDTMnSzh^A7Wc?Y7h^)W8qTsvE9g@r%wpNxxg{*|w}|;4lRaRm=8? z9;@9{{tkYn58M{Nfkkdes%@+^O*`ce(&EYVQ>J)nie}tn-}l?C3Rkt*BXjT0nfX#I zw-I_8VLg@Afm~@NMk-FWg(be4*7Dr({ly3xGM7}esCu@((ODY{J*vLUBZ*PzIcmxe!|ZGDJL>^-PR8W*vqn?OWm5g$ zGTG5Wz7DQ|Ab8*NG+xY~DNw)p()m+xKz-Nt5wyztmQzVj*KS_deM<{%2)NF=TlKxy zSV-$-mRfa&{Ex2<3!{3Pna=dl*5_M&IS50{E3PZ;l7+ZA%w5~ta;4t7<&=AqX7-R{ z|LjrxNe^kfG(I*Hk{cIrPTn;bYg1ng)M6R;f+{Hdp6!hKl$`0NI1B^irRc0G zV5Bs5!bEaVo?%bFyP=Ca{CH`!sl{sK%(DQGla2Y;34x9)*E+Jjqxv?^dWx*zHhXGA zkJ5{8uhbUqgl`X7FC#Ozth(91#=&B3uyf%IF-+lFkc1R_UuXK0CX%@|BZEO5IwUx5 zTDrT}3LGF;+JJzUr&sgU$*-{1%LEGRYd;jx@l$jA=m60H7Wdu=Q~n~l4*DZ*#-Ml` zq)pVZO@=d#X_9^FMz3PvD?;? z%X~bgHyYbfti_at3;$n}*_+e1OKY`9l|DNtGBFfJsyY85s;b)4;K0})-v!h&2nQ;w zj~h6shq>5NpxN2&fg?a5H>2l#mW7a)W6}@OZ@cX0>>-~;?H!3l1YP%Sj>*&UB?W9f zb?HMZ%d50buaMEsLze>5{35XBMsj$w-VX zp!G+k5YFH}OsW})yS{=C(fL`mT#zxn`>zX0`}pG5EcNWYATZ!)arxxu+E*z3F?nX3 zwhZ1Cg3FS7n1-C&%t@H^Nnb&}-+lx@Op}%V2X?!-jkw*mL9c7wd|Rt&u&NJa8+;(o zpx^H*Kqf3pF!+=t4Cx>Lw=3E zWN0wyp{g3Iz=#}&@7aIRqkc7Zbji{HTY9>aDWt->3-Q0iWfC0Bx1h{HUMrl?6(8!d zmd9@R&iA};fAv@CplOH*Q6MQYz++6xCcCPUmDiRork5Fd1SF6?6{}X2Zm>K8SRZ?{ zvv7jvIi=>TV%}X`&7920h_Ag}IQcx!)vmau#o>eIQ#TSmaF6Sf>|S#F_P8_EX*0*z zq;_=1VlKL+ixn%=Qy=AfqiyCguh|r#%oc2Xxt<{ZW9K9_DV4Pk4i6k_B%d{6evaD% z)D;Vj+;C~c?I{Yq{=fT$sCg>*UinAIU(NzEr5P|ggWNG#V*JkmAptetHvGu)9C7V2 z)g5vCpU-#E8h;10TXvEn7ON!S7)}x`q=$T`Bt(gqB}!%e!ttO?5w>=zz9l<)J^TFo zXvKXsy8mI_YSg}X(?`)bEa&9Pqi0G0TWwrIfXoCh!xt+G>^xe!;@C3!%$t;p5yg7xvtPuJ~ zbcpZiLCL!wCEPR?NPM8PnwIS_2D#pBq?!^hh{YmAmmyQKijEheoF+{d))k0UX%sE< ziHh~$r1?RtwuAM&MyFkIk!$7&pf*L{<`qkMNJZT6s#SkH6K;bc_7wFao&$2JR;SceT-^+F|1;723zkx*rHlLCs&*Uj`7_b9*sbIO!T3i+fjDApGpx_J zFX75(m{!>FX6Leqh;`fA$(O>0YYiTi2@uw8gYwIgud_p|SBWc5nT%1(c8!bC_-DNn z6Fs%E*tmO_(bd?r$@z0-=r|l{09<+)qu-=H@uIssKG zch$#X9Ybq>eGzZ(DCC-Kd4C-9!X{g>%&vkg3u~4?wGr<_s%DhM4ppKa$-G{X==2=i z!i7So1!?trNH9L7k@KWe>UPP9nLs5HL-?jV$JqqV;T_%#r&nV~k!sY@BII@xYMcD8 zk5Q8?rT~3q46vLb4OS^0+jjf5{c5C%QW^xdN@k3`&0f#+mM`geaMt-D;GN?19O5W4 zh+KGo&baTt|}00 zBaE3`^i&*Wsw$ofPBBk`G4DRP$a;gA+O9J5wtB1SEBrJJNM>C{fYQC>RcC>^|h+9D!sT=?5!?=q~|DV69l-%=&)5n@lrS4 z-<8#Mf>;(^oZmQeho?8-y2G^%!RI!-0S98{hn}5LD6Wb8wcE02Es3=!8<&nO+Kd#9 zR!x{T?8RQ$3;2B`{dtPv-zP8!+6)b%saOCGPRF@iSbKfA{?kR^#=Fr+N@Va?zeDCY zT@>hWGcsfy!HfSl_Xrjpp7+mcYld370T0?&ENp!oF8i`O1wCLSXuWtw(<)+5ebMde z>IMie@i_4Ymv;{Ol-?hPu+2HcchcV&C_xF8(%{5M^3I;$``b#j#$I`8sW>{tKAZE< z6IJa~=EQ1npl!stVoNE%fAP7T8o7g)%0qFpe+{hT4qDU-1AbzG<8p+A*wwhpMQ+3@cYTu+H4pEoBIz32R8U^t8Qv6J_+ z(sPQT_<)Fxr^l#oBpe#G7SGXjkp!~~?`xD4&1KqnX?e!epff?{))U*c2=xm5ew=VX z)2(mAF%S5SWce)vWxn&d#>((o(GOo=haO}*E1zmIgZiW&j!l+;`^+ccbai7}B_a(uB{uj+o?n>{iv*w)KkGW*6G+m2pDNQ6VD-~rlOZo zV)dPApyI2#;wxh5BlZWdLXb`WKU}t@iM4s70jt{<^e$$?s8)9@@Xl;K_975oQx>kp zg#QUSe>0I8LwZtH4PO30K4SD9=YohGyB48qYPsIrRK7* z)~JdN7{0|iq|uRO>#a5YBpoq!c&Y2Hvs=f85l$Z_3E8@ua7FR-j7LktmFn8ZPIvkG zoV%`ZZaSJCR&8R8a|X2Ci^C>&Z#B5%SE0*3{Fu1>HgWazig?zPKku@2#2^V89$|aW zbQu;$@UimTeuFG>;7a*g1Le)8CMLf~8k9(*4E1FR;lqs+}!shV6f9s>t$kwRJ0I z5T{l?tZHthV=MHoba0`2rO_4FLDA;p(=Lkf|zcjs?4%-($WpZ_A0W8O}#U$lL==vs3!9dy2o7nP6wz4v> z(>gk-i$Pkl$>It&$k)96596?(e5ytespfY%;|nWiCAXfbD8~MO7Qp9cn#LIoWhsz- zvvE@&6K&sMJx3RK0e@kyPUY6J)>8~+Uv>Ybq0^mDT7M|}6kJ`yFx_pJEU0R~8PUVK zIsXP~-_UJFME-5OPaR6(`jv9X5mbG}`U6+G)eX+o(RtEeJt#!1Y~b4bMoOgyr0+#H zabqck^^ipT3)D$)sBbeuo!T)&2q}>?<^?VF?py6y1Khmo?zSWJ>j-DNW&CYlM#o`u zd#fh@Aklsc1+Ps+l_{R}ngT^ySlt*Myh;pQbZ5~%cb64(dGw{^!7fdD>jSzQG=#7a zp!^Y_+Y>c7Pg2AstumLr*EZ}1(x_@ljjb4$kyG)#8V8CL!00*xXs+9 z)>qi>Ke-J-?q1Q=hbYY2v%i)+DA$fWKmU6A@0re--R&wZrr*W1etad~lk`S)m(J=T zI}sf^ZO27YuDB8fi*dDG)!w>ZjXpJubeFyE($nh1^oC8(L9}(mp|Yu=?zou6W!aZ; zK|R*W-uuLbUZ2GIfP4mF)Y#Rwy_;BOd#_|nK{nf&{H@hm6nkH4OBC78HMbvKV`rgx zIK7*KkyN$)L6kW$Q?nF3O0b+p{g4B}?jv-rMJQ-Q35B>Fx3jV?P*;2ciz!=#t&V68 z$8~4jm5%lYuK3?C?Wq=v-KjVi!9Q$7jEilP-^!nJqUW=vf|sHB*W;M|;XQ>Azl-VM zo>W6=OkZ3;wW}%5|1P3K|2(_w@1~!XVWHI`>}A4C=k5}_wG+mEF6@}w4BVWKe$e14 z@FS{WK8v&;?OaXytr{CoD021pSE-H~;FLG_J|cMPtv?s9Cay|Hgi}2!cjGE(ys4kcziKG~Gh0Yaw5KD~nIDoUC;QKS*;CBQ z1}}6Cgij9N8pSP_W-o$Mtp%&g0OMU-nOT52_vB}nyuJga)dPmQ-HJ<#caGdWch9Hh zj4+&He^y54e5)k6k=$|ri#u94^y){bfl;&REx;+VTOYHgKYgZITp@?X3K-0}>xMVQ zmcGD)-7|S@^LHa94062i>#Z_pCHEOLx>a0>uqtJW72?Q64z!5cD+`78gr9orsAXP#< z=e^eReG<@}4H8c^-wEhc_f&wXl!w?0>S^{*2`P$M+F_ahN#k&Wz&<8vbba{HIdwJ? z!!cHAZ2Cj|ljvUVzs!3OTl#V}^WgVY0i0&d)%A#yC+fw~DW*GM`BEG<&oZQFjvV*5 zA!^?Hbl`ifss)P`rLd$AujK--B)?eE(=0-?PFDsx5`S)*dM1GMJtNg-S-VW}ehafq z5K#mvZoc!?Z)(4k`~&=YYR77GYzbPmfqbEpWZBBG9JR0{2tf1ZVawC>0zNvGrfYt{_S08BDDQw?>1BWx*V4`J zW7FoNYPGo#6{D8lscyIXt<<%xeZTju)e4BxTpBu2s$rxLHA@2ZZ~vX*qPz5b@rk)a zLSz8I|Ez%>}2FmFBLdOE0&w3fj;51u|sI#MaaM z;9d{1U2`W8?=L*B;XI&AR_FSA0njR4axr+ka$So1NmNHtryEs{+RJ*P(M7YG4n-jH^$W)xz=9 zvC#7BiqZKy(WT<~kAXzWK?CLA$(-h|w3fFJWY^2EXp-(_UP=>MA*1ieG9Ca#Ylb@< zlq~aK^pbHFJI#!#=NL73?F)l_fO_Em<#?gtHV1Xr%5eXv{zXK6>^@)_b&cQxPiTEJ z@jgyN9mMt@>lmS-71s95<;`513Jv=eB{^9Qdwf%E*O$UH@b_`TH)i6U`D8Qzf}P*Yb`yjLbaRHh*1K z@3B0Bw2t3nIw}116n|z%G5`u1$V|Cw8=(WbdaqV-KWf3-z_aXRd$;YuHHAk0mMn$o z(3dndFwc7*b%mvj(Mu$=M>FX%%gt_c_Veyisw2=m#Do)k+=t_vtyy8-Px5``H21+; zs?=fnXn9R0H_kz%yaas$Y=H08iPR%APfn!wW1hV-qfnmm*hm`Y= zA(GPn7XP;>Byf^#9}?MZQ9rrkT^>BS{3++^j(1!f&UC#;cwO-rL}TX=Z}enN!s|iWB9wCA5D~>Ajbamoj{MhP z!!xv&YRh7DQ1M9X1yIPj)*fhfCNxjB0+|O`u$l3UEoPuzT14%GXOm;KaNpTo)z;XW zqBX6OBl6)}Xv2&MzB`09cbyc`d%8S4#rVU+?<5{%J=*$Rbm;Vi;)wFWTmORgRR$&i zGXHVBJ%#R%y*uF2t*$eYQF&fJIqVVnu(KtzA^m^&*);!P2yJ6{_k^?VqyiGu{y+}4 zrkQXuDd+1u+%G@BgW+tnqD{-z$Fciqk@mStR0EpPUUB}u-fZB=J&kW>*GKYd)Vz#! z@*>M_<9s$ESZxfj4^x2`^3|65TgbWfo#<2BHwtfs6tC%?MpmTXofM7iGXk+1X+%*Ewr1i-{T7bCo!bl~7aKAZ4 z2Q#4_6O>!E$3CI$7X-U^fi)siqA~Qi{Y<=yCaktX?j%vwG=%v|{yL|Huj&W9?8*^d zX%szba>@!_1cBa-%${Czn}F$DORuu8b_CoCg8&r48xhI08*O{1>7C@)URgtE1|g=- zjs=i>O49;-2XvcHRD_+m(<)-a4{2#PLLOh9wKZ^_pU>on?xwi!k-t=KF_^l>vLoo_ zlbSwn(NIa<-)N|3H?C-hCLQ=rZ)+vXtaN=J7f@re|6LRNZttvHiz*$tfok#C*qvXG z&=SKp)HZKjW0r=h#opt{K--qs154GZRyf`DmEwX8vr{2sxCasw;}J_UqJ6U66J4$Q zL2I6^W6m){%5ph~NNH2NyQ6BN(M5#>w?aM>1+2I8P5-?4vyT`o?c%4hOSXfO2C-*K3~{BBS_TUQ&m^Ey zE+spHB->+%n6f;`%>DX3`_}u-TCAOft&)O`qxZa`O?`cS+L6>|KFoX6H37M6HoYK; zQ^F%jWbYwJY4q<_Q^vh4A!b4bqTZx3`(E(HjQEnw@fPzSg?>2sWsUJi-$9k!ia}@~A&D5U3 z7R1@|M*UjY&+xKnl!M)=w!ED*$zd9NdW$U=3k=@xEor=iHcOXQQ{xl;6-=$~v>4ds z@2|=cRSR#?vXbS_%d45}z$<4bLr*O?@FF_<$DN-{lq9NNp}LN7?8y5}V{uoR#tcsw zDhiA+&PcI0^Qr%)K>Nt&ziT4_@KXd`RY$V1J)EmlYoE+Cotx4__oSp$vY!rsV0k-5 zPgBl8_WE>B-2+h_LYL)Wl*EoJUYd&>R`^v0Ra;!=G2*#L(mVFVtF(9wnEZenUgEx7 zpfEx*#%XfxLFS3JW`ca;9=+ zGyZX|v=zlAy!O_b5qL-Ghg|#@wKO1AHB>EDa?@ty}68=j87)WN#9(VxLBA@(Mq1WgR_uvic}bO)_W~hWUuT4PCqd4Ue9`(l+ob zl`!Y~Jp9$>Rr!-x$Vz5$iQS;3uHq6;(`&=g$rcbRa0oekW;dr2U+*QXwvnh2U1HoV z+|OXe;W=(w;s#~2rsrB4RM%uwX-z#VuVYzGmG|a*GZQDFe2BPvdCXmf{VNQ9UEy$d z<$zU)C!@d$zUR%Z*V$aXF6O$@>>Gh`f*b_cJVcK9ocGOBmwqVc3$Ve%Q-UA*?tP6S zXed3vB4FUk;>BgV38rOdR`aBq{KxB4%)(6Dh*fIr6;I4gH9jx3Sa2qsIzIin6|s>= zL>O#DL^Xoj)It=&X3eF@QL3GWV-HxapNxKr>t#lYrTHuA>IB*Ch0^7)RW@P9ZI~cR z*py}QwwFIP_;7EBmrIAC3I#UUF$6)E`#zrZW=V6|Yuc6nJv zLj-T937;bJB8mQokwkEmM!Sr1)wkI6<<}B~$ld4RiK;&f6z(hj7gX{fB&@M%tUffV z{SCr?F1@&G#KL=VeO-tte=m=@jnkqlRM^qk@Hr(`(n0&_EdaiVjt*?2lR(~C~5_(4^HSG8sc|tt+At5^arVUr&Q|EK$4@K zhHWIt2QI@|XTgHwr~fdqN*>T+0>6;9PkQ%}O$OybeoM8VT;Lu@We`C0Z_@Pq#1c)$ zWKKJ~G{~^)Mpd+xovON}5LsEeU^M7+*YH*h%6H%%C>8POtnGCY<0spDtMM(XgQ%J{ z%WC9fcu=X@X??VkykYd=5Z=AX!e7r8?64`2O}l-Mpr=M!eEWda4N9~s`n{q8SU!3G zKXJwNLT|{nmZBhR{`3!sS~&3&e}AMQHJXL`tm6~}zn9Q4re}E$2nAj<-CQ5VpMWkJ zZ3QYt>rmr8c6RPRZc**$G4#HfNDlxn^9pv0&5qRcnY!o1ZcE0|vd+QS2xwIYyq zV(Cma1yGT!WsUe6vbPr%wPLU@BLwU5z35`jiO^%7J*S%HzMgdbAM7t2Xs{nPt1#PVpDRq-r{IQSKa+!%oc?zga zU>{b)t`>K7Lyq0=XEm(Mmh#W_`&c5jL>_6ZzDMXy_WYSO6Emz^=Aa9Hz%56OL=CI_ zDM6Bk>$(nlBK$EEQ3Tg=s@r?nD!fMf2io@x)Ai=QjZF#)I2jC{qqPc+LsaR8;OnDzvdyD zd4pOWX`M{pc^2<*`-24Yo5|Ep38uv7ibjO?!pca=u#w)*Wv1|ZZRob%A?2a5@y4Db z;I#VcT~zlPt|8P`+9v+^$<7Jg%Jib2Gpxltv%h0PA3FHgR!c1RccYY0mkVz&w1k4e zdj?n7U$(d=UV!@g>*+~5Vw4_a>PMCZ9k1*<04&3>ckUI6u0;43W*(P>4wb0cny%z_ zdJowpq^RzV%VbCQ+Fokl+PlvgkA6Q}F6gnZ@kCy&y$ITDs=lp0m)f7$e%h?`vkgHn z`@vOq!hkHmGssLSb5gaYvbOjj3J*%_KO#d8y_uI0wj77nxRWEwH7$?q5c z72}4x2)m=5ALp_b1GW;;`B|B&pQHQ52K^$BktrUS#8gOd8Lwd(;nzRs5!6B`MDoZC zZy3f6zFmeFJ6wy}CnRbO8jYJc`yEwht(Yp-G#NRAr;Up8&Zxr>O=J77G04oEywowy zWWrF)57N747|YN_HV40j9{kqvTaO@9O~TLJvsR7he#sKP`4ZN$_WhJHZo`O;-&B%a;h`#Cx+ap4;4Jr&q&a_L44^9A zrb8JGG5%#--3hZOrvo9>X`RP~L)7kYCpt^oWxo8zsKHoL9~tD5>Q*ijDcKyEh!KL&Qa4f5^QGKb%grkN&|t`V5I*wpARtcU;@=O=k_2&^dKq~HxnxL~zv4)RUY~q&XfFoif~wWPwuVipc+aL$ z>?8^?0}S1IZaFr|PzWD2XuE`03+6y#9rYlV0m;JbwTwOLp(cr4T(1q;@eQg{fSZnc z(F~84hNvZUOWvb_Arsndy>HH0niM*Fbq~f=YyCgdHX-mA-B3dR!b#P-FCemulV8T_ zjO*EfXN_9*zPir}y|~V9dQdAvOj2%B*a|JCGi^x)+~ug%=a*;B~8zVl~8akc(Z0ei$lK@pFb7lKExAmd?c-$`lxrP~4Tf*eh zd6$JDqD`fzN8sqvjHp2Be`SL3myaC%R|7iV$!q3c$0VG^6!R8fa?-DApK3b%SHtJC zCvHIVZQ^JD`BYotYvTcTIliP{?>SBRyFU7_d~l^`YI{Cy9fSu&0nXy10N;9d&f6Ku zaZB(HYYh#*U}FM9je+Q=X|_4a>)nCz?F}YQdhj&w39>Q{;s8<-hyam{?4s-Mrb8zkaEi} zF_#n%mYx_zGbX`Ma6e+dff_N8PvnLq&>~kKTY#{}d)&uQUXyt%Ki|Sx70(8sg=xX9 zhu0iUDmIMMSZ^IbM>mTHm!O3+6Gb*yE&aCpoQpH4p@8DHr0~_=hDiZmJiY=qB} ztmm!6v{Zld#k8%k+3E((Cbp|#&o0-mGarZE`981ib6E|Tc9VO**12PQ{Eq`;;Ts7_ z9Z24dd_5~^eeo~Yo$Y?qDhDS#de}aTz?fBjy*FMXT@IYq;?h_h8NTk z1yiSs&m;JPt)b;(ksEeLSNgEMbz1wj@t~kOt;+fbBJ1lhEiu|^IH!Jr-PZg!riHXQJ9DVYn5o|_0}4O9caoXBbG5&6L1#fzsx=Wt{9*u_I_CRc9}Bn zwntVUX#Oo5YX*I3J!f!vaN9mh5aD>q?3J2Y1hpsy)}xT3p|2LVVwL;^PzUc}*iEcG}hGdZvGzt%k@qlfF`#sb_kNq`Bo5n-aH`Sg*Qn9q9ly zZ(ZVj&f9!Nc8cZrE7ETmR49RuW{gLYfJJJvqeFU(Ne2bX-3zX!LlOKrQ7Xafm$t(p z#9>cC!)hUUc)hQ}gy`upG-eCUxpGoYE(7~;H6TIFHexK+8Vb8C;VX5v*Uq|FCFxr` zyQ_|z32|PjFyNQ{oTQ!{t`?-L3puWAir8A-xHnH4;_c(PnBOnT=*GnDSs1y$Pbo;c z0Z^n-dWn`5bzzLfEYTwAiIt*wmvRP5nDMx6b{J8FQ9^y+5_-1+^fO90m>_El(?DKa z{%ufrc5_#v64Z!?vF1mjxfh1Dwo2{j{?q1v#;oif>SZU`$yGtx2=IRftOSQbd0ZoP za5Drid5{hvy$;F>?{70rcE)pIQ&-;@-V*v1yrI}bO@k;zUtFXfuFK@1Rz1tw%XX>B zqvnO(A@gyc_d3P{;A{DQBLveVJ+(!_IV}{Ip4pkaGJDPO3m>EJ_qrE0IXWv?%D~*scW~?=X`+ z?@Yz#bwgpM9++$TS_H9MEdfc7Hs4@GBFjabU9ItCB-@)3B({Z2d1kY2kytYiV9DMV zMDNN*26fp5khwbXfxYTBZ@yF}_?%sgKS(^NKJwA^3qr2wv>?&zDD@8g!9^YFVFNV> zixOT{-0LJ9GXnV`UIRwo(^X2{Xw8<(4Os(f*N=MxVJzi>vY~#*tU$Ke`;lCI5LiRl zJfaW!pTu-9F>?{eQZ`oH=zG$9@`l`B!B1PxN-Z7k?hn{sN^a~Qqi>bdZI6xufODTr#WSiwlJFPRbUE+`mA`EW#vBP#M7ai zr6d$S&QqJ5SZsf{_0|m6!_Kn(Br8@bv(fq5iBu66WUEx0fD$0CuzT!6h9@0}Xr&x@ z0Ka!i6$tLSSI~*PL-~Uc?6Rz)saE|-s6qQCj#zq``gV8^_Gz;F&z1JHve_U0@xG`p z9cYm%DNvt3g^#^!yW@Lc9wgJ{22-(AL`vO)-?NTl-)gD;Jt65}VCU7~`^m9WJMt95 z#;%jKzjLm9!@2#P!chfx9;{PN`p~PnPcUycclwhRV!$(M#0f3xnKX3qRCMeBr^|Dy zrFz8mcx}t4I5x#@fB4H5)@cMtoOy^k9Vf2+R_G`>0XB8sNO-4UKyqvTNj-eTyH2#Nn0=3y&&oNJSj5L;u|fO z1wjeTd$azoc$p4}WQx{_xcwB3;}xr7TX<29?f$Y(B5a5%C%-WwUc7}@keboeYA-88 zW*!K9(^1^{Or7g%Z)6`@40Z>8|G5D&h|IO7X+%1w)#% zygNC1hg8^f1h)<^p5<_ev(^hTq_x^p8yvH@=c<>H$`*3 zamcb@gC$T**|DvD@=b09Y5Vm>Lk_?3@o!OkQjX((_+yVJ4U-+0TK=`7)jQ~;#g51l z2mb_K32ISC;UoNoWKpZEt#=pT-~!G=rNuW<4WwQZy>GJQ6$f)=>i{`e)4Co}<@kw+ z-f^fQw&swVw=ZkSNP>J7iustY-UF=;iu`!<ZI3-p^mZJ((zOt(sOjg2%}9I5XGj^%Lh>^(^b6VyLbcoV8NR zkyfmVU!Vd)vl%;9ov7??^4iR$;T78Un29|FFP=)FJxC&8e^EP5XEbgDVokX$=gtTD zYsEyhcv*`aRbR+)K4FtCdjps-9338Bp9$T5#Vx>^MXa8eA(^Z`nr44N_TetPnr>Qa zjV!R>aLC3$T^ttuKvEGx0C_E4yX&-2sF8X`6*6BsE=w}iTFTV8qu zs%e;QFbQVO%yy3{VYY#ofa6F+RH#r(vNZj}H9rg6rP6^D##PYEw6|t8sG9E1Q7271 zGEy_uIk=pH8F<=X)IJ9R>Z{5$ZB0~SCz1wI9)^z?FFie-4f;C}pDj;$REim(OsTR_ zJ9uYt*Doir@b8lJd56cZx6mB0{~r4Vs>=%IkqB(r=4VQ{W&5K8Q7#DF;EQ$colfih zA9UFX5iieMVOO=RG#2PFCXRPbzI4t8h?Dv7}OoGsS!5}9O7rfB5_G_2mv-v5}rk>}-7wr+ClGnlb; z9)`;cr#!`mLNqYTuOY4w{u5`eOK}`QTHCZG6K<3XKE7@kI=3RYo;qcf6r=Z*#z4rS@E1*>lrJ%MnT-Nv`hkG*J;M5Dc%qs^9RT1o?($Y zjhBTpmd_-Sgs)Q5ZTo#uleN&jyQNDDAVr?3m04AZck~~-^IV;;OZf>N=t=XgWyv+P z1WH^=A|LE1j}8^Frf+~bU4OMw1huRa(^|Xgnn9+b?F6V9>#TeA@ZPUU9Nkk&s0XH$ z3z1opHPpA4YBeu!3r#?`@QpQf3#>;jY(i_~$Ht!$8}d+HY8`b`K&7=XgS$lHxVjc# zK05MhtvhCg1D@fA1o>-t)tAjyU{Kz+fX2b_JLla=pA%JUwXF8i3TiQZf_cBR)XSo0 zB}7QWr`P*BUNyTf861Y``}&NCAc8^R9Qu{)245w{!)nhzxZ4({*emv$_4=1u4cW@V zzPR|{?a@zhxWYHOHKl+Xpm9!)D$S-6;CZrj_$Pf>c)MmF33&Kwr$j;MejHKV42);r zju>P4_xfR-W-@n)DgKAp@5G$oDFF;jmfw2oG0gvBB@Gi^BspEcj|r6Cb~L>6cUb7GVXArlMy`LZ)}kWl7)?B#lUAI$di zz?8q`8gf2edpANiBl}@B$*8*;Wh1iDOFGl{4~5xx0QIHjA)6y`VqP$sr<~@4IhUHl z5IyMY>>?;lM(8Z8+KJcw_31tv6U_3^Q@gP;acUUkpvPhfKGme%N#w}d&QZmpKN_=@ zR;p{iC(kImJxY5fq)ST z<>ovcsg+X=)Jm()HWG&iG@<&j?4M?4vbrO)z*0heJsn~ZRo6B?w~SRh!bhDBm*NKh z{K`V)ySm~t<QHd& zWbY)7cDx+|f9DQ9e9I<6*2{N@?{K=~?mp4aHgpALXK=#bi34q8n{P=hjm;aV!SAFB z+sZ-R7jl8Yt#sLX85#Wkty`?P+8o^C4>B-_ZbQ?;3FpAJ^yP}L**tDN6Cr-I}R$lFRohJ+v^;B?xzAJn2 zPlb2WI#DZ5+)vf}Ik(Wq<8NgNXPCP;pa856Z?8^gKrLL3WMd2n6XkIR-rlmxwHCiy zn6|FffiV|!4C{S0lDzniSA}gw4J=~4H~LgFzb+|&7He$=hBDR%vPBloM?J(Ky{JKt zPHZxPa7}7%yEWSsVI$|&%!u%cBcv{p<4yJ;et{!)LA%w0O3LvM(0=JF=X8_FKcziG ze1Yfqj9}gAHX=l+5jrLc6ktf#HAv8$dGJXsi97IfG!oJUmCZ>2USY0VlP3Aj&80!-72 zkDm{W&M@a5fRTOx_ALX=S=s|49Ck$CJ8AXM>$2Q(M@kat%F5*Lq3T!GnI(00?S_(b z4q5V`{JPr@FD|Q!w`hI|39hiHs_*zmWXTaH+Gfr&VbKBmB&8$uM|L}E4oIC<;sGD| zq*NJb%LbMMX1dPHxxFnQ5W=Pfi^Zv%5jzHZcm1IO8zn6}yUs@?H;TH`v^96uyGPn{ zcDT;qXy8!Q@R0LzpJhVRJyr)m4Yj@m8%m{Fo|OU6yliL&|41#`qu+EUKgye=W=P&m zn9*2rw)d#2A;UiHWdoT)4w}cRg9_T^1_#baWKKfASHl*a7Q@9Wci36mkuJQN=rd1{ zI)k>(xh*xF)4a%iusKAvlX10$_i0WzM~T+WaDT`xp}g>H^(ldQ=yDBF{e`2hn4ek%wMQx!%Ho|BuLusiN^ zYoS`EdZdFHr(gq!wwa285lLdy7Ov^vXB6E;+f2ew|1;dNXCb$g{!hb7j0@5*rP*ZD z2Cp!uuo)c25EUjsUd`=#UD;LaJh%0|FM2H6JNAB{{KYn^ySNCy|C;6~cHB#fJtP~A z=WTRFmt)EZp@P^FdeuAcO`mKtIY0Huz^leMb~MX-`m|K(2g29U5r))EDS=ijmaqih zCpDOo!UKap^ZsNGl#)O)yOba^l=)W!yl7wX_=O{rygri?eG}7-LhWSPMG_ERjytZ6 zB6Q)_a>$~s0B>=iAxK1YCCn? zWuN`QI;4k+`hh{f`#JYX_|e=4wX$9@%oSFSOz?zcu-f2Wkff)2;gLj|X5JD#kT*9D zpM8*{IQyT4KBON@{^p$pPR4)rXMDoV@<8Y;C{B=oLj`vqCrGw6Y`en}673xQj(n4$ zLZ$MN5Hzxuk(wDSI@Cy0pur(3e0a>#8mflr?J+XIu3H(T>#2)_$J+el;sSfY2}=No zYs4xgf%o!9O%0(d&k4qe;OPYB#|+*(Qf;OxSu*fa>}<=aTX{{clel3!vT4CP<)*%B zal4CZvZi~|#+r!o;omCW3dRq{>v#UxEQB#fq9kqM=b}vFW$Yy{;9>2emOKAE^?l$7 zjX0KGvS{_SgdXPvYc?V zeU|IV+KS+HjM{3=Qub~}wo3gGz?tou8~%k1;mhE9wWFR?tKu3y!K()CXLu!VF=uz#W`@r zoB`i|xkA4)%N+0zNj;1@m)vxPupr@|y5qsx=2;)Y(+a+pBKBjCJ_kInbV>;@HJK_Y z9KtWCZUvIZQM1;hNa6j!`@;8}_%0#Kd+5fSg#XID<68zM9H`FTpp^^e6$)~$fZPWC z4YY%93wBlMDVdEy5lTtG*c#yv00kjY19**lV00d!vFMQE`9dC`Vi#E)?=XP^kJK?Z;H;@`$FmBvfd)*K+pKqC@h1%tkG)sihofAcp3LADege(kJO2u5P+qF#L&H4ha6_HyWcIO-}I(-wR&#( z*+3~k6R>eVhPTbivnFr}MpR`9;z_?%oe`Ej_4*C05K++SJmbcvbnIW@4BT4O_c9oO zi+}7#)Ne1psl$6g!0J?UqWhvLV})hY6ZTr|5Rutb>G@rmIFB^&zsaACY)f4=?EO{o z+Y5Cr?(b&=`_C%tEt&y80Hr2dRa~WRzumI*?~w{%iDNEWI5oO<>>rSaApvtL99s^!XEmoKv&Y(?- z&zq_Tntwce?1fgpW)G?u6h`?UA+Z`8o^RJIr8`UwqJMoNub{d&+ScDRE^kITeb<1N zBkrIUWa?pExK%_o%R{bZkMk+G>n#+sJxMX1l#)&muNRYlf*<^85~TnAGWRy5Tc*Ll zsxxf5nU`_HWXrg?lhoL=vg>zR8O)a_vYwwlwQ&gCRE0tBtm-CRfxE8@mY;43c->K7 z$Mc?2T0ahXlO~_@0;+vZ?S2kTED(3i^15rYH)!~gu9>=&a9t|;R+FP#hB24koOC=n zL8Lg?`dzIZ(91i|a%vk3-tUYI%rSJRYy*s}g3X(KdxkvoO@qPfW0K-kx=WWc)J+uu z6+2u$^^jd6qQyD8pOI1>S0^l+9=;79G4Ze^{74IrpxnXsTI`yj7=bE81MOx1)e(FD z+e@gO5f#_qRoK+}{mLRJW@hUDrkh0TR(E;A<_rZmt0AjYA#^O|9zYdnvhCK$rPpJZ zuL#kJ!GhEwH8!3>fiDgj>Ro!>iv2|#&XwkKCcrbC!@Nk5k>4&{&;%?}rqKfDOpDz2 z{K~0L1G589o5qS~CcVg7xDCMhtTE4gUblbpA`+sQN&@IY)mN=ww*?N3%nJ$#c{%IPo)E~ppU+>s3NLwo zQNQ+6UxIb0@6XQ$e^;p7 zGO$yWQo#AUoi2O3DF@>}&W_IUidrKL#&AznVjG9ppFU2dV0!(*xrg50iPF%;oD6!s`tAj}rjI?j-{w_O;%g_dQZy!C5<4 zY*#pb^8HozIz;n)rx|H+#f4NfM?DpeCz`#`xsO=rY25C5-|L+oL=H*cyeXH=-3ou5 zs?im_)q43~VqURuD;Q1x)TvxG@8;`%Tem+b_)YLXGrQUf%!h9WB4YyH5?bkX7+ojU zU+*X|sEPzWj4&W&*ufVrHZNj(t1C&c0?CyfXMAq~KnWnLzH?0aJK=`h%bBNbzZBum zt8%vMUP=j0AF#$x`lHdo4pf~6%>=Y{mU#*%fe;tGP$}{BedF3)lZbWik z2*Nu0H3&mdIuDP2mpR}O_mXo_h5A0iTYGo@4j4$uG6O{VTq{yO*@hm@d)Qzv{du32 z$?N($Z^o>>l1Sio?)#HPEcSo4``WHD~dz#y8rs2qw=dFX3>+ zIR?GaYa2DDGZ?Y#)uiAbqceB|1C%cI>W1 z=cX#5NJ!?sN;v#?Kp*XCUGCd({8(f~c%{x|Z1@hmtJY`do=B9Dkh(xN>7qBJB6|}I z?Z^hKD=k^3*bin#jMO*uM&2Cf@Y9FWL}b8R-&D`Pg!+bRUn=nBOb^+8-lJFTlcM2Ql$5n7a(%J*onc@ZIc66=GN0c0CTnT5C-hjf$-iz z@oRmNPcK97AoxwkwW3M;`m(vhmC-)>tpEX?5^a5(%QkF2oLvrP>tOaH7UI=xw3_)3 zZK7!Y8c>z}_h9G}I0w-z9}?7QU%NM7yuqdv(+4le1(-j6X;R!fcVv79+bXl&H4Xjp zILx-=dctyUP+`_CSUsX{DEPnJXCuXYplQs!0wPC!JAIp?NAj^qYZpWD124(-XT#26 zAWM(8d`zS{!ANdbEFm=sBSMd++G5O5E!XLLj%NytKaNq;liRA-bnGLkh0=7zb$#4$ zcI)IqWu#6$7R!_t`t!~aSnRT&cZX9dg;BRB-X~#?+_y-*KdFZ?{t>+xi3+MhTFs`W zcW4p{vDlvG@#i+v%%aR7{vB2IcdaUt1j&*deJ-k+i_DPe(|Sw(Q$PHahF{}Q=$tZE zka;HBD8Qr=r-SKcbp610>#7+%K$z%lKCABZkY*Mb`xVv1$i2QO%&t>^Ag9__19oIm znEN0gBHF>{z@mrl7W%ruEy}Y=}v%4u| z)%TsGNRyLV8bjP$IkRqD+v6qh6ct#V_(Dz9l+xf+jsYUtPr?sxh4c#Q_1vHp=@mqs z;I+x*^MfYAw6#wrx%ql4E*G#HHMZq06l5_h@_$CeeO`-|B-{7Xe@**5uIY9wxPo2< zXN)PVtq)uARuRR9Jg7x1mG_*yn8S~y$rs`#R7^{hmly40rVrLx}q0v@faZc6Fa1RHz^e&4mCdz$xBM^JHc z(t7`p`|w7Bf5DREzzP>3R(NJNtrf4d>L2@$91X^J)xxivRU3aZzUF&aW^+BVMZim85vqo^KUytVcRaI1A-;l%w6 zpJZof^UfZT@()36Zcrm6UzAEd)Zpa&rIzEs`J8vDPFDlSJ=m!+AIvie^&Hzeq}}ggMpY%V zd}mylae>pyR|^@7W4Q2dB%Cg-nNpiWRC};Gdl{wj(jMr8W9h)^ot5){E$iGR<Ev^h!? z+8CcaX!B;s*+%=E5GxeQEaU;+K(dI+dQZa{d~&T;2gtaS25XkCPa~9;$VjvIF^C&e zr`TOt~Nk-Rvq4Z3`Xpfdr)*b;f-Fxu7fN3CFckr3`mWlWo(*6s4nu@J357Qc8$ohkA4Bls# zveXG0;R6y~p6=chfOj8Jw(RA3D@ zu?3wt<{&VSd-N4a5-tBfPV!l&04Y24(>AgVEnEqI5ojM7x9&5Xql)pQ+~>MK9SZcX z?0l+t{3<)9+y8n*J!c~EA)XjngZQN%u|v-eN!Cx17#yM3cRkiabfumQgGsI@pLcFX z%~Cux$z`roJ)3V0gG39qaFkGaPOd}O^No!u$X2WI!SwIdVA#X9`L;B1m;+I4O~y<= zK5n~MNl@oKv%k8y@pf3r?9NUcqX~OCzj>}TaMlI1qMRVPKF&}U3!xGYhs`C6G9^2$ z(p_feYSLZ66n$K5L8DiUSx5G+(`{slTI!_yNxLR#cdwtk`J)Wzf?cEu;kqzRK2N^r z&HvX0FrH0^t51{{6%)<-MhT+Hpa)eC!__q*?wD#+PN!-$@*b82y_0D0I{0`oD7Qze z@D?3?E=S{%Bie!{*}le+e2lG#tnSF6Ex_l=3T!nF@03}@)ijF%I{Q(iC@(X?7ktdw z=^AM|0YB6oN9~31C`GbJIo2Rg^t?nakJuo1BLgzSKm@gH7x=lgiMk1<_T};ih;cK& z;zb=vcJQ3zXEOE<-MZQ!n`<~O!d4!A@gm|*z!8GX9!VGt+``>qIkSguy zGHLPD$7_U>E7e~_UD$rJ*zr$uRhJ!98y)nuWzy#R9=k%jZLK-5Ga^~<_mq3Xc^iyJ zT2OrxFS%vNbi_MDqW&JV+Ao%a=!F%`2s%pX4FENQWr7>HuyW z*NmiYtx2I@Bk`{>~z@C zjXL>|qnq@>C$MRuHIRG6U-Y@*7fy+blNy&E{4aqh+?tNr_$zrqg?@uqba2Nl->GHK z#Z%f)v3ZR7CU{_ObWLfU{iQkQle25rHTb!{C25*0ncY-fvYp2feitsa$dXr+TsLCk z+@iK$~RWkxm_~>KUV!J~%9`(gu=L?8%OUI0QDm8WI z2I1IbKS{sUHPL&=4=hPL$lcd9j_8FU-&Sbx<0BUX=;CDk{+^Ni!(~}JaJ0e43y+}i z&vt}Lm0*_-@Qg}fPO@%xle9mHb>AUruuCUH;1DT|)pwu!7;~LU5DY!jITK9*yL_4~vH$k%X6>jBP4hTh{3#J>plAot$bX&pLJ zy0@2>$_=Scvx~7I?J&e$&t*8w{`Oaj#r!HGWG{mMLeFbs@3oTUP5^XjyJIN_dprhg zap%JKg}msD$*v)tKeSn&Ul$Y%A?{TFn3ua>WQMrs|$ z=a#Qv^WW+0@46@JmY3!*gwk|q@*#G?Tw(G1WCdjFB(H#5Ak1rB*W9|Yq2||GwO1ye zP2myxaNG=_Fs!C0hZJC0BNRAE@zUy{7O#}Oja-t&c(At0JfqyZSE_`M< zwL9UPc`9#zw=zAzA!jq$5OQ0NhxsyCekkSbz-dlKjyh+?VEX{s{+g2qDCDn$7mFIG zJq+Pp>quola`8E(P~qNuX(BIqu;48y9L3)G%#Fw64-2FQlIhW^rV}CTcZ`Un z7g!VdxX9y(KbvAd_{wAcI51$E<#QqNw+1T{0*_r8a9L2l$bzq&LcoUm?hEUJ!I2+8 zfZ;x8;c0zQ8m^~}_1l>#Rf|1d3vl8if1kc3+T6;gfdIx-R}U#mo}?A{G18#oTqG(Y z#d*$>_HUI3-{uNg`5%A$GsmkdiKo{x{%T!6k8yk!B{i%?wq79@s)==*8&=FN73FQY zhd;b^l|ICzkdwlTqXy=rW5Fh#PHJ5OST=i)aFe2?b5_5ms1~GG~A^UTPnJ~F1y!ij-`?d-MUCLGeal1X_dbCR~>sIfI zS-CGw%53W`Rds(Puht}a)7)tm{>zv#c=SneRFgg<%?p6wUu%Nj$!ncl*=+(Bf%^jt ztG$LJ3*ZGePLVnu9qvxWeORqHQ!UtXp1HOks+ke|AG#pZAT3H>pn^=eR}Q>1jTUyz zy1hY7P-=O|*;X|%T?1>j_`1;LPng!5Es*Ji=-*bslF}KM5sp=mC6!x<#LMmX=$*!2l?DrC-B zArT&@Wf{)MIS1TE2VGLWN>Z5$K#2l!55qln{jzI%2pd(Osoocs1IBSV z1BrI5HfJB)dUjlf4?hf1kHRyozz2)w84|j^-oC3lL5torAz1bU&1Tn@7z*iXlEmV< zn8(`01x^$19wYTxVhQS_C!8+#72cyoW2H=Iy}Kd+_^Wn{NVDbt*9`H@@bf>frxaXA zZPx7cVa`LgKz$!(#kt^#AxA5TgMP1JhB7O;g12CET*5DzYM@F(Py*<~&5#~fUXsm` zTe2@VzHCm$mKHkcAE!xIu&FfP*oD=8+W*h}g3jnYm}CuS&QfR@u*gZAjSP(|NF~^GAUOZ@!>Ycz$??AVa|h4^`_2aWE%em1f5Y>%o;9^S#H$l0ivT{LGIcNUA?gQY_*2|k2lJgy zP+dXGoytZz?&dn7<7AHA*w?~{0b(f$9dofvku?+RoUh~mvL2`?(`MCTEw&EbJ*QYwr& z@dp>Td4GMuid%7SdBDYKCUs0vhMcxz1RnzG6=peGYaa0SG;~H}TcX!jJKumFQfdxw z7Q=t93_8+e=*DS_gf|h|H4ik_Yw#lF*W)IVfl( z@c$5XF8)mS|NpPcRVv~tIT* GgG-rB_t&|Gm?hoe3~subCxKFVM)k2IiH5G zIc|>4d2DRX%yAp$yX$ki{cgX1;r-fcujljmcs%b9Sl>|HGXn@>Vrpn+d?TpVG3;R$ z77?3BP+{AU*+qUmo=?~#c%>U6)(6Eg`-SjM$oVwy+H;ip&(-fmArvow2`3i9%=<%u z=tlje&pMPhrySzYhU4*<3F_uk3qP$qr+YQU{i(h+!!5(LN#O)=4JO`p#)z)o_oj2` z?eeV-lj7y4+DC#zio%1)p^m%J>wX5iZ>NMs6JzPtL@i(pV)V%Bh?p=}O}7u7B8SRj zsk7h6U0(RoO{ukf>5P(!cNWJgA;lO`L8x*R;r-oC!yIl{XT6*K#OfP4te03d(W?FC z+{~3;a0veBoSn)S2H>AgY0D<0mv8}47)y$Hsok2&B?>InUezo4Y9>OAtKWl|SCs4u zuDTmKU@~$oEJJ&!Vs>GJ<$W46tG%9K<+?;_L57L1yzPywg!9=dX_X0Cl=-polx3rP z?Q@WtZSlyb&x2WVO4E=Lj=uwhQi`b$`OH;bu~*qD}A zPo$5czDmuadD9WFIkG|HG^7xksk4HjM^jYtxO1cFbQkqjySElnQB4GS-RD$sz8X$i*jpc6E29V&7^NB!gX z>jkmFkR)xrbLiC_mt=pZ$@d|{FZMp-6Q$WQUHe?}2KHT1zscG;{k=v;KHz9ti@pUs zonf|?Ad$_kP1G*Xr`gpooMnIipwm4bCZV`GO>vVK{n)>~VRIi{E%cn0Xytkj8QayKb*Q(#RI7>HnVpk)=3#KJ5(*JDG5bex~>bNUO2>VF4{nN z9EVb2E)N7}HQSoSu9=cd|L5_dS%HH8S-F4g@}@le7LW7DhlTz>R-A783#{aP8cg!8;tk`b3 z*TM}_y71>8Zu9w9l5M{oqi|dcoM!CrtYpBf$JCE!98{5#A|t+5w8)uf|3(lQeW|FdQX@+4>t)L$+`#W{hrK6*|J-rc5voY=a?v5Qiyo>7Nry z;%4v{UJF&3x*EgJSezM12&+tBu@-Z*-Y`&6dyOW13{5RprZcT0Td>M1bT>)0{IaJL zo+;yw5Q{-66H0gXT3;j^A_!k!SV=wUTcrLPUk%yL(Y|MY;M&!?mv)$S&E{js=+I<)+k2^tSnxoxs`U_RGf5-YBSzBJM;& z-FVQf3&Aqe=l1(l^p^3=q{4((TCxd(CY#V z4oX}0LB+#)DE?RA9pO3Xans)!i>$%%_On(S@ zv!zToP(q0@D!(;Scfkt^2Fds!03>krS&w3$;%VKI)qtP68{34NLZL}zzRc>c4um{N zU6#am?wkBfz)$vMMK`^&caqoH1C$Z!XU^}T!IhZ{l6j`*Le?}I-y;nj9S-CcXA2YG zhWy>4qD;v>kMtG8as3m_pW5zB{Nc`=#$=Q;xDs^5aoEE>Y{G2-yIYI> z?)kAyih|x#o3fGULZxgC{A}!f`tBzvVnypXAzmYobX|s>9DJA_M7NLqWltxvApYQyiC?4Q`t{==V$Q z^)G|!hX*(hbi}bRwcw+TW8?GD0JY`Qqma2Gwr$+-WfDzi-OiTmB{nZkdZ{sJ#|{k8 zZRQ+6?;9|Yj`C&KCuu+dKMACwi1MiR_*j(g_ONtcmcwRu%xJ_v0GlRE%^dYdJg=sK z%g)FItn)x!Gf7zK`s>RTQMIJgOZ^uqKfJy>Tl1iltBx>H6<4@zGyn;`!0F%D^ggi( zY$~I??3gtzs!*IrsNT@J{@uGT;3wmyUI^s)1{{lqr9Qi{nqaImj3^^Vvr(zS;=r2e zH?`*Lh(Q&l{KVDvP{l|K1ve+6QKt(g>V9T_3%sCR>P$0RTBSi_TIzE^8X|f(Bd_Gi^`l?I!}N7Yk=k(zzthR_5r=yM>Eo8 zXZ-W9ps8OfXPysfvVgj^P%198mqvOCC3ytY>Dsg6?Klh1p;36f$P48v{{nwqlLPII zzgzlRI6~B*+MRWi4mGi-WTvTM807KJs#ua1vBFGj4fchqy$bLPfd6z@vhXYL3{d0S zA}{*eIT+HVB9JieAx&z6(owMCOYonB7e-KjE$H~baDZZ{WXt{!N7-$wOgLZmc7t%Q zI;G4;v?8QZqcVN*n#w>ceT#tN6}dxTLEiZmC0de zn-WNI)%B{uX6_rxXlKq6ym+GBIz8Y}dG6h(nX2@rQK`n44NG>p#Ta1Q8kIciPK1SS4sDF9kg4LlO4Rq-L_M;OMt2PCZgcGDNsm5S&cI z+pMvaJ$*J`hijl+Bo3Gr`v;1xg5yJ4H1L3u#? zv0Yl`?rWDO(AlHCBr}!T91=9@M>0iiz2MK+#AdhIPpZm<=yA+xC_Wzvzr1j*B`dbJ zV>FnXz%0~461MlOXxkC{Q-5a{bnMs~@Q;faeX?I^@GjgXfwjtvrfO57Lzf+3?ubze zMv~o#-~OMw*M0^QRBZZ6nq#x~S6ayFeB|ISuz0t6qiKbJ{N*F`$tVB~xo}{8rC8-9 zp`xS#m}{V9&s^sq*U0@%8|3R7@ovlSlJI?oKMPwREj2TE9By7cfbzk2v_ArMU7d-G zn-lc#u21I#SVi?35;G;pO#$*(M0IJeD0;Mn_-HPaetpd^sXm|ATYMtA4PMvhOzNl7 z3jiF1W`1y<35jc+bkvC0KODS&oONA{HQ)FcHV>-z;p9jl#=g@?`rxRV!HQjb`yj&+r<1h!swz zTBdIqLXD&pz2p^2Xf;+HsK01eLDe%8EN4Ro@ww5p9Cz`|NK3VNg6|G7Va1e|TcM6A zV5PGJXus1y?`Pr+VYCLnl9t7|eM{2#mpOf*6-#trGvR;eSpv-pHgwPWlD6js#sN z>ihCo9+&a`Kvw(8Ntdn4bWU!XJxFS!*sEOSlYn=B6KvFbYvVK?8_pfz@SOf(v;r#D z*i`9hyVR*mnC#8`;=8BBk6rpw8Fc0wt*Q1_(s^-VSk#4<;}{E@k|N@<)7Y2I4+sBE zOpltTpuVuW`ymO;uFi5`&4W7F^}}Lj$I3118QCSGQLMqtL?U{96%u>L>6uJ6>$>RdV34GZkSJBw^Qm?G4yg!?@~c;!C+K4fp`DD8Fz-vT!FFZz0Px`my*_+N3R^FoKa*DXdD1zPKCBMv z9IHYJEsiJvuj^KG&nS<5?}mg9{8mKh_k}R9+h4wq!LCyFC-~7Ji|@>o5ZJP=`=H%9 zzr(Q)-uV9SBMDMG=wFFtg1(2V0jXg3qg(wW%lanQNWuD)$=;D&}QnK&Dh-gnr!VRR8KfSabSd$^X0b!)0m;>50&HcVsOaqQK%(j5R9s@E9cNqxBohST))TfM3O~eM00mvZFRca zEd%CMRy_t~QH;d#{}np_0lhg63GEPRzgXdk?wM$it7gQ^_cI5@^18m}fEw#TyGBVropa~3cdUiw>TPe%)l9djszhg;~LyuqO}296MmmO2>1nl z)VY#z9AWPY8pi6E0$EG)xJ^VEqq9{hnKdrs1+fKvaByIW7&mmzCGZA5fW44DMJ&?U z>*PuWWG1AaZ{(U=r9>JR2$S2o`79}aYnthed?-k^yKy`oiOhJWVZ(U3dl@AnO-(Z1 z(M;5qdjVGC@4V-54e5{d9f0I{n`n#r_f)y9E^P#L+oRTDpGZr^nWi%q6TVYs6`@7z zUV6GS7T(a&V_`}r9ce(rn}R4=TZ}o5F$lgk3L4RedKR)V{{?0p^I+vrZD z{YtkQrk)7G-rJCJxcxt!>X&&)q_A$zEq6k)zCBO7T-|}kRcf8vBj51Oa#BBvCsNdI z>iW~?5U^9WgAM+19?svjUtL2fUR_yJ;gu;HiYt=aDhb(QcDy_ zEa$|Ja(ye;3!vz&k)CsspR_ujhzcG%y%MSvMS1}iLtEW3hP+@Fl~Px+i6qMGq%gITqSq}EXc`TGt{m2aeNTM`&t5||W325-lR(PL z_nA$`wm&B3H?t66b?Ua2-H&Dw7hk;IYEbTB-^cRq;^t*?0s5hVeSigYD|?t)5Rw2r zSx-fn>o#)OSRurqcxJ|7HA5+WyPC`x(^}Zhp?}QVPYDXpU|uV3CgadL)GS{h6nhK-McO-DC8}XJQNYrU3t#^IMZY)$U}A+AzIs8IPUF$Z0N#Y}DhFnGBNi8AEiL zcJled`s8p8)>ig|7B~@Y+_tiECH`!SM$tfV{QGM1kV$p|2(fV2!9>Vp-vxlk*E>?S z*d!*TQJ zkY9%lJ)56tQV)32_cHSL60KFsKOty5rT}~o$YTA`vt=7c;RTwMx>^GQuiund;M!v8VA=M>PdNp@-NgKVHiOhnI8_ZKO z;ym}}at^E5y8BF2#U+CJRO;rog$Gj>k4+>$UB<=M+!blJ-ZX7C26$KsmuG~54VGG8 z=b=Ca{mZnO`U#;s{4T9$SKnb$9bPypz83uVY4+635apZGPim}w$|Dy& zjxX-cur8_%RKUDez2sB06RQsXtYyBnZ?r1MG-|mC=&$vU_Gb2bv8=#_8}Dzez0FS4 z#eG zmn&2Cu8{UR*Rp^-=FkHWcwO|*O{YuD!zj(}u&e&?P1lEugKlNt#|V%UZH116;}7B4 zm>`(~gBD>kZ5Olc@CzW%A91+qFF?QVOT8FX@W03!SYg`U+0+2RRr#JT*zh>3es|}j z75T2&Xm?nG`SXdVb_Z1Mmd!8oDSAGS+Kx}ZGvF)N`m11IBSt%uUy!}I;K6@4{+SKK z`9kqtM+fXJrR{V`2NK}3=%GtzC_rtb(zPS;NU?&53m)`+$vuHP@6Gs4)v{we*JWGw z2951-ADUhzAH7QS0Qkz@5e>uM&x!XM-3VGHyvHRXd*7@?*Y^jAM?wB(iYqNtmtsaB zpD~ddpQ^uSHg}V+yz|NOlu-jgLVmUJ=>>^(Z1Ea*l6o;ePWoY|zGy!77Mryi{6rY@ ztSle;E$vC}7b}F|hc+^$4<9~Miw8-{)L6Rs+HPF&vp*E&{+g?2b~+&$Q6~u~hH7m3mp|uG(qmYo_*p2Io*R=3RT!YOy2nXKisN z39H4i9&FFOe+(6Y=&pvZd_L3*5BfIS$gS_qo)5f$=9rx%AsK4$B>@B}6Tz*Nrli|y|xg=qjSOidg zK>o%H?@4-|qOItT>A91{|ZBKg&j9y}O zW(VKG!RlU&XezQg?uQ$(_1~b=hZ9qB4I_=3I!xlW5r*3I9L62K--ip41=^B=9$CiZ zyjCN0``vl5fWMSN>{PO4+iL{<79i3l(+S8Xsz|fBE$f2NbWE)2s9_5w+IOH9eUdgF zT!l`OD2DA?Ku1h%DtyB7#dv?q5HFkxD>t6_{k)E1#QM^|i{CXvt=J)UN_A%g3oQ@5 z9u{&aL*F|!>gn*SX5ugHw^!W-2AXPRhV$c{GLXlpowfnB5TjrWuNb#DL9+mLcmDK` z`^-P`LYd>De|w9Fie~YD1TD&PrPhc#);bkcYQDEwp$QK?OORyROiE0Z?mj^FP^@*}}vAkC(<&?hS5rNa#%apl0b(<_>eiztW@PgyVY0`s@-;0w`(0 z!#Ssj7d?yW8SUQ;QCi<;os3GV@;0r^I=ZYi_^CYS@Q?2Y6EyCXWowc_rOmYzM|`WYXuvwo+GmN^(z zfim)#A7-;;P9I5MMv3*4R=j(b;!d*7vlY2;w{XKIOGqwqjwFweUtpzKR&@=kGh-%i z%Z7R1)=NXLm3|Y~e?nxGTSD`urZF~UFQJ0t&sU$OOwxsi0XBa7iz^ht8({CUAu}O2 zab1=;KirKUQRwneVoEa9b*Zu4T(L7jqhU8h$YNsrdZXlMIpuy#+=ErUO!GRxApOo? z+D9d{j+OQcHI5YlUu+Lpw?DH-KJk}!*8SLy{2&Cz&Z9LQ4S`wmX)n7V{K6 zouvZot(Z5iApTZ6)RWiaeNEswDjF>UDbOKHKd?Fc^42ahK!9a*<{7k$3mM9~Lu(kaY&0Ub^n z&@rcWKgT&LLC|iS9=JW{4gDI9zrnGU)~i1^7opv&lobiJUG(ibsi`F06OrfF#?LwZil`6+>z(mA2gE6{nYGvUKeB# zv$d9-+?=Rf0H{xN{e#;&p$xR^^v(Q|(UH7%TaOZK08k`1h5+ zgBPEKaz3}+gPuCY*4`DfgPmw7!#1MC)V`@DS=ByKm0y={Gm zU)-tCMVDdNB42IU(vogw468rn_~KqL67f?S*^t& ze6arA>JKM1p8{sSH>GS|U7|)6>Uh1~6LRDq6j%MADKQyJy^G@YPYjz7Ut4+c1}SV` z60}IUhD=pC2Lr$q74VfQ)i*_Zs-c~UIy8oh*@a{hyRzkx4C93EQG-+->k0oWuP>N) zvEd+3pAKoG%{yprJ?FXBGaO*?oW*7&2o{7b(F1-Qb+sQTP&Hfpi>GERI`U!t_7cJ_ z=DgNs_bKi_n&#WN+PN<6bPP!A%`ckU39#<+_sMtgp>I#d06ec>mfyxTNIdKK2BLIm zlEQxl9eMHj4M^eu_k_8@5-&F6ZrM7U9%D;dRw?|tF0+40*X4di%qMUHp+tC6nsoU) z4BL>N9-9#c*w$OzVSWi)PN(k%s}%I)0sn@5qUg1bo_=MsHj*q|+OV~8tCnRSa}4kf z05zn|`h&^V6OVtG*{*%DeP$b5iT^X8RF1a^`f!Zp$^qDrE^b2>KY(Qq5)MA6*lKet zr8Jp_`^>5U1x;!ah%g<#3hBR|tDOScskHp9r^Am9r+lHz6>JK(YKu4;ZlC;!)Y3d| z7_2`@Ztt&L&ZHdw&{pEwj$iRJ+@f+1N&3Dm^$oRu(mX1uvKvLfsc+23Fn1)=B8gbh~E1j~?j{3fnYH)liy> zZtK5t~@Lc{U z&?)_(GEr8cu>rqXN8}YXPvtLDJZYNFIsE={O5ikGN`&`{kUo|VUEye$zHQ({;Q?@) zi@`+%bjBW63)AH1x=yKHxqg-J5M;XePk)fZhbIU=Xg;opzPMU zmD%GS^-N4n4Qb=Vu)X?R80FoP4j6cq4?GqVs-#cpu}#vYNb~u9i%U|ej13+O@5>yv zB-MoZT`$yCO8}ZB|92qn`CGzWzj=QIZ*6vQT^;4VuL<&Aq+w-`zm%g-LLWS$7UHL` z|1u?rPIpmfNg7=Ev&0M~hbAlYS>_L4_e=On_7}%?fG+R^(w!}sBy0#t{ z8cgmK3W9U_Pg{|%aUmZ}%1UW8r9A#oeRcn;q5S;pSb?X?>FXf_aps~s!A_|Vi?Qd+#>O~vjR{8rs8nI3;_u2Li3E7gtj$6M8pK}TV0*FWf33b`&FTN4i;W>D z6&!0v1~2^8e)#%BWLenOeR;;*o7uzyHZ;FomrrLCr&I7z4t$eX_l?2DEgn2ze(MGA z{AFF|obwKVm9~#TixxY$x{A4w!@)%Ojo!tA{=UO5L|Sde>Fu;F#XuRM2RU+DAIgT}C_ zt~X=02XSpj`MvsEsovRC8e}-_ajM~m`|j+@s}q$b9g25nxC~)8&{w%OHUi9))4*qp zPS?1+L7n5zKm47B>}u-%aqF>z20`Hs5uN%-6W1Xa9c z4c$X=XF*c>Dt#&KlAu}U8~^Lw_y^h_)P( zW0{gn-C>@cf?-1y)txADoA04l_-mece<)5=Vm>Z3*=WfcQWu@aSCEB46)G_QT7sq*yJp){> zvnt*hjCi~X#vKyCD8_7X8ciz)d*<{VdFmkKBYW}Oh)f@$73YSVnG+TQ*ACJ z@B9K3jRJ)X*j%R6U1m3XLof|f@mLQ`bnv%IsYYCoIOTC%Z45;a)HW5<=ns+u1X%9z zY}{G&F6}>+rFN0lkiIWbMjQt8Rr6_pHjTm{otZZkI&{g!5?O0fM>VZz&ZYZGgP-5H zPDuUl7BHzh5f}PV)11SMXd4@6jLo`lx8fsmN8@LZmOnqD>}vY0aK!=3)E5fnl^Z*E z)5x~Tpq?w;dP%qv8ns=WtTTwq)4o8Psw?xCG+lfF=>|N54 zk@kp&aEBzjyns}+?U2DHR3Vr{{XD9SN4sAp-gfpP64I-3%=m06RHu}ob-78nFFZ_pcHj^FZMpaK zMNyl>pqua5$EE>?A_5xo+z;0c8NQ{46_Wf_^@0~|Z0DjE3n)Vw*hDmX?Ufti-|EX~Ow+5}1fm*IpD0YcLIgxMM{LcF zDpwjX%vH=84t(nQS}9?URlf%C-Z!TqV!%uK{sNCdlpS`i{ZNMwlyk*dOI-3SLClZc zeGB&NTzjVK`ncCelrg1ML#0D!aogp;q9D6o@9vOG>-jj7k4SBRwf_9<``fqNX8ttO zOn&FhWjdoU!BF{aGYd?k@Vd-wsFNr!y`+PS!4k)Mew(WO?Prw&0fK4qsoa7h0@I=W zUmPIK>%I!JuON6;LF@^>l*GeI+U9_DMbOLS)JwX1QYukgy!H((nI2uIYUa=A$~L4+ zF!io)KUM%)EzWU;zOG5h5b~HZ7@iRx*w48!xfqiNJ&@4Hk%d<&a-MCL$N<4z9f0a; z6fLm8;PM>7q>G#!;TJ?5A&XyPCur;X!g;ZJgov$3R4`)7wm zizxS)<=Un@?_g($pVf&}{JF~2CTYlcEy}5<{B(}L??;HN3`O)?hW#){g zdpg`*bIX_Pphc`ZEt2!^d31?_$&bq1r&m>XM`Z7Fv=h)xLtrF5=8DF?G ze1I26JB^$N@T7BZxn5ZACMkT1bI`}C%VHcUv2THsLsjZh*so<3w-yS{H(9q1mi2sQ zvHnFi4bk9j(mt*KBr+%;-nR3zQO~I-#bfA(3eIo$amk9R8-}yyG70fwD7T$DGi^b7 zX9vCp)Y&EoU_4?xnHam8s@Q)G6vfSXh<-Tr4V0d;iP0F64E6l%*LsVP(a=3fR`P^2 zR+4&(t;U7gD<(GlJ_c4nlTU6DZ0|wmPOWwXuIoD3x38at5Z#gH!A*z0kN7k`={uRJ z%zVQx%us}NZPy0O9qgBNUj)f)_-JmJNmH0t-Chy)R?inS^EArPH>zgQuSpvt0ugB= z!3DvGu&@8M%w{*zagRWKCs1Oj2BcV%@&H=1<$hLtiiW!8)1;9~{};pG)5^hLY}!O z+Cu+J)6-sg^ORy*3BPjEe^UeOhkco#=Oe@AzH)-Bi7_maRaKF5F=B72U1P87XrWb- zTfD<4PZ$mVctuTb*TSpO`HP$xFRt{w-&wWYmyLIm%M<6<+NN?*AP(s816mh;1%mGAwz2%P6w()A1z&qMT(JMtpt90nJ6X_+OjtxwiB%STFg(6U<;5C zacSi?ve$v#nw9#6#ok4sW=@bD5iTN|ScXS?86{+`IuT*d*P>#Fw2cM5YopwXS~k2? zk*hSVt2yR+S=aX}W^8%bOn*WA6j7;j-nA}N`%fYLb8GVRoIXGQOF`9nTvz(jXLi>TpbahTzT@)-B~KJhMtq#7x70>SLt4LE|i^;(|hu^LSX@~T};s8 zqi%IyBPRvx4@m~(gH9#5N-e!J{LfG1@Xuq9eNE8^{GSZsPbU7Mp(;zix<9PDIRw{8 zgSWQxh2g%G>G{pw@5JHhKNMRZpvGr+3_rc%!^HF}a>~rCc?7{V}_8;HgIT`yZ)a!=9k36q&-vNQZODl1jYYvrAuoiOw^Im20 zp-xKG@Uu|^R^tC!6FO~^Dv_oc!PDfo=b=&U7xL7t5G^X|3BVuz!>x4AqsQxoR{(ad z-KFzc_MyJ_%mYoz_$0g^*`ip{nZ0SBY^T$ptkq%SkcE`Pwib zdyI8oRAp|I9Q*g4;Dp$N%|BM5%t5ug6LEvP3cwitdCZgCR0L=)Hornx7vmn=Ig<*$ zI4L|@iQrRzkFV+3;UBGCTMZ1DZ8zdCO4!>Q6o{?qtT*S+sOgs8-(iwL#A|xWvxeyw zvJM)taT-VoEYg88aQd8C*hI+%YMl1MUjRJ@!*y-8cdV_iCTO$mi`o5Gq8R!Z_I(|_ z|Kxd}9XmsSmUh7Eh#6wDVpvFJS&q4Q%|c1W)AQSA+^I?VuBue@k%yc?>J@_aUapob z^&Yf?bj8>$abp?r&WK%m>Cg}3)2uibM_y9a%`6ScQfS)Quu?S}pII>uD5WhI?>c&d z5hB)r-;>te6fTIw)NJnD7xf_hTO_`ft7r7T8E_g7d@1RqrX#=3n7n(V)7K19?;0-Z zOH4TL>uqmPxrixV8&qbe*f|2CGzG*#PbI3bem(_0>WWaOs4G!rTx+V6Lyn$_E@X+r zck-HYoo_RtuE8%Uge!-BC-|)`SBuS5=y&*n2ET>eMDf2WG!DHa0SlY>y?5nOpK)xk z08+ciwco6#GD~aJtj7b~8}|0_I9#WC&b->qR4Z!M_;QxLEQSLDHaT1!3~STFc(l@CEvda7N$K~0YkQ16A@~X2Im{nWRV;=%^?bQ^V|CWQ zVJwb87T@t!Rn9o5z3~=OS{vf|M)%iyg8$2~imbAn)V+j%!gCFlw6z+&c3jS7M~6PoSkr8)8(qBy@otO z4a+6N?{~?6YWAb-1F^+21n#TWus*eUH__-3xR z67lP%L!%;}cha~{gOCNV)_*lpk*B3oM#aH*wwiLRI>QS?9Tc% zK?M2NQDpG$oUORWK!1i7=wapEG*NoaOy!TK@7E+xOif9S7ET~i>tb{oo2He~Fm zU&X7lt|prue;zh*3Hz#KvD=0PeEK3!++g#Qc0kMIN$>BVoB#dxxYNE#ba;w5w)+fk zg%6S%+5#;E;xVYArU*R*fT^SBDzO zodH`?MNs8vCNq!WBljPmxSQtlfDB8 z5gQXt^d2Y}A_QQ$fi^rxkjs>NdX)PBPm0Ypy26t8V0jU7emLzL`AO(&T02t4sN~KT zp<&+Md2aTcxW{v2K^9gr5f1uJaS#uSPUO{t&80Gpq{E^bQ+4oF?LdxD;quU!sRDc| ztpXjik2w-#%f6tsEDva+vsPyn+#FLV#6EXy3WP1FG6#9LvJ2H)6fW>Fm5Af$if_4en4exbO?*p(MljL5>JXq4lP7A`;C>cY^@-cHG#pL2Kb=_b z>D6_TD6eFv_by3O?q^1$!uBWM6Q}uAE(?GpnV=_Y>1uw{7HrPkbSL?kReqdt{AXJP zA7J*n_DuTVq2u9V1!5rrScE;>&*<27QrLZI(f52p26Z`r{g+aIhpD|MgxIgv&{N$j zEC2)@$r4R7LY$w8GUgM~7^mSIK=?CWAL=i|lVBXT)e;wg)pwSEtxVc)c6?vikatsC z%vgSM(Y8{UD{V@mu!Bo70BgjzD5~a3Zrihuv`X-CnVk{YY>0U5)y%hB0Ay8XaQTfS z%i4TBgg&S~rd0P5N13`7rj zT-E*`3t%y5roOqSYi8^8O%JaRHRE-#d%JD&0^t~qO>y)M|H`Z_j{;M&R7;J~-qS?* zvR9{&^sayrQ_yB)2QMA-uUq00mpd#f_j*j3yOZ>*R|Qe?2b%s@ z?GwO=Q18x3Qs$3D^I7xJT$3C#lX3Yp_{&`0zR=6yp<4J-V5e2J1rq)lZ!hlpm^o^X z33+Oo9rPVppE_0|ELf=Nz54zS}H62Sw+h&@Q!|_I1+z@_8CdzJrsyg2Y2ssCQxVu8OnePT`0w}4@C_QhPLc$|b+r<>+Q)0Q>IV;zge7%3dwqV6v?U zy3VS_C0309P~73WyG3-RAWlZ{2|&gCQ@GRpl6kp}mlJ+I!PGWP04wS5XZdBS*HsUC z@}@&(YYJ6$RTs?4&?bTBn3&0Z~6VQBzEfEDgYhIr(JTt zCRB-5{_MDEW_O(kSW&0k0zOYj9cwkV@m_E@YS}J@=RGx`7p?z>Ba`UTrUj_2+Nl|V z1HiN~c8a<5+Yr~-v0*=nZ>cbD`xaj|%C<)svm806AGvY#c4goQtm?=WQV{YJp*?cu z#7<}aQGD`w${ed8p#Dr$YzE5|ST*jeYs;^;b2sDS( zNlnukx9*#HQe=;G1zFS%8_q1{Pusi{$knvRIsr(xJ@%u*Rdmg&>OXfOn;@Mx?K_XA zcP2f~foyeIl`S|Wjo(S)j8WuKQao&@l>dGJ zs~<#uXqCjpu5>Pl14nbs6_Y-1>mN>ZY~G>*%TbT|RO>^jTCcP#I^yv>)w7DH$ zv!qmK=~Q|QT?^Ro*kmg+9~m5Vb0KQ<&6O=ag9h|_eE&D8NeDiCY1AgQfFoUvy9qFJG45g}?{Y%Z&qi6nB;I5OW&JdjP&eU+vBX z6Z7{L93FHR@@ur{HZMMX2&4I1FXVy(eh*G*D;E0d|9S_NA7eP)Lmfq!`TggqN@s4u zx}SQ94NMiZKFu%VkKAeegA~McfNbU|jFAoF>)Y#3DdALO5U~!px;y(DN>gveD$rOm5rm2SGYdZ_5_T7qU z3a2MQDsC63MES308;k@{D? z`80l=eB?dNQuDukD1PAN0FCK%cAvEMwE-kfINCLVcBxitvFXM0*p^rYFb*Rc=oYAujWo7B zs4}W2QTTa@H?}*Z5mpi~a|P}vT|-&u( zmo_&5`v#x(Ve)0{?EB6%4`M}IZNAB}d&_6h*T4NbrgMw? zB}eKub!C^oO^KRp-CbkeDL!Mw)^X_E`MO@c)!Prh@jmtsJrNYrhWQsl=C^s-tnP7D z@Kt)-tFzE@UXQQ~N-Jkt{PlAxZvb2tAN_DMdt)@|?UzRDD2`XDFm0vgeF}>*F!{3C zx{&=1N_qD<^&BIia9E(7`zFwOu#*q{gtDq!v-O$$UD%i{hN!MU!^MC<=Zkf}LW0G| z=h|W8cZpiFqgt<8+BE=v>2kj%R^EY#PkU--{XzJ-InASrghG2IkyOU!d~fIt)*{`& z8iSUZX|i9}S0t9IyenTKkg(nYv(}$Nfxu+`xYk`(+ph>KlAYhab|;)3Z0D6PCfwprD%(f%ca7@ z3#ZzxY9?k;UokhrqSEyy`vg95$^Q86_$bTGPoTX%lE{p}HK_q-gI{*BW_fN_3=5t! zpz+v$-f^;`w$k-`(o^ z8~HK&C1J#IbzJHS!@92C%eUD@)S-~bv;;QfPmY(vb$QojP z+E^Dy)gzhtElBH%8BI8Eq;(*r9Ksf6E75fYo3xN^bZO?^_4U6x+7gh8p8OH*hZIXc;W<81B10MySt9|8w4dEy*57M37ro7=>U_eXs0Cn^{~m zE`66B-9E7bdSU9NbRU%*W9`nFjE33Gzvhj3`1zXp9tGtLnmzWD+5FyNk{8bpc+wgi z?3nIz8~s%wWI2{gi3j#Tvus4PS}xmaQ+NCfO$<|EDBg&serNAvoiR~7Hmu8rn1;Sn z!QWJ$?KtEL6SOfa!b+WsTN=M^pzU+#lOWUdn@L%s5&<05^h}t8>{dAJ5-IPnx=sWL zmeSbccJ^|=Ph~#WZnvwHi2bCn}oI(zBJ|7b1Y=k)*IgB}*^O-R=r~kSh z|L^b4ZtUjX@4XJs*YhCxqEj_#P@No+{O7b)y12QV;ni$wn7+P1Sm=^ z6r-)hh%NEUUC%G8)EBf^K49GSTwfB1E-y2I+)^(I&0gR2{;z>#;c(! zXz2GcpVrE+)wQ6p=Ch^detDZoH^kQmwG-UZlSg8+!w`;r$h_$H5gET1Kg^p=F@^=@ z0n(_QpjB1@VMT8ZW{QKn1mPSJvxBOdRcYbzo%3Hc6wKQefByO6fiQ1ouff=hR0{z! z^zE4>DV9W#nA5BTfFUY8hTLizDE=)d8o#vQFY0zrX6Cqmd0IPBT{fw}j4}}-AN+h= zp)T?`N=VUow;TUrx2V06@X?8T>qpj4y%#_xgj@gZ_X7XAU?Plv=3o2cf2NdjPCEi^ z$LH=L3HQ1?=R%;^;GSpU9BMCF>j)NYmX*%TE$R(QeqJTHxJP&1J=wSWIwwi`@KVeo z>#cKE+^^Qoj@*EZt=zBI*RIePBDeHnZ5B>!%?(i2kevWw*X2-w($y=~a;33C{}0^7 zaEaQ$U@UWXVV&$(19bDpcBiX9ly0v}+uldif;L*8982>untNq4gR#s+z@maNLhGyvQP({(?_l6 za=K|g2SapHI8`oFhSy~_)WKm8L}Oj%tI1nT`VbDTgxIOk!L;)4Rh;!ZIizd%BYD^i zyPsR?izd0z7w+Da9ZFAn@uDkS0L-u~C>OfIOLNFbRIqE0U@p6t_h@ZoSU zDV~&B>Kqi!5-^A@71xw}=va(SIbTQY{!`8K7zeTTrLidWwCRC093ElCVp z9+yv$h3VEP$C37lwPj|F78!Nk^OLIQkCPRs#0VuG*OxQSmh3dHd5c<2Xok_I99{pkL?T+mRv%; zW4q?3CPZ+()-`i`#Hhrp#7DA*#xk4LQFi&c`hGZ1fT1Raai(%3qI0OtJjLx1p1cf5 zfN5AE=h@IH|1CrEam|r)kM0<~{Kxz){!G2;0}e3CrG2LIelzjHwZwFR;+!_8;?6X3 ze|BGqkuXZuK8qc5hZFW`7WQd9sKWK;Mi>M(e%aV*1&TX(;lU+$hSYHh+JWX-Rz@pO(jCkV@;M@T(ZT0+miyRzAr;&elhC<- zV-q?z(!KDib5R6-H*cyOnmnj0L|){s{T>Frj?LG4t3aj!h3`7RQkv(zOwyLdgsAfT+3!n2}QTz&}%4d ziV0f~zgW4bcIQVoP#Z!bN_4GUb&kfXm)rstyjyHf)3+A?MafFmY}_WS#09t>Bey`S zx;56rFDhVGTca$H*#rEq)Hd)(2-sAvP4?M-^r-k&n1`|2@tF(;X_D8_icgI^cTt@@ zZB$s!>_3Tr`j5-vM#h&U-S%JE?S$p7PXc_2Mk{%Mb;S}r6U(e1j~+#gt6|Zxm{mB> z6TRFC<+wYRW(y-(p;_NH2<9F%TJqFed%+Hoc{KL`bnRjKD$fPwQ!BNAY6{6Jqsx z1aDQ$JZN+1^o!LVZFjH!Qy8b~3OD*V18NtZx;DnenC;h}TCx+NtFx1?#46||Svs59 zdiPXSw(RGsXjx7TcYEw7A$u<&KLsdm*Qs66BdwKx;J}x`aLJD2_AURO&|kQxyCt|Q zFU4~$`k&t|&x5rp$#(OS^{-L=U|p74I)*dv#P-2xBC~*1{k~=59A=Bf;j-Ygz@u&X zKc~PGLGbb4%pUo*8ECkBJ+i0sV%J4k2b^{cqnhpjNq3fRBKSm9In5OGo=5wDvcuzC z$6BhiOjK{;CX`jX_4Jc6mk>j`s$)Y+FOai^v{~Z|G5`Uy&Npg=fbp7hK#w0|{PLbl zwLl}Rs31kKLq4Sl@x%N44c7h4BHWUV{aLuP<3YCT0dy2zvI)IOY4i%WzbNk!=h$l5 zteHZYf=MVU62y$dbU})RO-1Kat>i%=E)>ySoEL*mW@CCN4G{(Gd z;`o+mtLm#;xPCNhX~M&;1U~GzN?aY%_ug7Q|EhB+u6K2z+{-PqX`+3*+fzaqTXjG- zl9;)zCE?NP-z(>y6BU?YAt>zL-8leo?3ZVyi;}~njzfRQ5iZf1{Qj@x=z}gR-mttj zQsooBzxmhdqovQJXFg6&4pPLqn+2$O=MM}1oGy$l)cQzwtAb1Y_Pu1DEjJzHaZoig zhqjW}WUnV_x=q&j*kPGU_~fqO$ggtW#5fo=JzT=L(fA25uhr+Y{G zf=rK%)aMQYJ}#dGmiUxJr*QO_1$&%NM*sDGgirrV#KIN(KTMd}4)nLQQjMLbOW496 zA4*N1St|DMIx-2^!JfEvs1)|Z3>dl{`Gf#hrEb268J&V^#m7y1#=~7^oJ;gAF+ZBD z7~{dsAu%-uvwwwPjEhU)+-S$98=P(SNuq}_85xs*Gb@8|1Fp}F-MjA0&YiZ&2ffRh z#GBK0p>W=%*|F;E^{EFXqcR;$3c%ly4K>Kw;ui?y z6}D+5GIC>AO;jae^G`#o(}~~vIiKhr2YV1PgkLX$#;R-V1p`a=`Q9Pw76pq)-S0_j z@D}D?wSVVTCtWzTc&nao;4{_fG@%%=A!bgIC+tFU(Xc2wWk?;5OzCg7A zh$S1FXyN4Ap#%bFW-+6XhPX$If-#khe?4!x*uurYrEfyC5Es=PgssVxjFVU5=g7 zvRoL%VK0coa>vkbP*0>q<0{J&6wOe{XKOv;=!O;Au`npPrqYpOh%fHi&AIIpF}Xpw z`@J^5_W9;Z&~Jzv#pB=2mtflTkEvNm0Vwig+`9Tf-k6O$OeY`Mw1`sZuA_!~}v zeI2aUH~L8s*?!?L8?F$~=MA5;tQ;z)n3k+-VO9{hOJPUlY%beGaL~rEOO`O=aB{lo z=Z|dob@5xCxYaPe#8CAy#sGI`$oYplsc%<+n@2q zWP3^*&oG=Qah=-7S=W&!ho4}tLhQ!+Xz&>r&F%YP9Om9o)jv)04KZEO*)qO^^m$v~ zrs-7w25MYGv_2B9%>jG=Q6rW#v#b@&34BtFC~YwcJHkqb?j237be}G_eZ}lQ(`@3)&do@1$DMX{+Sgh@r!}H zVge}wGH1&!xwJR&eD#&P2vL$6iwzc?YTyzi)3UZUpKocS7~hOfmj+#olAl?1KPkWv zBIVXp%=WSz+`2po(U@-i9T|j|(yvJD+!fK|IX-r!?UyR``I;i*s2}eve^g$4uAlNk zL44j|FLP@kdti*eHXh1_LO<@0BcevWG0wzRkr|B-M8;(H9pVtOa+TpjNn0NoJ+VR`4d_fvu8?a_*SxF z|0&TI?l#o=9RTk{YwKg%y>F&3T@i-2N1@0@b34&F77QM?x3@bA5H3=F@G0+>NL%Mb zWqFuQ(Vf7Sduj_$ zgywJ+kT=*5AbnYh`e975TjRKQeg8squ#c{)*P(i-v};fGFs+cycGmd_6f8OMqS=6^I-8~v@pR!I)uXpq+2@574Q{D`Jzx_TB{kwdvheo8nuF-;E4IxU zKV?s8m3TB=^)=f%VgB{sQ#dZmiKQj8NHYWdN%cHgyR{*RoD>6E;~=G2=jg>WY+nCC zwDo%xS3`1|>at&Cvz$Lnjg_MswoPuEuEvy?c#dij+5QLXH~#LuVl=gzr{?bdu-fzY z;8j&0Cfx--kiFl5s5`B(CJy9f zAk4N`dE|hy{9|4qry01rlbT^Gc)Z8)qig%=CMurl(PbCb;&x(6Dop-kE=~3QihaB# zbCYq-ALjuOhxcfz+p=x>MQGp_I@dJ zp_`OD`1XtG#7Eg0J%PMA$f(+jHSIZn;fdRlXD^C~R8)CglNZmWwjX!XJuI8HqD9Q8 z1$qP(=0BQoF7h1+pk zvP>EzdNO)l+5-a{6zI4T-Rt(igqG_ z^H9vUS9560-w6v=w~McmjbPg~kvU z5ghB8!P{S9ghr=n3MaEbdWo7hRBRtN4HyUCo=@fk4-(_c-NJod91rgbUEiIMO4x77 zESk7ILeC(S4xlO-lEcv1M$b>s_w9uW)(6SX-m&;OP4nS!?9x3fd>=V=IN9yCF(@<> zc0ksKqjpGZkvY<`$i5HV-&Jf)UV5lZJ(oC4#_YNDU>K7jW39gDCoNC+`|Lv}n6exS z-cx5t3A{Pu)up@<%hG1%CL7!@NY}YDWu@0C|EOE2CcIg5%GBd`!sX)+A#{i9Yla$y zaT3AW5%m#^k6)FKp1!$qW#7=wswr*YKrh)*;8eA2f0d|&Ax;!sMw3^k)t`nE$jV>&QJ@wd-FxNbqXw)%mS>p|*pRLyhTa2xINp~6v& zeZ!W6RdQ%^(sLn?EQe?{S0=`?>o0O-jhQ}-}Sb0oR~a5udpfJ z{HZ}hwv_e35;aDl$D3Je&D$*b^5YwbF60j(z3q;kB(JV^Jn`ijU4H}W8iE+`slD;zB6MfNF#|!B?{N5 z9gLMY*UYroru4D>bSy{&eUq?k{ZTS$`Eq^R&_}d8QW!-U!VRo@TYwvRmyM70h`hIi z=Bro27|Y0rsY}8~E#|+Gh|vl{ts>`6Bq@cyd?Xr8wA5_+cDQbyjcgau-H)LAsVDH- z)?aBjOi(K|&{Op=*JNZ9)!&{xAh-+Zbe4fmEu=9)>=w4OU;=vGFQ@+XTmeIPujkq9 zi1BCXhA>l~aQjbwTOvRf5%6`$Byac^kvlAow;gX8e{THT)+`J#LcMM5(fZ!3Q#%K& zXpNLvZV*d=1x%Jr69xXk_h;~jC=rou?!;}pf|W(F>ZIg`*o1HMBLB9E&BX(Qi>yHK zO%eLoFJgSlCw?M#D14Pyi|`r1Xm1Z7eLUpaHi)#(vy=G( zHMLJXD2Ep&_tbk6#Ovdx+>War$xT7&MpN6Rey(`fu{Zj|L*#i0%0zygB66&y>t!2H zpuC|Q%%do`Fb;8fSO_b;al>As9B@BZUa8Ght zK`gzf;>ElOUG>5DUfQ=GA=Gy5yI%ur!t%9bLQO;c!6yF|v+u+}{)>t1Lp@&t!NQYy z6PoP)Zkju<-}>Esw;j3KcG2k-_1i%Uc5kxO<%+ds?w*qG!Z*}!aOb+bb&6C`iWc0w zb}%pp9JAv89yRkfZzPBCAoViH93jp9ySt;yX>QAjmwpWBCQ2*!2{xTMf3C|!)8H%ioRFhnaT;lJ! zV21Ku(E4k&u5)rKeu+EwlP>1J;$l#0pX3p~t~r!ZM084O&ug(&+pYar$6cHdj*lg^ z8lgv&zzo8O`k3SZC%KgcKM-KmWvssTsNvRYlD-*AhORr&lCQYrQ6p4B7T*vpuRTx| zUJc)tDns}o3YYww7>QCOJ2%~r1M@x?Pv;X*2CuySm65_xulm;L1yKMwtM7)JK6{JP zK@Cln?z~$+`}UtERBfYU7JL323G3Vrv$Y71D4*vDtLzGBMO7s|rF*QILU-92u{nZZ z-lZ3@^&Tqx1NF0t&Ih7i7N(u(9KWsN=nwU9SSA2s*DIk$E<9U6%7kkq!$bepIeuOT zXXK4kY>rIZTk@*1T@ZBLvhBo@BI9Im9Ohler^w@;xrCAQ!O;G1`a%i z_I^^r+jX8Ci{U-hjgy{neyttD(4I+)S z7L&30g8I^CyyfjfD|PP!|6c{Ld*4v9sTE(MQ3ONi-iJC$lRfhwvm2%zY=LWCc2u2+ zoRk#bCZ>s6iGsmj=hd9ILwYX1wsrTl01qr&8e{eZQ$EAEkgQVMkc-sjy|(N1`(MRs zrR9Dso<@zq-~Gzz-fn=`?KOj2I6{yCXqO@Fe4Pn@@c-E(1o8(7 za3r!P$^f3xwZmiN@9fU?6KQ1DEWx(|p&5={XF#G;32si;CLe?+IdxGg%3Wn#^?F

V`!LaOHN3A>~Y9_)h0-b%YY<1bI`-$YQhv$)*GR*(FB3Mppv-r+xtsEnksW`@Qk z(xyvVdn}NLc1t_A@$bdEbk$W_SX6z&i@^t_1e5ToSH5!+Oy8L1d!~?}G{ri>i52oi z)WVkUBkBfdrzb$cc$vd52oG;7dcmM7RzzXWSy;*Km}rL0;KtBykEaGL@(XugEo= zRdr8UmD{tzA4rRLLsHVD6Plb$rvNx2x!4d=ebL2RVA@>gvv~Z4koeEqW}=&?=|)DD z4Jsj+)&7o1Kf5($6go1046&wsXic($G~cv#M!>3#ki{(8g7R&<{cqZ@nsNUW-Ql;y zP~esHIz*BR-R&F|gX%%6^EL&&@^41I$|XLI9nTR2GGpQ?8^_3rCEi;DRh3wA!3?s1 z)-i!pn(HwJ4-Q9F?@xL(aXkPwj4Y|8&i^0gzA~(?Bxo~`5Hz^EOK=G8?hqhIa0%}2 z?!gHJcMI-zad&rjcX!xJW|GP5&iCxk-G2wp>Dy&pU0wBdw?2xlcwqp}B(eLjo5#k- zVqHOmDxdeP^oI2P^QjwKO5w}a0ESGm3 z3TRT@6YXmc(Bmg3=d5-ODmb%>-*Rb+UODAS3#gE*>dI}etQ;XD(^BwS`5nSg%;Oig zw}Fkz{*Y+ztGX4n#!XR_>SlY1v=-G`=1S2R%b9$zvZ?u(Sck9GAw{$2!<@O?wG~QVF5&uGVJwL+ZUS5WfFd7ol14lBM5NXu(iR`CKhN}JC zoj&#laUJz3{Rt0SWD5oNz=U-?fe(&|L|keu7^iKw^2Sd(RW7Pzb>s+fXKTg{3GCx} zo!`s~c4+P&Lf)`xQ!cMtZfj}A*glagyEqBa+dk5NY^d{fQu)m7VSfy2x3gQHGO6!E zK4J5ot337zu3RXXS<@qpAQG~NV&QAI^z`~6%eB_IKOt-92BuUTSF7(q3`fLzkzL9* zs3rBw>`_cRV*7>%qnY>ILybKI41>CwIIP})SBu%|6n!JpPhBgXp6L&k4bV<5xteVz zsEJWO%U}K=FAE437r$QZ6}@{ki830 zY01_&@b0yxEajS`!KUJ{(jG%%y@Aq3%>2I7v$0O{g6|x7!AqSLscp$FHH2cJGWUI9 z^Dhyat((`@dn#m}kUXBC4(-k(zai?qMv6CgA+_gdjhh{pzvn=p?mwnM`5}SPSAywXpsn-!U?WH96c}-q6X+~Fikx2AG5JVQ>&19FnOTp%@N`-KYjmVe9#u+dYRem7VN08;Ja-Vz&5;}25Ah7<8ZVGyE&2qyVh!6^dO9~B!38xUHB@g zK-3$3M0@u%pe$_wH;6egyp<5tswfZ-fa~4=!VG(=rz*U3c=o(_UCf0xEAwXkGmAU{vB3$6;$IZO8?CH@jMcvhi z_W}BW1mL8(U?Z46Zjm0;mlVDv)Y)R48Du#_w1Iq|b9jVm19|7@uF@1sQ!G57tU-g; zEZ_9J4_!r>wGH*7m27yvj(G<3t~PO!iZ;o@?BU~Ju+2|OGhZmR6U^=+l zpTtbmY`5C|T&6(=z2q!~gSdF&E zZBLq$`S+qDv=G%N@VLn^rg`IDhhA`dCv0vQoXNU1;W-h&36m&hclWvJAJ7gdUKxED zYKI1wrtD8P+nVXtyrZ%n4?uB$OXa5D9_j_5hUgR2BVTeft}k26u>5knC^@J(AFB^U z+an}}?2{b~L@-8>EeRtdtQ)z%=r!}_uyv+EB+4kH4?JHT=L7bC-ADSedmg#8)27cvAy$5xyYj+TAdM4e8quh+S06E*qQx!pIjnDE2c9blYe!Q>kEo7S^ z_bf0_XO?+Yk%OG%fDY6U4g`*`Hm2U=*a3b>W5X~6<+VVs{3sMrgWp1d z$Ec@x++_bOhC!fM-vFfXr8&Jemj;4xrA-+ajv&+6l6umIS5$=z6rJ+hs~eflyzk8O zy5|;*5){q%NOSA9#Ho5{6jjSI0T7JS*p~Mo`KvuDlG6_XxvA`}&5_ED zIMM%7MUtn78w0yo)jcsMJ|GM^Q&L{zae}I2miCeA*I58>Rr&*u34}frQ(D=QFi{V+ z1q4(?x;=mN4e($4WXGoQp62|lfn~6@Q{-ZB_=|}<220wF2Sbu7sb2?v^9Qt?LjL=( zEq=}lHUvMN(x5Qz&Ic_hm|!XK#}H@+D>^o$aR%Ylu95zmjdp>VPhXIA?X97{dTvq; zY(aerj-{?F7;m?90o8d6*Wn4`=4GR~(#YbFk)g8t+Ki)+#*HF}MDR^E#DMRMBn%LL zJed{ZJS6M_i@~^#(J;Sc#ZkBb&hqx0V4D$pGV{Vit3A z!qthT9^N#Dnfp+qZ05&p&?lH05Sh-Yi(3h+aW61(>kHq>E&2M!SN#*X z$%BTI%DA@R@_jMs&SsbQ#A!cl|X(_@2Yr2YIxyQ-S8 zw5PZXb_;5ElWV{BLdcPxCx+J+MvY@*VV2mVc1*A2Do%wv7;?U3wCz@IC^F3JRYXm@An`j2pSy??oH(;rq?YF z-nM=PstBDRIGxY9Eg1Yx>U<R1s~}!#>&&aL_N<>1L{N*WMWY_&?xMr8Ta37= z(D?2+>$sr>8`@YwN$s=n>61&$g(~~NWHYYHdxV;Q5*PKanv3tPNG^il@d`VGzgc*d z28wnBqU9Fg!z20!_K?r-zsC*@_)EboUhqo+i;}g!uJ?YC1IdfZtFrSgIet$$e_O-f zK>&O4tJhXI*9)azewoQ1(E;#LUDVU7md2LhGs>Sn_4hYkVU#VrYTaBcR2cu+0WTV& z7Je~wvZSKlZ#(?m_=UiAC_4CQtKoMN!oa`&vDIIXBYtnt1NZsKzA5~=rSsq4?9_t7 zbl5G}v`77+%wLUP;u`{xw`+ir-Y*J&&$x>UD;&$WVMTk2z&Ze8=@Kl+EoMXsWZUmH zUSY&Qjzrk8sD58it3>=#IiGj$4#Q~&UT#xD4tF$h3zlU=tNwb7SQ9C^S+Nl07x(I7 zD+wOKd6Wu)cE2c2yN6V3a74g!JppNYyqZ5!a+;cvTA4E`=>%Sy~@QmHqDgMPgVl5*y6Z7y4u7{}rwPZD&p% zXb@Ku+hza#8W0M!r^T&L6&e5P^>@T`NCBkIW$%3Ezh5s31ApDzCjYbSpEUiWoGWCY zIdNS&nf~|d|2ywMYfHJ~Wd3i_)F41W+Di>5bD$ki#pC_wH$VYMr2$W;;$vf0?Ev$O zjQ>sBzwNiB1}KLnx7wKhG<#1_J_Id%8uE~z^WSgb{2`Mju;SaAI9IY&#sB2=W$09a znj%cA@EytgyXW5ngaE zO~C4S{)hJu@LKpoaKxm)hQV*T{$hyN1PndUqzM1|kDS4uuE`S*I1X;TI*9)e%Ab#h zML_b3P&S_a{O2D(a3X-;5&l7v|F>}18(Oj@Vl9D}XwC1p`9b3}HBf1tfH`08`Ry0i z4_)m6%hM-tE!e-M!Atp51uF624*!sN_}=n#P001675wIE-eSHAo71ryzV>R)#A@EG zCLMSh7)~ZH)nB=i7sIfGC>6q{1^cB!_QsYVBr;RJTHwWc>s?qDg20P>*xizqy;{JA zQn;XZRc`L~OU#bx>FK=;+PHozix=x<$eIQA7ycrymK{{?m2iUpJFG7Jg-L?r2$4w8 z(lI7{sWYZg0_Z;eU(RsE3@GIN>f98Rzge)w@v>;T?NW@7hzMJpS=OTCb+$6*_~`?K zsyPsC{<;YMgG#gJ-YF18XN1)XEm`-9^D;XOy3 zy&|RzMw{4_Wt6nHn{;`}M+{CNvPcDQ71AommIZWmaWIAUPH3C2Oz=pJg(o93Z}!UH zk3PFRd)@q?v-3-}8LWzN+~1fUGpdkDe|>@%R0hFG#^zJ)ZqYKAbV|+;yuLFg3n0QP z!>K7X3mt{Mt=Dv+M$6zilKd)yC(^d%{~r5sTM5^p-u1KEM0z8_Z_G7j z;}Pa3kBAX*-q~S>Y)IqPUVDylZj?&dwF-4DDiY- zKyT<7js5IHd;VWGuqIJ#q2B2F3PKf^iXF9-{9z=^TW5%0wr{d2xJV)R-N3!0Kknv>;qIaJrC=XW7jvVdm$kdg5P zqr5Autt~VrWt>@wz+vJIkB_Ass@)Gx@KntsF1$b!V0~2)QrWnS)BuLTzy-R^$i_lY z?8)|FI)P{|M*3VzWJ;$n7C(tO-O36T)x2b~c#ZQkb0^P0m)Rz{o9` z-cZ>+^OjX(BynTZRg_yEtGC1FAxV`M4YIoLpim_%LEK)a@2$npxIS}BenpwD`u0~H zeQJl^#E82qya5G3H+p!PS#y$Wu$4YAdNNgcBNhU1Vd)Zb*b7%lxU>HL&wP!K4w`&3 zuFWXfDNOb{*)V(3aL(5OHEh3D9XnZkK@2Tx%Ced_$*rrwoC7oGW|{>3hhLfK9U${d zM*MycZe(0#mS6+BHAcO}?BB(8tLv}zv?vs7w^nl$BuuZ_oS6v^7Sq$Z)6SmE{r~8ABxaZ(DvpTR&jidIUIY|2AdC&=BwVh zLEf-f^e?4H(yDyKn+<%JB+a5;4fm0b_@lnHsFrqaFJ;F1!`=e9NH!;Dw{r!0Y_?E% zSHm9MXnbGA=-qal(TBCm_s@VgKWpxkNtGqYAvPTsrZx`&pidA<-J4Ue8ZKgtYk}hg z_xJ=va9u)12~{E|+CB=OtFcSuREAzz-P}@b<0kr9q7f3oupmt}ZO)uQh{vS1W zkLyry9^Z3$w1iTNZp)I1$%Gon@jS2r4st_~4+|#CYe}$Dpy;Xa>9T$DFwUhi zFwXdPzOq*c>iaoV1AMM{l=*!%+Uq$|bn%k`gZpcO{b?7yj)tyK(OweN@5q<6k)2}O z)r!OlShTF|Vao+SH(pNJP}dLZjdC%vY)K(w9ws|YnK?nr3!1!I{swk09vnj)ADqJ9 zzScRU{t#U>#HeJCTliz)fiq+hRTM{z`t>(D7P86xI&a7CBXgS`UCnL2ALWtONH=uk zGF(xZ0>RIlVIone(7ofKb6e_aA{!RHpB$uHlR_LtiSEoP7Xzg@q(0JMjhc=}a3Xvo zf0p(ih?VoZl=;Ib<=k{#o>+bZG^2Va9-jV0`xEYx#)SZ)@id zDa8w6lU&Xp@U(eZJSh=b=S**i=Wq))~9b{de6jHh!=De7~$6P`qPO@A$Q7JsF+%wI5*zhd2nje!> zj8yg?a`wKbcU)PuhMet#+r064S?7J0Z{pyhW4*a+){T(BL^JJ}5=%hZfM2X&8bHMp-28 zq*M=Si9I%Y!`=V+p>aT#=8<>6oB-ZoZ3Q)&tytu-MY4uhZM*jBgP<7`7Bl*FXV6tu z*!)1+)1Ds=;+ztf@jBm(j_sTY-(nxIJeGz8soaE0l;1P%bb7<;q|v~Vdh-#7M1ke) z>6yicgb#bB#E9KHvO1N^)BSL+-fS=(d7Md^zvIV6wUxOc<>wp+`<~{{!NLOZwLBVk zQP@6^vulYJx+>SP0%r#(O~Gk%+uh06leohstptsIR;^{va8`sC_RR=6AR?!X#R-3Z5csMnVKr3P!Dc( zgX9d`b>YbI0t0yH5Xd!5=eLxgsY%de7zxlXXOJ@3CM9|Xl4$|yA%c=wIkOV2MhDLB zG-o*KjI!#1&6AQBvrxmI2zg#SnV>Rd6{)cWlygOFmWpBs-8HrHX1!` z*Wb*{cTQ?AEmX~@G6<9j+K`|QD3(yD&&dr)8SR=VLU&f1Nq0f5(?%i^T?eUn-@P`W z7kIO~QK9EioGw~8EO?qfn?UnJ;$ywTI|j5LMP$LD0rci!=k4u}6hbEBwzVcQpL*tz zmQ+-goIFh0yB#$(;I*%{=bm!4YqYEZ(v^ypshz^(Iw8d+t$mt2Uc{SflpHod0Ll&w zsE**oWy1HXT@0e6C#5D=*~eLOSKeb(lZk@noXx_U$xI~o8RN1r$(Quz-%DvrJ<#M5 zU<4=NC+~FF9#@6ymw=x{U0-S_>12))m3)TE zSDVcdkqg;2%Y2QH+4^W-z)34| zkTu+eZUiA7IU!#_H4O?>gCNmxt>~a)rLt;iSznoH>y<${6VYn6wgR6qeA9=Zqqch} zCO+2t)r@cYS_;MepOK2#Ys?0L=$`{4T{)XlmGQoc;)fjt3x!eol19smE1Vj|;Y*ak zN!`gLR}y8Yg|PIwsmQfG(fIqM^JR@HgbGG^deYoi^!m1;Nlb=N&mAL zg-o|b2_ zqT6EMt1{>sdjO@Dt-`dUw)Vj1cKZ% zjgo=*-HX#JgqqKfF(>p#@GwH>Wy17O%mn6-hx9mcfT_uNg#lsNb*Qrm;AJ^zfz3{M z&r-owiLWUEj?q5bsXsvb{quh1D1ZwifIlxhKdcf`2CgdhB7SzJbTac?-hN;u4XK?s z`<%8q!qucc0a02@Y;^Fm{Be_UVzJL;>TB-$4>`J9tQG`lwA~ZS0j#tjI7ZGFTCzT|!u1EGa#EPgTs@um*`>p3fFqW11rh<1qdciZHhQPR zQ3yr=WFCEAj@ICf4X#e^17clCPR7X9L5c82xDsJtwNA(2dsOvcH!bjwGsofBdt6mC z;vw}=B9slRAvn7vj_=1V>dXTTuXkD7sjt^B-3KUV$Gl1!jlXeP`d@$DwGi!&CLXSy z6dI?$EMq!c z>@WE%F$|nAN8-UMSEFDx!?*gBu!nEU(d=d%yvE5s{3!%+In3-x1#5I%O4}-n3_S;H1a+H6(%bJE5-ps%e}?GSqs% z&4_<9WUZ2y2{5;`3@RmZ^6eD*1K))$Iy8d{OhWe}V~aymvFiF7eIOsJ5(>@ljE$E$ zZn2*|v#*jo&GDsPwstZTTiQ@vmGJPtNUzu!BWlt5d-K*=N| zBg@em@X@uhkTdlJIiVBmCe!x6NSO3IYiIJJRE1;`#OjC2g!D0m%O zFyjv!#L8Y5h86a#H{mWGAIi9Gi`T#oVvW(zQ^>@ zTBItQZx8nw%Q!NW`;uM-B=}&f!ZHD3Y$?((85az4gpJFuX-v9rj?xcy?7Eo9Gr$TkA9JogPcVO4t*xDqFihybivByi`mZW|Tiqc~#-uNY99!#-2UKbWtM*?tMN zftOCD!G(P$3ITAvE%r&Ax+)UvWVmFxgoU2z0)q~U6fRWv*GY83VLr~|8_QB|sIUvR z{vvSn8pLkU49Kq8j337B-ZZVtYRCB+DQ7sxfRhHe)W`Rukp>gpDE1q2Z_`bG!eA5& z%ns2iUnQ9g5_WjPa(veb*}2oVkT+@LF%}9=#ODeaxwKRRW@8`VEuq_X%WPFCP}|`UAD#$4azXqHLZ9DKm7K0Ks8Fx{33nVdV8Ep@ zMCV7Iq^K!o&fW$}=*&gU^`;-{Qlji-4mKyE44j16`Kb6FHuojVJZjh+3bTj=(NrIb z(SrA;M2b@V6FRA`AaD2q)RPnI8Gp(a`weH&)A_%bN1wv|e z*7Z%;!lpme%x(B4#&EF-{1d(LdP&0vR;;abN%h5#Wy=J3gkuDE+>k}ZJmv?7{~ z74!DR5KX-8i6yLDFzzS#R-;xKufU3nJp=F;`WBn73rLbwMu2b|AH;vbZR%y(pX>cR zuFJ80!ixTmNeJSHgle3OU_tcs=`fnYMac5uJ!W0a`*ZNFpFRmRaJh$_CN#S8vKi!W6?zhnocYMk&F0x3Gk32?3h~+MObp(< zYU&kU@G%|br(8zpp}bw^=8TUU)#)#6g>(o+;Kh*&z?AC2yd)^!HqiY+gPqRmcXmme zUa0a8wwh5kfZa9K7hLc*i%r1N>*`kn7jbPg%o zM?IPj#zZ7p^0$dQC*R2Lb?e^7ZP2>gk@R3Igbgehp`*AEom?7W-!@B;)0a`Gl@4wC zeLHSdQ>50oS}Eop^7Q4}doCcddeI=3boa>0^a!T!UsfL=@5JoY!4E zs9h%CfmWy#L#vF^pVD?!?|@I#b^5_PmnIFDovNmCQK&_!Q9a5SkOD9-qwVItgZ^S3 z|0>h0L&ZoPC&Vv!bxA`$U?4Au?)wi9`6D)CiLIt8u4zMwE$1S&L2LDlE-B;80N_gr947V>N2_wj67fPPV~HW1}}<+Vc3o_t3lsvB8ue zOZ5!D_KDZ%!;}HSz8x=kZpR;qS>zpIP@H;`yYo9cv>g4-}}Emzl!IM`&0`@xoyBdJ4qsBz2#~;pBz3h+Dpe;{jRpDM&fanjd!06fiE^1;9<_Ol713vr#&^p6v7uP)}27~BttjAK`7KcnLu z9xA7QY$kliYfOH#h`eIbIXzRFG#4RgoCE~R z)t^>Xs{7Y8nqUhRA6-t7PNDmmNT)H2iGDb%o-0wRqO4~2LboM$dar0c@72H-PBCrb z2sgdYUAkYj2rTmqChgPE8ujl#vC!rk-@5Gx-1a0Vgt1z%fU`k28d6jkGF{lFh8 z_kWf8J)1$PUDYmF5^0iXvfwgwItrkb%H%(VZnqAPBm4L4pbOr`C-kb2!B3Ha%8nJ- z&01OjWg!pci%-bVceNMYX^{TMGHp&MP1ixn3=I+Y7l`DKS?cFwD;f~3aFa9e$DW6O zmGjMk#o)R~%YO>re^$j_fqByci@hgO@kIalfZy4^mw06Xh*Yp4TKxwE^UG8G_0=0q zASh%dkwN62AogDb)ko{4_>8;B-gDY}(KFYJGKZ;1q9rP}^a>$Go> zuG<{Ttt`u~uL~x>0xRYBr(LGZ4h*wHN@}~95v02bD}uiXU{83Z+F@78*mm}-Tli95 zU|rwz9-G4+28alF=jd@X!t~}hTu41rzwo!9)P;V+g$h3TU;YwVnhVsw;6jisDjbk% zE{9dMht=~V6$Uc7mw$MIL+TeiO)3a(>fe!{R~m#Gz!uVAD5R>zMgAAWja9;DvHz5=*A?mtIc5}uQ0S#GL{~t)oFAM!k^~*1Sm#hB~@bg9psHikL2BiPg6A07|YVFpt&RMdr z>K{Ye{<;$0rUglh~It< z#D9B{7r+z{S*I9r|2q-z?;mJ^^MdCYqx%Q%v||hU{B+%Hb#?IB_3?6=)#It*@bPT3 zKe-r}iVm23sRH8{5E!j@u<#8Cm|wcT+z&7*uFEk|N~n4%W{iY_6(iuuJuimt59j~t zas&)4AtB+U#N!bfjaK8pyGl3aWm65+%eY>!9hV9W4BY9P{IdAMk*(?r67Mk2p!08q zs>`P}HR0w;CzmS}1Bda>d<|`JqoNz8h^Qz;(|Pi-?OR(cFyzc7nyt6BWg`g z*n4kl|FR;8roTW-tQ4=v+`M9%L?w#Wv&=QDUxleRc^?k}0aHNuQkF~P1(6qa#5eZ$ zLPA2bM+#?fP-9nE77g?#19jj(eT}U$$mRAbtg0Yt$Z!2tQsHyK9c}b}t4^DbAP_L6 zmdN^UB}a(_j6Q+;KLDP#B~eG8wZy@ z*H}zWNy(s~dBR!niGk9A{#(-spb0>YN+}Hj<%k?{gfQ1@_qm=L{XFGJY>Yh*rDQ@} z8W1Zs42V85J3T$Ec2TAa>*xIWdueVj;51DS+~i+g6(1sr&8CZ)PM}1i(X@_349K*SXn7!mxmb*~i&QB9R>G3VO4izHSv2_&ON`_Cz{Q#Qbr7&$()==Iyf4M5={ zYKYUV263~5Q{VYm{RFjwG0OFBZYn>Zn;sqw#%>Ep#>ccru$z$DD;{vF-=NeYcN zz0}~~;Gx1B+*lyNydz*6E(xyT(03ql1V0<8*#T{}n4Jwy^zSjns|xutX3S!ke%h7g zB$%U2{oV#A{!7Qqz;L2?Fv#iEuP%zezhLujsm~8& zP1lXbRkev%j&t|X`*)~}I-oxr?|cH{C($a$^@Jvus(LVVTYku9c9;+ghkei*XqPXu zyw#tW$5ThD%%lfO0-qJMs{Xs~KwQA-NgTa$Z5=6VynU(KUOgWU2Rd8u%d(yqrPTea z0*^Z~&(mr6=}xA^N#x_~{hs}h9R~T~zCEbswcq{UH#`oP_*#-@9Ak&=a8n^8kp4Pm*G<)2$iM-};yl#A-RJ!RV8xl8z z#Ioqj5f#-Gev?>Y0n+hRreLX+!oxx@{n1jj4R}m?+`iIHH!6_^*B$M}0R`ek1Eel) zui)C?BUg^1l17I}jEI$@s|NI;1Ce>N-p3K{Z|V;ZtYK5h2m$4U7XW2q7+J0%k0%7~ z9~>r>!aR>=wVQ8;tK|BfP_}89*V~7O))+-M_d}t_!YiVTloDy&gZeV7O5HxeHNrZO z!t6#(n(kJ{L`T1zjdZh)_e|~{jThwpcvn>k{TKY6mj$WzOeR46qiEn7u@Ou+yIf%@*MO8_i4QVy41e`Sf(VB?z z*~~cW0qayUqsK9F;QhwrX3ulKL3Pn1t~;uS8z-N9zC93YT2PY%k)Ci%!({RZns|0j zpxJpHXmhcDL7<-hm0BUEx*B!9#-fIV!{v%f!+DqF;lO~$#E8ZGCq@;x1{-k#!jklFX&>|ilr`qe9yb&a_)bh_N#8yMxR~NS?u{kN1=e*f^yg#iME9)+dd!3(E@C z>!F$1?yTF3#rl1T7x^Z2Wlkx#8{r`JqDqUfOs!!|cFX zYKI9oRbsmUCiPMGbr*NkIuk^0(bH_E>gffXjW+lGA?tFQfhP}YUF;!N!&L(*1j`OC zC+n7UHabV@BfZAsK~$`>yZ@y%JnUns<&)(w zXSKg!ijEsdD4*80nqsUq^B~Y^tezSnZjSogAIq9^klUWI0JB{jtgUTWAV3+g2?GYm zYnc$Dj38eI7mWLWtQmZSZ^!yDCq0U(Fz-GUGAm==vQ)$fKPpwEB7f*mZ7ypsqxz*I zDg<5Yh=?3LF^C~AJ24ME;Jk~V7iC(-2MsNn?P_v;x@E4_}Z7&0#8;7KE^=7B>W~hC8}XPacU*8x!B+KXA0% z((>@#rfLd~;?_|wbvtgc=*^UKE;e!<-#RxKSs=e1b%h;&-scunYchQ<+^|J<(teep zUN7o?$t}JdQ4`*Zr;!klD8xiY{DjM+Q9fR+eO{f3e*aC7E%NMX_lQR;T-Ru%hpJ>J-$QM0-tFUcm>u}MH#tcLHKWqv-SeS1x(2bD2oYoaIP%Fy zfoG6E$d&R3W!qG~x9^kqR6xvh*u$a}wW!MF3~1lSIn(B~%EQR^i0_Y;5FL+0?s4t3E5~+5=#)Y>94A?g7NVWD z>gIVnny#l{Q$?!V^s_+3{z+`}1K4~w>?Ouf&-y3UsfG%p z>@(9+j?})^!{Xs&c_@sPfo<@zs|djG`uI1W^8q%d{*^(aqgLs~%Vbn9XWUNy#-J`LEhsnhT`uL27RCjhf)f z6CV0UwZj`k$GxP(_8;3c8Hy9QGyZFniCX!^d>0KFzdW+DfgP#ZDG8 znHyG@R9|dQ>Dk^EkJ- zp};{?5FQp}j|*93h%^5ckj!0<;WwY<4bu_r#};@@G_;6-RBcY#EadtY#h-@|kg@QSCE?$@G3MdtM89jJ%Pk)MiKUn3p`TGjb?JfaGm+$>N8THk9H zH69~?ATU~iBi`&ia*4A@%JbRNSu#W6EQuW!wx>vnJ4}tQs?}Puo1@Vs1=UAy(sH7UBgbv6|3_5wJ%C3&Yd0_Yxu zk7eaMr8s?#0~qnz;Uh2BwvTlsf)M7f0wH$O+*v6%UAEcPFDC1(1v}ln8bLZiqz^5hq=owb61>u;ms>5iS2B z&DTZHEE+z38?JWBx$v_tdGh#1M9e0 zU(0-WconZ0F4Gd~x&X%L(Az<=xaZR)omq}jk4(F!6{uFQ?lePuewh9rzXf_`K;(#* zltD%Y6@o}Hy(8-we82whP+llAVY zuU^b3ID%SZ7q~?ub(PKX%iqU&dE=Zdoz>goN{;m_`)+(LI9&)44EF$^8W)L3WkMni z&rO5XmleLG6&q52Gey`109)JZpVn$?&|!+yFD?Us`ayR{qy~+>a|%4noSpHnm}~Y? z^?%o}MpRX8PPX*kr}xXV01i6=2A-)4WXADXiW;)P4z+Wd{01!&}b__XWl1+jmXAs1jbOqRhxQ4j)wwA(zuC>36 zdORDm{&f}r>^4AJ<4PeK?&%ms?>tQ;XJv|RdnmlGtAP1Dbi87TbCS=t=aV=i9Vuoy zjXGgWXp?@lTiDuwQ)K3q1G=6ntMmNZoCt<;ont(x7|+ogO(}Um#T|Qy$Gr5)bMz}b zy0y`JdR_`23D~(y9gVY5X|nJqyd_IPdR^Qbj~l~j!ov5{Z*w*#3{Fqesg(&e_Q$MG zy$!*3xpwRjHfgEbES|2_oeXlXGc8QpI8Xcf?qdwqAzTjv73P4mkKDaCdQr9QDQ6+a zMxI)R#7Vb>R-<8d-BVq9kLn|~T=tK+@ZAnCxq;hB_RR%WGOplEm#KLTqH=dXp>PtX zgRX;(D@#&a17_VbTJg!kjg=*)*h3G4FzVM&L?}e1V1%E@a>7sVR8v=ZnGuLc9A)jwkpYsZ9G@-Bd6;fXE4rle{uMPgn=}17> z&hjqg#?0xT#4d|KREW7bkCC1^!Yh;Qq1sa2D}+5>&ix0eRM2?$~><>o#!iWT{p<1j;@g(;+Es5CNA ze%04$4|Ky#37_)Z?*59OL<%QxN5vWCOv&HO?e$Xami!hTJrMCdEDr1K+EsMo2N#g4 zdZ><`1U>2fHJG>am(EYM7~;%!!e2to`FEd4Kx(3_`xa8c5DFKvo+vUcEC!b|dG0yJ z-ej7mb453+ArF2MiTMVr&GWoQE1JYo0ZQU6truLT)nkU6YDEE7-(|4HvFIUKA&?bb z_u9}H-Xj?0%4|z#;2c@(vgS!{`crr6ngj3%ExiQ?ZV&0BYm?UM)^J3h*gOJ4{z^14fbJuVhX39lhv!=u*yEt97TRE&23lQ-tg={(#eT!9We--qiV zT;rk294)C*Tsq{TdFUg$EpoN$tdnOXKG+Iku60;&=jOw$MG%#YZ8jU%)uQoqSab~w z*U9&}*HY@S5>iRA+V7}u&brBIncNOQ8miP`gfHx|Njg4QG`9{Y(A2#HK(_}71>$0L zTkfb=T`r}MX=*>5svX?mUGt$-nm@amQKvjC;|!4?x4%v0azXW3vrynk6{q0$*D_V% z!M47^UeJ730MTJrMT@&HWDzExE6o;vqvCkG8B1@yA$oyUq{a5L@(P3l>=-}eu@7bK zI%*@m~we zM@4FFAENwbLOJFOnDCKqW&0p28Hok;h_nk+kizUhD-DwtoH0O%GLFJz-*IOf+^oT@ zRXhRKsrNHc|5}>A>dd;OuZvTImARDGIfu)uO7wbS*Fe4)!wF=$A87*G2j*=U6*iZW z?tPRxigXxYq(4kcBE#R-?RxCi<`x%q10N^3aKSHV_3`TEq8Wkf_qXErwJK@p;MU$i z!wUM}NEG7E(vYv%$tf}Pmty>wEV}x2S#iEN+6extD~L@ z_){Pd?irZhN&S9Jgig_RdLK)t8~e*)fp$DItGdCT(ha~?2P}tD1)#`YJ*Vp>HzD_H z4i{e{BvQ8ONr~fxMrNbyzcac~$u%6O85XTL&D^`w<}UrxI}qx|Lw8c>aN3k-{(778 zQ4k42|-*-td5+3ZsV|*5ZWI1Rctf2Oere zX%lwWWCr9j-LPiMSC;6ooWe9A#YSkXL*TlYMME{v6Y-nd+TGj*SCy^Ugw=`!)l&Ai z+I+OEq8?y;jsdi~h_5rJn@4Y>&S|tP=Lav>(p{kQK!lEN1(VVNtL0=AL)bf-h1Xbx z8WW!sph&*#2vKJcU*JUX744JtZ*yBeCNFO6v5@RqI-|00g{T)^e7^3)Dh!!Rb~)Pi zIzx*_DtTT1y}wcufH?po6W@b&c*?|9XA0e;dJb=Y^}GTvF+q z<#H&RcfYLSVseSw@mehr^LxJ!a!}9V#1^k|G~;%G*7F&V*tSdu-fWJiR&3q6+saQN zv%Mr^vVCZK5AnKC40*LSfqtM}QfH@vKG8?p-l zIyiJgyQy8iM-O(Z`WkY-*Mz0{TiWZqe1-YM`MpWFN~zANo(A5O#J^t@u5=AuXFoZ4g*7+0&~&f(@KOYqlz0p{QHNQn06e@ZCorx zCUfKTIQ0a(d8#WLe5#1Pp0>c4_FV??{9a(x;el>RLXLhOC}^19LsjErRw_$b>_VY34R zFy6tz!;#n5CDmIfEmVS^HCPFSA|tC~qGM|D^k1rZ7}g5J*x%P&NlQf#lk1Up$C*6m z2?v$)E$!_1Po;V2BiW1Qb0Fs!;^TPN4w8+$75uzy(zb^h!|Xu{%G%7;I)R!=;$ZTh=rp zH69&3&kY^O^UqwCC)mmhbWew(|766t4w4{6{oqv(kWTx0@vJGwi1~tAeV&XA3NeVE z%M2N79|>2ti?-7}?BZ{yVP5Vr#7zC$1spWJTtcg>w`kT{hE;u=0anh~eOPjmFy?85 zzFgeS@ym&<(!CTK10I&avP9URs{>R|aHzsGlR(;wCpJd~>@HF$N$OgyWXn*Xl#HQ5 z3d<6D`!~U%s_rynWCnTeOXl;HFKx_h8Tsoq^i&5>VJSC?oShPNQP6Wq&-3#h9;_0n zX*?F22!>W!K_M$~giG_Qb*)h8br7|JpXVpgGJ$u^?+UWgsF+Jk{zCLYZ_==+(`#17 zcifOhVGz!s)QS8lI?O{LgNhVWWWU0tj?AxV@nyqp?{MY|I_52f0z+!MC&kDQ)zKoU zsFzQdwV48yJXtBp)S{BtavmM?>?6_1C#-pV>SjgSH%}03Pdf1uYGGpL{^S&aI2(w+ zADbBtk1vc*;t#VtUhq|(Gy7|qRIYM@+e_CS4Y3mx#lK94NG)`_nbIiVR;&j~in^@L zJ>gqsi0AglCwXD|4OkTA*XyH?=byJ#5Q!deUu@h5nU#LoM{g93I8tzUUJjSW(O0(J zVX8f3nXreX+Mc=4>p**Sz6)2^r}P3vt77&s--0P}dO5bxb0h7oc{^p>DaP=C?-IS9 zF{bNau+7Vfh%X|5nSHN?lpqd75BK_Y8P4!}JShNi;TUwO1G!tjP~~Dh&pp?g;bkLc9ybA!Btuekb`E3u>S#(WY)PY(~c_FQ%GdQ`HFWEb2K zn^V(rT5%#!As;9N-&L_3y>k?G+|2X>UyaU|9s9@wQDf5(D$x(kX)rg5XUdPwzM?KmL6B8+PqLq1a#`O_L(b)3LPM1( zcKVANy^57_a_-)+qktK~u=91c@uX7AVf2<_DR#fPxw*~NWW+QHzk`K*LM*WaZB#^r zq{iYyiX{@&FSs)Zx1TVwfTTG2R0Dp3Mi8rpRGMfY{3H{npNPV}D+Ze+0(1D)8yR;V zhHf`4PVuYGLL=~sS>bYV_$t%VvY$bL>n8OdS=!p-ZK;H%P{Ce5;^*#X5LsXFO_*HE zs$^D^D3QEcim&cfG<;1gnyT~n?|v;QSV)r>f>=8{8X^lzRjJ-6Zj)b_rzQt637>FA zD1=7Wakaj0MJeYhi$Bug;|k8CvTX&>{Fb5PslWoxNM)$fybZ+D9c?RH@d zO<$}js#$@%R1s{SCo4T5e#=;yMl{UUu=%Ezfc!;l&7y|kaOy`GvlS!`3|Fm|M{tVW zq29wUj2|PzLZfAD3@l=8dm`HmT3^3ONi!eJ5wNyVIngOs>;=)S`bA!2)mphWted}y zVvQ%<+39aOu2`(iK}adGJ*Rm_*KDAPSHgidQA>=*8z3pVbhp}U4mR1d;ndjyB$LvY>s>&36H#;}OT+-k+ZM~@{B;%bQ7>q`0%uf$ z*H6=E49A(NPqrgS{k1F=i&a|Ts1o|uqp}l_KFC|T^BFiTBNao2uIi3M3PqQU;1sv? zOgo<@GgtkcwNq%Q!g0L`(38E@zaGc?OiiPMZLSB)kXYq@&{u3+f&W~-V$n`uW&q#P z9m}N>=h9FA_C9G!y$*SKx;`karq@rsNLKKA$8Q3kJ7xTwsr0Cu8cDIWz;x`V-+=Y< z2s{nI`XQPXlbEgvVBQ8qe7#*Lpt4FIIh%#>My-OccVN0;Jt;eK9gxH4`(qIK zK+SuBmMtZ(ZsC+d_E>7wJ=SRaW0lA%Gr#Sb+)PS~-zzK9!nxyRZG;*{bD#~y5th#mwj{6K&mzw%JC2w49`JN? zuqsZ&FD@0YJhodbDD%s@FdZQzW(lU0!Xl>ff&uI_6D`*|;_OPbCm0tF)_x&$GMH(a zni*^7Ztg5QPOmE7JcRt@j@_S_i|g?tBhIk209oC6pHdg3qtKFdmm5^4`>y7TW%3rc zu~ACINNlfXY+|@J6U0)}WP;AiyBr9 z85hj^8s<=c;eeJO%JEYsg$#{a$|0_?aG>m$99kE3jF%(pkw2^P~5j?%X*lQ|jD9{TdA1*3}0N{rJ&(fK$fatuyPjVg4D z@Ygf4x2-jTv}m72^*S7HW&(&y(#%9Ao|{8)?#U{&Qg1uIGeFO0|NJW-Y-Mikv(IYo zACUA<&w4*xY~U8LSqlrt2a@#Qi8Qm!e+8LrdE!_MdFT(iuzqZQ5ziAIjY|z!7 zvJapf2aDz3v8T5PP2Rm|#9lGl-gMh5Yz_nsrv_zmEm^OG4_D=Wt!oX{=tW4>?3#SB z8jwtC^pF^SJECC~DYE~LBra)ltJ36DLmwrNdr)Hi`fZA8-no8mMNq}rN_J}0t_#!8EOy}Q0pR)--hOzoAFnQi5nj;qUkW^km*@~uy% z-Mt;u@&VM@yCxE{ifN~S>id3B@baB*l5u{y-JFQbXLe|Vl7o^F%}RbVkHUQ72v+I= zl|{KW9Wl|(tY68!Z@-13pb$WS+Wh1z$nl3|<*D3LzuK<@XxqIE5lfcs_^k!r*xk55v!4futKd8k4@TjZ7?mlrNy2(c zM^fk;<(0Bx&<_=1ES2y>`7{(*!i@+qS!K$zP>HFo;0BQO%&&-5rgMX9HT;1m<|Ycf z9U9HT->ZMSP@K3&=yHW)qNW|Ae@v2|&04DJwPymQy*#=7+}Nr}TTsun8c&YNsNUKl z)EXVV9Xj&D>oe0X$vNg!`A|a30J_`dB|5Ks9rM>gE+SCbn^Q_PwQtz7YF?##g>Cn+ zAaT2?bnt4)DNU7?a5t14m>c>N)XBxlR#t{B>r z`<=40pF<>MDp*iIVAzg_jgsD0^BaG!QzPrRy$e_|rpv4T<`PRYFxM?(F zx8PPJ%xs(b%_gQ|ra(wy2*T*wNj#&r=(WNimbAy(zi;_5uoj+-^%`)4ZK+c{^SdW0tYRMN0We}uUf5I(wobb{Kn&N$7* zC?%3C2kTJL%_Q_B!!k;Y679e3jh0)mi-Of0BzLp`f~f~lAAC?vXQ|5rvX*`L6FI2N}wgsl-ZcvvLO_=3%Kd&@vfon4L2ThyKIRyXB2n3rYX zM`i?Kaikl*60U_1%rqc=o=wt|y>x^MNB6rpPv2SZQ8Ydvrv&YzKT5>4@_+9N( z3g5L>{mG4jAv#!xqZ4UF48*#2w=gz6PAaHXkQbO`s)pre_azT;`|dOd(vs_Q`w>s~ zX-sd+W^Gc6VQCoXWYF}Pt+?`IV@&1KO7xjQ9E~7W_DfEm*$b%ygV&KDQ2>)t+Y<@t zvk#@#*(uh=KCG5)T7JPh& zlmEDD)wQXRBqV9V;xtC{{nxAoj=L>en=%R+et-Nm5JFix4av~Cl$5nmC;Y0CTr92-Vn<+RRM4N77q z-U+RXYl_ZrF!;C#H=g%3E8L_i17M@G{LvupL?CU>TQhtGuVW8kxYT|vrd$bw!axWU zjueQENyvy`znW?F-?5}H*Tl188Wkp^hI79QorU3%o^4wsy+?_&1x;>TA*% zsuQyfS$ne7*_>hi8otnrJ1pPTa8t6~v4g-LtE-FoBI)`%kZ+uUiF>meW3wzLg9HFke;}x>#)lxsL7B{6&Ak!&E!*0}*xH;J0*IjP`1eF#f z%~lQs1_tVlCQt+!nw51p=+rqiuq1A(bD_xmag*>tS(1J3yqgZiRlkmKe#s25CHSag zOC}J7!scLzmgAAz7pcd}h6YVKu z(w`(9N5?VehlWfr{H-qtZGtouN#UeUk>`5ikARH=)~Owxvu!IRlO0XNHHW}N-@V?O zfJTLi`!Y8dQ@GGduA~w^H8P^)LNMN&+H2?0S(WRFT%8^6tlI~B`dP(K3U4X~wYG01 zs&i@gW^fOb{!xBbX1X5YOiGtA?CkE!?iFqlN*T-J zPcnzF4wej`@+xExVhouAqM=RC%3nx!g>SskdHDq{al6>ub|mZN;m)J2@4=J3Wt6hL z7?`qmJ6B82O*sMa12H^HGS&mHTvBNa*?KO=JM9O|D|>s!4_$eRvl`F}^apQ^Gkw&4 zM$WlV2T#?6XvjRHIEYU)Tso3iV~o`To}TS`3vD_x#c!IR** zEnjS)X%`Y1nx`fB`1s&382bgn?n@3Q(hbg*YZsYhVg7LuU_l+l5r@8E_C6iRjdmZ9 z=pVkokyu{2=Ge;^QJSB$S&jD9lbRfWm*-2-dO9{*L}$P{{LZo~Dll4G`CS#&mbOYJ zdeHUmAzU2&V^Fq&5$EL&WywKdNykq6w_%kuf`I$Cs6o(peL72V?53gWZa-8i1U$TG zR9Iu(yKaQ#)tvqb(Q2SZe~{T|((%GURWIeW`5h|QTZHBY)*x3=eI};F^m^#0Y?XLQ z2H3FXqVs)Tel$qytWqZL{G|$dC@#^*U@@HBk7FN*wlJ7BP$zV+wpWw}PImjK>oCul z&z+?gvR0d!84O$Fml=J1wjL3Q5gGGIj_d64YT*3>DWP-O zdHumUJK6gk!=&)6$Sn42^8hu#WmBhXfqX|h#lLXR4XYSB?IxjF`t;cb|90A@u3y)p zQGJR^DziPTAo|;wkx17&wg#JwxP`82{Zh*Eas_RxtU{Ahmh7N*danuY8DEB#a&=qB zIt-oztm}DU`508|#EHBWwL%SUyYv?Q7}2QHfe@w!xd1?4-5uha&F(;GcosM-8q6CjcRYT{$mcUl-8+X zScxWG{GyzLy+9K^&CM!-%7$wpnHwCn&jv`iZG>Ld!IqAjG8hIH@?VR zm&TEzeOw%syikoUr)Z%VrK%R_Z-Xzy8OBX7MlCF}SrA_1T)1(QtoO|(?QX3sPB@M- zHW{Sq@|$&T-W2WcjyX%hFey8XjuVtEfM%p^k*Ku1cJ-#ChflP-$Vt!9I;h>f>Inl@ z_b80-NevyRH7+j^zuJ|Ruk{Q_jPmz`}=Ho2d?J|cFS7Hf)bUp=cn&k7#MtB2mN-0ERW>*d5WeoPT)6YTBG?3oEcrS9eh>7Rq#hW2wycsW5Z)}f}i z0@X<_m(q!&#gbah_p#n09QAUUMGrAnWhrdERnJ)fV39`u=(!foupmw(->kYDprr(SFO)~@FAoR4QTzoGMjp51Zx{n@AsfISBx-Fx_6Y@1jK zFln7)v-Nm|fy&z zc+Kg7^0sun+ozIEaIYDmlO0CrUQ5PpEhBJwRk%W1CBj)JBhSW zYlH*FDxkMH-1Fs@25%(fHY!(MEWS93J(M83-{r+M`t#wk zli!?$zCg#RVcoXoTyB96$PSvIb67CZYUnzfzY27aXSiR;2;~+B$9Aq4@l>f>3p~Ba zm{i{GZtD z09ZeUKw}FQ=8Q%#A**;a06@wVGmjC%H4kfGGzSA85t13`=%3IS8Fv^ZIIGD+nAbOR zOlyLo!y8?1;x!OEuUK$|af-KjAa>wI6tb>4qMlc_dve%(Kt#TjOSVR*3>8BqP`|lSk@_ z03O~bdAPU!RPNL5FTkE zapYqA5c?PPiODOQ$eX!Id&a>_M=S zxV-sfL4~LJ4YfBJbl3yfjc|73%KA~FFlvqTuN9AlX7pbAW$RgTeZIO-3JkHT>l(zO z28+SIUtJGdKWz;i5hmV$pLW;_`s+i3Id&+;3H6 zZ4p@_*uGO4cf5jWrA*Kp52WT55AE;^JzeoUPCs(_V}w86S9oAGXA-ouEO@OgDr+JW;6aaMomig zkU)jJnwZ3s`A+z@tu2tsi=SAyktr=J9|O(Td{7Fet_zZ-tdHRBk2_2nD!TO}K9io? z%mJk@rYJLyz8?mS@1`-Yrxf)w9M+U=oSEHcfUtwJInOa?c z+xj}(G`R?_hvp3*m1&b5Z^Oc6Z{GBP>3K5xo#)M#p$!Z)8N30u^1WESU1N=!LG-%| zO-n5H0S8`G-5m?TE2(S~hMNyuKb1N84BjUq<@#&n^3%In%ez($?yZPQ<_D~R=avJtXym;lkV1Iq94Tjf7-lhR+l@mwow_`p#=to|y zX@Rc`JX25Cd$CDLLFFpd>SvmUhQtn>MrPRIspN70guuRl+DJ8&&INMf)0B34I*!>PLVx%v)LK&Bo zQ6>V5L0N9|uqww!L%Ufi%@DNu5G|~^$s$A}>q0g(!Lp^5umUM61a8pYH>xI4S-KbH z*{NzRipTPqVDrR*V%}mLYnm*It->q?mk;%Qw-99y;5PoL9>*!%4pugb2}x|Mh|o+6 zjMXYU_VTjhfy*^o_AyLgLF#)QK49NeX0a){GmxcFik{Iap27me>&-2-!UJ)v{m~Ui zr{f+yW8jCeRDlu}V2qkJy{ERZQ=KtdS9Zt=+EEgEXbf$Gx$4}wEw>370dO?Z8}ACT0B`$>WV4I_0wLiCP%d6os*Qj*iVHxLL5 z?8QPrGuHMxZTLh+=Hl_o(;2sI)ycrKp9?HzS7)*sHZ7fZl6AZ=V9{uq$5xxHG~n=f zHCrzNv1eP2F3C{{=>G9zKtR7($lzt{kieb>7Ck72(1L`dA`>KkimQ>U59yFtL!kb# z<|~X$6j16VfEd4|fEQ6haf`SjY|z#-o0$ehnU@qvqZ(Lp+J4TOnFfQciKBgaBHett ze}+$1Oa&`^?IK<+GKugk!}$Ocp3AW`%{j<$uUlDK zx$w$Iqd0fD(F~E$k9%Sk4zW#FQtc-=Q&7-uE-lhplPy|xdLG>P30BxOY(d}~48P1RT?O8LYq{ZFf}vvm~vCj;9*ej$BHYLx>g?-0fs2 z+=Rjax=beS&bWZ(L{er*c29z>@+M1WI)(GMCF2tn)54!?m+1!QKWI4l5nv}O#(TbC zH~C22W(4X|wK(!4swT96GZsHHls9X zFOv&I;|X~o7GwmSg7eOG&bZCrp`ptU!qhL0`j`X~QBtk$_kDCVMu)mCX(-&{oz_=h z5XM^b^KF>=U|SiY3t@1gEe@%vD=xoJO?rp+S`#niivw)F z=vT_1NXZ?MUK^E*LHyO;Ayyj3dF9O2z!g{4l z+!}6uYZGA*!W8NTuLVf8VZdtE94)rF(=D563dk;-11YY{2FiYy#rMh;zx?uQkK<>Q z6O}aY^2RS22=#+HVtywCXrZr;xN(sPx3W85fX0_YE6CQvhK($q(aN~EwX7(qsvwq$ zmp73<(D0EVo6sfiRJEsVud-}cB~|Y1C@Vcy-Q-d8dr8yMqG|WBu)aJx{Q6XBN|KsB z!=>L;sxQ-I`%W2gVYCu7lTr$`HHGDi;c-Ic%&$;mF(AtX%Vj|Lp}}?SL+b=uv_Xmu%qHz*XydfQda>WB9^k@F>7IYxBy==y$BNmJNe6 zHgA;0IB{#J%%?XEwJw{ou?>-u3NW;lB68QWG^RF2Cp0I$DQ23PQHkH<_E=wlH`w;F zzbB0WKmW12o=pE-uxe0yW6H~N!Rbm%JL9wG*>sDjbpb`N@{;es@h;+`o;0GJFZ zpRJcXX{AK&JcpAT8Vrj@M`t%XTez&ee^_Hkid_q98cxA1Eq}Jgcx`3A6|vBv!+Mk) zyJ!FA4)Foyg}ar`xb=D?-yiwwM0Lh|^!~JZkm+pG{gUMeK1J8)YnsDuKeUjr@DA`C zT98|o%Pw>W@cJlacgNd9sXmvh{QaXnqW6LpEVc;NG9ZF3wccWfKjMjeGBuOPSIKSFdjj>Lkp|lRJxzI-)lUP`C1r1h) z6HPGFlG(TtUS{t}3k>zkBQ~IM6Q!jW`IT2|u=fi_RgLmKwi;ME00j_<#dPWb8^$gN zLRPqRfxCov?5+KROgIF_ zDkWIw8F3E@9JaP|!!(ukJ%DJt~(#F<+wfy?xTJDhT*| zfy0qINVRk3RGNX&BD}s~8ISUF98zU4_U~jT5W*Z1SwOg}l@tmoFgx)9ft=GHWiEnO zm+R|(e~!1s+OA1O^Z;XP1nzIEABZOD=!Hqa-;citkEN&Gz#<@-x4XZ<;xYw(kJ z@na`*W@8!CM84$^x3IKi)j*iodbR)>7y*O?1_av&a5{BXDnl57L4Ke(e6J+@{teJ* z-tt40P*x0VeU(6H)0+UE2_jXvV6d}AcZPBfS&M(bS%0rB!V$ilqCSfu<@SQ&IE0{4h~%72-=d?KE2~LRuIG=Z zM;A~B299DANh~-MuwTe6L-Am_ARNTKZV*9&p-}YRmqi&=RvDEj`&h?k8qEis5NQXW z@2FMTi4Yr2VFw@bnB)bNb)si60Ung-I=Wizq!}%GpDPhn+^6E|kbXYHCuiIA%DKPF zsgN95r2AUYfEed%rVkb~E`?A{Ew5@|MHSl%8}sw~=Bld`RdG8|{AI1=93tU|x1@2g z5@R5i$b(vg^wkjQeeKMwxFftm!U1Qr@o~I?z zlq!~bY)Io3AjbP+Eakj`4HH(qjhBESme_;c)HB6A+=5__vBU2D)EuN`wY~^+f8*Ty z>GL{W+Q>{&GU=GjsW=Cfuuru21M};f2b>9A4U_zAdCdlWXU7GkERAh&M+}!XyErA%a-)HJshL z)%|plrq5HNE+XDZ;y@I4$Qu_Im)-NFfgfa}QllAjATog9PcjRFZx|we{_ikAzPwP5 zG~$)%8g%ZPO0k=8W@#gsCiiryXvvO>#p`#!EdXehrFbW^XE@dBlSCDfg~A4azmy*+ z=H}EOUQ-B}tkgwHL0gMFVM|k&Msa(O>~?>;2Y&2ggCci+Y@5M50sq^m{PQ0?v`gJR zSS#TLut1CHS`!WMnmt1m#32Ty`*0^7Y?u>9#1coaf>$4hij%MGFS$9w;opWQCs{-K zE&=<0eFp(1CL`pq?4As=%hUb+2QV?m0@QiK5e>8ccxkbQNE_V|5Mvqg8y{_%j%z$?PSCo{RQiX4G; zD^wdJkbO5OB+zT6ZjgbrFhTuT>T;-{EG3p;FZJ5YD#TOi<>2Dl13HO86>po$3w2_Q zGeFJvMx?9>+%Y-+=rbT58eo_;bhHiZ;v1L>Ctv=VP+vD0d_F!rVBxc#`_rXU z9#~Ky@b`1V?xld+`}@G)V9|4=i~^u^{t<{^s2IXY0?CBXe{-P33hb$QkV>Try+Sf9 zJp7BOwX48i$t1GzP_`0U*0rZ6C+6%or6ta*oYkb)_-cO<>6i)JXHQSDw_U2`rjD+>)l^810Qlk5b%XH zBhev{{Qh^CDr6vx7M|Y8U;5xL+5cDje?5GU#Qz@Fg2@0!4E7J}{s_f?LpkKT78wwx zjkkB6@BeuBS4uvxGha-89~1zKKKc)+{~e}H8VKX)8Bpr|KT!S8s4RYejFo=+7=-^F z#xc`J!N|D=_^T@~c=_+h{tKbM$oSrfXu4RTR@fl*4Up&;OZm5g`9CTA)2Io^^hs7c z@qdKkf21N&07$_9yCdeOc#btS^2GmjX8tg2jRd$8H%r8f0$1$+pX2`~0`iY&g8WDb z{J(UyP75O6zd_4S`OgR0|B-Llz-eZO#FzW_zmG*|+Ya^v(YYP0l>2`bg-?jKKEV0G z_7VD9{$!Da{f8 z+=TxHjEl_fdQ*`5=;h@VMD&q8rKP5px}&P(4a_JkHQxie0p!%w{gGH~a8gZ{D@ayr zO_gPbrJL#^K1D@~bs$85zfa5jS?8yJb_)yHUH~|@_x1t&<~nDT3~VflEwgYxC!hF# z*gq=c!>4f-?G+~wCBtpG(bl-LBKY!scn+BAKdQr#2s9!RrurPKEanOREkrrIh})+< znS9=xIS!}GwfQ>|%*_#dI)x*M{}JkKX~gX*+&7E>je%_=8vY@$%!5Qw}|+peexbYh@uM`UkXL;lDu_cpni7c{%5Dc2WssL#O;q$ z;JKr4v&5a`ESdtMYK5CyqU@y6%3bMf-Y>t$1;ScJbF|%0ftG~%<#O!)f4UC+4gl2l zIKRI*E>szTh5Q$Vups4QgFBEd*AkzlR;EE}-t_|18dWdL3S<9n{hb7H8@^>76%|!U zK2q^tyX2oaqKx*riy-8wSJa+RRInoY!!%ZX;{R|%H?bRNwp13$f&QD1K%*i26HmS( z+H=|xEszD9DKSF-83`O3m^qT~M^cLZUmHaIX@Ik~s?21yD7z+70WqQ>FW*}L@QX+O zSitZ3f%3OVl{AAD1jcfF8ll4-cyfac{mCLEQegPPX}ZyCQl%C*_*L0@mCE2^9-LG#z*$fWM8#VMz6vO#cryqNIfnW;BH zc=?JOWp=wrwALadbHFUzs0i!p2Czyn(%;49~EHceoCJD2+N%lD<#^p*S#vE=ARxcl2Fn5~ z97DEG&7gu1j}Kai)2mXMsRD`O-}kMw0TkjZt^4Z%*~D?M`O8k@!%dhO)-fm}965A4K@`ByCfU&c4UiwgGp z0Xt*8x2Ux*;E^eZp~G`^C$>0iu#@I&-O%c;q+%Oh`H}z4ZXbOT^W^8Gld1*W*5qTp zN_8-ztqd$yp{qQGG#*z7Y!vSzJKK<_?_=+RekJ(RRFKe{?Gqd(n=uCFYu+Uj;x9mS z`@p*RzT=zQFZ!yh51t86+mBAGi>vxDLg?pzse<*dzE4jse{LDg_I$u#;yn%ps^%?e zN5v$lVKB~gDYcwyq5=@h-jvVZu=)Y%k1gC z*h$$e7$kOzt0tX5GC!g$(S0WWnSB4?fisqe)f#duaH5ra!k;dTJU>(IGpGzWJ>Uj~ zzkVmPL92Ho2iju3ZQpa?ioMjMWqx0SORoZB%d$lw^~EK1vi!iak*b|=01bGJA7Brc zG6REjN%^izJt-{b!t1Bj=h?p<&oWp(>uA-gMg|VEJ`J&D6UcTD+-NSz7#xSxE|-;= z@X0${_AA(U2C3kg8RXI$%ol#v*}liXiuA48t8ukvr`WBS%>(;qDV2gTGBMS<-WvP6 zs8nh8j3!cD1FspLR|JSvsf%>4#%rGc5>bOdG9dDs14OOViYCXD1@Dh&+S> zPz%ZCN_}@o$+`lEa4H-1GT9qjDZO#s!C=Kn*M}4^XGlstPijF=M3{_Bz-=(M6dNE= z5zG?D$G>UP(ZZESPR8(hDG?6ATO0F=bxZ35R7IG*Y4*`s>SOB%gDZ2^#+{*1zi@*` z-oIa+Oyl0kYa9oZ_O=OqZ>J5ftTA|}?QU95uDv2lR34R`e=>T5S-x%UVX?KwuNK== z-RNH7vACM8aQtf2W#>Yq?R`PN`QZlbraJ$)A!P77dPP&Q{2uE$WW;Fsx;7`k;ub#( zhP-F-Jorm$)9*bJhr8Er?;b6w8H>xHLh42xnv=%Wql((w_)%O8@gk~Yadi0MLlH_n^&1n8`>)Lk#; zAJ~aW3qP0AFvL;pn)Xvh(<}&qSt7SY;TVgv^L23Vu>|l=BVI&CM#~v3gHQ z&PT17?s7hmmL%H3e|5$1$2$#u_^ECC4lC<%>|Ef{iaypP(d0sQJqancOi!n2v|?de zz>d{Em6~R;iAtn%_8I=+qx%W3Ck|cPw0xl$6lf!}GdS4qy$q-TpO8Y`g zjn|ys-D`Vm2d&(Kl1x#}sDyT~|J+M{uwhx@sN5PTzl)tLIcP&Zvn@I4 z_;Al-xIR5mY-a|RCMEA?j4x^*r;-#IEUYZ`LWMibqf%8Ce_3i&v)K17G8BSNQ0jR` zgnY7bfx)Q4kPJ+^;vt%suXO$J@ibTmU^gXDs=Js-oCpR6MLW}nMj>gH>*2dYblpCk zwZC#Yt(91k$YR3hD~nD$)bejo3Oa;xw2=_HJi>KyXr9kOINJ?)d6B4hR_{D<@H%JU zR})t=wAQ!RstDn6XQawN-eXkG8eQLKH%32#3+mi{$qu1MGb{)$Ryku~<|c zcluKU`F=qKok2f9t*!6~jv)#y#*l$Z67fFjd!PE+UPh-X&2f%{9y)H3K|0;lW&x3& zsBz_alKPc?g8JITOd-q55Vc5xHbrdG3v7jvik;H>5LpIhMmbu_WW1&nv29=5#^;nw z)8c7pRoX1(m~WWXp_!#%siUK^r0@MF)RvR@r0LI0%^SQ4F1RJqE*N0G6B7qIT_pEyx?F%+RJE@+~0 zywlzdR6PVtmDZn%`gsoPYvL^@Y*O(4K6I}b?{6QI;#~m z==!KFwGr}SmBtV&Y0PFAh>RyfPykv>VucUt2$4lWkMdx*(PxD8lHoKmTlS|=1B7EZ#=EJ|DGoHJnBArQwKnQ zwIc>S@Rdc55iojQS?)5Sb2?x3?;MIIl(0saKK8$!za>KK863{C5`z2keU}%~dG%M=-QsXhZT+PXc ze7e+MIux0BV~8yp8POXv{pky2p}547>VvPL<$6LurR7PZ1Ljrj0wiBxtQ;Z~>g4A_ zQhS|?TAU}3Yer(2CCVvOly8Bx)xreRYihMu%yilpDPLuTzVmUVdO~c|!jny+fmqSV z;7@Qge7-)T($Fuvs~a10sk<#A0`>PpT&08S?F2$(~G59kCU=M##QnokvJ(Wu7(?Vi3LUJxrDX`$l6olo|oPKkFIx) z?`vEBhnqBMY&(r@JB=FKwr$(CZQE|txUp^9dOqje_WYiEU*Gfh-h1|1vu0+^nwj;U zi#JX)2AP=O=LEiS(i&%4Z;@3)d71ZE@2NbY$ICuA%l&*o0-bQ5XNXayiL?Zzq)ER20P((=cQmZ7vZ)lB<6X@=&lkF zgDAST_Nm`279bramLq^->l4w8i7Bt^rfV#Ok&^}j3Ae&AN+LQ@mO*%as>y)Vv*j2r zsoXtGNq7l0=7tQQU1;k(3XO^JNq8HYnNQU=x;X3t6PKTk3NXC5(Q-WS6Q&YO)NS*R z8DFBk`4;pODP8M_Q;cZN{l}RU++)*Z zTF!^ciT60U>Po%HUYdhQ!)XZmMKY>>(F=E{MTg?$ zh+wf5SN}=_t(v}@zxQ#YXn~$}>6$$)3p2X(v=}NoN|Eu)vI^n&J$f%|=>>pM!-PR8Z% z7L^d{#;7?P0_}zNgGLNtckJlPWjiv5O{+}I7E}CKhgh5+9eg`@`+XjSf6k~H>i+!4 z{=*``e>~ifH0qk`B>;9y05G?jxY7U~k4MT8WZc!`PW0&2^oQZqPo#kwqHv86uDc{3 zp-xH3;#hB+aM`Uv(7T8p{V(=eu;~3otHkNZ4&~j;!Mcp!C{|Gpghw*MTCR2i+)_YQ zRp`<*ID>Z;WS8QCO4dD9d9H}nhpxZWb&#rPZAJ1@Ld4c~*08e7zN6XX8j7#a1Q*ayfy4>ca@~O+|9nx7XkZem>c@!v*&6EuNL*Y4 zV>w?WMJorG!h2YO=RUvHUHMZ?SmB*l=P5(AH-+WN(T zcQbZ!dUIlIllX$&&(Ivr4uea5;NM&}U`>wfd6&aetn@8rGs&b&pm~WQ zq5PXIlydFqZeCPFQeq3tRPc}u&=u*IW9V=5Pi#Q|6V8W8;TsJnP?nm_CHUDH(BIQJ9-e%*VOJcw-A{T2`Mrk!@py=L= zL)Pv?I8qp359$%uLboV1M0Yk7JK{MynkKH6FGtGasHy!M3Sgh>fyfxhGH60i>t!CQkKQo8R^G{FLux0=XCw(SX57M+C)Rt) zZJi?tTWav0CsX%1e=fbCqaElklOz(pZEF`R$QAn&ol+nM>Y`Z%gv79|w*SIsce_7@ za5kEgiULna=A%~VPtlJNS?BSSWC!}d5Xq}LvP(G;5t|$8ByBpr_%c3?VfzBUe;-c zBRY7jnJ<`WlR}ovSD^Y{+wI^-_)B;F1n!d*5k^UNh>EHZ zLlqU+8NUGCrtw{g2}q=R8Fjg*de!Nq(-Xrl zc(V#De0qz3ywd3fEmemr=+UH=kY%!TXKKln7Wtc$!Gm~ML1uy&3d2P&H|Z_pBXe<> z>OM6yvKS?bBFq=TT;0}roIdH{8h!VxEeWl@qwGc`bq3QyNVIWd!Nse;iYaEPH(gEV z9sKV4+226o%>kZ8>hP0Jp_dPsB;cQ~xoNF_NhBPb&w$tWjLF||r$gmJ2#^srt@ z^&xyZ12x4KS06$$UF2|~!Pw-YZ)vPND3)A#UIJw<)d5k|2r<{zh8SCQiredpN+aUL zuSxWIX}EX`L*k#qTz=lxFBq9$R!7b3zI|X^9Zq^EdY=vZ#RmhnDnO76H(}05J+BjP zflc#AZ)bZ=ICXf;U9hc?5?XZo)YUsK`1u+Vj(QE3;-S>pBAGO&&<)U`YqYETk_g-g zV#e#4GB&qb$juVk)|eKe7!>5<6jay4;pT~b^PD91NI>Yz7sGUo{AGQO*amd0ecD8% z!Hyf?RaqZ@&ZeDYM%G^?2rrlOa?v6J?e#9d^M!zz35hQNu}l|$`n!jC4me1wwAvA` zd)$oMCFYL_`XI@y%a}t&uX?JGpJX|>@KEt3t(KnUhfI$PXYiLM1oe9x6V`aEv%fiU z@lTo8=rl|x<r zq!LKUaiw0D!j4&uErZh+LMmepPzEuf-)UGo-oJ9Iq?k;9QH>oP=7gsYh4>l!5)&w- zjl=h<(l{+>Zdwde-cRG~BYCpc`pGx%+;48GX~Bdl(*-0JN-hyI6?C^KlKxkeS@5q~ z3nafabmO{^F){WCkD`#7X~!d`1XUnd#bYE-sdbCb5h?}5uzm$*lpSS9rcHiC*jTFA`=Z(p^h)?KSR!ewjvC!|INo%` z(sjenvDOW}lVKsMq3EbNabgq(H!TPDLhK{da;yX9LwyiHpY>y8()@q64%Uu_X$O2J z+<}4AGEY1q*w-hN&oa*x35NGbVFTqR+)s;(A`Eu)q0KL1VOYi_~)oZcf>!34GZAuTWNC<@w2DLM|3BF#sniu zDYvdoSEBC9{K_`6N-qQxm6bMkD%Z^GA6U0sxN@Bl?)VmhDXWFMEoVQI1)6uJb_&5G z5v9r|N|C+=-*c`Fe8XAd9XqNi!d8i{x*JF&!VhxTlm#i|N+n8wj8XF>_Q) z`n0RE6ex{hRTL19c-QMmMEe4=QQ}7{V2MC;O5s-MBl(7;F?BJ7QuG&w&A|3_zB%|} zoUU+k<3`O_KjhsZ3aoUlCatYHw*CRpZkPUg<^dvNY-`SFNw%zdQ#5tBn$K`alZl2p zod!I^V!{JawH&yaUj+Ht$}bt^xzwFGI_L*AAV~L|kAEeTFBQt5PEVR0kMR1z_;s;( zOpF3TAf-&Jz*o!t`0R%<#j#HVYH`{A+#A(DE_3)P0$m<6M9Z3@-(IlxvIdmuA^>1R z*ob_?3aJZOa+H6?FKfg$ljl+ZXhp4k-Ri85&9TS|gK@v%b*vlH!bp)f)167T12p*2 zNk-a}M`B4P6)gi2ZGhsE`Zr4trEQh+&$L;7bm2d-UfU%^Y(Cz{)w%j;RG@rpBT#_J%bHRt-mqEP%OT1qo<% zQLBOqCnobyNMuo%Yn4NBIO#5f=yH?Ya2=-@?ugV;lUcNHnlzb@9%^9@$RoVR7nqRv ziEx=3;gHNPZ&{Ch6RG2(>WCZ!&U^6kCx!oT@G!oR;}{=AO%_C3~{_RQOSQK_PNA@*-QggKo>Du;MC{0y=6vYPc7#ULDh(sD&gC z)&az%?S=l|4%i z{p}Qj5=!zn=3PKac#{Qu@fopFvVIAA;~tLV%%5V1X<1qvy*uS=rNptmYe zsKVpaWP$Mb2-Vy2I>WH!wrXqw4Qzeh*B;mO%Nu>3#v8$zac*UKcyimG#=Dnw(eBW- zV^OoRr(qT@>`(2Qj4bfs$NsuAlVtjI4oy4^k*AZ%4 z($4U!l^Kx}qxgtRedBEaO`5CFaC~nBQ_loNy#|+Grs5c)v}j%7?Cjm_M%K16lgbP) zIIns!GScwy4K9Cg`A?J4rQUtnBv<-(Qa%>h~MQcYEJaCu3sOv_D>S~V~(H@|kE zL7RWon0M=A9k$k$)~2Cb1WE7G3UMYRb(PS%s(;5abN5~JYGeu&4m#?`XR&}&Kqm9s zf1|$;|3QDzvY&vN?0Vstk9z8l(Y-jBsd=z(#q7B-?3jH++z%Fq`sYN*C&1_SB_>L)?muuVZtpQs9o$p2 zflrL!>;yTk(-p&fi&oKP%sD<72yds587SF45z6i*MPWNu#z)q~aUAnlorqqHirvQ&C>Zf*@qj4~Ai zs(o0Ooxu4%bZK>mIuKIK(zMcWd2vr(&ia2zr2*I7sztlmUfwG3`<9QFL6|3|>D84l zSgL(zgR)~cfH9R*2>X_>FzK`kbB^HGC4JXN*vVlUn{Gzg=g6OhRk&PBYn`8v4e(vv zL5Kp=9d@6HyYEdZtI`d(1?up49xsJlLS@VRx1bNng4}nDt@yLUwJ7x9HyGB;}n>?{LnmtJuFzzC`!bo_l_ ze~mq)mZh_XKykg6fgkO>^Vp0(b;6Yh@Dl~zIyO6v9i|aO~E`8ZAln9 zv?vlirU}~Lty(~(AKt-w1Ns2Ah(L?!v%b0CxNBi>+jtpvI@WQ~n1B^{q-uzbu0WXM z2hT9Ft?#}nbw3+>JLdf9X#8{vgV=%uqzW%8s!^_GdC@%MV&aOMY}PhN6SFo7$J*uI zbyc-tktImxq5^GuRCHs9O#a$x0-*HGSBwCk=W_X4-Mq@T<%Bi{Q*t7i&fxT8Wtt-SKkgHNTVbcq82GNjDhxiTi5B zwOJ~nQq#TkY?D`T089LJ{1!L^{lQu=7`nYOSg-b+^MF>Eyc;h>`o@a;aw0*;l~s&r zvIh+zTBpIut3X~H7aO zfwCx>s??t)3V`pC=s0(aR7>fVGJf()STQk8L5aemOn3CQ%C9m^sTP)ev%rZ-f99!uJ|bh;Yyv|2}EnmvlU; zJE{q&!I_{-oRw>9Y^kZClSpM4h@qnP{K{>t!nv%5*#|(%(0%})jcfjaZJ|}VNERp= zA!Olg%kOaGOFnuSk`)UT0dZ7*B|lMrxY3s6u+YI-mLerU`qjg#tV3%ZfTfYUagRPu zf^bZ3EAl?n5C^oUo}xWxLJjx&eq&V#)&_2|jIM7u^@@nSuCEC}syJPjS-op0A`Jq% z0jJUNbN<>{XoUuD`-=4CD^X5kjL5Ch1E89JDX^OW1I1P~6|E)Bp6ZROS!5 zRePXqn6@CUikEw`=V(WZXB=AXdQJ5RZQQ^DTU%lJ8$^2hH@*sV3W{Z}U#+C+VQB-% zHe-cVD?u7bG+qlVs8w*@;Wie{4ARPIh(_=9tA6Bk>x;1^E&K(1Au&pFX|<9aF4bA~Q6XoU7mGIOB<=+&V0oI9 z;q5_tTCR?RCws!KnRD}C@ZyG^m?b*eq%U`966~5jr{0_F{&#V~tS<02n#sB(eZ`&n zz~)x?%Nigqo@2ip?g;?g=!Ocf*`|4Wu9r16{>~~XSsS;Yc6&8mKP%RPwy$$^2sWOe zHb0U~`_91t_f~|gd!lT|(xgcr$D>ANjPZ7FZ?VQzD)E^t+Y}Qkb(Fo3iz<&?oikc` zEq3Ogy+6ke;`_&B1x{t-{dPDl0WmQs8jVIxk`T&dqRn)JLROCFV9bwYrn(S$-HK)) zp6r~Uc7{{UcB!N(MvsC4O^Q9}x*@F3gCL{1w=IGOb+pTl1FpA!VNQryPwz_&WO)#e zd204$$r03T*LsLFAyyglOi@6jWvU1vw~}XneB7UdQI(xcU_G)@lYt8khLp>a%nMS` z7ZG8|i5I4Heb>(eX_QcgPD4*4TQZwc3X%L7^n4jsnOg_bra3=YBNi5^CeZ-*-0-ZY z$*R*xPh(W4ixlBaV9GZTBDVann%eqdbPoNQF`v-m;znYBqVpij{rn&*weKQ}cVe^B zsobmcrq4Mipf=9*tZZ8B`XCk&%tvaxHa*VO`eptYjP zE343^CJoAEdD-W-rGz=|X*INa3!5*scbtBghu z1g1p3fB?FPgGhN-O{|xVpZII?3V99i5JwlRHa^bDYdeEfI=H%02wXI2v(v%TAB z^2?VfzC*BWj%XeE&V1%j2lf4l)YF?a3|8uub+;i~K5i%6qdmMHp6nxGq6ohG@ba_I z2b>e@VZ^j&({Hi3nM_zuX*r^rQ&b5SmdJopUt#@tkR}#uer+Y55Y<^SW~3-8O5WZ0 zSq%n$23HFL`{>+~RAiz?6N}ZrekYhN(#}bPi55#b3^nNrmm1jFI`lP{wDti8R#TN~ zfa<{YqSJJvO3fj?rMOt~iTw*Y)XBAnW4TErySWnt<|Mk0SZN!luKB8OBxlrdSGw63 zU$q&q^_7$G%bm!`F9)an>yEqu$zMNxR>UXHUfdnhQRD$qbX{6pbrG%?(mZ1`^*<|^ zl~vIsu)->R=d`Z;aS|y8#>R}W0B92;#8>qyhP8Xw)e)Udk9Yim;~h&1&Fp0vAjg(1CpHaR=erci}sow)hJ`;jmA z{*vW}(d}~VyPo`Z3{e3%+v8Y!`%Dg?I}a{+ppf2M@XcSF?RlVQhO<8mx_zfTu!pTq z`q>>VPUKggPrKj*JFXJhy7!rGv1`xUqW zBLS; zGoapxi_0*Ut6=DKS6R>>j|e`jze*56Lk$%IdV0Pe>&UhgF2|fy3NzJw%ZsL# zNECq2WWpea#uEEZC}R%@kfeOyrK zav{-bG}t~0rv6cmgZFk}%Y;)VQg32ripbb-u9{YXOhM&^SkTmI_t;=|<&c52QR*%t ztoy65-sR&Mgo}~3@Z;56vem9iX7dXapsU0-8s6XzEqmX0k$0SE?}KKSL-(7@NQmao zmP3~-BO5(Mo?H}+q|$4lL-gM{0Mgcm?X=I4459uZ?ED=#`_j3VVv1Qvw4a&g)Axk0Lep?#Nl`jT)kaUn;&? z79y@QjWi8edNrmZfj#VFzN9I+BiNcgkx5hrhRm=fD=8$RjN;8Y$EQd(+JJGkK` zZfB}+ZnINW%kfQVXj5tlA8}ir9C1DG+^&V+y_{zM7|eCJaMO^|uJBq&Kao))3a**e zmnc;#&|3FzBN1_^EA}=%j`dUzm(&W#JOR_~dh}O_3T|QztqV;)$(vvzy9gbMCr&My zX)vfLr;-P@hv%OFh3+3#@hJAW?pO7?K0WIst$MWP4VGLWsLgR`XFPI!y<$xySl#V{ z_B;%BIRhw6Fz50fYO^T3;K~K(svEstFs!k+-%k6j~YCK8DqzzC(mA zsyl>iJQ-Sn*?+fM!tVi|zUXRjal1Hju+?k2?BKeRG0(hJ5%2CF8X{z6 zRUTGvUr_fHXqR?}UI44&GjWzg(IkEt^==H4Dzaysl_Ka`uRAO_s!7|Ot$eKhaB?_- zjK-j`7F3AnTBbTXH0`#lNpP|$xVCkXfZMS&H6q7Ct_mF?V-FCZUb2Cv7t1R^p+rEc z)oWC&FN9s`|Ma{}Ouz%PC+RLLt25^?H&H1g+eW)axK79a*hDpnCmFidgBeefSO`xeYvqlt%DnZ;VUyEoVj-D&iwX|=9`~r z@L$GxRr_6@r~66rUw>I8?3V2ajIgtekG1#$ziIHPU(G9dytKV1 z0sz}y8s#LU(aoq>Z+W<0>KAHm3YX|w9or)YQ$m+_g0?5<>F*&s^0@|8pWB#8JYv$6 z9T4XeK0xZ_+)5}TTj5-JpNO44x*0rPD3@*5BieaAud}=Ryg8r}uKT{J2Rc0$QNiBoh?_>2v&Wz#(`w zLhZXh(I5b$&lP+zXo@aLieA38ModZhXX?u0UpVa0 zu?sZeSlrP0!UO9q*KFPF)9TG+D;Tm(P%S8Z1l3#HjW#L5{aPy(7Gfuy4CGu>DyL@CKwNRz43rA&zToJlIJ6G|xNoTjUUjq8i=e^}U zdS`ncp?(-g!FS&g(%H3K|16VMeX)~Cwt3!Y8r}YoUjt`My+WBv%!2ycl*??ofp)!d==eiH9^e?CFya3BL*ywUT1a5%He8NXX&hIifz)9=Cgvdtw58*!Gq#_XuG z`dMpFk^r9PyJuc@0@Hf2oU=ELn$*ux9C|IazTwbEslVIC{?*w2Z%gI_%&NwRNqLUf zUm!9~Cn!f31qBLBOvm?3@Fgt#3EIHdTzPI76!ZQA^t<@O1Rw`n$Xg{hozl&b<;y1I zPx%)eKf+(>wYq-t0KmlGw0j~EW7_lDx*iI-Vq;@f>WyH|+fJ%*;T{^_r}Tv-=Z?j|Aa3U|FFEJeSE2+zob|WWnX!okBfX6O z^ghLv4h$hLl7m2)Zqo^)0s$(@-)Bm_@PrTa-)aRJATHyWH5K8-#JX`jnN- zdqvoc?KpqN{e{HH_*W0!znEav;)8u^=LzT3 zt8s$9d^7q|z%jBndMzl{OM`F&X9yI9fHvYBYzRf~Yhqx%7(VBU@od-FoZr}rG5&?0 zP27m5%n7$AFG2QM|M9P%0k}#4k6;TxqlXb2P9^^{zc*DM$AoteXLn~yi@X_5+9KRb z;M(un3SmX0NnW&z`fbgt&co@XyLiv8bB&;jeX=>}<{o+o;c$O~2vy`1!zb&NIb z#12n7r`iH-0p#`h%l+HI+=C)M0V>3>o(J32_P4(mpH&N=f&%hjGP@Z~ux!(<9NC<5 zn6+z{3h2)id{J#+dRo0;2cH`5pw8MHXe=)!%j#_~7J;GrVNPEr%YP5x778dHy;>f! zKaiqE{U6ypL<8;%g6Y$t=kj3!zXrhLN2R2oXIF`r@!9A8qY|Ac zmyNJr=R^zILKQ?}k16Cb14nyMb;4VGJwIIU{^B7SpRdy$@V0a!n-gp30 z&;U;OqG(q*TgPtqvCigqUM84KjR)RRV$rZ0x`d&_5dT zoX9640><_eB$6QFD-PK>ovP zAjnm4pd-~CK+V?aXCm!3hv9b`?$Z7LNZj8d{T08lBUx=zL`Z09qp+%Eq1{o7t}5L1 zixPlNj~fH)pF#YY&TlTDL)z4R5kR#n_-E<={P1tJ=F*pZnx~`fM9S zwfg#TP{fpQa{jEb?ET2LV(D zqt1r#k81tb*gt^+Qv%GL4tFZnzdVNqOpeiDOZZ=S1EPdaRkH+yMymzwkTe$kFJoYp zz$YOg!9OqxZ}FjHK>8P2E@(RV6YX#hf7|Z=EI7OBgX&R1hoO=Ur~0i{!Hh8-n-=Y@nyq{ zNeTED^6vmaJE+Ew{$srVXA(Ye0RBGt^b`FXd1U~3Z%|jRe~}aqc);?35s~~q3;AD! ze7gT4Px*7_kFEP-V}1`~(;uKFJoxkw|3dy1Am{J6hO^#6R#2ZRT37jA$;MgMnE z{*bQ*kmrVQa?USrFBV+=|5352hjegubft0|tzu4Lv1BolP7g{{x5S-!YRqp3H8+y( zJ6)=$w{(KA$O_+CF$K=dwl+4T__M?w@ZdLJ$6+L<1Cs`McTSlnLv7++9uAE+uqO{(TwI6k9W@;9ug^3OVuy+&PSjW z!moPR;$jEu`Xkiv4!#pc9XaKk1$v{oc0`W~J4gLklQhDK$hHXL=g*xgY1k)^Jsi9i{>{ynbzt2s^juEk&smQNw(wJ)nkzz-2cmwbuWH~kfCkiwAzFob&vA}{Z<(dMwM14 zQ;*qq@uHpwo}^Ct~AipL}f`M=w{0?dt#0O+!Lvi?r~ON|Y|O5?^a zEQB!9Xq@m?j8L+2>!9JdV3CWd<{+p6f_jNRtGK!foQo5Jgu@>{T_0m$vKo1xCYHd= z>BRGRh+QBJZBatSLXNePRtGaV5&6$IT)>G?T7$C!1L$bm%-QK84c!S$uuFw=+jH7g z!3+O5_9ajOE(;3Q9-3|Q*2>jSoSg~H_O^I`w1c&o56A0PY-ijPg6ho&;gX3hyxX1) z8l6vz>_4yI2Y`MVv)^hOtR&l@Nt+ak=s_Aq{mOqUb;Mzhtp09^WOj`CsUG4?uZcnh zvesIl$y4sjQ%Xn(O@yd=M4;(aP;=eMm~Dq_JBD?KDjYeKD?O=N43lYwc=9}r!PD9qf)4TQy*> zMwQ*=!7f*n`iEWEmfb<@asdt#P>-wUpC`` z`u0kM0rqg&YKU#}p@!zXQmu{znBy>Vr#5x`^WArtltvAEO*6X&R@R)3?;T@G7Os|o z+~}oCmfCY#_0>{1L(O_yz@}8(`Gsp%`0TSviTTxxi_ zaggu5xC@PZfAZ_P9Uo{n|qh%wJj1Gy+u@}aG>pG`sLE}^o*q@J1Es_jJsibwf&QbuG{D++Ppj6vL2z=Ufgjmxi9e^l zZ1pRqOOU)YrpJ>|NLw`ym57uJ8s8@$``eH}U1w`YhJ`hfjg2BtB50!4^3IqEY4HPf z<#DNS`6m~j_}e6nc~n%D^eoQ>{*-VS1x<>OP_e&}iJ=#E_Dj+vw&HIQ3fWIFG1JqZB&HC{&e@?|HrMb)g zLZy0-<$$8lE&AybW{0RCzrsi@Vwb+L|XFCiGZl z!;_Z^L5D0~iQ3vZgoIQ>V_bueta`ht78IZvvxe@csfa^@6POG>cCahPv~n68#68_W z!|Ly(J=L9Fp?0T3-fLaFMuiQCOD0=qrt9fN6dutMhAYqIYAXuRA*!6KENQdIl}7yq zDa*99{D=xE`B|ebTri-NhK=7d`FJ z>=HH%N@Gwf*01FYNK4M*+BnrO)2EGPXqv6eRRRy3R;ksz?pE`DQmL`OdF(yVNtLCr zB}XN_xeT{yn9eOIyi-_gPd?UdO+A6H0Va&j8{OCxX^2ZOtbf~l?N4P`P%iW{e5 z()vdnmE&XFc~id2Q!3XihxA-c8F-|8v#%mMp`_LCliDKsZNq%-7$EjcWwo+k<*L;mOSi{X1+1@QpS=u)B{DTnzTy z5awl)6~)V+f5nwxy?AL>8Tmn5EI0F`1;jfA2}SpHOlJ~27QedW>(03?7L?>94_Ii1 zTjrJLvVfBkN8=<1WzV6SMREBurhN+QAarpAdV)T77yQPOmUgc*(Ba?-FC~VE8Z4re zKp-y}6`oy=hR0$>ah)J+dseb^Q$d6%PuV??x{lhtgFio4rcH2ioT-uvNYE_>4iM`KouOW(C~B$6 zUb*GJ`d<9;i*99gdcJHkh|O=s+VV7cG4`CjUIuWGq>)4Da~q(zTc@dAS$ksP9X%I0 zY_A5RC9WcoMk>wUQQCe_FMogf<@TK6<=hOTzBiPpC#`if6S7b&!$UkaHlt9IX8R~` z5!;fL!SllBDWUl=57f+;Z>LxFTfwag_#7DKE9L`&)XFdYl4-JngwEX1(wQVf7?eMH zMg>31T~;epeh#^}XpeR|5i}W$&XQu}s%)UQSY?vDEJGPD*6`}~S3$c}A*<%xj!i9| z*QCi%KH-Fq-ecG|CKF**o_7Z)YSeuwzdrQJJKI8vzSp(jwce8nv%yhvQ-+Oqq@SJ@ zPNLaE+Ni`sE?H9$az0rbTEm-e!!CGPtTQfGi)KF9I&zRK=d=`?YIL{t#SAmA;++>z z);sIf_;Z@;`L5#wU|;Pcf^;qgVG(XqqxR8P-;Nh2!8WFr87XORp%;Fh{=>I2FZ}~R zxw|t;NbwEE`ZKhk2MRgr-6PZiZ8_fRyqgmyw`iq7elE1U{lcbBcr!24s?-md-|p85 z0Ud=W1|)O0ujJmO-UUWup^|jq;p^sP+ZOu1#1(u;3}aYU0J|CVXUSmcVfWRIag3Ig zlS3HYkWf2biFL$|HXo0m^=`N+g|`kFA!1%?hWIFzgvg zM!;^5*VNhF5@WMN-Q}Y&;MUIGEb`;%1wi{1CBp?Sz{K1+ud*G@d>9?y^R-An&>td^ znMcF3f2fbkO8#X2;}3B`v;+il5uX^Z08C^bl42)+zhxg2R@zmr3w-MCJgedu*N0T6 znkj2^FL|p z*}gNB9VR&M?~j|v=^dXylgtuEU0D|NLKPzfl2d$tfGSC3dcbY(c6A?{w*HRnv;YB5 z{nXO*O}izYnCCkqQ@g^vSE9Ye456bk*(O@u%4P0I;{o0w4gIO@zaw&e+A94u@XbLH z$XM@Yw|_mEpF36sN=}o{8TJ7#(~{cdfc9du-xllr07-%2BF1)Tb>5&JxOcOj`Kp)cTyFyEa_ z1llUO%zxr)<=x>?fJ%&|OaRk3|E-A$;K3$Zho|Ms22jh*VxR2Uh6!n%4PDlj+(aFh zx(pWYDg9x0fRC(Z%|;)Q6z0W4VDNx9juQQCxV}py$?ls8Vbh1+*KOv+>ncVt*)~Ct z!i;cs%eYZCJB05OX(SYfQB0D0mxqx^P5QcFO^sS;uvS!aTnJMAo%)*Qy#9OgiyP@! zOeiF4xDRkzxK(|u#VTVfHCRQ=v?2VdbC9fQC$dUJTH6UpW587E*W5(?us^HQIXRmD zR`H%lq!7v8$?QoV$HbfFx>iJUCkY|b`4-$!WK=-Ef!2a5H+3wdq-)1lo~G`P&=h2` zh)gpZzS+y%FY4~~d83EN#&K&55#pmlRjsIV6QpU0;zqf`4J7F|m!2W5c9<~CfUat@w(?Ng zd|~1Xi8YsGFKl1M7~(OE#y23XNFA+OTxwCS2!magVIEJ3U`9HCHoUIcoZj0Y4I9mz z!N_ll+U#~il+TZ;RnpdPB5bpu`ni9b><`ev(BbgwjS`VU#tHfEW0A)R*5;+5-RUM| zJ8pT_sy3_RD|?j|5b>m7-=U>ObZS`zCOjarZ1B&NBIfCL8gV9*Tz()SI zCzri0)pcTw4ngk1wZnRBFbcg0h$#ApZ>=y8E5!S2Iu z&BT{`m-Hj$PiA*z{cG7<-m~b%Z!-0&Gm~@rMrc!Rwp>B5W8Ju1Wj4PZp`2#mSMsyU z6cSIs^*0OGcP=}nVNKFyS#3&XGG+**%97_~!?fa#G|#;F)9Hn#&DRQSL&ztmsk92Q z4h=L@wI@T>bKi<{^XyW_Fk;kAzB{hI;=!sX&}VzWRY8MlGLic_*v0krU}f(v$h(P8 z`3_abdDt0f^>!%knDA`BK=r(SGf%)*g-W9ylbJC*qdU7&<^6{e_A;G(KuibK0+TL> zwd4r1s!6*sfnAJ|w2pGMvSv=ctv|rqp6EZ`9-`mNvbD){=_1}QLFbw0)+yF{VpACi zfW1?UDv`OH=iN$8ppp$f8q96OBu-sQJ5vgVv|vw=zjGsI+iL-Nf$y4H51R>$j`GeS zx}RW{j5GkqiB9Nfycc~|VUwLH6c|qY!RG+8|`;VF4ea3G9yS(R+f3A_;nG_5zqx2;aCK{H$KlIk~)CV}&(uf%el zNCFu;JOGU(Q}f!hX~l1bjs@swk9Zd(P}5u%&U)QtoHCDr@o?Yc-5QN3o2)5?-QwKg zVe^pAIl($Xx3HI1Zw@t>yMtJ5BqDf&sva)Y$4?vVyWP9f23t`N?OHN>hG2ThgL^Al ztoDw+oj?@Qf{<)*E>i~{z^t|8g|6bfSdYugPlDOP{W-k>A<{*hfRJ6hXG;$8Q;n57 zXcUV&R4uAe09$o-pZcGm=B+*{Fyz-j7A|$cHBn|#yE)`>FYc8HhgRWOmuqsmX{Yhw zA_Uoz-_#VcKr&XAV|&*$uXpeosuf=aK8cC zM5J*}dtAulw#qAfs<`G6c^67Sgmug4lxH=l|Eqgu{;??OaNn$LRb?ZvHf(;~T?e(x z-s4R6z%G=i*0Dd1_tYIni{p3eF7?_JI#mZDOUHR^bEkZ2P9R%uZ94fs=Op+~zOGl_`udcaszsrhRj|_)gfXrCWuowTKzpa)^()9a z;nV_ zl#fHf$KRDYx55rx%diP>Z~C7bx8?L5=(qczP!T zq)Bql&32S5*4^Qol2HFC-8`)?c(N-?3mZ4#qKTT?otoD3AD{PYf;FvT&L>8l-+MZa zx>p-Z)ASo;#GQ6_{xRS38Os?PCBNpeIfK0g1*-{HP`&sdBg%TCf@g_^SdU4)?MVGO}?04;{>W+I`n`}Je88u9y!*)#YY1W^_Q+`XUa+Tsw@RQdn;Hs&VF@=X$yC8!6)F8Fr!=p^ZcP_ zGvjoac9t-XvZ-XviGY8+_(!6is!|?$4AQWyn6iocxpkjwf;WrY=X{BuW3>I-Pe&m$ zr9*mQF3akw`zaZ@rA^q9TE|sI{SwHi)WXk#o?w251y3rOs{RD75{dI1R9ULQ{m_*E zUvuXk4b|Gm@dlk#E;ED*Gn^VkqoG4C9b`4+nrVt*jHC2&a*0fnTM@#@gd&YwlE`ID zBlk2^WQ0Lm)@-iQ z#vp8A%WEH#*jP1gPdEnZ=>^XX>U5ZPntowA^ zDz*+_c6i#R@OwB8pU5X0)%zD*=fAn<8UagU*W~NPeOR_HX10<Pz)@M35K_OLFfkFgF{cau7Ds3+wSo4<7a1u{tpW_xk-d18Rt| zSGk9j4obfbP9*d-ShT)#MblunqXavh-LX+mYH7R5DjI>XwSN-<~j^4=+qVMkN!mPE}a)Sf;p7xSC9C z%t*JF*O~VtvjNmxkPyMjp3=BBvVUNUq0e^}9}q1RWP};IVnOfgM5m6Lb$ZkXn{+Sg zWczUi>D*}iOhq2;zBp0ug!{;#7WiIE&~Q%)qb0vq3bpyYJD#De)m^!x{E{joSe>01 zEY()>;-Wj@0zyK~owzG=CU4e`ZcE+lm*`RGFsL3>55%VL#4iV|Y z9&M9otk7E3o6v-T!_r3c`GU{$^Vs}~0dEVUvrh4q#Ouw;gGZuvHnN9bUE8iq9byw0 z>JCKEQb=VEr(1}oxFqQ27eCj8Hp}^>7_jY5=>PQuqM=zFIK-`jOQdky<@OpGG6#th zovidt`42_|Z6CF&y6p9yj5_0m^V@XcKonXk1+GBwA4;-boV6)7rI}|hS9BbX$JQ+= zG!G$QG_BpskPidU7_KKGF3|X?IH@ubv?$Tp@?EZ<+Y=xgWGC53f1`$Scc{5roUy|y zxIF;wca-ce`YP18xhhW#0_>KQU~t$I z%C6UCmg;3y`{=ixe&X>|gYL<@_Z*)4EbDSqB`)Ars4A|pw(sLNb63noMX7bqGU+i? z)R5*?S$(#xM`E42Op}D*Xf?^gQK0{Us(GLQ^<|Oz)+e@-F0wd7iqD#|dvkp!W055p zU7#7gHEA09g)d?al61O#6<;qc7vq@JuvEl07j&W93yhAn@0@J+nDe_`^za5elyeqK zOiibRU)501KNA9r{HkOysYvhl?LjsDHcSXggKbbSr>*nCq z?+2&}-aNRI3K5*r@CSYrBT{lYEo|&yhg{LkOs5)o!<2`Evb}k8>8md0j!4|HwtSxQ zz+2~AUr{xZvzc}h3(Nk*EvQXf(_0&BSbX`raCjmg({ zj{Se#y`yA|J9oUk61y#{I-m`7Qa!lvV*C_7+YeafKkH9P@UCSr1YJiz)FiR@@fOAL zPcSu_6K9^V&*;^wkIsuIJAO2hVlj|dgYEp+R2FP@RW^_Uy_>BXA3(WIOf&;4@Pb45 z;sa1voWtDoW^cS1*)XhNT1opdKP|0gt1O4pL{t^3^6q7?-(9Hp&Mk{dk;#U zZW{O0Sv-$SuIoA{{H+5I)?*$*6Si;@$nlZSPMS{<8;TArH6sb%3W7(HfDKBM{%pB# zR5N-sgP=uc#Z9E)t5}q4m5y~vB|wz|K0FqP2V-KhuS`_cOe zkaNGi>Uy`;6J<}HpxIX_4JHxSmtV!GNo#DNP(x~%0l(;vIjjmptH$I?S#l{Ez=Zfc zEM5~Eg+Z$wKBvi5{iR$lNom*Hfd`k$S)~pq{Dt9yn@(l22}dkmR-c6qk&8BGjWnO? zrnGyK$uhOBMhR@kXjhp}^zu-MQth8oqnfKFeP3tIKm6*1Ox3Q$1?eMkK&Sz)4~{816r@;TOu*sr&Gl`)=G=n|Apxju$<% zH1}56{lnO-q_eptfbw+JD(qgHA}})r@{tA`a&_CjcE9rg0z<)QHVVEr#K2<$;Z2WZ zw%M%B`iLt7goZiSjs6pcVhIaeUif)J$f>o5D0c@~o_E{zVX#h@v##l?D)2+71IS1U zg>o?~6TuOA(qj9=-qrhh7=WV;CQW|E!bD#D8Y$SqbM0|715Julf5z{Aof5ET&7K0X mYWUtd-2WQr_61w2`-cLEy7L)F!9!@y7rO1FOiY8==gE zKEuSpYP^%P{`R8`_NTTEdX=|>5H_rX2JM2J3p8){ncIGw)0)>f$2E`BnbSzx!*~-! z6r=*Fcz^+<__h(C$DPlZ>8B0r3cwoz*}4-hiCN`6Bp)j)kTk{XRpb2p{aUbP@>uWV z{r%fFTl0uuScrE&tfAC;zkq(ftM2~}r2_|1^rg3=<|Bx)hX_Ceh=xLM=j)NM<7Mwb zuzNO`qkKP#3BfvzmC>t@7z;sKOy;Qikp>|Ir0QD*n>n^k&Z|&K6FQ<#?*2|^rndGM z3vY0hPPf(;#S5LGFU7~$WQxruO~Ziutq_>v(UZ4pyJxHX{2%*v2jro>SdRf@vU&8z zj0O(g{tpOUWY?p56OR+j$|pEn6SUDrE4($ynvgMV#a%wvX@l1~;#>NR@As0)uTV3M zHjfx3Dnzm=Ju;HJ16sG@#6!|Yz!mnb$#eF(VsWr|CvxI0ykSXXLo}#RV`nEepIm8o zZliB9K0Zoz@CNEz!EtoUPV?Ahd!lBx0~Owp7l)5sUTI#0#QjEM=A~$YDbB|5k}0X| zr5{F4JQ)-891Lj7jc7bL6Y2eCLK@v{Tym3}~2LWC47wWLT)ChuV;j!1dCq`YZsKg+5ft{8M|TK_~(l z)_d-I!uKRDBhbVOqc=d`8%homUl1M_iY1SkX9Ib~hvNdCj1;QZH{KhzkrV~cgwK@p?wf?7e_AlV+VbfLr_Hh26C93m^3+nvPU`cI}_@eXe;QFBP?fABoYU#gZvgu{rOiG{@2qY`dPYJ;L(R8O#IM-EE8jvT9zd=q7cLE znJI$Fz60AEbbF*nj7Mx&Tt1)IKr+2q#*es^$k3R665VB8@3g-#)g>8@8jKQ+Qtk0! zhvw^|RNZ|SFsEh5Yr$3vTaC2ncGP~VB43aoL@o4X>1x^#ww6+dtAJ=gb9(1QJReEW z=g}*<$#$vaOyW+M5joM5xOIHFfAR9$==UdITA|1d5dc{g!lM7FKgi#)Te_P{=LeM- zD`_*3Jb0*Ax|dm({F3>S?6N#AF0MW1g&uL-Cq?jxWmM4dVBb9Wi8s2Sbwv zO2a#Yal>hGO`opi6G%%Ljz5jWt&*ydxv4q|I?6}9H~NJ0KJlY6tulj?w51d=WhKKo z-9*Afq5zfGS5JT6oC7)DPqf2^!(_t-!$nX^U4lN@QDt&@)>7GGI>KKyr$m{)FiHLt zzAW1UVtxKq$XrxBdpe6b+cG=x<>-t3hlpvVe9?T*e6-=vxYc;B;ecW3VW&8O(n-bE zZ}N(cCAB5I@}EobOX5VVJWXU zu(`5X&?EEl^KBx&B8pSEe)uZ>K5IYQr<95m-m%q`eYVV*cP93#)a7B0A?(@t1-peG z=1S&{rc$QaCnILZXDp{Z^FXsUlM=Iwt&LK8xfr47oJlIMQy zKAyF&*e^;iOwb0VBsNlz%Si zBMXI3xJr0Ua7j2#uqq2H|E`3k)KES&$3I6CgR+N8O>9)0NZGo_G8A(9rm&o!Y&W4SgyCuBW_}@iEaXSQ+ExycYl$Gx$F@GUH zTaqS$AEgFa4QCEZ20;r;ljN1Zn_Sne*H64h+(zFhPHOh5sJRGjN^|PN6o@HQZ*E{E z_*?jHUwz-^R?e2`_QymQhUFS_`=-+?-(4qV+_FJc8;ks-;n{d2<)Jd&3U0i}kjRM2 z$hU4}ojFEIOk9L`1Wa1lIn6nwdLB0px3uloU(2 zs^}D|WTqo>f`K`fKeK=HTv`{H8GhayVEbw&V>o1RS<_q-UejPGFmgHcU_$3gXJ)a_ zUG9)Nhf-NsS-A#bA-*u#^wmi3wSP)|eT6(VI8~ngCB-OOIp*Hd?q=`K{q}j~Ir`ka z!;C759*B)>ZnGwT%lGKEcF(6)-f*`3SRSR}+%}j~RC^%FRQmf7EkPjeg|Us!Ms32e zaV4orOKd(pr8nUq9#QnEoJ3OrH(d8OCU!WiH2wGebW5TdeNHxqmQNv zQ#RJ>?#~Ysmjdg2=+-&cc|Ak@3a*9Jsh`FI=;S0FM?`2E9E#}b%g<}y4#yq$@AkAt zy|~;(kEQxl`f8RZ&?j~?Q~5LPJgY&Imsi5m0ny{%($VPq)muGG4)ZfcAQLM!FPm(C zhORlhmW=#jnNO=oZ$GncyA50oPq17*+tae}vN-#BY|>=nRZ~9yv!TsOV!g?;;T5T& z)l#ErtkGjz<|4hlCE5udJ^>9Gr5b+VEPu_-L*V*#)^8;!DJURPpCq1N$xZz_b;?Q_ z2XJL9&{q6cFeW@1T5VXG7dYp!w?*7bw`Z62T9Z5|R>2CXb_Ll4M zx~7;-%UWx=9pA&^4g2DB(|+lu*87wGcmx!cepg5cL@O6E1Q#~M7Y2x41G}1=vaF^D zuY^vottJ;YB}a(aW@z9dq_-A51QrVmp!;et1uy9R3Z%IOoyuDr)zp$HJvKrzH4{l; z;d%+Qw;B9KskN)C>D$fCJV^ZKJ;Z@{X6mNVJLACLMg1xd-?ixM$6?=cydX?4(NZ+Z zky5~@7RE&JyZv`*DQ-P03wj-WD_sM6XA5gE(1n2Db>;?tv@o#OA$7Jex3uGS=6nCY z8r_N%}{-I=WU4_I&T(|IyJue}9hCz}e*Ao-FPDQVXmg!yj)LnCKZ9{$FDDCWikX zu|MAYDfU0T{_KwTkH)y=Oq>nORYXiI3@q)yL*r-T$?yM4vNJRN zSMon^{v-LvNVsKfO$@+B`ok3bV444`?63N~41d_^KX&_bQvO#8o)vyXUWR{Wm>*Ha zzBV2LLJ&eiL`cyY@+2MJUGejL|HN4V=%CFhKja+gAb@ub#zIUCS=Bh5r}MDfdo9~dBqtvq zIFCDMW=BIHME(85nL>@rYw##Vz=(VQ{d5AejJJIRp(y@-#2|c<$g?8K-v1>B7P3L% z4lXsv(jsb8!HcQWt9$ru7|4aLP@KVuG5lq(piigb>xDkkH+*sP@`NpFWer}FPg`qk zn$yZ}WLq{yMtfn=z1XWC^j4v4&X+Od1kF#Cwxrh?wyc9$igWbKURbo7$Un+pM4W## z87T;%X)582m+WtT*b0`6@i#Pr$*U8XPLRg3GHiZHK6jGZeZ)|!X<|s9Pydwh!b73A zEfCbu)o^o=oK<*wu$Z`lfk6t1LF$9?9;numA3T!}WmM{ndWLOeYanst+|Nk%w^ zr>c~iPJz8j7PQ~jRn5z>sbO#yGa=VCD+iocp$xIFg7!Buyjw|gVkTNO+Jb&5j#|*@ zS8P_op&!vIe0s)u9~F~B2L()q{cGA`Fs;wmNafE(Sa^yxNNmnmkQ%?<7gi$-U?=* z$%rG0dAx@i6JQL(QzvcC0`Gntx1B@Ub?OZwZBlQ9bg#l)tM@t!ySeuyYH`PC~(pg8D=cITF;af^Zxa;z(Yk&{(2_cg*5Ku&E{Jf5w!{KHDMq}cf$qg zM?$9pbYo+`{owgKyGMep-y50hR2?hHP1JMI&M2@XNtYpKq1mD$0~}m^aha3Ni8{Uy z3(BZLk{GIKA2OhMV14J>jABpTUOZ}KbW_&~Jl5MoDi7{?C3rViP96h(e%Smt)CAwH z5qtPgC~=30kvXB;b>*iRGFqh!v0%Um&QiS1P?4OkB5ze6@3lP&FRsX_8^YHdRlH2d z&ZrJ4(7@y6VXVFXqIKEw0~lG)w@hvl>ZN!-gt3{mzO&4mTeXiW+H=R2CcXH0B-A+sTvqp)6o$?Q ztS6tsXU=|(4cicT1>CycPRtX_vQcp7YLoavwmL*G`mc`;f=(n0eb`ln%2YFuZ)X4|xkUdsJlm8;xFTuJQc7xV+3#Q=a)g zfd%^>K@QH^thQwOeRwa)`nQ<6>kzjIL#!4%s5=|$$L{BG6;mDCP40iT0vAk9*0exM zhfIWhvN+S_qHH=`{}|<b}&m$yyBs9eBS^$#2n{$2VEmlc_VY^%Jxc$69ma zb=1GdV`_J2P~C!2%e~pP&Q=M+8>Br9As3xdPlmDCm((!Y^j_#dZC}9a@3U^59#nS# zFfhM+*36iW!4PN<&?|i7QRpc#2ow7mcK1AXx774uH_<6>Xfs<*mo*LP^3bXuR04J0 z85S9q6izu0 z11CZI5&ni6?rM-|luNY+p%#@#XCUS;u+GV`mCPBUl{}I>31zH0dSMMX61jzRF|5fr ze}$VJ(G9r?*_8{0eGj^jC7yTN2_Zk2txSIqrrm$LOIcDvB;x_VOxaAP9lZz{vz=BJ z8*;&Q^<^~B zo)}bIS-)6a(1Aw(TPdbx#c=<3`&8gaKJ-z}rkD3&{qND8{ikoW2s`mwo}S+(LX-D5 zG%aMETk9j; z0KE19k5tW~mbsLupAv-GUa0Mi{K6E;D1YhtE(*exF9q(Dx?LC#|4{D$!AjILq7R5} z3=Kc!g9-!7Ry)$YV7ONMvR4j()p!$^%EV#u7bUBga^?u8d=V!Jy&K$A=0G zi9(?i4JG~sMbRGx{~wLz&>_ktfA~uUu(ye%Kzvq%305js|Efx~{@qlm^1V!$wTHjz zjOZ;zlazdWU8Q`JuXd`*KP#+Hj8r!V#n)i(o@5v;6D1)DS2=?2V6q@U<@L3*(2kbo z09j2b6hkzd@^H_T+*5jchZ)(~g|g^p=~ z+SbIAE>o=dvo-C+$*+O!Y_Tp@C4%*HUE9;$NNa$k!EwaNRHju+eI&2-)348C^@7J* zuAWXVSFfoCJp~rF%YGA*kt63ZEyTwRDk>^hS8uE2bdhH2S6S;m{_)XW~(4zVN)A%-HIOKKfq?FZqApBhmcK)wOInv$ecy zi*PkMa;3Un0neb;<65^{Q%QL=xUzWu!r3u!$ZYz19v9PBLNA#O-S2q%rTV&m&*!L+7b}!Dx4zDaFM5$)uwemhwcJ^T;`C}v zXR4EVod?(qc`hny1E{YuTuwC>TOERKrkWcBvYXKD3aJVS&OAix&sWGJ*WLWm9IrwQ z)qbA(1$uo{@X9o+F4L@w;dPuqnU;c*%I z@~*yFfN6cJ3nVnjZ8!(16w#vxA%N|xz{rjlwKcoND*c3jW1&e)LR=i_=`w5L@88bJ zZ0AbNTGXKMG{?MAF1wqoydF)|ayR%!d}h>YdeMvG zxruI4zRV~!0-4H9EnnH5mv{*9ky10$tSn(%ZT2YSz1(7a@Eo?X-Hyi@%x{}uHh_Br zak?G;V2g=P-c`F!D%M8gt9gJAGl6$_7B=hq%ZM7^GJ7l*YB$75}lqTZ^J#uF0Zybe;~t+34x zhuN+kmKnb2Ve!7v^3c{|AKtj$TIL(+4~o#8KaNZ&pDUEDT=&vcTMW?G(DOP1{fQJ0 zP8F>P%>7*#)*g++lIafwZqja?d8_q|98h~glSTD;en67Uzb#Vgdvy{ zd!pIV(n?gBVs{XAESlQ0>e#Gne$FAjD@1r%tjbFdu_kYIWWrAoX|FP%ng8PI8kiio zkGMu3%nlehK6|K4Tiw-fl4#Qaat&~pkkTkua+q9N<^K3WvvBbgf)g~XlJa`#W;M%b z&L+f(4acCSffZ=kpjI%UqP@3C!fOM#SM?*M&E4EDByQ{*pXS9c;Vd;gIz8v=;rA_9 z=~zr;UkPC&V3+8-T09PFL7n-Bad;OYs3@{5+wr0!LeTALJOL*QT#8kx3BRm)?zZ_J z_(0#Wmaha{yqzSb6#x+fKEn~fD21`FG}Mc=X=RtG#($ZXTAow^!TV`X)$3dUyd*hR~leL zl?K-(m4>z6XcN^c+6VK*_MvMf{j9G!M&4ax*i)g_eqBD>M|d{av&`(g(VEzc)e3@p zb2wq;P09Ygy!-s|Z(I;e=u-r?D4cV{qo#F2mO|$UNEBw)dA0vU^x8Pla5Co|_{nTh8eXsg(yOV4~-2b|s!NZNN}{>2~F?5V5j zzxGrBzgyHndt-%3G?z=`&$6{CM_bke7EK9ljiHGx|B_m0s;KX~W&hn{CqXGbK_x#W$IM zbe@TNy?nA{T`Rtf^+ZY5(q!SYj6~=YZk5VlSHq~2UU(yJmnM~0J<|ROlsNDSK}CvY z1mr}v6IvZb)Y}3A5`Liq4_+P&-v*?3_?_>xe?FexHIA|CBJdXFNc?w^4ByJ^kp`&HL` z#J(%`kaGfGlx)@IwaEt3Oa%J_!N`r>(z(6Zn9zT>WFb=B40h!6O@XvthMGOel=@3y z@k!KBn+xsweWb&TqqhX!r$M5tIhx4SQ$baGsj42aEDmEsx!*UPWD_bEfeh-^-Ojh3 zuSXVKZz*p{#EFqB9&KSR=UB1!Fa70L2iJZcn?la1)xO=KT`qg~ZaYaNwb32QmK|pp zE>@ii?K>m0NcTsnnS-lAu0g`BcXLb=Yrlxg8J+7r71$3np1j_gB%=61K_7kw)*Bpn zds|cS1GI8ZNni+EvmHBb99?#rICkfILB@L z6#70>Ur8-B#a3(dp;grx1Sx_C_v>@6#|?ErR!BlN9UkuwXCq2(qAUfWDl%3zHJ*3I zbugRKvuG&4$?VCLKzO_=Sga_n{W*Mu-EEgkfwT(ijSy%{N#~x-rP&~urCyJxA;E{o zmdsu0(|j|Oo^WqS|M%Q9JBC0rJ+W59?w`1OXTRHUSitFzjG%Dp1b<) zIauBI3_|FZ?Ooslto}Lz#5Ho}l`C^@*53Pb1k?Q|ubvu!Rc6QOcs{wmw4Y{0eId z6ATQ;khV#tbi|DRMe3l=Z!Hq3Mn4Lv5-<>;4yk)DnrUl|S{jv=S@ID3C402nLlY~h z?a={D^JSWSt$dJrqq_z~HyU{zhmDpU6FSDM3^MAXf33S{3c0P#DRE2W>-T@h7gC?x zc)?lMNaFI&MvZ^ErI5pbp<4Rl%RNHzZ$&7KEMpo{#*dW$7R8VXPAOr`s(kz#J3}CV zbE?m3kUmUY{}#o;K>nzY$r@+=$F$;E-r)8T0bxV`DWU+#)yBg(B>X1*cJxJPHXZsW{i$qlXBj43>wlGz+$F zD-W4&1JgE6wM2T^cSc!+*V+b7E~A%iY-m|RZd|O( zSooLf1!nI=9+PxDDXeSJ0X)1vFp)V9^;D{K_Vu2+Am5MS7eorY{?-$&(n+OJt}w6X zNb36O?!M!wPBgh!)p~5cFTSK6k zCH2D|d}lVdV)WB{`3-PTCp?yV?;%5Y92QxBinf*^PQn1rts~f>bVBQMEqa>x{`FaF z3iK>vo|rrA<1c@^i}fhjXL$^r_&C!3p5YDg_kvT76sL4^@&6PheE{BZS_F{A?O`W3 z4w0A2i#X=H<;%B%xD_1-O@0w>jS{bwGA@d`r+;v3tEQ9Alf2z3p1s-~F&Ir^^34{W zY^hSN)SNC>C=9kzHW{~Glc{{JAEV)!Zk6XBCp)F)$}MRROKTlxyw7G{qtrGZ2rxJufE(|DdpyDxo>PIbI{|$DzB(4YN z+IY@lDCUFh(`iF0)9P9KljY$`Qw{IaNe#2XaGWu=TFF&LZO2T_dHS;BxVA?=2@-LJ^7E+buO2rj zg@&7j$&~|h=Z{sjCqSe(Hk((W+S9K#CEEe1dgESPh2VhlB|~tQo@1uonLaK_Rwu=Ud z$-*fdR`m3VlI@R2G+bcSbCs<>4dV&7D|`!b$q}o=Kd_13vl+H;OHNZ**6Edy4<=`+ z)Ps0{VL*EgXPvuJ4P;EBHvs3X`UQef#pw8wB>2#wJawi@cN&F|M{YQvV-? zs~xPP8&fLf)SNpdfihjvPlaQTu0_a|Wvi7q@7lz>pR5Du{es}&&Ux!MNp zD-YvpOu6-gG`*vY45S6rjxY6(PeLaKzY(k04CV%g(y6~0 z&MM@KhU2%_l8Z&eS+zfiGG^J7tJdvAixD$rG}&zTC;z+}=et+eQguEJL?QSHj-s)N zTAnKStj5}NL_CgVE_OYV3~dyp%9ZRo3)d3@>y+3m%*^_eSwhSnkMT;9bIj!~p|aVypXJB}INP3#o@u?YHSrXhR&wt<{%V^CvU(ziRGT zO78D$BWERs*CvbzQ{L(VtE?4#jY?c|2IE~v7gA|j#kG!@YLp`J2=$ESZHLwQM2Srg z-_0Tsx07(V=@$}%9AXHYD{>Y6DFj~U_5A7U@wTw{$KLNkSxsS~q!~WS-sX^w23?N? zKHBk!MNO>Zqox*-fzkv}SWjFl5DonwtTQ$UT{o>Fd2`e^*d|U_eD--Yj;qZx2S2U~ z3>M1r1ubd~Hl$pg7y8yDRQo&Cx#oa2Bv#5yepTRPa=d73Yx2M*c?9 zH`gLx{m7cx$po9Z^5{prSfVp`%8eFw#!kqC)jbV@`&j5rq{w$=RWtJnRU zhm!i71PQQ;ZovwG-eaBKTj#Q!eZe%I-jLuj>f*Dz9oIvW0=G{$y_qJws&la-{k4*O z9M72vUGo;lf3f&?CX6^K2274^{@^UlvL&BSmjE4 z)kz4w9ZPpCgL!515$TFGx^sD(L>0;6lw zx|UY)>yF>gel_;i*-gPpy|F32)?)q|K^TQ(1)Rm6#yiq)v*B0l`>Qpa_SMsqZ?ww` zMdf!~bBmEG@_!{;&`j>ApzVBB;1esM;M~D5Kb-hHFC)S7~&|9MPwSm6HmXXr|_+9u=`4$nZOy$3yG8upK3N1E)I`Y;-c{V(-@%4Bq*7TZ8 zz(~lJBRzUSSq?hJj1a5pX0i$8KM|@WmAB4h?(PxQod3C@_f8tpTB6jg>R^gVr zwi*|2c3uyDzV{?3_oO_%ZTkWQxwr8ff@Y!GL-WB!(s7wjJ-5dGPGl7hcj?BXd<^e` zaaF5wDts36A(~j3^Ysq^9Zd!PkYOFL!HTsCSN>m%U6VioU@ zv5Ijv?dhwmbVXrgc(Ntid+*}A*1L(tCCO(}+>DBEp6emO*4A|+H=$aF?MLbEe0T8< z4K&1YfI>|6QHq?cc;D4WcflFqQj}&AQhBziPQCt4sG$JGg=uOOj}v`w8Pb=lO0aJG>1H^w|yy4vni5EH9^Dd3pMpr(+6o8B~xfLlB$l21V<*7uLLk+Cm{S(SUXUH$l6uQT^9P3<9# z99Y7`wi9G!er!NJXI&F;FLRmtT($a;&ZA+k!RVKW>PwJu5kYOa(HDs858tmU>jB}% zL8J>bA@x1sGMf>(cIy$kl{c?*$G^zzb~_iE87GZ}c0ClRZEy*D;prPJeW`m0<`x!!ycgOOo2 z^5|FTQ+Mh?@(-Mar_|d$i=|o#RAOGLm&e;{E!v@>p#pxO%@pg29wGTf))q7xZa2eu z<;@_(?f7qkRzjfetC9xnqE%1?(dfNaMxH5BMx#!1r48n%!hy_?UNi2S*U}Q<^^QVq zi(4v{<%)sX#@nNB3+DR=HaYQQ7lbl)&Jsh?**NuV!6g2TC(31Bf1t4o%p81qMD0PNqdEh4nWhiN>@&U`x$13njzv` zxO@!#?oNZMhYd@Y06psd+X~suVvEcjQ?P{qD3ZV|shdk0%oqftLbjEE9=L!BAtTy= z^jjqO&}t2U?Oc{uva0(21Fq89H9)A0PB{{gVX70MKK@qi%3}GAObywv@EsP&yRms%{>kNL}z9ZX__vzq&pMLjS4%H$VFtJK@IMVFBTI?SD4?H+CtU%tek zlZysp8DF&PP+>eRS73%)tx%xj_k=?SdaO!%z11!fZNzsmJBz&Vu_Xl&pzvzXZD7>| zrjkV@@3V$M>jblFKqu;xVE#s#!0=rBc7lR)yq&}?YbE+>QMQp@dPEsx&h_EJ;@I*S z_`EzmaZK3d0{8RzJ53?i{_7kgPPZysEY$gmPCAbe7U0pORIlCd{zIVqr~P|ttf)p@ z&yDOVUt*lpS!iWR5>)26(2neOz{9S=rux8hQdtPZsw@Kb0uR-S}Neq2C2=LGirJnee2kGT`>yI{Rr(o$dU zwH4p^P8#);tlC@NkyX)C>(I3z9%LVP`0=fRo$%ge>L!FR1GTox=ZR>ujNzt$N2!en zFtKCM7);vh)8EQyui&K@qJ~W}$JqXBvqWso`VCZ--NlqaFPXFYdAmP+*AI=KF&)_) zwooRWdMt&FMQ4m&qZyY879G|v3XIY-&|QG`#%S>8gyuH~Q|%@!J?A7Mn`vBjqmM}_ zKKI>73`sITpgGlfC`0>2`Q?-t3BpnnR!}xP$}k6~h#1ta5J z!{uk~^iNA)A=+p_c=(eXzn;k^tL1b?lhdWO^f$2Tg?ybA*Re8#2!~5wbHy8YYjl#j{ZZTBUKul z=VafR%m-L4N&~7$VBm;hs@f#c0(#IzQ3~6Lctc^EBC=6F_V4zngxQ*zB=M&KE%NX- zH+S4_YjxkY(?-WSAuNP!G!>^U`fLK=HJ$Bj#4>v_Y#=)!DPp~ zB*9r;i$)<`WO`QJj4Gxl{qh*%7vJ@$Z zVjCpFF|vHOaV9f?^`-~f-ZBtiMxfC$2vpJjXgXt(C7a0)6&)zI$1=gI2cywoxvD=~ z^woDQm(6UBb#oM)TqfOC(euwyD_79U@;~IQfT39dJT*71{pr##dnrNu*-h}|v8BJ8 zB!eWbhlGY(_?7$UQH+WmiuytJ=(VVX12UM>e`vBEecshsXR5_gp(NtGkc`(^+-645 znUI4c?8zvSOmWuLhRGx1%!?Hjq_qoP#houJirdfJHs5`=(8uG=8;$ z$hp8#0C7g{oPMIuy0f_8KrFs1pHF)E02((Z*-ls$qifky>c}}^%{5!9d!?S^x=y;J zy*Y<-$=O?vMTC?8C6l0)4M9aB(A*fu1VzgCo@9yjwQhtg(xgQJpji7^)CkKQb4l28 z)^5*)PpNY>jb*8w*_o3vRp5`);~%1(**$z4ke{^t8VbMWiarz|$#{=89L2JACwyZa z_1E;xM$TYfQNN@J3e|4hTNh;S5Td`#3nt*gx6MUng=0tgfh50?{X+;Mv#eg)i*RuY4sgJ zkRf0oYP-qRIG7+Ymu+mt?h5s zB`~~k-9!egdQc3j>uH45(nHx4)mHfKzr+YhB&_D}wzB#_ zHBlV*RR6))Zitfu9b}iI;rws;nh{8M0+_~(`((2?#a2~k6{Y7uLli4DHK-MfNM$IAcKbjX`F~s_6MTi?C5}8<4yGms#K{QlgBZ!ns6Sy{q z6Y(g45%K#060cVKvlW#THnWeYLFC=3z~mGDhaJqJ;o&O-C2)M;x*lc8x7{6XciEHy zQ>{JrPki?)c0C#ahvFN-WZu`!dIJ&irAl-xnk!()9g);rlS3gV52IA}T_@1H2+YX} zVlhg=BxD!rn46n-R?7)6=Jj^@!H+%Qm^P(1c)qw^y0&4c6DORnwkWe(EKx|Ovd1SS zwHiRU3RS2#$qy$oFgP5|A{Z-&Hg9W2J|G|<)Elqg_lFaVJTd<5UbUfQ4uqiDy+H4~q&y}memnlb) zgyJwHxLohyd8TtaP!E=TmPx%|qt?FznnEB>Qf9hWkEXCmuDM@JH*Ni(*~tzfrq-{R z(l|YBSjPsi5vp@ea#*d=g2#~fblxE_@7FU2IAmzMk$>oTdlE32uSl25+n2#()b@4~3Gh9n}!3G!Y3@7GO-C*o=`Bor>*L08*x&!u)QM;KSWIWx#Sm(<=98iHDY0G|w z+s?Yz8{5dG_3cFuS}Hu}_(A@~0GsX_TH;?Nvjy?AvPCqc#9xjW_ z4)T1tRd#vUO$>+dzi4?nYsm+v%^!*UcRlV`je3a<1s6!mvGOb1A4}ZtSDpI5`gR$^ zqY=}h5U{iA-aKDVaJVdZHBv4gqwFo3$ynx~JVM`JBQdlx<{5)DS6iGCbAsz(k+74P zkLD|_>c{5lINNhEi2ESFwm4cObK2x^af0a|ji$$=QUfp?+0&+pK%tSsE7~56Cf}Wr z6<~vhgBu`VF_dao5vmo+BjU6sU9Xh_M*<;;f%h4;n%nwd2rMO{}b)}^&NQH62*vJdRLUMef{9s zkU1{F4CNr0*!=XZM3L#9tqja$zTtM=E$Bt!O~DxT>}Pseis)Hq0AngUUYk4h*mSyK z9?reqXhN~+VoYWV!0E^jLFaVGB@b{6;Dk__*mI`^+Vmd3$_5c$mI=4 zHN9i7pJo?1IYYm0QDc(ZClv zToh{Ry>}=V{p8!jgx5~8Q3g|nMeEfOSbf%gNa7^R=EIM6C;S(k(EYJt&8_!qZhN0_ zaO9i=qv3GAn{m!t=lgvVho0hLt;eP(;vx2aZ5o{>j$k6Eq1L^-nHr`_Ts{}6+ z=Zr-%ksc)(0R}wrL3+I^^a~{DN#cQcZLO5s^t#7~@bhfoD1T zrX7s!;s8HlpvOs0tF^a-^Qyx@}3 z!@~oke2ZM~7LCSc;Op@(J>DAGQAx|7{Yqf;JEOS4u(*X zF9QmK5FSZH-7+wh(2-U5bP)bbt;msZjR?uYFB^l*;}_)-oFleG0VZtIZCgC%=lm zf-<~bU9J@)fTvuUw>2Y&WrCfG)>44sWZL-c4fO5oegW#D&qJ?tTv!L$;YDDs^Z?&m zthcun^THq{2n~`=!=USF_4&J9fw`UVEZ-o6O)0=v+%pG<<2kl@e03{Q=jWbC0C~<3 z`rdX5W-GFbHlMq-hc7vdE-G65_lcCYy{z`4NG~_l+HXA$$n&(p3g$=^dd4vU$6FQ+ ztAa8F95)>T=e% z5YAmYxDLda?Xw;CNntcZTW@FKfio-9c`GF9^9Dp8e4uN(?eHgCaO6&1H?BhH3W8fO zJ^06_QvR@@BijmyriFlYjJ7<{?C`#622Jpl|V7)ai+r66d3G3)4lOd4W! zYxI6DA0!~XB4=QEHY6+WJYz5;Z~jCE-?DSaC94?<&M0_yO?ArDB^CxMbuP00aT5w4 z4Y5y2?0O;RALOz!KpJN4DO|Sk3Lyk%rS=v1o*p+16(GB{Vl|x?l5CVn_63F#9tML~ zb*{y~0L^$@e~dq>>(cj$77c*U`DO=>*Z1-aKjsEfE9053?}po?~RL2odN zG_qj=(y&hNZo?dl%_7@K^VuHIw2LC1|6~j&f&)G+*CC`+vL@5QJqmZUpG5i{I9H_# zc`RtHqqT6iZw>rEe7$8*9BJDI8VEAD27*g)cMtAvL4t<>gFC_92^xaCli=>|?(Xgy z+)lH*@3&iZPMxaxk($ucJ>8F7_a*lr5%Dh_Wdn=z!c-@Z5$dpDa;Lz{(JU2v5?;^ zfs2Gx*ZtB6n3lSZ!iVyFWN6oKe&~3&&tqr!*IYmUHDLKp5eMzliGG9+>Y$I|1C|A3S_> zuan{tE@K#%|Ex|fmFJU<+F$KT-jBr2#B@g>U0Iq*6)3{pQG7C z>ueZMZs^fm_h9k`!nd|EjWef z=s(ZVis~=}_jT6K+y4jbxUe~DnGJ_QV-X3Xe`eSuDIsA16NKywhneDCB>#N@8naD! z2Q;GCu{EmGj9A#6Gfx>z^scoUqR^l9{#6>coOWbUUVPd*n;#t!ov@T|`7AR5yJI)c zo}f>p4$-B-p6y#DxOnP?#kr=G2D-%HY8%f ztNc0-tskrbNVnsQdxX~Gf^?ev&ay6ebHkj`yWQx56M*nwNL1vyR-r#_Z=oTe{RG?J z{=C}q*X2E}=gKF!U5oY=dYqHQILQvSYM(^z{0Q$0BagyX3gU1c9y+iL%?l_$NZ|C}BeF4j*Me>Y+49>zA{)pC!=?CvHLMql=It538Vj*n zenxDDu!TCsO@dp0l<-H82RZ+;u@1}-QBVzLVKeY`?qY`sd|)|=E}$K8VLJ%&gESqN zf*{HfA|RPtYwv7ETM=G*v4BGQg1X&78{oz@&}pN=1b#Dxjf@3itLhG@h1cbB5cl?j zy|F0s`2n5ErfB_Q9?>uPB2?f*w9wG0iD|Kh7#-;3Ue_YzzR*W-vJ37BV4~s@n#vj` z;oLfNuvJj@n$G1D!0pP0>&yvo7{jy=#p3LSUHv!gy5w{7~TEH}?+C zhhY098vkWUdyIB6kb4{h`fw8t!rLahe>lwBhC+MDW^uzipcWbFJu?zS5EmN{&l{e! zufB#W&t>+sZ%x;XdyvHn;9RnwZKy>+St)?!D9M_xl5|ACTK1c!j?a{tL z9BhX|&s_1gqaCm?y|CinyxU29U^%N={R(`cYaxOXe0q^B+t+e^xkTp9UM2h+^CCYd zx3i(lr}qc&L5L*+OiQyQ+Q-fgbq!^|O9L{J!6 z`gNzB=KI!E*f&O70p{-pyhT7fZw75j1J#5U`HxVvXL0vLsB7Q?@BKcM{FFo}B@pgr zDvCrIa(z1-`Q>(3@x7S&Re}V0W^AS%M1N1s(+`mVL++)NnNOzioo`{QEjKrvJgrti zhihwyBe1@xC3=FjytK7^7s)6A5&4Km8qO?Z!59j7HL`rR8Rtf2VH~aQ^(jytByS?w z(v&;d>n_frtVN!je|4Xmbz=6xqDY`xqng#}Z_Y6corkU4ylR^D7+gR_96k$LSMu`H z@RmTh>C<0dPcI>!tW#fi7hlO-QS*KvZ<3*6tfLkc8fd@jz9vKRe0Y-sUBW$AqG*)i z&Ud!nf^VS#b4qv+;by6XB$sT{8i+x4dk+)tJ;neWF&fGo3+Kr}7wUNIXT^0Tw8-;9 zp|@UyA)izbT4O`g#s*x*IvQ007=coqcHxXo3o{!`3;(gijSjVq3BSrPNU%y&OSL1r zcf@KvE~YJ7?u{He{KX&Vuh#VDfBAnUH~^E}2e+5Ok573c0Ax%Z0P-mvK3pF`CQ zWs@2qS~{z!B{_~23cnjINKNLQX~eWg9{v}{l<^0>&2a%48f*Wv^4}ROA1buAMJ}cm z^d8QfUV7=MMEY0K1~cYO$zUD-CQtY)FTPA=gs;u(wY z7AO1fdj=A}=b--A3jibI|KpIX;;p&Lum4^!C>h}2<_Z#`{$=T;BY?O1%T4(hb3aCdUviz0X)AX;H?-A%Lz;SU=PrPTxxJ- zH+$s`yYvW_V@Gcu8xwH3}TW#RKb>tuCcxWLUF`(~=}%^Sa+a_A-x4asgA+4H!-OZYkFTy#DAaAH0ntZ*C&97*8* z^=t#*l->qp_BcvrK!J$Kk`fZA+-^?jeI_)&D#7Wu8oU??OuRl_z`gm3r(Y{|Koacd z-c9)cXcdSBvs?W?i~woM4k&|UggT&rf;bxRDfP>7E|Zm)mqWN<{pt0EMtCJde)4p1>24YDKd{IL1FLYsVTJP=Zik!zpL67&8L(*hwa4d@4#V$QD(co#^$ zIV_l&UD7LF9xo&5bQ;)ZNo`ktGU}~>T7e2tNv-&^(FBLtlq5jI@L@Q0Bc@olzC61L z@>iSB#sTmi^X?I$?+?{|xy3xoe64l*tJqm@H4RW-J+W_0SQ@RYOv{$t`qldEsj`5?!goo5kZYgQVY#hl_v^NsG^ z!S7NsYU=*l)D&VLFsfhzJv;lSu|TBo#V3Ippwk?{V{(EvY)Qy$==0hD5=oUP}Is`Yk8LvcT8 z)d$|9@DXQ=hqJ6$u&TU#1YCy7xzg`0?E&k6T`$46zNtc$;m#j&oz~1s-oUtfkD2ay zU%2FcIZRT%Rr?}b()AaOYZELuwNM4{lv1y3-(WoBO}jYP&ejiw>!%(lzPD#NS9{|k zR!!&Pn-HCkDEzmA08sw`0Jq;w0OgfnbOg{$@c=QLG@z!00@Mx)Ch0tXSZGWNq zH(YbeBWgXbr|MEdV~Uq(!B|k6AxtDv%jE+x!H@ufa6TB<26#ltW34(fMVhSjS2J32 zdzhC;4bMjHje!mTEsESXxno=8nH`Q>A~VwyNyG?P`$pRPDysHx{|eqglcTbatF?N1 zm;yzgU_m=7&C_#`DAK3$C^IJ2!w2snUc|np15yRLPS) z-^S+iN&XCwc(Rh9L7o|fm|4bO^mR|UCN4&6RhG)R7T>E%;|Y+(621X$!-}u{F>6J) z$xzY+J^&Mt$dd|`(%c6yC8J5>)NXK1=feXj;47)Nk;@+29-79vqX~8VGETB~;=$Krqm^f|<-$h!4S_ zg!fkitmCrIn8JrZ70PmG;0aKJU9NR&?1FeHzyhHK1JI`6%C~-$276>w1U2-nr+p)e7=1T_kOdZaaa`rzp!-55o zP6=JxGSS#wn>9r?&4c?C18s`EJ}1L`lFV9aN$17vc z!`DkSE)QxuqLPqtA6t$+{lIyDtq=wv(N9%E`t1*YmcOkg)|j3Z+~EZhdhZF9vVT88 z_S+p=dH*=MV46Jg+`}n~f%tJ{YzHPVa2ll3;RoBvatK%1iJt&1^fJbZLO|?GKe@>+ z;!!nDBJhaRf!h3s7~PZ%)e>^1bNjTuUk+;S?zU!2+W3AV4eY}uSA#z@L zM9P!}r7^bLb~tw%4<{Kd)Xh7Y?cqj}AgqNC4ifheFRggJczmd13f>0jKw_N+hiG75 zxr@uZ!5e6!T;|H8s0URpkD z0z@dv;18jBaNw|j8Z$1&v1bgV1K`wOF5ei5rM)zyjCfjVFu^+5K#Dl|#jh*{OBY`tmfIBL)i{8^Xa0Rz+flMImwx*boj~M_#BlH<_t)x%V>E zm(_Og>lApOZ@IOkQ*oHFC{SN7Nl8h$`(Bib7|kn6&>u91ClKMrn>x!GiliH{PIbl< zVB5{)&F0DYxk~btRAg-mk|Q$HY5cw#ew z`M3oDnqOQJ<}3OJY#>gdZgT_Q?V2A+oE;XNXv7z!0RQ{Vo;K2hovxjqA6AahtJ;QKFC_j<*PiQ`jv`B|xAC2trW3%POuK zm%!uu-W*uIalzueHD-=z?OmWz{zX@+{yQMMz8QvD`xJ=%-gj893fe6rO#3}66%)iC zX^Fb|Ykdh`A+K?mb(m8;e}bkbfG`4bH&i|aPNGy`BWW2|e+_1TSROJcx97*hVCH2) zk3UNA99~o@5x5XdyI6!A&KAM}D_LqxtjJ++7Dn&!x~hS}%XUrFh5r{S2f{Q!)Jk!a zhfEO?YK$6oeF&hWlTh)X-tdDG7dTYN73r~XeBVIfb>RqSqR!vy3uIQpuF&}~Q~lM| zKv5C$Pu08F_me*a;m`oF>UeAoLOcP}a=wVNS1rUqSte_%g=D6Ts3@w&KsngzNCdtn zW|5OF5h}s~IFMl9E$T{O2eh_>5{a~8)uyPmzxsq~4YKSMk#1MJzri+_gv?C@;I8Qk zZxP;Kf-V3afEt7p^{4HEWcoH$={ss3`La$jVP`cQ^^@Ly@R0rY3hb6>B zAn-)&3dO?00>${fmy(^G-4&YIg~5^X>pD($1&SAaL0XmYU+iHy9V51WD# z)5?)#Awmyk@%i*yEyN=x%uZ=2?XMdFq!ld4asY2iz!1sJ^ld>JFCGJlkFuElYKuot zr`j)??t#B=Hx%kWinf>*TLFs#dN3qJ?c#707_*K==Jm3J$spKt+OK$Ufi@jTzlQ!3 z{2~Qx2lO3+iT}CHqJF?b|LbFbBmaH{Gx-#RPwrf~0!bL^i;q*N3a;q#C)c^`!t>6lw68#{uT&=-j|BKp-i&!Y#TmsGX55ruo$qMCc?IH^x zhXs)IZuQ4Ci|{H?vn2mJ6R}SjNVI!04(O`zYKGzi^d9jla&q#1>((aC$GFLMp>BMD9JtXX{J-%fS+0W?z*uWk==!a?=C= z#rSGXfqk>WYMDnb>9plRUYjBQ^jj6B;wYe@O9EPqoYJJ)Nj$$Ljb!V{r>@O+^#|GP zEJmiGOLo#m9~f4hH^YV9(6XE9UswLW2l`qcC916gUK1EV!!bZo?g0vqi5nmJ)kFP# z*9?&U1DA$5SLuj6Z!?!1CgmueHX{YB#4&WMz|n{}ETU%vX}?QbK2J<;=6Zt(F`t1Rb23d*? zwFo#NJ^(p8On)^4;2D$vI=Fy%-PPf&LQez%txCQ;`{3ittG`%TSsCy~P#8O<43hZW zPerS-V+@~;Uw#{G<(h{5!z&<>}jt1=s&Iwh)9w`+$0WMg@geq+M?z zgrThh;(Wo@d3}123hxk4k9@%*n_gAqeqeK85(;9Wes)fu1uBRk!E6E^hbRF5f1;30 zAWr4|#$mdi+IUnkIP_;CS0>!169vRv^~nzwMVGA!57C!)j`&egp-LU02In_Q-&rE> z_6h5+0cxa*kJgfY5m*|L|5+r*iGfj~1$aQ^KB9FX8UX@lG;nWkvDmGa<~YNz4MC+H z*>TD3lQTeZ;vKzSPPlSqRP1!T;4~4;63q5qI3M60e(;{ui8MGJ)0_h3XdiY%iEi^} zAoNJe%*@Sx+*jY2BlDxePU!bV3kws3Pmq)IUt8TjlOM(>IIJf09j!D_1#AIIeZSJ` zD=z>f0pH>tbv_tbo^N!Ee_wCbsmI}SesA2liVAsk)3-fiU;vngeVr_Td}Q{k@=l=| zDv!~Qg@97U43{?HHrr9GVe zNHXVW5#BGP)Y2#s3_ysEL$ln&w0%WZPGF$4Ztu?#3&YB@aK7>_Hm-j!6*?GV2~YtO zRi=|`TaW)85+qS79-_pHR?7|jw53g?K;6%tibxz~RlkiTB`+Tr{Xqi0$##Y~!}a>e zG;ml@i`}_RA3#AYnZx!Y+!BD-9qgL^h5tgl7y5f9OlBZ5^sOcAvY6*{;Hnd$>+g{i z?#Zf55ogS1(I@B}9TX!i%mHf#W0Rc=PLqdoK8lPeGtW_9xRF8OUBzh(L+R?&c9o;Pbf9;Y4Zq zK4+!Xe6W=$8~K;8`~OXO`^1oX3uT}8p#D{fMhWhddmlPj`8{G+&tO`Lk@sCmWh8*~ z!FWyS@qf=yMOU~r9-XMnKKKf9OiSp@?kX}xUnnMr5y0;>Ogpn@OWRJ+{udM>hJw(J zXAYz*nY=@C#QJhoW?X&))<{SQhLVPTHPG2BwFN-DRro)G)u*dVl=VAKPgHnVSeSG! z;4Aa}nfQ;dOi&(jrOIz(xmgAO9BzZEwA8@?I^4F@`WP+0C1QLZ{voZ(99#QX#t-hMRi^vt(mAC5md94@_q#GW`wPy75vPzt zH~X5kGp(enL$dR{qv*L6^~Cx_Ly6FD55}#SL6nB2NBO>&XLup-%Eop06+5G-qZ0w> z->y=F5ct`Cp0B^LO`TEE9$wtih+{WTV$r26k6%hK)U-M@az8KW^T7;hKGCgIDEqQ= zJ1UC)gX}s*#_!@>x+mW{q*94BWSnQKyMKP2Eo9%ub?jd30Y_LEi(aJU|CS4z1aFgG zwSMOpN88cc{$N&mj0hAF$kK< z|20IAAvT{--?($}?c(Q@{UU#qv)->!+1F?i?`p=cW_$LlZu-NfnL|_J>E4{wQaa+h zSvbm&N;QvUIgQnlp5CzCycfxtF>LbRD(WGotMj19p-9*;)gn6P_~n?+!8om+2&dGF zk8bU7zQVQZahi(A?cL&=oL%MFiFOK-u|-7UVF(Wr^m*!f{kM+@=X5U;+Qq!Lp-#Vp zR5lE|rtd6P`F5r919mW>*Tof*QF#BVPG1X(3n)HA@!(6iRrCBmW>A(K$pBbM`7JA6NNGCkDty@mdQ0+<fd;&sUK2QcB=8%gWs>?`}*)l^re( zc3nDqS!unajj$?)Q>}|T%BFM@Gc`VZvr2%EH)nWaV*1tLn+Xq6tO83IoW4)zc3!r>E86OLF=B z^X*AR-+aUvpI5}I-Zjgk{5qz5^~bp(opB^`1$Dmi1K8lb03Ijy%}<)87JP#REtiL- z_f8s9@r_#VazZ=3QM$CP;?xtNw^4tY6nNFU&_{-&SywM`^FRMKTwvZdKcAUAyKGq= zaE^Dz<3J4xl=N`gaoLyy0tzBIJ;qOTD+Al2@_TzSUns^zu$p!J1bBESuxj#)iKUq) zetz}*XJ@eyMW^~fR=B-MrW+un4T^-vZOGr(FDkiAPS`Fykd_)dZ}~F#6MOVitxRB` zoS_#!t^7Oqg82MuGzA|eDsv3VzZJ9c#KlAv%2WBWR1-!I#`bc zDSEiBwKcqA8&+PVOocU1c6*eZgVjTjc6|kkN=vYlK-WW@$>f!ae9kl*m zmBN9lWL#ZZig)D~pqKa=^f!er}WeMIX_NY2hn8|n({@`Wu zI#qTSi7xL))n7?^6JvvpeP~sU2)A1#b5T+yMp#jP+2RCOp1C0=y>Z?RE}SLPPM!mK zJqGKTQEjTi0qDX*?L@8qC-tr7{8qN9-|D%NtJ#QVq1As$u<6R0yv>=u(%IEB;EAqN zXFxk$eUTjE_IR@EPje_xbcm&o-^4I&H~tly?J)9ho%`M=LB@Il?^&3&DhSpveZP$0 zz4lDAbIVr`E=hcyQOsG}V&OP!dshY9Dl6KwQi1+@?PiCx;$%qvmDEMMJX&&l_>OkR zrigYmZmHh9$@7gV+Q6}FlLxH+M^}GIzk!XS)f|x4Hv1h<BelwNCO( zZ(+>gN+zq~_f|0bCzz_UJqeZ-itS?$ms=V2iRL`M9Hf4595?nSAf*4yteyP7ML`a- zB*G+kcR{QB@_09<{!291*d?m3`4i1%cWC|diZ))+2TUCMPA{^}kwN>m%Mv}t#M2gh zrd6ffz^-L9%n3wEB|8D&k~J$!>a0{4H~p1jGP8!2O0sZ{W*g5?Lh3i8z1uwy8pPfw z5A&Mmbs^qy_5LcUWQZMdv&I@-@amo~OFVbtk^d;ix2k|T+l&IHj7lLuX!3fbNTliT z8=gN=4f%K)x;8I%f9xt=EXi$S^v_@+_R)spsw$4H><%IA->zQFM$Uw=PH2JbFWju? zK1fE;mP2uyZ?ffqnG2x|n`F${FH)B4)tF>5N>)S97H(_8gb5K?=QEJVW@|JqL z0wc@ieGys58cT;uJ0D^M8zQu-0Q1=^Nvc|)C`42^uXasKxgZ6pHHv(NgLe-|ndSdh++7`nDOAH_OZOCzLe)SF;$ zOl}B~n46$_oDrPQxnY)2MuedMhEX5wu? z@E)cr0D6{nif5ks?F($_ZmX)B*}d+&ZGlz!>{LenIq~-syJaGa8K<~c)6;pirXuJ4 zzjbT08(TaL@%c+za0iha4r>b}e`MAaNaEQ2-ynqWFxtgF4aJv?o;y65HlRSi5Z%zc zDgFAyui133Y!^(5D6?KrVl6tRPR4CMeN&vwtp=Oi{ia!sZND~KT!(;vi_5m!!eqx} zIGrRd7lHibfY;-2KIA(J?4Eb|$L?uu*wW!{yWgBWoP+n*thReL@5@beFw2}~zNbU^ z4fUki7bd2kZ`*iGcCK`qelhG;QVKd6`}V6LLSX&uF@t*b8hW^QbdL5R#N^7(_7Gt~ zB(c&Eo0UwuC+KZB_lZQRE>ouAd4&PbJL`hFOG%iXauDBZ9BunX> zdAUd)`g0d7W+ZWF4Z^>1^XvM!L4QtnM>{&)MckNp+Dx$$U_TUv zg$#mzXGQ2St-QngboEJI%j2-I*PS>mk><0*QSH$>BmTy6gA&W9g1VRI&Ya7?k?Ouy zuUE&%KS<|vz_g{+=P7kfHu4J$cDp@(io>px?LQkBjab6wvP~6aZX~C|2t(3_D`$K%&{oI8m1kD7Cz_gv${Y+DL z`;i1e<#3~s-&Z8BPZc}Q#wu9%yfkSwKzu|Kke&~Js{%}t+|9XKF)|AAp4R*Bkk^Dv ze!3^kthRl4Y`csJf<916&)D~n1F;Mg4fCGwI29fbPW5LU2-`qA4tAXlKsnx*VRbxE z)hx|c)pI+pZg~spWP1(5++QEl>O*ukfcL^0#3ljKl@bWn{LpQ7?e7Y~kW+sK*a&4J zvJLm{kwn(sAt2CGYpn~k%SvSFp85^g_VaGj)pPoM!wZ!^a;r74)6=pKbPoVlo%&Q zGBl})Mskz!VVt~#)?V=dAV2i3Pqiy7P-l@qX6>N8UNIS>dW;}zRsi>nG=odNw%o-; zjI;`;eERh;^R4RG;TC!uH}21#elrfI7s-j9Cu)3)Mhg{|TJs@0%LdtVX8hEXbi;k}Xz=@6xO75bjE|Xfiq~8((x+Np=}X+dX+>Oi)ypm3YdxU!^@T zj1{KI>V50v~{~g~5`)kiSJzd}DyPT(! z#?!4%6oFX4lpy8#crM`rn8UXN@vNdK)0~BwxWKkJqT^@loe0wiW{^ck* z8cG-NYC(L@L`?kZ;V?Q|Yp?jy4Zr$WZrD2@LF7RuCB;)wxiFH-yB&b78wD`y{T%`I z0_V3ZR2^M^_9wTKty`G6-2wjq%hx_s9Of^gf)S`$0BsDPpuQwjo47wX6W+ta~ zLSRPxKH^!6gA2PJaQrYku&|8tnilh^6G?qZZ@zr64jc#rRr{0II zY0Igp`zQO)3VUAapVWB^U7+5}0%P{~4uTW;3<4B-_lxw=pr$g*Ix{t)eRb@TZGfot z%*a7u(BV4+LxbD85F>7cj1qznXJ(~VUn zmVFVH4=IqsXl*MqJDssekxrsA7@qs%daftk|3$UbC1Y0{eZ@0gxkFq{XFk)>Ed<{s z5b6O@^5>`Na9{93!BAeZ6%7zJGykRgeT{_XHG>5ZgL&7b19;7DHymA7<5^-8nIf>7 zbvBtmpA(dWhxc)>0j5YoDGmYq9ohLWVf4zZFS?$0Mi|y%4j2@&Od8V^$Wb*w;75$d zQF`IP{Bmi21iJ8e`ggp;(cCy$BG--ee4{!mcb>IO2&HJ?YOA1bdZlW_LS8@yb<=)c z^4CR6M{aCNWQZWaWzq}+3t2fM@FaReiLtgo2%||D-7Whz6VcwZoRpT31C-<9HJwSM z2fGZriGY;G)3_+XN;YliwCYWX(@x{hK{UN4#jVnU`-FWK^<4Ca16Fo{k!mmUwl1hq z$o&u(J<0yx3Y3whx4mFiqkTKLD}vYom7n46hXe=ZAzgulWJ=RX>%V{gP`#%?SJh)t z;*Zs+5)>WmCku(pquy_&I7UUN)oNwFGk2-qgwVjOegG3*yJpEw<_A{z5G>JNR=Kn*lU|zpMZb8M7~3ge{*Yj@ zMDKSyES{VmhoTf?y`Bar3ZBCvL)jl&uM