From 97540de56ca8a975ed31d86879d0e5c4cf169173 Mon Sep 17 00:00:00 2001
From: runge <runge@karlrunge.com>
Date: Sun, 21 Mar 2010 00:05:51 -0400
Subject: [PATCH] classes/ssl: Many improvements to Java SSL applet, onetimekey
           serverCert param, debugging printout, user dialogs, catch          
 socket exceptions, autodetect x11vnc for GET=1. x11vnc: misc/scripts:
 desktop.cgi, inet6to4, panner.pl.           X11VNC_HTTPS_DOWNLOAD_WAIT_TIME,
 -unixpw %xxx documented, and           can run user cmd in UNIXPW_CMD.
 FD_XDMCP_IF for create script,           autodetect dm on udp6 only. 
 Queries: pointer_x, pointer_y,           pointer_same, pointer_root.  Switch
 on -xkd if keysyms per key >           4 in all cases.  daemon mode
 improvements for connect_switch,           inet6to4, ultravnc_repeater.pl. 
 Dynamic change of -clip do           not create new fb if WxH is unchanged.

---
 classes/ssl/README                            |   67 +-
 classes/ssl/SignedUltraViewerSSL.jar          |  Bin 108090 -> 112002 bytes
 classes/ssl/SignedVncViewer.jar               |  Bin 84103 -> 88016 bytes
 classes/ssl/UltraViewerSSL.jar                |  Bin 105068 -> 108926 bytes
 classes/ssl/VncViewer.jar                     |  Bin 81177 -> 85036 bytes
 classes/ssl/onetimekey                        |   20 +-
 ...ghtvnc-1.3dev7_javasrc-vncviewer-ssl.patch |  620 +++-
 .../ssl/ultravnc-102-JavaViewer-ssl-etc.patch |  638 +++-
 x11vnc/ChangeLog                              |   13 +
 x11vnc/README                                 | 3218 +++++++++--------
 x11vnc/cursor.c                               |    3 +
 x11vnc/help.c                                 |   84 +-
 x11vnc/keyboard.c                             |    6 +-
 x11vnc/misc/Makefile.am                       |    2 +-
 x11vnc/misc/README                            |   11 +
 x11vnc/misc/connect_switch                    |  276 +-
 x11vnc/misc/desktop.cgi                       | 1134 ++++++
 x11vnc/misc/inet6to4                          |  400 ++
 x11vnc/misc/panner.pl                         |  117 +
 x11vnc/misc/ultravnc_repeater.pl              |  131 +-
 x11vnc/remote.c                               |   50 +-
 x11vnc/sslhelper.c                            |   49 +-
 x11vnc/ssltools.h                             |   35 +-
 x11vnc/user.c                                 |   14 +-
 x11vnc/x11vnc.1                               |   92 +-
 x11vnc/x11vnc.c                               |   25 +-
 x11vnc/x11vnc_defs.c                          |    2 +-
 27 files changed, 5094 insertions(+), 1913 deletions(-)
 create mode 100755 x11vnc/misc/desktop.cgi
 create mode 100755 x11vnc/misc/inet6to4
 create mode 100755 x11vnc/misc/panner.pl

diff --git a/classes/ssl/README b/classes/ssl/README
index 0767ce9..b244cf1 100644
--- a/classes/ssl/README
+++ b/classes/ssl/README
@@ -137,6 +137,15 @@ Both TightVNC and UltraVNC Java viewers:
 	number, default: 50
 	Milliseconds delay
 
+  PASSWORD
+	string, default: none
+	VNC session password in plain text.
+
+  ENCPASSWORD
+	string, default: none
+	VNC session password in encrypted in DES with KNOWN FIXED
+	key.  It is a hex string.  This is like the ~/.vnc/passwd format.
+  
   
   The following are added by x11vnc and/or ssvnc project
   
@@ -173,16 +182,47 @@ Both TightVNC and UltraVNC Java viewers:
 
   oneTimeKey
 	string, default: none
-	set a special hex "key" to correspond to an SSL X.509 cert.  
-	See the 'onetimekey' helper script.  Can also be PROMPT to
-	prompt the user to paste the hex key string in.
+	set a special hex "key" to correspond to an SSL X.509 cert+key.
+	See the 'onetimekey' helper script.  Can also be PROMPT to prompt
+	the user to paste the hex key string in.
+
+	This provides a Client-Side cert+key that the client will use to
+	authenticate itself by SSL To the VNC Server.
+
+	This is to try to work around the problem that the Java applet
+	cannot keep an SSL keystore on disk, etc.  E.g. if they log
+	into an HTTPS website via password they are authenticated and
+	encrypted, then the website can safely put oneTimeKey=... on the
+	URL.  The Vncviewer authenticates the VNC server with this key.
+
+	Note that there is currently a problem in that if x11vnc requires
+	Client Certificates the user cannot download the index.vnc HTML
+	and VncViewer.jar from the same x11vnc.  Those need to come from
+	a different x11vnc or from a web server.
+
+	Note that the HTTPS website can also put the VNC Password
+	(e.g. a temporary/one-time one) in the parameter PASSWORD.
+	The Java Applet will automatically supply this VNC password
+	instead of prompting.
+
+  serverCert
+	string, default: none
+	set a special hex "cert" to correspond to an SSL X.509 cert
+	See the 'onetimekey -certonly' helper script.
 
-	This is to try to work around the problem that the Java
-	applet cannot keep an SSL keystore on disk, etc.
-	E.g. if they log into an HTTPS website via password they
-	are authenticated and encrypted, then the website can
-	safely put oneTimeKey=... on the URL.  The Vncviewer
-	authenticates the VNC server with this key.
+	This provides a Server-Side cert that the client will authenticate
+	the VNC Server against by SSL.
+
+	This is to try to work around the problem that the Java applet
+	cannot keep an SSL keystore on disk, etc.  E.g. if they log
+	into an HTTPS website via password they are authenticated and
+	encrypted, then the website can safely put serverCert=... on the
+	URL.
+
+	Of course the VNC Server is sending this string to the Java
+	Applet, so this is only reasonable security if the VNC Viewer
+	already trusts the HTTPS retrieval of the URL + serverCert param
+	that it gets.  This should be done over HTTPS not HTTP.
 
   proxyHost
 	string, default: none
@@ -238,15 +278,8 @@ TightVNC Java viewer only:
 
 UltraVNC Java viewer only:
 
-  PASSWORD
-	string, default: none
-	VNC session password in plain text.
+  None.
 
-  ENCPASSWORD
-	string, default: none
-	VNC session password in encrypted in DES with KNOWN FIXED
-	key.  It is a hex string.  This is like the ~/.vnc/passwd format.
-  
   The following are added by x11vnc and/or ssvnc project
   
   ftpDropDown
diff --git a/classes/ssl/SignedUltraViewerSSL.jar b/classes/ssl/SignedUltraViewerSSL.jar
index 5a562ff074af1154e01570ad0f96c8d4fffa37fe..e32079fc301aaf58b71936f654acdf09dc0e1dd1 100644
GIT binary patch
delta 42397
zcmZs?V|XQD*QgoWwrzFCwr$%scha$TY;<hfPIhc|Y}=i5dis6OnYqq<GgW^I&%e5!
zd#!t|RbA6CKQ3XARpcR|u)yH{ofhdHNyxMS`II6VtngQC)xU)}&6)7U@*?@f?1&^3
zYGh<&<0$N+P_pAkg<rob^No<cfwzW5eRA9io^IKXY34(0eer;Wx$FE1pxljK!^IEj
zfIcN%JX}Nlofq)2bX~>Gsf;#)y7hxFXj5zA!?>Qcp0)c8CaCXP6k>t5o&!5DsGrsn
z5O;qWTOECbN<Al3|MuRt4sM3OQg&h7eUZqlFdUabh*<>t_Z2|4()?HQQ&d@ORylGa
zF!P=7U8fwa+<H{#ntLz}q>g5Xq1M)<#Wii~uM0IhzaJum4`0Sb$svs<nIkZ5wXWi^
zZTfkcm?iRS(l0yL+f&T4c$lQ4J(36s05;QOswsdWxMf1yeUWkZ#sj6|T9e-P?8<$_
z0jtRfxy;~eFyw%t`C2u&?Xe^Bq%vMDC8+l#n1SF=3sk}Q0SR-4iwJ;(6nz^E1f#F$
zij*SgJ_&k?`5GC&@PfkZelY`K)6wG3N)OvNdO8<rS<C9eITsP~is3r~4}S>(jGJoJ
zc%oHCERvF*I&Yi&0X{yXW|btSbK<5<N%4Ds?iJa!?KdfKFKb&i=I#8pRGE&GRygB8
zda~>=Ow7ZaB1?Z1UqTaW30E#!zn?e->kk>KMi3;$(bd^^u+fWLin`DGu(Tsc@UQEU
zP&x&>;i`;@1i6bItoLed2U(#5=4fp@psvK4FRBNPND4z9b>N^w`Mz!1A}WEBUei*#
z3l-i3Dn0fkQM~EI8+JC$*NCblfYm}{DRI3~f;odP1H>4~21`@a+XBzu$l@ELU(e6g
zE4=j1O!_IV#_c0Ev2nJ9deq(<T`T;>c@LQ&m`<N9%TjyYu(zbw&MvwDpu8kb=#MAP
z)(dP`r2^X}LCyFyZRLo@X2}u}mqc_+Vzq*L>+pOM^&;=>q(<d#f~yh@_#s32=0KLZ
zXx6dIUpQKiyo(($4DqTfcqmYK2EW}7h3lqfj?exIL%p1y?|&*{xdeAupR*FLCa$<=
zr(+nlOe!svvQLQ<e>p7!qCTZKiYA$%jmY6r{oycWi96dKs1d;a{-Wvk9*VQNFgvyG
zbUTXOp<qsy>k(rkv6IgKtbh3!8**Jr=XxnvMu*Kh{RR!|_DiZjcqrPEE!rnaYC=}J
zG05tB#z5Ot3?;hg97crhg!U5jd368&%?L};H<+r3odT|f<AL*Bz<IBTl3DuZmSH$_
zGNYz$mP2y0eI*BnV%eH{U{+yR`;kIpUUFUMPUm~nRi_j08<Ap;y1iQ$MY7?RWQ3fI
zdtwx3_oxsv6cUuJpzy0z3_)9I5Z0%B|MI}BUTsy>LFQ-KkBL(S@wmFJj;v-e#`Wuz
zI}sD1l$qMqlBczJ0o|V_akG!vjJVFwO@k|Q-(5Ppa9bZot8}59`^#5_RpepeTwi4s
z@u9%LaNxnf{$Kn^QHG)d$R||kV1=KiEdyNULvJz}z`+ZXN$%9p2Vo2LkWeBc$@X}I
z2kM=jcRj>B8>~czGJ4na{GB<Y-Ri5*KY2vMQYijrC;lAy$O$XZ9^4bZ3JNR`o|yP)
zm8bj!RRH1L@q=4H)&1^$?IWiXXB?F`nygO9gH?Ixba*YSo;1-B0Mu&Y-M&HDwPG(6
zI%^KpD+ToT_x9uOAO|S|(Xi-b9&DoXZ-0_KvVBQ?X20RcVw?QLTn4XjvjLkKPTp^z
z8-<)-{Pj2XEtDiYmE@Q!SD;@7-XwepNH2b4<9zMN5+_=rD$~!5KcB>C+ujl;*WA(R
zn)MCcSkxaZX{}foU@TZ6pDKI{EzWfbLx<|mpcdEl9D%LVP^$zVAo5fcL7#I~tZS$(
z-)f}q>aVB&2w{BZ>W*hp!W805EvhjQoq@g3K|{7l>`SArw7_o2{4GO5zVq9vAh(0G
z#3-crQ*1aO_?^(Oae7hq*=u2QNc3?nsEYCKObRknMf-jSFlG9El5Cg*SU)=>WG_Su
zr?^{xESHnCt{T}Z$f)|*fG3HTotwugacn5A%4}?Ssc2ElRyAaLA%QBMo*n~Mq$-yj
zl9LJYMA}G^<BX*?Om6k=&l@h(_Sb0HMoqS1RA7Deue&M^p1-8t6oOh-jq7oP#ai0R
zhL$n4#Qt3k*u!>%&o138i$05bg@w+{R*Lr}-FXJL)z+GOAFZdAeY|iSW`mldjB-?U
zN8#iU$OfiW6r&S`*Ho36&E{;md&qY$<#%kTeJj49$|9WgJQF^y98+|&_dgYy=Q6&@
z<7i93VZI%zl+eg9B`znDG1~F*Nkzvbh*fWPJ>X{moVfsKyf#XEWL6~cXDLS1)W%r#
zlI$skfAVN*;~tMe=W+1EYR6(HPV{ov2zY46@49`jC5pywr@j+PJhdZsFLUna@(WPZ
zjTCX?h%JaAX2clV_^FrAWMu9oyya<Ts44m72efN}D+8V4J@1eg`SR=N37K~@N~-=P
z-Tm_jxRt(JN=9?K+u}&CFxGH`ZQ`p$SYvIT#G7pmxBFbG+PGnUalOwG>KUh1c!^Yk
ziN(IMFgr_!zpqDp`k?8#bMQN?3z^dl7PNHgc-aKANka))#oBFtR1c%}&DdFY`uA0g
zbH?;b2<8Nw55an#?1l0R6imVU%DI%wtLqE_9vM54r)fF>_22!?95E{2vj-@;@)l24
zY<Na82z_72v3~2s?Lt3Drk4W`IDu2if>9*YgLHOM6%9D3=3PAnK4`y*t#{%j4wd2i
zSJbm1kgITAo>qae$qJaAP98b*?u@QZ0klGsTW7i?7p%v`tk!-;q-ZBphy}jpHBbyj
zHp4vGmUZXAG)@%N?*&w>j~3VAS~&TXBoE69n_&(r0sWb!#y)g!gY<5G@pS|SIK<oU
z3cSwS#AT1a6aU;?lKuxVC4*z0{QnRm|NlWu9ULvz#8~CZ$-+xsMpB-wDCQ$`D9wp|
z^Eq4^1b~3c3GxIr6zLZ&r_GJnL}UXNXmX&)xnPQFDE0T{ST1$eFXfgwfEQfA#O}(o
z2|OFN$KT_l?DO=6T<ZQ7zYWe+X<?{g0K`A8!NOIVPT;*jfPq~@{twOxfc+l_JQx(1
zqNIi>v#gR-$_FAjq<OkWGbz$f7|4GaRmva+6+qts%M$DB>t;50V|(MKg$*tb2d845
zWgfy%x^P=;(?+c3Z5}6dWW0%ZGyK|VTS-w>E$TcLm8M9Q3=J-$q;G=ymz3Ro5IAYT
z;7BGOX|LJ{Kf~p_H?AH6>)-d;Kf8~4fR}^#c3SXdQ%ciLQiyLssfAiaQ4)*+0X3;M
zX@HiMiDILwYIu9DnrF&j7-Us^ub-sH4e+m+BxrXpqaSN<sSfsxd#xDl2xm%sN#|aC
zTMiuClnpgyf!3c{K7kDRH<he-g!Z>wuJPYzG2mKhmu61}`-qj=IQu9^aavUpMQ7Sp
z^)`Tb4wIC<n^_wQ%oPxiH>;XEK>HSK5r8^Jo<|O}z_(U?sFpH`Dw{iR3z%m3)4~!5
zqn(9?og~>Sx2@S}N~Js|29xQ!T65yn%LbK7b9e&kszr8KcTXlUonP4=BlAovqY(0C
zkKCndO3DH&$=CQ-?u$2};_&6WidKsdjb60dhc6MF%HjHlkU(N&+>?1?rLqs$ZNQyK
zpF0mPnv(UFi@+9lrd!G%dTAPoON%*Vh}O~H`x4FqgvuRC>CM(_m%wgUB{p_tD`sps
zEC?#{jm@CzVty|^_>A(E!;ac+L+fDM>WKvPB=_y)j9N9AEd|1MhY730ZbZ@PbYE_*
zHnQn%%~^Rpi2huB%KjcCd1RrjP{4an3Zjla3MwU;2Z@>e5p!zXFel8d?RR*MyGl9k
z-dWjc33glbj5JxSXa%5n7I6R#sevXO&gGsY{YPI@h4w~WnOV9(WqYTcnC|WKdJITQ
z`rc|pLkep_C1R^VvCJ$_WCLl5jz_J#d&4@p3G|Xvg0hrYxsV^|HLx5v4`|@9_>GjN
znRgsv%HJ_yUqxBPgShe}-ECzP^24esjkZ8Ol!Q3kY@}-)&`rs6y|+m;C)i^$R`dO_
zLiDt70Sd_vmPXM`$S_#)){MM268lL=?;O&h6!o4eFbpd&?(_^(K>6nZ^=~BUbBeJu
zjJ~}$)^m4~!y$bMP2A|kM}S0p=vcuF$*1M)Uc2gaqMDVBLbWr|*T%x`Q86yAE#J)Z
zlulio!gt+e0Nj`_R9pI`Ih+w5I`1Xj5A>-`;%{akw>75L47J8dc*kZ?Iu`K2ZsZB*
zBe|^Q48hSmt<_L5S=q`K>isLA%<f7s`kh8rb!@uvj?>&<nLM*!98lRatQ)4#I`|?l
zi|i#LS39^``t)sGbP0fWY_-Ssqbvw78()BfbMxtu1M0{wH5=Rr*$B(fl-c6qqM;Ba
zYcQ~_k)dD5>ikPd-Lx-MQjklYTj!PId93O@+UnggxGyxa4@C4EeC3If;tBKO%(|wK
zF=`PDa8UmsJjS{%0a&|(`V&)r&fO!^e+c#`#Qcd?>YTMl6z~XR0HXd4n{jR&ApdtC
zVSB)H622aWT^q9~yG%lYai4pfG@W8iQ?f2?950Tu9kZ7H^Q782JZMJ3UpJrYyAs`L
zfgeG9dYNkKy_a^Jh>l^p_s5iC`u$twRw{aeqCZ17!v<zG7a%_^e`RJVzp9Smg-aX%
za$UUzpRvoS=yx5*RnGh@`H?MA+8mvR>f!_tK`I60z9ta<LJn*%TK$?uCucH0yx&@W
zLe(AXM(~4{s2`H9H>D>Qi9<PH=L<9RfP(bEVx4CP_HqAR(0}=FcF4M8J#qLC-6gR9
zo0|WT%m3<S$}e0-z=pfNHvV5?UtaCW88cs5nT*_yXv(RWmG9&&jf5br@3c*a6rf5q
zIs<vos%MG+vVVO|S87v6Afr6_l|BMAf~B2r#Pm~$bUvQd8?4V>2p|}rB=~mAeyxd_
zb0Kc_fq(Zk&sq3&?(h2{KUl=Q7Ls`f`Y7-8`F<Hm{{A>2paWYRHvjld1PMl{;{FsV
zAnI_KJ+q?_c50v}9}y-7rX&O!G8RS-#sN|u#)*)QumaBoi4IZ|a?ZVjohYOn_Ght`
z32#J@K=tU_^93{{qu(P1NZJf<85iGYVnF)&vneE@c8(O)N-#hS_2=?%`P1DwolvMY
zQo#3!x&23WKmfS$@^Hq}Mn-5_NWDuy+Mzv>v9*nU5{bCB*Mwf%qSm&u@^XMNFC`MX
zG`k0mV|5KqyNUrESy2=Ve|WA(M(Gq9>fBU%bLQ-O-L(xwafv{GmBCNbpW15AaUOpV
zFCjLVlZEW~+W^3Q2{YOcB?}i|p<r=LvMFHI>&T-Pz`?q$Yu~3J^YotWq3z_Om(><V
zv+ax>pwG*>XsF^OiGvTM`d*tjwRpdD2tFa%i!uUot2)6sqSlX%J9XR0W!Osps>x0s
z&R!Y$Hl3L{qKTQ|vN3{fKy$d0<~PyGFtQ=-7X`1qBAfTL(n(*){5r<<T3xdKUEA)B
zkcMRsKmi%$+r5w38V-G){YKL#85EoK_T9)FFNb*}KQm`GidTQNl(ELHl_^kFV-XYh
zAUUCzKJ+43cmeES))p}CRC|+qtJCZtHus6S!h~L&HflgjXYEaG$St}{rPBeXo2-0d
z_|ouTwK&kwd^xqE73f8>q0VC1MLm=Ha^h?PwlXI-=B+ZvSqxM?V?uH$5;c%D+7O#$
zFqn;NRPaU=dHeSzYIXEF4;VV75{0cNTO~Ki*-yXOucS@2Rrwxcn_?q0UBH@^+|l99
z@S!3mX@65~)Dk=OS)@fT?(?#!WvE)L)j`2ma679j%|1nxBSz2lUwov~RHFdns{gJ7
z@NYbaP^EPg@LwQ@K9R*w!biQ?9i=OM_iy`E5?J_$lf84hv#5Yb8U~&*pj%8;>znbi
zd}_5`O9Ne3T}w<Vd&nf!k%mqmJ@Z7N_*^@LrA0FnvHLEyBQ7&PoFa|3TB{p-i@)^`
z-m1Pq5(`Y(=93k-3cIs(_T<H9r}Vi=0Pd&jqQdFBw?Y7}ceXv51CK_F?|Bv;C@lJR
z|3jl@iGjMwV>guwHtapaHl{Qhi3ZP)8=AhIZo5XZ?@sX(OxWTqv+P8j<DT*}vr92T
zta?)%7Q0glP$d6e{+1Q}^AMNj#w_B{6SIG$9`6M!O<c6BEDi6-XLzLko&n?xQ24~D
z&+@_S=e+lyR%wLs*yK|*OUwrOC5BG!+W5hKm;d<viNTw=UzkozZ|~pd(bCk*tXF)a
zA*k5PbjC;7&b1{gnvC+?rNP)otg^1>QT?JBWi!El9(ACC7?P5b@_SKGLk2gtjnwPl
zMWR49LzBsgy9|&4(<6$mgF|f#FvY?ru`z>dq@QZUS)<=PL#Wy{Bt@M`Q%$RK`|-7d
zK;>DzjEw)HhDom7(UjS2yv!`XzW#ZnSyDXp^NhbT4k9KrS_^8Bvh>kPzQuhx&@!A0
zrRD+|-!Uzp+%a%bR}ULwdmF-PPqUX%J(_6e&vVfxPAMsb1@SZcgF<Qn;7)XtWQFac
z<(ayhj{GdeJT5=~@vLNyqDu74*eb9rl0Nf%5b=a@aQcZ+#+~p_J-Pe`y<R*82ASZ*
zw+4$328xM7%@%6)Y8wFKUUpeyLSOAb_rh#9+Ogm|$bVtx<LrsgN=(*~xI~^GZDLnk
zT4<*eCSP$UG>O#CSlj~}(D;^L>Cg6Pzn)`fVjLihj7+rt!?ShZfVtrYM~Bf@kc(<p
zs@v!_;<9bqM&C5>Ro1%!+N%QkB_C&fA7>r%)%P}(xgqi<<#qqByf@WPzIpFGfp8^-
zpHx4IOI2P@4-;zk*BO8*qzSZycyNQ5;F)A>=)umEUZ|l|sb1oK09@rfhrOd26W$tM
zLYc^J>2K<g3DDgzBx~v&0xJXOF3&r{dkUX{$O4U7KyNmY^EWcHPg9~Jh{$(Uq{kqI
zJ83phf@w4<Xet2A`3}=3lJ-tpC<<^#^)(Z@E|hQf=aY(mIC4WX-)in&I%|s5y#5Zf
zK^zp*JE7bxe9w6WVEu%D;r^of;1{0ynvh=af1~?g6~^6|0#QW1y^n*DCgh%ACZXp?
zD?G#|;Rn$_Aoa%;`w-k3v({x)bWn7WO@tM~<Wo`F@KqbS;NDy0)U^$aC9Sz;DoM5S
z-<Sb(BKM=)zABklQOV?1jVUji&yLkC{&*4{a>_iGyJnv<vJE+t4WCBwNiU;Mf1&<I
zGfeu6c_97;OCjX{Q#1Z!5l1A#aR0Rk8d`F|t}~V<*4NEfrn@(v7;)yoY78{gt8{y8
z1@<Nj1LL0Exg3ll4iek;4zv2&MialjsQBk7<QQzeEFAn;*jo0yW7v3cbl-=a*}-mM
zes}k`GN&-vo6ggK*ZkYukGyGCzzzV;1fyI*ARdXFk)1p#B{Owgo=Cw2i&chb@go-S
ztH<KNQXwm94|~WIb2D+_L^Im9*IU_&%8DA{mmtM`_KtCePpC_(3KpAPUlnT`lvi$^
z{)<*`z&2v~gVXv`XeoY(j^;P<koz57dCg5l;hy9*o4)a}`gcuMjew<P9aiN5k`c@4
z-yx(V=<6ANScbm?SqvSR7(%Yyg9=Uno21MYC$`Rovr(-jLyvr;sCLL9kd=RN<WZ}f
zyW+i?tAHQbBVOCQ?W%uN!pjM1S4#SvOj&oZ@OH8p(CBBI>HBHPCVNhNu$klb@xgWQ
zKqQFW_e}el;fFkhzB?Fr8<XxWhSim2;TStsKYoOJ4=5x>y8;yuX$K{beEv2ARK~g?
zRO^kbHSE<d`d*B;({R%@(;_hyZ9BdG_LnGNeE+`N%=t})%sMey!O@42kwFJ5(}$_j
z|JFk2Aym?{)4-e=hAMrLIz*zncmBfrTQWl$%!_4(ykq^&uSJvFcg}N8fne1y(_lJQ
z5`-tv<JpY>Q5(9Ee<LcyT%$KS;GTseXCrugoD{uM;<`dVdV{?kqy5lnv;nzY?0e^B
zB0hg33TKKTNQK57Rh(Fd2r%~!@v#9M0y`rz^MLs{hqO2sKv{&IP6U<1-UZZGbqxGL
zW`6)d)`28WVDdBDF_#)`_E~O(2ihiK+BjK2D4uK%!V_hX{=cTFXKY{r{ACA9pWmI1
zuJV)&B2%05@@a{?!pWs~ez@X>peRTyHTFxJmx=%KCUQG!&p|&&1n!UYi<6&@5Eq9g
zolEpbS}3gTj?!e!=P%t-rEg!|ROYZHN4MIevzHY{dVeukU0aYQ)NVw#0+w~H0!0vT
zR@f9gd9cWo8F>^kR0?Q}l~fSR=|*(z4vA`u<Vel4Sc*lp8{~fOF$Bigdtk4fb8Z#P
zxu*0DpgvIt71iHyKK_wgyC)2c-#sU+%e<K7`@{X8&9=w=E+zEO=jEXP&&~E9Q_p6g
z2iU6<YT^Z@hY3!2g(PCkueQ+}5kSzem&S-yQwM7ejYhPU>3OCICWc#ZZ#xuJw*Q9x
zJjwV94$_iN#?QKked8v2PC1OrxaV7Wy)sK#T%JA(obwl)^XL6|-e&EGNF0zx7<2g^
z>@GTTM=>l9o~ykFViK1EAI_bh<79%m12jQE*RvU@%tva62PKgc4kZ6TvkLEFQes4^
zMxfwf95P1SE86P>TYY(_&Omh2O=SGh!y+RTRqZ1_nA1_V$K1oLbQ{&pWy;Kkh3^5w
zQV9B$%$B*m+}2vsc1UG?2{g}I!m!w$pIjXa9OKoN95Zs_^AaCY*=!qg=0SvE1zZj}
zJlbVVo6Z@mPRCo!HX^H!Omarp@|;q=nVDx$zj3B3@xU}iOk`Z9LA0;6h-GmNUV1ul
zv#fL|zK)D_l@iRy08O*1w~X4a5Z0)3qgv7L9mTQ)Zo8&qA6q(<Cv-i#$8nKdrFk-@
zPHGNtyjN?e^U(?!l+4v2Gz3Ch0AXML=Qs|vV&n_HOZ#4_5XD(dqPoTSPW*?lJ?PIa
z(NLFR*CK0S+2czx9yBv{&_?Nry3FpiW3TS~)L+8y#pUYi=gSuCX);taX8@YK)g`}4
zXrrQJlH8~UJceW$&!GnzMZ$)r3Ns>1hVP=?Xtw-1ZL`-ks|^>x7!C$5z`Es>mmGtF
z4%avmu8XWZGxjeA8cl=9+9H^k3iD)B{ZSMrHZF~=5v<{EhMnQAnAiJ|7*zJsgLE73
z@oLRfzV?3a!j}PUgq)r;8J<<oHr?VA7j>}c5t1zo_QyhCtqX`JP_rVkyTjPUo8zQO
zRB;W}i2ZjW^vB$AFRRWW0Jz2tFU=1ju$^pWNBEI1)Fn2gfJ=5=5vN(HSJvIXoeI@n
zg>CB=sF_pmzIoy|+c6>OYo4dvJ~WfPFX))FW{{Ai!wuUG*_zzyzKi6B%#f%xaH@rU
z4}r|sDQ81GG~J3&D)ex-CcW{!<B%RMP?EFqVc2j{#zd1m&6YP5fOR0a9!d)COnW9L
z#bUMs?=dmYTlDly6dJ}8=tqu2cp!Z{d;A1vpp=kPk?{4jHSrO5xhYP&r_uvWPja&n
ze#?nLEg;`w%rmt+#0r3v{K{{cGqn@G<A3U^bh;h<iTc_`W_{>y^6m;i3^9ayEjSvE
zlu^l$+08&Db}j?}a3QI}9`*-uhPru({{Hw<L_#kQmgx)Mr;!T73bH7QmagvrQA)sO
z^IXU#L>JHiJJm2j(2qdc>?ptTl#zg+JJpBKRZtJ88p8>ANr0h>PtN2A*32ZpXznK=
z%Vhsy_9txHk?=y|-y!CA=K!YNQQ8M#p6FBhooe5->=khpffrsWP>xSeG;Ne1J=nG=
z)y-f)jNVxx&&tgan<wHlZ1_96X>SxqggTSVs%_JY$%*lQphExg-opG(dDZ@J<^8{n
zw;7q03;I71yjg<l_<vn6@iC(RH>TGq5;S|rb3^?1b)Dil`2X{?MLGSyPgDN0#9Hm=
z|5^gCNyzu#wX_K?DF0oXoks<D2ViQV{dLOeQyg~VY9ULdB$LaApeKttPA(1?%Z8aU
zMGJ9!{KcZ^HEadR97D!USMKwp{RbTbnc|=Ixyaok*uQkbvsW-`ayG(QS=`PyS==AD
z0Dv%50~{)ZPRR9&%@_&{{~w=NSB~J(_0j`JVXtZ*P=X-1hIxHVAh-=+UbjSEvYoUN
zj7F^L44y2?=;XDM?Q@+}g!tv5^JisCi~`tFV_wL4<S5S+AFReYc-Whi_$+Fq>rO(b
zWWe|+5)2*^2ha50HrUQEy6}#5K<XenHmS>&KR!|Y7<?|$9+ncU3ygIZ9|&cx`5}@)
zNX=DrR1*5o?~x-TrBV@~HLHpicfE#svC!i5BE?U<$>y(}DuI!%NP(@@|ARnTN%%-&
z?U)$EA*)b=B<T1o<k>lBxnP;bMeMI4>Ui#yL*$}|oTYT%%G_+*g~N!v<f6rxi4pWY
zxh;YiA>gt$RfCP)Dw89B&O_EeXD5wD={cmQ1-AXPq_%)#y2uVt@6pp@H;jCYVGhnp
zuVzD8?ALCtV<q-WFg-7c9=dtB)aO`qlDumb+t$<%njhXn&$nB@jetnJp_y~l*7H@~
zI%kCix3MZBKFU@ne1%{&n4|c2`@=p43uC51OqFGUzSYL}<BlF%-;^Kl$_DMf{352;
z#!3~!G1|Vd;awC1MzWi+1o%6|8WSpco9pd#BA<(qN1s@-w9phwO7l|+ah8(2Y!W%(
zo_UqNYqvON3TnyB30|9HmcBaNzMYsO6V7w+K{?adXz{h#_(0l!GZ>~_UTzfB$+$gF
zYKu_5&w?n;ip5yF<2_Z^=CInJw*`41q(Hnw7%z5=&{qfnkk?#8t*m;FxT551O>VRe
z?&|O3Bb@K^B5u*u??WR<?=f2ioL_QQ$<>Dyx6DKoE9k>lq|*I(i+(1lxatqHzG;pU
zBlnZn9e5)H_F^KsJIeQkB7f7GJqc}9InpWpElF+#*8OS9DYLiQz>mS_mCh#W*lq0b
zQ~9;u)>Nzq&^{5ods_h#sCdh1UAY;{t_L!G^JDn7y0LW{_hb&gRx{tMYr6=kqcVHT
z$yA^4S>(p`n~U&?DEh&#tRN^=K4Gmc$Ip2|n;N>(#1dbcy7pO%#y;yNhY?f~*6hc9
zU3#ypuSV6T;7JfkU7r-OFhxf>le^E%sDEM*UAgZDfN(-~4_qxQ|NY(}TV+~yBqBZM
z{%dh;<FwmN@|=FZ?LqLFu&h~J`Sf^638oSipCMMii%)r>p$LA_O-B0ye=+atvsGf%
zrrsBcK~?HhNQuQf0%PKVUXismTcbzuyO+M7xWQJsk#k_6l-#0rbyi>gGB4ck%*7v&
ze{1Q@0DjLbWza`vztC8mJa4Pdq#46oHlrpBA%un&#@SM%IKmKM(vk|C;WU$^gy!B5
zf9SNc36a46HmrIesZ<^&nhup)w&Fk&1w+f($E;RmUN!l#9;Vj_y(GbZ62)^8jlvZJ
zg%e#{(g@AY3TDXyJpwL3AnM71hd0)tV*#bt1X$pXyBE)7`w=~{N5!|?f+?Jt%Vm$3
z5~(5|*=6A}$ySE4A3hHG8=H;!EEZGu9?o5gO^`RvPY9chk|zahAuS9cb5yJq5iwIS
zlPFBaO$prn9V@_96#UVv>qwqSYhY@}R*0XT>?$9@#^fmJsB@thXRBDD$IqdRRcJ&B
z3Lt@@KI$}$?T?1-->7yq46_g(UqtAdB&PQ?fF8)hf@Fa9;cEDF*d}vWH@;WcaF;Ni
zJnA(Pi)=4S{RfhB!W{dw)y47;a@1Z?_jE-KE7`BUy_*!aGMD~vanqwpYFJfD7!_8S
z^ESxnqKPGo#PXs}izcg=V@-=TyRp2K7{HK2(<T<_;K9+5DU<Ds;v;s0#|raXP9PUD
z=S^ZMT6V+J1P@c8GxG@g!-vqjU`zpz)S*kRoGS#mD+0PJf#LyDdQ7tp&8%rBkMdy)
zwlj{o+`NGn8p<w+F&>(UaZgjM-WAoUh~>c3ig&I;|84Cye&UV7w=ay(HLJ&PlrF$E
z-iiOb4Px^P_CJv*Za}yK90m+56yblSx5vc{fOl_9Pqe=d`h7Vph%NNtZjtg!Sb8Y6
zB1wzsS_sUwEy0rL?K2rPiB}ObFmyXHukkSk3`IZ4+PO4&mrnyf_fSdZPX8XbTX8!g
zAp5d%KIYv9oaS#Be|<dg1<O6z>j3M-mQ6TAKkx+xOb|n11J@_t$YCNPoSrJ+KFBm3
z0FQ;*!*~)J65p^)`D3qC&>zX`3Zcpn<cFcCGW%0PW<Vtfpvcq+`Y1McT=j0vs|7R>
zT*iw>Q`W=CKp(15(wRMw!StRhj53=~@}N3H{;J9-LRG_Dq&1$fe$?q*PXz8=QAEZa
zhkAVjYQ2>Rx{>;QR}8ntl{Q-!H+70E0N==wni%>k{d$b0n87NuSCbe>{LSCKiQ+o_
z+CrHyc~Oha>TXts#yb)_uBj9~mT|n<i;nK41;0D5>UZj)4h=o#eg%57pL2)7anqYx
zHgLOLW$^9FvV7~1OVW}_z@tA3PM^k%=?r~Zm*iXVECTf4-Z);ibkig^1D#C+U`TDS
zBfWxtt@L1f@rJ9*e1v{0E7|KOu4z!B<ciVxa%nDHCl1qGT8XPv0%q&9m#uU2RY!@&
zG@MmvV)yuC6`yuVlI>dGs%hyJ$p)5X&KD4vj#6zM>A_d4r8}YQ*<#iU#I9IrOco^$
z^@BmK&;%p4f1m%MhwXgfgXqi%pqt=Z>nN9|S*Hr`vKUN;Mi@i!UA7=}ZQ?86ZhLux
zUY*LTtYA(72X2()1e-=cI;k@APX`edpgA+(HSaDgg!xxwb1zo|yF><GUNX6oIp%Hn
z7Ezv5YeE#8`1kadBakF#f-#dqlo$tpc#-O_!Z4%mtm-cdxhk9FkM*Gg){v;ik1Yxu
z9jUwB65V*3?B7ljfh#tvjS+*UMEE2zYnjUpj`p54V#UB>A8k=vt>CRhuUOG9e!iXI
zkL9CF8w?6Q;69{X56r|pdPda*vf8{2mFxpg#*KJD$)S1fyeq~fw!*)8j0^S6Hd%cT
zEl;V4?ilrzhN~W^oTnIYPy=)i5UM|fKsoD(lIIf=F9%N5)UMBzaQjwssB5OS&ad_w
zzRV9OO>KlTFO*O!zI5|^lw?tyTjtL-3c%814xZ#98)uu(c2t5;?fu&)?7nk$Gp*@-
z=k7Mg^H?}5@gVT0&=MbM$l4f~Hlrl!+t}A_$Ey*AUyB!8Ji!Ji4yKx-3K&(J67=Fv
z1aK6Z_@ex6swb%N8RFRPoEfF^#*{*J>|tL{(ooTl;4kvG?V*91imdPK;7U<-MpirR
z!oUpegxYGMqFi-K=E8utO^$qYqYi+Yx~#}1<SQ&rzz~<`-JOxDe5J9|Y+Ztk%$KE9
zLZ#XD(@*-o17HD!76A#blx0!Awa{S(#4Jc)FJd|mZufBY&eq(wF(@-Y6Glf+2O`>^
zb=T}U#g)x*T?^hhTf(eax&*>-Td*nC#@eEHW?F5J+H?3gO4W^yLO(f=@-;0=ExR6>
zVogQB6ojP)9kGvFs|=W6L83oY|GDdIVAB{BQx}eua-#*Xd+Caf*LPb4*$7P-QO%@P
zjH$(ligpu%ctmo=LU^LYT;a?|O;e*N=`f|)6>|q1TrrLhxEMz9HDa4}7-kEVazPBP
z;4^i7{*612+VtTfLgzhR(B@sA=CEgn*j+!0>SBI?W4#Uops5YN?(G(Q*n=0fy0Ygr
zxdOp3KU4wVKiTL#@Ka*MY!zs3Qd#~kgDYHuJPwp-PmqR6=;yx$XW334qyS!exK140
zCOV;}7CUD6w`Z#s;rz<ow34L81xr;2$0^VM1SC}T$bkD)+KRE4T7hN1L12z*PGhe%
z$QVf1z9IZ;4Xu;)4dUE0dqv$g$Oj|@9>8AV3LgM6-{5IS=gx5Z531hcTRaOm)fep;
z=mQDa{~%P+{eZSu&KMK>O93H)iy>!zA5KmRB_F%Xj!D?SUTn^IK2F*5hH+CNb2!UY
z1;0Hym?uJZL~R298ixBv%?XLS!*XMfCdDpFn65)umElWF<TD=O9u@kHRn~zbT43w-
zUvG{O77n8gvGVC(=_BQT#)oF)sz#*$>cwDNo#21<BJG7V!>||}HYM|k6|k<n2T!sG
z2!?{VA3)ucCa+UBu^WX123+%;=KIfj27P|M5R0JZp(z^J>|?R8?5Ra*)<Aa<nFtPO
zMwI2yZJu*7p)Pr3;vA@SsW#HyvbQXnU(+noi#B}7F}?<qU(D`*|H;M$GurorB{wB~
z9NWl6DKvXdHCeKWF4pJa1^}%6QX`mhY3_b^@EJ((F)O8ucLPNyj!`S$KHZ|&6z4Mz
z=4qovM`J~X8pvKtm9>lvHEjQ>zoMr(<&#&lPMu{aRUgyHrd)iBWLJn?gnL)fOt!vy
z7LX^5joQ=^i5<B`iri#hbFJLw62=K%RqI&CcC~urd2#atuWM}#0bDMp;SbF^!mzb?
z(}R%QoN7zbYjUFk1%${rB0K?43=50Yt0!r_a(5(a0x1!NJI@j6R_hap<zD(-3qsqr
z)?ZCuD_A2>_FS^+BAgE_w#fU^p(hl-p86!Zk(bZFhiX|(^xK7sU(k1^Y-5B-edJy7
z8T;?;TYfJQe6U6Ot0~?itz;i)*{%wj<=-HWHUmt#D|~tx{=&Cbd|}692I#>1OE2y&
z-Q=>yJa(uBnp)Ho^#6B=1*|QkZXX;B4C8+ev81HE&;m4f|5d!OzMPt<r!bhxRBY@w
zOBEf(g306@3kw__m=QDxE3j%hn7Ajz*5|hs%X@eZ*KtV$ylM_TuHu&NML~SfEyS)R
z3>R<yQpA6R1MUkCJG-G|;D8P%U%zL0cX?m8+@1Tn0oLduj4bqU#l;w~u2jJwOCrrZ
zP@|kj5kP*-6@Qz<&q4rwAO)dnp8PNjPdSE#{E(hKU(JO;d5WhvQL{eI8tSbkPH1qE
z)m$Xb+ERe_&=>#Ig31zU5--`+Xbce?36_muAQlN*X{=$`5oz-yd7{rk>F2?$N!?Fx
zb`2V9McQFvaoX0yf0Zmjq(Yf!qbGsT)Nw@@QGjV?0GY7hY^|uHfP9qOMa--<5vBDn
zi|mtGc*B}^iF(J=PRYG}8IKlcweFfx$GTJI;jH+}Ew_VVVn+}L7rR<S9WO<0V*dVb
z4GMdgCH$6$?~QC8QePRZ<tZ!E9s=h&5m{ctFL)_iT?*j1cxe_a&gY*k<OitO*R7fj
zPyqDNQ8JP-Q-r>_e|0o%?l~3CMD^Zz$8Q`Sb*v0FMhGTMQ5l8oR}`IuKeF4Ks`eT*
zXPR0zv?7QJEyGqZ7-s7vS=CrV5P$K@W4dtslyi;UPpn?cKDPQbQ4zmgMJbR}JmM!1
z<$6|B48^YJS^^;hn-nrQFY<A&0iD3-xDHs#F1FT~QH{SLqhTLaF_vP{`oXGi#N<UV
z!bRu4BDScO2$eL9B%ZU_(wczLd@{zS&dVw$=LFAWg>-*Y8%XFof)ZstWg5}z=7FlD
zXu&m%6)ARfiN-gVd0BT>BNZQ8l|$*&?b;E%u)Qja+guShe2ruR_mWN1j-fl##tSeU
z$!<m9<rkXpoE#DYH;m5Nir(~E?bUE1ez7l0#~D3Lh_ctfr3ds@#r7<A(HTUHHEFlM
zEo$3va&DDW*|VHlKpts++qjN?`ij)>aw8G5MBk`bYi)X-p)4MFEA2^dmG`=}tYhR8
zyN!}k&QnyjClsvPU({|67|Wh=bp-Uq%b~C8$Z=LIiXD5Yej5Zmp0jUHaTA8f{pB^~
z`w(9iJ3uaGhq#wrF0%Q7%AQSJupnK$*aEhSl@of4BQe9JZY)Z9C!}Y<$N*ti8>P<5
z<h?|9B=n*hJ&Js>c{g4KEBt4C*zk=ttOVNOqetSeRZ`^3k5X3I_3vuEYaRf?zRe09
zsn#iUG$O|JA`f%uG-v|GGmWn5Z<PnNh+1ptxOavchB_i_8iEP1X0ea!BvpmFqS335
zJ}P)}f?t%2ie)u27bP!vt-fJ(gD<aeEdwo~SC>?C517k!xGV6qbsMwsL%+ZEmol_3
zG{hBThI`Ev4u*R5hwI}0QWpa}&7Xi@G2@EZ7)P&u%}~Nua&<B^^3k`w-Tdi)HPV-L
zGT#?LAcEZrki)Dtt-)SlTvz@Bt8zzf=NgOfY|b#o%TVJ>G+KT(NSr%pjW<MLG>Yqk
zEbl}7dWX_C;u#>hSbq<jevjH`iqU7e@|M4H2wQd_y&C>=oh`_UAjnig`<~GsQvOQu
zb8Khq_Db+`BK>ZyOYL!ARkhCtiLyulp8w1U?Gy1oYBQk(Gx76Zk*)v#GZOeOPysku
z%pFYK-P5!T|Fy~Rf_AnG`T4gO`JNCFJP;(?wijzn(Dn3~u}gkIG(o?kU3&O+@i*i#
zb2f+VWa4$+57|?Wp()0-XQ!@;sA2Y!-J`zY_OKgOEL4c@axRr_U$3s)&aOQM37!hx
z@^0S#6fgjvkJTsOTOb7m5ykIAV*@~360QP3aHJ}pLNl4sh8SFPA6aqc-<omb_a#?S
znmtS)bpoYBY;0?;HUjngDkx)hc9vd+3LZv~JHu?XkKrgZHa>O=14~s$$w53G3&@2z
zf*bx@(CiD}2i)^v*0fKV$u`!Pg{c@4#z7V|Xbyh2P3Jo7di{${R9WlH6JSU|R~(K{
zZnzHQ(a+7nxhdhzvzFlZ1Ytb(8M+93pFseOB-^udp7=`cbNH}rcshPY_--or4>5GL
z^(VH4U6!-Hz7mrjM+@5Pm$9CoX({P&OFy=`e9E?;HR2A5JOFef`Fxiq$~gP%`8R^S
z&e$opHWfOKRHv|F>Zp}A0m=PFZEHs7)FCVe%6qy*77zc#74gI4F)X4PnzG~ue_}dZ
z-f(e7pIw3a?z_T}QaUUa(p;~j3~9b;S6%14{CcD6*uU!8!xf6I<s`O?Y<DLIIBjfm
z^AI%=+>_tq(8O=vV)OAkODYtuE)r!Eg7hmM(GkXw4ZJ4!BNI$LfUhuQ#FP2-#!l|J
zKJV}ovOir2VTY_uB}E3~IjgZDlXvz25s!Pkk&Dn^5K0;r2AxU%e7UFdwYj(bf`fG%
z8pbh^_JEs|465Vx=9#op*dK?iljsJ9&__-w_p<BpW_WdU6UxU&-+jVU#kE|_pe!0v
zZ-xR@uhg}xOQ}SDz&`XR!~n?!;hw*~)^VOR92wOZQKb2?;v8mxGT|!1+13-XsjJtE
z+?moZ^q^ml4}*D#lO97J(=|1<HflRfWfsqy+S)j2YnC4H#G1}t?>Q>wvvY`%u}$TA
ziO4ECPY!G8L?5V?7r0_!Q`DWR&MuypIh^KZ2U-i${@C5908Z|8&$OTTDaK+6#ydhm
z{``!jD;M~el_&O(jw95ymAXqO@@3kalGkyWELP<;Y`Y%VFn_5$A2vw$%BE<6AgZHs
zmrF5j3YmKc(gbvp)*DL|?+b7WW6@Ow)YoqU5W<HlCZm!AwYau7rN=BJr2=BcS~{QO
zfu#BV1mu$d0MR~rk+z2={$^k0{NGBZq5Wh_s^RtTT7T;N(UT;X1*8o3C}{#~%or!F
zt1B25G-PQ>YF111I#_hKrS*mqRQxUR;d`CnH`N*CE7k~owA2osG4hilCS9H?9-wWj
zlWC4!Vm2|J{O^i}F_?XS4ZbMK*}Q)vSc}cJNF1o~1r#?}GCP${Qs|LVl3V|tg|$I0
zG$b`85B|kKbiI>1kZ%X|)Qhcmox{0+oWG@6AuC%O@cXD;@Kq~iQ<X0<IU!I~C@rg;
zYc=MAxW)Z1BG+e()aPvYZ&=(zV*?$)A>J4GU-KWFSfi3^cPyiKB$Ylt58lGKw#xMc
zN}z%Y`1C$yH)RX`swngHY+&)1WkQ!FGAgqaq;Aw014S4DWgMT_ugm5t^ZKaG4J##G
zB+^;)L7KYxao4CUa9_~>!5gQ=pM%<ec-#5^#T(cE#+&B$fAY1zd5Ou?P_gtaX>x{%
za$<Ca#xjM2i>U|%1&P4{sckvO$xLC$GftTYIp(BKt<GL!=V!4AtN2jmd4tl{pRk|m
zx%Z-i-r{8NgGn=6^}D>M-m`+QTRFRbgL+{LVC{`s4)utCxon3LBK+>D7>x8h1Ar8v
zArWA(x75(?O~zyW4Ak$Eh@7XKbOwoerFuJJ(V<^^9G)A0sKNv3-z1s>s>sSr3<kq~
z$U?tjE6`_Zp}msr4_cE<quX7#n0h{8D1i>{bp)#G;rWw@aYMtp-qLN$!yV6Ryr$TY
z{iF6!HO`=|;cslbbY&2Ru`u7C0VU(qEfx{zx8v%D4(n2@E$dv=SEhz_qYs&u$CALo
zSrHfZwkk(EQ~9&^TvO+8&!pyIcWystDPOZ1ye_LLmrp;vGy8=&as~dRDg9|NJh)HR
z%O6Tooa*}>d7RU!m|h|5EN=gL0Z9vlb0_Xy9oFM-e=Pm4lbD1&%yuGC00swp)g3IZ
z{tdojhZ0)MVNR7H6VXWpCAxPe3z4uo6ctR~Vk(iG_^oKk43$ipQ^zf}Bw|yI3``DY
zg#r^(ep!mp2FpVFSwQ~xH0&fw1GgtXjv<8&+g9eHUyFt56B6>Sq$CGPS0tEG+62iY
zXF^P&>R$QY+y!zZp4$zpfN%QB)!DTK=%iYS6uH&^pf-_F$D+jxMv7E};n!<O`@sVn
z85hx+%nT*YqYgfWPfo<U;hicCGbKQa!l~m{WXDyDUp5Ue^P|bf1CGj>2=yl(HeWg5
z#8a<Kq&MW65Di2<q1?4HF&+Rfq0j=%%jn$};;eLk)SDifN-EF*w8LjBJLn3_P1V;;
zrzUx{C+YiLXO`8PbnGA=FuuW78P`Q{)c3F;X3T3nAEX<<>p7Z>X9m!BSM%~hU{_^c
zvp|h~iC3*}Kn%5_^Hgzn^gka`9uAD8^rSa3co~mxnYe@)qsNo-#geWX1?llK>`woK
zSKXNB=l6>YNsgZYzY^R<Swxlhgp$03mq4eWcai%y@T1d{)o3sSxQCiNY21XJIztuh
zGwY6^A576KH}>S!#iZn*n7K@SZWeb|W_=$EUW2Eqp#y|hK{!&MihWXlpU`aIet+EZ
zpxXIc#>aX67LR96ubAWduD1POQrFHlE<6Is=A@hMfc^vk0|qj-=SA*H;j+FCZmkgo
z(>`~_&)x93-G<P1F@JuZYv&_f)#x>TAAN$ZNW0%#!h3UpvdtfMQJW~Atalw&GDVVQ
zoDREJEIMC5%G6YwJq|MS1Q`Up&)U^22~Yb6({tZ<D;w;1cQ(WAc0O;lY+6ZfR{=@1
zb6d+-DA$32*M!C2X2L1A*v-aADtSkp8K^@%H3f<-4^KEfSfZHQ5pu(4McrqG=ub;@
z5jIH0Si?y1hlpJXthNZoOI&@WJVt5|^|mm8d8V%-UbiKIZ}Sk)Hc3)v;EMAYf`yS!
zyow8)i)V~-i|!atl(nhLDTvw@@dpf6mdG5dCtDDt|0@M+ERQvC`^PBX|H-H{NN_4Z
zZ5Moi`sfQ!(8=`H(RW38S$d4sV6svVaESpjI;=1RW*Oa@ip;jc_!e13wSu#y)4szm
zEDbc=DrF6o>>{`hoL9q<Kj)Zh^+Mi(b^Y!)y}Ej8Pk)5}KA2kFWN~s@&wf9hK04ne
z-GT=jeQ=NLFuHP&Dm|cN5%LPA5o(MDD0hCvA&R{T-$UaX{~84lnZ>^`ghm9+jB*<U
zOpSUQ1k8=18hnnADjR%e#QyAj3y(GKe2b6W?R*PGfMS8d9S@%t3D1UvDV_m(MVxs}
zy9^8-FcK4Mn3n;S>YDN1I*FUF*N4F=7e>cBy{?Xf%^oS|fW5?Qzdm`!fq_H-w$)FU
zM}|PpE9vgBFE64!u==+c1fq&VG8n%oPM%DCaSws@5OLQ`VpLZVdX&?I0Agu2bZ9=H
zhY2~(M&mj-$i<pG-Qs|b$PvVDKsuS&$VXy@n{df98*=Chfg5>ww!$8%ojJZM&EtZh
zbaEiW0z5E7Na584slh4@pDO^~7Phhr4;5f}8sf-7>#pgL=^Xx6kKUa?Y=gN4SC%!<
z1y4eG<+5uZ5YfY+;*f$k!CVI$7j)U71H!!WDT35%h>K0R>W~1X_%i>5R07!%+jrEh
zEX+Nt5np=LoLY&1)IAKWxH@g-8<Q>zfaG;K9s-&mHf~BjDNl!!6M!4Bwo7j^yv>3u
zHXyg`@O&EBf9?|jw0=POTX(1%=hg;1J@cspo}T;k5wp4sT<c7Ys<A*s|Iq4Byd=YI
z*^%TknpV`i#i-ME6TLL3I<y@7WIA5qGn$PxC_GH#Gb%m&cQYJp@A(O9f8goW^Y8Bx
zqC2{}m3tUsXO96&fDfj3?UHM+<k<|L)84t$!o8NelUSD`XtQ%CGrHC%66pN^687ww
z0_J%1Y=ZkYOaote_K<tDK{E!<3-?0Ax7HAC7wcA_OvoLO7je7mpI{)Wl}fK6DAHrA
z@KA}^`}~b<PC`Op=uvpmAYeKq;Sh7xjo53e_AmwIEgc%*koYGRsC@Yr2b{Zj%LUF|
zzCoz}E#eK~y`tvtyF!bqKYObJ)}MDsgVsE^st*Z~g499n9s&G~x&-&YZy()!eb)EK
z#(aJChp>EK`XE$J7t)}TLlDX*l<>Fo#Zg0rb8Eh!y2HO4Nx3s7pUJVb9b|6+kIzY<
zG5?551S-J#%_Ra*eAvzxbQ+9sRe$)(_f>G1!1pB)6zg5N5Agid1sQu-^oREIj+81K
z-1f`}d%$;Lbx9b?88UP)6Pd-dsD_}rOx=*VM6eKdO_wYzPDtV)r)_jyi6W)*c3oA<
zXRx??Zpdf&o_JY0-|)+11bUpWS{fU^xbF#V7y~jOk)SZDi7KW<4g5WLGp&h=rb3C`
zDu~La#5+jx=^u~bx|#NpC_Qy6rYH<?E}JAWiamJsGR%FF#65YnG9q2wiR63YBIDPN
zp$ti!GK?a1LhL&W{?sI5cJhd2q<HXVtqG`QNT0jKu#{gkX=E&U@ET@F>-%Sls-<#z
z>H@3+NzF5wGyUza-P#P()z!6lMvmQp;x*~+ou{gXB=-2rcDxCd_)ZyVUcAP^Rj86h
z5C+Z4_sp+pTyH--snZr*$aJ`qerJoBUSL{6I7~r)VShCQPj4WGenX5$9h$fMvohlu
z<|gorcTN56%Y{n}lA<u%GKk>%yOohH#uGqVo+2qCd2(_iO$ryeo%MM|LVO<wJpZNv
z_?;bYV*?AN)<G8oj>Q)E25ph`Q$8>x;)E^GoD9Rbh6;@#>m>H~<PXIe)nD<uYchxI
z5^%kkaPHZ~mA!&9=K(Vdzp2qf!Qpir2iDN4^vyV`IHxUCBEZf4Dt8TnUz66$oKyiM
zvRqkM)?8ae(ci=D(w8N)5ze}WVdcaJD*)7UCI`O>2oww+IWdg#e{T@oEdR^xX6Bd<
z-Q~o^E9tYqW4mj(ett{^iW=vUtGoMH`tTltgmJ?N)r3!>{+yJrt~X69KU}VPF6w@z
zAEoxnn(b3F1`OI*$a1w%9lR3SiRA(gClgI`m5hJP4xXe^qXQJ(dC(l`O}8*^keHB{
z--^DX@7d8)R%JfBd5L~f7Vq@CDR{~+&lSz>8iS;n^5yJ|2&$-|FWC9fp0v5RwLXR)
z16Pot8i~>2V2V<rQ@O;a)R0U^#K3{)jP{?33nFwf_Qz|>ANJ|Yx&#QUjZXjuo$eBr
zt7@Yr0UhxVR94!cOs2$l0lsD$ETrG|MP(SrCkZmeQgs(DHj*O*9VH96wUyivDc2Lf
z>=xI0Jorl{G!4n{uFJZaOm&{WB52y~JOUUFZJByHOqHkqa^?`bk}WyM%(=__dS1*z
z&$4rbgqIaj4Qh`NqR69lf3pMFeI||1s}@Va<7Er;i%xv1bpFe?>MZ{+uFk2w4lY`w
zUmDxCy<^+9+1Ta|n%&s88{0N_Y}+=PHqPlemuFqA^$X@R*BtMdnypYpPoFlw!bWt$
zvWB=miy*6UYL$zked;y38I0X0pxp{I07;{KmZ?+~zZGW;q|+2z_poNiz{);Bg7W|s
zw+ZS8i?ZM2c1b`Ct^%15CS#YVY%ok&duX%)*im_YqDG*-UE_TbM1O;kopa#i8mzH3
z1nxPYDO;l^@rshcJ5~!5q9O5)qHRChGh-fdvgr0S>oHp4wPY@k?=xgD*$bq;z-o(*
zEhaa5;cD?YSJ%#EBG@A*M3KqP?j|X#PA)DOw1FBM^1SsLd*x^IJhOoiCD4(UMh7_F
zNl|>lJ>FoI0aYD9yQqFK8dtKA!b|id@{lB#SOQ?LGD8|CGQxZTXXTfz7v*&_Lg=Fu
zZm9PGI=^_^uyF5*UxJB$RL@e#?>jZFa8w#Yvd4~2w3HhrHFDXR#`jRquPP~&KC_ZK
zn&cU26;W3byep`^b>&!hB$nv2kKN30d~8%W=g$5nz;XdW%|Y+yuHf+4!e<leS%rWW
zkl}P$5@t3A%A3Br$2Psr_~O-rN7;L};1GuK-<t*cS&OIlE<r|5$4Pi%j_AR_CZBot
zoCiZ6k_y2BRv7ftl+#JXoCk5AL?h#?l=Lx7{CoAXZpB)!iOFMZWgqHCb&UM$2Zo#O
z4f@t7?vZwov?!@|^wQ#t`|p&-^~Eymrm(&fEVg+oTbZO+d8g;o#9bt=(ixN7z;XQ6
z`#p<3PXwB`O@Y4#;Z}`bfioW~4Vh=@t5L|`q_IEZL7X9q!bdMvr=p*5EOM5g-Ia||
z_<5O+r?WN1&OO2ej!{4bd0B`a<rh?TLmy%eU(rYqn{&hbcZVrM2V$}#o-xmP>A^hF
z;Y)HtdEN!+M=OEjCpTm%gIs1;8WoA25_%0qM~WiK#hWRvjrq?pBx-^*SUb5~q&K$a
zC}5j52AF3eyHgogC-}>?)6-3eem&;gqJ}4Wb<Jz2w^N#wt&&1h^MW#u_ZY?pG4tNg
zN=^-Q5kS=R{#jZ`j~sX$;=!o0BtYO~8l_01e>F+EpVAhIdzNsvWN;d<O)x0mPzHCn
z0~ja$6Z>40r<@3TOTM->$C_c0+RK5(WCm5{fL%AI$4_k|zikeeEO`nKC4|L=?RT>J
zHWZ*zR0q~jdY5&JM5C9rjlt4b+Dz4^bU^|UWOqpHtYa5&qsgsbi=4-Zi7<AUn@ZUx
zcKjP$C^%8T)Da0~VJ*|&ru~J(Q@e~`AOqEmLis6vJRQZ8sL5X2q@<IbD^i?p+k-kD
z0$o@H7S%pe1JAz9@Rd6<&l&4-w79*UwnPPw+T*JpQf6|D`6n+c5Is%Z3c|5!I}$;1
zjk*Me1ZKS}A%mtA5o;%kY&?zJ0`8-%+%j@xx|iSe6jO#jFtQPxE22}6N?5ro#J_c?
z34V!0HmO_`S1epDq%w>`%33S(ESysi#cK%8M&&zO`GPC-MCa)!daF2GCYYI02Q~dC
z*y$L!q2_!PDLh?E{=>vqU|`KeOLPJ)Q5~nx<_8Sb%h}(W^Q=+EsqvQ;n)%Xqgua0l
zzM)*uM98ID;$zcz$U8b_h)W1Z?fgn`43vW>_AfXor)^FVEDv7O8Pc94@Xy|wnCzw`
z+e9)E`gGyNvQiN!Ookpkc0`C#>;)X@p+~IveXI5}j<&}+&a2P2z`p-V9Z&|{mja_L
zG6-TvBV8uA(@fEAGe?^(RHDp{&QOzYDUdTcCMEKVC>=PMk95r&w*hT@$B<Xk2%VT`
zHmFhzpERXohN;rRW0OzK5oBC-h&(*pEpsraJ1TG-<Aan>y_TPnKNaHmWo0Zl@QaU+
z_#{ri6Jxr3+J$?_3XC}q<bOcYn4OdkF{7AzI5zBbO>R`~-0_*Eh<N76u~a#{w<kY?
zbKGF7{yr~B(Id9vd@Sx4FKH;%ixpujEu@_RFVda<dx4Z+j3^PaI`40$Q=lh}{a0Mz
z?P)QskCsU&>#V2?x;LUu+1raE<ZxAUoEYjx@d)mr?Sz;E{-kj+VJ(1IAd(jlCKYxn
zI||a2Ys*JhiICMk<wi{;B%-bPs<fg@oWcIIXcgvubTrO~a-Hf!<Y_SglGJ0_Cjl<x
zf(Vhx#ABBUqX*M6e@S7x^mxAGL-s7`CYVtTYJ|wilVTh7_4yQ7ZlI7ym|hA}JTT)a
zZzDm(Ox4k1Dvw@C2^qwBX!w0?RhER~3O`RXN)8ML4~^G(@XG-ih4{BQSgESmOrSWW
z(l(S$le3*|tp@+-YCNkdv<&*oXQshsxKpY#C*kqba}MnD)66?7nL-n}vLEPBDUPJv
zI2_C!U_o<P8r$&e!qm6fMy_ZiZ;ek91-Ab=<ZR$yTvJu|&Ih5X^3UEz&jH4sd~Jdv
zMz5auiAXN%7?!RwG4!OfDN>IRF$N#YZi2lwCXYG>x+xBdJu_Vw^Oa`|cT|Q~x{au}
zE!T&Ma&j^aX+<Vw6Rj5DKb6%&_uuFd5_6YBcY4117Q4p26T?e>3{ghnPf1XF>IO9L
z;662@WoMtQ!GS`uC@n%tKVI!=ecwHlpNAsvV|z`SOiLxral4S8`KJX+`1DB+j;b;S
zBh9}&?6I%lWLGsL%qC@2Z7?h2UcZTHz)x9(YS>0myfK-KYA8_rYF<06qO6u(62uC}
z!2%}HB(Ro-R(ysM_kUK(&#AfkKbn~;-~FWB8wg+UEdnjnrW5Vjnz~1r<&VJYu7T{D
zL@-*^S>2p-G3uwVtYum)Pw0(R1eHw5toW`Phv>a0Y2_LyK22({fB6V`y`*RePvgqZ
z;*BzP*gc@p|6S(n<WKVDGui5Uw%2f7GtMuW+r`U438bkgk$WvRF7~{c<ruj^B^_RO
zTT>xn&j2C8Ac-Xl<At#=@V^OSS&YP|aZcFfYX2xrOY@6urFAkOS-9(`iaK8K@EPOq
zUX-}hF#Jwf&P)-BbKldbAxw*_UZ3VWIv%I-xWwbSE%2l@U~VL@PDafg&D<P;AAgOz
z%M0El`i6pUbX3IA+*(k=8cHfm`Sdt^%ku<`Ne30;6zM@aa7ZMUiv^b`3TDJE=%xtx
z671g?PFQF!(e&IsD*xj~$$HOHSX>R4W~aQEAB~PVW|u2^Wq*a8(A_UL77+gzjv|DU
zCl#WxHLLTFu0KBLIuPRbP$UWY2#Y_$d$gQ6xLVQ9NHv#<ElW+YM*3cdg8zt{vA}|1
z7Xy;%!tt&_8f$N26?m>qU-b)Jo#Zl+dKZ<LFWh(HwSCkycx#?F>xEfR7E2tidf?JH
zQ9?(x50v{$qD=5G1t+rqI9-zS;CVCk^sHF7i}m*vJ?V+$o?q?i%nf{KvTMP#-!l2H
z;D-4pEB+8+Dm-C+X*KFSOu2Of<SjluEP?2E&FSr6$lu9iNJ8hP42TzdGE`J@MNcL*
z;;F{O<wG-g?OgYVF>@cjKm5=i##0o`I!Yn;>DCD7xBhZTrruhm*P|J|`n&9gVNokL
z!P(VerH2TP3l?I0$BJ9wO4hh{DIE?^FEFRCHdnJE=zq4n=zF=ili(i9fsTA`+5xdc
zc7?-RZEj9htce+^7q>eSSm}I}5tQ<lQq5*H*RXZVD$_c0ix$^|gpKk&I`u7LX65ZJ
z@wA)Xj)iAXD3N0vezB*W&WRWm$)xk3GNvj$PKaHsE&uiI#Ql^Fn94iA1PEIy$QESF
zy~ju;ET8LlCtJ-_2#3b8vsc1^>OlZIVUAQaeRSK}IFYzNGc1e>Z!3k#-z48H-w#qg
z=_6^>Uq+&nNRYMk7oR3n1oXTxMtJrl(WOvE+_&dE>hzifiWZ^p-(TD2R_CsGxY<(4
zBE1FVuVZ=aFB|5>#Qt)AsegBe6exdRTCJ*ep67PM^e{uDd&gu@-<6?xs0P^r)6P6S
ze`K)lU`vR7y^9usa73CmWHWytCjy*(N}FjOBurrF{n|qvqp!wgdrp`vuYMO^EWXU-
zrt$KBlI6=y(NV(gA+DgEMs@94WzD}2{d@;&WWJJke*O|s?DYju3rVAJkoQgU9@Y%|
zlCC?e+v9nvTn%15mv&j7)`KAX!l_#M?^zsbvj>{x>z+|G4)>H<Qf!TBvx@@5k`~aU
z6r}sd7K?+Ek&4I<m%}Z2&F()pX*Hstw9yUR7Zb=$-XSV@=O%q`KSB)T2>+0(9{wG&
zdLR%NZcOeyhu1T-6AX}%D0%9wZ&8yXWTrM5CN1$Pg)L$#(zDgx27%PFZdE{>{fH<R
zH*E;;xnoMNLG;L;IoQj|i$c|#J)|b=R^Ptjel~{HR_5;|kB49Jn@_H|d{#&so@~F@
z4kk|NFq<p?eM^MQbmr;f(MtjS^hAArO9Tig{utrV&BrfCT!=f(8c+^H*PY@5NlBP~
zY}JEoO{iTdByYH$3PC;27c3O~+lH7ee4h7{TOsdZN8WFT!Nt06a^TJ&XrlMiKKngV
zi8)=jCTV_L(-NV)0zRl*YZ#*A0E8C%7c**zLM4qq=p|fX-c>V3piohYIAuh9Zi$`#
z3AS;<;vb1-2Qu%W`O~~HZ(a&8aYvXEtLD7>7DVH1Fd9nM>L3$Y0+KtPrP42Gnb&+%
zyguXzCIlDR#6PEWquIYx-YC)4X<ub`UNOD9cHGcqs?QRj)Fnu$FXCmCKOVb2gN8fL
zctDd$j;cxR$DBGf#ZD5NuVu?5P2Ohw3JNh6eFJ~Ja!U&F({tdLUomfwiuq#7SmFi`
z(*wq<tZ90Mn?V#WgwTg6v0lpaZ^Os!Uo6`m;(2zTR8dCPOV8_z(8=Y-Vw|N!6uE`%
zeMi<B?zuSfG&bt^W>PZ>Xfm+=ta1iU1gu}$5q$&^JsS&QCvfL+0wNzbF~5>rYJRea
zT;H}XY-HxP53aNM&`m^r9F9E157I@ry~dKd3=e5ad4h^u&8AV*p!6;{0;0ymc^n1$
z9h6vid1sP^Fb_qrb8L(4tTsIYdKUH{&+$#BgkNl5z#i@oro5>L@}1AP3ArnIBo0nT
z<^4;W-Oa?!*<?N+=P9#z05Xma!bU!3@kn*fp3w`e1ge;BnI0B(Wx!4rtJ%ZK7JJ(i
zvdY@5FldptzwvPK1BGc5PDumn=@*ve?R&P0_iO!-3&fAk$XH$Hmvk${Aawq!_ZA06
zR$W7umH&Ri{sf6iG4JiF;y>{>?36p>5XQXXRP}0YSuOo*Nu{^#25wpH2Ksi{FS>?l
zAOqUCZiTde)Ny@THGs=+Iqm{)tz&$vY&b45v_NeJPux`j{gtFxo3XFtRXe830yVzr
zz_oJHhBLn<{V%rrb~O>xWn$^;;uWWRs`(GBAKR!1SDLFaF%WjhsOQISZj4haFiY_o
zl#iNu3(9eUQ{(F}b~$Nf$2mTP7ALks&`WWPt-;!<Wi7$e_KZY(t>FG%<llG}Q_j%a
zRiKt2L7gawlWxM#HN$rNF_C_U3`i9HcUyfAA`3Mi3X6WZ1mu6iO<0Kn0%>t%B7}ep
zBn9}sJZY#sU0&!D%sf;A8_3xRYX~36jVH-oM9~{&oA9Y`%P=$F)?xIZhr1k{p7toh
zMf}|M4=B>3jkgj<Yjy;$$ef<`2dAaJ13<6XF%H3>&>x#7qGD=<NKAAa2*JPy$2}iB
zn6`n0plcTwEdeA?<mdr%XoCU~t=fGnKT)IybJjv)$-oT=Xe~E^m}&|JM8?fubPx<y
zs_=o*)S^ZBoMEEjG@|DC9(aKx^TUvBgU={<PA!I*W-iYJXHCT2lH-zfX6**xJx~NU
z9_c6!=HXhh8LLk&o#F>kSv5<h%uuloql-No?}B|(zmI$(2GMZ~Zu>RTs*y(PfTr_^
z7hR3p=7wq3>i&$2fEnv{wwy%c3fkd;KVKGbe<o%CDH*dibMx2KrH4S<5Sx}$53v>4
zq?Knf_vybB#I+7chVJ!uws6DKX%K4z=8mCrd~FlyWYb^SshgR!8<NzTxuL9E(~Q$;
zFD<9wmmQKD67gY^z^-un0)fRAI+)RpCUeym<hZ{l?Q%W1etw;P>MVbU_d>pT&*J5b
zb(-Go6{GNii;b{#(N026v|$3XTF?ywH`CVO>Cr)%2Ka06?tptY#^0$<0wA?b4&jI~
zORzihIt*=FU_9$H$howu6MM_}xRT96LSP#O#k_XI$kjun-~mL_ZX>`%{kcRvvg|Da
z5PgQQ-zu*?R6Y;bVjui&6)Vtu*&cQ?%7qb7#N}kT>N@Z->Ii|HKkR+~!(}hNvCSh`
zB5e%8hiTdK!QTgc`SMu#1thyw74bMO^IynV19qY{J<Tk8mf)o6T=@I+e|V@8Cf|_4
zBURyKRA;GzNEE)Ox?sJepV!011s;waYR>Cmrj{km!Y7MF4YKRPPuC+j{p8pu(S?lf
z@4BnRLm-W|f-vhCLt~W8vq1-&rSgjB0IVYWBIRAf%F(T(EDxB_aX{9XM?|i@ygG(7
zGezdd;tg_!l1?9H_bKg?-3$P1QuWzWGcI{oXnwHPnv7v|@UX}onk#V}=IWtj158;|
zi!Qm-u+#z0??{6N<E^mi11~`phhck3##&tOy`BSQf7Pu}l_=)tBp}KzHp{`=0rk6X
zcg*()ojaKZogkpZ9}teSLK{#91><(Y^gu|DLO2C;SXhr-IB_&e<(T3=Q&7zxa5=2g
zDCf^Si@Q4>J^c5<?LN3$`<-qz`uj2Q0Z#{}m~fEzjdaRvK}uZ_O&%pZ-NOr0`Y9Ok
zB(TT{8lL-M^+OTX9%wW4OWa=6k=})?q0b}NF2z&=Q&A(n7{t3qhi!4+G#xli%sMtm
zU`xR^Cr;jTv1RRZy#5xeJHt^IF-!E_iyA^YOEfqmtupbtzOtJYrc4N_OsAg08&A2z
z8J3v5whvt$-9Q>?CSoA7rdgu#0EOSd5Y*P`Z>5tMGoU9`+hp#doOo%t>chs{H|805
zIf!SdDQWzC0Q$B{El38Fj?)e>cT#ot%x3%Ex9u_30iZQuw7_bwWxcO8{HMM#^XjZ+
zZ})D2?+Y_byVP&`Ky|NLtqFanSbbvCl^{{P{2Aah-NFsSQ%(N;s5223lR(MSh!F{(
zQhz{W26^pg6h!DTh-ntj<<Z@_La5Mq*UB17yvLT_3G!jq>$DG^&yG6mq?T%J^GdwV
zk2-Jtl2dHcVQu0em~v{#_z@1i63ATtVshEGWVgZm=o1(p^FxZd<$B}hplr*ye(Pj?
z_~eY)+90OfRFod!XJbzl_*t*DC2ax=7-6}q3b8kkM}cRJHZ<dYIu>QQg7yKT{T>o#
z#d{lc0bRkCtdUN*{s-lPmJ=DgPeb(0;2v!)aA+T%2x9g?76^^FkIWPl-+<RUjPZ;j
zGeF9#O(&?xJ2v0$()}--G)(q8%Jj%XdXGviC>abClvf;~H-kxwaud{_8pSU}u#TeU
zRd{x7)eSp7&~#It=9S5bbO%ENnfU5_j;a~PL2}F#rye;#tg2zmc3r_}+60b&y#qLT
zn6O>aUwY<>u^LCjB=#BG9_-wXM9sZNz80~_Dw_jm&MXbrNTdSB{_RYi7s(8Ss2x<e
z_vl9W3i~1(Q+oF9hMpZ1xFhO@odwqbNrWR#50wY~F<6Fi?<xFISw?;U;qSe;0z%V4
zlZxHqR)?vLxW?3P2g}3PxL^gVpPBd6Hbmr`H}nx=U4nz0p5B4>gp-r(o>5TC=ryWN
z{}^ujHEcnfr?=@(Z8|pO;LcV9qd*{TM|e0>#%xIDeU+&ZtX^6(Oyjez$2Du524ri~
zP|&rRZk(g~m!}K+EISnpst8j29ML9df1aV0xwXOzSWQt78lU`{2tMx0J6m~Ggq{Ih
z>}mw4lLn)>m5v<UznIl;8WyKIFtgn!m->pNsygqC=tpH8Qq7uOPO$OF#9f`YQ~HgV
z1j>ChjZ_CG9|_AWChiO6+i{jc7P8)iep`*kX<!46S8ZKD0QHK;g42A!cpRY4dPsHz
z?@EK1=gj)=j-d`w{DyUUUUW!#*A;F(J1BnM9XLMp(>_I&s&TgAJU!fP(@)w+J11At
ze>bL{rm@HNc1<zPL<P#RZxlmfe<+3)+;}H%<7RK);tzeMhJ?2by<z>;^}A7~Bh|!e
z|8#sUKt(isYj438)`z4tBqao)mnXV5<NGdJ^Kkr0=2k}igE#QHV>F@<U8~|V1k~{f
zyyPH3JAFJY{r$-@V7-cqO;gru(YuiK6*-_ob7X%)%m;Q>2hw&|<`-1#YIpS7hu?aa
zto_&GwxWu#A~#~BbpfkUGNlUg52__qqWP@=^%j|zKb6-zPI4GACFcP8>T?XkQWSdO
zlTzVb<HQP05}qK?U9wQ<)BPhgi7LzVP}LD3;F%a=_hEJQ<?4pkR~Jfras|4JOqgJX
z7{P$<5HGIG>JRaGc)t#MWC?atuk+b*`(Z`}%<K^N(PC7z(yg645G90^$q@A;D(9$A
zXM62~QJlrbrxKCZH5&vqq`7h&b`BOEjQs85g|q&a>spS3sTYQ13rU>vMesHjcUvSg
zA*>q_3o@FZpe47IVCpC=W6SL5WwiV-OlBRL6OjCVxn)G@<|b9=robPXTL_t?Vkc8O
zrT}}Divm>THz7p?=0}7lbrjawQX|Dj2GD$e)j5iSaG=z53<&^9g_hn$o0*XzPh$te
zHKi^nU;K3l+1~{3RTg@&g**+5V#7WLgcGz6A#I6|2w6}fZ3DtMoB}Ysp$>8I+9@-G
z4ApFgQKOljc91gBa6X1bUEun7wInM7)VcvX#jmteg=+(16=248*gt!->^gr+IWKHq
zYKu7)j;rYH2!4QWRY}W#?9Hi8&gE#%u2yn^1aS%y9W`sALwSObSH*C4kUH8SU=EmF
zSa%SlfC5BOgr*3sgNogl40ri1-*%9ffvB7ZIB<vBys(>l>@fqLYbb<wV(rLnL&VQ$
z!!EEMd&<uw-tfqz=pT2kY-sst;pXAIFy7I8DQir_Wptn$VAw(2Dg6mhO!8jJm5*9L
zXWzcLsRzrwTMmA~F9qsDVJn_Ag812aK9E$M;&&o27o&jZ9`ha|fZ@-+HI|=0pm&HR
zlH+^9U|poht_ey&G~gZO@eY<KMC5?=9X|T5j~5?Q3OvHiiS0WOe@9m7-)+!F=$53A
zLc^#_MF2S`aCb{>xE3wBCQtP<F9dGVO{~#3-N~&(<|p$#BS;bYS&;Nn`e~SLrWdn{
z%JZr6ACo18hpTT7{N@UokU0C^OGJ)nk;s&Cc+AU}I>F8-Mnc=ePDeX##iwTsh)?mJ
zpl{6e^&TraK6Imz^Jw*#N=r6mJbH7Bdl#Qc-UW@zr!wPK3cDo|FvV-UJWz4z1JsOt
z8nY;V*kx5~A2&)*r?%JyR_m0FSzc(a|0--$`!Ir84sDb(VjQ}lS+D-2Pp^7AVrbFG
zD<w&`t~@>3U7mbkYSGE7`6q_0`tk7X>7P{ggF?riu5OO~C^bvNxa4@eszvyL!0~6d
z+$1RdvKgbpIGc&b=JEJ?!>mKCD$Uy_z^4o+#oM-QysL%d=*PzKL%_9Nht?+5X0wci
z;wI&0%j_{X;TWvrk7KV*w3h_O_AOh+#4d-!<Du5b2lP#(mvYBA|0!*1(l)J0S_jX@
zA)Lf6$Fgx+$J6mLhpOYn)~aKUR>EV0Rs+!SW~;!lUu5%>K~&p!oVpC#DqSg7DIt;5
zD2f>YRDH;-EsNZTt^stBW8~RuGWVq^iP3F{&FS`k!NBXIKQq|{T1p3gD==ZmctiaV
z=4ORJW+n#N=M0Po7WzQlZ^9G&@V1hxO{_XGtuqxV%6yTxrm>+s@2-|#TyyDLBeI}H
zN4?=Va<k>qqqf}M<5FeV@-2%k&&L)=v{$unU(Tv-q!ttLWC{TYkjK`niUBC04+?h^
zU;Rig*eT=Azr+I&X(w+@O5RCoQ$_lJJjkrc--RE~-nG9&=Oy+HPCoDeB|agX=^;qz
zLR3<NW>Zmi%aNYtEY*oVD}mFUbpTMo7F@-N0^})yi>|?X5*dJyYP=41O$)_>5f^!f
z(zp#~wp19$j5KH1dzEq%T!4L)H>zw0Z2;|b(HA)!mjKxjNqEuguT${w-?CUj#j9wX
zn?&seVviOm%cl-Fl%uyJFDFjZG4$ld9vXA;6M~4?72cKD>bM35LFTZ-j0m)AYZrN^
z5ZBal(0mkezm#mP5IGBmQkE%?iX3{eXia|aUKuxJZ3HPQI$&b9gLo{|SJ87!Xsoia
zzBB14a!*hu|981n1dn+p<60*qw)vB*xXyswn+ItNP^uYwb*p`CR;lBC$)={?f6UqI
zKpW#|)~VB0%0@GWJu+RtV+krTWTW(9F(Ie%Ym3T6;t*$erHhU<@AggV)H{hW^9mB>
z2^BhK%jm{=b!!T`?JWq;$}w5pca0$|$jEk&IT_Ff@qbQRezpwGErrIn;N-2+7pX{?
z9tU7yAod_--cGw%A4NgKG`wsX%1#rS{KtcPPu)W~>k4Vn#qmIN;t1+C^Nr*QuM5rF
z5{x_S76Fu`+A6mh+$(WI2VhC@&$dJgX1DIQg+E)FLgzqO&!2;W)@X&5=w4x21F=3#
z)PEP4XbhQT@I%FEQJN$&{G`!>W7K5JDUjb|;z9su7wxli;nZq`5AbuLIO!ak7Cj7B
z*<tt>#D&x?t68*Zgn&v*5yBa;JM6;F>f+FowK_6tPa-gv1l8&oq;#3ls+K8Sv-y=B
zG_}l{_>Dcv!3TVvK|rHix*aXr$RBo*&$3$4Dq6@JTFm^KLVwgDh)R?P8tm|uHIaeM
zcEjdcXt-5qdDU4inRX*hOKyTXEqhuQoZZ^7{hk*{8|T>v%%DXRM`nw9z=mry9WJ(8
z4u)|olVf%{!!5<;A#)=0joUSsOBHWHaMCr@LF7G|W=_HboMb*NzJ50q7qL|_LRDKZ
z)39A@bn<A0c0=XqFUEEhT(1bSikx^D?4+XTNW0g{{kn|ur;C~co3_vYLcQ<mbthh%
zl$P!_knA-|H$elbi%R37Jq1fb+cUt$6^5L5?E2n4Z)pLrYCBR}Qz3S*Nk2Peg3+E=
zR>;65k|XOcl(yvLJzBhlHTd|_uGQ-??12n8pQa;TgwHy6>toCKeVz=%`Qgr-<aBq+
zqkC(zd$~gbJU2UIWyKK8`ok@u2RFsovil=i+m*bVJdi-k)7GWu-xQC9f=*=lEuqw9
zBK>~H;4?wXse=tbnl_tLSH#?(#@T5cpY<CiezePsP&Ej9P&_t1E|7RmV74_b?!j<=
z3LsfE)`ZVuA+*xpqxp34Q?T-31%F+E1;>1cSIYb`xwC$&yPCD-C+YITVWs<lS3_YX
zUHtozJZMp+)uo{_XmZg8zciWR1Flcygg)SxqM~nSNn{n$kJs!cPyGiv)>5G%53R%D
zli?o<5RS)F&)ZR{AnM$#WZxGjem+rM?=}HUz$QQ4?^@VUc-~33Iea<&*^`|ZtW?_B
z+<CCOK+@SMYiCjNsn_tw1D#V=fRFAV%c6GI4QSuc9Mz$R9y8xs$v;4UHYW%urjKxN
zvyARt*Jay&cR}g1&dU**ggB08YQX>rV8<r|C_j+t7@F1IuF$`1D>lgD{0=crv3WUu
ze6W=7M$zC{t{%3$C9$D_^~ACLz5Z*74{JV0f%jA_trO3;QsGy6C(=myvP(uMQJkiZ
zC`i``zG_L!rM8oxR&8}K_QJPauckoPoq4Os=_hv!iC1OzzHJMHv3gs-u_t49nN#@f
zvb5W(H(bRH7I%x>Z%yxL;|mhkgbk*!a^^zOZQ3X-N8Of4N}DE`O2-4dr=J;RBv^<`
zC=HU=SOF~xoaNzQx2FhRB_W0xjrhpuWzgXPdy7G}no5-C1$~2<5G8kowN$pRvS4u@
zZr4)u0oPL_P^E`LShFrFewpOH#@Fcmmsg?cC7VW1tk9Ccnf7g=Oiws$6=>h(i5#cu
z2QcInuB<%XHS873x?;9o?nhu*70dYb7c7hF_kFu3u3D|#z3B@BfBlc2EES}#b)Z-H
zT}_e0@C)2`!;h%G@?EORUCXdn2`fAG6I*$dB~Ctr#ggxnDP`)FZdqx}b&GCv(C2a$
z;R-hkZkFLI3c@n<Q-~>p-PIk(I{M#Vm`m9EY#~z(2#e)8;|Yq8HNtI&mKB-5PcKN9
z|J44K)ttysh@EJ$i*u`ser{L4C<cOJRnc_7O;?9n1^}waXzM%ey4t&=%oZ7aNuaL}
zCcIp=vgsJf`j;KetQd)|wB(Gs!aQT4+#SVNhffNprI`$%iZEo}(dHnU=YMV#>@AH9
zvN{rB*&dpva6>RO51H0_LCycE1<n>;%SWYVwz5AZ7|#TZw?y<<7o<EIn1XZ*ire2v
zb!OViO`J!0L$43`laa&)IY(U|NuBSs=!r=d$i|^%2A81Zz(kz(GJy-FqOIK6h8vt?
zi={*VUEAQPTvN7WvT88~+itM2N@PQKKBohByVJu1wP{Qk@oc*@hcW*ntoh~=@%$6?
zDBk|XJ%QR#Ht-Faa^Rh@^@3_%TWF>Flk|VX4DkX%$#snX{nw-Q|1=bBKq`pf{}Um#
zebPge{-5(G{ojqKZHN)V<Nuy*{LB!A@c)}YPT%GJhZQ3NiIzP-Z*O+i=Y3<Q3D%88
z?$&-XkNcXKUy*IDHNGb?kB6n!jHPT8Z6`MWv6H@<l25ZGag@uFfwWbSAf`hTuMSZq
zgQ@us0v<jvjcU3GSx!Eyw7@n?HOu<ZMnB2@W=h^(PdWLcx94=neOBmi_vseychCd=
zf3XL$-)=!8>kQq9@eg-+sE7RWNVFb;Gk5UBD(pE&`}8Dvafg{uC;zkp@f`0Van|?&
z>Z4_N!lRP;afdHZI0vD;pWK1qX94Nn@<R?+f9^obe_Uvv^|KH0_qls1;_nOhsQjO5
zqv@XA#fOaiy_JXd{QrP~N&ep2!+cMFiP65Z=TcA{X!)L*_#ZsVL%h3kf6L!nbSUEC
zpYHr(OjJixk8geWJPXx&z$N{Oi@F<s2n*kQH-n041C9sYo09|-hVlMGNmVe{qH#0c
z|KX!EcewnY;rlE;r=Y{<KB(HEOOBZ^q<~b>Hc>-3BT0-ibT#AA192LcqPd9Zh)2bI
zA5c@dJXv&;LnY}Yg_!Epd?@;02f~93I_e`ZV|EA(pNNH+aY#*-Q?AWn#Iyva$O9-x
zVC5}>F^rjzZQG(O{XIJLN5CbWx&??DxQw0+^0?{e2M<s?6t#0;yD)nXHB8(VS2bK*
zd+5So<37>Gk9IBxu4Cr1KKg51H{~xYP~h6n%NHpBH>zOrHc`=L_^BsEsoA!N7wxV+
zzi*7raB+TKrMhD;MN0UCJoi?$Ea?sY*%|mle10L%B*#K#?jZmzhqzZrzT0wZKjRrs
zD2f~Sz-Y*Tm5ANuqO-SJ38dzjV~eZqpEEh%0Q}Kb*bWLN1HTgi;;m>&sCt<(AfcoD
zrfq%`Yvtdaw0c9;*D)Ac+}6k2pYAu?6{?b$_bd1Hd0~R%Wsc)~d|&#3N?fO#)z@EK
zlGmo4Ez8pz-yS#I<F@sPu38X{w4L)<wRo_v2hYf70dShLgS}}n+_MwU7UjWS1+&aZ
z8+w7*T#M?PL#>BAEp$mnf;zYappVwNt33Bt!$1W)J8O4uifbH1d_V6vDY??cYg-=o
z!9QJFC|!x;$T{dwFrVMr2%i<YXZwkP`Tb!ymZr%)HdduvTtEC0C`K5L9*Srp3D82E
zxbMWa80y{2?D=b*^>Iy1`Sdsl6D$lz8#p8nVJyN03?lVR*8q6!`96+{AkO!jKFPuU
zaF?pUP2e-fdq@9ZX4<;i)unm()IQ_lh5RBKa$#andnT<?3Yrz|IB*S+aOAaurgLBl
zd28AL$a0&$3F5M8LZ;6-nTF$#uH(6b*rNRp!9Fg7`vLo~u8^oiljAO7O_VJ|7Oq-}
z$c@)*jbO<CoDLt%?T$4K5|+w6|3i&o^-M{BE;;d_IH~z!Wz86~D(kn}#&<%p*?_2R
zoY}cbQ!}mitb_Mca8Xj2xFmvH`QoRW!Y>pyF55(A29#R!WXULr{Os8-L+GqXi>h^#
zKdiw)O0KsrQIYl}rB~X+*tQbvYH;hOztG4hd$MP|L(QN!?n<OoKyoTUCvOA`9RcCL
zYmOw<4N~FEn$xG2)PKVoD(hJW1?9TF<!;gQZwe6DtULbA5<s|t+a4DDlL$E-{9*>0
zVMCN+fBQAf-V(}=EmYEUoWU%i9fp>oOoOZ1*dTK$wpsjptgDF0;WBV$#;C^VM0G%@
z0*yIWAX0}m66^)X2de+CAPaILJ2g{1ecCl8>FaW;H%Nf@xNdKlAU^bxY@gq#bA)83
zLn{7(z5WylaT)2fy0LR7!pNp_t|bklA%nK6e)~`2Pp3NP<D7nFhHupc1>H3doQEhV
zYL0pM{HZ#6A0BIugsGUNJ((z>!r|PP8+mRszmBb8uyo>>oIztV<<%VHm?2c!I!T7c
ziAN?^S^eLpY?by}(nJS?acGN4k3<Ewcg(zWl_jzlMa?)pjvDpk|C{_<GX>AV!)t*n
zxZ0qZkn}Xm#lp;-KQv4<?gKgOMBFt~L#H2Gs<$|u=DzX_;mIP^Kdu;uUu&p0d9%Z2
z=c}Es<TTzcQ3Mi`&%GRW-<DL<Me$;P`gJ)4cNuq{Q45!<PfhznL9esd5R@qBVf@p5
zzb3|Impb4{d)|Bed6;IlL1L?82MXM4n7pWAY5CnCzcUJ<{dA=Xplnm<pC>3o1XFFQ
zMaKR@v<}pYzpi1I$#94wT>aM7KLS5A@t_QZNQcPg#Q`n-{aK~|OM(t$Ih?c{M0a{a
zUM(?I&+cb8hWQSGAgrN*k9%T2QfSfYYlM;Jg#67nWywsZQrE%aujlU&tCj~6+bMcc
zCh>;wi3Y1$wFMG}BUAx=uhkW`O@kr*9CO1G*E_Z9gk;Wf4TI#|naxr+sr(XoErNnP
zJSVfV#%YiPMQN5&hXu?Jl@7BU^WUn!rC-H+(?u*0XD{>rU~L_sJt>|#-sxQ0L3$sO
zK>j_*n~2{No7~578o)ABAy0Q~ll971apWAPxrdQ3q|9OzNfJYqCGCTJLw?6r*1%n<
z%o2mVJze&Hnl6tBfb>3SCjSTgq<UYMI?w(#GGGK9+qL;-ZsLo@Zf~7K)=JcvFB=Pp
zI5b&jm}HZ;MyJWQOkUI6-mtpher}-En9;VlEF!drRvW?H;3VW?=|WZ?1N2o_k5TKT
zQxun`Bes_;B8ANA#B%=#OI+bTxz0O9pv>DwK$_)}qqxDEYTEcgdcyIjGfMP~b+)(1
zQE7wzs3M278#{1G>U-cHB$U%?OglJ_Ro3J>Z2W_OiGG0uJ`B!PMo|!bUnMUpwtb4u
z3R*2X%Q6<hfo&WP*^C(^XF|%@Dkd-0%(i}Uh0FU+4EjT{71Cl>0!u?Hvn$tm;RyO{
zc3SBx%^zV#+uoC%(;HHxCphgNTO$sS=+dC?+K-#RZ>vCzrg8}*dT{YMUubHP#k`YQ
zt=wT+nj#bPjm_dq|H<UjSLJhBPL!uoKQ3#{H7{7F3&(7|&W06_l~8hQH(Y#kj$oI%
zbE;4qWX`$XA0mvl+Ef*AU7(dMwJ6!&zWdP#TnWB7BI560%zg}pRj-!ru$^T3-4_gk
zFw@*QPvlD{AV<gu%2m=R8}(h*7XE^949{nHk6>EME7aBGAPi)W<=KmaW9qn*h{=(!
ztKW;{dW6TJnm*}QHo9o3se(H@HuE`mMv;>jDReARo)kIr<@?@K=-E4|)0JW?^UR!o
z$YU*dYH^(m`wBP$bI0|V)!~-TipPQeDG^K#jDS2snx9y>kneL4UrvboeiE{`^w8(v
zaxx(T>~6{s&2emh5Zo;ixt1#QIb`8p4|(xvVh}0P%P#34Dm`A&7k*5lCaJccS}313
z4}==+2zo_y9OZ;WHGqD!V43>xaPBfm>ri&7hIllm)AEq@f*`{K!`+X@MGfR;4F7mZ
zGDP%kJUX~TO`N^s=LxkTd)!5QAgKdsfvXUb=tji&r5g2OyR4UKpkP=^bG^8gOX!tE
z?v+e3Q9q0ik<2kX|I2^E1hPazk-U{Z#}1Qq*CcSYR7})h<r>?|gt-Hkc+;rTy)c9y
z6t9e#GKbk|q9j*UOnls#uoXbY`h!t3Ewkoobnp5&8%R)&`3pA3(46{UI1+-1<Ri=D
z%mWWTR2@af+Ptiq{Q@gHy-A7fCH35ze0_$SSdB><lG+^o+Cx(zR2`*#?mHJQRKhZs
zY#<O4bv1=}UNCaHcrWb)uc9+msVGs6#^su~HI>bmbJ!tY5)u8@CJjW-7r8<rca}?i
zB`;UFp*?ux#I<QWnCHab-A2349r)vLjg)C)xsX!VqY?~3v8$p_O0|YQ2#GYwV@vOd
zvHB!Q>+%EsJZ0pK+QYMI{SyNPx+x9=#apG&0Qx_<r;!sNgK%VC-cjP(`wM1!LC9{A
zpYzej$v^bmnKo;ebQGkfPZFEvQth9cx4?+ir0y%9Hn*vy%1FMbbc7|QN715icBs`T
zg3V$odQIg{-xG2;@D9}kAg|M=Mq-C6RfczBC8R*}b78<F8PuN$$u^OVFYJr3bjv6N
zg%o~LwT@}50i31N{hQY4NYOTrWWb&eVu^{U(cS)%IZ4)FX3&G0YZX(Zz;VcPy}x11
zBrSN+P2FE#m|B=t1Yn$$k5)Hk4Yq$sKCph!Kqt?SpGsztRD3bB2!404h<^9CNPicn
zV(!E15DTDBO8g$TMb(Glll*RXl>1<xC~!2H*mb;0i8|pdNs_udEH4<*2j8gb5$<`2
zjj)xyCTHye3kp25tu~RUUss^JlWuH+Qo&ATQ@k^FvxN`vxWw}UL=$(Vu^ksPs;2->
znFvt^TS5{O^epg0-^R~9gG$>ZhuKq4NuQT7FACLq=|+|r?;a}Hu4wL^PR96xCxbIS
zf)_OhBIvlKrIfVzj<a}TP2uNzGtDoNPPA?m(`${HKs4b$2;Gmo6H<1;ZZAUBX?2Ba
z0i@YSsAIMwRAnC#@+&HP6Zr>N`#S(o+~yIBOV>N~O=8_41Ts(&6DS{jpr<rs%}LB+
z3*TKm4Q^}pVPGObiOr$JoF$*KA1}FnT?8tqaK5Z~s4%^RpOa+17kR{|y&rn02>K{=
zQkHvz{)*8~w8TR}$0Mx}MH>r*#fSW<`Ce-`via?hn^wI+Gid7fpV&tIo!B;Y$M<Br
z@k?GM9cYan{s7z)%}Z}F!lBr1S<OpA+ukJC$P3=ts;a}~*B{4PIq;P&c0M8(8Vz=O
zN)^B3PAVtd-joT{wT}70p?}lLb&XZ>u8iNtKq(#Z=J3C$(U);dO0;A79mxrrrEC_|
zZB`T=7Pa^5z4+p6b^2Gd&1DUOvs(zdm8!r3&HUXm2GN@>zBwxdE_EvrY&GzxwwEs2
zT?i^Rgm*b!T$x+LRU2F$l)HojqXGYRpu)n<I#jmEqWt$C6~X`OSX(6_dYS%rr&s!b
z3xpvw*H*|LbQ^^$#0><#B}cd{{lEQSs{dcDlqLy*l`iBCfdYaz(UfY`+Gfd2AE(5}
zfD4fblZYeALBN9w4Ur{-RTxB9b&)krN*q_r$^1`j`$@Z7$_N=DNJmgrZ2V_oVIgoo
z^lu>U&S+=nPSs@H#orTIS+9=^4^N%{J6bw_qh~))2W0*;X+Ci|NTuL_R+nM{__`;8
zrAPs<Zi&+%DG|V{J6k_F3_pCOn2d`f8m?0~-W60j-XK`@hVUe05}dfjvqdg_W>$>Z
zI81jlJ}(8}d1z0(MJvi>ojc$eAs^u%U=DLJ&yk4n9#pMj8-S-ARzq>+lnBin15*KL
z++C4yp$!#HcSawEHHgi!Fh?Q}@qP%d%1)gt^KO8$9K$rQqA0>M&O^-c++*lY4xnzb
zkI|@=Gpv-jvcsoLFVw9JMx;6<G<i*FFo`Hn-0pE{az}$1hzlp+-G|Y_b<aZB8zQ3Z
z09%3<4H8VQgMx|YXtewV@;Sq?6aaZ*vkFX{NXw}U3#*HLEBd-}&d}c-IsY`aOYF4C
z)M_C1WmmOZG-PGg&{c9}SMi>)B``vmu+{1qmq;=+QQ<gz!2UA00tMY;u)+}eoMOsj
zTCr_`T$|4{^^V=jGs*_t-orIZBL^_E=krw=-FN>dZ@fxq5+^*wC88<UC5|^7u?}-%
zxTBLdo-iPscNgBi!<t#e3qnGKqi>FUg&kBC?cvH+cZUH093QX)0H+5CfZ8K7Vq6_p
zS1#ODmwRtOt)=nmeM${V!w!7*@RK3a;Q>te+Fppkur$EQBSJ~BH4)aKRcaQ4hyDfM
zn`6~!9$dpz*tojcZWEpC_UKjGIYfTrF^J-dYu<Y2wLJ|M%57&K?{PRZAT~2V0CC;8
zN4<f)jHXVdyX;t%LYN(38O_T8Bzsyy<<Uk+qzmAo7?31x7ryWWrf_NWsAq!=uFBbg
zoY9qMRN3%iCooLsZ*_9(6<_JbDEP7a0XJhYTKPT+m?`(i{SmtisMS5vzUp}&2H05w
z8*~D*!2vS3w{D{l;lNq=@6mrj9nU|bQ9GVxabefhg;&6|ozI%M`S(Qmmj{SO{uR-6
z9`{@dugJJxbKthl=Q2RA`N(crLiks7G->;z40m~cijm8sbypfg!2W?w>04~-U+1!C
zqxXX7FIGXxP$(4a-AjxjWcrBUl+GnQ8a*3;M`pDG?0qsnF1_-3N<}dU%J!@=T%we3
zUTKD6(N=7sWHQf!i#-^N7XDw3wZ}8FWKy{Es%p}KWJM+Y!;?=m9n#Y$1OR)!FzpZf
zm_Xin^h_Im{vaDR)PYwpnaJNexU9zCJH;xK-Z2$j^lNJMp4upG#Z{zj<jk!aFnaFR
z4WMP6R_hehPsjB1&+P)yp1U;y;^*(RoUqT_qT=dYpLC6sEqP-RQG6eO#JgrNi$0_O
z60Koz&S%dw-q;t<+(Q(^yQaJvqu%&9mq5|czaH<Rqp0|<L2;z#&%!J&X#fQxH}3U{
z9EnXD`rlUxmYq!2#~Qpu6JR)o2$NcgPpS0BoObCLw=sDmZ9dRF5?}s?o0y=Ps%jeI
zxbATwfWH!Ry|b{JJUUvlW3AS5oDZdAm|VqUEEz4w_{-z#cPULizH~nr?%WtuvVH{b
zJ80!Pw`fDbOCZrJ`lCPo7msg*pf0KSn4!9Fly!-9%<N$usRllZ@5hq{nnk@6-#t^V
zPMg0ID;f$KLnug93t4PYBRV0Gbz~4duy^6R`Rq~St5DUTIaZi2@&z-}^AKkPzT_Ep
zS%hh1rF9LyJ~|4g)(RA)@UCHee#TQ=^2og8WjU&^eY)QT`s)b2GT9cA%8!aN>Nz5s
z!lmQseV6`O34b^tdF$cqrOly5A}7`lQ|DM(BC-l~g)$H(#RjAH3acFi{LOvc?-1aO
zsKy%MUGmO?{J$Mj9)a{+!p@5iKWTL*FIi%^3%A*AR$N8}n`qFgshLOlF9wyWFAgd@
z)HLHwQpy{_-xt-ku_sm7?17f&<Q!NO5K%qCO@_8YMOC?q@%LHAn15=i8moE#*3)hg
zF*y8!piuxBEfOI?2R&xnja!LJSrK1{pVv6U&EAC}LiUQz4ca0HqOE7FV8Jz3q$YGX
zw~=$SFCgi+lPKk>+F(z!rBBr*;$?qkbr7pbmy_2=dFOGbG-nP>M|JX(u8SpFehaDQ
zx||}r?y!AzEGQfsl$0Bfz+SMM;ZSkpmM|UsV?zTfcrVU^VmtAcjMQgHvWL7vUD9U{
zUI7=uRji2Wi?LiQ*YF(a-Ec56D%cJwXXr_#sp_g33pXX$(NBx*ZvE0bHBx#Cb7`mN
z)Uh4FzsuIzk#>(;7e`hQ38nd4ypV<q4XGp*sKse7ufba1X_=;8sns^R3LV6CVkkX_
z=G+4kL5pcM+&6Kj6Wl&E-=s=wUh@deB8@53wQ=`x@7c~Zjb*7~I)+nSGg+x7Bdq26
zk(ZV+zE~(*kI)xyHFp`D*XhERZ6)tm&SobN_bQrkUNKVZE>1Qz@i)xwTYyMrNsS+O
z>5+L)fHRPw!v3fnx_Eg|lsQ&~r34w^>|_XXf~nFiSTd~;wzt4_jexzNT41-5D#np@
z(tevV$N1P;T-vLFuV7<en__Y-D1Eap8{N(s;j^x-Wh)BUisw{TYsj1eObu5f#R0h>
z^40AWMjI%lNdQ*3K^pH$$AOjw>Wl|}YLF$@)8-huNl5juqWf!2!mMBIzg;DgThfE}
z2Txp5JF-?bx}wj4q4<)Vbwz|4iZ%O=LP$!4q6fvHgLx+YNIo(VIZOq)Bc_HO(DW2|
z>S}Zl^G^%7@fQpy?Ldo2ksMaus^|ggB04V%P8jVhaA4MnsutPF%S^jm11WHjWOvFW
zfwDOm1uhETqCiO7=c5Hn!apz}2?SCN;>uvO9UWoPgyQI^O-XZ#Rc*aelipYy#LCR$
zovC-hRw@-K7+-W*JW&&0@VV?J1_BRxtu23L`lm~9(5DHy1+E%e!pJoJgb9es#|Ls5
zoA2#*w5LT2+yfwQhu)C=aq|Cp3UFuL@8OLl0C?u6d!B1{dpyJ90PyUX2&nKB=00^2
z$%mced;BWlf&>?YV)Dv8XQ|lZkNv%S#0f;bj9sLy2%e<x*hz&pFdc>~c<t~!i_%`g
z-bh<<*TpHrO|$*XKpv%q`!S9?lJ3=nmS<Q`Pr=_vTTz=xF?%SG-VX<)dk11pH-+L^
zjWhjqdM-MroWZzy&U?u1fgr`oONrfngFEeT2i9Vpyr8*04s2q63o$H@L2`-Oei@|m
zqHm<uLS;0?urNDej$sZd0V}fo{kOVJB2BvV4JrKzN)MV6Fctl%HrVXL9~BMP1l%YP
zvfrsKCI`exiRt|fpDZ%9<KYvJ=LXLr;2t^$!yM8Wkvl36)7A_4I6%GOz5SJE>LRIC
zm|X`i=-w@OK+GM7F|O{hMct;dMXO1UHLuSJ@a~#;60lP&Ds&eqo*s3Ia>h#QCu*_o
zFV3S(#kA%1aBI%h<pw`gW}YFB&N`Rut5RquP(QH+_l--xW3E56lSCf%EcYEb&JmGM
zEjiIM;b8yT)Z+)^JII5~D+AY5mv#n+hbMpk#>!qYkdRzpq;xKd5T5CQzo8tS^UY3f
zxPCK^EmD0U@Vm+0P<3O|kq?$8wz;#()Kt_#JHHF6@nOO#;lnqd{e4WR>5>0xgpO*s
zwz(KwB&`b@P&!r;aPOrJnRL`eU0EVw1)Ba)Nf-|rxYJh&aDe!|<)j9c4W&Di(<d2i
z96WY1SGwoX?Se6|_UiwAKqb@|##=o(Q0eHG1^iV0AyIp1`5g>iHZ&Z99;NePUadVW
zOpSgrG@Jz^8#<VL{fPPNS=2qx?W_RD4>jc*N1q*HH8%Y~<3<wo5V}(eGkG>H=$zQ*
zb>}hJh~%GwzXKXk{)-hJMtUc+VHKr!6H=U;c3S(Wno%<5l28K7kN(^Koc^$+>o$~J
z!+Gb`J(S?c^!wUyYoN0?nLhrE&VzMrOL8;u*PpH<obc|=gunH#x2Xn59jUO+$$#-5
z0#00xx)1Qx9+9|sTp5Vmc-F&vv+Hwel5rhIWyZ#&2^&GVjO+8NSFO(0H~Og&b5Rx{
z>nL9w4(nZBV~j}e89slQQ9ZPib~)`|EEWXGTazJjoRibGn`&fd7~JX}pguwfV^uYl
zMbkEkkTAk$a?V7Z;g&k>A+2Oz(7@`Th@hX@6zX%t)9-R-1kSJe(zwv=;TdnK`H3ar
zJ)c&Oyp5o)(3KFBj>QDjvHxl7E2E-}y0&NNmhO`7mX_`mP`X39JBLQP8R?cr5Tv`i
zLqK3?q$H&49sQp7Tl%c`zJJYL*V*UVr`Ek@?R_pptnXPlt+v8X#Iv%#2UmBjyeD5q
z{8HtJT)=)q2`?0*zOg%f3kZ)jZ)}@Sh#wgwJ$IHoG0F6i5V0O=KWB{aTTYnd*wyj)
z2sHSpTH5?+KvPAfabahIehKzOCcZNa|7eF&q%ThEgbe|H{7oIZlFvjG3h0DfhsXA<
zpY0ia!|w9{mDDh47{8<l{q^*Ckrh74=|#Ao_zCxR^f|3$2g~(rz(VFz8ELs;KCJNM
zDq(4MIg|4EXw?WxUD%yb>gPmScid0DuhAYqho;G3#@*q(HP~lmZ`pqq{JxO)(#VqD
zSCSUi!^f&Wz;P%$5XF1(8w2Qvp|bM{0r}-8ztIH8y39`M^;g@#f%d^46CnOl(#_rb
zb6Cj$22q!xknjiX97P!&bAwB?TjargRRI~>{&A7qm!ex(xpfRnwV?yb>aE9_{OQcd
z5AeA*k4*M&kE)M%-CBn$X@AbVfA?0C2quhU8+^_j@vxk*?)3IH;vo%Wm*TssJUyp#
zt6e%=S*xMQ%xQ(;>u(k{7i;d+kz8Fo68c^Pyy64vQsI`{zEp*=2AZjNW!`<KMw7Nq
z)RfsP^@3PKz;!J+{h|rcM56ge@ebVT_ag6*6AU=#bcsk9i&w5s$0w(7Zy@C2I#Wn|
ztHyZTx^9B>b0;pYsVfSgQR|X&<&oSD@H5p+`c9Z@iIyf?<wq^4J&m^I!lca<p(ho}
z5m+}G=AuVkNSpz&58fFyKmenYps7mHbO<v^h1@TA(H2MhGbtyGU(&sgo<Dw)$GDFq
zhZ8$uI>GIn8-D*90L?E<wFvBt2=Ai)^ToL=tdS`dsU;*pW|SH<NTA^wQ+`%B{N=2F
zl%LICcFFjtTkHq2Ea6Sd>-Q}7PCZ+IOOhL=Yl}V#oNp69?)a9w7T>BqSiD@jz|ReI
ztVwWm34D-$Qle5K7xJzQa&%o3(r+8>2eOH5az7E=Lhol<)mzKELAG9nM8kH=sG7#z
zWIi;$1X;4*hO~!*UcIO14L8qCju8CRP@J=qwM;CHjEs5gEj(N7U&8H|_CwFw#XJwQ
zG$=ox4ow+bRJo8;OK~O%J#j3HyE1VEI3Tqy!M$lZX?t~Fr4<omV2G#Ko?lazL!X>-
zpHNAyXx7};B1yN1@GXIHcJolKSlwT3s&!_&wmvLJSGT(sv?_wF{WCi@#i2~mT1!qn
zuw_u|e0UFiR=JU$^Oyya;NZ}zhC&PduTP*Lx^e9V2FRaQI{8?e0JVje_O#K-g1ob2
z?R{2{>gS5KuMe0hN+s^FM&q+L8&m<!1+b>(T8BbMRlFuKra7}aH4bh&+Qo(pKk!4P
zYw<fVKHAhSfc)dki3GnC)%AR;aBB<c$vV&}9{yExvpm!vbEw>`i7tKN(%@nAV9(%f
zE-xSHvrKFqB=|Xgs_Y82;gY5Tr<ci5`?cFE@0)Sf5EWj*%A-=e_V~}gZrT<KHGOc>
z6`Qz}`re7F#tx%=a_v=ppSn12Hf6$as4(#JY$Gr%e+b0)Wz;j{iN^bS3rFJ|UtOI#
zz3~hBy?D+Ett+d}FdlIUjlLH4R6V_oxQI*oTU%9y2jwwZ`PG>H()xAH<Ervg0@{wp
zxy%hNbrBtM#vaSN!=>$Qxc~v;@AJv(^q%hXwZY&DTGslbua+=2X<P(RVx#RFQ~KQe
zi>(>3>gpg?X&x%~@Q`u3PCvej5T~h1){9C_)k3$f(sHxr&r9_Qb9zgVDh)2z&Q&=R
zl-85;J0TJ^g;H<tp|v6wu2Qx}`H}=us;`V5tR}8O5nfEJW0X3wZ0X(1?sFNhy3^=B
zy;MSeEQv|F@S{5C^|sMkNoXr{>?zdyCEfPT_U;B0Tr<)eU+MGfxUIK@I3VS%n+CR|
z9NOs5-cOG%WwMSiJhoG4h<Ygq-fLd^2iqH{N3uik3)!Doq!i@8sx)#<G9KK=te)RB
zr*=eb7N*Npg<qt8R=1es(b!Z}>@kQK>v{sH?V<DHd%t$Oj2b+yhSA&{1Uuw#x$8c}
z;9rV^BuE6JI%$i%g2h!8mGjDI$rrGRQr&{o?{_&KuN<J)=8VR9lkWJD?}%}JKAcr1
z0M%04I~^$03GKUaXlc#qY($0P0XH-8w)Cb+Rm_(wn1zpvX84`!D7;cveQgwB?K;il
z>z2qZCpCrStqI|I+`*bgV(R`<@9=8yq|6mSlIi$MO191QLQ$H9YfGfL@1MapDK>{g
zU-%k)o)&%fEjUsA4VOExFUKia19bI1;Br50vZW=6WIcuQ-Q+}xTSR!?ZYL^Mw#%c!
zAM`9BmYSZsori}0FlE2S5X5bNbr3zD1XrOx#F$o9dM&0d9s#LLcv!8TCG43>P?#+N
zeJR4mi%XU)x6an%e&<vbo73A7n4PQUrjfYNk$8HIFkx>x{x*%~jqSv#6OV^<m>Rpw
zg~IKqz3GaJ^P$;0E{kFEi4k8<ljVo;m!Fyau1S`62IH`w97=W>)r@LTQa>6b&BRRP
zEo~QSxC&DACqI90%&3-dP%j-Gd_ObK2Z~oS2;k(CV?|yU3V$xE%NX>QoP9K>-w;b^
zugjd0Q{+BUj6_)>ll1zvV#9+p8@XIGv4G3G$z=cQ$3atlFgj68s*NSh*u+Q11)_p#
zt&HZ3S2Mi<_)$-cVuN!%Pi6o@v@$PRB>f1jZfC&5SJ-`uCrCczD{mWy9-e;uB8b@w
z*5Qp4^;#)}?t3Lf*{d$N5mJQ${nABQi}PggqF*b9;J4{@`<@!YH*WI6L%-<ppr73+
zGENb}LiPgWH5(zk0bq2BFB`o#AA(!$Z%Si9W8v{DTi4%Ckuy)^Nlw0QXz)JH^7;*g
zPj0%RoYZYx@cMO=Ul)vD(~@-9f#O#jd$sIt%F&JLHV%3Hdcz%;Pgyf3S9tvf!+$QH
z2BNRmZQS!dbcItapHh>M*KZ6qwB?pwQHni%lit~zvjGC-oNOjAx=5?Yq~h!lhr`k&
z@00qZT~t&<BYt@}NiqAxjgE7KA!oN`e=vHJ4y(c>8-lP!2|pl7tQ4wL3JUJ1K|<&$
z;~)*@K#<^&7eZ7&ReTu1H)D%@iPYjLZgYvjq2TJeoG;79NzhD_G8QXF{5Z44O$NkZ
zibo{-B>CbakmwDPzcJmf2vglnWT{JcyTnVH7p@f4@#9Mv!@e)&g%)%d*___Zj`*s#
zgP4D9uOXRZ4#kLlzA^8$<^%y2v63~*t0LYu0rhLJ5W47`dfyWQ`KAjTUmiFXByT!p
zq`V>-judm;WYBw=yE|Gwv0n#!*C5He(dQ#aosc~p|KW~(Y{N$g&5HVQ<_;0_R%~Vf
z>zLz1xkH+plMq_|-J9wcwh`2xJ*S#-^kYZ^F?JDZZ8fB8Y5HvEP3fS?ek(-;L;Wj5
zISaAmxcqf(Vv)Frc*h9j&|J)*!cAKv1snLLY)x1Cs(ZHO5!NC|t98ZCutF0O+%6Aw
zU$`e2Aqb5Zrj0QH9K-~vm)hK*b>s6XLl$g&cUTSL6NYNS!c|g3PPi|G$ST6pIt>JA
zyppk)jpswznx$u^6#=PMfn?rQtSV_QW1bNq2k<ajnF=XUH6u<rs>9L!3^qg3c{8%h
zO}m&njnQ_jp=Sa&t-2LPzKAi%&G{HdUzg$VLPP|H8$U?`<%gD3J$HJ;$1F;|b}|)+
zDZW~2eR)vdq;+h1JL)cnh4m5}L&Zs?x3^GUo3N2g9+fDJYb1yva<0yvV2rw!Y4qGf
z{N2|S7sRpnu3+H`-wlZjN3~ZkD^^T6S01qSy80Ueqc5nOHYIFvWGhyw_2E=>troc(
zduNbXwlv{X8k&5TS&I9<X`7{8P(kx%f;hf56xn-86De!TV$Ub{p%bkkWl8umBT01;
z1P$>10?*FCa7KYX^)f1;*4wedbQ3Bws3c=G9E@XW6BSduNk~zy`%LEsy}HJoqH>s@
z6{e(4DXp0<QDU-YK{Q3n`XZL~F(sx`ro@uf{DijiP22+??=$oyHS=orH7WXfz|HFM
znx!~<9)V50cgY@i!Ruszw<(WOAd{-686E>+&qC;`=hO})3pe2yMs14P8u-b=-0g?)
zHpgXHxkz%j`noi{U`TYG`);1+rW3O3l#mPMf#N#@2iOpaef&xUoRa}~6qkFR(+XZm
z2gf|XsD1eN0CLSTUP+tio$ZJ@&4iW4F5UU}rCI2fy}~XHi$jw}5iDNG!AE)=xNG5R
zr))7{uud$XHpDuJKe2xT%pJWGl^+87sQ^z80q(a>D$q0WM5rSK<_5ny5TudvkX^7v
z;lxZz<sJCmRZQrh22sP9;wq4j6CJ}?&@YJXhMXIsbrdH5jf9&M_1=VnRAxu}D1Hz^
znH42j3zds<;@5;A=`J!<4v^|cH8&Aoobrqfayx@~ELhE)U}Ib02d9xmf>e$R_u)h`
zRAwXHs8k9hEx7{X;cu8#u$K7WH92Px1`S3EXR)C;g@23-GsVY`^wwr6|6T7_Y$}iz
ziKoq$Q6rHR<l67fuWC2I<cvB&P}zO&l>aR@x^JaPo3sz7zoaRp{+0}$B_Ad&83vzB
zYZIixRX?h`p}u@GTCqg%4Uxe`-(<=1{Xpt*O$swxA=!d7vsPJDD_ONBo}f_m21@^j
zPVOV*h~<rC?c)~hs&|R4%O>sRQ_lXcwHTPzjN{j9Vwp&;d&t302`Zdr<+_DN*pEp+
z_VRL7L<#ux=a?*PxK?S_=YVXF_;MaUG<HDsygP465b0h`f#m6BAp<b>1a{>U3;NaB
zHQtEd-zKC8CHUX(mb=nokk;Hz1=xycQDjWLihu7`mB(l>%u`~^pnSlzr(+Q9r3)^M
zx?Poc@aU={rE#%f3kzP6i?p9_7J^)PG=;!5nX!|aHM_EpX8)}3GO$l+kTOOcgbIJ8
zv%y?fMv%7}+q)063mG4t*!!t`p*pcGuER^b(|aeCswpETeA3wE@yW*M^NqCC9a&oh
z&HRLiS6;LveSpn&i_OYLw>|+`P3w`@gIG`VMWCQ3wgqSi=0#&79F|vK!IE-qpzXXx
zyxs>{YwMlRv6WebiQw(F*Gt2#I#i0F6U2tzEv#>naKl8ZDSO*`rS#M_T2&m)u`WR0
zoxa1e2Fb?$es3QVIZnm5AG}WqyQNK$b$(*k#^jSR(@7AeUP8JM_Tvo+!%M_OsskhU
zL$+$L-se;7nga06aOO74AcK^ZJ<xJflP0Ku9*RD)*5(f<vL`%`t#t^IFpeRpug+LB
z2i*}Oa4L|4+6nPS^5Q*cN^85KV(E*n#bxi7_QGQ;yjLVM42g9E=}3E~%?@3#_Z%X(
z2G!`5y7M`F5*p0*Vs|JM8dPEO+<Np=%!>ihi^yJoXe_(LS|t!EZ0+H5Q@zPKK@y#P
zguM99Oe4ZNb4D~xk&7egluHN-n~X-jDfk%b7-{VlxY>7)OD}?pcavD!7h(zwP;%Zx
ztwrg?wLP_UMh>868~oWfe^c0$v(LB5zKIbfxSot4z^$*ie6PhL@g~56R#3U<+5T{T
zdded7Ll?Ijm&|0WWtCaVMCaZ<&G<J0TM>%a+NzB!amsEDiG#L&)g8v5E$UO#5>hQW
zCnWT{Xmdg;b>r%NprRCU7RyY&xVf0vuLH{G7dM5pprnxPk~yOe)8X~gy=~Bs$zfF&
zUC54gTe!Ud?23sf{qTy(Gta2={qAe{b_AQuJVf?WJmOOOL_O?JKB-<WVw}n3_%za0
zm=hx~$nIhn9)%8r0z!^KXgquq1LviQF<#@?3_@F%F?`!9UakcTnJtyt=lFxzi)Sx>
zz-JH#$tFj1j$>3@T<$z%pJKqah^<QL2xzTrtn%*n!u|5q(%gBAGo?bu(-`S=k+15)
zb@jCuXhTtxE>JXY9N?i`OPXxfXsS=P>N;MRUOXfmjROn5r)%K`ZPR{{`w<m3+I~A#
z@;nL1DT49BMs!jrof|9v(B-=j-Z|O4iO5D!#?Ba(kFy0!OGx&r%zH)}c_!Avn`gH-
za=1OYKQ`tldrZzYI?b7%dN{)J0;7#26%;(5<#d&5z_N{Q`z79sfC^ev=+dXhvfM4|
zDS^+QVpB(^)?e-p67pL0X~@Z@sS}9ykFQ|6jAn#T8&<#Gy2rZlGFAAQA|(FE-48Ru
zhRC1_PdK=H6Zu88dR6f&uXZWgnFg;^wY2gxH`n7DW7@GR#fzIPRsnG6Ljm6R<us{t
z_N|<rITuBi?HBpmFZzs8up}9z&<Zg*vn2W$v>9AX(uX2+L7c>XrYu=ZbX`9-8Tb`R
z(QW&snzWU|75j0Ul$AnC`rW+b#{wS<2-mRbyCO{S{g_7}h-w(m`9+F_#u-ezTYy^3
zh-m2)C)RwLLz-V|R0~up1A5YAGE%T7_=XQkJW(P&?BO2*3F&)G%e7fiq*2NAN~ROt
zTljUd7!Ue&KvM1vR``2ZyME5qO=5PGP46o4;y*<9i8$AKY3Q?w>%W}s7hF=+XN|{Q
z96H<76;Q4pS=#hjqU0T-t5rkjr)!q6OSAltxdXqc>0Q^Pu||86w9=1Hgr&DLnu0_Z
zKA2muk+_hBMigqT^^<<5mczvUN-H@D`yejVXN2vh1tiGK7|pVu89aA1hx7ndkS0+|
ztHtS{%^X%4FBpH^E2<B*x+Xg|!6%x#CVJk?2(cA)8iy>$>nj#!;Gr$a)XjV#$}Cfq
zu6pQ|SSa-xI!Il&H^2SP1*&q@C&G(oZfEs8Vk-B`IUbqRN|J(<*lF<^P!_WKj^Adt
zadjK{fUZugZxzLZTYr_TC;lQC<$ZP?GYC*S;ZkTG{hYnJ!{-6cF%SS$=96H3K%~?W
zMhf>rx{Hc1`RD~V5G89;?u8cBM_!7n+7oHYuFskil-cK6^G^81izosJY;7*u<GUN_
zws6@g<(IN;A<6x~7W+0?nWvX*`I)^oXUIA7ji89S{yne68yI#xqm8edByC21E8R5#
zaXaXIfp7OTL)`188gvkMI$2MBgXJHvg!I8O>=`BWZqM`!?Q!v&lC`_<&I<X1F((Pa
z165jXQiHo4^P)v54M?GPygSw7zM)ReGo%|d7l}Z4#P*F7$~NB}7g%d4j{my5G=<XJ
zECcF%xq`(?Ni~EhJ!5#Ol87r_g|4pXO8v3uq`&RF5L$HhWHT(a=cD=~c;gHG_9z;^
z!d19D7iwIpKZJh?Omm9|s-rEV6QIfbKr8?ABhABFg8b~8q%7Su0&!Wp7CV&g=^uBA
zS|OxLv*<x~0%!<B)Fw5g7`@v_8N2JX*5x28;@A*AXR^K}UpCQcHM-=%^j5>1MtaaS
zZ-KKIok43*z!HjXow+#nI9Hm=le6*A8P5vbK6`w@$@<xg6|{*40xrYxHzU{3dn)!F
z+W`&{qygfQdDS~7OA;Kk;1br+)#SkeWk!nP*Ubw4)OcfI(<pQ_;pf^JAf}>WYd27k
zFvi{R)&`OQS@@8Ix*KOqDm{%|!vJW^Qa-#cQdIHETK~)UOE=)xE3l`#9GnILU3`3A
zH+yRKX-gP|KcP3>)d%Bc6Dy)_w~8IX7!A5BVZRR(l3bOV?=!jT#*nU}d}Zja8vI_;
z@A5XJC(+e;5x8z0)O(x({KS}_02m-9D{E(jCb?+5qW<Qhe($2MOdsh8di<J^R1)W%
z%JtC*MrdoqbCB#^7{61$KF!j{_&iGNCA-i=KXa6~Az6!gTGxKPNN?4Iry`{E>h0)H
z1q)rcd$$s<^4JpvOP)`ktLmD1xHvOYaeP51m1*u>>lD>Nhq(1~>HzB^e2OwqapD{{
z<yW3=TyLha1aWN^Nz4QjZAPsgA{V?Yc0Gt`GeUJjNw<%;Pq1LZGnjaEiL_$aU}z~x
z!PSMU)+o-$-1E)1DXZN3#tPKos1jo*jN`RHB#e4aB2}qVqyY5sK5;Co?_nngWc*D$
z(`eySPa1NBHY<Rtn)K2L&Xq49VUL=&Y%dyW3n7e>9IR}ggkHT1pN`C}(@UH3M4r?z
z(ro@&1`8+tEGkDjx{qXAUNE{E%xDE?&C`rr=Uj<BZv&WDX>WXyKl|5zg~UpAoH5E-
z&Jm)zBhD%nUw!L4+d4W+x-YeQ8GN>?G}ZH+uE|IGwA4d5g9OJwW&UFyD0aB|tlSyx
zupkgqqh(jpf6luy38lovKjWQfT$;~!!*j0ibT2;{{@__6<%jo}IwpJ%@4uB6z~R<q
zTi3GEdGz~s_u55spM@%A72n{md`O!3u;d(SqhS_zN!GnquCt(tr<W<^c5rrsTu$R)
zWu3)@Gm6d2gEPuH%v9QH3Sw8|R7$Aqkx6lr89RyjsA%&AGm`tcKcl%II(<)vTT9(@
z$B-ihR%^-sqN)Rau90%Naq5eYz7%=fygm!v2<>!sY5cJiQ-!}8$yhwmyK>@1gs^gY
zRe2xNW}mK6@Rlb;zK`QMv1oj1w8t9Xfm0O3NreN}Mapo}fvW4wgHkPHKgA`t9%w5u
zm#(4WRyv(&L^xBI3G=vk^DS(f1QS!09*5_JBP&sr9)@?B2m4T2?T6>(yspYdYFqWv
z6~alu>}FiWOyTIZkg6#l2_Dr(pupnspbm)__$~|g<iP)(VDwH(ls|X#5`Ie7P!73E
zmynjdAm*p(NHtps706qFB~?rPsu9EQoXILltJlVxwg2Rh!K1N9+U0d+GG7;6b5L9p
z$&U{!XzZhz5LRzyKT5|Cc5{*k7RQM79fQ(Q){ksI2cBG*TXuL!X@B<0p9kPEe;Os@
z*E{KxJ_icRi%4a76KW01p6cK7SEu?qW&6SK4bz`#-r_nWPl7gk&jtJ>PI|R=qHogt
zkVTW&w?uaW9@ILRiu{!K&y}YYJ817l8>MsnWR+5XM!9&4u_XSC#J|nI$rNUANXq@-
zyIoRX5I}b|GTBdZj(XPop#H$rnFPDt=u-4hLQ374oV@emi`)~#-cYW2>cczD(e-Wh
zTSpyg5Lo0k!VZ-5oM^lK(z^lS92<RSJ|m?ngO1Nu{@jpNr@<DZSxYhTv(4*mAggjf
zY4NCIea<;OtK`!s3!7nG$0~4IF?xRMG*VSAujb)r<yi!)uw_d7wB3cL0`!G6HODGm
zr3)Kb8*%$44?4A+lGqux8JGHsdVTx4w35|Nu?r_N16H7w$lk4G{$ob_;09G81z%+$
zU7=FtIgv#=+jXl!D^Y8B`3zoKM(NCqluycv2Zdx{w;~Te^*CN?>ln?CJUYw@ObhSn
z#;4y;GsZ}KWBj?8lJsV|TtsKeBvr9d7A<8@6g~vO$<Su7L?16L!<3@qyzzVw?n!sW
z405Ay5$Fvn&(9VPunoFe58qsHEhZf5i?<W`^$k=~lw~5A(siUwC5k@7nEFxDTY~Y|
z)JR^VCdTcuK4Iaz9yMJ&rA7QMJA16L`SN^mJ(v>AfZ_(U1uObqL3@GDOq6j$Z`vy1
z^ydjG+3blOSUQ_q-+W6E=zYM9=+me-2Qzvr5)wrqarXU?61p|IdO_?0@+@80BI^<{
zc6)fVDPrs3qHmXF-A~ErnzMoJ2WBv<@ppUL@z-v$D7r>GW%xE*Lzbck+-uhJJ!iIA
zuMQP5-0{ZiiNkGK>$hKVNDILtTo|3MfF=@D-2AL<w*nz!0uT4)g47vRM<367QsLra
zAWSfz!pfDEQl#pJ%I;n+=^6`y>U?9rWenkV9#4WC@ykvHa4qaJzW5WDkeEM%C)tLe
zgg;a6Sn2nh670hY)|}#wpO7VihX_<JjIRtlStLdfn0;kbVTz=B)UGMEP$hfTU-N9?
z-OIEb>a8hPH(Vb}4KOsmGUv<bA-dLA7zcTPUd`DqPCY%5O-xsZMb{rfZ0uj_m#hN#
ztVuR_?Qs|fv05RIAt}9#Hx>qmw2L!Qb+7KOxzdQ!=t^ILQ{JR4$|LW&7lyX=rZ{yJ
zhoX9HhNWTDV+b;oMAKTubYzbmV9azIOsTeJy49re`jNy;F-(^Dzt)ZJ;;~13Yb9g?
zYQ6$gPLYS^HK3|2l81ADU9HjdMPr-4N+>zxbk&y~7~0i#_&l)u^mXCND5daeExb`w
zAeg|DBV3WiLZEO&{m@zWu$hPL-it%-YESOUpXUBzJCi*jzXM6~E0|K&muSHH-sH;_
z3Ta6@O8>I$n@{a3=fy}Rtm}43ap>1bAX`DrS&Ic4@CrC2?#fi4&zEQYKB3$niD+3i
zp^7XtXqmo`@6~{3!6Ut*j=;jYQG%YqbZSU(t%a3Q^3i(2(K98vOpL52=x4#BnEC4`
zzNL7nw5!hH0IDy)o|Uh-6PuwXc1kJL6I>!wpg1wWwUWN^8TNNVEw9<<fx?$e0Kll~
z?~Ga?3@!i{fCPP^g`L9A*Ye6lP$3z7WN>mekcZ;8t*CpzT?lGZgo?{x0semUz`NN%
z%0HkolVQRuXv*y|H02iiZwz1_Oq&CI`KN4DJ_kr5jEV*TC`-Q;XO&lxVSgI=mjg7N
zS6I%obJPMVm9B#d0KE9el^i%P2T1;>KlU}t;VmesBE<hDbpT$?0a8-_W^UYB$PWVr
zh@b-ig#UO#BLtJ>0_hBY_xA)-j|Gba09Zn^jQ@@AEd>A|;qK<<=<vqG!NTtUNqznI
zkU{uvWkjG+D?rtIp&tHv(!lw-K(aqf81HZES)p{*p=|K~f&c)R%;2?LAkCkk@WX_x
zFQKRn=t$%Kg9-w_%mY#j{0_>-nyLB=v@dfg2+I1er-=sukdpg9S%UrZfF!^?aC#n)
z{LfUh{Qf-wUdRJdSpN3vwAa#94OOFk51m8IzkC7!R4M>~%-c6IE++OCG+h6ucVVHV
zoqcy`O9m+Ue_La``TwoK8-+l;KXJBjR@w#ppYU#QLOzh<&yeXBSek7L004NN|2?k$
z@4%D!K+->Poa95}$ONMl0AK!T71JeJ3WP465S0I(OpF|`V!?lW|E;!6@K3ZVMc}9c
zAnhNTXl{P*T%fB}9}4+*IwHUm1wiUQ9p<4(>AJrL0Pa2ho2F1B7^@IS`Umy5*e~8c
z9UlEk4*CTxz0Cun{Xzb%rui=t^BSB`2&Dc)?Qc=Ke^KY)nL;3q`R_UXTNUbG&?W!~
z(9lrQa5S^EaC_^hY(euM9lQTt+<(`L<NU)L3=aeo6agv!%z|JMkOU@z6RcGPr2b>@
z|7}3$184j%qW!m_fgim5zlO)(26;g+aWRnmPvCzi`v1EPPb9(G#XyQbj(v)u&D_<&
z;9?*d?eE?Dcdq}x&3HjTfTn{PIIjpuEc<&r{+xXOIr#oPSaO2?KsBu`JS|-QcZtJ8
Uml3q?0Q#Ol_gO$Cbaw#$2Y?i5iU0rr

delta 38461
zcmZVFV{j&2*C^oFwr$&(*tTsunc$9Xdt%$RC$_CS$;6Xn!ZXkFo;v3{@2URLUAy;>
zuIlP*t+n^+;7h2kX(&WxIdBLJ5SYJ*Q@v&qA~j&rv057?{5k0!N$0UhPt%lY3#Ae}
zb1;z9@~Od$XZjQb8sP=F1?;x2!?S{|5UToot(JY5;sC4g_Yw(F)eh)8AYQ+OUjwO!
zJb3eb4-oO+cLL}d{3$CH0bhvJb(U~)#r1pt{d)g;e_}9rmIDj69%_RdGjsHZoJJtj
z&<MZ~HM;kQBjEk;!Ql?F;iPm?ocdCh+t9k|l+g>%Uh?(k>swLnSIkRDc37yFSsEXU
zCx#yeS!7Y-n!lUZv^57bsU@kzPZ^)y`xA2)j#s4Lsr68iiOVruLAQ(cw|tUx^)zEs
zldsy~dRb~kB=1#VWcd(V#@0I+j|D!-;8}o#AlFS&^4Zj5ccLBg<2W%n;FLOIowUe?
zYk|$5WqM<Qm_r6+&UW89{q(~X5~g0m@pcfrM!^;HtpTE-)10t?z@)Y*r`m!Y9+K-x
z>wddS!*x(*eLQrWt=6dPw1P|voVV=so?&GpU5hxkY2cJDb_gv~_d`pY6qPIPpbkL1
z%j&l44ej=~XbE{e6UgtESc11xd6e(q5qA-$O~1krpCtk%TqR=e4bUEbqqYm!ODUw?
zp=hfSAc(Nb6_V`9I5hRN{dT$egP1h&y_%=}I#husy;PTFLc~t&SJqu04t9)dm4FRp
z>y5SyE$f(Zoap2|EKs>MK}UR!x>5-ce;MXp!RC<{OO07d<YuZqRDa?FKbt`Q>$b0z
zoWuKBg07u;Y>ZLy8;gf0n9I+=hpC(hOI)fLd;hS<fFmd#Cgq=$8he<a`xnb2mdC<)
zE3@3M*2$RxjhCO<gMMcDY-ECKP^`-%%T5B{^mQqfWLf{jHjdS4iXVjYaT=TeF1yiV
zPU5V7a9XE}Embn(txxjiXxDaFWzQ3wXPrd`s&%_N!2dkE&fwxawrj0HxniByQ+F+W
z-f+#x{jxInK;4ND#_1RnFN~zsc-)>LaYBx(CeD3g85!ar?*`5*!JG0#Y@j5W`9INA
zNF-7xsBWqgRZgn;gS_^E_H+FKpqGx0W}uh9XU#f6zXzfR<*{GTcy`>pJ7yEdmLu^3
z5Zbm>do??nUDZB2N}?nPz|Abf=Ex*98M(ID^>)ns(FfXM9@ssDo`Qfs6e)P+4rdfr
z<5`Sl%_#=3FM8t0%Po5ubN5bP7%XYav3#cR>o9y&^`L>e-pkl>1eDVN;C(3C`8uh_
z6ViD&&+0f`t%uvzeE_Ah+qgqt(fAm_IwtDAZvW_eYb-%DZyiZw)qW+{1JHZG@t1u_
z<tLaCPAs{s$y^HfD)Od2-vdf3y{D#qA|fn5J5MK0k(pvjDPK`Qzgrq|FO}b}n^5EA
zxJ*;3GW2R$SEFhsL6rwNczwU;jIgpCG>k29BnAWm1Y{Zp1myo=BE=el0-%&oC5<uq
zocHME%o>xG=m-j0n4&{s91<8=5Xc{T_ybN`Bk%?I!)Z4>zW^SMq|)eG@NBtPF+ZKu
zk>q6^Jo3KkJzM$5@mmgrNTkSn<2m5VSg3MxPf<;AS|Awn0u>6IV`1w2;m0$#6lNtd
zuM+4Gv8DFu<k5*8SZk{?2Ow3zN)UMt(d_50Sb%5$X5IbG+t%9_Ur%8DB$ha4>;s#@
z(D<{JI}+-v$a^+{L3CY_g3O|4$>b#8q8LT3KT`fYNQ*o77wM;|B&mn=8zb`^k~@*h
z;jZar=-zc~o=UVC%6AM`Zd<O4N~cNPF0xgFfHoodE%gCo?!bwQbHD)^M433Tm6uDe
zb2gW17hz+8&J0WhX2*W`Gw(TwpDOs^Nsjv_hj%4sRnE>+6@T?SsDsuM2zj2HvMKC0
zhO>iC+3_$3J5Sm+|LLrlW%^^xN>XCtT+Tg2Wq555n1MZpM=;M$TYA4k&Ll?v1zv3l
z2HCf1Yfll*z$nC7E`SN_Y%u~|Wpm9fGryAXebM^vO;zk~+Au$d^{ryGTKOuM7;W(#
zRBQR&qE?^IhUY)DDAP7;_rv+35ImAqrXW(ZmRG2aarOqgBW>hbgc@3%vP?izoKD0V
z#}9ZJzYg}0G9EcKaOqdmIxO0EMLC6DL_#lu;mRWP0Y?iVcz|Ki&nl{_nM$*|0k|PH
zB<<I?Lmg}DE{&t{4~aRaWFjufpG_3h-vT}1ciPL<n>_ru*Cfe#;Qov;TJ~z-zLr%R
zWjQyporkY5$Pm%>D8wWC+;+%_G&ct$p`ExMt!+47vNfflphY1M^F3KmgjwJhsYps*
z5b*KV{xC2Zr2yb3w9H1lk{k>>_e_Au_~Z%NNI0&Rwx4mT<*ZecT%=WEV>3~UMgT15
zX~qqR?Dq}Yp;uRR%X*n`%?zB`QFkUx&hcWa?|okJc@m<2k-tCBE8?19Gw+ah!}noI
zyaCR+5|#|!$-b{S7|m%TkXy9g!Zn=^uk*oqwQ~pXAOi3oZNHhPV>LpLQE5|Z!6R2H
zN@)#^#?>q-69)#|#0jUoM=g$oF&~mAkUIj9(0+TzkQ3&REN)$tA2A1eZ9KRrs(Tsz
zQrhry<7;f|*|B4RpGiU$idNR_nh-gaWKnE%^r2a%-?*5CYp%`To!Fq6+|7M^tF=oF
zf7Bwp^9Ixf0pix<HO9($e^Ug7))VLm?^pPydU8(EZDuWhYi<~K_Yu8YJ8ern*GqN*
zK5Muh^l;HPV8evq>Ny?}o`^GX*LIp+F3x<!%rkd&>F@D^W-7JfGDAPI#B7LCE~wIF
zya}Cy-q1A_)Jb{$;t|)8;Pl8mvCZr_8<B$~nHN*@Pjhzp?KZbEP8WIyKSx_64Nu5W
zoexZ~7wm?_GMyR|`T|~J|KrG==6fi~Uq?V;|J#v67;22cvC5Uxg{QoXq&yoD^aq6y
zs?+LbLfAAga~uvw$W!DHgiUI8>ub@;hz5-DsevMBSH76DvgCc(h=dELuZ6c;n5At%
zzhyo6ck7Ie9u4kios8`bimacX<{P0gbJw7M>4JtyF)K2A1OoxN0{@?n;8?Gjf`h;Z
z{`cIhf$#(BpNo`dGz!3ulbQw2S6=HG?=K+mJ0A}We>FyC1Lk_*N=So;y@7HRx>=iP
zAP%p4MBRLAF+aQ5B#C9z-H`Y#xHAmW{GTKmQTG^z2ScZxg%R%~Ba(1A=9;-JEG{_i
zn+M;%J)!<H!H+-v#Mq!Mg;Il5m}t7{p$l}%@&z*iLTxZD8tZ_~kp-q@2e`Jk1~CZ`
zLZK0f^(8tyW7_q~eO%aGRA2Y*(5_*B%pS4*5{Q|}a(J=XK)vZxb~LWGN8)y)_ANJ0
zp(R6B&o&|3Lp=XnO48*YGyHGkQt^DFB5&65jOw%#1t-o;8ZBx#SM=l#6FR%GbXB1m
z372$^<D9Q_1@wTNxvm{F0mfQrikGg%&MFZ?npo_m*=C)E9uwmNKtZC=K}Sd!b{?0C
zda$9M-Z0bEs&SFb@OO7OjD-d;dd?aN_4O_eih0Im542V0lbfF>xv_bdjFw|kxjo%p
zWWQp&Hbf0Yi}oh1whyciv^i`Ncr^udvxb#9a)=4Nip>BgvkO<+97fK?p6=!XXO>cK
z@zRm)QTe_UEt;27OT(TEirtDy&32cF8+9|VP?}LSh-hGGAR^Ltg+_0S3rC8ZCpH!Y
z+&)ttW0`H~_dFJ?Yv2}H7;O7kuN@Xnjn+S^AXxRrj<k6LX>K&ZnQaKwS=lA4IuPWD
z-@U=AeW(Fz4Q;SQlHbmeN<tcmmAR4U2zt0TC<>F5&>X*KrDR6gF6uJTC#P!LyAZiL
z+!nezm!L8H3da6@^){>?enOrqmwBij-c1gF?^r*cEQmF8_?AhkG^r|uQz|3JYW{#X
z^i#fhUwZFoCO|AnNw2DKzJ$%>C3VTFHt=9cEae^$daxFy5qFX=L*FrGH;*CH{w*9&
ziE#-GbEcroZa!2bW=?b!o%Tui3WkaIg^RrudzB$)C4h*tANyq@NO9a)8LHX_hsxrP
zf^giDFNosAIZ^T!?<A=hY_~+EM}qo}2-78Oj75qm;N)e`CU^Yh7`!OETHMB>=(KQp
zP>Ub%A~U<+t}=t7YW|X``6aNtdEWkW;j)Tj=lInmUC%Vepp5N1>?<Jz5|_0b%qItB
z+B7}PnEZ{hzLGxU4!e!^BxN?1-<x21fiu?E2*OROR<xcwF->^J2Ark_YpbE<txC=w
z$;Y%u4HpLK&@=&j8ZN&Z_~1R^#VDa8skt&Bq7<&uT^p3tpD>-Oq<<I=?}7s_c7P)|
zoD1;>YEO^Ama-2nm?`H)97sJBb2L>m78^(Qvds`oe(PiH$tc^!93mdu17XcYA)bNN
z&d=pby$mYd<91L!Xym+cxbMU>kD#WHq?_mD_T})AOA=Qla_5B!jR|FUbOvKGuMjtY
zMNIvI>JHf-rs<Zqj0Q)D9q~rzPyxkrx7hyi{eOJk<&2~aUsZKwjAUlqRiYQx-l6^s
ztDf+wp6JHUh<w$BpF6$Ga0|nHq(nV6_0&BxOtg#SEB3bAVVUe+kI_n7PCXLw?pa(!
zIHq1-c$!WwrP`V*70Cd^yxTmOeaI>SFuq;nuS`$s4zH)n{>%ArM_0i&T%!52I(M<6
zaULO8*5)ldYF%fQEyylCxZHDyiZaQS&(o>bOdpAHJ=O2eU}0Sc<$~+q1f`Xk4GSq0
z=M7^Q+`J?5&(6!Ih<oF{!2dC^5<iJ`^DoOK(EnwkKnflX9l*w!KnnBod+BQY*pVIM
z#$c4pIMS1CZ#s`?pmr2vtpgdk148vgP0)aKdnuuh*LU`%>Nrtpo?(ahQ1b0^@Pmrr
zXiW)-KcE;=Jm_`8>MGkPH2cuXq!N@p`ANlg5*F2M3H5uvAG?>IhI8NvJ6^(p0e*vH
zD>UwAC`V<Ty8sS!ncTKpQ+$F^irMvsTeOh=<)NR+9fRQ^!8V4D2bg7EjPklPIy8ET
zSY-_IdKKEY4Aa^?c7?Wu>7h<$$f-6LGTYXq4W!B(;bQEISa_CfIpRxWpv_@nISkWT
zpO*0T`WH@7-<Nu(INGyMxt4mm@aqTd7<*>NF7Kf5+W|*$Wj-l7zHS^%x9JqS*&|!Y
z-uz<Yxd^yz39}u|*MVEh;KPWuX@E@91N!i~rZdfzN4h98RB^PO=736)5FK2WlEdFs
zmrBSO?)!fv2dXNR*E9-n+d?r{rYFA<>#<GDCjJ(gdw%3ZfL^>@StIvHN66#VNJr3<
z5;Qu+Zw1KU#&)M@h;}*IPZ(dn&hsoKaTV$9BtNABWTDjPDkj;6OMxde$2E_?2b3vX
zw`0j4{-%b($pQzsDV3roEd{bxr9@h0O?wr5I3l})4=%MKW<1yX5b<ixO4@>`9h{5X
zG69hX-#91pf>O}UhQx`8SU1lm8aXRDZutoi$N}RZs)qP4&Sti<P)NH`UMjox&^Kd*
z2vTG8hBQ?7ysQV4WeA~q^;)G^7L;NK^o(@ZH5mCwVYaV_HM#Jua3%Ay=L3v+t+;h%
zFXB-G4`n^c)fSnUbw*f)Xq0Q*Sli)s%9ceEBExAzCH-Ow5*2r(eb8E{wo#?T7E5gz
z)PVSVX742>Q>l6l1-=jxIg(Di&Z{)@EQT)K=>^uvCD(gVv@p048QGWu{roDfGQqt}
z7Te$7X1`aVYMzDa(M@*6%S)p!iqt%|8$}k`MrQM4Q&Xj8%OlvPj7S<RTPVBv!=+!%
z8?whK!*_9!=^|U;EOJgp!?1KwX{QWg;sYY7e9*ry3GuSX%tmf2w|s?zCI!r0WXcoC
zJGzEN+p7P(JH1p|*HTbX?PHeX<5Rq!$Ww2=6B+3vB&FZ_(P4RXPbG*kasIRm+!yq|
znUcd{&(~H<Ees*&x!Cvj7H*`hZ!%4N!cTGUxr3ajm97XOC9pU*;3^4jLXb3w)&TH#
zz!Mwq`<Mbo2chpsi+tnn?OrCMETBFb4i=?uRiKH7#|izw{!j=3_tjoFhRd4nX_wSF
z7yV^&y_~scDerKhe~c0$T@RiS_!0S-%2Bk3UjT(nZ&b_3FAOU9w$eL2c8(D!6HS!1
zl36aobYI6dcDY(7Q={`SM=6Rv4gl;>*F|E<LYO)B{JkE^(++C%t<k7vKD`7o`paYc
z6BCge?&v$GM;1!sr48(aK21A}8Ea6@ULkPaB4p7uIW?o@6V7*VVL141{$Af@nnK!0
z&>XaT<1`glE~XOT?D-S7Yt?v7*X8BQ)FGPmZymWfId<CbXDVg(oD+|`!2r0DXx)py
zAd0kxwsSPf4GQk5?T%eAG@NSAD}&UIYpH&e>X9$;Zw??#c4cWqk#%zi2wAt=RGI}A
z6`P7?0jX#LR95qC{odpsG3yzCC&VR6DB*VV5=ImwBAI*hs!Gga%S$onzp0Dzv#cUt
zkzNz_DQ1km6^l@il~6Z>qyvDtQe<w<M1)ya0(|`#HgT%mDMEGw{lSWTfsO&hZMPCv
z`$nZJtjA_@QT0j8dCNCC5X@y=ScwEP3`2B8R}^_Z>y-*-G0xHO>$wgla<=rGjP`nA
z4o)GZo5uW`#=ow9E2nf~=UHy!C-8G6J4F2QOLpzvG{$Zn%wL4s+5tdyzsOwsPJX3r
zsZBdxZg{3Hel5R~M!%`@A*sk4v<3D)tV?ySXV@Iv<M`=9TvIy(Aa>z>QK2WSyTXLn
z<t&g|op0Sartx;LkVcyWikFAJao8OI%VHwttPis8&UK8&Fe|Ovolox5_#*t>OZ$*=
z0O;K>?F~5q{Ev5j9Kh+`C<Fk6{oS`C4M6;SOS~WODJC!i2o=61K2rH4*%~4?_5Gu?
zp7vgTMe&8(9rTq8`Hp?%`AP3d{l(cG^A(<V)^A~S+;0~1{(Oc1o^U1dN&O`EY4yYc
z$P^s<8X`IaDA=C@<Q{MPshJMG1}r*|%G0G?;FHKqV8k7X?d=bEk9j=iI8A;?(Jh&1
zqmBOV>2A!?tYf3)NvLH79Acv19cZB5NO4QND@DH;ou7P_MG_C5ybI&(Cmh0k8WEf(
zkd6~m1F@6c!I)o(|A}}%_LGB0pg=%e5dJITHJcC%!~C257gLi0=A7^)Fh0kg`to)d
zWY#@ZbIU4IS_TcrSrI8yDVUU(u*C4x97NdCK*n_<5XYE4RR)9fkhj0rsgnjJen&)e
z5wCvIj@s=c)413J?P(+o4Th}YaN2#d+<o5lQ+hjoeoFvhIIN00x|J`X#G+tBi$T+g
z%3zQ`j2%hdHCjCd)Wm5u*pmlqDdaY@!YSpfQD{Ey^6R8&r%c#9_l#VA2Z$XipkvD)
zLssBHwbrH&Bwb$epX8j_*Xr-hzW%b*-ZR9E)CjiJBUuo(gG^Iow+E!HSaZ!$)r6<H
z^6%%gjlKGSU9&Lh!e5%a^$h6W_n)g0I|Kd9=uvR=kS_-Tl4lPy1wOSsI%XpqNSnl$
zsSSn>Fw@juIt-jOeZRQ*W@MddmnrIQ>fhp~tVG^)k7OGv>iIKA^}voI)F8?JAaad9
zLy9M@@zwW)(B`59hCo;n$RCwN#UL>qG@bhB86UFDg(<e;aS&qMBB37>^uSw2Gf?m}
z5$c0tCq)ec&I%%*A&O3P<5X%D3ZFOoJ+!vBVd(^NtyO<=e%vIp$#lEi<`+*Ef>oNx
zvT>$4ZNpsXfx&;tU3~Iq%^_Us4Q7ne*|AbICep!Z*Unnn&98_zDdTKnLmIhHwXPOI
zz0DaZ_)mam9uq@F-X9iz0|+GS&JLU4A8^L-!sMC)Zq#rD&1beEZjZ&pWmUK@GE5z(
znQ`k5GA1bd&AZC_p@E&NME1<R5vX%-u;d0j1YZ+>z{)oigF)C(i)j>7f;jH#WwA6T
zPnUdp*6Znn4n8Gue4YX?S(ADb&bajLD6wXChCiTj7=M|?y70Cxk9NEX<S=bx@}svG
z8xZIKxKi&J9j&&Dr{)W@Tr~Dlrg~yfDQ|+W3+ur3CM}+<I4tSa-ej|60{|#lufb#%
z?}7S~xY1pi+Ko_xBW7KntXwW~zP9r+4F2;w@Lu0s?4C8n<!#Ovya2~bj(&mTo(6W$
z%pRWF#Pc)+c*8ujG<@L<qb~7ONySGU@@gGAveeFbWp}7~;$dj(g}5BnSll*9MoYBY
zMLvFFGTUVs*NG87Xye9P0*x|nwD>~ytYMXa3|jI}mU*w}|9ob?;!{ODe+z9{$p8Ax
zQV8j30lsSZ8W>*=$v>&KAVp=r>1~z0SfjCs$YO?R%7N5EL?SvUv|dp828Ee(@7Nbq
zCaek*N`1NT6?^!_^A*P*nNegV;R**5k0cy;Uo&x~mRVArZ9nw%KXkmU2?O3?Ny5A^
zDV+Ht*-1z4YGTiVd8$bQZE$fR*(^f?G{^K&0CV)px52S)a9wvr^K(BZpc)HEVr@v7
zqnDCnbAxFVV{S8od6>P0B2Nqg22X<ZF^-c-nBi4n4%iG;Zt3c1yb<eTmhcam6trX5
zWZB$t^@Ha&6X!Dw*0@?*+D=N!FXPR!Qqa2G#pv~_y>PAcF>!IZ3A;%P`yKR7*K&D7
z02v-8Z9c8?r;%1ncBi&{H|ycFrrl)-OU|>>x8vy8ln`v`iag(&!zZyX)5zL0T1~S!
z3adRFxtW$b6rM-W^HhJ^QjRxF6SQkFbPsvJjvqRR`=uzC&2=#~9}3W3tKDnvFx~Nr
zZKF<}HTzVz4CYzb1(l0eM5o|nfM6;a1LQ^L^4#6pGz$~gYk<!Dl0l8~8wE9u2<>?X
zKD&`V9pb^5Lv8hTq6)_@B~Mf{wi1TviIZuann&H8d7PiZf6S<*sK+G7<%%oSZ9_lH
z$HpF6{g)y8Bq?|JQB7FYOIW+G)46Rn1514{hjCOIkv7Auw+5R$9IaZzHN4bQ0V;)q
zOuB8&WkaD7A=A#F87<4Ig|(*oqZ;dUwgr)VV;1&R>qDHlh?r}vq(=&vP9_qgTi#Nm
zi1HO3w3~!awwR@}SJws|g14oIe9XLP@$R_}s};Q47~hKSeA~sRdjNBq9cH;b49nnz
z+jE`#xL!Ix$}ZpPak}P$Kh6$z0oYY8<Ci(1!@ghwJHeK=)!q34U7|zk&?LVqVl^st
z%ewpXQX$%_(yU!~G;->lw@$zBcFaonMD;4Q56xsB2s-4f=_d?&Q$x3dw{qHD*5MxG
ztCQ3Q?$y#=K;migNm&yPO}E083b}u+No{C$9?`=1OR!hohY&7GCsvEn0hV0DX-0e-
z-h{z+73b5~IwLix=k3C0QH$%Xz|fK(fnnPAk;J|H8B65Oyn>EJ0k2DL)HiB%^$Cgt
zLFVwPY=>LnUs`CC0x~U9Jk8Ij#y27+#EDO|@>fuwh^J*;y&>O7hjh=UsJuw9!@(IL
z+EF)yR3iyUL<~s$y-5990AcwKkI5)Z;;*`q_D9C|Ua#B>O1WS~VOUVvI2fwOK}l3Z
zJ;y}IsJ|Qz8>j^-g0p!JWfcf8r}>HO$WHU((I38C%j2yo&>9jd!u4>>iOnMYgE_k6
zXrE{;*R6QwgvK$SAi35vtQ+c`Q~cwQH@G`S`$k;^6z&XXcx}@YRK4H15fHiWoY50d
zeAPi-krqmzA6RV*BM!y8Q^1!Q8*X3+kt3UkQO$%8Al|ZSQp|swTp0bs%Km@}JM-Uq
zRrSB?)#i9+4#<BO@kTjL{&P{wN00h%JZDzKYyK_A4fgMCW<?<A{~6^}PXBi_<)10%
zsz3fSC0YajKkI=N3C>9W&c)BC006zv|C*)1U!M{$R#?a=3J)PJzqE*fS_>(jjs<U1
zkv@7DymZ=1C~bLY4p!S8*>Ttx^A=1)N1`D3M9?=0{e|>#v2gS>d9s@&Eerc=viEt%
z>)CfNkNES?H9;U(?n)yRfAvC?0fJ|QGyf4NA$_CNFd^x7<v|_F^{Pr7pcn6Y!DPTZ
zNd!@hw8VWne3_+&JQnpd!L~tky}X#n_fOA{%9ilhc*yn10i;2bT#Gzk&JI2@KQj{S
z;Bg+}p&&A$b2BJ2gfZOh@%;co<o!VuBGY%45Gf9UDVG}y=L)=pgNFEV7x8g)@8rtz
z^@F9F_t<bNPJ)%&++cc1z&%?=N~K<IZaGQrx)l-2k<AiO)U$7$MM4d2)FUrblseBF
z<}#G)sR(l)>y1ymf~f}WPkDZFYy-z99e3K2U!6yA7qVXb$C+ymlkU;=23ZPA9xJ*(
z+j?>^IK-LbO3HmQz&uh?lHn|=8T6<gvP6K_EYM3Mm3`dIJ9l}!03cmOY*PgnSuaU#
zm$h5xh&G9IG{*Od3f^O#_#NsUlku5})Zozt)t-Bh6O_IE7<bm*@VxU6#a+VW9jtMb
z>l>v<ezCXG_F-U}LyfI5JQ~#M0TuYANS4Y+_n%t<LuHnB42`w*#OWr7sm9{oVgr#G
z$hDoiEYb%L8Cta@fY2H)enPCOX`T*TK4Fh^<6H%Avk_YZYEBuxY-R{sEy-?1x}~CI
zm%UO~lFJkc+l9}D{z97tGCwN2S7U-6O|P8qI5#u?dTbq#6oOr(xye5#D5r67fZjVT
zo39xf|6zD|k@FVMP^-Y*RV5i}ci-<qZj6ANawk;AM3uw|aL9<4K>^8WyYE0yoV7v0
zi+HF?pZSJ_{cg}>weRm|ye~$<;b*>Y<|oQHxAo?5R^YI&Mqu?#p@K1NMJ!#Cr)X}z
z{2(-F?k+4m1*%V6byy3kZ!88%@t`G$o#297dj9RUx~-Gv!%cRz4f#4njKcu_=dAM3
zl+WVnfLJ~{U^!$l{wbAk<(2IwXuRHWGw@Zd$ui+fw&>HWl2ffRYc}1`vg9k{c1AO6
zqoxH2+LHd@3rl}a-d{lwCo}^kC{+}kPivif%C`SIyNy@%QA0+APFrtGMaC{AWs<M$
z>vW2h_MnDW+}B2PH4P(*UhQMmKY301;n5;B$#WJCke){G);H2)%?sKe-l=l7FY)o-
zFOzLie!Tv4@Ux{fqInMaG<p$nA^%<wQKzl_r~KK;sNz^9GA><=QP=CY1=mCWl9Qx5
z4)&7n{d>Epngv669QC5uN&j5EF$Buw6SZtZTh2;|9Q)HYgz%0I#*p2rVoljat?HD%
z{AFHsz`}Sc7Qu^?Kk8ETGb<wr@lyD$OFMx1T#7!d#W!-Q5RC4?+a66;KI<D~$dtBr
zUSMSFZ6{Dq9rcpOlG5xTQAs18>h~Y*V2k<4O<5?@dC=e36&DE=ngG$bSN4l#BUYmi
zM7ia?M)?nL#)}`;YF}h=4$=^yG;*{gNc-;?fGX&rSBg66kuqb1mWq^2&Y*1CX(E`p
zLNN#CyJ2uQECthRh>LS&VHC&AksermTz<KJu+xYYiX_alMsqlLD5`~ta<J?ncvutz
znTkLO2KDx$z|qi2kx+^ZjD}RDgKAxP?Y1rIddo(zbm(%sbs12VFZFNi#eo!ajG!yu
z0oiP@7maCsFUnuxb)PXlMPPDa(H$t-^i>Typ$!u1<h1T3VW3LO`-z!x#imHRSgkyy
zLp+qHhq)Ew&qYBDPh>jw+SqhJVr^+6$g@^cha*<?uq{Q_;-<zxZ>P&jcoPoi{!y^=
zB2>;I*j7_iyiwDxo%p_@NpkbV@}g#QK$GVk{N+TAHJ^{RN~VJ6R*IT7Z-Xh?nrGF+
z3Ycasf4p+J?9#k@GK0i?yax8zf$r<7sJ=u%M$%q2D%MXG>LT@MOL1{{(<01YrjVLZ
zTs2rO?vb8&<$5l9tYt#kKjDTJ*gNV<16LsRmCm8A2g@rGAoGCxxWC~6M?hR$b|a~L
ztztucrCmPfxbu>&fUeqs_^*FAmWJPJun_*1lp%2co$KnA&;g?K(6vy$7;o1bnBYWu
z61-bUX}nw1N23FkRZwJ=V`^LF?xnGkcN#VVD{5O?pB?mk+gIB*yKN~Ss~x@qKUF^X
zn(+~Br=Kk>cYA!?=C1m`KK>vFQcYX0haJ$h9MXhP;|h%K<Ajuh^US{BLWPH;j;N1-
zC(=oROIue+ssh3)3!%&y*y_kIzv+q*GGMlaOH8l;f`f*~Yv8y8bHh)h+1!#VX)&oe
zLRqGx%fNXiU(`X$;a@hu0%nI1W?8)R2X&yBE4)?2*y*juIzbFg-(4{c2dnW6hcEGV
z2Xf?lM}>L}Ksf*AXWewWYA%L@J>rU%&1`*hvt4k(y#TYZl7(Eh8gaK}4|)0pT@2g?
z!gg=I)U^2E3q3DME`Cfc5(1l&MYyRe7s%E=F0(0z>xs@fhoq*d4x5sz5yA{#K`bNL
zpB`oHG}_ud1j*Ffj%sCx?Kkac2NUwqkp98E-SR)(z35>gZsH2h3^j*MATjei_35<d
z?R4*rnE--hd8B3(61i1Tx$b2jFh7SGs;Ek~^4(I7bvp{xld*7E*IH^pfw7y4x~g=V
z5iueYGWR{5JLo{u&E|TEU%BWhJ5*Z;lEu9${9H^sq}@tfcWQ+GILnRr4t!56)>iX_
z1?UcN1xFyn-xtab{RxTp#UMQ-&bkyw%)=E_D*#*EPJ1=RpAHFKgyagEYsfrLQNa0v
z+=;CC>2My)7)Q}?Ok^L4);yj!mmtxeYUAloX(?`^V%uGndd~|mNHcI+8*___pRT3o
z*=5>dQpeI0%@sRb=DMWZv|?hO;gESYZ8bYhewS^-Wlu71VECL*aUGg8VoX+IAJEzB
zX@CUUh-Xj4J-;F|;_vQPR=2c5Ir!0gnad3y(C$|f8S#GuLhx%5NGEBYVaU6ehhJ2E
z#U%0~1%-$H$l9`ZUh)w+lST@DNzu=V<YP*v9qt#+aj%Y=BRD8bhOTZGKG)*n#f3Y;
z0Of+KV>G177nO0P7oAaNzJQYlC%(GFU_iWGN8OPZ0<dFn)3#UsHKo0sMT1iU{)60%
zO%lAj$sGGBTSrUx%FE$S23aE6*l?iLADR~ZAU_$=$jEfIqY``8#<zY_H-XJprn2!0
zcsIs!Rp_Gw^c+q0v|4n|+?br!B`50NI%s{yt<giv$JZ#CVa^UdaU*)^5gKMg13*r?
zvK1O@!G1;8^ZjxkYwPJ`9HsDLmyG2y<n*AxTu!>H@JSxCQ|U0d&X$v-w|liq<XcP8
zCSao6FQv?BDVJWHFfWlHa%4!m_0<lLYTaFcU9gcwU_5bU#{d0^zvM_%0L>(rBAHFZ
z(EZg$=Fsyc040&fwf>_E&DL7Q67Z5*6jfD3{TbZtYxA17ap9zquMWp$Ge+qTuLta|
z*;kn^p5yo>c<ZDD+K%lk1?q*xqEH)QgX)uMxikC*|ME?wZfzLz@n%@0X;EpJGF7C(
z-W*F-JWB*O#1#q?0U~5dS~*W-AVecc5=-|Enj^V8_zyolnaB?LPx2h;Cjg#}qbR(m
zG6Eb_4-Xbd5izDIca=E)X^db6`Y&xVz6RAt)4X%B5S(u*IN~vprV%)z-8`Yahb-Sm
zP#5ocp!@-8-_?t9-9P=&SB3}wG(X-&Z;Q`3n~gHqTA}nrbsg-BwpyB;FkHNy+b%fI
zROv9}4<>g;lqTV8>!MGZ;R0MTkfF7vO-~RsQN1u(wa}>)3J-K@Ce0Xs1YdHUHhxA*
zIg)fxBtX9}h1Ad`GyrUkF@3~))QI9@{gQW`?kmgeFam#MJ1(o*#*3hjH)_WkheVoG
zM;0qcU!fQCP@wTp$;Za9%1688qSNML+vsCp)xqGin}PvgBU&U_)d4g%@M)=iaoQf}
zGZ=%GY<Lr9a?bRiMb$7TjlV7&i0O26<xLTh4xB~CT^3a&y|+9BmNUnPeOgeyhlX^=
zDvu})cwWN_zY=ca7&`OE3^J0hpit9xs8wK>qoU0fspJ-d%q5SYCesX~|7S~058Rdh
z=<ljW%73B(-2d*Z{HMPlwW<-}-y%f1y-x7o!s6?VI0ff77a(&4U0`4i6c*wzh<G4D
zRKI*+IU1Va&!)?);B)Tf`^%qS{DDM#q}d(wL$vz(1Ena{+VIZ21K$Iy5fr#p+Lo-e
ziOPU1j3b5a#imNTX4a+Sn+hdr!N$*Nn%AIW%Xz~NLMGM-(f&Z%)bxZYY%?24zuYC6
zRGD`2P(R@DC!nsilq3DX((7U4HjwykL{<gwBp#hKPA-2JxJNiIDX109Ur&ODPKyNH
znY<Y%Zxa<}(*0(%p(a1;kzO)OlcynD9$U#FRdR=HmWfr0dS6&YF}Hr{lg@>O+TIw5
z6}5+p)NWRHq}pv0zyMcU>fA_wIDPAKb@B+NZ)XO+2B@TG56#;`Ft)x?jmJIS)|Fw@
z;YEG(_WNdzaQS(zQB*2dGehs2wl7%cLxm{Tdx^+6(~yF#_^Zvm*uQIO_TA#6nl=)+
zW}RFXXnAa~h&Pk~H6zgi^pEnyuUG&N)iWAsbM%+|Mc$LKgyAoAn|{cq8E~{_{kxp=
z$pq;+Tjdb9igUDfvBq~qU<W_i>TAeR`R=>MC%Uc52R$D3O9R?dd`W-#4zCf$nM>*G
z(1amp0O&vUsJ@RE);=f*2-^SGQ}WN76?ldLXznQyXkdI^U#Aj=kFL@_mM?==GB8+Z
z+1kNFI%wId6l|8Z2DTE0|GXYxle4mvxtm#s_IL2JiF43J&#^YGE}ailMOUzWhkjR+
z_fwwBGYKNZA{RUTe3|9l<9*(Cv;6aMGim|ikf}Z&IGk27UX4nS<f1NuQ?GG|6aVuZ
zkhnm56dGFx(}k&i&=9*e`W}v>IQ2I#OAY2;AU|pm)pVNVAs;Zrb%Ia#GJl*r&tN4v
zs)_Zo=%GH!jdh0zLG2+Pln968w&RPF3IF8}bT{I2l6UoD*_-3XrCVxF&pD~HN!)~8
zV%u?q;>4P_>l+{`y*JZW&cq_7k&kl)_$m|6pcXyqv%j?1oiawqvu_L9L<$mLdgOw&
z!`er4COj&fvwt5tkR0UN*$5qU;C8u_zW0vCI_<DIuY-}|Y}(G0KaqFr4DlQ!#R`vK
z|7v>jaP3NyDKXe;VKZD8GRxj#$8b(kkvW5J8&t|63uryAaR{c2rb3Wdhz!91_~EWy
zZr2gzYeU~>6L*orgp=b$9fIqduFIj#b!s-aWjA<o?6m#f;0n*fw+LNDp>zC|s8U1_
z7_-?OEG4XgLwv?HETUA;I9?l@vvSeRq2)~`Rr%W+gZQusr;deX6NnQx5NV2#nlE@Z
z_uIodSSp7tk9LQ%Df`;iQVZh<Fu`)gM2^irn8C=5MIARZ0wJbqv#}}0t8K<nd)GsZ
zaKZ`_gDF;IXE!HFgvxMd&pR#If7-*psH(HmBK{fWM<}X={k)x~|1;7@<^gS#kQoV?
zr8}8$*`Km?bA1*h+`8Vvg+FbHFhZ^Umo|NPb20jM0RsWbd~4|FPUz7wpl9|@w$7;i
zF}5PbS^iPhp~eqcBg4DYU#0`$x5Zm?OEdi=(8f{arZwHI3G^O5^Xh5*`<ED9w-0e)
zQ>4T4r9SWLX_AWZyRFC^Z_v_P)}=jBS=%bm_jLZ5UB+mBY`?tGZ%p^6i$g$c6|0c$
zgg)21dy|Rvqwm5utv9q@K-CM<!aLgt`NCExj;M8+2KWqVc3L`QL;8zZXkP?P6c!%6
zHB{fX?dBr>vUbb}YmD?aYpi<|Uz~=Q+%YZ+O~FuLf&c@lK#45;`V&V1pm{{B$r_hW
za-B=nf1NF2o`5dDaPue<CLYsXr>i}93M>xWgRXZcTm9}?qMBbC0OJj-AqF2=wesN2
z)F+Ve>jFs^GtF8!;Vi6hnNWysXZ#0!vTmiI;*G$vUI*GWmUWU1^~RcP-wFD14fYBg
zb^b<O+|Z6)KnR`Nx*K}4Y3Vhh_OGq&txwn8Wo$5AkDP7|<oUy{5!=$2`yIe>mmYnV
zUt{J6S;Q%&5}qC+z^pddQd#QAfu<t_Z@akaJ^Hr3lJ9y6K(tqYzjuhxH|!%YF#ZDi
zV;@y$n4oXOtSNJx4C@v;f1jCw4OXrOPq+yuz*JD%65M;L?$GK9m8kLZCCoqCXaiBe
z4Ec7e>pR>5rb@B(IHXEQ=!&mFAmCq@jHnew?EbEk8Ke9^{dWKKwtc<P0_6WENiAuz
zgo#r_s-BE(ZOY1BsxeFjI}VJ-4iN`U{0-BKSvsnI>`x*_Z<gpw>ls42=nzX(FV=_E
z$av@q91G&;3N^xU8hUei7A9Ugu?Sgj4|#5VZl~LB*Z05=J$ev6*5U$OgB9x`HBf?N
z7wsToC9NX>O#IY&`d@xBV|PJbF_sJD#@I~*G!Z`7;$wKr_IVK|cnT9&9@rG&oR!Dm
zgHI%IU2w(N!YyJayk*9IvMEkVLnI>Xr-96}sdw5e*+j9~Cs3o^iLYiJII{7N_~KNd
z!>8w*{^JtsUzdcSIMvJ6Ji|qzEvP#SSQv$J0Xcd5o~l14P>K-r*<Nz(EdRQsw*8BH
zBwq=MPceQAqAh%L>}ct=hsdQPsae5`)YN$^E>{pk5U)6l*8;DLen=&bgWJ*+H$~5J
zah7*vXrA!ZXw@e#*0Gcfc8#kx727kPb?}!DT*p8KMHBDVKD9h*zwUi)UNB{(W-QbK
zAov5r4{}YyaZM;+JEB=v$XyC07LtW%q?%{EAZf&{?za`2t`LqwB2TvC)~hJB*l-yg
zMGbi&&oH=Tlmf2){H{iR<WXlOtt0!@^CKVowrr<OZKal5n3!Nn6y}jgPxymr$H0Jf
zxfvM<d8CYT(^D)0vb)`1n>h1yb~qOS|KQ|=q9)CHRY&rVO?3>bG=U`Y^6cViPql)n
zAs&)T*;A(>ChIy-e{m}D`oB1}6``+~+WbRPO1UC+^2ePws{9%DlV5u7Ooxx+L(^ZN
zaFAJii+7e2DNnW*M?u2(3;qI?zVH_)@N4b*$fPJ6M}RWj6YRO_$f4ti3!5Rk&k1*l
z-gjAy7-5Rdav}B3T3flE#XbuC@Umz|z0E6)*KLCK3POH5-VKnG>c2pRL;VBPhJa`*
z>So1S^D8h%N;2p!hF9<?)!$#pP0+z?8OUegf@Dys(xt99<@9q3_p)N7^^euE{C$-E
zMNbkyi5fpdQkZncy(M9(I=VXQl$wMnYF9IKUktxC+vaJZriD4AH9|P_20Sv^y1X&k
za$hb~ke<)%JHK<Fq{+s&=ES%48Mc@?>nm~dnUEi!6T=QKQW`e6TS81rUqvHgEyh58
z(Z53VZuG(IkyQza)Q+Q~5LB;6yZd9NLE-_J&eeUpJt~v;uxsi_$@aG@a1A7tYYm3P
z4$>&?wY=u53dG+i1sD)Yg}zLHP}g;`7o{O4-!lpfM<D?}zQN1$Pxcv3=>>##nX2?U
zA7=g9q}lGhZr8U!_1zr|)~-xQ)#0?ic5tF}x+u2Ljr&W~^TJ`%$VKVxlrQq}ST&$J
z%daN!1MDB8vi0H3dV^0Fq>r?eZ#ge+5j9TQLjh7NcY+`6_u#L$<cf#XxnpzQ;Qjjw
z+k;y#m^X*q`olLJVZyh(*M~%(=4jWAy6>Z+FFA<&#9Xm&S7byDYc3H6mO@Wh56$#7
z(Y<qE62Fg!Q;H;AP^`oe(N>Q=NI*X!|H+<WZ}9&3|5eKEzmdu)fdr)hr13#}t81*D
z<-Sopu=&7FhJuI@eutr54h$hfiT(y74H6g0LXlujVSYFrYI);dTOEw4rzrs$28$=5
zrFG?B+nwI(W$<(JxA0jncZv+oys+P1?{l8-b>~@rz|HN5)AKb{pep9wK3vZz_|mPW
zjpIWge0$fOC-5fmR1w(`F#KzA`(&(J5NCuitH->Y!^LK^WP@@>aB-Vnp_}7b#;u>D
zyVU1fHgxHqZVqIbhX#(X#8Xt8C-cMNmrUsQmk#_NC=)4;epBEf&JpoSa$m9WbFyE#
z99~^_KHPo#L1cb1iAJ7B^h7j`!iFA4c0@Q9fF7pMuhOIblUSz?z?}ke>JgI7?&6&T
z=%>{2ZG7zR-`9fNmq6TcCx%QAOFTI~?)WZFCA@g2h8z(7qx%jXc{+7+?)E3cJKWdh
zSbgc2B*|Xaojqay!~WN;uT8-GofM%F2AuHZ^BmDTBp~gS+a};F{2TQnN|I@~j9bc2
za4EI~gvt5IU!cf909#6BiqtDZ9s;o0V``x?2l{j$KPy$vhv;5a=toA^rFwxHGVW7q
zS%#ue-uLdx1Zc7nxurFQ4}p2n4-Y(&UZe6LKE&h$<Gk>5j%7SqcKPgsMT`p$(Q-1}
z_~lCNS2P=04?1)%DIkY#IjbYyWza)KKSzKK6m^ctB0@$u05&$IPaKbmWtVKAtH9O7
zCs+|(0u1^bW8Nk?5NR1m0;IllXVHUGa9L94R(KdtP%m6^&$IO2m&~SBYj)=wF|lq_
zbPK)E&!hXrh+~tlsIfRVR|M%^p$LCcyr~f5u6q?^P||G^1-%Jm$wSKMlPo7Uzbxe=
z1eRG4c}K<r7Hv8o>D}QhUHetbb@MLV**tV9IlOPalWq-kl_y5Tm#wTaApzp}Y8NVH
zwBh-!vEXNjyyN1NsEX8<6<CpbM7k6iWlqsCRxes+!QiYeJvIxLB=h1|fINBeYe0yY
zs(6)+SMfZ>MW8u%-eFKZP~ApTZuoY|oo`3M%6lIG9rQ(VOAHZErfB7YgW~40u)&vC
zywu5;N1g7~2aU~+FYp?ph<)x}sE7@8Z&b|a0IDKeE*O>Skj_{Tb>-I0+oUMwSOC)&
z^(p1*SAlq_Gp&3E<x5z3b!$MVJV*CO&y?w%8ntRgz!DHE&+&Id++Nwz>T#CS8W0J1
zvkb7wQQodwG9c>8@jP!)d-cX@U0~AjOi+BjSgu?0=i8}Ya?B%|2a0SQ-0%sOEDf{0
zM{so2_=uMa@(Es)jSKLE(UtstmZL?1!le{GK}vj~+9h^A!RjS9KEe7Wc)s3>CE+~q
z9tzv<I^|lqH(EQ7*%P%x3iaJUBewT;XaI6Kw}3ZJFYOORzTOk>L6gU}oX?{&FO-&W
zXO8gwS^>TeF6~tu`zq$@cnML3-zna8yaWflxp9e&T;_G`<S;sEa@n>S+QhL3RqR@A
z%j{FAv1o{EbzHc6RtvgDtL9@<MGIq17Z+2ucG1`!T99^T2NO^bUwsXhn>exd8~~}I
zOYXnF`7t_0WyA2!TDkj(F{~0uOtgVk2N#Z|!;mY}WUu!!U@+wn#X?$fbGDDXe6w^$
zL@!|>f0QPhc8V&UJ>57CW^4>UQIUg^(Keu2$Eh=N{8`05ovu;_nF4;>(;Gy<;NvJb
z=<7;TgVQK2$FYi2XJCl0moV?^lmt)@%`rXwUTAy-g^%x`|JF>o2xQ+j-~6$$dbT_^
z2FH$e6!*&bOZ0ov^c*}F<Rzov=1*)XhWC-PcdDgN2ID*C_O`>hlj<Q<IY|bYaH;fq
zc&^c+pJoRqDoZUa>(UI(4MIh*mccTXP@B`K5;L3W(ll*_^0!mwY%O%^__2V$Jq&ib
zWKo=1h^Mct^xPxzD#i!9V|=DSj<&UEXTltj_9^8Qos}lbQd}Jj{f&vlSa30g!gcdq
zzL~`hS}Z|R*kG%%SKVe_EI95v!`-x`TRz@Wk4MfyZN?vZnDNHGH=0|<t95N7CN|5#
z53e<w&T1(-_|0*o{m$ZeZpr`;`i%~_MZ!>8>)(ZC>q2E#)H_9k_V!o_^3?GgqGN+{
z9VaD2!uK7hZ*JSC5P2px&vI4|S6Uu%HSnRyL;l}SBHfe5(Q9fsix)_XCF4YKRJF5?
z%~ibfd1-r>*{ZoYM)9V#E7I4rBJ{{wPp1>D_qJ?2DjB$L;kM1^yB`7hA~#FWQ2x@y
zjYppIc{7gVbte0ekBuTf=F1&lrwitQ@F9IA_1d+B6*6un=I_-(h&XJw*7^>{DX~L~
z9CB_5Y`rvN2=;@z;A^tYNDAOe85`^+ylUCaxAx$3NtUGr%dk^)HC{^q#Mf-pbNpAV
z!mrOX8)Nc1lcRIGDjNV}wPw_c`2(1+uLZ^GBEc>GBjHEFa0lm0KKVjlF(iHfwGR?*
z9EiPr^Ts(jX566la%}W^0L!hpfCcjvD^z|ql)&o1(k(_vfcUE6Sa8_G8KbuOywW4P
zsH240gnhIONv30%en>!}Qr3oPNWdsPq5$?BI^*Y<V{1dUT^nEz5fW}gnO`c)x>-lB
z&Dc@m_Xw^+D*?^LX*PZp?$|UPTdFGF&5DM8?jaI0q3{JryDRJpLTDeXSpL|8wJinO
zcB1J_xGVimEgRyAicWm|6X6+xMFVJ+ecEu%T$bK1%^mX;eX$c-W_;F&2W{)P&dqJ(
z3cr;dWyq=sz25*1b>>%f6#wvx+E<*a`ipT0?E=RYqkV7$0i*=4mi0#eR)p!W!LqJf
zJRP9aIi+S|cIZ2M`D|S-Yp=S!Pf8FqOcoLa^_x3M-n!4Oj1=JmwMV|!y_zYJ$uS3i
z&nq@_&11|Q_xSq^s+$ANHk!ls{<mqqe(Bj-C_LLlyeojF7y@T%r`j;fh{_lp6qtpD
zJu0XeqE&`Un5o3aR1JuM?M#MlW5Y7+%vB8mb7o<rFa}}+L9F?ssU!lYD5gu$;s!Jl
zDw}{_5`{@cQdK6Tu-zD$SlT`n>$Y@5fI?zc6<mfogbzS0jqa4eE6CnRHL0oBs?LTh
zL*4<Q)&fwXQnjvJ%=^89)s|sPdpY(Gzr{BI!<Cb*jXeXSMdfcfVM0ebR1C4WVL6mB
z;wI~bVB3BVM?l5oTxZvEf5l*I<|pSM;%8b}zZg#NXq2l$%d+y3MrR?_z7cBIjlX$3
zhHVkg54{pw*c~-2+bZ_8j5>!Z1?}8O`BhKdXcmAX&+8Z4NTDaQ>NKPw-4Ne5go1S@
z1vzv|WGgp0D#~JSc+UgHGP{bv!}mjlESXj1%5UR@2p$FY3ppu%wbL8Z*i+>;mF}U1
zNN8r4=>rv+MjD*O!HA}8hVk=m#3Fnes?D8^g=&`<WVydbp6gESTh=Wj$iH<^o+8(q
z^8W_BY~)C66-6#w7;jj@+YP54GlUC})vl7`Gsv0%{MY-LFzjw4Oc~Y#$$26ygx~UT
zqp|^(jX`VstqiQ}Xm{nBxI?QLjd><3mZ6n@_)|}fOeJ})8`&Sc-PIAi!E?6MIcI9=
z5I7C4cH5aX;<=U)Ncp{)eTaq*7&cM#9jE|HEWUbb>vM%nLpsAZ%LQHYSvxIs3=08N
zdk}P02%K_+O+N(3actXY`nBl5GA58jVb28X(fev36<tkVuP}S_x)yf#oc1u^S7OST
zj$58$2u3ro%wFHCaKp37-*i`6_p0h7UiA&$eqD5N>`Vpji6%gad3+*Tw(y`Th^Yb^
zHA409E_uF<yz6&FbVi>%E=}Bd)K-{>?5$$zh1w~!7}ivzie>i?*MFF*TNKMlS@^2v
zHMFr3a5f8W5Q)ub5OAJV(zRzhRX|2}SnC~6EcH9d?GwIvHE7O>I0VsV65_fFUmQdq
zm`1tjtV$9N39BFfyfuuGAo8$uh*Sgg3TqQ1a7vi99h_0CzFhsG)nqTJnAjUsNdBNS
zFz0wzBA6ET{=2mW8ysvi53<lsC7RKK$(mrpTFgrA()i9_T3dtR&;YrKOTDi|K>(V}
zv7ypjsVI;!8Lh{JQT)@4yz-%Z*B95<f}^#n@j|Sb2~%oBcc!WVt6a>O%tIbfqGcPm
z=hHW!+s*A4xD17w65^b4Yb%Ay>cy&@-d>2c;5%8}?|*^{@9_seyOdelpX`?3D>X3a
zGKqfwl7b5f&j8K5y~1u=Ik!n=eyZ$qBu`RlWB}t&JQl4b!H`x!wWxE;P|OMYT=XY=
z$EJbSnu%`=VrytU+y#pmAyXruG$HS){N90=0M-FvGk~2D2XTchuE{tr^EAMjXDfyw
zw-!-AlL;CB1kXiqcR*%5ei^kni~g8T#WgN1Cl5R_bu2D>fZyhm)inu^<5Ve<Ob+UQ
zadl4NeLY_nZ``=CZQHh!#!edB<_Q|xw(aB_Hntkuw%z9K`@8(l)tP6m=b5$lS)a8v
z{<g&0Igqq*7XUwJXWD*H+(GxEEZxn2xjr*I&87>EfWgylA5Ac-;GNR|3|$tOkU2Q>
zCde%?S6~^}=4@}T4+z8vD3V_P5(lqhW(Fth;Ia*8L^MsCcO{mb(VTu9qqH@)eg!Q$
zi`9JB3-WsIH@4TP)M=|^OQw;Srd3XuXz#Syv&-ha;Qj3`@ZMgAHtK(Qx&-DNuR_8Z
z+uH0o$11j11-&)sRo@>Byo`$y;n0$!ScClhGvtmo)Qx@(()4i4^|w8n%2n7_=ywN_
zeF%T@&i|rSn{neOb5!r8tw*GmP%Lbthd<FO<<+@@uNq2l#-eHx4>nn~|HVwtv8b-%
z{&1m!LGC+#SDXS^3TBc+#tIT#u}X4|U7A*6hS%K2jp4}HG%uL~9_jno4Mk&>2{lo2
zfr^snMDJm)oo-&Wj<PN6$mq5X`X(l2@Y}c)Sb!M@=9KZ7B0^IJ%K{7O(}iN&rsDJD
zD_z{t?6kqWCFkPE#d682FJDA!wLHJ*6Lq!#-z8hbv}{~v(_sVkAG&X7b8s~y!~&R#
z8<w3|r4*_2U`bT~gUjI9y!Us!#4D1@MmAow(d6fLioRjYdEP<xP;$d1kZa2pWX>@^
zGS&O(QRNRgvZk#v=EvQNb23Nh5wK}fz2i?Xtcq*Aq@UKf859=X`rFCXX+k}DjC;;L
zwPRo;!HC=|*q3(*7B)7CU7u!+fl{2|LJi2;Eps30K{*D1dN=R(kXKYjMA{8K=CG~%
z+YeO+xmwrl5&0&atsVF@MYOBV#ViH$pTW05(v~&qd<ygzjnm%XPPqb4q-XT|R+PN1
zpG;UXTU38w?VlUcJx+6f@R)I~owhJf$r;JfFKB6?9NqO+hX0i3<))*+Y~8XDry)zd
zsu6#Rv9u%uCTN5Z@xG!xO$_}dtn;}jsj(KUZ#P8Sg4bQKL4aAk@hP(~wF-G$!-v;o
zha{U8;SjV8IdEhfb~R@o5|?tBzvy@_mA^*bJ~SHu%c=X(HRpvbzb5V<=AvX*eOySn
z)T`|JAvn`RWK0U_)p6Vis$!rzG@T$R+v06(((}Iqq)+$>UVn;}zW;j*89{N|=16oK
zGaB!IPD>^VRPs*ft;z(Y?RPo?penepn`Ef$g8sBt>`PUDu>bJtPOFn_7yNmarDY9&
zQAssl$&9%oWYi*#izPm(Uhqgi#XPdH(3Z7TA!Op}9i3npx3a;Fr1KnCj=hV5d5)lO
zsR?!u$TQlnCUz4Ln+M3fV&60S<{hm*hHMW^l!Y-6?U3=LkzztsZS^R)A&~_q8T=Bm
zc+{#BjO8b1(zZ@XUgJ@s3=S=0L|3?CfIrIkO-+}iwDFiYp8qzuuQ(?Fjd6AFk&0CH
z?8?t_tDK_~O`$*W7M&51S>j-{oTr~nMg9&0<l~?F3B8IMyXa2Mr^>#U9uDLxoD+?u
z?Cm(KUenvBJrWWdf3g`3{=i*|vsSq;{Zyv0BfMNX#F127{bsOydmfPT)g;FuqZ>7I
z<6X)yC!uWh7oF@)cIqglKJ%;R`3p0RRe@^3V;O0gjk<|kGCaSbk+*p@Ys}^XO#$3I
z@K+;aiDkn#ykbeIQQOyvePUz`xj-)!yYx{`s_<qWWN1<nJ<hyriXoz`*-Aa{J{&Ji
zLPJNF=RPSf`!VVl?zY=7;(l<Fi)1*bDb4JIQHrSE-<Eu@fnL5>74_l1ZFP;Kz+gkp
zu>PbK?;fNyKgi-KS=2s!w^|)LU%w9m3Vk=jOORP|XoHaMt-nehJNdePm9$%3lS)nS
z+llab)z1v)cn^0KiagR9GKkcFly8`t{`}|s7rfT3-LxSZiWt;?U3GI(O@`>!rYc2*
zaDsvc%O?u>C>|w?H^iv%$5_(!g9xqu`%khz#(;*;vhY1uPP1wV4@cyy;*2MOpf+yT
zW!^u$VSl|hemvqa_{LKqR0$!)wY{Nb{}nG28aq`QR;~W4Rwgucs^sy)J#aeX`u0!U
zR|$=rArj_99kT$(_sg64fm!cs2~NbC`+jfy9PJpi`hRf8TN0pj0*`c1U{bO=;hUW`
z1L>Xz@kpwAQ^LM$URlFvDg;&mh^*i^Lw|g6oE)#g1&}hLbVQIrIwCox^?3>&6W8mJ
zZD3(i<v(9{cBel3vr@%4+oFikFvXDQcUK3DzAp4ibAu1}Cotorvix;6XaGkFAvR$=
zN(~9e+6fVM{$eNCv`rAO#b6y=O=?GlEdfGnj9O3}O(@M`ZwH@98m3bKde}G33WYTu
z;!DeXpAup7*t?@7uYL+j_<4wK7bfP+)|H#WJYfCQXWkLHx&9d_amid>iU{o!_OJ2s
z8|h>q$0J?f3NLKeiP{!|e(ov^g`<)n(mK5_VUe$Z8<rO3J5BI-V!kps?o>Vt_H6q1
zUj)qV$Os;iTTV{czhJ#v05P6xev%zj&<sXc1fP*DI36473d|shBcgBKoA#A+j~W=0
zYG5?!@Acw<bucUt`_gkDSodfdJpa7UEMq$UP4hq>hoA?ZJgn&}e@`{HJR<fbbIowt
zDl|r*?e&8`Gg<upgjHAurmY4(60GaJTPMs*X7{^)I@)MTTs!_NP#fHnb3+T^)uVSf
zQDq-87zATvK)kHm0)KR`M`(<X`Eu74_J(lX&#m_EykBpLMUUj^x20cC9)CS?tep`t
zVAS)$jXzy@zjP5q=H9O&xU7;Fdg(|mXRD1LYYk=Cd#G=pll?f4l#7c~?Md7~J}MU^
zh~n?GtWNjbU730d*wm<->1!@t`lO7#l(tyQFRNEQ8MF|vkC*PMK@w()PFO-c+nl0y
zM8DTOa0{e3(jy3C@Ga3kT^hUBvbxtcT<GoRV?`fJYa#{z07nRe@Z|hbWP~bq<g5#;
z`h##X0E#(m(@t=qX@H}iFLZ}mYigl?7Gb2<Y!<w&*UOOz;D?<t7VHXux}kXraA=?c
zf0876>f2pGo@fwK90t=0@z)CqcEmwClIHzcw9g#t7=qs|xkI7#b9q;~3o)vJK<<`^
z8!m64;RP;sfXj*BzfY~F5B3F3u^0j2JEvj+A$LmXzAJ4%4m+HM3eR*Qjh0N46CuL@
zR5Lhoi8?4Az-`D}+S_#{U7DrvB-am}IHBc_tQ|RQ#yGd6%6#DFoK?jx#JaKc#?YMS
z13@zxk6GbY^3#t*-J(({<|4p_zprk+$!ciMDD0@{dhM)3pn=Z2VI;?v?KvH8m$q0>
zn7(mH3NEH|v)h92Gk$dv=GR%TY}KI=E!<(&K%qhgzGp-8V?#kKi#q7R41owKT_V#1
z@r*EYdsou-4DH<22%D1nl$n$WET!n^Hnau1ywNPz(HbgPC^&0&Lxbn|@oKD)5gh9y
z?a0A+scnODj<W+e9qKTQ3O2Iyvsa$5q0!fcCxXa0hU~u8&_;+|h*-i}3Mvd4)hON9
zMh$oaSDc<)!@F99_{Rc*NK`NE3`kUOAf5{8wWPzJ^g~iSARi^8$eMWV1A!D6R-ZLW
zq?62S!z9ORfz7}?6h|44QuiNp2-UK8?wI#O(b+ksacCH5Gcp+KJo<xAVW`~83BqYb
zxySgAzVGFL4E|%#pfXc)tarkVR|9(*`HV48!gyUWt^L<J@32vks(nLn45NZ-by~xl
z3~5M|vjqM|?t?eOcH1=XI5Tkm=yYe8ZDn%$C!r_i!=Q^1{W1hhgVEv+)HicvZXzag
z+O)n)Po6<1wv8~&{sB)6{t(RpIZuWU__p44PYB;=u6|8Vw2x8U&)BxYEP>VDn)EQB
z&4nG5MApms^maKpvw3mLR}b#7CvQ981&Z1i<r@ilPoIFff%E;=wllCYj<SQ~`;+B~
z`GCbfub1kU#up`TSo0Rg7b0)S<JRi~(r~Bg58AKcG;Yc+`SusMygSyTC0e)*<UqNN
z0SxNM0ZLtkEH0<WX9F4<ZE#=w+C6+=3-0jaw@K1r<;6g>Q%kUNR_}?yLHBSVLyM7n
zpizdrQr1gL7P0PL^D{49hi*NC5B|y{_{0=<{R~IFXgNak03vdK44>IsDJ}~eOC2Yu
zeE`tWF0u6;=myryNZ{o7h&w?_xo_npNNx2KI)i8rdyZAzGIX}p@~AyAR*t}zwM=##
zo?-KIcFqZxp*QEtfrh5dT*p>EdX$xoZ7XGhmA)&^^?%7axP_PMt4^S*QJ=N}TYPu5
zlnn?z6xt-&U4^}+$Ud@X;iJ*bwMXA?@NH9xE_@f2w_Eej&w@Mp*t2T|-R8x(|8@;x
zpswc;BM)J@<Sdy?FNrM}Q$X&iAh*V`3lW$N`s{|VZygZh5S-!}>?!`Z=_0)r@<hqI
zP9VJ|#JLQR;u0~uHqirK^)zBe9)2plc07Yc`6fI&@nCFy*FNwQbwq9So?GfwmC^Rf
z%eBaR&ZtD)I#}iAw*Z73*0sZ0?x;P`H0yH~X4TJ`R&<oc{|+Io0xsGI^Ypha2@{K{
z;YpYGc?6s`=lc|LL}3lrU0pbsD^Z50{To%W&IWS0_2iwLp8BK)_<vh)yuCkjzJ2HG
zG8#LYg3&2RL$`3C2#9`b?F~60oXARl0>le4so6=s+<%e;cyxT-(LZNjYP~M8eeaoy
zH7oXEo)`Rt$=dO_2EtNeYbD(yZ>wt-V6UaDeh`%f`Xxd?RY2@J6B}XWt-6!^VEkr#
zC6sskr?7JHeQ0X7)3cbtPoqDrYy2I9tfjvn^%`&pHM+cMG0kxhf8yL~a~`~gyah1#
z!cniExdwLJUqrqE7s4Mh-vG=(LsQ-By4ZGG2!dGQ5S(l&;K&G(aO{uEi=hADpIcYb
z9Pm!H|L=u4UA`7|eAfpjbSsOj@&SFyxY*>1ZxuN2ghx9BhJFU(`@(eWcQSw74px2<
zOx}lK&as;Ai!);JALjE1tGbo5?5o=m|6t0F+3xpxA<zr|47R!P0YLx(TsKlL_<;GA
z{{X@V0SqdzgDsjZ{4+_$iQ{BX_WN-qQ&N>6a%~a)#;Eq5=QL`WGGXoj#=+168dn0c
zL;e;h<?ToI+uolAWTL{qFX)Ja$Ck{0vqE>?+0lgxjb30iv-9S^e&kk78(NXKm#23q
z!(x1=c`Q<9&yk$R#}!j&PsRMrts}c{#gmdGgLYyGWJ<HZ%|d4mI`gF~?ymi@&6MSu
zW$(z)+!A4<R%AQ%&y+xB2`RG@{F8(^+u0oNUreFrPFTunS#c&QRk_tH|5#MC@KvW`
zSfz$H{!9%jWI>NtM}6Mf4U(hsaG}~5U42AZK1ZD43_+)gu{h=ol~+SwW~A!ZZ<#Yi
zUWuVoK+O#~r*!SqwIyr%JMui#8BWLdZgH%N=M&UNH2qo<{epI@rlSHn4krB?#C)3;
zk!A@zxn-L}*I>>(`vvP$N;`th>KwV6wU!4iJFLw@0qHht<axWb{bqHaT>E8%LcZp<
zQ^iY&wNgKc^%kO2#!Ie_^%NOCy-mxq2`Q&#fY{mvu}r^~)q9d7m+oGi;4k#?1D#`%
zYFL_+ADNpc7pIB|nrC*9w@+i{^zJzJiIw9#TfErJ?cS7L*Gd$fm*Rd876G{f7TNj^
z7tMmdP&o!`rKQbwO&5U(qhSiFgsMZ;xIap`K@hz+j`JzTXqjdKO!sth-JbJk?a0gy
z5JVQmqNJR3$=;He-LL#RV@ArcYfCiY)wlf;DTS{)iBQc;k`9q+T&j^DZIKWuU}Na_
zxQ{)okp$WM@b4D16nTC)?PvzBk;^f=4cN@ra$P%f@c6G1U>-24gc+_>JST0ism#x>
zaiX8@la)BD%VjMED6@Xv_)Uj7UtA7kfDjgUqqcyn_=c|sCbhG3d=ANRUK+$#y>b~F
zfd*jO8KFXV`zr$Z9yc04<_8F6o_xIppQ6Qnusx(2F`fS|%HrgqDTYAB))c8g@LO`M
zXUkLc?3VDXVJ3Im7n~mU<J-iWb6jy?LedTZ3w%H}ePg|M3K+62K={Moh59z;2;_H7
zd&2Q+ipDZE^_mC`SPJTkv-z_fz#a!5ydFQ_dznz4?(+?bo(oVHVMNcf))No394;>(
zfd3FBGh7njh9Vj%OKSZ<k~f9-i?VyQ8_oah{q7BeRPwyT>`fF~h}>5kSCAkW$m|C<
zGHdazh-nw{4NkG_v)}81BU@>^59oe?=#m!dqkCZMlKItJ_CV(=@vAQmE+M(UZ+z%5
z1+R=6S)-C(udtD&uwz%77HdY?%d_HcuZEVWt?Fu}7Vd^*5rRll;1+ffFHghoMs*SE
z*LR2;n8UIwYvM<hV9Nkpc?s*UF`8nhKRBXGt9IE9F<egQ3cNWY#WpN;lz{8sW7hb2
z54b(KT7nr3xqfpKET#ff^|b1>M!iGR&G0ZY=Y?w|vBRP6?Wj-dfdfyDQ@P^!xzt}B
zwZ=_|08E`$LDH5=%wk##cjV46Hrs(h=Nb&IBSg^mH|bkKTjMA^8aIlOMsCb|%?Nb|
zV=G~Yp$x%4g!D;V4OYg2oq(fS@BRe3$@raDF`KXUEB9LCDSuu9ws~_QiJ?h0(~H9F
zu+CHJDO;t^t_xUn(-$5I!2xpw1C$d___JFa6%8TM_&Y^U`76adDk7>uCu3sWl;h_9
z!=8(vY?ix&w74ZP6MK;>_3y-aCW(1nwaUbSK^xqPvi(TUZgit9h(PYL3$<ybS5Mbw
zt&JJy&P38O+MNAQR>RyQgfR5672^)!rgG1kXX#<P0f<*mp0dLqBC$+9&#Bwz5<g)`
zZ2vMCG{U^S==tPJi41f25{!<Fp^E6KL*X1|`kl5Xbzb@82XqG6RCA?V6%GeE$1G#I
zuk`ml9j><qfirl~*Z?7Bm)s?##R0(wYJAd)Nu`CdYo}c?H`@L3<7lpdln%2pg>3k8
z)%6!vrS}}&`@<FqIc8Fo&Ks#+tr)k;NHTiAFGRU1N^$u4vMl&8cfMF8M=vWT&URA5
z`f!g#%w!OBO{c6*q9+~q=B!dU`tZ)uL2b^{IQpO(c_kxU)&u<PIH|AY`ZLTkyuqFh
zaJ#f&Hy_P`JWx&|xJZe=7n8zk<8G}HPRPubf6`|ph^=B7nV!93tsRe?A)y@Xllu7N
zO{c}%>Difz5xO2HuBgqFWAzrr%$r-eB+fK5iNP-;p#?06&n|%NXn+mpK(1QD9aL1z
z>MI1ZRDuszodS;anP4a!Xq=VWj+wlWjOs2sv>eE_s_L_qM*{@bU>9oeMs1a$R12h@
z1`MH^i>RJ*1W4NzxGy3M5+$*N2rc;c3vd^;K`W|@d&KG^DC>i$>Tzi55QOETp7lC0
zE^1_qYBr7y*29Nq*zD?%|A_SEN^HU^og3GdRI)c-e!$RfP~l9gOOhZ=cL5fpo)gZu
zDC3#Oi$nCiY)|gY)mJVj@VbKSR?Lmlzi7Jev%=)-qUg8^)^{#OMZYuByQ(NFW~_>V
z#Y45q+I)yb%FIg6d3raDDRoU3Wgh~9vR23BU%At2T(gD?G0obW;>#6Tr?77D0(JH!
znu~T19Y9CUma4~Wncl(Q>Q)++b@kE?IkVftV&RsGzt(A$YM0dsn`hXM0lXT2^z~~A
zHQK6xa)L9I(2HFluCi>=<V^dq*jq%Pq-U?rVZr50^ReqlmC3T?Ov0|&TOF^=VA;F^
zuyR@W)dKw(imBmXjq=E8^TfNcw~!5haUGKc03lk7u~F^b)&msk5|^G@3VehHs;DEG
zT{N?yQq8+_Iq8Oj0c0M9Z5Yrn%}Bbsl&!-Wo@#STj=E!<RXPlT%3}yZ;Y@b<TP8kl
zUl1Ni5Y&mpBHkb+E0hXk{h;9&(k9m*J%b0<CG-&C9hzF+AG}agyWlB2G3i>$F+wq`
zfCMK!|KFrx@UZSd1J5IHS%{MOS?BFn&&#OKZc!9W_z3ff^eM91)jdY{e=(gGJa*K#
z#RA{J-YSTUz~hiLga+6j;pH`d_0vD%op_RMnf}@n0m_zUs1qMnl=m!d7{3hMn7^tg
zIqB9sIlL%U{m}dl`D7R|AJ^FVpOYW=Yi;vOBs=++F98z&19r6~vw#KvM;W)_a)Fip
z2Nb9M`@(PA<_2^9Z`-E93swmG|0e&mcd>tFCRks5GmKB5bK9IM>9ntP-F>||r@2I7
z4!<=7b1t~`RD@U|N(N0e*1eHWrgU?1aCNm93`}Iu+p%I)eVl|-1w(mM5+Tf!7#yxJ
zD1dA0D`C0kxer^G>3V7T`}^f{&%WPv_x0!2a}Sr&$N4=nL^%o~?N$ic5C}hS=O}3d
z@RjWokQb`iF(}PbzR@myc5)Ho5>q}<lkZ1?8ju$%+W{-h(`4>{5Ha_rjto<u>?Kq7
z6&a%EA5St=yD6dWsV+n}RKCHUucP(U>sv<WFW8ZRQlfe32y&qI)ahe`>#5k$hT2xS
zv4h%H{s#;nWB6+J!P8$3Q5&c<fJ+quFS(Jbw|==FU|d4cds4KD$0<ZrS}}PyJ7)I&
zXI#o3@_jSv)gxq+f8n8inZD6M{W5=ptNWmg)Kq8RX)$>^g8I-Ha{pkA+@^a8j&!-<
zjr+tN%2T@-%+nsn+jyUF%KWU{<Ht9WHqf}?Dg`ue;`slRDYd_1aebCb2H+I{k?~)X
z#7V}uQEq)Asa3?2J0oc$Z}Umj2$K)IlrV4|at@G-j2lTysf{a16;;ILQRdNE^d)|U
z(-}k0XGErBU__Ls6JWSN_6uY%25Rja6wQ<?;JItsH681?FI$7HUYhcg=C<d_)a|39
zAc80Hb7kE|yLN23c1H`Zw)Z^&(HWB+sa)T)ieGgMnt5xAcQeT4&zmOw6Fak(r6(Cx
z&Z1T?-E=cHaoCa?@O6m~F3`AX;w>J0TJV~3k5|a^sjXII*ckHbi-jZmOL1zgzRKfm
z&xt1CStfGfj1{k*6SU}U+fhEdalgO*q?soqu1z*8&Z#YWu)iw{r%KiahNqmZ=S&TM
z<NhPA-N38H<3_4?e}OCimeo1WNv2^g`Q12GYO54>+KNqJl}Y38v*ZfnZZ4npp<*EN
zO@Sqmu&;5zm5-opL>_jMiKy-O1)E)+d+<zS#(R%v&BTLmGDGJ)O1gmoOM=UyIn_Dk
z6ayw*EC&}CC*PP~>GGZ}z-E)KKR}{fx%=lOAhgP{CDg{TrI!ZJm*4FvBNtyN?J7e6
zoha0%1jdz><HsnU`Tzq+<;OgwR2zX3mm+b0y{b3u4;kK8JIaU=*cF|uGnw>tiw<0*
z#_AO7$Inkyb;PzkS;Xtzqi)Z<-e{AA)%42?(-%1{v!*(g<v~3bAWpP3mhYbC<B_tl
zVbOKWnXLqtAQ*RR%3OiaWeRiogav1S)p?IaWN03qedA{ql(5L;?Qh|pz1NTfuMRC-
zq$mk+xy2mLFldP1BX7`OkyYEMZ3W<%Hc!>m1wP3j)B}Ge{6^gTrDb0Er43gnYpY-D
z2^+#YtfH)uz9qJF88}<?=7S2p%0vfn;IbH(mSx)}mo>iiG$&-+9O+9()4M}mI*{}@
znR#;#h$4V9Z)$Jax~-bZ1!8ZtJPvlkVc3s)Zz35|2r=rhow}|rg^<^p2on(($;^rJ
zen>8#Qqk~AY-vNb_K@XVHrj4Zp(+aW^e}k&twzh#E7zam0p2m>3g1u8v)7`V6<M;~
zp;yA+E)^8A&UGIQmRGNp934@y$;$&54%?ox2#Q)g-a%NQF5`RBq*A9jwe$OAJpM}*
z8Mp$-{m_0{Mw(nJi>CUIoOCIq9(cJH<j<!XN_D5^`0F=*qPVe`{a;T0Xq0A=Gmuq{
zTJ2+%NiI*U1KGB`W=y-C=AIX>F2J0zwwW15v&H@}n1G3ErmI<!VjVDPQo}!vbvO-*
zOH@>fGhxF=^Qrn00k^F<zGbUlwwO}##d!JD4ssi`FTGSLy8YWKy88HGb~nkD4BB&H
z%8BRz59#ozVYb%c<e}yJ-%)OLUj)85Mcx`d&dV!K;O)aESzh<&MUXpNlkl}g>u<;b
z74D-k?4mX<JC(xmiwQ`T4u!;%x6^P3jUWD74{P8>X{OTS+I^Qh%aLR;Bn-kul1x-g
zj^GG$#XPw3uh{aq==qXi^A<~L-+Op_t;~j<9F{ef$DZbV+%~|E<C8diA-OC;C|u~J
z#RQ>Kz|3)TLqtt&iZ%NQJ>j)Zbp%DB9vVhrBeNOQHIsn<`pl9eLv0aO{T2|;;Ttcd
z`iEcn8zipa&vW($H8qU0wM6%~5jS<LwM9$U`ew1hP?hr+=#f&3&KG&MO^e2vi~<cb
z2b2l8IDxl?`!i=mqT$C(EfPhP@HnDgC)H9s-~=<A9c6OUcU<+K&dy(+qACOxwn<bM
zQz=!WmRaq&PCr#iSgBS29@J@2M6(EIRj5Apt;NWG(i>kso*xip64O?*C64mr|8QmG
zjI>r**e}XlA(w@%G$FzhZRv?9*pwOb;roMkYN+(tlDR_PIxCAIAgDW(@gN;t_L_(Z
z#P%t?CYA`FJjHgqK0_TTY7w*RJdm%v&K0J}6>S;Jmqr#^2Z<iNB$9YyS2(7tZrxB;
zMIJ}zG6*JYXfR6S#`#lfUhkcT9Dd4OHopL@sR$Jr0Zz-e68S)a?^wcJD0Jx%&OBaB
zDi2gCv`cbT3?na%OK1#wpQd)N>h*U3!}L95MLY?;z4=hfgPvPNf@>UQA^Nb#iH(w$
z*URWg9R9Ct@-&)WsTRqNVvkNX$F3w`0eiWT-Po1SopRWdwItvB349@@Syc`cs#xZr
z`Ju<QC|}2uS5;X5aK&QBh~FOIF%><-(&S4DO_V9$HqXTTK4`|mlVZJ>zas#&5+gBA
zoqZ|8{FIZrCCd*^I_%;?mg(>x)KxMh-a?`>@%oDu-QU3vsJrXxok}tAnO$vfd69l{
zI4+p+vA#yJ1(V%+3Z6VPyfV^a*Y(Ogs4GEHy*%gg3&fYHEx#qxdgQ6xUd`LwB|C$Z
zgwo51##P621WU>W%D9ebQYrw!ZVIN)AGup+sxqHqpqT289B&Vji<yfGd}skOv9Ic(
zVc(7<HU9aNs4Jr-!t&LIBg67F7zspW%uc^Gk6W7)^c6oD$;T>;8Cf6xp(a7)qdBqR
z88n_R&l`9k85DwG%)ZWd=V50x#w?D`*TOVvj5f~94*i)O`|1p>m<kK1jjxucxHv{;
zM{PP2UUs1oA<`o;38TY(TjLADxh$p@jLwKL9jksSamJ1ynT(xUmAo$qJG@Ni2vRYJ
z3rRyZu~&7oH9)#=i&?G7>%C&l-6^$hM$=_p(&b*#Wnbd+s%}fqqA(e7wx=BqP1&F)
zz<b-PYOlb_syaMk*q{gSBphD9YQ%S!u_x@7-8n^?J~C?{87-dtL`9-h#Opg9)Yhaz
zbB3&1CxaZz#9yK$XQ>%C($CuFV+dngv%G$LS_w6>#TWHsUO7PKgb8N&`-84wIce1b
zbu+t6HzU?MlAM&x(h?bYzZ!p9QQT7?Y?$+xX5K(+ej86%X)6j~`>Zdiaam3$iypI+
z{j{QcxKJ@*Ib9I)aCPu_sEVbauf$&?W?5vU%N^DhQyE2B2nA!KB#y=!rf(-s#*;m9
z(In+a*pQny0L349sfd19KVlex6Jd!&AR;tY=py}EgfCAi(#956o4>3e?(a<Rj$9OE
z?194Gp1#+DU(yH!?X{rN9jGjf;dYUF?6`Tw#^2SDGI~UMHL9zPwMC>f>Q|>7N7&u@
zHpm$ecN`GzN{c;AAURdA4}q=H)TZh0ajr64rKW<EN{5OXrTFQ5hGt6W43e~OLoeVZ
zOaaTp4Wh`2C{g&sp#mK*8OxR~_Jx0$S(ou?VT|#bKji^0it!TzfF8tD$N&r&mex0|
z@Ps)*B-|*Z&wOFt;JG*qSxLozdR+#-4Rm2<C5iENxqr)&J<N6EXY+RQre;6BQ)mdr
zp6VNehfhfaZQVA=ZqkVsF8oUH_;?31{JpN7aKMk|xlAyK$;vc<;({F&r1fZDs3#`x
z96uMA7YF#JnZmGSdA@U(BALkUj(aAa_R>2qyepH|iOL%Ux8Lc|r!E&r8pNsJk!g`R
z^m==dQKV(<js}C`k7|>{9Aml=iBdgwIK8l9M+ZQ8$wJiE!$s(jO5;8^*<DynWA8Wr
z{+|vQF(Wrhd`p|1tZLwi85cWoKpuJGYMWRQb^(0I-Hlv)lrIX8o-8j2rd}sqsnGZI
zydB~*zt;2O7;uGm-oI!}=}*J%?0wnb<sd<$?Q<O)m*#i=dM!V?QgZt>j^@q8Ohhw6
z3b~NH7GL}~@$_*ZuBL{{uju0i&*b-8Pxjgk9^Ob+u`X)Dc6fDIoVdZ$!mg%TZik<F
zrHnukr80kJ_GtPr-9JwdhF7EAX}5{v^^k4QyUW)JnD3GiWh#Q<*00|VZ=_BP_(Rza
z_AOJCe#H5rmioeV-<^Y`{UNSXmG%RCp*6=GP%mcoC|?;i7=Oixyb^4X<&9Vz!g~t$
zgfmT~eZ3nw@&6Og?w`#b>i7)&myn_9j|JJk_b+jg9_xQAsUQ`w9{T^vBryO?4~k{u
z=MG|9F#vW2h7&8Uok;U9u>Jf0!nJ8tfncNn%#Y-uIkrwiXG2EA9ckikXJBw7A*De-
zDanZg*^|CNtMMnwIXkyUd0>fpVqO^c)k0!G{nq*(c_4fn7zvHxbKSlC>^t-?OV|9@
zwXEn}?&rYzYR-QvBWIK8IzxzX3+9W-A(MNTJUNv}BQr>Pw-5`fyWP?8cUY7fBQOU#
zu|fND0lAp(TKjlx9H3yj(nkXA%o6?%y}nD!^7B1(ZID@?`!b#})Me(Ye)Pex@&@-B
zrR1tn_?Sbpg6Ucx4YadKw1VlXQSs_%>wsl~30gY>hB-afJ_vhe2$GS~*$LrZFqKMh
znv!zWC@6jMWWQa~Sg~Qi>B!d09bi$HZ;Ci|Pw!8sF^0xsYrlrfN;eC`IZ|u#k``3O
zVqWLbn{0_dyJQZ7Ee-e5LuWnpC2a1cjJ&89Mre*u;X{vNWmMcV{(?-?76HeX9A%nS
z-Yiz4H5&7ep<fv!<;$kWWUETbu)^Si_mqH=DW0Lw(;Xk8nLJfX6(4iO1+XS;_gwiv
zArq9T>jjGB=Y^R@h)pgoHK}7~wuM_rg1d7eBb3wi0~vby1@KJs9Lza0lppSvn2f{h
zlo4za!dN1mUn3}UJxUley?iupt##?0q`ziq*@eLm8iE{G3ly?TqMF*3ZP1Qaj2ND)
z567m>v?eB(R|dT%&wTaufL^+;_^2olC_PFJ1WJx-(bF3qI@Hta8%oiu-ru7=a^q0)
zic!$B30og>)1yDy^UebGA?Xgr=xvyyoo8G~63$vj<T7$nzv6hXE!+Pds-Z7zT>f{8
zNp^U2Dc>?i$+>RS1`1};_3XSl*sEpK%P5Yq`>@XfQAOZBuMGiy##M}w?M}a}nWrFZ
zjn=hr*4-L{HCt4%kXbiMqTGkW+#0fW33G2q^!cl!x;s3@v4F)P!Oj&X!o?wzu8xt*
zW;2-dGg!vlgA@<uvS9byWY0{Q+}$IRPEQT~5zw*QZ4jfu!jN2tXU34f1Xi8%hz;j$
z2SE>pgX1kFmIL5)+se3QB<H1xb$z<$r|;YA;#(dS=X%?~DEND*jQ-R@&$l*;$@R8`
zvB!AWkSZYz7#M2XcqPDFcphg2y#}kxVFLSm*YeL~bk{`gw@SB6`X5=lN_roY1$#F7
zAE<U8<M{sbLjd+)`@;6wA)*d$`44i(KzEvAatdjMGyt|ko}4a$Qzd!9Eu&bjlQGH7
z>V#DytvkKCjgg?^qG&=*zx1@Rj*$m?+?8<7Fbx9R{3J0r<Y0#i=G-|vcE;JQJa&c|
zzf_Lu-Z&|d%+*&Xjm(XIu%^h>tC>;i)VZ0FEyFyTvB@=~X8(R8r)WY?KX&n!$3AAB
z0)~GK3{Z0JO&U3QL5<^0ZF2)L#?9YC5f~oS%JB9~IyT1EG4mUYXyPdTzU3e=T)tHx
z*fti=jdl2^n(M498Ov4=Tv;V~f}bR($=8#qP7?PDR8^?)$A&Cv!-=;k;azz~VntXs
zD38zX#QAEI@5>qBO^gCb>#~(FX|P=9mC<LG0F+(CQ$6wt<Em6fixtxdh14}uoS@D9
zti!Cul@qtHZ;r5{4smt;n<sD}(W`ba&0xH~rEd>!=O2QQ-F*@VfgQx6YjcHcdUX2x
zU5tjCpvdpN`&C(y#1JhL5f;i`mv@Z;LI+f8s0Fm=5cZmgqShPOXi|`GvW6`jNdp%i
z07uv`4Z<VtLe}+jh^4W|mjZ`q(nyL*L5{1P$oO9kg}gh@-V=I)#!F0+xMFBEHH<qI
z+E<lg*x!n{6C9iL-6U!;0oCyE#5ArDQGX)jThe0msaTE*uAxQrN{@HZTx-oyB^3&+
zDN^xb&FX6N1ya<FL)}xjyX?Qi@gvt{K=&gpEk{)X6s5Y4K+MFST4BUGA)&c&*NK46
zOuq5W#lOOcRy=FUc-E%sGd1*4`6}Qjg^`$sZWeB7j6wtYQ*`G9t}wymy?SxW`i0H8
zYnzHsv3Hs31b5ZsjStw*@pKF5lXYca_Ng5mG~XUzFgcgvry$`sTAGRMmGu2AfmW*I
z>*qHJO2w*Yn6cqzNgzO>CjOwL8?gg|ZW9bGZSDjPI?F1SmGu|2@x_yRnwum}pEtmE
z&2L9-#g>v)($Zqk7z{oS`Bi(r)(ysTX45{8LJcy5h=~TLK{Rv9`8h-3>PL7zjRJXc
zoEjR{aQ`&5vY3Q%Ox~YB9XX46pu-cLWD!@I?xbL|;ucbWqWdZ`l60*e?N}|5;vg+G
zd2*~wM@6+)7t?XsTSK{95ZxLfm4;#EkDy0MSzmYWrl`4ir{1?4F3guKtHR>p06=|$
zzeK9Z9<kyPrgGCPI-ew$H&5uB6_03O=?}})<%y#cq?<Qyx_>FokVDQLKpNMg_GZP=
z%U&d@``d@N$0Ho;I&RzYB5I4X4h*cu+5H@Xw|=iWUgpG7x*D2oczRULG?B4)WkXx`
z335Y^K%e!m8L3puimXd2r_7OK*ePN}vsi8M$jRsB*_SPe<}wNe#EH#7*(DOU^fkqq
z3(AKZ;T&<D;p*@O$Or{%z{X3ytEv<CTwqazLlQbOy@X<c-f*fq-C~~mJzIV8D*POY
zJVuq+mQ)U&g@rCSSg&QfDtT?r>*8dRZ0JJL5w3lVzn)vm6nYhm<L}pXQJs*HLkcou
zl$E#50-hdgAwCjV(=u~^)$+OS$fdQqtW(dB3URfqRTr9Qjr&$YAg~mX*vT78tX9|-
zfk!<4gSK`vimdGpQbnA&99#*%@V$fyXI?+u>1I^aklNnSn=2T8<U2^(?xxOl=24Ri
zitdlH#lL=5<ey#)XRl*OaQtLDSIY0{#PAAMPcPQgww`}PC_d}CZ5->03GmvqP$qXf
zRCF9%em0t=vCaun0;Ro|k-G?JnrkOdLmXbX_B#A<GQ3JPWoXDs2o`lWTnX3C?36=^
zQjB+?tj)j%`uxD_eHdtih;xLl$f&Az5JVfcCy_nJ%@;wVog_V1$6LZ$GOXxE<{R9u
zrQVtF5Pn!8;?Hn=j6uy*yvCpm!?0z%#zY$-Hif!r7-mEr-~<s$QA;gxrvJloM*)=k
zL7Rsz!8RJ=oDf(83gm1&S2o%C^YVp;;xCBpMzJf3^3-=6XC>4F&za?KR0nUK3-ng-
zGcE|R4G$EI^(!d~roBB1&a1JS^+pwQ<2Ogsjszpi4Rlw6eC4~#R<Ev8kpd&f0nMG-
zPZ9l!lWY=rpfDc|4)>0I!*0|}ZO35A#aU1C$Bvz6Cy7!T<I<=z#4lsNzrDs35=~#k
zG$wGxIx2d(tS}l=-;;{g-4-AriTyAV8DQ?ZT_bN`7sJeSI2ff<#o&unNqWyK*-X11
zu<xR$b<IPLnpX(D|4b#6^e|}-dJL(MUKLVoM7Lo#0)bekCR1-#O=e{4(;0e@o)W+A
zT?f$N^Z3|n2MraoH&grt;|l}l;zcOsuFnRVvaD@ZyQNY=Vy^jhjvcEC_t}EK*m`ZV
zNq)`CL*HeGB8*W&tZT=oG_LjzypZ+BpG?C0(fPU(yJuqUmNRB6*eeRQ<|rJ6^HYgR
zCM)#d09<=o2d+lSmkxJJ@!=$87$$oq#cYBzz06hg<fq@RtFV1O_K%XMV=5qs`rJ5I
zjYk*nn4}cHIdZ*NU5Y5htZUbROPNyQ+9X-v+}Uo0yO5iqb?3;L^iAu#RFcdb)@To$
zDMn4|YvHz`9Vc8JyxxK1;$?Wm@;I3OT+8Q%0#>U1A-0X_mdPUc@y0@qDz3{^x8t#H
z8<~#wP#GByjTy2Y&Gb66qv$}O#3(mCy`hlEAISGT24r<Dlk4a~NMIfWBgyACLZMv-
zTf);~%7WYTS`N5>VnVxQYOfFeL9jS4-`H%;(EO6c2HIW-?AV6rE%b5~CtQ{~s3#LY
zf$jm7uD+pjJ>MdJj?9f4Q$h%?U2`$}9|aCadzed)HS#>oO|yZ*s$_Oj*=t<m>$ZvD
z{gfJ?=3ZGO*E@Z>2RWf#Q9Stif*$UJ{J{z_*?*vOVwMW7$?2(14xsEnS<$xDB-cl>
zlH}-oHSiftk`$!Pq+ZBP1dkRgjUJnH02A|#{t-|9;I_JqU|VOX66F+zDId-x4X4#A
z&vx`dHK|1t-45A?*3YwX@5YT%;Q(&eLva}I?q9>&`yMbU$jbDOP&8k;X-J{66HN2S
zOK<HRCRV_Op1--|-LW-3#E&c=<jT0Wtz^$qUb7u&cnJk1u{m3`OlV#{&E@h60D?&|
zO(0TD3YAb_VSBa%_x6F_VEk4h3$j(3WxP9)_J85lh&bk1YYflWcO<X%3RfHlWYMp5
ze3Lu&lT<5e`gSx_RZ{29M~N5y7QqwCqVP|S--wKc=q$K`!LNQKafy2?#(lk-q)+Ff
zY;AcF(7gvtP>M}sMYBns$NsqD05s_%&>!U_L`m<6uOR*(qf`e;&3SJ2+pb9J1g-(c
z+;|@x^XerHR_)r_yY>ZtgYRe>i>Lb^s>2dKQ)U;w_BQ}Qm3ZBU;+TI7!*p@k59TjS
zXUa``Ws#>=u3>rizl+RR!&Br`QBVJgks?T(!M)>gzdt^N5A{uOVsh%Z2ON-Sg`Doq
zUL#2iQ|eX^&O?30IFpny)7$vOdd67Z7-D~~ZBW)N$2;7IduSy`TZ-<JSL7@mW=*C*
z`ll(i1Y%&)dUv}!cWj>2l3dRnrD&+(zQF&r9(_J|=ajJ(Iw-$O_(-=+_Q{D!SkQje
zs{gHTSCXouZRJHVr1}~W2>7h5s*ZZn9wjqns!j`h9Z3cWkgN5MDc}+~x|4=GAq_Vv
zIPB4{t)5=}GdU`>Pg+uKiea#!c5{^tO{01=&CA!yY^&Rk2MMO+p`2zXel%)hU_{AH
zz@H>XsH@UauW_4T`6};~1*?<P*z~YvzCAPStn+0E89wA3sWVyb01mGHJBD7}n1QeS
zC}b-met#wf(PTQfm_DJej=$fc=lMMaog8lVTD<CcLAR-Lm&Uy7`5W!b%l||};2*T~
zdKhe9z%R4@SZlD|+c5ig4+^pwz2`N(`+q|VI>g{8z3OgY<h>#K#=fhV)P3=?t#yrJ
zyP*)QG5DcuaPZ@)1o()g<n{l!-ADAz=rq{fQ)e{T-?I~p`<1%=J^gxBHgrgl?Y>oD
znaI*{=-6d@{2Jj^K(|@eN}EXo)mZva0JzQ$#cWS?!L>#oq@ZhVYN$?jPn%x%vcHz)
z@?i<1yUPPc0o*&o$?NUpxbeJ$8R)-#*{V|sXEDxt2NkRw0HwQE(u_sVH-ytC9nAyS
z(2cW4W|2)>nWf1>%dMI#p9l_rPR;Sim$UB$7ahbq+NVbi&C0d7I(^NAOb<scrVu5P
zXW**@iRk%P8yLQ_UZSpamtyjraNLDqSyn$qVb_HWVn_F;I{zlb6%|{u65OK-Yi4u*
zrL0{!bXnAn29jRPnpaf^;y5E*8<*}mI<SOT2N^}tC)ql6w^5WToJ`Q~tL?)c^XYV(
zyoHO4ap4OYdd4~zji)-X##mXK>Z|(AD;C<5`Y+C4i+^7l-?mIrM4wA}DRW3{p|-j^
zTo6#PG}YIC7Z5Yc%wO84aBY0-we3ki8?2v0Q;AcF0T}&><VsY-kud2vC9bCF^bO)(
zzbtkpOj4+!knW8KRIN?Hm119$HI1KM?H+wi_VU|1zKh=;{O&t(@uXn(O=j!<<>jG0
zBzZyjsK$1{o2iUXJcEX=U36dpR3(9*`6SLTD#w^)dnHp)m(WgLu8Tlmvov4UqF&My
z^x~1p3wV^LCo82&Mc#Dyx!F3iCK-B#dOUy359t%MRPP*G%S0*oT%v_#mQ99`&N?em
zYaJmaduccc%a#{}OBO$U&mWsYo>%xVz;j$i@6@QUkmr?DTWsA}Kj2JQ&{e*!P-k`d
zwJ2>2S9Nvs(t)e2Qg7uoyH@PVT5jJaQx=a;4z$p?Gmt!!V%@6gq$@O<Gv-XuwJd_F
zAQ)og#nMIJlyE4H55y0wTo<bwiM>VwKroG?!H;@z>l5w5O;JSRkE8SMWlS_50p%y9
z!(s8%soTz*OLRqqV{2AR0et9|%D4w!CQcPmVN8vL2v`}<aeKrx6sz(Ck@^<pGgKNA
z!2Z6*wRvRRm8UgFcAW(V?R-hbo}t9v6@@AEKN3JkDZik1ztBd7-rfVNe(zVz!_7tc
z{GLTy`8AZz5w`!Ck~0)|ZK^e3B1d06#727oUGg+_^rYQM!#~JKcIE_C8!yN6ec}A=
z`CsX~AdQ!8K6k;%OR!NTYcu62(GMr|FP<arj=>IYi0yKnAlF^RDjTF7*D!vi&mrO8
zYS=jPY8!WdT$NL78U>!&@tjFS-6gJm+J-J}Dl2A1xr*=7-pm)NQMC1npLg_`_L6LS
zI@-+D>iyS3aJ(`7)d1Pfu)ur!8iTJ!K|GP~iI*`oQShP%^n526DI!tE^)NUIlpJk6
zz`fas9X%JcADkY*I?YQMuG+a$dsi;Pl$1DWl*Fql=qfvS6bC8xX_LG*>7=pzEFi(K
zuNzN<Q|DGhs4VrepHl8?p>#&_`J>@4`CCCk=lrR68=AW<f-^}Q6^QX^jVfv&BaQYJ
zpkvxYuDZ3GADTjzi%5p=<bJ*amSe2$p9AfGv7_I4uyWLY_Y)k~ymyzArN034C`ya%
z)Ans8{5%#+cEu7y3yLw=dcG3mjy`>YZxK0<eqUieQzGc$pGM0*EQ&#Xg}AU6806K-
zG}@$4!@t5$BHLyqQ%;E;m2}gh%pg&-Dgr!?^Kb-4!6!F(IPBer<vEZ6C^x#fjVdiN
znx!oHgL$80y}q{>qyZ8fCWyeaeGF!Z03nVqf8u^|QhT;Q{hR8A(S=l}`A^U)_hmVD
z2i1T?`m$~@p&W){;I=~B=s>Vsbe=Hw%KwzITpwqbZlBMM0o3(C4ct~7GW9=^Oa~fB
zG%153YQE{DU$O6FzS003<DiHdZ;*8z>p1?R!2ew=T({`^gXz0a2uudW>Hd@T1v^QY
z7xg<LHXEv#+hq(d(HvLtP<bsoE||VsK}=dV67W5yF~Dk2oz{&ye2;nGGQ&$K)OPcZ
zE~f8#(6!c$zTEV)nh!QHU{rV~X5A9-g`8W!hU-V_5)!FgYcOyiI??Ygy+g`Uh1^f(
z&9_2|AuzFPnm+jRiC~gIsE`%@LhUFBdY=TAQkaPwX)Yfey4M&RJcb!=`lr*kfUz}e
z>HfG|G`VP2RIzWaS0M+Ln?KOaELy~5Ia#n)$&)9M#F*Y5W2e~BZPlhB2^0g+)1fMu
z@!rJ15Q2D`2ipPhM=RF^H*#bbBC0a8%b-Cd>DkhZ^ELQbS{*N<N@VL0!414nHE=7V
z6TB>2bOz`hNn>ZU#U(LT+b=L1;K4>@+`F9Eh;0K}EAk6@5|l&A>@+r<*%+bzgUYR<
zj8ka_DQf^1f@K&&e+1%el(6KPFez>`chvbMGbrXk?i?VJKM<3~6I(aJR?ne7y>Z7D
zc}&m~sw9Zrf+*4{;4+eAqiiA=zUgoD)NO1Z-8E;#GEu<sbiyHspA4WRkotAY?hB5b
zw}LeC?Qc3WKA!HoRk21urzMBSe8+V`O;;MaFOl8jpXT;;Vr2KkagRQkS){Ul!t&6t
zUSuB<$T%S0?GMIupr0eyMVQ<!%iPX>aRZgKD#6Vc{9+WP-}HI=SWA*-vr5#<af*56
z$)4dlhLUPkn<83k-)^B`{qbomRrus7+hOJ%oUvoK;Z?t8Xbv8+ajYk-A$48O>l(5D
zp4kbRwhco|Pxq&a*Pd#G&ifX+8YM&W`anm##v>2#rDYR$dhlhB4)GV#+NwiD<Za@!
z0ZjBi#tZklzw0f+xH!9u$;i|qh*{ZVkB3u}AW&Vdz#o!pNH|R!lvgLJT!n@hX(gMu
zGa1O==jcg{R=R8TbN*UDb&R0cNz7)>Zd}<IY_NX*iWRDgrTf^d@2G>F>O_Z7mZhg}
zSE>RO+D@`ecqJ_6EDNXO%FS_hb)-{PQAC_c@4cxhVNd7xU_kcoAc~3My~$cy{iT-J
zPe7OO(h0>36;7taE|Njacr0bEj-ExHmK)7q)kNti!I)l$ty29&4Q<k*oYzB>F0jb@
zhdWj^zeuL}OP=v0oNB{c5gcHRC(M}LE3pA-e6eZkU>Qf1%jp*?@+CRT&`2r+uXgB5
zo>!rqAaW*_VAB2&FHUGIvlZSSYM~4WSZ)2YC;f~C|3<-R^I~hu`&CrV6cj9YXy;Dv
z-2EH8ccRa&*N6WwjUWCdtDeT!8z8$9slF5X?vxO;@fZF@EsLbhp=4*=E_A~mDN`ND
zB54_N{&z9yMlTuaHCk|JEe2k{D^5Sby}nk(Bh{(K`$0(dXE8%>l?MDpk`MMUBJ7eX
z`d38kqH#kB27ABY<L<!2of#(l0uXI>@Ia6~!Bx9h|2lX5lrM-^KevtOK17-*g!w4@
z!J7M;(h(dA!LE(qd_%f-q+ENM(jx)bbji=RJ>iQmsogL5aX8#iVLPt)u~6LLSl?RF
z<4WCPhG{1U=N%Dh`{_U6&G&I9`w-LRGDfvFg7#0ybA`*U#Cb*H3g&OLJ|N=;>YPyj
zhL7wsaZ8x)sO=6~8M7;5@o=ji?7|vjPNUvCwo;FPD~H?<vSu@-?t?dgM~MSum{Cm)
z;?*Op4X_hKnAP8&O-fcG;D`L@4%R&zUm(-MXKvBwjx^Ehf5K_G!)dwdMfi-(F17Th
zG~a5fH!#&Be?I`NHP19J*sSfc*K$X@gE&>%71gsZ9lI-MSDhd<sU<f?>yh#8!?Frn
z9)Igpk$N-_K&uz*znRy5SL*_XaDj8AO52M72&6wKImRkxDU!b+-zes0B!zPPk?gt4
z)dv?$J7Bj?g9+X+rCm?v52HB`)$qc|7v=%jvasD&emkZOgOmaue4iil_AA+G@d7{n
z-ebq%DUfiwPH!fTd}IHz7ZhciyH@AZ5Ja$-nUE`-QSWLKP~HEtJ5m7m>!Kg-13CEQ
zjb@x7L7mbOcIvC0yI1a@Fi21tL}~if#<J_NkAkBiUI~NI%6P-Ie<}O`1Rk*&Q+18(
zW-DIn^>*JeIi0ZuT~1B-!geKTB|97V-fcdtJB#`|^bnK${PmFldBs!nfY>HJZ-Xk?
zy7D{{vIXBsz^2X6ei*PfofEduj>hy(M)_icC-W`Tk8;XC5=yU%)_+5sUsjHe#B@54
zv;LUk2!B+1V+J+DS*RJF5P1NMR9fDzkeqH=TmUB&sil9Aa~!HV1+6aFF6=ro;(h_?
z|LVF9sHU23n@Ck4bV4rzq4$mysUls$2#8=pQ;HBkIz);fy(ystP&z6llAze=T{<XD
zAP`VMlrB<V;C<_V@ZR?(Su1yD?KykOxp&>%duDbDJWrT;ewDQ`z4iL*sbV;rju_N9
z0xtUPPO}Yb)B`W3FFKMzcaRKuKsf~2XC0|0FcNVsp5bRaA)}N%0gzXX0NXgNx9mDz
zG?md?#8+?aHTZjK6m|_hcqdyD&zZng!8}^cIWkJZh^n17cd*F9oQ-%>_p0N&9Pws1
zOvWz=O@O-MTq5CUxxDnLjna_Gyj>j0p8*<2v5{Y;IV~i<mqzuo4w0a)^$8IlS_{8J
zX{W9|;q%{;?di5Jb?qUG&__aDe~|4$Q7xbW4%#@a9V}~j-(#5o1J204*v_5k%<$jl
z=z!$e7K#EUO(y1@RI4Z+3-pe*{2U6d5GGOC;MsCxC-N=#5#N2tZsLw7f);U<E#Hxa
zw;7yLN~P4Qdz$q_9+`IN?{0oY=MDWuYO|qERu!c@ndED#N1%bL*}Lx8zqW)s>fNpr
z_e*OM)$HbcwgRbmqQUP7ZzCkp+6}zV8!2ItvZ>TYkAS7|Ol4ruDslDgIx>DbYh7s6
zAk6S!UaVw)3u$@?K0@ycl%BWCZgd+>RVd=JTM!5Ye^6`oMNR@$D4zeOTk$i%lYP=A
z!Bu#>O<Gnl{N}q>sq>59I(W#CfNzdL7C$(O*}7bhhmvP=IXDDaLip|E$hr(d)wgKs
zD5lUwTZNKx86R3PEePUWL|%#h41$37tZ7~f39SpD{m}eS(mY2*?7Qow4-@1ESwvOy
zuC7<2=f)SKkPC|R_f_|;p-VL@tK7Khn#{4Hu{&W<6AUNH30Gk2q3+Xz$rSA5OlKsC
z@saz+<~?gI@Swd3Kk2)(apVFpGY6`LlPC*Xx;o#8!iV}aYtGoN>BK}1qv#s@W7nQD
zBqU`MI2WIhF4oR+vTqC&wS>jaD(Y_=ITqFFbt|Khsf0q=0E(%^4rIcZ+QPouJL?XP
z1xKC@$tZlfRX2+pQR8{Pj#0L+#4-mKFAS}iXj}dwx0yhi)oA^5&-Ou?y(N%m!@Gh_
zld`!qJ#AO8{5$=_a)`N~idCR!1F2$r-;+>p4~~)XI~duPzA?Hw7MTO7j?F#6tlGX%
zwHYI1Ey0~({Uy}P_10WxeNx~Bi|&en6wQb<O}b`bU1bs7glBXJrbmwls;v^joi1{?
z>Vg7Vt&}Z{AJ(+!Dw}bVxV2)u>M}`h#)){LGRe(ivsMd~fp#ops~MRjJh64Fkyd~s
zCcV`dVI326R40=;Mf@Y>xCmDfK^Rr*_02e>1x61Y?H|WZ9d9!!wIn=RNq6w*W&#}z
zJc9D^BD}Z*+~ezx>rchmpe1|hAI#b=-R943A)6IP@EyE2m^7UCL&S~>Niz4v;bu(`
z#iSV1ZI+we;j=b@*te#pOiCSWvk(<~Y*!GX#+~U+$HP(KoADEbF?jk1-ATURbpFWh
zy%u$E)Z3fUtt9J$n2#0#`x*?~t>PDw%l93Nr_2lsU`>-hJt0CZBOZvYqK~T{H-fZP
zt^550JJ~v6J7KS3Y{u^}6k)tMod%|*JqHs6JH)`R-`JQ%M{~`R!$>#9%7b(_@~?-j
zI6F(ZNWO`?K~nHG=Oy!NVt*c|C_s=buXh)=S*<_G_t-D9-)w7{HPjs9dLJ)p@2u?Y
z^Hcz~;~&i*DVdU*fm@iAv}5}&6}r16b08?ydz*aV_ubt@mz*P!B}q*&f40KOc~s@E
zb+PwG`M)>;(4j=imiq=w!3}h@%>WEIi6OZm07F|6e_+nb9eDu(Fr_zZ*qTN1y0e%y
z`ynW~S^An{X7yw@QFxcN3m|4sct!wKGWhqMPXVZeeG*$yjiwvE!B+elts9Hvh^(D+
zRZRB8m6;qN<{@7@tHT~I(7btQ`5pQ(u%_QHlVaWzvSWt6y3eg{YZh-S-xs%h$Uhz`
z!P6R3*s~13f?(y#kV*jL`mP}v$s+T$!1Y?5YnO`Ro4wGaWf=@hMJ!MMo@3v9^TTJ-
zT0qXT_xyrH=m(X)iVEpCw@nTV)d1<mgb;H9-!lKWC}~%Z6x%0UZKMyR7M}7@rSt!}
zX#vSP7wRa*s`ov((zgL4O9SctByF-CnI)Sm@b}W;-K*F2ybToTEz-iSA+PRy<V!4h
zE}&AUER<0D!<UUIf`5ocpo&~2p~Oc!niCi~Z@?;<98oAR#(BuEY9eS-h**VGHY*4B
zEeNT0IeIJmd^Pe05q?c;$txNZx+(Qb>1g?6_!>O3ZX4{>1W~KxIp+W(3A#&%LWkY5
zksB3{j4kDu)(&_}naQ)HkPqMU#@m}WmAQ>k)G`=%E!>N*p(Ru!jI#Ze9mTesL^Ej|
zm=lbsow$26nS(m-`G%uGB=gj)qApF8D)CIW0dw={w>@8Wq<$E8dTFe=bZR7D&G;BD
z`E22Ey)uc?VSTnG7AC(_{F=&6Y0V*-*R1)8^tS3biRRG>ca@}>C&=i~B+i136w8{Y
zUrIiUOC*Fk<fTR*7~6Nmy-Rc|DeCl{YW<n1+H*UEHo#0H%8W@Kr_8}w)CwPjpTCDm
zz(PTC1Z^u}a3h<y3|ho2+Q^A{QWSMLM~#d-rF$ktjmr)t8E{21rqA(#5X})24N%iM
z80mwKzJ-^%QWou6hx}G<OyzKtXQ_|Fd|OOtqptR4v9MxyuJ$hY-FJJ$TVnDud<wA4
zEI*P)@zFrSCB+7sV#97Ap^+(iAbm@*i6IcO;{<?q(V-=BX5eGgsO}qHIQMWG?+0kr
zlp~~gNzIsk>iZN`h9D=WVtj-6R>%Fq>gNL*w5~V7Y0MNbWB|*`)QmI;BVBG5g%GZf
zF2Pqz%UAE4So*I&D{%MA|EaEwPJPXF#k{XWQa!3Dr<eRw;M`-HxPfb*4fxvIa)t)F
z&|ajiBl4Wga-wZ(qyohM7KLkt{1!#dr7&mKcI==@czyJ0*Xz&o?gHzH6wj3kUz-f8
z8_VU6tE|oWAS>3=_R8+^MPSs8`<o`)RCc2gA(u>N+H_-XD<t9DFiEj55S+_!20n;?
zU(9aVMt~r*DLyFAI^WPJcU()OMVh9xIJ!wWcc8_SJhkU%_%t=u18vT@v0mA+UWi}K
zrG{2_mr__5JB#qA8i^Kk<>NY;C|8R)-3_sD+zqk?B(z6SDfY+k&?=*4>~w#i%nNz(
zgo%E6w5MV1!*^g`I_75OP8O@jD!1u<-d~I}Fo9eQTY&p4kbV1X3-7fx{8r3$NBEEU
zoW|hVRYIXvuO8Vos6O^Kc*IZk<#v&x6{`Z;QK6D%{f1d>nllU&6w#f^=s$N6o>?OW
zW873gAhTm%&QOT!7vbTIT8w#|S=Dd0qDu8GuH5kFV#Y?SgPwUsGE*ea=wFw3o@x|a
zohfMSb%7o|PSPl1?8Qzmz8pRy4^hsgv{k1=_f8F)l6D8LmiR%01tONXDKBK*;i4bj
zyj-2+<i)7vK`Z+<tJ(Bo*>ZSu@7*Z~170oeEfTDS43y!*qZ(KPMdsbzL^R(qICnmf
zwzne_Tz9n+sERCJ4=PJly8Q72J^Or+@|D^qy>;ie+EW)M2>PQEN{t$IY@n`7GYWN&
zt{*Ax*iO+*cLvXZ4J8g!{uG*MJUk#Matiy;O8@0`?z*iU`$g`?ug1W2K3icP$jA!+
zz#pVTVF*)SYBHW|9bhMTY1KK9PN}=pt5hxO{d~<%SqLZ})i)=$uD5USDJsAF=Gv9N
z?1vZa!G3?ESp}w<RMsVA^gc<jbpL57UnjxnhY3`s@C-fu#fZ@h6CIy-DbNX%oJz5O
zY(K9gdo4`Ng5WQE`_KfGhD4eEEmX5P)JZ}<J$k}8Ur&(#>uJr4OcPvpsWUhfMRiR(
z;`Wo(EDj}e=6Tky(-0D~A)Z4F1TLF`$&y9y<O~6xfuHLlJt<XgBI_1CeD#C79XvQo
z8mzp8meJRrHpmw={n0}bE>9E<y1$USwY%zI$HvW9bbHE~uk~qrL_sSOhnH}LIC5lx
zO?l!M$zfR>&L*QaNq@3v{;t1k-T23GWse+1yNN=RepPJjIN$7MfggH1L-FdKcFwEN
zmnH*;mGk%NT`d@WJ#4h&6w_bf!TTeI=Jmyl>1oDW;o+cs_jk*%(5t_+SQRsC48*1!
zUrNu#hLv=E>rFn|_fT-^XmNLPS9yVao~wZf&fA`jp53M@W^HQOQ{)Q!S#L3TUX$tq
zEKGhS5BPC$Cf}qqNTcX3S-)8hN!@s?v}q1)yDQb53@G&m?z-?$*E2h@7&*%N>$gZ>
z;#$2bpn6HG9Ea^Tfn*ivv;bAlkwt6SfV7MWV5s+^LB8(Q$h>xNV%Rv8p#Y5Bd~_I~
zAM&dz*H9Zx?&ra_IcVE|^A;!)$DTd&=Z912)Gi4XbZ7>&wQ2SyOUrt};?lRf(9CI`
z@&%7MVHfpAxvBeK*x@KipD*OuBUj}9!k&CFFw$Twaphy}MJjt9tZ8``%!xrcF4e0q
zcT_!JQd`Zc6L&&{ox2i~YM<YZ%=E92fvF8)$-&)BZ4GwR*Jo%}+DZz3etes@)H4YC
z*>(fw4rAD|o*?c?W*IuFk#}tjL(8$C1huXB)W+*l+8&iEiC4Tp;?mCYmU4ICTwgTl
z3a2#IhtK2|2?=%s_SO&R=n5X>wkJ);#>3wEi7?%DgN6ICi4RJ~sIFW<j!%o>&v|g!
zmfR-$>h`rEXhn7O)i;3uJ*8A{(3L8O>2z;pnBCWpcCSq;MsM*WzrkPNvC0blox_&s
zA-(h8H=jkJ`JZ@ImPaWBuc}#4*a&ew=~tk`CPsZq{Ji8h*yzk!=E28>9f+Q$Da7sF
z5zitZ#t)=*f&qp&k80ZqBuEU)Mc41wWIZlvRrm;2QA<%d%uOypm5@1yb4+kg68z%&
zc|~)Y_~_*IuzmaLwovq1lWCh*YPoo@uC=SWpN~4Y-7%k%yz@}GGwh)wG9qN-s_Za`
zwVW$Td_^SlnL16oTVI3m3f<?CyhrdAl{DH%)r1_gK@1+GQ0kz7ybU+?E`QqPUke`M
zvn%{-7vs2MVlXllLA~O^TJX^*#OcXzfo0l+!J5zY8N6?7CUPUU;NATid}Eq|W19Tj
zHczgYA#)2tbsWzh<@~&L(P)3#ahg7B1(_ad=D2$V*#kz+XxcF}Ng7g)pMT#F!n>z=
zyl1%!L%ArgC;-sLWqKUS3OvUIU;<DQKb}=kHP^+KcmQ!j^Usv1%vV5pp5wAL=zbJ0
zu?$Gu<eVOGI%%VpUjcb}k3s1U1rD3UP}iTtP*;Z27{GJN^fgK*lx79+L^=p%S^?xZ
zH$sJSBmSO*&BhWBC>e;cwOS8+@1ndafna;$qC>TEj#Qa(B5e^-DfKKZmPnut^Knv?
z*YR|8@|JXPhxz!N?#XfW(=zF-XByN4MqR7~LQc4iDv6Ex%8j~P3FJ9{T<t{m8I@8A
zWY%C40swTJynV0UclP{uj?-eUEN3_pMbpK_SW#+~|8)976_5i6KtZa2{3pD|#JrM{
zJOH3;@b9KyZW^<%(E$K5yZ`|08Phzdyec5~iIw_et0t(4Dj?5E{(zW2_uK@<Ui}Z?
zQZ=z4(F|opEI8@jJDFGRVJNL?AT#hX>S;BQNAS4QHU%yYvnl`pvp)a;IzzT^2>|F@
znxm#MKrqiSv}LPLUyg`5&+)(KnH@!o0rK%4gHG!So}IeHT$DKm$a8`^tusZ8sy>xQ
z3sK1!px_B1wQtA`Z=!S95+O{dFvLUD5ayrZ{EGo{sAFr1vbxT2b8k=I|7X5Viybka
zvE_ui_8KT~(yad|j}YDcEa>qz>gj7B{|V~!&i`joihJpxeK6|xYalh>@nD=@gUfh^
zbo&T^vacbYK*zB3_&-xRMAa=7qUzRJgKh$-{2CxX<QV0SU<KYI$~7GwOE#S`wk84u
zSULsxqWEw?cH}YkMPzS@1rfLSf3VqN|BZ#-bMklc7LfgS7Zljqo^v4%!Y85|62GUC
zgv9Ck|5BTWNPjcze<J43I>DeK>KXPQCorI_B}9n>03p!-?dKahsA(*a>tt|F2hyLl
qh4n&l;{LJqpDP>j!gltY;q*b>!U5Sp`~ZHyOG*GBFqb$cfd2w@cOo<Z

diff --git a/classes/ssl/SignedVncViewer.jar b/classes/ssl/SignedVncViewer.jar
index a795e574e96125b43491e00faae2020cc871e0ba..8e5430848a9fd14eeef98a43eb5a1e95f7672103 100644
GIT binary patch
delta 40034
zcmZs?V|Qg?*KS*}E4FPX72CFL+g!12S8Ur(R%}*m+ZCO9o_%&ZyS@9g`C*Rv17;sr
zALG8m6Cvj6AP^K~z`)UdK>vG8(p(b}r~!qVXrV9IiQmMSEvG+=l7x`TBlMX_lQRM$
zctW5^#zf3Np3L0nacJlCg~16=wp?bq#1)H~%d>BI6ql*#{Cy37pT6T71m=Uxd)R+G
z1-%aQe>HCG4@nNeu9$2E$b2?149@oL>}>B$?SlII`UWDYD`}G{y8*u7AM$H=b^x}a
zBfW4|&fg>Ph>W80BGZx-3V9G<GEA5C`r^}Cd@tW0Q2W6woTXlWVlGI+n(|Sv#4y6o
zR)u)>!$IbCtEir7F$D@x6A*^r*_4rf)#F%jaRvq0wTXD5dhp0#hrp>-(`E*?3!tZz
z<y(3xvJ2xJGG&UT<`%19rmoNy&H`SK)b2Tk6Pz>68d1?Ueo?kbLg7<b89_jdSs205
z(kr;{Sl?|gt1{cZB!+m>BUeYl#8ep?1fQqZ{|#l?y<(RJ%h6~q3OYM>yUnfUN$PI?
z5?OZ<Dz0;PqJ}0-%U|>E3dLL?;u7>KgF3mE&hw_I-y<1_D7Q&2*oc*H6$FqGy0e+a
zzzkOIGWBv!c{SP7bgARYr@>G^%lU@#XgX~`jk~f4A*h2Rk}6JTqx(O}lIWMnm9c@i
zfuMm-)9uh&a!$wBe8(k#A>1PTCSPA#FrjzoagtPr9PC$xfw6j1ZFmZ4rq1?hJ3pDO
z*W$cR(D_ZgZN_Igc{r%K^#*87NZ&VMwI;xjOTbY0St`V5{E@#dfpneif>A}?DFePP
zSISQvXR^fw0iFGQBdI09pX=IfwhQ`*Dlp?ENME62Et}Xyau{3)cdivibqz6BF2k&$
z(ce74&V|bDWjI`ScGoNT)rnE;vbiQtx1<_wr=@~-$oU*d_)rBU>kH^EE6-FQ*5lOi
z$$uMUL+O#IK^TOM<MmJd^LUITIK6}WYC4wbtM+Fp|ACJ8nRnqCt-G?Zd?fFVj_)D1
zU1}oAU|VuQ8UqR>2;X2YTMu6K&I&eC3*{n5j?NKACy*W!ZhPA{LM^?K<nLTmtJQAw
zT~=z8zD|oMX{}OokqdzOafoEqx?1Ghw%qNzGhY9(`I+WCt!vD^<Utt?$R%MKYe++L
zBCjdGyi&)YmX^l#skp`^0!O7?BCl3t<W*0<S5TJ!)zazDm`|A}1-B@tJW$qTA8g0O
z>&hZdSc1XR8Be`kk`EZHmwB7CznZ%0hoN0|Mq`!H+(8Si{SElrlA}=+Rx688?nQ)#
zBHig-v#)s6W7p-Uw&<mfi2`|4!|JN@=W!1YQ6oAz0~GUj=^gGb8R5TfwSQxL&XFK8
zvX2@$chNHS$qaezhwh<+X}lXw>NJI8d1`i;=#99C%JY`ZiU~UdzAztA6=k5HTW}nC
z&cS~CaD)EwLs16q|G+^qJ~$abCcaY=ZR92Q(Zi8BIy1u_1f(Td3z`bFup8V7SmX%}
zs*Vor`?p~c_b;KFyBPV0^2?^r4EtjHts}xfI0BLM<i3rlKgx{*FE|0@9@MIz!QAh|
zQ->x7aci7@6gTK#I2<Xl+qc>G><+CYLSY=R5CPRX$)fi?n`TWqc=jPcqp=iUGt8jP
z)taKIkIKS#Z(mQ}RX5x#4mJ^$Q3l2x&UT+b@TSNq=ABJ(PBX=%jR_tM7fjqwUiapG
zms~Gh1i@|%FaNBv_T;E?U+Bhjv7?0~-<j58SCSGn(HY!Kb+;P4fGL)-ANoEZ3`Q>r
z$+kpsN1O@8*+K;mp4rNP&%n0+nJLH|v)E*j#MTWKdAMm>!7rpyhYtU|jMXOaq$+0g
z%BFG(N^I?GXHC7lAkc>&#>7weEdCLdLB0-j8NP0q+^DNjGJ`F1*S|hLm;{~byNQ4F
zX`Mn$r7x$NsRL#0EIy4YXun2hm(ZCuU*k!Bua5TDG;joYrn4skrp}R1X}da8yM*y!
zpFWey_(;)+J)9-c^+c4eK!4kCwTgl}v57hofYME;69*ttTM_8ClT@Jg|3R6aT5%Oy
z*?!s=6-i{*Y~6yBLPMUnk;~Tb!$Yy|G2hrgaYrMKxOViPx|)U7DuMkfBuJ7jfX!;z
zFsJr7tmU9FwC3Ib$i1Id{*-)&-T92j;{j7R;b4cbWvTr$x2btPXuXi9Obzwv4!J)G
z>SJ{$N)W1}Wa;IYEyn=7vMs!lCNf~jwhJ3w(@b+eK_lw_zCk8)a`tE*%)3oXpWfyc
z--tYx|6rGb-y(eTn7=z%k)X?*C-_tHYz9->RBhZC>W(lESn2zOP55XTXkDa}p_`wN
z<SUv^J>8XkZRkx%pO`~;N50jc_dF#IzAtB{*Q?uF+57Y>RP*;Qw6efgAF>7ycx{%>
zi{LF9jl(^g2m!qmWfJ^VP*J<=H&gaoZq`I1Cw0W#KVJiqc%}_}LD-09d3^H`QK2ls
zKPTLKjL;<-kUzmUiOd5e)XD45MODX*L)0+Q?VZD%Nj4rO<4UuB7JVvNvpP-5a|@;Z
zeoS-!e#hvQu0Mj{q&IOomm+x)(l2Xw{iFeQ8J%j@i`O|jR%u;c9dh`&qS%T)dsBk5
zBD;bz>tay|?p$13fbgBIzp@B~f8jw@=XTAHIt&Q{256vD3`W~$<8p&GP{m!G<HPw9
z;W95*SXt><wpVF&9U;B{)SZbWCDg6`&|~!$vM^qq=~TG^lQ=w2eViyo)JmQ{-_+c%
zHW#cRbi<Bl?Xtu&uR&HY5aVANTR%mb_M#0~G^b>!sE<wZOzJ9q_X$+<KO4C9%E~2@
zP++WNvLbj|w?lMarFBWRYgE1XUH*;uUuv|bG9rNg_)+;^YWyG2Xi|Va1(orp8!EW~
z_VlT?2)yW$zmtFO!f*VJ6-2~ec=ms!BR^Xr<9}It_+SLLAG!PwcA%i!W#Y9SK!5zW
z{D-3dFO(Rkxh4m}afAJPH}%0C!v41?#XyDmPm$bBNCwccMKeSD`nsOUS>IZ}Zf1hc
z#lR?^W0(WglPK5{-mny|ex1Vz9v*AN-w3_3-;$S8QjR!_Mx-cIB0_>rFYX;D|08aF
z=MO^YJ20GqMcAV}%tLeW=7FgV%lQ2^^SSeo3wYj-ZKDKPG9oqVAOvOiPbp9@j1Z;u
z^{q~^Oa(MAj~D4zR>9b?RX>piKq4q%yZ<IUs)u<&B|y4;9(iAdPO-J2-EBc>gFTh!
zPCRqx-n3=eBCW43^|ScM^z@_2yRKlw!nL_!bBg^ng96<`xj1t?(2FnM%Gyghg3+Rw
zAT-^&qP-r6WjjIIvyr(jOJ5H9aJ{0o9cR;wE(lOz$#u<!;AL;o0dFo9t+c%LFokS_
zIVmW%)!&|<-%gaebl#kqB9+gjqcNPStueu0xu{pHFoD4#uUue;a&e;**8G#@Iy^_W
zJOV0H`oK}5EU&=3oOFeK>9TMgECN%uBWJz<+Tc#Pb?_X<st~Gk02YUjfO$NJFJJl&
zwFS5p>~-PfLXx-GbmZOS$Z$^nq?Vu%y)d0c0BsrhyC>?vi>uHspVnltdJ)&<B+taG
zU`~$?jRs0ayuRUoRm9`Y4U=BBe9&IgrDqXfRW%;3lIXIPlwP9@xhad=W;<?v&;=(n
zmFC5v-byspr8Xm@4ceE3P1@HDFN46p84P&qPKMLe`H4tM<Vs*{b4Z^OGsFscWAzJ0
z^|nHqqi05HN|f0OIXzVhEmAg4Bop74f>2it8slPDjQYK|v0P)lw$wO{x1z1XT3GAm
zX)Ow<E^%i*tSXK+uNbyjFIQ@uE4U87NX4n#)wOPs)ChdeF8;ZgP%)q9=ia{*GY6<=
zG5rgls+M~cX2jFpZ&OKH$qBdoDA8qZ85m?<nM#>26HI^~YCPPz2IwN?yxQHso8{{^
z9IgKKP%d;*Fb@vz4Mibm%&!+9c4JK36OR7KuYCq)TY`8;<`;tI7jtro%B%2upZqVp
z#2LxxDN66|E9039!NH)8s2XPE!UI4wHh46Dn&881X17ggDnZ%YQntzg?`wU2=dcJ9
z(~5igX;QN`M)sH15&(MC3%oV$!US3$3z_SJDhPRU1E1X(=)6kTlCIn^0b|z$Ohb#?
zw;q0s^AuZBcK~JSnNqJWpQvbI3ikNpTWWpD7x_jZr8GL#aLa1qqd=U|CjzMG9?}Yt
zZ5eo$kwS16l&%?ADS2dH6Iujd9hvVk1(o_^WnuHOux>m)uz(+0r(}WXBj}^)8PS`b
zpVt@s%pCA*ZJ_DXG(Y>2S25}h7UN@+;m~|xc^a)ei!^_;3+N3F?*-!h1zCP1C3!?W
zKeebXpp95S1MJt`3yd<Zi2_z{!9SzQ&N#Xy`wo752AVulik~rd3jrP=b%Er6q0-L`
zd}Y4(V7L0+CSd9ynKe)gvr0upY4<qB2-8Sb)x>I3$FO2p+fZw$KaQ&$Lj9*jeYEn}
ze#ujv<a^`9rj;tC+_`JS2x{u3dAv``rQN+&Y^ET`%lXiB(X69Zu>tZ@^OmO<^D1j;
zp4l|8FV<9=v1vQ)3;))#TxQSB5Fc9MrOr~RDlLr1!HOpXT~>KRpNZqz3Rk{nkcsI`
z4(>LW9uc)hyI{Q`MC%46>WrxI1!I2hGjoUNxq^eaqA|`f$Mtf2&+9x3{D+c^+ZN*o
z|FByO_5V`xKjsGg<3BK5CZh$cyXa_Of8%>`X-rHTdr3*A=d?$XPDU;NB5rQL1*-p|
zY&;+VRwz^H$^ci~ihY)R>Z&_a8q@t~Wr#0zU?E`5ti8gf9s?!vu*_efJa+>D0oViq
zH=8!Ajr6SZF*El(J1@Bo0xz@QZwEX-!tT`JP1=!1xTenbN(u7z#&7}c=ps;gN3VkL
zko@I$C-A-z2Sdym?FCSi{oQ$RkWrAufe>KPkkXL0U^0;QxKz01SdQ>iU}|8qF73>C
zfn`v?i_8tV!u)xwMpmEBA;4(8A4q@_##l?3*q-D45>FqEf$=r7gox&RzQTyVmxjt7
zZ_lXsgEioNe}&ENJum}&K@66L(jV8;gHr?R9DP#{Z14;$EOinIL^RyTwObd|w-gkX
zd=0or;gKbnT`}ycsxjIWb)kt0BN%u>b6nF)CXo<lC)1iTX5MPAEJ2HkdHX7Le;fVQ
zP=1PW{e-&!U8hgtx8`XD#O;Y1Q@+caI>r_76-6Z(0an}(U26a=j9XeZy|R*zZ&|Jy
z_MY0AtsxX!4(Pr*T&xRviuPg{*l}dPY7!<F?iLR~#>IMm4g;Mlk1-C(b)sWVoY!+`
zHq*YUvyz6gmWSD=GBSqMP}3dPhtYK@4z^Rh$6IKI*Co6oU^JGcavzsFs0-*{M%iAf
zir0Q=Sij;@Fzf<Iz#_c5_E1|wA<nX1DSE~HqcdNB>6>6>)34`cWY0u!>8zB{R$I5w
z`6;O`pvK*cjccb3KJyiv$F<XI@EUX|ze>N>s<q>rct%~KLM%+_*TbbT_N3J36yBy#
zX~v})E`OkSQE;L)+fq<`*|#9&Ylkx-&Y)OFJP~@aVr&35GbYyO%rnLqbd}tq0<%dH
zR1s8L;Tk1T=nbkBv4-Wi`u0R?G_^bSX*$Fc1S}?6#5RbTPuOjiQzu(1y^he0&|w?T
zp^S@fsj#NG5#bUw*p(X8g-<*eD3ObL-A!v~Di>-re`3ozpVpRSoxn-sBj@-mJW#1A
zll)+-`=tr+X*dH_qO{}nnJ0!gmcmZNM!en`p(=UvY5h~|SMbTo+_BYBn2#p`2}A4K
zC9I^*Zm=YiQl;HoPt{r59F@WxI6-!(s@Y3TKVBd*+XiZ8+C+!%vO{i%NzVf<N1>tI
z;>_IaV-dtv**idBiYnD~yzE?VeVWFcwD4q~Hah{p{BT;3J$dtx^~LnavLUkNRBiS;
z%ftePMBePZt5z@4kT<&Sq>w>{yro-3l|;f*V0m*uP`6QSRg3lB%6<G0Fg?vEJyv14
zBmKzelnWEC+7N+4?+^zR%Dk1mW=8%#z@)e~4m)r|?HjJcdPYkX5h^WB#X9sH8m_ye
z0XhI=KQQVtJyH8u?|h~d8z5abxaEu!vVh(R!4o@{-cY|}-v54}a3$;&q~TNB`1HCq
zH}=qL7hS9J$@S2ka+9{PZAu9x{e0?FrR~L6T+?=~dRB|D9OpTU*jI!LOioVzyTGR^
zi5cBW=)V6fnlF{EMrY4a3P^|S7DCp<Ah!Y-p<xqP8bdcwPc~qzQg58XR_^E#B2K3&
zrB*rzeQm>%xm7J8U_UFP5^J<KW;7Wr(epB|eH^M47ft>?<*A4PjS7xb2Ol6Uc`%o0
zc3JW>3uXIReU5-_mzqax=eMAxjgGRl1!}&l)<dfjiMRdvRJegrLI`S#|HOPRo01Q>
z71|(JW_oXaBJZLiK20`>$;*2<EuJN*6go99_bUyj&Nv%@JEk3&dZd+f!TqcwmU*Yv
zjwL}M;u~kLH+`oe881+4CReGl1kmngl{Uop*7SGH&vYRj@vQ-U=BM9JAGytirR?yF
zWq6RrcSI!kw>u#7<hFwo39Su8T+smyuXz<dOb<3|+17>zz5)mccxyp!E&coS_174h
zv|fB{WIN(r`Y&M@ty`8lMt(0+9`z9J<q*$#7;AeNYhW*4H^KDv;n&G8d*3o1WWTxR
zJa&0Q<z;`9{l+g*d_FmduijguiAyGor^LmA9zX@jAYwuea3FO@3?@r)7x4yQD&*Sk
z9!?u_ReRw|hIdJ@tANErbU_lVs<iVi_n$dFZ42zme)u8qHe|+mFbST$5*dFO;T?j8
zzbU~#_{-i(FahI@A_;+$zCRppQ9Z*cZ#DQM0Jmgc)8T9UdB&d~WIRLR>uP!Cvv(4i
zlY}O9x4?CL|EQjEg(iVJ)=L262h20a7uh?Hz~tAs#9H4g)jOjA=K3U%B>eSl><3|d
z&M|5ta$cnDeRLwWKlMF)UrdoF&W!<MZF+e-Nhi^GNC9LX8L1_Am7XK!ooRM$YyW8C
zs#Au%cni<9F+ekXFS7Nkf_?>&NP5M9^rGqXNX7Ki4ex+e@}bNr>x7nR(1B>^B!XLF
z33=-4zn)^)SHubWuUYaV{12^Y+Mzvz{I5<-vNVGJw+LV-2mh~ElyeaSb{x>u(7vv}
zGF&{kh4C}?SE3-mUnJV1%h5L&XlQq>&!i#cFyNWCw&_(?*Bg0sghW0@z(%3+q@ZC&
zLsqlq>_WzhB75JhjrVs7^18a%OYK9Xt~*YAU-E8p-gBoI0owp*LzFUE-dK2IT4v(J
z<cyRt89Z4-G)76hh4*N{pKjBAGuh0DUGzaC)QyDsW3@=D9uEa`GIMg+KYS#2S=$Eb
zp23bOifByMy_Jlu;O;rOI?w7ozFTl<_x5X#!6n#%nriGKfp^<lGHM%g0^Lcgmc3)6
zb#H2ns=kX$nv4ql1jA-ie**~#kk`_^(e(cMG3eRS(F9((_~#!3HVEm<kF6XEW+GaO
z2Oqdc5Umjc!79EnWDqMII%D0ND&yX>hTXTg+LS&OL(6a}my3JtjTpDlu(q>kkf>*x
zsQW01Cc2M3(dlFMut7AjfCO+|cXWFhp$D7=UfU>G>k}@`dQ}yrp(xwtK|!G&{j!OX
zPI0nulmlXip5ILX#nCQMr8<2JRU4J_-e-fYRLnHB)NoWes}A??zG7LFU%z&mSlJbc
zEE1Ar?L28|X*AI?Jn1TYZcO>_gT>rBbWP|X$<h|c14XNP=FUCXlW0;QpUui;?CQ4v
zEEwLrv7WK=1}J?Q1yC^(z&-*WPOo|KT9NgA8W2He8$6H!cML4q>j7h9gvb@5SLHg9
z>&$H^Z3p%v^$2akzd9}wuz4DOvL@>R6)9X0MesH80JCqP@9S}cKTh$CT_NAkz)a70
ze=a~wB>>ByZhh-2+xtHenD2pLwLsBh$h?d;)WrtNJ%($6{?-Y|R#pb!Pd6r8f$>r>
zpFdON)0R*Gp3;5!k6-qOm$~w~;VDhId6f8_p~Mo~K~9)~KV>E48~P+nN=5#7;5i?*
zWh0-##qACEi4dO*;}-=do{9E_o64^4j8J6G<t^TjrEOhaS7b9KMYh-=GnW>GdwkKD
zUzrld*Q`gj0G71O{RCk#mYHPTIMIj{XgOum74s<!<Q3t{sD`zy5AbRVr3p<k8H$87
z>ZO10()dN$xT3F~v2NziIwkk^BR-P*7uMafK72~A-r@Si?wsM)W}MG(e{%dMukLcZ
ziSz$6dTEIN@%ts?@lgY8RB+X>{L@1C#@z!GQ07)zsr7L{DVR&5gsaE{)CWhxT1&Ov
zlKB!sO*yt~^DEl^LVX;ke+BrfOC(`u-a)-`;5{WD#H8PGFTY$GCoe2b9s14s@Xh*g
zy+3U+_JJn!OTdmg{t9pr8onhNk^#xl*agywh=UB}%+0dWf!_ieK_TjxbQR~qHA4Lp
ziE;arf{@HZyXoX<;j3UtIB5qB;C2glJASM@zmccIIcp`*26Zz?@<&v8iVS48m+sPc
z)63sPbg>!HGofL-LNXKp|0FSGY%R666t^CbSzN@KWG<qZZp}@sjQWjoX^4&L+jF~%
z3@UE4jyiC{K{5g^25ld#GpCGZbyuchO=lVqRE8&5!>l+@$X<<2(#c<0)8siJ8^gxa
zFH%9<R-1)0*#<7$>^T^g+vQ${M>|V!=Az<^GOITA+b&^O$#WuFknik-GkI@1r=lO4
z+ZD#O+`7gv;hiKn(<hIs_c1(Hs>$<^3TWg_ltEQ_gPQ>%Up{9Twl%`U^InU4?kS)}
znT<kPMcDQ{2hrWgPmYn`7a>=It07rqi;}Js)7B9BX$e~NE;XYsE<EI40&hiSDk^77
zrp&35WE7_Wirke&?+FO~!X$#6h<YrVBuTfydkQ(+`o?l&JXD%rLS0B!JesXDSJf-^
z=W$UiG;Dx1vq^Vp8d*)YF?dWzDH(e7KQt6-y5Tj2kWu9(Nk%#&Kkb>=R5ypwhPr6B
zhdQHP?gFC_nM?N5EIr1m)Ka+H`aBAr`!!&*yH6!KSKL~)ijEysenbuvY@#qf6vWjy
z0y+KE%EP<b4IDjKjvIyKRuT1?|0Y1Z&kpr4Y90XMRyklKctCl#lFY4f-}Cr8g$HFZ
ziLT0H)GD+~yZW|Lz}qU(t(^VTvg=$nj=g8v$Hlx%auwPJr?d9>?6OyN;}bPGpxVG%
zl3HAL;GGd@64d)o)Y0!i5okN4E%67ZT3}1~?{8Nn)_=7hP(%BPu~ys<=`Bbasu8DJ
zaRmd=_W9O=2|*kvPo>2fjF(|t$LF{TAD{4oLpc4si7{~ZC2nSp9-(#R<Fm`-zaBTo
z-(xN|L@0L^yCJ9vuGd3vSW(D%Wtt5*CwB%J0bpWZdCjv%)&jRYkDV3vHv_*BUs{PQ
z4txyXoB(ivdf+elheP3#is_O&>4^9a1pojh7+J{u-T=m67bo6#(3c!Ma#?_6Z|EL{
zcnF%mX<?*9T|1Ce6e^4JTq-^?pCYb985Ice5J#C6;a!$I?E8DW>Hwk={2oztC>|>j
zFj)S<nsm>Ykq8*c`M_nE=sU>zfNDJym{0f~q<?eprP~>yycgh%JfYsM@=DEG7E$DV
z<`M^Hdv-@sM(|Pp*b*YU9`KFQJ}ux}zCL7fgPVd1eM2_tiC_s+p_5#(YJ4_4Huw)z
zsNdh3>HkTv^8c3L|Lwp{@j|Q+|83<X;u1*zEf6&j!2VkhYCrw20#lz0@xNVO#f}W{
z20&Fq`nJ#Rl^b$qYbHt|C6dkpr6!6xN-7E!&VrmYLJG8d_`@LQK4cC?A4SALRpuGg
z7DPouB=@;C8@_W0^-U!(a|x*|Z7GnM$>DIF$?<*z00@BBLnDG}23{>&j{bz?`Sgr-
zVhI>oE7`XbaIf+N#`A%wn$$)4fmj0Ow2EcK+6XItPzYC^!VpF1AHP&EeXJ1*;y>Sa
z{H|z@lKrvRkQ;awKEgT44W+sU67ni8GJ_cIv>hKT<~ue54~YfO!a23O^<#SoSzz13
zH)VhsozQX92OF<$6eb6L7fl|@5z-=)8~Ag!={}r>U)f1$L=57<`++4rxk3)0KBI&b
zbG3?iKHqHrEY5?!!Q`WnB8rkGM}n^27lflAFK{TjdV~*Tk&-Qj=d*j_ck381n>R~k
z!}n1XvOBZS#&gt0$dtcpp>MM4#Gpl3bX2F!K=J>T)Eb5l>w8g?qRPZ<p23ng>ni1w
zy`4%S{}kBW4Apj0T$9f-RcH;UbM0=n9zr-mF#%zuR<<N9@@_NHG#CEEmzJAI4be1I
z;&~)ALEO25Ze`>R!2{!}?bW5zii0Oo-^99N<@O?Dk-f}-*-#l48)2mxx{R|Dz*6+L
z?S2o1fi^=os?sc9$9(<QQG2(QS8@=Hf^OR%@35)W(GuBElvZ{otn(tka8?r<FHgI0
zLwp5SQ=PSD_)`(W$Rk6hI+9#*NnUaR#$uwoWdaNI6PNrijb^(HK6S}izAF>dk{8>X
z*JBd|+&LC*a0d!Yb?#P6PcR#H-66`Qr3OCD^qaH9)-Z*;Owf|dXq44kt`ijv7V~v#
zE1)ZEGUywq!9x2mbvZu(Vbv+v+`Q+IEkdTo@LEInw(c%A%;7FK>;_roE;x+v4z-2X
z;W>MSSY=3V(^ychoH}$_Jk6V{@OPr3lg<$1tJ(-YLLYJMz6SzeH!7^Fy=;#^{4b^P
zBmZWl9hLldaZ*cM?Pp_lsg3zMb`&<3L>6BAPD8i1;-9_N#v*Ni#xdXR>v9~9qKCBl
zrL%$5njamzHx2vB`sPW@qY2Dv^<0yd)dHBN;>-;zU0wV~p)=cGHrz+N$b0Y7eE$@g
z_|@8MZ-;pea)=5;Gi(X+nkRJ%o6PHMT3~TVlQ+jz$(@#tGFhvv8%{WRU1He$Bo*m&
z&K^Cj&arM}#hx<&)E>dbZ>6B@?_0Z6rBUgjpv0`ppM}x&lP+hmGwQw8d%h>!(k2mw
zlcPm>$O=SknrNL)ZiV^!LYM_-NsV*th1{=?7SR>UIxlz{CGit}c?Od(l<|9NImVVO
z)o!_8?mFHgx|?bG4t{>((hC|@nZ0>ST+n|r7J|UOYp9I@-cJmr5QoNpkQnUUZmLct
zXhWMfA|?tz`3L96m{KBGLSP|N6Z0LQ)e^<|XJ6rhG~1Z?31I%}Ro)X+C=B6E1xqiP
zvmgomK+4`jtx}?2F$`J@(QbfP6y-UN;5?4}$rc5U5m{5*0Kv@o!;Ar97=#x`$c+UH
zYqVX{6kNLzFwYTlCz8Pw6gj?2#=X>xDv*)GW`mU+t|$}UY3ew^RQhu-bPVh-IureA
zG^*Aew2L?sA6JYwKROdBXY!Bv)DYN=5#bg%xD2@rybwuec@UR3G+!qnkO%k9Lm4{t
z{>g1CejaL~%RE?1!^6bGj`<>t%_7-uZ`)Ev{$Y7=fGCQ}i2W404-&dhgYxAN<a}ss
zA+A%Ru=Zm=vL7b{ye`taliuS&tK>oL*lt1nZTwi$i2HCff{hUQCm8Fv3HnKkquD1y
z#BO2NRCzTc(VyPk>tv=<$G%Vzqr(bvC?!%zMMlW8R<Ovz@kP^wvceA2M)T(*HPcq>
z(cI)Hz@Tm81{&eO{^6hzoz=741A4vdGW~0|9~%PebwUYJR{i5RCtZO9{V?+VJO3MB
zR6eKpfn$!e6DYA0EV2`h+&+9-RFfvfj8O-t!a*~-1BQw8oUS_3&mACbECe0xu9|S2
z6QX?~!@iq2*KE1Y>*`JH_$!H5ZwR+jX1Cr5m9JB*J<nMy=*Ab+e>zJ{zd$(%<c}Z0
zu>Uiz=DE-S-aJs<kiKnodb1henyEvb!(|rHw13tJCN89@!_wC@2Z$lJO{Y^NT!u|U
zQf)`Q#761T6b2Esv8iz_o%nt1A`;A=eDAxMbJ)Qmcrmg*<lgw6<gFWgz29>ONI%+W
z#?=Zh8L|eyWApYK!UaS5txdcVLxzRfKbAwk6RFt(9tt#uutZfw+0l%6qAwMZABbxU
zz)N9ehQP@(`jP{ufyJ=E@RTs>2qqUyl`gf*c_cwh+Vck^#)EJ_PqJXb>0O}i)UFex
z0+VObfC^3CisA@tW&Lcp1(twL#K~=U80KwZSo$rCN?ko-ow*>gzRF!^6o=}i22&>o
zd9oA$Ti=cxAL1+RYLuaf#yq1(4L=T_-N&Yp<SOmTQ~@_>L7mC`c1DuIBOE=Zu>?7q
zcC5*rit4!;yDPWyZ_0rt1vTnkIdYS?L%Z%#<EwI3+*X_7!0V-1+2#S8m>C_fYhMJk
z4uvt@De{yS0ejI5EX2U>7*>`<;{*o{m1R9(P<fy|t(<zbWPfYnnyu4hn0hla$^AE`
zk$-~Nvi{jpNe*-e2Hk9Gv6FZ_YRi<nl|$2Id$H;iw0Uqs*VscPw?=WI)oSmGQOPC2
zI+|JbS6p1$&nk;>SMC~ht#JjnX5*eX^z!9~Bq97@Z%Bl4wIBF4Z*xJ~=nm(ea1OKp
zs&Ves_A&{IHL}o7(}5%i*wLR}OQyI^jof8ht<R4TE0ehu<@CuQaqGp|0Y+h9_Db|T
zQ~r4QNDeeuO*`}RAwK0<97|Pkoq_|;&lzk<EOVCJ3qK!~ssrU3d3Lpz!r;ZG15gtK
z<!J|k+zEA7An6geS9F&6ofHi7MthL~tMFuFN2d99cH~{o3C^62Hm}DCam$t~4PgUD
zc-RC{s~Jo6b~bL+!bNdKo*F_{>H(Vx?$JVDJlxwu?@NalmMA3LaeH9a-H_vV$mx~i
z2+DJoWK#E>>DMB@#Rn!ib51B1=(6n{PUk8ctx`HbO3o5Ntx@tzRVQs=8D|k-zdFvv
zm%r`+^yg`NgbX*oNLk!ub<NszF^5+bi;7xG%iKzj-t%0){N#El{d_U0+;bP_dvPYo
znOWX!11}Uc>cDXhf<czaOnU_o(Z;83-1--57u~AnFODt~EZ6zdVpkj=5_OT``potI
zDPvN+-t|4LHmqtPnAKR}g=2Jp+(3#EBCmdx5l#>GxGzhAq1Vsv#yXs8&q0>0j_DCH
z4^(kPyKd&CL{&wdFrGpmt8NPL$?&?4cD7_C2L$DlP88JO4)D!pGSU_MBsLTntEBJ;
zXL4Wg$&2zVT<(IRcoY#CuAOP|iWdrNwU$M&@H{C}c|?jGZ=J+n+W-bYaA6$orGnH?
z_GT(n->7*}^aWIhfvs+~o|)>qRvHBw2;9gpaz8km)2`}W`<T*Mwky6{2Q$c3Ge<v2
z4pSz%nrJKJjtujy5gQgyJMr3)5r{{J5$?tX@g=82Becmd$o!BL|3l_63&nmzG%)1*
zs?XbwdM4EYVHJUJac4>Zv%8kiSY4N?za{^;KG}3?`KWS~kWd#ckW(;6IFK_!*a_NX
z#3&_#lnPaXSuUsF)(PckpN(b&TQ#~#lV+wsJ_ktS1TtOQ>(j9Ppg|of$bZ)D4q?*y
zVFGn}fZiEYSQ`}tg7z{5fFRfVy0f15WDZzR@64K0WApog`mO}{^}$5#ik%!KY$Z!^
zox<?F1R{F@blsPyJcb`Erk-OD$h4Z;PX;`9vmM(yk9UAiF0@bcY|T_IKzo-tt0#(&
z@s%hIjFFyw`o>pwOM-Y-SP3(inE%Ln1w|cEn?hf$m(-Q0d4>JA{8=OF9l*GwcaONK
zm+_7F+lRWu6xau3yuwh9%${QQ?N`3WHoN7ssw`O3Q2XIBf5KK$1woiDrH=}KlYok1
zqDY(Eg%T5j%S7)mqvF;x7n#tWjgfZ0qFk3t9?Y;+!fcHU<O&iUk{iOjgkXLu+rx9T
zo2~CsBwI%aP_+vv(R>LDe#FAwAws+|O4*V`@@~HT+rHsKL8G+7RXqM1WhDR4{?Ih)
z)dl}w&j<+<{9m2{jBFzNuV>`f6DH@>{sOEi?7|T20s_E6@A?sUC5UTP46R4N;(V_-
zPx5?b-26X2p78|{bCKk9E%(qE7<QE-)T$xc@eKL;)xt`%sW#47=@1uPGcfiQJCzzJ
zZ<w1GOs*&vsD<j^rD<ORh|g#Ce*I=*gB<C7M3bJBIErpyBjuktBbzARKo;(Gbp`-d
z|0v^3IyQB^*?RWJdm5Ke#X18c6Gq7uZXR!bS{CKe4&-VeMMk292kS~*iI+AH57uve
z)?HFloN&u1Tcpg;l&FlVW|1zuhBM1XFF?O3swG)mKJm)nMn`OD3Pum#z=v-zuR2w1
zu?b*=t|+&!p*xwsay~nIgVeS(1OhIWQn3eT>>!z%J*a{3&h|CMY1KIqe!TodEMabd
zN1FKs@|EM%9_d?xRo>*Vg6*fUH1oA_xH5O0&UyYVD~qqjuVu91M;kUN6+zZ}1}lU;
ziQr?BKaahlT?k93AcHlGhB|HhMbF6FlU7mugq|`^*tC6jHqCz*ao(B2eU#<y;Fq)Z
z)vZ?ejPtG$Mw$Rd9Oa%pG~X~S<zMKrsJ@yoJ`xK%i`O}fQ4j6PenzHsIDP*;n)0JH
zuyzmR#}AbM>u5@TJtaVG=id|y?aRKAd=iDORMFCAqeRY5IDkmnt{~semL66Ww;Zjy
zosMH%cx`S=uB@B$U=5Sd*S-3{^)hDhP6)^i(Twj@OmqI~BaZ(m;Coka(9s1h2_0v9
z{PlN+YlrJ))5W2;3t)jPNXtMCT~veu<wO<$G{aNd1vW^#76N2Oov^o9yiIwL`;%cS
z=ZFtNuoR*gh!3cl^OPNN6ec-~64dHqEWlr@WB3Oa7)=CYEX;T*54^BXOv%jPC$N&7
z^he=9;Gvjs`lI2|<wxs>?BF-vlg4{Z<$v$b7}oywU{<BDkfR*J7olu9_&1&6gD;Sb
z)PLj+P8pMP6apA!_!0^5&D03l@ybLvpGVDD;E`JVG0i%jfzhje6Rop5=@8r9lXPu%
zQ0}T8v8z3yAIglq*mT|>!nXsWurVu#)pC*KB;@V=RVA@;T*Pj^|JA_cD*lz;QkJ|t
z<;r`e8J6ij^o*6f*(nQxiIr-~;BfZQOuUbXe$}E@4-P;c86hGVHG=Jp`8ONW;Fwip
zO;G8Xvtws*t!1RK)Q2^si%2hEz9i|u4a#b3tlX_vn{I4gR}aI-H49lmp_!=_V^n4c
zg!{uIgX+lgTiPjlFQIBR>&X1iczNtrB`I%W(XcmfgwttZ5jeB9Q!%I{RAS)3oZ$PJ
zDnvZD-5OvqtH?riS}FFLh=O@U(LkI*J%~|9pUxd;n2pM1S$IJ?0X%UCUL<>=xg{Q@
z>3Eb$g^N*G+8&0^9RBXQ#t+wP_-BO0q)}Lpvn!&!oGIH7TDb7x1rqmc#zpOEwRmiF
zWj3jOms5Md{ML#TW>b00&=tHP^m7(P8;aI+D;Gd-II9Jgi-&*QZDNogL@zRXGjhXy
zrAO5s|JkNA4P)dWKEg&7lN!)d8Qs0mNu?V$+Nja?x}agn%DP!xX~S@03U;W*zJ3+?
z_!X||?o1$ThP+<B+S2$mO<L6dTGE}?BIABzR!hq*d=nwAkSnKPgUeUDx1iDFJDN4=
zWC!Stl}29Clx8ho5I%BOVjloLoH1`ra^MC^e{&gezl$sh?;{j3gWgFk6<P)%GH2oE
z&r1|7H2+vZ%MQN55S?aIF%TlX<=57wr2)0BiBMsr^H`)h<bPI*96>nWxE-s668Ib&
z(tBkLDTc6p?-u<wPYiz!Dq)mb`=#8o>I%T^-6+=-Z<$0!!lPX)bTxrUg}|XbRqd=|
zuh_4FQ(r~Kywy|H(-dS<<%@?hj(%7ps4UPDid=c{RK$|z`yySCE3KA1FMh^q@d~LO
zcz%Iy?r#phydaysM_sDLT!x{nU7v{^{L9`~Len;1ACsRE>ONgC5bWL;s)hMSMHuin
zcMNh#k11$r5V`U-O$t-N)<M(2P2Ku>{n_`TuOnq|vL^_O2es)djap??jlN8~rtk@+
zcuQ>U6b<`iLNm%mQ|*N}Qg%9kpEF>AHAtdAg6WAM<B9)r`?Gi0%~x!p?hY#L4zbq=
zrPplvHE;O<s&rpsCG__ilfOBRzmcfM9jy<T%%$AN==SK%CEv$*+U;tm^245zQm-dG
zX(2BR&#6Ar2i$-3W?UX}{P(}XSs%>*)SLhGD7zL|z`vyzmjCuv0T0jC0{0^vtShWo
z>()YzA+okMJ$msU&_;+iqzhN?PM-Q)de)|p?F_7ryFnY$Q6#yTwycyDL1ok)qC3P_
z%x-4=^7(S19oEH?t*ezatC`gYf4&pG8?KF;-@LjYbJ03D-1CG$f4tZ|2y`Hus1t7-
z2z(_cpukviq&^DM#8XOy{;yih*j@3ZxLP+IPz6W+03F?etrbV*t`gipg_)s8ww#j|
z=t477<*7FUfsT!yOv6ywUc4WR#Q=1q595Gg_n&#@eusWK$ei*lHQYk`GBpy0N7>JW
z0M5efv}#_3T&;aE2`Q+by6KTn6@_9G>#fBBICXNeF|LcbaxFx8+<+(#y?TzkzouaU
z!$~&GtjAtrdn}$z>uz=*VO|@uK7%x!t$hitAs1zgFE99nN0EFsI;D(fr|R;W91;($
zjvrEOrwy2cg7*NeaBi=~@lw`a8=mz5_fuxl%?;W1L#0Wys9JLQjif&P)>Zv8@<0ZF
zuEMSsp6UHRZH0SxeFzC_f*>uv#vY#vmC;+6)?t<<zx^dUD4zy}20z<lCrOxR)LGjx
zC$rX|H2QCLc7OR(%WMMOQL3wh1%xuXscDcL5BkyjVQ~B}SCPrstr^)*woU>CL!7ir
zPN8Aiz;&!fm_tKUZ7%_^ut$@r_3a$MnGV;`BZ3cAAa1*qWd%t(?HQwi9-T*4KOUz`
ztiB`vfd9`_G!!bsyty(rhbt2gn|WJ{RwR@oJdJ*5aY;nGtBq3$`;brD%;U&<n&1ak
zahKAou_hQ5WJA)22d_Qc6S>tKRR2s0LJyjJCHIuo%M0-Yo;`>U(0+n*++81lj`~rq
z1T+!ZC|<b9k=!h*uLAB0?CItsf{~N^v-GL_A7uYO5BCGPa1*YBu2a?3HI~ZTjishf
z8yXrIsjFtLF!*W??r+(OCNr~e;n9s{+6f4Xnvb@tX?X9573Y}3A(P}CN)C>07ul>P
z#{25?Q$FZjh^!oIZmGYqlMRFc@dn%c{ysdkgv;mH7Zt}g4|c=kH5FQm$1<fF8)8>6
z84TuS)l56C=#bxJZujeiyQPzqaX_-eGRF&H4id>bTf%r`f|hGDMUQh35(A+XS;QB1
zUQmGpMZ*!X{u)fH>yje|f)ZX~19i=hF+ajQ9~|Nd0Nx&Qp@yp&_C_zDV(z<wZg4Nj
zjBIG_m-=U|4|1Z|60f-4E-8gywK464MO8V?ys8u>LG?<pb~}UCmW1|TyrPd8HcXE_
z%!UfBO!+FVr@Hd~6G~oU*o5O_`8|YHRT9OKW7G!9qt9*O5DLB5pMhsNY0EcuoYm+o
z(}ezNucCT0di#<I5^X{NDY3=h87NDH0zE<_;($Licvssw{dv~lk3HzxSJ|xd2zi@o
z<x)~LzJCwf_+HeLH<Y*&lH&b@_){~>*jA#>@ta+~;n+T+#6M<2|3YCN80cyO4zRvJ
zzD<Hy(MH6SZy82z2`W5)@4tqyZI)^C7K8iebAL!}NELWjlIChFT0&tjNd_;8rdMRj
zieD?!`U%qbN!mR!UzN^Q<o1%A=v9b0il#B<0oAnfVy+MwpuZsg12$IE&;6QzVB7xx
z0~>&i!Nk_c#U)j3>pw~DJ2xST96Xx3IaOLOL0Xuqz(BHKU?Bw-CqE&;H>EZED2Xlv
zVcI@pKih=xvBklC^z1Y`egzx6EO$V{;sfeKCFf3v&qIU=W*~8Tvu=m$#AAl<Wixx{
z+rI}YAIe6*`9K^0kK<M_F6`g#@_}%-Qvgs70t^-seN!3f&TuT+TUX^a5zk@LUULAS
zOT4E&8X4lH+xDp;NC_s6`c<^ix00yTP<J3CNDATwU6wjS9qEN=Z@_|J3fcOq*~sk?
zMIN|+r^#DY2g8$yj~N`&`I=@`7HW4|?LNtb;1jWnsCo)v0dsBXt|bXOgogU|1SlRO
zZ#E4>z8O=|vt1KkX<lO^zckXT9l6giI}(c<m=SbjZmqPlHj+7g%Q12YbxUj-a^diH
z5ce{!#_BYmbo}tvKDC*TA(rJyoYa{T#)AG}ya<vPXI0s2&t;uTL3IygW^n$u2}qpB
zojrExY_}MD{WSBrN~Gg=HQo;Y3DDi&t!ig*@~QU{J`h!>53#QZ9FI)QFV?y>oDYZ6
zBq^u!5LOIl#cn}LqN$)$n>=c+ArPKyprNxhF5n%X^v;xn&|Tu!$&BN9OGQs4)pdUK
zW*L-Sw`!p;{IgJyHZCgTL`blocu9a7p@EY`aLP{?tm2;M!I3Xb;I>u20$|rssLHCr
zK_*mBAjzrv2et9^S_XBlAB6DLDBeAKl<%BS;W1$yN%Y_%oGKub*u;2T>mDf*kdwTW
zKUp=M3$58|uuG=^#@-ZpSaBoLhWvdA2Thl@7_sEb<7xFdhIsuEk3Vl)=xF!jF2Ip|
zO-iYq=VQ#Zg6fP8jKpLq02-k)741|7WkxD%Mw1hq8WYrgPSZ=ujhfb=_bBX8l?Jt8
zEOp%saOrdEPy1;GZ`yVyA{oBaT~%CMpy-tuR}A2zUm}%j>!5=z$efiN?R`%NqzC=O
z$=zuUH0}mtn}&{o2FS65+|h(9`u^HHG&@uO;8i>7_VMdHU5w>7z`Gc8K?+XsExtH6
z{@Kso|4s1j73A>bcqQ_OF7$nMt^{WMcCDVG#;HZSe-K?H!?g`@RS_XEFlshKhl9a|
zkzU8sluP%qa&RB^g%6t0vwV-x$1^y~tIr3s%)e&thW24jr`h$1)jjH{uCsOTkNA~?
zr6VVAk_q943!pC^K!bvS?slHDT(G30iCLphLbu0J{(C2McBekLP1uKr^UC2+ODS@d
z$5RKVGu-;`rois3pH$Pkb;QQc560VebIC%nQdZlYO9suapi*U}CfEIpTs|6JkJC0~
zGu)HDfwY{ror-#EuI-Ib>+O#lb;}lln-xGJ<?QCt<<BcWz)SqXUt@vf8}ufFL&e;~
zj&#I9&gy)*=KDvCZZsj(tuX1K)55OP0_4X<sxV9VBD5j+*aNuEct$H&gGIL95>9<(
z&^jwfz#QFIA(!(aFZ&!Qgk_@mDTv%03SU9^BbVGf>%u9m^nwe@BWX>_QZk%|Y3x3Y
zxfue>%JC*B;r|L>4Q0`~&i@$Y^?xzyXD1n;rW3|jW#pOD|9EQi@Ryv76gA3908xo6
zh-g0%6<P=^y`)xkc}8nNY_pV{a{lS!N$<fInko`zrGlzrRv~md#*5zY=Nam19lwWP
zZJ*0^kCwLb<EOy)y^;BKCM&DO%&(KF!?PX2O_(1e_b%b>`j;*dCHtfd{O$o1{0-3n
zg^sTnIN?`;I|xjJKO+D<<Jec4;4t6m5e{A7$q^4--`NpF-H)*m1>KMI=-(Z$q0t5%
zud&fP9k0Q#;0)lHW1&-mp;=&%MbmNaVW;j>j{O7swD|a{CZ%!mwM|&B9r#UGYeOKU
z^CM#&?w3aa#t)>kaXt7<e?B<J;{5OcOe-Ib4>W#mml9p0U+#FjKk8niVDZWih#<Wq
zSUEFvL|l2-0!5rM@DZH^sehit`{GM5AwzJ-xf&8<tT(KI039ue(@giN@a%xhx`Y!6
z4cr9gnDG~!Gl2(ApqSwor_0RY8X03d5}b}G^2hs<3~~F$u*qC%KxHWTp)*;)>-=U`
z!GSCkXMGGYaLp+VERDs-{K2Cm4qbP4-icuqc+MGLR<Y#N8wcmATYf--A8(?GjtRVI
z*94+odKQ9d*T+OBU$%<^lfCGFgUJJ}@om~`m*;1nl<_ZIt53`Yfhw-L=4>67a}9|X
z`EkUx*{-~5Kqd}SZgDr;<70p`zJ_B@5{%`%6FMNL^x$kNuJ6n<EY9No=XdRaR*Z9N
z+{vkDZQRM3XD>dZWB--r<cKl@Xk?IjU%~|uX7jcfxBirz_6<s{hO^LxZsmd5=m*`=
zGPnLrv~IycDz|>g!M~5802{XtD4TsZ_wIkUNAPZ`YM1XI@f}?INdf<^$JQ)5^@yEL
zbKCEp+0WmpyVwhN$^kbzwlgAYJj3HW?tubs-IH<IuH73TKJ`;^FPysw-5S7YU5EKQ
ze*7B?(AM)cb6^J8Hqafv&FM2B4$)k(M-Le8x>;}_kMD8z$}}q~$~*WVFrn)^6&Qbj
zy5fxQzFBjS{PQ&p0$`i)nG&aP@fs61d;XdeH+%64s`6dP707i-&eMB|6j68jS{YY&
z)-C~Db=#~uz=ii$0k*mN@-%4S+{LlKcX9Vx+#MNk_tqUiaewIm5m_Ax{fiHPKR>_)
z*wYq9^kmO0xczGnzSk3TrVT%mqAA;nUIDHj6LAJS!;WEy0E<`0FhJ2k8@K;S0PJPm
z!3+0S{y{wVm#BZVN5vk%?L!M_;A+|z+{ZOsBD;UnJuTo0(}~t8swb^S)3t<W9M!B8
zi0C+ZP2?EHfZsV)Jijn5hJlc}-gzkmpT^aBSs|0o;NrF}lkRowZsu^!Bbn~!dbVO_
zp!e*u%fD^_NC$%lN2$UqpA^#daplUez$=^##&<5qE1eW+C&;6IID+n?+f5{O(<+}N
z(ZjfC6iqL3<<d?!@k|tP<5Eu#cXGj#>5d7HT|ENVBd|}`57!K|>B#@APC)J86i!ce
z<;q;;RZf>UbB<ytJ8x7?Uv%ZtOPA2`$q-UbVRh32nEMf$q&H>w*jzcc>ZPfusB;b<
zImd}qr@3^TDCrT{U@uv7#aCe4r>DAe83a@!iWP$DHYwcEzofFg2Dy=^&N~umawPuE
z5;i(VH3PMs1p7k&st=f2hYMzhi$xrqv;JJ3b_;RleZsmTXa90!69ywG$TIWCx%y?U
zuZ8jmkdPrs3`?4rSWgwlL}+7tS{4=A!vM*<u8;f0486XN_Or%T3k90ND()4+H1oHN
zUtriVlb;C@ia|9Q5>4iD^xugfxoM?8u{*1h2h5_-J*dzwSw$5+eA8#X)AN7Hk%K{C
zH0}CVkt%hJSt?nlOcldGOuQ?0bOT-z*Glb`00dHOnP?Vln|P7GLafu4L^WVfy9A)5
zMFz?N<g<qRe{pbRbstz!^z;6%<6STP%XZVVbO$cdA|e&knIO?!)oj1tC;fyBa*0)3
zJk3104uArfA-Ku{C*YsQWh-lqQwsMNt8NQgUulOaJyOPd<g~s6mZnl{&1Cy8xYois
zfP;wyqa1mIpqYW=6mn#MoC_zC9ktOW$~8P4!qRKuSL7Wta`KAgM;8~~Z_=XeK4)1s
znWfpn*&PF*1YMrAwLVTIIm9_L57MIs8;AP)(1YJH0(b*HGBjjia%2jd$fPp7(XcQ`
z+!?LShupj%m88wl>e9PS8od?{EMvnXfJU>cnBlTYzmZo{<Q<Wb(m#VP;f<HOi2@D&
zuT5bo%F%JWWRZC7xud1nFiv~%JZ4P=M_BUJ_#f+q)oxdw;&C-SBCM;@E;=L4r>`)I
z)>~I!ngc7k?sg-Esc+V7d?%tshp1T>$v;mEnaG*ec3?14f=d2vVf-YylrFE<0PBy$
zu{ot8aTu&D0Un|855<mud8^h;wH3VR>B}-dY*ZsGYl!`;2&@{TR=z0Ot6rs>M&D%u
z!nr_&AqmK3mP%IfC_AGgo+jJ6i#9tpBJUN%JI|otJVAbMTJ|_@o#ctaULX-dr|%e*
zJpx(Q9vZDPVkbX8QNz>TuJW-6puR@Q&e^wj3Rc-18tK`mC|e^ZaF3F}I#LSbqag5z
zqHI6iHKrf3H|=&a?$KM}G@~z&?$f0)+zli@M{E0k0Bk^$zl)8eAzk@3wR!1MR-G&w
z;2|3hN1L0x9;d96q@luS1jxg6?{>)gIx%(VXaPVPS4Kt=E^Y8dBK`>T?i8nZP;7tS
z4||ML>_`JX)F~cH10L%XJH>XVTqbTH8=pIGPWjyVPT3$E1>}@A1pL7$dyi>`hj+@L
zJdyTL=#(Mxx>M{HPqKuY$mHf#PO-~VoiZ%R;1B8Ssv=GPnv%J*N-HN!57v-(sU>$<
zNig0+)G3?ga$**FXiqfI==YEZHF$rtg8b=m#fOce_+TZ^OMbO~T+OGF6Ppqa`&v?T
z-6>be)9mter~I2d!xCQi?$RmGWcB>JJS%l=%LyGbi^74kdC_y6@?3cysXU=D1`+3!
z=gSM6@<Mr$U0&>zm&g+t@lvO}Os;my%jFeLc_s5w5})nzD(<}6DYl9>#<+h*Kp$3%
z)YHy$^pvvM)29`)hQH<%G0|peN0RzVZusYs-wZXT&S0H^$r-ls;AFpb3MTv8JNH|M
zX0rc*&i&T0ndq0-iVXrr75$HYG=xk(<oT=TK>i3XNoD@Ls<Mh1o|*IK&#k0yy*?Uk
zig-&(NCCZ0`42K&c^xx)K#6}bZ?Vx|Y|LD29U$a4$aT?1!k$3H>meITIMN04W;^Be
zat%dWoh@-DPeZ+>DN{^sBBLYI?#wmX(f-H`B^s6oYDt|8`!TeNc(+y(#W%{Ex=t5Y
zga2{5b#gr^*^KFAtv8F;*mlFdx<(%{sv=ZW>LZ>w<py~Rnekj^Nl}05ejKy>{-&ZS
z4T0r^bSqEPI~s0bicBV2?8_hFl(&f&=#c2tTj!5f8p2AkrwHTTF3BJEjrgOUPLT)i
zA=uo|FqmYOzB3doVg#pb6|c})IwfdI-D3!oMCS<vJrp$+d*;{s!+uYruf<bM{77<%
z5GhD$j1*JU+m%)$a14JMo4G^Y*%hHS5J}nXKk1A?KP$OoVMS??xlO0MOKu_tuN*y^
z6xAv3miGu4QR|P=Ab+jL1ba;V_2iEpQAq7*l$RjsOd{vqYk#@&fp9N7(^3AFf$0BY
z8BV#G=_{|CRW^5S+(10!xR0yyl+K)9I?L;+3w2>~p@$T%xsiWKvRE2i8e+cIgu-DW
zh}h;#F*mX{J9Eb{Hb+SySnFR|Oq9g^5}OKdsf(55r7$+BLIS*&JpVt5vrp=zsnYDy
zl`6*rNM}qp(&-``k5fF)il1+0dc~<(K+z~7zN<5E$}KFF!c=_9GAJrG1kia*B6V@4
z023KYDlnN4k#2v~B;}XSpMJxzNo((8H`pVNQ97rhVtOgLh5N-z0uJgXh)I=Y85JgU
zN^NbJLPI`^-k^|efk_D+e4*y3C$yA2sDs#7!&b{0e4E_L%e*5X+YDem{%|-HW=}h!
zlLg1+Z3>J`zAofh5s21%0<3#pi)$9;p0J-}74iR-!A^hirg)2Fm>P}8iEzp`mSGWT
zna8wbPl{t*=ns?cA`O`{%R`@|BWyD*<XB^}-7dE|<pb=^3c3^MXb(jy{wAi#T$M&X
z$jkM#h#)nu3pY15wa^9+-cJZK$-*P`zGePIfJ=@#NJnHd8KmXpIYZ{f%E(wbR-)hy
zODml6A@+Yp6S^a8jK>pM7HBdkvvMSJHjkO63m9V!jU=2n@8*DmoN@=N_xRLBDGRn1
z{nO#3)Kg8cL8BE-(w69W>X&W+`2$MRh^0Yh>A<uoODP|X)cb1*YbO(D<kcP{uVy8o
zyxNNAGPt9NNf%I@ZYr<G7#i^fYCSD}_Lem)6w-e$0h7`S%S+y>xuKR$uBgY?91T(a
zNylJALyKoQt5u7oZ^e8k5UFE(C?;>?NxD+QA(o6T9+l-t^*c2Up@=`rk>zm8UGib4
zd_+EKmybE+<1(5?vj)dgB?^hl=A>v++0m2-Hh4XBhFO#hk9e5%p4yN<Vo+^l%$_Mt
zO$~oE<6K|Z*GL{S>=~X^ib=)A#ly+3bUI0RD?K{hGcY8pF<=BVMV8u5VUwG0X=cLq
zSX1~=OSQs$N|}}im~$giEs_{Fur$HpIwsL?O<@HbaWdjpBuvJX?rh@F;uHlnWnO4H
zSO&1SX^GZTlibP69D%s@<2124)7Vf_cb|U{P&&`=i_k8}^?GQ6h{x>pIvgJBuPW5+
znG#t>n<ACu3lhTfr|yGx+RNm*!Mq~kq;;8b)1OYxT;5N_*1TOM-DTOt9Gsk)Tqi%v
zNRejJ3I0w|h2i@t3Xz@Fh2FjYztg+OUmXcV{lg=P8O%c^by$A1-WT<>5SyFm*a&}w
znj>U{rv3VBCwlyJPWZ!#@r}M<vtg!0V;8#(_&Uuyr8!z3;^eEC!ii)5bZZst2uRmc
zLt@KEP-qjXj`{*YQwhvug;QyYBKs_0$5TrpptRWIt0SyP)I1c278H1rCXg_ug{l69
z9l-voO3+bpeDh*qPVj&y;K7H|dZT~Ru9qC&X<>7SVxPtdSlEARvp*8GQZRCFof5Fj
z6lX`aW#%bfPdrUwAZ9u2vcoBN%O^>(BK}~l6`*-NcKMW3KFt?O&ltxmxoYwdDfiVh
zx;m12Ibhts_-j*f*j}Hd(BBxG4uK}ArAhjvUZi#I&ojpE4<E$Ya@bEEGMIl11`I)y
zJ{X2F(mMM*6lBJamNd$0omPFOmX>>swkK{|9@6l@B#PzIba}`#chf`bQ(Rvgs4XIi
z7V*8ZQ$8mbQm~eK$H|UU^VBzS-8=PF!DC%YQXnNZi!HQ>8ISE3-#EqF90Cp*UF4%P
zw6>w8FohpJBlYvd?>F^$jF*3+7Nc1MY%@cVs6m6JOgxy4(pZ!`dK%&GT*_ot)F!>~
z^G^8!Um(8dlrM2y)X&UzE%ROFGtbqjzDS^k<|y&ivY{OShYmd!o<)RH+|O5v_wnW8
zyW%}MbW9$E{f3X^81rS$;_TK|n3ZEkji;5AXAEDj4jJ<on9?s2YK(tJyB2q?49K{%
zFgy6Jm)CoR*UL3vMf^ZR(W2pQIBD}#Tl=)pV!j5_PC=2xtMWBd=1ma~Yk^7k9!?ta
z%m_c>^UbB4@^$Xa_4rJ$-xT-y5t8*D@j6lL=yJv5VBcgc;kC=XPWgs>lT3X-ETZNu
z`L<oY<CO1mE}ql%^3;DR-(x9i1|j?)M;?XH%v&APy_io=oj~TxQ;#IbLP~|0IBId>
z#1ozJU-Erg#28FGn&gxrdAw78z-Rw(lO^2ODOo1R?Dy4j5@fDP$~3#VW?2ixj)Ofb
z{1lGXHIq~EaHhnEm!V@RtYcAT8o>Bv>c9Ew@IyApoCS&av)+F)1G|R_X4~7#sn|hX
zQlz+T8fI7hry8a>rX<grw5>6`NKPkhHbA7Xe?DEGbh=t(jL%AH>ljwE`{h2)4kHbW
zY@jlh=g>c0qequF4=a^T^U6W$*wy!Ux)=UPe$1ZY6D~ewOGu%cN&JjOkk#p0ypv|m
zsXm2{GBT<Lf3SZpYCbcSQCbmcu8u#B_RcRWOZ(QMlLAEiW&Gll{wawjQu)S<k{%6J
zTGRE)Pdiz562>>+L=i;}#&g}!bgx;nJEPMC8T|UU(AUuHH#RYqAc=Q7O6`p|YwNMl
zK|%L4|59Ib13Rev)Yq%7Z_ze#6Lew=DEt#DQr|}=@~nSpc$VmOb$ysJ-W5YZ|NKCs
ze-=Np+DMsw4UsNyd8V``@<U(-DSNnuZHw&5NWJDPW$g5#>eKnoot8K{{ve-8%qSxV
z;0x9e=Zd@EW}4Cb!+`w7Q<?f6b^f3~Oul+9B|SzCGa<jrIODCvdLP+uQfnA>Pwc|%
z_@=vO=dgbRzlS8YI`J=TuA9NMO0W11Q{&)HFO+FsC!3>zhLX|{MN3A&$kU{QlMJIF
z<JE^{IAZbs+b2_s1XdASbJLI^VEh58IMB;_@BM^ZNgMVbP~-Q*X7U<BKC+X(=?Pg}
zYCL{NL#6e;u(eS|8!aVZ#2=-3rU#=eqgiQI-G6^kn(t44G{6fE>h8A+37yDI`hqD9
zb(|H|lhZw{+r1xPGG+q*j)1a;uBxBllgWqdI%CV$aQ>-AT;|>UuELSbS1n^s_xq6p
znQu40H(8W_fOQY}`;jg?Ont^PSf3fF3(}6~n!!$n5m?MMe?>!K{oJsBX<#LBB1G;r
z^`d{hZ|W~1I^A3owK;Y1%iM(ghU9nq<AbDFa!JLyf(0D>=f7*<A4AYsa<fJ{7h$D6
zo}oDeoo5Cd<$emaYx!a&0isP)_7SBuhIgyZU4Ml@B92ZA88$=Sz{)Yn8>D@aV&X^q
zg`dqhjQe&=29D$tL)T+C;ba`iw+2&9XHtJ)NE#mSH`J#81xNayVHm#+h%5?lNRjsE
zD94-hl=~wQQYZRI-ue@FyWVmUN37_O1X4pDCF+kyPW|({{({81=r@1Ml5J3uxaBlg
zt)y;4+xn-~9<z61I!jB8WWT}pcAcf78JC<1)%p|f<fJ)_r!S7e<ClKPt7j&@KD2)#
z`5Oh}l#O;y(fh>Zxc@KRbV8nL{v?WB?bP_$(*={LUO_ab93q{fxWD9QQ*)gbN+xJh
z8Dd4wOAto~d@xB{ZW=KER*1hEh`rj<hUN(Ajypg7?u?+4aIJtZKke_f(%PAwxWd^n
zc__+?{o}^+kHRR3a{7%QaKyt@MRk9pabnF5Q3P4)Gk%K5LN{$Yz-&!0-#E^bJrm<U
z6`X0LYG&JXe!bG+^XVC2%s%;P`Nec|@?kiY3QD^87m%ISo*ry&<fy>Z+q|?Lw3{G#
z{ppm?7%m_)xf`-MEkcP>G`+{_6p$p0yhpt+Qcf=3nlNJW*4#3;%neW2&pv<CIKZ;w
z)BO%C+Xzil6!oAKW$*l(Pj~vT!*Bt8x`~ZgZ~2#I3xW|ktNgWWD==7GFV+Bn2Y`P-
zMJ?dpP#N_)vEHa}78{KE7OTEh+-B6bi;YIzYQgU?YQewXGU~g;CIf!AHSaxEeXlkD
zX0gSn?=$d$?`Mp9t7tRom{otbTlF@pe!!|96x)sZA*<eD)jO?vmw4EyAF=3r)LQ>B
z@wibxVbvW*?WERj@g&jx6n)(f3hY$ZjEn(l4G-z%a&jxo)&|s%QzP?Kp3+W^fy~L-
z25Ov^r{$b^8)W8bJq6T`)3$?Fm8Z3X&1)+h;I_rUz76ykWXx{`-K&4Kf;?A>0p`3L
z{@7f&8OT4tY?uQMTKs8RbR1++c_L)MNstXosMiNWp&CX)4IB!7m<&q^zn(?};8-{X
z<`bR|8fXL0h-U$L1KRaOz6(I^Eog_#0@Vi20@(&x1;o2-ZuQ_Ihd+CA;o>5fi(cH3
z$F1Hx>>zIS;lj;DUoL<86^v|y{ssNpU_e1p8w@Nc+6ses@@?RG7zVe&kb>=Sa8)}D
zbq$NbAq88ZKUJ>bW_v&k@?$Wf9YlfJ0R>fZJB+L%Dhn&ypeO+<W>5)%MkPR_88n7K
zhbBN{8FUzd#?izBx5D@i7;d#(6Jl`q8tAhfyhO=FuVT1c#o&L4HW(kr78B#xlVUJ=
zohVHG9H*==nMcE<S1WL9F*wp|v%q;ukrEu`wHLVU4A)&#w!u_y#&#&Ja@*Qrn%CjZ
za64i!-J3~6veppe;(R%pc;U{B!3>iVu9@4Q%<FVJx5F`2ZoM65#bCBK%boQAlndCo
z11h}P{4s}I=gogGu@l~0Z;!6CAIr1%NX+iemhK*vt<b}o?_rqd&3098gZbVb?jAzK
zV1c`bYoR;SwI~M1xwB(XwGEE<=D10{7khiUdr~j=#NdPich4A{$hu+h;G_;X#iU&o
zSP<rf=2ixQnza#If!mhY2`LeOnOhmy33D#-ax3(eZaaTb+cQ3h$YsTIE!hSqw}Fo^
z_<wJvySf$JUgfGWWJ5dM4i00k+FfyUKcVt}Cb(!jEG7QbCC1fvKQ2J{0c+f-uH#PW
ze%vy`UuKOvwClKr?#DF}exo&RT-R~I{l{$q4WGn!@qKXMkFvLPgF}|c3VAHmb@F_9
z5!LJEPWgXG+^dN5$wvT$$gvfXXDKGnGMYTgVbF*C%>Wn=Ltp|7hlx-KM^Misf*wm>
zm2edKm+7zwj)CLI<5baC6P2fu&k2)1io!Bj3C*wyZh$l49#{j9z`O9O7z!VYW&vWk
z$Pg<;o@f!pVwE^ToGxaGzlln5hNux|ie=&~5f*=E6XYCmzBpH0CeEW{<wCJZTtsgD
zV)2x?M7%046(3U1=VCQVaRoZXRoF*di-W{J@DOnwjuY48M6m{^inUlFZp2067W9c*
zv0mJU&Ej@EPi(|%L@TZrci_F^PJB?@g-?nt_>y=I-xV+7`{E`1SiFp1h*$7Ou~&k4
zL-v0bZ%em$M-CG2%3<O?St34^6U07QAwH4EicjSt@tHhPd@k$6SF%ZbEzcL<$&1AI
z@^bNmyjJ`u*Nb1}9pX2+6G1+LLheSC&!LpBqb8msDJb&!ESKlS3+92NZUqT8^4I-L
z2Wxm}!=OTIKy4{-HL<^RoobX}LlaC>kEDM%*eDfb@w3f=%^fhv!WwBJG0;LGz3SX&
zdF9#rjabezuZYhaUv?z{Mw&o_n3k%M?Xar6Fb1bR45wGHB6k>0xo-y@A+Em>QW0B5
z49<wbnXR-#vf>UpY+Qf0x_o9=k&MAvMXs}Ba88lyT-SLqIKRksf$PE;TvS9}_~L&8
z*Cjk42A3ANE@N&`b9I|BU%%aS$hj^jU@K%4xUMkqu3SS0o?>>ot}?iHwF$q5T$bxv
zv;7ZqtJkfC{36%&F<3($OzVJtZq2ne1~;rBU*x)x2NN1ibzLhAE>E!HCSn8adtHJX
zbixy2k2Q3>y4D*@vhcPrg&p8Am%4v>Em^v2gVCFc<GLk9wzqbX?VpP2w*N^?w^uN;
zHyX@twU~W}#q2wo+5aqX-DNUp6aBwC$;f*Qitjc1HZvo)nC<(zF!KI1jNIBCBil?y
z#yT-Fl{<j2Roq5k2QJ1h@T-JtTS^WIFpFGbHudE|FYE<*co6i%J}?;j!f=1=2c_5_
z%5eY$a1fk{gW)C|0$cGA*nz|02^;~>;z)P}3*ikcf{(EnzQhvv4oATsI94b;OgPBV
zxNyAaixb2k^on8RbVlGLQG%1jcsxo>#wlV3mWpybTFl28q6%k<B{)m?akf~7<>FLw
zPR%$+oQZSA1$ZnuuX*IGD#?FIEh6W1oOl$g#1pt!Jc}ogGdfZ1#goJvxI}zL&g?6!
z7C&H(_!Vo#Z@3I4HsB%Hh|@4goCsqrMhLPTPsJ7VZzZ0IEqDR0!b|aVybAw@{~*Xs
z_;<Vo&%!(K9J~k5#jSWAK8WYzPQrW=FT@w|B76@o#(j7R@pd(Sg_nQJOuRy7<CU@(
zUM2hD)x_-=#Y<*@neioP93k88DTqP4Ji;_}cY$jg%gZu#iUidWtx#@i#RF^D6+CG5
z`_2AVC@~F#y0%+gfp{0Whlebf&xD!rt6^OSS(da0viMkZ?J$m01Gclng6(2hj%`x^
zb#OAzG9(5MKMar19NT~4(JHnrwyAb_tRkU>kCXb5#pS!6=+^p71<o$&-&1~4AA=5Z
zrpDy)`C_o!T%?t3Eiv(vrg}e>P;cJGT8f(EB+p{&$}u-bj_m2UBYVbRfl2+d#;k*r
z<UU8!k>Nd`YBZ(;qA>1-0@sTcu`zhbtK8}Vcv+;#gO+*47&Cvmumds*cdA>A_?fU@
zZG~)#I$W<=b|?&<?WuCT-VS?rxfXdT&3U7$P>yMbH@!Bu&Gl9c-sbE^_u9<$%@xSt
z-(eEyKs%@v?o5P@eN2U+?st>j7n|Mh8N>dSgon4o`xN(Bd+tssA5;{${%!i94+~uT
zxV05NS_30o9~*xWsF88B8G6%aH#7E=Hck)r7{U79UB+4ku1|TxcvpFW>oXn@=kw>L
z^!_iwXV(`MCa1n+zS5fiiNRMU<ZI>~ImK^McqhE7pP{MWR=K`whwpc#*Z{S1)=&!8
zNyc4O>IYM$%us)Pg03G;CiF`L`-z^P%$~l<9^;72No;@rzioyTOg;HIMNc@`G!%uB
zKFS(c)MQJ)SoTHB4@fNXtGS3fb&-T>{bua{adHs9uZ11v?0@iykjgCq#u5d&LZqsi
zz=V17{OyACFN1PYuX)^ZePSednYluFRVz$pSgz3GKpO)`m_U0Rs57vaG5Ws-OwSb=
zBtJ@6V#0s1mT@!Vy27I3#`n882xkJFai|s(S%wU0109tA8vDqO@1sY`K3Is2e_hHV
zCn04+EV-hmF`2o(D`ov$lQ6^3J49dW++8Dbaz(FlOFD&}q63moYDccfO9$+o4tP*H
zU>^&3pNNN&xuUOWB@B;=ekNb~SLBKTY$H@{gnoZTg{JU}Vqzc-%@u<Pvz5|L>i2Af
z;oHUFs-ku=g!RNg6$kTvhZ?xU4BSG-J!B&c-7bbRZhjJX1mhMMxFeZ@Tv2Gm4~s1I
z-VB)#7X8FPa0tIRRYa+NQM@kRr1~e!qS(Pfsl_X}2ln94GFSGdH0o*juB0?e<*O-b
z8hwB7P#>s$;LuRZ(417y*QzytJQksmZB(uWg*So?*FhHE47s=g2I4JnFy0D9csm@5
z8(|8z!c4pqD)66h0^SYPcn>t<76{{3I0xI{GK|4>*bW=;LAVXK!yWh##Bc|6;7<4+
zcL@z25&iISF%X{+hhv9026u}&l-Ml9rzn5!c!uJR=PBlRK}7LIaXBSBSK({4v%M5^
zyh#btdz1wIOWcnih#mNE(SaXQBJ`1Xof4rp@e}a@ek%6iXB2yUF22Jri8EiJ!mo)x
z-(U`Yi!S^Q^Y8~8gg@di{0WQjzc?9xrg-ERoQ=QYLi`O+z~8Y}3cN%jMGz9Nl?s1v
zkT$$U+Hs@Qag)rzEz*J8D9YF=v+zmT1D}&Q_zFcEdt@HIBYRU~+n1y;KuS4KI^`ge
zhlf(#!SpqR%0uX1z8oP7WRWbC<K;LxmC7<XK^`Z)GAJj>W;t12E{~LV$|<s)dUwd9
z<>PWDNp!Y+MV6CXE9Cofj{HK-liz>IN|h}asy=d&8Z3`f`SK(+S}svud9s=!eQKJl
zR^_rr&6Txkfvi`j$YttO*`T7bQT<&8)rGQ2T`R-tCfTh1DVMAJ<SMmOo~9m?XR7Dq
z-_^_VEVWmjtv-<Ft9|kU^`*Q>{UTRuD6h~m<dvFJUZv&9tF=Dz8f}2QNy~qi>$DQN
zUYjg8X!GUm+G4p;tCn|YetD-Bly_;T$-A{P<bB%Z@_y}VxmDXF+q6eyOxq*dwa?`?
z8^{N3edTuB5c!a8xZG(gk-Kc;<-@j#@)6q%`KWD<e9TrQAGcM@Cv0`H!xoXdZKug6
zZRg3SY^&wdwyWhcwj1SJwp)MY+qOI9dx^C5TZ*?|7O$9Tt5`)aMLj>~iXzTC4_X77
z++>~dyTK7Z<qgm6Aam5rL&x0#+s(LdD}U|e_RgE3RZZf1)&_<R7{kB;V`8FsEi5WX
z_?Qy%FDZdo0zS$*328*vvoKeTw$7=PPC1G1VU2}1{BdRfHPDyb#z=qDZCS*QA!600
z<hPx^<)%&tsN7`Sb@R1t5c*L9|8G!oA7sjpAWMD<1LbEhOnwf9@=Nf_|G*6S6_m+u
zphA8NC(G|(rTiYQl|R6J@<-T8@Q3Bk@VNX1o{_)8%knpPL;eA8DFGiSgin=%&y^0}
zs0{c?Wl|jes(8)1uP%R~+z6@WO9ST`a9CT}k{~V{B+0J_*i{Z>D;EvkBVM-#&!#>W
zVjrBuch@7^#i14Cp2tpV1zQDf>c5G^j*tVni5u#^d{?3J0M$W|sro>Uazn1_3%yl;
znt88y!<<>(N=ZT{xx@8xGKGxlfB_sGaS3r9X63C03P<C)VjO?pX=;h^OOCU(;<V(5
z@zj%NONr0L1Wre&iiyMdWVVz1yw=HFFtUG4Ol%VqxPLcfQr8ijU?ygp6kjY?Og73R
zlK|`7qX`q}M{%z`LEC^eq_0~ccQ*{&E~ZqC?C)0XVyahn>oHMUz~wZ)Y$uFuV!Bti
zrZFbS6~@i5-erHKTrnegFJK`id$)?23^PJ1`Y4NuW4wBjx>@FoVs?T+H-$arF_^p-
z`f{^^@4lgjnw((Q;c<)`p_rR<jOM{se>(onW&X9o(A0&GwHBV&DWgwAVdZ`l5(~Wy
zneWYTXXJ_n2C@0vTu99uU;sB4@g=<@&v64}yEF0}=52qxVtR=;hp&a6+&qrsygx3b
zm1$15Tk%ac1%4DoI?uI<Je#)Rw}<#<VFjE4XVK|@g4icMO(^;YFo6{PU{ds<U{k|j
zm^uWGRU=@LDu5<c2rE=EoS{nKEHw%)R-@rEH5RT@hrv2E4sKWDVWaZGt7;N_p^k*F
z)lp=(Q-pt}rV58D6}f7L=&z0ulU2ExuI7jn)I3qIDn(c=5UbT9ahp0$Y*bZZvpQaM
zsKw$rb%J<ZohaT_Cy9M(iTFrWi%(Sz+Epz&R6X`m0UV`H!Le!?PE-wev}(j-RS*}e
z5T2}>aG7exv($1tSGC|(>NLDojlgy44BF|N;w^vEU~MgAurAthizpWra-0%gjVx`O
zs4DLw+v6>fE$(vdHE^pqp@Wj`1mcPDAXJ=?@(4tqCmCA2BsCpoqzbFIgDk{qwu_U;
zsaCP7=b$UN4i|QaAgP>>1{IQ{i-~Ibs^PDgsP*ct;%K-20EKt(uvp6avrW|TQw(cU
zrrUqPmD5ehK)s>VJ>AZD)7C1S{1vdi;CDtl#Zb5mx3i)ZzF@#I1CU+dcAA92>kMr$
zpboc_li(*9(%1=)rn}ee$Q8ku2zj&QI12u+b7$pckKs3%T+zh3oRgPxBjoXCAn{4#
z8W?hFUQSGe6R_jlJ@Rr)ji>SCCu!E6?w)@;we{TVb@!BX(xJKyO58n_)f`&DZG-4M
zWz6E*E|yj?Zo7!k_Oj2-7J1q3EIJVDn1xXRYk!Xw85ejR&^ynzj*jwN(abJHtH`q%
zFJwK|z`a!U>VQ0|^41yIOD`5<-Z({L^OL%;+`OzXwSXVh^5d#=;&!p3swj{A<Vt_j
zPquKes)EbYXc?xHBK-)zPv$9ppiE49x}}M$41M~W^>teEC@`iy!*o^S#OB0(O95@=
z%=q1km479jnv;6@ZaO(YSa-KO6E532DD<ueg$X#za?lw`TF>U*j1-k8&z;f5b32mg
z=P<gXljnBC{qiVontpj$!Y|WSyY7GCTw@Pxy(tr)XH9&5TF;z<ctKhU;_lTEcdxr?
zxbW&DdD%EKiINM+7-3{811>TdATCbwAXi*suJ6_<`Q1#hNEY;jUX*D0<@54oO1utJ
zGu5obW$zwnCI@vEY4q8k)HxK<oJ%<8L6*80da6sHm%0qbsMT<ox*U#FS3rMQT?wny
zRdBAl8m>{-!j0;BxLK{CSaU7hqi%pUwH|h=o8f7-0bWwKz+QDLyr*u5@6|?f*LMi1
z?i4n)N%T~Ai(cv;agf?9hNvx~K;0*b6m3|wi6dyUN2+b&81;adrydjw)DE#k?G%2s
zOEjp5#d7tCI88k&&Qp(xi`9SQ;xe^ctWi&jb?PaxK|Lcjsb@u-dQLo~o)^2+i{dr)
zvUpFuB0f~FijUPE@vVAY{GfKCQ0p;My^TH8JLp#LqDQ@l2djVKaP=V;t9^Kc`Ut0}
zk8y_j6lbZ=ut|M^r>if??f(ZaP+#F{^);?l-{8&aTYOsmfG?>Zaj$>+3Exyd<A>@O
z{9OHtzo_3Ns^4XX`a@=FQs!w&4%9R`Thpaq%ao^5s&bl^Ew9sZC<W<BsfSDM(sE^o
z)=NG|Da;F$!n~}x<yTr?`7Na~zi9)NTN|WGG>;mi4O53{!_`bJU(M1+sDM_WnzWHB
zq7{*3-xlv!5$S5M(?Nd(Fi%u$7nf25)h;fpASbZ8YP-0+iel3%dL9Ms;>vb$RhuX)
zAi&jaVrDBG>{Ur!yM}d*1aoad*Tm+c%|<L+1fvp1{1DIqw9$atq2ScU!Z2+d6lvpO
zlr{k>w8LSpb_CJ(u6WO)?MjN3nYJ?ZkY3Jy$+d{RXQ7nyTVa1#p`^I`A6L$|s9<l$
zIEC%vI+F}SJT%8~^B-^URVf`F(jdtNN5a$uNyQvAYe#|7ra-nf6<pdh$kV370PScP
zPwgYMnJ`r=gK63^FhiRKy7-rP-@KQHfmSA9D;R0KnZy$S8?6Fxi1>hi^Fp})Hp&mN
zr@;aRBf<PDw(2C&Rz23N{vS|F2MCWlf|IW+006yJ002-+0|XQR2mlBGVwQBXgWiJ$
z17enRlL_Sd17enRlLqA^e+zgV)ph>w?%vtadW_8)*<L^J*nlm`dSGMhAlulo{E{un
zhLx?zl-i@+k+k+|M(oT=mT4YsNt#CkX-h*LC=f!dgis&`tpEWD34xX*&7%!TN}8sj
zX_`=)XY*)Ul5_6NN^4n8ll{KE=iYPAJ@>rl+!tSe@)-b);z$DTf5zD=ybF)=@E8x{
zI!X*DbUe=R2^~)|oaEst9-fZlnFQwItd5T}{Dh8Y8Gcg7rx-rRM4yi1`2-f?g*g5;
zfyMYcM!u-yGjV)2fo1rdj=yL4c^zNS@kJe9((w;E{!z!5b-bkGD>}Za<7+zpNyp1N
zzOLh+b$mm|zv%d;e~y3E@hu&%==e7s-`4T(I=-XhKXiPTZ~0yvuO_e=XXE(K1h(Qe
zM*bHM-;d)53AFIe4-;s`k9hH89)6;RIR0D5PZQXS7nuBKI)2XZ7drlj;V*gTf8+SS
z1g^vDGtPz#ew9GCKwJo2L=xx`QC`R5LMCvd(1?qO^Gu(4f3v7cAd9nXsvqkjK~T)m
zg%QHJ3i5Cf5A%4K&%?zDkrWG<<0T}Vs8%ywEY!s!o-R&^6rR(?5?(9~X}5}Hd~~^5
z#>J(&SfLA37b|tKN*9;u;_?LEBCgQIYKCicQ4<%naZwi+YXzc%UcW%H{kS!3HRUa*
zzbWk(a!&tde}UM5>-hwH`y_)Qw?II&3C#5iMbEeL`BuB&djczO2#$MprdY`NqfHsY
zH}Ph!FPE`=o0u8HIeUco9_2k^bA&EcY>xT^Iq#@vdtT0U1S0MUfr|rv)`;J<qv-pt
zLkzTx<z(!<fX<u(E;@^56>Ljj!Ss<XLbec+4_TRve?8=%v)wviXHN9GCt1U+?Tivt
zHfQDC{&Vi#sZc}{@z(LMo`yWhr)|kOIsaOLO*QA+tnL3bMD1a^wbjkq0`uB)j@?-t
z?6nJBR&Sm#RW}vw!ssE-E(lc5!oHS_HqXlVWT=C7q0cQ0+F5}WHPcet!?xo$wJ4HZ
zJXaSQfBm+v?4EP_T!Bk!YG-qIBJCCn8GCn*MM<X9?P)i2!uGq|4!e=b4V)462L1xK
z8~97S&%hmcpTLF|Wnq)OXlAB0HGO-KBE~A@@}nk+8W4nTHt<2*DzI~>YdWrPS{Gnp
zIaxCskYrrPu`@*D24sgjTZvg=*e)2jpLuOee>D8=zeK{ohj6Qb+j#gh{JFrwnU>j6
z?CWEP%;783>PpiP4Wf~PxS1zSln`bo$#~c<kmPpO5Le=11Mgw6E}C-9?t(RFvkfVn
z=FJE*Mz1&U0o*453Tuv-Hu4qYuc92KR5S39*g!FuNC>P=9CA2f*c!up=_nb+Hggos
ze?CQ>>GmZOX80p1=|sx%Ov_aHW@jsm*GPNUw>jn>+p!B)UYWYrCauj`_*WQ!Jkvxz
z9i@mNPU?ViOP~%hHEEG8Dh{q=lSGO`pPSFSTm_nmWUJX=_ArBjO>yt}iiv9;rtDV4
z6=_2<Q3%;#pb#O;y_?Q=g<=KT@TEmhe@Rb*=KC7bxqgTAt>i>fTa^f6w3p1(QuGI0
zPFZDwf}L^uo!lup+dCR)*=_flI|}Xy-NZchkps<x`C@<0F$+a9`=HG-wS_VjJ*Bhd
zm@PwAh7goaCKph$u}AAc+obf!yQ3^@>w(VBU9DZ_P{BQ^5G|cMiB~6y#dZief3N_d
znghz4m6=kP&2f~H|Le@Yf;%|nui(TQkA>?X;W}Nq#vabOMUV0_u;&a5)ePsXvbx@g
zU1+M%wU!dGm?x{S-S&}yZm)0UoWM>h0<58-ysh#y;|>l{ZJrrAl~-B)blCG7l@q4D
znGS_Mhc@flo^sBh<!1&ISB@-if5^_LtTV|Igd|p1l3ZSq<Y4TYzyi!^P2jbbK*EC-
zC!`<bKs(*uVs=<gLz~k;Vl;H*vRO(1%lEC!2{Si1WEVWwu~d+f_0KggEiIqJ#2m?a
z1H^6}yUwjBT8*Yz)6JH1*7yN+FGaw~OpY0@Tv^NR-Z5%=R-a97$+$zKe?dx}>%?>2
zL{V4{b~5##>&yu2j_H`L2$fnTCw)s<y1rb0kvw!>fOFxkjBwv2e)U$-cggs~CeN`$
z+_~Na#lBpV(^F+-Ut6ELiVC>r*0U~7Xrg?cJVzV`tYK9kGWi_YcvX+>tujZLY>FG#
z0=vM*3B$_rPIv*A0h>4$f7JJYt6HE#D1T+dlGTDJ=k6h_L(H%;duqrN`~eC+Q&Sli
z=4-~HWVU);5|(Za0(z9xVppnIY-IO!^n_-$@*Zi-DL^bjv4_gBX0B1v9xCJyI~jJ@
z)=}GA!&;nUT%~dFQLK=YG|5w2lbz1nrgBA}rAk#Ap`I9SVyCjre{3SAnoYT627OPt
zVw_|2Q1nLnLcW(jWDC#hpY{~o;t=&r=WXy;>uLjc;~oR|;-1Qn;6cmb7H+{5VoxEL
zZMR5vpHFQx#3u0uLtG=8D?gG!4@e)s1N#m96;4wZ)~cF81Mlb6eD%$!h<*ci;<O<)
zi!GIR?WS+f^j%vkf8}bodYRi9L5<zq=>x7qtz*?*J3nl*XP97{A-0Q_O0~=FChzVr
za2NjC5UpY-wQ$o4xP`1;2<{e;ofKFDtmQ6RP}k)Tutt<j)Xj+9)MSZ0Vy{7+_C7=G
z7xi(`Zio)iX@~=2ogof#2VqobdjoX{H&QD@y~w(_xQ--NfA&xfgt%U8HAGr;8RC$r
zCsWOAZ^){xoow1e)F~XGe>?qK=}*TF3wruQ>Z#p%qv)ZwWV)xA)5U?eGi;kHm>%do
zP8CmJ`K&Ezdyb;j;chBg!;Ps%L1sJD!`9E%?Vg7US}|%>m)5lXhF#rv%eu|lMIYuC
zxc%J5Z1WLDe_vMf+w||Ne=A{0kj7aEkDUJyQHi8D%bK<}hE-HQ%F(j4Lev09pDC-K
zG-b-Dl_m4lRnWB3XO}*V-1^Ukq{yWsGu^T30&j>iMeuH^QNk^p?cu{4i)PzUJ8{w{
zNTy_^;ob0kvUt{m>f{_cxhtFVg9lQqM!9LrEcCyFe*t1t-szD!ml`1on1Y>6Q>Vvz
z)mA?L25pC*D*T8n*q)+TR5KfaGL1LjjtDHd@I#E8O0Tfsi8b>H79`E)z)oH2wXLfN
z=;dO0>2D56N<X4)rB2H~=z2L{y`pu#%U8RUX-D`ipW`=YJm+NXlLz`P<i$3Qy<)Ey
zrq4o-f5-FbVB%ePH$7DT6c+>h&;kE$3*mc1Nbe~H>BXoZJsK6fBZO4R6?}gP?+hVT
zPzC7&qTszDr00=>9}M~5AHokQ7^D9gjFD6yR(nx}IaW6TQ76U`sf&&y%0sL!DaWDJ
zCFA4J>ylODNYt$z$DF!l<1p$Pm~;|zdnRyEe{x<4^XneN90JLUgSk;cGP!`}C0sI&
z>W_gRY#*U<Jq$qFh{@|wCDXV_c42`$hLp6hLS}G<>_eUGN0S`D26-Gu<q10Z06rQ>
z96gCRs({GjlUUe87gbMSQ3pw~xTiigfz&vbB$sv)KJrZLUM!i!GA4>d*H2)1b1W50
ze_mR`iq5sqV^JvlS{B+21Z|(vXypYoTEz$+8p@O8W#yUTbU6=KOl_{7nyulXW@=f>
zL*3L;ovoi*D(;O_%O)PKoLa8qVLcC5P2o21a5WDbr*NBicmogDlpWDLiOr<omgX3#
zx|L0%kx?da?KrlTF?uw_Y@b965$|Z0e<?YM)*eadoh9r_Nut_T!tQQ0+g`$+ZaTcT
zC)qZEedE|4EZWtgBUp5*#Q`GUPg)-&*b%}549hoZDQyzh^+YFdeF^E5#``67b*tI_
z5)K8kjuH-cPoi4|07>=6=6EVTiJqS1k=XqC6S$#--=lkP<o)LPtLJYgn%^JCe^FW<
zjh1k%e4U=sD-^R*dP<hi+f7g_A=6Fd6hT=cwM*#ZRkA-7FJVCKBy%afgyX^d1hXz7
zuT~`tG6<$l32rbOA`p9UDia>UTFQi*U`UUmzlddWn4*7#qW&bd$Wz!ZZ$_7Vv)Cvf
z5ZmNO#dY#Qk&zFJynIBQl4r#&fAUdrt1O8-<%IaKd|ZsnC&klpQhZuIB|axVE?$zK
z5U<E*#cT4D;%D+x5h0(C%#$xfO!;DDgZyk{i~M|Km;6E`Ex#DKL4GNckzbD7B)<}Q
zll*Gro$_muJLJoeyXDs-56W*u9+lt3N<4_a39?Xhhjrr>3f!C6NoQ~ee}U*}tYAa1
z*-I$!MzXU6PZgChOz>WEX$gLG>lk(}iyga`G3BHyQj{*|EE^8OwS<w7S!5Z7`^o8b
zf~L1b#4?rVANbW1>Y`D;D8|(*@balK>?ZMU=EymN%Y&HxgVR*Oh$uEjMNL&X<(fB*
zVF}T`nPck==2h-Ym#$tce<p{08*}7$kd)uWa``>1man2wejl6U56EdhB&Yp|O4d){
z%AevC;odHPj@#rfaJ&2^?vbzK0S$Oe6L?CC;#p0@XEYrzX$icn&BeF0c`7U(4vm~6
z6VD;cYssbU`qOwzPc-?~bWbe#hv^=f{G)V_mi*&%Pds@`x+AD}fA>Kr%C(OK1&<8Y
z9E)B%hL42ytzWKc#@hnpHYZZCRD#U(_KmVy-i^0XZTypJ$?G^xR|QkOI(`@CRO@#^
z8^evfNL1?^X}*$iiRw7dtE=PH`hDe9oC&J6YI#5EQ?Y7UO{w&b=Bmna`%W5CRpmOx
zh4+@ISYA(_>|XoGf0Vh8V+o)o5!Du8rB;nPZ6O-8MQGAeXx2<@(^lcIb~%n|SHRX*
zV@O+ro3$FeO{>K_v^u;;TZ`MZdYsl8aIe;gF|7#?Y3p!Sy9!Te8}OWVHJRMRtJ*bm
zBi|dr$9@e^O9u$gY^t?L4gdfo8UO%LO9KQH00;mG0AiMOvnTSdD+6MdbeGs20V011
zeALzP_{_Xb_M7D!l5Ds_AS@^lHVGi&6%GvvM=*p)0vPaMNxn%ImfduB!)3ki6K@S(
z)oP=H)`Ki63ZCFm@3vZxYSp$LReO21)!)qfe)mWS?f<Wzy!pO)@6DSx*PD6E^FKVY
z8vrJ&77s4RS8~9GuS)Zp8(;S@)R=!?%hzwD`K>f>2<}Zc{?5R+JTM5~mi{{izAK&I
zOXoc|zV89Az4{Ms{J;Z4@k8l+<i<aGV1(WIlN<l+fnvM!u^T_}K#9HPQxA;8&)oPI
zfqM9JX}*x=OKJWp&EKT?yX^W8H~!NDW%!j~zLu}wy73ziOtHy*>%s5vdpCdn%L9iB
z=1}~%H2;yYAKdt(2aeRc5bzR0o=wCjB_)l^O<5i|+MbZj>&PvQ;ieo9)Zi;_@_1k#
z4U*3H+z`3R^uR*Ol?8)kZk}|R;vgcy<>$a9R3KfiG=)r^hR9ZW)1k}_4U@0o(u{CZ
zk()+(U?sj{P%%RqB}7KcSBZbj7~>|NL1W!C&Y*(~I#@=>%jg6*O_WZl2ZA&yhx}A#
zP`QUHXtHcM#h|Gk=Hw7*rpc~{I_xkLZkq0a^>mmA$I;;i9U+|(Hy!DLQ|K^*juKcR
zR7Mz7Y0wN=G}Bo=h-NtlDW=)1Q)yguv_Z!hRAtZ{H&x4)H3rQUIM08e`67`82Gt5&
zD9B?Cs*}zlY3c>D*q{c1$4Rq9nnr_~m=Ap0prr;alkJwvPRGkvvotG2l`9Q8!Jrd`
zk!ERD7<7_|<zyLL<)(l^t37ZJzU`(KgIYasA6eX|Hfh@3)Zu|%3W^@rq~#;swbF#r
zIN@oXG+~1x26YPSKQVtODljH9;_}s%14C)OG#g~@MiJsB5$7c7Zg#$0bc!@Tm3gPK
zFVSfpI-Sli=uClUNpm)P6~zrYC)GJuD4b`|`2sJn(b5=np+Of3y^E!}#6y?TWd>~#
z<z8;k6@t9dO;>r~V==O;#dxkU=voh5N7sv}x((WD&<zINXwZL62HkAXEwc7!2Hh&d
zw;A+vgKjtI4x#i5LG>7Pr@*@mx?A8jgSHF2N1A&L`lW$a%IAFsUM}!{gB}o)4@zf;
zfm;mfHSh}QB@EhW&_f12Y|tYzXO}^b8uXZfSIO{hgZ3DBwR}Eq&=Ufml;$aEo;L70
zS@MjV_A(Sx*=K*?H3nWQqt6<skN2E`-2$ICaI3%<47@>3@+*U0bkj?sp_dJMMMV56
zM=xo{(W?f%CX-(Guw!wEETi8@^IL=7uyx4R^`@B6@3b+w=`9ad(c2Os-jRTjt7ApF
zanrjVT!0@sn50n|^m~Ke>$kNG^ZxJ4j6cXm9|(qR`9ps<edMM;B6xz~s&G|jXUK{p
z;0lDiV7Srh3`7HQYhE<4&O$KO1$a`lJ%&)YvTjXaePBu`5N@B+7>@?S?K2Qmv~4w0
zs$0^wx*-~gM;MjEsHTpn6=+59W~{MsJi%BWZgJ@6+v9-^@hKX^qb845N5XO5*oq<y
zNzX`Oc~*Zxs})-tk90P+L?fY4Lm<q=hNh>c(LC4P9u2mx4zweTNY9whxH*CLy1=GL
zSDYseTHO_oN5ZlsgpgY|C*9@Iyp~8f+!znUyJB^L)iNW4bB*Cixq+^DhZT+oTLSS2
zvp%S<iV;Z?!}^Ra4F@;YMcRX5IiXBTA(HcHeT#pPSjN%_gx3dRa*#-8JQxYHG6vTz
zwm*|n%V`M(J6A^n(N<xtI@w7MtEkl?152!yNVJtzmmJ8ACNYhh!YzFjws`d#t3_m!
z7qen9-fdnmWYufEc?YtEycDgfmUwVIPaBq|u4Px<!3!*5v85{-V<~jDvaQ8xtTxuD
z6>NX+h|dYet0SRE)W+q;A}wpJ_`E<1i)<5ut0NL)TXl6tqGGbOJcF$zW<}RqQ5$E*
zIwBjyP+0#gCo|I4W<{4+AzRd58C~4g7Gf)^u?>iktrpK=i?OV*!%z}goyjG;fJWNg
zCDu>6tXQ0}p4MP2usUQlHrBDA=g)0oMOA+<uCJe4&0jfP(NIIwY71`U?~Zu9GuEK_
z^hCl|Q*fPiti{Lj*e9sAWF)6E8risMfj+4H?W|~vL|d!|L9kr}+ryD)vX>u^cE#dV
zp^z906Je(EG-_!yi4r!g)m`n*a1OJS^!%iU>FyL8%i7GI84L&Gv-wD+la{f}t0RA{
ztkJwW7F~VUy46;+Ne;~e5+YdDr31tVy->(7xh^d>nV9K>fzFO#OH5Bx(JrPll#krP
z=2jnxt_y^8OlgU*zj@|vY_XE&KTO<_ZL=!eT9x)HOCNhvUkr24k!^@$7P5#**w)CK
zl@82vu1rrkFDpKSXWKtz)`-?flD~giK4UNtVnYz}Vun_HZnz~PrXSM^j#qcZo2-p-
zF+wZ8q_1BvgDo9a%i8_WgJbbPG(B55W1G$B50;qP5D;&UThW+y=nMqH!~u@DV$wkF
zn=dPC!|{y8!v<JfJBi)SyDqZcnipy5iZw-2jwFuYC`QaR5D$drMxzo5{R4l{$-tyk
ztHnA<gujSQAkZ%671Olc9Pinu#q_PP7+!6-vr9rj=?bl|4Z(0LYd92%X|asSP?)uz
ztzpV?Jz=hV>s|8f6*^L}p>RwpurW1OAdNF^+~Q6voY9qSr0dYA<wFPCf_-QN(>PCK
zq>DXQf+y>X{c%~)+F(T|3xj_q-i)`HeD|(2@dRASj+q)a@kBhy#M^nC{v?wglIBLd
ziHY>RH2FqtlGwSdzFO$rYhnxXzS-4$R;ELLrjJdukmG57|KM)oDfm-9SLSWPH0To(
zyKp`4)b}PaaRW*qOSy)L5tI<R{|#p1PmuTi6t^>#zSoY4n{cy<r{aHUCY~-QKSP=`
zrF#}P^cnr7536?KAZ&eZVgNbc7&h=VZekGExakX%zNEh*6!)LS0f3E&!&N+H(%<kr
zlm5;PULb-WlyTvkxE4bu{e%7~!u!g^yG8W(<1My+?EBcn7{*Qdn!YjVTlywbE6J#l
zR#PalA<5#+^j+pqI#Yj<q3=y>#}1SJC48NXt4#X0NaR1PRQf?I;YV&1NQ1)DW76Cy
zjE&J0!yLiuBTINAt0^LPNXoU6Ld$T$IbCu&A{<n2#WzHvYkih@Yo#w7@kND#FCOvP
zH&dn0RHT%N=P)<QrLs)igO4MOPHnn0yfz%!5bn3-!Tl)P)O>$oHUeLly`s{GP?RF$
zgy;+s<^4#sM7lz)%wpW<gqln)IVY$z@mv-jvzyIPRTB<Irp#SDFGbVDi`d?j8*gzd
z!&EuSv;QtpYh8o|5DT_iz83B6$?cecTMaT<7VKwF<1-uud@Iv|&uTr<RJpj_RD(rH
zd7_%aBp0=d(@cM;e3qgrP+lgG+<dORd2&VH*vK(3HGWjBT>q>>-;#NAe0GxLvr-qN
zZ?)AD=!#iB`%d=-V?K$ZojNq;CGV=u+?_mmvWfTbQB<L@J4DQBn|9gcWyyQ6fO+$B
zpJZ74rFapCoMgt&W~+uW%hgE%q!nVSVRHWQnn_#rv95nkArtd;Iya|}v65S|g$>8^
zSb>vGH9{0vBuk5z#*(KTV8KY4S1ipak>mKeax=*MWH?MO;+xkB%d(iMM$1u4q!}a2
zhB>y&EOJ&FjBoPAH+5Qk&=K_!Uq;d{dxkBmRbu*t1}n<>*gDyaujp_qM@XM+*mu6E
zd~6E%OT2&2RAaSl)i_ffqz-1A-+#8REx>mKQ}<_3m#FH~>1#zSzA0q&TZ2%NWWOJ=
z7-tmhW+tvf=3~5?kQt$zBF3=u3^A$Pbg<&=nFHMdE41DcYNFtYrYcpFOy$RW*@9A2
zYr~w&#AHI5smfJ_sV0jyrbshY1bm1nG2h7$Y`=eJW6VIsf}1tURMSNJ%D0g}50&Wm
zfUKV`o_d%%+*C&h%_G%OrmB>I8RC8k5$R6p&Q!BZHCr9+R>zpCN@cOV*4SCOspg1z
zSBs}oeZ*8XGJme{Rg}7xd@MPiQ{?!9Vp{X$pd%X{RH}@z{m5!%2XHM|+}LE|!}y4)
z=Bs}NZdGflg|ai4>R834z$lsE>r7@-I%dT>trndYNC3SzsgbUDFf^q`r>kQtJX}X;
zQ(DMFK06)v=`>LM)u$uzBHq4X@scLDsyEeQ)nMZJBE4K*);M>`vbjrS5aG~zE668{
z`lQSIM}2)Jq<M>_8DoFw(mvOxu&VS;<ST!2qK~ao6XWyeNmAsiw>J3f)QXkYY_WG8
zr<O1$jhw^zl69Dg7s?fzyIAfUU#c1#q9-}!m@kz^4ylnUi|tnmGM`;GFo|9GsEHTL
zF`Wr^37MX7iHr@k$803)%`VbRyj07lF|(XB@oY&sE)&)~HK`iT#481TIiAMBh^2qs
zs94KeWD*`?;uV5c<EPEz?iBsSX_f2bY4c7t)l${KsZ^@q(=x+}CSE0Lyy=2Z$73tb
zk@spnlCJ*JBiBhvbd4}_tz5aw)bc(lk$r*l&PPr?a;k~f%j|Axwn}q@cx_#0P?Js9
zPAEpCNw0zw0RcmlPC^$DkfQV+q$xEJs+3R!q$>eJ6HuCTkSawwNaq2R4xx+Ed*_XO
z@4TbWeETc+&UMbYcF$(#o_o&j)wi9WBtI6gCXfVqZtE^7s=-_A*+E(<m->)%VG8At
zV|bUooNJ*<aGS`vgh~wggqyctFMUKbjbN=tebUFl__AHXGe^Q;YTvq&SMdC8FMmA4
z-7w+U&q>iyVqw~*nMiMOI>wc8VR!L2VN7e5mr_uWsB^XFiS1lx9V$5Gp)HVq^+xEr
zt^1z8mAnb0V>EP8#b5#_P7t7*Fo){J|1Nys{jFC0do49HK3melP_1^Y)9Aa}8}_an
zY*JjCL+L@zARdQUL813^Ns)Ina+T^&rE{H2Z8FO%oAexCEcYZ}X$f15!^dAC7w<X9
zmkQ4`6Dr=G8e&_ThTnA>{w&<GHxxitKf7Sm!KjA2E9w*e^??RiX?kbzK;b+TOAmit
zMOBrqG%Ri+;~xDpCdNe={luo;HRKd^<gdesewiM_1l5t)y02k!UA4B7E6NAu3dJVw
z6FPE_$p#K(5*;#pGDKgUYq}TTi%H*pG~^W;N2VW2CpZf-O&{%=7Mq>CXP5FJfVRL%
zf2>WUG`dL3Zpe##sja-(wDqC}<*2AAl^kGAWZS|P-7|hq-8Us$`iRBVv?jGxfNa!~
z_GDcbrc-1ST8O9{3*n8o!NbJuJm$7-UpjVNlNlg7H<pop&R?!ouTbXhMK(C+`~)85
zr{(stxpZ$wq%>XM*Sh*upgn8XxcWev$<3+>j?|NmqKeR^o?qIy`>;zTQ1tT^W8vf9
zr@oE1saphBq$y^9*V$Jtb4}<vw1VjJ1-r}8f%X&XO$irkT2EoI6@;~N+g`GKZGnCF
z)T9%8cD1WUn0DY2K5%mQ=fq}xokZo`zRH?)e=5B_<ayScO75CtxVy_rpZ>i>hA#8d
z;O=|iEQ}?{Eu`~P!7t1ns_d2(Ar!xe=~m6%yeQjyJBH^!a^uH83R`pROtzKj+F6)7
zD!mOP8NutJy=#|!d1@9N@28#_Z*P=_=)gA$n5iur$TV_aRXM#GWbwAD<~$A>gS;W-
zcP%r|MqIS>6FkE2)Fg?`D2lq#O0a~C@YxQ@RHu`$i=wrzeTg}V0P01B+(}yDH@~D?
z!zQP)ntFWm*6v3n3aLzqZbj$)%2G@BpKPRRd%QtVzNlO#XcOH<_x|AZQGRz87(0$h
zmoBV1PfhJx)x14&IX&#POgDL#^*Rcxul<IFg8VtA0C%{B!}?ozJn2zwcXChl_@Hp1
zPLalathV)6s!9oY<|R}<=PTCZSu+Z9dhexASiYeNo@g}9FOsl3WP4zV7ftCkj}y!~
zQhvO;%=HxbmAa;-1n_Dm>5y;}b2DHH4l<6GeNxr5=w#(v5;Rg`CGKuNNJ)PrnV<$M
z82P*_5m-bUNk|6<wJek|<OH5oR8t;Fdzp`HJ%lN@qMhSIfX1jIbK)x7=jJIP>tpZD
zZ;n34y~Z%QDCC(FK!wkU6on(rja$LSC3DxNKF)DX70%(_vPd=BhlOC%b1NjEv{meY
z3wE3g))}xe@5Pw5*+iV`Mklew4l-SfG@EZyz2%uC_@zAn19dGyVB^W^y94x~TZ|yn
zUroPK_eY_nlc)frTb@B7;ye01TeoGrmX;1|rc&?-j5*}eP}~`_--s9W8ZtI8Zk~MA
zL9)(JGGhpf3mgyqnH06b?}%-08>}Wa?t`)w6!*>&k6S(V?@o;4RrOD~j1;P*MD#RH
z1A|2Stt_@$*dWYg!Os%OEU=I?H}6>C)IRSUcHZYisIS}7*I6#fG^aJ^W(k9m8<y3-
zt_L?qW)?A$94v3Qoh|ttZv+RjK+byAff|PokiiX*SJI&(yRxDCEr<&iwpoP+NNi)o
zlDD=%<nktEnp6&*4|(&LBW*93o;wJ%-_q>27QD@#K{WI@&M{92ZU6mR*Z1C6>7#L7
z$vdXjC=ZY}C)~yGnuBJWL#jq~+EOXS4xB17u&*#tOaDP`%M*k|Z%BCtZGS*E0!)B~
z>4R2wdx^0^H8;V55$43kczUhbgQS?|zNu4jW1vTC{1(8%qg8l|#JHz!I-n6DbO#!q
z1L;$&qIDEKd>PBGXLesC)Mlm`l-Tk#ae^2X3b`aa^LT`pvmPkVAl{%Z<fCu!rJ9ax
z<t<080c9Qbk@(h=2F<(Z<C0im=~e^dB>$uy14#LilgNOi;WEoGv5u8j14Jp=)+n&d
zM6=bX*F^gZ@v<;qwtLGN0YA^mKlubB;FU_^6b3JQfswGVdoCgcNRa|Q4ViP7qH7x{
zPPp?<ojHgZ<9}yJRVGudI1i*K{;Oc`B~yd8n29xOuZ5sM;=*ysXOMtF8?4ZhMPn;1
z(I4%3W_gWBza0vCi7@fCt;rrh1hW*ExMp`0?bTHGT{vpUfClcltae%OmD5+}FoD6{
zDoqoh+lwX`|5C(fy-CA(6`3~LDOr@ugHV^BHQZj%^}cnq=$aKB{EdIQ{WtD~l8?UX
zMWqec>KLZ-7t0ev;fMa1fthcu-Y-Xq_ySnOsvp$xK!HrW(+V36nud$&O&yL~*<{sW
zqO@6SU@EUJc%zTK`%B?Z4}j7|Lg6HA@I4Mh{!Iuo-UcV|LacAqIkG#1iy0NrUMknB
zqF-b#SYhkQLO?hqb|4sVZ_R9C&l#d!zB+p&2rGg+Qi#;94Qkk=gAi>jCc4t~TACRG
zCNqfqh&o$+5qPIMAlO&a8vGA$;3!{${#Pbz9x*NZTVh(CfqIfe4O`USv!<Rb2hAy4
z{J4WH&D>j*K7<0T<Xbl=&rpm=tY{*+6ZWPjl~R*Y@A;%BL4E5~V?+=3u=m{CQ{*h*
z^Ch6VDb!Qg=apy+tN8K-QFU|Y5x^&~q}k?(?Tk=5cwpP;2oLp2;4agJ%JG&5BbnJS
z{ZWF(`K|coLs!nTh=dl@bDFb9_fiW&ZoZ(RG>HJ$(v+{d3+c0axS+1zzI9hu;{N&V
zNe1=JfO!cb^HX>!J(j`VU-FGkl@gx}`)ekca`VL8E#l_B&RwkL);xqhN&ylQBTl9?
zX980SJh=<|wK0;wlnQ+wGV5)P*Z(QX>9vE8%_KIJg}zzD(=mpOJCh2*f^UY`Z?i}^
zE$#P~%+Ajmgn(Ht5TL%chd~Hb-xHkI`w~WWc4<ayVKpy`+vHD5%So#z*9O(A_~<My
z-hOH)7KH78sK|XOp#E~y0Ja}%oy0EBJPBS8zSem7;8bYM+URKoxO%ia$drw<__15b
zCtvBx#h)Xwc2AMT>vfB@eyYXkdDb*eXy~Q>1=^cwf7+q*A`Eqg89*%+8%RR9BT@|f
zoIGr|b(yB%K}=pXmUO8@sh0CxGnHdAPTW)VN_{MMm>dSiYzoUY#4q1<p>j_esv&Np
zYb-V6o99Ul6a^dK9izDqRvbi*J_EdGCv9@MXv8p}!;K#S@tM^vF6LiPiN|L**C_(4
zXr`=#poC+V8>r-U{)5$aUv(GJbW80M&dlL5#NI(1gXHZ_crJfy5<;jy@Uy4T$lU!>
zih?=U!T<*`R+cux!HCXJ90JdjifurS@D<7ETh(uGRT6z^%ia=(?vvLrQ>2VvXf#p6
zh+>*`#A3>)2x}N)+I3;kf>ZHh9mkH);<+_<$!Z&fJIb3OL>v@}n4w+B;_GJ_4nExd
zVUgM;6~VMkI2DPSU)$G$kzRK2J?J}TsUKC&)cvFp9xlZ<nH$XibUeX-efq@I^`*zu
zK);E#8F=!bnZn-tFpI!lfVi+%WdGe(kLef}+P&GgZ{}1-YQ>zK6Wh$9<~<2er7Y#J
z7%dvaqAV#Qy6;5r49u(68|P9k#S%Z#>cgO%kQZ;xD32$J!c50jr-moHhn3q!-f3IT
zXp`^zr{K4=u0BUl+F(-skw6zBP^PLly~Esd#2ux;0&z-XeBy0G{ov77>v|v<E9Nbp
z`*jrCR~jEQJfQF60g12M7V(T+*hG3lJ2zNR(ce5=_`fhoExiWrSR|t@raPX|$_ngq
zq*%{t9Z19d>;zy>)1-^&+`GEEV>@{#Hy_7L*u3QT%~9#^3PAVsFH+O9&LbsBIJPLH
zm~8Toc;e<QAPgR@6g8meW^TBY6jA5ga4Gen3SQ!kx=~2=e074ud7VRPC@EWBdnfMu
z!*Wd)xRs$*BP%35u4Yd=|J3yXI5=t7rb6r_9&q$vmZGEy{-v9D%S}J5F&MqA_Pl*I
zyD-sC<oKUHiVck<10rzem{+g1cV@$MYS=E_CFv~i)PBnzFRdKO8RHu&Igk{=`C1@r
zqi_}R@Mk|G$OY&JAoR&rZ;DAwmu|sbshHS)NYuN?ckuiyvXk}k36+o_>xboS5pH>{
z)JKZnn<me~tBu-j_};HHp;$TWT36gz$2-!P+2G@8ae`CNVlB3zV)TtRXVD`fYW1YE
zauV{lhU$MPqmtrSQg_t(QQ@j7Cp)>k2U7#cDb26qBwJ>0Lk_^Lw<Che@I*hOnzHzL
zuxA;G54Re+yrcO@PHzwIk-2F+NE{<=ceg6X?@*0S^2ZokX*k#%xg^=weO$}ik+g-D
zAd&R~!}EOKN+azspGGdITp8YWp02dQdHv;fS|0JfqGZHdcuxN~gFR7&LojYV7FROT
zFIF*;wr8GPPGoc(_-X$%+@GKxRSWYr#4|<TC}f=}-9{gzZ1_q78)wLSl=qz0W}FT=
z7JV%)X+jD;hd0iPxxKvV<LBs|Cet8NOG43659V(@nR`{i??Cf~aC66bHuzAuLP1Ok
zY^T03<$5y$0gJF_@8yyfayF#Pa`};ULo9}?l~jmuBSRhzRSUIQg?PS0k%fw`UO)1W
zUgMZ~cenF$;>p=}l5O|a<#U2ovuu2#$O5znIVa>IS?JAI&%VuDZ?l({d^If5`FW?R
zOE<vQ0hh(Y5RRjN{^5_e(C0<!^L~Q_*}}>Cf@y@v*@alYYu!s#A)YhN4~lqBVgLT+
zkDPXfA(`V*yQ)kp-`?VuXw>q~@%hZ*`H6V*`cEJo-!XZE#Cxb0Yc9<i9xEqS9<*@I
z14ONbFgG4*5FPD;j}rGUlubg2d~D79)5T9#7Aj90P!!1#-R))FtbqfBo%m))4Q2<d
zM{+w~i{1=iBZ@xtnRziW>7|wR%-YMJ%C&6H4u9w3Ve1cFUG^S7Ma6I)2fA!ZQ*G&p
z(mxAPN#;14DG>~rMTEphZf%MBZC2xxqd58)8xQLO!b;4Y{nDj5ftNpnQM-qz9m$hZ
z(8a}lRI(4pXiD&F!$F=+^^Y~1jBi-TxAhYwMUB2pA5_oH1{llGo)FSLBf|{+pb$bc
zwGH<Mbdf%btggR_L<wrjxs|F3$K)-o2m5RG@wJ`F@ef+=GQX;p{s4&@^xYsSn^maD
zAz;gIff=d7N|Z)UC{S7Z2CwCZ%WpXAhbR&|*Yu5FXJIL$du*!nTA_dJk#}KYXE@p-
z)4s0tpEbBXdmnw;s%m(vO1Q<FR9{zep*xk(M<qW4Y$cl>bfc89V=phk%%jHdbJp8}
z5{=t83XPT|)evANQAJxpS?c*_k-%!E^eM0gdHiI77raFV-y-ocw&AuCbGehWZSS{-
zrUnwFa@^fVoGgdrFe&AZ9?yCo?DhkO66|&tevDq$1A29v@6IHKz}Dw?B6FxR;?!TQ
zx>9OC^<NmY)ki58m4@^G$Pl^y1lsn3)c!*yf-6{zt0+kIZp)K8D#vV|DP?ER=vu7K
z#MdX@RP`Dub4ZC`;^W~tCW)Yk1Hpf?%1izGTg_di5(WwN73t=+YYE6RRh?-~LWo}w
zgLC+t@0bLyy9#&wkbu3bniqG)H&qdx*R3UTdT)eanhrrhS66CMA}%l=L1wwo?OV0P
z((miGi6^2jbG)ywN_A(SzPK(av#=^Fk?KC^^D~=EMKg{iC#oXCF{ATisQYk3MX37_
zdXM_@5+<ouGA#8HotEvfDt_XBKm8x#y*uaOU$W`My}Xr|27B`TO?6s-2;-z03S3Sq
zlNB4EeA^2_Nkq@+^8L8wM%hsCebAd%akGGQ59B7|`>{A9X5`+UjT_XraO1tk2*+OD
zgnW8I?ke#<yKmmihsONFADcfpPC`#oFY><RmW;&gMfE7m*1D`hM<1Qc2!~wsO?W2`
zTS6O7h-du`T<XSTKlPd=G~L~&IfeJ~bOkVn@(=rop@dgMQN=YH&caaisAWu=ZcbFD
zv4?R%&a~d@iIeK~7bLZER9wU9ch>ZyO~K>n{6ItfL={FGc^0Fo80@kgRF92Bhk&M=
zP%DlphYvqL4n)gK#i$K-{Rq=<J=)K|DN?|O$eypzy!af8+)<Pg&&_~zm~kbTO8-RY
z5i)tB2xp<8yA3wl*3L5$BbD!x=t<<^Vl1&qpYz}LKD_Ta!b4xE0)NejpGmEEv7>={
zM+!!yA(OK*#)%`=jqAtqCh}cZlL{IUhB5t%?|5gMdxHF7hgmm{)(@bC+DEGo<Z{=$
z2d3iggO(t&I;A{Zt@gr%KS#8mYlpg+HbC1^-*m|Iq9nvvesWrYJSlFaHLa2;a&1Ab
zfhObInu%ajRSCvqR7#v%kHCE+@}Ansd0mj#N%^msg{c(t4IsLGAy3_eey!4r8S6Cj
z>yQfPU;FtDrvHH!66F1q2o<%vCBkbGwyV1=ub<S!P>(JcP?u=dBkgUX)NOl8Uz{M1
zDzp7g%{rj@YSD{$4Nc~u-hF1r(7UJ>YlZT{vl%ackR{_n7dO7*N{Z;GdM{HnkG$r&
zqD!C4uPX<gv;y%xBkk3+dv912bj;h*llG`V>9M&W<*By;b!yZ2&XDHvM3_=f3aTRo
zPbKeAP1HUvoxt5(r+i)+>Hf^ELGkMV3Ljb)avEREuBU*vqB3oqv3-2!`1m9gUs;KG
zQP_8RXOSIK&Qrh>K`!a!rSL=-Z$+SFESNa?99kw4K#VyoMOqH>Di8B+nx!w4)k<~N
zRv><UX2-8g(<y&TSP>S5r4|X)n&WX}gs!e4QYG*Wza`z&wP{}cX)mVn4j+?`Le6oy
zu}$TI14F-AZPiTR4HWQU@3_%u`MO-D|Ejn~C%%eQXiWb#5@jDCT4plUJC;j^#oMon
z3cFz+VP<dSBhMNkz0v3y_USw}xHPNr#Z)uNp3Ik8H0dsw=ZQzFXC-O(XP4CM4Rg90
zx@et7OS(7J=-h3F(B|!E;>Aa<C?0hgPPOkG__o~iKiN9g+I{<Dm-=JFP98_yt)_h^
zG~Q|SlXKtKL`Pcwqh#;OLhlL{b646kLBEhbPl1%}a@eo&5w4z8HLlZjR<t5FV*FC0
z@YB0}E8VYr5V?l#Ju?f@W8oMn%*29B<6vHO&EeT)+JVTS>Cx=)%-l@L1@y4O<MZJ>
zuG4#?fivi6=Mwn4dL~6F^<zIf0DzJGT|EQDqXtl4X;xb#xWXzK5zwDFWidC5oeWTz
z^{T5XUVs#LReb(+0DuDUXXD2-$^dU)fofD^40iDVfHj;g<)0XUC+0#1$i|AR$$|au
z$6>A-5di1%f2{x`B@1M}D%>%V1u_ADV7z33ELYFTzn=#%RkA?tD<=XoHeCxi+bo>k
z_TO}tFlVyB+qZv5f;VQ0;o$&MqyPZ@|Dyc<0lI^M$pN`|extVIuc;K_1Xf8&{_RSG
z9{`YZb9Hrc#Q4hs>8^aLU=rUWar6^$!Kwf92^GXN%K_Q1P)up|r7O5eu)sy9`U|xs
zjE)he!O+VCNsN9+$BG^+O5u<yI0-*oEz=*3UIGA+w{me+cC>c-KedoQ)AZZ+PtkGO
zKP&-&SPV)Yc;|}Bc!^2b9**oB?vDSz3FFJ5(`0Ee6F4eYbG#}KWFi(<0stObA?05n
zo?~vx1F5fku-I+C>%k3r2Iq(FuRuY1Xcj#NjPb+&`mlQlWWqxmqQQo@F&}ZAcYpJ|
z^N~{H3^%wJ%>P~%5vBlu2Ez4)lOqx{AP=PD{tf?A@%HcBb~@nJs*97S7Y42Xq`#u}
zr~KjH)IhH2A|wOGUg5vgycKZNWL{zt6@ctl<88oo0534(3P852=kwnH*>DV_B9NKr
zH<2rmJ&d#>kOp{&(NP3)UPb&<v5Mxe$zUo&mz2_BN)>@5SI9plVE#s)SE5ZS=}`Yp
z=%0EFe;cgV0svZCkF}gE?5te1oz$#2|EnPLZx?@_)cSkneQ5lb3ou4N2}p6p6diFm
zBad5w;y4k>zXQkq!oZb)9PGd6<A4i>SC1R9B=Fy>ntmI%k;Fd)vR)<d&%(UF6G*cI
z0BF0oAziN$X!6@BxcrFS6?e2ON*e$m|7$u^0YHGRqlLV=qq{ls|NjU4xrzO4tj3Rl
VKLRq4u>sfs&v1K|z6Opo;6Kl+G(P|U

delta 35988
zcmZVEV{oKxw?FLIwr$&(*tTs<GBG>0?TKyMcG9u!i6_Z~|GDqyt$LrmclVd|sjI85
zx{kGe>pbV{Aj1<O5tZe@AuvE-{(c?mG!qeN0hQ7iq0g8qUjrk0uHh;pXZ_J<p=>lH
zaA0)Ts?rGq@`2`+M!T9zg?FJFawISJTRw9Wb|4tx^%TVX+9|A(ebCd?AD>iMC@46-
z(_J^%@6_xsQ?>K`5g%ab1~Pjk1m)vj?{6Q!J{%C4Zl8_e{q!MNqf!o@-p{S_8FqKC
z0LL+Z5)RJXhi?XU%4QvCY3!U+q@mDRr&W%@lB{JO<^Uw9`UAAHri&Fc!^k41=Rz!}
z({$f|qx;y?ZgZmY#TY!vKY!zTQj^BmL)Ujj=4Fr&soGIF$a1rDS(i<RRgDe}(5Yjl
zi6$i@V~D^AMvy{QDMXws{Im@rFVSas0<2|tslTm7<urz8X&hY@wj1ozNK$=c@qxk5
zy8CU<ok~QcZ;<?PfkLy?dk{GJZ2SPmP07$3n#!EwJS&^EDU{jHV%x54l+c}sjRKMK
zJG}8UNHR||TubI6Bf?UBYA`*KHEU?%)0ev=JE@F4+AVORs%1JRe3Apg3+m72DPYmf
zwk@0me#@OXO6FutC*MkluyVDc(4R5YwcE=68}l_ExGc|!1VR4+Y3P`03x(B%=zR~8
zBBYO|LScuSTl+(N&uc?MFyc$JpR_JKKcBppD+@}UR#Qos^+1+RW?He};)$%|I^9p|
zp}c)ZDL+oymcH_uSqbcc>g2lpAVBg>vPu*VDoPP`=(#5*3=v5<$RW7QqH^@P0R`h$
zxo}y@VFou+kkFs682zdKY{?dDyy}piad>uA#r6p;`^QB7qiB%jeBbee<6wx$(TPm1
zFgyGcmBBhmDUqG0sm;MFHwMXB8#Dd_bw%6JteRtY)G(q)QD@(9SS4=kM8FtR4%t}a
zW<|t`WV5Zci`Wc>)q+EvH{c$PVMGt?CkL;=(G(q5sm{euyu`{Z*x8oQ>TsXKOdle<
z%u(u*Lgd=E5*LS41)ZT0<I7NnYo87>h(7Dd&iS+M#adSuYPpXi{rL-?>Bppsb72>Y
zolnOg?DI(*iCHrLl7Q`E4Zvx(sg<LCqYZgS-8gOK{j$cIx5#3ce!5S<m}CT{V_!@(
z{T@QgF0r;hbI#9}yJFy^(=W+}BL$%MkUh?dhpNdkEvCzlo1V64lZTK76+~Slj{CC>
z77fWm$uwY`P^F2WUzXc7smz8V+M<ckw-UE7YF;H7jLts@(|1))f`HoUCoi)`Ewzo#
z4WJoXYX`3u#PFn&;A6CxG}t_;B3pr087X@+gq99e>~M=K5bv4)%6l*$#?byWCz5Jg
z@jI93NL_9#5G@v7a}4jD<HAT;4jKmU+IeRd90Y_O1_b1Pyzv4c|MfxrTPMpxpaW#$
zJGC)Jo>P}RoED<5Gw47?8j=h_kYd1s5Uz2E*e1Y<f?v)zWgW@^ONI&kaxceuE;k)>
z(zBtf&73dw-(u0UeHCt%u0CR`0#^fWg9&?)$CZ5V+ZM3UDPe6Rpq2vQvtT4{|IEE*
z53s+C@$rH$`O+9Bia)2<O{h|=SO9DpAU)7cr8I?i;@)nJ=N35Lp8pZ!#-M-o2n0+!
zT*i54<@sig<Qe5v;yp{6x@PMBi6wT07m1+D9ZL0neZYx}9OX1M@8^*WJB$PbanQ88
zMrSceX=V&Owf>qo&vs;Sp`8;1n{h&*<s~Fyb$EDAMqPH3ClW+~FbYjBU=r4u{|D6?
zzL|ym=I|I<$K-7eMwV8<J84YvIzA!323<fq-}Ft|uap;xmC~u0<zrYHJfx)=zPlfu
z{t@?GNgHh2C`=en_GNac=n24_7{Tp$WqU*)h>P!7-k@FTL2KsC{mP+3IMkeoxU*5m
zPiKR|;zFyE%l9IJ5T|}C0Eq+9`2L#aNuq0b3;QJxN+lonA{2kId=2YVlr+dHJ(-i*
z6rJ4#GX)|r_@rRca$?n#`MfZ`#gZ1Ri&4BMPgr!KO*C3Om1aD{aO^am-zv_V9H*9S
zdlc>yWvAXAOc0-Zj;SW&!sO<nkna)#6cUSB*f_m2-i=_DmzV`|0MxGN8Ztj|)v1#_
zsYe0anVjoX2!;b2FGR#0bxq6kEtt^yg&T7cB&^tU45h2YHN?P-qRqPw&t4|04I;3+
zB%Nr-ExR3#7XC62k%uo_5iokBINTkU_>SAkbMbq57pqUKvC;GR_pbAq!xbrb0dm1+
zrD}Nald0<B##GHvfb`Rw5j+Keki{#{qM@V7O}>OfH!AKaCi{XuF)@xjMgt;8%azD`
zoJ7D>7EXh6oa?lzLG$%bB*iZW?YQM?(1Rp4f7AP<j19+PId(7x%S-TaOA1zfx1YZ!
ztbh-m(GE&{^;JWWi=lB>m5j7Ez>yr0RcA)~O^(}8dQL)YfE?W{et|(w1pXEx9v@`|
zlgjO!xb<`2+pPps<&g4hMJW;&nO&K-j8DNuo#P1!Jb9W<+u8C{lm=<OVzE#O7wpfC
z2ySn%S|-c<xb#ra`De=CE)D|D-rfbk`Lb+dlViu>w^fz|JV=PeI_F-GE!l5h3}|a~
z0z6z4oxfe(0I*0w_PnT;TA)7#XI|e)WmfO^-G6N=MDv;o_Xww6s)H`8Wozwwk7wOw
zH?w<8rGeF4pOLNUTvryA*MteyzyYMe#0bOHC(W#<F!k)5puc5j|Bl-Ia{iSf^muXm
z2Z?W)fwzw)Z2xS^5b~|E(0gI9VDS^@H}OAI405kx?L7Ro!uWq%(G&`E1}4WBo)%R$
zEBdFa`qi)sJNI>kzvp*6U$V4>li%y-A%Tx6<%q9W*B1{w@s11VUu>XZz;(9b9>73A
zuKxb$|G+1?9i9)|zD~30H~bOYzr_|7IxP6#K_vN}m;$i<UCjdLE4Ss8_t*KkHy;lS
ze-%bXJ?2`#a&Wzyy@7Hhx>>7f01mHfc<p>k5kI@w1c_zj-Jtj_xDyQ0{GUV`QP*gO
z2gC2(3&Wm=MkHZ!%++(7SX^-2HxE9&yFz`Zf**hSh_OMN3#109Fwu0?Ll)?i<@0C!
zg<4^nHP!$d!wXDH4sfk+^<okrghIm-Yd|_YW7@TfJzUrwR3F!_kj^1L%x<y0Vu+cE
zGI+7s0KMrGb~LWmN8&c4woMmzA)q0vd#jM`0iItDCF#=78UD91sW`q7kvHo&Ms?cp
z{9~s^jb=5RD|&K=ah;tQy2=oZ_)9v+G0s=Ie0o6kT<12L0Amd_#Y^X6N2LfMO$;`0
zwn=B9+r&5@ke?v5-yR%_oy(=79%QJeH^g+cVq7RQ<n0QFu}}|2&si;@zShY>G0(W<
zhPJ|dd^2^N6O((%XgMmC)7|Ak_A91yUDQytaCgFLYu|cbo5LoaS5rVYb4ZyZo0!m}
z$P92iyKtq=VdPZg?rJV@YANLsCmqoindd{%ta&K~9CBY!>{3i@vb#iFubqK~(u}M|
zL<36&5s|(tFnU{DI8@v?wy_}K_L_7X&1g-#=doa21-Hn=VB5obZMXQ|VEwZaf>m$y
zP@6Y^=0+2o*@jS^m0hy39YK!x-4m?JiyE+6-wI14`Rxp;IJkjWnHzbIpqqQ0q99QT
z&CxqEIU~|`QJ0B6DMj1fndpbZZNU$xVl;+dLD;{q-iFk}j>%KxG7i+ky2#=09qY!D
z1hHlg-ZDs)CRC+xN@V0%%^&avr{tUVq<0Tz{KXQL^ePMHi`h(GQh-)90sBC)<a<EK
z{%WK~>~Wq9efy~0Jcdl$w=g^<Mj#mGOn#}|e27T&oahQV?UV2o3={7Q7kdfz3Pbj?
zKM`ji_RDyn;+U~ARFw@5mBk$e;g}^~AjPp$g5)jUabgkJPO(b21oa&ergP{hixiXp
z@yo7F&e+QlcwttRxQ#{ONx}4h7C+!cW_GVlWd=pn{3S#4OJHf^tZi!HvXW!_=+z`m
z&otVgl+7FVl@J1n%i0CzlY=sKnjU6U{zh3}NuP0>-9~$YG7HQ1O)xFr3F~VZ;U+~Z
zO3#&;CM<m&PE&)m#nAFrC3~0TW7@5n3xjlUngBi(m)`|^;GXbegwT=HTp18v0$1Ux
z4NB@qm_}9HHw1@w!GRak&k+>Hh4>S-yIWvW*$WrUl=C7Mqz;NXimC~VjU#KxW)LQ?
z<+0{?gzaJu5s&SGu==6^&%kPXYUxrhol5tp4U`WWId=@sn|S6C)bx>b<BZ(C3_b!V
zaaAmLRuJD1UwTJpFe>v3aRXSy)X%SKm;Gs)W_inKaERC*XLJVTUo>}%?HAYg$Ln3r
zNZRmKRaeGHX2w+|YGL&q>d%nsF`w$OZrqH>S8dqY_m>%NVVIBP$fw5c+GmFGHjzBV
zo;Euylb!2PT4~G4M<U)`i;Hl_l<Nz3(+OaTt*KI>3_#4Y)s5MUtO5Yz(@Fly^rY_a
zda~rVlm~Zs6?DTTnm4O+7b6<$7JOxG-pr%cd0Nqo?A(pZJ%^|$lT`6MopR0ekr3Nm
z_5KVN+PPmQxb{s@TAA6ffI@NJFlNEUGd%C~tZb6FC-w{c9~>+26InMPKtPJ2{}+w|
z$(WRM02?O)Da=prl9jm8Lp#Rxfk>G#q$k^+G#=3a?MTKN2QqR8gsSoCz<%qt5<)Kz
zZ+2i+tf(~4kV9Mu`BoYDetA%orUb+vPz)&^^jcwcl`RySJ!oZ83Cixg#3DNhi>lW6
zx?P`-oy$+dIq>*x58(iR-+|F(8do!v!_tl&00+8EPV22HKEVjZ>{|UTT5#Xe;8ark
zKv-~)jiKW{W~m3Gye^Fnja~v)DTBOTx%Mr?v^I}jfo(xr$agd36q^f~Eo;(xQe}=X
zG4@3)JWIB0ao{LuQ)p;5!*u4SC48O!#rH^WVD}_PTh<8|u)7n#ZorPQdv^5l4hp{w
za2Q+am8|3A!qIq}MzNDMyqV<5FE*BgfZG~B+un2?u(<?2gjkab$RORP536lF)m(n0
zi!?(ON84`luOJE5!DT5v_+5FagpA?3_eZk7vRrvpBOkXl1ao<M;v2CZ+xTq4Z;`p@
zM@|Ij#mnVYazAv0TwaYd1U)H1qZ9lVfDCR-SF(m^=Xd*Y<LlRX9$+F@q26}VQwl&9
zN{z03f^Dee{Fvsb`tf(aGR2Rr81e^q5ze3_fqmTM3Q?2hd|9g!A}zDV-Eux0k)44D
z=bB(Mp6fk`I5j6FZ9&v_&c!Vm|A_r>oD;c$$>?T-;zUHO8>iz9oE03m`~(Q(fH4qN
zL;M#fGh10Gq@73)l^uKNn^8gpsZn}E8mfC<*8Pc6gb=+ttr9E?O0j)<M!M^2j69@J
z+t-8Y9QYQv;(6J#e#YDu+}hF?@koJ(((a@xiww+KBdh{6%2jTxt*}~U%R&i}q13_R
zJ~0J}@;lOAXf0IR$P!`;U~4)xAnu;o6R2b=Ri~lA7fd2Y(t+1;m1>^J(5XAUz#0Mk
zaW9G%3O6hx8=bG8SIJc>xSPRZ`}^ChcO|OkX^0-(L}#45H0q*A^<$e+M4@d&7C$yM
zRZ5mTf^G7!q`{JfvWp*F+SR-vd#o~iCl{G6vIWi}=R_0?ODC0f@&G12AcD#Z-5V&x
z%OW!yv8CMn6$YB<KX;KKPbBa7BQ(lZed_MyQfW;~K}EHfS&olS@qRp4z3EP5xR;QW
ze)DI$<>5V*AjbIF)6V&xpy$n`91eS)wpvO-Fgee~o}Z_117%&KY049RvTOGp<amvA
zc`zw~#hC$DaZn?Iq(PJhfWIA{*m%#&6fiOXeMeg86L)X-G7)J3^-;gSD0Qm>O*}M4
z=nM9TLg;)??S*5gwDF!6sLr|QCzIph#63%ShYS64gb?X^;FQ3Z$jelYqAl#=T*&lB
zwUqqApqy_rt;22m2!S%eL}@dL<sww~b##4)t7Rf3Di3pnqVQuMzz%g?D3&CInQhPC
z<EA|Aphn*kg=*&2Lm;ESG`crF9<lC<zI}3Np)^)f&rayoxXqZp3f1Hh4Cg6A7FC^H
zJyJIAbO#rTgYV+!;Vsh`+)9GxpxqOzsknSG84qXApRiS<#%sDJFJGz-(Wrmx$i>OA
z-F81yA+zh0aMT3`z?DSnTKol3s5Q8itx;x>e@|_9<cy*5z51*oQ0=IO>Su`_Igo#&
zA7P?1QzMeBi`!qwy3MA-ETFK+R5bIPipF1MCC}FPP5u$Hj^X^6xL64#%x+%7h+<eI
zV|QLviCJt37>)j$x-c)(D&iICHGYp`#^_s-2nAU&brVP$;5<i)%*Ba_F!M@)uMfi}
zR<$cx$gaOHNU=A-(Vw{WR^n>UsAQS-$V@J>E|EER=|%^FxwI22fnbJVkdEkzBG+rJ
zLcuKBDGGiq$H7F-mY$Q*UN6+)dvM8yG5?0~udCn6$sO3amRtDo{9H*6;lF&7espaZ
zW48?CEkbQ>1E9KIWUhTCzEU^UrX4TW-BT97mflID-c<RJROAg>19~3Tq&n8pZT9bR
ze03qNsht22JMccJ(Bsyfp+f9(7Dz2lx2_!1c-vS=BTfEAOM~Ay?Do$~qr>N{_cQO#
zbc{wZE3Dd_j_*_X!u?!JdXcgL=v^;u_1OUYk9U3?z{&0i1OSBn-KRYjK>U15yyyQZ
zCNK;L5xylpRQV*?93(dN`J=R!`d)TL@rBzJ_>}|sj(z3+N$*bm#n~186_$J2XJK^I
zXBPebe1-oWe<kus{UrBk^~3_m5FGp(Bsv8s*q;F89&h`onfAZ>E!vUF(xjc?6Uj_q
z#2twN_WQg?JZ^KGCO@U<fF{~#Bfq=58nQKO*=Tv<YghpXnCN%=8mKo?+!F6fQ7=Yk
z$6uup!~@6g!Z>^J2XLQ81Sj#NW5m?w*h#Kn%&-3jjGuc+LBmiWAkGN?-SPg$fd8|L
z5Or(%&aeXYZ!(Z(Zv^|d_~4|3_%|X@@{t1OzT-<^e2zZ#=58~{thuY^lvX4+4;YTI
zB2uPMFewAE#PHM{MA%Y6#&p6FN0~lV1_Jevx4diBNdptS5z(B*tDdwYcRI*4E_Ok?
z8wf*!AgejP@4Q*=Jn#4_y&XNj#e*;$RK_0O$`?~&QLv#!qv=GZGsqvr3@7avt(*X=
zW3}q-$%C{Ma++A-l(JVTG#_{PbyBsH$8DawhcCSWVh0N7*z!k^<#<pnHEI2cmzVs<
z*~j)Z`n$8Qzbv(P4KX7$f-Ln&7KH5}Qx)0m0jbN@Tys>_VW~g(_p)0@U%kMtS(tR;
zFHPRM`}Obp&Qyt=&V9}3QE>E-F9!gUrw=pvUNzl1X2a`98^o6>^@a{G)6`!&44l=y
zzqt8kWSwZ2C~9x&-eM=MMBa1{W$Vl9_%r@4(hkGbAj$q9a*aGgiYKn})pZBc=AZ-w
zLs$~X9~MVOBQfnao_OgQAF#}YDz@Np5MtaSp&t=+!&^o%Q1CPo>Vsk@Mh*Z@^CO-i
z3XgSTRcaIpo;Uj3w6?Zj=>&4DRi`*VZj#t!x}0zGiY5xcDokYAI8(oG!CdHp!GFnJ
zeDY_`AzbPWq>s?qu~IZ7(7|Ze%v##bFN-%S<7{9<8o5rktQ0`K%^4~9je}<#5kp1X
z9~6882*mHq4w>NZb4K&R<d_0()NlmNXEwuckHo}fRk$zGO&zD1aclR}$0_^FJ4^eZ
z&pTF#?3sJQQRm)Z$qjf2zQ+H6m8~lVfv}+#(I_Sda@^I)VrfpC0KK}`>ga^_KP7Rz
zo&qje6MN!Mx%BNQv1Yc1KA>?Jf0@NN^R_IFw7&^tGi_n=qqh|q5a<B7QtlWXt+t9L
z=L<5OHFlFHyQ5JlZ-TB1YQgm;ES{`5Ea}zWWHV*`0VtWTL1Y&10s4}-QJopu4N!u^
zW}Tm`T+VVnw(~L!e)HS#9^ahpo;AhgZO#@v07pPa-+(c91G{HtH+OB~c^U$|As$*9
zzA%On=QygwqQiE1wRRm@YNy=NJJek9P_(rITn=k2ZW|;cAnjJ6m#>)2Rw>4HLikVG
z*s<mSql_CZzTjPJSfz6YE%_(Q+*kB}rcWR7$wHpLv0N7Nzu(1w0{BlsT7Zulz6QpZ
zL(&x0CZwqBH@(f$7i%;Y5n0SoO*xPnhzLXng_a8{pTJOa?rr=0iue^_La8rjz9Ki@
zIKHB|Lo<rZL|owj;^Fvx&ub>Glu}Eo)2)Z@zK8a=Rbjw8EJ>&bCWRAU1Uu>QU3JW9
z5Kk3JfDJA#B%5W3zvieu3Sf?2`8FuV1+Me1aDHxT9I7FoB*uo6ISQB*lM_Uv7=4=_
z#KY_<6me|eKX4qRk8zYl!VIqpv(ILza!XfB<B3=o4a7fSQqYcOlVx+o)eoB6NSIGI
zSmkPIZapq8yNol-Oh)T;6{FXy^1!vy$Hc|uChQ_D=yT9JS<T@M2Bf>0w0gD3pF~(O
z*`3((-K>Stns${U0G(!~Z^zKFDIwU>6nVUx!X~gUQ_0%WTTC-K3aZ>3xtW&Q6`qID
zb5(!aQjXP66SQeDbPc+}jvY9N`z9-w&UG?19SG1~tKDmEGu`ouZJ|z_HhEPw59C_d
z1(u1IM<wH=gJ3Ed1LQ^La$Q|oH475fs?VMHB?BAe*Ym3z5ZZG0y>=qJ+Qow~2V3jx
zL=}#li=U`wY$XiS5++hRG!MHvaydVR|CmurQIATF$rV+o+lG9WjgCID`Yl2BN>Xm~
zqnfa)7qfO^r*YeC1eADT4&kUYAZ>(NZw@rNIa;-ZX?Uoo08|PFm~>m4N(VzEf~TE8
z)0>x63u;XDM>N*xZ1W@dMlI|s*9JLp5iwU;Ne>k;zne&mY<fzKAj+4w({2zx*<zN=
zUR@is3*MF-@G<kE#kuA<td#R^VSFpR^Jx>G?gq?hwwvX2Gc17<Zq0S@<9g`)EWLcI
z!|9w0`Z(R+0bo};k6mVm4EcZwYzJA|R(0k1cZv?GLzDa}kI|^mE$!;dO@U~uOtt>8
zt&v^lw0Yva(>^QV71^WIHaL^DFX)iHsvke#Ne$fw-oj~jS&MswuTD}Euv<fS0g0!{
zCuL1IINbtQBINqDDz&cJaYzf}C&6BEA56F?olqr82LS#EqZ#(8e-j4VQJha@>xj^x
zp0^8|MJ=kc0z*rBJP*~jk09>hPY04a@d`Q?`o98QsBhG2>*5vr1I^)8*$y_tzO>LN
z1!S6~c$%J3jc-Iuh!dV@<*%SV5l>1xdxF1_4(gswQhAVIhk-Lfw4rVUszwlyh!~Lg
zd64=x148p09+Oa*#9wtI><^9aJzlvNlybldL$RQ;a4=Ml0u!l-x{rvEQGYoc)Kd#m
z1ZD9Y$SM$EPV*Dlk)7nmp+9{6D2uZyN2`x757WajCpL@l3*zXCrG28cT(jbt6B@&O
zg5+9Dx2~^qO7@FIUgvHf=^b$vP`ERk;k8YRSM_}7MnL4gb3%_t@lgkPMOr9^eqgmN
z2tN?-N(NtItiORBK#pi6Ml}=Ohj`1ZPB#B-@}J{|y?zsR=D(p<^?!uge>Qz6qU@0W
zwsA=*DU^SU1T94He~WzG-~TBx40)0N?eI$u6o7LN^uGov@Yf~Bi4_zuio!#P%L5lN
zP-`H?)3D%e%F{*;f`BJ2gwmD==3q5l5$y-P(QiRCbR-IbPXxUa&|gR&7Ym0^6URH5
z(z39>CVHN?J)V7bbBRCyToVLv<t#Tq@mDQG8X&lbJMkZa64EzF4H1%VRqWTIT(79a
z0($VS7fkxi6GafkNQ+&k!<Ja8$zxDY;%)0i*UE~BeExL*tY{94iGy65=tmkb$+5`w
z;cVw4^ED&E4jSVj9t<QCIx~YZLm0)~8r$<HMBW=fAu@eu36|mzm~_6ea4N@(->;7w
za~2;%_e`oNTiXX#zsH1GaS|-w<^<780`A$;lPmOca>__@)~twF4sC!$k<UK07V*`z
zk&nDgk?K5em`hMUPDGe{S#P}J6ihW}r{wv`u?-xbbX;kRe{~$fUC4UyA7!jMOt?nX
z8DuH|-IjHyTD!9`IK-J_i_5&y!Q7IQli)0=8T6<gGDXg>S)hT#6}{Zd+jqIVfOER?
zn8tE0vL2F}PHUHrVQmuWC=BoMa^54IxNYifld+lcl%SCX)$V(cW0c*!Xjj&ru-vl`
z#T~+=ZLBer>l>v<ezCWbwxRP>hiY46cr>V$eJb!vkxZ43u0OW|hRQ5$7#gc<3Db=Z
zlMO{ZMFt`>kgMCZnWPVHGPG)m0HIY}{P-AE(_9_6Ji>12hPiUyCL^|b)a+7x*^FSe
z8j_v#G)qOvPJ5-!MCVBowhOOy{e@NwWPVh3kA`?XnjSfyF>Yr3wV2v-QV4dDrbfT)
z!0d*BetOT;EWRda{D+~TMb2A1L#=$*A1X;uJA1wta-#&?l-nUPCaNUg0SAnD=@gKh
zwtEf)MVadqyod*?^cinR*zX42R(pQF#(QEE9KPmzX1=0~bDM7tr}++hY6Mo_6v`Px
zm&MW~c?##|%l1P8=k7wolA(IVRfn{odPk$76!)70*$FPVrRU#nt6DpFK3rs1T9L1l
z#W)P$r)HH0C%qO=`o;3l0ZYM)aZf3P%dc!Vfn#-!8v(Csjh69WvW1^!6`X1nnX_qz
zmc?J`w=<fV>($NYpv`FyKCtv><bCA?u|hLYf>MP+d9>C!Cv1Davs!soA2nn|=(P1l
zRb=dvlPCCEzfLAuY4@vn#eHlvS5h$|>D4|~{E}9sA091I65VIv0BNc8F1^Fu*1Vv7
zVI3-`dlDb-eKJ`VWk+jI`%}#&;Z1YMCsB)t3wif~h&rupQ}U<BBZ{LH$hdUTMxC$U
z7JeM~6(1+oa<CV7?cLi&RxcRB<ER(LO!(#KjUrGc9jj#-+HzJvWZR##B80WKGY0Qe
z7HP^ZYE>oo<}LB60~W?oun1nh`=J7>o>>`5h=F0Z&TRnZGb#GeW}k@30x-ILPkS_3
z`OI&S!IRqBxd9O^w;ktt>Zq4ImXv1u2}&AyRKNdd2U*NVY{){H&V&BOF29H`*93^h
zzOr8|8L=9DAj&Q6HpqW~GhY0(R{J80b&!StrIDj0LE3xA08~N`zEadm50@GvG?yo5
za0X`4P7}e*6^J=7-wlDgU@4ehLtLCG3!^w@40pro<MPY(ft`deQzT-ZHkiY~Ls2b^
zmw{ys!o#8%$dm_2FsQc`28@JEh=fq2W7MZ8?N{l-YqxGv*I71zr9qe3t;v9@e5rq9
zFAAWTV+39H24u0pUNofkz9@f%)qX~M6@tlyMzy18(^uB(gw#u@lhe8uhk`0C?ImQy
z7MUXLV72g&4)Rc*9ORUbJr@QtJdx?xYh%-$6KhKoL7ujlIvld9hi)pe7Bw~mcz(aE
zfH&cA>Kg$&D@5figl#cJ#Tzm0+>YxloFF$(C@X9-2Q<3h!C#J7Tl0Bot7Is+Zzij0
z^VXZ9t-4n}EQ4v*@W&~a$pYtHlNcoC<20~G_jO-aMD->7(-U{AP_d>|s0-DjEXBp)
zO$#x9nL=tta#dqFyGFR<mFYR_v6c#DO~DN=u(#Ki1S~`9E1f}I50sV1L*}0E;r@mP
z9G>IivKvX|X%!jjEA8+(#hw*!`ghj!$9?^KtTgmqjfL<xM+U?F@7Wc@l@1W8hpvV4
z#dy0`&jcsZ9q-vfO5@qAJ`xq6tb!t|99`2QcQ1{Vv|Ya*P+rs0^6a4J)3(yO(Pc~d
zSmp2)@Tu~_*MyH~JN;~7xzp|CGI!PY_3;NefNI)$Ep(r*`G6*v8dqRs4=1<`oM-k0
z7b+|aby$5EJb_LUT-v%^QWX$dQ2=Gez*b9!`At`hkO8wbOk$h`5EM8xRt?7;kP~(+
z&E}F+L5oSv5yCPZRSM2C@uCh=2LG}S=07`xFw5eZH=qN>T<)nN#!hcN+5uu{`u+pc
zaG(m$aOe_mr$1Z1XGEym0EF}JywydwqvmWl&@HZL*~Hd6H`@sp)B`XZEndiBs}^@z
za+9ZD(8a*5Cv5ZNOG%9jy3q5G<l@KFA|bFTUWA*xa)xZ_<uaRexE}AQbx3TSY_}=C
z8YWEl5yUc*opLK}qtVvxCP<>*a#SllXuD}c+aH&Yg7gdG?UJ8z^`M6dzlkk4HPjq3
zfyB&p*Qe8-x6{2hW&#M3<&v6FNaR#T=D3!Az)TG>R8kdh=D8#v>9!ZBCt=~Rt~S?z
zp2ut`>Z;OdhDVEx%iMQ&Y@?r>ZZy?N{K`R3-lp0_kSyv^;pbx7Chbz<x>F<c!&z#;
zci?+sv9_8Y$VYd8%RdAm_FgDG@FOJN6N7Y<IPFv%HV;!!EeC9Jf8VV({&a}%BqUeR
zTt()2iaejs&l%5*n-1f#jCK?a!$kIyXvyVya}E^kt}>qfl$PQqDze>CsdK*ogERxD
zwK2CSpZZaPo>i(XCUqn|-c-KLWv)xgO)Dnm9tN3f(^|dV=zG~ZRQe?I28Pf16x*&z
zBgSMU_5q!>mI{cc4S#k=-1RLqBldQ^vbv=e%Eph{%~-1cfOfr-NRRv55Q1I{K{`lt
z4TIl3+<YVJ$|sN)DJb0ZhgX+8bCV9qnKY8|iwmd5la45vwz*$4$2{7r58<FN89KY1
z`F<1?EiT*%`YY#O9ibsryr_&Rz37ZE^Z6e?eCMk@2m-{}wbvecAe^@kY}oe5zb3b}
zv1o8gz<-dNu}Ok=HJW2TW$9??UU@j&$skK485{Pu_(9X6@8=~U8X1|+wpU=!+W6E>
z=*F}8$W%03o!^bJTorifoV$-CxmztdWvow3>yi`oZSJ=`<5ugT<>6}-&oE~N9lH>{
zbPEl!p#dN#ey|l7Yr%d+)$#pu9c}IIU>u?FV3&;HGURllz+6haEB8towNq&~xz3W4
zqqlptOW<2g)+S)0+$*8XZZ4Bv95*kPAaZ0#z4g)dmulHrfL*YWMPNMs!Hoa=6CdbE
zln>1$m@Jt^#L)HCO6Ji0B>*Ln%eD5i6V29I#S-w6QW#lTNc|bq<zw@jyMFOqBTpTU
z%Vw0)4_@!Qt9nmmx@eB$m*DMpCD1l(Cn-=5EEa{Da2r&w49o4IH~5!tBDJeSn2$F@
zB8`hmOOz=h_4ejivf`N{xWPZ5FcBbvC#98hMf!s^5+$*8@1Qx7x`O`j)02s8lTVRn
zOFsedY#c@5-IWpGpt^amKnjU5O}Q(@@lT=!%h7*nlkwH7KAPs9i3Q_)OU4n8jxY_!
z5$)m$={aEW9!6cf=YjGAq<X6t=D2?Pp)U^&{Aqf;i`o*OaWWfWu(d+zj_lmu6K%0H
zIcB(cJF{JInyJ)b$QwxN2ro&**VaX!FvA5nrz1maO`9GgXrg*xvTC7IDHQDMR8N>O
z{tUY0I%)Wfka8qxr-+As2L@Nu#n%IDjWNB%yVZzdV|<f#zTa1r+F=Cz%yL{(wT%-&
zA8XK#F%FI}sfs94kiJ4M;-Ns}p^}e@W|fa}&OxWm!M4%Iz^aA8XEy}{z=k(Vu&M)S
zY~WK<dSkWS&}T3PEZOkJ&E%ZuK?|#3jvIbmI1tn6=*pWSBJDegj5#l=NP2F%2`pud
z4S6-Ac!vac#V8Le^}Aog3cnI=;TSscM-MQPFQZV?wyTw6m!YD~6{_SEfXpQgqbAV|
zq5tO`O%MDB{o&s&M)H5U0o?z0sqvr8q2S$x@NdF^5C8U`grOMKMDcIJfNLdACa>cH
zWDKJV^v{99LL3AV_s5Ism-R12K@<GhaGn)>&bfSl`SXiEfQXMYt9^cuR$srr1f@zF
z-if#0JD>_dfm@{&Xr)b5dd|W)T;N({s<dNfT{5<zP^=bY{G6(J4Jx*jJLDi_VvP{x
zcTSs<7C(t?W+UmF1C&XTX(JEuJwN&c)V7pxr0rXJJgnaa5Z?{Us^A^Rp_9hS<?WpB
z63$BsY6bDvk)WZ|B0+Z~ZN$pkM24Dly&0{m$<Ml_70=S-YRHzwRB%WY-yxf2V3nZW
z7gSQrtzCMhabcmhH3VQq?&2b~nbjVucG>tdz}1vEHP9bS-#T9%KZ5DonSrkYD(Klm
zayJo-t#4H0aF4chWf*mMQQtg$znLRkex7L*mdI7l(EFtB3D$a1A&T`}A~Md@Cu1xA
zYIQC0>jcieTYOZ}Mx3u&CzS?R9vLj+4aP&wNHm}OMY`jcFMx;W8TGe1`bqvG?@k9|
z_zB&n9k6NoAFf*eF5`SML3++oIl!&t9I08X_8At~#*ec48gx{?^Vax8w^jL|$D@9!
zM|+AZ?kn5oHNrS`E_odsH{|pO{bzrr@8yBD2MPj$_J6LH{C%?NbsC`1fK<(0B?1kM
z&+F?H!myDQ+Q+gb&<X|y3oTnact{5=Tb2Bcl9qrL!mz39el|HPOPRZwHE2HvUz=D5
zUG!{g)2fpB09AAa+jr=9HF;m<xm=S#LM(Ezlh2n~-d*13Ef>o_A2%ZwAPyPo^8rJt
z<zrQ-1c}b-A~<y#2RLz4fU|@J+QX2TT9{5u_5J#o)sgow9L34MBU(xj_X7E0v#93x
z2_Eu(L)`E1X&&Z}6KCnHB!|^89v0oyhdD8>5W%S3!~+sxaNKr$u`*%5{LWpC_`b{k
z@L<`U<Hw}~Hl<}B*V-g(zyjH}9icd}=Iwg>NlNa`^p!KPh-u_w0Y7|{iDys?ANAQ^
zn(a;)!{ynx1Z^S&i7(x9z}jH#qd4Oq70%eb2lpihxVG0r1{}DZ@1*ZNqp(ieZO&?8
zq&OS5GUSit9Xo>E2S~BP;?}+zpWJ?Qrpgo>Y&NqQt_hiCZL(uHC924r!nY16Ws~{0
z99266QASZANGwDI12BAXS1-3}iSo3e@3V+I$zj6CaUu`E^-b60(B?Wc>s_+y-8r^f
zf3I_e<>Fg}tf0_2{z_0OBnXJ!=n9e&*1#b?<r)%Es$(3hiOF8R=;F}wB$KN6?TJBr
z(1=sZ!m@FW6WbqQija~gcslpn%{oXbn=SY6Rp7>~Yg<b#48Y+y%M}wjHvd36BQq9t
z?BFnjn5xbCh8VB58Ar`sH!;F7D@Zh^SfQQWoFow{!<{|vv}E5&H~*rl&UUl-XQVHo
zs229~R;vC~gqO?%+6W;t5;99y65)~`Wy{9eEJ&DjorN=hDv&T-t?idKeOOZw`c^&z
z0m^(!$jElcA>gQc_D;6esO>SPJlRS9QP!c_7g;0Sv&2uP9pSgdTT^or{o}cfqsmQ7
znoA?-J$%O1)0p>{7+seaaY18*!_uWb@9RmTit)Rx$Q*AV@GbMwo~X2S<=p3F{+V6I
zXnu6Btig9wcgoqpKc<pZNOxSH>)o}{#QM=^;hWYQ8lb201!>`(ZJ2yvGXzJ}x>N&v
zhBPZR4YEG%#Vn*ZoF)<rkKP)p_uE!eA%AHbX1Fy*+M6}jJ&F%b{Y%a$7lo!^$a%Z~
z1F1l<Ed1INM?RowSgg?+mrrtyOVw|UEqtDUF0WwYFajnH(_W{uEoc%f7Tb-kXFE&%
z?pdOWA0Q3m39BInA5ppd;K|f05dZ4}Nf$HKS~&hRv|x!)h;DoACw-D`g`nb%z>;1&
z+BKGSq7C)>s%-Bu`cgIaG8}c@dTs3Bww-@4oy(dFdXs6%HKO*f&8^MPA3ICfV7hME
zT^h*q2c5&VB`^2efTK=5`b^)3j1RK#6G|mKJpiIvO^~Is)S&}SdobQsQRREoZCwT5
zH4s3wn~%SHfY3YSCD1?i0{U|gRcMHyci5~kV~h;z7CLW_nSl*ft{P9c5y#(DP}>sR
zbF%ip>Is#o;qoQaFUn{gQNRrOcC*tPZXZ*n$a)M?B{*c+#~=XkuS`bNiXwJ@S74~d
zu>U)rz_ro><o}zb=2Th2gvmiwcgEIMW#vxQXr}ya2S#Iu@cl;q`su|?9aUfUClRAJ
zOLX8`x{xk91d!^*`k)FK4_$#{K^$G7S~yliZ!Xuu#6u?rA@l7a*QM9xWXt9H{`^Ca
z9)ypzC?D5g*?Le7lpx7jJCImO>kt4FH+h!!m!FK79gtUyrF^+jc2j>%gb%j3Xx`F2
zUW9R;f`sJ<Hbpom<x%*cV+mYmTrsvVi<ogwnb9dW#R+MM1cbd*kXbhM4jZ6NB%6Ia
zHQJr{O2)n;8~?BmP9-{gTK365F0uY~NeGHly>!(*OeD&Jx+9;3Q78wHoxA6*`g0tm
z5J8{qCCAS4uS;rMzqp6<l#uuo<2E5$!!||_fv?>}&h3d!3Ld1UPMfhgf*68$MWMVF
zc%AfvDzO~gmZrGLdX9^;yu*X@gs(;`Ub!)jC1kLxTs0}!?s=>Ozr5hu`^zaBc{lf{
z<x%@|?`v{{C?hmupcVi@9~i!ns}hc@LV4QZO}av^QYbNyEJVXqJY)HZ!!EVIt=M#h
za1;`FvK%*GMXAMxO6e%7$qRUfz$GIUaP{YRH1Z-2J1S@$*{_}-`PjE)J8Wtyv|K{P
z1d}5%4@J7e9!%T&`>o5&$Uw*=WRx49Vi1sB?f%-tnX9wSxd`|Nr|&3g(yUjtB>&h{
z%dkQdKq4>CE}r^SBbXBGCJD@%JP9^g(}DVnQ?bYYk5g+Q`m(9bKQtwmDN-kW+<BtP
zpJG4xrsd4EdnrCN{sjsLnZ>7QdntkPcyn<CBy2DLFHmU<e}MwO)~<_4jI?nCDAPT`
zo~aHWI1W3r8M1pFa~JD*%VI<eQ*4w8sdv=a%5^XHQs{@3MltGbTxq;+5ww*P^3(CI
zgB(}=1u6{cAE4F+L|afd%2%6S&$Fc@1Mi}F1rJmF{DfQt9n6-_`3#(q3@TJQ)%7O7
zPfg-pmJhf5v09S9kJP{DP6Q}X;|EI$lg_v{#{;XPsv=LQNr)nMG(+~p@N2Sco))T`
znS)!xg+p$@Ba*Dk8lo)s<U$1L`OLieodP6H*1t6+ysgc!MbBAZiJQ*^|NI;ua(I!_
zu)*CFVgh~@4vRG#pYx0U6{=^w7iO2NQb?p`3>Af-YAwpu4>J`K55RP$?$hN~k+h3l
zT}w)~w^@#BAgNqqFetX4N@=g<F<+T4{zfUlfKVdzWpWO6T`PN05^Um~o^Ln;3HbR9
zUY>uV*KktLKcv%CrN`+Y^VbH=R?l^tz6Gk!&OnfMMSO}5r~S3VcgpV<MHafTe~Eft
zIA|QcD7l^VK|UI-0#s%CRwsOb{bN*?KD=2^(8+@Ip_cM3=fy3e#&KH+Kx+9;@Pqvx
z{PmVx@qjvKbj}mJZ%<)sVDkm@=73v&=%zhX_?Gwjfaud4?YcqteMIyn8*z`AE9UKr
zjHrIqIo!Zf=n3ngiM~3jXAVr__t8*tp`<g4l{g~W%8?rh=qKbq^Ha<X-XFieO1b<W
zr0V)80I7V?p6VJar#Wv_4{Tnr6CogCgx)Z;O98=TC{f>Fq(NdMSSaGnDa;S1Lo9Fn
zYN~=T^)w|QLt*hGw6w1LYP!-|JPf8behZ)Wa3{;)%nSSO_B`kMTz8!2`QO|Qe}BG)
z3Q)zo+k@*K0SDe{+BiN0z_)eYxu4%8oG2nY0)~DqZXJ(y3E~VBW_FvGaX8y-6t7dx
z2rh2XD|B%@%eeG$bd`90%YrWX)5U=-^H9(6m2iS;^JIQd^pXMn{?d;B6J<Qv(RUI&
z*eN_tN$x8qZcg?qhr^@u&WpQuFObYvCc()4ke-O9LD<mk(2fYl0?^GA@>O!!cO3J*
z9dM_BoN|a{v$J^T0QxC)bQ>45^Y^JB_r?>q--#g;#1K!6jXA!HQwcBLsUiD^{p`Af
zN1jfZn7f@~c!&GC9IY$)k|f#fyt60ld)WKB^|A4vzmp;~!hjQ=c%CDAhXkaaaNGEw
zhJB-cL`gIalW|F&0+(WoN0^wO_yvl54q!{JNS1nK$VE7Ba+_SJ$c8@I!_Q2S^CG%e
z75bUpd8wYShK&1^Qkt$Pl<VD95f4pPEC*aw_z;*E{cyu0=`kt`<U>r_H_i<^<5<Fz
zWtY#|U&OfJ5G^Caja#bFenqp9b)!S)k~-(mEn{`Wy9|6N@8j^dfuhbfSwu(=1Hi^4
z_lo0DvFwobcjo^v@d{EzmjHu4!<e^83P4&qCpo9SbY;<lQ*Z{Vb1OXbE2tL$U2`ox
z_aw7u)tX%ShE1$n6<tCu^mFNcG2+<dDQYav%@snrmMg*^7i}m+yXsyA8WeZgL_%+z
zv*aSB_ez$Ln_rgj5uTS?5P3$#0TyjK9_d}-EPwQ=mg(kRxU#wFQgV3Sc$04Sca|lD
z$CWOxFd+eA`Dzv_WVGS=t+C)|h&*HC5~&K+mK0c#yG1$`8D&n;F;*^`XTjjCF5Ncr
zfs(m#%jZ0~ajWML(Uoy3>#yRuii_vw+_?vVb?53fnsP(8Kv%wP1uM@z0CeCN$t^L2
zf2pFCGY*Q2^TIk`ZV|A9FPA#aqZb;R9be!zS`quqwLlU3+_gb5z5QGj*>b_CM2B?7
zf~Yg6cHSmgG27xiby1&Eu5RTV4|S%6&!7y5m0P=d4wdWZ`skiKy<M$Vr3e6?W92&j
zu8-X<1+E-reqTLDI=@*0*kmhj)dCHOI<wu+n$=!Cv04_Gbll?=pD&hbfqs13bwI~l
zqWN=?_5B+@!D8SL+j}@iXSJ7jnINCwMd_FTPbgjS-~V#BC{O@Q<`bmE7peiW^9fb~
zUHAm+fbe`h<v`(F@NNoQZ=Eu&oExp}$E@+1L4~@mb0fC*HfR8H8MlBZP7m!*M82M5
z&jFLi*6h#2QV*2oFei?%y&3_&b}sD|9Q#V<syGQzh2P1ZwY&uTyg9K64P556?Bp;y
zsd8Di>Dt6G`<3iktxN2as4-}WtF>IXyH*RjMl0r{lZ6YTjTaY_wsuk2?OKp_X8Yq%
z5MRCZmK!)R_8b7I!AouiWKPEKky$XjvsSKNVhk$;6639)RY3)#X)xr<G+Aps3>Zw=
zL@|(7+?;L0FW)Sk5YdZS$RDN2roTs)%$}?t1u-^+9jnMe$!HtUtl`ueIZjowPp7Gr
zLMDUXcJ~AlFnBo%4*2|_sm5uLmg88#sWmXf*NdO``JM<+56Lz?@h&hvgu=&n(0^;9
zTs&vrGT->QzH+)WIts^*b{PB0_)F9~ae5A(3-XdtaAOKvis60u^qmU$$zXiP+}3(9
zcU(1yDksSx6DE~b2hTN9IAykftO9IiS(9dHsuwDRwG5K6gxZ)+k(k*?lcs4ckiVTY
zXKSWY$BzO0y`5mEOBTtQiFoqLO3ytkuVTEvGs<Ur&e6IW<wTe*(l)7_th3x`S%RyB
zp}#(!5CblzP_Smc!#A_IPKzaI3L9iK`l{Q+iv`DhXSkD^c+1CI;`Ycnpw0MG4>Qi#
z=SFkWc%`;=*u-Wj=;5_`!$~b!2frznw9iQ#&qW#FM!((;w@4U5YyG>RbWNz#ih8?n
zz}_A!UY<H`U37FnuKl=pQ24$b_047L1R~eO=2_0_;Y!Obwi-SpY0%I6IKnk?486LB
zvuJ^|NHSIwM^!uX$XvxUkC(P*iLHv8V+3znyF6`GD_oDP<zza+dUw;tt%8B;7H-RY
zzUvW?CvpRXhVqjpZa8$G&z*4`t2Nn!d~6W;IbY`ZI-Ngv4j<fGT&G<_ST5sYV*Xwg
zh={{>Ypw5KoE$T_$RX!~z}7=EieNvW3%)Abgroqjl)lbh%&V5wbZZYjmuOj%zXUr;
zSM31=Aiidyp5eb@6?}cB+8C49njD_dRoVa;t285*%^$#oeJm(e771?g9|=F=huS$`
z^2ir@iy-m+slAYJV?pfgo7T_BF=Gd;mtvyU{8?_z1uU4aSfTQ=pafR>fwvgJ{^Bc!
zqd}n$r;OU>^Gc8GqK*<~<MvT9BpHsO`oaDMN}21X!TuxkhyvJi=!~DEjxF_BcCCP2
zL`b-GWqzql>n0t&R%1tr-@~{HEd(?dCt3KFxTDi_Y$>XEH_ICOIR{A0gu)jfZ9ia_
z5kh)l#qvfMtZgaKwh~Nd!hX<i*RUZTtLVhVJrSNFSk!}7+NTax&t>ZU(%d#r))zab
zWyWU>f6%s$?bz5dF85vDR)(w$*ZU3NP-lKsNAU~0sCmVyth*S4(9U;UHrfM65I~Ce
zXkKgZYeAR}9VqR*#nU;LI-}G~$O?I9FPp8+VeL`3_eu_=hRH;tpnh{D$zAi>k&z;N
zpmxjixK}eJGCAVl?|#K*u6~T3;~smTL3MGU*+O&J+WR)m*C#z&1BGXsfOiGZ6hq)l
z=};SD8CDskg95X#utx<IL$pd)2{o1Yn5+gdu$@WQZKz*@ow=$eV9qFr5XL~PCx|hB
zG?hf)6vcE7TwI4nLS+-sOQbL<Ppr&<6t){B6HDErV%?Ii_g6^Btb|KfhwuW3rP7@+
zcm&!TsU|k|Sk>BarOP`Y)K~zDRVvq%i+H`uS#23MwU=W4@LPNXFkF4NwXtVlw5a$k
zCrs!_hl(K<J0yoPO5A9@5M<lu<_IXCnCs|V>MI|J$@t_PK>SQC?GwWZ8j1X&(7dF4
zsL@eCwP%FddE;juhhbaD^HZ<b7Is?=%eInzHNDoMQb9W>LVm?vH;M(I$n*NeHeBG&
ztU3*8NH@s$4IzJxNkI;s64}Z{j*7C#6W)DavDB_S;Nbm0AyZ~Wx#HUxA%a`J{X%xK
zZ_V`jH1=efO@(Vn0TP<oWm<oEhLHwmQ4pdjn_=9%3$X~FhH6tsLxI}m1zFDT;pf^D
z`{p&vaPn{Mlqbk_ru@GFFYDP7n}rbz7sl(B@ODEfM+{*CWHl?~_zbcp0Kc_9CJejV
za8ri00CJvi3*on1+{i3|WkcZVUJC;&JK9~DChp)0MnkU2vSmocAO4gRBU4G9>jw4*
zPgivWPw?zbb<UX@Is{IGtDQDxjX16)1X6xaW-p?_eTEGbeFrK4ki|z&ZEdcAX;5eA
zW+}gOK6AU7j$y%{Y8Qg85`j~Wu<@th7>;c#O`jGWSo%1UDD0_V9eQsyq~Z_L*DK7P
z+|Gra-S4}Y@5|ApOh?U6(F7yuSZ1&9mAGM9<ZrsmExVPq60iCOZ@(@&IkqPQc17c%
z#N0j+Et`2z6~t5l4H_YOc$YlihTrwu!#kpmAA#d{ZZ+lR!MiJ%dLecS&4$(GDPmcD
zLv<gf>J~+EQWid{x%I8A1e{HR>qKHR8U&oD6?AP`-^(GR+O74D#({m`<@N~QJnA*)
zL>vNXGYD~i2w&_+?VCor=&VQ*4hpLuP2CzsOAxtPIz*@edW5x!5jZ8xTK7+>RbQ_D
z&}y<5myhobC?tJQ8klpuD-lc!d;UG-f(;6?nFm>DqY_PT#$=7RVJ%{%c5Zm*FR7`<
zaHxmez@^?(q96cG;#gN{s!$Y2pNP_9!YG<DBd>TU+wsBmvEXQ_Y`73>V#1Uf)}5)W
z$0`#uCUcVq6l>YW?t1n1>vnPb1}s6LCI>qu-`Yx{vU;#8r?nMeE%;1S_4ys6!n^&!
z&njV-_9MIH_eco{yiBCuyQJVk!ZScKZ!5RkQqE~qnV&5E9L|+g8t%vV6Ng1>NieA8
zUnT0)JQ#h<J{R=~-@aj>wQAxMjo1=W2Y10DM#$6vD2dN~D!X^!C4hB6*zjj(#6etU
zi)}Q{%{cLQ;@OO5$f-dT&}2f!KgM$w-07DYi(5i%%A`NyQ~42_nw<+Ckun;a)z5G9
z$@(J^kK;rsf=mud^Rp$+;X7#?PXQogey+`!@*b)mb>$uia&uvHo<koT35~DQF`j5r
z!MCUhFmhR9M&{)DIYnWGwFb+yv1osHb3`acNSXZSlO%W@D=Rp0508B`GqP#cvOB5d
zg7*CV6t%6f6{daphgglWevsGmpsAx~rEXg#dkU?@ES*Z?R7aQHfkO`872krp;9Ex-
z`uP6?cR+~0e(mYj0dkO1AvTV-w0P1oL)EJW-o$yZ!h?VK%0eF*DkKqVxP5+^OXl2F
zVZX#FzBo(5xA$aAscflTy@4bAK>s?^zbaJEbvz?*Rlq8+4JbuUqPHvy=vbyYTJ8(0
z#gTFsC$mI@W7%%MFf29IRZ@2J>{1mZe9H2qm49eHnj{2{J{|5dMmEXqWU3a3t?`e^
z8A)rj)?|NonBy3+qsgj~t&2;6PDbk=`-gP9b$PCEO0_f(6l`x@V`HZa-x?(se`OUG
z&0^|K46~Ur)G;FV>`u4cPWR0DE05;T&R)}KHr2=M*QMEfJBhZeOguvND4abz?K6qa
zN{^be<*_LJD-aXX3a!T=Jr+*fXuB7tC6?0xldFF%bHvHhdQcmZ?jfqOGddH<l=rzM
z!NwNTI>a=FBwyCJbhX|Do##9cC;RE<s$feav)-pL_2H@OBX9=C0nTJx=l=m0sqY(;
zglZa@C1<@|-;}JEKfa$X;&OYg$pImQ4LH~s?eYv~Yip9c|7Eg)M>dE*u@70b()?9|
zonC)cy*l5;d5f8em+&kW#%y-_U{ftiu5{nWOtV_v;0u>d6Yjg!n@whfgYkk$XsuN{
zO)TuP&UylIo;~&=>MY}FCOUNgFBeJPC;bU-_pz9F>7HOYWj5OBwJ^;~VM{F3SXL3{
z^1!NygiJa(D<u}T-e*K9BbM&1MD~qnXd{2iDL)Mx2ov_p#r__zd+epHYCf>JUlZO7
zTi9z12ifp@r)Okoh4tDT3s*D*BhEoJK4^vHa5KhqW;De_M|0Ecy7#6`?+@SQWy1lT
zuVB2=c^FLEM1F^JPi?H{q9)eBQFQ!1&%PgGA_RH5=d!q~Ehpt<%OR)UI<m7|e)4}v
z=sX?yghQtLtz~~MxR2jv4lCTxR{Q<wrOTmGpXe-Ur#?t-;JSbXsW|VmNhfWB{kEy&
zN38rbV0pcluSU5(gzB4EY76YDC)27h7T7;wwL}^hM9fv8^(@UW$K2Gno8GBEV|03q
zkzbG4+&B(e_m8L;;Sm<=3|(kf0rP)ME^gV9y&WKCfJ^xp^Dum$=Gpay-^0tNhb<rA
zBRQ8M76q%`zD;!wBZHG(zdvX7Sg$^gJR~n!YL%4QIZq~ohNmtRP3|oV=9$qbE0a&$
z^^(e<`o!Z-(me(h?(=t+4y*TcJTdW6omz|~UCa86nTeXEZ(-M;U7RN*`v-rZ9P52Q
z`9flITg}s!O8che!=6p+AIX*C;Br&%EN++e9w1`>GhxJF8rF|$QuC(&Q7LU6?bhWP
zMo!rfUf1#KfRzYioo|`F5}MrmM_-+hr`f+NO7NVP$R=Gd`FQL2Fez!FQ=#>zBByIr
zV@s3^JYQjYW~?%e-P9?e3e$i7R+-i@+<b_s)=#ood~r0($H@<&T$UK7^-D*h@YA?o
zW2KDBFxO-iK~Yz>DARVvkVqjZD=VLN%uGuB$bE=);jzbd<mjFbU(#1dFnblI4OPOo
zl=D^;sN$=O{C3}I?-@-kYa}h(_E?a1f=|=LF?dF!xyJI@td7&L<G6pKeBFqp4>6r8
zf)4X)2u9~|d~^s#ZQ0sKmXUqniF^57nus;~h;%=S=2*pEie2?gvCYo^Tfvt;?^~|j
zYahjl#9jH>b#YUa1HD-%rVRse1qK12AAtO%$Rm(n6|H_1)?0l8hOGW*Ty6D@xW?+6
z9C+C2o2?$@$4sk_V$6Snw>WgyI{i9_{(9VC^&2gGkS7eQKMs$#`V*Y~M5jN==}*Q}
zto~G|Kh5b+clbEN>Cbffv+!)IKga3~9-WKlF@NXt*WI9joBP_4aUfUYefm5#xfLp1
z{Tj-(kp)_T=2{U4m7BW@v~pL0EBC}3A*;ZZhfr7UY6n+MfvbNFG6EUJ{d^g5aPI;=
z4w;KuK@YfEL7k?spG|km@7s#E0f$GZg!$m%&HuuimP0nTiy#vgLk=wA*~4K7)WAqM
z0>;9TFd3FH{&HTi0uF^BV=m^Fg@_m6g+OuuZ9cQ#9e~~~YJ;pIZ6_E-xD&FA)K18e
zrkgam0?U)eD@}jCG~H#QKvwjSrl)-Nk_n$Qy^BWfgg!-mcS7HylAX}6sALE97ld6f
z;6d>3gn>ovFsP;t278CZVQA3~=);|Nm_6<rhv9K3Yy&LP?uQXIsvU}In8A_NJE1rU
zDiKgAgUXViQ34vxpfMQGm{7kRFm?|NcShcEaTvb|dbNK;Iqy6n;1amc6^DsCVQc~$
zGZNSb#367Ee4qMR?sC3V0WVX5j3Uw7q=4H27q~Rm_kjVu$fpZD(|gb^m>lr5!@)H^
zcN<IzWcfV4tT;>!80|2v#+TU!6@hH;^j$C`kmJi~hnW^^RvZoqbn|t)2l$%3`+k@c
z$d!+|9Ql8)gT9^cDg$}GT;<EFZiU2x2Vq_y*ITs<=JQ-0VjLFu^1O%o4DZ4?RQqz{
zuxJ-74tRauU9cpO@5|>|nTf+;zWg{G&Z6_y?1Ce9!csohQlEzHa3o7?SsadP1z*7B
zU2dJ6_0tZX8X2s3Ah9IKOM*TTesR}TEBC#smhpdUtyN`RSJmx%mC5*~wQ5Y)Rjc-1
zwH-9drr}fs9-2bSXa)Cc=@Pn(`>pgiJ(X}Q3_uk-)++YxVs@@FcCNAPT;re@jOR#K
z4ufC<42J`FHUOhx5<}*4TM1KO9?XCRFo)f3KGd_rHLyE|;3!zl)WXmV$G~OK0=K|<
za36m>3D06aynqGpDfWPGu_prdMj!UU;n)w$u|H160a%58T!Mpe84l)1I)tO+FphAA
z9KA;1C0K;l;Yhp<i?JO`@gFz}pTn{E3Xa1!aXfy(RKCFp_!CZ~3=B{<PN5z+m4@SV
zD#95w3TIL|&Y~$;NwaYtEyD%00uQBCxR8Guv6|N6;dCO_&?R^zU53l(Dm;p=$K|vY
z>u4vM^f)%qQy8Kb@MwA!SJOMV1}|dCX&kCNEXRxS5+_cc3<`+*+1~m}R#(qW;8I(8
z;M)Texa++KM#<N1HgECP-ZJPf5H&_V)tERmYy#sh2ys9>THC6&S}8)J;4oGZCl7y6
zoCZ7?1q0VYZ(Ik(xE>~RikN{LVHTdi*q7p8ZFW>1vy;J5FHaq4M=LAbSw6ga6KLBL
zv8gd7Hm%`?gVH=3t!WPoaIlJPBmp`oY=WKVoPaiOuN7gT+?=4C*!CC(6x%?{f+ID>
zZ4j+0i9_r`XbEUOO~qlYPxG#e!+L-2Hh4G2;aDCV=RH0SC-^ii4k!A!IjKn6ljVdg
z#YZ`~drx7Ct&mydJ(UMCd)g)r=$f2glW^}n-GQGGa7lNjc3>+EtV;5B7W2i7oSkHk
z6BQHBNfp~UUBvc>5;)h9K$oMQ=N$EX`>20O9QA_4Q7^QPdXeyXu{4(?&tiY2F7Ktz
zS^jFD<+4sEx!gX<6{#oL&Q^LO4#h$?r3>&&{5qLz-(;WXnt{{i>EOmQ*v!s^9(We?
z#B*UR*8>N!Vb$OT5M~cJA1`Jqm%;6LImB@@+=o}f!*~@ug;&E%crE-3x4_$Y1AL4(
z!dG|`{K#AXj<=$lJ=wsmn1_G2b2PY<BfvKH`t8im-R$u@umX4DOl-q>xQpXLJI8|i
zn9B$73VaZ^;KSI;5#SDdgfaFo<S}laz$fu3d=a0<SMeEq1E0lr@p=3NU*NO-6Tiln
zI3~PIx%dj7@-pVuDhk{WflJ)O6)1|sCR<ILH*t#hUMVSA0(=~<;v9e83g!IKW0U2o
z?8A(4wS!Tc!02A&y~cqpwPALFVVO)%oA|YxAY0<J_c|-OTd*yA9N6^&%gs2j&o!_@
zs0@t54G+SNJ7xN&8Zk35uQs^3!+%;?rEGk|y?@)MAqq=7AiKCvp8BXE4!5w&TEr9d
z;&7|INh@ruOcK70X>fl4+L|;OImTw|G&aj~#rksX!?Cm7o^ZB1ED_k;-)T`D*um~L
z+ugUP8lvr0*>Sk5$a}ZLY#eq}mD~e65h{~P;Z5S!ioqlIK<3EZ+Vy-83%AXZb35#+
z@!r!0_deiV7|`0Gy=J5u(+2mkL%6*6$6<FsOO%^Qnt4Uu2V{Rs_Mx7waJ&tF(1QQH
z18%m%Lp46lImEuC{P4UY?>~4EpYM?(?;aWLfJZk$U+-gFfB9TijmPwaPx-p{0gHT*
z_i;HD-cVWOeL`>&vU<|iz*9+Cd7qwVpZA%n65iz5I6P;6KX2Pvhqdx3cN15zoz&1(
z>o3?^Ps;wq4%vTmS>)3!@pF;O)s~2p?em`<Hf!tSB}*TNvG2UR85Y=!U+Kc!tB!JB
zOB%2wyEb@TB3>N+wHbPP|D6y}JG^1Z=FJCMp_deAZzX_?`nJG@=pM_PnD&1}p_(W(
zAprCLA%J(f2;g1oG}gB7rEL4Y&5mWHdoa^J{|B4kckh3Pm5#1Pc8c+=t<(wcM`>Um
zr-6Nv2KK1~<8mNj7oXX7Az&^LZ0<jw=l!Cp#QVj~(7Sk~EqzwPm%PgR6(hC6!V>R)
zZ-!y*@U>)}Z$$Ps-nVkZ?*#FG7UGB!@Ao&u;CA>y5P$4I{7Ddh7Q|m<Tko%qxoiU+
zjzEPOoJW7=VGSP1{d4#}e#HIpbRwMsyHtkit@?58`J=i}T>>6;r;4k4xc^CWYo0{j
zp>p7ejBkO4|A8EQ2fE|CFbLm+QTRTT;|DOEY0klqVKIKjJAMJH@k?mIui!-dFPx3v
z!g=@|T!{aJYw&xx1Al-w@JIL@e`el(!wmc#2NHka7($#tgp)~eHR$3>Q0J;IldC=t
zuA?m6$XVie&Jw3l9-hM$<i*qzH<1r-px(HZ`e2;;;{DVQAEN&F6b;1ZXfXbphT!`&
z6hES2_z72>pVJ8Zo~zDZX(YL*n7UC36;LVlqfs=SM$;S`Lsc}E7ST9bO5<rcm6J&m
z=xBeMNHGe~2AafjJD5)4+Wl;rN;l9nx|vtrK{F^$GwFVsMGrBBr)fU@lNQjsw2*$J
zC0uqMrZQ-$>PAPZ-n2~hqodRaTB*iTtvZnER0W09Tsm4+(`t1DHLB&*tYQ>Z$5Bk3
zL@nwJTB|Okjp`CQR$WQQtH04n>P|XE#p!=kbq}4U+Uaz)o6b-V(*^1ox=_7D7peE?
z67>^Zt|48axoNZJp(`~nU9AnEYqdeNMH@@kYvpu<HlJ?PYUw6z9o?**ORd_q^fzr6
z-J(56w`vd5ZQA3sRePRp*IuGKw72O_?E~7TeMQ@~AL%abH@e%ENjqHKXs63Zao2w!
zYI6;zU9K{E%r%}X^F$r~2IurEaFbJqmvMa~b$B;6QezW%oPv6LvYO7}${6TraMLr8
zL(lQz&0M_Liz|6f<GvRiBySfZ+u%1T)P6sx6*8)5Yu~NB9YHQ%l@di$Z>!3F5r|%b
zEP5Go=@rPQSD^>J&Xlj>a>%a7&)|Q8Ba1OlQIqX7wV#~AQPG*tM{vB}LXr7=x$O>>
zJH3-0RCz`#4KK<^vOE*j9u9!q#nH-pZV6#UBm2hDwG)+0JPKKiEjP#Q$!**Tn)#?(
zZDs<H2t@&R2U8xIbSF9Jw+WUo_xX=P|8~r(8QIsTwV@HveR>?T<(&X?<Vk;pF?M0M
zfbNj72;^g~(9%0^l#h8<Anw3RncRV10a=-bKl0<)J)n2+R$$Y^9!d6mdOr4yLtr!X
zmSHdJ(W9F-IVq$A5*SxOsSJJAaIiC<PI$dVc&#ubb>lwH#(g{88`5ytZ!Zp6fB}K@
z4`li>^KpR1Y@rPOJiHS6$#8$5yv}$EJXb=FFSEd7Kf`D~T|_f}Gvo>9gXH<=_w#vU
zCh6ll#6s&mD5DjO(=xCi!?oqt*W?0VLL*<+Jvap)$ETCF{0>ZH3w?`i`EAIc|G-ds
z2M(q8;4pe0j-n62q>rJIK7lZO3dhiA5Th^Q1o{e2r~krv^fjDM-@$*q^aH#|Kfx>X
zGrUQ^z^C*pd_}*(j|!2L!okYL<&_(!C=XVuEL@_pF`~NRSt=LLQF(Z&^5U&3AGfRS
z*scojA=LvPS3U6w)f=ByeehG&7r#&g@CW6m?rI?QQiEuK8caoM2#r@m>0mXCrmNvJ
zUlnucE1`NdibLFJT2FuP(aCBYpY$5Oo>)Gav7UX>%Q0j<C$K72u3^B%&a?{$&+DSv
zA&$m|cDWMv+kwOOaLt}X9G)l$a9GM?AAc5Fwmu@YsurXwXLb*}hcj%$qH?VjH|7nv
zQ2I#m9&BQZ8!2@q$FevU^H+&gZ(?acZ^fBD{T?inH?e7AKD&Q#RKVlQ6l2Qrd89LZ
zS@}5HvgtgZkr-yQq9I>noG<uI(8gN!mgzI9TH$j6jI#haMLxr33|<lFcnj+B8B$h1
zB9QV<cuek2pC=zD#BpLETb1Xu!sWi~f}An(<d=`uLt}11?p07ApJS4rysl9ofr8vP
zPD;WK_jN1CwGDrs*K;Ujs(HS=-L7k8HsH&X*Avoigfd^A<_w1v$=G7LK(nZLt@lXA
zZNmfkcsZx#U_p*Ad-s;#>qUeIA#DCFUa|-J_*{FSM?uCld>zQg$r3?aRRtO4ntkcH
zle_MFpn$uAYpgew?xMzma*fv(cG$wf_T}5Qf&wjhDQka)W$ienrlf#_<WxIIPLrmh
zO4{kXjqq8*Ov)2<fhKRzNuo0xORTW$X{Pfvz2nAbk)35ns&d?xytWnbQ4UF5(d<Gv
zC8ilXJDX=a7T^G9l#JI-lF+**341uliO-oGyv~)`%oLO7z@6D8aC<t?D+S%tDR6rd
zVR@7c?XZ75G#Qrps9n!6&pLy6Zwlcmhw%KgfjI?nK^hK{(bbcPu8;9*4Co_e*MuyY
zkwe)RVPxw07ux5?>JAa)<05-|pU#(%ZCq_+LmqVJlGs$ws29MajnignbCS=rFGCC0
z4ikXXM9|a$;8p>~odnrx3goG&&|OV~F{%Q_tLcAmu$lo8H4`?fS#X*<1TIx`;3_o_
zu2WUes^-HTY60w23t_jah9}e_cwQ}rSJe`DOC1j1sT%k}Ek&h{#0<3@^VACLu7cQ8
z)#4yk#}V7a5><~ARRbQVLU^!RjdN5ZE>vr9v1-QU>KHUt1RGTp*QyvEt6K1MwU#6L
zIy`@0ZNyFLSiD9Zhg;MMxK*8qJJm^epE?;IP^aQc>U4Zdoq_MEGx0-pHh!bd!T+ga
z2-QN$QWsD+E>3;wBJ!(?X)qV5!`0<fs;-~|)h3#%Hq$J170p#wb5VO89jCT%l)s+N
zR5#FH)Qz-R-9*=^o9PL43q7xHrB~H$^tyk#o!(P-(5GDF{;aksQrlIgx=Us8<)lEh
zss3u0s#NW)k=^PT^?*87{aszI9#*%jf2bYm5r*vHe~+rC)nn>e^`v@1J*B?luW!_I
z>R0u==2I_drRqg(w0cz=r(V})sefs6)W5X`^@bK!Z)y?sHf#1e+~U-ne*rh=A%K5{
zSk;b;xq52DB~?Z3cvww49$r%t$C|t;(1u5};nJO$U&MeTccQly1_!hbTU#c!##VS#
z($;WW$u_H6ErC(V3_pl3ZJ^#`d-?zj^&t#ZA47@y1V*V(p-O!Q3)Gj)+x2*Z!`nq%
z4GV9xwfppW5|+FRC3qGqwWt+_7OQ`eaa?}UB8LkJc7ntA#|oPbMjV^#x$gJZ68CkB
zB`+Kd(~>NeN?EMFVe|eLa@2R=Ro_E_`T_c>A7KKI4^}_JH1!KiSHHq6^&9ATBi>}c
z;z56>*3T%C^w?42XYein!|-PLRg-aBt@dyDPpe>8Pz3g0iPMj=yZ-}FO9vVVuC(}y
zG$a53fJFcRP)h>@6aWYS2moxaR<ob$g9QU@uU3;K@%jU8uU3;H@+5x=d>myJ|9`vR
zW+#*B!M59W+q9jurA^WtwuKhbgSP2GAWe%&6H|_MvO7tp-OR+<*`xshLBx7+smN8z
zAvRJKQOHINhj<_Y3ZjC5H{J*ysCespGn-`Frl|Y-?f1Upeeb>R|K9h$H&6WQ^A7{4
z5e+Kdg(Jnd9G~FkliYuNO2Iu$Kds<irk_#pS*G`Kb3ZpjQRGxi!Vv|-Oh2dK0j8f<
zFv9dfW_l=!hgHnLBT;-o#VkC^lV4Qur6|6vq7+|I@EFstDtKJM*AzUV;7J8fDfqgA
zZzy<L!7~cJso+@!-%{{x1>aHdoPy^Sd{@B>EbYZ8UQ)3FN1}iDo{CfPeV+UQH$RNx
zM=DO|l^?5Eji2z~Wo~}zH&Ogd!OvB!$0N-C3kAPq`YQ#$X8H=R{3eQ5RW#tWWA^3+
z{8q(w{4R>$EBJ$obMQKk{}{!eRP4l`S;`yS`^#~f|El6V9AQXaR`55be^>C2JpHFn
zx%n42|E5NO8=-%SkO-4RA;~xq@q3CWQbd%yiYkinpdwTrl;n9&6&i1y<PW1_vLdD^
zVyYreQbbG<(-bjXMZbtEVg}QhikKA@iKv(z6>|i_J((_nSmR!!&!|lsc2{k)=UR5x
zY602pWIQ6Cxt~d|;}Q`K0+T#9oAHcvy54lXj6m7B!S;WQnasMDH&C0T`C4AII<2JP
znIuf>v&?>yyPMZY%q~*ui`ngUTbbP%Gn26#TOj1@6F4c5XY_lu8?&D0*d(ARY1m0K
zEugTZK#Ibq8LnvvOdH?QLX#V4k~bO2q}l5owOrqACiitX`}u?^(;gtMlx3uyuA}sB
z@~4O=lv#hq&2nneWM9!5%eK6A0;|f8$E@MM0#VUQTI-#ZDKMqcvdyM!PlxHY7#(Sv
zDSms_bO&~3OqcvpUO^B|F_Ip^vcq&c9k<6!3Cu4ax6$k~ZLfBN&$5~OzId(6^n8>p
zyVDVvUS2VgbJb=i>n6=D7AuZ5H#asr$$h5R;%t92YnWZbAyKN~{rG@}t8lf3YjCx|
zDI0t|b@rK_96y)tnLQLAhHIq<bTTzy$U9ZTEx1x((<Vo^9Zxq-Ai}UydMaQ^I<{>l
ziN^`pTAS)gnA>N%8V<6om1_0>|5H^Bx8h0-@8RaXc%Q(GW0BdI?d)XuOIT&IuTs~<
zTrq!-Lbi@O^C|rGCbF^Bbjflvr3oE_8s5!jO&)X27T4%88N)Ji;xR$R(+f1*gqsCG
zLCo>dK)&Mnh2(j<SQ-wCMFLCJoi>LC1JTF&1_%#Rw<v5q3NPL1R8>9yBLh`|gptt=
z-M?67ssOhdTASX&SoRnLdWWf}vMjZZrq_S!)p|PxgYKFXe;Ep!F4osdx6Id85WcjL
zoNMM?NQ^9Y1?_JkzHw!GHp4;;0x;cK-E4K)WJ`e<-nI3_y9yO<$a>ulUnM^-Tr=r(
z+17<5u46zSAfrjrLOT3L*XbuIIz`@D1h&2-o$a!0-OUnCJ-)szd41W8Nw86{=^KA~
zjU-J_=<A%?jI>TMoOTA-i2ChKO`Gdm^j_E5?@w@W5*Q??fz;)<_M07}ws-ru7lw1n
z;z%M#>7B0A<0CnK)+L!5JrBYLeVbudH`vu=UG+9Al_GZ=o@XTY=~hp#>1G_;@O?rW
zjuyfI=>1lvn<OnGtH^2N7pF$o%iDjPY&vBx;k#yd>~wQ~(qdU<Wfin%<Hi9!V|1Ey
zWs^>?f6Qa8Jjxg4&bW_~PEU_xGaM6ps{n}#-%iTjY+a|-m8Ae;*XeBp-?-yQ)~Z6^
z(P@mV=k(CwlXN2nc+|~tALJVj<>s-_u5ak{wNU=ZI8}TMJC9B}tvfdD?lyn={A-j<
zTZHU_b~Cd;?`O8r1jAA|=E)eNw>NE4qRQ;c1X8+9lIZ&Bh;LS4e%|!j0;88?NXl8k
z?cmpnBaI;~K%+)4CogaU4AP`I8cg{ZOd1rRMu*d9)>KfwI>2dV#&K`gR@ce)(tCB>
z0_TvEHGBj&Xt)tK6sDvdhRuJ^=d`hjt*(`7H0UfI?^>*hC8Ast6{4~*Wd-jqJ$~EI
z)^IJZqZhE=e~2}FkVjMfJW&t?8a{;UG_h1v73$iOcKXM4RTtXTXmqf&L!yRK>-Yx8
zrf0kOOf%hQvd@{JRugX#%L<P@`qcC4at$BG^_o~AP7#QYAHZ=_rW=3g7Kk(v%-wv-
zQ)xhNpx4bOqPU{BMXaPJPplHBY2tLw_Nzr{RIJg&TCq+OXNWRQtmk~L6`b~5%Gc-9
z!$L1ZSyXHwi+w!&bS^fEYE9JRqng+xN(riC9~(lozKNmTNy&RV{Tu0DPye-=*etft
zN)<gmTg935NQ|fXk`{lC!A<#+r9kNRj=gmE1?EmzAT(O^B-r`VqLoXd-d@wDilS<Q
zLgx6AA$S<6aF|ox@FuH@=Zu~$K9Ss3E=U@WekND%;^~Fu|4Z$(_<u5%45^ubao6!h
zpns8k$&vDg2ByUs(;JPJIR&N$bCj!%E;=c5hK&@#S6RSQ?@)ggWc!8KM3WS`wB=ZL
zEI2_$H_8#zjOD&@GbSoJd12;63;s%!&J$dwSRwFEzFM3$;YNRF3GLjRvb>-;mF2#h
z)=a?ve*hpU*-?Q%sn<0rU|ciROs_egtD>;<?lEmH9JzpZ&5X}6vwR{3ADT?J(=Ral
z#APu#m1^Rk;5~n~APz3g>Hwz}|4T>lBcOwm<-9i!NxFW-TTfpg-VP^YdHxrS!n!<v
zRd!ok=|?R)W$xeJc_RNcaMWcxGWm-$gCp^HKIrtZ`7SCLufR$4RZj&c`1hVXJ&>nV
z*ZPzycb`)6?$c}XlybOFKbWT<%2UdnKBcF_r#I#)m8pL|y(KUIV4mLUQ%V0rxQ(p3
zoqBg6?9c3}90oljLkLxdhY;pQR>mSjD5{J_hoDr(iie<9E*(NiW$6&K%4%jE!KC(K
zOpZ;-VQS_5C?OI%Dd=lC#A4H^pTqPa#6JTrobRA^IW#h27Nm@zSQcTjjAELchJ>7s
z`EmwMmI;4U%Gs!ub8w2Bi`{Y_?Yt8o4J-~XKoklP+B<?7?W8C^jG2vO$*lIJau|sr
z%#O|3M)RSE<?Wa?f>LG*g_jRwZc}w^UJmoOjoGcA!0s}h;HGM{6I(FWTR7HRG}b$L
zthbn(C1b;KZYsuxmE0^H8~Wm_xv3eOtL5e`+$?_^MQ`~CR*=1?G?C$_@^Ok}^)OZr
zVb$n_5)LL#8^P(sSyv|$as;c}BLvBs9M&czF|EpBU7O!KEr&DOXz%*=*oI+j9726C
z*yIm32ZJsCU@NiLli6ny-JGXenT~3TBqAedXb%tLtQ^ixM0h=i#x}oKpToAGw>gKV
zwh@19_gzL-?WikC6pi4V_SjqH)TzU0&Y^|$?&S65Qx{ELPdu$dXrp0UIES~5s*5I~
z1qW+SL=!THU2Q}oIh@Pvvqx|qv7Vp91w4xFP88*^$6tvViD(WTK|jf&b4dB4984xb
zw=;*Xpw~@AesU~!52J!&cM&wXnBuh@rLup5;<XYh<Wkhh8oVNR;B|S9kn*h}E_aG~
zvQ<>cw~3XqU96YqiEZ+Hu}fYcy5t_=NJI3?4soe8#R1tVu9scnHrXximX^3rrp2SO
zM?5Qg#m}WHUXxkzhU^PPWPfOq+#ia|i$V+K#i3exNocjaG}It33+<4Xhc1v;giL>V
zCCcbte=N8!qAh>JU#76L*g1!B1Cj7en9l$(+&S#!h1ixH_W9R;5W~C{o0CI2ymk<q
zO68t)JTrQ6dMGsK@=dXW7|p@S3k#K!xZd%xO5H0$qSU{Ucl`SSU(wrHk>orRc-I}o
z7BVlx5px)ef>`x#qFh5va*)!GpO1fhmt+Sqn|S*;rVe9D;mUZD>A);<)ca8)uR=^-
zgSqlrESA@yMqZCq@*`LyZ@_waBPExc;mCuykmjzGhj5L&4Ih?w;5K;|j>yBfpOil+
z@5ZAP1W(F)@SMCCFUkAx6S9lLVK5J}MG%+J%&W0EjmkslZx6@zH@C~!Ky!b4Bz9qQ
zdr|D7=Jsgp9nJa7bSD(zTzYSinh3Bu8D2MtyYu)~&0Wq3;Nk$>IyE5^D#3Kg%1AtN
z2=7eD*ro9Zk16_NWkFYoM-QSTt{g<sAkOE38dp|Qzl`V9c$E9`cr>ouIXa3mL%b*+
zxeHYZ8IQ#2qP(-NIB$fXrY?V@CQ&?^oXD8QE5c%K6?w94>Ahoc@5O9_`*R4(2T(?d
zr&2zMYWWc5@JHxgJccvm<7kynV2^wfrhE#$^6R)regp58Pvd}m23N^%670|7CiyMg
zF29XI`5oLNpT}qA3wS`jh%d{R2=d41e*KU%ew;LhaQA-zP)i30SAG`+!r}}704x^(
z08mQ<1QY-W00;nVuU56G0j?_pY_C?AS}Xw~e+PWjRr2`Eyd?Y0=9{*mN?VW;HVG)8
zVkjCyi-ZtK03)_#^G&j{?8e;<&E9)&7tXU|R8T?521UhoU_0+Dr=Ff?Jw4I$?({6z
z^f&Xq-z^E@?*Et1zW06e=FOWo?ajRS;*XC#2>_GSGB?)a^SO|PFG%yE3tw_`uOTnX
zf7h?1c}1FE3+y*8eAU3$+>nQ_%lHige=CDGW$=~@-*$t?Ui~{4zT<|0_^u3o@51-o
zFvK4G!G-U;VVFJmz=a>WVWhq0BR7n}k6rkQ^m_V_(tIk-XVUyhn$M-#C%b;(!Y|!W
zhJO~wSMv3W3;*JV$u_yay76!LwF|#-f5TLPOvS%T^R3K%=fdyZFx}qe2U+qD!TzV5
z^k35a+lBve!%;TEkFxG3ZU|h2ZkUVDyNKK{pOg%~mgb)>%5uXol+6n$M{r#{6pDHH
zPk|Y^a0TV^klfPbF?BL!E7_FtnHwsQuR>{xTvY5Lj~iCv^9Gf0PXmO=K=~RZe;9*Z
zG{m5xE;`7dVFnGC*%2~3(nX_W;B`ZgM(5HPI@qAGZW>49Wy=W$mAaXeiPHFF*D{A4
zX2M0~ZdgkdZX8CF44N#1K`uJP4X0CuL5E5|NT?JUG{vB)vS^yKJdX}@4l;}mXPruu
zMMoGk-Jl~4s&vr|*>a{qv!tJGf6!4Pk)sW&l75Z=s|}hfgL%@-7svvG7D`_u%`ws}
zGN_jMz}F30Y*3wSw?uZTm#<@`S<0%U27?+6S|*GfE6q}amWx<c$mDS@YBK0}H#~r^
zyJ)3BC%9o7oycQ4Nt%;gbc!3g$uD|bm6neT1JX37VZxIoO^ZRT2DJ(6e?fyzm43Bg
zgyd^YE)1lwG!emV7a^V|;v6l*sPmOYF=^t0*TKF-Yu&Vt)*G}z`i;_@&R#_!gU(0|
z&J+q~8FaSv=h$Fr3_91K^Mu~{(p=!C3+W<*E*9lpV$h`myv(4>-E;+ADWbW`psNkK
z#-M8ry3U~M4Z1;aZ#3v8f0@47pr0AkY0xHF`Evo?V$d(7zty1Iq`%#uJEXr;n!60T
z+rZ1^bF+b$N`H?*T|)9+8Qf<evvI$Hm&s_0L0b)az@P^WdPs1#8MNJ?hYh?!rXMkA
zhxFajB&6vv@M^)^>7qxu7khZjz$*>BN@jN%c#ZUr8+fhsPZ)TefAmipc)hT{+n}dh
z^t7nq8H1h`IX=fBN}4hBoI$@7q&;r-p1mAc=y_>gFz7{FQEWmliJiQxEyhK^a$_ZN
zn4C+$mZ*@e146oS(Qn*Xh3`6$q~#d&szI;y*;=M~|JMcM4cSNntQhQ@E_%yFZzH&a
z;i_;|dwa-=BjE7}e}%ztgVpYj`s3F8sDF)xV65>oQnWROP_nZ2RR3E4<d8qyI=LYp
z4Tf81AgE}|DyCGsv}IL&G!l<6D3?KvZBfhLjNr*wW5XE1SQ`#F^o#6y|GM~O4dGdn
zXR9OOIB#r45eB3&Qc%V!Znk2p<B|4;Kr|8x)%(LtY+xESe+_0_S8FubyvpB-FeHt!
zfMIj|t+oCQk&ZYc<*n+7$0K1`5<<wYos%B&Y+)c04mZU8@s3!nf0bZlaIPVYl<)6|
zw^`wMFyN0znDxBcDh4D;4C*zzEF4^48)*%O<%EKk0wnQiZ9qsYXKDDuYyB}fNTfX;
zjD%Sk1+`1;f6t`Uas#1Y`>KdP+AOS9CkM%C6}18~vD6AgqRp(j<V1cn32E364)j*o
zl2xZ#0g+8%%!<W$xB0=4Rj2jl>CYAlQ?#lA@!(oU8<eK5WmnzC3oKzV&=HNX6xy5F
z)?#z57S^a0Y;B9r3C61<p-9w*<;Nm{)mD7IKfof}e}ItH7KyQ~X0=D6VzM=i!PXM9
zqHC?F4KrhHk#%Aytbdl18EI*;qD!riEozU<E@^2Au@%j=4Tyow7UQtRSXS6!C<(02
z<dR)L1MT5b>$DCl7H6otIT-V=3Rw*ewJhib^BP%E)l2H?=2i1oZbvj!AGKP7>-oDa
z9&eA;e``M7k+9VmTw^V=_*l8^(a8D@3-#ITZwIL*5)D}O0$@`JwuU3o<ftef?TE#z
zLLspaD=K^xYS6N15+s~it2$bp>0IU_>Fi0T(!<F%logmWGZ+rWXY(maCoX3(S4Wyz
ziG{T+t-6jitE_0FoRcRcDzJ7-`w0npp^#y6e;ry<f|%)d{`R(DAf^#jw1epk<Rb^z
z!s;T?HU5weBY_CJn0wy(fR(iPLE?dIj#c62s<b0n`q&$KLzsIGW&<2ckVQ<wHbCC2
zw11xS1wG}jtm_P(ZI=|RA<dB_e>Hr@pg+XA7xH3xR(xJK5D{w^tKeaEN4(Km9~Zl`
zf8tAfy8<&9XtM&V_X8Ki;{IqFTR3Ag%@`L*7_Ik<1IMjsO#5&K0AWHuM?8LFe;!*T
zD{I2>jKzccSzI%bJ<YQwveud(33S97BPrhz+jkTr=IW38L-V3h34XqQ=wv`rs?}o6
z6X7pr6Y#f+dBrqs7l(LuV=;XzEQVJTe{Sy(?=L-GD{Ngb+{_vdMPgbkqcRj`tz~PN
zyh0<)lW)CCp}j%}CpHugL&Y{^uH{d|OdGbO-3n(6Wg8hfG-~+J!Ioez8o@No-4N+u
z&y{$|`eJ`v9<<h3(MiIfi8tZRCN^NBiOWzzL~7o|<+#GcTX>#+CrI0*xdCrve<Ho_
zNxnoIC0s7As}_3qn0Nx7$R1bCXJtC{4!vvQNq91=xNkf+F^(O4uFMOBY0&RY3}b|M
z>V0{b*p8<$lPT9Qu?>T44*OqPCZ39`O?nUSW-7gJ8WW=!GjT1hGjY9~e1kL_Wq3L_
z^apys7pr!zAZ&eLa%QrU?Xv%yf7`@W7;w>tCVfO7BMj?{#Q}hgh{IJpX3{5kwn=~F
z2G142=VjdSCN`sG(x>#92=7lO-YKHL4{x^hV_(50hH#BZpVK~*zMy@XT1iHYw3<SZ
zbx9U)qAxS2(#eTT{n^A*&~MUL!q;)wWYS+mB7bG2(%-}qzLw@2Y5p!ee|1Z9yD&CN
zQw(ziuZt|@jjYCq+#xB~N(wE*1?P0geTZ;yofTgfiLUlq;;oh5aKsxG3f_3cYhS08
zUX#A1?@T;XxcQ!bFtG=BB8*6Fx-7gp99b9cv*p-6lx=F>FdKol!(LJ8MHreQ<Amr8
z66JkJ1R@=wW@a(&bwW)hf0vvFRGN5}X!cwB2S-&+I2f5cZ^`@=O%u;&d!v8i%`W<v
zN&lw*?7vIYS`%Rb#DdM1H=w;exg8U5(T^tmB!2cdKEYAIyD}a4tmYF<1$eiqkX55d
zR8x}VqGm~&38h$yDobTEf#l}%?9G!addEhNfvNc;YvlT86?&J>f1l&E^CGX6x*)x)
ztbo5GW_j&9-5ZQ~C5pD|&{&wft2Xj*(xgcyZswz?9AVcb=5&{K+2m!(d$53c^K!2w
zRs5xR5r>>)lFw$V3}(4HDS)&>OqDC=AE%kLRUhkU7cwz#yK{4T87k?d*Hmsin-w_8
zRC%mGWy;cF%VNn>fA+H=U+@Z~DHJ)5n<qDe;3vajdJ*5eR#=wBOjRUDEtbY3%LX~N
z%Pevt8jNr7#y7NEe9$3v5pPDGE_;S8t65_D_<AeK`PdrSjIZc$Ge=0TY}gy$R3&T*
z*oF6+YJirl8fdCPYB1aU{@C6YKi?5d-IqaKqN-PCtQE2Ne}<6NXAQ#0B>R1c#W<s2
zH#4yXTTL}Y4b6;DPTgYId4`x&emYoj!pwngp%q$d2{lphL8cm}hMQ^x-oqA@LahmN
zE)x@kk)|4@SS6!H8)Kw7SOh#)lvw0s2)5s|F=l{b!HpVZs&S%y<z3I8<0bmtFY70;
zr>asl(NsR6e_5u=O;sTilf?ZV6p=n8!^!FpQyr?NxYSfrO`{*!Ugz40xTy{k^FCZW
zmFgm<IzsTL3tvN1*OHed=XL5DZ%|C@NIB?14Gt((x!8VWHM0X`EnL#T*VcA?*i@Bj
zhD*&f)hyW=Of_2_g)m$YyzR+sO2@2NyA{xBfdo+Ae<7=W$<jubI@(lKYL1ELhz#=C
zG8*PBT|RHAOd?FJvx3ZD)GI@#67}{%Nbe9!lV_{$(4Nz)BC7OG;EQg8mu*WE<5Lt$
zYU8c5)_Ls&iB-^Kv5!=%xy(reXJX!D0cGNOa#7|lkz2!?Dx(HyB&Uw@rjo${bEQ0D
zE0jvge`_cIOyUvTVd4dHOb5ZP{n7{*%G^ME&IYpd?dr<Ji?n<iGV4GS&yd97Vqwia
zH&uL@c)5TtMLrR-KIf_VCSD>)c&Le&30RGrGM|T&^%vKdStn1Kf3m3-s5zVvr7ATo
zGn`=J6|%;YuGA`ZShe^@zgp6lD`mT@xKRsLe@(CS#lCEr{`5npA7bJ)f_<$t*GY4|
zSokq&5r>-t*-G+q*VOFVYra%R@r>J~Rt#Fs@7zPCS}YKAZpO`I;-lgUb)03WC92-U
z$Mo$a!8NW^EN=_fYOyxPRL6>I-K3UgrYe#}rLq{+Ao&VsS*BwNPSR7@;M_FM<-<Ag
ze_T6t&x92?nY!1`mrYEFS2hYip8c!QBv1=rX-7D0SDqvKP4R1kF%I>T*JSJBiPh_G
zW*N>rU=3nFC#`8`-AZxLACNgNtxcuoc8#bjwg%_U;A8SGeK{C&fHEYBp$QGnWGs0)
zJ>%K`wTlBY+nlWhz8*_6AD#rZ*dOMyf5|4CD^FePg3a+ZE(ZMJK%10e1yYKp^I(K&
zrTravzqhfBHJZ4u-(?37o@<?c&soo&G&eP3ndOw$)YRxlf>OI{35M8)@|^cP`+3P=
zjvIq<{npU#53FXnL@l{DoLG~rf!1<PV?QzE+a;o%(Z}TQ9J9l01LghI`}=|Hf4o@U
zCgYK$^A0HOw`Ly3d>?pyVLK1we8&b>H%9#dt9Mw~z&5akty62#d9LInvEE+8{<vmF
zM(&saW(jJ-A&$N|0jCzt)*pOlIS)|I;g^KxW)|hGRy<W%=Y*_qtJsDrm6AS7%5J6;
zwc_%+HoCvkzmE&($A{&1I<`30e=4QBzH1iyPt{MJ&L|j`QQ<oF6RQ_?AQWW#NMbu9
z8@o7cwMIBijaz9CE0UL_YJa<bRWQUUtQE7Zxud<2oyH1jJq=H-tLl{w>5PzX#bB&P
ziekS`<m)VXY4Xc)2lsl=Xz_Q1;`4)6hy|Npntsogr=%RI4dgv@aQ_~_e{wN{v8phW
z=KE<$%K;IO@8kMOA!|=?@xkmw%#*QNATyHF_G^+$Tu3j;3F>T&WmnrLL1R104z~N7
z*E{`&q&BLx$ZPZiomOUp)|d?_Y7xg;rHy%o9Yu;WKnpEfq^y;`Z*{p=`ss^SvTeD;
z8INJbdh3Q>4`ex|EA2xRf5aj!ar>opK4%Vm{0v4@PiQWVWx;@cnq8S8TMZPyWizi1
z`D5}*+skh?a7JbZYp-DlFKMts`kt)Oewh=~L;LYgR~F)CcK8fMoEw;Rt^LkP6y@Ph
z?wr&xPdJG*TXX#4n?*@xbj7^1R{p?|IhMapSaJL5H;0oRf2i*pf2H#ZFSb*hhKfnI
z%H3da1`)Gr#BBO~+LXk^rmG7`t6H<wFDmcgj#}*@4qH_clc)dpC%gj&Q;Gh3=UMB;
z6S8CNAu+A~9wjIC`zIxn1(NX~IsX4CfXg~3Y1A$)&xgTSyN-`p)_UO}pMy%2O)B}f
zsowED_1CFf+u5}QfBJt6Wt+_|buO{CV6z3IAq(q)@K{_5lL6#y5BNWM-qZbZT%r5p
zuu1pF<4WD1fG6tyBs^L7r=VZ=t1zJZX0&wA<(%%@FsS=eakcJ4xJLJ3jOe}{Pt$!A
zW4e!Hhwj(nI^C~#_}Sp}8y)!RPJf2epXu~x;n})B$LY^?f7YGn^yfSM1<w41PJfZp
zU+m0Z;`Em~bT4!I%borTr@zwauX6gUopskZ{k2Yiozq{h`&@Y;<^Etmd0OT6XFQq=
z1YDRwp|1zfm(>mAQ{AAp%R21jwg42jtU4GAxiF5&Y{H*Ai&>fc55T(%vYL7zySB{N
z4LM~@fXbMZe=19Wi+@I%+DLG5TLA`4f_&cG1Bbw1m;%FKDvW|@jCD(rHJr_R3Tu0O
z3CQ(50&d?9P@PcW+XZ<|9<vAXyP<$#v`Kdbo<c?}TH%xLZYb^o!^i9tGrEVFE9r&-
z{5i0R4?3tD2J`n2`5xL02l4kX`5xX4BlvqHqmSwafA3Bh-N}O41!H9L;BFY}!)_QS
z0va#P1R0h}Gtp)(Pqt<ze7vSi)|7WMyE~vF0h7`)Xn~>JM)`Dcmcv>ogmo|+*0W+Z
zuvAWmBjHS#4d*}&oCnL`eDK2sum&z<jEmqbxEL;jOW|s6Z-C386Rv<;;YzrRA@{>I
z@Gx8le^0{o@JpUW`~}|XXi9bzO<|gi94%ZC_H9X#t8W>a%b1(_0Fzk?hjhcC%zrWe
z4o$$6T`-k_(`rS-hm{q1y5Vr1Iiiy#u?wclfsgElN<rpdC2M|$v$!$=Ggq)+X7O(}
z;~pirM|VS2Sz$NKk*3;~U~Cu6<t^qdF5d<7f18w2J+L4F3(I-7DgiYsc<nJw3|!O=
zwPIq6oy}^U&1%aNP`5&>fd>g#lKigU0mmj_sf-fPV3TX?g5l2kD!twYFB49e+Xr*o
z%nRf={xx;s6^ogNmCWM_o)Z&r63?H^T>?(wo&8<7rY<!d=rvuTr|T-SQu9`N-qT`#
zf43%}jd6!&Y2?wB*$g|i6D}W`oq*L3L&&ox0b${CkG8ccm4JvXxP#?n4&~HwPx7?e
zo7*R^-@`7zT>?(qq)*0QQTv=)VSB)5A2(*x%(tZ#?*b2>y`ziw^sEt9{9SNiWzNu?
z1gxuc4R!5-(xI*dtnUPG>Tnx)V*$$Ue}c$M3Viah(HYH^l?gbb(imz80izFrGlhWR
z5O5_4@W)xsh+|X^G~y5(2FL5Z5?1NH37U0(5d@{DG3;Z~2iUi?>0<#@v+3Ukd2l-n
zf;%}X-NoK_H%x?kI39JuOt=>o!hO&P55RHoAe;c(pbfUO7e35>yMz67C!7n9f3nX#
z20vqeyBl^h_EXRePxI(Gc#-|@ZP)|v!(R9tUWRYsSMVdef&{N&F1(IK@LL=JZ{iSm
zo4NlT9s%z#_wV9z_&sy~9-a^HGxs0h)$k$S03YEk@G;&6pWqhw6d#7q@HO}xKZbp{
z55B-3;7j}o{!BUW6&1l>X)yeqe@4M~eCqG141S>L@DExB|DsdiKP-VCDFi<eXSs9}
z65WAWbT{U(L~iF0Ksr*abYl9!wlkdF1;c73gzbd_F~D=!0J|W&Y`0c`L=YFalY+Iw
zI~IcrJ>bR?@bEE5;9wYqLtzXagm*BG1ohJy>(11c>zq4ihR<_u0?xCIe{X<oeCONU
z1zj+NZScY_9Zp6h;3Dq43AmVnmvsL0RXVKsm>s}_AqU4oK8}L{I37k~DQ{l}<FFjc
zu>z*@cO_2l#m-%Lx6Kaquw7*_<eQW&UYg;lm!&<`b9vIc&STUongm6rIJRBc4fQ_H
zRrYDv&8|+-y2f754tlMSf4D9+yx#Wx)RG%gOKwcz+|+x?&3%^qY^ItuY>V9ai})w^
zwup6%6Z<FduZVx;S+lxePBu5Qe4ftK;!Sq<bGy5Rr$_FB)0>h^{DOBKX7ASnx9(Q6
zhs#D=Gxizn>{HIabNP3s&vP47&zju@xB5J{+Z(a!?&#!rVt?Lge|L9DXYYIW>=aV5
zb9wM+a~G@}u?bcPL!NtNf1jsI2-;R~r`_EvolWMx+0J6GUfk;>_wz}Hr%y5>9ScWn
zO_|ZdatxdfW$c(o;S89Ev!Iq!lJ!^xXX6~$g7e@JoDbbt!%n=29k`Yqw~ifm2|Mhu
z@F&i3|AGzh9p_#@e{zP4xB`cBMmv(T*`qm=osTEuLe69taTa?l25=>3u>rI=XKm#?
zw2gDgAm?`>&f(T@N^}}~OBC<N7;fim^$G02=NaoI&Qw3;taKk|q<`ZqG}D|n<2_Cq
zwUT{ORP;sJUM*yi%9aFd?bP?8GuphJox9AwT(<0mBiQyHe@F@JK^9n<ZR$PnP&aH5
zq+PJB$+KM*aUS+?0v_qow72xLBmp}zcHIQ^P8PAaT(XGrY`(<Hbt+LVxqvj)eED}b
z6%8mFDZd^_bVHAGPj4wtCly<CQjvL6?d$><2ZTq{(cmP`E;*s*!s9XyMwfFix{{;8
zH5>`9<4ABle;mW{^%T4bHZt}lxCyS|-1bI}x0~=6a64yDoAEZdA8&^zShz3XogB9}
zbBw-+<M6#4fA447UHoO|Sa-6RMbOKA$fnu*lzk6a)Z7h^l^0FvhFx;9vgEPK_B+$#
z_L-hYpQ(~_a==F*n-kA`-pYeLFa&q<*&gL6_ZXDoe=eAWkHZo81RRaKVF5k`$Ko@v
z44>n5_oc$_jm)k1tz}#PlXkb84I!z;r&5vT*rYDQ8PiXvrk|0x^lWPQTrw_&ne$(2
zar7wx@K=0CyaEOI8>qlnVI{r+C*zyYjBll^cr9bypQ=;NU}hz_9Bt<@hu9nK>EukD
zzxX$Je+TTfyXO<|f}JC|?K|v6&Rirxd?|HjO@kv+ch(qA!T~>kV*C)s<44TT$1n{)
zW$}FmGx1OC{h#yvmZU#H6Z0Wz9%pkhFvW>vWc9qw%e>uUR_L!%+YROXKDpgNAouOp
zyxli26u*Vx_#KSK?_n(8<bYdK+cfevd<*Fee|139;%9tiQhIR8JE8npE^X?{pRL%v
zopD@H!Z{4^Z>a9=T?Rom2V<`8iNGWU#gqlZh++6Z@}A@B!am3py+iFY+)e0&VRmJ+
z1I9^?nSfWa%AVcI{jbYp+r?$imhV<ud7X>neVG<tsqV|Tb}38kKVFv+`MiGt6i^|Q
ze{gPc5Ea8n^1v7x0OL7NIfRB}C_793W@&SV3mi}SIL+DkO?*Mw`u&Y`33zoy&Xfea
zCKXs8xM9O5?uYJqJppg*2jwLCxAy4G{Rny9+JA*1E8ez8zw1g~9`9s0#=EvBj7vF<
zW1|fCy{K?}T9&p7-+}k|xbMLSy0=9*e@8BB^0Ej=vj`7nk&T1dR0@qW5rX7{c24gu
zqH_2-RlsJN3|namJWo^Mb(#im(_!!t9o|d452YOcJ4f-GGQ`^n8}}0of0gzpFs@GC
zJCMNmYhr&Q<28S9M3$D9=Y5e)s;2HMm20_(1^(Tv`;6d6vsfy#St>`fRH|SGf6ak8
zR1L?|T!_#-SW64wOj-yR(lKxuErP457CLEhhBQ$AmoeMXvTtHnVQHw3d_K<yKK-2F
z%IbnFR`Q44I-xsxFQ*mk0v{#dV+Z2-BmsZygj}EJ(*%4b+_(BXf08A&W#TtwJK=MI
z@x(r#=Zn4*`y@@=1V!BK+ay%Je-tVjR-R#9U3olIdmBH;ns`mGEMwmz%1**$3uVHX
zwS-cQU52s5m9boDrJCF$36(v~*s{eWUMk&J#r2}H6xl1wNVsv&%v<-Jd4K1h^ZB0V
zJm2Se&iVayp7VTNXmy_g^Y`~Ndpfn$)VrHw79Y;8qOT`J+?-^JeLJdyJVAEN(M-r=
znih{l7H9oF&)&1|<;Z&ehI0<?Y+m@fPNE)q_R(EX>>Eolar6sKx^a2Mc6I%j6OO&|
zcy-;j4oQ;^wq14Iwx+W}&z!`JX*{p5eq57aO*0BX-1t^#_$1WehOtX)xuVZye>Pgu
zM`Gbd*74IK2TGg5%9YBD!x7)of_=quw6mGdC-x?#u#(!$>@wppryj=#I*HktrNz}<
zM>5g1Yhtv*z9T6eK^0Q$Q@XW6=+N$lnJ3^ct>Xl3OU%T#g46*gN~M`2k{Y=9jJWtL
zjuy$X_j#3#Kc45?C)^jG^6~2J)>PT`nD>>%k>*9B>86c~IyGOe${8n<2P@UFK4Jwz
zE(5^u=~I!998d&*=EMch?`{%)8=_yp>2q^KnF`d8AG7YQlX6HCPv`%9^8IDzwbd#c
zTgK*Um5FWMqz>EGc3)O1MWesdbKDZS-;HLJl97(}66>83Djhdj)m>~C@Dje%;C;G4
z)-uEEy>xJ@|5k_d#CB(cJ1_4Tc^~>jF}yAER#y`B2lyyxck`jyQG%87aG~iaB5Fs1
zeL%#)M3n^eBz5&H*fj01s}M~Ad@i<6o8%sV#<ZHY>Q4vfdi0NCn^Zi;dlF=ZF5jn3
z2Q=haEgV|g>+4$o;YyU^utWVAu}Qq1I=F!h>uiZaunw(!u#Qq?c^q93j|UzXiynOK
zXqHs>+VYJ%ZpyE`<g}MNsy11rNPOD3DJACh6}DE`-JvK&lv8YPFB?F$54>EQqyD*!
zj=%8r)hyel#m(@QC|l!f$JNKZFZ6EFd_A?<ISTGfeZ!VJUDIyS$d;mv!umd&co*|m
zkGec)nB8pF#aE&;5^I>-=={=4Q<*ctYxp6D{4(n)YBb^#4)I!UCSnbXaywRrV#_Uu
ztleKjeRn&1V5G9RZmiwigstr|71}61mra_`M;{OJ>F`CGdz;8UebQBX%<T|utuH|4
zt#p5$X`Ea4`JLo9+q#z3W^e3#t5>t}7W*zHS)(j4GOu~8q-4{2$A~TgBlxrs+dPPQ
z_Mc_t5zi6Fecu7WX;qB<X3BH6=Fve9OwqOs&#f~A+1fHC%dGbyS&A0rHVy6{(UF<f
zx%55r&-eQM>d7*xnrV8U9zdw{gZpO9BP~a;&SZ;#n}RiUCfkLL0Fir!rZ4dwqgWNn
zeJNdxpkI=LP<!9D;R5Td!^b|@u*_Unt3-brxVdCh(plb<c7nChR&8)Q*4n&L5L)z6
z3BZ2*N?h;5&n!gsFzKP@IgRq|N)(fOoo!|vVpkLp4}%5FbX5bMT#zR9)2zMCr|b@Y
zF2snQd90Lc7e}_$O{O;}hD?4xx!rQG?zaR<v2?9@j6vZa?zz|fgQdoeap?|>oUNi|
zK}KH6B1JQl?23$}_P(g>B0WDw4j3IQyNlproQf)ACoq-{S=jjOSt3rj=jOBqHRFiP
z+fh~wStCL7it}E`ikaitwDNxGSbtrI>gu$w2Su%Q$QutOB*)yYJH^KdAnL133hks;
zUd&Pbm#N*(x<vhNxlb3m_5CheC1+8j@TK%4|4hujL$rSwd``GL4MOF_qq2YZ*ZR5=
z;z<$6yc(NaU7?a|V91s?1kPw_CiIHUegtW9M2nryIj>VqXU*(XXiL9PWHa?^&iNCx
zD0TS84ux)V;<dyHXuRt1Fe`v@0RF-+OGf;A!cq0%-4nXU$S%y%fi!{}OC^`yIwRvV
zrzBtNTpX0O@}M|^!6=UK^|FliwoUeGFTYTk^k#6&-B6(jOKfx{oso93&nl2Ot6pKz
zIvA|!UFe>!-zPs$6OWb*#Z9)|n{hbf>LX-WjvkeXmdBk9-Lz!{{i8ef`q0IFG;dsg
zjqq@5OoXOmta7Wc?104%y~^E*cfuCTTXt<^Z+_73`ihoqyUQw$5I3dhOP9SJFbYq<
zHY15F`TT2SwA`cCp*ewDe%G4PeF`p-P#GSU5*bu)HPYSoN}ACAo>N06cT|KNQUAKC
z6H#AtDy`;J%066J*8?Y=OP|L2_U=3rPU_1PQ39w0#8M+&bMRznXJ(DO?Gyi9<N2;(
z)$a!Pr`RWFU>e3Zb%=xAP3bb#a_34XZ*GXs?J!)J>n%e`vRBNO^)mBTM*^7(Q-hmV
zzFKAGt&aqT&rexEn~I<6ZQf|o8&>`+<ibeFl5y1lfa`Xg#uZRN8juFIzy~ZtXru5s
zVz?U~?ye6-c!1`r9H?zi|L_tF9p3^^R|a_3HmJh`RO1>69(k9sBme+&u%Q&M4d4I?
zVL){+jwcQd+i;f{0FOcadqs-_fSVKEe)mClXTyyy{<z>y8k-Wa!*=Dc)BqE9j`;gF
z&Pg>y!+<K>cAEkWs0iMKnlYe`8i$Wp>zhAvrYap&+ivy$+4D-JBKcUJ!GA?KM25#w
z$&rra$S5kLjt7xk(hyHjQJ_a3I`0Xpa)ELVz%qfJdV(5UU=9XADzpU)YH-8i6@irG
zW4W~#a>au1_$4@auBICljs;}|5GXnWg@p33AXirbdVqx)Qtauf4zkebPw)!|Y;cAo
zaG)}mb{7r?1W5FJl01SpQBGr01m~KR7oF*)1~G6y+_u0VxD^`2f$H36$}9N8Up{9@
z9uKN<li}5YfE%HB)-@`01P^L+V@bxte2sBX9v;+C<vdTNdoSJ!!tV+ZmXP3oUt*yV
zJgBb5F#=0PY~$g=A9Vo${z5fffYb<}5;sg<O#&GnegL3AM+u-7H_V^o!8y~x`Hkq6
zP(A_F<htS=&&zLR5552CiuWg(?R<P-6BI}U)wvm8Cc+uV4AU92a!@PrM}=Q<z(2>J
zIoOID7Af(6J!JePULB_!FK&nINI!1%Ac2a43X1>~Mgo;wIMw0Z#{662g)#^bPoE?P
hkz>h`1}8)Ps8kGE7?y4V05$kfg*P(R4pwmh{sP^oqfh_<

diff --git a/classes/ssl/UltraViewerSSL.jar b/classes/ssl/UltraViewerSSL.jar
index 15f6867fa86e7f3bb45c819cbc39f684b7f9ec90..c03790501157dfee62a20d33fc2dc2ffa10a4040 100644
GIT binary patch
delta 39835
zcmZs?V|Zmz7o}UVZQHhO+qP|<O2xKSv28miHY?5vD|S*rb$wrV-{;=$`|KZkueImj
z^^Q5l-21W>`fCXqNmT&?67w7EzsoYiGZ~2=;y*X}PzZ|*&!&Y!=>IHJ-C-yJ29B6k
zm|tJlb9tLPo7b(Zu=&{7l?%)Z;6^e<JK|fm;<c{}*rB5n%|u(_SI#@iN^0s+=dmc%
z#cHIeu$iU(lT^Q??eBuYNCJmOvv5iJ)JFyAFW!7`^x;|lzRi8^J>&zP592#%z*fvC
z%(_Uxxq{P*w2Px883F@q(`?fLt*etI#?>`&4xF`56yKqd)bP9uNsb%gUNDGJZ=c8B
z*J0Bf9T@i8&^zGIl=+j-z4^Bt*>@-!Ys-UdKC*p-=nJl^Sa1m(ZaCfIx#!Sf+h~^O
zPKNr4l-oJ_DaNqdRFlMJ+t>6r6L1};DEhXtHx-#G!5^;Iw0095TCqd{8tnO=xln>!
zZ3d97<&xF5w?3B8EpVqrrH;nCi;KI-a+mJgb2Ajm`Hb|YGxc>AL~9p~s#O+n_*B(P
zY%m^PjN-b#ay&;D7+1%@70MrY%G8xr1Xok8@Gd=;u0ti@D)yADm%y96X?8%*5gaPv
z1|Wz8A|#xX1tR70cbFZ(t!TdoFCVJ1&9<xHHcys&>L;BHwd956JQ8@@*q;MQ7eNA*
zPUVaioArx?9yeuHHWh0oELco%O0vzZ;Hwe=Z+^JUid9f&U5}B?ce|R&M2%#Ros`Tv
zb?9wHf)2+?Yfuk@*i42Wk9IrhOpn%_f<E{_9v;O&FQNjH@OCKRtv3}x*8mxXg4C1P
z+~J5REpCJZ`o@kMPV=@(o~Lh4Zbp*L4lOfX4l`OYK_Z(dkeb9$3l{rgUyAO%zqwLp
zv%cIsL$Io&%U)dX=4m4as4a76J*p{<xu_bk-KbP<o-ewIxJ=8d-qW*blhO=)&Mie=
zPO4fg2=X3WiCX|PvRnQ^OxMakjxZDG9CWCrsOCjjeU$03whj4VU7b$zQz4X?DBOIs
zdjrrz!F#p8MK~|iYdT)b{ZJ`(TC@m>=nq4!WG-y<UFyc1tS=JlQCR;R!m$kHjxs0=
zGbrx#3`0<*@Q~^cqRct@_!)Zt{wvG52Qg^aKvD}Qdg%cm86P_SbC&qSYHq(nZ6-<G
z+E%f~h45>0aqp-E2gi<o_GwzTK2DKaZv_B5?g!bPabW>#jEly1LHh%3dW(q59O%Bz
z*p{i@GzI6>0?fcnIJ6&qOz@Rj(RKl6@0-zXtemQ9V-5BB6<BV6DHQ!iEvGg<({#&W
z5uierH6Q_~>K)MwQ*0Z0R**yT7L~6XS}S|x+7Md?;2vA=v;HU##?8SKWarp=d|-z>
zvQNtaGe$DTG%{nd{QbMJ2swKwsJ)4PK-c>GOIgFLKU7MHQ-MeKh5c!~`aIhD&FOo8
zXk<T-@DJGPBL(>*#_uzm+9HOiB}~9!!@bBj%Z4Oi{TA{wrsABZS9SpO?K8yUkw*HQ
zrB@8_0Bs1Q`U8`BZW5^Q_W*up&}#~=0h&z*qd2ErQj+0-XM!Yyd|gYbK79f=j-vyk
zj_%{6#w9#>Rx&`ZfRkI9_VlMeetbr`TH2krPMoN&QHIa^v{J_1Yt?odTB1?_eGmO6
zMhz#RAiZF9cDbOsp8lCr2k&A-qZN;#+qw8pJ^N+u!W`L=9bx)Bt)|-2WCFZ&D$rwH
zF#MS;p`&>1YYvT!(E@b0z4C~nH{Jv94<*?!EYn~{M<g1De8|QhX5<M8;fcwzz?RU@
z^LNqUSwvL<29{;lW)cMX?OQ3#w{QO?<bMG9Uqq(HA~FCrJq&d4{u24|=}gU<`^m{>
z=5<C>OvkKpleIPx0JXVknnC2iDs@^z1>l-jX~0TALv43jb7l~O0@<YjJQTc@y<f!4
zV~9)vuJtR7?|um2J09`(n{9{nW+slsxVd|Qy_b9!k(c?uZy<qh5qH{%7M*Bgd^6_<
z<-`RC69j-xED4x`<5y8cXyMAcQ^de1&<I;rXA#WwU~d5ebPRN92oyvtv^=yUgaWiP
z0WCo#t}7xfgciiSM<*L$NCiw`iM1(TM6h7Z*!t6NC<q4s2Xdf{IqnJ$p6}$K%+p76
zNMhYQ35vB)pg2n5%1FiI?K!P*s19Nvcf|a`0~;U^%w%OG^KmmXG(DujH836IKxkrP
zYmiJVq2oQN-@c^1qoT4BXu?N<h$h44iS1NVi`}7W2uoTV#Vin>=b2eHjfyfqozapt
z_f~&p3tmzxI8bd^XjZ7B{uJl=iEshF$&?~&FVGH1IFK}_c~`b{O(+s7iAga7ta%@K
z)&baAcJv(j6=fgaay)gMef6{3!>D&$umTPEIF^i5ou#nx5-7RrlBSpLmO)^XQhmsy
zK=<ks>?10J*tk>o%{=<;jIY|9l#!g(QLdS+tWhnDOxMj(EJJG0Zo2<u8~x~}jDHlI
z&Z=Dg<7yXO5!1^!=SxlL2Dgs=D*-k0K7bq|%CF}Dqb(fjJm;0VUn)2@`<2_+0ymdw
zvmh&XE{e}!t&E}8zKt<RO>+q&;a+M|KV$e=sOWb>CzFn#NtgPo{A;~dCy|A3%q0fY
z(u{E<LIz7;T4P@EZ5pj^LWb$;2f80MFJ`MFHT9Qs8|qK}NLG|Nbo;0$5<d>?Ex>lx
z)aHV9)&#SmnpaFnE_sqBl4d(Xvn)E3Nv$gGs1o16fn=Soe%B#=mvoYd%~YGz78%<q
zm&0oMbbGbmF_sw?eDiM@^U_;d+*y7Ugk&8qwI*%xQ{N>Tw32>r%R2h%r8-??JVp1j
z`m&r;1bHH~ynv+#S}k?*Z=4O>x`2SDb8s~pC&7S4GN=<dyktC->%B4BvbTWtU!_4s
zpB!vmJ6**;31y(+7y^65)wH=xRus}|^jjNgyX#wH(%3?#D33IC`{|e_izMbdz^yD>
z7>PXgsGM+^1Ynh@b=2G3*;)f^e(+WI4-s2p$hDlTx>wqtWw50zJvnF0PXTZ~+?Eti
z-+UAUaeQ(dNF8}KTm8<nae-mcHwW*UwafHW&7ON{lrUj$nRYQ{(TLQz{yb209ke^O
zQvJ6|AKyeQ&$7x-G}!MbKC-%%BE)O9Bw(<*qyfbWZxyfE(S;x!>TB}|kQc_lXanvu
zX1at}d3ieSk?+W8!yP@)1)%tW-H`2zF~D&bFr(T8?YYITWS*1*^iK+%+OzeC;Z}J6
z^MTHnbWoH*MCTCD@7dbi$E06!ttq6`$9Tq1(ZRVbCzgWz)UC<TPo%n`?^*M#6=gdq
za2|E2iV%{Tn)+u+NK+Okww=WL@LBSwT&5PIGfz1n6S`LnO&6QW4q%3fM{H{j+eA0r
zguPC;bp~I(XGDTBo355#?f&Cy7oO6qW(5iFSsjB+r?WY$#bkv^kZt4RNUOADy6{Y(
zDh@m*G+G;Sh@$MlTA|frCCDnA6S?*`5}s3f0hv?KlAb;m`pyox^}bdggGMyr?&nkS
z7Iqm4xFyjO+r47iPr$9%7V#?Ud+QTb4=veQszqEu!NXbUJbAU)nTd5!c_dxd`4GYh
z!_dqlgRBR^X9JnSJDq+!IXbD(Bv+&5J3aYikya~}MvX0iVLzw5DY3t9uxD|u2lZHJ
z0~oM4`+oMwZ!Iq8L{zFEfI7J+AtSuo1zn)D8=6dFZzAD|1!#ILs0v_xaM;MTH#G?q
zK|&(j_~F$yc*xXvjjhYzC&Wp)C*5QG5^>SKV{2d*^djfe2<2S~^<03xae%!6@#1$A
z%G4Nno%(X{SHXv}kbl8vUoc!*v5>Nms7&?w6qHzdutA@YN|H!JfD1c>0hUF|iuT=w
z!W$)&GR<4UAAqBh@3?<7Ysy#aM<5&7Bg3TukqFfTO}wtrDY!a#?)tPVvak3Nge2IM
zo#4YNdj3jk{$WOV1RnXOhWHSycq_vSOf-uo0Zs>gbGgOvjikBN5sm`fQhv=wZU`5c
ze|}I3j6`l~6<E*T$z)HHSTx)MH;IB{`X*IcMD92)0W2SI&pcn0?*byzUz0K$1Fy92
zEFw6Y(?Igb*SCppB#C(^7|Cb_(Tex6$#}tZ_lN^=CBFDKCM@-tm7V0>q?2Jq&;^tf
zw){0lt~hs=x%KUX<H_r8S<2FF0@vmM-N=LJ_OB|YH55|$H4}=9ma}6G%TF&t5QpqT
zg<H-k1M9F0>Bwmmzsw5S%ooak1k-e&gctmuSPCQkFTwn;Uj8!?E$J8{u>W-t>jY$g
zJr_(Z%&+UOEDs-kaiXllwHPSK7nzRON~|qrdWL=bb9rbbY(&<bT_%n7&1L}uF^P{c
zh;f(#Ias*yu=Sh;r?82V=>B(m^TWNOf}S3(a_2C)>#ozlmx7zT_xu?az%BsR6um-G
zFdmVNfsHIVH7jjGfl$#DlSP(r={*+ktJm_-N-;ZXA8XhQV=HO#L@U~^&qu|Y(wYkX
zmk{|~&aO$OZ>VdUDkiIae>F=xq<3Dv!LxQ>;0{8@z4OLnXc=CJt`?U>$lb1<g4ULj
zNN>uzZU4l0!<!b1X5jLQE{n<_@u=0zpAZsaw2e%EOrt+R%tnrk^dVOs!9Py`TO>@C
zCw4AHb5U)j!w>vpDE3Gp5LJJ%6;P^Oy5qfDsuSLGM!k3VI@CT@!z&1AR!jSx%~*CZ
zad&g*QR(Jd=muy=r+QC(v6$ix@W6C&fy4+scZ>&F;UL~3zg=|P%_)yoqnfJnaP(d4
zA3wr<1{IT|-4YZLXojSYeE+rpRL6V3)f$X#G#xa4_dlELq~m00rAJ~Y*>!pU9Vk^q
z=jPsP;owpwwMj}*bn<0jpx4FB@@1?FxUm$z50&!jGPGcVrp#EP3X!boTlnq6l|r8m
z{cKgK;MB1DYsvKHjpLj{@VnZV*>_qNV)#ek!`ZbUVLO^}Kobi1e3K6v;EtI+ck}zi
z1PNM|<W;3X^d?&edI!jPtP!b0oV)8H2~VI2nIqK*s7mdDB0;1}2$+8Zf8R_P{&q%a
z?g{;V4q<sNh`a<flLV}QxeaWn?i~C?V!H=I)B`0?pbN4(FqWHa516k-2HU5g+c}tl
z$X=|DB9rA10l#LbW^G{r0_BIwAKcDIm-)(uk!daY1vEt6;bbzqKiqIakQHT=n+9Yo
z$|ZjJ5V{|A<f5G;Bpi$mNRXY55|xA|pGyuzS}LyZjZtSW6fECRX6#&ESLL#%M7KGh
zv6UA^`h3w_Us;kQ)@??&0ao;^gGAx6S6LOkcri&;7<d&kRew^OD61k=(2nZag9z)2
z<w-2EnM=fU8s!W3>4Rb%Jh9f#Iktb!yQTIIqC8Rs7dPB;JbcQp-w_1G@0}CWXZ@bz
z|K$14VcX|<lNN^f_Dvq@|9#m0<J1*M=l~8H1X{Sk8DT<`-XTfo3v2Ck#`xgWY-KUx
zHB{fVhsPq?%k{ldg_6Q8d3GFsR(1S=`8dh^`W~z;lY*Ch2lL89_>>BY%e>=XeYrGG
zU0Rtr3YrfPnh)T6f7)Rg08bi}fgg9}{_Y_*dP_c{0G6k-4`h^(1{=v+nCD=GyahCa
zLp87(sxCz8ga;>+5e%mMK(!9<WmINBtbr%zWf(R=*e~Ai`nLA`MwN-+u9w8{qnBA$
zII6~1Vkoz>e4nY8N%<zKhtrIS6%)@Bnz;!0D}^;{XQjQZv>ilgbCF<?y^L<TvoN(b
z9yHFUBQ<X9%<nBRth&`c?!t=z%>uX>c6_kUo-vy@T$_ovoNGeT7@gvXu;V?Yd^NYo
zq<ZDZQ09ehj+o56NC)p&Zxzqx9J=sw=3!p#RC*a5?=Hh%h)FQZuGu#3xP)J)%8P14
zyK@rH7QE@6iG678RGHNC>Y2bnbd%xDoIa^N#P(UMr7A!zqF1(12iFt~Z3TpV1)O6$
z)`^oX`Yj)Lr-7GbH;d_&;5iF`Vtdh^T%#c`!mdQu!*V8;Wj(29?V*e_lJuB7>c(F@
z1gO45-byMoG|pEn+0tbxsm}n^`D@GmQ&7gmDa3hEjkxqFvR=dY)Jg=6&6Vba81&p?
zJ*aj9y6tmUwQG&P6JpruIRP71)86v*in^Q=h&Zlt3QSnP=&7{~BkPKxV=66D%nZhm
zomn|Gw?{EYdgymYx?^7MLSj(Z$__JZeI{zO()c?De2Sh2b>MS*&t!SmyxR3jPFyv<
zMUN71qq98}CDgeBd4senBYQecTz%M2n#GjXQH<ICBtgB;kMyzVf&dBYJa94s;DS3T
z*7gMN1;X9p!-_bhSCw&ERr=*U13PJu9o1NN?m=3)4IW!3{&Ss^QhpZsDjmbKIR`>c
zx$B0B$+|o+9T06PZ614w?nv}W+JmRsSa;w^3|;cJM8h*}@MXgHx9c*S+?^mg*dQs6
zs{0Y6C0SD~vUEGXPyptk&_*Z;m<!FByfm}<DxBx!0$=gt6Jcl=Z;(G3Ho>9H&D`-L
ztf6vZZe`-v<M!lx+{Kmz&Aw_c6dm#PX7~*UI+dV8s|oM)-Y^RQLh7rab>7Tg<W}IZ
zyUO`ys1W6)ozw;tVEX0;KnO8{eEE4a5-F>iDZ7`6LgZ2e0N_AShTR_wVGsB468`=1
zrG$u9@m;n*{D4|I3^UlWI9jHm6G$Nmlf(O4E;0HibwZaq1`z5YfhH%)zan)suyD5q
z1XT@rkD@t}h?@);uKeIgxo62r28`u>5HL>-fO0-y+K)sQll~4fy}1N3?v2shi||ID
z((TsxrRS_ls0u#wNdt3zd!uQhgy_EQh*4e-1;*%~74fcKAF+BN%)o@dp_%nXu}5ey
z%C6ZpKbxMI{0Ay@?{BS4|17Wi|F*pU+wr#aQ*c84N5Na3XpjHr!wxe8+J80OL>#|`
zN|XouzpqWi&%yqmT`S3q|L&&#rvz7~@PC$c%MtuHVQkq5bw&PftwIVV;0=JGh5FYy
zw_j<*owJoRje=A@2b_*H<~XG!Ts#MQ+6*<s>ERc%lJ|%;1XBzt4{e3-kB%R-^rT9k
z8}pHSM=*bBMdmJ{)#YtPva@+yuCsaGZvX%h$VONcaNUrrRoii7Xn{}PSU2|XV;g0M
zP9oklzQ9BwFinewm>@7)z=B?>f>Z}d)i-MK>N7afDC3itD%Ot;5>cY(`>w*O))>Wa
z%T4(q=aFN))BG@+8(?9t(h_qhk#4(*p;CbpV~EhWi0r&G`#axuN6<ueZ35GV*sw@k
zw*&A98^+=C5ce^aVO*hYviX6?^DXz0^up?HVq;QJApZyU%+x9+fcBgkYTVU2%J0Qi
z=VxgFqAk_{ois`G3?*_b?SUWoD#{{9lIzDrKz2FBQbZxACt<IyA*)5JbWWlGRWYY?
z=UhTpeWYyVyEdj4yKZa-q-9rahAi}8?v(ZjBKW|Ix-?BzHtQ_*f_YE5fZW}5YUQVp
z-d327)6%-1>@&sofCkUrR{Ig8V{{8J7CLoXiW2`03temRUqTuA$#hUHBW1qFVpC+@
zYgl$>{!jvNp89@02JQHS5{)e!Yj$2Q3O2c`%s5Te5%E!Wy5Xz%Yv0*R{&d_QpffXM
z8OBsw{WP%N<Ua1~wew5;0jFZv@ykDAW_`R&F&w>}ixu~G31Bp*1yfL<Q@km$im#=?
zUN`co1ZnJ%Ia?c5skE#hwFrAT+1oaW9rlS&nOmpTDN9IOc3$Yp0;BB3@#gi!0*PRO
zogdPL+E$yt-PRYvfy;1&W@V*GNH_E5Jh?qW<t`h%EISr`{g&@kLx<gZlg<w437-o7
z25z#{IZ9V43_x0U3$?cHJK~H|s58CRF}!WKi;r-*%a6E0)3^(bAi2Y66LfjbT_e*N
zQQ9^aRjQ;5UzN`A=PNEuR&_HNVR_XWBSIP=t3UKX0_?{`^mJAn2uJ>*F@F@^u6CkT
z{#%;TmQerMoLlZ-y@?lt$0w6R*tyr#>#zFjpuM?7AE0w0bo;uRfUoK!uYKumBDWF5
z$mLJZwYIr^8uw@cw_dx@qGz`Rp{qJ~!@<~)_)+Z6`G=F>kudt+zx-!#nnL1weXhUD
zq7D^Qm8lh;3{~BeHnl_cbuI(2G_1v+=c?>Z&p@5BUC|3alByv&VsV<5Vm9x9iNWB+
zFuLl%9RTi(<Po%1RPpDnQ?A;q{76)0-s9KO_~vPkyVN<|LHoVX6G3^4gv#mhvNCiP
z3Lbr|K{vn3Vq-DflDn+VZ@i`aua7p#HQNS1M0z#pQ(<LhiwN||dpaeSwj9k~C2ns6
ze+k3w3}cs|AZhs}oto_af)zg4KUqsZApX|TnFIWvn9HG#%zvRWJA2*KoXIeRw{AsE
z6@d#6FHW$gMX`s$L#HSIbb-}MmKL6WMfjoH!75A)_s6LEp14Y7gm5NQe#M#{RqPvT
z?g2)P8q=ETkBu<>Ca7gefs-iSlW1hl7)b2sy3!^nHkNNz%uu6Xg7{)y?6|n&ow}Bg
z`ptkvp13=SEY=^<llzqXE3FtJS$UiexT%q<3X$EGu2Zb#$OqvQ5Pz^(na*M{^zL9i
zq*;ad;{1iNSSff@zb&SR!Do$$w;>>8DP<9c$+|0pdAwl;x`}~3cy}KuFlrA@@7f6q
z(2-siz}uQ0B_DMymSAs}DE9h0ma_<tDnkM!(KW`LXRrcLu>zXZFGrvk!{dty+>*uh
z9|zHbc$pCmQQzH+9zpH0p!$jZqQ=|AiIg$#(O4u0F{)1pj!6rw(>7PDPo${*;+~nx
zS{Bk@{rlIctmUo);Sy#?Ra7u)6ws<H(C6(C(Z!R?mPr-GU6#$(&&OJp?e^pOsWE_I
z$L1|elA*(+VKYX%XQc<MM$c8I*W4gZB#!H(GSr;L$4OqsA{VAnwEK7AH=&rHywV`o
zJb5>8GB<cMH+-c-#Eh60UFtcrE?yN-E0znkh5Uk{HY)NSkRcw5kzrp;yul5{xtRIT
z%bIV#(%^OdCVujj+^;{3-z~e>XpA<{E#6t+yd8Y&3+6vc6gMbR2?qV`TPXbh+1_Sk
z(F5LmFuYLzIvVunG9$Fog}X;8EMw{;*NG-CWoW}Q)wO<?LhG2#q)xhwn1!a@jd_WW
zF{Cg4LE6Eo#kX=A^s$dZJb(K4(8HR?2_DIhh2tUrCh)Xi)8y;@p8vc2ql0cjz4(eL
zN9a4A;Gii&C`{1C)GHZuM1=EWCG0z?mLuSyNM{6BQd5!((@Y@tQWfoitiA}c9A04r
zk}_)`HDnf83J;7-i=c~Q^}x~S(Yjnj6~$rr{b0rdiVX6l3?-S}2O7@oyFsh4`lbwN
z&=;(!j=@(q&PUqdiWo$l-u6b|+!jY<-m+^nG@>+Ei=r88+;zwBXkO~DcJolB$^r0<
zov4VQzA~=HnM>%cv--4%5{S409Gc0mGOjFD2vU}`S*>s9WT|~3vErJ`&|(=TTD)m#
zpIh;I@~i)(fpn?qFb*owTKru)4Ud~&)pHVdI#h>VFRd!JL7Y-njDns6QLqNo=8R`(
zGkU~aC3EmlL;DlBIWo;tJoL1-jeueGq0Wp-y7jWdouzBeZi`X6?d%lqLL9T;B&k*7
z^OdqZ*e-0w`SemZ=|qgS8E-q6mdnmk%^6th(4?M;hiZPE(qy~!{x!3*OX5vTtK6@I
zgbd^wn@CUoI&Hm46|YwFz67kw)ut3NqELTmq)M%CL=JBYKlHI&e)}T0FaT&L`PVxu
zWT-bN!@DhqQlQ|+k^NRI3EZ0bD|XtSAEDN!^Q$VEQo#~7OLM=QML;;KF$v5B6aGYX
zp~r36TU-nasLbJ6sY&P-9eRGw;!I&*u;pJuepIUsQEC?0*I$W1l$!mHksPATF!aNl
z#9$4Y31xT9U`5zX#k63&9}TdMNI7wA`P0dXs>eOaowwQH^&}}_)po5ZV#tgTk2q#M
zYo*c2!K+rhB%#DtN6b$9`*xCdtk{<T|L(~9%F%@_IyryB0fc=o^yD2{X7wbJ`hqQ`
z+&ypRwM1Yk$RcmS4gCU3v9rtVx5iexoB@!Aw@g%Toa$23O&?gnTLL(&P4Ea5ZUBKJ
zpLIql@C!>+Buv-VZOoSP_|>p$Xr;9+to0c^FAOSAZ-z51mQpA^_wc@#W|N;=70fpY
z!q8z1o#Y{z<XFsgRsm5Q0y-w`xjA|m*LAshdMt1~7tcyP@dL=UB}N;wHwS0TDG2*F
z5A-^4YsKK!<HeUwumDO!X=W&b#x-X6eRz|B>_w)2$bXv~@N0dC*>}2T$0&U;q*0uD
z*;bM@RShBpiUaI=sUfE$8@f6<Q`KCM)K9z7F+#f_w_7PG)|^u~(c$b;A|KqT0wJd_
zDsu?<i%JsFB^3DfW~HlMsO`1dmLVbw<S3L;sQ3I0lDT&Q%z)711cFNyIb^O@T8zM$
zMM<nB440vuUe3O`+Pijo6?!Ow=m@GH1c$Sp+I{D^@_EiHp<5R#=yfaCAZQ*-R;9XF
zJG8DW>zy$Nc3&sy`mr&nN0%}F<|XMBw<9ym=?LhbVQIlfY!f!BgQl1eX!kXrw_S~_
znnU6mB9YSWGypblJ+X;~9?M``;Ynl4+4RbB^%ya+9s(e*Xr6coZ<M$jti_mFS`-B>
zh76lh-k_r!`tczr{TQBRY>O`aT#<4fklqb!w!S~0Y4<^gE?iXjyw@AbqWi-F<_v_@
z{iC=(<_8$&%Lo99%INFPe$kih`;vBd&Vm+a&^L^CH30VqE1f4^YK*v@BK36|^WPOP
z#S5V4p)$=0;&3V50@wF!yP3mOz;iF>iKF{u7v%I(=d8faT=f#He}%htvh;*dncC0<
z#rbDoVs)=9m~WMxI9r+Zx13jSj4`blto24&Lz%i)_<y6J4buK0>^mm!sGCNGz{H?K
zm`fayLqOIm9L?DL8P33A^=o{q*G~?OC3||hAOf~e_-fi8P?js1<KlnG!6k9f<t^^Q
z$w(j-V)xiE2pZW+EEvuwD0*MfuPbFibDY(1J7YunqNGPurf@G|IG^gyh&-KEoBPzM
z_E93Vog!-VU*e)4@$h#jP_Ha<j^xpT+b{oSa|AH3=<NtqkN={N)c;c-TKWr`5dUjM
z+-vHE{%bF!FGw;IGr?d|<<40E8!G#7#QT8nkl=TNDEl&G^%|!3V-N{}SG=bM0dro#
zA0N*|qA2;ON`|%vn9R)k>QP#?P@ROPLW5cn<+-$5=NybE%br=-hpOFbO*A)btxFbH
z)Jt??jqmadFW<?2&mC|VvT{O?^*>_DPs<#~HgQr2&z)0Fm2RPl_j|en0PDZh@uyu|
zdfps;2NQkG%V^`>fze6hR4O-*H^{an1q?&^I;hdnn317|a#zyjt)s(@JD&}gbkwK(
z3hFj#bM$2z<C-}XORte^im^+uZ>m};HkVI=3IwrHTe_mLqc@0=TWsrYRXdy_*x_sH
zof}wg)~~$J?*3r)ZA~G7i<NY|;W;O0)>a=nAfmf-U1>&bUR02vFe!V47vPb8afxc}
zB)w1mmUvw-HKJ(uDI&vqV-lgl+n{?<c*oA>tNCjcbM(=HQ%*ya<DS_L=|Cp*g#6cI
zzhn>6${E;j9gC?!hj7U=+U~Snj4+9>f*T&gz@0<upJn`a*2n;Lr8~scoI`E9H6inY
zYoxIjfEiDvZy)_%xVFkKtayw-UAO?5rM>0rJeHV;PW2!&%Le>`f8$pe*l+D2^#@?z
zzM=mMz5YKRtfWd`&;Ydd{v}?RU(U@`)98%ls<sYWWlB!s-$~`2ihepdGQn#SRASb4
zGV)A{Z!GL6RrK<LHgHG+y=y_9mvPH?VnBYVRwB1j`roes(nOykfp<lqt{zBP*aXLu
zuRn8qdweh39xnYo02?$>24*_gk`i<nH_GooD?+V(V3WLOF+gG54R43t-%=25FcrRf
zfeaLes}jRZ2BKptP<O>wndU7?(rSpafqbov6CPS(u@H^3u@a;K`Qe>fQd%KS;ikA5
zk0XE~!m#2G#v)=Vk2j7uA#S~=O!iwU7aq=;)))G)X;RxL(TosD(6oX6C0Rm<MY7Sx
zkAk6T6H2aP0JE$>QW2rKIx#0fg(&ymF>^MA6gIysb57>qjB4K`8=OwNr1lSFJzHJW
zduqp=>Q9+Qvg0qd-492IoPg+@Z0Zs9eB^ma1qXjL$sJsm@mlY>n^--izcSk@Qdeg@
z1<!ROvb{&1aZ|Uu6~S<D(=C}@&Ocho4pFeK+O!%W0cc}mq{QQ9@cnWBax@*Dc~y=i
zjlKmZE_Tm)7J6G_cvHrx%p$f+@-BiOIUUW_`;A(&&8?f-5kv%5VQc90bM;az>dYYs
zzXTL8T-gid-C_@tYSwd(t$$5c#_v>92qu?|`U^(6ofVfrvgx~(g3H1rhYT%<zMpGC
zCGtCM0G4w~Y&2)p;;%`m*~U~&q?xsUuoxIKdgG6B(t50lFR3R%CXXOW<Sw<gC8D>S
zjI(O+v53n%!!cST-d)!P5%`TFN7+o9MfACQq9`j_a*kj|iXUB|^3P{o)SuN#$H!LZ
zQaJaxb$(ymS(C$Qsf-)BLNtYa&Y|u=*PCtU0~n3ww88TU2v2%V4GV)AMdxluZ+Wlv
zX*v@<JCtW&kAV`S95iw00DaZ5y-VG+h7se<IvuY|I<_1f+ojbG%%_$RM_OE)SJ97O
zk(%D_#Nt+Ho0aQr%}=uwC4;YJy%}u^-ZxhD4E*9ZQPL{;N-7QnLiGnrIxT_YIn!=V
zfc|)Sv^8CMj>;wRV{bLCA>hL~+s-r(L5TccJ~RGzi52lfq!KppJGqr&+aD-wIYd7f
zWlEM>zpY{BhTdRH&T?v)h*8`M>l-rAgWK0dX|OQ*EYltdKdVKLA^qOEov4Np`J5Or
zdSwYKg>roFmHca+9QpjCj74sPTfJ}H6F|_vRjDi8HjRc#$golDX#tfEh0k!N*<Hg`
zby$a>y^e-+YouwUE6S=Vln7%U`>;V=U8E-#z4qX%iYqVlMX{t*UMu^%^clC!FRXs(
z`31Ihur>7Zf^z;IW2GKv6^^EUb1r`P57$5$eaB*B+|R6V@7bcEQ15|oJ)B<};(*76
z6R=Ar98p`7=(Vp|3b-oHF8U^Zy7t%W&w&?X1371l15tQFnC(D$j2g3AtW|~$l}{Me
zTQYmMSokLk`f)z`T0g?EinAf2ydfLhVRGX!9A6{_U!s>=<o;2wK&hpMJD7|+lzubx
zeyi2jf>jVq`Jv2Oc;N<Xur+?LnWWAgLjZ)rrP9av?)c56(8pxP?RvNR!-1Mwzb_(1
zu^^nlnK9}I!hb+EsSG_?_%CD|fcw8eMgrhqws17_@JQD-`Zp%S4c^@;5)jx~;(tVd
z_k@>f-&v|NMbp=3!Ycg*-VF7Idg1BcEzp?H#L*JAn}yqTH|#($j;a*bk(0J2s*ce|
zdWZ6g)5~UDxmYQ-$FW?tbG5c%H@E%}EOaV#!?$%)C};?_5Nm+XzeoZMCX7FT!U6y}
zCEWxQz!0l>i_B%m8e?!QeB~sV{%FNb+?8HRYxOb$HSm=|SXefk?f4pZ)sQ9{Y|MR%
zmAni<5Bj+pU!yT7EIh1KdgkiR(!+RMW}qum1P>fn@Z2;1JM0rEd&alibO-ax(o7r?
z{V*E}I1jhiu6q@BweiI&rlNi31u!C~EeXdXGulYtHOR}wzAoj<w~-X^0-`_k8@UQ{
z&%y&nQykbhPW+?}*nL?yy_`NG{I(PWhUvT82a?*uE-F}FUWiDJqlFv{%303Ow3T&v
zWFFdGKjb>jnsA0i?*V#|{C>-m<sAJE0-N8x&)6uow-h^%)TS|G>Zz2s04W2;?d!(p
zR3XfUD*JkbmiPaRE5f_yLs&!$6h-MZ-sDWUg3;2f0h=P#Ew|#Zas~`0;(VWzEJ=Y`
zcYW7_!bX$Y_`me*{t{WwY6{C$uBVF~j3&0FWtfT(_R;@gc=8WliN(aN6(urfH?fK-
ze#RxQ*eFBDCT=s_ktv2gz)u7s;?ZJeb2snYfN$gxDS$SFpi|Daiae9yoW;b5(I;n+
zkk=#L*j0Ea7&#pioz}Eqp~B1M%EHHC(b1+I75$h{XV6_*7RBjm>rBQu?9(y(B)XA4
z^npX#qx@>31x^Fal;YvR?||S`X*~}kIGdWphyJIUciQ^pg>;et-~j3ae31Az!G3^&
z_Hn)pEGgwUVWh>e(mY0>3c(uu+4dunnVa{s{F(AEwBTP4_e1#zQ=Y?~GqtsKw(7gh
z<(5xdIy%_t>sFp{L|QK1Z@H=#bMpw1vCS3wNl2=?kB;jZgzqR-zj4IFrm4ErTwJ{_
zaycx_549I(0<d~e0319UUg?E+|03f=lU?E9009P))!%p*RVNM)PNP(HReH-O3gtRm
zQde<V%+?jPtb3kV(0?ht?l(#H%cp4)fRslSt{37w<g#~;B#CImZP!++KEJ`pO~lp|
zQC_$N!9_r-rejirbvSm{Wyj3KWrE@++PWVTK_mqM_+(Q60O0{zv5uz|-d2Cr!rv;!
z;e!+_%8?Cj?a%rEv}CCjL209X3hJO*bA~CKno9abO*tCk+O<;sPG-Fw8U5iz)c`9z
zxISmNEe!^R%5?%?ZS}(^^n&DwDc8r!dnmh_6zXHwm@V|jfZO5`bSA%FL(fX`wr^bc
z>#;eONrSb1fRaWlCg-v#a(xmCGMhhhFt$iVMkHor-+$2)UhU=$7T7~R_F?H?<#H?{
z6>Mu&%E{FQ{yFLpdeKhZQsYlbNemJbPS393T#NZl)avmUf%79q`eQEq4-5{-#84Li
z!u<mKYw?2vb4*J8mU--!xXQQi@HLEcyFy>E6f*cHzy62ZmRym4HATL@Eezg@Z0L$)
zW>vPL^tC!ekSKkStkWagRr!2Xem|9kQI(XdWClwCP)n~M?h1t&_6zDic;m4AJgobN
zx846=ym9_7ylL(Hr(gS<pOiuc8B5oiE^m}1FHT!zB3m@Hlm?IgGwFL^T6^ws3S$`3
ztaH|3t_8_sn~V4O`B`k@8Xjat{*a8#2h4{?-kq3`j|3^)Q1a|{!yezM&z#W9cJAKa
z;69k2Fb>A8Abp}=t~;Rw@PB$Mha$bs06--u2zY3$ZFST;(}`GrLyg;HLYHZ0-60}A
z>AucbG^m$e$ET(rYH$g3uaeDy)uiR7hC^XL<e*-#6zQ_GQC~<8hHQvu(Cn{T&AcAb
zm4SzMx`H(ga01ChIH6(PuNig~;ZA3@-qWl|0a5!XnrBcpaM!lpdb02%m>6$QfYJ%7
zR?7&qn+Xjg#|`PV)(uXoOEaVTvHL8mW2uCpIZ;=(_G%}4GljFaJTsSYujG~y4<3IP
zX+QH?+-~b>*AIXFGl#`EGDU&pX@ePYT-Xnmiyz9;92y6m`5ZH87~Ual%<lhY0m+L5
z^CuqNoi-D%pH=}^$&A9D=DU%|0K>!mnoef7fJQ%Ykfb(Km~&OgWOVY+QoUQ##Yh-k
z@=8V@an(o;yf)Mn`YJ}P>EqTqV)5xFdPYa{BEiXN|7;~F!xdqJ>;!?gbgX0wL-$92
z_F=_MyEdlcUrR+9ladN<B*cfwm&6!RI`}EXXTpr38r}syJU``$y>=Sc09*ztH92+o
zXe8Q6<ass!pf;IV&#cY&jRdh4-M`O>=A9QNGA^Pkg$YuER|9MskBpFS(<e;^dRmYM
znM2pT*q*ZvuY3kz?oVBSn=mGCDm;(`YPod8j;C6k%xKIrB^-=;M80ifWH?N?fJ6<n
zD5rB@jI-AJ(O?ELlTxGx=!DNzb<!49m}zX7O;7RaOwkRv&9107>)M0gqjSMjo76|J
zH}o<iWG-kw9cGxk={s3SWChao)bR0vV^wEeF++}jNmOraf)BT$@mBM64m^P<K!c;H
zy%|mP-X;^<rmi6-Xz?Wcu_SB8!TJL9do%ywRX^_a!Tmc^ioFovUy8FNhoJhFSel>s
z9ONAQCVKY@c655O7X8f-_P#b>1}Aa1-bhvF%%(H=2V*qzwF6mA2?-f6W<JY+huMRL
z$-vi=&+xH&_z?a@2$saR@_;13H#Em@AONQ#xNhNw;bFm`)$@tNJLb5dyZzvo^p%UP
zE3aUR1<95NU?34dkB)@p^*e91XvIJmr_Pw1@qnkYa4&p*uQ9YkJV1c=%H>E;EqYzR
z*8sme(*Do3$o_ngT+6$C)E4pw%WbE%Y_U{1hvVKQv+mcAa&@&9&%>;IA$mcdvkrAD
zg42PajJ&tKsz!Uh-K}u@-H#h>+cx5xH9#`W{PxNv@>LMvC2{GGxk%~_R*T7zYW`7I
zCdx2x?N6oF`$z0vOfig|2>Fq-;-0f2w8v%I2wTJw%n`(R5JGn%iygelGG~7oudzCK
zgB>(rf$^)D&wW{tYXKa}Hd*=%OlbjKs3`K0Pic{3>5M^s$pih7qAqPE6+y=`{*d0<
z3W<H~WE-61f3{#v6|siy{}|=>e=(}{krGhX4Hu{}_RJf6GP8Zet)w7Fhrafmw9FGs
za*&i3GYp<dR<E`)tGy_`RZdC$=h^aUKj;fn6BVagMN>7W7`7Ap#c1^N9Amvf*e9rd
zz~j14Phb7<Q{?Zxne}xx2ZzlZ_vy^h`5wtO+_$lNkH}8rOOL3sLkebL@9)&YO|bx#
zuCF)*@mG;MC>)btV*o<)_*eSSh``w~9>c)tF(1Rg`7sp3kBKoA!;j3^!miiwSd*^T
z_}IO!*HCy!W=Ncg@EOtY90=%=*#z&1Gw&JK!J$J2A|g$T@&x7j7Tnh^qL!<T5ip9y
zv57A4%j56n4;1qWeMGFkK6ob*f(QYuYagx;^g&*iGCkv8-h}(#8eU`I2`fRQ(Ed>z
zyjcbko`M@85^h;UC~l&3$ft>cL^7;sQ2Ys=rexTgO&ef9R~xbn%R^d1Cm@?4$y8Dk
zKe07V;sx(q2*?c_C-UNKl`T>yYhq7^*A-p)<WQD5;m{mDl}`((4x>DBt_XNt+|DTi
zDZ=nJ#*qOx+%h0C*aNH|e7X{_4Cfc!nAd^7c@rzDR^0j%5IhYlLF7b<7P?qCz>7{@
zAjYL{F@%0&Tx{xPrz9}dkEsws8E8-B&{@B_IRB(hbm3WhYAp)X@HDjM?6O^GO1}7+
zKvtjYDX0Zx<)Pr0_HsNq0k{+Cxb~&M*)F<a0rJX0=Q9Zd=e`jMHuuPX>p^;P?(GSu
zXTJ3br{})?L@cg@SGv<<>dfHLKePvuE=X}&ccu7^XO#4B(Cc;F#V!o1L001*jK{0|
z#&fZTMWA$k<1)~{#mILDuMZf9Loe^%e}9({-qO~u-a!+&cn(qkd@+3LmfiZK&Sv?Y
z_s^Xd@3cLf#k-Y&TV1<Z(RIF&2|o8g5wG6qgj~<wEwF&bnS>YKeWYF;;H;s`;+-(j
zjSYDF?+t5U7Q`;lo2bL>^Lqk{wQ8RcFw%3o2&7EpbN<RYFDWTF{2(%A7&sG>2*Ox%
zC-UB|1EnIrW<UWPlRncDR4!iQ66Sxu<|WKuyn<`|E#?d1yQC86zeJ5{ID4&5XgKeb
z0j_&(*MJBRgEfF1o`C{QdiZw<T<<;n{Wf>UCj9*kAQ=8H10V{AD@kxE2#EXvDZ-Vp
zG-jlDZo?m35Bj^AoHuLwkrGSON%{)#{Fq8G5g2uiKmpjix<&v>Kpp(Sr{Cc(8$d7o
zUq3;K{9ls6u|8D?0Iv@{poypDK<EJ9Xqn>SP4BFTCtNpXx1^E05q-}Jp?OTJS_q2k
z^fjq#1T#_hOzGm%q!cz%`eyf~7-9xr_hpqrCbNgvrb4FQiMN%@wSa79kmvcDm5I@_
z$G-5U2_O>!5fZ(IuyR_=Fu;>9%Z9LcI+V!0lCXSQqLa9Q?%^1=hjBld!b`7mn%oHc
zqFFMt#FI}y)514d!i!HkGt$k2P@y+2GJgFS(umkO(>PK$#G&iwXKfNj7q56`swZFe
zx}bWd%(;6EbH(pw&CF#_KBG(-gMchC^)wDIJ%Du(iA82hR)E8md%IDFhK4rp=&^f(
zL~Vvg*QuHju>;<UJzruKo^xipH=oJ(Y80traKjdrJEoU(&etDaROySZq`ExGe{#gl
zeq&gHJ5ED<VSP1zpV>qR<wA%@8D6meT%Gj_a~FKVy`tj!a^)0<ATP?X3dX<Uwl>y7
ze+0-VkS9l^OigX3OXDDQusp3wN*rK=6<jwaaI?W~Zek+WIqIRqGTSA*LRn@PDg=c@
zoUjI2kfNK^QliplpTz!|`k^$d_A7pGT^7V93EPJO>ycAZ)h9H29yq)BhYBqe3{KZ+
za2>VUz?{9BW5!Z70?fj{YR~ZdOY%m!vl@U{jx!t6hI5-Rnmf!sV?|O2{;Wp?MqXm5
z5<oR?diVz)U(xV^1Kqgb&nDsZ%D>)jcAgRBAul0OMVAd0+f&O~_&yyZW|B{);o)oL
z%Lf9A;DiyVi=0A!o>Z)DG|#BqU#xpA>3wA!rS-{~A5bv_4%u4Dakf$(z7W`p=K(-d
zNoIM<CO_tePSU8*07@Rbs7`cd+vwMbj7Tf5#b42PY-p)#vL8KsgoP9(y94fuUJ5Jo
z#q)b6KpDmYd3$60YAUGTYyzl{I-ES(?;{UEt4NSdL};+k#i`M0oD$ROh-RbWU<v08
z4j)R3qO`IO$LlNa4jD{(`0y-Ej{thzo>Jz^8sla`U5R%T7MkEJ#-ukv{uXLX#6J$j
z<><#JiLxcq^}k(hrAF~POBZqKs(2z&uO@%lFRk}_3Y1Q28Ij^%mG>~3={|i$P`BTD
z2GWD<7<)U-RA&Bi<Py1&F1y6cd&vHJTFOStws(SnlM_`7?uZa3&!_QtwFlULBu^};
zl}N+k=7<Q0O@63${p+{ttu)&qOP;=Le@2Y!MC6QceU(7eV%IB|#QHUA^wJx9OhLI9
zX)vb%`K;0@s~#2S45Tv@+xIc&C&rZheh4lytGG{5-CI^XPTHsVqH`6=gfSYs#^jDc
zS9FHQ8jLw9FHY47barZdECcAS(R1?-o!vq;wnxVL4yh|PsEEB|WN?qwB7~@kePU=j
z&-TrkMw~5sz0CWJ)_AR$isT0j=}q@TsD5L1#KxDB8NG3}`JJn4=QHB(lMx`x<mUDg
zSJbAK77g1%PK<cncu)M{XY)F<1rx>Bk(NedcDj`!|AKwE#;ovFbp-681jK1v%0dXQ
z&=Jc+5MN*ljCofWQah6p6biT~ziq!MZ;}!~9i?$YehkqDB-%wp`b_;4Onz29OC!7M
z*0{u0X%5SsI6Bc%ZkpD}XJ?$;M>)T&CRh5(N$F~lXP{9;SxfS%qVmy|W8IZlq02pX
zH^=s~RpDGXdr5-f@&&a1_&9ePi;ORRHKm$Y2yO!y&Q_#g<f0?L>#KY2(CJJrU*3CG
zeB=s_pc}tjFVW3gK7I5EGI%*n!x3@B4u`b(EqdhL8~PDf2^O(Jqn)OmP9x;qi~A)T
z8DFMlPGI2OsaNzW)_YG)A7d%|Q9Y=m7hc`dU-$l^Ymea`?*vGTl4!@SEYEp7rZsOa
zS75b744h!HEn3^jr2LV0emzazL*y!-GtCc~#B0CXw;b?-r+(iOcrl2yZvGoG_qo=T
zeU`Z%g9I*(^_d9Z3{w<7daF4V{eoqYv-;|-ZjQk#$bLATuPb%w6UKLn@l}wQ1?y9O
zLt!`cBjWHEjRvr}G%cDq&KNopksk3(cr8i~7l@8tkP*o9E<rt53miYWBS{(LGr3W#
zNc5G_X(&38mryKU&v5-({F*?d!q0%Qm&-?dXKRh|?a)Ra<C)6sR>si@{p;54<t{|G
z8Fy}3#}m80;XTsdElt8!O|Gf=o1%dC7}^gZ`_9l>P7Uxon6TyJtGt*FDdafJlR;%g
z0N>dxMv+?oa+>5Its@%eEa_~;;51Pie^|b$0v5E(JW28#|5{R@oD6eAwz0jynq`^Z
z&w<Hk4q4%d)v%z)Ph~5=V*#5gc?t(9gvo^!aI*eB60B0vFs7mOA?qHEN+)X<hpDl$
zm99<UiU`2Z?ULBt#46%OmD{`$Igb+)Vd%0jld?<h`Zu^xa3+UtAQZ~MT&26oc!9-L
zyGUFj1=Il{0~9}>juMI0WUp+~GD*)B$xnA20A2SXt}Ft}YG3IgXMfG{l)JLe85;7m
zxP6?rMFo#K6Kn3%=JJgBr!T4yyv*E-A~EZ`k^yqfy7-3p=KX77!)D}B8z+ivJk8t!
z9za%Z897qj3llxXw9!xWTzHqN*z}_^R_-cs@ZJo;zar5sD!)ssmM)jl>46ZkHi|q;
z=j4Qm8iMmNg)Y|qV^w;hi?rnZH5{%}OpNKnnt@a7wDjDN3x0~^UT$UIFz^)US+h}-
zodGM9$C>km!6S`w4mTD&8x#p@{1wIK{&Zd8?_&z!$iJzh<kGG1u&6!dot(17C4^&k
ze<nGF$iWc>7M)bmw5ADGhHmJLXiwt@=59|-_fn8<A({$(x$<IKs|XaQLIIDR;Nukg
znUD0)qSgYyYXgj99k7oJ8VfD4?*66^DFg1xePb=N@Z*8eu2b9@W@vWVz*b9@7z?8_
zl++t?q->69iNX>JM-HYVU5n-&<_^ANh|5{{Zj3Wq6e;>I>hcN0bZOy<>8I8xQmzIB
z9v<$t1!$CA6<ChRVTz}It1rp#3JLtOGL{^8rN>8n5+`F*6S{ob#rsGK40-ot&j4wR
zZVJaZAch{cEjw+CJEaGAVs<$Kt_4y&WghR%$@kDacbJ-&*A*!`gm&!D<%7}{4W&l0
z5-g>qj5FWgna<zdAmo>$%EYYC2U}?s=t$!Ki3^+q4TjCpDltWaHC0jXub5Nz&XOoO
z9MwE$`UW5_{vDLP5L57T1{Wjd5`YCPbqRi2VYj-gC_}lv61Yx?r1m8TG?kEuwc)GL
ziY;>)3#37<vIwB1b^*zCtB;Un#4!`6AIm-oa3K{%iA*OSyG|M1n^go#3fpHU@*RWN
zbEI3Kff`is(bFfTw(6UUX)xTrLY@(NX^4rwSx*JOl0?i^oh)Yx=#-R@0GuF0lZ|y*
zVvb9^0?in?v9Ym{$p%k;IbQ}L{v8fh${IFPNKUDYU&>~wxh{6r!_T@Juc``d!-4YI
z88BHM6zWVVxIB%VLkIlSi!MrLP=s#mhdPvs<7wB9hYN?8P+V5Vw*0!#jU9H;YZ|HB
zlhcGDozEc7CjR9ORdt_20IDkg{7viv^Td<C?T;wn<r6<4@kImu%4IgXo^&pG`Vj*9
z@I%FQsQ0hwqpqP|^21WEY`5h?<vGJ$mC?0cBdQ&%%~8U<ylg`nk!jgv>m|4^Wwr2w
zcRKjw{MGQ?zP|&@JrgEGaFU-R6w!Dy5>#Hg!L7SEPpzoAxn~=&fUq12%dqm#KMpkh
zAD+suBhh#9{iZEu<&qXSJxH(ovjSy&`Xq-(HCe;a7Joe*ur6U`*EJ-}r)5-aF{%^(
zfQxCs%~*zO*u{{)GnxW56v%(JZh&eiYGqdhF(a`teN(8DSj)q!zQTzHzpCXI)Z79e
z%*~W<ztijwMK1Z50G8@A3HR*GJfh4C$KiB00QM~+=xyq(?k@T0jWd`wGVN9;bjB)z
zN@k?ie3#85bUxEGa!ur4rgd09{e-;V(lmr;apdQ5fec;t_o#F)tDN2ZDgJz>+XJr-
z8g3iLg=GtSxOvDS)Kz72e@cx@y{_ju#;;LGMmOCzREXKL0Ep0tVyVKo5$sF+?}C_?
z<B1uZQ}+4VLFE}40rBlL&IZIww}X^1$4j1m6C6Iv5*HeVCIppC<k8r7ea#xeG&t&w
z8UDb@1dWFk9=9EVC#@k1BYAaFD(+aO)+oHhE1W&vu`NPyWIUsz5{}mPqB7QS5@Cv`
zhtV6JC*QbCKrwcS9)u%@L~^BAXqlqm|KRGJ0_zI4Fx)h@t;RmFZQHhO=ft+1#<p#<
zv2Ew1X`J5P`*`=$?1y=twPwEmTbXf-TB*D~cn7z7Q)U{=l)d+l3jes#AARSkjLv$?
z^D`a{kNPL9^DC8oQa{5_sUKFF3JJeOAn{}6i-)Ri&ujjp>rW255BYiA<cLB)!xN5i
z9?j<tuU9oP(@Z7f%F|LU5e(~*a38TV7a7rPVu6y~Se~^A6CKS=yf1YbYrbJ?)9gm#
zA3~zPiVhsOtRK~M-&=l}^g%5u2q%qHgV<G1<x!DsgQTB{6!1VZFoFk<v!%Hp_uHAL
z7rFX9jORDh<R_vB9_8zEm(e4mJu~`)*6Du-Zn$5HoWCG_(J8}gn||L>>YWQ9f9VOd
z45ZmJrLln``S>A86t*y<OSsgVsi>GIbULk?Kt3TN6PC$k<9slJo(D1n`Rk0}$nj+#
zr;>R0s0IvJ{&h;B*j}U2rX0V1UU5M)tCOB$>+ZDBh98X&;ivn+h+kz-QGIYK8;Qs$
zG^MFARkpwzcrm~1f4#gH<(SBYjCyI_1+sv5N5EQaZB19M3+t<tblBrrXnvOCm2s7k
z&u6#PGWSR+P}y?`l{5ea^b6d&bj)JsWo)i+G@9Q}1m=*)5M%9rvZS9a2<jJ0W^f|Y
zrO7`|316<SJbQLwe@O+*<R78~1k7cn3Uj1CV#O0zE_8ZQEaoZ&!s1z2s-S=kK!A+^
zYnrkSs&!qwVEmssMmpK|)uNQ|Vjt!ohpAsQQIsmLV=>7@i0V2^Pg9D#+8$_Qocm&^
z;z(nzI}2|0+RePhOAxppZ|w_f3)h?+%xOQOJb7hq;y7)u8W)6xpV|JZ7`lS<R(ve4
zRo6NG;&4HCGl8f6K&MsNlcWUI0Ij{!&)wbqGg)>qMTP%<2o(dd1e-UdviuQ~0FK^e
zEtDWpBPbf*jxhU}>q)8JQ+o63-$j>8uXB0nTs&Vt3Z!SK$)NY)S5eNQyZ0=ze|-!G
zevGPSy%D*8{S=hz^8rxsOCYh5^iOjg)sFZOZ#b&h;<zhb4_&{Mbz7b_0Kxks$lG`x
z813qE23ut6UyxLf_7xaYtqrJhii5(F7g5AzB?cyzN<vZ)ib;-EBFwo=9=^7yRHGp@
zP<36G5=o3cz$&>GrhV={Lv^L`{}3x3Jr7%e@I(ZfQu;1nwe@WH0whICpZXeFmBsNH
zD2zskOTEjWi|LECtu=OlK;`T^MIhS%JksTDI~;7@g#24D4WfH4=1R&Ef6Z1eu@Q^K
z_rLLhP2qJ_1^X$J5!XDX)2mKjl@fZVJ0EpJNi&)ZrV7vRN#I$Ioc)~IslY&Y<d^p(
z0I!_?7^_wRZUy{e{8{#(LO80{3_DO<)cA9|0cdSR;Y=!a%l=dZ>~*|kB<0!BLvQ7F
zf0*75{Rltyd_M{)(Q=U<?Fxn@_&Dpg-6s}Z&~j;(;K4R7<<BqVhRCyoA~*?vYqfnf
zp#UqASN(%p${y}nJ*N*06C#aQfXC$!-5r=>p2RQlPck`_{0J+U<%)gxkcEmrMi*T(
z<vK7Um~4kqmA6y@8cE?1-E%IN{e_f#D=^0CM~tM0bCOE>b4ER$^E>sO3{{2dO=|ZI
z-Lrew1y!=<JP|@gl!)RoK~mxKvHL4{r0bj$IGt>-l-zN`rdeC!AiDKdzCzUOX~H8b
z8*A1-`0SBaT7;XC3%l}$es^5L9b3*AKXjB4Fj;L$*(cBfBz?t)JW7r8Q26yea?<ga
zamP(0-{y-vTK{JGWn&34rNTg%t&D&)uc)K{*izLs4@-v9N(I+Md`=cc655YRTGs)O
z>90m)KVD?-=3@9M%tbt};OA}Z&t#|CKt{ovySBy6th|n)4Q6lZsp!w6F;Kz~b)?H%
z9I?~Lu$s6#u-MsT7D*XG`;s*vdP0QLo_D}bo@tM3E`=ZcNDwpEy2Qp}%PpXH@!;_S
z*JwuI)%tbR%@t(Kl?Er%^@5$4x0+96=Wtvxu)NjNLfDe?!~63hbsh)sgS8XCiJL(r
zN`<X={1PLPJhn%&mr+Flu$#?f0$SZ>X`ew<T%Q*JE^!Ss9W8w#(Qm=Xt71I;#4x}6
z$WiosYZ!I{^Y4m^({g;xuz(Ln<*EK?wWDLw(qmlx76=^(6cT6H-&4YU;%VHiaKyro
zeZ#8mQ{T2&{@0R9?AQ$6G1(0E@3CBVk5GaKw6ovwYxvi*|Fviwt+->o54y9A^{KXE
zz06bxw(CA|R0j-H5o2t{y^&P!8n5uy`eb;mR}eRz`!4JJWq#;T7BpTVl(;Ebb$B5E
z^@-uXgA8}AwiX);W`l@)apK}aH?s=0oS;hfsFuH|5Fa!%xdCO9n_hmB>y2-AYRwP1
z9KX~SqLEhK8Zv83N3h>EI?#vs8^>(M5pt&**c!~I84Y&Yga5Uz*MU1BIAE6vj->Np
zt>Z>urtD2>HXxmd`0sHOTC@;PLIjZjE+7*@7PdcM0%Bi_3-S~_9~sXId_K|=%o}|3
zNvscE=$64MV&?k_)ZF(CC~e4*ZaaskebNX)UzdYJ(u^2`?WFPAUB2rd4o?R|v*LyT
z;2UPFUC0;Y=a!L>urfXZJ@qDBh!@Cy-x~+2eK0Zj#>q*Y7r`AdW{?C@w@^^M?!dxV
z2mxfuR75Biv<U{O?!p^eLrM!zxAl`6jMhR4Hb{a(s2G<mTquH4$Q0KNCur=~2zdL@
z3lfe)s~)<E(+l2tGhvU|q*%R4hwkV;Fp>j@cpMA;Xg$S*$vcl)?vtRrhA~TWxI~lA
z$(EUG(YATOTP6vO;G`A1;|5_(U$t#e&2h|wy4GcD(>QzWV9trxglQ*7TC`~u<>=6l
zJKO7EE_M(h1-&k7>*vgs8*lqCv${hsp~a|C8|QT1)3;Rk^-gfwo{bOY2)(meAX6jy
zuAXB;T{H1?^Rv{<?OggTQCjW7aQ2;X=Gm-=x<kn8F3~NK$cRx;cZ6*r?@}u@)OcsJ
zsZuLq{PSstbT78AZ<ntM<MYUV=y%U~oZN{n<NN&*B(BjCeM~Ks)6i25sG#gtRNbJh
z^mSMoRA81a?mDb1;K7CNcbWq)P<e}0AacTd)RkcaimE**f$0V4Sk~QzxovP##cU?Z
zyMu&eTDPh1>?T+U0#bHZ@zPU#EmMrGcnSi9UchX(E9#CEE&{e$h72v@cw4SI!f(gf
z(E^Iu9rV_m2S3N{!4L~ZJRkg>_7j@g-9kjuC*Zv4SKL8<-l!{ACkn4XsqN~>$4SX=
zp%aamNtQH}^DNnX)5Z%CAG6<ZkVTEYBSb_g!AL62lLr&Y8m2j6yk=Z9z{Cd~O&qEH
z(nL=yPo9TO5sV&U(Sn_AfO80BJs{EoPZ;RFufl;Nj<EnU>6}2J6U(<k9W_bg63GQv
zMD<6>IEPoDT1J~6(xYMlEzyq&ocp*m^(g0xO;1D`rS-%dK207{JH&cu0hq)p^JgaP
zGR}}Zqw4FDdNCm*g7+xSgz@NWM`Ddo<<YHLBn~6uhgiR(bQ=w}!)FgY_!R9%Y{ls6
zus!#C4;B2Bw!;*o8D5gTkoGVc58n?dKD2sb4I?%0B^xz^y+r>2u^eUFy(E#)?xu_n
z`L#&}Qqe~Qv`GY##-kNaNFTEJl>Go#BbrUpehl;2dy_FE&mfnFkRFW>>a`fd6T(Bz
zPIO^`V3Avi)cL~H`eMp_G8$^oD}Bb<DEw(qu>&M52Wah64%*hsYWSy!t&ly96MJL7
zTb@m-u_(HnYC;K+Yn>X??4fx!XqJ#^VhGQglzBmfr1x^$()(oNJx*(mwLWs5z|eyN
zOd?w-Bs0A#>87EohY6~jAE8{cfz%U6q0<qXkfg33RRvX70%0z4FsrsjwCNCu$4(E}
z-sNYZnG`#yEne4b>ZFi#rMKqI%+){P9&|N?qo*cj@Nx+JzDB|K11bZn17PZ)<m#To
zY}mi!Hqi;7GNLoX=%{0QsMGtWzA^FWs$=Q!Y=!L)*Gs?BY5qiZtzN4Q`ygF=V%8ER
zlDi5FaF}i7fa0tnF+A={f=0)ach{#w04O#bQksC@`05AayA7e6B(S^nbgkmcHr=-|
zg%R#EXLJF*8MM1>Lw@B%A9YcPx3zmD-4sM$wEdNqYu99I=ER$EXwCGG7`^7r+W1TF
zv}4X<h5p&kJ2~Nt5Piq~&cRC7o_X`$#RU3di{0KNB-@gc7~^4PN#hM{P~Vm?f(DE+
z-dBg(>dGL&GR5eba6Fv|F<wJ@d!hUu7GT18A94a-Lzk`-PdR^sa6-wA3OS%8_^$ha
zvK};i080Qie<<Yz34ee{ADqyL(>H?lf+RUe%%wriC&xAMtHY`1UpQ&x$M0z4V>gL?
za^>KZQ7=9jxiK0OsPt$TKAo9y+#)#3XbLXb7w0yu@RLI|7lm0a$=oQ{QAjU(?t1Uz
z8rn&qGz00GTdo&I^$2>07GDfiBJ022VKij~zeCJVV(yx*220Q=?gi6!)UgABf@7a#
zJ#vXjDi_9-K?0_UKyeiFw<AS<6oVI7-H_~qTMyjd@V`GM<X=2{Am@j8?+JRK=SOS3
zhy)_fjueLc&=^OsA4vU>8OQv+U>`i#1Hv+Z({eo`7Ds7K*aj5uhbtpD*rT!*fmsg}
zRs<wlw=|K$-F!oA?w&!m_|wxY?$Hn{sI^KC{}^uDbxc01r}x<}4Qgh@kghge{U9&w
z&WH&5%=yr)hiYSeXzlbCsHPV!w;QH-Rq(dv;out+t$2HtzwS;f^DN|0$btw73j|xh
zgI~053~iMjUNxkJVF@X3Nuwv-`RA)|a*%U?%RSWq72*&im$I?rhgXw^ExnR7I|k;5
zlrkT|G$qH~F`ek_Bl3BZt0`tq$@uGw4l>^{qaf+e=CPWPlw$$OrKAJ?0von6@FJ$$
zu<vUzSdGkHlhxaoU|!lK6Cvr|qd2U<t_E-xIL|8G*q5vZL;EnhXdb<KZ4YXM{F_Rb
z-d!YL&rU3FnpyASDy4Yq2+m%P_Sq*5gx%9?iRaCkr&-L2{XJu}b0OXe%v-t8IDfgY
z!duUj9qgQ)JKW)~w9tt5;dhK@E#F%OYGO5vjxYPSLS%To_l{Of0UdBMJz{(yYDJQB
z3$D+SB`52j6b=RCKRAPLyZU1~kaddQ!(N)+L07CqC})pnWxu}|2QAmIF)7RY%=#9y
z|3(dJQXbo$5^|3^s(4ZLR239f?rC)P*+$%Xmaczmby-z{Ta_NuSHFZ-EuB#U`UTe!
z%TxZAg?Nw3FPO>in<P4loRPKz{_VF9$B^TH<rY`uT4%!uOBR^I(^@u@?brGvK8-9z
z5325r<aJL9wfVHT{_E_5(qA7&czO-Ik4l_k02@Pt>=Y@f${q;y27TNFKQe~6sMLFJ
zyZD=sdu4Tsc&pRNS!mTQ917usOJ)lB5>&7@WH7(=L&?o!;*tx>XqgNF8`GUxkGh76
z4#%FmxnL~6=Q&qkp=*aDSc4O${>6Krh`%eAoD$HAj05UVky4SEi_&)%l{05`_R*Pt
z>ZLFZFYt;PUTy1>xwweeyU6l{<rRS^E80lbO~^uD=OKA1@fZ=qdlf`RBzG3oTT>t;
zL<LY9zG)sugV~X(*@p%I#ly<(V@ynbAkJcjz%-{VDqKF>g&u5;?pGCgFo!;k2w_4$
z21MX>3?podjPaY1A?yIcSsen<JRy#-a5~7cg7uWGMv!CZpLP+lP_RBngq&ddxzxof
z1C)CJyCrW_Gezrz!j+?R9ngRF=UFuWl(Ah}zt)wo$(~fx*x>mC@05ru{P!1>rWbP6
z=GUs&fqYnnN%m@WkYSv`h-<=Fy9k{fU{Hq)PE5OS;$FN2(fG!2Z9{TB=(P6*PTzMC
zSG<tf4zXa4G`OI*_E};F-Pe)u?}a-M+lL8XP)3}f-S!n;h&*8tiBUiAotaSzP$Ent
zxS%{^xKr2ZN6M*zw_f3g@n<xrUczDz;?CR@yqX8LEzP|cu07JQi@vE4pR(Ht#F2zA
zj=zG4RY-p)dF7!Maz3CxfCbS0Ik3d=^#k+`Ge)r*77o=%3GNvo1;hY8kRI=$2|@)A
znLc1+?)$lLfn{FD*tv22haw+{iUWI%8gM;gq~a)O^=WWG$3%`E@lEIAW#^Qc0fxn(
zE$XRtn&x}y4e){#?iV<5d|xx7J~CfbldX&rCLtMaC7zQX$q^AMJA=R3L#IT~4f_a4
z;LVcgQ;$x#xYMRsxP^(RdReHcCM~$N4FCzLo>MeUc|M*K#V1EDl+tc(e&XpVdUVI{
zF7Y2Cb18ekNtrYT>?#45Bs}^A)mIQXyAD9vz`H4%)ZZq%M&qPOVm7VSCa6ZUe8T)v
zZR2NAlk%rN)Jj;Bv_9SNCFMrV7fnX>`!Q{+YJM3}ie=T=@!rZbh`v=bzg8getlA&+
z{i(D^>XTH{mb!j{<v1-{)u8lbvbt3Ogl8YvBRvhwxN1S`G{~Xnw0b<b*)-`?u1@!~
z3h*w+O7*lZpX_dBJ@(%`0R`OHbgFNWZ?#C8$!(Eswa%Y#;7>r?`=5Ahp}Z#AcWhhJ
zC3V{!oeZ}{fl#*)UMuY5{bn>Mh}+etsqEaFhOv^m?aL>r?9V34?W#|f+Nw`j+wf0x
z+jM~^TW!22zELety3y^1SoN9K)mq|A;{1YV(WG;{$U5NJ+h%#7?m<++6U6zOAFj(Y
zqT@SYTeBVif`K>3f97%u)#VR;SE0fYafS!LOihZs80cxGUNX@@j5I-7-vy?4V6Da0
znwd0X+vX}$6}Y4BjN`&MKb+0~vM*$8k4XWS?6pVYNlaGCj@$G4PRbOZE4IzH-5*=+
zQQnll|8-PyAvT*z_#qnr2YzD7Bo}}b29mv>`a6K|ikUj;_){bRo@)BesPu!VE=_R2
zA0)Xhb02Xsf8X%|nV-}@G!5eP68!>mqyZzQ4pmGGo=-#Ct3Y^>Hdi6|s`8rcss{iI
zw_z$zWx>zzoV0W|l79g3$tUZf*VU2C=&%uY$qd?|=F0@IOo($wJlDv!Mhh{I^T!oz
zAax-fF8iZK;uFC;qwp{L{4@(e-&TYZE8m3TT}10H;d|AA+1~YD!@1hKGSVWHox@Kq
zEMc*ifnWrL&alpe7ALh(aFR!zCIrAeYn!Nh+4$zx!<OU7hvgJY*{JzZ2nETC=&0dW
zv$m9vp4CY`rY4}AoE<uP2awZDWeqjgh|(el!;oH6j$?`}<=fSEF)aGIq;oyL@Kzvu
zNxd$KCnv%-piC|9`cC7<q)OBCidk7_;DoKujw;sPq)W5CjG1x*b8NO@*Bn@?$4utU
zXhcHk+a8^Tz$!xfMjaDn+T)YlrF|M};t?#w8ODFYoY{l*=F%K|*H;*koolpq;2euz
zn3>}mdpf8A<oTL4|7smtSPn~Q#mZl!DOMCUJ_*1;gYQMix|?;fJdTEhYJA<+lbXdh
z`o@X<K+#J!?+k9%%?ctowFmZ?_(X9=)Q9D7^Ti+a2m(setQFdIALKb812DvS=3Arq
za@r2sBVH_wA#=eje_a5B*Qo^Lso$WPf-pXfRDKs4sSX=u@<7C^lNlw^22!fS(5W%!
z7Rv0?v%>*2iVs-WvFcPK26@<#95j!Ni$O!xHfVl@@uBrA%4Y4Vp}?{-xCmOzPMh%a
z`gqh7_0G(?(@6AXKIM8^aV-Xv>J?Jw93BNbHFc9_9s{?E(L-+cU@!eV>RolJD1V!%
z7b*1^MRmkYbp{?a{y!>U1f>dtjW)OnYKUGfHY29$DA?5~`8C;2SvF(M%PxGHt^4Yi
zY&{xr1MZgyn-@8U48SELdj_)xz@~EyH8!S8E}B6cy?ssv?H%dX5knHgt;-F&Q#Ds%
zNb(KDVbsG9wcJDyj938`u1*g*JE27hTy=X0{fJFlOv-qrMq}04Pr42yY>&tvmAMH}
zn90R4Q8sT?2lbg1PnWfaR_$Nk!aVOAw5Hyg<(D5+5o}e<wt$0aOY)OKy@kvCJ9A!3
ztF*Zvm<@gVo)WyHN*xI8%|)1fMguJ1iTe8<*`b412=+`rk=j#I_Nj0d*I^UNy4P+d
zFb6YXyqk}?;J)fzEl<o74mdOQevNeHrewI19Y0w9c#uBA!*Q`OP>>5nZ#dfK2f4__
zl|LL)S+C~b<^y?KpSG{upHtly3%d|yw)xXm2y_PQL(cikXAU<3=^D%q-H{7_n&xM*
zyf<#?c~Gu0!<4~nfeDzn*j|JSyz_1G@gTilGXSybiDq0zGyc_qUbUyoK)x!_D(;3X
zBbMndm$>O;N>{^nPYqLRAn^+5sLJ)wqp_%pI^pA32Dqfy=G0gfJiTOvTb4rl3Dd85
zN)zx?PR^&RG^!fG|1IaqT?a(XRK`E-rhYVXI^r)2W`8pCvJ;&Kq{z!o@p*ON;TF>J
zZ0AJ>Z1GV4u7eJP<(hU`z?IgSKi!SRNTZt1`!(vyn|yx8)K#2v<}vaKqISp*@YWh)
zT+-;i1s>>`BHQ)Spch!m`vvIC=LUNT>%bk}uAq9>cUyPdUy^xmaIr=u!%yNEo6&*;
zSa5#;6hJ>T^-SvSR%u>$<Qk>0euo;QTD_h;g3M)lkW^V$YDUcOh^#1~-Lb5HZ~R>5
z#`u*h%XKE4-i6~+CHpg@3t_Bc#VNCkAYM&V2&knGTfMCARM&-9r@S^4cj?oiU0bN-
z%CKGR5XjL=<WZG#VBHF4pwd2I;7-?5?htXeBH^;;2~&BC!O<%HTg@}Z;F8EWag#p0
zf}u!ghbkJwUaK{V%&J+k%Ki}NDKN8~2m^i@sZs0(BcN55ts-L7<tdU&o}YG3H6bcy
z1$cDG(yCjdtQhTnNz*9IPsUMcDW2n_z*mxw-Mt)h$o|yirPxa<pjIE9utM}u>!bhi
z)1ye~idnTcj(?f=T;r}tvNr;{8hGIJM1ocA?-lw6Q(lqa9R7x3SvlVz?H^QL%{Y1U
z7n)JY@WAGYy-s~^fA&(>Pv<j`v69%i9{2{krzUt5af$t*_Zi(^u}5CDXCD40YGI>t
zYAu7b%*L&|RBAY#TCP&%lAX>_zvMy<c_CdHA$z;%Vji(7D<DZT1D`t7Q`32(sbl!c
zP|DJ84W6cpUn0YnfLDyD8eu)WBFA7jyC_i+sPQwqC5g5OGs$cZ>rM;x!lq$K7zn|n
zsAh+qp#rf2095~=YUr}*?&yg&S)%hHg1kAL@^Dtqp{DyWuwrjwK}T?{F0J1k?j8r>
zYA>=ja#}PiL9Yu@j3)VkvH;fdD{!-Le|c<($({hi`p7ty1B|w1*tpIE;@6)#ulb@I
zndr2vHkPMEgSmjo*2rGV!qi7yW1v=HNyj^}=3IM)k>fa5*v%nN3W5k9+qm;1vE#iu
z4I$Cuk4Z?$p=Ai^Q35tw$)LqDp*9Xoy-l`>rLy5~H&!@`H)O3@OzLzY)|<>sqB)RV
zFBx8YJsA-}8k9zKIMzK`Bk14oYri{1z61gvMLPa+Od&Ux4}OOv8~mVayCnam!M|Gb
zMf~3|LjrGbN<H1TZ@udOm(^;g!37KXp9rbFo(Qb$f6k+fe=CA^w;y0`|NCvfA^|Ic
z{ci#}Base_90>14u;Tu8ce}gs%O`dgZ^J<Fem#(3(#Od3`p4FK(?>GHWO!QbMCxYo
zPEyMs8;R=~nRII+d+BURaBEpnLTVI|noy-5P_^H{U}1yO$!CiZrDd|q3azu1vMnF2
zbdp_fXJl-(6;eL?de3%U=lP#|&bF})fgs#(afedh?|@?)v_0?%pnDwTBOVz9DmT8l
zdssq6mfYh58lwF8qb!Kie_DYA){oG5OWXjJ@p2r2aj}B<qgM#5!!WKdj-b&OUWvYn
zBUWcWjv(`YTxh@Li#MU+!h<-W;o<`_&zJIehI>!R5gkuo)sZdFKVV>*r?2j)z}-)D
zy#M^A3>Xhwd0-&?2aj?R?yWxD@$?lR3A*`ZIKCPX)KfO#S{}X3L$n>TOMGD??<E{T
z!?xVdA){N3CU`xV5(N~6bNxd}717sYurojY;iGf+*gRhm2aMilz@wLbh`Qk`*12$m
zfHa|YAw3v<F|>13WrOiU5lW}xg~*u5N4WxTU~`4ckC<k=D&i|rVWpX0VW>l$a3CjC
z<VUZ}`QcI6Bn<e>BMS1|3Jq3$`sGp5e1JkEM*h+$ngKncb$hhApIfKS*l1~&Rw2A9
zHl2H;40guFAqZlZv~FS4CfwFd86CUTSs5GK7P2VBpkJuzvxD7^{e+>spXLVJMd7an
zFlasS>J`H8ojio3T}Y?}cIF9Qe7+s@s?ojg`<>1aCf?VhOl#t`SRQwX^TDEyF{9Bh
zClhy=+c)%u=!D<IH58z37yky%eOF=WYcS^yL3#@t6ayZx8oAd}eEwc1iqH~!Vs_mV
zIG6h!z!PJEX(wwm_&W(8(uR_Zteq7L<UcNG-r+H_RQTORr9E786N{$KVR^Fi<$AkQ
zsU(K}u=>!DAI>*fZa>M*{Z}VQp8agA=H@TE*o|>l>&oor_s31w_#JJ6>sEMu4aa;Y
zbxzEip>vXX0F2uFP+xj1$NbcbSw)CP;XDJvrgjh}`;yAmaN7}QD|NCypC&dQ@UyM{
zI^Xq8FG$wL#?sZ3^acwa*Vi*%T)J%O#+uW0=uh`HQg_lMVlL_v)YtcR{1@4t`2j+&
zf`M=>bK{g=D~mFAc7NYQ(lOd&P%&i`9!jVK$Gz}2ZG&sMEl-`J4z`gow>B$&qM6=!
zBdgdElvxC?Zj`q1Ism7mz}sF9$o6sDFE%s~;Zz;8<@Lh)(K#@bmA;{TePtRkb3nIr
zDYJxvSd<jpkwqn+ief=E>9r0>JoZ>c(L6K;zcX$GWV_7X2D4i=Bhuua&cd)t)N|g0
zZBu=NvyIQ>0AU{07ZH@IvEC=H3o&O(!PLkTxNw=Q;|=>=P~(nrxMIu#1;q0%{!pM<
zypYjch)sdyrqy08Ea_s`q<q)fxlf6<8sRkzvbxqNYiG4zG;sp?mc#@IOCw1XE(2X;
ze<CrnTPHElBGs9uh((JQ<ji;LL1sspRc{#mVG0SBcfNa#j<O{xyVe-Nv=(JihS@Ow
zi9#~nn=|JbW&*i+Un;H$lvWHreaBnu42bw$dn~4+n+9Xjk}<Qa@*7%DLEAhyIM4Y#
zZ<~f^ix<yo!~Qv&7w#5jXN2!h68LP$s|j$98D5;_{pT!8YZwbAe`)hcCWEL(I7+Gl
zCALyiqvVzFR>|*)?qYhotDw0#{aXD~r9u8m6ox$BC{3!UQ4bhyV8ge<Z1Aa^v@Dg3
zS?AQ`zgIJT!Mt22_4^}u31L@14tVst#)#%R#S=g*4QB}OD+p&bO<lW@`c_p7t?6iu
znN-ycJAaY_9qJuVat9P>zt<EN_SAydj*yU)?elSY(loU{-PRxR)6mO$vyj3BA~>!#
z^IhhCo>)R*XvWh!0w?AwYFH=HL&-HXll2Uej*YIf2foi(%kQ_Q3k`)}QI!xM3-Rvk
zns{g_h~_K_nXtJXH)+d!n|`jHfo0|7GQ;LuYg9{2ewt@zWMC*59wC_Y1|M-C?4GNo
z)`=_AUYbpJU3~#_XA~cpl#9o$)6<^5-DS4%(I}92nCuWO1`5mMU5&Wzh$(9!d9XbF
zyqbZzioeLLgGtk&pz@d1?&{M6Ch@r$1iBv7#yag$1UzZ{@|=7bp`33N-R|6l812(b
zSyDAOH`FcYiiYbrTWtm?SQYu@^GOmw)flV)V0k6j@KR5>sb!JOw2Q`H``$e;20J_j
zQt$%H0L$UR0xmxXR_pu}r3RXhB(DThpWTwwh|V;y_}WaMe}KUWsH);(pW2QUnYH=o
zqoq3_e)maTHqorovNL;j{~c=43L>(ep%J1NX^fa^w5U^FB%(b==Ee0`TUFlD9oES;
z)hl(rSFTA+VVhLdP05?vDsvGpD3wviE6m4nFez`E1=^98Wy^P(LHR3on&g`PR{AaR
zCeoK7Xa+xjRqzL6`w-<x?#%vP^U4O?^N0xi`7nPfVPAOq0Lx(z!$grJ!@gb0qd?J~
zZG`dxN>q<5n@%uU7+H$AAN(Eh15-g2d$lTC82s*R#qVjhA~FEn^RR{FAMlgrc~j;%
z|65;|4tQeI?vu5JD;&48eF0u4T5Gyuz$<9iY?*14L(&$LF4H=FLwR@0<b?gTiBfAq
z)#|ha*AZ5u4|9u^n1`VSUULG_QCd4eZjeZoTb_;FSvHH}H>nrS`y(KFjs4{O%OMi!
zmvtn#NgfH33$(GCl`ptE45td6XzxT<M@Kxl2Jnv(VrYkf9lMy08}4CZ1(oWoo#RAR
zZJyocKM0uMCy@73_d;<T3Et;T?6PvlyZF4Y&8(|Db7?fFoz*UfE|ch-Ujb9m=(UEy
z+Bd#v<-mbfXE?4>LfC?Ld3bex^(H?8PKVh>J!7@yGhBbibGmDGQ=Iq|tK)Nf%<d6Y
z0%)l5xb^$48c1g>oj9fqlaTutMLDX3YdX7)BV1igaOzi6i^%df$pV_{0yguhiZqJH
z74?OdMav9<*zLFZ@REsAGS;2O%kPenEaLYLmC8d5xi<&H_%Rk+O1#dCR8nPTr3X9r
z{!L!1A(zJlJe_nok0H=1H4>fH)AYalLx5l=YP%On+!=TzaGAk*@~Y+IJ}Vjmf1&In
z3TQtf>DTj%wA5JfgIMA?_v2ycJMTqfb7krq_M_MzVX??(PX`qAFI#J?Va`uXye}M)
zq-6w)>`N7<1<!rB4SS2+`=&L!Q>`Um7z&O!E&0yOZc?D%0LP;o@x3PX*k$t~@xXsd
z1fxTJFHU~7FAQw(j|H&54)6!QqEdG>kQbvBKlt%5d&ol7CNcehFn0(f>PnCo;6?kr
zBqe7_!Ndr!d&EP?G&se7abuIzh&6nb!?-m#!IY`SP%C5N$)-eW05s!;D-=gZ3s=eN
zM^ekRgyXqg=0{AIc$sc!uD+B`%0L$b*vBiPVS?|IF(IAGA}pPOrxbcD@s|lf#CF7m
z&in{Mn~{@O$`nf-QXa-ZeBr4r4I&m!Vb`L0*ODm&15n-sk|(e{uipglqzL$<xT*pt
zj#9MNMX}Wtjg+CKn>xw`ID(eB(#bPC&;&qo*9P=iBP^8BVrz;<-mdhRvOoi!q3F5R
zc~fQT4;`#c1PJ?rMXM7?Hl0xzBD|@TWAl@&LpN?@O*#9z{OsC;LJJ%1Y0;f!mAu*l
z9opMC)oDtix?G*QBV&GKP5A?kdna~e{BoxpFE4Q9wN%1id{MI{`{}1Rm0fA_#YxJP
zPB&a_Y0N%sBX$L1@ThlI=|CFps8u5A^E`@c8R?=;jiFly_AP^<d<UMMcB&1IApfIv
zV*1UMA~G$vs!=e~Jw+X2@^#c9aD-`2YZ`mBwI?wuCx6(B)UkI8H}~p|FEk{`=6EzD
zPsJi#$Zyh5W2auU0#W(-$4ToSujn0xp?k%?j>n&;|Il+ss_Z@DaiFpeQCzxHjbC2=
zA{|DvijPeC!j`-e9m$gXF@~@<X{+q{k$RILCZn;?4Y?~#Z|KqB2ShV~q+Wvpfd!^a
z0oH*DpA^N{i58t`NM|ZE$4Dxns6W!&C9?<^TJ%NUHlex>aFodKYhI@&M%g-+9CZf?
zCnX`r^!SP8CR>g&071&m)$~!kC!sG5etNOfRHI8SDt<Zw6arL&0E6TLl==zFQCm>T
zp(RKam82kHCWTQ<?$yLB<ipM^=EKh{<3og;p&zGHIDjTO$uNGKydTXw<-_JU4`iFf
zdpw=geX>S|Jmn}xl(sh_!xz~P+oa?c;eLb(x1F;tZRrFJ3_7>2F%oUqkfpwtXljN~
z#7twByEkyLh7EAL!tnsa5O$|CpOnz4qyo<9@sWmFLz5D<&2YosCokNC%i6_8Sklgj
zUsljBi<JAQ$5!a>L6ywcln)N46Wk%wA(@{cOKO9W)EpAx^6K0t*_?64u)q4UOs^15
z)o<l8>I~?Clo9^;uE(B<se7X?ulzOX^+n17#5u>v6V`&{<)4u<tBU(m1&0_1y8vMP
z)-j_~_XovoQvDGaqL&=HmrTr|w*0Uq8zG}LY){SXXnTt{Ej<xZTrL^<JjsmhWa-V@
zl9#L^+v}>EBK>Q`1yR;Vv0Fm=$B~;NpSNrmS%oL?S(s|7H30%L0b!LO#(+0GA@onJ
zVV%v`*7qY0DwRgH;F;fl;+k}J<Jwj1KT>QauejtjAys>M0<cfjt~`bDhvRyr)UNQY
z`;wibF1hBbtB+RR{7=+#VXIngyag{+8*Q}ZD}TqIR!zCQE8wZ9pYV)^J*QV_87Sso
z8@x{dQ#%t(VSiGfu3#CJYQ*u_li;<8TP><st;*RgX&f|oaK~F~4y<aJO6i8=wBq&1
zSC8_x@bpOP#%#6v<gVg5)vrb}*TN!OUpZ-X!zo(f-{*R;XKjyEZ?e0Q?cooO2mG7k
z1r0NASJf(o^z9ot-v4*3ja*=T^#7gdmEmFzrU%Ks9l8(MzGMz|3x;dX8X-mV{ojWF
zcPnN5+k}yEYYBz~gf&tVZ&Kf3%*vP~!$pG$6%7}SC&-1vfd~tg`T;FFgsS8uWssaS
zDVLk|O?c-?qeomH5iVGhPf2((u&AiW>mcko2zz(Dt82G<y8iO{R7%R@^U}>-^M9YZ
z=5x&a*V&-tH=~wQr^7T-R!9|bMu3lN(x^Bw;LRmz7AP(VcynbQAc5k6trC`WvPZ#o
zh`_mq$iNvIRl3DL4V@lM+UDFQkvKOgL2nwNzMcFf4&VfJB;BDD=P@lDa*mOV@eDGA
zJDKK+#(EAZRWlF5l8q=MIkSm|WlfBd11Mdc5wIck<cxR6K_jY!CfVp?QAarbd}~rO
z7YbaPz-;?)Rg7rTh|G&nQykY=>eEAr+nf^=3WZDydG?%$8RJV83*9mCPEj>3V@h-a
zvQw7_Y|6ax5L&{bDOlGLlnAZ!P?pBX7#qMgpIM_Qz4H)X(gg|?PoYfiNE|6ZhR~!E
z9V^Ow=F-gK^1y<ozJe|6cW3TDk?k@IRSJbNkY&YL`3?n9fhlZ_M8R34cVc-IE?mH3
zZGv4e1(Kj>5;ovqWwa6r)orL!5AlL@#%)%veUU_i+c@o>#lk(>3f0!lIa@UsFt_jh
zw<@Op;ZOc#HUBhLM5t3_bDmQ?R|I@L`sPSy7gqv)Km^wwtZk<ygQ5qRs32?q0?8^1
zusX)gnYsQR4FEVfWB~xq4&eZG$0mf>n$FJb*lSJ?o`5=YgSCg$TBOEZ*qo6kJ^G_V
zsEGCbP~8y;fP-74yj)unv|XF{JQ^p>E3PN&n!~TrTKb}<wXF`Tm=u>skFu^|l3TYS
zBxh{XwtJ7A*-`$y4wlJYyCYpf6J0nU`>kvA`>2Qh%$Y>D4U>E*gB>)TX*qysU!A`q
zMjwHAadbEqD2CmQD=>vFP!==p-YAK!cz!6Yf9)P!KC;y16|VVQlhSt0UA8$s`q%@)
z&RmL7cu4ljlK$iRh*|EX-ZR#*=Kc^4*j*mg?efYQ4UojXa~TJV@S2A;jClrjz68b~
zcfLqrLvN@Etd3H3y{KUqJP;II9m4DTRmRl2J+RBZA!7es7;W!*DF^hKj_s8vM*NM5
zA?|pT<fte})pvTd>`tc*I5^ZSdyh+db}WC<|0s<4%fu%Z27!dRcZF7rND~>7+O>>B
zsci*t%c_xuen{cLrct;^tt<gTSf4jVh?a5xlAj}8vKC$}oz6F7X9>Zeg8i3d?RC#8
zofhc2uAa6dT2;*Wbmtbz0C)Ee1wdac&iX+=CX#d=zfeV7fTY5QJ8=r9lX&`uR+M@A
zW|$;1I%i^vf6lBuQ0T|6It#Xsox9Wk#xGoY08~t~%3XXq8R+hQdEG#&3zsH9!mkH)
z2h4Mq==gf)CoO#ibFMgeBp;9$;hqW9lK1$(Olx?&<M|7vC+6h~$1o}3o-vo|xF;^w
zm6y=?v)hNzI5Mtta6IwFivXijIzX1dg=3>KS9FV#=J$1?c^AFqi7FSt)F=#Xq*0yd
zmw3iwZihsy%Y=-+1~>2lfxBSSMVQY-NhuwEQtPA$z*B|3(N)w#5)-4=xn5^J$&J)G
zLZaw4k%E$I@Yn6{?=s2)T#12Em<t17>Bcdv&ya=l!jcs!7oKRJkpDo!PfnjmJ}qLA
z2|X2`Xv<Q|*!iP+VpUuupU)>%6te~g?g#oj&2~QrCKMzT+AyG!I->BBYD{7h)7TJd
zP~W1V>HKli8-MkXDMq*t;w1yZ%P?CbuGl$dd8Bbvm1Qli4k{9x`YHstz@A=0LFQ9@
z%GfWls|sWv+YH}J)VDDjg&*4pivE@56bl5DMaw6%2TlX?qJA*^GL|Db%Ui=s1P)A}
z#*T4R1V1WOWXpl*q?>dat4uavu(uEOzeBy|gjCn@?^AXcW&TZ>atoqi7jRqx1yX5E
zUopmV6z#BBtvZeKHB+M0P%w=1Tn@?CTpm_+Dyt<JrB*bJ8ZIgCU`{JC+j^N_kg#Hq
zf<^ZVH0xRO7gy)WB|Kysp#P~OZ>r&XZlKyGptbu6Mkx!_Um`$&41Ub9nY0iQw;;TU
zxTtl6nZFN*2k#SF7_vqTLfOb%#eiw5OiS!(X(wUrSVYk2Ad=5lvcjBY&X}oB!pZr{
z?j%%}s32*G_RQx<ZOIy(jqc(h-VjbQ{~lVyel_#srqlY(zOZOwNKAS%5_8dJj#bf~
zL)3Waj};}b@S`Lfg89@_EJ}wq*%tg7d0B@gWOcL{rgBwCN0{+Op_cPl`<9iCPS$!@
zAyZpCT}eyXK%hC%hGtfHZ~LeAnZEo}xKjrWo2K<3?tPB>u7qp+h6tjpU>N0d$znP-
zB)GhIkUE>Kj4D$@mwCEMm3sU58e}m0sh-3FieoQO5GA%v@4(2Fns4XKbc;N_W!)_-
zn>e;e%gWW;wRb1aIF7NJ{scy8-DtJu2Ywy9e|~!A<WiAT16+TC#llrcewPz-j)jbU
z1+xur{F_kbMdetXtH_U;spoK;?*W2YrM12sWyhwy0ghgHmA1zfkR>ZaLJV<=jHQSG
zM+ZHi15~wE;j(e1fUOy}b0qX7`67#jcnOx2gU0)eDca}m((-;SY$Y?x`V75&VcENF
z`S?!m7`J6z9dmKOb^@D%a%0vEU}mHSA>NA}tU$#^cD#{Hf(T%N9jy8xe-dO~s6u!6
zrxsCcBYlCkhlp4kBW9q^DBSYR_WN}bi8&4MVCd8-tuuRdvpeR(D-2hRt-csvRj&5H
zo*zLTU+AzTY$)Hz55Ze9GMBzEZ_HS)6Ox7$M@5+$?AOyGcETm?X@{3tlwd9sS9Q!F
zMKQI985@*F_GnP{sgnAS)7QBU=|*C&A)>t*qeQZn5G0srT(d%c4e!rZ3{k(J#AF~)
zDVRNz&U$=|UJZh^vo1B=Ax^37T3KRqX$T`LpKGqc2~)mIuyAt8Y3Wp1WYPPohtSLG
zh|ALaXO>@vC@W1mpG(l1o;j3cb0AbebOEjxyMgKcUS~&o4DSN~{BHOi(GRQOpQ!+Q
z-t__2Koo#uYP|2hZnMuhA_5qlpAZBVok2aMO(S@-uo@<;;V+7^gUO|=KCqPuKl&f+
zKfq7HYiI5uY)5h?8)7CGSwVH`t>SdRaxO`D2zVlF$KRBsjx^5?FnDpwFFs7L-V^n#
zCAPjmySwxKM%a$tLWtc*0`~+R67L@hJKPqDWH-$X)N4Cwp0R~sYdh{Eb_4<Cs;)%$
z26XQ=BJ7w-H1mTO`dKjvdCY_{+=fU*>joqdE{eYsTk@AvmOw-8hTDhRr3S1@4Gi3A
zH48Rt(KMzGB+7%-M4>7NkgYITMm{SWZ}2#fz@!W*%%%rLhzV)@^q$PJG!kHwP8NpF
zBVj;YL*aJmbcmf*N9h}d+^oR9h`xcUa}~j~YV_{IS5(hd953`;y9xH5i6yP(@+FID
z)^(4ssnNZ4kz}tf;pnhEgajJo8L~MG^+4njt)FbiS#s$s8xfXlYb%Yu$PAprZe8_G
zIoD;74!{9IGmcxQ0sA~ZNC(k;ig}KE60Bna?>Z8K7yO}t^_j;{x(}e+506Z2V=byV
zEKbgXgIfz*u^@aB-m$WUXna_D5Km(TEZe({^hm>2Jad%FVvwQH{%}oG^RYLE8m6hE
z(acQrVF!;BvcXZ}89wN{_rU==#O&C&TK?l&_8oRwCo#*SMx@TwMC=C%J$g+QA!o)Y
zXx`>O<e~;cx~??UysSVTPigTX1wDzbl#FRQD?7K{tks@hs5T*J82b(XuAmZY^%5+e
z?8r5B$^!xw{6*`I%ne6JSM>CTA;+n`8P@8Kiqc}9^z`OO5%uhh{`$v0yBGKT;&7CO
z;enX(iKod4wV0R%QMwRCgTi*ppr+3!`5cqlJ?`D6n-Kg`ad&}Z3eOl3;l%fnn-<a9
zx1l9@>1TD1N|~h-PKl*n1u@SZFBza^EtlbxTDE(Sp5a7$`rkKt+k;(wDKrV^)NV}c
z+hSWuKmT+eV@33AB|bO2-KFUwbf!T&raa?<0#2Qddk%4x9}(C&ooNYNI5#5tavE}L
zQ?TvEB_}2%@SA{nbQ`~vuG<_fZ*|fl7oyEVH<13a+HG`uOwb{GWP1N$Kz7qe-ea?U
zHCyB(X-fgibxcX$X|9!;qjjkVL41bd$0@0<2&HckAfQFe<(>;U!Yp^$f?G(vqKv8l
zBZC8TNL3aHXFsG(@EqTCB(NbnA~N683X)1AdcQ0lxtf68VXL7?olA+x6VRyJx%u6;
zd|!A=lD?OJ-WWJ;o2LBIq;Op_{3a5SWuw;_oz?@w<ILK7RuU7Y#tA^qqPNC5J|Y6v
z6TKjs2*1t5d8Sisk4!NAOvQ@MvM~(>h4$5xIjRltTZx4JFs$p79|9xsnzsNb$XTUk
zMme9kXgJ_4kv5yHnxE|hRom&`F;cNff-o*o0jlR;vn5to`1g<De!{n`$1xxZ(LVa;
zrGV9(uS$X{gF<k=`5l~!yeeAx+3DITxaP1o!?gM&3U`b$Uw(wo`p|R<l=wGvHT`o2
z#;)_fJlm^3NenHid_^h1J$$T20~{yv0^z*Z)~SIP2J+6g*hEide$$DL%{l#Kd+f(x
zW4+@Sb3m>Ng2U5y5V&XnwV=yHNce|VzO00{nf?>PEA05WBDaL?=&V2iiQo}xK{NG6
zW9XQ?O7~3;R~8-Y2V{ZGC#}8Ob=}RWTlZuQ#oeNXx|#;=_b{g83=mz!$7bT5liF*<
zM>^0h)ptk!*RuAjR>fpZqpB<&vlWuBziISxoS9Q!N?qwxsD*0AmJhf~wOc{&MlI4V
zaIwXe?o?fwJbe$hBWG9)8BdklbvHQcu>;yzr1PTm1Y&2q#5?2`3Box`B<j04yX)7@
z?LCCjK9R8Y0u1Ml5hkmS8xPg;t&3~gmJD#(y1Yt$s-Q39FX>{|NtkQ7rUsxUQ&a3r
zwP&+9`7o9DOX0^9xEncL$*0bKygr@}<^$O`Zlr$fj#^oh36x|7BER4@TXd~@0_N|2
z$?rb8{#eN#vp%9sPK?l5*ssfOSfjh&5d6XvOER3HAzf7NkU^5*h9;y0miqw`(`3ML
zY*p9Ts)ypqriamKE`Yz}hSBw)&;_g{&Px}+1--q~(9yRi{1@71^ATe7^|^~T&dq@}
zHN_8elHEtFf<VWHL`Rpv59u#CQaK`C@0uV-*EL?fp6O9AfWRT^7xwEvL(`7#?#~xk
z>z(}=@IeVhllYgMk9HEECF5&IZzz!6f{G*DtRN+Vr>w0s|0H)4PaGB&<;I(Dsnoxm
z)i3=**V@JGCrU+7VId`gJer_<F@dJ+VlraVOfG9p(iGU3*q#XMp~<}MpZ8kLh#-9f
zOxfPThRS@Zl+^dc8Zuea&Ymt&$~CC<M4F|;E2&Zyf8~Yl#pA}7uzVez!A9VY0Gifa
zUR<g}rL484luBUNxF%@w3~@=mor?K}em~K{p<5Y_;@@o_cTr6HE;16(pF%w4MhhFh
zi-Y36-N~G&zkJsscSy0mx~KI6B~`B69o%qs>E(blptA_v#7y&w_qvwDIMyV8>7>EI
z?L@28fcgR}RJ;+ZA1TwOaTVwvZ-&d$RMI?DR_)dkGL(C%T{`)@;bn7TH1<lqQv*@_
z(WTA9@WY<k+e}(I%4ZYLI*6w}VWIL5eA^RwHTp2EqZYp#yZ6g1Lx=(gPtA1&W^Y3M
z@0Xs{VhtbkEZGhgxe;|?#kfhhGS^{6i?p>B(*<MdE19vohl9Yd!U-T})3j&y7rFQI
z5xOb}OGSk&tGx;FT{!=i!j(aL5)-eSTu&2ip@qsuSimJq%~nz7Lw<%rdMEb0qGeCx
zrnc%Ho1*V?Ip=^yML?T~X2|mGYUB7=Du5erdnHAM%F}(NF*u`|f}!QQ)$+SdItzBR
z&~)#?f*vc^T6Z?MiVBcHoQ>2yJY<%#-;eV##A%_1;ju<TvDj^(qRO<hexoIES$AW<
zR+YuIe@Ds~uKO1B#*42kQ{nABv0FmVQUPd}E>9#NZKd&GFm?@!@S<gy`JpWd$Qq<`
zU(RM9Os6a(k%Rp#k4=8`BL#7I+h}ej_7pn~73=;M?^(BfdjSSFObsX0`24=<87{{Q
zNL6!FMH7`mn7$h>`*f+4bo|a{yMO?#n+oN<>!o*jd;otfIRUwvS4J-;Bi*Xd&N5GP
z`5wCidh1N<i#{yQlBx}VOsiKhpJ!7&l$9OQkC++w`lft_$bsd}@AecuepB~d<8VB~
zA)m!v=OY&DNf;=C&mG-QQQ{RWtSBr0vyy^n6%9AdElB14l<D)2!#{D(bi6mgi67C4
z5Oe+2k~}uBk<8xdQl^>r+>J?7b6NW!IusM^FbDHU_ZNYJ*=98z-%ZIPmvb|*SK5xR
zjV!obzga@_29f2w2CuX=4kVj<hK8Y#iocjTW&@^}nG8@g3u{BpwzGvdTBCS(gP_3T
zZ^lci&DBH`XPeL0n$Nj8GrYgSW*^$q><@+j9o<L_)~`cAdZIw?S19L8ezdT8gy-vV
zl59<{G(6<x&?<C=3CIl;8hT;E_>9DZ(aU}rvyu!^tujHAUR&`jq#_)#Uz7N;Q@4aO
zw2&yXR1Rz^LBots5v{V$(`8k6s*TGZ?hDK-P<B&ITJ1}^e}<Z~H<?vSCs(qayLV#q
z5D!ykba|9{owhgGa&f*gRcA4uB$}J@^)%l6m?f#F^LxhMJQ<Hi`*J8hrBOC)fJ@8N
zPhO0j`?+yktm?``Jeu-%yFI&3#6hKEa@=BZg%g;dtRKM4Da8Q0#~c2)vN?O)TXgBu
zjOsurv9~#AK}weOS~d!9i%`_-_m&MC%u>{5$=oUi-65_0?~BWhmS9BO*fbkU@|n3z
znpNDQI?e3PZ1%<B0IcXQ8lmy!p)b>KI0%(q6fk-bnuE^YK3c)giNE#>_ggu7kaRKi
z64ropUf>Q&PGq|k`;^-?`|@7R!R`CCaQ`Y@xZQY9YA>qY(tWHR-9g`b1IYG64#<BM
zJ?6i%8&1M0BAC~no2cO+gd-pWk+|t#_$4y9+y12@4mcB@uyypjeh-^-D~*5KdZ5bj
zxy0c&7CwLI3U}Ll@W|meNc3DZ`%Hn~X9rB!avavQd#OS+Y(BW+@EZ<y+`MPVncw2@
z8xOzRybna&Yd(1A_!tN$-n=KnCu%tuZ|f<j`13>PYhC>0Y}p13Ov=e-4rzd(mQXC-
z4tg>yUGzP9MBGI|F*M@0hm#ncPyF;OQy6SsPhO;<QWm%Ztz-z)(GSQmQ9QX&xe8!#
zUjq!(f9kr*u&BDOJwp!N4T8kbjkI)1DJTsRA}tL=4&BW#LrXeH34*lJC7?6{0z)Gx
zr65SXgWvOBmp<3~o%8FgbFZ`4z1P|M*IN7TeksHlE`*~bq$z`|f1q{op4wI*?l!2^
zPtoa^Sm>UY*L;z>fG|x9J8UFLf&Ox0O_T{p%#(u4^g@{=3rKe#6l?|l5o2Szil=hy
z<C1pFPU6MPmNGg=JQR3aQ)b3=R>1wy<oiJVw@}_6>r0>~q=ShHuTG!zI0{1nvt${D
z71c2hn}O!FWH_B*_nxP;K#B2Ux7#~z#Tl#aIj}nnLvadjt6XNcpKlIVeAuqX{MD!|
zzS0|@!Iqjoo)Y^@aAYMwhR}iSa^e>*>6yYrKiM~-*otRxZ+98OqF?uGNStHX{JIYe
zH8@8={fRCy587)Pm*D0CN6p#Lk9`hWIF{xomKt^n8OcS<#`JQ@F)3~_c#+RZ!%9}2
zAK!DrZq7IK;;cRwn19b-ifVJL+>a`;W}xi!)epqF!jM6+Lr9&hXs}S$pdPj-7Huo9
z4!H6#Q@WyRaj%H=QfE%m8w;WXQFIP5_Kt8Us_8_{ZZbsze{GVJmqQM!R}EErRJo{a
zJWqN^hZiEo?O-FL&Dw%H=BAGY-Ve70ncRQBDatXMIZoXE&A`kWYg}(F>eejrfT-|g
zGG~3xGZHyD3{mQICHyZ&Dh;C9jahjt5^tGwQ8v^MG8-zwdOtcQWxplZ6tZ)i6X2@c
zi}UxFDQuU0tX9Y>kKq*u<%*lCccmF&tK%6y@>P8F2Ih%7lF}J2TN${bl;if`&h5$t
zYvF|pa<k69#?XZCtnRBy&J^mEi)`jtx~2}ZqD?&$Aigz2EZxTDfO)>M-cQE1@b9eX
z%9${sH;tvP5LG%ILv`}$j9wzTB~YGHFfT}@lP0WR{0Cxk0z)_+`l5&X9zlZ(KSmd=
z4wr5QS>w(qnK4}%^ZitqPW>yeH~R1zALgndNq!7uy*9iBoTl`#c19j%<oG>_{}Pti
zp@y{Qf3nBXaX<M&Li`%NliEUB0<BBm?1=LF-sLOHpT-f;@0oL@oPq51i#HdtNaeD2
zw_p?FY}v`2bRW1t)v-RfMX}isw1vK~d*c1YYF+3!szNR!T7Ov;TRI}4-e<GWZ`B>o
zYfQ$IWk>6g#WTzZrETge9E!buY<$miv4cu+<!5e%fMM6@&mp%AUy3U`C2Xw6Oc|yw
zG<BLzKP}HAvhR`gY@8kZ_&A0Sk`eyZOo(zR`oV!fVicx3AG95}9u-U<oQm;_)15U4
zhv+~`teb}NQwJ;bn*Kwi8w%r;x+WBA0K3R9USoFWWn}daed?tkvr~&}V8whADj`fn
zY$Y8OCUAO76lL@^O7jzgs4&5~H8Z2yhVj>w0TfGKymB2{Fv?xh5Ct-w<*MpuG>>m-
zrvH8*HZmaU0Tr|3w{^!%YQ-KH$CC@w{Z_J#C6}W+8RyNaTdZs^5|V;_%BxE@C;6z^
zBZoF@AWk+<0N*`2D>=%BnmW$kn6Kid<FCv{3LZygERa*Hlo#gJ=Od}-($C{T@PVeP
z>)gHQQ&K|jLbEYrFGU}+8P;&dgw0ok0nfmoW-?lZ>WVZBo37~3pAJ{f(R{+?@-(-e
zvwzy3`K=blD^S8TqsnXaGQN$e#*j){re+1dFSbMUD_+d}%DnNnR^#eNX>Ie?Z!5+;
zg6|q}@hn-TEY~LSF#PPkg}6%96@FP^TJo6uGX2X|;d5Pi8VU0$9y=$IMfT+>pui=y
zhVK`H4QPY-#zO{N@SQQJCZ{^8AH$W#rQ*Ykc};$;Kkny;sW6$;;PcH2FAieH+Ox3`
zXE`J0oUuD8Pra)Pxh;mokj`8>J3Lz^76}kjL`nSFqSA$LXEh_cr=37l_<}~9>vW3@
z>cqD>0;}0pkkPiqOK>=UzoFB@71pR?MKFMt{>T=<_*oTmtIf*Qr~j>t)$X2aknU^N
zJ?FA|s<dBbk5n=Z)f8m+nmT=7I6Z!Ks_O8IsXc~$`hzc|FhQ9!#A&_NX<?<yoQA2k
z?JML$p}XaKsI(us9dr<bq$v%H4ANUXr&AZ|JZ+a^7OU>)xDh$BFp2Xae7*hd+)$ed
zs}^(*x3Oo9?2|Iq5S<=uYu&7zldaaMTBs$-6BxMByZf?Hxv8(uKY&3)SnFY|{{d~6
zstumWK6zbY5fd+1i7xXP)rqs6Vo4i~RFJC)joXe`t0j9{#Jp((pthx$T78KcV5#ax
zH=J5Gqb2n4&GC#@zqm79QTeVdqv&KQETO&iR`LZzZYZe(sRDuyls^a}zS9hEKVjwT
zO{k+3>{5kL36z{`F<C|=c|%Q9{os>>-vzsO@!G;_&B}cwp1qJ6$cG3%E0Gz{<?&m)
z4ALr0gmTKM|BP*Vc}%uQBUjSaE#a+qTCfL_pS(noeCB1B<DWRB8)tq_q3r&g78><2
z0q?XpE7C2_5fZxEdrrwIM@e;>R^A(70}RpjSS6^#@1S%(aQ46pVG|hG@0~s^X)f57
zSQT6)j+b7}z>yL)*P1^!5>vV#V#gt^Q+n;XJ3T&T7a7|r>Mf%7G0DE#7WScIYny%a
z6OFSR^Ic=TriEl3@5ZzN=b)N*R?s!J0~;ixk%l{n=vTrMT2_6lnr)z#3Vj~mM3LeX
z1%)3wEY~EbB^=Q7h;`)D<99Yg%LiNQ&@Uf{^gK;b8;<SKu2Pr_*7BS~3)a_S!yf0G
zcd_5%IOP`N3La3=m%FB!k-rGYgpee9Flk5_Wb5*##Sk<7N}9Qp*$oSc_y#2ullaho
zRGyXy871eESvyXYSl5Mk70=|hRv8~r50K9ul6=9=p$}8fi0K$5uKa$yagl#OjM=KN
zsA3{zw6L-$zTJcMBhbij;~~YEE?BH7&i#9lo~Ovkn;xJOb8WU%>9kdduTC9fhHaCL
zIn$!oXnl6splkvKCgL32Dhgfac&+gzK5F>w*%<QrBcPxZ1454Ley@CLq$0L6a3;Fr
zW6LV80L@E5?)V~#HB1g#raLeFCsgq!lI;A&HhbcR-e&YAC4S8x(Qr<Hdq}bk#n^u*
zZfD4ZhEM0YpJZC_trI!FPJz&{qT32Rd(HUfyX5_ps3l=e^-K@?Dtw?aki~$;f_(OR
zsf6H^N`d19ZWNnk&E2(gvQvo7y?vOB;-zRG#(M!=E<J48fz8vn*LpRJT5rUS%Lxw+
z#8qlkb*@E4E|<9B-@KSfPV@Ms5Rn(fRG;VJDo28A1>IAgT72syMe8KJR`_JfTq=Ym
zq{4Yhy<Emzp4QoeF{V&q`XC#=JRWf8msKuFEk+{eK9y!;?P#q&%4Qwy2xOl(L~|tc
zvY2*>oU=2=hB}D%Jqq^$@pVzDR*6*(&*mDSjx;7g73R)g#J<b^;{odot8TxUDwCQD
z<{q`>g|=9{T(@9!Y$z>fw@rmHKfWpflNoY6&8Jn;B#(Qi&jhOC)966GMYb8_QPZs8
z!qWVxiYg^Gp;ykM4q{*~plE)3vQK(W&zwJna(3`=)l^ES;r-ldz#NPCAh_-UP9L~M
z%>`~Bo4bL%YUp3zY_P<!m%h+PO-E+7F$@ENqX(WBucXc75z<9E8trp#)CpO;o)~4M
zlkX%)2D}$IZG}qnawqU@=Y~&xodR8;HKZA|;dK=6IC6({M~g=<w@Mo#9ey%>v!<q-
z`bl@aniJtH?>>r}Pchdj$)O^gQ>&kdrOSP(rCNQ_qcl?v8QjTSc71a8Sp-_`Wll$x
z!uyur?<-G5P{FtNAC1ygP)HXeaSN6b{=m_*{C1J9#{tljJ;yUG#qhQt$mO&j48!8r
zULzJE5B5avwG6+?U)+%JMHE;_0ji1^$YOC>Ok_dP5YVsq80#zuR)4&@bp?blzV}u+
zrCxWOji5PyL0E3DSM4KN5|Vft6lUFX!pldes_oJ0V>-9h+aogifUU0W>S|ZF1&VTe
zoDT5{G@GC?^?h5Av{MX0s>dsDRvFqK2Q75fh9qwgNrXP!GK}!4A8Rzh-RR&y2n^S}
zAd@jis0rpEIlZqrXWk~KtSZ-SJ~}Ls3@80a6CJACdYT#D<yM#=&tk!dKIPrLf$~0E
zMxiBm;E7xe&Lw$ZvP}My%~7eP*0Pj0n{#9MJuPa`j@t`l{4A`4xT+JD$GT~hiq%B=
zT3&2frF(ttM<wXCvn!_|m8}51FX1b%IoF2?CGVX?Yl;vgX9lAr=Md~?RM2{kmtZOO
z+*l6H{Vev2rBuzy`{{Y6a2iE*msS`2uJJFw(u^V)wI_+fT%-tb2HC7@8Hsz=K{=bt
zb&eHK2l}K42@j^;xj+H=@dx0Hf$TQRf+kMrPw`?81+Yb1SjZf{Y5fyL@=+1E?v;nt
z;Gx(8*0x|u@!s+w$pYbrMj8>z(fjXzqED*Wc6$qW7Q+~#7*|-cu{WnA#DPHa4=-j6
z^y_dlm)&i-7tBUA5;cwwW{*BH&Vllj4mo;5!(@qn4Xv$!q?n=ymGr%Z6Eiv4T^jqL
zBleon^>OlACywT?KOcJo-<%-)d^E5OXuv5cg<XP~`3J30%)zw&;FDOZd20u{F7L_>
z=|ltYiEL2p2W62e!>73-^&_B@_&_!ANn_A$&Q0;g>~wHFgvM)ar@{9S5Tw9+1t5m<
zI5>LXG;1VKmG-ri_W75-;mHEibO*J7bknBYE6fRL-gDF{7Jytmxj(brJ;*aBel<)F
zQJ?ANocLO}qFhIMQ2+MlET=;=m9C8TorlBw_v}ou&b^T$6-j&d?8RQZs;+PD77@<P
zqzHuWRl$8amzitAb}1XC^Z|~g)XXoTWoc97EN{fRDE)axQWcH)lu1*qjk%4w={%|O
z1kF%3EjTr)$gTkYfN<&5YXtr99Ao8>#o%1}Jugp@y2r@@PyFtG8gqDl-c(626pyrW
zC;qk+3L<V0rqfe70EG~Z_9~J&e2&`NVUlbX8z+n&yE4$Aby@&a*JhW;2rs;b%KFx}
z=R?@p>|}_M1!VaFsXb=j1K#DX9UMDVq={ulG3HB7a@n~{=CQhg!C6de5DZfTUc%zT
zmT_*8BayW3hatR+9H)VJuYw!ippsPH9dc{fPtg+i;7)3noqXy&T>E;MeqQcyJN$4_
zd#w92xH&-epxjqBhk?REcRH&Vnlw~%Sm8mqTO3Mi(7LG{Jmp`Nj*s*V&UqxC3=jBh
zc_b2@4GB_{44<Uaxp+!yVl8p;^iz2;7G-_DV;w)(w=b}($0b4ZFj70O?38*THvL2F
zoJXXSfo<|JQ`b_3$&4YDS+0ur&fzIu1^Y7x$2=a2VRCUXiedgCp7J&usNe%(?bNDn
zHJG>B$X;TWmeXs}IMM6AoR;E*>@5>fBYnROOCcDh(OmHN>UY>vO)T?GW3L0uRc<9u
zoAZI+bByPgr+ic4sSJL=Fp@&|sDgeLC#r%|Pcy)#C7^Q{vF3-;>=n9BD;*sh?slYp
zCM*vXW~D%wf^ytV(E2*l&`kTJ7s(lIJI30)<x2#VRqlrdF&=C$WyL)GC1%#G!|7Se
zzeN{D<7u;&??!h%2@ha(*p4nNxLchMYF~ty%22>aySNugVM1MYDz(K7;lsu_%w%G|
zY!N9^pVhIho=JYD8UCdrFZq1+7<)|JQUkBkl$JxVIC0<ReT_f_E7V_#FVjf>q=`7_
zh{qw_sK?2lzi)4s%eSdp)$?vuhD0a0B`mp_;Y;iSq2O>Xir=3%h{Y{J@Cm~OpIglG
zhDG@>f0n?0|CJ|i>xMWZ$9|9IQ3w_9i(w{7v%Ox`BcQCNoJx*At<jMBf%%zaO=h5b
zeh`Ml5a*%c8RfH#kI>bgBdH*zy&j{Dgj0ABo_xCCn*2t{#e;V|r9nE|M>^wL?>K%9
zH>nl`scUEM$9wuK@TKj?QJ)o^=E`zCOMf04xQ;Bg2mznG|JcWHL~z)0p?|^Ck&e0E
z<XL)wWMu2e$k-rxt#QS*HTe8V=EWn!;pKJxGdB}9C_?Tm#s!*wo#woL+rJU#h@5C+
zItNyr1D0^sJhJ3BX>=xTG15wV<#cx)$gdMpUN-F3P;kV_uYC2w&S}Whtr`I@BPwbe
z2UR~8H{5-tGl}C6HP7M--<-KBCYpgiaH|&A{_dpir0Cl03w}_5Oqvjw@NB4TFn6to
zBNtyJ&FoF|J3trWde-J8zj3>UH|ojU3)GP@l_}SmlA8rPFFOo4$U9<d=7@7}tLEmw
zUg&7;lrSN@OMQd%lf~H_6AiP(OnC3{%sd5;jz1mePE`8Dy*~>}zdv6gXEJ7;snw)T
z2-}j!j=*uZbQ(aKQ^9j=nBN^W9c^J<nJ(C(PR;E?{h<{_`LZF-VJFMct216@w1d4V
zE^<FUL6N0-*3z)fug0wML=)VZS<3!O+&{+N7d9CZpUs=omOScyU`nMuOWo<>N;WcG
zQKV>wfg}wnYb2a;;OvohmFmdFAGP%7sFuyX{=ll9|6v0Y>~t1bWG{z45ty53oZxh4
z!fZiFsT8UxxE+B6FM%7R$%}90nPQeYA{7K(u?ffM9m7jM9lz|l${;eF41K#}i?NvU
zYs)z0r?)!3>0_~%)J|)I_VPQTOODgsht7F-cJJl*P>nXwM?3R3tltq*mBGaM{`g=4
z`XN=<JIK*_Efh5(b#Y!H&6ZRBHS4H56Dv6p#e)GYsajYl2h}uIb@hm-*4ok36j=q$
z6U)98^P?$HJnp!MsKdObR=g6CQ3&SpV_K0`3g&q}QvUfANxoajUr_dLA2la+5kmkW
ze#0e}$M6`1v8_WO%beao&^aa$sqM=DV_G1(Yo0?$zYTVBDw0)hL2U4bw@AYb*Q=q@
zD$EypXUchY?COf?!+1?pLc=b~$@Q)|auFcm$gm>rO2Iuq)`q%_fc0>n+F9&!%udAD
z-}&`Z1WpeJm)}Of?!#v_@wR+QBHMdl?(fPX34B+h;KU8Y(p<;{4u`~d`6D~T6I~W#
zdTqJhwVC2U42ff0ACbX#O%poBTyY;d$XG*LP5@P7w;~H033O*~MT@>!tThZI6qr6q
zMeYiFnXC5?ZW=#()jxmrX6EEEtmJAbx=CItoW@TmT8qz4s^q=?u7~Mvi<rPUL`dUg
zOXDP%{rvlSu3&1>JCO1l1dDngUBBbG_3IOSM&w)kzIo^SFW%}Nm4T4_%P#53L_a}L
zXKBMpyBT)G0wN;$#73$&P;B`;wIUcqH?N*r%@i3n&)F++r{Ayml2gk>YG(Oys+q-j
zW<*(?ox|gdugj@luUT%XC93;D_lqwTp4`2Xm`hQCpL7g`u)h9rt#cxp)`B((vZ(0o
zQPSA}73l$9Rh&)Nm^UT0;<m5)OQ?AOfMLCxnpz+RC4dqDLf<#7ol@yQ$=^Mm-swR3
z-_^B^=|E{b^eb7xCHtW@#92B}ocZR_s-r{_0~Y|0BLV<u0e@aG2;B@ICo{S<SM~~{
zfeaG_0NA5Tc**|606rpM89)}Zn=hdx&eY`4rMmaf0=Q`09~T)T0HAE=>8<(fsoVc4
zZT%}=S?=?*27a{kjXpXO>OVXIfCK~y49M|2RO%=h$73{T1+9-m`4{K{VE_ZN{U+=W
z12Qm(asvP=8vk=B#49uagFz560s}Jr_V{{Z&{RO+Wdd*gHt=Ku8G!i+wM-y0^oE#B
z`o^{ox(=BOJvQlI<Ho4~0BR5Kt9e?x+Ohwmk@#<Ft-@6<A^+1`R{am}e<aBM<;^H-
zT5NB-Dg^*g`TcuVPvP)?7_h+645%X!ci}*m-!t{6PW|8cibDkb7xbrCG0k7Jh7fIV
zAeiNbJE3>bBTqsAz#NVEd(JVQBhW2etiMxVh_7Pma~A+O_x*Q}jg{!6KDD{;>E`|a
zr2bC@U8=vrut$U-fb72s{i#m*Hz)zog$DhO^-qnrzd^1C2<$8%o9zvwKUJ3gMp+yK
z00suy25z>_cHR%&bnMvwcT!~k?7yb?D`fIt2#qY@?ccwVOBOmS7+^#kdgR}RS2u=O
zUc^Wikma{w|HdH9k08wc#~_%EHuMT0w6lS?epC9hZvO8?I!Yqqvw_UNzf*PNcA$nB
z$_6rlZr1Bf<ve098%T{&=Y_z@0Wz!KF#o+{{Ig+@{1rBxFA!k(%+}D+&d<*Czsm+2
T=LW-yzTMDE|Ev(Lat!znK}OFu

delta 36025
zcmZU)V{m0b_x2r3l8Gm_ZCexDwvCCMoY=NbCbn(c$%$<{nIsdwbKn1}_tD-TR#)%!
zp{u(3cP;e(T!6l8f<{!5h5UvN_Wj@MP^*!M$P4)&BNO}|Q$P0``ad?=8HOCN^-I+p
z`wQ57!gF<Y=FQ9fov#u-qYh&=U@5rH%}!q_63w*5BmkSoHN0l7xsZ=dbez~C@@_!v
z7Si!M(%j!fY7y6H`UitwUGqbp2ZqF9vP@O88<?DMTsIFsJv)NECjuXTdx@~XoAM?5
zDKSuW)I#QImE`iK{RLaTH>s}z)`#X97wzF%-s(if!3YG0#8*MIxJERq<-0hr+bBM+
zogp2Aei&V%yG7ro$4lWwX99Gmj@eK-TONs84O=%{+yy}fEbc9WHv71KITR#|zo+@$
zMkV8ThlSs);uzFu#`2CF8`PUru`lV!?8mgXV`wWv)Z;H`9Y#4`Y4hj+*|Qy6sQe7o
zFyt>C3+)xc1k^EDpqWPP`7UFlJV0K8;9gsBC>D@YSuMywS9g%{a@nXrdeGYy4t>53
zf{vp~Ty3?3oqUdA(G7K(>F8$iC?^JZ!C)~WnbXzjL3$O_u_j_5Qm`{_xw&Vxr^Rj^
z&!fSwlR2owo=rsHQD_P{nwh`UVmEXwbayr5Ke3Q>iIa+Gjm-5SZ_>Ds1P!{+D|9L(
zHriewuGLJ#LTf};A)-R0f(c9A<r}^&%pWMMA6c8@b9qg;jbyZ>-E*6>tU#J)qO<N|
zzP6eFs<--G@r^}y<Uorjfci!QlF6DtjfG93q76Zo=-m^d(u)ePQr7}YDDm?YsVKOf
zNQn!17Qc&YjXXb55!JyvGdUyDW<iIME-6LJ&WX_3{x;v)u?Us^DhTV(<=dcI*b!NZ
zY{tG?SSK0$y+iG2k^tuP{#yo#;<$<=cCoZ9i`fJ2z@%K`uGG%Kw7+PgqHab0ToJ4B
zOA5%cI$#eZntTrk*;|QJk3GtjrfVCqokN#y{TYU<$N+-Cn9eJ)oeL3;o)uX}qj?g#
z{LaYp!pT;QwM?JA<WI=ai}f-Vs4!}z1YK#3O=*5dPB3c08%TcSm>_YBdz4rRv0bFx
zB~Eomh~X4E!Ys+?fAq3roiqA!2w9L-DQ0b6aGXEYugM2^k)GLYRi6H#V)l}u@x{Nm
ze%d-Ye^J4{b@*zWrfU+dU&87Q`%3T)iPOsE`zJd^>J;7g5xE;BJw-i+EjDYdaf&QV
z-#3A@JV(s0A%vS0%_v=0BI>a8H8>4*mSzKsTjlH>;*Tk}Do%8gfhm0WR2)7R$o_kR
z^I-x95;G-0crjeLs}?wkA3+*rQSTre?m0VdOdoqt7$@Ryl&&uR4J9ue2osL;Sg=}X
zrYOorOjh=+MeBj@xy_H&N5ib=vxvB?4+K@``MCO)Ta$|yy6KcUhppheFv!4BIB%lq
zM{tuzlJ!$EyHfZFkoaYh>}h^{eSFCst^SDg>$e-g0)}2*Wt+@zlQfH42K@uXwm8F6
zX#c|5TP(l0-oIY&vW8LyuPQpyhSJln%2D$x@6dk-RgQR7j&$Otg}-XTPJg{ja|wO_
zNRE7J=&E_9A8QrPRp@TD#Wdc&9-)!4n0O@Q*)cy4cSyNDcQ+XarP!D#7Dxj`JzLzE
zyhzId-+emBUKyX%>|c);{T6fK4laXkI7M=2wC`d>V%>r-t<0LZRXa|~n~<HlaJXg>
z6{M5OpQlo;89x$YyDHzGAwoO$N(EMb3P>q28RU~I%o)VYyLg7@o}89W5Ov3XK`P0@
zd@sjKWLf_P237<E2KIk|kv};Vffiuxh%brp>0P`WH*#Rhu+|?bJ&N>X)1AgG5}*~y
zP;F02W{*%gRu$N1)mlv8<>Ac+s*Dwp;vTe*3nAMqh1@F(iqa7O_7@yok{hi?NKJY3
z2lXzD5{WoPS8igVt+;t*OMLB)&&T$~r@<^_{FaAMfWL45$P%@y>5qew_H6(=nsiRf
ztqC6fF!{`C-7RWx@8ZB@Qd@smaFDfu!yZP72ZNjrwKlbG0%i%loNk%cE&Y@hw{5;n
zep<*cQ{)uubLmYhk~$J4_ApVl1x#EE)@(7*2zX;?Xg2*+=BEXGt={>sNN-Tr1bb`N
zF(;_21FyE<mZ58A<l+t*uN80*TjG_h?c>7UaGOTHoi((P<jE&GnuCDT5<k<{cpb2@
z2swyYoeIbx*`o`qX*khXdZdjsMG-^YYV<EB4%WtDF53T7aiNHe?z;O|qOYP%X+=E`
zrzHeqX=?l@kuK}lOu`@G+2=<N1ek@3r4=$iGz1`zdK!YRq=4ZuUNb-%C#Ex5U8Lie
z-I&q!>l`;Ik+VQ|E9of(AOo#RTQ<%*SbTOweOUGQr%#F8c{7IW!CjamD2aa$C%Ih2
zxG7J@vY1fQv|*==7h8C{|G}v`*p&Nv_gkE*qoS4oN*l+*rnG;=-cOEkU|=$u>3|p^
zA<O#7SUpEM`z;?n0vTWwOvM22#nIG81{!HQ(nERM4(4Wr06}tu&VZWoo`+>`yaXXc
zw^p+l)0{$dkB))%x(YoPDb(h5zbXg58Lntf=CqFi*o;$C@*)<=|4`DERB4`pQDcai
zk4mw^g}E74qhwJaE<BhzP}D0bFJ5*>(gUN3ViQ?RWDaUcrvk*?GkJm(O(bj8<#~gN
zWr^Ey+b>hiGU+>Xrsi29K+g9fsG)E}(lXI`dbt&xB?3Dc%r<|1&Uja#Xq<%T(vEk;
z$w{Fs2v<F}8b%b@L}c+{QBkI3$syPz4@u}Rnk%{Z!KGc!8L-7F!FO<y>L8nAFK~=U
zeP`~V)JpEhzym~3dZBrP1bLXHXCgM0n!duo6a8n;Gvo;69GpX=Y}6+2jxQ8fHRY96
zdYEK+c@^%*fNG6*!b3d-By=0U+bj<5DFx8SPM@~Vb_G0dCS<YMa<x=b@`K5^&v*Si
zh3YA48%$E3@RD7-?x4o1rOJXy@Xb&4Ig5fC5G3@Y)B${L@I*$tUM7IyewaIw0-v~h
z+n4c3bLfw{y#>izWf-EtQ379xzvO~vyQ(kjgC!03G$1vO1wZK=4@a&UiaQ*b-@^n*
z*Zn8>zJy*TvgEB{=VyW@H!3A$=lW&58)@xsTZae~3C4;WNzCV=I<F&Z+nmkgDN(r?
z!{h}YdjK}*>jKdvL5yrWzHT?ADSK7A<|q_XuWo#4y~UB;v9X9XSG29;19QdE;yN}0
zuZAs#^cCnvk6<`YVbZ9o?5g3?F~>W&P;5LGKM!x|hTs-rRC}%NSPg}x^NDykJHCX?
zYE>SSRXMp5wQmi2w+@^f>|3q()8*1TjtPgI5C9wr)Xs&gZv~nIo7w86`g!+MwuesW
z>c6T^%L7#pt0{jM>ym-^*832~J2KTHNjtgx1+7}G%S{6c3Qa^Z&nT(=m6vmEeBb0A
zF>2}0j);mBe}vi2i5rp+31{rgsVFjuE`p-b{!kU<W?DwPBE81%l204{EEFauEuv}!
zO9PzcNRqlZ5)x!y^7HnhTgR$&CJWm3^#&>Q1UUE;wcLtd?iv;^u^gJpM%E@W0T*wy
zzcH0`U?$*C(+|)RUXla7R?Fp0qaCB*S99!*Wo_s<80>UI?SBOquN(2L8(m%gQA%#d
z0$Ob1#q)6{*@s{GCOLPm8(}r~=Pp2RYyqG<U!<>n#=lZGRHqy+*4$GTz82p}qTW<^
zk(A~1TLQWtRwdh4)2;XJv3+&ET~j#%zHP(%pumh-b%YAC$(kcIJKnmoPvLH1A`LhC
z7cLI`WVhWrD~S%Dwc5+PJJmKE!6>(Ebv(LH<qh|9E$%_e2B3AmwAN(<@IK!8umQ(A
z!`}d4Z0|m8sQ{wqTcTb6Pf`9MK#0&S(Sh<O@x}m=iO*lf)ztUWOY$$A&cLr6sCTSO
z_fI-^sxOYt=&vx~Nw2x#VXtZQ`|~B<d;F#FC)Jber{xnfAVXl_Yk=?sAa8dJkbS)E
zrDELs>N9UcDovAef=?th{x0S~1hCuVIplVm<uLv&NeeR8LLL6o)mfjdQNv2Z9be4?
z*vCM-+fzrmk>nD8SB!cwJU#j<i6H7fdKbdpjo*j+G{irSCmAK8I>SnGg<yIm`j6uM
z-c1S`f(8R~LioQG5A1(?Q2vcY+!}At=)eCrAt1yj0nGlw6G#6XdFlaf(MzwotK^iF
zCpYyQjItn7q>wWzfiOjJRqcgYQ^7{H!x2XqKb89fb&)r{Yt%>r6TA^ooy01iv?90L
zN!8DHz`N=RLV}>G*ne%mS!_RV`zpR2KEK6-(eGEp9^A?mQDBm@qDG@?N2b%u?Z*ry
zZ5u8h1FB**>+HyaH05&|S>P12SI9LUxB0YFwUWoIpSy-GyaA&7@@QCchfrm>(9P9p
zeTf$rd`H<wcGY@2Gp|<`S~~_95$Zt}y2SHBwos`GY<7UuB`eNZ%BrwbXTII+mXTL4
zh-+p>9rz35x2`_D``%L(BF8gdQ@S76y2uy(0Ev@_={&FME^X7HHKcW-i<CM8`|nd!
zU)uB>RXtZ+ywfs{G>halH??oE6PChnItMa!Wwm@6!@3X$;i^!ie-Sx{pP|GOS9oi?
zf@yMo1O$Jxz?VBHii}2L+-o@Y(ly#=o()xK#$_i!zePej#P5Q)h@vOwZXnPD$4ZRs
z2b|<ZJbx=V(uq~Bmd}4)?{(AM+=Qj&&#_XO<oLKrVwLW6y3H*d&xa^CmSN>c{k8f1
zTo(fVOZNPeFLM^*LbpGCnAVnsygq^UyH@p#h3(vuSc4MwIu?|n>qPT%KJ?qHp}gN1
zWX2&8bj1CB{!ajZ{PxVCG2R|WG|%@O6Tposwt(66M)>WasF;j0*Lk{$!xR%v&0hK#
zMXy;$NiWP<`!b;&Q+GJZ>>DhZJ~#f?*k6d!HH9EBR+K_&h2%i?yIL7cjqziUSJ!GS
zt>E6L1h&^xzy(WUcl-&bo-GCD^w!`93^v1+X^az3^Wt#Z8-F(ACI%l`YoR{AHh?qb
zj={llvv6WAKhsHlCwZbP8inE}=sLd!Qg__^$&%fIPW4SDQ^p_gBl9(g)cid_PXZ^Z
zBSWhmT42bu<CBHcN!G_^PMY3tZVTSyr<3iohM1i7>AVNv5ai$+FzT*v`^@C#u0=FQ
zjgLFXO+(EaMnCKnN10f7&?cwarY%F|2rRin0g8p9uIA&gTVZlpBN>8dHVeFbMWr`O
z(61B1f78T{HU$`F+-UL!?^wYqp3!T{Jy`%>(f)Jte8eUSxFNy7WT5`9lb4)9L<8_q
z#ZyQBvQL_%+<+31`Kh~6@?wR`EG&Z&sv!$j{Vf8~UcUL9(kC#~jBCp-uRMNPh(Pko
ziMP<rH;%V3?!c5hGZ9B9fM_Uw&-0p*Go{3W@?`U&tM{SpZAA$14oe*BfkE!b8^K00
zbXOH~62x6e9AJ%u1I20);;%8H_X99Xr*s<>;{w-lS1>m_IR;&yM;v2K!W0EcipdG0
zR*1e$58`I>6pT31_wPRn(nCK?B4&bD`M$?$pnOYPL+y!J8x6wSXO!29W|d)e#nB6z
zT~C-x*I(gmZfZFyD!qs^%}hq^a22J~t@OaL)Wg8R;UefH$?vt-JzmM-2?nIQ8Mk;f
z%N<8pGTI*7@ZPM3(U^3WAb=caq;5yiuqeK<rYUfHH-?R4U8It>rZ<~pvgcR2IdCy9
zw#h#ap#fF?*iektP2sm{(svHH!H(|Ri}@ximCSZ9HtzG&T&vz|Y%$*Ph;E{cpEP<^
zHuVF|Z39ci%A%67)4?zljR0~Yvp`pu7LELb)v7Z`K8e73xwX8idW2Tsp4WDSSDRQ6
z#z0H0t%&@gQ_&OUw2inyTEcj0yT(ChJCNg3=&vc2B-Mz-sBB@mnoY=O>Bz_<i{Bzt
zj|9aQABr)HS`kYJRvMS}dO)!k#vrzGJ<@up)kc4Vn}cO@n7W5r3P3r(pHZi!v1A}b
zJb20xJiTdACBNE4Z&-bm)+R54cf{PTVs(H62N7e1h2%gU<Cn4c@P?=4Frr*p8_hbw
zlMP1k%;mLyo4{@HJ}(mwYMg71{c;)4Ci>5UJD*musV=~*Mw@9)7yTk6!RBl`AC8Ci
z?~;qRTI`P5ppTQiZ2(q<)96KZ$e<4d|5lKNO=V}Ue}~9`8VvDOS&VwQPDy7kFy&io
zMXHtamU?!r<HoV~cH4}&S7f(h>%er@o`8M!ie7xbClyR9WHX2DMGej&o*Hp=z)m&o
zITWr2ucQ^hz*I9_v7qbMisYI``vJ{&KXJD5`(T0vsf0=qS^&s7jC#nY?o9|{TVXDh
zwLL<eYR)!n2Bomp5&|{p@hnu!E`q3=FC9eY$RprT;QtD8p}JA6sf}0Y3p9gQVcp*d
z`_e?E;FoTa<ZgUMF}e{pCQ5jsk-LQcL_99(=nno#GN5xhLFqw^6$Z)htrcZGP$dGN
zSXiIf&x6Fb2@slV|CscHQS4PG!tTK6-s6>PUNHxvAQTfi3maYKFffslu<MWz8Rg1;
zzm7_PJSdBMUq&7uV~UT^mh>1HhxYL0TpDLthFTY27N(1BMr0b{7sTEfOY=lyv1-XZ
zD>#br1jV_UZdF(7nCuseyvEfw+%xRNFMnq+&0~`muj2X6g@DL)=ZF^n!$%G56=}W*
z=7Gf~KYU-TGZ}J`q3#B@A336d2*p%r@7r5uRkGP1<8#CRU}d+@n2qUQ3aj#er?8E%
z<m^!YQSZi|G)Mn4pk|^&`LCW=h~PFl{^WxA@8=4UGw}a^woWYVzq85zaWR$r{XZ^H
zGI;+j6gHBDI3oSmH!X=AaOQ#bk6H43waIa!`S}bY@ZZGbKnv(7)lgz-nDEwRX~X+L
zpyOr&DT{qGi0aOWw*8*yw;*a-VtIil{GM@`FQkw2`GcqNqwP#78Q81w?&mF!XP+G)
z(dXZ5`~c3JrFv+-%K1or1ov=9z5{Rqx_Ze$0+P-0y_z4_%gV8UZrtm6<36)QVMI}q
zBG;*~Mdm897?k69n>vxz(n3O?zg@q}o5Et^pjOBGkot{t%z-`}ZM>wuro>o5qufLT
zfuw?`rqHGcBRHF*yZ!{oyZt{1P2QP<CE58WoNmk=%W&iO>f%P7#75CPlgdk1_dr$e
zF=3V*_)E7rL39#;d)D;ia^0MqQsSIdOG4%YYY<`NvrmnAd=*XPBM)Pw8uuH<BDC|d
zFjEi9jaQt!i8{@s93L5$zQdEYD^1Z=`vKg!j0fLg#)|#8YgDa%raZ`PNoTU9D;u3%
zj48IL)GHmrEjc*}&Vq_wm+~P~`0Sb)1~gRO!^O092jl^q(U!$DlyQ=F6IXXwxwH>y
z5lcm(dykdz9BRjHQEeHIPLHJo4bQ7|-Gd$d*x8MCW$6wBo_;876C`b6j{dm5QGDbR
zeJgGqJWI8&vN3{3g<jsHguD>WRQ~Avd&_U2#N3LmzOtGy)nGqSU)Wu!FFXykvQ?8w
z^57;-qnZd1T*1MMk5MrJYQyCcbV=3Emhm(iveuzwm*B}{1hZBXZ>OhOC`feJDRv|}
zO%Su5d#&lsx0oaIp|E+>$Lmse%leFRG2yMo)SQugV-s#{@XHR&uJ7-o^Gwa+ZG^#l
z7#v*SxWzTl%yV^CPJ-Uv^*xsz!RMmb3XwKeA^ru}XTVJ-hvKl=wZ|{aTqEZ}+*hH?
zctgT^*YC32_475_6(wi)HQP1y6=9g&c(Xsrv)@(4xBMwz#t^zBnkK<rFgsVe7ZNyo
z7aEof-6N(ls0rOO5)G}e*A&Qxf6gT}_jX&^($4+iBD36re4Q-Ht`9#sqckw#wQ$@g
znu`Wl3|@$PN+DQ!WxWX;t#w!rcvWq%i2sr)_%to&P%Y1#Ni(o0`bxi@*2r9|YB~dN
zN_+5ur8_0-EyIr$oQ4*VEC|Y_vC27S-Tjl*!lUx2E-g%}r8}Z5ZJV4t&fD^JJi$V<
zSH&adW392AiXKU)`myYnv?BHJXr7YjJ_83xOQmz^8S1j)0q+fKS3cPl|9J0}&N44O
zTz%S`Y$^_KoJBs4T0or7y%#{#ZfTvAJ2@Iw7%4}_p^Y}|c>Ou=yzf_Zlvu;gR@AwB
zZyQ-PZvc<2RuD7pm!ms^K#_E$nq^?aQT{F4?zjaZtgVe9c)OxdLuNs<GPx&rkw*<M
zKbnGx|MJTZ1yuRW!az&}3cGb`1u&gT(uFqpL`>vE(C&HKp~}c*{)7si(9!}1L^R*F
zpXsWhTyR@ZnC>Mgs^?Pv`KuLVJ{Per18p(~{s*h<Jibf=AQJn^cD`uHV)%h5ySP&?
z_W{Xp{@Y6Ri!|0=>Kiz<EDbTz?mIf50%qWqyhduM#0a6OEIETCFpFl2@cV4Os6Er&
zAfyYXyvg;q^HU|E9}XEqU9fsMe6qa|$Kgxli5MsKW^nM(l=EYy5LpB8us`&r%L2sd
z)mjSzhC{}ML&($7>rxc=Ds|wsS~jR^E$SiCU`lOQrNNcI)PAxR29VD(fG>FivRGly
z>r;DPl)l1hKBK(~AY?<M+J0!!Rn%#R)QPK+(YO|cf-5fWCS=4GnjmdsHgl5<a8n%b
z=ah{;7X;Ejk!ss%VbPuuX-N@6oiv-+AF!x}ZYZ!6Hq-}r{<<iKH)eP29fmk9K;bBW
zZ8kx{9X9FMit8yDCo@YZEod|YG`QcvUyM~*@p@?~XUMy6B&%xi)R~~JxK}(ZL1<L-
z#VM7_faYA2=*8#a)UihPbY7Q5^u+zs6L%_6FejC%3e=)3#KhoD3NWrrpfn;mt1z8h
zBiwOIb)9rsN(8ee;Rfc}+G>gemZ0<$Pob~-OUvS+fM>fnf8YTJXE-=)hLX9Og$8<x
z+q{mkr$rn79o2ntU;pZ;Fy9B?t1uD%WtqWn|97mroIwkS)J4<$@x^evTE_?{+!gQH
zOhWD1q&6HCprrgmMk%_wS@vEEGij@CEugHrx%t^%*Qa&4Wxdme;<3{HE8tW4gSQb6
z(Prw|++w@S%VqYm_v_;?ascI&)oSP-ZPPw=Fcl8}@Gf?6DJ1vI3l4Nx7|M{^5M%<a
z1f-NznS=@;v^*c$l%BPQ6yv9kC;>f2OPKf=Gax8%aI^}JD<CKANQ%`ZshkFbiamsR
zDyjsMd;CQWtQ7ub4Z?qB5MhSdGq+zGnyJiFS(J^=YNQ>^z~tQ-!=S$s*I@7hce^iJ
zu6tOpOCOBmUwqa{yRGVE(BCDdVA06hGdt4(7t{?f9Vwd6VXYE#S#*=5o7X|dsUv9h
z<V{J93p&^Jkl^IQ&?LsUE?R(_xO9SQ?%_0@u)iK_udz>Tm}s*ux*Q@%_YuG}l$mrZ
zX{FZE>cUT=+H_DY*>AmRMco^di-PhC;^~x|boHS79)1&>e`269Xbgn`bl0QRnzPlp
zH(~?`kOE0e$;ERjB6D0zKE6*5(pOLxZRENnAL_K_t0iG#v#c~#gP+B$E9j`uYJ^7%
zk4fKmwQr%FnXEU~ieKfRC2vt~AV?H;EAw$OZjp2<a^9&D_+c;B<Jt2*F<V*A_2;44
z!{r@-5qZy-?E4WA?TSLViJx>R44H+=tCRsYxPI+a8GYKvcMy=tYpfu1KSiF+<>icJ
z#!ZEBTSPmEgkd0ii8lke-<$$Px+;yPKBXkN2n%htm22J4A)rhlX{^o6%O;(R(XvXk
zL?sWU#v04EIL&lOxM)O0-NT@O)-6?A4ZasGgC$SWZxDDKPqA$p)S`@*q8~6>tEqr^
zn($|L#2w!PQzCEIOUqjt!EC&!os7l04;a@=@$|TVf)Mmt0M<?dGzfn8aPy6<EgMH(
zASZXz8(LZP1STDjF{&ry6%|a5B^^>QZgIV6jC!<H9l$|j(06n?@j4e4F3jHv_$%dI
z9-<<ZzbKC?zGx3K@%kS<{Nk<I4+6y5w$&VXAe^=JuiJFXy(YJ|GOKfl!+(&OvPwX9
zHke^OWoc{bTzc5wNh6CV85#67`@ztl?d2vR8XB6+w3TDcSo_qD>%_DANSD`Np52Ww
zU*>yhpScewxmzwcW~_}*>5vijZtOKb<5cOQ=HjUrO*3T$9k~#`bO{c!q5`1ComumZ
zG-1D@YI(0*M_Rht8HUL{*d$^&4LID$F%}c=%Dj?BY?a%Lud`%j>1<zZ6L?pWweT4!
zc8e*pn@Xh?#>|Su2_5KDZ+*1<C7ZYBVdt%75Ezb}nehI6;(;6p^I#YSk|nYT={vt#
zNbS46_@TvtoU6Y(P;IP~EdVbm1(6j6RG&eeKGv_mwew%<xoU8n)*}>t@VaN6RlCYl
zg|qBe0=K^u!CSE$CBZ!~ndPg)tx>!(EVc&U;9q_U*Q^X;Jl+fnH!LVFQltpi*_mO=
zh-C`n1Uo}xAbbm+kWvB)_XVpbN?_{T!LTQF2L0uuBNg5vn<UGYdII2DJBYx$D<Qx^
zcX4Ba6%b*Va8-!m9Y+h4p<QW_^46(5ngCBlgRy@mV~a&cn1o}CbaIDu?=yQ3p)A~U
zL;C?zz10eGTtEHLmInL(Ha^}(ZHi4hnhw+3SpMjW?AY5CX|^yvqCbB-wV8LEuF$5>
z?N4eCFHXeM(m@+H#Q`{_Bg1G;nH(W#pm<=gXrfWd=kIA(jhiz34!YnxuK$dXbRcdc
zkB4~&1y|9=*8yydFucUNR0(5ae3Q0+-Itfxq6hrWa#&Qci4#T}t=Eb%3XU+Yj3|_s
zx<o7FCP(F_l#7XGk&AN5L8HmRverY#toe?|W&#0#4Q~=>Q3Ft0!>6Y7#A>;rO{4c)
zu;PxH$~w}47gT;fs=qq7C!*EXkuyO=+H({hby`rC@Z50YU(6UC^lJLy9TMCbqco)0
z=Y9<<^h&UaZQ#fk-OoU_^n;3~O|=ZG6a{s*KshHLY&K~KC5d_v?SHy#x{%Iv2mh)b
z$^WAUaR2N6K_l|-dW8QbA%m4Q0{=}cyl;up4NAaalC#d302xDQ{C%_Fu;2CriTdJ2
z^h)~{qhRp=t~<>LJm*}zzx=)83n1hr$!eP$pwZLoEB;Zb1@Fky=N(XqAkU@T0<zR1
zEIDIl7|M4oG*R3(wJIK6moHKcGI~zcxCR$p1P<B@8e1Vm`JK_Eq{UBQnOaNu=76MA
zq+7{Ce9sO)0X5CV>}h)z9uI4`0YrC0GRn9|acCs5vbo!5I|OqQ0-8a5wZy1sG)OS*
zN$at4){&vcoo|L~s&X@KX+<;CKy{hYm~wW>qB~^M49sGb`}_*>+0_fLG)_#E*7^X<
z$Q>M{R@0gTl}>AadbsLh$9lT`savPZqelomTT{ptKsg;-2yg?z$m&KV4(D)FN18#K
z2j$Jv_oo@c#pkJdL9uMrG@VcCu0V|!C8B8e1tP<AT{4!!Rf}t(Uk7OB-Tb4HCgN<x
zDybyE;!uA9cOV{mTD<AZFVY>aY#uU1*RZd}!B66ftScRa?k9Mgw$G~Jf3RZpr<CK#
z80k4nc^{{OW4L;u%4djw3opv@YrsM2&RhKx%|`iy4wves4)rOnsJC>B#}NI*srYqZ
z%z(om{6G4y=jDO93l0W``mf&gfAm$8|7|aTmC@AB*u^DPV@DBR9sTqAI)xx?c$wz0
zbP>Fqp59#3#ugsRUeiW7Z@suVpqU_S^16>z*3v@yZh95Q&)(NM)?NoK+sdS}crHK%
zP2T1m=3Q0JS7{b#97upkCVKq&GQ+dO^StR|@%Q6q*c{A0Lv1c#Ftu#75(PieNlh4l
zU8}y29XENJFi&$35>xZN14C`EE@ox;Jq%l6;$MK462vu6cF-iE@oSu$tj_@F7krwB
z+2i<WIt%eZRg8yu7u7*djO({xlrExv@h~_pTi#gduq(eaS3}-ka?T#iJF|Q^w4lbc
z?4ug%gmqXD>y`sF2j-k@Pakpdy{R5RDFc&;S}xYvM~P?}rQlJI?WM`~m?2z_ZBxKH
zLV)PPEeE0%)-H-8{!#vv&3j-^qMvhXEu`O`%jr()-ZKjGxXt>s=DQ?E!)Auuk(@(&
zuzNoVW?0<nSHqK=b4RLlk^V*#tHG+EY1RfCx?`fU^a*@RzhXA2fAe9LeGmm8iV{J5
zJ|Y<17iZ;SvxYEN3+6tHsDtc#7#VitKBS(>sx0bkyGET$R-HThR?D9?&M+XJdC2k)
zT8FCy<pTVG==IJZNg;J?q7%+RVZ~a8(dwA&rSnd9O;1wE@;{#FMEeccHO$QGXV|fQ
z5he&JxdJD%f84BsB(qt8G+P{ihOBEF3r+NcG3HA~GAzFSbOt6&s@Q>{Z=x#JYwMys
zTBhvPcU?pXM=W5`7@`HXwzCq1DD-!BJW~?A$6b62D%x93VxN(|1R|PP&zq@wlM!Ch
z52(WgOi0Mgok;|XeiY5?t21C>R<-6%e5oLUaMji;ExNGALbT01di)=Nx#p1Jt&oGm
zu9-WT8pGDdn6hL?xknlMDqm#vbkAZx={AHv=5LKnjdYJ^)(*-y&1o(T;P>zumrtYK
zU!t^~UPSo~5%!B0dOWYkiONRrHo~(!fuOg{3p>J+mgO^_<GE)xX~VgZ-O_sB5uHgV
zd;gdU7D1gcJ<fO624gG0qtE<L%{SEUiWj8$ch(`Y`Hc{45vvk)$Z3+S)HJBNv=`Hm
zo^a|&Ok6rE=$@aOjRkxqtr+1}=xJ|OnD;+?u<KrOMmWhe1VYZ@`RPgci)7$epV;#N
zjYFahRye#8tDGu+tE}O3__VqC>jx3v<1p;BJ6eM#AY!rHXuG!nS!#FB;+1?--#uZ~
zMd2eVmL5DAd-&t8&XII5QmusIPeSt-2?S}kMt{>K>68m7-0&~zwxM2QS|wUjt*yxP
z9HA{%VJ*Q?<*wDl4s6-_2h+N&x}Y_h6kj81U2SY`d^&G0VnOJ*Wp}D0&+T^%*%ZIr
zZvhTFbm=mE>oYz8q~XUDinzLnrqw|fN|Fcm)NR4In}rqcQMa|_yw@NA;Z7dj&OSoV
zpcjAN=nMGoT@=AV{GK7xhKx~C%v+e;T_$=~SlKFEp$2S!69Fv?NY9Cyeaj~l!upGs
zP`@a{HAH?><lBu7Z@4`S<wC1bDCOXgB_I6&z<=3fh)ty+Z2PZbW(52H!ifeT_rD{l
zDOH9bVPZhVouQ>gNvT66nlW$7p25gIe6NA8ZfYS@Tg8{{N!aks0u8j9E~ta{4Mh23
zwO@&hizd%LFNP*xB^0Z!I}0>7_Rx+&$b5SMy7aglZ@OIHpMB`kf$_2w=HcisSq-Ry
z<0m<31rjN09ss__O`N9v!%s%cHrOlrVxH^>n~A>$!Ut<yG*8Jc55gFCe!|iNs{)*(
z(g=LekvNVMjwoxGdCZun^vEQu!noA81ccpGuo+ghc59GzB&%IK73!VXa>kwmE8mb0
zb_E)ITK4gOxWw|0OM=iGY9%Y~VZu@7RPA}p41zg;Y~ZfD%I~os1qgbqFFCdr|G1>O
zdBru9tBAy_5V!HIC2W1<0QA~L=+u_jDDOdH;<yo;BY-Y|TNuh?j@v;upd8E2WnqGo
ztn08a!!tB6NAPO6>;;T*C?<tn;jB)<a?fSyzw&}>>nkH~;Mv%vl0)g$xvvHWQAB9O
zK+gk$KG1!kR>U1v1aq~*8+8O-C4a;~F%u3|a*yUE4!P9)v1HW|#FkIs&T`mz6`>Lx
zETJW@BFpC<gp`Ps$I+YHR?m$%XfLO6V7q*N<Yn8GX}7K}*K`RL6-bW6I1ug%doXG1
z>$55~B?TjkkXCAVia|hjwf)B?4xsiH#{%F#Z2I*>Rf^@ZhWI~hs-a(|4j`73V-rh#
zsuoBIc9Q^QO&kXsuWCd8gHw^m|AJFX0osy@^?%TmT&h5o^l|5jB6ouI<eQc=-R7n6
z(C`mX*vQO2g<FdW6h|8i!(d^%dH(>FHvbP$kk?wZ5s8u34ge+EC)iV!p?!xTCsqSC
zuOqG^U2hrmXd&|TQbD!$Y8%<Eg&uOfu#zYS-StcL*G>G^G6FtYo;9$e%71_ggZ>Yo
z*7!x5QP#^=8eh+{B_#syqIm=kQvCb`T?Fh+7teV0osjg)l{?gQCw@&%;9QgqHUG6-
zl)I1AJMT&aC{p1CO9+unyEesxDx)eRkEw_WBeyj|c17{3v#g)ytD2aCo5O`dZXhF)
ztV-*nEOuo>1n788z4;siB#hU7HYU8SPP0bOT3w2nO$Yz}92>NMkyN+F*$`v|eH9Fe
zHW{7qiToo}_gc^Q9nuOx;p$P8ANZB4QLcU%sZh88##1$)PPg);9jvMv64Kp`G8}yg
zrE2{F(Y;g(J57(diafD53VwQoV!<!tGwACYne*acWAF4lgJCGZ@1O8;eB(U^6T1E(
z9VW`%j{BKc>(raw*R6WyC_dZ$L0aYUDcT%%*Y>|Cew`PZ>%{&;)bsp)!_ay0?Sv2V
z;YcN*GSjyz;RE77h|1D~H|-8Oo|ih%RJ!FjzeQ9(Y7GHMF5L-yu-!wx-jXToQ{{}z
zdP4T@%5U~>ykOkybLkD<w1o=Y@?7r|ewv|P*Xz6wi@anb?h<jvyj_wK)~z^&>stsu
zVLmj{RYi5rLWuu4984~daQa~>hKRa+=td0w3H6@{D&_|FuirmNx%@wnB6=kUr1HXe
zs;MuZ<h)TnuzJCchk%I^cz>r^3<xIu5%u%C6j*EoGkLrjx!L|yh{cUxb!8BSu7)^N
zC@ikHrskzzb!S?$hyLXHAEA?Ou4HNKIU(Pj?q{ISb^A%K|IO{tujgy%02Pe8UAV4c
zNYJf@wZlUId~3&@``Jyxu>!IKVDM^T^Jt_~0DFiav&*cM-N|~rXpLf8U}2L^zLWh~
z+NGDhv)Jor7EJNqPIhGJhdTDJgku!zC$s&+mkgNqmo~iLKgN<Bd?z4-9mC@kWxrzL
zW@Wx|*gZP#ytsOH14(_Q6AaxC=m@Fng$&#dYzeW=0bPtCU&RN#M=`(J0C)1pDF;Z_
z+Y5L0;GdF*w{bDs|8@nrC!VP7P81nGhG=|r)Ztx>QfT2$71=-Rcjp~E@>I(B?Cm7|
zJKWdBNNw?#1o2MCogG2%!|vCukG22Yog{%FI-Jn>^DN;z6d?7O%i8}W>?hUZk3^F&
zX_w?lNJ-Xsgz>rYD{$m90Bdr2vg9j05aF!RZDPJW8|HWyFEd5fi|}4W@OOI0g<75}
zGR{*<NxFg{(7Urd9)`3?7PKP&!9OSR;f71xZCDz}i<q=$1PnW6U&NJRlgrv$KtE>}
zDJ8{;TP)XlMYWc3qebJCJY&}>WpTj02z)5(W%sv+rph*6Ku8Y*z{Vu^h~ZK)Z<F?Q
z<T)FA1u3A3L%^J(&sir0AT6E|pHW@7GV8+0JAu@=<RALv)$&2EKnu@Zi7Xn`Mpxb;
zW2+VgmymNkAng?cwso$8`oipN0hDW*0{l_ox_q>&&Sju}QKxkz%=#HK5GlP!qLj?+
zqL`Q9ti+tqGa?SKVBP*m=L%=x+^bTm13Y(Sb<?3>_q_2Y+34#iO$d)GSz2a90>tuG
z&zDPU!Sh*R!cP-=#>OR57N{=Dvmkc~cPKDOAETi!pEu1wz*%0nt>=LxfN@J_+`zb%
zvv1KAams72VnBt3GczvWeqimHnze@P;4R3NcT3*Va~A*;_(gn6^v%CS!O{u)hl|tv
z8ZWRA)Xoc}O7rM}!D7SXe~nhaI(5xgz&dlSS4eL=Q$e<vH!RjBnKmcv$f=pLPFBb^
zKTBQEqmZp#KEp+sZsyf51z`efR?eV-4z7>x$x~ZZs+9@=&>1Gs;ZI%cP6=rFF!R^S
z8PeI!BEULZX|o2TPuP*|e%hq^>WSGr&#3Jlukd`nSOfCo-KqsS014;LgxB_Ncm;|;
zgRJl2>>X8JVx<DS0_P>8{M@0mMgP`vu)v=WO6C=yz!R(nvGEF2f?Rk7YC-V4-DMyl
zAY>Q0jkk8GX3mY~)??OK^?-bB=b0hvdn*h8xs;3F6T6${HzIHMk!Qd0V@vkuL5atY
zrZ7kLu-$5Y-ZoCHWo)|&rph>R5&1vKo;5u9dptR@3H6+2HEd+xwNquYY|^!eV)iQ7
zG+P$gCQxEf5m#zBads@{bqtryMkWg8M;gx0Cv0q^u-Y`CY)$vZpuc_f)LE=!$Jnt0
zBnK|I=#e=Xenn<|=b5o|^%A9D#up!J0j~_oA4&U8rbL~!+D(tnm`xZ1Wy!_SI`s0>
z!VwXzh?(qBigfB%Wbw@L+F=kweb|w*EVQ(iKJ_YgjiJM21>01batTy2<ZV}XAU?g9
zgFwHJGj$bqy_78bGIou=0iJIBoX@XBfLchl$+367(E&6bp1s~%BgMiQ+osw2@3rNV
z#gP#>Hq?XISB5JQ@5HHDcuuGb27&cSEJ^zJp_6w?&?mjo9aC$|{_IiZ0E(;xy>ysl
zS}i>1aKWVM-jOn>iFs9uzOhcQ0M;T%+5&ogDn)#HJxz+bC137#!i=?vRt+x(@b4~z
ztqy4<M<(L&D+?Xhkess7-u4Ku$r*dgN|Yl(ws7l&QnL0^gGDipHoD&0SV9b>sC@pa
z**5R=!Ws>xfC+4n<;bf}BM&AV*PX$3YT_*~PqEu0N52-sZ(WQyBcB_M4Ws3nmLX&7
z#h{1Rs&z-zWNp00Sdv~xF<ciVfE(Rf8{7gx2#wXB{E}6{5=*MBf_^(Y%y>DfxHXZH
ze%ZF8q5+}%Hk3D)&Es!CW9w&G%ZE!%x7aH9kfZ@W@1qFU#8I@WYL3Erl0u1C5o{H$
z%tJF}&s-jw?nTy0F7{#EDXp@!70qy6(&po-1go75YqxTG&Re)mv$@VkK(6o&2nO0u
zim3j;eGWM7Fj`~03-wqp{Clp{;dLr+_6$C_r>It|nxIVD#n|k<G7u4)_0~$y-Y7X{
zV1ZrM1%b7jdIZ6)Uk7qUrV&XVQZapvt%yf8tMS$jayHSTIByYlg0{*71VDVvLOI2I
z#mxWuOtm&5t1&(}rLC|AFjQ(pE}1<*2>F<kFE8NV;yn_4#1FP{yyTM2_Y^|m`BQlz
z;lzU3*)^`6l3~R5TP?;!t@<<Hn(>=6U9v#uW<m2W_knKFgZ;&p4Mu`OA5Ivw%;ppy
z*+d+~O~>q_q=_>eLiK|E^A$7KOoIJ~=@9v`X3-cvM;w~#vTR!bJBUzlYf5~QnO2S3
zx-CWy;(vy4<eTxS&yTb4DsV=oXjxNKaBr5>^>X%+m<WW<!CIYRmk>gFU`2CB=B;eV
zQ8yDzro)`+wyIeXkCe6J;+_aj5X|eqE9_DSt7bEGuQayIlJ!K7XqfO=!XLD(V%yg@
zjmmtNwv?bM!gc=u*wvU`)qePeomanNSJa-5e$&cxSTfv&MBqn?_h?$J_iIL&3hgiH
zxW&~zlRTx+NXQC#XDgkl$zkbMv-3(0r23wTL{9bQN(@}}+Lo3ic%X92^|)6xAv8W@
z=j(dKVyb$Kp5+>SpGI-9r`|-h-`xE<#oH@2Qw@!4lYn~(&=5u7NNHCcWFAr;p@oJp
zH@8Cp7e%y8R}M81|Cp!()3=#U*Qu{tgq^;u!e`3Jj}Ssftiz8ndo+<i;1I!Z3S3x&
zK|*2W*G(ihE=#P)fD*DDAr(#CrDWNZs`Hmm$gF@%SNrA#5KW~$ruPW6GgL`z=(en}
z=1iBfN2oRj6e(A%Di!j0m$BH;Z)h#X{N*$M3826HWn*ne&tP8uM^=cyfffZ_G<Hz-
z#|Tk_)qIdmubTs)Y<#x8W3jiaKPKaoqaX1zwWL=RJ7_r4S-xpe=|H_bpK{j_rQ^oW
zEDqhKfcv*@kqzvYDyB^Z+e&(keTBSMPK4aDyG|4{K!N-9i*+d9ok?X1%7Au&_a{Q$
zDx<tC8U?bYi!3EYp(niio<fOjS-}4LzI>+ivQqiaQ33?FJiGbqWZ&wkwJEHLQtNWp
zkbERm(~GpevJ69Yj=~^B6IO$`ITs>fUUikm_WFF)i*wSPKSR$o$97Gt7U5(++bE8a
zYfbq60AALz#WxBf=Fg4REZ}ViQx56F_(`jm$?)i9i~)YDy^QF#x8WxAs{v%(;pReb
zK%B@dfJJ@a%5F0~3mfWPsRqu#GI~AGc*!E9{4Zb1v7w0s_jNtngQu$+f+uA5h8o9o
zH7x>%{^fQnlX@KIA_57YCzBW9z#jej4?TNI0EpQ~S9NtZpK(BY@MbZuV=i;6iI#re
zpK|9LZ3O~{EJ4F>fl+Lm7V2J2T8Q*9BoWvXfm*blDkueKlh;d(ZeYj!_Rg;zjQ6GJ
z62`-(r)d1)bWGFN_X?b_EV4J9rRJTA8u3>>{kN<04)(2yfE|%|Xi>LMM2jYF6nRk<
zK)rg1F75^Q&!Km{w($0-qesx#om+L8S@6y>hHi+he3L;{S&C>@?_lkRiJEz#tfaY*
z3b3w)1)rl)V2x08S{<L`q@1=j>sJ|6RGXFV;TWj*m+UUVn@63-tgw9`O$Gsuv(Wio
z)SgMCi}tbv!GMt3;pDABv^b%gg?)r7pj$|b2!TV~v}NyvO6BG9FO3FUQQ6o|zkJdM
zg}xd4yCVLSkmtV^7i>_F^&HrIE2T(!69!AXHA^82l~esYUvYI6x_uqgIu6yYA~`;I
z68oBRW4Qu<`goKsBYNSaDOveL>9!A!k2!mDMg6&GBO`|7kj`{P9cHPh5viLTph(ju
zcE_uyPp6a1H((JOB{|qJ`PN1fg~fwKDXldhbKYmXve)kj1>Ws1URE)alppCWpGQhS
z;6)<c?gcp~60Sa~S!<c?rczFW^4vtp=MYdrai|adZyY9#1^$4hf2D|H(?IkQ+icV)
zeA~Ld=8CaTG-7i|E!;V?C;?+Vpg11*RC;gEgAZ$uu<p;sfQ`7s8rxt5%sBRU<lcy;
z&#6Y_*I-1(JHmAm*zS`ajax)%%%nTyRd$X|%?3h7q>RL7_3>GMvN$K=vL7o(kjg@9
zd^X3~{~~GS&Ig3d&9)j*+(Y-FEZ>8`Zq5zQa_E91Vequu#}bXpc^5PQhAxXt$Q+!%
zC&?`_S78~~7wqnC4hcjFD3bqv5(lqgW(6ni;<AloMmEk^bR`v^)11AZptLr$d~aKF
z7Ohs&3-Wp%FmceR&}pq;OQ8{;p;b<tZ11$)x6k3d<ehgHcxx|38}q+9TLyPdP$A)r
zYiaUaU=>}egx((Vsv8IfyiAA?;n0$!*tGfiXUZOLsvGwX(e!Z34zxa-$(Gxd>vso|
zz5o2;1@+RZ&ARcEIjZ;3)*(`hD-^WS!=GxE@akN{R}LpSV^KAV1)Hup^fJ?PEUBxw
zKVGU}ko!*D7o`HM1hdG$#R(Ezvr2G|Uzt^4MpWO$kK;(&HZ7Y0JTeZj>kG##604(S
z0~I7Lh~C0oJKel$9A%o>k<smb>6@CC!tdZxU;)fAFsDt<6%ZOTSr%DHpDq<zw-lbI
z{?f%C&&?QstT>lOFIS4!eEA|<s^s`Zo~UyK_^#L@XJq2D8jtF!Kj?m-Ex=We5({7|
zY+7|<l~AOCz>_Nh3@$_CAa5nSq-&Cj1~y)_v6Sa_ivAHy5bqFs7`fqcn``s-H{c0B
zGS%DJafOjAS>tvo^Pj!)3o=LOQSccvy^}9+tnwSY<PaO&ObW|x{hgGmbfKQ#jQh?$
zHRIqU!HC?e*jM)mmbSJ@U0>!6fs&jNLiNbn%?t19K|lk5dN=RRuvc_uWcn>V=7^p9
ztC1>$Y>n&As9dAY_AY$70@`)wQntKBNbp^dlvTAlpFI6#!;CkCQ?9@h={fy@H6^d>
z7ZaBBHq{5L!*hLx$62lsk2&Z1Su^vrtg$TpqLv2A@qJ%KM2H+OHys6L%eJK$4O!ZC
zwb)avl@%Fal12y-?>pMl<nSk9t<Pm~wT)n1yCK>(yzZ(k0?gX2PpPGub?BdUe0WXv
zZ)7vV9D-J%hmLF`t`_XWVv;VP%Z}#~xf|r2BlAIUV69Qtf)}>jx|n~si=utiNde_@
zpR((_;A{_(3F$Ylj+2JAN(QPUvq_TDZQh1PJ^y=v)G0r~-w@G~w|`p5*cQKIfkd}C
ztMT@6Ry>)n^81wDx>QigVYedys+{|#QJTs==%c0lK(gwc-N>suy;h=KFyuU2%Le|k
zf(lf@jJYag+$@HRB{rp=|A&5>d31BJHG8{U$kf$4Cebi{b(0%O=Q+L%dk+Qk0zuzO
z6Z`=n$LO$@)J;Ha5g_{)`+?c__wm}F(4E1_(r^Z%T{50@QcS4I?H+kIB(mUSgI*!a
zKU%edas1>=+BT^v>pY5-!C|G0=<?SL@W+|+)O5*;n}3of@?M7y6cz-aF|Hpx(vT{j
zUHMt=lz}=i6#A2|F`1EB#lMVKe(UE@k-xzJ^6)SGg#L<{xadxU(q!IBjs|n(FNnrd
z_jjFDZ|EJ;{}2+Je6bl18R0I++o(L0d@0k|6J9MJ;YcW~{V-U$y9h}AZVLRB*^QdD
z`6g)yOe|gNrIWeMNgJcoXa4JX@xn}Fov)hzr<AnRR^3!K1)kr~*xRCtHFj%}CLaz2
z_|(W;X4&+OC|_1=(Drp=pBx=W&eu!BF8L!XS#S$#Gc+xZnP6Tq!w^>1Y@r6Zk0eNu
z(9qHScAt`yc^~tOaNDaNbw51KMKWB_lw$V5C_z*oXia(0Krh>`jDC0DvA)5PXRsw_
z*m%-Pa1T-h4Y7Di6t<7tuT{l?>JHif1-@Gm#mFo`+90F{o9_}QPQI?+CG6MMCDRi9
zb|ZcM>Ssl8yhXSQMICDm8${{<k*lAc`TF+<fZ&a8&6X|EaO9Bw-!(TU)fC8XZK@JP
zNGB+0@I0b`_o6Yf1VfB!e~e{aKgh7E&wnBNpV+pM^K5+2)wAqs!lO~S%6OA0Ku{~U
z>k97&Z}_M8rqLff2HylKgi0Z#_|{jnoKLY*q46`t5!I?swNjz!GewUV?!mKJ*Vli+
zeWlRoIU*r2`h*2=^02a%7nuFFp6EoZdEocT&(V%StN(#J(VPgS6L_qH0+X8E3E$+b
z8A$g$ghx`@mm035d2IuuDIZt~KxBo$8UFCaadNzY5J1X|))7W-(-8)i)cuzCn7rAD
zY6TCMEDQO&yEpwckew#V*&0oZhAE0fzqdAM{C%-ciW_2NAdwj-jpftXpdJD#l-QK<
zI4v{+Yd7?#Gnl<#;|@W<HiJ!Y6{$THws;#_L-eA;SYk;wdppEr@(7(gpoe|Syx^zC
zV?s%(?^6=&Z}#qJiR%zSaX$}{oq{CbTy2>d%p+EaKJ%{d?M+Ca_!V<m2_m#l_`kx-
zJkseP&?7_O8ZUg$iP{d5e&ISCg`<KX$|j>fafvUV8<rMDi6(d=DNh*!cRG&+doDw%
zmw?$F8Nowh+sO&L7uLHOAj)&YPqK^JHj5D+$!BZ_fyair3Nu9Fi0J$KRr}hxM-7}w
zH86&BexoR0101W3efc>MynCz^o*(2h$C!bC+cenEA?Sf82W$41zo&{@4iWo`xq2jh
z4H_fR?&eXSnJnR8(mFg7(@p~)3D)(&trO-YtNYDA18podz8(KBpeDEncuNcE)uVSb
zS?Lfu6a-^zK)j;c41fHfM`(hN`EuVC{)%ujz^(S?d{AeFMUUj^x2<1Co^UgHqMaEz
zXx#J8jXzWHuzVRr=02bzxT5kq?8=c`)=nEg&IZb`??~SPnDYmOl#7c~<w;ymJ|-I^
zh~n?GqE7eRU6FPNu&q`%*VkOS@<|<kDQUKmTT!okGH51XpD5W=`$m{0GHC_%Y<q^<
z5%X64$SsiSNRRLngKwGk>B_{thSj~M{!;HC4=d(GN)svA2m&D-(vuUc&=^(p*jX1=
z)rfE^0E#($%U*D?agd{qFKm}uYkF~D4q>#<d=8?u&&!brzz_TXadl47eRbd0Z`|0n
zZQE(m*iIVT<_Q|xwr!(HzA>A|wrw<c`+wfM-@e*=oN+Gq7;~*XKXc6(3v~xTUDG}W
zI5bd$KS~il_U|ksPc#TC41;Nf`0E7)JK`c8O7s0J+GB}z3?b-|+NRX{xwIqQjTqHH
zD0@T91D6MCc!rAwaXSh4_p9~x!#<-c6eA!gaVZoK@uY<AxzY{ba==-r@J<)fYRNP?
z5ix?Gn!%Av)Z60$yoSuh-5po5#ov^k6#AhP$8-XbwIc`3m}i#MnfE+gzg2Mxv9B$?
zF*WD-+o73_$E*k{1sF!6ZqTR|auMLd|E_Gle%H{Pk>6I)_1a#8KyN?mfsq<pvgdNR
zS=?khW=7$Z5?V;-;jjhYWBTeOBA~NY*{VY;R=CZgfl7@GC}l$n;6Onvi8<)O47C$c
zxkRQ1;u~S*_ARIF8rr$55j7?CD>Ew+T7ILaU)L7u_C~i{LvN^HrR1vF2@U=ufL~*U
zjNn)wX-5IZM`Ih5bCeyx<xq!dRIr|%pS}Eu1C6mJG7&`1Ib?@YLl+@_E@}yDDI`B+
zRHJxT8wK(PF1b9phj+Ay2#y4Wkf@(I7?G%7+j%RbSCbBYG7Np=ZTC?$imZv(-WN=P
zVe?s~LORaOHcWE765I&PLv@t#D0Tlqk5K*n)*b6^C^|dGG!7jTeMSazjaPs0F$|4o
zDM2KyDEElq!S`=DAVcsFG^otn9P6EM?bX1MMloXylrUYDOlyBw=N&XEP<N~gjbT<$
zuS{!rlOqj@ah1Sd%f9ht*lwBT9c2d29iD6tvoB9h|0MFnx*v2gVpxKJX)s#YhC(q%
z<{@S_r%UU<@Z=qIVqXu_8~}M@3WR8aWIY+*;M@AvJRy9exd${o(ceaOKV#bpvjkWA
zYSP1iHW!ZeB=SD4$JdL=nT_)s{(5kaT{&BjS9{c+82?Dn-}DKXYdBw&wr$YzIO;Z%
z?@!i8mVH+Hyguq1T3^(>Va*#{Ux>URj~lNyNW<->cl2MwX*^WjavjfbdADqbi*#`7
z$bqu!AWWJ_5S6Zc7PnL6lL0NQHn=ZA?JfbZ33u=|Ym#(Oc@BzpY6(`(>N_^r?->qc
zY%y{VG|G@u%zAFgBGKJ#e&VC=)U9XqAy|F@pP1sQpW&<*D@TY1AtDdN@SDAs;<2)`
z)^W9WfB+rs5?fzT53p873Mb1?($%h*`&v$l)K)*CGl+h_>sZwzLvLFxht?Zo<p_LP
z&E&x49X3DX;F@q5dUd`4H8gGHI=1pNpf0a(St%1P_g`|YZM2o)6<(;XIJH-e`m}*;
z3Eb6E)*<*&>5{(h$nP#j_LDz}9FA_RKKP=*w@oFw@Sj)SY|cSH32p1+{9Y~SF)zmZ
zcWMxC?|vFF@(__t&XURWlH7zb1!Nx!a%&vB5rN-9pFI%vtsrqup()<M-r~3GZn7(3
zPt?4t1hOk4+>3y3+@gk8|2!WrdKxh!_dgY1I-kIzd=s9WcriDXwD<kQ9MKxR|19>Y
z%4mD#<yz!DWmKYV?yv9&SOCHfYuaHgw=^E;n)NyJztzu}mvt1!KZcN202l53IffgT
zgo%aJ@T7~oJVGv;vpq^#;;@FR?rvPH<tW3Gf%U3bX9HQhdWtSCPkk~2f{zwlZ|~0>
z6ea#{qp`y&7@dMN3=0R!faurOzK~<0iLCTTK%yX%hJ*CW-6v^)N9WgV{WFfm)~gcR
zzr9njX2m`%b3&gmS=%00Kv+s_t(1G@O?AyY?A14`AH-#Weu>bJ6%c#QBu3bIEAFH}
zm{4plh4YTy3o8fz4o&^;@+@Zb(-=tW9{-C;-ZC(Nb_F<u8eLqsnC3W0JaTQeIS*bz
z-T+v;;b>P++@NjuXHgX3T;xp#1;83KG}XPTi|w$5AdD3W!Oi{#92y}KjlH`(3;7Se
z-?)<HfOo0=UoXt*;-#olNgtfZtt_(2r~OmL#U@u`v%q;fJlY{J^fQpa7p8Nsi{<N9
zu=2A|@*WIJj@5L3oDr-4Fuy-o)s3uWf8Dmk8*_Hd)_~VDp<eiBu+6nkI|LBGef{m3
z05IS52O+!>!k_`$IAYl%Ka*sfIFEO~D;-rbCshd{*A_9Xk81CFPNS766Xk+1_lM@u
zxf75b@;BR4UVmi2?!M0>6Bm9wV;~M5S+aa&g>L`lzz{ApdWO}^&YS!CmRmJ#XhqRc
zp5Cbpi>XBWP^8R}BQ-~WC$7$siZ#ol^L@{XHzi31{n!%7lxBtd4V^jY%%85Xv-)nE
z`JMYWM`woSrYJj&0{e-7rX(_JNST$;dlJ^~uI70EVoE)CqEa@?ic_g?m7C3S4@E`u
zUv(;mRciR+Pt~A8=Joh=)aR_-AUP`!=Bte{)JK%%awHf}5p=4UiepaE_%!roMyh_z
z%A6|jNe-O=YHr9mrK=~dEm_k_$a7GqxSdKp64(__$7m1e`n9C`1szsRhXwSU%=$Hm
z`8F-0&64=COEw3t!CZOv^VTO+c7z+%IkGjYE%)4Z*c*j{(rwnrb9SqH&FVh6_DcqZ
z{LO7A3KtNorGAoYEyO2G7u=m|DKh+e8<u4g-<*~J5^ER4GW}XM?@7*F`a22259p(N
zddDQyurwz>ayL(IE)^4W&+H&?pT^ATopGFFE5|wZc=4H=-6_59<tTbDg}q*ELJ9|L
z^0jSl+IfHBa!j^LOPj5lZbDHe!xS`0Rfno^f7Eb;AO>$-=M&7)GR*>*p6TSeUFXr-
zk(q5Eh&+l_Q90>?qa`nUKzTM}=9^>prdYy@Z^s2v3V%-$k(!qjJtFh?w?+Z<1tO$?
z^`Y5uAA49MN%FtLvn}W;asqJL(Tv<97h`tou$eFAx_0K^@n0puJYZCbGF+*7kK15V
zS)N|v#6I08D{)tr%32CgfBSh8G#%u8aoLvvLRj66+5#@)8@}$F)c*d%?~oklr9pDp
zC!4VzXaJ_25h{GUw=9_Najo%V4n!pL=<6-?7%l#T{XW%*`E0f*i;I`G7y=DPQ?vrX
zZ_%-yJx{^2N7A!~g~Dx5XnNR>e*^!I<FW%Yl6C-C;61YGE8Cq@z>sYL!n;5>+UuAj
zkl#J+2`8W_7R%h!XCe%;6w;Sq_h;XSJqq4`IeNPDGNC%z;~x||6Qn7^jGkkwCjqq_
zEG_MW{}3ZLTomMiA|5GAYJEeJGllnyvU{-`&HwCE@`gbwdD>?2CXOvc?k|ojNDvBS
z@q-)rZGlq6yaV|Pr%?7e;C0WLt+>?>^xQ*qOAGhY-?Mki{OT*ar}vfo)gK3!kUY>o
zK6H?RUq*whQOTfJ*vMMgxuZ>oJ)`X9S#i5tLr2_Jb-7#%cTKtgL98iw1G|8qr{Q<4
zx`6#l3E~>&pzP9`<Uu9aG5}9b()w$RrufMZ&gjyr9S%cGmt*<@Z_Y^ZbxR#Z;A(cv
znjr5UuQyjqD5D|Q@6QCQsUUSdoqDZN-_Ue3Jj~2l;VNnDaHx9++T&Uv=+SX1SArmy
z=BuODxCt?UrPC@z)>4U8OlRSa+!e-d3o3N3!Q?(fY*%`fz9F(Tj>4yPqa11E!Mf9o
zP<Jr45^)&H5PBzKNaAj=G8XCr9M$^vCNNCKZ@r4yeYIbBRvS+Q@)B^&n+r(|O|qGv
z<$n+BJf@zoSL*DzfJHZb;gu8unIjmW9(%%{-r%Ze2$RL%DtO9WD&$cUQx7^Bljx=#
zH4hy0o(E;K-tMQxEsC4ii(aZLk>r^q=5^O9lLQ8>^C)~DKzeecA8kPda+h3aOe?*5
zyEkfW%(%8El9tf_*#BfR%soU1!x&pO?i6V%_pEu69<~EPym<1K9sCfDW%hYW-8z%}
z2}5f8!D!G3^ZKmklmAV0nA4YVbYu)oR8JiW_aM{nq$8>8(kDNlE6AprJLR%)ILJ9>
z3Cn$Xp#Sk;tu+Xo(Tmmw2r;|hDJd-u2;NuYmsUtBE&RTE(j9ZHJs>xZ?ixtt@LQ&k
zoj|s_{@kkcj<aWP*digv>|3StdTMto=8ZCvjNa_I7!PGBt^j|Q1wYpI7mMWRC56P_
zT~x3>JR=b^8HC-_DJzp0Nk@G-E0m5te81_THs)v@eb9`&k`XTI0Rax&)R%Jo8I~Eo
zU{43Q9lEgVx8^`zC?`=oq{P{Ur109f8*7APa<iqM3>gXHE7(S+r!Uy6M<b_5sQY_l
zK0bNVY4LV?cBbM)u1AT>YBS~7eMK>I=2k9=GtJE6@JmSO0rL{S=fSo$z=m@mSFGXo
zD=L2L%LlVof)7`n0FL#UV5pqvT$S36nS78;>Mq-KoXEAR>c1-wL4?*|=W6gqZIz+a
z^JJa|jG>wfXr8i!NLv+n&!UWyC9#7DEd+P-aObr_%c={zB<drmYlCR&ap>w0MCD?h
z^*S*wYUE66HjWL}!w0809O{t&$n>R39HJ_nYuA=k@>f0qz|d|`{#2`5iZD!f9=2UQ
zC!Bvl#xsu(msqK6SN7D^S2ic`s)GGS+>Oh>XuAKi!sP3M*tiO|5;v2A-znK`Rg@JA
zb_HnRK&`SiA7X(jvyy9$!3}dtUDHL`hmf$W)iL>3?z9^BZ^QYRX6+4$rHZT*ST}gV
zI{OmM1-tuBpfhJv)#G=W-u_2*E3L|!dTFPu+08+*NK3_sby}s`MRmf)Db7OxpT@hs
zel3wkTNO}Fc#0Z&z5~QnmMxf^YCjZviwc(X?$$ZXyPRr1bRViRTb7(k+BJKt<ChsM
znO6W-F7v-ypdUi9G#so^AGmBD`PO&mvjH&fBhmmML~9{7s>9nFM5!)$;i)ChPh_Bq
zHj>#*`#bbo^Uj}~bi=^_a*x6`OlX*9Bwbyq)?p1#wLgoFx?@~bI*ftJV+g|G%y#*k
zCO)rU5FSVo)QQC-ULmC_6brulLBr3dO|Ct727}fl^$_75np*zed!eOv!&7=<(YKUi
zhGJC#2~K+cvt(iLu<k*irxCa;L@9!-vyRKBCA25EC`x7mgt<h9l<(Try+(H*SkChv
z+v;25fv;e%6~sp1amX6NAdUxkIn7@K3=jCnp5&XRzjj4|vc(yi#QSCCU5jg`FQ9Al
z7xg43-I_;-XT_=?no5w5h7ogdja~ma`tiQjHa|ylP<;6kAo)KY$~I&wu;Bk_<1`^g
zFoL!Qda%g<=;F42$N2xhn`Htkg#ACWf0{cF7zF_9OJIii33P3lQzxDDx30ObHRm*!
z$p0Z|4Z->o+<GEPA|EA#t{Us!$S+g6F*&%hQVa$rI_T|KF{(aJ%B6y-JSv3{=1Bq$
zR~Qt)z4?`>-1E$bJ<D{hwEXYii>KZ_zpI|B&&{V^ZpF8=J7kD*R7ASX5b~jRg1qg+
zq;<ged%vKZaLu+sX`b@6cIlIoi!isi^1hnf04fwnPPl9vtTa!PW#C@a+?yscOntJC
zT-jH2h(TaH$x!XOgr>K;5W`UU8fUJK&Qq^{2}7V@TLwyz_PI02fyPs(pB=8ZVp|((
zOXb=QYD@VaIDCZZtJx3Fa4|$<pwa;Ttq^$5ja0qy%Y6gm7LMNiMyGI;LR_U4lXtys
zX77K>t^6j}KcikfLO%Hc5B1CRl^*Js`72!A8&#yHI>&a4$>Sl^o5qm)8&l*K{c~`n
z%QauzC(clw+WBCf_Bj6f-wCJ8&&pi^0wZYyjce{wK=V3I;Jr+-;{}`hvs5YozW|7g
z|C%I0I>v)~;}c1vB9Yt`Nf&vOPo_qcyzixmiRX~Bk6dKjNLET?TuG*&A|Z!5hry~Z
z`74~>7<w)vG942$qCA}t(*<%sFoP*jYtNu)rd%H1UDK}VNXLE28f@jlRDdkEBTuGo
z4-FL&JV}5%>n7T@bJMjaT4bf8{}G7JnCwjDR>~@V(J^S|t0~^eppZLjn)FZX%36}1
zWKubeTDfr3&Dg+YPii30CD}hm=b??axc6znZ^}JdrpTwUT9#pF%&#vNi5w`!t+o0p
zhrjhlED7H-ksEicc;$?+MQ_WF>dB4g@5@ixIU<tUWV7O&+M;{=+p=)#WNl!0%Gvsl
zso^Z%Kl0iQylOmdq<ZHUxbp0GowJ-|T9%U8#;H<U#julB973y1T7REKR~UD5xwJPG
z15p%t)<mNIMvyB%VcUot>?AXB+w3{JU7dUIOk>91UeB6|d*5Wnt~u0n0|V9smj!d`
zGpZ>@Ec#eZZf-9AF~8EKU0Z<NCS4yys$9AA{u~fm<=7Hx<Ji(ii|;Go_Lz}NAe?rY
zA&5a7YEuH^%EtL)lwTdh*sk(pj_O+*p(3{e$w0lTH{A~zzE(S`h!NOjovc%t^fil4
zJfz0z6zhl2PgQlqw%zZDS38G2o_T%ICJ8I)7w4wWvRY<Mbt+4PdaOX4SZgf*9qro#
zRb#_~>zFfp2`phS-sY6KJdw*3*3vO6E{M%}msNCV4xVHEXBL!*=;Y0;Nbl}T$i7#n
z79LWRB)IHC4p$g7#O%l`^jBonHX2(&IOdHLHFd#HatQUnp9!;w8^5&7E5Eei>11sV
zXg%UUc!yP#H8QlsmM#IO3*P)t!IzmB04`h>)8f+iw#g+8l-}lqY@0)U>1YObs0#<u
zUMDkeE|3@kILn6ihOOI*scaz5X3N817aXSjsP_hvA*C>r9{Y*w%3=sbt%(RRNs-JS
zF}^pcr4wpeKFLjO$ktx+oQp==jVUw*!QNg*FTa&&nR?~=6MVoshC*KH_$+%hx><oW
z+Z}p2{PjX!KI=^P-e76vO3~2~4TqvUaQ>j}F^jOM)#GnFcBsqvt~A-VlbqVQJ#t?E
zMam33LF55wzbqq7?&Sqj{Rb}k6fzI|Tnmb)6Ai_>6LW&KYd<l(Sge6B$L|`YSrm-q
zRijpW*kw{n6Kg=WEuR_lPM5joxvLBC$5`9U471r{Zx~F_#5L2^EJ>jbm^7&o7{@-C
zZjVb;P>eHSCqVb9`Vs-Rr7*r}t6#Q|Qu4)k>BJ6lt9?&;u~KYn)+)OC=>GRkk}Em1
z=lqlt@jgD%!C}MiT8HEN7Nw6-9(7*?{x}7`8h);eOD^E`%_dn+_vd+#JA0GJl|}0;
zBuItla15uYjoVJ8aQu7%Ql(Qq@%Z&5+(F}q|K|NFcu|_E^tg8a#r9Gpc?>C|NRbpX
zHM1i)!k=PZJh>MfIXsMfsjxYVMKz^fzCJ6nVJC+rjis^2KR#~j;79REoW79UmhGtA
z7^TI8p;N%jQFB8?O>K%b$1wxZl}>d8WuYEAW?>_X8PpZCp#R#;q9bE%5qAA15YFiv
z|4sE>Kp6!RPw3|vM}wLg=ILsp`|F6CI`-;<rE7h&cwwl@*)#M=sYTbb9Q%ev<4i_@
z2D$_41YDfp>-^oRGa~WuL#7s~0%~|1ai5cFDL!zF70!V=x#2sm`cG%)FHKPwwimWZ
zRu@w%R-=_!?Yd4sR!Lf^RnHFUG$^23gtN(4ANkf|W<TnUFCEQ+#F)jk)oe+k`~==y
znYbdY<>&W`GM6d7!&aIQ<BPTQMigwwjQQ}t<DVERezs&TGqnExjwvXlJCt!R9bNX4
zhy}#<%fBR+h#Wu0_P9Pl9V%#%aOm7qEWi9IOpz_xG?*)mEVK?1JA6(g^~9-gOjq5!
zrmBiOiq2&eN?6xmlE#bkr_#LIJqbDZl)Y$v2G~*&Dl!6`mTn~Tfdt>NgxgT)(jnYA
z{Fqc;s8VQ`<f<4ZK3bR17>s^R?LO5jB>>a(Z^*Jl5=KY!ftCjYkEkT~IO=@#L9Y`#
z6&;_K(V+zV$M@uEbiGn7(rblYoovn>DZm2uVm-UDJD(@zpf_t#uJ050LPEQu94K6|
z#7X-@k9|R|jyJEWu>Ss%)sBgvBfw)SdWN;hmkgRXQ?6}}ndR@G87ps!^=|&QAka#J
z#58sKr3~v+_S+44esI!3H#f3Or~ja?q9Ms9619of2X^#8rvRYtuB&(QjgjB%a%<Cz
z?32@R-i)8^C5k<m{Kix0_`czVi4Lc(Pv%}-5sLcxDOW%+zD#ZDHJQ#MPvz!v&gM4R
zxm{5>y^MHVbv#F?qzqKXeMp;90SNU_GJpQa-8@y5`4n%DsqW12_8>i<Ij<mq79<z{
zsva7Kaww(o&!0q787&!>uQnVRmaoA?C?;ceg3>&0ZBE!<{AeT>D?esreeh00ipEcS
zY{NTfJXf9vx+fhJhG5FR%6I4GU^B)lj?UM@GHQ%A&dd(|nH~G$46Tp~3#g5+l&82j
zMrKECI1^oTqZ1=CATf(zz@e=22jN~6(+EXp#F&m%KbAP-M37F#POV7Y6@(pJq;m$T
zn8SsnA)DB%y4e~a-L=K6)a3PDvgK}<S~sKXvMlQIEb4MB@_SXcrDsu^fSm2=hC@@<
z83^%TcdI%oaI>lo4jI=O0DMV@m#-S}J!KpTJ7u>{k){tU8c0S9$3M}Ks1)$~PX@I$
zsnMMwtJcUN$1({PsVG=$#*Or|w)h#t*jFvDULTi3jcf_T{8*Ovk-1=k89#o|H!LNs
zSfFiWm+5B2T1Qflky~0KBkxrcOe;uu3Wg1H{nE?>wdS|+hLyIW0=7^3QW_WK^xrXJ
zwzD6Xbr0q%K$g=5A@`U24+pB)^7@JbHR6^<M!Gy<Z84QmRE1D5Hi{DHY+?F#66Czu
z6X#9e9Eloo^FUAnkrxUW2lXR{5x5bSNQ9!oV}&l#FGU1$RHAL{VYT^7@)G{e4DQH9
zLB<}a93APqEd(WvK+tXr8vVY?{1{$0na8%9S8V)k4H=V1q*tT5+E`meN~3;t+EIkv
zt#5;@0ZHdR(T=qE{REOz1;-HB3T<tg{w~)F<7H}UyJG23QR6oOdY_@05_*Fq?VHeZ
zcu7;hGI5<aaw19${$Qv;$4kbtrJG~^Uv}0-d|DV&yyj0iz>9MH*Z^Q?XD(y}K!&CD
zP0PGtP7n##^64{QSk`&Z4?>nx2_9dT02EL+R#uWYU$;9-*7t*4Hvx8UCvO^#qg(lg
zV4SJ`F?jft#P-dbhVL8nVuka+5<K4if*H=PX(#LppnEP64q~w}gHT;?qJp#@><jh8
z<(%XH#O1{SzG<c~tXZCac}kH?zVD2CCZ6;$IM4r8CaV*ZGYIau)nQ0oDv&aWQ@<tG
zB6sNX_9CZD%i0+YZjV2#O%8L6=|&_@_1Na}!j2sUwdW-Z(_9S~VL&R5`&?&tV>6Ha
zz5e%p3Nm6rZj?kx`#o9Jz#B6ze(Zoe^2psbu`J>O_)xeTx%eob7al%Zo)b>JOuABI
z?CN<t#Akl3=fgGN4)3~q)|k?thTY!%vd+gzicZ(>IyNpX;QaMUZgjci=4%}7tBIMY
zX2dt-LW)`fiCL2Aqd+`O4V7QfNAsS^e{VcFYS(%BBH6^dX^1-D)nRet22TpRn`(I+
ze&&@j0Yy~G0-4#P>BIE@JVBUVjdmwJCXQD_wn2YgzD~d>Nkx>Y2!&g}pd4I(J2nsq
zW#8YkOi}z1=ZjYA3)gdd)-LT2ah0mL7vKx6Ip%<NKC?^p!nn@#D@OE%aGgAF#Nq(n
zQ=~VXc_QuW?Z~nJdpw7KHb<!A6YyVBhNeF@<iPH~Fh&OK|E;9nrNDX_{wtGuUBL99
zSl54UBeoH{f?a~)#!6@>(t`i{;eYwsG%9y6G63dB^3WglE<<NSCc|xM5|mRgIMR^P
zpr2F}B!L`BU!c_l5@ns8JEA<W#XPajjr(gMF`;I)lp^;<ZUQ5rF@3IjmY#fv{>AK?
z|GN4vcANVNT3gBaZ)N0cFkfW|6K%qLF*#s%@0O#W7Hwo{m)<GF#_s8Gbes)~Qey)C
zv>)4`zn?=c<h#~B92p15n=bd0LOZjD|Ak)Lp=15|H*|H7MW5#)o+;F2=Bs}6{;={o
z&nlJFic$EOL$kc;YCkQsvq`kP>55VD%4jRdGQkAB0|C>V0ei0<XJ!bJiOSgt;Z7)(
zT4<VzYQ-ohee!s(L&{j80pxUO>*Wrxs>?M+oVceCq|+KhW3zW$L1v|!h2b8mHF-%3
zsbaIN@#;;sM4(@=gu#}Ed+A}Yo%j+p_fbWj*NY%DN2u^)M6od`>>7VTrfrLW<4=w<
z%_?seFVPx}`Nz^P50dd`Ghne-C1qG)a>IK{Ldg`*Q0nQ957ADZsHIAbx#9uX6Sljq
z{OutVRH<tP3KVCBnMR0BE-p2xW2d%-n@B=Ce?ms6rt3i&din+M%yXP9IWtsm?v_|g
z!yHr*?2;nbqFrAjsB%3@m@>V5G;geR8JwiQW@*`l!4Dd?JFXPSXO~1Zbtv1QA1xa(
zK2;x#O`B;=OfD@CdQG1C>gxf0^xg4MQSI&NQL^pr$x$tOdc#8pdV2jsDSFj=yL5+c
zoQhsC@_II5YeQ~&42QekS?&Eux`Q!#>!#>u8Rt?&zpW#3nYd_Pa6Q<U>}Q8+7z!Jg
z{(Z$FKRCRQYZ;^BS~F^E4`$W%?7H0Ft!2{7D2}mvv(IX$j=+0b9RmD}tC%7?oPJre
zOhMQht!d$|xiti9wy0twv#pmzxetfAHDv7&<zAEO3sgt-bb3l)0}De!UCYcw3qvN|
zog){`W-#feuuQr8DIP3k!R|N7o|!VaJBOrQo*Dup?MH4mK}-hoL$aNo8AJY(*mce$
zHe5HIguR#!jyF`;4uI25E7PWttd}PC)yb}(zHgt4Z+TRl>rDfb(Cknd!-<8SZ*3H_
z>rDw$uko-UbwU^b8fsgAA;h158fR*M309ZI0`_*V<etdsuZZ1m6mOXI-?DZT_1-26
zc5U?E(CpsE3H;}V0Gto|!j9iV#GO2HZxoJ!?zF`el+yBP0Bolm1$_dSO7gs0MzL%c
zQ<9t2F`HysPkMD56Jh6h(S(|Q=}BW96EF0*E72drGzc8?<HX>Q{cUQPGw1Nw8E3ch
z*cldrQd#Od<D^7#S6`hpayNm&nj%-PW~Of^&dp5h8RpSUO|BU=dw1(OMH71Zu?si6
z_AzsmFal#>fTD9>(#Y{MS{z?$n_D|m+}sTmq2Ye53}5f0V`FR`i-5t1Ca%Kl4JV=D
z(v3Xfma#-`tiwOmTxVU$RJOA3$|l7d{3ta|v6f7IoVZ({szO6BHe^W`PO?P>@5(z8
zE6Tb~b#!_w!C#wvSI!7;ViZVLm#v6Ji|sn6j4`tapza`^=uu1<SEVvpESpBir>>gf
z25szR9b_#mAG?L2IKqlK#MKRK9K*GXU3P$J2IKcHqTIipy$M0~^h@psc9Mv#{wZYF
zqu1Z-W-{Dpk5ua0tICQbfoPeCuu%58xNQs&-ltYWE1)}ru-8NsvtGwR{|5Q`-LQo-
z33ToOaE1-jB0S*DXI(voSQ>kLDR77;i=?a+;=J6BjQ`b8$hZCEJ)tLLyvQttCyriI
z!?azYeOW1vgHptk;Mk<^CRvLGsD_6prg4Xe`4c1GkQHN0#d20~4=rF+di)j3wbmR}
zRH4M4B9kcAtgbenCqr95&^>{>&HfmUAGsn2dLHQLII9w%sMLJ~V<z5fMG)(Rh5v-R
zP6Tvi@{eyUe25@g@vbW4TbruS)G$QltAL{xMq(MdS-7P!34`>f=+6jUVS*|8^x~HE
z3!8ISHxwRYZ!^^iZ>uR9?{S{u>E|&f>&n3FQ#(6pQSM=|xEAB5AmP_rnu+Zd_5Cb?
zR_f%dr&kCng{mi*vEgPZAV9t*e!rv#u@i!R0}MUw&oLZymQ^ep+b?M2^GEeGH!0kH
zZ-D(uz>da>JteE8rNy8z7<>-$tM*>48;s@5hJ7BT8e|4BGc9g|Smu=TQ-=KIkMMe0
zd5YvXHFWCXfoU3LaY^Hty!SvIS&KQK(-VVq0Z*F#xL~8=22y{b=Q1*qY_%T!NG*|a
zKP@$Ra;!{8MYT^C%W=tDL%Bx?!x|x#mT~!A$fKmJzo&0Q%v_>N59OL0>p9D+uy{BC
zP@fPe`PO8QSn&W;xnUNaPnye@CyZjnD;8M#!!mVg;_w*h`qi8MU%)fukaH)H#=W4u
zQE~XZ8%gH=`sVHN0LQk5*S55P*5a%K1FLa*_XojSzfT=Mb7C=F4c#_8J*sA!*x0+W
zp)LCuxuI9E-}=|gw^YlDtP5(V%#kD5DH24pSZ#^O$)}~?&zq9XWt8%W6B~iw7fIdH
zR~2T?sqU{uawK$ytHb9ZBjl|C8!x%;sxG`U!39xHDd^1f63Tf7!>Q_Yi#eXZ+3E|I
z;b%w`F{&iCWU}zAtn|UbdM#U3$*X_7&W|U_ht8!O;X1|y>Up$Gp;y2-KfbPs>4c0N
zP?8&?F28OR@b+2@^OM4wmYMsjmjCIATwJZoI`IstkWkxPaiNXYxN9W>0!tA|oV=mL
zYej4kcqQWB=xR5j$lGoqRU}Bt!4(M#|CTW0&grK+U5|<x(%3tCa|gqZD78!5UDvtJ
zJZN%5(Z4HO{Oe~$zV~4|dmTZ76C~TYQYodAz{^`bK3mh+dcKQNe%ABYIMx*t;<ss`
zPVRK7=s39iY&1(_`y)gJl=fXj?jWFRt{y)QaeCp|>j=Qf@F~`mp(86ISkzr}CtNvm
zPz@!1W4dk6+6Zi5$Pc{QgMl`PI78@;jH>ErhiJp`B(~?g{vu?wouudLctcc6jvd{|
za*fx$*f$d%A^<B)@)=HmIjEV6-x!o(7`BApm}n!+E?+kd!-A*-93w(0XsIR647^!x
z%eUvg(dA)CvX6#1Cj{2C2XZx@DVuD+KYyX6{Ag#tR_KnRI`JLHT@LlYcV_*F>g3CF
zf!+*$!fQut!*379{*@F3)6o$H=haxvcCCuFKFis(Ey=`s4c(m}SNYdvvrpHlNS=vv
zpY~Smr>K6#aW*MDP?(Pnhj+`dZZ~SCwr#NJ;;bk2W82QNi&Qa<X>rsU;+L`CN1rjJ
zWYZUMjR`#Q&Wb*6E6m2!zez=FZu5|kBz~BQj4-!7u94TU3t?tDoJ`WG;_yYPq<v?V
z?4~{UIJeQ$y5=E=&C5jI?^6jSz08_}9z!Z*mxYw;(QP=5Kp^&s$<(V=lNtHibcP<J
zr{u3YR}cn#9zRFzprJzcMvA{sd|}|9cu^|Zt5Z-@mbJ}F&$rZeao7Ah$Icb`yKJFf
z?0vS`q`&6mpl`E75yq$>*0keO8dv&2&*TH~$CL1W^uDen?wQy-<xJV~_6kC+Ir4|$
z0@Pws$@0Cp0QauezN?Y)g~RP)d^l+trpazeF}u)AA4?Sj#R<w)6^_r_-eK}|Oa%mS
zzZ=(z@#w-W^EU+)NA72<3sJ?GHSHSkZ>CguHc1w^x3-(%E)-_yJvp)_{nPp`m83HV
zHQJz4g{Vn=Exb1LqlC--ms@Z={0xs+UI){ktNA=oz;d-e#FjDr5_yCG{#eLi#Z{T=
zRy_7iBlF=d8WYojF=N()nO;|R6n%SpVw9Vn-cU&759GUE1M<3-$u*21Brp%ck>s;$
z;m~e_O_6DFWudJ(EeE{!n9y#S+N=G45G?L93cIZtx?i$5sO_21j(v#1LN8Zg!ez0O
zW-{>;=mDv8_Ya-v`4$OqX0BhG5<zh9n2X#0C~!F3#aeu*k>hP{`W+~uN^bWpdzE{9
z%{CEyfJ)=j+$)RpYP(-|KPR+1ikCoN$isb5AXq*o`yDzbX0hOkf`R&YAIh#hE84c2
z^y=`t6a@x<4SYtE6eU?RnHO>s;e*9;qsIn4z|3;3f5@9ZxTP*5)YcWMNHv9N%8xrq
z%Vo8~yA{1(O=i(VzfHcb_49PxyK%i#B!I{DKmx|Q=hv|Io(D_{vNFR16zx|YS~95Y
z1k*f<(i?k+iDhu%Clr^wTlU8L_>rakTp9Pa<?P>7SM2*5Ucy01?9LV~6Pg!~e{%T*
z0imRrrgkz-N|jJw5qtK1_YP2BFhMJ^1^Ei?68^1d$G?zkL|pT%RmLZrThf<$`Ag1y
z^5_?O{>g3oN$O=aeLGs}s&8k`hl%I@7QqusV(^cSD8xoX^cLK~;Fmv=xFx(5;=W!^
zGNf};wYEG9>fQk+sKutSV%elmWACoG0B!mR^jkS8anfJJmv(_4qtyFJ&3SJ2Tdqjz
zgsuTcJos;%bLu4xRvp^fJN5-1!MC)H#nS`#)nN&rDZl5x4m1EkmH0ge5?JqsVY+x6
z`*Y`}Gv%gz-;t-5uVDH1ltgE&;VE;fXr|v|z7ZzQ;N9}N-yI#mhx#TsF*|kM0S-uX
z!cKQ)FOj5%DRnFRXQ960TuI7U>23Vty<@DejIpz;>r{11@eX(49$LxKmSTGp6*-Fs
zS(7P{{%MLWftXly-aYQlog2rsq*s3qQ#91@p5Z^NN1yipa>>{V@0Z^uyrtVF`{cwV
z%xk}B)z9kNm89xuTX|6qslG%60zS(ts-vEChsn&Ds?&mBN0QqGDb)JL<nag{-O0k8
zkcOM&9d;R3S57YfnH=RiCM~Hq#4*{?dbrDmrqMi_=HzN+w$$y%gM?D@P*1WG-x{?s
zF{5NB;E$6d)K%$dR(VXYeU*31g4IcDY<k%<U!NGa*Z4Dp4exUf)tN1~0S8zAZ9}gf
ztiTrmRPyB!zxPQYbeT?W=1=I$Bc&URJio`F<AaSpix)jF=r&cJ(wM(`{zlt#azD`#
z1O_d=?gu;O3CgVBRvT=0*UkRjgMw@(?>SBHfmvuFhZtPN7u|KtyjMiu*uN?!bzi(}
zYh9z*uPKFU41OpZ?EiQy0p231`262)_7HtDx(s%9)tL<TcI|}Xex+_HrC+Ul4;@lq
zziSm-BDQoKI&#?>ze0Es)NTH5rOm8?W-NUm2wY`{Vs)gt;8|k~Qqng!HB=|Nr%kVU
z*<XF<_F)a9zs&<i0lZto$*Zm8xbeLG8R(DxY}KiR(->#H{R%ctfXdw~X~v=#1>xjT
zM{^%Gbp7;!MRdbfW^uC6a<k^rCxX+TOLIK(`BbUkypv>G`{b~pS-BQZr@xtq`To$w
z6rx1x6nup+5hMR{9n<%_mzXR4g}7W798Y0bmeo%&*fn8;*wNjou8)McqGC%n!aFn(
z&1{|zs@mlPmj&%;AnDnxc|{cz#}(n)xOm6ei7m`F$Rvg_$=;>Ag{oNLWP)*5Z6EfK
zPp{kLEmB;J2Vcn8JJz*eJk^Cg#>UoEUo~J}G2f9iaDEC~JbPh$(=tgJefG^unNxBT
zt<~M(oRFHeslHxGP~0pte{qk}weg|Pwm1EBu>KFaN}Ngzz~oOXTcR3{ghkIKc{xq5
zZxHwLWuYr!l2Q$oY<E1MYIO>(6z7V(Y5e4J=kRN?m*4KuZT!}tlJCU%qr4f4%;w$m
z^L<B1^1R4ljV;KVxr|>TgO<KS3^d<fB}tI^D8V=?%amk$DN|6F&_PkIi$G|zI9Jx9
zUeX)%?2*X_c$B9nE2e&nyzcaKvvp=mGV}`dczT-~(kE=G-afFFiIVrZKo83-n+zfQ
z?W{<nb%>PgrQsy<y}Te?s`ybUe{2eQPX5gR-*E|}OQXU<j!#N$p>=(2pDSTrSNW<!
zoz3Ofg0wMQ)#debC!VrOy_MJR)nZq+a{D%!vUmatpoP|*k@SfS`$kPCUB1zrDQAkl
zWud(af-y!;JYDQn5ts64Ut-_Nb)mYE#A_s=9j0+K_(3mjZK6Y@DT-L)VRX*DjG6W=
zp!~RWI4qtfb<25Uk-ms%Y}INpfFHwB8E@aq#Hk`GjJc5r0XyR<ZkL3Xaz&0XQs1I{
zhFW6+*xS>%GLMYA^t9&8uCu_Tn=8rKHI&@Fq%?*8M*`?5<`?ws722pU*n42t@BWIp
zzdkRY+qGybzk<>^#PL5>bcO=2O|=G0WErZ5*y+xpOCF~VAGNz^1qPYOPo1D@<7Ii3
z=FeWA{*}J-()iitf6lr12-mB=+e|r14!{Zji|2^DWwe7EV!v1;%yn0>%5K+=YZ$-O
z=alqsHEbMtv5mVss>&%gjRMc?e99!I>6TDGX~U2({Vr}rwL;+1(aayIQMCC&kazf*
z_MB{cGTO}D>iuCMG~Ss0Vt{OCSm3>Ng~?wdFOkUq$j6kLD0JT2{&Xu8DJogUeLpw}
zlpJo}!@b&wA3hay?4RtzI?YKMuGqQKcvmjKl$1DWl*Fsb>nb~V6bC8vYm>e->7=p#
zEFi_SuNzN<Q|D1Ys4VrepHl8`p>js@dDrllnw6K-IeYBeg63(9;7Za)17dtyqly~H
z$)ddl>6v$tt8VP(hNh5ZBa-2}c%CkSr5LNbr$GB(92mDAY@GE<enR7#ckZ&^8P35x
ziqc~HwS8NOK97WwU9rW{gJKLepDu-XqE8;-TSU*I|1PtfDiZbzOrvKX6vZIFK%CnP
z4)W<_8f{Rj5nK`^k#Dh)E2qScO1WuKWss^_6#*VcdANe3;FIgToc8X+a-7HjlpFn@
z^(rlL+Qlrn{W+f_z5dr{BoHYsGelt89wrM!fH3Em_qbnNG@dO`{|0_xb|ckk{u8vy
z{aKDZK{f57{aH6yP!2;eaGRlR^zE?R^qw&G%KwzIY(H1GZokj90n`<!25vJBndYBJ
zrf&x&nv_8iH(z%#EZg_9TxtN0aZtpK*T}k#b(|ll@E;3>YZm?QSibXxz+_OI?mt;y
zu$_c;UcW7Bv#yG@RmS)n&3PFQmDjTEg5|pz#H@8K3EyiP1FQtqX<e(s_nP-FF+PVv
zZ8dM}V)?EGU1?qG%T7P3`QVTMMuoTH)-3^FD0l>IxPPQBB9Y0q1_S$I69ewj+hnX&
z$OGiw{L5sRf)hKY>4QHX2`34K3)$e$)eeK8_ef!>M3{My{^Wy0_Zj1W$FRUn|8znL
z7+bZL9*Da^myKpa6Gw5q4B4;T_<><&(IWnxixqo?B6$)?ocZ-3c8UYTR&5%RP$2*#
z9jbx_|5Y3eA&9qmumg~IuyRdsqd;~crY<wP2pU9^{#}}JwhA9hr{hIjiEJGrw2mLD
z25x0^jGtwT!3e!AW$cW;uqe)E`vqnlJlKewXNL<1u??iPEH|GgNj0R*L2JX6jT!1c
zsN5>XG?iwMvI=k`ScV}CL?Hf-5|KI;A;W9ti8{MrX^**=Jp+j4_Qj>~#n+5*)N>e4
zuHA7&9}@J0D+yyaA&PVgxQ(RPshS9fuLl}EbsIZIcg&fvP2_Psop1@`Cj+Pmzx}%5
z@C8TCTSgi|`ABCWz}Nk2Rjd)vWy$F=*LhV?)18LlOKkV>-rTW9g6y6+?$Iyv8>wu7
zs5~^R57~zlG7gA$d&is(^m7C|50l+t{j<GS+(0d@N_hQ+pcqwgmLYEsdr`{lw<66_
zoI+lCvS+xCp_E$HhN#vm$_*5(KLM?!3cnmx2h5y<GfwOlyz18s&A~%<&b5S9r0$D3
zT_cX!neC8i+c5O>bbso2?WsoSJe1ItC>he1dwP;pUO9k2Et{mvgFkz8NT86;RvjWD
zZ-amxU}pF+Ubx$%q_+U$;_NOiBU6hYZe@=%9!^7wKz*?ce?Xxj=`?LnUY)3N85&}w
zm2Be9Y#?`+qbE69>8>@v^=lr@F@kbCF`Fg3ad~~P!TRYdcBm@0?nAS_qYh506Fov%
zmY%*{sR~eNJIOlXm9UVrB$AFN`-iK$Go7l6GU8Nv_f<_1XF9(Z6LMf1QCuAV^}D6j
z2aV)j0*0iQPAFEWNHP^pkqlzSLn%vj^l#*8+0pzJP1Md3%;`1QD%DT4&?YUaIX!gg
z0*kDFxMNlGvs9YD)G2Smi8j0y;Xd|w!i?FSB0G@AADgxYmT_3Qlzy%vSCX>?jids4
zvBOyOybR@Pr(k9cCL0Lx;)2FDTju+r7Rrc#-8S(1cz~(k-$)p3J{)a1zlzG4f`WMu
z?cC|@+kZ3pj`ex;`U&o*3Bq5$tEchz1$<wQRNoH$>y!|*{sI52mPOj;P_jL47rO3`
zl&KD6k+uvu|GSv<qZf?z8ZEeV7N8d;h3QAQmzSz|q&n4jKM1LTEEed^(tr;nxnK_?
zqV8`+|B8qmbRH<7VDD!Fylr^6Q^SN`0HVz{emi7uaMcd>zs}tN)idJd&n+YRH_;|a
z5q_!xu;%`zbOeV&uqz`t-;kc|Z?1jJ>5%|zy42_EuE=@Vx1BEpakxBCVcV_*u~0nV
z*eI<SaiwlC!*r8_bB+kL0}OBQ=6iUP{fOzZ8KYY3L3_s(xguqk5`3a@1#{P0Z;)}I
zIw!P`@R2=c9!b+}wVgpLV-5vuULMu`9av+mX|y}XR+<rT<&e8Uwru9qJ@5wbC<%ZZ
zE2^nMqI!g_0d`^ts~Y9Wq+~e)e#rmN{+egwGh|x$%nin$LrskOpKx04a9XZ<5k6zT
z7h48Wnr}4K8<^{nmG;|Ln`fHmZB}<UYI&mF+qqOa6x6dX9D6E%uQ)+y(nzh3)*}<x
zhh-JEJk07;k$E(Opw$cZUd?Nj)VhHoJm3te()K(60_hz!$5_QIMd}yiE9IXVDd8M{
zBzvB6^}%`5PT0+pV8T}{Y1iYqgJ`Y;HT*D&`8fc#ENrJ$z>ay{Af<qpz~{%D{c?6%
zyx>p2zp>-+lt{SUC)X2)zOf%11x4BBuGRUpgb^HNCKU3gG&|aa)OY{vj+DUNn%J8=
zD2ITe(Tpo3s7pG+PJN|o=hD4B46?lpqBQ+-eaZF6N8Zs8zl70fdA#AuzZ4z>flp$_
zTwU{hqZPmPYODW<g5KDIKBp#peyftKl7k(5_a-0KomKrW^boV$+|{8VMa5$?NPL5U
zuR)c3O?eIp*@FK#V8do;FAUh7&Iz0EKxh6-PW5bqFM|^5M>XXi38hy>=f5r?@LiUk
z)O0$KtNw`ckYH4LeFiPVS-2UV2pI%MCN1YzNI}0OA&47_)G{#0H4assf?gMF7j_jH
zaW{_?Z=6emd2o%>pERV>xLIP1D^9N=7i3Jg@dKoT^V7`{V^N&R`v-uQ3&!pQH7U-V
zYy`m|N<5!W?7RGR%9E<P|BGIvXgi*`BVujn!@sAuk)|Ch0T_cmmmM=b2#0O2Ysy??
z;XSCY`wM&qVnjZ)hkH5<0~6P#ommVZn}*a&Dnw5~uDzK3&$EiM6dmq4`2&MUh^JXZ
zQ~HI=vaCS}SN>(Gj1K^5{C17j1zFYogT-w8FAeNQoFU31|M*{^IQx@&{0SJL{yB&=
zi;o;B`rM2YI1|q5DNPVO6EXH2njUzil<gU}I|x&VA&i0foS^lSST*}ujAJj&nA4xJ
zw$EWu{W-Xu=#$i*>NV!s!3o*vGm~R9V@K!DCU?SD(T<diV-6tk!^2kTn|K>48G_>6
z7!EIYE^C}J-zU<nOy;X?^NZg855WoRHT$xr7y*Mlmj^F+;!y0){q`WHY_UF)g8r{Y
z!E6Z#vLRq)Q5faeNZ0@9+gl)NE8~`WS=#^m`vHCF+XJBRf&H2NMo|W9klAmuoWNO3
zXmCj3h21Rxas}4Gcwq{zP%hl1cc6O3AX;jiZPwN5(5^_8YsD|gwSDHk@9%)ZfD*UQ
zum_P}I~vfLgeE55YE<L~>`>#<eu58(9Wa~O#ScYH?5W*D4TDbqR77s6)V9<9jzbgZ
z)Yq@W6S*4{z@(H#OMhg|-@OL?o)O@GH9lTV2fljp6FB5TwdZ@&);MjtxF%}ZYD!-z
zUism#A>TldX4X=uXD8?~)sRj(Mv#OK5$3|af$O}hP2n~&u(R&^eD`VbMNtV%AP|Cw
zQq9_2{pXIK3rKid??yZ<cs>oK|98Yq0a|oy=03qmKIBR3E&<-%Z1JFf#4eZAqpWFh
zhvWoLHjuDi#O4XJ88Zq*uLvBz*>q};;vbq4-!c8%Nz$6YviUdu`K<$;ZKhN$%P5LQ
zqh@XRY?1vw8Zx6_`~0t-Te+bc81bER4X*H4P+3yqD`mwIYCr{*k~^=K7hNAD*T_t=
zpR*nQ!s?F(w!xVdlnyM`cjnRizmyrRGkyZwvOw#;E!u6BhNHFa-q^2LFF4hSn%Q{a
zphRI55RC*6tweM_iW5di_-wsabf6g-zO@9B=a3eUs$4+RpahR10ffy^gJVZJq-G?o
zV_G`2VnoJuArF`V7SwfWIs|b<$91sQmro4I>o6K|`Rt!#7)mfvAv}>m*0hvH@Ixy1
zk$`H0WOk@WBpyPP&N}lc&2lZudx&N<3Zik)*YFeLl2Pm_SKF4~2`xI=Ow*`tyLzYk
z<e7s|y9`dG?_JXC-w)iKB9^I{FlQoLcIBN)AR81Ou{0+FcXhm)+Z7ZrxJPk!sdx>W
z$Gx4JY%$tK1D0ttqt^CUjFY-0)=95WJb;P6gM!X!?V6!O5Vw>KJ*u8>LTE%o3~+H3
zZ>A-iir)*32G-9VsHg`Q?3^Bod#>%&y~X&ne|vb1;f@(S`!^cl%5^rt_>*LfNh_31
zy|3*XIL%&OHHV#;DhZc<1lw@cz9-p0FMSNP7^txaldf5MGaC<^pDHQSKZVD0QUO?v
zuZNE~+Pxf8hG%%1!-Kouh35#nqUa3Gd7NERD2$#xLdk=f;uBI^4%e9saF3Y%ULRQB
zDVeABp=YlwUt=t?K50*xgy}tSi`Ea)YA<i;yJYh&3BG8|#e5yKm&WkvLqP_8X~2#}
zi|g}jKrW4XS0W(_hI9I&fU4N{unUmbVkv^$oxT!b%?yO?O0wOj?O5EvAz?Zgr+UK2
zVPE~|^-PO?gV3WB8c=uj(IOWbx;ue(%6JB^!!Z0uX5#xQ`7Vvs`-dMQwgspiY4mtC
z{dP}>IdGtQR?L=pBNEh8jMC$ni9GutU-e@o9tta(Iy3&}ghQIj9Q`H7^#(wP3eFS7
z{w3;g!(SW)a?FM-PenT|#!7hs$GdMkc3Ib^V0V~?J!JIj=AEgjVTrW4$8Uh2g(Qpi
zRibb$_lW$-Vr>_%mrOVe>BfARLJXfo{-mi&l>zQ&%8Vm<<WuX~*T9BIHPOo={}`OX
zmP7Hv|6wVkBIzv6g{qq9uMEgM_mIYv7EthZ@K8s$9=qaV1d-1nQq)27MwhyXg%W@T
zA4uac#RU~ntPp&V^T|`n7dc&1)q;3@W)7+O#!a1hT$W^=k@hdQL^-&mi)^@mGmDG5
zq`FGyYY+b!6GlSd%{9;Z61*>Q`a%6M!4`a16C$U^j&bu&Qichg!3+d+kwh6P4V2rg
zz_g;tjUQS?H6icUJIQ8x@R-s+n9-#pnqWrDBA5|P31fPXS-A#gBS9P>;LuqNeC3V8
z(EqY`kljAD_{@APH|8jGV=*QaCzIL}$drHhaa$Yv)#P?}Fv5uAxug-^fcwTIjzkfZ
z%<{+w&Inpwv*nH5P6k5#VhIZG;?<f`7E31?7^D46auY(|<qSt7J7dgBi^p6yhtAXa
zru2Q0Jr#w1Dq?W7@Zb{^4;lY4hP7&lZq`6z-xt%O!S2U(X3eHm43#y*T&GJD$r6Af
zil5ky7a%l9WAgmQ6gFe(MveH1fe0q7?E|=EhwAPye=85Q?f^C_<ls#{bJe6;8a7U%
zhY{*su~fD2%<G*CuV(ZYoEg_ej5oiWVR9@a!t_WpTEy#U#OvTmGYX~Cy|d_Y4WM~Z
zJ)3>e7)Qxw%-S|yK}efWcWki@M09q`=8OLX7)qN~q!PN~`Ov)0%u06p7#>FLi|Pwz
zg^;Z^u@f<2i~vupi_L8oqz0A>#h*?zzd}oQ>RCAI-{jRiZu1Lm-Sf@`d9o843BM`L
zj4}!SEY6yS?)BOWM~s|Ro|GmX8P1xU9nW@z99rNYz+|TzzJa9pS6dX_6p^bIo0l1x
z<BT-_kq`V8dOhAad0<O%8v|3oUDPN)FDS>Jv&wt3=K|E+B>pY8Bn@i#e{EfPJXCud
zKZi)N?_um@e~~rYwQr#)WwJD~lqE|V*=CY0y-_5GY?;AOQEEoiYpqKNV=W_wEVp7x
z6LnE~&&+%8dq<z1^UpcY`99}ae!n??%;!1J*Zcsv^L3ZWMn-g!soPAKZKkh5&TLmh
zPS)*c>7@W6d6l@q%#E7Q=aog>W)sT1%bi_HDOMKGba)9>8J)(ZL(d{PbNiQ5s64yR
zSxaA@7|@#-P(eR5ZT~$ygn+_GimA3f)OuD@f2mnFE!1<)_OnI`=?KRn)~nypDC_O$
z$cpgcEGju(_qM*~l}WOGNu+b*g~#Ht0-{fid&G`iGVv8W`$XZgqpOMnW-;LGBFEGV
zpMU`$=cy{h3DvKfa~8v&oaXVz2JAQvdD#<v#mCTkcfM2_9+NOA2{fqZr5|x`%nL>}
zBwXyv6^@%z2q=8`FO=}AK{WPe)}5K1n)a2m0m4?oWzt3WAFZVk>^&Wh#34k97wLSr
zqEbb7UY)V`(5lFFNxWaEd?1Qju!O?ip>`ljQc!a#Wkz4cxRlGsT%crNdem)4U*bwN
zT18dq;(Hk`?xGV2!O_*<?&kzW30p<*>opZUbyKKWN_jePYFb5T*6eZ<R@@33uZx(4
z+9l%E7Q(~SEFTL6_ng!5_v28ehaOY9ms&+nsL3_@t>r(0k_!pO4vn35^x!7zY3|8+
z`&U{<9Tv@d_<Bue44TtDei;7gGtEowNt_XP*4n!E74K?s;rqOyv})WNoprh3USH#^
z@qI@=bi~u;eN<&t#%PK|U$H0gNg{)}S7$lsfS<DIN^rb@Q6C|SV3zh|;o+Y(Nqptd
z;G72C?wez4T6y2mPY&ynTMGW-==BT<C8~%CT}#)lRZFbz>$6%qdxJejss5Vm$c+!e
z4R#oH%0dXv2BSTF&Hs}Bf|1@KjE3iYoSyHND_<TKa$ConA-8ODus43>3oo?I>#s+8
z%VG1B=^@RITk23RHIVe}s+s4OcJYEN-Gg^N`=(0dh|oL&iF;lBF6L^1lI+kjU9JDx
zy)ZSpXTN;g@Wyjl(qUerzLu5C%Vi|?HZM72L@OlU(6MivGpsw*hB!evNVDy)6+JX)
z9g*f$mp%HPgeP%gamd>2aqUq(5(!z*m}CFCa^X~5XfvgSVjNLy=r@UXCGRI@QRLsO
z;?N~u3Jje#t&8s_-*Fw<s$V$W7V0S+8-cXGY<T_dtoXMv=Ywrk!q@W-tfi#zm4`oG
zLM1zWu#zw=eCVh#9e77)E(=rLJ2i0i$F~TBpy$uRgThU2V=GE6q7%!$P&3|q*<B^k
z`E1h=fmv?z9NuNQn;V7Er<H*%?`Fzf2?-XJr#Q&&#q7<LEFHIE{_fD-CkniHK9f9D
zM|yAhX=Lu>YV$b0;|}Tfs5&pZoE539Ze%=1T}j^g{gGquy!FoK6-<K3G4CA9ZJkof
zy2Z0G6fYs1ICeFC>%4u^hkK>Y)+L<ih&`*rKIEgv`BF)eH)p=S4I)f$u<!O7nc-Vo
zb$?W3<-O=>I(5pckSbfd7%`_BV&1WD`pmdw0Hl3(ob%?G!@hM?{<x!yg>ZGKyu<+3
zIP&`^t4Q3OhL@CSoB7i7dlm1^R*IT6gQ78P4w<?B<=xoAxH?^w*$9zSyicU7-H*p(
zhL_e=jazPM%6s2Gj9TtGf(l0ot$9zvGszAozp^MhG||8>wP@t!Q`g!h7eeSx%hjGW
z<Yo`)7Hi_#7-AdD*g=!lA)b|YJ<iTf{ETWsgMp#q!!rImt`q-_dW=>RITeOVLGRHV
z*3R5d<Hk~`8nbK>2%l<Sj+bFC+Y@N}U)`Mo;!Ydo#_&1ZJ4wABV~p~9+2Z%WweHn%
zMeJ0-?OCF+0l8=NaLI_>u0K|9rIje=N7dJ+86>WldG18+MdXtW1c=#bt=TW$qlY_!
zC2At%5yYVkDleY2c|x;jKAQ4f$0iYQCPm!$nZ)vG5D@}obf-5(`xrhQRoA$)epH52
zY4?@FIa1)2@Eqmw&=)jID*V^UgHiwPl`nfUK6ScvMdj9NCfa(3nxoH}i+2Z>b8+@;
z8TVi=1Y$2HeRk3t<&&sIq-oOB3U8V7c83kNAD{`m7%NK;pqb?Hr{AA1b{}q-<uf3h
zG{E`>xW&}o=#6U>ACdRNulr>N(p(+KrZ4i)A|!AvE=fW8AC;E)uM9tY(N-Y$2sv4r
zx)#t!wveB&RGzR@ltJb@xMNFk$u@zzeiSbsS8(}84WtSd(XiK(-2*p%sBD61GnRfr
zo!ZV^lwD8SljJrn86(R>glg60)B&JN$c@p;3bKg+A^;bBFuwHTssN3dy{tABpe6Gp
zy#n073%+GmE0wEDfu2`@hO&%HR)%s37EW>iz(5EbxEIR+ZLtvr*|`89gbx51Waa<J
zC1D12d2DRtnS-b^LE-<Sn)xXjGgdBU_z5i1D+K^HK{2sTXM!VtZ7apfxGKhC3IG<+
zG!9f|W+9etdU_3>-#!b^Zx`7HYJe2*prQ#Qi_p{R^$%cTq(B%1C&MCdRRO@(@s|NW
z7(6J&M%IRk@gRa($tMiOmL>EG56UnV>#zd!fJ7@nS!T6N^A_HogWH8w;eZ5KyucCL
z0)YMDgZ43~h#;kXzw~GJSodx?=9ku=>{+b!e`zgkhQx)Od}9ItqHzGQz1DTmVC7#a
ze5{01=u3rosz5nr{a6_Uw=b{-<nlL&l~@XHpJtIP=yDaPBF88)Pi)eW7`VaO2S)s~
z5@is%3RGbFyTxsbJZBC7o9LgT41xr!K?D=TN^2y_;tc@AAlGV8i3##&p%>W>GJ&qa
zAZAdk<NddT{`d%uR)dO66zf;E@U~_V!YYI$fbz`M#t=X$cIiDJB&!07@&B~dp$_;i
z8%_qACV+BGI9LNKT;w2`n!glQ48^oO<W~dAFx?)-{L_-Yz4oaZP)Q9a%Y05N!>rO6
znydj4T#Q09n$inuK{0q7FeFh6$~rKV|9>gK?*x991OT8v1O&X!ob);!6c-fp_uk=v
UNh1M39zHbTAB1`y%pnE*7ZB=_aR2}S

diff --git a/classes/ssl/VncViewer.jar b/classes/ssl/VncViewer.jar
index a93d323fd46f39a7d06da3038bb124e001082352..862bb202e83d3908cc313764df8bb1d5ff6bc628 100644
GIT binary patch
delta 37631
zcmZs?V|Qg?*R5NzZQHhO+qP}4ifywhwryv{X2n@y#ZD@yUC;BLeOfzvpEf_-WB!2q
z>ZA8QXU-qU+H5E!RRsu0%x|#&9`j7k6eNC#{~YpR|2di#j^O`uwsat1!2M@Po5iFA
z7&u~DVSasG&*g9KY+kpr!WLj-S1vFwfE&pa?TByLir2m_V26!PG!tz_TsiM3E2*hR
zpU0t47psw?!e*8BPg4Dow!aGoBMBTD&Bi6^Qy&$ezj*V((T8XG`!@Hv_fP<MK1}GK
z0b4PnFzX@#=L$|Q(k_mcWC#qbO}EVew60E;7+2T8IdIlKQGAC+Qp5B9L2}#(_kux;
zdiy-~z7Cu2=)kbwhTZ{xrp%vm?#;jL$i73-SX&-s^O55lL|=Ga#ez%VaKq`Az&(c!
z+eWiIcQVvZq}<NYPceqwrkX4^+rFm1nTYE+MbWpFv#H2b3I1@srnQ^s(26Ar&|oj{
z%!3l-YBPXrEtjmez4ft#Zh<>3Ds?p8U0mEvk-K!?o|~aiE?}fLovE+0AX>X<RIRdr
z!>6iVVuSJUViec?mFqdWz_>aFu2BBKQ>L!0BDk7*g?H((bR8xESFxvLy#(ImO|t`f
zj^t2@FaSX$5+UK7ED$M|zr*YRZbkb&c==G3ZMIznw|TPN(?02Bs3k8f=aInM#{L{g
zx(E`ebSh`I*sNb9_P8mtvZ+`zVZma8Q<80N1z(j2c=N+$Rjh(K>w1iAzT4GICTXO2
z?4)MZsY7oo5_C9DT7!BJ#AY)6c(mI|XL_{e6!gId^6@AJdJz?ngtx;0Z@p;<x(3K7
z6r`TS<_<?p>G2~R&^LD6aGJMO@;rTWax;=_c4%1{a+ooSi4r+Pfz%|1TCms``%-l8
z{mqp+oAu@9nSxavUH0O7H%}X}Ky8^j>rqW<%th76?M9_?^8(RL#ARAu^`4$ho786D
zb6zR(a&pyTVUYLWO8f$#k=^nSVun`1aip0*=b%G1MKv$N>Z44LwQWeKb#(^KPlYgI
zq6qWR?hQZ>1@G1V7U8^5ujzO#_d})FY0)AiqCX6^lDV+acc~k5vc4#+M`8VQ2*)y%
zJIbJN%%J$wGYmnMABR+b5M|EE$IsCF_g`7gJ%~ZW29jDhF-s2s$%L@+pR>dtR&)Cu
zYBR~|*0zc@E`(p3i+e{UI5>9vvrp5y_3?__dMg0faX-lR%nJ)xV_Y=83))b$=`A8I
zbD;Y=V_TMb(-fRj3osKi@z8$sG0|6QMcW0Oy>CXlv2v=ajWx{YS75pQrBKWpwVc}c
zOw%ogMSu!f_J9PSs&_;$T(NEFSwRlTTU5SoXszs#YeQ@qfO~Ac&l*}DjGK!m$j-6#
z_`nW%WS^c3W{hNvX=KJ^`TKWc5pvE@P<s>ofUfoVm$HUgf0&dIrvi`e3;WY}^?8i-
zo74CHu&90@;UBQoM+)*sjNfNAwM7ikOPGMehI^55mJLb3`Yq&VY{fZGuj~Nm+h>Ty
zBaQSqORpH<0oo8q^#>;F+$2!p?*aVIpw|>!12mfsMsaSrq$I-u&jd*(`MQ==eZ~ZC
zJVysc9o@%CjY~xEtYm;*At$#o?deZ{{DjPMwe&l0op@1QqfDRoX{F4&*Q)Jwv?Qef
z`X2gCj2ccrVMgKV>~djsJ^eGM4&KFvMk^jew{!8IdiKk_g*mb#JHm{4T1~a3$wYYR
zG@!@2V8k<7Vn^}X*BlxdqXp=0d*u;DZ@dTIA4;-eSf;^@jz}~f`H+o2+{hCW!V{Ba
zfi1D0=kKDyvxuq!3@pp8%_Io&+qY7fZ{Pll%Kwn^zpP9<!D9eydKl>7{U!3_)0vtz
z_mh*&%I}P!n2ufLCTndX0BUp7G=s>2RqC{c3cxk5(twqKhT87*=BywF1+q&6cqn))
zd%wt;#}Ju9T<cdD-~AB4cRb?nH`@;D%}gAN@pJbAdoKkpA}{lQ-#`N2BJZ>jEjrQ0
z_-4)z%83gPCI|qXSQ0RW$FHJ@(885>r-*^kpb@t0&LWuU!QMgy=ve5|5GaT^XnANy
z2nA?o0$PGfTvtR|2rY<tk4`qikP4U|CDx{Vk->sBW9v`9p&%IiAIO0+=C~_3c)pW^
zGEX1PAxU-fBq-KGf#N7XRz@lwZ_jCk!*mb>xg+Nf9@qeZU?wXgS&y4pVHqI}u7MdK
z2SO7YTZ0s02_5fA{q`m89Tk<8KodR+L^K&TPi&`}TI>#0Ls-({Xl8+ke9x@1X;hT?
z>CBewxwrZ&Tkw)n!GUVSA7(#v)Su!#KM^j#H<?m}?FHHai3gJAH1Eomu8BoLC9$by
zfHm(U&pH4*%Z{EyzoP8pTdt>$v#)+mdpPxu3s#^3AIFlBs<RX}ULqxTUGntO-7*Ml
zQmPMm6zE=kf_+3~5Ep;yzL`(Io%vOpn>v!aI?6SZojt0Bk>$EMie*R*+RgBvY@;9D
zl<|*-(^-`(cwFtGD`I*X=X|Lt-Qd=-e<h%1-UpCFMEms|V6;U*o#(z%_e%xG<-Bqm
zTj1s~Z5C$d%|-JWtd%j;+P5(Vsc9}@B;HF+>Sqo=3l;rN>}1jrH0e@*m4B_*>Ljx8
zjlINxTADF#M95_6OK;3CzD=jqP0Tc1{XqAl=EZDvq^ACIZbSX4AH|9?hi)JJMB>MR
zy#?6Lp4wcn&Yoa4RP%}r$s<qJMAB?WXqH81GO1O?9aZ8RIFPK<)$cl_?~+ayv6*U<
z+9G2+<#Jffm~OB3JH|4@f^Yr}V_teoi#yAYf{>!arPib^e(JkKgI3b-ZCOWOy;P@*
zjHl>+R$rETiXcyfmLIV6K&z!r{*AMNTNe<}bPldY<0KfcNCtHxhnIqfa=kZ3TlN;v
z{;M>o=#zu3Yp1LDC!q{997AA_xSBSX$%;aHject*ZFhZZY&u)W6y=eoZa*E<WRb*t
z2e_4G3nP)o9+eXglK`v|wT^n5J6mgjO(<V={}8byhFr_Zs(YpVSteWR(vx%M{1gD^
z!);0N^vy>x5XUFifz**#v(@iB2NxI~b93;nS-VV6)$F;KP6-qKmSq=P7K2EQ>(2v4
z*Fn2eE7gCi^zlu^@+`ajM1%c~;v>6TDN?*<O9BR~OBztD@K*7f6Y~RvLw#)?3G%`i
z7;V6P#>|iqD=*K$J@OqHZMdTcx&RbEup4rGF$Os90%la3pgp(vmCTcKf&R&1Q+u}l
zFx(37e?HLpk`Ib9iRc^x`aN5l`<V1gt~G^}`WVmnDLOc}<-}5vpSm>}`iWFG^gU~y
zwW4h&1<s=nRS`nc($fAc32DmW#I=)nA3jU|l*`g$bml1sWI^|eq3L2%*#XQj@rZ5B
zVVmfto3PjEw$9+I_l!tTW;4_>s@+4scHt?#YF3c&p4BnPbUK@}TTE7%1lcw|j<iZk
zrhl9XRK<hGhQ(+@4pEdnSSz%8tOQv_a3a_KM#6K-C?s<VTGG?ULf_c|x8B$4W6+2p
z-2Hqi-oh>;0k<T2V!KyN{|UGi+ag|NeQ$lD>Y*h&OS6bCEPOaCohPprJ2SBkDvzSe
zJ|99jVHlcuWRUeB_-r6kc&F1(AV((^n&fJ<e5WU$EYfPF(x|ZoFzn}+HzoDg4fZU~
z^`IULZ2$unXW!2r`K`s}oQO&l1W+gUBxHnlyPyk|cEeIg>`f#*u>ei4g;fEp4-Ol7
z_NFF*B1lMt8=+opgNICw*VwuYenOm-d(u6|FOe7RJGKU9K`(MXjZof|P|t<f8wc1M
z5HEf=VN8ut*J&>Ye-(TvfABB(><dOHEB>JTK~$#td<sgcJ=ma6Oe0C6A;5(l!T`%A
zWkvh$Lg9@PMw#v{;Sa!3DRA6Bnl<IC^&^mt>XG5nfJlPsfhJzp=oDNXJa>KC71>w(
z2tpEU%1QKL6+M3?HUBUpJOYn;Q$u_RR=kyA1tyurkN~Fxzq#CE_(sv(>Ig>zZYjTJ
zqc(&K%|AaV1xBJawF<50?__eONh}&}fty6Zv3-*&Eh2XumjIRzxM!X(%69>g>90wd
zje%F%cNP(x&1oQc)a%>CH<G0M6O0tJ!WhN-xD>o#x_iWd_!3|I8xxlLtjbREZqmu{
zBIrU&3S0gfBUhX|%e?yb!SR%Jw`^tUHi2t%fNs=5O#4?A(;5n?{F({HMa$W-hUKRh
zA&5ivp~5Zql!0~Fg>>XJnqOuGZRQK*KZ0pGP{IrTPb`Iz{vW~o-+I|{OL`9dUpui)
z(+vLKA%&g_^1r^Ki<u0t=Ypw)`E~u3?cu{OPLzGP77GRWBGVC9iM7Q{&#-TQE)T7Q
zjmWyQ%cQZs*(_inCh;)_F%DBG2MaeIzMi|_6h2WB)BkR7ez;du*we#R?i?<6-E|uH
zQh1a9UNFM~*ag6vqE{#iCLoeAu#u&tWv5Rl5GtBtvd9uHy~hE5^;#ZUDdt4)V-1^O
zY$Y$AXvNs|`KVY^T2sOQ5+c9L-8ISb4RcLb#bmYbuV!h7^v*9Zc-HO<+(F2^ciwmm
zE5i%X)#8!}x!cuK(ArWG=}ld??VlKLc++Ch3|wB(Wl<R<9<`eJ6GB3awvpwJY4j(E
z*~pQRKIF<H_~!{=i-f82#LlH?F1oFB_<?^6#U3dHqUtZU0!p<@cY=3Ib>e&OsP_(E
zhuWuVL<IrOYH7c-8Otsv?rttUD&1TQ-2e^gRPTu|7E}BI9+)mJkQkxoj`1Kn0>oS7
zw~LOuIpxu6R8v(Rfxc@U8XDm<sF)JtmZ*q8GbDB7`?m$4I^F}W)?jR->7enu|Jh_G
z11D1}BML*wuFL!HK&c`+H}_r(2bU_TO>(NDlP?1Uy)I_9FJo1}jivB?n3PwSp#>8(
zW#$r9h-6LQ!fzk0RQe3)XRAsDr-t2MOQtt(9OoQ@-_^d%zSFW0!#@Ha&aMRs+tG{z
znoz*!n|#m!cg*a0o8KoUNYJVzuPO~<HrYDRJ3!83jYu8h++7#Rcmhqx9BD>CRca3u
z2_juW!2BEd`)1<sw=+U>Pw4k^2+MOp<Rz$?WMBo%ZD2!n=inz2+dUAX9w>PNU6|d0
zvD{>Pz<ez-*ggf_&cO^s_F{DunJkA0_%%Z{YYPJqC_hyG;C4Q`EKoL#N^dDBq#^2#
zAd}e*b;AikR+Le08j!Ilm-yvF=zi3ZhjxyTcrZF3L3TPyR1%hQE;$foskpv3MxC=z
zxO_vIxpR44mB*SI)8>H2R$dh4^F?ocWl54$w;9t0Skbc%5{1WJWmWXz#Uxc>;8o00
z{Yh=2tcp-UJE~_7BCIQxC$Y$3E)mmdl>f0$9~A50iM4*tvHf%2Ev<hL<&i45xZ#%L
z;ZuJ7jvy#u@0_4M`}Z9GC(nPb-#*Wqv@pcCZ}L$8$Ms8NVy6Q*Xb@=O24{u~O?rnU
zqc5zr(;4G~Q?r%Diq}wm*B%~=Y%kaMN)t+su;kfs{8`oU2j=4>>+5^4woEEs&K=Av
z58+c9C_d|sfA!_kJZ))Z<|t@BKxjUI@BL|qWdJ;RPzHY7mHWGg*yt_!hyqx?&OVS)
zLK<u&e_@`35%Lz$3=Y-6YN)ypr4tdHLPju{8j5Ni(aWgJfLH@h&dV@tg0Nq_-}P<n
z`Hd<I!CfzzA+(oSRyexGS7IoyvwWYamr401x`)$@i4_yi6PmdQ_$!q)duOG+t+X9P
zX>*Zik+Y0$xw9~}HXbz2rz16P?9A^iF|4}PKJLPc0L=op7<PQH&zUisH(Z-Zu$*f`
z(iolMh_vH9rF=EF$fA1X$W-QqZjPMHy2t?USZ@{2;T*c~a^_)P?NoXh9q%r~Ux-aK
z%c<Em?zn_sr^=6RL%VYl&k?-oo{4*C?Npi6^Xi$vL3ESh&6+-`J;e4|tEDPLEuvSp
zPzTo(3~L31e+8UlJJyMlE&44Vc&CGx<TQ)vmEbuGfZ}@5o?K%fFT$@x*TZusmSsJu
zXYHYkGn4h0JnF_@JOrq|MBYj&G&IgvEZH(-DXGr@)CFtH{!>uK#i_*k(T%wDsj^<f
z_tZ)Rjm?$jgc$VPVm+vK0=n&USG8-6zY}BG={W%#R@2_{^oqKi6NosjatcgXzv!v8
z45R9bp<^p8Qq2s;keyjMHMd7GM|$XYN4jHQ?m}Ww*vbwwZG9$cw9@%I27HR12X)}{
zde3Be*Sy;GN={rgzQv3ZZ=<t46eZTV0(pb9Dx-QjO<aB0PnyM))=`Yv{v<=a&yV!6
z=z;)=>pXBW0^ou>sn+%c?}ftM;=_tKq*s;kT2=bxJp()GkR8=ncJ4u1c?}+0C;oGt
zlTv;b1u7lGv$+RCPI>EwNh!KKFdYzWscjy6i0(-A$=ZXb+E{nsNDN)_wnW1-ZSZBn
z_qXdZo7|lsI@lm7j;i|+qa|5WEwT(dzAymhq0mMc378AbnY=W!`6`^}<N{yu;}c<6
zIB$?Y88*S8%+1{KBdnovQeI`!*W>o&d;G<g1kJu`FBBc|^=8Bk2RfCYLaPby^xiNF
z07B}kuyx+dUgTEbvAfFoX6OgXOFO9zD8Tg14S*101o`swXe3HjHA{9c3x&v~2mru=
zpbWo17{VUz;U)YV`lW=3R`Ff7KjMH|Ivg|DvN%Sjp%X|U36snFTP`W)Cv{?%ItCEx
zA(19G+P@-gH1Nl64G5|l@*YKVBndYKFkJb;k$TUPodOuk{~%zV8UW>fz_cHUEGGXQ
zW_oi8WZWC0xfkJ$Ii=gJ@yp0vl~5IY=932I`S!-pL<`Y<+YzI@9tw=rKP%#0y*^^~
zLYRSxctbPmi)N41V3b|6YkoF8G5HTv=-%I2nf{qz_5W>x|6fi2$;|=vUnyS`kU{<L
zK&prY@!x?}<>`M0S`9vw|Ej#DIVIo?fT4x@*Ez3WX~dngl{B4#R6ZA+jx_c-wIo73
z7kb(ZHN@%R7qgQ0h&2RLEGZ9dg>Ps_C@npy(&xr})ZP)yUs{p5OK5d@Tala`9+&GJ
zp7$F7Km@W876n{4<Z9J+92r{R(>KnI{rlKP*`bq&ca1MFNeE2Sq9Ha2%oebqSE?Y@
zK~nXNTD<xUjx^f%<fV%BV}nGL==r|uM^$UA;<x3df{^p5G2Ur@7|ji^@K<SxIg}{3
z-J~$7z=<(LXk0{g-kJTKZ@VLCBD*$$=|gN-B(B>5c!Uk(aQTS)n94A&&^9^zK;-$B
z`zU&0bvLmwDJYQt1AA6ll@dUEP7O8wY8~bGVypABv;ff-Yk*F=BzmS2IhOW7D87oa
z$dTmwF%ghmPO%hG$mvPgt82(=(JF(JC_q)r>D)Pw&{ZEPNBOResl~1vn*nLrRhuCj
zJ(xSSJ(37M@S-kVla<Xno4s(}Q!XHHH-lRFDWta*rsK4<?kD?9u|1%{v$xfL1nC&v
z0*r-D-Ik)nzr#Y;TKtz#W<d%aRLe-2@3GhvS@#;2otZzB0Gy}3UyngMKA}Wo3&)zB
z*NcKp-YPRrQ*~rQw4H9mD*oDc_L4sx_Xp_A4B3XU)mA?ZtT(xjJA3W?(n8@>3_E`L
zN6xH|mnlY|w{x-L{w@KG=C)u83UrD$B~|gYG}!A#J(VDhJu>HLqbik_6{ZzoFQ<6h
zCbPpn@hNlbv^r%AY0J(FU0Gn1y*S>yo>(9eEU@!Kx=`C{^S9gjLO5_4j?k>EGzsZu
z-JGYiN2=WAfS2XOp|9WaooeW?TW`|Y0X^Z<z~8`4mO4l2Dun?^>uzDz)_q5u(F%2@
z*E)u`4R;BVE_VfyH)tAnVUZ+v7;S<s&v|QP8Y4>E=AufKbP=o4nf`pmKT=fP3`SU9
zwZ@2$2FU6UeUJeAv5`HU6$ipme`w4fg}1AnXqEq#rnV*4e>UfpJ6Lbx#p3bF<Pvu7
zHTC+d{yJ!HF3|_*oCw{%t|sEE`p9cvx|_&t1Tk{?({rtDZlA_KTEMN>F0|;`EkWq2
z&fRb@HY9x%yL0~GBzPo@x%V&s8Jw<=v|gX*@3N>v1yyBgg(pK*_oPkjkaL~K04xn}
z@#ncJyVEmJr)*dB!jGbANQqpWrlpw8KVV`oI5CW=I&cSoJ0p1ntrb=LdFzy`HY-08
zm6`YWwKTqY+T$*DPIu6LFZ4uE-XfuLdc3R*U4?>2A7{|bud>)!47cPitMeOgso?9Q
zO>)h)!4HvMP5M+=nb{%|ee#}8iKQ)9vsa1R+rVGKa68l3B`8Q*eo3b$r@wH85B5*?
zQYggVIy!TJ{}XdL)RFlwRAy(do0>BjhKSa!=&2%b;o-#z*7RuhaCqp9l%FoJS}D@P
z^REb@x*e>-#BhI%s_%)bR7MDA!sJ)1*-^#5q2?W6)TlA7nTBqJ>o-9yOA4Gs^Pa>Y
zbH+kq$JCWJL9wxXvtouC1rx*<^J2%v9q-h&gw$^aEb_$PNo2Ez#!T*0@~^aFh-Bw;
zI^d>7sVYQuTe?oMmLnfTOhEj>Vr4pu!_d2f^^j&2;*0ke#$u)5P5ZW(5e}a{Cf<gC
zkgb$W7%uCs4Ce8M8R#Yk_Tb%pq`;^>IK68pEI>zkSqN`ydX#e1wOE3^U830Q?^w<v
zJgN){kVMxQbDqHpK*b7ZQokI5UW`a6CU8p;*MA&D3*u!)G(>%OGkOHI%Yy1B_KO;C
zlO|Hfyhr1Z9K@(TAvh*2uuj`ttv->W_ltXGDr;FtfA#NQr?Hm14n#<p9aT}ms8K+x
zvOu4=L&OwME?Xv76n9xRTR$IbS+?7c7o^1kh8>%?FiD0EkA}?{?Vgn$uo^vAnO^gP
zIFUH6lgm(Z8y_cm8H-$)M$zuyh2Ml?fAUI$T=V7Kz{%X;(cJKr4iPhBTXd=C%({40
zK&@CV*cS2&hT5pedq9Q+C`N{TE%6376z5{*LoaK-`AUP=^_zsrS8~7paDKO(UZXME
zK(_>Ef%A6otuL7WC`<gHNF^Bbw{Kza|L3~eU`r2p^TF^!{p)DZpT~^QN*CcCrLc^t
zk6b63vXrR}&s5j?T?(yZHj6s>GIAE0b~pAVA=Z$-IFz)5Q;ToqH0Wa=g?Rq-@1ch^
zj}ttS9}CAr!A;<4;ik#g`#t}6`9}xc#Cq`+Q;x8AJi$RzgfN((jj2~M=*URt$4c0D
zQY}ZoLy^u1uB4_U7p9p&+@&ho16h3$WI4RT2qb0pKw8KwuoNB`l^#hK&FX=p(W7;_
zh$@Q1@cY4x1r!zJOBqHoyAL#+*>{6hVf9TN(x5L~Qyqh^Zk&&@!4)xxKE3UY#JMew
z%(`XQXlO)fuogu#*0}4A<<Y#<VeRIjN|OWN89PxCL49RjjWd_fTW9xa5hW6F1voU5
zUu9ldst}|uX|r12&dE~yL}A4@m!ZWmOtg5@(muE1^%PY9NeAgt(_tJ`qP6(DbQ&Hv
zzpCdZ?sTXQy<S>XY=bzZtQZA72clsOsLdJA&}Q_Axk~2Xp@#M+aC2pvr+DaTZ5si@
z>O-BGm2~T6hdWExoZS|qblW+p-al~6f|I3Ijn7xg@?pEM8Rs)f-K3K++Gf1%Tv{$W
zOEqU;t;3RgCLXH!bxKq0*8A7Y$}WjFF|G2x5)(6#Yiy!C`RlaxCRMyz&HECuDp#9Q
z#fZZEp^+-Jz7aXRErjZ0x%~D;aA5$@PV%pJR>)9qP)2lH4y8iDk0bl7SQ5B3^H=P&
zKR-gPO&3&EGNpkfZkFbKH;aUDR$~&F2`2oB>Ozm(vbVSx9#EOfvr?1TEjsl4oXwfa
zzF^D0g#4&h8=}-Ku&=)oi6}Mu9U~<~nPDi@o5WxZnh9lh&0s~?O~tfuydMp)jz~Fi
zZ28m4iK@pv*`2r9;q@dran*LMDRRh+5RW)^J$t3m$-%2uyd<&2S4YfF`}=mXcbwRl
z0RQgD`^wRUEjl@W;sJzxFZARcT2}QWlKO%zrQAJl*0n@nDaay!!43TaOR=-d?YG8O
zyPN@#hPO;qZ=C8<(@h^(!CL}2tWER?6m9^4BcF9fEAR_TR3uK<)@{s|^7z%TYiOmn
zEv)q!JueI@Pj5yrEtXO!J@@dwm*$Y4TNTbX3Bu4}44vd7ndDl`byfjU90EEf?YTL6
z7}s^Vd3r2xJr~bPJ@Es`wIxOyb2bNO%qa-_HxKkWaBIcj))T~+POtz<L+NHHg2pvw
z_<eYjf$T-5e#n2D8}Ms=huL?!X2&RfFr-nOdf8S|G*t~E1&RagdZ{6&qZ+z8In&f!
zkkn7R(J{ihAh%m7Db}1*Inm+lQllQ+sRALVFDi2h_=`%C&?OZ3_GYE4Ua0N0+Lj@r
z3gsx2QK<L)4N|yw0nC7~;zWW=6**+CR$7d}*hNXKB@CCLonFqqx!SvSdKG#of|y9E
zAOwfAp4xrq`0{zqE1_E#E9iAA*C1#fOID@2I6JhiZ0nsd2X<d4>H4uTs7IGE{^lj=
z6}KZZ%;`wzpW*4jM{E-|s)MGO5NP)`pSN9&teQjO8X{5B?lb^4Z#}Vzh91jcTj5D#
z%Gr#{arIa+u^s{-uV}t_2ye8w8?42cS$Z@DErtx6QvRT$8~X7fC;b?nW?YLd{alf9
zK9JrGY_`5XplSC(hb}@?_`KH}%A)(j0_F^a)g4+~9~%mW`7#24qB8orvtRUO`@W>z
zox7mL8T1X~T@Aqf!Aj?emli8-r$~LB&ir=;Oz{Hfd8kZtf;e1Cx4`v1$8P2@4e;E{
zdE)3k*#$Yh)Hy4#GgrL?>tErnogzIURHimGL2>>Wm{i>>3+7v8C(c%8{Vn$u9Aivt
z25Y@h)=;MI75-oOvq9QFgnh^49evZN5SSEn2y=-eatO$Ng`*jpKf@U~tbR>s_4>)7
zv1CtA7ev7J313Yc3T3&HH7@>_99$9yUEbm@f{X-GA#RTigP@VE#Dd{`f}-~o{kl>X
zG{;#Dw=*_WAWC{fWeWEaj`OMRjL6ezwYg87W*;p=+bN<(|0OQ^kpO>(0`<xw=SUtS
zxc&04eItN@MQ=x_di)n<r2U`z(6a8_gZN*ckr5#JKR#n4xP|h+KBK9OB(1K58?d3W
z4@bNY_znqvH;A$?LsqY0YCi^%7<k2dS{N|r75wq>OeBg@fU0C@dw|KzyssXuRSVTg
zXeu<Q6<MA~yLHaNh_dXNjeV%vt=2?y!`8ZFaYemEC)W5b&+zh{?DyOO_YYQ1=&}As
zO!;Y<<G3bH3gNkP%Bj*VH1U2<cK~4hmpcBmYfI0YqwipnuX!15f;%uKd7Mh+=J5vE
zwxp0@s6YobCI&Mq%uw!1y1aFCxN+yR;gXK}lwU#JCVh^+Ok-R#mtyHPicK+Y3HD7@
zE7j)mNl<|xE_zE>G;Z_;F=~r#-K}beQv^F=O}%pi%gy?g_u1VatiG)&1aPsEfj2zo
z1kKv&LkC23cdjeVtj&)O5)>w7kMsgO(l0Jit(|1_$=?#M3#LUD?LI|jT5n7uRCpV7
zFADG2*?cvBtzwQoI&jKqh;rOB+aVpugq@K8dhD0%L0UNj8?Iw9HRup7c}Clvwu==e
z@l|lcV;Hz|X#KN{|IQi}pssX>xSD&YZMP<5UU-c()&el&sr2om{|nbv`Gu8$5vU6n
zAhWc$e4Wn{`_QQ#WM<ibKk%<)g@OIn9#Ve*_U#+`zaZ=X^L<KMQyC3FYwur*h56;&
zOf`+pSgva8uvMnyB>tUL-l^!PlOq$nCP5`;Z6_nor1-|dj#5Q0FK7dYB+$DS<arst
zd?yCvhiWBqE2aPa8X!&dDH3>B1nTO6l!Z-nJo)-F$G6A#vhCs0-vh8g6J=nggDojR
zhjF9)4zwcF+6Oktdlmx}#@+CC*!?X9(FW7ts~5;X;kYWX%w!-swnBARe3fb5l4Pxh
zcpJ#q+IZoiB^C?OcpEE08jv5}sU@Wq;uLPGoAEdT7$OWS{$Ly;mhyPxh!f)0d+KDr
zrSgx%In(+dK5UxQHcB)jL=rS@pnvI<5Mq&RjPavjSo(yLs~Es6JCIaFXs%AoNl+o$
z{deq~4IzciFU#DMIXI)*H^~O4(=Ms~16j{j7xkXnF{k=drjeY4i*5JA5h5obIwzZY
zWIZ2wesbZ#A5C%x*JZrcd+sJyPwB6$wu-dX8Bf7;-N+p8k!Rer?QTUd9NY{`W|#Ai
zR<c7BtgAMyMo0kK*cd7CxEXwZ{J(5Whi6`uBUz(w!HJ9Avz~?C))?NDF*>V=?UKBU
zAT+n5xq81*Yqq&{Q#+D~z$$zVoqn!fibb6{1mTx}0){L54|%t^gXEg^++*usla&cO
z)f9p$C8Pd=(QaqOC6H|TZl&O|FexEJ3!?AmnovpnP8)#b+!7njS+#^~Qfjs_RTF7u
z?NAm2V@7ZMQBGQqRq-YDWXO~eM2Wnm*0v<{mXmQ-4L%led1p9AYs9<jx*!6-QRHZw
zX|u>acTW^$B}>i`%qa1r3snC3?2G!dTIqzi>O2bP9=Fc#i#uy_I4za&BUgx~u+O>F
z9q4+q?R)^E(cCt8J^|rLuc={SFr%2f?U*g^wLVQ}qGyNlOzbgGQnZ664jrJcI<9xA
zo7OOLyjiE?bxFsTgJZk2+JX7h65>dUYx64R@heKx+nre43T?A;y{-9amZD_vwX8R@
zO~L!ds-A&g{3cpjr9er=fk3GKU`eMXa6EU~%?Z$-Adj}DE6-86B!29z#x(?dIA`0L
z<{=1?|I25_|1Pm2euz}U27V{EQfwQF!j?<)b5W*bsrB0$W?tA0w&X0QhKU%(t+2i!
z13kEXU9<)Zqt7z!k?^xx%ox(|t=oxe7?ID35u;a@@KPwp_g=}r)+tfXp=B&`8{F!B
z>z)9D{;f(~>9%P!R6>T0VowXG3@ChtGtKTAuByX21nqS+oLeJJBVAEeO`#+h^SFl%
z;_4zjv6!_7UsYUrp)ZOhrSe+Y-=)vEZGPePL(ea;t%I#$mlu@t_ZTbnIID0p^_z1E
z!+*F2%IG^58{>awM|jT`4TX6RMCjrC(hvtcE}Vc}GU15Yn#8Pq%~HTsady!+@zb@x
zUVjd}7#qkrTO5eO6T)l<%45`+)nctOY^Z#~sNRy<yT!pjS<sL3(bxJBj#Zou5#<lr
z;0}`;kKy<tDfkk-+#>gndId@?HQd2u-l6oHq4!&@z80>6V9F0=)*^mvum)S>2b)Ri
z+%W_|C|oLijPH)$Tnc?mX5OxMt3Mp5srCCJQWOiq37i?Dejxk@WRuF!lRy3iX9IBm
zH^@lRf~(;H|4J|1;N6`f0fC(*{zn9OPk5>JouxWcG<|(0tkPfL%}{Ts7oPsz0*wVs
z94+Cy*|=SI!wwYVs7mo2x#?@7>KJ{bcPOtoy==yni<M$~9Lr@pS8E$~bL$VmLZ?DE
zd|Nj^1P#F!;tcTl7fFD@gb4>wSU^rmH^D?O#A;qZk-6+xV=Rt^ubc$aAFcR_yV6T(
ztzJf;2EH-~3(JPH9be<F8q!3Ajk!;;l9vJKK|fdHYcvLhg@=_!&s^PEdYFLA40L6R
z<bmS~o_pqhhkXL&%=ng@?qGgdnu#N#ALc*-=i&C+b+5v&HojQJRJ6~$jL2zABJjwJ
zHWC562Kjl|*QI;~Hj)BfK=g-xBUeH0S$M!`sskIxiJ#N~yD#gem(xe2-<D#)FnxFX
zKyrKdMFq>t3lYh2jF5vtIm`K(wz4jd%tO2Dhg`>56V9;cJwPvt-*0)coTJ}CVDr28
z85_m+mSX3T+B9ZtJ(coS>VR?ky74(x2s6M?WnYib^8TM~MR@mo2#;)mqA0z_o1BSI
zFj|^5U{j>J<yIV4&V<24obPjzB`GxPuJ2k<*l1E4|CgQJUn1*SO<}pp^>nd=(Zsd1
z3{w%pKKeflPyXR6v6#5EqD1EGCRQ=U&%ERn8)XRD#BGK<GR4sM6M=|)w3yl4%?F$t
z@Qpko1<-~NbjsOQk!LZSvzQn$`s5B0@_Hl~y9y5lBWGZu)0!48RCu{uS@<|CI@+|O
zq8}6L47y9pqBvb`oyj<de>&!z#5B@}J#a{SlwVD>z-geFQan8P9T1!<t><F|=TMXQ
z(En8PPG7&gkWLmjfcgL*B>qjX9{@1WJ}!`fC8ZoEjIuaZn#TxKAy|Vy+kQkcbMt<d
zKU4mN7X0hsey9Lp%5&Irrna`uR(-d*-12ElM+ZA&-O3Y=NXy0hEl<^AZXO{juDL=#
z8A(<5(Q!SK@ExV<H;#DtG*y?Hi>uc~9*2ebq4wfT09FqQ2hWCA#t*zS6LCP2$*yp4
zfB*x@>TkS@suPC?r%|f9D!t_sg>s!OsjK*GX6uSt);&)w=)aU+_nRd9<<m5YK+2;E
z*9&nTa@jjak|Z?ZwreX@pWk5QCSq%fC@)-s;36PZ(=n;RIvl&}vSViAGC^?@ZQYNF
zAd<oWe6lG3;Q?B)j;9sgRzIL>;cpe=@Ik5-<;VuN_Gf(nT8h+)ptR9G1$9uZIm47q
zO(p%JrW_4%?OLgRC$rv;jQ((vYJe3UT%R-CmIi}D<vM|{w))`{dSOcBl<Q;VJ(OKd
zD)q5z>=ycCz-{peI+Ne8p=Tv|+cz%!^|)Ni<iT3Ml13{g=dvkseG&i#na!U$7+a(w
zBN8*R@4x5?uXghX3+*8v`>^z{@;DZe3b(Z?<>cxD{~UD)y=bRxsqrVLCIyKJXXI3H
zuEqW)YW4Vw!1)m?{V^Bu2L=aZVyFuM;eLVrwFu?F9FtPNWgfdFuJZkH_!`c+U7;^n
z3K{&9|3hv|uE@WdqCj8O76xxcHf%*Qt13rP`dXbKNR&QE*6ES$s(ikxpr6XZs7lIJ
zGLxkcsHImJe}%#f`vvtMuyI&^9@hN>+wT7#*Z`c&7LH~f9vNCY|Jl_379^)qLB`Rw
zX2=^Q%Zt+%naCCmEv3Wb|4jZKnBJauoXQxEH0zvwm}f!q*yiFrets60w1x*+Q7|N9
z^8xdrk$)#9<Rd`}H<U8F-LS`Z>N6+wvYog0H@FYxCyaw}D@dQ{m+MX#0sNod%AqK)
zGXPKt3IZM)Yg--l&U7Nq-%#T=h0tZ%S$BwtPr9!&4h`z1*YT+-R1GeX?p3lmu$r{o
z)Nm*~R1WF|OOY;H8})_sV917e2F?De)y(S=T^V?Irz=>~04I<_gcBCt{hDc45#e-J
z>pjhi6cD|SqIm{o19xrfttSgVf{F3=1Sp-LYPF0+yP421a@>$!Yu(_ax->JYAG^=C
zI+jWtniF+pYp-^)H&Zx!%Qth0@JeYJ@!;`yk@hpM#qGA9cKz_zKXX`&CsPzinKqaa
z$A$f1xd>I3=Fm9kEZ~?)$M6neV|M@71f(ny%%6C4ciK$6ep&@wr7#M6n(sy-0}K!M
zYdV?T0vi3qL6X``;m%bdlQAhjOZ9F|7o%Ww$txLs#8sm>@Y+yQ>8lvErjJ|eh{dOy
z=ouZ&iv%a9{d1I{3|E8=auNmJGO$u84Ba37*@qQ3?b?`%e=QYdPD(1ckq{rIToPkM
z>)@vnp9wRDX?Pd<@cfh~_S$J&18^Cr)a2ITqmgJQljqm`gW6<PJ+n67Hxk5JbpJjh
zns;89sQAdPR3=CXUJbBmJTgMQO`mib=xIS3WDZ^TVtdXyyz&`<xj%IwZsM4{sqjED
zsO8cTJArC-GP5z?lyETm5&5=_k>N1$0unXQqMXisG2U7)w80EyCZ$LX(21C<>ZC2I
zFw@vDo1Ws;nW7tTn_W?F*0l$}N9Tg6HmQ$fZ|G%4$Xd{TI?ObA(|59v$PT3Iso~=T
z$Ewc0Vul?5lBnL;1Rrig<E`fD9C!jzfCfj?dNZ5oy-g;zO<hAw&=N@a<4D$wgY^aI
z_h$aVtA5<;gZp=u6#EZ=e<{wA9D?dwQfWcbbC7fJo9Nvu*wN|9TFf^?*!$W78Jwiu
zdLvbxGn>xfP{tVMYX`EL5)v|C?0mKX53>gglYy@#pW$Qm@FDz*5G;vr<pD{6Z&<G1
zKmblfaNWWU!^46>tLGDkckFRPcl*IF=_?moS6;zX3z97lz(5j!9vunG>v#TY(TagC
zPMtA1;{i|QkG+Wby~eN(@c;qdE0-fZwU~7QUjzK^DEmL#BKz|}axL%n(ObwLEVrH3
zvc*#69FBXJ%(`Ep<?3oJo`=~5LiB<@XC3NR1g8T-nfY&fRgLz1yIT?VyB{~&wr#{W
zYk(A*`R$cU<f|aSOVZLGbCI+gtQM0a)q<n0ER<p1+Mi0T_m9}Um|_?^k@6#F#XV<5
zXphUZk+z5>m?MY@AcXED7CU&8WzPOGUSoCe20LiL0^?UPpZl^P*8(_{ZHn|6n9>5e
zP*Kz)pVA`7(iwyNk_Y-DMP2$z8iI~x!Xdr26%zZ}$u>C2|14ik6>)~{{}|=>e=&-r
zff7*H4Hu{}_RJf6GP8Zet)w7Fhrafmw9FGsa*&i3GaQ~tR<E`)yS*r(RZdC$=h^aU
zKj;fn6BVagMN>7m7`7Ap#c1^N9Amvf*e9rdz~j14Phb7<Q{?Zxne}xJ2ZzlZ_vy^h
z`5wtO+_$lNkEl-LOONQXLkebL@9)&YO>qE~uCI6m@mG;MC>)btV*o<)gjf2o$iUe#
z9>c)tF(1Rg`7sp3kBKoA!;h@EA6>5zaVA}_32}Q}uVL_z%#b(}5i_C@xe(ALvx(l3
zXWlcegF}Z5L`0ev<%!DmEx4~;L@ievBVZJZV-sE8m&f1DA1LM%`-oV7eeg~s1`z^S
z*FIby=!3j2WqQWHyb1TeHN3{c6IOyqq5Y#dc(V;8JOwvGB;2xzP~1f6kWZ5WiDX#O
zp!gF#P06q~n>N6Jt~O+umWQ;2PCzz8lBwh-eqw8!qzm4;5Re-<PSnNODqECJ_QakH
zuPeIp$)PNB;-NWw8lM(W9Y%TNToLfPxSd-BQiS1cj3)zbxMf0QvIkf{_;e*=8O|@d
zF|PxE^CnePt+@3kB6u2Bg2;)IEOfDOfES&*K#WV@VhH`l__(yoPDx;zAJY#AWuQHg
zLudW!;{203(S>L2skJCj!_&~3v&(j&Ddpm4B3XT&r=S*)m4|{~+RO3e1mI4j<Jy-B
zXS?Wz1;{T4ozEl=ocl&5+T0`mtq1AFySFEvp83`%o}T;m6S24sUg=JcsWXGeglZ2Y
zUy$Oo?n?0+&nW5Npx5iTi(MF2gRI6s7>`%^jpyPFi$EFt#$}*?FC*U_ygpzY4!yj4
z|NT8ecuQNqdIwG9;yFkG@Wt?{TXyS{I-BKp-amI<ywmn@7VlO9ZguTu$JF^oCHmY0
zMZ9{a6Z1TKx4;4#XA)m{_mO&afU|}!i+93AH#Xqyzc;Lb*$}%xZ=w#j&+myS)~bC*
zz$nk{B9JnX&-p9syriVy@Po*dVc<+i5(s0>oydE;4wQ!cnh6DPO#VzyRJnMKPn`e#
znx8m-@d~c-x0o-4?~+QO{}MI2;q0|KvEjT^2Dt9ET>~OO4Aua4cm@hI>EYica=rKP
z_uJeZoACEHfMEE)41g#ct|Y;wARzJwqzG5$(wLFrxeb4CJ?QUdO8%_rM`|2RC+RD|
z^J6N}L}1i45(QxM>KX|s0d?>PpMHnGYyiFRfBgg{@qbAM$N5wp0K7i*fF_=n17QPv
zqh*SRH@&kWo^aim-I7M~M)W-^gyylWY9T1D)7PY~k<3KhGo_15lTz478JpdgVu+c1
z-IrAgS<D_@n+jQeC*D>r*8;LxL7wMpRwhQz9{a+ZCV(smL`d`+!pdne!vIgdY#YMj
z=`bSqO2YDKiB94|x`$)f9>)C?3NO9NX>ud%i)P8J5>Gz;EDPTh2`@hFtSC1RLWSP=
zsD$-nNF!qBEaNEM5QnaxpS8&tUA*F1X`XyJ>w@Z8GUx8G%oV?zHM5pI`HZq;3<9#n
z)YCb<^Z?dDBo<jM*#Qn$?(IgI8XDTXqsQ)v61ABgU8ibB#142X_IycIc+OcF-h3wC
zt5Kwi!3|qf?wDROIA24(s4^B^Np*Qr{^W|A{l>5Ycbta!!uo3bKC_7s#)Xi8GQ42_
zxjO3=?k@O*dqu_d<;p1zL0*(=6^wtyZEdWF{s@p!AWw-*otoOrkj6pkV0l`VlsLc!
zE4*$@<Yt52+{8q#bJRnJWwuLvg|f`~p%4@jdBPfGL5gltONmOKa}xJwDpYA!?N`Fy
zx-5uI61EQm)+4v1s!wS4JaBgL4;5M%7@V%t;5urxfjN6M$Bd<FB$$PN)t=$^mz0fi
zXEgw^9A^%u4d*st40pJF=8B{a{8^6(jJ(89C4g$)^zaWpzM|m+2fA_LpH0H+m4Cb4
z>^vjLLta9niY^B%uBVps$NO}Um`MSdhKH|}FCPdff)h@lE^-R_c~Y^q(LAGaf3fbh
zr1zD1l-?(2en7<#IAm)n$Jt7G_(EVWo(}*`C7b0dn}p5{oupHt0hBy=QJv__w$ZN<
z8Ie|Ai@##-*wE6}WIuZN2!BwN><+jqdMT{T7timR0A&~p<?W5}tEr%Vvk9O+>TvRC
zzmGfwts+4-5uw3C7pKLfb4pCBBbtqhgC(9bID9BAiqgtD9IvmuJ7hBH;lr~uJp$-;
zdrFxvYmA!(btT?WSZIQ?8I#`x`CF(l5&t+8m!lt_B*~UY*Z+34l^VtGEM3H@tKx}F
zyPEuEzqH=#DNs78Wkia5Ro=sBru+02N!@<y8AuPZW9;oTQ<?e8kw@f4y6h4=?;-o^
zX(<OS$KDA7PEJ%UxFb@Synx2z)gEB~kutHMRw50Dn=2w9Hu<62^>5#*x6*8fEP48}
z{TVr~6PY{0^;H5<i(Ri=66e>b(MxaaF$Lvbq`{mD<g?14ta?<OGmy?yY~RP6pBPj2
z3l&^sR&k%Ay0@%&oU~8%MdvD#31>8Rjm;Z_uIP-2GZ=GHUYx2E=<L+^SO(Btqvz!x
zI=h8wY>$lf9a2|pP!W5_%HSTWMG8?9`^3_8p6#16jW}EOdYShbt?^nh70C}6(wpvw
zQ2oa2h)XCXGkW7{^E+49E?~spCnG?X$;;~{uBc5bEgH6koEY)C@t*j@&*pVz3nq%M
zBQ1@_>~t$d{ssGRjalKV>Im3F35eIYl!Xvpp(B=uAils981t?$q;@7H_#xn;{I>n3
zyh%y`b(GEx`7uNrkYpDb<umnDFy&eGES>DGTjLU2r8zur;^;(6xoKLXfSqx2ALabA
znq28CH?^xpo`FUYWi8pKipob<j&)aJg)Z;d-5lG`R)urn>?Ik7%NNiZ`f=_y7L`!^
zYDzV)5ZneZoUKU3$U{ed*H`!4q0^aMzP$IW_{b9+K{tN6UZR_~eER4SWbksDh9lyL
z8xCplTlC1kH}oT}5-ehcMmtSEokqyN7xzmsGQLdDn!v!jQ?KY%toNRpKE_h^qk2$B
z|8aFsf8G0wu057}yb~ZTN}?UNvOMSUnBKg(T!GaRIdFo>wrFi9lln*A`Smnq50R^U
z&a@z860iMk-*UhUp89=D;Kd-yy7_O&+~-<T&RN!aEE2dh)@KrcGh9*l=&j~d^b3|n
z&g!eTx;YlFFz4ZPzOK}zPZ-}R)>lDZ7OYSC4Tas%kBGxxGzP%t(zIyeIAiEYM0&(C
z;k76|TqrtvK}I0Yy9D)MEpYtgjwEGJz~n})BGFeyr=jRXUP7^aJ;U{D@oNH+3O^IZ
zUakP~ovk(2w?i9!jAtsZTNy_u?5|t5m%9+%X8gHj9Z%f)hWAK+w=@Y`HMyqdZ;C?R
zV`x8woI68nIW@rVV8WJ<ukvC#q>$rqPX?700eok(SVe06%W0B>^o|&uv*fcCgVQ8!
z{9*Z~3RuuC^CZc0!fQ#Path21*~az)Yqn)ZKL;kGIb?++R>OiGKb5Wgjs<L*<S87a
z5GEH^z{&diNU%yt!<dHBhpc-HDxIudJf_CVR)#i(D<S|tuS;Tg6RU_DRc`Z2<UC$X
zgrUpAOv)~$>tAJ|;7ktPKq!=pxk`7F`2vfpc9FD13aA4@1}J_$9VHQ~$zIu}XOW&O
zlArE40J`o&Tv-H`)xI)9&i<O?DR<?ZGc@FDar-!LiwYifCe_@h&*dBQPhV6ac$v8u
zMPb%=r2yobb@2`H&HLBFht0^NH%=7Uc$&EdJb<j+GIFH47bbd&>7$?MdGIb(aT!Nt
ztlU-N;JulGe??+iRDPFMEnO~U&;uc4Z4`Ny&dCXrGz8~kf4Ertk5%c3F4B_s*KoK_
zF)?NgYX(lS)6#Q8F8C>ud%2Z;!@yIZXU#!PaR#hV9%s$}2p(yabGWhK*`P>N<F6<-
z_owTMcpp;$NB&J6Etg@1hehov@8py%E+HJd`!m@oL=KK9u;`?crZru#GHgR<M0*-P
zFmHQmx|f1<3(-{Q%as??T1B8Z4GMVd1Rt;1&wQkZ7QGe#UK?N>=YV}&*!aT|>+WyH
zkTT$|+&9iL8$SUU<2uEiX@+K(18lWaiM22~LrJ?KN6O)tmiSRZ;mE;sq-)W<!`#7l
z3~@ON-;Hr*iy}q;MO{8&m?14ZG5ypUP0H1Pz{A7cwg8Q?s{+e0IZW}?Z}lblT_KTQ
zR>qP8uk`qcPvT^3YC@M!yLcZ-fg%5%>=_`9(M{nP55&;Jwq>Vnai{d)PRc1qz_mb1
zpv>pJIr$!z?+#P*^132LhtQ7wxqMK%qM_6%R)VFplzHa+JIndo8-)CFbeWj-`Cu!p
z0v$=hKXHL`puw;?S|z4vu%;^N{S|x4-dPeYhohSBOy2;+#lM5H7h(#2&g5dmTmrCw
zr7givE9_Qx6=f>dR|3}wk<`BAfTj`>aW;H4T5)AAV}UfNRTcrX)Gi>oZuJqe%y?$v
zjAPj+0WPGXXp!lZW7jF8d$Wo_Nn!h}B)(%1d#-c~G*E*IK4$u))K-0SF&&26SI9F`
zFC8(-H~XpZSF(t?s*~kRA)S&E5`YtAXtJ>`OU!YJSEv~)H#RmlGTGqCFXzi3#J|JA
zN?F5Z3dt#z`AgX>EziZydiYsa<5g9mZ8%UqCle;ygF>At6_=-xbLfDddeKG642sZ=
z{ZNNeaXkIn@o?b~6N<~q*p^=xy0OD9W=$h)dvcmEr1KfX*~GuRp{nll1AwZ^KYtUq
zz&!EfZyOp7ynNy(B)({%U%AXd*OSg8&p1LrAAYE~4)gvsebhD7OMY1DmE*SjLwU|{
zS7mgq*NAGzYIBq@KR?HiMr2wx#d-<uOIa=A;GGUWrC>E;x9{)3a?gYb5uD`b2t^Fu
zj0BaJZgA@^&QmLDUf$UTEFe6W!ZN)4^N$0K|A(jY>qyL9LceK?S-GSIP7l&6|Exe6
zpFYXqQBC%6jKyD12dqn2*>w#G^Jy7XTa4<&Kj2~-a5I(>8g{Yd?~JBE4F&R_ts9^k
zidxwfLCh#@Oy5-MWY+SCs;>y5!LMrh1vR(82Xiy!+wU~{Ls3iqC4i;+EW$lIGmmKV
zALDSk8vy$j5%e~7R(F>I^u`%X8<}>i6FOrRK_xR%Yrf0o5jvk~8o4I&FVi}#pMFB#
zZ|NGsvpDkexIl(3`+HQnmsQSg{#1WH)9ry*2MxCk;~!-Ud${??A=Fi6a(_yVOTDh=
zImWM1NJcl^H&lq(vjK?Eh+=8NxRLBj{O^L8mg7m8oKyA%+Ck-+nE?syG|mRZOSglR
zvByiEeiIx%%MuqFh9(4+Oyn`xcYVzo!ZbMQjhX(y$wZBZ6&|-8fhVmY3nO`TQY!8^
zrq*b@q$`{~-mxu0aAZ8AqY{qR_M$S@2ohn6r-#uSo+sb<EI=`Ki5`R_heS%HSXh~&
zV0OZiZn}U!{=v23)c*o(K$E{@R@5fF@bgaj0$(7$=#(#UT-49Zb}jQ=<ulLKslG^{
zhUO^o)v}=-0EZ4e7M?|fQ{2y2iudv5;=AHKI&@4Pg#Ct(<QVg1&f@IWR+yDzM~$bI
zlxGZIuMQdW7nss75^9WpN4pkxtqjPxvoJgOu9w$)h1bh9U`6~uL(!t)Za8W4R9pMB
z(PF*^(oR8<#H;c(Q|3((4{L!*_a06f^2`W7;q%R<obq+<%=P$8uiq5+`Vo@#9`QO+
z?C5gE<6z%pEaA1wy-xXte3MLlKP;l=E%~-xzT=edaxR|J_43qzDc@r$Y6c<vAV(gB
z(9ByM)4iBaPn|&K%Ttde$U;hmm^f;2;lvZ2@?Y|OTErMkJeuT`A$h!0e!yq{aFZq6
z*C|;h$L#mjauQ^&Ny;?4xn@}l#g2nLEBq9W)-{t;@o=WZhnJyaDXe2rW*WfwW$M5A
z>hME0$eaa<__N-BG6TDZ31-{d%c<BwT~egDZ5n1*{ihnHIHn}enzXGkyhu(bZ8kup
zuzx;XpLDufWQ@;BYU>zQv-{;f&JH6DjBKDXmgmqvU86^rHxDb7P4mh@>e$uyce)q;
zNPf(o;u9`DWlKn*n@RkPMUd6$TD+5H&Z$0yjxsW;27j=BE^0nAl~Gy|X|9exj`q$k
zD@*&<qLTtd{AK*&l>RA+CQ|vvi;^A<Ra(>a%1=94b`r)n;6xEc4#soc&~&d^vpb{H
z1R4DLx6s$n>^C+sl^}_CJ4)@1H*4#$&_O}>H2+dxa|1i5{M6U0u5Zycaual73n=^(
zDpKD^Ci1L*X?T|Cb#;B1GTs$KLI3<fqkk4Zv)V|ReGQQ=Z+WJ)Ch|jI1}S^Eg>8%M
z$w<BCEM@HUqUzK6&YhMxI{qM^Nz5oC2jC0V5a)`!-)5T8{KJ6!#Z#I39(DepKTN)Q
zE+sui4l^OY%Q)k$#CjjuZ&GU*bx-WV?D(d;XXmhg1HXqPwmR`IY_6NZv`Vk|4pZac
zPA`;cUMHKQfrgUO5JgKyz{u02gOd!SA>-ADWjJE-{@W*0iUd{>TXWNpAz=IgsW{Nf
zdhh*&TS*)CA5i1>!)EdtLO!ySzUc{BTxvXiM?<CczOc1XMH?+8V8kD#d8P-WETdUz
zR^5MpQJU{he>A`g4(jf=3JIOaP5Oc<4RxFq)sxdbtlPaGU@~R`|BisNhOVlg;FHOR
z>^fu1)^Pr*MqK9I{I0^0%vUXAPWStf1DS6(zc*Qwe}Hul`1_GAJ4}7XGgzM)s0-4L
z=bFJzh7nlIHGf4zVg1~&e`#PPaUw+SHT9x@y>IF-B0Ak%6SX;Y@ypzV{D$Or`{RS8
zSaM0lx`G89{O7-G;2%TKSaP#QIu~K3J)WUC1f6FF9OZrrwQKoeB>|#MQ}z+1HHLSq
z&Ru_nKq8J#3mG;;-oVN+$s447kz(RU{Dq&*IE?#tO9qbQ6GPWyIN@X*$+remO=nVn
zU`QGs@Hf<^{{=_-pJ5ok4TvlXa7dB%=P1XU^pyJ}5mG1mNZ$Grce~zl5l5`(kOWdg
z9wq9JM^63oyZ(a2y6885%aUzSlDOqGSFNOOL)-eN)gH5VVmeDpjAXyT_jaA7q8XQ*
z3Dx=&@8qO8jHfS-!sC~I$*X53zCN^nBKaEy<CKkdPSN|s<+%SZ-E=~pYW^gOUG3EP
z+0zA+s9r%drW_)jqPV~0XH#>X7D^^)QW;`J&PxzS2YfI|TW%UK|5k{<8i>8x(uU>;
z>5e-;{qBsQl5nknFF)<?w$j>}ow&l;F?lG;iv8op@{htOh;sUkA8^FOR7G`vqj6%*
z4p9VI>N9?d$U--5JHTvBFyA=NlRXpTKNXy5q-ti{bbh_k;q&PkV9Y-GY5B!;bMj$0
zl?qC__!p3!)}9`0Zse%I)Z4tY9kiPudHv~>&loNsGr1eGIW0noQZ&8C>J*S9jJ!v^
zFH%k}-kLCC^48okx6BPs*v~$H(>TDg<J0{PEZYc8Qxx@}6lL%Hn@@N8u)}ZxeY%N_
zSa124W($H5I;;G(Y%4HWTrbuDfCqqoKt(O!-%uI#I<elUZx$Pj`WCCcRorIOw~LKN
z-D<(_FlxcS-!kgE#3loNw>9rQR(-EE|7NkpsP8lIf$wLGdaGzN>X=o3w_Ei#tA4<$
z9~9e-`XQ^{VbwdWdY5?Es2{QDd(>M0G4Z%jKVj7!M(w25Zt*11{S<xO4+`v5*Nlt-
zY7GzR<#KW>%+?0fk5eP_RG!jKj)Ba{*#>HymZ#;Mc^hQrX*~thj?=b-R+Xo<gUxFz
z9N@Oaz`hOi7-Y<E1>LKEwSqiXiUH=l8~)f_xEaVlz-*WU4qE(aT67#_QF$U{z)6q|
zOQ_ceL!lZ*LJb@WewYkP3BR631mIXW1?Cf;4;p9#&xmIMc>~(@M7|3^?k#AC%mUR0
z&H~v6Sp~$qY;N`7B8NYFa^d14my2H9k;kpxJnSHD_2I(JMPDv|`W1|9gZ>5m+h9OJ
zQ5y^_DB22xc=B!Fc^C$_!H|OOaBx*S40R2Q!65}(p+8lw;bwb44Dw?zq8&tm+5rVs
zayyKyA}R|j+n^``DrQg#fkq`jqZu@YK!+wkV;OW9fyU9q1GmEX4j68=ToYn&_!{W5
z9lS)zM6Y7FTgBjih&C7>#}*Ug*pp%~d7UUs{T!#PFPTTfq*p6&YcV*|YqP+4N|6#A
z<+T^M?F`plQ?|iWZ^m{gt#aGiVVc+B&Tu<oFx{I;L$cNo<Klcdnt0*PjKK_(6Rw%t
zpv>!ZJGa9zRc^f<X2oE(H_M&%0F(>ZxdSS^+59nwT<6VyFtHQfTyKxAvmeW|_ejj{
z&X(>Tm95ajn(twl=goFiZiD&W9_}7O#9)EDhijob)3qoD$GNj(P_+$?_vW}sy%&3X
zx_eSD_r&0Y0(Z|CoXEOi@Zh8lIK`x06<84FgyvQTfts}uTY=k_*a;~Sf0<hu*a>qk
z@p3Elm2NwKQQI><h{$Edb1m5hC%1u*F!+COrn|Zo++O9XF=RtK-3|_8uG(F3bU&f;
ze<rwSJ1iys)FsB%cRwyb_yKF&sIKEq>3-ZY!e3^MJGAS#hVI8T5`LpKZd})K!TrZ=
z0S%wTckz92;E%Gmbb~{d$O?HZ)phcGc@fp?<xcs3NZhN4^T|g5gvhZKk!L9;&oY`k
z%VE%m{LKIu4?|!A42OwO2uD!QB!V7GUzKna`IqUi2#$f{$m3MeR}+<|lFtc~KZ?RK
zSP9Lr3T}Wi;T~86kHEX|su&6%i)I00xyTSJM4o67#bT8>LYyvUiNA?TafYZ7XNqOw
zED;ueXA|TcalSZLTqe$=W934zNnAv3{bKQyxJ0}vE)^eA&*x$_N^u1`#Z}lxT#JLm
zKkyK79gY*%<3zCrr;4>$A#TJ);uiFYTd`i;hRx!3JWp)IYeXxq7kA*j;!b=}+=Wky
zE%=gn4&N0o;``zy{8+q<Ux-)mN3mCectiGo7H><pct;Kr@5*7~Jy{|?loP~0Ss^}=
z$BIwoBJr6#QG71z#8<LOd@aux-^q)__wsV_gS=M!DA$W$<sITTxf4M?f<o>_l+U4*
zucIcOBPl5I`7D>`#S7+vqizKWHuBf~Ob2UtXv3gFYd~!&a5b^Nbe(FHVM7y4Q;(#7
zIM^r^Wbw1jfz2H-$if<FA~DcHA-(F{XL;q>`;A!6Gp~rx9A9=N0Y;iYgP4}8k?pXm
zyf6l*Jq)K;up)ODPPuOf9U-p25mFIbMhwn~!I`bJL$cxyI&55jx4L|0SCNdtSw*h1
zV{lH9>s;4)F*v`-b%E=`7+h3DUijjF0@o!xAO@EfxGrOEP;+&gF<-ykbjZ0bCtxdN
z6u7Q1@vdA$2cBYfx~?*~ceM$>hFq5GTC@ERbF0^_h5RDd^)XmO9!%?ies0aRHU>AW
zAz$RWkp~kRO?6!>3@%Tw;wEAP?R#B<8+5`GVvjX+yt>vKOS15`Fohl9F_*f3c`aGG
zYlG37isQN^MYgwgk?o&~>9+q#Ot)7svo{*dZnc<whsEqWnc4p=aNT7xXcPUvJITm<
z42thH`!+Kpx0vnwx-jzoG>qKZ9V6RJM#efZGL<`kuvOefU<WS7FYv2`Yg<YV2{4OX
zVm9^VKrieCd3X@?!#*$=`@(R4><6XTAIfn61aJ_XiG$%L90FVM5ZHmk;Rzf8&*DgU
z1q<N~EP{`*7{0_3_zp+GA2?PhJWM#q(YSED=!+A?AoPl1<a9>hBvFEs#dthQOvWi<
z29}C)JX*}h8KMejiX}Kp_;I#ahUMZ^a!$=SN1Tas#RYgQIj?!-tSZTWNi8Dhbewn;
ztHcwySUig-kTW__?8TGB8@NP#M$YUjtQJ3DjrbL7#c#L_B{tw8*of0GNSp{`Ek+2k
z98bj+^lv4ei7j{muEI<4bi4}xhW{YQP55`b1<%4e@Ep7c&&92H9zKZY<4(eS5--FT
z@gjT=FUEa%3GsF{eubBR%S^mNX5*Ez7hWa%;?>0M7sX3vfSK_nXdEHi?kR{tyF9`)
zb$5Yl8_UZwb&3Sl5v@>eYQ+O<*cCiz_502KRwywIgSxg`U4eKPxrc`=n9qcn@vC87
z2U(W12D12AbnP&XQv<fM!-DN%SdMK{|8;OO&oU$i4?hf#&>Y);;n6C#Ew-t4c&s9!
zg^!c^k;Ub^p6J&4Oa;y^>fcj-QXhj3a;C=Q@%dt~+gzlTY%MYIlcst<l~8Zq##)M+
z<0Q{w>&h`VM~>|2xFdVUV1Y^fv&O80ljJ@}(~;plpK3Iw1EMhQg#y=$7O^pS$*bJz
z0eD%Y$b*)7#TYYxy08N>3U{hojQE+bUu}hKiaK1cS#~H4p6#h}z1|LccexgMDb0DK
zs!)z;hc~@8x6Sod4BqDKM)%sx_01K?;NM{q=s-KD74A%gjeSgoq3(B+-4~nP?-|4X
zm4t`4!}}EXSbOeHC?8Z5xc+VWp$`jO`?$3gK3W4KTpt^M5vY-Iv>AHSXE!tUlQvEd
z_87tX-d)C81+Gtd!+2MDf$K9K5a;vfru6<V!DrVO6(*;?WWLgx|B1m@Cgf}89XZ8s
zQg|o4s-K~$-&VQ4YlrW5rPu(qa@J4^)=9=)Rq6**rOZ%&e1fhYO(yh91pA4epUj@V
z$sXf~%t>s2|G#a96ihw&IYm!6*fbP{l0M2BSkz=ozgYG~%MVB_@~gRsJ9UwSYW-&H
z|8a5<zpsTI=Inp)iIB=I0mc#qxk99>n!tp4^8D?B^Dl#PQm=X3a(!YXc$v9Ec~vV+
zW>~J!;y@b%N0>l+9H=v}mofUk229Tt86-bSSYpC|v6gW&<GRA4;>P#8I0$C~opGoZ
z6Iq4~X#*XU{~G(qj_;#K%05_#jelLrA}1kbLoB(Xr!kqizAI(@T$3=v&^tt5>)c%<
za&kqla!WdeouUJhPijZ5$V&(8oep?VI$$3Qc%O)elDVR<X(bGgiGC(u`d8$N0c;~w
zZG?V*MTMsDi(+CR4b2sU2(y*aPU`n;gyGx8;Hsi_F@*KRKotk`euo;k!wlR)#yw;s
z4Bak<Gj4tocLd`W7`P*uf?QE(#1D%s_1+Ab5ElK!KyV1ZI8{Wceo?$G-lX~`%%a%A
zL8-+nxCi#&&oWo`rZnnl`L3iiOXaI6Y8rii?@%A8ec;eg%g~%u&)2Foe>@hUk!@72
z1%)?)4c9>y-VC|80S4kNa4_BqMR+?LiW^}Hw!%!j6DshZa01>9)p!py;uZ+wRyYUS
z;4+NCb=VFY@Ikl@x5FLy5X5i?bl^_-9(M^19})fVaWN2|5Qk%jI0ko%Ih5Ee#HT2K
z?s$gcj^`=nctJ$*MR7SLJ6GXrw6nbwbG%6j(tDHy{Y%`BABY|JZ_$AtQX=$`c%2fV
zH}Mnk0e&j>;b#<kd@jDjFNrf>p~A0;Ki^;uev2;r4)gE_9E3mOF#HLN@V_`2f2Mfk
z7o3g1;zIllPr%=?RtmgCB1I4quaydaZ;&>;McQ$r)Nzx{z%9~&+bGJ|DYNiN*#n=G
zIrs`i8+&9Pz9V~6V%wLbFhEK<P&(xxl81*<-NE!VgvvwcU%nh63uKWjl;h<%IhD#X
zIYAyLy)q~#$!0lOUM`Q6cgiWUoqBi3qvhjrCP{R*d_|U%Tr1@Ja*q5$&XeDN$x4+i
z7pgvTks2(IQ~B~FHCirFUU{;bB7JI_tXAc+M$MJAYJsd*r^sdMRN0`SvQhnA2GxbK
zNnI<$>L%H&{wbHM`{XLMQ=X<ClV_^u<loiH@+`Gio~=HR=c|440`;Z5Nc|#LYbdYK
zGUSz-Q(mRz$*Z+K@)~V`yh+P{m+Q0=xn7$rH)!+a?b>3wQLC1BXnuL87L<2sr^&mu
zGvs~R<??>*YPnV0B-^w{WK7#5+qKW-HXFzXZGGi-+YtGXZMfWNE0Mcw<K@G)iSiNK
z4Ed;Sj(p5kB_Fp{%O`AgvcndUyKSe*CvE4+r);a`)3&SSGqxM$Tee$&<=eJ9<$H;=
z^;?R!Uly;JX{%U8FhxB-=ZYfEI}cg|n%rca^1HziKjjV2?I3g1%tOcB0o%>EZ!3T8
z<o3>+p;b-dd)5Yq4H(0~0b^pKcr7d{Ncfl%@-HcYSOPxEItgh+*RwEJjJD3HlukK`
z?_rIFH~evB|25E;+{Q?M(`{MAjv->zrsTJszU8J)2dLa++;#J{Z4mlV0{?GNavx;M
zk048a3IpY5Fid_9h4M@A%KyL&`4yDOZ=gbc3n$C(V5R&Xu9ZK)eey@xO7Mr}&+xeX
z1)h<=!prhEctidHZz%yED1=Xyg3px>->3}uNo7(T{;GJ*y00#Oq1*_m=1T+T8gN)!
z*^(eG8zjlE2iR2(WGfd9-XmVO2G6EG7GfWq#CO*t+r^<3<etY)Y6V*bZtA~@#Ey^y
zxrrO<zI<1q@&MIAkg57Wj&eh;>I=P9f0}u(c*C4o-bzVACb`4)ax#UC>VN?p9dQY9
z9cJaN1`0>xxndlD-)U-z@Jo)fwc@noi1E~uXG@9C#RN`AsEUch`DC_}{Jhr5TrjeK
zOiXMO6S#jjWK!1=oM0wqn-pIxS4=j_Ba;B@+@lE-=tps{Jwe-mHKeawA$K<n+%Be6
zjqLAM?P97|ck3}xTEOKrzHBFqZDP7tx27>B$Q8!Tu-;{VrCc#1c`slgCVRJvnG7>R
zD*7mkiDSHalDb*ujAC|zKsSXw<uRDN7W#6tg73behnk#V*Wq!D8=;t+bByM}R)0GF
z&1L?z!qC)(kF^$_*D0e<Lt*896cP))44LoEaA)L-1qQMC++0Y_8(;u87x5*%BhPUI
zWV<u+9Oi9*ykdHZH;1o<p4>c+<GepErIl$;w_EW|HU)kZMLN&5i9DOO;kSqQW?==K
z0cX+ae}dR2K20e42QYyY{a{k`p<q+PV3;}tj#VRIkt%>DRR}9oF`S`F;4C!?E>@%A
zGBp;iQ-{GiH4bi9<6)!n!mDZ$e4&nnuhmgxw^M|FrltyqDiyhEhUl-35tCK9n6BoC
z6VyCWuPQ}YEfA~KB5|8KPHa?FVzWA4bg0GRIdy_~U7aZ2RVRskYKizrRf|tm4cb*L
zI#fOOQUM&LPQkHi8BSCUc(iK7V^t6rs}P>7nsAwF#<SFNJXf{gRq8anR*k@Q>I~ZH
zo8m2h(_n2aWUwyUaf>Jy6>^*sUX3hmo2V-9BHQCFkuC0W?KN<#IH7}*?F8b9@gP*3
zkn#vbpC=hwyd*UpW~2(Mw}ULiYPO4$$EjAas^_39xDFR~h#;w)j|LTzql<}Z`l{it
zn5gyYt>S36{s4t{@UU3Q`m;^c@ly<IQ>NR0!IjfZ$w0lK)IHtKc+=J@octBAzTkI8
zJH=4A47anQ6~17=G6RrZ;C7mX!RridFrW^%lat^l7}D4YkEXlV?Z_3um<V~Z<Twic
zuXAVRWsl)Em|W4sx}1}jb0g&OXCU!O;~E%pYF<uEgcGpi+&%JgOpT}U<R@v?p6;H1
zJGJ%P>vi{(bkd=^4NBZSmDL<tz-@!*JY~${+Afw>F>bqv(Dt&=%@%pt?kqYG>zIX6
z0c(Gc6&V+J9nd?^wvLYST+z%fM61ZN882i#*1)|~_3D5;s`Azu*-I}LW8OGLWAl@`
zu-v??Ftvam)$-%2bK-WfqN*s5{Nzf1(@(Z=v8sa0(`Xr{lOp{Hzfa~VexOWDdb*{F
zs|<bmoAq^C@+dH-J;QWW<HY8~eM<pt<;?iqij{vQotl$+`EEKnKv;LTI}<M3Iw<t6
z2ZaeZ%W}{eNm|e5-i#ELC(oVH#dAB7=;tuHqm$=$#QpLpZkm31Si&#UR=e(h;ap=6
zY`rNHpJz>cep=6*f_On%3gYh75qGb<X}Iv}BYD|4Gl`N5$rxc|Dg!Pu86YlB@*r1S
zVy^GjDf!(@u}Bv5gkF?r`Q`KSWlFpbQ!~}9#AWXuXeI}B7HRa^pwu}O(VR;-=Ruab
z7<#HppqIJ~#;DbBn7SN}R98TMSX~LL)Kze<x*D!g*TRkJdbnAwp;&V*+@o%QHnkph
zs+-|ywE<pIx4>R?E4-&}hws%!a@ThVsqPduwMq0;cZ*)?9&wP`EQY8pqCnjziWF^F
zwTUBWvq!3J;u!USn5P~T3)Bv=MC}xQwM#UphsARBh&W9>D$Y}niHp^L<Ki;4TdYw}
zigoHKu|Yi}HmPStn|e+>q@EYM)QjRZ^|E+Ry&^tTuZoY=9`UVuUHqVSqEPEGQ@xEn
z)H~=_@1jS&hX<>F;c)dK7OQ=Dg!%}lsE=`m`V?oW&#*~-fv2l4$?g9KFHm3MYV|d)
zRo~#v>RWtT{eUm2A91gL`U&4uKjVk$7yMlPiodAeB&y$KhWbNhYEtHDN)FUCIa|}E
zU(1xIQmS&AmMyQ-awrAqNvVfR?$UB)ht^9zM=8t;l)}8Mx#d?{U->PiGQVj9m0KI6
zN;HoeqYYDsX~We_Enm&jMyP;RpqjLiDxwvUWZxF=SP|)Ju+u?*1TarjY!{bO1l2As
zs~{(^x@x<)yozGeD|#LU?c&OIaaEfrD<HttZDM9C9PCv|UAu;LjRbRTLf6FRqRmDu
zTLhyLNBj`b0kqM8+M(do#=<ad929BeVU#ujDzw94u66{`_O5u(qU}nGm6^6O^^ji9
ze#y0ny=S46^IKtmSfQl2`yW@%x2Rxm$2f)U;yRNILOe9baq}N<@Kq@t9?~Gm1xLcv
z1WCmlG;2qJ(xyPRHWggjG|1DY!vO7Q7*FjZwV5zgD}!m;F)%}$1-kf`c;CF2hk;fm
zU@I7DyqUxk02{3WaESPTfAd1P|2E1Gv8TZT1tY=yE4Jz+(N;ayto|QRO9u##JA#w1
zD*yn!RR91`O9KQH00;mG0AiMOvy{_=1p{K1bdws{`U7H?bdwj_B!3Hd9MyIH@9y5&
z(Rz%{8rfby@YsMY$$DU8>>%6Nviy=Q$%d7!$duZn-I28RYDVnLN|tFJZAqF(18GY`
z9Vie&tb|Y?2CV=A2?>FgB+a7@NlKcgp=p{>nrHK9T9R|_%t~unPLut<z31L@&pr3N
z=iC=xfASdsjp9fG?|;VGD!dDi^6(fB<2p(VCv-f{@ChAHGMwb$DIT7V<Cz5J;;fF3
zGyH^(XBmD{$EO%R$3&lw<M{*@;)OW=Hi5<XJ4U{!<1=x5Hi2dMoQ}U|_<0>)(D6kb
zU()dpI{s0|mvy|P<10G8s^e=q{z=EnI=-&spLKjg$G_<Krhkrq)$uJIuju$U9pBdR
z?>fGt<3DtKmv8xA9Iqy@8E518&jhyOHAemy58sdD2MM(B&JPo4#gBOLV;+8@hB*FP
z$4?X3ix-&uXF7h)@E1D%hv6@I=YQk)zXYzs>od-V41SeBw?JG7T|^S-5m8>p;zA~H
zqtJ+pi1SRJd4IF0N+64~Y^opYB0*5h(S;GhxeD@d5fAftn9sw-36T^FnByfRoTyea
zT`bhaBAzZzh!mdF#S&gD4QaQEWqfqGTE@ktx>%tLQx_|Bu}T-0>EiMP-XgBh#cGCY
zbWsx*wQ*4w7i$HggI>Qtvi-O<Y&GRAr@txf7jjPjW`BX$fb01LeETGWA-6z4v<b}h
z3q{Yj^7&S~;CliqZwQWicBWX!`J+u4!Z-0|t}mCde4CgV!#R6|_#WjwVsnHpRcwy>
z13B-gXM0}Gbp#^r34x0Pe%6TJw4><zu0ss8jOAqPynxP}0xmj>W)*BpV8Qf}E<&~t
zk`Gy#jDJ1kpR?UMU}sMBx+ht~tnG{vRW@hk-Trg#-KkJS6Y<vZu%3oI$)|0}IXVAY
zflW2%+pO*XHAL-Uy0z8K+5+?1bB^6v9PG6VT~=?NFjY4d?ZW6G&n^g5&%(Zzj5g28
z_++SqcA?KL4BA<N6*bdR+rzfwH?=5|T|8G88h`z^uk4<4`dooaYHDY5cOvZ;3mJQN
zjzvkP)9q<DbHet!+zz{u$qk$l^#=X|w;T9NywAWLc%Q(A7G+_Ry=Z2pH8p*EkRrw^
z<np5?i5d`uZZ_~i+$ykhr)xT{Z(0{%VL4ed8<1pN$FVa+;|64hJ6nlaVc0GhxSx4#
zOn)@|?!QFBz=v?Ff!lcaGyJ*0!kL!YQS9quhs@zC)9Omo5DlV{g1DI{O_UI3C&_r&
zE|BDQ)(}_XVFT}Bu`Zf&&F+FVXtNC|oaW64Ge)mB@B!Q>019i4m^Shi<FBF|rBpNU
zkk~*mm`Dh$O&oGKV%QqPeCa3|#Wr&k&3`^co$2-^5@z@#Dd|MY@=VKA`DSM;jMqqe
z*S9(59^0`CR$iI9*CwsaS@>5NfIQPgJ{_fqAx`Rma!a5NF*RwCEh-MKW0ORRL!X<^
zyIcjDiDawUVD>PBf=zMn`HG2a9;WP8#1&~nGEoTGVW1Ep%e|Y<cZFgF+VG`CPk%{I
zg68`g(z$+z^sVGXQd^Y>Vzigc)Kc^ZTuxbKf`XlK`<>h=I@>!MXxVM|nmY>a2;Iay
z_K^e4gZW~A&M^x`GW(#-GPQ*=6+NZ1<(Mr)R)!FiP9_&nvav_&LEEJC$h)H~Z0mu}
z&Rwlt=1{>ssSqulJBe2(iN$sZIe)MKp_&8Ao0XYTm(6jMlK<<>zJfbA<*(qx8jpqR
zAmKV)y2c*PxkZoiGO*_i3)Kwgtg^b^h+Sx^(6yElv6v^Tu-*2NfNrmE<($AyDgvyb
zp}ei~G~*5qQEi?XI+a&h{dCy#8<i8Ly_pV$K8H5z+MaUGpyg)<6jzQcZ-2<nsH`)|
z6NDsISCU*_k>p_Pn!p0gX-(j@mO#RT7AK@1<Ul*!-ePuGPD7j1Kw>m><g!^x0L%BS
z%n36$IAj+**RfQPlJ(CuFD)&f!^9lPc>~059lOr0C|ZrCS<}sybJq9)buUH0$xMzJ
zu3TBm?%pwKdRCuJZppYqqkln4o$JJN-9%AX4t6s2pzF*C>yGJ|t_YP{B`1ALS-QSl
ze~~<NUVwAqt&DKrC4Ti*(Ra!C#3s+NL)^LE1jW8wlhadWWnWvLx{3<8=hm|>PH3Wh
zo;*h!2CQLKATs$J*?3it?X5CLm~4t0*8;o1#tFm9@=kaGmjRnN7Jt<DfU8=dLnwb`
z#FEv5DCh1WtV7JOGJ9&s6Z`=RK2uW}7v^imqGYyuT@sdV4FY<U)M8hvSZrkXb@YU0
zwelWm%qc)DLa~R+v1YDO(jF@04?7ul*Va+nTf<tMV_c<i@KLOglQhXwTa%s6+op0w
zpQTDw8lj#TZepjh&3|knrkYK;WCndtxni7S^icFh`a-^!KV%Ef>!0=%+~N@ROy_Oz
zSL<p6cjF!d_u`()kKjSe;TCSe6k<;ymu<I5cArmeG{h$H218sUnkzq&K@UhDzXSUX
z{1r}97uKqpK?CpS)qM5MsEB?8cjB}mHj6ElckQNc&-7heD}Uu`w|be|89|NR-01_Z
zL#<=gUOPW*vuBuKn<2J~mP)nD?I!Q;FmM<C+7PW`C$(_X3b=)=T?p<Lkew7*1FYpP
zT2R;J53oj*Ow`SY-PB}>Jz}pxo%TLM>=*TM(Qb$i(P@YSVx1ulatC2lXnO;72sctI
zL%qnlxVVlaR)6+T4TQK}Y&Aq$bQ$81s3%j+Y;VY_t(|PzL)0l8pnp64Tj@{74hwqv
zMCz&Cd86o|wq&}enA639w=-;;E0`YWJx&!*VEL>qX?u>M)!}X`TEmU0MnPsf)Wg=#
z*6p5$3R*F0RhQPZ{f1rLcgwoX+C?Ac7P$S~#%%KuMt@&c^V{_AtA8tDNsz`_2#=iq
z5K)PwILn&0HilJHKg!Xvv_jMXN1rLHpEPC4sFfx2)m6~6(r1@GjNJOqhNQ@)BQxEx
z>H=?wGDYxisZqi$obBPm8;fS!P&;wbCrGAbrQzN1eX@AggX-iQI=L&G^MeOctVX$M
z%PjQ2gMR^HRNm>4IhPtC3YdbOO;e}Gdev4w{|0S`pDO%_EZCl+SX46`fijIZ;Eo6^
zx$r}boJy~-;E6T!2^J*H=D<!}>b0$_2<YWvdFgKsNlHJWZKY1jKj?ZnU%jGrzROp;
zlxau!EuZ5zXFTU*?UM)kF66~Fj=f^97pBibj(^AV>0shrcsD&%{uCDj{LlgaZVTai
zLrCu_1?k18AUzrtyd#8E$rXHm2=5FbRZs=#1ES!)A*AP#f*%a|-ygycDHx;w8H|xs
zA69!&g*jF?0Z}K$5vhxgBg#XpE-A;M)g|NO(Cd;_<4Dx49mkxyW#cgF8klqvb9*Lm
zQGaq?3G?e7!yE$1i-WmQLNd94<|SM*j_QwrA8a3?aXkz`+K9>PQ6<y3NOoa?Jcg9C
zutH{Vh3rF}>_?Lvzy^67N974R`2ao|NE|(hII4ii<C9p}Ll;#~U{ME2vbd){Hi6VQ
zmL!*U5<c=w>|QLH#4;v|MAuJXd2=ikOMhNk!ivtd&tp+2{8|>;3<PbT(rD!cG+M<7
z9vaG%<YncV;&eF=S4?fLo|>)Up=N4X%R}ANQk|`zS}N|1Q_ChEuAEw~<6%7yS54tI
z@NhK`8>euacz6R3*OVR6Jc-Su;FjhXsk)U-qmfZ2aP2s@l`(oW#B85L3lZ;VmVYTZ
ziPj!T=$$3(N=c&HR>JOXHQQdoo^Cq4w<p;)fqmoHA1vC{q9a&zs>J~!-%nZ}B-jzc
z0}RVIX(??I*Y!jvaD55sl*aodbakuQ{t^xavyKuDcTb{Q1prC)#^!h`K8c>5<dN9?
z`4hOIgx{lkZ{+>v`K#w|Cz{_M$A3{;9*vf8tbCoG(km3RQhG|3(A!N=D<RWO<P<?!
zBDG8C<5jXh6)#~x?Id$4y@cbz`~<TuA+J^?3^E9&P6=)>8zK;Ua4HiX!dl9Nn_x(f
zqQ8h`a+sojgrfc=w#ZZ1E^kJce6!dn9}wH*N5ysWL6MOUi@bb9oRVk7Er0S+ajPte
zJLQD<uzXyM%O}Ota#DO+J|#XUKQ3O9pAfIeXT@vslj3LcQxPGbkIa)VL`?Z&WP|){
zWQ+WKWS9IxBrU%fxj}v@l96AI+$6sed6WEV<el<skvrtek-O#BBM-`NL>`sj#7aDf
zzX`HXbcc206$;#&*hyz_2Y-R+X{=yFu-Qu}@J6z;1Wy%}F--7Ya%l;Ebn6&)E{h$z
zmNDg|D^ip$=PVlz!nK5vkXd9Ih5O0rb%Lh1M8q<c=O6gh6Y8Q-z9`1kEAaBEG3+Ms
zZsy22gUf@M{e#m~!H6g}Mnz3kIpvx+jbRDVzL{g|4CYntOqZ@+EPp14eH(M+caW6d
z#d7&Qtd_5$QGOqr<PXScKP0F9h)UK^;L4xk6ye@3e~#PaFL1m3CGL^0;{gqLOcQuY
zi{e>L!)G)dFKG$9tj)!@w0SBl9uAG1BNNXd%xlS|?fTPrOHVZU)^txS`G@Hqnf#-4
zkCy!7bWc2aOS&VdcYpUmC(5;t1O<-_)*OpoJBE*h_N`y8YR20F<2EN!u~dT0^!AOi
zTHcMfQf>T`YRT(3O;-g|y*hpu=2Yu<K^w!3yhv2*8)?3haf#|U&#SBB)%tzqRh$W`
zwQ6}k>Qk|5Sxu?*j^?V$a{EpiQdQ+T#fA5ls90W4p6p)x$bXc%k7Eg-B@xvYV5L@#
zI&C2uv_)vrQfSspY|~cZuy#3)X;;A3R%1w8gPXM)yiKdcJG45yM_Y^AwR)V^8gQ@H
zh%v1R4{7UgR=WyMXdCdHb~TyY#H-phbR*vz!N-0LP)i30&upr-NDcr1BpLt!P)h>@
z6aWYS2moT1bh9|;t}6p#mUNft5&<HA34GMm@%YTVP4=7R8<K3eLLe+C5H<-Q;uQ`J
z2}dx5NCFt}U`f777M9&~cf)19?-OqgUe#)&g4Tm9Dhi(9QSY`|k80Jn9#wmJw$<Ov
z`+oOG2<`u`pS=0LdGF1eH`kka%kw`xvKs&<s}>I~$5(Q|g|ABUnj2sDFw~fTU(45T
zr1`BhZwT&9H~!ARw>&Ti-<JM62EHqu-%IB`H@@!yuf6&YZv4OlL-9lDeB{PIdSHaz
z`I8&}?15st^RXL0@j!{a=2H)h!_VCK7lC^Cb7{Vi=1Xb*D$U=d`Md1;4>$hP17-M?
zV7`{G-@5S|4@|Miee1#R@Ow9Z{>uZ03g%G!w>1Beu^-&{qX&-EyAbdaLY_^;CnY6~
z%S~AxINF|&&Fjc5jp3#o57gi*Zt{3w9u1Pt_uLS<$@IWN%9RC!Wp18ync^TK!R6<`
zB~&0?uQY{BorcI(defoI4Goj8;nIw7Q<0lSdSE5KVo)(d8YM(V%U6ki%oyV)pFv~Y
zG|r%d3_4gw$IIvhH%*jIsRx2IDTn-2W>C3@DrmB7ImMu<9_Hi_X{O1phdS&q6K<OB
zf%SBl2glLj1|1=t5;q;`fm7%(gN_ndB2-2gRB6x*Sv1pGK8R*H2Pvl6tW#-RbhJUo
z7*u7@95+?VmNf>=6*$j-p!p(^1qRg$Tqww64XTsQB5CRcv)G^pfyYU+M4Co}nwSrK
z+n}WeEtBn*%TCA3SF<!LM3pNII>De5g^^}yRv2`Wh~;D%T;-;KL90D*55DcD7K2(n
za35LRr#5NY-PGZMUJ8mH*QDhm-L=w$(m3I1oit&CA_jE|>pwAnC@L@}Gve~ql><X*
zy)+wS?nV*fCK2Z(>27wuTy%;wKb3i>vM<qT9y*=QFz8HyXGwE5dlkhEIw#dRS16ok
z(D?!{u+h>ObfG~P3B8M@xx_=4(q#s15#?TP&=rEb(oI)+;A1hetHpS(G3Z(kT}Ri8
zsJac>YS0Y^-DuE%O$Oa;&@Hm|X9nFW!?zjqbAxU-=nkRu3qkc5bf>_(47yw3HiNbc
zyhoaQ4f>^lSIXyo23{`keuEwmk`GE}hk;uR>NW5R=_L%>Y0yIkJ#5e;GG~`Tj~eut
zfmg}!ZiDt1c(r^!ZqO3~pOoe)X`VLlI$83JoAxpkQ`u*K;57zbE2GaEsE_xYf!zY1
zH*l-K7Yw{XPVy^*UUbt-qM?@!dPPM1Dn~DA#?h+=y(W`h_poDeh%BSuNb_5R-mrDZ
z*7c^C(C@S{x#=wrR?*uMA>NUIk*i}xx^dIH9$bJQI+&zU8T5OD-s`uu4D<f)%ZxwB
zMjr@<ZTUlgH+|%$KO%U7;i_;|XJ^QYBj5^zykNM|>I_5!acf>Qu+Bm-)&+P{v^|DU
zxUz0dV0~apC=hO+(io2h!|gK=RJ3h1Q>t6iwz?r2iANZf!>Fc?s1;~M@Mf&BaXi6T
zA8v8z=iB3f4e==&!=omTR!72d-q?yF3`x&OVR=@6L8}#88;^80wnQVLP(vWh#D=D)
zrqMjt-5w3Lt`4*#j7ZOz&$u~(_PW5PNLQRE4O-n5k4M6?B!rM#Hz(cY(Y%&OINTTy
z#Jgg3fz>i2gL94HNx6Zpc!w2^2U`O12(vz@u8I*!62tn8E)54a)<xQbVL72pOCgf;
zX?=@-kXXjj2!z)MVsem3XFM1QvoZ$PEw(?CQp;%x1v^(q0?}4stvcCB4y&luA_GgT
zmPoXfRhJydjV3XTo5C%96}EWw8mmQQlNYmMG2U%nFl5zhy?F<+g}fB4s+M?gJx?2!
zrmkgI-N6eiVX>tv8e=JRwz93oYOFTas1<B~?}*O{#;YTtNYuvV#v(0it@yk^3yW+M
zf~zAEV_S7~MxtV}wLF8ZC1yp}TTvTl#yTP!#86oOEGIM4)@DVQSRq@~UKw57))rzb
zs<91-k*yZbVT-Y>u)|OiS)IuxyMRX8-6hsfx~y27v7XjoEU-FcH8$3<py$tRVntPd
zFRrhjTg_iNUC~fO)M^WE<nNAnyffCI`Se7>R#R}Db*#n5^4KS+wqzuyGaA{rX@Ned
z{q3x1i$q(j20^f01lz-rXtI|dk9Ni4RiTg=3lm|c@-%8`G>H;6t<_!a&TtO1l=S?h
zhw1JV8_U|vo*4`W<FollrIVJi%&Q}Rt*p_!Iu>1h*SghKv`G%l0}>)w)ujW(2fa|p
zFu5)*Hkp{|gn`bEU`tF-RM9S`Gn9|q!sb>ViLMKTbWCZ9u)lfcZfvoV=08l_k!`ao
z+*+0PDoY=GQ(p{o&yj72V-~WAN!ZrNo0SgCbFNHJIWH?dgJ;`6W!8w+NRq#QT0Ubi
z5Mo0R@?wTod~UcUBBmeH3XWHI#ha{+aWO(GzND{TFoP`}R?FJ`(1T;~Kr}sDIAfd5
z=ns~d+7J+Lj$6@~cIXTQ!o&fNxMI>k?wc<wYs2x3#lr?zTsw)~&buzM-kKL_>54T)
zQjR2!;3!7SH4qPk=0>9u3H<|q(8<80RI9~0NQA$LO(4)N<`vVl-5l@Pr^WQGuozx#
zxU)+_LFo#uunoa*D{D9uiD|Kn$xxWJo~>cZay?<LeCu8E>=imvv7vBGDzGs%Rv?Wt
zZQSBcE1c1lZKUhasO3Wk+k$;)1k*TAW2B2cSAr+&i~Vs~(Ar={CkumrCf<y<n0)uH
zH1Pyn$&Q&CH}OO~$;8`voc<(}9+KupyorhQy)^koZIalztiD?4-D_eC^1j*Cd{(AI
zf2NO3w2<Rze*fTZ;wku3K3C>#!Zhd;6T5Id@6`7uF>wP*AWON1i4l|#y8jJk;!lwG
z{uH+}mA==GiJNe<iKpU!X(pa7CqF})Go^bLH}o0(r4Ori;vj5&ZejpA-xxOVHEv=M
z*SP5mlfI<CA{6(Z#Q}hgh{IJpX42pAJd^&;4PGFEACz(7o46K3CjEo{DZ=~8#JffG
z_v0<Le(d|$#2Cg+`kKBm>0A0HQ!B}+kycYEvLVUh&GcR7P&!k8k)iKRY{w3h{v~{!
zjH^ugw@BnatW^3zEa69P6i9=@(__-yDU6NL6vG_B>my5eBdaMQcSy>$l0wUH!8u)W
zIU*cXZ^bu6qHBGYcx$CE9Pvekf-fHN**8<A&s3z8iRUmk%B8YQ+=GuJj81L3G`uz(
z*%0ox<-z?Z+thr2VKxF^m%XCWhftIv<Amr866O6!v_!f>t;}NF=Y*O}E;%QtH1S*(
z9<!UxQB@NTMyAYNJTFDl#EaP8lpAkxE5lSd%CrA2QEOd<1rQ6iTD}(T?aA$!fLjeR
zSr+VPPvbKj1$-;hfzN6^(Nwv(-Bg1`NqM50!Xy{9i_=VhsC<^9Do|b~klcK(y?Js)
z-`L18Fg1Qutz7@CLf?{kb9{D^<g-#2q;Iv=66lIqKKoAh1!F#mqMbT4<|Xf{&D@<l
zd9sQ3@KIEuuscM|X`6Q0<Ymcwuz-2<a-U>a{H1sihn!@_&t|KJGRxIT0i+dTs$p{e
z@tR3n^|7vhP9YQXbvievkFk<lvV{%D^H_nCO*KLkSR_k}m&TH(9ALpnnO7{$D3Rm%
zxpFhe{A4&xFXEfm3d^#XsYc6DOQabi%Z53&%PewM8jNr9#W!_Ye9#f~5no2qE_;S8
zt5st9ga#|h`Pe$yjIZc$D@RD5Y}j|cseEh-_)ENh&s1ZzY}GhZ9i$Fso8N!7uPwlL
z1XK5CP?xCc)9GtPEWRmZ^;?5bl4QRhu^49*>}DpeL*`?=nvfZxoFc}s^9(Vm+;p(w
z?3n}I0xPuM5^AF0iKZ%5lT78ud)b0gQ)|PV%fw_tnW@TEg{dZsHl|23RRny9C^6s3
z5NyAHXJgDj#e$nP%2d-t`^vYGKM$4Y_kgUQE}nXrI^0x82+bqaQKqVtff?d{2@&Z|
z>CRNMOf_2_?N-N_s!C<Cz1G-SxvA!ec~^_4Qhmf!H8Ov$@Kuz$mV7KZpHt-cf?`_p
z<e(!P9aO4}vHi$uWe0FASlrlT;=}lesphMH1#VSqs)e#MnCe)?rNAhe;Ok6gQ#xkF
zI;|F+7DxcSH>r`XcrY}jMyIP|D?D6BXj59qLq0nl_vtiH{MDx;@gm;7VeyhCx2iYQ
zV%1>c`69hsUe-8w$+EdiWDw!ddMn5$i~6L?`$v6!CZu_br5R&?=+Zvdr?9H@P2?+o
za-xr|QWN9z=SfoJtG71z?9_^t*KDzO9jBHsCykuL`I2>*i5JQho4Z)<8(*p#8=@yU
z<(My(Mh>ZwDvRw`3NoKvHZX}@_^62&%Q2k^b_toDaEXi!wa08E>&-6GOuSUfr!ljf
zH1TXnIW7~{JT<8r&crJPeL0@S!HA`Q-Kbd0TVxU*V&WBoR^zA5<L(sw#c7r6<Z1Ix
zHq}zqz^PQK;L|e0i6&kpYrN@#Psd{`&XM<OJ(8~e(j(VNN_34da;;ps%hd8dDUp4F
z^Ug<3J#wmv*URi~X|_spgLuvHs+mLBf$T4tFlcIaJvUD(u6V``wL+XkB;(wFZKhf&
z7_%nhwlnbwajz3Nb5SQM&R3t*H=YFSxK7)AZCwAwI(Vi!S={wzwJJ0Hk<2WW87YZ1
zlDV0VjW~%^UZZn+ITsq|*)?`Kkck`YWdA-p2RCuIc=~GL$Gd-pn?z~>Ea?h|?P_-P
zfMr8nFvi!1<VsoE6It<rR+iy^%mdan_IuU3PS&~<90MVl<I=iRx^LH=x(aM`?jb%V
z@6w-xaR(@Ek~1`+;hBsjPp3z``#+~~uxF#QwZK<yY39q8;1&hKT#DI*bL1^;L$Ed8
z!39Pj+|nWC-C!wi)44Um^wNP2yx-$n#u`oBKj5+h2+zGiKNxX2f;Fjs9?LAdw6?ZZ
zKRlG$pe-0;8ye(17~1bw26NmLjO+J{&OpmrmP^!<yU2+`$+~Ji=SlXnMXp_T+EqeK
z4$t>Mm~EhZpf`m5P<E~@kDu{K(s_rJ4p@g5Gv5bZpV!IVIN#eXYn!5h7OQVq*u*xl
zj;&K`(s>W%#IwO(!~VE`Zbn8vnt^5sYQiCo%h@eXeVe5}_#Sj#xSYc;4%cKB`t4Rc
zRjp@-tZ=*7hANe30+*EXOebo^<@s*xK+g&NTtGi)EVEO*MX`2y4$$FoQDBXJQ+0a5
zu=Mgau%B3cX19cbY#+(lPS2iQ5VqPQochMCw1?%(>r{21Gq5^;7~-_pirLoO)!D>O
zV}-PyMy1wO^+~aGmdW>JFjgytc0d;g^_IL|1?0HH`#h4g1-e4<c|j}0g3T>WKbXt&
zRJPO`@?biAU=Luqn88?8m`U@^wYcqo6Ib+e{iKk!C%E}wc5>&<SS^?t$zl72$}KLW
zmt+TZhR3q2>zDL@u^nXvI|Hp79k?l}jcP6OTK(v!mD#8@W+U?3#IaUuV_t4Yk%A1=
z0?QUDYo-7DUyhZ2PNS7<Tb^*n16zUKy0OorTXyM6`w)X;k+!(~lsk`e3O;@Yqp4>(
zH^;JIi+=lEnIT(^6u)INuMP!b@(kR^Z#8m8W>##kVGJ*SX|zK6o~+e=nH|$z`$14w
zE8=E$_zXpy8<=&i{mw}~<uOt2oK$y^a1v>?<^;qy^OMZzDtt+u{DP9%m!ChZxc!`*
z&FN4e)c@VndFB_}DIW-b;8;|U9uW^{m#f6!gd=9vij@ucy2_f%x7pA&tW~W~G2m2Y
z$P=|XLmcIQsw9LT`QKj=4;XvpvfwMy+9-~b73&O%B@Xm1I%&Y4xJ;H`#+&Gb|EG8_
z>zwRUM*w-j48}TjICWVYg@as<K~c8A<ZoqtuY=UDWjS_i&=MH<J(f*8tJJykI)beh
zj0G1i2g2jA8K#2#w6_xYKY3x)@I*XG!;^89h5=lEtziqcYG`4bhV9s)VG!47xE4bi
zaz&|O1UohS2}U)HVO+y5T(98<+^FFu+^pd#_)`r}#nUuA-Qnj92cGHR&vM||4m`(!
z=i+%9p6|d5oOKsE@FE9Z?2KRHz)Kx?nKQn{ftNdUuW;a%4!p{NS3B?;2VU#I>zwu1
zJFwe-fm<DTgN8ZsSj+GrKzZfm_GjFi0t8$mLY{vopx@OC<X63*?w56VE4PC|aXSuN
zFdlMX0+YE7f9@=9;Kjtyw+md&J0YvC%-;*yWlVs|n3O6@fSdn}G_?|N%fH<LgE!7)
zWAMTuFdPnrVwetN;4q$bdy+Mr&3g)Kd;JN2$nif29{&zd-B97*1%sNs=1$1%g~5!Y
ztr`sW=JCY*<$n3@g@PV1{LD@PPxmr&g}pF@KZiE+L5KCiaQ+@4-$lJJlD~`PdsHus
z=I;`oKBgCZ55d@O7R)XfCxZv|!ohy*h4CVw3DQiIZmBerY}N+J*35*T*ObYc@?K_t
zcL!7?U~*apZBWE*oKLr&<**U*U=xgj&8(PHSTd)=QE)oUhO?j+&Vi+HE(G8_SO@3x
z%nRT&xDYOai(v~~0$0PO&<&Tt&D{GrTmg5(mGA&#cf&RC3|z~*-GRSwG$lKVrZCM$
zwia$T_j-~dS6?wUhiBfw2bjWAnA!_}hcN#I{C7wKrtN}589BX9G<;ZDzPA?+=aD12
zSrWV8NICFPy-+EW`LB{SKf_sEnShzgSunHsZ#K_8TIL?p3sq%#y)Z|bYFmP_T~NbY
z%w1Hz3+6Q|rFO#n1S}}$(W(U0F6Xrin;Cg*FVu;NEpj%ib2h6hPeA>0tp@IYBw%s!
zyI}_$mw+YGOF*MduBit`IqR$RdK<k|I9+BR%wsbznB)1cxd$&<#5}BI9#8O|n1GXb
z{A30RSj9UBdT?ERYPhA(aD^VOuXLrxt@OCJ&HiprKnKq)a_PxqE3+84rW-CU%1Xf6
z2O#8Kmw>QvxmVj-l}bRw7TiI9ax#Z<>bNI)JMGQwlQ-;T7hsTppKR49<FBZFPOY%L
z;J1$(vuWnq(u((hm(SkS!+Uzy2`hmfIJYvpC_4cgD&0lyy--@@PQb=)@TCs7i8mIc
z>@E{|$zZ>HY<7AzvN8cbtu%@ZAz<_)aH<e690Kkn0sc76>2Zw8h9(?;fyJ;w!%A4K
zVKcO9cpd}=(m3`rfi3J`+VpWSRI};d3WMM_7zVd<RJwz`?-wu$?&O$s7tCZ|S^(Ri
z34RI3!+mf9`&9=#$X>VuqL5&JeFV;gUF>&{!u9YtQ+R?`Jqf+=6no!Zcpmn_oA4~W
z2hYJL@Dh9lFT)S;3KIN(8gt+`m=AB@5O@<uz+24y+js=L!`#1%%i#CS{d;&e{DHau
z0Jp%0cr|>4H^Lt|=Kcw{!N>Rje1fmRXZRs)oq0G^eH+JTMv}(z*l9wR5S}6HFoWWW
z5Th(9vScmWn6V}uOGp#SVC+k_EZIdOTasN-*6d<D_HFFm;eDU$%5%Nv{BzFly6@lj
zzR&O6|D5YSzt0}EN>JB|$rc27Dsc&RptZg1d5*!nhjS|iz0Vz8Pj(aB!^boL_H29C
z|4hsa{^J1)^F2JgimjC7A!E$%i3QGF;J##}czOTA5SQ+f|AZo~<*r2$=NOlxpVCXi
zcN$_>_@BX0n)QR@+|c@t=Cv`s<q1j7uxpaR5ef_%<M&V+0Xvsae=qjNz!H)6!J|I5
zkj|1YmuF6o?S{q@c{uCkyqqH#gwt6tJXGe8PP-}UpDIsYF*rQ2rNN-ACr<%innEQ{
zX{VjqulA*W(cGdJu0N)CQ1D4@r>K;^Vrafw_njDr)xoQhCa5%O<8@i~BMIF{eRohB
zk+yOCYUhXG3qhxA$x^#A^R_0p%HS1!rGaLAf(19+3rl=e%BSXfBOPwx3Kl+0RXx!z
zNXfBfb0HuPjSmPuu#KNi%?F{t9<d9UF1Vv4DU46J^TfsT;ffJ#*dh?-U1`mc_$|?T
zLTIGCf5b(2xLTuw=OWChtKTla6s>TW)B<Gh)Ko~i_s#QE4lM1*)iC8P{%{T#-kfog
z+j<Z386C3A7GgsXX~>JS{?X|b4Oq)ByU>Brr3I#dcWlG9fk^6p>qQ`bL41?c<g1I7
zPq8-G5lrtX#;k8faVcGBw#XK5jKj!u2E6x@=^ejZ#FRJgmhbO`;N|&5-HmT95s<jA
zQD8^oY%!x0&Ry|}yPWppr_5zp<OXBqd8UMc19TlTiZ-I&5D`&2OkH^{qR9vqE<GIG
z|9RUPSuj5Dp;Tdq@c?|df)!|9U`E&{GsHT1dV<JnvsQ^M%6Qlc_3#T|Vtzv(MSu8N
zOsZp>r@Buw-KYfp{JFB&P<D{`t$`T7g`YcSZjU^NyE^aLn!|@S>zN#V$Qh?RB%t~2
zavMp@ZD##K1dn>(j*(qM<rzyx!LfQC9iJhPHgl1HRo~n0F~FJ$-+B=*(lw!7ZJNzI
z9SOaz-$4Xia0f5<n74;$L(Te0!#zW-J(^8&Ne0#<28<hi2~-V@Bzp|A9Wl`l2gcIU
zq-!g1I*r?7E@}kiDKMK-L09e?2lX}DR)gVV2p@&)FMVSjMbUvhUB-_+C8IyA$a%e(
zT*7%Fn-_V2@b8{j@sBX&>1W_ot9XLd&(HVSuS%>5B-oDXZ>m^4agadWN>+Kx;nC94
z8rdv5v~(k4(C(4AZ<bbPi$9@Le2SHmcLJwGC$P+<471DK5{a6ylH~GiWU8bIuNSsZ
zR;Fzp?<ry>Ye8bqe&~~|n5c+x+W+8G6hhCJ)6`7){_v|Z1K!Bhh|UO3iK<*T$lZ05
zf(ON|*_9!7qCs0yqfCW$79U$hm)(s+Yl8?YI`&PYnfb8}a@$`!m=@7-cWB|w{od^c
zKIt_-6GPWH4(Uh1yN=6_kmORFV1#doQdb;a@R>x$Vm=A;*Ieg08Z7t;i28A+Ze2ud
zib?}zOU2kGGHv^m*rxs7i)P*%J1jENysv+)$O)_ICtg?oQ8%>ryu#$uS>Ma$_n2nL
zEeq<a3y>}J$fB4?gNp_0=$O?C62Vz(w-??kr&CQos;a2Q{jGXd6NroANnF(x2cByu
z?5t*sZVq?hhV{NE&@G$43f_b_Ucd(yL*(BBbs6F!V|%Hwe=XOv_=Jnm?Oy0vXK+VL
z#rD%TdDxUvebx?-^COztpq=ctuyKwb-puE$Dm_FN;&9axJriQzi(WVoOL`Aj+_+vf
z@6I$@i2A9nHe45d%6twoY0r5hl|NQXKsst6lF~BLi6|RPUbl=dr8U_ODB0M3?suvh
zs6zSNg_se}=JSpetq?X77JZe#wIhsen(Hp}BQ9itDPOBYw%~lPp2htFVQ=s1=y6V$
zp=3$rX_@dasR{0z<4?=Po!CB7FRi+c29agUt|2tw4!V=WZhzo0D7+(oyO4^E>s^iv
z>}<waM1)Wyy$tnYs+t8-C&Z2<>6HX9gvgW5Z25)H3ydUPYCasix%Y!^#iQ}p{;5Xu
zOe)$Jc?3^JLCJ%7nU`O@I+nO!Wlm4~qOA$JIlJ1^XW_Q~hXp;70$X3dibq=+i{gw$
zze@%_v|#86Vv}Lym*M@P|7W5WblfyI5O2@qnD%HktBLE|mF+%<cj-31?F9|tz^~Qq
z{Sos1jzayy9GF9Fo3TbQ4e8CB%{C9=6&zEencNov1M|V>YsqNZtu^>o?8brSy<pnM
z56%5j6n17N%Xe!4rg(g7Q*kSAKo@m0mHAeU`6lm{>gt!bFT2L@Z%aDNy<xE1$;EA>
zj%vHA4NIdvKZHd1Izvdmd<J%b2*K?D?2-!0vY|ZZ{a~$lfxVGJ>EKaJaP*7iW%(yd
z6;zCXK*zaS@(2IWLQB^tDJp{C!?_?}jSQ?R?d;MV99#zC9}Dy)1U<XkEwZHhrgG`r
zOCH7*;}|7*laD_)E5=9tO|P);P_y4>Aby)=k|Dr8^|br9(BFSiQT+!Fkk(UmFVc~X
z$eCUU^3&@O`?RMj-fg{h{%M8EYss)~-$lCO(Q9Q{r}%OkP$t@_LXF-XCLm+u&NH>1
z(zC9{!Rk=g%8r3EJUqo5H_Qy5UF+<>?vo$e{G4Ew?)ahc>%4_Ae+OqWN&9)D)^n?u
ziN0=(G8fB{*9+(TA1c*JwE~)B{f`de=le|4vKBrC#+o)Q=9^3_>0sb6dG&|VS6L_O
z<pL^TDZ_9yWAsp-w?)GhDy!JT$eIfp=Sy8w9=3n~%j}L~k*aX(mLLzA5v8p8xy`Hk
z@z{zKSK-)73suDJ3@J`syC1G}cfpPJ7hhztq(<pJCAl#h-13|3erOD6zAbt#KAS3c
z<|gvf1A52T<rtwLgwWeS?Mn?eKd?AwiVSPIdWBbw84iBA>BCZuP8i2220^!b#$k$q
z_)Y1r8Kp&josE`m$}!#4#_Ajs234mR)3sgM?*&62K;c<pt{3kGEx5^ko>fF8y_-;Q
zqcYQypD?PTbxAY9z<ve;NYYGY0{(#bhQ>S_xx!rqRZ07>0v!xL%<?%yQf|%MeQ-wU
z$|UKkVxmX)<GD;BExjn7tgte?b87RO5RaakvJj7Ngmu=#LzI$EVUO}7LUN`jNnywD
za>`fe`o;a{A2T@=ynQsMyW4X8%nTc6WhtnJJnT++yn5};@9V*UV)%%W*etg@b4}il
zZXZ$gr9Ap|8h1J0HwCE?y??ITxg&k^7t_$a0_!=0YAJcyB<KdeZ_dc;+FbJN(wx9f
z$WG!x&d2P+-iY<EwritRSQ4`D`p$@K@Il9*Pi&7hvStT5>URhGq5o=0yLn9Ar46=S
zi*}I~|MMZ@Jx>sTEGYyis6@NUA_;xg5y?hbVd<uxrg>REZ<BUhv{ydjST)0<YIc9{
zrfe-qZ-?gw+%=BXI%lWGV=^2u_R9fzn~%=$6k98`eiSTAj4C&ZhFz59oB`bJ4a&H2
zYa{m$xja5h=0us^!TU(us=Bg5cB<rObD<bBl{w69YM2i|J&FujtFbe%bsbUcEl-N$
zq*Jp%@I=PF&wbVY*JZC>5zc%qi)ZJk(phgGtfGM=dN?K-7oU+j0L3quR`=%&=DLyM
z@@g@6BRZ#&L`Un}0{u|rjI&z{o5*~FEs~UK_CjmdaMWd*Y00aGMIu6tj<VEqy$1FM
zAy~5-WE1e+kl}WiB7$d5(1yl~i95NDM5ivaEP0w{DEd=9Eo%5(j41<)hT!sbct@|A
zmqC0^i{!Jo+^6SdS=4jyNE&qn-*T7vo5YDQHLMpmq?gS-J@*}D{F+@d(B~E{5Vp1~
zCweb*&FGh!aa<i&H6gD{SF!#!eS00V(WhIS1u<$s@xvdiyj^-vr@W!_1O`vt);$NV
z_9>l68^9Z4H&7~-aRti}H8A5wkLhGdyYhAdciL;lh%;N<NEJC`LnC&dzFp5D?e5#a
zZPA9d<m)vWH!P)@cYW@#Ce{tCe$)Fk7^=~h0DMk>XyuS~<Q=0@PI*`wmQHBmJnp;K
zsDJ4KsF20MyU_*wx358Fw0@eVu54f2-rfnJ($s)X$@>0Uo#H2!isXsl8I@eTuiZ3)
z%t#dW2SMZak;QWUP$IbqXWcET*(17So-$cnrQBRqhM9ZMPgS05So(^(EHrG4RW3k(
zT*Unxl0?EJDpKA39`}clT|H^e5rIykBIW|PaUplU;cR$7$akCN%0Wn1p4iw$cQ$=r
z>|x5^Wv4k5NVsdYDS!8dIr_^N-y3f4&t@2dY`hB#J?n@!cQkpd#*0^3tn~^l*^dk=
z%BX!XTu--t<zp3rehn^i)3ed5oWAuvHZgP2lB1F%+_2V~<7EXQdxa~cekB|_b=?gR
z(Y+$5^Fx5@p)lth-{<)z-_FSC&dAW68)26!*pp-inoZ^eH+=6Is;IqDYM+^GpJ6%Q
zl6+tKNpOdkM8Zlb>hFPGp|(UFq1^>ug1Rtf;1Hc(lC)uC^hHckwWf95+)931HbR*=
zIC-VEJEx+Oymy$qDMvQj8toYwA1OSzOfK_$PoAI*`YhH625zk$f{(gq5;PLubn=5h
z#H&Z$GhhfSi1i<4H4!TdMjZFgyp;v39A7NSf)$T1#O1(hw3OBwl*EW#%OufD4lKue
zbZb$Yj(||$*UI!D5GUyOV}jTr2NpIzGFpi~t@W0|GNq>jftY@`0g3W~K&tL;ZZ6Jx
zmd-Yg|D|L6D=d^2F*Xec0fAyETh_ClaAy}G>dS-qFC2-$k{yd?C|EQrN;E7dtlC5g
zsiJJeTzN3vaSCJd+v>{1T6r+rnKd{Fq-KM4Bbv*D*^d+Yo#@SeVj3qR69Rnk_-QC0
zz%a;&9HCH-o#==FALI6jK1YMBC}J!E%zYdYkHbn*8zt@$O57YLrZT%hkhsA`T>Qs%
z|H#!DO;AB!ASx>SZ$3>0Fbry|4+5bvZVz0XaYRc5nBzEsV>T>hXGt&{?d$uLWyHF8
zc@udMV9sON-^qX{Whd+jAMLq_2mdJ0D^g@(E<{m9F#mC0XvzS1fastI<~zQRI5Id7
z5c3tm=Z}?-`E$gtieNU#w{${MItTGk5lnY1`#aHz?L@YlnS{Db4zYhP>+htLlMekv
zCnQ+V>S$GeM-`kj`ceo2>FeLncd>G?aWinyu@U?qT;<<7zyHK^^2P8iBNijUd=f`O
z1Uz{}jlxq@pzst=3OS8Yglup)${O6Vv2wv$6Vni2R{kTWO(7Jdnv$y$_}}l`+BBua
zgcZQNLPvJLx2&BkfaPBxkO9^mN90C;xqu^Ec<C0u8|9y?Far>X@x*iV+yH@$oUPO>
vojojZ|G!jzukMr1B7EQ@XQKx;o;KKjoT({A2?Fs_&PhtuNK^ks$piEsn5p{z

delta 33678
zcmZs>V{j#3`0pEM;)!kB*2K1LW0HxvW82!9*tTsaJGSj)l1zB#_dmDlo^$W*e$h|$
ztFG!=pD)&`%7D&%g+fx6gM`8W`}Xg4sMSnF;)DF}AsY;7U#nR^cL@LAv#}Kc9qzyP
z$<r7VfUTcu7C2wP<`dqlvomi#o^Sk>7#Ve#s{u>Fb#C?s%8}@1Ev5lDysqIjbIpbP
z>|*02mXUV@;<u1a-;n42CenzyMl(DZ{_L6`@;opi36o>4n%%(Sg6F<@@afqR>OB$s
z_}fd24c?S5)lY?qrmG$@Pp2%OH|;Of@~uf@6|g=u&$Q?O-||)`CILn$G$gSKqQf($
zT`k|mh1*8;aqSH081%#J65B0;njSAj5St0mn>uDk<7#;%ZZ&G%aB&v`8M3;!2-)uA
z`Q=cOF8-e8e;bvG;~N%vvyNj_rya{Xa%#|MQp35VCwCar*^Z&B2+@eYpmQAMe5K2y
z2V~E7Y@rD-R>M-fbS$)2h!E1mV1s5Fb>_QFjPn3_2|{~q!J*hdE*144Lp{AgrpsmH
z0+~T?S9py1ItY5sDhc(~4i1Vr#zi-@W#*%s$)lVY;02@Qh*VBjrw7?pOvjq2p=iO*
zxYg#K^`16|O+2rrfNtiXGDkKsp+}(^;Am$4Qk%obsnFfkT;Rk~$|X)ZqBSzthoVXI
zLJBnKKCjrRnAm7{fwWdL4F{tcS%riKkqRaveV1?awlII7xPD|~LBQ=b;Wm=dl6KEy
z!MXxzk%_^!i}l)O@w49gcLfxy-pGMAZvf4WCM2^Bp*kzOWJMdI9Pzs+M5PxsV5P1F
zj!5#yDRNP8J+U%3$}B+__Zmfhq7s^;cV==%r0s$(6Ma&Ow!JgaFNfRwUrt463|B$e
ze=gq!)x(a+Q{*!C)x$c;5$+vpN0S7xruW}6NR`G_rErR6<XFug@CGL38+WC54yOIZ
z5|#8S^5=@!OkPqzR@DJ}AhG0oK*-)oq(<yft_*$Kh}|59OzV#@JS9dD1m<*JiQQa?
zNc61eGCJ*(@Z~oq-WM+RV(evx>?MC9&R*=7u|UO9V`Z318yqT&I|{;4OTIvgBc}w(
zTfC#hLWu1ml`aYDJ0eWy&=D3XCjX<C9h;odmqW;ctV(eki-P0)seUbfz>CbxZmY`l
zcUAM349zcr#r4zH$@z;4j;+I2lQcckXoC_qZ@5=NC}b{cmv5gOl&Mqn-$vwbl=YSL
z8MoMNw8ts4uzcSH)AF3KzJ?HQQnaG<T#0GI(%0ZMHCUSsEpJt_cSt^_+^V=RNC&0}
z5K?jZT_F4K3D1WK9ZAiV0pZ2)<*wS`q<(~HR7Jgm@ObAOcrkq(L1A1-zfrro1U8ht
za3M@N&tt)AVVI++8nM_ovKDOyzU4MQRv!(sozEiSu{{u0o#*2jSZz%%Ug)J$=^nO%
z^TDD3N8!DRrys#hA4%6w$?Z!KB0v(CMRKS4@%8Z~cXS3LGOtiKfCWtbyvjD&-==An
zw~Ph{NNsUOr!fA7v$xoOalL=N-sOy>4PRAtWsGE|T~(sySKeX%4yqpUsUGRZO^bZh
zgq{9;ndTP$_K_U<)X-J)%rMp}lB?L=YKLXAeLX@eZ8`Bs#Jgj09`2ZOeeP~L4oa~#
zRVt7Hh<UcSF?*4f1HSomkiRlLsXM$LFZwO!!XI1)-EfKK&gk65h{n1FUs{_t@u+p2
zlsBO`cj0o+A}Puwl|N6VTr+(n#CBD_KSP9e?3D_x{t%Q_W;V>HP@FT2nRoFF&pkOU
zognUx{eo1MgZ);HpUAon1qN0G3kLRo5K<ud7MBiS<3u2Z`RQG}95-@c$GFxXDKm=v
zWZRv_BO0I`$yn_`M(%)EIaU?eXWd#%=;h(f4yue5mF5|AhzlX#EQQ=F3yRW|fcguL
zA;p7UBdo5n`JHALR+&_SvMV>S&`!dlvL(KD$LC}F;?r;zGJeZLIKbbxe`JZq)$IF0
zN&7Z{16?Mk<<=CRV3=ZNweA)zxOZ`2GO4XUEI7!<&~Xp5#Dh^@mqv$1F9EBBL0+#+
z`<7u!o5wESHa{)orx{9$&AH5`HEA8GGDnyg`vMl8C0n*QXau}5G&GxGD)ZA4p;rI=
zXQVf%Yl5RS>zE7F)q!8zZ^zg*GjeeUgWn1`h%NC-*70%SXt+(I*v=Z-Nb=+t8_hw)
zZHb?0YrGEFScDuzs!j!DknYik)ij)FE<MsknxTrLZ8iFrlLYJFvJ~zAskl%=!EoLE
zE7@03ro5t&huac@ximHYgIJGkY$oB4$n5hYCnD^^#nKA7A37qCS0fEkPfF0}7{3`H
zgB#PCtRdR*(|*kO`gM*6l*m<}x0Upi0+5AKqbnO{8!SFMqB*R3{L`mQ@oO`N{J~v>
zGbl-54>!47)TAj-)~c9D%dBCij1Na-yZ^ztI@pZodKW5A%}GgH5VehSVN=FGV($m%
zI5037-E2Udh=_IlWUQXEoa2_C0FfLp3Z`m^|Ken3D+`0X9qFO6Z4Y}hLWn3eLT^Yz
zb<fMXH(r7mqF1X`jAcP7wnxuMcU^^%iyUhEx?h!p&<tNRCwtn*2yDi!DR~i(6nH4<
zN~*NTz^pOC%15JI;l|nwt5LQrkPsP69VqG*Q;;aTBkh6JLbZ)7Cbj^zq*DXp?wLJ7
zN~Th^8VY>DByuF}c<q;|=9vr~x>NJ45uji9qG+M;Lo%|_dHT5(TqS}#87#Jce$04R
zplY6k=+TXL#K}veE{Ie;wi-ng*hXaWV^dS5WXU7iCJ#v(ELteL_`#=L&Ka`DDkF4o
zk?EpX;4E;CM}1@Ipwdq6$HWIjP<f$ygM@flWM(2Zm7Bi8z!Uvv&oktS<Q;#7M%k)Q
z-W^{kt!gQ#sP-_+@$o6%j{(&i??i@r2ubNTez#d3+*1i+jGaDhpX~~I-b~2hu;*&4
zrQ`>b^PKPcc?#E4);5@?JmDw1cHKdbRZEuzlM+~*8gLZ_H6ThFL}>u{+YpG2cfCvj
z!~L*#qy;{4_jWJikrpr?b$bg^w<@s2gQJAL5PvCz&UV#aI0j1^?rA~loC|(3IUY{j
zGn99@u)l{1k+1tt2z-gWOywwA!_LoyOm9?6$j=SR_%_no-L?)9DHBYTHj-G*Lv>$A
z*0#Bt$5WzmF^4G%KK20YFxLfQNkW*}_Wa#$%2N(%^vzMIW?tO{GWv@nyJKS!Yp&>9
z#|IWlqs4XXgkB9>jOi;djUK`9o+4yXRoPX;rDINa@S!;PE`A=~G7Z5kBxnxW-LaaA
zOXm~u@b>%(o7HN(rmOPuCF)QO`nQf;oE%%N_tWJvJ5C9Qoe%(ANwm&|E2sjkfz51<
zQiHsEYP&;c42_>vr{#faht*WSi}lDs{Of&);~kkAkz}3R{zBHRHsxjk1%;-fnP*fq
z{wmA4w!UxjkC?R#XGg?EO5elm<|K?LhD0)U=2VrK#TG%)=zpjSax<+WUXfqpcPXZg
zeiVvOkQGrkf~5h@a-_&yoQMcBF9rB|F>GR0JClX%`g(&DdjcH&iCb<ZE_aQJmsk(Y
z<RWVmnSqNpI#A3d9asqj(+mT2M3)pmuhnt|vuLL%gw-4e6FFOYPDXpZP=}wv#p}lW
z>&91?f0UEkv4NJG`0@N)Ne<yxzDd72*Nw58`*RmyHnspToi8%iKI31h8){RI7i;b*
z3tx-xq)~6Ge8?*D1}y>I535q`tLZj-_c*?~P}kH>0H|#QA5_>e>yA(%b~y{=W~W<M
zjw!q?Eac%v|H8$A9~^djXC=|$v(|f=cc(f=Bben@txiYxseIvnuEjmb*#Pv;m)5#$
z0RG22KMvq{XBY|q#{TZpmI@$#z9ruE{}dA#0)z<P5+A61l57kRoBI4!T1|Z~y`=cU
z?F{_NfquunbpNDxr~cyXjQ$D(p7dH69rl_<zdv8%zsFySd{RHjeOf)S05Svzz6OX+
z01EcU0J+E8UTUVjuRe=5<kB>0XM{vDlW*dV!~pv}-a{U@Sx%GRQgk2_ZM5M(U7hvW
znl)^+Jn_}6fPGB#yFCrm8!2vyccrKoqtm0Wk_h7dqjzDP-S~a@Pa}fkc+yc~>ND&l
zR|w`;;{O!y_ij?q5DXZYGvfcQc>mnL0NDR_q5hji-5O;{mtp=V8IaR7K>W|JN=FIx
zUqnb^CI!s?#FxPM9C_*iZZXKLx~t}tlqWa!8;-IfQKnEZDTA=Y@YEbc*iykpb;6NG
zm_Akd1NBfgy=&A-0~5TF(4569pR^;l+sQP}cfh;q2}6RQt2lmczgccSZ~H2}9X`Ls
zgE8z^#2(zr7g1tSu%Shx=|rY8$nVDtC2bom9|Njlwd(B2gR~TK8d>3$vR5cHAGi5+
zQni!EY@WM@F1!I^`wHmT@`uo6creY?X?=+o7yL)rNA}hFJ2S6WmfAapm=PL5mU<-f
z!gkQ9itP4))Fo@KS*ohA)L;C&*)1clUJ%zTOu7gcCU0GR`uDx3s>DubzGn2_ar96w
z`T>$B57T*G)m=JfLu<(E#1|=bh7RARsK0a=IIDWDxcR1KooE*+YHn)ZVkfLb-gFOS
z>&j~RGlumb4#L%-$^Ig74L?JRC$8|-b_LVsd=ChQvLui{D2j|mX4-2w_R=%nXPFIE
zY{ugt#JEL9KP2cvu#94$;AtS#2ggo~><66WMLa_l9O=fYR4e2^ulKrXZEnKR3FKI-
zPI7+SB(ceKI^X6Nj^{&^o5-?prvBXgcCH73@FjQt$)7okc%j#yK1^rFN>QIc_f5Nc
z#?o$XNxVTBXB`{b$aSK5IUnY2)=0r`3^L=87$)L=KmP|nAbxvh&;);vGn)5Xjw#?q
z4M)&?dL#VyP)uA_h5J0+)NzU#w`MPWjI!6fqof!1tbLitp1C_5b@mO8+<=GRYwRyX
z>6&5?7#nIKjbd^j$6c)~mge{|$g69$mQHBzQxeDPDd2)Nu{-{ROW%$XYkF(&0~Uwz
z$}Gm2w|Q~6?M)z?X%mwly|vJQKnK8;a>wXswOKeZm!IjZv6DQ}6^%-H6Lg(l1F1J|
z@npqeNw4-Mn<?uL_@4P1L}u|Gpf8CV)sdlH4<k5a*73>8<t*o8J14{7H@Ai0@x$5f
zSyNoz=5*cza0qhr4H$JduzO~9bJr%GqanZ><e{bE3u72|j-yH}JZO_wYtxaXb^?~%
zp#sH2(N^<uIjpg`ZIF#Xw3`K9zG5<)B^cKU;lF8PN1FnSGH$f^f_JRpl+GBm<ew~o
zujv0RMIZ5r0v<>(Fj?sTeJTEzzrERL0X}N@8W>*=Nt09?(4w+G^fpRftkGCRWHCcE
z<-n?;B9I&un$M|x0z=KYx9s!E<CldArM{f`3f+9;_zL3=%qTJwafJhjhvN4<ubH?~
zN-U{PHXpirAKKnlgaPkxB%vOd6i$2*?4(0?RWT<)Je4E?Hn_OZY?dMZnj`w(0kibV
zw?Q#3@EvyrbF-6UF!gyPF*c;kQJ|!loFE#-=-c!l9%fIWh$934{-Yp$jKd@nW(3u5
zdu)a(w{$f$o=COPApCtM1?^}ySvFT({h-<Pgt>Hs6|Ux{mZPH5i#W5)WV8-fF?zj9
z4_qsKOk7-U!cNlsUI)G7l^ot+K)Rbri&wM!afB6<-LWm-&1x8}X=e!{$Z1CUb`%|(
z5{fNNk;l6+Y#jR{m8><r*))?QztYW-n`yC4;duxhsQSm2a<p!WpjC^ZbHEL5bl*YT
zH(9x4wu7m0Ux4;n?Ot<>>5f-y6LtKg(W|nlA8270SSnr?m5h@PhN)x>kQbc=y1KMz
z<|nLHojLJK2G+~3<yF-qwgUIOwj;dS#Dg#gT59b?6%L(?o~Wj6B@ELN##7rh4?5d{
zoS(vf&8VfQM<hq(3d_}PLq1DKMjl!H7NL72DYy7hO<2{7SUa%OxNX)0ioGxgaa8J&
z*F&v0`WxIFt(wC$Jk(PFD*63Px-E?*10fQ@Q%>ONO^d4e)u#Hx8mn}+c@cag7WNgZ
z1Dv=>m@BNL2MU-!O(cdlJf((_<jdM<*9o6&F^gv|uMOG+Z;SW&n0e9STyq?j%Xl|2
zeiYpKw2Du40cJJZ%yPOI79j~YXWRL4J#>DTT)frdbj${Qoa}7_uq&KLFS0`heINw3
zf-G$-J9GUzL<iJiNv_IbG|F{LI(vaBP^}fI*1xtivTL0-j=i_rW+c2KyOml8rnB}0
z9kN&S<NH0SVOt@aIqfcLa1Zg-NvZ>Os_D+5@ih6QtO*CEn&FFuT)$SN)->A>XutVM
zu$SKl6D~+6REp98K)=FhhJ5PYgdw&S=Th0)BQ&Vz?80VH3u~<)(2^d{LbdH9h`agI
zLF7)nf{q3LuOJud8?~C+c*VXza|Bhk{f)3MEi_62nI<Wo#%EOH8xa%YgeO}0OPEij
z<C2c<;2)#|x~CIV9wgXdkc?2RsOy2M5d<V61|)tSq`pmn&|HVdr0-1PueuTT2gdgv
zuiW!WIS>V*STI>Q7^;VXiBv>gheRl-R}TAi)PfX2Sv>o)3Iv!_{6uzS$G|xBhp%6y
zaaLt$b@63kdN}69W)Xft9G$VWPqdb+Ry?ypqnJ<7T&wBUb+t~(ez7QP+-<`>!_EQ<
zcZSovwrTOIp6}d<NZfZ$=<(lu)WKen=Zjz;SZ(ve_r*JtAr~3zZs7V+A{vNM&4l-$
z-ZHC_&HtF38~uls-98g`=6{)1_5aAU|MhzpT<p;QqvE6jQs4h)u#-oE{GY)`>CgWf
zT-10`{-*=1HKhQYd7%GekOF^ga-3LxKBFiCl(;--0Ry!fT09L4!KN&2cs~eq+)OBK
zxo-|p-5Jrg-xK{7L_<fSAoxVkGY<QO{Bb^i@HBq3ohdB~cQxMqyyfxivjZgl{CiCh
zz?HL955r$MA8CN-9`3|{08U6>FEvO=x>>$g^Zj~RB^J<)cRg>?XPzj6Bt}}~Iu*9a
zQbitvdK_<CC%Rf%NaXXk>vwrmSWF!B>UbY=ze$b-(1){)kIdJM1UqPyhj<{6Oz6}M
z#td-;cXM>tpAcoY|2vWCJ4>(>hropMjfGPgUi@BN+^DnoD7t4-dFkpNsOmi?%!-p>
z={6^bUJ`K6mY!U$my=UUlCx?>#ByK*B8q(Wsj-N!qK$myWr|eidBa?U`E@M9+{1d~
z6{ldTK|3kWPmXQi_@v`XTXfZa0Dms)!GD;s;xO(SRcnx`0CHQ>oowmK#^4ZVjx8$n
zN{4VuPELZiq-M~gddL(xyJmp}4VCwBGjH7ic>!m1Wibt9Tx8uO)g9I@?L*om(oq=R
zV`aRDI&oXnTPCB^V<|zy^Qv9<U`O9~cB5TcyTgE|ABx+ANn2Q>->+|!9{I)IidzTI
zQXQ&njS<jbmiMS2FGMm`K05#23K%N0v|?zitR_q~I84+Rb{86mOhd11)nt-BxXI9}
zB?5$2aPi|~R84_8@VSIt()F`typ2X|b*R}T__7(nY}F*&>1mdVk{$L+9f{5pBy8ti
zYx?so7AX9v>>l;;dNkc~KBL^s_^UBBXQWW<B8?4x*@4;h{eASFsabrDu=o#ygA1Iu
zc!pYeuD?{0V77OC&*er4xGA?nWK2{^eggIx@zN=vIc;|x2nsXTD0q?fRp~R{kg?wl
zx~z8ne2sU-C^&r0cg=i78D}@%98U5acGU>1ekhbNhAxSvN%9oT&Xw+k1kT=th9$%F
zh^r22!Sswo!zk`G1+o*Ib4$;?-Bz}=^L)6-F1MguCyQ|yAWY6E4@`J19QTRkq5~F#
z7vi2$2$x>jZURSZ9oGY1)fz10zhnzO&B{5|$}?xu3@wYk(r>3VGuNt`&cK_}9(>^F
zPsw}B2x5h%VFaZLf^uoCbB@_||75lBsy=GSh|p>4ji|`jB`1&bwR{~<u+r{T@rwJ{
zXfCH>MAEB$Ec+#`NIyJUq$Ik}zys1!>0Nq;x~zG@d&AmQPIe_e-g{-TEJ_bopY|r3
zio+XcQI4Y)kmhsm1(9@GS|{aCj)oOS%29CXqK!IUf6V{d_bWO|tl?lU>fF7zi>#VA
zM8Humh#B|G(HlXeOgd7_GPLC^hsw4;Zb1xdYhw)Ft|-)$UC^pb?#W%`RR_$EreG1g
z{PaTwRX(#ak`RN!Zk<~J%%@WHp-ny!6ZsHyd!F`avhtZfpo1s0wSfT<&A07mdg`bb
zJeHJZdkIP!xm17tY6n@&MXbxhn9hO!!7e+GFVh5w#=f$jFB-8LeIUs#?$pbFKr){H
zwpRNhi*=BO0;iFqB|+YO#{g8o4!ly-NDq}5BQ}*KXK)5)(M}P4o6Q$<V7?oKbiq<E
zy@onJRTlp4m@(7^r;p1o*9&nRzC@9Tc~Wl<j{rk8KUNBnHGly3-9V-+K!QQNwIE<P
zWLzYKA|0bHMQN{67eTvagSytT9wH64)NWM<T;)ss2YX=v#VjNEk~biW4eq=?wdY0o
zE3D=-+N%IUE;Op`yEc7AolZ!dggQB`Yf&h;(&BDHMr@%e@-|j859t68<?((_+30gY
zAj1=xj=eTE-5IgAG!gVkv#G-Yt9s~$B5PqoeSqiBi*f`L4yWE>h|>a8&H}h*Q&hZR
z(~hmUo`P|5^MulZMsq-e`yIl?Sd}%Om$piVg8N3Ynl^8pDcXvA#lsSWW;K7Da;Yq6
z&NYcaVlGYtdt^`dby-wj!aqH6rxF!wQiZxeJ<3vC9Ko~z^U4%jGm@(c%h@%;9j{c+
zS&y|uC~FdaV4l6LrZ`{;T3_iD=DNSMEFKzowu}1*0dR1Ji_2~#m8(@~sIRom=M;Nd
zwBg@T-52-uuPBB6HuzqJh4?Q<2E+fqz3YuN9UxK<UF-W7<Lzo46TC=Qyk|2hjc1ek
za8!V@%6D1i=;~&<dugnst-7^<vg+pMX9qo>*5#J<PFu>yN{6q2Pn8e8MtmgOsb>qz
z?Jh5u*~{LqkH07ZR8!Wgp?h>q`!vDSxB|nwIKicmJTou2FkxY+L+V4233QT>($-~?
zs({e)d>AtZwi+_bAG%_M445rp5@RfYpuoY=DtPXIoUkKlHkYJwT1;w=5SFQ^5=fr$
z7j>{wgqJl4|CvF=85YmnejOO*GEWsTc6#fPb}&QJ_g|QX{grrzgBN()ecAHe!$MsK
zV4VN_Rwv!InzLblm$;&3BU{hxOb2{WH^6M9Xg-InO5A19O`d*U7X!DBu+@_<B{eSS
zT+c(2iyu>qgutd~0e<4r8M?WL%WT5odaS+1A+cei&8Fybh%ntp5X(q*(ygSGMq9g!
zAc=a@QLSXZ^`;eVZ%jT4+AoN=Q-0FbgZ^9iO>F*&q2{0oG$znppH6$uPWRrJ2_Q%Y
zBsHUu$f=0TaV`1yHaW;pK~=Po>ymt^+m^4MgoVSp(o_w87PGFXt4gOC9xXB^bKljz
zg??tb-dHPfm4lwVMYVw_S=g<@&&9Mw+Ns2Kr$*?9vsjPs!1u&rZ8g`QhwcEMcK}B0
zJzui#M@YOY2JI$s(xEtH9;TpL2H4>Kxl?8Q=@8#RNUor{g2M9@c{Z1qGnN@Q6~<#3
z?I;?CiQ*;E4CHxp4ixRGG@kmDmf|KVwB1&zbw7uIHiM+KF}En2{8fyeRiZ5>btpa7
zShmGwu1m^ID<<Y11`V`nsoHAry=WOMd6Id9z~_95ZPTO?W3m$afX!M>1;o>aKf5FC
z_!gKEd%Ip*-O>tW<45geEY^L%x?W18$Ndw8pw|Mhc2b~W@VkebZ)9!RILZPAg`57+
z%AzMQ>42O`BN@M_U~(+!kdkSO`$coqqpj)y9tM-4qtlu1S7G78{GFh`a^B@38gluI
z%Ba$d&M-5d|Ix!wzMB0YK%8A$&4CBvSzG_QZMXbua%(G#2B!qV2e}!WBxGlUIrdYQ
zj+XAFhr^u=ibRsJVPCT!EG_z8ZW5A_k?BlZIrfZ=PwlvFJe!Y9dHv<t-3ZHNzL(CK
z`*4!G)q+#T+W3?%IZ^M%Uh^|<l^$9yzDChBb5_ui3(-rL&>$Nc0DAlvTfVUt+*edB
z-<9h~OIJJNFog%ZWDJ)fryB+4V&YwySJH@`N}I`bmYf{D-K$*!-%7GJ0TbnJF=cjB
zsr15_d65K>BSY$~kG8*5^Y%R4yp1d(<Iyi>{6C-gAV;D+SSG<_$t)s<&aW0ShpsOH
z7zrTP>hBITTWb|dz)MO&WJLk>XHch)%`0&2{HI2)Iy{%n2&Er_-dShWuF6#5EXS4L
z?N24}R%|CJa1SgNh3aq{RId!nt-&{hmmeZED}$JiH-jP#3rdTWDI#_D=2)`gnIgEs
zzhE#Cp@Ju*m4PCC!5WE@Sh{zx97&x)fBEUjM7GE$$+M-O0C+Zzq6qHFi1097JXl}_
z#F(bs72^2E(Sl{@SK4HJb*hi1z*DhcoFB<J;?WVN;W(n5JR#ltEZ#$?3->%Qet=YO
z^@1GNPe1gf!T!IEk9Sd<;?quM!wj}o-@76^_I5>^ElrLX&fiXL=bff2bQp5`liI_J
z6Y;fm(Z|hj0nX_tuv$~5M~IrJ9+<3J=u`^%dpcF)W{kgsF1U{CKO>|ZN!lplVc$W)
zRdn%n09#{BFYzulqSzSUr0t*g<t26)0l%{x7gcTJM9@d;wPTEfBTOnI3KgU;(F=Jf
z(0HiiW1?B*qnvZlX>+h`^f9n%zTvZ*LIB{xn<QA(0W>xUsVP0N+HUC682y%Pcw=UA
zPW0dfmEVr)ug)Ea>2!4EO_7lIoJ2;Q7gQuYH{1jkGe!r!n!bC71b4<L4=MGzU&9H%
z5^mxcI`K#MGm<ZTr>1RFE5j~DMVl>9$;k(sO&UT?q8UX0U)yMUkiX~;{<Rp%|4R+v
z|L>Cq|78xEpPh*RlQ52be*CY5K?`W4_@9KaQ>X#R7(y55n+1o1+7Be|ix<@|?OTk3
zCHTAUJR|s=bMgN2_liG&h>tX@ZEk>8U%#*Td!;sl6K|h)KqaCAw@M4hN}H(UjD>M1
z-?h+GY1_=YcywK%NG-_tIaTu-Tx=0I=pbZbjTq&3Mw^lrKY?v#Bk7w1l1Y(iB@gjE
zJNyLHG#7KE?OA#}tlb6>-wnyC;2p)Glg7&BZlCQC&PfVt1@YICprO+u!?q`_$I9D8
zhMIJ~8Lg?w&$y)(&CmcfWJ_bpIi!m2P|Py0ic#<LD=21HFTB#Yuuxm;1F#}@aFJWh
zY7SI8ZTuPFtBalL>G!8@oiC3bA@uFcAXfn8^z0$P4Mbz>8`U`6!%bZoMjc+%H&5Rm
z=7<-cry2#ta#hpxKB>EcHC|LmV%--=jMH_=*os#zu7!RbpqY1zk4oBzvlZ*4k^sv?
zg9W^Sc$jI4rZc}tcl@$>$PhiFz7|J6$t&`%bP$H0&~4g2o2LK4iuIpT&L<P(=PZ?d
z+zQU&>V+zwA%QLYD66jlN98+jjZbu2l@EG6>X$mSr?{ft(k)&ij1%YL*MTuZPJi(K
z^k3i018Wx?3=HjGfAxQCoF?xS5(C(n%<N5ETv9c6ln691KCiD+2*ZY#X&*}$!OIyK
zEVOLx5TG5jY*q5si<<+Q3Bx9@``F~HEM@MdS7H4ed~ISKbkVb|O)HD%0#wlzY~Nwu
z)#QDZXMrYxgjnQa$Dc1VygR(ln=Y1rKW>ICz#KBv=K=;(%SJ0v2@;*vMF2Rp8v8hL
zlcx#uv<D$EHQzcg)%WURR)*iha1<y08MKrj?s@WqCQ;3w<2>YjhPXcw(mc!`$4}E)
zNe-%FJS@7X4{~B$p@LDni2EhN;JNMiVr9av{LWmB_<qX&@?hDS<;SH1HKt`B)z~Dg
z!-3eg9AP-I=Ina<NQ&>x^a08lSj05)vA=wjiKkHu9`)H@n(U4l!{ymG1#Kb(i7(u8
zAX?$<qd4Oq6;9c`2lgcUxwh6q`W?8P@1*ZNqp*(KY))&wNpUu8X2>7OJGKYA_mg6U
z#jSodJh}bqNR=rv*l1!iTop3Q+F-|UN>q_KL1^h$$|mz~KCE&Gq69=yAxg|g1Y`K(
zu3T)^5anva-e(bakbes!$BEpB)Hhv~Lz`{ataHh#bLZG<`Lo6q2E?}rS^iGvc$J`1
zKoAhU-Wen%tbs#(!Zj$ORLeM89h1Fu-pQfmNhVeP#}k8izX7L)g=PH=C$=xb6fq@N
z@MQLnn{|*>HXD$3ixbe0b!}^@g>f*(a>+!F&EKES$c#lDJ1_(#rfRdcF2<{E#!-FO
zMT~gF3KoqiR$ym0D@laPaA(guCE0u2#lN7cv(+U28R<(Xs)hZ$nW{e-;U)8cHcZHj
zjKb2HM7Zcj*}T3w0~TgoYvIhF3L*?wYrWE@4{Iz$-^^nm_zswB4jJAGIXLW^xs$Ci
zYJH3;OLmffly#``MbSw2EcTOWL;Pd$*4WfY|9EEOsB+Vs=F$LukC1WsH0u2&M%U>@
zoZk@Puy~=*`+A(HV*G9^GRqqXdds}9Cn{-KKJz)AduEq0nj6_It@j<#opg5akEvi4
z(jC+1dUtIwu?9T)%>U4OL+h@1L7snS8zP_I2*DAxF42ITCe2DsgRV<^F$?Jlr-{VE
zqqm0X`LWqpz+cje8E%b{_GXQB|J?_t?j>i0i$YT{<Sbr*fmEPK7Gd>?BM;CxB-UV!
z%O|<YrRulJ7CuKnmz%$S5b-Sz(_W{eHE04N7Tb-kdkc`Ie)lX<$uIrQ6HY@6A);dG
z!IP;+ApYtcSr;?aS~&hBG=Gs$h;D22H+_<BxuD{Wz@lCo+BKGSq7C)hifqpj`eGIK
z5<GS8T21W0mYshvoy)2VdZTIaHInw##^%Q7ukA%_2wk`AP7Rc~{f;5q;+Oj^z+s0T
zeWq`H#s`2b{FqV+PY=ngI>=I4>cD}fEf{aJu;M-Hwziz_8U!HP$;02-N9-B&66hO!
z0sp;=Dl|yYGi26~F-nGY3!A&k%)kaGSA{3sfa7l}sBH=9IZ?B3^@K`PfAJFP7iF}D
zBw&VeyV2ndzlW((Xgvz85*)JRV-NuNA2u1`P%Dbq{cFIC;r@T%l&&ZX4hu-tG?4$_
z(bSYGOPDY*pz6-p(xR-~p&HGUx8=ZS>=3@!z+X4Dkg22U%l;%{^k#_;T1^+yMTY`W
zy;$#8qTrz`aLkLND^v-`YUs@ZElfOgVh}Um9)K=AF2|cL*Y{^1dh}p?tc7{F220ih
zYTyJ(&f0;*041%1Z*dc+Y5y>k5wi{Uim{j{H^Oe}uZj4<78lK1vdfD&#*?40^uVSF
z@1#6}5OgGg>x?VL7G@DM<|#8W$)-3i4V8enn+i6=rrvG?vWaA~kEcev6JO5Qb7bQm
z^1-P<M@Y*){*O<r|M(;X!>L}f;vOavWkKDZ#{ys!%E<=qx~u*k`(A*k&-RjIXZep$
zYMWQwL%B-Ge2Q@!P%UBWBL|?@E+Xf)#6|@VQd6gm*c?F&LA=6HUJJYq`T><#4sJ_R
z++;n+g&E$VfjPogqh&8(jAJnw+zMB93buPLYyXuOd|O``MFa1~F10*rukL*{Fo-fj
z6A%M4AM}CY3%w%YxFVFR9p0!b<SO+&2AYLvsFG(iFLB7F=8qMdt`Lqw0#BCX#;Yi`
z*kB1AMHP8I&mg2^qynz~+_pw;#6f#Gtt0#8^CKVorfj=Sb-9*HsF+}KB<6ugSJ;DT
zTVJ1bsTmm<d4!B|!&3|*imTl}MsWgl09%|3|1s+4cQt9&%NmmZ7*)ftOcOvNFV8NX
z`cy5L66_`k%9=P1Hd)ny`3I>YkN*c!Ed}UHrZ)c}D!EjVI_cxi6IK2M`^h&gXS&Tx
z@uA@#sBlnNd<wS~6DW^17KXvXcJuy$DsBEBs35PkYa<c?kv5LXbWd=nszdvZL(Xi5
z>|RIQMS9+{7}3HM>!m{K?bWt&T?;)F`e7wejC$*r8n2rKt!0G#bi8X|N0t9T6$bMk
zsMZ8Tn^D)xRvKT=vZW*g@1l7H4^sU6gj@t2%ofl144jb-%2hhl^(KB!PT*dY4K@F@
zT9m(!)CZh*B`Q(l2TKZ*PP;b6gDRscBaf*`h$6Q&Lw3dRtFvsL=Bt{RgPX&JLvA1=
zlB`SXqbzsjLImmg%)I%X0whh=el#Y$txmH=&stxKn@<P-{u~>0c#+bu!QBvI0(}(>
zi8UFY@r(W=RrgxYw;i$yA(84))b9k9t5L3gn1EDhJf>51pH8>(q#f+48d9>|jWS#V
zN#$yT0kOSQN_#Djxr#jTH%b8p#A2Z@lQWp>8rk#WU=#23Ji}pV!0#Uj^8DjHh7)@J
zAswbF-A?<NSL-yJ-Pf)97N|bk{XyF0@hLi-_SX(SDSw_9TIk09L)G*Ae#6jt@$G~U
z3gB?0vNF@RD&Yg-KU8JuBbapu9nVW2Xer-vp5G#A9JPi3q?YakKiKafUvJ43_o;J6
zW<4Q$cNI4KH(oGr_PO;3Z`wkIZ+Wlxi9XHIuIqK*hecnqk#>o>V%{#vi0W3H!woEj
zp0FMo>8ql;XCWm191bQINIHMF5=TNKUp{mL|AhX}NyXgY{q_3?E0_NdtfHDI0I7Vi
zp6VLQCpm9a4{Tm=;~`*Tgx=q17XyOHzDND|CJh!F!9o#lPGP=36=HegS6vx|si!Fc
z9SVmhp`~@{SKXP`>|rpu{zv$vn>$$sXHM96r~4V`bKQQD>wj}Q^z-=|CO{SQZWq35
z7!q`=Y2)}1fY91;=YDpRaIA>p2pGIt*gP8P6vP=K%<M8R<#4uHFIuCV7F^h*SLoz;
zmT~Fj=q&d7kp)})x03@!=An+`E8!T`=E;1&@FfHG{iO~6_xG`6N8bs^V5jgnCAqJd
zxLMh+91f3;J1_2@-9R#5nFJ&E19~EwdSOGi13Mxd3qTiB$XD?}?@`RpHo%<%O3DGU
z&Gy2b1Nf)Z;cZ;Z_P@V^(i2bIb|;2H5JNmZI_mf?P9?l>r-tGm_Pg^A0c9#>eD-#d
z;T`_#Vx+eCOOj-#<IbM2_hI+z*2l(w?oNu(2m@Yt{CSq>9U72&%x&X;683}o@q40a
zn2byEB%~BuJmUD=_!T(H8GtRhJXz|M0f>0k=r%E5o(+4vi=UYy=S6g{D)c+O<3c@8
z4F&fpr6gTZ2<Y8e9uG@aBnMhi_z;*A{cyu0={712<U>l@GX{p8axCJ>vdd@fEnu8;
zh?bJ!#x0g>zoOa5y3wI?Nu6=%ma;nHT?9Uq^>X;zz))wKEFh+b0pMbid&KdmShmUf
zI`V#*cm*k<OF+P$V$9hj1t2e;k(^OqxU%TMD>#GHxfLGz6x8!Uu0TuAUCAt3wMJLI
zArtEsMVF9seIVTxBaTh3qQ=7PYyq@unIghb;krV!tL|l>K~bkoB<%Vb3lKTIN3xXM
z{GynT@T|mw$TK1iuwc{vNbd@7`Kwp8R2O*e%I2m^$>Dk9O}f$7QJN4QSF*Isgbaw~
ztDY~H(MI66#zL4T@{Em3q$*HbRA5Ev66sK6lsQJnSUzu>fq=KVa9hs<Ndn`R&Uk=v
zD`!yA6>%zSui`+(g)?(*;C^83nYxXp+~6(9m2XSI%5xV08~8<XOAO^-qG;ue^WDXH
zevJ=U2x{j8Qm1+Jz+$uG3%o`vVxPL^D`KCy)+?sBovET&&Kni$kWO0=b>!5{*(57w
zTb!jX=u^toE}!9{PB-%zl!CB;H7jQ@Ku6a{_vERqDz!>Q0O$-0==i5DcBcfie3<!j
z<qY}kW)WbMt-M(SG9c>6c0X-Wd-cR>o@df=k5_y?U#tQ7@om+D9Dzi0XCiBRH++Ic
zph33xaE^{DFY!`AKEd;nQ30M%x}tyIa<Cwf4@%|}q{J7h2C?%AR)Spk1ZzPEeBEUr
zVIX7|g{`+vsaDR7*4AUzSoMHHZReR0+j}c40Hu^$z!RsN_BRq=_mOA6$zx0Q=Rt|b
z_ogr>j<DTo0lqda?PVPM3g*f<2~mYV$(}X51be(Wu?h8D<~8i(-*i&tvTW0}iDULE
z*tJ>~*(XqA(2!PYxNvu@=5>vh%||8*=0_UN&nIl{qOjYvpzX}|#$cendg?6KaboN_
z08#@N+zcq3j6Wl@zVXgjxq68)EE7nKwSZR!<&UI&BUh%$TJ2`QV9F+nfwto2Y#n;}
zVd;c~Uc^HFC`~r?GqQN*c<nHVu|DibMGi(r+kj>jr^d)}vVwgoO{D}n8S=KPJCK0E
z%Tci3=NC;CPQA1o$1+Zhfg!$L{G89vM1Xoow&}5VzVQJJKE8wgTO;Md8T+RB`tP;n
zlf{t{cy_dd*jL6YQSZd5Sp+WV3r4~9No*;G_o0(_D$pl`@f~w(%l_<9<p8RjB!f(t
zR9Y<p*Kon4+1`-~sEK7&nxU~yr~u9~NX8OoeJVv_dOb~=rX^qgcEX&kiB26q2Jr8U
zf}Ji|Bxfel@hdAm_mI4b@!s|bpXnJ#%Sx0JVYW!?gmSXZQiEkNt`3I&+E_viq?khf
zs`)nG^uih~mY^wIkk!bmZX+)iJola9c531+A8)bSBWJ%h<8M98IAfn1%?;z_nwB9G
zo5i4q*Q#|VwPYRq##qu`CviL%Wq=#~S{wWVVF<1DpZt<lp%N?Vt%81gd#reQ>bN!0
zk$$<hqoM)f`!>`!m(61+poz`1oYljnmRoEULP*kppZ8IOYvL$+RW)bfJZYh1tSFAE
zcIKhEif1k_ZTBKuB{#<~-jsG(+KN`V9$EA8RD$)+hK*Y}1J^D5rukgwBOq7g1_TS^
zCrw;`;64YOb{wrS*@b?r7x_I`>i9a9H+zN<+*4GmT}@af<6>g|UKxml!**+}?_iu9
zGqAuR=Yq)AO*4XM->(a~BHM_p0I8I|#$Lp$meqJ`4>_A?S)8{BH$hkB0RkYsW}%+q
zzhdQoeWuzNlh>FWoYGa;02nJZBbUq{AcTD^D3%upZt))pKjH`5IA3zf=X(mF@%^d2
zka1(d?Cl%ZPRTK2`>hvaqE`J`Zp{TOm@ipja<gCrmis`r7{UJH%Z4LCp${jF+U9dg
zkL;q35@uueQ8FYMj-mR&{`pFoYo@{e!}Lf3*t6)2pCgXVby;>TfE^@g_%&sIsZ8re
z9laJ~M~Oc}xC+e#H0Q@z_!YP#Q*>-8s(3d`8u~f=$jpSo=U}bB;Fb_Wdf>!zN9L_<
zDbO|(OsB(s(Qj3=Aswmc#Kk=ko*-J(fmhh44pz-(>RoAWnJ4Ru9nmu5vxYxtTgSGq
zZyJ~RE^R48SA^^R0dS}@zp8)t3p=lV#i^)0ABED+b6hgog+vrUj`wI<t@mq2oC@tP
z>A1zyIg>i2)J(_<d1o)3smWpOR=4*`4y68;iA+KL=1Kxw_1cz^B7C5B%k{WdGbJ)P
z<lygm#b&O0jGpBleV;~kaiG~mbJ*PdF~!#_JyQ*XXPba`3D6Wn<V<N-8)O+$8KHxL
zu&}U41s6lIN>>RrmH3#b0yD6kPS>rkTZEgwtRi5}$d3@lK&m5%F@H3bMC263bPilt
zgGEMV6VOYfFeyu{$bc5M8zB=*-KApPl&<qvNXV>!PgjTX0*Iy39W!_Y+8e1RHgsFn
z*l?xGJ0MnD0E$#9R+S5Ry~|i_88);RWB&46`~Waq{<O8RXJE7_|05?%=tzf(Ar?C*
z_kD!8!FoQ(w%5%OP&Pi>-m%zQ)*qAc$=Q$enOf2-h7&X#`AeZ`QTaflJ)dgV2({zJ
z&pZypwt(liUXd-_mKv6A1^Y^RjYEZkc20!+vb$~+3qX<Q^^0vN-<?@?3fhovfbR!l
z-YS!V96BY6m5Uq|WuYg6`<`NnU0J~X`@TY^%(8O%k5NKIw><m#>}22SskJHWiBg+#
z*N}W<G_#AezOoD>4bH+KBvUrSxH%VM5k3vo#`gMrwTpAIoIgX)HOKZ%tCr#9KiVjd
zQEE;3{{UXrvL!YOBIeJH*DMk222&0h!UV{wm&x%NWK95mtG!GZcDLcC466a;JmD6?
zZ$RA0EP!Qw;L2_@11me)U8yGSz%oWX&}7Lnr2H>`%CV8DB+qp{`-7*eI-)0J_J%s=
zbTu6!r@`fRE3-x%*CHY*zbCU7(ZC+V`geT?DgcPZM^9~aHlJxgXYgh*uVXHAtBH<b
z-k)j*imn2YQ;x9Vx8Nv_Z3|7W79B+T7_unbiC`^yPZhM{FVojc%x+-E{Pxbz9nANo
z=n|&Grl)9v;dCss*Y^tCuq^U7-KFN8iW-SmeS^2F^A3)!iGUr^co;FaPbAAG9#jP}
zRY1K)h#uYr&yS&Z{kHJ-sG~>F*qvK-nR)QeGNxXLokEjgRauHyR_|c#hpD<np`4V3
zk1DXPg_VG_QE-h&Y+8eW^Q4@vHS1>?bX1$Q-r*Ri_ov)0;hRUD=B$WAAZ-RA?l0l<
zy{J9YNEe-DNx}hP^~1?q!)OU2H%o^IH9)tpHZdZngjvhp3AO6W<zHG&_M)<}oqmO+
z4@v`bj&~)3DPhllTU~HLK{j(>^Q}~(=}nld@iwf5tkll+@BGEpRTvI+(CfI=yGj%U
z;7J^7Dvjle0_o#XdQ2FFlV;@Q52f2axIPvf%@y_MVvS6gQbW4a6?IspV#Z`{@_-^O
z+t?kio<7}9Zr^}K7}Vror{r5(DO6SuR^_zTe5`q&@ycGmBUA*pzxY|j%+h{jxBMO{
z0f85Z^t%@nT*!C^Xy&bDcALsM4JvaJC7(k;Nu{AajK6VMw3Y+|TK<)yPE7;RN9?mv
zp9pR123jj7KG8_cA+_-5EMkOA^?>4d;8W?n11|xb1LC?rJ0lL#5?gG8F)-uU--%}<
znjxneNkEec1^)=oS#Y~gW;AXQwK0?akWb}TY-%<TG9qOpHmi@{=9BeTA|A)FQUsYC
zjOJ%^oWoDjR-Sx7$lPqJG37l>AL{Zw2<+zE=q!gmI1(0Lr+qBZq?~U-6JX@B$c)0t
z^?Q=S3TqXPX??-|?&gqCjF2+<?<Yy{8dg?t;w~QhNM>Z?jAd6+@j30;`w41mL(8|e
zrC(yz%KAZG&jY58niaaO73?Xr5;JrviIeS}cKZ%Fe3yLl?t*XarRZb+S7*!MzY<hQ
zx#C)yJQvu+mMUSkhrH?rf&niRqQtm#6sWdse*T$q$D0}^y+gD;JaPlA&*pOF_T>iM
zf#mN$zW6}Bbn3Hi0_08_eROq5G!lvhtqcgK+9iCt*9euviNCO^8^wdo)*O3T7&w<S
zRNWshRWT`iC+>?<0oFoU6i{(Ogx746T;o^f6<86~ck$!6GImYN<^Ye31DyK8@ruOi
zXt_W|$qVAQaMw;ZuNo)WW)2h#`=178W~B%_c$C-x3rwtO({n|{#!S{lR<fr{#nvsw
z=c&K+@yByBh9GOMrP0fk;x%9X$d)R30nsO#96|mo_Q)C8_^igGdYTXV@8}Eg)uSYW
zSc;q0o!BLmX&~_AN&utF&^X9j89(Wow4#BX4}C1<xt+3q1PjDB#1TeewA|*}ybT3B
z5kR4SJ3Fp0mLqT6E@k<%SAIe61TzXgW3GSl1&&>QgP$B?i<e1h)orkoQk5>;^P6e^
zmru<&IB75v&nnK<J))JJT~gPVMMIzzSA=jqica&wyG9Vu5TMb`w=?V&of(;a%YZdv
z@BV76#wb_gx-%-@sJp$3kgkY+-MN&lU>Op87bI<6t--IraM>{94dI+C_(XQja9~5l
z=laErEwfGi0q6K!pW$(qYs_oGwSLyjGA(B!$FQiaiF$nBR}m2+&&NYgiPf@gB~DA8
zc3mz06l-lw4w$4BM#BGw{xmuKNmT1|SzK)^RM&2VzKx)_YKI8BcI#7WWo{GtXPp2+
zivx;$MubzyI`q(qeZ<w0V_00u1$5c*Tq1vivU6lH2o9_@?ppA|kzW`04|h>=s5&X2
zTJBSEeHWVTAvPt0^6EHgXscwTJ~E#qE#2m8Xw>(=2S}d^5dIAjD|!2;g-mVnJC?}w
zo3om4A7{mr`KrH98Ei_0q#buV0-(!zZW?8%9fCeu$`7Qf-Z_lDy3=bV+l4~Tv$bsz
zE-R=(6)ae*!Y0k)c-Z1o8u@=1rddWe7hAKp%Z1Hcy<-xM;#W6$kaeHq%W(Eku`Un|
zthK-&0P;+ZYf0UNB$feke{mjIe19LW{R!O}oGcAzB;F<GO((;GuH5cXa6={!PB!cn
zw)&%8D-<U{!K`DOnzGKTL=_xX%7meC&4_TEIZs2MthD(jX(I1+=s<Bn5C-%5!6Oa1
z^4V2@^-cw-8$)R@`5KcMnN|GLWaYO(4mHIaEFh2I!cX|GsHuzIG$>8>t>kDhSK)$q
zJavEfm)Z@3WBMN=64NhslObcg<#=1whmtQ9S_h)5<s)24#kKE-D|Z(Gso%_iKQp`0
zvNqqOjDU%yYrXWcw>fEJR0b@6JuhBZXl?S<^8b{QmD*{T$)z9&7@2rmR<XryEz;)0
zg8-kJnaix3z7gfiN)0-`&K#4Y<0$$1X*eZ+<fIC2L2X86#W52sE9RIYDq1ZxAor03
zX;NBx`rqzT^0Mz^ei3ea^`q{Gr@6>R3tG}FKA0s)8Uw8<51JTd`<2n}?mIR&xC)GR
z6pR~B+6nGKN}wTDPszgek^8l(I8fa|8=$~<E20>M6-XC^{9yY{^2FKK^_!%_+PYL)
zqTg<$&tHSA2+p?%SK+8*?P0?xgFo{1(=%WHPWB7k=+$i55f4WW8T?&yb5=`%?AD<!
zL4tIKh5^qb4tOsbBTq2GtoFxT*7Ji5tNQ$B+5g10jhtr_c&?shR}&qL%2&plP62{i
zd0bccKKQ~vy*G{j;4}IrP$O0fBgePCqUU^ymkN)cDUGOAeX5rVPoF7yyzmU3&APt+
zGxwFkqvuFOz~~cJz{$hPR$gHC+j^oiiPnMNs{m&^CY`|t-b8aEv~J+BE-Gwlb|*s9
zFReiO=OKL3%D&WaWvy#lSS^LXN&pfY1n%&MFRruG4TK<aX0)ydN}H|-u%zy{g2&{|
zMpP?!xKvrl-`&0GuYv3|F|O8V5_BvvWQM)9L6dKbebPJ-BLj&nxM{4PzYOakkV8q#
zn2yszBd~WvfBXV-5Ng~Z4A^G04Xz?{pvIACLvM&)R2)kz$>wN>m`om_R{->IY*`fi
z(0oiNDfN9yg8R+U9W8ksA|&DGA-YqL1e~iaGlzY|4l!Wa6}i0$36!{EDJwyO@d^J|
zyv!q?4gx(g1h4VK_nc|$AsH5~!%;aa2%~H>`V*J<^LgOtP?c$eCzA41An>O1SaIeu
zlzRzT+))rcB)6TNaeCprn*n0HHv*))Xl=8Y;gS3%_7M2&XsfV8q)te_zh8B(fAy$?
zGphy0kj-xt1#Ez0w{a{#2ZDExl_Cg$eCC)k2yUAO`#FU?@a5sm{|fX}@yH|LT(MM-
zq_4qX2HM{|8nBQj98B7TXJXlF5+K95KDc$lzGQX3`DdVyrN*}t`~}nm_W*C{Aia9@
zk0vV}Lx+N3O$<p^^qLWlAM}Y#39w%7yTV@)Zw7eO-+mp`Sz|LGd-`n~)KMhdOrGdu
zMh=?vyz>yu6g(_n29diDs0yv9{tmlxqL8!KA&9euHtIVva0KT30U_t&;Z}K))KiSf
z1qq@0JFjTaKX+H8-2v>XH7pFYmacqK$6rdCZRJ-qDxVCS2{|T8_SB(>vP37Xp`Y!}
z&^lt?svmg-Q=J$Pe_--2(>-08y4SF|*VJF?ALL=joJeaS2OC2mhC_OCffbsdi5>sa
zgHtmmnhJns3Ey%MT5KHTtm6;crO}>V9GF8K?X#GJXzlZIA_fS+{a;+YWmFu&7A>4X
zg9mqaceen+-QC^YrLjPQySuwP1REr{2M7|}-8DRJ-nZ7f_v@J-eb$_+I;Uz@_w>|0
zdrz4Nbp=9S(B1_))>A{=Nf6)lZ7!jV)e9>OfwaB`=mm#3;Ue!z@r4#{v&1-kCHNt+
zL8%qGxGB|z6j@Iwdr8a#p9`*kfR6!lI|~H#sde|kJ)kQTAtEYqDdZFJB!_Lg(e>kU
zz+0;DP8QH=NjEwZF@m9+AW(|c+u{Jc`ix&&n{H&krYXHB^uxvu=ma8ahIgAVkFBUP
zZg{w+RdEWiFRXkpHRt%-V3<uttO+Uv7=|M+(Wn)25aGW)FRwqzXlPE!Z>Z>cZ>&I~
zw;lh0l^9uc;BvhDwa#|H{E1USXd#V<!wzDb>7(;!0iBhK79CpAf(;f8RB9AJDGNpb
z2O4rw)KL$1u#JeyH6kqt-xw>WcPVwt(B4Chs4=lmnOTw0N|K&_Ra>ab2i<A~y}q24
zlB;?%EM!&yzuFoF(Wx%No&v;2V;7vgpB2dESc_?#znYbowRDFAgR$~?ESQ{g(Ed|3
z-FLAQ5i2+=A^Ab$YQ^iCNU#rZ#^uF5w5dfzurDZtO#Q&Yh)n&|##=7+J8?IZVNjB{
z%~#PlqB>4{M=%+d&G$DI@<B$HVWQKy;95{Fs*|*5iH8wAVwKF52iEmqR93cGEIKCo
zlr-iFul~SYI2zAl{O8odoPB~@zvnVQn&38gK$*EI#wY&5yPhMJV#)+4W;!pP)c$Le
zyW5~Z-M%U`f>}<zJgMPBjyx#JRg7>U`@)xQ_s1-EKO<;v?{H&?eQA6$l*kL~X28{$
zVG$Cx-gsdH`jZ6;4>7X^U25N{7w>>G`)asmKiCUX;HxHB){F54p|y9#3(_x&yI<1_
z{pF|bTTE*~rr>gKby_&k>dMiUNZ!kJ_jEcwwRUpJUkBm2C1(frZj0O&<sS}yP8);0
zfcN{<x&dAqMcqL53uV1y*<p3a?WMk?^+U}a(!9j=gUlWDy!3v7GTdl<Mei9(<)P}5
zYkz>xy<*$@MF+o%5+u6{#-xb=Q|ZcQayv)d8_?2fL--NYY!LwK@VhTFrir^1C*UaO
z<`Ct~-UEZ3A45Tm&Bh)<#_4j3nGemGB)VHo_k8pnx^;}c1WUINV-q}eQ=E08Wr$H=
zB$WPWe)FdiJXUtrTCTQsFrcGdZ08650j!jg!priLbhatxJe83mx7Lm644~g^IaU6U
zrnjq-L+g&Vb^<>9&fvi19kMv);2Lusd~!Jj*Eg=^IJNLIpf0Wcu~sHr>O13FS!*rD
zD>zkOc5bWu>DvmnBk)j5UWMdGrAw6Al;8Rl(MNv&dGF`i?_0l52(1$duKXtzm+Nyd
z_d*-`IMcuLe^?aZy<7ESZC&@n#-5*LlQN|<yv5gH%>dcE{G4j1E+k+&`0WRzLkn1p
zQ)q&Bpu6bhqKoWY*b6oHJf7^F2=_Ell3T>^{2lx8sHYJ<d=skp*l`bv^ozfD=EYoB
z(%$hGbwX?Knf=wPDy{9En`4=KpI(8szO&3DU<n92u4sohU(tA?Yu07YPpcm@FX<?b
z{vAYK23)mw<`^zr<Hr_Kz9pVs=Mr++9&c015{K8HcXi=nEkzn0_ODjPxERRd)lqbE
zdFhiG5d3Y%_3?Sj{-ng;WjwMs0jrariec$U85s4{();y*Xe=}B4)~IvLBm1%;rfj<
z(6i&?hW;_fua@&-yXWqS81o`umN}s}*vt*jb09o9rbfae;<BoG9`0Py+K9L`$Ugz*
zt{igPg~S*;ciDr~i0PBvnQ-p@YeB`p^WemEr&kf9zeay**XT1Qd2@e1+Bx7DW_)_l
zY?kf#<&JB;)n(uu>Jq@(`i6FX&kf%2co6vnoP2(f{sdqR7@Fyx*T%HlK@!G%{)(F=
z3G5jo5skdMJ_rR2yk5GIWkYnT{pY_h=hMf+4kdjEBKOjWO5e6OX;<5vFYEa(8{eWF
zgTmf|2>f6>wmVrq{s~cj5K7vHWy!Xl?29#K4H)7N099VfTJ_a#e0gEcivH8@{XnSq
z?JdOi!nX|)2;{zyd>{ZU)&szZFNCmYzy^+J*5}YfX=l!ZEg7Z#3g*O0A(WazhSi_i
zTV9iBrOHG(V9cGtd35f06vw>vw&W+Htf#Hlc@*M;zYiEl1N&Aie>1~2o;fgt3ydG&
zG_!K&KEC8sP8wQMw3nrID8peY(cTs+b7V`*5#WibbEII+@aV{FTk|F-N~0fG0U1)P
z@Y66E11|h&3Y))Q?J{Jzr#U*(HP=PhX%yHG12V)>SihE93%w>{O?NiM1r$;0c@UMb
zS(P72NLH*j$=wzf&VSS?A5y92i#t+-{yMM6r=vb+;||4Hu{&R7f}uXFESLR-@d#0;
zlBp>A2#rreUwXK*XGZ!+flqw!5KwbR$u9YQ=+>M$sf02IeT3Vg^y3S5`TYUfExLXU
zseXRDb>m(>Jtwn%HBz2!vq+OTzU-pyu3HFKuEV^|A(cJhT2;1e_3!2zZhP#t0zs)(
z8<aWw-`h><zBvwy1_k_0t%nMykiSd(#aEh%51CH6J64jV`SsSUO2;If7XcC*SEN$?
z8aAJC&K&ydFNA+#_HXE&5>>-fo&Cw(y|}qlOwqlvf_;1&GA1`iaSp7V=Gf!JrY^T8
z^tzTJ>Ae-UyRiu=9I?q)Hn?f$1BA;k*($7T|5SGoiZB@_qlv3JR*nXselrMW@WFLC
z#Qa&RnGgG8GO2dU<!8<C)CLet9?7bxoOsI7oSW6JJd-{p>D09@8vp3meu|vT|09t|
z&0B&ViFs7AK>&S$2sv<daAwrk0nS*Q{CQ}m89iA}0A4$ak$d=b#C{bn<FQQF-U1@-
zqd3SDR+T8-jhgqM6)uJ4{xMec&11X*cX_e2IUjY}--n=aH~WL@jx_L<)x)?o@GP$W
z<Bn;~^en$)QmnTI$yu*#`f88?NIN}D_-cDeFwgTs!)OjnBz@=SBXk!fX2gDzV$6Iz
zQ<%xcOIrkqhNCG`j_Ci(sg6BY!Rv>(S2YWT`?k>JkU#$#{;boIBQvsgASmbt#q5dg
z+BtC0E+6q#pbPD3#0kjjn)HGf&=iefZtOJ`23rZ~e_;<`-+|i?*?HW*zxFnzI^5<T
z5Iq*8Da4GLW2++pH}5Vk?m!rck{kXK<bft0E=_ECL6$Q^@Q<{AwEvm+)~n<Li(Gua
z!Qw+4Q-IP}6q_F}6vW~WKRj*usgQXS>Iq(<^sV3fhBHg?Pap8(2C_>^xR3sZy-T{M
zxAcbIPrRou7Ct_yzi)JKHyOW_21TQSL9d{JwV-2Dn+|(Q+1so9YO9)#xV7?ZsRsUn
zbODlBQ}7aQ0Y6v6|3Y;EyGIG~0(Q6b%!cGvCB!NaPfpzCW3;B&p%G_PN#!PoA*SmA
zeZCK8gxIQ;jv{bAGh#!KdxO`Vqa~DHpW{C}#%d-=T}P*0W86D9*@OT)bzJb9G-fEw
zqaE#TB?x@yG?DX#Acy9olh&vyF@UAhB1G0)fmK9j>4DN2&Ta=TaH+=R-a~3rdXl;%
zvNMUqr*)?sZs5VX*8HySXkz`@aWGxzm53pcyWZMFs1tBf>)js1Fde<}E@Jo7e&qSx
za43))k7LnPKx$~3#rz;YJ*0D&a>!nxv*`+oYW%<}E(EqfG(bJ@LO8m_RnZV8i@Q?r
zk~>q#r6#5xa5f>)P2O+n-|apL&SJgVNsav_X6hhvrmjSiYnqVTRijK26uio#Ak&Y0
z?@s@-841W)bfqz?@b2zftFblb+89e*M4xpCWi!m#Lk!0lSu*MP+*sySeJ?d+4~Bg7
z;w{}Z5{Y5<y-)dbEFKC=YWJ7XpaJ&jLC-f&Qe=qJkMQU42%3nVIyCNXhW}xEV&|D}
zUSMaiZ54O&S;0`SOY|a^$5Maa-R??DFa)DFtu64?{FJA-q$n_CM~z=fA+e-D=J#P&
z^o4f6+$g$R5S8P!bOAeoY*pQfb;&j7kL@AL_-u2@3YXQCt`^KoWn^i+nG;bS$`V`w
z{!B}Ltc?$rNl}Xm3DccaaK1dl->1?EyC##D$1xK3d$X4*oqYMG>7m!=Xq|k~jJ=Z(
zPwM~y4&0Q-GW{u*DZUUdNBB*;@QatGAYN!^5j^CCnT5n}HL;gAhzI26i=hnZ@nXx^
z#%4#4*uVFOkC0J!w#j^bb0<^d?Dg!;#E9JX6PDDb%CLJ2qvtHFT@$97n8gqlk<kO^
zzf8}AHZ(v(*-*<i@H^$@)B5rutQ8PLm4|>+T?Po16P>F<+bM$&ib>sdgN_rWMpb>f
zVh>Dc13FPdFm9~~qn;=8GGGkTTtM@ZB}D#Hj`twKC|(>hfY?lMJr93U6TGClutlOi
zjJh&_rXGu~4oOrd>Q$!`?W#u3q-N_>Z!@%egu|f@^<HtlSb;-SsdM4hoI?J@Cjc1Q
z56B;Bbx9D0>(0Zqsb_!VUy%07<-;XbD&3Mja`ThT4mvMqzZ7%l3MicHdn-5nxF9;J
zf~~~Oq~L!<c2yZ^&4OJHUf5NusL6v|pvtJ=nqzRsoKV+vRrVz$ENyX0>dBc@<DNF0
zk8aXl`?6S`c?jo@AXw{Athr!+(*bm3ud8}am+I~Ot!klFSy3<PkTt*DE&AMC{?{h8
zLhZCFe(eb7Hjq!_RbRh`NTan9C?h;V4LjKcVk=4)Opmm0i+n@`i@UdK9p_z-G;h21
zRGF=ckHqbpeAMwv4HhlR0c+R!o@SWaFf0v68`N7a+dID1t@$hf#Jx`%2z=FAh>2|X
zu>n)6i=TRF$@3E#sG<#LbkR<SNj7cHW~Uhr1d@9ev|_@*HX-ZkQnd_ec&W|)a?%~)
zs?=c&QXWAR{>E&dw{GhD^a1gf6j7a6?E4dxM7d(Vj6V#*eCqhhtyc(mMO+UF!LhOV
z`NkV9r3-=53yZ$F3^NR?5{P%!3z#7bM}YGP2Hy|EXCg@uWFEJl-7liuyGK$o6Clnd
zFeJ-pS9Kd-|HX2d_uNqbBNp@odMYP2hKNPc5C(JHBFJg>^fTPzA9#_koAqpo0HwdC
zXcBIgl(#G|m_C3nEFRSpopr1493K=bjWm^@?hL=r#Wr;QL-yl+tZ90P;Gp>MAyE9k
zv6TNo_WNvv{HrET*n9d1=YQR!0O0%x%rW19&Oa8^iHChHD;_IN*-gdrvji<)v1UVB
z4n;`hBc;(*V>}x8rAyYv2bPzMKp>F;AE)x4>Z7DwDwxVYB@n~CNFd+~f&;nNKN6LB
z9s9Cpnyr+SJwKn`cW?Wj|2ThJzwhQ&d^x^Gfh<EsqFet;KG;T(yRnzJ3i!$N3Camq
zZy1#1Dqm=q+&jApbBihOsLA!CLWAXmOE*9zxtc8fHzF23G!fzI<Gtj{ej<Ym0;7qB
zY8S;c-Bkq`hRPQ>bG39{dVPx+0{I)#(2BGV9l?$?UOIj3@ZIGb+R%SgF6^QID8H8o
z?_>ID_8~Bw4$>H?)I&%X01r74s+aybFCcE=s4Yo4h5cmWO0DSJiw$#!fFo|@7rDME
z^{Qd=@xKVrJ!Vhz&^;DU@U<^g5t`~88_lM7d(bZ$gB~wT5r60(LLyu*_+sC126NR;
z26DAW@mHV6oHO1kwgd=_r3^GKxJv-di&%lzQpNU1Z0@%bi9q~(AR_K#;uq2p9@I<U
z2pW|yNu3dN5tn&nYD7sp-inxbj@dgXg(eMTB{U`#WC|)@<WT1@SoOtwzR{b&%%w-9
zVPbwSOC!W|h3XefXA08VHYl7blgIbav~S$k@mRD0EuWeRkma=JO4n|qp&~&f3UFs$
zM!9vYyZwmzyxiV*2SlZhccgGDWfnc^7&P%!7j33f$Q?J12PAZ6E=r9vsT@TvpStU&
zui>&M))VNG?3|$U(8gKb_%`D==Ik#~<k46!NwYKN)fIh?=r6&ovHmEB|7TV-5#K6-
z8+W8=`IxX-?~gszy*tnIV<_z$5lKywc~N#v;f=#p={M>mZD44^#b(yba0c(a#@ZdC
zax`|hYO@DIc}7O(I6H}!rFf=cqQp)y{ICUw&^m)Q!1tFMtcQhM>Whkj$R~N$1fsqM
zup2*N>#!W$I5TnU%n7@Ftw+dIL;7>KSM}J9UlL>I9BP_@0c*VLf(7+4)dV9JeGDfz
zHy8hif63yO9l&mzrVl1nuGoBi2n?%qY7Vn?YVM`Q_Y-ixOV1$?PCZK(#2^l{ErxYt
z<23rouMTExQ!$#Ol58bZ<W?Z*uT%A*Gm_?Ov8Vbz47a3{c_f{-V%dR*+)$NlbNlwD
zs*cpUC4+Rnx%a~>w>Qc(emU**#Oy&<%e=8xWpO}{6^IpWiQ&JdeYvG-s9$g!abYip
zBMiY?pRkZ8a-G0hJYdBIv$<@siVV&naIA)ALVp$+znuBpz4iEY$Gbxd4>?jCLUtjW
zD;x%LX7~x_BZ_J(jh!Go^V*@By5Ji*q<T<j{0!1skCsKnhgLkD%=Lb)I~+)#@bc0I
zhUS=(Mc`<`haWoRECU0;h0kRAwJ6g%zNqo3yD2`)c28d_iopZ=)RDB?+1!T<EQ$!h
zvZlRe=e}$v8-%mod^^wykLmE!XARkqQkY4P{m^as*H?-f)6c{th0?R4d@mA<ht#xu
z;_KQ_E#2hVrww*%6KD#8-QA4d{>xF)b;@;z_<&C|g}l<ian|psCI!|k516HIPp9(o
zna8>}28+w*icU^wI22_;^SiBgnS_Ncp3iOAVXmWFQe={c*)?<9<h%jDDAVx-QTk#0
zGmSO5mln+QZ@K7`$vp9MEGg~}H56+PEeKXF{6+C%u=+n7ylRwWQZSNN{<Pl4E|pju
zTLH4{_{^C%J1x9U++2ZK6K!*I%qGk2A&{V{TZWr?qCzb&ZdxrcioHA87Mq};7;DN-
zfbLuQ;XC{vh0%38{nCZx;twW^hxSl^+P0;BRfztXv5u<RznR`lbR&oHnxAkc-oZ!S
z-K(FjaXh$bR{HysN8JyRKURUSnxE_Rj0<>ru}zZG4Lu3=U~l|<ZrL&e1y<qN8^I}T
z<+fKT7(E$-Qt6OSICwhz=BQy5uzvF!qA=A=YE--LbYn4sJerj8bD;z?HM0{0;%pHw
zp4=mj93DoVMEIQLFEyoZzFuqdA!o-$jm43>Szq^6i2b-kPCqDat2R__jFKY4unAyl
zzp4IvbxpDj#{mP;xlYx0$^t!f%z_3MbLews!GM*iUrvlQh1hlLz&B36I7!u40p(9n
zctWAa9QA5ym`A@8Jf4Q#)v<psSh>|Ti4}yY96!JemsoZ_$g!_kHcX}GYoI%#j={$Y
zKFwbrxgZe_-DYT!DxiLgCGK@rEx`v4u)cAij<5NRs=oh{&Rd+IE@&%g6|X9yR;)rR
zwcc`@ysH$qR;!vB(5Y8IxBSK?U$yU7gPC=wH@dh#2Nq=((^j)1iS!qEabx0&u#unN
zF3eb>kb$c(CB_$R?*5*?COzWI|B8QTsQA{LvBc0aErTg2q&t{?BNbKpn1BVu^vORa
z6n{Rri}~Sp551?LMZ%$TL$UNYTaYYUxNb045>a3iEV}oQK<b54?v$pwenC|ku^*Mg
zC=|b{!6bzj8$hLbzIFI@_f7V+=>cF%K`c)XbY8p^&jaH9M&hr+U`hsY=kTLbc%e&R
zT$3uJnfPd3!=f?zG_`wG&y@g7v*)i%UlK9en|8H48F)m*xkpjwqjtNU*{SIGyp8w1
zApDg{nnc$t(IUN2=+?>N+>`(;;Z9ex8oKg$l6Si^f64W}0Ut<cmz9Hr%NIFmjr7<T
z<Z5|yD+}sw&RFf42-*WZC!(fU8~w;&h%@9`=a^ZZ2h3S{lWn&0HUxnd5@e={qYtH6
zZ?ck?<ar^9yItHU(j5T<x{8J*>&Vom-hZ*9`a1*wbq`&=LrF${^Rqwe-ehl_PV?sc
zY>$!bA>@}{LI*eXk4$tpwY}0e>Wa|R5BE6&f^ns4i%&^(p1CTQXLGh!NiJ=Q!fB<%
zqpG9XLdB)vQtmz4<Z?jh2PN~HQO^32s`Q&!TXa=NwvQ+2$<#?X0gNEI*hlrS@K1XZ
z8t(`snu;j#@I1Ali10iOCPGnZ^TSU~qc#?VeMNW1axwBF#x}dJG^A+!v<J4l11582
zx!@bp0bxj{tn)k%UJf=BtfHtqEiB`PD3gq=u+XfSM;91{6gWU_bh#|q)hQw?a?OS4
zv<saWi2<4UGY0&p-~7S2r$sbEQR&fUBUN|BE;!#w$73dzC9d<scTdwegH<fxzow#?
zI;gta86aP`MlV<A_MWljY?RnEq3g2z(&hQ3%khifyQ(!UlhPFI;y^bPmb}V9i2t-z
z*<OyDS-HE%xXJ+Fi#tAk)QJ00$`QX=dgUBpcFUrHY`ky~iiS+3fZumGpsh)b?gCZ0
zLJl>OLGX);g0*_oSU>X*KVvxiZ>#gCyQMH=I|5OEmZcpOF4z#pzee=+i;2sYXlq%e
zy6G`C5fo(PR#qq|+f@XU3SYbg!-u$fG;_f%d9A$RB`v6c-Mzkq#%US73`X=u*4>is
z?tD4eYBK-p&DqZFt}3>?zM??2m{p;%E>C!CbVVdp0W_?w;umzbaDDqP<h)s9CykO$
zMD;njU}%AeQw5COx?#ibxZkai2}OiQ3S6Zg3kl??L|WOyYw{N5zXZ52c%T#pn|Pvf
zw5M$~6BIW9!CTE}^gAl^BY0h8o*VAoF>zPbWK5nB-VN$%Bdy<)8}zGE_rKd;`PIuB
zkaX-2ZAyvVj3GOha}0u(X=_sTx44!W&r(v_6iWsR8zcqjeFvwC=?xOKFT+j{#LWP!
zgjM2*u}D#b-NAevZ)vOME{^$k)~nOF)NrOa%}_bOn{xEP0AOfiE?@+}h9z~4OT6LE
zkntDtX;U9qR(Vf$zb>T^+&wM=pTJ#MnTcY2T^^q@Wp;Di1=xL@eP}rLujK1Pa3=aj
z5D=0R+SV`YW!C6L3+8*`Jzt(dhBGVL@jC+OUW<eSSZvH-R9BqHV69t+0zEM~m$=#3
z+*rUb)eM$3)9ab11ld$(bJQ#0u$RGQ{#lu<R#eU)r2R^VA!RXN!XQ@tid>7_vDe3&
zoH8|Y^Jhp~++IymxKnf&5^;*>2A4N>%ujGzZjvy~`A{JSl;WuGMOGI!^T_kX`wl7C
zm<6Rl{8Q@mcx63r^r+Z@Bg*g{ck9^FXIH?N!o%3rSNWu1@6PIkaN=>?jT&Q1&&M$?
z<6|8kt^xPA&g%z_3H?d9jja!>e4M1{bbW3kqf!DcAJ64}E)`#XjHP`tH5bwRE{Re=
zQA6-$hGcR-2v1W(r6+2C-Ye<((u<>Jm6tDqO{|NCs2xEa4mWn-u%N54hQ~29w}c5O
zq*4~h$oiQ!ME{QZ!SrshKm1|pbUtVo{OtO13|2|vd#Q@hH=D;#yBCrN1_EL1JKI*t
zibk=1XeEB|Kdz43qyiw%QxvxY{a`dl9MMjuwx}K%SDAXEMIH%P$#aJ-cM-fkcYk9Z
zOZ|8?d=T&&#}Sal5$1Fc{Nu#X48Vr!-+Jd&WWfIaKP!da*3kc_3ObdO6hsEV`pv6f
zJ&bozJWuRpw&cs`#-VY+(d3!X;E6_tev<w`-eP_&-_UR}w1zaX?(2v>*=VY!Br*ac
zKImb@f6h>vlVd3;ICFh=!?1Y6eck<s5pMJBEp@8<-v4@UB9r@cqU&KRHdYYsL*hIe
z_pj~i_PDRiQr86thAytPq|9T$Vr`MPc!nXu2{)79Lhs^gTzKu+0}>=aAHr>Zk%I8Y
zBV^d%l^?r%J1pp-1~K5g|9+Kafas;~>v^Yfn&3n4SK<!iq91$Y+);h8`VZf4e4b)w
z{pcnvXJ4c<riz!TI|DZRnb(xU0IZ*ySGN%eZ(Cs_T<tv_myQq32tCdKSS?6yut)Z~
zdfb1%|9p*QZG9J3`wFG+Z)w(z;q1%G*EeUdGFN|W!x^>1N4-#ow8*K>Z>uc1Nr>Gk
zd$~-bE@0NA2?QERCw&2o2=52QAl!B*=-sQh)!7|ZcQ$kS<)o{0e7d+=QR@gjwG*;f
ze2uMZm}DnK$k3mkAMq#voDhAEfxLVszMpx<Fi5G(sBHYR;)P}#?qYEg`?ENFOL_GU
zc#_-ZV{kCZ9qEbRXCKTK*}@4e`o(u0v}7?I2qY2_GZ;cdnD_>eN>#s#gv$s^m0{p=
z4Ca+LSY<Q{#3H*Qvqd3WX3HdsOX6^><&h&*xXmCgyOfAD7UkLl)5>J=g-8_%0Wlvc
zkuvB*yl2O;e?o*{$rzGPu+B2Dm8CrPE+XmJDP`NWe(|VCtu-yy9<3;X3Bg0sp^74)
zpHK-&iPX~gx#P@a!*<}sEf84SX;myj-DZrR{nM0BIwMivEdsw|gxN<gIVBbma+agi
zxId9nK2oF_rWx)S5D8I84rn$C-LaKtLM*D|K<%@~Ce5MRB47lUT_=mPT5km}_H}=;
zU2BT@h2JFd6g`_YX&_D-GAV^Li2-kk>(+9!zhq>M$hVkx9lHKFtG7{ta7Y%ygtcp6
zGF=SOHJ&%N<_4`#ThKn5SBcaylxK_7F`0La)FI;J$Z<dgq<1gp<>Jm;Pg7|>x`NhB
zrkRU+7V=h#de-vzi+WTuIuScoddGHM8-r41fLIZI(JKSoRZEga=boU{5vxcMT_m60
zJXj<jDW?|PrnS6qq%P4CVpgm0o3&YrqC?gTo4%F90?Br4U$60AdZaEH3r}3H=$lx4
zuj(5`9ItHPMiI~JM_tcKUa8(qQ`shNNDd~i&@ib?2J20hNDoGlpu=6x4+5<NZ)*dV
z194qtJ5lEE*<DqPL*hLyrj*WUS+YGTWpUMzq8-jNj;mT<&-vntc5!YhL~3uBbxOS7
z7NNJ1mZc!7a85Fre8$8b$=gCUE1cAQeSb!fZ(M!^zV<nVES$wYZU1^H1ERkgRb8^H
zG;xM0H8k9*z3IH|#0jtRwUZJdh3Q(7lv$0@m8f+#nXCJApvAJ#q>4n_E06t&+8EI?
z1>^K-;Un|hM4ouRbv&3MZE7c4R+4Y>INFJ$!W6NpC=Jm$w3t+G$KQp0=0JmAcm~Va
z8R2mPNEUjUwj4`cqkke;D5C2Fja^@=oBtxk$MBHvRv&#ECO6hb6a876ok(<LXH0^I
z%>BOi7Nb=SBpaDI)sRLdou7Ye)!y`C*@%@)yY2c-2SXu^c*NPsK%i%cZ;ceT8ycJf
zL2+qq|5=K`()s~x`^w5IRU}9h6{?L3-7I?oOcl+$K;|1gS9}xx%}}LI4Lf3u*$lx}
zKM((<V4|vH=Su(wob}Qt<Qt8p1ocuKP`teHc*LMr>tkP>dg<-n;S?6UYEuQo<%W&~
zeo{$|x#rps0)sK@G-`A`#_!DKUnZ{ASij0J?d&6`;D##6^QGp)c8AG=7Bu|2g?q_X
zfWWu~tnc;J7R{0cCJmfXeZSBe3v8>)kl0P_<K0bYs(_S4Tx;w40@>;~Mw{4iCTnZB
zdd!Jtq;EkJSle}jS{h5nG;mduI|=%qAx}3|j+>C_u`J6vd2z05;kA*Fni&qDuko~%
z7i5o)_SCO69V9u_h?{kSj~_c3i5z1W09&E8___rgJyXVp2d(zgnV(Nc2)D~8j<DsF
zXh>SO5JsvWTf)d^cFJgoPQMLSijvl&(9`*0*i1KAp;2UMSMup(AL{Lq9iB*+&Vom{
zk}%WQ*>RAEEU#&0sF^HTH6=5&zkh9JsP2g2tgNys%u1xDpsVwceTIYc$&WL30SI+e
zg3}H?|K7D2k(8jSH-#J`?vTSS^&gSVaQ=-$CJ*}9ndZCx6qwxfAhH!?7o)zpSJ6bS
z{j`MdBbMfiYyn9i8z(N;&-Hn|stL%sh8EndtvW``u}{UQBAtk*066`I@`MLEu&+$K
zHT(>CKB3xTS8f=)OLooZ5My^X0$Z}aoe=CeR*evq_mJ2FTYs(aba_nKCvdQ(aH{Vk
zA&0B2<er^iJ{XG%O9}*-07SYJ^tSz%QG+2*+IsBqf)kBY4Zkvo;oJuB$Z7weu6SaQ
z?;XWHi(MBe!v%B)9GHDpsaP<XK;LAxK)+~>@E+u_#}4=MFlF_pX9&|o2OQ2ny+4f_
z(A(*=td8R$i<{^$6tZDhRGZtTb%~OXCp!L+&Ho_^OU;FWEH?OFN42X6mcwr;T7$Pl
zG{?u~<FI*{?n^OZ#_Qu4U;A`uG?nZ%@?-+&5jFkNo{{d)`_8>NLB(ZM_<c-C^oz~<
zz;0XrfUZ|g0JYRgQ9H=d3?Tb)F5UeFpHh#hwi3(dKFtdv=O>Zogrzy(4e}4$Eom>d
z$~H#<Zq^t=znXD`Q0wV)c|_At&m({Dw56C*)<oJxmU^TRJLG3W9jcs&N_iiYa|^m3
zj(F&WIPA`hHSEqmviw3g@XfvWxNl&6dax@!YDnz-ja)1m5>6Z5GJ%x=bsVRea4P>V
z#N>#_k%OSX=x<<k0gG8`uNG-w2WAShZ{K|Nl8UR)e75u^{o}bJ)jDlK4~k>Ut*K!j
zRhUz>bncu`Vt1Z@x{kC&bW?_Cyt_1(V*xXJ>FmgNx!2_Z)oI6B&HhE_C9_$>FJypu
z@$8=gwD+4gzV%-w0l;0>wUdQQMitQ&sy32gH@a%*+bSvTq73{y@M+)e9X09Xl#OYK
z{k`T+XRA7S-Dv<H6Mo%mz}B!d*&wmI_*_mvwe2w{fTbSRlPpTgzJsBQk3bvytZ{cq
zD9PStodrLr6>Ok<D2|gswjFwah_>r51w}@fZ(+fD<}NBv1*B%dsAYJiSl#J9!Ah#j
z^WdZlIF7tv$fHkL`W6CP6HHI3(r+biCq1(BI_Sorf#8W0?z|s@?S$w~GqF^!6ajZU
zLVe1;oos{;ReR|2&|a<Oaq5LqYN`o41s2j7aK%~?bh75`K|6cbCliVEKEo0*LFJF+
zwmVOjm_DhKK<;+)HCb(P2g#4hs=yv{3-8nSeb^{(%7~WZX|1%bO0FxX*&=BwhrPlw
z0^>!>J-1Yk<sI`8-?~8WYnNII^_OBV)bK2`gei+kM2mJl+Q24Jxn%l%;?ndcb>d?y
zY&KTMPFGhST)M-eMKuS3OiZ2;HSem==A*O5V<sc2z+EGW;RSpVEe3B)CN+1+1~u5&
z2lY>vhE~d;oH~UhW6BWu7z}UA7=sHLUX<g-5O<TV-!!Q^s-r{>lW!PfrMAh_gAe`a
z;}YI-RPBKiyQEaD-4gyEHA*}9rLXrHHi0SCcvcl6HY_VIf0x#=g#Vz*t)+_S7gT6k
zR$<mZ0AX<pmPq|SDW3hm4e}HkakJM$>&kO}L7IqCQdl!t@(xQ=3*ggo?jH|w$j8*N
zh2vDd5Glbc3CpyBS_fk#iB`k8GNGe~#+Tp~Yf%=8<C_-oYC#ETBx&uKeQf#D$Z8R2
z(ie?qR^eRWzpFo$yG{AD#(Yd&S6ZRMIin_&4``Q+%Bz#2Cl0(4VZ;kjfJcr#sS;L{
zw9Tuj$`=wZ8SMZ5-d2u`el4UYkbFc|!Y6uBieM<Fx|onkx$l02=cpuiEX8{uf`m+?
z-o6xI#@PsI#;7;jyZFn)Z%HlLCQNpMV}W5ASB_Jc@GFbnr>@fxJDK4stxn8o>mVql
zb%3-oU}RPzmG8Hjx=qaY{cng@%WQaijQT>3<#J?l)s4a9hV%4dC1|&IqEhFdWZ!S<
zXVW=zm1Gq+3LB9Q!KwDL=-a9oGB(@QjlaB4p}wn6o7KmvRkn{yLt2`wn}N)?yj_&{
znB#T9nRJCPRurW%S0xF3AlG666Z#~XQNWh^O>PTy)p!fqMGm&F=5_WX_UP(o-$|H;
zo71DwfygF5JhtP{=u>e6n<mB+g52tU>0a%D%;G|*4MO|nk5mR^QeI`>Q{l9tGud*(
z6K}B>Q?;oT(}9L^tTNuLPsMbcjO<xPTbK<)i8b?d?pn<c5<NPzsr2TZm2Juh>VSOh
z&0x1(`rjL|5@M4r&S3v)jzwwLA6gHrHmKp5kjpYxE{pRgziqqKBrl^@iZl>)CeK&J
zN^}@LxjGC@yqA`5!MkUfmr+)%4-DU&QuJ}ws4_SrEZWp_4XF)B*sc|&Sd`Euh!;2D
zERa0HTWXh>!YRzEE^VxGOzwhtF9AJ%_o+}!p7f5z$y9l{Z<<{2!a1*%GZab)M%I!%
zcA7clPx6<xA*{%^35#aOTi+Ls9W8Jt1&okPgsH2oE!Sk6r-|cunX2WB_dKG@=v!d+
zCpS#5nEZKhTm#uCzURXsO`0)y^9gP*zcoifvae)SLw6I&vJ>Y(wJZ_uH2@=2S@eqf
z$H5bqTud-8o1Zh2OrTXFO0JDUt&3j?y?R>fqc}6#YX6wSe#)`U4w%xO%HiPVG)do0
z`ZYg)AQ`OEX$u#&6n2$$FYxR=VibcP;{5t+`V6JYqWueFJ9m~=VpY&D7X?#c)}0l~
zg6x^$oeP3SupQ*?>%#MM&<W6`wNAAiUv!O3bJ}V_G~`F@<!{W7vh6nvqroll3aa$f
zTI%Jh3#(SOo%OESp{QRs0RL^XkdQb_16jb?^pnPP^MXpTCVmn7S@NPNO>U-!?pt8(
zR%-~TYww3vIaMx&(IqDc$&Nadpf_(_b#Qg`%=W}091Mr=dhoUI`~v8TJG*VMo)s4q
zb0%qUQj|CO?$9f-JxDOjo~2Cq$?-dR?3yKb<fC=1QRov=i)?^SK%HfPwhFVcy1np6
zeD)B$wIGsWb>&eq@?lh*<DgNMM1)C?!p<>+xAoPSGwi+3wAH0&=+<?J#y99p!;FBb
zl+q%Ca-<zWSEo0kUciMlq`rbBaqrn$dJKdbd%pc7O=_#?blG?EWjwK7hlD+0?#?zr
zR!@p~1n$T#%3O1WTEvup6uIR&bCLfwtca_k`KRp-WVVJy$geac8XMGMo#JTkuY}?e
z?4J=Bb&IN!yB*!zHJ%P5H5%;O!ML%;gFeS$1}J8{#q_6Q7{CA-qw{mIyO1Ta-wUFI
zs-hKBjCo&RK!$!gsV)*mk2!lS@}udM%*vP}r;~&QjBTy)M`r6f(WjiMnSgZkIkD$U
z1x>6i3y%jx@hto__v+V4X^h=X#j~t=7Db-#9J;PATbbh07H)%GO&WiD<9Snh6ttY5
z54pn=iGZ?me4zLmp1DOeD=b2~b#%?h2?n*%X29;r|98^BKuINnRHaVi0yEwDMvTrW
zDYC9QT4L$jJ#`l(jOzEle*4<TgXj&Wr=+aae~Bom@1ChC6QL6>NqGOh(FTt3QCrV5
zF;0c|X?4cLYX9=tB*_htNs^~~Y%O2E6uez5*IQX`h60`dMDxrECU>U#7NbV!LQ;g|
zpbITM_(af-J<5Zy_xjwci(dZocAfP7@V3laZXos1UkU;3`_eqa`%0F)XNxAcsokuz
z6_&DRRp;h2u{Mc&<EVpfLd7|M4AYKS)9|y!t@p}&&xhrW8+^itLj@pgF8A=pa&x&u
zc=&M29r%^Kf3wg33O)JqRRM^fGdvkL+`38Sb7OXW8q59*U)nQ!SnKjsneD#F^V+Nc
zWX~DaKI?gt?*29U?5(qVXDN_@2&I=Ml3xouow|Uuqq>&YGRAkZ)A9kMwTcf1p`9gW
z#I8S=KT<pW1*NwWp&`SEq_bsw5sBAaE^st0380e=j07YyeoHwy>w;k9g8kN4A;Wu(
z(jdS_bWy?9QSPz{oLLjT@V35wa6fMaAsqf7D`hKfu0VUs6E(tKb>;^eH%WU!=ZH!$
z=xipQJJ6g#fQL^o*gL}0=?}v|FT8c%QTWR6VXp5#Jrey!g1x+Fc_dm#B7g9uD2zRV
z0nQb0)<%Mtp-s)MHXLw{!45do5O~ZJP`D{F>@yaOiY*pYeqAMUzmh!JJNfg-K#8+#
zRzdlz5|3`qDPSF%P<IxBUyUYQb!rOX<ePG7Nc*3WvS7zH{4T)Ibudh3QIQ)AZ8%IJ
zvYR#zj)7zO=rw`5n=);Yr1xOX3l=?CK(YV!LN-VI1$zC+O2z|2-Z&$gfKd<i&R#mc
z(h)afEG_f#L!vf(xEnZs9AJGzmhVl{XGsp4vk?b}Cu4edY&zxe79>*EBb1B<#h!%8
zi0m0s+6II*wy}ZOHS3HlE*-hHi74A7J;l_ujk(9;OMa&q*<p|GGVU=l{eiv)GLuvU
z>qtNdW8N)vAWnL(Q&xFIy?LZ&6O+j737hx#7`jrcXk`#AoL0h1%^%P(l~H*V+O$!k
z?Md+F<P+VGbr@!Jh13;T*OhUE9iG3O?wgpA>EX%a+i*GP=uT);x#Ri}3Y*!l`fVjl
zoP-CQ`uU~Dbd4(48b0fDCIHY%l^5+CZehJMle~<`-;B;goRJ;4fFky@kqTtI=@Q%0
zOqU$^jj=6c*9>`g-dXXgX(jWWrT7n+srS9#l_JF<L*?fz9b?~KOJZ(|x$)Lw%yS5o
z+#iLJ_cv9j8ZY`z#^#gLSx{A#Zb<H@L9_WaP*vwpjz>=TUZ$YYGa&e<EWF=U{S59z
zaxxrG;Vh2LM^GV35c}7_%}-90a2Lbcliy6$kU6$K5x@)|ccW<>cEe@31E^5NrK~5W
zv#?98O^2o+wZ_9gFy2o5h{624bZdj_p4@VwzC1+keR6HsSpELfA5nUpFG#XJtmGlJ
zG-3;l2XuzKx>08#!~zXdf-u6SKqtNj`<?1ElH&CNuUGu*x&0F4IoRNVz#z<VQ}cqn
zD;TQQn5ip9{6d%DgX7jGugvy0LL$&P%l-M5%Y&fn8&M9*Ir}~F#=-^Z`Um1o#tYVU
z=-dsghxZ-!sSC~r0^u<KHk9sO;tkmsxW96|7nqoRhSn@E*?>f!r{B?eIbuNG;RT8g
z%v*u#hA=}AF)frZs%5(yI@(&0wj1|e-4}=bPoMczs@zPT`dZkt)}X;Ql%c0zAy|7|
zmp*ioblSCQ1b+F1-If^K4CcoQK@i*+Lc6$NmE17G`6_0NNEGVH5(9NRhkHCZpK_eV
zZxuG>>Hsm>7!5cE+WYOVtU>FugxX*9GZ89CP;8K$b-}fz1*N+Ey;0|@dQ2ni4Izac
z78QyK0r3z?n9w>J!fe+OjMhVxTzOI|oDELud$mp=-`44yv+iUjF&boSmZugAF1UKn
zc21hk(`P`5m+-XcFC*OwO{w2mFHO`a%ybMHOd<PJ#{q3joL%d8uk#7`DzXl8o2&D_
zBNP59FLosvoOY3`kC6}5_buPtqtKtJFKWL5yV{K%MhaZqjea?k^IP&B_pY6tUrQy=
zg6A?5<X(b32`$bSAzRNh8pFpVblLB4Pft`Qdt4tqOQu}$Ri`r6pj)2=T37JvkIoKu
zyi9;~YrxY}+Vb4@{scp%-qriU$`!kcpdL=+qgalw8IW5l`|-DiQ|a0oeYX5w_wuAk
zt-<Os#r?H(Sg9f#86kqCoqYNX*aa~Q+599;auYEvyfH6DHQ`nZ+H#v<DfoH=H49};
z3#`!fjj%0+ur-Fz6OR9+{(^ea`7Idff^gqJ7;p)TY=a1QmEcckTrT8I%#Nkr7M(Q1
zcE<8$fN`R<tOqsmSlaIjG)23PknDSsPHz5kl5xZHmBlz8#&OuUyM;UH-N!wqoKzFu
zt#Tu_ECRL}IOejrw*?jOniKq0)NaI=4H(VhM^m8ePUr6n*nf9rXLpWw>$RMGC11KD
z0;J$hM6k5d?T-X6l(_9si}dTNM;i4por&(8AcziUn_6!gDM0*e9&1py3Rv}RdJW&M
z?79cW-075=+5<Tj{2o2IF_CESXnTmH+{9vC6&-06sWElkRN}o=PfsAQVM8V7W;Q4$
znRxT}`nTDTB~o2kIuZ)|I0@itwxyf|0Rr&lEk+j{7uy|W8(hui>YYSPYvu*E6ThWm
z<|S7fv12&3RvYt1HbE=5YgBjm_QekZ;N0@J{)_p(mS;nn`1F|n&ywZmB!3jG`BkLY
zWNi7vFnyPXhMoG+JN~)tcc_b0Zh3;MORpqJCi;}$`e=wC3zX;8GSM#0Jx<aVz?2pm
z3r2l_B8cuZ1_?nAZ?V@Q=5D*+7x$k<k5@lbo9n(MdbDODk(LjZs>JUt6)}Nv=M+mz
za^u@>>}($N*qFYiUmMyu-_U|CH2oyIAfO-c%X&49DZ4?`+nLi*j>T18jHYY36{?d)
z7L;uS_WP{iOZcaUJ91e)58Pe=>`8OyKKey)HhKFg|B3jd9)*Y>t-Gas2)T;qFC2w_
zkZ_>M%cr4j$?>US79?TwOMe*lOU0Ad-0PQ=B4H8qYf>8`OIJ3Q!S7~fw_OusU27&9
z2em3INV_jW?Q0?=_os_pYuqdtJzqB;2&0D1jT!#z1nR1;a9nZuAsiwC?w{wjEd9(?
ze4Ix4^Ix=??2krstCxOcJL@U+^CDh2mYtpI!-#Ofn%10s@1=kqOo9e~Gk*Adm9u@+
zFZ2`RhuA6ms{BEyv4?ph<dAesdZ1>*XwKT`YweiX%AomF%DINFcXs5qe>#?7`Po>T
z2d(U>ut6&7V;2CzP$EqNoE%&}VS=TudU5bRZ1XDehK8BZ@XP*v2c?D~5GX$JOe{ah
z`-v<+y+*sidAW;ECP8&kVQLY#8H1_M!q2<~L5?S|yA)5YcLx)%AHCOq17At$*IOie
zj%5sp&dqp+I$NltWO<`a3lSfFlsWn7q_n{Q3A%r1JMV+-XcgxHB$;fl8a_%kenhc|
zj}BQ@gOBDw4c-ayP&j8QaCzWW@3qK4)U}2eP*mM?&wz29GrmA2T$k-aDJFR1m%Pkm
z8(4wEzeh&|lJBTlY82M_<9Z)#O#rfOPQd9)N=oX!f4qD}$r*jJZTmOqziU;`Q5%wt
zT6B%tbdrr~6-F??L=dkU((s(#w`l<_S%eKaosZbFtWLO$!IkA$eAdok97=yvSyyHn
z98ENht;=Hlgr;DHUb8kvkAfLAuEN*&^7*})OEFI%h$%NrVYePBK)^|;Uhe)JlpodV
z`^64OplmkZ;x^~sbPc*35X#+;>_&g4kY9xoUp-x+Q0oRT=<qahj3t4VQ>)xBi?y>u
z6eOgRT^?7>$B(iJe$MIpwQvu*)Ho*QG8yE4IkoI1e_TqE$1iTUg{J;I=l+$*Q1#Do
ze5MYdlRfS%0Kq+U;|FY<0~qbM_rj0QhT^I>_dSo#!Yw!ehK=x}%%>;n`^4CNrERj2
z)`p%&KYoD47A5JSh`G;>DT!6Gw*p^3%Hl>ASs(E-DcQ&YMyjmCzJj2f)e+_4tBnC%
z24!09$R2NCaCcxo$LCmYC9@tMD{;8b9ACX#5^!o|o1Wl+q6O{XLF+2C8#9_FC|SG7
zwxd3fZ|{yeC6ChHLte;|xKka67>=ve)lZG9pWc8=w}}39nwn9L!2<MxPw;MBc5evQ
zv&Uv#i3?{jY&d)S6?Nlz95!o^`EnhpiauN(l;qNfbq6z-PEkR1i`u>K%CGW>#(!bY
zL5E={Yq5B)ySvGS&zc#Ud&3tmeXmoo@sITa!ZmM?^=!g9`_wnW!a~U*PGpNi$~!zb
zU*rLn;Fxd~9k{szsInclN17`zgbs9Mo1Q}+7Eg@MCWcLj1-$4t4X^}L{!~7Tp4_Pu
zb2iKh4YJ@osMDIUOYV3>osV$6h<yXajml5N(pfry$WM0P_0b>HaVW}AB<u7+KLUKn
zmL-+CP0;~Qe`u4XxVWLxL8Q1d>xa1(RS6tgw&n0$%02NK$h2-nyWy{kwr*>5AhfzJ
z|HZK%`r(GsEqA}g??&9MsC$Xv^P#5%R(eK^Bd}$L=eL6DfpJBtgN}k=QxH)x!Xax%
zu*XdF4TXKdnj5~LxaZv5%?Cm7($v+7>&vaI&-c6O;~Rk=^32n)H)Q^UaXoWmbeVvG
zGUZJMo<c1>^N;+|LwR?cAH^|6tqTG^lAP0>ql$nM<4t$OH0%-LlTx;9Zdv3(?2*lr
z+L~x?IsbvHJIbjl$_)0A^OK68ykWWE4fd_=Q{|K3tGvI|pSqHkZLk8{4W;CPT|2@_
zn&uw8tdX_;paBl29vjwh-)NJeyd3bfV2Qbcv6#c|EkF5<*8KOU(OZ(^B-$0a#=k2n
zs~$mQ<yI~^UE8IlZ~Rn$Xw;P;hl^CYmX&_~x+VOh{6|da^#kM~v69GJ@W>6h?y{m%
z@uwJN_#<_!rg8$F<W1XTe69+CHicbTmstL+MDB|bUgJ>ZZnpZPj?HjO^*ZBs+$^UH
z&mR>Db1utt$i@~nbZC|jFon$QQ)+`7Dnw3|Xf#TY#({WH;Dt}?dHl&*hFb#N95Rpf
zuqjLF*DR$&6|-MWy8re!FlBr4bGAdKUg;BAs_forJTIsnUAoQICfadkwBv#aoY)G7
z`Z)&SqVZ6gZ6G*kh%NiRV`we{{Cb=RpS8}4lwiGj2(mtVn+wwfCAQ()?!TI%^DMWd
z_#wlEQ(P!970oMTC0N*??Xaqbi`Hbo!<JjK=n%pbA33E}#RP&E+|r8ajB7GL?lxEq
z>XNJ>g5@`UHP>=n0{Yz78hZ*^8NJqBsv5P~ZhSRZERdX4-*j-Qj*QZPibV`h3mVae
zhOc+hu>92Kf144Jx8)PWeY_!1TI<=0KBL`_ow!=ux=u>aXwW}o4PQ>u8%Oa4B|D+1
zl_hGU2BhU{h&0=TL05cD70mDvOdGeLxVyJic7lkF^9*XJBFbW7zQJYw;6*|1HwSmT
z3j(k;xM(FZW<uDHIX)8s*S=0zvGk2$7U~pEEo$w9c$4M<@d10OJM~)Y-Ig^{?>qch
z<|q?;V#Lh_CNzfTlC@<^U)ANiiLw%Vk1+L52ymMuO01Lbt4o|~YD%09ba>qLgoAXz
z72oRue=mP5u!C~uQE{(JtodrXz-Og#Oj^a&yKF<QSELY5zkquIAh;vjsqXg|9*KI%
z=tD7A$ZlY|<Er}Gy$RP?BTafHtVIX`da8?!(CfV(&g5dAguT#MOI%cRb&LV|_LrPL
z82+ZcZBdTi$zt^vbeA|IushLXl&>tYIEKd`A>)*ug}S(7clNHGKx7)ncZBQbMQRGh
zDDoi2xayH;7J%yjs4uf-Yi#*MP-21uan#POjb>jP&4Ptg?MJJ{sUuIf7kFvC95okW
zVF*6Bs-s-DCz3Cl+6~1v;tKa!Fzn>Y*f*>$e+d=|icxCYd85`?p6m$6Y`_jH+fV<C
za6-j=c`{cnh<tO;aZ4AQ^Z3WA_VQr)E&7fxHs|?|mE*+$L+Ts;X{*3*^2E0L|EuOw
z6P%1GL-yfA!sq`0S3nRLA22?Ae1E-b5vGcM0rC6?-=FIL1tk0r!_xBw#P{#y<qJp*
z?)@Wye=^#sQsN*k;{TZctuc!8U#g-XJ}jqZi-V{Q-;po^m&q_P)$a;2Nbi7||HzI0
zzhj%^KjNcqZjKI0#t!Co|CdYtzr*@ZbD7k%d{>AMAJX2bQ!)Nu+xN36>Qr(G5E=1*
zyzq1E>h|9$>P_FZ(9r+KD>T*Y-RWQS|8y8rV<kYCAFG%?d=N8taZ6>E0Ac;h<-gU`
zu>Pk9lGIHJ5aqv#fRhB_gA!9IB|+r>Y}t1kVuU}{N)kl)FAgHx%j~iDXxHDPeFq2q
z*MXi|BnhJW*J|QFy^yCKN`e^w*|<_5d<1;e4<8hr+^iiPTvJ&kLD>Hy{-?f^YA6N5
zgwr&6Uosa*FYnYiSr87%f2RMx)foPFumY>ZzgD=ZlTx66nhdFH?;}8rI;1{Hfyn+1
zNi6*y!nag@X%Oi@+wk3n7z;@ClLoyrK)v_<kM}<{UmAo75mcCXR*0QCB@IISH&cfH
z#k!68Um3outEWCmgDCzv{Wsg~|2nCp3d(>e{w46=H7EbOYG}2o12P~|lK-r2V&wh0
z*t_Ti@4M*4|8^BVmkKTW|1AZ*?0W`C%ZVs^n5p`*AjE$IXa@X0pw|C>_uzl0ewPIi
z|4Y8|KTYZPQ-8{W2qpi|KsF+06MhsQ-VtJC2+K<j%S<g#ErKOjR$%I8V2}gC1;FH&
KYzn+CfdK$|6?+K)

diff --git a/classes/ssl/onetimekey b/classes/ssl/onetimekey
index 5c0c26d..bf57c8f 100755
--- a/classes/ssl/onetimekey
+++ b/classes/ssl/onetimekey
@@ -1,6 +1,7 @@
 #!/bin/sh
 #
 # usage: onetimekey path/to/mycert.pem
+#        onetimekey -certonly path/to/mycert.pem
 #
 # Takes an openssl cert+key pem file and turns into a long string
 # for the x11vnc SSL VNC Java Viewer.
@@ -14,6 +15,19 @@
 # in it.  Also, as the name implies, an HTTPS server can create
 # a one time key to send to the applet (the user has already
 # logged in via password to the HTTPS server).
+#
+# Note oneTimeKey is to provide a CLIENT Certificate for the viewer
+# to authenticate itself to the VNC Server.
+#
+# There is also the serverCert=<str> Applet parameter.  This is
+# a cert to authenticate the VNC server against.  To create that
+# string with this tool specify -certonly as the first argument.
+
+certonly=""
+if [ "X$1" = "X-certonly" ]; then
+	shift
+	certonly=1
+fi
 
 in=$1
 der=/tmp/1time$$.der
@@ -43,5 +57,9 @@ rm -f "$der"
 
 n=`grep -n 'BEGIN CERTIFICATE' $in | awk -F: '{print $1}' | head -1`
 str2=`tail +$n $in | $pbinhex`
-echo "$str1,$str2"
+if [ "X$certonly" = "X1" ]; then
+	echo "$str2"
+else
+	echo "$str1,$str2"
+fi
 rm -f $pbinhex
diff --git a/classes/ssl/tightvnc-1.3dev7_javasrc-vncviewer-ssl.patch b/classes/ssl/tightvnc-1.3dev7_javasrc-vncviewer-ssl.patch
index f35a4e9..be5a22a 100644
--- a/classes/ssl/tightvnc-1.3dev7_javasrc-vncviewer-ssl.patch
+++ b/classes/ssl/tightvnc-1.3dev7_javasrc-vncviewer-ssl.patch
@@ -73,8 +73,8 @@ diff -x VncCanvas.java -Naur vnc_javasrc.orig/RfbProto.java vnc_javasrc/RfbProto
      serverMajor = (b[4] - '0') * 100 + (b[5] - '0') * 10 + (b[6] - '0');
 diff -x VncCanvas.java -Naur vnc_javasrc.orig/SSLSocketToMe.java vnc_javasrc/SSLSocketToMe.java
 --- vnc_javasrc.orig/SSLSocketToMe.java	1969-12-31 19:00:00.000000000 -0500
-+++ vnc_javasrc/SSLSocketToMe.java	2010-02-22 20:03:11.000000000 -0500
-@@ -0,0 +1,1712 @@
++++ vnc_javasrc/SSLSocketToMe.java	2010-03-19 12:52:08.000000000 -0400
+@@ -0,0 +1,2055 @@
 +/*
 + * SSLSocketToMe.java: add SSL encryption to Java VNC Viewer.
 + *
@@ -118,7 +118,9 @@ diff -x VncCanvas.java -Naur vnc_javasrc.orig/SSLSocketToMe.java vnc_javasrc/SSL
 +	String host;
 +	int port;
 +	VncViewer viewer;
++
 +	boolean debug = true;
++	boolean debug_certs = false;
 +
 +	/* sockets */
 +	SSLSocket socket = null;
@@ -126,11 +128,11 @@ diff -x VncCanvas.java -Naur vnc_javasrc.orig/SSLSocketToMe.java vnc_javasrc/SSL
 +
 +	/* fallback for Proxy connection */
 +	boolean proxy_in_use = false;
-+	boolean proxy_is_https = false;
 +	boolean proxy_failure = false;
 +	public DataInputStream is = null;
 +	public OutputStream os = null;
 +
++	/* strings from user WRT proxy: */
 +	String proxy_auth_string = null;
 +	String proxy_dialog_host = null;
 +	int proxy_dialog_port = 0;
@@ -142,21 +144,28 @@ diff -x VncCanvas.java -Naur vnc_javasrc.orig/SSLSocketToMe.java vnc_javasrc/SSL
 +	/* trust contexts */
 +	SSLContext trustloc_ctx;
 +	SSLContext trustall_ctx;
++	SSLContext trustsrv_ctx;
 +	SSLContext trusturl_ctx;
 +	SSLContext trustone_ctx;
 +
++	/* corresponding trust managers */
 +	TrustManager[] trustAllCerts;
++	TrustManager[] trustSrvCert;
 +	TrustManager[] trustUrlCert;
 +	TrustManager[] trustOneCert;
 +
-+	boolean use_url_cert_for_auth = true;
++	/* client-side SSL auth key (oneTimeKey=...) */
++	KeyManager[] mykey = null;
++
 +	boolean user_wants_to_see_cert = true;
-+	boolean debug_certs = false;
++	String cert_fail = null;
 +
-+	/* cert(s) we retrieve from VNC server */
++	/* cert(s) we retrieve from Web server, VNC server, or serverCert param: */
 +	java.security.cert.Certificate[] trustallCerts = null;
++	java.security.cert.Certificate[] trustsrvCerts = null;
 +	java.security.cert.Certificate[] trusturlCerts = null;
 +
++	/* utility to decode hex oneTimeKey=... and serverCert=... */
 +	byte[] hex2bytes(String s) {
 +		byte[] bytes = new byte[s.length()/2];
 +		for (int i=0; i<s.length()/2; i++) {
@@ -189,11 +198,15 @@ diff -x VncCanvas.java -Naur vnc_javasrc.orig/SSLSocketToMe.java vnc_javasrc/SSL
 +
 +		dbg("SSL startup: " + host + " " + port);
 +
-+		/* create trust managers used if initial handshake fails: */
++
++		/* create trust managers to be used if initial handshake fails: */
 +
 +		trustAllCerts = new TrustManager[] {
 +		    /*
-+		     * this one accepts everything.
++		     * this one accepts everything.  Only used if user
++		     * has disabled checking (trustAllVncCerts=yes)
++		     * or when we grab the cert to show it to them in
++		     * a dialog and ask them to manually verify/accept it.
 +		     */
 +		    new X509TrustManager() {
 +			public java.security.cert.X509Certificate[]
@@ -216,8 +229,9 @@ diff -x VncCanvas.java -Naur vnc_javasrc.orig/SSLSocketToMe.java vnc_javasrc/SSL
 +
 +		trustUrlCert = new TrustManager[] {
 +		    /*
-+		     * this one accepts only the retrieved server cert
-+		     * by SSLSocket by this applet.
++		     * this one accepts only the retrieved server
++		     * cert by SSLSocket by this applet and stored in
++		     * trusturlCerts.
 +		     */
 +		    new X509TrustManager() {
 +			public java.security.cert.X509Certificate[]
@@ -227,11 +241,12 @@ diff -x VncCanvas.java -Naur vnc_javasrc.orig/SSLSocketToMe.java vnc_javasrc/SSL
 +			public void checkClientTrusted(
 +			    java.security.cert.X509Certificate[] certs,
 +			    String authType) throws CertificateException {
-+				throw new CertificateException("No Clients");
++				throw new CertificateException("No Clients (URL)");
 +			}
 +			public void checkServerTrusted(
 +			    java.security.cert.X509Certificate[] certs,
 +			    String authType) throws CertificateException {
++				/* we want to check 'certs' against 'trusturlCerts' */
 +				if (trusturlCerts == null) {
 +					throw new CertificateException(
 +					    "No Trust url Certs array.");
@@ -259,6 +274,9 @@ diff -x VncCanvas.java -Naur vnc_javasrc.orig/SSLSocketToMe.java vnc_javasrc/SSL
 +						dbg("URL: cert mismatch at i=" + i);
 +						dbg("URL: cert mismatch cert" + certs[i]);
 +						dbg("URL: cert mismatch  url" + trusturlCerts[i]);
++						if (cert_fail == null) {
++							cert_fail = "cert-mismatch";
++						}
 +					}
 +					if (debug_certs) {
 +						dbg("\n***********************************************");
@@ -277,10 +295,86 @@ diff -x VncCanvas.java -Naur vnc_javasrc.orig/SSLSocketToMe.java vnc_javasrc/SSL
 +			}
 +		    }
 +		};
++
++		trustSrvCert = new TrustManager[] {
++		    /*
++		     * this one accepts cert given to us in the serverCert
++		     * Applet Parameter we were started with.  It is
++		     * currently a fatal error if the VNC Server's cert
++		     * doesn't match it.
++		     */
++		    new X509TrustManager() {
++			public java.security.cert.X509Certificate[]
++			    getAcceptedIssuers() {
++				return null;
++			}
++			public void checkClientTrusted(
++			    java.security.cert.X509Certificate[] certs,
++			    String authType) throws CertificateException {
++				throw new CertificateException("No Clients (SRV)");
++			}
++			public void checkServerTrusted(
++			    java.security.cert.X509Certificate[] certs,
++			    String authType) throws CertificateException {
++				/* we want to check 'certs' against 'trustsrvCerts' */
++				if (trustsrvCerts == null) {
++					throw new CertificateException(
++					    "No Trust srv Certs array.");
++				}
++				if (trustsrvCerts.length < 1) {
++					throw new CertificateException(
++					    "No Trust srv Certs.");
++				}
++				if (certs == null) {
++					throw new CertificateException(
++					    "No this-certs array.");
++				}
++				if (certs.length < 1) {
++					throw new CertificateException(
++					    "No this-certs Certs.");
++				}
++				if (certs.length != trustsrvCerts.length) {
++					throw new CertificateException(
++					    "certs.length != trustsrvCerts.length " + certs.length + " " + trustsrvCerts.length);
++				}
++				boolean ok = true;
++				for (int i = 0; i < certs.length; i++)  {
++					if (! trustsrvCerts[i].equals(certs[i])) {
++						ok = false;
++						dbg("SRV: cert mismatch at i=" + i);
++						dbg("SRV: cert mismatch cert" + certs[i]);
++						dbg("SRV: cert mismatch  srv" + trustsrvCerts[i]);
++						if (cert_fail == null) {
++							cert_fail = "server-cert-mismatch";
++						}
++					}
++					if (debug_certs) {
++						dbg("\n***********************************************");
++						dbg("SRV: cert info at i=" + i);
++						dbg("SRV: cert info cert" + certs[i]);
++						dbg("===============================================");
++						dbg("SRV: cert info  srv" + trustsrvCerts[i]);
++						dbg("***********************************************");
++					}
++				}
++				if (!ok) {
++					throw new CertificateException(
++					    "Server Cert Chain != serverCert Applet Parameter Cert Chain.");
++				}
++				dbg("SRV: trustsrvCerts[i] matches certs[i] i=0:" + (certs.length-1));
++			}
++		    }
++		};
++
 +		trustOneCert = new TrustManager[] {
 +		    /*
-+		     * this one accepts only the retrieved server cert
-+		     * by SSLSocket by this applet.
++		     * this one accepts only the retrieved server
++		     * cert by SSLSocket by this applet we stored in
++		     * trustallCerts that user has accepted or applet
++		     * parameter trustAllVncCerts=yes is set.  This is
++		     * for when we reconnect after the user has manually
++		     * accepted the trustall cert in the dialog (or set
++		     * trustAllVncCerts=yes applet param.)
 +		     */
 +		    new X509TrustManager() {
 +			public java.security.cert.X509Certificate[]
@@ -290,11 +384,12 @@ diff -x VncCanvas.java -Naur vnc_javasrc.orig/SSLSocketToMe.java vnc_javasrc/SSL
 +			public void checkClientTrusted(
 +			    java.security.cert.X509Certificate[] certs,
 +			    String authType) throws CertificateException {
-+				throw new CertificateException("No Clients");
++				throw new CertificateException("No Clients (ONE)");
 +			}
 +			public void checkServerTrusted(
 +			    java.security.cert.X509Certificate[] certs,
 +			    String authType) throws CertificateException {
++				/* we want to check 'certs' against 'trustallCerts' */
 +				if (trustallCerts == null) {
 +					throw new CertificateException(
 +					    "No Trust All Server Certs array.");
@@ -342,20 +437,20 @@ diff -x VncCanvas.java -Naur vnc_javasrc.orig/SSLSocketToMe.java vnc_javasrc/SSL
 +		};
 +
 +		/* 
-+		 * They are used:
++		 * The above TrustManagers are used:
 +		 *
 +		 * 1) to retrieve the server cert in case of failure to
-+		 *    display it to the user.
++		 *    display it to the user in a dialog.
 +		 * 2) to subsequently connect to the server if user agrees.
 +		 */
 +
-+		KeyManager[] mykey = null;
-+
++		/*
++		 * build oneTimeKey cert+key if supplied in applet parameter:
++		 */
 +		if (viewer.oneTimeKey != null && viewer.oneTimeKey.equals("PROMPT")) {
 +			ClientCertDialog d = new ClientCertDialog();
 +			viewer.oneTimeKey = d.queryUser();
 +		}
-+
 +		if (viewer.oneTimeKey != null && viewer.oneTimeKey.indexOf(",") > 0) {
 +			int idx = viewer.oneTimeKey.indexOf(",");
 +
@@ -367,15 +462,18 @@ diff -x VncCanvas.java -Naur vnc_javasrc.orig/SSLSocketToMe.java vnc_javasrc/SSL
 +			KeyFactory kf = KeyFactory.getInstance("RSA");
 +			PKCS8EncodedKeySpec keysp = new PKCS8EncodedKeySpec ( key );
 +			PrivateKey ff = kf.generatePrivate (keysp);
-+			//dbg("ff " + ff);
-+			String cert_str = new String(cert);
++			if (debug_certs) {
++				dbg("one time key " + ff);
++			}
 +
 +			CertificateFactory cf = CertificateFactory.getInstance("X.509");
 +			Collection c = cf.generateCertificates(new ByteArrayInputStream(cert));
 +			Certificate[] certs = new Certificate[c.toArray().length];
 +			if (c.size() == 1) {
 +				Certificate tmpcert = cf.generateCertificate(new ByteArrayInputStream(cert));
-+				//dbg("tmpcert" + tmpcert);
++				if (debug_certs) {
++					dbg("one time cert" + tmpcert);
++				}
 +				certs[0] = tmpcert;
 +			} else {
 +				certs = (Certificate[]) c.toArray();
@@ -391,12 +489,54 @@ diff -x VncCanvas.java -Naur vnc_javasrc.orig/SSLSocketToMe.java vnc_javasrc/SSL
 +			mykey = kmf.getKeyManagers();
 +		}
 +
++		/*
++		 * build serverCert cert if supplied in applet parameter:
++		 */
++		if (viewer.serverCert != null) {
++			CertificateFactory cf = CertificateFactory.getInstance("X.509");
++			byte[] cert = hex2bytes(viewer.serverCert);
++			Collection c = cf.generateCertificates(new ByteArrayInputStream(cert));
++			trustsrvCerts = new Certificate[c.toArray().length];
++			if (c.size() == 1) {
++				Certificate tmpcert = cf.generateCertificate(new ByteArrayInputStream(cert));
++				trustsrvCerts[0] = tmpcert;
++			} else {
++				trustsrvCerts = (Certificate[]) c.toArray();
++			}
++		}
 +
-+		/* trust loc certs: */
++		/* the trust loc certs context: */
 +		try {
 +			trustloc_ctx = SSLContext.getInstance("SSL");
-+			trustloc_ctx.init(mykey, null, new
-+			    java.security.SecureRandom());
++
++			/*
++			 * below is a failed attempt to get jvm's default
++			 * trust manager using null (below) makes it so
++			 * for HttpsURLConnection the server cannot be
++			 * verified (no prompting.)
++			 */
++			if (false) {
++				boolean didit = false;
++				TrustManagerFactory tmf = TrustManagerFactory.getInstance(TrustManagerFactory.getDefaultAlgorithm());  
++				tmf.init((KeyStore) null);
++				TrustManager [] tml = tmf.getTrustManagers();
++				for (int i = 0; i < tml.length; i++) {
++					TrustManager tm = tml[i];
++					if (tm instanceof X509TrustManager) {
++						TrustManager tm1[] = new TrustManager[1];
++						tm1[0] = tm;
++						trustloc_ctx.init(mykey, tm1, null);
++						didit = true;
++						break;
++					}
++				}
++				if (!didit) {
++					trustloc_ctx.init(mykey, null, null);
++				}
++			} else {
++				/* we have to set trust manager to null */
++				trustloc_ctx.init(mykey, null, null);
++			}
 +
 +		} catch (Exception e) {
 +			String msg = "SSL trustloc_ctx FAILED.";
@@ -404,7 +544,7 @@ diff -x VncCanvas.java -Naur vnc_javasrc.orig/SSLSocketToMe.java vnc_javasrc/SSL
 +			throw new Exception(msg);
 +		}
 +
-+		/* trust all certs: */
++		/* the trust all certs context: */
 +		try {
 +			trustall_ctx = SSLContext.getInstance("SSL");
 +			trustall_ctx.init(mykey, trustAllCerts, new
@@ -416,7 +556,7 @@ diff -x VncCanvas.java -Naur vnc_javasrc.orig/SSLSocketToMe.java vnc_javasrc/SSL
 +			throw new Exception(msg);
 +		}
 +
-+		/* trust url certs: */
++		/* the trust url certs context: */
 +		try {
 +			trusturl_ctx = SSLContext.getInstance("SSL");
 +			trusturl_ctx.init(mykey, trustUrlCert, new
@@ -428,99 +568,138 @@ diff -x VncCanvas.java -Naur vnc_javasrc.orig/SSLSocketToMe.java vnc_javasrc/SSL
 +			throw new Exception(msg);
 +		}
 +
-+		/* trust the one cert from server: */
++		/* the trust srv certs context: */
 +		try {
-+			trustone_ctx = SSLContext.getInstance("SSL");
-+			trustone_ctx.init(mykey, trustOneCert, new
++			trustsrv_ctx = SSLContext.getInstance("SSL");
++			trustsrv_ctx.init(mykey, trustSrvCert, new
 +			    java.security.SecureRandom());
 +
 +		} catch (Exception e) {
-+			String msg = "SSL trustone_ctx FAILED.";
++			String msg = "SSL trustsrv_ctx FAILED.";
 +			dbg(msg);
 +			throw new Exception(msg);
 +		}
-+	}
-+
-+	boolean browser_cert_match() {
-+		String msg = "Browser URL accept previously accepted cert";
 +
-+		if (user_wants_to_see_cert) {
-+			return false;
-+		}
++		/* the trust the one cert from server context: */
++		try {
++			trustone_ctx = SSLContext.getInstance("SSL");
++			trustone_ctx.init(mykey, trustOneCert, new
++			    java.security.SecureRandom());
 +
-+		if (trustallCerts != null && trusturlCerts != null) {
-+		    if (trustallCerts.length == 1 && trusturlCerts.length == 1) {
-+			if (trustallCerts[0].equals(trusturlCerts[0])) {
-+				System.out.println(msg);
-+				return true;
-+			}
-+		    }
++		} catch (Exception e) {
++			String msg = "SSL trustone_ctx FAILED.";
++			dbg(msg);
++			throw new Exception(msg);
 +		}
-+		return false;
 +	}
 +
-+	public void check_for_proxy() {
++	/*
++	 * we call this early on to 1) check for a proxy, 2) grab
++	 * Browser/JVM accepted HTTPS cert.
++	 */
++	public void check_for_proxy_and_grab_vnc_server_cert() {
 +		
-+		boolean result = false;
-+
 +		trusturlCerts = null;
 +		proxy_in_use = false;
++
 +		if (viewer.ignoreProxy) {
++			/* applet param says skip it. */
++			/* the downside is we do not set trusturlCerts for comparison later... */
++			/* nor do we autodetect x11vnc for GET=1. */
 +			return;
 +		}
 +
++		dbg("------------------------------------------------");
++		dbg("Into check_for_proxy_and_grab_vnc_server_cert():");
++
++		dbg("TRYING HTTPS:");
 +		String ustr = "https://" + host + ":";
 +		if (viewer.httpsPort != null) {
 +			ustr += viewer.httpsPort;
 +		} else {
-+			ustr += port;	// hmmm
++			ustr += port;
 +		}
 +		ustr += viewer.urlPrefix + "/check.https.proxy.connection";
 +		dbg("ustr is: " + ustr);
 +
-+
 +		try {
++			/* prepare for an HTTPS URL connection to host:port */
 +			URL url = new URL(ustr);
-+			HttpsURLConnection https = (HttpsURLConnection)
-+			    url.openConnection();
++			HttpsURLConnection https = (HttpsURLConnection) url.openConnection();
++
++			if (mykey != null) {
++				/* with oneTimeKey (mykey) we can't use the default SSL context */
++				if (trustsrvCerts != null) {
++					dbg("passing trustsrv_ctx to HttpsURLConnection to provide client cert.");
++					https.setSSLSocketFactory(trustsrv_ctx.getSocketFactory());	
++				} else if (trustloc_ctx != null) {
++					dbg("passing trustloc_ctx to HttpsURLConnection to provide client cert.");
++					https.setSSLSocketFactory(trustloc_ctx.getSocketFactory());	
++				}
++			}
 +
 +			https.setUseCaches(false);
 +			https.setRequestMethod("GET");
 +			https.setRequestProperty("Pragma", "No-Cache");
-+			https.setRequestProperty("Proxy-Connection",
-+			    "Keep-Alive");
++			https.setRequestProperty("Proxy-Connection", "Keep-Alive");
 +			https.setDoInput(true);
 +
++			dbg("trying https.connect()");
 +			https.connect();
 +
++			dbg("trying https.getServerCertificates()");
 +			trusturlCerts = https.getServerCertificates();
++
 +			if (trusturlCerts == null) {
-+				dbg("set trusturlCerts to null...");
++				dbg("set trusturlCerts to null!");
 +			} else {
 +				dbg("set trusturlCerts to non-null");
 +			}
 +
 +			if (https.usingProxy()) {
 +				proxy_in_use = true;
-+				proxy_is_https = true;
-+				dbg("HTTPS proxy in use. There may be connection problems.");
++				dbg("An HTTPS proxy is in use. There may be connection problems.");
 +			}
++
++			dbg("trying https.getContent()");
 +			Object output = https.getContent();
++			dbg("trying https.disconnect()");
 +			https.disconnect();
-+			result = true;
++			if (! viewer.GET) {
++				String header = https.getHeaderField("VNC-Server");
++				if (header != null && header.startsWith("x11vnc")) {
++					dbg("detected x11vnc server (1), setting GET=1");
++					viewer.GET = true;
++				}
++			}
 +
 +		} catch(Exception e) {
 +			dbg("HttpsURLConnection: " + e.getMessage());
 +		}
 +
 +		if (proxy_in_use) {
++			dbg("exit check_for_proxy_and_grab_vnc_server_cert():");
++			dbg("------------------------------------------------");
++			return;
++		} else if (trusturlCerts != null && !viewer.forceProxy) {
++			/* Allow user to require HTTP check?  use forceProxy for now. */
++			dbg("SKIPPING HTTP PROXY CHECK: got trusturlCerts, assuming proxy info is correct.");
++			dbg("exit check_for_proxy_and_grab_vnc_server_cert():");
++			dbg("------------------------------------------------");
 +			return;
 +		}
 +
++		/*
++		 * XXX need to remember scenario where this extra check
++		 * gives useful info.  User's Browser proxy settings?
++		 */
++		dbg("TRYING HTTP:");
 +		ustr = "http://" + host + ":" + port;
 +		ustr += viewer.urlPrefix + "/index.vnc";
++		dbg("ustr is: " + ustr);
 +
 +		try {
++			/* prepare for an HTTP URL connection to the same host:port (but not httpsPort) */
 +			URL url = new URL(ustr);
 +			HttpURLConnection http = (HttpURLConnection)
 +			    url.openConnection();
@@ -528,45 +707,64 @@ diff -x VncCanvas.java -Naur vnc_javasrc.orig/SSLSocketToMe.java vnc_javasrc/SSL
 +			http.setUseCaches(false);
 +			http.setRequestMethod("GET");
 +			http.setRequestProperty("Pragma", "No-Cache");
-+			http.setRequestProperty("Proxy-Connection",
-+			    "Keep-Alive");
++			http.setRequestProperty("Proxy-Connection", "Keep-Alive");
 +			http.setDoInput(true);
 +
++			dbg("trying http.connect()");
 +			http.connect();
 +
 +			if (http.usingProxy()) {
 +				proxy_in_use = true;
-+				proxy_is_https = false;
-+				dbg("HTTP proxy in use. There may be connection problems.");
++				dbg("An HTTP proxy is in use. There may be connection problems.");
 +			}
++			dbg("trying http.getContent()");
 +			Object output = http.getContent();
++			dbg("trying http.disconnect()");
 +			http.disconnect();
-+
++			if (! viewer.GET) {
++				String header = http.getHeaderField("VNC-Server");
++				if (header != null && header.startsWith("x11vnc")) {
++					dbg("detected x11vnc server (2), setting GET=1");
++					viewer.GET = true;
++				}
++			}
 +		} catch(Exception e) {
-+			dbg("HttpURLConnection: " + e.getMessage());
++			dbg("HttpURLConnection:  " + e.getMessage());
 +		}
++		dbg("exit check_for_proxy_and_grab_vnc_server_cert():");
++		dbg("------------------------------------------------");
 +	}
 +
 +	public Socket connectSock() throws IOException {
-+
 +		/*
 +		 * first try a https connection to detect a proxy, and
-+		 * also grab the VNC server cert.
++		 * grab the VNC server cert at the same time:
 +		 */
-+		check_for_proxy();
++		check_for_proxy_and_grab_vnc_server_cert();
++
++		boolean srv_cert = false;
 +		
-+		if (viewer.trustAllVncCerts) {
++		if (trustsrvCerts != null) {
++			/* applet parameter suppled serverCert */
++			dbg("viewer.trustSrvCert-0 using trustsrv_ctx");
++			factory = trustsrv_ctx.getSocketFactory();
++			srv_cert = true;
++		} else if (viewer.trustAllVncCerts) {
++			/* trust all certs (no checking) */
 +			dbg("viewer.trustAllVncCerts-0 using trustall_ctx");
 +			factory = trustall_ctx.getSocketFactory();
-+		} else if (use_url_cert_for_auth && trusturlCerts != null) {
++		} else if (trusturlCerts != null) {
++			/* trust certs the Browser/JVM accepted in check_for_proxy... */
 +			dbg("using trusturl_ctx");
 +			factory = trusturl_ctx.getSocketFactory();
 +		} else {
++			/* trust the local defaults */
 +			dbg("using trustloc_ctx");
 +			factory = trustloc_ctx.getSocketFactory();
 +		}
 +
 +		socket = null;
++
 +		try {
 +			if (proxy_in_use && viewer.forceProxy) {
 +				throw new Exception("forcing proxy (forceProxy)");
@@ -585,7 +783,7 @@ diff -x VncCanvas.java -Naur vnc_javasrc.orig/SSLSocketToMe.java vnc_javasrc/SSL
 +			}
 +
 +		} catch (Exception esock) {
-+			dbg("esock: " + esock.getMessage());
++			dbg("socket error: " + esock.getMessage());
 +			if (proxy_in_use || viewer.CONNECT != null) {
 +				proxy_failure = true;
 +				if (proxy_in_use) {
@@ -596,14 +794,17 @@ diff -x VncCanvas.java -Naur vnc_javasrc.orig/SSLSocketToMe.java vnc_javasrc/SSL
 +				try {
 +					socket = proxy_socket(factory);
 +				} catch (Exception e) {
-+					dbg("err proxy_socket: " + e.getMessage());
++					dbg("proxy_socket error: " + e.getMessage());
 +				}
++			} else {
++				/* n.b. socket is left in error state to cause ex. below. */
 +			}
 +		}
 +
 +		try {
 +			socket.startHandshake();
-+			dbg("Server Connection Verified on 1st try.");
++
++			dbg("The Server Connection Verified OK on 1st try.");
 +
 +			java.security.cert.Certificate[] currentTrustedCerts;
 +			BrowserCertsDialog bcd;
@@ -612,9 +813,13 @@ diff -x VncCanvas.java -Naur vnc_javasrc.orig/SSLSocketToMe.java vnc_javasrc/SSL
 +			currentTrustedCerts = sess.getPeerCertificates();
 +
 +			if (viewer.trustAllVncCerts) {
-+				dbg("viewer.trustAllVncCerts-1");
++				dbg("viewer.trustAllVncCerts-1  keeping socket.");
 +			} else if (currentTrustedCerts == null || currentTrustedCerts.length < 1) {
-+				socket.close();
++				try {
++					socket.close();
++				} catch (Exception e) {
++					dbg("socket is grumpy.");
++				}
 +				socket = null;
 +				throw new SSLHandshakeException("no current certs");
 +			}
@@ -628,20 +833,28 @@ diff -x VncCanvas.java -Naur vnc_javasrc.orig/SSLSocketToMe.java vnc_javasrc/SSL
 +			}
 +
 +			if (viewer.trustAllVncCerts) {
-+				dbg("viewer.trustAllVncCerts-2");
++				dbg("viewer.trustAllVncCerts-2  skipping browser certs dialog");
++				user_wants_to_see_cert = false;
++			} else if (viewer.serverCert != null && trustsrvCerts != null) {
++				dbg("viewer.serverCert-1  skipping browser certs dialog");
 +				user_wants_to_see_cert = false;
 +			} else if (viewer.trustUrlVncCert) {
-+				dbg("viewer.trustUrlVncCert-1");
++				dbg("viewer.trustUrlVncCert-1  skipping browser certs dialog");
 +				user_wants_to_see_cert = false;
 +			} else {
++				/* have a dialog with the user: */
 +				bcd = new BrowserCertsDialog(serv, host + ":" + port);
-+				dbg("browser certs dialog START");
++				dbg("browser certs dialog begin.");
 +				bcd.queryUser();
-+				dbg("browser certs dialog DONE");
++				dbg("browser certs dialog finished.");
++
 +				if (bcd.showCertDialog) {
 +					String msg = "user wants to see cert";
 +					dbg(msg);
 +					user_wants_to_see_cert = true;
++					if (cert_fail == null) {
++						cert_fail = "user-view";
++					}
 +					throw new SSLHandshakeException(msg);
 +				} else {
 +					user_wants_to_see_cert = false;
@@ -650,18 +863,37 @@ diff -x VncCanvas.java -Naur vnc_javasrc.orig/SSLSocketToMe.java vnc_javasrc/SSL
 +			}
 +
 +		} catch (SSLHandshakeException eh)  {
-+			dbg("Could not automatically verify Server.");
++			dbg("SSLHandshakeException: could not automatically verify Server.");
 +			dbg("msg: " + eh.getMessage());
++
++
++			/* send a cleanup string just in case: */
 +			String getoutstr = "GET /index.vnc HTTP/1.0\r\nConnection: close\r\n\r\n";
 +
-+    			OutputStream os = socket.getOutputStream();
-+			os.write(getoutstr.getBytes());
-+			socket.close();
++			try {
++				OutputStream os = socket.getOutputStream();
++				os.write(getoutstr.getBytes());
++				socket.close();
++			} catch (Exception e) {
++				dbg("socket is grumpy!");
++			}
++
++			/* reload */
++
 +			socket = null;
 +
++			String reason = null;
++
++			if (srv_cert) {
++				/* for serverCert usage we make this a fatal error. */
++				throw new IOException("Fatal: VNC Server's Cert does not match Applet Parameter 'serverCert=...'");
++				/* see below in TrustDialog were we describe this case to user anyway */
++			}
++
 +			/*
 +			 * Reconnect, trusting any cert, so we can grab
-+			 * the cert to show it to the user.  The connection
++			 * the cert to show it to the user in a dialog
++			 * for him to manually accept.  This connection
 +			 * is not used for anything else.
 +			 */
 +			factory = trustall_ctx.getSocketFactory();
@@ -671,9 +903,18 @@ diff -x VncCanvas.java -Naur vnc_javasrc.orig/SSLSocketToMe.java vnc_javasrc/SSL
 +				socket = (SSLSocket) factory.createSocket(host, port);
 +			}
 +
++			if (debug_certs) {
++				dbg("trusturlCerts: " + trusturlCerts);
++				dbg("trustsrvCerts: " + trustsrvCerts);
++			}
++			if (trusturlCerts == null && cert_fail == null) {
++				cert_fail = "missing-certs";
++			}
++
 +			try {
 +				socket.startHandshake();
-+				dbg("TrustAll Server Connection Verified.");
++
++				dbg("The TrustAll Server Cert-grab Connection (trivially) Verified OK.");
 +
 +				/* grab the cert: */
 +				try {
@@ -683,17 +924,24 @@ diff -x VncCanvas.java -Naur vnc_javasrc.orig/SSLSocketToMe.java vnc_javasrc/SSL
 +					throw new Exception("Could not get " + 
 +					    "Peer Certificate");	
 +				}
++				if (debug_certs) {
++					dbg("trustallCerts: " + trustallCerts);
++				}
 +
 +				if (viewer.trustAllVncCerts) {
-+					dbg("viewer.trustAllVncCerts-3");
++					dbg("viewer.trustAllVncCerts-3.  skipping dialog, trusting everything.");
 +				} else if (! browser_cert_match()) {
 +					/*
 +					 * close socket now, we will reopen after
 +					 * dialog if user agrees to use the cert.
 +					 */
-+    					os = socket.getOutputStream();
-+					os.write(getoutstr.getBytes());
-+					socket.close();
++					try {
++						OutputStream os = socket.getOutputStream();
++						os.write(getoutstr.getBytes());
++						socket.close();
++					} catch (Exception e) {
++						dbg("socket is grumpy!!");
++					}
 +					socket = null;
 +
 +					/* dialog with user to accept cert or not: */
@@ -701,7 +949,27 @@ diff -x VncCanvas.java -Naur vnc_javasrc.orig/SSLSocketToMe.java vnc_javasrc/SSL
 +					TrustDialog td= new TrustDialog(host, port,
 +					    trustallCerts);
 +
-+					if (! td.queryUser()) {
++					if (cert_fail == null) {
++						;
++					} else if (cert_fail.equals("user-view")) {
++						reason = "Reason for this Dialog:\n\n"
++						       + "        You Asked to View the Certificate.";
++					} else if (cert_fail.equals("server-cert-mismatch")) {
++						/* this is now fatal error, see above. */
++						reason = "Reason for this Dialog:\n\n"
++						       + "        The VNC Server's Certificate does not match the Certificate\n"
++						       + "        specified in the supplied 'serverCert' Applet Parameter.";
++					} else if (cert_fail.equals("cert-mismatch")) {
++						reason = "Reason for this Dialog:\n\n"
++						       + "        The VNC Server's Certificate does not match the Website's\n"
++						       + "        HTTPS Certificate (that you previously accepted; either\n"
++						       + "        manually or automatically via Certificate Authority.)";
++					} else if (cert_fail.equals("missing-certs")) {
++						reason = "Reason for this Dialog:\n\n"
++						       + "        Not all Certificates could be obtained to check.";
++					}
++
++					if (! td.queryUser(reason)) {
 +						String msg = "User decided against it.";
 +						dbg(msg);
 +						throw new IOException(msg);
@@ -709,24 +977,26 @@ diff -x VncCanvas.java -Naur vnc_javasrc.orig/SSLSocketToMe.java vnc_javasrc/SSL
 +				}
 +
 +			} catch (Exception ehand2)  {
-+				dbg("** Could not TrustAll Verify Server.");
++				dbg("** Could not TrustAll Verify Server!");
 +
 +				throw new IOException(ehand2.getMessage());
 +			}
 +
++			/* reload again: */
++
 +			if (socket != null) {
 +				try {
 +					socket.close();
 +				} catch (Exception e) {
-+					;
++					dbg("socket is grumpy!!!");
 +				}
 +				socket = null;
 +			}
 +
 +			/*
 +			 * Now connect a 3rd time, using the cert
-+			 * retrieved during connection 2 (that the user
-+			 * likely blindly agreed to).
++			 * retrieved during connection 2 (sadly, that
++			 * the user likely blindly agreed to...)
 +			 */
 +
 +			factory = trustone_ctx.getSocketFactory();
@@ -738,15 +1008,18 @@ diff -x VncCanvas.java -Naur vnc_javasrc.orig/SSLSocketToMe.java vnc_javasrc/SSL
 +
 +			try {
 +				socket.startHandshake();
-+				dbg("TrustAll Server Connection Verified #3.");
++				dbg("TrustAll/TrustOne Server Connection Verified #3.");
 +
 +			} catch (Exception ehand3)  {
-+				dbg("** Could not TrustAll Verify Server #3.");
++				dbg("** Could not TrustAll/TrustOne Verify Server #3.");
 +
 +				throw new IOException(ehand3.getMessage());
 +			}
 +		}
 +
++		/* we have socket (possibly null) at this point, so proceed: */
++
++		/* handle x11vnc GET=1, if applicable: */
 +		if (socket != null && viewer.GET) {
 +			String str = "GET ";
 +			str += viewer.urlPrefix;
@@ -754,9 +1027,11 @@ diff -x VncCanvas.java -Naur vnc_javasrc.orig/SSLSocketToMe.java vnc_javasrc/SSL
 +			str += " HTTP/1.0\r\n";
 +			str += "Pragma: No-Cache\r\n";
 +			str += "\r\n";
++
 +			System.out.println("sending GET: " + str);
 +    			OutputStream os = socket.getOutputStream();
 +			String type = "os";
++
 +			if (type == "os") {
 +				os.write(str.getBytes());
 +				os.flush();
@@ -787,9 +1062,56 @@ diff -x VncCanvas.java -Naur vnc_javasrc.orig/SSLSocketToMe.java vnc_javasrc/SSL
 +		}
 +
 +		dbg("SSL returning socket to caller.");
++		dbg("");
++
++		/* could be null, let caller handle that. */
 +		return (Socket) socket;
 +	}
 +
++	boolean browser_cert_match() {
++		String msg = "Browser URL accept previously accepted cert";
++
++		if (user_wants_to_see_cert) {
++			return false;
++		}
++
++		if (viewer.serverCert != null || trustsrvCerts != null) {
++			if (cert_fail == null) {
++				cert_fail = "server-cert-mismatch";
++			}
++		}
++		if (trustallCerts != null && trusturlCerts != null) {
++		    if (trustallCerts.length == trusturlCerts.length) {
++			boolean ok = true;
++			/* check toath trustallCerts (socket) equals trusturlCerts (browser) */
++			for (int i = 0; i < trusturlCerts.length; i++)  {
++				if (! trustallCerts[i].equals(trusturlCerts[i])) {
++					dbg("BCM: cert mismatch at i=" + i);
++					dbg("BCM: cert mismatch  url" + trusturlCerts[i]);
++					dbg("BCM: cert mismatch  all" + trustallCerts[i]);
++					ok = false;
++				}
++			}
++			if (ok) {
++				System.out.println(msg);
++				if (cert_fail == null) {
++					cert_fail = "did-not-fail";
++				}
++				return true;
++			} else {
++				if (cert_fail == null) {
++					cert_fail = "cert-mismatch";
++				}
++				return false;
++			}
++		    }
++		}
++		if (cert_fail == null) {
++			cert_fail = "missing-certs";
++		}
++		return false;
++	}
++
 +	private void dbg(String s) {
 +		if (debug) {
 +			System.out.println(s);
@@ -807,6 +1129,8 @@ diff -x VncCanvas.java -Naur vnc_javasrc.orig/SSLSocketToMe.java vnc_javasrc/SSL
 +		return n;
 +	}
 +
++	/* this will do the proxy CONNECT negotiation and hook us up.  */
++
 +	private void proxy_helper(String proxyHost, int proxyPort) {
 +
 +		boolean proxy_auth = false;
@@ -814,14 +1138,15 @@ diff -x VncCanvas.java -Naur vnc_javasrc.orig/SSLSocketToMe.java vnc_javasrc/SSL
 +		String hp = host + ":" + port;
 +		dbg("proxy_helper: " + proxyHost + ":" + proxyPort + " hp: " + hp);
 +
++		/* we loop here a few times trying for the password case */
 +		for (int k=0; k < 2; k++) {
-+			dbg("proxy_in_use psocket:");
++			dbg("proxy_in_use psocket: " + k);
 +
 +			if (proxySock != null) {
 +				try {
 +					proxySock.close();
 +				} catch (Exception e) {
-+					;
++					dbg("proxy socket is grumpy.");
 +				}
 +			}
 +
@@ -834,7 +1159,7 @@ diff -x VncCanvas.java -Naur vnc_javasrc.orig/SSLSocketToMe.java vnc_javasrc/SSL
 +			String req1 = "CONNECT " + hp + " HTTP/1.1\r\n"
 +			    + "Host: " + hp + "\r\n";
 +
-+			dbg("requesting: " + req1);
++			dbg("requesting via proxy: " + req1);
 +
 +			if (proxy_auth) {
 +				if (proxy_auth_string == null) {
@@ -843,10 +1168,13 @@ diff -x VncCanvas.java -Naur vnc_javasrc.orig/SSLSocketToMe.java vnc_javasrc/SSL
 +					proxy_auth_string = pp.getAuth();
 +				}
 +				//dbg("auth1: " + proxy_auth_string);
++
 +				String auth2 = Base64Coder.encodeString(proxy_auth_string);
 +				//dbg("auth2: " + auth2);
++
 +				req1 += "Proxy-Authorization: Basic " + auth2 + "\r\n";
 +				//dbg("req1: " + req1);
++
 +				dbg("added Proxy-Authorization: Basic ... to request");
 +			}
 +			req1 += "\r\n";
@@ -869,9 +1197,10 @@ diff -x VncCanvas.java -Naur vnc_javasrc.orig/SSLSocketToMe.java vnc_javasrc/SSL
 +					}
 +				}
 +			} catch(Exception e) {
-+				dbg("sock prob: " + e.getMessage());
++				dbg("some proxy socket problem: " + e.getMessage());
 +			}
 +
++			/* read the rest of the HTTP headers */
 +			while (true) {
 +				String line = readline(proxy_is);
 +				dbg("proxy line: " + line.trim());
@@ -891,6 +1220,7 @@ diff -x VncCanvas.java -Naur vnc_javasrc.orig/SSLSocketToMe.java vnc_javasrc/SSL
 +				}
 +			}
 +			if (!proxy_auth || proxy_auth_basic_realm.equals("")) {
++				/* we only try once for the non-password case: */
 +				break;
 +			}
 +		}
@@ -908,6 +1238,7 @@ diff -x VncCanvas.java -Naur vnc_javasrc.orig/SSLSocketToMe.java vnc_javasrc/SSL
 +		try {
 +			props = System.getProperties();
 +		} catch (Exception e) {
++			/* sandboxed applet might not be able to read it. */
 +			dbg("props failed: " + e.getMessage());
 +		}
 +		if (viewer.proxyHost != null) {
@@ -924,6 +1255,8 @@ diff -x VncCanvas.java -Naur vnc_javasrc.orig/SSLSocketToMe.java vnc_javasrc/SSL
 +			props.list(System.out);
 +			dbg("\n---------------\n\n");
 +
++			/* scrape throught properties looking for proxy info: */
++
 +			for (Enumeration e = props.propertyNames(); e.hasMoreElements(); ) {
 +				String s = (String) e.nextElement();
 +				String v = System.getProperty(s);
@@ -1046,7 +1379,7 @@ diff -x VncCanvas.java -Naur vnc_javasrc.orig/SSLSocketToMe.java vnc_javasrc/SSL
 +					}
 +				}
 +			} catch(Exception e) {
-+				dbg("sock prob2: " + e.getMessage());
++				dbg("proxy socket problem-2: " + e.getMessage());
 +			}
 +
 +			while (true) {
@@ -1130,7 +1463,7 @@ diff -x VncCanvas.java -Naur vnc_javasrc.orig/SSLSocketToMe.java vnc_javasrc/SSL
 +		msg = "VNC Server " + host + ":" + port + " Not Verified";
 +	}
 +
-+	public boolean queryUser() {
++	public boolean queryUser(String reason) {
 +
 +		/* create and display the dialog for unverified cert. */
 +
@@ -1143,6 +1476,9 @@ diff -x VncCanvas.java -Naur vnc_javasrc.orig/SSLSocketToMe.java vnc_javasrc/SSL
 +			CertInfo ci = new CertInfo(trustallCerts[0]);
 +			infostr = ci.get_certinfo("all");
 +		}
++		if (reason != null) {
++			reason += "\n\n";
++		}
 +
 +		text = "\n" 
 ++ "Unable to verify the identity of\n"
@@ -1153,28 +1489,38 @@ diff -x VncCanvas.java -Naur vnc_javasrc.orig/SSLSocketToMe.java vnc_javasrc/SSL
 ++ "\n"
 ++ "as a trusted VNC server.\n"
 ++ "\n"
-++ "This may be due to:\n"
+++ reason
+++ "In General not being able to verify the VNC Server and/or your seeing this Dialog\n"
+++ "is due to one of the following:\n"
 ++ "\n"
 ++ " - Your requesting to View the Certificate before accepting.\n"
 ++ "\n"
-++ " - The VNC server using a Self-Signed Certificate.\n"
+++ " - The VNC server is using a Self-Signed Certificate or a Certificate\n"
+++ "   Authority not recognized by your Web Browser or Java Plugin runtime.\n"
+++ "\n"
+++ " - The use of an Apache SSL portal scheme employing CONNECT proxying AND\n"
+++ "   the Apache Web server has a certificate *different* from the VNC server's.\n"
 ++ "\n"
-++ " - The VNC server using a Certificate Authority not recognized by your\n"
-++ "   Browser or Java Plugin runtime.\n"
+++ " - No previously accepted Certificate (via Web Broswer/Java Plugin) could be\n"
+++ "   obtained by this applet to compare the VNC Server Certificate against.\n"
 ++ "\n"
-++ " - The use of an Apache SSL portal employing CONNECT proxying and the\n"
-++ "   Apache web server has a certificate different from the VNC server's. \n"
+++ " - The VNC Server's Certificate does not match the one specified in the\n"
+++ "   supplied 'serverCert' Java Applet Parameter.\n"
 ++ "\n"
-++ " - A Man-In-The-Middle attack impersonating as the VNC server you wish\n"
+++ " - A Man-In-The-Middle attack impersonating as the VNC server that you wish\n"
 ++ "   to connect to.  (Wouldn't that be exciting!!)\n"
 ++ "\n"
-++ "By safely copying the VNC server's Certificate (or using a common\n"
-++ "Certificate Authority certificate) you can configure your Web Browser or\n"
-++ "Java Plugin to automatically authenticate this Server.\n"
+++ "By safely copying the VNC server's Certificate (or using a common Certificate\n"
+++ "Authority certificate) you can configure your Web Browser and Java Plugin to\n"
+++ "automatically authenticate this VNC Server.\n"
+++ "\n"
+++ "If you do so, then you will only have to click \"Yes\" when this VNC Viewer\n"
+++ "applet asks you whether to trust your Browser/Java Plugin's acceptance of the\n"
+++ "certificate (except for the Apache portal case above where they don't match.)\n"
 ++ "\n"
-++ "If you do so, then you will only have to click \"Yes\" when this VNC\n"
-++ "Viewer applet asks you whether to trust your Browser/Java Plugin's\n"
-++ "acceptance of the certificate. (except for the Apache portal case above.)\n"
+++ "You can also set the applet parameter 'trustUrlVncCert=yes' to automatically\n"
+++ "accept certificates already accepted/trusted by your Web Browser/Java Plugin,\n"
+++ "and thereby see no dialog from this VNC Viewer applet.\n"
 +;
 +
 +		/* the accept / do-not-accept radio buttons: */
@@ -1210,7 +1556,7 @@ diff -x VncCanvas.java -Naur vnc_javasrc.orig/SSLSocketToMe.java vnc_javasrc/SSL
 +		label.setFont(new Font("Helvetica", Font.BOLD, 16));
 +
 +		/* textarea in the middle */
-+		textarea = new TextArea(text, 36, 64,
++		textarea = new TextArea(text, 38, 64,
 +		    TextArea.SCROLLBARS_VERTICAL_ONLY);
 +		textarea.setEditable(false);
 +
@@ -1562,22 +1908,19 @@ diff -x VncCanvas.java -Naur vnc_javasrc.orig/SSLSocketToMe.java vnc_javasrc/SSL
 +m += "\n";
 +m += "on its own.\n";
 +m += "\n";
-+m += "However, it has noticed that your Web Browser or Java VM Plugin\n";
++m += "However, it has noticed that your Web Browser and/or Java VM Plugin\n";
 +m += "has previously accepted the same certificate.  You may have set\n";
 +m += "this up permanently or just for this session, or the server\n";
 +m += "certificate was signed by a CA cert that your Web Browser or\n";
 +m += "Java VM Plugin has.\n";
 +m += "\n";
++m += "If the VNC Server connection times out while you are reading this\n";
++m += "dialog, then restart the connection and try again.\n";
++m += "\n";
 +m += "Should this VNC Viewer applet now connect to the above VNC server?\n";
 +m += "\n";
 +
-+//		String m = "\nShould this VNC Viewer applet use your Browser/JVM certs to\n";
-+//		m += "authenticate the VNC Server:\n";
-+//		m += "\n        " + hostport + "\n\n        " + vncServer + "\n\n";    
-+//		m += "(NOTE: this *includes* any certs you have Just Now accepted in a\n";
-+//		m += "dialog box with your Web Browser or Java Applet Plugin)\n\n";
-+
-+		TextArea textarea = new TextArea(m, 20, 64,
++		TextArea textarea = new TextArea(m, 22, 64,
 +		    TextArea.SCROLLBARS_VERTICAL_ONLY);
 +		textarea.setEditable(false);
 +		yes = new Button("Yes");
@@ -1789,8 +2132,16 @@ diff -x VncCanvas.java -Naur vnc_javasrc.orig/SSLSocketToMe.java vnc_javasrc/SSL
 +}
 diff -x VncCanvas.java -Naur vnc_javasrc.orig/VncViewer.java vnc_javasrc/VncViewer.java
 --- vnc_javasrc.orig/VncViewer.java	2004-03-04 08:34:25.000000000 -0500
-+++ vnc_javasrc/VncViewer.java	2010-02-22 19:25:19.000000000 -0500
-@@ -80,7 +80,7 @@
++++ vnc_javasrc/VncViewer.java	2010-03-20 19:49:14.000000000 -0400
+@@ -29,6 +29,7 @@
+ import java.awt.event.*;
+ import java.io.*;
+ import java.net.*;
++import java.util.*;
+ 
+ public class VncViewer extends java.applet.Applet
+   implements java.lang.Runnable, WindowListener {
+@@ -80,7 +81,7 @@
    // Variables read from parameter values.
    String socketFactory;
    String host;
@@ -1799,7 +2150,7 @@ diff -x VncCanvas.java -Naur vnc_javasrc.orig/VncViewer.java vnc_javasrc/VncView
    boolean showControls;
    boolean offerRelogin;
    boolean showOfflineDesktop;
-@@ -88,6 +88,20 @@
+@@ -88,6 +89,21 @@
    int deferCursorUpdates;
    int deferUpdateRequests;
  
@@ -1809,6 +2160,7 @@ diff -x VncCanvas.java -Naur vnc_javasrc.orig/VncViewer.java vnc_javasrc/VncView
 +  String urlPrefix;
 +  String httpsPort;
 +  String oneTimeKey;
++  String serverCert;
 +  String proxyHost;
 +  String proxyPort;
 +  boolean forceProxy;
@@ -1820,9 +2172,12 @@ diff -x VncCanvas.java -Naur vnc_javasrc.orig/VncViewer.java vnc_javasrc/VncView
    // Reference to this applet for inter-applet communication.
    public static java.applet.Applet refApplet;
  
-@@ -591,8 +605,25 @@
+@@ -590,9 +606,28 @@
+ 	fatalError("HOST parameter not specified");
        }
      }
++    Date d = new Date();
++    System.out.println("-\nSSL VNC Java Applet starting.  " + d);
  
 -    String str = readParameter("PORT", true);
 -    port = Integer.parseInt(str);
@@ -1848,7 +2203,7 @@ diff -x VncCanvas.java -Naur vnc_javasrc.orig/VncViewer.java vnc_javasrc/VncView
  
      if (inAnApplet) {
        str = readParameter("Open New Window", false);
-@@ -626,6 +657,101 @@
+@@ -626,6 +661,106 @@
  
      // SocketFactory.
      socketFactory = readParameter("SocketFactory", false);
@@ -1891,7 +2246,12 @@ diff -x VncCanvas.java -Naur vnc_javasrc.orig/VncViewer.java vnc_javasrc/VncView
 +
 +    oneTimeKey = readParameter("oneTimeKey", false);
 +    if (oneTimeKey != null) {
-+    	System.out.println("oneTimeKey: is set");
++    	System.out.println("oneTimeKey is set.");
++    }
++
++    serverCert = readParameter("serverCert", false);
++    if (serverCert != null) {
++    	System.out.println("serverCert is set.");
 +    }
 +
 +    forceProxy = false;
diff --git a/classes/ssl/ultravnc-102-JavaViewer-ssl-etc.patch b/classes/ssl/ultravnc-102-JavaViewer-ssl-etc.patch
index 369a221..8bb6f85 100644
--- a/classes/ssl/ultravnc-102-JavaViewer-ssl-etc.patch
+++ b/classes/ssl/ultravnc-102-JavaViewer-ssl-etc.patch
@@ -2644,8 +2644,8 @@ diff -Naur JavaViewer.orig/RfbProto.java JavaViewer/RfbProto.java
  	//	}
 diff -Naur JavaViewer.orig/SSLSocketToMe.java JavaViewer/SSLSocketToMe.java
 --- JavaViewer.orig/SSLSocketToMe.java	1969-12-31 19:00:00.000000000 -0500
-+++ JavaViewer/SSLSocketToMe.java	2010-02-22 20:03:11.000000000 -0500
-@@ -0,0 +1,1712 @@
++++ JavaViewer/SSLSocketToMe.java	2010-03-19 12:52:08.000000000 -0400
+@@ -0,0 +1,2055 @@
 +/*
 + * SSLSocketToMe.java: add SSL encryption to Java VNC Viewer.
 + *
@@ -2689,7 +2689,9 @@ diff -Naur JavaViewer.orig/SSLSocketToMe.java JavaViewer/SSLSocketToMe.java
 +	String host;
 +	int port;
 +	VncViewer viewer;
++
 +	boolean debug = true;
++	boolean debug_certs = false;
 +
 +	/* sockets */
 +	SSLSocket socket = null;
@@ -2697,11 +2699,11 @@ diff -Naur JavaViewer.orig/SSLSocketToMe.java JavaViewer/SSLSocketToMe.java
 +
 +	/* fallback for Proxy connection */
 +	boolean proxy_in_use = false;
-+	boolean proxy_is_https = false;
 +	boolean proxy_failure = false;
 +	public DataInputStream is = null;
 +	public OutputStream os = null;
 +
++	/* strings from user WRT proxy: */
 +	String proxy_auth_string = null;
 +	String proxy_dialog_host = null;
 +	int proxy_dialog_port = 0;
@@ -2713,21 +2715,28 @@ diff -Naur JavaViewer.orig/SSLSocketToMe.java JavaViewer/SSLSocketToMe.java
 +	/* trust contexts */
 +	SSLContext trustloc_ctx;
 +	SSLContext trustall_ctx;
++	SSLContext trustsrv_ctx;
 +	SSLContext trusturl_ctx;
 +	SSLContext trustone_ctx;
 +
++	/* corresponding trust managers */
 +	TrustManager[] trustAllCerts;
++	TrustManager[] trustSrvCert;
 +	TrustManager[] trustUrlCert;
 +	TrustManager[] trustOneCert;
 +
-+	boolean use_url_cert_for_auth = true;
++	/* client-side SSL auth key (oneTimeKey=...) */
++	KeyManager[] mykey = null;
++
 +	boolean user_wants_to_see_cert = true;
-+	boolean debug_certs = false;
++	String cert_fail = null;
 +
-+	/* cert(s) we retrieve from VNC server */
++	/* cert(s) we retrieve from Web server, VNC server, or serverCert param: */
 +	java.security.cert.Certificate[] trustallCerts = null;
++	java.security.cert.Certificate[] trustsrvCerts = null;
 +	java.security.cert.Certificate[] trusturlCerts = null;
 +
++	/* utility to decode hex oneTimeKey=... and serverCert=... */
 +	byte[] hex2bytes(String s) {
 +		byte[] bytes = new byte[s.length()/2];
 +		for (int i=0; i<s.length()/2; i++) {
@@ -2760,11 +2769,15 @@ diff -Naur JavaViewer.orig/SSLSocketToMe.java JavaViewer/SSLSocketToMe.java
 +
 +		dbg("SSL startup: " + host + " " + port);
 +
-+		/* create trust managers used if initial handshake fails: */
++
++		/* create trust managers to be used if initial handshake fails: */
 +
 +		trustAllCerts = new TrustManager[] {
 +		    /*
-+		     * this one accepts everything.
++		     * this one accepts everything.  Only used if user
++		     * has disabled checking (trustAllVncCerts=yes)
++		     * or when we grab the cert to show it to them in
++		     * a dialog and ask them to manually verify/accept it.
 +		     */
 +		    new X509TrustManager() {
 +			public java.security.cert.X509Certificate[]
@@ -2787,8 +2800,9 @@ diff -Naur JavaViewer.orig/SSLSocketToMe.java JavaViewer/SSLSocketToMe.java
 +
 +		trustUrlCert = new TrustManager[] {
 +		    /*
-+		     * this one accepts only the retrieved server cert
-+		     * by SSLSocket by this applet.
++		     * this one accepts only the retrieved server
++		     * cert by SSLSocket by this applet and stored in
++		     * trusturlCerts.
 +		     */
 +		    new X509TrustManager() {
 +			public java.security.cert.X509Certificate[]
@@ -2798,11 +2812,12 @@ diff -Naur JavaViewer.orig/SSLSocketToMe.java JavaViewer/SSLSocketToMe.java
 +			public void checkClientTrusted(
 +			    java.security.cert.X509Certificate[] certs,
 +			    String authType) throws CertificateException {
-+				throw new CertificateException("No Clients");
++				throw new CertificateException("No Clients (URL)");
 +			}
 +			public void checkServerTrusted(
 +			    java.security.cert.X509Certificate[] certs,
 +			    String authType) throws CertificateException {
++				/* we want to check 'certs' against 'trusturlCerts' */
 +				if (trusturlCerts == null) {
 +					throw new CertificateException(
 +					    "No Trust url Certs array.");
@@ -2830,6 +2845,9 @@ diff -Naur JavaViewer.orig/SSLSocketToMe.java JavaViewer/SSLSocketToMe.java
 +						dbg("URL: cert mismatch at i=" + i);
 +						dbg("URL: cert mismatch cert" + certs[i]);
 +						dbg("URL: cert mismatch  url" + trusturlCerts[i]);
++						if (cert_fail == null) {
++							cert_fail = "cert-mismatch";
++						}
 +					}
 +					if (debug_certs) {
 +						dbg("\n***********************************************");
@@ -2848,10 +2866,86 @@ diff -Naur JavaViewer.orig/SSLSocketToMe.java JavaViewer/SSLSocketToMe.java
 +			}
 +		    }
 +		};
++
++		trustSrvCert = new TrustManager[] {
++		    /*
++		     * this one accepts cert given to us in the serverCert
++		     * Applet Parameter we were started with.  It is
++		     * currently a fatal error if the VNC Server's cert
++		     * doesn't match it.
++		     */
++		    new X509TrustManager() {
++			public java.security.cert.X509Certificate[]
++			    getAcceptedIssuers() {
++				return null;
++			}
++			public void checkClientTrusted(
++			    java.security.cert.X509Certificate[] certs,
++			    String authType) throws CertificateException {
++				throw new CertificateException("No Clients (SRV)");
++			}
++			public void checkServerTrusted(
++			    java.security.cert.X509Certificate[] certs,
++			    String authType) throws CertificateException {
++				/* we want to check 'certs' against 'trustsrvCerts' */
++				if (trustsrvCerts == null) {
++					throw new CertificateException(
++					    "No Trust srv Certs array.");
++				}
++				if (trustsrvCerts.length < 1) {
++					throw new CertificateException(
++					    "No Trust srv Certs.");
++				}
++				if (certs == null) {
++					throw new CertificateException(
++					    "No this-certs array.");
++				}
++				if (certs.length < 1) {
++					throw new CertificateException(
++					    "No this-certs Certs.");
++				}
++				if (certs.length != trustsrvCerts.length) {
++					throw new CertificateException(
++					    "certs.length != trustsrvCerts.length " + certs.length + " " + trustsrvCerts.length);
++				}
++				boolean ok = true;
++				for (int i = 0; i < certs.length; i++)  {
++					if (! trustsrvCerts[i].equals(certs[i])) {
++						ok = false;
++						dbg("SRV: cert mismatch at i=" + i);
++						dbg("SRV: cert mismatch cert" + certs[i]);
++						dbg("SRV: cert mismatch  srv" + trustsrvCerts[i]);
++						if (cert_fail == null) {
++							cert_fail = "server-cert-mismatch";
++						}
++					}
++					if (debug_certs) {
++						dbg("\n***********************************************");
++						dbg("SRV: cert info at i=" + i);
++						dbg("SRV: cert info cert" + certs[i]);
++						dbg("===============================================");
++						dbg("SRV: cert info  srv" + trustsrvCerts[i]);
++						dbg("***********************************************");
++					}
++				}
++				if (!ok) {
++					throw new CertificateException(
++					    "Server Cert Chain != serverCert Applet Parameter Cert Chain.");
++				}
++				dbg("SRV: trustsrvCerts[i] matches certs[i] i=0:" + (certs.length-1));
++			}
++		    }
++		};
++
 +		trustOneCert = new TrustManager[] {
 +		    /*
-+		     * this one accepts only the retrieved server cert
-+		     * by SSLSocket by this applet.
++		     * this one accepts only the retrieved server
++		     * cert by SSLSocket by this applet we stored in
++		     * trustallCerts that user has accepted or applet
++		     * parameter trustAllVncCerts=yes is set.  This is
++		     * for when we reconnect after the user has manually
++		     * accepted the trustall cert in the dialog (or set
++		     * trustAllVncCerts=yes applet param.)
 +		     */
 +		    new X509TrustManager() {
 +			public java.security.cert.X509Certificate[]
@@ -2861,11 +2955,12 @@ diff -Naur JavaViewer.orig/SSLSocketToMe.java JavaViewer/SSLSocketToMe.java
 +			public void checkClientTrusted(
 +			    java.security.cert.X509Certificate[] certs,
 +			    String authType) throws CertificateException {
-+				throw new CertificateException("No Clients");
++				throw new CertificateException("No Clients (ONE)");
 +			}
 +			public void checkServerTrusted(
 +			    java.security.cert.X509Certificate[] certs,
 +			    String authType) throws CertificateException {
++				/* we want to check 'certs' against 'trustallCerts' */
 +				if (trustallCerts == null) {
 +					throw new CertificateException(
 +					    "No Trust All Server Certs array.");
@@ -2913,20 +3008,20 @@ diff -Naur JavaViewer.orig/SSLSocketToMe.java JavaViewer/SSLSocketToMe.java
 +		};
 +
 +		/* 
-+		 * They are used:
++		 * The above TrustManagers are used:
 +		 *
 +		 * 1) to retrieve the server cert in case of failure to
-+		 *    display it to the user.
++		 *    display it to the user in a dialog.
 +		 * 2) to subsequently connect to the server if user agrees.
 +		 */
 +
-+		KeyManager[] mykey = null;
-+
++		/*
++		 * build oneTimeKey cert+key if supplied in applet parameter:
++		 */
 +		if (viewer.oneTimeKey != null && viewer.oneTimeKey.equals("PROMPT")) {
 +			ClientCertDialog d = new ClientCertDialog();
 +			viewer.oneTimeKey = d.queryUser();
 +		}
-+
 +		if (viewer.oneTimeKey != null && viewer.oneTimeKey.indexOf(",") > 0) {
 +			int idx = viewer.oneTimeKey.indexOf(",");
 +
@@ -2938,15 +3033,18 @@ diff -Naur JavaViewer.orig/SSLSocketToMe.java JavaViewer/SSLSocketToMe.java
 +			KeyFactory kf = KeyFactory.getInstance("RSA");
 +			PKCS8EncodedKeySpec keysp = new PKCS8EncodedKeySpec ( key );
 +			PrivateKey ff = kf.generatePrivate (keysp);
-+			//dbg("ff " + ff);
-+			String cert_str = new String(cert);
++			if (debug_certs) {
++				dbg("one time key " + ff);
++			}
 +
 +			CertificateFactory cf = CertificateFactory.getInstance("X.509");
 +			Collection c = cf.generateCertificates(new ByteArrayInputStream(cert));
 +			Certificate[] certs = new Certificate[c.toArray().length];
 +			if (c.size() == 1) {
 +				Certificate tmpcert = cf.generateCertificate(new ByteArrayInputStream(cert));
-+				//dbg("tmpcert" + tmpcert);
++				if (debug_certs) {
++					dbg("one time cert" + tmpcert);
++				}
 +				certs[0] = tmpcert;
 +			} else {
 +				certs = (Certificate[]) c.toArray();
@@ -2962,12 +3060,54 @@ diff -Naur JavaViewer.orig/SSLSocketToMe.java JavaViewer/SSLSocketToMe.java
 +			mykey = kmf.getKeyManagers();
 +		}
 +
++		/*
++		 * build serverCert cert if supplied in applet parameter:
++		 */
++		if (viewer.serverCert != null) {
++			CertificateFactory cf = CertificateFactory.getInstance("X.509");
++			byte[] cert = hex2bytes(viewer.serverCert);
++			Collection c = cf.generateCertificates(new ByteArrayInputStream(cert));
++			trustsrvCerts = new Certificate[c.toArray().length];
++			if (c.size() == 1) {
++				Certificate tmpcert = cf.generateCertificate(new ByteArrayInputStream(cert));
++				trustsrvCerts[0] = tmpcert;
++			} else {
++				trustsrvCerts = (Certificate[]) c.toArray();
++			}
++		}
 +
-+		/* trust loc certs: */
++		/* the trust loc certs context: */
 +		try {
 +			trustloc_ctx = SSLContext.getInstance("SSL");
-+			trustloc_ctx.init(mykey, null, new
-+			    java.security.SecureRandom());
++
++			/*
++			 * below is a failed attempt to get jvm's default
++			 * trust manager using null (below) makes it so
++			 * for HttpsURLConnection the server cannot be
++			 * verified (no prompting.)
++			 */
++			if (false) {
++				boolean didit = false;
++				TrustManagerFactory tmf = TrustManagerFactory.getInstance(TrustManagerFactory.getDefaultAlgorithm());  
++				tmf.init((KeyStore) null);
++				TrustManager [] tml = tmf.getTrustManagers();
++				for (int i = 0; i < tml.length; i++) {
++					TrustManager tm = tml[i];
++					if (tm instanceof X509TrustManager) {
++						TrustManager tm1[] = new TrustManager[1];
++						tm1[0] = tm;
++						trustloc_ctx.init(mykey, tm1, null);
++						didit = true;
++						break;
++					}
++				}
++				if (!didit) {
++					trustloc_ctx.init(mykey, null, null);
++				}
++			} else {
++				/* we have to set trust manager to null */
++				trustloc_ctx.init(mykey, null, null);
++			}
 +
 +		} catch (Exception e) {
 +			String msg = "SSL trustloc_ctx FAILED.";
@@ -2975,7 +3115,7 @@ diff -Naur JavaViewer.orig/SSLSocketToMe.java JavaViewer/SSLSocketToMe.java
 +			throw new Exception(msg);
 +		}
 +
-+		/* trust all certs: */
++		/* the trust all certs context: */
 +		try {
 +			trustall_ctx = SSLContext.getInstance("SSL");
 +			trustall_ctx.init(mykey, trustAllCerts, new
@@ -2987,7 +3127,7 @@ diff -Naur JavaViewer.orig/SSLSocketToMe.java JavaViewer/SSLSocketToMe.java
 +			throw new Exception(msg);
 +		}
 +
-+		/* trust url certs: */
++		/* the trust url certs context: */
 +		try {
 +			trusturl_ctx = SSLContext.getInstance("SSL");
 +			trusturl_ctx.init(mykey, trustUrlCert, new
@@ -2999,99 +3139,138 @@ diff -Naur JavaViewer.orig/SSLSocketToMe.java JavaViewer/SSLSocketToMe.java
 +			throw new Exception(msg);
 +		}
 +
-+		/* trust the one cert from server: */
++		/* the trust srv certs context: */
 +		try {
-+			trustone_ctx = SSLContext.getInstance("SSL");
-+			trustone_ctx.init(mykey, trustOneCert, new
++			trustsrv_ctx = SSLContext.getInstance("SSL");
++			trustsrv_ctx.init(mykey, trustSrvCert, new
 +			    java.security.SecureRandom());
 +
 +		} catch (Exception e) {
-+			String msg = "SSL trustone_ctx FAILED.";
++			String msg = "SSL trustsrv_ctx FAILED.";
 +			dbg(msg);
 +			throw new Exception(msg);
 +		}
-+	}
 +
-+	boolean browser_cert_match() {
-+		String msg = "Browser URL accept previously accepted cert";
-+
-+		if (user_wants_to_see_cert) {
-+			return false;
-+		}
++		/* the trust the one cert from server context: */
++		try {
++			trustone_ctx = SSLContext.getInstance("SSL");
++			trustone_ctx.init(mykey, trustOneCert, new
++			    java.security.SecureRandom());
 +
-+		if (trustallCerts != null && trusturlCerts != null) {
-+		    if (trustallCerts.length == 1 && trusturlCerts.length == 1) {
-+			if (trustallCerts[0].equals(trusturlCerts[0])) {
-+				System.out.println(msg);
-+				return true;
-+			}
-+		    }
++		} catch (Exception e) {
++			String msg = "SSL trustone_ctx FAILED.";
++			dbg(msg);
++			throw new Exception(msg);
 +		}
-+		return false;
 +	}
 +
-+	public void check_for_proxy() {
++	/*
++	 * we call this early on to 1) check for a proxy, 2) grab
++	 * Browser/JVM accepted HTTPS cert.
++	 */
++	public void check_for_proxy_and_grab_vnc_server_cert() {
 +		
-+		boolean result = false;
-+
 +		trusturlCerts = null;
 +		proxy_in_use = false;
++
 +		if (viewer.ignoreProxy) {
++			/* applet param says skip it. */
++			/* the downside is we do not set trusturlCerts for comparison later... */
++			/* nor do we autodetect x11vnc for GET=1. */
 +			return;
 +		}
 +
++		dbg("------------------------------------------------");
++		dbg("Into check_for_proxy_and_grab_vnc_server_cert():");
++
++		dbg("TRYING HTTPS:");
 +		String ustr = "https://" + host + ":";
 +		if (viewer.httpsPort != null) {
 +			ustr += viewer.httpsPort;
 +		} else {
-+			ustr += port;	// hmmm
++			ustr += port;
 +		}
 +		ustr += viewer.urlPrefix + "/check.https.proxy.connection";
 +		dbg("ustr is: " + ustr);
 +
-+
 +		try {
++			/* prepare for an HTTPS URL connection to host:port */
 +			URL url = new URL(ustr);
-+			HttpsURLConnection https = (HttpsURLConnection)
-+			    url.openConnection();
++			HttpsURLConnection https = (HttpsURLConnection) url.openConnection();
++
++			if (mykey != null) {
++				/* with oneTimeKey (mykey) we can't use the default SSL context */
++				if (trustsrvCerts != null) {
++					dbg("passing trustsrv_ctx to HttpsURLConnection to provide client cert.");
++					https.setSSLSocketFactory(trustsrv_ctx.getSocketFactory());	
++				} else if (trustloc_ctx != null) {
++					dbg("passing trustloc_ctx to HttpsURLConnection to provide client cert.");
++					https.setSSLSocketFactory(trustloc_ctx.getSocketFactory());	
++				}
++			}
 +
 +			https.setUseCaches(false);
 +			https.setRequestMethod("GET");
 +			https.setRequestProperty("Pragma", "No-Cache");
-+			https.setRequestProperty("Proxy-Connection",
-+			    "Keep-Alive");
++			https.setRequestProperty("Proxy-Connection", "Keep-Alive");
 +			https.setDoInput(true);
 +
++			dbg("trying https.connect()");
 +			https.connect();
 +
++			dbg("trying https.getServerCertificates()");
 +			trusturlCerts = https.getServerCertificates();
++
 +			if (trusturlCerts == null) {
-+				dbg("set trusturlCerts to null...");
++				dbg("set trusturlCerts to null!");
 +			} else {
 +				dbg("set trusturlCerts to non-null");
 +			}
 +
 +			if (https.usingProxy()) {
 +				proxy_in_use = true;
-+				proxy_is_https = true;
-+				dbg("HTTPS proxy in use. There may be connection problems.");
++				dbg("An HTTPS proxy is in use. There may be connection problems.");
 +			}
++
++			dbg("trying https.getContent()");
 +			Object output = https.getContent();
++			dbg("trying https.disconnect()");
 +			https.disconnect();
-+			result = true;
++			if (! viewer.GET) {
++				String header = https.getHeaderField("VNC-Server");
++				if (header != null && header.startsWith("x11vnc")) {
++					dbg("detected x11vnc server (1), setting GET=1");
++					viewer.GET = true;
++				}
++			}
 +
 +		} catch(Exception e) {
 +			dbg("HttpsURLConnection: " + e.getMessage());
 +		}
 +
 +		if (proxy_in_use) {
++			dbg("exit check_for_proxy_and_grab_vnc_server_cert():");
++			dbg("------------------------------------------------");
++			return;
++		} else if (trusturlCerts != null && !viewer.forceProxy) {
++			/* Allow user to require HTTP check?  use forceProxy for now. */
++			dbg("SKIPPING HTTP PROXY CHECK: got trusturlCerts, assuming proxy info is correct.");
++			dbg("exit check_for_proxy_and_grab_vnc_server_cert():");
++			dbg("------------------------------------------------");
 +			return;
 +		}
 +
++		/*
++		 * XXX need to remember scenario where this extra check
++		 * gives useful info.  User's Browser proxy settings?
++		 */
++		dbg("TRYING HTTP:");
 +		ustr = "http://" + host + ":" + port;
 +		ustr += viewer.urlPrefix + "/index.vnc";
++		dbg("ustr is: " + ustr);
 +
 +		try {
++			/* prepare for an HTTP URL connection to the same host:port (but not httpsPort) */
 +			URL url = new URL(ustr);
 +			HttpURLConnection http = (HttpURLConnection)
 +			    url.openConnection();
@@ -3099,45 +3278,64 @@ diff -Naur JavaViewer.orig/SSLSocketToMe.java JavaViewer/SSLSocketToMe.java
 +			http.setUseCaches(false);
 +			http.setRequestMethod("GET");
 +			http.setRequestProperty("Pragma", "No-Cache");
-+			http.setRequestProperty("Proxy-Connection",
-+			    "Keep-Alive");
++			http.setRequestProperty("Proxy-Connection", "Keep-Alive");
 +			http.setDoInput(true);
 +
++			dbg("trying http.connect()");
 +			http.connect();
 +
 +			if (http.usingProxy()) {
 +				proxy_in_use = true;
-+				proxy_is_https = false;
-+				dbg("HTTP proxy in use. There may be connection problems.");
++				dbg("An HTTP proxy is in use. There may be connection problems.");
 +			}
++			dbg("trying http.getContent()");
 +			Object output = http.getContent();
++			dbg("trying http.disconnect()");
 +			http.disconnect();
-+
++			if (! viewer.GET) {
++				String header = http.getHeaderField("VNC-Server");
++				if (header != null && header.startsWith("x11vnc")) {
++					dbg("detected x11vnc server (2), setting GET=1");
++					viewer.GET = true;
++				}
++			}
 +		} catch(Exception e) {
-+			dbg("HttpURLConnection: " + e.getMessage());
++			dbg("HttpURLConnection:  " + e.getMessage());
 +		}
++		dbg("exit check_for_proxy_and_grab_vnc_server_cert():");
++		dbg("------------------------------------------------");
 +	}
 +
 +	public Socket connectSock() throws IOException {
-+
 +		/*
 +		 * first try a https connection to detect a proxy, and
-+		 * also grab the VNC server cert.
++		 * grab the VNC server cert at the same time:
 +		 */
-+		check_for_proxy();
++		check_for_proxy_and_grab_vnc_server_cert();
++
++		boolean srv_cert = false;
 +		
-+		if (viewer.trustAllVncCerts) {
++		if (trustsrvCerts != null) {
++			/* applet parameter suppled serverCert */
++			dbg("viewer.trustSrvCert-0 using trustsrv_ctx");
++			factory = trustsrv_ctx.getSocketFactory();
++			srv_cert = true;
++		} else if (viewer.trustAllVncCerts) {
++			/* trust all certs (no checking) */
 +			dbg("viewer.trustAllVncCerts-0 using trustall_ctx");
 +			factory = trustall_ctx.getSocketFactory();
-+		} else if (use_url_cert_for_auth && trusturlCerts != null) {
++		} else if (trusturlCerts != null) {
++			/* trust certs the Browser/JVM accepted in check_for_proxy... */
 +			dbg("using trusturl_ctx");
 +			factory = trusturl_ctx.getSocketFactory();
 +		} else {
++			/* trust the local defaults */
 +			dbg("using trustloc_ctx");
 +			factory = trustloc_ctx.getSocketFactory();
 +		}
 +
 +		socket = null;
++
 +		try {
 +			if (proxy_in_use && viewer.forceProxy) {
 +				throw new Exception("forcing proxy (forceProxy)");
@@ -3156,7 +3354,7 @@ diff -Naur JavaViewer.orig/SSLSocketToMe.java JavaViewer/SSLSocketToMe.java
 +			}
 +
 +		} catch (Exception esock) {
-+			dbg("esock: " + esock.getMessage());
++			dbg("socket error: " + esock.getMessage());
 +			if (proxy_in_use || viewer.CONNECT != null) {
 +				proxy_failure = true;
 +				if (proxy_in_use) {
@@ -3167,14 +3365,17 @@ diff -Naur JavaViewer.orig/SSLSocketToMe.java JavaViewer/SSLSocketToMe.java
 +				try {
 +					socket = proxy_socket(factory);
 +				} catch (Exception e) {
-+					dbg("err proxy_socket: " + e.getMessage());
++					dbg("proxy_socket error: " + e.getMessage());
 +				}
++			} else {
++				/* n.b. socket is left in error state to cause ex. below. */
 +			}
 +		}
 +
 +		try {
 +			socket.startHandshake();
-+			dbg("Server Connection Verified on 1st try.");
++
++			dbg("The Server Connection Verified OK on 1st try.");
 +
 +			java.security.cert.Certificate[] currentTrustedCerts;
 +			BrowserCertsDialog bcd;
@@ -3183,9 +3384,13 @@ diff -Naur JavaViewer.orig/SSLSocketToMe.java JavaViewer/SSLSocketToMe.java
 +			currentTrustedCerts = sess.getPeerCertificates();
 +
 +			if (viewer.trustAllVncCerts) {
-+				dbg("viewer.trustAllVncCerts-1");
++				dbg("viewer.trustAllVncCerts-1  keeping socket.");
 +			} else if (currentTrustedCerts == null || currentTrustedCerts.length < 1) {
-+				socket.close();
++				try {
++					socket.close();
++				} catch (Exception e) {
++					dbg("socket is grumpy.");
++				}
 +				socket = null;
 +				throw new SSLHandshakeException("no current certs");
 +			}
@@ -3199,20 +3404,28 @@ diff -Naur JavaViewer.orig/SSLSocketToMe.java JavaViewer/SSLSocketToMe.java
 +			}
 +
 +			if (viewer.trustAllVncCerts) {
-+				dbg("viewer.trustAllVncCerts-2");
++				dbg("viewer.trustAllVncCerts-2  skipping browser certs dialog");
++				user_wants_to_see_cert = false;
++			} else if (viewer.serverCert != null && trustsrvCerts != null) {
++				dbg("viewer.serverCert-1  skipping browser certs dialog");
 +				user_wants_to_see_cert = false;
 +			} else if (viewer.trustUrlVncCert) {
-+				dbg("viewer.trustUrlVncCert-1");
++				dbg("viewer.trustUrlVncCert-1  skipping browser certs dialog");
 +				user_wants_to_see_cert = false;
 +			} else {
++				/* have a dialog with the user: */
 +				bcd = new BrowserCertsDialog(serv, host + ":" + port);
-+				dbg("browser certs dialog START");
++				dbg("browser certs dialog begin.");
 +				bcd.queryUser();
-+				dbg("browser certs dialog DONE");
++				dbg("browser certs dialog finished.");
++
 +				if (bcd.showCertDialog) {
 +					String msg = "user wants to see cert";
 +					dbg(msg);
 +					user_wants_to_see_cert = true;
++					if (cert_fail == null) {
++						cert_fail = "user-view";
++					}
 +					throw new SSLHandshakeException(msg);
 +				} else {
 +					user_wants_to_see_cert = false;
@@ -3221,18 +3434,37 @@ diff -Naur JavaViewer.orig/SSLSocketToMe.java JavaViewer/SSLSocketToMe.java
 +			}
 +
 +		} catch (SSLHandshakeException eh)  {
-+			dbg("Could not automatically verify Server.");
++			dbg("SSLHandshakeException: could not automatically verify Server.");
 +			dbg("msg: " + eh.getMessage());
++
++
++			/* send a cleanup string just in case: */
 +			String getoutstr = "GET /index.vnc HTTP/1.0\r\nConnection: close\r\n\r\n";
 +
-+    			OutputStream os = socket.getOutputStream();
-+			os.write(getoutstr.getBytes());
-+			socket.close();
++			try {
++				OutputStream os = socket.getOutputStream();
++				os.write(getoutstr.getBytes());
++				socket.close();
++			} catch (Exception e) {
++				dbg("socket is grumpy!");
++			}
++
++			/* reload */
++
 +			socket = null;
 +
++			String reason = null;
++
++			if (srv_cert) {
++				/* for serverCert usage we make this a fatal error. */
++				throw new IOException("Fatal: VNC Server's Cert does not match Applet Parameter 'serverCert=...'");
++				/* see below in TrustDialog were we describe this case to user anyway */
++			}
++
 +			/*
 +			 * Reconnect, trusting any cert, so we can grab
-+			 * the cert to show it to the user.  The connection
++			 * the cert to show it to the user in a dialog
++			 * for him to manually accept.  This connection
 +			 * is not used for anything else.
 +			 */
 +			factory = trustall_ctx.getSocketFactory();
@@ -3242,9 +3474,18 @@ diff -Naur JavaViewer.orig/SSLSocketToMe.java JavaViewer/SSLSocketToMe.java
 +				socket = (SSLSocket) factory.createSocket(host, port);
 +			}
 +
++			if (debug_certs) {
++				dbg("trusturlCerts: " + trusturlCerts);
++				dbg("trustsrvCerts: " + trustsrvCerts);
++			}
++			if (trusturlCerts == null && cert_fail == null) {
++				cert_fail = "missing-certs";
++			}
++
 +			try {
 +				socket.startHandshake();
-+				dbg("TrustAll Server Connection Verified.");
++
++				dbg("The TrustAll Server Cert-grab Connection (trivially) Verified OK.");
 +
 +				/* grab the cert: */
 +				try {
@@ -3254,17 +3495,24 @@ diff -Naur JavaViewer.orig/SSLSocketToMe.java JavaViewer/SSLSocketToMe.java
 +					throw new Exception("Could not get " + 
 +					    "Peer Certificate");	
 +				}
++				if (debug_certs) {
++					dbg("trustallCerts: " + trustallCerts);
++				}
 +
 +				if (viewer.trustAllVncCerts) {
-+					dbg("viewer.trustAllVncCerts-3");
++					dbg("viewer.trustAllVncCerts-3.  skipping dialog, trusting everything.");
 +				} else if (! browser_cert_match()) {
 +					/*
 +					 * close socket now, we will reopen after
 +					 * dialog if user agrees to use the cert.
 +					 */
-+    					os = socket.getOutputStream();
-+					os.write(getoutstr.getBytes());
-+					socket.close();
++					try {
++						OutputStream os = socket.getOutputStream();
++						os.write(getoutstr.getBytes());
++						socket.close();
++					} catch (Exception e) {
++						dbg("socket is grumpy!!");
++					}
 +					socket = null;
 +
 +					/* dialog with user to accept cert or not: */
@@ -3272,7 +3520,27 @@ diff -Naur JavaViewer.orig/SSLSocketToMe.java JavaViewer/SSLSocketToMe.java
 +					TrustDialog td= new TrustDialog(host, port,
 +					    trustallCerts);
 +
-+					if (! td.queryUser()) {
++					if (cert_fail == null) {
++						;
++					} else if (cert_fail.equals("user-view")) {
++						reason = "Reason for this Dialog:\n\n"
++						       + "        You Asked to View the Certificate.";
++					} else if (cert_fail.equals("server-cert-mismatch")) {
++						/* this is now fatal error, see above. */
++						reason = "Reason for this Dialog:\n\n"
++						       + "        The VNC Server's Certificate does not match the Certificate\n"
++						       + "        specified in the supplied 'serverCert' Applet Parameter.";
++					} else if (cert_fail.equals("cert-mismatch")) {
++						reason = "Reason for this Dialog:\n\n"
++						       + "        The VNC Server's Certificate does not match the Website's\n"
++						       + "        HTTPS Certificate (that you previously accepted; either\n"
++						       + "        manually or automatically via Certificate Authority.)";
++					} else if (cert_fail.equals("missing-certs")) {
++						reason = "Reason for this Dialog:\n\n"
++						       + "        Not all Certificates could be obtained to check.";
++					}
++
++					if (! td.queryUser(reason)) {
 +						String msg = "User decided against it.";
 +						dbg(msg);
 +						throw new IOException(msg);
@@ -3280,24 +3548,26 @@ diff -Naur JavaViewer.orig/SSLSocketToMe.java JavaViewer/SSLSocketToMe.java
 +				}
 +
 +			} catch (Exception ehand2)  {
-+				dbg("** Could not TrustAll Verify Server.");
++				dbg("** Could not TrustAll Verify Server!");
 +
 +				throw new IOException(ehand2.getMessage());
 +			}
 +
++			/* reload again: */
++
 +			if (socket != null) {
 +				try {
 +					socket.close();
 +				} catch (Exception e) {
-+					;
++					dbg("socket is grumpy!!!");
 +				}
 +				socket = null;
 +			}
 +
 +			/*
 +			 * Now connect a 3rd time, using the cert
-+			 * retrieved during connection 2 (that the user
-+			 * likely blindly agreed to).
++			 * retrieved during connection 2 (sadly, that
++			 * the user likely blindly agreed to...)
 +			 */
 +
 +			factory = trustone_ctx.getSocketFactory();
@@ -3309,15 +3579,18 @@ diff -Naur JavaViewer.orig/SSLSocketToMe.java JavaViewer/SSLSocketToMe.java
 +
 +			try {
 +				socket.startHandshake();
-+				dbg("TrustAll Server Connection Verified #3.");
++				dbg("TrustAll/TrustOne Server Connection Verified #3.");
 +
 +			} catch (Exception ehand3)  {
-+				dbg("** Could not TrustAll Verify Server #3.");
++				dbg("** Could not TrustAll/TrustOne Verify Server #3.");
 +
 +				throw new IOException(ehand3.getMessage());
 +			}
 +		}
 +
++		/* we have socket (possibly null) at this point, so proceed: */
++
++		/* handle x11vnc GET=1, if applicable: */
 +		if (socket != null && viewer.GET) {
 +			String str = "GET ";
 +			str += viewer.urlPrefix;
@@ -3325,9 +3598,11 @@ diff -Naur JavaViewer.orig/SSLSocketToMe.java JavaViewer/SSLSocketToMe.java
 +			str += " HTTP/1.0\r\n";
 +			str += "Pragma: No-Cache\r\n";
 +			str += "\r\n";
++
 +			System.out.println("sending GET: " + str);
 +    			OutputStream os = socket.getOutputStream();
 +			String type = "os";
++
 +			if (type == "os") {
 +				os.write(str.getBytes());
 +				os.flush();
@@ -3358,9 +3633,56 @@ diff -Naur JavaViewer.orig/SSLSocketToMe.java JavaViewer/SSLSocketToMe.java
 +		}
 +
 +		dbg("SSL returning socket to caller.");
++		dbg("");
++
++		/* could be null, let caller handle that. */
 +		return (Socket) socket;
 +	}
 +
++	boolean browser_cert_match() {
++		String msg = "Browser URL accept previously accepted cert";
++
++		if (user_wants_to_see_cert) {
++			return false;
++		}
++
++		if (viewer.serverCert != null || trustsrvCerts != null) {
++			if (cert_fail == null) {
++				cert_fail = "server-cert-mismatch";
++			}
++		}
++		if (trustallCerts != null && trusturlCerts != null) {
++		    if (trustallCerts.length == trusturlCerts.length) {
++			boolean ok = true;
++			/* check toath trustallCerts (socket) equals trusturlCerts (browser) */
++			for (int i = 0; i < trusturlCerts.length; i++)  {
++				if (! trustallCerts[i].equals(trusturlCerts[i])) {
++					dbg("BCM: cert mismatch at i=" + i);
++					dbg("BCM: cert mismatch  url" + trusturlCerts[i]);
++					dbg("BCM: cert mismatch  all" + trustallCerts[i]);
++					ok = false;
++				}
++			}
++			if (ok) {
++				System.out.println(msg);
++				if (cert_fail == null) {
++					cert_fail = "did-not-fail";
++				}
++				return true;
++			} else {
++				if (cert_fail == null) {
++					cert_fail = "cert-mismatch";
++				}
++				return false;
++			}
++		    }
++		}
++		if (cert_fail == null) {
++			cert_fail = "missing-certs";
++		}
++		return false;
++	}
++
 +	private void dbg(String s) {
 +		if (debug) {
 +			System.out.println(s);
@@ -3378,6 +3700,8 @@ diff -Naur JavaViewer.orig/SSLSocketToMe.java JavaViewer/SSLSocketToMe.java
 +		return n;
 +	}
 +
++	/* this will do the proxy CONNECT negotiation and hook us up.  */
++
 +	private void proxy_helper(String proxyHost, int proxyPort) {
 +
 +		boolean proxy_auth = false;
@@ -3385,14 +3709,15 @@ diff -Naur JavaViewer.orig/SSLSocketToMe.java JavaViewer/SSLSocketToMe.java
 +		String hp = host + ":" + port;
 +		dbg("proxy_helper: " + proxyHost + ":" + proxyPort + " hp: " + hp);
 +
++		/* we loop here a few times trying for the password case */
 +		for (int k=0; k < 2; k++) {
-+			dbg("proxy_in_use psocket:");
++			dbg("proxy_in_use psocket: " + k);
 +
 +			if (proxySock != null) {
 +				try {
 +					proxySock.close();
 +				} catch (Exception e) {
-+					;
++					dbg("proxy socket is grumpy.");
 +				}
 +			}
 +
@@ -3405,7 +3730,7 @@ diff -Naur JavaViewer.orig/SSLSocketToMe.java JavaViewer/SSLSocketToMe.java
 +			String req1 = "CONNECT " + hp + " HTTP/1.1\r\n"
 +			    + "Host: " + hp + "\r\n";
 +
-+			dbg("requesting: " + req1);
++			dbg("requesting via proxy: " + req1);
 +
 +			if (proxy_auth) {
 +				if (proxy_auth_string == null) {
@@ -3414,10 +3739,13 @@ diff -Naur JavaViewer.orig/SSLSocketToMe.java JavaViewer/SSLSocketToMe.java
 +					proxy_auth_string = pp.getAuth();
 +				}
 +				//dbg("auth1: " + proxy_auth_string);
++
 +				String auth2 = Base64Coder.encodeString(proxy_auth_string);
 +				//dbg("auth2: " + auth2);
++
 +				req1 += "Proxy-Authorization: Basic " + auth2 + "\r\n";
 +				//dbg("req1: " + req1);
++
 +				dbg("added Proxy-Authorization: Basic ... to request");
 +			}
 +			req1 += "\r\n";
@@ -3440,9 +3768,10 @@ diff -Naur JavaViewer.orig/SSLSocketToMe.java JavaViewer/SSLSocketToMe.java
 +					}
 +				}
 +			} catch(Exception e) {
-+				dbg("sock prob: " + e.getMessage());
++				dbg("some proxy socket problem: " + e.getMessage());
 +			}
 +
++			/* read the rest of the HTTP headers */
 +			while (true) {
 +				String line = readline(proxy_is);
 +				dbg("proxy line: " + line.trim());
@@ -3462,6 +3791,7 @@ diff -Naur JavaViewer.orig/SSLSocketToMe.java JavaViewer/SSLSocketToMe.java
 +				}
 +			}
 +			if (!proxy_auth || proxy_auth_basic_realm.equals("")) {
++				/* we only try once for the non-password case: */
 +				break;
 +			}
 +		}
@@ -3479,6 +3809,7 @@ diff -Naur JavaViewer.orig/SSLSocketToMe.java JavaViewer/SSLSocketToMe.java
 +		try {
 +			props = System.getProperties();
 +		} catch (Exception e) {
++			/* sandboxed applet might not be able to read it. */
 +			dbg("props failed: " + e.getMessage());
 +		}
 +		if (viewer.proxyHost != null) {
@@ -3495,6 +3826,8 @@ diff -Naur JavaViewer.orig/SSLSocketToMe.java JavaViewer/SSLSocketToMe.java
 +			props.list(System.out);
 +			dbg("\n---------------\n\n");
 +
++			/* scrape throught properties looking for proxy info: */
++
 +			for (Enumeration e = props.propertyNames(); e.hasMoreElements(); ) {
 +				String s = (String) e.nextElement();
 +				String v = System.getProperty(s);
@@ -3617,7 +3950,7 @@ diff -Naur JavaViewer.orig/SSLSocketToMe.java JavaViewer/SSLSocketToMe.java
 +					}
 +				}
 +			} catch(Exception e) {
-+				dbg("sock prob2: " + e.getMessage());
++				dbg("proxy socket problem-2: " + e.getMessage());
 +			}
 +
 +			while (true) {
@@ -3701,7 +4034,7 @@ diff -Naur JavaViewer.orig/SSLSocketToMe.java JavaViewer/SSLSocketToMe.java
 +		msg = "VNC Server " + host + ":" + port + " Not Verified";
 +	}
 +
-+	public boolean queryUser() {
++	public boolean queryUser(String reason) {
 +
 +		/* create and display the dialog for unverified cert. */
 +
@@ -3714,6 +4047,9 @@ diff -Naur JavaViewer.orig/SSLSocketToMe.java JavaViewer/SSLSocketToMe.java
 +			CertInfo ci = new CertInfo(trustallCerts[0]);
 +			infostr = ci.get_certinfo("all");
 +		}
++		if (reason != null) {
++			reason += "\n\n";
++		}
 +
 +		text = "\n" 
 ++ "Unable to verify the identity of\n"
@@ -3724,28 +4060,38 @@ diff -Naur JavaViewer.orig/SSLSocketToMe.java JavaViewer/SSLSocketToMe.java
 ++ "\n"
 ++ "as a trusted VNC server.\n"
 ++ "\n"
-++ "This may be due to:\n"
+++ reason
+++ "In General not being able to verify the VNC Server and/or your seeing this Dialog\n"
+++ "is due to one of the following:\n"
 ++ "\n"
 ++ " - Your requesting to View the Certificate before accepting.\n"
 ++ "\n"
-++ " - The VNC server using a Self-Signed Certificate.\n"
+++ " - The VNC server is using a Self-Signed Certificate or a Certificate\n"
+++ "   Authority not recognized by your Web Browser or Java Plugin runtime.\n"
+++ "\n"
+++ " - The use of an Apache SSL portal scheme employing CONNECT proxying AND\n"
+++ "   the Apache Web server has a certificate *different* from the VNC server's.\n"
 ++ "\n"
-++ " - The VNC server using a Certificate Authority not recognized by your\n"
-++ "   Browser or Java Plugin runtime.\n"
+++ " - No previously accepted Certificate (via Web Broswer/Java Plugin) could be\n"
+++ "   obtained by this applet to compare the VNC Server Certificate against.\n"
 ++ "\n"
-++ " - The use of an Apache SSL portal employing CONNECT proxying and the\n"
-++ "   Apache web server has a certificate different from the VNC server's. \n"
+++ " - The VNC Server's Certificate does not match the one specified in the\n"
+++ "   supplied 'serverCert' Java Applet Parameter.\n"
 ++ "\n"
-++ " - A Man-In-The-Middle attack impersonating as the VNC server you wish\n"
+++ " - A Man-In-The-Middle attack impersonating as the VNC server that you wish\n"
 ++ "   to connect to.  (Wouldn't that be exciting!!)\n"
 ++ "\n"
-++ "By safely copying the VNC server's Certificate (or using a common\n"
-++ "Certificate Authority certificate) you can configure your Web Browser or\n"
-++ "Java Plugin to automatically authenticate this Server.\n"
+++ "By safely copying the VNC server's Certificate (or using a common Certificate\n"
+++ "Authority certificate) you can configure your Web Browser and Java Plugin to\n"
+++ "automatically authenticate this VNC Server.\n"
 ++ "\n"
-++ "If you do so, then you will only have to click \"Yes\" when this VNC\n"
-++ "Viewer applet asks you whether to trust your Browser/Java Plugin's\n"
-++ "acceptance of the certificate. (except for the Apache portal case above.)\n"
+++ "If you do so, then you will only have to click \"Yes\" when this VNC Viewer\n"
+++ "applet asks you whether to trust your Browser/Java Plugin's acceptance of the\n"
+++ "certificate (except for the Apache portal case above where they don't match.)\n"
+++ "\n"
+++ "You can also set the applet parameter 'trustUrlVncCert=yes' to automatically\n"
+++ "accept certificates already accepted/trusted by your Web Browser/Java Plugin,\n"
+++ "and thereby see no dialog from this VNC Viewer applet.\n"
 +;
 +
 +		/* the accept / do-not-accept radio buttons: */
@@ -3781,7 +4127,7 @@ diff -Naur JavaViewer.orig/SSLSocketToMe.java JavaViewer/SSLSocketToMe.java
 +		label.setFont(new Font("Helvetica", Font.BOLD, 16));
 +
 +		/* textarea in the middle */
-+		textarea = new TextArea(text, 36, 64,
++		textarea = new TextArea(text, 38, 64,
 +		    TextArea.SCROLLBARS_VERTICAL_ONLY);
 +		textarea.setEditable(false);
 +
@@ -4133,22 +4479,19 @@ diff -Naur JavaViewer.orig/SSLSocketToMe.java JavaViewer/SSLSocketToMe.java
 +m += "\n";
 +m += "on its own.\n";
 +m += "\n";
-+m += "However, it has noticed that your Web Browser or Java VM Plugin\n";
++m += "However, it has noticed that your Web Browser and/or Java VM Plugin\n";
 +m += "has previously accepted the same certificate.  You may have set\n";
 +m += "this up permanently or just for this session, or the server\n";
 +m += "certificate was signed by a CA cert that your Web Browser or\n";
 +m += "Java VM Plugin has.\n";
 +m += "\n";
++m += "If the VNC Server connection times out while you are reading this\n";
++m += "dialog, then restart the connection and try again.\n";
++m += "\n";
 +m += "Should this VNC Viewer applet now connect to the above VNC server?\n";
 +m += "\n";
 +
-+//		String m = "\nShould this VNC Viewer applet use your Browser/JVM certs to\n";
-+//		m += "authenticate the VNC Server:\n";
-+//		m += "\n        " + hostport + "\n\n        " + vncServer + "\n\n";    
-+//		m += "(NOTE: this *includes* any certs you have Just Now accepted in a\n";
-+//		m += "dialog box with your Web Browser or Java Applet Plugin)\n\n";
-+
-+		TextArea textarea = new TextArea(m, 20, 64,
++		TextArea textarea = new TextArea(m, 22, 64,
 +		    TextArea.SCROLLBARS_VERTICAL_ONLY);
 +		textarea.setEditable(false);
 +		yes = new Button("Yes");
@@ -4483,8 +4826,16 @@ diff -Naur JavaViewer.orig/VncCanvas.java JavaViewer/VncCanvas.java
  						result = 0; // Transparent pixel
 diff -Naur JavaViewer.orig/VncViewer.java JavaViewer/VncViewer.java
 --- JavaViewer.orig/VncViewer.java	2006-05-24 15:14:40.000000000 -0400
-+++ JavaViewer/VncViewer.java	2010-02-22 21:58:51.000000000 -0500
-@@ -80,11 +80,11 @@
++++ JavaViewer/VncViewer.java	2010-03-20 19:50:16.000000000 -0400
+@@ -41,6 +41,7 @@
+ import java.io.*;
+ import java.net.*;
+ import javax.swing.*;
++import java.util.Date;
+ 
+ public class VncViewer extends java.applet.Applet
+   implements java.lang.Runnable, WindowListener {
+@@ -80,11 +81,11 @@
    GridBagLayout gridbag;
    ButtonPanel buttonPanel;
    AuthPanel authenticator;
@@ -4498,7 +4849,7 @@ diff -Naur JavaViewer.orig/VncViewer.java JavaViewer/VncViewer.java
  
    // Control session recording.
    Object recordingSync;
-@@ -96,7 +96,7 @@
+@@ -96,7 +97,7 @@
  
    // Variables read from parameter values.
    String host;
@@ -4507,7 +4858,7 @@ diff -Naur JavaViewer.orig/VncViewer.java JavaViewer/VncViewer.java
    String passwordParam;
    String encPasswordParam;
    boolean showControls;
-@@ -115,28 +115,71 @@
+@@ -115,28 +116,72 @@
    int i;
    // mslogon support 2 end
  
@@ -4518,6 +4869,7 @@ diff -Naur JavaViewer.orig/VncViewer.java JavaViewer/VncViewer.java
 +String urlPrefix;
 +String httpsPort;
 +String oneTimeKey;
++String serverCert;
 +String ftpDropDown;
 +String proxyHost;
 +String proxyPort;
@@ -4585,7 +4937,7 @@ diff -Naur JavaViewer.orig/VncViewer.java JavaViewer/VncViewer.java
      // authenticator = new AuthPanel(false);   // mslogon support : go to connectAndAuthenticate()
      if (RecordingFrame.checkSecurity())
        rec = new RecordingFrame(this);
-@@ -147,10 +190,11 @@
+@@ -147,10 +192,11 @@
      cursorUpdatesDef = null;
      eightBitColorsDef = null;
  
@@ -4599,7 +4951,7 @@ diff -Naur JavaViewer.orig/VncViewer.java JavaViewer/VncViewer.java
      rfbThread = new Thread(this);
      rfbThread.start();
    }
-@@ -186,6 +230,30 @@
+@@ -186,6 +232,30 @@
        gbc.weightx = 1.0;
        gbc.weighty = 1.0;
  
@@ -4630,7 +4982,7 @@ diff -Naur JavaViewer.orig/VncViewer.java JavaViewer/VncViewer.java
  	// Add ScrollPanel to applet mode
  
  	// Create a panel which itself is resizeable and can hold
-@@ -286,6 +354,24 @@
+@@ -286,6 +356,24 @@
  
    void connectAndAuthenticate() throws Exception {
  
@@ -4655,7 +5007,7 @@ diff -Naur JavaViewer.orig/VncViewer.java JavaViewer/VncViewer.java
      // If "ENCPASSWORD" parameter is set, decrypt the password into
      // the passwordParam string.
  
-@@ -336,7 +422,22 @@
+@@ -336,7 +424,22 @@
      //
  
      
@@ -4679,7 +5031,7 @@ diff -Naur JavaViewer.orig/VncViewer.java JavaViewer/VncViewer.java
  
      authenticator = new AuthPanel(mslogon);
      
-@@ -390,6 +491,10 @@
+@@ -390,6 +493,10 @@
  	break;
        //mslogon support end
  
@@ -4690,7 +5042,7 @@ diff -Naur JavaViewer.orig/VncViewer.java JavaViewer/VncViewer.java
        // Retry on authentication failure.
        authenticator.retry();
      }
-@@ -405,9 +510,11 @@
+@@ -405,9 +512,11 @@
  
    void prologueDetectAuthProtocol() throws Exception {
  
@@ -4704,7 +5056,7 @@ diff -Naur JavaViewer.orig/VncViewer.java JavaViewer/VncViewer.java
  
      System.out.println("RFB server supports protocol version " +
  		       rfb.serverMajor + "." + rfb.serverMinor);
-@@ -431,16 +538,36 @@
+@@ -431,16 +540,36 @@
  
    boolean tryAuthenticate(String us, String pw) throws Exception {
      
@@ -4747,7 +5099,7 @@ diff -Naur JavaViewer.orig/VncViewer.java JavaViewer/VncViewer.java
  
      switch (authScheme) {
  
-@@ -629,6 +756,10 @@
+@@ -629,6 +758,10 @@
  
    void doProtocolInitialisation() throws IOException {
  
@@ -4758,9 +5110,12 @@ diff -Naur JavaViewer.orig/VncViewer.java JavaViewer/VncViewer.java
      rfb.writeClientInit();
  
      rfb.readServerInit();
-@@ -775,8 +906,25 @@
+@@ -774,9 +907,28 @@
+ 	fatalError("HOST parameter not specified");
        }
      }
++    Date d = new Date();
++    System.out.println("-\nSSL VNC Java Applet starting.  " + d);
  
 -    String str = readParameter("PORT", true);
 -    port = Integer.parseInt(str);
@@ -4786,7 +5141,7 @@ diff -Naur JavaViewer.orig/VncViewer.java JavaViewer/VncViewer.java
  
      if (inAnApplet) {
        str = readParameter("Open New Window", false);
-@@ -804,6 +952,138 @@
+@@ -804,6 +956,143 @@
      deferScreenUpdates = readIntParameter("Defer screen updates", 20);
      deferCursorUpdates = readIntParameter("Defer cursor updates", 10);
      deferUpdateRequests = readIntParameter("Defer update requests", 50);
@@ -4840,7 +5195,12 @@ diff -Naur JavaViewer.orig/VncViewer.java JavaViewer/VncViewer.java
 +
 +    oneTimeKey = readParameter("oneTimeKey", false);
 +    if (oneTimeKey != null) {
-+    	System.out.println("oneTimeKey: is set");
++    	System.out.println("oneTimeKey is set.");
++    }
++
++    serverCert = readParameter("serverCert", false);
++    if (serverCert != null) {
++    	System.out.println("serverCert is set.");
 +    }
 +
 +    forceProxy = false;
diff --git a/x11vnc/ChangeLog b/x11vnc/ChangeLog
index fb6f8ad..0117e45 100644
--- a/x11vnc/ChangeLog
+++ b/x11vnc/ChangeLog
@@ -1,3 +1,16 @@
+2010-03-20  Karl Runge <runge@karlrunge.com>
+	* classes/ssl: Many improvements to Java SSL applet, onetimekey
+	  serverCert param, debugging printout, user dialogs, catch
+	  socket exceptions, autodetect x11vnc for GET=1.
+	* x11vnc: misc/scripts: desktop.cgi, inet6to4, panner.pl.
+	  X11VNC_HTTPS_DOWNLOAD_WAIT_TIME, -unixpw %xxx documented, and
+	  can run user cmd in UNIXPW_CMD. FD_XDMCP_IF for create script,
+	  autodetect dm on udp6 only.  Queries: pointer_x, pointer_y,
+	  pointer_same, pointer_root.  Switch on -xkd if keysyms per key >
+	  4 in all cases.  daemon mode improvements for connect_switch,
+	  inet6to4, ultravnc_repeater.pl.  Dynamic change of -clip do
+	  not create new fb if WxH is unchanged.
+
 2010-02-22  Karl Runge <runge@karlrunge.com>
 	* classes/ssl: Java SSL applet viewer now works with certificate
 	  chains.
diff --git a/x11vnc/README b/x11vnc/README
index 6aa88b4..a291367 100644
--- a/x11vnc/README
+++ b/x11vnc/README
@@ -2,7 +2,7 @@
 Copyright (C) 2002-2010 Karl J. Runge <runge@karlrunge.com>
 All rights reserved.
 
-x11vnc README file                         Date: Mon Feb 22 22:22:33 EST 2010
+x11vnc README file                         Date: Sat Mar 20 23:15:32 EDT 2010
 
 The following information is taken from these URLs:
 
@@ -42,8 +42,8 @@ x11vnc: a VNC server for real X displays
    passwords where the user does not need to memorize his VNC
    display/port number. Normally a virtual X session (Xvfb) is created
    for each user, but it also works with X sessions on physical hardware.
-   See the [21]tsvnc terminal services mode of the SSVNC viewer that
-   takes advantage of this mode.
+   See the [21]tsvnc terminal services mode of the SSVNC viewer for one
+   way to take advantage of this mode.
 
    I wrote x11vnc back in 2002 because x0rfbserver was basically
    impossible to build on Solaris and had poor performance. The primary
@@ -63,7 +63,7 @@ x11vnc: a VNC server for real X displays
    massive, but you can often use your browser's find-in-page search
    action using a keyword to find the answer to your problem or question.
 
-   Please help [27]beta test the new performance speedup feature using
+   Please help [27]test the performance speedup feature using
    [28]viewer-side pixel caching "ncache".
 
    SSVNC:  An x11vnc side-project provides an [29]Enhanced TightVNC
@@ -192,8 +192,10 @@ to:     http://www.karlrunge.com/x11vnc/faq.html#faq-singleclick
    remote shell. Then fix this with the tips [44]below.
 
    Note as of Feb/2007 you can also try the [45]-find option instead of
-   "-display ..." and see if that finds your display and Xauthority. (End
-   of Common Gotcha)
+   "-display ..." and see if that finds your display and Xauthority. Note
+   as of Dec/2009 the [46]-findauth and "[47]-auth guess" options may be
+   helpful as well.
+   (End of Common Gotcha)
 
    When x11vnc starts up there will then be much chatter printed out (use
    "-q" to quiet it), until it finally says something like:
@@ -210,10 +212,11 @@ to:     http://www.karlrunge.com/x11vnc/faq.html#faq-singleclick
    Step 3. At the place where you are sitting (sitting-here.west in this
    example) you now want to run a VNC viewer program. There are VNC
    viewers for Unix, Windows, MacOS, Java-enabled web browsers, and even
-   for PDA's like the Palm Pilot! You can use any of them to connect to
-   x11vnc (see the above VNC links under "Background:" on how to obtain a
-   viewer for your platform or see [46]this FAQ. For Solaris, vncviewer
-   is available in the [47]Companion CD package SFWvnc.)
+   for PDA's like the Palm Pilot and Cell Phones! You can use any of them
+   to connect to x11vnc (see the above VNC links under "Background:" on
+   how to obtain a viewer for your platform or see [48]this FAQ. For
+   Solaris, vncviewer is available in the [49]Companion CD package
+   SFWvnc.)
 
    In this example we'll use the Unix vncviewer program on sitting-here
    by typing the following command in a second terminal window:
@@ -223,36 +226,36 @@ to:     http://www.karlrunge.com/x11vnc/faq.html#faq-singleclick
    That should pop up a viewer window on sitting-here.west showing and
    allowing interaction with the far-away.east:0  X11 desktop. Pretty
    nifty! When finished, exit the viewer: the remote x11vnc process will
-   shutdown automatically (or you can use the [48]-forever option to have
+   shutdown automatically (or you can use the [50]-forever option to have
    it wait for additional viewer connections.)
 
-   Common Gotcha: Nowadays there will likely be a host-level [49]firewall
+   Common Gotcha: Nowadays there will likely be a host-level [51]firewall
    on the x11vnc side that is blocking remote access to the VNC port
    (e.g. 5900.) You will either have to open up that port (or a range of
-   ports) in your firewall administration tool, or try the [50]SSH
+   ports) in your firewall administration tool, or try the [52]SSH
    tunnelling method below (even still the firewall must allow in the SSH
    port, 22.)
 
 
    Shortcut: Of course if you left x11vnc running on far-away.east:0 in a
-   terminal window with the [51]-forever option or as a [52]service,
+   terminal window with the [53]-forever option or as a [54]service,
    you'd only have to do Step 3 as you moved around. Be sure to use a VNC
-   [53]Password or [54]other measures if you do that.
+   [55]Password or [56]other measures if you do that.
 
 
    Super Shortcut: Here is a potentially very easy way to get all of it
    working.
      * Have x11vnc (0.9.3 or later) available to run on the remote host
        (i.e. in $PATH.)
-     * Download and unpack a [55]SSVNC bundle (1.0.19 or later, e.g.
-       [56]ssvnc_no_windows-1.0.23.tar.gz) on the Viewer-side machine.
+     * Download and unpack a [57]SSVNC bundle (1.0.19 or later, e.g.
+       [58]ssvnc_no_windows-1.0.23.tar.gz) on the Viewer-side machine.
      * Start the SSVNC Terminal Services mode GUI: ./ssvnc/bin/tsvnc
      * Enter your remote username@hostname (e.g. fred@far-away.east) in
        the "VNC Terminal Server" entry.
      * Click "Connect".
 
    That will do an SSH to username@hostname and start up x11vnc and then
-   connect a VNC Viewer through the SSH [57]encrypted tunnel.
+   connect a VNC Viewer through the SSH [59]encrypted tunnel.
 
    There are a number of things assumed here, first that you are able to
    SSH into the remote host; i.e. that you have a Unix account there and
@@ -261,7 +264,7 @@ to:     http://www.karlrunge.com/x11vnc/faq.html#faq-singleclick
    plink binary is included in the SSVNC bundle.) Finally, it is assumed
    that you are already logged into an X session on the remote machine,
    e.g. your workstation (otherwise, a virtual X server, e.g. Xvfb, will
-   be [58]started for you.)
+   be [60]started for you.)
 
    In some cases the remote SSH server will not run commands with the
    same $PATH that you normally have in your shell there. In this case
@@ -283,7 +286,7 @@ to:     http://www.karlrunge.com/x11vnc/faq.html#faq-singleclick
    For these cases it should be obvious how it is done. The above steps
    will work, but more easily the user sitting at far-away.east:0 simply
    starts up x11vnc from a terminal window, after which the guests would
-   start their VNC viewers. For this usage mode the "[59]-connect
+   start their VNC viewers. For this usage mode the "[61]-connect
    host1,host2" option may be of use to automatically connect to the
    vncviewers in "-listen" mode on the list of hosts.
      _________________________________________________________________
@@ -319,7 +322,7 @@ to:     http://www.karlrunge.com/x11vnc/faq.html#faq-singleclick
    Note that "x11vnc -localhost ..." limits incoming vncviewer
    connections to only those from the same machine. This is very natural
    for ssh tunnelling (the redirection appears to come from the same
-   machine.) Use of a [60]VNC password is also strongly recommended.
+   machine.) Use of a [62]VNC password is also strongly recommended.
 
    Note also the -t we used above (force allocate pseudoterminal), it
    actually seems to improve interactive typing response via VNC!
@@ -335,16 +338,16 @@ to:     http://www.karlrunge.com/x11vnc/faq.html#faq-singleclick
    Some VNC viewers will do the ssh tunnelling for you automatically, the
    TightVNC Unix vncviewer does this when the "-via far-away.east" option
    is supplied to it (this requires x11vnc to be already running on
-   far-away.east or having it started by [61]inetd(8).) See the 3rd
-   script example [62]below for more info.
+   far-away.east or having it started by [63]inetd(8).) See the 3rd
+   script example [64]below for more info.
 
-   SSVNC:  You may also want to look at the [63]Enhanced TightVNC Viewer
+   SSVNC:  You may also want to look at the [65]Enhanced TightVNC Viewer
    (ssvnc) bundles because they contain scripts and GUIs to automatically
    set up SSH tunnels (e.g. the GUI, "ssvnc", does it automatically and
    so does this command: "ssvnc_cmd -ssh user@far-away.east:0") and can
    even start up x11vnc as well.
 
-   The [64]Terminal Services mode of SSVNC is perhaps the easiest way to
+   The [66]Terminal Services mode of SSVNC is perhaps the easiest way to
    use x11vnc. You just need to have x11vnc available in $PATH on the
    remote side (and can SSH to the host), and then on the viewer-side you
    type something like:
@@ -368,13 +371,13 @@ to:     http://www.karlrunge.com/x11vnc/faq.html#faq-singleclick
 
    Once logged in, you'll need to do a second login (ssh, rsh, etc.) to
    the workstation machine 'OtherHost' and then start up x11vnc on it (if
-   it isn't already running.) (The "[65]-connect gateway:59xx" option may
+   it isn't already running.) (The "[67]-connect gateway:59xx" option may
    be another alternative here with the viewer already in -listen mode.)
    For an automatic way to use a gateway and have all the network traffic
-   encrypted (including inside the firewall) see [66]Chaining SSH's.
+   encrypted (including inside the firewall) see [68]Chaining SSH's.
 
    These gateway access modes also can be done automatically for you via
-   the "Proxy/Gateway" setting in [67]SSVNC (including the Chaining SSH's
+   the "Proxy/Gateway" setting in [69]SSVNC (including the Chaining SSH's
    case, "Double Proxy".)
 
    Firewalls/Routers:
@@ -390,7 +393,7 @@ to:     http://www.karlrunge.com/x11vnc/faq.html#faq-singleclick
    One thing that can be done is to redirect a port on the
    Firewall/Router to, say, the SSH port (22) on an inside machine (how
    to do this depends on your particular Firewall/Router, often the
-   router config URL is http://192.168.100.1 See [68]www.portforward.com
+   router config URL is http://192.168.100.1 See [70]www.portforward.com
    for more info.) This way you reach these computers from anywhere on
    the Internet and use x11vnc to view X sessions running on them.
 
@@ -408,7 +411,7 @@ nc -localhost -display :0'
 
    Where far-away.east means the hostname (or IP) that the
    Router/Firewall is using (for home setups this is usually the IP
-   gotten from your ISP via DHCP, the site [69]http://www.whatismyip.com/
+   gotten from your ISP via DHCP, the site [71]http://www.whatismyip.com/
    is a convenient way to determine what it is.)
 
    It is a good idea to add some obscurity to accessing your system via
@@ -419,7 +422,7 @@ nc -localhost -display :0'
   Port 22 -> 192.168.1.3, Port 22 (SSH)
 
    Again, this SSH gateway access can be done automatically for you via
-   the "Proxy/Gateway" setting in [70]SSVNC. And under the "Remote SSH
+   the "Proxy/Gateway" setting in [72]SSVNC. And under the "Remote SSH
    Command" setting you can enter the x11vnc -localhost -display :0.
 
    Host-Level-Firewalls: even with the hardware Firewall/Router problem
@@ -436,7 +439,7 @@ nc -localhost -display :0'
   Port 5901 -> 192.168.1.4, Port 5900 (VNC)
 
    (where 192.168.1.3 is "jills-pc" and 192.168.1.4 is "freds-pc".) This
-   could be used for normal, unencrypted connections and also for [71]SSL
+   could be used for normal, unencrypted connections and also for [73]SSL
    encrypted ones.
 
    The the VNC displays to enter in the VNC viewer would be, say,
@@ -450,7 +453,7 @@ nc -localhost -display :0'
   vncviewer 24.56.78.93:0
 
    The IP address would need to be communicated to the person running the
-   VNC Viewer. The site [72]http://www.whatismyip.com/ can help here.
+   VNC Viewer. The site [74]http://www.whatismyip.com/ can help here.
 
      _________________________________________________________________
 
@@ -459,7 +462,7 @@ nc -localhost -display :0'
    above port and display numbers may change a bit (e.g. -> 5901 and :1).
    However, if you "know" port 5900 will be free on the local and remote
    machines, you can easily automate the above two steps by using the
-   x11vnc option [73]-bg (forks into background after connection to the
+   x11vnc option [75]-bg (forks into background after connection to the
    display is set up) or using the -f option of ssh. Some example scripts
    are shown below. Feel free to try the ssh -C to enable its compression
    and see if that speeds things up noticeably.
@@ -492,7 +495,7 @@ done
 
    #2. Another method is to start the VNC viewer in listen mode
    "vncviewer -listen" and have x11vnc initiate a reverse connection
-   using the [74]-connect option:
+   using the [76]-connect option:
 #!/bin/sh
 # usage: x11vnc_ssh <host>:<xdisplay>
 #  e.g.: x11vnc_ssh snoopy.peanuts.com:0
@@ -535,7 +538,7 @@ export VNC_VIA_CMD
 vncviewer -via $host localhost:0      # must be TightVNC vncviewer.
 
    Of course if you already have the x11vnc running waiting for
-   connections (or have it started out of [75]inetd(8)), you can simply
+   connections (or have it started out of [77]inetd(8)), you can simply
    use the TightVNC "vncviewer -via gateway host:port" in its default
    mode to provide secure ssh tunnelling.
      _________________________________________________________________
@@ -543,38 +546,38 @@ vncviewer -via $host localhost:0      # must be TightVNC vncviewer.
 
 
    VNC password file: Also note in the #1. example script that the
-   [76]option "-rfbauth .vnc/passwd" provides additional protection by
+   [78]option "-rfbauth .vnc/passwd" provides additional protection by
    requiring a VNC password for every VNC viewer that connects. The
-   vncpasswd or storepasswd programs, or the x11vnc [77]-storepasswd
+   vncpasswd or storepasswd programs, or the x11vnc [79]-storepasswd
    option can be used to create the password file. x11vnc also has the
-   slightly less secure [78]-passwdfile and "-passwd XXXXX" [79]options
+   slightly less secure [80]-passwdfile and "-passwd XXXXX" [81]options
    to specify passwords.
 
    Very Important: It is up to YOU to tell x11vnc to use password
    protection (-rfbauth or -passwdfile), it will NOT do it for you
-   automatically or force you to (use [80]-usepw if you want to be forced
+   automatically or force you to (use [82]-usepw if you want to be forced
    to.) The same goes for encrypting the channel between the viewer and
-   x11vnc: it is up to you to use ssh, stunnel, [81]-ssl mode, a VPN,
-   etc. (use the [82]Enhanced TightVNC Viewer (SSVNC) GUI if you want to
+   x11vnc: it is up to you to use ssh, stunnel, [83]-ssl mode, a VPN,
+   etc. (use the [84]Enhanced TightVNC Viewer (SSVNC) GUI if you want to
    be forced to use SSL or SSH.) For additional safety, also look into
-   the -allow and -localhost [83]options and building x11vnc with
-   [84]tcp_wrappers support to limit host access.
+   the -allow and -localhost [85]options and building x11vnc with
+   [86]tcp_wrappers support to limit host access.
 
      _________________________________________________________________
 
     Tunnelling x11vnc via SSL/TLS:
 
    One can also encrypt the VNC traffic using an SSL/TLS tunnel such as
-   [85]stunnel.mirt.net (also [86]stunnel.org) or using the built-in
-   (Mar/2006) [87]-ssl openssl mode. A SSL-enabled Java applet VNC Viewer
+   [87]stunnel.mirt.net (also [88]stunnel.org) or using the built-in
+   (Mar/2006) [89]-ssl openssl mode. A SSL-enabled Java applet VNC Viewer
    is also provided in the x11vnc package (and https can be used to
    download it.)
 
    Although not as ubiquitous as ssh, SSL tunnelling still provides a
-   useful alternative. See [88]this FAQ on -ssl and -stunnel modes for
+   useful alternative. See [90]this FAQ on -ssl and -stunnel modes for
    details and examples.
 
-   The [89]Enhanced TightVNC Viewer (SSVNC) bundles contain some
+   The [91]Enhanced TightVNC Viewer (SSVNC) bundles contain some
    convenient utilities to automatically set up an SSL tunnel from the
    viewer-side (i.e. to connect to "x11vnc -ssl ...".) And many other
    enhancements too.
@@ -582,29 +585,29 @@ vncviewer -via $host localhost:0      # must be TightVNC vncviewer.
 
     Downloading x11vnc:
 
-   x11vnc is a contributed program to the [90]LibVNCServer project at
+   x11vnc is a contributed program to the [92]LibVNCServer project at
    SourceForge.net. I use libvncserver for all of the VNC aspects; I
    couldn't have done without it. The full source code may be found and
    downloaded (either file-release tarball or GIT tree) from the above
-   link. As of Dec 2009, the [91]x11vnc-0.9.9.tar.gz source package is
-   released (recommended download). The [92]x11vnc 0.9.9 release notes.
+   link. As of Dec 2009, the [93]x11vnc-0.9.9.tar.gz source package is
+   released (recommended download). The [94]x11vnc 0.9.9 release notes.
 
    The x11vnc package is the subset of the libvncserver package needed to
    build the x11vnc program. Also, you can get a copy of my latest,
-   bleeding edge [93]x11vnc-0.9.10.tar.gz tarball to build the most up to
-   date one.
+   bleeding edge [95]x11vnc-0.9.10-dev.tar.gz tarball to build the most
+   up to date one.
 
-   Precompiled Binaries/Packages:  See the [94]FAQ below for information
+   Precompiled Binaries/Packages:  See the [96]FAQ below for information
    about where you might obtain a precompiled x11vnc binary from 3rd
    parties and some ones I create.
 
    VNC Viewers:  To obtain VNC viewers for the viewing side (Windows, Mac
    OS, or Unix) try these links:
-     * [95]http://www.tightvnc.com/download.html
-     * [96]http://www.realvnc.com/download-free.html
-     * [97]http://sourceforge.net/projects/cotvnc/
-     * [98]http://www.ultravnc.com/
-     * [99]Our Enhanced TightVNC Viewer (SSVNC)
+     * [97]http://www.tightvnc.com/download.html
+     * [98]http://www.realvnc.com/download-free.html
+     * [99]http://sourceforge.net/projects/cotvnc/
+     * [100]http://www.ultravnc.com/
+     * [101]Our Enhanced TightVNC Viewer (SSVNC)
 
        [ssvnc.gif]
 
@@ -617,16 +620,16 @@ vncviewer -via $host localhost:0      # must be TightVNC vncviewer.
    rx11vnc.pl that attempts to tunnel the vnc traffic through an ssh port
    redirection (and does not assume port 5900 is free.) Have a look at
    them to see what they do and customize as needed:
-     * [100]rx11vnc wrapper script
-     * [101]rx11vnc.pl wrapper script to tunnel traffic thru ssh
+     * [102]rx11vnc wrapper script
+     * [103]rx11vnc.pl wrapper script to tunnel traffic thru ssh
 
      _________________________________________________________________
 
     Building x11vnc:
 
-   Make sure you have all the needed [102]build/compile/development
+   Make sure you have all the needed [104]build/compile/development
    packages installed (e.g. Linux distributions foolishly don't install
-   them by default.)
+   them by default.) See this [105]build FAQ for more details.
 
    If your OS has libjpeg.so and libz.so in standard locations you can
    build as follows (example given for the 0.9.9 release of x11vnc:
@@ -653,8 +656,8 @@ vncviewer -via $host localhost:0      # must be TightVNC vncviewer.
    Note: Currently gcc is recommended to build libvncserver. In some
    cases it will build with non-gcc compilers, but the resulting binary
    sometimes fails to run properly. For Solaris pre-built gcc binaries
-   are at [103]http://www.sunfreeware.com/. Some Solaris pre-built x11vnc
-   binaries are [104]here.
+   are at [106]http://www.sunfreeware.com/. Some Solaris pre-built x11vnc
+   binaries are [107]here.
 
    However, one user reports it does work fine when built with Sun Studio
    10, so YMMV. In fact, here is a little build script to do this on
@@ -674,12 +677,12 @@ export MAKE AM_CFLAGS
 $MAKE
 
    In general you can use the "make -e" trick if you don't like
-   libvncserver's choice of AM_CFLAGS. See the [105]build scripts below
+   libvncserver's choice of AM_CFLAGS. See the [108]build scripts below
    for more ideas. Scripts similar to the above have been shown to work
    with vendor C compilers on HP-UX (ccom: HP92453-01) and Tru64 (Compaq
    C V6.5-011.)
 
-   You can find information on [106]Misc. Build problems here.
+   You can find information on [109]Misc. Build problems here.
 
      _________________________________________________________________
 
@@ -717,9 +720,9 @@ r/sfw; make'
 
    If your system does not have these libraries at all you can get the
    source for the libraries to build them: libjpeg is available at
-   [107]ftp://ftp.uu.net/graphics/jpeg/ and zlib at
-   [108]http://www.gzip.org/zlib/. See also
-   [109]http://www.sunfreeware.com/ for Solaris binary packages of these
+   [110]ftp://ftp.uu.net/graphics/jpeg/ and zlib at
+   [111]http://www.gzip.org/zlib/. See also
+   [112]http://www.sunfreeware.com/ for Solaris binary packages of these
    libraries as well as for gcc. Normally they will install into
    /usr/local but you can install them anywhere with the
    --prefix=/path/to/anywhere, etc.
@@ -789,10 +792,10 @@ ls -l ./x11vnc/x11vnc
    --with-zlib=DIR" options are handy if you want to avoid making a
    script.
 
-   If you need to link OpenSSL libssl.a on Solaris see this [110]method.
+   If you need to link OpenSSL libssl.a on Solaris see this [113]method.
 
    If you need to build on Solaris 2.5.1 or earlier or other older Unix
-   OS's, see [111]this workaround FAQ.
+   OS's, see [114]this workaround FAQ.
 
 
    Building on FreeBSD, OpenBSD, ...:   The jpeg libraries seem to be in
@@ -852,7 +855,7 @@ make
    is something like "/usr/bin/X11/X -force -vfb -ac :1".
 
 
-   Building on Mac OS X:   There is now [112]native Mac OS X support for
+   Building on Mac OS X:   There is now [115]native Mac OS X support for
    x11vnc by using the raw framebuffer feature. This mode does not use or
    need X11 at all. To build you may need to disable X11:
 ./configure --without-x ...
@@ -866,7 +869,7 @@ make
 
 
    OpenSSL:   Starting with version 0.8.3 x11vnc can now be built with
-   [113]SSL/TLS support. For this to be enabled the libssl.so library
+   [116]SSL/TLS support. For this to be enabled the libssl.so library
    needs to be available at build time. So you may need to have
    additional CPPFLAGS and LDFLAGS items if your libssl.so is in a
    non-standard place. As of x11vnc 0.9.4 there is also the
@@ -892,34 +895,72 @@ make
    Spring 2010.
 
    The version 0.9.10 beta tarball is kept here:
-   [114]x11vnc-0.9.10.tar.gz
+   [117]x11vnc-0.9.10-dev.tar.gz
 
    There are also some Linux, Solaris, Mac OS X, and other OS test
-   binaries [115]here. Please kick the tires and report bugs, performance
-   regressions, undesired behavior, etc. to [116]me.
+   binaries [118]here. Please kick the tires and report bugs, performance
+   regressions, undesired behavior, etc. to [119]me.
 
-   To aid testing of the [117]built-in SSL/TLS support for x11vnc, a
+   To aid testing of the [120]built-in SSL/TLS support for x11vnc, a
    number of VNC Viewer packages for Unix, Mac OS X, and Windows have
    been created that provide SSL Support for the TightVNC Viewer (this is
-   done by [118]wrapper scripts and a GUI that starts [119]STUNNEL.) It
+   done by [121]wrapper scripts and a GUI that starts [122]STUNNEL.) It
    should be pretty convenient for automatic SSL and SSH connections. It
-   is described in detail at and can be downloaded from the [120]Enhanced
+   is described in detail at and can be downloaded from the [123]Enhanced
    TightVNC Viewer (SSVNC) page. The SSVNC Unix viewer also supports
-   x11vnc's symmetric key [121]encryption ciphers (see the 'UltraVNC DSM
+   x11vnc's symmetric key [124]encryption ciphers (see the 'UltraVNC DSM
    Encryption Plugin' settings panel.)
 
 
    Here are some features that will appear in the 0.9.10 release:
-     * The [122]Xdummy wrapper script for Xorg's dummy driver is updated
+     * The included SSL enabled Java applet viewer now supports Chained
+       SSL Certificates. The debugCerts=yes applet parameter aids
+       troubleshooting certificate validation. The x11vnc [125]-ssl mode
+       has always supported [126]chained SSL certificates (simply put the
+       intermediate certificates, in order, after the server certificate
+       in the pem file.)
+     * A bug has been fixed that would prevent the Java applet viewer
+       from being downloaded successfully in single-port HTTPS/VNC inetd
+       mode. The env. var. X11VNC_HTTPS_DOWNLOAD_WAIT_TIME can be used to
+       adjust for how many seconds a [127]-inetd or [128]-https httpd
+       download is waited for (default 15 seconds.)
+     * The [129]-sslScripts option prints out the SSL certificate
+       management scripts.
+     * A demo CGI script [130]desktop.cgi shows how to create a
+       multi-user x11vnc web login desktop service. The user logs into a
+       secure web site and gets his/her own virtual desktop ([131]Xvfb.)
+       x11vnc's SSL enabled Java Viewer Applet is launched by the web
+       browser for secure viewing (and so no software needs to be
+       installed on the viewer-side.) One can use the desktop.cgi script
+       for ideas to create their own fancier or customized web login
+       desktop service (e.g. user-creation, PHP, SQL, specialized desktop
+       application, etc.) More info [132]here. There is also an optional
+       'port redirection' mode that allows redirection to other SSL
+       enabled VNC servers running inside the firewall.
+     * The [133]Xdummy wrapper script for Xorg's dummy driver is updated
        and no longer requires being run as root. New service options are
        provided to select Xdummy over Xvfb as the virtual X server to be
        created.
+     * The "%" unix password verification tricks for the [134]-unixpw
+       option are now documented. They have also been extended to run a
+       command as the user if one sets the environment variable
+       UNIXPW_CMD. The desktop.cgi demo script takes advantage of this
+       new feature.
+     * The TightVNC sercurity type (TightVNC features enabler) now works
+       for RFB version 3.8.
+     * A transitional tool is provided in [135]inet6to4 to allow x11vnc
+       to receive connections over [136]IPv6.
+     * The X property X11VNC_TRAP_XRANDR can be set on a desktop to force
+       x11vnc to use the [137]-xrandr screen size change trapping code.
+     * New remote control query options: pointer_x, pointer_y,
+       pointer_same, and pointer_root. A demo script using them
+       misc/panner.pl is provided.
 
 
    Here are some features that appeared in the 0.9.9 release (Dec/2009):
-     * The [123]-unixpw_system_greeter option, when used in combined
+     * The [138]-unixpw_system_greeter option, when used in combined
        unixpw and XDMCP FINDCREATEDISPLAY mode (for example:
-       [124]-xdmsvc), enables the user to press Escape to jump directly
+       [139]-xdmsvc), enables the user to press Escape to jump directly
        to the XDM/GDM/KDM login greeter screen. This way the user avoids
        entering his unix password twice at X session creation time. Also,
        the unixpw login panel now has a short help displayed if the user
@@ -929,10 +970,10 @@ make
        clients like Eggplant and JollysFastVNC continuously spray these
        requests at VNC servers (regardless of whether they have received
        any updates or not.) Under some circumstances this could lead to
-       x11vnc falling behind. The [125]-extra_fbur option allows one to
+       x11vnc falling behind. The [140]-extra_fbur option allows one to
        fine tune the setting. Additionally, one may also dial down
-       delays: e.g. "[126]-defer 5" and "[127]-wait 5" (or to 1 or even
-       0) or [128]-nonap or [129]-allinput to keep up with these VNC
+       delays: e.g. "[141]-defer 5" and "[142]-wait 5" (or to 1 or even
+       0) or [143]-nonap or [144]-allinput to keep up with these VNC
        clients at the expense of increased system load.
      * Heuristics are applied to try to determine if the X display is
        currently in a Display Manager Greeter Login panel (e.g. GDM) If
@@ -944,9 +985,9 @@ make
        the use of the XFIXES cursor fetching functionality; this avoids
        an Xorg bug that causes Xorg to crash right after the user logs
        in.
-     * A new option [130]-findauth runs the FINDDISPLAY script that
+     * A new option [145]-findauth runs the FINDDISPLAY script that
        applies heuristics that try to determine the XAUTHORITY file. The
-       use of '[131]-auth guess' will use the XAUTHORITY that -findauth
+       use of '[146]-auth guess' will use the XAUTHORITY that -findauth
        reveals. This can be handy in with the lastest GDM where the
        ability to store cookies in ~/.Xauthority has been removed. If
        x11vnc is running as root (e.g. inetd) and you add -env FD_XDM=1
@@ -954,28 +995,28 @@ make
        the correct XAUTHORITY for the given display (this works for
        XDM/GDM/KDM if the login greeter panel is up or if someone has
        already logged into an X session.)
-     * The FINDDISPLAY and FINDCREATEDISPLAY modes (i.e. "[132]-display
-       WAIT:cmd=...", [133]-find, [134]-create) now work correctly for
-       the user-supplied login program scheme "[135]-unixpw_cmd ...", as
+     * The FINDDISPLAY and FINDCREATEDISPLAY modes (i.e. "[147]-display
+       WAIT:cmd=...", [148]-find, [149]-create) now work correctly for
+       the user-supplied login program scheme "[150]-unixpw_cmd ...", as
        long as the login program supports running commands specified in
        the environment variable "RFB_UNIXPW_CMD_RUN" as the logged-in
-       user. The mode "[136]-unixpw_nis ..." has also been made more
+       user. The mode "[151]-unixpw_nis ..." has also been made more
        consistent.
-     * The [137]-stunnel option (like [138]-ssl but uses stunnel as an
-       external helper program) now works with the [139]-ssl "SAVE" and
-       "TMP" special certificate names. The [140]-sslverify and
-       [141]-sslCRL options now work correctly in [142]-stunnel mode.
+     * The [152]-stunnel option (like [153]-ssl but uses stunnel as an
+       external helper program) now works with the [154]-ssl "SAVE" and
+       "TMP" special certificate names. The [155]-sslverify and
+       [156]-sslCRL options now work correctly in [157]-stunnel mode.
        Single port HTTPS connections are also supported for this mode.
      * There is an experimental Application Sharing mode that improves
-       upon the -id/-sid single window sharing: [143]-appshare (run
+       upon the -id/-sid single window sharing: [158]-appshare (run
        "x11vnc -appshare -help" for more info.) It is still very
        primitive and approximate, but at least it displays multiple
        top-level windows.
-     * The remote control command [144]-R can be used to instruct x11vnc
+     * The remote control command [159]-R can be used to instruct x11vnc
        to resend its most recent copy of the Clipboard, Primary, or
        Cutbuffer selections: "x11vnc -R resend_clipboard", "x11vnc -R
        resend_primary", and "x11vnc -R resend_cutbuffer".
-     * The fonts in the GUI ([145]-gui) can now by set via environment
+     * The fonts in the GUI ([160]-gui) can now by set via environment
        variables, e.g. -env X11VNC_FONT_BOLD='Helvetica -16 bold' and
        -env X11VNC_FONT_FIXED='Courier -14'.
      * The XDAMAGE mechanism is now automatically disabled for a period
@@ -985,18 +1026,18 @@ make
      * There is an experimental workaround: "-env X11VNC_WATCH_DX_DY=1"
        that tries to avoid problems with poorly constructed menu themes
        that place the initial position of the mouse cursor inside a menu
-       item's active zone. More information [146]can be found here.
+       item's active zone. More information [161]can be found here.
 
 
    Here are some features that appeared in the 0.9.8 release (Jul/2009):
-     * Stability improvements to [147]-threads mode. Running x11vnc this
+     * Stability improvements to [162]-threads mode. Running x11vnc this
        way is more reliable now. Threaded operation sometimes gives
        better interactive response and faster updates: try it out. The
        threaded mode now supports multiple VNC viewers using the same VNC
        encoding. The threaded mode can also yield a performance
        enhancement in the many client case (e.g. class-room broadcast.)
        We have tested with 30 to 50 simultaneous clients. See also
-       [148]-reflect.
+       [163]-reflect.
        For simultaneous clients: the ZRLE encoding is thread safe on all
        platforms, and the Tight and Zlib encodings are currently only
        thread safe on Linux where thread local storage, __thread, is
@@ -1005,12 +1046,12 @@ make
        connected client, all encodings are safe on all platforms. Note
        that some features (e.g. scroll detection and -ncache) may be
        disabled or run with reduced functionality in -threads mode.
-     * Automatically tries to work around an [149]Xorg server bug
+     * Automatically tries to work around an [164]Xorg server bug
        involving infinitely repeating keys when turning off key
-       repeating. Use [150]-repeat if the automatic workaround fails.
+       repeating. Use [165]-repeat if the automatic workaround fails.
      * Improved reliability of the Single Port SSL VNC and HTTPS java
        viewer applet delivery mechanism.
-     * The [151]-clip mode works under [152]-rawfb.
+     * The [166]-clip mode works under [167]-rawfb.
 
 
    Here are some features that appeared in the 0.9.7 release (Mar/2009):
@@ -1020,38 +1061,38 @@ make
        case the special file /dev/vcsa2 is used to retrieve vt2's current
        text. Text and colors are shown, but no graphics.
      * Support for less than 8 bits per pixel framebuffers (e.g. 4 or 1
-       bpp) in the [153]-rawfb mode.
+       bpp) in the [168]-rawfb mode.
      * The SSL enabled UltraVNC Java viewer applet now has a [Home] entry
        in the "drives" drop down menu. This menu can be configured with
        the ftpDropDown applet parameter. All of the applet parameters are
        documented in classes/ssl/README.
-     * Experimental support for [154]VirtualGL's [155]TurboVNC (an
+     * Experimental support for [169]VirtualGL's [170]TurboVNC (an
        enhanced TightVNC for fast LAN high framerate usage.)
      * The CUPS Terminal Services helper mode has been improved.
-     * Improvements to the [156]-ncache_cr that allows smooth opaque
+     * Improvements to the [171]-ncache_cr that allows smooth opaque
        window motions using the 'copyrect' encoding when using
-       [157]-ncache mode.
-     * The [158]-rmflag option enables a way to indicate to other
+       [172]-ncache mode.
+     * The [173]-rmflag option enables a way to indicate to other
        processes x11vnc has exited.
      * Reverse connections using anonymous Diffie Hellman SSL encryption
        now work.
 
 
    Here are some features that appeared in the 0.9.6 release (Dec/2008):
-     * Support for [159]VeNCrypt SSL/TLS encrypted connections. It is
-       enabled by default in the [160]-ssl mode. VNC Viewers like
-       vinagre, gvncviewer/gtk-vnc, the vencrypt package, [161]SSVNC, and
+     * Support for [174]VeNCrypt SSL/TLS encrypted connections. It is
+       enabled by default in the [175]-ssl mode. VNC Viewers like
+       vinagre, gvncviewer/gtk-vnc, the vencrypt package, [176]SSVNC, and
        others support this encryption mode. It can also be used with the
-       [162]-unixpw option to enable Unix username and password
+       [177]-unixpw option to enable Unix username and password
        authentication (VeNCrypt's "*Plain" modes.) A similar but older
        VNC security type "ANONTLS" (used by vino) is supported as well.
-       See the [163]-vencrypt and [164]-anontls options for additional
+       See the [178]-vencrypt and [179]-anontls options for additional
        control. The difference between x11vnc's normal -ssl mode and
        VeNCrypt is that the former wraps the entire VNC connection in SSL
        (like HTTPS does for HTTP, i.e. "vncs://") while VeNCrypt switches
        on the SSL/TLS at a certain point during the VNC handshake. Use
-       [165]-sslonly to disable both VeNCrypt and ANONTLS (vino.)
-     * The "[166]-ssl ANON" option enables Anonymous Diffie-Hellman (ADH)
+       [180]-sslonly to disable both VeNCrypt and ANONTLS (vino.)
+     * The "[181]-ssl ANON" option enables Anonymous Diffie-Hellman (ADH)
        key exchange for x11vnc's normal SSL/TLS operation. Note that
        Anonymous Diffie-Hellman uses encryption for privacy, but provides
        no authentication and so is susceptible to Man-In-The-Middle
@@ -1059,17 +1100,17 @@ make
        SAVE", etc. and have the VNC viewer verify the cert.) The ANONTLS
        mode (vino) only supports ADH. VeNCrypt mode supports both ADH and
        regular X509 SSL certificates modes. For these ADH is enabled by
-       default. See [167]-vencrypt and [168]-anontls for how to disable
+       default. See [182]-vencrypt and [183]-anontls for how to disable
        ADH.
      * For x11vnc's SSL/TLS modes, one can now specify a Certificate
-       Revocation List (CRL) with the [169]-sslCRL option. This will only
+       Revocation List (CRL) with the [184]-sslCRL option. This will only
        be useful for wide deployments: say a company-wide x11vnc SSL
        access deployment using a central Certificate Authority (CA) via
-       [170]-sslGenCA and [171]-sslGenCert. This way if a user has his
+       [185]-sslGenCA and [186]-sslGenCert. This way if a user has his
        laptop lost or stolen, you only have to revoke his key instead of
        creating a new Certificate Authority and redeploying new keys to
        all users.
-     * The default SSL/TLS mode, "[172]-ssl" (no pem file parameter
+     * The default SSL/TLS mode, "[187]-ssl" (no pem file parameter
        supplied), is now the same as "-ssl SAVE" and will save the
        generated self-signed cert in "~/.vnc/certs/server.pem".
        Previously "-ssl" would create a temporary self-signed cert that
@@ -1079,45 +1120,45 @@ make
        same x11vnc server. Use "-ssl TMP" to regain the previous
        behavior. Use "-ssl SAVE_NOPROMPT" to avoid being prompted about
        using passphrase when the certificate is created.
-     * The option [173]-http_oneport enables single-port HTTP connections
+     * The option [188]-http_oneport enables single-port HTTP connections
        via the Java VNC Viewer. So, for example, the web browser URL
        "http://myhost.org:5900" works the same as
        "http://myhost.org:5800", but with the convenience of only
        involving one port instead of two. This works for both unencrypted
-       connections and for SSH tunnels (see [174]-httpsredir if the
+       connections and for SSH tunnels (see [189]-httpsredir if the
        tunnel port differs.) Note that HTTPS single-port operation in
-       [175]-ssl SSL encrypted mode has been available since x11vnc
+       [190]-ssl SSL encrypted mode has been available since x11vnc
        version 0.8.3.
-     * For the [176]-avahi/[177]-zeroconf Service Advertizing mode, if
+     * For the [191]-avahi/[192]-zeroconf Service Advertizing mode, if
        x11vnc was not compiled with the avahi-client library, then an
        external helper program, either avahi-publish(1) (on Unix) or
        dns-sd(1) (on Mac OS X), is used instead.
-     * The "[178]-rfbport PROMPT" option will prompt the user via the GUI
+     * The "[193]-rfbport PROMPT" option will prompt the user via the GUI
        to select the VNC port (e.g. 5901) to listen on, and a few other
        basic settings. This enables a handy GUI mode for naive users:
    x11vnc -gui tray=setpass -rfbport PROMPT -logfile $HOME/.x11vnc.log.%VNCDISP
 LAY
        suitable for putting in a launcher or menu, e.g.
-       [179]x11vnc.desktop. The [180]-logfile expansion is new too. In
+       [194]x11vnc.desktop. The [195]-logfile expansion is new too. In
        the GUI, the tray=setpass Properties panel has been improved.
-     * The [181]-solid solid background color option now works for the
+     * The [196]-solid solid background color option now works for the
        Mac OS X console.
-     * The [182]-reopen option instructs x11vnc to try to reopen the X
+     * The [197]-reopen option instructs x11vnc to try to reopen the X
        display if it is prematurely closed by, say, the display manager
-       (e.g. [183]GDM.)
+       (e.g. [198]GDM.)
 
 
    Here are some features that appeared in the 0.9.5 release (Oct/2008):
-     * Symmetric key [184]encryption ciphers. ARC4, AES-128, AES-256,
+     * Symmetric key [199]encryption ciphers. ARC4, AES-128, AES-256,
        blowfish, and 3des are supported. Salt and initialization vector
        seeding is provided. These compliment the more widely used SSL and
-       SSH encryption access methods. [185]SSVNC also supports these
+       SSH encryption access methods. [200]SSVNC also supports these
        encryption modes.
      * Scaling differently along the X- and Y-directions. E.g.
-       "[186]-scale 1280x1024" or "-scale 0.8x0.75"    Also,
-       "[187]-geometry WxH" is an alias for "-scale WxH"
+       "[201]-scale 1280x1024" or "-scale 0.8x0.75"    Also,
+       "[202]-geometry WxH" is an alias for "-scale WxH"
      * By having SSVNC version 1.0.21 or later available in your $PATH,
-       the [188]-chatwindow option allows a UltraVNC Text Chat window to
+       the [203]-chatwindow option allows a UltraVNC Text Chat window to
        appear on the local X11 console/display (this way the remote
        viewer can chat with the person at the physical display; e.g.
        helpdesk mode.) This also works on the Mac OS X console if the
@@ -1129,47 +1170,47 @@ LAY
 
 
    Here are some features that appeared in the 0.9.4 release (Sep/2008):
-     * Improvements to the [189]-find and [190]-create X session finding
+     * Improvements to the [204]-find and [205]-create X session finding
        or creating modes: new desktop types and service redirection
        options. Personal cupsd daemon and SSH port redirection helper for
-       use with [191]SSVNC's Terminal Services feature.
-     * Reverse VNC connections via [192]-connect work in the [193]-find,
-       [194]-create and related [195]-display WAIT:... modes.
+       use with [206]SSVNC's Terminal Services feature.
+     * Reverse VNC connections via [207]-connect work in the [208]-find,
+       [209]-create and related [210]-display WAIT:... modes.
      * Reverse VNC connections (either normal or SSL) can use a Web Proxy
        or a SOCKS proxy, or a SSH connection, or even a CGI URL to make
-       the outgoing connection. See: [196]-proxy. Forward connections can
-       also use: [197]-ssh.
-     * Reverse VNC connections via the [198]UltraVNC repeater proxy
+       the outgoing connection. See: [211]-proxy. Forward connections can
+       also use: [212]-ssh.
+     * Reverse VNC connections via the [213]UltraVNC repeater proxy
        (either normal or SSL) are supported. Use either the
-       "[199]-connect repeater=ID:NNNN+host:port" or "[200]-connect
-       repeater://host:port+ID:NNNN" notation. The [201]SSVNC VNC viewer
+       "[214]-connect repeater=ID:NNNN+host:port" or "[215]-connect
+       repeater://host:port+ID:NNNN" notation. The [216]SSVNC VNC viewer
        also supports the UltraVNC repeater. Also, a perl repeater
-       implemention is here: [202]ultravnc_repeater.pl
+       implemention is here: [217]ultravnc_repeater.pl
      * Support for indexed colormaps (PseudoColor) with depths other than
        8 (from 1 to 16 now work) for non-standard hardware. Option
-       "[203]-advertise_truecolor" to handle some workaround in this
+       "[218]-advertise_truecolor" to handle some workaround in this
        mode.
      * Support for the ZYWRLE encoding, this is the RealVNC ZRLE encoding
        extended to do motion video and photo regions more efficiently by
        way of a Wavelet based transformation.
-     * The [204]-finddpy and [205]-listdpy utilities help to debug and
-       configure the [206]-find, [207]-create, and [208]-display WAIT:...
+     * The [219]-finddpy and [220]-listdpy utilities help to debug and
+       configure the [221]-find, [222]-create, and [223]-display WAIT:...
        modes.
      * Some automatic detection of screen resizes are handled even if the
-       [209]-xrandr option is not supplied.
-     * The [210]-autoport options gives more control over the VNC port
+       [224]-xrandr option is not supplied.
+     * The [225]-autoport options gives more control over the VNC port
        x11vnc chooses.
-     * The [211]-ping secs can be used to help keep idle connections
+     * The [226]-ping secs can be used to help keep idle connections
        alive.
      * Pasting of the selection/clipboard into remote applications (e.g.
        Java) has been improved.
      * Fixed a bug if a client disconnects during the 'speed-estimation'
        phase.
      * To unset Caps_Lock, Num_Lock and raise all keys in the X server
-       use [212]-clear_all.
+       use [227]-clear_all.
      * Usage with dvorak keyboards has been improved. See also:
-       [213]-xkb.
-     * The [214]Java Viewer applet source code is now included in the
+       [228]-xkb.
+     * The [229]Java Viewer applet source code is now included in the
        x11vnc-0.9.*.tar.gz tarball. This means you can now build the Java
        viewer applet jar files from source. If you stopped shipping the
        Java viewer applet jar files due to lack of source code, you can
@@ -1177,7 +1218,7 @@ LAY
 
 
    Here are some features that appeared in the 0.9.3 release (Oct/2007):
-     * [215]Viewer-side pixmap caching. A large area of pixels (at least
+     * [230]Viewer-side pixmap caching. A large area of pixels (at least
        2-3 times as big as the framebuffer itself; the bigger the
        better... default is 10X) is placed below the framebuffer to act
        as a buffer/cache area for pixel data. The VNC CopyRect encoding
@@ -1185,7 +1226,7 @@ LAY
        Until we start modifying viewers you will be able to see the cache
        area if you scroll down (this makes it easier to debug!) For
        testing the default is "-ncache 10". The unix Enhanced TightVNC
-       Viewer [216]ssvnc has a nice [217]-ycrop option to help hide the
+       Viewer [231]ssvnc has a nice [232]-ycrop option to help hide the
        pixel cache area from view.
 
 
@@ -1198,14 +1239,14 @@ LAY
      * If UltraVNC file transfer or chat is detected, then VNC clients
        are "pinged" more often to prevent these side channels from
        becoming serviced too infrequently.
-     * In [218]-unixpw mode in the username and password dialog no text
+     * In [233]-unixpw mode in the username and password dialog no text
        will be echoed if the first character sent is "Escape". This
        enables a convenience feature in SSVNC to send the username and
        password automatically.
 
 
    Here are some features that appeared in the 0.9.1 release (May/2007):
-     * The [219]UltraVNC Java viewer has been enhanced to support SSL (as
+     * The [234]UltraVNC Java viewer has been enhanced to support SSL (as
        the TightVNC viewer had been previously.) The UltraVNC Java
        supports ultravnc filetransfer, and so can be used as a VNC viewer
        on Unix that supports ultravnc filetransfer. It is in the
@@ -1216,12 +1257,12 @@ LAY
        Some other bugs in the UltraVNC Java viewer were fixed and a few
        improvements to the UI made.
      * A new Unix username login mode for VNC Viewers authenticated via a
-       Client SSL Certificate: "[220]-users sslpeer=". The emailAddress
+       Client SSL Certificate: "[235]-users sslpeer=". The emailAddress
        subject field is inspected for username@hostname and then acts as
        though "-users +username" has been supplied. This way the Unix
        username is identified by (i.e. simply extracted from) the Client
-       SSL Certificate. This could be useful with [221]-find,
-       [222]-create and [223]-svc modes if you are also have set up and
+       SSL Certificate. This could be useful with [236]-find,
+       [237]-create and [238]-svc modes if you are also have set up and
        use VNC Client SSL Certificate authentication.
      * For external display finding/creating programs (e.g. WAIT:cmd=...)
        if the VNC Viewer is authenticated via a Client SSL Certificate,
@@ -1230,41 +1271,41 @@ LAY
 
 
    Here are some features that appeared in the 0.9 release (Apr/2007):
-     * [224]VNC Service advertising via mDNS / ZeroConf / BonJour with
-       the [225]Avahi client library. Enable via "[226]-avahi" or
-       "[227]-zeroconf".
+     * [239]VNC Service advertising via mDNS / ZeroConf / BonJour with
+       the [240]Avahi client library. Enable via "[241]-avahi" or
+       "[242]-zeroconf".
      * Implementations of UltraVNC's TextChat, SingleWindow, and
-       ServerInput extensions (requires ultravnc viewer or [228]ssvnc
+       ServerInput extensions (requires ultravnc viewer or [243]ssvnc
        Unix viewer.) They toggle the selection of a single window
-       ([229]-id), and disable (friendly) user input and viewing (monitor
+       ([244]-id), and disable (friendly) user input and viewing (monitor
        blank) at the VNC server.
-     * Short aliases "[230]-find", "[231]-create", "[232]-svc", and
-       "[233]-xdmsvc" for commonly used FINDCREATEDISPLAY usage modes.
+     * Short aliases "[245]-find", "[246]-create", "[247]-svc", and
+       "[248]-xdmsvc" for commonly used FINDCREATEDISPLAY usage modes.
      * Reverse VNC connections (viewer listening) now work in SSL
-       ([234]-ssl) mode.
+       ([249]-ssl) mode.
      * New options to control the Monitor power state and keyboard/mouse
-       grabbing: [235]-forcedpms, [236]-clientdpms, [237]-noserverdpms,
-       and [238]-grabalways.
+       grabbing: [250]-forcedpms, [251]-clientdpms, [252]-noserverdpms,
+       and [253]-grabalways.
      * A simple way to emulate inetd(8) to some degree via the
-       "[239]-loopbg" option.
-     * Monitor the accuracy of XDAMAGE and apply "[240]-noxdamage" if it
-       is not working well. OpenGL applications like like [241]beryl and
+       "[254]-loopbg" option.
+     * Monitor the accuracy of XDAMAGE and apply "[255]-noxdamage" if it
+       is not working well. OpenGL applications like like [256]beryl and
        MythTv have been shown to make XDAMAGE not work properly.
      * For Java SSL connections involving a router/firewall port
-       redirection, an option [242]-httpsredir to spare the user from
+       redirection, an option [257]-httpsredir to spare the user from
        needing to include &PORT=NNN in the browser URL.
 
 
    Here are some features that appeared in the 0.8.4 release (Feb/2007):
-     * Native [243]Mac OS X Aqua/Quartz support. (i.e. OSXvnc
+     * Native [258]Mac OS X Aqua/Quartz support. (i.e. OSXvnc
        alternative; some activities are faster)
-     * A [244]new login mode: "-display WAIT:cmd=FINDCREATEDISPLAY
+     * A [259]new login mode: "-display WAIT:cmd=FINDCREATEDISPLAY
        -unixpw ..." that will Create a new X session (either virtual or
        real and with or without a display manager, e.g. kdm) for the user
        if it cannot find the user's X session display via the FINDDISPLAY
-       method. See the [245]-svc and the [246]-xdmsvc aliases.
-     * x11vnc can act as a VNC [247]reflector/repeater using the
-       "[248]-reflect host:N" option. Instead of polling an X display,
+       method. See the [260]-svc and the [261]-xdmsvc aliases.
+     * x11vnc can act as a VNC [262]reflector/repeater using the
+       "[263]-reflect host:N" option. Instead of polling an X display,
        the remote VNC Server host:N is connected to and re-exported via
        VNC. This is intended for use in broadcasting a display to many
        (e.g. > 16; classroom or large demo) VNC viewers where bandwidth
@@ -1272,16 +1313,16 @@ LAY
        number of repeaters.
      * Wireframe copyrect detection for local user activity (e.g. someone
        sitting at the physical display moving windows) Use
-       [249]-nowireframelocal to disable.
-     * The "[250]-N" option couples the VNC Display number to the X
+       [264]-nowireframelocal to disable.
+     * The "[265]-N" option couples the VNC Display number to the X
        Display number. E.g. if your X DISPLAY is :2 then the VNC display
        will be :2 (i.e. using port 5902.) If that port is taken x11vnc
        will exit.
-     * Option [251]-nodpms to avoid problems with programs like KDE's
+     * Option [266]-nodpms to avoid problems with programs like KDE's
        kdesktop_lock that keep restarting the screen saver every few
        seconds.
      * To automatically fix the common mouse motion problem on XINERAMA
-       (multi-headed) displays, the [252]-xwarppointer option is enabled
+       (multi-headed) displays, the [267]-xwarppointer option is enabled
        by default when XINERAMA is active.
 
    If you have a Mac please try out the native Mac OS X support, build
@@ -1291,62 +1332,62 @@ LAY
 
 
    Here are some features that appeared in the 0.8.3 release (Nov/2006):
-     * The [253]-ssl option provides SSL encryption and authentication
-       natively via the [254]www.openssl.org library. One can use from a
+     * The [268]-ssl option provides SSL encryption and authentication
+       natively via the [269]www.openssl.org library. One can use from a
        simple self-signed certificate server certificate up to full CA
        and client certificate authentication schemes.
-     * Similar to -ssl, the [255]-stunnel option starts up a SSL tunnel
+     * Similar to -ssl, the [270]-stunnel option starts up a SSL tunnel
        server stunnel (that must be installed separately on the system:
-       [256]stunnel.mirt.net ) to allow only encrypted SSL connections
+       [271]stunnel.mirt.net ) to allow only encrypted SSL connections
        from the network.
-     * The [257]-sslverify option allows for authenticating VNC clients
+     * The [272]-sslverify option allows for authenticating VNC clients
        via their certificates in either -ssl or -stunnel modes.
      * Certificate creation and management tools are provide in the
-       [258]-sslGenCert, [259]-sslGenCA, and [260]related options.
+       [273]-sslGenCert, [274]-sslGenCA, and [275]related options.
      * An SSL enabled Java applet VNC Viewer applet is provided by x11vnc
        in classes/ssl/VncViewer.jar. In addition to normal HTTP, the
        applet may be loaded into the web browser via HTTPS (HTTP over
        SSL.) (one can use the VNC port, e.g. https://host:5900/, or also
-       the separate [261]-https port option.) A wrapper shell script
-       [262]ss_vncviewer is also provided that sets up a stunnel
-       client-side tunnel on Unix systems. See [263]Enhanced TightVNC
+       the separate [276]-https port option.) A wrapper shell script
+       [277]ss_vncviewer is also provided that sets up a stunnel
+       client-side tunnel on Unix systems. See [278]Enhanced TightVNC
        Viewer (SSVNC) for other SSL/SSH viewer possibilities.
-     * The [264]-unixpw option supports Unix username and password
-       authentication (a simpler variant is the [265]-unixpw_nis option
+     * The [279]-unixpw option supports Unix username and password
+       authentication (a simpler variant is the [280]-unixpw_nis option
        that works in environments where the encrypted passwords are
-       readable, e.g. NIS.) The [266]-ssl or [267]-localhost +
-       [268]-stunnel options are enforced in this mode to prevent
+       readable, e.g. NIS.) The [281]-ssl or [282]-localhost +
+       [283]-stunnel options are enforced in this mode to prevent
        password sniffing. As a convenience, these requirements are lifted
        if a SSH tunnel can be deduced (but -localhost still applies.)
-     * Coupling [269]-unixpw with "[270]-display WAIT:cmd=FINDDISPLAY" or
+     * Coupling [284]-unixpw with "[285]-display WAIT:cmd=FINDDISPLAY" or
        "-display WAIT:cmd=FINDCREATEDISPLAY" provides a way to allow a
        user to login with their UNIX password and have their display
-       connected to [271]automatically. See the [272]-svc and the
-       [273]-xdmsvc aliases.
-     * Hooks are provided in the [274]-unixpw_cmd and "[275]-passwdfile
+       connected to [286]automatically. See the [287]-svc and the
+       [288]-xdmsvc aliases.
+     * Hooks are provided in the [289]-unixpw_cmd and "[290]-passwdfile
        cmd:,custom:..." options to allow you to supply your own
        authentication and password lookup programs.
      * x11vnc can be configured and built to not depend on X11 libraries
-       "./configure --without-x" for [276]-rawfb only operation (e.g.
+       "./configure --without-x" for [291]-rawfb only operation (e.g.
        embedded linux console devices.)
-     * The [277]-rotate option enables you to rotate or reflect the
+     * The [292]-rotate option enables you to rotate or reflect the
        screen before exporting via VNC. This is intended for use on
        handhelds and other devices where the rotation orientation is not
        "natural".
-     * The "[278]-ultrafilexfer" alias is provided and improved UltraVNC
+     * The "[293]-ultrafilexfer" alias is provided and improved UltraVNC
        filetransfer rates have been achieved.
-     * Under the "[279]-connect_or_exit host" option x11vnc will exit
+     * Under the "[294]-connect_or_exit host" option x11vnc will exit
        immediately unless the reverse connection to host succeeds. The
        "-rfbport 0" option disables TCP listening for connections (useful
        for this mode.)
-     * The "[280]-rawfb rand" and "-rawfb none" options are useful for
+     * The "[295]-rawfb rand" and "-rawfb none" options are useful for
        testing automation scripts, etc., without requiring a full
        desktop.
-     * Reduced spewing of information at startup, use "[281]-verbose"
+     * Reduced spewing of information at startup, use "[296]-verbose"
        (also "-v") to turn it back on for debugging or if you are going
        to send me a problem report.
 
-   Here are some [282]Previous Release Notes
+   Here are some [297]Previous Release Notes
      _________________________________________________________________
 
     Some Notes:
@@ -1373,13 +1414,13 @@ LAY
    protocol.) I suggest using xsetroot, dtstyle or similar utility to set
    a solid background while using x11vnc. You can turn the pretty
    background image back on when you are using the display directly.
-   Update: As of Feb/2005 x11vnc has the [283]-solid [color] option that
+   Update: As of Feb/2005 x11vnc has the [298]-solid [color] option that
    works on recent GNOME, KDE, and CDE and also on classic X (background
    image is on the root window.) Update: As of Oct/2007 x11vnc has the
-   [284]-ncache option that does a reasonable job caching the background
+   [299]-ncache option that does a reasonable job caching the background
    (and other) pixmap data on the viewer side.
 
-   I also find the [285]TightVNC encoding gives the best response for my
+   I also find the [300]TightVNC encoding gives the best response for my
    usage (Unix <-> Unix over cable modem.) One needs a tightvnc-aware
    vncviewer to take advantage of this encoding.
 
@@ -1391,17 +1432,17 @@ LAY
    is X11's default listening port.) Had port 5900 been taken by some
    other application, x11vnc would have next tried 5901. That would mean
    the viewer command above should be changed to vncviewer
-   far-away.east:1. You can force the port with the "[286]-rfbport NNNN"
+   far-away.east:1. You can force the port with the "[301]-rfbport NNNN"
    option where NNNN is the desired port number. If that port is already
-   taken, x11vnc will exit immediately. The "[287]-N" option will try to
+   taken, x11vnc will exit immediately. The "[302]-N" option will try to
    match the VNC display number to the X display.   (also see the "SunRay
    Gotcha" note below)
 
    Options:   x11vnc has (far too) many features that may be activated
-   via its [288]command line options. Useful options are, e.g., -scale to
+   via its [303]command line options. Useful options are, e.g., -scale to
    do server-side scaling, and -rfbauth passwd-file to use VNC password
    protection (the vncpasswd or storepasswd programs, or the x11vnc
-   [289]-storepasswd option can be used to create the password file.)
+   [304]-storepasswd option can be used to create the password file.)
 
    Algorithm:   How does x11vnc do it? Rather brute-forcedly: it
    continuously polls the X11 framebuffer for changes using
@@ -1429,7 +1470,7 @@ LAY
    first testing out the programs. You get an interesting
    recursive/feedback effect where vncviewer images keep popping up each
    one contained in the previous one and slightly shifted a bit by the
-   window manager decorations. There will be an [290]even more
+   window manager decorations. There will be an [305]even more
    interesting effect if -scale is used. Also, if the XKEYBOARD is
    supported and the XBell "beeps" once, you get an infinite loop of
    beeps going off. Although all of this is mildly exciting it is not
@@ -1439,8 +1480,8 @@ LAY
 
     Sun Ray Notes:
 
-   You can run x11vnc on your (connected or disconnected) [291]SunRay
-   session. Here are some [292]notes on SunRay usage with x11vnc.
+   You can run x11vnc on your (connected or disconnected) [306]SunRay
+   session. Here are some [307]notes on SunRay usage with x11vnc.
 
      _________________________________________________________________
 
@@ -1452,7 +1493,7 @@ LAY
        than you normally do to minimize the effects (e.g. do fullpage
        paging rather than line-by-line scrolling, and move windows in a
        single, quick motion.) Recent work has provided the
-       [293]-scrollcopyrect and [294]-wireframe speedups using the
+       [308]-scrollcopyrect and [309]-wireframe speedups using the
        CopyRect VNC encoding and other things, but they only speed up
        some activities, not all.
      * A rate limiting factor for x11vnc performance is that graphics
@@ -1511,18 +1552,19 @@ LAY
        but we mention it because it may be of use for special purpose
        applications. You may need to use the "-cc 4" option to force Xvfb
        to use a TrueColor visual instead of DirectColor. See also the
-       description of the [295]-create option that does all of this
-       automatically for you.
+       description of the [310]-create option that does all of this
+       automatically for you (be sure to install the Xvfb package, e.g.
+       apt-get install xvfb.)
        Also, a faster and more accurate way is to use the "dummy"
        Xorg/XFree86 device driver (or our Xdummy wrapper script.) See
-       [296]this FAQ for details.
+       [311]this FAQ for details.
      * Somewhat surprisingly, the X11 mouse (cursor) shape is write-only
        and cannot be queried from the X server. So traditionally in
        x11vnc the cursor shape stays fixed at an arrow. (see the "-cursor
-       X" and "-cursor some" [297]options, however, for a partial hack
+       X" and "-cursor some" [312]options, however, for a partial hack
        for the root window, etc.) However, on Solaris using the SUN_OVL
        overlay extension, x11vnc can show the correct mouse cursor when
-       the [298]-overlay option is also supplied. A similar thing is done
+       the [313]-overlay option is also supplied. A similar thing is done
        on IRIX as well when -overlay is supplied.
        More generally, as of Dec/2004 x11vnc supports the new XFIXES
        extension (in Xorg and Solaris 10) to query the X server for the
@@ -1530,18 +1572,18 @@ LAY
        with transparency (alpha channel) need to approximated to solid
        RGB values (some cursors look worse than others.)
      * Audio from applications is of course not redirected (separate
-       redirectors do exist, e.g. esd, see [299]the FAQ on this below.)
+       redirectors do exist, e.g. esd, see [314]the FAQ on this below.)
        The XBell() "beeps" will work if the X server supports the
        XKEYBOARD extension. (Note that on Solaris XKEYBOARD is disabled
        by default. Passing +kb to Xsun enables it.)
-     * The scroll detection algorithm for the [300]-scrollcopyrect option
+     * The scroll detection algorithm for the [315]-scrollcopyrect option
        can give choppy or bunched up transient output and occasionally
        painting errors.
      * Using -threads can expose some bugs/crashes in libvncserver.
 
-   Please feel free to [301]contact me if you have any questions,
+   Please feel free to [316]contact me if you have any questions,
    problems, or comments about x11vnc, etc.
-   Also, some people ask if they can make a donation, see [302]this link
+   Also, some people ask if they can make a donation, see [317]this link
    for that.
 
 References
@@ -1591,263 +1633,278 @@ References
   43. http://www.karlrunge.com/x11vnc/faq.html#faq-xperms
   44. http://www.karlrunge.com/x11vnc/faq.html#faq-xperms
   45. http://www.karlrunge.com/x11vnc/x11vnc_opts.html#opt-find
-  46. http://www.karlrunge.com/x11vnc/faq.html#faq-viewer-download
-  47. http://www.sun.com/software/solaris/freeware/
-  48. http://www.karlrunge.com/x11vnc/x11vnc_opts.html#opt-forever
-  49. http://www.karlrunge.com/x11vnc/index.html#firewalls
-  50. http://www.karlrunge.com/x11vnc/index.html#tunnelling
-  51. http://www.karlrunge.com/x11vnc/x11vnc_opts.html#opt-forever
-  52. http://www.karlrunge.com/x11vnc/faq.html#faq-service
-  53. http://www.karlrunge.com/x11vnc/faq.html#faq-passwd
-  54. http://www.karlrunge.com/x11vnc/index.html#vnc_password_file
-  55. http://www.karlrunge.com/x11vnc/ssvnc.html#download
-  56. http://downloads.sourceforge.net/ssvnc/ssvnc_no_windows-1.0.23.tar.gz?use_mirror
-  57. http://www.karlrunge.com/x11vnc/index.html#tunnelling
-  58. http://www.karlrunge.com/x11vnc/ssvnc.html#tsvnc
-  59. http://www.karlrunge.com/x11vnc/x11vnc_opts.html#opt-connect
-  60. http://www.karlrunge.com/x11vnc/index.html#vnc_password_file
-  61. http://www.karlrunge.com/x11vnc/faq.html#faq-inetd
-  62. http://www.karlrunge.com/x11vnc/index.html#tightvnc_via
-  63. http://www.karlrunge.com/x11vnc/ssvnc.html
-  64. http://www.karlrunge.com/x11vnc/ssvnc.html#tsvnc
-  65. http://www.karlrunge.com/x11vnc/x11vnc_opts.html#opt-connect
-  66. http://www.karlrunge.com/x11vnc/chainingssh.html
-  67. http://www.karlrunge.com/x11vnc/ssvnc.html
-  68. http://www.portforward.com/routers.htm
-  69. http://www.whatismyip.com/
-  70. http://www.karlrunge.com/x11vnc/ssvnc.html
-  71. http://www.karlrunge.com/x11vnc/index.html#ssl-tunnel
-  72. http://www.whatismyip.com/
-  73. http://www.karlrunge.com/x11vnc/x11vnc_opts.html#opt-bg
-  74. http://www.karlrunge.com/x11vnc/x11vnc_opts.html#opt-connect
-  75. http://www.karlrunge.com/x11vnc/faq.html#faq-inetd
-  76. http://www.karlrunge.com/x11vnc/x11vnc_opts.html#opt-rfbauth
-  77. http://www.karlrunge.com/x11vnc/faq.html#faq-passwd
-  78. http://www.karlrunge.com/x11vnc/faq.html#faq-passwdfile
-  79. http://www.karlrunge.com/x11vnc/x11vnc_opts.html#opt-passwdfile
-  80. http://www.karlrunge.com/x11vnc/x11vnc_opts.html#opt-usepw
-  81. http://www.karlrunge.com/x11vnc/x11vnc_opts.html#opt-ssl
-  82. http://www.karlrunge.com/x11vnc/ssvnc.html
-  83. http://www.karlrunge.com/x11vnc/faq.html#faq-allow-opt
-  84. http://www.karlrunge.com/x11vnc/faq.html#faq-tcp_wrappers
-  85. http://stunnel.mirt.net/
-  86. http://www.stunnel.org/
-  87. http://www.karlrunge.com/x11vnc/x11vnc_opts.html#opt-ssl
-  88. http://www.karlrunge.com/x11vnc/faq.html#faq-ssl-tunnel-int
-  89. http://www.karlrunge.com/x11vnc/ssvnc.html
-  90. http://sourceforge.net/projects/libvncserver/
-  91. http://sourceforge.net/projects/libvncserver/files/x11vnc/0.9.9/
-  92. http://sourceforge.net/projects/libvncserver/files/x11vnc/0.9.9/release-notes-0.9.9.txt/view
-  93. http://x11vnc.sourceforge.net/dev/x11vnc-0.9.10.tar.gz
-  94. http://www.karlrunge.com/x11vnc/faq.html#faq-binaries
-  95. http://www.tightvnc.com/download.html
-  96. http://www.realvnc.com/products/free/4.1/download.html
-  97. http://sourceforge.net/projects/cotvnc/
-  98. http://www.ultravnc.com/
-  99. http://www.karlrunge.com/x11vnc/ssvnc.html
- 100. http://www.karlrunge.com/x11vnc/rx11vnc
- 101. http://www.karlrunge.com/x11vnc/rx11vnc.pl
- 102. http://www.karlrunge.com/x11vnc/faq.html#faq-build
- 103. http://www.sunfreeware.com/
- 104. http://www.karlrunge.com/x11vnc/bins
- 105. http://www.karlrunge.com/x11vnc/index.html#solarisbuilding
- 106. http://www.karlrunge.com/x11vnc/miscbuild.html
- 107. ftp://ftp.uu.net/graphics/jpeg/
- 108. http://www.gzip.org/zlib/
- 109. http://www.sunfreeware.com/
- 110. http://www.karlrunge.com/x11vnc/index.html#build-openssl
- 111. http://www.karlrunge.com/x11vnc/faq.html#faq-solaris251build
- 112. http://www.karlrunge.com/x11vnc/faq.html#faq-macosx
- 113. http://www.karlrunge.com/x11vnc/faq.html#faq-ssl-tunnel-int
- 114. http://x11vnc.sourceforge.net/dev/x11vnc-0.9.10.tar.gz
- 115. http://www.karlrunge.com/x11vnc/bins
- 116. mailto:xvml@karlrunge.com
- 117. http://www.karlrunge.com/x11vnc/faq.html#faq-ssl-tunnel-int
- 118. http://www.karlrunge.com/x11vnc/faq.html#infaq_ss_vncviewer
- 119. http://www.karlrunge.com/x11vnc/faq.html#faq-ssl-tunnel-ext
- 120. http://www.karlrunge.com/x11vnc/ssvnc.html
- 121. http://www.karlrunge.com/x11vnc/x11vnc_opts.html#opt-enc
- 122. http://www.karlrunge.com/x11vnc/Xdummy
- 123. http://www.karlrunge.com/x11vnc/x11vnc_opts.html#opt-unixpw_system_greeter
- 124. http://www.karlrunge.com/x11vnc/x11vnc_opts.html#opt-xdmsvc
- 125. http://www.karlrunge.com/x11vnc/x11vnc_opts.html#opt-extra_fbur
- 126. http://www.karlrunge.com/x11vnc/x11vnc_opts.html#opt-defer
- 127. http://www.karlrunge.com/x11vnc/x11vnc_opts.html#opt-wait
- 128. http://www.karlrunge.com/x11vnc/x11vnc_opts.html#opt-nonap
- 129. http://www.karlrunge.com/x11vnc/x11vnc_opts.html#opt-allinput
- 130. http://www.karlrunge.com/x11vnc/x11vnc_opts.html#opt-findauth
- 131. http://www.karlrunge.com/x11vnc/x11vnc_opts.html#opt-auth
- 132. http://www.karlrunge.com/x11vnc/x11vnc_opts.html#opt-display_WAIT
- 133. http://www.karlrunge.com/x11vnc/x11vnc_opts.html#opt-find
- 134. http://www.karlrunge.com/x11vnc/x11vnc_opts.html#opt-create
- 135. http://www.karlrunge.com/x11vnc/x11vnc_opts.html#opt-unixpw_cmd
- 136. http://www.karlrunge.com/x11vnc/x11vnc_opts.html#opt-unixpw_nis
- 137. http://www.karlrunge.com/x11vnc/x11vnc_opts.html#opt-stunnel
- 138. http://www.karlrunge.com/x11vnc/x11vnc_opts.html#opt-ssl
- 139. http://www.karlrunge.com/x11vnc/x11vnc_opts.html#opt-ssl
- 140. http://www.karlrunge.com/x11vnc/x11vnc_opts.html#opt-sslverify
- 141. http://www.karlrunge.com/x11vnc/x11vnc_opts.html#opt-sslCRL
- 142. http://www.karlrunge.com/x11vnc/x11vnc_opts.html#opt-stunnel
- 143. http://www.karlrunge.com/x11vnc/x11vnc_opts.html#opt-appshare
- 144. http://www.karlrunge.com/x11vnc/x11vnc_opts.html#opt-remote
- 145. http://www.karlrunge.com/x11vnc/x11vnc_opts.html#opt-gui
- 146. http://ubuntuforums.org/showthread.php?t=1223490
- 147. http://www.karlrunge.com/x11vnc/x11vnc_opts.html#opt-threads
- 148. http://www.karlrunge.com/x11vnc/x11vnc_opts.html#opt-reflect
- 149. http://bugs.freedesktop.org/show_bug.cgi?id=21454
- 150. http://www.karlrunge.com/x11vnc/x11vnc_opts.html#opt-repeat
- 151. http://www.karlrunge.com/x11vnc/x11vnc_opts.html#opt-clip
- 152. http://www.karlrunge.com/x11vnc/x11vnc_opts.html#opt-rawfb
- 153. http://www.karlrunge.com/x11vnc/x11vnc_opts.html#opt-rawfb
- 154. http://www.virtualgl.org/
- 155. http://www.karlrunge.com/x11vnc/faq.html#faq-turbovnc
- 156. http://www.karlrunge.com/x11vnc/x11vnc_opts.html#opt-ncache_cr
- 157. http://www.karlrunge.com/x11vnc/x11vnc_opts.html#opt-ncache
- 158. http://www.karlrunge.com/x11vnc/x11vnc_opts.html#opt-rmflag
- 159. http://sourceforge.net/projects/vencrypt/
- 160. http://www.karlrunge.com/x11vnc/x11vnc_opts.html#opt-ssl
- 161. http://www.karlrunge.com/x11vnc/ssvnc.html
- 162. http://www.karlrunge.com/x11vnc/x11vnc_opts.html#opt-unixpw
- 163. http://www.karlrunge.com/x11vnc/x11vnc_opts.html#opt-vencrypt
- 164. http://www.karlrunge.com/x11vnc/x11vnc_opts.html#opt-anontls
- 165. http://www.karlrunge.com/x11vnc/x11vnc_opts.html#opt-sslonly
- 166. http://www.karlrunge.com/x11vnc/x11vnc_opts.html#opt-ssl
- 167. http://www.karlrunge.com/x11vnc/x11vnc_opts.html#opt-vencrypt
- 168. http://www.karlrunge.com/x11vnc/x11vnc_opts.html#opt-anontls
- 169. http://www.karlrunge.com/x11vnc/x11vnc_opts.html#opt-sslCRL
- 170. http://www.karlrunge.com/x11vnc/x11vnc_opts.html#opt-sslGenCA
- 171. http://www.karlrunge.com/x11vnc/x11vnc_opts.html#opt-sslGenCert
- 172. http://www.karlrunge.com/x11vnc/x11vnc_opts.html#opt-ssl
- 173. http://www.karlrunge.com/x11vnc/x11vnc_opts.html#opt-http_oneport
- 174. http://www.karlrunge.com/x11vnc/x11vnc_opts.html#opt-httpsredir
+  46. http://www.karlrunge.com/x11vnc/x11vnc_opts.html#opt-findauth
+  47. http://www.karlrunge.com/x11vnc/x11vnc_opts.html#opt-auth
+  48. http://www.karlrunge.com/x11vnc/faq.html#faq-viewer-download
+  49. http://www.sun.com/software/solaris/freeware/
+  50. http://www.karlrunge.com/x11vnc/x11vnc_opts.html#opt-forever
+  51. http://www.karlrunge.com/x11vnc/index.html#firewalls
+  52. http://www.karlrunge.com/x11vnc/index.html#tunnelling
+  53. http://www.karlrunge.com/x11vnc/x11vnc_opts.html#opt-forever
+  54. http://www.karlrunge.com/x11vnc/faq.html#faq-service
+  55. http://www.karlrunge.com/x11vnc/faq.html#faq-passwd
+  56. http://www.karlrunge.com/x11vnc/index.html#vnc_password_file
+  57. http://www.karlrunge.com/x11vnc/ssvnc.html#download
+  58. http://downloads.sourceforge.net/ssvnc/ssvnc_no_windows-1.0.23.tar.gz?use_mirror
+  59. http://www.karlrunge.com/x11vnc/index.html#tunnelling
+  60. http://www.karlrunge.com/x11vnc/ssvnc.html#tsvnc
+  61. http://www.karlrunge.com/x11vnc/x11vnc_opts.html#opt-connect
+  62. http://www.karlrunge.com/x11vnc/index.html#vnc_password_file
+  63. http://www.karlrunge.com/x11vnc/faq.html#faq-inetd
+  64. http://www.karlrunge.com/x11vnc/index.html#tightvnc_via
+  65. http://www.karlrunge.com/x11vnc/ssvnc.html
+  66. http://www.karlrunge.com/x11vnc/ssvnc.html#tsvnc
+  67. http://www.karlrunge.com/x11vnc/x11vnc_opts.html#opt-connect
+  68. http://www.karlrunge.com/x11vnc/chainingssh.html
+  69. http://www.karlrunge.com/x11vnc/ssvnc.html
+  70. http://www.portforward.com/routers.htm
+  71. http://www.whatismyip.com/
+  72. http://www.karlrunge.com/x11vnc/ssvnc.html
+  73. http://www.karlrunge.com/x11vnc/index.html#ssl-tunnel
+  74. http://www.whatismyip.com/
+  75. http://www.karlrunge.com/x11vnc/x11vnc_opts.html#opt-bg
+  76. http://www.karlrunge.com/x11vnc/x11vnc_opts.html#opt-connect
+  77. http://www.karlrunge.com/x11vnc/faq.html#faq-inetd
+  78. http://www.karlrunge.com/x11vnc/x11vnc_opts.html#opt-rfbauth
+  79. http://www.karlrunge.com/x11vnc/faq.html#faq-passwd
+  80. http://www.karlrunge.com/x11vnc/faq.html#faq-passwdfile
+  81. http://www.karlrunge.com/x11vnc/x11vnc_opts.html#opt-passwdfile
+  82. http://www.karlrunge.com/x11vnc/x11vnc_opts.html#opt-usepw
+  83. http://www.karlrunge.com/x11vnc/x11vnc_opts.html#opt-ssl
+  84. http://www.karlrunge.com/x11vnc/ssvnc.html
+  85. http://www.karlrunge.com/x11vnc/faq.html#faq-allow-opt
+  86. http://www.karlrunge.com/x11vnc/faq.html#faq-tcp_wrappers
+  87. http://stunnel.mirt.net/
+  88. http://www.stunnel.org/
+  89. http://www.karlrunge.com/x11vnc/x11vnc_opts.html#opt-ssl
+  90. http://www.karlrunge.com/x11vnc/faq.html#faq-ssl-tunnel-int
+  91. http://www.karlrunge.com/x11vnc/ssvnc.html
+  92. http://sourceforge.net/projects/libvncserver/
+  93. http://sourceforge.net/projects/libvncserver/files/x11vnc/0.9.9/
+  94. http://sourceforge.net/projects/libvncserver/files/x11vnc/0.9.9/release-notes-0.9.9.txt/view
+  95. http://x11vnc.sourceforge.net/dev/x11vnc-0.9.10-dev.tar.gz
+  96. http://www.karlrunge.com/x11vnc/faq.html#faq-binaries
+  97. http://www.tightvnc.com/download.html
+  98. http://www.realvnc.com/products/free/4.1/download.html
+  99. http://sourceforge.net/projects/cotvnc/
+ 100. http://www.ultravnc.com/
+ 101. http://www.karlrunge.com/x11vnc/ssvnc.html
+ 102. http://www.karlrunge.com/x11vnc/rx11vnc
+ 103. http://www.karlrunge.com/x11vnc/rx11vnc.pl
+ 104. http://www.karlrunge.com/x11vnc/faq.html#faq-build
+ 105. http://www.karlrunge.com/x11vnc/faq.html#faq-build
+ 106. http://www.sunfreeware.com/
+ 107. http://www.karlrunge.com/x11vnc/bins
+ 108. http://www.karlrunge.com/x11vnc/index.html#solarisbuilding
+ 109. http://www.karlrunge.com/x11vnc/miscbuild.html
+ 110. ftp://ftp.uu.net/graphics/jpeg/
+ 111. http://www.gzip.org/zlib/
+ 112. http://www.sunfreeware.com/
+ 113. http://www.karlrunge.com/x11vnc/index.html#build-openssl
+ 114. http://www.karlrunge.com/x11vnc/faq.html#faq-solaris251build
+ 115. http://www.karlrunge.com/x11vnc/faq.html#faq-macosx
+ 116. http://www.karlrunge.com/x11vnc/faq.html#faq-ssl-tunnel-int
+ 117. http://x11vnc.sourceforge.net/dev/x11vnc-0.9.10-dev.tar.gz
+ 118. http://www.karlrunge.com/x11vnc/bins
+ 119. mailto:xvml@karlrunge.com
+ 120. http://www.karlrunge.com/x11vnc/faq.html#faq-ssl-tunnel-int
+ 121. http://www.karlrunge.com/x11vnc/faq.html#infaq_ss_vncviewer
+ 122. http://www.karlrunge.com/x11vnc/faq.html#faq-ssl-tunnel-ext
+ 123. http://www.karlrunge.com/x11vnc/ssvnc.html
+ 124. http://www.karlrunge.com/x11vnc/x11vnc_opts.html#opt-enc
+ 125. http://www.karlrunge.com/x11vnc/x11vnc_opts.html#opt-ssl
+ 126. http://www.karlrunge.com/x11vnc/ssl.html#chained-certificates
+ 127. http://www.karlrunge.com/x11vnc/x11vnc_opts.html#opt-inetd
+ 128. http://www.karlrunge.com/x11vnc/x11vnc_opts.html#opt-https
+ 129. http://www.karlrunge.com/x11vnc/x11vnc_opts.html#opt-sslScripts
+ 130. http://www.karlrunge.com/x11vnc/desktop.cgi.pl
+ 131. http://www.karlrunge.com/x11vnc/faq.html#faq-xvfb
+ 132. http://www.karlrunge.com/x11vnc/faq.html#faq-web-login
+ 133. http://www.karlrunge.com/x11vnc/Xdummy
+ 134. http://www.karlrunge.com/x11vnc/x11vnc_opts.html#opt-unixpw
+ 135. http://www.karlrunge.com/x11vnc/inet6to4
+ 136. http://www.karlrunge.com/x11vnc/faq.html#faq-ipv6
+ 137. http://www.karlrunge.com/x11vnc/x11vnc_opts.html#opt-xrandr
+ 138. http://www.karlrunge.com/x11vnc/x11vnc_opts.html#opt-unixpw_system_greeter
+ 139. http://www.karlrunge.com/x11vnc/x11vnc_opts.html#opt-xdmsvc
+ 140. http://www.karlrunge.com/x11vnc/x11vnc_opts.html#opt-extra_fbur
+ 141. http://www.karlrunge.com/x11vnc/x11vnc_opts.html#opt-defer
+ 142. http://www.karlrunge.com/x11vnc/x11vnc_opts.html#opt-wait
+ 143. http://www.karlrunge.com/x11vnc/x11vnc_opts.html#opt-nonap
+ 144. http://www.karlrunge.com/x11vnc/x11vnc_opts.html#opt-allinput
+ 145. http://www.karlrunge.com/x11vnc/x11vnc_opts.html#opt-findauth
+ 146. http://www.karlrunge.com/x11vnc/x11vnc_opts.html#opt-auth
+ 147. http://www.karlrunge.com/x11vnc/x11vnc_opts.html#opt-display_WAIT
+ 148. http://www.karlrunge.com/x11vnc/x11vnc_opts.html#opt-find
+ 149. http://www.karlrunge.com/x11vnc/x11vnc_opts.html#opt-create
+ 150. http://www.karlrunge.com/x11vnc/x11vnc_opts.html#opt-unixpw_cmd
+ 151. http://www.karlrunge.com/x11vnc/x11vnc_opts.html#opt-unixpw_nis
+ 152. http://www.karlrunge.com/x11vnc/x11vnc_opts.html#opt-stunnel
+ 153. http://www.karlrunge.com/x11vnc/x11vnc_opts.html#opt-ssl
+ 154. http://www.karlrunge.com/x11vnc/x11vnc_opts.html#opt-ssl
+ 155. http://www.karlrunge.com/x11vnc/x11vnc_opts.html#opt-sslverify
+ 156. http://www.karlrunge.com/x11vnc/x11vnc_opts.html#opt-sslCRL
+ 157. http://www.karlrunge.com/x11vnc/x11vnc_opts.html#opt-stunnel
+ 158. http://www.karlrunge.com/x11vnc/x11vnc_opts.html#opt-appshare
+ 159. http://www.karlrunge.com/x11vnc/x11vnc_opts.html#opt-remote
+ 160. http://www.karlrunge.com/x11vnc/x11vnc_opts.html#opt-gui
+ 161. http://ubuntuforums.org/showthread.php?t=1223490
+ 162. http://www.karlrunge.com/x11vnc/x11vnc_opts.html#opt-threads
+ 163. http://www.karlrunge.com/x11vnc/x11vnc_opts.html#opt-reflect
+ 164. http://bugs.freedesktop.org/show_bug.cgi?id=21454
+ 165. http://www.karlrunge.com/x11vnc/x11vnc_opts.html#opt-repeat
+ 166. http://www.karlrunge.com/x11vnc/x11vnc_opts.html#opt-clip
+ 167. http://www.karlrunge.com/x11vnc/x11vnc_opts.html#opt-rawfb
+ 168. http://www.karlrunge.com/x11vnc/x11vnc_opts.html#opt-rawfb
+ 169. http://www.virtualgl.org/
+ 170. http://www.karlrunge.com/x11vnc/faq.html#faq-turbovnc
+ 171. http://www.karlrunge.com/x11vnc/x11vnc_opts.html#opt-ncache_cr
+ 172. http://www.karlrunge.com/x11vnc/x11vnc_opts.html#opt-ncache
+ 173. http://www.karlrunge.com/x11vnc/x11vnc_opts.html#opt-rmflag
+ 174. http://sourceforge.net/projects/vencrypt/
  175. http://www.karlrunge.com/x11vnc/x11vnc_opts.html#opt-ssl
- 176. http://www.karlrunge.com/x11vnc/x11vnc_opts.html#opt-avahi
- 177. http://www.karlrunge.com/x11vnc/x11vnc_opts.html#opt-zeroconf
- 178. http://www.karlrunge.com/x11vnc/x11vnc_opts.html#opt-rfbport
- 179. http://www.karlrunge.com/x11vnc/x11vnc.desktop
- 180. http://www.karlrunge.com/x11vnc/x11vnc_opts.html#opt-o
- 181. http://www.karlrunge.com/x11vnc/x11vnc_opts.html#opt-solid
- 182. http://www.karlrunge.com/x11vnc/x11vnc_opts.html#opt-reopen
- 183. http://www.karlrunge.com/x11vnc/faq.html#infaq_gdm
- 184. http://www.karlrunge.com/x11vnc/x11vnc_opts.html#opt-enc
- 185. http://www.karlrunge.com/x11vnc/ssvnc.html
- 186. http://www.karlrunge.com/x11vnc/x11vnc_opts.html#opt-scale
- 187. http://www.karlrunge.com/x11vnc/x11vnc_opts.html#opt-geometry
- 188. http://www.karlrunge.com/x11vnc/x11vnc_opts.html#opt-chatwindow
- 189. http://www.karlrunge.com/x11vnc/x11vnc_opts.html#opt-find
- 190. http://www.karlrunge.com/x11vnc/x11vnc_opts.html#opt-create
- 191. http://www.karlrunge.com/x11vnc/ssvnc.html
- 192. http://www.karlrunge.com/x11vnc/faq.html#faq-reverse-connect
- 193. http://www.karlrunge.com/x11vnc/x11vnc_opts.html#opt-find
- 194. http://www.karlrunge.com/x11vnc/x11vnc_opts.html#opt-create
- 195. http://www.karlrunge.com/x11vnc/faq.html#infaq_findcreatedisplay
- 196. http://www.karlrunge.com/x11vnc/x11vnc_opts.html#opt-proxy
- 197. http://www.karlrunge.com/x11vnc/x11vnc_opts.html#opt-ssh
- 198. http://www.uvnc.com/addons/repeater.html
- 199. http://www.karlrunge.com/x11vnc/faq.html#faq-reverse-connect
- 200. http://www.karlrunge.com/x11vnc/x11vnc_opts.html#opt-connect
- 201. http://www.karlrunge.com/x11vnc/ssvnc.html
- 202. http://www.karlrunge.com/x11vnc/ultravnc_repeater.pl
- 203. http://www.karlrunge.com/x11vnc/x11vnc_opts.html#opt-advertise_truecolor
- 204. http://www.karlrunge.com/x11vnc/x11vnc_opts.html#opt-finddpy
- 205. http://www.karlrunge.com/x11vnc/x11vnc_opts.html#opt-listdpy
- 206. http://www.karlrunge.com/x11vnc/x11vnc_opts.html#opt-find
- 207. http://www.karlrunge.com/x11vnc/x11vnc_opts.html#opt-create
- 208. http://www.karlrunge.com/x11vnc/faq.html#infaq_findcreatedisplay
- 209. http://www.karlrunge.com/x11vnc/faq.html#faq-xrandr
- 210. http://www.karlrunge.com/x11vnc/x11vnc_opts.html#opt-autoport
- 211. http://www.karlrunge.com/x11vnc/x11vnc_opts.html#opt-ping
- 212. http://www.karlrunge.com/x11vnc/x11vnc_opts.html#opt-clear_all
- 213. http://www.karlrunge.com/x11vnc/x11vnc_opts.html#opt-xkb
- 214. http://www.karlrunge.com/x11vnc/faq.html#faq-ssl-tunnel-viewers
- 215. http://www.karlrunge.com/x11vnc/faq.html#faq-client-caching
+ 176. http://www.karlrunge.com/x11vnc/ssvnc.html
+ 177. http://www.karlrunge.com/x11vnc/x11vnc_opts.html#opt-unixpw
+ 178. http://www.karlrunge.com/x11vnc/x11vnc_opts.html#opt-vencrypt
+ 179. http://www.karlrunge.com/x11vnc/x11vnc_opts.html#opt-anontls
+ 180. http://www.karlrunge.com/x11vnc/x11vnc_opts.html#opt-sslonly
+ 181. http://www.karlrunge.com/x11vnc/x11vnc_opts.html#opt-ssl
+ 182. http://www.karlrunge.com/x11vnc/x11vnc_opts.html#opt-vencrypt
+ 183. http://www.karlrunge.com/x11vnc/x11vnc_opts.html#opt-anontls
+ 184. http://www.karlrunge.com/x11vnc/x11vnc_opts.html#opt-sslCRL
+ 185. http://www.karlrunge.com/x11vnc/x11vnc_opts.html#opt-sslGenCA
+ 186. http://www.karlrunge.com/x11vnc/x11vnc_opts.html#opt-sslGenCert
+ 187. http://www.karlrunge.com/x11vnc/x11vnc_opts.html#opt-ssl
+ 188. http://www.karlrunge.com/x11vnc/x11vnc_opts.html#opt-http_oneport
+ 189. http://www.karlrunge.com/x11vnc/x11vnc_opts.html#opt-httpsredir
+ 190. http://www.karlrunge.com/x11vnc/x11vnc_opts.html#opt-ssl
+ 191. http://www.karlrunge.com/x11vnc/x11vnc_opts.html#opt-avahi
+ 192. http://www.karlrunge.com/x11vnc/x11vnc_opts.html#opt-zeroconf
+ 193. http://www.karlrunge.com/x11vnc/x11vnc_opts.html#opt-rfbport
+ 194. http://www.karlrunge.com/x11vnc/x11vnc.desktop
+ 195. http://www.karlrunge.com/x11vnc/x11vnc_opts.html#opt-o
+ 196. http://www.karlrunge.com/x11vnc/x11vnc_opts.html#opt-solid
+ 197. http://www.karlrunge.com/x11vnc/x11vnc_opts.html#opt-reopen
+ 198. http://www.karlrunge.com/x11vnc/faq.html#infaq_gdm
+ 199. http://www.karlrunge.com/x11vnc/x11vnc_opts.html#opt-enc
+ 200. http://www.karlrunge.com/x11vnc/ssvnc.html
+ 201. http://www.karlrunge.com/x11vnc/x11vnc_opts.html#opt-scale
+ 202. http://www.karlrunge.com/x11vnc/x11vnc_opts.html#opt-geometry
+ 203. http://www.karlrunge.com/x11vnc/x11vnc_opts.html#opt-chatwindow
+ 204. http://www.karlrunge.com/x11vnc/x11vnc_opts.html#opt-find
+ 205. http://www.karlrunge.com/x11vnc/x11vnc_opts.html#opt-create
+ 206. http://www.karlrunge.com/x11vnc/ssvnc.html
+ 207. http://www.karlrunge.com/x11vnc/faq.html#faq-reverse-connect
+ 208. http://www.karlrunge.com/x11vnc/x11vnc_opts.html#opt-find
+ 209. http://www.karlrunge.com/x11vnc/x11vnc_opts.html#opt-create
+ 210. http://www.karlrunge.com/x11vnc/faq.html#infaq_findcreatedisplay
+ 211. http://www.karlrunge.com/x11vnc/x11vnc_opts.html#opt-proxy
+ 212. http://www.karlrunge.com/x11vnc/x11vnc_opts.html#opt-ssh
+ 213. http://www.uvnc.com/addons/repeater.html
+ 214. http://www.karlrunge.com/x11vnc/faq.html#faq-reverse-connect
+ 215. http://www.karlrunge.com/x11vnc/x11vnc_opts.html#opt-connect
  216. http://www.karlrunge.com/x11vnc/ssvnc.html
- 217. http://www.karlrunge.com/x11vnc/ssvnc.html#ycrop
- 218. http://www.karlrunge.com/x11vnc/x11vnc_opts.html#opt-unixpw
- 219. http://www.ultravnc.com/
- 220. http://www.karlrunge.com/x11vnc/x11vnc_opts.html#opt-users
- 221. http://www.karlrunge.com/x11vnc/x11vnc_opts.html#opt-create
+ 217. http://www.karlrunge.com/x11vnc/ultravnc_repeater.pl
+ 218. http://www.karlrunge.com/x11vnc/x11vnc_opts.html#opt-advertise_truecolor
+ 219. http://www.karlrunge.com/x11vnc/x11vnc_opts.html#opt-finddpy
+ 220. http://www.karlrunge.com/x11vnc/x11vnc_opts.html#opt-listdpy
+ 221. http://www.karlrunge.com/x11vnc/x11vnc_opts.html#opt-find
  222. http://www.karlrunge.com/x11vnc/x11vnc_opts.html#opt-create
- 223. http://www.karlrunge.com/x11vnc/x11vnc_opts.html#opt-create
- 224. http://www.karlrunge.com/x11vnc/faq.html#faq-avahi
- 225. http://www.avahi.org/
- 226. http://www.karlrunge.com/x11vnc/x11vnc_opts.html#opt-avahi
- 227. http://www.karlrunge.com/x11vnc/x11vnc_opts.html#opt-zeroconf
- 228. http://www.karlrunge.com/x11vnc/ssvnc.html
- 229. http://www.karlrunge.com/x11vnc/x11vnc_opts.html#opt-id
- 230. http://www.karlrunge.com/x11vnc/x11vnc_opts.html#opt-find
- 231. http://www.karlrunge.com/x11vnc/x11vnc_opts.html#opt-create
- 232. http://www.karlrunge.com/x11vnc/x11vnc_opts.html#opt-svc
- 233. http://www.karlrunge.com/x11vnc/x11vnc_opts.html#opt-xdmsvc
- 234. http://www.karlrunge.com/x11vnc/x11vnc_opts.html#opt-ssl
- 235. http://www.karlrunge.com/x11vnc/x11vnc_opts.html#opt-forcedpms
- 236. http://www.karlrunge.com/x11vnc/x11vnc_opts.html#opt-clientdpms
- 237. http://www.karlrunge.com/x11vnc/x11vnc_opts.html#opt-noserverdpms
- 238. http://www.karlrunge.com/x11vnc/x11vnc_opts.html#opt-grabalways
- 239. http://www.karlrunge.com/x11vnc/x11vnc_opts.html#opt-loop
- 240. http://www.karlrunge.com/x11vnc/x11vnc_opts.html#opt-noxdamage
- 241. http://www.karlrunge.com/x11vnc/faq.html#faq-beryl
- 242. http://www.karlrunge.com/x11vnc/x11vnc_opts.html#opt-httpsredir
- 243. http://www.karlrunge.com/x11vnc/faq.html#faq-macosx
- 244. http://www.karlrunge.com/x11vnc/faq.html#infaq_findcreatedisplay
- 245. http://www.karlrunge.com/x11vnc/x11vnc_opts.html#opt-svc
- 246. http://www.karlrunge.com/x11vnc/x11vnc_opts.html#opt-xdmsvc
- 247. http://www.karlrunge.com/x11vnc/faq.html#faq-reflect
- 248. http://www.karlrunge.com/x11vnc/x11vnc_opts.html#opt-reflect
- 249. http://www.karlrunge.com/x11vnc/x11vnc_opts.html#opt-nowireframelocal
- 250. http://www.karlrunge.com/x11vnc/x11vnc_opts.html#opt-N
- 251. http://www.karlrunge.com/x11vnc/x11vnc_opts.html#opt-nodpms
- 252. http://www.karlrunge.com/x11vnc/x11vnc_opts.html#opt-xwarppointer
- 253. http://www.karlrunge.com/x11vnc/x11vnc_opts.html#opt-ssl
- 254. http://www.openssl.org/
- 255. http://www.karlrunge.com/x11vnc/x11vnc_opts.html#opt-stunnel
- 256. http://stunnel.mirt.net/
- 257. http://www.karlrunge.com/x11vnc/x11vnc_opts.html#opt-sslverify
- 258. http://www.karlrunge.com/x11vnc/x11vnc_opts.html#opt-sslGenCert
- 259. http://www.karlrunge.com/x11vnc/x11vnc_opts.html#opt-sslGenCA
- 260. http://www.karlrunge.com/x11vnc/ssl.html
- 261. http://www.karlrunge.com/x11vnc/x11vnc_opts.html#opt-https
- 262. http://www.karlrunge.com/x11vnc/faq.html#infaq_ss_vncviewer
- 263. http://www.karlrunge.com/x11vnc/ssvnc.html
- 264. http://www.karlrunge.com/x11vnc/x11vnc_opts.html#opt-unixpw
- 265. http://www.karlrunge.com/x11vnc/x11vnc_opts.html#opt-unixpw_nis
- 266. http://www.karlrunge.com/x11vnc/x11vnc_opts.html#opt-ssl
- 267. http://www.karlrunge.com/x11vnc/x11vnc_opts.html#opt-localhost
- 268. http://www.karlrunge.com/x11vnc/x11vnc_opts.html#opt-stunnel
- 269. http://www.karlrunge.com/x11vnc/x11vnc_opts.html#opt-unixpw
- 270. http://www.karlrunge.com/x11vnc/x11vnc_opts.html#opt-display_WAIT
- 271. http://www.karlrunge.com/x11vnc/faq.html#faq-userlogin
- 272. http://www.karlrunge.com/x11vnc/x11vnc_opts.html#opt-svc
- 273. http://www.karlrunge.com/x11vnc/x11vnc_opts.html#opt-xdmsvc
- 274. http://www.karlrunge.com/x11vnc/x11vnc_opts.html#opt-unixpw_cmd
- 275. http://www.karlrunge.com/x11vnc/x11vnc_opts.html#opt-passwdfile
- 276. http://www.karlrunge.com/x11vnc/x11vnc_opts.html#opt-rawfb
- 277. http://www.karlrunge.com/x11vnc/x11vnc_opts.html#opt-rotate
- 278. http://www.karlrunge.com/x11vnc/x11vnc_opts.html#opt-ultrafilexfer
- 279. http://www.karlrunge.com/x11vnc/x11vnc_opts.html#opt-connect_or_exit
- 280. http://www.karlrunge.com/x11vnc/x11vnc_opts.html#opt-rawfb
- 281. http://www.karlrunge.com/x11vnc/x11vnc_opts.html#opt-v,
- 282. http://www.karlrunge.com/x11vnc/prevrels.html
- 283. http://www.karlrunge.com/x11vnc/x11vnc_opts.html#opt-solid
- 284. http://www.karlrunge.com/x11vnc/x11vnc_opts.html#opt-ncache
- 285. http://www.tightvnc.com/
- 286. http://www.karlrunge.com/x11vnc/x11vnc_opts.html#opt-rfbport
- 287. http://www.karlrunge.com/x11vnc/x11vnc_opts.html#opt-N
- 288. http://www.karlrunge.com/x11vnc/x11vnc_opts.html
- 289. http://www.karlrunge.com/x11vnc/faq.html#faq-passwd
- 290. http://www.karlrunge.com/x11vnc/recurse_x11vnc.jpg
- 291. http://www.sun.com/sunray/index.html
- 292. http://www.karlrunge.com/x11vnc/sunray.html
- 293. http://www.karlrunge.com/x11vnc/x11vnc_opts.html#opt-scrollcopyrect
- 294. http://www.karlrunge.com/x11vnc/x11vnc_opts.html#opt-wireframe
- 295. http://www.karlrunge.com/x11vnc/faq.html#infaq_findcreatedisplay
- 296. http://www.karlrunge.com/x11vnc/faq.html#faq-xvfb
- 297. http://www.karlrunge.com/x11vnc/x11vnc_opts.html#opt-cursor
- 298. http://www.karlrunge.com/x11vnc/x11vnc_opts.html#opt-overlay
- 299. http://www.karlrunge.com/x11vnc/faq.html#faq-sound
- 300. http://www.karlrunge.com/x11vnc/x11vnc_opts.html#opt-scrollcopyrect
- 301. mailto:xvml@karlrunge.com
- 302. http://www.karlrunge.com/x11vnc/faq.html#faq-thanks
+ 223. http://www.karlrunge.com/x11vnc/faq.html#infaq_findcreatedisplay
+ 224. http://www.karlrunge.com/x11vnc/faq.html#faq-xrandr
+ 225. http://www.karlrunge.com/x11vnc/x11vnc_opts.html#opt-autoport
+ 226. http://www.karlrunge.com/x11vnc/x11vnc_opts.html#opt-ping
+ 227. http://www.karlrunge.com/x11vnc/x11vnc_opts.html#opt-clear_all
+ 228. http://www.karlrunge.com/x11vnc/x11vnc_opts.html#opt-xkb
+ 229. http://www.karlrunge.com/x11vnc/faq.html#faq-ssl-tunnel-viewers
+ 230. http://www.karlrunge.com/x11vnc/faq.html#faq-client-caching
+ 231. http://www.karlrunge.com/x11vnc/ssvnc.html
+ 232. http://www.karlrunge.com/x11vnc/ssvnc.html#ycrop
+ 233. http://www.karlrunge.com/x11vnc/x11vnc_opts.html#opt-unixpw
+ 234. http://www.ultravnc.com/
+ 235. http://www.karlrunge.com/x11vnc/x11vnc_opts.html#opt-users
+ 236. http://www.karlrunge.com/x11vnc/x11vnc_opts.html#opt-create
+ 237. http://www.karlrunge.com/x11vnc/x11vnc_opts.html#opt-create
+ 238. http://www.karlrunge.com/x11vnc/x11vnc_opts.html#opt-create
+ 239. http://www.karlrunge.com/x11vnc/faq.html#faq-avahi
+ 240. http://www.avahi.org/
+ 241. http://www.karlrunge.com/x11vnc/x11vnc_opts.html#opt-avahi
+ 242. http://www.karlrunge.com/x11vnc/x11vnc_opts.html#opt-zeroconf
+ 243. http://www.karlrunge.com/x11vnc/ssvnc.html
+ 244. http://www.karlrunge.com/x11vnc/x11vnc_opts.html#opt-id
+ 245. http://www.karlrunge.com/x11vnc/x11vnc_opts.html#opt-find
+ 246. http://www.karlrunge.com/x11vnc/x11vnc_opts.html#opt-create
+ 247. http://www.karlrunge.com/x11vnc/x11vnc_opts.html#opt-svc
+ 248. http://www.karlrunge.com/x11vnc/x11vnc_opts.html#opt-xdmsvc
+ 249. http://www.karlrunge.com/x11vnc/x11vnc_opts.html#opt-ssl
+ 250. http://www.karlrunge.com/x11vnc/x11vnc_opts.html#opt-forcedpms
+ 251. http://www.karlrunge.com/x11vnc/x11vnc_opts.html#opt-clientdpms
+ 252. http://www.karlrunge.com/x11vnc/x11vnc_opts.html#opt-noserverdpms
+ 253. http://www.karlrunge.com/x11vnc/x11vnc_opts.html#opt-grabalways
+ 254. http://www.karlrunge.com/x11vnc/x11vnc_opts.html#opt-loop
+ 255. http://www.karlrunge.com/x11vnc/x11vnc_opts.html#opt-noxdamage
+ 256. http://www.karlrunge.com/x11vnc/faq.html#faq-beryl
+ 257. http://www.karlrunge.com/x11vnc/x11vnc_opts.html#opt-httpsredir
+ 258. http://www.karlrunge.com/x11vnc/faq.html#faq-macosx
+ 259. http://www.karlrunge.com/x11vnc/faq.html#infaq_findcreatedisplay
+ 260. http://www.karlrunge.com/x11vnc/x11vnc_opts.html#opt-svc
+ 261. http://www.karlrunge.com/x11vnc/x11vnc_opts.html#opt-xdmsvc
+ 262. http://www.karlrunge.com/x11vnc/faq.html#faq-reflect
+ 263. http://www.karlrunge.com/x11vnc/x11vnc_opts.html#opt-reflect
+ 264. http://www.karlrunge.com/x11vnc/x11vnc_opts.html#opt-nowireframelocal
+ 265. http://www.karlrunge.com/x11vnc/x11vnc_opts.html#opt-N
+ 266. http://www.karlrunge.com/x11vnc/x11vnc_opts.html#opt-nodpms
+ 267. http://www.karlrunge.com/x11vnc/x11vnc_opts.html#opt-xwarppointer
+ 268. http://www.karlrunge.com/x11vnc/x11vnc_opts.html#opt-ssl
+ 269. http://www.openssl.org/
+ 270. http://www.karlrunge.com/x11vnc/x11vnc_opts.html#opt-stunnel
+ 271. http://stunnel.mirt.net/
+ 272. http://www.karlrunge.com/x11vnc/x11vnc_opts.html#opt-sslverify
+ 273. http://www.karlrunge.com/x11vnc/x11vnc_opts.html#opt-sslGenCert
+ 274. http://www.karlrunge.com/x11vnc/x11vnc_opts.html#opt-sslGenCA
+ 275. http://www.karlrunge.com/x11vnc/ssl.html
+ 276. http://www.karlrunge.com/x11vnc/x11vnc_opts.html#opt-https
+ 277. http://www.karlrunge.com/x11vnc/faq.html#infaq_ss_vncviewer
+ 278. http://www.karlrunge.com/x11vnc/ssvnc.html
+ 279. http://www.karlrunge.com/x11vnc/x11vnc_opts.html#opt-unixpw
+ 280. http://www.karlrunge.com/x11vnc/x11vnc_opts.html#opt-unixpw_nis
+ 281. http://www.karlrunge.com/x11vnc/x11vnc_opts.html#opt-ssl
+ 282. http://www.karlrunge.com/x11vnc/x11vnc_opts.html#opt-localhost
+ 283. http://www.karlrunge.com/x11vnc/x11vnc_opts.html#opt-stunnel
+ 284. http://www.karlrunge.com/x11vnc/x11vnc_opts.html#opt-unixpw
+ 285. http://www.karlrunge.com/x11vnc/x11vnc_opts.html#opt-display_WAIT
+ 286. http://www.karlrunge.com/x11vnc/faq.html#faq-userlogin
+ 287. http://www.karlrunge.com/x11vnc/x11vnc_opts.html#opt-svc
+ 288. http://www.karlrunge.com/x11vnc/x11vnc_opts.html#opt-xdmsvc
+ 289. http://www.karlrunge.com/x11vnc/x11vnc_opts.html#opt-unixpw_cmd
+ 290. http://www.karlrunge.com/x11vnc/x11vnc_opts.html#opt-passwdfile
+ 291. http://www.karlrunge.com/x11vnc/x11vnc_opts.html#opt-rawfb
+ 292. http://www.karlrunge.com/x11vnc/x11vnc_opts.html#opt-rotate
+ 293. http://www.karlrunge.com/x11vnc/x11vnc_opts.html#opt-ultrafilexfer
+ 294. http://www.karlrunge.com/x11vnc/x11vnc_opts.html#opt-connect_or_exit
+ 295. http://www.karlrunge.com/x11vnc/x11vnc_opts.html#opt-rawfb
+ 296. http://www.karlrunge.com/x11vnc/x11vnc_opts.html#opt-v,
+ 297. http://www.karlrunge.com/x11vnc/prevrels.html
+ 298. http://www.karlrunge.com/x11vnc/x11vnc_opts.html#opt-solid
+ 299. http://www.karlrunge.com/x11vnc/x11vnc_opts.html#opt-ncache
+ 300. http://www.tightvnc.com/
+ 301. http://www.karlrunge.com/x11vnc/x11vnc_opts.html#opt-rfbport
+ 302. http://www.karlrunge.com/x11vnc/x11vnc_opts.html#opt-N
+ 303. http://www.karlrunge.com/x11vnc/x11vnc_opts.html
+ 304. http://www.karlrunge.com/x11vnc/faq.html#faq-passwd
+ 305. http://www.karlrunge.com/x11vnc/recurse_x11vnc.jpg
+ 306. http://www.sun.com/sunray/index.html
+ 307. http://www.karlrunge.com/x11vnc/sunray.html
+ 308. http://www.karlrunge.com/x11vnc/x11vnc_opts.html#opt-scrollcopyrect
+ 309. http://www.karlrunge.com/x11vnc/x11vnc_opts.html#opt-wireframe
+ 310. http://www.karlrunge.com/x11vnc/faq.html#infaq_findcreatedisplay
+ 311. http://www.karlrunge.com/x11vnc/faq.html#faq-xvfb
+ 312. http://www.karlrunge.com/x11vnc/x11vnc_opts.html#opt-cursor
+ 313. http://www.karlrunge.com/x11vnc/x11vnc_opts.html#opt-overlay
+ 314. http://www.karlrunge.com/x11vnc/faq.html#faq-sound
+ 315. http://www.karlrunge.com/x11vnc/x11vnc_opts.html#opt-scrollcopyrect
+ 316. mailto:xvml@karlrunge.com
+ 317. http://www.karlrunge.com/x11vnc/faq.html#faq-thanks
 	
 =======================================================================
 http://www.karlrunge.com/x11vnc/faq.html:
@@ -2096,150 +2153,153 @@ http://www.karlrunge.com/x11vnc/faq.html:
    [68]Q-66: Can reverse connections be made to go through a Web or SOCKS
    proxy or SSH? 
 
-   [69]Q-67: Can I use x11vnc as a replacement for Xvnc? (i.e. not for a
+   [69]Q-67: Can x11vnc provide a multi-user desktop web login service as
+   an Apache CGI or PHP script? 
+
+   [70]Q-68: Can I use x11vnc as a replacement for Xvnc? (i.e. not for a
    real display, but for a virtual one I keep around.) 
 
-   [70]Q-68: How can I use x11vnc on "headless" machines? Why might I
+   [71]Q-69: How can I use x11vnc on "headless" machines? Why might I
    want to? 
 
    [Resource Usage and Performance]
 
-   [71]Q-69: I have lots of memory, but why does x11vnc fail with
+   [72]Q-70: I have lots of memory, but why does x11vnc fail with
    shmget: No space left on device    or    Minor opcode of failed
    request: 1 (X_ShmAttach)? 
 
-   [72]Q-70: How can I make x11vnc use less system resources? 
+   [73]Q-71: How can I make x11vnc use less system resources? 
 
-   [73]Q-71: How can I make x11vnc use MORE system resources? 
+   [74]Q-72: How can I make x11vnc use MORE system resources? 
 
-   [74]Q-72: I use x11vnc over a slow link with high latency (e.g. dialup
+   [75]Q-73: I use x11vnc over a slow link with high latency (e.g. dialup
    modem or broadband), is there anything I can do to speed things up? 
 
-   [75]Q-73: Does x11vnc support the X DAMAGE Xserver extension to find
+   [76]Q-74: Does x11vnc support the X DAMAGE Xserver extension to find
    modified regions of the screen quickly and efficiently? 
 
-   [76]Q-74: My OpenGL application shows no screen updates unless I
+   [77]Q-75: My OpenGL application shows no screen updates unless I
    supply the -noxdamage option to x11vnc. 
 
-   [77]Q-75: When I drag windows around with the mouse or scroll up and
+   [78]Q-76: When I drag windows around with the mouse or scroll up and
    down things really bog down (unless I do the drag in a single, quick
    motion.) Is there anything to do to improve things? 
 
-   [78]Q-76: Why not do something like wireframe animations to avoid the
+   [79]Q-77: Why not do something like wireframe animations to avoid the
    windows "lurching" when being moved or resized? 
 
-   [79]Q-77: Can x11vnc try to apply heuristics to detect when a window
+   [80]Q-78: Can x11vnc try to apply heuristics to detect when a window
    is scrolling its contents and use the CopyRect encoding for a speedup?
    
-   [80]Q-78: Can x11vnc do client-side caching of pixel data? I.e. so
+   [81]Q-79: Can x11vnc do client-side caching of pixel data? I.e. so
    when that pixel data is needed again it does not have to be
    retransmitted over the network. 
 
-   [81]Q-79: Does x11vnc support TurboVNC? 
+   [82]Q-80: Does x11vnc support TurboVNC? 
 
    [Mouse Cursor Shapes]
 
-   [82]Q-80: Why isn't the mouse cursor shape (the little icon shape
+   [83]Q-81: Why isn't the mouse cursor shape (the little icon shape
    where the mouse pointer is) correct as I move from window to window? 
 
-   [83]Q-81: When using XFIXES cursorshape mode, some of the cursors look
+   [84]Q-82: When using XFIXES cursorshape mode, some of the cursors look
    really bad with extra black borders around the cursor and other cruft.
    How can I improve their appearance? 
 
-   [84]Q-82: In XFIXES mode, are there any hacks to handle cursor
+   [85]Q-83: In XFIXES mode, are there any hacks to handle cursor
    transparency ("alpha channel") exactly? 
 
    [Mouse Pointer]
 
-   [85]Q-83: Why does the mouse arrow just stay in one corner in my
+   [86]Q-84: Why does the mouse arrow just stay in one corner in my
    vncviewer, whereas my cursor (that does move) is just a dot? 
 
-   [86]Q-84: Can I take advantage of the TightVNC extension to the VNC
+   [87]Q-85: Can I take advantage of the TightVNC extension to the VNC
    protocol where Cursor Positions Updates are sent back to all connected
    clients (i.e. passive viewers can see the mouse cursor being moved
    around by another viewer)? 
 
-   [87]Q-85: Is it possible to swap the mouse buttons (e.g. left-handed
+   [88]Q-86: Is it possible to swap the mouse buttons (e.g. left-handed
    operation), or arbitrarily remap them? How about mapping button clicks
    to keystrokes, e.g. to partially emulate Mouse wheel scrolling? 
 
    [Keyboard Issues]
 
-   [88]Q-86: How can I get my AltGr and Shift modifiers to work between
+   [89]Q-87: How can I get my AltGr and Shift modifiers to work between
    keyboards for different languages? 
 
-   [89]Q-87: When I try to type a "<" (i.e. less than) instead I get ">"
+   [90]Q-88: When I try to type a "<" (i.e. less than) instead I get ">"
    (i.e. greater than)! Strangely, typing ">" works OK!! 
 
-   [90]Q-88: Extra Character Inserted, E.g.: When I try to type a "<"
+   [91]Q-89: Extra Character Inserted, E.g.: When I try to type a "<"
    (i.e. less than) instead I get "<," (i.e. an extra comma.) 
 
-   [91]Q-89: I'm using an "international" keyboard (e.g. German "de", or
+   [92]Q-90: I'm using an "international" keyboard (e.g. German "de", or
    Danish "dk") and the -modtweak mode works well if the VNC viewer is
    run on a Unix/Linux machine with a similar keyboard.   But if I run
    the VNC viewer on Unix/Linux with a different keyboard (e.g. "us") or
    Windows with any keyboard, I can't type some keys like:   "@", "$",
    "<", ">", etc. How can I fix this? 
 
-   [92]Q-90: When typing I sometimes get double, triple, or more of my
+   [93]Q-91: When typing I sometimes get double, triple, or more of my
    keystrokes repeated. I'm sure I only typed them once, what can I do? 
 
-   [93]Q-91: The x11vnc -norepeat mode is in effect, but I still get
+   [94]Q-92: The x11vnc -norepeat mode is in effect, but I still get
    repeated keystrokes!! 
 
-   [94]Q-92: After using x11vnc for a while, I find that I cannot type
+   [95]Q-93: After using x11vnc for a while, I find that I cannot type
    some (or any) characters or my mouse clicks and drags no longer have
    any effect, or they lead to strange effects. What happened? 
 
-   [95]Q-93: The machine where I run x11vnc has an AltGr key, but the
+   [96]Q-94: The machine where I run x11vnc has an AltGr key, but the
    local machine where I run the VNC viewer does not. Is there a way I
    can map a local unused key to send an AltGr? How about a Compose key
    as well? 
 
-   [96]Q-94: I have a Sun machine I run x11vnc on. Its Sun keyboard has
+   [97]Q-95: I have a Sun machine I run x11vnc on. Its Sun keyboard has
    just one Alt key labelled "Alt" and two Meta keys labelled with little
    diamonds. The machine where I run the VNC viewer only has Alt keys.
    How can I send a Meta keypress? (e.g. emacs needs this) 
 
-   [97]Q-95: Running x11vnc on HP-UX I cannot type "#" I just get a "3"
+   [98]Q-96: Running x11vnc on HP-UX I cannot type "#" I just get a "3"
    instead. 
 
-   [98]Q-96: Can I map a keystroke to a mouse button click on the remote
+   [99]Q-97: Can I map a keystroke to a mouse button click on the remote
    machine? 
 
-   [99]Q-97: How can I get Caps_Lock to work between my VNC viewer and
+   [100]Q-98: How can I get Caps_Lock to work between my VNC viewer and
    x11vnc? 
 
    [Screen Related Issues and Features]
 
-   [100]Q-98: The remote display is larger (in number of pixels) than the
+   [101]Q-99: The remote display is larger (in number of pixels) than the
    local display I am running the vncviewer on. I don't like the
    vncviewer scrollbars, what I can do? 
 
-   [101]Q-99: Does x11vnc support server-side framebuffer scaling? (E.g.
+   [102]Q-100: Does x11vnc support server-side framebuffer scaling? (E.g.
    to make the desktop smaller.) 
 
-   [102]Q-100: Does x11vnc work with Xinerama? (i.e. multiple monitors
+   [103]Q-101: Does x11vnc work with Xinerama? (i.e. multiple monitors
    joined together to form one big, single screen.) 
 
-   [103]Q-101: Can I use x11vnc on a multi-headed display that is not
+   [104]Q-102: Can I use x11vnc on a multi-headed display that is not
    Xinerama (i.e. separate screens :0.0, :0.1, ... for each monitor)? 
 
-   [104]Q-102: Can x11vnc show only a portion of the display? (E.g. for a
+   [105]Q-103: Can x11vnc show only a portion of the display? (E.g. for a
    special purpose application or a very large screen.) 
 
-   [105]Q-103: Does x11vnc support the XRANDR (X Resize, Rotate and
+   [106]Q-104: Does x11vnc support the XRANDR (X Resize, Rotate and
    Reflection) extension? Whenever I rotate or resize the screen x11vnc
    just seems to crash. 
 
-   [106]Q-104: Independent of any XRANDR, can I have x11vnc rotate and/or
+   [107]Q-105: Independent of any XRANDR, can I have x11vnc rotate and/or
    reflect the screen that the VNC viewers see? (e.g. for a handheld
    whose screen is rotated 90 degrees.) 
 
-   [107]Q-105: Why is the view in my VNC viewer completely black? Or why
+   [108]Q-106: Why is the view in my VNC viewer completely black? Or why
    is everything flashing around randomly? 
 
-   [108]Q-106: I use Linux Virtual Terminals (VT's) to implement 'Fast
+   [109]Q-107: I use Linux Virtual Terminals (VT's) to implement 'Fast
    User Switching' between users' sessions (e.g. Betty is on Ctrl-Alt-F7,
    Bobby is on Ctrl-Alt-F8, and Sid is on Ctrl-Alt-F1: they use those
    keystrokes to switch between their sessions.)   How come the view in a
@@ -2247,83 +2307,83 @@ http://www.karlrunge.com/x11vnc/faq.html:
    otherwise all messed up unless the X session x11vnc is attached to is
    in the active VT? 
 
-   [109]Q-107: I am using x11vnc where my local machine has "popup/hidden
+   [110]Q-108: I am using x11vnc where my local machine has "popup/hidden
    taskbars" and the remote display where x11vnc runs also has
    "popup/hidden taskbars" and they interfere and fight with each other.
    What can I do? 
 
-   [110]Q-108: Help! x11vnc and my KDE screensaver keep switching each
+   [111]Q-109: Help! x11vnc and my KDE screensaver keep switching each
    other on and off every few seconds. 
 
-   [111]Q-109: I am running the beryl 3D window manager (or compiz,
+   [112]Q-110: I am running the beryl 3D window manager (or compiz,
    MythTv, Google Earth, or some other OpenGL app) and I do not get
    screen updates in x11vnc. 
 
-   [112]Q-110: Can I use x11vnc to view my VMWare session remotely? 
+   [113]Q-111: Can I use x11vnc to view my VMWare session remotely? 
 
    [Exporting non-X11 devices via VNC]
 
-   [113]Q-111: Can non-X devices (e.g. a raw framebuffer) be viewed (and
+   [114]Q-112: Can non-X devices (e.g. a raw framebuffer) be viewed (and
    even controlled) via VNC with x11vnc? 
 
-   [114]Q-112: Can I export the Linux Console (Virtual Terminals) via VNC
+   [115]Q-113: Can I export the Linux Console (Virtual Terminals) via VNC
    using x11vnc? 
 
-   [115]Q-113: Can I export via VNC a Webcam or TV tuner framebuffer
+   [116]Q-114: Can I export via VNC a Webcam or TV tuner framebuffer
    using x11vnc? 
 
-   [116]Q-114: Can I connect via VNC to a Qt-embedded/Qtopia application
+   [117]Q-115: Can I connect via VNC to a Qt-embedded/Qtopia application
    running on my handheld or PC using the Linux console framebuffer (i.e.
    not X11)? 
 
-   [117]Q-115: Now that non-X11 devices can be exported via VNC using
+   [118]Q-116: Now that non-X11 devices can be exported via VNC using
    x11vnc, can I build it with no dependencies on X11 header files and
    libraries? 
 
-   [118]Q-116: Does x11vnc support Mac OS X Aqua/Quartz displays natively
+   [119]Q-117: Does x11vnc support Mac OS X Aqua/Quartz displays natively
    (i.e. no X11 involved)? 
 
-   [119]Q-117: Can x11vnc be used as a VNC reflector/repeater to improve
+   [120]Q-118: Can x11vnc be used as a VNC reflector/repeater to improve
    performance for the case of a large number of simultaneous VNC viewers
    (e.g. classroom broadcasting or a large demo)? 
 
-   [120]Q-118: Can x11vnc be used during a Linux, Solaris, etc. system
+   [121]Q-119: Can x11vnc be used during a Linux, Solaris, etc. system
    Installation so the Installation can be done remotely? 
 
    [Misc: Clipboard, File Transfer/Sharing, Printing, Sound, Beeps,
    Thanks, etc.]
 
-   [121]Q-119: Does the Clipboard/Selection get transferred between the
+   [122]Q-120: Does the Clipboard/Selection get transferred between the
    vncviewer and the X display? 
 
-   [122]Q-120: Can I use x11vnc to record a Shock Wave Flash (or other
+   [123]Q-121: Can I use x11vnc to record a Shock Wave Flash (or other
    format) video of my desktop, e.g. to record a tutorial or demo? 
 
-   [123]Q-121: Can I transfer files back and forth with x11vnc? 
+   [124]Q-122: Can I transfer files back and forth with x11vnc? 
 
-   [124]Q-122: Which UltraVNC extensions are supported? 
+   [125]Q-123: Which UltraVNC extensions are supported? 
 
-   [125]Q-123: Can x11vnc emulate UltraVNC's Single Click helpdesk mode
+   [126]Q-124: Can x11vnc emulate UltraVNC's Single Click helpdesk mode
    for Unix? I.e. something very simple for a naive user to initiate a
    reverse vnc connection from their Unix desktop to a helpdesk
    operator's VNC Viewer. 
 
-   [126]Q-124: Can I (temporarily) mount my local (viewer-side)
+   [127]Q-125: Can I (temporarily) mount my local (viewer-side)
    Windows/Samba File share on the machine where x11vnc is running? 
 
-   [127]Q-125: Can I redirect CUPS print jobs from the remote desktop
+   [128]Q-126: Can I redirect CUPS print jobs from the remote desktop
    where x11vnc is running to a printer on my local (viewer-side)
    machine? 
 
-   [128]Q-126: How can I hear the sound (audio) from the remote
+   [129]Q-127: How can I hear the sound (audio) from the remote
    applications on the desktop I am viewing via x11vnc? 
 
-   [129]Q-127: Why don't I hear the "Beeps" in my X session (e.g. when
+   [130]Q-128: Why don't I hear the "Beeps" in my X session (e.g. when
    typing tput bel in an xterm)? 
 
-   [130]Q-128: Does x11vnc work with IPv6? 
+   [131]Q-129: Does x11vnc work with IPv6? 
 
-   [131]Q-129: Thanks for your program or for your help! Can I make a
+   [132]Q-130: Thanks for your program or for your help! Can I make a
    donation? 
      _________________________________________________________________
 
@@ -2336,7 +2396,7 @@ http://www.karlrunge.com/x11vnc/faq.html:
 
    For the former error, you need to specify the X display to connect to
    (it also needs to be on the same machine the x11vnc process is to run
-   on.) Set your DISPLAY environment variable (or use the [132]-display
+   on.) Set your DISPLAY environment variable (or use the [133]-display
    option) to specify it. Nearly always the correct value will be ":0"
    (in fact, x11vnc will now assume :0 if given no other information.)
 
@@ -2353,9 +2413,9 @@ http://www.karlrunge.com/x11vnc/faq.html:
    working when you try to start x11vnc via, say, a remote shell.
 
    How to Solve:  See the xauth(1), Xsecurity(7), and xhost(1) man pages
-   or [133]this Howto for much info on X11 permissions. For example, you
+   or [134]this Howto for much info on X11 permissions. For example, you
    may need to set your XAUTHORITY environment variable (or use the
-   [134]-auth option) to point to the correct MIT-MAGIC-COOKIE file (e.g.
+   [135]-auth option) to point to the correct MIT-MAGIC-COOKIE file (e.g.
    /home/joe/.Xauthority or /var/gdm/:0.Xauth or /var/lib/kdm/A:0-crWk72K
    or /tmp/.gdmzndVlR, etc, etc.), or simply be sure you run x11vnc as
    the correct user (i.e. the user who is logged into the X session you
@@ -2377,10 +2437,10 @@ http://www.karlrunge.com/x11vnc/faq.html:
   x11vnc -display :0 -auth /var/gdm/:0.Xauth
 
    (this is for the display manager gdm and requires root permission to
-   read the gdm cookie file, see [135]this faq for other display manager
+   read the gdm cookie file, see [136]this faq for other display manager
    cookie file names.)
 
-   Note as of Feb/2007 you can also try the [136]-find option instead of
+   Note as of Feb/2007 you can also try the [137]-find option instead of
    "-display ..." and see if that finds your display and Xauthority.
 
    Less safe, but to avoid figuring out where the correct XAUTHORITY file
@@ -2389,7 +2449,7 @@ http://www.karlrunge.com/x11vnc/faq.html:
    (from the same machine.) The person could then type "xhost -localhost"
    after x11vnc has connected to go back to the default permissions.
    Also, for some situations the "-users lurk=" option may soon be of use
-   (please read the documentation on the [137]-users option.)
+   (please read the documentation on the [138]-users option.)
 
    To test out your X11 permissions from a remote shell, set DISPLAY and
    possibly XAUTHORITY (see your shell's man page, bash(1), tcsh(1), on
@@ -2408,7 +2468,7 @@ http://www.karlrunge.com/x11vnc/faq.html:
    properly.)
 
    Firewalls: Speaking of permissions, it should go without saying that
-   the host-level [138]firewall will need to be configured to allow
+   the host-level [139]firewall will need to be configured to allow
    connections in on a port. E.g. 5900 (default VNC port) or 22 (default
    SSH port for tunnelling VNC.) Most systems these days have firewalls
    turned on by default, so you will actively have to do something to
@@ -2457,63 +2517,56 @@ libssl.so      libcrypto.so    libcrypt.so
   See `config.log' for more details.
 
    there is quite a bit wrong with the build environment. Hopefully
-   simply adding -dev packages and/or gcc will fix it.
+   simply adding -dev packages and/or gcc or make will fix it.
 
    For Debian the list seems to be:
   gcc
   make
   libc6-dev
-  libjpeg62-dev
+  libjpeg8-dev           (formerly libjpeg62-dev)
   libx11-dev
+  x11proto-core-dev      (formerly x-dev)
   libxext-dev
+  libxtst-dev
+  libxdamage-dev
+  libxfixes-dev
   libxrandr-dev
   libxinerama-dev
-  libxtst-dev
-  x-dev
-  xlibs-static-dev
+  libxss-dev             (formerly xlibs-static-dev)
   zlib1g-dev
   libssl-dev
+  libavahi-client-dev
+  linux-libc-dev         (only needed for linux console rawfb support)
 
-   (note that depending on your OS version the above names may have been
-   changed and/or additional packages may be needed.)
+   Note that depending on your OS version the above names may have been
+   changed and/or additional packages may be needed.
 
    For Redhat the list seems to be:
   gcc
   make
   glibc-devel
   libjpeg-devel
-  xorg-x11-devel or XFree86-devel
+  libX11-devel
+  xorg-x11-proto-devel
+  libXdamage-devel
+  libXfixes-devel
+  libXrandr-devel
   zlib-devel
-  openssl097a
-
-   (there are probably some more now; send us a list for recent Redhat if
-   you have it building and see the need to add more -devel packages.)
+  openssl-devel
+  avahi-devel
+  kernel-headers         (only needed for linux console rawfb support)
 
    For other distros or OS's the package names may not be the same but
    will look similar. Also, distros tend to rename packages as well so
    the above list may be out of date. So only use the above lists as
    hints for the package names that are needed.
 
-   Have a look at [139]Misc. Build Problems for additional fixes.
+   Have a look at [140]Misc. Build Problems for additional fixes.
 
    Note: there is growing trend in Linux and other distros to slice up
    core X11 software into more and smaller packages. So be prepared for
    more headaches compiling software...
 
-   libssl:  One user pointed out that if you use a precompiled binary
-   (either one you downloaded or built on another machine) there is a
-   chance it won't work because that x11vnc binary requires libssl0.9.7
-   but the system only has libssl0.9.8 (which evidently is incompatible
-   with 0.9.7 and has a different SONAME.) Your distro should allow you
-   do have both runtimes installed on your system:
-    % dpkg -l libssl0.9.7 libssl0.9.8
-    ...
-    ii  libssl0.9.7    0.9.7g-5ubuntu SSL shared libraries
-    ii  libssl0.9.8    0.9.8a-7ubuntu SSL shared libraries
-
-   (in fact it should have installed both by default if it knew what it
-   was doing.) See [140]here too.
-
 
    Q-3: I just built x11vnc successfully, but when I use it my keystrokes
    and mouse button clicks are ignored  (I am able to move the mouse
@@ -4152,7 +4205,7 @@ exec @ARGV;
    channel using an external tool like stunnel?
 
    It is possible to use a "lighter weight" encryption setup than SSH or
-   IPSEC. SSL tunnels such as [318]stunnel (also [319]stunnel.mirt.net)
+   IPSEC. SSL tunnels such as [318]stunnel (also [319]stunnel.org)
    provide an encrypted channel without the need for Unix users,
    passwords, and key passphrases required for ssh (and at the other
    extreme SSL can also provide a complete signed certificate chain of
@@ -4438,7 +4491,7 @@ connect = 5900
    tunnel for you using stunnel. The -ssl method is the preferred way,
    but for historical reference we keep the -stunnel info here.
 
-   The [358]-stunnel mode requires the [359]www.stunnel.org command
+   The [358]-stunnel mode requires the [359]stunnel.mirt.net command
    stunnel(8) to be installed on the system.
 
    Some -stunnel examples:
@@ -4834,15 +4887,19 @@ connect = 5900
    SSL from the Internet with a Web browser to x11vnc running on their
    workstations behind a firewall?
    Yes. You will need to configure apache to forward these connections.
-   It is discussed [390]here. This provides a clean alternative to the
-   traditional method where the user uses SSH to log in through the
-   gateway to create the encrypted port redirection to x11vnc running on
-   her desktop.
+   It is discussed [390]here. This SSL VNC portal provides a clean
+   alternative to the traditional method where the user uses SSH to log
+   in through the gateway to create the encrypted port redirection to
+   x11vnc running on her desktop.
+
+   Also see the [391]desktop.cgi CGI script method that achieves much of
+   what this Apache VNC SSL portal method does (as long as desktop.cgi's
+   'port redirection' mode is enabled.)
 
 
    Q-57: Can I create and use my own SSL Certificate Authority (CA) with
    x11vnc?
-   Yes, see [391]this page for how to do this and the utility commands
+   Yes, see [392]this page for how to do this and the utility commands
    x11vnc provides to create and manage many types of certificates and
    private keys.
 
@@ -4861,14 +4918,14 @@ connect = 5900
    need to have sufficient permissions to connect to the X display.
 
    Here are some ideas:
-     * Use the description under "Continuously" in the [392]FAQ on x11vnc
+     * Use the description under "Continuously" in the [393]FAQ on x11vnc
        and Display Managers
-     * Use the description in the [393]FAQ on x11vnc and inetd(8)
-     * Use the description in the [394]FAQ on Unix user logins and
+     * Use the description in the [394]FAQ on x11vnc and inetd(8)
+     * Use the description in the [395]FAQ on Unix user logins and
        inetd(8)
      * Start x11vnc from your $HOME/.xsession (or $HOME/.xinitrc or
        autostart script or ...)
-     * Although less reliable, see the [395]x11vnc_loop rc.local hack
+     * Although less reliable, see the [396]x11vnc_loop rc.local hack
        below.
 
    The display manager scheme will not be specific to which user has the
@@ -4890,9 +4947,9 @@ x11vnc -logfile $HOME/.x11vnc.log -rfbauth $HOME/.vnc/passwd -forever -bg
    X startup scripts (traditionally .xsession/.xinitrc) may have to be in
    a different directory or have a different basename. One user
    recommends the description under 'Running Scripts Automatically' at
-   [396]this link.
+   [397]this link.
 
-   Firewalls: note all methods will require the host-level [397]firewall
+   Firewalls: note all methods will require the host-level [398]firewall
    to be configured to allow connections in on a port. E.g. 5900 (default
    VNC port) or 22 (default SSH port for tunnelling VNC.) Most systems
    these days have firewalls turned on by default, so you will actively
@@ -4916,23 +4973,30 @@ x11vnc -logfile $HOME/.x11vnc.log -rfbauth $HOME/.vnc/passwd -forever -bg
 
    It is usually possible to do this by just adjusting the XAUTHORITY
    environment variable to point to the correct MIT-COOKIE auth file
-   while running x11vnc as root, e.g. for the gnome display manager, gdm:
+   while running x11vnc as root, e.g. for the gnome display manager, GDM:
   x11vnc -auth /var/gdm/:0.Xauth -display :0
 
-   (the [398]-auth option sets the XAUTHORITY variable for you.)
+   (the [399]-auth option sets the XAUTHORITY variable for you.)
 
-   There will be a similar thing for xdm using however a different auth
-   directory path (perhaps something like
-   /var/lib/xdm/authdir/authfiles/A:0-XQvaJk for xdm or
+   There will be a similar thing to do for xdm using however a different
+   auth directory path (perhaps something like
+   /var/lib/xdm/authdir/authfiles/A:0-XQvaJk) for the xdm greeter or
    /var/lib/kdm/A:0-crWk72 (or /var/run/xauth/A:0-qQPftr, etc. etc) for
-   kdm, where the random characters in the basename will vary.) Read your
-   system docs to find out where the display manager cookie files are
-   kept.
+   the kdm greeter. Of course, the random characters in the file basename
+   will vary and you will need to use the actual filename on your system.
+   Read your system docs to find out where the display manager cookie
+   files are kept.
 
    Trick: sometimes ps(1) can reveal the X server process -auth argument
-   (e.g. "ps wwwaux | grep auth") and hence the path to the auth file.
+   (e.g. "ps wwaux | grep auth") and hence the path to the auth file.
+
+   x11vnc must be run as root for this because the /var/gdm/:0.Xauth,
+   /var/lib/kdm/A:0-crWk72, etc. auth files are only readable by root. If
+   you do not want to run x11vnc as root, you can copy (as root or sudo)
+   the auth file to some location and make it readable by your userid.
+   Then run x11vnc as your userid with -auth pointed to the copied file.
 
-   Update Dec/2009: use "[399]-auth guess" to have x11vnc try to guess
+   Update Dec/2009: use "[400]-auth guess" to have x11vnc try to guess
    the location of the auth file for you.
 
    You next connect to x11vnc with a VNC viewer, give your username and
@@ -4950,10 +5014,10 @@ x11vnc -logfile $HOME/.x11vnc.log -rfbauth $HOME/.vnc/passwd -forever -bg
    (BTW, the auth file should be in /var/dt), you'll also need to add
    something like Dtlogin*grabServer:False to the Xconfig file
    (/etc/dt/config/Xconfig or /usr/dt/config/Xconfig on Solaris, see
-   [400]the example at the end of this FAQ.) Then restart dtlogin, e.g.:
+   [401]the example at the end of this FAQ.) Then restart dtlogin, e.g.:
    /etc/init.d/dtlogin stop; /etc/init.d/dtlogin start or reboot.
 
-   Update Nov/2008: Regarding GDM KillInitClients: see the [401]-reopen
+   Update Nov/2008: Regarding GDM KillInitClients: see the [402]-reopen
    option for another possible workaround.
 
    Update Oct/2009: Regarding GDM KillInitClients: starting with x11vnc
@@ -4980,7 +5044,7 @@ x11vnc -logfile $HOME/.x11vnc.log -rfbauth $HOME/.vnc/passwd -forever -bg
 
    Please consider the security implications of this! The VNC display for
    the X session always accessible (but hopefully password protected.)
-   Add [402]-localhost if you only plan to access via a [403]SSH tunnel.
+   Add [403]-localhost if you only plan to access via a [404]SSH tunnel.
 
    The name of the display manager startup script file depends on desktop
    used and seem to be:
@@ -5018,7 +5082,7 @@ x11vnc -logfile $HOME/.x11vnc.log -rfbauth $HOME/.vnc/passwd -forever -bg
  -forever -bg
 
    where you should customize the exact command to your needs (e.g.
-   [404]-localhost for SSH tunnel-only access; [405]-ssl SAVE for SSL
+   [405]-localhost for SSH tunnel-only access; [406]-ssl SAVE for SSL
    access; etc.)
 
    Happy, happy, joy, joy:  Note that we do not need to specify -display
@@ -5026,7 +5090,7 @@ x11vnc -logfile $HOME/.x11vnc.log -rfbauth $HOME/.vnc/passwd -forever -bg
    and XAUTHORITY environment variables for the Xsetup script!!!
 
    You may also want to force the VNC port with something like "-rfbport
-   5900" (or [406]-N) to avoid autoselecting one if 5900 is already
+   5900" (or [407]-N) to avoid autoselecting one if 5900 is already
    taken.
      _________________________________________________________________
 
@@ -5042,7 +5106,7 @@ x11vnc -logfile $HOME/.x11vnc.log -rfbauth $HOME/.vnc/passwd -forever -bg
 
    Then restart: /usr/sbin/gdm-restart (or reboot.) The
    KillInitClients=false setting is important: without it x11vnc will be
-   killed immediately after the user logs in. Here are [407]full details
+   killed immediately after the user logs in. Here are [408]full details
    on how to configure gdm
      _________________________________________________________________
 
@@ -5084,16 +5148,16 @@ x11vnc -logfile $HOME/.x11vnc.log -rfbauth $HOME/.vnc/passwd -forever -bg
 
    If you do not want to deal with any display manager startup scripts,
    here is a kludgey script that can be run manually or out of a boot
-   file like rc.local: [408]x11vnc_loop It will need some local
+   file like rc.local: [409]x11vnc_loop It will need some local
    customization before running. Because the XAUTHORITY auth file must be
    guessed by this script, use of the display manager script method
-   described above is greatly preferred. There is also the [409]-loop
+   described above is greatly preferred. There is also the [410]-loop
    option that does something similar.
 
    If the machine is a traditional Xterminal you may want to read
-   [410]this FAQ.
+   [411]this FAQ.
 
-   Firewalls: note all methods will require the host-level [411]firewall
+   Firewalls: note all methods will require the host-level [412]firewall
    to be configured to allow connections in on a port. E.g. 5900 (default
    VNC port) or 22 (default SSH port for tunnelling VNC.) Most systems
    these days have firewalls turned on by default, so you will actively
@@ -5109,7 +5173,7 @@ x11vnc -logfile $HOME/.x11vnc.log -rfbauth $HOME/.vnc/passwd -forever -bg
 
   5900 stream tcp nowait root /usr/sbin/tcpd /usr/local/bin/x11vnc_sh
 
-   where the shell script /usr/local/bin/x11vnc_sh uses the [412]-inetd
+   where the shell script /usr/local/bin/x11vnc_sh uses the [413]-inetd
    option and looks something like (you'll need to customize to your
    settings.)
 #!/bin/sh
@@ -5122,7 +5186,7 @@ x11vnc -logfile $HOME/.x11vnc.log -rfbauth $HOME/.vnc/passwd -forever -bg
    and that confuses it greatly, causing it to abort.) If you do not use
    a wrapper script as above but rather call x11vnc directly in
    /etc/inetd.conf and do not redirect stderr to a file, then you must
-   specify the -q (aka [413]-quiet) option: "/usr/local/bin/x11vnc -q
+   specify the -q (aka [414]-quiet) option: "/usr/local/bin/x11vnc -q
    -inetd ...". When you supply both -q and -inet and no "-o logfile"
    then stderr will automatically be closed (to prevent, e.g. library
    stderr messages leaking out to the viewer.) The recommended practice
@@ -5130,12 +5194,12 @@ x11vnc -logfile $HOME/.x11vnc.log -rfbauth $HOME/.vnc/passwd -forever -bg
    script with "2>logfile" redirection because the errors and warnings
    printed out are very useful in troubleshooting problems.
 
-   Note also the need to set XAUTHORITY via [414]-auth to point to the
+   Note also the need to set XAUTHORITY via [415]-auth to point to the
    MIT-COOKIE auth file to get permission to connect to the X display
    (setting and exporting the XAUTHORITY variable accomplishes the same
    thing.) See the x11vnc_loop file in the previous question for more
    ideas on what that auth file may be, etc. The scheme described in the
-   [415]FAQ on Unix user logins and inetd(8) works around the XAUTHORITY
+   [416]FAQ on Unix user logins and inetd(8) works around the XAUTHORITY
    issue nicely.
 
    Note:  On Solaris you cannot have the bare number 5900 in
@@ -5201,8 +5265,8 @@ service x11vncservice
 #!/bin/sh
 COLUMNS=256
 export COLUMNS
-authfile=`ps wwwaux | grep '/X.*-auth' | grep -v grep | sed -e 's/^.*-auth *//'
- -e 's/ .*$//' | head -n 1`
+authfile=`ps wwaux | grep '/X.*-auth' | grep -v grep | sed -e 's/^.*-auth *//'
+-e 's/ .*$//' | head -n 1`
 
 if [ -r "$authfile" ]; then
         exec /usr/local/bin/x11vnc -inetd -o /var/log/x11vnc.log -display :0 -a
@@ -5220,9 +5284,9 @@ exec /usr/local/bin/x11vnc -inetd -o /var/log/x11vnc.log -find -env FD_XDM=1
    it automatically?
 
    Yes, as of Feb/2007 x11vnc supports mDNS / Zeroconf advertising of its
-   service via the Avahi client library. Use the option [416]-avahi (same
-   as [417]-mdns or [418]-zeroconf) to enable it. Depending on your setup
-   you may need to install [419]Avahi (including the development/build
+   service via the Avahi client library. Use the option [417]-avahi (same
+   as [418]-mdns or [419]-zeroconf) to enable it. Depending on your setup
+   you may need to install [420]Avahi (including the development/build
    packages), enable the server: avahi-daemon and avahi-dnsconfd, and
    possibly open up UDP port 5353 on your firewall.
 
@@ -5251,11 +5315,11 @@ exec /usr/local/bin/x11vnc -inetd -o /var/log/x11vnc.log -find -env FD_XDM=1
    machine and then attach to it? How about starting an X session if one
    cannot be found?
 
-   The easiest way to do this is via [420]inetd(8) using the [421]-unixpw
-   and [422]-display WAIT options. The reason inetd(8) makes this easier
+   The easiest way to do this is via [421]inetd(8) using the [422]-unixpw
+   and [423]-display WAIT options. The reason inetd(8) makes this easier
    is that it starts a new x11vnc process for each new user connection.
    Otherwise a wrapper would have to listen for connections and spawn new
-   x11vnc's (see [423]this example and also the [424]-loopbg option.)
+   x11vnc's (see [424]this example and also the [425]-loopbg option.)
    inetd(8) is not required for this, but it makes some aspects more
    general.
 
@@ -5263,23 +5327,23 @@ exec /usr/local/bin/x11vnc -inetd -o /var/log/x11vnc.log -find -env FD_XDM=1
    hostname:0, and do not need to memorize a special VNC display number
    just for their personal use, etc.
 
-   Update: Use the [425]-find, [426]-create, [427]-svc, and [428]-xdmsvc
+   Update: Use the [426]-find, [427]-create, [428]-svc, and [429]-xdmsvc
    options that are shorthand for common FINDCREATEDISPLAY usage modes
    (e.g. terminal services) described below. (i.e. simply use "-svc"
    instead of the cumbersome "-display WAIT:cmd=FINDCREATEDISPLAY-Xvfb
    -unixpw -users unixpw= -ssl SAVE")
 
-   The [429]-display WAIT option makes x11vnc wait until a VNC viewer is
+   The [430]-display WAIT option makes x11vnc wait until a VNC viewer is
    connected before attaching to the X display.
 
    Additionally it can be used to run an external command that returns
    the DISPLAY and XAUTHORITY data. We provide some useful builtin ones
    (FINDDISPLAY and FINDCREATEDISPLAY below), but in principle one could
    supply his own script: "-display WAIT:cmd=/path/to/find_display" where
-   the script find_display might look something like [430]this.
+   the script find_display might look something like [431]this.
 
    A default script somewhat like the above is used under "-display
-   WAIT:cmd=FINDDISPLAY" (same as [431]-find) The format for any such
+   WAIT:cmd=FINDDISPLAY" (same as [432]-find) The format for any such
    command is that it returns DISPLAY=:disp as the first line and any
    remaining lines are either XAUTHORITY=file or raw xauth data (the
    above example does the latter.) If applicable (-unixpw mode), the
@@ -5290,10 +5354,10 @@ exec /usr/local/bin/x11vnc -inetd -o /var/log/x11vnc.log -find -env FD_XDM=1
    only the X server process ID is known it appends ",XPID=n" (a chvt
    will be attempted by x11vnc.)
 
-   Tip: Note that the [432]-find option is an alias for "-display
+   Tip: Note that the [433]-find option is an alias for "-display
    WAIT:cmd=FINDDISPLAY". Use it!
 
-   The [433]-unixpw option allows [434]UNIX password logins. It
+   The [434]-unixpw option allows [435]UNIX password logins. It
    conveniently knows the Unix username whose X display should be found.
    Here are a couple /etc/inetd.conf examples of this usage:
 5900  stream  tcp  nowait  nobody  /usr/sbin/tcpd /usr/local/bin/x11vnc -inetd
@@ -5303,19 +5367,19 @@ exec /usr/local/bin/x11vnc -inetd -o /var/log/x11vnc.log -find -env FD_XDM=1
 -unixpw \
       -find -o /var/log/x11vnc.log -ssl SAVE -users unixpw=
 
-   Note we have used the [435]-find alias and the very long lines have
+   Note we have used the [436]-find alias and the very long lines have
    been split. An alternative is to use a wrapper script, e.g.
    /usr/local/bin/x11vnc.sh that has all of the options. (see also the
-   [436]-svc alias.)
+   [437]-svc alias.)
 
    In the first inetd line x11vnc is run as user "nobody" and stays user
    nobody during the whole session. The permissions of the log files and
    certs directory will need to be set up to allow "nobody" to use them.
 
    In the second one x11vnc is run as root and switches to the user that
-   logs in due to the "[437]-users unixpw=" option.
+   logs in due to the "[438]-users unixpw=" option.
 
-   Note that [438]SSL is required for this mode because otherwise the
+   Note that [439]SSL is required for this mode because otherwise the
    Unix password would be passed in clear text over the network. In
    general -unixpw is not required for this sort of scheme, but it is
    convenient because it determines exactly who the Unix user is whose
@@ -5323,17 +5387,17 @@ exec /usr/local/bin/x11vnc -inetd -o /var/log/x11vnc.log -find -env FD_XDM=1
    to use some method to work out DISPLAY, XAUTHORITY, etc (perhaps you
    use multiple inetd ports and hardwire usernames for different ports.)
 
-   If you really want to disable the SSL or SSH [439]-localhost
+   If you really want to disable the SSL or SSH [440]-localhost
    constraints (this is not recommended unless you really know what you
    are doing: Unix passwords sent in clear text is a very bad idea...)
-   read the [440]-unixpw documentation.
+   read the [441]-unixpw documentation.
 
    A inetd(8) scheme for a fixed user that doesn't use SSL or unix
    passwds could be:
   /usr/local/bin/x11vnc -inetd -users =fred -find -rfbauth /home/fred/.vnc/pass
 wd -o /var/log/x11vnc.log
 
-   The "[441]-users =fred" option will cause x11vnc to switch to user
+   The "[442]-users =fred" option will cause x11vnc to switch to user
    fred and then find his X display. The VNC password (-rfbauth) as
    opposed to Unix password (-unixpw) is used to authenticate the VNC
    client.
@@ -5350,8 +5414,11 @@ wd -o /var/log/x11vnc.log
    tries to start up an X server (normally it just attaches to an
    existing one.)
 
+   For virtual sessions you will need to install the Xvfb program (e.g.
+   apt-get install xvfb) or our Xdummy program (see below.)
+
    By default it will only try to start up virtual (non-hardware) X
-   servers: first [442]Xvfb and if that is not available then Xdummy
+   servers: first [443]Xvfb and if that is not available then Xdummy
    (included in the x11vnc source code.) Note that Xdummy only works on
    Linux whereas Xvfb works just about everywhere (and in some situations
    Xdummy must be run as root.) An advantage of Xdummy over Xvfb is that
@@ -5365,16 +5432,16 @@ wd -o /var/log/x11vnc.log
       -ssl SAVE -unixpw -users unixpw= -display WAIT:cmd=FINDCREATEDISPLAY
 
    Where the very long lines have been split. See below where that long
-   and cumbersome last line is replaced by the [443]-svc alias.
+   and cumbersome last line is replaced by the [444]-svc alias.
 
-   The above mode will allow direct SSL (e.g. [444]ss_vncviewer or
-   [445]SSVNC) access and also Java Web browers access via:
+   The above mode will allow direct SSL (e.g. [445]ss_vncviewer or
+   [446]SSVNC) access and also Java Web browers access via:
    https://hostname:5900/.
 
-   Tip: Note that the [446]-create option is an alias for "-display
+   Tip: Note that the [447]-create option is an alias for "-display
    WAIT:cmd=FINDCREATEDISPLAY-Xvfb".
 
-   Tip: Note that [447]-svc is a short hand for the long "-ssl SAVE
+   Tip: Note that [448]-svc is a short hand for the long "-ssl SAVE
    -unixpw -users unixpw= -display WAIT:cmd=FINDCREATEDISPLAY" part.
    Unlike -create, this alias also sets up SSL encryption and Unix
    password login.
@@ -5386,7 +5453,7 @@ wd -o /var/log/x11vnc.log
 
    Tip: In addition to the usual unixpw parameters, inside the VNC viewer
    the user can specify after his username (following a ":" see
-   [448]-display WAIT for details) for FINDCREATEDISPLAY they can add
+   [449]-display WAIT for details) for FINDCREATEDISPLAY they can add
    "geom=WxH" or "geom=WxHxD" to specify the width, height, and
    optionally the color depth. E.g. "fred:geom=800x600" at the login:
    prompt. Also if the env. var X11VNC_CREATE_GEOM is set to the desired
@@ -5420,10 +5487,10 @@ bin/x11vnc -svc
    To print out the script in this case use "-display
    WAIT:cmd=FINDCREATEDISPLAY-print". To change the preference of
    Xservers and which to try list them, e.g.: "-display
-   WAIT:cmd=FINDCREATEDISPLAY-X,Xvfb,Xdummy" or use "[449]-create_xsrv
+   WAIT:cmd=FINDCREATEDISPLAY-X,Xvfb,Xdummy" or use "[450]-create_xsrv
    X,Xvfb,Xdummy". The "X" one means to try to start up a real, hardware
    X server, e.g. startx(1) (if there is already a real X server running
-   this may only work on Linux and the chvt program may [450]need to be
+   this may only work on Linux and the chvt program may [451]need to be
    run to switch to the correct Linux virtual terminal.) x11vnc will try
    to run chvt automatically if it can determine which VT should be
    switched to.
@@ -5452,7 +5519,7 @@ bin/x11vnc -svc
    will also typically block UDP (port 177 for XDMCP) by default
    effectively limiting the UDP connections to localhost.
 
-   Tip: Note that [451]-xdmsvc is a short hand alias for the long "-ssl
+   Tip: Note that [452]-xdmsvc is a short hand alias for the long "-ssl
    SAVE -unixpw -users unixpw= -display
    WAIT:cmd=FINDCREATEDISPLAY-Xvfb.xdmcp". So we simply use:
 service x11vnc
@@ -5521,15 +5588,15 @@ t:5
    Q-63: Can I have x11vnc restart itself after it terminates?
 
    One could do this in a shell script, but now there is an option
-   [452]-loop that makes it easier. Of course when x11vnc restarts it
+   [453]-loop that makes it easier. Of course when x11vnc restarts it
    needs to have permissions to connect to the (potentially new) X
    display. This mode could be useful if the X server restarts often. Use
    e.g. "-loop5000" to sleep 5000 ms between restarts. Also "-loop2000,5"
    to sleep 2000 ms and only restart 5 times.
 
-   One can also use the [453]-loopbg to emulate inetd(8) to some degree,
+   One can also use the [454]-loopbg to emulate inetd(8) to some degree,
    where each connected process runs in the background. It could be
-   combined, say, with the [454]-svc option to provide simple terminal
+   combined, say, with the [455]-svc option to provide simple terminal
    services without using inetd(8).
 
 
@@ -5537,7 +5604,7 @@ t:5
    web browser?
 
    To have x11vnc serve up a Java VNC viewer applet to any web browsers
-   that connect to it, run x11vnc with this [455]option:
+   that connect to it, run x11vnc with this [456]option:
   -httpdir /path/to/the/java/classes/dir
 
    (this directory will contain the files index.vnc and, for example,
@@ -5556,7 +5623,7 @@ t:5
    then you can connect to that URL with any Java enabled browser. Feel
    free to customize the default index.vnc file in the classes directory.
 
-   As of May/2005 the [456]-http option will try to guess where the Java
+   As of May/2005 the [457]-http option will try to guess where the Java
    classes jar file is by looking in expected locations and ones relative
    to the x11vnc binary.
 
@@ -5565,7 +5632,7 @@ t:5
    either the java or appletviewer commands to run the program.
   java -cp ./VncViewer.jar VncViewer HOST far-away.east PORT 5900
 
-   Proxies: See the [457]discussion here if the web browser must use a
+   Proxies: See the [458]discussion here if the web browser must use a
    web proxy to connect to the internet. It is tricky to get Java applets
    to work in this case: a signed applet must be used so it can connect
    to the proxy and ask for the redirection to the VNC server. One way to
@@ -5581,7 +5648,7 @@ t:5
    As of Mar/2004 x11vnc supports reverse connections. On Unix one starts
    the VNC viewer in listen mode: "vncviewer -listen" (see your
    documentation for Windows, etc), and then starts up x11vnc with the
-   [458]-connect option. To connect immediately at x11vnc startup time
+   [459]-connect option. To connect immediately at x11vnc startup time
    use the "-connect host:port" option (use commas for a list of hosts to
    connect to.) The ":port" is optional (default is VNC listening port is
    5500.)
@@ -5590,11 +5657,11 @@ t:5
    file is checked periodically (about once a second) for new hosts to
    connect to.
 
-   The [459]-remote control option (aka -R) can also be used to do this
+   The [460]-remote control option (aka -R) can also be used to do this
    during an active x11vnc session, e.g.:
 x11vnc -display :0 -R connect:hostname.domain
 
-   Use the "[460]-connect_or_exit" option to have x11vnc exit if the
+   Use the "[461]-connect_or_exit" option to have x11vnc exit if the
    reverse connection fails. Also, note the "-rfbport 0" option disables
    TCP listening for connections (potentially useful for reverse
    connection mode, assuming you do not want any "forward" connections.)
@@ -5607,7 +5674,7 @@ x11vnc -display :0 -R connect:hostname.domain
    X11VNC_REVERSE_CONNECTION_NO_AUTH=1" to x11vnc.
 
    Vncconnect command: To use the vncconnect(1) program (from the core
-   VNC package at www.realvnc.com) specify the [461]-vncconnect option to
+   VNC package at www.realvnc.com) specify the [462]-vncconnect option to
    x11vnc (Note: as of Dec/2004 -vncconnect is now the default.)
    vncconnect(1) must be pointed to the same X11 DISPLAY as x11vnc (since
    it uses X properties to communicate with x11vnc.) If you do not have
@@ -5626,7 +5693,7 @@ xprop -root -f VNC_CONNECT 8s -set VNC_CONNECT "$1"
    proxy or SSH?
 
    Yes, as of Oct/2007 x11vnc supports reverse connections through
-   proxies: use the "[462]-proxy host:port" option. The default is to
+   proxies: use the "[463]-proxy host:port" option. The default is to
    assume the proxy is a Web proxy. Note that most Web proxies only allow
    proxy destination connections to ports 443 (HTTPS) and 563 (SNEWS) and
    so this might not be too useful unless the proxy has been modified
@@ -5646,11 +5713,11 @@ xprop -root -f VNC_CONNECT 8s -set VNC_CONNECT "$1"
    connections.
 
    An experimental mode is "-proxy http://host:port/..." where the URL
-   (e.g. a CGI script) is retrieved via the GET method. See [463]-proxy
+   (e.g. a CGI script) is retrieved via the GET method. See [464]-proxy
    for more info.
 
    Another experimental mode is "-proxy ssh://user@host" in which case a
-   SSH tunnel is used for the proxying. See [464]-proxy for more info.
+   SSH tunnel is used for the proxying. See [465]-proxy for more info.
 
    Up to 3 proxies may be chained together by listing them by commas
    e.g.: "-proxy http://host1:port1,socks5://host2:port2" in case one
@@ -5658,7 +5725,34 @@ xprop -root -f VNC_CONNECT 8s -set VNC_CONNECT "$1"
    listening viewer.
 
 
-   Q-67: Can I use x11vnc as a replacement for Xvnc? (i.e. not for a real
+   Q-67: Can x11vnc provide a multi-user desktop web login service as an
+   Apache CGI or PHP script?
+   Yes. See the example script [466]desktop.cgi for ideas. It is in the
+   source tree in the directory x11vnc/misc. It serves x11vnc's SSL
+   enabled Java Applet to the web browser with the correct connection
+   information for the user's virtual desktop (an [467]Xvfb session via
+   [468]-create; be sure to add the Xvfb package.) HTTPS/SSL enabled
+   Apache should be used to serve the script to avoid unix and vnc
+   passwords from being sent in cleartext and sniffed.
+
+   By default it uses a separate VNC port for each user desktop (either
+   by autoprobing in a range of ports or using a port based on the userid
+   number.) The web server's firewall must allow incoming connections to
+   these ports.
+
+   It is somewhat difficult to do all of this with x11vnc listening on a
+   single port, however there is also a 'fixed port' scheme described in
+   the script based on [469]-loopbg that works fairly well (but more
+   experience is needed to see what problems contention for the same port
+   causes; however at worst one user may need to re-login.)
+
+   There is also an optional 'port redirection' mode for desktop.cgi that
+   allows redirection to other machines inside the firewall already
+   running SSL enabled VNC servers. This provides much of the
+   functionality as the [470]SSL Portal and is easier to set up.
+
+
+   Q-68: Can I use x11vnc as a replacement for Xvnc? (i.e. not for a real
    display, but for a virtual one I keep around.)
 
    You can, but you would not be doing this for performance reasons (for
@@ -5672,14 +5766,17 @@ xprop -root -f VNC_CONNECT 8s -set VNC_CONNECT "$1"
    Another method, faster and more accurate, is to use the "dummy" Device
    Driver in XFree86/Xorg (see below.)
 
+   For these virtual sessions you will need to install the Xvfb program
+   (e.g. apt-get install xvfb) or our Xdummy program (see below.)
+
    In either case, one can view this desktop both remotely and also
-   [465]locally using vncviewer. Make sure vncviewer's "-encodings raw"
+   [471]locally using vncviewer. Make sure vncviewer's "-encodings raw"
    is in effect for local viewing (compression seems to slow things down
    locally.) For local viewing you set up a "bare" window manager that
-   just starts up vncviewer and nothing else ([466]See how below.)
+   just starts up vncviewer and nothing else ([472]See how below.)
 
    Here is one way to start up Xvfb:
-  xinit -- /usr/X11R6/bin/Xvfb :1 -cc 4 -screen 0 1024x768x16
+  xinit -- /usr/bin/Xvfb :1 -cc 4 -screen 0 1024x768x16
 
    This starts up a 16bpp virtual display. To export it via VNC use
   x11vnc -display :1 ...
@@ -5696,19 +5793,19 @@ xprop -root -f VNC_CONNECT 8s -set VNC_CONNECT "$1"
    "screen scrape" it very efficiently (more than, say, 100X faster than
    normal video hardware.)
 
-   Update Nov/2006: See the [467]FINDCREATEDISPLAY discussion of the
-   "[468]-display WAIT:cmd=FINDDISPLAY" option where virtual (Xvfb or
+   Update Nov/2006: See the [473]FINDCREATEDISPLAY discussion of the
+   "[474]-display WAIT:cmd=FINDDISPLAY" option where virtual (Xvfb or
    Xdummy, or even real ones by changing an option) X servers are started
    automatically for new users connecting. This provides a "desktop
    service" for the machine. You either get your real X session or your
    virtual (Xvfb/Xdummy) one whenever you connect to the machine
-   (inetd(8) is a nice way to provide this service.) The [469]-find,
-   [470]-create, [471]-svc, and [472]-xdmsvc aliases can also come in
+   (inetd(8) is a nice way to provide this service.) The [475]-find,
+   [476]-create, [477]-svc, and [478]-xdmsvc aliases can also come in
    handy here.
 
    There are some annoyances WRT Xvfb however. The default keyboard
    mapping seems to be very poor. One should run x11vnc with
-   [473]-add_keysyms option to have keysyms added automatically. Also, to
+   [479]-add_keysyms option to have keysyms added automatically. Also, to
    add the Shift_R and Control_R modifiers something like this is needed:
 #!/bin/sh
 xmodmap -e "keycode any = Shift_R"
@@ -5720,7 +5817,7 @@ xmodmap -e "keycode any = Alt_R"
 xmodmap -e "keycode any = Meta_L"
 xmodmap -e "add Mod1 = Alt_L Alt_R Meta_L"
 
-   (note: these are applied automatically in the [474]FINDCREATEDISPLAY
+   (note: these are applied automatically in the [480]FINDCREATEDISPLAY
    mode of x11vnc.) Perhaps the Xvfb options -xkbdb or -xkbmap could be
    used to get a better default keyboard mapping...
 
@@ -5735,11 +5832,11 @@ xmodmap -e "add Mod1 = Alt_L Alt_R Meta_L"
 
    The main drawback to this method (besides requiring extra
    configuration and possibly root permission) is that it also does the
-   Linux Virtual Console/Terminal (VC/VT) [475]switching even though it
+   Linux Virtual Console/Terminal (VC/VT) [481]switching even though it
    does not need to (since it doesn't use a real framebuffer.) There are
    some "dual headed" (actually multi-headed/multi-user) patches to the X
    server that turn off the VT usage in the X server. Update: As of
-   Jul/2005 we have an LD_PRELOAD script [476]Xdummy that allows you to
+   Jul/2005 we have an LD_PRELOAD script [482]Xdummy that allows you to
    use a stock (i.e. unpatched) Xorg or XFree86 server with the "dummy"
    driver and not have any VT switching problems! An advantage of Xdummy
    over Xvfb is that Xdummy supports RANDR dynamic screen resizing.
@@ -5766,7 +5863,7 @@ x11vnc -display :5 -rfbport 5905 -bg
 vncviewer -geometry +0+0 -encodings raw -passwd $HOME/.vnc/passwd localhost:5
 
    The display numbers (VNC and X) will likely be different (you could
-   also try [477]-find), and you may not need the -passwd. Recent RealVNC
+   also try [483]-find), and you may not need the -passwd. Recent RealVNC
    viewers might be this:
 #!/bin/sh
 x11vnc -display :5 -rfbport 5905 -bg
@@ -5784,10 +5881,10 @@ t:5
    XDM/GDM/KDM One-Shot X sessions: For the general replacement of Xvnc
    by Xvfb+x11vnc, one user describes a similar setup he created where
    the X sessions are one-shot's (destroyed after the vncviewer
-   disconnects) and it uses the XDM/GDM/KDM login greeter [478]here.
+   disconnects) and it uses the XDM/GDM/KDM login greeter [484]here.
 
 
-   Q-68: How can I use x11vnc on "headless" machines? Why might I want
+   Q-69: How can I use x11vnc on "headless" machines? Why might I want
    to?
 
    An interesting application of x11vnc is to let it export displays of
@@ -5799,7 +5896,7 @@ t:5
    An X server can be started on the headless machine (sometimes this
    requires configuring the X server to not fail if it cannot detect a
    keyboard or mouse, see the next paragraph.) Then you can export that X
-   display via x11vnc (e.g. see [479]this FAQ) and access it from
+   display via x11vnc (e.g. see [485]this FAQ) and access it from
    anywhere on the network via a VNC viewer.
 
    Some tips on getting X servers to start on machines without keyboard
@@ -5823,15 +5920,15 @@ t:5
    cards as it can hold to provide multiple simultaneous access or
    testing on different kinds of video hardware.
 
-   See also the [480]FINDCREATEDISPLAY discussion of the "[481]-display
+   See also the [486]FINDCREATEDISPLAY discussion of the "[487]-display
    WAIT:cmd=FINDDISPLAY" option where virtual Xvfb or Xdummy, or real X
    servers are started automatically for new users connecting. The
-   [482]-find, [483]-create, [484]-svc, and [485]-xdmsvc aliases can also
+   [488]-find, [489]-create, [490]-svc, and [491]-xdmsvc aliases can also
    come in handy here.
 
    [Resource Usage and Performance]
 
-   Q-69: I have lots of memory, but why does x11vnc fail with    shmget:
+   Q-70: I have lots of memory, but why does x11vnc fail with    shmget:
    No space left on device    or    Minor opcode of failed request: 1
    (X_ShmAttach)?
 
@@ -5849,7 +5946,7 @@ t:5
   19/03/2004 10:10:58 error creating tile-row shm for len=4
   19/03/2004 10:10:58 reverting to single_copytile mode
 
-   Here is a shell script [486]shm_clear to list and prompt for removal
+   Here is a shell script [492]shm_clear to list and prompt for removal
    of your unattached shm segments (attached ones are skipped.) I use it
    while debugging x11vnc (I use "shm_clear -y" to assume "yes" for each
    prompt.) If x11vnc is regularly not cleaning up its shm segments,
@@ -5883,49 +5980,49 @@ ied)
    in /etc/system. See the next paragraph for more workarounds.
 
    To minimize the number of shm segments used by x11vnc try using the
-   [487]-onetile option (corresponds to only 3 shm segments used, and
+   [493]-onetile option (corresponds to only 3 shm segments used, and
    adding -fs 1.0 knocks it down to 2.) If you are having much trouble
    with shm segments, consider disabling shm completely via the
-   [488]-noshm option. Performance will be somewhat degraded but when
+   [494]-noshm option. Performance will be somewhat degraded but when
    done over local machine sockets it should be acceptable (see an
-   [489]earlier question discussing -noshm.)
+   [495]earlier question discussing -noshm.)
 
 
-   Q-70: How can I make x11vnc use less system resources?
+   Q-71: How can I make x11vnc use less system resources?
 
-   The [490]-nap (now on by default; use -nonap to disable) and
-   "[491]-wait n" (where n is the sleep between polls in milliseconds,
+   The [496]-nap (now on by default; use -nonap to disable) and
+   "[497]-wait n" (where n is the sleep between polls in milliseconds,
    the default is 30 or so) option are good places to start. In addition,
-   something like "[492]-sb 15" will cause x11vnc to go into a deep-sleep
+   something like "[498]-sb 15" will cause x11vnc to go into a deep-sleep
    mode after 15 seconds of no activity (instead of the default 60.)
 
    Reducing the X server bits per pixel depth (e.g. to 16bpp or even
    8bpp) will further decrease memory I/O and network I/O. The ShadowFB X
    server setting will make x11vnc's screen polling less severe. Using
-   the [493]-onetile option will use less memory and use fewer shared
-   memory slots (add [494]-fs 1.0 for one less slot.)
+   the [499]-onetile option will use less memory and use fewer shared
+   memory slots (add [500]-fs 1.0 for one less slot.)
 
 
-   Q-71: How can I make x11vnc use MORE system resources?
+   Q-72: How can I make x11vnc use MORE system resources?
 
-   You can try [495]-threads (note this mode can be unstable and/or
+   You can try [501]-threads (note this mode can be unstable and/or
    crash; and as of May/2008 is strongly discouraged, see the option
    description) or dial down the wait time (e.g. -wait 1) and possibly
-   dial down [496]-defer as well. Note that if you try to increase the
+   dial down [502]-defer as well. Note that if you try to increase the
    "frame rate" too much you can bog down the server end with the extra
    work it needs to do compressing the framebuffer data, etc.
 
    That said, it is possible to "stream" video via x11vnc if the video
    window is small enough. E.g. a 256x192 xawtv TV capture window (using
-   the x11vnc [497]-id option) can be streamed over a LAN or wireless at
+   the x11vnc [503]-id option) can be streamed over a LAN or wireless at
    a reasonable frame rate. If the graphics card's framebuffer read rate
-   is [498]faster than normal then the video window size and frame rate
-   can be much higher. The use of [499]TurboVNC and/or TurboJPEG can make
+   is [504]faster than normal then the video window size and frame rate
+   can be much higher. The use of [505]TurboVNC and/or TurboJPEG can make
    the frame rate somewhat higher still (but most of this hinges on the
    graphics card's read rate.)
 
 
-   Q-72: I use x11vnc over a slow link with high latency (e.g. dialup
+   Q-73: I use x11vnc over a slow link with high latency (e.g. dialup
    modem or broadband), is there anything I can do to speed things up?
 
    Some things you might want to experiment with (many of which will help
@@ -5937,7 +6034,7 @@ ied)
      * Use a smaller desktop size (e.g. 1024x768 instead of 1280x1024)
      * Make sure the desktop background is a solid color (the background
        is resent every time it is re-exposed.) Consider using the
-       [500]-solid [color] option to try to do this automatically.
+       [506]-solid [color] option to try to do this automatically.
      * Configure your window manager or desktop "theme" to not use fancy
        images, shading, and gradients for the window decorations, etc.
        Disable window animations, etc. Maybe your desktop has a "low
@@ -5946,9 +6043,9 @@ ied)
        -> Use Smooth Scrolling (deselect it.)
      * Avoid small scrolls of large windows using the Arrow keys or
        scrollbar. Try to use PageUp/PageDown instead. (not so much of a
-       problem in x11vnc 0.7.2 if [501]-scrollcopyrect is active and
+       problem in x11vnc 0.7.2 if [507]-scrollcopyrect is active and
        detecting scrolls for the application.)
-     * If the [502]-wireframe option is not available (earlier than
+     * If the [508]-wireframe option is not available (earlier than
        x11vnc 0.7.2 or you have disabled it via -nowireframe) then
        Disable Opaque Moves and Resizes in the window manager/desktop.
      * However if -wireframe is active (on by default in x11vnc 0.7.2)
@@ -5971,7 +6068,7 @@ ied)
        noticed.
 
      VNC viewer parameters:
-     * Use a [503]TightVNC enabled viewer! (Actually, RealVNC 4.x viewer
+     * Use a [509]TightVNC enabled viewer! (Actually, RealVNC 4.x viewer
        with ZRLE encoding is not too bad either; some claim it is
        faster.)
      * Make sure the tight (or zrle) encoding is being used (look at
@@ -5979,7 +6076,7 @@ ied)
      * Request 8 bits per pixel using -bgr233 (up to 4X speedup over
        depth 24 TrueColor (32bpp), but colors will be off)
      * RealVNC 4.x viewer has some extremely low color modes (only 64 and
-       even 8 colors.) [504]SSVNC does too. The colors are poor, but it
+       even 8 colors.) [510]SSVNC does too. The colors are poor, but it
        is usually noticeably faster than bgr233 (256 colors.)
      * Try increasing the TightVNC -compresslevel (compresses more on
        server side before sending, but uses more CPU)
@@ -5993,39 +6090,39 @@ ied)
        file.
 
      x11vnc parameters:
-     * Make sure the [505]-wireframe option is active (it should be on by
+     * Make sure the [511]-wireframe option is active (it should be on by
        default) and you have Opaque Moves/Resizes Enabled in the window
        manager.
-     * Make sure the [506]-scrollcopyrect option is active (it should be
+     * Make sure the [512]-scrollcopyrect option is active (it should be
        on by default.) This detects scrolls in many (but not all)
        applications an applies the CopyRect encoding for a big speedup.
      * Enforce a solid background when VNC viewers are connected via
-       [507]-solid
-     * Try x11vnc's client-side caching [508]client-side caching scheme:
-       [509]-ncache
-     * Specify [510]-speeds modem to force the wireframe and
+       [513]-solid
+     * Try x11vnc's client-side caching [514]client-side caching scheme:
+       [515]-ncache
+     * Specify [516]-speeds modem to force the wireframe and
        scrollcopyrect heuristic parameters (and any future ones) to those
        of a dialup modem connection (or supply the rd,bw,lat numerical
        values that characterize your link.)
      * If wireframe and scrollcopyrect aren't working, try using the more
-       drastic [511]-nodragging (no screen updates when dragging mouse,
+       drastic [517]-nodragging (no screen updates when dragging mouse,
        but sometimes you miss visual feedback)
-     * Set [512]-fs 1.0 (disables fullscreen updates)
-     * Try increasing [513]-wait or [514]-defer (reduces the maximum
+     * Set [518]-fs 1.0 (disables fullscreen updates)
+     * Try increasing [519]-wait or [520]-defer (reduces the maximum
        "frame rate", but won't help much for large screen changes)
-     * Try the [515]-progressive pixelheight mode with the block
+     * Try the [521]-progressive pixelheight mode with the block
        pixelheight 100 or so (delays sending vertical blocks since they
        may change while viewer is receiving earlier ones)
-     * If you just want to watch one (simple) window use [516]-id or
-       [517]-appshare (cuts down extraneous polling and updates, but can
+     * If you just want to watch one (simple) window use [522]-id or
+       [523]-appshare (cuts down extraneous polling and updates, but can
        be buggy or insufficient)
-     * Set [518]-nosel (disables all clipboard selection exchange)
-     * Use [519]-nocursor and [520]-nocursorpos (repainting the remote
+     * Set [524]-nosel (disables all clipboard selection exchange)
+     * Use [525]-nocursor and [526]-nocursorpos (repainting the remote
        cursor position and shape takes resources and round trips)
      * On very slow links (e.g. <= 28.8) you may need to increase the
-       [521]-readtimeout n setting if it sometimes takes more than 20sec
+       [527]-readtimeout n setting if it sometimes takes more than 20sec
        to paint the full screen, etc.
-     * Do not use [522]-fixscreen to automatically refresh the whole
+     * Do not use [528]-fixscreen to automatically refresh the whole
        screen, tap three Alt_L's then the screen has painting errors
        (rare problem.)
 
@@ -6076,7 +6173,7 @@ ied)
      * TBD.
 
 
-   Q-73: Does x11vnc support the X DAMAGE Xserver extension to find
+   Q-74: Does x11vnc support the X DAMAGE Xserver extension to find
    modified regions of the screen quickly and efficiently?
 
    Yes, as of Mar/2005 x11vnc will use the X DAMAGE extension by default
@@ -6094,7 +6191,7 @@ ied)
 
    Note that the DAMAGE extension does not speed up the actual reading of
    pixels from the video card framebuffer memory, by, say, mirroring them
-   in main memory. So reading the fb is still painfully [523]slow (e.g.
+   in main memory. So reading the fb is still painfully [529]slow (e.g.
    5MB/sec), and so even using X DAMAGE when large changes occur on the
    screen the bulk of the time is still spent retrieving them. Not ideal,
    but use of the ShadowFB XFree86/Xorg option speeds up the reading
@@ -6112,45 +6209,45 @@ ied)
    DAMAGE rectangles to contain real damage. The larger rectangles are
    only used as hints to focus the traditional scanline polling (i.e. if
    a scanline doesn't intersect a recent DAMAGE rectangle, the scan is
-   skipped.) You can use the "[524]-xd_area A" option to adjust the size
+   skipped.) You can use the "[530]-xd_area A" option to adjust the size
    of the trusted DAMAGE rectangles. The default is 20000 pixels (e.g. a
    140x140 square, etc.) Use "-xd_area 0" to disable the cutoff and trust
    all DAMAGE rectangles.
 
-   The option "[525]-xd_mem f" may also be of use in tuning the
-   algorithm. To disable using DAMAGE entirely use "[526]-noxdamage".
+   The option "[531]-xd_mem f" may also be of use in tuning the
+   algorithm. To disable using DAMAGE entirely use "[532]-noxdamage".
 
 
-   Q-74: My OpenGL application shows no screen updates unless I supply
+   Q-75: My OpenGL application shows no screen updates unless I supply
    the -noxdamage option to x11vnc.
    One user reports in his environment (MythTV using the NVIDIA OpenGL
    drivers) he gets no updates after the initial screen is drawn unless
-   he uses the "[527]-noxdamage" option.
+   he uses the "[533]-noxdamage" option.
 
    This seems to be a bug in the X DAMAGE implementation of that driver.
    You may have to use -noxdamage as well. A way to autodetect this will
    be tried, probably the best it will do is automatically stop using X
    DAMAGE.
 
-   A developer for [528]MiniMyth reports that the 'alphapulse' tag of the
+   A developer for [534]MiniMyth reports that the 'alphapulse' tag of the
    theme G.A.N.T. can also cause problems, and should be avoided when
    using VNC.
 
-   Update: see [529]this FAQ too.
+   Update: see [535]this FAQ too.
 
 
-   Q-75: When I drag windows around with the mouse or scroll up and down
+   Q-76: When I drag windows around with the mouse or scroll up and down
    things really bog down (unless I do the drag in a single, quick
    motion.) Is there anything to do to improve things?
 
-   This problem is primarily due to [530]slow hardware read rates from
+   This problem is primarily due to [536]slow hardware read rates from
    video cards: as you scroll or move a large window around the screen
    changes are much too rapid for x11vnc to keep up them (it can usually
    only read the video card at about 5-10 MB/sec, so it can take a good
    fraction of a second to read the changes induce from moving a large
    window, if this to be done a number of times in succession the window
    or scroll appears to "lurch" forward.) See the description in the
-   [531]-pointer_mode option for more info. The next bottleneck is
+   [537]-pointer_mode option for more info. The next bottleneck is
    compressing all of these changes and sending them out to connected
    viewers, however the VNC protocol is pretty much self-adapting with
    respect to that (updates are only packaged and sent when viewers ask
@@ -6160,27 +6257,27 @@ ied)
    default should now be much better than before and dragging small
    windows around should no longer be a huge pain. If for some reason
    these changes make matters worse, you can go back to the old way via
-   the "[532]-pointer_mode 1" option.
+   the "[538]-pointer_mode 1" option.
 
-   Also added was the [533]-nodragging option that disables all screen
+   Also added was the [539]-nodragging option that disables all screen
    updates while dragging with the mouse (i.e. mouse motion with a button
    held down.) This gives the snappiest response, but might be undesired
    in some circumstances when you want to see the visual feedback while
    dragging (e.g. menu traversal or text selection.)
 
-   As of Dec/2004 the [534]-pointer_mode n option was introduced. n=1 is
+   As of Dec/2004 the [540]-pointer_mode n option was introduced. n=1 is
    the original mode, n=2 an improvement, etc.. See the -pointer_mode n
    help for more info.
 
-   Also, in some circumstances the [535]-threads option can improve
+   Also, in some circumstances the [541]-threads option can improve
    response considerably. Be forewarned that if more than one vncviewer
    is connected at the same time then libvncserver may not be thread safe
    (try to get the viewers to use different VNC encodings, e.g. tight and
    ZRLE.) This option can be unstable and so as of Feb/2008 it is
    disabled by default. Set env. X11VNC_THREADED=1 to re-enable.
 
-   As of Apr/2005 two new options (see the [536]wireframe FAQ and
-   [537]scrollcopyrect FAQ below) provide schemes to sweep this problem
+   As of Apr/2005 two new options (see the [542]wireframe FAQ and
+   [543]scrollcopyrect FAQ below) provide schemes to sweep this problem
    under the rug for window moves or resizes and for some (but not all)
    window scrolls. These are the preferred way of avoiding the "lurching"
    problem, contact me if they are not working. Note on SuSE and some
@@ -6193,7 +6290,7 @@ Section "Module"
 EndSection
 
 
-   Q-76: Why not do something like wireframe animations to avoid the
+   Q-77: Why not do something like wireframe animations to avoid the
    windows "lurching" when being moved or resized?
 
    Nice idea for a hack! As of Apr/2005 x11vnc by default will apply
@@ -6204,8 +6301,8 @@ EndSection
    the window move/resize stops, it returns to normal processing: you
    should only see the window appear in the new position. This spares you
    from interacting with a "lurching" window between all of the
-   intermediate steps. BTW the lurching is due to [538]slow video card
-   read rates (see [539]here too.) A displacement, even a small one, of a
+   intermediate steps. BTW the lurching is due to [544]slow video card
+   read rates (see [545]here too.) A displacement, even a small one, of a
    large window requires a non-negligible amount of time, a good fraction
    of a second, to read in from the hardware framebuffer.
 
@@ -6213,7 +6310,7 @@ EndSection
    for -wireframe to do any good.
 
    The mode is currently on by default because most people are afflicted
-   with the problem. It can be disabled with the [540]-nowireframe option
+   with the problem. It can be disabled with the [546]-nowireframe option
    (aka -nowf.) Why might one want to turn off the wireframing? Since
    x11vnc is merely guessing when windows are being moved/resized, it may
    guess poorly for your window-manager or desktop, or even for the way
@@ -6259,13 +6356,13 @@ EndSection
      * Maximum time to show a wireframe animation.
      * Minimum time between sending wireframe outlines.
 
-   See the [541]"-wireframe tweaks" option for more details. On a slow
+   See the [547]"-wireframe tweaks" option for more details. On a slow
    link, e.g. dialup modem, the parameters may be automatically adjusted
    for better response.
 
 
    CopyRect encoding:  In addition to the above there is the
-   [542]"-wirecopyrect mode" option. It is also on by default. This
+   [548]"-wirecopyrect mode" option. It is also on by default. This
    instructs x11vnc to not only show the wireframe animation, but to also
    instruct all connected VNC viewers to locally translate the window
    image data from the original position to the new position on the
@@ -6296,7 +6393,7 @@ EndSection
    -nowirecopyrect if this or other painting errors are unacceptable.
 
 
-   Q-77: Can x11vnc try to apply heuristics to detect when a window is
+   Q-78: Can x11vnc try to apply heuristics to detect when a window is
    scrolling its contents and use the CopyRect encoding for a speedup?
 
    Another nice idea for a hack! As of May/2005 x11vnc will by default
@@ -6313,7 +6410,7 @@ EndSection
    requiring the image data to be transmitted over the network. For fast
    links the speedup is primarily due to x11vnc not having to read the
    scrolled framebuffer data from the X server (recall that reading from
-   the hardware framebuffer is [543]slow.)
+   the hardware framebuffer is [549]slow.)
 
    To do this x11vnc uses the RECORD X extension to snoop the X11
    protocol between the X client with the focus window and the X server.
@@ -6340,10 +6437,10 @@ EndSection
    the X server display: if one falls too far behind it could become a
    mess...
 
-   The initial implementation of [544]-scrollcopyrect option is useful in
+   The initial implementation of [550]-scrollcopyrect option is useful in
    that it detects many scrolls and thus gives a much nicer working
-   environment (especially when combined with the [545]-wireframe
-   [546]-wirecopyrect [547]options, which are also on by default; and if
+   environment (especially when combined with the [551]-wireframe
+   [552]-wirecopyrect [553]options, which are also on by default; and if
    you are willing to enable the ShadowFB things are very fast.) The fact
    that there aren't long delays or lurches during scrolling is the
    primary improvement.
@@ -6376,10 +6473,10 @@ EndSection
        One can tap the Alt_L key (Left "Alt" key) 3 times in a row to
        signal x11vnc to refresh the screen to all viewers. Your
        VNC-viewer may have its own screen refresh hot-key or button. See
-       also: [548]-fixscreen
+       also: [554]-fixscreen
      * Some applications, notably OpenOffice, do XCopyArea scrolls in
        weird ways that assume ancestor window clipping is taking place.
-       See the [549]-scr_skip option for ways to tweak this on a
+       See the [555]-scr_skip option for ways to tweak this on a
        per-application basis.
      * Selecting text while dragging the mouse may be slower, especially
        if the Button-down event happens near the window's edge. This is
@@ -6396,7 +6493,7 @@ EndSection
        because it fails to detect scrolls in it. Sometimes clicking
        inside the application window or selecting some text in it to
        force the focus helps.
-     * When using the [550]-scale option there will be a quick CopyRect
+     * When using the [556]-scale option there will be a quick CopyRect
        scroll, but it needs to be followed by a slower "cleanup" update.
        This is because for a fixed finite screen resolution (e.g. 75 dpi)
        scaling and copyrect-ing are not exactly independent. Scaling
@@ -6409,7 +6506,7 @@ EndSection
 
    If you find the -scrollcopyrect behavior too approximate or
    distracting you can go back to the standard polling-only update method
-   with the [551]-noscrollcopyrect (or -noscr for short.) If you find
+   with the [557]-noscrollcopyrect (or -noscr for short.) If you find
    some extremely bad and repeatable behavior for -scrollcopyrect please
    report a bug.
 
@@ -6430,13 +6527,13 @@ EndSection
        errors.
 
 
-   Q-78: Can x11vnc do client-side caching of pixel data? I.e. so when
+   Q-79: Can x11vnc do client-side caching of pixel data? I.e. so when
    that pixel data is needed again it does not have to be retransmitted
    over the network.
 
-   As of Dec/2006 in the [552]0.9 development tarball there is an
+   As of Dec/2006 in the [558]0.9 development tarball there is an
    experimental client-side caching implementation enabled by the
-   "[553]-ncache n" option. In fact, during the test period it was on by
+   "[559]-ncache n" option. In fact, during the test period it was on by
    default with n set to 10. To disable it use "-noncache".
 
    It is a simple scheme where a (very large) lower portion of the
@@ -6463,7 +6560,7 @@ EndSection
    there is a bug: you can scroll down in your viewer and see a strange
    "history" of windows on your desktop. This is working as intended. One
    will need to try to adjust the size of his VNC Viewer window so the
-   cache area cannot be seen. [554]SSVNC (see below) can do this
+   cache area cannot be seen. [560]SSVNC (see below) can do this
    automatically.
 
    At some point LibVNCServer may implement a "rfbFBCrop" pseudoencoding
@@ -6473,7 +6570,7 @@ EndSection
    rendering...)
 
    The Enhanced TightVNC Viewer (SSVNC) Unix viewer has a nice
-   [555]-ycrop option to help hide the pixel cache area from view. It
+   [561]-ycrop option to help hide the pixel cache area from view. It
    will turn on automatically if the framebuffer appears to be very tall
    (height more than twice the width), or you can supply the actual value
    for the height. If the screen is resized by scaling, etc, the ycrop
@@ -6504,7 +6601,7 @@ EndSection
    an additional factor of 2 in memory use.
 
    However, even in the smallest usage mode with n equal 2 and
-   [556]-ncache_no_rootpixmap set (this requires only 2X additional
+   [562]-ncache_no_rootpixmap set (this requires only 2X additional
    framebuffer memory) there is still a noticable improvement for many
    activities, although it is not as dramatic as with, say n equal 12 and
    rootpixmap (desktop background) caching enabled.
@@ -6515,7 +6612,7 @@ EndSection
    be tuned to use less, or the VNC community will extend the protocol to
    allow caching and replaying of compressed blobs of data.
 
-   Another option to experiment with is "[557]-ncache_cr". By specifying
+   Another option to experiment with is "[563]-ncache_cr". By specifying
    it, x11vnc will try to do smooth opaque window moves instead of its
    wireframe. This can give a very nice effect (note: on Unix the realvnc
    viewer seems to be smoother than the tightvnc viewer), but can lead to
@@ -6568,28 +6665,28 @@ EndSection
    improving VNC performance by client side caching.
 
 
-   Q-79: Does x11vnc support TurboVNC?
+   Q-80: Does x11vnc support TurboVNC?
 
    As of Feb/2009 (development tarball) there is an experimental kludge
    to let you build x11vnc using TurboVNC's modified TightVNC encoding.
-   [558]TurboVNC is part of the [559]VirtualGL project. It does two main
+   [564]TurboVNC is part of the [565]VirtualGL project. It does two main
    things to speed up the TightVNC encoding:
      * It eliminates bottlenecks, overheads, wait-times in the TightVNC
        encoding implementation and instead only worries about sending
        very well (and quickly) compressed JPEG data.
      * A fast proprietary JPEG implemention is used (Intel IPP on x86)
-       instead of the usual libjpeg implementation. [560]TurboJPEG is an
+       instead of the usual libjpeg implementation. [566]TurboJPEG is an
        interface library, libturbojpeg, provided by the project that
        achieves this.
 
    TurboVNC works very well over LAN and evidently fast Broadband too.
    When using it with x11vnc in such a situation you may want to dial
-   down the delays, e.g. "[561]-wait 5" and "[562]-defer 5" (or even a
+   down the delays, e.g. "[567]-wait 5" and "[568]-defer 5" (or even a
    smaller setting) to poll and pump things out more quickly.
 
    See the instructions in "x11vnc/misc/turbovnc/README" for how to build
    x11vnc with TurboVNC support. You will also need to download the
-   [563]TurboJPEG software.
+   [569]TurboJPEG software.
 
    In brief, the steps look like this:
   cd x11vnc-x.y.z/x11vnc/misc/turbovnc
@@ -6601,22 +6698,22 @@ EndSection
    where you replace "/DIR" with the directory containing libturbojpeg.so
    you downloaded separately. If it works out well enough TurboVNC
    support will be integrated into x11vnc and more of its tuning features
-   will be implemented. Support for TurboVNC in [564]SSVNC viewer has
+   will be implemented. Support for TurboVNC in [570]SSVNC viewer has
    been added as an experiment as well. If you try either one, let us
    know how it went.
 
    There also may be some Linux.i686 and Darwin.i386 x11vnc binaries with
-   TurboVNC support in the [565]misc. bins directory. For other platforms
+   TurboVNC support in the [571]misc. bins directory. For other platforms
    you will need to compile yourself.
 
    On relatively cheap and old hardware (Althon64 X2 5000+ / GeForce
-   6200) x11vnc and [566]SSVNC, both TurboVNC enabled, were able to
+   6200) x11vnc and [572]SSVNC, both TurboVNC enabled, were able to
    sustain 13.5 frames/sec (fps) and 15 Megapixels/sec using the
    VirtualGL supplied OpenGL benchmark program glxspheres. VirtualGL on
-   higher-end hardware can sustain [567]20-30 fps with the glxspheres
+   higher-end hardware can sustain [573]20-30 fps with the glxspheres
    benchmark.
 
-   Potential Slowdown: As we describe [568]elsewhere, unless you use
+   Potential Slowdown: As we describe [574]elsewhere, unless you use
    x11vnc with an X server using, say, NVidia proprietary drivers (or a
    virtual X server like Xvfb or Xdummy, or in ShadowFB mode), then the
    read rate from the graphics card can be rather slow (e.g. 10 MB/sec)
@@ -6641,7 +6738,7 @@ EndSection
 
    [Mouse Cursor Shapes]
 
-   Q-80: Why isn't the mouse cursor shape (the little icon shape where
+   Q-81: Why isn't the mouse cursor shape (the little icon shape where
    the mouse pointer is) correct as I move from window to window?
 
    On X servers supporting XFIXES or Solaris/IRIX Overlay extensions it
@@ -6656,23 +6753,23 @@ EndSection
    this is because the cursor shape is often downloaded to the graphics
    hardware (video card), but I could be mistaken.
 
-   A simple kludge is provided by the "[569]-cursor X" option that
+   A simple kludge is provided by the "[575]-cursor X" option that
    changes the cursor when the mouse is on the root background (or any
    window has the same cursor as the root background.) Note that desktops
    like GNOME or KDE often cover up the root background, so this won't
-   work for those cases. Also see the "[570]-cursor some" option for
+   work for those cases. Also see the "[576]-cursor some" option for
    additional kludges.
 
    Note that as of Aug/2004 on Solaris using the SUN_OVL overlay
    extension and IRIX, x11vnc can show the correct mouse cursor when the
-   [571]-overlay option is supplied. See [572]this FAQ for more info.
+   [577]-overlay option is supplied. See [578]this FAQ for more info.
 
    Also as of Dec/2004 XFIXES X extension support has been added to allow
    exact extraction of the mouse cursor shape. XFIXES fixes the problem
    of the cursor-shape being write-only: x11vnc can now query the X
    server for the current shape and send it back to the connected
    viewers. XFIXES is available on recent Linux Xorg based distros and
-   [573]Solaris 10.
+   [579]Solaris 10.
 
    The only XFIXES issue is the handling of alpha channel transparency in
    cursors. If a cursor has any translucency then in general it must be
@@ -6680,10 +6777,10 @@ EndSection
    situations where the cursor transparency can also handled exactly:
    when the VNC Viewer requires the cursor shape be drawn into the VNC
    framebuffer or if you apply a patch to your VNC Viewer to extract
-   hidden alpha channel data under 32bpp. [574]Details can be found here.
+   hidden alpha channel data under 32bpp. [580]Details can be found here.
 
 
-   Q-81: When using XFIXES cursorshape mode, some of the cursors look
+   Q-82: When using XFIXES cursorshape mode, some of the cursors look
    really bad with extra black borders around the cursor and other cruft.
    How can I improve their appearance?
 
@@ -6713,17 +6810,17 @@ EndSection
    for most cursor themes and you don't have to worry about it.
 
    In case it still looks bad for your cursor theme, there are (of
-   course!) some tunable parameters. The "[575]-alphacut n" option lets
+   course!) some tunable parameters. The "[581]-alphacut n" option lets
    you set the threshold "n" (between 0 and 255): cursor pixels with
    alpha values below n will be considered completely transparent while
    values equal to or above n will be completely opaque. The default is
-   240. The "[576]-alphafrac f" option tries to correct individual
+   240. The "[582]-alphafrac f" option tries to correct individual
    cursors that did not fare well with the default -alphacut value: if a
    cursor has less than fraction f (between 0.0 and 1.0) of its pixels
    selected by the default -alphacut, the threshold is lowered until f of
    its pixels are selected. The default fraction is 0.33.
 
-   Finally, there is an option [577]-alpharemove that is useful for
+   Finally, there is an option [583]-alpharemove that is useful for
    themes where many cursors are light colored (e.g. "whiteglass".)
    XFIXES returns the cursor data with the RGB values pre-multiplied by
    the alpha value. If the white cursors look too grey, specify
@@ -6741,7 +6838,7 @@ EndSection
    heavily on redglass) look fine with the apparent default of alphacut:255.
 
 
-   Q-82: In XFIXES mode, are there any hacks to handle cursor
+   Q-83: In XFIXES mode, are there any hacks to handle cursor
    transparency ("alpha channel") exactly?
 
    As of Jan/2005 libvncserver has been modified to allow an alpha
@@ -6749,10 +6846,10 @@ EndSection
    alpha channel data to libvncserver. However, this data will only be
    used for VNC clients that do not support the CursorShapeUpdates VNC
    extension (or have disabled it.) It can be disabled for all clients
-   with the [578]-nocursorshape x11vnc option. In this case the cursor is
+   with the [584]-nocursorshape x11vnc option. In this case the cursor is
    drawn, correctly blended with the background, into the VNC framebuffer
    before being sent out to the client. So the alpha blending is done on
-   the x11vnc side. Use the [579]-noalphablend option to disable this
+   the x11vnc side. Use the [585]-noalphablend option to disable this
    behavior (always approximate transparent cursors with opaque RGB
    values.)
 
@@ -6776,17 +6873,17 @@ EndSection
    example on how to change the Windows TightVNC viewer to achieve the
    same thing (send me the patch if you get that working.)
 
-   This patch is applied to the [580]Enhanced TightVNC Viewer (SSVNC)
+   This patch is applied to the [586]Enhanced TightVNC Viewer (SSVNC)
    package we provide.
 
    [Mouse Pointer]
 
-   Q-83: Why does the mouse arrow just stay in one corner in my
+   Q-84: Why does the mouse arrow just stay in one corner in my
    vncviewer, whereas my cursor (that does move) is just a dot?
 
-   This default takes advantage of a [581]tightvnc extension
+   This default takes advantage of a [587]tightvnc extension
    (CursorShapeUpdates) that allows specifying a cursor image shape for
-   the local VNC viewer. You may disable it with the [582]-nocursor
+   the local VNC viewer. You may disable it with the [588]-nocursor
    option to x11vnc if your viewer does not have this extension.
 
    Note: as of Aug/2004 this should be fixed: the default for
@@ -6795,22 +6892,22 @@ EndSection
    can also be disabled via -nocursor.
 
 
-   Q-84: Can I take advantage of the TightVNC extension to the VNC
+   Q-85: Can I take advantage of the TightVNC extension to the VNC
    protocol where Cursor Positions Updates are sent back to all connected
    clients (i.e. passive viewers can see the mouse cursor being moved
    around by another viewer)?
 
-   Use the [583]-cursorpos option when starting x11vnc. A VNC viewer must
+   Use the [589]-cursorpos option when starting x11vnc. A VNC viewer must
    support the Cursor Positions Updates for the user to see the mouse
    motions (the TightVNC viewers support this.) As of Aug/2004 -cursorpos
-   is the default. See also [584]-nocursorpos and [585]-nocursorshape.
+   is the default. See also [590]-nocursorpos and [591]-nocursorshape.
 
 
-   Q-85: Is it possible to swap the mouse buttons (e.g. left-handed
+   Q-86: Is it possible to swap the mouse buttons (e.g. left-handed
    operation), or arbitrarily remap them? How about mapping button clicks
    to keystrokes, e.g. to partially emulate Mouse wheel scrolling?
 
-   You can remap the mouse buttons via something like: [586]-buttonmap
+   You can remap the mouse buttons via something like: [592]-buttonmap
    13-31 (or perhaps 12-21.) Also, note that xmodmap(1) lets you directly
    adjust the X server's button mappings, but in some circumstances it
    might be more desirable to have x11vnc do it.
@@ -6818,7 +6915,7 @@ EndSection
    One user had an X server with only one mouse button(!) and was able to
    map all of the VNC client mouse buttons to it via: -buttonmap 123-111.
 
-   Note that the [587]-debug_pointer option prints out much info for
+   Note that the [593]-debug_pointer option prints out much info for
    every mouse/pointer event and is handy in solving problems.
 
    To map mouse button clicks to keystrokes you can use the alternate
@@ -6840,7 +6937,7 @@ EndSection
 
    Exactly what keystroke "scrolling" events they should be bound to
    depends on one's taste. If this method is too approximate, one could
-   consider not using [588]-buttonmap but rather configuring the X server
+   consider not using [594]-buttonmap but rather configuring the X server
    to think it has a mouse with 5 buttons even though the physical mouse
    does not. (e.g. 'Option "ZAxisMapping" "4 5"'.)
 
@@ -6867,10 +6964,10 @@ EndSection
    "click" usually gives a multi-line scroll.)
    [Keyboard Issues]
 
-   Q-86: How can I get my AltGr and Shift modifiers to work between
+   Q-87: How can I get my AltGr and Shift modifiers to work between
    keyboards for different languages?
 
-   The option [589]-modtweak should help here. It is a mode that monitors
+   The option [595]-modtweak should help here. It is a mode that monitors
    the state of the Shift and AltGr Modifiers and tries to deduce the
    correct keycode to send, possibly by sending fake modifier key presses
    and releases in addition to the actual keystroke.
@@ -6879,25 +6976,25 @@ EndSection
    to get the old behavior.) This was done because it was noticed on
    newer XFree86 setups even on bland "us" keyboards like "pc104 us"
    XFree86 included a "ghost" key with both "<" and ">" it. This key does
-   not exist on the keyboard (see [590]this FAQ for more info.) Without
+   not exist on the keyboard (see [596]this FAQ for more info.) Without
    -modtweak there was then an ambiguity in the reverse map keysym =>
    keycode, making it so the "<" symbol could not be typed.
 
-   Also see the [591]FAQ about the -xkb option for a more powerful method
+   Also see the [597]FAQ about the -xkb option for a more powerful method
    of modifier tweaking for use on X servers with the XKEYBOARD
    extension.
 
    When trying to resolve keyboard mapping problems, note that the
-   [592]-debug_keyboard option prints out much info for every keystroke
+   [598]-debug_keyboard option prints out much info for every keystroke
    and so can be useful debugging things.
 
    Note that one user had a strange setup and none of the above helped.
-   His solution was to disable all of the above and use [593]-nomodtweak.
+   His solution was to disable all of the above and use [599]-nomodtweak.
    This is the simplest form of keystroke insertion and it actually
    solved the problem. Try it if the other options don't help.
 
 
-   Q-87: When I try to type a "<" (i.e. less than) instead I get ">"
+   Q-88: When I try to type a "<" (i.e. less than) instead I get ">"
    (i.e. greater than)! Strangely, typing ">" works OK!!
 
    Does your keyboard have a single key with both "<" and ">" on it? Even
@@ -6905,9 +7002,9 @@ EndSection
    (e.g. pc105 in the XF86Config file when it should be something else,
    say pc104.)
 
-   Short Cut: Try the [594]-xkb or [595]-sloppy_keys options and see if
+   Short Cut: Try the [600]-xkb or [601]-sloppy_keys options and see if
    that helps the situation. The discussion below is a bit outdated (e.g.
-   [596]-modtweak is now the default) but it is useful reference for
+   [602]-modtweak is now the default) but it is useful reference for
    various tricks and so is kept.
 
 
@@ -6950,25 +7047,25 @@ EndSection
    -remap less-comma
 
    These are convenient in that they do not modify the actual X server
-   settings. The former ([597]-modtweak) is a mode that monitors the
+   settings. The former ([603]-modtweak) is a mode that monitors the
    state of the Shift and AltGr modifiers and tries to deduce the correct
    keycode sequence to send. Since Jul/2004 -modtweak is now the default.
-   The latter ([598]-remap less-comma) is an immediate remapping of the
+   The latter ([604]-remap less-comma) is an immediate remapping of the
    keysym less to the keysym comma when it comes in from a client (so
    when Shift is down the comma press will yield "<".)
 
-   See also the [599]FAQ about the -xkb option as a possible workaround
+   See also the [605]FAQ about the -xkb option as a possible workaround
    using the XKEYBOARD extension.
 
-   Note that the [600]-debug_keyboard option prints out much info for
+   Note that the [606]-debug_keyboard option prints out much info for
    every keystroke to aid debugging keyboard problems.
 
 
-   Q-88: Extra Character Inserted, E.g.: When I try to type a "<" (i.e.
+   Q-89: Extra Character Inserted, E.g.: When I try to type a "<" (i.e.
    less than) instead I get "<," (i.e. an extra comma.)
 
    This is likely because you press "Shift" then "<" but then released
-   the Shift key before releasing the "<". Because of a [601]keymapping
+   the Shift key before releasing the "<". Because of a [607]keymapping
    ambiguity the last event "< up" is interpreted as "," because that key
    unshifted is the comma.
 
@@ -6976,16 +7073,16 @@ EndSection
    characters: in general it can happen whenever the Shift key is
    released early.
 
-   This should not happen in [602]-xkb mode, because it works hard to
+   This should not happen in [608]-xkb mode, because it works hard to
    resolve the ambiguities. If you do not want to use -xkb, try the
-   option [603]-sloppy_keys to attempt a similar type of algorithm.
+   option [609]-sloppy_keys to attempt a similar type of algorithm.
 
    One user had this problem for Italian and German keyboards with the
    key containing ":" and "." When he typed ":" he would get an extra "."
    inserted after the ":". The solution was -sloppy_keys.
 
 
-   Q-89: I'm using an "international" keyboard (e.g. German "de", or
+   Q-90: I'm using an "international" keyboard (e.g. German "de", or
    Danish "dk") and the -modtweak mode works well if the VNC viewer is
    run on a Unix/Linux machine with a similar keyboard.   But if I run
    the VNC viewer on Unix/Linux with a different keyboard (e.g. "us") or
@@ -7006,7 +7103,7 @@ EndSection
    In both cases no AltGr is sent to the VNC server, but we know AltGr is
    needed on the physical international keyboard to type a "@".
 
-   This all worked fine with x11vnc running with the [604]-modtweak
+   This all worked fine with x11vnc running with the [610]-modtweak
    option (it figures out how to adjust the Modifier keys (Shift or
    AltGr) to get the "@".) However it fails under recent versions of
    XFree86 (and the X.org fork.) These run the XKEYBOARD extension by
@@ -7023,7 +7120,7 @@ EndSection
      * there is a new option -xkb to use the XKEYBOARD extension API to
        do the Modifier key tweaking.
 
-   The [605]-xkb option seems to fix all of the missing keys: "@", "<",
+   The [611]-xkb option seems to fix all of the missing keys: "@", "<",
    ">", etc.: it is recommended that you try it if you have this sort of
    problem. Let us know if there are any remaining problems (see the next
    paragraph for some known problems.) If you specify the -debug_keyboard
@@ -7031,7 +7128,7 @@ EndSection
    debugging output (send it along with any problems you report.)
 
    Update: as of Jun/2005 x11vnc will try to automatically enable
-   [606]-xkb if it appears that would be beneficial (e.g. if it sees any
+   [612]-xkb if it appears that would be beneficial (e.g. if it sees any
    of "@", "<", ">", "[" and similar keys are mapped in a way that needs
    the -xkb to access them.) To disable this automatic check use -noxkb.
 
@@ -7046,7 +7143,7 @@ EndSection
        was attached to keycode 93 (no physical key generates this
        keycode) while ISO_Level3_Shift was attached to keycode 113. The
        keycode skipping option was used to disable the ghost key:
-       [607]-skip_keycodes 93
+       [613]-skip_keycodes 93
      * In implementing -xkb we noticed that some characters were still
        not getting through, e.g. "~" and "^". This is not really an
        XKEYBOARD problem. What was happening was the VNC viewer was
@@ -7064,16 +7161,16 @@ EndSection
        What to do? In general the VNC protocol has not really solved this
        problem: what should be done if the VNC viewer sends a keysym not
        recognized by the VNC server side? Workarounds can possibly be
-       created using the [608]-remap x11vnc option:
+       created using the [614]-remap x11vnc option:
   -remap asciitilde-dead_tilde,asciicircum-dead_circumflex
        etc. Use -remap filename if the list is long. Please send us your
        workarounds for this problem on your keyboard. Perhaps we can have
        x11vnc adjust automatically at some point. Also see the
-       [609]-add_keysyms option in the next paragraph.
-       Update: for convenience "[610]-remap DEAD" does many of these
+       [615]-add_keysyms option in the next paragraph.
+       Update: for convenience "[616]-remap DEAD" does many of these
        mappings at once.
-     * To complement the above workaround using the [611]-remap, an
-       option [612]-add_keysyms was added. This option instructs x11vnc
+     * To complement the above workaround using the [617]-remap, an
+       option [618]-add_keysyms was added. This option instructs x11vnc
        to bind any unknown Keysyms coming in from VNC viewers to unused
        Keycodes in the X server. This modifies the global state of the X
        server. When x11vnc exits it removes the extra keymappings it
@@ -7084,7 +7181,7 @@ EndSection
        disable.
 
 
-   Q-90: When typing I sometimes get double, triple, or more of my
+   Q-91: When typing I sometimes get double, triple, or more of my
    keystrokes repeated. I'm sure I only typed them once, what can I do?
 
    This may be due to an interplay between your X server's key autorepeat
@@ -7092,7 +7189,7 @@ EndSection
 
    Short answer: disable key autorepeating by running the command "xset r
    off" on the Xserver where x11vnc is run (restore via "xset r on") or
-   use the new (Jul/2004) [613]-norepeat x11vnc option. You will still
+   use the new (Jul/2004) [619]-norepeat x11vnc option. You will still
    have autorepeating because that is taken care of on your VNC viewer
    side.
 
@@ -7116,18 +7213,18 @@ EndSection
    off", does the problem go away?
 
    The workaround is to manually apply "xset r off" and "xset r on" as
-   needed, or to use the [614]-norepeat (which has since Dec/2004 been
+   needed, or to use the [620]-norepeat (which has since Dec/2004 been
    made the default.) Note that with X server autorepeat turned off the
    VNC viewer side of the connection will (nearly always) do its own
    autorepeating so there is no big loss here, unless someone is also
    working at the physical display and misses his autorepeating.
 
 
-   Q-91: The x11vnc -norepeat mode is in effect, but I still get repeated
+   Q-92: The x11vnc -norepeat mode is in effect, but I still get repeated
    keystrokes!!
 
    Are you using x11vnc to log in to an X session via display manager?
-   (as described in [615]this FAQ) If so, x11vnc is starting before your
+   (as described in [621]this FAQ) If so, x11vnc is starting before your
    session and it disables autorepeat when you connect, but then after
    you log in your session startup (GNOME, KDE, ...) could be resetting
    the autorepeat to be on. Or it could be something inside your desktop
@@ -7147,7 +7244,7 @@ EndSection
    should figure out how to disable that somehow.
 
 
-   Q-92: After using x11vnc for a while, I find that I cannot type some
+   Q-93: After using x11vnc for a while, I find that I cannot type some
    (or any) characters or my mouse clicks and drags no longer have any
    effect, or they lead to strange effects. What happened?
 
@@ -7188,11 +7285,11 @@ EndSection
    desktop manages these "warps". If the viewer is not notified it cannot
    know it needs to release the modifiers.
 
-   You can also use the [616]-clear_mods option to try to clear all of
+   You can also use the [622]-clear_mods option to try to clear all of
    the modifier keys at x11vnc startup. You will still have to be careful
    that you do not leave the modifier key pressed down during your
    session. It is difficult to prevent this problem from occurring (short
-   of using [617]-remap to prevent sending all of the problem modifier
+   of using [623]-remap to prevent sending all of the problem modifier
    keys, which would make the destkop pretty unusable.)
 
    During a session these x11vnc remote control commands can also help:
@@ -7205,16 +7302,16 @@ EndSection
    Num_Lock down. When these are locked on the remote side it can
    sometimes lead to strange desktop behavior (e.g. cannot drag or click
    on windows.) As above you may not notice this because the lock isn't
-   down on the local (Viewer) side. See [618]this FAQ on lock keys
-   problem. These options may help avoid the problem: [619]-skip_lockkeys
-   and [620]-capslock. See also [621]-clear_all.
+   down on the local (Viewer) side. See [624]this FAQ on lock keys
+   problem. These options may help avoid the problem: [625]-skip_lockkeys
+   and [626]-capslock. See also [627]-clear_all.
 
 
-   Q-93: The machine where I run x11vnc has an AltGr key, but the local
+   Q-94: The machine where I run x11vnc has an AltGr key, but the local
    machine where I run the VNC viewer does not. Is there a way I can map
    a local unused key to send an AltGr? How about a Compose key as well?
 
-   Something like "[622]-remap Super_R-Mode_switch" x11vnc option may
+   Something like "[628]-remap Super_R-Mode_switch" x11vnc option may
    work. Note that Super_R is the "Right Windoze(tm) Flaggie" key; you
    may want to choose another. The -debug_keyboard option comes in handy
    in finding keysym names (so does xev(1).)
@@ -7225,7 +7322,7 @@ EndSection
    specify remappings from a file.
 
 
-   Q-94: I have a Sun machine I run x11vnc on. Its Sun keyboard has just
+   Q-95: I have a Sun machine I run x11vnc on. Its Sun keyboard has just
    one Alt key labelled "Alt" and two Meta keys labelled with little
    diamonds. The machine where I run the VNC viewer only has Alt keys.
    How can I send a Meta keypress? (e.g. emacs needs this)
@@ -7237,13 +7334,13 @@ EndSection
 
    Since xmodmap(1) modifies the X server mappings you may not want to do
    this (because it affects local work on that machine.) Something like
-   the [623]-remap Alt_L-Meta_L to x11vnc may be sufficient for ones
+   the [629]-remap Alt_L-Meta_L to x11vnc may be sufficient for ones
    needs, and does not modify the X server environment. Note that you
    cannot send Alt_L in this case, maybe -remap Super_L-Meta_L would be a
    better choice if the Super_L key is typically unused in Unix.
 
 
-   Q-95: Running x11vnc on HP-UX I cannot type "#" I just get a "3"
+   Q-96: Running x11vnc on HP-UX I cannot type "#" I just get a "3"
    instead.
 
    One user reports this problem on HP-UX Rel_B.11.23. The problem was
@@ -7257,7 +7354,7 @@ EndSection
    and similar triple mappings (with two in the AltGr/Mode_switch group)
    of a keysum to a single keycode.
 
-   Use the [624]-nomodtweak option as a workaround. You can also use
+   Use the [630]-nomodtweak option as a workaround. You can also use
    xmodmap to correct these mappings in the server, e.g.:
   xmodmap -e "keycode 47 = 3 numbersign"
 
@@ -7266,12 +7363,12 @@ EndSection
    handle these mappings better.
 
 
-   Q-96: Can I map a keystroke to a mouse button click on the remote
+   Q-97: Can I map a keystroke to a mouse button click on the remote
    machine?
 
    This can be done directly in some X servers using AccessX and
    Pointer_EnableKeys, but is a bit awkward. It may be more convenient to
-   have x11vnc do the remapping. This can be done via the [625]-remap
+   have x11vnc do the remapping. This can be done via the [631]-remap
    option using the fake "keysyms" Button1, Button2, etc. as the "to"
    keys (i.e. the ones after the "-")
 
@@ -7280,7 +7377,7 @@ EndSection
    button "paste" because (using XFree86/Xorg Emulate3Buttons) you have
    to click both buttons on the touch pad at the same time. This
    remapping:
-  [626]-remap Super_R-Button2
+  [632]-remap Super_R-Button2
 
    maps the Super_R "flag" key press to the Button2 click, thereby making
    X pasting a bit easier.
@@ -7289,7 +7386,7 @@ EndSection
    are generated immediately on the x11vnc side. When the key is released
    (i.e. goes up) no events are generated.
 
-   Q-97: How can I get Caps_Lock to work between my VNC viewer and
+   Q-98: How can I get Caps_Lock to work between my VNC viewer and
    x11vnc?
 
    This is a little tricky because it is possible to get the Caps_Lock
@@ -7299,13 +7396,13 @@ EndSection
    Caps_Lock in the viewer your local machine goes into the Caps_Lock on
    state and sends keysym "A" say when you press "a". x11vnc will then
    fake things up so that Shift is held down to generate "A". The
-   [627]-skip_lockkeys option should help to accomplish this. For finer
-   grain control use something like: "[628]-remap Caps_Lock-None".
+   [633]-skip_lockkeys option should help to accomplish this. For finer
+   grain control use something like: "[634]-remap Caps_Lock-None".
 
-   Also try the [629]-nomodtweak and [630]-capslock options.
+   Also try the [635]-nomodtweak and [636]-capslock options.
 
    Another useful option that turns off any Lock keys on the remote side
-   at startup and end is the [631]-clear_all option. During a session you
+   at startup and end is the [637]-clear_all option. During a session you
    can run these remote control commands to modify the Lock keys:
    x11vnc -R clear_locks
    x11vnc -R clear_all
@@ -7315,7 +7412,7 @@ EndSection
    etc.)
    [Screen Related Issues and Features]
 
-   Q-98: The remote display is larger (in number of pixels) than the
+   Q-99: The remote display is larger (in number of pixels) than the
    local display I am running the vncviewer on. I don't like the
    vncviewer scrollbars, what I can do?
 
@@ -7334,15 +7431,15 @@ EndSection
    There may also be scaling viewers out there (e.g. TightVNC or UltraVNC
    on Windows) that automatically shrink or expand the remote framebuffer
    to fit the local display. Especially for hand-held devices. See also
-   [632]the next FAQ on x11vnc scaling.
+   [638]the next FAQ on x11vnc scaling.
 
 
-   Q-99: Does x11vnc support server-side framebuffer scaling? (E.g. to
+   Q-100: Does x11vnc support server-side framebuffer scaling? (E.g. to
    make the desktop smaller.)
 
    As of Jun/2004 x11vnc provides basic server-side scaling. It is a
    global scaling of the desktop, not a per-client setting. To enable it
-   use the "[633]-scale fraction" option. "fraction" can either be a
+   use the "[639]-scale fraction" option. "fraction" can either be a
    floating point number (e.g. -scale 0.75) or the alternative m/n
    fraction notation (e.g. -scale 3/4.) Note that if fraction is greater
    than one the display is magnified.
@@ -7367,7 +7464,7 @@ EndSection
 
    One can also use the ":nb" with an integer scale factor (say "-scale
    2:nb") to use x11vnc as a screen magnifier for vision impaired
-   [634]applications. Since with integer scale factors the framebuffers
+   [640]applications. Since with integer scale factors the framebuffers
    become huge and scaling operations time consuming, be sure to use
    ":nb" for the fastest response.
 
@@ -7393,7 +7490,7 @@ EndSection
    If one desires per-client scaling for something like 1:1 from a
    workstation and 1:2 from a smaller device (e.g. handheld), currently
    the only option is to run two (or more) x11vnc processes with
-   different scalings listening on separate ports ([635]-rfbport option,
+   different scalings listening on separate ports ([641]-rfbport option,
    etc.)
 
    Update: As of May/2006 x11vnc also supports the UltraVNC server-side
@@ -7403,8 +7500,8 @@ EndSection
    "-rfbversion 3.6" for this to be recognized by UltraVNC viewers.
 
    BTW, whenever you run two or more x11vnc's on the same X display and
-   use the [636]GUI, then to avoid all of the x11vnc's simultaneously
-   answering the gui you will need to use something like [637]"-connect
+   use the [642]GUI, then to avoid all of the x11vnc's simultaneously
+   answering the gui you will need to use something like [643]"-connect
    file1 -gui ..." with different connect files for each x11vnc you want
    to control via the gui (or remote-control.) The "-connect file1" usage
    gives separate communication channels between a x11vnc process and the
@@ -7413,12 +7510,12 @@ EndSection
 
    Update: As of Mar/2005 x11vnc now scales the mouse cursor with the
    same scale factor as the screen. If you don't want that, use the
-   [638]"-scale_cursor frac" option to set the cursor scaling to a
+   [644]"-scale_cursor frac" option to set the cursor scaling to a
    different factor (e.g. use "-scale_cursor 1" to keep the cursor at its
    natural unscaled size.)
 
 
-   Q-100: Does x11vnc work with Xinerama? (i.e. multiple monitors joined
+   Q-101: Does x11vnc work with Xinerama? (i.e. multiple monitors joined
    together to form one big, single screen.)
 
    Yes, it should generally work because it simply polls the big
@@ -7441,26 +7538,26 @@ EndSection
    screen is not rectangular (e.g. 1280x1024 and 1024x768 monitors joined
    together), then there will be "non-existent" areas on the screen. The
    X server will return "garbage" image data for these areas and so they
-   may be distracting to the viewer. The [639]-blackout x11vnc option
+   may be distracting to the viewer. The [645]-blackout x11vnc option
    allows you to blacken-out rectangles by manually specifying their
    WxH+X+Y geometries. If your system has the libXinerama library, the
-   [640]-xinerama x11vnc option can be used to have it automatically
+   [646]-xinerama x11vnc option can be used to have it automatically
    determine the rectangles to be blackened out. (Note on 8bpp
    PseudoColor displays the fill color may not be black.) Update:
-   [641]-xinerama is now on by default.
+   [647]-xinerama is now on by default.
 
    Some users have reported that the mouse does not behave properly for
    their Xinerama display: i.e. the mouse cannot be moved to all regions
-   of the large display. If this happens try using the [642]-xwarppointer
+   of the large display. If this happens try using the [648]-xwarppointer
    option. This instructs x11vnc to fake mouse pointer motions using the
    XWarpPointer function instead of the XTestFakeMotionEvent XTEST
    function. (This may be due to a bug in the X server for XTEST when
-   Xinerama is enabled.) Update: As of Dec/2006 [643]-xwarppointer will
+   Xinerama is enabled.) Update: As of Dec/2006 [649]-xwarppointer will
    be applied automatically if Xinerama is detected. To disable use:
    -noxwarppointer
 
 
-   Q-101: Can I use x11vnc on a multi-headed display that is not Xinerama
+   Q-102: Can I use x11vnc on a multi-headed display that is not Xinerama
    (i.e. separate screens :0.0, :0.1, ... for each monitor)?
 
    You can, but it is a little bit awkward: you must start separate
@@ -7478,32 +7575,32 @@ EndSection
    Note: if you are running on Solaris 8 or earlier you can easily hit up
    against the maximum of 6 shm segments per process (for Xsun in this
    case) from running multiple x11vnc processes. You should modify
-   /etc/system as mentioned in another [644]FAQ to increase the limit. It
-   is probably also a good idea to run with the [645]-onetile option in
+   /etc/system as mentioned in another [650]FAQ to increase the limit. It
+   is probably also a good idea to run with the [651]-onetile option in
    this case (to limit each x11vnc to 3 shm segments), or even
-   [646]-noshm to use no shm segments.
+   [652]-noshm to use no shm segments.
 
 
-   Q-102: Can x11vnc show only a portion of the display? (E.g. for a
+   Q-103: Can x11vnc show only a portion of the display? (E.g. for a
    special purpose application or a very large screen.)
 
-   As of Mar/2005 x11vnc has the "[647]-clip WxH+X+Y" option to select a
+   As of Mar/2005 x11vnc has the "[653]-clip WxH+X+Y" option to select a
    rectangle of width W, height H and offset (X, Y). Thus the VNC screen
    will be the clipped sub-region of the display and be only WxH in size.
-   One user used -clip to split up a large [648]Xinerama screen into two
+   One user used -clip to split up a large [654]Xinerama screen into two
    more managable smaller screens.
 
    This also works to view a sub-region of a single application window if
-   the [649]-id or [650]-sid options are used. The offset is measured
+   the [655]-id or [656]-sid options are used. The offset is measured
    from the upper left corner of the selected window.
 
 
-   Q-103: Does x11vnc support the XRANDR (X Resize, Rotate and
+   Q-104: Does x11vnc support the XRANDR (X Resize, Rotate and
    Reflection) extension? Whenever I rotate or resize the screen x11vnc
    just seems to crash.
 
    As of Dec/2004 x11vnc supports XRANDR. You enable it with the
-   [651]-xrandr option to make x11vnc monitor XRANDR events and also trap
+   [657]-xrandr option to make x11vnc monitor XRANDR events and also trap
    X server errors if the screen change occurred in the middle of an X
    call like XGetImage. Once it traps the screen change it will create a
    new framebuffer using the new screen.
@@ -7513,9 +7610,9 @@ EndSection
    then the viewer will automatically resize. Otherwise, the new
    framebuffer is fit as best as possible into the original viewer size
    (portions of the screen may be clipped, unused, etc.) For these
-   viewers you can try the [652]-padgeom option to make the region big
+   viewers you can try the [658]-padgeom option to make the region big
    enough to hold all resizes and rotations. We have fixed this problem
-   for the TightVNC Viewer on Unix: [653]SSVNC
+   for the TightVNC Viewer on Unix: [659]SSVNC
 
    If you specify "-xrandr newfbsize" then vnc viewers that do not
    support NewFBSize will be disconnected before the resize. If you
@@ -7523,21 +7620,21 @@ EndSection
    terminate.
 
 
-   Q-104: Independent of any XRANDR, can I have x11vnc rotate and/or
+   Q-105: Independent of any XRANDR, can I have x11vnc rotate and/or
    reflect the screen that the VNC viewers see? (e.g. for a handheld
    whose screen is rotated 90 degrees.)
 
-   As of Jul/2006 there is the [654]-rotate option allow this. E.g's:
+   As of Jul/2006 there is the [660]-rotate option allow this. E.g's:
    "-rotate +90", "-rotate -90", "-rotate x", etc.
 
 
-   Q-105: Why is the view in my VNC viewer completely black? Or why is
+   Q-106: Why is the view in my VNC viewer completely black? Or why is
    everything flashing around randomly?
 
    See the next FAQ for a possible explanation.
 
 
-   Q-106: I use Linux Virtual Terminals (VT's) to implement 'Fast User
+   Q-107: I use Linux Virtual Terminals (VT's) to implement 'Fast User
    Switching' between users' sessions (e.g. Betty is on Ctrl-Alt-F7,
    Bobby is on Ctrl-Alt-F8, and Sid is on Ctrl-Alt-F1: they use those
    keystrokes to switch between their sessions.)   How come the view in a
@@ -7566,7 +7663,7 @@ EndSection
    "chvt 7" for VT #7.
 
 
-   Q-107: I am using x11vnc where my local machine has "popup/hidden
+   Q-108: I am using x11vnc where my local machine has "popup/hidden
    taskbars" and the remote display where x11vnc runs also has
    "popup/hidden taskbars" and they interfere and fight with each other.
    What can I do?
@@ -7581,7 +7678,7 @@ EndSection
    click on the task bar panel, and uncheck "enable auto-hide" from the
    panel properties dialog box. This will make the panel always visible.
 
-   Q-108: Help! x11vnc and my KDE screensaver keep switching each other
+   Q-109: Help! x11vnc and my KDE screensaver keep switching each other
    on and off every few seconds.
 
    This is a new (Jul/2006) problem seen, say, on the version of KDE that
@@ -7592,13 +7689,13 @@ EndSection
 
    This may be a bug in kdesktop_lock. For now the only workaround is to
    disable the screensaver. You can try using another one such as
-   straight xscreensaver (see the instructions [655]here for how to
+   straight xscreensaver (see the instructions [661]here for how to
    disable kdesktop_lock.) If you have more info on this or see it
    outside of KDE please let us know.
 
    Update: It appears this is due to kdesktop_lock enabling the screen
    saver when the Monitor is in DPMS low-power state (e.g. standby,
-   suspend, or off.) In Nov/2006 the x11vnc [656]-nodpms option was added
+   suspend, or off.) In Nov/2006 the x11vnc [662]-nodpms option was added
    as a workaround. Normally it is a good thing that the monitor powers
    down (since x11vnc can still poll the framebuffer in this state), but
    if you experience the kdesktop_lock problem you can specify the
@@ -7608,22 +7705,22 @@ EndSection
    disable the screensaver.) Feel free to file a bug against
    kdesktop_lock with KDE.
 
-   Q-109: I am running the beryl 3D window manager (or compiz, MythTv,
+   Q-110: I am running the beryl 3D window manager (or compiz, MythTv,
    Google Earth, or some other OpenGL app) and I do not get screen
    updates in x11vnc.
 
    This appears to be because the 3D OpenGL/GLX hardware screen updates
    do not get reported via the XDAMAGE mechanism. So this is a bug in
-   [657]beryl/compiz or XDAMAGE/Xorg or the (possibly 3rd party) video
+   [663]beryl/compiz or XDAMAGE/Xorg or the (possibly 3rd party) video
    card driver.
 
-   As a workaround apply the [658]-noxdamage option. As of Feb/2007
+   As a workaround apply the [664]-noxdamage option. As of Feb/2007
    x11vnc will try to autodetect the problem and disable XDAMAGE if is
    appears to be missing a lot of updates. But if you know you are using
-   beryl you might as well always supply -noxdamage. Thanks to [659]this
+   beryl you might as well always supply -noxdamage. Thanks to [665]this
    user who reported the problem and discovered the workaround.
 
-   A developer for [660]MiniMyth reports that the 'alphapulse' tag of the
+   A developer for [666]MiniMyth reports that the 'alphapulse' tag of the
    theme G.A.N.T. can also cause problems, and should be avoided when
    using VNC.
 
@@ -7632,7 +7729,7 @@ EndSection
    responsiveness (especially for typing) and also leads to unnecessary
    CPU and memory I/O load due to the extra polling.
 
-   Q-110: Can I use x11vnc to view my VMWare session remotely?
+   Q-111: Can I use x11vnc to view my VMWare session remotely?
 
    Yes, since VMWare usually runs as an X application you can view it via
    x11vnc in the normal way.
@@ -7643,9 +7740,9 @@ EndSection
      * Fullscreen mode
 
    The way VMWare does Fullscreen mode on Linux is to display the Guest
-   desktop in a separate Virtual Terminal (e.g. VT 8) (see [661]this FAQ
+   desktop in a separate Virtual Terminal (e.g. VT 8) (see [667]this FAQ
    on VT's for background.) Unfortunately, this Fullscreen VT is not an X
-   server. So x11vnc cannot access it (however, [662]see this discussion
+   server. So x11vnc cannot access it (however, [668]see this discussion
    of -rawfb for a possible workaround.) x11vnc works fine with "Normal X
    application window" and "Quick-Switch mode" because these use X.
 
@@ -7666,13 +7763,13 @@ EndSection
    improve response. One can also cut the display depth (e.g. to 16bpp)
    in this 2nd X session to improve video performance. This 2nd X session
    emulates Fullscreen mode to some degree and can be viewed via x11vnc
-   as long as the VMWare X session [663]is in the active VT.
+   as long as the VMWare X session [669]is in the active VT.
 
    Also note that with a little bit of playing with "xwininfo -all
    -children" output one can extract the (non-toplevel) window-id of the
    of the Guest desktop only when VMWare is running as a normal X
    application. Then one can export just the guest desktop (i.e. without
-   the VMWare menu buttons) by use of the [664]-id windowid option. The
+   the VMWare menu buttons) by use of the [670]-id windowid option. The
    caveats are the X session VMWare is in must be in the active VT and
    the window must be fully visible, so this mode is not terribly
    convenient, but could be useful in some circumstances (e.g. running
@@ -7684,14 +7781,14 @@ EndSection
 
    [Exporting non-X11 devices via VNC]
 
-   Q-111: Can non-X devices (e.g. a raw framebuffer) be viewed (and even
+   Q-112: Can non-X devices (e.g. a raw framebuffer) be viewed (and even
    controlled) via VNC with x11vnc?
 
    As of Apr/2005 there is support for this. Two options were added:
-   "[665]-rawfb string" (to indicate the raw frame buffer device, file,
-   etc. and its parameters) and "[666]-pipeinput command" (to provide an
+   "[671]-rawfb string" (to indicate the raw frame buffer device, file,
+   etc. and its parameters) and "[672]-pipeinput command" (to provide an
    external program that will inject or otherwise process mouse and
-   keystroke input.) Some useful [667]-pipeinput schemes, VID, CONSOLE,
+   keystroke input.) Some useful [673]-pipeinput schemes, VID, CONSOLE,
    and UINPUT, have since been built into x11vnc for convenience.
 
    This non-X mode for x11vnc is somewhat experimental because it is so
@@ -7731,9 +7828,9 @@ EndSection
    access method.) Only use file if map isn't working. BTW, "mmap" is an
    alias for "map" and if you do not supply a type and the file exists,
    map is assumed (see the -help output and below for some exceptions to
-   this.) The "snap:" setting applies the [668]-snapfb option with
+   this.) The "snap:" setting applies the [674]-snapfb option with
    "file:" type reading (this is useful for exporting webcams or TV tuner
-   video; see [669]the next FAQ for more info.)
+   video; see [675]the next FAQ for more info.)
 
    Also, if the string is of the form "setup:cmd" then cmd is run and the
    first line of its output retrieved and used as the rawfb string. This
@@ -7778,7 +7875,7 @@ EndSection
    screen to either shm or a mapped file. The format of these is XWD and
    so the initial header should be skipped. BTW, since XWD is not
    strictly RGB the view will only be approximate, but usable. Of course
-   for the case of Xvfb x11vnc can poll it much better via the [670]X
+   for the case of Xvfb x11vnc can poll it much better via the [676]X
    API, but you get the idea.
 
    By default in -rawfb mode x11vnc will actually close any X display it
@@ -7809,13 +7906,13 @@ minal #2)
    tty1-tty6), or X graphical display (usually starting at tty7.) In
    addition to the text console other graphical ones may be viewed and
    interacted with as well, e.g. DirectFB or SVGAlib apps, VMWare non-X
-   fullscreen, or [671]Qt-embedded apps (PDAs/Handhelds.) By default the
+   fullscreen, or [677]Qt-embedded apps (PDAs/Handhelds.) By default the
    pipeinput mechanisms UINPUT and CONSOLE (keystrokes only) are
    automatically attempted in this mode under "-rawfb console".
 
    The Video4Linux Capture device, /dev/video0, etc is either a Webcam or
    a TV capture device and needs to have its driver enabled in the
-   kernel. See [672]this FAQ for details. If specified via "-rawfb Video"
+   kernel. See [678]this FAQ for details. If specified via "-rawfb Video"
    then the pipeinput method "VID" is applied (it lets you change video
    parameters dynamically via keystrokes.)
 
@@ -7823,10 +7920,10 @@ minal #2)
    also useful in testing.
 
 
-   All of the above [673]-rawfb options are just for viewing the raw
+   All of the above [679]-rawfb options are just for viewing the raw
    framebuffer (although some of the aliases do imply keystroke and mouse
    pipeinput methods.) That may be enough for certain applications of
-   this feature (e.g. suppose a [674]video camera mapped its framebuffer
+   this feature (e.g. suppose a [680]video camera mapped its framebuffer
    into memory and you just wanted to look at it via VNC.)
    To handle the pointer and keyboard input from the viewer users the
    "-pipeinput cmd" option was added to indicate a helper program to
@@ -7864,7 +7961,7 @@ minal #2)
    keystrokes into the Linux console (e.g. the virtual consoles:
    /dev/tty1, /dev/tty2, etc) in x11vnc/misc/vcinject.pl. It is based on
    the vncterm/LinuxVNC.c program also in the libvncserver CVS. So to
-   view and interact with VT #2 (assuming it is the [675]active VT) one
+   view and interact with VT #2 (assuming it is the [681]active VT) one
    can run something like:
   x11vnc -rawfb map:/dev/fb0@1024x768x16 -pipeinput './vcinject.pl 2'
 
@@ -7919,7 +8016,7 @@ minal #2)
    better to use the more accurate and faster LinuxVNC program. The
    advantage x11vnc -rawfb might have is that it can allow interaction
    with a non-text application, e.g. one based on SVGAlib or
-   [676]Qt-embedded Also, for example the [677]VMWare Fullscreen mode is
+   [682]Qt-embedded Also, for example the [683]VMWare Fullscreen mode is
    actually viewable under -rawfb and can be interacted with if uinput is
    enabled.
 
@@ -7936,7 +8033,7 @@ minal #2)
    program that passes the framebuffer to libvncserver.
 
 
-   Q-112: Can I export the Linux Console (Virtual Terminals) via VNC
+   Q-113: Can I export the Linux Console (Virtual Terminals) via VNC
    using x11vnc?
 
    Yes, you may need to be root to access the devices that make up the
@@ -7981,12 +8078,12 @@ minal #2)
    startx (or similar, e.g. gdm) in the virtual terminal. A 2nd x11vnc
    could be used to see if the X server is now working correctly.
 
-   Q-113: Can I export via VNC a Webcam or TV tuner framebuffer using
+   Q-114: Can I export via VNC a Webcam or TV tuner framebuffer using
    x11vnc?
 
-   Yes, this is possible to some degree with the [678]-rawfb option.
+   Yes, this is possible to some degree with the [684]-rawfb option.
    There is no X11 involved: snapshots from the video capture device are
-   used for the screen image data. See the [679]previous FAQ on -rawfb
+   used for the screen image data. See the [685]previous FAQ on -rawfb
    for background. For best results, use x11vnc version 0.8.1 or later.
 
    Roughly, one would do something like this:
@@ -7998,7 +8095,7 @@ minal #2)
    snapshot to a file that you point -rawfb to; ask me if it is not clear
    what to do.)
 
-   The "snap:" enforces [680]-snapfb mode which appears to be necessary.
+   The "snap:" enforces [686]-snapfb mode which appears to be necessary.
    The read pointer for video capture devices cannot be repositioned
    (which would be needed for scanline polling), but you can read a full
    frame of data from the device.
@@ -8020,7 +8117,7 @@ minal #2)
 
    Many video4linux drivers tend to set the framebuffer to be 24bpp (as
    opposed to 32bpp.) Since this can cause problems with VNC viewers,
-   etc, the [681]-24to32 option will be automatically imposed when in
+   etc, the [687]-24to32 option will be automatically imposed when in
    24bpp.
 
    Note that by its very nature, video capture involves rapid change in
@@ -8028,7 +8125,7 @@ minal #2)
    wavering in brightness is always happening. This can lead to much
    network bandwidth consumption for the VNC traffic and also local CPU
    and I/O resource usage. You may want to experiment with "dialing down"
-   the framerate via the [682]-wait, [683]-slow_fb, or [684]-defer
+   the framerate via the [688]-wait, [689]-slow_fb, or [690]-defer
    options. Decreasing the window size and bpp also helps.
 
 
@@ -8117,16 +8214,16 @@ minal #2)
          format to HI240, RGB565, RGB24, RGB32, RGB555, and
          GREY respectively. See -rawfb video for details.
 
-   See also the [685]-freqtab option to supply your own xawtv channel to
+   See also the [691]-freqtab option to supply your own xawtv channel to
    frequency mappings for your country (only ntsc-cable-us is built into
    x11vnc.)
 
 
-   Q-114: Can I connect via VNC to a Qt-embedded/Qtopia application
+   Q-115: Can I connect via VNC to a Qt-embedded/Qtopia application
    running on my handheld or PC using the Linux console framebuffer (i.e.
    not X11)?
 
-   Yes, the basic method for this is the [686]-rawfb scheme where the
+   Yes, the basic method for this is the [692]-rawfb scheme where the
    Linux console framebuffer (usually /dev/fb0) is polled and the uinput
    driver is used to inject keystrokes and mouse input. Often you will
    just have to type:
@@ -8139,7 +8236,7 @@ minal #2)
   x11vnc -rawfb /dev/fb0@640x480x16
 
    Also, to force usage of the uinput injection method use "-pipeinput
-   UINPUT". See the [687]-pipeinput description for tunable parameters,
+   UINPUT". See the [693]-pipeinput description for tunable parameters,
    etc.
 
    One problem with the x11vnc uinput scheme is that it cannot guess the
@@ -8155,7 +8252,7 @@ minal #2)
    Even with the correct acceleration setting there is still some drift
    (probably because of the mouse threshold where the acceleration kicks
    in) and so x11vnc needs to reposition the cursor from 0,0 about 5
-   times a second. See the [688]-pipeinput UINPUT option for tuning
+   times a second. See the [694]-pipeinput UINPUT option for tuning
    parameters that can be set (there are some experimental thresh=N
    tuning parameters as well)
 
@@ -8187,10 +8284,10 @@ minal #2)
    not work.
 
 
-   Q-115: Now that non-X11 devices can be exported via VNC using x11vnc,
+   Q-116: Now that non-X11 devices can be exported via VNC using x11vnc,
    can I build it with no dependencies on X11 header files and libraries?
 
-   Yes, as of Jul/2006 x11vnc enables building for [689]-rawfb only
+   Yes, as of Jul/2006 x11vnc enables building for [695]-rawfb only
    support. Just do something like when building:
   ./configure --without-x    (plus any other flags)
   make
@@ -8201,16 +8298,16 @@ minal #2)
    know what you did.
 
 
-   Q-116: Does x11vnc support Mac OS X Aqua/Quartz displays natively
+   Q-117: Does x11vnc support Mac OS X Aqua/Quartz displays natively
    (i.e. no X11 involved)?
 
    Yes, since Nov/2006 in the development tree (x11vnc-0.8.4 tarball)
    there is support for native Mac OS X Aqua/Quartz displays using the
-   [690]-rawfb mechanism described above. The mouse and keyboard input is
+   [696]-rawfb mechanism described above. The mouse and keyboard input is
    achieved via Mac OS X API's.
 
-   So you can use x11vnc as an alternative to [691]OSXvnc (aka Vine
-   Server), or [692]Apple Remote Desktop (ARD). Perhaps there is some
+   So you can use x11vnc as an alternative to [697]OSXvnc (aka Vine
+   Server), or [698]Apple Remote Desktop (ARD). Perhaps there is some
    x11vnc feature you'd like to use on Mac OS X, etc. For a number of
    activities (e.g. window drags) it seems to be faster than OSXvnc.
 
@@ -8220,7 +8317,7 @@ minal #2)
    (XDarwin) running on Mac OS X (people often install this software to
    display remote X11 apps on their Mac OS X system, or use some old
    favorites locally such as xterm.) However in this case x11vnc will
-   only work reasonably in single window [693]-id windowid mode (and the
+   only work reasonably in single window [699]-id windowid mode (and the
    window may need to have mouse focus.)
 
    If you do not have the DISPLAY env. variable set, x11vnc will assume
@@ -8238,9 +8335,9 @@ minal #2)
    ./configure --without-x
    make
 
-   Win2VNC/x2vnc:  One handy use is to use the [694]-nofb mode to
+   Win2VNC/x2vnc:  One handy use is to use the [700]-nofb mode to
    redirect mouse and keyboard input to a nearby Mac (i.e. one to the
-   side of your desk) via [695]x2vnc or Win2VNC. See [696]this FAQ for
+   side of your desk) via [701]x2vnc or Win2VNC. See [702]this FAQ for
    more info.
 
    Options:  Here are the Mac OS X specific x11vnc options:
@@ -8310,17 +8407,17 @@ rm -f $tmp
    command for you.) Then once you are connected via VNC, iconify the
    Terminal windows (you can't delete them since that will kill x11vnc.)
 
-   Q-117: Can x11vnc be used as a VNC reflector/repeater to improve
+   Q-118: Can x11vnc be used as a VNC reflector/repeater to improve
    performance for the case of a large number of simultaneous VNC viewers
    (e.g. classroom broadcasting or a large demo)?
 
-   Yes, as of Feb/2007 there is the "[697]-reflect host:N" option to
+   Yes, as of Feb/2007 there is the "[703]-reflect host:N" option to
    connect to the VNC server "host:N" (either another x11vnc or any other
    VNC server) and re-export it. VNC viewers then connect to the
    x11vnc(s) running -reflect.
 
    The -reflect option is the same as: "-rawfb vnc:host:N". See the
-   [698]-rawfb description under "VNC HOST" for more details.
+   [704]-rawfb description under "VNC HOST" for more details.
 
    You can replace "host:N" with "listen" or "listen:port" for reverse
    connections.
@@ -8381,18 +8478,18 @@ rm -f $tmp
    re-exports via VNC to its clients C.) However, CopyRect and
    CursorShape encodings are preserved in the reflection and that helps.
    Dragging windows with the mouse can be a problem (especially if S is
-   not doing wireframing somehow, consider [699]-nodragging if the
+   not doing wireframing somehow, consider [705]-nodragging if the
    problem is severe) For a really fast reflector/repeater it would have
    to be implemented from scratch with performance in mind. See these
    other projects:
-    [700]http://sourceforge.net/projects/vnc-reflector/,
-    [701]http://www.tightvnc.com/projector/                (closed source?),
+    [706]http://sourceforge.net/projects/vnc-reflector/,
+    [707]http://www.tightvnc.com/projector/                (closed source?),
 
 
    Automation via Reverse Connections:   Instead of having the R's
    connect directly to S and then the C's connect directly to the R they
    should use, some convenience can be achieved by using reverse
-   connections (the x11vnc "[702]"-connect host1,host2,..." option.)
+   connections (the x11vnc "[708]"-connect host1,host2,..." option.)
    Suppose all the clients "C" are started up in Listen mode:
     client1>  vncviewer -listen
     client2>  vncviewer -listen
@@ -8419,7 +8516,7 @@ rm -f $tmp
    us know what you did. A really nice thing would be some sort of
    auto-discovery of your repeater, etc...
 
-   Q-118: Can x11vnc be used during a Linux, Solaris, etc. system
+   Q-119: Can x11vnc be used during a Linux, Solaris, etc. system
    Installation so the Installation can be done remotely?
 
    This can be done, but it doesn't always work because it depends on how
@@ -8451,7 +8548,7 @@ rm -f $tmp
    If the Solaris install is an older X-based one, there will be a menu
    for you to get a terminal window. From that window you might be able
    to retrieve x11vnc.static via wget, scp, or ftp. Remember to do "chmod
-   755 ./x11vnc.static" and then find the -auth file as in [703]this FAQ.
+   755 ./x11vnc.static" and then find the -auth file as in [709]this FAQ.
 
    If it is a Linux install that uses an X server (e.g. SuSE and probably
    Fedora), then you can often get a shell by pressing Ctrl-Alt-F2 or
@@ -8460,8 +8557,8 @@ rm -f $tmp
    wget http://192.168.0.22/x11vnc.static
    chmod 755 ./x11vnc.static
 
-   Find the name of the auth file as in [704]this FAQ. (maybe run "ps
-   wwwaux | grep auth".) Then run it like this:
+   Find the name of the auth file as in [710]this FAQ. (maybe run "ps
+   wwaux | grep auth".) Then run it like this:
    ./x11vnc.static -forever -nopw -display :0 -auth /tmp/wherever/the/authfile
 
    then press Alt-F7 to go back to the X install. You should now be able
@@ -8469,7 +8566,7 @@ rm -f $tmp
    the display being :1, etc.
 
    If there is a firewall blocking incoming connections during the
-   install, use the [705]"-connect hostname" option option for a reverse
+   install, use the [711]"-connect hostname" option option for a reverse
    connection to the hostname running the VNC viewer in listen mode.
 
    Debian based installs are either console-text or console-framebuffer
@@ -8512,7 +8609,7 @@ rm -f $tmp
    [Misc: Clipboard, File Transfer/Sharing, Printing, Sound, Beeps,
    Thanks, etc.]
 
-   Q-119: Does the Clipboard/Selection get transferred between the
+   Q-120: Does the Clipboard/Selection get transferred between the
    vncviewer and the X display?
 
    As of Jan/2004 x11vnc supports the "CutText" part of the RFB (aka VNC)
@@ -8531,7 +8628,7 @@ rm -f $tmp
    as 'for power users' or 'an Easter Egg'. As soon as text is
    highlighted it is set to the PRIMARY selection and so it is
    immediately ready for pasting, usually via the Middle Mouse Button or
-   "Shift+Insert". See [706]this jwz link for more information.
+   "Shift+Insert". See [712]this jwz link for more information.
 
    x11vnc's default behavior is to watch both CLIPBOARD and PRIMARY and
    whenever one of them changes, it sends the new text to connected
@@ -8548,37 +8645,37 @@ rm -f $tmp
 
    You may not like these defaults. Here are ways to change the behavior:
      * If you don't want the Clipboard/Selection exchanged at all use the
-       [707]-nosel option.
+       [713]-nosel option.
      * If you want changes in PRIMARY to be ignored use the
-       [708]-noprimary option.
+       [714]-noprimary option.
      * If you want changes in CLIPBOARD to be ignored use the
-       [709]-noclipboard option.
+       [715]-noclipboard option.
      * If you don't want x11vnc to set PRIMARY to the "CutText" received
-       from viewers use the [710]-nosetprimary option.
+       from viewers use the [716]-nosetprimary option.
      * If you don't want x11vnc to set CLIPBOARD to the "CutText"
-       received from viewers use the [711]-nosetclipboard option.
+       received from viewers use the [717]-nosetclipboard option.
 
-   You can also fine-tune it a bit with the [712]-seldir dir option and
-   also [713]-input.
+   You can also fine-tune it a bit with the [718]-seldir dir option and
+   also [719]-input.
 
    You may need to watch out for desktop utilities such as KDE's
    "Klipper" that do odd things with the selection, clipboard, and
    cutbuffers.
 
 
-   Q-120: Can I use x11vnc to record a Shock Wave Flash (or other format)
+   Q-121: Can I use x11vnc to record a Shock Wave Flash (or other format)
    video of my desktop, e.g. to record a tutorial or demo?
 
    Yes, it is possible with a number of tools that record VNC and
    transform it to swf format or others. One such popular tool is
-   [714]pyvnc2swf. There are a number of [715]tutorials (broken link?) on
+   [720]pyvnc2swf. There are a number of [721]tutorials (broken link?) on
    how to do this. Another option is to use the vnc2mpg that comes in the
    LibVNCServer package.
    An important thing to remember when doing this is that tuning
    parameters should be applied to x11vnc to speed up its polling for
    this sort of application, e.g. "-wait 10 -defer 10".
 
-   Q-121: Can I transfer files back and forth with x11vnc?
+   Q-122: Can I transfer files back and forth with x11vnc?
 
    As of Oct/2005 and May/2006 x11vnc enables, respectively, the TightVNC
    and UltraVNC file transfer implementations that were added to
@@ -8586,11 +8683,11 @@ rm -f $tmp
    (and Windows viewers only support filetransfer it appears... but they
    do work to some degree under Wine on Linux.)
 
-   The [716]SSVNC Unix VNC viewer supports UltraVNC file transfer by use
+   The [722]SSVNC Unix VNC viewer supports UltraVNC file transfer by use
    of a Java helper program.
 
    TightVNC file transfer is off by default, if you want to enable it use
-   the [717]-tightfilexfer option.
+   the [723]-tightfilexfer option.
 
    UltraVNC file transfer is off by default, to enable it use something
    like "-rfbversion 3.6 -permitfiletransfer"
@@ -8613,7 +8710,7 @@ rm -f $tmp
    IMPORTANT: please understand if -ultrafilexfer or -tightfilexfer is
    specified and you run x11vnc as root for, say, inetd or display
    manager (gdm, kdm, ...) access and you do not have it switch users via
-   the [718]-users option, then VNC Viewers that connect are able to do
+   the [724]-users option, then VNC Viewers that connect are able to do
    filetransfer reads and writes as *root*.
 
    The UltraVNC and TightVNC settings can be toggled on and off inside
@@ -8626,13 +8723,13 @@ rm -f $tmp
    control you will probably be foiled by the "-rfbversion 3.6" issue.
 
 
-   Q-122: Which UltraVNC extensions are supported?
+   Q-123: Which UltraVNC extensions are supported?
 
    Some of them are supported. To get UltraVNC Viewers to attempt to use
    these extensions you will need to supply this option to x11vnc:
    -rfbversion 3.6
 
-   Or use [719]-ultrafilexfer which is an alias for the above option and
+   Or use [725]-ultrafilexfer which is an alias for the above option and
    "-permitfiletransfer". UltraVNC evidently treats any other RFB version
    number as non-UltraVNC.
 
@@ -8644,31 +8741,31 @@ rm -f $tmp
      * 1/n Server Scaling
      * rfbEncodingUltra compression encoding
 
-   The [720]SSVNC Unix VNC viewer supports these UltraVNC extensions.
+   The [726]SSVNC Unix VNC viewer supports these UltraVNC extensions.
 
-   To disable SingleWindow and ServerInput use [721]-noultraext (the
+   To disable SingleWindow and ServerInput use [727]-noultraext (the
    others are managed by LibVNCServer.) See this option too:
-   [722]-noserverdpms.
+   [728]-noserverdpms.
 
-   Also, the [723]UltraVNC repeater proxy is supported for use with
-   reverse connections: "[724]-connect repeater://host:port+ID:NNNN". Use
+   Also, the [729]UltraVNC repeater proxy is supported for use with
+   reverse connections: "[730]-connect repeater://host:port+ID:NNNN". Use
    it for both plaintext and SSL connections. This mode can send any
    string before switching to the VNC protocol, and so could be used with
    other proxy/gateway tools. Also, a perl repeater implemention is here:
-   [725]ultravnc_repeater.pl
+   [731]ultravnc_repeater.pl
 
 
-   Q-123: Can x11vnc emulate UltraVNC's Single Click helpdesk mode for
+   Q-124: Can x11vnc emulate UltraVNC's Single Click helpdesk mode for
    Unix? I.e. something very simple for a naive user to initiate a
    reverse vnc connection from their Unix desktop to a helpdesk
    operator's VNC Viewer.
 
-   Yes, UltraVNC's [726]Single Click (SC) mode can be emulated fairly
+   Yes, UltraVNC's [732]Single Click (SC) mode can be emulated fairly
    well on Unix.
 
    We use the term "helpdesk" below, but it could be any sort of remote
    assistance you want to set up, e.g. something for Unix-using friends
-   or family to use. This includes [727]Mac OS X.
+   or family to use. This includes [733]Mac OS X.
 
    Assume you create a helpdesk directory "hd" on your website:
    http://www.mysite.com/hd (any website that you can upload files to
@@ -8724,7 +8821,7 @@ chmod 755 ./x11vnc                  # platform, use $webhost/`uname`/x11vnc
    So I guess this is about 3-4 clicks (start a terminal and paste) and
    pressing "Enter" instead of "single click"...
 
-   See [728]this page for some variations on this method, e.g. how to add
+   See [734]this page for some variations on this method, e.g. how to add
    a password, SSL Certificates, etc.
 
 
@@ -8736,11 +8833,11 @@ chmod 755 ./x11vnc                  # platform, use $webhost/`uname`/x11vnc
 
    A bit of obscurity security could be put in with a -passwd, -rfbauth
    options, etc. (note that x11vnc will require a password even for
-   reverse connections.) More info [729]here.
+   reverse connections.) More info [735]here.
 
 
    Firewalls: If the helpdesk (you) with the vncviewer is behind a
-   NAT/Firewall/Router the [730]router will have to be configured to
+   NAT/Firewall/Router the [736]router will have to be configured to
    redirect a port (i.e. 5500 or maybe different one if you like) to the
    vncviewer machine. If the vncviewer machine also has its own
    host-level firewall, you will have to open up the port there as well.
@@ -8750,7 +8847,7 @@ chmod 755 ./x11vnc                  # platform, use $webhost/`uname`/x11vnc
    configuring a router to do a port redirection (i.e. on your side, the
    HelpDesk.) To avoid modifying either firewall/router, one would need
    some public (IP address reachable on the internet) redirection/proxy
-   service. Perhaps such a thing exists. [731]http://sc.uvnc.com provides
+   service. Perhaps such a thing exists. [737]http://sc.uvnc.com provides
    this service for their UltraVNC Single Click users.
 
 
@@ -8786,7 +8883,7 @@ chmod 755 ./x11vnc                  # platform, use $webhost/`uname`/x11vnc
 
    As of Apr/2007 x11vnc supports reverse connections in SSL and so we
    can do this. On the Helpdesk side (Viewer) you will need STUNNEL or
-   better use the [732]Enhanced TightVNC Viewer (SSVNC) package we
+   better use the [738]Enhanced TightVNC Viewer (SSVNC) package we
    provide that automates all of the SSL for you.
 
    To do this create a file named "vncs" in the website "hd" directory
@@ -8816,11 +8913,11 @@ chmod 755 ./x11vnc                  # platform, use $webhost/`uname`/x11vnc
 
    with the hostnames or IP addresses customized to your case.
 
-   The only change from the "vnc" above is the addition of the [733]-ssl
+   The only change from the "vnc" above is the addition of the [739]-ssl
    option to x11vnc. This will create a temporary SSL cert: openssl(1)
    will need to be installed on the user's end. A fixed SSL cert file
    could be used to avoid this (and provide some authentication; more
-   info [734]here.)
+   info [740]here.)
 
    The naive user will be doing this:
    wget -qO - http://www.mysite.com/hd/vncs | sh -
@@ -8829,7 +8926,7 @@ chmod 755 ./x11vnc                  # platform, use $webhost/`uname`/x11vnc
 
    But before that, the helpdesk operator needs to have "vncviewer
    -listen" running as before, however he needs an SSL tunnel at his end.
-   The easiest way to do this is use [735]Enhanced TightVNC Viewer
+   The easiest way to do this is use [741]Enhanced TightVNC Viewer
    (SSVNC). Start it, and select Options -> 'Reverse VNC Connection
    (-listen)'. Then UN-select 'Verify All Certs' (this can be enabled
    later if you want; you'll need the x11vnc SSL certificate), and click
@@ -8859,7 +8956,7 @@ connect = localhost:5501
 
    answer the prompts with whatever you want; you can take the default
    for all of them if you like. The openssl(1) package must be installed.
-   See [736]this link and [737]this one too for more info on SSL certs.
+   See [742]this link and [743]this one too for more info on SSL certs.
    This creates $HOME/.vnc/certs/server-self:mystunnel.pem, then you
    would change the "stunnel.cfg" to look something like:
 foreground = yes
@@ -8880,7 +8977,7 @@ connect = localhost:5501
    then all bets are off!.
 
    More SSL variations and info about certificates can be found
-   [738]here.
+   [744]here.
 
 
    OpenSSL libssl.so.0.9.7 problems:
@@ -8890,16 +8987,16 @@ connect = localhost:5501
    distros are currently a bit of a mess regarding which version of
    libssl is installed.
 
-   You will find the [739]details here.
+   You will find the [745]details here.
 
 
-   Q-124: Can I (temporarily) mount my local (viewer-side) Windows/Samba
+   Q-125: Can I (temporarily) mount my local (viewer-side) Windows/Samba
    File share on the machine where x11vnc is running?
 
    You will have to use an external network redirection for this.
    Filesystem mounting is not part of the VNC protocol.
 
-   We show a simple [740]Samba example here.
+   We show a simple [746]Samba example here.
 
    First you will need a tunnel to redirect the SMB requests from the
    remote machine to the one you sitting at. We use an ssh tunnel:
@@ -8939,17 +9036,17 @@ d,ip=127.0.0.1,port=1139
   far-away> smbumount /home/fred/smb-haystack-pub
 
    At some point we hope to fold some automation for SMB ssh redir setup
-   into the [741]Enhanced TightVNC Viewer (SSVNC) package we provide (as
+   into the [747]Enhanced TightVNC Viewer (SSVNC) package we provide (as
    of Sep 2006 it is there for testing.)
 
 
-   Q-125: Can I redirect CUPS print jobs from the remote desktop where
+   Q-126: Can I redirect CUPS print jobs from the remote desktop where
    x11vnc is running to a printer on my local (viewer-side) machine?
 
    You will have to use an external network redirection for this.
    Printing is not part of the VNC protocol.
 
-   We show a simple Unix to Unix [742]CUPS example here. Non-CUPS port
+   We show a simple Unix to Unix [748]CUPS example here. Non-CUPS port
    redirections (e.g. LPD) should also be possible, but may be a bit more
    tricky. If you are viewing on Windows SMB and don't have a local cups
    server it may be trickier still (see below.)
@@ -9031,11 +9128,11 @@ d,ip=127.0.0.1,port=1139
    "localhost".
 
    At some point we hope to fold some automation for CUPS ssh redir setup
-   into the [743]Enhanced TightVNC Viewer (SSVNC) package we provide (as
+   into the [749]Enhanced TightVNC Viewer (SSVNC) package we provide (as
    of Sep 2006 it is there for testing.)
 
 
-   Q-126: How can I hear the sound (audio) from the remote applications
+   Q-127: How can I hear the sound (audio) from the remote applications
    on the desktop I am viewing via x11vnc?
 
    You will have to use an external network audio mechanism for this.
@@ -9132,11 +9229,11 @@ or:
        the applications will fail to run because LD_PRELOAD will point to
        libraries of the wrong wordsize.
      * At some point we hope to fold some automation for esd or artsd ssh
-       redir setup into the [744]Enhanced TightVNC Viewer (SSVNC) package
+       redir setup into the [750]Enhanced TightVNC Viewer (SSVNC) package
        we provide (as of Sep/2006 it is there for testing.)
 
 
-   Q-127: Why don't I hear the "Beeps" in my X session (e.g. when typing
+   Q-128: Why don't I hear the "Beeps" in my X session (e.g. when typing
    tput bel in an xterm)?
 
    As of Dec/2003 "Beep" XBell events are tracked by default. The X
@@ -9144,31 +9241,65 @@ or:
    in Solaris, see Xserver(1) for how to turn it on via +kb), and so you
    won't hear them if the extension is not present.
 
-   If you don't want to hear the beeps use the [745]-nobell option. If
+   If you don't want to hear the beeps use the [751]-nobell option. If
    you want to hear the audio from the remote applications, consider
-   trying a [746]redirector such as esd.
+   trying a [752]redirector such as esd.
+
+
+   Q-129: Does x11vnc work with IPv6?
+
+   Currently the only way to do this is via a separate helper program
+   such as [753]inetd. You configure x11vnc to be run from inetd or
+   xinetd and instruct it to listen on an IPv6 address. For xinetd the
+   setting "flags = IPv6" will be needed. For inetd.conf, for example:
+  5900 stream tcp6 nowait root /usr/sbin/tcpd /usr/local/bin/x11vnc_wrapper.sh
 
+   We also provide a transitional tool in "[754]x11vnc/misc/inet6to4"
+   that acts as a relay for any IPv4 application to allow connections
+   over IPv6. For example:
+  inet6to4 5900 localhost:5900
 
-   Q-128: Does x11vnc work with IPv6?
+   where x11vnc is listening on IPv4 port 5900.
 
-   Currently the only way to do this is via [747]inetd. You configure
-   x11vnc to be run from inetd or xinetd and instruct it to listen on an
-   IPv6 address. For xinetd the setting "flags = IPv6" will be needed.
+   Also note that not all VNC Viewers are IPv6 enabled, so a redirector
+   may also be needed for them. "inet6to4 -r ..." can do this as well.
+
+  # ./inet6to4 -help
+
+  inet6to4:  Act as an ipv6-to-ipv4 relay for tcp applications that
+             do not support ipv6.
+
+  Usage:     inet6to4
+             inet6to4 -r
+
+  Examples:  inet6to4 5900 localhost:5900
+             inet6to4 8080 web1:80
+             inet6to4 -r 5900 fe80::217:f2ff:fee6:6f5a%eth0:5900
+
+  The -r option reverses the direction of translation (e.g. for ipv4
+  clients that need to connect to ipv6 servers.)  Reversing is the default
+  if this script is named 'inet4to6' (e.g. by a symlink.)
+
+  Use Ctrl-C to stop this program.
+
+  You can also set env. vars INET6TO4_LOOP=1 or INET6TO4_LOOP=BG
+  to have an outer loop restarting this program (BG means do that
+  in the background), and INET6TO4_LOGFILE for a log file.
+  Also set INET6TO4_VERBOSE to verbosity level and INET6TO4_WAITTIME
+  and INET6TO4_PIDFILE (see below.)
+
+   The "INET6TO4_LOOP=BG" and "INET6TO4_LOGFILE=..." env. variables make
+   the tool run reliably as a daemon for very long periods. Read the top
+   part of the script for more information.
 
-   Unfortunately this will be inefficient if multiple VNC Viewers are
-   connected at the same time (there will be a separate x11vnc for each
-   connection.) Some sort of ipv4-to-ipv6 redirector tool (perhaps even a
-   perl script) could be useful to avoid this.
 
-   Also note that not all VNC Viewers are [748]IPv6 enabled, so a
-   redirector could even be needed on the client side.
 
 
 
 
     Contributions:
 
-   Q-129: Thanks for your program or for your help! Can I make a
+   Q-130: Thanks for your program or for your help! Can I make a
    donation?
 
    Please do (any amount is appreciated; very few have donated) and thank
@@ -9246,78 +9377,78 @@ References
   66. http://www.karlrunge.com/x11vnc/faq.html#faq-java-http
   67. http://www.karlrunge.com/x11vnc/faq.html#faq-reverse-connect
   68. http://www.karlrunge.com/x11vnc/faq.html#faq-reverse-connect-proxy
-  69. http://www.karlrunge.com/x11vnc/faq.html#faq-xvfb
-  70. http://www.karlrunge.com/x11vnc/faq.html#faq-headless
-  71. http://www.karlrunge.com/x11vnc/faq.html#faq-solshm
-  72. http://www.karlrunge.com/x11vnc/faq.html#faq-less-resource
-  73. http://www.karlrunge.com/x11vnc/faq.html#faq-more-resource
-  74. http://www.karlrunge.com/x11vnc/faq.html#faq-slow-link
-  75. http://www.karlrunge.com/x11vnc/faq.html#faq-xdamage
-  76. http://www.karlrunge.com/x11vnc/faq.html#faq-xdamage-opengl
-  77. http://www.karlrunge.com/x11vnc/faq.html#faq-pointer-mode
-  78. http://www.karlrunge.com/x11vnc/faq.html#faq-wireframe
-  79. http://www.karlrunge.com/x11vnc/faq.html#faq-scrollcopyrect
-  80. http://www.karlrunge.com/x11vnc/faq.html#faq-client-caching
-  81. http://www.karlrunge.com/x11vnc/faq.html#faq-turbovnc
-  82. http://www.karlrunge.com/x11vnc/faq.html#faq-cursor-shape
-  83. http://www.karlrunge.com/x11vnc/faq.html#faq-xfixes-alpha
-  84. http://www.karlrunge.com/x11vnc/faq.html#faq-xfixes-alpha-hacks
-  85. http://www.karlrunge.com/x11vnc/faq.html#faq-cursor-arrow
-  86. http://www.karlrunge.com/x11vnc/faq.html#faq-cursor-positions
-  87. http://www.karlrunge.com/x11vnc/faq.html#faq-buttonmap-opt
-  88. http://www.karlrunge.com/x11vnc/faq.html#faq-altgr
-  89. http://www.karlrunge.com/x11vnc/faq.html#faq-greaterless
-  90. http://www.karlrunge.com/x11vnc/faq.html#faq-greaterless-sloppy
-  91. http://www.karlrunge.com/x11vnc/faq.html#faq-xkbmodtweak
-  92. http://www.karlrunge.com/x11vnc/faq.html#faq-repeated-keys
-  93. http://www.karlrunge.com/x11vnc/faq.html#faq-repeated-keys-still
-  94. http://www.karlrunge.com/x11vnc/faq.html#faq-mod-stuck-down
-  95. http://www.karlrunge.com/x11vnc/faq.html#faq-remap-opt
-  96. http://www.karlrunge.com/x11vnc/faq.html#faq-sun-alt-meta
-  97. http://www.karlrunge.com/x11vnc/faq.html#faq-hpux-multi-key
-  98. http://www.karlrunge.com/x11vnc/faq.html#faq-remap-button-click
-  99. http://www.karlrunge.com/x11vnc/faq.html#faq-remap-capslock
- 100. http://www.karlrunge.com/x11vnc/faq.html#faq-scrollbars
- 101. http://www.karlrunge.com/x11vnc/faq.html#faq-scaling
- 102. http://www.karlrunge.com/x11vnc/faq.html#faq-xinerama
- 103. http://www.karlrunge.com/x11vnc/faq.html#faq-multi-screen
- 104. http://www.karlrunge.com/x11vnc/faq.html#faq-clip-screen
- 105. http://www.karlrunge.com/x11vnc/faq.html#faq-xrandr
- 106. http://www.karlrunge.com/x11vnc/faq.html#faq-rotate
- 107. http://www.karlrunge.com/x11vnc/faq.html#faq-black-screen
- 108. http://www.karlrunge.com/x11vnc/faq.html#faq-linuxvc
- 109. http://www.karlrunge.com/x11vnc/faq.html#faq-hidden-taskbars
- 110. http://www.karlrunge.com/x11vnc/faq.html#faq-kde-screensaver
- 111. http://www.karlrunge.com/x11vnc/faq.html#faq-beryl
- 112. http://www.karlrunge.com/x11vnc/faq.html#faq-vmware
- 113. http://www.karlrunge.com/x11vnc/faq.html#faq-rawfb
- 114. http://www.karlrunge.com/x11vnc/faq.html#faq-linux-vt
- 115. http://www.karlrunge.com/x11vnc/faq.html#faq-video
- 116. http://www.karlrunge.com/x11vnc/faq.html#faq-qt-embedded
- 117. http://www.karlrunge.com/x11vnc/faq.html#faq-no-x11
- 118. http://www.karlrunge.com/x11vnc/faq.html#faq-macosx
- 119. http://www.karlrunge.com/x11vnc/faq.html#faq-reflect
- 120. http://www.karlrunge.com/x11vnc/faq.html#faq-os-install
- 121. http://www.karlrunge.com/x11vnc/faq.html#faq-clipboard
- 122. http://www.karlrunge.com/x11vnc/faq.html#faq-record-swf
- 123. http://www.karlrunge.com/x11vnc/faq.html#faq-filexfer
- 124. http://www.karlrunge.com/x11vnc/faq.html#faq-ultravnc
- 125. http://www.karlrunge.com/x11vnc/faq.html#faq-singleclick
- 126. http://www.karlrunge.com/x11vnc/faq.html#faq-smb-shares
- 127. http://www.karlrunge.com/x11vnc/faq.html#faq-cups
- 128. http://www.karlrunge.com/x11vnc/faq.html#faq-sound
- 129. http://www.karlrunge.com/x11vnc/faq.html#faq-beeps
- 130. http://www.karlrunge.com/x11vnc/faq.html#faq-ipv6
- 131. http://www.karlrunge.com/x11vnc/faq.html#faq-thanks
- 132. http://www.karlrunge.com/x11vnc/x11vnc_opts.html#opt-display
- 133. http://www.tldp.org/HOWTO/Remote-X-Apps.html
- 134. http://www.karlrunge.com/x11vnc/x11vnc_opts.html#opt-auth
- 135. http://www.karlrunge.com/x11vnc/faq.html#faq-display-manager
- 136. http://www.karlrunge.com/x11vnc/x11vnc_opts.html#opt-find
- 137. http://www.karlrunge.com/x11vnc/x11vnc_opts.html#opt-users
- 138. http://www.karlrunge.com/x11vnc/index.html#firewalls
- 139. http://www.karlrunge.com/x11vnc/miscbuild.html
- 140. http://www.karlrunge.com/x11vnc/faq.html#infaq_libssl-problems
+  69. http://www.karlrunge.com/x11vnc/faq.html#faq-web-login
+  70. http://www.karlrunge.com/x11vnc/faq.html#faq-xvfb
+  71. http://www.karlrunge.com/x11vnc/faq.html#faq-headless
+  72. http://www.karlrunge.com/x11vnc/faq.html#faq-solshm
+  73. http://www.karlrunge.com/x11vnc/faq.html#faq-less-resource
+  74. http://www.karlrunge.com/x11vnc/faq.html#faq-more-resource
+  75. http://www.karlrunge.com/x11vnc/faq.html#faq-slow-link
+  76. http://www.karlrunge.com/x11vnc/faq.html#faq-xdamage
+  77. http://www.karlrunge.com/x11vnc/faq.html#faq-xdamage-opengl
+  78. http://www.karlrunge.com/x11vnc/faq.html#faq-pointer-mode
+  79. http://www.karlrunge.com/x11vnc/faq.html#faq-wireframe
+  80. http://www.karlrunge.com/x11vnc/faq.html#faq-scrollcopyrect
+  81. http://www.karlrunge.com/x11vnc/faq.html#faq-client-caching
+  82. http://www.karlrunge.com/x11vnc/faq.html#faq-turbovnc
+  83. http://www.karlrunge.com/x11vnc/faq.html#faq-cursor-shape
+  84. http://www.karlrunge.com/x11vnc/faq.html#faq-xfixes-alpha
+  85. http://www.karlrunge.com/x11vnc/faq.html#faq-xfixes-alpha-hacks
+  86. http://www.karlrunge.com/x11vnc/faq.html#faq-cursor-arrow
+  87. http://www.karlrunge.com/x11vnc/faq.html#faq-cursor-positions
+  88. http://www.karlrunge.com/x11vnc/faq.html#faq-buttonmap-opt
+  89. http://www.karlrunge.com/x11vnc/faq.html#faq-altgr
+  90. http://www.karlrunge.com/x11vnc/faq.html#faq-greaterless
+  91. http://www.karlrunge.com/x11vnc/faq.html#faq-greaterless-sloppy
+  92. http://www.karlrunge.com/x11vnc/faq.html#faq-xkbmodtweak
+  93. http://www.karlrunge.com/x11vnc/faq.html#faq-repeated-keys
+  94. http://www.karlrunge.com/x11vnc/faq.html#faq-repeated-keys-still
+  95. http://www.karlrunge.com/x11vnc/faq.html#faq-mod-stuck-down
+  96. http://www.karlrunge.com/x11vnc/faq.html#faq-remap-opt
+  97. http://www.karlrunge.com/x11vnc/faq.html#faq-sun-alt-meta
+  98. http://www.karlrunge.com/x11vnc/faq.html#faq-hpux-multi-key
+  99. http://www.karlrunge.com/x11vnc/faq.html#faq-remap-button-click
+ 100. http://www.karlrunge.com/x11vnc/faq.html#faq-remap-capslock
+ 101. http://www.karlrunge.com/x11vnc/faq.html#faq-scrollbars
+ 102. http://www.karlrunge.com/x11vnc/faq.html#faq-scaling
+ 103. http://www.karlrunge.com/x11vnc/faq.html#faq-xinerama
+ 104. http://www.karlrunge.com/x11vnc/faq.html#faq-multi-screen
+ 105. http://www.karlrunge.com/x11vnc/faq.html#faq-clip-screen
+ 106. http://www.karlrunge.com/x11vnc/faq.html#faq-xrandr
+ 107. http://www.karlrunge.com/x11vnc/faq.html#faq-rotate
+ 108. http://www.karlrunge.com/x11vnc/faq.html#faq-black-screen
+ 109. http://www.karlrunge.com/x11vnc/faq.html#faq-linuxvc
+ 110. http://www.karlrunge.com/x11vnc/faq.html#faq-hidden-taskbars
+ 111. http://www.karlrunge.com/x11vnc/faq.html#faq-kde-screensaver
+ 112. http://www.karlrunge.com/x11vnc/faq.html#faq-beryl
+ 113. http://www.karlrunge.com/x11vnc/faq.html#faq-vmware
+ 114. http://www.karlrunge.com/x11vnc/faq.html#faq-rawfb
+ 115. http://www.karlrunge.com/x11vnc/faq.html#faq-linux-vt
+ 116. http://www.karlrunge.com/x11vnc/faq.html#faq-video
+ 117. http://www.karlrunge.com/x11vnc/faq.html#faq-qt-embedded
+ 118. http://www.karlrunge.com/x11vnc/faq.html#faq-no-x11
+ 119. http://www.karlrunge.com/x11vnc/faq.html#faq-macosx
+ 120. http://www.karlrunge.com/x11vnc/faq.html#faq-reflect
+ 121. http://www.karlrunge.com/x11vnc/faq.html#faq-os-install
+ 122. http://www.karlrunge.com/x11vnc/faq.html#faq-clipboard
+ 123. http://www.karlrunge.com/x11vnc/faq.html#faq-record-swf
+ 124. http://www.karlrunge.com/x11vnc/faq.html#faq-filexfer
+ 125. http://www.karlrunge.com/x11vnc/faq.html#faq-ultravnc
+ 126. http://www.karlrunge.com/x11vnc/faq.html#faq-singleclick
+ 127. http://www.karlrunge.com/x11vnc/faq.html#faq-smb-shares
+ 128. http://www.karlrunge.com/x11vnc/faq.html#faq-cups
+ 129. http://www.karlrunge.com/x11vnc/faq.html#faq-sound
+ 130. http://www.karlrunge.com/x11vnc/faq.html#faq-beeps
+ 131. http://www.karlrunge.com/x11vnc/faq.html#faq-ipv6
+ 132. http://www.karlrunge.com/x11vnc/faq.html#faq-thanks
+ 133. http://www.karlrunge.com/x11vnc/x11vnc_opts.html#opt-display
+ 134. http://www.tldp.org/HOWTO/Remote-X-Apps.html
+ 135. http://www.karlrunge.com/x11vnc/x11vnc_opts.html#opt-auth
+ 136. http://www.karlrunge.com/x11vnc/faq.html#faq-display-manager
+ 137. http://www.karlrunge.com/x11vnc/x11vnc_opts.html#opt-find
+ 138. http://www.karlrunge.com/x11vnc/x11vnc_opts.html#opt-users
+ 139. http://www.karlrunge.com/x11vnc/index.html#firewalls
+ 140. http://www.karlrunge.com/x11vnc/miscbuild.html
  141. http://www.karlrunge.com/x11vnc/index.html#solarisbuilding
  142. http://www.karlrunge.com/x11vnc/x11vnc_sunos4.html
  143. http://www.karlrunge.com/x11vnc/index.html#building
@@ -9495,13 +9626,13 @@ References
  315. http://www.karlrunge.com/x11vnc/chainingssh.html#gateway_double_ssh
  316. http://www.karlrunge.com/x11vnc/index.html#tunnelling
  317. http://www.karlrunge.com/x11vnc/x11vnc_opts.html#opt-connect
- 318. http://www.stunnel.org/
- 319. http://stunnel.mirt.net/
+ 318. http://stunnel.mirt.net/
+ 319. http://www.stunnel.org/
  320. http://www.karlrunge.com/x11vnc/x11vnc_opts.html#opt-ssl
  321. http://www.karlrunge.com/x11vnc/x11vnc_opts.html#opt-stunnel
  322. http://www.karlrunge.com/x11vnc/x11vnc_opts.html#opt-sslverify
  323. http://www.karlrunge.com/x11vnc/faq.html#faq-ssl-tunnel-int
- 324. http://www.stunnel.org/
+ 324. http://stunnel.mirt.net/
  325. http://www.karlrunge.com/x11vnc/ssl.html
  326. http://www.karlrunge.com/x11vnc/faq.html#ss_vncviewer
  327. http://www.karlrunge.com/x11vnc/ssvnc.html
@@ -9536,7 +9667,7 @@ References
  356. http://www.karlrunge.com/x11vnc/ssl.html
  357. http://www.karlrunge.com/x11vnc/x11vnc_opts.html#opt-stunnel
  358. http://www.karlrunge.com/x11vnc/x11vnc_opts.html#opt-stunnel
- 359. http://www.stunnel.org/
+ 359. http://stunnel.mirt.net/
  360. http://www.karlrunge.com/x11vnc/faq.html#infaq_viewer-side-stunnel
  361. http://www.karlrunge.com/x11vnc/faq.html#ss_vncviewer
  362. http://www.karlrunge.com/x11vnc/ssvnc.html
@@ -9568,364 +9699,370 @@ References
  388. http://www.karlrunge.com/x11vnc/faq.html#ss_vncviewer
  389. http://www.karlrunge.com/x11vnc/ssvnc.html
  390. http://www.karlrunge.com/x11vnc/ssl-portal.html
- 391. http://www.karlrunge.com/x11vnc/ssl.html
- 392. http://www.karlrunge.com/x11vnc/faq.html#infaq_display-manager-continuously
- 393. http://www.karlrunge.com/x11vnc/faq.html#faq-inetd
- 394. http://www.karlrunge.com/x11vnc/faq.html#faq-userlogin
- 395. http://www.karlrunge.com/x11vnc/faq.html#infaq_x11vnc_loop
- 396. http://club.mandriva.com/xwiki/bin/view/KB/XwinXset
- 397. http://www.karlrunge.com/x11vnc/index.html#firewalls
- 398. http://www.karlrunge.com/x11vnc/x11vnc_opts.html#opt-auth
+ 391. http://www.karlrunge.com/x11vnc/faq.html#faq-web-login
+ 392. http://www.karlrunge.com/x11vnc/ssl.html
+ 393. http://www.karlrunge.com/x11vnc/faq.html#infaq_display-manager-continuously
+ 394. http://www.karlrunge.com/x11vnc/faq.html#faq-inetd
+ 395. http://www.karlrunge.com/x11vnc/faq.html#faq-userlogin
+ 396. http://www.karlrunge.com/x11vnc/faq.html#infaq_x11vnc_loop
+ 397. http://club.mandriva.com/xwiki/bin/view/KB/XwinXset
+ 398. http://www.karlrunge.com/x11vnc/index.html#firewalls
  399. http://www.karlrunge.com/x11vnc/x11vnc_opts.html#opt-auth
- 400. http://www.karlrunge.com/x11vnc/faq.html#infaq_dtlogin_solaris
- 401. http://www.karlrunge.com/x11vnc/x11vnc_opts.html#opt-reopen
- 402. http://www.karlrunge.com/x11vnc/x11vnc_opts.html#opt-localhost
- 403. http://www.karlrunge.com/x11vnc/index.html#tunnelling
- 404. http://www.karlrunge.com/x11vnc/x11vnc_opts.html#opt-localhost
- 405. http://www.karlrunge.com/x11vnc/x11vnc_opts.html#opt-ssl
- 406. http://www.karlrunge.com/x11vnc/x11vnc_opts.html#opt-N
- 407. http://www.jirka.org/gdm-documentation/x241.html
- 408. http://www.karlrunge.com/x11vnc/x11vnc_loop
- 409. http://www.karlrunge.com/x11vnc/x11vnc_opts.html#opt-loop
- 410. http://www.karlrunge.com/x11vnc/faq.html#faq-xterminal-xauth
- 411. http://www.karlrunge.com/x11vnc/index.html#firewalls
- 412. http://www.karlrunge.com/x11vnc/x11vnc_opts.html#opt-inetd
- 413. http://www.karlrunge.com/x11vnc/x11vnc_opts.html#opt-q,
- 414. http://www.karlrunge.com/x11vnc/x11vnc_opts.html#opt-auth
- 415. http://www.karlrunge.com/x11vnc/faq.html#faq-userlogin
- 416. http://www.karlrunge.com/x11vnc/x11vnc_opts.html#opt-avahi
- 417. http://www.karlrunge.com/x11vnc/x11vnc_opts.html#opt-mdns
- 418. http://www.karlrunge.com/x11vnc/x11vnc_opts.html#opt-zeroconf
- 419. http://www.avahi.org/
- 420. http://www.karlrunge.com/x11vnc/faq.html#faq-inetd
- 421. http://www.karlrunge.com/x11vnc/x11vnc_opts.html#opt-unixpw
- 422. http://www.karlrunge.com/x11vnc/x11vnc_opts.html#opt-display_WAIT
- 423. http://www.karlrunge.com/x11vnc/faq.html#infaq_stunnel-inetd
- 424. http://www.karlrunge.com/x11vnc/x11vnc_opts.html#opt-loop
- 425. http://www.karlrunge.com/x11vnc/x11vnc_opts.html#opt-find
- 426. http://www.karlrunge.com/x11vnc/x11vnc_opts.html#opt-create
- 427. http://www.karlrunge.com/x11vnc/x11vnc_opts.html#opt-svc
- 428. http://www.karlrunge.com/x11vnc/x11vnc_opts.html#opt-xdmsvc
- 429. http://www.karlrunge.com/x11vnc/x11vnc_opts.html#opt-display_WAIT
- 430. http://www.karlrunge.com/x11vnc/find_display.html
- 431. http://www.karlrunge.com/x11vnc/x11vnc_opts.html#opt-find
+ 400. http://www.karlrunge.com/x11vnc/x11vnc_opts.html#opt-auth
+ 401. http://www.karlrunge.com/x11vnc/faq.html#infaq_dtlogin_solaris
+ 402. http://www.karlrunge.com/x11vnc/x11vnc_opts.html#opt-reopen
+ 403. http://www.karlrunge.com/x11vnc/x11vnc_opts.html#opt-localhost
+ 404. http://www.karlrunge.com/x11vnc/index.html#tunnelling
+ 405. http://www.karlrunge.com/x11vnc/x11vnc_opts.html#opt-localhost
+ 406. http://www.karlrunge.com/x11vnc/x11vnc_opts.html#opt-ssl
+ 407. http://www.karlrunge.com/x11vnc/x11vnc_opts.html#opt-N
+ 408. http://www.jirka.org/gdm-documentation/x241.html
+ 409. http://www.karlrunge.com/x11vnc/x11vnc_loop
+ 410. http://www.karlrunge.com/x11vnc/x11vnc_opts.html#opt-loop
+ 411. http://www.karlrunge.com/x11vnc/faq.html#faq-xterminal-xauth
+ 412. http://www.karlrunge.com/x11vnc/index.html#firewalls
+ 413. http://www.karlrunge.com/x11vnc/x11vnc_opts.html#opt-inetd
+ 414. http://www.karlrunge.com/x11vnc/x11vnc_opts.html#opt-q,
+ 415. http://www.karlrunge.com/x11vnc/x11vnc_opts.html#opt-auth
+ 416. http://www.karlrunge.com/x11vnc/faq.html#faq-userlogin
+ 417. http://www.karlrunge.com/x11vnc/x11vnc_opts.html#opt-avahi
+ 418. http://www.karlrunge.com/x11vnc/x11vnc_opts.html#opt-mdns
+ 419. http://www.karlrunge.com/x11vnc/x11vnc_opts.html#opt-zeroconf
+ 420. http://www.avahi.org/
+ 421. http://www.karlrunge.com/x11vnc/faq.html#faq-inetd
+ 422. http://www.karlrunge.com/x11vnc/x11vnc_opts.html#opt-unixpw
+ 423. http://www.karlrunge.com/x11vnc/x11vnc_opts.html#opt-display_WAIT
+ 424. http://www.karlrunge.com/x11vnc/faq.html#infaq_stunnel-inetd
+ 425. http://www.karlrunge.com/x11vnc/x11vnc_opts.html#opt-loop
+ 426. http://www.karlrunge.com/x11vnc/x11vnc_opts.html#opt-find
+ 427. http://www.karlrunge.com/x11vnc/x11vnc_opts.html#opt-create
+ 428. http://www.karlrunge.com/x11vnc/x11vnc_opts.html#opt-svc
+ 429. http://www.karlrunge.com/x11vnc/x11vnc_opts.html#opt-xdmsvc
+ 430. http://www.karlrunge.com/x11vnc/x11vnc_opts.html#opt-display_WAIT
+ 431. http://www.karlrunge.com/x11vnc/find_display.html
  432. http://www.karlrunge.com/x11vnc/x11vnc_opts.html#opt-find
- 433. http://www.karlrunge.com/x11vnc/x11vnc_opts.html#opt-unixpw
- 434. http://www.karlrunge.com/x11vnc/faq.html#faq-unix-passwords
- 435. http://www.karlrunge.com/x11vnc/x11vnc_opts.html#opt-find
- 436. http://www.karlrunge.com/x11vnc/x11vnc_opts.html#opt-svc
- 437. http://www.karlrunge.com/x11vnc/x11vnc_opts.html#opt-users
- 438. http://www.karlrunge.com/x11vnc/faq.html#faq-ssl-tunnel-int
- 439. http://www.karlrunge.com/x11vnc/x11vnc_opts.html#opt-localhost
- 440. http://www.karlrunge.com/x11vnc/x11vnc_opts.html#opt-unixpw
- 441. http://www.karlrunge.com/x11vnc/x11vnc_opts.html#opt-users
- 442. http://www.karlrunge.com/x11vnc/faq.html#faq-xvfb
- 443. http://www.karlrunge.com/x11vnc/x11vnc_opts.html#opt-svc
- 444. http://www.karlrunge.com/x11vnc/faq.html#ss_vncviewer
- 445. http://www.karlrunge.com/x11vnc/ssvnc.html
- 446. http://www.karlrunge.com/x11vnc/x11vnc_opts.html#opt-create
- 447. http://www.karlrunge.com/x11vnc/x11vnc_opts.html#opt-svc
- 448. http://www.karlrunge.com/x11vnc/x11vnc_opts.html#opt-display_WAIT
- 449. http://www.karlrunge.com/x11vnc/x11vnc_opts.html#opt-create_xsrv
- 450. http://www.karlrunge.com/x11vnc/faq.html#faq-linuxvc
- 451. http://www.karlrunge.com/x11vnc/x11vnc_opts.html#opt-xdmsvc
- 452. http://www.karlrunge.com/x11vnc/x11vnc_opts.html#opt-loop
+ 433. http://www.karlrunge.com/x11vnc/x11vnc_opts.html#opt-find
+ 434. http://www.karlrunge.com/x11vnc/x11vnc_opts.html#opt-unixpw
+ 435. http://www.karlrunge.com/x11vnc/faq.html#faq-unix-passwords
+ 436. http://www.karlrunge.com/x11vnc/x11vnc_opts.html#opt-find
+ 437. http://www.karlrunge.com/x11vnc/x11vnc_opts.html#opt-svc
+ 438. http://www.karlrunge.com/x11vnc/x11vnc_opts.html#opt-users
+ 439. http://www.karlrunge.com/x11vnc/faq.html#faq-ssl-tunnel-int
+ 440. http://www.karlrunge.com/x11vnc/x11vnc_opts.html#opt-localhost
+ 441. http://www.karlrunge.com/x11vnc/x11vnc_opts.html#opt-unixpw
+ 442. http://www.karlrunge.com/x11vnc/x11vnc_opts.html#opt-users
+ 443. http://www.karlrunge.com/x11vnc/faq.html#faq-xvfb
+ 444. http://www.karlrunge.com/x11vnc/x11vnc_opts.html#opt-svc
+ 445. http://www.karlrunge.com/x11vnc/faq.html#ss_vncviewer
+ 446. http://www.karlrunge.com/x11vnc/ssvnc.html
+ 447. http://www.karlrunge.com/x11vnc/x11vnc_opts.html#opt-create
+ 448. http://www.karlrunge.com/x11vnc/x11vnc_opts.html#opt-svc
+ 449. http://www.karlrunge.com/x11vnc/x11vnc_opts.html#opt-display_WAIT
+ 450. http://www.karlrunge.com/x11vnc/x11vnc_opts.html#opt-create_xsrv
+ 451. http://www.karlrunge.com/x11vnc/faq.html#faq-linuxvc
+ 452. http://www.karlrunge.com/x11vnc/x11vnc_opts.html#opt-xdmsvc
  453. http://www.karlrunge.com/x11vnc/x11vnc_opts.html#opt-loop
- 454. http://www.karlrunge.com/x11vnc/x11vnc_opts.html#opt-svc
- 455. http://www.karlrunge.com/x11vnc/x11vnc_opts.html#opt-httpdir
- 456. http://www.karlrunge.com/x11vnc/x11vnc_opts.html#opt-http
- 457. http://www.karlrunge.com/x11vnc/faq.html#faq-ssl-java-viewer-proxy
- 458. http://www.karlrunge.com/x11vnc/x11vnc_opts.html#opt-connect
- 459. http://www.karlrunge.com/x11vnc/x11vnc_opts.html#opt-remote
- 460. http://www.karlrunge.com/x11vnc/x11vnc_opts.html#opt-connect_or_exit
- 461. http://www.karlrunge.com/x11vnc/x11vnc_opts.html#opt-vncconnect
- 462. http://www.karlrunge.com/x11vnc/x11vnc_opts.html#opt-proxy
+ 454. http://www.karlrunge.com/x11vnc/x11vnc_opts.html#opt-loop
+ 455. http://www.karlrunge.com/x11vnc/x11vnc_opts.html#opt-svc
+ 456. http://www.karlrunge.com/x11vnc/x11vnc_opts.html#opt-httpdir
+ 457. http://www.karlrunge.com/x11vnc/x11vnc_opts.html#opt-http
+ 458. http://www.karlrunge.com/x11vnc/faq.html#faq-ssl-java-viewer-proxy
+ 459. http://www.karlrunge.com/x11vnc/x11vnc_opts.html#opt-connect
+ 460. http://www.karlrunge.com/x11vnc/x11vnc_opts.html#opt-remote
+ 461. http://www.karlrunge.com/x11vnc/x11vnc_opts.html#opt-connect_or_exit
+ 462. http://www.karlrunge.com/x11vnc/x11vnc_opts.html#opt-vncconnect
  463. http://www.karlrunge.com/x11vnc/x11vnc_opts.html#opt-proxy
  464. http://www.karlrunge.com/x11vnc/x11vnc_opts.html#opt-proxy
- 465. http://www.karlrunge.com/x11vnc/faq.html#infaq_localaccess
- 466. http://www.karlrunge.com/x11vnc/faq.html#infaq_localaccess
- 467. http://www.karlrunge.com/x11vnc/faq.html#infaq_findcreatedisplay
- 468. http://www.karlrunge.com/x11vnc/x11vnc_opts.html#opt-display_WAIT
- 469. http://www.karlrunge.com/x11vnc/x11vnc_opts.html#opt-find
- 470. http://www.karlrunge.com/x11vnc/x11vnc_opts.html#opt-create
- 471. http://www.karlrunge.com/x11vnc/x11vnc_opts.html#opt-svc
- 472. http://www.karlrunge.com/x11vnc/x11vnc_opts.html#opt-xdmsvc
- 473. http://www.karlrunge.com/x11vnc/x11vnc_opts.html#opt-add_keysyms
- 474. http://www.karlrunge.com/x11vnc/faq.html#infaq_findcreatedisplay
- 475. http://www.karlrunge.com/x11vnc/faq.html#faq-linuxvc
- 476. http://www.karlrunge.com/x11vnc/Xdummy
- 477. http://www.karlrunge.com/x11vnc/x11vnc_opts.html#opt-find
- 478. http://www.karlrunge.com/x11vnc/xdm_one_shot.html
- 479. http://www.karlrunge.com/x11vnc/faq.html#infaq_display-manager-continuously
+ 465. http://www.karlrunge.com/x11vnc/x11vnc_opts.html#opt-proxy
+ 466. http://www.karlrunge.com/x11vnc/desktop.cgi.pl
+ 467. http://www.karlrunge.com/x11vnc/faq.html#faq-xvfb
+ 468. http://www.karlrunge.com/x11vnc/x11vnc_opts.html#opt-create
+ 469. http://www.karlrunge.com/x11vnc/x11vnc_opts.html#opt-loop
+ 470. http://www.karlrunge.com/x11vnc/faq.html#faq-ssl-portal
+ 471. http://www.karlrunge.com/x11vnc/faq.html#infaq_localaccess
+ 472. http://www.karlrunge.com/x11vnc/faq.html#infaq_localaccess
+ 473. http://www.karlrunge.com/x11vnc/faq.html#infaq_findcreatedisplay
+ 474. http://www.karlrunge.com/x11vnc/x11vnc_opts.html#opt-display_WAIT
+ 475. http://www.karlrunge.com/x11vnc/x11vnc_opts.html#opt-find
+ 476. http://www.karlrunge.com/x11vnc/x11vnc_opts.html#opt-create
+ 477. http://www.karlrunge.com/x11vnc/x11vnc_opts.html#opt-svc
+ 478. http://www.karlrunge.com/x11vnc/x11vnc_opts.html#opt-xdmsvc
+ 479. http://www.karlrunge.com/x11vnc/x11vnc_opts.html#opt-add_keysyms
  480. http://www.karlrunge.com/x11vnc/faq.html#infaq_findcreatedisplay
- 481. http://www.karlrunge.com/x11vnc/x11vnc_opts.html#opt-display_WAIT
- 482. http://www.karlrunge.com/x11vnc/x11vnc_opts.html#opt-find
- 483. http://www.karlrunge.com/x11vnc/x11vnc_opts.html#opt-create
- 484. http://www.karlrunge.com/x11vnc/x11vnc_opts.html#opt-svc
- 485. http://www.karlrunge.com/x11vnc/x11vnc_opts.html#opt-xdmsvc
- 486. http://www.karlrunge.com/x11vnc/shm_clear
- 487. http://www.karlrunge.com/x11vnc/x11vnc_opts.html#opt-onetile
- 488. http://www.karlrunge.com/x11vnc/x11vnc_opts.html#opt-noshm
- 489. http://www.karlrunge.com/x11vnc/faq.html#faq-noshm
- 490. http://www.karlrunge.com/x11vnc/x11vnc_opts.html#opt-nap
- 491. http://www.karlrunge.com/x11vnc/x11vnc_opts.html#opt-wait
- 492. http://www.karlrunge.com/x11vnc/x11vnc_opts.html#opt-sb
+ 481. http://www.karlrunge.com/x11vnc/faq.html#faq-linuxvc
+ 482. http://www.karlrunge.com/x11vnc/Xdummy
+ 483. http://www.karlrunge.com/x11vnc/x11vnc_opts.html#opt-find
+ 484. http://www.karlrunge.com/x11vnc/xdm_one_shot.html
+ 485. http://www.karlrunge.com/x11vnc/faq.html#infaq_display-manager-continuously
+ 486. http://www.karlrunge.com/x11vnc/faq.html#infaq_findcreatedisplay
+ 487. http://www.karlrunge.com/x11vnc/x11vnc_opts.html#opt-display_WAIT
+ 488. http://www.karlrunge.com/x11vnc/x11vnc_opts.html#opt-find
+ 489. http://www.karlrunge.com/x11vnc/x11vnc_opts.html#opt-create
+ 490. http://www.karlrunge.com/x11vnc/x11vnc_opts.html#opt-svc
+ 491. http://www.karlrunge.com/x11vnc/x11vnc_opts.html#opt-xdmsvc
+ 492. http://www.karlrunge.com/x11vnc/shm_clear
  493. http://www.karlrunge.com/x11vnc/x11vnc_opts.html#opt-onetile
- 494. http://www.karlrunge.com/x11vnc/x11vnc_opts.html#opt-fs
- 495. http://www.karlrunge.com/x11vnc/x11vnc_opts.html#opt-threads
- 496. http://www.karlrunge.com/x11vnc/x11vnc_opts.html#opt-defer
- 497. http://www.karlrunge.com/x11vnc/x11vnc_opts.html#opt-id
- 498. http://www.karlrunge.com/x11vnc/index.html#fb_read_slow
- 499. http://www.karlrunge.com/x11vnc/faq.html#faq-turbovnc
- 500. http://www.karlrunge.com/x11vnc/x11vnc_opts.html#opt-solid
- 501. http://www.karlrunge.com/x11vnc/x11vnc_opts.html#opt-scrollcopyrect
- 502. http://www.karlrunge.com/x11vnc/x11vnc_opts.html#opt-wireframe
- 503. http://www.tightvnc.com/
- 504. http://www.karlrunge.com/x11vnc/ssvnc.html
- 505. http://www.karlrunge.com/x11vnc/x11vnc_opts.html#opt-wireframe
- 506. http://www.karlrunge.com/x11vnc/x11vnc_opts.html#opt-scrollcopyrect
- 507. http://www.karlrunge.com/x11vnc/x11vnc_opts.html#opt-solid
- 508. http://www.karlrunge.com/x11vnc/faq.html#faq-client-caching
- 509. http://www.karlrunge.com/x11vnc/x11vnc_opts.html#opt-ncache
- 510. http://www.karlrunge.com/x11vnc/x11vnc_opts.html#opt-speeds
- 511. http://www.karlrunge.com/x11vnc/x11vnc_opts.html#opt-nodragging
- 512. http://www.karlrunge.com/x11vnc/x11vnc_opts.html#opt-fs
- 513. http://www.karlrunge.com/x11vnc/x11vnc_opts.html#opt-wait
- 514. http://www.karlrunge.com/x11vnc/x11vnc_opts.html#opt-defer
- 515. http://www.karlrunge.com/x11vnc/x11vnc_opts.html#opt-progressive
- 516. http://www.karlrunge.com/x11vnc/x11vnc_opts.html#opt-id
- 517. http://www.karlrunge.com/x11vnc/x11vnc_opts.html#opt-appshare
- 518. http://www.karlrunge.com/x11vnc/x11vnc_opts.html#opt-nosel
- 519. http://www.karlrunge.com/x11vnc/x11vnc_opts.html#opt-nocursor
- 520. http://www.karlrunge.com/x11vnc/x11vnc_opts.html#opt-nocursorpos
- 521. http://www.karlrunge.com/x11vnc/x11vnc_opts.html#opt-readtimeout
- 522. http://www.karlrunge.com/x11vnc/x11vnc_opts.html#opt-fixscreen
- 523. http://www.karlrunge.com/x11vnc/index.html#fb_read_slow
- 524. http://www.karlrunge.com/x11vnc/x11vnc_opts.html#opt-xd_area
- 525. http://www.karlrunge.com/x11vnc/x11vnc_opts.html#opt-xd_mem
- 526. http://www.karlrunge.com/x11vnc/x11vnc_opts.html#opt-noxdamage
- 527. http://www.karlrunge.com/x11vnc/x11vnc_opts.html#opt-noxdamage
- 528. http://minimyth.org/
- 529. http://www.karlrunge.com/x11vnc/faq.html#faq-beryl
- 530. http://www.karlrunge.com/x11vnc/index.html#fb_read_slow
- 531. http://www.karlrunge.com/x11vnc/x11vnc_opts.html#opt-pointer_mode
- 532. http://www.karlrunge.com/x11vnc/x11vnc_opts.html#opt-pointer_mode
- 533. http://www.karlrunge.com/x11vnc/x11vnc_opts.html#opt-nodragging
- 534. http://www.karlrunge.com/x11vnc/x11vnc_opts.html#opt-pointer_mode
- 535. http://www.karlrunge.com/x11vnc/x11vnc_opts.html#opt-threads
- 536. http://www.karlrunge.com/x11vnc/faq.html#faq-wireframe
- 537. http://www.karlrunge.com/x11vnc/faq.html#faq-scrollcopyrect
- 538. http://www.karlrunge.com/x11vnc/faq.html#faq-pointer-mode
- 539. http://www.karlrunge.com/x11vnc/index.html#fb_read_slow
- 540. http://www.karlrunge.com/x11vnc/x11vnc_opts.html#opt-wireframe
- 541. http://www.karlrunge.com/x11vnc/x11vnc_opts.html#opt-wireframe
- 542. http://www.karlrunge.com/x11vnc/x11vnc_opts.html#opt-wireframe
- 543. http://www.karlrunge.com/x11vnc/index.html#fb_read_slow
- 544. http://www.karlrunge.com/x11vnc/x11vnc_opts.html#opt-scrollcopyrect
- 545. http://www.karlrunge.com/x11vnc/x11vnc_opts.html#opt-wireframe
- 546. http://www.karlrunge.com/x11vnc/x11vnc_opts.html#opt-wirecopyrect
- 547. http://www.karlrunge.com/x11vnc/faq.html#faq-wireframe
- 548. http://www.karlrunge.com/x11vnc/x11vnc_opts.html#opt-fixscreen
- 549. http://www.karlrunge.com/x11vnc/x11vnc_opts.html#opt-scr_skip
- 550. http://www.karlrunge.com/x11vnc/x11vnc_opts.html#opt-scale
- 551. http://www.karlrunge.com/x11vnc/x11vnc_opts.html#opt-scrollcopyrect
- 552. http://www.karlrunge.com/x11vnc/index.html#beta-test
- 553. http://www.karlrunge.com/x11vnc/x11vnc_opts.html#opt-ncache
- 554. http://www.karlrunge.com/x11vnc/ssvnc.html
- 555. http://www.karlrunge.com/x11vnc/ssvnc.html#ycrop
- 556. http://www.karlrunge.com/x11vnc/x11vnc_opts.html#opt-ncache_no_rootpixmap
- 557. http://www.karlrunge.com/x11vnc/x11vnc_opts.html#opt-ncache_cr
- 558. http://www.virtualgl.org/About/TurboVNC
- 559. http://www.virtualgl.org/
- 560. http://sourceforge.net/project/showfiles.php?group_id=117509&package_id=166100
- 561. http://www.karlrunge.com/x11vnc/x11vnc_opts.html#opt-wait
- 562. http://www.karlrunge.com/x11vnc/x11vnc_opts.html#opt-defer
- 563. http://sourceforge.net/project/showfiles.php?group_id=117509&package_id=166100
- 564. http://www.karlrunge.com/x11vnc/ssvnc.html
- 565. http://www.karlrunge.com/x11vnc/bins
- 566. http://www.karlrunge.com/x11vnc/ssvnc.html
- 567. http://www.virtualgl.org/About/Reports
- 568. http://www.karlrunge.com/x11vnc/index.html#fb_read_slow
- 569. http://www.karlrunge.com/x11vnc/x11vnc_opts.html#opt-cursor
- 570. http://www.karlrunge.com/x11vnc/x11vnc_opts.html#opt-cursor
- 571. http://www.karlrunge.com/x11vnc/x11vnc_opts.html#opt-overlay
- 572. http://www.karlrunge.com/x11vnc/faq.html#infaq_the-overlay-mode
- 573. http://www.karlrunge.com/x11vnc/index.html#solaris10-build
- 574. http://www.karlrunge.com/x11vnc/faq.html#faq-xfixes-alpha-hacks
- 575. http://www.karlrunge.com/x11vnc/x11vnc_opts.html#opt-alphacut
- 576. http://www.karlrunge.com/x11vnc/x11vnc_opts.html#opt-alphafrac
- 577. http://www.karlrunge.com/x11vnc/x11vnc_opts.html#opt-alpharemove
- 578. http://www.karlrunge.com/x11vnc/x11vnc_opts.html#opt-nocursorshape
- 579. http://www.karlrunge.com/x11vnc/x11vnc_opts.html#opt-noalphablend
- 580. http://www.karlrunge.com/x11vnc/ssvnc.html
- 581. http://www.tightvnc.com/
- 582. http://www.karlrunge.com/x11vnc/x11vnc_opts.html#opt-nocursor
- 583. http://www.karlrunge.com/x11vnc/x11vnc_opts.html#opt-cursorpos
- 584. http://www.karlrunge.com/x11vnc/x11vnc_opts.html#opt-nocursorpos
- 585. http://www.karlrunge.com/x11vnc/x11vnc_opts.html#opt-nocursorshape
- 586. http://www.karlrunge.com/x11vnc/x11vnc_opts.html#opt-buttonmap
- 587. http://www.karlrunge.com/x11vnc/x11vnc_opts.html#opt-debug_pointer
- 588. http://www.karlrunge.com/x11vnc/x11vnc_opts.html#opt-buttonmap
- 589. http://www.karlrunge.com/x11vnc/x11vnc_opts.html#opt-modtweak
- 590. http://www.karlrunge.com/x11vnc/faq.html#faq-greaterless
- 591. http://www.karlrunge.com/x11vnc/faq.html#faq-xkbmodtweak
- 592. http://www.karlrunge.com/x11vnc/x11vnc_opts.html#opt-debug_keyboard
- 593. http://www.karlrunge.com/x11vnc/x11vnc_opts.html#opt-modtweak
- 594. http://www.karlrunge.com/x11vnc/x11vnc_opts.html#opt-xkb
- 595. http://www.karlrunge.com/x11vnc/x11vnc_opts.html#opt-sloppy_keys
- 596. http://www.karlrunge.com/x11vnc/x11vnc_opts.html#opt-modtweak
- 597. http://www.karlrunge.com/x11vnc/x11vnc_opts.html#opt-modtweak
- 598. http://www.karlrunge.com/x11vnc/x11vnc_opts.html#opt-remap
- 599. http://www.karlrunge.com/x11vnc/faq.html#faq-xkbmodtweak
- 600. http://www.karlrunge.com/x11vnc/x11vnc_opts.html#opt-debug_keyboard
- 601. http://www.karlrunge.com/x11vnc/faq.html#faq-greaterless
- 602. http://www.karlrunge.com/x11vnc/x11vnc_opts.html#opt-xkb
- 603. http://www.karlrunge.com/x11vnc/x11vnc_opts.html#opt-sloppy_keys
- 604. http://www.karlrunge.com/x11vnc/x11vnc_opts.html#opt-modtweak
- 605. http://www.karlrunge.com/x11vnc/x11vnc_opts.html#opt-xkb
- 606. http://www.karlrunge.com/x11vnc/x11vnc_opts.html#opt-xkb
- 607. http://www.karlrunge.com/x11vnc/x11vnc_opts.html#opt-skip_keycodes
- 608. http://www.karlrunge.com/x11vnc/x11vnc_opts.html#opt-remap
- 609. http://www.karlrunge.com/x11vnc/x11vnc_opts.html#opt-add_keysyms
- 610. http://www.karlrunge.com/x11vnc/x11vnc_opts.html#opt-remap
- 611. http://www.karlrunge.com/x11vnc/x11vnc_opts.html#opt-remap
- 612. http://www.karlrunge.com/x11vnc/x11vnc_opts.html#opt-add_keysyms
- 613. http://www.karlrunge.com/x11vnc/x11vnc_opts.html#opt-norepeat
- 614. http://www.karlrunge.com/x11vnc/x11vnc_opts.html#opt-norepeat
- 615. http://www.karlrunge.com/x11vnc/faq.html#faq-display-manager
- 616. http://www.karlrunge.com/x11vnc/x11vnc_opts.html#opt-clear_mods
+ 494. http://www.karlrunge.com/x11vnc/x11vnc_opts.html#opt-noshm
+ 495. http://www.karlrunge.com/x11vnc/faq.html#faq-noshm
+ 496. http://www.karlrunge.com/x11vnc/x11vnc_opts.html#opt-nap
+ 497. http://www.karlrunge.com/x11vnc/x11vnc_opts.html#opt-wait
+ 498. http://www.karlrunge.com/x11vnc/x11vnc_opts.html#opt-sb
+ 499. http://www.karlrunge.com/x11vnc/x11vnc_opts.html#opt-onetile
+ 500. http://www.karlrunge.com/x11vnc/x11vnc_opts.html#opt-fs
+ 501. http://www.karlrunge.com/x11vnc/x11vnc_opts.html#opt-threads
+ 502. http://www.karlrunge.com/x11vnc/x11vnc_opts.html#opt-defer
+ 503. http://www.karlrunge.com/x11vnc/x11vnc_opts.html#opt-id
+ 504. http://www.karlrunge.com/x11vnc/index.html#fb_read_slow
+ 505. http://www.karlrunge.com/x11vnc/faq.html#faq-turbovnc
+ 506. http://www.karlrunge.com/x11vnc/x11vnc_opts.html#opt-solid
+ 507. http://www.karlrunge.com/x11vnc/x11vnc_opts.html#opt-scrollcopyrect
+ 508. http://www.karlrunge.com/x11vnc/x11vnc_opts.html#opt-wireframe
+ 509. http://www.tightvnc.com/
+ 510. http://www.karlrunge.com/x11vnc/ssvnc.html
+ 511. http://www.karlrunge.com/x11vnc/x11vnc_opts.html#opt-wireframe
+ 512. http://www.karlrunge.com/x11vnc/x11vnc_opts.html#opt-scrollcopyrect
+ 513. http://www.karlrunge.com/x11vnc/x11vnc_opts.html#opt-solid
+ 514. http://www.karlrunge.com/x11vnc/faq.html#faq-client-caching
+ 515. http://www.karlrunge.com/x11vnc/x11vnc_opts.html#opt-ncache
+ 516. http://www.karlrunge.com/x11vnc/x11vnc_opts.html#opt-speeds
+ 517. http://www.karlrunge.com/x11vnc/x11vnc_opts.html#opt-nodragging
+ 518. http://www.karlrunge.com/x11vnc/x11vnc_opts.html#opt-fs
+ 519. http://www.karlrunge.com/x11vnc/x11vnc_opts.html#opt-wait
+ 520. http://www.karlrunge.com/x11vnc/x11vnc_opts.html#opt-defer
+ 521. http://www.karlrunge.com/x11vnc/x11vnc_opts.html#opt-progressive
+ 522. http://www.karlrunge.com/x11vnc/x11vnc_opts.html#opt-id
+ 523. http://www.karlrunge.com/x11vnc/x11vnc_opts.html#opt-appshare
+ 524. http://www.karlrunge.com/x11vnc/x11vnc_opts.html#opt-nosel
+ 525. http://www.karlrunge.com/x11vnc/x11vnc_opts.html#opt-nocursor
+ 526. http://www.karlrunge.com/x11vnc/x11vnc_opts.html#opt-nocursorpos
+ 527. http://www.karlrunge.com/x11vnc/x11vnc_opts.html#opt-readtimeout
+ 528. http://www.karlrunge.com/x11vnc/x11vnc_opts.html#opt-fixscreen
+ 529. http://www.karlrunge.com/x11vnc/index.html#fb_read_slow
+ 530. http://www.karlrunge.com/x11vnc/x11vnc_opts.html#opt-xd_area
+ 531. http://www.karlrunge.com/x11vnc/x11vnc_opts.html#opt-xd_mem
+ 532. http://www.karlrunge.com/x11vnc/x11vnc_opts.html#opt-noxdamage
+ 533. http://www.karlrunge.com/x11vnc/x11vnc_opts.html#opt-noxdamage
+ 534. http://minimyth.org/
+ 535. http://www.karlrunge.com/x11vnc/faq.html#faq-beryl
+ 536. http://www.karlrunge.com/x11vnc/index.html#fb_read_slow
+ 537. http://www.karlrunge.com/x11vnc/x11vnc_opts.html#opt-pointer_mode
+ 538. http://www.karlrunge.com/x11vnc/x11vnc_opts.html#opt-pointer_mode
+ 539. http://www.karlrunge.com/x11vnc/x11vnc_opts.html#opt-nodragging
+ 540. http://www.karlrunge.com/x11vnc/x11vnc_opts.html#opt-pointer_mode
+ 541. http://www.karlrunge.com/x11vnc/x11vnc_opts.html#opt-threads
+ 542. http://www.karlrunge.com/x11vnc/faq.html#faq-wireframe
+ 543. http://www.karlrunge.com/x11vnc/faq.html#faq-scrollcopyrect
+ 544. http://www.karlrunge.com/x11vnc/faq.html#faq-pointer-mode
+ 545. http://www.karlrunge.com/x11vnc/index.html#fb_read_slow
+ 546. http://www.karlrunge.com/x11vnc/x11vnc_opts.html#opt-wireframe
+ 547. http://www.karlrunge.com/x11vnc/x11vnc_opts.html#opt-wireframe
+ 548. http://www.karlrunge.com/x11vnc/x11vnc_opts.html#opt-wireframe
+ 549. http://www.karlrunge.com/x11vnc/index.html#fb_read_slow
+ 550. http://www.karlrunge.com/x11vnc/x11vnc_opts.html#opt-scrollcopyrect
+ 551. http://www.karlrunge.com/x11vnc/x11vnc_opts.html#opt-wireframe
+ 552. http://www.karlrunge.com/x11vnc/x11vnc_opts.html#opt-wirecopyrect
+ 553. http://www.karlrunge.com/x11vnc/faq.html#faq-wireframe
+ 554. http://www.karlrunge.com/x11vnc/x11vnc_opts.html#opt-fixscreen
+ 555. http://www.karlrunge.com/x11vnc/x11vnc_opts.html#opt-scr_skip
+ 556. http://www.karlrunge.com/x11vnc/x11vnc_opts.html#opt-scale
+ 557. http://www.karlrunge.com/x11vnc/x11vnc_opts.html#opt-scrollcopyrect
+ 558. http://www.karlrunge.com/x11vnc/index.html#beta-test
+ 559. http://www.karlrunge.com/x11vnc/x11vnc_opts.html#opt-ncache
+ 560. http://www.karlrunge.com/x11vnc/ssvnc.html
+ 561. http://www.karlrunge.com/x11vnc/ssvnc.html#ycrop
+ 562. http://www.karlrunge.com/x11vnc/x11vnc_opts.html#opt-ncache_no_rootpixmap
+ 563. http://www.karlrunge.com/x11vnc/x11vnc_opts.html#opt-ncache_cr
+ 564. http://www.virtualgl.org/About/TurboVNC
+ 565. http://www.virtualgl.org/
+ 566. http://sourceforge.net/project/showfiles.php?group_id=117509&package_id=166100
+ 567. http://www.karlrunge.com/x11vnc/x11vnc_opts.html#opt-wait
+ 568. http://www.karlrunge.com/x11vnc/x11vnc_opts.html#opt-defer
+ 569. http://sourceforge.net/project/showfiles.php?group_id=117509&package_id=166100
+ 570. http://www.karlrunge.com/x11vnc/ssvnc.html
+ 571. http://www.karlrunge.com/x11vnc/bins
+ 572. http://www.karlrunge.com/x11vnc/ssvnc.html
+ 573. http://www.virtualgl.org/About/Reports
+ 574. http://www.karlrunge.com/x11vnc/index.html#fb_read_slow
+ 575. http://www.karlrunge.com/x11vnc/x11vnc_opts.html#opt-cursor
+ 576. http://www.karlrunge.com/x11vnc/x11vnc_opts.html#opt-cursor
+ 577. http://www.karlrunge.com/x11vnc/x11vnc_opts.html#opt-overlay
+ 578. http://www.karlrunge.com/x11vnc/faq.html#infaq_the-overlay-mode
+ 579. http://www.karlrunge.com/x11vnc/index.html#solaris10-build
+ 580. http://www.karlrunge.com/x11vnc/faq.html#faq-xfixes-alpha-hacks
+ 581. http://www.karlrunge.com/x11vnc/x11vnc_opts.html#opt-alphacut
+ 582. http://www.karlrunge.com/x11vnc/x11vnc_opts.html#opt-alphafrac
+ 583. http://www.karlrunge.com/x11vnc/x11vnc_opts.html#opt-alpharemove
+ 584. http://www.karlrunge.com/x11vnc/x11vnc_opts.html#opt-nocursorshape
+ 585. http://www.karlrunge.com/x11vnc/x11vnc_opts.html#opt-noalphablend
+ 586. http://www.karlrunge.com/x11vnc/ssvnc.html
+ 587. http://www.tightvnc.com/
+ 588. http://www.karlrunge.com/x11vnc/x11vnc_opts.html#opt-nocursor
+ 589. http://www.karlrunge.com/x11vnc/x11vnc_opts.html#opt-cursorpos
+ 590. http://www.karlrunge.com/x11vnc/x11vnc_opts.html#opt-nocursorpos
+ 591. http://www.karlrunge.com/x11vnc/x11vnc_opts.html#opt-nocursorshape
+ 592. http://www.karlrunge.com/x11vnc/x11vnc_opts.html#opt-buttonmap
+ 593. http://www.karlrunge.com/x11vnc/x11vnc_opts.html#opt-debug_pointer
+ 594. http://www.karlrunge.com/x11vnc/x11vnc_opts.html#opt-buttonmap
+ 595. http://www.karlrunge.com/x11vnc/x11vnc_opts.html#opt-modtweak
+ 596. http://www.karlrunge.com/x11vnc/faq.html#faq-greaterless
+ 597. http://www.karlrunge.com/x11vnc/faq.html#faq-xkbmodtweak
+ 598. http://www.karlrunge.com/x11vnc/x11vnc_opts.html#opt-debug_keyboard
+ 599. http://www.karlrunge.com/x11vnc/x11vnc_opts.html#opt-modtweak
+ 600. http://www.karlrunge.com/x11vnc/x11vnc_opts.html#opt-xkb
+ 601. http://www.karlrunge.com/x11vnc/x11vnc_opts.html#opt-sloppy_keys
+ 602. http://www.karlrunge.com/x11vnc/x11vnc_opts.html#opt-modtweak
+ 603. http://www.karlrunge.com/x11vnc/x11vnc_opts.html#opt-modtweak
+ 604. http://www.karlrunge.com/x11vnc/x11vnc_opts.html#opt-remap
+ 605. http://www.karlrunge.com/x11vnc/faq.html#faq-xkbmodtweak
+ 606. http://www.karlrunge.com/x11vnc/x11vnc_opts.html#opt-debug_keyboard
+ 607. http://www.karlrunge.com/x11vnc/faq.html#faq-greaterless
+ 608. http://www.karlrunge.com/x11vnc/x11vnc_opts.html#opt-xkb
+ 609. http://www.karlrunge.com/x11vnc/x11vnc_opts.html#opt-sloppy_keys
+ 610. http://www.karlrunge.com/x11vnc/x11vnc_opts.html#opt-modtweak
+ 611. http://www.karlrunge.com/x11vnc/x11vnc_opts.html#opt-xkb
+ 612. http://www.karlrunge.com/x11vnc/x11vnc_opts.html#opt-xkb
+ 613. http://www.karlrunge.com/x11vnc/x11vnc_opts.html#opt-skip_keycodes
+ 614. http://www.karlrunge.com/x11vnc/x11vnc_opts.html#opt-remap
+ 615. http://www.karlrunge.com/x11vnc/x11vnc_opts.html#opt-add_keysyms
+ 616. http://www.karlrunge.com/x11vnc/x11vnc_opts.html#opt-remap
  617. http://www.karlrunge.com/x11vnc/x11vnc_opts.html#opt-remap
- 618. http://www.karlrunge.com/x11vnc/faq.html#faq-remap-capslock
- 619. http://www.karlrunge.com/x11vnc/x11vnc_opts.html#opt-skip_lockkeys
- 620. http://www.karlrunge.com/x11vnc/x11vnc_opts.html#opt-capslock
- 621. http://www.karlrunge.com/x11vnc/x11vnc_opts.html#opt-clear_all
- 622. http://www.karlrunge.com/x11vnc/x11vnc_opts.html#opt-remap
+ 618. http://www.karlrunge.com/x11vnc/x11vnc_opts.html#opt-add_keysyms
+ 619. http://www.karlrunge.com/x11vnc/x11vnc_opts.html#opt-norepeat
+ 620. http://www.karlrunge.com/x11vnc/x11vnc_opts.html#opt-norepeat
+ 621. http://www.karlrunge.com/x11vnc/faq.html#faq-display-manager
+ 622. http://www.karlrunge.com/x11vnc/x11vnc_opts.html#opt-clear_mods
  623. http://www.karlrunge.com/x11vnc/x11vnc_opts.html#opt-remap
- 624. http://www.karlrunge.com/x11vnc/x11vnc_opts.html#opt-nomodtweak
- 625. http://www.karlrunge.com/x11vnc/x11vnc_opts.html#opt-remap
- 626. http://www.karlrunge.com/x11vnc/x11vnc_opts.html#opt-remap
- 627. http://www.karlrunge.com/x11vnc/x11vnc_opts.html#opt-skip_lockkeys
+ 624. http://www.karlrunge.com/x11vnc/faq.html#faq-remap-capslock
+ 625. http://www.karlrunge.com/x11vnc/x11vnc_opts.html#opt-skip_lockkeys
+ 626. http://www.karlrunge.com/x11vnc/x11vnc_opts.html#opt-capslock
+ 627. http://www.karlrunge.com/x11vnc/x11vnc_opts.html#opt-clear_all
  628. http://www.karlrunge.com/x11vnc/x11vnc_opts.html#opt-remap
- 629. http://www.karlrunge.com/x11vnc/x11vnc_opts.html#opt-nomodtweak
- 630. http://www.karlrunge.com/x11vnc/x11vnc_opts.html#opt-capslock
- 631. http://www.karlrunge.com/x11vnc/x11vnc_opts.html#opt-clear_all
- 632. http://www.karlrunge.com/x11vnc/faq.html#faq-scaling
- 633. http://www.karlrunge.com/x11vnc/x11vnc_opts.html#opt-scale
- 634. http://people.pwf.cam.ac.uk/ssb22/setup/vnc-magnification.html
- 635. http://www.karlrunge.com/x11vnc/x11vnc_opts.html#opt-rfbport
- 636. http://www.karlrunge.com/x11vnc/x11vnc_opts.html#opt-gui
- 637. http://www.karlrunge.com/x11vnc/x11vnc_opts.html#opt-connect
- 638. http://www.karlrunge.com/x11vnc/x11vnc_opts.html#opt-scale_cursor
- 639. http://www.karlrunge.com/x11vnc/x11vnc_opts.html#opt-blackout
- 640. http://www.karlrunge.com/x11vnc/x11vnc_opts.html#opt-xinerama
- 641. http://www.karlrunge.com/x11vnc/x11vnc_opts.html#opt-xinerama
- 642. http://www.karlrunge.com/x11vnc/x11vnc_opts.html#opt-xwarppointer
- 643. http://www.karlrunge.com/x11vnc/x11vnc_opts.html#opt-xwarppointer
- 644. http://www.karlrunge.com/x11vnc/faq.html#faq-solshm
- 645. http://www.karlrunge.com/x11vnc/x11vnc_opts.html#opt-onetile
- 646. http://www.karlrunge.com/x11vnc/x11vnc_opts.html#opt-noshm
- 647. http://www.karlrunge.com/x11vnc/x11vnc_opts.html#opt-clip
- 648. http://www.karlrunge.com/x11vnc/faq.html#faq-xinerama
- 649. http://www.karlrunge.com/x11vnc/x11vnc_opts.html#opt-id
- 650. http://www.karlrunge.com/x11vnc/x11vnc_opts.html#opt-id
- 651. http://www.karlrunge.com/x11vnc/x11vnc_opts.html#opt-xrandr
- 652. http://www.karlrunge.com/x11vnc/x11vnc_opts.html#opt-padgeom
- 653. http://www.karlrunge.com/x11vnc/ssvnc.html
- 654. http://www.karlrunge.com/x11vnc/x11vnc_opts.html#opt-rotate
- 655. http://www.jwz.org/xscreensaver/man1.html
- 656. http://www.karlrunge.com/x11vnc/x11vnc_opts.html#opt-nodpms
- 657. http://www.beryl-project.org/
- 658. http://www.karlrunge.com/x11vnc/x11vnc_opts.html#opt-noxdamage
- 659. http://www.dslinux.org/blogs/pepsiman/?p=73
- 660. http://minimyth.org/
- 661. http://www.karlrunge.com/x11vnc/faq.html#faq-linuxvc
- 662. http://www.karlrunge.com/x11vnc/faq.html#faq-rawfb
- 663. http://www.karlrunge.com/x11vnc/faq.html#faq-linuxvc
- 664. http://www.karlrunge.com/x11vnc/x11vnc_opts.html#opt-id
- 665. http://www.karlrunge.com/x11vnc/x11vnc_opts.html#opt-rawfb
- 666. http://www.karlrunge.com/x11vnc/x11vnc_opts.html#opt-pipeinput
- 667. http://www.karlrunge.com/x11vnc/x11vnc_opts.html#opt-pipeinput
- 668. http://www.karlrunge.com/x11vnc/x11vnc_opts.html#opt-snapfb
- 669. http://www.karlrunge.com/x11vnc/faq.html#faq-video
- 670. http://www.karlrunge.com/x11vnc/faq.html#faq-xvfb
- 671. http://www.karlrunge.com/x11vnc/faq.html#faq-qt-embedded
- 672. http://www.karlrunge.com/x11vnc/faq.html#faq-video
- 673. http://www.karlrunge.com/x11vnc/x11vnc_opts.html#opt-rawfb
- 674. http://www.karlrunge.com/x11vnc/faq.html#faq-video
- 675. http://www.karlrunge.com/x11vnc/faq.html#faq-linuxvc
- 676. http://www.karlrunge.com/x11vnc/faq.html#faq-qt-embedded
- 677. http://www.karlrunge.com/x11vnc/faq.html#faq-vmware
- 678. http://www.karlrunge.com/x11vnc/x11vnc_opts.html#opt-rawfb
- 679. http://www.karlrunge.com/x11vnc/faq.html#faq-rawfb
- 680. http://www.karlrunge.com/x11vnc/x11vnc_opts.html#opt-snapfb
- 681. http://www.karlrunge.com/x11vnc/x11vnc_opts.html#opt-24to32
- 682. http://www.karlrunge.com/x11vnc/x11vnc_opts.html#opt-wait
- 683. http://www.karlrunge.com/x11vnc/x11vnc_opts.html#opt-slow_fb
- 684. http://www.karlrunge.com/x11vnc/x11vnc_opts.html#opt-defer
- 685. http://www.karlrunge.com/x11vnc/x11vnc_opts.html#opt-freqtab
- 686. http://www.karlrunge.com/x11vnc/faq.html#faq-rawfb
- 687. http://www.karlrunge.com/x11vnc/x11vnc_opts.html#opt-pipeinput
- 688. http://www.karlrunge.com/x11vnc/x11vnc_opts.html#opt-pipeinput
- 689. http://www.karlrunge.com/x11vnc/x11vnc_opts.html#opt-rawfb
- 690. http://www.karlrunge.com/x11vnc/x11vnc_opts.html#opt-rawfb
- 691. http://www.testplant.com/products/vine_server/OS_X
- 692. http://www.apple.com/remotedesktop/
- 693. http://www.karlrunge.com/x11vnc/x11vnc_opts.html#opt-id
- 694. http://www.karlrunge.com/x11vnc/x11vnc_opts.html#opt-nofb
- 695. http://fredrik.hubbe.net/x2vnc.html
- 696. http://www.karlrunge.com/x11vnc/faq.html#faq-win2vnc
- 697. http://www.karlrunge.com/x11vnc/x11vnc_opts.html#opt-reflect
- 698. http://www.karlrunge.com/x11vnc/x11vnc_opts.html#opt-rawfb
- 699. http://www.karlrunge.com/x11vnc/x11vnc_opts.html#opt-nodragging
- 700. http://sourceforge.net/projects/vnc-reflector/
- 701. http://www.tightvnc.com/projector/
- 702. http://www.karlrunge.com/x11vnc/x11vnc_opts.html#opt-connect
- 703. http://www.karlrunge.com/x11vnc/faq.html#faq-display-manager
- 704. http://www.karlrunge.com/x11vnc/faq.html#faq-display-manager
- 705. http://www.karlrunge.com/x11vnc/x11vnc_opts.html#opt-connect
- 706. http://www.jwz.org/doc/x-cut-and-paste.html
- 707. http://www.karlrunge.com/x11vnc/x11vnc_opts.html#opt-nosel
- 708. http://www.karlrunge.com/x11vnc/x11vnc_opts.html#opt-noprimary
- 709. http://www.karlrunge.com/x11vnc/x11vnc_opts.html#opt-noclipboard
- 710. http://www.karlrunge.com/x11vnc/x11vnc_opts.html#opt-nosetprimary
- 711. http://www.karlrunge.com/x11vnc/x11vnc_opts.html#opt-nosetclipboard
- 712. http://www.karlrunge.com/x11vnc/x11vnc_opts.html#opt-seldir
- 713. http://www.karlrunge.com/x11vnc/x11vnc_opts.html#opt-input
- 714. http://www.unixuser.org/~euske/vnc2swf/
- 715. http://wolphination.com/linux/2006/06/30/how-to-record-videos-of-your-desktop/
- 716. http://www.karlrunge.com/x11vnc/ssvnc.html
- 717. http://www.karlrunge.com/x11vnc/x11vnc_opts.html#opt-tightfilexfer
- 718. http://www.karlrunge.com/x11vnc/x11vnc_opts.html#opt-users
- 719. http://www.karlrunge.com/x11vnc/x11vnc_opts.html#opt-ultrafilexfer
- 720. http://www.karlrunge.com/x11vnc/ssvnc.html
- 721. http://www.karlrunge.com/x11vnc/x11vnc_opts.html#opt-noultraext
- 722. http://www.karlrunge.com/x11vnc/x11vnc_opts.html#opt-noserverdpms
- 723. http://www.uvnc.com/addons/repeater.html
- 724. http://www.karlrunge.com/x11vnc/x11vnc_opts.html#opt-connect
- 725. http://www.karlrunge.com/x11vnc/ultravnc_repeater.pl
- 726. http://www.uvnc.com/addons/singleclick.html
- 727. http://www.karlrunge.com/x11vnc/faq.html#faq-macosx
- 728. http://www.karlrunge.com/x11vnc/single-click.html
- 729. http://www.karlrunge.com/x11vnc/single-click.html
- 730. http://www.karlrunge.com/x11vnc/index.html#firewalls
- 731. http://sc.uvnc.com/
- 732. http://www.karlrunge.com/x11vnc/ssvnc.html
- 733. http://www.karlrunge.com/x11vnc/x11vnc_opts.html#opt-ssl
+ 629. http://www.karlrunge.com/x11vnc/x11vnc_opts.html#opt-remap
+ 630. http://www.karlrunge.com/x11vnc/x11vnc_opts.html#opt-nomodtweak
+ 631. http://www.karlrunge.com/x11vnc/x11vnc_opts.html#opt-remap
+ 632. http://www.karlrunge.com/x11vnc/x11vnc_opts.html#opt-remap
+ 633. http://www.karlrunge.com/x11vnc/x11vnc_opts.html#opt-skip_lockkeys
+ 634. http://www.karlrunge.com/x11vnc/x11vnc_opts.html#opt-remap
+ 635. http://www.karlrunge.com/x11vnc/x11vnc_opts.html#opt-nomodtweak
+ 636. http://www.karlrunge.com/x11vnc/x11vnc_opts.html#opt-capslock
+ 637. http://www.karlrunge.com/x11vnc/x11vnc_opts.html#opt-clear_all
+ 638. http://www.karlrunge.com/x11vnc/faq.html#faq-scaling
+ 639. http://www.karlrunge.com/x11vnc/x11vnc_opts.html#opt-scale
+ 640. http://people.pwf.cam.ac.uk/ssb22/setup/vnc-magnification.html
+ 641. http://www.karlrunge.com/x11vnc/x11vnc_opts.html#opt-rfbport
+ 642. http://www.karlrunge.com/x11vnc/x11vnc_opts.html#opt-gui
+ 643. http://www.karlrunge.com/x11vnc/x11vnc_opts.html#opt-connect
+ 644. http://www.karlrunge.com/x11vnc/x11vnc_opts.html#opt-scale_cursor
+ 645. http://www.karlrunge.com/x11vnc/x11vnc_opts.html#opt-blackout
+ 646. http://www.karlrunge.com/x11vnc/x11vnc_opts.html#opt-xinerama
+ 647. http://www.karlrunge.com/x11vnc/x11vnc_opts.html#opt-xinerama
+ 648. http://www.karlrunge.com/x11vnc/x11vnc_opts.html#opt-xwarppointer
+ 649. http://www.karlrunge.com/x11vnc/x11vnc_opts.html#opt-xwarppointer
+ 650. http://www.karlrunge.com/x11vnc/faq.html#faq-solshm
+ 651. http://www.karlrunge.com/x11vnc/x11vnc_opts.html#opt-onetile
+ 652. http://www.karlrunge.com/x11vnc/x11vnc_opts.html#opt-noshm
+ 653. http://www.karlrunge.com/x11vnc/x11vnc_opts.html#opt-clip
+ 654. http://www.karlrunge.com/x11vnc/faq.html#faq-xinerama
+ 655. http://www.karlrunge.com/x11vnc/x11vnc_opts.html#opt-id
+ 656. http://www.karlrunge.com/x11vnc/x11vnc_opts.html#opt-id
+ 657. http://www.karlrunge.com/x11vnc/x11vnc_opts.html#opt-xrandr
+ 658. http://www.karlrunge.com/x11vnc/x11vnc_opts.html#opt-padgeom
+ 659. http://www.karlrunge.com/x11vnc/ssvnc.html
+ 660. http://www.karlrunge.com/x11vnc/x11vnc_opts.html#opt-rotate
+ 661. http://www.jwz.org/xscreensaver/man1.html
+ 662. http://www.karlrunge.com/x11vnc/x11vnc_opts.html#opt-nodpms
+ 663. http://www.beryl-project.org/
+ 664. http://www.karlrunge.com/x11vnc/x11vnc_opts.html#opt-noxdamage
+ 665. http://www.dslinux.org/blogs/pepsiman/?p=73
+ 666. http://minimyth.org/
+ 667. http://www.karlrunge.com/x11vnc/faq.html#faq-linuxvc
+ 668. http://www.karlrunge.com/x11vnc/faq.html#faq-rawfb
+ 669. http://www.karlrunge.com/x11vnc/faq.html#faq-linuxvc
+ 670. http://www.karlrunge.com/x11vnc/x11vnc_opts.html#opt-id
+ 671. http://www.karlrunge.com/x11vnc/x11vnc_opts.html#opt-rawfb
+ 672. http://www.karlrunge.com/x11vnc/x11vnc_opts.html#opt-pipeinput
+ 673. http://www.karlrunge.com/x11vnc/x11vnc_opts.html#opt-pipeinput
+ 674. http://www.karlrunge.com/x11vnc/x11vnc_opts.html#opt-snapfb
+ 675. http://www.karlrunge.com/x11vnc/faq.html#faq-video
+ 676. http://www.karlrunge.com/x11vnc/faq.html#faq-xvfb
+ 677. http://www.karlrunge.com/x11vnc/faq.html#faq-qt-embedded
+ 678. http://www.karlrunge.com/x11vnc/faq.html#faq-video
+ 679. http://www.karlrunge.com/x11vnc/x11vnc_opts.html#opt-rawfb
+ 680. http://www.karlrunge.com/x11vnc/faq.html#faq-video
+ 681. http://www.karlrunge.com/x11vnc/faq.html#faq-linuxvc
+ 682. http://www.karlrunge.com/x11vnc/faq.html#faq-qt-embedded
+ 683. http://www.karlrunge.com/x11vnc/faq.html#faq-vmware
+ 684. http://www.karlrunge.com/x11vnc/x11vnc_opts.html#opt-rawfb
+ 685. http://www.karlrunge.com/x11vnc/faq.html#faq-rawfb
+ 686. http://www.karlrunge.com/x11vnc/x11vnc_opts.html#opt-snapfb
+ 687. http://www.karlrunge.com/x11vnc/x11vnc_opts.html#opt-24to32
+ 688. http://www.karlrunge.com/x11vnc/x11vnc_opts.html#opt-wait
+ 689. http://www.karlrunge.com/x11vnc/x11vnc_opts.html#opt-slow_fb
+ 690. http://www.karlrunge.com/x11vnc/x11vnc_opts.html#opt-defer
+ 691. http://www.karlrunge.com/x11vnc/x11vnc_opts.html#opt-freqtab
+ 692. http://www.karlrunge.com/x11vnc/faq.html#faq-rawfb
+ 693. http://www.karlrunge.com/x11vnc/x11vnc_opts.html#opt-pipeinput
+ 694. http://www.karlrunge.com/x11vnc/x11vnc_opts.html#opt-pipeinput
+ 695. http://www.karlrunge.com/x11vnc/x11vnc_opts.html#opt-rawfb
+ 696. http://www.karlrunge.com/x11vnc/x11vnc_opts.html#opt-rawfb
+ 697. http://www.testplant.com/products/vine_server/OS_X
+ 698. http://www.apple.com/remotedesktop/
+ 699. http://www.karlrunge.com/x11vnc/x11vnc_opts.html#opt-id
+ 700. http://www.karlrunge.com/x11vnc/x11vnc_opts.html#opt-nofb
+ 701. http://fredrik.hubbe.net/x2vnc.html
+ 702. http://www.karlrunge.com/x11vnc/faq.html#faq-win2vnc
+ 703. http://www.karlrunge.com/x11vnc/x11vnc_opts.html#opt-reflect
+ 704. http://www.karlrunge.com/x11vnc/x11vnc_opts.html#opt-rawfb
+ 705. http://www.karlrunge.com/x11vnc/x11vnc_opts.html#opt-nodragging
+ 706. http://sourceforge.net/projects/vnc-reflector/
+ 707. http://www.tightvnc.com/projector/
+ 708. http://www.karlrunge.com/x11vnc/x11vnc_opts.html#opt-connect
+ 709. http://www.karlrunge.com/x11vnc/faq.html#faq-display-manager
+ 710. http://www.karlrunge.com/x11vnc/faq.html#faq-display-manager
+ 711. http://www.karlrunge.com/x11vnc/x11vnc_opts.html#opt-connect
+ 712. http://www.jwz.org/doc/x-cut-and-paste.html
+ 713. http://www.karlrunge.com/x11vnc/x11vnc_opts.html#opt-nosel
+ 714. http://www.karlrunge.com/x11vnc/x11vnc_opts.html#opt-noprimary
+ 715. http://www.karlrunge.com/x11vnc/x11vnc_opts.html#opt-noclipboard
+ 716. http://www.karlrunge.com/x11vnc/x11vnc_opts.html#opt-nosetprimary
+ 717. http://www.karlrunge.com/x11vnc/x11vnc_opts.html#opt-nosetclipboard
+ 718. http://www.karlrunge.com/x11vnc/x11vnc_opts.html#opt-seldir
+ 719. http://www.karlrunge.com/x11vnc/x11vnc_opts.html#opt-input
+ 720. http://www.unixuser.org/~euske/vnc2swf/
+ 721. http://wolphination.com/linux/2006/06/30/how-to-record-videos-of-your-desktop/
+ 722. http://www.karlrunge.com/x11vnc/ssvnc.html
+ 723. http://www.karlrunge.com/x11vnc/x11vnc_opts.html#opt-tightfilexfer
+ 724. http://www.karlrunge.com/x11vnc/x11vnc_opts.html#opt-users
+ 725. http://www.karlrunge.com/x11vnc/x11vnc_opts.html#opt-ultrafilexfer
+ 726. http://www.karlrunge.com/x11vnc/ssvnc.html
+ 727. http://www.karlrunge.com/x11vnc/x11vnc_opts.html#opt-noultraext
+ 728. http://www.karlrunge.com/x11vnc/x11vnc_opts.html#opt-noserverdpms
+ 729. http://www.uvnc.com/addons/repeater.html
+ 730. http://www.karlrunge.com/x11vnc/x11vnc_opts.html#opt-connect
+ 731. http://www.karlrunge.com/x11vnc/ultravnc_repeater.pl
+ 732. http://www.uvnc.com/addons/singleclick.html
+ 733. http://www.karlrunge.com/x11vnc/faq.html#faq-macosx
  734. http://www.karlrunge.com/x11vnc/single-click.html
- 735. http://www.karlrunge.com/x11vnc/ssvnc.html
- 736. http://www.karlrunge.com/x11vnc/single-click.html
- 737. http://www.karlrunge.com/x11vnc/ssl.html
- 738. http://www.karlrunge.com/x11vnc/single-click.html
- 739. http://www.karlrunge.com/x11vnc/single-click.html#libssl-problems
- 740. http://www.samba.org/
+ 735. http://www.karlrunge.com/x11vnc/single-click.html
+ 736. http://www.karlrunge.com/x11vnc/index.html#firewalls
+ 737. http://sc.uvnc.com/
+ 738. http://www.karlrunge.com/x11vnc/ssvnc.html
+ 739. http://www.karlrunge.com/x11vnc/x11vnc_opts.html#opt-ssl
+ 740. http://www.karlrunge.com/x11vnc/single-click.html
  741. http://www.karlrunge.com/x11vnc/ssvnc.html
- 742. http://www.cups.org/
- 743. http://www.karlrunge.com/x11vnc/ssvnc.html
- 744. http://www.karlrunge.com/x11vnc/ssvnc.html
- 745. http://www.karlrunge.com/x11vnc/x11vnc_opts.html#opt-nobell
- 746. http://www.karlrunge.com/x11vnc/faq.html#faq-sound
- 747. http://www.karlrunge.com/x11vnc/faq.html#faq-inetd
- 748. http://jungla.dit.upm.es/~acosta/paginas/vncIPv6.html
+ 742. http://www.karlrunge.com/x11vnc/single-click.html
+ 743. http://www.karlrunge.com/x11vnc/ssl.html
+ 744. http://www.karlrunge.com/x11vnc/single-click.html
+ 745. http://www.karlrunge.com/x11vnc/single-click.html#libssl-problems
+ 746. http://www.samba.org/
+ 747. http://www.karlrunge.com/x11vnc/ssvnc.html
+ 748. http://www.cups.org/
+ 749. http://www.karlrunge.com/x11vnc/ssvnc.html
+ 750. http://www.karlrunge.com/x11vnc/ssvnc.html
+ 751. http://www.karlrunge.com/x11vnc/x11vnc_opts.html#opt-nobell
+ 752. http://www.karlrunge.com/x11vnc/faq.html#faq-sound
+ 753. http://www.karlrunge.com/x11vnc/faq.html#faq-inetd
+ 754. http://www.karlrunge.com/x11vnc/inet6to4
 	
 =======================================================================
 http://www.karlrunge.com/x11vnc/chainingssh.html:
@@ -11220,11 +11357,21 @@ http://www.karlrunge.com/x11vnc/ssl-portal.html:
    ([2]ss_vncviewer) can also take advantage of the method described here
    with its -proxy option.
 
-   Simpler Solutions: This apache solution may be too much for you. It is
-   mainly intended for automatically redirecting to MULTIPLE workstations
-   inside the firewall. If you only have one inside machine that you want
-   to access, the method described here is overly complicated. See
-   [3]below for some simpler (and still non-SSH) encrypted setups.
+     _________________________________________________________________
+
+   Simpler Solutions: This apache SSL VNC portal solution may be too much
+   for you. It is mainly intended for automatically redirecting to
+   MULTIPLE workstations inside the firewall. If you only have one or two
+   inside machines that you want to access, the method described here is
+   overly complicated! See [3]below for some simpler (and still non-SSH)
+   encrypted setups.
+
+   Also see the recent (Mar/2010) [4]desktop.cgi x11vnc desktop web login
+   CGI script that achieves much of what the method describes here
+   (especially if its 'port redirection' feature is enabled.)
+     _________________________________________________________________
+
+
 
    There are numerous ways to achieve this with Apache. We present one of
    the simplest ones here.
@@ -11232,7 +11379,7 @@ http://www.karlrunge.com/x11vnc/ssl-portal.html:
    Important: these sorts of schemes allow incoming connections from
    anywhere on the Internet to fixed ports on machines inside the
    firewall. Care must be taken to implement and test thoroughly. If one
-   is paranoid one can (and should) add [4]extra layers of protection.
+   is paranoid one can (and should) add [5]extra layers of protection.
    (e.g. extra passwords, packet filtering, SSL certificate verification,
    etc).
 
@@ -11259,7 +11406,7 @@ http://www.karlrunge.com/x11vnc/ssl-portal.html:
    It is the last item that makes it tricky (otherwise the method
    described on this page will work). If you are interested in such a
    solution and are willing to run a separate helper program
-   (connect_switch) [5]look here. Also, see [6]this apache patch.
+   (connect_switch) [6]look here. Also, see [7]this apache patch.
      _________________________________________________________________
 
    Example:
@@ -11276,7 +11423,7 @@ http://www.karlrunge.com/x11vnc/ssl-portal.html:
    In this example suppose the gateway machine running apache is named
    "www.gateway.east" (e.g. it may also provide normal web service). We
    also choose the Internet-facing port for this VNC service to be port
-   563. One could choose any port, including the [7]default HTTP port 80.
+   563. One could choose any port, including the [8]default HTTP port 80.
 
    Detail: We choose 563 because it is the rarely used SNEWS port that is
    often allowed by Web proxies for the CONNECT method. The idea is the
@@ -11301,8 +11448,8 @@ http://www.karlrunge.com/x11vnc/ssl-portal.html:
 
    i.e. we force SSL VNC connections, port 5915, serve the Java VNC
    viewer applet, and require a VNC password (another option would be
-   [8]-unixpw). The above command could also be run out of [9]inetd(8).
-   It can also be used to [10]autodetect the user's display and
+   [9]-unixpw). The above command could also be run out of [10]inetd(8).
+   It can also be used to [11]autodetect the user's display and
    Xauthority data.
 
 
@@ -11434,7 +11581,7 @@ hostname2  15
 
    This will involve downloading a signed java viewer applet jar file
    that is able to interact with the internal proxy for the VNC
-   connection. See [11]this FAQ for more info on how this works. Note:
+   connection. See [12]this FAQ for more info on how this works. Note:
    sometimes with the Proxy case if you see 'Bad Gateway' error you will
    have to wait 10 or so seconds and then hit reload. This seems to be
    due to having to wait for a Connection Keepalive to terminate...
@@ -11506,7 +11653,7 @@ blah,blah...
    of a outgoing proxy socket connection. Use it only if the Web browser
    is inside a separate Web proxying environment (i.e. large corporation)
 
-   The rewrites with parameter urlPrefix are described under [12]Tricks
+   The rewrites with parameter urlPrefix are described under [13]Tricks
    for Better Response. The "trust" ones (also described under Tricks)
    with trustAllVncCerts tell the Java VNC applet to skip a dialog asking
    about the VNC Certificate. They are a bit faster and more reliable
@@ -11535,7 +11682,7 @@ blah,blah...
    are not encrypted via SSL, and so in principle could be tampered with
    by a really bad guy. The subsequent VNC connection, however, is
    encrypted through a single SSL connection (it makes a CONNECT straight
-   to x11vnc). [13]See below for how to have these initial downloads
+   to x11vnc). [14]See below for how to have these initial downloads
    encrypted as well (if the apache web server has SSL/mod_ssl, i.e.
    https, enabled and configured).
 
@@ -11544,36 +11691,36 @@ blah,blah...
    certificate 'always'). This is because an applet it cannot open local
    files, etc. Sadly, the applet cannot even remember certificates in the
    same browser session because it is completely reinitialized for each
-   connection (see [14]below).
+   connection (see [15]below).
 
      _________________________________________________________________
 
    Too Much?
 
    If these apache rules are a little too much for you, there is a little
-   bit [15]simpler scheme where you have to list each of the individual
+   bit [16]simpler scheme where you have to list each of the individual
    machines in the httpd.conf and ssl.conf files. It may be a little more
    typing to maintain, but perhaps being more straight forward (less
    RewriteRule's) is desirable.
 
      _________________________________________________________________
 
-   Problems:
+   Problems?
 
    To see example x11vnc output for a successful https://host:5900/
-   connection with the Java Applet see [16]This Page.
+   connection with the Java Applet see [17]This Page.
 
      _________________________________________________________________
 
    Some Ideas for adding extra authentication, etc. for the paranoid:
-     * VNC passwords: [17]-rfbauth, [18]-passwdfile, or [19]-usepw. Even
+     * VNC passwords: [18]-rfbauth, [19]-passwdfile, or [20]-usepw. Even
        adding a simple company-wide VNC password helps block unwanted
        access.
-     * Unix passwords: [20]-unixpw
-     * SSL Client certificates: [21]-sslverify
+     * Unix passwords: [21]-unixpw
+     * SSL Client certificates: [22]-sslverify
      * Apache AuthUserFile directive: .htaccess, etc.
      * Filter connections based on IP address or hostname.
-     * Use Port-knocking on your firewall as described in: [22]Enhanced
+     * Use Port-knocking on your firewall as described in: [23]Enhanced
        TightVNC Viewer (ssvnc).
      * Add proxy password authentication (requires Viewer changes?)
      * Run a separate instance of Apache that provides this VNC service
@@ -11588,7 +11735,7 @@ blah,blah...
 
    Using non-Java viewers with this scheme:
 
-   The [23]ss_vncviewer stunnel wrapper script for VNC viewers has the
+   The [24]ss_vncviewer stunnel wrapper script for VNC viewers has the
    -proxy option that can take advantage of this method.
    ss_vncviewer -proxy www.gateway.east:563   host1:15
 
@@ -11596,7 +11743,7 @@ blah,blah...
    separated by a comma.
    ss_vncviewer -proxy proxy1.foobar.com:8080,www.gateway.east:563   host1:15
 
-   For the [24]Enhanced TightVNC Viewer (ssvnc) GUI (it uses ss_vncviewer
+   For the [25]Enhanced TightVNC Viewer (ssvnc) GUI (it uses ss_vncviewer
    on Unix) put 'host1:15' into the 'VNC Server' entry box, and here are
    possible Proxy/Gateway entries
    Proxy/Gateway:   www.gateway.east:563
@@ -11610,10 +11757,10 @@ blah,blah...
 
    To have the Java applet downloaded to the user's Web Browser via an
    encrypted (and evidently safer) SSL connection the Apache webserver
-   should be configured for SSL via [25]mod_ssl.
+   should be configured for SSL via [26]mod_ssl.
 
-   It is actually possible to use the x11vnc [26]Key Management utility
-   "[27]-sslGenCert" to generate your Apache/SSL .crt and .key files. (In
+   It is actually possible to use the x11vnc [27]Key Management utility
+   "[28]-sslGenCert" to generate your Apache/SSL .crt and .key files. (In
    brief, run something like "x11vnc -sslGenCert server self:apache" then
    copy the resulting self:apache.crt file to conf/ssl.crt/server.crt and
    extract the private key part from self:apache.pem and paste it into
@@ -11621,7 +11768,7 @@ blah,blah...
    before running x11vnc will bump up the expiration date (3 years in
    this case).
 
-   Or you can use the standard methods described in the [28]Apache
+   Or you can use the standard methods described in the [29]Apache
    mod_ssl documentation to create your keys. Then restart Apache,
    usually something like "apachectl stop" followed by "apachectl
    startssl"
@@ -11738,7 +11885,7 @@ stAllVncCerts=yes [R,NE,L]
    The "vncs/trust" ones are like the "trust" ones described earlier
    https://www.gateway.east/vncs/trust/mach2
 
-   and similarly for the httpsPort ones. See [29]Tricks for Better
+   and similarly for the httpsPort ones. See [30]Tricks for Better
    Response.
 
    In all of the above cases the VNC traffic from Viewer to x11vnc is
@@ -11760,7 +11907,7 @@ stAllVncCerts=yes [R,NE,L]
 
    The special entries "/vnc443" are only used for the special helper
    program (connect_switch) for the https port 443 only mode
-   [30]discussed here.
+   [31]discussed here.
 
      _________________________________________________________________
 
@@ -11799,16 +11946,16 @@ stAllVncCerts=yes [R,NE,L]
         -ssl SAVE -http -unixpw -localhost -users unixpw= \
         -find
 
-   (we have used the alias [31]-find for "-display
+   (we have used the alias [32]-find for "-display
    WAIT:cmd=FINDDISPLAY".) This way the user must supply his Unix
    username and password and then his display and Xauthority data on that
    machine will be located and returned to x11vnc to allow it to attach.
    If he doesn't have a display running on that machine or he fails to
    log in correctly, the connection will be dropped.
 
-   The variant "[32]-display WAIT:cmd=FINDCREATEDISPLAY" (aliased by
-   "[33]-create") will actually create a (virtual or real) X server
-   session for the user if one doesn't already exist. See [34]here for
+   The variant "[33]-display WAIT:cmd=FINDCREATEDISPLAY" (aliased by
+   "[34]-create") will actually create a (virtual or real) X server
+   session for the user if one doesn't already exist. See [35]here for
    details.
 
    To enable inetd operation for the non-HTTPS Java viewer download (port
@@ -11820,8 +11967,8 @@ stAllVncCerts=yes [R,NE,L]
        -http_ssl -display WAIT:cmd=HTTPONCE
 
    where the long inetd.conf line has been split. Note how the
-   [35]-http_ssl tries to automatically find the .../classes/ssl
-   subdirectory. This requires the [36]-prog option available in x11vnc
+   [36]-http_ssl tries to automatically find the .../classes/ssl
+   subdirectory. This requires the [37]-prog option available in x11vnc
    0.8.4 (a shell script wrapper, e.g. /usr/local/bin/x11vnc_http.sh can
    be used to work around this).
 
@@ -11868,7 +12015,7 @@ stAllVncCerts=yes [R,NE,L]
    or using the stunnel wrapper script:
   ss_vncviewer 24.35.46.57:1
 
-   One can acheive similar things with dedicated firewall/routers (e.g.
+   One can achieve similar things with dedicated firewall/routers (e.g.
    Linksys) using the device's web or other interface to configure the
    firewall.
 
@@ -11880,7 +12027,7 @@ stAllVncCerts=yes [R,NE,L]
    - The redirection could also be done at the application level using a
    TCP redirect program (e.g. ip_relay or fancier ones). Evidently more
    careful internal hostname checking, etc., could be performed by the
-   special purpose application to add security. See [37]connect_switch
+   special purpose application to add security. See [38]connect_switch
    which is somewhat related.
 
    - One might imagine the ProxyPass could be done for the VNC traffic as
@@ -11986,40 +12133,41 @@ References
    1. http://www.karlrunge.com/x11vnc/ssvnc.html
    2. http://www.karlrunge.com/x11vnc/faq.html#ss_vncviewer
    3. http://www.karlrunge.com/x11vnc/ssl-portal.html#no-apache
-   4. http://www.karlrunge.com/x11vnc/ssl-portal.html#precautions
-   5. http://www.karlrunge.com/x11vnc/ssl-single-443.html
-   6. https://issues.apache.org/bugzilla/show_bug.cgi?id=29744
-   7. http://www.karlrunge.com/x11vnc/ssl-portal.html#port-variations
-   8. http://www.karlrunge.com/x11vnc/x11vnc_opts.html#opt-unixpw
-   9. http://www.karlrunge.com/x11vnc/ssl-portal.html#inetd
-  10. http://www.karlrunge.com/x11vnc/faq.html#faq-userlogin
-  11. http://www.karlrunge.com/x11vnc/faq.html#faq-ssl-java-viewer-proxy
-  12. http://www.karlrunge.com/x11vnc/ssl-portal.html#tricks
-  13. http://www.karlrunge.com/x11vnc/ssl-portal.html#https-applet
-  14. http://www.karlrunge.com/x11vnc/ssl-portal.html#https-applet"
-  15. http://www.karlrunge.com/x11vnc/ssl-portal-orig.html
-  16. http://www.karlrunge.com/x11vnc/ssl-output.html
-  17. http://www.karlrunge.com/x11vnc/x11vnc_opts.html#opt-rfbauth
-  18. http://www.karlrunge.com/x11vnc/x11vnc_opts.html#opt-passwdfile
-  19. http://www.karlrunge.com/x11vnc/x11vnc_opts.html#opt-usepw
-  20. http://www.karlrunge.com/x11vnc/x11vnc_opts.html#opt-unixpw
-  21. http://www.karlrunge.com/x11vnc/x11vnc_opts.html#opt-sslverify
-  22. http://www.karlrunge.com/x11vnc/ssvnc.html
-  23. http://www.karlrunge.com/x11vnc/faq.html#ss_vncviewer
-  24. http://www.karlrunge.com/x11vnc/ssvnc.html
-  25. http://httpd.apache.org/docs/2.0/mod/mod_ssl.html
-  26. http://www.karlrunge.com/x11vnc/ssl.html
-  27. http://www.karlrunge.com/x11vnc/x11vnc_opts.html#opt-sslGenCert
-  28. http://httpd.apache.org/docs/2.0/ssl/ssl_faq.html#selfcert
-  29. http://www.karlrunge.com/x11vnc/ssl-portal.html#tricks
-  30. http://www.karlrunge.com/x11vnc/ssl-single-443.html
-  31. http://www.karlrunge.com/x11vnc/x11vnc_opts.html#opt-find
-  32. http://www.karlrunge.com/x11vnc/x11vnc_opts.html#opt-display_WAIT
-  33. http://www.karlrunge.com/x11vnc/x11vnc_opts.html#opt-create
-  34. http://www.karlrunge.com/x11vnc/faq.html#faq-userlogin
-  35. http://www.karlrunge.com/x11vnc/x11vnc_opts.html#opt-http_ssl
-  36. http://www.karlrunge.com/x11vnc/x11vnc_opts.html#opt-prog
-  37. http://www.karlrunge.com/x11vnc/ssl-single-443.html
+   4. http://www.karlrunge.com/x11vnc/faq.html#faq-web-login
+   5. http://www.karlrunge.com/x11vnc/ssl-portal.html#precautions
+   6. http://www.karlrunge.com/x11vnc/ssl-single-443.html
+   7. https://issues.apache.org/bugzilla/show_bug.cgi?id=29744
+   8. http://www.karlrunge.com/x11vnc/ssl-portal.html#port-variations
+   9. http://www.karlrunge.com/x11vnc/x11vnc_opts.html#opt-unixpw
+  10. http://www.karlrunge.com/x11vnc/ssl-portal.html#inetd
+  11. http://www.karlrunge.com/x11vnc/faq.html#faq-userlogin
+  12. http://www.karlrunge.com/x11vnc/faq.html#faq-ssl-java-viewer-proxy
+  13. http://www.karlrunge.com/x11vnc/ssl-portal.html#tricks
+  14. http://www.karlrunge.com/x11vnc/ssl-portal.html#https-applet
+  15. http://www.karlrunge.com/x11vnc/ssl-portal.html#https-applet"
+  16. http://www.karlrunge.com/x11vnc/ssl-portal-orig.html
+  17. http://www.karlrunge.com/x11vnc/ssl-output.html
+  18. http://www.karlrunge.com/x11vnc/x11vnc_opts.html#opt-rfbauth
+  19. http://www.karlrunge.com/x11vnc/x11vnc_opts.html#opt-passwdfile
+  20. http://www.karlrunge.com/x11vnc/x11vnc_opts.html#opt-usepw
+  21. http://www.karlrunge.com/x11vnc/x11vnc_opts.html#opt-unixpw
+  22. http://www.karlrunge.com/x11vnc/x11vnc_opts.html#opt-sslverify
+  23. http://www.karlrunge.com/x11vnc/ssvnc.html
+  24. http://www.karlrunge.com/x11vnc/faq.html#ss_vncviewer
+  25. http://www.karlrunge.com/x11vnc/ssvnc.html
+  26. http://httpd.apache.org/docs/2.0/mod/mod_ssl.html
+  27. http://www.karlrunge.com/x11vnc/ssl.html
+  28. http://www.karlrunge.com/x11vnc/x11vnc_opts.html#opt-sslGenCert
+  29. http://httpd.apache.org/docs/2.0/ssl/ssl_faq.html#selfcert
+  30. http://www.karlrunge.com/x11vnc/ssl-portal.html#tricks
+  31. http://www.karlrunge.com/x11vnc/ssl-single-443.html
+  32. http://www.karlrunge.com/x11vnc/x11vnc_opts.html#opt-find
+  33. http://www.karlrunge.com/x11vnc/x11vnc_opts.html#opt-display_WAIT
+  34. http://www.karlrunge.com/x11vnc/x11vnc_opts.html#opt-create
+  35. http://www.karlrunge.com/x11vnc/faq.html#faq-userlogin
+  36. http://www.karlrunge.com/x11vnc/x11vnc_opts.html#opt-http_ssl
+  37. http://www.karlrunge.com/x11vnc/x11vnc_opts.html#opt-prog
+  38. http://www.karlrunge.com/x11vnc/ssl-single-443.html
 	
 =======================================================================
 http://www.karlrunge.com/x11vnc/enhanced_tightvnc_viewer.html:
@@ -13101,8 +13249,8 @@ Unix VNCviewer  (0.5MB)
    redistribute the above because of cryptographic software they contain
    or for other reasons. Please check out your situation and information
    at the following and related sites:
-        [73]http://www.stunnel.org
-        [74]http://stunnel.mirt.net
+        [73]http://stunnel.mirt.net
+        [74]http://www.stunnel.org
         [75]http://www.openssl.org
         [76]http://www.chiark.greenend.org.uk/~sgtatham/putty/
         [77]http://www.tightvnc.com
@@ -13186,8 +13334,8 @@ References
   70. http://sourceforge.net/projects/ssvnc/files/ssvnc/1.0.23/
   71. http://sourceforge.net/projects/ssvnc/files/ssvnc/1.0.24/
   72. http://sourceforge.net/projects/ssvnc/files/ssvnc/1.0.25/
-  73. http://www.stunnel.org/
-  74. http://stunnel.mirt.net/
+  73. http://stunnel.mirt.net/
+  74. http://www.stunnel.org/
   75. http://www.openssl.org/
   76. http://www.chiark.greenend.org.uk/~sgtatham/putty/
   77. http://www.tightvnc.com/
@@ -13206,7 +13354,7 @@ x11vnc: a VNC server for real X displays
    Here are all of x11vnc command line options:
 % x11vnc -opts      (see below for -help long descriptions)
 
-x11vnc: allow VNC connections to real X11 displays. 0.9.10 lastmod: 2010-02-21
+x11vnc: allow VNC connections to real X11 displays. 0.9.10 lastmod: 2010-03-20
 
 x11vnc options:
   -display disp            -auth file               -N                     
@@ -13334,7 +13482,7 @@ libvncserver-tight-extension options:
 
 % x11vnc -help
 
-x11vnc: allow VNC connections to real X11 displays. 0.9.10 lastmod: 2010-02-21
+x11vnc: allow VNC connections to real X11 displays. 0.9.10 lastmod: 2010-03-20
 
 (type "x11vnc -opts" to just list the options.)
 
@@ -13795,6 +13943,11 @@ Options:
                        -stunnel the ssl classes subdirectory is sought.
 -http_ssl              As -http, but force lookup for ssl classes subdir.
 
+                       Note that for HTTPS, single-port Java applet delivery
+                       you can set X11VNC_HTTPS_DOWNLOAD_WAIT_TIME to the
+                       max number of seconds to wait for the applet download
+                       to finish.  The default is 15.
+
 -avahi                 Use the Avahi/mDNS ZeroConf protocol to advertise
                        this VNC server to the local network. (Related terms:
                        Rendezvous, Bonjour).  Depending on your setup, you
@@ -14232,9 +14385,31 @@ Options:
                        the user is allowed, but the option values associated
                        with it do apply as normal.
 
-                       There are also some utilities for testing password
+                       There are also some utilities for checking passwords
                        if [list] starts with the "%" character.  See the
-                       quick_pw() function in the source for details.
+                       quick_pw() function for more details.  Description:
+                       "%-" or "%stdin" means read one line from stdin.
+                       "%env" means it is in $UNIXPW env var.  A leading
+                       "%/" or "%." means read the first line from the
+                       filename that follows after the % character. % by
+                       itself means prompt for the username and password.
+                       Otherwise: %user:pass   E.g. -unixpw %fred:swordfish
+                       For the other cases user:pass is read from the indicated
+                       source.  If the password is correct 'Y user' is printed
+                       and the program exit code is 0.  If the password is
+                       incorrect it prints 'N user' and the exit code is 1.
+                       If there is some other error the exit code is 2.
+                       This feature enables x11vnc to be a general unix user
+                       password checking tool; it could be used from scripts
+                       or other programs.  These % password checks also apply
+                       to the -unixpw_nis and -unixpw_cmd options.
+
+                       For the % password check, if the env. var. UNIXPW_CMD
+                       is set to a command then it is run as the user (assuming
+                       the password is correct.)  The output of the command is
+                       not printed, the program or script must manage that by
+                       some other means.  The exit code of x11vnc will depend
+                       on the exit code of the command that is run.
 
                        Use -nounixpw to disable unixpw mode if it was enabled
                        earlier in the cmd line (e.g. -svc mode)
@@ -14339,8 +14514,11 @@ Options:
                        supplied unixpw_cmd to do user switching if desired
                        and if it has the permissions to do so.
 
--find                  Find the user's display using FINDDISPLAY. This is an
-                       alias for "-display WAIT:cmd=FINDDISPLAY".
+-find                  Find the user's display using FINDDISPLAY. This
+                       is an alias for "-display WAIT:cmd=FINDDISPLAY".
+
+                       Note: if a -display occurs later on the command line
+                       it will override the -find setting.
 
                        For this and the next few options see -display WAIT:...
                        below for all of the details.
@@ -14378,6 +14556,9 @@ Options:
                        FINDCREATEDISPLAY method.  This is an alias for
                        "-display WAIT:cmd=FINDCREATEDISPLAY-Xvfb".
 
+                       Note: if a -display occurs later on the command line
+                       it will override the -create setting.
+
                        SSH NOTE: for both -find and -create you can (should!)
                        add the "-localhost" option to force SSH tunnel access.
 
@@ -14395,6 +14576,10 @@ Options:
                        -display WAIT:cmd=FINDCREATEDISPLAY-Xvfb -unixpw -users
                        unixpw= -ssl SAVE   Also "-service".
 
+                       Note: if a -display, -unixpw, -users, or -ssl occurs
+                       later on the command line it will override the -svc
+                       setting.
+
 -svc_xdummy            As -svc except Xdummy instead of Xvfb.
 -svc_xvnc              As -svc except Xvnc instead of Xvfb.
 -svc_xdummy_xvfb       As -svc with Xdummy,Xvfb.
@@ -14403,6 +14588,10 @@ Options:
                        Alias for -display WAIT:cmd=FINDCREATEDISPLAY-Xvfb.xdmcp
                        -unixpw -users unixpw= -ssl SAVE  Also "-xdm_service".
 
+                       Note: if a -display, -unixpw, -users, or -ssl occurs
+                       later on the command line it will override the -xdmsvc
+                       setting.
+
                        To create a session a user will have to first log in
                        to the -unixpw dialog and then log in again to the
                        XDM/GDM/KDM prompt.  Subsequent re-connections will
@@ -14753,6 +14942,11 @@ Options:
                        X property, that makes FINDDISPLAY only find sessions
                        with that tag value.
 
+                       Set FD_XDMCP_IF to the network interface that the
+                       display manager is running on; default is 'localhost'
+                       but you may need to set it to '::1' on some IPv6 only
+                       systems or misconfigured display managers.
+
                        If you want the FINDCREATEDISPLAY session to contact an
                        XDMCP login manager (xdm/gdm/kdm) on the same machine,
                        then use "Xvfb.xdmcp" instead of "Xvfb", etc.
@@ -15414,7 +15608,7 @@ Options:
                        exits.
 
 
--stunnel [pem]         Use the stunnel(8) (www.stunnel.org) to provide an
+-stunnel [pem]         Use the stunnel(8) (stunnel.mirt.net) to provide an
                        encrypted SSL tunnel between viewers and x11vnc.
 
                        This external tunnel method was implemented prior to the
@@ -18244,6 +18438,10 @@ n
                                        for root window, use +id for children.
                        grab_state      get state of pointer and keyboard grab.
                        pointer_pos     print XQueryPointer x,y cursor position.
+                       pointer_x       print XQueryPointer x cursor position.
+                       pointer_y       print XQueryPointer y cursor position.
+                       pointer_same    print XQueryPointer ptr on same screen.
+                       pointer_root    print XQueryPointer curr ptr rootwin.
                        mouse_x         print x11vnc's idea of cursor position.
                        mouse_y         print x11vnc's idea of cursor position.
                        noop            do nothing.
@@ -18542,18 +18740,18 @@ n
                        http_url auth xauth users rootshift clipshift scale_str
                        scaled_x scaled_y scale_numer scale_denom scale_fac_x
                        scale_fac_y scaling_blend scaling_nomult4 scaling_pad
-                       scaling_interpolate inetd privremote unsafe safer
-                       nocmds passwdfile unixpw unixpw_nis unixpw_list ssl
-                       ssl_pem sslverify stunnel stunnel_pem https httpsredir
-                       usepw using_shm logfile o flag rmflag rc norc h help
-                       V version lastmod bg sigpipe threads readrate netrate
-                       netlatency pipeinput clients client_count pid ext_xtest
-                       ext_xtrap ext_xrecord ext_xkb ext_xshm ext_xinerama
-                       ext_overlay ext_xfixes ext_xdamage ext_xrandr rootwin
-                       num_buttons button_mask mouse_x mouse_y grab_state
-                       pointer_pos bpp depth indexed_color dpy_x dpy_y wdpy_x
-                       wdpy_y off_x off_y cdpy_x cdpy_y coff_x coff_y rfbauth
-                       passwd viewpasswd
+                       scaling_interpolate inetd privremote unsafe safer nocmds
+                       passwdfile unixpw unixpw_nis unixpw_list ssl ssl_pem
+                       sslverify stunnel stunnel_pem https httpsredir usepw
+                       using_shm logfile o flag rmflag rc norc h help V version
+                       lastmod bg sigpipe threads readrate netrate netlatency
+                       pipeinput clients client_count pid ext_xtest ext_xtrap
+                       ext_xrecord ext_xkb ext_xshm ext_xinerama ext_overlay
+                       ext_xfixes ext_xdamage ext_xrandr rootwin num_buttons
+                       button_mask mouse_x mouse_y grab_state pointer_pos
+                       pointer_x pointer_y pointer_same pointer_root bpp depth
+                       indexed_color dpy_x dpy_y wdpy_x wdpy_y off_x off_y
+                       cdpy_x cdpy_y coff_x coff_y rfbauth passwd viewpasswd
 
 -QD variable           Just like -query variable, but returns the default
                        value for that parameter (no running x11vnc server
diff --git a/x11vnc/cursor.c b/x11vnc/cursor.c
index 12700f4..3d613a6 100644
--- a/x11vnc/cursor.c
+++ b/x11vnc/cursor.c
@@ -908,6 +908,9 @@ static void tree_descend_cursor(int *depth, Window *w, win_str_info_t *winfo) {
 	*(winfo->res_name)  = '\0';
 	*(winfo->res_class) = '\0';
 
+	for (i=0; i < maxtries; i++) {
+		wins[i] = None;
+	}
 
 	/* some times a window can go away before we get to it */
 	trapped_xerror = 0;
diff --git a/x11vnc/help.c b/x11vnc/help.c
index 874291c..7a89a32 100644
--- a/x11vnc/help.c
+++ b/x11vnc/help.c
@@ -518,6 +518,11 @@ void print_help(int mode) {
 "                       -stunnel the ssl classes subdirectory is sought.\n"
 "-http_ssl              As -http, but force lookup for ssl classes subdir.\n"
 "\n"
+"                       Note that for HTTPS, single-port Java applet delivery\n"
+"                       you can set X11VNC_HTTPS_DOWNLOAD_WAIT_TIME to the\n"
+"                       max number of seconds to wait for the applet download\n"
+"                       to finish.  The default is 15.\n"
+"\n"
 "-avahi                 Use the Avahi/mDNS ZeroConf protocol to advertise\n"
 "                       this VNC server to the local network. (Related terms:\n"
 "                       Rendezvous, Bonjour).  Depending on your setup, you\n"
@@ -965,9 +970,31 @@ void print_help(int mode) {
 "                       the user is allowed, but the option values associated\n"
 "                       with it do apply as normal.\n"
 "\n"
-"                       There are also some utilities for testing password\n"
+"                       There are also some utilities for checking passwords\n"
 "                       if [list] starts with the \"%%\" character.  See the\n"
-"                       quick_pw() function in the source for details.\n"
+"                       quick_pw() function for more details.  Description:\n"
+"                       \"%%-\" or \"%%stdin\" means read one line from stdin.\n"
+"                       \"%%env\" means it is in $UNIXPW env var.  A leading\n"
+"                       \"%%/\" or \"%%.\" means read the first line from the\n"
+"                       filename that follows after the %% character. %% by\n"
+"                       itself means prompt for the username and password.\n"
+"                       Otherwise: %%user:pass   E.g. -unixpw %%fred:swordfish\n"
+"                       For the other cases user:pass is read from the indicated\n"
+"                       source.  If the password is correct 'Y user' is printed\n"
+"                       and the program exit code is 0.  If the password is\n"
+"                       incorrect it prints 'N user' and the exit code is 1.\n"
+"                       If there is some other error the exit code is 2.\n"
+"                       This feature enables x11vnc to be a general unix user\n"
+"                       password checking tool; it could be used from scripts\n"
+"                       or other programs.  These %% password checks also apply\n"
+"                       to the -unixpw_nis and -unixpw_cmd options.\n"
+"\n"
+"                       For the %% password check, if the env. var. UNIXPW_CMD\n"
+"                       is set to a command then it is run as the user (assuming\n"
+"                       the password is correct.)  The output of the command is\n"
+"                       not printed, the program or script must manage that by\n"
+"                       some other means.  The exit code of x11vnc will depend\n"
+"                       on the exit code of the command that is run.\n"
 "\n"
 "                       Use -nounixpw to disable unixpw mode if it was enabled\n"
 "                       earlier in the cmd line (e.g. -svc mode)\n"
@@ -1072,8 +1099,11 @@ void print_help(int mode) {
 "                       supplied unixpw_cmd to do user switching if desired\n"
 "                       and if it has the permissions to do so.\n"
 "\n"
-"-find                  Find the user's display using FINDDISPLAY. This is an\n"
-"                       alias for \"-display WAIT:cmd=FINDDISPLAY\".\n"
+"-find                  Find the user's display using FINDDISPLAY. This\n"
+"                       is an alias for \"-display WAIT:cmd=FINDDISPLAY\".\n"
+"\n"
+"                       Note: if a -display occurs later on the command line\n"
+"                       it will override the -find setting.\n"
 "\n"
 "                       For this and the next few options see -display WAIT:...\n"
 "                       below for all of the details.\n"
@@ -1111,6 +1141,9 @@ void print_help(int mode) {
 "                       FINDCREATEDISPLAY method.  This is an alias for\n"
 "                       \"-display WAIT:cmd=FINDCREATEDISPLAY-Xvfb\".\n"
 "\n"
+"                       Note: if a -display occurs later on the command line\n"
+"                       it will override the -create setting.\n"
+"\n"
 "                       SSH NOTE: for both -find and -create you can (should!)\n"
 "                       add the \"-localhost\" option to force SSH tunnel access.\n"
 "\n"
@@ -1128,6 +1161,10 @@ void print_help(int mode) {
 "                       -display WAIT:cmd=FINDCREATEDISPLAY-Xvfb -unixpw -users\n"
 "                       unixpw= -ssl SAVE   Also \"-service\".\n"
 "\n"
+"                       Note: if a -display, -unixpw, -users, or -ssl occurs\n"
+"                       later on the command line it will override the -svc\n"
+"                       setting.\n"
+"\n"
 "-svc_xdummy            As -svc except Xdummy instead of Xvfb.\n"
 "-svc_xvnc              As -svc except Xvnc instead of Xvfb.\n"
 "-svc_xdummy_xvfb       As -svc with Xdummy,Xvfb.\n"
@@ -1136,6 +1173,10 @@ void print_help(int mode) {
 "                       Alias for -display WAIT:cmd=FINDCREATEDISPLAY-Xvfb.xdmcp\n"
 "                       -unixpw -users unixpw= -ssl SAVE  Also \"-xdm_service\".\n"
 "\n"
+"                       Note: if a -display, -unixpw, -users, or -ssl occurs\n"
+"                       later on the command line it will override the -xdmsvc\n"
+"                       setting.\n"
+"\n"
 "                       To create a session a user will have to first log in\n"
 "                       to the -unixpw dialog and then log in again to the\n"
 "                       XDM/GDM/KDM prompt.  Subsequent re-connections will\n"
@@ -1485,6 +1526,11 @@ void print_help(int mode) {
 "                       X property, that makes FINDDISPLAY only find sessions\n"
 "                       with that tag value.\n"
 "\n"
+"                       Set FD_XDMCP_IF to the network interface that the\n"
+"                       display manager is running on; default is 'localhost'\n"
+"                       but you may need to set it to '::1' on some IPv6 only\n"
+"                       systems or misconfigured display managers.\n"
+"\n"
 "                       If you want the FINDCREATEDISPLAY session to contact an\n"
 "                       XDMCP login manager (xdm/gdm/kdm) on the same machine,\n"
 "                       then use \"Xvfb.xdmcp\" instead of \"Xvfb\", etc.\n"
@@ -2147,7 +2193,7 @@ void print_help(int mode) {
 "                       exits.\n"
 "\n"
 "\n"
-"-stunnel [pem]         Use the stunnel(8) (www.stunnel.org) to provide an\n"
+"-stunnel [pem]         Use the stunnel(8) (stunnel.mirt.net) to provide an\n"
 "                       encrypted SSL tunnel between viewers and x11vnc.\n"
 "\n"
 "                       This external tunnel method was implemented prior to the\n"
@@ -4980,6 +5026,10 @@ void print_help(int mode) {
 "                                       for root window, use +id for children.\n"
 "                       grab_state      get state of pointer and keyboard grab.\n"
 "                       pointer_pos     print XQueryPointer x,y cursor position.\n"
+"                       pointer_x       print XQueryPointer x cursor position.\n"
+"                       pointer_y       print XQueryPointer y cursor position.\n"
+"                       pointer_same    print XQueryPointer ptr on same screen.\n"
+"                       pointer_root    print XQueryPointer curr ptr rootwin.\n"
 "                       mouse_x         print x11vnc's idea of cursor position.\n"
 "                       mouse_y         print x11vnc's idea of cursor position.\n"
 "                       noop            do nothing.\n"
@@ -5278,18 +5328,18 @@ void print_help(int mode) {
 "                       http_url auth xauth users rootshift clipshift scale_str\n"
 "                       scaled_x scaled_y scale_numer scale_denom scale_fac_x\n"
 "                       scale_fac_y scaling_blend scaling_nomult4 scaling_pad\n"
-"                       scaling_interpolate inetd privremote unsafe safer\n"
-"                       nocmds passwdfile unixpw unixpw_nis unixpw_list ssl\n"
-"                       ssl_pem sslverify stunnel stunnel_pem https httpsredir\n"
-"                       usepw using_shm logfile o flag rmflag rc norc h help\n"
-"                       V version lastmod bg sigpipe threads readrate netrate\n"
-"                       netlatency pipeinput clients client_count pid ext_xtest\n"
-"                       ext_xtrap ext_xrecord ext_xkb ext_xshm ext_xinerama\n"
-"                       ext_overlay ext_xfixes ext_xdamage ext_xrandr rootwin\n"
-"                       num_buttons button_mask mouse_x mouse_y grab_state\n"
-"                       pointer_pos bpp depth indexed_color dpy_x dpy_y wdpy_x\n"
-"                       wdpy_y off_x off_y cdpy_x cdpy_y coff_x coff_y rfbauth\n"
-"                       passwd viewpasswd\n"
+"                       scaling_interpolate inetd privremote unsafe safer nocmds\n"
+"                       passwdfile unixpw unixpw_nis unixpw_list ssl ssl_pem\n"
+"                       sslverify stunnel stunnel_pem https httpsredir usepw\n"
+"                       using_shm logfile o flag rmflag rc norc h help V version\n"
+"                       lastmod bg sigpipe threads readrate netrate netlatency\n"
+"                       pipeinput clients client_count pid ext_xtest ext_xtrap\n"
+"                       ext_xrecord ext_xkb ext_xshm ext_xinerama ext_overlay\n"
+"                       ext_xfixes ext_xdamage ext_xrandr rootwin num_buttons\n"
+"                       button_mask mouse_x mouse_y grab_state pointer_pos\n"
+"                       pointer_x pointer_y pointer_same pointer_root bpp depth\n"
+"                       indexed_color dpy_x dpy_y wdpy_x wdpy_y off_x off_y\n"
+"                       cdpy_x cdpy_y coff_x coff_y rfbauth passwd viewpasswd\n"
 "\n"
 "-QD variable           Just like -query variable, but returns the default\n"
 "                       value for that parameter (no running x11vnc server\n"
diff --git a/x11vnc/keyboard.c b/x11vnc/keyboard.c
index cdf85e9..edce680 100644
--- a/x11vnc/keyboard.c
+++ b/x11vnc/keyboard.c
@@ -1114,7 +1114,8 @@ void switch_to_xkb_if_better(void) {
 	n = k;
 
 	XFree_wr(keymap);
-	if (missing_noxkb == 0 && syms_gt_4 >= 8) {
+	if (missing_noxkb == 0 && syms_per_keycode > 4 && syms_gt_4 >= 0) {
+		/* we used to have syms_gt_4 >= 8, now always on. */
 		if (! raw_fb_str) {
 			rfbLog("\n");
 			rfbLog("XKEYBOARD: number of keysyms per keycode %d is greater\n", syms_per_keycode);
@@ -1123,6 +1124,7 @@ void switch_to_xkb_if_better(void) {
 			rfbLog("  If this makes the key mapping worse you can\n");
 			rfbLog("  disable it with the \"-noxkb\" option.\n");
 			rfbLog("  Also, remember \"-remap DEAD\" for accenting characters.\n");
+			rfbLog("\n");
 		}
 
 		use_xkb_modtweak = 1;
@@ -1135,6 +1137,7 @@ void switch_to_xkb_if_better(void) {
 			rfbLog("  Not automatically switching to -xkb mode.\n");
 			rfbLog("  If some keys still cannot be typed, try using -xkb.\n");
 			rfbLog("  Also, remember \"-remap DEAD\" for accenting characters.\n");
+			rfbLog("\n");
 		}
 		return;
 	}
@@ -1217,6 +1220,7 @@ void switch_to_xkb_if_better(void) {
 		rfbLog("  Also, remember \"-remap DEAD\" for accenting"
 		    " characters.\n");
 	}
+	rfbLog("\n");
 }
 
 /* sets up all the keymapping info via Xkb API */
diff --git a/x11vnc/misc/Makefile.am b/x11vnc/misc/Makefile.am
index f814315..98a7511 100644
--- a/x11vnc/misc/Makefile.am
+++ b/x11vnc/misc/Makefile.am
@@ -1,3 +1,3 @@
 SUBDIRS = turbovnc
 DIST_SUBDIRS = turbovnc
-EXTRA_DIST=README blockdpy.c dtVncPopup rx11vnc rx11vnc.pl shm_clear ranfb.pl slide.pl vcinject.pl x11vnc_loop Xdummy ultravnc_repeater.pl connect_switch
+EXTRA_DIST=README blockdpy.c dtVncPopup rx11vnc rx11vnc.pl shm_clear ranfb.pl slide.pl vcinject.pl x11vnc_loop Xdummy ultravnc_repeater.pl connect_switch panner.pl desktop.cgi inet6to4
diff --git a/x11vnc/misc/README b/x11vnc/misc/README
index abb60f6..f38616e 100644
--- a/x11vnc/misc/README
+++ b/x11vnc/misc/README
@@ -33,3 +33,14 @@ Misc. scripts:
 		use Xsetup mechanism.
    Xdummy       An LD_PRELOAD kludge to run the Xorg "dummy" device driver
 		like Xvfb.
+
+   ultravnc_repeater.pl: Unix script to act as UltraVNC repeater proxy.
+
+   connect_switch:  Share HTTPS, VNC, SSH, etc. through a single port (e.g. 443)
+
+   panner.pl    Allows a small rectangle to pan around a desktop more or less.
+
+   desktop.cgi  CGI script for creating multi-user virtual desktops on a
+                server.  Also can do port-redirection to internal machines.
+
+   inet6to4     ipv6 to ipv4 relay (i.e. until libvncserver supports ipv6)
diff --git a/x11vnc/misc/connect_switch b/x11vnc/misc/connect_switch
index ad6d138..212157f 100755
--- a/x11vnc/misc/connect_switch
+++ b/x11vnc/misc/connect_switch
@@ -1,6 +1,6 @@
 #!/usr/bin/perl
 #
-# Copyright (c) 2006-2009 by Karl J. Runge <runge@karlrunge.com>
+# Copyright (c) 2006-2010 by Karl J. Runge <runge@karlrunge.com>
 #
 # connect_switch is free software; you can redistribute it and/or modify
 # it under the terms of the GNU General Public License as published by
@@ -35,10 +35,14 @@
 # because the CONNECT request appears to be forwarded encrypted to
 # the remote host and so the SSL dies immediately. 
 #
+# It can also be used to redirect ANY protocol, e.g. SSH, not just VNC.
+# See CONNECT_SWITCH_APPLY_VNC_OFFSET=0 to disable VNC 5900 shift.
+#
 # Note: There is no need to use this script for a non-ssl apache webserver
 # port because mod_proxy works fine for doing the switching all inside
 # apache (see ProxyRequests and AllowCONNECT parameters).
 #
+#
 # Apache configuration:
 #
 # The mod_ssl configuration is often in a file named ssl.conf.  In the
@@ -68,6 +72,126 @@
 # It is probably a good idea to set $listen_host below to the known
 # IP address you want the service to listen on (to avoid localhost where
 # apache is listening).
+#
+
+####################################################################
+# NOTE: For more info on configuration settings, read below for
+#       all of the CONNECT_SWITCH_* env. var. parameters.
+####################################################################
+
+
+####################################################################
+# Allow env vars to also be specified on cmdline:
+#
+foreach my $arg (@ARGV) {
+	if ($arg =~ /^(CONNECT_SWITCH.*?)=(.*)$/) {
+		$ENV{$1} = $2;
+	}
+}
+
+# Set up logging:
+#
+if (exists $ENV{CONNECT_SWITCH_LOGFILE}) {
+	close STDOUT;
+	if (!open(STDOUT, ">>$ENV{CONNECT_SWITCH_LOGFILE}")) {
+		die "connect_switch: $ENV{CONNECT_SWITCH_LOGFILE} $!\n";
+	}
+	close STDERR;
+	open(STDERR, ">&STDOUT");
+}
+select(STDERR); $| = 1;
+select(STDOUT); $| = 1;
+
+# interrupt handler:
+#
+my $looppid = '';
+my $pidfile = '';
+my $listen_sock = '';	# declared here for get_out()
+#
+sub get_out {
+	print STDERR "$_[0]:\t$$ looppid=$looppid\n";
+	close $listen_sock if $listen_sock;
+	if ($looppid) {
+		kill 'TERM', $looppid;
+		fsleep(0.2);
+	}
+	unlink $pidfile if $pidfile;
+	exit 0;
+}
+$SIG{INT}  = \&get_out;
+$SIG{TERM} = \&get_out;
+
+# pidfile:
+#
+sub open_pidfile {
+	if (exists $ENV{CONNECT_SWITCH_PIDFILE}) {
+		my $pf = $ENV{CONNECT_SWITCH_PIDFILE};
+		if (open(PID, ">$pf")) {
+			print PID "$$\n";
+			close PID;
+			$pidfile = $pf;
+		} else {
+			print STDERR "could not open pidfile: $pf - $! - continuing...\n";
+		}
+		delete $ENV{CONNECT_SWITCH_PIDFILE};
+	}
+}
+
+####################################################################
+# Set CONNECT_SWITCH_LOOP=1 to have this script create an outer loop
+# restarting itself if it ever exits.  Set CONNECT_SWITCH_LOOP=BG to
+# do this in the background as a daemon.
+
+if (exists $ENV{CONNECT_SWITCH_LOOP}) {
+	my $csl = $ENV{CONNECT_SWITCH_LOOP};
+	if ($csl ne 'BG' && $csl ne '1') {
+		die "connect_switch: invalid CONNECT_SWITCH_LOOP.\n";
+	}
+	if ($csl eq 'BG') {
+		# go into bg as "daemon":
+		setpgrp(0, 0);
+		my $pid = fork();
+		if (! defined $pid) {
+			die "connect_switch: $!\n";
+		} elsif ($pid) {
+			wait;
+			exit 0;
+		}
+		if (fork) {
+			exit 0;
+		}
+		setpgrp(0, 0);
+		close STDIN;
+		if (! $ENV{CONNECT_SWITCH_LOGFILE}) {
+			close STDOUT;
+			close STDERR;
+		}
+	}
+	delete $ENV{CONNECT_SWITCH_LOOP};
+
+	if (exists $ENV{CONNECT_SWITCH_PIDFILE}) {
+		open_pidfile();
+	}
+
+	print STDERR "connect_switch: starting service at ", scalar(localtime), " master-pid=$$\n";
+	while (1) {
+		$looppid = fork;
+		if (! defined $looppid) {
+			sleep 10;
+		} elsif ($looppid) {
+			wait;
+		} else {
+			exec $0;	
+			exit 1;
+		}
+		print STDERR "connect_switch: re-starting service at ", scalar(localtime), " master-pid=$$\n";
+		sleep 1;
+	}
+	exit 0;
+}
+if (exists $ENV{CONNECT_SWITCH_PIDFILE}) {
+	open_pidfile();
+}
 
 
 ############################################################################
@@ -83,15 +207,29 @@
 #	CONNECT_SWITCH_VERBOSE
 #	CONNECT_SWITCH_APPLY_VNC_OFFSET
 #	CONNECT_SWITCH_VNC_OFFSET
+#	CONNECT_SWITCH_LISTEN_IPV6
+#	CONNECT_SWITCH_BUFSIZE
+#	CONNECT_SWITCH_LOGFILE
+#	CONNECT_SWITCH_PIDFILE
+#
+# You can also set these on the cmdline:
+#      connect_switch CONNECT_SWITCH_LISTEN=X CONNECT_SWITCH_ALLOW_FILE=Y ...
+#
 
+# By default we will use hostname and assume it resolves:
+#
 my $hostname = `hostname`;
 chomp $hostname;
 
 my $listen_host = $hostname;	
 my $listen_port = 443;	
 
+# Let user override listening situation, e.g. multihomed:
+#
 if (exists $ENV{CONNECT_SWITCH_LISTEN}) {
+	#
 	# E.g. CONNECT_SWITCH_LISTEN=192.168.0.32:443
+	#
 	($listen_host, $listen_port) = split(/:/, $ENV{CONNECT_SWITCH_LISTEN});
 }
 
@@ -99,10 +237,21 @@ my $httpd_host = 'localhost';
 my $httpd_port = 443;	
 
 if (exists $ENV{CONNECT_SWITCH_HTTPD}) {
+	#
 	# E.g. CONNECT_SWITCH_HTTPD=127.0.0.1:443
+	#
 	($httpd_host, $httpd_port) = split(/:/, $ENV{CONNECT_SWITCH_HTTPD});
 }
 
+my $bufsize = 8192;
+if (exists $ENV{CONNECT_SWITCH_BUFSIZE}) {
+	#
+	# E.g. CONNECT_SWITCH_BUFSIZE=32768
+	#
+	$bufsize = $ENV{CONNECT_SWITCH_BUFSIZE};
+}
+
+
 ############################################################################
 # You can/should override the host/port settings here:
 #
@@ -113,6 +262,9 @@ if (exists $ENV{CONNECT_SWITCH_HTTPD}) {
 
 # You must set the allowed host:port CONNECT redirection list.
 # Only these host:port pairs will be redirected to.
+# Port ranges are allowed too:  host:5900-5930.
+# If there is one entry named ALL all connections are allow.
+# You must supply something, default is deny.
 #
 my @allowed = qw(
 	machine1:5915
@@ -141,6 +293,8 @@ if (exists $ENV{CONNECT_SWITCH_ALLOWED}) {
 #     fredsbox 15 
 #     rupert    1 
 
+# For examply, mine is:
+#
 my $allow_file = '/dist/apache/2.0/conf/vnc.hosts';
 $allow_file = '';
 
@@ -158,25 +312,34 @@ my $apply_vnc_offset = 1;
 my $vnc_offset = 5900;
 
 if (exists $ENV{CONNECT_SWITCH_APPLY_VNC_OFFSET}) {
+	#
 	# E.g. CONNECT_SWITCH_APPLY_VNC_OFFSET=0
+	#
 	$apply_vnc_offset = $ENV{CONNECT_SWITCH_APPLY_VNC_OFFSET};
 }
 if (exists $ENV{CONNECT_SWITCH_VNC_OFFSET}) {
+	#
 	# E.g. CONNECT_SWITCH_VNC_OFFSET=6000
+	#
 	$vnc_offset = $ENV{CONNECT_SWITCH_VNC_OFFSET};
 }
 
-# Set to 1 for more debugging output:
+# Set to 1 or higher for more info output:
 #
 my $verbose = 0;
 
 if (exists $ENV{CONNECT_SWITCH_VERBOSE}) {
+	#
 	# E.g. CONNECT_SWITCH_VERBOSE=1
+	#
 	$verbose = $ENV{CONNECT_SWITCH_VERBOSE};
 }
 
-############################################################################
+
+
+#===========================================================================
 #  No need for any changes below here.
+#===========================================================================
 
 use IO::Socket::INET;
 use strict;
@@ -186,12 +349,29 @@ my $killpid = 1;
 
 setpgrp(0, 0);
 
-my $listen_sock = IO::Socket::INET->new(
-	Listen    => 10,
-	LocalAddr => $listen_host,
-	LocalPort => $listen_port,
-	Proto     => "tcp"
-);
+if (exists $ENV{CONNECT_SWITCH_LISTEN_IPV6}) {
+	# note we leave out LocalAddr.
+	my $cmd = '
+	use IO::Socket::INET6;
+	$listen_sock = IO::Socket::INET6->new(
+		Listen    => 10,
+		LocalPort => $listen_port,
+		ReuseAddr => 1,
+		Domain    => AF_INET6,
+		Proto     => "tcp"
+	);
+	';
+	eval $cmd;
+	die "$@\n" if $@;
+} else {
+	$listen_sock = IO::Socket::INET->new(
+		Listen    => 10,
+		LocalAddr => $listen_host,
+		LocalPort => $listen_port,
+		ReuseAddr => 1,
+		Proto     => "tcp"
+	);
+}
 
 if (! $listen_sock) {
 	die "connect_switch: $!\n";
@@ -210,7 +390,7 @@ while (1) {
 		fsleep(0.5);
 		next;
 	}
-	print STDERR "conn: $conn -- ", $client->peerhost(), "\n" if $verbose;
+	print STDERR "conn: $conn -- ", $client->peerhost(), " at ", scalar(localtime), "\n" if $verbose;
 
 	my $pid = fork();
 	if (! defined $pid) {
@@ -237,6 +417,10 @@ sub handle_conn {
 
 	my @allow = @allowed;
 
+	# read allow file.  Note we read it for every connection
+	# to allow the admin to modify it w/o restarting us.
+	# better way would be to read in parent and check mtime.
+	#
 	if ($allow_file && -f $allow_file) {
 		if (open(ALLOW, "<$allow_file")) {
 			while (<ALLOW>) {
@@ -259,6 +443,8 @@ sub handle_conn {
 		}
 	}
 
+	# Read the first 7 bytes of connection, see if it is 'CONNECT'
+	#
 	my $str = '';
 	my $N = 0;
 	my $isconn = 1;
@@ -267,7 +453,7 @@ sub handle_conn {
 		sysread($client, $b, 1);
 		$str .= $b;
 		$N++;
-		print STDERR "read: '$str'\n" if $verbose;
+		print STDERR "read: '$str'\n" if $verbose > 1;
 		my $cstr = substr('CONNECT', 0, $i+1);
 		if ($str ne $cstr) {
 			$isconn = 0;
@@ -276,28 +462,60 @@ sub handle_conn {
 	}
 
 	my $sock = '';
+
 	if ($isconn) {
+		# it is CONNECT, read rest of HTTP header:
+		#
 		while ($str !~ /\r\n\r\n/) {
 			my $b;
 			sysread($client, $b, 1);
 			$str .= $b;
 		}
-		print STDERR "read: $str\n" if $verbose;
+		print STDERR "read:  $str\n" if $verbose > 1;
 
+		# get http version and host:port
+		#
 		my $ok = 0;
 		my $hostport = '';
 		my $http_vers = '1.0';
 		if ($str =~ /^CONNECT\s+(\S+)\s+HTTP\/(\S+)/) {
 			$hostport = $1;
 			$http_vers = $2;
-			foreach my $hp (@allow) {
-				if ($hp eq $hostport) {
-					$ok = 1;
-					last;
+
+			my ($h, $p) = split(/:/, $hostport);
+			if ($p =~ /^\d+$/) {
+				# check allowed host list:
+				foreach my $hp (@allow) {
+					if ($hp eq 'ALL') {
+						$ok = 1;
+					}
+					if ($hp eq $hostport) {
+						$ok = 1;
+					}
+					if ($hp =~ /^(.*):(\d+)-(\d+)$/) {
+						my $ahost = $1;
+						my $pmin  = $2;
+						my $pmax  = $3;
+						if ($h eq $ahost) {
+							if ($p >= $pmin && $p <= $pmax) {
+								$ok = 1;
+							}
+						}
+					}
+					last if $ok;
 				}
 			}
 		}
+
+		my $msg_1 = "HTTP/$http_vers 200 Connection Established\r\n"
+		     . "Proxy-agent: connect_switch v0.2\r\n\r\n";
+		my $msg_2 = "HTTP/$http_vers 502 Bad Gateway\r\n"
+			     . "Connection: close\r\n\r\n";
+
 		if (! $ok) {
+			# disallowed. drop with message.
+			#
+			syswrite($client, $msg_2, length($msg_2));
 			close $client;
 			exit 0;
 		}
@@ -312,18 +530,20 @@ sub handle_conn {
 			Proto => "tcp"
 		);
 		my $msg;
+
+		# send the connect proxy reply:
+		#
 		if ($sock) {
-			$msg = "HTTP/$http_vers 200 Connection Established\r\n"
-			     . "Proxy-agent: connect_switch v0.2\r\n\r\n";
+			$msg = $msg_1;
 		} else {
-			$msg = "HTTP/$http_vers 502 Bad Gateway\r\n"
-			     . "Connection: close\r\n\r\n";
+			$msg = $msg_2;
 		}
 		syswrite($client, $msg, length($msg));
 		$str = '';
 	} else {
-		print STDERR "connecting to: $httpd_host:$httpd_port\n"
-		    if $verbose;
+		# otherwise, redirect to apache for normal https:
+		#
+		print STDERR "connecting to: $httpd_host:$httpd_port\n" if $verbose;
 		$sock = IO::Socket::INET->new(
 			PeerAddr => $httpd_host,
 			PeerPort => $httpd_port,
@@ -336,6 +556,8 @@ sub handle_conn {
 		die "connect_switch: $!\n";
 	}
 
+	# get ready for xfer phase:
+	#
 	$current_fh1 = $client;
 	$current_fh2 = $sock;
 
@@ -349,6 +571,8 @@ sub handle_conn {
 			kill 'TERM', $child;
 		}
 	} else {
+		# write those first bytes if not CONNECT:
+		#
 		if ($str ne '' && $N > 0) {
 			syswrite($sock, $str, $N);
 		}
@@ -358,9 +582,9 @@ sub handle_conn {
 			kill 'TERM', $parent;
 		}
 	}
-	if ($verbose) {
+	if ($verbose > 1) {
 		my $dt = time() - $start;
-		print STDERR "dt\[$$]: $dt\n";
+		print STDERR "duration\[$$]: $dt seconds. ", scalar(localtime), "\n";
 	}
 	exit 0;
 }
@@ -380,7 +604,7 @@ sub xfer {
 		while (! $nf) {
 			$nf = select($ROUT=$RIN, undef, undef, undef);
 		}
-		my $len = sysread($in, $buf, 8192);
+		my $len = sysread($in, $buf, $bufsize);
 		if (! defined($len)) {
 			next if $! =~ /^Interrupted/;
 			print STDERR "connect_switch\[$lab/$conn/$$]: $!\n";
@@ -392,7 +616,7 @@ sub xfer {
 		}
 
 		if (0) {
-			# verbose debugging of data:
+			# very verbose debugging of data:
 			syswrite(STDERR , "\n$lab: ", 6);
 			syswrite(STDERR , $buf, $len);
 		}
diff --git a/x11vnc/misc/desktop.cgi b/x11vnc/misc/desktop.cgi
new file mode 100755
index 0000000..c2f9cc9
--- /dev/null
+++ b/x11vnc/misc/desktop.cgi
@@ -0,0 +1,1134 @@
+#!/usr/bin/perl
+#
+# desktop.cgi
+#
+# An example cgi script to provide multi-user web access to x11vnc
+# desktops.  This script should/must be served by an HTTPS webserver,
+# otherwise the unix and vnc passwords are sent over the network
+# unencrypted (see below to disable)
+#
+# Note that the x11vnc -create virtual desktop service used below requires
+# that you install the 'Xvfb' program.
+#
+# You should put this script in, say, a cgi-bin directory.
+#
+# You will *also* need to copy the x11vnc classes/ssl/UltraViewerSSL.jar
+# file to the document root: /UltraViewerSSL.jar (or change the html
+# at bottom.)
+#
+# Each x11vnc server created for a login will listen on its own port (see
+# below for port selection schemes.)  Your firewall must let in these ports.
+# It is difficult and not as reliable to do all of this through a single port;
+# however, see the fixed port scheme find_free_port = 'fixed:5900' below.
+#
+# Note there are two SSL certificates involved that the user may be
+# asked to inspect: apache's SSL cert and x11vnc's SSL cert.  This may
+# confuse the user.
+#
+# This script provides one example on how to provide the service.  You can
+# customize to meet your needs, e.g. switch to php, newer modules,
+# different authentication, SQL database, etc.  If you plan to use it
+# in production, please examine all security aspects of it carefully;
+# read the comments in the script for more info.
+#
+# More information and background:
+#
+#      http://www.karlrunge.com/x11vnc/faq.html#faq-xvfb
+#      http://www.karlrunge.com/x11vnc/faq.html#faq-ssl-tunnel-viewers
+#      http://www.karlrunge.com/x11vnc/faq.html#faq-ssl-java-viewer-proxy
+#      http://www.karlrunge.com/x11vnc/faq.html#faq-ssl-portal
+#      http://www.karlrunge.com/x11vnc/faq.html#faq-unix-passwords
+#      http://www.karlrunge.com/x11vnc/faq.html#faq-userlogin
+
+
+#-------------------------------------------------------------------------
+# Copyright (c) 2010 by Karl J. Runge <runge@karlrunge.com>
+#
+# desktop.cgi is free software; you can redistribute it and/or modify
+# it under the terms of the GNU General Public License as published by
+# the Free Software Foundation; either version 2 of the License, or (at
+# your option) any later version.
+# 
+# desktop.cgi is distributed in the hope that it will be useful,
+# but WITHOUT ANY WARRANTY; without even the implied warranty of
+# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the
+# GNU General Public License for more details.
+# 
+# You should have received a copy of the GNU General Public License
+# along with desktop.cgi; if not, write to the Free Software
+# Foundation, Inc., 675 Mass Ave, Cambridge, MA 02139, USA
+# or see <http://www.gnu.org/licenses/>.
+#-------------------------------------------------------------------------
+
+use strict;
+use IO::Socket::INET;
+
+
+# TCP Ports:
+#
+# Set find_free_port to 1 (or the other modes described below) to
+# autoselect a free port to use.  The default is to use a fixed port
+# based on the userid.
+#
+my $find_free_port = 0;
+#
+# Or specify a port range:
+#
+#$find_free_port = '7000-8000';
+#
+# Or indicate to use a kludge to try to do everything through a SINGLE
+# port.  To try to avoid contention on the port, simultaneous instances
+# of this script attempt to 'take turns' using it.
+#
+#$find_free_port = 'fixed:5900';
+
+
+# Port redirection mode:
+#
+# This is to allow port redirection mode: username@host:port If username
+# is valid, there will be a port redirection to internal machine
+# host:port.  Presumably there is already an SSL enabled and password
+# protected VNC server running there.  We don't start that server.
+# See the next setting for an allowed hosts file.  The default for port
+# redirection is off.
+#
+my $enable_port_redirection = 0;
+
+# A file with allowed port redirections.  The empty string '' (the
+# default) means all host:port redirections would be allowed.
+#
+# Format of the file: A list of 'user@host:port' or 'host:port'
+# entries, one per line.  Port ranges, e.g. host:n-m are also accepted.
+#
+# Leading and trailing whitespace is trimmed off each line.  Blank lines
+# and comment lines starting with '#' are skipped.  A line consisting of
+# 'ALL' matches everything.  If no match can be found or the file cannot
+# be opened the connection is dropped.
+#
+my $port_redirection_allowed_hosts = '';
+
+
+# Set to 0 to have the java applet html set the parameter
+# trustUrlVncCert=no, i.e. the applet will not automatically accept an
+# SSL cert already accepted by an HTTPS URL.  See print_applet_html()
+# below for more info.
+#
+my $trustUrlVncCert = 1;
+
+
+# Comment this out if you don't want PATH modified:
+#
+$ENV{PATH} = "/usr/bin:bin:$ENV{PATH}";
+
+
+# For the next two settings, note that most users will be confused that
+# geometry and session are ignored when they are returning to their
+# existing desktop session (x11vnc FINDDISPLAY action.)
+
+# Used below if user did not specify preferred geometry and color depth:
+#
+my $default_geometry = '1024x768x24';
+
+
+# Set this to the list of x11vnc -create sessions types to show a session
+# dropdown for the user to select from.
+#
+my $session_types = '';
+#
+# example:
+#$session_types = 'gnome kde xfce lxde wmaker enlightenment mwm twm failsafe'; 
+
+
+# Set this to 1 to enable user setting a unique tag for each one
+# of his desktops and so can have multiple ones simultaneously and
+# select which one he wants.  For now we just hack this onto geometry
+# 1024x768x24:my_2nd_desktop but ultimately there should be a form entry
+# for it.  Search for enable_unique_tags for more info:
+#
+my $enable_unique_tags = 0;
+my $unique_tag = '';
+
+# You can set some extra x11vnc cmdline options here:
+#
+my $x11vnc_extra_opts = '';
+
+
+# Path to x11vnc program:
+#
+my $x11vnc = '/usr/bin/x11vnc';
+
+if (`uname -n` =~ /haystack/) {
+	# for my testing:
+	if (-f "/home/runge/dtcgi.test") {
+		eval `cat /home/runge/dtcgi.test`;
+	}
+}
+
+
+# http header:
+#
+print STDOUT "Content-Type: text/html\r\n\r\n";
+
+
+# Require HTTPS so that unix and vnc passwords are not sent in clear text
+# (perhaps it is too late...)  Disable HTTPS at your own risk.
+#
+if ($ENV{HTTPS} !~ /^on$/i) {
+	bye("HTTPS must be used (to encrypt passwords)");
+}
+
+
+# Read request:
+#
+my $request;
+if ($ENV{'REQUEST_METHOD'} eq "POST") {
+	read(STDIN, $request, $ENV{'CONTENT_LENGTH'});
+} elsif ($ENV{'REQUEST_METHOD'} eq "GET" ) {
+	$request = $ENV{'QUERY_STRING'};
+} else {
+	$request = $ARGV[0];
+}
+
+my %request = url_decode(split(/[&=]/, $request));
+
+
+# Experiment for FD_TAG x11vnc feature for multiple desktops:
+#
+# we hide it in geometry:tag for now:
+#
+if ($enable_unique_tags && $request{geometry} =~ /^(.*):(\w+)$/) {
+	$request{geometry} = $1;
+	$unique_tag = $2;
+}
+
+# Check/set geometry and session:
+#
+if (!exists $request{geometry} || $request{geometry} !~ /^[x\d]+$/) {
+	# default geometry and depth:
+	$request{geometry} = $default_geometry;
+}
+if (!exists $request{session} || $request{session} =~ /^\s*$/) {
+	$request{session} = '';
+}
+
+
+# String for the login form:
+#
+my $login_str = <<"END";
+<title>x11vnc web access</title>
+<h3>x11vnc web access</h3>
+<form action="$ENV{REQUEST_URI}" method="post">
+ <table border="0">
+  <tr><td colspan=2><h2>Login</h2></td></tr>
+  <tr><td>Username:</td><td>
+  <input type="text" name="username" maxlength="40" value="$request{username}">
+  </td></tr>
+  <tr><td>Password:</td><td>
+  <input type="password" name="password" maxlength="50">
+  </td></tr>
+  <tr><td>Geometry:</td><td>
+  <input type="text" name="geometry" maxlength="40" value="$request{geometry}">
+  </td></tr>
+  <!-- session -->
+  <tr><td colspan="2" align="right">
+  <input type="submit" name="submit" value="Login">
+  </td></tr>
+ </table>
+</form>
+END
+
+
+# Set up user selected desktop session list, if enabled:
+#
+my %sessions;
+
+if ($session_types ne '') {
+	my $str = "<tr><td>Session:</td><td>\n<select name=session>";
+	$str .= "<option value=none>select</option>";
+
+	foreach my $sess (split(' ', $session_types)) {
+		next if $sess =~ /^\s*$/;
+		next if $sess !~ /^\w+$/; # alphanumeric
+		$sessions{$sess} = 1;
+		$str .= "<option value=$sess>$sess</option>";
+	}
+	$str .= "</select>\n</td></tr>";
+
+	# This forces $request{session} to be a valid one:
+	#
+	if (! exists $sessions{$request{session}}) {
+		$request{session} = 'none';
+	}
+
+	# Insert into login_str:
+	#
+	my $r = $request{session};
+	$str =~ s/option value=\Q$r\E/option selected value=$r/;
+	$login_str =~ s/<!-- session -->/$str/;
+}
+
+
+# If no username or password, show login form:
+#
+if (!$request{username} && !$request{password}) {
+	bye($login_str);
+} elsif (!$request{username}) {
+	bye("No Username.<p>$login_str");
+} elsif (!$request{password}) {
+	bye("No Password.<p>$login_str");
+}
+
+
+# Some shorthand names:
+#
+my $username = $request{username};
+my $password = $request{password};
+my $geometry = $request{geometry};
+my $session  = $request{session};
+
+
+# If port redirection is enabled, split username@host:port
+#
+my $redirect_host = '';
+my $current_fh1 = '';
+my $current_fh2 = '';
+
+if ($enable_port_redirection) {
+	($username, $redirect_host) = split(/@/, $username, 2);
+	if ($redirect_host ne '') {
+		# will exit if the redirection is not allowed:
+		check_redirect_host();
+	}
+}
+
+
+# Require username to be alphanumeric + '-' + '_':
+# (one may want to add '.' as well)
+#
+if ($username !~ /^\w[-\w]*$/) {
+	bye("Invalid Username.<p>$login_str");
+}
+
+
+# Get the userid number, we may use it as his VNC display port; this
+# also checks if the username exists:
+#
+my $uid = `/usr/bin/id -u '$username'`;
+chomp $uid;
+if ($? != 0 || $uid !~ /^\d+$/) {
+	bye("Invalid Username.<p>$login_str");
+}
+
+
+# Use x11vnc trick to check if the unix password is valid:
+#
+if (!open(X11VNC, "| $x11vnc -unixpw \%stdin > /dev/null")) {
+	bye("Internal Error #1");
+}
+print X11VNC "$username:$password\n";
+
+if (!close X11VNC) {
+	# x11vnc returns non-zero for invalid username+password:
+	bye("Invalid Password.<p>$login_str");
+}
+
+
+# Initialize random number generator for use below:
+#
+initialize_random();
+
+
+# Set vnc port:
+#
+my $vnc_port = 0;
+my $fixed_port = 0;
+
+if (! $find_free_port) {
+	# Fixed port based on userid (we assume it is free):
+	#
+	$vnc_port = 7000 + $uid;
+
+} elsif ($find_free_port =~ /^fixed:(\d+)$/) {
+	#
+	# Enable the -loopbg method that tries to share a single port:
+	#
+	$vnc_port = $1;
+	$fixed_port = 1;
+} else {
+	# Autoselect a port, either default range (7000-8000) or a user
+	# supplied range.  (note that $find_free_port will now contain
+	# a socket listening on the found port so that it is held.)
+	#
+	$vnc_port = auto_select_port();
+}
+
+# Check for crazy port value:
+#
+if ($vnc_port > 64000 || $vnc_port < 1) {
+	bye("Internal Error #2 $vnc_port");
+}
+
+
+# If port redirection is enabled and the user selected it via
+# username@host:port, we do that right now and then exit.
+#
+if ($enable_port_redirection && $redirect_host ne '') {
+	port_redir();
+	exit 0;
+}
+
+
+# Make a random, onetime vnc password:
+#
+my $pass = '';
+my $chars = '0123456789abcdefghijklmnopqrstuvwxyzABCDEFGHIJKLMNOPQRSTUVWXYZ';
+my @abc = split(//, $chars);
+
+for (my $i = 0; $i < 8; $i++) {
+	$pass .= $abc[ rand(scalar(@abc)) ];
+}
+
+# Use x11vnc trick to switch to user and store vnc pass in the passwdfile.
+# Result is $pass is placed in user's $HOME/x11vnc.pw
+#
+# (This is actually difficult to do without untrusted local users being
+# able to see the pass as well, see copy_password_to_user() for details
+# on how we try to avoid this.)
+#
+copy_password_to_user($pass);
+
+
+# Make a tmp file for x11vnc launcher script:
+#
+my $tmpfile = `/bin/mktemp /tmp/desktop.cgi.XXXXXX`;
+chomp $tmpfile;
+
+# Check if the tmpfile is valid:
+#
+if (! -e $tmpfile || ! -o $tmpfile || -l $tmpfile) {
+	unlink $tmpfile;
+	bye("Internal Error #3");
+}
+if (!chmod 0644, $tmpfile) {
+	unlink $tmpfile;
+	bye("Internal Error #4");
+}
+if (!open(TMP, ">$tmpfile")) {
+	unlink $tmpfile;
+	bye("Internal Error #5");
+}
+
+
+# The x11vnc command.  You adjust it to suit your needs.
+#
+# some ideas:  -env FD_PROG=/usr/bin/gnome-session 
+#              -env FD_SESS=kde
+#              -env FD_TAG=my_2nd_desktop
+#              -ultrafilexfer
+#
+# Note that -timeout will cause it to exit if client does not connect
+# and -sslonly disables VeNCrypt SSL connections.
+
+# Some settings:
+#
+my $timeout = 75;
+my $extra = '';
+if ($fixed_port) {
+	# settings for fixed port case:
+	$timeout = 45;
+	$extra .= " -loopbg100,1";
+}
+if ($session_types ne '') {
+	# settings for session selection case:
+	if (exists $sessions{$session}) {
+		$extra .= " -env FD_SESS='$session'";
+	}
+}
+if ($enable_unique_tags && $unique_tag ne '' && $unique_tag =~ /^\w+$/) {
+	$extra .= " -env FD_TAG='$unique_tag'";
+}
+
+# This md5sum check of the vnc passwd is for extra safety (see
+# copy_password_to_user for details.)
+#
+my $md5sum = '';
+system("type md5sum > /dev/null");
+if ($? == 0) {
+	my $md5 = `/bin/mktemp /tmp/desktop.cgi.XXXXXX`;
+	chomp $md5;
+	# compute md5sum of password:
+	if (-o $md5 && open(MD5, "| md5sum > $md5")) {
+		print MD5 "$pass\n";
+		close MD5;
+		if (open(MD5, "<$md5")) {
+			# read it:
+			my $line = <MD5>;
+			close MD5;
+			my ($s, $t) = split(' ', $line);
+			if (length($s) >= 32 && $s =~ /^\w+$/) {
+				# shell code for user to check he has correct passwd:
+				$md5sum = "if md5sum \$HOME/x11vnc.pw | grep '$s' > /dev/null; then true; else exit 1; fi";
+			}
+		}
+	}
+	unlink $md5;
+}
+
+# write x11vnc command to the tmp file:
+#
+print TMP <<"END";
+#!/bin/sh
+export PATH=/usr/bin:/bin:\$PATH
+$md5sum
+$x11vnc -sigpipe ignore:HUP -nopw -rfbport $vnc_port \\
+    -passwdfile \$HOME/x11vnc.pw -oa \$HOME/x11vnc.log \\
+    -create -ssl SAVE -sslonly -env FD_GEOM=$geometry \\
+    -timeout $timeout $extra $x11vnc_extra_opts \\
+        >/dev/null 2>/dev/null </dev/null &
+sleep 2
+exit 0
+END
+
+close TMP;
+
+# Now launch x11vnc to switch to user and run the wrapper script:
+# (this requires x11vnc 0.9.10 or later.)
+#
+$ENV{UNIXPW_CMD} = "/bin/sh $tmpfile";
+
+# For the fixed port scheme we try to cooperate via lock file:
+#
+my $rmlock = '';
+#
+if ($fixed_port) {
+	# try to grab the fixed port for the next 90 secs removing stale
+	# locks older than 60 secs:
+	#
+	$rmlock = lock_fixed_port(90, 60);
+}
+
+# Start the x11vnc cmd:
+#
+if (!open(X11VNC, "| $x11vnc -unixpw \%stdin > /dev/null")) {
+	unlink $tmpfile;
+	unlink $rmlock if $rmlock;
+	bye("Internal Error #6");
+}
+
+select(X11VNC); $| = 1; select(STDOUT);
+
+# Close any port we held.  There is still a gap of time between now
+# and when when x11vnc in $tmpfile reopens the port after the password
+# authentication.  So another instance of this script could accidentally
+# think it is free...
+# 
+sleep 1;
+close $find_free_port if $find_free_port;
+
+print X11VNC "$username:$password\n";
+close X11VNC;	# note we ignore return value.
+unlink $tmpfile;
+
+if ($rmlock) {
+	# let our x11vnc proceed a bit before removing lock.
+	sleep 2;
+	unlink $rmlock;
+}
+
+# Return html for the java applet to connect to x11vnc.
+#
+print_applet_html();
+
+exit 0;
+
+#################################################################
+# Subroutines:
+
+# print the message to client and exit with success.
+#
+sub bye {
+	my $msg = shift;
+	print STDOUT "<html>$msg</html>\n";
+	exit 0;
+}
+
+# decode %xx to character:
+#
+sub url_decode {
+	foreach (@_) {
+		tr/+/ /;
+		s/%(..)/pack("c",hex($1))/ge;
+	}
+	@_;
+}
+
+# seed random
+#
+sub initialize_random {
+	my $rbytes = '';
+	if (open(RAN, "</dev/urandom")) {
+		read(RAN, $rbytes, 8);
+	} elsif (open(RAN, "</dev/random")) {
+		read(RAN, $rbytes, 8);
+	} else {
+		$rbytes = sprintf("%08d", $$);
+	}
+	close RAN;
+
+	# set seed:
+	#
+	my $seed = join('', unpack("C8", $rbytes));
+	$seed = substr($seed, -9);
+	srand($seed);
+
+	for (my $i = 0; $i < ($$ % 4096); $i++) {
+		# Mix it up even a little bit more.  There should be
+		# over 1 billion possible vnc passwords now.
+		rand();
+	}
+}
+
+# Autoselect a port for vnc.  Note that a socket for the found port
+# is kept open (and stored in $find_free_port) until we call x11vnc at
+# the end.
+#
+sub auto_select_port {
+	my $pmin = 7000;	# default range.
+	my $pmax = 8000;
+
+	if ($find_free_port =~ /^(\d+)-(\d+)$/) {
+		# user supplied a range:
+		$pmin = $1;
+		$pmax = $2;
+		if ($pmin > $pmax) {
+			($pmin, $pmax) = ($pmax, $pmin);
+		}
+	} elsif ($find_free_port > 1024) {
+		# user supplied a starting port:
+		$pmin = $find_free_port;
+		$pmax = $pmin + 1000;
+	}
+
+	# Try to add a bit of randomness to the starting port so
+	# simultaneous instances of this script won't be fooled by the gap
+	# of time before x11vnc reopens the port (see near the bottom.)
+	#
+	my $dp = int(rand(1.0) * 0.25 * ($pmax - $pmin));
+	if ($pmin + $dp < $pmax - 20) {
+		$pmin = $pmin + $dp;
+	}
+
+	my $port = 0;
+
+	# Now try to find a free one:
+	#
+	for (my $p = $pmin; $p <= $pmax; $p++) {
+		my $sock = IO::Socket::INET->new(
+			Listen	  => 1,
+			LocalPort => $p,
+			ReuseAddr => 1,
+			Proto     => "tcp"
+		);
+		if ($sock) {
+			# we will keep this open until we call x11vnc:
+			$find_free_port = $sock;
+			$port = $p;
+			last;
+		}
+	}
+	return $port;
+}
+
+# Since apache typically runs as user 'apache', 'nobody', etc, and not
+# as root it is tricky for us to copy the pass string to a file owned by
+# the user without some other untrusted local user being able to learn
+# the password (e.g. via reading a file or watching ps.)  Note that with
+# the x11vnc -unixpw trick we unfortunately can't use a pipe because
+# the user command is run in its own tty.
+#
+# The best way would be a sudo action or a special setuid program for
+# copying.  So consider using that and thereby simplify this function.
+#
+# Short of a special program doing this, we use a fifo so ONLY ONE
+# process can read the password.  If the untrusted local user reads it,
+# then the logging-in user's x11vnc won't get it.  The login and x11vnc
+# will fail, but the untrusted user won't gain access to the logging-in
+# user's desktop.
+#
+# So here we start long, tedious work carefully managing the fifo.
+#
+sub copy_password_to_user {
+
+	my $pass = shift;
+	
+	my $use_fifo = '';
+
+	# Find a command to make a fifo:
+	#
+	system("type mkfifo > /dev/null");
+	if ($? == 0) {
+		$use_fifo = 'mkfifo %s';
+	} else {
+		system("type mknod > /dev/null");
+		if ($? == 0) {
+			$use_fifo = 'mknod %s p';
+		}
+	}
+
+	# Create the filename for our fifo:
+	#
+	my $fifo = `/bin/mktemp /tmp/desktop.cgi.XXXXXX`;
+	chomp $fifo;
+
+	if (! -e $fifo || ! -o $fifo || -l $fifo) {
+		unlink $fifo;
+		bye("Internal Error #7");
+	}
+
+	# Make the fifo:
+	#
+	if ($use_fifo) {
+		$use_fifo = sprintf($use_fifo, $fifo);
+
+		# there is a small race here:
+		system("umask 077; rm -f $fifo; $use_fifo; chmod 600 $fifo");
+
+		if (!chmod 0600, $fifo) {
+			# we chmod once more..
+			unlink $fifo;
+			bye("Internal Error #8");
+		}
+
+		if (! -o $fifo || ! -p $fifo || -l $fifo)  {
+			# but we get out if not owned by us anymore:
+			unlink $fifo;
+			bye("Internal Error #9");
+		}
+	}
+
+	# Build cmd for user to read our fifo:
+	#
+	my $upw = '$HOME/x11vnc.pw';
+	$ENV{UNIXPW_CMD} = "touch $upw; chmod 600 $upw; cat $fifo > $upw";
+
+	# Start it:
+	#
+	if (!open(X11VNC, "| $x11vnc -unixpw \%stdin > /dev/null")) {
+		unlink $fifo;
+		bye("Internal Error #10");
+	}
+	select(X11VNC); $| = 1; select(STDOUT);
+
+	if (! $use_fifo) {
+		# regular file, we need to write it now.
+		if (!open(FIFO, ">$fifo")) {
+			close X11VNC;
+			unlink $fifo;
+			bye("Internal Error #11");
+		}
+		print FIFO "$pass\n";
+		close FIFO;
+	}
+
+	# open fifo up for reading.
+	# (this means the bad guy can read it too.)
+	#
+	if (!chmod 0644, $fifo) {
+		unlink $fifo;
+		bye("Internal Error #12");
+	}
+
+	# send the user's passwd now:
+	#
+	print X11VNC "$username:$password\n";
+
+	if ($use_fifo) {
+		# wait a bit for the cat $fifo to start, reader will block.
+		sleep 1;
+		if (!open(FIFO, ">$fifo")) {
+			close X11VNC;
+			unlink $fifo;
+			bye("Internal Error #13");
+		}
+		# here it goes:
+		print FIFO "$pass\n";
+		close FIFO;
+	}
+	close X11VNC;	# note we ignore return value.
+	fsleep(0.5);
+	#print STDERR `ls -l $fifo ~$username/x11vnc.pw`;
+	unlink $fifo;
+
+	# Done!
+}
+
+# For fixed, single port mode.  Try to open and lock the port before
+# proceeding.
+#
+sub lock_fixed_port {
+	my ($t_max, $t_age) = @_;
+
+	# lock file name:
+	#
+	my $lock = '/tmp/desktop.cgi.lock';
+	my $remove = '';
+
+	my $t = 0;
+	my $sock = '';
+
+	while ($t < $t_max) {
+		if (-e $lock) {
+			# clean out stale locks if possible:
+			if (! -l $lock) {
+				unlink $lock;
+			} else {
+				my ($pid, $time) = split(/:/, readlink($lock));
+				if (! -d "/proc/$pid") {
+					unlink $lock;
+				}
+				if (time() > $time + $t_age) {
+					unlink $lock;
+				}
+			}
+		}
+
+		my $reason = '';
+
+		if (-l $lock) {
+			# someone has locked it.
+			$reason = 'locked';
+		} else {
+			# unlocked, try to listen on port:
+			$sock = IO::Socket::INET->new(
+				Listen	  => 1,
+				LocalPort => $vnc_port,
+				ReuseAddr => 1,
+				Proto     => "tcp"
+			);
+			if ($sock) {
+				# we got it, now try to lock:
+				my $str = "$$:" . time();
+				if (symlink($str, $lock)) {
+					$remove = $lock;
+					$find_free_port = $sock;
+					last;
+				}
+				# wow, we didn't lock it...
+				$reason = "symlink failed: $!";
+				close $sock;
+			} else {
+				$reason = "listen failed: $!";
+			}
+		}
+		# sleep a bit and then try again:
+		#
+		print STDERR "$$ failed to get fixed port $vnc_port for $username at $t ($reason)\n";
+		$sock = '';
+		$t += 5;
+		sleep 5;
+	}
+	if (! $sock) {
+		bye("Failed to lock fixed TCP port. Try again a bit later.<p>$login_str");
+	}
+	print STDERR "$$ got fixed port $vnc_port for $username at $t\n";
+
+	# Return the file to remove, if any:
+	#
+	return $remove;
+}
+
+
+# Return html for the java applet to connect to x11vnc.
+#
+# N.B. Please examine the applet params, e.g. trustUrlVncCert=yes to
+# see if you agree with them.  See x11vnc classes/ssl/README for all
+# parameters.
+#
+# Note how we do not take extreme care to authenticate the server to
+# the client applet (but note that trustUrlVncCert=yes is better than
+# trustAllVncCerts=yes)  One can tighten all of this up at the expense
+# of extra certificate dialogs (assuming the user bothers to check...)
+#
+# This assumes /UltraViewerSSL.jar is at document root; you need to put
+# it there.
+#
+sub print_applet_html {
+	my ($W, $H, $D) = split(/x/, $geometry);
+	$W = 640;	# make it smaller since we 'Open New Window' below anyway.
+	$H = 480;
+	my $tUVC = ($trustUrlVncCert ? 'yes' : 'no');
+	my $str = <<"END";
+<html>
+<TITLE>
+x11vnc desktop ($uid/$vnc_port)
+</TITLE>
+<APPLET CODE=VncViewer.class ARCHIVE=/UltraViewerSSL.jar WIDTH=$W HEIGHT=$H>
+<param name=PORT value=$vnc_port>
+<param name=VNCSERVERPORT value=$vnc_port>
+<param name=PASSWORD value=$pass>
+<param name=trustUrlVncCert value=$tUVC>
+<param name="Open New Window" value=yes>
+<param name="Offer Relogin" value=no>
+<param name="ignoreMSLogonCheck" value=yes>
+<param name="delayAuthPanel" value=yes>
+<!-- extra -->
+</APPLET>
+<br>
+<a href="$ENV{REQUEST_URI}">Login page</a><br>
+<a href=http://www.karlrunge.com/x11vnc>x11vnc website</a>
+</html>
+END
+
+	if ($enable_port_redirection && $redirect_host ne '') {
+		$str =~ s/name=PASSWORD value=.*>/name=NOT_USED value=yes>/;
+		#$str =~ s/<!-- extra -->/<!-- extra -->\n<param name="ignoreProxy" value=yes>/;
+	}
+
+	print $str;
+}
+
+##########################################################################
+# The following subroutines are for port redirection only, which is
+# disabled by default ($enable_port_redirection == 0)
+#
+sub port_redir {
+	# To aid in avoiding zombies:
+	#
+	setpgrp(0, 0);
+
+	# For the fixed port scheme we try to cooperate via lock file:
+	#
+	my $rmlock = '';
+	#
+	if ($fixed_port) {
+		# try to grab the fixed port for the next 90 secs removing
+		# stale locks older than 60 secs:
+		#
+		$rmlock = lock_fixed_port(90, 60);
+
+	} elsif ($find_free_port eq '0') {
+		$find_free_port = IO::Socket::INET->new(
+			Listen	  => 1,
+			LocalPort => $vnc_port,
+			ReuseAddr => 1,
+			Proto     => "tcp"
+		);
+	}
+	# In all cases, at this point $find_free_port is the listening
+	# socket.
+
+	# fork a helper process to do the port redir:
+	#
+	# Actually we need to spawn 4(!) of them in case the proxy check
+	# /check.https.proxy.connection (it is by default) and the other
+	# test connections.  Spawn one for each expected connection, for
+	# whatever applet parameter usage mode you set up.
+	#
+	for (my $n = 1; $n <= 4; $n++) {
+		my $pid = fork();
+		if (! defined $pid) {
+			bye("Internal Error #14");
+		} elsif ($pid) {
+			wait;
+		} else {
+			if (fork) {
+				exit 0;
+			}
+			setpgrp(0, 0);
+			handle_conn();
+			exit 0;
+		}
+	}
+
+	# We now close the listening socket:
+	#
+	close $find_free_port;
+	
+	if ($rmlock) {
+		# let our process proceed a bit before removing lock.
+		sleep 1;
+		unlink $rmlock;
+	}
+
+	# Now send html to the browser so it can connect:
+	#
+	print_applet_html();
+
+	exit 0;
+}
+
+# This checks the validity of a username@host:port for the port
+# redirection mode.  Finishes and exits if it is invalid.
+#
+sub check_redirect_host {
+	# First check that the host:port string is valid:
+	#
+	if ($redirect_host !~ /^\w[-\w\.]*:\d+$/) {
+		bye("Invalid Redirect Host:Port.<p>$login_str");
+	}
+	# Second, check if the allowed host file permits it:
+	#
+	if ($port_redirection_allowed_hosts ne '') {
+		if (! open(ALLOWED, "<$port_redirection_allowed_hosts")) {
+			bye("Internal Error #15");
+		}
+		my $ok = 0;
+		while (my $line = <ALLOWED>) {
+			chomp $line;
+			# skip blank lines and '#' comments:
+			next if $line =~ /^\s*$/;
+			next if $line =~ /^\s*#/;
+
+			# trim spaces from ends:
+			$line =~ s/^\s*//;
+			$line =~ s/\s*$//;
+
+			# collect host:ports in case port range given:
+			my @items;
+			if ($line =~ /^(.*):(\d+)-(\d+)$/) {
+				# port range:
+				my $host = $1;
+				my $pmin = $2;
+				my $pmax = $3;
+				for (my $p = $pmin; $p <= $pmax; $p++) {
+					push @items, "$host:$p";
+				}
+			} else {
+				push @items, $line;
+			}
+
+			# now check each item for a match:
+			foreach my $item (@items) {
+				if ($item eq 'ALL') {
+					$ok = 1;
+					last;
+				} elsif ($item =~ /@/) {
+					if ("$username\@$redirect_host" eq $item) {
+						$ok = 1;
+						last;
+					}
+				} elsif ($redirect_host eq $item) {
+					$ok = 1;
+					last;
+				}
+			}
+			# got a match:
+			last if $ok;
+		}
+		close ALLOWED;
+
+		if (! $ok) {
+			bye("Disallowed Redirect Host:Port.<p>$login_str");
+		}
+	}
+}
+
+# Much of this code is borrowed from 'connect_switch':
+#
+sub handle_conn {
+	close STDIN;
+	close STDOUT;
+	close STDERR;
+
+	$SIG{ALRM} = sub {close $find_free_port; exit 0};
+
+	# We only wait 30 secs for the redir case, esp. since
+	# we need to spawn so many helpers...
+	#
+	alarm(30);
+
+	my ($client, $ip) = $find_free_port->accept();
+
+	alarm(0);
+
+	close $find_free_port;
+
+	if (!$client) {
+		exit 1;
+	}
+
+	my ($host, $port) = split(/:/, $redirect_host);
+
+	my $sock = IO::Socket::INET->new(
+		PeerAddr => $host,
+		PeerPort => $port,
+		Proto => "tcp"
+	);
+
+	if (! $sock) {
+		close $client;
+		exit 1;
+	}
+
+	$current_fh1 = $client;
+	$current_fh2 = $sock;
+
+	$SIG{TERM} = sub {close $current_fh1; close $current_fh2; exit 0};
+
+	my $killpid = 1;
+
+	my $parent = $$;
+	if (my $child = fork()) {
+		xfer($sock, $client, 'S->C');
+		if ($killpid) {
+			fsleep(0.5);
+			kill 'TERM', $child;
+		}
+	} else {
+		xfer($client, $sock, 'C->S');
+		if ($killpid) {
+			fsleep(0.75);
+			kill 'TERM', $parent;
+		}
+	}
+	exit 0;
+}
+
+# This does socket data transfer in one direction.
+#
+sub xfer {
+	my($in, $out, $lab) = @_;
+	my ($RIN, $WIN, $EIN, $ROUT);
+	$RIN = $WIN = $EIN = "";
+	$ROUT = "";
+	vec($RIN, fileno($in), 1) = 1;
+	vec($WIN, fileno($in), 1) = 1;
+	$EIN = $RIN | $WIN;
+	my $buf;
+
+	while (1) {
+		my $nf = 0;
+		while (! $nf) {
+			$nf = select($ROUT=$RIN, undef, undef, undef);
+		}
+		my $len = sysread($in, $buf, 8192);
+		if (! defined($len)) {
+			next if $! =~ /^Interrupted/;
+			last;
+		} elsif ($len == 0) {
+			last;
+		}
+
+		my $offset = 0;
+		my $quit = 0;
+		while ($len) {
+			my $written = syswrite($out, $buf, $len, $offset);
+			if (! defined $written) {
+				$quit = 1;
+				last;
+			}
+			$len -= $written;
+			$offset += $written;
+		}
+		last if $quit;
+	}
+	close($in);
+	close($out);
+}
+
+# Sleep a small amount of time (float)
+#
+sub fsleep {
+	my ($time) = @_;
+	select(undef, undef, undef, $time) if $time;
+}
diff --git a/x11vnc/misc/inet6to4 b/x11vnc/misc/inet6to4
new file mode 100755
index 0000000..b5c2fd1
--- /dev/null
+++ b/x11vnc/misc/inet6to4
@@ -0,0 +1,400 @@
+#!/usr/bin/perl
+#
+# inet6to4:  Act as an ipv6-to-ipv4 relay for tcp applications that
+#            do not support ipv6.
+#
+# Usage:     inet6to4    <ipv6-listen-port> <ipv4-host:port>
+#            inet6to4 -r <ipv4-listen-port> <ipv6-host:port>
+#
+# Examples:  inet6to4 5900 localhost:5900
+#            inet6to4 8080 web1:80
+#            inet6to4 -r 5900 fe80::217:f2ff:fee6:6f5a%eth0:5900
+#
+# The -r option reverses the direction of translation (e.g. for ipv4
+# clients that need to connect to ipv6 servers.)  Reversing is the default
+# if this script is named 'inet4to6' (e.g. by a symlink.)
+#
+# Use Ctrl-C to stop this program.
+#
+# You can also set env. vars INET6TO4_LOOP=1 or INET6TO4_LOOP=BG
+# to have an outer loop restarting this program (BG means do that
+# in the background), and INET6TO4_LOGFILE for a log file.
+# Also set INET6TO4_VERBOSE to verbosity level and INET6TO4_WAITTIME
+# and INET6TO4_PIDFILE (see below.)
+#
+
+#-------------------------------------------------------------------------
+# Copyright (c) 2010 by Karl J. Runge <runge@karlrunge.com>
+#
+# inet6to4 is free software; you can redistribute it and/or modify
+# it under the terms of the GNU General Public License as published by
+# the Free Software Foundation; either version 2 of the License, or (at
+# your option) any later version.
+# 
+# inet6to4 is distributed in the hope that it will be useful,
+# but WITHOUT ANY WARRANTY; without even the implied warranty of
+# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the
+# GNU General Public License for more details.
+# 
+# You should have received a copy of the GNU General Public License
+# along with inet6to4; if not, write to the Free Software
+# Foundation, Inc., 675 Mass Ave, Cambridge, MA 02139, USA
+# or see <http://www.gnu.org/licenses/>.
+#-------------------------------------------------------------------------
+
+# Set up logging:
+#
+if (exists $ENV{INET6TO4_LOGFILE}) {
+	close STDOUT;
+	if (!open(STDOUT, ">>$ENV{INET6TO4_LOGFILE}")) {
+	        die "inet6to4: $ENV{INET6TO4_LOGFILE} $!\n";
+	}
+	close STDERR;
+	open(STDERR, ">&STDOUT");
+}
+select(STDERR); $| = 1;
+select(STDOUT); $| = 1;
+
+# interrupt handler:
+#
+my $looppid = '';
+my $pidfile = '';
+my $listen_sock = '';	# declared here for get_out()
+#
+sub get_out {
+	print STDERR "$_[0]:\t$$ looppid=$looppid\n";
+	close $listen_sock if $listen_sock;
+	if ($looppid) {
+		kill 'TERM', $looppid;
+		fsleep(0.2);
+	}
+	unlink $pidfile if $pidfile;
+	exit 0;
+}
+$SIG{INT}  = \&get_out;
+$SIG{TERM} = \&get_out;
+
+# pidfile:
+#
+sub open_pidfile {
+	if (exists $ENV{INET6TO4_PIDFILE}) {
+		my $pf = $ENV{INET6TO4_PIDFILE};
+		if (open(PID, ">$pf")) {
+			print PID "$$\n";
+			close PID;
+			$pidfile = $pf;
+		} else {
+			print STDERR "could not open pidfile: $pf - $! - continuing...\n";
+		}
+		delete $ENV{INET6TO4_PIDFILE};
+	}
+}
+
+####################################################################
+# Set INET6TO4_LOOP=1 to have this script create an outer loop
+# restarting itself if it ever exits.  Set INET6TO4_LOOP=BG to
+# do this in the background as a daemon.
+
+if (exists $ENV{INET6TO4_LOOP}) {
+	my $csl = $ENV{INET6TO4_LOOP};
+	if ($csl ne 'BG' && $csl ne '1') {
+		die "inet6to4: invalid INET6TO4_LOOP.\n";
+	}
+	if ($csl eq 'BG') {
+		# go into bg as "daemon":
+		setpgrp(0, 0);
+		my $pid = fork();
+		if (! defined $pid) {
+			die "inet6to4: $!\n";
+		} elsif ($pid) {
+			wait;
+			exit 0;
+		}
+		if (fork) {
+			exit 0;
+		}
+		setpgrp(0, 0);
+		close STDIN;
+		if (! $ENV{INET6TO4_LOGFILE}) {
+			close STDOUT;
+			close STDERR;
+		}
+	}
+	delete $ENV{INET6TO4_LOOP};
+
+	if (exists $ENV{INET6TO4_PIDFILE}) {
+		open_pidfile();
+	}
+
+	print STDERR "inet6to4: starting service at ", scalar(localtime), " master-pid=$$\n";
+	while (1) {
+		$looppid = fork;
+		if (! defined $looppid) {
+			sleep 10;
+		} elsif ($looppid) {
+			wait;
+		} else {
+			exec $0, @ARGV;	
+			exit 1;
+		}
+		print STDERR "inet6to4: re-starting service at ", scalar(localtime), " master-pid=$$\n";
+		sleep 1;
+	}
+	exit 0;
+}
+if (exists $ENV{INET6TO4_PIDFILE}) {
+	open_pidfile();
+}
+
+use IO::Socket::INET6;
+use strict;
+use warnings;
+
+# some settings:
+#
+my $verbose = 1;	# set to 0 for no messages, 2 for more.
+my $killpid = 1;	# does kill(2) at end of connection. 
+my $waittime = 0.25;	# time to wait between connections.
+my $reverse = 0;	# -r switch (or file named inet4to6)
+
+if (exists $ENV{INET6TO4_VERBOSE}) {
+	$verbose = $ENV{INET6TO4_VERBOSE};
+}
+if (exists $ENV{INET6TO4_WAITTIME}) {
+	$waittime = $ENV{INET6TO4_WAITTIME};
+}
+
+# process command line args:
+
+if (! @ARGV || $ARGV[0] =~ '^-+h') {	# -help
+	open(ME, "<$0");
+	while (<ME>) {
+		last unless /^#/;
+		next if /usr.bin.perl/;
+		$_ =~ s/# ?//;
+		print;
+	}
+	exit;
+}
+
+if ($ARGV[0] eq '-r') {			# -r
+	shift;
+	$reverse = 1;
+} elsif ($0 =~ /inet4to6$/) {
+	$reverse = 1;
+}
+
+my $listen_port = shift;		# ipv6-listen-port
+my $connect_to  = shift;		# ipv4-host:port
+
+die "no listen port or connect-to-host:port\n" if ! $listen_port || ! $connect_to;
+
+# connect to host:
+#
+my $host = '';
+my $port = '';
+if ($connect_to =~ /^(.*):(\d+)$/) {
+	$host = $1;
+	$port = $2;
+}
+die "invalid connect-to-host:port\n" if ! $host || ! $port;
+
+setpgrp(0, 0);
+
+# create listening socket:
+#
+if (!$reverse) {
+	$listen_sock = IO::Socket::INET6->new(
+		Listen    => 10,
+		LocalPort => $listen_port,
+		Domain    => AF_INET6,
+		ReuseAddr => 1,
+		Proto     => "tcp"
+	);
+} else {
+	$listen_sock = IO::Socket::INET->new(
+		Listen    => 10,
+		LocalPort => $listen_port,
+		ReuseAddr => 1,
+		Proto     => "tcp"
+	);
+}
+if (! $listen_sock) {
+	die "inet6to4: $!\n";
+}
+
+# for use by the xfer helper processes' interrupt handlers:
+#
+my $current_fh1 = '';
+my $current_fh2 = '';
+
+# connection counter:
+#
+my $conn = 0;
+
+# loop forever waiting for connections:
+#
+while (1) {
+	$conn++;
+	print STDERR "listening for connection: $conn\n" if $verbose; 
+	my ($client, $ip) = $listen_sock->accept();
+
+	if ($client && !$reverse && $port == $listen_port) {
+		# This happens on Darwin 'tcp46'
+		if ($client->peerhost() =~ /^::ffff:/) {
+			print STDERR "closing client we think is actually us: ",
+			    $client->peerhost(), "\n";
+			close $client;
+			$client = undef;
+		}
+	}
+	if (! $client) {
+		# to throttle runaways
+		fsleep(2 * $waittime);
+		next;
+	}
+	print STDERR "conn: $conn -- ", $client->peerhost(), " at ", scalar(localtime), "\n" if $verbose;
+
+	# spawn helper:
+	#
+	my $pid = fork();
+	if (! defined $pid) {
+		die "inet6to4: $!\n";
+	} elsif ($pid) {
+		wait;
+		# to throttle runaways
+		fsleep($waittime);
+		next;
+	} else {
+		# this is to avoid zombies:
+		close $listen_sock;
+		if (fork) {
+			exit 0;
+		}
+		setpgrp(0, 0);
+		handle_conn($client);
+	}
+}
+
+exit 0;
+
+sub handle_conn {
+	my $client = shift;
+
+	my $start = time();
+
+	print STDERR "connecting to: $host:$port\n" if $verbose;
+
+	my $sock = '';
+	if (!$reverse) {
+		$sock = IO::Socket::INET->new(
+			PeerAddr => $host,
+			PeerPort => $port,
+			Proto => "tcp"
+		);
+	} else {
+		$sock = IO::Socket::INET6->new(
+			PeerAddr => $host,
+			PeerPort => $port,
+			Domain   => AF_INET6,
+			Proto => "tcp"
+		);
+	}
+
+	if (! $sock) {
+		close $client;
+		die "inet6to4: $!\n";
+	}
+
+	$current_fh1 = $client;
+	$current_fh2 = $sock;
+
+	# interrupt handler:
+	#
+	$SIG{TERM} = sub {print STDERR "got sigterm\[$$]\n" if $verbose; close $current_fh1; close $current_fh2; exit 0};
+
+	# spawn another helper and transfer the data:
+	#
+	my $parent = $$;
+	if (my $child = fork()) {
+		xfer($sock, $client, 'S->C');
+		if ($killpid) {
+			fsleep(0.5);
+			kill 'TERM', $child;
+		}
+	} else {
+		xfer($client, $sock, 'C->S');
+		if ($killpid) {
+			fsleep(0.75);
+			kill 'TERM', $parent;
+		}
+	}
+
+	# done.
+	#
+	if ($verbose > 1) {
+		my $dt = time() - $start;
+		print STDERR "dt\[$$]: $dt\n";
+	}
+	exit 0;
+}
+
+# transfers data in one direction:
+#
+sub xfer {
+	my($in, $out, $lab) = @_;
+	my ($RIN, $WIN, $EIN, $ROUT);
+	$RIN = $WIN = $EIN = "";
+	$ROUT = "";
+	vec($RIN, fileno($in), 1) = 1;
+	vec($WIN, fileno($in), 1) = 1;
+	$EIN = $RIN | $WIN;
+	my $buf;
+
+	while (1) {
+		my $nf = 0;
+		while (! $nf) {
+			$nf = select($ROUT=$RIN, undef, undef, undef);
+		}
+		my $len = sysread($in, $buf, 8192);
+		if (! defined($len)) {
+			next if $! =~ /^Interrupted/;
+			print STDERR "inet6to4\[$lab/$conn/$$]: $!\n";
+			last;
+		} elsif ($len == 0) {
+			print STDERR "inet6to4\[$lab/$conn/$$]: "
+			    . "Input is EOF.\n";
+			last;
+		}
+
+		if ($verbose > 4) {
+			# verbose debugging of data:
+			syswrite(STDERR , "\n$lab: ", 6);
+			syswrite(STDERR , $buf, $len);
+		}
+
+		my $offset = 0;
+		my $quit = 0;
+		while ($len) {
+			my $written = syswrite($out, $buf, $len, $offset);
+			if (! defined $written) {
+				print STDERR "inet6to4\[$lab/$conn/$$]: "
+				    . "Output is EOF. $!\n";
+				$quit = 1;
+				last;
+			}
+			$len -= $written;
+			$offset += $written;
+		}
+		last if $quit;
+	}
+	close($in);
+	close($out);
+}
+
+# sleep a fraction of a second:
+#
+sub fsleep {
+	my ($time) = @_;
+	select(undef, undef, undef, $time) if $time;
+}
diff --git a/x11vnc/misc/panner.pl b/x11vnc/misc/panner.pl
new file mode 100755
index 0000000..344beee
--- /dev/null
+++ b/x11vnc/misc/panner.pl
@@ -0,0 +1,117 @@
+#!/usr/bin/perl
+#
+# panner.pl: start up x11vnc in '-clip' mode viewing a small (WxH)
+#            rectangular region of the screen.  Allow the viewer user
+#            to 'pan' around the display region by moving the mouse.
+#
+#            Remote interaction with applications, e.g. clicking a
+#            button though the VNC viewer, will be very difficult.
+#            This may be useful in a 'demo' mode where the user sitting
+#            at the physical display is the only one moving the mouse.
+#            Depending on your usage the following x11vnc options may
+#            be useful: -nonap
+#
+# Usage:  panner.pl WxH      <x11vnc-args>  (e.g. -display ...)
+# or      panner.pl WxH:0.05 <x11vnc-args>  (e.g. 0.05 is polling time in secs.)
+
+use strict;
+
+my $WxH = shift;
+my $poll_time;
+
+# split off poll time:
+#
+($WxH, $poll_time) = split(/:/, $WxH);
+my ($W, $H) = split(/x/, $WxH);
+
+$poll_time = 0.1 unless $poll_time ne '';
+
+# set to x11vnc command (e.g. full PATH)
+#
+my $x11vnc = "x11vnc";
+
+# check if display was given:
+#
+my $query_args = "";
+for (my $i=0; $i < @ARGV; $i++) {
+	if ($ARGV[$i] eq '-display') {
+		$query_args = "-display $ARGV[$i+1]";
+	}
+}
+
+# find the size of display and the current mouse position:
+my %v;
+vset("DIRECT:wdpy_x,wdpy_y,pointer_x,pointer_y,pointer_same");
+
+# set a -clip argument based on the above:
+#
+my $clip = '';
+clip_set();
+$clip = "${W}x${H}+0+0" unless $v{pointer_same};
+
+# launch x11vnc with -clip in the background:
+#
+my $cmd = "$x11vnc -clip $clip -bg " . join(" ", @ARGV);
+print STDERR "running: $cmd\n";
+system $cmd;
+
+# user can hit Ctrl-C or kill this script to quit (and stop x11vnc)
+#
+sub quit {
+	system("$x11vnc $query_args -R stop");
+	exit 0;
+}
+
+$SIG{INT}  = \&quit;
+$SIG{TERM} = \&quit;
+
+# loop forever waiting for mouse position to change, then shift -clip:
+#
+my $clip_old = $clip;
+while (1) {
+	fsleep($poll_time);
+	vset("pointer_x,pointer_y,pointer_same");
+	next unless $v{pointer_same};
+	clip_set();
+	if ($clip ne $clip_old) {
+		system("$x11vnc $query_args -R clip:$clip");
+		$clip_old = $clip
+	}
+}
+
+exit 0;
+
+# short sleep:
+#
+sub fsleep {
+	my ($time) = @_;
+	select(undef, undef, undef, $time) if $time;
+}
+
+# set the -clip string, making sure view doesn't go off edges of display:
+#
+sub clip_set {
+	my $x = int($v{pointer_x} - $W/2); 
+	my $y = int($v{pointer_y} - $H/2); 
+	$x = 0 if $x < 0;
+	$y = 0 if $y < 0;
+	$x = $v{wdpy_x} - $W if $x + $W > $v{wdpy_x};
+	$y = $v{wdpy_y} - $H if $y + $H > $v{wdpy_y};
+	$clip = "${W}x${H}+$x+$y";
+}
+
+# query x11vnc for values, put results in the %v hash:
+#
+sub vset {
+	my $str = shift;
+	my $out = `$x11vnc $query_args -Q $str 2>/dev/null`;
+	chomp $out;
+	foreach my $pair (split(/,/, $out)) {
+		$pair =~ s/^a..=//;
+		my ($k, $v) = split(/:/, $pair, 2);
+		if ($k ne '' && $v ne '') {
+			print STDERR "k=$k v=$v\n" if $ENV{DEBUG};
+			$v{$k} = $v;
+		}
+	}
+}
diff --git a/x11vnc/misc/ultravnc_repeater.pl b/x11vnc/misc/ultravnc_repeater.pl
index 40af575..a305ebe 100755
--- a/x11vnc/misc/ultravnc_repeater.pl
+++ b/x11vnc/misc/ultravnc_repeater.pl
@@ -1,6 +1,6 @@
 #!/usr/bin/env perl
 #
-# Copyright (c) 2009 by Karl J. Runge <runge@karlrunge.com>
+# Copyright (c) 2009-2010 by Karl J. Runge <runge@karlrunge.com>
 #
 # ultravnc_repeater.pl is free software; you can redistribute it and/or modify
 # it under the terms of the GNU General Public License as published by
@@ -41,17 +41,137 @@ usage:  ultravnc_repeater.pl [-r] [client_port [server_port]]
 Use -r to refuse new server/client connections with an existing
 server/client ID.  The default is to close the previous one.
 
+To write to a log file set the env. var ULTRAVNC_REPEATER_LOGFILE.
+
+To run in a loop restarting the server if it exits set the env. var.
+ULTRAVNC_REPEATER_LOOP=1 or ULTRAVNC_REPEATER_LOOP=BG, the latter
+forks into the background.  Set ULTRAVNC_REPEATER_PIDFILE to a file
+to store the master pid in.
+
+
 Examples:
 
+	ultravnc_repeater.pl
 	ultravnc_repeater.pl -r
 	ultravnc_repeater.pl 5901
 	ultravnc_repeater.pl 5901 5501
 
+	env ULTRAVNC_REPEATER_LOOP=BG ULTRAVNC_REPEATER_LOGFILE=/tmp/u.log ultravnc_repeater.pl ...
+
 ';
 
-use warnings;
 use strict;
 
+# Set up logging:
+#
+if (exists $ENV{ULTRAVNC_REPEATER_LOGFILE}) {
+	close STDOUT;
+	if (!open(STDOUT, ">>$ENV{ULTRAVNC_REPEATER_LOGFILE}")) {
+	        die "ultravnc_repeater.pl: $ENV{ULTRAVNC_REPEATER_LOGFILE} $!\n";
+	}
+	close STDERR;
+	open(STDERR, ">&STDOUT");
+}
+select(STDERR); $| = 1;
+select(STDOUT); $| = 1;
+
+# interrupt handler:
+#
+my $looppid = '';
+my $pidfile = '';
+#
+sub get_out {
+	print STDERR "$_[0]:\t$$ looppid=$looppid\n";
+	if ($looppid) {
+		kill 'TERM', $looppid;
+		fsleep(0.2);
+	}
+	unlink $pidfile if $pidfile;
+	cleanup();
+	exit 0;
+}
+
+# These are overridden in actual server thread:
+#
+$SIG{INT}  = \&get_out;
+$SIG{TERM} = \&get_out;
+
+# pidfile:
+#
+sub open_pidfile {
+	if (exists $ENV{ULTRAVNC_REPEATER_PIDFILE}) {
+		my $pf = $ENV{ULTRAVNC_REPEATER_PIDFILE};
+		if (open(PID, ">$pf")) {
+			print PID "$$\n";
+			close PID;
+			$pidfile = $pf;
+		} else {
+			print STDERR "could not open pidfile: $pf - $! - continuing...\n";
+		}
+		delete $ENV{ULTRAVNC_REPEATER_PIDFILE};
+	}
+}
+
+####################################################################
+# Set ULTRAVNC_REPEATER_LOOP=1 to have this script create an outer loop
+# restarting itself if it ever exits.  Set ULTRAVNC_REPEATER_LOOP=BG to
+# do this in the background as a daemon.
+
+if (exists $ENV{ULTRAVNC_REPEATER_LOOP}) {
+	my $csl = $ENV{ULTRAVNC_REPEATER_LOOP};
+	if ($csl ne 'BG' && $csl ne '1') {
+		die "ultravnc_repeater.pl: invalid ULTRAVNC_REPEATER_LOOP.\n";
+	}
+	if ($csl eq 'BG') {
+		# go into bg as "daemon":
+		setpgrp(0, 0);
+		my $pid = fork();
+		if (! defined $pid) {
+			die "ultravnc_repeater.pl: $!\n";
+		} elsif ($pid) {
+			wait;
+			exit 0;
+		}
+		if (fork) {
+			exit 0;
+		}
+		setpgrp(0, 0);
+		close STDIN;
+		if (! $ENV{ULTRAVNC_REPEATER_LOGFILE}) {
+			close STDOUT;
+			close STDERR;
+		}
+	}
+	delete $ENV{ULTRAVNC_REPEATER_LOOP};
+
+	if (exists $ENV{ULTRAVNC_REPEATER_PIDFILE}) {
+		open_pidfile();
+	}
+
+	print STDERR "ultravnc_repeater.pl: starting service at ", scalar(localtime), " master-pid=$$\n";
+	while (1) {
+		$looppid = fork;
+		if (! defined $looppid) {
+			sleep 10;
+		} elsif ($looppid) {
+			wait;
+		} else {
+			exec $0, @ARGV;	
+			exit 1;
+		}
+		print STDERR "ultravnc_repeater.pl: re-starting service at ", scalar(localtime), " master-pid=$$\n";
+		sleep 1;
+	}
+	exit 0;
+}
+if (exists $ENV{ULTRAVNC_REPEATER_PIDFILE}) {
+	open_pidfile();
+}
+
+# End of background/daemon stuff.
+####################################################################
+
+use warnings;
 use IO::Socket::INET;
 use IO::Select;
 
@@ -85,6 +205,7 @@ my ($RIN, $WIN, $EIN, $ROUT);
 my $client_listen = IO::Socket::INET->new(
 	Listen    => 10,
 	LocalPort => $client_port, 
+	ReuseAddr => 1,
 	Proto => "tcp"
 );
 if (! $client_listen) {
@@ -95,6 +216,7 @@ if (! $client_listen) {
 my $server_listen = IO::Socket::INET->new(
 	Listen    => 10,
 	LocalPort => $server_port, 
+	ReuseAddr => 1,
 	Proto => "tcp"
 );
 if (! $server_listen) {
@@ -103,7 +225,7 @@ if (! $server_listen) {
 }
 
 my $select = new IO::Select();
-if (! select) {
+if (! $select) {
 	cleanup();
 	die "$prog: select $!\n";
 }
@@ -120,9 +242,6 @@ my $CURR = '';
 
 print "watching for connections on ports $server_port/server and $client_port/client\n";
 
-select(STDERR); $| = 1;
-select(STDOUT); $| = 1;
-
 my $alarm_sock = '';
 my $got_alarm = 0;
 sub alarm_handler {
diff --git a/x11vnc/remote.c b/x11vnc/remote.c
index 5985464..953f963 100644
--- a/x11vnc/remote.c
+++ b/x11vnc/remote.c
@@ -1191,7 +1191,23 @@ char *process_remote_cmd(char *cmd, int stringonly) {
 			goto qry;
 		}
 		p += strlen("clip:");
-		if (clip_str) free(clip_str);
+		if (clip_str) {
+			int w, h, x, y;
+			free(clip_str);
+			/* try to handle easy case where WxH is unchanged: */
+			if (parse_geom(p, &w, &h, &x, &y, wdpy_x, wdpy_y)) {
+				if (cdpy_x == w && cdpy_y == h) {
+					if (x >= 0 && y >= 0) {
+						if (x + w <= wdpy_x && y + h <= wdpy_y) {
+							coff_x = x;
+							coff_y = y;
+							clip_str = strdup(p);
+							goto done;
+						}
+					}
+				}
+			}
+		}
 		clip_str = strdup(p);
 
 		/* OK, this requires a new fb... */
@@ -5925,15 +5941,25 @@ char *process_remote_cmd(char *cmd, int stringonly) {
 			}
 			goto qry;
 		}
-
-		if (!strcmp(p, "pointer_pos")) {
+		if (!strcmp(p, "pointer_pos") || !strcmp(p, "pointer_x") || !strcmp(p, "pointer_y") || !strcmp(p, "pointer_same") || !strcmp(p, "pointer_root")) {
 			int px = -1, py = -1; 
 			int wx, wy;
 			unsigned int m;
 			Window r, c;
+			Bool same_screen = True;
 			
 
-			snprintf(buf, bufn, "aro=%s:%d,%d", p, px, py);
+			if (!strcmp(p, "pointer_pos")) {			/* skip-cmd-list */
+				snprintf(buf, bufn, "aro=%s:%d,%d", p, px, py);
+			} else if (!strcmp(p, "pointer_x")) {			/* skip-cmd-list */
+				snprintf(buf, bufn, "aro=%s:%d", p, px);
+			} else if (!strcmp(p, "pointer_y")) {			/* skip-cmd-list */
+				snprintf(buf, bufn, "aro=%s:%d", p, py);
+			} else if (!strcmp(p, "pointer_same")) {		/* skip-cmd-list */
+				snprintf(buf, bufn, "aro=%s:%d", p, same_screen);
+			} else if (!strcmp(p, "pointer_root")) {		/* skip-cmd-list */
+				snprintf(buf, bufn, "aro=%s:0x%x", p, (unsigned int) rootwin);
+			} 
 			if (!dpy) {
 				goto qry;
 			}
@@ -5941,12 +5967,22 @@ char *process_remote_cmd(char *cmd, int stringonly) {
 			goto qry;
 #else
 			X_LOCK;
-			XQueryPointer_wr(dpy, rootwin, &r, &c, &px, &py, &wx, &wy, &m);
+			same_screen = XQueryPointer_wr(dpy, rootwin, &r, &c, &px, &py, &wx, &wy, &m);
 			X_UNLOCK;
 #endif
 
-			snprintf(buf, bufn, "aro=%s:%d,%d", p, px, py);
-			rfbLog("remote_cmd: pointer_pos: %s\n", buf);
+			if (!strcmp(p, "pointer_pos")) {			/* skip-cmd-list */
+				snprintf(buf, bufn, "aro=%s:%d,%d", p, px, py);
+			} else if (!strcmp(p, "pointer_x")) {			/* skip-cmd-list */
+				snprintf(buf, bufn, "aro=%s:%d", p, px);
+			} else if (!strcmp(p, "pointer_y")) {			/* skip-cmd-list */
+				snprintf(buf, bufn, "aro=%s:%d", p, py);
+			} else if (!strcmp(p, "pointer_same")) {		/* skip-cmd-list */
+				snprintf(buf, bufn, "aro=%s:%d", p, same_screen);
+			} else if (!strcmp(p, "pointer_root")) {		/* skip-cmd-list */
+				snprintf(buf, bufn, "aro=%s:0x%x", p, (unsigned int) r);
+			} 
+			rfbLog("remote_cmd: %s: %s\n", p, buf);
 			goto qry;
 		}
 		if (!strcmp(p, "bpp")) {
diff --git a/x11vnc/sslhelper.c b/x11vnc/sslhelper.c
index 3d19834..ab2a43f 100644
--- a/x11vnc/sslhelper.c
+++ b/x11vnc/sslhelper.c
@@ -3460,6 +3460,7 @@ void accept_openssl(int mode, int presock) {
 				char reply[] = "HTTP/1.0 200 OK\r\n"
 				    "Content-Type: octet-stream\r\n"
 				    "Connection: Keep-Alive\r\n"
+				    "VNC-Server: x11vnc\r\n"
 				    "Pragma: no-cache\r\n\r\n";
 				/*
 				 * special case proxy coming thru https
@@ -3503,6 +3504,7 @@ void accept_openssl(int mode, int presock) {
 				char reply[] = "HTTP/1.0 200 OK\r\n"
 				    "Connection: close\r\n"
 				    "Content-Type: octet-stream\r\n"
+				    "VNC-Server: x11vnc\r\n"
 				    "Pragma: no-cache\r\n\r\n";
 
 				rfbLog("Handling Check HTTPS request via https GET. [%d]\n", getpid());
@@ -3782,14 +3784,14 @@ void accept_openssl(int mode, int presock) {
 			q = strstr(rcookie, "VENCRYPT=");
 			if (q && sscanf(q, "VENCRYPT=%d,", &vencrypt_sel) == 1) {
 				if (vencrypt_sel != 0) {
-					rfbLog("SSL: VENCRYPT mode=%d accepted.\n", vencrypt_sel);
+					rfbLog("SSL: VENCRYPT mode=%d accepted. helper[%d]\n", vencrypt_sel, pid);
 					goto accept_client;
 				}
 			}
 			q = strstr(rcookie, "ANONTLS=");
 			if (q && sscanf(q, "ANONTLS=%d,", &anontls_sel) == 1) {
 				if (anontls_sel != 0) {
-					rfbLog("SSL: ANONTLS mode=%d accepted.\n", anontls_sel);
+					rfbLog("SSL: ANONTLS mode=%d accepted. helper[%d]\n", anontls_sel, pid);
 					goto accept_client;
 				}
 			}
@@ -3803,6 +3805,12 @@ void accept_openssl(int mode, int presock) {
 
 		if (strstr(rcookie, uniq) == rcookie) {
 			int i;
+			double https_download_wait_time = 15.0;
+
+			if (getenv("X11VNC_HTTPS_DOWNLOAD_WAIT_TIME")) {
+				https_download_wait_time = atof(getenv("X11VNC_HTTPS_DOWNLOAD_WAIT_TIME"));
+			}
+
 			rfbLog("SSL: BUT WAIT! HTTPS for helper process[%d] succeeded. Good.\n", pid);
 			if (mode != OPENSSL_HTTPS) {
 				last_https = dnow();
@@ -3814,6 +3822,7 @@ void accept_openssl(int mode, int presock) {
 			}
 			if (rcookie && strstr(rcookie, "VncViewer.class")) {
 				rfbLog("\n");
+				rfbLog("helper[%d]:\n", pid);
 				rfbLog("***********************************************************\n");
 				rfbLog("SSL: WARNING CLIENT ASKED FOR NONEXISTENT 'VncViewer.class'\n");
 				rfbLog("SSL: USER NEEDS TO **RESTART** HIS WEB BROWSER.\n");
@@ -3841,31 +3850,34 @@ void accept_openssl(int mode, int presock) {
 				}
 				screen->port = useport;
 				if (origport != useport) {
-					rfbLog("SSL: -httpsredir guess port: %d\n", screen->port);
+					rfbLog("SSL: -httpsredir guess port: %d  helper[%d]\n", screen->port, pid);
 				}
 
 				start = dnow();
-				while (dnow() < start + 10.0) {
+				while (dnow() < start + https_download_wait_time) {
 					if (screen->httpSock >= 0) saw_httpsock = 1;
 					rfbPE(10000);
 					usleep(10000);
 					if (screen->httpSock >= 0) saw_httpsock = 1;
 					waitpid(pid, &status, WNOHANG); 
 					if (kill(pid, 0) != 0) {
-						rfbPE(10000);
-						rfbPE(10000);
+						rfbLog("SSL: helper[%d] pid finished\n", pid);
 						break;
 					}
-					if (saw_httpsock && screen->httpSock < 0) {
+					if (0 && saw_httpsock && screen->httpSock < 0) {
+						/* this check can kill the helper too soon. */
 						rfbLog("SSL: httpSock for helper[%d] went away\n", pid);
-						rfbPE(10000);
-						rfbPE(10000);
 						break;
 					}
 				}
-				screen->port = origport;
 				rfbLog("SSL: guessing child helper[%d] https finished. dt=%.6f\n",
 				    pid, dnow() - start);
+
+				rfbPE(10000);
+				rfbPE(10000);
+				rfbPE(10000);
+
+				screen->port = origport;
 				ssl_helper_pid(0, -2);
 				if (mode == OPENSSL_INETD) {
 					clean_up_exit(1);
@@ -3888,31 +3900,34 @@ void accept_openssl(int mode, int presock) {
 						}
 					}
 				}
-				rfbLog("SSL: screen->port %d\n", screen->port);
+				rfbLog("SSL: screen->port %d for helper[%d]\n", screen->port, pid);
 
 				/* kludge for https fetch via inetd */
 				start = dnow();
-				while (dnow() < start + 10.0) {
+				while (dnow() < start + https_download_wait_time) {
 					if (screen->httpSock >= 0) saw_httpsock = 1;
 					rfbPE(10000);
 					usleep(10000);
 					if (screen->httpSock >= 0) saw_httpsock = 1;
 					waitpid(pid, &status, WNOHANG); 
 					if (kill(pid, 0) != 0) {
-						rfbPE(10000);
-						rfbPE(10000);
+						rfbLog("SSL: helper[%d] pid finished\n", pid);
 						break;
 					}
-					if (saw_httpsock && screen->httpSock < 0) {
+					if (0 && saw_httpsock && screen->httpSock < 0) {
+						/* this check can kill the helper too soon. */
 						rfbLog("SSL: httpSock for helper[%d] went away\n", pid);
-						rfbPE(10000);
-						rfbPE(10000);
 						break;
 					}
 				}
 				rfbLog("SSL: OPENSSL_INETD guessing "
 				    "child helper[%d] https finished. dt=%.6f\n",
 				    pid, dnow() - start);
+
+				rfbPE(10000);
+				rfbPE(10000);
+				rfbPE(10000);
+
 				ssl_helper_pid(0, -2);
 				clean_up_exit(1);
 			}
diff --git a/x11vnc/ssltools.h b/x11vnc/ssltools.h
index a08ebb8..534dbdd 100644
--- a/x11vnc/ssltools.h
+++ b/x11vnc/ssltools.h
@@ -1603,7 +1603,7 @@ char create_display[] =
 "	fi\n"
 "	if [ -f \"$home/.dmrc\" ]; then\n"
 "		if [ \"X$have_startkde\" != \"X\" ]; then\n"
-"			if egrep -i 'Session=(default|kde)' \"$home/.dmrc\" > /dev/null; then\n"
+"			if egrep -i 'Session=kde' \"$home/.dmrc\" > /dev/null; then\n"
 "				echo \"$have_startkde\"\n"
 "				return\n"
 "			fi\n"
@@ -1632,6 +1632,18 @@ char create_display[] =
 "			fi\n"
 "			\n"
 "		done\n"
+"		if egrep -i 'Session=default' \"$home/.dmrc\" > /dev/null; then\n"
+"			if [ \"X$have_gnome_session\" != \"X\" ]; then\n"
+"				echo \"$have_gnome_session\"\n"
+"				return\n"
+"			elif [ \"X$have_startkde\" != \"X\" ]; then\n"
+"				echo \"$have_startkde\"\n"
+"				return\n"
+"			elif [ \"X$have_startxfce\" != \"X\" ]; then\n"
+"				echo \"$have_startxfce\"\n"
+"				return\n"
+"			fi\n"
+"		fi\n"
 "	fi\n"
 "	if [ -f \"$home/.xsession\" ]; then\n"
 "		echo \"$home/.xsession\"\n"
@@ -1851,19 +1863,30 @@ char create_display[] =
 "\n"
 "	if [ \"X$use_xdmcp_query\" = \"X1\" ]; then\n"
 "		# we cannot use -nolisten tcp\n"
-"		echo \"$* -once -query localhost $FD_OPTS\" 1>&2\n"
+"		if [ \"X$FD_XDMCP_IF\" != \"X\" ]; then\n"
+"			lhost=$FD_XDMCP_IF\n"
+"		elif [ \"X$have_netstat\" = \"X\" ]; then\n"
+"			lhost=localhost\n"
+"		elif $have_netstat -an | grep -w 177 | grep -w udp > /dev/null; then\n"
+"			lhost=localhost\n"
+"		elif $have_netstat -an | grep -w 177 | grep -w udp6 > /dev/null; then\n"
+"			lhost=::1\n"
+"		else\n"
+"			lhost=localhost\n"
+"		fi\n"
+"		echo \"$* -once -query $lhost $FD_OPTS\" 1>&2\n"
 "		if [ \"X$have_root\" != \"X\" ]; then\n"
 "			if [ -r $authfile ]; then\n"
-"				$have_nohup $* -once -query localhost -auth $authfile $FD_OPTS 1>&2 &\n"
+"				$have_nohup $* -once -query $lhost -auth $authfile $FD_OPTS 1>&2 &\n"
 "			else\n"
 "				# why did we have this?\n"
-"				$have_nohup $* -once -query localhost $FD_OPTS 1>&2 &\n"
+"				$have_nohup $* -once -query $lhost $FD_OPTS 1>&2 &\n"
 "			fi\n"
 "		else\n"
 "			if [ \"X$ns\" = \"X0\" ]; then\n"
-"				$have_nohup sh -c \"$* -once -query localhost -auth $authfile $FD_OPTS\" 1>&2 &\n"
+"				$have_nohup sh -c \"$* -once -query $lhost -auth $authfile $FD_OPTS\" 1>&2 &\n"
 "			else\n"
-"				$have_nohup sh -c \"(sleep $ns; $* -once -query localhost -auth $authfile $FD_OPTS)\" 1>&2 &\n"
+"				$have_nohup sh -c \"(sleep $ns; $* -once -query $lhost -auth $authfile $FD_OPTS)\" 1>&2 &\n"
 "				#result=1\n"
 "			fi\n"
 "		fi\n"
diff --git a/x11vnc/user.c b/x11vnc/user.c
index 12783f0..be2370e 100644
--- a/x11vnc/user.c
+++ b/x11vnc/user.c
@@ -1956,7 +1956,7 @@ static char *build_create_cmd(char *cmd, int *saw_xdmcp, char *usslpeer, char *t
 	char st[] = "";
 	char fdgeom[128], fdsess[128], fdopts[128], fdextra[256], fdprog[128];
 	char fdxsrv[128], fdxdum[128], fdcups[128], fdesd[128];
-	char fdnas[128], fdsmb[128], fdtag[128];
+	char fdnas[128], fdsmb[128], fdtag[128], fdxdmcpif[128];
 	char cdout[128];
 
 	if (opts) {
@@ -1980,6 +1980,7 @@ static char *build_create_cmd(char *cmd, int *saw_xdmcp, char *usslpeer, char *t
 	fdnas[0]  = '\0';
 	fdsmb[0]  = '\0';
 	fdtag[0]  = '\0';
+	fdxdmcpif[0]  = '\0';
 	cdout[0]  = '\0';
 
 	if (unixpw && keep_unixpw_opts && keep_unixpw_opts[0] != '\0') {
@@ -2122,6 +2123,9 @@ static char *build_create_cmd(char *cmd, int *saw_xdmcp, char *usslpeer, char *t
 	if (fdtag[0] == '\0' && getenv("FD_TAG")) {
 		snprintf(fdtag, 120, "%s", getenv("FD_TAG"));
 	}
+	if (fdxdmcpif[0] == '\0' && getenv("FD_XDMCP_IF")) {
+		snprintf(fdxdmcpif,  120, "%s", getenv("FD_XDMCP_IF"));
+	}
 	if (fdxdum[0] == '\0' && getenv("FD_XDUMMY_RUN_AS_ROOT")) {
 		snprintf(fdxdum, 120, "%s", getenv("FD_XDUMMY_RUN_AS_ROOT"));
 	}
@@ -2139,6 +2143,7 @@ static char *build_create_cmd(char *cmd, int *saw_xdmcp, char *usslpeer, char *t
 	if (strchr(fdnas, '\''))	fdnas[0] = '\0';
 	if (strchr(fdsmb, '\''))	fdsmb[0] = '\0';
 	if (strchr(fdtag, '\''))	fdtag[0] = '\0';
+	if (strchr(fdxdmcpif, '\''))	fdxdmcpif[0] = '\0';
 	if (strchr(fdxdum, '\''))	fdxdum[0] = '\0';
 	if (strchr(fdsess, '\''))	fdsess[0] = '\0';
 	if (strchr(cdout, '\''))	cdout[0] = '\0';
@@ -2153,6 +2158,7 @@ static char *build_create_cmd(char *cmd, int *saw_xdmcp, char *usslpeer, char *t
 	set_env("FD_NAS",  fdnas);
 	set_env("FD_SMB",  fdsmb);
 	set_env("FD_TAG",  fdtag);
+	set_env("FD_XDMCP_IF",  fdxdmcpif);
 	set_env("FD_XDUMMY_RUN_AS_ROOT", fdxdum);
 	set_env("FD_SESS", fdsess);
 
@@ -2176,6 +2182,7 @@ static char *build_create_cmd(char *cmd, int *saw_xdmcp, char *usslpeer, char *t
 		    + strlen("FD_NAS='' ")
 		    + strlen("FD_SMB='' ")
 		    + strlen("FD_TAG='' ")
+		    + strlen("FD_XDMCP_IF='' ")
 		    + strlen("FD_XDUMMY_RUN_AS_ROOT='' ")
 		    + strlen("FD_SESS='' /bin/sh ")
 		    + strlen(uu) + 1
@@ -2189,16 +2196,17 @@ static char *build_create_cmd(char *cmd, int *saw_xdmcp, char *usslpeer, char *t
 		    + strlen(fdnas) + 1
 		    + strlen(fdsmb) + 1
 		    + strlen(fdtag) + 1
+		    + strlen(fdxdmcpif) + 1
 		    + strlen(fdxdum) + 1
 		    + strlen(fdsess) + 1
 		    + strlen(cdout) + 1
 		    + strlen(opts) + 1);
 		sprintf(create_cmd, "env USER='%s' FD_GEOM='%s' FD_SESS='%s' "
 		    "FD_OPTS='%s' FD_EXTRA='%s' FD_PROG='%s' FD_XSRV='%s' FD_CUPS='%s' "
-		    "FD_ESD='%s' FD_NAS='%s' FD_SMB='%s' FD_TAG='%s' "
+		    "FD_ESD='%s' FD_NAS='%s' FD_SMB='%s' FD_TAG='%s' FD_XDMCP_IF='%s' "
 		    "FD_XDUMMY_RUN_AS_ROOT='%s' %s /bin/sh %s %s",
 		    uu, fdgeom, fdsess, fdopts, fdextra, fdprog, fdxsrv,
-		    fdcups, fdesd, fdnas, fdsmb, fdtag, fdxdum, cdout, tmp, opts);
+		    fdcups, fdesd, fdnas, fdsmb, fdtag, fdxdmcpif, fdxdum, cdout, tmp, opts);
 	} else {
 		create_cmd = (char *) malloc(strlen(tmp)
 		    + strlen("/bin/sh ") + 1 + strlen(opts) + 1);
diff --git a/x11vnc/x11vnc.1 b/x11vnc/x11vnc.1
index 4d193c3..41e41ad 100644
--- a/x11vnc/x11vnc.1
+++ b/x11vnc/x11vnc.1
@@ -1,8 +1,8 @@
 .\" This file was automatically generated from x11vnc -help output.
-.TH X11VNC "1" "February 2010" "x11vnc " "User Commands"
+.TH X11VNC "1" "March 2010" "x11vnc " "User Commands"
 .SH NAME
 x11vnc - allow VNC connections to real X11 displays
-         version: 0.9.10, lastmod: 2010-02-21
+         version: 0.9.10, lastmod: 2010-03-20
 .SH SYNOPSIS
 .B x11vnc
 [OPTION]...
@@ -558,6 +558,11 @@ to the program location and in standard locations
 \fB-http_ssl\fR
 .IP
 As \fB-http,\fR but force lookup for ssl classes subdir.
+.IP
+Note that for HTTPS, single-port Java applet delivery
+you can set X11VNC_HTTPS_DOWNLOAD_WAIT_TIME to the
+max number of seconds to wait for the applet download
+to finish.  The default is 15.
 .PP
 \fB-avahi\fR
 .IP
@@ -1061,9 +1066,31 @@ Use "deny" to explicitly deny some users if you use
 the user is allowed, but the option values associated
 with it do apply as normal.
 .IP
-There are also some utilities for testing password
+There are also some utilities for checking passwords
 if [list] starts with the "%" character.  See the
-quick_pw() function in the source for details.
+quick_pw() function for more details.  Description:
+"%-" or "%stdin" means read one line from stdin.
+"%env" means it is in $UNIXPW env var.  A leading
+"%/" or "%." means read the first line from the
+filename that follows after the % character. % by
+itself means prompt for the username and password.
+Otherwise: %user:pass   E.g. \fB-unixpw\fR %fred:swordfish
+For the other cases user:pass is read from the indicated
+source.  If the password is correct 'Y user' is printed
+and the program exit code is 0.  If the password is
+incorrect it prints 'N user' and the exit code is 1.
+If there is some other error the exit code is 2.
+This feature enables x11vnc to be a general unix user
+password checking tool; it could be used from scripts
+or other programs.  These % password checks also apply
+to the \fB-unixpw_nis\fR and \fB-unixpw_cmd\fR options.
+.IP
+For the % password check, if the env. var. UNIXPW_CMD
+is set to a command then it is run as the user (assuming
+the password is correct.)  The output of the command is
+not printed, the program or script must manage that by
+some other means.  The exit code of x11vnc will depend
+on the exit code of the command that is run.
 .IP
 Use \fB-nounixpw\fR to disable unixpw mode if it was enabled
 earlier in the cmd line (e.g. \fB-svc\fR mode)
@@ -1184,8 +1211,11 @@ and if it has the permissions to do so.
 .PP
 \fB-find\fR
 .IP
-Find the user's display using FINDDISPLAY. This is an
-alias for "\fB-display\fR \fIWAIT:cmd=FINDDISPLAY\fR".
+Find the user's display using FINDDISPLAY. This
+is an alias for "\fB-display\fR \fIWAIT:cmd=FINDDISPLAY\fR".
+.IP
+Note: if a \fB-display\fR occurs later on the command line
+it will override the \fB-find\fR setting.
 .IP
 For this and the next few options see \fB-display\fR WAIT:...
 below for all of the details.
@@ -1232,6 +1262,9 @@ if that doesn't succeed create an X session via the
 FINDCREATEDISPLAY method.  This is an alias for
 "\fB-display\fR \fIWAIT:cmd=FINDCREATEDISPLAY-Xvfb\fR".
 .IP
+Note: if a \fB-display\fR occurs later on the command line
+it will override the \fB-create\fR setting.
+.IP
 SSH NOTE: for both \fB-find\fR and \fB-create\fR you can (should!)
 add the "\fB-localhost\fR" option to force SSH tunnel access.
 .PP
@@ -1263,6 +1296,10 @@ Example: \fB-svc\fR ... \fB-create_xsrv\fR Xdummy,X
 Terminal services mode based on SSL access.  Alias for
 \fB-display\fR WAIT:cmd=FINDCREATEDISPLAY-Xvfb \fB-unixpw\fR \fB-users\fR
 unixpw= \fB-ssl\fR SAVE   Also "\fB-service\fR".
+.IP
+Note: if a \fB-display,\fR \fB-unixpw,\fR \fB-users,\fR or \fB-ssl\fR occurs
+later on the command line it will override the \fB-svc\fR
+setting.
 .PP
 \fB-svc_xdummy\fR
 .IP
@@ -1282,6 +1319,10 @@ Display manager Terminal services mode based on SSL.
 Alias for \fB-display\fR WAIT:cmd=FINDCREATEDISPLAY-Xvfb.xdmcp
 \fB-unixpw\fR \fB-users\fR unixpw= \fB-ssl\fR SAVE  Also "\fB-xdm_service\fR".
 .IP
+Note: if a \fB-display,\fR \fB-unixpw,\fR \fB-users,\fR or \fB-ssl\fR occurs
+later on the command line it will override the \fB-xdmsvc\fR
+setting.
+.IP
 To create a session a user will have to first log in
 to the \fB-unixpw\fR dialog and then log in again to the
 XDM/GDM/KDM prompt.  Subsequent re-connections will
@@ -1654,6 +1695,11 @@ to be a unique name for the session, it is set as an
 X property, that makes FINDDISPLAY only find sessions
 with that tag value.
 .IP
+Set FD_XDMCP_IF to the network interface that the
+display manager is running on; default is 'localhost'
+but you may need to set it to '::1' on some IPv6 only
+systems or misconfigured display managers.
+.IP
 If you want the FINDCREATEDISPLAY session to contact an
 XDMCP login manager (xdm/gdm/kdm) on the same machine,
 then use "Xvfb.xdmcp" instead of "Xvfb", etc.
@@ -2370,7 +2416,7 @@ exits.
 .IP
 Use the 
 .IR stunnel (8)
-(www.stunnel.org) to provide an
+(stunnel.mirt.net) to provide an
 encrypted SSL tunnel between viewers and x11vnc.
 .IP
 This external tunnel method was implemented prior to the
@@ -5838,6 +5884,14 @@ grab_state      get state of pointer and keyboard grab.
 .IP
 pointer_pos     print XQueryPointer x,y cursor position.
 .IP
+pointer_x       print XQueryPointer x cursor position.
+.IP
+pointer_y       print XQueryPointer y cursor position.
+.IP
+pointer_same    print XQueryPointer ptr on same screen.
+.IP
+pointer_root    print XQueryPointer curr ptr rootwin.
+.IP
 mouse_x         print x11vnc's idea of cursor position.
 .IP
 mouse_y         print x11vnc's idea of cursor position.
@@ -6234,18 +6288,18 @@ loop loopbg desktopname guess_desktop guess_dbus
 http_url auth xauth users rootshift clipshift scale_str
 scaled_x scaled_y scale_numer scale_denom scale_fac_x
 scale_fac_y scaling_blend scaling_nomult4 scaling_pad
-scaling_interpolate inetd privremote unsafe safer
-nocmds passwdfile unixpw unixpw_nis unixpw_list ssl
-ssl_pem sslverify stunnel stunnel_pem https httpsredir
-usepw using_shm logfile o flag rmflag rc norc h help
-V version lastmod bg sigpipe threads readrate netrate
-netlatency pipeinput clients client_count pid ext_xtest
-ext_xtrap ext_xrecord ext_xkb ext_xshm ext_xinerama
-ext_overlay ext_xfixes ext_xdamage ext_xrandr rootwin
-num_buttons button_mask mouse_x mouse_y grab_state
-pointer_pos bpp depth indexed_color dpy_x dpy_y wdpy_x
-wdpy_y off_x off_y cdpy_x cdpy_y coff_x coff_y rfbauth
-passwd viewpasswd
+scaling_interpolate inetd privremote unsafe safer nocmds
+passwdfile unixpw unixpw_nis unixpw_list ssl ssl_pem
+sslverify stunnel stunnel_pem https httpsredir usepw
+using_shm logfile o flag rmflag rc norc h help V version
+lastmod bg sigpipe threads readrate netrate netlatency
+pipeinput clients client_count pid ext_xtest ext_xtrap
+ext_xrecord ext_xkb ext_xshm ext_xinerama ext_overlay
+ext_xfixes ext_xdamage ext_xrandr rootwin num_buttons
+button_mask mouse_x mouse_y grab_state pointer_pos
+pointer_x pointer_y pointer_same pointer_root bpp depth
+indexed_color dpy_x dpy_y wdpy_x wdpy_y off_x off_y
+cdpy_x cdpy_y coff_x coff_y rfbauth passwd viewpasswd
 .PP
 \fB-QD\fR \fIvariable\fR
 .IP
diff --git a/x11vnc/x11vnc.c b/x11vnc/x11vnc.c
index d3a4b7c..d659651 100644
--- a/x11vnc/x11vnc.c
+++ b/x11vnc/x11vnc.c
@@ -1321,10 +1321,10 @@ static void quick_pw(char *str) {
 	if (db) fprintf(stderr, "quick_pw: %s\n", str);
 
 	if (! str || str[0] == '\0') {
-		exit(1);
+		exit(2);
 	}
 	if (str[0] != '%') {
-		exit(1);
+		exit(2);
 	}
 	/*
 	 * "%-" or "%stdin" means read one line from stdin.
@@ -1339,19 +1339,19 @@ static void quick_pw(char *str) {
 	 */
 	if (!strcmp(str, "%-") || !strcmp(str, "%stdin")) {
 		if(fgets(tmp, 1024, stdin) == NULL) {
-			exit(1);
+			exit(2);
 		}
 		q = strdup(tmp);
 	} else if (!strcmp(str, "%env")) {
 		if (getenv("UNIXPW") == NULL) {
-			exit(1);
+			exit(2);
 		}
 		q = strdup(getenv("UNIXPW"));
 	} else if (!strcmp(str, "%%") || !strcmp(str, "%")) {
 		char *t, inp[1024];
 		fprintf(stdout, "username: ");
 		if(fgets(tmp, 128, stdin) == NULL) {
-			exit(1);
+			exit(2);
 		}
 		strcpy(inp, tmp);
 		t = strchr(inp, '\n');
@@ -1367,7 +1367,7 @@ static void quick_pw(char *str) {
 		if(fgets(tmp, 128, stdin) == NULL) {
 			fprintf(stdout, "\n");
 			system("stty echo");
-			exit(1);
+			exit(2);
 		}
 		system("stty echo");
 		fprintf(stdout, "\n");
@@ -1376,10 +1376,10 @@ static void quick_pw(char *str) {
 	} else if (str[1] == '/' || str[1] == '.') {
 		FILE *in = fopen(str+1, "r");
 		if (in == NULL) {
-			exit(1);
+			exit(2);
 		}
 		if(fgets(tmp, 1024, in) == NULL) {
-			exit(1);
+			exit(2);
 		}
 		q = strdup(tmp);
 	} else {
@@ -1392,7 +1392,7 @@ static void quick_pw(char *str) {
 	}
 
 	if ((q = strchr(p, ':')) == NULL) {
-		exit(1);
+		exit(2);
 	}
 	*q = '\0';
 	if (db) fprintf(stderr, "'%s' '%s'\n", p, q+1);
@@ -1413,7 +1413,8 @@ static void quick_pw(char *str) {
 			exit(1);
 		}
 	} else {
-		if (su_verify(p, q+1, NULL, NULL, NULL, 1)) {
+		char *ucmd = getenv("UNIXPW_CMD");
+		if (su_verify(p, q+1, ucmd, NULL, NULL, 1)) {
 			fprintf(stdout, "Y %s\n", p);
 			exit(0);
 		} else {
@@ -1422,7 +1423,7 @@ static void quick_pw(char *str) {
 		}
 	}
 	/* NOTREACHED */
-	exit(1);
+	exit(2);
 }
 
 static void print_settings(int try_http, int bg, char *gui_str) {
@@ -2629,7 +2630,7 @@ int main(int argc, char* argv[]) {
 				if (s[0] == '%') {
 					unixpw_list = NULL;
 					quick_pw(s);
-					exit(1);
+					exit(2);
 				}
 			}
 			if (strstr(arg, "_unsafe")) {
diff --git a/x11vnc/x11vnc_defs.c b/x11vnc/x11vnc_defs.c
index 42211e2..740b4a3 100644
--- a/x11vnc/x11vnc_defs.c
+++ b/x11vnc/x11vnc_defs.c
@@ -47,7 +47,7 @@ int xtrap_base_event_type = 0;
 int xdamage_base_event_type = 0;
 
 /*               date +'lastmod: %Y-%m-%d' */
-char lastmod[] = "0.9.10 lastmod: 2010-02-21";
+char lastmod[] = "0.9.10 lastmod: 2010-03-20";
 
 /* X display info */